d23b85cf434e065e8a29a800655d127de6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3efb254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f47692613e28387e955722908dd88b56163be8312ff47c5b6f070072975af74e97a5a8110a4d74496f4c8ec82ddb56d9b962d2fc43fa01a047666865c84f7cff36056cc4ac258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe07a69c46bffb7e7603970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8fdcda85ce975ec1381b1cec6ddaa76e186719d819164300"})

08:22:27 executing program 1:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x76dc)
connect$inet6(0xffffffffffffffff, &(0x7f0000000340)={0xa, 0x0, 0x0, @empty}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000002c0), 0x4)
setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x2, &(0x7f0000000300)=@ccm_128={{0x303}, "7873c5e679ef1971", "40945582c68f5712ab534e2bdc588d7f", "b92aadcc", "8d011208037a02a9"}, 0x28)
setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x1, &(0x7f0000000000)=@gcm_128={{0x303, 0x35}, "a16611e93404730a", "f4e8b7a124a6848b63b95cc291fb012d", "a47968af", "734ce308f6c7fb4a"}, 0x28)

08:22:27 executing program 4:
r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x3800004, 0x12, r0, 0x0)
open_tree(r0, &(0x7f0000000300)='./file0\x00', 0x9801)

08:22:27 executing program 3:
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000001c0)={{0x14}, [@NFT_MSG_NEWSET={0x48, 0x9, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_SET_ID={0x8}, @NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x21}, @NFTA_SET_EXPR={0xc, 0x11, 0x0, 0x1, @log={{0x8}, @void}}]}], {0x14, 0x10}}, 0x70}}, 0x0)

08:22:27 executing program 0:
perf_event_open(&(0x7f0000000640)={0x2, 0x80, 0xd7, 0x0, 0x0, 0x0, 0x0, 0x2000000000, 0xa40a1, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x10000, 0x0, 0x0, 0x3, 0x1, 0xffffff7c, 0x3, 0x0, 0x2cf6ca54, 0x0, 0x7}, 0x0, 0x2, 0xffffffffffffffff, 0xb)
mmap$perf(&(0x7f0000c00000/0x400000)=nil, 0x400000, 0x3000002, 0x40032, 0xffffffffffffffff, 0x0)
mlock2(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0)
mlock2(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0)
r0 = fork()
r1 = userfaultfd(0x80000)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x543c04, 0x0)
r3 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
dup3(r2, r3, 0x0)
write$binfmt_script(r1, &(0x7f0000000280)=ANY=[@ANYRESOCT=r3, @ANYRES32=r2, @ANYRESOCT, @ANYRESDEC, @ANYRESDEC=r2], 0x9f)
munlock(&(0x7f0000ef1000/0x2000)=nil, 0x2000)
syz_io_uring_setup(0x2e00, &(0x7f0000000340)={0x0, 0xc9ba, 0x20, 0xfffffffd, 0x2000037d}, &(0x7f0000ff3000/0x4000)=nil, &(0x7f0000eee000/0x8000)=nil, &(0x7f00000001c0), &(0x7f00000003c0))
mlock2(&(0x7f0000d03000/0x1000)=nil, 0x1000, 0x1)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000080)='freezer.parent_freezing\x00', 0x0, 0x0)
move_pages(r0, 0x2, &(0x7f0000000300)=[&(0x7f0000ffd000/0x1000)=nil, &(0x7f0000f10000/0x3000)=nil], &(0x7f00000000c0), &(0x7f0000000000), 0x0)
socket$caif_seqpacket(0x25, 0x5, 0x0)
get_robust_list(r0, &(0x7f0000000180)=&(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000000c0)}}, &(0x7f0000000200)=0xc)

08:22:27 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe6000/0x18000)=nil, &(0x7f0000000040)=[@text16={0x10, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_SET_LAPIC(r2, 0x4008ae89, &(0x7f0000000640)={"06000000dd245c8488040000c9c8dc1964325fa96fa42b76830000402bec0ba41f010a003a40c8a4840000403b00041f01ffff80003c5ca2c2000000ee377abaece6b88378e3d63a03000040361d264ffa8b46485f02baee010100c04252066178868d1ef4b5365c5dc26ca097ddda7c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df10000174a3ac8694525a7e8c499a573577736800000000000008f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde318ead4825aa006a832d309fcda5bb5a6baa41d614f6c8941bee805954a62d196a4e8d4bf6b21224b57f530d0000c1ff53bf79a1f5c5dc34b2262d66ae793b6304a30b97077f1c131045cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478fbe65449b404923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f58e068af6afbbc19db161c6df1e7c9c71bc08a282fc2c142856b5e69aff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684364673dcfa9235ea5a2ff23c4bb5c5acb2e8976dcac779ff000000000000003d185afe28b774b99d38c90937428617de4cdd6f53c419ce31054182fd898af706f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e9605ab8c3c43840abd17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba16f70f558b2246ad95ccf7d3f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a800655d127de6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3efb254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f47692613e28387e955722908dd88b56163be8312ff47c5b6f070072975af74e97a5a8110a4d74496f4c8ec82ddb56d9b962d2fc43fa01a047666865c84f7cff36056cc4ac258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe07a69c46bffb7e7603970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8fdcda85ce975ec1381b1cec6ddaa76e186719d819164300"})

08:22:27 executing program 1:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x76dc)
connect$inet6(r0, 0x0, 0x0)
setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000002c0), 0x4)
setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x2, &(0x7f0000000300)=@ccm_128={{0x303}, "7873c5e679ef1971", "40945582c68f5712ab534e2bdc588d7f", "b92aadcc", "8d011208037a02a9"}, 0x28)
setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x1, &(0x7f0000000000)=@gcm_128={{0x303, 0x35}, "a16611e93404730a", "f4e8b7a124a6848b63b95cc291fb012d", "a47968af", "734ce308f6c7fb4a"}, 0x28)

08:22:27 executing program 2:
syz_open_procfs(0x0, &(0x7f0000000040)='mounts\x00')
syz_open_procfs(0x0, &(0x7f0000000000)='mountstats\x00')
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000040)={r1})
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000))
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000001c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1003]})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000140)={[{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}]})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000056f000/0x18000)=nil, &(0x7f0000000080)=[@text32={0x20, &(0x7f00000000c0)="66ba4000b0c2ee66bad104b829280000efea0e0000000a00b8050000000f23d80f21f835c00000a00f23f8653e65f30f21c62e0fae2b0f01c2b8060000000f23d00f21f835200000000f23f8c4c3a1cf830000000002d9f7", 0x58}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

08:22:27 executing program 4:
r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x3800004, 0x12, r0, 0x0)
open_tree(r0, &(0x7f0000000300)='./file0\x00', 0x9801)

08:22:27 executing program 3:
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000001c0)={{0x14}, [@NFT_MSG_NEWSET={0x48, 0x9, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_SET_ID={0x8}, @NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x21}, @NFTA_SET_EXPR={0xc, 0x11, 0x0, 0x1, @log={{0x8}, @void}}]}], {0x14, 0x10}}, 0x70}}, 0x0)

08:22:27 executing program 0:
perf_event_open(&(0x7f0000000640)={0x2, 0x80, 0xd7, 0x0, 0x0, 0x0, 0x0, 0x2000000000, 0xa40a1, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x10000, 0x0, 0x0, 0x3, 0x1, 0xffffff7c, 0x3, 0x0, 0x2cf6ca54, 0x0, 0x7}, 0x0, 0x2, 0xffffffffffffffff, 0xb)
mmap$perf(&(0x7f0000c00000/0x400000)=nil, 0x400000, 0x3000002, 0x40032, 0xffffffffffffffff, 0x0)
mlock2(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0)
mlock2(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0)
r0 = fork()
r1 = userfaultfd(0x80000)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x543c04, 0x0)
r3 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
dup3(r2, r3, 0x0)
write$binfmt_script(r1, &(0x7f0000000280)=ANY=[@ANYRESOCT=r3, @ANYRES32=r2, @ANYRESOCT, @ANYRESDEC, @ANYRESHEX, @ANYRESDEC=r2], 0x9f)
munlock(&(0x7f0000ef1000/0x2000)=nil, 0x2000)
syz_io_uring_setup(0x2e00, &(0x7f0000000340)={0x0, 0xc9ba, 0x20, 0xfffffffd, 0x2000037d}, &(0x7f0000ff3000/0x4000)=nil, &(0x7f0000eee000/0x8000)=nil, &(0x7f00000001c0), &(0x7f00000003c0))
mlock2(&(0x7f0000d03000/0x1000)=nil, 0x1000, 0x1)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000080)='freezer.parent_freezing\x00', 0x0, 0x0)
move_pages(r0, 0x2, &(0x7f0000000300)=[&(0x7f0000ffd000/0x1000)=nil, &(0x7f0000f10000/0x3000)=nil], &(0x7f00000000c0), &(0x7f0000000000), 0x0)
socket$caif_seqpacket(0x25, 0x5, 0x0)
get_robust_list(r0, &(0x7f0000000180)=&(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000000c0)}}, &(0x7f0000000200)=0xc)

08:22:27 executing program 1:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x76dc)
connect$inet6(r0, 0x0, 0x0)
setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000002c0), 0x4)
setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x2, &(0x7f0000000300)=@ccm_128={{0x303}, "7873c5e679ef1971", "40945582c68f5712ab534e2bdc588d7f", "b92aadcc", "8d011208037a02a9"}, 0x28)
setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x1, &(0x7f0000000000)=@gcm_128={{0x303, 0x35}, "a16611e93404730a", "f4e8b7a124a6848b63b95cc291fb012d", "a47968af", "734ce308f6c7fb4a"}, 0x28)

08:22:27 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe6000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
ioctl$KVM_SET_LAPIC(r2, 0x4008ae89, &(0x7f0000000640)={"06000000dd245c8488040000c9c8dc1964325fa96fa42b76830000402bec0ba41f010a003a40c8a4840000403b00041f01ffff80003c5ca2c2000000ee377abaece6b88378e3d63a03000040361d264ffa8b46485f02baee010100c04252066178868d1ef4b5365c5dc26ca097ddda7c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df10000174a3ac8694525a7e8c499a573577736800000000000008f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde318ead4825aa006a832d309fcda5bb5a6baa41d614f6c8941bee805954a62d196a4e8d4bf6b21224b57f530d0000c1ff53bf79a1f5c5dc34b2262d66ae793b6304a30b97077f1c131045cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478fbe65449b404923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f58e068af6afbbc19db161c6df1e7c9c71bc08a282fc2c142856b5e69aff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684364673dcfa9235ea5a2ff23c4bb5c5acb2e8976dcac779ff000000000000003d185afe28b774b99d38c90937428617de4cdd6f53c419ce31054182fd898af706f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e9605ab8c3c43840abd17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba16f70f558b2246ad95ccf7d3f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a800655d127de6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3efb254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f47692613e28387e955722908dd88b56163be8312ff47c5b6f070072975af74e97a5a8110a4d74496f4c8ec82ddb56d9b962d2fc43fa01a047666865c84f7cff36056cc4ac258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe07a69c46bffb7e7603970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8fdcda85ce975ec1381b1cec6ddaa76e186719d819164300"})

08:22:27 executing program 1:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x76dc)
connect$inet6(r0, 0x0, 0x0)
setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000002c0), 0x4)
setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x2, &(0x7f0000000300)=@ccm_128={{0x303}, "7873c5e679ef1971", "40945582c68f5712ab534e2bdc588d7f", "b92aadcc", "8d011208037a02a9"}, 0x28)
setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x1, &(0x7f0000000000)=@gcm_128={{0x303, 0x35}, "a16611e93404730a", "f4e8b7a124a6848b63b95cc291fb012d", "a47968af", "734ce308f6c7fb4a"}, 0x28)

08:22:27 executing program 3:
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000001c0)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x0, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWSET={0x48, 0x9, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_SET_ID={0x8}, @NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x21}, @NFTA_SET_EXPR={0xc, 0x11, 0x0, 0x1, @log={{0x8}, @void}}]}], {0x14, 0x10}}, 0x90}}, 0x0)

08:22:27 executing program 4:
r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
open_tree(r0, &(0x7f0000000300)='./file0\x00', 0x9801)

08:22:28 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe6000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
ioctl$KVM_SET_LAPIC(r2, 0x4008ae89, &(0x7f0000000640)={"06000000dd245c8488040000c9c8dc1964325fa96fa42b76830000402bec0ba41f010a003a40c8a4840000403b00041f01ffff80003c5ca2c2000000ee377abaece6b88378e3d63a03000040361d264ffa8b46485f02baee010100c04252066178868d1ef4b5365c5dc26ca097ddda7c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df10000174a3ac8694525a7e8c499a573577736800000000000008f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde318ead4825aa006a832d309fcda5bb5a6baa41d614f6c8941bee805954a62d196a4e8d4bf6b21224b57f530d0000c1ff53bf79a1f5c5dc34b2262d66ae793b6304a30b97077f1c131045cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478fbe65449b404923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f58e068af6afbbc19db161c6df1e7c9c71bc08a282fc2c142856b5e69aff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684364673dcfa9235ea5a2ff23c4bb5c5acb2e8976dcac779ff000000000000003d185afe28b774b99d38c90937428617de4cdd6f53c419ce31054182fd898af706f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e9605ab8c3c43840abd17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba16f70f558b2246ad95ccf7d3f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a800655d127de6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3efb254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f47692613e28387e955722908dd88b56163be8312ff47c5b6f070072975af74e97a5a8110a4d74496f4c8ec82ddb56d9b962d2fc43fa01a047666865c84f7cff36056cc4ac258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe07a69c46bffb7e7603970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8fdcda85ce975ec1381b1cec6ddaa76e186719d819164300"})

08:22:28 executing program 0:
perf_event_open(&(0x7f0000000640)={0x2, 0x80, 0xd7, 0x0, 0x0, 0x0, 0x0, 0x2000000000, 0xa40a1, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x10000, 0x0, 0x0, 0x3, 0x1, 0xffffff7c, 0x3, 0x0, 0x2cf6ca54, 0x0, 0x7}, 0x0, 0x2, 0xffffffffffffffff, 0xb)
mmap$perf(&(0x7f0000c00000/0x400000)=nil, 0x400000, 0x3000002, 0x40032, 0xffffffffffffffff, 0x0)
mlock2(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0)
mlock2(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0)
r0 = fork()
r1 = userfaultfd(0x80000)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x543c04, 0x0)
r3 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
dup3(r2, r3, 0x0)
write$binfmt_script(r1, &(0x7f0000000280)=ANY=[@ANYRESOCT=r3, @ANYRES32=r2, @ANYRESOCT, @ANYRESDEC, @ANYRESHEX, @ANYRESDEC=r2], 0x9f)
munlock(&(0x7f0000ef1000/0x2000)=nil, 0x2000)
syz_io_uring_setup(0x2e00, &(0x7f0000000340)={0x0, 0xc9ba, 0x20, 0xfffffffd, 0x2000037d}, &(0x7f0000ff3000/0x4000)=nil, &(0x7f0000eee000/0x8000)=nil, &(0x7f00000001c0), &(0x7f00000003c0))
mlock2(&(0x7f0000d03000/0x1000)=nil, 0x1000, 0x1)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000080)='freezer.parent_freezing\x00', 0x0, 0x0)
move_pages(r0, 0x2, &(0x7f0000000300)=[&(0x7f0000ffd000/0x1000)=nil, &(0x7f0000f10000/0x3000)=nil], &(0x7f00000000c0), &(0x7f0000000000), 0x0)
socket$caif_seqpacket(0x25, 0x5, 0x0)
get_robust_list(r0, &(0x7f0000000180)=&(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000000c0)}}, &(0x7f0000000200)=0xc)

08:22:28 executing program 3:
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000001c0)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x0, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWSET={0x48, 0x9, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_SET_ID={0x8}, @NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x21}, @NFTA_SET_EXPR={0xc, 0x11, 0x0, 0x1, @log={{0x8}, @void}}]}], {0x14, 0x10}}, 0x90}}, 0x0)

08:22:28 executing program 2:
syz_open_procfs(0x0, &(0x7f0000000040)='mounts\x00')
syz_open_procfs(0x0, &(0x7f0000000000)='mountstats\x00')
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000040)={r1})
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000))
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000001c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1003]})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000140)={[{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}]})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000056f000/0x18000)=nil, &(0x7f0000000080)=[@text32={0x20, &(0x7f00000000c0)="66ba4000b0c2ee66bad104b829280000efea0e0000000a00b8050000000f23d80f21f835c00000a00f23f8653e65f30f21c62e0fae2b0f01c2b8060000000f23d00f21f835200000000f23f8c4c3a1cf830000000002d9f7", 0x58}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

08:22:28 executing program 4:
r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
open_tree(r0, &(0x7f0000000300)='./file0\x00', 0x9801)

08:22:28 executing program 1:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x76dc)
connect$inet6(r0, &(0x7f0000000340)={0xa, 0x0, 0x0, @empty}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(0xffffffffffffffff, 0x6, 0x1f, &(0x7f00000002c0), 0x4)
setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x2, &(0x7f0000000300)=@ccm_128={{0x303}, "7873c5e679ef1971", "40945582c68f5712ab534e2bdc588d7f", "b92aadcc", "8d011208037a02a9"}, 0x28)
setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x1, &(0x7f0000000000)=@gcm_128={{0x303, 0x35}, "a16611e93404730a", "f4e8b7a124a6848b63b95cc291fb012d", "a47968af", "734ce308f6c7fb4a"}, 0x28)

08:22:28 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe6000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
ioctl$KVM_SET_LAPIC(r2, 0x4008ae89, &(0x7f0000000640)={"06000000dd245c8488040000c9c8dc1964325fa96fa42b76830000402bec0ba41f010a003a40c8a4840000403b00041f01ffff80003c5ca2c2000000ee377abaece6b88378e3d63a03000040361d264ffa8b46485f02baee010100c04252066178868d1ef4b5365c5dc26ca097ddda7c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df10000174a3ac8694525a7e8c499a573577736800000000000008f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde318ead4825aa006a832d309fcda5bb5a6baa41d614f6c8941bee805954a62d196a4e8d4bf6b21224b57f530d0000c1ff53bf79a1f5c5dc34b2262d66ae793b6304a30b97077f1c131045cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478fbe65449b404923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f58e068af6afbbc19db161c6df1e7c9c71bc08a282fc2c142856b5e69aff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684364673dcfa9235ea5a2ff23c4bb5c5acb2e8976dcac779ff000000000000003d185afe28b774b99d38c90937428617de4cdd6f53c419ce31054182fd898af706f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e9605ab8c3c43840abd17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba16f70f558b2246ad95ccf7d3f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a800655d127de6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3efb254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f47692613e28387e955722908dd88b56163be8312ff47c5b6f070072975af74e97a5a8110a4d74496f4c8ec82ddb56d9b962d2fc43fa01a047666865c84f7cff36056cc4ac258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe07a69c46bffb7e7603970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8fdcda85ce975ec1381b1cec6ddaa76e186719d819164300"})

08:22:28 executing program 3:
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000001c0)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x0, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWSET={0x48, 0x9, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_SET_ID={0x8}, @NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x21}, @NFTA_SET_EXPR={0xc, 0x11, 0x0, 0x1, @log={{0x8}, @void}}]}], {0x14, 0x10}}, 0x90}}, 0x0)

08:22:28 executing program 0:
perf_event_open(&(0x7f0000000640)={0x2, 0x80, 0xd7, 0x0, 0x0, 0x0, 0x0, 0x2000000000, 0xa40a1, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x10000, 0x0, 0x0, 0x3, 0x1, 0xffffff7c, 0x3, 0x0, 0x2cf6ca54, 0x0, 0x7}, 0x0, 0x2, 0xffffffffffffffff, 0xb)
mmap$perf(&(0x7f0000c00000/0x400000)=nil, 0x400000, 0x3000002, 0x40032, 0xffffffffffffffff, 0x0)
mlock2(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0)
mlock2(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0)
r0 = fork()
r1 = userfaultfd(0x80000)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x543c04, 0x0)
r3 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
dup3(r2, r3, 0x0)
write$binfmt_script(r1, &(0x7f0000000280)=ANY=[@ANYRESOCT=r3, @ANYRES32=r2, @ANYRESOCT, @ANYRESDEC, @ANYRESHEX, @ANYRESDEC=r2], 0x9f)
munlock(&(0x7f0000ef1000/0x2000)=nil, 0x2000)
syz_io_uring_setup(0x2e00, &(0x7f0000000340)={0x0, 0xc9ba, 0x20, 0xfffffffd, 0x2000037d}, &(0x7f0000ff3000/0x4000)=nil, &(0x7f0000eee000/0x8000)=nil, &(0x7f00000001c0), &(0x7f00000003c0))
mlock2(&(0x7f0000d03000/0x1000)=nil, 0x1000, 0x1)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000080)='freezer.parent_freezing\x00', 0x0, 0x0)
move_pages(r0, 0x2, &(0x7f0000000300)=[&(0x7f0000ffd000/0x1000)=nil, &(0x7f0000f10000/0x3000)=nil], &(0x7f00000000c0), &(0x7f0000000000), 0x0)
socket$caif_seqpacket(0x25, 0x5, 0x0)
get_robust_list(r0, &(0x7f0000000180)=&(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000000c0)}}, &(0x7f0000000200)=0xc)

08:22:28 executing program 4:
r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
open_tree(r0, &(0x7f0000000300)='./file0\x00', 0x9801)

08:22:28 executing program 1:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x76dc)
connect$inet6(r0, &(0x7f0000000340)={0xa, 0x0, 0x0, @empty}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(0xffffffffffffffff, 0x6, 0x1f, &(0x7f00000002c0), 0x4)
setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x2, &(0x7f0000000300)=@ccm_128={{0x303}, "7873c5e679ef1971", "40945582c68f5712ab534e2bdc588d7f", "b92aadcc", "8d011208037a02a9"}, 0x28)
setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x1, &(0x7f0000000000)=@gcm_128={{0x303, 0x35}, "a16611e93404730a", "f4e8b7a124a6848b63b95cc291fb012d", "a47968af", "734ce308f6c7fb4a"}, 0x28)

08:22:28 executing program 3:
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000001c0)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x3, 0x0, 0x0, {}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWSET={0x48, 0x9, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_SET_ID={0x8}, @NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x21}, @NFTA_SET_EXPR={0xc, 0x11, 0x0, 0x1, @log={{0x8}, @void}}]}], {0x14, 0x10}}, 0x90}}, 0x0)

08:22:28 executing program 0:
perf_event_open(&(0x7f0000000640)={0x2, 0x80, 0xd7, 0x0, 0x0, 0x0, 0x0, 0x2000000000, 0xa40a1, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x10000, 0x0, 0x0, 0x3, 0x1, 0xffffff7c, 0x3, 0x0, 0x2cf6ca54, 0x0, 0x7}, 0x0, 0x2, 0xffffffffffffffff, 0xb)
mmap$perf(&(0x7f0000c00000/0x400000)=nil, 0x400000, 0x3000002, 0x40032, 0xffffffffffffffff, 0x0)
mlock2(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0)
mlock2(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0)
r0 = fork()
r1 = userfaultfd(0x80000)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x543c04, 0x0)
r3 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r4 = dup3(r2, r3, 0x0)
write$binfmt_script(r1, &(0x7f0000000280)=ANY=[@ANYRESOCT=r3, @ANYRES32=r2, @ANYRESOCT, @ANYRESHEX=r4, @ANYRESDEC=r2], 0x9f)
munlock(&(0x7f0000ef1000/0x2000)=nil, 0x2000)
syz_io_uring_setup(0x2e00, &(0x7f0000000340)={0x0, 0xc9ba, 0x20, 0xfffffffd, 0x2000037d}, &(0x7f0000ff3000/0x4000)=nil, &(0x7f0000eee000/0x8000)=nil, &(0x7f00000001c0), &(0x7f00000003c0))
mlock2(&(0x7f0000d03000/0x1000)=nil, 0x1000, 0x1)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000080)='freezer.parent_freezing\x00', 0x0, 0x0)
move_pages(r0, 0x2, &(0x7f0000000300)=[&(0x7f0000ffd000/0x1000)=nil, &(0x7f0000f10000/0x3000)=nil], &(0x7f00000000c0), &(0x7f0000000000), 0x0)
socket$caif_seqpacket(0x25, 0x5, 0x0)
get_robust_list(r0, &(0x7f0000000180)=&(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000000c0)}}, &(0x7f0000000200)=0xc)

08:22:28 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe6000/0x18000)=nil, &(0x7f0000000040)=[@text16={0x10, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_SET_LAPIC(0xffffffffffffffff, 0x4008ae89, &(0x7f0000000640)={"06000000dd245c8488040000c9c8dc1964325fa96fa42b76830000402bec0ba41f010a003a40c8a4840000403b00041f01ffff80003c5ca2c2000000ee377abaece6b88378e3d63a03000040361d264ffa8b46485f02baee010100c04252066178868d1ef4b5365c5dc26ca097ddda7c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df10000174a3ac8694525a7e8c499a573577736800000000000008f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde318ead4825aa006a832d309fcda5bb5a6baa41d614f6c8941bee805954a62d196a4e8d4bf6b21224b57f530d0000c1ff53bf79a1f5c5dc34b2262d66ae793b6304a30b97077f1c131045cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478fbe65449b404923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f58e068af6afbbc19db161c6df1e7c9c71bc08a282fc2c142856b5e69aff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684364673dcfa9235ea5a2ff23c4bb5c5acb2e8976dcac779ff000000000000003d185afe28b774b99d38c90937428617de4cdd6f53c419ce31054182fd898af706f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e9605ab8c3c43840abd17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba16f70f558b2246ad95ccf7d3f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a800655d127de6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3efb254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f47692613e28387e955722908dd88b56163be8312ff47c5b6f070072975af74e97a5a8110a4d74496f4c8ec82ddb56d9b962d2fc43fa01a047666865c84f7cff36056cc4ac258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe07a69c46bffb7e7603970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8fdcda85ce975ec1381b1cec6ddaa76e186719d819164300"})

08:22:28 executing program 2:
syz_open_procfs(0x0, &(0x7f0000000040)='mounts\x00')
syz_open_procfs(0x0, &(0x7f0000000000)='mountstats\x00')
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000040)={r1})
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000))
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000001c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1003]})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000140)={[{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}]})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

08:22:28 executing program 4:
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x3800004, 0x12, 0xffffffffffffffff, 0x0)
open_tree(0xffffffffffffffff, &(0x7f0000000300)='./file0\x00', 0x9801)

08:22:28 executing program 1:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x76dc)
connect$inet6(r0, &(0x7f0000000340)={0xa, 0x0, 0x0, @empty}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(0xffffffffffffffff, 0x6, 0x1f, &(0x7f00000002c0), 0x4)
setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x2, &(0x7f0000000300)=@ccm_128={{0x303}, "7873c5e679ef1971", "40945582c68f5712ab534e2bdc588d7f", "b92aadcc", "8d011208037a02a9"}, 0x28)
setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x1, &(0x7f0000000000)=@gcm_128={{0x303, 0x35}, "a16611e93404730a", "f4e8b7a124a6848b63b95cc291fb012d", "a47968af", "734ce308f6c7fb4a"}, 0x28)

08:22:28 executing program 3:
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000001c0)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x3, 0x0, 0x0, {}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWSET={0x48, 0x9, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_SET_ID={0x8}, @NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x21}, @NFTA_SET_EXPR={0xc, 0x11, 0x0, 0x1, @log={{0x8}, @void}}]}], {0x14, 0x10}}, 0x90}}, 0x0)

08:22:28 executing program 0:
perf_event_open(&(0x7f0000000640)={0x2, 0x80, 0xd7, 0x0, 0x0, 0x0, 0x0, 0x2000000000, 0xa40a1, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x10000, 0x0, 0x0, 0x3, 0x1, 0xffffff7c, 0x3, 0x0, 0x2cf6ca54, 0x0, 0x7}, 0x0, 0x2, 0xffffffffffffffff, 0xb)
mmap$perf(&(0x7f0000c00000/0x400000)=nil, 0x400000, 0x3000002, 0x40032, 0xffffffffffffffff, 0x0)
mlock2(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0)
mlock2(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0)
r0 = fork()
r1 = userfaultfd(0x80000)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x543c04, 0x0)
r3 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r4 = dup3(r2, r3, 0x0)
write$binfmt_script(r1, &(0x7f0000000280)=ANY=[@ANYRESOCT=r3, @ANYRES32=r2, @ANYRESOCT, @ANYRESHEX=r4, @ANYRESDEC=r2], 0x9f)
munlock(&(0x7f0000ef1000/0x2000)=nil, 0x2000)
syz_io_uring_setup(0x2e00, &(0x7f0000000340)={0x0, 0xc9ba, 0x20, 0xfffffffd, 0x2000037d}, &(0x7f0000ff3000/0x4000)=nil, &(0x7f0000eee000/0x8000)=nil, &(0x7f00000001c0), &(0x7f00000003c0))
mlock2(&(0x7f0000d03000/0x1000)=nil, 0x1000, 0x1)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000080)='freezer.parent_freezing\x00', 0x0, 0x0)
move_pages(r0, 0x2, &(0x7f0000000300)=[&(0x7f0000ffd000/0x1000)=nil, &(0x7f0000f10000/0x3000)=nil], &(0x7f00000000c0), &(0x7f0000000000), 0x0)
socket$caif_seqpacket(0x25, 0x5, 0x0)
get_robust_list(r0, &(0x7f0000000180)=&(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000000c0)}}, &(0x7f0000000200)=0xc)

08:22:28 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe6000/0x18000)=nil, &(0x7f0000000040)=[@text16={0x10, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_SET_LAPIC(0xffffffffffffffff, 0x4008ae89, &(0x7f0000000640)={"06000000dd245c8488040000c9c8dc1964325fa96fa42b76830000402bec0ba41f010a003a40c8a4840000403b00041f01ffff80003c5ca2c2000000ee377abaece6b88378e3d63a03000040361d264ffa8b46485f02baee010100c04252066178868d1ef4b5365c5dc26ca097ddda7c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df10000174a3ac8694525a7e8c499a573577736800000000000008f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde318ead4825aa006a832d309fcda5bb5a6baa41d614f6c8941bee805954a62d196a4e8d4bf6b21224b57f530d0000c1ff53bf79a1f5c5dc34b2262d66ae793b6304a30b97077f1c131045cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478fbe65449b404923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f58e068af6afbbc19db161c6df1e7c9c71bc08a282fc2c142856b5e69aff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684364673dcfa9235ea5a2ff23c4bb5c5acb2e8976dcac779ff000000000000003d185afe28b774b99d38c90937428617de4cdd6f53c419ce31054182fd898af706f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e9605ab8c3c43840abd17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba16f70f558b2246ad95ccf7d3f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a800655d127de6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3efb254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f47692613e28387e955722908dd88b56163be8312ff47c5b6f070072975af74e97a5a8110a4d74496f4c8ec82ddb56d9b962d2fc43fa01a047666865c84f7cff36056cc4ac258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe07a69c46bffb7e7603970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8fdcda85ce975ec1381b1cec6ddaa76e186719d819164300"})

08:22:29 executing program 1:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x76dc)
connect$inet6(r0, &(0x7f0000000340)={0xa, 0x0, 0x0, @empty}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, 0x0, 0x0)
setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x2, &(0x7f0000000300)=@ccm_128={{0x303}, "7873c5e679ef1971", "40945582c68f5712ab534e2bdc588d7f", "b92aadcc", "8d011208037a02a9"}, 0x28)
setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x1, &(0x7f0000000000)=@gcm_128={{0x303, 0x35}, "a16611e93404730a", "f4e8b7a124a6848b63b95cc291fb012d", "a47968af", "734ce308f6c7fb4a"}, 0x28)

08:22:29 executing program 4:
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x3800004, 0x12, 0xffffffffffffffff, 0x0)
open_tree(0xffffffffffffffff, &(0x7f0000000300)='./file0\x00', 0x9801)

08:22:29 executing program 3:
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000001c0)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x3, 0x0, 0x0, {}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWSET={0x48, 0x9, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_SET_ID={0x8}, @NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x21}, @NFTA_SET_EXPR={0xc, 0x11, 0x0, 0x1, @log={{0x8}, @void}}]}], {0x14, 0x10}}, 0x90}}, 0x0)

08:22:29 executing program 2:
syz_open_procfs(0x0, &(0x7f0000000040)='mounts\x00')
syz_open_procfs(0x0, &(0x7f0000000000)='mountstats\x00')
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000040)={r1})
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000))
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000001c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1003]})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000140)={[{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}]})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

08:22:29 executing program 4:
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x3800004, 0x12, 0xffffffffffffffff, 0x0)
open_tree(0xffffffffffffffff, &(0x7f0000000300)='./file0\x00', 0x9801)

08:22:29 executing program 0:
perf_event_open(&(0x7f0000000640)={0x2, 0x80, 0xd7, 0x0, 0x0, 0x0, 0x0, 0x2000000000, 0xa40a1, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x10000, 0x0, 0x0, 0x3, 0x1, 0xffffff7c, 0x3, 0x0, 0x2cf6ca54, 0x0, 0x7}, 0x0, 0x2, 0xffffffffffffffff, 0xb)
mmap$perf(&(0x7f0000c00000/0x400000)=nil, 0x400000, 0x3000002, 0x40032, 0xffffffffffffffff, 0x0)
mlock2(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0)
mlock2(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0)
r0 = fork()
r1 = userfaultfd(0x80000)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x543c04, 0x0)
r3 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r4 = dup3(r2, r3, 0x0)
write$binfmt_script(r1, &(0x7f0000000280)=ANY=[@ANYRESOCT=r3, @ANYRES32=r2, @ANYRESOCT, @ANYRESHEX=r4, @ANYRESDEC=r2], 0x9f)
munlock(&(0x7f0000ef1000/0x2000)=nil, 0x2000)
syz_io_uring_setup(0x2e00, &(0x7f0000000340)={0x0, 0xc9ba, 0x20, 0xfffffffd, 0x2000037d}, &(0x7f0000ff3000/0x4000)=nil, &(0x7f0000eee000/0x8000)=nil, &(0x7f00000001c0), &(0x7f00000003c0))
mlock2(&(0x7f0000d03000/0x1000)=nil, 0x1000, 0x1)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000080)='freezer.parent_freezing\x00', 0x0, 0x0)
move_pages(r0, 0x2, &(0x7f0000000300)=[&(0x7f0000ffd000/0x1000)=nil, &(0x7f0000f10000/0x3000)=nil], &(0x7f00000000c0), &(0x7f0000000000), 0x0)
socket$caif_seqpacket(0x25, 0x5, 0x0)
get_robust_list(r0, &(0x7f0000000180)=&(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000000c0)}}, &(0x7f0000000200)=0xc)

08:22:29 executing program 1:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x76dc)
connect$inet6(r0, &(0x7f0000000340)={0xa, 0x0, 0x0, @empty}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, 0x0, 0x0)
setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x2, &(0x7f0000000300)=@ccm_128={{0x303}, "7873c5e679ef1971", "40945582c68f5712ab534e2bdc588d7f", "b92aadcc", "8d011208037a02a9"}, 0x28)
setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x1, &(0x7f0000000000)=@gcm_128={{0x303, 0x35}, "a16611e93404730a", "f4e8b7a124a6848b63b95cc291fb012d", "a47968af", "734ce308f6c7fb4a"}, 0x28)

08:22:29 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe6000/0x18000)=nil, &(0x7f0000000040)=[@text16={0x10, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_SET_LAPIC(0xffffffffffffffff, 0x4008ae89, &(0x7f0000000640)={"06000000dd245c8488040000c9c8dc1964325fa96fa42b76830000402bec0ba41f010a003a40c8a4840000403b00041f01ffff80003c5ca2c2000000ee377abaece6b88378e3d63a03000040361d264ffa8b46485f02baee010100c04252066178868d1ef4b5365c5dc26ca097ddda7c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df10000174a3ac8694525a7e8c499a573577736800000000000008f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde318ead4825aa006a832d309fcda5bb5a6baa41d614f6c8941bee805954a62d196a4e8d4bf6b21224b57f530d0000c1ff53bf79a1f5c5dc34b2262d66ae793b6304a30b97077f1c131045cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478fbe65449b404923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f58e068af6afbbc19db161c6df1e7c9c71bc08a282fc2c142856b5e69aff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684364673dcfa9235ea5a2ff23c4bb5c5acb2e8976dcac779ff000000000000003d185afe28b774b99d38c90937428617de4cdd6f53c419ce31054182fd898af706f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e9605ab8c3c43840abd17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba16f70f558b2246ad95ccf7d3f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a800655d127de6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3efb254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f47692613e28387e955722908dd88b56163be8312ff47c5b6f070072975af74e97a5a8110a4d74496f4c8ec82ddb56d9b962d2fc43fa01a047666865c84f7cff36056cc4ac258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe07a69c46bffb7e7603970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8fdcda85ce975ec1381b1cec6ddaa76e186719d819164300"})

08:22:29 executing program 3:
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000001c0)={{0x14}, [@NFT_MSG_NEWTABLE={0x14, 0x0, 0xa, 0x3, 0x0, 0x0, {0x1}}, @NFT_MSG_NEWSET={0x48, 0x9, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_SET_ID={0x8}, @NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x21}, @NFTA_SET_EXPR={0xc, 0x11, 0x0, 0x1, @log={{0x8}, @void}}]}], {0x14, 0x10}}, 0x84}}, 0x0)

08:22:29 executing program 4:
r0 = openat(0xffffffffffffffff, 0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x3800004, 0x12, r0, 0x0)
open_tree(r0, &(0x7f0000000300)='./file0\x00', 0x9801)

08:22:29 executing program 0:
perf_event_open(&(0x7f0000000640)={0x2, 0x80, 0xd7, 0x0, 0x0, 0x0, 0x0, 0x2000000000, 0xa40a1, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x10000, 0x0, 0x0, 0x3, 0x1, 0xffffff7c, 0x3, 0x0, 0x2cf6ca54, 0x0, 0x7}, 0x0, 0x2, 0xffffffffffffffff, 0xb)
mmap$perf(&(0x7f0000c00000/0x400000)=nil, 0x400000, 0x3000002, 0x40032, 0xffffffffffffffff, 0x0)
mlock2(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0)
mlock2(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0)
r0 = fork()
r1 = userfaultfd(0x80000)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x543c04, 0x0)
r3 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r4 = dup3(r2, r3, 0x0)
write$binfmt_script(r1, &(0x7f0000000280)=ANY=[@ANYRESOCT=r3, @ANYRES32=r2, @ANYRESDEC, @ANYRESHEX=r4, @ANYRESDEC=r2], 0x9f)
munlock(&(0x7f0000ef1000/0x2000)=nil, 0x2000)
syz_io_uring_setup(0x2e00, &(0x7f0000000340)={0x0, 0xc9ba, 0x20, 0xfffffffd, 0x2000037d}, &(0x7f0000ff3000/0x4000)=nil, &(0x7f0000eee000/0x8000)=nil, &(0x7f00000001c0), &(0x7f00000003c0))
mlock2(&(0x7f0000d03000/0x1000)=nil, 0x1000, 0x1)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000080)='freezer.parent_freezing\x00', 0x0, 0x0)
move_pages(r0, 0x2, &(0x7f0000000300)=[&(0x7f0000ffd000/0x1000)=nil, &(0x7f0000f10000/0x3000)=nil], &(0x7f00000000c0), &(0x7f0000000000), 0x0)
socket$caif_seqpacket(0x25, 0x5, 0x0)
get_robust_list(r0, &(0x7f0000000180)=&(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000000c0)}}, &(0x7f0000000200)=0xc)

08:22:29 executing program 1:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x76dc)
connect$inet6(r0, &(0x7f0000000340)={0xa, 0x0, 0x0, @empty}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, 0x0, 0x0)
setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x2, &(0x7f0000000300)=@ccm_128={{0x303}, "7873c5e679ef1971", "40945582c68f5712ab534e2bdc588d7f", "b92aadcc", "8d011208037a02a9"}, 0x28)
setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x1, &(0x7f0000000000)=@gcm_128={{0x303, 0x35}, "a16611e93404730a", "f4e8b7a124a6848b63b95cc291fb012d", "a47968af", "734ce308f6c7fb4a"}, 0x28)

08:22:29 executing program 2:
syz_open_procfs(0x0, &(0x7f0000000040)='mounts\x00')
syz_open_procfs(0x0, &(0x7f0000000000)='mountstats\x00')
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000040)={r1})
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000))
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000001c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1003]})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000140)={[{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}]})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

08:22:29 executing program 3:
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000001c0)={{0x14}, [@NFT_MSG_NEWTABLE={0x14, 0x0, 0xa, 0x3, 0x0, 0x0, {0x1}}, @NFT_MSG_NEWSET={0x48, 0x9, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_SET_ID={0x8}, @NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x21}, @NFTA_SET_EXPR={0xc, 0x11, 0x0, 0x1, @log={{0x8}, @void}}]}], {0x14, 0x10}}, 0x84}}, 0x0)

08:22:29 executing program 4:
r0 = openat(0xffffffffffffffff, 0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x3800004, 0x12, r0, 0x0)
open_tree(r0, &(0x7f0000000300)='./file0\x00', 0x9801)

08:22:29 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe6000/0x18000)=nil, &(0x7f0000000040)=[@text16={0x10, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_SET_LAPIC(r2, 0x4008ae89, 0x0)

08:22:29 executing program 0:
perf_event_open(&(0x7f0000000640)={0x2, 0x80, 0xd7, 0x0, 0x0, 0x0, 0x0, 0x2000000000, 0xa40a1, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x10000, 0x0, 0x0, 0x3, 0x1, 0xffffff7c, 0x3, 0x0, 0x2cf6ca54, 0x0, 0x7}, 0x0, 0x2, 0xffffffffffffffff, 0xb)
mmap$perf(&(0x7f0000c00000/0x400000)=nil, 0x400000, 0x3000002, 0x40032, 0xffffffffffffffff, 0x0)
mlock2(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0)
mlock2(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0)
r0 = fork()
r1 = userfaultfd(0x80000)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x543c04, 0x0)
r3 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r4 = dup3(r2, r3, 0x0)
write$binfmt_script(r1, &(0x7f0000000280)=ANY=[@ANYRESOCT=r3, @ANYRES32=r2, @ANYRESDEC, @ANYRESHEX=r4, @ANYRESDEC=r2], 0x9f)
munlock(&(0x7f0000ef1000/0x2000)=nil, 0x2000)
syz_io_uring_setup(0x2e00, &(0x7f0000000340)={0x0, 0xc9ba, 0x20, 0xfffffffd, 0x2000037d}, &(0x7f0000ff3000/0x4000)=nil, &(0x7f0000eee000/0x8000)=nil, &(0x7f00000001c0), &(0x7f00000003c0))
mlock2(&(0x7f0000d03000/0x1000)=nil, 0x1000, 0x1)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000080)='freezer.parent_freezing\x00', 0x0, 0x0)
move_pages(r0, 0x2, &(0x7f0000000300)=[&(0x7f0000ffd000/0x1000)=nil, &(0x7f0000f10000/0x3000)=nil], &(0x7f00000000c0), &(0x7f0000000000), 0x0)
socket$caif_seqpacket(0x25, 0x5, 0x0)
get_robust_list(r0, &(0x7f0000000180)=&(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000000c0)}}, &(0x7f0000000200)=0xc)

08:22:29 executing program 1:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x76dc)
connect$inet6(r0, &(0x7f0000000340)={0xa, 0x0, 0x0, @empty}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000002c0), 0x4)
setsockopt$inet6_tcp_TLS_TX(0xffffffffffffffff, 0x11a, 0x2, &(0x7f0000000300)=@ccm_128={{0x303}, "7873c5e679ef1971", "40945582c68f5712ab534e2bdc588d7f", "b92aadcc", "8d011208037a02a9"}, 0x28)
setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x1, &(0x7f0000000000)=@gcm_128={{0x303, 0x35}, "a16611e93404730a", "f4e8b7a124a6848b63b95cc291fb012d", "a47968af", "734ce308f6c7fb4a"}, 0x28)

08:22:29 executing program 4:
r0 = openat(0xffffffffffffffff, 0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x3800004, 0x12, r0, 0x0)
open_tree(r0, &(0x7f0000000300)='./file0\x00', 0x9801)

08:22:29 executing program 3:
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000001c0)={{0x14}, [@NFT_MSG_NEWTABLE={0x14, 0x0, 0xa, 0x3, 0x0, 0x0, {0x1}}, @NFT_MSG_NEWSET={0x48, 0x9, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_SET_ID={0x8}, @NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x21}, @NFTA_SET_EXPR={0xc, 0x11, 0x0, 0x1, @log={{0x8}, @void}}]}], {0x14, 0x10}}, 0x84}}, 0x0)

08:22:29 executing program 2:
syz_open_procfs(0x0, &(0x7f0000000040)='mounts\x00')
syz_open_procfs(0x0, &(0x7f0000000000)='mountstats\x00')
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000040)={r1})
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000))
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000001c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1003]})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000056f000/0x18000)=nil, &(0x7f0000000080)=[@text32={0x20, &(0x7f00000000c0)="66ba4000b0c2ee66bad104b829280000efea0e0000000a00b8050000000f23d80f21f835c00000a00f23f8653e65f30f21c62e0fae2b0f01c2b8060000000f23d00f21f835200000000f23f8c4c3a1cf830000000002d9f7", 0x58}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

08:22:29 executing program 1:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x76dc)
connect$inet6(r0, &(0x7f0000000340)={0xa, 0x0, 0x0, @empty}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000002c0), 0x4)
setsockopt$inet6_tcp_TLS_TX(0xffffffffffffffff, 0x11a, 0x2, &(0x7f0000000300)=@ccm_128={{0x303}, "7873c5e679ef1971", "40945582c68f5712ab534e2bdc588d7f", "b92aadcc", "8d011208037a02a9"}, 0x28)
setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x1, &(0x7f0000000000)=@gcm_128={{0x303, 0x35}, "a16611e93404730a", "f4e8b7a124a6848b63b95cc291fb012d", "a47968af", "734ce308f6c7fb4a"}, 0x28)

08:22:29 executing program 0:
perf_event_open(&(0x7f0000000640)={0x2, 0x80, 0xd7, 0x0, 0x0, 0x0, 0x0, 0x2000000000, 0xa40a1, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x10000, 0x0, 0x0, 0x3, 0x1, 0xffffff7c, 0x3, 0x0, 0x2cf6ca54, 0x0, 0x7}, 0x0, 0x2, 0xffffffffffffffff, 0xb)
mmap$perf(&(0x7f0000c00000/0x400000)=nil, 0x400000, 0x3000002, 0x40032, 0xffffffffffffffff, 0x0)
mlock2(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0)
mlock2(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0)
r0 = fork()
r1 = userfaultfd(0x80000)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x543c04, 0x0)
r3 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r4 = dup3(r2, r3, 0x0)
write$binfmt_script(r1, &(0x7f0000000280)=ANY=[@ANYRESOCT=r3, @ANYRES32=r2, @ANYRESDEC, @ANYRESHEX=r4, @ANYRESDEC=r2], 0x9f)
munlock(&(0x7f0000ef1000/0x2000)=nil, 0x2000)
syz_io_uring_setup(0x2e00, &(0x7f0000000340)={0x0, 0xc9ba, 0x20, 0xfffffffd, 0x2000037d}, &(0x7f0000ff3000/0x4000)=nil, &(0x7f0000eee000/0x8000)=nil, &(0x7f00000001c0), &(0x7f00000003c0))
mlock2(&(0x7f0000d03000/0x1000)=nil, 0x1000, 0x1)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000080)='freezer.parent_freezing\x00', 0x0, 0x0)
move_pages(r0, 0x2, &(0x7f0000000300)=[&(0x7f0000ffd000/0x1000)=nil, &(0x7f0000f10000/0x3000)=nil], &(0x7f00000000c0), &(0x7f0000000000), 0x0)
socket$caif_seqpacket(0x25, 0x5, 0x0)
get_robust_list(r0, &(0x7f0000000180)=&(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000000c0)}}, &(0x7f0000000200)=0xc)

08:22:29 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe6000/0x18000)=nil, &(0x7f0000000040)=[@text16={0x10, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_SET_LAPIC(r2, 0x4008ae89, 0x0)

08:22:29 executing program 4:
r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x12, r0, 0x0)
open_tree(r0, &(0x7f0000000300)='./file0\x00', 0x9801)

08:22:30 executing program 3:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x20, 0x8b}, 0x0)
setrlimit(0xb, &(0x7f0000000100)={0x1, 0x4})
getpid()
sched_setattr(0x0, &(0x7f0000000140)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0)
sched_setattr(0x0, 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000000)={0x38, 0x3, 0x20, 0x748, 0x7fffffff, 0x7, 0x5, 0x100000000001, 0x101}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
setrlimit(0xa, &(0x7f00000000c0)={0x0, 0x5})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
r2 = getpid()
prlimit64(0xffffffffffffffff, 0xcaf2581f7087a61c, &(0x7f0000000040)={0x0, 0x100}, &(0x7f0000000080))
sched_setattr(r2, &(0x7f0000000240)={0x38, 0x2, 0x0, 0x0, 0x4}, 0x0)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000180), 0xa081, 0x0)
ioctl$SNAPSHOT_FREE(r3, 0x3305)

08:22:30 executing program 1:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x76dc)
connect$inet6(r0, &(0x7f0000000340)={0xa, 0x0, 0x0, @empty}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000002c0), 0x4)
setsockopt$inet6_tcp_TLS_TX(0xffffffffffffffff, 0x11a, 0x2, &(0x7f0000000300)=@ccm_128={{0x303}, "7873c5e679ef1971", "40945582c68f5712ab534e2bdc588d7f", "b92aadcc", "8d011208037a02a9"}, 0x28)
setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x1, &(0x7f0000000000)=@gcm_128={{0x303, 0x35}, "a16611e93404730a", "f4e8b7a124a6848b63b95cc291fb012d", "a47968af", "734ce308f6c7fb4a"}, 0x28)

08:22:30 executing program 0:
perf_event_open(&(0x7f0000000640)={0x2, 0x80, 0xd7, 0x0, 0x0, 0x0, 0x0, 0x2000000000, 0xa40a1, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x10000, 0x0, 0x0, 0x3, 0x1, 0xffffff7c, 0x3, 0x0, 0x2cf6ca54, 0x0, 0x7}, 0x0, 0x2, 0xffffffffffffffff, 0xb)
mmap$perf(&(0x7f0000c00000/0x400000)=nil, 0x400000, 0x3000002, 0x40032, 0xffffffffffffffff, 0x0)
mlock2(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0)
mlock2(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0)
r0 = fork()
r1 = userfaultfd(0x80000)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x543c04, 0x0)
r3 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r4 = dup3(r2, r3, 0x0)
write$binfmt_script(r1, &(0x7f0000000280)=ANY=[@ANYRESOCT=r3, @ANYRESOCT, @ANYRESDEC, @ANYRESHEX=r4, @ANYRESDEC=r2], 0x9f)
munlock(&(0x7f0000ef1000/0x2000)=nil, 0x2000)
syz_io_uring_setup(0x2e00, &(0x7f0000000340)={0x0, 0xc9ba, 0x20, 0xfffffffd, 0x2000037d}, &(0x7f0000ff3000/0x4000)=nil, &(0x7f0000eee000/0x8000)=nil, &(0x7f00000001c0), &(0x7f00000003c0))
mlock2(&(0x7f0000d03000/0x1000)=nil, 0x1000, 0x1)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000080)='freezer.parent_freezing\x00', 0x0, 0x0)
move_pages(r0, 0x2, &(0x7f0000000300)=[&(0x7f0000ffd000/0x1000)=nil, &(0x7f0000f10000/0x3000)=nil], &(0x7f00000000c0), &(0x7f0000000000), 0x0)
socket$caif_seqpacket(0x25, 0x5, 0x0)
get_robust_list(r0, &(0x7f0000000180)=&(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000000c0)}}, &(0x7f0000000200)=0xc)

[  449.503023][T15592] Restarting kernel threads ... done.
08:22:30 executing program 4:
r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x12, r0, 0x0)
open_tree(r0, &(0x7f0000000300)='./file0\x00', 0x9801)

08:22:31 executing program 1:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x76dc)
connect$inet6(r0, &(0x7f0000000340)={0xa, 0x0, 0x0, @empty}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000002c0), 0x4)
setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x2, 0x0, 0x0)
setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x1, &(0x7f0000000000)=@gcm_128={{0x303, 0x35}, "a16611e93404730a", "f4e8b7a124a6848b63b95cc291fb012d", "a47968af", "734ce308f6c7fb4a"}, 0x28)

08:22:31 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe6000/0x18000)=nil, &(0x7f0000000040)=[@text16={0x10, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_SET_LAPIC(r2, 0x4008ae89, 0x0)

08:22:31 executing program 2:
syz_open_procfs(0x0, &(0x7f0000000040)='mounts\x00')
syz_open_procfs(0x0, &(0x7f0000000000)='mountstats\x00')
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000040)={r1})
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000))
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000001c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1003]})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000056f000/0x18000)=nil, &(0x7f0000000080)=[@text32={0x20, &(0x7f00000000c0)="66ba4000b0c2ee66bad104b829280000efea0e0000000a00b8050000000f23d80f21f835c00000a00f23f8653e65f30f21c62e0fae2b0f01c2b8060000000f23d00f21f835200000000f23f8c4c3a1cf830000000002d9f7", 0x58}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

08:22:31 executing program 3:
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
r1 = syz_open_dev$cec(&(0x7f00000001c0), 0x2, 0x2)
mount$9p_fd(0x0, &(0x7f0000000140)='./bus\x00', &(0x7f0000000180), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})

08:22:31 executing program 1:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x76dc)
connect$inet6(r0, &(0x7f0000000340)={0xa, 0x0, 0x0, @empty}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000002c0), 0x4)
setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x2, 0x0, 0x0)
setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x1, &(0x7f0000000000)=@gcm_128={{0x303, 0x35}, "a16611e93404730a", "f4e8b7a124a6848b63b95cc291fb012d", "a47968af", "734ce308f6c7fb4a"}, 0x28)

08:22:31 executing program 4:
r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x12, r0, 0x0)
open_tree(r0, &(0x7f0000000300)='./file0\x00', 0x9801)

08:22:31 executing program 0:
perf_event_open(&(0x7f0000000640)={0x2, 0x80, 0xd7, 0x0, 0x0, 0x0, 0x0, 0x2000000000, 0xa40a1, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x10000, 0x0, 0x0, 0x3, 0x1, 0xffffff7c, 0x3, 0x0, 0x2cf6ca54, 0x0, 0x7}, 0x0, 0x2, 0xffffffffffffffff, 0xb)
mmap$perf(&(0x7f0000c00000/0x400000)=nil, 0x400000, 0x3000002, 0x40032, 0xffffffffffffffff, 0x0)
mlock2(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0)
mlock2(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0)
r0 = fork()
r1 = userfaultfd(0x80000)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x543c04, 0x0)
r3 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r4 = dup3(r2, r3, 0x0)
write$binfmt_script(r1, &(0x7f0000000280)=ANY=[@ANYRESOCT=r3, @ANYRESOCT, @ANYRESDEC, @ANYRESHEX=r4, @ANYRESDEC=r2], 0x9f)
munlock(&(0x7f0000ef1000/0x2000)=nil, 0x2000)
syz_io_uring_setup(0x2e00, &(0x7f0000000340)={0x0, 0xc9ba, 0x20, 0xfffffffd, 0x2000037d}, &(0x7f0000ff3000/0x4000)=nil, &(0x7f0000eee000/0x8000)=nil, &(0x7f00000001c0), &(0x7f00000003c0))
mlock2(&(0x7f0000d03000/0x1000)=nil, 0x1000, 0x1)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000080)='freezer.parent_freezing\x00', 0x0, 0x0)
move_pages(r0, 0x2, &(0x7f0000000300)=[&(0x7f0000ffd000/0x1000)=nil, &(0x7f0000f10000/0x3000)=nil], &(0x7f00000000c0), &(0x7f0000000000), 0x0)
socket$caif_seqpacket(0x25, 0x5, 0x0)
get_robust_list(r0, &(0x7f0000000180)=&(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000000c0)}}, &(0x7f0000000200)=0xc)

08:22:31 executing program 5:
openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000000c0)='cgroup.controllers\x00', 0x0, 0x0)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r1 = getpid()
sched_setattr(0x0, &(0x7f0000000140)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0)
sched_setattr(r1, &(0x7f0000000240)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
accept4(0xffffffffffffffff, &(0x7f0000000180)=@in6={0xa, 0x0, 0x0, @ipv4={""/10, ""/2, @empty}}, &(0x7f0000000000)=0x80, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00'})
close(r0)
preadv(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)

08:22:31 executing program 1:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x76dc)
connect$inet6(r0, &(0x7f0000000340)={0xa, 0x0, 0x0, @empty}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000002c0), 0x4)
setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x2, 0x0, 0x0)
setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x1, &(0x7f0000000000)=@gcm_128={{0x303, 0x35}, "a16611e93404730a", "f4e8b7a124a6848b63b95cc291fb012d", "a47968af", "734ce308f6c7fb4a"}, 0x28)

08:22:31 executing program 4:
r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x3800004, 0x10, r0, 0x0)
open_tree(r0, &(0x7f0000000300)='./file0\x00', 0x9801)

08:22:31 executing program 0:
perf_event_open(&(0x7f0000000640)={0x2, 0x80, 0xd7, 0x0, 0x0, 0x0, 0x0, 0x2000000000, 0xa40a1, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x10000, 0x0, 0x0, 0x3, 0x1, 0xffffff7c, 0x3, 0x0, 0x2cf6ca54, 0x0, 0x7}, 0x0, 0x2, 0xffffffffffffffff, 0xb)
mmap$perf(&(0x7f0000c00000/0x400000)=nil, 0x400000, 0x3000002, 0x40032, 0xffffffffffffffff, 0x0)
mlock2(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0)
mlock2(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0)
r0 = fork()
r1 = userfaultfd(0x80000)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x543c04, 0x0)
r3 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r4 = dup3(r2, r3, 0x0)
write$binfmt_script(r1, &(0x7f0000000280)=ANY=[@ANYRESOCT=r3, @ANYRESOCT, @ANYRESDEC, @ANYRESHEX=r4, @ANYRESDEC=r2], 0x9f)
munlock(&(0x7f0000ef1000/0x2000)=nil, 0x2000)
syz_io_uring_setup(0x2e00, &(0x7f0000000340)={0x0, 0xc9ba, 0x20, 0xfffffffd, 0x2000037d}, &(0x7f0000ff3000/0x4000)=nil, &(0x7f0000eee000/0x8000)=nil, &(0x7f00000001c0), &(0x7f00000003c0))
mlock2(&(0x7f0000d03000/0x1000)=nil, 0x1000, 0x1)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000080)='freezer.parent_freezing\x00', 0x0, 0x0)
move_pages(r0, 0x2, &(0x7f0000000300)=[&(0x7f0000ffd000/0x1000)=nil, &(0x7f0000f10000/0x3000)=nil], &(0x7f00000000c0), &(0x7f0000000000), 0x0)
socket$caif_seqpacket(0x25, 0x5, 0x0)
get_robust_list(r0, &(0x7f0000000180)=&(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000000c0)}}, &(0x7f0000000200)=0xc)

08:22:31 executing program 1:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x76dc)
connect$inet6(r0, &(0x7f0000000340)={0xa, 0x0, 0x0, @empty}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000002c0), 0x4)
setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x2, &(0x7f0000000300)=@ccm_128={{}, "7873c5e679ef1971", "40945582c68f5712ab534e2bdc588d7f", "b92aadcc", "8d011208037a02a9"}, 0x28)
setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x1, &(0x7f0000000000)=@gcm_128={{0x303, 0x35}, "a16611e93404730a", "f4e8b7a124a6848b63b95cc291fb012d", "a47968af", "734ce308f6c7fb4a"}, 0x28)

08:22:31 executing program 5:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r0 = getpid()
sched_setattr(0x0, &(0x7f0000000140)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0)
sched_setattr(r0, &(0x7f0000000240)={0x38, 0x2, 0x0, 0x0, 0x6}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setattr(r0, &(0x7f00000000c0)={0x38, 0x3, 0x0, 0x0, 0x800, 0xffffffff, 0x101, 0x6, 0x4}, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto(r1, 0x0, 0x0, 0x0, 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000040)={0x38, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0)
bind$inet6(r3, &(0x7f0000d84000)={0xa, 0x2}, 0x1c)
creat(0x0, 0x0)
setsockopt$inet6_tcp_int(r3, 0x6, 0xa, &(0x7f0000000080)=0x8, 0x4)
sendto$inet6(r3, &(0x7f0000f6f000), 0xfffffffffffffea7, 0x20000004, &(0x7f0000b63fe4)={0xa, 0x2, 0x983a}, 0x1c)
lseek(r3, 0xfffffffffffff1f9, 0x3)

08:22:32 executing program 0:
perf_event_open(&(0x7f0000000640)={0x2, 0x80, 0xd7, 0x0, 0x0, 0x0, 0x0, 0x2000000000, 0xa40a1, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x10000, 0x0, 0x0, 0x3, 0x1, 0xffffff7c, 0x3, 0x0, 0x2cf6ca54, 0x0, 0x7}, 0x0, 0x2, 0xffffffffffffffff, 0xb)
mmap$perf(&(0x7f0000c00000/0x400000)=nil, 0x400000, 0x3000002, 0x40032, 0xffffffffffffffff, 0x0)
mlock2(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0)
mlock2(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0)
r0 = fork()
r1 = userfaultfd(0x80000)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x543c04, 0x0)
r3 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r4 = dup3(r2, r3, 0x0)
write$binfmt_script(r1, &(0x7f0000000280)=ANY=[@ANYRESOCT=r3, @ANYRES32, @ANYRESOCT, @ANYRESDEC, @ANYRESHEX=r4, @ANYRESDEC=r2], 0x9f)
munlock(&(0x7f0000ef1000/0x2000)=nil, 0x2000)
syz_io_uring_setup(0x2e00, &(0x7f0000000340)={0x0, 0xc9ba, 0x20, 0xfffffffd, 0x2000037d}, &(0x7f0000ff3000/0x4000)=nil, &(0x7f0000eee000/0x8000)=nil, &(0x7f00000001c0), &(0x7f00000003c0))
mlock2(&(0x7f0000d03000/0x1000)=nil, 0x1000, 0x1)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000080)='freezer.parent_freezing\x00', 0x0, 0x0)
move_pages(r0, 0x2, &(0x7f0000000300)=[&(0x7f0000ffd000/0x1000)=nil, &(0x7f0000f10000/0x3000)=nil], &(0x7f00000000c0), &(0x7f0000000000), 0x0)
socket$caif_seqpacket(0x25, 0x5, 0x0)
get_robust_list(r0, &(0x7f0000000180)=&(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000000c0)}}, &(0x7f0000000200)=0xc)

08:22:32 executing program 2:
syz_open_procfs(0x0, &(0x7f0000000040)='mounts\x00')
syz_open_procfs(0x0, &(0x7f0000000000)='mountstats\x00')
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000040)={r1})
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000))
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000001c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1003]})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000056f000/0x18000)=nil, &(0x7f0000000080)=[@text32={0x20, &(0x7f00000000c0)="66ba4000b0c2ee66bad104b829280000efea0e0000000a00b8050000000f23d80f21f835c00000a00f23f8653e65f30f21c62e0fae2b0f01c2b8060000000f23d00f21f835200000000f23f8c4c3a1cf830000000002d9f7", 0x58}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

08:22:32 executing program 3:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0)
write$binfmt_script(r0, &(0x7f0000000040)=ANY=[], 0x6db6e559)
mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1, 0x10012, r0, 0x0)
chmod(&(0x7f0000000040)='./file0\x00', 0x0)

08:22:32 executing program 4:
r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x3800004, 0x10, r0, 0x0)
open_tree(r0, &(0x7f0000000300)='./file0\x00', 0x9801)

08:22:32 executing program 1:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x76dc)
connect$inet6(r0, &(0x7f0000000340)={0xa, 0x0, 0x0, @empty}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000002c0), 0x4)
setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x2, &(0x7f0000000300)=@ccm_128={{}, "7873c5e679ef1971", "40945582c68f5712ab534e2bdc588d7f", "b92aadcc", "8d011208037a02a9"}, 0x28)
setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x1, &(0x7f0000000000)=@gcm_128={{0x303, 0x35}, "a16611e93404730a", "f4e8b7a124a6848b63b95cc291fb012d", "a47968af", "734ce308f6c7fb4a"}, 0x28)

08:22:33 executing program 5:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r0 = getpid()
sched_setattr(0x0, &(0x7f0000000140)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0)
sched_setattr(r0, &(0x7f0000000240)={0x38, 0x2, 0x0, 0x0, 0x6}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setattr(r0, &(0x7f00000000c0)={0x38, 0x3, 0x0, 0x0, 0x800, 0xffffffff, 0x101, 0x6, 0x4}, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto(r1, 0x0, 0x0, 0x0, 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000040)={0x38, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0)
bind$inet6(r3, &(0x7f0000d84000)={0xa, 0x2}, 0x1c)
creat(0x0, 0x0)
setsockopt$inet6_tcp_int(r3, 0x6, 0xa, &(0x7f0000000080)=0x8, 0x4)
sendto$inet6(r3, &(0x7f0000f6f000), 0xfffffffffffffea7, 0x20000004, &(0x7f0000b63fe4)={0xa, 0x2, 0x983a}, 0x1c)
lseek(r3, 0xfffffffffffff1f9, 0x3)

08:22:33 executing program 0:
perf_event_open(&(0x7f0000000640)={0x2, 0x80, 0xd7, 0x0, 0x0, 0x0, 0x0, 0x2000000000, 0xa40a1, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x10000, 0x0, 0x0, 0x3, 0x1, 0xffffff7c, 0x3, 0x0, 0x2cf6ca54, 0x0, 0x7}, 0x0, 0x2, 0xffffffffffffffff, 0xb)
mmap$perf(&(0x7f0000c00000/0x400000)=nil, 0x400000, 0x3000002, 0x40032, 0xffffffffffffffff, 0x0)
mlock2(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0)
mlock2(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0)
r0 = fork()
r1 = userfaultfd(0x80000)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x543c04, 0x0)
r3 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r4 = dup3(r2, r3, 0x0)
write$binfmt_script(r1, &(0x7f0000000280)=ANY=[@ANYRESOCT=r3, @ANYRES32, @ANYRESOCT, @ANYRESDEC, @ANYRESHEX=r4, @ANYRESDEC=r2], 0x9f)
munlock(&(0x7f0000ef1000/0x2000)=nil, 0x2000)
syz_io_uring_setup(0x2e00, &(0x7f0000000340)={0x0, 0xc9ba, 0x20, 0xfffffffd, 0x2000037d}, &(0x7f0000ff3000/0x4000)=nil, &(0x7f0000eee000/0x8000)=nil, &(0x7f00000001c0), &(0x7f00000003c0))
mlock2(&(0x7f0000d03000/0x1000)=nil, 0x1000, 0x1)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000080)='freezer.parent_freezing\x00', 0x0, 0x0)
move_pages(r0, 0x2, &(0x7f0000000300)=[&(0x7f0000ffd000/0x1000)=nil, &(0x7f0000f10000/0x3000)=nil], &(0x7f00000000c0), &(0x7f0000000000), 0x0)
socket$caif_seqpacket(0x25, 0x5, 0x0)
get_robust_list(r0, &(0x7f0000000180)=&(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000000c0)}}, &(0x7f0000000200)=0xc)

08:22:33 executing program 4:
r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x3800004, 0x10, r0, 0x0)
open_tree(r0, &(0x7f0000000300)='./file0\x00', 0x9801)

08:22:33 executing program 1:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x76dc)
connect$inet6(r0, &(0x7f0000000340)={0xa, 0x0, 0x0, @empty}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000002c0), 0x4)
setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x2, &(0x7f0000000300)=@ccm_128={{}, "7873c5e679ef1971", "40945582c68f5712ab534e2bdc588d7f", "b92aadcc", "8d011208037a02a9"}, 0x28)
setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x1, &(0x7f0000000000)=@gcm_128={{0x303, 0x35}, "a16611e93404730a", "f4e8b7a124a6848b63b95cc291fb012d", "a47968af", "734ce308f6c7fb4a"}, 0x28)

08:22:34 executing program 4:
r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x3800004, 0x12, 0xffffffffffffffff, 0x0)
open_tree(r0, &(0x7f0000000300)='./file0\x00', 0x9801)

08:22:34 executing program 0:
perf_event_open(&(0x7f0000000640)={0x2, 0x80, 0xd7, 0x0, 0x0, 0x0, 0x0, 0x2000000000, 0xa40a1, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x10000, 0x0, 0x0, 0x3, 0x1, 0xffffff7c, 0x3, 0x0, 0x2cf6ca54, 0x0, 0x7}, 0x0, 0x2, 0xffffffffffffffff, 0xb)
mmap$perf(&(0x7f0000c00000/0x400000)=nil, 0x400000, 0x3000002, 0x40032, 0xffffffffffffffff, 0x0)
mlock2(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0)
mlock2(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0)
r0 = fork()
r1 = userfaultfd(0x80000)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x543c04, 0x0)
r3 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r4 = dup3(r2, r3, 0x0)
write$binfmt_script(r1, &(0x7f0000000280)=ANY=[@ANYRESOCT=r3, @ANYRES32, @ANYRESOCT, @ANYRESDEC, @ANYRESHEX=r4, @ANYRESDEC=r2], 0x9f)
munlock(&(0x7f0000ef1000/0x2000)=nil, 0x2000)
syz_io_uring_setup(0x2e00, &(0x7f0000000340)={0x0, 0xc9ba, 0x20, 0xfffffffd, 0x2000037d}, &(0x7f0000ff3000/0x4000)=nil, &(0x7f0000eee000/0x8000)=nil, &(0x7f00000001c0), &(0x7f00000003c0))
mlock2(&(0x7f0000d03000/0x1000)=nil, 0x1000, 0x1)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000080)='freezer.parent_freezing\x00', 0x0, 0x0)
move_pages(r0, 0x2, &(0x7f0000000300)=[&(0x7f0000ffd000/0x1000)=nil, &(0x7f0000f10000/0x3000)=nil], &(0x7f00000000c0), &(0x7f0000000000), 0x0)
socket$caif_seqpacket(0x25, 0x5, 0x0)
get_robust_list(r0, &(0x7f0000000180)=&(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000000c0)}}, &(0x7f0000000200)=0xc)

08:22:34 executing program 1:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x76dc)
connect$inet6(r0, &(0x7f0000000340)={0xa, 0x0, 0x0, @empty}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000002c0), 0x4)
setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x2, &(0x7f0000000300)=@ccm_128={{0x303}, "7873c5e679ef1971", "40945582c68f5712ab534e2bdc588d7f", "b92aadcc", "8d011208037a02a9"}, 0x28)
setsockopt$inet6_tcp_TLS_TX(0xffffffffffffffff, 0x11a, 0x1, &(0x7f0000000000)=@gcm_128={{0x303, 0x35}, "a16611e93404730a", "f4e8b7a124a6848b63b95cc291fb012d", "a47968af", "734ce308f6c7fb4a"}, 0x28)

08:22:34 executing program 2:
syz_open_procfs(0x0, &(0x7f0000000040)='mounts\x00')
syz_open_procfs(0x0, &(0x7f0000000000)='mountstats\x00')
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000040)={r1})
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000))
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000001c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1003]})
ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000140)={[{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}]})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000056f000/0x18000)=nil, &(0x7f0000000080)=[@text32={0x20, &(0x7f00000000c0)="66ba4000b0c2ee66bad104b829280000efea0e0000000a00b8050000000f23d80f21f835c00000a00f23f8653e65f30f21c62e0fae2b0f01c2b8060000000f23d00f21f835200000000f23f8c4c3a1cf830000000002d9f7", 0x58}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

08:22:34 executing program 3:
perf_event_open(&(0x7f0000000340)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={0x0}, 0x10)
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
creat(0x0, 0x0)
write$P9_RREADDIR(r0, &(0x7f00000005c0)=ANY=[@ANYRESDEC], 0xbf)
sendfile(r0, r0, &(0x7f0000000240), 0x7ffb)

08:22:34 executing program 1:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x76dc)
connect$inet6(r0, &(0x7f0000000340)={0xa, 0x0, 0x0, @empty}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000002c0), 0x4)
setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x2, &(0x7f0000000300)=@ccm_128={{0x303}, "7873c5e679ef1971", "40945582c68f5712ab534e2bdc588d7f", "b92aadcc", "8d011208037a02a9"}, 0x28)
setsockopt$inet6_tcp_TLS_TX(0xffffffffffffffff, 0x11a, 0x1, &(0x7f0000000000)=@gcm_128={{0x303, 0x35}, "a16611e93404730a", "f4e8b7a124a6848b63b95cc291fb012d", "a47968af", "734ce308f6c7fb4a"}, 0x28)

08:22:34 executing program 4:
r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x3800004, 0x12, 0xffffffffffffffff, 0x0)
open_tree(r0, &(0x7f0000000300)='./file0\x00', 0x9801)

08:22:34 executing program 0:
perf_event_open(&(0x7f0000000640)={0x2, 0x80, 0xd7, 0x0, 0x0, 0x0, 0x0, 0x2000000000, 0xa40a1, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x10000, 0x0, 0x0, 0x3, 0x1, 0xffffff7c, 0x3, 0x0, 0x2cf6ca54, 0x0, 0x7}, 0x0, 0x2, 0xffffffffffffffff, 0xb)
mmap$perf(&(0x7f0000c00000/0x400000)=nil, 0x400000, 0x3000002, 0x40032, 0xffffffffffffffff, 0x0)
mlock2(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0)
mlock2(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0)
r0 = fork()
r1 = userfaultfd(0x80000)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x543c04, 0x0)
r3 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r4 = dup3(r2, r3, 0x0)
write$binfmt_script(r1, &(0x7f0000000280)=ANY=[@ANYRES32=r2, @ANYRESOCT, @ANYRESDEC, @ANYRESHEX=r4, @ANYRESDEC=r2], 0x9f)
munlock(&(0x7f0000ef1000/0x2000)=nil, 0x2000)
syz_io_uring_setup(0x2e00, &(0x7f0000000340)={0x0, 0xc9ba, 0x20, 0xfffffffd, 0x2000037d}, &(0x7f0000ff3000/0x4000)=nil, &(0x7f0000eee000/0x8000)=nil, &(0x7f00000001c0), &(0x7f00000003c0))
mlock2(&(0x7f0000d03000/0x1000)=nil, 0x1000, 0x1)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000080)='freezer.parent_freezing\x00', 0x0, 0x0)
move_pages(r0, 0x2, &(0x7f0000000300)=[&(0x7f0000ffd000/0x1000)=nil, &(0x7f0000f10000/0x3000)=nil], &(0x7f00000000c0), &(0x7f0000000000), 0x0)
socket$caif_seqpacket(0x25, 0x5, 0x0)
get_robust_list(r0, &(0x7f0000000180)=&(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000000c0)}}, &(0x7f0000000200)=0xc)

08:22:34 executing program 5:
mkdir(&(0x7f0000000600)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='cpuset\x00', 0x0, 0x0)
setxattr$incfs_metadata(&(0x7f0000000280)='./file0\x00', &(0x7f00000002c0), 0x0, 0x0, 0x0)
openat$cgroup_int(0xffffffffffffffff, 0x0, 0x2, 0x0)

08:22:34 executing program 1:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x76dc)
connect$inet6(r0, &(0x7f0000000340)={0xa, 0x0, 0x0, @empty}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000002c0), 0x4)
setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x2, &(0x7f0000000300)=@ccm_128={{0x303}, "7873c5e679ef1971", "40945582c68f5712ab534e2bdc588d7f", "b92aadcc", "8d011208037a02a9"}, 0x28)
setsockopt$inet6_tcp_TLS_TX(0xffffffffffffffff, 0x11a, 0x1, &(0x7f0000000000)=@gcm_128={{0x303, 0x35}, "a16611e93404730a", "f4e8b7a124a6848b63b95cc291fb012d", "a47968af", "734ce308f6c7fb4a"}, 0x28)

08:22:34 executing program 4:
r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x3800004, 0x12, 0xffffffffffffffff, 0x0)
open_tree(r0, &(0x7f0000000300)='./file0\x00', 0x9801)

08:22:34 executing program 2:
syz_open_procfs(0x0, &(0x7f0000000040)='mounts\x00')
syz_open_procfs(0x0, &(0x7f0000000000)='mountstats\x00')
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000040)={r1})
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000))
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000001c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1003]})
ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000140)={[{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}]})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000056f000/0x18000)=nil, &(0x7f0000000080)=[@text32={0x20, &(0x7f00000000c0)="66ba4000b0c2ee66bad104b829280000efea0e0000000a00b8050000000f23d80f21f835c00000a00f23f8653e65f30f21c62e0fae2b0f01c2b8060000000f23d00f21f835200000000f23f8c4c3a1cf830000000002d9f7", 0x58}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

08:22:34 executing program 0:
perf_event_open(&(0x7f0000000640)={0x2, 0x80, 0xd7, 0x0, 0x0, 0x0, 0x0, 0x2000000000, 0xa40a1, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x10000, 0x0, 0x0, 0x3, 0x1, 0xffffff7c, 0x3, 0x0, 0x2cf6ca54, 0x0, 0x7}, 0x0, 0x2, 0xffffffffffffffff, 0xb)
mmap$perf(&(0x7f0000c00000/0x400000)=nil, 0x400000, 0x3000002, 0x40032, 0xffffffffffffffff, 0x0)
mlock2(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0)
mlock2(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0)
r0 = fork()
r1 = userfaultfd(0x80000)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x543c04, 0x0)
r3 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r4 = dup3(r2, r3, 0x0)
write$binfmt_script(r1, &(0x7f0000000280)=ANY=[@ANYRES32=r2, @ANYRESOCT, @ANYRESDEC, @ANYRESHEX=r4, @ANYRESDEC=r2], 0x9f)
munlock(&(0x7f0000ef1000/0x2000)=nil, 0x2000)
syz_io_uring_setup(0x2e00, &(0x7f0000000340)={0x0, 0xc9ba, 0x20, 0xfffffffd, 0x2000037d}, &(0x7f0000ff3000/0x4000)=nil, &(0x7f0000eee000/0x8000)=nil, &(0x7f00000001c0), &(0x7f00000003c0))
mlock2(&(0x7f0000d03000/0x1000)=nil, 0x1000, 0x1)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000080)='freezer.parent_freezing\x00', 0x0, 0x0)
move_pages(r0, 0x2, &(0x7f0000000300)=[&(0x7f0000ffd000/0x1000)=nil, &(0x7f0000f10000/0x3000)=nil], &(0x7f00000000c0), &(0x7f0000000000), 0x0)
socket$caif_seqpacket(0x25, 0x5, 0x0)
get_robust_list(r0, &(0x7f0000000180)=&(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000000c0)}}, &(0x7f0000000200)=0xc)

08:22:34 executing program 1:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x76dc)
connect$inet6(r0, &(0x7f0000000340)={0xa, 0x0, 0x0, @empty}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000002c0), 0x4)
setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x2, &(0x7f0000000300)=@ccm_128={{0x303}, "7873c5e679ef1971", "40945582c68f5712ab534e2bdc588d7f", "b92aadcc", "8d011208037a02a9"}, 0x28)
setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x1, 0x0, 0x0)

08:22:34 executing program 4:
r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x3800004, 0x12, r0, 0x0)
open_tree(0xffffffffffffffff, &(0x7f0000000300)='./file0\x00', 0x9801)

[  453.724688][T15725] new mount options do not match the existing superblock, will be ignored
[  453.754455][T15725] new mount options do not match the existing superblock, will be ignored
08:22:34 executing program 1:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x76dc)
connect$inet6(r0, &(0x7f0000000340)={0xa, 0x0, 0x0, @empty}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000002c0), 0x4)
setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x2, &(0x7f0000000300)=@ccm_128={{0x303}, "7873c5e679ef1971", "40945582c68f5712ab534e2bdc588d7f", "b92aadcc", "8d011208037a02a9"}, 0x28)
setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x1, 0x0, 0x0)

08:22:35 executing program 3:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
sendmsg$kcm(0xffffffffffffffff, &(0x7f00000016c0)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f00000001c0)="0f85b95493c1b7d9635bd03bc6f8ab95c64d78ccc9c6f527ca6d68ecb19f610e8a9ea6797bb161ef54771c60ae2c6964c8f5ee6f1b31d2e7398383556362642df62bdd29df240445ace5ffac6c364db8eb1546a3dcae28128142808cd62c8a0e0b0c7da8091f75878ecf9ac6527382c14f2931ace35bc7ad2035110418e6ee2296ffdc6ac68c2762d155547da62f2e60bbaefed48e119886abc46fdd968d26f3b6192730647a6e8ab6cccee6e6bd20d3b6f35bca3fc49a03633a2a59b7baf22f9968ee10501ee3a42244142737a7c1a041f2c3d4af72d6fc0f8ddcee9138174db74d71b907ccd878e2465a87339357b14ad7f514bbcdda2b5a1c889ca862bf8be69464a10470c312474e408eedfc2988381f86b6cf8038a55b6bd84d1761b9aeb8b0a924913ccdb9ebfc0345ed9019dad0d2e530bcc47aefe3b46deb429868998322557d882111d1aaff6b086ad1313d962b04302bcbe5173a75fc3bd34b0535f5638d8b22fe6a7c9c7cde55eeec262873c07b825b35734740a11ba5f5895832f1f1c63f830ffa2569aabbcb70190ad056d36b845816603602", 0x199}], 0x1}, 0x0)
r1 = openat$sequencer(0xffffffffffffff9c, &(0x7f00000019c0), 0x1, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000440)={0x0, 0x4}, 0x10}, 0x78)
write$sndseq(r1, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @quote}], 0xff33)

08:22:35 executing program 5:
mkdir(&(0x7f00000000c0)='./file1\x00', 0x0)
mount$overlay(0x0, &(0x7f0000000100)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000440)={[{@metacopy_off}]})

08:22:35 executing program 0:
perf_event_open(&(0x7f0000000640)={0x2, 0x80, 0xd7, 0x0, 0x0, 0x0, 0x0, 0x2000000000, 0xa40a1, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x10000, 0x0, 0x0, 0x3, 0x1, 0xffffff7c, 0x3, 0x0, 0x2cf6ca54, 0x0, 0x7}, 0x0, 0x2, 0xffffffffffffffff, 0xb)
mmap$perf(&(0x7f0000c00000/0x400000)=nil, 0x400000, 0x3000002, 0x40032, 0xffffffffffffffff, 0x0)
mlock2(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0)
mlock2(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0)
r0 = fork()
r1 = userfaultfd(0x80000)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x543c04, 0x0)
r3 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r4 = dup3(r2, r3, 0x0)
write$binfmt_script(r1, &(0x7f0000000280)=ANY=[@ANYRES32=r2, @ANYRESOCT, @ANYRESDEC, @ANYRESHEX=r4, @ANYRESDEC=r2], 0x9f)
munlock(&(0x7f0000ef1000/0x2000)=nil, 0x2000)
syz_io_uring_setup(0x2e00, &(0x7f0000000340)={0x0, 0xc9ba, 0x20, 0xfffffffd, 0x2000037d}, &(0x7f0000ff3000/0x4000)=nil, &(0x7f0000eee000/0x8000)=nil, &(0x7f00000001c0), &(0x7f00000003c0))
mlock2(&(0x7f0000d03000/0x1000)=nil, 0x1000, 0x1)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000080)='freezer.parent_freezing\x00', 0x0, 0x0)
move_pages(r0, 0x2, &(0x7f0000000300)=[&(0x7f0000ffd000/0x1000)=nil, &(0x7f0000f10000/0x3000)=nil], &(0x7f00000000c0), &(0x7f0000000000), 0x0)
socket$caif_seqpacket(0x25, 0x5, 0x0)
get_robust_list(r0, &(0x7f0000000180)=&(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000000c0)}}, &(0x7f0000000200)=0xc)

08:22:35 executing program 4:
r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x3800004, 0x12, r0, 0x0)
open_tree(0xffffffffffffffff, &(0x7f0000000300)='./file0\x00', 0x9801)

08:22:35 executing program 2:
syz_open_procfs(0x0, &(0x7f0000000040)='mounts\x00')
syz_open_procfs(0x0, &(0x7f0000000000)='mountstats\x00')
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000040)={r1})
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000))
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000001c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1003]})
ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000140)={[{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}]})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000056f000/0x18000)=nil, &(0x7f0000000080)=[@text32={0x20, &(0x7f00000000c0)="66ba4000b0c2ee66bad104b829280000efea0e0000000a00b8050000000f23d80f21f835c00000a00f23f8653e65f30f21c62e0fae2b0f01c2b8060000000f23d00f21f835200000000f23f8c4c3a1cf830000000002d9f7", 0x58}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

08:22:35 executing program 1:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x76dc)
connect$inet6(r0, &(0x7f0000000340)={0xa, 0x0, 0x0, @empty}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000002c0), 0x4)
setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x2, &(0x7f0000000300)=@ccm_128={{0x303}, "7873c5e679ef1971", "40945582c68f5712ab534e2bdc588d7f", "b92aadcc", "8d011208037a02a9"}, 0x28)
setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x1, 0x0, 0x0)

[  454.249199][T15758] overlayfs: missing 'lowerdir'
08:22:35 executing program 4:
r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x3800004, 0x12, r0, 0x0)
open_tree(0xffffffffffffffff, &(0x7f0000000300)='./file0\x00', 0x9801)

08:22:35 executing program 1:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x76dc)
connect$inet6(r0, &(0x7f0000000340)={0xa, 0x0, 0x0, @empty}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000002c0), 0x4)
setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x2, &(0x7f0000000300)=@ccm_128={{0x303}, "7873c5e679ef1971", "40945582c68f5712ab534e2bdc588d7f", "b92aadcc", "8d011208037a02a9"}, 0x28)
setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x1, &(0x7f0000000000)=@gcm_128={{0x0, 0x35}, "a16611e93404730a", "f4e8b7a124a6848b63b95cc291fb012d", "a47968af", "734ce308f6c7fb4a"}, 0x28)

08:22:35 executing program 0:
perf_event_open(&(0x7f0000000640)={0x2, 0x80, 0xd7, 0x0, 0x0, 0x0, 0x0, 0x2000000000, 0xa40a1, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x10000, 0x0, 0x0, 0x3, 0x1, 0xffffff7c, 0x3, 0x0, 0x2cf6ca54, 0x0, 0x7}, 0x0, 0x2, 0xffffffffffffffff, 0xb)
mmap$perf(&(0x7f0000c00000/0x400000)=nil, 0x400000, 0x3000002, 0x40032, 0xffffffffffffffff, 0x0)
mlock2(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0)
mlock2(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0)
r0 = fork()
r1 = userfaultfd(0x80000)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x543c04, 0x0)
r3 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r4 = dup3(r2, r3, 0x0)
write$binfmt_script(r1, &(0x7f0000000280)=ANY=[@ANYRESOCT, @ANYRES32=r2, @ANYRESOCT, @ANYRESDEC, @ANYRESHEX=r4, @ANYRESDEC=r2], 0x9f)
munlock(&(0x7f0000ef1000/0x2000)=nil, 0x2000)
syz_io_uring_setup(0x2e00, &(0x7f0000000340)={0x0, 0xc9ba, 0x20, 0xfffffffd, 0x2000037d}, &(0x7f0000ff3000/0x4000)=nil, &(0x7f0000eee000/0x8000)=nil, &(0x7f00000001c0), &(0x7f00000003c0))
mlock2(&(0x7f0000d03000/0x1000)=nil, 0x1000, 0x1)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000080)='freezer.parent_freezing\x00', 0x0, 0x0)
move_pages(r0, 0x2, &(0x7f0000000300)=[&(0x7f0000ffd000/0x1000)=nil, &(0x7f0000f10000/0x3000)=nil], &(0x7f00000000c0), &(0x7f0000000000), 0x0)
socket$caif_seqpacket(0x25, 0x5, 0x0)
get_robust_list(r0, &(0x7f0000000180)=&(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000000c0)}}, &(0x7f0000000200)=0xc)

08:22:35 executing program 5:
clone(0x3a3dd4008480af01, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000000)={&(0x7f0000ff8000/0x3000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000002000/0x3000)=nil, &(0x7f0000003000/0x2000)=nil, &(0x7f0000007000/0x3000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000032000/0x4000)=nil, &(0x7f0000ff9000/0x4000)=nil, 0x0}, 0x68)
r0 = inotify_init1(0x0)
fcntl$setown(r0, 0x8, 0xffffffffffffffff)
fcntl$getownex(r0, 0x10, &(0x7f0000000100)={0x0, <r1=>0x0})
process_vm_readv(r1, &(0x7f0000000180)=[{&(0x7f00000013c0)=""/4096, 0x1000}], 0x1, &(0x7f00000025c0)=[{&(0x7f00000012c0)=""/253, 0xfd}], 0x1, 0x0)

08:22:35 executing program 2:
syz_open_procfs(0x0, &(0x7f0000000040)='mounts\x00')
syz_open_procfs(0x0, &(0x7f0000000000)='mountstats\x00')
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000040)={r1})
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000140)={[{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}]})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000056f000/0x18000)=nil, &(0x7f0000000080)=[@text32={0x20, &(0x7f00000000c0)="66ba4000b0c2ee66bad104b829280000efea0e0000000a00b8050000000f23d80f21f835c00000a00f23f8653e65f30f21c62e0fae2b0f01c2b8060000000f23d00f21f835200000000f23f8c4c3a1cf830000000002d9f7", 0x58}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

08:22:35 executing program 3:
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
read(r0, &(0x7f0000000080)=""/232, 0xe8)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r0, 0x4040534e, &(0x7f0000000040)={0x1})
ioctl$SNDRV_SEQ_IOCTL_QUERY_SUBS(r0, 0xc0a85322, &(0x7f0000000180))
timer_create(0x0, &(0x7f0000000500)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000080))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x14}, &(0x7f0000000040)=<r1=>0x0)
timer_settime(r1, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)

08:22:35 executing program 1:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x76dc)
connect$inet6(r0, &(0x7f0000000340)={0xa, 0x0, 0x0, @empty}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000002c0), 0x4)
setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x2, &(0x7f0000000300)=@ccm_128={{0x303}, "7873c5e679ef1971", "40945582c68f5712ab534e2bdc588d7f", "b92aadcc", "8d011208037a02a9"}, 0x28)
setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x1, &(0x7f0000000000)=@gcm_128={{0x0, 0x35}, "a16611e93404730a", "f4e8b7a124a6848b63b95cc291fb012d", "a47968af", "734ce308f6c7fb4a"}, 0x28)

08:22:35 executing program 4:
r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x3800004, 0x12, r0, 0x0)
open_tree(r0, 0x0, 0x9801)

08:22:35 executing program 5:
clone(0x3a3dd4008480af01, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000000)={&(0x7f0000ff8000/0x3000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000002000/0x3000)=nil, &(0x7f0000003000/0x2000)=nil, &(0x7f0000007000/0x3000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000032000/0x4000)=nil, &(0x7f0000ff9000/0x4000)=nil, 0x0}, 0x68)
r0 = inotify_init1(0x0)
fcntl$setown(r0, 0x8, 0xffffffffffffffff)
fcntl$getownex(r0, 0x10, &(0x7f0000000100)={0x0, <r1=>0x0})
process_vm_readv(r1, &(0x7f0000000180)=[{&(0x7f00000013c0)=""/4096, 0x1000}], 0x1, &(0x7f00000025c0)=[{&(0x7f00000012c0)=""/253, 0xfd}], 0x1, 0x0)

[  454.497498][T15777] ptrace attach of "/root/syz-executor.5"[6858] was attempted by ""[15777]
[  454.520648][T15778] ptrace attach of "/root/syz-executor.5"[6858] was attempted by ""[15778]
08:22:35 executing program 0:
perf_event_open(&(0x7f0000000640)={0x2, 0x80, 0xd7, 0x0, 0x0, 0x0, 0x0, 0x2000000000, 0xa40a1, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x10000, 0x0, 0x0, 0x3, 0x1, 0xffffff7c, 0x3, 0x0, 0x2cf6ca54, 0x0, 0x7}, 0x0, 0x2, 0xffffffffffffffff, 0xb)
mmap$perf(&(0x7f0000c00000/0x400000)=nil, 0x400000, 0x3000002, 0x40032, 0xffffffffffffffff, 0x0)
mlock2(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0)
mlock2(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0)
r0 = fork()
r1 = userfaultfd(0x80000)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x543c04, 0x0)
r3 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r4 = dup3(r2, r3, 0x0)
write$binfmt_script(r1, &(0x7f0000000280)=ANY=[@ANYRESOCT, @ANYRES32=r2, @ANYRESOCT, @ANYRESDEC, @ANYRESHEX=r4, @ANYRESDEC=r2], 0x9f)
munlock(&(0x7f0000ef1000/0x2000)=nil, 0x2000)
syz_io_uring_setup(0x2e00, &(0x7f0000000340)={0x0, 0xc9ba, 0x20, 0xfffffffd, 0x2000037d}, &(0x7f0000ff3000/0x4000)=nil, &(0x7f0000eee000/0x8000)=nil, &(0x7f00000001c0), &(0x7f00000003c0))
mlock2(&(0x7f0000d03000/0x1000)=nil, 0x1000, 0x1)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000080)='freezer.parent_freezing\x00', 0x0, 0x0)
move_pages(r0, 0x2, &(0x7f0000000300)=[&(0x7f0000ffd000/0x1000)=nil, &(0x7f0000f10000/0x3000)=nil], &(0x7f00000000c0), &(0x7f0000000000), 0x0)
socket$caif_seqpacket(0x25, 0x5, 0x0)
get_robust_list(r0, &(0x7f0000000180)=&(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000000c0)}}, &(0x7f0000000200)=0xc)

08:22:35 executing program 1:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x76dc)
connect$inet6(r0, &(0x7f0000000340)={0xa, 0x0, 0x0, @empty}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000002c0), 0x4)
setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x2, &(0x7f0000000300)=@ccm_128={{0x303}, "7873c5e679ef1971", "40945582c68f5712ab534e2bdc588d7f", "b92aadcc", "8d011208037a02a9"}, 0x28)
setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x1, &(0x7f0000000000)=@gcm_128={{0x0, 0x35}, "a16611e93404730a", "f4e8b7a124a6848b63b95cc291fb012d", "a47968af", "734ce308f6c7fb4a"}, 0x28)

[  454.658133][T15795] ptrace attach of "/root/syz-executor.5"[6858] was attempted by ""[15795]
08:22:35 executing program 2:
syz_open_procfs(0x0, &(0x7f0000000040)='mounts\x00')
syz_open_procfs(0x0, &(0x7f0000000000)='mountstats\x00')
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000040)={r1})
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000140)={[{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}]})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000056f000/0x18000)=nil, &(0x7f0000000080)=[@text32={0x20, &(0x7f00000000c0)="66ba4000b0c2ee66bad104b829280000efea0e0000000a00b8050000000f23d80f21f835c00000a00f23f8653e65f30f21c62e0fae2b0f01c2b8060000000f23d00f21f835200000000f23f8c4c3a1cf830000000002d9f7", 0x58}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

08:22:35 executing program 4:
r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x3800004, 0x12, r0, 0x0)
open_tree(r0, 0x0, 0x9801)

08:22:35 executing program 5:
clone(0x3a3dd4008480af01, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000000)={&(0x7f0000ff8000/0x3000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000002000/0x3000)=nil, &(0x7f0000003000/0x2000)=nil, &(0x7f0000007000/0x3000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000032000/0x4000)=nil, &(0x7f0000ff9000/0x4000)=nil, 0x0}, 0x68)
r0 = inotify_init1(0x0)
fcntl$setown(r0, 0x8, 0xffffffffffffffff)
fcntl$getownex(r0, 0x10, &(0x7f0000000100)={0x0, <r1=>0x0})
process_vm_readv(r1, &(0x7f0000000180)=[{&(0x7f00000013c0)=""/4096, 0x1000}], 0x1, &(0x7f00000025c0)=[{&(0x7f00000012c0)=""/253, 0xfd}], 0x1, 0x0)

08:22:35 executing program 0:
perf_event_open(&(0x7f0000000640)={0x2, 0x80, 0xd7, 0x0, 0x0, 0x0, 0x0, 0x2000000000, 0xa40a1, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x10000, 0x0, 0x0, 0x3, 0x1, 0xffffff7c, 0x3, 0x0, 0x2cf6ca54, 0x0, 0x7}, 0x0, 0x2, 0xffffffffffffffff, 0xb)
mmap$perf(&(0x7f0000c00000/0x400000)=nil, 0x400000, 0x3000002, 0x40032, 0xffffffffffffffff, 0x0)
mlock2(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0)
mlock2(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0)
r0 = fork()
r1 = userfaultfd(0x80000)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x543c04, 0x0)
r3 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r4 = dup3(r2, r3, 0x0)
write$binfmt_script(r1, &(0x7f0000000280)=ANY=[@ANYRESOCT, @ANYRES32=r2, @ANYRESOCT, @ANYRESDEC, @ANYRESHEX=r4, @ANYRESDEC=r2], 0x9f)
munlock(&(0x7f0000ef1000/0x2000)=nil, 0x2000)
syz_io_uring_setup(0x2e00, &(0x7f0000000340)={0x0, 0xc9ba, 0x20, 0xfffffffd, 0x2000037d}, &(0x7f0000ff3000/0x4000)=nil, &(0x7f0000eee000/0x8000)=nil, &(0x7f00000001c0), &(0x7f00000003c0))
mlock2(&(0x7f0000d03000/0x1000)=nil, 0x1000, 0x1)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000080)='freezer.parent_freezing\x00', 0x0, 0x0)
move_pages(r0, 0x2, &(0x7f0000000300)=[&(0x7f0000ffd000/0x1000)=nil, &(0x7f0000f10000/0x3000)=nil], &(0x7f00000000c0), &(0x7f0000000000), 0x0)
socket$caif_seqpacket(0x25, 0x5, 0x0)
get_robust_list(r0, &(0x7f0000000180)=&(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000000c0)}}, &(0x7f0000000200)=0xc)

08:22:35 executing program 4:
r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x3800004, 0x12, r0, 0x0)
open_tree(r0, 0x0, 0x9801)

[  454.845523][T15810] ptrace attach of "/root/syz-executor.5"[6858] was attempted by ""[15810]
08:22:35 executing program 5:
syz_mount_image$tmpfs(&(0x7f0000000000), &(0x7f00000001c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000080)=ANY=[@ANYBLOB="6d706f6c3d64656661756c6166f655fd9b13fbb8a1a0ac743a362d33", @ANYRESDEC=0xee00])

[  455.002382][T15824] tmpfs: Bad value for 'mpol'
[  455.017482][T15824] tmpfs: Bad value for 'mpol'
08:22:36 executing program 3:
r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0)
write$cgroup_type(r0, &(0x7f0000000180), 0x2d1ee37)
clone(0x20001000104, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r1 = gettid()
prctl$PR_SET_PTRACER(0x59616d61, r1)
mount(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0)
ptrace$setopts(0x4206, r1, 0x0, 0x0)
tkill(r1, 0x2c)
truncate(&(0x7f00000001c0)='./file0\x00', 0x0)

08:22:36 executing program 1:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
write$cgroup_type(r0, &(0x7f0000000080), 0xfffffe58)
rename(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='./file2\x00')

08:22:36 executing program 2:
syz_open_procfs(0x0, &(0x7f0000000040)='mounts\x00')
syz_open_procfs(0x0, &(0x7f0000000000)='mountstats\x00')
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000040)={r1})
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000140)={[{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}]})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000056f000/0x18000)=nil, &(0x7f0000000080)=[@text32={0x20, &(0x7f00000000c0)="66ba4000b0c2ee66bad104b829280000efea0e0000000a00b8050000000f23d80f21f835c00000a00f23f8653e65f30f21c62e0fae2b0f01c2b8060000000f23d00f21f835200000000f23f8c4c3a1cf830000000002d9f7", 0x58}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

08:22:36 executing program 4:
r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x3800004, 0x12, r0, 0x0)
open_tree(r0, &(0x7f0000000300)='./file0\x00', 0x0)

08:22:36 executing program 0:
perf_event_open(&(0x7f0000000640)={0x2, 0x80, 0xd7, 0x0, 0x0, 0x0, 0x0, 0x2000000000, 0xa40a1, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x10000, 0x0, 0x0, 0x3, 0x1, 0xffffff7c, 0x3, 0x0, 0x2cf6ca54, 0x0, 0x7}, 0x0, 0x2, 0xffffffffffffffff, 0xb)
mmap$perf(&(0x7f0000c00000/0x400000)=nil, 0x400000, 0x3000002, 0x40032, 0xffffffffffffffff, 0x0)
mlock2(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0)
mlock2(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0)
r0 = fork()
r1 = userfaultfd(0x80000)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x543c04, 0x0)
r3 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r4 = dup3(r2, r3, 0x0)
write$binfmt_script(r1, &(0x7f0000000280)=ANY=[@ANYRESOCT=r3, @ANYRES32=r2, @ANYRESOCT, @ANYRESDEC, @ANYRESHEX=r4, @ANYRESDEC=r2], 0x9f)
munlock(&(0x7f0000ef1000/0x2000)=nil, 0x2000)
syz_io_uring_setup(0x0, &(0x7f0000000340)={0x0, 0xc9ba, 0x20, 0xfffffffd, 0x2000037d}, &(0x7f0000ff3000/0x4000)=nil, &(0x7f0000eee000/0x8000)=nil, &(0x7f00000001c0), &(0x7f00000003c0))
mlock2(&(0x7f0000d03000/0x1000)=nil, 0x1000, 0x1)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000080)='freezer.parent_freezing\x00', 0x0, 0x0)
move_pages(r0, 0x2, &(0x7f0000000300)=[&(0x7f0000ffd000/0x1000)=nil, &(0x7f0000f10000/0x3000)=nil], &(0x7f00000000c0), &(0x7f0000000000), 0x0)
socket$caif_seqpacket(0x25, 0x5, 0x0)
get_robust_list(r0, &(0x7f0000000180)=&(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000000c0)}}, &(0x7f0000000200)=0xc)

08:22:36 executing program 5:
syz_mount_image$reiserfs(&(0x7f00000000c0), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, &(0x7f0000000000), 0x0, &(0x7f0000000040)={[{@grpjquota, 0x3d}], [{@pcr}]})

08:22:36 executing program 4:
r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x3800004, 0x12, r0, 0x0)
open_tree(r0, &(0x7f0000000300)='./file0\x00', 0x0)

[  455.658881][T15843] REISERFS warning (device loop5): super-6502 reiserfs_getopt: unknown mount option ""
08:22:36 executing program 0:
perf_event_open(&(0x7f0000000640)={0x2, 0x80, 0xd7, 0x0, 0x0, 0x0, 0x0, 0x2000000000, 0xa40a1, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x10000, 0x0, 0x0, 0x3, 0x1, 0xffffff7c, 0x3, 0x0, 0x2cf6ca54, 0x0, 0x7}, 0x0, 0x2, 0xffffffffffffffff, 0xb)
mmap$perf(&(0x7f0000c00000/0x400000)=nil, 0x400000, 0x3000002, 0x40032, 0xffffffffffffffff, 0x0)
mlock2(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0)
mlock2(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0)
r0 = fork()
r1 = userfaultfd(0x80000)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x543c04, 0x0)
r3 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r4 = dup3(r2, r3, 0x0)
write$binfmt_script(r1, &(0x7f0000000280)=ANY=[@ANYRESOCT=r3, @ANYRES32=r2, @ANYRESOCT, @ANYRESDEC, @ANYRESHEX=r4, @ANYRESDEC=r2], 0x9f)
munlock(&(0x7f0000ef1000/0x2000)=nil, 0x2000)
syz_io_uring_setup(0x0, &(0x7f0000000340)={0x0, 0xc9ba, 0x20, 0xfffffffd, 0x2000037d}, &(0x7f0000ff3000/0x4000)=nil, &(0x7f0000eee000/0x8000)=nil, &(0x7f00000001c0), &(0x7f00000003c0))
mlock2(&(0x7f0000d03000/0x1000)=nil, 0x1000, 0x1)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000080)='freezer.parent_freezing\x00', 0x0, 0x0)
move_pages(r0, 0x2, &(0x7f0000000300)=[&(0x7f0000ffd000/0x1000)=nil, &(0x7f0000f10000/0x3000)=nil], &(0x7f00000000c0), &(0x7f0000000000), 0x0)
socket$caif_seqpacket(0x25, 0x5, 0x0)
get_robust_list(r0, &(0x7f0000000180)=&(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000000c0)}}, &(0x7f0000000200)=0xc)

[  455.840816][T15843] REISERFS warning (device loop5): super-6502 reiserfs_getopt: unknown mount option ""
08:22:36 executing program 2:
syz_open_procfs(0x0, &(0x7f0000000040)='mounts\x00')
syz_open_procfs(0x0, &(0x7f0000000000)='mountstats\x00')
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000040)={r1})
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000001c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1003]})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000140)={[{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}]})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000056f000/0x18000)=nil, &(0x7f0000000080)=[@text32={0x20, &(0x7f00000000c0)="66ba4000b0c2ee66bad104b829280000efea0e0000000a00b8050000000f23d80f21f835c00000a00f23f8653e65f30f21c62e0fae2b0f01c2b8060000000f23d00f21f835200000000f23f8c4c3a1cf830000000002d9f7", 0x58}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

08:22:36 executing program 4:
r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x3800004, 0x12, r0, 0x0)
open_tree(r0, &(0x7f0000000300)='./file0\x00', 0x0)

08:22:36 executing program 5:
syz_mount_image$reiserfs(&(0x7f00000000c0), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, &(0x7f0000000000), 0x0, &(0x7f0000000040)={[{@grpjquota, 0x3d}], [{@pcr}]})

08:22:37 executing program 0:
perf_event_open(&(0x7f0000000640)={0x2, 0x80, 0xd7, 0x0, 0x0, 0x0, 0x0, 0x2000000000, 0xa40a1, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x10000, 0x0, 0x0, 0x3, 0x1, 0xffffff7c, 0x3, 0x0, 0x2cf6ca54, 0x0, 0x7}, 0x0, 0x2, 0xffffffffffffffff, 0xb)
mmap$perf(&(0x7f0000c00000/0x400000)=nil, 0x400000, 0x3000002, 0x40032, 0xffffffffffffffff, 0x0)
mlock2(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0)
mlock2(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0)
r0 = fork()
r1 = userfaultfd(0x80000)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x543c04, 0x0)
r3 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r4 = dup3(r2, r3, 0x0)
write$binfmt_script(r1, &(0x7f0000000280)=ANY=[@ANYRESOCT=r3, @ANYRES32=r2, @ANYRESOCT, @ANYRESDEC, @ANYRESHEX=r4, @ANYRESDEC=r2], 0x9f)
munlock(&(0x7f0000ef1000/0x2000)=nil, 0x2000)
syz_io_uring_setup(0x0, &(0x7f0000000340)={0x0, 0xc9ba, 0x20, 0xfffffffd, 0x2000037d}, &(0x7f0000ff3000/0x4000)=nil, &(0x7f0000eee000/0x8000)=nil, &(0x7f00000001c0), &(0x7f00000003c0))
mlock2(&(0x7f0000d03000/0x1000)=nil, 0x1000, 0x1)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000080)='freezer.parent_freezing\x00', 0x0, 0x0)
move_pages(r0, 0x2, &(0x7f0000000300)=[&(0x7f0000ffd000/0x1000)=nil, &(0x7f0000f10000/0x3000)=nil], &(0x7f00000000c0), &(0x7f0000000000), 0x0)
socket$caif_seqpacket(0x25, 0x5, 0x0)
get_robust_list(r0, &(0x7f0000000180)=&(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000000c0)}}, &(0x7f0000000200)=0xc)

[  456.300457][T15886] REISERFS warning (device loop5): super-6502 reiserfs_getopt: unknown mount option ""
08:22:39 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000023c0)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000000c0)=[@text64={0x40, &(0x7f0000000000)="4788e548b819cdfeb8000000000f23d80f21f835800000a00f23f8c402fd338302000000123e3664450f01c33cc33c430f795835c74424002d010000c4c27d1d6cd1ce44d8c70f08c744240011000000c744240200000000ff2c2466baf80cb8ba7e6983ef66bafc0caa66b87f008ed8", 0x70}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_SET_NESTED_STATE(r2, 0x4080aebf, &(0x7f0000000280)={{0x0, 0x0, 0xfffffffffffffea7, {0x0, 0xd000}}, "be77f645fa0faab4173328e03e0e9f020bbc798c84be65bf762199e269b6d15af3d542e5a531a895866fbf13910d95e922d6aa84d68924efe5e444b34d9df08a868ae23c677546798d6ec2c17d6e3f87f0d757c2078c9325c641fea9938ba4f20ebb2577f51ba467d973398c7fa94be4e2abd427b7ad4385c63e630090759c2a6c768a973d0b1e7244e494d5925d9d9f40afd544b84d1fdb8de7af279d8700739c11327a76f8bc32743c959d8858b276c211222f40206257be84ddd07b20d8b1de9b5390ba5eaa289c0bfdf6b5636b7acfac5159e2e7759338e06ae00e4b7cf162e45442e3c8395858847e3e28da4ed237027cd849991ab91e6e5dc61b9936de574c3b26a2b0e303386c02ed1bb6a5acaf8a9271e196bc59fb3d7d6a88383d53302680fd8ebd0e75fa67333a6fb9da0333d6f87b3f628136a4b9ec1c2f4cf3d5ec900ec17d48e3f741860d963ec6e629243d06b547374ec3f5a0a8e71cdd67e8f591d68711ba4df1f2fc62d9f54c6f7b8844c8ce569fb7f983a631250e77374780413ab37235afdefb70572e79f35d36406aded61bcf76711aacf325b2ac1f78b4ede1239e36d5d644c7a81cdf6b95a1e3aa6c2f70d889654572d1f88f05e5b2c5f5c37d6570102c2525a9b3fa28a88c83ded573a896239900bd365dc0323d4921c3c96a3dae810479a1ac83b64f0f9b2008eb51832bce90105dab379b3d99f6761d4cf438d92356c563c982938fe83026258aad0a7d9f5eacfa359c68ec271d3ecf9a57d3eec56cb0bcf1bb0adc6c297d6e5b101640d3c5b50bcb54faebed4f850e737b5a2837054bccbecfd1c28e70a967a350d21867ea95b2cdfe55fd3edc6e1f4db06a5e6b77a333af48e92899e074794f3b4687dce6d45cb33433e922b1602e767164dc0e760d14b4c70f304de2cb56ca5ea35719f492480e48b9007e4073a8e02450a93d3932971b32aca283773bbb7974486478d380d8524c0eee27ba19d9c51196494bc3f2c41c1ddc72b0b9d97ca307022baf742cb69b45de669e3224c1eaf4e6ec7bb76f921ad3fd01e1138eda10e945ca95302c1729adf6526041169700a783f767632e99b55eac5e4ebc25b63e11649a31e1dba33445a36b40c7cc7ab6450cb4853c69a9f1eb00d466f6c98f297d3e4882fd4d1a9dff0786cece0dd1b03fd84f982b493349f32e49be255102e7bd1475e25574a992da6907a0e6bce48d4601b51ca05798a0e8b5faa9ed6700902e4626b866b4219e3880277bca07f577def954fdd64e089622ed0eec558759a9b6d3e512b330fa30e31403053a73da1747a7874f5b7a9fbd4c0f9f29a27e795e275c9f6c33d9db7f370f148a790811428b2f96566bd0e2b148997e69b0ffe1a81cb04d43ce6a24ea2a9414b930fa1330153cb20aaae484e515393b9ddf9d029806c35d5e956462b7cc7f1c7995006ffeae1f1ba1daf8d43309198bf444ec82c670800d5dacd600924564931014b1e834a38274c6560784572e6d4bf8c4a5a1ee5edb2f4ea5fa9f07b11d3d1d88b993fa662bc04dfb9ffa9e534f1622efd7f823346aa7e0a988f56be531c73f34439df61f9737cca8b93d2c25695138c70c469298c3a114c89a8c3409d4dc18e7bd0158631d0b936823a6dda814ed50f83862058d1ecc19b2e1195c910edb5e7164fbd403de0beb5d7feec901a5a373afa1162be95f0e71e50d479e33494d7c98c1cb2ac886c81610678923685fa9f5fff2584c89130b7d2ac78317e531bb2fcade76520cf8bec450e31eebfa5ae2f78587c572d36d56a69cf3f2cc9e15b77c11877d27e8af0196902d7f94646f0294b4507ae4461397ef21b24a2142f740460e1eb1935cbaccd14f71f21d6fb7144de99154f037cf31e9f30da3c935950c7d1c859096d44b57e7bd37147304b2fe51ab63ca7c4031c1f07913c8a894a6b0573886d7a0a62cd20a0f433e541a43808465eb82af5bb9c819a74bed83cf91aa180442c28b9f4d69dd7e728c7734dd3bd3e277e67e96ab9f09e083c0a6e42fe2bc5dcae9a2deddb7f763e62b0d8adacc00af734bb9e978c160600611c83309468a2f942f5d2c9f7cafc97dae2f542ef33be39952fa70ee3e2ecb3105c1a490db73fcf46a3645de10e1cb335ea604f41d10b723872c26f20a71f44b1301fffd601c6a609e0d195bbcb1203cd23fdb3e3f59fa8ae5a484881c34706bacb6a479fa7c9cc6920613dd6903bf046493bac060f046efc6ce43aafe9a3b735c1cb283714548fdc16a2ce9d9dccd77f3b8037132ec1b1f1d965932a9ec4b20efe1f2212c94511b61799b5bd29be84e47d1c1209af544bb4c4820b4897fe00fd583b8ae5394354d1f2532d0801f202ba31bf01a896ebea5302167cf9b0ed71e793d9572fac48d75724caa57f99ba9db2113f5fa52d19356ed1d0c85bd60805952113e521a01444d6a6a502144691a9d32363284410e967626c720cdb3444a56b1b7043047dbf8e5f1b5177c82a651710eaed591e1d4ac5ffaf85411f7c3c3e58fefb5e0528f74b3f78a0b31de68f1e31415a7a37010be818b886c28cca1bf68db068929eb711bc6b4ae2a4c9f2c9bf98f15164e6ef96ef4121c191e5a94ca431b49c475f02acebc42d2c6026e4f7d595e5677947bf6cc0d6f95d7838f76cfc04492cebaed4374984706465ac83a1acbb55450f5b5e1e4cc00a88c334af44d337089c80167a813f54fa903ec85d8f1d22c443bcdfb3d268a3e57f563b9732cc3f5d8b1fd98a6f44e3b056cbeb65946ec917ef093c3a62757f2b27e6b4873ae7183b5cabba8c3576af69449df90cda4bfad6c54bed67fecc6fdc624183aecb5072002c8dc9d45505901c61489ab31b7d6cde6943f042953df648861b68663291117f3deb74d3f9e9501d9d50b095baaeef21aca82e00203c06ce103cc923e6f02ab481eed2da0a4eedeb827e9d7961f6d972f347c649e706dc0259d697a6a5ea1ba33a6f2c16beed92b58fa290026c728e91f3de285a74e56e968c5d174639a915b5e53d7b1e5566b1a89f09434afb2a2ff1fd00d13e7ce5a3dcb8e628f39a6c6825acd4b7152a777d21485f6360af8b1c62a4a29f2ad98d9c393530187c14b4defdfc8ac12433be7f56a40ce4087eb1f7cf949e4e9b3c612e4953716ab027a36ce839f1d2815c289d08e0e500630c2f54344d6549b9645a4b31648d25f71dc7a43651aa8530ccd0cec2f96a4385b185823111c514b5beb817a98824f301462598f03919ec52c0fdf5a522f3e4b250ded3089e0958bb20e5f936c8ab4fc00316ce483254f6e2abc024835acdba239decc60fcc316cbb5fe85db2e22ecd1259c607b575d836222d7a21f0fccdc6d4f90c487c66dcbe9d17f6af2edc30b57189f009072fa5b46e1f49aa33a6546aea60202c4e77066e2f487b2bd36f3178ea888488ae52fad830868172d8f2b3335db98a83c45e047ba93eb32e08a014d13fb8b9f3b54c16adaac8a95c250051baaa3667343a3df51ab7dccedcf4410482fb24ab337285d4c0d182bf00050c5cd2f8a1f7954fe0ce1c2325dc159445464327f0c463dfdae8c944db603ceab504409be7e3316e679960b63e1935018641f0d30d40fb4f83faa2786e7284b0adf6fe0ae04f61c362be89177aa7a27cd00a1c101deb33fbae04b8b20fceeef601049626954f0436470eb4d344fd53c34eab4fca401bb6aa64c1d1891ca88300ce5f8b9b7badb64a5aa3ce8ea848e288239def4602e4812c66503ccc2a68b734d97b2fe71e321e09275bbc727e4c02ce1a967f2f7c5f02f658c5e449a1c718a535561afbddd05ad28559c6ea8a5d19298eeccee69818b69a833b972128e153306522a3733396e25e3a2175443715b0926ea967609f73e2529fa4b6c346e32543431d11f57f557c71ff6b789d9a78e8039f78c5089586aeba7a584b3d6b753f8633d062b5cca3639eb95885027a1b78a90f79d33e8872b455a21618b76a4afd3d704849b067ab8f968bf528fbdbdfdd34e84163d644e211e32f9b5b91f86fb815890f6e405d7324fd6ff84fea268cf4d613d8b8cc784fd434f317dd77ccaf40d974c43d70ec15306c691ce9782267b20b35c150c1c104adff5437068f7c9dee058c08403024e5ed1f35bf1b6db213af8fd0293b230ddc7a405e1e3e584292cf6d9bd4ca1d0c325ecf37c57134320f79fac3f26874b1d595d0aacb7bf454bc4e15f755c1c7e2d0951d7731d8bf27c8002f611a942d633c9e0203ee9f848de15966e6c993d790bbc26958fdc3ff4e62b971697855ad0980d3cf6cd79c0f2f0d41eab6d2c67e83295afcbee60179e0997ddf9b15002b7fc058afa567034dabc640790aba2419a5ccbce25abccde586373f4e31f3436e5bab2e156b4cd6abaadbd4e991cb4a15cdea2202b13bce716e1df40d6bcc275f14c152ffe6294d2b5a5377a9da546490a0ff9ec3f27a0a6070f1b0d72b75a74ac1e764c4670b9547faa728500233dc410132d800bddd4e81272f1ace1fa8186e1b68e19b23ee611b2c9119b094764fd0720212c14f12f1835596660e08dbaf1a28c2ecb391094e8decb500484a4f9de412781fe084695a243d474471a3d6abd4ac640cfb7da40e0327defce9aa8101a25f7145b55db0510dd090af63fd65f9003693b21b2f3d4775c65707fed78474238d6453592933b2265c3836d0c775b95e9739b3de3856072a5b43c9e3024e8843b2522e92d12aab4a636e78af12722ab38d881f4c97118014db986f3ec966783b93d81d1d70e3ea611482df745256c3ef9c6c949c6afc6929f69d9427ddde81f3f278500c586b3bb736c2fc7713ad92ed13640f4051e72b38568e3f211f75261ee6517de0b980076127d7dc00a1660a11232325f7ac097f46e0ef4493cd7de875d14056419373d887a821672d894d32c810464705e92c9abe32967fead2464c8b2f693f45d07a8160f59ec046019b016ee8b07764278af8c6b22b4cc079f406c0ba898332aa8911b026c75edd02d5a40f8ed9c1a3d39c1893a0affe4b38c77305429562e9d0907179753051cbf13ff936091334fe24a53816d2aa5e2e26993dac3f2c573b0001152ee26b633afd966bfb704054227160bf292bbcc35f78a649bb7f4fe1783a6b10de778519c8a71f1381cc67a779e51ce3097e666d964728d55708e76953826c7659c3647d3f3cedf9f1b45b27f5735bb8d78d874bf73147b738b9c0566a0d2fdcb17f85dc712462e381ba1466d92d903ba24d0cc17ddbeb7bd80b5525d7236a8add54d4eca06fe4cd0d3724403c7ad09f22eb2fcb4181eddde271be821579b7382bbfe36dab5079811e62842da65165c27c181dfed279d5ec12a1c0c13541760c2fe5cce95c6892622229ac24a7211ba43e513077f34342b61611a1ab10b6c51f6e3a06be0716d7d1abc82f5903e32f1e6e3e85789c1b8f140bbe1903b9677ec9655e171bf1f4d27dda003c27d4ef0e043d0def451dbc0f48cb6cb605b1e2d27e9fc9db10c0b571b6805f316b00b581d0d7358f83e14d1b4290e61fc0d0bd97334f31a547350c00877c90bcb591b98986c19d9d477f7dc521ac43d2edf9201ea61c43e6365e795bfb44b0d90ced7b9d34a849dec495d79cae7769c721d7cd17f1503df3d113c49fcb18449ff180d39c94717ae8fcba7ee1d8cf75873098a7a697d5f5d7a6eeef14daf146710ee40c94ff8ea9ff048d108688776fd074e72658d6ea43f42ea03883f70f45c7b86d3eb0bced0f3a60b6da510833728ffdb82af9a34c5fc86e0130861ac66c68b784300", "204b9e1804d636301150775298e6490040d0ecb72371cfe0ccc258d2b4450458b909ae785f60b932863937ed25df0ce2b046ccc47e3501ed7a53e69d95dfb761f3fb81659983876f915b21b4b91270b4607875b751136514bb42b1de575e5ae05e98fd37dde49acb6a8e7f7c592ceb8793d00c84515e9b091fca8056f69ef47c1c91735af04b3077a94a24147489c6bbc3d63a76ba4eb1e6adf014106f4b0117fc6a2b2c84ca9e6c40fade373fd49f657e5e828399868d39d2a9d8cb3f4508e156d31ded826a64d84b19ceb0c13d9566f14866028f00408428bc6b9a27761fb13e70561fa8bb45bf2547baeebd7c99e01c1ebdac09ba75e3f67b2bc6898ca2c8e6c2b09efef1e688c74fe8e214b657d3325725531f9ce71d59532adc69f40e0b821fbd14558133f9fcd9d5ace9150703b5879f74028583dccd4984a9fedf23f1f6b8c501f9a99762079404f109e6d69b025edbf2d3169e44f186eb60e7abf9539cb8013670435420f54b7e485644f5afc2d0581d8404c23bcf2c0bcd6d3a6fbc658721e74546ea52d57f259e841e87f01ace9d7fb10bb4356abffa306d91963914bc144e486f78c048aafe20eae27ff53250de7bed8c4167780c53facfd741b93f53d67a60eba1527701896bcd29a6cc20b9390582421eb0e5dce7a66a94881904dd91c47c59e8b7219adae86ba78b230306829368a56dc908245fc72886c3b18facea659b27466d3c6a85b541f20a012660319f8f4ba0faf0d83d28ac63ae417323a0f75b88235d1a60a29c41f662b34ac40ac19c94f227567860a998f5e4d8f65b930c1a1209ba04cc2406599914e8ed7c98d8095a56fd29920c47c6221bf7e6a076dfc90947af9468d8844731ac3923896f25a8402421e24e1d328e5b9daeb97048b87e3d374874071931ad791c1f03324ba01d463364a5bb1dba7e3b807aec9c333703397a45918c73b443dd46f7b289736662ad833302fa89567e44c3de8e2f87bb5f8758abf6f888ad26bb5ed48a4bd828d8fcf5c01cf7588009c1a6c35e94142950b3bac8fa0af15c2f30504cef3e544b132e4096a836aa49336cbe878d2e33075d0712adc3e75b9f9bc7ec420f123084eb296119171535c4fa49d460d4444eb309f424ec13be89ff6641caa089da262ff89c0d4b1a86fac91361a7a124a0e4b27de253186e10671d2532d600f6b4089dc690f600363092ad93fb62fbab9e1a96caefe31e4c117420fd1df64e4e0cf4967cb026a003be444278553c2e58e19ec5a6db3921fab8fa0748965e523659e54a3e01190492f9b01811d06b13d8c833454ab5b93af8a9ad27a155d682d8c78f074da17d6c4b7ded5b5f3c30e3afb3c0e4aab6ce797e8142df9a74f486aee74c0bc021c227d802c5f5e79678c45bac331d6ec24ecb404296dc9e90b2c191fc14c53505e92587f43a5eedc56a6408048d9dbb8bee8840a656952cb361f0d76baa20939e6e8ab917e12b76dd812b95e68c90708d7cd81aa18002eea116f4190e49d1f628a509c8fb65f393ef5bcf7d1b9ea289e0532ee5f46e65709e84aaa7a6334c58eaab5c3cced88fa3e9e365ace119a3c40dfe336abbe6d3a09dfd895cdc3daae26ae9d3f68a3a2184ac5f6972ef034f1f9f0d4100a55b8638db0986f362a23b599903909a5a6193fc2c6e54adc965ff5d48bc1ed1b6ff0ab226b9598f70a13ca0a0b2d2cc05f17449bd4cbd224fa75810955011d5a401348c0b75546c1fd86824ced7b0c79cb4d13a3722aef6f7a0cb49f76a372ff133736f04b67bf6a74d5164a227f4865dfd15181e0a9e5dc53317ffb04a7ab1fba87d3b34bd1cee7c6aef4b3ebef183c9fcd4daf091ef1f5f2709a7eb4a648242c408e7d5b10b766e0f648c654d99d0722189c4956474892e379a84b1f09f13ba589423e43b4b0dd267b1d0c976fb64903ea2d22e2612d9dbad91536a986f44986d74578f2cf378dc6505cc26261548a080e11d74fed2cdaa90479f0656fd927f89a0624f4ce943981ffbec2ceb27c7fb6e6ee7df7c2d26d7151f1dadb172a0017787c5d32d6408b6662c8f5348f34e63649206142164f7aa076b2c83bfffe44126ee923f0b9bc917e52308373553cf19e6798ac83ace350be47f445ef0d268c2a4fc67998a5907db42decc63fcfc30df0a4543da178e442aec97060edc209e34849f6beea0e366eccc80b87c1c16f89e5608b96c176ccfaf6014a619b83d72c5a89749cf763f4838ab9e5f9a0db7aa8b7d27db308edb664fc0197756f6709df36d9f6ed678944e18455a8d49434f9a6f223cbf52b6a1ba266a55331ffe7e83fb4130c2f5528626c4e451d8bac1da046dd59249fe41b6c8a36e82346918e0177c876f44101ff9f7721d8fbe1eca04e13ba8db3f5bd01c3661df0d6c8a24d45a246e0ac80aed4178901a71a939da4622592b3a8d87b3ae35370530039d7d413455e9d61656b58a1e63aa9bf1a87d8bcc6605c3167836f82ba01f54934e2d31d7463e1848ee8a2cca55a029d5ed37236dda9f278981cdb330eabc6bfc33a7fee5678c38b8e0a9258fa8ce5cb8abc3320d44dd16098df1bbf9d3e3142ec1838ba81785e37dc97fda2797e3cf6b7d6c367737b4df96a242149bbba7af54da91b404fbf01f4ecfb7ebd97c67de2415b3bca3b5f21deae988733dcb547a17aa38c0b98aba60fbb1d57f9e8f005ae6233e5da68da32c7a2778944a2eacba03e3312fe968fa3be0e2ceb4d8526803e7a8f24618b1003860e424da518c9602cb092c9c6b930b72523bbf615ad8330e337e64ff82eb78d9a2384e86afece8aa9d9cb1b7ab27265261a3cf542e1655792ed66b28d27bf4f02d13e93413bfc5fae7dbec15aac85331ae3d4032679988ffd1c1750447f763ebc9ba8f8ba4521b74563af6ee8a996af3707dd03118c3f0d18d612a5105519310f7b8c5eb4b7e3a0d675374da18314d144b5d5d0ba2735dab4efdf68f70285ce4d35032427e23fe7c59c5844879550417dc93d2221fe0ff82c7e21ebba19c01fefc6f6eeb7078e7557f077ca089246e6f3901e127ca4685c191847ae720ce30d41939239b2835d9cfd126faabc88eb80d409d8ec1cdf6070c55109bdbbb668fd56c6ebd3503986cdf5ade19903a85516f0ed87872f397e6244b0f58c70b8dd0cbc408dd7a87c42d672d31fde7fbc31b3acff4be744b933ec0645f76b52481ba6f50a25a98f89d9989e347b682a459eb38004d0de0a7314f8319b1e0ce5152a4928d7f59769347a7f48af595d028b5012cf5b7fc081cbec3c5ad30801947b5d3f87a242b05691ef3f46f0ba35fa6ee28a966ad42e34ef6192cb6e5de41411df4638c825688abc1c8f1fa7b2eced5ae40a5d35d7cfd981f4dd46a91e8f123187d8e99a947020cdc4cfcb66ee004232ed5badfa694fd943ed59f01433989e5663a77fd2bbcdbfaad5ab482150f22ffa6b1ae9e99134b320c04444c3d5d71e37c6d4faf82b1297d75a520e6e6c5a0d7ab86dea5245a97b16a7690f50e9abd452da33c58974cb63e4711fece83cf1251c6eecc7c9a887b0a881f148b6c8fa3749ef09661488909a2f74e41a4968f5f1d1ebd9a511f5732ea60a18032d68dcf34a5914b1c24275e6c3d331a8c454e4c615dc5f6ce4de1b44fc755da73eef517bca08fa464443eabf4046961625ee82c406e08359b49785a1cbe9822cada3375da9adf55bd50e156a314f10107a3fb880a944fa3a0cdb4be2234c19ab26f8075c6389a0a6062e82050b493a30e617f728b8d0ced0b69da60c6fdadd95ee1c0e656b63ecc72a491e07bce4c3df3761e51bb327a86d55a375e4f5859a8b179a47f4b5b8b85fed0db916e31885d0ad185d6c7e79449e282a5d10a7cf86d0305a2673cd9aa834d130fcb1098c0f69771ae23e2b49cdd3d39be17fcc309a282486bf0e0829a0805a036b0b1e357f03a861857312dab3033f00957ff6f03a35240724bc6adf429090f555aca563ffb5e4b67c75486149f2495971bf653617f29e50d59da32288afeabc768787d2e830c70d5f0dbd8db5e9923b8893f32c4cdc0d8130caefade59d7f5e270f8b5487b69815dd8cec6d3dfa3ca308987f2970ab3e8714cdbae27dc22fa434805c9284b904840a92bc76490c15c6a04df137940d48f7ac6285f858611376f447ebaf11ce4014066d57e5fa579b588e0d795fb0322d1b8606faf9507092be3e320184a5324df47792e8b015ee27ace73b0bc05f3eff2c2a9ee45752df32a85b1ad5679aedbe40ac59511938929e210a409e538c139d1fb93891d2b9908f915b9c556788bb8926b6a96923038a119eb68bcb528a42e97f8fbd49e7d5bb3e51987cca590ea8a18e049f64d8c994d63a707c441e63509f909adf5f7c26d36714bd56307513003f8f85f20c8fea4248627d2f19891baef9b134a8ecb6e3da6232c5b818d7469645038312b6b952f782f28ccd199367a51f750927e5f11ef04cb299dc7ba0c24500134d3a9a0a4f62903ae930f5ba49c39855ffc4aba6cc9d400075f094875db9ebcbcbb35309421d08a928b0216dcbbf718761b01b4d41cf55b0b2bf4c89603a61e5ac2f5bf5236d4bee90617e1b2fdc3a4540db2c89561c1cb9b1e28436013546e654e36fa328097ce8a4baf5a2fd78f9bca617bd4de062dbbc38c7356232b385823b6c604a401f43f5864111eff29045c12b6c622182e097caa5a9945133375b46dc0e268e860dd58b62403c41393f02c7f1d23a1d0daad5d2eb7a085387ea6b81ceb6191d5ffa7f58848996caad4796ee8d9e1bad072455a37d8b64888cb4007f344783afca22db07a2ccb8531c6a9d69bffdf1f949e3fce89f223119595c5b9bfa51893ff36849be61ff02939360a5d5b0e05d22aa3a1f16c27103edeb00c0f763bd4251805ec8d894692cd1636b4b1c96ab613896c17b2fb8a414a91463d54f145e1d49378e726e5921d8cd34aeb176a36701c9b75311806efcf402d4345034d7fd5165857bd2cd07b32a18334a3cf358dadbc8144b806120805a07714d8d0029fe0db7958bbb69b9a216e5945fdf0b892665c0bad2cd822797d5c7223094cd54042c781fba9d7f05a169f390225385d5c055896dc8a620a637a7c73ee77fbf2152fb62af9bcbe01389dd846724fa24ca6088d2bddf9bcae4d9e11f86266e4d87f6b11f3721c30c3f48ddfecb7623802c7e3f595b088473747d25b70bbdf8920924c6bb9e202e6d54e340a469e8ecf66b49dda0036a7d071492742593c2e02bd7bd703774f2ac8c45dbfa1f8ce4c205a05064362bf2819e80bd406367a86ece3f5d54b43029b3f7fcc2378c5e33e8de66fa5f3c4974310c3ac4d2ab1234b1fea14d71512c578dfab154a74dc66c8a5ff983a41e02c57c58cd9c3a77d22f15f8a6abe41de51ce4a92151ee25c6f2c4feb0453b4f86fb4c7e19063b871ff6458b2ad51b992df6b16de3a5a2f5935c85d5a8709d82943c645f6199e76b38d718b86945638d92daa15aeb9beaa53028a425c6ee90dbd58b57f4a748ec0037fca725812aaac8e201d5121c06c9d3bfcbe799b9fa28440fceec78a5d39a112626bd0f9e530cb5573083e6b3b0ce5ef60e85ea643331d45663f309d75d36c88ed56abbac74672daa72c2f180ab5d117d2ab17db9e36a807bcaa62a07aa5486d39d63f64d23f03e58f6fa346b39005cde05121ecc2146ae982d02532a2deb90d8b9cfd32ff03a5294933292fb3d58760bc81a72df0e602b9b4b7e407bc542924e9763fe0d4bd5346ccb9e10b1ea7dade31d4bbc900"})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

08:22:39 executing program 4:
r0 = open(&(0x7f0000000080)='./bus\x00', 0x141042, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r1 = getpid()
sched_setattr(0x0, &(0x7f0000000140)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0)
sched_setattr(r1, &(0x7f0000000240)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
openat$incfs(0xffffffffffffff9c, &(0x7f00000000c0)='.log\x00', 0x745000, 0x80)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x40000000, 0x0)
sendmsg$IPCTNL_MSG_TIMEOUT_DEFAULT_GET(r4, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000900)=ANY=[@ANYBLOB="24000cfce5784b0ce785bff600000408030000000000000000000000000005000300840000000600024000000000"], 0x24}}, 0x0)
ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040))
r5 = open(&(0x7f0000000100)='./bus\x00', 0x6e842, 0x0)
pwritev2(r5, &(0x7f0000000240)=[{&(0x7f0000000000)="85", 0x300000}], 0x1, 0x4200, 0x0, 0x3)

08:22:39 executing program 2:
syz_open_procfs(0x0, &(0x7f0000000040)='mounts\x00')
syz_open_procfs(0x0, &(0x7f0000000000)='mountstats\x00')
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000040)={r1})
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000001c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1003]})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000140)={[{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}]})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000056f000/0x18000)=nil, &(0x7f0000000080)=[@text32={0x20, &(0x7f00000000c0)="66ba4000b0c2ee66bad104b829280000efea0e0000000a00b8050000000f23d80f21f835c00000a00f23f8653e65f30f21c62e0fae2b0f01c2b8060000000f23d00f21f835200000000f23f8c4c3a1cf830000000002d9f7", 0x58}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

08:22:39 executing program 0:
perf_event_open(&(0x7f0000000640)={0x2, 0x80, 0xd7, 0x0, 0x0, 0x0, 0x0, 0x2000000000, 0xa40a1, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x10000, 0x0, 0x0, 0x3, 0x1, 0xffffff7c, 0x3, 0x0, 0x2cf6ca54, 0x0, 0x7}, 0x0, 0x2, 0xffffffffffffffff, 0xb)
mmap$perf(&(0x7f0000c00000/0x400000)=nil, 0x400000, 0x3000002, 0x40032, 0xffffffffffffffff, 0x0)
mlock2(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0)
mlock2(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0)
r0 = fork()
r1 = userfaultfd(0x80000)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x543c04, 0x0)
r3 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r4 = dup3(r2, r3, 0x0)
write$binfmt_script(r1, &(0x7f0000000280)=ANY=[@ANYRESOCT=r3, @ANYRES32=r2, @ANYRESOCT, @ANYRESDEC, @ANYRESHEX=r4, @ANYRESDEC=r2], 0x9f)
munlock(&(0x7f0000ef1000/0x2000)=nil, 0x2000)
syz_io_uring_setup(0x2e00, 0x0, &(0x7f0000ff3000/0x4000)=nil, &(0x7f0000eee000/0x8000)=nil, &(0x7f00000001c0), &(0x7f00000003c0))
mlock2(&(0x7f0000d03000/0x1000)=nil, 0x1000, 0x1)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000080)='freezer.parent_freezing\x00', 0x0, 0x0)
move_pages(r0, 0x2, &(0x7f0000000300)=[&(0x7f0000ffd000/0x1000)=nil, &(0x7f0000f10000/0x3000)=nil], &(0x7f00000000c0), &(0x7f0000000000), 0x0)
socket$caif_seqpacket(0x25, 0x5, 0x0)
get_robust_list(r0, &(0x7f0000000180)=&(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000000c0)}}, &(0x7f0000000200)=0xc)

08:22:39 executing program 5:
syz_mount_image$reiserfs(&(0x7f00000000c0), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, &(0x7f0000000000), 0x0, &(0x7f0000000040)={[{@grpjquota, 0x3d}], [{@pcr}]})

08:22:39 executing program 1:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r0 = getpid()
prlimit64(0x0, 0x7, &(0x7f0000000040)={0x40000000e877}, &(0x7f00000000c0))
sched_setattr(0x0, &(0x7f0000000140)={0x38, 0x2, 0x0, 0x0, 0x8}, 0x0)
sched_setattr(r0, &(0x7f0000000240)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sched_setattr(0x0, 0x0, 0x0)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = creat(&(0x7f0000000100)='./bus\x00', 0x8c)
fallocate(r3, 0x0, 0x0, 0x80019e)
r4 = open(&(0x7f0000000080)='./bus\x00', 0x4e141, 0x0)
r5 = getpid()
sched_setattr(r5, &(0x7f0000000240)={0x38, 0x0, 0x0, 0x0, 0x5}, 0x0)
prlimit64(r5, 0x0, &(0x7f0000000180)={0x81}, &(0x7f00000001c0))
r6 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./bus\x00', 0xc140, 0x0)
sendfile(r4, r6, 0x0, 0x401ffc000)

[  458.726292][T15917] REISERFS warning (device loop5): super-6502 reiserfs_getopt: unknown mount option ""
[  460.278732][   T26] audit: type=1804 audit(1632817361.120:25): pid=15930 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir631639810/syzkaller.iXcy9K/222/bus" dev="sda1" ino=14866 res=1 errno=0
08:22:41 executing program 0:
perf_event_open(&(0x7f0000000640)={0x2, 0x80, 0xd7, 0x0, 0x0, 0x0, 0x0, 0x2000000000, 0xa40a1, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x10000, 0x0, 0x0, 0x3, 0x1, 0xffffff7c, 0x3, 0x0, 0x2cf6ca54, 0x0, 0x7}, 0x0, 0x2, 0xffffffffffffffff, 0xb)
mmap$perf(&(0x7f0000c00000/0x400000)=nil, 0x400000, 0x3000002, 0x40032, 0xffffffffffffffff, 0x0)
mlock2(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0)
mlock2(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0)
r0 = fork()
r1 = userfaultfd(0x80000)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x543c04, 0x0)
r3 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r4 = dup3(r2, r3, 0x0)
write$binfmt_script(r1, &(0x7f0000000280)=ANY=[@ANYRESOCT=r3, @ANYRES32=r2, @ANYRESOCT, @ANYRESDEC, @ANYRESHEX=r4, @ANYRESDEC=r2], 0x9f)
munlock(&(0x7f0000ef1000/0x2000)=nil, 0x2000)
syz_io_uring_setup(0x2e00, 0x0, &(0x7f0000ff3000/0x4000)=nil, &(0x7f0000eee000/0x8000)=nil, &(0x7f00000001c0), &(0x7f00000003c0))
mlock2(&(0x7f0000d03000/0x1000)=nil, 0x1000, 0x1)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000080)='freezer.parent_freezing\x00', 0x0, 0x0)
move_pages(r0, 0x2, &(0x7f0000000300)=[&(0x7f0000ffd000/0x1000)=nil, &(0x7f0000f10000/0x3000)=nil], &(0x7f00000000c0), &(0x7f0000000000), 0x0)
socket$caif_seqpacket(0x25, 0x5, 0x0)
get_robust_list(r0, &(0x7f0000000180)=&(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000000c0)}}, &(0x7f0000000200)=0xc)

08:22:41 executing program 1:
r0 = socket$inet6(0xa, 0x3, 0x7)
connect$inet6(r0, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c)
setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000340)={{{@in=@dev, @in6=@mcast2, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x10}, {}, {}, 0x0, 0x0, 0x1}, {{@in6=@mcast1, 0x0, 0x33}, 0x0, @in=@dev}}, 0xe8)
sendmmsg(r0, &(0x7f0000000480), 0x2e9, 0x0)

08:22:41 executing program 4:
fcntl$F_GET_FILE_RW_HINT(0xffffffffffffffff, 0x40d, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r0 = getpid()
sched_setattr(0x0, &(0x7f0000000140)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0)
sched_setattr(r0, &(0x7f0000000240)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = open(&(0x7f0000000040)='./bus\x00', 0x1612c2, 0x0)
r4 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0)
sendfile(r3, r4, 0x0, 0x400000000001002a)
r5 = syz_mount_image$vfat(&(0x7f0000000400), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
r6 = openat(r5, &(0x7f000000c380)='./file0\x00', 0x84842, 0x0)
write(r6, &(0x7f0000004200)='t', 0xfff4)
connect$packet(r6, &(0x7f0000000180)={0x11, 0x3, 0x0, 0x1, 0x0, 0x6, @remote}, 0x14)
sendmsg$NL80211_CMD_SET_INTERFACE(0xffffffffffffffff, &(0x7f0000001840)={&(0x7f0000000080), 0xc, &(0x7f0000001800)={&(0x7f00000001c0)=ANY=[@ANYRES64, @ANYRESDEC, @ANYRES32=0x0, @ANYRES32], 0x60}, 0x1, 0x0, 0x0, 0x44090}, 0x0)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
syz_mount_image$fuse(&(0x7f00000000c0), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="66643dfad50be36a8fbbfb6e708f244ef945127a80f167e1d88617ccd92b397808d8898cd1946ba4e4b9928d2e091fb784f2aa44c7637f92155641fb451e289c749695049a356c732d6cf6915d9d8e412f4d74c6f95a9af98ceace9e711411045b08cc42ec8db8f8ee0c14c6fccd7f0e9e347bac25dcc60c4b66c5f6e4d8d74a735ce29f5d8ea978b8f2cd6d226087371cc89cad7c6f8f4501d907e05256cec579b14a0082d43e171dfbdef7bf2fdcf928e4290c9f312f6051259b443a4d199ed6a3f2b889ee591241381723a3665c6b44722cfe80fb5e3db282a1a1db07ffe18775c0ec3161fb16456092903e4e253671fb12a612a232b2065b3c4cff75c2738a84109d72195e81b53df892", @ANYRESHEX, @ANYBLOB="2c726f6f746d6f64653d30303030303030303030303030303030303132303030302c757365725f69643d7fe7b33a8af847be2f4928ecaa30b673086a7fcaf430b02bcfb7cd3acc0404e74f56e658aa508351d0e608c8a3a1447da76f5b827422123e2b1b40aedb8207cf606d4f47268ac0165112cdbd53154c4ce770517cfe4b39a244a2bf300f6e814396ed8fb56f1efd0b51cf10ed78d5928b78edd2f40f1b9fb4882000000084a8d0110ece8523ec91b448982d60f20c08d156cbb37e9c1878547143578e9754c622ef29e9ff360a04004f9a157b0cdfd14020c54d953436329f", @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0, @ANYBLOB])

[  460.910155][   T26] audit: type=1800 audit(1632817361.120:26): pid=15930 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.1" name="bus" dev="sda1" ino=14866 res=0 errno=0
08:22:41 executing program 5:
syz_mount_image$reiserfs(&(0x7f00000000c0), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, &(0x7f0000000000), 0x0, &(0x7f0000000040)={[{@grpjquota, 0x3d}], [{@pcr}]})

[  461.010289][   T26] audit: type=1804 audit(1632817361.320:27): pid=15937 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir631639810/syzkaller.iXcy9K/222/bus" dev="sda1" ino=14866 res=1 errno=0
08:22:41 executing program 2:
syz_open_procfs(0x0, &(0x7f0000000040)='mounts\x00')
syz_open_procfs(0x0, &(0x7f0000000000)='mountstats\x00')
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000040)={r1})
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000001c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1003]})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000140)={[{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}]})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000056f000/0x18000)=nil, &(0x7f0000000080)=[@text32={0x20, &(0x7f00000000c0)="66ba4000b0c2ee66bad104b829280000efea0e0000000a00b8050000000f23d80f21f835c00000a00f23f8653e65f30f21c62e0fae2b0f01c2b8060000000f23d00f21f835200000000f23f8c4c3a1cf830000000002d9f7", 0x58}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  461.082744][   T26] audit: type=1800 audit(1632817361.320:28): pid=15937 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.1" name="bus" dev="sda1" ino=14866 res=0 errno=0
08:22:42 executing program 3:
r0 = getpgid(0x0)
perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, @perf_bp={0x0}, 0x800, 0x0, 0x0, 0x0, 0x4}, r0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0xc, 0x8d}, 0x0)
getpid()
sched_setattr(0x0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9, 0x1}, 0x0)
pipe(0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
ioctl$PERF_EVENT_IOC_SET_FILTER(0xffffffffffffffff, 0x8914, 0x0)
ioctl$PERF_EVENT_IOC_SET_FILTER(0xffffffffffffffff, 0x8923, 0x0)
socketpair(0x11, 0x0, 0x9, 0x0)
ioctl$BTRFS_IOC_INO_LOOKUP_USER(0xffffffffffffffff, 0xd000943e, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, 0x0)
sendmsg$DEVLINK_CMD_RELOAD(0xffffffffffffffff, 0x0, 0x0)
writev(r1, &(0x7f0000000180)=[{&(0x7f0000000080)="390000001300034700bb65e1c3e4ffff01000000010000005600000025000000190004000400000007fd17e5ffff0800040000000000000000", 0x39}], 0x1)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000001340)={0x0, 0x0, 0x0}, 0x0)
getpid()
writev(0xffffffffffffffff, &(0x7f00000001c0)=[{&(0x7f00000000c0)="390000001300034700bb65e1c3e4ffff06000000010000004500000025000000190004000400ad000200000000000006040000000000000000", 0x39}], 0x1)

[  461.299567][T15965] loop4: detected capacity change from 0 to 16
[  461.393134][   T26] audit: type=1800 audit(1632817362.240:29): pid=15965 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.4" name="file0" dev="loop4" ino=8 res=0 errno=0
[  461.451144][T15970] fuse: Bad value for 'fd'
08:22:42 executing program 4:
fcntl$F_GET_FILE_RW_HINT(0xffffffffffffffff, 0x40d, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r0 = getpid()
sched_setattr(0x0, &(0x7f0000000140)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0)
sched_setattr(r0, &(0x7f0000000240)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = open(&(0x7f0000000040)='./bus\x00', 0x1612c2, 0x0)
r4 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0)
sendfile(r3, r4, 0x0, 0x400000000001002a)
r5 = syz_mount_image$vfat(&(0x7f0000000400), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
r6 = openat(r5, &(0x7f000000c380)='./file0\x00', 0x84842, 0x0)
write(r6, &(0x7f0000004200)='t', 0xfff4)
connect$packet(r6, &(0x7f0000000180)={0x11, 0x3, 0x0, 0x1, 0x0, 0x6, @remote}, 0x14)
sendmsg$NL80211_CMD_SET_INTERFACE(0xffffffffffffffff, &(0x7f0000001840)={&(0x7f0000000080), 0xc, &(0x7f0000001800)={&(0x7f00000001c0)=ANY=[@ANYRES64, @ANYRESDEC, @ANYRES32=0x0, @ANYRES32], 0x60}, 0x1, 0x0, 0x0, 0x44090}, 0x0)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
syz_mount_image$fuse(&(0x7f00000000c0), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="66643dfad50be36a8fbbfb6e708f244ef945127a80f167e1d88617ccd92b397808d8898cd1946ba4e4b9928d2e091fb784f2aa44c7637f92155641fb451e289c749695049a356c732d6cf6915d9d8e412f4d74c6f95a9af98ceace9e711411045b08cc42ec8db8f8ee0c14c6fccd7f0e9e347bac25dcc60c4b66c5f6e4d8d74a735ce29f5d8ea978b8f2cd6d226087371cc89cad7c6f8f4501d907e05256cec579b14a0082d43e171dfbdef7bf2fdcf928e4290c9f312f6051259b443a4d199ed6a3f2b889ee591241381723a3665c6b44722cfe80fb5e3db282a1a1db07ffe18775c0ec3161fb16456092903e4e253671fb12a612a232b2065b3c4cff75c2738a84109d72195e81b53df892", @ANYRESHEX, @ANYBLOB="2c726f6f746d6f64653d30303030303030303030303030303030303132303030302c757365725f69643d7fe7b33a8af847be2f4928ecaa30b673086a7fcaf430b02bcfb7cd3acc0404e74f56e658aa508351d0e608c8a3a1447da76f5b827422123e2b1b40aedb8207cf606d4f47268ac0165112cdbd53154c4ce770517cfe4b39a244a2bf300f6e814396ed8fb56f1efd0b51cf10ed78d5928b78edd2f40f1b9fb4882000000084a8d0110ece8523ec91b448982d60f20c08d156cbb37e9c1878547143578e9754c622ef29e9ff360a04004f9a157b0cdfd14020c54d953436329f", @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0, @ANYBLOB])

[  461.913527][T15965] fuse: Bad value for 'fd'
08:22:42 executing program 0:
perf_event_open(&(0x7f0000000640)={0x2, 0x80, 0xd7, 0x0, 0x0, 0x0, 0x0, 0x2000000000, 0xa40a1, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x10000, 0x0, 0x0, 0x3, 0x1, 0xffffff7c, 0x3, 0x0, 0x2cf6ca54, 0x0, 0x7}, 0x0, 0x2, 0xffffffffffffffff, 0xb)
mmap$perf(&(0x7f0000c00000/0x400000)=nil, 0x400000, 0x3000002, 0x40032, 0xffffffffffffffff, 0x0)
mlock2(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0)
mlock2(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0)
r0 = fork()
r1 = userfaultfd(0x80000)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x543c04, 0x0)
r3 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r4 = dup3(r2, r3, 0x0)
write$binfmt_script(r1, &(0x7f0000000280)=ANY=[@ANYRESOCT=r3, @ANYRES32=r2, @ANYRESOCT, @ANYRESDEC, @ANYRESHEX=r4, @ANYRESDEC=r2], 0x9f)
munlock(&(0x7f0000ef1000/0x2000)=nil, 0x2000)
syz_io_uring_setup(0x2e00, 0x0, &(0x7f0000ff3000/0x4000)=nil, &(0x7f0000eee000/0x8000)=nil, &(0x7f00000001c0), &(0x7f00000003c0))
mlock2(&(0x7f0000d03000/0x1000)=nil, 0x1000, 0x1)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000080)='freezer.parent_freezing\x00', 0x0, 0x0)
move_pages(r0, 0x2, &(0x7f0000000300)=[&(0x7f0000ffd000/0x1000)=nil, &(0x7f0000f10000/0x3000)=nil], &(0x7f00000000c0), &(0x7f0000000000), 0x0)
socket$caif_seqpacket(0x25, 0x5, 0x0)
get_robust_list(r0, &(0x7f0000000180)=&(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000000c0)}}, &(0x7f0000000200)=0xc)

[  462.015870][T15978] REISERFS warning (device loop5): super-6502 reiserfs_getopt: unknown mount option ""
[  462.038870][T15982] netlink: 'syz-executor.3': attribute type 4 has an invalid length.
[  462.339566][T15992] loop4: detected capacity change from 0 to 16
[  462.453910][T15993] fuse: Bad value for 'fd'
08:22:43 executing program 4:
fcntl$F_GET_FILE_RW_HINT(0xffffffffffffffff, 0x40d, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r0 = getpid()
sched_setattr(0x0, &(0x7f0000000140)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0)
sched_setattr(r0, &(0x7f0000000240)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = open(&(0x7f0000000040)='./bus\x00', 0x1612c2, 0x0)
r4 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0)
sendfile(r3, r4, 0x0, 0x400000000001002a)
r5 = syz_mount_image$vfat(&(0x7f0000000400), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
r6 = openat(r5, &(0x7f000000c380)='./file0\x00', 0x84842, 0x0)
write(r6, &(0x7f0000004200)='t', 0xfff4)
connect$packet(r6, &(0x7f0000000180)={0x11, 0x3, 0x0, 0x1, 0x0, 0x6, @remote}, 0x14)
sendmsg$NL80211_CMD_SET_INTERFACE(0xffffffffffffffff, &(0x7f0000001840)={&(0x7f0000000080), 0xc, &(0x7f0000001800)={&(0x7f00000001c0)=ANY=[@ANYRES64, @ANYRESDEC, @ANYRES32=0x0, @ANYRES32], 0x60}, 0x1, 0x0, 0x0, 0x44090}, 0x0)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
syz_mount_image$fuse(&(0x7f00000000c0), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="66643dfad50be36a8fbbfb6e708f244ef945127a80f167e1d88617ccd92b397808d8898cd1946ba4e4b9928d2e091fb784f2aa44c7637f92155641fb451e289c749695049a356c732d6cf6915d9d8e412f4d74c6f95a9af98ceace9e711411045b08cc42ec8db8f8ee0c14c6fccd7f0e9e347bac25dcc60c4b66c5f6e4d8d74a735ce29f5d8ea978b8f2cd6d226087371cc89cad7c6f8f4501d907e05256cec579b14a0082d43e171dfbdef7bf2fdcf928e4290c9f312f6051259b443a4d199ed6a3f2b889ee591241381723a3665c6b44722cfe80fb5e3db282a1a1db07ffe18775c0ec3161fb16456092903e4e253671fb12a612a232b2065b3c4cff75c2738a84109d72195e81b53df892", @ANYRESHEX, @ANYBLOB="2c726f6f746d6f64653d30303030303030303030303030303030303132303030302c757365725f69643d7fe7b33a8af847be2f4928ecaa30b673086a7fcaf430b02bcfb7cd3acc0404e74f56e658aa508351d0e608c8a3a1447da76f5b827422123e2b1b40aedb8207cf606d4f47268ac0165112cdbd53154c4ce770517cfe4b39a244a2bf300f6e814396ed8fb56f1efd0b51cf10ed78d5928b78edd2f40f1b9fb4882000000084a8d0110ece8523ec91b448982d60f20c08d156cbb37e9c1878547143578e9754c622ef29e9ff360a04004f9a157b0cdfd14020c54d953436329f", @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0, @ANYBLOB])

08:22:43 executing program 2:
syz_open_procfs(0x0, &(0x7f0000000040)='mounts\x00')
syz_open_procfs(0x0, &(0x7f0000000000)='mountstats\x00')
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000040)={r1})
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000))
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000001c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1003]})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000140)={[{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}]})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000056f000/0x18000)=nil, &(0x7f0000000080)=[@text32={0x20, &(0x7f00000000c0)="66ba4000b0c2ee66bad104b829280000efea0e0000000a00b8050000000f23d80f21f835c00000a00f23f8653e65f30f21c62e0fae2b0f01c2b8060000000f23d00f21f835200000000f23f8c4c3a1cf830000000002d9f7", 0x58}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

08:22:43 executing program 1:
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$P9_RREADDIR(r0, 0x0, 0xbf)
write$P9_RREADDIR(0xffffffffffffffff, &(0x7f00000005c0)=ANY=[@ANYRES32], 0xbf)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r1 = syz_open_dev$usbfs(&(0x7f0000000180), 0x77, 0x1)
ioctl$USBDEVFS_IOCTL(r1, 0x8108551b, &(0x7f0000000380))
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r1, 0x81f8943c, &(0x7f000005a700)={0x0, ""/256, <r2=>0x0, <r3=>0x0})
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f000005a900)={0x0, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r2}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r3}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r3}], 0xfd, "d4c90300"})

08:22:44 executing program 1:
syz_emit_ethernet(0x6e, &(0x7f0000000000)={@broadcast, @broadcast, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "d64d4d", 0x38, 0x3a, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @mcast2, {[], @dest_unreach={0x2, 0x0, 0x0, 0x0, '\x00', {0x0, 0x6, '$\x00@', 0x0, 0xb, 0x0, @mcast2, @loopback, [], "050c68deb1caadea"}}}}}}}, 0x0)

08:22:44 executing program 2:
syz_open_procfs(0x0, &(0x7f0000000040)='mounts\x00')
syz_open_procfs(0x0, &(0x7f0000000000)='mountstats\x00')
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000040)={r1})
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000))
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000001c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1003]})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000140)={[{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}]})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000056f000/0x18000)=nil, &(0x7f0000000080)=[@text32={0x20, &(0x7f00000000c0)="66ba4000b0c2ee66bad104b829280000efea0e0000000a00b8050000000f23d80f21f835c00000a00f23f8653e65f30f21c62e0fae2b0f01c2b8060000000f23d00f21f835200000000f23f8c4c3a1cf830000000002d9f7", 0x58}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

08:22:44 executing program 1:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0xc, 0x8d}, 0x0)
r0 = getpid()
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
sched_setattr(0x0, &(0x7f0000000140)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0)
setrlimit(0x0, 0x0)
sched_setattr(r0, &(0x7f0000000240)={0x38, 0x0, 0x0, 0x0, 0x5}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
ioctl$IOC_PR_RESERVE(0xffffffffffffffff, 0x401070c9, &(0x7f0000000080)={0x20, 0x81, 0x1})
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = syz_mount_image$vfat(&(0x7f0000000440), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400028001000240000004f801", 0x17}, {0x0, 0x0, 0x10e00}], 0x0, &(0x7f0000000500)=ANY=[])
mkdirat(r3, &(0x7f00000002c0)='./file0\x00', 0x108)
recvmmsg(0xffffffffffffffff, &(0x7f0000000180), 0x0, 0x100, &(0x7f00000001c0)={0x0, 0x3938700})
prlimit64(0x0, 0xd, &(0x7f0000000040)={0x9, 0x7}, &(0x7f0000000180))

[  463.689330][T16031] loop1: detected capacity change from 0 to 270
08:22:46 executing program 1:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0xc, 0x8d}, 0x0)
r0 = getpid()
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
sched_setattr(0x0, &(0x7f0000000140)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0)
setrlimit(0x0, 0x0)
sched_setattr(r0, &(0x7f0000000240)={0x38, 0x0, 0x0, 0x0, 0x5}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
ioctl$IOC_PR_RESERVE(0xffffffffffffffff, 0x401070c9, &(0x7f0000000080)={0x20, 0x81, 0x1})
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = syz_mount_image$vfat(&(0x7f0000000440), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400028001000240000004f801", 0x17}, {0x0, 0x0, 0x10e00}], 0x0, &(0x7f0000000500)=ANY=[])
mkdirat(r3, &(0x7f00000002c0)='./file0\x00', 0x108)
recvmmsg(0xffffffffffffffff, &(0x7f0000000180), 0x0, 0x100, &(0x7f00000001c0)={0x0, 0x3938700})
prlimit64(0x0, 0xd, &(0x7f0000000040)={0x9, 0x7}, &(0x7f0000000180))

08:22:46 executing program 5:
syz_mount_image$reiserfs(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, &(0x7f0000000000), 0x0, &(0x7f0000000040)={[{@grpjquota, 0x3d}], [{@pcr}]})

08:22:46 executing program 0:
perf_event_open(&(0x7f0000000640)={0x2, 0x80, 0xd7, 0x0, 0x0, 0x0, 0x0, 0x2000000000, 0xa40a1, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x10000, 0x0, 0x0, 0x3, 0x1, 0xffffff7c, 0x3, 0x0, 0x2cf6ca54, 0x0, 0x7}, 0x0, 0x2, 0xffffffffffffffff, 0xb)
mmap$perf(&(0x7f0000c00000/0x400000)=nil, 0x400000, 0x3000002, 0x40032, 0xffffffffffffffff, 0x0)
mlock2(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0)
mlock2(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0)
r0 = fork()
r1 = userfaultfd(0x80000)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x543c04, 0x0)
r3 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r4 = dup3(r2, r3, 0x0)
write$binfmt_script(r1, &(0x7f0000000280)=ANY=[@ANYRESOCT=r3, @ANYRES32=r2, @ANYRESOCT, @ANYRESDEC, @ANYRESHEX=r4, @ANYRESDEC=r2], 0x9f)
munlock(&(0x7f0000ef1000/0x2000)=nil, 0x2000)
syz_io_uring_setup(0x2e00, &(0x7f0000000340)={0x0, 0x0, 0x20, 0xfffffffd, 0x2000037d}, &(0x7f0000ff3000/0x4000)=nil, &(0x7f0000eee000/0x8000)=nil, &(0x7f00000001c0), &(0x7f00000003c0))
mlock2(&(0x7f0000d03000/0x1000)=nil, 0x1000, 0x1)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000080)='freezer.parent_freezing\x00', 0x0, 0x0)
move_pages(r0, 0x2, &(0x7f0000000300)=[&(0x7f0000ffd000/0x1000)=nil, &(0x7f0000f10000/0x3000)=nil], &(0x7f00000000c0), &(0x7f0000000000), 0x0)
socket$caif_seqpacket(0x25, 0x5, 0x0)
get_robust_list(r0, &(0x7f0000000180)=&(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000000c0)}}, &(0x7f0000000200)=0xc)

[  465.872358][T16056] loop4: detected capacity change from 0 to 16
[  465.975780][   T26] audit: type=1800 audit(1632817366.820:30): pid=16056 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.4" name="file0" dev="loop4" ino=10 res=0 errno=0
[  466.061379][T16058] fuse: Bad value for 'fd'
[  466.596277][T15989] netlink: 'syz-executor.3': attribute type 4 has an invalid length.
08:22:47 executing program 3:
syz_mount_image$xfs(&(0x7f0000003a80), &(0x7f0000003ac0)='./file0\x00', 0x0, 0x0, &(0x7f0000003b80), 0x0, &(0x7f0000003bc0)={[{@attr2}, {@rtdev={'rtdev', 0x3d, './file0'}}, {@norecovery}]})

08:22:47 executing program 4:
fcntl$F_GET_FILE_RW_HINT(0xffffffffffffffff, 0x40d, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r0 = getpid()
sched_setattr(0x0, &(0x7f0000000140)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0)
sched_setattr(r0, &(0x7f0000000240)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = open(&(0x7f0000000040)='./bus\x00', 0x1612c2, 0x0)
r4 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0)
sendfile(r3, r4, 0x0, 0x400000000001002a)
r5 = syz_mount_image$vfat(&(0x7f0000000400), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
r6 = openat(r5, &(0x7f000000c380)='./file0\x00', 0x84842, 0x0)
write(r6, &(0x7f0000004200)='t', 0xfff4)
connect$packet(r6, &(0x7f0000000180)={0x11, 0x3, 0x0, 0x1, 0x0, 0x6, @remote}, 0x14)
sendmsg$NL80211_CMD_SET_INTERFACE(0xffffffffffffffff, &(0x7f0000001840)={&(0x7f0000000080), 0xc, &(0x7f0000001800)={&(0x7f00000001c0)=ANY=[@ANYRES64, @ANYRESDEC, @ANYRES32=0x0, @ANYRES32], 0x60}, 0x1, 0x0, 0x0, 0x44090}, 0x0)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
syz_mount_image$fuse(&(0x7f00000000c0), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="66643dfad50be36a8fbbfb6e708f244ef945127a80f167e1d88617ccd92b397808d8898cd1946ba4e4b9928d2e091fb784f2aa44c7637f92155641fb451e289c749695049a356c732d6cf6915d9d8e412f4d74c6f95a9af98ceace9e711411045b08cc42ec8db8f8ee0c14c6fccd7f0e9e347bac25dcc60c4b66c5f6e4d8d74a735ce29f5d8ea978b8f2cd6d226087371cc89cad7c6f8f4501d907e05256cec579b14a0082d43e171dfbdef7bf2fdcf928e4290c9f312f6051259b443a4d199ed6a3f2b889ee591241381723a3665c6b44722cfe80fb5e3db282a1a1db07ffe18775c0ec3161fb16456092903e4e253671fb12a612a232b2065b3c4cff75c2738a84109d72195e81b53df892", @ANYRESHEX, @ANYBLOB="2c726f6f746d6f64653d30303030303030303030303030303030303132303030302c757365725f69643d7fe7b33a8af847be2f4928ecaa30b673086a7fcaf430b02bcfb7cd3acc0404e74f56e658aa508351d0e608c8a3a1447da76f5b827422123e2b1b40aedb8207cf606d4f47268ac0165112cdbd53154c4ce770517cfe4b39a244a2bf300f6e814396ed8fb56f1efd0b51cf10ed78d5928b78edd2f40f1b9fb4882000000084a8d0110ece8523ec91b448982d60f20c08d156cbb37e9c1878547143578e9754c622ef29e9ff360a04004f9a157b0cdfd14020c54d953436329f", @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0, @ANYBLOB])

08:22:47 executing program 2:
syz_open_procfs(0x0, &(0x7f0000000040)='mounts\x00')
syz_open_procfs(0x0, &(0x7f0000000000)='mountstats\x00')
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000040)={r1})
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000))
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000001c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1003]})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000140)={[{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}]})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000056f000/0x18000)=nil, &(0x7f0000000080)=[@text32={0x20, &(0x7f00000000c0)="66ba4000b0c2ee66bad104b829280000efea0e0000000a00b8050000000f23d80f21f835c00000a00f23f8653e65f30f21c62e0fae2b0f01c2b8060000000f23d00f21f835200000000f23f8c4c3a1cf830000000002d9f7", 0x58}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

08:22:47 executing program 5:
syz_mount_image$reiserfs(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, &(0x7f0000000000), 0x0, &(0x7f0000000040)={[{@grpjquota, 0x3d}], [{@pcr}]})

08:22:47 executing program 0:
perf_event_open(&(0x7f0000000640)={0x2, 0x80, 0xd7, 0x0, 0x0, 0x0, 0x0, 0x2000000000, 0xa40a1, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x10000, 0x0, 0x0, 0x3, 0x1, 0xffffff7c, 0x3, 0x0, 0x2cf6ca54, 0x0, 0x7}, 0x0, 0x2, 0xffffffffffffffff, 0xb)
mmap$perf(&(0x7f0000c00000/0x400000)=nil, 0x400000, 0x3000002, 0x40032, 0xffffffffffffffff, 0x0)
mlock2(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0)
mlock2(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0)
r0 = fork()
r1 = userfaultfd(0x80000)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x543c04, 0x0)
r3 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r4 = dup3(r2, r3, 0x0)
write$binfmt_script(r1, &(0x7f0000000280)=ANY=[@ANYRESOCT=r3, @ANYRES32=r2, @ANYRESOCT, @ANYRESDEC, @ANYRESHEX=r4, @ANYRESDEC=r2], 0x9f)
munlock(&(0x7f0000ef1000/0x2000)=nil, 0x2000)
syz_io_uring_setup(0x2e00, &(0x7f0000000340)={0x0, 0x0, 0x20, 0xfffffffd, 0x2000037d}, &(0x7f0000ff3000/0x4000)=nil, &(0x7f0000eee000/0x8000)=nil, &(0x7f00000001c0), &(0x7f00000003c0))
mlock2(&(0x7f0000d03000/0x1000)=nil, 0x1000, 0x1)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000080)='freezer.parent_freezing\x00', 0x0, 0x0)
move_pages(r0, 0x2, &(0x7f0000000300)=[&(0x7f0000ffd000/0x1000)=nil, &(0x7f0000f10000/0x3000)=nil], &(0x7f00000000c0), &(0x7f0000000000), 0x0)
socket$caif_seqpacket(0x25, 0x5, 0x0)
get_robust_list(r0, &(0x7f0000000180)=&(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000000c0)}}, &(0x7f0000000200)=0xc)

[  466.891211][T16080] XFS: attr2 mount option is deprecated.
[  467.028191][T16094] loop4: detected capacity change from 0 to 16
[  467.143251][T16096] fuse: Bad value for 'fd'
08:22:48 executing program 4:
fcntl$F_GET_FILE_RW_HINT(0xffffffffffffffff, 0x40d, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r0 = getpid()
sched_setattr(0x0, &(0x7f0000000140)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0)
sched_setattr(r0, &(0x7f0000000240)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = open(&(0x7f0000000040)='./bus\x00', 0x1612c2, 0x0)
r4 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0)
sendfile(r3, r4, 0x0, 0x400000000001002a)
r5 = syz_mount_image$vfat(&(0x7f0000000400), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
r6 = openat(r5, &(0x7f000000c380)='./file0\x00', 0x84842, 0x0)
write(r6, &(0x7f0000004200)='t', 0xfff4)
connect$packet(r6, &(0x7f0000000180)={0x11, 0x3, 0x0, 0x1, 0x0, 0x6, @remote}, 0x14)
sendmsg$NL80211_CMD_SET_INTERFACE(0xffffffffffffffff, &(0x7f0000001840)={&(0x7f0000000080), 0xc, &(0x7f0000001800)={&(0x7f00000001c0)=ANY=[@ANYRES64, @ANYRESDEC, @ANYRES32=0x0, @ANYRES32], 0x60}, 0x1, 0x0, 0x0, 0x44090}, 0x0)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)

[  467.602454][T16080] XFS (loop3): no-recovery mounts must be read-only.
[  467.616394][T16092] loop1: detected capacity change from 0 to 270
08:22:48 executing program 0:
perf_event_open(&(0x7f0000000640)={0x2, 0x80, 0xd7, 0x0, 0x0, 0x0, 0x0, 0x2000000000, 0xa40a1, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x10000, 0x0, 0x0, 0x3, 0x1, 0xffffff7c, 0x3, 0x0, 0x2cf6ca54, 0x0, 0x7}, 0x0, 0x2, 0xffffffffffffffff, 0xb)
mmap$perf(&(0x7f0000c00000/0x400000)=nil, 0x400000, 0x3000002, 0x40032, 0xffffffffffffffff, 0x0)
mlock2(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0)
mlock2(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0)
r0 = fork()
r1 = userfaultfd(0x80000)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x543c04, 0x0)
r3 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r4 = dup3(r2, r3, 0x0)
write$binfmt_script(r1, &(0x7f0000000280)=ANY=[@ANYRESOCT=r3, @ANYRES32=r2, @ANYRESOCT, @ANYRESDEC, @ANYRESHEX=r4, @ANYRESDEC=r2], 0x9f)
munlock(&(0x7f0000ef1000/0x2000)=nil, 0x2000)
syz_io_uring_setup(0x2e00, &(0x7f0000000340)={0x0, 0x0, 0x20, 0xfffffffd, 0x2000037d}, &(0x7f0000ff3000/0x4000)=nil, &(0x7f0000eee000/0x8000)=nil, &(0x7f00000001c0), &(0x7f00000003c0))
mlock2(&(0x7f0000d03000/0x1000)=nil, 0x1000, 0x1)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000080)='freezer.parent_freezing\x00', 0x0, 0x0)
move_pages(r0, 0x2, &(0x7f0000000300)=[&(0x7f0000ffd000/0x1000)=nil, &(0x7f0000f10000/0x3000)=nil], &(0x7f00000000c0), &(0x7f0000000000), 0x0)
socket$caif_seqpacket(0x25, 0x5, 0x0)
get_robust_list(r0, &(0x7f0000000180)=&(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000000c0)}}, &(0x7f0000000200)=0xc)

08:22:48 executing program 3:
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0)
pselect6(0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)={0x77359400}, 0x0)

08:22:48 executing program 2:
syz_open_procfs(0x0, &(0x7f0000000040)='mounts\x00')
syz_open_procfs(0x0, &(0x7f0000000000)='mountstats\x00')
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000))
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000001c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1003]})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000140)={[{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}]})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000056f000/0x18000)=nil, &(0x7f0000000080)=[@text32={0x20, &(0x7f00000000c0)="66ba4000b0c2ee66bad104b829280000efea0e0000000a00b8050000000f23d80f21f835c00000a00f23f8653e65f30f21c62e0fae2b0f01c2b8060000000f23d00f21f835200000000f23f8c4c3a1cf830000000002d9f7", 0x58}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  468.039097][T16132] loop4: detected capacity change from 0 to 16
[  468.164325][   T26] audit: type=1800 audit(1632817368.970:31): pid=16132 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.4" name="file0" dev="loop4" ino=11 res=0 errno=0
08:22:50 executing program 1:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0xc, 0x8d}, 0x0)
r0 = getpid()
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
sched_setattr(0x0, &(0x7f0000000140)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0)
setrlimit(0x0, 0x0)
sched_setattr(r0, &(0x7f0000000240)={0x38, 0x0, 0x0, 0x0, 0x5}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
ioctl$IOC_PR_RESERVE(0xffffffffffffffff, 0x401070c9, &(0x7f0000000080)={0x20, 0x81, 0x1})
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = syz_mount_image$vfat(&(0x7f0000000440), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400028001000240000004f801", 0x17}, {0x0, 0x0, 0x10e00}], 0x0, &(0x7f0000000500)=ANY=[])
mkdirat(r3, &(0x7f00000002c0)='./file0\x00', 0x108)
recvmmsg(0xffffffffffffffff, &(0x7f0000000180), 0x0, 0x100, &(0x7f00000001c0)={0x0, 0x3938700})
prlimit64(0x0, 0xd, &(0x7f0000000040)={0x9, 0x7}, &(0x7f0000000180))

08:22:50 executing program 5:
syz_mount_image$reiserfs(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, &(0x7f0000000000), 0x0, &(0x7f0000000040)={[{@grpjquota, 0x3d}], [{@pcr}]})

08:22:50 executing program 0:
perf_event_open(&(0x7f0000000640)={0x2, 0x80, 0xd7, 0x0, 0x0, 0x0, 0x0, 0x2000000000, 0xa40a1, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x10000, 0x0, 0x0, 0x3, 0x1, 0xffffff7c, 0x3, 0x0, 0x2cf6ca54, 0x0, 0x7}, 0x0, 0x2, 0xffffffffffffffff, 0xb)
mmap$perf(&(0x7f0000c00000/0x400000)=nil, 0x400000, 0x3000002, 0x40032, 0xffffffffffffffff, 0x0)
mlock2(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0)
mlock2(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0)
r0 = fork()
r1 = userfaultfd(0x80000)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x543c04, 0x0)
r3 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r4 = dup3(r2, r3, 0x0)
write$binfmt_script(r1, &(0x7f0000000280)=ANY=[@ANYRESOCT=r3, @ANYRES32=r2, @ANYRESOCT, @ANYRESDEC, @ANYRESHEX=r4, @ANYRESDEC=r2], 0x9f)
munlock(&(0x7f0000ef1000/0x2000)=nil, 0x2000)
syz_io_uring_setup(0x2e00, &(0x7f0000000340)={0x0, 0xc9ba, 0x0, 0xfffffffd, 0x2000037d}, &(0x7f0000ff3000/0x4000)=nil, &(0x7f0000eee000/0x8000)=nil, &(0x7f00000001c0), &(0x7f00000003c0))
mlock2(&(0x7f0000d03000/0x1000)=nil, 0x1000, 0x1)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000080)='freezer.parent_freezing\x00', 0x0, 0x0)
move_pages(r0, 0x2, &(0x7f0000000300)=[&(0x7f0000ffd000/0x1000)=nil, &(0x7f0000f10000/0x3000)=nil], &(0x7f00000000c0), &(0x7f0000000000), 0x0)
socket$caif_seqpacket(0x25, 0x5, 0x0)
get_robust_list(r0, &(0x7f0000000180)=&(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000000c0)}}, &(0x7f0000000200)=0xc)

08:22:50 executing program 4:
fcntl$F_GET_FILE_RW_HINT(0xffffffffffffffff, 0x40d, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r0 = getpid()
sched_setattr(0x0, &(0x7f0000000140)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0)
sched_setattr(r0, &(0x7f0000000240)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = open(&(0x7f0000000040)='./bus\x00', 0x1612c2, 0x0)
r4 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0)
sendfile(r3, r4, 0x0, 0x400000000001002a)
r5 = syz_mount_image$vfat(&(0x7f0000000400), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
r6 = openat(r5, &(0x7f000000c380)='./file0\x00', 0x84842, 0x0)
write(r6, &(0x7f0000004200)='t', 0xfff4)
connect$packet(r6, &(0x7f0000000180)={0x11, 0x3, 0x0, 0x1, 0x0, 0x6, @remote}, 0x14)
sendmsg$NL80211_CMD_SET_INTERFACE(0xffffffffffffffff, &(0x7f0000001840)={&(0x7f0000000080), 0xc, &(0x7f0000001800)={&(0x7f00000001c0)=ANY=[@ANYRES64, @ANYRESDEC, @ANYRES32=0x0, @ANYRES32], 0x60}, 0x1, 0x0, 0x0, 0x44090}, 0x0)

08:22:50 executing program 3:
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, 0x0)
ioctl$BTRFS_IOC_INO_LOOKUP_USER(0xffffffffffffffff, 0xd000943e, &(0x7f0000055840)={0x0, 0x0, "6dd57f3df9b00c2efa38788ffc87417e23688d876b3e4000b6def14fa094f887fee8faff0884a1bf150e96fd5b3c1749185e704cf15cb26dbce0c3e19984abdab127810ac3edd19654b468be7a5a938ae141fcc17d8a683d2b33da41850790a603b6c753f8f8ce5d9b5e7b2db7f0d53fa525fc28c5f2e34ea8ffc4b9ddc2b048ad03e73c062bdf2795a72229fac6b8e1620b9d450144f21bd4b7605e03e159ac863e7fa7b03be23e0f4cfcf357ddd77dfb3aa77806f958155958a125fa66086154f25acce5d1269e9d4bf6ebcef081764ea88121a177da56c4e8642b78282e0374057ab28a1317708797aa0025561fa7cf812bba01ad8a7e8d370c680e7caa03", "117e0828299a3626ecbc0fe9d4a53cfcbc38a5d9fbbf9134af75eda6c0e101da506493a609a80367be52ffd384ab04adeeb6dcefe9a960d99efc44ad7b8607c3b2f18ec28f40490c9ce77abd990fbf555ebfcd74a01d1eea3f4c77907b9393609d8c5296062ede3344140116a1cf7f75d10ee9354d357c36d1b05a7b509f34c825d473df6c1369cd7c14b11bc0a7d118f06bfb9443c5c58f304cf7bef8e6e41311b8bb712e6e4d261474e04c55d64791b349ff397e4c4283c881246edd7a5b9adf2cd69f1eb603c004e728948f52bcbb7037a1fcc85702d2f8da7eaf999b3b6ee5ae5818aabfc7fbb0b71ab29f315878f6d5bb3c8d74787c325a1736e4fe7ae60efdda957d7f47dc6379965314da043aaa1621019674b2d016f99ee694f067062e59ae528b890a49ff0cd942fb10a84cd24474d2297d75f4d5d6f77fd9533042a42e6e42e7e0620e63635caf6908a174906ed33212c6a53c94c29cc32b6e8efd4e0fccfb6ed896aee7c78df6b3e3211acbdbcc534de41f2dd4d90c89148ac97e7d55b0a84a5ccb79920dc7a394af1081b98286e09b4cd74b6701c08bcde729dcdcde3d92e9f72d84098bdf81a039e3a6919b21f89d62488eab1c0587500c9e9a89ab175cd4dcc86f3bb95664140376845fd10f24471d7abd9ec7987142923af9c19b17c89170792cccbe926012a439806f2aa074ed612025fe9211c739deb0ff2832b7fa4bda706cd3103194311ea6f3ed0755f0efd6206dd6ca81f7a70734d11f7b3dbf9ee16b9e9e067a15343c7288a7a533041674ed36c2283bdcb7018b5bd6e55ce459c027751a2cf69f4f5b7fea4352b9ecd01eecca1cdf0e5f6b8bf8b2f29997fdcc48ed91f8a4ac7168686b4b35f3e8c7baff0d4523d46e4ed7b5be727e5f82d6fb504cde80d3ac91351837b83559459952ab366a76d6bb422a9b73c27347441621e5587433e1bf599b8c3c879ca952ddaf08e26dd1811b5b15339a8032e33227267c958da3ad32a656cf816fa972e06591511299209535a70348cb9c59d2b07b38b1eaf7d24fe3581913ab2a64bc305b8e56ffaa78c47c8b47f6b84a392a9ccee23a88359adede679d806f6348276b35478d5d39edf77e0f0e8db8851fc4a673a6f3972554ff5f104a64c2a409c0770517a1b463791db514b070aa583600beddc4de6f9eeddcdadb0d0f7981309222e958d23c59d03162da9dca428de71ee8376c17fa5043b33223396fc5a2c9149b2d727f18038a968a4061cf6e99a5e3457451c5490c52fd176a5e800190b7f331ac53714521b5785386e4655bdce7a49c2c7ab4ba99cdd286244bcb100431467a57dcc621ed37d0a5eac82a8a8a9768a4c1b646b7ca345e77cf3f374d655cff377f0c46a96966b0364630204efec55a1b2bc15dcaa4a7e839ca5613ca851ee0b34bc810fc51f892dbb03f42f08709a24e1a53bcdb093558451cc52a9c4ae65b233a302bc933519f652e733b1bf90f608440120ffd99f3445b9312841218562fe9ee9121b035edec71a1a2845d83402089097691cd81220b7ec7b8eaf01a83d674ac3fe4036e31fea414babd0fa1b3e88c6ec3c93e106902c694f944bd2f943d0ed70e8c84d11ac5aada2a6e41e51e06d43a0fde1eb70a05abbe7cd358163fd9e85be83efc0c348ed9ce6be9dbd77613d88b6d7ae7604eac17a2e2634f9f2ea0916c4a667fd779dc31f2b0437e039dc84446a0ca581991e3410d533376c07e7f305fc1c38bda9fa2ac4f84fda9ccc4dfd532d05924293c13416b5f68d884570af46dd7f8c7417b632a6366cad63dcd63f6d53021843033b8ec763d7cca8d315c7ffe223529ac8a50b35a505fabce2e188249b6c6b96de18346bcfef4abc56bf0c5159124a91d2f28eb5fdbde206beb06ab229f7b188384d0458ab54eafc140707b185f753b46459f97c5be71342a451fa557e6c7199e4c0f664194292158c91f1ed3fb21032b08e811d522b2c9dcf43ab1b5caa5b2d9d179d5f53eed134aa5960cecdbc44297d5c0195c2e272b8e17feb7ac3a58dde9e80f69e6dee46b0c6999fd305daad3b792b087b56c24f037bd16d7fd8345b7c38aacff6b6275e6471738f6b6c6b8cee3b01b23a3ddc2cc1ca3c3f381250bd0ded7b60c0bd0858e60c0f68b28a3167bdaa1909a25d0bb44bf29f4376e22919195130287762f76ce088347bad39b520fbb00d8a2b4a1c70761f5d51d3544d9005e0a021ff2929ec507ce65988f9060301f1d17ca77dd4df2701f871b87735cc9510568f34273a5633f4c9f5273329ccd1116608085cda5d5b8638f8aced43b7f709e8abc5cf05abc1b85685ad682b0fb6a3eb23ed97db02230b94d6030e3f9baf66f647b245a35cb200bdd2842d67bda9fc5421b77799b71536a2f9f827da84564a35388d2461f42ae658baaf6913dc60ee88c2324a4ee861ff4f507c1fa9cba3db9584580f92a548575cceee58a0816d288358629d9a35a054eeb720694e470d8e85bdaa07635d80cf58c1fdcc02117046db18577f5ac5c04749881f9a38a76c986b9327c89205a7360ba6082d4a1690b7145f437baad796bd0c88e5a9ef36ba19f41e6f6e7178885e12535dff9d0b49f00b751a4f03b6a89e7a49768e8b4896d335e832ae0b6d14a7b13f4f37f3b9d45b430cc590c4ae230a242748395b7cc01c902d6be0197320615e38ead04fee70ac152e50cbb9b29ea3408b2109d3b1ddcee846f3ccd28758e207f63f2558d16ea1f5bc357027ba0b626b6ffc8bdeffe5f700bcdd0c6295db1c3e647fff8b9ee8a033a1946437b4a87ce0ae291bdaadc131e4eceb84dc5474f3f13c902e2fdc7c225cb2d6733c30648c02681b98b3de1e74c5d2ac417eced009b5ad74dcad77c469801b808c8a2c4f00bac3959349e0b0014d797645c61b8c59d71c9dfa37742087a0d6f9fa17a58188a38b8e4c78c65f3b771b056ada0f591a4c77e54136cd71bbcc2e4c4b8b4332b49d4a75beac9af8c560dc322297e9c2b8072cc3b7e638f2bfdcd8454e52476fa3eb381178511d1b1473ca7fbd0da5266775d160fd5a573ccda6cb7788609f928dc3319d287055cf20ce14577aa81a3f74fcc984270cd5b3bf4b8fc4d8ac09995153c07d74f1fde1c52129d37fd66baed55792a32648b0014bff1909a769be2c1414eb51c3a77298d15c09709a0ff96cfef28e16542b8151ac65c274b6870f5009da043adfc9df43726a1ef889cfee31226e868573466dda72a67d5a4608840582f3bdd55f60f3b1f9920d4fe280a51297bb6a3ca97faacf48c38fb3b52e280adbba432c37b5db4fb61bf8e69caf5ffcee4781e43edde5eee283e9a8af908a6437d16cd13398444bf7797625bfa90c129b868b0677c01ce1c3ddc84b8ce868310c3016b70c6f42d15e5304a0e754098d6b59f3556b9ee1d42f63c7461a94a46232e05b8b4034146120dc0629e8f0e8eda4e121212a33ca45da95e8535b3150b8a9be73481f7fa3a8e9977e2dc035b0a14a80a2f8712ed64934d1e6caa81e0965d2fc9fdc0e9308cca1796af9132a9a2f7a4cffcb91b2182ebdffbcc52a4c9eacbd8a1397ea15f95049f3599f573deff167f0192993a12871393eaf8f2033db40ac925b1264733c64db2f7379ccdbd39043e773ad50ee5993f5ab267177a729120345e486175730ecb435bf049019932c0c085a714c14320dac68f27c22cd03ebff56531a980cfc6aa4c5303b177e608419d556498eab6caddc130a02afebe80ccd6f1c2e5058801e2f4d540e019864c20818de00ee708fda72355cfeb88ce58220f6d83fde21ee2d4b3a79322029edbeaeaad5acb20da5d03d5f2851a53c33ad7aef66dfcdb52c8fb6a6c80afb44f408bfc6822b3e58626375c1eccc801795649c72a22b498e39eacd0f41a3c85d4460ebb45d8d2655dfd6737ce0e369a2bd17f2abea183bf77138ecc257377d347c1399771e3aa4bfd9b89bc9b8223b50c73155387d9e2b8192fda263021f558be2a0a83f35715b24848863e4291ae37af7f7a52f393754d3872aefff1bc07171142804915c48a198b8ed4286aa659b9f799d0600432a3b2b67a467bb617c3c00fe364a85dbd66105d76f01122f7633ab73f387d7baa5ba726d564fe952ec8344fe8fc8379bb59dfb27c8e1aef1192c39a3407c5b3515c6c9b045e66b1be99e1889c3c9b2db071db400c0b134e328c2aa8e25801b8c1944f649ad59a374d7fab15ecf2405f5deafeaa6f06d7ef254e35375f048d68d8e9a8129b0c67a62c420899500ce9fd80dba3b52695e94455c486ccf7751473f9dc14ac6f0b27996d9e44290520923dd045bf64d5bdec525a268dded15c21ccf2daa4868c34019f78867fc0211b20820eeccf1cac7cf992dba2d6ef1b5ad380b441463f125f1ceed4c357daa723494eadae96cf2351a9cb4460d102dc1b22839466eaaf8f2d0ac1601a37b80d19d2f39d6cb63aca0d3074a81a01751aac8a5a840599d6aa29e849bec42173bb7dafb851b9404165301765ada93bc6701c5bcbda31cded7ebfe90a38122bf55bf58d6dc8129f8c76cbed8d73eb6a204891a2cdd73140a2eb595e1600a97333ea80ad6650ab4a19425b053a624b3e2ce2c2e402446372ff8c63dc17cf3fd58158e0916e77bff1a5b9be613791b51060bc5f7a6dfa63fa858ada3d7c66576362b7e2236f3e1ab771af44fdadb4c1617f01b416ff39ac98885f3f2a6d010f75ce6acec54480d760cbbde853ce687900d60ae9464237a6d06dc97d7013cf60771dfed6a0ac531a9f43a64a2e2b246fef295ad1e2ebd26c26aa5ef0761c4318a8923c738c052de06385384cc98ce51527abce60a1abd55586e614f03e526a01d92c809ea0e26f374de15ce86c7af7f674a0ee0e71432d9ff1b2f06421d36dc5ba7d47ba322055f4bc5bc2a62a9064f209c5c6bbf9bf117bc919d3f181045134fb4d84f1ef6034e78eb692fc7b557a3a61b26b67fb58c1f8d2207d40f03403979b2629653ba05b2416ef8ea653eeaa93d909891d94e2cae45bf603207020d1733eac9d588c2aded6a406909e296f0891ff45bbb89be4038e7f5146497c4b2d5fd64e72411374ea3856078f372e4fbb3646d5d2f7369e2d28e9fcd7258e8010701250e2f3e7c71ddb5cf603b2c1c6d8562c6e92124a9a8968c60e4ecee39bc96899f449ec0eb23191d0fb684b42d143d0f779ef5d407ee0d266efba39ec411364d549c7eee3af97a57233620d831af440f0f586531e5424b676604179d6413e4ed01bc4385d1ff1c36f1404993065333ec79698693dc6863fa34b88cc688aab9cab17df98af972cc7b5932704662a1f53aa15fa0f4b7465cebe39e07b46391a9cae1d301b1f4c110139375094a69edd3f5e0c43843016d1281295af78b18b00d58934ff16"})
clone(0x3106000ffd, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
perf_event_open(&(0x7f000001d000)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet6(0xa, 0x2, 0x0)
sendmmsg$inet6(r0, &(0x7f00000025c0)=[{{&(0x7f0000000180)={0xa, 0x4e20, 0x0, @dev}, 0x1c, &(0x7f00000013c0)=[{&(0x7f00000001c0)="85525f6b0196a105342ca2c910a031", 0xf}, {&(0x7f0000000240)="f1348694b932cfbbab283c8be2797df57e39d64989c3ed83d71c62f61bd032ff68bb18ff40a18a99d2ac03bb6cdc09e8ce6ad932837d6e0612e0b53cb78c0bd7d52a40d252ced3da01379a62632d2267e555bac364a3df956f9850e36c87cbba70bd66da0f2356d01d32985012495b59a7e4e4cdc7313cb7b12890e00365d574c6804c34f31598df58f49d03845ca84d40b0b46e77f7b64e908d25f5eee7e8235adcf69adf030b73ca8e9d1c959b3994383824978102647ef1d1b0f16b762f26be7cdeb4325f3a383ee43f7c363dc0da55241ec1d97b", 0xd6}, {&(0x7f0000000340)="77a841e4d9aa8a158e7785f3ddbbc2a8821606282b01260d16a74edb09dbe0d350cb95ed7bdc44c46fd75a40c9bd3a9672ac61e390de5b1158ed900f471501da829d0a9e7c89d6133fb8db", 0x4b}, {&(0x7f00000003c0)="94ea8c53b91a0dec7c1eed18c481de6d05bca48959447ea3fe2726b397decaa75797dadf7ff7aec6042a996d16a76bbe78422ac8fb8da7f126762f66f7e4aa4ddbe55e1b83ea4a1b543b82811999850c3d18b4d1134fbf7b9e638e71b577d47712a55ba79b91c20eafea77de09f76be1dc09cf6965091469d1f5f6b88df3a3bc19063b6466d390d3c1e530446215cdd095bc21ff638ad846075213122189e93a4d009200104b6cf871f3a2c36ccdf93fcff3407ca36feb2488d0e6ddb9c9709915c9c7a3e905bb0ba800d5127bff5dd06b9cfe4de9530c2c0b2e1f578f426c69944c26dcaf54159856cf8c9a169546a1fa59e87f759cc03c3fc2c9e186edb3ae0c27880289c0f7b52da7feb6e8bbfaf6bce2c32e69ba61ef3aa418c115ebddd1c01541f7e8c4451444045b525560ee6bd9fcb28084a5ce9ffb8bbf529fe66216e6b4cd0c427882262afcc0b829e46881693ddc7aecb6e9b3d66c3ac223a43358b841d421ad1d378ee6789512ee237de757c8e21234a7699839f0bcc9acdcd16d19776c32968771f9be8bb95a5c6c8812556ae9a8ec328e009127bf4068b9e6eb032d0c3348bee4802bec20da445d419a62dde19566e5c03279be2896d905ad51336cf6c4d84bbc2cd43c3e5ed4701700273bbfb68ad12915e89e9bb5158673275e08b994e923e844652fc6a05af4c15d3a453d9152df7bd4153584bffa51ce848639d51ebd367616605e83a25caf3a87fa83cfc9e6636a81cabc1e84aac677bc9f3ef8ca5695bc87fd504c669c1fc6bea410e1d7e464a189d9b4dbb6921f1e29024ca8136314842ab153794f62e6fb64f16951d8aabf02583a69b59bd5e477fc6bf5919595f9a266d1c485fe43021139145dca2d652cc136b50c2b2df0b9cbd57f32a7620ae26e6ec2d25dd371189a49af434067c03d799770edf2b03f06b963f8b4856d92364ee33b13a9d9d9edc62304b8fe2082083a82e3b95dd55118d5533fbd847d2728f36f1df09c318d44e6895b03d55bceecb48d22caf5cb51772c3107629f258a1ba5eafb18e3fdcbe35708e380081c1ec16af0967842e72a432e0e5ecc464ddcbed7edc7b8f9f08cf3919d77c6b6798da95afee6473b3d6bcd494f51c227b8cfa26e1282a0ce9a830796e2589d8ce21e62c2c7b61ca7dba909885b0acaed902cfafdf759664ff24bd9c01982eacb1eaf2451c4ed7b35ff3d1695088b796cdb98a2742f0038209e57cfda33de2f23fb4ff7e8dd0be9859bea21d3d24e5554b2f1ab40053a115e808edf25a4d231b22c07d98269f98125fcbad42f81fd7c5083df4264a39330a51b95a78723a1d42e71237ce9254f76d5cd7d0c457f64d8d9ac3dba9720fb79cb4cf9cf002d1b21d0b82490c12c60d9ba490e5eb10001c7356be340e67319db255238da8a819cf10a8b57181b3612ba584bb7b1ce5a36f0b351db034295dcb75287456bdd91eb3f62ad329df151abf04ed2f53945c50a6d8b8ec449d62e3b25a50fae83ce708a1078b28af8b857b11d55e421f72ff4eb1232750607a727f67dbd01cf6a66c3a1485b4070a7ce122ddd254a441a5d4652580889", 0x464}], 0x4, &(0x7f0000001440)=ANY=[@ANYBLOB="300000000000000029000000030000000002000000f2658bbe68095858c5bb000000c910ff0200000000000f00000000"], 0x30}}, {{0x0, 0x0, &(0x7f00000016c0)=[{&(0x7f0000001500)="e6", 0x1}], 0x1}}], 0x4000393, 0x2004c840)
r1 = openat$cgroup_type(0xffffffffffffffff, &(0x7f0000000000), 0x2, 0x0)
readv(r1, &(0x7f0000000b00)=[{&(0x7f0000000040)=""/44, 0x2c}, {&(0x7f0000000080)=""/133, 0x85}, {&(0x7f0000002640)=""/4096, 0x1000}, {&(0x7f0000000840)=""/251, 0xfb}, {&(0x7f0000000940)=""/139, 0x8b}, {&(0x7f0000000140)=""/10, 0xa}, {&(0x7f0000000200)=""/62, 0x3e}, {&(0x7f0000000a00)=""/96, 0x60}, {&(0x7f0000000a80)=""/109, 0x6d}], 0x9)
r2 = gettid()
tkill(r2, 0x3c)

08:22:50 executing program 2:
syz_open_procfs(0x0, &(0x7f0000000040)='mounts\x00')
syz_open_procfs(0x0, &(0x7f0000000000)='mountstats\x00')
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000))
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000001c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1003]})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000140)={[{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}]})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000056f000/0x18000)=nil, &(0x7f0000000080)=[@text32={0x20, &(0x7f00000000c0)="66ba4000b0c2ee66bad104b829280000efea0e0000000a00b8050000000f23d80f21f835c00000a00f23f8653e65f30f21c62e0fae2b0f01c2b8060000000f23d00f21f835200000000f23f8c4c3a1cf830000000002d9f7", 0x58}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  469.973976][T16177] loop4: detected capacity change from 0 to 16
08:22:51 executing program 4:
fcntl$F_GET_FILE_RW_HINT(0xffffffffffffffff, 0x40d, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r0 = getpid()
sched_setattr(0x0, &(0x7f0000000140)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0)
sched_setattr(r0, &(0x7f0000000240)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = open(&(0x7f0000000040)='./bus\x00', 0x1612c2, 0x0)
r4 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0)
sendfile(r3, r4, 0x0, 0x400000000001002a)
r5 = syz_mount_image$vfat(&(0x7f0000000400), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
r6 = openat(r5, &(0x7f000000c380)='./file0\x00', 0x84842, 0x0)
write(r6, &(0x7f0000004200)='t', 0xfff4)
connect$packet(r6, &(0x7f0000000180)={0x11, 0x3, 0x0, 0x1, 0x0, 0x6, @remote}, 0x14)
sendmsg$NL80211_CMD_SET_INTERFACE(0xffffffffffffffff, &(0x7f0000001840)={&(0x7f0000000080), 0xc, &(0x7f0000001800)={&(0x7f00000001c0)=ANY=[@ANYRES64, @ANYRESDEC, @ANYRES32=0x0, @ANYRES32], 0x60}, 0x1, 0x0, 0x0, 0x44090}, 0x0)

08:22:51 executing program 0:
perf_event_open(&(0x7f0000000640)={0x2, 0x80, 0xd7, 0x0, 0x0, 0x0, 0x0, 0x2000000000, 0xa40a1, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x10000, 0x0, 0x0, 0x3, 0x1, 0xffffff7c, 0x3, 0x0, 0x2cf6ca54, 0x0, 0x7}, 0x0, 0x2, 0xffffffffffffffff, 0xb)
mmap$perf(&(0x7f0000c00000/0x400000)=nil, 0x400000, 0x3000002, 0x40032, 0xffffffffffffffff, 0x0)
mlock2(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0)
mlock2(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0)
r0 = fork()
r1 = userfaultfd(0x80000)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x543c04, 0x0)
r3 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r4 = dup3(r2, r3, 0x0)
write$binfmt_script(r1, &(0x7f0000000280)=ANY=[@ANYRESOCT=r3, @ANYRES32=r2, @ANYRESOCT, @ANYRESDEC, @ANYRESHEX=r4, @ANYRESDEC=r2], 0x9f)
munlock(&(0x7f0000ef1000/0x2000)=nil, 0x2000)
syz_io_uring_setup(0x2e00, &(0x7f0000000340)={0x0, 0xc9ba, 0x0, 0xfffffffd, 0x2000037d}, &(0x7f0000ff3000/0x4000)=nil, &(0x7f0000eee000/0x8000)=nil, &(0x7f00000001c0), &(0x7f00000003c0))
mlock2(&(0x7f0000d03000/0x1000)=nil, 0x1000, 0x1)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000080)='freezer.parent_freezing\x00', 0x0, 0x0)
move_pages(r0, 0x2, &(0x7f0000000300)=[&(0x7f0000ffd000/0x1000)=nil, &(0x7f0000f10000/0x3000)=nil], &(0x7f00000000c0), &(0x7f0000000000), 0x0)
socket$caif_seqpacket(0x25, 0x5, 0x0)
get_robust_list(r0, &(0x7f0000000180)=&(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000000c0)}}, &(0x7f0000000200)=0xc)

[  470.773244][T16196] loop1: detected capacity change from 0 to 270
08:22:51 executing program 3:
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, 0x0)
ioctl$BTRFS_IOC_INO_LOOKUP_USER(0xffffffffffffffff, 0xd000943e, &(0x7f0000055840)={0x0, 0x0, "6dd57f3df9b00c2efa38788ffc87417e23688d876b3e4000b6def14fa094f887fee8faff0884a1bf150e96fd5b3c1749185e704cf15cb26dbce0c3e19984abdab127810ac3edd19654b468be7a5a938ae141fcc17d8a683d2b33da41850790a603b6c753f8f8ce5d9b5e7b2db7f0d53fa525fc28c5f2e34ea8ffc4b9ddc2b048ad03e73c062bdf2795a72229fac6b8e1620b9d450144f21bd4b7605e03e159ac863e7fa7b03be23e0f4cfcf357ddd77dfb3aa77806f958155958a125fa66086154f25acce5d1269e9d4bf6ebcef081764ea88121a177da56c4e8642b78282e0374057ab28a1317708797aa0025561fa7cf812bba01ad8a7e8d370c680e7caa03", "117e0828299a3626ecbc0fe9d4a53cfcbc38a5d9fbbf9134af75eda6c0e101da506493a609a80367be52ffd384ab04adeeb6dcefe9a960d99efc44ad7b8607c3b2f18ec28f40490c9ce77abd990fbf555ebfcd74a01d1eea3f4c77907b9393609d8c5296062ede3344140116a1cf7f75d10ee9354d357c36d1b05a7b509f34c825d473df6c1369cd7c14b11bc0a7d118f06bfb9443c5c58f304cf7bef8e6e41311b8bb712e6e4d261474e04c55d64791b349ff397e4c4283c881246edd7a5b9adf2cd69f1eb603c004e728948f52bcbb7037a1fcc85702d2f8da7eaf999b3b6ee5ae5818aabfc7fbb0b71ab29f315878f6d5bb3c8d74787c325a1736e4fe7ae60efdda957d7f47dc6379965314da043aaa1621019674b2d016f99ee694f067062e59ae528b890a49ff0cd942fb10a84cd24474d2297d75f4d5d6f77fd9533042a42e6e42e7e0620e63635caf6908a174906ed33212c6a53c94c29cc32b6e8efd4e0fccfb6ed896aee7c78df6b3e3211acbdbcc534de41f2dd4d90c89148ac97e7d55b0a84a5ccb79920dc7a394af1081b98286e09b4cd74b6701c08bcde729dcdcde3d92e9f72d84098bdf81a039e3a6919b21f89d62488eab1c0587500c9e9a89ab175cd4dcc86f3bb95664140376845fd10f24471d7abd9ec7987142923af9c19b17c89170792cccbe926012a439806f2aa074ed612025fe9211c739deb0ff2832b7fa4bda706cd3103194311ea6f3ed0755f0efd6206dd6ca81f7a70734d11f7b3dbf9ee16b9e9e067a15343c7288a7a533041674ed36c2283bdcb7018b5bd6e55ce459c027751a2cf69f4f5b7fea4352b9ecd01eecca1cdf0e5f6b8bf8b2f29997fdcc48ed91f8a4ac7168686b4b35f3e8c7baff0d4523d46e4ed7b5be727e5f82d6fb504cde80d3ac91351837b83559459952ab366a76d6bb422a9b73c27347441621e5587433e1bf599b8c3c879ca952ddaf08e26dd1811b5b15339a8032e33227267c958da3ad32a656cf816fa972e06591511299209535a70348cb9c59d2b07b38b1eaf7d24fe3581913ab2a64bc305b8e56ffaa78c47c8b47f6b84a392a9ccee23a88359adede679d806f6348276b35478d5d39edf77e0f0e8db8851fc4a673a6f3972554ff5f104a64c2a409c0770517a1b463791db514b070aa583600beddc4de6f9eeddcdadb0d0f7981309222e958d23c59d03162da9dca428de71ee8376c17fa5043b33223396fc5a2c9149b2d727f18038a968a4061cf6e99a5e3457451c5490c52fd176a5e800190b7f331ac53714521b5785386e4655bdce7a49c2c7ab4ba99cdd286244bcb100431467a57dcc621ed37d0a5eac82a8a8a9768a4c1b646b7ca345e77cf3f374d655cff377f0c46a96966b0364630204efec55a1b2bc15dcaa4a7e839ca5613ca851ee0b34bc810fc51f892dbb03f42f08709a24e1a53bcdb093558451cc52a9c4ae65b233a302bc933519f652e733b1bf90f608440120ffd99f3445b9312841218562fe9ee9121b035edec71a1a2845d83402089097691cd81220b7ec7b8eaf01a83d674ac3fe4036e31fea414babd0fa1b3e88c6ec3c93e106902c694f944bd2f943d0ed70e8c84d11ac5aada2a6e41e51e06d43a0fde1eb70a05abbe7cd358163fd9e85be83efc0c348ed9ce6be9dbd77613d88b6d7ae7604eac17a2e2634f9f2ea0916c4a667fd779dc31f2b0437e039dc84446a0ca581991e3410d533376c07e7f305fc1c38bda9fa2ac4f84fda9ccc4dfd532d05924293c13416b5f68d884570af46dd7f8c7417b632a6366cad63dcd63f6d53021843033b8ec763d7cca8d315c7ffe223529ac8a50b35a505fabce2e188249b6c6b96de18346bcfef4abc56bf0c5159124a91d2f28eb5fdbde206beb06ab229f7b188384d0458ab54eafc140707b185f753b46459f97c5be71342a451fa557e6c7199e4c0f664194292158c91f1ed3fb21032b08e811d522b2c9dcf43ab1b5caa5b2d9d179d5f53eed134aa5960cecdbc44297d5c0195c2e272b8e17feb7ac3a58dde9e80f69e6dee46b0c6999fd305daad3b792b087b56c24f037bd16d7fd8345b7c38aacff6b6275e6471738f6b6c6b8cee3b01b23a3ddc2cc1ca3c3f381250bd0ded7b60c0bd0858e60c0f68b28a3167bdaa1909a25d0bb44bf29f4376e22919195130287762f76ce088347bad39b520fbb00d8a2b4a1c70761f5d51d3544d9005e0a021ff2929ec507ce65988f9060301f1d17ca77dd4df2701f871b87735cc9510568f34273a5633f4c9f5273329ccd1116608085cda5d5b8638f8aced43b7f709e8abc5cf05abc1b85685ad682b0fb6a3eb23ed97db02230b94d6030e3f9baf66f647b245a35cb200bdd2842d67bda9fc5421b77799b71536a2f9f827da84564a35388d2461f42ae658baaf6913dc60ee88c2324a4ee861ff4f507c1fa9cba3db9584580f92a548575cceee58a0816d288358629d9a35a054eeb720694e470d8e85bdaa07635d80cf58c1fdcc02117046db18577f5ac5c04749881f9a38a76c986b9327c89205a7360ba6082d4a1690b7145f437baad796bd0c88e5a9ef36ba19f41e6f6e7178885e12535dff9d0b49f00b751a4f03b6a89e7a49768e8b4896d335e832ae0b6d14a7b13f4f37f3b9d45b430cc590c4ae230a242748395b7cc01c902d6be0197320615e38ead04fee70ac152e50cbb9b29ea3408b2109d3b1ddcee846f3ccd28758e207f63f2558d16ea1f5bc357027ba0b626b6ffc8bdeffe5f700bcdd0c6295db1c3e647fff8b9ee8a033a1946437b4a87ce0ae291bdaadc131e4eceb84dc5474f3f13c902e2fdc7c225cb2d6733c30648c02681b98b3de1e74c5d2ac417eced009b5ad74dcad77c469801b808c8a2c4f00bac3959349e0b0014d797645c61b8c59d71c9dfa37742087a0d6f9fa17a58188a38b8e4c78c65f3b771b056ada0f591a4c77e54136cd71bbcc2e4c4b8b4332b49d4a75beac9af8c560dc322297e9c2b8072cc3b7e638f2bfdcd8454e52476fa3eb381178511d1b1473ca7fbd0da5266775d160fd5a573ccda6cb7788609f928dc3319d287055cf20ce14577aa81a3f74fcc984270cd5b3bf4b8fc4d8ac09995153c07d74f1fde1c52129d37fd66baed55792a32648b0014bff1909a769be2c1414eb51c3a77298d15c09709a0ff96cfef28e16542b8151ac65c274b6870f5009da043adfc9df43726a1ef889cfee31226e868573466dda72a67d5a4608840582f3bdd55f60f3b1f9920d4fe280a51297bb6a3ca97faacf48c38fb3b52e280adbba432c37b5db4fb61bf8e69caf5ffcee4781e43edde5eee283e9a8af908a6437d16cd13398444bf7797625bfa90c129b868b0677c01ce1c3ddc84b8ce868310c3016b70c6f42d15e5304a0e754098d6b59f3556b9ee1d42f63c7461a94a46232e05b8b4034146120dc0629e8f0e8eda4e121212a33ca45da95e8535b3150b8a9be73481f7fa3a8e9977e2dc035b0a14a80a2f8712ed64934d1e6caa81e0965d2fc9fdc0e9308cca1796af9132a9a2f7a4cffcb91b2182ebdffbcc52a4c9eacbd8a1397ea15f95049f3599f573deff167f0192993a12871393eaf8f2033db40ac925b1264733c64db2f7379ccdbd39043e773ad50ee5993f5ab267177a729120345e486175730ecb435bf049019932c0c085a714c14320dac68f27c22cd03ebff56531a980cfc6aa4c5303b177e608419d556498eab6caddc130a02afebe80ccd6f1c2e5058801e2f4d540e019864c20818de00ee708fda72355cfeb88ce58220f6d83fde21ee2d4b3a79322029edbeaeaad5acb20da5d03d5f2851a53c33ad7aef66dfcdb52c8fb6a6c80afb44f408bfc6822b3e58626375c1eccc801795649c72a22b498e39eacd0f41a3c85d4460ebb45d8d2655dfd6737ce0e369a2bd17f2abea183bf77138ecc257377d347c1399771e3aa4bfd9b89bc9b8223b50c73155387d9e2b8192fda263021f558be2a0a83f35715b24848863e4291ae37af7f7a52f393754d3872aefff1bc07171142804915c48a198b8ed4286aa659b9f799d0600432a3b2b67a467bb617c3c00fe364a85dbd66105d76f01122f7633ab73f387d7baa5ba726d564fe952ec8344fe8fc8379bb59dfb27c8e1aef1192c39a3407c5b3515c6c9b045e66b1be99e1889c3c9b2db071db400c0b134e328c2aa8e25801b8c1944f649ad59a374d7fab15ecf2405f5deafeaa6f06d7ef254e35375f048d68d8e9a8129b0c67a62c420899500ce9fd80dba3b52695e94455c486ccf7751473f9dc14ac6f0b27996d9e44290520923dd045bf64d5bdec525a268dded15c21ccf2daa4868c34019f78867fc0211b20820eeccf1cac7cf992dba2d6ef1b5ad380b441463f125f1ceed4c357daa723494eadae96cf2351a9cb4460d102dc1b22839466eaaf8f2d0ac1601a37b80d19d2f39d6cb63aca0d3074a81a01751aac8a5a840599d6aa29e849bec42173bb7dafb851b9404165301765ada93bc6701c5bcbda31cded7ebfe90a38122bf55bf58d6dc8129f8c76cbed8d73eb6a204891a2cdd73140a2eb595e1600a97333ea80ad6650ab4a19425b053a624b3e2ce2c2e402446372ff8c63dc17cf3fd58158e0916e77bff1a5b9be613791b51060bc5f7a6dfa63fa858ada3d7c66576362b7e2236f3e1ab771af44fdadb4c1617f01b416ff39ac98885f3f2a6d010f75ce6acec54480d760cbbde853ce687900d60ae9464237a6d06dc97d7013cf60771dfed6a0ac531a9f43a64a2e2b246fef295ad1e2ebd26c26aa5ef0761c4318a8923c738c052de06385384cc98ce51527abce60a1abd55586e614f03e526a01d92c809ea0e26f374de15ce86c7af7f674a0ee0e71432d9ff1b2f06421d36dc5ba7d47ba322055f4bc5bc2a62a9064f209c5c6bbf9bf117bc919d3f181045134fb4d84f1ef6034e78eb692fc7b557a3a61b26b67fb58c1f8d2207d40f03403979b2629653ba05b2416ef8ea653eeaa93d909891d94e2cae45bf603207020d1733eac9d588c2aded6a406909e296f0891ff45bbb89be4038e7f5146497c4b2d5fd64e72411374ea3856078f372e4fbb3646d5d2f7369e2d28e9fcd7258e8010701250e2f3e7c71ddb5cf603b2c1c6d8562c6e92124a9a8968c60e4ecee39bc96899f449ec0eb23191d0fb684b42d143d0f779ef5d407ee0d266efba39ec411364d549c7eee3af97a57233620d831af440f0f586531e5424b676604179d6413e4ed01bc4385d1ff1c36f1404993065333ec79698693dc6863fa34b88cc688aab9cab17df98af972cc7b5932704662a1f53aa15fa0f4b7465cebe39e07b46391a9cae1d301b1f4c110139375094a69edd3f5e0c43843016d1281295af78b18b00d58934ff16"})
clone(0x3106000ffd, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
perf_event_open(&(0x7f000001d000)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet6(0xa, 0x2, 0x0)
sendmmsg$inet6(r0, &(0x7f00000025c0)=[{{&(0x7f0000000180)={0xa, 0x4e20, 0x0, @dev}, 0x1c, &(0x7f00000013c0)=[{&(0x7f00000001c0)="85525f6b0196a105342ca2c910a031", 0xf}, {&(0x7f0000000240)="f1348694b932cfbbab283c8be2797df57e39d64989c3ed83d71c62f61bd032ff68bb18ff40a18a99d2ac03bb6cdc09e8ce6ad932837d6e0612e0b53cb78c0bd7d52a40d252ced3da01379a62632d2267e555bac364a3df956f9850e36c87cbba70bd66da0f2356d01d32985012495b59a7e4e4cdc7313cb7b12890e00365d574c6804c34f31598df58f49d03845ca84d40b0b46e77f7b64e908d25f5eee7e8235adcf69adf030b73ca8e9d1c959b3994383824978102647ef1d1b0f16b762f26be7cdeb4325f3a383ee43f7c363dc0da55241ec1d97b", 0xd6}, {&(0x7f0000000340)="77a841e4d9aa8a158e7785f3ddbbc2a8821606282b01260d16a74edb09dbe0d350cb95ed7bdc44c46fd75a40c9bd3a9672ac61e390de5b1158ed900f471501da829d0a9e7c89d6133fb8db", 0x4b}, {&(0x7f00000003c0)="94ea8c53b91a0dec7c1eed18c481de6d05bca48959447ea3fe2726b397decaa75797dadf7ff7aec6042a996d16a76bbe78422ac8fb8da7f126762f66f7e4aa4ddbe55e1b83ea4a1b543b82811999850c3d18b4d1134fbf7b9e638e71b577d47712a55ba79b91c20eafea77de09f76be1dc09cf6965091469d1f5f6b88df3a3bc19063b6466d390d3c1e530446215cdd095bc21ff638ad846075213122189e93a4d009200104b6cf871f3a2c36ccdf93fcff3407ca36feb2488d0e6ddb9c9709915c9c7a3e905bb0ba800d5127bff5dd06b9cfe4de9530c2c0b2e1f578f426c69944c26dcaf54159856cf8c9a169546a1fa59e87f759cc03c3fc2c9e186edb3ae0c27880289c0f7b52da7feb6e8bbfaf6bce2c32e69ba61ef3aa418c115ebddd1c01541f7e8c4451444045b525560ee6bd9fcb28084a5ce9ffb8bbf529fe66216e6b4cd0c427882262afcc0b829e46881693ddc7aecb6e9b3d66c3ac223a43358b841d421ad1d378ee6789512ee237de757c8e21234a7699839f0bcc9acdcd16d19776c32968771f9be8bb95a5c6c8812556ae9a8ec328e009127bf4068b9e6eb032d0c3348bee4802bec20da445d419a62dde19566e5c03279be2896d905ad51336cf6c4d84bbc2cd43c3e5ed4701700273bbfb68ad12915e89e9bb5158673275e08b994e923e844652fc6a05af4c15d3a453d9152df7bd4153584bffa51ce848639d51ebd367616605e83a25caf3a87fa83cfc9e6636a81cabc1e84aac677bc9f3ef8ca5695bc87fd504c669c1fc6bea410e1d7e464a189d9b4dbb6921f1e29024ca8136314842ab153794f62e6fb64f16951d8aabf02583a69b59bd5e477fc6bf5919595f9a266d1c485fe43021139145dca2d652cc136b50c2b2df0b9cbd57f32a7620ae26e6ec2d25dd371189a49af434067c03d799770edf2b03f06b963f8b4856d92364ee33b13a9d9d9edc62304b8fe2082083a82e3b95dd55118d5533fbd847d2728f36f1df09c318d44e6895b03d55bceecb48d22caf5cb51772c3107629f258a1ba5eafb18e3fdcbe35708e380081c1ec16af0967842e72a432e0e5ecc464ddcbed7edc7b8f9f08cf3919d77c6b6798da95afee6473b3d6bcd494f51c227b8cfa26e1282a0ce9a830796e2589d8ce21e62c2c7b61ca7dba909885b0acaed902cfafdf759664ff24bd9c01982eacb1eaf2451c4ed7b35ff3d1695088b796cdb98a2742f0038209e57cfda33de2f23fb4ff7e8dd0be9859bea21d3d24e5554b2f1ab40053a115e808edf25a4d231b22c07d98269f98125fcbad42f81fd7c5083df4264a39330a51b95a78723a1d42e71237ce9254f76d5cd7d0c457f64d8d9ac3dba9720fb79cb4cf9cf002d1b21d0b82490c12c60d9ba490e5eb10001c7356be340e67319db255238da8a819cf10a8b57181b3612ba584bb7b1ce5a36f0b351db034295dcb75287456bdd91eb3f62ad329df151abf04ed2f53945c50a6d8b8ec449d62e3b25a50fae83ce708a1078b28af8b857b11d55e421f72ff4eb1232750607a727f67dbd01cf6a66c3a1485b4070a7ce122ddd254a441a5d4652580889", 0x464}], 0x4, &(0x7f0000001440)=ANY=[@ANYBLOB="300000000000000029000000030000000002000000f2658bbe68095858c5bb000000c910ff0200000000000f00000000"], 0x30}}, {{0x0, 0x0, &(0x7f00000016c0)=[{&(0x7f0000001500)="e6", 0x1}], 0x1}}], 0x4000393, 0x2004c840)
r1 = openat$cgroup_type(0xffffffffffffffff, &(0x7f0000000000), 0x2, 0x0)
readv(r1, &(0x7f0000000b00)=[{&(0x7f0000000040)=""/44, 0x2c}, {&(0x7f0000000080)=""/133, 0x85}, {&(0x7f0000002640)=""/4096, 0x1000}, {&(0x7f0000000840)=""/251, 0xfb}, {&(0x7f0000000940)=""/139, 0x8b}, {&(0x7f0000000140)=""/10, 0xa}, {&(0x7f0000000200)=""/62, 0x3e}, {&(0x7f0000000a00)=""/96, 0x60}, {&(0x7f0000000a80)=""/109, 0x6d}], 0x9)
r2 = gettid()
tkill(r2, 0x3c)

08:22:51 executing program 2:
syz_open_procfs(0x0, &(0x7f0000000040)='mounts\x00')
syz_open_procfs(0x0, &(0x7f0000000000)='mountstats\x00')
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000))
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000001c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1003]})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000140)={[{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}]})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000056f000/0x18000)=nil, &(0x7f0000000080)=[@text32={0x20, &(0x7f00000000c0)="66ba4000b0c2ee66bad104b829280000efea0e0000000a00b8050000000f23d80f21f835c00000a00f23f8653e65f30f21c62e0fae2b0f01c2b8060000000f23d00f21f835200000000f23f8c4c3a1cf830000000002d9f7", 0x58}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

08:22:51 executing program 5:
syz_mount_image$reiserfs(&(0x7f00000000c0), 0x0, 0x0, 0x0, &(0x7f0000000000), 0x0, &(0x7f0000000040)={[{@grpjquota, 0x3d}], [{@pcr}]})

[  471.118148][T16213] loop4: detected capacity change from 0 to 16
[  471.207621][   T26] audit: type=1800 audit(1632817372.060:32): pid=16213 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.4" name="file0" dev="loop4" ino=12 res=0 errno=0
08:22:52 executing program 4:
fcntl$F_GET_FILE_RW_HINT(0xffffffffffffffff, 0x40d, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r0 = getpid()
sched_setattr(0x0, &(0x7f0000000140)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0)
sched_setattr(r0, &(0x7f0000000240)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = open(&(0x7f0000000040)='./bus\x00', 0x1612c2, 0x0)
r4 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0)
sendfile(r3, r4, 0x0, 0x400000000001002a)
r5 = syz_mount_image$vfat(&(0x7f0000000400), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
r6 = openat(r5, &(0x7f000000c380)='./file0\x00', 0x84842, 0x0)
write(r6, &(0x7f0000004200)='t', 0xfff4)
connect$packet(r6, &(0x7f0000000180)={0x11, 0x3, 0x0, 0x1, 0x0, 0x6, @remote}, 0x14)

[  472.796296][T16235] loop4: detected capacity change from 0 to 16
[  472.806951][T16235] FAT-fs (loop4): Unrecognized mount option "" or missing value
08:22:54 executing program 1:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0xc, 0x8d}, 0x0)
r0 = getpid()
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
sched_setattr(0x0, &(0x7f0000000140)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0)
setrlimit(0x0, 0x0)
sched_setattr(r0, &(0x7f0000000240)={0x38, 0x0, 0x0, 0x0, 0x5}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
ioctl$IOC_PR_RESERVE(0xffffffffffffffff, 0x401070c9, &(0x7f0000000080)={0x20, 0x81, 0x1})
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = syz_mount_image$vfat(&(0x7f0000000440), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400028001000240000004f801", 0x17}, {0x0, 0x0, 0x10e00}], 0x0, &(0x7f0000000500)=ANY=[])
mkdirat(r3, &(0x7f00000002c0)='./file0\x00', 0x108)
recvmmsg(0xffffffffffffffff, &(0x7f0000000180), 0x0, 0x100, &(0x7f00000001c0)={0x0, 0x3938700})
prlimit64(0x0, 0xd, &(0x7f0000000040)={0x9, 0x7}, &(0x7f0000000180))

08:22:54 executing program 5:
syz_mount_image$reiserfs(&(0x7f00000000c0), 0x0, 0x0, 0x0, &(0x7f0000000000), 0x0, &(0x7f0000000040)={[{@grpjquota, 0x3d}], [{@pcr}]})

08:22:54 executing program 0:
perf_event_open(&(0x7f0000000640)={0x2, 0x80, 0xd7, 0x0, 0x0, 0x0, 0x0, 0x2000000000, 0xa40a1, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x10000, 0x0, 0x0, 0x3, 0x1, 0xffffff7c, 0x3, 0x0, 0x2cf6ca54, 0x0, 0x7}, 0x0, 0x2, 0xffffffffffffffff, 0xb)
mmap$perf(&(0x7f0000c00000/0x400000)=nil, 0x400000, 0x3000002, 0x40032, 0xffffffffffffffff, 0x0)
mlock2(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0)
mlock2(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0)
r0 = fork()
r1 = userfaultfd(0x80000)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x543c04, 0x0)
r3 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r4 = dup3(r2, r3, 0x0)
write$binfmt_script(r1, &(0x7f0000000280)=ANY=[@ANYRESOCT=r3, @ANYRES32=r2, @ANYRESOCT, @ANYRESDEC, @ANYRESHEX=r4, @ANYRESDEC=r2], 0x9f)
munlock(&(0x7f0000ef1000/0x2000)=nil, 0x2000)
syz_io_uring_setup(0x2e00, &(0x7f0000000340)={0x0, 0xc9ba, 0x0, 0xfffffffd, 0x2000037d}, &(0x7f0000ff3000/0x4000)=nil, &(0x7f0000eee000/0x8000)=nil, &(0x7f00000001c0), &(0x7f00000003c0))
mlock2(&(0x7f0000d03000/0x1000)=nil, 0x1000, 0x1)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000080)='freezer.parent_freezing\x00', 0x0, 0x0)
move_pages(r0, 0x2, &(0x7f0000000300)=[&(0x7f0000ffd000/0x1000)=nil, &(0x7f0000f10000/0x3000)=nil], &(0x7f00000000c0), &(0x7f0000000000), 0x0)
socket$caif_seqpacket(0x25, 0x5, 0x0)
get_robust_list(r0, &(0x7f0000000180)=&(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000000c0)}}, &(0x7f0000000200)=0xc)

08:22:54 executing program 3:
r0 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
ftruncate(r0, 0x2007fff)
r1 = open(&(0x7f0000000300)='./bus\x00', 0x0, 0x0)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r2, &(0x7f0000000040)={0xa, 0x4e22}, 0x1c)
listen(r2, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TLS_TX(r3, 0x6, 0x1, &(0x7f00000000c0)=@gcm_128={{}, "72284a3976f47d35", "267a9fec9d54521aff6c5b3c25d38602", "8039aa28", "df1d25781737e8c0"}, 0x28)
sendto$inet6(r3, 0x0, 0x0, 0x20000004, &(0x7f0000000280)={0xa, 0x100000004e22, 0x0, @loopback}, 0x1c)
sendfile(r3, r1, 0x0, 0x800100020016)

08:22:54 executing program 2:
syz_open_procfs(0x0, &(0x7f0000000040)='mounts\x00')
syz_open_procfs(0x0, &(0x7f0000000000)='mountstats\x00')
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000040)={r1})
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000))
ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, &(0x7f00000001c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1003]})
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)
ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000140)={[{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}]})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000056f000/0x18000)=nil, &(0x7f0000000080)=[@text32={0x20, &(0x7f00000000c0)="66ba4000b0c2ee66bad104b829280000efea0e0000000a00b8050000000f23d80f21f835c00000a00f23f8653e65f30f21c62e0fae2b0f01c2b8060000000f23d00f21f835200000000f23f8c4c3a1cf830000000002d9f7", 0x58}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)

08:22:54 executing program 4:
fcntl$F_GET_FILE_RW_HINT(0xffffffffffffffff, 0x40d, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r0 = getpid()
sched_setattr(0x0, &(0x7f0000000140)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0)
sched_setattr(r0, &(0x7f0000000240)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = open(&(0x7f0000000040)='./bus\x00', 0x1612c2, 0x0)
r4 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0)
sendfile(r3, r4, 0x0, 0x400000000001002a)
r5 = syz_mount_image$vfat(&(0x7f0000000400), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
r6 = openat(r5, &(0x7f000000c380)='./file0\x00', 0x84842, 0x0)
write(r6, &(0x7f0000004200)='t', 0xfff4)
connect$packet(r6, &(0x7f0000000180)={0x11, 0x3, 0x0, 0x1, 0x0, 0x6, @remote}, 0x14)

08:22:54 executing program 5:
syz_mount_image$reiserfs(&(0x7f00000000c0), 0x0, 0x0, 0x0, &(0x7f0000000000), 0x0, &(0x7f0000000040)={[{@grpjquota, 0x3d}], [{@pcr}]})

[  473.857107][T16277] loop4: detected capacity change from 0 to 16
08:22:55 executing program 0:
perf_event_open(&(0x7f0000000640)={0x2, 0x80, 0xd7, 0x0, 0x0, 0x0, 0x0, 0x2000000000, 0xa40a1, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x10000, 0x0, 0x0, 0x3, 0x1, 0xffffff7c, 0x3, 0x0, 0x2cf6ca54, 0x0, 0x7}, 0x0, 0x2, 0xffffffffffffffff, 0xb)
mmap$perf(&(0x7f0000c00000/0x400000)=nil, 0x400000, 0x3000002, 0x40032, 0xffffffffffffffff, 0x0)
mlock2(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0)
mlock2(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0)
r0 = fork()
r1 = userfaultfd(0x80000)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x543c04, 0x0)
r3 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r4 = dup3(r2, r3, 0x0)
write$binfmt_script(r1, &(0x7f0000000280)=ANY=[@ANYRESOCT=r3, @ANYRES32=r2, @ANYRESOCT, @ANYRESDEC, @ANYRESHEX=r4, @ANYRESDEC=r2], 0x9f)
munlock(&(0x7f0000ef1000/0x2000)=nil, 0x2000)
syz_io_uring_setup(0x2e00, &(0x7f0000000340)={0x0, 0xc9ba, 0x20, 0x0, 0x2000037d}, &(0x7f0000ff3000/0x4000)=nil, &(0x7f0000eee000/0x8000)=nil, &(0x7f00000001c0), &(0x7f00000003c0))
mlock2(&(0x7f0000d03000/0x1000)=nil, 0x1000, 0x1)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000080)='freezer.parent_freezing\x00', 0x0, 0x0)
move_pages(r0, 0x2, &(0x7f0000000300)=[&(0x7f0000ffd000/0x1000)=nil, &(0x7f0000f10000/0x3000)=nil], &(0x7f00000000c0), &(0x7f0000000000), 0x0)
socket$caif_seqpacket(0x25, 0x5, 0x0)
get_robust_list(r0, &(0x7f0000000180)=&(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000000c0)}}, &(0x7f0000000200)=0xc)

08:22:55 executing program 4:
fcntl$F_GET_FILE_RW_HINT(0xffffffffffffffff, 0x40d, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r0 = getpid()
sched_setattr(0x0, &(0x7f0000000140)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0)
sched_setattr(r0, &(0x7f0000000240)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = open(&(0x7f0000000040)='./bus\x00', 0x1612c2, 0x0)
r4 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0)
sendfile(r3, r4, 0x0, 0x400000000001002a)
r5 = syz_mount_image$vfat(&(0x7f0000000400), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
r6 = openat(r5, &(0x7f000000c380)='./file0\x00', 0x84842, 0x0)
write(r6, &(0x7f0000004200)='t', 0xfff4)
connect$packet(r6, &(0x7f0000000180)={0x11, 0x3, 0x0, 0x1, 0x0, 0x6, @remote}, 0x14)

[  474.495844][   T26] audit: type=1804 audit(1632817375.361:33): pid=16265 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/root/syzkaller-testdir504965368/syzkaller.RPeQl2/223/bus" dev="sda1" ino=14912 res=1 errno=0
08:22:55 executing program 2:
syz_open_procfs(0x0, &(0x7f0000000040)='mounts\x00')
syz_open_procfs(0x0, &(0x7f0000000000)='mountstats\x00')
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000040)={r1})
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000))
ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, &(0x7f00000001c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1003]})
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)
ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000140)={[{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}]})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000056f000/0x18000)=nil, &(0x7f0000000080)=[@text32={0x20, &(0x7f00000000c0)="66ba4000b0c2ee66bad104b829280000efea0e0000000a00b8050000000f23d80f21f835c00000a00f23f8653e65f30f21c62e0fae2b0f01c2b8060000000f23d00f21f835200000000f23f8c4c3a1cf830000000002d9f7", 0x58}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)

08:22:55 executing program 5:
syz_mount_image$reiserfs(&(0x7f00000000c0), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)={[{@grpjquota, 0x3d}], [{@pcr}]})

08:22:55 executing program 0:
perf_event_open(&(0x7f0000000640)={0x2, 0x80, 0xd7, 0x0, 0x0, 0x0, 0x0, 0x2000000000, 0xa40a1, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x10000, 0x0, 0x0, 0x3, 0x1, 0xffffff7c, 0x3, 0x0, 0x2cf6ca54, 0x0, 0x7}, 0x0, 0x2, 0xffffffffffffffff, 0xb)
mmap$perf(&(0x7f0000c00000/0x400000)=nil, 0x400000, 0x3000002, 0x40032, 0xffffffffffffffff, 0x0)
mlock2(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0)
mlock2(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0)
r0 = fork()
r1 = userfaultfd(0x80000)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x543c04, 0x0)
r3 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r4 = dup3(r2, r3, 0x0)
write$binfmt_script(r1, &(0x7f0000000280)=ANY=[@ANYRESOCT=r3, @ANYRES32=r2, @ANYRESOCT, @ANYRESDEC, @ANYRESHEX=r4, @ANYRESDEC=r2], 0x9f)
munlock(&(0x7f0000ef1000/0x2000)=nil, 0x2000)
syz_io_uring_setup(0x2e00, &(0x7f0000000340)={0x0, 0xc9ba, 0x20, 0x0, 0x2000037d}, &(0x7f0000ff3000/0x4000)=nil, &(0x7f0000eee000/0x8000)=nil, &(0x7f00000001c0), &(0x7f00000003c0))
mlock2(&(0x7f0000d03000/0x1000)=nil, 0x1000, 0x1)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000080)='freezer.parent_freezing\x00', 0x0, 0x0)
move_pages(r0, 0x2, &(0x7f0000000300)=[&(0x7f0000ffd000/0x1000)=nil, &(0x7f0000f10000/0x3000)=nil], &(0x7f00000000c0), &(0x7f0000000000), 0x0)
socket$caif_seqpacket(0x25, 0x5, 0x0)
get_robust_list(r0, &(0x7f0000000180)=&(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000000c0)}}, &(0x7f0000000200)=0xc)

[  474.647028][T16283] loop1: detected capacity change from 0 to 270
[  475.041043][T16318] loop4: detected capacity change from 0 to 16
[  475.118744][   T26] audit: type=1800 audit(1632817375.971:34): pid=16317 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.4" name="file0" dev="loop4" ino=14 res=0 errno=0
08:22:57 executing program 1:
prlimit64(0x0, 0xe, &(0x7f00000000c0)={0x9, 0x8d}, 0x0)
getpid()
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r0 = syz_open_dev$evdev(&(0x7f0000000000), 0x0, 0x2)
write$evdev(r0, &(0x7f000004d000)=[{}], 0xfffffe82)
write$evdev(r0, &(0x7f0000000180)=[{{0x77359400}}, {{0x77359400}, 0x4, 0xfff, 0x2}], 0x30)
close(0xffffffffffffffff)

08:22:57 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc010000, 0x6, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000008000000008000000524700006201", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000011", 0x9, 0x4e0}, {&(0x7f0000010300)="03", 0x1, 0x640}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}, {&(0x7f0000012e00)="ed41000000080000d0f4655fd2f4655fd2f4655f000000000000040004", 0x1d, 0x11080}, {&(0x7f0000012f00)="8081000000180000d0f465001000005fd0f4655f00000000000001000c00000010000800000000000af3010004000000000000000000000003", 0x39, 0x11100}], 0x1, &(0x7f0000000140)=ANY=[])

08:22:57 executing program 0:
perf_event_open(&(0x7f0000000640)={0x2, 0x80, 0xd7, 0x0, 0x0, 0x0, 0x0, 0x2000000000, 0xa40a1, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x10000, 0x0, 0x0, 0x3, 0x1, 0xffffff7c, 0x3, 0x0, 0x2cf6ca54, 0x0, 0x7}, 0x0, 0x2, 0xffffffffffffffff, 0xb)
mmap$perf(&(0x7f0000c00000/0x400000)=nil, 0x400000, 0x3000002, 0x40032, 0xffffffffffffffff, 0x0)
mlock2(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0)
mlock2(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0)
r0 = fork()
r1 = userfaultfd(0x80000)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x543c04, 0x0)
r3 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r4 = dup3(r2, r3, 0x0)
write$binfmt_script(r1, &(0x7f0000000280)=ANY=[@ANYRESOCT=r3, @ANYRES32=r2, @ANYRESOCT, @ANYRESDEC, @ANYRESHEX=r4, @ANYRESDEC=r2], 0x9f)
munlock(&(0x7f0000ef1000/0x2000)=nil, 0x2000)
syz_io_uring_setup(0x2e00, &(0x7f0000000340)={0x0, 0xc9ba, 0x20, 0x0, 0x2000037d}, &(0x7f0000ff3000/0x4000)=nil, &(0x7f0000eee000/0x8000)=nil, &(0x7f00000001c0), &(0x7f00000003c0))
mlock2(&(0x7f0000d03000/0x1000)=nil, 0x1000, 0x1)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000080)='freezer.parent_freezing\x00', 0x0, 0x0)
move_pages(r0, 0x2, &(0x7f0000000300)=[&(0x7f0000ffd000/0x1000)=nil, &(0x7f0000f10000/0x3000)=nil], &(0x7f00000000c0), &(0x7f0000000000), 0x0)
socket$caif_seqpacket(0x25, 0x5, 0x0)
get_robust_list(r0, &(0x7f0000000180)=&(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000000c0)}}, &(0x7f0000000200)=0xc)

08:22:57 executing program 4:
fcntl$F_GET_FILE_RW_HINT(0xffffffffffffffff, 0x40d, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r0 = getpid()
sched_setattr(0x0, &(0x7f0000000140)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0)
sched_setattr(r0, &(0x7f0000000240)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = open(&(0x7f0000000040)='./bus\x00', 0x1612c2, 0x0)
r4 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0)
sendfile(r3, r4, 0x0, 0x400000000001002a)
r5 = syz_mount_image$vfat(&(0x7f0000000400), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
r6 = openat(r5, &(0x7f000000c380)='./file0\x00', 0x84842, 0x0)
write(r6, &(0x7f0000004200)='t', 0xfff4)
sendmsg$NL80211_CMD_SET_INTERFACE(0xffffffffffffffff, &(0x7f0000001840)={&(0x7f0000000080), 0xc, &(0x7f0000001800)={&(0x7f00000001c0)=ANY=[@ANYRES64, @ANYRESDEC, @ANYRES32=0x0, @ANYRES32], 0x60}, 0x1, 0x0, 0x0, 0x44090}, 0x0)

08:22:57 executing program 5:
syz_mount_image$reiserfs(&(0x7f00000000c0), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)={[{@grpjquota, 0x3d}], [{@pcr}]})

08:22:57 executing program 2:
syz_open_procfs(0x0, &(0x7f0000000040)='mounts\x00')
syz_open_procfs(0x0, &(0x7f0000000000)='mountstats\x00')
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000040)={r1})
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000))
ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, &(0x7f00000001c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1003]})
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)
ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000140)={[{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}]})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000056f000/0x18000)=nil, &(0x7f0000000080)=[@text32={0x20, &(0x7f00000000c0)="66ba4000b0c2ee66bad104b829280000efea0e0000000a00b8050000000f23d80f21f835c00000a00f23f8653e65f30f21c62e0fae2b0f01c2b8060000000f23d00f21f835200000000f23f8c4c3a1cf830000000002d9f7", 0x58}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)

[  476.723355][T16348] loop3: detected capacity change from 0 to 264192
[  476.837190][T16357] loop4: detected capacity change from 0 to 16
[  476.947226][   T26] audit: type=1800 audit(1632817377.771:35): pid=16357 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.4" name="file0" dev="loop4" ino=15 res=0 errno=0
08:22:58 executing program 4:
fcntl$F_GET_FILE_RW_HINT(0xffffffffffffffff, 0x40d, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r0 = getpid()
sched_setattr(0x0, &(0x7f0000000140)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0)
sched_setattr(r0, &(0x7f0000000240)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = open(&(0x7f0000000040)='./bus\x00', 0x1612c2, 0x0)
r4 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0)
sendfile(r3, r4, 0x0, 0x400000000001002a)
syz_mount_image$vfat(&(0x7f0000000400), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
write(0xffffffffffffffff, &(0x7f0000004200)='t', 0xfff4)
sendmsg$NL80211_CMD_SET_INTERFACE(0xffffffffffffffff, &(0x7f0000001840)={&(0x7f0000000080), 0xc, &(0x7f0000001800)={&(0x7f00000001c0)=ANY=[@ANYRES64, @ANYRESDEC, @ANYRES32=0x0, @ANYRES32], 0x60}, 0x1, 0x0, 0x0, 0x44090}, 0x0)

08:22:58 executing program 5:
syz_mount_image$reiserfs(&(0x7f00000000c0), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)={[{@grpjquota, 0x3d}], [{@pcr}]})

[  477.558140][T16348] EXT4-fs: failed to create workqueue
[  477.593464][T16348] EXT4-fs (loop3): mount failed
08:22:58 executing program 0:
perf_event_open(&(0x7f0000000640)={0x2, 0x80, 0xd7, 0x0, 0x0, 0x0, 0x0, 0x2000000000, 0xa40a1, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x10000, 0x0, 0x0, 0x3, 0x1, 0xffffff7c, 0x3, 0x0, 0x2cf6ca54, 0x0, 0x7}, 0x0, 0x2, 0xffffffffffffffff, 0xb)
mmap$perf(&(0x7f0000c00000/0x400000)=nil, 0x400000, 0x3000002, 0x40032, 0xffffffffffffffff, 0x0)
mlock2(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0)
mlock2(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0)
r0 = fork()
r1 = userfaultfd(0x80000)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x543c04, 0x0)
r3 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r4 = dup3(r2, r3, 0x0)
write$binfmt_script(r1, &(0x7f0000000280)=ANY=[@ANYRESOCT=r3, @ANYRES32=r2, @ANYRESOCT, @ANYRESDEC, @ANYRESHEX=r4, @ANYRESDEC=r2], 0x9f)
munlock(&(0x7f0000ef1000/0x2000)=nil, 0x2000)
syz_io_uring_setup(0x2e00, &(0x7f0000000340)={0x0, 0xc9ba, 0x20, 0xfffffffd}, &(0x7f0000ff3000/0x4000)=nil, &(0x7f0000eee000/0x8000)=nil, &(0x7f00000001c0), &(0x7f00000003c0))
mlock2(&(0x7f0000d03000/0x1000)=nil, 0x1000, 0x1)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000080)='freezer.parent_freezing\x00', 0x0, 0x0)
move_pages(r0, 0x2, &(0x7f0000000300)=[&(0x7f0000ffd000/0x1000)=nil, &(0x7f0000f10000/0x3000)=nil], &(0x7f00000000c0), &(0x7f0000000000), 0x0)
socket$caif_seqpacket(0x25, 0x5, 0x0)
get_robust_list(r0, &(0x7f0000000180)=&(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000000c0)}}, &(0x7f0000000200)=0xc)

08:22:58 executing program 3:
syz_mount_image$jfs(&(0x7f0000000f00), &(0x7f0000000f40)='./file0\x00', 0x0, 0x0, &(0x7f0000000fc0), 0x0, &(0x7f0000001000)={[{@iocharset={'iocharset', 0x3d, 'macinuit'}}, {@iocharset={'iocharset', 0x3d, 'macinuit'}}]})

08:22:58 executing program 2:
syz_open_procfs(0x0, &(0x7f0000000040)='mounts\x00')
syz_open_procfs(0x0, &(0x7f0000000000)='mountstats\x00')
openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r0 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000040))
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_PIT2(0xffffffffffffffff, 0x4040ae77, &(0x7f0000000000))
ioctl$KVM_SET_REGS(r0, 0x4090ae82, &(0x7f00000001c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1003]})
ioctl$KVM_RUN(r0, 0xae80, 0x0)
ioctl$KVM_SET_PIT(0xffffffffffffffff, 0x8048ae66, &(0x7f0000000140)={[{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}]})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000056f000/0x18000)=nil, &(0x7f0000000080)=[@text32={0x20, &(0x7f00000000c0)="66ba4000b0c2ee66bad104b829280000efea0e0000000a00b8050000000f23d80f21f835c00000a00f23f8653e65f30f21c62e0fae2b0f01c2b8060000000f23d00f21f835200000000f23f8c4c3a1cf830000000002d9f7", 0x58}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r0, 0xae80, 0x0)

08:22:58 executing program 5:
syz_mount_image$reiserfs(&(0x7f00000000c0), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, &(0x7f0000000000), 0x0, 0x0)

[  478.262938][T16389] loop4: detected capacity change from 0 to 16
[  479.097673][T16386] Mount JFS Failure: -22
[  479.144244][T16386] jfs_mount failed w/return code = -22
08:23:01 executing program 5:
syz_mount_image$reiserfs(&(0x7f00000000c0), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, &(0x7f0000000000), 0x0, 0x0)

08:23:01 executing program 1:
r0 = syz_io_uring_setup(0x21c, &(0x7f0000000000), &(0x7f00006d3000/0x3000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000280)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x10, 0xffffffffffffffff, 0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x40, &(0x7f0000000140)=0x307e, 0x0, 0x4)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
syz_io_uring_submit(r1, r2, &(0x7f0000002ec0)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd=r3}, 0x80)
syz_io_uring_submit(r1, r2, &(0x7f00000000c0)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r3, 0x0, &(0x7f0000000640)={0x0, 0x0, 0x0}}, 0x0)
io_uring_enter(r0, 0x71a1, 0x0, 0x0, 0x0, 0x0)
io_uring_enter(r0, 0x4f96, 0x0, 0x0, 0x0, 0x0)
shutdown(r3, 0x0)

08:23:01 executing program 4:
fcntl$F_GET_FILE_RW_HINT(0xffffffffffffffff, 0x40d, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r0 = getpid()
sched_setattr(0x0, &(0x7f0000000140)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0)
sched_setattr(r0, &(0x7f0000000240)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = open(&(0x7f0000000040)='./bus\x00', 0x1612c2, 0x0)
r4 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0)
sendfile(r3, r4, 0x0, 0x400000000001002a)
syz_mount_image$vfat(&(0x7f0000000400), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
write(0xffffffffffffffff, &(0x7f0000004200)='t', 0xfff4)
sendmsg$NL80211_CMD_SET_INTERFACE(0xffffffffffffffff, &(0x7f0000001840)={&(0x7f0000000080), 0xc, &(0x7f0000001800)={&(0x7f00000001c0)=ANY=[@ANYRES64, @ANYRESDEC, @ANYRES32=0x0, @ANYRES32], 0x60}, 0x1, 0x0, 0x0, 0x44090}, 0x0)

08:23:01 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r2, 0x81a0ae8c, &(0x7f00000001c0))

08:23:01 executing program 2:
syz_open_procfs(0x0, &(0x7f0000000040)='mounts\x00')
syz_open_procfs(0x0, &(0x7f0000000000)='mountstats\x00')
openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r0 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000040))
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_PIT2(0xffffffffffffffff, 0x4040ae77, &(0x7f0000000000))
ioctl$KVM_SET_REGS(r0, 0x4090ae82, &(0x7f00000001c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1003]})
ioctl$KVM_RUN(r0, 0xae80, 0x0)
ioctl$KVM_SET_PIT(0xffffffffffffffff, 0x8048ae66, &(0x7f0000000140)={[{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}]})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000056f000/0x18000)=nil, &(0x7f0000000080)=[@text32={0x20, &(0x7f00000000c0)="66ba4000b0c2ee66bad104b829280000efea0e0000000a00b8050000000f23d80f21f835c00000a00f23f8653e65f30f21c62e0fae2b0f01c2b8060000000f23d00f21f835200000000f23f8c4c3a1cf830000000002d9f7", 0x58}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r0, 0xae80, 0x0)

08:23:01 executing program 0:
perf_event_open(&(0x7f0000000640)={0x2, 0x80, 0xd7, 0x0, 0x0, 0x0, 0x0, 0x2000000000, 0xa40a1, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x10000, 0x0, 0x0, 0x3, 0x1, 0xffffff7c, 0x3, 0x0, 0x2cf6ca54, 0x0, 0x7}, 0x0, 0x2, 0xffffffffffffffff, 0xb)
mmap$perf(&(0x7f0000c00000/0x400000)=nil, 0x400000, 0x3000002, 0x40032, 0xffffffffffffffff, 0x0)
mlock2(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0)
mlock2(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0)
r0 = fork()
r1 = userfaultfd(0x80000)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x543c04, 0x0)
r3 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r4 = dup3(r2, r3, 0x0)
write$binfmt_script(r1, &(0x7f0000000280)=ANY=[@ANYRESOCT=r3, @ANYRES32=r2, @ANYRESOCT, @ANYRESDEC, @ANYRESHEX=r4, @ANYRESDEC=r2], 0x9f)
munlock(&(0x7f0000ef1000/0x2000)=nil, 0x2000)
syz_io_uring_setup(0x2e00, &(0x7f0000000340)={0x0, 0xc9ba, 0x20, 0xfffffffd}, &(0x7f0000ff3000/0x4000)=nil, &(0x7f0000eee000/0x8000)=nil, &(0x7f00000001c0), &(0x7f00000003c0))
mlock2(&(0x7f0000d03000/0x1000)=nil, 0x1000, 0x1)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000080)='freezer.parent_freezing\x00', 0x0, 0x0)
move_pages(r0, 0x2, &(0x7f0000000300)=[&(0x7f0000ffd000/0x1000)=nil, &(0x7f0000f10000/0x3000)=nil], &(0x7f00000000c0), &(0x7f0000000000), 0x0)
socket$caif_seqpacket(0x25, 0x5, 0x0)
get_robust_list(r0, &(0x7f0000000180)=&(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000000c0)}}, &(0x7f0000000200)=0xc)

08:23:01 executing program 3:
r0 = socket$inet6(0xa, 0x1, 0x8010000000000084)
bind$inet6(r0, &(0x7f00000000c0)={0xa, 0x4e21, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c)
prlimit64(0x0, 0x0, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0)
getsockopt$inet_sctp6_SCTP_ASSOCINFO(0xffffffffffffffff, 0x84, 0x1, &(0x7f0000000040), 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f00000bd000), 0x318, 0x0)
socketpair(0x0, 0x0, 0x0, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x4e21, 0x0, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x26}}}, 0x1c)

08:23:01 executing program 5:
syz_mount_image$reiserfs(&(0x7f00000000c0), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, &(0x7f0000000000), 0x0, 0x0)

08:23:01 executing program 0:
perf_event_open(&(0x7f0000000640)={0x2, 0x80, 0xd7, 0x0, 0x0, 0x0, 0x0, 0x2000000000, 0xa40a1, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x10000, 0x0, 0x0, 0x3, 0x1, 0xffffff7c, 0x3, 0x0, 0x2cf6ca54, 0x0, 0x7}, 0x0, 0x2, 0xffffffffffffffff, 0xb)
mmap$perf(&(0x7f0000c00000/0x400000)=nil, 0x400000, 0x3000002, 0x40032, 0xffffffffffffffff, 0x0)
mlock2(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0)
mlock2(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0)
r0 = fork()
r1 = userfaultfd(0x80000)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x543c04, 0x0)
r3 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r4 = dup3(r2, r3, 0x0)
write$binfmt_script(r1, &(0x7f0000000280)=ANY=[@ANYRESOCT=r3, @ANYRES32=r2, @ANYRESOCT, @ANYRESDEC, @ANYRESHEX=r4, @ANYRESDEC=r2], 0x9f)
munlock(&(0x7f0000ef1000/0x2000)=nil, 0x2000)
syz_io_uring_setup(0x2e00, &(0x7f0000000340)={0x0, 0xc9ba, 0x20, 0xfffffffd}, &(0x7f0000ff3000/0x4000)=nil, &(0x7f0000eee000/0x8000)=nil, &(0x7f00000001c0), &(0x7f00000003c0))
mlock2(&(0x7f0000d03000/0x1000)=nil, 0x1000, 0x1)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000080)='freezer.parent_freezing\x00', 0x0, 0x0)
move_pages(r0, 0x2, &(0x7f0000000300)=[&(0x7f0000ffd000/0x1000)=nil, &(0x7f0000f10000/0x3000)=nil], &(0x7f00000000c0), &(0x7f0000000000), 0x0)
socket$caif_seqpacket(0x25, 0x5, 0x0)
get_robust_list(r0, &(0x7f0000000180)=&(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000000c0)}}, &(0x7f0000000200)=0xc)

08:23:01 executing program 2:
syz_open_procfs(0x0, &(0x7f0000000040)='mounts\x00')
syz_open_procfs(0x0, &(0x7f0000000000)='mountstats\x00')
openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r0 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000040))
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_PIT2(0xffffffffffffffff, 0x4040ae77, &(0x7f0000000000))
ioctl$KVM_SET_REGS(r0, 0x4090ae82, &(0x7f00000001c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1003]})
ioctl$KVM_RUN(r0, 0xae80, 0x0)
ioctl$KVM_SET_PIT(0xffffffffffffffff, 0x8048ae66, &(0x7f0000000140)={[{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}]})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000056f000/0x18000)=nil, &(0x7f0000000080)=[@text32={0x20, &(0x7f00000000c0)="66ba4000b0c2ee66bad104b829280000efea0e0000000a00b8050000000f23d80f21f835c00000a00f23f8653e65f30f21c62e0fae2b0f01c2b8060000000f23d00f21f835200000000f23f8c4c3a1cf830000000002d9f7", 0x58}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r0, 0xae80, 0x0)

[  480.934748][T16450] loop4: detected capacity change from 0 to 16
08:23:02 executing program 5:
syz_mount_image$reiserfs(&(0x7f00000000c0), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, &(0x7f0000000000), 0x0, &(0x7f0000000040)={[], [{@pcr}]})

08:23:02 executing program 2:
syz_open_procfs(0x0, &(0x7f0000000040)='mounts\x00')
syz_open_procfs(0x0, &(0x7f0000000000)='mountstats\x00')
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000040)={r0})
ioctl$KVM_SET_USER_MEMORY_REGION(r0, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_PIT2(r0, 0x4040ae77, &(0x7f0000000000))
ioctl$KVM_SET_REGS(r1, 0x4090ae82, &(0x7f00000001c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1003]})
ioctl$KVM_RUN(r1, 0xae80, 0x0)
ioctl$KVM_SET_PIT(r0, 0x8048ae66, &(0x7f0000000140)={[{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}]})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000056f000/0x18000)=nil, &(0x7f0000000080)=[@text32={0x20, &(0x7f00000000c0)="66ba4000b0c2ee66bad104b829280000efea0e0000000a00b8050000000f23d80f21f835c00000a00f23f8653e65f30f21c62e0fae2b0f01c2b8060000000f23d00f21f835200000000f23f8c4c3a1cf830000000002d9f7", 0x58}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r1, 0xae80, 0x0)

08:23:02 executing program 0:
perf_event_open(&(0x7f0000000640)={0x2, 0x80, 0xd7, 0x0, 0x0, 0x0, 0x0, 0x2000000000, 0xa40a1, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x10000, 0x0, 0x0, 0x3, 0x1, 0xffffff7c, 0x3, 0x0, 0x2cf6ca54, 0x0, 0x7}, 0x0, 0x2, 0xffffffffffffffff, 0xb)
mmap$perf(&(0x7f0000c00000/0x400000)=nil, 0x400000, 0x3000002, 0x40032, 0xffffffffffffffff, 0x0)
mlock2(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0)
mlock2(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0)
r0 = fork()
r1 = userfaultfd(0x80000)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x543c04, 0x0)
r3 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r4 = dup3(r2, r3, 0x0)
write$binfmt_script(r1, &(0x7f0000000280)=ANY=[@ANYRESOCT=r3, @ANYRES32=r2, @ANYRESOCT, @ANYRESDEC, @ANYRESHEX=r4, @ANYRESDEC=r2], 0x9f)
munlock(&(0x7f0000ef1000/0x2000)=nil, 0x2000)
syz_io_uring_setup(0x2e00, &(0x7f0000000340)={0x0, 0xc9ba, 0x20, 0xfffffffd, 0x2000037d}, &(0x7f0000ff3000/0x4000)=nil, &(0x7f0000eee000/0x8000)=nil, 0x0, &(0x7f00000003c0))
mlock2(&(0x7f0000d03000/0x1000)=nil, 0x1000, 0x1)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000080)='freezer.parent_freezing\x00', 0x0, 0x0)
move_pages(r0, 0x2, &(0x7f0000000300)=[&(0x7f0000ffd000/0x1000)=nil, &(0x7f0000f10000/0x3000)=nil], &(0x7f00000000c0), &(0x7f0000000000), 0x0)
socket$caif_seqpacket(0x25, 0x5, 0x0)
get_robust_list(r0, &(0x7f0000000180)=&(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000000c0)}}, &(0x7f0000000200)=0xc)

08:23:02 executing program 1:
r0 = syz_io_uring_setup(0x21c, &(0x7f0000000000), &(0x7f00006d3000/0x3000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000280)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x10, 0xffffffffffffffff, 0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x40, &(0x7f0000000140)=0x307e, 0x0, 0x4)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
syz_io_uring_submit(r1, r2, &(0x7f0000002ec0)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd=r3}, 0x80)
syz_io_uring_submit(r1, r2, &(0x7f00000000c0)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r3, 0x0, &(0x7f0000000640)={0x0, 0x0, 0x0}}, 0x0)
io_uring_enter(r0, 0x71a1, 0x0, 0x0, 0x0, 0x0)
io_uring_enter(r0, 0x4f96, 0x0, 0x0, 0x0, 0x0)
shutdown(r3, 0x0)

[  481.470745][T16480] REISERFS warning (device loop5): super-6502 reiserfs_getopt: unknown mount option "pcr=00000000000000000000"
08:23:03 executing program 4:
fcntl$F_GET_FILE_RW_HINT(0xffffffffffffffff, 0x40d, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r0 = getpid()
sched_setattr(0x0, &(0x7f0000000140)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0)
sched_setattr(r0, &(0x7f0000000240)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = open(&(0x7f0000000040)='./bus\x00', 0x1612c2, 0x0)
r4 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0)
sendfile(r3, r4, 0x0, 0x400000000001002a)
syz_mount_image$vfat(&(0x7f0000000400), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
write(0xffffffffffffffff, &(0x7f0000004200)='t', 0xfff4)
sendmsg$NL80211_CMD_SET_INTERFACE(0xffffffffffffffff, &(0x7f0000001840)={&(0x7f0000000080), 0xc, &(0x7f0000001800)={&(0x7f00000001c0)=ANY=[@ANYRES64, @ANYRESDEC, @ANYRES32=0x0, @ANYRES32], 0x60}, 0x1, 0x0, 0x0, 0x44090}, 0x0)

08:23:03 executing program 0:
perf_event_open(&(0x7f0000000640)={0x2, 0x80, 0xd7, 0x0, 0x0, 0x0, 0x0, 0x2000000000, 0xa40a1, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x10000, 0x0, 0x0, 0x3, 0x1, 0xffffff7c, 0x3, 0x0, 0x2cf6ca54, 0x0, 0x7}, 0x0, 0x2, 0xffffffffffffffff, 0xb)
mmap$perf(&(0x7f0000c00000/0x400000)=nil, 0x400000, 0x3000002, 0x40032, 0xffffffffffffffff, 0x0)
mlock2(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0)
mlock2(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0)
r0 = fork()
r1 = userfaultfd(0x80000)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x543c04, 0x0)
r3 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r4 = dup3(r2, r3, 0x0)
write$binfmt_script(r1, &(0x7f0000000280)=ANY=[@ANYRESOCT=r3, @ANYRES32=r2, @ANYRESOCT, @ANYRESDEC, @ANYRESHEX=r4, @ANYRESDEC=r2], 0x9f)
munlock(&(0x7f0000ef1000/0x2000)=nil, 0x2000)
syz_io_uring_setup(0x2e00, &(0x7f0000000340)={0x0, 0xc9ba, 0x20, 0xfffffffd, 0x2000037d}, &(0x7f0000ff3000/0x4000)=nil, &(0x7f0000eee000/0x8000)=nil, 0x0, &(0x7f00000003c0))
mlock2(&(0x7f0000d03000/0x1000)=nil, 0x1000, 0x1)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000080)='freezer.parent_freezing\x00', 0x0, 0x0)
move_pages(r0, 0x2, &(0x7f0000000300)=[&(0x7f0000ffd000/0x1000)=nil, &(0x7f0000f10000/0x3000)=nil], &(0x7f00000000c0), &(0x7f0000000000), 0x0)
socket$caif_seqpacket(0x25, 0x5, 0x0)
get_robust_list(r0, &(0x7f0000000180)=&(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000000c0)}}, &(0x7f0000000200)=0xc)

08:23:03 executing program 2:
syz_open_procfs(0x0, &(0x7f0000000040)='mounts\x00')
syz_open_procfs(0x0, &(0x7f0000000000)='mountstats\x00')
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000040)={r0})
ioctl$KVM_SET_USER_MEMORY_REGION(r0, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_PIT2(r0, 0x4040ae77, &(0x7f0000000000))
ioctl$KVM_SET_REGS(r1, 0x4090ae82, &(0x7f00000001c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1003]})
ioctl$KVM_RUN(r1, 0xae80, 0x0)
ioctl$KVM_SET_PIT(r0, 0x8048ae66, &(0x7f0000000140)={[{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}]})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000056f000/0x18000)=nil, &(0x7f0000000080)=[@text32={0x20, &(0x7f00000000c0)="66ba4000b0c2ee66bad104b829280000efea0e0000000a00b8050000000f23d80f21f835c00000a00f23f8653e65f30f21c62e0fae2b0f01c2b8060000000f23d00f21f835200000000f23f8c4c3a1cf830000000002d9f7", 0x58}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r1, 0xae80, 0x0)

08:23:03 executing program 5:
syz_mount_image$reiserfs(&(0x7f00000000c0), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, &(0x7f0000000000), 0x0, &(0x7f0000000040)={[], [{@pcr}]})

08:23:03 executing program 1:
r0 = syz_io_uring_setup(0x21c, &(0x7f0000000000), &(0x7f00006d3000/0x3000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000280)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x10, 0xffffffffffffffff, 0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x40, &(0x7f0000000140)=0x307e, 0x0, 0x4)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
syz_io_uring_submit(r1, r2, &(0x7f0000002ec0)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd=r3}, 0x80)
syz_io_uring_submit(r1, r2, &(0x7f00000000c0)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r3, 0x0, &(0x7f0000000640)={0x0, 0x0, 0x0}}, 0x0)
io_uring_enter(r0, 0x71a1, 0x0, 0x0, 0x0, 0x0)
io_uring_enter(r0, 0x4f96, 0x0, 0x0, 0x0, 0x0)
shutdown(r3, 0x0)

08:23:03 executing program 3:
r0 = socket$inet6(0xa, 0x1, 0x8010000000000084)
bind$inet6(r0, &(0x7f00000000c0)={0xa, 0x4e21, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c)
prlimit64(0x0, 0x0, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0)
getsockopt$inet_sctp6_SCTP_ASSOCINFO(0xffffffffffffffff, 0x84, 0x1, &(0x7f0000000040), 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f00000bd000), 0x318, 0x0)
socketpair(0x0, 0x0, 0x0, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x4e21, 0x0, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x26}}}, 0x1c)

08:23:03 executing program 0:
perf_event_open(&(0x7f0000000640)={0x2, 0x80, 0xd7, 0x0, 0x0, 0x0, 0x0, 0x2000000000, 0xa40a1, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x10000, 0x0, 0x0, 0x3, 0x1, 0xffffff7c, 0x3, 0x0, 0x2cf6ca54, 0x0, 0x7}, 0x0, 0x2, 0xffffffffffffffff, 0xb)
mmap$perf(&(0x7f0000c00000/0x400000)=nil, 0x400000, 0x3000002, 0x40032, 0xffffffffffffffff, 0x0)
mlock2(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0)
mlock2(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0)
r0 = fork()
r1 = userfaultfd(0x80000)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x543c04, 0x0)
r3 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r4 = dup3(r2, r3, 0x0)
write$binfmt_script(r1, &(0x7f0000000280)=ANY=[@ANYRESOCT=r3, @ANYRES32=r2, @ANYRESOCT, @ANYRESDEC, @ANYRESHEX=r4, @ANYRESDEC=r2], 0x9f)
munlock(&(0x7f0000ef1000/0x2000)=nil, 0x2000)
syz_io_uring_setup(0x2e00, &(0x7f0000000340)={0x0, 0xc9ba, 0x20, 0xfffffffd, 0x2000037d}, &(0x7f0000ff3000/0x4000)=nil, &(0x7f0000eee000/0x8000)=nil, 0x0, &(0x7f00000003c0))
mlock2(&(0x7f0000d03000/0x1000)=nil, 0x1000, 0x1)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000080)='freezer.parent_freezing\x00', 0x0, 0x0)
move_pages(r0, 0x2, &(0x7f0000000300)=[&(0x7f0000ffd000/0x1000)=nil, &(0x7f0000f10000/0x3000)=nil], &(0x7f00000000c0), &(0x7f0000000000), 0x0)
socket$caif_seqpacket(0x25, 0x5, 0x0)
get_robust_list(r0, &(0x7f0000000180)=&(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000000c0)}}, &(0x7f0000000200)=0xc)

[  482.503149][T16526] REISERFS warning (device loop5): super-6502 reiserfs_getopt: unknown mount option "pcr=00000000000000000000"
08:23:03 executing program 2:
syz_open_procfs(0x0, &(0x7f0000000040)='mounts\x00')
syz_open_procfs(0x0, &(0x7f0000000000)='mountstats\x00')
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000040)={r0})
ioctl$KVM_SET_USER_MEMORY_REGION(r0, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_PIT2(r0, 0x4040ae77, &(0x7f0000000000))
ioctl$KVM_SET_REGS(r1, 0x4090ae82, &(0x7f00000001c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1003]})
ioctl$KVM_RUN(r1, 0xae80, 0x0)
ioctl$KVM_SET_PIT(r0, 0x8048ae66, &(0x7f0000000140)={[{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}]})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000056f000/0x18000)=nil, &(0x7f0000000080)=[@text32={0x20, &(0x7f00000000c0)="66ba4000b0c2ee66bad104b829280000efea0e0000000a00b8050000000f23d80f21f835c00000a00f23f8653e65f30f21c62e0fae2b0f01c2b8060000000f23d00f21f835200000000f23f8c4c3a1cf830000000002d9f7", 0x58}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r1, 0xae80, 0x0)

[  482.740351][T16545] loop4: detected capacity change from 0 to 16
08:23:04 executing program 4:
fcntl$F_GET_FILE_RW_HINT(0xffffffffffffffff, 0x40d, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r0 = getpid()
sched_setattr(0x0, &(0x7f0000000140)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0)
sched_setattr(r0, &(0x7f0000000240)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = open(&(0x7f0000000040)='./bus\x00', 0x1612c2, 0x0)
r4 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0)
sendfile(r3, r4, 0x0, 0x400000000001002a)
r5 = openat(0xffffffffffffffff, &(0x7f000000c380)='./file0\x00', 0x84842, 0x0)
write(r5, &(0x7f0000004200)='t', 0xfff4)
sendmsg$NL80211_CMD_SET_INTERFACE(0xffffffffffffffff, &(0x7f0000001840)={&(0x7f0000000080), 0xc, &(0x7f0000001800)={&(0x7f00000001c0)=ANY=[@ANYRES64, @ANYRESDEC, @ANYRES32=0x0, @ANYRES32], 0x60}, 0x1, 0x0, 0x0, 0x44090}, 0x0)

08:23:04 executing program 5:
syz_mount_image$reiserfs(&(0x7f00000000c0), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, &(0x7f0000000000), 0x0, &(0x7f0000000040)={[], [{@pcr}]})

08:23:04 executing program 3:
r0 = open(&(0x7f0000000080)='./bus\x00', 0x141042, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r1 = getpid()
sched_setattr(0x0, &(0x7f0000000140)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0)
sched_setattr(r1, &(0x7f0000000240)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = openat$incfs(0xffffffffffffff9c, &(0x7f00000000c0)='.log\x00', 0x745000, 0x80)
sendmmsg$unix(r4, &(0x7f00000002c0), 0x0, 0x4000)
socket$nl_netfilter(0x10, 0x3, 0xc)
recvmmsg(r4, &(0x7f0000000a40)=[{{0x0, 0x0, &(0x7f0000000700)=[{&(0x7f0000000400)=""/70, 0x46}, {&(0x7f0000000480)=""/91, 0x5b}, {&(0x7f0000000500)=""/175, 0xaf}, {&(0x7f00000005c0)=""/161, 0xa1}, {&(0x7f0000000680)=""/128, 0x80}], 0x5, &(0x7f0000000780)=""/219, 0xdb}, 0x8c9}, {{&(0x7f0000000880)=@l2tp={0x2, 0x0, @multicast2}, 0x80, &(0x7f0000000900), 0x0, &(0x7f0000000940)=""/215, 0xd7}}], 0x2, 0x40000000, &(0x7f0000000b00)={0x77359400})
ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040))
r5 = open(&(0x7f0000000100)='./bus\x00', 0x6e842, 0x0)
pwritev2(r5, &(0x7f0000000240)=[{&(0x7f0000000000)="85", 0x300000}], 0x1, 0x4200, 0x0, 0x3)

08:23:04 executing program 2:
syz_open_procfs(0x0, &(0x7f0000000040)='mounts\x00')
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000040)={r1})
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000))
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000001c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1003]})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000140)={[{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}]})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000056f000/0x18000)=nil, &(0x7f0000000080)=[@text32={0x20, &(0x7f00000000c0)="66ba4000b0c2ee66bad104b829280000efea0e0000000a00b8050000000f23d80f21f835c00000a00f23f8653e65f30f21c62e0fae2b0f01c2b8060000000f23d00f21f835200000000f23f8c4c3a1cf830000000002d9f7", 0x58}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

08:23:04 executing program 0:
perf_event_open(&(0x7f0000000640)={0x2, 0x80, 0xd7, 0x0, 0x0, 0x0, 0x0, 0x2000000000, 0xa40a1, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x10000, 0x0, 0x0, 0x3, 0x1, 0xffffff7c, 0x3, 0x0, 0x2cf6ca54, 0x0, 0x7}, 0x0, 0x2, 0xffffffffffffffff, 0xb)
mmap$perf(&(0x7f0000c00000/0x400000)=nil, 0x400000, 0x3000002, 0x40032, 0xffffffffffffffff, 0x0)
mlock2(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0)
mlock2(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0)
r0 = fork()
r1 = userfaultfd(0x80000)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x543c04, 0x0)
r3 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r4 = dup3(r2, r3, 0x0)
write$binfmt_script(r1, &(0x7f0000000280)=ANY=[@ANYRESOCT=r3, @ANYRES32=r2, @ANYRESOCT, @ANYRESDEC, @ANYRESHEX=r4, @ANYRESDEC=r2], 0x9f)
munlock(&(0x7f0000ef1000/0x2000)=nil, 0x2000)
syz_io_uring_setup(0x2e00, &(0x7f0000000340)={0x0, 0xc9ba, 0x20, 0xfffffffd, 0x2000037d}, &(0x7f0000ff3000/0x4000)=nil, &(0x7f0000eee000/0x8000)=nil, &(0x7f00000001c0), 0x0)
mlock2(&(0x7f0000d03000/0x1000)=nil, 0x1000, 0x1)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000080)='freezer.parent_freezing\x00', 0x0, 0x0)
move_pages(r0, 0x2, &(0x7f0000000300)=[&(0x7f0000ffd000/0x1000)=nil, &(0x7f0000f10000/0x3000)=nil], &(0x7f00000000c0), &(0x7f0000000000), 0x0)
socket$caif_seqpacket(0x25, 0x5, 0x0)
get_robust_list(r0, &(0x7f0000000180)=&(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000000c0)}}, &(0x7f0000000200)=0xc)

08:23:04 executing program 1:
r0 = syz_io_uring_setup(0x21c, &(0x7f0000000000), &(0x7f00006d3000/0x3000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000280)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x10, 0xffffffffffffffff, 0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x40, &(0x7f0000000140)=0x307e, 0x0, 0x4)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
syz_io_uring_submit(r1, r2, &(0x7f0000002ec0)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd=r3}, 0x80)
syz_io_uring_submit(r1, r2, &(0x7f00000000c0)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r3, 0x0, &(0x7f0000000640)={0x0, 0x0, 0x0}}, 0x0)
io_uring_enter(r0, 0x71a1, 0x0, 0x0, 0x0, 0x0)
io_uring_enter(r0, 0x4f96, 0x0, 0x0, 0x0, 0x0)
shutdown(r3, 0x0)

[  483.645404][T16564] REISERFS warning (device loop5): super-6502 reiserfs_getopt: unknown mount option "pcr=00000000000000000000"
08:23:06 executing program 3:
pwritev2(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000380)={&(0x7f0000000080), 0xc, &(0x7f0000000140)={0x0}}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x20000009}, 0x0)
sched_setattr(0x0, &(0x7f0000000200)={0x38, 0x1, 0x0, 0x0, 0x3}, 0x0)
syz_mount_image$udf(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0xd, &(0x7f0000000200)=[{&(0x7f0000010000)="064245413031", 0x6, 0x8000}, {&(0x7f0000010100)='\x00NSR03', 0x6, 0x8800}, {&(0x7f0000010300)="010003000b0001005c59f001600000000100000000000000084c696e757855444600000000000000000000000000000000000000000000090100010003000300010000000100000008313233343536373831323334353637384c696e7578554446", 0x61, 0x18000}, {&(0x7f0000010400)="0000000000000019004f53544120436f6d7072657373656420556e69636f646500000000000000000000000000000000000000000000000000000000000000000000000000000000004f53544120436f6d7072657373656420556e69636f64650000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002a4c696e7578206d6b756466667300000000000000000004050000000000007810e4070913142c1a3e2835002a4c696e757820554446465300000000000000000000000405", 0xde, 0x180c0}, {&(0x7f0000010500)='\x00\x00\x00\x00\x00\x00\x00\x00', 0x8, 0x181e0}, {&(0x7f0000010600)="06000300e2000100800ee8016100000002000000004f53544120436f6d7072657373656420556e69636f646500000000000000000000000000000000000000000000000000000000000000000000000000000000084c696e7578554446", 0x5d, 0x18400}, {&(0x7f0000010700)="000000000000000000000000000000000000000900040000002a4f5354412055444620436f6d706c69616e74000000000102000000000000000400001000000000000000000000004000000001000000002a4c696e757820554446465300000000000000000000000405", 0x6a, 0x184c0}, {&(0x7f0000010800)="00000000000000000000000000000000004000008000000002400000002a554446205370617261626c6520506172746974696f6e010204050000000001000000100002003802000070000000f007", 0x4e, 0x185a0}, {&(0x7f0000010900)="050003002e0001003a98f001620000000500000001000000002b4e5352303300"/54, 0x36}, {0x0, 0x0, 0x188a0}, {&(0x7f0000011400)="020003003800010077c9f00100010000004000006000000000400000e007", 0x1e, 0x40000}, {&(0x7f0000011600)="00010300380001001e14f001100000007810e4070913142c1a3e28350300030001000000010000000000000000000000004f53544120436f6d7072657373656420556e69636f646500"/91, 0x5b, 0x148000}, {0x0, 0x0, 0x1480e0}], 0x0, &(0x7f0000013b00))

08:23:06 executing program 4:
fcntl$F_GET_FILE_RW_HINT(0xffffffffffffffff, 0x40d, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r0 = getpid()
sched_setattr(0x0, &(0x7f0000000140)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0)
sched_setattr(r0, &(0x7f0000000240)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = open(&(0x7f0000000040)='./bus\x00', 0x1612c2, 0x0)
r4 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0)
sendfile(r3, r4, 0x0, 0x400000000001002a)
r5 = openat(0xffffffffffffffff, &(0x7f000000c380)='./file0\x00', 0x84842, 0x0)
write(r5, &(0x7f0000004200)='t', 0xfff4)
sendmsg$NL80211_CMD_SET_INTERFACE(0xffffffffffffffff, &(0x7f0000001840)={&(0x7f0000000080), 0xc, &(0x7f0000001800)={&(0x7f00000001c0)=ANY=[@ANYRES64, @ANYRESDEC, @ANYRES32=0x0, @ANYRES32], 0x60}, 0x1, 0x0, 0x0, 0x44090}, 0x0)

[  486.258635][T16597] loop3: detected capacity change from 0 to 5248
08:23:07 executing program 0:
perf_event_open(&(0x7f0000000640)={0x2, 0x80, 0xd7, 0x0, 0x0, 0x0, 0x0, 0x2000000000, 0xa40a1, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x10000, 0x0, 0x0, 0x3, 0x1, 0xffffff7c, 0x3, 0x0, 0x2cf6ca54, 0x0, 0x7}, 0x0, 0x2, 0xffffffffffffffff, 0xb)
mmap$perf(&(0x7f0000c00000/0x400000)=nil, 0x400000, 0x3000002, 0x40032, 0xffffffffffffffff, 0x0)
mlock2(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0)
mlock2(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0)
r0 = fork()
r1 = userfaultfd(0x80000)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x543c04, 0x0)
r3 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r4 = dup3(r2, r3, 0x0)
write$binfmt_script(r1, &(0x7f0000000280)=ANY=[@ANYRESOCT=r3, @ANYRES32=r2, @ANYRESOCT, @ANYRESDEC, @ANYRESHEX=r4, @ANYRESDEC=r2], 0x9f)
munlock(&(0x7f0000ef1000/0x2000)=nil, 0x2000)
syz_io_uring_setup(0x2e00, &(0x7f0000000340)={0x0, 0xc9ba, 0x20, 0xfffffffd, 0x2000037d}, &(0x7f0000ff3000/0x4000)=nil, &(0x7f0000eee000/0x8000)=nil, &(0x7f00000001c0), 0x0)
mlock2(&(0x7f0000d03000/0x1000)=nil, 0x1000, 0x1)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000080)='freezer.parent_freezing\x00', 0x0, 0x0)
move_pages(r0, 0x2, &(0x7f0000000300)=[&(0x7f0000ffd000/0x1000)=nil, &(0x7f0000f10000/0x3000)=nil], &(0x7f00000000c0), &(0x7f0000000000), 0x0)
socket$caif_seqpacket(0x25, 0x5, 0x0)
get_robust_list(r0, &(0x7f0000000180)=&(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000000c0)}}, &(0x7f0000000200)=0xc)

[  486.940002][T16597] UDF-fs: warning (device loop3): udf_load_vrs: No anchor found
[  486.949182][T16597] UDF-fs: Scanning with blocksize 512 failed
08:23:07 executing program 4:
fcntl$F_GET_FILE_RW_HINT(0xffffffffffffffff, 0x40d, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r0 = getpid()
sched_setattr(0x0, &(0x7f0000000140)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0)
sched_setattr(r0, &(0x7f0000000240)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = open(&(0x7f0000000040)='./bus\x00', 0x1612c2, 0x0)
r4 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0)
sendfile(r3, r4, 0x0, 0x400000000001002a)
r5 = openat(0xffffffffffffffff, &(0x7f000000c380)='./file0\x00', 0x84842, 0x0)
write(r5, &(0x7f0000004200)='t', 0xfff4)
sendmsg$NL80211_CMD_SET_INTERFACE(0xffffffffffffffff, &(0x7f0000001840)={&(0x7f0000000080), 0xc, &(0x7f0000001800)={&(0x7f00000001c0)=ANY=[@ANYRES64, @ANYRESDEC, @ANYRES32=0x0, @ANYRES32], 0x60}, 0x1, 0x0, 0x0, 0x44090}, 0x0)

08:23:07 executing program 5:
syz_mount_image$reiserfs(&(0x7f00000000c0), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, &(0x7f0000000000), 0x0, &(0x7f0000000040)={[{@grpjquota, 0x3d}]})

08:23:07 executing program 2:
syz_open_procfs(0x0, &(0x7f0000000040)='mounts\x00')
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000040)={r1})
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000))
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000001c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1003]})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000140)={[{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}]})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000056f000/0x18000)=nil, &(0x7f0000000080)=[@text32={0x20, &(0x7f00000000c0)="66ba4000b0c2ee66bad104b829280000efea0e0000000a00b8050000000f23d80f21f835c00000a00f23f8653e65f30f21c62e0fae2b0f01c2b8060000000f23d00f21f835200000000f23f8c4c3a1cf830000000002d9f7", 0x58}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  487.022959][T16597] UDF-fs: error (device loop3): udf_process_sequence: Primary Volume Descriptor not found!
[  487.042583][T16597] UDF-fs: error (device loop3): udf_process_sequence: Primary Volume Descriptor not found!
[  487.052698][T16597] UDF-fs: Scanning with blocksize 1024 failed
[  487.072128][T16597] UDF-fs: warning (device loop3): udf_load_vrs: No anchor found
[  487.080003][T16597] UDF-fs: Scanning with blocksize 2048 failed
[  487.138156][T16597] UDF-fs: warning (device loop3): udf_load_vrs: No anchor found
[  487.146152][T16597] UDF-fs: Scanning with blocksize 4096 failed
[  487.152240][T16597] UDF-fs: warning (device loop3): udf_fill_super: No partition found (1)
08:23:08 executing program 1:
r0 = syz_io_uring_setup(0x21c, &(0x7f0000000000), &(0x7f00006d3000/0x3000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000280)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x10, 0xffffffffffffffff, 0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x40, &(0x7f0000000140)=0x307e, 0x0, 0x4)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
syz_io_uring_submit(r1, r2, &(0x7f0000002ec0)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd=r3}, 0x80)
syz_io_uring_submit(r1, r2, &(0x7f00000000c0)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r3, 0x0, &(0x7f0000000640)={0x0, 0x0, 0x0}}, 0x0)
io_uring_enter(r0, 0x71a1, 0x0, 0x0, 0x0, 0x0)
io_uring_enter(r0, 0x4f96, 0x0, 0x0, 0x0, 0x0)
shutdown(r3, 0x0)

08:23:08 executing program 3:
pwritev2(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000380)={&(0x7f0000000080), 0xc, &(0x7f0000000140)={0x0}}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x20000009}, 0x0)
sched_setattr(0x0, &(0x7f0000000200)={0x38, 0x1, 0x0, 0x0, 0x3}, 0x0)
syz_mount_image$udf(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0xd, &(0x7f0000000200)=[{&(0x7f0000010000)="064245413031", 0x6, 0x8000}, {&(0x7f0000010100)='\x00NSR03', 0x6, 0x8800}, {&(0x7f0000010300)="010003000b0001005c59f001600000000100000000000000084c696e757855444600000000000000000000000000000000000000000000090100010003000300010000000100000008313233343536373831323334353637384c696e7578554446", 0x61, 0x18000}, {&(0x7f0000010400)="0000000000000019004f53544120436f6d7072657373656420556e69636f646500000000000000000000000000000000000000000000000000000000000000000000000000000000004f53544120436f6d7072657373656420556e69636f64650000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002a4c696e7578206d6b756466667300000000000000000004050000000000007810e4070913142c1a3e2835002a4c696e757820554446465300000000000000000000000405", 0xde, 0x180c0}, {&(0x7f0000010500)='\x00\x00\x00\x00\x00\x00\x00\x00', 0x8, 0x181e0}, {&(0x7f0000010600)="06000300e2000100800ee8016100000002000000004f53544120436f6d7072657373656420556e69636f646500000000000000000000000000000000000000000000000000000000000000000000000000000000084c696e7578554446", 0x5d, 0x18400}, {&(0x7f0000010700)="000000000000000000000000000000000000000900040000002a4f5354412055444620436f6d706c69616e74000000000102000000000000000400001000000000000000000000004000000001000000002a4c696e757820554446465300000000000000000000000405", 0x6a, 0x184c0}, {&(0x7f0000010800)="00000000000000000000000000000000004000008000000002400000002a554446205370617261626c6520506172746974696f6e010204050000000001000000100002003802000070000000f007", 0x4e, 0x185a0}, {&(0x7f0000010900)="050003002e0001003a98f001620000000500000001000000002b4e5352303300"/54, 0x36}, {0x0, 0x0, 0x188a0}, {&(0x7f0000011400)="020003003800010077c9f00100010000004000006000000000400000e007", 0x1e, 0x40000}, {&(0x7f0000011600)="00010300380001001e14f001100000007810e4070913142c1a3e28350300030001000000010000000000000000000000004f53544120436f6d7072657373656420556e69636f646500"/91, 0x5b, 0x148000}, {0x0, 0x0, 0x1480e0}], 0x0, &(0x7f0000013b00))

[  487.240700][T16618] REISERFS warning (device loop5): sh-2021 reiserfs_fill_super: can not find reiserfs on loop5
08:23:08 executing program 0:
perf_event_open(&(0x7f0000000640)={0x2, 0x80, 0xd7, 0x0, 0x0, 0x0, 0x0, 0x2000000000, 0xa40a1, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x10000, 0x0, 0x0, 0x3, 0x1, 0xffffff7c, 0x3, 0x0, 0x2cf6ca54, 0x0, 0x7}, 0x0, 0x2, 0xffffffffffffffff, 0xb)
mmap$perf(&(0x7f0000c00000/0x400000)=nil, 0x400000, 0x3000002, 0x40032, 0xffffffffffffffff, 0x0)
mlock2(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0)
mlock2(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0)
r0 = fork()
r1 = userfaultfd(0x80000)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x543c04, 0x0)
r3 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r4 = dup3(r2, r3, 0x0)
write$binfmt_script(r1, &(0x7f0000000280)=ANY=[@ANYRESOCT=r3, @ANYRES32=r2, @ANYRESOCT, @ANYRESDEC, @ANYRESHEX=r4, @ANYRESDEC=r2], 0x9f)
munlock(&(0x7f0000ef1000/0x2000)=nil, 0x2000)
syz_io_uring_setup(0x2e00, &(0x7f0000000340)={0x0, 0xc9ba, 0x20, 0xfffffffd, 0x2000037d}, &(0x7f0000ff3000/0x4000)=nil, &(0x7f0000eee000/0x8000)=nil, &(0x7f00000001c0), 0x0)
mlock2(&(0x7f0000d03000/0x1000)=nil, 0x1000, 0x1)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000080)='freezer.parent_freezing\x00', 0x0, 0x0)
move_pages(r0, 0x2, &(0x7f0000000300)=[&(0x7f0000ffd000/0x1000)=nil, &(0x7f0000f10000/0x3000)=nil], &(0x7f00000000c0), &(0x7f0000000000), 0x0)
socket$caif_seqpacket(0x25, 0x5, 0x0)
get_robust_list(r0, &(0x7f0000000180)=&(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000000c0)}}, &(0x7f0000000200)=0xc)

08:23:08 executing program 4:
fcntl$F_GET_FILE_RW_HINT(0xffffffffffffffff, 0x40d, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r0 = getpid()
sched_setattr(0x0, &(0x7f0000000140)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0)
sched_setattr(r0, &(0x7f0000000240)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
open(&(0x7f0000000040)='./bus\x00', 0x1612c2, 0x0)
openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0)
r3 = syz_mount_image$vfat(&(0x7f0000000400), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
r4 = openat(r3, &(0x7f000000c380)='./file0\x00', 0x84842, 0x0)
write(r4, &(0x7f0000004200)='t', 0xfff4)
sendmsg$NL80211_CMD_SET_INTERFACE(0xffffffffffffffff, &(0x7f0000001840)={&(0x7f0000000080), 0xc, &(0x7f0000001800)={&(0x7f00000001c0)=ANY=[@ANYRES64, @ANYRESDEC, @ANYRES32=0x0, @ANYRES32], 0x60}, 0x1, 0x0, 0x0, 0x44090}, 0x0)

[  488.198992][T16637] loop3: detected capacity change from 0 to 5248
08:23:09 executing program 5:
syz_mount_image$reiserfs(&(0x7f00000000c0), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, &(0x7f0000000000), 0x0, &(0x7f0000000040)={[{@grpjquota, 0x3d}]})

[  488.451720][T16652] loop4: detected capacity change from 0 to 16
[  489.046806][T16637] UDF-fs: warning (device loop3): udf_load_vrs: No anchor found
[  489.055886][T16637] UDF-fs: Scanning with blocksize 512 failed
[  489.066392][T16637] UDF-fs: error (device loop3): udf_process_sequence: Primary Volume Descriptor not found!
[  489.077533][T16637] UDF-fs: error (device loop3): udf_process_sequence: Primary Volume Descriptor not found!
[  489.087694][T16637] UDF-fs: Scanning with blocksize 1024 failed
08:23:10 executing program 2:
syz_open_procfs(0x0, &(0x7f0000000040)='mounts\x00')
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000040)={r1})
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000))
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000001c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1003]})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000140)={[{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}]})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000056f000/0x18000)=nil, &(0x7f0000000080)=[@text32={0x20, &(0x7f00000000c0)="66ba4000b0c2ee66bad104b829280000efea0e0000000a00b8050000000f23d80f21f835c00000a00f23f8653e65f30f21c62e0fae2b0f01c2b8060000000f23d00f21f835200000000f23f8c4c3a1cf830000000002d9f7", 0x58}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

08:23:10 executing program 4:
fcntl$F_GET_FILE_RW_HINT(0xffffffffffffffff, 0x40d, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r0 = getpid()
sched_setattr(0x0, &(0x7f0000000140)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0)
sched_setattr(r0, &(0x7f0000000240)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
open(&(0x7f0000000040)='./bus\x00', 0x1612c2, 0x0)
openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0)
r3 = syz_mount_image$vfat(&(0x7f0000000400), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
r4 = openat(r3, &(0x7f000000c380)='./file0\x00', 0x84842, 0x0)
write(r4, &(0x7f0000004200)='t', 0xfff4)
sendmsg$NL80211_CMD_SET_INTERFACE(0xffffffffffffffff, &(0x7f0000001840)={&(0x7f0000000080), 0xc, &(0x7f0000001800)={&(0x7f00000001c0)=ANY=[@ANYRES64, @ANYRESDEC, @ANYRES32=0x0, @ANYRES32], 0x60}, 0x1, 0x0, 0x0, 0x44090}, 0x0)

[  489.108994][T16637] UDF-fs: warning (device loop3): udf_load_vrs: No anchor found
[  489.116887][T16637] UDF-fs: Scanning with blocksize 2048 failed
[  489.133529][T16637] UDF-fs: warning (device loop3): udf_load_vrs: No anchor found
[  489.141214][T16637] UDF-fs: Scanning with blocksize 4096 failed
[  489.147419][T16637] UDF-fs: warning (device loop3): udf_fill_super: No partition found (1)
08:23:10 executing program 3:
syz_mount_image$msdos(&(0x7f0000000040), &(0x7f00000003c0)='./file1\x00', 0xffffffff, 0x1, &(0x7f0000000080)=[{&(0x7f00000000c0)="0400050900000000666174000404090a0200027400f801", 0x17}], 0x0, &(0x7f00000004c0)=ANY=[])
chdir(&(0x7f0000000000)='./file1\x00')
r0 = creat(0x0, 0x0)
r1 = creat(&(0x7f0000000140)='./bus\x00', 0x0)
ftruncate(r1, 0x1000)
openat(r0, &(0x7f0000000100)='./bus\x00', 0x1, 0x112)
lseek(r1, 0x0, 0x2)
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f0000058c40)={0x1, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, <r2=>0x0}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, <r3=>0x0}, {}, {}, {}, {}, {}, {<r4=>0x0}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {<r5=>0x0}], 0x1, "2156816c73038c"})
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, 0x0)
r6 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0)
ioctl$SG_IO(r6, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x21, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12dba", 0x0, 0x0, 0x0, 0x0, 0x0})
fallocate(0xffffffffffffffff, 0x57, 0x100000001, 0x100000001)
r7 = perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x5}, 0x0, 0x0, 0x0, 0x7, 0x7fffffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(r7, 0xd000943d, &(0x7f0000058c40)={0x1, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {<r8=>0x0}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {<r9=>0x0}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r5}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r2}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r4}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, <r10=>0x0}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r3}], 0x1, "2156816c73038c"})
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f0000058280)={0x9, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r8}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r10}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r9}], 0x0, "d5e311dce380af"})
r11 = open(&(0x7f0000000200)='./bus\x00', 0x0, 0x0)
sendfile(r1, r11, 0x0, 0x8400fffffffa)

[  489.226173][T16660] REISERFS warning (device loop5): sh-2021 reiserfs_fill_super: can not find reiserfs on loop5
08:23:10 executing program 1:
r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0xa9, 0x70, 0x0, 0x20, 0x55d, 0x9000, 0xf15f, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0xe, 0x4f, 0x4}}]}}]}}, 0x0)
syz_usb_control_io(r0, &(0x7f0000000e00)={0x2c, 0x0, &(0x7f0000000280)={0x0, 0x3, 0x2, @string={0x2}}, 0x0, 0x0, 0x0}, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, &(0x7f00000011c0)={0x84, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000f80)={0x40, 0xb, 0x2, "3ab9"}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, 0x0, &(0x7f0000002680)={0x2c, &(0x7f0000000040)=ANY=[], 0x0, 0x0, 0x0, 0x0})

08:23:10 executing program 0:
perf_event_open(&(0x7f0000000640)={0x2, 0x80, 0xd7, 0x0, 0x0, 0x0, 0x0, 0x2000000000, 0xa40a1, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x10000, 0x0, 0x0, 0x3, 0x1, 0xffffff7c, 0x3, 0x0, 0x2cf6ca54, 0x0, 0x7}, 0x0, 0x2, 0xffffffffffffffff, 0xb)
mmap$perf(&(0x7f0000c00000/0x400000)=nil, 0x400000, 0x3000002, 0x40032, 0xffffffffffffffff, 0x0)
mlock2(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0)
mlock2(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0)
r0 = fork()
r1 = userfaultfd(0x80000)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x543c04, 0x0)
r3 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r4 = dup3(r2, r3, 0x0)
write$binfmt_script(r1, &(0x7f0000000280)=ANY=[@ANYRESOCT=r3, @ANYRES32=r2, @ANYRESOCT, @ANYRESDEC, @ANYRESHEX=r4, @ANYRESDEC=r2], 0x9f)
munlock(&(0x7f0000ef1000/0x2000)=nil, 0x2000)
syz_io_uring_setup(0x2e00, &(0x7f0000000340)={0x0, 0xc9ba, 0x20, 0xfffffffd, 0x2000037d}, &(0x7f0000ff3000/0x4000)=nil, &(0x7f0000eee000/0x8000)=nil, &(0x7f00000001c0), &(0x7f00000003c0))
mlock2(&(0x7f0000d03000/0x1000)=nil, 0x1000, 0x0)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000080)='freezer.parent_freezing\x00', 0x0, 0x0)
move_pages(r0, 0x2, &(0x7f0000000300)=[&(0x7f0000ffd000/0x1000)=nil, &(0x7f0000f10000/0x3000)=nil], &(0x7f00000000c0), &(0x7f0000000000), 0x0)
socket$caif_seqpacket(0x25, 0x5, 0x0)
get_robust_list(r0, &(0x7f0000000180)=&(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000000c0)}}, &(0x7f0000000200)=0xc)

[  489.380592][T16679] loop3: detected capacity change from 0 to 264192
[  489.462565][T16684] loop4: detected capacity change from 0 to 16
08:23:11 executing program 4:
fcntl$F_GET_FILE_RW_HINT(0xffffffffffffffff, 0x40d, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r0 = getpid()
sched_setattr(0x0, &(0x7f0000000140)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0)
sched_setattr(r0, &(0x7f0000000240)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
open(&(0x7f0000000040)='./bus\x00', 0x1612c2, 0x0)
openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0)
r3 = syz_mount_image$vfat(&(0x7f0000000400), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
r4 = openat(r3, &(0x7f000000c380)='./file0\x00', 0x84842, 0x0)
write(r4, &(0x7f0000004200)='t', 0xfff4)
sendmsg$NL80211_CMD_SET_INTERFACE(0xffffffffffffffff, &(0x7f0000001840)={&(0x7f0000000080), 0xc, &(0x7f0000001800)={&(0x7f00000001c0)=ANY=[@ANYRES64, @ANYRESDEC, @ANYRES32=0x0, @ANYRES32], 0x60}, 0x1, 0x0, 0x0, 0x44090}, 0x0)

08:23:11 executing program 5:
syz_mount_image$reiserfs(&(0x7f00000000c0), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, &(0x7f0000000000), 0x0, &(0x7f0000000040)={[{@grpjquota, 0x3d}]})

[  490.203461][    C0] sd 0:0:1:0: tag#4695 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK cmd_age=0s
[  490.213410][    C0] sd 0:0:1:0: tag#4695 CDB: opcode=0xe5 (vendor)
[  490.219753][    C0] sd 0:0:1:0: tag#4695 CDB[00]: e5 f4 32 73 2f 4e 09 6d 26 e2 c7 35 d1 35 12 1c
[  490.228856][    C0] sd 0:0:1:0: tag#4695 CDB[10]: 92 1b da 40 b8 58 5b a8 d4 7d 34 f3 90 4c f1 2d
[  490.237924][    C0] sd 0:0:1:0: tag#4695 CDB[20]: ba
08:23:11 executing program 0:
perf_event_open(&(0x7f0000000640)={0x2, 0x80, 0xd7, 0x0, 0x0, 0x0, 0x0, 0x2000000000, 0xa40a1, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x10000, 0x0, 0x0, 0x3, 0x1, 0xffffff7c, 0x3, 0x0, 0x2cf6ca54, 0x0, 0x7}, 0x0, 0x2, 0xffffffffffffffff, 0xb)
mmap$perf(&(0x7f0000c00000/0x400000)=nil, 0x400000, 0x3000002, 0x40032, 0xffffffffffffffff, 0x0)
mlock2(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0)
mlock2(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0)
r0 = fork()
r1 = userfaultfd(0x80000)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x543c04, 0x0)
r3 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r4 = dup3(r2, r3, 0x0)
write$binfmt_script(r1, &(0x7f0000000280)=ANY=[@ANYRESOCT=r3, @ANYRES32=r2, @ANYRESOCT, @ANYRESDEC, @ANYRESHEX=r4, @ANYRESDEC=r2], 0x9f)
munlock(&(0x7f0000ef1000/0x2000)=nil, 0x2000)
syz_io_uring_setup(0x2e00, &(0x7f0000000340)={0x0, 0xc9ba, 0x20, 0xfffffffd, 0x2000037d}, &(0x7f0000ff3000/0x4000)=nil, &(0x7f0000eee000/0x8000)=nil, &(0x7f00000001c0), &(0x7f00000003c0))
mlock2(&(0x7f0000d03000/0x1000)=nil, 0x1000, 0x0)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000080)='freezer.parent_freezing\x00', 0x0, 0x0)
move_pages(r0, 0x2, &(0x7f0000000300)=[&(0x7f0000ffd000/0x1000)=nil, &(0x7f0000f10000/0x3000)=nil], &(0x7f00000000c0), &(0x7f0000000000), 0x0)
socket$caif_seqpacket(0x25, 0x5, 0x0)
get_robust_list(r0, &(0x7f0000000180)=&(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000000c0)}}, &(0x7f0000000200)=0xc)

[  490.327265][T16702] REISERFS warning (device loop5): sh-2021 reiserfs_fill_super: can not find reiserfs on loop5
[  490.331599][   T26] audit: type=1804 audit(1632817391.193:36): pid=16679 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/root/syzkaller-testdir504965368/syzkaller.RPeQl2/232/file1/bus" dev="loop3" ino=16 res=1 errno=0
08:23:11 executing program 3:
syz_mount_image$msdos(&(0x7f0000000040), &(0x7f00000003c0)='./file1\x00', 0xffffffff, 0x1, &(0x7f0000000080)=[{&(0x7f00000000c0)="0400050900000000666174000404090a0200027400f801", 0x17}], 0x0, &(0x7f00000004c0)=ANY=[])
chdir(&(0x7f0000000000)='./file1\x00')
r0 = creat(0x0, 0x0)
r1 = creat(&(0x7f0000000140)='./bus\x00', 0x0)
ftruncate(r1, 0x1000)
openat(r0, &(0x7f0000000100)='./bus\x00', 0x1, 0x112)
lseek(r1, 0x0, 0x2)
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f0000058c40)={0x1, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, <r2=>0x0}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, <r3=>0x0}, {}, {}, {}, {}, {}, {<r4=>0x0}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {<r5=>0x0}], 0x1, "2156816c73038c"})
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, 0x0)
r6 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0)
ioctl$SG_IO(r6, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x21, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12dba", 0x0, 0x0, 0x0, 0x0, 0x0})
fallocate(0xffffffffffffffff, 0x57, 0x100000001, 0x100000001)
r7 = perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x5}, 0x0, 0x0, 0x0, 0x7, 0x7fffffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(r7, 0xd000943d, &(0x7f0000058c40)={0x1, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {<r8=>0x0}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {<r9=>0x0}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r5}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r2}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r4}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, <r10=>0x0}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r3}], 0x1, "2156816c73038c"})
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f0000058280)={0x9, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r8}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r10}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r9}], 0x0, "d5e311dce380af"})
r11 = open(&(0x7f0000000200)='./bus\x00', 0x0, 0x0)
sendfile(r1, r11, 0x0, 0x8400fffffffa)

08:23:11 executing program 2:
syz_open_procfs(0x0, &(0x7f0000000000)='mountstats\x00')
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000040)={r1})
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000))
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000001c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1003]})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000140)={[{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}]})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000056f000/0x18000)=nil, &(0x7f0000000080)=[@text32={0x20, &(0x7f00000000c0)="66ba4000b0c2ee66bad104b829280000efea0e0000000a00b8050000000f23d80f21f835c00000a00f23f8653e65f30f21c62e0fae2b0f01c2b8060000000f23d00f21f835200000000f23f8c4c3a1cf830000000002d9f7", 0x58}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  490.500023][ T8583] usb 2-1: new high-speed USB device number 2 using dummy_hcd
[  490.610188][T16723] loop4: detected capacity change from 0 to 16
08:23:11 executing program 5:
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x7}, 0x0, 0xffefffffffffffff, 0xffffffffffffffff, 0x0)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
syz_io_uring_setup(0x0, 0x0, &(0x7f0000002000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000000200)=<r1=>0x0, 0x0)
syz_io_uring_submit(r1, 0x0, &(0x7f0000000100)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x5}, 0x0)
syz_io_uring_submit(r1, 0x0, &(0x7f0000000080)=@IORING_OP_TEE={0x21, 0xbe5cf47aa7a76586, 0x0, @fd=r0, 0x0, 0x0, 0x194, 0xb, 0x1}, 0x101)
r2 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TIOCGSID(r2, 0x5429, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x0, "00000000000000000000000000ddc1517600"})
r3 = syz_open_pts(r0, 0x0)
ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000200)=0x2)
read(r3, 0x0, 0x2000)
dup3(r3, r0, 0x0)
openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
syz_open_dev$vcsn(0x0, 0x0, 0xb4180)
perf_event_open(&(0x7f0000000000)={0x1, 0x80, 0x0, 0x0, 0x1f, 0x0, 0x0, 0x2, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={0x0}, 0x40400, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0x0, 0xffffffffffffffff, 0x2)

[  490.882206][ T8583] usb 2-1: Using ep0 maxpacket: 32
[  491.233029][ T8583] usb 2-1: New USB device found, idVendor=055d, idProduct=9000, bcdDevice=f1.5f
08:23:12 executing program 4:
fcntl$F_GET_FILE_RW_HINT(0xffffffffffffffff, 0x40d, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r0 = getpid()
sched_setattr(0x0, &(0x7f0000000140)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0)
sched_setattr(r0, &(0x7f0000000240)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = open(&(0x7f0000000040)='./bus\x00', 0x1612c2, 0x0)
sendfile(r3, 0xffffffffffffffff, 0x0, 0x400000000001002a)
r4 = syz_mount_image$vfat(&(0x7f0000000400), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
r5 = openat(r4, &(0x7f000000c380)='./file0\x00', 0x84842, 0x0)
write(r5, &(0x7f0000004200)='t', 0xfff4)
sendmsg$NL80211_CMD_SET_INTERFACE(0xffffffffffffffff, &(0x7f0000001840)={&(0x7f0000000080), 0xc, &(0x7f0000001800)={&(0x7f00000001c0)=ANY=[@ANYRES64, @ANYRESDEC, @ANYRES32=0x0, @ANYRES32], 0x60}, 0x1, 0x0, 0x0, 0x44090}, 0x0)

[  491.333794][ T8583] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  491.344551][ T8583] usb 2-1: Product: syz
[  491.349033][ T8583] usb 2-1: Manufacturer: syz
[  491.356595][ T8583] usb 2-1: SerialNumber: syz
[  491.370057][T16735] loop3: detected capacity change from 0 to 264192
[  491.376912][ T8583] usb 2-1: config 0 descriptor??
[  491.449884][ T8583] pwc: Samsung MPC-C10 USB webcam detected.
[  491.497938][    C1] sd 0:0:1:0: tag#4696 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK cmd_age=0s
[  491.507930][    C1] sd 0:0:1:0: tag#4696 CDB: opcode=0xe5 (vendor)
[  491.514401][    C1] sd 0:0:1:0: tag#4696 CDB[00]: e5 f4 32 73 2f 4e 09 6d 26 e2 c7 35 d1 35 12 1c
[  491.523598][    C1] sd 0:0:1:0: tag#4696 CDB[10]: 92 1b da 40 b8 58 5b a8 d4 7d 34 f3 90 4c f1 2d
[  491.532709][    C1] sd 0:0:1:0: tag#4696 CDB[20]: ba
08:23:12 executing program 0:
perf_event_open(&(0x7f0000000640)={0x2, 0x80, 0xd7, 0x0, 0x0, 0x0, 0x0, 0x2000000000, 0xa40a1, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x10000, 0x0, 0x0, 0x3, 0x1, 0xffffff7c, 0x3, 0x0, 0x2cf6ca54, 0x0, 0x7}, 0x0, 0x2, 0xffffffffffffffff, 0xb)
mmap$perf(&(0x7f0000c00000/0x400000)=nil, 0x400000, 0x3000002, 0x40032, 0xffffffffffffffff, 0x0)
mlock2(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0)
mlock2(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0)
r0 = fork()
r1 = userfaultfd(0x80000)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x543c04, 0x0)
r3 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r4 = dup3(r2, r3, 0x0)
write$binfmt_script(r1, &(0x7f0000000280)=ANY=[@ANYRESOCT=r3, @ANYRES32=r2, @ANYRESOCT, @ANYRESDEC, @ANYRESHEX=r4, @ANYRESDEC=r2], 0x9f)
munlock(&(0x7f0000ef1000/0x2000)=nil, 0x2000)
syz_io_uring_setup(0x2e00, &(0x7f0000000340)={0x0, 0xc9ba, 0x20, 0xfffffffd, 0x2000037d}, &(0x7f0000ff3000/0x4000)=nil, &(0x7f0000eee000/0x8000)=nil, &(0x7f00000001c0), &(0x7f00000003c0))
mlock2(&(0x7f0000d03000/0x1000)=nil, 0x1000, 0x0)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000080)='freezer.parent_freezing\x00', 0x0, 0x0)
move_pages(r0, 0x2, &(0x7f0000000300)=[&(0x7f0000ffd000/0x1000)=nil, &(0x7f0000f10000/0x3000)=nil], &(0x7f00000000c0), &(0x7f0000000000), 0x0)
socket$caif_seqpacket(0x25, 0x5, 0x0)
get_robust_list(r0, &(0x7f0000000180)=&(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000000c0)}}, &(0x7f0000000200)=0xc)

[  491.550389][   T26] audit: type=1804 audit(1632817392.413:37): pid=16735 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/root/syzkaller-testdir504965368/syzkaller.RPeQl2/233/file1/bus" dev="loop3" ino=17 res=1 errno=0
08:23:12 executing program 3:
r0 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$inet_buf(r0, 0x0, 0x20, &(0x7f0000000080)="f2d041f909fd9fce00dd4254", 0xc)

08:23:12 executing program 5:
r0 = syz_open_dev$vim2m(&(0x7f0000000100), 0x8, 0x2)
ioctl$vim2m_VIDIOC_QUERYBUF(r0, 0xc0585609, &(0x7f0000000140)={0x0, 0x1, 0x4, 0x0, 0x0, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "3f2b9de5"}})

[  491.747161][T16759] loop4: detected capacity change from 0 to 16
[  492.502159][ T8583] pwc: recv_control_msg error -32 req 02 val 2b00
[  492.551867][ T8583] pwc: recv_control_msg error -32 req 02 val 2700
[  492.618781][ T8583] pwc: recv_control_msg error -32 req 04 val 1700
[  492.686448][ T8583] pwc: recv_control_msg error -32 req 02 val 2c00
[  492.741921][ T8583] pwc: recv_control_msg error -32 req 04 val 1000
[  493.021920][ T8583] pwc: recv_control_msg error -71 req 04 val 1400
[  493.061974][ T8583] pwc: recv_control_msg error -71 req 02 val 2000
[  493.089888][ T8583] pwc: recv_control_msg error -71 req 02 val 2100
[  493.129856][ T8583] pwc: recv_control_msg error -71 req 02 val 2200
[  493.182049][ T8583] pwc: recv_control_msg error -71 req 06 val 0600
[  493.211880][ T8583] pwc: recv_control_msg error -71 req 04 val 1500
[  493.251844][ T8583] pwc: recv_control_msg error -71 req 02 val 2500
[  493.284059][ T8583] pwc: recv_control_msg error -71 req 02 val 2400
[  493.321705][ T8583] pwc: recv_control_msg error -71 req 02 val 2600
[  493.351969][ T8583] pwc: recv_control_msg error -71 req 02 val 2900
[  493.381884][ T8583] pwc: recv_control_msg error -71 req 02 val 2800
[  493.431904][ T8583] pwc: recv_control_msg error -71 req 04 val 1100
[  493.455506][ T8583] pwc: recv_control_msg error -71 req 04 val 1200
[  493.468630][ T8583] pwc: Registered as video71.
[  493.501631][ T8583] input: PWC snapshot button as /devices/platform/dummy_hcd.1/usb2/2-1/input/input16
[  493.561934][ T8583] usb 2-1: USB disconnect, device number 2
[  494.041654][ T8583] usb 2-1: new high-speed USB device number 3 using dummy_hcd
[  494.291593][ T8583] usb 2-1: Using ep0 maxpacket: 32
08:23:15 executing program 1:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpuacct.usage_sys\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x0, 0x10012, r0, 0x0)
r1 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$TIOCSSOFTCAR(r1, 0x541a, 0x0)

08:23:15 executing program 4:
fcntl$F_GET_FILE_RW_HINT(0xffffffffffffffff, 0x40d, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r0 = getpid()
sched_setattr(0x0, &(0x7f0000000140)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0)
sched_setattr(r0, &(0x7f0000000240)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = open(&(0x7f0000000040)='./bus\x00', 0x1612c2, 0x0)
sendfile(r3, 0xffffffffffffffff, 0x0, 0x400000000001002a)
r4 = syz_mount_image$vfat(&(0x7f0000000400), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
r5 = openat(r4, &(0x7f000000c380)='./file0\x00', 0x84842, 0x0)
write(r5, &(0x7f0000004200)='t', 0xfff4)
sendmsg$NL80211_CMD_SET_INTERFACE(0xffffffffffffffff, &(0x7f0000001840)={&(0x7f0000000080), 0xc, &(0x7f0000001800)={&(0x7f00000001c0)=ANY=[@ANYRES64, @ANYRESDEC, @ANYRES32=0x0, @ANYRES32], 0x60}, 0x1, 0x0, 0x0, 0x44090}, 0x0)

08:23:15 executing program 2:
syz_open_procfs(0x0, &(0x7f0000000000)='mountstats\x00')
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000040)={r1})
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000))
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000001c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1003]})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000140)={[{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}]})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000056f000/0x18000)=nil, &(0x7f0000000080)=[@text32={0x20, &(0x7f00000000c0)="66ba4000b0c2ee66bad104b829280000efea0e0000000a00b8050000000f23d80f21f835c00000a00f23f8653e65f30f21c62e0fae2b0f01c2b8060000000f23d00f21f835200000000f23f8c4c3a1cf830000000002d9f7", 0x58}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

08:23:15 executing program 0:
perf_event_open(&(0x7f0000000640)={0x2, 0x80, 0xd7, 0x0, 0x0, 0x0, 0x0, 0x2000000000, 0xa40a1, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x10000, 0x0, 0x0, 0x3, 0x1, 0xffffff7c, 0x3, 0x0, 0x2cf6ca54, 0x0, 0x7}, 0x0, 0x2, 0xffffffffffffffff, 0xb)
mmap$perf(&(0x7f0000c00000/0x400000)=nil, 0x400000, 0x3000002, 0x40032, 0xffffffffffffffff, 0x0)
mlock2(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0)
mlock2(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0)
r0 = fork()
r1 = userfaultfd(0x80000)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x543c04, 0x0)
r3 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r4 = dup3(r2, r3, 0x0)
write$binfmt_script(r1, &(0x7f0000000280)=ANY=[@ANYRESOCT=r3, @ANYRES32=r2, @ANYRESOCT, @ANYRESDEC, @ANYRESHEX=r4, @ANYRESDEC=r2], 0x9f)
munlock(&(0x7f0000ef1000/0x2000)=nil, 0x2000)
syz_io_uring_setup(0x2e00, &(0x7f0000000340)={0x0, 0xc9ba, 0x20, 0xfffffffd, 0x2000037d}, &(0x7f0000ff3000/0x4000)=nil, &(0x7f0000eee000/0x8000)=nil, &(0x7f00000001c0), &(0x7f00000003c0))
mlock2(&(0x7f0000d03000/0x1000)=nil, 0x1000, 0x1)
openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
move_pages(r0, 0x2, &(0x7f0000000300)=[&(0x7f0000ffd000/0x1000)=nil, &(0x7f0000f10000/0x3000)=nil], &(0x7f00000000c0), &(0x7f0000000000), 0x0)
socket$caif_seqpacket(0x25, 0x5, 0x0)
get_robust_list(r0, &(0x7f0000000180)=&(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000000c0)}}, &(0x7f0000000200)=0xc)

08:23:15 executing program 5:
write(0xffffffffffffffff, &(0x7f00000000c0)="24000000200099f0003be90000ed190e02", 0x11)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000005c0), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00'})
socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$sock_SIOCSIFVLAN_ADD_VLAN_CMD(r1, 0x8983, &(0x7f0000000100)={0x0, 'syzkaller1\x00'})
ioctl$BTRFS_IOC_SET_FEATURES(0xffffffffffffffff, 0x40309439, &(0x7f0000000040)={0x0, 0x0, 0x15})
r2 = socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_inet_SIOCSIFADDR(r2, 0x8914, &(0x7f0000000040)={'syzkaller1\x00', {0x2, 0x0, @remote}})
preadv(r0, &(0x7f0000000080)=[{&(0x7f0000000300)=""/143, 0x8f}], 0x1, 0x0, 0x0)

08:23:15 executing program 3:
syz_mount_image$udf(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, &(0x7f0000000600), 0x0, &(0x7f0000002a80)={[{@umask}]})

[  494.421697][ T8583] usb 2-1: unable to read config index 0 descriptor/start: -71
[  494.429782][ T8583] usb 2-1: can't read configurations, error -71
[  494.476474][T16812] UDF-fs: warning (device loop3): udf_load_vrs: No VRS found
[  494.583003][T16825] loop4: detected capacity change from 0 to 16
08:23:16 executing program 4:
fcntl$F_GET_FILE_RW_HINT(0xffffffffffffffff, 0x40d, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r0 = getpid()
sched_setattr(0x0, &(0x7f0000000140)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0)
sched_setattr(r0, &(0x7f0000000240)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = open(&(0x7f0000000040)='./bus\x00', 0x1612c2, 0x0)
sendfile(r3, 0xffffffffffffffff, 0x0, 0x400000000001002a)
r4 = syz_mount_image$vfat(&(0x7f0000000400), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
r5 = openat(r4, &(0x7f000000c380)='./file0\x00', 0x84842, 0x0)
write(r5, &(0x7f0000004200)='t', 0xfff4)
sendmsg$NL80211_CMD_SET_INTERFACE(0xffffffffffffffff, &(0x7f0000001840)={&(0x7f0000000080), 0xc, &(0x7f0000001800)={&(0x7f00000001c0)=ANY=[@ANYRES64, @ANYRESDEC, @ANYRES32=0x0, @ANYRES32], 0x60}, 0x1, 0x0, 0x0, 0x44090}, 0x0)

[  495.251506][T16812] UDF-fs: Scanning with blocksize 512 failed
[  495.274295][T16812] UDF-fs: warning (device loop3): udf_load_vrs: No VRS found
[  495.288096][T16812] UDF-fs: Scanning with blocksize 1024 failed
08:23:16 executing program 0:
perf_event_open(&(0x7f0000000640)={0x2, 0x80, 0xd7, 0x0, 0x0, 0x0, 0x0, 0x2000000000, 0xa40a1, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x10000, 0x0, 0x0, 0x3, 0x1, 0xffffff7c, 0x3, 0x0, 0x2cf6ca54, 0x0, 0x7}, 0x0, 0x2, 0xffffffffffffffff, 0xb)
mmap$perf(&(0x7f0000c00000/0x400000)=nil, 0x400000, 0x3000002, 0x40032, 0xffffffffffffffff, 0x0)
mlock2(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0)
mlock2(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0)
r0 = fork()
r1 = userfaultfd(0x80000)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x543c04, 0x0)
r3 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r4 = dup3(r2, r3, 0x0)
write$binfmt_script(r1, &(0x7f0000000280)=ANY=[@ANYRESOCT=r3, @ANYRES32=r2, @ANYRESOCT, @ANYRESDEC, @ANYRESHEX=r4, @ANYRESDEC=r2], 0x9f)
munlock(&(0x7f0000ef1000/0x2000)=nil, 0x2000)
syz_io_uring_setup(0x2e00, &(0x7f0000000340)={0x0, 0xc9ba, 0x20, 0xfffffffd, 0x2000037d}, &(0x7f0000ff3000/0x4000)=nil, &(0x7f0000eee000/0x8000)=nil, &(0x7f00000001c0), &(0x7f00000003c0))
mlock2(&(0x7f0000d03000/0x1000)=nil, 0x1000, 0x1)
openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
move_pages(r0, 0x2, &(0x7f0000000300)=[&(0x7f0000ffd000/0x1000)=nil, &(0x7f0000f10000/0x3000)=nil], &(0x7f00000000c0), &(0x7f0000000000), 0x0)
socket$caif_seqpacket(0x25, 0x5, 0x0)
get_robust_list(r0, &(0x7f0000000180)=&(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000000c0)}}, &(0x7f0000000200)=0xc)

08:23:16 executing program 1:
socket$nl_audit(0x10, 0x3, 0x9)
openat$cgroup_netprio_ifpriomap(0xffffffffffffffff, &(0x7f0000000080), 0x2, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f0000000000)='mountinfo\x00')
ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x28000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x5}, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/bus/input/handlers\x00', 0x0, 0x0)
r1 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0)
ioctl$SG_IO(r1, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x21, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12dba", 0x0, 0x0, 0x0, 0x0, 0x0})
r2 = syz_genetlink_get_family_id$batadv(&(0x7f0000000100), r0)
sendmsg$BATADV_CMD_SET_HARDIF(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000140)={0x2c, r2, 0x20, 0x70bd2b, 0x25dfdbff, {}, [@BATADV_ATTR_TPMETER_TEST_TIME={0x8, 0xb, 0x1000}, @BATADV_ATTR_AP_ISOLATION_ENABLED={0x5, 0x2a, 0x1}, @BATADV_ATTR_ISOLATION_MARK={0x8, 0x2b, 0x2}]}, 0x2c}, 0x1, 0x0, 0x0, 0x20040090}, 0x0)
r3 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000840), 0x802, 0x0)
sendfile(r3, r0, 0x0, 0x7ffff000)

[  495.333920][T16812] UDF-fs: warning (device loop3): udf_load_vrs: No VRS found
[  495.372955][T16812] UDF-fs: Scanning with blocksize 2048 failed
[  495.417150][T16812] UDF-fs: warning (device loop3): udf_load_vrs: No VRS found
08:23:16 executing program 2:
syz_open_procfs(0x0, &(0x7f0000000000)='mountstats\x00')
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000040)={r1})
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000))
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000001c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1003]})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000140)={[{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}]})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000056f000/0x18000)=nil, &(0x7f0000000080)=[@text32={0x20, &(0x7f00000000c0)="66ba4000b0c2ee66bad104b829280000efea0e0000000a00b8050000000f23d80f21f835c00000a00f23f8653e65f30f21c62e0fae2b0f01c2b8060000000f23d00f21f835200000000f23f8c4c3a1cf830000000002d9f7", 0x58}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  495.462026][T16812] UDF-fs: Scanning with blocksize 4096 failed
[  495.667031][T16860] loop4: detected capacity change from 0 to 16
08:23:17 executing program 4:
fcntl$F_GET_FILE_RW_HINT(0xffffffffffffffff, 0x40d, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r0 = getpid()
sched_setattr(0x0, &(0x7f0000000140)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0)
sched_setattr(r0, &(0x7f0000000240)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0)
sendfile(0xffffffffffffffff, r3, 0x0, 0x400000000001002a)
r4 = syz_mount_image$vfat(&(0x7f0000000400), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
r5 = openat(r4, &(0x7f000000c380)='./file0\x00', 0x84842, 0x0)
write(r5, &(0x7f0000004200)='t', 0xfff4)
sendmsg$NL80211_CMD_SET_INTERFACE(0xffffffffffffffff, &(0x7f0000001840)={&(0x7f0000000080), 0xc, &(0x7f0000001800)={&(0x7f00000001c0)=ANY=[@ANYRES64, @ANYRESDEC, @ANYRES32=0x0, @ANYRES32], 0x60}, 0x1, 0x0, 0x0, 0x44090}, 0x0)

08:23:17 executing program 3:
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000000840))
syz_open_dev$sg(0x0, 0x0, 0x0)
perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)

[  496.423392][    C1] sd 0:0:1:0: tag#4700 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK cmd_age=0s
[  496.433338][    C1] sd 0:0:1:0: tag#4700 CDB: opcode=0xe5 (vendor)
[  496.439720][    C1] sd 0:0:1:0: tag#4700 CDB[00]: e5 f4 32 73 2f 4e 09 6d 26 e2 c7 35 d1 35 12 1c
[  496.448839][    C1] sd 0:0:1:0: tag#4700 CDB[10]: 92 1b da 40 b8 58 5b a8 d4 7d 34 f3 90 4c f1 2d
[  496.457925][    C1] sd 0:0:1:0: tag#4700 CDB[20]: ba
08:23:17 executing program 0:
perf_event_open(&(0x7f0000000640)={0x2, 0x80, 0xd7, 0x0, 0x0, 0x0, 0x0, 0x2000000000, 0xa40a1, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x10000, 0x0, 0x0, 0x3, 0x1, 0xffffff7c, 0x3, 0x0, 0x2cf6ca54, 0x0, 0x7}, 0x0, 0x2, 0xffffffffffffffff, 0xb)
mmap$perf(&(0x7f0000c00000/0x400000)=nil, 0x400000, 0x3000002, 0x40032, 0xffffffffffffffff, 0x0)
mlock2(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0)
mlock2(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0)
r0 = fork()
r1 = userfaultfd(0x80000)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x543c04, 0x0)
r3 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r4 = dup3(r2, r3, 0x0)
write$binfmt_script(r1, &(0x7f0000000280)=ANY=[@ANYRESOCT=r3, @ANYRES32=r2, @ANYRESOCT, @ANYRESDEC, @ANYRESHEX=r4, @ANYRESDEC=r2], 0x9f)
munlock(&(0x7f0000ef1000/0x2000)=nil, 0x2000)
syz_io_uring_setup(0x2e00, &(0x7f0000000340)={0x0, 0xc9ba, 0x20, 0xfffffffd, 0x2000037d}, &(0x7f0000ff3000/0x4000)=nil, &(0x7f0000eee000/0x8000)=nil, &(0x7f00000001c0), &(0x7f00000003c0))
mlock2(&(0x7f0000d03000/0x1000)=nil, 0x1000, 0x1)
openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
move_pages(r0, 0x2, &(0x7f0000000300)=[&(0x7f0000ffd000/0x1000)=nil, &(0x7f0000f10000/0x3000)=nil], &(0x7f00000000c0), &(0x7f0000000000), 0x0)
socket$caif_seqpacket(0x25, 0x5, 0x0)
get_robust_list(r0, &(0x7f0000000180)=&(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000000c0)}}, &(0x7f0000000200)=0xc)

[  496.705484][T16887] loop4: detected capacity change from 0 to 16
08:23:18 executing program 1:
socket$nl_audit(0x10, 0x3, 0x9)
openat$cgroup_netprio_ifpriomap(0xffffffffffffffff, &(0x7f0000000080), 0x2, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f0000000000)='mountinfo\x00')
ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x28000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x5}, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/bus/input/handlers\x00', 0x0, 0x0)
r1 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0)
ioctl$SG_IO(r1, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x21, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12dba", 0x0, 0x0, 0x0, 0x0, 0x0})
r2 = syz_genetlink_get_family_id$batadv(&(0x7f0000000100), r0)
sendmsg$BATADV_CMD_SET_HARDIF(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000140)={0x2c, r2, 0x20, 0x70bd2b, 0x25dfdbff, {}, [@BATADV_ATTR_TPMETER_TEST_TIME={0x8, 0xb, 0x1000}, @BATADV_ATTR_AP_ISOLATION_ENABLED={0x5, 0x2a, 0x1}, @BATADV_ATTR_ISOLATION_MARK={0x8, 0x2b, 0x2}]}, 0x2c}, 0x1, 0x0, 0x0, 0x20040090}, 0x0)
r3 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000840), 0x802, 0x0)
sendfile(r3, r0, 0x0, 0x7ffff000)

08:23:18 executing program 4:
fcntl$F_GET_FILE_RW_HINT(0xffffffffffffffff, 0x40d, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r0 = getpid()
sched_setattr(0x0, &(0x7f0000000140)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0)
sched_setattr(r0, &(0x7f0000000240)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0)
sendfile(0xffffffffffffffff, r3, 0x0, 0x400000000001002a)
r4 = syz_mount_image$vfat(&(0x7f0000000400), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
r5 = openat(r4, &(0x7f000000c380)='./file0\x00', 0x84842, 0x0)
write(r5, &(0x7f0000004200)='t', 0xfff4)
sendmsg$NL80211_CMD_SET_INTERFACE(0xffffffffffffffff, &(0x7f0000001840)={&(0x7f0000000080), 0xc, &(0x7f0000001800)={&(0x7f00000001c0)=ANY=[@ANYRES64, @ANYRESDEC, @ANYRES32=0x0, @ANYRES32], 0x60}, 0x1, 0x0, 0x0, 0x44090}, 0x0)

08:23:18 executing program 2:
syz_open_procfs(0x0, 0x0)
syz_open_procfs(0x0, &(0x7f0000000000)='mountstats\x00')
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000040)={r1})
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000))
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000001c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1003]})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000140)={[{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}]})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000056f000/0x18000)=nil, &(0x7f0000000080)=[@text32={0x20, &(0x7f00000000c0)="66ba4000b0c2ee66bad104b829280000efea0e0000000a00b8050000000f23d80f21f835c00000a00f23f8653e65f30f21c62e0fae2b0f01c2b8060000000f23d00f21f835200000000f23f8c4c3a1cf830000000002d9f7", 0x58}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  497.775999][T16909] loop4: detected capacity change from 0 to 16
[  497.876214][   T26] audit: type=1800 audit(1632817398.733:38): pid=16909 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.4" name="file0" dev="loop4" ino=18 res=0 errno=0
08:23:20 executing program 5:
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
bind$inet(0xffffffffffffffff, 0x0, 0x0)
write$binfmt_elf64(0xffffffffffffffff, 0x0, 0x1000001bd)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x401c5820, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000040)=[@textreal={0x8, &(0x7f00000035c0)="f30fd6de66b80a0000000f23c00f21f86635010002000f23f8660f5ed90f01cf66b93b00000066b80000010066ba000000000f30670fc72fbaf80c66b81eb0d68866efbafc0cb8e72feff30f1efe0f20e06635400000000f22e0360f2fe3", 0x5e}], 0x1, 0x51, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000000)=[@text16={0x10, 0x0}], 0x1, 0x0, 0x0, 0x22)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

08:23:20 executing program 0:
perf_event_open(&(0x7f0000000640)={0x2, 0x80, 0xd7, 0x0, 0x0, 0x0, 0x0, 0x2000000000, 0xa40a1, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x10000, 0x0, 0x0, 0x3, 0x1, 0xffffff7c, 0x3, 0x0, 0x2cf6ca54, 0x0, 0x7}, 0x0, 0x2, 0xffffffffffffffff, 0xb)
mmap$perf(&(0x7f0000c00000/0x400000)=nil, 0x400000, 0x3000002, 0x40032, 0xffffffffffffffff, 0x0)
mlock2(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0)
mlock2(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0)
r0 = fork()
r1 = userfaultfd(0x80000)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x543c04, 0x0)
r3 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r4 = dup3(r2, r3, 0x0)
write$binfmt_script(r1, &(0x7f0000000280)=ANY=[@ANYRESOCT=r3, @ANYRES32=r2, @ANYRESOCT, @ANYRESDEC, @ANYRESHEX=r4, @ANYRESDEC=r2], 0x9f)
munlock(&(0x7f0000ef1000/0x2000)=nil, 0x2000)
syz_io_uring_setup(0x2e00, &(0x7f0000000340)={0x0, 0xc9ba, 0x20, 0xfffffffd, 0x2000037d}, &(0x7f0000ff3000/0x4000)=nil, &(0x7f0000eee000/0x8000)=nil, &(0x7f00000001c0), &(0x7f00000003c0))
mlock2(&(0x7f0000d03000/0x1000)=nil, 0x1000, 0x1)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000080)='freezer.parent_freezing\x00', 0x0, 0x0)
move_pages(0x0, 0x2, &(0x7f0000000300)=[&(0x7f0000ffd000/0x1000)=nil, &(0x7f0000f10000/0x3000)=nil], &(0x7f00000000c0), &(0x7f0000000000), 0x0)
socket$caif_seqpacket(0x25, 0x5, 0x0)
get_robust_list(r0, &(0x7f0000000180)=&(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000000c0)}}, &(0x7f0000000200)=0xc)

08:23:20 executing program 4:
fcntl$F_GET_FILE_RW_HINT(0xffffffffffffffff, 0x40d, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r0 = getpid()
sched_setattr(0x0, &(0x7f0000000140)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0)
sched_setattr(r0, &(0x7f0000000240)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0)
sendfile(0xffffffffffffffff, r3, 0x0, 0x400000000001002a)
r4 = syz_mount_image$vfat(&(0x7f0000000400), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
r5 = openat(r4, &(0x7f000000c380)='./file0\x00', 0x84842, 0x0)
write(r5, &(0x7f0000004200)='t', 0xfff4)
sendmsg$NL80211_CMD_SET_INTERFACE(0xffffffffffffffff, &(0x7f0000001840)={&(0x7f0000000080), 0xc, &(0x7f0000001800)={&(0x7f00000001c0)=ANY=[@ANYRES64, @ANYRESDEC, @ANYRES32=0x0, @ANYRES32], 0x60}, 0x1, 0x0, 0x0, 0x44090}, 0x0)

08:23:20 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000040)='task\x00')
fstat(r2, &(0x7f00000002c0))
syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000000)=[@text32={0x20, &(0x7f0000000240)="c4e1fe70ab050000007b0fc79ee82c000066dade66ba4100ed36660f38dcfa0f20502e0f30c4c2cda8c6eac37f87072d0064650fc77258", 0x37}], 0x1, 0x65, 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000000c0)=[@text64={0x40, &(0x7f0000000180)="b9800000c03500400000665c0f5d0202f513559afff39aff35c5e17de7a54b49064900c42e660f3881b7c700000000f3c7442400ac000000c7442402079e0000ff1c2426660f388077694f4f0f5c19c7442400b4000000c74424020efc0000ff2c24f5f342d8868680000066b82001c6460d91854f4a4a66420fc73326650fae15fbffffffed", 0x86}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_SET_NESTED_STATE(r3, 0x4080aebf, &(0x7f0000004400)={{0x0, 0x0, 0x80}, "be77f645fa0faab4173328e03e0e9f020bbc798c84be65bf762199e269b6d15af3d542e5a531a895866fbf13910d95e922d6aa84d68924efe5e444b34d9df08a868ae23c677546798d6ec2c17d6e3f87f0d757c2078c9325c641fea9938ba4f20ebb2577f51ba467d973398c7fa94be4e2abd427b7ad4385c63e630090759c2a6c768a973d0b1e7244e494d5925d9d9f40afd544ff001fdb8de7af279d8700739c11327a76f8bc32743c959d8858b276c211222f40206257be84ddd07b20d8b1de9b5390ba5eaa289c0bfdf6b5636b7acfac5159e2e775395858847e3e28da4ed237027cd849991ab91e6e5dc61b9936de574c3b26a2b0e303386c02ed1bb6a5acaf8a9271e196bc59fb3d7d6a88383d53302680fd8ebd0e75fa67333a6fb9da0333d6f87b3f628136a4b9ec1c2f4cf3d5ec900ec17d48e3f741860d963ec6e629243d06b547374ec3f5a0a8e71cdd67e8f591d68711ba4df1f2fc62d9f54c6f7b8844c8ce569fb7f983a631250e77374780413ab37235afdefb70572e79f35d36406aded61bcf76711aacf325b2ac1f78b4ede1239e36d5d644c7a81cdf6b95a1e3aa6c2f70d889654572d1f88f05e5b2c5f5c37d6570102c2525a9b3fa28a88c83ded573a896239900bd365dc0323d4921c3c96a3dae810479a1ac83b64f0f9b2008eb51832bce90105dab379b3d99f6761d4cf438d92356c563c982938fe83026258aad0a7d9f5eacfa359c68ec271d3ecf9a57d3eec56cb0bcf1bb0adc6c297d6e5b101640d3c5b50bcb54faebed4f850e737b5a2837054bccbecfd1c28e70a967a350d21867ea95b2cdfe55fd3edc6e1f4db06a5e6b77a333af48e92899e074794f3b4687dce6d45cb33433e922b1602e767164dc0e760d14b4c70f304de2cb56ca5ea35719f492480e48b9007e4073a8e02450a93d3932971b32aca283773bbb7974486478d380d8524c0eee27ba19d9c51196494bc3f2c41c1ddc72b0b9d97ca307022baf742cb69b45de669e3224c1eaf4e6ec7bb76f921ad3fd01e1138eda10e945ca95302c1729adf6526041169700a783f767632e99b55eac5e4ebc25b63e11649a31e1dba33445a36b40c7cc7ab6450cb4853c69a9f1eb00d466f6c98f297d3e4882fd4d1a9dff0786cece0dd1b03fd84f982b493349f32e49be255102e7bd1475e25574a992da6907a0e6bce48d4601b51ca05798a0e8b5faa9ed6700902e4626b866b4219e3880277bca07f577def954fdd64e089622ed0eec558759a9b6d3e512b330fa30e31403053a73da1747a7874f5b7a9fde4c0f9f29a27e795e275c9f6c33d9db7f370f148a790811428b2f96566bd0e2b148997e69b0ffe1a81cb04d43ce6a24ea2a9414b930fa1330153cb20aaae484e515393b9ddf9d029806c35d5e956462b7cc7f1c7995006ffeae1f1ba1daf8d43309198bf444ec82c670800d5dacd600924564931014b1e834a38274c6560784572e6d4bf8c4a5a1ee5edb2f4ea5fa9f07b11d3d1d88b993fa662bc04dfb9ffa9e534f1622efd7f823346aa7e0a988f56be531c73f34439df61f9737cca8b93d2c25695138c70c469298c3a114c89a8c3409d4dc18e7bd0158631d0b936823a6dda814ed50f83862058d1ecc19b2e1195c910edb5e7164fbd403de0beb5d7feec901a5a373afa1162be95f0e71e50d479e33494d7c98c1cb2ac886c81610678923685fa9f5fff2584c89130b7d2ac78317e531bb2fcade76520cf8bec450e31eebfa5ae2f78587c572d36d56a69cf3f2cc9e15b77c11877d27e8af0196902d7f94646f0294b4507ae4461397ef21b24a2142f740460e1eb1935cbaccd14f71f21d6fb7144de99154f037cf31e9f30da3c935950c7d1c859096d44b57e7bd37147304b2fe51ab63ca7c4031c1f07913c8a894a6b0573886d7a0a62cd20a0f433e541a43808465eb82af5bb9c819a74bed83cf91aa180442c28b9f4d69dd7e728c7734dd3bd3e277e67e96ab9f09e083c0a6e42fe2bc5dcae9a2deddb7f763e62b0d8adacc00af734bb9e978c13309468a2f942f5d2c9f7cafc97dae2f542ef33be39952fa70ee3e2ecb3105c1a490db73fcf46a3645de10e1cb335ea604f41d10b723872c26f20a71f44b1301fffd601c6a609e0d195bbcb1203cd23fdb3e3f59fa8ae5a484881c34706bacb6a479fa7c9cc6920613dd6903bf046493bac060f046efc6ce43aafe9a3b735c1cb283714548fdc16a2ce9d9dccd77f3b8037132ec1b1f1d965932a9ec4b20efe1f2212c94511b61799b5bd29be84e47d1c1209af544bb4c4820b4897fe00fd583b8ae5394354d1f2532d0801f202ba31bf01a896ebea5302167cf9b0ed71e793d9572fac48d75724caa57f99ba9db2113f5fa52d19356ed1d0c85bd60805952113e521a01444d6a6a502144691a9d32363284410e967626c720cdb3444a56b1b7043047dbf8e5f1b5177c82a651710eaed591e1d4ac5ffaf85411f7c3c3e58fefb5e0528f74b3f78a0b31de68f1e31415a7a37010be818b886c28cca1bf68db068929bad71bc6b4ae2a4c9f2c9bf98f15164e6ef96ef4121c191e5a94ca431b49c475f02acebc42d2c6026e4f7d595e5677947bf6cc0d6f95d7838f76cfc04492cebaed4374984706465ac83a1acbb55450f5b5e1e4cc00a88c334afc4d337089d22c443bcdfb3d268a3e57f563b9732cc3f5d8b1fd98a6f44e3b056cbeb65946ec917ef093c3a62757f2b27e6b4873ae7183b5b9a6528a576af69449df90cda4bfad6c54bed67fecc6fdc624183aecb5072002c8dc9d45505901c61489ab31b7d6cde6943f042953df648861b68663291117f3deb74d3f9e9501d9d50b095baaeef21aca82e00203c06ce103cc923e6f02ab481eed2da0a4eedeb827e9d7961f6d972f347c649e706dc0259d697a6a5ea1ba33a6f2c16beed92b58fa290026c728e91f3de285a74e56e968c5d174639a915b5e53d7b1e5566b1a89f09434afb2a2ff1fd00d13e7ce5a3dcb8e628f39a6c6825acd4b7152a777d21485f6360af8b1c62a4a29f2ad98d9c393530187c14b4defdfc8ac12433be7f56a40ce4087eb1f7cf949e4e9b3c612e4953716ab027a36ce839f1d2815c289d08e0e500630c2f54344d6549b9645a4b31648d25f71dc7a43651aa8530ccd0cec2f96a4385b185823111c514b5beb817a98824f301462598f03919ec52c0fdf5a522f3e4b250ded3089e0958bb20e5f936c8ab4fc00316ce483254f6e2abc024835acdba239decc60fcc316cbb5fe85db2e22ecd1259c607b575d836222d7a21f0fccdc6d4f90c487c66dcbe9d17f6af2edc30b57189f009072fa5b46e1f49aa33a6546aea60202c4e77066e2f487b2bd36f3178ea888488ae52fad830868172d8f2b3335db98a83c45e047ba93eb32e08a014d13fb8b9f3b54c16adaac8a95c250051baaa3667343a3df51ab7dccedcf4410482fb24ab337285d4c0d182bf00050c5cd2f8a1f7954fe0ce1c2325dc159445464327f0c463dfdae8c944db603ceab504409be7e3316e679960b63e1935018641f0d30d40fb4f83faa2786e7284b0adf6fe0ae04f61c362be89177aa7a27cd00a1c101debb3fbae04b8b20fceeef601049626954f0436470eb4d344fd53c34eab4fca401bb6aa64c1d1891ca88300ce5f8b9b7badb64a5aa3ce8ea848e288239def4602e4812c66503ccc2a68b734d97b2fe71e321e09275bbc727e4c02ce1a967f2f7c5f02f658c5e449a1c718a535561afbddd05ad28559c6ea8a5d19298eeccee69818b69a833b972128e153306522a3733396e25e3a2175443715b0926ea967609f73e2529fa4b6c346e32543431d11f57f557c71ff6b789d9a78e8039f78c5089586aeba7a584b3d6b753f8633d062b5cca3639eb95885027a1b78a90f79d33e8872b455a21618b76a4afd3d704849b067ab8f968bf528fbdbdfdd34e84163d644e211e32f9b5b91f86fb815890f6e405d7324fd6ff84fea268cf4d613d8b8cc784fd434f317dd77ccaf40d974c43d70ec15306c691ce9782267b20b35c150c1c104adff5437068f7c9dee058c08403024e5ed1f35bf1b6db213af8fd0293b230ddc7a405e1e3e584292cf6d9bd4ca1d0c325ecf37c57134320f79fac3f26874b1d595d0aacb7bf454bc4e15f755c1c7e2d0951d7731d8bf27c8002f611a942d633c9e0203ee9f848de15966e6c993d790bbc26958fdc3ff4e62b971697855ad0980d3cf6cd79c0f2f0d41eab6d2c67e83295afcbee60179e0997ddf9b15002b7fc058afa567034dabc640790aba2419a5ccbce25abccde586373f4e31f3436e5bab2e156b4cd6abaadbd4e991cb4a15cdea2202b13bce716e1df40d6bcc275f14c152ffe6294d2b5a5377a9da546490a0ff9ec3f27a0a6070f1b0d72b75a74ac1e764c4670b9547faa728500233dc410132d800bddd4e81272f1ace1fa8186e1b68e19b23ee611b2c9119b094764fd0720212c14f12f1835596660e08dbaf1a28c2ecb391094e8decb500484a4f9de412781fe084695a243d474471a3d6abd4ac640cfb7da40e0327defce9aa8101a25f7145b55db0510dd090af63fd65f9003693b21b2f3d4775c65707fed78474238d6453592933b2265c3836d0c775b95e9739b3de3856072a5b43c9e3024e8843b2522e92d12aab4a636c68af12722ab38d881f4c97118014db986f3ec966783b93d81d1d70e3ea611482df745256c3ef9c6c949c6afc6929f69d9427ddde81f3f278500c586b3bb736c2fc7713ad92ed13640f4051e72b38568e3f211f75261ee6517de0b980076127d7dc00a1660a11232325f7ac097f46e0ef4493cd7de875d14056419373d887a821672d894d32c810464705e92c9abe32967fead2464c8b2f693f45d07a8160f59ec046019b016ee8b07764278af8c6b22b4cc079f406c0ba898332aa8911b026c75edd02d5a40f8ed9c1a3d39c1893a0affe4b38c77305429562e9d0907179753051cbf13ff936091334fe24a53816d2aa5e2e26993dac3f2c573b0001152ee26b633afd966bfb704054227160bf292bbcc35f78a649bb7f4fe1783a6b10de778519c8a71f1381cc67a779e51ce3097e666d964728d55708e76953826c7659c3647d3f3cedf9f1b45b27f5735bb8d78d874bf73147b738b9c0566a0d2fdcb17f85dc712462e381ba1466d92d903ba24d0cc17ddbeb7bd80b5525d7236a8add54d4eca06fe4cd0d3724403c7ad09f22eb2fcb4181eddde271be821579b7382bbfe36dab5079811e62842da65165c27c181dfed279d5ec12a1c0c13541760c2fe5cce95c6892622229ac24a7211ba43e513077f34342b61611a1ab10b6c51f6e3a06be0716d7d1abc82f5903e32f1e6e3e85789c1b8f140bbe1903b9677ec9655e171bf1f4d27dda003c27d4ef0e043d0def451dbc0f48cb6cb605b1e2d27e9fc9db10c0b571b6805f316b00b581d0d7358f83e14d1b4290e61fc0d0bd97334f31a547350c00877c90bcb591b98986c19d9d477f7dc521ac43d2edf9201ea61c43e6365e795bfb44b0d90ced7b9d34a849dec495d79cae7769c721d7cd17f1503df3d113c49fcb18449ff180d39c94717ae8fcba7ee1d8cf75873098a7a697d5f5d7a6eeef14daf146710ee40c94ff8ea9ff048d108688776fd074e72658d6ea43f42ea03883f70f45c7b86d3eb0bced0f3a60b6da510833728ffdb82af9a34c5fc86e0130861ac66c68b784300", "204b9e1804d636301150775298e6490040d0ecb72371cfe0ccc258d2b4450458b909ff0100000000000037ed25df0ce2b046ccc47e3501ed7a53e69d95dfb761f3fb81659983876f915b21b4b91270b4607875b751136514bb42b1de575e5ae05e98fd37dde49acb6a8e7f7c592ceb8793d00c84515e9b091fca8056f69ef47c1c91735af04b3077a94a24147489c6bbc3d63a76ba4eb1e6adf014106f4b0117fc6a2b2c84ca9e6c40fade373fd49f657e5e828399868d39d2a9d8cb3f4508e156d31ded826a64d84b19ceb0c13d9566f14866028f00408428bc6b9a27761fb13e70561fa8bb45bf2547baeebd7c99e01c1ebdac09ba75e3f67b2bc6898ca2c8e6c2b09efef1e688c74fe8e214b657d3325725531f9ce71d59532adc69f40e0b821fbd14558133f9fcd9d5ace9150703b5879f74028583dccd4984a9fedf23f1f6b8c501f9a99762079404f109e6d69b025edbf2d3169e44f14b7e485644f5afc2d0581d8404c23bcf2c0bcd6d3a6fbc658721e74546ea52d57f259e841e87f01ace9d7fb10bb4356abffa306d91963914bc144e486f78c048aafe20eae27ff53250de7bed8c4167780c53facfd741b93f53d67a60eba1527701896bcd29a6cc20b9390582421eb0e5dce7a66a94881904dd91c47c59e8b7219adae86ba78b230306829368a56dc908245fc72886c3b18facea659b27466d3c6a85b541f20a012660319f8f4ba0faf0d83d28ac63ae417323a0f75b88235d1a41f662b34ac40ac19c94f227567860a998f5e4d8f65b930c1a1209ba04cc2406599914e8ed7c98d8095a56fd29920c47c6221bf7e6a076dfc90947af9468d8844731ac3923896f25a8402421e24e1d328e5b9daeb97048b87e3d374874071931ad791c1f03324ba01d463364a5bb1dba7e3b807aec9c333703397a45918c73b443dd46f7b289736662ad833302fa89567e44c3de8e2f87bb5f8758abf6f888ad26bb5ed48a4bd828d8fcf5c01cf7588009c1a6c35e94142950b3bac8fa0af15c2f30504cef3e544b132e4096a836aa49336cbe878d2e33075d0712adc3e75b9f9bc7ec420f123084eb296119171535c4fa49d460d4444eb309f424ec13be89ff6641caa089da262ff89c0d4b1a86fac91361a7a124a0e4b27de253186e10671d2532d600f6b4089dc690f600363092ad93fb62fbab9e1a96caefe31e4c117420fd1df64e4e0cf4967cb026a003be444278553c2e58e19ec5a6db3921fab8fa0748965e523659e54a3e01190492f9b01811d06b13d8c833454ab5a93af8a9ad270555d682d8c78f074da17d6ccb7ded5b5f3c30e3afb3c0e4aab6ce79e00d42df9a74f486aee74c0bc021c209000000f5e79678c45bac331d6ec24ecb404296dc9e90b2c191fc14c53505e92587f43a5eedc56a6408048d9dbb8bee8840a656952cb361f0d76baa20939e6e8ab917e12b76dd812b95e68c90708d7cd81aa18002eea116f4190e49d1f628a509c8fb65f393ef5bcf7d1b9ea289e0532ee5f46e65709e84aaa7a6334c58eaab5c3cced88fa3e9e365ace119a3c40dfe336abbe6d3a09dfd895cdc3daae26ae9d3f68a3a2184ac5f6972ef034f1f9f0d4100a55b8638db0986f362a23b599903909a5a6193fc2c6e54adc965ff5d48bc1ed1b6ff0ab226b9598f70a13ca0a0b2d2cc05f17449bd4cbd224fa75810955011d5a401348c0b75546c1fd86824ced7b0c79cb4d13a3722aef6f7a0cb49f76a372ff133736f04b67bf6a74d5164a227f4865dfd15181e0a9e5dc53317ffb04a7ab1fba87d3b34bd1cee7c6aef4b3ebef183c9fcd4daf091ef1f5f2709a7eb4a648242c408e7d5b10b766e0f648c2189c4956474892e379a84b1f09f13ba589423e43b4b0dd267b1d0c976fb64903ea2d22e2612d9dbad91536a986f44986d74578f2cf378dc6505cc26261548a080e11d74fed2cdaa90479f0656fd927f89a0624f4ce943981ffbec2ceb27c7fb6e6ee7df7c2d26d7151f1dadb172a0017787c5d32d6408b6662c8f5348f34e63649206142164f7aa076b2c83bfffe44126ee923f0b9bc917e52308373553cf19e6798ac83ace350be47f445ef0d268c2a4fc67998a5907db42decc63fcfc30df0a4543da178e442aec97060edc209e34849f6beea0e366eccc80b87c1c16f89e5608b96c176ccfaf6014a619b83d72c5a89749cf763fd76c6ae82b6a1322674838ab9e5f9a0db7aa8b7d27db308edb664fc0197756f6709df36d9f6ed678944e18455a8d49434f9a6f223cbf52b6a1ba266a55331ffe7e83fb4130c2f5528626c4e451d8bac1da046dd59249fe41b6c8a36e82346918e0177c876f44101ff9f7721d8fbe1eca04e13ba8db3f5bd01c3661df0d6c8a24d45a246e0ac80aed4178901a71a939da4622592b3a8d87b3ae35370530039d7d413455e9d61656b58a1e63aa9bf1a87d8bcc6605c3167836f82ba01f54934e2d31d7463e1848ee8a2cca55a029d5ed37236dda9f278981cdb330eabc6bfc33a7fee5678c38b8e0a9258fa8ce5cb8abc3320d44dd16098df1bbf9d3e3142ec1838ba81785e37dc97fda2797e3cf6b7d6c367737b4df96a242149bbba7af54da91b404fbf01f4ecfb7ebd97c67de2415b3bca3b5f21deae988733dcb547a17aa38c0b98aba60fbb1d57f9e8f005ae6233e5da68da32c7a2778944a2eacba03e3312fe968fa3be0e2ceb4d8526803e7a8f24618b1003860e424da518c9602cb092c9c6b930b72523bbf615ad8330e337e64ff82eb78d9a2384e86afece8aa9d9cb1b7ab27265261a3cf542e1655792ed66b28d27bf4f02d13e93413bfc5fae7dbec15aac85331ae3d4032679988ffd1c1750447f763ebc9ba8f8ba4521b74563af6ee8a996af3707dd03118c3f0d18d612a5105519310f7b8c5eb4b7e3a0d675374da18314d144b5d5d0ba2735dab4efdf68f78285ce4d35032427e23fe7c59c5844879550417dc93d2221fe0ff82c7e21ebba19c01fefc6f6eeb7078e7557f077ca089246e6f3901e127ca4685c191847ae720ce30d41939239b2835d9cfd126faabc88eb80d409d8ec1cdf6070c55109bdbbb668fd56c6ebd3503986cdf5ade19903a85516f0ed87872f397e6244b0f58c70b8dd0cbc408dd7a87c42d672d31fde7fbc31b3acff4be744b933ec0645f76b52481ba6f50a25a98f89d9989e347b682a459eb38004d0de0a7314f8319b1e0ce5152a4928d7f59769347a7f48af595d028b5012cf5b7fc081cbec3c5ad30801947b5d3f87a242b05691ef3f46f0ba35fa6ee28a966ad42e34ef6192cb6e5de41411df4638c825688abc1c8f1fa7b2eced5ae40a5d35d7cfd981f4dd46a91e8f123187d8e99a947020cdc4cfcb66ee004232ed5badfa694fd943ed59f01433989e5663a77fd2bbcdbfaad5ab482150f22ffa6b1ae9e99134b320c04444c3d5d71e37c6d4faf82b1297d75a520e6e6c5a0d7ab86dea5245a97b16a7690f50e9abd452da33c58974cb63e4711fece83cf1251c6eecc7c9a887b0a881f148b6c8fa3749ef09661484d000000000000008f5f1d1ebd9a511f5732ed60a18032d68dcf34a5914b1c24275e6c3d331a8c454e4c615dc5f6ce4de1b44fc755da73eef517bca08fa464443eabf4046961625ee82c406e08359b49785a1cbe9822cada3375da9adf55bd50e156a314f10107a3fb880a944fa3a0cdb4be2234c19ab26f8075c6389a0a6062e82050b493a30e617f728b8d0ced0b69da60c6fdadd95ee1c0e656b63ecc72a491e07bce4c3df3761e51bb327a86d55a375e4f5859a8b179a47f4b5b8b85fed0db916e31885d0ad185d6c7e79449e282a5d10a7cf86d0305a2673cd9aa834d130fcb1098c0f69771ae23e2b49cdd3d39be17fcc309a282486bf0e0829a0805a036b0b1e357f03a861857312dab3033f00957ff6f03a35240724bc6adf429090f555aca563ffb5e4b67c75486149f2495971bf653617f29e50d59da32288afeabc768787d2e830c70d5f0dbd8db5e9923b8893f32c4cdc0d8130caefade59d7f5e270f8b5487b69815dd8cec6d3dfa3ca308987f2970ab3e8714cdbae27dc22fa434805c9284b904840a92bc76490c15c6a04df137940d48f7ac6285f858611376f447ebaf11ce4014066d57e5fa579b588e0d795fb0322d1b8606faf9507092be3e320184a5324df47792e8b015ee27ace73b0bc05f3eff2c2a9ee45752df32a85b1ad5679aedbe40ac59511938929e210a409e538c139d1fb93891d2b9908f915b9c556788bb8926b6a96923038a119eb68bcb528a42e97f8fbd49e7d5bb3e51987cca590ea8a18e049f64d8c994d63a707c441e63509f909adf5f7c26d36714bd56307513003f8f85f20c8fea4248627d2f19891baef9b134a8ecb6e3da6232c5b818d7469645038312b6b952f782f28ccd199367a51f750927e5f11ef04cb299dc7ba0c24500134d3a9a0a4f62903ae930f5ba49c39855ffc4aba6cc9d400075f094875db9ebcbcbb35309421d08a928b0216dcbbf718761b01b4d41cf55b0b2bf4c89603a61e5ac2f5bf5236d4bee90617e1b2fdc3a4540db2c89561c1cb9b1e28436013546e654e36fa328097ce8a4baf5a2fd78f9bca617bd4de062dbbc38c7356232b385823b6c604a401f43f5864111eff29045c12b6c622182e097caa5a9945133375b46dc0e268e860dd58b62403c41393f02c7f1d23a1d0daad5d2eb7a085387ea6b81ceb6191d5ffa7f58848996caad4796ee8d9e1bad072455a37d8b64888cb4007f344783afca22db07a2ccb8531c6a9ec9bffdf1f949e3fce89f623119595c5b9bfa51893ff36849be61ff02939360a5d5b0e05d22aa3a1f16c27103edeb00c0f763bd4251805ec8d894692cd1636b4b1c96ab613896c17b2fb8a414a91463d54f145e1d49378e726e5921d8cd34aeb176a36701c9b75311806efcf402d4345034d7fd5165857bd2cd07b32a18334a3cf358dadbc8144b806120805a07714d8d0029fe0db7958bbb69b9a216e5945fdf0b892665c0bad2cd822797d5c7223094cd54042c781fba9d7f05a169f390225385d5c055896dc8a620a637a7c73ee77fbf2152fb62af9bcbe01389dd846724fa24ca6088d2bddf9bcae4d9e11f86266e4d87f6b11f3721c30c3f48ddfecb7623802c7e3f595b088473747d25b70bbdf8920924c6bb9e202e6d54e340a469e8ecf66b49dda0036a7d071492742593c2e02bd7bd703774f2ac8c45dbfa1f8ce4c205a05064362bf2819e80bd406367a86ece3f5d54b43029b3f7fcc2378c5e33e8de66fa5f3c4974310c3ac4d2ab1234b1fea14d71512c578dfab154a74dc66c8a5ff983a41e02c57c58cd9c3a77d22f15f8a6abe41de51ce4a92151ee25c6f2c4feb0453b4f86fb4c7e19063b871ff6458b2ad51b992df6b16de3a5a2f5935c85d5a8709d82943c645f6199e76b38d718b86945638d92daa15aeb9beaa53028a425c6ee90dbd58b57f4a748ec0037fca725812aaac8e201d5121c06c9d3bfcbe799b9fa28440fceec78a5d39a112626bd0f9e530cb5573083e6b3b0ce5ef60e85ea643331d45663f309d75d36c88ed56abbac74672daa72c2f180ab5d117d2ab17db9e36a807bcaa62a07aa5486d39d63f64d23f03e58f6fa346b39005cde05121ecc2146ae982d02532a2deb90d8b9cfd32ff03a5294933292fb3d58760bc81a72df0e602b9b4b7e407bc542924e9763fe0d4bd5346ccb9e10b1ea7dade31d4bbc900"})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

08:23:20 executing program 2:
syz_open_procfs(0x0, 0x0)
syz_open_procfs(0x0, &(0x7f0000000000)='mountstats\x00')
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000040)={r1})
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000))
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000001c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1003]})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000140)={[{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}]})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000056f000/0x18000)=nil, &(0x7f0000000080)=[@text32={0x20, &(0x7f00000000c0)="66ba4000b0c2ee66bad104b829280000efea0e0000000a00b8050000000f23d80f21f835c00000a00f23f8653e65f30f21c62e0fae2b0f01c2b8060000000f23d00f21f835200000000f23f8c4c3a1cf830000000002d9f7", 0x58}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

08:23:20 executing program 3:
perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x69, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet6(0xa, 0x401000000001, 0x0)
close(r0)

[  500.210237][T16953] loop4: detected capacity change from 0 to 16
[  500.227245][   T26] audit: type=1800 audit(1632817401.094:39): pid=16953 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.4" name="file0" dev="loop4" ino=19 res=0 errno=0
08:23:21 executing program 0:
perf_event_open(&(0x7f0000000640)={0x2, 0x80, 0xd7, 0x0, 0x0, 0x0, 0x0, 0x2000000000, 0xa40a1, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x10000, 0x0, 0x0, 0x3, 0x1, 0xffffff7c, 0x3, 0x0, 0x2cf6ca54, 0x0, 0x7}, 0x0, 0x2, 0xffffffffffffffff, 0xb)
mmap$perf(&(0x7f0000c00000/0x400000)=nil, 0x400000, 0x3000002, 0x40032, 0xffffffffffffffff, 0x0)
mlock2(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0)
mlock2(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0)
r0 = fork()
r1 = userfaultfd(0x80000)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x543c04, 0x0)
r3 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r4 = dup3(r2, r3, 0x0)
write$binfmt_script(r1, &(0x7f0000000280)=ANY=[@ANYRESOCT=r3, @ANYRES32=r2, @ANYRESOCT, @ANYRESDEC, @ANYRESHEX=r4, @ANYRESDEC=r2], 0x9f)
munlock(&(0x7f0000ef1000/0x2000)=nil, 0x2000)
syz_io_uring_setup(0x2e00, &(0x7f0000000340)={0x0, 0xc9ba, 0x20, 0xfffffffd, 0x2000037d}, &(0x7f0000ff3000/0x4000)=nil, &(0x7f0000eee000/0x8000)=nil, &(0x7f00000001c0), &(0x7f00000003c0))
mlock2(&(0x7f0000d03000/0x1000)=nil, 0x1000, 0x1)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000080)='freezer.parent_freezing\x00', 0x0, 0x0)
move_pages(0x0, 0x2, &(0x7f0000000300)=[&(0x7f0000ffd000/0x1000)=nil, &(0x7f0000f10000/0x3000)=nil], &(0x7f00000000c0), &(0x7f0000000000), 0x0)
socket$caif_seqpacket(0x25, 0x5, 0x0)
get_robust_list(r0, &(0x7f0000000180)=&(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000000c0)}}, &(0x7f0000000200)=0xc)

08:23:21 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000)={0x2})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000001c0)={[0x4, 0x0, 0x0, 0x8, 0x1, 0x0, 0x1002]})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000140))
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000056f000/0x18000)=nil, &(0x7f0000000080)=[@text32={0x20, &(0x7f00000000c0)="66ba4000b0c2ee66bad104b829280000efea0e0000000a00b8050000000f23d80f21f835c00000a00f23f8653e65f30f21c62e0fae2b0f01c2b8060000000f23d00f21f835200000000f23f8c4c3a1cf830000000002d9f7", 0x58}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60)

08:23:21 executing program 5:
syz_mount_image$vfat(&(0x7f00000000c0), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400108001000240000004f801", 0x17}, {0x0, 0x0, 0x10e00}], 0x200801b, &(0x7f0000000b00)=ANY=[])

08:23:21 executing program 1:
r0 = signalfd(0xffffffffffffffff, &(0x7f0000000280), 0x8)
fsconfig$FSCONFIG_SET_STRING(r0, 0x1, 0x0, 0x0, 0x0)

08:23:21 executing program 0:
perf_event_open(&(0x7f0000000640)={0x2, 0x80, 0xd7, 0x0, 0x0, 0x0, 0x0, 0x2000000000, 0xa40a1, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x10000, 0x0, 0x0, 0x3, 0x1, 0xffffff7c, 0x3, 0x0, 0x2cf6ca54, 0x0, 0x7}, 0x0, 0x2, 0xffffffffffffffff, 0xb)
mmap$perf(&(0x7f0000c00000/0x400000)=nil, 0x400000, 0x3000002, 0x40032, 0xffffffffffffffff, 0x0)
mlock2(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0)
mlock2(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0)
r0 = fork()
r1 = userfaultfd(0x80000)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x543c04, 0x0)
r3 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r4 = dup3(r2, r3, 0x0)
write$binfmt_script(r1, &(0x7f0000000280)=ANY=[@ANYRESOCT=r3, @ANYRES32=r2, @ANYRESOCT, @ANYRESDEC, @ANYRESHEX=r4, @ANYRESDEC=r2], 0x9f)
munlock(&(0x7f0000ef1000/0x2000)=nil, 0x2000)
syz_io_uring_setup(0x2e00, &(0x7f0000000340)={0x0, 0xc9ba, 0x20, 0xfffffffd, 0x2000037d}, &(0x7f0000ff3000/0x4000)=nil, &(0x7f0000eee000/0x8000)=nil, &(0x7f00000001c0), &(0x7f00000003c0))
mlock2(&(0x7f0000d03000/0x1000)=nil, 0x1000, 0x1)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000080)='freezer.parent_freezing\x00', 0x0, 0x0)
move_pages(0x0, 0x2, &(0x7f0000000300)=[&(0x7f0000ffd000/0x1000)=nil, &(0x7f0000f10000/0x3000)=nil], &(0x7f00000000c0), &(0x7f0000000000), 0x0)
socket$caif_seqpacket(0x25, 0x5, 0x0)
get_robust_list(r0, &(0x7f0000000180)=&(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000000c0)}}, &(0x7f0000000200)=0xc)

[  500.775999][T16983] loop5: detected capacity change from 0 to 270
[  500.887037][T16983] loop5: detected capacity change from 0 to 270
08:23:21 executing program 1:
getpid()
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0)
ftruncate(r0, 0x800)
lseek(r0, 0x10000, 0x0)
r1 = open(&(0x7f0000000140)='./bus\x00', 0xc4800, 0x0)
r2 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x317d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, @perf_config_ext={0x0, 0x37}, 0x2000, 0x0, 0x0, 0x0, 0x1, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9)
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(r2, 0xd000943d, 0x0)
r3 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0)
ioctl$SG_IO(r3, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x21, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12dba", 0x0, 0x0, 0x0, 0x0, 0x0})
r4 = perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x1}, 0x0, 0x0, 0x0, 0x7, 0x0, 0xfffffffc}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r3, 0x81f8943c, &(0x7f0000000840)={0x0, ""/256, <r5=>0x0, <r6=>0x0})
r7 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f0000058c40)={0x0, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r5}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r6}], 0x0, "2156816c73038c"})
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, 0x0)
ioctl$BTRFS_IOC_QUOTA_RESCAN_STATUS(r4, 0x8040942d, 0x0)
accept(r7, &(0x7f0000000180)=@hci, &(0x7f0000000040)=0x80)
sendfile(r0, r1, 0x0, 0x8400fffffffa)
creat(&(0x7f0000000100)='./bus\x00', 0x0)

08:23:21 executing program 4:
fcntl$F_GET_FILE_RW_HINT(0xffffffffffffffff, 0x40d, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r0 = getpid()
sched_setattr(0x0, &(0x7f0000000140)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0)
sched_setattr(r0, &(0x7f0000000240)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0)
sendfile(0xffffffffffffffff, r3, 0x0, 0x400000000001002a)
r4 = syz_mount_image$vfat(&(0x7f0000000400), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
r5 = openat(r4, &(0x7f000000c380)='./file0\x00', 0x84842, 0x0)
write(r5, &(0x7f0000004200)='t', 0xfff4)
sendmsg$NL80211_CMD_SET_INTERFACE(0xffffffffffffffff, &(0x7f0000001840)={&(0x7f0000000080), 0xc, &(0x7f0000001800)={&(0x7f00000001c0)=ANY=[@ANYRES64, @ANYRESDEC, @ANYRES32=0x0, @ANYRES32], 0x60}, 0x1, 0x0, 0x0, 0x44090}, 0x0)

08:23:21 executing program 5:
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$P9_RREADDIR(r0, &(0x7f0000000400)=ANY=[@ANYRES32, @ANYRESDEC, @ANYRES16], 0xc)
sendfile(r0, r0, &(0x7f0000000240), 0x7ffb)

08:23:21 executing program 0:
perf_event_open(&(0x7f0000000640)={0x2, 0x80, 0xd7, 0x0, 0x0, 0x0, 0x0, 0x2000000000, 0xa40a1, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x10000, 0x0, 0x0, 0x3, 0x1, 0xffffff7c, 0x3, 0x0, 0x2cf6ca54, 0x0, 0x7}, 0x0, 0x2, 0xffffffffffffffff, 0xb)
mmap$perf(&(0x7f0000c00000/0x400000)=nil, 0x400000, 0x3000002, 0x40032, 0xffffffffffffffff, 0x0)
mlock2(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0)
mlock2(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0)
r0 = fork()
r1 = userfaultfd(0x80000)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x543c04, 0x0)
r3 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r4 = dup3(r2, r3, 0x0)
write$binfmt_script(r1, &(0x7f0000000280)=ANY=[@ANYRESOCT=r3, @ANYRES32=r2, @ANYRESOCT, @ANYRESDEC, @ANYRESHEX=r4, @ANYRESDEC=r2], 0x9f)
munlock(&(0x7f0000ef1000/0x2000)=nil, 0x2000)
syz_io_uring_setup(0x2e00, &(0x7f0000000340)={0x0, 0xc9ba, 0x20, 0xfffffffd, 0x2000037d}, &(0x7f0000ff3000/0x4000)=nil, &(0x7f0000eee000/0x8000)=nil, &(0x7f00000001c0), &(0x7f00000003c0))
mlock2(&(0x7f0000d03000/0x1000)=nil, 0x1000, 0x1)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000080)='freezer.parent_freezing\x00', 0x0, 0x0)
move_pages(r0, 0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000000), 0x0)
socket$caif_seqpacket(0x25, 0x5, 0x0)
get_robust_list(r0, &(0x7f0000000180)=&(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000000c0)}}, &(0x7f0000000200)=0xc)

08:23:22 executing program 2:
syz_open_procfs(0x0, 0x0)
syz_open_procfs(0x0, &(0x7f0000000000)='mountstats\x00')
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000040)={r1})
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000))
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000001c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1003]})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000140)={[{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}]})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000056f000/0x18000)=nil, &(0x7f0000000080)=[@text32={0x20, &(0x7f00000000c0)="66ba4000b0c2ee66bad104b829280000efea0e0000000a00b8050000000f23d80f21f835c00000a00f23f8653e65f30f21c62e0fae2b0f01c2b8060000000f23d00f21f835200000000f23f8c4c3a1cf830000000002d9f7", 0x58}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  501.108286][   T26] audit: type=1804 audit(1632817401.974:40): pid=17003 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir631639810/syzkaller.iXcy9K/242/bus" dev="sda1" ino=14986 res=1 errno=0
[  501.163059][    C1] sd 0:0:1:0: tag#4702 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK cmd_age=0s
[  501.173005][    C1] sd 0:0:1:0: tag#4702 CDB: opcode=0xe5 (vendor)
[  501.179352][    C1] sd 0:0:1:0: tag#4702 CDB[00]: e5 f4 32 73 2f 4e 09 6d 26 e2 c7 35 d1 35 12 1c
[  501.188497][    C1] sd 0:0:1:0: tag#4702 CDB[10]: 92 1b da 40 b8 58 5b a8 d4 7d 34 f3 90 4c f1 2d
[  501.197580][    C1] sd 0:0:1:0: tag#4702 CDB[20]: ba
[  501.232379][ T1358] ieee802154 phy0 wpan0: encryption failed: -22
[  501.238762][ T1358] ieee802154 phy1 wpan1: encryption failed: -22
[  501.285036][   T26] audit: type=1800 audit(1632817402.004:41): pid=17003 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.1" name="bus" dev="sda1" ino=14986 res=0 errno=0
[  501.330230][T17020] loop4: detected capacity change from 0 to 16
08:23:22 executing program 0:
perf_event_open(&(0x7f0000000640)={0x2, 0x80, 0xd7, 0x0, 0x0, 0x0, 0x0, 0x2000000000, 0xa40a1, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x10000, 0x0, 0x0, 0x3, 0x1, 0xffffff7c, 0x3, 0x0, 0x2cf6ca54, 0x0, 0x7}, 0x0, 0x2, 0xffffffffffffffff, 0xb)
mmap$perf(&(0x7f0000c00000/0x400000)=nil, 0x400000, 0x3000002, 0x40032, 0xffffffffffffffff, 0x0)
mlock2(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0)
mlock2(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0)
r0 = fork()
r1 = userfaultfd(0x80000)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x543c04, 0x0)
r3 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r4 = dup3(r2, r3, 0x0)
write$binfmt_script(r1, &(0x7f0000000280)=ANY=[@ANYRESOCT=r3, @ANYRES32=r2, @ANYRESOCT, @ANYRESDEC, @ANYRESHEX=r4, @ANYRESDEC=r2], 0x9f)
munlock(&(0x7f0000ef1000/0x2000)=nil, 0x2000)
syz_io_uring_setup(0x2e00, &(0x7f0000000340)={0x0, 0xc9ba, 0x20, 0xfffffffd, 0x2000037d}, &(0x7f0000ff3000/0x4000)=nil, &(0x7f0000eee000/0x8000)=nil, &(0x7f00000001c0), &(0x7f00000003c0))
mlock2(&(0x7f0000d03000/0x1000)=nil, 0x1000, 0x1)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000080)='freezer.parent_freezing\x00', 0x0, 0x0)
move_pages(r0, 0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000000), 0x0)
socket$caif_seqpacket(0x25, 0x5, 0x0)
get_robust_list(r0, &(0x7f0000000180)=&(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000000c0)}}, &(0x7f0000000200)=0xc)

[  501.409501][   T26] audit: type=1804 audit(1632817402.244:42): pid=17009 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=ToMToU comm="syz-executor.1" name="/root/syzkaller-testdir631639810/syzkaller.iXcy9K/242/bus" dev="sda1" ino=14986 res=1 errno=0
[  501.480122][    C0] sd 0:0:1:0: tag#4720 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK cmd_age=0s
[  501.490103][    C0] sd 0:0:1:0: tag#4720 CDB: opcode=0xe5 (vendor)
[  501.496525][    C0] sd 0:0:1:0: tag#4720 CDB[00]: e5 f4 32 73 2f 4e 09 6d 26 e2 c7 35 d1 35 12 1c
[  501.505608][    C0] sd 0:0:1:0: tag#4720 CDB[10]: 92 1b da 40 b8 58 5b a8 d4 7d 34 f3 90 4c f1 2d
[  501.514699][    C0] sd 0:0:1:0: tag#4720 CDB[20]: ba
08:23:22 executing program 5:
getpid()
syslog(0x4, &(0x7f0000000040)=""/4096, 0x1000)
prlimit64(0x0, 0x0, 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)

[  501.564802][   T26] audit: type=1800 audit(1632817402.254:43): pid=17020 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.4" name="file0" dev="loop4" ino=20 res=0 errno=0
08:23:22 executing program 1:
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x7a05, 0x1700)
perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xbfffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x3, &(0x7f00000000c0)=@framed, &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0xa, 0x82, 0x80, 0xf}, 0x40)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000340), &(0x7f00000004c0), 0x3ff, r0}, 0x38)
write$FUSE_LK(0xffffffffffffffff, &(0x7f0000000040)={0x28, 0x0, 0x0, {{0x88e5, 0x6, 0x1}}}, 0x28)

[  501.768084][   T26] audit: type=1804 audit(1632817402.344:44): pid=17003 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir631639810/syzkaller.iXcy9K/242/bus" dev="sda1" ino=14986 res=1 errno=0
[  501.887724][   T26] audit: type=1800 audit(1632817402.344:45): pid=17003 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.1" name="bus" dev="sda1" ino=14986 res=0 errno=0
08:23:22 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000)={0x2})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000001c0)={[0x4, 0x0, 0x0, 0x8, 0x1, 0x0, 0x1002]})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000140))
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000056f000/0x18000)=nil, &(0x7f0000000080)=[@text32={0x20, &(0x7f00000000c0)="66ba4000b0c2ee66bad104b829280000efea0e0000000a00b8050000000f23d80f21f835c00000a00f23f8653e65f30f21c62e0fae2b0f01c2b8060000000f23d00f21f835200000000f23f8c4c3a1cf830000000002d9f7", 0x58}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60)

08:23:22 executing program 0:
perf_event_open(&(0x7f0000000640)={0x2, 0x80, 0xd7, 0x0, 0x0, 0x0, 0x0, 0x2000000000, 0xa40a1, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x10000, 0x0, 0x0, 0x3, 0x1, 0xffffff7c, 0x3, 0x0, 0x2cf6ca54, 0x0, 0x7}, 0x0, 0x2, 0xffffffffffffffff, 0xb)
mmap$perf(&(0x7f0000c00000/0x400000)=nil, 0x400000, 0x3000002, 0x40032, 0xffffffffffffffff, 0x0)
mlock2(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0)
mlock2(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0)
r0 = fork()
r1 = userfaultfd(0x80000)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x543c04, 0x0)
r3 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r4 = dup3(r2, r3, 0x0)
write$binfmt_script(r1, &(0x7f0000000280)=ANY=[@ANYRESOCT=r3, @ANYRES32=r2, @ANYRESOCT, @ANYRESDEC, @ANYRESHEX=r4, @ANYRESDEC=r2], 0x9f)
munlock(&(0x7f0000ef1000/0x2000)=nil, 0x2000)
syz_io_uring_setup(0x2e00, &(0x7f0000000340)={0x0, 0xc9ba, 0x20, 0xfffffffd, 0x2000037d}, &(0x7f0000ff3000/0x4000)=nil, &(0x7f0000eee000/0x8000)=nil, &(0x7f00000001c0), &(0x7f00000003c0))
mlock2(&(0x7f0000d03000/0x1000)=nil, 0x1000, 0x1)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000080)='freezer.parent_freezing\x00', 0x0, 0x0)
move_pages(r0, 0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000000), 0x0)
socket$caif_seqpacket(0x25, 0x5, 0x0)
get_robust_list(r0, &(0x7f0000000180)=&(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000000c0)}}, &(0x7f0000000200)=0xc)

08:23:22 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000)={0x2})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000001c0)={[0x4, 0x0, 0x0, 0x8, 0x1, 0x0, 0x1002]})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000140))
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000056f000/0x18000)=nil, &(0x7f0000000080)=[@text32={0x20, &(0x7f00000000c0)="66ba4000b0c2ee66bad104b829280000efea0e0000000a00b8050000000f23d80f21f835c00000a00f23f8653e65f30f21c62e0fae2b0f01c2b8060000000f23d00f21f835200000000f23f8c4c3a1cf830000000002d9f7", 0x58}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60)

[  501.963878][   T26] audit: type=1804 audit(1632817402.404:46): pid=17009 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=ToMToU comm="syz-executor.1" name="/root/syzkaller-testdir631639810/syzkaller.iXcy9K/242/bus" dev="sda1" ino=14986 res=1 errno=0
08:23:22 executing program 4:
fcntl$F_GET_FILE_RW_HINT(0xffffffffffffffff, 0x40d, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r0 = getpid()
sched_setattr(0x0, &(0x7f0000000140)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0)
sched_setattr(r0, &(0x7f0000000240)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0)
sendfile(0xffffffffffffffff, r3, 0x0, 0x400000000001002a)
r4 = syz_mount_image$vfat(&(0x7f0000000400), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
r5 = openat(r4, &(0x7f000000c380)='./file0\x00', 0x84842, 0x0)
write(r5, &(0x7f0000004200)='t', 0xfff4)
sendmsg$NL80211_CMD_SET_INTERFACE(0xffffffffffffffff, &(0x7f0000001840)={&(0x7f0000000080), 0xc, &(0x7f0000001800)={&(0x7f00000001c0)=ANY=[@ANYRES64, @ANYRESDEC, @ANYRES32=0x0, @ANYRES32], 0x60}, 0x1, 0x0, 0x0, 0x44090}, 0x0)

08:23:23 executing program 0:
perf_event_open(&(0x7f0000000640)={0x2, 0x80, 0xd7, 0x0, 0x0, 0x0, 0x0, 0x2000000000, 0xa40a1, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x10000, 0x0, 0x0, 0x3, 0x1, 0xffffff7c, 0x3, 0x0, 0x2cf6ca54, 0x0, 0x7}, 0x0, 0x2, 0xffffffffffffffff, 0xb)
mmap$perf(&(0x7f0000c00000/0x400000)=nil, 0x400000, 0x3000002, 0x40032, 0xffffffffffffffff, 0x0)
mlock2(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0)
mlock2(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0)
r0 = fork()
r1 = userfaultfd(0x80000)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x543c04, 0x0)
r3 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r4 = dup3(r2, r3, 0x0)
write$binfmt_script(r1, &(0x7f0000000280)=ANY=[@ANYRESOCT=r3, @ANYRES32=r2, @ANYRESOCT, @ANYRESDEC, @ANYRESHEX=r4, @ANYRESDEC=r2], 0x9f)
munlock(&(0x7f0000ef1000/0x2000)=nil, 0x2000)
syz_io_uring_setup(0x2e00, &(0x7f0000000340)={0x0, 0xc9ba, 0x20, 0xfffffffd, 0x2000037d}, &(0x7f0000ff3000/0x4000)=nil, &(0x7f0000eee000/0x8000)=nil, &(0x7f00000001c0), &(0x7f00000003c0))
mlock2(&(0x7f0000d03000/0x1000)=nil, 0x1000, 0x1)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000080)='freezer.parent_freezing\x00', 0x0, 0x0)
move_pages(r0, 0x1, &(0x7f0000000300)=[&(0x7f0000ffd000/0x1000)=nil], &(0x7f00000000c0), &(0x7f0000000000), 0x0)
socket$caif_seqpacket(0x25, 0x5, 0x0)
get_robust_list(r0, &(0x7f0000000180)=&(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000000c0)}}, &(0x7f0000000200)=0xc)

08:23:23 executing program 2:
syz_open_procfs(0x0, &(0x7f0000000040)='mounts\x00')
syz_open_procfs(0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000040)={r1})
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000))
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000001c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1003]})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000140)={[{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}]})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000056f000/0x18000)=nil, &(0x7f0000000080)=[@text32={0x20, &(0x7f00000000c0)="66ba4000b0c2ee66bad104b829280000efea0e0000000a00b8050000000f23d80f21f835c00000a00f23f8653e65f30f21c62e0fae2b0f01c2b8060000000f23d00f21f835200000000f23f8c4c3a1cf830000000002d9f7", 0x58}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  502.441301][T17065] loop4: detected capacity change from 0 to 16
[  502.461463][   T26] audit: type=1800 audit(1632817403.334:47): pid=17065 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.4" name="file0" dev="loop4" ino=21 res=0 errno=0
08:23:23 executing program 1:
r0 = syz_open_dev$dri(&(0x7f0000000040), 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_OBJ_SETPROPERTY(r0, 0xc01864ba, &(0x7f0000000100)={0x6, 0xe, 0x1f})

08:23:23 executing program 0:
perf_event_open(&(0x7f0000000640)={0x2, 0x80, 0xd7, 0x0, 0x0, 0x0, 0x0, 0x2000000000, 0xa40a1, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x10000, 0x0, 0x0, 0x3, 0x1, 0xffffff7c, 0x3, 0x0, 0x2cf6ca54, 0x0, 0x7}, 0x0, 0x2, 0xffffffffffffffff, 0xb)
mmap$perf(&(0x7f0000c00000/0x400000)=nil, 0x400000, 0x3000002, 0x40032, 0xffffffffffffffff, 0x0)
mlock2(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0)
mlock2(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0)
r0 = fork()
r1 = userfaultfd(0x80000)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x543c04, 0x0)
r3 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r4 = dup3(r2, r3, 0x0)
write$binfmt_script(r1, &(0x7f0000000280)=ANY=[@ANYRESOCT=r3, @ANYRES32=r2, @ANYRESOCT, @ANYRESDEC, @ANYRESHEX=r4, @ANYRESDEC=r2], 0x9f)
munlock(&(0x7f0000ef1000/0x2000)=nil, 0x2000)
syz_io_uring_setup(0x2e00, &(0x7f0000000340)={0x0, 0xc9ba, 0x20, 0xfffffffd, 0x2000037d}, &(0x7f0000ff3000/0x4000)=nil, &(0x7f0000eee000/0x8000)=nil, &(0x7f00000001c0), &(0x7f00000003c0))
mlock2(&(0x7f0000d03000/0x1000)=nil, 0x1000, 0x1)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000080)='freezer.parent_freezing\x00', 0x0, 0x0)
move_pages(r0, 0x1, &(0x7f0000000300)=[&(0x7f0000ffd000/0x1000)=nil], &(0x7f00000000c0), &(0x7f0000000000), 0x0)
socket$caif_seqpacket(0x25, 0x5, 0x0)
get_robust_list(r0, &(0x7f0000000180)=&(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000000c0)}}, &(0x7f0000000200)=0xc)

08:23:23 executing program 1:
r0 = syz_open_dev$dri(&(0x7f0000000040), 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_OBJ_SETPROPERTY(r0, 0xc01864ba, &(0x7f0000000100)={0x6, 0xe, 0x1f})

08:23:24 executing program 0:
perf_event_open(&(0x7f0000000640)={0x2, 0x80, 0xd7, 0x0, 0x0, 0x0, 0x0, 0x2000000000, 0xa40a1, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x10000, 0x0, 0x0, 0x3, 0x1, 0xffffff7c, 0x3, 0x0, 0x2cf6ca54, 0x0, 0x7}, 0x0, 0x2, 0xffffffffffffffff, 0xb)
mmap$perf(&(0x7f0000c00000/0x400000)=nil, 0x400000, 0x3000002, 0x40032, 0xffffffffffffffff, 0x0)
mlock2(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0)
mlock2(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0)
r0 = fork()
r1 = userfaultfd(0x80000)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x543c04, 0x0)
r3 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r4 = dup3(r2, r3, 0x0)
write$binfmt_script(r1, &(0x7f0000000280)=ANY=[@ANYRESOCT=r3, @ANYRES32=r2, @ANYRESOCT, @ANYRESDEC, @ANYRESHEX=r4, @ANYRESDEC=r2], 0x9f)
munlock(&(0x7f0000ef1000/0x2000)=nil, 0x2000)
syz_io_uring_setup(0x2e00, &(0x7f0000000340)={0x0, 0xc9ba, 0x20, 0xfffffffd, 0x2000037d}, &(0x7f0000ff3000/0x4000)=nil, &(0x7f0000eee000/0x8000)=nil, &(0x7f00000001c0), &(0x7f00000003c0))
mlock2(&(0x7f0000d03000/0x1000)=nil, 0x1000, 0x1)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000080)='freezer.parent_freezing\x00', 0x0, 0x0)
move_pages(r0, 0x1, &(0x7f0000000300)=[&(0x7f0000ffd000/0x1000)=nil], &(0x7f00000000c0), &(0x7f0000000000), 0x0)
socket$caif_seqpacket(0x25, 0x5, 0x0)
get_robust_list(r0, &(0x7f0000000180)=&(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000000c0)}}, &(0x7f0000000200)=0xc)

08:23:24 executing program 4:
fcntl$F_GET_FILE_RW_HINT(0xffffffffffffffff, 0x40d, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r0 = getpid()
sched_setattr(0x0, &(0x7f0000000140)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0)
sched_setattr(r0, &(0x7f0000000240)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0)
sendfile(0xffffffffffffffff, r2, 0x0, 0x400000000001002a)
r3 = syz_mount_image$vfat(&(0x7f0000000400), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
r4 = openat(r3, &(0x7f000000c380)='./file0\x00', 0x84842, 0x0)
write(r4, &(0x7f0000004200)='t', 0xfff4)
sendmsg$NL80211_CMD_SET_INTERFACE(0xffffffffffffffff, &(0x7f0000001840)={&(0x7f0000000080), 0xc, &(0x7f0000001800)={&(0x7f00000001c0)=ANY=[@ANYRES64, @ANYRESDEC, @ANYRES32=0x0, @ANYRES32], 0x60}, 0x1, 0x0, 0x0, 0x44090}, 0x0)

08:23:24 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000)={0x2})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000001c0)={[0x4, 0x0, 0x0, 0x8, 0x1, 0x0, 0x1002]})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000140))
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000056f000/0x18000)=nil, &(0x7f0000000080)=[@text32={0x20, &(0x7f00000000c0)="66ba4000b0c2ee66bad104b829280000efea0e0000000a00b8050000000f23d80f21f835c00000a00f23f8653e65f30f21c62e0fae2b0f01c2b8060000000f23d00f21f835200000000f23f8c4c3a1cf830000000002d9f7", 0x58}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60)

08:23:24 executing program 1:
r0 = syz_open_dev$dri(&(0x7f0000000040), 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_OBJ_SETPROPERTY(r0, 0xc01864ba, &(0x7f0000000100)={0x6, 0xe, 0x1f})

08:23:24 executing program 5:
perf_event_open(&(0x7f000001d000)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x9}, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
keyctl$instantiate(0xc, 0x0, &(0x7f0000000100)=@encrypted_new={'new ', 'default', 0x20, 'user:', 'syz'}, 0x2a, 0x0)
add_key(&(0x7f0000000140)='encrypted\x00', &(0x7f0000000180), &(0x7f0000000100), 0xca, 0xfffffffffffffffe)
add_key$keyring(0x0, 0x0, 0x0, 0x0, 0x0)
clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
request_key(&(0x7f0000000040)='asymmetric\x00', &(0x7f0000001ffb)={'syz', 0x1}, &(0x7f0000001fee)='R\x10rust\xe3cusgrVe-:De', 0x0)

[  503.416088][T17101] loop4: detected capacity change from 0 to 16
[  503.432863][   T26] audit: type=1800 audit(1632817404.304:48): pid=17101 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.4" name="file0" dev="loop4" ino=22 res=0 errno=0
08:23:24 executing program 0:
perf_event_open(&(0x7f0000000640)={0x2, 0x80, 0xd7, 0x0, 0x0, 0x0, 0x0, 0x2000000000, 0xa40a1, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x10000, 0x0, 0x0, 0x3, 0x1, 0xffffff7c, 0x3, 0x0, 0x2cf6ca54, 0x0, 0x7}, 0x0, 0x2, 0xffffffffffffffff, 0xb)
mmap$perf(&(0x7f0000c00000/0x400000)=nil, 0x400000, 0x3000002, 0x40032, 0xffffffffffffffff, 0x0)
mlock2(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0)
mlock2(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0)
r0 = fork()
r1 = userfaultfd(0x80000)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x543c04, 0x0)
r3 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r4 = dup3(r2, r3, 0x0)
write$binfmt_script(r1, &(0x7f0000000280)=ANY=[@ANYRESOCT=r3, @ANYRES32=r2, @ANYRESOCT, @ANYRESDEC, @ANYRESHEX=r4, @ANYRESDEC=r2], 0x9f)
munlock(&(0x7f0000ef1000/0x2000)=nil, 0x2000)
syz_io_uring_setup(0x2e00, &(0x7f0000000340)={0x0, 0xc9ba, 0x20, 0xfffffffd, 0x2000037d}, &(0x7f0000ff3000/0x4000)=nil, &(0x7f0000eee000/0x8000)=nil, &(0x7f00000001c0), &(0x7f00000003c0))
mlock2(&(0x7f0000d03000/0x1000)=nil, 0x1000, 0x1)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000080)='freezer.parent_freezing\x00', 0x0, 0x0)
move_pages(r0, 0x1, &(0x7f0000000300)=[&(0x7f0000f10000/0x3000)=nil], &(0x7f00000000c0), &(0x7f0000000000), 0x0)
socket$caif_seqpacket(0x25, 0x5, 0x0)
get_robust_list(r0, &(0x7f0000000180)=&(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000000c0)}}, &(0x7f0000000200)=0xc)

08:23:24 executing program 1:
r0 = syz_open_dev$dri(&(0x7f0000000040), 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_OBJ_SETPROPERTY(r0, 0xc01864ba, &(0x7f0000000100)={0x6, 0xe, 0x1f})

08:23:24 executing program 5:
perf_event_open(&(0x7f0000000700)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
ftruncate(r0, 0x2007fff)
r1 = open(&(0x7f0000000300)='./bus\x00', 0x0, 0x0)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r2, &(0x7f0000000040)={0xa, 0x4e22}, 0x1c)
listen(r2, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r3, 0x0, 0x0, 0x20000004, &(0x7f0000000280)={0xa, 0x100000004e22, 0x0, @loopback}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r3, 0x6, 0x1f, &(0x7f0000000080), 0x152)
setsockopt$inet6_tcp_TLS_TX(r3, 0x11a, 0x1, &(0x7f0000000100)=@gcm_128={{0x303}, '\x00', '\x00', "20040100"}, 0x28)
sendfile(r3, r1, 0x0, 0x800100020016)
creat(&(0x7f0000000040)='./bus\x00', 0x0)

08:23:24 executing program 0:
perf_event_open(&(0x7f0000000640)={0x2, 0x80, 0xd7, 0x0, 0x0, 0x0, 0x0, 0x2000000000, 0xa40a1, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x10000, 0x0, 0x0, 0x3, 0x1, 0xffffff7c, 0x3, 0x0, 0x2cf6ca54, 0x0, 0x7}, 0x0, 0x2, 0xffffffffffffffff, 0xb)
mmap$perf(&(0x7f0000c00000/0x400000)=nil, 0x400000, 0x3000002, 0x40032, 0xffffffffffffffff, 0x0)
mlock2(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0)
mlock2(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0)
r0 = fork()
r1 = userfaultfd(0x80000)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x543c04, 0x0)
r3 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r4 = dup3(r2, r3, 0x0)
write$binfmt_script(r1, &(0x7f0000000280)=ANY=[@ANYRESOCT=r3, @ANYRES32=r2, @ANYRESOCT, @ANYRESDEC, @ANYRESHEX=r4, @ANYRESDEC=r2], 0x9f)
munlock(&(0x7f0000ef1000/0x2000)=nil, 0x2000)
syz_io_uring_setup(0x2e00, &(0x7f0000000340)={0x0, 0xc9ba, 0x20, 0xfffffffd, 0x2000037d}, &(0x7f0000ff3000/0x4000)=nil, &(0x7f0000eee000/0x8000)=nil, &(0x7f00000001c0), &(0x7f00000003c0))
mlock2(&(0x7f0000d03000/0x1000)=nil, 0x1000, 0x1)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000080)='freezer.parent_freezing\x00', 0x0, 0x0)
move_pages(r0, 0x1, &(0x7f0000000300)=[&(0x7f0000f10000/0x3000)=nil], &(0x7f00000000c0), &(0x7f0000000000), 0x0)
socket$caif_seqpacket(0x25, 0x5, 0x0)
get_robust_list(r0, &(0x7f0000000180)=&(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000000c0)}}, &(0x7f0000000200)=0xc)

08:23:24 executing program 2:
syz_open_procfs(0x0, &(0x7f0000000040)='mounts\x00')
syz_open_procfs(0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000040)={r1})
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000))
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000001c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1003]})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000140)={[{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}]})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000056f000/0x18000)=nil, &(0x7f0000000080)=[@text32={0x20, &(0x7f00000000c0)="66ba4000b0c2ee66bad104b829280000efea0e0000000a00b8050000000f23d80f21f835c00000a00f23f8653e65f30f21c62e0fae2b0f01c2b8060000000f23d00f21f835200000000f23f8c4c3a1cf830000000002d9f7", 0x58}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

08:23:24 executing program 1:
ioctl$DRM_IOCTL_MODE_OBJ_SETPROPERTY(0xffffffffffffffff, 0xc01864ba, &(0x7f0000000100)={0x6, 0xe, 0x1f})

[  503.878208][   T26] audit: type=1804 audit(1632817404.744:49): pid=17123 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor.5" name="/root/syzkaller-testdir438587163/syzkaller.m9CqSP/197/bus" dev="sda1" ino=15007 res=1 errno=0
[  503.909133][    C0] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
08:23:25 executing program 1:
ioctl$DRM_IOCTL_MODE_OBJ_SETPROPERTY(0xffffffffffffffff, 0xc01864ba, &(0x7f0000000100)={0x6, 0xe, 0x1f})

[  504.105761][   T26] audit: type=1804 audit(1632817404.974:50): pid=17136 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=ToMToU comm="syz-executor.5" name="/root/syzkaller-testdir438587163/syzkaller.m9CqSP/197/bus" dev="sda1" ino=15007 res=1 errno=0
08:23:25 executing program 4:
fcntl$F_GET_FILE_RW_HINT(0xffffffffffffffff, 0x40d, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r0 = getpid()
sched_setattr(0x0, &(0x7f0000000140)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0)
sched_setattr(r0, &(0x7f0000000240)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0)
sendfile(0xffffffffffffffff, r2, 0x0, 0x400000000001002a)
r3 = syz_mount_image$vfat(&(0x7f0000000400), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
r4 = openat(r3, &(0x7f000000c380)='./file0\x00', 0x84842, 0x0)
write(r4, &(0x7f0000004200)='t', 0xfff4)
sendmsg$NL80211_CMD_SET_INTERFACE(0xffffffffffffffff, &(0x7f0000001840)={&(0x7f0000000080), 0xc, &(0x7f0000001800)={&(0x7f00000001c0)=ANY=[@ANYRES64, @ANYRESDEC, @ANYRES32=0x0, @ANYRES32], 0x60}, 0x1, 0x0, 0x0, 0x44090}, 0x0)

08:23:25 executing program 0:
perf_event_open(&(0x7f0000000640)={0x2, 0x80, 0xd7, 0x0, 0x0, 0x0, 0x0, 0x2000000000, 0xa40a1, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x10000, 0x0, 0x0, 0x3, 0x1, 0xffffff7c, 0x3, 0x0, 0x2cf6ca54, 0x0, 0x7}, 0x0, 0x2, 0xffffffffffffffff, 0xb)
mmap$perf(&(0x7f0000c00000/0x400000)=nil, 0x400000, 0x3000002, 0x40032, 0xffffffffffffffff, 0x0)
mlock2(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0)
mlock2(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0)
r0 = fork()
r1 = userfaultfd(0x80000)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x543c04, 0x0)
r3 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r4 = dup3(r2, r3, 0x0)
write$binfmt_script(r1, &(0x7f0000000280)=ANY=[@ANYRESOCT=r3, @ANYRES32=r2, @ANYRESOCT, @ANYRESDEC, @ANYRESHEX=r4, @ANYRESDEC=r2], 0x9f)
munlock(&(0x7f0000ef1000/0x2000)=nil, 0x2000)
syz_io_uring_setup(0x2e00, &(0x7f0000000340)={0x0, 0xc9ba, 0x20, 0xfffffffd, 0x2000037d}, &(0x7f0000ff3000/0x4000)=nil, &(0x7f0000eee000/0x8000)=nil, &(0x7f00000001c0), &(0x7f00000003c0))
mlock2(&(0x7f0000d03000/0x1000)=nil, 0x1000, 0x1)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000080)='freezer.parent_freezing\x00', 0x0, 0x0)
move_pages(r0, 0x1, &(0x7f0000000300)=[&(0x7f0000f10000/0x3000)=nil], &(0x7f00000000c0), &(0x7f0000000000), 0x0)
socket$caif_seqpacket(0x25, 0x5, 0x0)
get_robust_list(r0, &(0x7f0000000180)=&(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000000c0)}}, &(0x7f0000000200)=0xc)

[  504.476911][T17159] loop4: detected capacity change from 0 to 16
[  504.495176][   T26] audit: type=1800 audit(1632817405.364:51): pid=17159 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.4" name="file0" dev="loop4" ino=23 res=0 errno=0
[  504.564013][   T26] audit: type=1804 audit(1632817405.414:52): pid=17123 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor.5" name="/root/syzkaller-testdir438587163/syzkaller.m9CqSP/197/bus" dev="sda1" ino=15007 res=1 errno=0
[  504.588308][    C1] vkms_vblank_simulate: vblank timer overrun
[  504.692689][   T26] audit: type=1804 audit(1632817405.414:53): pid=17127 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=ToMToU comm="syz-executor.5" name="/root/syzkaller-testdir438587163/syzkaller.m9CqSP/197/bus" dev="sda1" ino=15007 res=1 errno=0
08:23:25 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000)={0x2})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000001c0)={[0x4, 0x0, 0x0, 0x8, 0x1, 0x0, 0x1002]})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000140))
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000056f000/0x18000)=nil, &(0x7f0000000080)=[@text32={0x20, &(0x7f00000000c0)="66ba4000b0c2ee66bad104b829280000efea0e0000000a00b8050000000f23d80f21f835c00000a00f23f8653e65f30f21c62e0fae2b0f01c2b8060000000f23d00f21f835200000000f23f8c4c3a1cf830000000002d9f7", 0x58}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60)

08:23:25 executing program 1:
ioctl$DRM_IOCTL_MODE_OBJ_SETPROPERTY(0xffffffffffffffff, 0xc01864ba, &(0x7f0000000100)={0x6, 0xe, 0x1f})

08:23:25 executing program 0:
perf_event_open(&(0x7f0000000640)={0x2, 0x80, 0xd7, 0x0, 0x0, 0x0, 0x0, 0x2000000000, 0xa40a1, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x10000, 0x0, 0x0, 0x3, 0x1, 0xffffff7c, 0x3, 0x0, 0x2cf6ca54, 0x0, 0x7}, 0x0, 0x2, 0xffffffffffffffff, 0xb)
mmap$perf(&(0x7f0000c00000/0x400000)=nil, 0x400000, 0x3000002, 0x40032, 0xffffffffffffffff, 0x0)
mlock2(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0)
mlock2(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0)
r0 = fork()
r1 = userfaultfd(0x80000)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x543c04, 0x0)
r3 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r4 = dup3(r2, r3, 0x0)
write$binfmt_script(r1, &(0x7f0000000280)=ANY=[@ANYRESOCT=r3, @ANYRES32=r2, @ANYRESOCT, @ANYRESDEC, @ANYRESHEX=r4, @ANYRESDEC=r2], 0x9f)
munlock(&(0x7f0000ef1000/0x2000)=nil, 0x2000)
syz_io_uring_setup(0x2e00, &(0x7f0000000340)={0x0, 0xc9ba, 0x20, 0xfffffffd, 0x2000037d}, &(0x7f0000ff3000/0x4000)=nil, &(0x7f0000eee000/0x8000)=nil, &(0x7f00000001c0), &(0x7f00000003c0))
mlock2(&(0x7f0000d03000/0x1000)=nil, 0x1000, 0x1)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000080)='freezer.parent_freezing\x00', 0x0, 0x0)
move_pages(r0, 0x2, &(0x7f0000000300)=[&(0x7f0000ffd000/0x1000)=nil, &(0x7f0000f10000/0x3000)=nil], 0x0, &(0x7f0000000000), 0x0)
socket$caif_seqpacket(0x25, 0x5, 0x0)
get_robust_list(r0, &(0x7f0000000180)=&(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000000c0)}}, &(0x7f0000000200)=0xc)

08:23:25 executing program 5:
perf_event_open(&(0x7f0000000700)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
ftruncate(r0, 0x2007fff)
r1 = open(&(0x7f0000000300)='./bus\x00', 0x0, 0x0)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r2, &(0x7f0000000040)={0xa, 0x4e22}, 0x1c)
listen(r2, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r3, 0x0, 0x0, 0x20000004, &(0x7f0000000280)={0xa, 0x100000004e22, 0x0, @loopback}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r3, 0x6, 0x1f, &(0x7f0000000080), 0x152)
setsockopt$inet6_tcp_TLS_TX(r3, 0x11a, 0x1, &(0x7f0000000100)=@gcm_128={{0x303}, '\x00', '\x00', "20040100"}, 0x28)
sendfile(r3, r1, 0x0, 0x800100020016)
creat(&(0x7f0000000040)='./bus\x00', 0x0)

[  505.019585][   T26] audit: type=1804 audit(1632817405.884:54): pid=17175 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor.5" name="/root/syzkaller-testdir438587163/syzkaller.m9CqSP/198/bus" dev="sda1" ino=15020 res=1 errno=0
[  505.073120][    C1] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
08:23:26 executing program 1:
r0 = syz_open_dev$dri(0x0, 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_OBJ_SETPROPERTY(r0, 0xc01864ba, &(0x7f0000000100)={0x6, 0xe, 0x1f})

08:23:26 executing program 0:
perf_event_open(&(0x7f0000000640)={0x2, 0x80, 0xd7, 0x0, 0x0, 0x0, 0x0, 0x2000000000, 0xa40a1, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x10000, 0x0, 0x0, 0x3, 0x1, 0xffffff7c, 0x3, 0x0, 0x2cf6ca54, 0x0, 0x7}, 0x0, 0x2, 0xffffffffffffffff, 0xb)
mmap$perf(&(0x7f0000c00000/0x400000)=nil, 0x400000, 0x3000002, 0x40032, 0xffffffffffffffff, 0x0)
mlock2(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0)
mlock2(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0)
r0 = fork()
r1 = userfaultfd(0x80000)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x543c04, 0x0)
r3 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r4 = dup3(r2, r3, 0x0)
write$binfmt_script(r1, &(0x7f0000000280)=ANY=[@ANYRESOCT=r3, @ANYRES32=r2, @ANYRESOCT, @ANYRESDEC, @ANYRESHEX=r4, @ANYRESDEC=r2], 0x9f)
munlock(&(0x7f0000ef1000/0x2000)=nil, 0x2000)
syz_io_uring_setup(0x2e00, &(0x7f0000000340)={0x0, 0xc9ba, 0x20, 0xfffffffd, 0x2000037d}, &(0x7f0000ff3000/0x4000)=nil, &(0x7f0000eee000/0x8000)=nil, &(0x7f00000001c0), &(0x7f00000003c0))
mlock2(&(0x7f0000d03000/0x1000)=nil, 0x1000, 0x1)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000080)='freezer.parent_freezing\x00', 0x0, 0x0)
move_pages(r0, 0x2, &(0x7f0000000300)=[&(0x7f0000ffd000/0x1000)=nil, &(0x7f0000f10000/0x3000)=nil], 0x0, &(0x7f0000000000), 0x0)
socket$caif_seqpacket(0x25, 0x5, 0x0)
get_robust_list(r0, &(0x7f0000000180)=&(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000000c0)}}, &(0x7f0000000200)=0xc)

08:23:26 executing program 2:
syz_open_procfs(0x0, &(0x7f0000000040)='mounts\x00')
syz_open_procfs(0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000040)={r1})
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000))
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000001c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1003]})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000140)={[{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}]})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000056f000/0x18000)=nil, &(0x7f0000000080)=[@text32={0x20, &(0x7f00000000c0)="66ba4000b0c2ee66bad104b829280000efea0e0000000a00b8050000000f23d80f21f835c00000a00f23f8653e65f30f21c62e0fae2b0f01c2b8060000000f23d00f21f835200000000f23f8c4c3a1cf830000000002d9f7", 0x58}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

08:23:26 executing program 4:
fcntl$F_GET_FILE_RW_HINT(0xffffffffffffffff, 0x40d, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r0 = getpid()
sched_setattr(0x0, &(0x7f0000000140)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0)
sched_setattr(r0, &(0x7f0000000240)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0)
sendfile(0xffffffffffffffff, r2, 0x0, 0x400000000001002a)
r3 = syz_mount_image$vfat(&(0x7f0000000400), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
r4 = openat(r3, &(0x7f000000c380)='./file0\x00', 0x84842, 0x0)
write(r4, &(0x7f0000004200)='t', 0xfff4)
sendmsg$NL80211_CMD_SET_INTERFACE(0xffffffffffffffff, &(0x7f0000001840)={&(0x7f0000000080), 0xc, &(0x7f0000001800)={&(0x7f00000001c0)=ANY=[@ANYRES64, @ANYRESDEC, @ANYRES32=0x0, @ANYRES32], 0x60}, 0x1, 0x0, 0x0, 0x44090}, 0x0)

[  505.223499][   T26] audit: type=1804 audit(1632817406.054:55): pid=17181 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=ToMToU comm="syz-executor.5" name="/root/syzkaller-testdir438587163/syzkaller.m9CqSP/198/bus" dev="sda1" ino=15020 res=1 errno=0
08:23:26 executing program 5:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r0 = getpid()
prlimit64(0x0, 0x0, &(0x7f0000002d00)={0x60, 0xb}, 0x0)
sched_setattr(0x0, &(0x7f0000000140)={0x38, 0x2, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0xfff, 0x1}, 0x0)
sched_setattr(r0, &(0x7f0000000240)={0x38, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$inet6(0xa, 0x1, 0x0)
socket$inet6(0xa, 0x5, 0xc00000)
r3 = open(&(0x7f0000000140)='./bus\x00', 0x1612c2, 0x0)
r4 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/timer_list\x00', 0x0, 0x0)
sendfile(r3, r4, 0x0, 0x4000000000010046)
r5 = bpf$ITER_CREATE(0x21, &(0x7f00000000c0), 0x8)
sendto$isdn(r5, 0x0, 0xee, 0x24008000, 0x0, 0x0)

08:23:26 executing program 0:
perf_event_open(&(0x7f0000000640)={0x2, 0x80, 0xd7, 0x0, 0x0, 0x0, 0x0, 0x2000000000, 0xa40a1, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x10000, 0x0, 0x0, 0x3, 0x1, 0xffffff7c, 0x3, 0x0, 0x2cf6ca54, 0x0, 0x7}, 0x0, 0x2, 0xffffffffffffffff, 0xb)
mmap$perf(&(0x7f0000c00000/0x400000)=nil, 0x400000, 0x3000002, 0x40032, 0xffffffffffffffff, 0x0)
mlock2(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0)
mlock2(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0)
r0 = fork()
r1 = userfaultfd(0x80000)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x543c04, 0x0)
r3 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r4 = dup3(r2, r3, 0x0)
write$binfmt_script(r1, &(0x7f0000000280)=ANY=[@ANYRESOCT=r3, @ANYRES32=r2, @ANYRESOCT, @ANYRESDEC, @ANYRESHEX=r4, @ANYRESDEC=r2], 0x9f)
munlock(&(0x7f0000ef1000/0x2000)=nil, 0x2000)
syz_io_uring_setup(0x2e00, &(0x7f0000000340)={0x0, 0xc9ba, 0x20, 0xfffffffd, 0x2000037d}, &(0x7f0000ff3000/0x4000)=nil, &(0x7f0000eee000/0x8000)=nil, &(0x7f00000001c0), &(0x7f00000003c0))
mlock2(&(0x7f0000d03000/0x1000)=nil, 0x1000, 0x1)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000080)='freezer.parent_freezing\x00', 0x0, 0x0)
move_pages(r0, 0x2, &(0x7f0000000300)=[&(0x7f0000ffd000/0x1000)=nil, &(0x7f0000f10000/0x3000)=nil], 0x0, &(0x7f0000000000), 0x0)
socket$caif_seqpacket(0x25, 0x5, 0x0)
get_robust_list(r0, &(0x7f0000000180)=&(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000000c0)}}, &(0x7f0000000200)=0xc)

08:23:26 executing program 1:
r0 = syz_open_dev$dri(0x0, 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_OBJ_SETPROPERTY(r0, 0xc01864ba, &(0x7f0000000100)={0x6, 0xe, 0x1f})

[  505.506946][T17199] loop4: detected capacity change from 0 to 16
[  505.532267][   T26] audit: type=1800 audit(1632817406.394:56): pid=17199 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.4" name="file0" dev="loop4" ino=24 res=0 errno=0
08:23:26 executing program 0:
perf_event_open(&(0x7f0000000640)={0x2, 0x80, 0xd7, 0x0, 0x0, 0x0, 0x0, 0x2000000000, 0xa40a1, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x10000, 0x0, 0x0, 0x3, 0x1, 0xffffff7c, 0x3, 0x0, 0x2cf6ca54, 0x0, 0x7}, 0x0, 0x2, 0xffffffffffffffff, 0xb)
mmap$perf(&(0x7f0000c00000/0x400000)=nil, 0x400000, 0x3000002, 0x40032, 0xffffffffffffffff, 0x0)
mlock2(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0)
mlock2(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0)
r0 = fork()
r1 = userfaultfd(0x80000)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x543c04, 0x0)
r3 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r4 = dup3(r2, r3, 0x0)
write$binfmt_script(r1, &(0x7f0000000280)=ANY=[@ANYRESOCT=r3, @ANYRES32=r2, @ANYRESOCT, @ANYRESDEC, @ANYRESHEX=r4, @ANYRESDEC=r2], 0x9f)
munlock(&(0x7f0000ef1000/0x2000)=nil, 0x2000)
syz_io_uring_setup(0x2e00, &(0x7f0000000340)={0x0, 0xc9ba, 0x20, 0xfffffffd, 0x2000037d}, &(0x7f0000ff3000/0x4000)=nil, &(0x7f0000eee000/0x8000)=nil, &(0x7f00000001c0), &(0x7f00000003c0))
mlock2(&(0x7f0000d03000/0x1000)=nil, 0x1000, 0x1)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000080)='freezer.parent_freezing\x00', 0x0, 0x0)
move_pages(r0, 0x2, &(0x7f0000000300)=[&(0x7f0000ffd000/0x1000)=nil, &(0x7f0000f10000/0x3000)=nil], &(0x7f00000000c0), 0x0, 0x0)
socket$caif_seqpacket(0x25, 0x5, 0x0)
get_robust_list(r0, &(0x7f0000000180)=&(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000000c0)}}, &(0x7f0000000200)=0xc)

08:23:26 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000)={0x2})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000001c0)={[0x4, 0x0, 0x0, 0x8, 0x1, 0x0, 0x1002]})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000140))
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000056f000/0x18000)=nil, &(0x7f0000000080)=[@text32={0x20, &(0x7f00000000c0)="66ba4000b0c2ee66bad104b829280000efea0e0000000a00b8050000000f23d80f21f835c00000a00f23f8653e65f30f21c62e0fae2b0f01c2b8060000000f23d00f21f835200000000f23f8c4c3a1cf830000000002d9f7", 0x58}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)

08:23:26 executing program 1:
r0 = syz_open_dev$dri(0x0, 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_OBJ_SETPROPERTY(r0, 0xc01864ba, &(0x7f0000000100)={0x6, 0xe, 0x1f})

08:23:27 executing program 0:
perf_event_open(&(0x7f0000000640)={0x2, 0x80, 0xd7, 0x0, 0x0, 0x0, 0x0, 0x2000000000, 0xa40a1, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x10000, 0x0, 0x0, 0x3, 0x1, 0xffffff7c, 0x3, 0x0, 0x2cf6ca54, 0x0, 0x7}, 0x0, 0x2, 0xffffffffffffffff, 0xb)
mmap$perf(&(0x7f0000c00000/0x400000)=nil, 0x400000, 0x3000002, 0x40032, 0xffffffffffffffff, 0x0)
mlock2(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0)
mlock2(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0)
r0 = fork()
r1 = userfaultfd(0x80000)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x543c04, 0x0)
r3 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r4 = dup3(r2, r3, 0x0)
write$binfmt_script(r1, &(0x7f0000000280)=ANY=[@ANYRESOCT=r3, @ANYRES32=r2, @ANYRESOCT, @ANYRESDEC, @ANYRESHEX=r4, @ANYRESDEC=r2], 0x9f)
munlock(&(0x7f0000ef1000/0x2000)=nil, 0x2000)
syz_io_uring_setup(0x2e00, &(0x7f0000000340)={0x0, 0xc9ba, 0x20, 0xfffffffd, 0x2000037d}, &(0x7f0000ff3000/0x4000)=nil, &(0x7f0000eee000/0x8000)=nil, &(0x7f00000001c0), &(0x7f00000003c0))
mlock2(&(0x7f0000d03000/0x1000)=nil, 0x1000, 0x1)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000080)='freezer.parent_freezing\x00', 0x0, 0x0)
move_pages(r0, 0x2, &(0x7f0000000300)=[&(0x7f0000ffd000/0x1000)=nil, &(0x7f0000f10000/0x3000)=nil], &(0x7f00000000c0), 0x0, 0x0)
socket$caif_seqpacket(0x25, 0x5, 0x0)
get_robust_list(r0, &(0x7f0000000180)=&(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000000c0)}}, &(0x7f0000000200)=0xc)

08:23:27 executing program 4:
fcntl$F_GET_FILE_RW_HINT(0xffffffffffffffff, 0x40d, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r0 = getpid()
sched_setattr(0x0, &(0x7f0000000140)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0)
sched_setattr(r0, &(0x7f0000000240)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0)
sendfile(0xffffffffffffffff, r3, 0x0, 0x400000000001002a)
r4 = syz_mount_image$vfat(&(0x7f0000000400), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
r5 = openat(r4, &(0x7f000000c380)='./file0\x00', 0x84842, 0x0)
write(r5, &(0x7f0000004200)='t', 0xfff4)
sendmsg$NL80211_CMD_SET_INTERFACE(0xffffffffffffffff, &(0x7f0000001840)={&(0x7f0000000080), 0xc, &(0x7f0000001800)={&(0x7f00000001c0)=ANY=[@ANYRES64, @ANYRESDEC, @ANYRES32=0x0, @ANYRES32], 0x60}, 0x1, 0x0, 0x0, 0x44090}, 0x0)

08:23:27 executing program 1:
r0 = syz_open_dev$dri(&(0x7f0000000040), 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_OBJ_SETPROPERTY(r0, 0xc01864ba, &(0x7f0000000100)={0x6, 0xe, 0x1f})

08:23:27 executing program 0:
perf_event_open(&(0x7f0000000640)={0x2, 0x80, 0xd7, 0x0, 0x0, 0x0, 0x0, 0x2000000000, 0xa40a1, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x10000, 0x0, 0x0, 0x3, 0x1, 0xffffff7c, 0x3, 0x0, 0x2cf6ca54, 0x0, 0x7}, 0x0, 0x2, 0xffffffffffffffff, 0xb)
mmap$perf(&(0x7f0000c00000/0x400000)=nil, 0x400000, 0x3000002, 0x40032, 0xffffffffffffffff, 0x0)
mlock2(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0)
mlock2(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0)
r0 = fork()
r1 = userfaultfd(0x80000)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x543c04, 0x0)
r3 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r4 = dup3(r2, r3, 0x0)
write$binfmt_script(r1, &(0x7f0000000280)=ANY=[@ANYRESOCT=r3, @ANYRES32=r2, @ANYRESOCT, @ANYRESDEC, @ANYRESHEX=r4, @ANYRESDEC=r2], 0x9f)
munlock(&(0x7f0000ef1000/0x2000)=nil, 0x2000)
syz_io_uring_setup(0x2e00, &(0x7f0000000340)={0x0, 0xc9ba, 0x20, 0xfffffffd, 0x2000037d}, &(0x7f0000ff3000/0x4000)=nil, &(0x7f0000eee000/0x8000)=nil, &(0x7f00000001c0), &(0x7f00000003c0))
mlock2(&(0x7f0000d03000/0x1000)=nil, 0x1000, 0x1)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000080)='freezer.parent_freezing\x00', 0x0, 0x0)
move_pages(r0, 0x2, &(0x7f0000000300)=[&(0x7f0000ffd000/0x1000)=nil, &(0x7f0000f10000/0x3000)=nil], &(0x7f00000000c0), 0x0, 0x0)
socket$caif_seqpacket(0x25, 0x5, 0x0)
get_robust_list(r0, &(0x7f0000000180)=&(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000000c0)}}, &(0x7f0000000200)=0xc)

08:23:27 executing program 2:
syz_open_procfs(0x0, &(0x7f0000000040)='mounts\x00')
syz_open_procfs(0x0, &(0x7f0000000000)='mountstats\x00')
r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000040)={r1})
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000))
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000001c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1003]})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000140)={[{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}]})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000056f000/0x18000)=nil, &(0x7f0000000080)=[@text32={0x20, &(0x7f00000000c0)="66ba4000b0c2ee66bad104b829280000efea0e0000000a00b8050000000f23d80f21f835c00000a00f23f8653e65f30f21c62e0fae2b0f01c2b8060000000f23d00f21f835200000000f23f8c4c3a1cf830000000002d9f7", 0x58}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

08:23:27 executing program 1:
r0 = syz_open_dev$dri(&(0x7f0000000040), 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_OBJ_SETPROPERTY(r0, 0xc01864ba, &(0x7f0000000100)={0x6, 0xe, 0x1f})

[  506.699821][T17243] loop4: detected capacity change from 0 to 16
[  506.722673][   T26] audit: type=1800 audit(1632817407.594:57): pid=17243 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.4" name="file0" dev="loop4" ino=25 res=0 errno=0
08:23:28 executing program 5:
r0 = socket(0x10, 0x803, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$netlink(0x10, 0x3, 0x0)
r3 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x88}}, 0x0)
getsockname$packet(r3, &(0x7f0000000380)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000008c0)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r4, @ANYBLOB="0000000000000000280012000c00010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000080)=ANY=[@ANYBLOB="2c00000024001deeffffff3314fa2182d60fdc00", @ANYRES32=r4, @ANYBLOB="00000000f1ffffff000000000800010061746d"], 0x2c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000980)=@delchain={0x24, 0x28, 0xf31, 0x0, 0x0, {0x0, 0x0, 0x0, r4, {}, {0x1, 0xffff}}}, 0x24}}, 0x0)

08:23:28 executing program 1:
r0 = syz_open_dev$dri(&(0x7f0000000040), 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_OBJ_SETPROPERTY(r0, 0xc01864ba, &(0x7f0000000100)={0x6, 0xe, 0x1f})

08:23:28 executing program 0:
perf_event_open(&(0x7f0000000640)={0x2, 0x80, 0xd7, 0x0, 0x0, 0x0, 0x0, 0x2000000000, 0xa40a1, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x10000, 0x0, 0x0, 0x3, 0x1, 0xffffff7c, 0x3, 0x0, 0x2cf6ca54, 0x0, 0x7}, 0x0, 0x2, 0xffffffffffffffff, 0xb)
mmap$perf(&(0x7f0000c00000/0x400000)=nil, 0x400000, 0x3000002, 0x40032, 0xffffffffffffffff, 0x0)
mlock2(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0)
mlock2(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0)
r0 = fork()
r1 = userfaultfd(0x80000)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x543c04, 0x0)
r3 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r4 = dup3(r2, r3, 0x0)
write$binfmt_script(r1, &(0x7f0000000280)=ANY=[@ANYRESOCT=r3, @ANYRES32=r2, @ANYRESOCT, @ANYRESDEC, @ANYRESHEX=r4, @ANYRESDEC=r2], 0x9f)
munlock(&(0x7f0000ef1000/0x2000)=nil, 0x2000)
syz_io_uring_setup(0x2e00, &(0x7f0000000340)={0x0, 0xc9ba, 0x20, 0xfffffffd, 0x2000037d}, &(0x7f0000ff3000/0x4000)=nil, &(0x7f0000eee000/0x8000)=nil, &(0x7f00000001c0), &(0x7f00000003c0))
mlock2(&(0x7f0000d03000/0x1000)=nil, 0x1000, 0x1)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000080)='freezer.parent_freezing\x00', 0x0, 0x0)
move_pages(r0, 0x2, &(0x7f0000000300)=[&(0x7f0000ffd000/0x1000)=nil, &(0x7f0000f10000/0x3000)=nil], &(0x7f00000000c0), &(0x7f0000000000), 0x0)
socket$caif_seqpacket(0x25, 0x5, 0x0)
get_robust_list(0x0, &(0x7f0000000180)=&(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000000c0)}}, &(0x7f0000000200)=0xc)

08:23:28 executing program 2:
syz_open_procfs(0x0, &(0x7f0000000040)='mounts\x00')
syz_open_procfs(0x0, &(0x7f0000000000)='mountstats\x00')
r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000040)={r1})
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000))
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000001c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1003]})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000140)={[{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}]})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000056f000/0x18000)=nil, &(0x7f0000000080)=[@text32={0x20, &(0x7f00000000c0)="66ba4000b0c2ee66bad104b829280000efea0e0000000a00b8050000000f23d80f21f835c00000a00f23f8653e65f30f21c62e0fae2b0f01c2b8060000000f23d00f21f835200000000f23f8c4c3a1cf830000000002d9f7", 0x58}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

08:23:28 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000)={0x2})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000001c0)={[0x4, 0x0, 0x0, 0x8, 0x1, 0x0, 0x1002]})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000140))
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000056f000/0x18000)=nil, &(0x7f0000000080)=[@text32={0x20, &(0x7f00000000c0)="66ba4000b0c2ee66bad104b829280000efea0e0000000a00b8050000000f23d80f21f835c00000a00f23f8653e65f30f21c62e0fae2b0f01c2b8060000000f23d00f21f835200000000f23f8c4c3a1cf830000000002d9f7", 0x58}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)

08:23:28 executing program 4:
fcntl$F_GET_FILE_RW_HINT(0xffffffffffffffff, 0x40d, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r0 = getpid()
sched_setattr(0x0, &(0x7f0000000140)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0)
sched_setattr(r0, &(0x7f0000000240)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0)
sendfile(0xffffffffffffffff, r3, 0x0, 0x400000000001002a)
r4 = syz_mount_image$vfat(&(0x7f0000000400), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
r5 = openat(r4, &(0x7f000000c380)='./file0\x00', 0x84842, 0x0)
write(r5, &(0x7f0000004200)='t', 0xfff4)
sendmsg$NL80211_CMD_SET_INTERFACE(0xffffffffffffffff, &(0x7f0000001840)={&(0x7f0000000080), 0xc, &(0x7f0000001800)={&(0x7f00000001c0)=ANY=[@ANYRES64, @ANYRESDEC, @ANYRES32=0x0, @ANYRES32], 0x60}, 0x1, 0x0, 0x0, 0x44090}, 0x0)

[  508.157288][T17275] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.5'.
[  508.201747][T17279] loop4: detected capacity change from 0 to 16
08:23:29 executing program 2:
syz_open_procfs(0x0, &(0x7f0000000040)='mounts\x00')
syz_open_procfs(0x0, &(0x7f0000000000)='mountstats\x00')
r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000040)={r1})
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000))
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000001c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1003]})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000140)={[{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}]})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000056f000/0x18000)=nil, &(0x7f0000000080)=[@text32={0x20, &(0x7f00000000c0)="66ba4000b0c2ee66bad104b829280000efea0e0000000a00b8050000000f23d80f21f835c00000a00f23f8653e65f30f21c62e0fae2b0f01c2b8060000000f23d00f21f835200000000f23f8c4c3a1cf830000000002d9f7", 0x58}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

08:23:29 executing program 1:
syz_open_dev$dri(&(0x7f0000000040), 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_OBJ_SETPROPERTY(0xffffffffffffffff, 0xc01864ba, &(0x7f0000000100)={0x6, 0xe, 0x1f})

08:23:29 executing program 0:
perf_event_open(&(0x7f0000000640)={0x2, 0x80, 0xd7, 0x0, 0x0, 0x0, 0x0, 0x2000000000, 0xa40a1, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x10000, 0x0, 0x0, 0x3, 0x1, 0xffffff7c, 0x3, 0x0, 0x2cf6ca54, 0x0, 0x7}, 0x0, 0x2, 0xffffffffffffffff, 0xb)
mmap$perf(&(0x7f0000c00000/0x400000)=nil, 0x400000, 0x3000002, 0x40032, 0xffffffffffffffff, 0x0)
mlock2(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0)
mlock2(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0)
r0 = fork()
r1 = userfaultfd(0x80000)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x543c04, 0x0)
r3 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r4 = dup3(r2, r3, 0x0)
write$binfmt_script(r1, &(0x7f0000000280)=ANY=[@ANYRESOCT=r3, @ANYRES32=r2, @ANYRESOCT, @ANYRESDEC, @ANYRESHEX=r4, @ANYRESDEC=r2], 0x9f)
munlock(&(0x7f0000ef1000/0x2000)=nil, 0x2000)
syz_io_uring_setup(0x2e00, &(0x7f0000000340)={0x0, 0xc9ba, 0x20, 0xfffffffd, 0x2000037d}, &(0x7f0000ff3000/0x4000)=nil, &(0x7f0000eee000/0x8000)=nil, &(0x7f00000001c0), &(0x7f00000003c0))
mlock2(&(0x7f0000d03000/0x1000)=nil, 0x1000, 0x1)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000080)='freezer.parent_freezing\x00', 0x0, 0x0)
move_pages(r0, 0x2, &(0x7f0000000300)=[&(0x7f0000ffd000/0x1000)=nil, &(0x7f0000f10000/0x3000)=nil], &(0x7f00000000c0), &(0x7f0000000000), 0x0)
socket$caif_seqpacket(0x25, 0x5, 0x0)
get_robust_list(0x0, &(0x7f0000000180)=&(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000000c0)}}, &(0x7f0000000200)=0xc)

[  508.546918][T17280] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.5'.
08:23:29 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000)={0x2})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000001c0)={[0x4, 0x0, 0x0, 0x8, 0x1, 0x0, 0x1002]})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000140))
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000056f000/0x18000)=nil, &(0x7f0000000080)=[@text32={0x20, &(0x7f00000000c0)="66ba4000b0c2ee66bad104b829280000efea0e0000000a00b8050000000f23d80f21f835c00000a00f23f8653e65f30f21c62e0fae2b0f01c2b8060000000f23d00f21f835200000000f23f8c4c3a1cf830000000002d9f7", 0x58}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)

08:23:29 executing program 1:
syz_open_dev$dri(&(0x7f0000000040), 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_OBJ_SETPROPERTY(0xffffffffffffffff, 0xc01864ba, &(0x7f0000000100)={0x6, 0xe, 0x1f})

08:23:29 executing program 5:
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
sendmmsg$alg(0xffffffffffffffff, 0x0, 0x0, 0x0)
connect$bt_l2cap(r0, &(0x7f0000000080)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}, 0x0, 0x1}, 0xe)
bind$bt_l2cap(r0, &(0x7f0000000040)={0x1f, 0x0, @fixed}, 0xe)

08:23:29 executing program 2:
syz_open_procfs(0x0, &(0x7f0000000040)='mounts\x00')
syz_open_procfs(0x0, &(0x7f0000000000)='mountstats\x00')
openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000040)={r0})
ioctl$KVM_SET_USER_MEMORY_REGION(r0, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_PIT2(r0, 0x4040ae77, &(0x7f0000000000))
ioctl$KVM_SET_REGS(r1, 0x4090ae82, &(0x7f00000001c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1003]})
ioctl$KVM_RUN(r1, 0xae80, 0x0)
ioctl$KVM_SET_PIT(r0, 0x8048ae66, &(0x7f0000000140)={[{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}]})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000056f000/0x18000)=nil, &(0x7f0000000080)=[@text32={0x20, &(0x7f00000000c0)="66ba4000b0c2ee66bad104b829280000efea0e0000000a00b8050000000f23d80f21f835c00000a00f23f8653e65f30f21c62e0fae2b0f01c2b8060000000f23d00f21f835200000000f23f8c4c3a1cf830000000002d9f7", 0x58}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r1, 0xae80, 0x0)

08:23:29 executing program 0:
perf_event_open(&(0x7f0000000640)={0x2, 0x80, 0xd7, 0x0, 0x0, 0x0, 0x0, 0x2000000000, 0xa40a1, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x10000, 0x0, 0x0, 0x3, 0x1, 0xffffff7c, 0x3, 0x0, 0x2cf6ca54, 0x0, 0x7}, 0x0, 0x2, 0xffffffffffffffff, 0xb)
mmap$perf(&(0x7f0000c00000/0x400000)=nil, 0x400000, 0x3000002, 0x40032, 0xffffffffffffffff, 0x0)
mlock2(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0)
mlock2(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0)
r0 = fork()
r1 = userfaultfd(0x80000)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x543c04, 0x0)
r3 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r4 = dup3(r2, r3, 0x0)
write$binfmt_script(r1, &(0x7f0000000280)=ANY=[@ANYRESOCT=r3, @ANYRES32=r2, @ANYRESOCT, @ANYRESDEC, @ANYRESHEX=r4, @ANYRESDEC=r2], 0x9f)
munlock(&(0x7f0000ef1000/0x2000)=nil, 0x2000)
syz_io_uring_setup(0x2e00, &(0x7f0000000340)={0x0, 0xc9ba, 0x20, 0xfffffffd, 0x2000037d}, &(0x7f0000ff3000/0x4000)=nil, &(0x7f0000eee000/0x8000)=nil, &(0x7f00000001c0), &(0x7f00000003c0))
mlock2(&(0x7f0000d03000/0x1000)=nil, 0x1000, 0x1)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000080)='freezer.parent_freezing\x00', 0x0, 0x0)
move_pages(r0, 0x2, &(0x7f0000000300)=[&(0x7f0000ffd000/0x1000)=nil, &(0x7f0000f10000/0x3000)=nil], &(0x7f00000000c0), &(0x7f0000000000), 0x0)
socket$caif_seqpacket(0x25, 0x5, 0x0)
get_robust_list(0x0, &(0x7f0000000180)=&(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000000c0)}}, &(0x7f0000000200)=0xc)

08:23:29 executing program 1:
syz_open_dev$dri(&(0x7f0000000040), 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_OBJ_SETPROPERTY(0xffffffffffffffff, 0xc01864ba, &(0x7f0000000100)={0x6, 0xe, 0x1f})

08:23:29 executing program 4:
fcntl$F_GET_FILE_RW_HINT(0xffffffffffffffff, 0x40d, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r0 = getpid()
sched_setattr(0x0, &(0x7f0000000140)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0)
sched_setattr(r0, &(0x7f0000000240)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0)
sendfile(0xffffffffffffffff, r3, 0x0, 0x400000000001002a)
r4 = syz_mount_image$vfat(&(0x7f0000000400), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
r5 = openat(r4, &(0x7f000000c380)='./file0\x00', 0x84842, 0x0)
write(r5, &(0x7f0000004200)='t', 0xfff4)
sendmsg$NL80211_CMD_SET_INTERFACE(0xffffffffffffffff, &(0x7f0000001840)={&(0x7f0000000080), 0xc, &(0x7f0000001800)={&(0x7f00000001c0)=ANY=[@ANYRES64, @ANYRESDEC, @ANYRES32=0x0, @ANYRES32], 0x60}, 0x1, 0x0, 0x0, 0x44090}, 0x0)

08:23:29 executing program 5:
r0 = openat$userio(0xffffffffffffff9c, &(0x7f0000000040), 0xcb002, 0x0)
write$USERIO_CMD_SET_PORT_TYPE(r0, &(0x7f0000000100)={0x1, 0x1}, 0x2)
write$USERIO_CMD_REGISTER(r0, &(0x7f0000000080), 0x2)
write$USERIO_CMD_REGISTER(r0, &(0x7f00000000c0), 0x2)

08:23:29 executing program 0:
perf_event_open(&(0x7f0000000640)={0x2, 0x80, 0xd7, 0x0, 0x0, 0x0, 0x0, 0x2000000000, 0xa40a1, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x10000, 0x0, 0x0, 0x3, 0x1, 0xffffff7c, 0x3, 0x0, 0x2cf6ca54, 0x0, 0x7}, 0x0, 0x2, 0xffffffffffffffff, 0xb)
mmap$perf(&(0x7f0000c00000/0x400000)=nil, 0x400000, 0x3000002, 0x40032, 0xffffffffffffffff, 0x0)
mlock2(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0)
mlock2(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0)
r0 = fork()
r1 = userfaultfd(0x80000)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x543c04, 0x0)
r3 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r4 = dup3(r2, r3, 0x0)
write$binfmt_script(r1, &(0x7f0000000280)=ANY=[@ANYRESOCT=r3, @ANYRES32=r2, @ANYRESOCT, @ANYRESDEC, @ANYRESHEX=r4, @ANYRESDEC=r2], 0x9f)
munlock(&(0x7f0000ef1000/0x2000)=nil, 0x2000)
syz_io_uring_setup(0x2e00, &(0x7f0000000340)={0x0, 0xc9ba, 0x20, 0xfffffffd, 0x2000037d}, &(0x7f0000ff3000/0x4000)=nil, &(0x7f0000eee000/0x8000)=nil, &(0x7f00000001c0), &(0x7f00000003c0))
mlock2(&(0x7f0000d03000/0x1000)=nil, 0x1000, 0x1)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000080)='freezer.parent_freezing\x00', 0x0, 0x0)
move_pages(r0, 0x2, &(0x7f0000000300)=[&(0x7f0000ffd000/0x1000)=nil, &(0x7f0000f10000/0x3000)=nil], &(0x7f00000000c0), &(0x7f0000000000), 0x0)
socket$caif_seqpacket(0x25, 0x5, 0x0)
get_robust_list(r0, 0x0, &(0x7f0000000200))

08:23:29 executing program 2:
syz_open_procfs(0x0, &(0x7f0000000040)='mounts\x00')
syz_open_procfs(0x0, &(0x7f0000000000)='mountstats\x00')
openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000040)={r0})
ioctl$KVM_SET_USER_MEMORY_REGION(r0, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_PIT2(r0, 0x4040ae77, &(0x7f0000000000))
ioctl$KVM_SET_REGS(r1, 0x4090ae82, &(0x7f00000001c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1003]})
ioctl$KVM_RUN(r1, 0xae80, 0x0)
ioctl$KVM_SET_PIT(r0, 0x8048ae66, &(0x7f0000000140)={[{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}]})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000056f000/0x18000)=nil, &(0x7f0000000080)=[@text32={0x20, &(0x7f00000000c0)="66ba4000b0c2ee66bad104b829280000efea0e0000000a00b8050000000f23d80f21f835c00000a00f23f8653e65f30f21c62e0fae2b0f01c2b8060000000f23d00f21f835200000000f23f8c4c3a1cf830000000002d9f7", 0x58}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r1, 0xae80, 0x0)

08:23:30 executing program 1:
r0 = syz_open_dev$dri(&(0x7f0000000040), 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_OBJ_SETPROPERTY(r0, 0xc01864ba, 0x0)

[  509.191544][T17338] loop4: detected capacity change from 0 to 16
[  509.279531][T17339] misc userio: No port type given on /dev/userio
08:23:30 executing program 1:
r0 = syz_open_dev$dri(&(0x7f0000000040), 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_OBJ_SETPROPERTY(r0, 0xc01864ba, 0x0)

08:23:30 executing program 2:
syz_open_procfs(0x0, &(0x7f0000000040)='mounts\x00')
syz_open_procfs(0x0, &(0x7f0000000000)='mountstats\x00')
openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000040)={r0})
ioctl$KVM_SET_USER_MEMORY_REGION(r0, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_PIT2(r0, 0x4040ae77, &(0x7f0000000000))
ioctl$KVM_SET_REGS(r1, 0x4090ae82, &(0x7f00000001c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1003]})
ioctl$KVM_RUN(r1, 0xae80, 0x0)
ioctl$KVM_SET_PIT(r0, 0x8048ae66, &(0x7f0000000140)={[{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}]})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000056f000/0x18000)=nil, &(0x7f0000000080)=[@text32={0x20, &(0x7f00000000c0)="66ba4000b0c2ee66bad104b829280000efea0e0000000a00b8050000000f23d80f21f835c00000a00f23f8653e65f30f21c62e0fae2b0f01c2b8060000000f23d00f21f835200000000f23f8c4c3a1cf830000000002d9f7", 0x58}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r1, 0xae80, 0x0)

08:23:30 executing program 5:
syz_usb_connect(0x2, 0x34, &(0x7f0000000a00)={{0x12, 0x1, 0x0, 0x13, 0xa1, 0x6e, 0x40, 0xf11, 0x1035, 0x95ff, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x22, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x49, 0x28, 0x48, 0x0, [], [{{0x9, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [@generic={0x7, 0x5, "89cf510d17"}]}}]}}]}}]}}, 0x0)
syz_open_dev$char_usb(0xc, 0xb4, 0x0)

08:23:30 executing program 0:
perf_event_open(&(0x7f0000000640)={0x2, 0x80, 0xd7, 0x0, 0x0, 0x0, 0x0, 0x2000000000, 0xa40a1, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x10000, 0x0, 0x0, 0x3, 0x1, 0xffffff7c, 0x3, 0x0, 0x2cf6ca54, 0x0, 0x7}, 0x0, 0x2, 0xffffffffffffffff, 0xb)
mmap$perf(&(0x7f0000c00000/0x400000)=nil, 0x400000, 0x3000002, 0x40032, 0xffffffffffffffff, 0x0)
mlock2(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0)
mlock2(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0)
r0 = fork()
r1 = userfaultfd(0x80000)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x543c04, 0x0)
r3 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r4 = dup3(r2, r3, 0x0)
write$binfmt_script(r1, &(0x7f0000000280)=ANY=[@ANYRESOCT=r3, @ANYRES32=r2, @ANYRESOCT, @ANYRESDEC, @ANYRESHEX=r4, @ANYRESDEC=r2], 0x9f)
munlock(&(0x7f0000ef1000/0x2000)=nil, 0x2000)
syz_io_uring_setup(0x2e00, &(0x7f0000000340)={0x0, 0xc9ba, 0x20, 0xfffffffd, 0x2000037d}, &(0x7f0000ff3000/0x4000)=nil, &(0x7f0000eee000/0x8000)=nil, &(0x7f00000001c0), &(0x7f00000003c0))
mlock2(&(0x7f0000d03000/0x1000)=nil, 0x1000, 0x1)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000080)='freezer.parent_freezing\x00', 0x0, 0x0)
move_pages(r0, 0x2, &(0x7f0000000300)=[&(0x7f0000ffd000/0x1000)=nil, &(0x7f0000f10000/0x3000)=nil], &(0x7f00000000c0), &(0x7f0000000000), 0x0)
socket$caif_seqpacket(0x25, 0x5, 0x0)
get_robust_list(r0, 0x0, &(0x7f0000000200))

08:23:30 executing program 1:
r0 = syz_open_dev$dri(&(0x7f0000000040), 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_OBJ_SETPROPERTY(r0, 0xc01864ba, 0x0)

08:23:30 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000)={0x2})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000001c0)={[0x4, 0x0, 0x0, 0x8, 0x1, 0x0, 0x1002]})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000140))
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000056f000/0x18000)=nil, &(0x7f0000000080)=[@text32={0x20, &(0x7f00000000c0)="66ba4000b0c2ee66bad104b829280000efea0e0000000a00b8050000000f23d80f21f835c00000a00f23f8653e65f30f21c62e0fae2b0f01c2b8060000000f23d00f21f835200000000f23f8c4c3a1cf830000000002d9f7", 0x58}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

08:23:30 executing program 1:
r0 = syz_open_dev$dri(&(0x7f0000000040), 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_OBJ_SETPROPERTY(r0, 0xc01864ba, &(0x7f0000000100)={0x0, 0xe, 0x1f})

08:23:30 executing program 4:
fcntl$F_GET_FILE_RW_HINT(0xffffffffffffffff, 0x40d, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r0 = getpid()
sched_setattr(0x0, &(0x7f0000000140)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0)
sched_setattr(r0, &(0x7f0000000240)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0)
sendfile(0xffffffffffffffff, r1, 0x0, 0x400000000001002a)
r2 = syz_mount_image$vfat(&(0x7f0000000400), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
r3 = openat(r2, &(0x7f000000c380)='./file0\x00', 0x84842, 0x0)
write(r3, &(0x7f0000004200)='t', 0xfff4)
sendmsg$NL80211_CMD_SET_INTERFACE(0xffffffffffffffff, &(0x7f0000001840)={&(0x7f0000000080), 0xc, &(0x7f0000001800)={&(0x7f00000001c0)=ANY=[@ANYRES64, @ANYRESDEC, @ANYRES32=0x0, @ANYRES32], 0x60}, 0x1, 0x0, 0x0, 0x44090}, 0x0)

08:23:30 executing program 2:
syz_open_procfs(0x0, &(0x7f0000000040)='mounts\x00')
syz_open_procfs(0x0, &(0x7f0000000000)='mountstats\x00')
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000040)={r1})
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000))
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000001c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1003]})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000140)={[{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}]})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000056f000/0x18000)=nil, &(0x7f0000000080)=[@text32={0x20, &(0x7f00000000c0)="66ba4000b0c2ee66bad104b829280000efea0e0000000a00b8050000000f23d80f21f835c00000a00f23f8653e65f30f21c62e0fae2b0f01c2b8060000000f23d00f21f835200000000f23f8c4c3a1cf830000000002d9f7", 0x58}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

08:23:30 executing program 0:
perf_event_open(&(0x7f0000000640)={0x2, 0x80, 0xd7, 0x0, 0x0, 0x0, 0x0, 0x2000000000, 0xa40a1, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x10000, 0x0, 0x0, 0x3, 0x1, 0xffffff7c, 0x3, 0x0, 0x2cf6ca54, 0x0, 0x7}, 0x0, 0x2, 0xffffffffffffffff, 0xb)
mmap$perf(&(0x7f0000c00000/0x400000)=nil, 0x400000, 0x3000002, 0x40032, 0xffffffffffffffff, 0x0)
mlock2(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0)
mlock2(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0)
r0 = fork()
r1 = userfaultfd(0x80000)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x543c04, 0x0)
r3 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r4 = dup3(r2, r3, 0x0)
write$binfmt_script(r1, &(0x7f0000000280)=ANY=[@ANYRESOCT=r3, @ANYRES32=r2, @ANYRESOCT, @ANYRESDEC, @ANYRESHEX=r4, @ANYRESDEC=r2], 0x9f)
munlock(&(0x7f0000ef1000/0x2000)=nil, 0x2000)
syz_io_uring_setup(0x2e00, &(0x7f0000000340)={0x0, 0xc9ba, 0x20, 0xfffffffd, 0x2000037d}, &(0x7f0000ff3000/0x4000)=nil, &(0x7f0000eee000/0x8000)=nil, &(0x7f00000001c0), &(0x7f00000003c0))
mlock2(&(0x7f0000d03000/0x1000)=nil, 0x1000, 0x1)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000080)='freezer.parent_freezing\x00', 0x0, 0x0)
move_pages(r0, 0x2, &(0x7f0000000300)=[&(0x7f0000ffd000/0x1000)=nil, &(0x7f0000f10000/0x3000)=nil], &(0x7f00000000c0), &(0x7f0000000000), 0x0)
socket$caif_seqpacket(0x25, 0x5, 0x0)
get_robust_list(r0, 0x0, &(0x7f0000000200))

08:23:30 executing program 1:
r0 = syz_open_dev$dri(&(0x7f0000000040), 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_OBJ_SETPROPERTY(r0, 0xc01864ba, &(0x7f0000000100)={0x0, 0xe, 0x1f})

[  510.073104][T17388] loop4: detected capacity change from 0 to 16
[  510.091887][   T26] kauditd_printk_skb: 1 callbacks suppressed
[  510.091902][   T26] audit: type=1800 audit(1632817410.965:59): pid=17388 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.4" name="file0" dev="loop4" ino=27 res=0 errno=0
08:23:31 executing program 4:
fcntl$F_GET_FILE_RW_HINT(0xffffffffffffffff, 0x40d, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r0 = getpid()
sched_setattr(0x0, &(0x7f0000000140)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0)
sched_setattr(r0, &(0x7f0000000240)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0)
sendfile(0xffffffffffffffff, r1, 0x0, 0x400000000001002a)
r2 = syz_mount_image$vfat(&(0x7f0000000400), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
r3 = openat(r2, &(0x7f000000c380)='./file0\x00', 0x84842, 0x0)
write(r3, &(0x7f0000004200)='t', 0xfff4)
sendmsg$NL80211_CMD_SET_INTERFACE(0xffffffffffffffff, &(0x7f0000001840)={&(0x7f0000000080), 0xc, &(0x7f0000001800)={&(0x7f00000001c0)=ANY=[@ANYRES64, @ANYRESDEC, @ANYRES32=0x0, @ANYRES32], 0x60}, 0x1, 0x0, 0x0, 0x44090}, 0x0)

[  510.118791][    C1] vkms_vblank_simulate: vblank timer overrun
[  510.126227][   T25] usb 6-1: new full-speed USB device number 31 using dummy_hcd
08:23:31 executing program 2:
syz_open_procfs(0x0, &(0x7f0000000040)='mounts\x00')
syz_open_procfs(0x0, &(0x7f0000000000)='mountstats\x00')
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000040)={r1})
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000))
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000001c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1003]})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000140)={[{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}]})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000056f000/0x18000)=nil, &(0x7f0000000080)=[@text32={0x20, &(0x7f00000000c0)="66ba4000b0c2ee66bad104b829280000efea0e0000000a00b8050000000f23d80f21f835c00000a00f23f8653e65f30f21c62e0fae2b0f01c2b8060000000f23d00f21f835200000000f23f8c4c3a1cf830000000002d9f7", 0x58}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  510.267051][T17400] loop4: detected capacity change from 0 to 16
[  510.281295][   T26] audit: type=1800 audit(1632817411.155:60): pid=17400 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.4" name="file0" dev="loop4" ino=28 res=0 errno=0
[  510.500163][   T25] usb 6-1: config 0 interface 0 altsetting 0 has an invalid endpoint with address 0x0, skipping
[  510.530287][   T25] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid maxpacket 1361, setting to 64
[  510.563496][   T25] usb 6-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 1
[  510.591566][   T25] usb 6-1: New USB device found, idVendor=0f11, idProduct=1035, bcdDevice=95.ff
[  510.622321][   T25] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  510.648504][   T25] usb 6-1: config 0 descriptor??
[  510.670941][T17363] raw-gadget gadget: fail, usb_ep_enable returned -22
[  510.691427][   T25] ldusb 6-1:0.0: Interrupt out endpoint not found (using control endpoint instead)
[  510.722564][   T25] ldusb 6-1:0.0: LD USB Device #0 now attached to major 180 minor 0
08:23:31 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000)={0x2})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000001c0)={[0x4, 0x0, 0x0, 0x8, 0x1, 0x0, 0x1002]})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000140))
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000056f000/0x18000)=nil, &(0x7f0000000080)=[@text32={0x20, &(0x7f00000000c0)="66ba4000b0c2ee66bad104b829280000efea0e0000000a00b8050000000f23d80f21f835c00000a00f23f8653e65f30f21c62e0fae2b0f01c2b8060000000f23d00f21f835200000000f23f8c4c3a1cf830000000002d9f7", 0x58}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

08:23:31 executing program 1:
r0 = syz_open_dev$dri(&(0x7f0000000040), 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_OBJ_SETPROPERTY(r0, 0xc01864ba, &(0x7f0000000100)={0x0, 0xe, 0x1f})

[  510.906998][   T20] usb 6-1: USB disconnect, device number 31
[  510.930887][   T20] ldusb 6-1:0.0: LD USB Device #0 now disconnected
[  511.679893][   T25] usb 6-1: new full-speed USB device number 32 using dummy_hcd
[  512.039998][   T25] usb 6-1: config 0 interface 0 altsetting 0 has an invalid endpoint with address 0x0, skipping
[  512.050628][   T25] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid maxpacket 1361, setting to 64
[  512.061608][   T25] usb 6-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 1
[  512.074650][   T25] usb 6-1: New USB device found, idVendor=0f11, idProduct=1035, bcdDevice=95.ff
[  512.083826][   T25] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  512.097865][   T25] usb 6-1: config 0 descriptor??
[  512.120414][T17363] raw-gadget gadget: fail, usb_ep_enable returned -22
[  512.142387][   T25] ldusb 6-1:0.0: Interrupt out endpoint not found (using control endpoint instead)
[  512.170789][   T25] ldusb 6-1:0.0: LD USB Device #0 now attached to major 180 minor 0
08:23:33 executing program 5:
syz_usb_connect(0x2, 0x34, &(0x7f0000000a00)={{0x12, 0x1, 0x0, 0x13, 0xa1, 0x6e, 0x40, 0xf11, 0x1035, 0x95ff, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x22, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x49, 0x28, 0x48, 0x0, [], [{{0x9, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [@generic={0x7, 0x5, "89cf510d17"}]}}]}}]}}]}}, 0x0)
syz_open_dev$char_usb(0xc, 0xb4, 0x0)

08:23:33 executing program 0:
perf_event_open(&(0x7f0000000640)={0x2, 0x80, 0xd7, 0x0, 0x0, 0x0, 0x0, 0x2000000000, 0xa40a1, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x10000, 0x0, 0x0, 0x3, 0x1, 0xffffff7c, 0x3, 0x0, 0x2cf6ca54, 0x0, 0x7}, 0x0, 0x2, 0xffffffffffffffff, 0xb)
mmap$perf(&(0x7f0000c00000/0x400000)=nil, 0x400000, 0x3000002, 0x40032, 0xffffffffffffffff, 0x0)
mlock2(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0)
mlock2(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0)
r0 = fork()
r1 = userfaultfd(0x80000)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x543c04, 0x0)
r3 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r4 = dup3(r2, r3, 0x0)
write$binfmt_script(r1, &(0x7f0000000280)=ANY=[@ANYRESOCT=r3, @ANYRES32=r2, @ANYRESOCT, @ANYRESDEC, @ANYRESHEX=r4, @ANYRESDEC=r2], 0x9f)
munlock(&(0x7f0000ef1000/0x2000)=nil, 0x2000)
syz_io_uring_setup(0x2e00, &(0x7f0000000340)={0x0, 0xc9ba, 0x20, 0xfffffffd, 0x2000037d}, &(0x7f0000ff3000/0x4000)=nil, &(0x7f0000eee000/0x8000)=nil, &(0x7f00000001c0), &(0x7f00000003c0))
mlock2(&(0x7f0000d03000/0x1000)=nil, 0x1000, 0x1)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000080)='freezer.parent_freezing\x00', 0x0, 0x0)
move_pages(r0, 0x2, &(0x7f0000000300)=[&(0x7f0000ffd000/0x1000)=nil, &(0x7f0000f10000/0x3000)=nil], &(0x7f00000000c0), &(0x7f0000000000), 0x0)
socket$caif_seqpacket(0x25, 0x5, 0x0)
get_robust_list(r0, &(0x7f0000000180)=0x0, &(0x7f0000000200))

08:23:33 executing program 2:
syz_open_procfs(0x0, &(0x7f0000000040)='mounts\x00')
syz_open_procfs(0x0, &(0x7f0000000000)='mountstats\x00')
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000040)={r1})
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000))
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000001c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1003]})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000140)={[{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}]})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000056f000/0x18000)=nil, &(0x7f0000000080)=[@text32={0x20, &(0x7f00000000c0)="66ba4000b0c2ee66bad104b829280000efea0e0000000a00b8050000000f23d80f21f835c00000a00f23f8653e65f30f21c62e0fae2b0f01c2b8060000000f23d00f21f835200000000f23f8c4c3a1cf830000000002d9f7", 0x58}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

08:23:33 executing program 4:
fcntl$F_GET_FILE_RW_HINT(0xffffffffffffffff, 0x40d, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r0 = getpid()
sched_setattr(0x0, &(0x7f0000000140)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0)
sched_setattr(r0, &(0x7f0000000240)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0)
sendfile(0xffffffffffffffff, r1, 0x0, 0x400000000001002a)
r2 = syz_mount_image$vfat(&(0x7f0000000400), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
r3 = openat(r2, &(0x7f000000c380)='./file0\x00', 0x84842, 0x0)
write(r3, &(0x7f0000004200)='t', 0xfff4)
sendmsg$NL80211_CMD_SET_INTERFACE(0xffffffffffffffff, &(0x7f0000001840)={&(0x7f0000000080), 0xc, &(0x7f0000001800)={&(0x7f00000001c0)=ANY=[@ANYRES64, @ANYRESDEC, @ANYRES32=0x0, @ANYRES32], 0x60}, 0x1, 0x0, 0x0, 0x44090}, 0x0)

08:23:33 executing program 1:
r0 = syz_open_dev$dri(&(0x7f0000000040), 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_OBJ_SETPROPERTY(r0, 0xc01864ba, &(0x7f0000000100)={0x6, 0x0, 0x1f})

08:23:33 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000)={0x2})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000001c0)={[0x4, 0x0, 0x0, 0x8, 0x1, 0x0, 0x1002]})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000140))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  512.367656][ T1051] usb 6-1: USB disconnect, device number 32
[  512.375592][ T1051] ldusb 6-1:0.0: LD USB Device #0 now disconnected
08:23:33 executing program 1:
r0 = syz_open_dev$dri(&(0x7f0000000040), 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_OBJ_SETPROPERTY(r0, 0xc01864ba, &(0x7f0000000100)={0x6, 0x0, 0x1f})

08:23:33 executing program 0:
perf_event_open(&(0x7f0000000640)={0x2, 0x80, 0xd7, 0x0, 0x0, 0x0, 0x0, 0x2000000000, 0xa40a1, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x10000, 0x0, 0x0, 0x3, 0x1, 0xffffff7c, 0x3, 0x0, 0x2cf6ca54, 0x0, 0x7}, 0x0, 0x2, 0xffffffffffffffff, 0xb)
mmap$perf(&(0x7f0000c00000/0x400000)=nil, 0x400000, 0x3000002, 0x40032, 0xffffffffffffffff, 0x0)
mlock2(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0)
mlock2(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0)
r0 = fork()
r1 = userfaultfd(0x80000)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x543c04, 0x0)
r3 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r4 = dup3(r2, r3, 0x0)
write$binfmt_script(r1, &(0x7f0000000280)=ANY=[@ANYRESOCT=r3, @ANYRES32=r2, @ANYRESOCT, @ANYRESDEC, @ANYRESHEX=r4, @ANYRESDEC=r2], 0x9f)
munlock(&(0x7f0000ef1000/0x2000)=nil, 0x2000)
syz_io_uring_setup(0x2e00, &(0x7f0000000340)={0x0, 0xc9ba, 0x20, 0xfffffffd, 0x2000037d}, &(0x7f0000ff3000/0x4000)=nil, &(0x7f0000eee000/0x8000)=nil, &(0x7f00000001c0), &(0x7f00000003c0))
mlock2(&(0x7f0000d03000/0x1000)=nil, 0x1000, 0x1)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000080)='freezer.parent_freezing\x00', 0x0, 0x0)
move_pages(r0, 0x2, &(0x7f0000000300)=[&(0x7f0000ffd000/0x1000)=nil, &(0x7f0000f10000/0x3000)=nil], &(0x7f00000000c0), &(0x7f0000000000), 0x0)
socket$caif_seqpacket(0x25, 0x5, 0x0)
get_robust_list(r0, &(0x7f0000000180)=0x0, &(0x7f0000000200))

08:23:33 executing program 4:
fcntl$F_GET_FILE_RW_HINT(0xffffffffffffffff, 0x40d, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
getpid()
sched_setattr(0x0, &(0x7f0000000140)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0)
sendfile(0xffffffffffffffff, r2, 0x0, 0x400000000001002a)
r3 = syz_mount_image$vfat(&(0x7f0000000400), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
r4 = openat(r3, &(0x7f000000c380)='./file0\x00', 0x84842, 0x0)
write(r4, &(0x7f0000004200)='t', 0xfff4)
sendmsg$NL80211_CMD_SET_INTERFACE(0xffffffffffffffff, &(0x7f0000001840)={&(0x7f0000000080), 0xc, &(0x7f0000001800)={&(0x7f00000001c0)=ANY=[@ANYRES64, @ANYRESDEC, @ANYRES32=0x0, @ANYRES32], 0x60}, 0x1, 0x0, 0x0, 0x44090}, 0x0)

[  512.516371][T17479] loop4: detected capacity change from 0 to 16
[  512.533750][   T26] audit: type=1800 audit(1632817413.405:61): pid=17479 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.4" name="file0" dev="loop4" ino=29 res=0 errno=0
[  512.553813][    C1] vkms_vblank_simulate: vblank timer overrun
08:23:33 executing program 2:
syz_open_procfs(0x0, &(0x7f0000000040)='mounts\x00')
syz_open_procfs(0x0, &(0x7f0000000000)='mountstats\x00')
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000))
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000001c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1003]})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000140)={[{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}]})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000056f000/0x18000)=nil, &(0x7f0000000080)=[@text32={0x20, &(0x7f00000000c0)="66ba4000b0c2ee66bad104b829280000efea0e0000000a00b8050000000f23d80f21f835c00000a00f23f8653e65f30f21c62e0fae2b0f01c2b8060000000f23d00f21f835200000000f23f8c4c3a1cf830000000002d9f7", 0x58}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

08:23:33 executing program 1:
r0 = syz_open_dev$dri(&(0x7f0000000040), 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_OBJ_SETPROPERTY(r0, 0xc01864ba, &(0x7f0000000100)={0x6, 0x0, 0x1f})

08:23:33 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000)={0x2})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000001c0)={[0x4, 0x0, 0x0, 0x8, 0x1, 0x0, 0x1002]})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000140))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  512.902146][T17517] loop4: detected capacity change from 0 to 16
[  512.999763][ T1051] usb 6-1: new full-speed USB device number 33 using dummy_hcd
[  513.430209][ T1051] usb 6-1: config 0 interface 0 altsetting 0 has an invalid endpoint with address 0x0, skipping
[  513.456382][ T1051] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid maxpacket 1361, setting to 64
[  513.509826][ T1051] usb 6-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 1
[  513.570137][ T1051] usb 6-1: New USB device found, idVendor=0f11, idProduct=1035, bcdDevice=95.ff
[  513.609684][ T1051] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  513.632192][ T1051] usb 6-1: config 0 descriptor??
[  513.663011][T17486] raw-gadget gadget: fail, usb_ep_enable returned -22
[  513.720187][ T1051] ldusb 6-1:0.0: Interrupt out endpoint not found (using control endpoint instead)
[  513.744488][ T1051] ldusb 6-1:0.0: LD USB Device #0 now attached to major 180 minor 0
[  513.975287][   T25] usb 6-1: USB disconnect, device number 33
[  514.002233][   T25] ldusb 6-1:0.0: LD USB Device #0 now disconnected
08:23:35 executing program 5:
syz_mount_image$sysv(&(0x7f00000015c0), &(0x7f0000001600)='./file0\x00', 0x4800, 0x0, &(0x7f0000001700), 0x0, &(0x7f0000001740))

08:23:35 executing program 1:
r0 = syz_open_dev$dri(&(0x7f0000000040), 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_OBJ_SETPROPERTY(r0, 0xc01864ba, &(0x7f0000000100)={0x6, 0xe})

08:23:35 executing program 0:
perf_event_open(&(0x7f0000000640)={0x2, 0x80, 0xd7, 0x0, 0x0, 0x0, 0x0, 0x2000000000, 0xa40a1, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x10000, 0x0, 0x0, 0x3, 0x1, 0xffffff7c, 0x3, 0x0, 0x2cf6ca54, 0x0, 0x7}, 0x0, 0x2, 0xffffffffffffffff, 0xb)
mmap$perf(&(0x7f0000c00000/0x400000)=nil, 0x400000, 0x3000002, 0x40032, 0xffffffffffffffff, 0x0)
mlock2(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0)
mlock2(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0)
r0 = fork()
r1 = userfaultfd(0x80000)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x543c04, 0x0)
r3 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r4 = dup3(r2, r3, 0x0)
write$binfmt_script(r1, &(0x7f0000000280)=ANY=[@ANYRESOCT=r3, @ANYRES32=r2, @ANYRESOCT, @ANYRESDEC, @ANYRESHEX=r4, @ANYRESDEC=r2], 0x9f)
munlock(&(0x7f0000ef1000/0x2000)=nil, 0x2000)
syz_io_uring_setup(0x2e00, &(0x7f0000000340)={0x0, 0xc9ba, 0x20, 0xfffffffd, 0x2000037d}, &(0x7f0000ff3000/0x4000)=nil, &(0x7f0000eee000/0x8000)=nil, &(0x7f00000001c0), &(0x7f00000003c0))
mlock2(&(0x7f0000d03000/0x1000)=nil, 0x1000, 0x1)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000080)='freezer.parent_freezing\x00', 0x0, 0x0)
move_pages(r0, 0x2, &(0x7f0000000300)=[&(0x7f0000ffd000/0x1000)=nil, &(0x7f0000f10000/0x3000)=nil], &(0x7f00000000c0), &(0x7f0000000000), 0x0)
socket$caif_seqpacket(0x25, 0x5, 0x0)
get_robust_list(r0, &(0x7f0000000180)=0x0, &(0x7f0000000200))

08:23:35 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000)={0x2})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000001c0)={[0x4, 0x0, 0x0, 0x8, 0x1, 0x0, 0x1002]})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000140))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

08:23:35 executing program 2:
syz_open_procfs(0x0, &(0x7f0000000040)='mounts\x00')
syz_open_procfs(0x0, &(0x7f0000000000)='mountstats\x00')
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000))
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000001c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1003]})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000140)={[{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}]})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000056f000/0x18000)=nil, &(0x7f0000000080)=[@text32={0x20, &(0x7f00000000c0)="66ba4000b0c2ee66bad104b829280000efea0e0000000a00b8050000000f23d80f21f835c00000a00f23f8653e65f30f21c62e0fae2b0f01c2b8060000000f23d00f21f835200000000f23f8c4c3a1cf830000000002d9f7", 0x58}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

08:23:35 executing program 4:
fcntl$F_GET_FILE_RW_HINT(0xffffffffffffffff, 0x40d, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
getpid()
sched_setattr(0x0, &(0x7f0000000140)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0)
sendfile(0xffffffffffffffff, r2, 0x0, 0x400000000001002a)
r3 = syz_mount_image$vfat(&(0x7f0000000400), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
r4 = openat(r3, &(0x7f000000c380)='./file0\x00', 0x84842, 0x0)
write(r4, &(0x7f0000004200)='t', 0xfff4)
sendmsg$NL80211_CMD_SET_INTERFACE(0xffffffffffffffff, &(0x7f0000001840)={&(0x7f0000000080), 0xc, &(0x7f0000001800)={&(0x7f00000001c0)=ANY=[@ANYRES64, @ANYRESDEC, @ANYRES32=0x0, @ANYRES32], 0x60}, 0x1, 0x0, 0x0, 0x44090}, 0x0)

[  514.601490][T17569] loop5: detected capacity change from 0 to 36
08:23:35 executing program 0:
perf_event_open(&(0x7f0000000640)={0x2, 0x80, 0xd7, 0x0, 0x0, 0x0, 0x0, 0x2000000000, 0xa40a1, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x10000, 0x0, 0x0, 0x3, 0x1, 0xffffff7c, 0x3, 0x0, 0x2cf6ca54, 0x0, 0x7}, 0x0, 0x2, 0xffffffffffffffff, 0xb)
mmap$perf(&(0x7f0000c00000/0x400000)=nil, 0x400000, 0x3000002, 0x40032, 0xffffffffffffffff, 0x0)
mlock2(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0)
mlock2(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0)
r0 = fork()
r1 = userfaultfd(0x80000)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x543c04, 0x0)
r3 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r4 = dup3(r2, r3, 0x0)
write$binfmt_script(r1, &(0x7f0000000280)=ANY=[@ANYRESOCT=r3, @ANYRES32=r2, @ANYRESOCT, @ANYRESDEC, @ANYRESHEX=r4, @ANYRESDEC=r2], 0x9f)
munlock(&(0x7f0000ef1000/0x2000)=nil, 0x2000)
syz_io_uring_setup(0x2e00, &(0x7f0000000340)={0x0, 0xc9ba, 0x20, 0xfffffffd, 0x2000037d}, &(0x7f0000ff3000/0x4000)=nil, &(0x7f0000eee000/0x8000)=nil, &(0x7f00000001c0), &(0x7f00000003c0))
mlock2(&(0x7f0000d03000/0x1000)=nil, 0x1000, 0x1)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000080)='freezer.parent_freezing\x00', 0x0, 0x0)
move_pages(r0, 0x2, &(0x7f0000000300)=[&(0x7f0000ffd000/0x1000)=nil, &(0x7f0000f10000/0x3000)=nil], &(0x7f00000000c0), &(0x7f0000000000), 0x0)
socket$caif_seqpacket(0x25, 0x5, 0x0)
get_robust_list(r0, &(0x7f0000000180)=&(0x7f0000000140), &(0x7f0000000200)=0x18)

08:23:35 executing program 1:
r0 = syz_open_dev$dri(&(0x7f0000000040), 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_OBJ_SETPROPERTY(r0, 0xc01864ba, &(0x7f0000000100)={0x6, 0xe})

[  514.708653][T17584] loop4: detected capacity change from 0 to 16
[  514.735703][T17569] VFS: unable to find oldfs superblock on device loop5
[  514.767986][   T26] audit: type=1800 audit(1632817415.635:62): pid=17584 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.4" name="file0" dev="loop4" ino=30 res=0 errno=0
08:23:35 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000)={0x2})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000001c0)={[0x4, 0x0, 0x0, 0x8, 0x1, 0x0, 0x1002]})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000056f000/0x18000)=nil, &(0x7f0000000080)=[@text32={0x20, &(0x7f00000000c0)="66ba4000b0c2ee66bad104b829280000efea0e0000000a00b8050000000f23d80f21f835c00000a00f23f8653e65f30f21c62e0fae2b0f01c2b8060000000f23d00f21f835200000000f23f8c4c3a1cf830000000002d9f7", 0x58}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  514.864818][T17569] loop5: detected capacity change from 0 to 36
[  514.901762][T17569] VFS: unable to find oldfs superblock on device loop5
08:23:35 executing program 2:
syz_open_procfs(0x0, &(0x7f0000000040)='mounts\x00')
syz_open_procfs(0x0, &(0x7f0000000000)='mountstats\x00')
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000))
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000001c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1003]})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000140)={[{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}]})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000056f000/0x18000)=nil, &(0x7f0000000080)=[@text32={0x20, &(0x7f00000000c0)="66ba4000b0c2ee66bad104b829280000efea0e0000000a00b8050000000f23d80f21f835c00000a00f23f8653e65f30f21c62e0fae2b0f01c2b8060000000f23d00f21f835200000000f23f8c4c3a1cf830000000002d9f7", 0x58}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

08:23:35 executing program 1:
r0 = syz_open_dev$dri(&(0x7f0000000040), 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_OBJ_SETPROPERTY(r0, 0xc01864ba, &(0x7f0000000100)={0x6, 0xe})

08:23:35 executing program 0:
perf_event_open(&(0x7f0000000640)={0x2, 0x80, 0xd7, 0x0, 0x0, 0x0, 0x0, 0x2000000000, 0xa40a1, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x10000, 0x0, 0x0, 0x3, 0x1, 0xffffff7c, 0x3, 0x0, 0x2cf6ca54, 0x0, 0x7}, 0x0, 0x2, 0xffffffffffffffff, 0xb)
mmap$perf(&(0x7f0000c00000/0x400000)=nil, 0x400000, 0x3000002, 0x40032, 0xffffffffffffffff, 0x0)
mlock2(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0)
mlock2(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0)
r0 = fork()
r1 = userfaultfd(0x80000)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x543c04, 0x0)
r3 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r4 = dup3(r2, r3, 0x0)
write$binfmt_script(r1, &(0x7f0000000280)=ANY=[@ANYRESOCT=r3, @ANYRES32=r2, @ANYRESOCT, @ANYRESDEC, @ANYRESHEX=r4, @ANYRESDEC=r2], 0x9f)
munlock(&(0x7f0000ef1000/0x2000)=nil, 0x2000)
syz_io_uring_setup(0x2e00, &(0x7f0000000340)={0x0, 0xc9ba, 0x20, 0xfffffffd, 0x2000037d}, &(0x7f0000ff3000/0x4000)=nil, &(0x7f0000eee000/0x8000)=nil, &(0x7f00000001c0), &(0x7f00000003c0))
mlock2(&(0x7f0000d03000/0x1000)=nil, 0x1000, 0x1)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000080)='freezer.parent_freezing\x00', 0x0, 0x0)
move_pages(r0, 0x2, &(0x7f0000000300)=[&(0x7f0000ffd000/0x1000)=nil, &(0x7f0000f10000/0x3000)=nil], &(0x7f00000000c0), &(0x7f0000000000), 0x0)
socket$caif_seqpacket(0x25, 0x5, 0x0)
get_robust_list(r0, &(0x7f0000000180)=&(0x7f0000000140), &(0x7f0000000200)=0x18)

08:23:35 executing program 5:
sched_setattr(0x0, 0x0, 0x0)
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000040)={0x1, &(0x7f00000003c0)=[{0x6, 0x0, 0x0, 0x7fc02000}]})
ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, 0x0)
close(r0)

08:23:36 executing program 1:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f00000000c0)={0x38, 0x0, 0x0, 0x0, 0x5}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f00000bd000), 0x318, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, 0x0, 0x0)
lsetxattr$system_posix_acl(&(0x7f0000000100)='./file0\x00', &(0x7f00000001c0)='system.posix_acl_access\x00', &(0x7f00000002c0)=ANY=[@ANYBLOB, @ANYRES32=0xee01, @ANYBLOB="4f8ff14d", @ANYRES16, @ANYBLOB="040004000000", @ANYBLOB="08000200", @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB, @ANYBLOB="100014000000000020000400010000006ca7a82a24f9be0eea5fb45e128c3ce0bc762a"], 0x54, 0x1)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
sched_setattr(r0, &(0x7f0000000240)={0x38, 0x6, 0x8, 0x7, 0x32, 0xe6, 0x5, 0x0, 0x0, 0x7}, 0x0)
perf_event_open(&(0x7f0000000480)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
io_uring_enter(r2, 0x77e6, 0xf6df, 0x1, &(0x7f0000000040), 0x8)

08:23:36 executing program 2:
syz_open_procfs(0x0, &(0x7f0000000040)='mounts\x00')
syz_open_procfs(0x0, &(0x7f0000000000)='mountstats\x00')
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000040))
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000))
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000001c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1003]})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000140)={[{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}]})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000056f000/0x18000)=nil, &(0x7f0000000080)=[@text32={0x20, &(0x7f00000000c0)="66ba4000b0c2ee66bad104b829280000efea0e0000000a00b8050000000f23d80f21f835c00000a00f23f8653e65f30f21c62e0fae2b0f01c2b8060000000f23d00f21f835200000000f23f8c4c3a1cf830000000002d9f7", 0x58}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

08:23:36 executing program 0:
perf_event_open(&(0x7f0000000640)={0x2, 0x80, 0xd7, 0x0, 0x0, 0x0, 0x0, 0x2000000000, 0xa40a1, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x10000, 0x0, 0x0, 0x3, 0x1, 0xffffff7c, 0x3, 0x0, 0x2cf6ca54, 0x0, 0x7}, 0x0, 0x2, 0xffffffffffffffff, 0xb)
mmap$perf(&(0x7f0000c00000/0x400000)=nil, 0x400000, 0x3000002, 0x40032, 0xffffffffffffffff, 0x0)
mlock2(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0)
mlock2(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0)
r0 = fork()
r1 = userfaultfd(0x80000)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x543c04, 0x0)
r3 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r4 = dup3(r2, r3, 0x0)
write$binfmt_script(r1, &(0x7f0000000280)=ANY=[@ANYRESOCT=r3, @ANYRES32=r2, @ANYRESOCT, @ANYRESDEC, @ANYRESHEX=r4, @ANYRESDEC=r2], 0x9f)
munlock(&(0x7f0000ef1000/0x2000)=nil, 0x2000)
syz_io_uring_setup(0x2e00, &(0x7f0000000340)={0x0, 0xc9ba, 0x20, 0xfffffffd, 0x2000037d}, &(0x7f0000ff3000/0x4000)=nil, &(0x7f0000eee000/0x8000)=nil, &(0x7f00000001c0), &(0x7f00000003c0))
mlock2(&(0x7f0000d03000/0x1000)=nil, 0x1000, 0x1)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000080)='freezer.parent_freezing\x00', 0x0, 0x0)
move_pages(r0, 0x2, &(0x7f0000000300)=[&(0x7f0000ffd000/0x1000)=nil, &(0x7f0000f10000/0x3000)=nil], &(0x7f00000000c0), &(0x7f0000000000), 0x0)
socket$caif_seqpacket(0x25, 0x5, 0x0)
get_robust_list(r0, &(0x7f0000000180)=&(0x7f0000000140), &(0x7f0000000200)=0x18)

08:23:36 executing program 5:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0xe, 0x5ee}, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x0, 0x3}, 0x0)
r0 = msgget$private(0x0, 0x0)
msgrcv(r0, &(0x7f00000002c0)=ANY=[], 0xab, 0x0, 0x0)
msgsnd(r0, &(0x7f0000000380)={0x3}, 0x8, 0x0)

08:23:37 executing program 4:
fcntl$F_GET_FILE_RW_HINT(0xffffffffffffffff, 0x40d, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
getpid()
sched_setattr(0x0, &(0x7f0000000140)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0)
sendfile(0xffffffffffffffff, r2, 0x0, 0x400000000001002a)
r3 = syz_mount_image$vfat(&(0x7f0000000400), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
r4 = openat(r3, &(0x7f000000c380)='./file0\x00', 0x84842, 0x0)
write(r4, &(0x7f0000004200)='t', 0xfff4)
sendmsg$NL80211_CMD_SET_INTERFACE(0xffffffffffffffff, &(0x7f0000001840)={&(0x7f0000000080), 0xc, &(0x7f0000001800)={&(0x7f00000001c0)=ANY=[@ANYRES64, @ANYRESDEC, @ANYRES32=0x0, @ANYRES32], 0x60}, 0x1, 0x0, 0x0, 0x44090}, 0x0)

08:23:37 executing program 0:
perf_event_open(&(0x7f0000000640)={0x2, 0x80, 0xd7, 0x0, 0x0, 0x0, 0x0, 0x2000000000, 0xa40a1, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x10000, 0x0, 0x0, 0x3, 0x1, 0xffffff7c, 0x3, 0x0, 0x2cf6ca54, 0x0, 0x7}, 0x0, 0x2, 0xffffffffffffffff, 0xb)
mmap$perf(&(0x7f0000c00000/0x400000)=nil, 0x400000, 0x3000002, 0x40032, 0xffffffffffffffff, 0x0)
mlock2(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0)
mlock2(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0)
r0 = fork()
r1 = userfaultfd(0x80000)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x543c04, 0x0)
r3 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r4 = dup3(r2, r3, 0x0)
write$binfmt_script(r1, &(0x7f0000000280)=ANY=[@ANYRESOCT=r3, @ANYRES32=r2, @ANYRESOCT, @ANYRESDEC, @ANYRESHEX=r4, @ANYRESDEC=r2], 0x9f)
munlock(&(0x7f0000ef1000/0x2000)=nil, 0x2000)
syz_io_uring_setup(0x2e00, &(0x7f0000000340)={0x0, 0xc9ba, 0x20, 0xfffffffd, 0x2000037d}, &(0x7f0000ff3000/0x4000)=nil, &(0x7f0000eee000/0x8000)=nil, &(0x7f00000001c0), &(0x7f00000003c0))
mlock2(&(0x7f0000d03000/0x1000)=nil, 0x1000, 0x1)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000080)='freezer.parent_freezing\x00', 0x0, 0x0)
move_pages(r0, 0x2, &(0x7f0000000300)=[&(0x7f0000ffd000/0x1000)=nil, &(0x7f0000f10000/0x3000)=nil], &(0x7f00000000c0), &(0x7f0000000000), 0x0)
socket$caif_seqpacket(0x25, 0x5, 0x0)
get_robust_list(r0, &(0x7f0000000180)=&(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)}, &(0x7f0000000200)=0x18)

08:23:37 executing program 2:
syz_open_procfs(0x0, &(0x7f0000000040)='mounts\x00')
syz_open_procfs(0x0, &(0x7f0000000000)='mountstats\x00')
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000040))
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000))
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000001c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1003]})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000140)={[{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}]})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000056f000/0x18000)=nil, &(0x7f0000000080)=[@text32={0x20, &(0x7f00000000c0)="66ba4000b0c2ee66bad104b829280000efea0e0000000a00b8050000000f23d80f21f835c00000a00f23f8653e65f30f21c62e0fae2b0f01c2b8060000000f23d00f21f835200000000f23f8c4c3a1cf830000000002d9f7", 0x58}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

08:23:37 executing program 5:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0xe, 0x5ee}, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x0, 0x3}, 0x0)
r0 = msgget$private(0x0, 0x0)
msgrcv(r0, &(0x7f00000002c0)=ANY=[], 0xab, 0x0, 0x0)
msgsnd(r0, &(0x7f0000000380)={0x3}, 0x8, 0x0)

08:23:37 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000)={0x2})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000001c0)={[0x4, 0x0, 0x0, 0x8, 0x1, 0x0, 0x1002]})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000056f000/0x18000)=nil, &(0x7f0000000080)=[@text32={0x20, &(0x7f00000000c0)="66ba4000b0c2ee66bad104b829280000efea0e0000000a00b8050000000f23d80f21f835c00000a00f23f8653e65f30f21c62e0fae2b0f01c2b8060000000f23d00f21f835200000000f23f8c4c3a1cf830000000002d9f7", 0x58}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

08:23:37 executing program 1:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f00000000c0)={0x38, 0x0, 0x0, 0x0, 0x5}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f00000bd000), 0x318, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, 0x0, 0x0)
lsetxattr$system_posix_acl(&(0x7f0000000100)='./file0\x00', &(0x7f00000001c0)='system.posix_acl_access\x00', &(0x7f00000002c0)=ANY=[@ANYBLOB, @ANYRES32=0xee01, @ANYBLOB="4f8ff14d", @ANYRES16, @ANYBLOB="040004000000", @ANYBLOB="08000200", @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB, @ANYBLOB="100014000000000020000400010000006ca7a82a24f9be0eea5fb45e128c3ce0bc762a"], 0x54, 0x1)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
sched_setattr(r0, &(0x7f0000000240)={0x38, 0x6, 0x8, 0x7, 0x32, 0xe6, 0x5, 0x0, 0x0, 0x7}, 0x0)
perf_event_open(&(0x7f0000000480)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
io_uring_enter(r2, 0x77e6, 0xf6df, 0x1, &(0x7f0000000040), 0x8)

08:23:37 executing program 5:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0xe, 0x5ee}, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x0, 0x3}, 0x0)
r0 = msgget$private(0x0, 0x0)
msgrcv(r0, &(0x7f00000002c0)=ANY=[], 0xab, 0x0, 0x0)
msgsnd(r0, &(0x7f0000000380)={0x3}, 0x8, 0x0)

08:23:37 executing program 0:
perf_event_open(&(0x7f0000000640)={0x2, 0x80, 0xd7, 0x0, 0x0, 0x0, 0x0, 0x2000000000, 0xa40a1, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x10000, 0x0, 0x0, 0x3, 0x1, 0xffffff7c, 0x3, 0x0, 0x2cf6ca54, 0x0, 0x7}, 0x0, 0x2, 0xffffffffffffffff, 0xb)
mmap$perf(&(0x7f0000c00000/0x400000)=nil, 0x400000, 0x3000002, 0x40032, 0xffffffffffffffff, 0x0)
mlock2(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0)
mlock2(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0)
r0 = fork()
r1 = userfaultfd(0x80000)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x543c04, 0x0)
r3 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r4 = dup3(r2, r3, 0x0)
write$binfmt_script(r1, &(0x7f0000000280)=ANY=[@ANYRESOCT=r3, @ANYRES32=r2, @ANYRESOCT, @ANYRESDEC, @ANYRESHEX=r4, @ANYRESDEC=r2], 0x9f)
munlock(&(0x7f0000ef1000/0x2000)=nil, 0x2000)
syz_io_uring_setup(0x2e00, &(0x7f0000000340)={0x0, 0xc9ba, 0x20, 0xfffffffd, 0x2000037d}, &(0x7f0000ff3000/0x4000)=nil, &(0x7f0000eee000/0x8000)=nil, &(0x7f00000001c0), &(0x7f00000003c0))
mlock2(&(0x7f0000d03000/0x1000)=nil, 0x1000, 0x1)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000080)='freezer.parent_freezing\x00', 0x0, 0x0)
move_pages(r0, 0x2, &(0x7f0000000300)=[&(0x7f0000ffd000/0x1000)=nil, &(0x7f0000f10000/0x3000)=nil], &(0x7f00000000c0), &(0x7f0000000000), 0x0)
socket$caif_seqpacket(0x25, 0x5, 0x0)
get_robust_list(r0, &(0x7f0000000180)=&(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)}, &(0x7f0000000200)=0x18)

08:23:37 executing program 2:
syz_open_procfs(0x0, &(0x7f0000000040)='mounts\x00')
syz_open_procfs(0x0, &(0x7f0000000000)='mountstats\x00')
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000040))
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000))
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000001c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1003]})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000140)={[{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}]})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000056f000/0x18000)=nil, &(0x7f0000000080)=[@text32={0x20, &(0x7f00000000c0)="66ba4000b0c2ee66bad104b829280000efea0e0000000a00b8050000000f23d80f21f835c00000a00f23f8653e65f30f21c62e0fae2b0f01c2b8060000000f23d00f21f835200000000f23f8c4c3a1cf830000000002d9f7", 0x58}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  516.964077][T17678] loop4: detected capacity change from 0 to 16
08:23:38 executing program 5:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r0 = getpid()
sched_setattr(0x0, &(0x7f0000000140)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0)
sched_setattr(r0, &(0x7f0000000240)={0x38, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000300)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$LOOP_CTL_REMOVE(r3, 0x4c81, 0x0)
ioctl$LOOP_CTL_ADD(r3, 0x4c80, 0x0)
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0xffffff38)
clock_gettime(0x0, &(0x7f00000005c0)={<r4=>0x0, <r5=>0x0})
recvmmsg(0xffffffffffffffff, &(0x7f0000000200)=[{{&(0x7f0000000040)=@xdp, 0x80, &(0x7f0000000180)=[{&(0x7f00000000c0)=""/39, 0x27}, {&(0x7f00000004c0)=""/212, 0xd4}, {&(0x7f0000001800)=""/143, 0x8f}], 0x3}, 0x481}], 0x1, 0x0, &(0x7f0000000600)={r4, r5+60000000})
socket(0x10, 0x2, 0x0)
mount$bpf(0x0, &(0x7f0000000380)='./file0\x00', &(0x7f0000000400), 0x804000, &(0x7f0000000640)={[{@mode={'mode', 0x3d, 0xa39}}, {@mode={'mode', 0x3d, 0xff}}, {@mode={'mode', 0x3d, 0x9e}}, {@mode={'mode', 0x3d, 0x8}}, {@mode={'mode', 0x3d, 0xb1fb}}, {@mode={'mode', 0x3d, 0x8}}, {@mode={'mode', 0x3d, 0x7}}, {@mode={'mode', 0x3d, 0xffff}}, {}, {@mode={'mode', 0x3d, 0x4}}, {}, {@mode={'mode', 0x3d, 0xfff}}], [{@obj_user={'obj_user', 0x3d, '\''}}, {@fsmagic={'fsmagic', 0x3d, 0x3}}, {@obj_user={'obj_user', 0x3d, ']'}}, {@permit_directio}, {@euid_lt={'euid<', 0xee01}}]})
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
mount(&(0x7f00000001c0)=ANY=[@ANYRES16=r3], &(0x7f00000003c0)='./file0\x00', &(0x7f0000000800)='vfat\x00', 0x0, &(0x7f0000000480)='permit_directio')
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x48041)

08:23:38 executing program 0:
perf_event_open(&(0x7f0000000640)={0x2, 0x80, 0xd7, 0x0, 0x0, 0x0, 0x0, 0x2000000000, 0xa40a1, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x10000, 0x0, 0x0, 0x3, 0x1, 0xffffff7c, 0x3, 0x0, 0x2cf6ca54, 0x0, 0x7}, 0x0, 0x2, 0xffffffffffffffff, 0xb)
mmap$perf(&(0x7f0000c00000/0x400000)=nil, 0x400000, 0x3000002, 0x40032, 0xffffffffffffffff, 0x0)
mlock2(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0)
mlock2(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0)
r0 = fork()
r1 = userfaultfd(0x80000)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x543c04, 0x0)
r3 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r4 = dup3(r2, r3, 0x0)
write$binfmt_script(r1, &(0x7f0000000280)=ANY=[@ANYRESOCT=r3, @ANYRES32=r2, @ANYRESOCT, @ANYRESDEC, @ANYRESHEX=r4, @ANYRESDEC=r2], 0x9f)
munlock(&(0x7f0000ef1000/0x2000)=nil, 0x2000)
syz_io_uring_setup(0x2e00, &(0x7f0000000340)={0x0, 0xc9ba, 0x20, 0xfffffffd, 0x2000037d}, &(0x7f0000ff3000/0x4000)=nil, &(0x7f0000eee000/0x8000)=nil, &(0x7f00000001c0), &(0x7f00000003c0))
mlock2(&(0x7f0000d03000/0x1000)=nil, 0x1000, 0x1)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000080)='freezer.parent_freezing\x00', 0x0, 0x0)
move_pages(r0, 0x2, &(0x7f0000000300)=[&(0x7f0000ffd000/0x1000)=nil, &(0x7f0000f10000/0x3000)=nil], &(0x7f00000000c0), &(0x7f0000000000), 0x0)
socket$caif_seqpacket(0x25, 0x5, 0x0)
get_robust_list(r0, &(0x7f0000000180)=&(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)}, &(0x7f0000000200)=0x18)

08:23:38 executing program 1:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r0 = getpid()
sched_setattr(0x0, &(0x7f0000000140)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0)
sched_setattr(r0, &(0x7f0000000240)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
unshare(0x40000000)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x10, 0xffffffffffffffff, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f00000003c0)={0x0, 0x1f03, &(0x7f0000000400)={&(0x7f0000000100)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=0x0, @ANYBLOB="6535060000000000140012800b0001006970766c616e0000040002800a000500040000000000000008000a00", @ANYRES16], 0x48}}, 0x0)
socketpair(0x0, 0x0, 0x0, 0x0)
ptrace$setregs(0xd, 0x0, 0x0, 0x0)

[  518.657629][T17716] netlink: 'syz-executor.1': attribute type 5 has an invalid length.
[  518.682280][T17716] device ipvlan0 entered promiscuous mode
[  519.243550][T17716] netlink: 'syz-executor.1': attribute type 5 has an invalid length.
[  519.255026][T17716] device ipvlan2 entered promiscuous mode
08:23:41 executing program 4:
fcntl$F_GET_FILE_RW_HINT(0xffffffffffffffff, 0x40d, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000240)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0)
sendfile(0xffffffffffffffff, r3, 0x0, 0x400000000001002a)
r4 = syz_mount_image$vfat(&(0x7f0000000400), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
r5 = openat(r4, &(0x7f000000c380)='./file0\x00', 0x84842, 0x0)
write(r5, &(0x7f0000004200)='t', 0xfff4)
sendmsg$NL80211_CMD_SET_INTERFACE(0xffffffffffffffff, &(0x7f0000001840)={&(0x7f0000000080), 0xc, &(0x7f0000001800)={&(0x7f00000001c0)=ANY=[@ANYRES64, @ANYRESDEC, @ANYRES32=0x0, @ANYRES32], 0x60}, 0x1, 0x0, 0x0, 0x44090}, 0x0)

08:23:41 executing program 5:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r0 = getpid()
sched_setattr(0x0, &(0x7f0000000140)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0)
sched_setattr(r0, &(0x7f0000000240)={0x38, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000300)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$LOOP_CTL_REMOVE(r3, 0x4c81, 0x0)
ioctl$LOOP_CTL_ADD(r3, 0x4c80, 0x0)
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0xffffff38)
clock_gettime(0x0, &(0x7f00000005c0)={<r4=>0x0, <r5=>0x0})
recvmmsg(0xffffffffffffffff, &(0x7f0000000200)=[{{&(0x7f0000000040)=@xdp, 0x80, &(0x7f0000000180)=[{&(0x7f00000000c0)=""/39, 0x27}, {&(0x7f00000004c0)=""/212, 0xd4}, {&(0x7f0000001800)=""/143, 0x8f}], 0x3}, 0x481}], 0x1, 0x0, &(0x7f0000000600)={r4, r5+60000000})
socket(0x10, 0x2, 0x0)
mount$bpf(0x0, &(0x7f0000000380)='./file0\x00', &(0x7f0000000400), 0x804000, &(0x7f0000000640)={[{@mode={'mode', 0x3d, 0xa39}}, {@mode={'mode', 0x3d, 0xff}}, {@mode={'mode', 0x3d, 0x9e}}, {@mode={'mode', 0x3d, 0x8}}, {@mode={'mode', 0x3d, 0xb1fb}}, {@mode={'mode', 0x3d, 0x8}}, {@mode={'mode', 0x3d, 0x7}}, {@mode={'mode', 0x3d, 0xffff}}, {}, {@mode={'mode', 0x3d, 0x4}}, {}, {@mode={'mode', 0x3d, 0xfff}}], [{@obj_user={'obj_user', 0x3d, '\''}}, {@fsmagic={'fsmagic', 0x3d, 0x3}}, {@obj_user={'obj_user', 0x3d, ']'}}, {@permit_directio}, {@euid_lt={'euid<', 0xee01}}]})
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
mount(&(0x7f00000001c0)=ANY=[@ANYRES16=r3], &(0x7f00000003c0)='./file0\x00', &(0x7f0000000800)='vfat\x00', 0x0, &(0x7f0000000480)='permit_directio')
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x48041)

08:23:41 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000)={0x2})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000001c0)={[0x4, 0x0, 0x0, 0x8, 0x1, 0x0, 0x1002]})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000056f000/0x18000)=nil, &(0x7f0000000080)=[@text32={0x20, &(0x7f00000000c0)="66ba4000b0c2ee66bad104b829280000efea0e0000000a00b8050000000f23d80f21f835c00000a00f23f8653e65f30f21c62e0fae2b0f01c2b8060000000f23d00f21f835200000000f23f8c4c3a1cf830000000002d9f7", 0x58}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

08:23:41 executing program 0:
perf_event_open(&(0x7f0000000640)={0x2, 0x80, 0xd7, 0x0, 0x0, 0x0, 0x0, 0x2000000000, 0xa40a1, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x10000, 0x0, 0x0, 0x3, 0x1, 0xffffff7c, 0x3, 0x0, 0x2cf6ca54, 0x0, 0x7}, 0x0, 0x2, 0xffffffffffffffff, 0xb)
mmap$perf(&(0x7f0000c00000/0x400000)=nil, 0x400000, 0x3000002, 0x40032, 0xffffffffffffffff, 0x0)
mlock2(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0)
mlock2(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0)
r0 = fork()
r1 = userfaultfd(0x80000)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x543c04, 0x0)
r3 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r4 = dup3(r2, r3, 0x0)
write$binfmt_script(r1, &(0x7f0000000280)=ANY=[@ANYRESOCT=r3, @ANYRES32=r2, @ANYRESOCT, @ANYRESDEC, @ANYRESHEX=r4, @ANYRESDEC=r2], 0x9f)
munlock(&(0x7f0000ef1000/0x2000)=nil, 0x2000)
syz_io_uring_setup(0x2e00, &(0x7f0000000340)={0x0, 0xc9ba, 0x20, 0xfffffffd, 0x2000037d}, &(0x7f0000ff3000/0x4000)=nil, &(0x7f0000eee000/0x8000)=nil, &(0x7f00000001c0), &(0x7f00000003c0))
mlock2(&(0x7f0000d03000/0x1000)=nil, 0x1000, 0x1)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000080)='freezer.parent_freezing\x00', 0x0, 0x0)
move_pages(r0, 0x2, &(0x7f0000000300)=[&(0x7f0000ffd000/0x1000)=nil, &(0x7f0000f10000/0x3000)=nil], &(0x7f00000000c0), &(0x7f0000000000), 0x0)
socket$caif_seqpacket(0x25, 0x5, 0x0)
get_robust_list(r0, &(0x7f0000000180)=&(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000000c0)}}, 0x0)

08:23:41 executing program 2:
syz_open_procfs(0x0, &(0x7f0000000040)='mounts\x00')
syz_open_procfs(0x0, &(0x7f0000000000)='mountstats\x00')
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000040)={r1})
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000))
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000001c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1003]})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000140)={[{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}]})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000056f000/0x18000)=nil, &(0x7f0000000080)=[@text32={0x20, &(0x7f00000000c0)="66ba4000b0c2ee66bad104b829280000efea0e0000000a00b8050000000f23d80f21f835c00000a00f23f8653e65f30f21c62e0fae2b0f01c2b8060000000f23d00f21f835200000000f23f8c4c3a1cf830000000002d9f7", 0x58}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

08:23:41 executing program 1:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r0 = getpid()
sched_setattr(0x0, &(0x7f0000000140)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0)
sched_setattr(r0, &(0x7f0000000240)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
unshare(0x40000000)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x10, 0xffffffffffffffff, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f00000003c0)={0x0, 0x1f03, &(0x7f0000000400)={&(0x7f0000000100)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=0x0, @ANYBLOB="6535060000000000140012800b0001006970766c616e0000040002800a000500040000000000000008000a00", @ANYRES16], 0x48}}, 0x0)
socketpair(0x0, 0x0, 0x0, 0x0)
ptrace$setregs(0xd, 0x0, 0x0, 0x0)

[  522.341694][T17810] loop4: detected capacity change from 0 to 16
[  522.368989][   T26] audit: type=1800 audit(1632817423.236:63): pid=17810 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.4" name="file0" dev="loop4" ino=31 res=0 errno=0
[  522.461872][T17804] netlink: 'syz-executor.1': attribute type 5 has an invalid length.
[  522.473667][T17804] device ipvlan2 entered promiscuous mode
08:23:43 executing program 5:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r0 = getpid()
sched_setattr(0x0, &(0x7f0000000140)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0)
sched_setattr(r0, &(0x7f0000000240)={0x38, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000300)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$LOOP_CTL_REMOVE(r3, 0x4c81, 0x0)
ioctl$LOOP_CTL_ADD(r3, 0x4c80, 0x0)
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0xffffff38)
clock_gettime(0x0, &(0x7f00000005c0)={<r4=>0x0, <r5=>0x0})
recvmmsg(0xffffffffffffffff, &(0x7f0000000200)=[{{&(0x7f0000000040)=@xdp, 0x80, &(0x7f0000000180)=[{&(0x7f00000000c0)=""/39, 0x27}, {&(0x7f00000004c0)=""/212, 0xd4}, {&(0x7f0000001800)=""/143, 0x8f}], 0x3}, 0x481}], 0x1, 0x0, &(0x7f0000000600)={r4, r5+60000000})
socket(0x10, 0x2, 0x0)
mount$bpf(0x0, &(0x7f0000000380)='./file0\x00', &(0x7f0000000400), 0x804000, &(0x7f0000000640)={[{@mode={'mode', 0x3d, 0xa39}}, {@mode={'mode', 0x3d, 0xff}}, {@mode={'mode', 0x3d, 0x9e}}, {@mode={'mode', 0x3d, 0x8}}, {@mode={'mode', 0x3d, 0xb1fb}}, {@mode={'mode', 0x3d, 0x8}}, {@mode={'mode', 0x3d, 0x7}}, {@mode={'mode', 0x3d, 0xffff}}, {}, {@mode={'mode', 0x3d, 0x4}}, {}, {@mode={'mode', 0x3d, 0xfff}}], [{@obj_user={'obj_user', 0x3d, '\''}}, {@fsmagic={'fsmagic', 0x3d, 0x3}}, {@obj_user={'obj_user', 0x3d, ']'}}, {@permit_directio}, {@euid_lt={'euid<', 0xee01}}]})
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
mount(&(0x7f00000001c0)=ANY=[@ANYRES16=r3], &(0x7f00000003c0)='./file0\x00', &(0x7f0000000800)='vfat\x00', 0x0, &(0x7f0000000480)='permit_directio')
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x48041)

08:23:43 executing program 0:
perf_event_open(&(0x7f0000000640)={0x2, 0x80, 0xd7, 0x0, 0x0, 0x0, 0x0, 0x2000000000, 0xa40a1, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x10000, 0x0, 0x0, 0x3, 0x1, 0xffffff7c, 0x3, 0x0, 0x2cf6ca54, 0x0, 0x7}, 0x0, 0x2, 0xffffffffffffffff, 0xb)
mmap$perf(&(0x7f0000c00000/0x400000)=nil, 0x400000, 0x3000002, 0x40032, 0xffffffffffffffff, 0x0)
mlock2(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0)
mlock2(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0)
r0 = fork()
r1 = userfaultfd(0x80000)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x543c04, 0x0)
r3 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r4 = dup3(r2, r3, 0x0)
write$binfmt_script(r1, &(0x7f0000000280)=ANY=[@ANYRESOCT=r3, @ANYRES32=r2, @ANYRESOCT, @ANYRESDEC, @ANYRESHEX=r4, @ANYRESDEC=r2], 0x9f)
munlock(&(0x7f0000ef1000/0x2000)=nil, 0x2000)
syz_io_uring_setup(0x2e00, &(0x7f0000000340)={0x0, 0xc9ba, 0x20, 0xfffffffd, 0x2000037d}, &(0x7f0000ff3000/0x4000)=nil, &(0x7f0000eee000/0x8000)=nil, &(0x7f00000001c0), &(0x7f00000003c0))
mlock2(&(0x7f0000d03000/0x1000)=nil, 0x1000, 0x1)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000080)='freezer.parent_freezing\x00', 0x0, 0x0)
move_pages(r0, 0x2, &(0x7f0000000300)=[&(0x7f0000ffd000/0x1000)=nil, &(0x7f0000f10000/0x3000)=nil], &(0x7f00000000c0), &(0x7f0000000000), 0x0)
socket$caif_seqpacket(0x25, 0x5, 0x0)
get_robust_list(r0, &(0x7f0000000180)=&(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000000c0)}}, 0x0)

08:23:43 executing program 4:
fcntl$F_GET_FILE_RW_HINT(0xffffffffffffffff, 0x40d, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000240)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0)
sendfile(0xffffffffffffffff, r3, 0x0, 0x400000000001002a)
r4 = syz_mount_image$vfat(&(0x7f0000000400), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
r5 = openat(r4, &(0x7f000000c380)='./file0\x00', 0x84842, 0x0)
write(r5, &(0x7f0000004200)='t', 0xfff4)
sendmsg$NL80211_CMD_SET_INTERFACE(0xffffffffffffffff, &(0x7f0000001840)={&(0x7f0000000080), 0xc, &(0x7f0000001800)={&(0x7f00000001c0)=ANY=[@ANYRES64, @ANYRESDEC, @ANYRES32=0x0, @ANYRES32], 0x60}, 0x1, 0x0, 0x0, 0x44090}, 0x0)

08:23:43 executing program 2:
syz_open_procfs(0x0, &(0x7f0000000040)='mounts\x00')
syz_open_procfs(0x0, &(0x7f0000000000)='mountstats\x00')
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000040)={r1})
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000))
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000001c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1003]})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000140)={[{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}]})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000056f000/0x18000)=nil, &(0x7f0000000080)=[@text32={0x20, &(0x7f00000000c0)="66ba4000b0c2ee66bad104b829280000efea0e0000000a00b8050000000f23d80f21f835c00000a00f23f8653e65f30f21c62e0fae2b0f01c2b8060000000f23d00f21f835200000000f23f8c4c3a1cf830000000002d9f7", 0x58}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

08:23:44 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000)={0x2})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000001c0)={[0x4, 0x0, 0x0, 0x8, 0x1, 0x0, 0x1002]})
ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000140))
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000056f000/0x18000)=nil, &(0x7f0000000080)=[@text32={0x20, &(0x7f00000000c0)="66ba4000b0c2ee66bad104b829280000efea0e0000000a00b8050000000f23d80f21f835c00000a00f23f8653e65f30f21c62e0fae2b0f01c2b8060000000f23d00f21f835200000000f23f8c4c3a1cf830000000002d9f7", 0x58}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

08:23:44 executing program 5:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r0 = getpid()
sched_setattr(0x0, &(0x7f0000000140)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0)
sched_setattr(r0, &(0x7f0000000240)={0x38, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000300)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$LOOP_CTL_REMOVE(r3, 0x4c81, 0x0)
ioctl$LOOP_CTL_ADD(r3, 0x4c80, 0x0)
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0xffffff38)
clock_gettime(0x0, &(0x7f00000005c0)={<r4=>0x0, <r5=>0x0})
recvmmsg(0xffffffffffffffff, &(0x7f0000000200)=[{{&(0x7f0000000040)=@xdp, 0x80, &(0x7f0000000180)=[{&(0x7f00000000c0)=""/39, 0x27}, {&(0x7f00000004c0)=""/212, 0xd4}, {&(0x7f0000001800)=""/143, 0x8f}], 0x3}, 0x481}], 0x1, 0x0, &(0x7f0000000600)={r4, r5+60000000})
socket(0x10, 0x2, 0x0)
mount$bpf(0x0, &(0x7f0000000380)='./file0\x00', &(0x7f0000000400), 0x804000, &(0x7f0000000640)={[{@mode={'mode', 0x3d, 0xa39}}, {@mode={'mode', 0x3d, 0xff}}, {@mode={'mode', 0x3d, 0x9e}}, {@mode={'mode', 0x3d, 0x8}}, {@mode={'mode', 0x3d, 0xb1fb}}, {@mode={'mode', 0x3d, 0x8}}, {@mode={'mode', 0x3d, 0x7}}, {@mode={'mode', 0x3d, 0xffff}}, {}, {@mode={'mode', 0x3d, 0x4}}, {}, {@mode={'mode', 0x3d, 0xfff}}], [{@obj_user={'obj_user', 0x3d, '\''}}, {@fsmagic={'fsmagic', 0x3d, 0x3}}, {@obj_user={'obj_user', 0x3d, ']'}}, {@permit_directio}, {@euid_lt={'euid<', 0xee01}}]})
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
mount(&(0x7f00000001c0)=ANY=[@ANYRES16=r3], &(0x7f00000003c0)='./file0\x00', &(0x7f0000000800)='vfat\x00', 0x0, &(0x7f0000000480)='permit_directio')
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x48041)

08:23:44 executing program 2:
syz_open_procfs(0x0, &(0x7f0000000040)='mounts\x00')
syz_open_procfs(0x0, &(0x7f0000000000)='mountstats\x00')
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000040)={r1})
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000))
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000001c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1003]})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000140)={[{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}]})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000056f000/0x18000)=nil, &(0x7f0000000080)=[@text32={0x20, &(0x7f00000000c0)="66ba4000b0c2ee66bad104b829280000efea0e0000000a00b8050000000f23d80f21f835c00000a00f23f8653e65f30f21c62e0fae2b0f01c2b8060000000f23d00f21f835200000000f23f8c4c3a1cf830000000002d9f7", 0x58}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

08:23:45 executing program 0:
perf_event_open(&(0x7f0000000640)={0x2, 0x80, 0xd7, 0x0, 0x0, 0x0, 0x0, 0x2000000000, 0xa40a1, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x10000, 0x0, 0x0, 0x3, 0x1, 0xffffff7c, 0x3, 0x0, 0x2cf6ca54, 0x0, 0x7}, 0x0, 0x2, 0xffffffffffffffff, 0xb)
mmap$perf(&(0x7f0000c00000/0x400000)=nil, 0x400000, 0x3000002, 0x40032, 0xffffffffffffffff, 0x0)
mlock2(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0)
mlock2(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0)
r0 = fork()
r1 = userfaultfd(0x80000)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x543c04, 0x0)
r3 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r4 = dup3(r2, r3, 0x0)
write$binfmt_script(r1, &(0x7f0000000280)=ANY=[@ANYRESOCT=r3, @ANYRES32=r2, @ANYRESOCT, @ANYRESDEC, @ANYRESHEX=r4, @ANYRESDEC=r2], 0x9f)
munlock(&(0x7f0000ef1000/0x2000)=nil, 0x2000)
syz_io_uring_setup(0x2e00, &(0x7f0000000340)={0x0, 0xc9ba, 0x20, 0xfffffffd, 0x2000037d}, &(0x7f0000ff3000/0x4000)=nil, &(0x7f0000eee000/0x8000)=nil, &(0x7f00000001c0), &(0x7f00000003c0))
mlock2(&(0x7f0000d03000/0x1000)=nil, 0x1000, 0x1)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000080)='freezer.parent_freezing\x00', 0x0, 0x0)
move_pages(r0, 0x2, &(0x7f0000000300)=[&(0x7f0000ffd000/0x1000)=nil, &(0x7f0000f10000/0x3000)=nil], &(0x7f00000000c0), &(0x7f0000000000), 0x0)
socket$caif_seqpacket(0x25, 0x5, 0x0)
get_robust_list(r0, &(0x7f0000000180)=&(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000000c0)}}, 0x0)

08:23:45 executing program 1:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r0 = getpid()
sched_setattr(0x0, &(0x7f0000000140)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0)
sched_setattr(r0, &(0x7f0000000240)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
unshare(0x40000000)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x10, 0xffffffffffffffff, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f00000003c0)={0x0, 0x1f03, &(0x7f0000000400)={&(0x7f0000000100)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=0x0, @ANYBLOB="6535060000000000140012800b0001006970766c616e0000040002800a000500040000000000000008000a00", @ANYRES16], 0x48}}, 0x0)
socketpair(0x0, 0x0, 0x0, 0x0)
ptrace$setregs(0xd, 0x0, 0x0, 0x0)

[  526.146839][T17910] loop4: detected capacity change from 0 to 16
[  526.258462][T17911] netlink: 'syz-executor.1': attribute type 5 has an invalid length.
[  526.270362][T17911] device ipvlan0 entered promiscuous mode
08:23:47 executing program 5:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0)
write$binfmt_script(r0, &(0x7f0000000040)=ANY=[], 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0xb00000000065808, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
accept4(0xffffffffffffffff, &(0x7f00000000c0)=@tipc=@name, &(0x7f0000000000)=0x80, 0x0)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000001c0), 0xffffffffffffffff)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f0000000700)={'wlan1\x00', <r5=>0x0})
sendmsg$NL80211_CMD_DEL_STATION(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)={0x24, r3, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_MGMT_SUBTYPE={0x5}]}, 0x24}}, 0x0)
sendfile(r2, r1, 0x0, 0x7ffff000)

08:23:47 executing program 4:
fcntl$F_GET_FILE_RW_HINT(0xffffffffffffffff, 0x40d, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000240)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0)
sendfile(0xffffffffffffffff, r3, 0x0, 0x400000000001002a)
r4 = syz_mount_image$vfat(&(0x7f0000000400), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
r5 = openat(r4, &(0x7f000000c380)='./file0\x00', 0x84842, 0x0)
write(r5, &(0x7f0000004200)='t', 0xfff4)
sendmsg$NL80211_CMD_SET_INTERFACE(0xffffffffffffffff, &(0x7f0000001840)={&(0x7f0000000080), 0xc, &(0x7f0000001800)={&(0x7f00000001c0)=ANY=[@ANYRES64, @ANYRESDEC, @ANYRES32=0x0, @ANYRES32], 0x60}, 0x1, 0x0, 0x0, 0x44090}, 0x0)

08:23:47 executing program 2:
syz_open_procfs(0x0, &(0x7f0000000040)='mounts\x00')
syz_open_procfs(0x0, &(0x7f0000000000)='mountstats\x00')
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000040)={r1})
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, 0x0)
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000))
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000001c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1003]})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000140)={[{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}]})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000056f000/0x18000)=nil, &(0x7f0000000080)=[@text32={0x20, &(0x7f00000000c0)="66ba4000b0c2ee66bad104b829280000efea0e0000000a00b8050000000f23d80f21f835c00000a00f23f8653e65f30f21c62e0fae2b0f01c2b8060000000f23d00f21f835200000000f23f8c4c3a1cf830000000002d9f7", 0x58}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

08:23:47 executing program 1:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r0 = getpid()
sched_setattr(0x0, &(0x7f0000000140)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0)
sched_setattr(r0, &(0x7f0000000240)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
unshare(0x40000000)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x10, 0xffffffffffffffff, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f00000003c0)={0x0, 0x1f03, &(0x7f0000000400)={&(0x7f0000000100)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=0x0, @ANYBLOB="6535060000000000140012800b0001006970766c616e0000040002800a000500040000000000000008000a00", @ANYRES16], 0x48}}, 0x0)
socketpair(0x0, 0x0, 0x0, 0x0)
ptrace$setregs(0xd, 0x0, 0x0, 0x0)

08:23:47 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000)={0x2})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000001c0)={[0x4, 0x0, 0x0, 0x8, 0x1, 0x0, 0x1002]})
ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000140))
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000056f000/0x18000)=nil, &(0x7f0000000080)=[@text32={0x20, &(0x7f00000000c0)="66ba4000b0c2ee66bad104b829280000efea0e0000000a00b8050000000f23d80f21f835c00000a00f23f8653e65f30f21c62e0fae2b0f01c2b8060000000f23d00f21f835200000000f23f8c4c3a1cf830000000002d9f7", 0x58}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

08:23:48 executing program 0:
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000004fc8)={0x0, 0x0, &(0x7f000000b000)={&(0x7f00000001c0)=ANY=[@ANYBLOB="240000001800210000000000000000001c140000fe00000100000000080004"], 0x24}}, 0x0)

[  527.158331][   T26] audit: type=1804 audit(1632817428.026:64): pid=17947 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor.5" name="/root/syzkaller-testdir438587163/syzkaller.m9CqSP/214/cgroup.controllers" dev="sda1" ino=13943 res=1 errno=0
[  527.186439][T17955] loop4: detected capacity change from 0 to 16
[  527.543115][   T26] audit: type=1800 audit(1632817428.106:65): pid=17955 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.4" name="file0" dev="loop4" ino=32 res=0 errno=0
08:23:48 executing program 0:
socketpair(0x21, 0x0, 0x0, &(0x7f0000000100))

08:23:48 executing program 2:
syz_open_procfs(0x0, &(0x7f0000000040)='mounts\x00')
syz_open_procfs(0x0, &(0x7f0000000000)='mountstats\x00')
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000040)={r1})
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, 0x0)
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000))
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000001c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1003]})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000140)={[{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}]})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000056f000/0x18000)=nil, &(0x7f0000000080)=[@text32={0x20, &(0x7f00000000c0)="66ba4000b0c2ee66bad104b829280000efea0e0000000a00b8050000000f23d80f21f835c00000a00f23f8653e65f30f21c62e0fae2b0f01c2b8060000000f23d00f21f835200000000f23f8c4c3a1cf830000000002d9f7", 0x58}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  527.879243][T17971] netlink: 'syz-executor.1': attribute type 5 has an invalid length.
[  527.890817][T17971] device ipvlan0 entered promiscuous mode
08:23:49 executing program 4:
fcntl$F_GET_FILE_RW_HINT(0xffffffffffffffff, 0x40d, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
sched_setattr(0x0, &(0x7f0000000140)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0)
sched_setattr(0x0, &(0x7f0000000240)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0)
sendfile(0xffffffffffffffff, r2, 0x0, 0x400000000001002a)
r3 = syz_mount_image$vfat(&(0x7f0000000400), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
r4 = openat(r3, &(0x7f000000c380)='./file0\x00', 0x84842, 0x0)
write(r4, &(0x7f0000004200)='t', 0xfff4)
sendmsg$NL80211_CMD_SET_INTERFACE(0xffffffffffffffff, &(0x7f0000001840)={&(0x7f0000000080), 0xc, &(0x7f0000001800)={&(0x7f00000001c0)=ANY=[@ANYRES64, @ANYRESDEC, @ANYRES32=0x0, @ANYRES32], 0x60}, 0x1, 0x0, 0x0, 0x44090}, 0x0)

[  528.529795][   T26] audit: type=1804 audit(1632817429.406:66): pid=17954 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=ToMToU comm="syz-executor.5" name="/root/syzkaller-testdir438587163/syzkaller.m9CqSP/214/cgroup.controllers" dev="sda1" ino=13943 res=1 errno=0
08:23:49 executing program 5:
syz_mount_image$gfs2(&(0x7f00000000c0), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, &(0x7f0000000340), 0x0, &(0x7f0000000540)={[{@ignore_local_fs}]})

08:23:49 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000)={0x2})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000001c0)={[0x4, 0x0, 0x0, 0x8, 0x1, 0x0, 0x1002]})
ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000140))
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000056f000/0x18000)=nil, &(0x7f0000000080)=[@text32={0x20, &(0x7f00000000c0)="66ba4000b0c2ee66bad104b829280000efea0e0000000a00b8050000000f23d80f21f835c00000a00f23f8653e65f30f21c62e0fae2b0f01c2b8060000000f23d00f21f835200000000f23f8c4c3a1cf830000000002d9f7", 0x58}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

08:23:49 executing program 1:
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000180)=ANY=[@ANYBLOB="500000000206010200000000000000000000000005000400000000000900020073797a3000000000050005000a000000050001000600000015000300686173683a69702c706f72742c6e6574"], 0x50}}, 0x0)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)={0x28, 0x3, 0x6, 0x5, 0x0, 0x0, {}, [@IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}]}, 0x28}}, 0x0)

08:23:49 executing program 0:
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0xb00000000065808, 0x0)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000001240)={&(0x7f0000000100)=ANY=[@ANYBLOB="440000007ee7"], 0x44}}, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket(0x11, 0x800000003, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000300)={'wlan1\x00', <r2=>0x0})
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000001240)={&(0x7f0000000040)=ANY=[@ANYBLOB="48040000", @ANYRES16=r3, @ANYBLOB="010000000000160000003b1c210008000300", @ANYRES32=r2, @ANYBLOB="2c0433005000de295b3acba512e4080211000001505050505050"], 0x448}}, 0x0)

[  528.777363][T18006] gfs2: not a GFS2 filesystem
08:23:49 executing program 2:
syz_open_procfs(0x0, &(0x7f0000000040)='mounts\x00')
syz_open_procfs(0x0, &(0x7f0000000000)='mountstats\x00')
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000040)={r1})
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, 0x0)
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000))
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000001c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1003]})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000140)={[{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}]})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000056f000/0x18000)=nil, &(0x7f0000000080)=[@text32={0x20, &(0x7f00000000c0)="66ba4000b0c2ee66bad104b829280000efea0e0000000a00b8050000000f23d80f21f835c00000a00f23f8653e65f30f21c62e0fae2b0f01c2b8060000000f23d00f21f835200000000f23f8c4c3a1cf830000000002d9f7", 0x58}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  528.863385][T18006] gfs2: not a GFS2 filesystem
08:23:49 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000)={0x2})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000140))
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000056f000/0x18000)=nil, &(0x7f0000000080)=[@text32={0x20, &(0x7f00000000c0)="66ba4000b0c2ee66bad104b829280000efea0e0000000a00b8050000000f23d80f21f835c00000a00f23f8653e65f30f21c62e0fae2b0f01c2b8060000000f23d00f21f835200000000f23f8c4c3a1cf830000000002d9f7", 0x58}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  528.955819][T18035] loop4: detected capacity change from 0 to 16
08:23:49 executing program 0:
name_to_handle_at(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x3000)

08:23:49 executing program 5:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x3ff}, 0x0)
r0 = getpid()
sched_setattr(0x0, &(0x7f0000000140)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0)
sched_setattr(r0, &(0x7f0000000240)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = syz_open_dev$tty20(0xc, 0x4, 0x1)
write$UHID_INPUT(r3, &(0x7f0000000000)={0xa, {"f1f353f0c833097c27a892e9d357cff5f8dbe89627fac0c7baa3d2367d656bce7be2201f63551726fae46c98bb9d1015f4f6c630ca5fe559381741086cf09a276956cdc7e94dadd91d4fe3b0870e56a7d380b72f9b395da9527a975ed11798f36566468a95b4b5bee90b1dc6b83f9488e226e57be4eb015b2d2c87b4a9488e1f205eab5b424225cb6cb4a89a4f644fa5a17a96b6f1b989cee896f36037d03e5533f69dfd83cda70ce02910faf8777c0a2b88df10f0385e1bc828ff019eb5a450b1e05c738079972dfc58810132a59804b823355107214232b12efc8b93d69b777eb1e6db53d9f00a72d4634edf1a514fe9840f22c9af52a3273844507f4614bf298a072f1b0292c5461596f7daaab6e60ce35b40d84f5abf83b710420cfb9332c80c9205bace3d3f81bfeec61ae2537dbb854da4131e11a12f2939c46c119fcb9695c453380c41f08b77f4e3f56f4ceb9f12d12ff852642075ad082dbc7b6e0c4201b7f5b35846e7baf3ea591daa5e175b45f2fc93dfba95837f20dd701f829811f82ef2f71447df0390048fdded6e05838edb9fad4158751321d6452a67b6f11e87aaee34a5082fe86d2fe67b5ab0ba8b9a1023316dee0db52aac7c5eaeca00fcb7df6d82b1ee05e5f17729546e25fa6882f167137c761bf4179669859e027874d20c7584d4d4db23cebc32344ea2d4305215f0e13fa3cda44c00f200f1a95bf51288722b8ee15349fd12345f70f8502f54fb659da95677679697f30ebe4b1e0ff19b9873d6de900a89f11835afe90c42df20b80dd1cb1764482d3c2bc5151abb6c6027673f3d0e6f09a6704c6754ed50886f8726329b331a40955cacc11c3ddef202996302ce8cc90896dc848c7066e82a98def0741f008a8d2a68be8979daf97c645552aa06b57aef18db7a8135768fd829f852dc6e7ff64599717f7715d75c5056c4ec5b1b75c5f6d25d53810f8a72d5b79a21ef4e5aa97fcc00fd134e1520d225a6d8e72cd819d3f064bcf336ac26e133c359830d1b326ca62071e38d465913de34a93947e3d09db2e5ced544a3f30b89fd2e0ea3bc71172ff30273a3d5cbcd4f98bd884b83f7b447f9697cfcd4e4d52379aa8aaaa97b48feb0ea03c1a9318cc87bde35d753cfe997ca98a7c203424443a3b9b6098fbf061584eed12668be29bb7491fedb3debc8970c577c14ff9ecb8e2ad6b9e36447b35925b761267e7858b78a89b9f8e248b138700763a729213a32dae8bdc25243d94aa3d717be39737a3053ad2eb4a0c07953444a1206355f46207774634c35deb3b484ec1a4ccc0b532b620593ccfaf6ea298fe0cb62b4e92d80cd248fd9c18d518c29cb6af367d7094e93d9e9ab5c2aa95a12ceb885927cb05739b060843e8b47a454d42ad8a06211ac37fc830edfe811d434b38b7602af5a05a6e2dc4c85c6622b9df9bda2363e8b2aa0fdaa4eb32d2f70dcf08106ac9601ada331a6a7337df98cc342a52a998f8f9bf372531f10fd292c22f3dcf85551cc6a66531c699a1f37d64eb9c7788e912c5e7b3949d291a557bad3199db335cc7f8aecbb97fe00d80a12273dbab8b70c2c6159e8b8f7ffffffd273bd5534e0306078e0a4472f5282b71abdd2a6b1c74dccdc34f28053c024011994323d24784518e9edb57f09602cc1a1c06d88b7b171bb3f852401eb41089c547bdb5195a0c7e73a8c47d650fd0941a7ecc6e351e5dd4499baa9a81b4a28757b2408bbdf1267629778fc977224362326bf6820628b47f6a070152be1b9b41b20ce4d26064720585746a87bfb24b744612af89fe691777451d804355d5b103838e2381aadf191e70bf6a0fabe9cc84e029582c9683384afd49e08ed99dee0a3dabf879c2938b4c2fc4213e337ac56563d0a579c153f3821691d4b21f2ae3e1343604ce8d61b4b02438e6e3bbc766671250a6cd626ffb9c333d2e52414fad4bcdf36a0e84463618875600ad3bc5859e2e29bef9b8b0c3400490fab3deef256c4fb5d608c5cba570cd2f2b8e1517928e22bd508c43cffb630e080fa0cfb1d5fcb8d2fea44419a15b96f99aadb6212bf80f50b05650b8d82109973fd4e39f8272a7bdac7afa01338201ee45d80c0da849cf0ab77b5ea93b327dbebbc46aa795a966a4737dc84afc126aa54f501462e86c06f4b3052bad341174380d689475ee1790ff162239b427567ddf7ebac9c62034d2b8285fbe07be4e04c57e8462361d04e075be4e3dce985ff8c2c252685f8afe95f3d8b4961faf8c621c31fbd2a8af095ce9fc49a3ec84cf998a7b81069b03c1eef1f14a676a34039bcefeaa6d64d168b7282bc00676765788d5891f4617f22dbcb81d4f2fd7be7b42ae3b9818505d577e7f0dcd89f669d2c15d70e292c13b525d81beee6b6870c3c8a72f7d1e3b64472bbf9087f411d9b18f80cd42872f2caeaa3fc4ec777135752418b136892f4b2603a463bedfbf13dba2ca1bcaf41e74e807877eedf15551164b041e4dc9d3022e99c2e2fac9d15906ac6a7d63bfb57d8cfee8df66a00abce56e1424ecbda3b4a9dc5f381bb7ba38b57268750a0808d39c5cbf5cea7bc55ec1e8328206028c16abf2c3eeae79359777c53718d0c6ce3c9f1b093a3db834cfeb1e146e140465345d6f0a75de4a1a8a374c2467a641f5583907c5f1639eb16cc8156f4b7e1484be957cbe1b1fcb26d443bf759b738a86ccfdff4a6076cd5056f52126b3935cf2107be04033696ef408fcbebd73a10bf8f5d728d2729fd41bcb1bf1ec315216c8c5f9dfbf366f12945f648f901d968f6ee231b98bab2ccb31303c02cf32e065dd73cd81e2b0e99e5f64b2de44eeb477a3b370b9c7aa81ef780aa9f48dadd32cefab2070df2b52a6ac7077338e7269ce5608d1d109d66e307a2c82b411c1089a3afd99a56aab8f301cfc0e541afa853769154efa1d9901fae7b1b5a54e865de2eefc5a0b26dde5eacbc51d43920a9c0f212c27e16be26cccb2477b31aa5756054c985d84200f710cca0b091849890c4e87428217e2cbc211e1bd701cf9381de83b17b617daa7941a054534c9915d951dc9278974d9092e09fdb9978bad73ad989e3565b05fc7f3791be2d7e0b67fb904d9890e71152c168c58eb54a66d7d37fd2a9aa4ebd109adc946a7eb337e3a7afb50c7a959e55bb1933188c9019bee743102a845d3503f95b53248c480fc81b6afc21a5cc3fc81f19a2d438b152b648239460c420f5cb198582be439865acfb4e7e4ce5f4e12e1b267d293609a93a0c79949315e5195f511bc231ec9735cc5c94c473467cf6e341718392a9cd7a4dcff06369dbcc5f54be4345d70563aec33a4aec74bdd64fd86d902752e9dc65fd07c77b508309336cca5574542e234346dba7ddfa2e4a8c12806418b378a5b40dc19fa910c69a8850854007677f01d299a2c916be0cc554c3386febf013a10120ed0bbe636a6b6adeb40c30540ce7426078d7117354fc0e5974ee40345cc8f70970b4ba1e40a18b288bac7e920f0c3e1ec91ccabc01762f6e0d4c49d8a5760cee1c501b85ec6e3ca5c1911fa26b9ffb52f3b66417e889616b99e89be2ef781f49d8dafa599433f369c561d55494577468d8b5b0f3fdc0135cbd43ca79063d9a3e15f23ca1677eaf94fbcf3a81ea62fc8bca1422274644ec77368ef3e05cfa311ac3a8c1a8c132c3701f797c1f0d51ec72ce7a8fab44b9ff2e4e714b52caba8d198a42bd255be3723439faad37f050c06c9fcff2bd6d9393d61ba3efcafee71645159b8c1faad79d02a4d453b98d09c46288dcfafdf82c79b6404be1b9d45d5f7f56f39d50deb58647d5faee01ae3a6dcd4465bfd908e0cbbfa73ae5725503f70f022868950ce5c0f6cd9c10bf6019e9162447b58ab2c27f0eda060efc3c894ddf731d6964d1dac70c0085e397683757abcab5c9d55d2747c58817ec259eead68c112135707ee419ae042ad0a2947e84b4ae748b1f85a585b4d18bef8a9efa2e48e7aa5f5b42bbd1ae3851ad482c3d2042eecbffb63705d36aae2ee7c7110421e4cedb3ea6857b47e5d289b280286bc34c85bfc9677501fae389c14eb4d15f08359562da54cb3a8518b3d1308eeb2f678967098ea21a3d128e5bb623e3409a8acce6346208a386f3e4f2ddd4dc6234b373d9da0fd39ca0badf742767fc8708569352eb46d5ca588037fa8522e61c83209ac943685b262d8ef3d7fd4dd7dd14377494c0b542e23c4c95151c8e1395984ad2b6df2397e098f8415be65088651426abb5cd587c253a13054ee16e8dfd0f23f0a889db7529269e807cec75f7386a5844b789183341c705fcd2b96cf80ce14a4f6422948a6c8d3d8e9d455e2d6b8b87f4696993cbc010ce10614f1dff96dc18f865b26660d27229defa822953bf392c3d920a50eb2473aa94fbced152660d57159b33f2272fe6e7e1ce6e6ba1f948b59c277f185d9a686ac0445e15e20b46c8e0ea4656d715df96425b7d4b36cb856e7c7ba3aaf620c9d10d5d96370e463d2555e0085ba94d8ffd2973e6be31d7934e771b9b82d0066011da58f147744e747a240de1978a8eca86cfa845d8eca0aa9cabdc8668c43f9862c7ee85353d289d81d744877e22d67613673905e78cfaacde5f6e43ffcd6e7d9b9d15aea0dd922977ae87b0cb51a89ef15350309b43eb5c8e79e446d9ba2bb06d74fa6aed2431a5379da9776221130c87ac36b72bc1fc03f14c78cdb8a16f2d840b2bad04bf4655a2ab3c1ef4458e401fa817704b5a88e4bb8b15cf16383b9a7e2a64de19928b16e5f7f25be0ad126c3833ace7f36f3c3d9a6836d1a4710b4995ec0c9f10001f7dfc6410b29e9d031f1d3b4b34e9b4dc3a8fb08b49a29892e68dce9309c67874ecc75d477b59e2fbf4347f3c445e49126822f4301eaee1259475cfb22566e69d9ae0d436e402f8d100439a9ca6a518d457a91087e83663c413e339a0d8d4c31c083303b46b2982015227bd7e126976d7b26a670ba78f21a8c95b05450ee149c0ae1fb7397d179c6e295d0fc57dab28e5e9bdc99acd8596a928d6ebd97316b8c60cf657bc4ca1ffe8b9a445724842cb38681acc5d5eba455d5fa19cc8c5cac15a46d6a72c9b64983a686edff27b3669d46c005879949b1980a1456e8a85fe4969acd56415f144405ed99afb16d9d652fce35b9c800b8e217517690bed18e00051868dfe8acb5b10ff49d733316bcc7b8ba77265cda37e5faed1307f8a69338090f532f463f1a9740bbcc58851bc5c85b1a129596898667e55a6882f4d0d97c456697dbe282345dec80d76443e1ec7602f523607534f429d603bc087f9b189b15e9c389456ddc04b425a553fb7ec0fa0488b85afa75f624a4cd25f8454b620b0b4fd084a6f6750dcb0a6f3ceeb033fb9dd0f253a53bc4e1dfc7f03b5000cf1fa9c5f0ecbab3257146030f77f30b160b76262b8d3de2510e0984b8192caa7856a69b93f5f53db8190bb70c7daa2b052c56d38a644eb2c69d316d505848d9258c8934b1b870844e543b771f4969e25c8e9a5f825b9aaeeac6ff1cc4e956504fd07f834800413e22da22dfdc4a0c218dadd0442d305cb436dca3d835402e0362b12d02e52ae84c2e80c9fcd7a47efd6c4bc654c8148c47a2ae50f89e729676b4ee79c96991cb4484679eb8eda3517407dd402f0d1b48fcc9551275df982e34e1ee7dd2bb646b9f2ed45bc7e770cbce36566eced4dc3ddf8665232d029e9487d64848c10e8cd2b01415d3e80519cc9b2ff3218d6f239691e4800", 0x1000}}, 0x1006)

[  529.029795][   T26] audit: type=1800 audit(1632817429.906:67): pid=18035 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.4" name="file0" dev="loop4" ino=33 res=0 errno=0
08:23:49 executing program 1:
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000180)=ANY=[@ANYBLOB="500000000206010200000000000000000000000005000400000000000900020073797a3000000000050005000a000000050001000600000015000300686173683a69702c706f72742c6e6574"], 0x50}}, 0x0)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)={0x28, 0x3, 0x6, 0x5, 0x0, 0x0, {}, [@IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}]}, 0x28}}, 0x0)

08:23:50 executing program 2:
syz_open_procfs(0x0, &(0x7f0000000040)='mounts\x00')
syz_open_procfs(0x0, &(0x7f0000000000)='mountstats\x00')
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000040)={r1})
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_PIT2(0xffffffffffffffff, 0x4040ae77, &(0x7f0000000000))
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000001c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1003]})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000140)={[{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}]})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000056f000/0x18000)=nil, &(0x7f0000000080)=[@text32={0x20, &(0x7f00000000c0)="66ba4000b0c2ee66bad104b829280000efea0e0000000a00b8050000000f23d80f21f835c00000a00f23f8653e65f30f21c62e0fae2b0f01c2b8060000000f23d00f21f835200000000f23f8c4c3a1cf830000000002d9f7", 0x58}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

08:23:50 executing program 0:
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x8, &(0x7f0000001100)=ANY=[@ANYBLOB], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, 0x0}, 0x78)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
add_key$keyring(&(0x7f0000000140), &(0x7f00000010c0)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffb)

08:23:51 executing program 4:
fcntl$F_GET_FILE_RW_HINT(0xffffffffffffffff, 0x40d, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
sched_setattr(0x0, &(0x7f0000000140)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0)
sched_setattr(0x0, &(0x7f0000000240)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0)
sendfile(0xffffffffffffffff, r2, 0x0, 0x400000000001002a)
r3 = syz_mount_image$vfat(&(0x7f0000000400), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
r4 = openat(r3, &(0x7f000000c380)='./file0\x00', 0x84842, 0x0)
write(r4, &(0x7f0000004200)='t', 0xfff4)
sendmsg$NL80211_CMD_SET_INTERFACE(0xffffffffffffffff, &(0x7f0000001840)={&(0x7f0000000080), 0xc, &(0x7f0000001800)={&(0x7f00000001c0)=ANY=[@ANYRES64, @ANYRESDEC, @ANYRES32=0x0, @ANYRES32], 0x60}, 0x1, 0x0, 0x0, 0x44090}, 0x0)

08:23:51 executing program 1:
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6}]})
ioctl$SECCOMP_IOCTL_NOTIF_SEND(0xffffffffffffffff, 0xc0182101, 0x0)
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r0, 0x40182103, &(0x7f0000000080))

08:23:51 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000)={0x2})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000140))
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000056f000/0x18000)=nil, &(0x7f0000000080)=[@text32={0x20, &(0x7f00000000c0)="66ba4000b0c2ee66bad104b829280000efea0e0000000a00b8050000000f23d80f21f835c00000a00f23f8653e65f30f21c62e0fae2b0f01c2b8060000000f23d00f21f835200000000f23f8c4c3a1cf830000000002d9f7", 0x58}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

08:23:51 executing program 5:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x3ff}, 0x0)
r0 = getpid()
sched_setattr(0x0, &(0x7f0000000140)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0)
sched_setattr(r0, &(0x7f0000000240)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = syz_open_dev$tty20(0xc, 0x4, 0x1)
write$UHID_INPUT(r3, &(0x7f0000000000)={0xa, {"f1f353f0c833097c27a892e9d357cff5f8dbe89627fac0c7baa3d2367d656bce7be2201f63551726fae46c98bb9d1015f4f6c630ca5fe559381741086cf09a276956cdc7e94dadd91d4fe3b0870e56a7d380b72f9b395da9527a975ed11798f36566468a95b4b5bee90b1dc6b83f9488e226e57be4eb015b2d2c87b4a9488e1f205eab5b424225cb6cb4a89a4f644fa5a17a96b6f1b989cee896f36037d03e5533f69dfd83cda70ce02910faf8777c0a2b88df10f0385e1bc828ff019eb5a450b1e05c738079972dfc58810132a59804b823355107214232b12efc8b93d69b777eb1e6db53d9f00a72d4634edf1a514fe9840f22c9af52a3273844507f4614bf298a072f1b0292c5461596f7daaab6e60ce35b40d84f5abf83b710420cfb9332c80c9205bace3d3f81bfeec61ae2537dbb854da4131e11a12f2939c46c119fcb9695c453380c41f08b77f4e3f56f4ceb9f12d12ff852642075ad082dbc7b6e0c4201b7f5b35846e7baf3ea591daa5e175b45f2fc93dfba95837f20dd701f829811f82ef2f71447df0390048fdded6e05838edb9fad4158751321d6452a67b6f11e87aaee34a5082fe86d2fe67b5ab0ba8b9a1023316dee0db52aac7c5eaeca00fcb7df6d82b1ee05e5f17729546e25fa6882f167137c761bf4179669859e027874d20c7584d4d4db23cebc32344ea2d4305215f0e13fa3cda44c00f200f1a95bf51288722b8ee15349fd12345f70f8502f54fb659da95677679697f30ebe4b1e0ff19b9873d6de900a89f11835afe90c42df20b80dd1cb1764482d3c2bc5151abb6c6027673f3d0e6f09a6704c6754ed50886f8726329b331a40955cacc11c3ddef202996302ce8cc90896dc848c7066e82a98def0741f008a8d2a68be8979daf97c645552aa06b57aef18db7a8135768fd829f852dc6e7ff64599717f7715d75c5056c4ec5b1b75c5f6d25d53810f8a72d5b79a21ef4e5aa97fcc00fd134e1520d225a6d8e72cd819d3f064bcf336ac26e133c359830d1b326ca62071e38d465913de34a93947e3d09db2e5ced544a3f30b89fd2e0ea3bc71172ff30273a3d5cbcd4f98bd884b83f7b447f9697cfcd4e4d52379aa8aaaa97b48feb0ea03c1a9318cc87bde35d753cfe997ca98a7c203424443a3b9b6098fbf061584eed12668be29bb7491fedb3debc8970c577c14ff9ecb8e2ad6b9e36447b35925b761267e7858b78a89b9f8e248b138700763a729213a32dae8bdc25243d94aa3d717be39737a3053ad2eb4a0c07953444a1206355f46207774634c35deb3b484ec1a4ccc0b532b620593ccfaf6ea298fe0cb62b4e92d80cd248fd9c18d518c29cb6af367d7094e93d9e9ab5c2aa95a12ceb885927cb05739b060843e8b47a454d42ad8a06211ac37fc830edfe811d434b38b7602af5a05a6e2dc4c85c6622b9df9bda2363e8b2aa0fdaa4eb32d2f70dcf08106ac9601ada331a6a7337df98cc342a52a998f8f9bf372531f10fd292c22f3dcf85551cc6a66531c699a1f37d64eb9c7788e912c5e7b3949d291a557bad3199db335cc7f8aecbb97fe00d80a12273dbab8b70c2c6159e8b8f7ffffffd273bd5534e0306078e0a4472f5282b71abdd2a6b1c74dccdc34f28053c024011994323d24784518e9edb57f09602cc1a1c06d88b7b171bb3f852401eb41089c547bdb5195a0c7e73a8c47d650fd0941a7ecc6e351e5dd4499baa9a81b4a28757b2408bbdf1267629778fc977224362326bf6820628b47f6a070152be1b9b41b20ce4d26064720585746a87bfb24b744612af89fe691777451d804355d5b103838e2381aadf191e70bf6a0fabe9cc84e029582c9683384afd49e08ed99dee0a3dabf879c2938b4c2fc4213e337ac56563d0a579c153f3821691d4b21f2ae3e1343604ce8d61b4b02438e6e3bbc766671250a6cd626ffb9c333d2e52414fad4bcdf36a0e84463618875600ad3bc5859e2e29bef9b8b0c3400490fab3deef256c4fb5d608c5cba570cd2f2b8e1517928e22bd508c43cffb630e080fa0cfb1d5fcb8d2fea44419a15b96f99aadb6212bf80f50b05650b8d82109973fd4e39f8272a7bdac7afa01338201ee45d80c0da849cf0ab77b5ea93b327dbebbc46aa795a966a4737dc84afc126aa54f501462e86c06f4b3052bad341174380d689475ee1790ff162239b427567ddf7ebac9c62034d2b8285fbe07be4e04c57e8462361d04e075be4e3dce985ff8c2c252685f8afe95f3d8b4961faf8c621c31fbd2a8af095ce9fc49a3ec84cf998a7b81069b03c1eef1f14a676a34039bcefeaa6d64d168b7282bc00676765788d5891f4617f22dbcb81d4f2fd7be7b42ae3b9818505d577e7f0dcd89f669d2c15d70e292c13b525d81beee6b6870c3c8a72f7d1e3b64472bbf9087f411d9b18f80cd42872f2caeaa3fc4ec777135752418b136892f4b2603a463bedfbf13dba2ca1bcaf41e74e807877eedf15551164b041e4dc9d3022e99c2e2fac9d15906ac6a7d63bfb57d8cfee8df66a00abce56e1424ecbda3b4a9dc5f381bb7ba38b57268750a0808d39c5cbf5cea7bc55ec1e8328206028c16abf2c3eeae79359777c53718d0c6ce3c9f1b093a3db834cfeb1e146e140465345d6f0a75de4a1a8a374c2467a641f5583907c5f1639eb16cc8156f4b7e1484be957cbe1b1fcb26d443bf759b738a86ccfdff4a6076cd5056f52126b3935cf2107be04033696ef408fcbebd73a10bf8f5d728d2729fd41bcb1bf1ec315216c8c5f9dfbf366f12945f648f901d968f6ee231b98bab2ccb31303c02cf32e065dd73cd81e2b0e99e5f64b2de44eeb477a3b370b9c7aa81ef780aa9f48dadd32cefab2070df2b52a6ac7077338e7269ce5608d1d109d66e307a2c82b411c1089a3afd99a56aab8f301cfc0e541afa853769154efa1d9901fae7b1b5a54e865de2eefc5a0b26dde5eacbc51d43920a9c0f212c27e16be26cccb2477b31aa5756054c985d84200f710cca0b091849890c4e87428217e2cbc211e1bd701cf9381de83b17b617daa7941a054534c9915d951dc9278974d9092e09fdb9978bad73ad989e3565b05fc7f3791be2d7e0b67fb904d9890e71152c168c58eb54a66d7d37fd2a9aa4ebd109adc946a7eb337e3a7afb50c7a959e55bb1933188c9019bee743102a845d3503f95b53248c480fc81b6afc21a5cc3fc81f19a2d438b152b648239460c420f5cb198582be439865acfb4e7e4ce5f4e12e1b267d293609a93a0c79949315e5195f511bc231ec9735cc5c94c473467cf6e341718392a9cd7a4dcff06369dbcc5f54be4345d70563aec33a4aec74bdd64fd86d902752e9dc65fd07c77b508309336cca5574542e234346dba7ddfa2e4a8c12806418b378a5b40dc19fa910c69a8850854007677f01d299a2c916be0cc554c3386febf013a10120ed0bbe636a6b6adeb40c30540ce7426078d7117354fc0e5974ee40345cc8f70970b4ba1e40a18b288bac7e920f0c3e1ec91ccabc01762f6e0d4c49d8a5760cee1c501b85ec6e3ca5c1911fa26b9ffb52f3b66417e889616b99e89be2ef781f49d8dafa599433f369c561d55494577468d8b5b0f3fdc0135cbd43ca79063d9a3e15f23ca1677eaf94fbcf3a81ea62fc8bca1422274644ec77368ef3e05cfa311ac3a8c1a8c132c3701f797c1f0d51ec72ce7a8fab44b9ff2e4e714b52caba8d198a42bd255be3723439faad37f050c06c9fcff2bd6d9393d61ba3efcafee71645159b8c1faad79d02a4d453b98d09c46288dcfafdf82c79b6404be1b9d45d5f7f56f39d50deb58647d5faee01ae3a6dcd4465bfd908e0cbbfa73ae5725503f70f022868950ce5c0f6cd9c10bf6019e9162447b58ab2c27f0eda060efc3c894ddf731d6964d1dac70c0085e397683757abcab5c9d55d2747c58817ec259eead68c112135707ee419ae042ad0a2947e84b4ae748b1f85a585b4d18bef8a9efa2e48e7aa5f5b42bbd1ae3851ad482c3d2042eecbffb63705d36aae2ee7c7110421e4cedb3ea6857b47e5d289b280286bc34c85bfc9677501fae389c14eb4d15f08359562da54cb3a8518b3d1308eeb2f678967098ea21a3d128e5bb623e3409a8acce6346208a386f3e4f2ddd4dc6234b373d9da0fd39ca0badf742767fc8708569352eb46d5ca588037fa8522e61c83209ac943685b262d8ef3d7fd4dd7dd14377494c0b542e23c4c95151c8e1395984ad2b6df2397e098f8415be65088651426abb5cd587c253a13054ee16e8dfd0f23f0a889db7529269e807cec75f7386a5844b789183341c705fcd2b96cf80ce14a4f6422948a6c8d3d8e9d455e2d6b8b87f4696993cbc010ce10614f1dff96dc18f865b26660d27229defa822953bf392c3d920a50eb2473aa94fbced152660d57159b33f2272fe6e7e1ce6e6ba1f948b59c277f185d9a686ac0445e15e20b46c8e0ea4656d715df96425b7d4b36cb856e7c7ba3aaf620c9d10d5d96370e463d2555e0085ba94d8ffd2973e6be31d7934e771b9b82d0066011da58f147744e747a240de1978a8eca86cfa845d8eca0aa9cabdc8668c43f9862c7ee85353d289d81d744877e22d67613673905e78cfaacde5f6e43ffcd6e7d9b9d15aea0dd922977ae87b0cb51a89ef15350309b43eb5c8e79e446d9ba2bb06d74fa6aed2431a5379da9776221130c87ac36b72bc1fc03f14c78cdb8a16f2d840b2bad04bf4655a2ab3c1ef4458e401fa817704b5a88e4bb8b15cf16383b9a7e2a64de19928b16e5f7f25be0ad126c3833ace7f36f3c3d9a6836d1a4710b4995ec0c9f10001f7dfc6410b29e9d031f1d3b4b34e9b4dc3a8fb08b49a29892e68dce9309c67874ecc75d477b59e2fbf4347f3c445e49126822f4301eaee1259475cfb22566e69d9ae0d436e402f8d100439a9ca6a518d457a91087e83663c413e339a0d8d4c31c083303b46b2982015227bd7e126976d7b26a670ba78f21a8c95b05450ee149c0ae1fb7397d179c6e295d0fc57dab28e5e9bdc99acd8596a928d6ebd97316b8c60cf657bc4ca1ffe8b9a445724842cb38681acc5d5eba455d5fa19cc8c5cac15a46d6a72c9b64983a686edff27b3669d46c005879949b1980a1456e8a85fe4969acd56415f144405ed99afb16d9d652fce35b9c800b8e217517690bed18e00051868dfe8acb5b10ff49d733316bcc7b8ba77265cda37e5faed1307f8a69338090f532f463f1a9740bbcc58851bc5c85b1a129596898667e55a6882f4d0d97c456697dbe282345dec80d76443e1ec7602f523607534f429d603bc087f9b189b15e9c389456ddc04b425a553fb7ec0fa0488b85afa75f624a4cd25f8454b620b0b4fd084a6f6750dcb0a6f3ceeb033fb9dd0f253a53bc4e1dfc7f03b5000cf1fa9c5f0ecbab3257146030f77f30b160b76262b8d3de2510e0984b8192caa7856a69b93f5f53db8190bb70c7daa2b052c56d38a644eb2c69d316d505848d9258c8934b1b870844e543b771f4969e25c8e9a5f825b9aaeeac6ff1cc4e956504fd07f834800413e22da22dfdc4a0c218dadd0442d305cb436dca3d835402e0362b12d02e52ae84c2e80c9fcd7a47efd6c4bc654c8148c47a2ae50f89e729676b4ee79c96991cb4484679eb8eda3517407dd402f0d1b48fcc9551275df982e34e1ee7dd2bb646b9f2ed45bc7e770cbce36566eced4dc3ddf8665232d029e9487d64848c10e8cd2b01415d3e80519cc9b2ff3218d6f239691e4800", 0x1000}}, 0x1006)

08:23:51 executing program 0:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x3ff}, 0x0)
r0 = getpid()
sched_setattr(0x0, &(0x7f0000000140)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0)
sched_setattr(r0, &(0x7f0000000240)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = syz_open_dev$tty20(0xc, 0x4, 0x1)
write$UHID_INPUT(r3, &(0x7f0000000000)={0xa, {"f1f353f0c833097c27a892e9d357cff5f8dbe89627fac0c7baa3d2367d656bce7be2201f63551726fae46c98bb9d1015f4f6c630ca5fe559381741086cf09a276956cdc7e94dadd91d4fe3b0870e56a7d380b72f9b395da9527a975ed11798f36566468a95b4b5bee90b1dc6b83f9488e226e57be4eb015b2d2c87b4a9488e1f205eab5b424225cb6cb4a89a4f644fa5a17a96b6f1b989cee896f36037d03e5533f69dfd83cda70ce02910faf8777c0a2b88df10f0385e1bc828ff019eb5a450b1e05c738079972dfc58810132a59804b823355107214232b12efc8b93d69b777eb1e6db53d9f00a72d4634edf1a514fe9840f22c9af52a3273844507f4614bf298a072f1b0292c5461596f7daaab6e60ce35b40d84f5abf83b710420cfb9332c80c9205bace3d3f81bfeec61ae2537dbb854da4131e11a12f2939c46c119fcb9695c453380c41f08b77f4e3f56f4ceb9f12d12ff852642075ad082dbc7b6e0c4201b7f5b35846e7baf3ea591daa5e175b45f2fc93dfba95837f20dd701f829811f82ef2f71447df0390048fdded6e05838edb9fad4158751321d6452a67b6f11e87aaee34a5082fe86d2fe67b5ab0ba8b9a1023316dee0db52aac7c5eaeca00fcb7df6d82b1ee05e5f17729546e25fa6882f167137c761bf4179669859e027874d20c7584d4d4db23cebc32344ea2d4305215f0e13fa3cda44c00f200f1a95bf51288722b8ee15349fd12345f70f8502f54fb659da95677679697f30ebe4b1e0ff19b9873d6de900a89f11835afe90c42df20b80dd1cb1764482d3c2bc5151abb6c6027673f3d0e6f09a6704c6754ed50886f8726329b331a40955cacc11c3ddef202996302ce8cc90896dc848c7066e82a98def0741f008a8d2a68be8979daf97c645552aa06b57aef18db7a8135768fd829f852dc6e7ff64599717f7715d75c5056c4ec5b1b75c5f6d25d53810f8a72d5b79a21ef4e5aa97fcc00fd134e1520d225a6d8e72cd819d3f064bcf336ac26e133c359830d1b326ca62071e38d465913de34a93947e3d09db2e5ced544a3f30b89fd2e0ea3bc71172ff30273a3d5cbcd4f98bd884b83f7b447f9697cfcd4e4d52379aa8aaaa97b48feb0ea03c1a9318cc87bde35d753cfe997ca98a7c203424443a3b9b6098fbf061584eed12668be29bb7491fedb3debc8970c577c14ff9ecb8e2ad6b9e36447b35925b761267e7858b78a89b9f8e248b138700763a729213a32dae8bdc25243d94aa3d717be39737a3053ad2eb4a0c07953444a1206355f46207774634c35deb3b484ec1a4ccc0b532b620593ccfaf6ea298fe0cb62b4e92d80cd248fd9c18d518c29cb6af367d7094e93d9e9ab5c2aa95a12ceb885927cb05739b060843e8b47a454d42ad8a06211ac37fc830edfe811d434b38b7602af5a05a6e2dc4c85c6622b9df9bda2363e8b2aa0fdaa4eb32d2f70dcf08106ac9601ada331a6a7337df98cc342a52a998f8f9bf372531f10fd292c22f3dcf85551cc6a66531c699a1f37d64eb9c7788e912c5e7b3949d291a557bad3199db335cc7f8aecbb97fe00d80a12273dbab8b70c2c6159e8b8f7ffffffd273bd5534e0306078e0a4472f5282b71abdd2a6b1c74dccdc34f28053c024011994323d24784518e9edb57f09602cc1a1c06d88b7b171bb3f852401eb41089c547bdb5195a0c7e73a8c47d650fd0941a7ecc6e351e5dd4499baa9a81b4a28757b2408bbdf1267629778fc977224362326bf6820628b47f6a070152be1b9b41b20ce4d26064720585746a87bfb24b744612af89fe691777451d804355d5b103838e2381aadf191e70bf6a0fabe9cc84e029582c9683384afd49e08ed99dee0a3dabf879c2938b4c2fc4213e337ac56563d0a579c153f3821691d4b21f2ae3e1343604ce8d61b4b02438e6e3bbc766671250a6cd626ffb9c333d2e52414fad4bcdf36a0e84463618875600ad3bc5859e2e29bef9b8b0c3400490fab3deef256c4fb5d608c5cba570cd2f2b8e1517928e22bd508c43cffb630e080fa0cfb1d5fcb8d2fea44419a15b96f99aadb6212bf80f50b05650b8d82109973fd4e39f8272a7bdac7afa01338201ee45d80c0da849cf0ab77b5ea93b327dbebbc46aa795a966a4737dc84afc126aa54f501462e86c06f4b3052bad341174380d689475ee1790ff162239b427567ddf7ebac9c62034d2b8285fbe07be4e04c57e8462361d04e075be4e3dce985ff8c2c252685f8afe95f3d8b4961faf8c621c31fbd2a8af095ce9fc49a3ec84cf998a7b81069b03c1eef1f14a676a34039bcefeaa6d64d168b7282bc00676765788d5891f4617f22dbcb81d4f2fd7be7b42ae3b9818505d577e7f0dcd89f669d2c15d70e292c13b525d81beee6b6870c3c8a72f7d1e3b64472bbf9087f411d9b18f80cd42872f2caeaa3fc4ec777135752418b136892f4b2603a463bedfbf13dba2ca1bcaf41e74e807877eedf15551164b041e4dc9d3022e99c2e2fac9d15906ac6a7d63bfb57d8cfee8df66a00abce56e1424ecbda3b4a9dc5f381bb7ba38b57268750a0808d39c5cbf5cea7bc55ec1e8328206028c16abf2c3eeae79359777c53718d0c6ce3c9f1b093a3db834cfeb1e146e140465345d6f0a75de4a1a8a374c2467a641f5583907c5f1639eb16cc8156f4b7e1484be957cbe1b1fcb26d443bf759b738a86ccfdff4a6076cd5056f52126b3935cf2107be04033696ef408fcbebd73a10bf8f5d728d2729fd41bcb1bf1ec315216c8c5f9dfbf366f12945f648f901d968f6ee231b98bab2ccb31303c02cf32e065dd73cd81e2b0e99e5f64b2de44eeb477a3b370b9c7aa81ef780aa9f48dadd32cefab2070df2b52a6ac7077338e7269ce5608d1d109d66e307a2c82b411c1089a3afd99a56aab8f301cfc0e541afa853769154efa1d9901fae7b1b5a54e865de2eefc5a0b26dde5eacbc51d43920a9c0f212c27e16be26cccb2477b31aa5756054c985d84200f710cca0b091849890c4e87428217e2cbc211e1bd701cf9381de83b17b617daa7941a054534c9915d951dc9278974d9092e09fdb9978bad73ad989e3565b05fc7f3791be2d7e0b67fb904d9890e71152c168c58eb54a66d7d37fd2a9aa4ebd109adc946a7eb337e3a7afb50c7a959e55bb1933188c9019bee743102a845d3503f95b53248c480fc81b6afc21a5cc3fc81f19a2d438b152b648239460c420f5cb198582be439865acfb4e7e4ce5f4e12e1b267d293609a93a0c79949315e5195f511bc231ec9735cc5c94c473467cf6e341718392a9cd7a4dcff06369dbcc5f54be4345d70563aec33a4aec74bdd64fd86d902752e9dc65fd07c77b508309336cca5574542e234346dba7ddfa2e4a8c12806418b378a5b40dc19fa910c69a8850854007677f01d299a2c916be0cc554c3386febf013a10120ed0bbe636a6b6adeb40c30540ce7426078d7117354fc0e5974ee40345cc8f70970b4ba1e40a18b288bac7e920f0c3e1ec91ccabc01762f6e0d4c49d8a5760cee1c501b85ec6e3ca5c1911fa26b9ffb52f3b66417e889616b99e89be2ef781f49d8dafa599433f369c561d55494577468d8b5b0f3fdc0135cbd43ca79063d9a3e15f23ca1677eaf94fbcf3a81ea62fc8bca1422274644ec77368ef3e05cfa311ac3a8c1a8c132c3701f797c1f0d51ec72ce7a8fab44b9ff2e4e714b52caba8d198a42bd255be3723439faad37f050c06c9fcff2bd6d9393d61ba3efcafee71645159b8c1faad79d02a4d453b98d09c46288dcfafdf82c79b6404be1b9d45d5f7f56f39d50deb58647d5faee01ae3a6dcd4465bfd908e0cbbfa73ae5725503f70f022868950ce5c0f6cd9c10bf6019e9162447b58ab2c27f0eda060efc3c894ddf731d6964d1dac70c0085e397683757abcab5c9d55d2747c58817ec259eead68c112135707ee419ae042ad0a2947e84b4ae748b1f85a585b4d18bef8a9efa2e48e7aa5f5b42bbd1ae3851ad482c3d2042eecbffb63705d36aae2ee7c7110421e4cedb3ea6857b47e5d289b280286bc34c85bfc9677501fae389c14eb4d15f08359562da54cb3a8518b3d1308eeb2f678967098ea21a3d128e5bb623e3409a8acce6346208a386f3e4f2ddd4dc6234b373d9da0fd39ca0badf742767fc8708569352eb46d5ca588037fa8522e61c83209ac943685b262d8ef3d7fd4dd7dd14377494c0b542e23c4c95151c8e1395984ad2b6df2397e098f8415be65088651426abb5cd587c253a13054ee16e8dfd0f23f0a889db7529269e807cec75f7386a5844b789183341c705fcd2b96cf80ce14a4f6422948a6c8d3d8e9d455e2d6b8b87f4696993cbc010ce10614f1dff96dc18f865b26660d27229defa822953bf392c3d920a50eb2473aa94fbced152660d57159b33f2272fe6e7e1ce6e6ba1f948b59c277f185d9a686ac0445e15e20b46c8e0ea4656d715df96425b7d4b36cb856e7c7ba3aaf620c9d10d5d96370e463d2555e0085ba94d8ffd2973e6be31d7934e771b9b82d0066011da58f147744e747a240de1978a8eca86cfa845d8eca0aa9cabdc8668c43f9862c7ee85353d289d81d744877e22d67613673905e78cfaacde5f6e43ffcd6e7d9b9d15aea0dd922977ae87b0cb51a89ef15350309b43eb5c8e79e446d9ba2bb06d74fa6aed2431a5379da9776221130c87ac36b72bc1fc03f14c78cdb8a16f2d840b2bad04bf4655a2ab3c1ef4458e401fa817704b5a88e4bb8b15cf16383b9a7e2a64de19928b16e5f7f25be0ad126c3833ace7f36f3c3d9a6836d1a4710b4995ec0c9f10001f7dfc6410b29e9d031f1d3b4b34e9b4dc3a8fb08b49a29892e68dce9309c67874ecc75d477b59e2fbf4347f3c445e49126822f4301eaee1259475cfb22566e69d9ae0d436e402f8d100439a9ca6a518d457a91087e83663c413e339a0d8d4c31c083303b46b2982015227bd7e126976d7b26a670ba78f21a8c95b05450ee149c0ae1fb7397d179c6e295d0fc57dab28e5e9bdc99acd8596a928d6ebd97316b8c60cf657bc4ca1ffe8b9a445724842cb38681acc5d5eba455d5fa19cc8c5cac15a46d6a72c9b64983a686edff27b3669d46c005879949b1980a1456e8a85fe4969acd56415f144405ed99afb16d9d652fce35b9c800b8e217517690bed18e00051868dfe8acb5b10ff49d733316bcc7b8ba77265cda37e5faed1307f8a69338090f532f463f1a9740bbcc58851bc5c85b1a129596898667e55a6882f4d0d97c456697dbe282345dec80d76443e1ec7602f523607534f429d603bc087f9b189b15e9c389456ddc04b425a553fb7ec0fa0488b85afa75f624a4cd25f8454b620b0b4fd084a6f6750dcb0a6f3ceeb033fb9dd0f253a53bc4e1dfc7f03b5000cf1fa9c5f0ecbab3257146030f77f30b160b76262b8d3de2510e0984b8192caa7856a69b93f5f53db8190bb70c7daa2b052c56d38a644eb2c69d316d505848d9258c8934b1b870844e543b771f4969e25c8e9a5f825b9aaeeac6ff1cc4e956504fd07f834800413e22da22dfdc4a0c218dadd0442d305cb436dca3d835402e0362b12d02e52ae84c2e80c9fcd7a47efd6c4bc654c8148c47a2ae50f89e729676b4ee79c96991cb4484679eb8eda3517407dd402f0d1b48fcc9551275df982e34e1ee7dd2bb646b9f2ed45bc7e770cbce36566eced4dc3ddf8665232d029e9487d64848c10e8cd2b01415d3e80519cc9b2ff3218d6f239691e4800", 0x1000}}, 0x1006)

08:23:51 executing program 2:
syz_open_procfs(0x0, &(0x7f0000000040)='mounts\x00')
syz_open_procfs(0x0, &(0x7f0000000000)='mountstats\x00')
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000040)={r1})
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_PIT2(0xffffffffffffffff, 0x4040ae77, &(0x7f0000000000))
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000001c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1003]})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000140)={[{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}]})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000056f000/0x18000)=nil, &(0x7f0000000080)=[@text32={0x20, &(0x7f00000000c0)="66ba4000b0c2ee66bad104b829280000efea0e0000000a00b8050000000f23d80f21f835c00000a00f23f8653e65f30f21c62e0fae2b0f01c2b8060000000f23d00f21f835200000000f23f8c4c3a1cf830000000002d9f7", 0x58}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

08:23:53 executing program 0:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x3ff}, 0x0)
r0 = getpid()
sched_setattr(0x0, &(0x7f0000000140)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0)
sched_setattr(r0, &(0x7f0000000240)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = syz_open_dev$tty20(0xc, 0x4, 0x1)
write$UHID_INPUT(r3, &(0x7f0000000000)={0xa, {"f1f353f0c833097c27a892e9d357cff5f8dbe89627fac0c7baa3d2367d656bce7be2201f63551726fae46c98bb9d1015f4f6c630ca5fe559381741086cf09a276956cdc7e94dadd91d4fe3b0870e56a7d380b72f9b395da9527a975ed11798f36566468a95b4b5bee90b1dc6b83f9488e226e57be4eb015b2d2c87b4a9488e1f205eab5b424225cb6cb4a89a4f644fa5a17a96b6f1b989cee896f36037d03e5533f69dfd83cda70ce02910faf8777c0a2b88df10f0385e1bc828ff019eb5a450b1e05c738079972dfc58810132a59804b823355107214232b12efc8b93d69b777eb1e6db53d9f00a72d4634edf1a514fe9840f22c9af52a3273844507f4614bf298a072f1b0292c5461596f7daaab6e60ce35b40d84f5abf83b710420cfb9332c80c9205bace3d3f81bfeec61ae2537dbb854da4131e11a12f2939c46c119fcb9695c453380c41f08b77f4e3f56f4ceb9f12d12ff852642075ad082dbc7b6e0c4201b7f5b35846e7baf3ea591daa5e175b45f2fc93dfba95837f20dd701f829811f82ef2f71447df0390048fdded6e05838edb9fad4158751321d6452a67b6f11e87aaee34a5082fe86d2fe67b5ab0ba8b9a1023316dee0db52aac7c5eaeca00fcb7df6d82b1ee05e5f17729546e25fa6882f167137c761bf4179669859e027874d20c7584d4d4db23cebc32344ea2d4305215f0e13fa3cda44c00f200f1a95bf51288722b8ee15349fd12345f70f8502f54fb659da95677679697f30ebe4b1e0ff19b9873d6de900a89f11835afe90c42df20b80dd1cb1764482d3c2bc5151abb6c6027673f3d0e6f09a6704c6754ed50886f8726329b331a40955cacc11c3ddef202996302ce8cc90896dc848c7066e82a98def0741f008a8d2a68be8979daf97c645552aa06b57aef18db7a8135768fd829f852dc6e7ff64599717f7715d75c5056c4ec5b1b75c5f6d25d53810f8a72d5b79a21ef4e5aa97fcc00fd134e1520d225a6d8e72cd819d3f064bcf336ac26e133c359830d1b326ca62071e38d465913de34a93947e3d09db2e5ced544a3f30b89fd2e0ea3bc71172ff30273a3d5cbcd4f98bd884b83f7b447f9697cfcd4e4d52379aa8aaaa97b48feb0ea03c1a9318cc87bde35d753cfe997ca98a7c203424443a3b9b6098fbf061584eed12668be29bb7491fedb3debc8970c577c14ff9ecb8e2ad6b9e36447b35925b761267e7858b78a89b9f8e248b138700763a729213a32dae8bdc25243d94aa3d717be39737a3053ad2eb4a0c07953444a1206355f46207774634c35deb3b484ec1a4ccc0b532b620593ccfaf6ea298fe0cb62b4e92d80cd248fd9c18d518c29cb6af367d7094e93d9e9ab5c2aa95a12ceb885927cb05739b060843e8b47a454d42ad8a06211ac37fc830edfe811d434b38b7602af5a05a6e2dc4c85c6622b9df9bda2363e8b2aa0fdaa4eb32d2f70dcf08106ac9601ada331a6a7337df98cc342a52a998f8f9bf372531f10fd292c22f3dcf85551cc6a66531c699a1f37d64eb9c7788e912c5e7b3949d291a557bad3199db335cc7f8aecbb97fe00d80a12273dbab8b70c2c6159e8b8f7ffffffd273bd5534e0306078e0a4472f5282b71abdd2a6b1c74dccdc34f28053c024011994323d24784518e9edb57f09602cc1a1c06d88b7b171bb3f852401eb41089c547bdb5195a0c7e73a8c47d650fd0941a7ecc6e351e5dd4499baa9a81b4a28757b2408bbdf1267629778fc977224362326bf6820628b47f6a070152be1b9b41b20ce4d26064720585746a87bfb24b744612af89fe691777451d804355d5b103838e2381aadf191e70bf6a0fabe9cc84e029582c9683384afd49e08ed99dee0a3dabf879c2938b4c2fc4213e337ac56563d0a579c153f3821691d4b21f2ae3e1343604ce8d61b4b02438e6e3bbc766671250a6cd626ffb9c333d2e52414fad4bcdf36a0e84463618875600ad3bc5859e2e29bef9b8b0c3400490fab3deef256c4fb5d608c5cba570cd2f2b8e1517928e22bd508c43cffb630e080fa0cfb1d5fcb8d2fea44419a15b96f99aadb6212bf80f50b05650b8d82109973fd4e39f8272a7bdac7afa01338201ee45d80c0da849cf0ab77b5ea93b327dbebbc46aa795a966a4737dc84afc126aa54f501462e86c06f4b3052bad341174380d689475ee1790ff162239b427567ddf7ebac9c62034d2b8285fbe07be4e04c57e8462361d04e075be4e3dce985ff8c2c252685f8afe95f3d8b4961faf8c621c31fbd2a8af095ce9fc49a3ec84cf998a7b81069b03c1eef1f14a676a34039bcefeaa6d64d168b7282bc00676765788d5891f4617f22dbcb81d4f2fd7be7b42ae3b9818505d577e7f0dcd89f669d2c15d70e292c13b525d81beee6b6870c3c8a72f7d1e3b64472bbf9087f411d9b18f80cd42872f2caeaa3fc4ec777135752418b136892f4b2603a463bedfbf13dba2ca1bcaf41e74e807877eedf15551164b041e4dc9d3022e99c2e2fac9d15906ac6a7d63bfb57d8cfee8df66a00abce56e1424ecbda3b4a9dc5f381bb7ba38b57268750a0808d39c5cbf5cea7bc55ec1e8328206028c16abf2c3eeae79359777c53718d0c6ce3c9f1b093a3db834cfeb1e146e140465345d6f0a75de4a1a8a374c2467a641f5583907c5f1639eb16cc8156f4b7e1484be957cbe1b1fcb26d443bf759b738a86ccfdff4a6076cd5056f52126b3935cf2107be04033696ef408fcbebd73a10bf8f5d728d2729fd41bcb1bf1ec315216c8c5f9dfbf366f12945f648f901d968f6ee231b98bab2ccb31303c02cf32e065dd73cd81e2b0e99e5f64b2de44eeb477a3b370b9c7aa81ef780aa9f48dadd32cefab2070df2b52a6ac7077338e7269ce5608d1d109d66e307a2c82b411c1089a3afd99a56aab8f301cfc0e541afa853769154efa1d9901fae7b1b5a54e865de2eefc5a0b26dde5eacbc51d43920a9c0f212c27e16be26cccb2477b31aa5756054c985d84200f710cca0b091849890c4e87428217e2cbc211e1bd701cf9381de83b17b617daa7941a054534c9915d951dc9278974d9092e09fdb9978bad73ad989e3565b05fc7f3791be2d7e0b67fb904d9890e71152c168c58eb54a66d7d37fd2a9aa4ebd109adc946a7eb337e3a7afb50c7a959e55bb1933188c9019bee743102a845d3503f95b53248c480fc81b6afc21a5cc3fc81f19a2d438b152b648239460c420f5cb198582be439865acfb4e7e4ce5f4e12e1b267d293609a93a0c79949315e5195f511bc231ec9735cc5c94c473467cf6e341718392a9cd7a4dcff06369dbcc5f54be4345d70563aec33a4aec74bdd64fd86d902752e9dc65fd07c77b508309336cca5574542e234346dba7ddfa2e4a8c12806418b378a5b40dc19fa910c69a8850854007677f01d299a2c916be0cc554c3386febf013a10120ed0bbe636a6b6adeb40c30540ce7426078d7117354fc0e5974ee40345cc8f70970b4ba1e40a18b288bac7e920f0c3e1ec91ccabc01762f6e0d4c49d8a5760cee1c501b85ec6e3ca5c1911fa26b9ffb52f3b66417e889616b99e89be2ef781f49d8dafa599433f369c561d55494577468d8b5b0f3fdc0135cbd43ca79063d9a3e15f23ca1677eaf94fbcf3a81ea62fc8bca1422274644ec77368ef3e05cfa311ac3a8c1a8c132c3701f797c1f0d51ec72ce7a8fab44b9ff2e4e714b52caba8d198a42bd255be3723439faad37f050c06c9fcff2bd6d9393d61ba3efcafee71645159b8c1faad79d02a4d453b98d09c46288dcfafdf82c79b6404be1b9d45d5f7f56f39d50deb58647d5faee01ae3a6dcd4465bfd908e0cbbfa73ae5725503f70f022868950ce5c0f6cd9c10bf6019e9162447b58ab2c27f0eda060efc3c894ddf731d6964d1dac70c0085e397683757abcab5c9d55d2747c58817ec259eead68c112135707ee419ae042ad0a2947e84b4ae748b1f85a585b4d18bef8a9efa2e48e7aa5f5b42bbd1ae3851ad482c3d2042eecbffb63705d36aae2ee7c7110421e4cedb3ea6857b47e5d289b280286bc34c85bfc9677501fae389c14eb4d15f08359562da54cb3a8518b3d1308eeb2f678967098ea21a3d128e5bb623e3409a8acce6346208a386f3e4f2ddd4dc6234b373d9da0fd39ca0badf742767fc8708569352eb46d5ca588037fa8522e61c83209ac943685b262d8ef3d7fd4dd7dd14377494c0b542e23c4c95151c8e1395984ad2b6df2397e098f8415be65088651426abb5cd587c253a13054ee16e8dfd0f23f0a889db7529269e807cec75f7386a5844b789183341c705fcd2b96cf80ce14a4f6422948a6c8d3d8e9d455e2d6b8b87f4696993cbc010ce10614f1dff96dc18f865b26660d27229defa822953bf392c3d920a50eb2473aa94fbced152660d57159b33f2272fe6e7e1ce6e6ba1f948b59c277f185d9a686ac0445e15e20b46c8e0ea4656d715df96425b7d4b36cb856e7c7ba3aaf620c9d10d5d96370e463d2555e0085ba94d8ffd2973e6be31d7934e771b9b82d0066011da58f147744e747a240de1978a8eca86cfa845d8eca0aa9cabdc8668c43f9862c7ee85353d289d81d744877e22d67613673905e78cfaacde5f6e43ffcd6e7d9b9d15aea0dd922977ae87b0cb51a89ef15350309b43eb5c8e79e446d9ba2bb06d74fa6aed2431a5379da9776221130c87ac36b72bc1fc03f14c78cdb8a16f2d840b2bad04bf4655a2ab3c1ef4458e401fa817704b5a88e4bb8b15cf16383b9a7e2a64de19928b16e5f7f25be0ad126c3833ace7f36f3c3d9a6836d1a4710b4995ec0c9f10001f7dfc6410b29e9d031f1d3b4b34e9b4dc3a8fb08b49a29892e68dce9309c67874ecc75d477b59e2fbf4347f3c445e49126822f4301eaee1259475cfb22566e69d9ae0d436e402f8d100439a9ca6a518d457a91087e83663c413e339a0d8d4c31c083303b46b2982015227bd7e126976d7b26a670ba78f21a8c95b05450ee149c0ae1fb7397d179c6e295d0fc57dab28e5e9bdc99acd8596a928d6ebd97316b8c60cf657bc4ca1ffe8b9a445724842cb38681acc5d5eba455d5fa19cc8c5cac15a46d6a72c9b64983a686edff27b3669d46c005879949b1980a1456e8a85fe4969acd56415f144405ed99afb16d9d652fce35b9c800b8e217517690bed18e00051868dfe8acb5b10ff49d733316bcc7b8ba77265cda37e5faed1307f8a69338090f532f463f1a9740bbcc58851bc5c85b1a129596898667e55a6882f4d0d97c456697dbe282345dec80d76443e1ec7602f523607534f429d603bc087f9b189b15e9c389456ddc04b425a553fb7ec0fa0488b85afa75f624a4cd25f8454b620b0b4fd084a6f6750dcb0a6f3ceeb033fb9dd0f253a53bc4e1dfc7f03b5000cf1fa9c5f0ecbab3257146030f77f30b160b76262b8d3de2510e0984b8192caa7856a69b93f5f53db8190bb70c7daa2b052c56d38a644eb2c69d316d505848d9258c8934b1b870844e543b771f4969e25c8e9a5f825b9aaeeac6ff1cc4e956504fd07f834800413e22da22dfdc4a0c218dadd0442d305cb436dca3d835402e0362b12d02e52ae84c2e80c9fcd7a47efd6c4bc654c8148c47a2ae50f89e729676b4ee79c96991cb4484679eb8eda3517407dd402f0d1b48fcc9551275df982e34e1ee7dd2bb646b9f2ed45bc7e770cbce36566eced4dc3ddf8665232d029e9487d64848c10e8cd2b01415d3e80519cc9b2ff3218d6f239691e4800", 0x1000}}, 0x1006)

08:23:53 executing program 5:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x3ff}, 0x0)
r0 = getpid()
sched_setattr(0x0, &(0x7f0000000140)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0)
sched_setattr(r0, &(0x7f0000000240)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = syz_open_dev$tty20(0xc, 0x4, 0x1)
write$UHID_INPUT(r3, &(0x7f0000000000)={0xa, {"f1f353f0c833097c27a892e9d357cff5f8dbe89627fac0c7baa3d2367d656bce7be2201f63551726fae46c98bb9d1015f4f6c630ca5fe559381741086cf09a276956cdc7e94dadd91d4fe3b0870e56a7d380b72f9b395da9527a975ed11798f36566468a95b4b5bee90b1dc6b83f9488e226e57be4eb015b2d2c87b4a9488e1f205eab5b424225cb6cb4a89a4f644fa5a17a96b6f1b989cee896f36037d03e5533f69dfd83cda70ce02910faf8777c0a2b88df10f0385e1bc828ff019eb5a450b1e05c738079972dfc58810132a59804b823355107214232b12efc8b93d69b777eb1e6db53d9f00a72d4634edf1a514fe9840f22c9af52a3273844507f4614bf298a072f1b0292c5461596f7daaab6e60ce35b40d84f5abf83b710420cfb9332c80c9205bace3d3f81bfeec61ae2537dbb854da4131e11a12f2939c46c119fcb9695c453380c41f08b77f4e3f56f4ceb9f12d12ff852642075ad082dbc7b6e0c4201b7f5b35846e7baf3ea591daa5e175b45f2fc93dfba95837f20dd701f829811f82ef2f71447df0390048fdded6e05838edb9fad4158751321d6452a67b6f11e87aaee34a5082fe86d2fe67b5ab0ba8b9a1023316dee0db52aac7c5eaeca00fcb7df6d82b1ee05e5f17729546e25fa6882f167137c761bf4179669859e027874d20c7584d4d4db23cebc32344ea2d4305215f0e13fa3cda44c00f200f1a95bf51288722b8ee15349fd12345f70f8502f54fb659da95677679697f30ebe4b1e0ff19b9873d6de900a89f11835afe90c42df20b80dd1cb1764482d3c2bc5151abb6c6027673f3d0e6f09a6704c6754ed50886f8726329b331a40955cacc11c3ddef202996302ce8cc90896dc848c7066e82a98def0741f008a8d2a68be8979daf97c645552aa06b57aef18db7a8135768fd829f852dc6e7ff64599717f7715d75c5056c4ec5b1b75c5f6d25d53810f8a72d5b79a21ef4e5aa97fcc00fd134e1520d225a6d8e72cd819d3f064bcf336ac26e133c359830d1b326ca62071e38d465913de34a93947e3d09db2e5ced544a3f30b89fd2e0ea3bc71172ff30273a3d5cbcd4f98bd884b83f7b447f9697cfcd4e4d52379aa8aaaa97b48feb0ea03c1a9318cc87bde35d753cfe997ca98a7c203424443a3b9b6098fbf061584eed12668be29bb7491fedb3debc8970c577c14ff9ecb8e2ad6b9e36447b35925b761267e7858b78a89b9f8e248b138700763a729213a32dae8bdc25243d94aa3d717be39737a3053ad2eb4a0c07953444a1206355f46207774634c35deb3b484ec1a4ccc0b532b620593ccfaf6ea298fe0cb62b4e92d80cd248fd9c18d518c29cb6af367d7094e93d9e9ab5c2aa95a12ceb885927cb05739b060843e8b47a454d42ad8a06211ac37fc830edfe811d434b38b7602af5a05a6e2dc4c85c6622b9df9bda2363e8b2aa0fdaa4eb32d2f70dcf08106ac9601ada331a6a7337df98cc342a52a998f8f9bf372531f10fd292c22f3dcf85551cc6a66531c699a1f37d64eb9c7788e912c5e7b3949d291a557bad3199db335cc7f8aecbb97fe00d80a12273dbab8b70c2c6159e8b8f7ffffffd273bd5534e0306078e0a4472f5282b71abdd2a6b1c74dccdc34f28053c024011994323d24784518e9edb57f09602cc1a1c06d88b7b171bb3f852401eb41089c547bdb5195a0c7e73a8c47d650fd0941a7ecc6e351e5dd4499baa9a81b4a28757b2408bbdf1267629778fc977224362326bf6820628b47f6a070152be1b9b41b20ce4d26064720585746a87bfb24b744612af89fe691777451d804355d5b103838e2381aadf191e70bf6a0fabe9cc84e029582c9683384afd49e08ed99dee0a3dabf879c2938b4c2fc4213e337ac56563d0a579c153f3821691d4b21f2ae3e1343604ce8d61b4b02438e6e3bbc766671250a6cd626ffb9c333d2e52414fad4bcdf36a0e84463618875600ad3bc5859e2e29bef9b8b0c3400490fab3deef256c4fb5d608c5cba570cd2f2b8e1517928e22bd508c43cffb630e080fa0cfb1d5fcb8d2fea44419a15b96f99aadb6212bf80f50b05650b8d82109973fd4e39f8272a7bdac7afa01338201ee45d80c0da849cf0ab77b5ea93b327dbebbc46aa795a966a4737dc84afc126aa54f501462e86c06f4b3052bad341174380d689475ee1790ff162239b427567ddf7ebac9c62034d2b8285fbe07be4e04c57e8462361d04e075be4e3dce985ff8c2c252685f8afe95f3d8b4961faf8c621c31fbd2a8af095ce9fc49a3ec84cf998a7b81069b03c1eef1f14a676a34039bcefeaa6d64d168b7282bc00676765788d5891f4617f22dbcb81d4f2fd7be7b42ae3b9818505d577e7f0dcd89f669d2c15d70e292c13b525d81beee6b6870c3c8a72f7d1e3b64472bbf9087f411d9b18f80cd42872f2caeaa3fc4ec777135752418b136892f4b2603a463bedfbf13dba2ca1bcaf41e74e807877eedf15551164b041e4dc9d3022e99c2e2fac9d15906ac6a7d63bfb57d8cfee8df66a00abce56e1424ecbda3b4a9dc5f381bb7ba38b57268750a0808d39c5cbf5cea7bc55ec1e8328206028c16abf2c3eeae79359777c53718d0c6ce3c9f1b093a3db834cfeb1e146e140465345d6f0a75de4a1a8a374c2467a641f5583907c5f1639eb16cc8156f4b7e1484be957cbe1b1fcb26d443bf759b738a86ccfdff4a6076cd5056f52126b3935cf2107be04033696ef408fcbebd73a10bf8f5d728d2729fd41bcb1bf1ec315216c8c5f9dfbf366f12945f648f901d968f6ee231b98bab2ccb31303c02cf32e065dd73cd81e2b0e99e5f64b2de44eeb477a3b370b9c7aa81ef780aa9f48dadd32cefab2070df2b52a6ac7077338e7269ce5608d1d109d66e307a2c82b411c1089a3afd99a56aab8f301cfc0e541afa853769154efa1d9901fae7b1b5a54e865de2eefc5a0b26dde5eacbc51d43920a9c0f212c27e16be26cccb2477b31aa5756054c985d84200f710cca0b091849890c4e87428217e2cbc211e1bd701cf9381de83b17b617daa7941a054534c9915d951dc9278974d9092e09fdb9978bad73ad989e3565b05fc7f3791be2d7e0b67fb904d9890e71152c168c58eb54a66d7d37fd2a9aa4ebd109adc946a7eb337e3a7afb50c7a959e55bb1933188c9019bee743102a845d3503f95b53248c480fc81b6afc21a5cc3fc81f19a2d438b152b648239460c420f5cb198582be439865acfb4e7e4ce5f4e12e1b267d293609a93a0c79949315e5195f511bc231ec9735cc5c94c473467cf6e341718392a9cd7a4dcff06369dbcc5f54be4345d70563aec33a4aec74bdd64fd86d902752e9dc65fd07c77b508309336cca5574542e234346dba7ddfa2e4a8c12806418b378a5b40dc19fa910c69a8850854007677f01d299a2c916be0cc554c3386febf013a10120ed0bbe636a6b6adeb40c30540ce7426078d7117354fc0e5974ee40345cc8f70970b4ba1e40a18b288bac7e920f0c3e1ec91ccabc01762f6e0d4c49d8a5760cee1c501b85ec6e3ca5c1911fa26b9ffb52f3b66417e889616b99e89be2ef781f49d8dafa599433f369c561d55494577468d8b5b0f3fdc0135cbd43ca79063d9a3e15f23ca1677eaf94fbcf3a81ea62fc8bca1422274644ec77368ef3e05cfa311ac3a8c1a8c132c3701f797c1f0d51ec72ce7a8fab44b9ff2e4e714b52caba8d198a42bd255be3723439faad37f050c06c9fcff2bd6d9393d61ba3efcafee71645159b8c1faad79d02a4d453b98d09c46288dcfafdf82c79b6404be1b9d45d5f7f56f39d50deb58647d5faee01ae3a6dcd4465bfd908e0cbbfa73ae5725503f70f022868950ce5c0f6cd9c10bf6019e9162447b58ab2c27f0eda060efc3c894ddf731d6964d1dac70c0085e397683757abcab5c9d55d2747c58817ec259eead68c112135707ee419ae042ad0a2947e84b4ae748b1f85a585b4d18bef8a9efa2e48e7aa5f5b42bbd1ae3851ad482c3d2042eecbffb63705d36aae2ee7c7110421e4cedb3ea6857b47e5d289b280286bc34c85bfc9677501fae389c14eb4d15f08359562da54cb3a8518b3d1308eeb2f678967098ea21a3d128e5bb623e3409a8acce6346208a386f3e4f2ddd4dc6234b373d9da0fd39ca0badf742767fc8708569352eb46d5ca588037fa8522e61c83209ac943685b262d8ef3d7fd4dd7dd14377494c0b542e23c4c95151c8e1395984ad2b6df2397e098f8415be65088651426abb5cd587c253a13054ee16e8dfd0f23f0a889db7529269e807cec75f7386a5844b789183341c705fcd2b96cf80ce14a4f6422948a6c8d3d8e9d455e2d6b8b87f4696993cbc010ce10614f1dff96dc18f865b26660d27229defa822953bf392c3d920a50eb2473aa94fbced152660d57159b33f2272fe6e7e1ce6e6ba1f948b59c277f185d9a686ac0445e15e20b46c8e0ea4656d715df96425b7d4b36cb856e7c7ba3aaf620c9d10d5d96370e463d2555e0085ba94d8ffd2973e6be31d7934e771b9b82d0066011da58f147744e747a240de1978a8eca86cfa845d8eca0aa9cabdc8668c43f9862c7ee85353d289d81d744877e22d67613673905e78cfaacde5f6e43ffcd6e7d9b9d15aea0dd922977ae87b0cb51a89ef15350309b43eb5c8e79e446d9ba2bb06d74fa6aed2431a5379da9776221130c87ac36b72bc1fc03f14c78cdb8a16f2d840b2bad04bf4655a2ab3c1ef4458e401fa817704b5a88e4bb8b15cf16383b9a7e2a64de19928b16e5f7f25be0ad126c3833ace7f36f3c3d9a6836d1a4710b4995ec0c9f10001f7dfc6410b29e9d031f1d3b4b34e9b4dc3a8fb08b49a29892e68dce9309c67874ecc75d477b59e2fbf4347f3c445e49126822f4301eaee1259475cfb22566e69d9ae0d436e402f8d100439a9ca6a518d457a91087e83663c413e339a0d8d4c31c083303b46b2982015227bd7e126976d7b26a670ba78f21a8c95b05450ee149c0ae1fb7397d179c6e295d0fc57dab28e5e9bdc99acd8596a928d6ebd97316b8c60cf657bc4ca1ffe8b9a445724842cb38681acc5d5eba455d5fa19cc8c5cac15a46d6a72c9b64983a686edff27b3669d46c005879949b1980a1456e8a85fe4969acd56415f144405ed99afb16d9d652fce35b9c800b8e217517690bed18e00051868dfe8acb5b10ff49d733316bcc7b8ba77265cda37e5faed1307f8a69338090f532f463f1a9740bbcc58851bc5c85b1a129596898667e55a6882f4d0d97c456697dbe282345dec80d76443e1ec7602f523607534f429d603bc087f9b189b15e9c389456ddc04b425a553fb7ec0fa0488b85afa75f624a4cd25f8454b620b0b4fd084a6f6750dcb0a6f3ceeb033fb9dd0f253a53bc4e1dfc7f03b5000cf1fa9c5f0ecbab3257146030f77f30b160b76262b8d3de2510e0984b8192caa7856a69b93f5f53db8190bb70c7daa2b052c56d38a644eb2c69d316d505848d9258c8934b1b870844e543b771f4969e25c8e9a5f825b9aaeeac6ff1cc4e956504fd07f834800413e22da22dfdc4a0c218dadd0442d305cb436dca3d835402e0362b12d02e52ae84c2e80c9fcd7a47efd6c4bc654c8148c47a2ae50f89e729676b4ee79c96991cb4484679eb8eda3517407dd402f0d1b48fcc9551275df982e34e1ee7dd2bb646b9f2ed45bc7e770cbce36566eced4dc3ddf8665232d029e9487d64848c10e8cd2b01415d3e80519cc9b2ff3218d6f239691e4800", 0x1000}}, 0x1006)

[  532.739674][T18125] loop4: detected capacity change from 0 to 16
08:23:54 executing program 0:
r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x46, 0x5, 0x75, 0x8, 0x6a5, 0xd800, 0xcd24, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0x46, 0xe2, 0xaa}}]}}]}}, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, &(0x7f0000000700)={0x84, &(0x7f0000000040)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_connect(0x0, 0x0, 0x0, 0x0)

08:23:54 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000)={0x2})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000140))
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000056f000/0x18000)=nil, &(0x7f0000000080)=[@text32={0x20, &(0x7f00000000c0)="66ba4000b0c2ee66bad104b829280000efea0e0000000a00b8050000000f23d80f21f835c00000a00f23f8653e65f30f21c62e0fae2b0f01c2b8060000000f23d00f21f835200000000f23f8c4c3a1cf830000000002d9f7", 0x58}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

08:23:54 executing program 1:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r0 = getpid()
sched_setattr(0x0, &(0x7f0000000140)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0)
sched_setattr(r0, &(0x7f0000000240)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = perf_event_open(&(0x7f00000009c0)={0x3, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xbffffffd, 0x0, @perf_bp, 0x1, 0x0, 0x0, 0x0, 0xb9b, 0xfffffffc, 0x5d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x3)
pipe(0x0)
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x25, 0x1, 0x7, 0x0, 0x0, 0x7f, 0xe6789, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800, 0x4, 0x0, 0x1034, 0x0, 0x9, 0x8, 0x4, 0xfffffffe, 0x1000, 0x2, @perf_bp={&(0x7f0000000000), 0x2}, 0x0, 0x6, 0xfffffe, 0x4, 0x9, 0x3, 0x0, 0x0, 0x3, 0x0, 0x8}, 0x0, 0xf, r3, 0x9)
getresgid(&(0x7f0000000180), &(0x7f00000001c0), &(0x7f0000000240))
clone(0x20002004ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
exit_group(0x0)
r4 = syz_open_dev$ndb(&(0x7f0000000080), 0x0, 0x0)
r5 = socket(0x2, 0x1, 0x0)
r6 = getpgrp(0x0)
sched_setparam(r6, &(0x7f00000000c0)=0xb8)
ioctl$NBD_SET_SOCK(r4, 0xab00, r5)
ioctl$NBD_DO_IT(r4, 0xab03)

08:23:54 executing program 2:
syz_open_procfs(0x0, &(0x7f0000000040)='mounts\x00')
syz_open_procfs(0x0, &(0x7f0000000000)='mountstats\x00')
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000040)={r1})
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_PIT2(0xffffffffffffffff, 0x4040ae77, &(0x7f0000000000))
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000001c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1003]})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000140)={[{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}]})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000056f000/0x18000)=nil, &(0x7f0000000080)=[@text32={0x20, &(0x7f00000000c0)="66ba4000b0c2ee66bad104b829280000efea0e0000000a00b8050000000f23d80f21f835c00000a00f23f8653e65f30f21c62e0fae2b0f01c2b8060000000f23d00f21f835200000000f23f8c4c3a1cf830000000002d9f7", 0x58}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  534.279510][   T25] usb 1-1: new high-speed USB device number 7 using dummy_hcd
[  535.725063][   T25] usb 1-1: Using ep0 maxpacket: 8
[  536.007870][   T25] usb 1-1: New USB device found, idVendor=06a5, idProduct=d800, bcdDevice=cd.24
[  536.016952][   T25] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  536.077427][   T25] usb 1-1: Product: syz
[  536.081635][   T25] usb 1-1: Manufacturer: syz
[  536.086240][   T25] usb 1-1: SerialNumber: syz
[  536.168888][   T25] usb 1-1: config 0 descriptor??
[  536.239582][   T25] gspca_main: nw80x-2.14.0 probing 06a5:d800
08:23:57 executing program 4:
fcntl$F_GET_FILE_RW_HINT(0xffffffffffffffff, 0x40d, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
sched_setattr(0x0, &(0x7f0000000140)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0)
sched_setattr(0x0, &(0x7f0000000240)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0)
sendfile(0xffffffffffffffff, r2, 0x0, 0x400000000001002a)
r3 = syz_mount_image$vfat(&(0x7f0000000400), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
r4 = openat(r3, &(0x7f000000c380)='./file0\x00', 0x84842, 0x0)
write(r4, &(0x7f0000004200)='t', 0xfff4)
sendmsg$NL80211_CMD_SET_INTERFACE(0xffffffffffffffff, &(0x7f0000001840)={&(0x7f0000000080), 0xc, &(0x7f0000001800)={&(0x7f00000001c0)=ANY=[@ANYRES64, @ANYRESDEC, @ANYRES32=0x0, @ANYRES32], 0x60}, 0x1, 0x0, 0x0, 0x44090}, 0x0)

08:23:57 executing program 5:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x3ff}, 0x0)
r0 = getpid()
sched_setattr(0x0, &(0x7f0000000140)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0)
sched_setattr(r0, &(0x7f0000000240)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = syz_open_dev$tty20(0xc, 0x4, 0x1)
write$UHID_INPUT(r3, &(0x7f0000000000)={0xa, {"f1f353f0c833097c27a892e9d357cff5f8dbe89627fac0c7baa3d2367d656bce7be2201f63551726fae46c98bb9d1015f4f6c630ca5fe559381741086cf09a276956cdc7e94dadd91d4fe3b0870e56a7d380b72f9b395da9527a975ed11798f36566468a95b4b5bee90b1dc6b83f9488e226e57be4eb015b2d2c87b4a9488e1f205eab5b424225cb6cb4a89a4f644fa5a17a96b6f1b989cee896f36037d03e5533f69dfd83cda70ce02910faf8777c0a2b88df10f0385e1bc828ff019eb5a450b1e05c738079972dfc58810132a59804b823355107214232b12efc8b93d69b777eb1e6db53d9f00a72d4634edf1a514fe9840f22c9af52a3273844507f4614bf298a072f1b0292c5461596f7daaab6e60ce35b40d84f5abf83b710420cfb9332c80c9205bace3d3f81bfeec61ae2537dbb854da4131e11a12f2939c46c119fcb9695c453380c41f08b77f4e3f56f4ceb9f12d12ff852642075ad082dbc7b6e0c4201b7f5b35846e7baf3ea591daa5e175b45f2fc93dfba95837f20dd701f829811f82ef2f71447df0390048fdded6e05838edb9fad4158751321d6452a67b6f11e87aaee34a5082fe86d2fe67b5ab0ba8b9a1023316dee0db52aac7c5eaeca00fcb7df6d82b1ee05e5f17729546e25fa6882f167137c761bf4179669859e027874d20c7584d4d4db23cebc32344ea2d4305215f0e13fa3cda44c00f200f1a95bf51288722b8ee15349fd12345f70f8502f54fb659da95677679697f30ebe4b1e0ff19b9873d6de900a89f11835afe90c42df20b80dd1cb1764482d3c2bc5151abb6c6027673f3d0e6f09a6704c6754ed50886f8726329b331a40955cacc11c3ddef202996302ce8cc90896dc848c7066e82a98def0741f008a8d2a68be8979daf97c645552aa06b57aef18db7a8135768fd829f852dc6e7ff64599717f7715d75c5056c4ec5b1b75c5f6d25d53810f8a72d5b79a21ef4e5aa97fcc00fd134e1520d225a6d8e72cd819d3f064bcf336ac26e133c359830d1b326ca62071e38d465913de34a93947e3d09db2e5ced544a3f30b89fd2e0ea3bc71172ff30273a3d5cbcd4f98bd884b83f7b447f9697cfcd4e4d52379aa8aaaa97b48feb0ea03c1a9318cc87bde35d753cfe997ca98a7c203424443a3b9b6098fbf061584eed12668be29bb7491fedb3debc8970c577c14ff9ecb8e2ad6b9e36447b35925b761267e7858b78a89b9f8e248b138700763a729213a32dae8bdc25243d94aa3d717be39737a3053ad2eb4a0c07953444a1206355f46207774634c35deb3b484ec1a4ccc0b532b620593ccfaf6ea298fe0cb62b4e92d80cd248fd9c18d518c29cb6af367d7094e93d9e9ab5c2aa95a12ceb885927cb05739b060843e8b47a454d42ad8a06211ac37fc830edfe811d434b38b7602af5a05a6e2dc4c85c6622b9df9bda2363e8b2aa0fdaa4eb32d2f70dcf08106ac9601ada331a6a7337df98cc342a52a998f8f9bf372531f10fd292c22f3dcf85551cc6a66531c699a1f37d64eb9c7788e912c5e7b3949d291a557bad3199db335cc7f8aecbb97fe00d80a12273dbab8b70c2c6159e8b8f7ffffffd273bd5534e0306078e0a4472f5282b71abdd2a6b1c74dccdc34f28053c024011994323d24784518e9edb57f09602cc1a1c06d88b7b171bb3f852401eb41089c547bdb5195a0c7e73a8c47d650fd0941a7ecc6e351e5dd4499baa9a81b4a28757b2408bbdf1267629778fc977224362326bf6820628b47f6a070152be1b9b41b20ce4d26064720585746a87bfb24b744612af89fe691777451d804355d5b103838e2381aadf191e70bf6a0fabe9cc84e029582c9683384afd49e08ed99dee0a3dabf879c2938b4c2fc4213e337ac56563d0a579c153f3821691d4b21f2ae3e1343604ce8d61b4b02438e6e3bbc766671250a6cd626ffb9c333d2e52414fad4bcdf36a0e84463618875600ad3bc5859e2e29bef9b8b0c3400490fab3deef256c4fb5d608c5cba570cd2f2b8e1517928e22bd508c43cffb630e080fa0cfb1d5fcb8d2fea44419a15b96f99aadb6212bf80f50b05650b8d82109973fd4e39f8272a7bdac7afa01338201ee45d80c0da849cf0ab77b5ea93b327dbebbc46aa795a966a4737dc84afc126aa54f501462e86c06f4b3052bad341174380d689475ee1790ff162239b427567ddf7ebac9c62034d2b8285fbe07be4e04c57e8462361d04e075be4e3dce985ff8c2c252685f8afe95f3d8b4961faf8c621c31fbd2a8af095ce9fc49a3ec84cf998a7b81069b03c1eef1f14a676a34039bcefeaa6d64d168b7282bc00676765788d5891f4617f22dbcb81d4f2fd7be7b42ae3b9818505d577e7f0dcd89f669d2c15d70e292c13b525d81beee6b6870c3c8a72f7d1e3b64472bbf9087f411d9b18f80cd42872f2caeaa3fc4ec777135752418b136892f4b2603a463bedfbf13dba2ca1bcaf41e74e807877eedf15551164b041e4dc9d3022e99c2e2fac9d15906ac6a7d63bfb57d8cfee8df66a00abce56e1424ecbda3b4a9dc5f381bb7ba38b57268750a0808d39c5cbf5cea7bc55ec1e8328206028c16abf2c3eeae79359777c53718d0c6ce3c9f1b093a3db834cfeb1e146e140465345d6f0a75de4a1a8a374c2467a641f5583907c5f1639eb16cc8156f4b7e1484be957cbe1b1fcb26d443bf759b738a86ccfdff4a6076cd5056f52126b3935cf2107be04033696ef408fcbebd73a10bf8f5d728d2729fd41bcb1bf1ec315216c8c5f9dfbf366f12945f648f901d968f6ee231b98bab2ccb31303c02cf32e065dd73cd81e2b0e99e5f64b2de44eeb477a3b370b9c7aa81ef780aa9f48dadd32cefab2070df2b52a6ac7077338e7269ce5608d1d109d66e307a2c82b411c1089a3afd99a56aab8f301cfc0e541afa853769154efa1d9901fae7b1b5a54e865de2eefc5a0b26dde5eacbc51d43920a9c0f212c27e16be26cccb2477b31aa5756054c985d84200f710cca0b091849890c4e87428217e2cbc211e1bd701cf9381de83b17b617daa7941a054534c9915d951dc9278974d9092e09fdb9978bad73ad989e3565b05fc7f3791be2d7e0b67fb904d9890e71152c168c58eb54a66d7d37fd2a9aa4ebd109adc946a7eb337e3a7afb50c7a959e55bb1933188c9019bee743102a845d3503f95b53248c480fc81b6afc21a5cc3fc81f19a2d438b152b648239460c420f5cb198582be439865acfb4e7e4ce5f4e12e1b267d293609a93a0c79949315e5195f511bc231ec9735cc5c94c473467cf6e341718392a9cd7a4dcff06369dbcc5f54be4345d70563aec33a4aec74bdd64fd86d902752e9dc65fd07c77b508309336cca5574542e234346dba7ddfa2e4a8c12806418b378a5b40dc19fa910c69a8850854007677f01d299a2c916be0cc554c3386febf013a10120ed0bbe636a6b6adeb40c30540ce7426078d7117354fc0e5974ee40345cc8f70970b4ba1e40a18b288bac7e920f0c3e1ec91ccabc01762f6e0d4c49d8a5760cee1c501b85ec6e3ca5c1911fa26b9ffb52f3b66417e889616b99e89be2ef781f49d8dafa599433f369c561d55494577468d8b5b0f3fdc0135cbd43ca79063d9a3e15f23ca1677eaf94fbcf3a81ea62fc8bca1422274644ec77368ef3e05cfa311ac3a8c1a8c132c3701f797c1f0d51ec72ce7a8fab44b9ff2e4e714b52caba8d198a42bd255be3723439faad37f050c06c9fcff2bd6d9393d61ba3efcafee71645159b8c1faad79d02a4d453b98d09c46288dcfafdf82c79b6404be1b9d45d5f7f56f39d50deb58647d5faee01ae3a6dcd4465bfd908e0cbbfa73ae5725503f70f022868950ce5c0f6cd9c10bf6019e9162447b58ab2c27f0eda060efc3c894ddf731d6964d1dac70c0085e397683757abcab5c9d55d2747c58817ec259eead68c112135707ee419ae042ad0a2947e84b4ae748b1f85a585b4d18bef8a9efa2e48e7aa5f5b42bbd1ae3851ad482c3d2042eecbffb63705d36aae2ee7c7110421e4cedb3ea6857b47e5d289b280286bc34c85bfc9677501fae389c14eb4d15f08359562da54cb3a8518b3d1308eeb2f678967098ea21a3d128e5bb623e3409a8acce6346208a386f3e4f2ddd4dc6234b373d9da0fd39ca0badf742767fc8708569352eb46d5ca588037fa8522e61c83209ac943685b262d8ef3d7fd4dd7dd14377494c0b542e23c4c95151c8e1395984ad2b6df2397e098f8415be65088651426abb5cd587c253a13054ee16e8dfd0f23f0a889db7529269e807cec75f7386a5844b789183341c705fcd2b96cf80ce14a4f6422948a6c8d3d8e9d455e2d6b8b87f4696993cbc010ce10614f1dff96dc18f865b26660d27229defa822953bf392c3d920a50eb2473aa94fbced152660d57159b33f2272fe6e7e1ce6e6ba1f948b59c277f185d9a686ac0445e15e20b46c8e0ea4656d715df96425b7d4b36cb856e7c7ba3aaf620c9d10d5d96370e463d2555e0085ba94d8ffd2973e6be31d7934e771b9b82d0066011da58f147744e747a240de1978a8eca86cfa845d8eca0aa9cabdc8668c43f9862c7ee85353d289d81d744877e22d67613673905e78cfaacde5f6e43ffcd6e7d9b9d15aea0dd922977ae87b0cb51a89ef15350309b43eb5c8e79e446d9ba2bb06d74fa6aed2431a5379da9776221130c87ac36b72bc1fc03f14c78cdb8a16f2d840b2bad04bf4655a2ab3c1ef4458e401fa817704b5a88e4bb8b15cf16383b9a7e2a64de19928b16e5f7f25be0ad126c3833ace7f36f3c3d9a6836d1a4710b4995ec0c9f10001f7dfc6410b29e9d031f1d3b4b34e9b4dc3a8fb08b49a29892e68dce9309c67874ecc75d477b59e2fbf4347f3c445e49126822f4301eaee1259475cfb22566e69d9ae0d436e402f8d100439a9ca6a518d457a91087e83663c413e339a0d8d4c31c083303b46b2982015227bd7e126976d7b26a670ba78f21a8c95b05450ee149c0ae1fb7397d179c6e295d0fc57dab28e5e9bdc99acd8596a928d6ebd97316b8c60cf657bc4ca1ffe8b9a445724842cb38681acc5d5eba455d5fa19cc8c5cac15a46d6a72c9b64983a686edff27b3669d46c005879949b1980a1456e8a85fe4969acd56415f144405ed99afb16d9d652fce35b9c800b8e217517690bed18e00051868dfe8acb5b10ff49d733316bcc7b8ba77265cda37e5faed1307f8a69338090f532f463f1a9740bbcc58851bc5c85b1a129596898667e55a6882f4d0d97c456697dbe282345dec80d76443e1ec7602f523607534f429d603bc087f9b189b15e9c389456ddc04b425a553fb7ec0fa0488b85afa75f624a4cd25f8454b620b0b4fd084a6f6750dcb0a6f3ceeb033fb9dd0f253a53bc4e1dfc7f03b5000cf1fa9c5f0ecbab3257146030f77f30b160b76262b8d3de2510e0984b8192caa7856a69b93f5f53db8190bb70c7daa2b052c56d38a644eb2c69d316d505848d9258c8934b1b870844e543b771f4969e25c8e9a5f825b9aaeeac6ff1cc4e956504fd07f834800413e22da22dfdc4a0c218dadd0442d305cb436dca3d835402e0362b12d02e52ae84c2e80c9fcd7a47efd6c4bc654c8148c47a2ae50f89e729676b4ee79c96991cb4484679eb8eda3517407dd402f0d1b48fcc9551275df982e34e1ee7dd2bb646b9f2ed45bc7e770cbce36566eced4dc3ddf8665232d029e9487d64848c10e8cd2b01415d3e80519cc9b2ff3218d6f239691e4800", 0x1000}}, 0x1006)

08:23:57 executing program 1:
mount$bpf(0x20000000, 0x0, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x4028, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x4}, 0x0, 0xfffffdffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000d40)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa564f5199fad0093c59d66b5ece9f36c70d0f13905ea23c2262be4ac30f526fb8616a1847152f0f69c64c9f87f9793f50bb546040677b0c504b0080fb982c1e9400e693146cea484a415b76960300b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c29184ff7f0000cef809606056fe5c34664c0af9360a1f7a5e6b607130c89f18c0c1089d858588d72ec29c48b45ef4adf634be763289d01aa27ae8b09e00b99ab20b0b8ed8fb7a68af2ad0000000000000006fa03c6468972089b302d7bf5a23cdcedb5e0125ebbcebdde510cb2364149215108333719acd97fa9e8828ee18e509ef3627cc675fcfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89131f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb076719237c8d0e60b0eea24492a660583eecdbf5bcd3de3a7aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996360a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b477632f32030916f89c6dad7603f2ba2a7909abd6faec2fed44da4928b30142ba11de6c5d50b83bae616b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ee6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbfc8a326eea31ae4e0f7505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc229413300000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b6c4a000000002b435ac15fc0288d9b2a169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffffd897ef3b7cda42013d53046da21b40216e14ba2d6af8656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9ec747097c9c9ab600830689da6b53b263339863297771429d1200000041bf4a00fca0493cf29b33dcc9ff99acd160afd1ffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde4a594290c2a5ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d164c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3ace0fa4d30dc94ef241875f3b4b6ab7929a57affe7d7fa292601101b4326b51b8c2b7a30bcd703822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ecbbc55bf404e4e1f74b7eed82571be54c72d978d8906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd062c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c7df8be5877050c91300bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458a35450804042b3eac10000b136345cf67c70d3ae6d5b8bc0d2e0efa3fb5aac518a75f9e7d7101d5e186c489b3a06dbce2ad1a764370c9a6ff963fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d277739901004c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a998de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea600000000000000099f4f9ecee27defc93871c5f99b355b72d538ba4958ea8e4aa37094191e10096e7e60fc3541a2c90506000000000000001981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e32409e2a3bce109b6000000000000000000d6d5210d7560eb92d6a97a27602b01800000f1535bef1497c2bcc60c261cfcdab9c57fda5696922c14324b5a0ef92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b59270bb29b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a6c70236061f0868afc4294845319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4213be5946912d6c98cd1a9fbe1e7d58c08acaf30235b928a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ce21d69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821aa8e8c5c3490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d4b3bc19faa5449209b085f3c334b47f067bbab40743b2a428f1da1f68df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868c6da7eea69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1735e5bdc0cf62eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedf81bf2e7ccbffffffff6331945e208ce4b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba891cea599b079b4b4ba686fcd9867017f3f172632bfe51298f240430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6b70ebc660309e1e245b0fdf9743af930cd6db49a47613808bad959719c000000000000000000000000000000000000000000000000000000008cec1dfa7dfadcc5af36cc644432f7aceda858afb83d15947fe4222ce21f70f6b1c0871015d734bb96a5186355b7e48b1f4f1a3ab9cc4ebab3cadba718fcb5ea91c56c02e3189758f89c3b7a7234ef9b2cd2dc9734e71580ea595f7b941bf025dbff2b7b48761edd3e0eae324f0068a5344dfb22e11996d698efbc58890b42b18db4af022cd699e6ff509028a25133f1720d2ab6fdb5d3182d7904fd9b089271dc66d3c69b68e95d04dca3510d6ad88d3823eadd9c0b83ff0fc7701d4d7472817d25e3a1fadf797a71c9d9d1836b787c1fbf6d9d5ecbda981e2bf5587509371a0000000000000000001fb2f4c84586fec3f1fb83e9577d174b191c86602137be27bf596377617acb34b8b7fba307160ab95999a4c18ce88b559567d208d935a911d60f232997c3e719ab3262dd59a9d9e66baf8180f08493867640aa83be488d622f6b01a1b5b12c5e8a48e7a0cbd814d4e4bc0053155e0ea06b631c49a68d6d899949281a64441afa18eb15a190dbd682bd6746359c942e6b8f531939af18488710e52fc4d71d52c5eeb69658dab2b909ecebcd58b2e13c7c0b833c7adc4d7928acb80df1967fc6759a34fd81b0081931a55eb2416c0d7cdbce44709d0b830f30129bd1e44d3b5cbf5ec025ca60213af542c4111d275dc0b2f402003019462832b67d2b90cc643e38556e6e3100000000"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, 0x0}, 0x78)
sendmsg$nl_route(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000280)=@newlink={0x30, 0x10, 0x801, 0x0, 0x0, {}, [@IFLA_MASTER={0x8}, @IFLA_GROUP={0x8}]}, 0x30}}, 0x0)

08:23:57 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000001c0)={[0x4, 0x0, 0x0, 0x8, 0x1, 0x0, 0x1002]})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000140))
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000056f000/0x18000)=nil, &(0x7f0000000080)=[@text32={0x20, &(0x7f00000000c0)="66ba4000b0c2ee66bad104b829280000efea0e0000000a00b8050000000f23d80f21f835c00000a00f23f8653e65f30f21c62e0fae2b0f01c2b8060000000f23d00f21f835200000000f23f8c4c3a1cf830000000002d9f7", 0x58}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

08:23:57 executing program 2:
syz_open_procfs(0x0, &(0x7f0000000040)='mounts\x00')
syz_open_procfs(0x0, &(0x7f0000000000)='mountstats\x00')
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000040)={r1})
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000001c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1003]})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000140)={[{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}]})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000056f000/0x18000)=nil, &(0x7f0000000080)=[@text32={0x20, &(0x7f00000000c0)="66ba4000b0c2ee66bad104b829280000efea0e0000000a00b8050000000f23d80f21f835c00000a00f23f8653e65f30f21c62e0fae2b0f01c2b8060000000f23d00f21f835200000000f23f8c4c3a1cf830000000002d9f7", 0x58}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  536.867187][T18178] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
08:23:58 executing program 5:
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_user\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x27fffff, 0x40000000011, r3, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)

[  537.708614][   T25] gspca_nw80x: reg_r err -71
[  537.713358][   T25] nw80x: probe of 1-1:0.0 failed with error -71
[  537.742070][T18197] loop4: detected capacity change from 0 to 16
[  537.774712][T18178] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  537.784437][   T25] usb 1-1: USB disconnect, device number 7
[  537.822912][   T26] audit: type=1800 audit(1632817438.697:68): pid=18197 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.4" name="file0" dev="loop4" ino=34 res=0 errno=0
[  537.864551][T18178] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  537.900902][T18178] device bridge_slave_0 left promiscuous mode
08:23:58 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000001c0)={[0x4, 0x0, 0x0, 0x8, 0x1, 0x0, 0x1002]})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000140))
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000056f000/0x18000)=nil, &(0x7f0000000080)=[@text32={0x20, &(0x7f00000000c0)="66ba4000b0c2ee66bad104b829280000efea0e0000000a00b8050000000f23d80f21f835c00000a00f23f8653e65f30f21c62e0fae2b0f01c2b8060000000f23d00f21f835200000000f23f8c4c3a1cf830000000002d9f7", 0x58}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  537.938784][T18178] bridge0: port 1(bridge_slave_0) entered disabled state
08:23:58 executing program 2:
syz_open_procfs(0x0, &(0x7f0000000040)='mounts\x00')
syz_open_procfs(0x0, &(0x7f0000000000)='mountstats\x00')
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000040)={r1})
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000001c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1003]})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000140)={[{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}]})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000056f000/0x18000)=nil, &(0x7f0000000080)=[@text32={0x20, &(0x7f00000000c0)="66ba4000b0c2ee66bad104b829280000efea0e0000000a00b8050000000f23d80f21f835c00000a00f23f8653e65f30f21c62e0fae2b0f01c2b8060000000f23d00f21f835200000000f23f8c4c3a1cf830000000002d9f7", 0x58}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  538.038120][T18178] device bridge_slave_1 left promiscuous mode
[  538.073001][T18178] bridge0: port 2(bridge_slave_1) entered disabled state
[  538.135563][T18178] bond0: (slave bond_slave_0): Releasing backup interface
[  538.307484][   T25] usb 1-1: new high-speed USB device number 8 using dummy_hcd
[  538.571810][   T25] usb 1-1: Using ep0 maxpacket: 8
08:23:59 executing program 0:
r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x46, 0x5, 0x75, 0x8, 0x6a5, 0xd800, 0xcd24, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0x46, 0xe2, 0xaa}}]}}]}}, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, &(0x7f0000000700)={0x84, &(0x7f0000000040)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_connect(0x0, 0x0, 0x0, 0x0)

08:23:59 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000001c0)={[0x4, 0x0, 0x0, 0x8, 0x1, 0x0, 0x1002]})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000140))
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000056f000/0x18000)=nil, &(0x7f0000000080)=[@text32={0x20, &(0x7f00000000c0)="66ba4000b0c2ee66bad104b829280000efea0e0000000a00b8050000000f23d80f21f835c00000a00f23f8653e65f30f21c62e0fae2b0f01c2b8060000000f23d00f21f835200000000f23f8c4c3a1cf830000000002d9f7", 0x58}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

08:23:59 executing program 5:
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_user\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x27fffff, 0x40000000011, r3, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)

08:23:59 executing program 2:
syz_open_procfs(0x0, &(0x7f0000000040)='mounts\x00')
syz_open_procfs(0x0, &(0x7f0000000000)='mountstats\x00')
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000040)={r1})
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000001c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1003]})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000140)={[{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}]})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000056f000/0x18000)=nil, &(0x7f0000000080)=[@text32={0x20, &(0x7f00000000c0)="66ba4000b0c2ee66bad104b829280000efea0e0000000a00b8050000000f23d80f21f835c00000a00f23f8653e65f30f21c62e0fae2b0f01c2b8060000000f23d00f21f835200000000f23f8c4c3a1cf830000000002d9f7", 0x58}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  538.817483][   T25] usb 1-1: string descriptor 0 read error: -71
[  538.824188][   T25] usb 1-1: New USB device found, idVendor=06a5, idProduct=d800, bcdDevice=cd.24
[  538.904159][   T25] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  538.985323][   T25] usb 1-1: config 0 descriptor??
[  539.037878][   T25] usb 1-1: can't set config #0, error -71
[  539.073524][   T25] usb 1-1: USB disconnect, device number 8
[  539.467399][   T25] usb 1-1: new high-speed USB device number 9 using dummy_hcd
08:24:00 executing program 4:
fcntl$F_GET_FILE_RW_HINT(0xffffffffffffffff, 0x40d, 0x0)
r0 = getpid()
sched_setattr(0x0, &(0x7f0000000140)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0)
sched_setattr(r0, &(0x7f0000000240)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0)
sendfile(0xffffffffffffffff, r3, 0x0, 0x400000000001002a)
r4 = syz_mount_image$vfat(&(0x7f0000000400), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
r5 = openat(r4, &(0x7f000000c380)='./file0\x00', 0x84842, 0x0)
write(r5, &(0x7f0000004200)='t', 0xfff4)
sendmsg$NL80211_CMD_SET_INTERFACE(0xffffffffffffffff, &(0x7f0000001840)={&(0x7f0000000080), 0xc, &(0x7f0000001800)={&(0x7f00000001c0)=ANY=[@ANYRES64, @ANYRESDEC, @ANYRES32=0x0, @ANYRES32], 0x60}, 0x1, 0x0, 0x0, 0x44090}, 0x0)

08:24:00 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000)={0x2})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000001c0)={[0x4, 0x0, 0x0, 0x8, 0x1, 0x0, 0x1002]})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000140))
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000056f000/0x18000)=nil, &(0x7f0000000080)=[@text32={0x20, &(0x7f00000000c0)="66ba4000b0c2ee66bad104b829280000efea0e0000000a00b8050000000f23d80f21f835c00000a00f23f8653e65f30f21c62e0fae2b0f01c2b8060000000f23d00f21f835200000000f23f8c4c3a1cf830000000002d9f7", 0x58}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  539.737372][   T25] usb 1-1: Using ep0 maxpacket: 8
[  539.765925][T18178] bond0: (slave bond_slave_1): Releasing backup interface
[  539.852655][T18276] loop4: detected capacity change from 0 to 16
[  539.901251][   T26] audit: type=1800 audit(1632817440.777:69): pid=18276 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.4" name="file0" dev="loop4" ino=35 res=0 errno=0
[  540.017527][   T25] usb 1-1: New USB device found, idVendor=06a5, idProduct=d800, bcdDevice=cd.24
[  540.040268][   T25] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  540.071408][   T25] usb 1-1: Product: syz
[  540.085955][   T25] usb 1-1: Manufacturer: syz
[  540.102288][   T25] usb 1-1: SerialNumber: syz
[  540.127687][   T25] usb 1-1: config 0 descriptor??
[  540.189305][   T25] gspca_main: nw80x-2.14.0 probing 06a5:d800
[  541.087151][   T25] gspca_nw80x: reg_r err -71
[  541.091949][   T25] nw80x: probe of 1-1:0.0 failed with error -71
[  541.120963][   T25] usb 1-1: USB disconnect, device number 9
[  541.240648][T18178] team0: Port device team_slave_0 removed
[  542.200708][T18178] team0: Port device team_slave_1 removed
[  542.217259][T18201] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  542.225441][T18201] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  542.233188][T18201] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
08:24:03 executing program 5:
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_user\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x27fffff, 0x40000000011, r3, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)

08:24:03 executing program 2:
syz_open_procfs(0x0, &(0x7f0000000040)='mounts\x00')
syz_open_procfs(0x0, &(0x7f0000000000)='mountstats\x00')
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000040)={r1})
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000))
ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, &(0x7f00000001c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1003]})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000140)={[{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}]})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000056f000/0x18000)=nil, &(0x7f0000000080)=[@text32={0x20, &(0x7f00000000c0)="66ba4000b0c2ee66bad104b829280000efea0e0000000a00b8050000000f23d80f21f835c00000a00f23f8653e65f30f21c62e0fae2b0f01c2b8060000000f23d00f21f835200000000f23f8c4c3a1cf830000000002d9f7", 0x58}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

08:24:03 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000)={0x2})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000001c0)={[0x4, 0x0, 0x0, 0x8, 0x1, 0x0, 0x1002]})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000140))
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000056f000/0x18000)=nil, &(0x7f0000000080)=[@text32={0x20, &(0x7f00000000c0)="66ba4000b0c2ee66bad104b829280000efea0e0000000a00b8050000000f23d80f21f835c00000a00f23f8653e65f30f21c62e0fae2b0f01c2b8060000000f23d00f21f835200000000f23f8c4c3a1cf830000000002d9f7", 0x58}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

08:24:03 executing program 0:
r0 = open(&(0x7f0000000100)='./bus\x00', 0x1c30c2, 0x0)
r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/vmallocinfo\x00', 0x0, 0x0)
ftruncate(0xffffffffffffffff, 0x0)
r2 = openat$dlm_control(0xffffffffffffff9c, &(0x7f0000000000), 0x200000, 0x0)
r3 = syz_open_dev$tty20(0xc, 0x4, 0x1)
r4 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$GIO_CMAP(r4, 0x4b70, &(0x7f0000000000))
r5 = accept4$unix(r0, 0x0, &(0x7f0000000040), 0x0)
recvmsg$unix(r5, &(0x7f0000000780)={&(0x7f0000000280), 0x6e, &(0x7f0000000680)=[{&(0x7f0000000300)=""/250, 0xfa}, {&(0x7f00000001c0)=""/4, 0x4}, {&(0x7f0000000480)=""/52, 0x34}, {&(0x7f00000004c0)=""/139, 0x8b}, {&(0x7f0000000580)=""/240, 0xf0}], 0x5, &(0x7f0000000700)=[@rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @cred={{0x1c}}], 0x68}, 0x10000)
poll(&(0x7f00000000c0)=[{r2, 0xe}, {0xffffffffffffffff, 0x100c}, {r3}, {0xffffffffffffffff, 0x106}, {r2, 0x260}, {r4, 0x1}], 0x6, 0x5)
r6 = perf_event_open(&(0x7f0000000140)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x24, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$SG_GET_SCSI_ID(0xffffffffffffffff, 0x2276, &(0x7f0000000240))
ioctl$GIO_CMAP(r6, 0x4b70, &(0x7f0000000200))
sendfile(r0, r1, 0x0, 0x4000000000010046)

08:24:03 executing program 1:
perf_event_open(&(0x7f000001d000)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0xb33, &(0x7f0000000340), &(0x7f0000ee8000/0x4000)=nil, &(0x7f0000800000/0x800000)=nil, &(0x7f0000000000)=<r1=>0x0, &(0x7f0000000180)=<r2=>0x0)
inotify_init()
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x40, &(0x7f0000000140)=0x307c, 0x0, 0x4)
syz_io_uring_submit(r1, r2, &(0x7f0000000200)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x5}, 0x0)
io_uring_enter(r0, 0x6019, 0x0, 0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x3800003, 0x12, 0xffffffffffffffff, 0x0)

08:24:03 executing program 4:
fcntl$F_GET_FILE_RW_HINT(0xffffffffffffffff, 0x40d, 0x0)
r0 = getpid()
sched_setattr(0x0, &(0x7f0000000140)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0)
sched_setattr(r0, &(0x7f0000000240)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0)
sendfile(0xffffffffffffffff, r3, 0x0, 0x400000000001002a)
r4 = syz_mount_image$vfat(&(0x7f0000000400), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
r5 = openat(r4, &(0x7f000000c380)='./file0\x00', 0x84842, 0x0)
write(r5, &(0x7f0000004200)='t', 0xfff4)
sendmsg$NL80211_CMD_SET_INTERFACE(0xffffffffffffffff, &(0x7f0000001840)={&(0x7f0000000080), 0xc, &(0x7f0000001800)={&(0x7f00000001c0)=ANY=[@ANYRES64, @ANYRESDEC, @ANYRES32=0x0, @ANYRES32], 0x60}, 0x1, 0x0, 0x0, 0x44090}, 0x0)

[  542.487796][T18318] loop4: detected capacity change from 0 to 16
08:24:03 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000)={0x2})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000001c0)={[0x4, 0x0, 0x0, 0x8, 0x1, 0x0, 0x1002]})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000140))
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000056f000/0x18000)=nil, &(0x7f0000000080)=[@text32={0x20, &(0x7f00000000c0)="66ba4000b0c2ee66bad104b829280000efea0e0000000a00b8050000000f23d80f21f835c00000a00f23f8653e65f30f21c62e0fae2b0f01c2b8060000000f23d00f21f835200000000f23f8c4c3a1cf830000000002d9f7", 0x58}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

08:24:03 executing program 2:
syz_open_procfs(0x0, &(0x7f0000000040)='mounts\x00')
syz_open_procfs(0x0, &(0x7f0000000000)='mountstats\x00')
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000040)={r1})
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000))
ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, &(0x7f00000001c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1003]})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000140)={[{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}]})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000056f000/0x18000)=nil, &(0x7f0000000080)=[@text32={0x20, &(0x7f00000000c0)="66ba4000b0c2ee66bad104b829280000efea0e0000000a00b8050000000f23d80f21f835c00000a00f23f8653e65f30f21c62e0fae2b0f01c2b8060000000f23d00f21f835200000000f23f8c4c3a1cf830000000002d9f7", 0x58}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

08:24:03 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$nvram(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
syz_kvm_setup_cpu$x86(r3, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000000)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0)

08:24:03 executing program 5:
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_user\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x27fffff, 0x40000000011, r3, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)

08:24:04 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000)={0x2})
ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, &(0x7f00000001c0)={[0x4, 0x0, 0x0, 0x8, 0x1, 0x0, 0x1002]})
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)
ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000140))
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000056f000/0x18000)=nil, &(0x7f0000000080)=[@text32={0x20, &(0x7f00000000c0)="66ba4000b0c2ee66bad104b829280000efea0e0000000a00b8050000000f23d80f21f835c00000a00f23f8653e65f30f21c62e0fae2b0f01c2b8060000000f23d00f21f835200000000f23f8c4c3a1cf830000000002d9f7", 0x58}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)

08:24:04 executing program 2:
syz_open_procfs(0x0, &(0x7f0000000040)='mounts\x00')
syz_open_procfs(0x0, &(0x7f0000000000)='mountstats\x00')
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000040)={r1})
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000))
ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, &(0x7f00000001c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1003]})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000140)={[{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}]})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000056f000/0x18000)=nil, &(0x7f0000000080)=[@text32={0x20, &(0x7f00000000c0)="66ba4000b0c2ee66bad104b829280000efea0e0000000a00b8050000000f23d80f21f835c00000a00f23f8653e65f30f21c62e0fae2b0f01c2b8060000000f23d00f21f835200000000f23f8c4c3a1cf830000000002d9f7", 0x58}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

08:24:04 executing program 0:
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x38, 0x5, 0x10, 0x7, 0x5, 0x400, 0x9, 0x8, 0x9, 0xbc}, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x3, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000000000000000000000008000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000380)='rcu_utilization\x00', r1}, 0x10)
r2 = syz_io_uring_setup(0x1dda, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x1e0}, &(0x7f0000335000/0x3000)=nil, &(0x7f0000ee9000/0x4000)=nil, &(0x7f0000000400)=<r3=>0x0, &(0x7f0000000180))
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x40, &(0x7f0000000140)=0x307e, 0x0, 0x4)
io_uring_enter(r2, 0x393c, 0x0, 0x0, 0x0, 0x0)

08:24:04 executing program 1:
timer_create(0x0, &(0x7f0000000140)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000000))
r0 = signalfd(0xffffffffffffffff, &(0x7f00007aeff8)={[0xfffffffffffffffc]}, 0x8)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000b40)={0x11, 0x3, &(0x7f0000000900)=@framed, &(0x7f0000000980)='syzkaller\x00', 0x5, 0xcf, &(0x7f00000009c0)=""/207, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000240)='rcu_utilization\x00', r1}, 0x10)
read(r0, &(0x7f00000017c0)=""/407, 0x197)
timer_settime(0x0, 0x0, &(0x7f0000000080)={{0x77359400}, {0x0, 0x9}}, 0x0)

08:24:04 executing program 5:
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_user\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x27fffff, 0x40000000011, r3, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

08:24:04 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000)={0x2})
ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, &(0x7f00000001c0)={[0x4, 0x0, 0x0, 0x8, 0x1, 0x0, 0x1002]})
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)
ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000140))
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000056f000/0x18000)=nil, &(0x7f0000000080)=[@text32={0x20, &(0x7f00000000c0)="66ba4000b0c2ee66bad104b829280000efea0e0000000a00b8050000000f23d80f21f835c00000a00f23f8653e65f30f21c62e0fae2b0f01c2b8060000000f23d00f21f835200000000f23f8c4c3a1cf830000000002d9f7", 0x58}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)

08:24:04 executing program 2:
syz_open_procfs(0x0, &(0x7f0000000040)='mounts\x00')
syz_open_procfs(0x0, &(0x7f0000000000)='mountstats\x00')
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000040)={r1})
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000))
ioctl$KVM_SET_REGS(r2, 0x4090ae82, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000140)={[{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}]})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000056f000/0x18000)=nil, &(0x7f0000000080)=[@text32={0x20, &(0x7f00000000c0)="66ba4000b0c2ee66bad104b829280000efea0e0000000a00b8050000000f23d80f21f835c00000a00f23f8653e65f30f21c62e0fae2b0f01c2b8060000000f23d00f21f835200000000f23f8c4c3a1cf830000000002d9f7", 0x58}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

08:24:05 executing program 4:
fcntl$F_GET_FILE_RW_HINT(0xffffffffffffffff, 0x40d, 0x0)
r0 = getpid()
sched_setattr(0x0, &(0x7f0000000140)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0)
sched_setattr(r0, &(0x7f0000000240)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0)
sendfile(0xffffffffffffffff, r3, 0x0, 0x400000000001002a)
r4 = syz_mount_image$vfat(&(0x7f0000000400), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
r5 = openat(r4, &(0x7f000000c380)='./file0\x00', 0x84842, 0x0)
write(r5, &(0x7f0000004200)='t', 0xfff4)
sendmsg$NL80211_CMD_SET_INTERFACE(0xffffffffffffffff, &(0x7f0000001840)={&(0x7f0000000080), 0xc, &(0x7f0000001800)={&(0x7f00000001c0)=ANY=[@ANYRES64, @ANYRESDEC, @ANYRES32=0x0, @ANYRES32], 0x60}, 0x1, 0x0, 0x0, 0x44090}, 0x0)

08:24:05 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe6000/0x18000)=nil, &(0x7f00000023c0)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000000c0)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_SET_NESTED_STATE(r2, 0x4080aebf, &(0x7f0000000280)={{0x0, 0x0, 0x80}, "be77f645fa0faab4173328e03e0e9f020bbc798c84be65bf762199e269b6d15af3d542e5a531a895866fbf13910d95e922d6aa84d68924efe5e444b34d9df08a868ae23c677546798d6ec2c17d6e3f87f0d757c2078c9325c641fea9938ba4f20ebb2577f51ba467d973398c7fa94be4e2abd427b7ad4385c63e630090759c2a6c768a973d0b1e7244e494d5925d9d9f40afd544b84d1fdb8de7af279d8700739c11327a76f8bc32743c959d8858b276c211222f40206257be84ddd07b20d8b1de9b5390ba5eaa289c0bfdf6b5636b7acfac5159e2e7759338e06ae00e4b7cf162e45442e3c8395858847e3e28da4ed237027cd849991ab91e6e5dc61b9936de574c3b26a2b0e303386c02ed1bb6a5acaf8a9271e196bc59fb3d7d6a88383d53302680fd8ebd0e75fa67333a6fb9da0333d6f87b3f628136a4b9ec1c2f4cf3d5ec900ec17d48e3f741860d963ec6e629243d06b547374ec3f5a0a8e71cdd67e8f591d68711ba4df1f2fc62d9f54c6f7b8844c8ce569fb7f983a631250e77374780413ab37235afdefb70572e79f35d36406aded61bcf76711aacf325b2ac1f78b4ede1239e36d5d644c7a81cdf6b95a1e3aa6c2f70d889654572d1f88f05e5b2c5f5c37d6570102c2525a9b3fa28a88c83ded573a896239900bd365dc0323d4921c3c96a3dae810479a1ac83b64f0f9b2008eb51832bce90105dab379b3d99f6761d4cf438d92356c563c982938fe83026258aad0a7d9f5eacfa359c68ec271d3ecf9a57d3eec56cb0bcf1bb0adc6c297d6e5b101640d3c5b50bcb54faebed4f850e737b5a2837054bccbecfd1c28e70a967a350d21867ea95b2cdfe55fd3edc6e1f4db06a5e6b77a333af48e92899e074794f3b4687dce6d45cb33433e922b1602e767164dc0e760d14b4c70f304de2cb56ca5ea35719f492480e48b9007e4073a8e02450a93d3932971b32aca283773bbb7974486478d380d8524c0eee27ba19d9c51196494bc3f2c41c1ddc72b0b9d97ca307022baf742cb69b45de669e3224c1eaf4e6ec7bb76f921ad3fd01e1138eda10e945ca95302c1729adf6526041169700a783f767632e99b55eac5e4ebc25b63e11649a31e1dba33445a36b40c7cc7ab6450cb4853c69a9f1eb00d466f6c98f297d3e4882fd4d1a9dff0786cece0dd1b03fd84f982b493349f32e49be255102e7bd1475e25574a992da6907a0e6bce48d4601b51ca05798a0e8b5faa9ed6700902e4626b866b4219e3880277bca07f577def954fdd64e089622ed0eec558759a9b6d3e512b330fa30e31403053a73da1747a7874f5b7a9fde4c0f9f29a27e795e275c9f6c33d9db7f370f148a790811428b2f96566bd0e2b148997e69b0ffe1a81cb04d43ce6a24ea2a9414b930fa1330153cb20aaae484e515393b9ddf9d029806c35d5e956462b7cc7f1c7995006ffeae1f1ba1daf8d43309198bf444ec82c670800d5dacd600924564931014b1e834a38274c6560784572e6d4bf8c4a5a1ee5edb2f4ea5fa9f07b11d3d1d88b993fa662bc04dfb9ffa9e534f1622efd7f823346aa7e0a988f56be531c73f34439df61f9737cca8b93d2c25695138c70c469298c3a114c89a8c3409d4dc18e7bd0158631d0b936823a6dda814ed50f83862058d1ecc19b2e1195c910edb5e7164fbd403de0beb5d7feec901a5a373afa1162be95f0e71e50d479e33494d7c98c1cb2ac886c81610678923685fa9f5fff2584c89130b7d2ac78317e531bb2fcade76520cf8bec450e31eebfa5ae2f78587c572d36d56a69cf3f2cc9e15b77c11877d27e8af0196902d7f94646f0294b4507ae4461397ef21b24a2142f740460e1eb1935cbaccd14f71f21d6fb7144de99154f037cf31e9f30da3c935950c7d1c859096d44b57e7bd37147304b2fe51ab63ca7c4031c1f07913c8a894a6b0573886d7a0a62cd20a0f433e541a43808465eb82af5bb9c819a74bed83cf91aa180442c28b9f4d69dd7e728c7734dd3bd3e277e67e96ab9f09e083c0a6e42fe2bc5dcae9a2deddb7f763e62b0d8adacc00af734bb9e978c160600611c83309468a2f942f5d2c9f7cafc97dae2f542ef33be39952fa70ee3e2ecb3105c1a490db73fcf46a3645de10e1cb335ea604f41d10b723872c26f20a71f44b1301fffd601c6a609e0d195bbcb1203cd23fdb3e3f59fa8ae5a484881c34706bacb6a479fa7c9cc6920613dd6903bf046493bac060f046efc6ce43aafe9a3b735c1cb283714548fdc16a2ce9d9dccd77f3b8037132ec1b1f1d965932a9ec4b20efe1f2212c94511b61799b5bd29be84e47d1c1209af544bb4c4820b4897fe00fd583b8ae5394354d1f2532d0801f202ba31bf01a896ebea5302167cf9b0ed71e793d9572fac48d75724caa57f99ba9db2113f5fa52d19356ed1d0c85bd60805952113e521a01444d6a6a502144691a9d32363284410e967626c720cdb3444a56b1b7043047dbf8e5f1b5177c82a651710eaed591e1d4ac5ffaf85411f7c3c3e58fefb5e0528f74b3f78a0b31de68f1e31415a7a37010be818b886c28cca1bf68db068929bad71bc6b4ae2a4c9f2c9bf98f15164e6ef96ef4121c191e5a94ca431b49c475f02acebc42d2c6026e4f7d595e5677947bf6cc0d6f95d7838f76cfc04492cebaed4374984706465ac83a1acbb55450f5b5e1e4cc00a88c334af44d337089c80167a813f54fa903ec85d8f1d22c443bcdfb3d268a3e57f563b9732cc3f5d8b1fd98a6f44e3b056cbeb65946ec917ef093c3a62757f2b27e6b4873ae7183b5b9a6528a576af69449df90cda4bfad6c54bed67fecc6fdc624183aecb5072002c8dc9d45505901c61489ab31b7d6cde6943f042953df648861b68663291117f3deb74d3f9e9501d9d50b095baaeef21aca82e00203c06ce103cc923e6f02ab481eed2da0a4eedeb827e9d7961f6d972f347c649e706dc0259d697a6a5ea1ba33a6f2c16beed92b58fa290026c728e91f3de285a74e56e968c5d174639a915b5e53d7b1e5566b1a89f09434afb2a2ff1fd00d13e7ce5a3dcb8e628f39a6c6825acd4b7152a777d21485f6360af8b1c62a4a29f2ad98d9c393530187c14b4defdfc8ac12433be7f56a40ce4087eb1f7cf949e4e9b3c612e4953716ab027a36ce839f1d2815c289d08e0e500630c2f54344d6549b9645a4b31648d25f71dc7a43651aa8530ccd0cec2f96a4385b185823111c514b5beb817a98824f301462598f03919ec52c0fdf5a522f3e4b250ded3089e0958bb20e5f936c8ab4fc00316ce483254f6e2abc024835acdba239decc60fcc316cbb5fe85db2e22ecd1259c607b575d836222d7a21f0fccdc6d4f90c487c66dcbe9d17f6af2edc30b57189f009072fa5b46e1f49aa33a6546aea60202c4e77066e2f487b2bd36f3178ea888488ae52fad830868172d8f2b3335db98a83c45e047ba93eb32e08a014d13fb8b9f3b54c16adaac8a95c250051baaa3667343a3df51ab7dccedcf4410482fb24ab337285d4c0d182bf00050c5cd2f8a1f7954fe0ce1c2325dc159445464327f0c463dfdae8c944db603ceab504409be7e3316e679960b63e1935018641f0d30d40fb4f83faa2786e7284b0adf6fe0ae04f61c362be89177aa7a27cd00a1c101deb33fbae04b8b20fceeef601049626954f0436470eb4d344fd53c34eab4fca401bb6aa64c1d1891ca88300ce5f8b9b7badb64a5aa3ce8ea848e288239def4602e4812c66503ccc2a68b734d97b2fe71e321e09275bbc727e4c02ce1a967f2f7c5f02f658c5e449a1c718a535561afbddd05ad28559c6ea8a5d19298eeccee69818b69a833b972128e153306522a3733396e25e3a2175443715b0926ea967609f73e2529fa4b6c346e32543431d11f57f557c71ff6b789d9a78e8039f78c5089586aeba7a584b3d6b753f8633d062b5cca3639eb95885027a1b78a90f79d33e8872b455a21618b76a4afd3d704849b067ab8f968bf528fbdbdfdd34e84163d644e211e32f9b5b91f86fb815890f6e405d7324fd6ff84fea268cf4d613d8b8cc784fd434f317dd77ccaf40d974c43d70ec15306c691ce9782267b20b35c150c1c104adff5437068f7c9dee058c08403024e5ed1f35bf1b6db213af8fd0293b230ddc7a405e1e3e584292cf6d9bd4ca1d0c325ecf37c57134320f79fac3f26874b1d595d0aacb7bf454bc4e15f755c1c7e2d0951d7731d8bf27c8002f611a942d633c9e0203ee9f848de15966e6c993d790bbc26958fdc3ff4e62b971697855ad0980d3cf6cd79c0f2f0d41eab6d2c67e83295afcbee60179e0997ddf9b15002b7fc058afa567034dabc640790aba2419a5ccbce25abccde586373f4e31f3436e5bab2e156b4cd6abaadbd4e991cb4a15cdea2202b13bce716e1df40d6bcc275f14c152ffe6294d2b5a5377a9da546490a0ff9ec3f27a0a6070f1b0d72b75a74ac1e764c4670b9547faa728500233dc410132d800bddd4e81272f1ace1fa8186e1b68e19b23ee611b2c9119b094764fd0720212c14f12f1835596660e08dbaf1a28c2ecb391094e8decb500484a4f9de412781fe084695a243d474471a3d6abd4ac640cfb7da40e0327defce9aa8101a25f7145b55db0510dd090af63fd65f9003693b21b2f3d4775c65707fed78474238d6453592933b2265c3836d0c775b95e9739b3de3856072a5b43c9e3024e8843b2522e92d12aab4a636c68af12722ab38d881f4c97118014db986f3ec966783b93d81d1d70e3ea611482df745256c3ef9c6c949c6afc6929f69d9427ddde81f3f278500c586b3bb736c2fc7713ad92ed13640f4051e72b38568e3f211f75261ee6517de0b980076127d7dc00a1660a11232325f7ac097f46e0ef4493cd7de875d14056419373d887a821672d894d32c810464705e92c9abe32967fead2464c8b2f693f45d07a8160f59ec046019b016ee8b07764278af8c6b22b4cc079f406c0ba898332aa8911b026c75edd02d5a40f8ed9c1a3d39c1893a0affe4b38c77305429562e9d0907179753051cbf13ff936091334fe24a53816d2aa5e2e26993dac3f2c573b0001152ee26b633afd966bfb704054227160bf292bbcc35f78a649bb7f4fe1783a6b10de778519c8a71f1381cc67a779e51ce3097e666d964728d55708e76953826c7659c3647d3f3cedf9f1b45b27f5735bb8d78d874bf73147b738b9c0566a0d2fdcb17f85dc712462e381ba1466d92d903ba24d0cc17ddbeb7bd80b5525d7236a8add54d4eca06fe4cd0d3724403c7ad09f22eb2fcb4181eddde271be821579b7382bbfe36dab5079811e62842da65165c27c181dfed279d5ec12a1c0c13541760c2fe5cce95c6892622229ac24a7211ba43e513077f34342b61611a1ab10b6c51f6e3a06be0716d7d1abc82f5903e32f1e6e3e85789c1b8f140bbe1903b9677ec9655e171bf1f4d27dda003c27d4ef0e043d0def451dbc0f48cb6cb605b1e2d27e9fc9db10c0b571b6805f316b00b581d0d7358f83e14d1b4290e61fc0d0bd97334f31a547350c00877c90bcb591b98986c19d9d477f7dc521ac43d2edf9201ea61c43e6365e795bfb44b0d90ced7b9d34a849dec495d79cae7769c721d7cd17f1503df3d113c49fcb18449ff180d39c94717ae8fcba7ee1d8cf75873098a7a697d5f5d7a6eeef14daf146710ee40c94ff8ea9ff048d108688776fd074e72658d6ea43f42ea03883f70f45c7b86d3eb0bced0f3a60b6da510833728ffdb82af9a34c5fc86e0130861ac66c68b784300", "204b9e1804d636301150775298e6490040d0ecb72371cfe0ccc258d2b4450458b909ae785f60b932863937ed25df0ce2b046ccc47e3501ed7a53e69d95dfb761f3fb81659983876f915b21b4b91270b4607875b751136514bb42b1de575e5ae05e98fd37dde49acb6a8e7f7c592ceb8793d00c84515e9b091fca8056f69ef47c1c91735af04b3077a94a24147489c6bbc3d63a76ba4eb1e6adf014106f4b0117fc6a2b2c84ca9e6c40fade373fd49f657e5e828399868d39d2a9d8cb3f4508e156d31ded826a64d84b19ceb0c13d9566f14866028f00408428bc6b9a27761fb13e70561fa8bb45bf2547baeebd7c99e01c1ebdac09ba75e3f67b2bc6898ca2c8e6c2b09efef1e688c74fe8e214b657d3325725531f9ce71d59532adc69f40e0b821fbd14558133f9fcd9d5ace9150703b5879f74028583dccd4984a9fedf23f1f6b8c501f9a99762079404f109e6d69b025edbf2d3169e44f186eb60e7abf9539cb8013670435420f54b7e485644f5afc2d0581d8404c23bcf2c0bcd6d3a6fbc658721e74546ea52d57f259e841e87f01ace9d7fb10bb4356abffa306d91963914bc144e486f78c048aafe20eae27ff53250de7bed8c4167780c53facfd741b93f53d67a60eba1527701896bcd29a6cc20b9390582421eb0e5dce7a66a94881904dd91c47c59e8b7219adae86ba78b230306829368a56dc908245fc72886c3b18facea659b27466d3c6a85b541f20a012660319f8f4ba0faf0d83d28ac63ae417323a0f75b88235d1a60a29c41f662b34ac40ac19c94f227567860a998f5e4d8f65b930c1a1209ba04cc2406599914e8ed7c98d8095a56fd29920c47c6221bf7e6a076dfc90947af9468d8844731ac3923896f25a8402421e24e1d328e5b9daeb97048b87e3d374874071931ad791c1f03324ba01d463364a5bb1dba7e3b807aec9c333703397a45918c73b443dd46f7b289736662ad833302fa89567e44c3de8e2f87bb5f8758abf6f888ad26bb5ed48a4bd828d8fcf5c01cf7588009c1a6c35e94142950b3bac8fa0af15c2f6071f48cacd84a602e4096a836aa49336cbe878d2e33075d0712adc3e75b9f9bc7ec420f123084eb296119171535c4fa49d460d4444eb309f424ec13be89ff6641caa089da262ff89c0d4b1a86fac91361a7a124a0e4b27de253186e10671d2532d600f6b4089dc690f600363092ad93fb62fbab9e1a96caefe31e4c117420fd1df64e4e0cf4967cb026a003be444278553c2e58e19ec5a6db3921fab8fa0748965e523659e54a3e01190492f9b01811d06b13d8c833454ab5a93af8a9ad27a155d682d8c78f074da17d6ccb7ded5b5f3c30e3afb3c0e4aab6ce797e8142df9a74f486aee74c0bc021c227d802c5f5e79678c45bac331d6ec24ecb404296dc9e90b2c191fc14c53505e92587f43a5eedc56a6408048d9dbb8bee8840a656952cb361f0d76baa20939e6e8ab917e12b76dd812b95e68c90708d7cd81aa18002eea116f4190e49d1f628a509c8fb65f393ef5bcf7d1b9ea289e0532ee5f46e65709e84aaa7a6334c58eaab5c3cced88fa3e9e365ace119a3c40dfe336abbe6d3a09dfd895cdc3daae26ae9d3f68a3a2184ac5f6972ef034f1f9f0d4100a55b8638db0986f362a23b599903909a5a6193fc2c6e54adc965ff5d48bc1ed1b6ff0ab226b9598f70a13ca0a0b2d2cc05f17449bd4cbd224fa75810955011d5a401348c0b75546c1fd86824ced7b0c79cb4d13a3722aef6f7a0cb49f76a372ff133736f04b67bf6a74d5164a227f4865dfd15181e0a9e5dc53317ffb04a7ab1fba87d3b34bd1cee7c6aef4b3ebef183c9fcd4daf091ef1f5f2709a7eb4a648242c408e7d5b10b766e0f648c654d99d0722189c4956474892e379a84b1f09f13ba589423e43b4b0dd267b1d0c976fb64903ea2d22e2612d9dbad91536a986f44986d74578f2cf378dc6505cc26261548a080e11d74fed2cdaa90479f0656fd927f89a0624f4ce943981ffbec2ceb27c7fb6e6ee7df7c2d26d7151f1dadb172a0017787c5d32d6408b6662c8f5348f34e63649206142164f7aa076b2c83bfffe44126ee923f0b9bc917e52308373553cf19e6798ac83ace350be47f445ef0d268c2a4fc67998a5907db42decc63fcfc30df0a4543da178e442aec97060edc209e34849f6beea0e366eccc80b87c1c16f89e5608b96c176ccfaf6014a619b83d72c5a89749cf763fd76c6ae82b6a1322674838ab9e5f9a0db7aa8b7d27db308edb664fc0197756f6709df36d9f6ed678944e18455a8d49434f9a6f223cbf52b6a1ba266a55331ffe7e83fb4130c2f5528626c4e451d8bac1da046dd59249fe41b6c8a36e82346918e0177c876f44101ff9f7721d8fbe1eca04e13ba8db3f5bd01c3661df0d6c8a24d45a246e0ac80aed4178901a71a939da4622592b3a8d87b3ae35370530039d7d413455e9d61656b58a1e63aa9bf1a87d8bcc6605c3167836f82ba01f54934e2d31d7463e1848ee8a2cca55a029d5ed37236dda9f278981cdb330eabc6bfc33a7fee5678c38b8e0a9258fa8ce5cb8abc3320d44dd16098df1bbf9d3e3142ec1838ba81785e37dc97fda2797e3cf6b7d6c367737b4df96a242149bbba7af54da91b404fbf01f4ecfb7ebd97c67de2415b3bca3b5f21deae988733dcb547a17aa38c0b98aba60fbb1d57f9e8f005ae6233e5da68da32c7a2778944a2eacba03e3312fe968fa3be0e2ceb4d8526803e7a8f24618b1003860e424da518c9602cb092c9c6b930b72523bbf615ad8330e337e64ff82eb78d9a2384e86afece8aa9d9cb1b7ab27265261a3cf542e1655792ed66b28d27bf4f02d13e93413bfc5fae7dbec15aac85331ae3d4032679988ffd1c1750447f763ebc9ba8f8ba4521b74563af6ee8a996af3707dd03118c3f0d18d612a5105519310f7b8c5eb4b7e3a0d675374da18314d144b5d5d0ba2735dab4efdf68f70285ce4d35032427e23fe7c59c5844879550417dc93d2221fe0ff82c7e21ebba19c01fefc6f6eeb7078e7557f077ca089246e6f3901e127ca4685c191847ae720ce30d41939239b2835d9cfd126faabc88eb80d409d8ec1cdf6070c55109bdbbb668fd56c6ebd3503986cdf5ade19903a85516f0ed87872f397e6244b0f58c70b8dd0cbc408dd7a87c42d672d31fde7fbc31b3acff4be744b933ec0645f76b52481ba6f50a25a98f89d9989e347b682a459eb38004d0de0a7314f8319b1e0ce5152a4928d7f59769347a7f48af595d028b5012cf5b7fc081cbec3c5ad30801947b5d3f87a242b05691ef3f46f0ba35fa6ee28a966ad42e34ef6192cb6e5de41411df4638c825688abc1c8f1fa7b2eced5ae40a5d35d7cfd981f4dd46a91e8f123187d8e99a947020cdc4cfcb66ee004232ed5badfa694fd943ed59f01433989e5663a77fd2bbcdbfaad5ab482150f22ffa6b1ae9e99134b320c04444c3d5d71e37c6d4faf82b1297d75a520e6e6c5a0d7ab86dea5245a97b16a7690f50e9abd452da33c58974cb63e4711fece83cf1251c6eecc7c9a887b0a881f148b6c8fa3749ef09661488909a2f74e41a4968f5f1d1ebd9a511f5732ea60a18032d68dcf34a5914b1c24275e6c3d331a8c454e4c615dc5f6ce4de1b44fc755da73eef517bca08fa464443eabf4046961625ee82c406e08359b49785a1cbe9822cada3375da9adf55bd50e156a314f10107a3fb880a944fa3a0cdb4be2234c19ab26f8075c6389a0a6062e82050b493a30e617f728b8d0ced0b69da60c6fdadd95ee1c0e656b63ecc72a491e07bce4c3df3761e51bb327a86d55a375e4f5859a8b179a47f4b5b8b85fed0db916e31885d0ad185d6c7e79449e282a5d10a7cf86d0305a2673cd9aa834d130fcb1098c0f69771ae23e2b49cdd3d39be17fcc309a282486bf0e0829a0805a036b0b1e357f03a861857312dab3033f00957ff6f03a35240724bc6adf429090f555aca563ffb5e4b67c75486149f2495971bf653617f29e50d59da32288afeabc768787d2e830c70d5f0dbd8db5e9923b8893f32c4cdc0d8130caefade59d7f5e270f8b5487b69815dd8cec6d3dfa3ca308987f2970ab3e8714cdbae27dc22fa434805c9284b904840a92bc76490c15c6a04df137940d48f7ac6285f858611376f447ebaf11ce4014066d57e5fa579b588e0d795fb0322d1b8606faf9507092be3e320184a5324df47792e8b015ee27ace73b0bc05f3eff2c2a9ee45752df32a85b1ad5679aedbe40ac59511938929e210a409e538c139d1fb93891d2b9908f915b9c556788bb8926b6a96923038a119eb68bcb528a42e97f8fbd49e7d5bb3e51987cca590ea8a18e049f64d8c994d63a707c441e63509f909adf5f7c26d36714bd56307513003f8f85f20c8fea4248627d2f19891baef9b134a8ecb6e3da6232c5b818d7469645038312b6b952f782f28ccd199367a51f750927e5f11ef04cb299dc7ba0c24500134d3a9a0a4f62903ae930f5ba49c39855ffc4aba6cc9d400075f094875db9ebcbcbb35309421d08a928b0216dcbbf718761b01b4d41cf55b0b2bf4c89603a61e5ac2f5bf5236d4bee90617e1b2fdc3a4540db2c89561c1cb9b1e28436013546e654e36fa328097ce8a4baf5a2fd78f9bca617bd4de062dbbc38c7356232b385823b6c604a401f43f5864111eff29045c12b6c622182e097caa5a9945133375b46dc0e268e860dd58b62403c41393f02c7f1d23a1d0daad5d2eb7a085387ea6b81ceb6191d5ffa7f58848996caad4796ee8d9e1bad072455a37d8b64893cb4007f344783afca22db07a2ccb8531c6a9d69bffdf1f949e3fce89f223119595c5b9bfa51893ff36849be61ff02939360a5d5b0e05d22aa3a1f16c27103edeb00c0f763bd4251805ec8d894692cd1636b4b1c96ab613896c17b2fb8a414a91463d54f145e1d49378e726e5921d8cd34aeb176a36701c9b75311806efcf402d4345034d7fd5165857bd2cd07b32a18334a3cf358dadbc8144b806120805a07714d8d0029fe0db7958bbb69b9a216e5945fdf0b892665c0bad2cd822797d5c7223094cd54042c781fba9d7f05a169f390225385d5c055896dc8a620a637a7c73ee77fbf2152fb62af9bcbe01389dd846724fa24ca6088d2bddf9bcae4d9e11f86266e4d87f6b11f3721c30c3f48ddfecb7623802c7e3f595b088473747d25b70bbdf8920924c6bb9e202e6d54e340a469e8ecf66b49dda0036a7d071492742593c2e02bd7bd703774f2ac8c45dbfa1f8ce4c205a05064362bf2819e80bd406367a86ece3f5d54b43029b3f7fcc2378c5e33e8de66fa5f3c4974310c3ac4d2ab1234b1fea14d71512c578dfab154a74dc66c8a5ff983a41e02c57c58cd9c3a77d22f15f8a6abe41de51ce4a92151ee25c6f2c4feb0453b4f86fb4c7e19063b871ff6458b2ad51b992df6b16de3a5a2f5935c85d5a8709d82943c645f6199e76b38d718b86945638d92daa15aeb9beaa53028a425c6ee90dbd58b57f4a748ec0037fca725812aaac8e201d5121c06c9d3bfcbe799b9fa28440fceec78a5d39a112626bd0f9e530cb5573083e6b3b0ce5ef60e85ea643331d45663f309d75d36c88ed56abbac74672daa72c2f180ab5d117d2ab17db9e36a807bcaa62a07aa5486d39d63f64d23f03e58f6fa346b39005cde05121ecc2146ae982d02532a2deb90d8b9cfd32ff03a5294933292fb3d58760bc81a72df0e602b9b4b7e407bc542924e9763fe0d4bd5346ccb9e10b1ea7dade31d4bbc9"})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000001c0)=[@text32={0x20, &(0x7f0000000180)="660fc730660f5fd8cd010f01df64845ae4660fde160f01d0b9034d564bb800700000ba000000000f300f786d08b9800000c00f3235000800000f30", 0x3b}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

08:24:05 executing program 1:
syz_mount_image$btrfs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0xa, &(0x7f0000000200)=[{&(0x7f0000010000)="e62a2dceb43780cb000000000000000000000000000000000000000000000000cdbfac4fc9184e3f9b627be6b63688a0000001000000000001000000000000005f42485266535f4d07000000000000000040d3010000000000405001000000000000000000000000000000000000000000000008000000000030020000000000060000000000000001000000000000000010000000400000004000000010000081000000050000000000000000000000000000000000000000000000e10100000000000001000000000100000000000000000000080000000000008005000000000010000000100000001000000000000000000000000000000000000000000000000000000000000000006c7ed2bf85974c6295dd17018e", 0x118, 0x10000}, {&(0x7f0000010200)='\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\a\x00\x00\x00\x00\x00\x00\x00\a', 0x14, 0x10220}, {&(0x7f0000010300)="00000000000000000000000001000000000000e40000500100000000000080000000000002000000000000000000010000000000220000000000000000000100000001000010000002000100010000000000000000005001000000006c7ed2bf85974c6295dd17018ed3d3dc01000000000000000000d001000000006c7ed2bf85974c6295dd17018ed3d3dc000000010000000000220000000000000000000100000001000010000002000100010000000000000000005001000000006c7ed2bf85974c6295dd17018ed3d3dc01000000000000000000d001000000006c7ed2bf85974c6295dd17018ed3d3dc", 0xed, 0x10320}, {&(0x7f0000010400)="00000000000000000000000040d2010000000005000000000000000040500100000000050000000000000000c0d1010000000005000000000000000000d0010000000004000000000000000000d2010000000005000000000000000000d10100000000040000000000000000000008000000000000020000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c0d2010000000006000000000000000040500100000000050000000000000000c0d0010000000006000000000000000080d2010000000006000000000000000000d3010000000006000000000000000080d0010000000006000000000000000000000800000000003002000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040d301000000000700000000000000004050010000000005000000000000000080d3010000000007000000000000000080d2010000000006000000000000000000d3010000000006000000000000000080d0010000000006000000000000000000000800000000003002000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040d001000000000400000000000000000050010000000004000000000000000080d0010000000004000000000000000000d00100000000040000000000000000c0d0010000000004000000000000000000d1010000000004000000000000000000000800000000000002000000000001", 0x274, 0x10b20}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}], 0x0, &(0x7f0000020400)=ANY=[@ANYBLOB=' '])

08:24:05 executing program 5:
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_user\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x27fffff, 0x40000000011, r3, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

08:24:05 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000)={0x2})
ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, &(0x7f00000001c0)={[0x4, 0x0, 0x0, 0x8, 0x1, 0x0, 0x1002]})
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)
ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000140))
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000056f000/0x18000)=nil, &(0x7f0000000080)=[@text32={0x20, &(0x7f00000000c0)="66ba4000b0c2ee66bad104b829280000efea0e0000000a00b8050000000f23d80f21f835c00000a00f23f8653e65f30f21c62e0fae2b0f01c2b8060000000f23d00f21f835200000000f23f8c4c3a1cf830000000002d9f7", 0x58}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)

08:24:05 executing program 2:
syz_open_procfs(0x0, &(0x7f0000000040)='mounts\x00')
syz_open_procfs(0x0, &(0x7f0000000000)='mountstats\x00')
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000040)={r1})
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000))
ioctl$KVM_SET_REGS(r2, 0x4090ae82, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000140)={[{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}]})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000056f000/0x18000)=nil, &(0x7f0000000080)=[@text32={0x20, &(0x7f00000000c0)="66ba4000b0c2ee66bad104b829280000efea0e0000000a00b8050000000f23d80f21f835c00000a00f23f8653e65f30f21c62e0fae2b0f01c2b8060000000f23d00f21f835200000000f23f8c4c3a1cf830000000002d9f7", 0x58}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  545.154171][T18428] loop1: detected capacity change from 0 to 267
08:24:06 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000)={0x2})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000001c0)={[0x4, 0x0, 0x0, 0x8, 0x1, 0x0, 0x1002]})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000140))
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000056f000/0x18000)=nil, &(0x7f0000000080)=[@text32={0x20, &(0x7f00000000c0)="66ba4000b0c2ee66bad104b829280000efea0e0000000a00b8050000000f23d80f21f835c00000a00f23f8653e65f30f21c62e0fae2b0f01c2b8060000000f23d00f21f835200000000f23f8c4c3a1cf830000000002d9f7", 0x58}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  545.272726][T18428] BTRFS: device fsid cdbfac4f-c918-4e3f-9b62-7be6b63688a0 devid 1 transid 7 /dev/loop1 scanned by syz-executor.1 (18428)
08:24:06 executing program 2:
syz_open_procfs(0x0, &(0x7f0000000040)='mounts\x00')
syz_open_procfs(0x0, &(0x7f0000000000)='mountstats\x00')
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000040)={r1})
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000))
ioctl$KVM_SET_REGS(r2, 0x4090ae82, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000140)={[{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}]})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000056f000/0x18000)=nil, &(0x7f0000000080)=[@text32={0x20, &(0x7f00000000c0)="66ba4000b0c2ee66bad104b829280000efea0e0000000a00b8050000000f23d80f21f835c00000a00f23f8653e65f30f21c62e0fae2b0f01c2b8060000000f23d00f21f835200000000f23f8c4c3a1cf830000000002d9f7", 0x58}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

08:24:06 executing program 0:
perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x69, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_mount_image$affs(&(0x7f0000000000), &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x1880, &(0x7f0000000100))

[  545.393014][T18447] loop4: detected capacity change from 0 to 16
[  545.440230][T18428] BTRFS error (device loop1): superblock checksum mismatch
[  545.481159][   T26] audit: type=1800 audit(1632817446.358:70): pid=18447 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.4" name="file0" dev="loop4" ino=36 res=0 errno=0
[  545.589873][T18428] BTRFS error (device loop1): open_ctree failed
08:24:06 executing program 2:
syz_open_procfs(0x0, &(0x7f0000000040)='mounts\x00')
syz_open_procfs(0x0, &(0x7f0000000000)='mountstats\x00')
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000040)={r1})
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000))
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000001c0))
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000140)={[{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}]})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000056f000/0x18000)=nil, &(0x7f0000000080)=[@text32={0x20, &(0x7f00000000c0)="66ba4000b0c2ee66bad104b829280000efea0e0000000a00b8050000000f23d80f21f835c00000a00f23f8653e65f30f21c62e0fae2b0f01c2b8060000000f23d00f21f835200000000f23f8c4c3a1cf830000000002d9f7", 0x58}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

08:24:06 executing program 0:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
setsockopt$packet_int(r1, 0x107, 0x10000000000f, &(0x7f0000006ffc)=0x40000008, 0x4)
r2 = socket(0x10, 0x3, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x10, 0x803, 0x0)
sendmsg$BATADV_CMD_GET_MESH(r4, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0}}, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000380)=ANY=[@ANYBLOB="3c0000001000010400eeffffffffffffff000000", @ANYRES32=r5, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000500)=ANY=[@ANYBLOB="5c00000024000b0e00"/20, @ANYRES32=r5, @ANYBLOB="00000000ffffffff000000010a0001006e6574656d0000002c0002000000000009ebff00001a000000000000fdff00ff68e30000040005800c000400ebffffff"], 0x5c}}, 0x0)
bind$packet(r0, &(0x7f0000000040)={0x11, 0x0, r5, 0x1, 0x0, 0x6, @remote}, 0x14)
sendto$inet6(r0, &(0x7f0000000300)="0503d032aaf93e0400a00000c513f7c25975e697b02f08066b2b2ff0dac8897c6b11876d886b143a301817ccd51cc5471d130a6632a88161b6fd8f24286a57c3fe257c3314a3974bb654697f", 0xfdfa, 0x0, 0x0, 0xc8)

[  545.713885][T18428] loop1: detected capacity change from 0 to 267
[  545.785344][T18428] BTRFS error (device loop1): superblock checksum mismatch
[  545.858875][T18473] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.0'.
[  545.896938][T18428] BTRFS error (device loop1): open_ctree failed
[  546.006263][T18483] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.0'.
08:24:06 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_GET_REGS(r2, 0x8090ae81, &(0x7f0000000840))

08:24:08 executing program 4:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r0 = getpid()
sched_setattr(0x0, &(0x7f0000000140)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0)
sched_setattr(r0, &(0x7f0000000240)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0)
sendfile(0xffffffffffffffff, r3, 0x0, 0x400000000001002a)
r4 = syz_mount_image$vfat(&(0x7f0000000400), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
r5 = openat(r4, &(0x7f000000c380)='./file0\x00', 0x84842, 0x0)
write(r5, &(0x7f0000004200)='t', 0xfff4)
sendmsg$NL80211_CMD_SET_INTERFACE(0xffffffffffffffff, &(0x7f0000001840)={&(0x7f0000000080), 0xc, &(0x7f0000001800)={&(0x7f00000001c0)=ANY=[@ANYRES64, @ANYRESDEC, @ANYRES32=0x0, @ANYRES32], 0x60}, 0x1, 0x0, 0x0, 0x44090}, 0x0)

08:24:08 executing program 2:
syz_open_procfs(0x0, &(0x7f0000000040)='mounts\x00')
syz_open_procfs(0x0, &(0x7f0000000000)='mountstats\x00')
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000040)={r1})
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000))
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000001c0))
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000140)={[{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}]})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000056f000/0x18000)=nil, &(0x7f0000000080)=[@text32={0x20, &(0x7f00000000c0)="66ba4000b0c2ee66bad104b829280000efea0e0000000a00b8050000000f23d80f21f835c00000a00f23f8653e65f30f21c62e0fae2b0f01c2b8060000000f23d00f21f835200000000f23f8c4c3a1cf830000000002d9f7", 0x58}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

08:24:08 executing program 0:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sched_setattr(0x0, &(0x7f0000000140)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0)
sched_setattr(0x0, 0x0, 0x0)
connect$unix(0xffffffffffffffff, 0x0, 0x0)
sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0)
syz_mount_image$ufs(&(0x7f0000000000), &(0x7f00000001c0)='./file0\x00', 0x7ff, 0x2, &(0x7f0000000240)=[{&(0x7f00000002c0)="8fad1181df81666951e01f20280927f9067f77058a4bc8eeddcc49a0e6d5f898a03837a4c8b79c57d52289f51da4e12d1cd6a6454dc12cd19dc8ab82447a2e933a173e20b16f718eb8e8b188808d9ee22b9f2959cff72403018cb626640c3b1d111a93c25cf95e76b12dbc1bf62fdeed6fe21cf3e66c5a74f1b1db859c7aa02dc877d3ce35a8d259c24f74dde7f828769d0405d0ab9ab58e17695d6aa2622de862cbb67a028ef43b61b22b34cf38d013401a3e2e5101eb", 0xb7, 0x75ee46d7}, {&(0x7f0000000380)="38ff754228ef2e62d7912c1d0494c72099c5afe68b31a99b12021c3d546fb0cf534a3edce689dccb074b2461cd6a2a6afa803b546e6e70c55ee858d84bbb322f333ae435b9d9a63080bfc454b8cf22cd5c9cea4f41c20ea3b5ece2565ef7fdce4422db7baca9da89155cbbeb51064807f5b09b2c91d496ff4af8e7ca5e59d0c2ae6e0ad2c231c5c59b8d7ff9960c291e8e61a69e327e5b6bc2bd99a83e1f8ff3c9d6f949633420b36d7bb54640f51e9a3a8b400ac4f545898b08ae597ddc6e67eb710bd96527be56e515bf4b773c45985c0516535b41b53360c0514a82555096851a31b500d131304eb9878c2de7869c330247b147be373b7f7a5c", 0xfb, 0x400}], 0x45811, 0x0)
pivot_root(0x0, &(0x7f0000000080)='./file0\x00')
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f0000000040), 0xc, &(0x7f00000000c0)={&(0x7f0000000180)=@bridge_setlink={0x30, 0x13, 0x0, 0x0, 0x0, {0x7, 0x0, 0x0, 0x0, 0x0, 0xc000}, [@IFLA_MTU={0x8}, @IFLA_CARRIER={0x5, 0x21, 0x60}]}, 0x30}}, 0x48041)

08:24:08 executing program 5:
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_user\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x27fffff, 0x40000000011, r3, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

08:24:08 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000)={0x2})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000001c0)={[0x4, 0x0, 0x0, 0x8, 0x1, 0x0, 0x1002]})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000140))
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000056f000/0x18000)=nil, &(0x7f0000000080)=[@text32={0x20, &(0x7f00000000c0)="66ba4000b0c2ee66bad104b829280000efea0e0000000a00b8050000000f23d80f21f835c00000a00f23f8653e65f30f21c62e0fae2b0f01c2b8060000000f23d00f21f835200000000f23f8c4c3a1cf830000000002d9f7", 0x58}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

08:24:08 executing program 1:
r0 = socket$rds(0x15, 0x5, 0x0)
bind$rds(r0, &(0x7f0000000840)={0x2, 0x0, @loopback}, 0x10)
sendmsg$rds(r0, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0)

[  547.501844][T18508] loop0: detected capacity change from 0 to 264192
08:24:08 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000)={0x2})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000001c0)={[0x4, 0x0, 0x0, 0x8, 0x1, 0x0, 0x1002]})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000140))
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000056f000/0x18000)=nil, &(0x7f0000000080)=[@text32={0x20, &(0x7f00000000c0)="66ba4000b0c2ee66bad104b829280000efea0e0000000a00b8050000000f23d80f21f835c00000a00f23f8653e65f30f21c62e0fae2b0f01c2b8060000000f23d00f21f835200000000f23f8c4c3a1cf830000000002d9f7", 0x58}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  547.844581][T18543] loop4: detected capacity change from 0 to 16
[  547.961151][   T26] audit: type=1800 audit(1632817448.768:71): pid=18543 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.4" name="file0" dev="loop4" ino=37 res=0 errno=0
08:24:09 executing program 1:
r0 = open(&(0x7f0000000080)='./bus\x00', 0x141042, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r1 = getpid()
sched_setattr(0x0, &(0x7f0000000140)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0)
sched_setattr(r1, &(0x7f0000000240)={0x38, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x3345, 0x0, 0x1000}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './bus\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040))
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, 0x0, &(0x7f0000cab000))
setresgid(0xee00, 0x0, 0x0)
setfsgid(0x0)
r4 = open(&(0x7f0000000100)='./bus\x00', 0x6e842, 0x0)
ptrace$cont(0x18, 0x0, 0x0, 0x0)
ptrace$setregs(0xd, 0x0, 0x0, &(0x7f0000000080))
pwritev2(r4, &(0x7f0000000240)=[{&(0x7f0000000000)="85", 0x300000}], 0x1, 0x4200, 0x0, 0x3)

08:24:09 executing program 5:
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_user\x00', 0x275a, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)

08:24:09 executing program 4:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r0 = getpid()
sched_setattr(0x0, &(0x7f0000000140)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0)
sched_setattr(r0, &(0x7f0000000240)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0)
sendfile(0xffffffffffffffff, r3, 0x0, 0x400000000001002a)
r4 = syz_mount_image$vfat(&(0x7f0000000400), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
r5 = openat(r4, &(0x7f000000c380)='./file0\x00', 0x84842, 0x0)
write(r5, &(0x7f0000004200)='t', 0xfff4)
sendmsg$NL80211_CMD_SET_INTERFACE(0xffffffffffffffff, &(0x7f0000001840)={&(0x7f0000000080), 0xc, &(0x7f0000001800)={&(0x7f00000001c0)=ANY=[@ANYRES64, @ANYRESDEC, @ANYRES32=0x0, @ANYRES32], 0x60}, 0x1, 0x0, 0x0, 0x44090}, 0x0)

08:24:09 executing program 2:
syz_open_procfs(0x0, &(0x7f0000000040)='mounts\x00')
syz_open_procfs(0x0, &(0x7f0000000000)='mountstats\x00')
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000040)={r1})
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000))
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000001c0))
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000140)={[{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}]})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000056f000/0x18000)=nil, &(0x7f0000000080)=[@text32={0x20, &(0x7f00000000c0)="66ba4000b0c2ee66bad104b829280000efea0e0000000a00b8050000000f23d80f21f835c00000a00f23f8653e65f30f21c62e0fae2b0f01c2b8060000000f23d00f21f835200000000f23f8c4c3a1cf830000000002d9f7", 0x58}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

08:24:09 executing program 0:
r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000300)=ANY=[@ANYBLOB="120100004bfee908e60f00985d19fd1f00010902120001000000000904"], 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, &(0x7f0000000740)={0xfffffde3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000540)={0x40, 0x13, 0x58, @link_local}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0)

[  549.973189][T18573] loop4: detected capacity change from 0 to 16
[  550.016535][ T1051] usb 1-1: new high-speed USB device number 10 using dummy_hcd
08:24:11 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe6000/0x18000)=nil, &(0x7f0000000040)=[@text16={0x10, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_SET_LAPIC(r2, 0xc008ae88, &(0x7f0000000640)={"06000000dd245c848b040000c9c8dc1964325fa96fa42b76400101c02bec0ba41f010a003a40c8a4840000403b00041f01ffff80003c5ca2c2000000ee377abaece6b88378e3d63a03000040361d264ffa8b46485f02baee010100c04252066178868d1ef4b5365c5dc26ca097ddda7c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df10000174a3ac8694525a7e8c499a573577736800000000000008f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde318ead4825aa006a832d309fcda5bb5a6baa41d614f6c8941bee805954a62d196a4e8d4bf6b21224b57f530d0000c1ff53bf79a1f5c5dc34b2262d66ae793b6304a30b97077f1c131045cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478fbe65449b404923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f58e068af6afbbc19db161c6df1e7c9c71bc08a282fc2c142856b5e69aff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684364673dcfa9235ea5a2ff23c4bb5c5acb2e8976dcac779ff000000000000003d185afe28b774b99d38c90937428617de4cdd6f53c419ce31054182fd898af706f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e9605ab8c3c43840abd17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba16f70f558b2246ad95ccf7d3f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a800655d127de6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3efb254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f47692613e28387e955722908dd88b56163be8312ff47c5b6f070072975af74e97a5a8110a4d74496f4c8ec82ddb56d9b962d2fc43fa01a047666865c84f7cff36056cc4ac258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe07a69c46bffb7e7603970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8fdcda85ce975ec1381b1cec6ddaa76e186719d819164300"})

08:24:11 executing program 4:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r0 = getpid()
sched_setattr(0x0, &(0x7f0000000140)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0)
sched_setattr(r0, &(0x7f0000000240)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0)
sendfile(0xffffffffffffffff, r3, 0x0, 0x400000000001002a)
r4 = syz_mount_image$vfat(&(0x7f0000000400), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
r5 = openat(r4, &(0x7f000000c380)='./file0\x00', 0x84842, 0x0)
write(r5, &(0x7f0000004200)='t', 0xfff4)
sendmsg$NL80211_CMD_SET_INTERFACE(0xffffffffffffffff, &(0x7f0000001840)={&(0x7f0000000080), 0xc, &(0x7f0000001800)={&(0x7f00000001c0)=ANY=[@ANYRES64, @ANYRESDEC, @ANYRES32=0x0, @ANYRES32], 0x60}, 0x1, 0x0, 0x0, 0x44090}, 0x0)

08:24:11 executing program 3:
openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60)
r0 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_PIT2(0xffffffffffffffff, 0x4040ae77, &(0x7f0000000000)={0x2})
ioctl$KVM_SET_REGS(r0, 0x4090ae82, &(0x7f00000001c0)={[0x4, 0x0, 0x0, 0x8, 0x1, 0x0, 0x1002]})
ioctl$KVM_RUN(r0, 0xae80, 0x0)
ioctl$KVM_SET_PIT(0xffffffffffffffff, 0x8048ae66, &(0x7f0000000140))
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000056f000/0x18000)=nil, &(0x7f0000000080)=[@text32={0x20, &(0x7f00000000c0)="66ba4000b0c2ee66bad104b829280000efea0e0000000a00b8050000000f23d80f21f835c00000a00f23f8653e65f30f21c62e0fae2b0f01c2b8060000000f23d00f21f835200000000f23f8c4c3a1cf830000000002d9f7", 0x58}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r0, 0xae80, 0x0)

08:24:11 executing program 2:
syz_open_procfs(0x0, &(0x7f0000000040)='mounts\x00')
syz_open_procfs(0x0, &(0x7f0000000000)='mountstats\x00')
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000040)={r1})
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000))
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000001c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1003]})
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)
ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000140)={[{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}]})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000056f000/0x18000)=nil, &(0x7f0000000080)=[@text32={0x20, &(0x7f00000000c0)="66ba4000b0c2ee66bad104b829280000efea0e0000000a00b8050000000f23d80f21f835c00000a00f23f8653e65f30f21c62e0fae2b0f01c2b8060000000f23d00f21f835200000000f23f8c4c3a1cf830000000002d9f7", 0x58}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

08:24:11 executing program 5:
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_user\x00', 0x275a, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)

[  550.676980][ T1051] usb 1-1: Using ep0 maxpacket: 8
[  550.807042][T18607] loop4: detected capacity change from 0 to 16
[  550.947067][   T26] audit: type=1800 audit(1632817451.768:72): pid=18607 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.4" name="file0" dev="loop4" ino=38 res=0 errno=0
[  551.076912][ T1051] usb 1-1: New USB device found, idVendor=0fe6, idProduct=9800, bcdDevice=19.5d
[  551.350429][ T1051] usb 1-1: New USB device strings: Mfr=253, Product=31, SerialNumber=0
08:24:12 executing program 4:
prlimit64(0x0, 0x0, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r0 = getpid()
sched_setattr(0x0, &(0x7f0000000140)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0)
sched_setattr(r0, &(0x7f0000000240)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0)
sendfile(0xffffffffffffffff, r3, 0x0, 0x400000000001002a)
r4 = syz_mount_image$vfat(&(0x7f0000000400), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
r5 = openat(r4, &(0x7f000000c380)='./file0\x00', 0x84842, 0x0)
write(r5, &(0x7f0000004200)='t', 0xfff4)
sendmsg$NL80211_CMD_SET_INTERFACE(0xffffffffffffffff, &(0x7f0000001840)={&(0x7f0000000080), 0xc, &(0x7f0000001800)={&(0x7f00000001c0)=ANY=[@ANYRES64, @ANYRESDEC, @ANYRES32=0x0, @ANYRES32], 0x60}, 0x1, 0x0, 0x0, 0x44090}, 0x0)

[  551.570751][ T1051] usb 1-1: Product: syz
[  551.584987][ T1051] usb 1-1: Manufacturer: syz
08:24:12 executing program 3:
openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60)
r0 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_PIT2(0xffffffffffffffff, 0x4040ae77, &(0x7f0000000000)={0x2})
ioctl$KVM_SET_REGS(r0, 0x4090ae82, &(0x7f00000001c0)={[0x4, 0x0, 0x0, 0x8, 0x1, 0x0, 0x1002]})
ioctl$KVM_RUN(r0, 0xae80, 0x0)
ioctl$KVM_SET_PIT(0xffffffffffffffff, 0x8048ae66, &(0x7f0000000140))
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000056f000/0x18000)=nil, &(0x7f0000000080)=[@text32={0x20, &(0x7f00000000c0)="66ba4000b0c2ee66bad104b829280000efea0e0000000a00b8050000000f23d80f21f835c00000a00f23f8653e65f30f21c62e0fae2b0f01c2b8060000000f23d00f21f835200000000f23f8c4c3a1cf830000000002d9f7", 0x58}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r0, 0xae80, 0x0)

[  551.615926][ T1051] usb 1-1: config 0 descriptor??
08:24:12 executing program 1:
r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0)
lseek(0xffffffffffffffff, 0x0, 0x0)
ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040))
perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = creat(&(0x7f0000000140)='./bus\x00', 0x0)
io_setup(0x1, &(0x7f0000000180)=<r2=>0x0)
io_submit(r2, 0x45, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x400000000000, 0x0, 0x1, 0x0, r1, &(0x7f0000000000), 0x377140be6b5ef4c7}])
fallocate(r0, 0x3, 0x0, 0x100000fe)

08:24:12 executing program 2:
syz_open_procfs(0x0, &(0x7f0000000040)='mounts\x00')
syz_open_procfs(0x0, &(0x7f0000000000)='mountstats\x00')
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000040)={r1})
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000))
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000001c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1003]})
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)
ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000140)={[{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}]})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000056f000/0x18000)=nil, &(0x7f0000000080)=[@text32={0x20, &(0x7f00000000c0)="66ba4000b0c2ee66bad104b829280000efea0e0000000a00b8050000000f23d80f21f835c00000a00f23f8653e65f30f21c62e0fae2b0f01c2b8060000000f23d00f21f835200000000f23f8c4c3a1cf830000000002d9f7", 0x58}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

08:24:12 executing program 3:
openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60)
r0 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_PIT2(0xffffffffffffffff, 0x4040ae77, &(0x7f0000000000)={0x2})
ioctl$KVM_SET_REGS(r0, 0x4090ae82, &(0x7f00000001c0)={[0x4, 0x0, 0x0, 0x8, 0x1, 0x0, 0x1002]})
ioctl$KVM_RUN(r0, 0xae80, 0x0)
ioctl$KVM_SET_PIT(0xffffffffffffffff, 0x8048ae66, &(0x7f0000000140))
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000056f000/0x18000)=nil, &(0x7f0000000080)=[@text32={0x20, &(0x7f00000000c0)="66ba4000b0c2ee66bad104b829280000efea0e0000000a00b8050000000f23d80f21f835c00000a00f23f8653e65f30f21c62e0fae2b0f01c2b8060000000f23d00f21f835200000000f23f8c4c3a1cf830000000002d9f7", 0x58}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r0, 0xae80, 0x0)

08:24:12 executing program 5:
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_user\x00', 0x275a, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)

[  551.876486][T18638] loop4: detected capacity change from 0 to 16
[  551.967891][   T26] audit: type=1800 audit(1632817452.838:73): pid=18638 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.4" name="file0" dev="loop4" ino=39 res=0 errno=0
[  552.336165][ T1051] CoreChips 1-1:0.0 (unnamed net_device) (uninitialized): sr_get_phy_addr : Error reading PHYID register:ffffffe0
[  552.646226][ T1051] CoreChips 1-1:0.0 (unnamed net_device) (uninitialized): Failed to send software reset:ffffffb9
[  552.682111][ T1051] CoreChips 1-1:0.0 (unnamed net_device) (uninitialized): Failed to power down PHY : -71
[  552.754316][ T1051] CoreChips: probe of 1-1:0.0 failed with error -71
[  552.810196][ T1051] usb 1-1: USB disconnect, device number 10
[  553.428369][ T1051] usb 1-1: new high-speed USB device number 11 using dummy_hcd
[  553.706053][ T1051] usb 1-1: Using ep0 maxpacket: 8
[  553.985879][ T1051] usb 1-1: New USB device found, idVendor=0fe6, idProduct=9800, bcdDevice=19.5d
[  553.994960][ T1051] usb 1-1: New USB device strings: Mfr=253, Product=31, SerialNumber=0
[  554.063501][ T1051] usb 1-1: Product: syz
[  554.080570][ T1051] usb 1-1: Manufacturer: syz
[  554.116211][ T1051] usb 1-1: config 0 descriptor??
08:24:15 executing program 0:
r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000300)=ANY=[@ANYBLOB="120100004bfee908e60f00985d19fd1f00010902120001000000000904"], 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, &(0x7f0000000740)={0xfffffde3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000540)={0x40, 0x13, 0x58, @link_local}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0)

08:24:15 executing program 2:
syz_open_procfs(0x0, &(0x7f0000000040)='mounts\x00')
syz_open_procfs(0x0, &(0x7f0000000000)='mountstats\x00')
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000040)={r1})
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000))
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000001c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1003]})
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)
ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000140)={[{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}]})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000056f000/0x18000)=nil, &(0x7f0000000080)=[@text32={0x20, &(0x7f00000000c0)="66ba4000b0c2ee66bad104b829280000efea0e0000000a00b8050000000f23d80f21f835c00000a00f23f8653e65f30f21c62e0fae2b0f01c2b8060000000f23d00f21f835200000000f23f8c4c3a1cf830000000002d9f7", 0x58}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

08:24:15 executing program 3:
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r0, 0xae60)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r0, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_PIT2(r0, 0x4040ae77, &(0x7f0000000000)={0x2})
ioctl$KVM_SET_REGS(r1, 0x4090ae82, &(0x7f00000001c0)={[0x4, 0x0, 0x0, 0x8, 0x1, 0x0, 0x1002]})
ioctl$KVM_RUN(r1, 0xae80, 0x0)
ioctl$KVM_SET_PIT(r0, 0x8048ae66, &(0x7f0000000140))
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000056f000/0x18000)=nil, &(0x7f0000000080)=[@text32={0x20, &(0x7f00000000c0)="66ba4000b0c2ee66bad104b829280000efea0e0000000a00b8050000000f23d80f21f835c00000a00f23f8653e65f30f21c62e0fae2b0f01c2b8060000000f23d00f21f835200000000f23f8c4c3a1cf830000000002d9f7", 0x58}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r1, 0xae80, 0x0)

08:24:15 executing program 5:
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x27fffff, 0x40000000011, 0xffffffffffffffff, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)

08:24:15 executing program 1:
syz_mount_image$btrfs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="503c0ec0bdef41d3f80df38ac553327fc6654f8e599e60c2efa9afa646801f47012c7619053f456280762fb4bda4e12e000001", 0x33, 0x10000}], 0x0, &(0x7f0000016b00))

[  554.218750][ T1051] usb 1-1: can't set config #0, error -71
[  554.258025][ T1051] usb 1-1: USB disconnect, device number 11
[  554.283170][T18694] loop1: detected capacity change from 0 to 256
08:24:15 executing program 3:
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r0, 0xae60)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r0, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_PIT2(r0, 0x4040ae77, &(0x7f0000000000)={0x2})
ioctl$KVM_SET_REGS(r1, 0x4090ae82, &(0x7f00000001c0)={[0x4, 0x0, 0x0, 0x8, 0x1, 0x0, 0x1002]})
ioctl$KVM_RUN(r1, 0xae80, 0x0)
ioctl$KVM_SET_PIT(r0, 0x8048ae66, &(0x7f0000000140))
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000056f000/0x18000)=nil, &(0x7f0000000080)=[@text32={0x20, &(0x7f00000000c0)="66ba4000b0c2ee66bad104b829280000efea0e0000000a00b8050000000f23d80f21f835c00000a00f23f8653e65f30f21c62e0fae2b0f01c2b8060000000f23d00f21f835200000000f23f8c4c3a1cf830000000002d9f7", 0x58}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r1, 0xae80, 0x0)

[  554.427617][T18694] loop1: detected capacity change from 0 to 256
[  554.505943][ T6216] Bluetooth: hci2: command 0x0406 tx timeout
08:24:15 executing program 4:
prlimit64(0x0, 0x0, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r0 = getpid()
sched_setattr(0x0, &(0x7f0000000140)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0)
sched_setattr(r0, &(0x7f0000000240)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0)
sendfile(0xffffffffffffffff, r3, 0x0, 0x400000000001002a)
r4 = syz_mount_image$vfat(&(0x7f0000000400), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
r5 = openat(r4, &(0x7f000000c380)='./file0\x00', 0x84842, 0x0)
write(r5, &(0x7f0000004200)='t', 0xfff4)
sendmsg$NL80211_CMD_SET_INTERFACE(0xffffffffffffffff, &(0x7f0000001840)={&(0x7f0000000080), 0xc, &(0x7f0000001800)={&(0x7f00000001c0)=ANY=[@ANYRES64, @ANYRESDEC, @ANYRES32=0x0, @ANYRES32], 0x60}, 0x1, 0x0, 0x0, 0x44090}, 0x0)

08:24:15 executing program 2:
syz_open_procfs(0x0, &(0x7f0000000040)='mounts\x00')
syz_open_procfs(0x0, &(0x7f0000000000)='mountstats\x00')
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000040)={r1})
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000))
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000001c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1003]})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_PIT(0xffffffffffffffff, 0x8048ae66, &(0x7f0000000140)={[{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}]})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000056f000/0x18000)=nil, &(0x7f0000000080)=[@text32={0x20, &(0x7f00000000c0)="66ba4000b0c2ee66bad104b829280000efea0e0000000a00b8050000000f23d80f21f835c00000a00f23f8653e65f30f21c62e0fae2b0f01c2b8060000000f23d00f21f835200000000f23f8c4c3a1cf830000000002d9f7", 0x58}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

08:24:15 executing program 3:
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r0, 0xae60)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r0, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_PIT2(r0, 0x4040ae77, &(0x7f0000000000)={0x2})
ioctl$KVM_SET_REGS(r1, 0x4090ae82, &(0x7f00000001c0)={[0x4, 0x0, 0x0, 0x8, 0x1, 0x0, 0x1002]})
ioctl$KVM_RUN(r1, 0xae80, 0x0)
ioctl$KVM_SET_PIT(r0, 0x8048ae66, &(0x7f0000000140))
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000056f000/0x18000)=nil, &(0x7f0000000080)=[@text32={0x20, &(0x7f00000000c0)="66ba4000b0c2ee66bad104b829280000efea0e0000000a00b8050000000f23d80f21f835c00000a00f23f8653e65f30f21c62e0fae2b0f01c2b8060000000f23d00f21f835200000000f23f8c4c3a1cf830000000002d9f7", 0x58}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r1, 0xae80, 0x0)

08:24:15 executing program 1:
syz_mount_image$gfs2(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f00000003c0), 0x0, &(0x7f0000000480)={[{@norecovery}]})

08:24:15 executing program 5:
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x27fffff, 0x40000000011, 0xffffffffffffffff, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)

08:24:15 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000)={0x2})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000001c0)={[0x4, 0x0, 0x0, 0x8, 0x1, 0x0, 0x1002]})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000140))
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000056f000/0x18000)=nil, &(0x7f0000000080)=[@text32={0x20, &(0x7f00000000c0)="66ba4000b0c2ee66bad104b829280000efea0e0000000a00b8050000000f23d80f21f835c00000a00f23f8653e65f30f21c62e0fae2b0f01c2b8060000000f23d00f21f835200000000f23f8c4c3a1cf830000000002d9f7", 0x58}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  554.767299][T18725] gfs2: not a GFS2 filesystem
[  554.785866][ T1051] usb 1-1: new high-speed USB device number 12 using dummy_hcd
[  554.824860][T18725] gfs2: not a GFS2 filesystem
[  554.996296][T18750] loop4: detected capacity change from 0 to 16
[  555.065905][ T1051] usb 1-1: Using ep0 maxpacket: 8
[  555.346084][ T1051] usb 1-1: New USB device found, idVendor=0fe6, idProduct=9800, bcdDevice=19.5d
[  555.362388][ T1051] usb 1-1: New USB device strings: Mfr=253, Product=31, SerialNumber=0
[  555.394994][ T1051] usb 1-1: Product: syz
[  555.406288][ T1051] usb 1-1: Manufacturer: syz
[  555.427660][ T1051] usb 1-1: config 0 descriptor??
[  556.145859][ T1051] CoreChips 1-1:0.0 (unnamed net_device) (uninitialized): sr_get_phy_addr : Error reading PHYID register:ffffffe0
[  556.412989][ T1051] CoreChips 1-1:0.0 (unnamed net_device) (uninitialized): Failed to send software reset:ffffffb9
[  556.429308][ T1051] CoreChips 1-1:0.0 (unnamed net_device) (uninitialized): Failed to power down PHY : -71
[  556.470959][ T1051] CoreChips: probe of 1-1:0.0 failed with error -71
[  556.493438][ T1051] usb 1-1: USB disconnect, device number 12
08:24:17 executing program 5:
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x27fffff, 0x40000000011, 0xffffffffffffffff, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)

08:24:17 executing program 1:
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000100)={0x1f, 0x3, &(0x7f00000001c0)=@framed, &(0x7f0000000180)='syzkaller\x00', 0x2, 0xe5, &(0x7f0000000000)=""/229, 0x0, 0x11, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78)
close(r0)

08:24:17 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000)={0x2})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000001c0)={[0x4, 0x0, 0x0, 0x8, 0x1, 0x0, 0x1002]})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000140))
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000056f000/0x18000)=nil, &(0x7f0000000080)=[@text32={0x20, &(0x7f00000000c0)="66ba4000b0c2ee66bad104b829280000efea0e0000000a00b8050000000f23d80f21f835c00000a00f23f8653e65f30f21c62e0fae2b0f01c2b8060000000f23d00f21f835200000000f23f8c4c3a1cf830000000002d9f7", 0x58}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

08:24:17 executing program 0:
r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000300)=ANY=[@ANYBLOB="120100004bfee908e60f00985d19fd1f00010902120001000000000904"], 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, &(0x7f0000000740)={0xfffffde3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000540)={0x40, 0x13, 0x58, @link_local}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0)

08:24:17 executing program 2:
syz_open_procfs(0x0, &(0x7f0000000040)='mounts\x00')
syz_open_procfs(0x0, &(0x7f0000000000)='mountstats\x00')
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000040)={r1})
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000))
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000001c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1003]})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_PIT(0xffffffffffffffff, 0x8048ae66, &(0x7f0000000140)={[{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}]})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000056f000/0x18000)=nil, &(0x7f0000000080)=[@text32={0x20, &(0x7f00000000c0)="66ba4000b0c2ee66bad104b829280000efea0e0000000a00b8050000000f23d80f21f835c00000a00f23f8653e65f30f21c62e0fae2b0f01c2b8060000000f23d00f21f835200000000f23f8c4c3a1cf830000000002d9f7", 0x58}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

08:24:17 executing program 4:
prlimit64(0x0, 0x0, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r0 = getpid()
sched_setattr(0x0, &(0x7f0000000140)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0)
sched_setattr(r0, &(0x7f0000000240)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0)
sendfile(0xffffffffffffffff, r3, 0x0, 0x400000000001002a)
r4 = syz_mount_image$vfat(&(0x7f0000000400), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
r5 = openat(r4, &(0x7f000000c380)='./file0\x00', 0x84842, 0x0)
write(r5, &(0x7f0000004200)='t', 0xfff4)
sendmsg$NL80211_CMD_SET_INTERFACE(0xffffffffffffffff, &(0x7f0000001840)={&(0x7f0000000080), 0xc, &(0x7f0000001800)={&(0x7f00000001c0)=ANY=[@ANYRES64, @ANYRESDEC, @ANYRES32=0x0, @ANYRES32], 0x60}, 0x1, 0x0, 0x0, 0x44090}, 0x0)

08:24:17 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000)={0x2})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000001c0)={[0x4, 0x0, 0x0, 0x8, 0x1, 0x0, 0x1002]})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000140))
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000056f000/0x18000)=nil, &(0x7f0000000080)=[@text32={0x20, &(0x7f00000000c0)="66ba4000b0c2ee66bad104b829280000efea0e0000000a00b8050000000f23d80f21f835c00000a00f23f8653e65f30f21c62e0fae2b0f01c2b8060000000f23d00f21f835200000000f23f8c4c3a1cf830000000002d9f7", 0x58}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  557.144272][T18795] loop4: detected capacity change from 0 to 16
08:24:18 executing program 1:
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000500)=@newlink={0x3c, 0x10, 0x401, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @ipvlan={{0xb}, {0x4}}}, @IFLA_LINK={0x8}]}, 0x3c}}, 0x0)

[  557.227878][   T26] audit: type=1800 audit(1632817458.099:74): pid=18795 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.4" name="file0" dev="loop4" ino=40 res=0 errno=0
08:24:18 executing program 5:
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_user\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x27fffff, 0x40000000011, r3, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)

08:24:18 executing program 3:
openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r0, 0xae60)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r0, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_PIT2(r0, 0x4040ae77, &(0x7f0000000000)={0x2})
ioctl$KVM_SET_REGS(r1, 0x4090ae82, &(0x7f00000001c0)={[0x4, 0x0, 0x0, 0x8, 0x1, 0x0, 0x1002]})
ioctl$KVM_RUN(r1, 0xae80, 0x0)
ioctl$KVM_SET_PIT(r0, 0x8048ae66, &(0x7f0000000140))
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000056f000/0x18000)=nil, &(0x7f0000000080)=[@text32={0x20, &(0x7f00000000c0)="66ba4000b0c2ee66bad104b829280000efea0e0000000a00b8050000000f23d80f21f835c00000a00f23f8653e65f30f21c62e0fae2b0f01c2b8060000000f23d00f21f835200000000f23f8c4c3a1cf830000000002d9f7", 0x58}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r1, 0xae80, 0x0)

[  557.315911][ T8385] usb 1-1: new high-speed USB device number 13 using dummy_hcd
08:24:18 executing program 1:
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = dup(r0)
setns(r1, 0x0)

08:24:18 executing program 3:
openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r0, 0xae60)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r0, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_PIT2(r0, 0x4040ae77, &(0x7f0000000000)={0x2})
ioctl$KVM_SET_REGS(r1, 0x4090ae82, &(0x7f00000001c0)={[0x4, 0x0, 0x0, 0x8, 0x1, 0x0, 0x1002]})
ioctl$KVM_RUN(r1, 0xae80, 0x0)
ioctl$KVM_SET_PIT(r0, 0x8048ae66, &(0x7f0000000140))
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000056f000/0x18000)=nil, &(0x7f0000000080)=[@text32={0x20, &(0x7f00000000c0)="66ba4000b0c2ee66bad104b829280000efea0e0000000a00b8050000000f23d80f21f835c00000a00f23f8653e65f30f21c62e0fae2b0f01c2b8060000000f23d00f21f835200000000f23f8c4c3a1cf830000000002d9f7", 0x58}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r1, 0xae80, 0x0)

[  557.586863][ T8385] usb 1-1: Using ep0 maxpacket: 8
08:24:18 executing program 1:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
setrlimit(0xb, &(0x7f0000000040)={0x0, 0x3})
r0 = getpid()
sched_setattr(0x0, &(0x7f0000000140)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0)
sched_setattr(r0, &(0x7f0000000240)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = memfd_create(&(0x7f0000000240)='\xb9\xecm1\xc1\xf8\xa6\x8d\xc1\xe2zMN\xc0\x17\xce/\xcd\xa2\xba \x00\x97\xac#*\xff1\x1d\xf6e\xe1\xcb\xaf#\xe5}Fi\xef\xbd\x0f \xe7f@\x19\xc4p\xa4\xc5\x13\x88y\x1e\xe7eNf\x02\xbd\xaf^\xee\b\x15\x86r\xdf\xde\xe9m\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00', 0x0)
write$FUSE_NOTIFY_STORE(r3, &(0x7f0000000800)=ANY=[], 0x2c)
sendfile(r3, r3, &(0x7f0000001000), 0xffff)

08:24:18 executing program 5:
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_user\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x27fffff, 0x40000000011, r3, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)

08:24:18 executing program 3:
openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r0, 0xae60)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r0, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_PIT2(r0, 0x4040ae77, &(0x7f0000000000)={0x2})
ioctl$KVM_SET_REGS(r1, 0x4090ae82, &(0x7f00000001c0)={[0x4, 0x0, 0x0, 0x8, 0x1, 0x0, 0x1002]})
ioctl$KVM_RUN(r1, 0xae80, 0x0)
ioctl$KVM_SET_PIT(r0, 0x8048ae66, &(0x7f0000000140))
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000056f000/0x18000)=nil, &(0x7f0000000080)=[@text32={0x20, &(0x7f00000000c0)="66ba4000b0c2ee66bad104b829280000efea0e0000000a00b8050000000f23d80f21f835c00000a00f23f8653e65f30f21c62e0fae2b0f01c2b8060000000f23d00f21f835200000000f23f8c4c3a1cf830000000002d9f7", 0x58}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r1, 0xae80, 0x0)

[  557.836100][ T8385] usb 1-1: New USB device found, idVendor=0fe6, idProduct=9800, bcdDevice=19.5d
[  557.848716][ T8385] usb 1-1: New USB device strings: Mfr=253, Product=31, SerialNumber=0
[  557.894031][ T8385] usb 1-1: Product: syz
[  558.716894][ T8385] usb 1-1: Manufacturer: syz
[  558.770236][ T8385] usb 1-1: config 0 descriptor??
[  559.475732][ T8385] CoreChips 1-1:0.0 (unnamed net_device) (uninitialized): sr_get_phy_addr : Error reading PHYID register:ffffffe0
[  559.755662][ T8385] CoreChips 1-1:0.0 (unnamed net_device) (uninitialized): Failed to send software reset:ffffffb9
[  559.773429][ T8385] CoreChips 1-1:0.0 (unnamed net_device) (uninitialized): Failed to power down PHY : -71
[  559.809853][ T8385] CoreChips: probe of 1-1:0.0 failed with error -71
[  559.823507][ T8385] usb 1-1: USB disconnect, device number 13
08:24:21 executing program 0:
r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000300)=ANY=[@ANYBLOB="120100004bfee908e60f00985d19fd1f00010902120001000000000904"], 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, &(0x7f0000000740)={0xfffffde3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000540)={0x40, 0x13, 0x58, @link_local}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0)

08:24:21 executing program 2:
syz_open_procfs(0x0, &(0x7f0000000040)='mounts\x00')
syz_open_procfs(0x0, &(0x7f0000000000)='mountstats\x00')
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000040)={r1})
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000))
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000001c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1003]})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_PIT(0xffffffffffffffff, 0x8048ae66, &(0x7f0000000140)={[{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}]})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000056f000/0x18000)=nil, &(0x7f0000000080)=[@text32={0x20, &(0x7f00000000c0)="66ba4000b0c2ee66bad104b829280000efea0e0000000a00b8050000000f23d80f21f835c00000a00f23f8653e65f30f21c62e0fae2b0f01c2b8060000000f23d00f21f835200000000f23f8c4c3a1cf830000000002d9f7", 0x58}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

08:24:21 executing program 1:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
setrlimit(0xb, &(0x7f0000000040)={0x0, 0x3})
r0 = getpid()
sched_setattr(0x0, &(0x7f0000000140)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0)
sched_setattr(r0, &(0x7f0000000240)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = memfd_create(&(0x7f0000000240)='\xb9\xecm1\xc1\xf8\xa6\x8d\xc1\xe2zMN\xc0\x17\xce/\xcd\xa2\xba \x00\x97\xac#*\xff1\x1d\xf6e\xe1\xcb\xaf#\xe5}Fi\xef\xbd\x0f \xe7f@\x19\xc4p\xa4\xc5\x13\x88y\x1e\xe7eNf\x02\xbd\xaf^\xee\b\x15\x86r\xdf\xde\xe9m\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00', 0x0)
write$FUSE_NOTIFY_STORE(r3, &(0x7f0000000800)=ANY=[], 0x2c)
sendfile(r3, r3, &(0x7f0000001000), 0xffff)

08:24:21 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000)={0x2})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000001c0)={[0x4, 0x0, 0x0, 0x8, 0x1, 0x0, 0x1002]})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000140))
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000056f000/0x18000)=nil, &(0x7f0000000080)=[@text32={0x20, &(0x7f00000000c0)="66ba4000b0c2ee66bad104b829280000efea0e0000000a00b8050000000f23d80f21f835c00000a00f23f8653e65f30f21c62e0fae2b0f01c2b8060000000f23d00f21f835200000000f23f8c4c3a1cf830000000002d9f7", 0x58}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

08:24:21 executing program 5:
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_user\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x27fffff, 0x40000000011, r3, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)

08:24:21 executing program 4:
prlimit64(0x0, 0xe, 0x0, 0x0)
r0 = getpid()
sched_setattr(0x0, &(0x7f0000000140)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0)
sched_setattr(r0, &(0x7f0000000240)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0)
sendfile(0xffffffffffffffff, r3, 0x0, 0x400000000001002a)
r4 = syz_mount_image$vfat(&(0x7f0000000400), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
r5 = openat(r4, &(0x7f000000c380)='./file0\x00', 0x84842, 0x0)
write(r5, &(0x7f0000004200)='t', 0xfff4)
sendmsg$NL80211_CMD_SET_INTERFACE(0xffffffffffffffff, &(0x7f0000001840)={&(0x7f0000000080), 0xc, &(0x7f0000001800)={&(0x7f00000001c0)=ANY=[@ANYRES64, @ANYRESDEC, @ANYRES32=0x0, @ANYRES32], 0x60}, 0x1, 0x0, 0x0, 0x44090}, 0x0)

[  561.090307][ T1051] usb 1-1: new high-speed USB device number 14 using dummy_hcd
08:24:22 executing program 1:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
setrlimit(0xb, &(0x7f0000000040)={0x0, 0x3})
r0 = getpid()
sched_setattr(0x0, &(0x7f0000000140)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0)
sched_setattr(r0, &(0x7f0000000240)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = memfd_create(&(0x7f0000000240)='\xb9\xecm1\xc1\xf8\xa6\x8d\xc1\xe2zMN\xc0\x17\xce/\xcd\xa2\xba \x00\x97\xac#*\xff1\x1d\xf6e\xe1\xcb\xaf#\xe5}Fi\xef\xbd\x0f \xe7f@\x19\xc4p\xa4\xc5\x13\x88y\x1e\xe7eNf\x02\xbd\xaf^\xee\b\x15\x86r\xdf\xde\xe9m\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00', 0x0)
write$FUSE_NOTIFY_STORE(r3, &(0x7f0000000800)=ANY=[], 0x2c)
sendfile(r3, r3, &(0x7f0000001000), 0xffff)

[  561.350404][T18895] FAT-fs (loop4): bogus number of reserved sectors
[  561.411181][T18895] FAT-fs (loop4): Can't find a valid FAT filesystem
08:24:22 executing program 5:
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_user\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x27fffff, 0x40000000011, r3, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)

08:24:23 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000)={0x2})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000001c0)={[0x4, 0x0, 0x0, 0x8, 0x1, 0x0, 0x1002]})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000140))
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000056f000/0x18000)=nil, &(0x7f0000000080)=[@text32={0x20, &(0x7f00000000c0)="66ba4000b0c2ee66bad104b829280000efea0e0000000a00b8050000000f23d80f21f835c00000a00f23f8653e65f30f21c62e0fae2b0f01c2b8060000000f23d00f21f835200000000f23f8c4c3a1cf830000000002d9f7", 0x58}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

08:24:23 executing program 1:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
setrlimit(0xb, &(0x7f0000000040)={0x0, 0x3})
r0 = getpid()
sched_setattr(0x0, &(0x7f0000000140)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0)
sched_setattr(r0, &(0x7f0000000240)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = memfd_create(&(0x7f0000000240)='\xb9\xecm1\xc1\xf8\xa6\x8d\xc1\xe2zMN\xc0\x17\xce/\xcd\xa2\xba \x00\x97\xac#*\xff1\x1d\xf6e\xe1\xcb\xaf#\xe5}Fi\xef\xbd\x0f \xe7f@\x19\xc4p\xa4\xc5\x13\x88y\x1e\xe7eNf\x02\xbd\xaf^\xee\b\x15\x86r\xdf\xde\xe9m\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00', 0x0)
write$FUSE_NOTIFY_STORE(r3, &(0x7f0000000800)=ANY=[], 0x2c)
sendfile(r3, r3, &(0x7f0000001000), 0xffff)

08:24:23 executing program 2:
syz_open_procfs(0x0, &(0x7f0000000040)='mounts\x00')
syz_open_procfs(0x0, &(0x7f0000000000)='mountstats\x00')
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000040)={r1})
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000))
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000001c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1003]})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_PIT(r1, 0x8048ae66, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000056f000/0x18000)=nil, &(0x7f0000000080)=[@text32={0x20, &(0x7f00000000c0)="66ba4000b0c2ee66bad104b829280000efea0e0000000a00b8050000000f23d80f21f835c00000a00f23f8653e65f30f21c62e0fae2b0f01c2b8060000000f23d00f21f835200000000f23f8c4c3a1cf830000000002d9f7", 0x58}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  562.409523][ T1051] usb 1-1: Using ep0 maxpacket: 8
08:24:23 executing program 5:
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_user\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x27fffff, 0x40000000011, r3, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)

[  563.052708][ T1358] ieee802154 phy0 wpan0: encryption failed: -22
[  563.095613][ T1358] ieee802154 phy1 wpan1: encryption failed: -22
[  563.137371][ T1051] usb 1-1: New USB device found, idVendor=0fe6, idProduct=9800, bcdDevice=19.5d
[  563.425950][ T1051] usb 1-1: New USB device strings: Mfr=253, Product=31, SerialNumber=0
[  563.446559][ T1051] usb 1-1: Product: syz
[  563.462652][ T1051] usb 1-1: Manufacturer: syz
08:24:24 executing program 0:
r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000300)=ANY=[@ANYBLOB="120100004bfee908e60f00985d19fd1f00010902120001000000000904"], 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, &(0x7f0000000740)={0xfffffde3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000540)={0x40, 0x13, 0x58, @link_local}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$hid(r0, 0x0, 0x0)

08:24:24 executing program 1:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
setrlimit(0xb, &(0x7f0000000040)={0x0, 0x3})
r0 = getpid()
sched_setattr(0x0, &(0x7f0000000140)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0)
sched_setattr(r0, &(0x7f0000000240)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = memfd_create(&(0x7f0000000240)='\xb9\xecm1\xc1\xf8\xa6\x8d\xc1\xe2zMN\xc0\x17\xce/\xcd\xa2\xba \x00\x97\xac#*\xff1\x1d\xf6e\xe1\xcb\xaf#\xe5}Fi\xef\xbd\x0f \xe7f@\x19\xc4p\xa4\xc5\x13\x88y\x1e\xe7eNf\x02\xbd\xaf^\xee\b\x15\x86r\xdf\xde\xe9m\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00', 0x0)
sendfile(r3, r3, &(0x7f0000001000), 0xffff)

[  563.528580][ T1051] usb 1-1: config 0 descriptor??
08:24:24 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000)={0x2})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000001c0)={[0x4, 0x0, 0x0, 0x8, 0x1, 0x0, 0x1002]})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000140))
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000056f000/0x18000)=nil, &(0x7f0000000080)=[@text32={0x20, &(0x7f00000000c0)="66ba4000b0c2ee66bad104b829280000efea0e0000000a00b8050000000f23d80f21f835c00000a00f23f8653e65f30f21c62e0fae2b0f01c2b8060000000f23d00f21f835200000000f23f8c4c3a1cf830000000002d9f7", 0x58}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  563.585801][ T1051] usb 1-1: can't set config #0, error -71
[  563.621943][ T1051] usb 1-1: USB disconnect, device number 14
08:24:25 executing program 2:
syz_open_procfs(0x0, &(0x7f0000000040)='mounts\x00')
syz_open_procfs(0x0, &(0x7f0000000000)='mountstats\x00')
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000040)={r1})
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000))
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000001c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1003]})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_PIT(r1, 0x8048ae66, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000056f000/0x18000)=nil, &(0x7f0000000080)=[@text32={0x20, &(0x7f00000000c0)="66ba4000b0c2ee66bad104b829280000efea0e0000000a00b8050000000f23d80f21f835c00000a00f23f8653e65f30f21c62e0fae2b0f01c2b8060000000f23d00f21f835200000000f23f8c4c3a1cf830000000002d9f7", 0x58}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

08:24:25 executing program 1:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
setrlimit(0xb, &(0x7f0000000040)={0x0, 0x3})
r0 = getpid()
sched_setattr(0x0, &(0x7f0000000140)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0)
sched_setattr(r0, &(0x7f0000000240)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = memfd_create(&(0x7f0000000240)='\xb9\xecm1\xc1\xf8\xa6\x8d\xc1\xe2zMN\xc0\x17\xce/\xcd\xa2\xba \x00\x97\xac#*\xff1\x1d\xf6e\xe1\xcb\xaf#\xe5}Fi\xef\xbd\x0f \xe7f@\x19\xc4p\xa4\xc5\x13\x88y\x1e\xe7eNf\x02\xbd\xaf^\xee\b\x15\x86r\xdf\xde\xe9m\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00', 0x0)
sendfile(r3, r3, &(0x7f0000001000), 0xffff)

[  564.845517][ T1051] usb 1-1: new high-speed USB device number 15 using dummy_hcd
[  565.215504][ T1051] usb 1-1: Using ep0 maxpacket: 8
[  565.496102][ T1051] usb 1-1: New USB device found, idVendor=0fe6, idProduct=9800, bcdDevice=19.5d
[  565.531945][ T1051] usb 1-1: New USB device strings: Mfr=253, Product=31, SerialNumber=0
[  565.542270][ T1051] usb 1-1: Product: syz
[  565.574944][ T1051] usb 1-1: Manufacturer: syz
[  565.592361][ T1051] usb 1-1: config 0 descriptor??
08:24:26 executing program 4:
prlimit64(0x0, 0xe, 0x0, 0x0)
r0 = getpid()
sched_setattr(0x0, &(0x7f0000000140)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0)
sched_setattr(r0, &(0x7f0000000240)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0)
sendfile(0xffffffffffffffff, r3, 0x0, 0x400000000001002a)
r4 = syz_mount_image$vfat(&(0x7f0000000400), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
r5 = openat(r4, &(0x7f000000c380)='./file0\x00', 0x84842, 0x0)
write(r5, &(0x7f0000004200)='t', 0xfff4)
sendmsg$NL80211_CMD_SET_INTERFACE(0xffffffffffffffff, &(0x7f0000001840)={&(0x7f0000000080), 0xc, &(0x7f0000001800)={&(0x7f00000001c0)=ANY=[@ANYRES64, @ANYRESDEC, @ANYRES32=0x0, @ANYRES32], 0x60}, 0x1, 0x0, 0x0, 0x44090}, 0x0)

08:24:26 executing program 5:
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_user\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x27fffff, 0x40000000011, r3, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)

08:24:26 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000)={0x2})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000001c0)={[0x4, 0x0, 0x0, 0x8, 0x1, 0x0, 0x1002]})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000140))
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000056f000/0x18000)=nil, &(0x7f0000000080)=[@text32={0x20, &(0x7f00000000c0)="66ba4000b0c2ee66bad104b829280000efea0e0000000a00b8050000000f23d80f21f835c00000a00f23f8653e65f30f21c62e0fae2b0f01c2b8060000000f23d00f21f835200000000f23f8c4c3a1cf830000000002d9f7", 0x58}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

08:24:26 executing program 1:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
setrlimit(0xb, &(0x7f0000000040)={0x0, 0x3})
r0 = getpid()
sched_setattr(0x0, &(0x7f0000000140)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0)
sched_setattr(r0, &(0x7f0000000240)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = memfd_create(&(0x7f0000000240)='\xb9\xecm1\xc1\xf8\xa6\x8d\xc1\xe2zMN\xc0\x17\xce/\xcd\xa2\xba \x00\x97\xac#*\xff1\x1d\xf6e\xe1\xcb\xaf#\xe5}Fi\xef\xbd\x0f \xe7f@\x19\xc4p\xa4\xc5\x13\x88y\x1e\xe7eNf\x02\xbd\xaf^\xee\b\x15\x86r\xdf\xde\xe9m\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00', 0x0)
sendfile(r3, r3, &(0x7f0000001000), 0xffff)

08:24:26 executing program 2:
syz_open_procfs(0x0, &(0x7f0000000040)='mounts\x00')
syz_open_procfs(0x0, &(0x7f0000000000)='mountstats\x00')
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000040)={r1})
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000))
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000001c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1003]})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_PIT(r1, 0x8048ae66, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000056f000/0x18000)=nil, &(0x7f0000000080)=[@text32={0x20, &(0x7f00000000c0)="66ba4000b0c2ee66bad104b829280000efea0e0000000a00b8050000000f23d80f21f835c00000a00f23f8653e65f30f21c62e0fae2b0f01c2b8060000000f23d00f21f835200000000f23f8c4c3a1cf830000000002d9f7", 0x58}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  566.325364][ T1051] CoreChips 1-1:0.0 (unnamed net_device) (uninitialized): sr_get_phy_addr : Error reading PHYID register:ffffffe0
08:24:27 executing program 1:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
setrlimit(0xb, &(0x7f0000000040)={0x0, 0x3})
r0 = getpid()
sched_setattr(0x0, &(0x7f0000000140)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0)
sched_setattr(r0, &(0x7f0000000240)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
write$FUSE_NOTIFY_STORE(0xffffffffffffffff, &(0x7f0000000800)=ANY=[], 0x2c)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000001000), 0xffff)

08:24:27 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000)={0x2})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000001c0)={[0x4, 0x0, 0x0, 0x8, 0x1, 0x0, 0x1002]})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000140))
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000056f000/0x18000)=nil, &(0x7f0000000080)=[@text32={0x20, &(0x7f00000000c0)="66ba4000b0c2ee66bad104b829280000efea0e0000000a00b8050000000f23d80f21f835c00000a00f23f8653e65f30f21c62e0fae2b0f01c2b8060000000f23d00f21f835200000000f23f8c4c3a1cf830000000002d9f7", 0x58}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  566.947390][ T1051] CoreChips: probe of 1-1:0.0 failed with error -71
08:24:27 executing program 0:
r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000300)=ANY=[@ANYBLOB="120100004bfee908e60f00985d19fd1f00010902120001000000000904"], 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, &(0x7f0000000740)={0xfffffde3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000540)={0x40, 0x13, 0x58, @link_local}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$hid(r0, 0x0, 0x0)

[  567.024375][ T1051] usb 1-1: USB disconnect, device number 15
[  567.526315][T19038] loop4: detected capacity change from 0 to 16
[  567.775147][ T1051] usb 1-1: new high-speed USB device number 16 using dummy_hcd
08:24:28 executing program 1:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
setrlimit(0xb, &(0x7f0000000040)={0x0, 0x3})
r0 = getpid()
sched_setattr(0x0, &(0x7f0000000140)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0)
sched_setattr(r0, &(0x7f0000000240)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
write$FUSE_NOTIFY_STORE(0xffffffffffffffff, &(0x7f0000000800)=ANY=[], 0x2c)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000001000), 0xffff)

08:24:28 executing program 5:
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_user\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x27fffff, 0x40000000011, r2, 0x0)
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, 0xffffffffffffffff, 0x0)

08:24:28 executing program 2:
syz_open_procfs(0x0, &(0x7f0000000040)='mounts\x00')
syz_open_procfs(0x0, &(0x7f0000000000)='mountstats\x00')
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000040)={r1})
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000))
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000001c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1003]})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000140))
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000056f000/0x18000)=nil, &(0x7f0000000080)=[@text32={0x20, &(0x7f00000000c0)="66ba4000b0c2ee66bad104b829280000efea0e0000000a00b8050000000f23d80f21f835c00000a00f23f8653e65f30f21c62e0fae2b0f01c2b8060000000f23d00f21f835200000000f23f8c4c3a1cf830000000002d9f7", 0x58}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  568.185826][ T1051] usb 1-1: Using ep0 maxpacket: 8
[  568.546536][ T1051] usb 1-1: New USB device found, idVendor=0fe6, idProduct=9800, bcdDevice=19.5d
08:24:29 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000)={0x2})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000001c0)={[0x4, 0x0, 0x0, 0x8, 0x1, 0x0, 0x1002]})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000140))
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000056f000/0x18000)=nil, &(0x7f0000000080)=[@text32={0x20, &(0x7f00000000c0)="66ba4000b0c2ee66bad104b829280000efea0e0000000a00b8050000000f23d80f21f835c00000a00f23f8653e65f30f21c62e0fae2b0f01c2b8060000000f23d00f21f835200000000f23f8c4c3a1cf830000000002d9f7", 0x58}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  568.821244][ T1051] usb 1-1: New USB device strings: Mfr=253, Product=31, SerialNumber=0
[  568.855290][ T1051] usb 1-1: Product: syz
[  568.885355][ T1051] usb 1-1: Manufacturer: syz
[  568.912986][ T1051] usb 1-1: config 0 descriptor??
[  569.644926][ T1051] CoreChips 1-1:0.0 (unnamed net_device) (uninitialized): sr_get_phy_addr : Error reading PHYID register:ffffffb9
[  569.686244][ T1051] CoreChips: probe of 1-1:0.0 failed with error -71
[  569.698780][ T1051] usb 1-1: USB disconnect, device number 16
08:24:30 executing program 4:
prlimit64(0x0, 0xe, 0x0, 0x0)
r0 = getpid()
sched_setattr(0x0, &(0x7f0000000140)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0)
sched_setattr(r0, &(0x7f0000000240)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0)
sendfile(0xffffffffffffffff, r3, 0x0, 0x400000000001002a)
r4 = syz_mount_image$vfat(&(0x7f0000000400), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
r5 = openat(r4, &(0x7f000000c380)='./file0\x00', 0x84842, 0x0)
write(r5, &(0x7f0000004200)='t', 0xfff4)
sendmsg$NL80211_CMD_SET_INTERFACE(0xffffffffffffffff, &(0x7f0000001840)={&(0x7f0000000080), 0xc, &(0x7f0000001800)={&(0x7f00000001c0)=ANY=[@ANYRES64, @ANYRESDEC, @ANYRES32=0x0, @ANYRES32], 0x60}, 0x1, 0x0, 0x0, 0x44090}, 0x0)

08:24:30 executing program 1:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
setrlimit(0xb, &(0x7f0000000040)={0x0, 0x3})
r0 = getpid()
sched_setattr(0x0, &(0x7f0000000140)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0)
sched_setattr(r0, &(0x7f0000000240)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
write$FUSE_NOTIFY_STORE(0xffffffffffffffff, &(0x7f0000000800)=ANY=[], 0x2c)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000001000), 0xffff)

08:24:30 executing program 5:
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_user\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x27fffff, 0x40000000011, r2, 0x0)
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, 0xffffffffffffffff, 0x0)

08:24:30 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000)={0x2})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000001c0)={[0x4, 0x0, 0x0, 0x8, 0x1, 0x0, 0x1002]})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000140))
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000056f000/0x18000)=nil, &(0x7f0000000080)=[@text32={0x20, &(0x7f00000000c0)="66ba4000b0c2ee66bad104b829280000efea0e0000000a00b8050000000f23d80f21f835c00000a00f23f8653e65f30f21c62e0fae2b0f01c2b8060000000f23d00f21f835200000000f23f8c4c3a1cf830000000002d9f7", 0x58}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

08:24:30 executing program 2:
syz_open_procfs(0x0, &(0x7f0000000040)='mounts\x00')
syz_open_procfs(0x0, &(0x7f0000000000)='mountstats\x00')
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000040)={r1})
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000))
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000001c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1003]})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000140))
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000056f000/0x18000)=nil, &(0x7f0000000080)=[@text32={0x20, &(0x7f00000000c0)="66ba4000b0c2ee66bad104b829280000efea0e0000000a00b8050000000f23d80f21f835c00000a00f23f8653e65f30f21c62e0fae2b0f01c2b8060000000f23d00f21f835200000000f23f8c4c3a1cf830000000002d9f7", 0x58}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

08:24:31 executing program 1:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
setrlimit(0xb, &(0x7f0000000040)={0x0, 0x3})
r0 = getpid()
sched_setattr(0x0, &(0x7f0000000140)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0)
sched_setattr(r0, &(0x7f0000000240)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
r3 = memfd_create(&(0x7f0000000240)='\xb9\xecm1\xc1\xf8\xa6\x8d\xc1\xe2zMN\xc0\x17\xce/\xcd\xa2\xba \x00\x97\xac#*\xff1\x1d\xf6e\xe1\xcb\xaf#\xe5}Fi\xef\xbd\x0f \xe7f@\x19\xc4p\xa4\xc5\x13\x88y\x1e\xe7eNf\x02\xbd\xaf^\xee\b\x15\x86r\xdf\xde\xe9m\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00', 0x0)
write$FUSE_NOTIFY_STORE(r3, &(0x7f0000000800)=ANY=[], 0x2c)
sendfile(r3, r3, &(0x7f0000001000), 0xffff)

08:24:31 executing program 0:
r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000300)=ANY=[@ANYBLOB="120100004bfee908e60f00985d19fd1f00010902120001000000000904"], 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, &(0x7f0000000740)={0xfffffde3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000540)={0x40, 0x13, 0x58, @link_local}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$hid(r0, 0x0, 0x0)

08:24:31 executing program 5:
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_user\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x27fffff, 0x40000000011, r2, 0x0)
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, 0xffffffffffffffff, 0x0)

08:24:31 executing program 2:
syz_open_procfs(0x0, &(0x7f0000000040)='mounts\x00')
syz_open_procfs(0x0, &(0x7f0000000000)='mountstats\x00')
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000040)={r1})
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000))
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000001c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1003]})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000140))
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000056f000/0x18000)=nil, &(0x7f0000000080)=[@text32={0x20, &(0x7f00000000c0)="66ba4000b0c2ee66bad104b829280000efea0e0000000a00b8050000000f23d80f21f835c00000a00f23f8653e65f30f21c62e0fae2b0f01c2b8060000000f23d00f21f835200000000f23f8c4c3a1cf830000000002d9f7", 0x58}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

08:24:31 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000)={0x2})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000001c0)={[0x4, 0x0, 0x0, 0x8, 0x1, 0x0, 0x1002]})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000140))
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000056f000/0x18000)=nil, &(0x7f0000000080)=[@text32={0x20, &(0x7f00000000c0)="66ba4000b0c2ee66bad104b829280000efea0e0000000a00b8050000000f23d80f21f835c00000a00f23f8653e65f30f21c62e0fae2b0f01c2b8060000000f23d00f21f835200000000f23f8c4c3a1cf830000000002d9f7", 0x58}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  570.966697][T19151] loop4: detected capacity change from 0 to 16
[  571.032424][   T26] audit: type=1800 audit(1632817471.900:75): pid=19151 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.4" name="file0" dev="loop4" ino=41 res=0 errno=0
08:24:32 executing program 5:
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_user\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x27fffff, 0x40000000011, r3, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)

08:24:32 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000)={0x2})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000001c0)={[0x4, 0x0, 0x0, 0x8, 0x1, 0x0, 0x1002]})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000140))
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000056f000/0x18000)=nil, &(0x7f0000000080)=[@text32={0x20, &(0x7f00000000c0)="66ba4000b0c2ee66bad104b829280000efea0e0000000a00b8050000000f23d80f21f835c00000a00f23f8653e65f30f21c62e0fae2b0f01c2b8060000000f23d00f21f835200000000f23f8c4c3a1cf830000000002d9f7", 0x58}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  571.304689][ T1051] usb 1-1: new high-speed USB device number 17 using dummy_hcd
[  571.564489][ T1051] usb 1-1: Using ep0 maxpacket: 8
[  571.844767][ T1051] usb 1-1: New USB device found, idVendor=0fe6, idProduct=9800, bcdDevice=19.5d
[  571.858684][ T1051] usb 1-1: New USB device strings: Mfr=253, Product=31, SerialNumber=0
[  571.876561][ T1051] usb 1-1: Product: syz
[  571.886909][ T1051] usb 1-1: Manufacturer: syz
[  571.901064][ T1051] usb 1-1: config 0 descriptor??
08:24:33 executing program 4:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x0, 0x8d}, 0x0)
r0 = getpid()
sched_setattr(0x0, &(0x7f0000000140)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0)
sched_setattr(r0, &(0x7f0000000240)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0)
sendfile(0xffffffffffffffff, r3, 0x0, 0x400000000001002a)
r4 = syz_mount_image$vfat(&(0x7f0000000400), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
r5 = openat(r4, &(0x7f000000c380)='./file0\x00', 0x84842, 0x0)
write(r5, &(0x7f0000004200)='t', 0xfff4)
sendmsg$NL80211_CMD_SET_INTERFACE(0xffffffffffffffff, &(0x7f0000001840)={&(0x7f0000000080), 0xc, &(0x7f0000001800)={&(0x7f00000001c0)=ANY=[@ANYRES64, @ANYRESDEC, @ANYRES32=0x0, @ANYRES32], 0x60}, 0x1, 0x0, 0x0, 0x44090}, 0x0)

08:24:33 executing program 2:
syz_open_procfs(0x0, &(0x7f0000000040)='mounts\x00')
syz_open_procfs(0x0, &(0x7f0000000000)='mountstats\x00')
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000040)={r1})
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000))
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000001c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1003]})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000140)={[{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}]})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000056f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

08:24:33 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, 0x0)
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000)={0x2})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000001c0)={[0x4, 0x0, 0x0, 0x8, 0x1, 0x0, 0x1002]})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000140))
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000056f000/0x18000)=nil, &(0x7f0000000080)=[@text32={0x20, &(0x7f00000000c0)="66ba4000b0c2ee66bad104b829280000efea0e0000000a00b8050000000f23d80f21f835c00000a00f23f8653e65f30f21c62e0fae2b0f01c2b8060000000f23d00f21f835200000000f23f8c4c3a1cf830000000002d9f7", 0x58}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

08:24:33 executing program 5:
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_user\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x27fffff, 0x40000000011, r3, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)

08:24:33 executing program 1:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
setrlimit(0xb, &(0x7f0000000040)={0x0, 0x3})
r0 = getpid()
sched_setattr(0x0, &(0x7f0000000140)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0)
sched_setattr(r0, &(0x7f0000000240)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
r3 = memfd_create(&(0x7f0000000240)='\xb9\xecm1\xc1\xf8\xa6\x8d\xc1\xe2zMN\xc0\x17\xce/\xcd\xa2\xba \x00\x97\xac#*\xff1\x1d\xf6e\xe1\xcb\xaf#\xe5}Fi\xef\xbd\x0f \xe7f@\x19\xc4p\xa4\xc5\x13\x88y\x1e\xe7eNf\x02\xbd\xaf^\xee\b\x15\x86r\xdf\xde\xe9m\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00', 0x0)
write$FUSE_NOTIFY_STORE(r3, &(0x7f0000000800)=ANY=[], 0x2c)
sendfile(r3, r3, &(0x7f0000001000), 0xffff)

[  572.594978][ T1051] CoreChips 1-1:0.0 (unnamed net_device) (uninitialized): sr_get_phy_addr : Error reading PHYID register:ffffffb9
08:24:33 executing program 2:
syz_open_procfs(0x0, &(0x7f0000000040)='mounts\x00')
syz_open_procfs(0x0, &(0x7f0000000000)='mountstats\x00')
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000040)={r1})
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000))
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000001c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1003]})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000140)={[{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}]})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000056f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  572.655211][ T1051] CoreChips: probe of 1-1:0.0 failed with error -71
[  572.701001][ T1051] usb 1-1: USB disconnect, device number 17
[  572.758763][T19237] loop4: detected capacity change from 0 to 16
08:24:33 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, 0x0)
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000)={0x2})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000001c0)={[0x4, 0x0, 0x0, 0x8, 0x1, 0x0, 0x1002]})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000140))
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000056f000/0x18000)=nil, &(0x7f0000000080)=[@text32={0x20, &(0x7f00000000c0)="66ba4000b0c2ee66bad104b829280000efea0e0000000a00b8050000000f23d80f21f835c00000a00f23f8653e65f30f21c62e0fae2b0f01c2b8060000000f23d00f21f835200000000f23f8c4c3a1cf830000000002d9f7", 0x58}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

08:24:33 executing program 5:
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_user\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x27fffff, 0x40000000011, r3, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)

08:24:34 executing program 2:
syz_open_procfs(0x0, &(0x7f0000000040)='mounts\x00')
syz_open_procfs(0x0, &(0x7f0000000000)='mountstats\x00')
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000040)={r1})
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000))
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000001c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1003]})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000140)={[{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}]})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000056f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

08:24:34 executing program 0:
r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000300)=ANY=[@ANYBLOB="120100004bfee908e60f00985d19fd1f00010902120001000000000904"], 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, &(0x7f0000000740)={0xfffffde3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000540)={0x40, 0x13, 0x58, @link_local}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0)

08:24:34 executing program 1:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
setrlimit(0xb, &(0x7f0000000040)={0x0, 0x3})
r0 = getpid()
sched_setattr(0x0, &(0x7f0000000140)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0)
sched_setattr(r0, &(0x7f0000000240)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
r3 = memfd_create(&(0x7f0000000240)='\xb9\xecm1\xc1\xf8\xa6\x8d\xc1\xe2zMN\xc0\x17\xce/\xcd\xa2\xba \x00\x97\xac#*\xff1\x1d\xf6e\xe1\xcb\xaf#\xe5}Fi\xef\xbd\x0f \xe7f@\x19\xc4p\xa4\xc5\x13\x88y\x1e\xe7eNf\x02\xbd\xaf^\xee\b\x15\x86r\xdf\xde\xe9m\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00', 0x0)
write$FUSE_NOTIFY_STORE(r3, &(0x7f0000000800)=ANY=[], 0x2c)
sendfile(r3, r3, &(0x7f0000001000), 0xffff)

08:24:34 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, 0x0)
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000)={0x2})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000001c0)={[0x4, 0x0, 0x0, 0x8, 0x1, 0x0, 0x1002]})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000140))
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000056f000/0x18000)=nil, &(0x7f0000000080)=[@text32={0x20, &(0x7f00000000c0)="66ba4000b0c2ee66bad104b829280000efea0e0000000a00b8050000000f23d80f21f835c00000a00f23f8653e65f30f21c62e0fae2b0f01c2b8060000000f23d00f21f835200000000f23f8c4c3a1cf830000000002d9f7", 0x58}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  573.545848][ T8509] usb 1-1: new high-speed USB device number 18 using dummy_hcd
[  573.794439][ T8509] usb 1-1: Using ep0 maxpacket: 8
[  574.034481][ T8509] usb 1-1: New USB device found, idVendor=0fe6, idProduct=9800, bcdDevice=19.5d
[  574.051116][ T8509] usb 1-1: New USB device strings: Mfr=253, Product=31, SerialNumber=0
[  574.095796][ T8509] usb 1-1: Product: syz
[  574.100725][ T8509] usb 1-1: Manufacturer: syz
[  574.121203][ T8509] usb 1-1: config 0 descriptor??
08:24:35 executing program 5:
sched_setattr(0x0, 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60)
r0 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_RUN(r0, 0xae80, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_user\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x27fffff, 0x40000000011, r1, 0x0)
ioctl$KVM_RUN(r0, 0xae80, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)

08:24:35 executing program 2:
syz_open_procfs(0x0, &(0x7f0000000040)='mounts\x00')
syz_open_procfs(0x0, &(0x7f0000000000)='mountstats\x00')
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000040)={r1})
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000))
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000001c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1003]})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000140)={[{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}]})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000056f000/0x18000)=nil, &(0x7f0000000080)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

08:24:35 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_PIT2(0xffffffffffffffff, 0x4040ae77, &(0x7f0000000000)={0x2})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000001c0)={[0x4, 0x0, 0x0, 0x8, 0x1, 0x0, 0x1002]})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000140))
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000056f000/0x18000)=nil, &(0x7f0000000080)=[@text32={0x20, &(0x7f00000000c0)="66ba4000b0c2ee66bad104b829280000efea0e0000000a00b8050000000f23d80f21f835c00000a00f23f8653e65f30f21c62e0fae2b0f01c2b8060000000f23d00f21f835200000000f23f8c4c3a1cf830000000002d9f7", 0x58}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

08:24:35 executing program 4:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x0, 0x8d}, 0x0)
r0 = getpid()
sched_setattr(0x0, &(0x7f0000000140)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0)
sched_setattr(r0, &(0x7f0000000240)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0)
sendfile(0xffffffffffffffff, r3, 0x0, 0x400000000001002a)
r4 = syz_mount_image$vfat(&(0x7f0000000400), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
r5 = openat(r4, &(0x7f000000c380)='./file0\x00', 0x84842, 0x0)
write(r5, &(0x7f0000004200)='t', 0xfff4)
sendmsg$NL80211_CMD_SET_INTERFACE(0xffffffffffffffff, &(0x7f0000001840)={&(0x7f0000000080), 0xc, &(0x7f0000001800)={&(0x7f00000001c0)=ANY=[@ANYRES64, @ANYRESDEC, @ANYRES32=0x0, @ANYRES32], 0x60}, 0x1, 0x0, 0x0, 0x44090}, 0x0)

08:24:35 executing program 1:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
setrlimit(0xb, &(0x7f0000000040)={0x0, 0x3})
r0 = getpid()
sched_setattr(0x0, &(0x7f0000000140)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0)
sched_setattr(r0, &(0x7f0000000240)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r2 = memfd_create(&(0x7f0000000240)='\xb9\xecm1\xc1\xf8\xa6\x8d\xc1\xe2zMN\xc0\x17\xce/\xcd\xa2\xba \x00\x97\xac#*\xff1\x1d\xf6e\xe1\xcb\xaf#\xe5}Fi\xef\xbd\x0f \xe7f@\x19\xc4p\xa4\xc5\x13\x88y\x1e\xe7eNf\x02\xbd\xaf^\xee\b\x15\x86r\xdf\xde\xe9m\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00', 0x0)
write$FUSE_NOTIFY_STORE(r2, &(0x7f0000000800)=ANY=[], 0x2c)
sendfile(r2, r2, &(0x7f0000001000), 0xffff)

08:24:35 executing program 5:
sched_setattr(0x0, 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60)
r0 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_RUN(r0, 0xae80, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_user\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x27fffff, 0x40000000011, r1, 0x0)
ioctl$KVM_RUN(r0, 0xae80, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)

[  574.622360][T19326] loop4: detected capacity change from 0 to 16
08:24:35 executing program 2:
syz_open_procfs(0x0, &(0x7f0000000040)='mounts\x00')
syz_open_procfs(0x0, &(0x7f0000000000)='mountstats\x00')
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000040)={r1})
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000))
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000001c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1003]})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000140)={[{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}]})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000056f000/0x18000)=nil, &(0x7f0000000080)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

08:24:35 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_PIT2(0xffffffffffffffff, 0x4040ae77, &(0x7f0000000000)={0x2})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000001c0)={[0x4, 0x0, 0x0, 0x8, 0x1, 0x0, 0x1002]})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000140))
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000056f000/0x18000)=nil, &(0x7f0000000080)=[@text32={0x20, &(0x7f00000000c0)="66ba4000b0c2ee66bad104b829280000efea0e0000000a00b8050000000f23d80f21f835c00000a00f23f8653e65f30f21c62e0fae2b0f01c2b8060000000f23d00f21f835200000000f23f8c4c3a1cf830000000002d9f7", 0x58}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  574.693734][   T26] audit: type=1800 audit(1632817475.560:76): pid=19326 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.4" name="file0" dev="loop4" ino=42 res=0 errno=0
08:24:35 executing program 5:
sched_setattr(0x0, 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60)
r0 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_RUN(r0, 0xae80, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_user\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x27fffff, 0x40000000011, r1, 0x0)
ioctl$KVM_RUN(r0, 0xae80, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)

[  574.824692][ T8509] CoreChips 1-1:0.0 (unnamed net_device) (uninitialized): sr_get_phy_addr : Error reading PHYID register:ffffffb9
[  574.880089][ T8509] CoreChips: probe of 1-1:0.0 failed with error -71
[  574.917156][ T8509] usb 1-1: USB disconnect, device number 18
08:24:36 executing program 0:
r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000300)=ANY=[@ANYBLOB="120100004bfee908e60f00985d19fd1f00010902120001000000000904"], 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, &(0x7f0000000740)={0xfffffde3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000540)={0x40, 0x13, 0x58, @link_local}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0)

08:24:36 executing program 5:
sched_setattr(0x0, 0x0, 0x0)
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r0, 0xae60)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r0, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_RUN(r1, 0xae80, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_user\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x27fffff, 0x40000000011, r2, 0x0)
ioctl$KVM_RUN(r1, 0xae80, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r1, 0x0)

08:24:36 executing program 2:
syz_open_procfs(0x0, &(0x7f0000000040)='mounts\x00')
syz_open_procfs(0x0, &(0x7f0000000000)='mountstats\x00')
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000040)={r1})
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000))
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000001c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1003]})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000140)={[{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}]})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000056f000/0x18000)=nil, &(0x7f0000000080)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

08:24:36 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_PIT2(0xffffffffffffffff, 0x4040ae77, &(0x7f0000000000)={0x2})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000001c0)={[0x4, 0x0, 0x0, 0x8, 0x1, 0x0, 0x1002]})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000140))
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000056f000/0x18000)=nil, &(0x7f0000000080)=[@text32={0x20, &(0x7f00000000c0)="66ba4000b0c2ee66bad104b829280000efea0e0000000a00b8050000000f23d80f21f835c00000a00f23f8653e65f30f21c62e0fae2b0f01c2b8060000000f23d00f21f835200000000f23f8c4c3a1cf830000000002d9f7", 0x58}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

08:24:36 executing program 1:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
setrlimit(0xb, &(0x7f0000000040)={0x0, 0x3})
r0 = getpid()
sched_setattr(0x0, &(0x7f0000000140)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0)
sched_setattr(r0, &(0x7f0000000240)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r2 = memfd_create(&(0x7f0000000240)='\xb9\xecm1\xc1\xf8\xa6\x8d\xc1\xe2zMN\xc0\x17\xce/\xcd\xa2\xba \x00\x97\xac#*\xff1\x1d\xf6e\xe1\xcb\xaf#\xe5}Fi\xef\xbd\x0f \xe7f@\x19\xc4p\xa4\xc5\x13\x88y\x1e\xe7eNf\x02\xbd\xaf^\xee\b\x15\x86r\xdf\xde\xe9m\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00', 0x0)
write$FUSE_NOTIFY_STORE(r2, &(0x7f0000000800)=ANY=[], 0x2c)
sendfile(r2, r2, &(0x7f0000001000), 0xffff)

08:24:36 executing program 5:
sched_setattr(0x0, 0x0, 0x0)
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r0, 0xae60)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r0, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_RUN(r1, 0xae80, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_user\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x27fffff, 0x40000000011, r2, 0x0)
ioctl$KVM_RUN(r1, 0xae80, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r1, 0x0)

[  575.734232][ T8163] usb 1-1: new high-speed USB device number 19 using dummy_hcd
[  575.984296][ T8163] usb 1-1: Using ep0 maxpacket: 8
08:24:37 executing program 4:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x0, 0x8d}, 0x0)
r0 = getpid()
sched_setattr(0x0, &(0x7f0000000140)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0)
sched_setattr(r0, &(0x7f0000000240)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0)
sendfile(0xffffffffffffffff, r3, 0x0, 0x400000000001002a)
r4 = syz_mount_image$vfat(&(0x7f0000000400), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
r5 = openat(r4, &(0x7f000000c380)='./file0\x00', 0x84842, 0x0)
write(r5, &(0x7f0000004200)='t', 0xfff4)
sendmsg$NL80211_CMD_SET_INTERFACE(0xffffffffffffffff, &(0x7f0000001840)={&(0x7f0000000080), 0xc, &(0x7f0000001800)={&(0x7f00000001c0)=ANY=[@ANYRES64, @ANYRESDEC, @ANYRES32=0x0, @ANYRES32], 0x60}, 0x1, 0x0, 0x0, 0x44090}, 0x0)

08:24:37 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000001c0)={[0x4, 0x0, 0x0, 0x8, 0x1, 0x0, 0x1002]})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000140))
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000056f000/0x18000)=nil, &(0x7f0000000080)=[@text32={0x20, &(0x7f00000000c0)="66ba4000b0c2ee66bad104b829280000efea0e0000000a00b8050000000f23d80f21f835c00000a00f23f8653e65f30f21c62e0fae2b0f01c2b8060000000f23d00f21f835200000000f23f8c4c3a1cf830000000002d9f7", 0x58}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

08:24:37 executing program 2:
syz_open_procfs(0x0, &(0x7f0000000040)='mounts\x00')
syz_open_procfs(0x0, &(0x7f0000000000)='mountstats\x00')
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000040)={r1})
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000))
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000001c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1003]})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000140)={[{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}]})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000056f000/0x18000)=nil, &(0x7f0000000080)=[@text32={0x20, &(0x7f00000000c0)="66ba4000b0c2ee66bad104b829280000efea0e0000000a00b8050000000f23d80f21f835c00000a00f23f8653e65f30f21c62e0fae2b0f01c2b8060000000f23d00f21f835200000000f23f8c4c3a1cf830000000002d9f7", 0x58}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)

08:24:37 executing program 5:
sched_setattr(0x0, 0x0, 0x0)
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r0, 0xae60)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r0, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_RUN(r1, 0xae80, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_user\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x27fffff, 0x40000000011, r2, 0x0)
ioctl$KVM_RUN(r1, 0xae80, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r1, 0x0)

08:24:37 executing program 1:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
setrlimit(0xb, &(0x7f0000000040)={0x0, 0x3})
r0 = getpid()
sched_setattr(0x0, &(0x7f0000000140)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0)
sched_setattr(r0, &(0x7f0000000240)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r2 = memfd_create(&(0x7f0000000240)='\xb9\xecm1\xc1\xf8\xa6\x8d\xc1\xe2zMN\xc0\x17\xce/\xcd\xa2\xba \x00\x97\xac#*\xff1\x1d\xf6e\xe1\xcb\xaf#\xe5}Fi\xef\xbd\x0f \xe7f@\x19\xc4p\xa4\xc5\x13\x88y\x1e\xe7eNf\x02\xbd\xaf^\xee\b\x15\x86r\xdf\xde\xe9m\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00', 0x0)
write$FUSE_NOTIFY_STORE(r2, &(0x7f0000000800)=ANY=[], 0x2c)
sendfile(r2, r2, &(0x7f0000001000), 0xffff)

[  576.234487][ T8163] usb 1-1: New USB device found, idVendor=0fe6, idProduct=9800, bcdDevice=19.5d
[  576.260732][ T8163] usb 1-1: New USB device strings: Mfr=253, Product=31, SerialNumber=0
08:24:37 executing program 2:
syz_open_procfs(0x0, &(0x7f0000000040)='mounts\x00')
syz_open_procfs(0x0, &(0x7f0000000000)='mountstats\x00')
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000040)={r1})
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000))
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000001c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1003]})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000140)={[{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}]})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000056f000/0x18000)=nil, &(0x7f0000000080)=[@text32={0x20, &(0x7f00000000c0)="66ba4000b0c2ee66bad104b829280000efea0e0000000a00b8050000000f23d80f21f835c00000a00f23f8653e65f30f21c62e0fae2b0f01c2b8060000000f23d00f21f835200000000f23f8c4c3a1cf830000000002d9f7", 0x58}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)

[  576.320113][ T8163] usb 1-1: Product: syz
[  576.346621][ T8163] usb 1-1: Manufacturer: syz
[  576.361087][ T8163] usb 1-1: config 0 descriptor??
[  576.500259][T19415] loop4: detected capacity change from 0 to 16
[  576.567276][   T26] audit: type=1800 audit(1632817477.440:77): pid=19415 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.4" name="file0" dev="loop4" ino=43 res=0 errno=0
[  577.064651][ T8163] CoreChips 1-1:0.0 (unnamed net_device) (uninitialized): sr_get_phy_addr : Error reading PHYID register:ffffffb9
[  577.104319][ T8163] CoreChips: probe of 1-1:0.0 failed with error -71
[  577.120959][ T8163] usb 1-1: USB disconnect, device number 19
08:24:38 executing program 0:
r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000300)=ANY=[@ANYBLOB="120100004bfee908e60f00985d19fd1f00010902120001000000000904"], 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, &(0x7f0000000740)={0xfffffde3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000540)={0x40, 0x13, 0x58, @link_local}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0)

08:24:38 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_user\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x27fffff, 0x40000000011, r3, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)

08:24:38 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000001c0)={[0x4, 0x0, 0x0, 0x8, 0x1, 0x0, 0x1002]})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000140))
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000056f000/0x18000)=nil, &(0x7f0000000080)=[@text32={0x20, &(0x7f00000000c0)="66ba4000b0c2ee66bad104b829280000efea0e0000000a00b8050000000f23d80f21f835c00000a00f23f8653e65f30f21c62e0fae2b0f01c2b8060000000f23d00f21f835200000000f23f8c4c3a1cf830000000002d9f7", 0x58}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

08:24:38 executing program 2:
syz_open_procfs(0x0, &(0x7f0000000040)='mounts\x00')
syz_open_procfs(0x0, &(0x7f0000000000)='mountstats\x00')
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000040)={r1})
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000))
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000001c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1003]})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000140)={[{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}]})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000056f000/0x18000)=nil, &(0x7f0000000080)=[@text32={0x20, &(0x7f00000000c0)="66ba4000b0c2ee66bad104b829280000efea0e0000000a00b8050000000f23d80f21f835c00000a00f23f8653e65f30f21c62e0fae2b0f01c2b8060000000f23d00f21f835200000000f23f8c4c3a1cf830000000002d9f7", 0x58}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)

08:24:38 executing program 1:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
setrlimit(0xb, &(0x7f0000000040)={0x0, 0x3})
r0 = getpid()
sched_setattr(0x0, &(0x7f0000000140)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0)
sched_setattr(r0, &(0x7f0000000240)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = memfd_create(&(0x7f0000000240)='\xb9\xecm1\xc1\xf8\xa6\x8d\xc1\xe2zMN\xc0\x17\xce/\xcd\xa2\xba \x00\x97\xac#*\xff1\x1d\xf6e\xe1\xcb\xaf#\xe5}Fi\xef\xbd\x0f \xe7f@\x19\xc4p\xa4\xc5\x13\x88y\x1e\xe7eNf\x02\xbd\xaf^\xee\b\x15\x86r\xdf\xde\xe9m\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00', 0x0)
write$FUSE_NOTIFY_STORE(r3, &(0x7f0000000800)=ANY=[], 0x2c)
sendfile(r3, r3, &(0x7f0000001000), 0xffff)

08:24:38 executing program 4:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9}, 0x0)
r0 = getpid()
sched_setattr(0x0, &(0x7f0000000140)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0)
sched_setattr(r0, &(0x7f0000000240)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0)
sendfile(0xffffffffffffffff, r3, 0x0, 0x400000000001002a)
r4 = syz_mount_image$vfat(&(0x7f0000000400), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
r5 = openat(r4, &(0x7f000000c380)='./file0\x00', 0x84842, 0x0)
write(r5, &(0x7f0000004200)='t', 0xfff4)
sendmsg$NL80211_CMD_SET_INTERFACE(0xffffffffffffffff, &(0x7f0000001840)={&(0x7f0000000080), 0xc, &(0x7f0000001800)={&(0x7f00000001c0)=ANY=[@ANYRES64, @ANYRESDEC, @ANYRES32=0x0, @ANYRES32], 0x60}, 0x1, 0x0, 0x0, 0x44090}, 0x0)

[  577.786926][T19466] loop4: detected capacity change from 0 to 16
08:24:38 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000001c0)={[0x4, 0x0, 0x0, 0x8, 0x1, 0x0, 0x1002]})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000140))
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000056f000/0x18000)=nil, &(0x7f0000000080)=[@text32={0x20, &(0x7f00000000c0)="66ba4000b0c2ee66bad104b829280000efea0e0000000a00b8050000000f23d80f21f835c00000a00f23f8653e65f30f21c62e0fae2b0f01c2b8060000000f23d00f21f835200000000f23f8c4c3a1cf830000000002d9f7", 0x58}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

08:24:38 executing program 2:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
setrlimit(0xb, &(0x7f0000000040)={0x0, 0x3})
r0 = getpid()
sched_setattr(0x0, &(0x7f0000000140)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0)
sched_setattr(r0, &(0x7f0000000240)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = memfd_create(&(0x7f0000000240)='\xb9\xecm1\xc1\xf8\xa6\x8d\xc1\xe2zMN\xc0\x17\xce/\xcd\xa2\xba \x00\x97\xac#*\xff1\x1d\xf6e\xe1\xcb\xaf#\xe5}Fi\xef\xbd\x0f \xe7f@\x19\xc4p\xa4\xc5\x13\x88y\x1e\xe7eNf\x02\xbd\xaf^\xee\b\x15\x86r\xdf\xde\xe9m\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00', 0x0)
write$FUSE_NOTIFY_STORE(r3, &(0x7f0000000800)=ANY=[], 0x2c)
sendfile(r3, r3, &(0x7f0000001000), 0xffff)

[  578.044765][ T8163] usb 1-1: new high-speed USB device number 20 using dummy_hcd
08:24:39 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_user\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x27fffff, 0x40000000011, r3, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)

[  578.304068][ T8163] usb 1-1: Using ep0 maxpacket: 8
08:24:39 executing program 1:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
setrlimit(0xb, &(0x7f0000000040)={0x0, 0x3})
r0 = getpid()
sched_setattr(0x0, &(0x7f0000000140)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0)
sched_setattr(r0, &(0x7f0000000240)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = memfd_create(&(0x7f0000000240)='\xb9\xecm1\xc1\xf8\xa6\x8d\xc1\xe2zMN\xc0\x17\xce/\xcd\xa2\xba \x00\x97\xac#*\xff1\x1d\xf6e\xe1\xcb\xaf#\xe5}Fi\xef\xbd\x0f \xe7f@\x19\xc4p\xa4\xc5\x13\x88y\x1e\xe7eNf\x02\xbd\xaf^\xee\b\x15\x86r\xdf\xde\xe9m\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00', 0x0)
write$FUSE_NOTIFY_STORE(r3, &(0x7f0000000800)=ANY=[], 0x2c)
sendfile(r3, r3, &(0x7f0000001000), 0xffff)

08:24:40 executing program 2:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
setrlimit(0xb, &(0x7f0000000040)={0x0, 0x3})
r0 = getpid()
sched_setattr(0x0, &(0x7f0000000140)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0)
sched_setattr(r0, &(0x7f0000000240)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = memfd_create(&(0x7f0000000240)='\xb9\xecm1\xc1\xf8\xa6\x8d\xc1\xe2zMN\xc0\x17\xce/\xcd\xa2\xba \x00\x97\xac#*\xff1\x1d\xf6e\xe1\xcb\xaf#\xe5}Fi\xef\xbd\x0f \xe7f@\x19\xc4p\xa4\xc5\x13\x88y\x1e\xe7eNf\x02\xbd\xaf^\xee\b\x15\x86r\xdf\xde\xe9m\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00', 0x0)
write$FUSE_NOTIFY_STORE(r3, &(0x7f0000000800)=ANY=[], 0x2c)
sendfile(r3, r3, &(0x7f0000001000), 0xffff)

08:24:40 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000))
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000001c0)={[0x4, 0x0, 0x0, 0x8, 0x1, 0x0, 0x1002]})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000140))
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000056f000/0x18000)=nil, &(0x7f0000000080)=[@text32={0x20, &(0x7f00000000c0)="66ba4000b0c2ee66bad104b829280000efea0e0000000a00b8050000000f23d80f21f835c00000a00f23f8653e65f30f21c62e0fae2b0f01c2b8060000000f23d00f21f835200000000f23f8c4c3a1cf830000000002d9f7", 0x58}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  580.614059][ T8163] usb 1-1: New USB device found, idVendor=0fe6, idProduct=9800, bcdDevice=19.5d
[  580.623162][ T8163] usb 1-1: New USB device strings: Mfr=253, Product=31, SerialNumber=0
08:24:41 executing program 0:
r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000300)=ANY=[@ANYBLOB="120100004bfee908e60f00985d19fd1f00010902120001000000000904"], 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0)

08:24:41 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_user\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x27fffff, 0x40000000011, r3, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)

08:24:41 executing program 1:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
setrlimit(0xb, &(0x7f0000000040)={0x0, 0x3})
r0 = getpid()
sched_setattr(0x0, &(0x7f0000000140)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0)
sched_setattr(r0, &(0x7f0000000240)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = memfd_create(&(0x7f0000000240)='\xb9\xecm1\xc1\xf8\xa6\x8d\xc1\xe2zMN\xc0\x17\xce/\xcd\xa2\xba \x00\x97\xac#*\xff1\x1d\xf6e\xe1\xcb\xaf#\xe5}Fi\xef\xbd\x0f \xe7f@\x19\xc4p\xa4\xc5\x13\x88y\x1e\xe7eNf\x02\xbd\xaf^\xee\b\x15\x86r\xdf\xde\xe9m\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00', 0x0)
write$FUSE_NOTIFY_STORE(r3, &(0x7f0000000800)=ANY=[], 0x2c)
sendfile(r3, r3, &(0x7f0000001000), 0xffff)

08:24:41 executing program 2:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000740), r0)
sendmsg$NLBL_MGMT_C_LISTDEF(r1, &(0x7f0000000840)={&(0x7f0000000700), 0xc, &(0x7f0000000800)={&(0x7f0000000780)={0x14, r2, 0x1}, 0x14}}, 0x0)

[  580.671357][ T8163] usb 1-1: Product: syz
[  580.690706][ T8163] usb 1-1: Manufacturer: syz
[  580.700948][ T8163] usb 1-1: config 0 descriptor??
[  580.753972][ T8163] usb 1-1: can't set config #0, error -71
[  580.780383][ T8163] usb 1-1: USB disconnect, device number 20
08:24:41 executing program 2:
r0 = memfd_create(&(0x7f0000000200)='G\x84\xe7R\xb5\xbc\xeal\x01\x86\x01\xff\xff\xff\xff\x00\x00\x00\x00\x1bX\x93\xbbqz\x01o\x81\xa6\x02Wq\x8c\xbfx\xdd\xd4\xf1\aQu8\x99:\x06\xb9\xbe\f&Ws\x83\xd6&s3\v7n0Oj\xff0\xea(\xeb\x986\x14\a\x95:\xeb\xf9A\xfb\x13k\xed{\xed*\xa5p37m\xa8\xa7\x95&\xb0\x93p\xa3\xa7\xda\xf2H\x9f\xf5D\xae\b\x81=\xdb]\xcb\x10\xb7\x89\x8e\x8a\x9a\x80^k\xc9t\x1c\x00\x1a\x1d.\xe5\x18I\aRW\x99\x1f\xb1#\x1efv\xb7\xe8\x01\x03\t\b\x95\xa9Q\x8a\xe2\xbeq\x1e=\xebh\xd1S\x18\xff\xb7\xae\x9c\x9d#\xf7o\xcf\xf3\xeb@\x97\xdc\x9c\r0\xe4^f\xf59g\xa0\xe5\xe4\x1bN\xc6\xff7\xb3\x10\'\xc0\x04\xd5\xef\a70\x8e\xfb\x1e\x15\v\x12Ms7\x03\xa4\xbfv\xaf\xf8\x13F!\x17c\xde$\x1de(\xfb)\xc9\xaam\xad\xda\x03\x16.\xdb,\x86E~gO {J\x17*\x8bX\xb4/\xf9\xa6\xea\x9c\x12\x01\x91\x16\xff}\xa4\x95s\x87vH\xd8f\x01\x1f\xde\x8d0\"\xa3jM\xbb\xd65\xc2\n\x90\xdbP\xe8\xb1\xec\xd4\b\xba\x83\xd1)\x95\x06\xb9\xc1\xd3', 0x0)
write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[], 0xfffffe47)
ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x7})

[  581.273807][ T8163] usb 1-1: new high-speed USB device number 21 using dummy_hcd
[  581.533786][ T8163] usb 1-1: Using ep0 maxpacket: 8
[  581.773823][ T8163] usb 1-1: New USB device found, idVendor=0fe6, idProduct=9800, bcdDevice=19.5d
[  581.787818][ T8163] usb 1-1: New USB device strings: Mfr=253, Product=31, SerialNumber=0
[  581.815005][ T8163] usb 1-1: Product: syz
[  581.834473][ T8163] usb 1-1: Manufacturer: syz
[  581.857582][ T8163] usb 1-1: config 0 descriptor??
08:24:43 executing program 4:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9}, 0x0)
r0 = getpid()
sched_setattr(0x0, &(0x7f0000000140)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0)
sched_setattr(r0, &(0x7f0000000240)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0)
sendfile(0xffffffffffffffff, r3, 0x0, 0x400000000001002a)
r4 = syz_mount_image$vfat(&(0x7f0000000400), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
r5 = openat(r4, &(0x7f000000c380)='./file0\x00', 0x84842, 0x0)
write(r5, &(0x7f0000004200)='t', 0xfff4)
sendmsg$NL80211_CMD_SET_INTERFACE(0xffffffffffffffff, &(0x7f0000001840)={&(0x7f0000000080), 0xc, &(0x7f0000001800)={&(0x7f00000001c0)=ANY=[@ANYRES64, @ANYRESDEC, @ANYRES32=0x0, @ANYRES32], 0x60}, 0x1, 0x0, 0x0, 0x44090}, 0x0)

08:24:43 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_user\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x27fffff, 0x40000000011, r3, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)

08:24:43 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000))
ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, &(0x7f00000001c0)={[0x4, 0x0, 0x0, 0x8, 0x1, 0x0, 0x1002]})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000140))
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000056f000/0x18000)=nil, &(0x7f0000000080)=[@text32={0x20, &(0x7f00000000c0)="66ba4000b0c2ee66bad104b829280000efea0e0000000a00b8050000000f23d80f21f835c00000a00f23f8653e65f30f21c62e0fae2b0f01c2b8060000000f23d00f21f835200000000f23f8c4c3a1cf830000000002d9f7", 0x58}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

08:24:43 executing program 1:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
setrlimit(0xb, &(0x7f0000000040)={0x0, 0x3})
r0 = getpid()
sched_setattr(0x0, &(0x7f0000000140)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0)
sched_setattr(r0, &(0x7f0000000240)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r1 = memfd_create(&(0x7f0000000240)='\xb9\xecm1\xc1\xf8\xa6\x8d\xc1\xe2zMN\xc0\x17\xce/\xcd\xa2\xba \x00\x97\xac#*\xff1\x1d\xf6e\xe1\xcb\xaf#\xe5}Fi\xef\xbd\x0f \xe7f@\x19\xc4p\xa4\xc5\x13\x88y\x1e\xe7eNf\x02\xbd\xaf^\xee\b\x15\x86r\xdf\xde\xe9m\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00', 0x0)
write$FUSE_NOTIFY_STORE(r1, &(0x7f0000000800)=ANY=[], 0x2c)
sendfile(r1, r1, &(0x7f0000001000), 0xffff)

08:24:43 executing program 2:
r0 = memfd_create(&(0x7f0000000200)='G\x84\xe7R\xb5\xbc\xeal\x01\x86\x01\xff\xff\xff\xff\x00\x00\x00\x00\x1bX\x93\xbbqz\x01o\x81\xa6\x02Wq\x8c\xbfx\xdd\xd4\xf1\aQu8\x99:\x06\xb9\xbe\f&Ws\x83\xd6&s3\v7n0Oj\xff0\xea(\xeb\x986\x14\a\x95:\xeb\xf9A\xfb\x13k\xed{\xed*\xa5p37m\xa8\xa7\x95&\xb0\x93p\xa3\xa7\xda\xf2H\x9f\xf5D\xae\b\x81=\xdb]\xcb\x10\xb7\x89\x8e\x8a\x9a\x80^k\xc9t\x1c\x00\x1a\x1d.\xe5\x18I\aRW\x99\x1f\xb1#\x1efv\xb7\xe8\x01\x03\t\b\x95\xa9Q\x8a\xe2\xbeq\x1e=\xebh\xd1S\x18\xff\xb7\xae\x9c\x9d#\xf7o\xcf\xf3\xeb@\x97\xdc\x9c\r0\xe4^f\xf59g\xa0\xe5\xe4\x1bN\xc6\xff7\xb3\x10\'\xc0\x04\xd5\xef\a70\x8e\xfb\x1e\x15\v\x12Ms7\x03\xa4\xbfv\xaf\xf8\x13F!\x17c\xde$\x1de(\xfb)\xc9\xaam\xad\xda\x03\x16.\xdb,\x86E~gO {J\x17*\x8bX\xb4/\xf9\xa6\xea\x9c\x12\x01\x91\x16\xff}\xa4\x95s\x87vH\xd8f\x01\x1f\xde\x8d0\"\xa3jM\xbb\xd65\xc2\n\x90\xdbP\xe8\xb1\xec\xd4\b\xba\x83\xd1)\x95\x06\xb9\xc1\xd3', 0x0)
write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[], 0xfffffe47)
ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x7})

[  582.367055][ T8163] CoreChips: probe of 1-1:0.0 failed with error -32
08:24:43 executing program 1:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
setrlimit(0xb, &(0x7f0000000040)={0x0, 0x3})
r0 = getpid()
sched_setattr(0x0, &(0x7f0000000140)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0)
sched_setattr(r0, &(0x7f0000000240)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r1 = memfd_create(&(0x7f0000000240)='\xb9\xecm1\xc1\xf8\xa6\x8d\xc1\xe2zMN\xc0\x17\xce/\xcd\xa2\xba \x00\x97\xac#*\xff1\x1d\xf6e\xe1\xcb\xaf#\xe5}Fi\xef\xbd\x0f \xe7f@\x19\xc4p\xa4\xc5\x13\x88y\x1e\xe7eNf\x02\xbd\xaf^\xee\b\x15\x86r\xdf\xde\xe9m\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00', 0x0)
write$FUSE_NOTIFY_STORE(r1, &(0x7f0000000800)=ANY=[], 0x2c)
sendfile(r1, r1, &(0x7f0000001000), 0xffff)

08:24:43 executing program 5:
openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r0, 0xae60)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r0, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_RUN(r1, 0xae80, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_user\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x27fffff, 0x40000000011, r2, 0x0)
ioctl$KVM_RUN(r1, 0xae80, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r1, 0x0)

[  582.708020][T19567] loop4: detected capacity change from 0 to 16
[  582.758603][   T26] audit: type=1800 audit(1632817483.631:78): pid=19567 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.4" name="file0" dev="loop4" ino=44 res=0 errno=0
08:24:44 executing program 0:
r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000300)=ANY=[@ANYBLOB="120100004bfee908e60f00985d19fd1f00010902120001000000000904"], 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0)

08:24:44 executing program 1:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
setrlimit(0xb, &(0x7f0000000040)={0x0, 0x3})
r0 = getpid()
sched_setattr(0x0, &(0x7f0000000140)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0)
sched_setattr(r0, &(0x7f0000000240)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r1 = memfd_create(&(0x7f0000000240)='\xb9\xecm1\xc1\xf8\xa6\x8d\xc1\xe2zMN\xc0\x17\xce/\xcd\xa2\xba \x00\x97\xac#*\xff1\x1d\xf6e\xe1\xcb\xaf#\xe5}Fi\xef\xbd\x0f \xe7f@\x19\xc4p\xa4\xc5\x13\x88y\x1e\xe7eNf\x02\xbd\xaf^\xee\b\x15\x86r\xdf\xde\xe9m\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00', 0x0)
write$FUSE_NOTIFY_STORE(r1, &(0x7f0000000800)=ANY=[], 0x2c)
sendfile(r1, r1, &(0x7f0000001000), 0xffff)

08:24:44 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000))
ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, &(0x7f00000001c0)={[0x4, 0x0, 0x0, 0x8, 0x1, 0x0, 0x1002]})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000140))
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000056f000/0x18000)=nil, &(0x7f0000000080)=[@text32={0x20, &(0x7f00000000c0)="66ba4000b0c2ee66bad104b829280000efea0e0000000a00b8050000000f23d80f21f835c00000a00f23f8653e65f30f21c62e0fae2b0f01c2b8060000000f23d00f21f835200000000f23f8c4c3a1cf830000000002d9f7", 0x58}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

08:24:44 executing program 5:
openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r0, 0xae60)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r0, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_RUN(r1, 0xae80, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_user\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x27fffff, 0x40000000011, r2, 0x0)
ioctl$KVM_RUN(r1, 0xae80, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r1, 0x0)

08:24:44 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x7)

08:24:44 executing program 4:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9}, 0x0)
r0 = getpid()
sched_setattr(0x0, &(0x7f0000000140)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0)
sched_setattr(r0, &(0x7f0000000240)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0)
sendfile(0xffffffffffffffff, r3, 0x0, 0x400000000001002a)
r4 = syz_mount_image$vfat(&(0x7f0000000400), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
r5 = openat(r4, &(0x7f000000c380)='./file0\x00', 0x84842, 0x0)
write(r5, &(0x7f0000004200)='t', 0xfff4)
sendmsg$NL80211_CMD_SET_INTERFACE(0xffffffffffffffff, &(0x7f0000001840)={&(0x7f0000000080), 0xc, &(0x7f0000001800)={&(0x7f00000001c0)=ANY=[@ANYRES64, @ANYRESDEC, @ANYRES32=0x0, @ANYRES32], 0x60}, 0x1, 0x0, 0x0, 0x44090}, 0x0)

[  583.793178][   T20] usb 1-1: USB disconnect, device number 21
08:24:44 executing program 2:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000140)=ANY=[@ANYBLOB="18000000004000000000000000000000850000007b0000009500000000000000f877d66c5bd16bc64b19ceef"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000500)='ext4_mballoc_alloc\x00', r1}, 0x10)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000040)={0x0, 0xffffffffffffffff, 0x0, 0x2d2, &(0x7f0000000540)='nr0\x01\x00`\xa1\x9e\xf9\xd2\xc6s\xd9\xa1W\x1c\xb9\xe16\x9b\xcda\xef~Iy:\xe1\x87\x12\xee\xeb\x1d\xaav\x94\x97\x80\v\x7f\xbb\xd3[\x17\f\x10u\x1d9\xae\xb6`\xd8c\xe4\x9b\x8cO;=\xadH\x90\xdd[-l\xfd\n\xbd7,c\xbc\xf5\xd7\a\xf3\xfdM.\x8dD<\x88\xbc\x0eV7\xdd\x82\xfc45\xbe\xd4\xde\x9a[\xe2(\x88\x06\x1f?\xf5?\x8bk9fx\xe7\xba\x15^\xf9\x15-~C\xb1\xec\xcb#1\xeb\x8e\xb1\xedU\x86\xdc\xf8\xb3\xb0\xb9\x996\x1aD\xff,\"\xc2\xab\xbe\xf4-\xd2N\xab\xe6r3F\xa6\xe4l\x04\x99\xa2\x14B\xd8\xd0\r\xcbW\xf0\x13\xffu\x95\xed\xd0\xff\ai0\xde6u\xd3A\x17\xa4N\xb0\xe4\xf82\x93\xd2\x00\x00\x00\x00\x00\x00\x00\xbdH\xd2\xa8[\xf4\xfdJ\x80N\x832Z\xf5\xe2\x87\xd4\xe2s7\xb4\xad\xa1\x1b&!\x98\x86\"R\x06\x00\x00\x00\x00\x007q\xe9\xf4,\xa3\x0f\xb2\x1e\x12\xf0\xa3\xd8\xbc-\x85EJ\xf9\xfc\xc0#-\x8f\xd9\tD\x8b\x01\xf4lY=1\xea\x1c\x92de\xe3ZA\x99\a\x9c<\xe4\x11(\xb1|\xb0\x1f\xbf[R+\xe0\xfd\x02\x02*\xda7\xfe\xcc\x0e\xb6\xc8\xc8\x83\x18\x83\xb8Z\x11\x06\xf2\xf8g\x02\rR\x9f\x17\xa3P\xf2\r\xd3\xbfQ\xa9\x8c\xfd\xa7\f.\xa2\xd8\x18`\x1b\xbex\xc9BFK\xc6^\x13\xce68\xe4\x83\xfd?\x87\x94\v\xb4x\xf4|L\x11\x03\x94\xc0\t=\x17\x95P\x89\xf2\xca\x97\xbb\xfeu\x12L\x9b\x85\x96\xe0\b\xbf\n\x02\x8bS\x9c\xecyl\xec\x9b\xf5\x85\xeb\x80\xee>\r&\x014\x01\xf4\xb7\x83\x9a\xfa*\xa6\x06\xb7Pk7N\xc2\xd9\xee\xd0\xb0M\x00\xab\xc3\t\fc\xd8d\x14\xb1\xc0\xd7\x1a\xa0\x16\xa2z\x9e\x93 \xdde\xe8p29\v\x02\xa2b\x13R\xef\xffA\f\xb9.$\xfa\x9f\xde[\x80\xd1=\xce\x1b\xeb\xf6\xf4\xe3z\x1f\x9dz\xa3\xc0\xe2\xa2\xb1\xeeq\xf5\xec0\x8e\xf4\xfb\xd9\x87\xf03\xdb\xae|\x10&V5c\xa6\xce\xcd\x8a\xdf\xe1\x89\"\xea\xde\xe7\xa3\xbe\xe7\xff\xf9 \x11\xfdY\xc6\xa1\xe8\xda\v\\?\xcb\x87\bn\x9b\x01\x1f\xf8\xe8\x1eV\xfaC\xdf\xc3Vv\x9b\x1a\xfc\x14.c\x94\xc9=\xb0\x0f!d\b\x18*@m\x7f\xaal\x17G\xd6?\x81\x16P\x03\x10e\xc3\xcd\xb1B\xeb\x01B\\\x91A\xa1\x8an\xb4#\xadr\x1e\x81v\xa2\x0e6x\xca\x8b\xa6\xd8\x1e\x00_^9\xb1\b\x87\xc6\xb4\xf0\'f\xba\xbd\xfe\x11\xf8\xc8W\x81s^\xd9\x03\x00\x00\x00\x00\x00\x00\x00\x1b\x17E\xb23\x12\xb0\xeb\xef\x8c\xb24h\xd7}\x7f\x92Hgej\x957\xe2\x1fA\x00\xdc\xdd\x11x\x90\x97QJ\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00&\xd8\xb3S\xe0\x1e\xa7\xc3`~U\x91\xfa\x92\x1e\xccdfFz\xa8\t\xe4+\x83\xac\x94'}, 0x30)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x4030582a, &(0x7f0000000040))

08:24:44 executing program 5:
openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r0, 0xae60)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r0, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_RUN(r1, 0xae80, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_user\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x27fffff, 0x40000000011, r2, 0x0)
ioctl$KVM_RUN(r1, 0xae80, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r1, 0x0)

08:24:44 executing program 1:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
setrlimit(0xb, &(0x7f0000000040)={0x0, 0x3})
getpid()
sched_setattr(0x0, &(0x7f0000000140)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r2 = memfd_create(&(0x7f0000000240)='\xb9\xecm1\xc1\xf8\xa6\x8d\xc1\xe2zMN\xc0\x17\xce/\xcd\xa2\xba \x00\x97\xac#*\xff1\x1d\xf6e\xe1\xcb\xaf#\xe5}Fi\xef\xbd\x0f \xe7f@\x19\xc4p\xa4\xc5\x13\x88y\x1e\xe7eNf\x02\xbd\xaf^\xee\b\x15\x86r\xdf\xde\xe9m\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00', 0x0)
write$FUSE_NOTIFY_STORE(r2, &(0x7f0000000800)=ANY=[], 0x2c)
sendfile(r2, r2, &(0x7f0000001000), 0xffff)

[  584.054649][T19608] loop4: detected capacity change from 0 to 16
08:24:45 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_user\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x27fffff, 0x40000000011, r3, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)

08:24:45 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000))
ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, &(0x7f00000001c0)={[0x4, 0x0, 0x0, 0x8, 0x1, 0x0, 0x1002]})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000140))
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000056f000/0x18000)=nil, &(0x7f0000000080)=[@text32={0x20, &(0x7f00000000c0)="66ba4000b0c2ee66bad104b829280000efea0e0000000a00b8050000000f23d80f21f835c00000a00f23f8653e65f30f21c62e0fae2b0f01c2b8060000000f23d00f21f835200000000f23f8c4c3a1cf830000000002d9f7", 0x58}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  584.136484][   T26] audit: type=1800 audit(1632817485.011:79): pid=19608 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.4" name="file0" dev="loop4" ino=45 res=0 errno=0
[  584.335007][   T20] usb 1-1: new high-speed USB device number 22 using dummy_hcd
08:24:45 executing program 2:
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$UI_END_FF_ERASE(r0, 0x400c55cb, &(0x7f00000002c0))

[  584.573531][   T20] usb 1-1: Using ep0 maxpacket: 8
[  584.813983][   T20] usb 1-1: New USB device found, idVendor=0fe6, idProduct=9800, bcdDevice=19.5d
[  584.828702][   T20] usb 1-1: New USB device strings: Mfr=253, Product=31, SerialNumber=0
[  584.853868][   T20] usb 1-1: Product: syz
[  584.866012][   T20] usb 1-1: Manufacturer: syz
[  584.888419][   T20] usb 1-1: config 0 descriptor??
[  585.373751][   T20] CoreChips: probe of 1-1:0.0 failed with error -32
08:24:47 executing program 0:
r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000300)=ANY=[@ANYBLOB="120100004bfee908e60f00985d19fd1f00010902120001000000000904"], 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0)

08:24:47 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000))
ioctl$KVM_SET_REGS(r2, 0x4090ae82, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000140))
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000056f000/0x18000)=nil, &(0x7f0000000080)=[@text32={0x20, &(0x7f00000000c0)="66ba4000b0c2ee66bad104b829280000efea0e0000000a00b8050000000f23d80f21f835c00000a00f23f8653e65f30f21c62e0fae2b0f01c2b8060000000f23d00f21f835200000000f23f8c4c3a1cf830000000002d9f7", 0x58}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

08:24:47 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_user\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x27fffff, 0x40000000011, r3, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)

08:24:47 executing program 2:
fchdir(0xffffffffffffffff)
perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x2012, r0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x12, r1, 0x0)

08:24:47 executing program 1:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
setrlimit(0xb, &(0x7f0000000040)={0x0, 0x3})
getpid()
sched_setattr(0x0, &(0x7f0000000140)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r2 = memfd_create(&(0x7f0000000240)='\xb9\xecm1\xc1\xf8\xa6\x8d\xc1\xe2zMN\xc0\x17\xce/\xcd\xa2\xba \x00\x97\xac#*\xff1\x1d\xf6e\xe1\xcb\xaf#\xe5}Fi\xef\xbd\x0f \xe7f@\x19\xc4p\xa4\xc5\x13\x88y\x1e\xe7eNf\x02\xbd\xaf^\xee\b\x15\x86r\xdf\xde\xe9m\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00', 0x0)
write$FUSE_NOTIFY_STORE(r2, &(0x7f0000000800)=ANY=[], 0x2c)
sendfile(r2, r2, &(0x7f0000001000), 0xffff)

08:24:47 executing program 4:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r0 = getpid()
sched_setattr(0x0, 0x0, 0x0)
sched_setattr(r0, &(0x7f0000000240)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0)
sendfile(0xffffffffffffffff, r3, 0x0, 0x400000000001002a)
r4 = syz_mount_image$vfat(&(0x7f0000000400), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
r5 = openat(r4, &(0x7f000000c380)='./file0\x00', 0x84842, 0x0)
write(r5, &(0x7f0000004200)='t', 0xfff4)
sendmsg$NL80211_CMD_SET_INTERFACE(0xffffffffffffffff, &(0x7f0000001840)={&(0x7f0000000080), 0xc, &(0x7f0000001800)={&(0x7f00000001c0)=ANY=[@ANYRES64, @ANYRESDEC, @ANYRES32=0x0, @ANYRES32], 0x60}, 0x1, 0x0, 0x0, 0x44090}, 0x0)

[  586.861191][   T20] usb 1-1: USB disconnect, device number 22
[  587.063983][T19680] loop4: detected capacity change from 0 to 16
[  587.139041][   T26] audit: type=1800 audit(1632817488.011:80): pid=19680 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.4" name="file0" dev="loop4" ino=46 res=0 errno=0
[  587.383413][   T20] usb 1-1: new high-speed USB device number 23 using dummy_hcd
08:24:48 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000))
ioctl$KVM_SET_REGS(r2, 0x4090ae82, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000140))
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000056f000/0x18000)=nil, &(0x7f0000000080)=[@text32={0x20, &(0x7f00000000c0)="66ba4000b0c2ee66bad104b829280000efea0e0000000a00b8050000000f23d80f21f835c00000a00f23f8653e65f30f21c62e0fae2b0f01c2b8060000000f23d00f21f835200000000f23f8c4c3a1cf830000000002d9f7", 0x58}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

08:24:48 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_user\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x27fffff, 0x40000000011, r3, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)

[  587.634448][   T20] usb 1-1: Using ep0 maxpacket: 8
08:24:48 executing program 4:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r0 = getpid()
sched_setattr(0x0, 0x0, 0x0)
sched_setattr(r0, &(0x7f0000000240)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0)
sendfile(0xffffffffffffffff, r3, 0x0, 0x400000000001002a)
r4 = syz_mount_image$vfat(&(0x7f0000000400), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
r5 = openat(r4, &(0x7f000000c380)='./file0\x00', 0x84842, 0x0)
write(r5, &(0x7f0000004200)='t', 0xfff4)
sendmsg$NL80211_CMD_SET_INTERFACE(0xffffffffffffffff, &(0x7f0000001840)={&(0x7f0000000080), 0xc, &(0x7f0000001800)={&(0x7f00000001c0)=ANY=[@ANYRES64, @ANYRESDEC, @ANYRES32=0x0, @ANYRES32], 0x60}, 0x1, 0x0, 0x0, 0x44090}, 0x0)

[  587.876574][   T20] usb 1-1: New USB device found, idVendor=0fe6, idProduct=9800, bcdDevice=19.5d
[  587.915006][   T20] usb 1-1: New USB device strings: Mfr=253, Product=31, SerialNumber=0
[  587.956959][   T20] usb 1-1: Product: syz
[  587.977064][   T20] usb 1-1: Manufacturer: syz
[  588.008019][   T20] usb 1-1: config 0 descriptor??
08:24:49 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000))
ioctl$KVM_SET_REGS(r2, 0x4090ae82, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000140))
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000056f000/0x18000)=nil, &(0x7f0000000080)=[@text32={0x20, &(0x7f00000000c0)="66ba4000b0c2ee66bad104b829280000efea0e0000000a00b8050000000f23d80f21f835c00000a00f23f8653e65f30f21c62e0fae2b0f01c2b8060000000f23d00f21f835200000000f23f8c4c3a1cf830000000002d9f7", 0x58}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

08:24:49 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_user\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x27fffff, 0x40000000011, r3, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)

[  588.313403][T19730] loop4: detected capacity change from 0 to 16
[  588.338995][   T26] audit: type=1800 audit(1632817489.201:81): pid=19730 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.4" name="file0" dev="loop4" ino=47 res=0 errno=0
08:24:49 executing program 2:
preadv(0xffffffffffffffff, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f00000000c0)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0)
r1 = open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0)
r2 = open$dir(&(0x7f00000000c0)='./file0\x00', 0x0, 0x0)
write(r1, &(0x7f0000000600)="34fd98aa1d0e7adec937a5f331a75f487934f50242a0751944936972896c29a5068c8ecba1aa0a4e2a631b5180e1fbde79f4502dc4c4a1fba9dcd9ed83e639aefa1b87631c33d1a82cb0c0035676ddfeb0fe7984d7519b0f839d497fc9d64ef14d1de22220ff2623df4950134b9fb734a52adad95f131cce3672a9d7d7b400d2c62810b5f20351639330948107bf8d4534a03ac389455c54d8eb4d609b3e858b7213b38eb01f0eeaba3739ae927916e28da6a79a3fd5e32d30ab30bf959d4596e5ffbff6789a650b9e7d248d1ba849012336a4f3ef8fab07a8f5b81bb0bc45b2174538315ca12b7c723b2157562564a8a1f19d28179f8c565448e0e921b8c3e6fc4adaafa8b929ad077f633325b6a6f71a586cabc4883e03e19315f946b277858593a7367e232202fe9ad656c6768a1517da7f0498b48cb078e929fb11db0cc551f754bffc4859dd89a396915cc809b07d448573098409ea21371056f67ef4114ec10547f498d24513fe594308bf022868ad21e85bba811942fdc45161a1a8a7fe00d5c6b05ed7954f631bbd12a5c9a5cfa5965e0595de608b04ebe02b3fcbf3b9f57807a1a7ad8528992e2ec65949da2f4a0478dfd3ae52639c15d8aeaa351da6d393b58c772168fae604d097fef4d6b9360eb169a0b0ee70cdc22435a003e68698f61b3b63b1f51011bc8f4ef944c1de821785f670124a1c6ed18335d63412", 0x200)
sendfile(r1, r2, 0x0, 0xef85)
r3 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x0)
sendfile(r3, r1, 0x0, 0xffffff38)

[  588.593536][   T20] CoreChips: probe of 1-1:0.0 failed with error -32
[  588.665094][   T26] audit: type=1800 audit(1632817489.541:82): pid=19739 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.2" name="file0" dev="sda1" ino=14255 res=0 errno=0
[  588.711520][   T26] audit: type=1804 audit(1632817489.571:83): pid=19743 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/root/syzkaller-testdir091632032/syzkaller.SPnu3R/125/file0" dev="sda1" ino=14255 res=1 errno=0
[  588.773004][   T26] audit: type=1804 audit(1632817489.591:84): pid=19739 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=ToMToU comm="syz-executor.2" name="/root/syzkaller-testdir091632032/syzkaller.SPnu3R/125/file0" dev="sda1" ino=14255 res=1 errno=0
08:24:50 executing program 0:
r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000300)=ANY=[@ANYBLOB="120100004bfee908e60f00985d19fd1f00010902120001000000000904"], 0x0)
syz_usb_control_io(r0, 0x0, &(0x7f0000000740)={0xfffffde3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000540)={0x40, 0x13, 0x58, @link_local}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0)

08:24:50 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000))
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000001c0)={[0x4, 0x0, 0x0, 0x8, 0x1]})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000140))
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000056f000/0x18000)=nil, &(0x7f0000000080)=[@text32={0x20, &(0x7f00000000c0)="66ba4000b0c2ee66bad104b829280000efea0e0000000a00b8050000000f23d80f21f835c00000a00f23f8653e65f30f21c62e0fae2b0f01c2b8060000000f23d00f21f835200000000f23f8c4c3a1cf830000000002d9f7", 0x58}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

08:24:50 executing program 2:
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
getsockopt$inet6_int(r0, 0x29, 0x10, 0x0, &(0x7f00000000c0))

08:24:50 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_user\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x27fffff, 0x40000000011, r3, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)

08:24:50 executing program 4:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r0 = getpid()
sched_setattr(0x0, 0x0, 0x0)
sched_setattr(r0, &(0x7f0000000240)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0)
sendfile(0xffffffffffffffff, r3, 0x0, 0x400000000001002a)
r4 = syz_mount_image$vfat(&(0x7f0000000400), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
r5 = openat(r4, &(0x7f000000c380)='./file0\x00', 0x84842, 0x0)
write(r5, &(0x7f0000004200)='t', 0xfff4)
sendmsg$NL80211_CMD_SET_INTERFACE(0xffffffffffffffff, &(0x7f0000001840)={&(0x7f0000000080), 0xc, &(0x7f0000001800)={&(0x7f00000001c0)=ANY=[@ANYRES64, @ANYRESDEC, @ANYRES32=0x0, @ANYRES32], 0x60}, 0x1, 0x0, 0x0, 0x44090}, 0x0)

08:24:50 executing program 1:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
setrlimit(0xb, &(0x7f0000000040)={0x0, 0x3})
getpid()
sched_setattr(0x0, &(0x7f0000000140)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r2 = memfd_create(&(0x7f0000000240)='\xb9\xecm1\xc1\xf8\xa6\x8d\xc1\xe2zMN\xc0\x17\xce/\xcd\xa2\xba \x00\x97\xac#*\xff1\x1d\xf6e\xe1\xcb\xaf#\xe5}Fi\xef\xbd\x0f \xe7f@\x19\xc4p\xa4\xc5\x13\x88y\x1e\xe7eNf\x02\xbd\xaf^\xee\b\x15\x86r\xdf\xde\xe9m\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00', 0x0)
write$FUSE_NOTIFY_STORE(r2, &(0x7f0000000800)=ANY=[], 0x2c)
sendfile(r2, r2, &(0x7f0000001000), 0xffff)

[  589.940185][   T20] usb 1-1: USB disconnect, device number 23
08:24:50 executing program 2:
set_mempolicy(0x4005, &(0x7f0000000080)=0x5, 0x2)
syz_mount_image$adfs(&(0x7f00000003c0), &(0x7f0000000700)='./file0\x00', 0x0, 0x0, &(0x7f0000000800), 0x0, &(0x7f0000000840))

[  590.160358][T19787] loop4: detected capacity change from 0 to 16
[  590.273164][   T26] audit: type=1800 audit(1632817491.051:85): pid=19787 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.4" name="file0" dev="loop4" ino=48 res=0 errno=0
[  590.551238][T19792] ADFS-fs (loop2): error: can't find an ADFS filesystem on dev loop2.
08:24:51 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_user\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x27fffff, 0x40000000011, r3, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)

08:24:51 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000))
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000001c0)={[0x4, 0x0, 0x0, 0x8, 0x1]})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000140))
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000056f000/0x18000)=nil, &(0x7f0000000080)=[@text32={0x20, &(0x7f00000000c0)="66ba4000b0c2ee66bad104b829280000efea0e0000000a00b8050000000f23d80f21f835c00000a00f23f8653e65f30f21c62e0fae2b0f01c2b8060000000f23d00f21f835200000000f23f8c4c3a1cf830000000002d9f7", 0x58}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

08:24:51 executing program 2:
ioctl$sock_inet6_SIOCSIFADDR(0xffffffffffffffff, 0x8916, &(0x7f0000000100)={@loopback, 0x5f})
syz_mount_image$msdos(&(0x7f0000000040), &(0x7f00000000c0)='./file1\x00', 0xaea1, 0x1, &(0x7f0000000300)=[{&(0x7f0000000140)="040005090000000066617400040409000200027400f801", 0x17}], 0x0, &(0x7f0000000080)=ANY=[])
chdir(&(0x7f0000000000)='./file1\x00')
r0 = creat(&(0x7f0000000180)='./bus\x00', 0x0)
ftruncate(r0, 0x800)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r1=>0x0}, 0x0)
setresuid(0x0, r1, 0xee01)
mount$9p_fd(0x0, &(0x7f00000001c0)='./file1\x00', &(0x7f0000000340), 0x22002, 0x0)
lseek(r0, 0x0, 0x2)
r2 = open(&(0x7f0000000000)='./bus\x00', 0x86000, 0x0)
r3 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0)
ioctl$SG_IO(r3, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x0, 0x0, @scatter={0x0, 0x0, 0x0}, 0x0, 0x0, 0x0, 0x0, 0x100, 0x0})
perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x5}, 0x0, 0x0, 0x9, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$BTRFS_IOC_INO_LOOKUP_USER(0xffffffffffffffff, 0xd000943e, &(0x7f0000000440)={0x0, 0x0, "5fcb6fc76c73bee52e32529c4aa7d572ba4b803f0e0b3335a6d0c54f0c0696bca059b03647d6b7fd1577855d728085d3944dfd68f4d7b7c5537845ec23f33bd02f0698b4cc6cc639f193da9a08db333063b1a4bf8ec45ce19ceda2ae9720acda4cda1fa79eb68eaadd6343362c4c1e3a6244bdff27d2d1d6159fc0b89196714380038fa275db860b516e37f6a3be973dec2b5b961f7fae1beb2b8063e361b5acdec0fccf1d14ff83ac5ab2213a9e7cb5c219173eff31f02aed86e36dd359357c1e5650c8c56536f92c1e8fad1355c744d358c8fe25f6a41b2f91d9a0df7ba81eeed06df85009c369f53d387c5ee460529f835b94798f9285b073f164b431f737", "60590d16ed543604caaf1aa5d73aeaa081679a96bcfa9fff4ac54a7ec0b2345c7056c469fdcb9b5431715f7bfb9a2bf5b2fc0f1a6ff653356987175ed27fd62dde93f57c232bbfda25284589396965c0304f9d9a5b7840ce41c1ec67e9a0221e6bba152ad58b077f47a30fae9ec428ff62591e024450a0bfc19eb85283c0ab6f4f325ee5c9e6e38d5ff7d155b4220acc118fa56dd2e148f5f5e8657882a4d79b039ea06c9c874ad5abb19211d025d9a2504fd3391650efd17be99553858502e443618351e2b533df29bc92237588bf9b117a7b738a7647f737c99054453b4367faf2a7216179c0eb24a6ff926675e8eb9cd2c0f250ea6e5bc33de5d62c7da01a5265bd591f48b4cc3c138f83498a2e3bc40dc0537773cf7d1c1d797428c086d363b2f0136c00595acf4554fdbf7dd905c68aec6412106f7342496a8fa747e159be3b5780d0a7c5e6fa3afc4bd67bd8012b6a8c80f4838139e1622105e905d82c2ca40d82c88dcadc18e9975f223421612d76ed4bd1a651578b4d3acb4ef7755e4738101c17bbd5fe3241238ce7d0be146427ea2338412bcfb05233a184babbbe987d55df5e65bbe2fdd01c95dc3349962ac8fb81098a29f96ccc5e6c5dab44814107dd7d177a9425fdc808cfb5ca43010b153359668175eb70bf2ed6a378186110ec0087c5f9ad3e9bf560ce407097d9877aa0c20c8dfa24ce855bac702671b709b0d1439eab9d909662ba9b994595de198455e846a62b219f95490ba1a0daf6002a44b97f95037c9072e5be48818985f95a570c42fed9fa394bed72ec8febd156cf4e56594f48ecd127a9bd2e2ba375d34ecedd3044992a9a2c323352ee2f395b39807ad42a884ce8fb07f93fd3a55994c73aca7c678d15a163675711569191b7f1e0ea166cfa82c8ebc836667aed285a575380126bf13e8649a0f60bbefe9da859a30e4ff81c51f7f6dc6d0be97aeb0e3517b1579e34fda4ea370536fe52b45040f3d10d1009709d7b7afc3185aba7da600922cdb83956c3b61b8b90613a93346afbfc3f490ed5e34114e2f9ad4429f1b65ad3690deea226016ee273180c9b7827e63d495762a6d660962cd24ac9c107dce9e7948e7c19792cb540219b29d8409dd5379d7a8555dd32b8be94603bec717c9dce2fc78d3a4621c62af98be88477a07bb88602e9fda139dd53e8d57a87a316c29e41c8ab0c2ab7fed53ace45f6db90a8ee25e410d53e2aaf7cbe802af4461b8cf8eda4a8a46a627030bac6a6090c84dba7cad6c25c5af66126d5eb5b581ca455f2fa86e03dcc337a707d48d3ac64b2d72327d851ec7982947672e4c0290734d99791d131fdb319fbc572e316a7901bb8e03e217b4ce63b49593a57607f2b3e8bc4785e6795bed747c9f4a6e4f2e0eb7c21dea3b66c98e742025c4f759eba1f8d333e6b18bf2817e3999db46cdda74795b83824f0eb7342964a16bdae376373a9efc77250ce7234cdf4d717cb0bc8e559016129b37ae181fb6b0a649d35ed74f63cb91266f6140c085c36acc24cd9720462c7dd05292fa7f0079b916570fe186288458027b883fde64e7a598c8437755a6049de58426ee453971bd0ad5f7a3079ef945106af6b8735511c98772b1e8ad50c8ef02138164f21b9b1434ba06363911da5a3d1fca747684db5c0bdb2286afaaf424373b26475f0a99b20bda6fb32900868c102eb18abb6e765a21d1b6288aeaec2191d1af9bb133b99183daa6fcae63447cb361cb04d935bafcce817700c28a23172e13080860dad43e1cf3e4a336c8e8ccfe13cb538de4ec15aec1df75e2ddd2b5abc10b50484ee8317a07a12bef8ec576c2294d6aa48cd496871ff775745b600d1e3ed4aec30ff7a83bfa66bd20727b99b7f7730fc0d8ccc44f8d29fe8713685c8e84a3829ef010a7bd6b40333456d6fb67f2c2a9d8a631fa82cdd97e455acdfa726fd181a29b998441b9460215cefefc6f7d26e2324743345a8eefc5068166a1aa6e4e12445cab25885e9a8bb5904d41c2b675add7a1b449ac7c341df1b17208ea17235859b5123304861c8ea093c77ee509d69624b2b77e0169937a420b5ed78974115c72774688f966437ef809c536abe887c6aeccd0140214a2f4a72b00b09289112117368470b2404bcc6ff232811b0ad63faf68bf5178e33f021579467debb5bbe4aae51328183f452d1f6beae5d586f29b1caf7d299bf3096ca9e360ed2b908d01f048324a9e79d3d021cbd156866a1c592b525a65e759f92e7f3e5ca6f08175f72fe69db42e2b2f12d1cafa19e8710611bc28cb676587dfb98eb7d925fa1f26fc1e8a020cedf905141d41c1f2f769832e60e01d0644fe479ba22be18a340d8536a8e2ed9d07b9662f28c2129d111bbf0ea807c7775a55e5bac1d21e1da455a0f4ae515aca90ac6dba36761984746246f1cd316aab0b57fd6234b531ad030be82bdfa67fb254091cab093b507f32802c84b19440de0bbb4ef0cfc0e8d74a3d5d79e239d114de085adc0681753dc05d0d87b5f292805bd4d6fb67541679bc4152254a392abb3be8965802ac05569c9d407753213f34f9ce67c0180b8d8cc77522b3cec631010432efb7dffe60244ef6a55637bb44f0dc158a966a44d30f698e628d33ff907759cc0d3fe7680b5acabbe4f3dc0c0c3c860da101e0a480a5dae3d14e60a46a456f16b3cf38543eab4f4789db78e310892ce57e796f8d4ed021dc18563e689848f0bbab680e2dc5a981a70d461f65b73d1a31b7fd32912ea111b49e5e0ec8af84e29a991a01a8dd7610770f899ad04bed887a2aa30504609be455f3e99d56c5ac64415a133123a1912a29fe2a6312dada4143ce132c7fecfaed709270e16cb9d92c9636f4811d12ab8dcfdb351b96838d9102164c9d788a5f54f3b5574cd835a7066863778f3ed30b7392d786e7f1b72c24cf52d85361838edaadf9c2fe99aa389b3d3d6fc9dd3239754f4bc170aeea3315a72796d2d0bf02ad6027bc9cbc2c074117d1fa88acd5fe0a3fbe01f5e351095a88de22a92dd5e71076a08fe8ef24147bcb2ab06ddb9a562cdd7eedfdddddf64868836db299315a4bdc597a23bb3dbf02f0c5a03540d3d54a4e2533b888ce8fa2f9da2aa66ac4b62af7ae3d3cad29d558394489b83cab071217c65a86da20151cc24427d1eadec79547631e13aced39e68d8e47f4d6f767f5777464d9aa6d0aaaabdd0c4f12add59ebf60970d50afe283a762f6e54f0cfe16ac8f4a78b8d4143f124108d6af3ab7013eb4798676511439febc5cb2a6fd0ec19be58288a78330ff03da983cc0dbd6175bbeb72d67b41b25316a6c13b3e0b60f0732bb573f77b5e3ea2e0d30b2a48c66c2b92e0b51b3b83b70732e18481e7f6faae7edbf3f4c77dc1813495eaf16923f6c64f84b10ae8ce1f0e0e0cebe84728450edf3b128242de2e39b32bbfb6851cb4f814db42eded2293810536c22bd8050e122813578ac09d48d972ff518403d53accb593348f0185ba029c182b1b59f620ffb8a3948e9bfd2f94b353e48d285faf366370ee11f8f3bd0817c7c00862e1f1f22ec0124360a1f5506fdc543b729341ddda2cd71f36db65613eb3a04bc3f8cac057ffcc49dca143ba4a58803e01ea2a50a8e03283db6aec82c42b1a4154b2e00b85f59d253e99e64a1c1512332e164c58582d95e53e77259270bcbee5205f0057621ca0832055ef35496dc00bede36a17814181118a44c2aeebf1a435e324c3207d4b48edf44ca51bd10a6a2a76363150224b5e4d652e04f9fa27821aa8a2516e35cfa024cc35c44d94452423d5f208e13dc9d6b50bf6b2053550ffe24dd910710f1ec9e61f47940cef3341b256ae078adcf4d517fed11a6781fcccb165a7d01bec14c84425aa129d2d2ef6898c606129fd4796d5d658b0db9a910c89f0f6369e15404dcd767f7cf4e4415bd6ac1fa689946973ee3390ae4f54c3e9918f1675941863b8bf1a6579070ca45febae7273ad9422d26a9e60368c55ce2331b0226790f8158233d5a78f2effe2d807bba92911ecc0c470c3a772cac96a8488b3868e92a5f2d4658fe934f65662e79b3e0b5509c838279fab5acc1ea39d5d8fec57ab5ebe0ccfc2547b69d23b55e450a5f6100bb8e5b15a3194376ae7fc7a3b178ff58a79adc3925d566bae7cc6353f7b1e5d3ce10b4be1d6204c6a0fcf833084c6653396b1c05114499992d8407b47a8ba05a351c4390569d74fc7ee74b429a8505d8665d0e99d95c0534ffc6bee35d45b6d20a09d1eb11244b821a918173db2d26f406410c9d9b404916307594792a5a4ee4b79572e3af00901822aa76d34dbba32cf9cebf3338b7c69204ea647ed66cae32b274cf2ba44d567152037c0b9e2ce722b5128b06d67cef4e9df3a5b4c905f59ca00e7277b2792b0a6f6c0eb3ae8ac9b57d2ff032512b9f8e1a61da5f61bf46368bf7c120a41f44a72a9f7aeaa9408cbad0995810341ef14167724dc5f7a17a7533ff090aa2d40fd2efd5597390286029601550af0f317de5480f92fa95163e84db70e92010982e9dc6a3aab569f7b76bf59828f6b37c65696d8cfda7113efdde77518c24a96d6f885837c765e6c6cdb83ef99b22e510ff320d1599e2b60daa080d1c41d4fcb99b94d777f8597d826c9a3f040c1ebe7d6914c66ce3ced2fbab3ac0a3bc5d5d06609c7b4073b956cb616fe69433d4e828516f0b56c59c3e3e3440ec47203f205a6e4eb1d1b57ac9537e5cf3ff09117645772944317c14d1943f86f72e8fe86c517aa8f7becc34c42c7fe6e0b4db49dfaa38795e8519697598f3630c145ee37b6c0094ca590af350d91897ccb783c2d6fbafc561709e35c1c07b660cfdbff2063777b6ae49b558d82e2a7a069c2246652bc6ffd11d65d52e22c97ef56c6c6ce9765e1a7be0481e32fdff68d408c7321eb3d783f3e51d6ea61f5853ef880213bc603e4fa33365fc6c8be4e9cf444db17c5ffa933da68cc1c547d789368a0f3e3c28979da1c4c94b6ba5664192d94567ba537473614acbe00b53562abae3b22980b3341a01beafec0b395ee4a5eca8cda1f69f9e2072f4ee450715a67c3a349a725d14c0464699602144069aadfae0f98b358f5e0560c512b080258856d5da1a35c1c781cac5b54731f88845d7f3cc1b28b567bb1e8c37f69f0311277c63a88a5a7fb25b23c558671528b5fd31cb57879b31fe157f2ed7d15fff1bcb1c8be328003d6cf1d8ed8c2c52b8e330788804967ef57615ba440e7e5ecdbada887903d4bf9026365bdfc1145ff7e8469ef59ebd9888f4788c564fb9dd89348b60a5396b51635b02137edfb6bf32da28ed47984632ada195b1e1095dade70128d8c84ef0858c32da78972a1cfa257137ae97390e6fba0ddfad44cf5e61aa3a41c28bf9660fd8e13b1"})
perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x28000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x0, 0x8}, 0x0, 0x0, 0x9}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendfile(r0, r2, 0x0, 0x8400fffffffa)

08:24:51 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_user\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x27fffff, 0x40000000011, r3, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)

[  590.870155][T19814] loop2: detected capacity change from 0 to 87
[  590.873358][   T20] usb 1-1: new high-speed USB device number 24 using dummy_hcd
08:24:51 executing program 4:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r0 = getpid()
sched_setattr(0x0, &(0x7f0000000140)={0x38, 0x0, 0x0, 0x0, 0x9}, 0x0)
sched_setattr(r0, &(0x7f0000000240)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0)
sendfile(0xffffffffffffffff, r3, 0x0, 0x400000000001002a)
r4 = syz_mount_image$vfat(&(0x7f0000000400), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
r5 = openat(r4, &(0x7f000000c380)='./file0\x00', 0x84842, 0x0)
write(r5, &(0x7f0000004200)='t', 0xfff4)
sendmsg$NL80211_CMD_SET_INTERFACE(0xffffffffffffffff, &(0x7f0000001840)={&(0x7f0000000080), 0xc, &(0x7f0000001800)={&(0x7f00000001c0)=ANY=[@ANYRES64, @ANYRESDEC, @ANYRES32=0x0, @ANYRES32], 0x60}, 0x1, 0x0, 0x0, 0x44090}, 0x0)

[  590.991171][   T26] audit: type=1804 audit(1632817491.861:86): pid=19814 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/root/syzkaller-testdir091632032/syzkaller.SPnu3R/128/file1/bus" dev="sda1" ino=15093 res=1 errno=0
[  591.127143][   T26] audit: type=1800 audit(1632817491.891:87): pid=19814 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.2" name="bus" dev="sda1" ino=15093 res=0 errno=0
[  591.153024][   T20] usb 1-1: Using ep0 maxpacket: 8
[  591.297438][T19834] loop4: detected capacity change from 0 to 16
[  591.333097][   T26] audit: type=1800 audit(1632817492.202:88): pid=19834 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.4" name="file0" dev="loop4" ino=49 res=0 errno=0
[  591.414019][   T20] usb 1-1: New USB device found, idVendor=0fe6, idProduct=9800, bcdDevice=19.5d
[  591.471777][   T20] usb 1-1: New USB device strings: Mfr=253, Product=31, SerialNumber=0
[  591.559138][   T20] usb 1-1: Product: syz
[  591.608928][   T20] usb 1-1: Manufacturer: syz
[  591.675912][   T20] usb 1-1: config 0 descriptor??
[  591.697834][   T26] audit: type=1804 audit(1632817492.572:89): pid=19837 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/root/syzkaller-testdir091632032/syzkaller.SPnu3R/128/file1/bus" dev="sda1" ino=15093 res=1 errno=0
[  591.727651][   T26] audit: type=1800 audit(1632817492.572:90): pid=19837 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.2" name="bus" dev="sda1" ino=15093 res=0 errno=0
[  592.203201][   T20] CoreChips: probe of 1-1:0.0 failed with error -32
08:24:54 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_user\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x27fffff, 0x40000000011, r3, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)

08:24:54 executing program 0:
r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000300)=ANY=[@ANYBLOB="120100004bfee908e60f00985d19fd1f00010902120001000000000904"], 0x0)
syz_usb_control_io(r0, 0x0, &(0x7f0000000740)={0xfffffde3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000540)={0x40, 0x13, 0x58, @link_local}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0)

08:24:54 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000))
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000001c0)={[0x4, 0x0, 0x0, 0x8, 0x1]})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000140))
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000056f000/0x18000)=nil, &(0x7f0000000080)=[@text32={0x20, &(0x7f00000000c0)="66ba4000b0c2ee66bad104b829280000efea0e0000000a00b8050000000f23d80f21f835c00000a00f23f8653e65f30f21c62e0fae2b0f01c2b8060000000f23d00f21f835200000000f23f8c4c3a1cf830000000002d9f7", 0x58}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

08:24:54 executing program 2:
prlimit64(0x0, 0x0, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
prlimit64(0x0, 0x0, &(0x7f00000000c0)={0x2}, &(0x7f0000001840))
sched_setattr(0x0, &(0x7f0000000140)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0)
sched_setattr(0x0, &(0x7f0000000240)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
r2 = socket$inet6(0xa, 0x802, 0x88)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast2, 0x4}, 0x1c)
sendmmsg(r2, &(0x7f0000002cc0), 0x1a3, 0x0)

08:24:54 executing program 1:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
setrlimit(0xb, &(0x7f0000000040)={0x0, 0x3})
r0 = getpid()
sched_setattr(r0, &(0x7f0000000240)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = memfd_create(&(0x7f0000000240)='\xb9\xecm1\xc1\xf8\xa6\x8d\xc1\xe2zMN\xc0\x17\xce/\xcd\xa2\xba \x00\x97\xac#*\xff1\x1d\xf6e\xe1\xcb\xaf#\xe5}Fi\xef\xbd\x0f \xe7f@\x19\xc4p\xa4\xc5\x13\x88y\x1e\xe7eNf\x02\xbd\xaf^\xee\b\x15\x86r\xdf\xde\xe9m\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00', 0x0)
write$FUSE_NOTIFY_STORE(r3, &(0x7f0000000800)=ANY=[], 0x2c)
sendfile(r3, r3, &(0x7f0000001000), 0xffff)

08:24:54 executing program 4:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r0 = getpid()
sched_setattr(0x0, &(0x7f0000000140)={0x38, 0x0, 0x0, 0x0, 0x9}, 0x0)
sched_setattr(r0, &(0x7f0000000240)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0)
sendfile(0xffffffffffffffff, r3, 0x0, 0x400000000001002a)
r4 = syz_mount_image$vfat(&(0x7f0000000400), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
r5 = openat(r4, &(0x7f000000c380)='./file0\x00', 0x84842, 0x0)
write(r5, &(0x7f0000004200)='t', 0xfff4)
sendmsg$NL80211_CMD_SET_INTERFACE(0xffffffffffffffff, &(0x7f0000001840)={&(0x7f0000000080), 0xc, &(0x7f0000001800)={&(0x7f00000001c0)=ANY=[@ANYRES64, @ANYRESDEC, @ANYRES32=0x0, @ANYRES32], 0x60}, 0x1, 0x0, 0x0, 0x44090}, 0x0)

[  593.208610][   T25] usb 1-1: USB disconnect, device number 24
[  593.774021][T19881] loop4: detected capacity change from 0 to 16
08:24:54 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_user\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x27fffff, 0x40000000011, r3, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)

08:24:54 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000))
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000001c0)={[0x4, 0x0, 0x0, 0x8, 0x0, 0x0, 0x1002]})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000140))
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000056f000/0x18000)=nil, &(0x7f0000000080)=[@text32={0x20, &(0x7f00000000c0)="66ba4000b0c2ee66bad104b829280000efea0e0000000a00b8050000000f23d80f21f835c00000a00f23f8653e65f30f21c62e0fae2b0f01c2b8060000000f23d00f21f835200000000f23f8c4c3a1cf830000000002d9f7", 0x58}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  594.202764][ T8141] usb 1-1: new high-speed USB device number 25 using dummy_hcd
08:24:55 executing program 1:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
setrlimit(0xb, &(0x7f0000000040)={0x0, 0x3})
r0 = getpid()
sched_setattr(r0, &(0x7f0000000240)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = memfd_create(&(0x7f0000000240)='\xb9\xecm1\xc1\xf8\xa6\x8d\xc1\xe2zMN\xc0\x17\xce/\xcd\xa2\xba \x00\x97\xac#*\xff1\x1d\xf6e\xe1\xcb\xaf#\xe5}Fi\xef\xbd\x0f \xe7f@\x19\xc4p\xa4\xc5\x13\x88y\x1e\xe7eNf\x02\xbd\xaf^\xee\b\x15\x86r\xdf\xde\xe9m\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00', 0x0)
write$FUSE_NOTIFY_STORE(r3, &(0x7f0000000800)=ANY=[], 0x2c)
sendfile(r3, r3, &(0x7f0000001000), 0xffff)

08:24:55 executing program 4:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r0 = getpid()
sched_setattr(0x0, &(0x7f0000000140)={0x38, 0x0, 0x0, 0x0, 0x9}, 0x0)
sched_setattr(r0, &(0x7f0000000240)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0)
sendfile(0xffffffffffffffff, r3, 0x0, 0x400000000001002a)
r4 = syz_mount_image$vfat(&(0x7f0000000400), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
r5 = openat(r4, &(0x7f000000c380)='./file0\x00', 0x84842, 0x0)
write(r5, &(0x7f0000004200)='t', 0xfff4)
sendmsg$NL80211_CMD_SET_INTERFACE(0xffffffffffffffff, &(0x7f0000001840)={&(0x7f0000000080), 0xc, &(0x7f0000001800)={&(0x7f00000001c0)=ANY=[@ANYRES64, @ANYRESDEC, @ANYRES32=0x0, @ANYRES32], 0x60}, 0x1, 0x0, 0x0, 0x44090}, 0x0)

08:24:55 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000))
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000001c0)={[0x4, 0x0, 0x0, 0x8, 0x0, 0x0, 0x1002]})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000140))
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000056f000/0x18000)=nil, &(0x7f0000000080)=[@text32={0x20, &(0x7f00000000c0)="66ba4000b0c2ee66bad104b829280000efea0e0000000a00b8050000000f23d80f21f835c00000a00f23f8653e65f30f21c62e0fae2b0f01c2b8060000000f23d00f21f835200000000f23f8c4c3a1cf830000000002d9f7", 0x58}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

08:24:55 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_user\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x27fffff, 0x40000000011, r3, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)

08:24:55 executing program 2:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000240)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0)
prlimit64(r0, 0xd, &(0x7f0000000480)={0x8, 0x200}, &(0x7f00000004c0))
perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sched_setattr(0x0, &(0x7f0000000140)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0)
sched_setattr(0x0, 0x0, 0x0)
connect$unix(0xffffffffffffffff, 0x0, 0x0)
sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0)
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, 0x0)
ioctl$LOOP_CTL_ADD(r1, 0x4c80, 0x0)
syz_mount_image$ufs(&(0x7f0000000000), &(0x7f00000001c0)='./file0\x00', 0x7ff, 0x2, &(0x7f0000000240)=[{&(0x7f00000002c0)="8fad1181df81666951e01f20280927f9067f77058a4bc8eeddcc49a0e6d5f898a03837a4c8b79c57d52289f51da4e12d1cd6a6454dc12cd19dc8ab82447a2e933a173e20b16f718eb8e8b188808d9ee22b9f2959cff72403018cb626640c3b1d111a93c25cf95e76b12dbc1bf62fdeed6fe21cf3e66c5a74f1b1db859c7aa02dc877d3ce35a8d259c24f74dde7f828769d0405d0ab9ab58e17695d6aa2622de862cbb67a028ef43b61b22b34cf38d013401a3e2e5101eb", 0xb7, 0x75ee46d7}, {&(0x7f0000000380)="38ff754228ef2e62d7912c1d0494c72099c5afe68b31a99b12021c3d546fb0cf534a3edce689dccb074b2461cd6a2a6afa803b546e6e70c55ee858d84bbb322f333ae435b9d9a63080bfc454b8cf22cd5c9cea4f41c20ea3b5ece2565ef7fdce4422db7baca9da89155cbbeb51064807f5b09b2c91d496ff4af8e7ca5e59d0c2ae6e0ad2c231c5c59b8d7ff9960c291e8e61a69e327e5b6bc2bd99a83e1f8ff3c9d6f949633420b36d7bb54640f51e9a3a8b400ac4f545898b08ae597ddc6e67eb710bd96527be56e515bf4b773c45985c0516535b41b53360c0514a82555096851a31b500d131304eb9878c2de7869c330247b147be373b7f7a5cba", 0xfc, 0x400}], 0x45811, 0x0)
pivot_root(0x0, &(0x7f0000000080)='./file0\x00')
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f0000000040), 0xc, &(0x7f00000000c0)={&(0x7f0000000180)=@bridge_setlink={0x30, 0x13, 0x0, 0x0, 0x0, {0x7, 0x0, 0x0, 0x0, 0x0, 0xc000}, [@IFLA_NUM_RX_QUEUES={0x8, 0x20, 0xcde1}, @IFLA_CARRIER={0x5, 0x21, 0x60}]}, 0x30}}, 0x48041)

[  594.483092][ T8141] usb 1-1: Using ep0 maxpacket: 8
[  594.806803][T19927] loop2: detected capacity change from 0 to 264192
[  594.819712][T19928] loop4: detected capacity change from 0 to 16
[  594.866884][   T26] kauditd_printk_skb: 1 callbacks suppressed
[  594.866898][   T26] audit: type=1800 audit(1632817495.742:92): pid=19928 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.4" name="file0" dev="loop4" ino=50 res=0 errno=0
[  595.105905][T19941] loop2: detected capacity change from 0 to 264192
[  595.183342][ T8141] usb 1-1: New USB device found, idVendor=0fe6, idProduct=9800, bcdDevice=19.5d
[  595.222977][ T8141] usb 1-1: New USB device strings: Mfr=253, Product=31, SerialNumber=0
[  595.299324][ T8141] usb 1-1: Product: syz
[  595.332333][ T8141] usb 1-1: Manufacturer: syz
[  595.410989][ T8141] usb 1-1: config 0 descriptor??
[  595.902881][ T8141] CoreChips: probe of 1-1:0.0 failed with error -32
08:24:57 executing program 0:
r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000300)=ANY=[@ANYBLOB="120100004bfee908e60f00985d19fd1f00010902120001000000000904"], 0x0)
syz_usb_control_io(r0, 0x0, &(0x7f0000000740)={0xfffffde3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000540)={0x40, 0x13, 0x58, @link_local}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0)

08:24:57 executing program 2:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x200000, 0x5, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000900100000f000000000000000200000006000000000008000080000020000000dbf4655fdbf4655f0100ffff53ef010001000000daf4655f000000000000000001000000000000000b0000000004000008000000d2c200001203", 0x66, 0x400}, {&(0x7f0000010100)="00000000000000000000000082e36724c6f34caa846ed2e527703378010040", 0x1f, 0x4e0}, {&(0x7f0000010400)="02000000030000000400000019000f000300040000000000000000000f002e69", 0x20, 0x1000}, {&(0x7f0000010500)="7f000000ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x1002, 0x2000}, {&(0x7f0000012600)="ed41000010000000daf4655fdbf4655fdbf4655f00000000000004008000000000000800050000000af301000400000000000000000000000900000010", 0x3d, 0x4400}], 0x0, &(0x7f0000000280)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='cpuacct.stat\x00', 0x26e1, 0x0)
perf_event_open(&(0x7f0000000040)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x248000009, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x4030582a, &(0x7f0000000040))
write$cgroup_type(r0, &(0x7f0000000140), 0xffffff1f)

08:24:57 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_user\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x27fffff, 0x40000000011, r3, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)

08:24:57 executing program 1:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
setrlimit(0xb, &(0x7f0000000040)={0x0, 0x3})
r0 = getpid()
sched_setattr(r0, &(0x7f0000000240)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = memfd_create(&(0x7f0000000240)='\xb9\xecm1\xc1\xf8\xa6\x8d\xc1\xe2zMN\xc0\x17\xce/\xcd\xa2\xba \x00\x97\xac#*\xff1\x1d\xf6e\xe1\xcb\xaf#\xe5}Fi\xef\xbd\x0f \xe7f@\x19\xc4p\xa4\xc5\x13\x88y\x1e\xe7eNf\x02\xbd\xaf^\xee\b\x15\x86r\xdf\xde\xe9m\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00', 0x0)
write$FUSE_NOTIFY_STORE(r3, &(0x7f0000000800)=ANY=[], 0x2c)
sendfile(r3, r3, &(0x7f0000001000), 0xffff)

08:24:57 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000))
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000001c0)={[0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1002]})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000140))
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000056f000/0x18000)=nil, &(0x7f0000000080)=[@text32={0x20, &(0x7f00000000c0)="66ba4000b0c2ee66bad104b829280000efea0e0000000a00b8050000000f23d80f21f835c00000a00f23f8653e65f30f21c62e0fae2b0f01c2b8060000000f23d00f21f835200000000f23f8c4c3a1cf830000000002d9f7", 0x58}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

08:24:57 executing program 4:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r0 = getpid()
sched_setattr(0x0, &(0x7f0000000140)={0x38, 0x2}, 0x0)
sched_setattr(r0, &(0x7f0000000240)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0)
sendfile(0xffffffffffffffff, r3, 0x0, 0x400000000001002a)
r4 = syz_mount_image$vfat(&(0x7f0000000400), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
r5 = openat(r4, &(0x7f000000c380)='./file0\x00', 0x84842, 0x0)
write(r5, &(0x7f0000004200)='t', 0xfff4)
sendmsg$NL80211_CMD_SET_INTERFACE(0xffffffffffffffff, &(0x7f0000001840)={&(0x7f0000000080), 0xc, &(0x7f0000001800)={&(0x7f00000001c0)=ANY=[@ANYRES64, @ANYRESDEC, @ANYRES32=0x0, @ANYRES32], 0x60}, 0x1, 0x0, 0x0, 0x44090}, 0x0)

[  596.914300][   T20] usb 1-1: USB disconnect, device number 25
[  596.995428][T19977] loop2: detected capacity change from 0 to 4096
[  597.061095][T19977] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  597.526480][T20000] loop4: detected capacity change from 0 to 16
08:24:58 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_user\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x27fffff, 0x40000000011, r3, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)

08:24:58 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000))
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000001c0)={[0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1002]})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000140))
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000056f000/0x18000)=nil, &(0x7f0000000080)=[@text32={0x20, &(0x7f00000000c0)="66ba4000b0c2ee66bad104b829280000efea0e0000000a00b8050000000f23d80f21f835c00000a00f23f8653e65f30f21c62e0fae2b0f01c2b8060000000f23d00f21f835200000000f23f8c4c3a1cf830000000002d9f7", 0x58}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  597.842632][   T20] usb 1-1: new high-speed USB device number 26 using dummy_hcd
08:24:58 executing program 2:
ioctl$TUNGETFEATURES(0xffffffffffffffff, 0x800454cf, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r0 = getpid()
sched_setattr(0x0, &(0x7f0000000140)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0)
sched_setattr(r0, &(0x7f0000000240)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000300)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f00000003c0)={'vxcan0\x00'})
r3 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$LOOP_CTL_REMOVE(r3, 0x4c81, 0x0)
ioctl$LOOP_CTL_ADD(r3, 0x4c80, 0x0)
pivot_root(&(0x7f0000000280)='./file0\x00', &(0x7f0000000080)='./file0\x00')
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x400000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x8001}, 0x0)
socket$caif_seqpacket(0x25, 0x5, 0x0)

08:24:58 executing program 1:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
setrlimit(0xb, &(0x7f0000000040)={0x0, 0x3})
sched_setattr(0x0, &(0x7f0000000140)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0)
sched_setattr(0x0, &(0x7f0000000240)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r2 = memfd_create(&(0x7f0000000240)='\xb9\xecm1\xc1\xf8\xa6\x8d\xc1\xe2zMN\xc0\x17\xce/\xcd\xa2\xba \x00\x97\xac#*\xff1\x1d\xf6e\xe1\xcb\xaf#\xe5}Fi\xef\xbd\x0f \xe7f@\x19\xc4p\xa4\xc5\x13\x88y\x1e\xe7eNf\x02\xbd\xaf^\xee\b\x15\x86r\xdf\xde\xe9m\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00', 0x0)
write$FUSE_NOTIFY_STORE(r2, &(0x7f0000000800)=ANY=[], 0x2c)
sendfile(r2, r2, &(0x7f0000001000), 0xffff)

08:24:58 executing program 4:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r0 = getpid()
sched_setattr(0x0, &(0x7f0000000140)={0x38, 0x2}, 0x0)
sched_setattr(r0, &(0x7f0000000240)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0)
sendfile(0xffffffffffffffff, r3, 0x0, 0x400000000001002a)
r4 = syz_mount_image$vfat(&(0x7f0000000400), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
r5 = openat(r4, &(0x7f000000c380)='./file0\x00', 0x84842, 0x0)
write(r5, &(0x7f0000004200)='t', 0xfff4)
sendmsg$NL80211_CMD_SET_INTERFACE(0xffffffffffffffff, &(0x7f0000001840)={&(0x7f0000000080), 0xc, &(0x7f0000001800)={&(0x7f00000001c0)=ANY=[@ANYRES64, @ANYRESDEC, @ANYRES32=0x0, @ANYRES32], 0x60}, 0x1, 0x0, 0x0, 0x44090}, 0x0)

08:24:59 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_user\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x27fffff, 0x40000000011, r3, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)

[  598.162512][   T20] usb 1-1: Using ep0 maxpacket: 8
[  598.663899][T20043] loop4: detected capacity change from 0 to 16
[  599.712698][   T20] usb 1-1: New USB device found, idVendor=0fe6, idProduct=9800, bcdDevice=19.5d
[  599.736739][   T20] usb 1-1: New USB device strings: Mfr=253, Product=31, SerialNumber=0
[  599.797825][   T20] usb 1-1: Product: syz
[  599.832490][   T20] usb 1-1: Manufacturer: syz
[  599.842628][   T20] usb 1-1: config 0 descriptor??
08:25:00 executing program 0:
syz_usb_control_io(0xffffffffffffffff, 0x0, 0x0)
syz_usb_control_io(0xffffffffffffffff, 0x0, &(0x7f0000000740)={0xfffffde3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000540)={0x40, 0x13, 0x58, @link_local}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$hid(0xffffffffffffffff, 0x0, 0x0)
syz_usb_control_io$cdc_ecm(0xffffffffffffffff, 0x0, 0x0)

08:25:00 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_user\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x27fffff, 0x40000000011, r3, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)

08:25:00 executing program 2:
syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x123402)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0)
preadv(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
ioctl$SG_IO(0xffffffffffffffff, 0x2285, &(0x7f0000000140)={0x0, 0xfffffffffffffffe, 0x8f, 0x20, @buffer={0x0, 0xad, &(0x7f0000000200)=""/173}, &(0x7f00000002c0)="f1d207bbad74482739b9dc53c54a362582a072d30b17e98b07f8547a8f6d24a65248d79f7b7387ea7709b5f6a73d41d9adfe6be7bba8f0e619cebd35f84e0ee863fb7d8edb217244118ec737e4f7d9e8e18c37561191c695ed76a38cab73d7bd4def061f0c5f93e839a28a356d2f7ef1572a2b6bbad353e24ab78241ce4a96430b5ab38bb1f4f7bcc5a571df2973e4", 0x0, 0xfffffffb, 0x0, 0x3, 0x0})
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f00000004c0))
r0 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0)
ioctl$SG_IO(r0, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x11, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c92", 0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r0, 0x81f8943c, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f000005d940)={0x0, [], 0xfb, "ef060a34d7f4ba"})
perf_event_open(&(0x7f000001d000)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7ff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = syz_io_uring_setup(0x2de7, &(0x7f0000001600)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000002000/0x2000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000000100)=<r2=>0x0, &(0x7f0000000000)=<r3=>0x0)
openat(0xffffffffffffff9c, &(0x7f0000002040)='./file0/file0\x00', 0x0, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f00000001c0)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd_index=0x3, 0x0, 0x0}, 0x0)
io_uring_enter(r1, 0x2ff, 0x0, 0x0, 0x0, 0x0)

08:25:00 executing program 4:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r0 = getpid()
sched_setattr(0x0, &(0x7f0000000140)={0x38, 0x2}, 0x0)
sched_setattr(r0, &(0x7f0000000240)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0)
sendfile(0xffffffffffffffff, r3, 0x0, 0x400000000001002a)
r4 = syz_mount_image$vfat(&(0x7f0000000400), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
r5 = openat(r4, &(0x7f000000c380)='./file0\x00', 0x84842, 0x0)
write(r5, &(0x7f0000004200)='t', 0xfff4)
sendmsg$NL80211_CMD_SET_INTERFACE(0xffffffffffffffff, &(0x7f0000001840)={&(0x7f0000000080), 0xc, &(0x7f0000001800)={&(0x7f00000001c0)=ANY=[@ANYRES64, @ANYRESDEC, @ANYRES32=0x0, @ANYRES32], 0x60}, 0x1, 0x0, 0x0, 0x44090}, 0x0)

08:25:00 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000))
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000001c0)={[0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1002]})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000140))
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000056f000/0x18000)=nil, &(0x7f0000000080)=[@text32={0x20, &(0x7f00000000c0)="66ba4000b0c2ee66bad104b829280000efea0e0000000a00b8050000000f23d80f21f835c00000a00f23f8653e65f30f21c62e0fae2b0f01c2b8060000000f23d00f21f835200000000f23f8c4c3a1cf830000000002d9f7", 0x58}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  600.072638][   T20] CoreChips 1-1:0.0 (unnamed net_device) (uninitialized): set LINK LED failed : -71
[  600.106264][   T20] CoreChips: probe of 1-1:0.0 failed with error -71
[  600.169589][   T20] usb 1-1: USB disconnect, device number 26
[  600.298841][T20088] loop4: detected capacity change from 0 to 16
[  600.318905][   T26] audit: type=1800 audit(1632817501.192:93): pid=20088 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.4" name="file0" dev="loop4" ino=51 res=0 errno=0
08:25:01 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000))
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000001c0)={[0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x1002]})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000140))
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000056f000/0x18000)=nil, &(0x7f0000000080)=[@text32={0x20, &(0x7f00000000c0)="66ba4000b0c2ee66bad104b829280000efea0e0000000a00b8050000000f23d80f21f835c00000a00f23f8653e65f30f21c62e0fae2b0f01c2b8060000000f23d00f21f835200000000f23f8c4c3a1cf830000000002d9f7", 0x58}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

08:25:01 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_user\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x27fffff, 0x40000000011, r3, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)

08:25:01 executing program 2:
syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x123402)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0)
preadv(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
ioctl$SG_IO(0xffffffffffffffff, 0x2285, &(0x7f0000000140)={0x0, 0xfffffffffffffffe, 0x8f, 0x20, @buffer={0x0, 0xad, &(0x7f0000000200)=""/173}, &(0x7f00000002c0)="f1d207bbad74482739b9dc53c54a362582a072d30b17e98b07f8547a8f6d24a65248d79f7b7387ea7709b5f6a73d41d9adfe6be7bba8f0e619cebd35f84e0ee863fb7d8edb217244118ec737e4f7d9e8e18c37561191c695ed76a38cab73d7bd4def061f0c5f93e839a28a356d2f7ef1572a2b6bbad353e24ab78241ce4a96430b5ab38bb1f4f7bcc5a571df2973e4", 0x0, 0xfffffffb, 0x0, 0x3, 0x0})
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f00000004c0))
r0 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0)
ioctl$SG_IO(r0, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x11, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c92", 0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r0, 0x81f8943c, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f000005d940)={0x0, [], 0xfb, "ef060a34d7f4ba"})
perf_event_open(&(0x7f000001d000)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7ff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = syz_io_uring_setup(0x2de7, &(0x7f0000001600)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000002000/0x2000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000000100)=<r2=>0x0, &(0x7f0000000000)=<r3=>0x0)
openat(0xffffffffffffff9c, &(0x7f0000002040)='./file0/file0\x00', 0x0, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f00000001c0)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd_index=0x3, 0x0, 0x0}, 0x0)
io_uring_enter(r1, 0x2ff, 0x0, 0x0, 0x0, 0x0)

08:25:02 executing program 4:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
getpid()
sched_setattr(0x0, &(0x7f0000000140)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0)
sched_setattr(0x0, &(0x7f0000000240)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0)
sendfile(0xffffffffffffffff, r2, 0x0, 0x400000000001002a)
r3 = syz_mount_image$vfat(&(0x7f0000000400), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
r4 = openat(r3, &(0x7f000000c380)='./file0\x00', 0x84842, 0x0)
write(r4, &(0x7f0000004200)='t', 0xfff4)
sendmsg$NL80211_CMD_SET_INTERFACE(0xffffffffffffffff, &(0x7f0000001840)={&(0x7f0000000080), 0xc, &(0x7f0000001800)={&(0x7f00000001c0)=ANY=[@ANYRES64, @ANYRESDEC, @ANYRES32=0x0, @ANYRES32], 0x60}, 0x1, 0x0, 0x0, 0x44090}, 0x0)

[  601.472033][T20121] loop4: detected capacity change from 0 to 16
[  601.517770][   T26] audit: type=1800 audit(1632817502.392:94): pid=20121 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.4" name="file0" dev="loop4" ino=52 res=0 errno=0
08:25:02 executing program 1:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
setrlimit(0xb, &(0x7f0000000040)={0x0, 0x3})
sched_setattr(0x0, &(0x7f0000000140)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0)
sched_setattr(0x0, &(0x7f0000000240)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r2 = memfd_create(&(0x7f0000000240)='\xb9\xecm1\xc1\xf8\xa6\x8d\xc1\xe2zMN\xc0\x17\xce/\xcd\xa2\xba \x00\x97\xac#*\xff1\x1d\xf6e\xe1\xcb\xaf#\xe5}Fi\xef\xbd\x0f \xe7f@\x19\xc4p\xa4\xc5\x13\x88y\x1e\xe7eNf\x02\xbd\xaf^\xee\b\x15\x86r\xdf\xde\xe9m\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00', 0x0)
write$FUSE_NOTIFY_STORE(r2, &(0x7f0000000800)=ANY=[], 0x2c)
sendfile(r2, r2, &(0x7f0000001000), 0xffff)

08:25:02 executing program 0:
syz_usb_control_io(0xffffffffffffffff, 0x0, 0x0)
syz_usb_control_io(0xffffffffffffffff, 0x0, &(0x7f0000000740)={0xfffffde3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000540)={0x40, 0x13, 0x58, @link_local}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$hid(0xffffffffffffffff, 0x0, 0x0)
syz_usb_control_io$cdc_ecm(0xffffffffffffffff, 0x0, 0x0)

08:25:02 executing program 2:
getpid()
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
r0 = syz_open_dev$ndb(&(0x7f0000000080), 0x0, 0x0)
r1 = socket(0x2, 0x1, 0x0)
ioctl$NBD_SET_SOCK(r0, 0xab00, r1)

08:25:02 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x27fffff, 0x40000000011, r3, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)

08:25:02 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000))
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000001c0)={[0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x1002]})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000140))
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000056f000/0x18000)=nil, &(0x7f0000000080)=[@text32={0x20, &(0x7f00000000c0)="66ba4000b0c2ee66bad104b829280000efea0e0000000a00b8050000000f23d80f21f835c00000a00f23f8653e65f30f21c62e0fae2b0f01c2b8060000000f23d00f21f835200000000f23f8c4c3a1cf830000000002d9f7", 0x58}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  602.202898][T20128] block nbd2: shutting down sockets
[  602.262688][T20128] block nbd2: shutting down sockets
08:25:03 executing program 2:
set_mempolicy(0x1, 0x0, 0x0)
unshare(0x6c060000)

08:25:03 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x27fffff, 0x40000000011, r3, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)

08:25:03 executing program 0:
syz_usb_control_io(0xffffffffffffffff, 0x0, 0x0)
syz_usb_control_io(0xffffffffffffffff, 0x0, &(0x7f0000000740)={0xfffffde3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000540)={0x40, 0x13, 0x58, @link_local}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$hid(0xffffffffffffffff, 0x0, 0x0)
syz_usb_control_io$cdc_ecm(0xffffffffffffffff, 0x0, 0x0)

08:25:03 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x27fffff, 0x40000000011, r3, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)

08:25:03 executing program 2:
unshare(0x48040200)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)=0xe)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0xffffffffffffffff}, 0x78)
r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x1a01, 0x0)
ioctl$EVIOCGPROP(r1, 0x40047438, &(0x7f0000000180)=""/246)
r2 = dup(r1)
write$nbd(r2, 0x0, 0x0)

08:25:04 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000))
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000001c0)={[0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x1002]})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000140))
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000056f000/0x18000)=nil, &(0x7f0000000080)=[@text32={0x20, &(0x7f00000000c0)="66ba4000b0c2ee66bad104b829280000efea0e0000000a00b8050000000f23d80f21f835c00000a00f23f8653e65f30f21c62e0fae2b0f01c2b8060000000f23d00f21f835200000000f23f8c4c3a1cf830000000002d9f7", 0x58}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

08:25:05 executing program 4:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
getpid()
sched_setattr(0x0, &(0x7f0000000140)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0)
sched_setattr(0x0, &(0x7f0000000240)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0)
sendfile(0xffffffffffffffff, r2, 0x0, 0x400000000001002a)
r3 = syz_mount_image$vfat(&(0x7f0000000400), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
r4 = openat(r3, &(0x7f000000c380)='./file0\x00', 0x84842, 0x0)
write(r4, &(0x7f0000004200)='t', 0xfff4)
sendmsg$NL80211_CMD_SET_INTERFACE(0xffffffffffffffff, &(0x7f0000001840)={&(0x7f0000000080), 0xc, &(0x7f0000001800)={&(0x7f00000001c0)=ANY=[@ANYRES64, @ANYRESDEC, @ANYRES32=0x0, @ANYRES32], 0x60}, 0x1, 0x0, 0x0, 0x44090}, 0x0)

[  604.414886][T20255] loop4: detected capacity change from 0 to 16
[  604.463561][   T26] audit: type=1800 audit(1632817505.342:95): pid=20255 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.4" name="file0" dev="loop4" ino=53 res=0 errno=0
08:25:05 executing program 1:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
setrlimit(0xb, &(0x7f0000000040)={0x0, 0x3})
sched_setattr(0x0, &(0x7f0000000140)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0)
sched_setattr(0x0, &(0x7f0000000240)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r2 = memfd_create(&(0x7f0000000240)='\xb9\xecm1\xc1\xf8\xa6\x8d\xc1\xe2zMN\xc0\x17\xce/\xcd\xa2\xba \x00\x97\xac#*\xff1\x1d\xf6e\xe1\xcb\xaf#\xe5}Fi\xef\xbd\x0f \xe7f@\x19\xc4p\xa4\xc5\x13\x88y\x1e\xe7eNf\x02\xbd\xaf^\xee\b\x15\x86r\xdf\xde\xe9m\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00', 0x0)
write$FUSE_NOTIFY_STORE(r2, &(0x7f0000000800)=ANY=[], 0x2c)
sendfile(r2, r2, &(0x7f0000001000), 0xffff)

08:25:05 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_user\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x0, 0x40000000011, r3, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)

08:25:05 executing program 0:
r0 = syz_usb_connect(0x0, 0x24, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, &(0x7f0000000740)={0xfffffde3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000540)={0x40, 0x13, 0x58, @link_local}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0)

08:25:05 executing program 2:
unshare(0x48040200)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)=0xe)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0xffffffffffffffff}, 0x78)
r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x1a01, 0x0)
ioctl$EVIOCGPROP(r1, 0x40047438, &(0x7f0000000180)=""/246)
r2 = dup(r1)
write$nbd(r2, 0x0, 0x0)

08:25:05 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000))
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000001c0)={[0x4, 0x0, 0x0, 0x8, 0x0, 0x0, 0x1002]})
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)
ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000140))
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000056f000/0x18000)=nil, &(0x7f0000000080)=[@text32={0x20, &(0x7f00000000c0)="66ba4000b0c2ee66bad104b829280000efea0e0000000a00b8050000000f23d80f21f835c00000a00f23f8653e65f30f21c62e0fae2b0f01c2b8060000000f23d00f21f835200000000f23f8c4c3a1cf830000000002d9f7", 0x58}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

08:25:05 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000))
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000001c0)={[0x4, 0x0, 0x0, 0x8, 0x0, 0x0, 0x1002]})
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)
ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000140))
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000056f000/0x18000)=nil, &(0x7f0000000080)=[@text32={0x20, &(0x7f00000000c0)="66ba4000b0c2ee66bad104b829280000efea0e0000000a00b8050000000f23d80f21f835c00000a00f23f8653e65f30f21c62e0fae2b0f01c2b8060000000f23d00f21f835200000000f23f8c4c3a1cf830000000002d9f7", 0x58}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

08:25:05 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_user\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x0, 0x40000000011, r3, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)

08:25:06 executing program 2:
unshare(0x48040200)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)=0xe)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0xffffffffffffffff}, 0x78)
r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x1a01, 0x0)
ioctl$EVIOCGPROP(r1, 0x40047438, &(0x7f0000000180)=""/246)
r2 = dup(r1)
write$nbd(r2, 0x0, 0x0)

08:25:06 executing program 0:
r0 = syz_usb_connect(0x0, 0x24, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, &(0x7f0000000740)={0xfffffde3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000540)={0x40, 0x13, 0x58, @link_local}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0)

08:25:06 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000))
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000001c0)={[0x4, 0x0, 0x0, 0x8, 0x0, 0x0, 0x1002]})
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)
ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000140))
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000056f000/0x18000)=nil, &(0x7f0000000080)=[@text32={0x20, &(0x7f00000000c0)="66ba4000b0c2ee66bad104b829280000efea0e0000000a00b8050000000f23d80f21f835c00000a00f23f8653e65f30f21c62e0fae2b0f01c2b8060000000f23d00f21f835200000000f23f8c4c3a1cf830000000002d9f7", 0x58}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

08:25:06 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_user\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x0, 0x40000000011, r3, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)

08:25:07 executing program 4:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
getpid()
sched_setattr(0x0, &(0x7f0000000140)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0)
sched_setattr(0x0, &(0x7f0000000240)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0)
sendfile(0xffffffffffffffff, r2, 0x0, 0x400000000001002a)
r3 = syz_mount_image$vfat(&(0x7f0000000400), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
r4 = openat(r3, &(0x7f000000c380)='./file0\x00', 0x84842, 0x0)
write(r4, &(0x7f0000004200)='t', 0xfff4)
sendmsg$NL80211_CMD_SET_INTERFACE(0xffffffffffffffff, &(0x7f0000001840)={&(0x7f0000000080), 0xc, &(0x7f0000001800)={&(0x7f00000001c0)=ANY=[@ANYRES64, @ANYRESDEC, @ANYRES32=0x0, @ANYRES32], 0x60}, 0x1, 0x0, 0x0, 0x44090}, 0x0)

[  606.889220][T20362] loop4: detected capacity change from 0 to 16
08:25:07 executing program 1:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r0 = getpid()
sched_setattr(0x0, &(0x7f0000000140)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0)
sched_setattr(r0, &(0x7f0000000240)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = memfd_create(&(0x7f0000000240)='\xb9\xecm1\xc1\xf8\xa6\x8d\xc1\xe2zMN\xc0\x17\xce/\xcd\xa2\xba \x00\x97\xac#*\xff1\x1d\xf6e\xe1\xcb\xaf#\xe5}Fi\xef\xbd\x0f \xe7f@\x19\xc4p\xa4\xc5\x13\x88y\x1e\xe7eNf\x02\xbd\xaf^\xee\b\x15\x86r\xdf\xde\xe9m\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00', 0x0)
write$FUSE_NOTIFY_STORE(r3, &(0x7f0000000800)=ANY=[], 0x2c)
sendfile(r3, r3, &(0x7f0000001000), 0xffff)

08:25:07 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000))
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000001c0)={[0x4, 0x0, 0x0, 0x8, 0x0, 0x0, 0x1002]})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_PIT(0xffffffffffffffff, 0x8048ae66, &(0x7f0000000140))
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000056f000/0x18000)=nil, &(0x7f0000000080)=[@text32={0x20, &(0x7f00000000c0)="66ba4000b0c2ee66bad104b829280000efea0e0000000a00b8050000000f23d80f21f835c00000a00f23f8653e65f30f21c62e0fae2b0f01c2b8060000000f23d00f21f835200000000f23f8c4c3a1cf830000000002d9f7", 0x58}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

08:25:07 executing program 2:
unshare(0x48040200)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)=0xe)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0xffffffffffffffff}, 0x78)
r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x1a01, 0x0)
ioctl$EVIOCGPROP(r1, 0x40047438, &(0x7f0000000180)=""/246)
r2 = dup(r1)
write$nbd(r2, 0x0, 0x0)

08:25:07 executing program 0:
r0 = syz_usb_connect(0x0, 0x24, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, &(0x7f0000000740)={0xfffffde3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000540)={0x40, 0x13, 0x58, @link_local}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0)

08:25:07 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_user\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x27fffff, 0x10, r3, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)

[  606.925166][   T26] audit: type=1800 audit(1632817507.803:96): pid=20362 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.4" name="file0" dev="loop4" ino=54 res=0 errno=0
08:25:08 executing program 1:
r0 = getpid()
sched_setattr(0x0, &(0x7f0000000140)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0)
sched_setattr(r0, &(0x7f0000000240)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = memfd_create(&(0x7f0000000240)='\xb9\xecm1\xc1\xf8\xa6\x8d\xc1\xe2zMN\xc0\x17\xce/\xcd\xa2\xba \x00\x97\xac#*\xff1\x1d\xf6e\xe1\xcb\xaf#\xe5}Fi\xef\xbd\x0f \xe7f@\x19\xc4p\xa4\xc5\x13\x88y\x1e\xe7eNf\x02\xbd\xaf^\xee\b\x15\x86r\xdf\xde\xe9m\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00', 0x0)
write$FUSE_NOTIFY_STORE(r3, &(0x7f0000000800)=ANY=[], 0x2c)
sendfile(r3, r3, &(0x7f0000001000), 0xffff)

08:25:08 executing program 0:
r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000300)=ANY=[], 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, &(0x7f0000000740)={0xfffffde3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000540)={0x40, 0x13, 0x58, @link_local}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0)

08:25:09 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000))
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000001c0)={[0x4, 0x0, 0x0, 0x8, 0x0, 0x0, 0x1002]})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_PIT(0xffffffffffffffff, 0x8048ae66, &(0x7f0000000140))
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000056f000/0x18000)=nil, &(0x7f0000000080)=[@text32={0x20, &(0x7f00000000c0)="66ba4000b0c2ee66bad104b829280000efea0e0000000a00b8050000000f23d80f21f835c00000a00f23f8653e65f30f21c62e0fae2b0f01c2b8060000000f23d00f21f835200000000f23f8c4c3a1cf830000000002d9f7", 0x58}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

08:25:09 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_user\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x27fffff, 0x10, r3, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)

08:25:09 executing program 2:
ioctl$sock_inet6_SIOCSIFADDR(0xffffffffffffffff, 0x8916, 0x0)
chdir(&(0x7f0000000000)='./file1\x00')
r0 = creat(&(0x7f0000000180)='./bus\x00', 0x0)
ftruncate(r0, 0x800)
lseek(r0, 0x0, 0x2)
r1 = open(&(0x7f0000000000)='./bus\x00', 0x86000, 0x0)
ioctl$SG_IO(0xffffffffffffffff, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x21, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12dba", 0x0, 0x0, 0x0, 0x100, 0x0})
perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x28000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8}, 0x0, 0x0, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendfile(r0, r1, 0x0, 0x8400fffffffa)

[  608.402525][ T8565] usb 1-1: new high-speed USB device number 27 using dummy_hcd
08:25:09 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_user\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x27fffff, 0x10, r3, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)

[  608.578954][   T26] audit: type=1804 audit(1632817509.453:97): pid=20434 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/root/syzkaller-testdir091632032/syzkaller.SPnu3R/141/bus" dev="sda1" ino=14674 res=1 errno=0
[  608.605956][ T8565] usb 1-1: device descriptor read/64, error 18
[  608.765865][   T26] audit: type=1800 audit(1632817509.453:98): pid=20434 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.2" name="bus" dev="sda1" ino=14674 res=0 errno=0
[  608.901909][ T8565] usb 1-1: new high-speed USB device number 28 using dummy_hcd
[  609.111881][ T8565] usb 1-1: device descriptor read/64, error 18
[  609.242209][ T8565] usb usb1-port1: attempt power cycle
[  609.399454][   T26] audit: type=1804 audit(1632817510.273:99): pid=20447 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=ToMToU comm="syz-executor.2" name="/root/syzkaller-testdir091632032/syzkaller.SPnu3R/141/bus" dev="sda1" ino=14674 res=1 errno=0
[  609.524691][   T26] audit: type=1804 audit(1632817510.303:100): pid=20434 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/root/syzkaller-testdir091632032/syzkaller.SPnu3R/141/bus" dev="sda1" ino=14674 res=1 errno=0
[  609.617034][   T26] audit: type=1800 audit(1632817510.303:101): pid=20434 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.2" name="bus" dev="sda1" ino=14674 res=0 errno=0
[  609.721892][ T8565] usb 1-1: new high-speed USB device number 29 using dummy_hcd
[  609.943549][ T8565] usb 1-1: device descriptor read/8, error -61
08:25:11 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_user\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x27fffff, 0x40000000011, 0xffffffffffffffff, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)

08:25:11 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000))
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000001c0)={[0x4, 0x0, 0x0, 0x8, 0x0, 0x0, 0x1002]})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_PIT(0xffffffffffffffff, 0x8048ae66, &(0x7f0000000140))
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000056f000/0x18000)=nil, &(0x7f0000000080)=[@text32={0x20, &(0x7f00000000c0)="66ba4000b0c2ee66bad104b829280000efea0e0000000a00b8050000000f23d80f21f835c00000a00f23f8653e65f30f21c62e0fae2b0f01c2b8060000000f23d00f21f835200000000f23f8c4c3a1cf830000000002d9f7", 0x58}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

08:25:11 executing program 4:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r0 = getpid()
sched_setattr(0x0, &(0x7f0000000140)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0)
sched_setattr(r0, 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0)
sendfile(0xffffffffffffffff, r3, 0x0, 0x400000000001002a)
r4 = syz_mount_image$vfat(&(0x7f0000000400), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
r5 = openat(r4, &(0x7f000000c380)='./file0\x00', 0x84842, 0x0)
write(r5, &(0x7f0000004200)='t', 0xfff4)
sendmsg$NL80211_CMD_SET_INTERFACE(0xffffffffffffffff, &(0x7f0000001840)={&(0x7f0000000080), 0xc, &(0x7f0000001800)={&(0x7f00000001c0)=ANY=[@ANYRES64, @ANYRESDEC, @ANYRES32=0x0, @ANYRES32], 0x60}, 0x1, 0x0, 0x0, 0x44090}, 0x0)

08:25:11 executing program 2:
syz_mount_image$hfs(&(0x7f00000010c0), &(0x7f0000001100)='./file0\x00', 0x0, 0x0, &(0x7f0000001440), 0x0, &(0x7f0000000040)={[{@codepage={'codepage', 0x3d, 'koi8-u'}}]})

[  610.231660][ T8565] usb 1-1: new high-speed USB device number 30 using dummy_hcd
[  610.306855][T20457] hfs: can't find a HFS filesystem on dev loop2
08:25:11 executing program 2:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r0 = getpid()
sched_setattr(0x0, &(0x7f0000000140)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0)
sched_setattr(r0, &(0x7f0000000240)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket(0x10, 0x3, 0x0)
sendmsg(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000340)="24000000260007031dfffd946f610500070000040000000077000000421ba3a20400ff7e", 0x24}], 0x1}, 0x0)

[  610.431917][ T8565] usb 1-1: device descriptor read/8, error -61
08:25:11 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_user\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x27fffff, 0x40000000011, 0xffffffffffffffff, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)

[  610.525789][T20478] loop4: detected capacity change from 0 to 16
[  610.572423][ T8565] usb usb1-port1: unable to enumerate USB device
[  610.604780][   T26] audit: type=1800 audit(1632817511.483:102): pid=20478 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.4" name="file0" dev="loop4" ino=55 res=0 errno=0
08:25:12 executing program 1:
r0 = getpid()
sched_setattr(0x0, &(0x7f0000000140)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0)
sched_setattr(r0, &(0x7f0000000240)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = memfd_create(&(0x7f0000000240)='\xb9\xecm1\xc1\xf8\xa6\x8d\xc1\xe2zMN\xc0\x17\xce/\xcd\xa2\xba \x00\x97\xac#*\xff1\x1d\xf6e\xe1\xcb\xaf#\xe5}Fi\xef\xbd\x0f \xe7f@\x19\xc4p\xa4\xc5\x13\x88y\x1e\xe7eNf\x02\xbd\xaf^\xee\b\x15\x86r\xdf\xde\xe9m\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00', 0x0)
write$FUSE_NOTIFY_STORE(r3, &(0x7f0000000800)=ANY=[], 0x2c)
sendfile(r3, r3, &(0x7f0000001000), 0xffff)

08:25:12 executing program 2:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r0 = getpid()
sched_setattr(0x0, &(0x7f0000000140)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0)
sched_setattr(r0, &(0x7f0000000240)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket(0x10, 0x3, 0x0)
sendmsg(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000340)="24000000260007031dfffd946f610500070000040000000077000000421ba3a20400ff7e", 0x24}], 0x1}, 0x0)

08:25:12 executing program 0:
r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000300)=ANY=[], 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, &(0x7f0000000740)={0xfffffde3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000540)={0x40, 0x13, 0x58, @link_local}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0)

08:25:12 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000))
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000001c0)={[0x4, 0x0, 0x0, 0x8, 0x0, 0x0, 0x1002]})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_PIT(r1, 0x8048ae66, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000056f000/0x18000)=nil, &(0x7f0000000080)=[@text32={0x20, &(0x7f00000000c0)="66ba4000b0c2ee66bad104b829280000efea0e0000000a00b8050000000f23d80f21f835c00000a00f23f8653e65f30f21c62e0fae2b0f01c2b8060000000f23d00f21f835200000000f23f8c4c3a1cf830000000002d9f7", 0x58}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

08:25:12 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_user\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x27fffff, 0x40000000011, 0xffffffffffffffff, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)

08:25:13 executing program 1:
r0 = getpid()
sched_setattr(0x0, &(0x7f0000000140)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0)
sched_setattr(r0, &(0x7f0000000240)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = memfd_create(&(0x7f0000000240)='\xb9\xecm1\xc1\xf8\xa6\x8d\xc1\xe2zMN\xc0\x17\xce/\xcd\xa2\xba \x00\x97\xac#*\xff1\x1d\xf6e\xe1\xcb\xaf#\xe5}Fi\xef\xbd\x0f \xe7f@\x19\xc4p\xa4\xc5\x13\x88y\x1e\xe7eNf\x02\xbd\xaf^\xee\b\x15\x86r\xdf\xde\xe9m\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00', 0x0)
write$FUSE_NOTIFY_STORE(r3, &(0x7f0000000800)=ANY=[], 0x2c)
sendfile(r3, r3, &(0x7f0000001000), 0xffff)

08:25:13 executing program 2:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r0 = getpid()
sched_setattr(0x0, &(0x7f0000000140)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0)
sched_setattr(r0, &(0x7f0000000240)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
getpeername$packet(0xffffffffffffffff, &(0x7f0000000000)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x509, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000300)={{{@in6=@local, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r5=>0x0}}, {{@in=@multicast2}, 0x0, @in6=@mcast1}}, &(0x7f00000001c0)=0xe8)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000004880)=@newlink={0x50, 0x10, 0x705, 0x0, 0x0, {0x0, 0x0, 0x0, r5, 0x1845, 0x10004}, [@IFLA_LINKINFO={0x28, 0x12, 0x0, 0x1, @veth={{0x9}, {0x18, 0x2, 0x0, 0x1, @val=@VETH_INFO_PEER={0x14, 0x1, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x33d049041f16bfb2}}}}}}, @IFLA_MASTER={0x8, 0xa, r4}]}, 0x50}, 0x1, 0x0, 0x0, 0xc004}, 0x0)
bpf$OBJ_GET_MAP(0x7, 0x0, 0x0)

[  612.961717][ T8565] usb 1-1: new high-speed USB device number 31 using dummy_hcd
08:25:14 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_user\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x27fffff, 0x40000000011, r3, 0x0)
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)

[  613.300245][ T8565] usb 1-1: device descriptor read/64, error 18
[  613.732047][ T8565] usb 1-1: new high-speed USB device number 32 using dummy_hcd
[  614.111651][ T8565] usb 1-1: device descriptor read/64, error 18
[  614.241667][ T8565] usb usb1-port1: attempt power cycle
[  614.691420][ T8565] usb 1-1: new high-speed USB device number 33 using dummy_hcd
[  614.961478][ T8565] usb 1-1: device descriptor read/8, error -71
08:25:15 executing program 4:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r0 = getpid()
sched_setattr(0x0, &(0x7f0000000140)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0)
sched_setattr(r0, 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0)
sendfile(0xffffffffffffffff, r3, 0x0, 0x400000000001002a)
r4 = syz_mount_image$vfat(&(0x7f0000000400), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
r5 = openat(r4, &(0x7f000000c380)='./file0\x00', 0x84842, 0x0)
write(r5, &(0x7f0000004200)='t', 0xfff4)
sendmsg$NL80211_CMD_SET_INTERFACE(0xffffffffffffffff, &(0x7f0000001840)={&(0x7f0000000080), 0xc, &(0x7f0000001800)={&(0x7f00000001c0)=ANY=[@ANYRES64, @ANYRESDEC, @ANYRES32=0x0, @ANYRES32], 0x60}, 0x1, 0x0, 0x0, 0x44090}, 0x0)

08:25:15 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000))
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000001c0)={[0x4, 0x0, 0x0, 0x8, 0x0, 0x0, 0x1002]})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_PIT(r1, 0x8048ae66, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000056f000/0x18000)=nil, &(0x7f0000000080)=[@text32={0x20, &(0x7f00000000c0)="66ba4000b0c2ee66bad104b829280000efea0e0000000a00b8050000000f23d80f21f835c00000a00f23f8653e65f30f21c62e0fae2b0f01c2b8060000000f23d00f21f835200000000f23f8c4c3a1cf830000000002d9f7", 0x58}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

08:25:15 executing program 2:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r0 = getpid()
sched_setattr(0x0, &(0x7f0000000140)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0)
sched_setattr(r0, &(0x7f0000000240)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
getpeername$packet(0xffffffffffffffff, &(0x7f0000000000)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x509, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000300)={{{@in6=@local, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r5=>0x0}}, {{@in=@multicast2}, 0x0, @in6=@mcast1}}, &(0x7f00000001c0)=0xe8)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000004880)=@newlink={0x50, 0x10, 0x705, 0x0, 0x0, {0x0, 0x0, 0x0, r5, 0x1845, 0x10004}, [@IFLA_LINKINFO={0x28, 0x12, 0x0, 0x1, @veth={{0x9}, {0x18, 0x2, 0x0, 0x1, @val=@VETH_INFO_PEER={0x14, 0x1, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x33d049041f16bfb2}}}}}}, @IFLA_MASTER={0x8, 0xa, r4}]}, 0x50}, 0x1, 0x0, 0x0, 0xc004}, 0x0)
bpf$OBJ_GET_MAP(0x7, 0x0, 0x0)

08:25:15 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_user\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x27fffff, 0x40000000011, r3, 0x0)
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)

08:25:15 executing program 0:
r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000300)=ANY=[], 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, &(0x7f0000000740)={0xfffffde3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000540)={0x40, 0x13, 0x58, @link_local}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0)

[  615.591769][ T8565] usb 1-1: new high-speed USB device number 34 using dummy_hcd
08:25:16 executing program 2:
r0 = socket$inet_sctp(0x2, 0x1, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r0, 0x84, 0x24, 0x0, &(0x7f0000000080))

08:25:17 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_user\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x27fffff, 0x40000000011, r3, 0x0)
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)

[  616.142355][ T8565] usb 1-1: device descriptor read/8, error -61
08:25:17 executing program 1:
prlimit64(0x0, 0x0, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r0 = getpid()
sched_setattr(0x0, &(0x7f0000000140)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0)
sched_setattr(r0, &(0x7f0000000240)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = memfd_create(&(0x7f0000000240)='\xb9\xecm1\xc1\xf8\xa6\x8d\xc1\xe2zMN\xc0\x17\xce/\xcd\xa2\xba \x00\x97\xac#*\xff1\x1d\xf6e\xe1\xcb\xaf#\xe5}Fi\xef\xbd\x0f \xe7f@\x19\xc4p\xa4\xc5\x13\x88y\x1e\xe7eNf\x02\xbd\xaf^\xee\b\x15\x86r\xdf\xde\xe9m\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00', 0x0)
write$FUSE_NOTIFY_STORE(r3, &(0x7f0000000800)=ANY=[], 0x2c)
sendfile(r3, r3, &(0x7f0000001000), 0xffff)

08:25:17 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000))
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000001c0)={[0x4, 0x0, 0x0, 0x8, 0x0, 0x0, 0x1002]})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_PIT(r1, 0x8048ae66, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000056f000/0x18000)=nil, &(0x7f0000000080)=[@text32={0x20, &(0x7f00000000c0)="66ba4000b0c2ee66bad104b829280000efea0e0000000a00b8050000000f23d80f21f835c00000a00f23f8653e65f30f21c62e0fae2b0f01c2b8060000000f23d00f21f835200000000f23f8c4c3a1cf830000000002d9f7", 0x58}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  616.225998][T20628] loop4: detected capacity change from 0 to 16
[  616.264176][ T8565] usb usb1-port1: unable to enumerate USB device
08:25:17 executing program 2:
syz_mount_image$msdos(&(0x7f0000000040), &(0x7f00000000c0)='./file1\x00', 0xaea1, 0x1, &(0x7f00000002c0)=[{&(0x7f0000000140)}], 0x0, 0x0)
r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0)
ftruncate(r0, 0x1)
lseek(r0, 0x1200, 0x0)
r1 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
syz_open_dev$sg(0x0, 0x0, 0x0)
perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0)
syz_open_dev$sg(0x0, 0x0, 0x0)
openat$vcsu(0xffffffffffffff9c, 0x0, 0x0, 0x0)
sendfile(r0, r1, 0x0, 0x8400fffffffa)

[  616.300466][   T26] audit: type=1800 audit(1632817517.173:103): pid=20628 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.4" name="file0" dev="loop4" ino=56 res=0 errno=0
[  616.460174][T20643] loop2: detected capacity change from 0 to 87
[  616.574801][   T26] audit: type=1804 audit(1632817517.453:104): pid=20643 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/root/syzkaller-testdir091632032/syzkaller.SPnu3R/148/bus" dev="sda1" ino=15011 res=1 errno=0
08:25:17 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_user\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x27fffff, 0x40000000011, r3, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x12, r2, 0x0)

08:25:18 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_user\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x27fffff, 0x40000000011, r3, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x12, r2, 0x0)

[  617.418563][T20661] loop2: detected capacity change from 0 to 87
[  617.439148][   T26] audit: type=1804 audit(1632817518.313:105): pid=20665 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=ToMToU comm="syz-executor.2" name="/root/syzkaller-testdir091632032/syzkaller.SPnu3R/148/bus" dev="sda1" ino=15011 res=1 errno=0
[  617.535094][   T26] audit: type=1804 audit(1632817518.383:106): pid=20667 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/root/syzkaller-testdir091632032/syzkaller.SPnu3R/148/bus" dev="sda1" ino=15011 res=1 errno=0
08:25:19 executing program 4:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r0 = getpid()
sched_setattr(0x0, &(0x7f0000000140)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0)
sched_setattr(r0, 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0)
sendfile(0xffffffffffffffff, r3, 0x0, 0x400000000001002a)
r4 = syz_mount_image$vfat(&(0x7f0000000400), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
r5 = openat(r4, &(0x7f000000c380)='./file0\x00', 0x84842, 0x0)
write(r5, &(0x7f0000004200)='t', 0xfff4)
sendmsg$NL80211_CMD_SET_INTERFACE(0xffffffffffffffff, &(0x7f0000001840)={&(0x7f0000000080), 0xc, &(0x7f0000001800)={&(0x7f00000001c0)=ANY=[@ANYRES64, @ANYRESDEC, @ANYRES32=0x0, @ANYRES32], 0x60}, 0x1, 0x0, 0x0, 0x44090}, 0x0)

08:25:19 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000))
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000001c0)={[0x4, 0x0, 0x0, 0x8, 0x0, 0x0, 0x1002]})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000140))
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000056f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

08:25:19 executing program 2:
getpid()
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0)
ftruncate(r0, 0x800)
lseek(r0, 0x10000, 0x0)
r1 = open(&(0x7f0000000140)='./bus\x00', 0xc4800, 0x0)
r2 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x317d, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, @perf_config_ext={0x0, 0x37}, 0x2000, 0x0, 0x0, 0x0, 0x1, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9)
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(r2, 0xd000943d, 0x0)
r3 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0)
ioctl$SG_IO(r3, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x21, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12dba", 0x0, 0x0, 0x0, 0x0, 0x0})
r4 = perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x1}, 0x0, 0x0, 0x0, 0x7, 0x0, 0xfffffffc}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r3, 0x81f8943c, &(0x7f0000000840))
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, 0x0)
r5 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f0000058c40)={0x0, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {<r6=>0x0}], 0x0, "2156816c73038c"})
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f000005c9c0)={0x5, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r6}], 0x5, "ca3d7548792caa"})
ioctl$BTRFS_IOC_QUOTA_RESCAN_STATUS(r4, 0x8040942d, 0x0)
accept(r5, &(0x7f0000000180)=@hci, &(0x7f0000000040)=0x80)
sendfile(r0, r1, 0x0, 0x8400fffffffa)
creat(&(0x7f0000000100)='./bus\x00', 0x0)

08:25:19 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_user\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x27fffff, 0x40000000011, r3, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x12, r2, 0x0)

08:25:19 executing program 0:
r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000300)=ANY=[@ANYBLOB], 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, &(0x7f0000000740)={0xfffffde3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000540)={0x40, 0x13, 0x58, @link_local}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0)

[  618.859162][   T26] audit: type=1804 audit(1632817519.733:107): pid=20691 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/root/syzkaller-testdir091632032/syzkaller.SPnu3R/149/bus" dev="sda1" ino=14546 res=1 errno=0
[  618.903303][    C1] sd 0:0:1:0: tag#4703 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK cmd_age=0s
[  618.913271][    C1] sd 0:0:1:0: tag#4703 CDB: opcode=0xe5 (vendor)
[  618.919620][    C1] sd 0:0:1:0: tag#4703 CDB[00]: e5 f4 32 73 2f 4e 09 6d 26 e2 c7 35 d1 35 12 1c
[  618.928774][    C1] sd 0:0:1:0: tag#4703 CDB[10]: 92 1b da 40 b8 58 5b a8 d4 7d 34 f3 90 4c f1 2d
[  618.937891][    C1] sd 0:0:1:0: tag#4703 CDB[20]: ba
[  619.067259][T20710] loop4: detected capacity change from 0 to 16
[  619.096075][   T26] audit: type=1800 audit(1632817519.773:108): pid=20691 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.2" name="bus" dev="sda1" ino=14546 res=0 errno=0
[  619.282025][ T8354] usb 1-1: new high-speed USB device number 35 using dummy_hcd
[  619.311597][    C1] sd 0:0:1:0: tag#4706 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK cmd_age=0s
[  619.321605][    C1] sd 0:0:1:0: tag#4706 CDB: opcode=0xe5 (vendor)
08:25:20 executing program 1:
prlimit64(0x0, 0x0, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r0 = getpid()
sched_setattr(0x0, &(0x7f0000000140)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0)
sched_setattr(r0, &(0x7f0000000240)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = memfd_create(&(0x7f0000000240)='\xb9\xecm1\xc1\xf8\xa6\x8d\xc1\xe2zMN\xc0\x17\xce/\xcd\xa2\xba \x00\x97\xac#*\xff1\x1d\xf6e\xe1\xcb\xaf#\xe5}Fi\xef\xbd\x0f \xe7f@\x19\xc4p\xa4\xc5\x13\x88y\x1e\xe7eNf\x02\xbd\xaf^\xee\b\x15\x86r\xdf\xde\xe9m\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00', 0x0)
write$FUSE_NOTIFY_STORE(r3, &(0x7f0000000800)=ANY=[], 0x2c)
sendfile(r3, r3, &(0x7f0000001000), 0xffff)

08:25:20 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000))
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000001c0)={[0x4, 0x0, 0x0, 0x8, 0x0, 0x0, 0x1002]})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000140))
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000056f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  619.327957][    C1] sd 0:0:1:0: tag#4706 CDB[00]: e5 f4 32 73 2f 4e 09 6d 26 e2 c7 35 d1 35 12 1c
[  619.328623][   T26] audit: type=1804 audit(1632817520.023:109): pid=20704 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=ToMToU comm="syz-executor.2" name="/root/syzkaller-testdir091632032/syzkaller.SPnu3R/149/bus" dev="sda1" ino=14546 res=1 errno=0
[  619.337061][    C1] sd 0:0:1:0: tag#4706 CDB[10]: 92 1b da 40 b8 58 5b a8 d4 7d 34 f3 90 4c f1 2d
[  619.337079][    C1] sd 0:0:1:0: tag#4706 CDB[20]: ba
08:25:20 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_user\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x27fffff, 0x40000000011, r3, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x10, r2, 0x0)

08:25:20 executing program 2:
getpid()
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0)
ftruncate(r0, 0x800)
lseek(r0, 0x10000, 0x0)
r1 = open(&(0x7f0000000140)='./bus\x00', 0xc4800, 0x0)
r2 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x317d, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, @perf_config_ext={0x0, 0x37}, 0x2000, 0x0, 0x0, 0x0, 0x1, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9)
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(r2, 0xd000943d, 0x0)
r3 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0)
ioctl$SG_IO(r3, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x21, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12dba", 0x0, 0x0, 0x0, 0x0, 0x0})
r4 = perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x1}, 0x0, 0x0, 0x0, 0x7, 0x0, 0xfffffffc}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r3, 0x81f8943c, &(0x7f0000000840))
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, 0x0)
r5 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f0000058c40)={0x0, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {<r6=>0x0}], 0x0, "2156816c73038c"})
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f000005c9c0)={0x5, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r6}], 0x5, "ca3d7548792caa"})
ioctl$BTRFS_IOC_QUOTA_RESCAN_STATUS(r4, 0x8040942d, 0x0)
accept(r5, &(0x7f0000000180)=@hci, &(0x7f0000000040)=0x80)
sendfile(r0, r1, 0x0, 0x8400fffffffa)
creat(&(0x7f0000000100)='./bus\x00', 0x0)

[  619.511082][ T8354] usb 1-1: device descriptor read/64, error 18
[  619.667263][   T26] audit: type=1804 audit(1632817520.183:110): pid=20691 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/root/syzkaller-testdir091632032/syzkaller.SPnu3R/149/bus" dev="sda1" ino=14546 res=1 errno=0
08:25:20 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000))
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000001c0)={[0x4, 0x0, 0x0, 0x8, 0x0, 0x0, 0x1002]})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000140))
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000056f000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  619.782199][ T8354] usb 1-1: new high-speed USB device number 36 using dummy_hcd
[  619.812906][    C0] sd 0:0:1:0: tag#4713 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK cmd_age=0s
[  619.822907][    C0] sd 0:0:1:0: tag#4713 CDB: opcode=0xe5 (vendor)
[  619.829257][    C0] sd 0:0:1:0: tag#4713 CDB[00]: e5 f4 32 73 2f 4e 09 6d 26 e2 c7 35 d1 35 12 1c
[  619.838363][    C0] sd 0:0:1:0: tag#4713 CDB[10]: 92 1b da 40 b8 58 5b a8 d4 7d 34 f3 90 4c f1 2d
[  619.847459][    C0] sd 0:0:1:0: tag#4713 CDB[20]: ba
[  619.912349][   T26] audit: type=1800 audit(1632817520.183:111): pid=20691 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.2" name="bus" dev="sda1" ino=14546 res=0 errno=0
[  619.971028][ T8354] usb 1-1: device descriptor read/64, error 18
[  620.091222][ T8354] usb usb1-port1: attempt power cycle
[  620.099241][   T26] audit: type=1804 audit(1632817520.663:112): pid=20735 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/root/syzkaller-testdir091632032/syzkaller.SPnu3R/150/bus" dev="sda1" ino=15182 res=1 errno=0
08:25:21 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000))
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000001c0)={[0x4, 0x0, 0x0, 0x8, 0x0, 0x0, 0x1002]})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000140))
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000056f000/0x18000)=nil, &(0x7f0000000080)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  620.511153][ T8354] usb 1-1: new high-speed USB device number 37 using dummy_hcd
08:25:21 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_user\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x27fffff, 0x40000000011, r3, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x10, r2, 0x0)

[  620.701409][ T8354] usb 1-1: device descriptor read/8, error -61
[  620.982185][ T8354] usb 1-1: new high-speed USB device number 38 using dummy_hcd
[  621.151340][ T8354] usb 1-1: device descriptor read/8, error -61
[  621.271982][ T8354] usb usb1-port1: unable to enumerate USB device
08:25:22 executing program 4:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r0 = getpid()
sched_setattr(0x0, &(0x7f0000000140)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0)
sched_setattr(r0, &(0x7f0000000240)={0x38, 0x0, 0x0, 0x0, 0x5}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0)
sendfile(0xffffffffffffffff, r3, 0x0, 0x400000000001002a)
r4 = syz_mount_image$vfat(&(0x7f0000000400), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
r5 = openat(r4, &(0x7f000000c380)='./file0\x00', 0x84842, 0x0)
write(r5, &(0x7f0000004200)='t', 0xfff4)
sendmsg$NL80211_CMD_SET_INTERFACE(0xffffffffffffffff, &(0x7f0000001840)={&(0x7f0000000080), 0xc, &(0x7f0000001800)={&(0x7f00000001c0)=ANY=[@ANYRES64, @ANYRESDEC, @ANYRES32=0x0, @ANYRES32], 0x60}, 0x1, 0x0, 0x0, 0x44090}, 0x0)

08:25:22 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000))
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000001c0)={[0x4, 0x0, 0x0, 0x8, 0x0, 0x0, 0x1002]})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000140))
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000056f000/0x18000)=nil, &(0x7f0000000080)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

08:25:22 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000749000/0x18000)=nil, &(0x7f0000000240)=[@text16={0x10, 0x0}], 0x1, 0x0, 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_SET_TSC_KHZ(r2, 0xaea2, 0xfffffffffffffffa)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

08:25:22 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_user\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x27fffff, 0x40000000011, r3, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x10, r2, 0x0)

08:25:22 executing program 0:
r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000300)=ANY=[@ANYBLOB], 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, &(0x7f0000000740)={0xfffffde3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000540)={0x40, 0x13, 0x58, @link_local}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0)

[  622.406339][T20801] loop4: detected capacity change from 0 to 16
[  622.420981][ T8354] usb 1-1: new high-speed USB device number 39 using dummy_hcd
08:25:23 executing program 1:
prlimit64(0x0, 0x0, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r0 = getpid()
sched_setattr(0x0, &(0x7f0000000140)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0)
sched_setattr(r0, &(0x7f0000000240)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = memfd_create(&(0x7f0000000240)='\xb9\xecm1\xc1\xf8\xa6\x8d\xc1\xe2zMN\xc0\x17\xce/\xcd\xa2\xba \x00\x97\xac#*\xff1\x1d\xf6e\xe1\xcb\xaf#\xe5}Fi\xef\xbd\x0f \xe7f@\x19\xc4p\xa4\xc5\x13\x88y\x1e\xe7eNf\x02\xbd\xaf^\xee\b\x15\x86r\xdf\xde\xe9m\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00', 0x0)
write$FUSE_NOTIFY_STORE(r3, &(0x7f0000000800)=ANY=[], 0x2c)
sendfile(r3, r3, &(0x7f0000001000), 0xffff)

08:25:23 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000))
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000001c0)={[0x4, 0x0, 0x0, 0x8, 0x0, 0x0, 0x1002]})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000140))
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000056f000/0x18000)=nil, &(0x7f0000000080)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

08:25:23 executing program 2:
perf_event_open(&(0x7f000001d000)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe6d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = perf_event_open(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x2)
r1 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$SNDCTL_DSP_SETFRAGMENT(r1, 0xc004500a, &(0x7f0000000100))
ioctl$SNDCTL_DSP_CHANNELS(r1, 0xc0045006, &(0x7f0000000000)=0x40)
r2 = openat$autofs(0xffffffffffffff9c, &(0x7f00000000c0), 0x115201, 0x0)
ioctl$SNDCTL_DSP_CHANNELS(r2, 0xc0045006, &(0x7f0000000280)=0x800)
read$dsp(r2, &(0x7f0000000180)=""/232, 0xe8)
readv(r1, &(0x7f0000000140)=[{&(0x7f00000005c0)=""/4096, 0x1000}], 0x1)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
clone(0x800900, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
preadv(r2, &(0x7f00000036c0)=[{&(0x7f0000000300)=""/200, 0xc8}, {&(0x7f00000015c0)=""/4096, 0x1000}, {&(0x7f0000000400)=""/93, 0x5d}, {&(0x7f00000025c0)=""/243, 0xf3}, {&(0x7f0000000480)=""/167, 0xa7}, {&(0x7f00000026c0)=""/4096, 0x1000}], 0x6, 0x3000000, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r3, 0x29, 0x40, &(0x7f0000000940)=@raw={'raw\x00', 0x3c1, 0x3, 0x538, 0x0, 0x0, 0x200, 0x328, 0x0, 0x468, 0x2e8, 0x2e8, 0x468, 0x2e8, 0x3, 0x0, {[{{@uncond, 0x0, 0x2c0, 0x328, 0x0, {}, [@common=@unspec=@string={{0xc0}, {0x0, 0x0, 'bm\x00', "cfcaf80c672f61cd17ae5119b5135c2aee000100005cd431e1ecef50c3234e082555f67222476147864fa03182f5cf11d8c348cbd06dc8de1dcbde7d4e252c3394fed47bf78c70f607b0178fa5ea3350300d000002061c96baebc975f1f34a214e6726401fe4b124e0f7323a587d2a1fcfe36bbf12eca0a7b66c60c527bac2b5", 0x1}}, @common=@inet=@hashlimit3={{0x158}, {'macvlan0\x00', {0x0, 0x0, 0x0, 0x0, 0x68040000, 0x2, 0x62d}}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x4800, 0x0, 0x0, 0x0, 'netbios-ns\x00', 'syz0\x00'}}}, {{@ipv6={@remote, @private0, [], [], 'team_slave_1\x00', 'lo\x00'}, 0x0, 0xd8, 0x140, 0x0, {}, [@common=@frag={{0x30}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'syz1\x00', 'syz1\x00'}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x598)
r4 = openat(0xffffffffffffffff, &(0x7f0000000000)='./file0\x00', 0x0, 0x10b)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x12, r0, 0x0)
preadv(r4, &(0x7f00000001c0)=[{0x0}], 0x1, 0x9, 0x0)

[  622.610904][ T8354] usb 1-1: device descriptor read/64, error 18
08:25:23 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000))
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000001c0)={[0x4, 0x0, 0x0, 0x8, 0x0, 0x0, 0x1002]})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000140))
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000056f000/0x18000)=nil, &(0x7f0000000080)=[@text32={0x20, &(0x7f00000000c0)="66ba4000b0c2ee66bad104b829280000efea0e0000000a00b8050000000f23d80f21f835c00000a00f23f8653e65f30f21c62e0fae2b0f01c2b8060000000f23d00f21f835200000000f23f8c4c3a1cf830000000002d9f7", 0x58}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)

[  622.813269][T20819] xt_hashlimit: max too large, truncated to 1048576
[  622.880862][ T8354] usb 1-1: new high-speed USB device number 40 using dummy_hcd
[  622.894233][T20819] xt_hashlimit: overflow, try lower: 0/0
08:25:23 executing program 2:
r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r1 = socket(0x18, 0x0, 0x0)
close(r1)
r2 = socket$can_j1939(0x1d, 0x2, 0x7)
r3 = socket$inet(0x2, 0x4000000000000001, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r3, 0x8933, &(0x7f0000000300)={'vcan0\x00', <r4=>0x0})
bind$can_j1939(r2, &(0x7f0000000340)={0x1d, r4}, 0x18)
connect$can_j1939(r1, &(0x7f0000000000)={0x1d, r4}, 0x18)
sendfile(r1, r0, 0x0, 0x80009)
bind$can_j1939(r1, &(0x7f0000000140)={0x1d, r4, 0x3}, 0x18)

[  623.070880][ T8354] usb 1-1: device descriptor read/64, error 18
08:25:24 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000))
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000001c0)={[0x4, 0x0, 0x0, 0x8, 0x0, 0x0, 0x1002]})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000140))
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000056f000/0x18000)=nil, &(0x7f0000000080)=[@text32={0x20, &(0x7f00000000c0)="66ba4000b0c2ee66bad104b829280000efea0e0000000a00b8050000000f23d80f21f835c00000a00f23f8653e65f30f21c62e0fae2b0f01c2b8060000000f23d00f21f835200000000f23f8c4c3a1cf830000000002d9f7", 0x58}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)

08:25:24 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_user\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x27fffff, 0x40000000011, r3, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, 0xffffffffffffffff, 0x0)

[  623.201599][ T8354] usb usb1-port1: attempt power cycle
[  623.305568][T20830] vcan0: tx drop: invalid sa for name 0x0000000000000003
[  623.610850][ T8354] usb 1-1: new high-speed USB device number 41 using dummy_hcd
[  623.791281][ T8354] usb 1-1: device descriptor read/8, error -61
[  624.070801][ T8354] usb 1-1: new high-speed USB device number 42 using dummy_hcd
[  624.119471][ T1358] ieee802154 phy0 wpan0: encryption failed: -22
[  624.126891][ T1358] ieee802154 phy1 wpan1: encryption failed: -22
[  624.251487][ T8354] usb 1-1: device descriptor read/8, error -61
[  624.370970][ T8354] usb usb1-port1: unable to enumerate USB device
08:25:26 executing program 4:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r0 = getpid()
sched_setattr(0x0, &(0x7f0000000140)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0)
sched_setattr(r0, &(0x7f0000000240)={0x38, 0x0, 0x0, 0x0, 0x5}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0)
sendfile(0xffffffffffffffff, r3, 0x0, 0x400000000001002a)
r4 = syz_mount_image$vfat(&(0x7f0000000400), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
r5 = openat(r4, &(0x7f000000c380)='./file0\x00', 0x84842, 0x0)
write(r5, &(0x7f0000004200)='t', 0xfff4)
sendmsg$NL80211_CMD_SET_INTERFACE(0xffffffffffffffff, &(0x7f0000001840)={&(0x7f0000000080), 0xc, &(0x7f0000001800)={&(0x7f00000001c0)=ANY=[@ANYRES64, @ANYRESDEC, @ANYRES32=0x0, @ANYRES32], 0x60}, 0x1, 0x0, 0x0, 0x44090}, 0x0)

08:25:26 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000))
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000001c0)={[0x4, 0x0, 0x0, 0x8, 0x0, 0x0, 0x1002]})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000140))
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000056f000/0x18000)=nil, &(0x7f0000000080)=[@text32={0x20, &(0x7f00000000c0)="66ba4000b0c2ee66bad104b829280000efea0e0000000a00b8050000000f23d80f21f835c00000a00f23f8653e65f30f21c62e0fae2b0f01c2b8060000000f23d00f21f835200000000f23f8c4c3a1cf830000000002d9f7", 0x58}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)

08:25:26 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_user\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x27fffff, 0x40000000011, r3, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, 0xffffffffffffffff, 0x0)

08:25:26 executing program 0:
r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000300)=ANY=[@ANYBLOB], 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, &(0x7f0000000740)={0xfffffde3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000540)={0x40, 0x13, 0x58, @link_local}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0)

08:25:26 executing program 2:
r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r1 = socket(0x18, 0x0, 0x0)
close(r1)
r2 = socket$can_j1939(0x1d, 0x2, 0x7)
r3 = socket$inet(0x2, 0x4000000000000001, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r3, 0x8933, &(0x7f0000000300)={'vcan0\x00', <r4=>0x0})
bind$can_j1939(r2, &(0x7f0000000340)={0x1d, r4}, 0x18)
connect$can_j1939(r1, &(0x7f0000000000)={0x1d, r4}, 0x18)
sendfile(r1, r0, 0x0, 0x80009)
bind$can_j1939(r1, &(0x7f0000000140)={0x1d, r4, 0x3}, 0x18)

08:25:26 executing program 1:
prlimit64(0x0, 0xe, 0x0, 0x0)
r0 = getpid()
sched_setattr(0x0, &(0x7f0000000140)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0)
sched_setattr(r0, &(0x7f0000000240)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = memfd_create(&(0x7f0000000240)='\xb9\xecm1\xc1\xf8\xa6\x8d\xc1\xe2zMN\xc0\x17\xce/\xcd\xa2\xba \x00\x97\xac#*\xff1\x1d\xf6e\xe1\xcb\xaf#\xe5}Fi\xef\xbd\x0f \xe7f@\x19\xc4p\xa4\xc5\x13\x88y\x1e\xe7eNf\x02\xbd\xaf^\xee\b\x15\x86r\xdf\xde\xe9m\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00', 0x0)
write$FUSE_NOTIFY_STORE(r3, &(0x7f0000000800)=ANY=[], 0x2c)
sendfile(r3, r3, &(0x7f0000001000), 0xffff)

08:25:26 executing program 3:
r0 = syz_usb_connect(0x1, 0x36, &(0x7f0000000200)=ANY=[@ANYBLOB="1a0100005c6b4408070a64006e00010203010902240001000000000904000002ca74360009"], &(0x7f00000007c0)={0x0, 0x0, 0x0, 0x0, 0x1, [{0x0, 0x0}]})
r1 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
write$char_usb(r1, 0x0, 0x0)
ioctl$EVIOCSKEYCODE_V2(0xffffffffffffffff, 0x80104592, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, "ed105400000000003ec13e2000"})
syz_usb_disconnect(r0)

[  625.722824][ T8354] usb 1-1: new high-speed USB device number 43 using dummy_hcd
[  625.745019][T20882] loop4: detected capacity change from 0 to 16
[  625.963822][ T8354] usb 1-1: device descriptor read/64, error 18
[  626.110676][T16060] usb 4-1: new low-speed USB device number 2 using dummy_hcd
[  626.287717][ T8354] usb 1-1: new high-speed USB device number 44 using dummy_hcd
[  626.302856][    C1] vcan0: j1939_tp_txtimer: 0xffff8880769a3000: tx aborted with unknown reason: -2
08:25:27 executing program 2:
r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r1 = socket(0x18, 0x0, 0x0)
close(r1)
r2 = socket$can_j1939(0x1d, 0x2, 0x7)
r3 = socket$inet(0x2, 0x4000000000000001, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r3, 0x8933, &(0x7f0000000300)={'vcan0\x00', <r4=>0x0})
bind$can_j1939(r2, &(0x7f0000000340)={0x1d, r4}, 0x18)
connect$can_j1939(r1, &(0x7f0000000000)={0x1d, r4}, 0x18)
sendfile(r1, r0, 0x0, 0x80009)
bind$can_j1939(r1, &(0x7f0000000140)={0x1d, r4, 0x3}, 0x18)

08:25:27 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_user\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x27fffff, 0x40000000011, r3, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, 0xffffffffffffffff, 0x0)

[  626.512655][ T8354] usb 1-1: device descriptor read/64, error 18
[  626.580898][T16060] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  626.627833][T16060] usb 4-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 2
[  626.630864][ T8354] usb usb1-port1: attempt power cycle
[  626.702590][T20900] vcan0: tx drop: invalid sa for name 0x0000000000000003
[  626.813694][    C1] vcan0: j1939_tp_rxtimer: 0xffff8880769a3000: abort rx timeout. Force session deactivation
08:25:27 executing program 5:
perf_event_open(&(0x7f0000000340)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$P9_RREADDIR(r0, &(0x7f0000000400)=ANY=[], 0xc)
sendfile(r0, r0, &(0x7f0000000240), 0x7ffb)

[  627.090616][ T8354] usb 1-1: new high-speed USB device number 45 using dummy_hcd
08:25:28 executing program 5:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
sched_setattr(0x0, &(0x7f0000000140)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0)
r0 = getpgrp(0x0)
sched_setattr(r0, &(0x7f0000000240)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
getrlimit(0x2, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sched_setattr(r0, &(0x7f00000001c0)={0x38, 0x2, 0x1000001a, 0x0, 0x26fe, 0xfffffffffffffffb, 0xe2f, 0x0, 0x0, 0x3}, 0x0)
writev(r3, &(0x7f0000000180)=[{&(0x7f0000000000)="390000001300034700bb65e1c3e4ffff01000000010000005600000025000000190004000400000007fd17e5ffff0800040000000000000000", 0x39}], 0x1)
writev(r3, &(0x7f0000000240)=[{&(0x7f00000002c0)="390000001300034700bb65e1c3e4ffff06000000010000004500000025000000190004000400ad00000000000006040000000000000000f528", 0x39}], 0x1)
vmsplice(r1, &(0x7f00000003c0)=[{&(0x7f0000000040)="c735a1b26e2625c4415ba53f87ec26f3848eef11b0f183f62d8cdb50315be470ef45", 0x22}, {&(0x7f0000000080)="39cf5689bbc0712511693947054f6768e34b7ed403ce4b014a2a7c67a24ed9e5ed4b41e36ea843440bc19f2653c90fd102672e27368bcb9263d3b9f0f5b6a5a95e750f373c94166c3bfad9bd4f91911cb42978e7bbb3587c2db7d43eb87c711f08cd534b2a01a7a876140b103132887c10fd82b4883b1195a5e68e2878a76d5213c4c10c4757df1a0952175c7e", 0x8d}, {&(0x7f0000000300)="e931235d6e5942c0d6310054c818ce0aec9e2f7e2253d570224fc84e7562dcaaec7b1c014514b70c2a05ae96b3f77fbbc1713393f56eea35c8090b1115f132dbe5dadf53cd6cb2298384d869b385c4634605842d2642f889fce91643ac4b5d8279ebc6955bf854460b26e40cdd8a4f5a3fac8b009833d4cd574bb533532c0380216d544cf621", 0x86}, {&(0x7f00000001c0)}], 0x4, 0x0)
syz_open_dev$ttys(0xc, 0x2, 0x1)
ioctl$BTRFS_IOC_TREE_SEARCH_V2(0xffffffffffffffff, 0xc0709411, 0x0)

[  627.260966][ T8354] usb 1-1: device descriptor read/8, error -61
[  627.311670][T16060] usb 4-1: string descriptor 0 read error: -22
[  627.325302][T16060] usb 4-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice= 0.6e
[  627.410958][T20915] netlink: 'syz-executor.5': attribute type 4 has an invalid length.
[  627.530529][ T8354] usb 1-1: new high-speed USB device number 46 using dummy_hcd
[  627.802085][ T8354] usb 1-1: device descriptor read/8, error -61
[  627.984199][ T8354] usb usb1-port1: unable to enumerate USB device
[  628.168278][T16060] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  628.203259][T16060] usb 4-1: config 0 descriptor??
[  628.325121][T16060] adutux 4-1:0.0: interrupt endpoints not found
08:25:29 executing program 0:
r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000300)=ANY=[@ANYBLOB="120100004bfee908e60f00985d19fd"], 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, &(0x7f0000000740)={0xfffffde3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000540)={0x40, 0x13, 0x58, @link_local}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0)

[  628.552223][ T8565] usb 4-1: USB disconnect, device number 2
[  629.191579][T16060] usb 1-1: new high-speed USB device number 47 using dummy_hcd
[  629.470386][T16060] usb 1-1: Using ep0 maxpacket: 8
[  629.530925][T16060] usb 1-1: no configurations
[  629.535801][T16060] usb 1-1: can't read configurations, error -22
[  629.570456][ T8565] usb 4-1: new low-speed USB device number 3 using dummy_hcd
08:25:30 executing program 4:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r0 = getpid()
sched_setattr(0x0, &(0x7f0000000140)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0)
sched_setattr(r0, &(0x7f0000000240)={0x38, 0x0, 0x0, 0x0, 0x5}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0)
sendfile(0xffffffffffffffff, r3, 0x0, 0x400000000001002a)
r4 = syz_mount_image$vfat(&(0x7f0000000400), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
r5 = openat(r4, &(0x7f000000c380)='./file0\x00', 0x84842, 0x0)
write(r5, &(0x7f0000004200)='t', 0xfff4)
sendmsg$NL80211_CMD_SET_INTERFACE(0xffffffffffffffff, &(0x7f0000001840)={&(0x7f0000000080), 0xc, &(0x7f0000001800)={&(0x7f00000001c0)=ANY=[@ANYRES64, @ANYRESDEC, @ANYRES32=0x0, @ANYRES32], 0x60}, 0x1, 0x0, 0x0, 0x44090}, 0x0)

08:25:30 executing program 2:
r0 = syz_open_dev$mouse(&(0x7f0000000480), 0x0, 0x2002)
sendmsg$nl_route(r0, 0x0, 0x0)
perf_event_open(&(0x7f0000000340)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x0, 0x3, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800"/11], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
sendmsg$nl_route(r2, &(0x7f00000002c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000280)={&(0x7f00000001c0)=@bridge_newneigh={0x40, 0x1c, 0x400, 0x70bd2d, 0x25dfdbfb, {0x1c, 0x0, 0x0, 0x0, 0x80, 0x9b, 0xa}, [@NDA_LINK_NETNSID={0x8}, @NDA_MASTER={0x8}, @NDA_DST_MAC={0xa, 0x1, @random="888998113409"}, @NDA_IFINDEX={0x8}]}, 0x40}, 0x1, 0x0, 0x0, 0x8}, 0x0)
bind(0xffffffffffffffff, 0x0, 0x0)
r3 = socket(0xa, 0x3, 0x6)
getsockopt$bt_BT_SECURITY(r3, 0x29, 0x7, 0x0, 0x9a1000)
write(r3, &(0x7f0000000100)="910faf2f3479747ace461d9f81490b8ba86a4f489be287be8b7fc0307484e2bf0d031c92341428cfe8a444285376f6a85bbb8dfb7c29da39b789178f01a0641f9ff0320e095fa14c677461c050f201ed5371c77edea157bbc0ca348a940c2f1daa81d67a90ed4eb695c6dfc6418eb5173582ace1ebdd9b5902fa9c201ddaa006243a5ea025be67c20ab2f37529dd88f7433f79b58b89364ad3979e6d5fd5c559e2d711ade65f5fdc67c9f9724f7e4c5d485160a30820cbf6c9a2e2b972b1d384", 0xc0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000380)='rcu_utilization\x00', r1}, 0x10)
r4 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$P9_RREADDIR(r4, &(0x7f00000005c0)=ANY=[@ANYRES32, @ANYRESDEC, @ANYRESHEX, @ANYRESHEX], 0xbf)
sendfile(r4, r4, &(0x7f0000000240), 0x7ffb)

[  629.710616][T16060] usb 1-1: new high-speed USB device number 48 using dummy_hcd
08:25:30 executing program 1:
prlimit64(0x0, 0xe, 0x0, 0x0)
r0 = getpid()
sched_setattr(0x0, &(0x7f0000000140)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0)
sched_setattr(r0, &(0x7f0000000240)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = memfd_create(&(0x7f0000000240)='\xb9\xecm1\xc1\xf8\xa6\x8d\xc1\xe2zMN\xc0\x17\xce/\xcd\xa2\xba \x00\x97\xac#*\xff1\x1d\xf6e\xe1\xcb\xaf#\xe5}Fi\xef\xbd\x0f \xe7f@\x19\xc4p\xa4\xc5\x13\x88y\x1e\xe7eNf\x02\xbd\xaf^\xee\b\x15\x86r\xdf\xde\xe9m\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00', 0x0)
write$FUSE_NOTIFY_STORE(r3, &(0x7f0000000800)=ANY=[], 0x2c)
sendfile(r3, r3, &(0x7f0000001000), 0xffff)

08:25:30 executing program 3:
r0 = syz_open_dev$dri(&(0x7f0000000180), 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_SETCRTC(r0, 0xc06864a2, &(0x7f0000000000)={0x0, 0x0, 0x21, 0x0, 0x0, 0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "0000001c00000000ac57b150000000ac00"}})

[  629.980819][T16060] usb 1-1: Using ep0 maxpacket: 8
[  630.021790][ T8565] usb 4-1: device descriptor read/all, error -71
[  630.028646][T16060] usb 1-1: no configurations
[  630.035918][T16060] usb 1-1: can't read configurations, error -22
[  630.084928][T16060] usb usb1-port1: attempt power cycle
08:25:31 executing program 3:
syz_mount_image$tmpfs(&(0x7f0000002740), &(0x7f0000002780)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000002900)={[{@mpol={'mpol', 0x3d, {'interleave', '=static', @void}}}], [{@fowner_eq={'fowner', 0x3d, 0xffffffffffffffff}}]})

[  630.347723][T20957] tmpfs: Unknown parameter 'fowner'
[  630.375335][T20957] tmpfs: Unknown parameter 'fowner'
08:25:31 executing program 3:
dup2(0xffffffffffffffff, 0xffffffffffffffff)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r0 = getpid()
sched_setattr(0x0, &(0x7f0000000140)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0)
sched_setattr(r0, &(0x7f0000000240)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000007dc0), 0x0, 0x0)
ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000000)=0x7)
ioctl$TIOCVHANGUP(r3, 0x5437, 0x0)
getpid()

[  630.596326][T16060] usb 1-1: new high-speed USB device number 49 using dummy_hcd
[  631.590431][T16060] usb 1-1: Using ep0 maxpacket: 8
08:25:32 executing program 0:
r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000300)=ANY=[@ANYBLOB="120100004bfee908e60f00985d19fd"], 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, &(0x7f0000000740)={0xfffffde3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000540)={0x40, 0x13, 0x58, @link_local}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0)

[  631.780727][T16060] usb 1-1: device descriptor read/all, error -71
08:25:32 executing program 3:
dup2(0xffffffffffffffff, 0xffffffffffffffff)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r0 = getpid()
sched_setattr(0x0, &(0x7f0000000140)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0)
sched_setattr(r0, &(0x7f0000000240)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000007dc0), 0x0, 0x0)
ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000000)=0x7)
ioctl$TIOCVHANGUP(r3, 0x5437, 0x0)
getpid()

[  632.261191][T16060] usb 1-1: new high-speed USB device number 50 using dummy_hcd
08:25:33 executing program 3:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000580)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sched_setattr(0x0, &(0x7f0000009d00)={0x38}, 0x0)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x0, 0x0)
sendmmsg(r0, &(0x7f0000002980)=[{{&(0x7f0000000180)=@alg={0x26, 'hash\x00', 0x0, 0x0, 'tgr160\x00'}, 0x80, 0x0}}, {{0x0, 0x0, 0x0, 0x0, &(0x7f0000000a00)}}], 0x2, 0x40800)

[  633.020656][T16060] usb 1-1: Using ep0 maxpacket: 8
[  633.060983][T16060] usb 1-1: no configurations
[  633.065661][T16060] usb 1-1: can't read configurations, error -22
[  633.088077][T16060] usb usb1-port1: unable to enumerate USB device
08:25:34 executing program 1:
prlimit64(0x0, 0xe, 0x0, 0x0)
r0 = getpid()
sched_setattr(0x0, &(0x7f0000000140)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0)
sched_setattr(r0, &(0x7f0000000240)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = memfd_create(&(0x7f0000000240)='\xb9\xecm1\xc1\xf8\xa6\x8d\xc1\xe2zMN\xc0\x17\xce/\xcd\xa2\xba \x00\x97\xac#*\xff1\x1d\xf6e\xe1\xcb\xaf#\xe5}Fi\xef\xbd\x0f \xe7f@\x19\xc4p\xa4\xc5\x13\x88y\x1e\xe7eNf\x02\xbd\xaf^\xee\b\x15\x86r\xdf\xde\xe9m\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00', 0x0)
write$FUSE_NOTIFY_STORE(r3, &(0x7f0000000800)=ANY=[], 0x2c)
sendfile(r3, r3, &(0x7f0000001000), 0xffff)

[  633.987447][T20916] netlink: 'syz-executor.5': attribute type 4 has an invalid length.
[  633.998165][T20917] netlink: 'syz-executor.5': attribute type 4 has an invalid length.
[  634.033539][T20996] loop4: detected capacity change from 0 to 16
[  634.062246][   T26] kauditd_printk_skb: 2 callbacks suppressed
[  634.062261][   T26] audit: type=1800 audit(1632817534.944:115): pid=20996 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.4" name="file0" dev="loop4" ino=57 res=0 errno=0
08:25:37 executing program 5:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
sched_setattr(0x0, &(0x7f0000000140)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0)
r0 = getpgrp(0x0)
sched_setattr(r0, &(0x7f0000000240)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
getrlimit(0x2, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sched_setattr(r0, &(0x7f00000001c0)={0x38, 0x2, 0x1000001a, 0x0, 0x26fe, 0xfffffffffffffffb, 0xe2f, 0x0, 0x0, 0x3}, 0x0)
writev(r3, &(0x7f0000000180)=[{&(0x7f0000000000)="390000001300034700bb65e1c3e4ffff01000000010000005600000025000000190004000400000007fd17e5ffff0800040000000000000000", 0x39}], 0x1)
writev(r3, &(0x7f0000000240)=[{&(0x7f00000002c0)="390000001300034700bb65e1c3e4ffff06000000010000004500000025000000190004000400ad00000000000006040000000000000000f528", 0x39}], 0x1)
vmsplice(r1, &(0x7f00000003c0)=[{&(0x7f0000000040)="c735a1b26e2625c4415ba53f87ec26f3848eef11b0f183f62d8cdb50315be470ef45", 0x22}, {&(0x7f0000000080)="39cf5689bbc0712511693947054f6768e34b7ed403ce4b014a2a7c67a24ed9e5ed4b41e36ea843440bc19f2653c90fd102672e27368bcb9263d3b9f0f5b6a5a95e750f373c94166c3bfad9bd4f91911cb42978e7bbb3587c2db7d43eb87c711f08cd534b2a01a7a876140b103132887c10fd82b4883b1195a5e68e2878a76d5213c4c10c4757df1a0952175c7e", 0x8d}, {&(0x7f0000000300)="e931235d6e5942c0d6310054c818ce0aec9e2f7e2253d570224fc84e7562dcaaec7b1c014514b70c2a05ae96b3f77fbbc1713393f56eea35c8090b1115f132dbe5dadf53cd6cb2298384d869b385c4634605842d2642f889fce91643ac4b5d8279ebc6955bf854460b26e40cdd8a4f5a3fac8b009833d4cd574bb533532c0380216d544cf621", 0x86}, {&(0x7f00000001c0)}], 0x4, 0x0)
syz_open_dev$ttys(0xc, 0x2, 0x1)
ioctl$BTRFS_IOC_TREE_SEARCH_V2(0xffffffffffffffff, 0xc0709411, 0x0)

08:25:37 executing program 2:
r0 = syz_open_dev$mouse(&(0x7f0000000480), 0x0, 0x2002)
sendmsg$nl_route(r0, 0x0, 0x0)
perf_event_open(&(0x7f0000000340)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x0, 0x3, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800"/11], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
sendmsg$nl_route(r2, &(0x7f00000002c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000280)={&(0x7f00000001c0)=@bridge_newneigh={0x40, 0x1c, 0x400, 0x70bd2d, 0x25dfdbfb, {0x1c, 0x0, 0x0, 0x0, 0x80, 0x9b, 0xa}, [@NDA_LINK_NETNSID={0x8}, @NDA_MASTER={0x8}, @NDA_DST_MAC={0xa, 0x1, @random="888998113409"}, @NDA_IFINDEX={0x8}]}, 0x40}, 0x1, 0x0, 0x0, 0x8}, 0x0)
bind(0xffffffffffffffff, 0x0, 0x0)
r3 = socket(0xa, 0x3, 0x6)
getsockopt$bt_BT_SECURITY(r3, 0x29, 0x7, 0x0, 0x9a1000)
write(r3, &(0x7f0000000100)="910faf2f3479747ace461d9f81490b8ba86a4f489be287be8b7fc0307484e2bf0d031c92341428cfe8a444285376f6a85bbb8dfb7c29da39b789178f01a0641f9ff0320e095fa14c677461c050f201ed5371c77edea157bbc0ca348a940c2f1daa81d67a90ed4eb695c6dfc6418eb5173582ace1ebdd9b5902fa9c201ddaa006243a5ea025be67c20ab2f37529dd88f7433f79b58b89364ad3979e6d5fd5c559e2d711ade65f5fdc67c9f9724f7e4c5d485160a30820cbf6c9a2e2b972b1d384", 0xc0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000380)='rcu_utilization\x00', r1}, 0x10)
r4 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$P9_RREADDIR(r4, &(0x7f00000005c0)=ANY=[@ANYRES32, @ANYRESDEC, @ANYRESHEX, @ANYRESHEX], 0xbf)
sendfile(r4, r4, &(0x7f0000000240), 0x7ffb)

08:25:37 executing program 3:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000240)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, 0x0, 0x0, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000))
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000340)=ANY=[@ANYBLOB="3c0000001000050700"/20, @ANYRES32=0x0, @ANYBLOB="4518000000000000140012800b00010062726964676500000400028008000a00", @ANYRES32, @ANYBLOB="2dc5cb8d170690175f28ab8853b72a3980349107dd81c8483affe0c2902f349e1894b80f9f4e1d87dba44649385e93d62c349ebe7d0fe632380e0c23ed336f4e8d474f62525ed3e25abc8753d50d8c8dc004145b5f5ffe186d51bc4747193844fbbd62149b1e934629eaea89"], 0x3c}}, 0x0)
syz_open_procfs(0x0, &(0x7f0000000180)='net/unix\x00')
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0)

08:25:37 executing program 0:
r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000300)=ANY=[@ANYBLOB="120100004bfee908e60f00985d19fd"], 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, &(0x7f0000000740)={0xfffffde3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000540)={0x40, 0x13, 0x58, @link_local}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0)

08:25:37 executing program 4:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r0 = getpid()
sched_setattr(0x0, &(0x7f0000000140)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0)
sched_setattr(r0, &(0x7f0000000240)={0x38, 0x2}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0)
sendfile(0xffffffffffffffff, r3, 0x0, 0x400000000001002a)
r4 = syz_mount_image$vfat(&(0x7f0000000400), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
r5 = openat(r4, &(0x7f000000c380)='./file0\x00', 0x84842, 0x0)
write(r5, &(0x7f0000004200)='t', 0xfff4)
sendmsg$NL80211_CMD_SET_INTERFACE(0xffffffffffffffff, &(0x7f0000001840)={&(0x7f0000000080), 0xc, &(0x7f0000001800)={&(0x7f00000001c0)=ANY=[@ANYRES64, @ANYRESDEC, @ANYRES32=0x0, @ANYRES32], 0x60}, 0x1, 0x0, 0x0, 0x44090}, 0x0)

[  636.140501][T20920] netlink: 'syz-executor.5': attribute type 4 has an invalid length.
08:25:37 executing program 1:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x0, 0x8d}, 0x0)
r0 = getpid()
sched_setattr(0x0, &(0x7f0000000140)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0)
sched_setattr(r0, &(0x7f0000000240)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = memfd_create(&(0x7f0000000240)='\xb9\xecm1\xc1\xf8\xa6\x8d\xc1\xe2zMN\xc0\x17\xce/\xcd\xa2\xba \x00\x97\xac#*\xff1\x1d\xf6e\xe1\xcb\xaf#\xe5}Fi\xef\xbd\x0f \xe7f@\x19\xc4p\xa4\xc5\x13\x88y\x1e\xe7eNf\x02\xbd\xaf^\xee\b\x15\x86r\xdf\xde\xe9m\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00', 0x0)
write$FUSE_NOTIFY_STORE(r3, &(0x7f0000000800)=ANY=[], 0x2c)
sendfile(r3, r3, &(0x7f0000001000), 0xffff)

[  636.620733][ T8509] usb 1-1: new high-speed USB device number 51 using dummy_hcd
08:25:38 executing program 4:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r0 = getpid()
sched_setattr(0x0, &(0x7f0000000140)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0)
sched_setattr(r0, &(0x7f0000000240)={0x38, 0x2}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0)
sendfile(0xffffffffffffffff, r3, 0x0, 0x400000000001002a)
r4 = syz_mount_image$vfat(&(0x7f0000000400), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
r5 = openat(r4, &(0x7f000000c380)='./file0\x00', 0x84842, 0x0)
write(r5, &(0x7f0000004200)='t', 0xfff4)
sendmsg$NL80211_CMD_SET_INTERFACE(0xffffffffffffffff, &(0x7f0000001840)={&(0x7f0000000080), 0xc, &(0x7f0000001800)={&(0x7f00000001c0)=ANY=[@ANYRES64, @ANYRESDEC, @ANYRES32=0x0, @ANYRES32], 0x60}, 0x1, 0x0, 0x0, 0x44090}, 0x0)

[  637.230108][ T8509] usb 1-1: Using ep0 maxpacket: 8
[  637.270286][ T8509] usb 1-1: no configurations
[  637.275036][ T8509] usb 1-1: can't read configurations, error -22
08:25:38 executing program 2:
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_FRAME(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000100)={0x94, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_FRAME={0x75, 0x33, @beacon={@with_ht={{{}, {}, @broadcast}}, 0x0, @default, 0x0, @void, @val, @void, @val={0x4, 0x6}, @void, @val={0x5, 0x3}, @val={0x25, 0x3}, @val={0x2a, 0x1}, @val={0x3c, 0x4}, @val={0x2d, 0x1a}, @val={0x72, 0x6}, @void, @val={0x76, 0x6}}}]}, 0x94}}, 0x0)

[  637.470026][ T8509] usb 1-1: new high-speed USB device number 52 using dummy_hcd
[  637.523269][T21054] loop4: detected capacity change from 0 to 16
[  637.607249][   T26] audit: type=1800 audit(1632817538.475:116): pid=21054 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.4" name="file0" dev="loop4" ino=58 res=0 errno=0
[  637.720806][ T8509] usb 1-1: Using ep0 maxpacket: 8
[  637.760344][ T8509] usb 1-1: no configurations
[  637.765082][ T8509] usb 1-1: can't read configurations, error -22
[  637.798617][ T8509] usb usb1-port1: attempt power cycle
[  638.249664][ T8509] usb 1-1: new high-speed USB device number 53 using dummy_hcd
[  638.350317][ T8509] usb 1-1: Using ep0 maxpacket: 8
[  638.390188][ T8509] usb 1-1: no configurations
[  638.395539][ T8509] usb 1-1: can't read configurations, error -22
[  638.559966][ T8509] usb 1-1: new high-speed USB device number 54 using dummy_hcd
[  638.660225][ T8509] usb 1-1: Using ep0 maxpacket: 8
[  638.700239][ T8509] usb 1-1: no configurations
[  638.705047][ T8509] usb 1-1: can't read configurations, error -22
[  638.727138][ T8509] usb usb1-port1: unable to enumerate USB device
08:25:40 executing program 0:
r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000300)=ANY=[@ANYBLOB="120100004bfee908e60f00985d19fd1f000109021200"], 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, &(0x7f0000000740)={0xfffffde3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000540)={0x40, 0x13, 0x58, @link_local}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0)

08:25:40 executing program 1:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x0, 0x8d}, 0x0)
r0 = getpid()
sched_setattr(0x0, &(0x7f0000000140)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0)
sched_setattr(r0, &(0x7f0000000240)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = memfd_create(&(0x7f0000000240)='\xb9\xecm1\xc1\xf8\xa6\x8d\xc1\xe2zMN\xc0\x17\xce/\xcd\xa2\xba \x00\x97\xac#*\xff1\x1d\xf6e\xe1\xcb\xaf#\xe5}Fi\xef\xbd\x0f \xe7f@\x19\xc4p\xa4\xc5\x13\x88y\x1e\xe7eNf\x02\xbd\xaf^\xee\b\x15\x86r\xdf\xde\xe9m\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00', 0x0)
write$FUSE_NOTIFY_STORE(r3, &(0x7f0000000800)=ANY=[], 0x2c)
sendfile(r3, r3, &(0x7f0000001000), 0xffff)

[  639.709740][ T8509] usb 1-1: new high-speed USB device number 55 using dummy_hcd
08:25:40 executing program 4:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r0 = getpid()
sched_setattr(0x0, &(0x7f0000000140)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0)
sched_setattr(r0, &(0x7f0000000240)={0x38, 0x2}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0)
sendfile(0xffffffffffffffff, r3, 0x0, 0x400000000001002a)
r4 = syz_mount_image$vfat(&(0x7f0000000400), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
r5 = openat(r4, &(0x7f000000c380)='./file0\x00', 0x84842, 0x0)
write(r5, &(0x7f0000004200)='t', 0xfff4)
sendmsg$NL80211_CMD_SET_INTERFACE(0xffffffffffffffff, &(0x7f0000001840)={&(0x7f0000000080), 0xc, &(0x7f0000001800)={&(0x7f00000001c0)=ANY=[@ANYRES64, @ANYRESDEC, @ANYRES32=0x0, @ANYRES32], 0x60}, 0x1, 0x0, 0x0, 0x44090}, 0x0)

[  639.949829][ T8509] usb 1-1: Using ep0 maxpacket: 8
[  640.070058][ T8509] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  640.080687][ T8509] usb 1-1: config 0 has no interfaces?
[  640.132490][T21029] netlink: 'syz-executor.5': attribute type 4 has an invalid length.
[  640.200087][ T8509] usb 1-1: New USB device found, idVendor=0fe6, idProduct=9800, bcdDevice=19.5d
[  640.220449][ T8509] usb 1-1: New USB device strings: Mfr=253, Product=31, SerialNumber=0
[  640.279780][ T8509] usb 1-1: Product: syz
[  640.283994][ T8509] usb 1-1: Manufacturer: syz
[  640.319853][ T8509] usb 1-1: config 0 descriptor??
[  640.327390][T21085] loop4: detected capacity change from 0 to 16
[  640.392377][   T26] audit: type=1800 audit(1632817541.275:117): pid=21085 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.4" name="file0" dev="loop4" ino=59 res=0 errno=0
08:25:42 executing program 1:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x0, 0x8d}, 0x0)
r0 = getpid()
sched_setattr(0x0, &(0x7f0000000140)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0)
sched_setattr(r0, &(0x7f0000000240)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = memfd_create(&(0x7f0000000240)='\xb9\xecm1\xc1\xf8\xa6\x8d\xc1\xe2zMN\xc0\x17\xce/\xcd\xa2\xba \x00\x97\xac#*\xff1\x1d\xf6e\xe1\xcb\xaf#\xe5}Fi\xef\xbd\x0f \xe7f@\x19\xc4p\xa4\xc5\x13\x88y\x1e\xe7eNf\x02\xbd\xaf^\xee\b\x15\x86r\xdf\xde\xe9m\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00', 0x0)
write$FUSE_NOTIFY_STORE(r3, &(0x7f0000000800)=ANY=[], 0x2c)
sendfile(r3, r3, &(0x7f0000001000), 0xffff)

08:25:42 executing program 5:
syz_mount_image$bfs(&(0x7f0000000040), &(0x7f0000000100)='./file0\x00', 0x8000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="cefaad1b000e0000ff7f", 0xa}, {&(0x7f0000010100)="020000000700000008001f", 0xb, 0x200}], 0x0, &(0x7f0000010300))

[  641.732396][T21033] netlink: 'syz-executor.5': attribute type 4 has an invalid length.
[  641.869372][T21103] loop5: detected capacity change from 0 to 64
[  641.926807][T21103] BFS-fs: bfs_fill_super(): loop5 is unclean, continuing
[  641.964884][T21103] BFS-fs: bfs_fill_super(): Inode 0x00000002 corrupted on loop5
08:25:43 executing program 5:
syz_mount_image$bfs(&(0x7f0000000040), &(0x7f0000000100)='./file0\x00', 0x8000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="cefaad1b000e0000ff7f", 0xa}, {&(0x7f0000010100)="020000000700000008001f", 0xb, 0x200}], 0x0, &(0x7f0000010300))

[  642.218885][T21112] loop5: detected capacity change from 0 to 64
[  642.248899][T21112] BFS-fs: bfs_fill_super(): loop5 is unclean, continuing
[  642.285985][T21112] BFS-fs: bfs_fill_super(): Inode 0x00000002 corrupted on loop5
[  642.395795][ T8141] usb 1-1: USB disconnect, device number 55
08:25:44 executing program 3:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r0 = getpid()
sched_setattr(0x0, &(0x7f0000000140)={0x38, 0x2, 0x0, 0x0, 0x9, 0x0, 0x3}, 0x0)
sched_setattr(r0, &(0x7f0000000240)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
sched_setattr(r0, &(0x7f0000000080)={0x38, 0x7, 0x0, 0xfffffffc, 0xfffffffd, 0xffffffffffffff00, 0x5, 0x0, 0x0, 0x4}, 0x0)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r3, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c)
recvmmsg(r3, &(0x7f0000008880), 0x400000000000249, 0x44000102, 0x0)
sendto$inet6(r3, 0x0, 0x0, 0x4, &(0x7f0000000040)={0xa, 0x4e20, 0x0, @mcast1}, 0x1c)

08:25:44 executing program 4:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r0 = getpid()
sched_setattr(0x0, &(0x7f0000000140)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0)
sched_setattr(r0, &(0x7f0000000240)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0)
sendfile(0xffffffffffffffff, r3, 0x0, 0x400000000001002a)
r4 = syz_mount_image$vfat(&(0x7f0000000400), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
r5 = openat(r4, &(0x7f000000c380)='./file0\x00', 0x84842, 0x0)
write(r5, &(0x7f0000004200)='t', 0xfff4)
sendmsg$NL80211_CMD_SET_INTERFACE(0xffffffffffffffff, &(0x7f0000001840)={&(0x7f0000000080), 0xc, &(0x7f0000001800)={&(0x7f00000001c0)=ANY=[@ANYRES64, @ANYRESDEC, @ANYRES32=0x0, @ANYRES32], 0x60}, 0x1, 0x0, 0x0, 0x44090}, 0x0)

08:25:44 executing program 0:
r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000300)=ANY=[@ANYBLOB="120100004bfee908e60f00985d19fd1f000109021200"], 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, &(0x7f0000000740)={0xfffffde3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000540)={0x40, 0x13, 0x58, @link_local}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0)

08:25:44 executing program 5:
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r2=>0x0}, &(0x7f0000cab000)=0xc)
setreuid(0x0, r2)
ioctl$VT_WAITACTIVE(r0, 0x5607)

08:25:44 executing program 1:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9}, 0x0)
r0 = getpid()
sched_setattr(0x0, &(0x7f0000000140)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0)
sched_setattr(r0, &(0x7f0000000240)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = memfd_create(&(0x7f0000000240)='\xb9\xecm1\xc1\xf8\xa6\x8d\xc1\xe2zMN\xc0\x17\xce/\xcd\xa2\xba \x00\x97\xac#*\xff1\x1d\xf6e\xe1\xcb\xaf#\xe5}Fi\xef\xbd\x0f \xe7f@\x19\xc4p\xa4\xc5\x13\x88y\x1e\xe7eNf\x02\xbd\xaf^\xee\b\x15\x86r\xdf\xde\xe9m\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00', 0x0)
write$FUSE_NOTIFY_STORE(r3, &(0x7f0000000800)=ANY=[], 0x2c)
sendfile(r3, r3, &(0x7f0000001000), 0xffff)

08:25:44 executing program 2:
perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x69, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f000002eff0)={0x133, &(0x7f0000000000)=[{}]}, 0x10)

08:25:44 executing program 4:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r0 = getpid()
sched_setattr(0x0, &(0x7f0000000140)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0)
sched_setattr(r0, &(0x7f0000000240)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0)
sendfile(0xffffffffffffffff, r3, 0x0, 0x400000000001002a)
r4 = syz_mount_image$vfat(&(0x7f0000000400), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
r5 = openat(r4, &(0x7f000000c380)='./file0\x00', 0x84842, 0x0)
write(r5, &(0x7f0000004200)='t', 0xfff4)
sendmsg$NL80211_CMD_SET_INTERFACE(0xffffffffffffffff, &(0x7f0000001840)={&(0x7f0000000080), 0xc, &(0x7f0000001800)={&(0x7f00000001c0)=ANY=[@ANYRES64, @ANYRESDEC, @ANYRES32=0x0, @ANYRES32], 0x60}, 0x1, 0x0, 0x0, 0x44090}, 0x0)

[  643.492699][T21138] loop4: detected capacity change from 0 to 16
[  643.507308][   T26] audit: type=1800 audit(1632817544.385:118): pid=21138 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.4" name="file0" dev="loop4" ino=60 res=0 errno=0
08:25:44 executing program 5:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0xd, 0x1ff}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x7}, 0x0)
r1 = gettid()
r2 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
read(r2, &(0x7f0000000080)=""/223, 0xdf)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r2, 0x4040534e, &(0x7f0000000040)={0x103, @time})
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r2, 0xc0bc5310, &(0x7f00000004c0))
tkill(r1, 0x7)

[  643.722693][T21160] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead.
[  643.758581][T21158] loop4: detected capacity change from 0 to 16
08:25:44 executing program 4:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r0 = getpid()
sched_setattr(0x0, &(0x7f0000000140)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0)
sched_setattr(r0, &(0x7f0000000240)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0)
sendfile(0xffffffffffffffff, r3, 0x0, 0x400000000001002a)
r4 = syz_mount_image$vfat(&(0x7f0000000400), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
r5 = openat(r4, &(0x7f000000c380)='./file0\x00', 0x84842, 0x0)
write(r5, &(0x7f0000004200)='t', 0xfff4)
sendmsg$NL80211_CMD_SET_INTERFACE(0xffffffffffffffff, &(0x7f0000001840)={&(0x7f0000000080), 0xc, &(0x7f0000001800)={&(0x7f00000001c0)=ANY=[@ANYRES64, @ANYRESDEC, @ANYRES32=0x0, @ANYRES32], 0x60}, 0x1, 0x0, 0x0, 0x44090}, 0x0)

[  643.807020][   T26] audit: type=1800 audit(1632817544.655:119): pid=21158 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.4" name="file0" dev="loop4" ino=61 res=0 errno=0
[  643.920215][T16060] usb 1-1: new high-speed USB device number 56 using dummy_hcd
08:25:45 executing program 4:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r0 = getpid()
sched_setattr(0x0, &(0x7f0000000140)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0)
sched_setattr(r0, &(0x7f0000000240)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0)
sendfile(0xffffffffffffffff, r1, 0x0, 0x400000000001002a)
r2 = syz_mount_image$vfat(&(0x7f0000000400), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
r3 = openat(r2, &(0x7f000000c380)='./file0\x00', 0x84842, 0x0)
write(r3, &(0x7f0000004200)='t', 0xfff4)
sendmsg$NL80211_CMD_SET_INTERFACE(0xffffffffffffffff, &(0x7f0000001840)={&(0x7f0000000080), 0xc, &(0x7f0000001800)={&(0x7f00000001c0)=ANY=[@ANYRES64, @ANYRESDEC, @ANYRES32=0x0, @ANYRES32], 0x60}, 0x1, 0x0, 0x0, 0x44090}, 0x0)

[  644.083850][T21168] loop4: detected capacity change from 0 to 16
[  644.101214][   T26] audit: type=1800 audit(1632817544.985:120): pid=21168 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.4" name="file0" dev="loop4" ino=62 res=0 errno=0
08:25:45 executing program 2:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r0 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000140)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0)
sched_setattr(r0, &(0x7f00000000c0)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = open(&(0x7f0000000080)='./bus\x00', 0x14d842, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
sendfile(r3, r4, 0x0, 0x800003c2)
setpgid(0x0, 0x0)

[  644.219683][T16060] usb 1-1: Using ep0 maxpacket: 8
[  644.382644][   T26] audit: type=1800 audit(1632817545.245:121): pid=21182 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.2" name="bus" dev="sda1" ino=14577 res=0 errno=0
08:25:46 executing program 5:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000200)="66130700ae897094e700267f97eaa769be36b2fb7be6a16d05c41b0d4e677d9959d7b76597a774e67307492bb3fa424e2770241d2796c3603523d14d08e4baa878a8238a93859cdcd394f49a8b59742205dd40542e436cda4c55c9a138bdf7894872a3ef40a6d975fde7d3ce25a8b01ac639a65a3b9c40916031bf58e36c1e39943a628025aa6af6ed0bcc951e806fa7c48ce99499fb2459050d7d6b0e46abf0e731f77ada0bc38f7d1771bffeb199912135d08e8aeb18a2665cd3ce51bdb5e1f72e6c6725a0d7f5dcc7808042139d2c1d091e44501779a92828c4035818e0fded5bedd8", 0xe4}], 0x4, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x3a)
sendmsg$TIPC_NL_MON_GET(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000100)={0xfffffffffffffffc}}, 0x0)
ptrace$cont(0x18, r0, 0x0, 0x0)
wait4(0x0, 0x0, 0x0, 0x0)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
exit_group(0x0)

08:25:46 executing program 3:
syz_mount_image$msdos(&(0x7f0000000040), &(0x7f00000000c0)='./file1\x00', 0xaea1, 0x2, &(0x7f00000002c0)=[{&(0x7f0000000140)="040005090000000066617400040409000200027400f801", 0x17}, {&(0x7f0000000280)="8becdd10f36f", 0x6, 0x20}], 0x0, &(0x7f0000000080)=ANY=[])
ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)

08:25:46 executing program 4:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r0 = getpid()
sched_setattr(0x0, &(0x7f0000000140)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0)
sched_setattr(r0, &(0x7f0000000240)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0)
sendfile(0xffffffffffffffff, r1, 0x0, 0x400000000001002a)
r2 = syz_mount_image$vfat(&(0x7f0000000400), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
r3 = openat(r2, &(0x7f000000c380)='./file0\x00', 0x84842, 0x0)
write(r3, &(0x7f0000004200)='t', 0xfff4)
sendmsg$NL80211_CMD_SET_INTERFACE(0xffffffffffffffff, &(0x7f0000001840)={&(0x7f0000000080), 0xc, &(0x7f0000001800)={&(0x7f00000001c0)=ANY=[@ANYRES64, @ANYRESDEC, @ANYRES32=0x0, @ANYRES32], 0x60}, 0x1, 0x0, 0x0, 0x44090}, 0x0)

[  645.793309][T21188] loop4: detected capacity change from 0 to 16
[  645.914615][   T26] audit: type=1800 audit(1632817546.625:122): pid=21185 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.2" name="bus" dev="sda1" ino=14577 res=0 errno=0
[  645.928246][T16060] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  645.945053][T16060] usb 1-1: config 0 has no interfaces?
[  645.993701][T21193] loop3: detected capacity change from 0 to 87
[  646.024552][   T26] audit: type=1800 audit(1632817546.685:123): pid=21188 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.4" name="file0" dev="loop4" ino=63 res=0 errno=0
[  646.055392][T21204] loop4: detected capacity change from 0 to 16
[  646.123955][   T26] audit: type=1800 audit(1632817546.955:124): pid=21204 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.4" name="file0" dev="loop4" ino=64 res=0 errno=0
[  646.127658][T21193] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  646.144693][T16060] usb 1-1: New USB device found, idVendor=0fe6, idProduct=9800, bcdDevice=19.5d
[  646.198894][T16060] usb 1-1: New USB device strings: Mfr=253, Product=31, SerialNumber=0
[  646.218587][T16060] usb 1-1: Product: syz
[  646.229365][T16060] usb 1-1: Manufacturer: syz
[  646.262945][T16060] usb 1-1: config 0 descriptor??
08:25:47 executing program 0:
r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000300)=ANY=[@ANYBLOB="120100004bfee908e60f00985d19fd1f000109021200"], 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, &(0x7f0000000740)={0xfffffde3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000540)={0x40, 0x13, 0x58, @link_local}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0)

08:25:47 executing program 2:
getdents64(0xffffffffffffffff, 0x0, 0x0)
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000080))
timer_settime(0x0, 0x0, &(0x7f0000000100)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
timer_create(0x0, &(0x7f0000000280)={0x0, 0x14}, &(0x7f00000001c0)=<r0=>0x0)
timer_settime(r0, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x3938700}}, 0x0)
futex(&(0x7f0000000000)=0x1, 0x0, 0x1, &(0x7f0000000040)={0x0, 0x3938700}, &(0x7f0000000140), 0x2)

[  646.484431][ T8141] usb 1-1: USB disconnect, device number 56
[  647.030640][ T8141] usb 1-1: new high-speed USB device number 57 using dummy_hcd
08:25:48 executing program 1:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9}, 0x0)
r0 = getpid()
sched_setattr(0x0, &(0x7f0000000140)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0)
sched_setattr(r0, &(0x7f0000000240)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = memfd_create(&(0x7f0000000240)='\xb9\xecm1\xc1\xf8\xa6\x8d\xc1\xe2zMN\xc0\x17\xce/\xcd\xa2\xba \x00\x97\xac#*\xff1\x1d\xf6e\xe1\xcb\xaf#\xe5}Fi\xef\xbd\x0f \xe7f@\x19\xc4p\xa4\xc5\x13\x88y\x1e\xe7eNf\x02\xbd\xaf^\xee\b\x15\x86r\xdf\xde\xe9m\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00', 0x0)
write$FUSE_NOTIFY_STORE(r3, &(0x7f0000000800)=ANY=[], 0x2c)
sendfile(r3, r3, &(0x7f0000001000), 0xffff)

08:25:48 executing program 4:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r0 = getpid()
sched_setattr(0x0, &(0x7f0000000140)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0)
sched_setattr(r0, &(0x7f0000000240)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0)
sendfile(0xffffffffffffffff, r1, 0x0, 0x400000000001002a)
r2 = syz_mount_image$vfat(&(0x7f0000000400), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
r3 = openat(r2, &(0x7f000000c380)='./file0\x00', 0x84842, 0x0)
write(r3, &(0x7f0000004200)='t', 0xfff4)
sendmsg$NL80211_CMD_SET_INTERFACE(0xffffffffffffffff, &(0x7f0000001840)={&(0x7f0000000080), 0xc, &(0x7f0000001800)={&(0x7f00000001c0)=ANY=[@ANYRES64, @ANYRESDEC, @ANYRES32=0x0, @ANYRES32], 0x60}, 0x1, 0x0, 0x0, 0x44090}, 0x0)

08:25:48 executing program 5:
r0 = openat$misdntimer(0xffffffffffffff9c, &(0x7f0000000080), 0x200080, 0x0)
close(r0)

08:25:48 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000)={0x2})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000001c0)={[0x4, 0x0, 0x0, 0x8, 0x1, 0x0, 0x1002]})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000140))
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000056f000/0x18000)=nil, &(0x7f0000000080)=[@text32={0x20, &(0x7f00000000c0)="66ba4000b0c2ee66bad104b829280000efea0e0000000a00b8050000000f23d80f21f835c00000a00f23f8653e65f30f21c62e0fae2b0f01c2b8060000000f23d00f21f835200000000f23f8c4c3a1cf830000000002d9f7", 0x58}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000040))

08:25:48 executing program 2:
r0 = socket$inet(0x10, 0x2000000003, 0x0)
sendmsg(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000480)=[{&(0x7f0000000080)="24000000260007031dfffd866fa283002020020000000000000000010c1ba3a20400ff7e", 0x24}], 0x1}, 0x0)
recvmmsg(r0, &(0x7f0000005b00)=[{{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f00000003c0)=""/131, 0x83}, {&(0x7f0000000700)=""/159, 0x9f}, {&(0x7f0000001680)=""/246, 0xf6}, {&(0x7f0000006cc0)=""/4109, 0x100d}], 0x4}}], 0x1, 0x0, 0x0)

[  647.279311][ T8141] usb 1-1: Using ep0 maxpacket: 8
08:25:48 executing program 5:
r0 = syz_open_dev$ttys(0xc, 0x2, 0x0)
ioctl$TIOCGPGRP(r0, 0x80045432, &(0x7f0000000000))

[  647.305347][T21244] loop4: detected capacity change from 0 to 16
[  647.323553][   T26] audit: type=1800 audit(1632817548.205:125): pid=21244 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.4" name="file0" dev="loop4" ino=65 res=0 errno=0
08:25:48 executing program 4:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r0 = getpid()
sched_setattr(0x0, &(0x7f0000000140)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0)
sched_setattr(r0, &(0x7f0000000240)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0)
sendfile(0xffffffffffffffff, r3, 0x0, 0x400000000001002a)
r4 = syz_mount_image$vfat(&(0x7f0000000400), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
r5 = openat(r4, &(0x7f000000c380)='./file0\x00', 0x84842, 0x0)
write(r5, &(0x7f0000004200)='t', 0xfff4)
sendmsg$NL80211_CMD_SET_INTERFACE(0xffffffffffffffff, &(0x7f0000001840)={&(0x7f0000000080), 0xc, &(0x7f0000001800)={&(0x7f00000001c0)=ANY=[@ANYRES64, @ANYRESDEC, @ANYRES32=0x0, @ANYRES32], 0x60}, 0x1, 0x0, 0x0, 0x44090}, 0x0)

08:25:48 executing program 2:
r0 = socket$inet(0x10, 0x2000000003, 0x0)
sendmsg(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000480)=[{&(0x7f0000000080)="24000000260007031dfffd866fa283002020020000000000000000010c1ba3a20400ff7e", 0x24}], 0x1}, 0x0)
recvmmsg(r0, &(0x7f0000005b00)=[{{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f00000003c0)=""/131, 0x83}, {&(0x7f0000000700)=""/159, 0x9f}, {&(0x7f0000001680)=""/246, 0xf6}, {&(0x7f0000006cc0)=""/4109, 0x100d}], 0x4}}], 0x1, 0x0, 0x0)

[  647.439713][ T8141] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  647.474064][ T8141] usb 1-1: config 0 has no interfaces?
[  647.640699][ T8141] usb 1-1: New USB device found, idVendor=0fe6, idProduct=9800, bcdDevice=19.5d
[  647.657486][T21267] loop4: detected capacity change from 0 to 16
[  647.677524][   T26] audit: type=1800 audit(1632817548.555:126): pid=21267 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.4" name="file0" dev="loop4" ino=66 res=0 errno=0
08:25:48 executing program 5:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r0 = getpid()
sched_setattr(0x0, &(0x7f0000000140)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0)
sched_setattr(r0, &(0x7f0000000240)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000))
r4 = dup(0xffffffffffffffff)
getpeername$packet(r4, &(0x7f0000000000)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
r6 = getpgid(0x0)
perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x509, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, r6, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sched_setattr(r6, &(0x7f0000000100)={0x38, 0x5, 0x40, 0x0, 0x5, 0x0, 0x200, 0x2, 0x7f, 0x4}, 0x0)
getsockopt$inet6_IPV6_XFRM_POLICY(r4, 0x29, 0x23, &(0x7f0000000300)={{{@in6=@local, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r7=>0x0}}, {{@in=@multicast2}, 0x0, @in6=@mcast1}}, &(0x7f00000001c0)=0xe8)
socket$packet(0x11, 0x3, 0x300)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000004880)=@newlink={0x50, 0x10, 0x705, 0x0, 0x0, {0x0, 0x0, 0x0, r7, 0x1845, 0x10004}, [@IFLA_LINKINFO={0x28, 0x12, 0x0, 0x1, @veth={{0x9}, {0x18, 0x2, 0x0, 0x1, @val=@VETH_INFO_PEER={0x14, 0x1, {{0x0, 0x0, 0x0, 0x0, 0x30050, 0x33d049041f16bfb2}}}}}}, @IFLA_MASTER={0x8, 0xa, r5}]}, 0x50}, 0x1, 0x0, 0x0, 0xc004}, 0x0)
bpf$OBJ_GET_MAP(0x7, 0x0, 0x0)

[  647.738651][ T8141] usb 1-1: New USB device strings: Mfr=253, Product=31, SerialNumber=0
08:25:48 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000)={0x2})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000001c0)={[0x4, 0x0, 0x0, 0x8, 0x1, 0x0, 0x1002]})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000140))
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000056f000/0x18000)=nil, &(0x7f0000000080)=[@text32={0x20, &(0x7f00000000c0)="66ba4000b0c2ee66bad104b829280000efea0e0000000a00b8050000000f23d80f21f835c00000a00f23f8653e65f30f21c62e0fae2b0f01c2b8060000000f23d00f21f835200000000f23f8c4c3a1cf830000000002d9f7", 0x58}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000040))

[  647.897087][ T8141] usb 1-1: Product: syz
[  647.955821][ T8141] usb 1-1: Manufacturer: syz
[  648.041889][ T8141] usb 1-1: config 0 descriptor??
08:25:50 executing program 0:
r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000300)=ANY=[@ANYBLOB="120100004bfee908e60f00985d19fd1f00010902120001000000"], 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, &(0x7f0000000740)={0xfffffde3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000540)={0x40, 0x13, 0x58, @link_local}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0)

08:25:50 executing program 2:
r0 = socket$inet(0x10, 0x2000000003, 0x0)
sendmsg(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000480)=[{&(0x7f0000000080)="24000000260007031dfffd866fa283002020020000000000000000010c1ba3a20400ff7e", 0x24}], 0x1}, 0x0)
recvmmsg(r0, &(0x7f0000005b00)=[{{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f00000003c0)=""/131, 0x83}, {&(0x7f0000000700)=""/159, 0x9f}, {&(0x7f0000001680)=""/246, 0xf6}, {&(0x7f0000006cc0)=""/4109, 0x100d}], 0x4}}], 0x1, 0x0, 0x0)

08:25:50 executing program 4:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r0 = getpid()
sched_setattr(0x0, &(0x7f0000000140)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0)
sched_setattr(r0, &(0x7f0000000240)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0)
sendfile(0xffffffffffffffff, r3, 0x0, 0x400000000001002a)
r4 = syz_mount_image$vfat(&(0x7f0000000400), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
r5 = openat(r4, &(0x7f000000c380)='./file0\x00', 0x84842, 0x0)
write(r5, &(0x7f0000004200)='t', 0xfff4)
sendmsg$NL80211_CMD_SET_INTERFACE(0xffffffffffffffff, &(0x7f0000001840)={&(0x7f0000000080), 0xc, &(0x7f0000001800)={&(0x7f00000001c0)=ANY=[@ANYRES64, @ANYRESDEC, @ANYRES32=0x0, @ANYRES32], 0x60}, 0x1, 0x0, 0x0, 0x44090}, 0x0)

08:25:50 executing program 5:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r0 = getpid()
sched_setattr(0x0, &(0x7f0000000140)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0)
sched_setattr(r0, &(0x7f0000000240)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000))
r4 = dup(0xffffffffffffffff)
getpeername$packet(r4, &(0x7f0000000000)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
r6 = getpgid(0x0)
perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x509, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, r6, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sched_setattr(r6, &(0x7f0000000100)={0x38, 0x5, 0x40, 0x0, 0x5, 0x0, 0x200, 0x2, 0x7f, 0x4}, 0x0)
getsockopt$inet6_IPV6_XFRM_POLICY(r4, 0x29, 0x23, &(0x7f0000000300)={{{@in6=@local, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r7=>0x0}}, {{@in=@multicast2}, 0x0, @in6=@mcast1}}, &(0x7f00000001c0)=0xe8)
socket$packet(0x11, 0x3, 0x300)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000004880)=@newlink={0x50, 0x10, 0x705, 0x0, 0x0, {0x0, 0x0, 0x0, r7, 0x1845, 0x10004}, [@IFLA_LINKINFO={0x28, 0x12, 0x0, 0x1, @veth={{0x9}, {0x18, 0x2, 0x0, 0x1, @val=@VETH_INFO_PEER={0x14, 0x1, {{0x0, 0x0, 0x0, 0x0, 0x30050, 0x33d049041f16bfb2}}}}}}, @IFLA_MASTER={0x8, 0xa, r5}]}, 0x50}, 0x1, 0x0, 0x0, 0xc004}, 0x0)
bpf$OBJ_GET_MAP(0x7, 0x0, 0x0)

08:25:50 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000)={0x2})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000001c0)={[0x4, 0x0, 0x0, 0x8, 0x1, 0x0, 0x1002]})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000140))
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000056f000/0x18000)=nil, &(0x7f0000000080)=[@text32={0x20, &(0x7f00000000c0)="66ba4000b0c2ee66bad104b829280000efea0e0000000a00b8050000000f23d80f21f835c00000a00f23f8653e65f30f21c62e0fae2b0f01c2b8060000000f23d00f21f835200000000f23f8c4c3a1cf830000000002d9f7", 0x58}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000040))

08:25:50 executing program 1:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9}, 0x0)
r0 = getpid()
sched_setattr(0x0, &(0x7f0000000140)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0)
sched_setattr(r0, &(0x7f0000000240)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = memfd_create(&(0x7f0000000240)='\xb9\xecm1\xc1\xf8\xa6\x8d\xc1\xe2zMN\xc0\x17\xce/\xcd\xa2\xba \x00\x97\xac#*\xff1\x1d\xf6e\xe1\xcb\xaf#\xe5}Fi\xef\xbd\x0f \xe7f@\x19\xc4p\xa4\xc5\x13\x88y\x1e\xe7eNf\x02\xbd\xaf^\xee\b\x15\x86r\xdf\xde\xe9m\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00', 0x0)
write$FUSE_NOTIFY_STORE(r3, &(0x7f0000000800)=ANY=[], 0x2c)
sendfile(r3, r3, &(0x7f0000001000), 0xffff)

[  649.981736][T16060] usb 1-1: USB disconnect, device number 57
[  650.777974][T21348] loop4: detected capacity change from 0 to 16
08:25:52 executing program 2:
r0 = socket$inet(0x10, 0x2000000003, 0x0)
sendmsg(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000480)=[{&(0x7f0000000080)="24000000260007031dfffd866fa283002020020000000000000000010c1ba3a20400ff7e", 0x24}], 0x1}, 0x0)
recvmmsg(r0, &(0x7f0000005b00)=[{{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f00000003c0)=""/131, 0x83}, {&(0x7f0000000700)=""/159, 0x9f}, {&(0x7f0000001680)=""/246, 0xf6}, {&(0x7f0000006cc0)=""/4109, 0x100d}], 0x4}}], 0x1, 0x0, 0x0)

08:25:52 executing program 4:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r0 = getpid()
sched_setattr(0x0, &(0x7f0000000140)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0)
sched_setattr(r0, &(0x7f0000000240)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0)
sendfile(0xffffffffffffffff, r3, 0x0, 0x400000000001002a)
r4 = syz_mount_image$vfat(&(0x7f0000000400), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
r5 = openat(r4, &(0x7f000000c380)='./file0\x00', 0x84842, 0x0)
write(r5, &(0x7f0000004200)='t', 0xfff4)
sendmsg$NL80211_CMD_SET_INTERFACE(0xffffffffffffffff, &(0x7f0000001840)={&(0x7f0000000080), 0xc, &(0x7f0000001800)={&(0x7f00000001c0)=ANY=[@ANYRES64, @ANYRESDEC, @ANYRES32=0x0, @ANYRES32], 0x60}, 0x1, 0x0, 0x0, 0x44090}, 0x0)

08:25:53 executing program 5:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r0 = getpid()
sched_setattr(0x0, &(0x7f0000000140)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0)
sched_setattr(r0, &(0x7f0000000240)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000))
r4 = dup(0xffffffffffffffff)
getpeername$packet(r4, &(0x7f0000000000)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
r6 = getpgid(0x0)
perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x509, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, r6, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sched_setattr(r6, &(0x7f0000000100)={0x38, 0x5, 0x40, 0x0, 0x5, 0x0, 0x200, 0x2, 0x7f, 0x4}, 0x0)
getsockopt$inet6_IPV6_XFRM_POLICY(r4, 0x29, 0x23, &(0x7f0000000300)={{{@in6=@local, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r7=>0x0}}, {{@in=@multicast2}, 0x0, @in6=@mcast1}}, &(0x7f00000001c0)=0xe8)
socket$packet(0x11, 0x3, 0x300)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000004880)=@newlink={0x50, 0x10, 0x705, 0x0, 0x0, {0x0, 0x0, 0x0, r7, 0x1845, 0x10004}, [@IFLA_LINKINFO={0x28, 0x12, 0x0, 0x1, @veth={{0x9}, {0x18, 0x2, 0x0, 0x1, @val=@VETH_INFO_PEER={0x14, 0x1, {{0x0, 0x0, 0x0, 0x0, 0x30050, 0x33d049041f16bfb2}}}}}}, @IFLA_MASTER={0x8, 0xa, r5}]}, 0x50}, 0x1, 0x0, 0x0, 0xc004}, 0x0)
bpf$OBJ_GET_MAP(0x7, 0x0, 0x0)

08:25:53 executing program 2:
r0 = socket$inet(0x10, 0x2000000003, 0x0)
recvmmsg(r0, &(0x7f0000005b00)=[{{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f00000003c0)=""/131, 0x83}, {&(0x7f0000000700)=""/159, 0x9f}, {&(0x7f0000001680)=""/246, 0xf6}, {&(0x7f0000006cc0)=""/4109, 0x100d}], 0x4}}], 0x1, 0x0, 0x0)

08:25:53 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000)={0x2})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000001c0)={[0x4, 0x0, 0x0, 0x8, 0x1, 0x0, 0x1002]})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000140))
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000056f000/0x18000)=nil, &(0x7f0000000080)=[@text32={0x20, &(0x7f00000000c0)="66ba4000b0c2ee66bad104b829280000efea0e0000000a00b8050000000f23d80f21f835c00000a00f23f8653e65f30f21c62e0fae2b0f01c2b8060000000f23d00f21f835200000000f23f8c4c3a1cf830000000002d9f7", 0x58}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000040))

[  653.539694][T21388] loop4: detected capacity change from 0 to 16
08:25:55 executing program 4:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r0 = getpid()
sched_setattr(0x0, &(0x7f0000000140)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0)
sched_setattr(r0, &(0x7f0000000240)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, 0x0, 0x0)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0)
sendfile(0xffffffffffffffff, r3, 0x0, 0x400000000001002a)
r4 = syz_mount_image$vfat(&(0x7f0000000400), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
r5 = openat(r4, &(0x7f000000c380)='./file0\x00', 0x84842, 0x0)
write(r5, &(0x7f0000004200)='t', 0xfff4)
sendmsg$NL80211_CMD_SET_INTERFACE(0xffffffffffffffff, &(0x7f0000001840)={&(0x7f0000000080), 0xc, &(0x7f0000001800)={&(0x7f00000001c0)=ANY=[@ANYRES64, @ANYRESDEC, @ANYRES32=0x0, @ANYRES32], 0x60}, 0x1, 0x0, 0x0, 0x44090}, 0x0)

[  654.539021][T16060] usb 1-1: new high-speed USB device number 58 using dummy_hcd
08:25:55 executing program 0:
r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000300)=ANY=[@ANYBLOB="120100004bfee908e60f00985d19fd1f00010902120001000000"], 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, &(0x7f0000000740)={0xfffffde3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000540)={0x40, 0x13, 0x58, @link_local}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0)

08:25:56 executing program 5:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r0 = getpid()
sched_setattr(0x0, &(0x7f0000000140)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0)
sched_setattr(r0, &(0x7f0000000240)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000))
r4 = dup(0xffffffffffffffff)
getpeername$packet(r4, &(0x7f0000000000)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
r6 = getpgid(0x0)
perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x509, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, r6, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sched_setattr(r6, &(0x7f0000000100)={0x38, 0x5, 0x40, 0x0, 0x5, 0x0, 0x200, 0x2, 0x7f, 0x4}, 0x0)
getsockopt$inet6_IPV6_XFRM_POLICY(r4, 0x29, 0x23, &(0x7f0000000300)={{{@in6=@local, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r7=>0x0}}, {{@in=@multicast2}, 0x0, @in6=@mcast1}}, &(0x7f00000001c0)=0xe8)
socket$packet(0x11, 0x3, 0x300)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000004880)=@newlink={0x50, 0x10, 0x705, 0x0, 0x0, {0x0, 0x0, 0x0, r7, 0x1845, 0x10004}, [@IFLA_LINKINFO={0x28, 0x12, 0x0, 0x1, @veth={{0x9}, {0x18, 0x2, 0x0, 0x1, @val=@VETH_INFO_PEER={0x14, 0x1, {{0x0, 0x0, 0x0, 0x0, 0x30050, 0x33d049041f16bfb2}}}}}}, @IFLA_MASTER={0x8, 0xa, r5}]}, 0x50}, 0x1, 0x0, 0x0, 0xc004}, 0x0)
bpf$OBJ_GET_MAP(0x7, 0x0, 0x0)

08:25:56 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000)={0x2})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000001c0)={[0x4, 0x0, 0x0, 0x8, 0x1, 0x0, 0x1002]})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000140))
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000056f000/0x18000)=nil, &(0x7f0000000080)=[@text32={0x20, &(0x7f00000000c0)="66ba4000b0c2ee66bad104b829280000efea0e0000000a00b8050000000f23d80f21f835c00000a00f23f8653e65f30f21c62e0fae2b0f01c2b8060000000f23d00f21f835200000000f23f8c4c3a1cf830000000002d9f7", 0x58}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60)

08:25:56 executing program 2:
r0 = socket$inet(0x10, 0x2000000003, 0x0)
recvmmsg(r0, &(0x7f0000005b00)=[{{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f00000003c0)=""/131, 0x83}, {&(0x7f0000000700)=""/159, 0x9f}, {&(0x7f0000001680)=""/246, 0xf6}, {&(0x7f0000006cc0)=""/4109, 0x100d}], 0x4}}], 0x1, 0x0, 0x0)

[  656.550013][T21448] loop4: detected capacity change from 0 to 16
08:25:57 executing program 4:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r0 = getpid()
sched_setattr(0x0, &(0x7f0000000140)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0)
sched_setattr(r0, &(0x7f0000000240)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, 0x0, 0x0)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0)
sendfile(0xffffffffffffffff, r3, 0x0, 0x400000000001002a)
r4 = syz_mount_image$vfat(&(0x7f0000000400), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
r5 = openat(r4, &(0x7f000000c380)='./file0\x00', 0x84842, 0x0)
write(r5, &(0x7f0000004200)='t', 0xfff4)
sendmsg$NL80211_CMD_SET_INTERFACE(0xffffffffffffffff, &(0x7f0000001840)={&(0x7f0000000080), 0xc, &(0x7f0000001800)={&(0x7f00000001c0)=ANY=[@ANYRES64, @ANYRESDEC, @ANYRES32=0x0, @ANYRES32], 0x60}, 0x1, 0x0, 0x0, 0x44090}, 0x0)

[  657.128683][T16060] usb 1-1: device descriptor read/64, error -71
08:25:58 executing program 1:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r0 = getpid()
sched_setattr(0x0, 0x0, 0x0)
sched_setattr(r0, &(0x7f0000000240)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = memfd_create(&(0x7f0000000240)='\xb9\xecm1\xc1\xf8\xa6\x8d\xc1\xe2zMN\xc0\x17\xce/\xcd\xa2\xba \x00\x97\xac#*\xff1\x1d\xf6e\xe1\xcb\xaf#\xe5}Fi\xef\xbd\x0f \xe7f@\x19\xc4p\xa4\xc5\x13\x88y\x1e\xe7eNf\x02\xbd\xaf^\xee\b\x15\x86r\xdf\xde\xe9m\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00', 0x0)
write$FUSE_NOTIFY_STORE(r3, &(0x7f0000000800)=ANY=[], 0x2c)
sendfile(r3, r3, &(0x7f0000001000), 0xffff)

08:25:58 executing program 5:
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
ioctl$UI_DEV_SETUP(r0, 0x541b, 0x0)

08:25:58 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000)={0x2})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000001c0)={[0x4, 0x0, 0x0, 0x8, 0x1, 0x0, 0x1002]})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000140))
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000056f000/0x18000)=nil, &(0x7f0000000080)=[@text32={0x20, &(0x7f00000000c0)="66ba4000b0c2ee66bad104b829280000efea0e0000000a00b8050000000f23d80f21f835c00000a00f23f8653e65f30f21c62e0fae2b0f01c2b8060000000f23d00f21f835200000000f23f8c4c3a1cf830000000002d9f7", 0x58}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60)

[  657.291272][T21464] loop4: detected capacity change from 0 to 16
[  657.307079][   T26] audit: type=1800 audit(1632817558.186:127): pid=21464 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.4" name="file0" dev="loop4" ino=67 res=0 errno=0
[  657.418737][T16060] usb 1-1: new high-speed USB device number 59 using dummy_hcd
08:25:58 executing program 2:
r0 = socket$inet(0x10, 0x2000000003, 0x0)
recvmmsg(r0, &(0x7f0000005b00)=[{{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f00000003c0)=""/131, 0x83}, {&(0x7f0000000700)=""/159, 0x9f}, {&(0x7f0000001680)=""/246, 0xf6}, {&(0x7f0000006cc0)=""/4109, 0x100d}], 0x4}}], 0x1, 0x0, 0x0)

08:25:58 executing program 5:
perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x69, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c000000100001", @ANYBLOB], 0x3c}}, 0x0)

08:25:58 executing program 0:
r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000300)=ANY=[@ANYBLOB="120100004bfee908e60f00985d19fd1f00010902120001000000"], 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, &(0x7f0000000740)={0xfffffde3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000540)={0x40, 0x13, 0x58, @link_local}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0)

08:25:58 executing program 4:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r0 = getpid()
sched_setattr(0x0, &(0x7f0000000140)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0)
sched_setattr(r0, &(0x7f0000000240)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, 0x0, 0x0)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0)
sendfile(0xffffffffffffffff, r3, 0x0, 0x400000000001002a)
r4 = syz_mount_image$vfat(&(0x7f0000000400), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
r5 = openat(r4, &(0x7f000000c380)='./file0\x00', 0x84842, 0x0)
write(r5, &(0x7f0000004200)='t', 0xfff4)
sendmsg$NL80211_CMD_SET_INTERFACE(0xffffffffffffffff, &(0x7f0000001840)={&(0x7f0000000080), 0xc, &(0x7f0000001800)={&(0x7f00000001c0)=ANY=[@ANYRES64, @ANYRESDEC, @ANYRES32=0x0, @ANYRES32], 0x60}, 0x1, 0x0, 0x0, 0x44090}, 0x0)

[  658.161490][T21491] netlink: 28 bytes leftover after parsing attributes in process `syz-executor.5'.
[  658.226797][T21494] netlink: 28 bytes leftover after parsing attributes in process `syz-executor.5'.
[  658.269303][T16060] usb 1-1: device not accepting address 59, error -71
[  658.287135][T16060] usb usb1-port1: attempt power cycle
[  658.307237][T21497] loop4: detected capacity change from 0 to 16
[  658.338018][   T26] audit: type=1800 audit(1632817559.216:128): pid=21497 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.4" name="file0" dev="loop4" ino=68 res=0 errno=0
08:25:59 executing program 5:
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)={0x5c, 0x2, 0x6, 0x101, 0xe, 0x0, {}, [@IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_TYPENAME={0x16, 0x3, 'hash:net,port,net\x00'}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_HASHSIZE={0x8, 0x12, 0x1, 0x0, 0xe000000}]}]}, 0x5c}}, 0x0)

08:25:59 executing program 1:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r0 = getpid()
sched_setattr(0x0, 0x0, 0x0)
sched_setattr(r0, &(0x7f0000000240)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = memfd_create(&(0x7f0000000240)='\xb9\xecm1\xc1\xf8\xa6\x8d\xc1\xe2zMN\xc0\x17\xce/\xcd\xa2\xba \x00\x97\xac#*\xff1\x1d\xf6e\xe1\xcb\xaf#\xe5}Fi\xef\xbd\x0f \xe7f@\x19\xc4p\xa4\xc5\x13\x88y\x1e\xe7eNf\x02\xbd\xaf^\xee\b\x15\x86r\xdf\xde\xe9m\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00', 0x0)
write$FUSE_NOTIFY_STORE(r3, &(0x7f0000000800)=ANY=[], 0x2c)
sendfile(r3, r3, &(0x7f0000001000), 0xffff)

[  658.838622][T16060] usb 1-1: new high-speed USB device number 60 using dummy_hcd
[  658.857516][T21510] ------------[ cut here ]------------
[  658.984853][T21510] WARNING: CPU: 1 PID: 21510 at mm/util.c:597 kvmalloc_node+0x108/0x110
08:25:59 executing program 4:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r0 = getpid()
sched_setattr(0x0, &(0x7f0000000140)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0)
sched_setattr(r0, &(0x7f0000000240)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0)
sendfile(0xffffffffffffffff, r2, 0x0, 0x400000000001002a)
r3 = syz_mount_image$vfat(&(0x7f0000000400), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
r4 = openat(r3, &(0x7f000000c380)='./file0\x00', 0x84842, 0x0)
write(r4, &(0x7f0000004200)='t', 0xfff4)
sendmsg$NL80211_CMD_SET_INTERFACE(0xffffffffffffffff, &(0x7f0000001840)={&(0x7f0000000080), 0xc, &(0x7f0000001800)={&(0x7f00000001c0)=ANY=[@ANYRES64, @ANYRESDEC, @ANYRES32=0x0, @ANYRES32], 0x60}, 0x1, 0x0, 0x0, 0x44090}, 0x0)

[  659.181501][T21510] Modules linked in:
08:26:00 executing program 2:
sendmsg(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000480)=[{&(0x7f0000000080)="24000000260007031dfffd866fa283002020020000000000000000010c1ba3a20400ff7e", 0x24}], 0x1}, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000005b00)=[{{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f00000003c0)=""/131, 0x83}, {&(0x7f0000000700)=""/159, 0x9f}, {&(0x7f0000001680)=""/246, 0xf6}, {&(0x7f0000006cc0)=""/4109, 0x100d}], 0x4}}], 0x1, 0x0, 0x0)

[  659.268326][T21510] CPU: 1 PID: 21510 Comm: syz-executor.5 Not tainted 5.15.0-rc3-syzkaller #0
08:26:00 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000)={0x2})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000001c0)={[0x4, 0x0, 0x0, 0x8, 0x1, 0x0, 0x1002]})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000140))
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000056f000/0x18000)=nil, &(0x7f0000000080)=[@text32={0x20, &(0x7f00000000c0)="66ba4000b0c2ee66bad104b829280000efea0e0000000a00b8050000000f23d80f21f835c00000a00f23f8653e65f30f21c62e0fae2b0f01c2b8060000000f23d00f21f835200000000f23f8c4c3a1cf830000000002d9f7", 0x58}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60)

[  659.318620][T21510] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  659.328981][T21510] RIP: 0010:kvmalloc_node+0x108/0x110
[  659.334384][T21510] Code: ff 48 89 df 44 89 fe 44 89 f2 e8 63 ca 17 00 48 89 c5 eb 05 e8 99 26 cd ff 48 89 e8 5b 41 5c 41 5e 41 5f 5d c3 e8 88 26 cd ff <0f> 0b 31 ed eb e9 66 90 41 56 53 49 89 f6 48 89 fb e8 72 26 cd ff
[  659.360745][T21510] RSP: 0018:ffffc900193ced30 EFLAGS: 00010287
[  659.366855][T21510] RAX: ffffffff81b54f58 RBX: 0000000080000018 RCX: 0000000000040000
[  659.375200][T21510] RDX: ffffc90014034000 RSI: 0000000000000e17 RDI: 0000000000000e18
[  659.383604][T21510] RBP: 0000000000000000 R08: ffffffff81b54efc R09: ffffed10173a64a2
[  659.392080][T16060] usb 1-1: Using ep0 maxpacket: 8
[  659.398130][T21510] R10: ffffed10173a64a2 R11: 0000000000000000 R12: 0000000000000000
[  659.422062][T21510] R13: dffffc0000000000 R14: 00000000ffffffff R15: 0000000000400dc0
[  659.436472][T21510] FS:  00007f00d1614700(0000) GS:ffff8880b9c00000(0000) knlGS:0000000000000000
[  659.467081][T21510] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  659.486178][T21517] loop4: detected capacity change from 0 to 16
[  659.506373][T21510] CR2: 00007f237301006c CR3: 000000006b949000 CR4: 00000000003526f0
08:26:00 executing program 2:
sendmsg(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000480)=[{&(0x7f0000000080)="24000000260007031dfffd866fa283002020020000000000000000010c1ba3a20400ff7e", 0x24}], 0x1}, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000005b00)=[{{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f00000003c0)=""/131, 0x83}, {&(0x7f0000000700)=""/159, 0x9f}, {&(0x7f0000001680)=""/246, 0xf6}, {&(0x7f0000006cc0)=""/4109, 0x100d}], 0x4}}], 0x1, 0x0, 0x0)

[  659.539223][T16060] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  659.549899][   T26] audit: type=1800 audit(1632817560.436:129): pid=21517 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.4" name="file0" dev="loop4" ino=69 res=0 errno=0
[  659.577574][T21510] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  659.604291][T16060] usb 1-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  659.632752][T21510] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  659.679235][T21510] Call Trace:
[  659.696985][T21510]  hash_netportnet_create+0x358/0xfe0
[  659.724823][T21510]  ? __nla_parse+0x3c/0x50
08:26:00 executing program 1:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r0 = getpid()
sched_setattr(0x0, 0x0, 0x0)
sched_setattr(r0, &(0x7f0000000240)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = memfd_create(&(0x7f0000000240)='\xb9\xecm1\xc1\xf8\xa6\x8d\xc1\xe2zMN\xc0\x17\xce/\xcd\xa2\xba \x00\x97\xac#*\xff1\x1d\xf6e\xe1\xcb\xaf#\xe5}Fi\xef\xbd\x0f \xe7f@\x19\xc4p\xa4\xc5\x13\x88y\x1e\xe7eNf\x02\xbd\xaf^\xee\b\x15\x86r\xdf\xde\xe9m\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00', 0x0)
write$FUSE_NOTIFY_STORE(r3, &(0x7f0000000800)=ANY=[], 0x2c)
sendfile(r3, r3, &(0x7f0000001000), 0xffff)

[  659.749203][T21510]  ? asan.module_dtor+0x20/0x20
[  659.771721][T21510]  ip_set_create+0xa06/0x1740
[  659.788907][T16060] usb 1-1: New USB device found, idVendor=0fe6, idProduct=9800, bcdDevice=19.5d
[  659.810967][T21510]  ? ip_set_protocol+0x620/0x620
08:26:00 executing program 2:
sendmsg(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000480)=[{&(0x7f0000000080)="24000000260007031dfffd866fa283002020020000000000000000010c1ba3a20400ff7e", 0x24}], 0x1}, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000005b00)=[{{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f00000003c0)=""/131, 0x83}, {&(0x7f0000000700)=""/159, 0x9f}, {&(0x7f0000001680)=""/246, 0xf6}, {&(0x7f0000006cc0)=""/4109, 0x100d}], 0x4}}], 0x1, 0x0, 0x0)

[  659.817240][T16060] usb 1-1: New USB device strings: Mfr=253, Product=31, SerialNumber=0
[  659.842606][T21510]  nfnetlink_rcv_msg+0xb05/0x1010
[  659.860435][T16060] usb 1-1: Product: syz
[  659.867617][T21510]  ? nfnetlink_bind+0x240/0x240
[  659.886115][T16060] usb 1-1: Manufacturer: syz
[  659.901838][T21510]  ? do_syscall_64+0x44/0xd0
[  659.920380][T16060] usb 1-1: config 0 descriptor??
[  659.928904][T21510]  ? entry_SYSCALL_64_after_hwframe+0x44/0xae
[  660.192003][T21510]  netlink_rcv_skb+0x200/0x470
[  660.277506][T21510]  ? nfnetlink_bind+0x240/0x240
[  660.334558][T21510]  ? netlink_ack+0xb70/0xb70
08:26:01 executing program 4:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r0 = getpid()
sched_setattr(0x0, &(0x7f0000000140)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0)
sched_setattr(r0, &(0x7f0000000240)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0)
sendfile(0xffffffffffffffff, r2, 0x0, 0x400000000001002a)
r3 = syz_mount_image$vfat(&(0x7f0000000400), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
r4 = openat(r3, &(0x7f000000c380)='./file0\x00', 0x84842, 0x0)
write(r4, &(0x7f0000004200)='t', 0xfff4)
sendmsg$NL80211_CMD_SET_INTERFACE(0xffffffffffffffff, &(0x7f0000001840)={&(0x7f0000000080), 0xc, &(0x7f0000001800)={&(0x7f00000001c0)=ANY=[@ANYRES64, @ANYRESDEC, @ANYRES32=0x0, @ANYRES32], 0x60}, 0x1, 0x0, 0x0, 0x44090}, 0x0)

[  660.409600][T21510]  ? bpf_lsm_capable+0x5/0x10
[  660.432505][T21510]  ? security_capable+0xb1/0xd0
[  660.437488][T21510]  nfnetlink_rcv+0x28d/0x2550
[  660.442287][T21510]  ? print_irqtrace_events+0x220/0x220
[  660.447812][T21510]  ? __local_bh_enable_ip+0x163/0x1f0
[  660.453394][T21510]  ? lockdep_hardirqs_on+0x95/0x140
[  660.458727][T21510]  ? __local_bh_enable_ip+0x163/0x1f0
[  660.464119][T21510]  ? local_bh_enable+0x5/0x20
[  660.475987][T21510]  ? _local_bh_enable+0xa0/0xa0
[  660.480947][T21510]  ? nfnetlink_net_exit_batch+0xb0/0xb0
[  660.486508][T21510]  ? __dev_queue_xmit+0x1e41/0x34c0
08:26:01 executing program 2:
r0 = socket$inet(0x10, 0x0, 0x0)
sendmsg(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000480)=[{&(0x7f0000000080)="24000000260007031dfffd866fa283002020020000000000000000010c1ba3a20400ff7e", 0x24}], 0x1}, 0x0)
recvmmsg(r0, &(0x7f0000005b00)=[{{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f00000003c0)=""/131, 0x83}, {&(0x7f0000000700)=""/159, 0x9f}, {&(0x7f0000001680)=""/246, 0xf6}, {&(0x7f0000006cc0)=""/4109, 0x100d}], 0x4}}], 0x1, 0x0, 0x0)

[  660.537581][T21510]  ? rcu_read_lock_sched_held+0x89/0x130
[  660.569959][T21510]  ? __bpf_trace_rcu_stall_warning+0x10/0x10
[  660.587228][T21510]  ? dev_queue_xmit+0x20/0x20
[  660.596990][T21510]  ? rcu_lock_release+0x5/0x20
[  660.614524][T21510]  ? __lock_acquire+0x2b00/0x2b00
[  660.627274][T21510]  ? netlink_deliver_tap+0x130/0x880
[  660.635487][T21553] loop4: detected capacity change from 0 to 16
[  660.652119][   T26] audit: type=1800 audit(1632817561.536:130): pid=21553 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.4" name="file0" dev="loop4" ino=70 res=0 errno=0
[  660.676390][T21510]  netlink_unicast+0x814/0x9f0
[  660.687992][T21510]  ? netlink_detachskb+0xa0/0xa0
[  660.697994][T21510]  ? __virt_addr_valid+0x21b/0x2d0
[  660.712549][T21510]  ? __phys_addr_symbol+0x2b/0x70
[  660.722454][T21510]  ? __check_object_size+0x2f3/0x3f0
[  660.728085][T21510]  ? bpf_lsm_netlink_send+0x5/0x10
[  660.734918][T21510]  netlink_sendmsg+0xa29/0xe50
[  660.742361][T21510]  ? netlink_getsockopt+0xa60/0xa60
[  660.747800][T21510]  ? iovec_from_user+0x359/0x390
[  660.754665][T21510]  ? __import_iovec+0x35f/0x500
[  660.763404][T21510]  ? bpf_lsm_socket_sendmsg+0x5/0x10
[  660.770247][T21510]  ? security_socket_sendmsg+0x9d/0xb0
[  660.776001][T21510]  ? netlink_getsockopt+0xa60/0xa60
[  660.787426][T21510]  ____sys_sendmsg+0x5b9/0x910
[  660.798994][T21510]  ? __sys_sendmsg_sock+0x30/0x30
[  660.804258][T21510]  __sys_sendmsg+0x36f/0x450
[  660.813682][T21510]  ? ____sys_sendmsg+0x910/0x910
[  660.822311][T21510]  ? rcu_read_lock_sched_held+0x89/0x130
[  660.828224][T21510]  ? __context_tracking_exit+0x7a/0xd0
[  660.845359][T21510]  ? lockdep_hardirqs_on_prepare+0x412/0x780
[  660.864006][T21510]  ? __bpf_trace_rcu_stall_warning+0x10/0x10
[  660.874974][T21510]  ? syscall_enter_from_user_mode+0x2e/0x1b0
[  660.895018][T21510]  ? lockdep_hardirqs_on+0x95/0x140
[  660.904832][T21510]  ? syscall_enter_from_user_mode+0x2e/0x1b0
[  660.924444][T21510]  do_syscall_64+0x44/0xd0
[  660.932040][T21510]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  660.938258][T21510] RIP: 0033:0x7f00d409d709
[  660.947221][T21510] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  660.975011][T21510] RSP: 002b:00007f00d1614188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  660.984551][T21510] RAX: ffffffffffffffda RBX: 00007f00d41a1f60 RCX: 00007f00d409d709
[  661.000475][T21510] RDX: 0000000000000000 RSI: 0000000020000280 RDI: 0000000000000003
[  661.015115][T21510] RBP: 00007f00d40f7cb4 R08: 0000000000000000 R09: 0000000000000000
[  661.025227][T21510] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  661.040967][T21510] R13: 00007ffd1a6d2bef R14: 00007f00d1614300 R15: 0000000000022000
[  661.053582][T21510] Kernel panic - not syncing: panic_on_warn set ...
[  661.060180][T21510] CPU: 1 PID: 21510 Comm: syz-executor.5 Not tainted 5.15.0-rc3-syzkaller #0
[  661.068943][T21510] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  661.079000][T21510] Call Trace:
[  661.082286][T21510]  dump_stack_lvl+0x1dc/0x2d8
[  661.087032][T21510]  ? show_regs_print_info+0x12/0x12
[  661.092243][T21510]  ? log_buf_vmcoreinfo_setup+0x498/0x498
[  661.098044][T21510]  panic+0x2d6/0x810
[  661.101949][T21510]  ? __warn+0x13e/0x270
[  661.106116][T21510]  ? nmi_panic+0x90/0x90
[  661.110387][T21510]  __warn+0x26a/0x270
[  661.114375][T21510]  ? kvmalloc_node+0x108/0x110
[  661.119151][T21510]  ? kvmalloc_node+0x108/0x110
[  661.123922][T21510]  report_bug+0x1b1/0x2e0
[  661.128270][T21510]  handle_bug+0x3d/0x70
[  661.132434][T21510]  exc_invalid_op+0x16/0x40
[  661.136945][T21510]  asm_exc_invalid_op+0x12/0x20
[  661.141802][T21510] RIP: 0010:kvmalloc_node+0x108/0x110
[  661.147182][T21510] Code: ff 48 89 df 44 89 fe 44 89 f2 e8 63 ca 17 00 48 89 c5 eb 05 e8 99 26 cd ff 48 89 e8 5b 41 5c 41 5e 41 5f 5d c3 e8 88 26 cd ff <0f> 0b 31 ed eb e9 66 90 41 56 53 49 89 f6 48 89 fb e8 72 26 cd ff
[  661.166793][T21510] RSP: 0018:ffffc900193ced30 EFLAGS: 00010287
[  661.172872][T21510] RAX: ffffffff81b54f58 RBX: 0000000080000018 RCX: 0000000000040000
[  661.181022][T21510] RDX: ffffc90014034000 RSI: 0000000000000e17 RDI: 0000000000000e18
[  661.189001][T21510] RBP: 0000000000000000 R08: ffffffff81b54efc R09: ffffed10173a64a2
[  661.196965][T21510] R10: ffffed10173a64a2 R11: 0000000000000000 R12: 0000000000000000
[  661.204939][T21510] R13: dffffc0000000000 R14: 00000000ffffffff R15: 0000000000400dc0
[  661.213001][T21510]  ? kvmalloc_node+0xac/0x110
[  661.217687][T21510]  ? kvmalloc_node+0x108/0x110
[  661.222457][T21510]  hash_netportnet_create+0x358/0xfe0
[  661.227852][T21510]  ? __nla_parse+0x3c/0x50
[  661.232256][T21510]  ? asan.module_dtor+0x20/0x20
[  661.237140][T21510]  ip_set_create+0xa06/0x1740
[  661.241809][T21510]  ? ip_set_protocol+0x620/0x620
[  661.246753][T21510]  nfnetlink_rcv_msg+0xb05/0x1010
[  661.251819][T21510]  ? nfnetlink_bind+0x240/0x240
[  661.256665][T21510]  ? do_syscall_64+0x44/0xd0
[  661.261241][T21510]  ? entry_SYSCALL_64_after_hwframe+0x44/0xae
[  661.267333][T21510]  netlink_rcv_skb+0x200/0x470
[  661.272100][T21510]  ? nfnetlink_bind+0x240/0x240
[  661.276939][T21510]  ? netlink_ack+0xb70/0xb70
[  661.281525][T21510]  ? bpf_lsm_capable+0x5/0x10
[  661.286192][T21510]  ? security_capable+0xb1/0xd0
[  661.291065][T21510]  nfnetlink_rcv+0x28d/0x2550
[  661.295732][T21510]  ? print_irqtrace_events+0x220/0x220
[  661.301183][T21510]  ? __local_bh_enable_ip+0x163/0x1f0
[  661.306555][T21510]  ? lockdep_hardirqs_on+0x95/0x140
[  661.311757][T21510]  ? __local_bh_enable_ip+0x163/0x1f0
[  661.317134][T21510]  ? local_bh_enable+0x5/0x20
[  661.321815][T21510]  ? _local_bh_enable+0xa0/0xa0
[  661.326664][T21510]  ? nfnetlink_net_exit_batch+0xb0/0xb0
[  661.332195][T21510]  ? __dev_queue_xmit+0x1e41/0x34c0
[  661.337383][T21510]  ? rcu_read_lock_sched_held+0x89/0x130
[  661.343001][T21510]  ? __bpf_trace_rcu_stall_warning+0x10/0x10
[  661.348971][T21510]  ? dev_queue_xmit+0x20/0x20
[  661.353660][T21510]  ? rcu_lock_release+0x5/0x20
[  661.358408][T21510]  ? __lock_acquire+0x2b00/0x2b00
[  661.363414][T21510]  ? netlink_deliver_tap+0x130/0x880
[  661.368691][T21510]  netlink_unicast+0x814/0x9f0
[  661.373467][T21510]  ? netlink_detachskb+0xa0/0xa0
[  661.378450][T21510]  ? __virt_addr_valid+0x21b/0x2d0
[  661.383551][T21510]  ? __phys_addr_symbol+0x2b/0x70
[  661.388571][T21510]  ? __check_object_size+0x2f3/0x3f0
[  661.393841][T21510]  ? bpf_lsm_netlink_send+0x5/0x10
[  661.398946][T21510]  netlink_sendmsg+0xa29/0xe50
[  661.403734][T21510]  ? netlink_getsockopt+0xa60/0xa60
[  661.408937][T21510]  ? iovec_from_user+0x359/0x390
[  661.413880][T21510]  ? __import_iovec+0x35f/0x500
[  661.416208][T16060] usb 1-1: USB disconnect, device number 60
[  661.418737][T21510]  ? bpf_lsm_socket_sendmsg+0x5/0x10
[  661.429935][T21510]  ? security_socket_sendmsg+0x9d/0xb0
[  661.435403][T21510]  ? netlink_getsockopt+0xa60/0xa60
[  661.440610][T21510]  ____sys_sendmsg+0x5b9/0x910
[  661.445397][T21510]  ? __sys_sendmsg_sock+0x30/0x30
[  661.450452][T21510]  __sys_sendmsg+0x36f/0x450
[  661.455060][T21510]  ? ____sys_sendmsg+0x910/0x910
[  661.460007][T21510]  ? rcu_read_lock_sched_held+0x89/0x130
[  661.465675][T21510]  ? __context_tracking_exit+0x7a/0xd0
[  661.471251][T21510]  ? lockdep_hardirqs_on_prepare+0x412/0x780
[  661.477241][T21510]  ? __bpf_trace_rcu_stall_warning+0x10/0x10
[  661.483241][T21510]  ? syscall_enter_from_user_mode+0x2e/0x1b0
[  661.489231][T21510]  ? lockdep_hardirqs_on+0x95/0x140
[  661.494442][T21510]  ? syscall_enter_from_user_mode+0x2e/0x1b0
[  661.500432][T21510]  do_syscall_64+0x44/0xd0
08:26:02 executing program 0:
r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000300)=ANY=[@ANYBLOB="120100004bfee908e60f00985d19fd1f000109021200010000000009"], 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, &(0x7f0000000740)={0xfffffde3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000540)={0x40, 0x13, 0x58, @link_local}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0)

08:26:02 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000)={0x2})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000001c0)={[0x4, 0x0, 0x0, 0x8, 0x1, 0x0, 0x1002]})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000140))
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000056f000/0x18000)=nil, &(0x7f0000000080)=[@text32={0x20, &(0x7f00000000c0)="66ba4000b0c2ee66bad104b829280000efea0e0000000a00b8050000000f23d80f21f835c00000a00f23f8653e65f30f21c62e0fae2b0f01c2b8060000000f23d00f21f835200000000f23f8c4c3a1cf830000000002d9f7", 0x58}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000040))

[  661.504878][T21510]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  661.511649][T21510] RIP: 0033:0x7f00d409d709
[  661.516073][T21510] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  661.535684][T21510] RSP: 002b:00007f00d1614188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  661.544111][T21510] RAX: ffffffffffffffda RBX: 00007f00d41a1f60 RCX: 00007f00d409d709
[  661.552089][T21510] RDX: 0000000000000000 RSI: 0000000020000280 RDI: 0000000000000003
[  661.560066][T21510] RBP: 00007f00d40f7cb4 R08: 0000000000000000 R09: 0000000000000000
[  661.568056][T21510] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  661.576030][T21510] R13: 00007ffd1a6d2bef R14: 00007f00d1614300 R15: 0000000000022000
[  661.584326][T21510] Kernel Offset: disabled
[  661.588828][T21510] Rebooting in 86400 seconds..