Warning: Permanently added '[localhost]:58482' (ECDSA) to the list of known hosts. 2023/02/13 11:02:21 fuzzer started 2023/02/13 11:02:22 dialing manager at localhost:39143 syzkaller login: [ 37.354221] cgroup: Unknown subsys name 'net' [ 37.461218] cgroup: Unknown subsys name 'rlimit' 2023/02/13 11:02:37 syscalls: 2217 2023/02/13 11:02:37 code coverage: enabled 2023/02/13 11:02:37 comparison tracing: enabled 2023/02/13 11:02:37 extra coverage: enabled 2023/02/13 11:02:37 setuid sandbox: enabled 2023/02/13 11:02:37 namespace sandbox: enabled 2023/02/13 11:02:37 Android sandbox: enabled 2023/02/13 11:02:37 fault injection: enabled 2023/02/13 11:02:37 leak checking: enabled 2023/02/13 11:02:37 net packet injection: enabled 2023/02/13 11:02:37 net device setup: enabled 2023/02/13 11:02:37 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2023/02/13 11:02:37 devlink PCI setup: PCI device 0000:00:10.0 is not available 2023/02/13 11:02:37 USB emulation: enabled 2023/02/13 11:02:37 hci packet injection: enabled 2023/02/13 11:02:37 wifi device emulation: enabled 2023/02/13 11:02:37 802.15.4 emulation: enabled 2023/02/13 11:02:37 fetching corpus: 0, signal 0/2000 (executing program) 2023/02/13 11:02:37 fetching corpus: 38, signal 28020/31373 (executing program) 2023/02/13 11:02:37 fetching corpus: 88, signal 39467/44153 (executing program) 2023/02/13 11:02:37 fetching corpus: 138, signal 54695/60353 (executing program) 2023/02/13 11:02:37 fetching corpus: 187, signal 61258/67943 (executing program) 2023/02/13 11:02:38 fetching corpus: 237, signal 67601/75225 (executing program) 2023/02/13 11:02:38 fetching corpus: 287, signal 72811/81300 (executing program) 2023/02/13 11:02:38 fetching corpus: 335, signal 76960/86280 (executing program) 2023/02/13 11:02:38 fetching corpus: 384, signal 83361/93200 (executing program) 2023/02/13 11:02:38 fetching corpus: 432, signal 88179/98566 (executing program) 2023/02/13 11:02:38 fetching corpus: 481, signal 92771/103676 (executing program) 2023/02/13 11:02:38 fetching corpus: 530, signal 96409/107816 (executing program) 2023/02/13 11:02:39 fetching corpus: 578, signal 100763/112507 (executing program) 2023/02/13 11:02:39 fetching corpus: 628, signal 104084/116214 (executing program) 2023/02/13 11:02:39 fetching corpus: 678, signal 107378/119810 (executing program) 2023/02/13 11:02:39 fetching corpus: 728, signal 110363/123178 (executing program) 2023/02/13 11:02:39 fetching corpus: 777, signal 112808/125927 (executing program) 2023/02/13 11:02:39 fetching corpus: 827, signal 115380/128754 (executing program) 2023/02/13 11:02:39 fetching corpus: 876, signal 118144/131713 (executing program) 2023/02/13 11:02:40 fetching corpus: 926, signal 120438/134184 (executing program) 2023/02/13 11:02:40 fetching corpus: 976, signal 121809/135932 (executing program) 2023/02/13 11:02:40 fetching corpus: 1025, signal 123712/138107 (executing program) 2023/02/13 11:02:40 fetching corpus: 1075, signal 126605/140943 (executing program) 2023/02/13 11:02:40 fetching corpus: 1124, signal 128673/143100 (executing program) 2023/02/13 11:02:40 fetching corpus: 1174, signal 130113/144773 (executing program) 2023/02/13 11:02:40 fetching corpus: 1224, signal 131650/146457 (executing program) 2023/02/13 11:02:40 fetching corpus: 1273, signal 134263/148849 (executing program) 2023/02/13 11:02:41 fetching corpus: 1322, signal 136727/151143 (executing program) 2023/02/13 11:02:41 fetching corpus: 1372, signal 138098/152599 (executing program) 2023/02/13 11:02:41 fetching corpus: 1422, signal 139942/154341 (executing program) 2023/02/13 11:02:41 fetching corpus: 1472, signal 141574/155913 (executing program) 2023/02/13 11:02:41 fetching corpus: 1522, signal 143097/157317 (executing program) 2023/02/13 11:02:41 fetching corpus: 1572, signal 144345/158561 (executing program) 2023/02/13 11:02:42 fetching corpus: 1622, signal 145537/159776 (executing program) 2023/02/13 11:02:42 fetching corpus: 1672, signal 146776/160904 (executing program) 2023/02/13 11:02:42 fetching corpus: 1722, signal 148213/162221 (executing program) 2023/02/13 11:02:42 fetching corpus: 1768, signal 150108/163765 (executing program) 2023/02/13 11:02:42 fetching corpus: 1815, signal 151970/165249 (executing program) 2023/02/13 11:02:42 fetching corpus: 1865, signal 152897/166110 (executing program) 2023/02/13 11:02:42 fetching corpus: 1914, signal 154651/167427 (executing program) 2023/02/13 11:02:43 fetching corpus: 1963, signal 156195/168561 (executing program) 2023/02/13 11:02:43 fetching corpus: 2012, signal 157181/169412 (executing program) 2023/02/13 11:02:43 fetching corpus: 2062, signal 158220/170268 (executing program) 2023/02/13 11:02:43 fetching corpus: 2109, signal 159496/171206 (executing program) 2023/02/13 11:02:43 fetching corpus: 2158, signal 160460/171975 (executing program) 2023/02/13 11:02:43 fetching corpus: 2208, signal 162060/173039 (executing program) 2023/02/13 11:02:43 fetching corpus: 2258, signal 163481/173974 (executing program) 2023/02/13 11:02:44 fetching corpus: 2307, signal 164305/174609 (executing program) 2023/02/13 11:02:44 fetching corpus: 2356, signal 165934/175568 (executing program) 2023/02/13 11:02:44 fetching corpus: 2406, signal 166878/176198 (executing program) 2023/02/13 11:02:44 fetching corpus: 2455, signal 167848/176799 (executing program) 2023/02/13 11:02:44 fetching corpus: 2503, signal 168907/177401 (executing program) 2023/02/13 11:02:44 fetching corpus: 2553, signal 170464/178186 (executing program) 2023/02/13 11:02:44 fetching corpus: 2602, signal 171537/178806 (executing program) 2023/02/13 11:02:45 fetching corpus: 2650, signal 172444/179341 (executing program) 2023/02/13 11:02:45 fetching corpus: 2700, signal 172996/179684 (executing program) 2023/02/13 11:02:45 fetching corpus: 2748, signal 174126/180266 (executing program) 2023/02/13 11:02:45 fetching corpus: 2798, signal 174976/180719 (executing program) 2023/02/13 11:02:45 fetching corpus: 2848, signal 176094/181210 (executing program) 2023/02/13 11:02:45 fetching corpus: 2898, signal 177000/181611 (executing program) 2023/02/13 11:02:45 fetching corpus: 2948, signal 177649/181938 (executing program) 2023/02/13 11:02:45 fetching corpus: 2997, signal 178328/182233 (executing program) 2023/02/13 11:02:46 fetching corpus: 3047, signal 179287/182578 (executing program) 2023/02/13 11:02:46 fetching corpus: 3097, signal 180133/182898 (executing program) 2023/02/13 11:02:46 fetching corpus: 3145, signal 180781/183158 (executing program) 2023/02/13 11:02:46 fetching corpus: 3184, signal 181647/183439 (executing program) 2023/02/13 11:02:46 fetching corpus: 3185, signal 181647/183478 (executing program) 2023/02/13 11:02:46 fetching corpus: 3186, signal 181655/183508 (executing program) 2023/02/13 11:02:46 fetching corpus: 3186, signal 181659/183538 (executing program) 2023/02/13 11:02:46 fetching corpus: 3186, signal 181659/183558 (executing program) 2023/02/13 11:02:46 fetching corpus: 3186, signal 181659/183582 (executing program) 2023/02/13 11:02:46 fetching corpus: 3186, signal 181659/183602 (executing program) 2023/02/13 11:02:46 fetching corpus: 3186, signal 181659/183625 (executing program) 2023/02/13 11:02:46 fetching corpus: 3186, signal 181659/183652 (executing program) 2023/02/13 11:02:46 fetching corpus: 3186, signal 181659/183682 (executing program) 2023/02/13 11:02:46 fetching corpus: 3186, signal 181659/183710 (executing program) 2023/02/13 11:02:46 fetching corpus: 3186, signal 181681/183744 (executing program) 2023/02/13 11:02:46 fetching corpus: 3186, signal 181681/183774 (executing program) 2023/02/13 11:02:46 fetching corpus: 3186, signal 181681/183806 (executing program) 2023/02/13 11:02:46 fetching corpus: 3186, signal 181681/183830 (executing program) 2023/02/13 11:02:46 fetching corpus: 3186, signal 181681/183858 (executing program) 2023/02/13 11:02:46 fetching corpus: 3186, signal 181681/183884 (executing program) 2023/02/13 11:02:46 fetching corpus: 3186, signal 181681/183912 (executing program) 2023/02/13 11:02:46 fetching corpus: 3186, signal 181681/183937 (executing program) 2023/02/13 11:02:46 fetching corpus: 3186, signal 181681/183972 (executing program) 2023/02/13 11:02:46 fetching corpus: 3186, signal 181681/183999 (executing program) 2023/02/13 11:02:46 fetching corpus: 3186, signal 181681/184027 (executing program) 2023/02/13 11:02:46 fetching corpus: 3186, signal 181681/184050 (executing program) 2023/02/13 11:02:46 fetching corpus: 3186, signal 181681/184077 (executing program) 2023/02/13 11:02:46 fetching corpus: 3186, signal 181681/184114 (executing program) 2023/02/13 11:02:46 fetching corpus: 3186, signal 181681/184141 (executing program) 2023/02/13 11:02:46 fetching corpus: 3186, signal 181681/184167 (executing program) 2023/02/13 11:02:46 fetching corpus: 3186, signal 181681/184168 (executing program) 2023/02/13 11:02:46 fetching corpus: 3186, signal 181681/184168 (executing program) 2023/02/13 11:02:48 starting 8 fuzzer processes 11:02:48 executing program 0: r0 = socket$inet(0x2, 0xa, 0x0) getpeername$inet(r0, 0x0, 0x0) 11:02:48 executing program 7: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0xcc80, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_register$IORING_UNREGISTER_BUFFERS(0xffffffffffffffff, 0x1, 0x1000000, 0x0) r0 = syz_io_uring_setup(0x4cdd, &(0x7f0000000140)={0x0, 0x6c4c, 0x10, 0x3, 0x20f}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000000000), &(0x7f0000000300)) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={&(0x7f0000000040), 0xb}, 0x0, 0x20, 0x0, 0x0, 0x8}, 0x0, 0xfffffeffffffffff, 0xffffffffffffffff, 0x2) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) io_uring_enter(0xffffffffffffffff, 0x61a7, 0x29cf, 0x1, &(0x7f0000000200)={[0x135]}, 0x8) fallocate(r1, 0x0, 0x0, 0x87ffffc) pidfd_open(0x0, 0x0) getpid() ioctl$AUTOFS_DEV_IOCTL_OPENMOUNT(r1, 0xc0189374, &(0x7f00000001c0)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYBLOB="3c45a8006c6530000000000000000000"]) socket$inet6_udp(0xa, 0x2, 0x0) sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000002880), 0x4000101, 0x0) 11:02:48 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file1\x00', 0x4042, 0x1) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) pwritev(r1, &(0x7f0000000080)=[{&(0x7f0000000140)='\x00', 0x1a}], 0x1, 0x7fffffc, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) sendfile(r2, r2, 0x0, 0x100000) openat(0xffffffffffffffff, &(0x7f0000000000)='./file1\x00', 0x48200, 0x100) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r0, 0x0, 0x100000) 11:02:48 executing program 4: mlock2(&(0x7f0000fef000/0x1000)=nil, 0x1000, 0x0) shmat(0xffffffffffffffff, &(0x7f0000fed000/0x13000)=nil, 0x0) shmat(0x0, &(0x7f0000ffe000/0x2000)=nil, 0x2000) shmat(0x0, &(0x7f0000ff2000/0x4000)=nil, 0x1000) r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x81}, 0x8, 0x7ff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x3) mincore(&(0x7f0000ffa000/0x3000)=nil, 0x3000, &(0x7f0000001700)=""/201) mmap$perf(&(0x7f0000fed000/0x3000)=nil, 0x3000, 0x0, 0x13, r0, 0x4) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x2000000000000000}, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x41, 0x0) openat2(0xffffffffffffffff, &(0x7f0000000240)='./file0\x00', &(0x7f0000000300)={0x400242, 0x21}, 0x18) r2 = ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82) ioctl$BTRFS_IOC_DEFAULT_SUBVOL(r1, 0x40089413, &(0x7f0000000180)=0xe65) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) mremap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x1000, 0x2, &(0x7f0000ff7000/0x1000)=nil) ioctl$SNAPSHOT_FREE(0xffffffffffffffff, 0x3305) sigaltstack(&(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000000)) finit_module(0xffffffffffffffff, &(0x7f00000004c0)='/dev/loop-control\x00', 0x1) semop(0x0, &(0x7f00000000c0)=[{}], 0x1) 11:02:48 executing program 5: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000f00)={0x0, 0x0, &(0x7f0000000ec0)={&(0x7f0000000c00)=@allocspi={0xf8, 0x16, 0x1, 0x0, 0x0, {{{@in=@private, @in6=@remote}, {@in=@local, 0x0, 0x32}, @in6=@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}, 0x40000000}}, 0xf8}}, 0x0) 11:02:48 executing program 6: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000240), 0x0) ppoll(&(0x7f0000000300)=[{}, {r0}], 0x2, &(0x7f0000000340)={0x0, 0x3938700}, 0x0, 0x0) 11:02:48 executing program 1: perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0xa, 0x0) ioctl$sock_inet_SIOCDARP(r0, 0x8953, &(0x7f0000002440)={{0x2, 0x0, @local}, {0x0, @dev}, 0x2a, {0x2, 0x0, @empty}}) 11:02:48 executing program 2: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) r0 = inotify_init() inotify_add_watch(r0, &(0x7f0000000040)='./file0\x00', 0x4000920) creat(&(0x7f00000001c0)='./file0/file0\x00', 0x0) inotify_add_watch(r0, &(0x7f0000000080)='./file0/file0\x00', 0x42000080) creat(&(0x7f0000000000)='./file0/file0\x00', 0x0) [ 62.782322] audit: type=1400 audit(1676286168.724:6): avc: denied { execmem } for pid=257 comm="syz-executor.0" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1 [ 64.080405] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 64.082848] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 64.084617] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 64.085876] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 64.087391] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 64.088608] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 64.127557] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 64.129463] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 64.132840] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 64.134835] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 64.136701] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 64.138636] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 64.140160] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 64.141343] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 64.142579] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 64.144199] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 64.145545] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 64.146970] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 64.148601] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 64.149866] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 64.151099] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 64.152406] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 64.153611] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 64.154683] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 64.166252] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 64.167442] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 64.168488] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 64.169464] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 64.170759] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 64.172242] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 64.179339] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 64.180483] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 64.181143] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 64.183822] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 64.191041] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 64.207912] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 64.209083] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 64.215978] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 64.217499] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 64.217813] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 64.220669] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 64.221860] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 64.245366] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 64.247262] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 64.248537] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 64.261932] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 64.263406] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 64.264819] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 66.203448] Bluetooth: hci2: command 0x0409 tx timeout [ 66.204696] Bluetooth: hci0: command 0x0409 tx timeout [ 66.266912] Bluetooth: hci5: command 0x0409 tx timeout [ 66.268089] Bluetooth: hci3: command 0x0409 tx timeout [ 66.269107] Bluetooth: hci1: command 0x0409 tx timeout [ 66.270085] Bluetooth: hci7: command 0x0409 tx timeout [ 66.271068] Bluetooth: hci4: command 0x0409 tx timeout [ 66.331027] Bluetooth: hci6: command 0x0409 tx timeout [ 68.251268] Bluetooth: hci0: command 0x041b tx timeout [ 68.251695] Bluetooth: hci2: command 0x041b tx timeout [ 68.314829] Bluetooth: hci4: command 0x041b tx timeout [ 68.315258] Bluetooth: hci7: command 0x041b tx timeout [ 68.315612] Bluetooth: hci1: command 0x041b tx timeout [ 68.316018] Bluetooth: hci3: command 0x041b tx timeout [ 68.316397] Bluetooth: hci5: command 0x041b tx timeout [ 68.378812] Bluetooth: hci6: command 0x041b tx timeout [ 70.298840] Bluetooth: hci2: command 0x040f tx timeout [ 70.299712] Bluetooth: hci0: command 0x040f tx timeout [ 70.362954] Bluetooth: hci5: command 0x040f tx timeout [ 70.363788] Bluetooth: hci3: command 0x040f tx timeout [ 70.364575] Bluetooth: hci1: command 0x040f tx timeout [ 70.365392] Bluetooth: hci7: command 0x040f tx timeout [ 70.366182] Bluetooth: hci4: command 0x040f tx timeout [ 70.426822] Bluetooth: hci6: command 0x040f tx timeout [ 72.346893] Bluetooth: hci0: command 0x0419 tx timeout [ 72.347640] Bluetooth: hci2: command 0x0419 tx timeout [ 72.410967] Bluetooth: hci4: command 0x0419 tx timeout [ 72.411690] Bluetooth: hci7: command 0x0419 tx timeout [ 72.412430] Bluetooth: hci1: command 0x0419 tx timeout [ 72.413351] Bluetooth: hci3: command 0x0419 tx timeout [ 72.414050] Bluetooth: hci5: command 0x0419 tx timeout [ 72.474887] Bluetooth: hci6: command 0x0419 tx timeout [ 102.502758] WARNING: stack going in the wrong direction? at do_syscall_64+0x3f/0x90 [ 104.624771] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 104.625430] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 104.627260] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 104.857017] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 104.857619] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 104.859221] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 105.445287] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 105.445896] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 105.447315] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 105.580392] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 105.581117] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 105.582444] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 105.677922] audit: type=1400 audit(1676286211.619:7): avc: denied { open } for pid=3545 comm="syz-executor.7" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 [ 105.679392] audit: type=1400 audit(1676286211.620:8): avc: denied { kernel } for pid=3545 comm="syz-executor.7" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 [ 105.868742] hrtimer: interrupt took 17523 ns 11:03:31 executing program 7: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0xcc80, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_register$IORING_UNREGISTER_BUFFERS(0xffffffffffffffff, 0x1, 0x1000000, 0x0) r0 = syz_io_uring_setup(0x4cdd, &(0x7f0000000140)={0x0, 0x6c4c, 0x10, 0x3, 0x20f}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000000000), &(0x7f0000000300)) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={&(0x7f0000000040), 0xb}, 0x0, 0x20, 0x0, 0x0, 0x8}, 0x0, 0xfffffeffffffffff, 0xffffffffffffffff, 0x2) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) io_uring_enter(0xffffffffffffffff, 0x61a7, 0x29cf, 0x1, &(0x7f0000000200)={[0x135]}, 0x8) fallocate(r1, 0x0, 0x0, 0x87ffffc) pidfd_open(0x0, 0x0) getpid() ioctl$AUTOFS_DEV_IOCTL_OPENMOUNT(r1, 0xc0189374, &(0x7f00000001c0)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYBLOB="3c45a8006c6530000000000000000000"]) socket$inet6_udp(0xa, 0x2, 0x0) sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000002880), 0x4000101, 0x0) 11:03:32 executing program 7: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0xcc80, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_register$IORING_UNREGISTER_BUFFERS(0xffffffffffffffff, 0x1, 0x1000000, 0x0) r0 = syz_io_uring_setup(0x4cdd, &(0x7f0000000140)={0x0, 0x6c4c, 0x10, 0x3, 0x20f}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000000000), &(0x7f0000000300)) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={&(0x7f0000000040), 0xb}, 0x0, 0x20, 0x0, 0x0, 0x8}, 0x0, 0xfffffeffffffffff, 0xffffffffffffffff, 0x2) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) io_uring_enter(0xffffffffffffffff, 0x61a7, 0x29cf, 0x1, &(0x7f0000000200)={[0x135]}, 0x8) fallocate(r1, 0x0, 0x0, 0x87ffffc) pidfd_open(0x0, 0x0) getpid() ioctl$AUTOFS_DEV_IOCTL_OPENMOUNT(r1, 0xc0189374, &(0x7f00000001c0)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYBLOB="3c45a8006c6530000000000000000000"]) socket$inet6_udp(0xa, 0x2, 0x0) sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000002880), 0x4000101, 0x0) 11:03:32 executing program 4: mlock2(&(0x7f0000fef000/0x1000)=nil, 0x1000, 0x0) shmat(0xffffffffffffffff, &(0x7f0000fed000/0x13000)=nil, 0x0) shmat(0x0, &(0x7f0000ffe000/0x2000)=nil, 0x2000) shmat(0x0, &(0x7f0000ff2000/0x4000)=nil, 0x1000) r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x81}, 0x8, 0x7ff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x3) mincore(&(0x7f0000ffa000/0x3000)=nil, 0x3000, &(0x7f0000001700)=""/201) mmap$perf(&(0x7f0000fed000/0x3000)=nil, 0x3000, 0x0, 0x13, r0, 0x4) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x2000000000000000}, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x41, 0x0) openat2(0xffffffffffffffff, &(0x7f0000000240)='./file0\x00', &(0x7f0000000300)={0x400242, 0x21}, 0x18) r2 = ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82) ioctl$BTRFS_IOC_DEFAULT_SUBVOL(r1, 0x40089413, &(0x7f0000000180)=0xe65) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) mremap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x1000, 0x2, &(0x7f0000ff7000/0x1000)=nil) ioctl$SNAPSHOT_FREE(0xffffffffffffffff, 0x3305) sigaltstack(&(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000000)) finit_module(0xffffffffffffffff, &(0x7f00000004c0)='/dev/loop-control\x00', 0x1) semop(0x0, &(0x7f00000000c0)=[{}], 0x1) 11:03:33 executing program 7: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0xcc80, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_register$IORING_UNREGISTER_BUFFERS(0xffffffffffffffff, 0x1, 0x1000000, 0x0) r0 = syz_io_uring_setup(0x4cdd, &(0x7f0000000140)={0x0, 0x6c4c, 0x10, 0x3, 0x20f}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000000000), &(0x7f0000000300)) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={&(0x7f0000000040), 0xb}, 0x0, 0x20, 0x0, 0x0, 0x8}, 0x0, 0xfffffeffffffffff, 0xffffffffffffffff, 0x2) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) io_uring_enter(0xffffffffffffffff, 0x61a7, 0x29cf, 0x1, &(0x7f0000000200)={[0x135]}, 0x8) fallocate(r1, 0x0, 0x0, 0x87ffffc) pidfd_open(0x0, 0x0) getpid() ioctl$AUTOFS_DEV_IOCTL_OPENMOUNT(r1, 0xc0189374, &(0x7f00000001c0)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYBLOB="3c45a8006c6530000000000000000000"]) socket$inet6_udp(0xa, 0x2, 0x0) sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000002880), 0x4000101, 0x0) 11:03:33 executing program 4: mlock2(&(0x7f0000fef000/0x1000)=nil, 0x1000, 0x0) shmat(0xffffffffffffffff, &(0x7f0000fed000/0x13000)=nil, 0x0) shmat(0x0, &(0x7f0000ffe000/0x2000)=nil, 0x2000) shmat(0x0, &(0x7f0000ff2000/0x4000)=nil, 0x1000) r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x81}, 0x8, 0x7ff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x3) mincore(&(0x7f0000ffa000/0x3000)=nil, 0x3000, &(0x7f0000001700)=""/201) mmap$perf(&(0x7f0000fed000/0x3000)=nil, 0x3000, 0x0, 0x13, r0, 0x4) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x2000000000000000}, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x41, 0x0) openat2(0xffffffffffffffff, &(0x7f0000000240)='./file0\x00', &(0x7f0000000300)={0x400242, 0x21}, 0x18) r2 = ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82) ioctl$BTRFS_IOC_DEFAULT_SUBVOL(r1, 0x40089413, &(0x7f0000000180)=0xe65) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) mremap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x1000, 0x2, &(0x7f0000ff7000/0x1000)=nil) ioctl$SNAPSHOT_FREE(0xffffffffffffffff, 0x3305) sigaltstack(&(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000000)) finit_module(0xffffffffffffffff, &(0x7f00000004c0)='/dev/loop-control\x00', 0x1) semop(0x0, &(0x7f00000000c0)=[{}], 0x1) [ 107.458581] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 107.459377] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 107.460891] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready 11:03:33 executing program 4: mlock2(&(0x7f0000fef000/0x1000)=nil, 0x1000, 0x0) shmat(0xffffffffffffffff, &(0x7f0000fed000/0x13000)=nil, 0x0) shmat(0x0, &(0x7f0000ffe000/0x2000)=nil, 0x2000) shmat(0x0, &(0x7f0000ff2000/0x4000)=nil, 0x1000) r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x81}, 0x8, 0x7ff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x3) mincore(&(0x7f0000ffa000/0x3000)=nil, 0x3000, &(0x7f0000001700)=""/201) mmap$perf(&(0x7f0000fed000/0x3000)=nil, 0x3000, 0x0, 0x13, r0, 0x4) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x2000000000000000}, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x41, 0x0) openat2(0xffffffffffffffff, &(0x7f0000000240)='./file0\x00', &(0x7f0000000300)={0x400242, 0x21}, 0x18) r2 = ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82) ioctl$BTRFS_IOC_DEFAULT_SUBVOL(r1, 0x40089413, &(0x7f0000000180)=0xe65) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) mremap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x1000, 0x2, &(0x7f0000ff7000/0x1000)=nil) ioctl$SNAPSHOT_FREE(0xffffffffffffffff, 0x3305) sigaltstack(&(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000000)) finit_module(0xffffffffffffffff, &(0x7f00000004c0)='/dev/loop-control\x00', 0x1) semop(0x0, &(0x7f00000000c0)=[{}], 0x1) [ 107.569889] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 107.570527] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 107.572228] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready 11:03:33 executing program 7: mlock2(&(0x7f0000fef000/0x1000)=nil, 0x1000, 0x0) shmat(0xffffffffffffffff, &(0x7f0000fed000/0x13000)=nil, 0x0) shmat(0x0, &(0x7f0000ffe000/0x2000)=nil, 0x2000) shmat(0x0, &(0x7f0000ff2000/0x4000)=nil, 0x1000) r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x81}, 0x8, 0x7ff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x3) mincore(&(0x7f0000ffa000/0x3000)=nil, 0x3000, &(0x7f0000001700)=""/201) mmap$perf(&(0x7f0000fed000/0x3000)=nil, 0x3000, 0x0, 0x13, r0, 0x4) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x2000000000000000}, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x41, 0x0) openat2(0xffffffffffffffff, &(0x7f0000000240)='./file0\x00', &(0x7f0000000300)={0x400242, 0x21}, 0x18) r2 = ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82) ioctl$BTRFS_IOC_DEFAULT_SUBVOL(r1, 0x40089413, &(0x7f0000000180)=0xe65) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) mremap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x1000, 0x2, &(0x7f0000ff7000/0x1000)=nil) ioctl$SNAPSHOT_FREE(0xffffffffffffffff, 0x3305) sigaltstack(&(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000000)) finit_module(0xffffffffffffffff, &(0x7f00000004c0)='/dev/loop-control\x00', 0x1) semop(0x0, &(0x7f00000000c0)=[{}], 0x1) 11:03:34 executing program 7: mlock2(&(0x7f0000fef000/0x1000)=nil, 0x1000, 0x0) shmat(0xffffffffffffffff, &(0x7f0000fed000/0x13000)=nil, 0x0) shmat(0x0, &(0x7f0000ffe000/0x2000)=nil, 0x2000) shmat(0x0, &(0x7f0000ff2000/0x4000)=nil, 0x1000) r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x81}, 0x8, 0x7ff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x3) mincore(&(0x7f0000ffa000/0x3000)=nil, 0x3000, &(0x7f0000001700)=""/201) mmap$perf(&(0x7f0000fed000/0x3000)=nil, 0x3000, 0x0, 0x13, r0, 0x4) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x2000000000000000}, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x41, 0x0) openat2(0xffffffffffffffff, &(0x7f0000000240)='./file0\x00', &(0x7f0000000300)={0x400242, 0x21}, 0x18) r2 = ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82) ioctl$BTRFS_IOC_DEFAULT_SUBVOL(r1, 0x40089413, &(0x7f0000000180)=0xe65) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) mremap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x1000, 0x2, &(0x7f0000ff7000/0x1000)=nil) ioctl$SNAPSHOT_FREE(0xffffffffffffffff, 0x3305) sigaltstack(&(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000000)) finit_module(0xffffffffffffffff, &(0x7f00000004c0)='/dev/loop-control\x00', 0x1) semop(0x0, &(0x7f00000000c0)=[{}], 0x1) [ 108.777986] syz-executor.0 uses obsolete (PF_INET,SOCK_PACKET) [ 109.260658] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 109.261305] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 109.262778] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 109.320491] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 109.321310] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 109.322562] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 110.396995] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 110.397620] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 110.421676] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 110.457220] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 110.457792] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 110.460126] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 110.729183] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 110.729921] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 110.731387] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 110.782181] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 110.782768] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 110.784142] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 110.876297] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 110.876902] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 110.878293] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 110.917780] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 110.918380] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 110.919806] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 110.952277] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 110.953004] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 110.954314] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 111.015180] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 111.015759] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 111.017067] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready 11:03:37 executing program 4: mlock2(&(0x7f0000fef000/0x1000)=nil, 0x1000, 0x0) shmat(0xffffffffffffffff, &(0x7f0000fed000/0x13000)=nil, 0x0) shmat(0x0, &(0x7f0000ffe000/0x2000)=nil, 0x2000) shmat(0x0, &(0x7f0000ff2000/0x4000)=nil, 0x1000) r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x81}, 0x8, 0x7ff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x3) mincore(&(0x7f0000ffa000/0x3000)=nil, 0x3000, &(0x7f0000001700)=""/201) mmap$perf(&(0x7f0000fed000/0x3000)=nil, 0x3000, 0x0, 0x13, r0, 0x4) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x2000000000000000}, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x41, 0x0) openat2(0xffffffffffffffff, &(0x7f0000000240)='./file0\x00', &(0x7f0000000300)={0x400242, 0x21}, 0x18) r2 = ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82) ioctl$BTRFS_IOC_DEFAULT_SUBVOL(r1, 0x40089413, &(0x7f0000000180)=0xe65) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) mremap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x1000, 0x2, &(0x7f0000ff7000/0x1000)=nil) ioctl$SNAPSHOT_FREE(0xffffffffffffffff, 0x3305) sigaltstack(&(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000000)) finit_module(0xffffffffffffffff, &(0x7f00000004c0)='/dev/loop-control\x00', 0x1) semop(0x0, &(0x7f00000000c0)=[{}], 0x1) 11:03:37 executing program 7: mlock2(&(0x7f0000fef000/0x1000)=nil, 0x1000, 0x0) shmat(0xffffffffffffffff, &(0x7f0000fed000/0x13000)=nil, 0x0) shmat(0x0, &(0x7f0000ffe000/0x2000)=nil, 0x2000) shmat(0x0, &(0x7f0000ff2000/0x4000)=nil, 0x1000) r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x81}, 0x8, 0x7ff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x3) mincore(&(0x7f0000ffa000/0x3000)=nil, 0x3000, &(0x7f0000001700)=""/201) mmap$perf(&(0x7f0000fed000/0x3000)=nil, 0x3000, 0x0, 0x13, r0, 0x4) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x2000000000000000}, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x41, 0x0) openat2(0xffffffffffffffff, &(0x7f0000000240)='./file0\x00', &(0x7f0000000300)={0x400242, 0x21}, 0x18) r2 = ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82) ioctl$BTRFS_IOC_DEFAULT_SUBVOL(r1, 0x40089413, &(0x7f0000000180)=0xe65) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) mremap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x1000, 0x2, &(0x7f0000ff7000/0x1000)=nil) ioctl$SNAPSHOT_FREE(0xffffffffffffffff, 0x3305) sigaltstack(&(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000000)) finit_module(0xffffffffffffffff, &(0x7f00000004c0)='/dev/loop-control\x00', 0x1) semop(0x0, &(0x7f00000000c0)=[{}], 0x1) 11:03:37 executing program 5: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000f00)={0x0, 0x0, &(0x7f0000000ec0)={&(0x7f0000000c00)=@allocspi={0xf8, 0x16, 0x1, 0x0, 0x0, {{{@in=@private, @in6=@remote}, {@in=@local, 0x0, 0x32}, @in6=@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}, 0x40000000}}, 0xf8}}, 0x0) 11:03:37 executing program 6: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000240), 0x0) ppoll(&(0x7f0000000300)=[{}, {r0}], 0x2, &(0x7f0000000340)={0x0, 0x3938700}, 0x0, 0x0) 11:03:37 executing program 0: r0 = socket$inet(0x2, 0xa, 0x0) getpeername$inet(r0, 0x0, 0x0) 11:03:37 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file1\x00', 0x4042, 0x1) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) pwritev(r1, &(0x7f0000000080)=[{&(0x7f0000000140)='\x00', 0x1a}], 0x1, 0x7fffffc, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) sendfile(r2, r2, 0x0, 0x100000) openat(0xffffffffffffffff, &(0x7f0000000000)='./file1\x00', 0x48200, 0x100) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r0, 0x0, 0x100000) 11:03:37 executing program 2: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) r0 = inotify_init() inotify_add_watch(r0, &(0x7f0000000040)='./file0\x00', 0x4000920) creat(&(0x7f00000001c0)='./file0/file0\x00', 0x0) inotify_add_watch(r0, &(0x7f0000000080)='./file0/file0\x00', 0x42000080) creat(&(0x7f0000000000)='./file0/file0\x00', 0x0) 11:03:37 executing program 1: perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0xa, 0x0) ioctl$sock_inet_SIOCDARP(r0, 0x8953, &(0x7f0000002440)={{0x2, 0x0, @local}, {0x0, @dev}, 0x2a, {0x2, 0x0, @empty}}) 11:03:37 executing program 0: r0 = socket$inet(0x2, 0xa, 0x0) getpeername$inet(r0, 0x0, 0x0) 11:03:37 executing program 1: perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0xa, 0x0) ioctl$sock_inet_SIOCDARP(r0, 0x8953, &(0x7f0000002440)={{0x2, 0x0, @local}, {0x0, @dev}, 0x2a, {0x2, 0x0, @empty}}) 11:03:37 executing program 5: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000f00)={0x0, 0x0, &(0x7f0000000ec0)={&(0x7f0000000c00)=@allocspi={0xf8, 0x16, 0x1, 0x0, 0x0, {{{@in=@private, @in6=@remote}, {@in=@local, 0x0, 0x32}, @in6=@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}, 0x40000000}}, 0xf8}}, 0x0) 11:03:37 executing program 2: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) r0 = inotify_init() inotify_add_watch(r0, &(0x7f0000000040)='./file0\x00', 0x4000920) creat(&(0x7f00000001c0)='./file0/file0\x00', 0x0) inotify_add_watch(r0, &(0x7f0000000080)='./file0/file0\x00', 0x42000080) creat(&(0x7f0000000000)='./file0/file0\x00', 0x0) 11:03:37 executing program 6: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000240), 0x0) ppoll(&(0x7f0000000300)=[{}, {r0}], 0x2, &(0x7f0000000340)={0x0, 0x3938700}, 0x0, 0x0) 11:03:37 executing program 0: r0 = socket$inet(0x2, 0xa, 0x0) getpeername$inet(r0, 0x0, 0x0) 11:03:37 executing program 5: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000f00)={0x0, 0x0, &(0x7f0000000ec0)={&(0x7f0000000c00)=@allocspi={0xf8, 0x16, 0x1, 0x0, 0x0, {{{@in=@private, @in6=@remote}, {@in=@local, 0x0, 0x32}, @in6=@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}, 0x40000000}}, 0xf8}}, 0x0) 11:03:37 executing program 1: perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0xa, 0x0) ioctl$sock_inet_SIOCDARP(r0, 0x8953, &(0x7f0000002440)={{0x2, 0x0, @local}, {0x0, @dev}, 0x2a, {0x2, 0x0, @empty}}) 11:03:37 executing program 6: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000240), 0x0) ppoll(&(0x7f0000000300)=[{}, {r0}], 0x2, &(0x7f0000000340)={0x0, 0x3938700}, 0x0, 0x0) 11:03:37 executing program 2: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) r0 = inotify_init() inotify_add_watch(r0, &(0x7f0000000040)='./file0\x00', 0x4000920) creat(&(0x7f00000001c0)='./file0/file0\x00', 0x0) inotify_add_watch(r0, &(0x7f0000000080)='./file0/file0\x00', 0x42000080) creat(&(0x7f0000000000)='./file0/file0\x00', 0x0) 11:03:37 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file1\x00', 0x4042, 0x1) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) pwritev(r1, &(0x7f0000000080)=[{&(0x7f0000000140)='\x00', 0x1a}], 0x1, 0x7fffffc, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) sendfile(r2, r2, 0x0, 0x100000) openat(0xffffffffffffffff, &(0x7f0000000000)='./file1\x00', 0x48200, 0x100) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r0, 0x0, 0x100000) 11:03:37 executing program 7: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) r0 = inotify_init() inotify_add_watch(r0, &(0x7f0000000040)='./file0\x00', 0x4000920) creat(&(0x7f00000001c0)='./file0/file0\x00', 0x0) inotify_add_watch(r0, &(0x7f0000000080)='./file0/file0\x00', 0x42000080) creat(&(0x7f0000000000)='./file0/file0\x00', 0x0) 11:03:37 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file1\x00', 0x4042, 0x1) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) pwritev(r1, &(0x7f0000000080)=[{&(0x7f0000000140)='\x00', 0x1a}], 0x1, 0x7fffffc, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) sendfile(r2, r2, 0x0, 0x100000) openat(0xffffffffffffffff, &(0x7f0000000000)='./file1\x00', 0x48200, 0x100) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r0, 0x0, 0x100000) 11:03:37 executing program 4: mlock2(&(0x7f0000fef000/0x1000)=nil, 0x1000, 0x0) shmat(0xffffffffffffffff, &(0x7f0000fed000/0x13000)=nil, 0x0) shmat(0x0, &(0x7f0000ffe000/0x2000)=nil, 0x2000) shmat(0x0, &(0x7f0000ff2000/0x4000)=nil, 0x1000) r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x81}, 0x8, 0x7ff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x3) mincore(&(0x7f0000ffa000/0x3000)=nil, 0x3000, &(0x7f0000001700)=""/201) mmap$perf(&(0x7f0000fed000/0x3000)=nil, 0x3000, 0x0, 0x13, r0, 0x4) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x2000000000000000}, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x41, 0x0) openat2(0xffffffffffffffff, &(0x7f0000000240)='./file0\x00', &(0x7f0000000300)={0x400242, 0x21}, 0x18) r2 = ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82) ioctl$BTRFS_IOC_DEFAULT_SUBVOL(r1, 0x40089413, &(0x7f0000000180)=0xe65) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) mremap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x1000, 0x2, &(0x7f0000ff7000/0x1000)=nil) ioctl$SNAPSHOT_FREE(0xffffffffffffffff, 0x3305) sigaltstack(&(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000000)) finit_module(0xffffffffffffffff, &(0x7f00000004c0)='/dev/loop-control\x00', 0x1) semop(0x0, &(0x7f00000000c0)=[{}], 0x1) 11:03:37 executing program 1: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) r0 = inotify_init() inotify_add_watch(r0, &(0x7f0000000040)='./file0\x00', 0x4000920) creat(&(0x7f00000001c0)='./file0/file0\x00', 0x0) inotify_add_watch(r0, &(0x7f0000000080)='./file0/file0\x00', 0x42000080) creat(&(0x7f0000000000)='./file0/file0\x00', 0x0) 11:03:37 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file1\x00', 0x4042, 0x1) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) pwritev(r1, &(0x7f0000000080)=[{&(0x7f0000000140)='\x00', 0x1a}], 0x1, 0x7fffffc, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) sendfile(r2, r2, 0x0, 0x100000) openat(0xffffffffffffffff, &(0x7f0000000000)='./file1\x00', 0x48200, 0x100) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r0, 0x0, 0x100000) 11:03:37 executing program 1: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) r0 = inotify_init() inotify_add_watch(r0, &(0x7f0000000040)='./file0\x00', 0x4000920) creat(&(0x7f00000001c0)='./file0/file0\x00', 0x0) inotify_add_watch(r0, &(0x7f0000000080)='./file0/file0\x00', 0x42000080) creat(&(0x7f0000000000)='./file0/file0\x00', 0x0) 11:03:37 executing program 7: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) r0 = inotify_init() inotify_add_watch(r0, &(0x7f0000000040)='./file0\x00', 0x4000920) creat(&(0x7f00000001c0)='./file0/file0\x00', 0x0) inotify_add_watch(r0, &(0x7f0000000080)='./file0/file0\x00', 0x42000080) creat(&(0x7f0000000000)='./file0/file0\x00', 0x0) 11:03:38 executing program 7: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) r0 = inotify_init() inotify_add_watch(r0, &(0x7f0000000040)='./file0\x00', 0x4000920) creat(&(0x7f00000001c0)='./file0/file0\x00', 0x0) inotify_add_watch(r0, &(0x7f0000000080)='./file0/file0\x00', 0x42000080) creat(&(0x7f0000000000)='./file0/file0\x00', 0x0) 11:03:38 executing program 2: perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0xa, 0x0) ioctl$sock_inet_SIOCDARP(r0, 0x8953, &(0x7f0000002440)={{0x2, 0x0, @local}, {0x0, @dev}, 0x2a, {0x2, 0x0, @empty}}) 11:03:38 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file1\x00', 0x4042, 0x1) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) pwritev(r1, &(0x7f0000000080)=[{&(0x7f0000000140)='\x00', 0x1a}], 0x1, 0x7fffffc, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) sendfile(r2, r2, 0x0, 0x100000) openat(0xffffffffffffffff, &(0x7f0000000000)='./file1\x00', 0x48200, 0x100) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r0, 0x0, 0x100000) 11:03:38 executing program 2: perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0xa, 0x0) ioctl$sock_inet_SIOCDARP(r0, 0x8953, &(0x7f0000002440)={{0x2, 0x0, @local}, {0x0, @dev}, 0x2a, {0x2, 0x0, @empty}}) 11:03:38 executing program 1: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) r0 = inotify_init() inotify_add_watch(r0, &(0x7f0000000040)='./file0\x00', 0x4000920) creat(&(0x7f00000001c0)='./file0/file0\x00', 0x0) inotify_add_watch(r0, &(0x7f0000000080)='./file0/file0\x00', 0x42000080) creat(&(0x7f0000000000)='./file0/file0\x00', 0x0) 11:03:38 executing program 7: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0xcc80, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_register$IORING_UNREGISTER_BUFFERS(0xffffffffffffffff, 0x1, 0x1000000, 0x0) r0 = syz_io_uring_setup(0x4cdd, &(0x7f0000000140)={0x0, 0x6c4c, 0x10, 0x3, 0x20f}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000000000), &(0x7f0000000300)) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={&(0x7f0000000040), 0xb}, 0x0, 0x20, 0x0, 0x0, 0x8}, 0x0, 0xfffffeffffffffff, 0xffffffffffffffff, 0x2) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) io_uring_enter(0xffffffffffffffff, 0x61a7, 0x29cf, 0x1, &(0x7f0000000200)={[0x135]}, 0x8) fallocate(r1, 0x0, 0x0, 0x87ffffc) pidfd_open(0x0, 0x0) getpid() ioctl$AUTOFS_DEV_IOCTL_OPENMOUNT(r1, 0xc0189374, &(0x7f00000001c0)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYBLOB="3c45a8006c6530000000000000000000"]) socket$inet6_udp(0xa, 0x2, 0x0) sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000002880), 0x4000101, 0x0) 11:03:38 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file1\x00', 0x4042, 0x1) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) pwritev(r1, &(0x7f0000000080)=[{&(0x7f0000000140)='\x00', 0x1a}], 0x1, 0x7fffffc, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) sendfile(r2, r2, 0x0, 0x100000) openat(0xffffffffffffffff, &(0x7f0000000000)='./file1\x00', 0x48200, 0x100) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r0, 0x0, 0x100000) 11:03:38 executing program 4: mlock2(&(0x7f0000fef000/0x1000)=nil, 0x1000, 0x0) shmat(0xffffffffffffffff, &(0x7f0000fed000/0x13000)=nil, 0x0) shmat(0x0, &(0x7f0000ffe000/0x2000)=nil, 0x2000) shmat(0x0, &(0x7f0000ff2000/0x4000)=nil, 0x1000) r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x81}, 0x8, 0x7ff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x3) mincore(&(0x7f0000ffa000/0x3000)=nil, 0x3000, &(0x7f0000001700)=""/201) mmap$perf(&(0x7f0000fed000/0x3000)=nil, 0x3000, 0x0, 0x13, r0, 0x4) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x2000000000000000}, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x41, 0x0) openat2(0xffffffffffffffff, &(0x7f0000000240)='./file0\x00', &(0x7f0000000300)={0x400242, 0x21}, 0x18) r2 = ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82) ioctl$BTRFS_IOC_DEFAULT_SUBVOL(r1, 0x40089413, &(0x7f0000000180)=0xe65) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) mremap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x1000, 0x2, &(0x7f0000ff7000/0x1000)=nil) ioctl$SNAPSHOT_FREE(0xffffffffffffffff, 0x3305) sigaltstack(&(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000000)) finit_module(0xffffffffffffffff, &(0x7f00000004c0)='/dev/loop-control\x00', 0x1) semop(0x0, &(0x7f00000000c0)=[{}], 0x1) 11:03:38 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file1\x00', 0x4042, 0x1) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) pwritev(r1, &(0x7f0000000080)=[{&(0x7f0000000140)='\x00', 0x1a}], 0x1, 0x7fffffc, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) sendfile(r2, r2, 0x0, 0x100000) openat(0xffffffffffffffff, &(0x7f0000000000)='./file1\x00', 0x48200, 0x100) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r0, 0x0, 0x100000) 11:03:38 executing program 6: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0xcc80, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_register$IORING_UNREGISTER_BUFFERS(0xffffffffffffffff, 0x1, 0x1000000, 0x0) r0 = syz_io_uring_setup(0x4cdd, &(0x7f0000000140)={0x0, 0x6c4c, 0x10, 0x3, 0x20f}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000000000), &(0x7f0000000300)) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={&(0x7f0000000040), 0xb}, 0x0, 0x20, 0x0, 0x0, 0x8}, 0x0, 0xfffffeffffffffff, 0xffffffffffffffff, 0x2) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) io_uring_enter(0xffffffffffffffff, 0x61a7, 0x29cf, 0x1, &(0x7f0000000200)={[0x135]}, 0x8) fallocate(r1, 0x0, 0x0, 0x87ffffc) pidfd_open(0x0, 0x0) getpid() ioctl$AUTOFS_DEV_IOCTL_OPENMOUNT(r1, 0xc0189374, &(0x7f00000001c0)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYBLOB="3c45a8006c6530000000000000000000"]) socket$inet6_udp(0xa, 0x2, 0x0) sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000002880), 0x4000101, 0x0) VM DIAGNOSIS: 11:03:28 Registers: info registers vcpu 0 RAX=0000000000000046 RBX=ffffffff87aeffc0 RCX=1ffffffff0ba2dc2 RDX=0000000000000004 RSI=ffffffff85609da0 RDI=ffff88801451d9f0 RBP=0000000000000020 RSP=ffff88803b4bfb10 R8 =0000000000000000 R9 =0000000000000001 R10=fffffbfff0ba2b9a R11=0000000000000001 R12=ffff88800f228480 R13=0000000000000001 R14=0000607f92e0ec10 R15=0000000000000002 RIP=ffffffff812ce206 RFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0000 0000000000000000 00000000 00000000 DS =0000 0000000000000000 00000000 00000000 FS =0000 00007f778707b540 00000000 00000000 GS =0000 ffff88806ce00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe78d8111000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe78d810f000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007f77870cab90 CR3=00000000068f2000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=756e696c2d34365f3638782f62696c2f XMM01=6f732e616d7a6c62696c2f756e672d78 XMM02=00352e6f732e616d7a6c62696c2f756e XMM03=672d78756e696c2d34365f3638782f62 XMM04=00000000000000000000000000000000 XMM05=00000000000000000000000000000000 XMM06=00000000000000000000000000000000 XMM07=00000000000000000000000000000000 XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000 XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000 info registers vcpu 1 RAX=ffffffff877669e0 RBX=1ffff11001976eb1 RCX=0000000000000000 RDX=1ffff1100d9e7bed RSI=0000000000000000 RDI=ffff88806cf3df68 RBP=0000000000000000 RSP=ffff88800cbb73f8 R8 =0000000000000001 R9 =0000000000000001 R10=0000000000000001 R11=0000000000000001 R12=0000000000000000 R13=ffff88800fb38000 R14=ffff88806cf3df60 R15=0000000000000000 RIP=ffffffff812cf288 RFL=00000082 [--S----] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 0000000000000000 00000000 00000000 GS =0000 ffff88806cf00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe329ef08000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe329ef06000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007fa62d291030 CR3=0000000016848000 CR4=00350ee0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=00000000000000000000000000000000 XMM01=0000000000ff00000000000000ff0000 XMM02=0000ff00000000000000000000ff0000 XMM03=000000000000ff000000000000000000 XMM04=00ff0000000000000000000000000000 XMM05=00000000000000000000000000000000 XMM06=00000000000000000000000000000000 XMM07=00000000000000000000000000000000 XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000 XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000