Warning: Permanently added '[localhost]:26172' (ECDSA) to the list of known hosts. 2025/08/29 13:38:53 fuzzer started 2025/08/29 13:38:54 dialing manager at localhost:43077 syzkaller login: [ 49.550670] cgroup: Unknown subsys name 'net' [ 49.624996] cgroup: Unknown subsys name 'cpuset' [ 49.637367] cgroup: Unknown subsys name 'rlimit' 2025/08/29 13:39:05 syscalls: 2214 2025/08/29 13:39:05 code coverage: enabled 2025/08/29 13:39:05 comparison tracing: enabled 2025/08/29 13:39:05 extra coverage: enabled 2025/08/29 13:39:05 setuid sandbox: enabled 2025/08/29 13:39:05 namespace sandbox: enabled 2025/08/29 13:39:05 Android sandbox: enabled 2025/08/29 13:39:05 fault injection: enabled 2025/08/29 13:39:05 leak checking: enabled 2025/08/29 13:39:05 net packet injection: enabled 2025/08/29 13:39:05 net device setup: enabled 2025/08/29 13:39:05 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2025/08/29 13:39:05 devlink PCI setup: PCI device 0000:00:10.0 is not available 2025/08/29 13:39:05 USB emulation: enabled 2025/08/29 13:39:05 hci packet injection: enabled 2025/08/29 13:39:05 wifi device emulation: enabled 2025/08/29 13:39:05 802.15.4 emulation: enabled 2025/08/29 13:39:05 fetching corpus: 0, signal 0/2000 (executing program) 2025/08/29 13:39:05 fetching corpus: 50, signal 18624/22266 (executing program) 2025/08/29 13:39:05 fetching corpus: 100, signal 34520/39511 (executing program) 2025/08/29 13:39:05 fetching corpus: 150, signal 41653/48034 (executing program) 2025/08/29 13:39:05 fetching corpus: 200, signal 47653/55336 (executing program) 2025/08/29 13:39:05 fetching corpus: 250, signal 53808/62680 (executing program) 2025/08/29 13:39:05 fetching corpus: 300, signal 57683/67798 (executing program) 2025/08/29 13:39:05 fetching corpus: 350, signal 60510/71820 (executing program) 2025/08/29 13:39:05 fetching corpus: 400, signal 64890/77193 (executing program) 2025/08/29 13:39:05 fetching corpus: 450, signal 68680/81971 (executing program) 2025/08/29 13:39:06 fetching corpus: 500, signal 72434/86598 (executing program) 2025/08/29 13:39:06 fetching corpus: 550, signal 74911/90063 (executing program) 2025/08/29 13:39:06 fetching corpus: 600, signal 78928/94870 (executing program) 2025/08/29 13:39:06 fetching corpus: 650, signal 81418/98204 (executing program) 2025/08/29 13:39:06 fetching corpus: 700, signal 83209/100927 (executing program) 2025/08/29 13:39:06 fetching corpus: 750, signal 85219/103805 (executing program) 2025/08/29 13:39:06 fetching corpus: 800, signal 87122/106577 (executing program) 2025/08/29 13:39:06 fetching corpus: 850, signal 88298/108699 (executing program) 2025/08/29 13:39:06 fetching corpus: 900, signal 91322/112305 (executing program) 2025/08/29 13:39:06 fetching corpus: 950, signal 92911/114679 (executing program) 2025/08/29 13:39:06 fetching corpus: 1000, signal 94208/116738 (executing program) 2025/08/29 13:39:06 fetching corpus: 1050, signal 96152/119330 (executing program) 2025/08/29 13:39:07 fetching corpus: 1100, signal 97812/121660 (executing program) 2025/08/29 13:39:07 fetching corpus: 1150, signal 99431/123953 (executing program) 2025/08/29 13:39:07 fetching corpus: 1200, signal 100738/125957 (executing program) 2025/08/29 13:39:07 fetching corpus: 1250, signal 101819/127797 (executing program) 2025/08/29 13:39:07 fetching corpus: 1300, signal 102983/129717 (executing program) 2025/08/29 13:39:07 fetching corpus: 1350, signal 104084/131525 (executing program) 2025/08/29 13:39:07 fetching corpus: 1400, signal 105488/133497 (executing program) 2025/08/29 13:39:07 fetching corpus: 1450, signal 106774/135336 (executing program) 2025/08/29 13:39:07 fetching corpus: 1500, signal 108044/137176 (executing program) 2025/08/29 13:39:07 fetching corpus: 1550, signal 110213/139675 (executing program) 2025/08/29 13:39:07 fetching corpus: 1600, signal 111252/141269 (executing program) 2025/08/29 13:39:07 fetching corpus: 1650, signal 113602/143715 (executing program) 2025/08/29 13:39:08 fetching corpus: 1700, signal 114755/145351 (executing program) 2025/08/29 13:39:08 fetching corpus: 1750, signal 115752/146876 (executing program) 2025/08/29 13:39:08 fetching corpus: 1800, signal 116600/148332 (executing program) 2025/08/29 13:39:08 fetching corpus: 1850, signal 118869/150597 (executing program) 2025/08/29 13:39:08 fetching corpus: 1900, signal 119693/151956 (executing program) 2025/08/29 13:39:08 fetching corpus: 1950, signal 120815/153489 (executing program) 2025/08/29 13:39:08 fetching corpus: 2000, signal 122542/155358 (executing program) 2025/08/29 13:39:08 fetching corpus: 2050, signal 123939/157001 (executing program) 2025/08/29 13:39:08 fetching corpus: 2100, signal 125022/158449 (executing program) 2025/08/29 13:39:08 fetching corpus: 2150, signal 125952/159703 (executing program) 2025/08/29 13:39:08 fetching corpus: 2200, signal 127100/161165 (executing program) 2025/08/29 13:39:08 fetching corpus: 2250, signal 128233/162606 (executing program) 2025/08/29 13:39:09 fetching corpus: 2300, signal 128986/163786 (executing program) 2025/08/29 13:39:09 fetching corpus: 2350, signal 129695/164928 (executing program) 2025/08/29 13:39:09 fetching corpus: 2400, signal 130648/166160 (executing program) 2025/08/29 13:39:09 fetching corpus: 2450, signal 131760/167418 (executing program) 2025/08/29 13:39:09 fetching corpus: 2498, signal 132498/168492 (executing program) 2025/08/29 13:39:09 fetching corpus: 2548, signal 133367/169587 (executing program) 2025/08/29 13:39:09 fetching corpus: 2598, signal 133990/170556 (executing program) 2025/08/29 13:39:09 fetching corpus: 2648, signal 134820/171651 (executing program) 2025/08/29 13:39:09 fetching corpus: 2698, signal 135973/172933 (executing program) 2025/08/29 13:39:09 fetching corpus: 2747, signal 136621/173923 (executing program) 2025/08/29 13:39:10 fetching corpus: 2796, signal 137147/174816 (executing program) 2025/08/29 13:39:10 fetching corpus: 2845, signal 137595/175660 (executing program) 2025/08/29 13:39:10 fetching corpus: 2895, signal 138463/176723 (executing program) 2025/08/29 13:39:10 fetching corpus: 2945, signal 139711/177894 (executing program) 2025/08/29 13:39:10 fetching corpus: 2995, signal 140649/178901 (executing program) 2025/08/29 13:39:10 fetching corpus: 3045, signal 141710/179924 (executing program) 2025/08/29 13:39:10 fetching corpus: 3095, signal 142421/180809 (executing program) 2025/08/29 13:39:10 fetching corpus: 3145, signal 143465/181765 (executing program) 2025/08/29 13:39:10 fetching corpus: 3195, signal 144681/182822 (executing program) 2025/08/29 13:39:10 fetching corpus: 3245, signal 145258/183588 (executing program) 2025/08/29 13:39:10 fetching corpus: 3295, signal 145710/184308 (executing program) 2025/08/29 13:39:11 fetching corpus: 3345, signal 146359/185053 (executing program) 2025/08/29 13:39:11 fetching corpus: 3395, signal 147349/185931 (executing program) 2025/08/29 13:39:11 fetching corpus: 3445, signal 148367/186855 (executing program) 2025/08/29 13:39:11 fetching corpus: 3495, signal 149046/187598 (executing program) 2025/08/29 13:39:11 fetching corpus: 3545, signal 149641/188317 (executing program) 2025/08/29 13:39:11 fetching corpus: 3595, signal 150148/189062 (executing program) 2025/08/29 13:39:11 fetching corpus: 3645, signal 150798/189783 (executing program) 2025/08/29 13:39:11 fetching corpus: 3695, signal 151208/190399 (executing program) 2025/08/29 13:39:11 fetching corpus: 3745, signal 151937/191117 (executing program) 2025/08/29 13:39:11 fetching corpus: 3795, signal 152373/191763 (executing program) 2025/08/29 13:39:12 fetching corpus: 3844, signal 152773/192398 (executing program) 2025/08/29 13:39:12 fetching corpus: 3894, signal 153219/192981 (executing program) 2025/08/29 13:39:12 fetching corpus: 3943, signal 153643/193560 (executing program) 2025/08/29 13:39:12 fetching corpus: 3993, signal 154200/194181 (executing program) 2025/08/29 13:39:12 fetching corpus: 4042, signal 154787/194824 (executing program) 2025/08/29 13:39:12 fetching corpus: 4092, signal 155289/195441 (executing program) 2025/08/29 13:39:12 fetching corpus: 4142, signal 155695/195999 (executing program) 2025/08/29 13:39:12 fetching corpus: 4192, signal 156095/196575 (executing program) 2025/08/29 13:39:12 fetching corpus: 4242, signal 156477/197123 (executing program) 2025/08/29 13:39:12 fetching corpus: 4292, signal 156990/197698 (executing program) 2025/08/29 13:39:12 fetching corpus: 4341, signal 157334/198228 (executing program) 2025/08/29 13:39:12 fetching corpus: 4390, signal 157843/198764 (executing program) 2025/08/29 13:39:13 fetching corpus: 4440, signal 158295/199302 (executing program) 2025/08/29 13:39:13 fetching corpus: 4490, signal 158956/199840 (executing program) 2025/08/29 13:39:13 fetching corpus: 4540, signal 159497/200400 (executing program) 2025/08/29 13:39:13 fetching corpus: 4590, signal 159868/200880 (executing program) 2025/08/29 13:39:13 fetching corpus: 4640, signal 160231/201359 (executing program) 2025/08/29 13:39:13 fetching corpus: 4690, signal 160823/201826 (executing program) 2025/08/29 13:39:13 fetching corpus: 4740, signal 161439/202344 (executing program) 2025/08/29 13:39:13 fetching corpus: 4790, signal 161927/202827 (executing program) 2025/08/29 13:39:13 fetching corpus: 4840, signal 162281/203258 (executing program) 2025/08/29 13:39:13 fetching corpus: 4890, signal 162887/203671 (executing program) 2025/08/29 13:39:13 fetching corpus: 4940, signal 163469/203833 (executing program) 2025/08/29 13:39:13 fetching corpus: 4990, signal 163860/203842 (executing program) 2025/08/29 13:39:14 fetching corpus: 5040, signal 164363/203845 (executing program) 2025/08/29 13:39:14 fetching corpus: 5090, signal 164671/203857 (executing program) 2025/08/29 13:39:14 fetching corpus: 5139, signal 165024/203894 (executing program) 2025/08/29 13:39:14 fetching corpus: 5189, signal 165502/203929 (executing program) 2025/08/29 13:39:14 fetching corpus: 5239, signal 165904/203938 (executing program) 2025/08/29 13:39:14 fetching corpus: 5289, signal 166373/203953 (executing program) 2025/08/29 13:39:14 fetching corpus: 5338, signal 166678/203974 (executing program) 2025/08/29 13:39:14 fetching corpus: 5388, signal 167206/203981 (executing program) 2025/08/29 13:39:14 fetching corpus: 5438, signal 167793/203991 (executing program) 2025/08/29 13:39:14 fetching corpus: 5488, signal 168205/203995 (executing program) 2025/08/29 13:39:14 fetching corpus: 5538, signal 168742/203997 (executing program) 2025/08/29 13:39:14 fetching corpus: 5588, signal 169156/204010 (executing program) 2025/08/29 13:39:15 fetching corpus: 5638, signal 169776/204023 (executing program) 2025/08/29 13:39:15 fetching corpus: 5688, signal 170149/204032 (executing program) 2025/08/29 13:39:15 fetching corpus: 5738, signal 170503/204041 (executing program) 2025/08/29 13:39:15 fetching corpus: 5788, signal 170802/204043 (executing program) 2025/08/29 13:39:15 fetching corpus: 5838, signal 171142/204051 (executing program) 2025/08/29 13:39:15 fetching corpus: 5888, signal 171379/204064 (executing program) 2025/08/29 13:39:15 fetching corpus: 5938, signal 171701/204078 (executing program) 2025/08/29 13:39:15 fetching corpus: 5988, signal 171985/204098 (executing program) 2025/08/29 13:39:15 fetching corpus: 6037, signal 172492/204111 (executing program) 2025/08/29 13:39:15 fetching corpus: 6087, signal 173029/204115 (executing program) 2025/08/29 13:39:15 fetching corpus: 6137, signal 173398/204117 (executing program) 2025/08/29 13:39:15 fetching corpus: 6187, signal 174474/204123 (executing program) 2025/08/29 13:39:16 fetching corpus: 6237, signal 174805/204127 (executing program) 2025/08/29 13:39:16 fetching corpus: 6287, signal 175077/204140 (executing program) 2025/08/29 13:39:16 fetching corpus: 6337, signal 175406/204146 (executing program) 2025/08/29 13:39:16 fetching corpus: 6387, signal 175763/204181 (executing program) 2025/08/29 13:39:16 fetching corpus: 6437, signal 175981/204192 (executing program) 2025/08/29 13:39:16 fetching corpus: 6487, signal 176314/204199 (executing program) 2025/08/29 13:39:16 fetching corpus: 6537, signal 176682/204267 (executing program) 2025/08/29 13:39:16 fetching corpus: 6587, signal 177081/204283 (executing program) 2025/08/29 13:39:16 fetching corpus: 6637, signal 177595/204287 (executing program) 2025/08/29 13:39:16 fetching corpus: 6687, signal 177922/204290 (executing program) 2025/08/29 13:39:17 fetching corpus: 6737, signal 178470/204305 (executing program) 2025/08/29 13:39:17 fetching corpus: 6787, signal 178799/204312 (executing program) 2025/08/29 13:39:17 fetching corpus: 6837, signal 179070/204319 (executing program) 2025/08/29 13:39:17 fetching corpus: 6887, signal 179291/204319 (executing program) 2025/08/29 13:39:17 fetching corpus: 6937, signal 179806/204340 (executing program) 2025/08/29 13:39:17 fetching corpus: 6987, signal 180108/204363 (executing program) 2025/08/29 13:39:17 fetching corpus: 7037, signal 180473/204418 (executing program) 2025/08/29 13:39:17 fetching corpus: 7087, signal 180769/204426 (executing program) 2025/08/29 13:39:17 fetching corpus: 7137, signal 181058/204428 (executing program) 2025/08/29 13:39:17 fetching corpus: 7187, signal 181461/204430 (executing program) 2025/08/29 13:39:17 fetching corpus: 7237, signal 181816/204432 (executing program) 2025/08/29 13:39:17 fetching corpus: 7287, signal 182063/204433 (executing program) 2025/08/29 13:39:17 fetching corpus: 7337, signal 182436/204435 (executing program) 2025/08/29 13:39:18 fetching corpus: 7387, signal 182788/204439 (executing program) 2025/08/29 13:39:18 fetching corpus: 7436, signal 183167/204503 (executing program) 2025/08/29 13:39:18 fetching corpus: 7486, signal 183495/204514 (executing program) 2025/08/29 13:39:18 fetching corpus: 7535, signal 183761/204516 (executing program) 2025/08/29 13:39:18 fetching corpus: 7584, signal 184105/204517 (executing program) 2025/08/29 13:39:18 fetching corpus: 7634, signal 184515/204528 (executing program) 2025/08/29 13:39:18 fetching corpus: 7683, signal 184772/204568 (executing program) 2025/08/29 13:39:18 fetching corpus: 7733, signal 185044/204575 (executing program) 2025/08/29 13:39:18 fetching corpus: 7783, signal 185325/204589 (executing program) 2025/08/29 13:39:18 fetching corpus: 7833, signal 185529/204589 (executing program) 2025/08/29 13:39:18 fetching corpus: 7883, signal 185986/204589 (executing program) 2025/08/29 13:39:19 fetching corpus: 7932, signal 186187/204600 (executing program) 2025/08/29 13:39:19 fetching corpus: 7982, signal 186557/204601 (executing program) 2025/08/29 13:39:19 fetching corpus: 8032, signal 186777/204615 (executing program) 2025/08/29 13:39:19 fetching corpus: 8082, signal 187033/204632 (executing program) 2025/08/29 13:39:19 fetching corpus: 8132, signal 187387/204641 (executing program) 2025/08/29 13:39:19 fetching corpus: 8182, signal 187640/204647 (executing program) 2025/08/29 13:39:19 fetching corpus: 8232, signal 187922/204650 (executing program) 2025/08/29 13:39:19 fetching corpus: 8282, signal 188167/204652 (executing program) 2025/08/29 13:39:19 fetching corpus: 8332, signal 188549/204677 (executing program) 2025/08/29 13:39:19 fetching corpus: 8382, signal 188782/204701 (executing program) 2025/08/29 13:39:20 fetching corpus: 8432, signal 189180/204701 (executing program) 2025/08/29 13:39:20 fetching corpus: 8482, signal 189431/204707 (executing program) 2025/08/29 13:39:20 fetching corpus: 8532, signal 189674/204718 (executing program) 2025/08/29 13:39:20 fetching corpus: 8581, signal 189908/204734 (executing program) 2025/08/29 13:39:20 fetching corpus: 8631, signal 190130/204744 (executing program) 2025/08/29 13:39:20 fetching corpus: 8679, signal 190381/204759 (executing program) 2025/08/29 13:39:20 fetching corpus: 8729, signal 190802/204769 (executing program) 2025/08/29 13:39:20 fetching corpus: 8779, signal 191101/204774 (executing program) 2025/08/29 13:39:20 fetching corpus: 8829, signal 191374/204780 (executing program) 2025/08/29 13:39:20 fetching corpus: 8879, signal 191583/204796 (executing program) 2025/08/29 13:39:20 fetching corpus: 8929, signal 191742/204800 (executing program) 2025/08/29 13:39:21 fetching corpus: 8979, signal 192063/204922 (executing program) 2025/08/29 13:39:21 fetching corpus: 9028, signal 192298/204929 (executing program) 2025/08/29 13:39:21 fetching corpus: 9078, signal 192542/204933 (executing program) 2025/08/29 13:39:21 fetching corpus: 9128, signal 192798/204977 (executing program) 2025/08/29 13:39:21 fetching corpus: 9178, signal 192966/204997 (executing program) 2025/08/29 13:39:21 fetching corpus: 9228, signal 193309/205000 (executing program) 2025/08/29 13:39:21 fetching corpus: 9278, signal 193600/205001 (executing program) 2025/08/29 13:39:21 fetching corpus: 9328, signal 193811/205009 (executing program) 2025/08/29 13:39:21 fetching corpus: 9378, signal 193960/205014 (executing program) 2025/08/29 13:39:21 fetching corpus: 9428, signal 194282/205042 (executing program) 2025/08/29 13:39:21 fetching corpus: 9478, signal 194525/205043 (executing program) 2025/08/29 13:39:21 fetching corpus: 9528, signal 194743/205066 (executing program) 2025/08/29 13:39:21 fetching corpus: 9578, signal 194996/205066 (executing program) 2025/08/29 13:39:21 fetching corpus: 9628, signal 195130/205079 (executing program) 2025/08/29 13:39:22 fetching corpus: 9678, signal 195359/205091 (executing program) 2025/08/29 13:39:22 fetching corpus: 9728, signal 195575/205094 (executing program) 2025/08/29 13:39:22 fetching corpus: 9778, signal 195859/205120 (executing program) 2025/08/29 13:39:22 fetching corpus: 9828, signal 196032/205121 (executing program) 2025/08/29 13:39:22 fetching corpus: 9878, signal 196326/205136 (executing program) 2025/08/29 13:39:22 fetching corpus: 9928, signal 196559/205152 (executing program) 2025/08/29 13:39:22 fetching corpus: 9977, signal 196755/205152 (executing program) 2025/08/29 13:39:22 fetching corpus: 10027, signal 196947/205154 (executing program) 2025/08/29 13:39:22 fetching corpus: 10077, signal 197119/205172 (executing program) 2025/08/29 13:39:22 fetching corpus: 10127, signal 197304/205178 (executing program) 2025/08/29 13:39:22 fetching corpus: 10177, signal 197434/205179 (executing program) 2025/08/29 13:39:23 fetching corpus: 10226, signal 197618/205179 (executing program) 2025/08/29 13:39:23 fetching corpus: 10276, signal 197930/205179 (executing program) 2025/08/29 13:39:23 fetching corpus: 10325, signal 198120/205183 (executing program) 2025/08/29 13:39:23 fetching corpus: 10375, signal 198331/205185 (executing program) 2025/08/29 13:39:23 fetching corpus: 10425, signal 198551/205197 (executing program) 2025/08/29 13:39:23 fetching corpus: 10475, signal 198814/205236 (executing program) 2025/08/29 13:39:23 fetching corpus: 10525, signal 199004/205244 (executing program) 2025/08/29 13:39:23 fetching corpus: 10574, signal 199216/205260 (executing program) 2025/08/29 13:39:23 fetching corpus: 10624, signal 199461/205261 (executing program) 2025/08/29 13:39:23 fetching corpus: 10674, signal 199669/205299 (executing program) 2025/08/29 13:39:23 fetching corpus: 10724, signal 199942/205299 (executing program) 2025/08/29 13:39:23 fetching corpus: 10774, signal 200154/205301 (executing program) 2025/08/29 13:39:24 fetching corpus: 10824, signal 200342/205310 (executing program) 2025/08/29 13:39:24 fetching corpus: 10874, signal 200508/205310 (executing program) 2025/08/29 13:39:24 fetching corpus: 10924, signal 200776/205324 (executing program) 2025/08/29 13:39:24 fetching corpus: 10974, signal 200987/205336 (executing program) 2025/08/29 13:39:24 fetching corpus: 11024, signal 201102/205346 (executing program) 2025/08/29 13:39:24 fetching corpus: 11043, signal 201221/205346 (executing program) 2025/08/29 13:39:24 fetching corpus: 11043, signal 201221/205346 (executing program) 2025/08/29 13:39:26 starting 8 fuzzer processes 13:39:26 executing program 0: r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x80, 0x0) openat$vcsa(0xffffffffffffff9c, &(0x7f0000000280), 0x800, 0x0) getsockopt$inet6_IPV6_IPSEC_POLICY(r0, 0x29, 0x22, 0x0, &(0x7f0000000400)) r2 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) write(r2, &(0x7f0000000900)="5ed0b2ff68d76fb346352b602a2a1295cbe01cb3f64fbed9e7f9bc9be0f300cb97f6a204cc586e45dfb949002f61f8fb969dd435dd0c37c5077e5b10cfeafd75205e215b167323a3b971b0ec98e6c3d4d825cae01271cb35cdd091e4872367f354e0dc81a7e4ac79775bc1dcaafe2f5079da79d1989f1ddce6722fc438a7217526cfe75d53471624d6f091e19a7fb699ea27efa9e0fd1914e7c35f297afd9b9b85ff0ce7a982f4fa0c172ea5f06479eec302f30e5df66273717e028f4ca7d4c5b6bc8a3c3c67f688195f22488a15d9e1f7e5fed3a6c2aba7bc308b0e2c5657f4538f4a3bf9b975bb887a901ab3c85261be3e331b741313e78b5ad63b7b1b378e9c79dc4a95b2b4d15cd1d1b808844378f882a72af1e5b0eefd356e0247246e60643204c3b46183dbe4e066c55cb1dcdaa7b70ef43ab2fa4d2b8c4c1a89cb0e325fd9716874d3856cf368efd1f92d21214e55e4de647c37c71887d11f74f9afe1616e3054ceae601e4b3555e243c1882ad42c7730caeb309e7714ad87c55e9fba308cfc4161e562abde3ac4f3d7e0a3584d4928100197f102307c05c0b4b4898b0591bc1433af443478979f28e6136ffb21aaeac2be5490475a08", 0x1ba) r3 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) fcntl$setstatus(r2, 0x4, 0x44000) sendfile(r2, r3, 0x0, 0xfdef) sendfile(r0, r1, 0x0, 0xfdef) 13:39:26 executing program 7: r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000b80), 0x0) ioctl$SNDRV_SEQ_IOCTL_UNSUBSCRIBE_PORT(r0, 0x40505331, &(0x7f0000000bc0)={{}, {0x0, 0x62}}) 13:39:26 executing program 1: move_pages(0x0, 0x1f9, &(0x7f0000000040)=[&(0x7f0000ffc000/0x4000)=nil], &(0x7f0000000080), &(0x7f0000000000)=[0x0], 0x0) 13:39:26 executing program 2: r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/config', 0x0, 0x0) fchmod(r0, 0x0) 13:39:26 executing program 3: r0 = mq_open(&(0x7f00000001c0)='{#:E,,\x00\x9e\\\xe5\x9a\x86{w\x1f1\xfcN\x85U_0\x96\x13\xab\x12\b\x00\x00\x00\xfe\xc6\xf3y\x05\x8deeU?5\x19\x88\xef;:\xb2#\x1b\\\x98\xe6`k9D\xca\xd5\xd0s\xb5!.\x04+\xa3\xc4:\xdbj\xfb\x0f\xf1\xe0y\xe8+9\xa6#\x1e\xf0P\x8c#h\xbb\f\x0e\x18\x87\xc4\n\x92zK/\xe2\x10M8\x9a\xf0\x02\xab,\xb5\xc5\x81\x99\x00'/124, 0x41, 0x0, 0x0) mq_timedsend(r0, 0x0, 0x0, 0x0, &(0x7f0000000000)) 13:39:26 executing program 4: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) rt_sigaction(0xd, 0x0, 0x0, 0x8, &(0x7f0000000200)) 13:39:26 executing program 5: r0 = inotify_init() inotify_add_watch(r0, &(0x7f00000001c0)='./file0\x00', 0x12000e81) inotify_add_watch(r0, &(0x7f0000000100)='.\x00', 0xc0000010) 13:39:26 executing program 6: perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_emit_ethernet(0x46, &(0x7f0000001880)=ANY=[@ANYBLOB="0180c2000000aaaaaaaaaa0086dd6012e03db4"], 0x0) [ 81.652062] audit: type=1400 audit(1756474766.475:7): avc: denied { execmem } for pid=271 comm="syz-executor.1" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1 [ 82.876409] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 82.878909] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 82.882938] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 82.889136] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 82.891495] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 82.893985] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 82.895207] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 82.896718] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 82.898203] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 82.901504] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 82.902762] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 82.910367] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 82.914113] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 82.915311] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 82.921435] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 82.955993] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 82.966767] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 82.969277] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 82.971325] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 82.972613] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 82.973264] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 82.974970] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 82.976191] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 82.976443] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 82.978986] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 82.980543] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 82.981486] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 82.988579] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 82.989736] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 82.991450] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 82.995416] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 82.996843] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 82.998782] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 83.003052] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 83.005207] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 83.007046] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 83.008488] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 83.012662] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 83.022343] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 83.026458] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 84.970948] Bluetooth: hci0: command tx timeout [ 84.970946] Bluetooth: hci2: command tx timeout [ 84.971167] Bluetooth: hci1: command tx timeout [ 85.033937] Bluetooth: hci4: command tx timeout [ 85.096029] Bluetooth: hci7: command tx timeout [ 85.097259] Bluetooth: hci5: command tx timeout [ 85.098326] Bluetooth: hci3: command tx timeout [ 85.098399] Bluetooth: hci6: command tx timeout [ 87.015882] Bluetooth: hci1: command tx timeout [ 87.016047] Bluetooth: hci0: command tx timeout [ 87.016319] Bluetooth: hci2: command tx timeout [ 87.080847] Bluetooth: hci4: command tx timeout [ 87.143993] Bluetooth: hci6: command tx timeout [ 87.144033] Bluetooth: hci5: command tx timeout [ 87.144378] Bluetooth: hci3: command tx timeout [ 87.144776] Bluetooth: hci7: command tx timeout [ 89.063989] Bluetooth: hci2: command tx timeout [ 89.065181] Bluetooth: hci0: command tx timeout [ 89.065584] Bluetooth: hci1: command tx timeout [ 89.129833] Bluetooth: hci4: command tx timeout [ 89.191918] Bluetooth: hci3: command tx timeout [ 89.192394] Bluetooth: hci5: command tx timeout [ 89.192784] Bluetooth: hci6: command tx timeout [ 89.193887] Bluetooth: hci7: command tx timeout [ 91.111919] Bluetooth: hci0: command tx timeout [ 91.111998] Bluetooth: hci1: command tx timeout [ 91.112422] Bluetooth: hci2: command tx timeout [ 91.176833] Bluetooth: hci4: command tx timeout [ 91.240119] Bluetooth: hci3: command tx timeout [ 91.240138] Bluetooth: hci7: command tx timeout [ 91.241237] Bluetooth: hci6: command tx timeout [ 91.241407] Bluetooth: hci5: command tx timeout [ 125.385434] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 125.386114] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 125.569848] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 125.570477] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 125.858132] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 125.859336] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 126.138381] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 126.139130] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 126.320843] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 126.321478] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 126.435106] audit: type=1400 audit(1756474811.258:8): avc: denied { watch_reads } for pid=3834 comm="syz-executor.5" path="/syzkaller-testdir986176671/syzkaller.PiYXUe/0" dev="sda" ino=15976 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=dir permissive=1 13:40:11 executing program 5: r0 = syz_open_dev$evdev(&(0x7f0000000000), 0x0, 0x0) ioctl$EVIOCGNAME(r0, 0x80404506, &(0x7f0000000040)=""/56) [ 126.508478] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 126.509081] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 13:40:11 executing program 5: r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) bind$bt_l2cap(r0, &(0x7f0000000040)={0x1f, 0x0, @fixed}, 0xe) r1 = dup(r0) setsockopt$bt_BT_DEFER_SETUP(r1, 0x112, 0xf, &(0x7f0000001080)=0x2, 0x4) [ 126.650209] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 126.651170] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 13:40:11 executing program 5: perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) set_mempolicy(0x3, &(0x7f0000000040)=0x5, 0x5db) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), 0xffffffffffffffff) [ 126.718746] audit: type=1400 audit(1756474811.542:9): avc: denied { open } for pid=3853 comm="syz-executor.5" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 [ 126.725741] audit: type=1400 audit(1756474811.542:10): avc: denied { kernel } for pid=3853 comm="syz-executor.5" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 [ 126.809960] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 126.810578] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 126.933665] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 126.934302] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 127.027281] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 127.028185] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 127.050538] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 127.051124] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 127.135378] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 127.135993] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 127.164109] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 127.164715] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 127.249403] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 127.250265] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 127.474121] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 127.474709] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 127.504458] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 127.505038] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 13:40:12 executing program 7: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736602106c00080120000200004000f80000200040000000000000000000010000000000000002000000010006000000000000000000000000008000"/96, 0x60}, {&(0x7f00000005c0)='RRaA\x00'/32, 0x20, 0x800}, {&(0x7f0000010200)="0000000072724161140000000b000000000000000000000000000000000055aa", 0x20, 0x9e0}, {&(0x7f0000000600)="601c6d6b646f736602106c00080120000200004000f80000200040000000000000000000010000000000000002000000010006000000000000000000000000008000"/96, 0x60, 0x3000}, {&(0x7f0000010400)="f8ffff0fffffff0fffffff0fffffff0fffffff0fffffff0f0700000008000000090000000a000000ffffff0fffffff0f00"/64, 0x40, 0x10000}, {&(0x7f0000010500)="f8ffff0fffffff0fffffff0fffffff0fffffff0fffffff0f0700000008000000090000000a000000ffffff0fffffff0f00"/64, 0x40, 0x10800}, {&(0x7f0000010600)="53595a4b414c4c45522020080000e980325132510000e980325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100079e970325132510000e970325103000000000041660069006c00650031000f00100000ffffffffffffffffffff0000ffffffff46494c4531202020202020200079e970325132510000e970325105000a00000041660069006c00650032000f00140000ffffffffffffffffffff0000ffffffff46494c453220", 0xc6, 0x11000}], 0x0, &(0x7f0000011000)) getdents64(r0, &(0x7f0000000040)=""/138, 0x8a) 13:40:12 executing program 4: r0 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$inet6_int(r0, 0x29, 0x4a, 0x0, 0x0) 13:40:12 executing program 5: perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) set_mempolicy(0x3, &(0x7f0000000040)=0x5, 0x5db) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), 0xffffffffffffffff) 13:40:12 executing program 1: msgsnd(0x0, &(0x7f0000000340)={0x3, "9fe967a7d011864835038c9a31cf7a3118a056db2eb984820cd48a435d2d879066b45ab0e6385f4f8e348eb4dd7ad5e950204559b0d99c8677fde05dd7293d18766a1c0e19a332063d872399c0abd48665167d694fc3075266d980c74319217e8d3f953499d0529832633e59dbafd32e05e25ff22593ee475485980018e06400613e5cac03b1861c18cca1ec8d6f013238c183333d6e1e06b3dbc4bb210fb54ac7d9584a707da09df435c69328d9c863064bddd9cd03fb1f9a0aa77d106a95802987b81f28a0da17c84774a0b47b3e2834865893b1e300f27211a71912a5bc31f0ebc32815de6ab8c048ce600799b9d7bf952b14e1b3e5116c772e06fdb71703baceebffd079e467a22342a8d0ecd238b277b015c6c7922c484d75d2e72a76bd1759e0efebd85ef49dc8ef5d0567755354fc7f87ed28f85ced9a1fb8113de29896923c4e54d16f6e091a4929fdad7d789ee5b3c6250a8ad8cd7bed1174da7b048ad6dde3f08fb8992beb287864eec22094e6a2c1cc46e68e267506110b82cb0bc8ae81ae56997c4b2e4d77bea42233dafc83b237417af7d37ac063d2403ba33c3783571160d918f67185865164cb3c1d5b8a9b96ce58a6b7cd6a410bbc5efd66bd09f17e2a93720d60818d657d299fb76ec03b809d1339752aee1910cf9420f9e23001ec197281369296462132568e115e5939656c35ef32c1b8eea65eb1563596490d3ab3ea61bc4b6948499eb4d0a97d448847fb3b1bec2bb777ec64bb4a61c860fa306fe38ef354bfadde4e0c1f5e5aa867e7b3aaeecbbaa786cfd6e424d47d0598939a9e29e8a84660c81a5a7d1c17e22469dda329bba9c25f097d42ff1d62058c84d7ab53bfdc5a161ee1ef0c93a4e0b10c9d7511c56eb62f86a5ec7e28d4ee9688f92c9675c3b52ae38ce16c1c2b0d083187f320f4490eaa4ee7e23aaa451992ccda7480345b9e5a247e14c20853b5eca6d4682b7fd0f24cca6a8549ca5df1be356720f0d81b0cc41cba8f8c03491cfb171218dac793f981a545e12901f6ca6c3f3124305242cbdba67fd1c759bb66633f5a3879351156516830e8a155ebb7a4a9e20cd3e467884c168027145c807422db3daf0afbc7f3e758b33335fa303664b0e7d653e4339f572c67a3e47ee721f3ab1370d50104fcd8bf840b3e10491ed07cc51e63ae1489088d6890bce469a81a7a4780b0955fd74d5d80325d38ea03e1f5e3c10accdeec6b2ff5507bb294121b534b69d79b0d522cfe4958ac24ed85d09ce5fb69af8d5e1435ee1b3fd224547683b0f289830fe26d3b216e7902ae675b5d03f761290f9338a8fc655bd98ff9e0b7d6654d4eb048b0cefef9184cde3198dd368d02576af96ab1b82da6deb0ffb38b7b4daf174e221dd09f869a54b2cacb52b18f6408140bb725c879bb2685a802aeba29f7ab12"}, 0x401, 0x0) msgsnd(0x0, &(0x7f0000000000)={0x0, "15196ca9cf9bb96784e14391bf1534a00ab163ac72685a349550c8e24750cb2c9dff63f557fa1cf7b49471189e6fc4726ea17eea9f2fd211dae2a6dde472bdcd1433b73c0e4b3636bcb8af69425ff6d4da3fd9e0fe277020bcc2dba96a30736bd074f75cd183df7b4325c318ce457f4f8c65232e2bd5aa82de175ddbfa24b195c951ed02e05824a2ff592c339730d84d18f5e4375e00e94ed2980e8c63000b434815b8ac02ed7364aa86f183afa2785b7f2d9d7e07302aef93efbd5ae71a4a44195e44ad36043b512ded2462e23f72874ef5c915632630031853ffbfa87615694cec90d8dac8762a98cbc6d5d6fe"}, 0xf6, 0x0) r0 = msgget$private(0x0, 0x0) msgctl$IPC_RMID(r0, 0x0) msgsnd(r0, &(0x7f0000000100)={0x2, "aa2b5fdf5cb46400dd3e1fad64297a581a41276943ea4067a673c67447386f65"}, 0x28, 0x800) msgctl$IPC_RMID(0x0, 0x0) 13:40:12 executing program 3: r0 = mq_open(&(0x7f00000001c0)='{#:E,,\x00\x9e\\\xe5\x9a\x86{w\x1f1\xfcN\x85U_0\x96\x13\xab\x12\b\x00\x00\x00\xfe\xc6\xf3y\x05\x8deeU?5\x19\x88\xef;:\xb2#\x1b\\\x98\xe6`k9D\xca\xd5\xd0s\xb5!.\x04+\xa3\xc4:\xdbj\xfb\x0f\xf1\xe0y\xe8+9\xa6#\x1e\xf0P\x8c#h\xbb\f\x0e\x18\x87\xc4\n\x92zK/\xe2\x10M8\x9a\xf0\x02\xab,\xb5\xc5\x81\x99\x00'/124, 0x41, 0x0, 0x0) mq_timedsend(r0, 0x0, 0x0, 0x0, &(0x7f0000000000)) 13:40:12 executing program 6: perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$netlink(0x10, 0x3, 0x9) sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000001740)={{0x14}, [], {0x14}}, 0x28}}, 0x0) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, 0x0, 0x0) 13:40:12 executing program 2: r0 = syz_open_procfs$namespace(0x0, &(0x7f0000000040)='ns/time_for_children\x00') ioctl$NS_GET_PARENT(r0, 0xb702, 0x0) 13:40:12 executing program 0: ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, 0x0) openat$sysfs(0xffffffffffffff9c, &(0x7f0000000080)='/sys/bus/memory_tiering', 0x80, 0x0) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, 0x0) ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0) r0 = fsopen(&(0x7f0000000040)='pipefs\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x6, 0x0, 0x0, 0x0) r1 = dup2(r0, r0) fsconfig$FSCONFIG_CMD_RECONFIGURE(r1, 0x7, 0x0, 0x0, 0x0) ioctl$LOOP_CTL_ADD(r1, 0x4c80, 0x2) perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000002200), 0x0, 0x0) r3 = ioctl$LOOP_CTL_GET_FREE(r2, 0x4c82) ioctl$LOOP_CTL_REMOVE(r2, 0x4c81, r3) [ 127.689006] loop7: detected capacity change from 0 to 272 13:40:12 executing program 1: perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0xf0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000240)='/proc/bus/input/devices\x00', 0x0, 0x0) r1 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/asound/seq/clients\x00', 0x0, 0x0) ppoll(&(0x7f0000000200)=[{r1}, {r0}, {r2, 0x84}], 0x3, 0x0, 0x0, 0x0) [ 127.710180] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=3919 comm=syz-executor.6 [ 127.711188] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=3919 comm=syz-executor.6 13:40:12 executing program 2: perf_event_open(&(0x7f00000000c0)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 13:40:12 executing program 4: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$netlink(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)=[{&(0x7f0000000080)={0x28, 0x12, 0xffffffffffffffff, 0x0, 0x0, "", [@nested={0x4}, @nested={0x4}, @nested={0x10, 0x0, 0x0, 0x1, [@typed={0x4}, @typed={0x8, 0xe, 0x0, 0x0, @pid}]}]}, 0x28}], 0x1}, 0x0) [ 127.741082] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=3921 comm=syz-executor.6 [ 127.742117] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=3921 comm=syz-executor.6 13:40:12 executing program 3: r0 = mq_open(&(0x7f00000001c0)='{#:E,,\x00\x9e\\\xe5\x9a\x86{w\x1f1\xfcN\x85U_0\x96\x13\xab\x12\b\x00\x00\x00\xfe\xc6\xf3y\x05\x8deeU?5\x19\x88\xef;:\xb2#\x1b\\\x98\xe6`k9D\xca\xd5\xd0s\xb5!.\x04+\xa3\xc4:\xdbj\xfb\x0f\xf1\xe0y\xe8+9\xa6#\x1e\xf0P\x8c#h\xbb\f\x0e\x18\x87\xc4\n\x92zK/\xe2\x10M8\x9a\xf0\x02\xab,\xb5\xc5\x81\x99\x00'/124, 0x41, 0x0, 0x0) mq_timedsend(r0, 0x0, 0x0, 0x0, &(0x7f0000000000)) 13:40:12 executing program 5: perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) set_mempolicy(0x3, &(0x7f0000000040)=0x5, 0x5db) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), 0xffffffffffffffff) 13:40:12 executing program 7: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) r0 = io_uring_setup(0x653b, &(0x7f0000000540)) io_uring_enter(r0, 0x0, 0x0, 0x0, 0x0, 0x0) 13:40:12 executing program 4: r0 = creat(&(0x7f0000000300)='./file0\x00', 0x0) write(r0, &(0x7f0000000900)='^', 0x1) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) r2 = socket$inet(0x2, 0xa, 0x0) sendfile(r2, r1, 0x0, 0xfdef) [ 127.869066] syz-executor.4 uses obsolete (PF_INET,SOCK_PACKET) 13:40:12 executing program 6: perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$netlink(0x10, 0x3, 0x9) sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000001740)={{0x14}, [], {0x14}}, 0x28}}, 0x0) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, 0x0, 0x0) 13:40:12 executing program 2: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) setxattr$system_posix_acl(&(0x7f0000000400)='./file0\x00', &(0x7f0000000440)='system.posix_acl_default\x00', &(0x7f00000005c0), 0x24, 0x0) rmdir(&(0x7f00000001c0)='./file0\x00') lsetxattr$security_capability(0x0, 0x0, 0x0, 0x0, 0x0) 13:40:12 executing program 3: r0 = mq_open(&(0x7f00000001c0)='{#:E,,\x00\x9e\\\xe5\x9a\x86{w\x1f1\xfcN\x85U_0\x96\x13\xab\x12\b\x00\x00\x00\xfe\xc6\xf3y\x05\x8deeU?5\x19\x88\xef;:\xb2#\x1b\\\x98\xe6`k9D\xca\xd5\xd0s\xb5!.\x04+\xa3\xc4:\xdbj\xfb\x0f\xf1\xe0y\xe8+9\xa6#\x1e\xf0P\x8c#h\xbb\f\x0e\x18\x87\xc4\n\x92zK/\xe2\x10M8\x9a\xf0\x02\xab,\xb5\xc5\x81\x99\x00'/124, 0x41, 0x0, 0x0) mq_timedsend(r0, 0x0, 0x0, 0x0, &(0x7f0000000000)) 13:40:12 executing program 1: perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0xf0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000240)='/proc/bus/input/devices\x00', 0x0, 0x0) r1 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/asound/seq/clients\x00', 0x0, 0x0) ppoll(&(0x7f0000000200)=[{r1}, {r0}, {r2, 0x84}], 0x3, 0x0, 0x0, 0x0) 13:40:12 executing program 7: r0 = shmget$private(0x0, 0x5000, 0x1800, &(0x7f0000ffb000/0x5000)=nil) shmat(r0, &(0x7f0000400000/0xc00000)=nil, 0x5000) move_pages(0x0, 0x1, &(0x7f00000000c0)=[&(0x7f0000586000/0x3000)=nil], 0x0, &(0x7f0000000100), 0x0) 13:40:12 executing program 0: ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, 0x0) openat$sysfs(0xffffffffffffff9c, &(0x7f0000000080)='/sys/bus/memory_tiering', 0x80, 0x0) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, 0x0) ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0) r0 = fsopen(&(0x7f0000000040)='pipefs\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x6, 0x0, 0x0, 0x0) r1 = dup2(r0, r0) fsconfig$FSCONFIG_CMD_RECONFIGURE(r1, 0x7, 0x0, 0x0, 0x0) ioctl$LOOP_CTL_ADD(r1, 0x4c80, 0x2) perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000002200), 0x0, 0x0) r3 = ioctl$LOOP_CTL_GET_FREE(r2, 0x4c82) ioctl$LOOP_CTL_REMOVE(r2, 0x4c81, r3) 13:40:12 executing program 4: ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, 0x0) openat$sysfs(0xffffffffffffff9c, &(0x7f0000000080)='/sys/bus/memory_tiering', 0x80, 0x0) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, 0x0) ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0) r0 = fsopen(&(0x7f0000000040)='pipefs\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x6, 0x0, 0x0, 0x0) r1 = dup2(r0, r0) fsconfig$FSCONFIG_CMD_RECONFIGURE(r1, 0x7, 0x0, 0x0, 0x0) ioctl$LOOP_CTL_ADD(r1, 0x4c80, 0x2) perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000002200), 0x0, 0x0) r3 = ioctl$LOOP_CTL_GET_FREE(r2, 0x4c82) ioctl$LOOP_CTL_REMOVE(r2, 0x4c81, r3) 13:40:12 executing program 5: perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) set_mempolicy(0x3, &(0x7f0000000040)=0x5, 0x5db) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), 0xffffffffffffffff) [ 127.970071] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=3949 comm=syz-executor.6 [ 127.971076] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=3949 comm=syz-executor.6 13:40:12 executing program 7: r0 = getpid() r1 = pidfd_open(r0, 0x0) process_madvise(r1, &(0x7f0000000240)=[{&(0x7f0000000000)="01", 0x1}, {&(0x7f0000000040)="fd", 0x1}], 0x2, 0x0, 0x0) 13:40:12 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4442, 0x0) pwrite64(r0, &(0x7f0000000140)=' ', 0x1, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x3, 0x13, r0, 0x0) madvise(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x17) 13:40:12 executing program 6: perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$netlink(0x10, 0x3, 0x9) sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000001740)={{0x14}, [], {0x14}}, 0x28}}, 0x0) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, 0x0, 0x0) 13:40:12 executing program 0: ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, 0x0) openat$sysfs(0xffffffffffffff9c, &(0x7f0000000080)='/sys/bus/memory_tiering', 0x80, 0x0) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, 0x0) ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0) r0 = fsopen(&(0x7f0000000040)='pipefs\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x6, 0x0, 0x0, 0x0) r1 = dup2(r0, r0) fsconfig$FSCONFIG_CMD_RECONFIGURE(r1, 0x7, 0x0, 0x0, 0x0) ioctl$LOOP_CTL_ADD(r1, 0x4c80, 0x2) perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000002200), 0x0, 0x0) r3 = ioctl$LOOP_CTL_GET_FREE(r2, 0x4c82) ioctl$LOOP_CTL_REMOVE(r2, 0x4c81, r3) 13:40:12 executing program 2: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) setxattr$system_posix_acl(&(0x7f0000000400)='./file0\x00', &(0x7f0000000440)='system.posix_acl_default\x00', &(0x7f00000005c0), 0x24, 0x0) rmdir(&(0x7f00000001c0)='./file0\x00') lsetxattr$security_capability(0x0, 0x0, 0x0, 0x0, 0x0) 13:40:12 executing program 1: perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0xf0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000240)='/proc/bus/input/devices\x00', 0x0, 0x0) r1 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/asound/seq/clients\x00', 0x0, 0x0) ppoll(&(0x7f0000000200)=[{r1}, {r0}, {r2, 0x84}], 0x3, 0x0, 0x0, 0x0) [ 128.131536] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=3968 comm=syz-executor.6 [ 128.132556] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=3968 comm=syz-executor.6 13:40:13 executing program 4: ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, 0x0) openat$sysfs(0xffffffffffffff9c, &(0x7f0000000080)='/sys/bus/memory_tiering', 0x80, 0x0) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, 0x0) ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0) r0 = fsopen(&(0x7f0000000040)='pipefs\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x6, 0x0, 0x0, 0x0) r1 = dup2(r0, r0) fsconfig$FSCONFIG_CMD_RECONFIGURE(r1, 0x7, 0x0, 0x0, 0x0) ioctl$LOOP_CTL_ADD(r1, 0x4c80, 0x2) perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000002200), 0x0, 0x0) r3 = ioctl$LOOP_CTL_GET_FREE(r2, 0x4c82) ioctl$LOOP_CTL_REMOVE(r2, 0x4c81, r3) 13:40:13 executing program 7: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) sendmsg$inet(r0, &(0x7f0000001540)={&(0x7f0000000080)={0x2, 0x0, @remote}, 0x10, &(0x7f0000001440)=[{&(0x7f00000000c0)="907239", 0x3}], 0x1, &(0x7f0000001600)=[@ip_ttl={{0x14}}], 0xf}, 0x0) 13:40:13 executing program 5: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000140), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_PAUSE_GET(r0, &(0x7f0000002040)={0x0, 0x0, &(0x7f0000002000)={&(0x7f0000000240)={0x2c, r1, 0x1, 0x0, 0x0, {0x12}, [@HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'syz_tun\x00'}]}]}, 0x2c}}, 0x0) 13:40:13 executing program 6: perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$netlink(0x10, 0x3, 0x9) sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000001740)={{0x14}, [], {0x14}}, 0x28}}, 0x0) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, 0x0, 0x0) 13:40:13 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4442, 0x0) pwrite64(r0, &(0x7f0000000140)=' ', 0x1, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x3, 0x13, r0, 0x0) madvise(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x17) 13:40:13 executing program 1: perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0xf0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000240)='/proc/bus/input/devices\x00', 0x0, 0x0) r1 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/asound/seq/clients\x00', 0x0, 0x0) ppoll(&(0x7f0000000200)=[{r1}, {r0}, {r2, 0x84}], 0x3, 0x0, 0x0, 0x0) 13:40:13 executing program 2: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) setxattr$system_posix_acl(&(0x7f0000000400)='./file0\x00', &(0x7f0000000440)='system.posix_acl_default\x00', &(0x7f00000005c0), 0x24, 0x0) rmdir(&(0x7f00000001c0)='./file0\x00') lsetxattr$security_capability(0x0, 0x0, 0x0, 0x0, 0x0) 13:40:13 executing program 0: ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, 0x0) openat$sysfs(0xffffffffffffff9c, &(0x7f0000000080)='/sys/bus/memory_tiering', 0x80, 0x0) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, 0x0) ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0) r0 = fsopen(&(0x7f0000000040)='pipefs\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x6, 0x0, 0x0, 0x0) r1 = dup2(r0, r0) fsconfig$FSCONFIG_CMD_RECONFIGURE(r1, 0x7, 0x0, 0x0, 0x0) ioctl$LOOP_CTL_ADD(r1, 0x4c80, 0x2) perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000002200), 0x0, 0x0) r3 = ioctl$LOOP_CTL_GET_FREE(r2, 0x4c82) ioctl$LOOP_CTL_REMOVE(r2, 0x4c81, r3) [ 128.259772] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=3982 comm=syz-executor.6 [ 128.260780] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=3982 comm=syz-executor.6 13:40:13 executing program 5: set_mempolicy(0x6, &(0x7f0000000040)=0x7, 0x5db) r0 = syz_open_dev$tty20(0xc, 0x4, 0x0) ioctl$VT_RESIZE(r0, 0x5609, &(0x7f0000000080)={0x0, 0xfff, 0x1}) 13:40:13 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4442, 0x0) pwrite64(r0, &(0x7f0000000140)=' ', 0x1, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x3, 0x13, r0, 0x0) madvise(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x17) 13:40:13 executing program 7: mount_setattr(0xffffffffffffff9c, 0x0, 0x0, &(0x7f0000000140)={0x1000000}, 0x20) 13:40:13 executing program 2: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) setxattr$system_posix_acl(&(0x7f0000000400)='./file0\x00', &(0x7f0000000440)='system.posix_acl_default\x00', &(0x7f00000005c0), 0x24, 0x0) rmdir(&(0x7f00000001c0)='./file0\x00') lsetxattr$security_capability(0x0, 0x0, 0x0, 0x0, 0x0) 13:40:13 executing program 4: ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, 0x0) openat$sysfs(0xffffffffffffff9c, &(0x7f0000000080)='/sys/bus/memory_tiering', 0x80, 0x0) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, 0x0) ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0) r0 = fsopen(&(0x7f0000000040)='pipefs\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x6, 0x0, 0x0, 0x0) r1 = dup2(r0, r0) fsconfig$FSCONFIG_CMD_RECONFIGURE(r1, 0x7, 0x0, 0x0, 0x0) ioctl$LOOP_CTL_ADD(r1, 0x4c80, 0x2) perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000002200), 0x0, 0x0) r3 = ioctl$LOOP_CTL_GET_FREE(r2, 0x4c82) ioctl$LOOP_CTL_REMOVE(r2, 0x4c81, r3) 13:40:13 executing program 7: mount_setattr(0xffffffffffffff9c, 0x0, 0x0, &(0x7f0000000140)={0x1000000}, 0x20) 13:40:13 executing program 6: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000440)={'wlan1\x00', 0x0}) r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$NL80211_CMD_SET_QOS_MAP(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)={0x1c, r3, 0x1, 0x0, 0x0, {{0x5e}, {@val={0x8, 0x3, r2}, @void}}}, 0x1c}}, 0x0) 13:40:13 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4442, 0x0) pwrite64(r0, &(0x7f0000000140)=' ', 0x1, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x3, 0x13, r0, 0x0) madvise(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x17) 13:40:13 executing program 1: perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/power/pm_trace_dev_match', 0x0, 0x0) finit_module(r0, 0x0, 0x0) [ 128.466739] audit: type=1400 audit(1756474813.290:11): avc: denied { module_load } for pid=4004 comm="syz-executor.1" path="/sys/power/pm_trace_dev_match" dev="sysfs" ino=210 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:object_r:sysfs_t:s0 tclass=system permissive=1 13:40:13 executing program 5: set_mempolicy(0x6, &(0x7f0000000040)=0x7, 0x5db) r0 = syz_open_dev$tty20(0xc, 0x4, 0x0) ioctl$VT_RESIZE(r0, 0x5609, &(0x7f0000000080)={0x0, 0xfff, 0x1}) 13:40:13 executing program 7: mount_setattr(0xffffffffffffff9c, 0x0, 0x0, &(0x7f0000000140)={0x1000000}, 0x20) 13:40:13 executing program 6: rseq(&(0x7f0000000600), 0x20, 0x0, 0x0) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) fdatasync(r0) 13:40:13 executing program 1: perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/power/pm_trace_dev_match', 0x0, 0x0) finit_module(r0, 0x0, 0x0) 13:40:13 executing program 0: munmap(&(0x7f0000000000/0x2000)=nil, 0x2000) mbind(&(0x7f0000001000/0x1000)=nil, 0x1000, 0x0, &(0x7f00000001c0), 0x1ff, 0x0) 13:40:13 executing program 4: perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x79, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x14, &(0x7f0000000000)={@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', 0x0, 0x0, 0x0, 0x1}, 0x20) 13:40:13 executing program 2: perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mq_open(&(0x7f0000000000)='(%\x00', 0x40, 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, 0x0) 13:40:13 executing program 0: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000940)='/proc/cgroups\x00', 0x0, 0x0) ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_CLIENT(r0, 0xc04c5349, 0x0) 13:40:13 executing program 7: mount_setattr(0xffffffffffffff9c, 0x0, 0x0, &(0x7f0000000140)={0x1000000}, 0x20) 13:40:13 executing program 5: set_mempolicy(0x6, &(0x7f0000000040)=0x7, 0x5db) r0 = syz_open_dev$tty20(0xc, 0x4, 0x0) ioctl$VT_RESIZE(r0, 0x5609, &(0x7f0000000080)={0x0, 0xfff, 0x1}) 13:40:13 executing program 6: rseq(&(0x7f0000000600), 0x20, 0x0, 0x0) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) fdatasync(r0) 13:40:13 executing program 3: perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$netlink(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_NO_ENOBUFS(r0, 0x10e, 0x5, &(0x7f0000001700)=0x9, 0x4) 13:40:13 executing program 5: set_mempolicy(0x6, &(0x7f0000000040)=0x7, 0x5db) r0 = syz_open_dev$tty20(0xc, 0x4, 0x0) ioctl$VT_RESIZE(r0, 0x5609, &(0x7f0000000080)={0x0, 0xfff, 0x1}) 13:40:13 executing program 2: perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x79, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$netlink(r0, &(0x7f0000000ec0)={0x0, 0x0, &(0x7f0000000e80)=[{&(0x7f0000002500)={0x18, 0x13, 0x1, 0x0, 0x0, "", [@typed={0x7, 0x0, 0x0, 0x0, @str='(n\x00'}]}, 0x18}], 0x1}, 0x0) 13:40:13 executing program 1: perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/power/pm_trace_dev_match', 0x0, 0x0) finit_module(r0, 0x0, 0x0) 13:40:13 executing program 4: r0 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_inet_SIOCGARP(r0, 0x8955, &(0x7f0000000100)={{0x2, 0x0, @loopback}, {0x0, @broadcast}, 0x2e, {0x2, 0x0, @empty}}) 13:40:13 executing program 7: perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x79, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$netlink(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)=[{&(0x7f00000000c0)=ANY=[@ANYBLOB="340000002a0001ef"], 0x34}], 0x1}, 0x0) 13:40:13 executing program 0: perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x79, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x44000) write(r0, &(0x7f0000000400)='1', 0x80000) 13:40:13 executing program 4: r0 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_inet_SIOCGARP(r0, 0x8955, &(0x7f0000000100)={{0x2, 0x0, @loopback}, {0x0, @broadcast}, 0x2e, {0x2, 0x0, @empty}}) 13:40:13 executing program 1: perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/power/pm_trace_dev_match', 0x0, 0x0) finit_module(r0, 0x0, 0x0) 13:40:13 executing program 3: perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$netlink(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_NO_ENOBUFS(r0, 0x10e, 0x5, &(0x7f0000001700)=0x9, 0x4) 13:40:13 executing program 7: perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x79, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$netlink(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)=[{&(0x7f00000000c0)=ANY=[@ANYBLOB="340000002a0001ef"], 0x34}], 0x1}, 0x0) 13:40:13 executing program 5: mknod$loop(&(0x7f0000000040)='./file0\x00', 0x0, 0x1) r0 = inotify_init1(0x0) r1 = inotify_init() inotify_add_watch(r1, &(0x7f00000000c0)='./file0\x00', 0x10000320) inotify_add_watch(r0, &(0x7f0000000080)='./file0\x00', 0xd10) unlink(&(0x7f0000000340)='./file0\x00') 13:40:13 executing program 6: rseq(&(0x7f0000000600), 0x20, 0x0, 0x0) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) fdatasync(r0) 13:40:13 executing program 2: mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x2000005, 0x32, 0xffffffffffffffff, 0x0) pselect6(0x40, &(0x7f0000000040), 0x0, 0x0, &(0x7f0000000100)={0x77359400}, &(0x7f0000000180)={0x0}) [ 128.878544] audit: type=1400 audit(1756474813.701:12): avc: denied { watch_reads } for pid=4051 comm="syz-executor.5" path="/syzkaller-testdir986176671/syzkaller.PiYXUe/12/file0" dev="sda" ino=16005 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=file permissive=1 13:40:13 executing program 4: r0 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_inet_SIOCGARP(r0, 0x8955, &(0x7f0000000100)={{0x2, 0x0, @loopback}, {0x0, @broadcast}, 0x2e, {0x2, 0x0, @empty}}) 13:40:13 executing program 2: mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x2000005, 0x32, 0xffffffffffffffff, 0x0) pselect6(0x40, &(0x7f0000000040), 0x0, 0x0, &(0x7f0000000100)={0x77359400}, &(0x7f0000000180)={0x0}) 13:40:13 executing program 5: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) setsockopt$SO_BINDTODEVICE(r1, 0x29, 0x1d, &(0x7f0000000000)='lo\x00', 0x10) 13:40:13 executing program 6: rseq(&(0x7f0000000600), 0x20, 0x0, 0x0) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) fdatasync(r0) 13:40:13 executing program 2: mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x2000005, 0x32, 0xffffffffffffffff, 0x0) pselect6(0x40, &(0x7f0000000040), 0x0, 0x0, &(0x7f0000000100)={0x77359400}, &(0x7f0000000180)={0x0}) 13:40:13 executing program 7: perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x79, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$netlink(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)=[{&(0x7f00000000c0)=ANY=[@ANYBLOB="340000002a0001ef"], 0x34}], 0x1}, 0x0) 13:40:13 executing program 3: perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$netlink(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_NO_ENOBUFS(r0, 0x10e, 0x5, &(0x7f0000001700)=0x9, 0x4) 13:40:13 executing program 0: perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff) write$binfmt_script(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB], 0xc) socket$packet(0x11, 0x2, 0x300) close(r0) execveat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0, 0x0) ioctl$FS_IOC_SETVERSION(0xffffffffffffffff, 0x40087602, 0x0) 13:40:13 executing program 4: r0 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_inet_SIOCGARP(r0, 0x8955, &(0x7f0000000100)={{0x2, 0x0, @loopback}, {0x0, @broadcast}, 0x2e, {0x2, 0x0, @empty}}) 13:40:13 executing program 5: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) setsockopt$SO_BINDTODEVICE(r1, 0x29, 0x1d, &(0x7f0000000000)='lo\x00', 0x10) [ 129.068530] process 'syz-executor.0' launched './file1' with NULL argv: empty string added 13:40:13 executing program 3: perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$netlink(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_NO_ENOBUFS(r0, 0x10e, 0x5, &(0x7f0000001700)=0x9, 0x4) 13:40:13 executing program 5: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) setsockopt$SO_BINDTODEVICE(r1, 0x29, 0x1d, &(0x7f0000000000)='lo\x00', 0x10) 13:40:13 executing program 1: r0 = openat$ptp0(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) ioctl$PTP_PEROUT_REQUEST(r0, 0x40383d03, &(0x7f00000000c0)) 13:40:13 executing program 2: mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x2000005, 0x32, 0xffffffffffffffff, 0x0) pselect6(0x40, &(0x7f0000000040), 0x0, 0x0, &(0x7f0000000100)={0x77359400}, &(0x7f0000000180)={0x0}) 13:40:14 executing program 5: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) setsockopt$SO_BINDTODEVICE(r1, 0x29, 0x1d, &(0x7f0000000000)='lo\x00', 0x10) 13:40:14 executing program 0: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f0000001a00), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f0000001ac0)={0x0, 0x0, &(0x7f0000001a80)={&(0x7f0000001a40)={0x2c, r1, 0x1, 0x0, 0x0, {}, [@NL802154_ATTR_WPAN_PHY={0x8}, @NL802154_ATTR_PAGE={0x5}, @NL802154_ATTR_CHANNEL={0x5, 0x8, 0x9}]}, 0x2c}}, 0x0) 13:40:14 executing program 7: perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x79, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$netlink(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)=[{&(0x7f00000000c0)=ANY=[@ANYBLOB="340000002a0001ef"], 0x34}], 0x1}, 0x0) 13:40:14 executing program 4: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f00000085c0)={0x0, 0x0, 0x0}, &(0x7f0000008600)=0xc) r2 = socket$nl_xfrm(0x10, 0x3, 0x6) getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f00000085c0)={0x0, 0x0, 0x0}, &(0x7f0000008600)=0xc) setregid(r1, r3) 13:40:14 executing program 6: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000000)={0x0, 0xa006}, 0x4) syz_emit_ethernet(0x3e, &(0x7f0000000280)={@local, @remote, @val={@void}, {@ipv4={0x800, @tipc={{0x5, 0x4, 0x0, 0x0, 0x2c, 0x0, 0x3, 0x0, 0x6, 0x0, @loopback, @dev}, @payload_conn={{{0x18, 0x0, 0x0, 0x0, 0x0, 0x6}}}}}}}, 0x0) 13:40:14 executing program 3: perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0xb7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = dup2(r0, r0) read(r1, 0x0, 0x1a76) 13:40:14 executing program 2: r0 = perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x79, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x78, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_SET_FILTER(r0, 0x2403, &(0x7f0000000140)=')\xf5}\x00') 13:40:14 executing program 1: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mlock(&(0x7f0000ffd000/0x2000)=nil, 0x2000) munlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) [ 129.275371] audit: type=1400 audit(1756474814.099:13): avc: denied { read } for pid=4112 comm="syz-executor.3" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 [ 129.320921] audit: type=1400 audit(1756474814.142:14): avc: denied { write } for pid=4115 comm="syz-executor.2" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 13:40:14 executing program 3: perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0xb7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = dup2(r0, r0) read(r1, 0x0, 0x1a76) 13:40:14 executing program 6: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TIOCL_SETSEL(r0, 0x541c, &(0x7f0000000080)={0x3}) 13:40:14 executing program 0: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f0000001a00), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f0000001ac0)={0x0, 0x0, &(0x7f0000001a80)={&(0x7f0000001a40)={0x2c, r1, 0x1, 0x0, 0x0, {}, [@NL802154_ATTR_WPAN_PHY={0x8}, @NL802154_ATTR_PAGE={0x5}, @NL802154_ATTR_CHANNEL={0x5, 0x8, 0x9}]}, 0x2c}}, 0x0) 13:40:14 executing program 4: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f00000085c0)={0x0, 0x0, 0x0}, &(0x7f0000008600)=0xc) r2 = socket$nl_xfrm(0x10, 0x3, 0x6) getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f00000085c0)={0x0, 0x0, 0x0}, &(0x7f0000008600)=0xc) setregid(r1, r3) 13:40:14 executing program 7: r0 = openat$autofs(0xffffffffffffff9c, &(0x7f0000001340), 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r0, 0xc0189375, &(0x7f0000000200)={{0x1, 0x1, 0x18, r0}, './file0\x00'}) 13:40:14 executing program 1: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mlock(&(0x7f0000ffd000/0x2000)=nil, 0x2000) munlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) 13:40:14 executing program 2: r0 = perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x79, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x78, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_SET_FILTER(r0, 0x2403, &(0x7f0000000140)=')\xf5}\x00') 13:40:14 executing program 5: syz_emit_vhci(&(0x7f0000000440)=@HCI_EVENT_PKT={0x4, @inquiry_info_with_rssi={{0x22, 0x7f}, {0x9, [{@none, 0x80, 0x2, "2571ac", 0x6, 0x1}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x4, 0x40, "f3e2f6", 0x69, 0x8}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x6, 0xfc, "3a4303", 0x800, 0x5}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}, 0x3, 0x9, "d597d2", 0x6, 0x13}, {@any, 0x20, 0x0, "acc749", 0x5, 0x5a}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x3, 0x2, "b88488", 0xa8c, 0x3}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}, 0x6, 0x1f, "cfc133", 0xa60e, 0x1}, {@any, 0x4, 0x5, "f76e7a", 0x2, 0xff}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x7f, 0x67, "a58ea6", 0xff, 0x6}]}}}, 0x82) syz_emit_vhci(&(0x7f00000003c0)=@HCI_VENDOR_PKT, 0x2) syz_emit_vhci(&(0x7f0000000200)=@HCI_VENDOR_PKT, 0x2) syz_emit_vhci(&(0x7f00000001c0)=@HCI_EVENT_PKT={0x4, @hci_ev_qos_setup_complete={{0xd, 0x14}, {0x27, 0xc8, {0x4, 0x5, 0x1, 0x2, 0x800}}}}, 0x17) r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) syz_emit_vhci(&(0x7f0000000280)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x1, 0x0, 0x14}, @l2cap_cid_le_signaling={{0x10}, @l2cap_ecred_conn_req={{0x17, 0x40, 0xc}, {0x2, 0x6a7, 0x4, 0xff, [0x1, 0x6]}}}}, 0x19) prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000000)) syz_emit_vhci(&(0x7f00000002c0)=ANY=[@ANYBLOB="030000502bbbe9325c2f4825ed4e2e792fdda73f228ffd7503c16d40f44ecf7770235540cb73eb566be07629ad9d0d92926932bbae11c89a05bab2b57521c5d80fdc4c248dbc73be336b0e1cb2cf1f2859a4c280e00466"], 0x54) syz_emit_vhci(&(0x7f0000000100)=ANY=[@ANYBLOB="02c91014001000050017000ce4bd85cf500772f10001800400ccc3cf49b6000300"], 0x19) getdents64(r0, 0x0, 0x0) syz_emit_vhci(&(0x7f0000000240)=@HCI_VENDOR_PKT, 0x15c) syz_emit_vhci(&(0x7f0000000180)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x2, 0x0, 0x14}, @l2cap_cid_signaling={{0x10}, [@l2cap_move_chan_cfm={{0x10, 0x7f, 0x4}, {0x8, 0xfe00}}, @l2cap_disconn_req={{0x6, 0x3, 0x4}, {0xfff8, 0x1}}]}}, 0x19) syz_emit_vhci(&(0x7f00000005c0)=ANY=[@ANYBLOB="04480f080003c8000112ef3d4d14eb3114007b684370cc7d3452897f7ab2858cc15eecd1795cd8d512b4b2d079160da36d8af86516c82f10a07ae00a50e3939ae66917d70b26a628859ba31307f7efc3b4a19dc6be12a274d95a86cf06918a3c6f34636c4d0796b442f79d0599db6299814695da1bc36fbef4621e954eceeee4b704ece077754414eb21c03e8de4e561b3e304698dba04ebe4ae35f024703e469a0b761d2589728911e51735f57ccfe2690b0ab7c57c73b08eeffa96d63b9b05b159d1389e65cf36628ebc0b57c4160c12bc4b09367d9844c2167b59713a5d3c2d3094ca4126e88d05dc0e8f175218fd8283a542cb39242e5a9411ba82aaeb4f21b9489a1d749c5342a811cc222b2673e6bee0dafee069d12c776da0"], 0x12) syz_emit_vhci(&(0x7f0000000040)=@HCI_VENDOR_PKT, 0x2) syz_open_dev$sg(&(0x7f0000000380), 0x1fb, 0x2000) [ 129.530540] Bluetooth: Unexpected continuation frame (len 20) [ 129.531296] Bluetooth: hci7: SCO packet for unknown connection handle 0 [ 129.531330] Bluetooth: Unexpected continuation frame (len 20) [ 129.533568] Bluetooth: Unknown BR/EDR signaling command 0x10 [ 129.534064] Bluetooth: Wrong link type (-22) [ 129.534929] Bluetooth: hci7: link tx timeout [ 129.535348] Bluetooth: hci7: killing stalled connection 11:aa:aa:aa:aa:aa 13:40:14 executing program 4: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f00000085c0)={0x0, 0x0, 0x0}, &(0x7f0000008600)=0xc) r2 = socket$nl_xfrm(0x10, 0x3, 0x6) getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f00000085c0)={0x0, 0x0, 0x0}, &(0x7f0000008600)=0xc) setregid(r1, r3) 13:40:14 executing program 0: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f0000001a00), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f0000001ac0)={0x0, 0x0, &(0x7f0000001a80)={&(0x7f0000001a40)={0x2c, r1, 0x1, 0x0, 0x0, {}, [@NL802154_ATTR_WPAN_PHY={0x8}, @NL802154_ATTR_PAGE={0x5}, @NL802154_ATTR_CHANNEL={0x5, 0x8, 0x9}]}, 0x2c}}, 0x0) 13:40:14 executing program 0: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f0000001a00), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f0000001ac0)={0x0, 0x0, &(0x7f0000001a80)={&(0x7f0000001a40)={0x2c, r1, 0x1, 0x0, 0x0, {}, [@NL802154_ATTR_WPAN_PHY={0x8}, @NL802154_ATTR_PAGE={0x5}, @NL802154_ATTR_CHANNEL={0x5, 0x8, 0x9}]}, 0x2c}}, 0x0) 13:40:14 executing program 7: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000000)='ns\x00') openat(r0, &(0x7f0000000140)='./cgroup/cgroup.procs\x00', 0x0, 0x0) 13:40:14 executing program 6: r0 = socket$unix(0x1, 0x1, 0x0) recvmmsg$unix(r0, &(0x7f0000002e80)=[{{0x0, 0x0, &(0x7f0000001580)=[{0x0}, {0x0}], 0x2}}], 0x1, 0x0, 0x0) 13:40:14 executing program 5: r0 = perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0xb1, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x4}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clock_settime(0x0, &(0x7f0000000240)={0x77359400}) r1 = fork() ptrace(0x10, r1) r2 = perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x79, 0x0, 0x0, 0x0, 0x0, 0x7fff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x0, 0x0, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getpid() r3 = getpid() r4 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/power/wakeup_count', 0x0, 0x0) kcmp$KCMP_EPOLL_TFD(0x0, 0x0, 0x7, r2, &(0x7f0000000000)={r4, r0}) perf_event_open(&(0x7f0000000280)={0x3, 0x80, 0x4, 0x3, 0xff, 0xff, 0x0, 0x0, 0x80308, 0x2, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x2, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x540, 0x2, @perf_config_ext={0x401, 0x1000}, 0x800, 0x1f, 0x6, 0x2, 0x4d6, 0x0, 0x1f, 0x0, 0x0, 0x0, 0x9}, r3, 0x7, r2, 0x10) pidfd_open(r3, 0x0) getpriority(0x1, r3) r5 = fork() ptrace(0x10, r5) ptrace$setsig(0x4203, r5, 0xbe13, &(0x7f0000000100)={0xc, 0x0, 0x2}) ptrace$setsig(0x4203, r1, 0xf738, &(0x7f0000000100)={0x1d, 0x100, 0x1}) 13:40:14 executing program 1: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mlock(&(0x7f0000ffd000/0x2000)=nil, 0x2000) munlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) 13:40:14 executing program 3: perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0xb7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = dup2(r0, r0) read(r1, 0x0, 0x1a76) 03:33:20 executing program 4: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f00000085c0)={0x0, 0x0, 0x0}, &(0x7f0000008600)=0xc) r2 = socket$nl_xfrm(0x10, 0x3, 0x6) getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f00000085c0)={0x0, 0x0, 0x0}, &(0x7f0000008600)=0xc) setregid(r1, r3) 03:33:20 executing program 3: perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0xb7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = dup2(r0, r0) read(r1, 0x0, 0x1a76) 03:33:20 executing program 7: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000000)='ns\x00') openat(r0, &(0x7f0000000140)='./cgroup/cgroup.procs\x00', 0x0, 0x0) 03:33:20 executing program 6: r0 = socket$unix(0x1, 0x1, 0x0) recvmmsg$unix(r0, &(0x7f0000002e80)=[{{0x0, 0x0, &(0x7f0000001580)=[{0x0}, {0x0}], 0x2}}], 0x1, 0x0, 0x0) 03:33:20 executing program 1: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mlock(&(0x7f0000ffd000/0x2000)=nil, 0x2000) munlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) 03:33:20 executing program 0: r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$inet_mreq(r0, 0x0, 0x21, &(0x7f0000000000)={@dev}, 0x8) 03:33:20 executing program 5: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$netlink(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)=[{&(0x7f00000000c0)={0x18, 0x12, 0xffffffffffffffff, 0x0, 0x0, "", [@typed={0x5, 0x0, 0x0, 0x0, @str='\x00'}]}, 0x18}], 0x1}, 0x0) 03:33:20 executing program 2: r0 = perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x79, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x78, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_SET_FILTER(r0, 0x2403, &(0x7f0000000140)=')\xf5}\x00') [ 129.860331] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.5'. 03:33:20 executing program 0: utime(0x0, 0xffffffffffffffff) 03:33:20 executing program 5: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$netlink(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)=[{&(0x7f00000000c0)={0x18, 0x12, 0xffffffffffffffff, 0x0, 0x0, "", [@typed={0x5, 0x0, 0x0, 0x0, @str='\x00'}]}, 0x18}], 0x1}, 0x0) 03:33:20 executing program 2: r0 = perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x79, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x78, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_SET_FILTER(r0, 0x2403, &(0x7f0000000140)=')\xf5}\x00') 03:33:20 executing program 7: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000000)='ns\x00') openat(r0, &(0x7f0000000140)='./cgroup/cgroup.procs\x00', 0x0, 0x0) 03:33:20 executing program 6: r0 = socket$unix(0x1, 0x1, 0x0) recvmmsg$unix(r0, &(0x7f0000002e80)=[{{0x0, 0x0, &(0x7f0000001580)=[{0x0}, {0x0}], 0x2}}], 0x1, 0x0, 0x0) 03:33:20 executing program 4: perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_open_dev$evdev(&(0x7f0000000080), 0x1, 0x0) ioctl$EVIOCSREP(r0, 0x40084503, &(0x7f0000000000)=[0xfa000000]) [ 130.011987] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.5'. [ 130.149852] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.5'. [ 130.245041] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.5'. [ 130.551016] kmemleak: Found object by alias at 0x607f1a62cbac [ 130.551035] CPU: 1 UID: 0 PID: 4247 Comm: isc-worker0000 Tainted: G W 6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) [ 130.551053] Tainted: [W]=WARN [ 130.551057] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 130.551064] Call Trace: [ 130.551068] [ 130.551072] dump_stack_lvl+0xca/0x120 [ 130.551099] __lookup_object+0x94/0xb0 [ 130.551116] delete_object_full+0x27/0x70 [ 130.551132] free_percpu+0x30/0x1160 [ 130.551148] ? arch_uprobe_clear_state+0x16/0x140 [ 130.551168] futex_hash_free+0x38/0xc0 [ 130.551182] mmput+0x2d3/0x390 [ 130.551201] begin_new_exec+0x14bd/0x36c0 [ 130.551217] ? kernel_read+0xcb/0x230 [ 130.551230] load_elf_binary+0x855/0x4f70 [ 130.551253] ? load_misc_binary+0x979/0xcd0 [ 130.551270] ? __pfx_load_elf_binary+0x10/0x10 [ 130.551285] ? find_held_lock+0x2b/0x80 [ 130.551302] ? bprm_execve+0x8b7/0x15a0 [ 130.551312] ? lock_release+0xc8/0x290 [ 130.551328] bprm_execve+0x8d9/0x15a0 [ 130.551342] ? __pfx_bprm_execve+0x10/0x10 [ 130.551357] do_execveat_common+0x5b2/0x770 [ 130.551369] ? __pfx_do_execveat_common+0x10/0x10 [ 130.551382] ? getname_flags.part.0+0x1c6/0x540 [ 130.551401] __x64_sys_execve+0x95/0xc0 [ 130.551414] do_syscall_64+0xbf/0x360 [ 130.551426] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 130.551438] RIP: 0033:0x7f98087ab6c7 [ 130.551452] Code: Unable to access opcode bytes at 0x7f98087ab69d. [ 130.551458] RSP: 002b:00007f980837ccf8 EFLAGS: 00000202 ORIG_RAX: 000000000000003b [ 130.551469] RAX: ffffffffffffffda RBX: 000055c91711dca0 RCX: 00007f98087ab6c7 [ 130.551477] RDX: 00007f9800002430 RSI: 00007f980837cd10 RDI: 000055c90c2720f0 [ 130.551484] RBP: 000055c90c2720f0 R08: 00007f98000020e0 R09: 00007f98086d52d0 [ 130.551491] R10: 00007f980837d700 R11: 0000000000000202 R12: 00007f9800002430 [ 130.551499] R13: 0000000000000000 R14: 0000000000000000 R15: 00007f980837e0f0 [ 130.551514] [ 130.551518] kmemleak: Object (percpu) 0x607f1a62cba8 (size 8): [ 130.551525] kmemleak: comm "(ogrotate)", pid 4188, jiffies 4294797325 [ 130.551531] kmemleak: min_count = 1 [ 130.551535] kmemleak: count = 0 [ 130.551539] kmemleak: flags = 0x21 [ 130.551542] kmemleak: checksum = 0 [ 130.551547] kmemleak: backtrace: [ 130.551551] pcpu_alloc_noprof+0x87a/0x1170 [ 130.551567] alloc_vfsmnt+0x135/0x6e0 [ 130.551582] clone_mnt+0x6c/0xb70 [ 130.551596] copy_tree+0x34b/0xaf0 [ 130.551606] copy_mnt_ns+0x1ab/0xab0 [ 130.551616] create_new_namespaces+0xd6/0xab0 [ 130.551633] unshare_nsproxy_namespaces+0xc0/0x200 [ 130.551649] ksys_unshare+0x468/0xa10 [ 130.551659] __x64_sys_unshare+0x31/0x40 [ 130.551670] do_syscall_64+0xbf/0x360 [ 130.551678] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 130.721627] kmemleak: Found object by alias at 0x607f1a62cbac [ 130.721648] CPU: 0 UID: 0 PID: 4259 Comm: isc-worker0000 Tainted: G W 6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) [ 130.721666] Tainted: [W]=WARN [ 130.721670] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 130.721677] Call Trace: [ 130.721681] [ 130.721686] dump_stack_lvl+0xca/0x120 [ 130.721712] __lookup_object+0x94/0xb0 [ 130.721729] delete_object_full+0x27/0x70 [ 130.721745] free_percpu+0x30/0x1160 [ 130.721761] ? arch_uprobe_clear_state+0x16/0x140 [ 130.721781] futex_hash_free+0x38/0xc0 [ 130.721801] mmput+0x2d3/0x390 [ 130.721819] begin_new_exec+0x14bd/0x36c0 [ 130.721835] ? kernel_read+0xcb/0x230 [ 130.721849] load_elf_binary+0x855/0x4f70 [ 130.721872] ? load_misc_binary+0x979/0xcd0 [ 130.721890] ? __pfx_load_elf_binary+0x10/0x10 [ 130.721904] ? find_held_lock+0x2b/0x80 [ 130.721922] ? bprm_execve+0x8b7/0x15a0 [ 130.721932] ? lock_release+0xc8/0x290 [ 130.721948] bprm_execve+0x8d9/0x15a0 [ 130.721962] ? __pfx_bprm_execve+0x10/0x10 [ 130.721977] do_execveat_common+0x5b2/0x770 [ 130.721989] ? __pfx_do_execveat_common+0x10/0x10 [ 130.722002] ? getname_flags.part.0+0x1c6/0x540 [ 130.722022] __x64_sys_execve+0x95/0xc0 [ 130.722035] do_syscall_64+0xbf/0x360 [ 130.722047] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 130.722059] RIP: 0033:0x7f98087ab6c7 [ 130.722072] Code: Unable to access opcode bytes at 0x7f98087ab69d. [ 130.722077] RSP: 002b:00007f980837bc18 EFLAGS: 00000202 ORIG_RAX: 000000000000003b [ 130.722089] RAX: ffffffffffffffda RBX: 000055c91711dca0 RCX: 00007f98087ab6c7 [ 130.722097] RDX: 00007f9800003980 RSI: 00007f980837bc30 RDI: 000055c90c2720f0 [ 130.722104] RBP: 000055c90c2720f0 R08: 00007f98000020e0 R09: 00007f98086d52d0 [ 130.722111] R10: 00007f980837d700 R11: 0000000000000202 R12: 00007f9800003980 [ 130.722118] R13: 0000000000000000 R14: 000055c90c254ed8 R15: 000055c90c27e630 [ 130.722135] [ 130.722138] kmemleak: Object (percpu) 0x607f1a62cba8 (size 8): [ 130.722145] kmemleak: comm "(ogrotate)", pid 4188, jiffies 4294797325 [ 130.722152] kmemleak: min_count = 1 [ 130.722156] kmemleak: count = 0 [ 130.722160] kmemleak: flags = 0x21 [ 130.722163] kmemleak: checksum = 0 [ 130.722167] kmemleak: backtrace: [ 130.722171] pcpu_alloc_noprof+0x87a/0x1170 [ 130.722185] alloc_vfsmnt+0x135/0x6e0 [ 130.722199] clone_mnt+0x6c/0xb70 [ 130.722213] copy_tree+0x34b/0xaf0 [ 130.722223] copy_mnt_ns+0x1ab/0xab0 [ 130.722233] create_new_namespaces+0xd6/0xab0 [ 130.722250] unshare_nsproxy_namespaces+0xc0/0x200 [ 130.722266] ksys_unshare+0x468/0xa10 [ 130.722276] __x64_sys_unshare+0x31/0x40 [ 130.722287] do_syscall_64+0xbf/0x360 [ 130.722296] entry_SYSCALL_64_after_hwframe+0x77/0x7f 03:33:20 executing program 0: utime(0x0, 0xffffffffffffffff) 03:33:20 executing program 7: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000000)='ns\x00') openat(r0, &(0x7f0000000140)='./cgroup/cgroup.procs\x00', 0x0, 0x0) 03:33:20 executing program 6: r0 = socket$unix(0x1, 0x1, 0x0) recvmmsg$unix(r0, &(0x7f0000002e80)=[{{0x0, 0x0, &(0x7f0000001580)=[{0x0}, {0x0}], 0x2}}], 0x1, 0x0, 0x0) 03:33:20 executing program 5: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$netlink(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)=[{&(0x7f00000000c0)={0x18, 0x12, 0xffffffffffffffff, 0x0, 0x0, "", [@typed={0x5, 0x0, 0x0, 0x0, @str='\x00'}]}, 0x18}], 0x1}, 0x0) 03:33:20 executing program 3: r0 = syz_open_dev$usbmon(&(0x7f0000000c00), 0x0, 0x0) r1 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000040)) 03:33:20 executing program 4: perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_open_dev$evdev(&(0x7f0000000080), 0x1, 0x0) ioctl$EVIOCSREP(r0, 0x40084503, &(0x7f0000000000)=[0xfa000000]) 03:33:20 executing program 1: perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$sock_inet6_SIOCADDRT(r0, 0x6805, 0x0) 03:33:20 executing program 2: r0 = add_key$fscrypt_v1(&(0x7f0000000000), &(0x7f0000000040), &(0x7f0000000080)={0x0, "79104f3aee507297d082b74a0b6b571600293a7c86d486a506f35998c9da489c4132d9a77037b7efe7a5f06afff448639d2cb46e92e69abe6208462327b0e81e"}, 0x48, 0xfffffffffffffffd) keyctl$KEYCTL_PKEY_QUERY(0x18, r0, 0x0, &(0x7f0000000100)='\x00', 0x0) 03:33:20 executing program 2: perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0) r1 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x40001) r2 = dup2(r1, r0) write$binfmt_aout(r2, &(0x7f0000000080)=ANY=[], 0x2e) ioctl$SG_IO(r2, 0x2285, &(0x7f00000022c0)={0x53, 0x0, 0x0, 0x0, @scatter={0x0, 0x0, 0x0}, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0}) 03:33:20 executing program 4: perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_open_dev$evdev(&(0x7f0000000080), 0x1, 0x0) ioctl$EVIOCSREP(r0, 0x40084503, &(0x7f0000000000)=[0xfa000000]) 03:33:20 executing program 5: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$netlink(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)=[{&(0x7f00000000c0)={0x18, 0x12, 0xffffffffffffffff, 0x0, 0x0, "", [@typed={0x5, 0x0, 0x0, 0x0, @str='\x00'}]}, 0x18}], 0x1}, 0x0) 03:33:20 executing program 0: utime(0x0, 0xffffffffffffffff) 03:33:20 executing program 3: r0 = syz_open_dev$usbmon(&(0x7f0000000c00), 0x0, 0x0) r1 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000040)) 03:33:20 executing program 1: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f0000000740)={0xa, 0x4e23, 0x0, @empty}, 0x1c) connect$inet6(r0, &(0x7f0000000040)={0xa, 0x4e23, 0x0, @empty}, 0x1c) socket$packet(0x11, 0x0, 0x300) sendmmsg$inet6(r0, &(0x7f0000003040)=[{{0x0, 0x0, &(0x7f0000000500)=[{&(0x7f00000001c0)="db4d31d6805ecdac87307b", 0xb}, {0x0}], 0x2, &(0x7f0000000580)}}, {{0x0, 0x0, 0x0}}, {{0x0, 0x0, &(0x7f0000002d80)}}], 0x3, 0x44894) getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(r0, 0x6, 0x23, &(0x7f0000000100)={&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000000140)=0x40) 03:33:20 executing program 4: perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_open_dev$evdev(&(0x7f0000000080), 0x1, 0x0) ioctl$EVIOCSREP(r0, 0x40084503, &(0x7f0000000000)=[0xfa000000]) 03:33:20 executing program 1: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f0000000740)={0xa, 0x4e23, 0x0, @empty}, 0x1c) connect$inet6(r0, &(0x7f0000000040)={0xa, 0x4e23, 0x0, @empty}, 0x1c) socket$packet(0x11, 0x0, 0x300) sendmmsg$inet6(r0, &(0x7f0000003040)=[{{0x0, 0x0, &(0x7f0000000500)=[{&(0x7f00000001c0)="db4d31d6805ecdac87307b", 0xb}, {0x0}], 0x2, &(0x7f0000000580)}}, {{0x0, 0x0, 0x0}}, {{0x0, 0x0, &(0x7f0000002d80)}}], 0x3, 0x44894) getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(r0, 0x6, 0x23, &(0x7f0000000100)={&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000000140)=0x40) 03:33:20 executing program 2: io_setup(0x1, &(0x7f0000000040)) perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) setpgid(0x0, 0x0) openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x40002, 0x0) perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = fork() waitid(0x1, r0, &(0x7f0000000040), 0x3, &(0x7f0000000cc0)) 03:33:20 executing program 0: utime(0x0, 0xffffffffffffffff) 03:33:20 executing program 3: r0 = syz_open_dev$usbmon(&(0x7f0000000c00), 0x0, 0x0) r1 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000040)) 03:33:20 executing program 1: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f0000000740)={0xa, 0x4e23, 0x0, @empty}, 0x1c) connect$inet6(r0, &(0x7f0000000040)={0xa, 0x4e23, 0x0, @empty}, 0x1c) socket$packet(0x11, 0x0, 0x300) sendmmsg$inet6(r0, &(0x7f0000003040)=[{{0x0, 0x0, &(0x7f0000000500)=[{&(0x7f00000001c0)="db4d31d6805ecdac87307b", 0xb}, {0x0}], 0x2, &(0x7f0000000580)}}, {{0x0, 0x0, 0x0}}, {{0x0, 0x0, &(0x7f0000002d80)}}], 0x3, 0x44894) getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(r0, 0x6, 0x23, &(0x7f0000000100)={&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000000140)=0x40) 03:33:20 executing program 3: r0 = syz_open_dev$usbmon(&(0x7f0000000c00), 0x0, 0x0) r1 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000040)) 03:33:20 executing program 2: io_setup(0x1, &(0x7f0000000040)) perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) setpgid(0x0, 0x0) openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x40002, 0x0) perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = fork() waitid(0x1, r0, &(0x7f0000000040), 0x3, &(0x7f0000000cc0)) 03:33:20 executing program 1: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f0000000740)={0xa, 0x4e23, 0x0, @empty}, 0x1c) connect$inet6(r0, &(0x7f0000000040)={0xa, 0x4e23, 0x0, @empty}, 0x1c) socket$packet(0x11, 0x0, 0x300) sendmmsg$inet6(r0, &(0x7f0000003040)=[{{0x0, 0x0, &(0x7f0000000500)=[{&(0x7f00000001c0)="db4d31d6805ecdac87307b", 0xb}, {0x0}], 0x2, &(0x7f0000000580)}}, {{0x0, 0x0, 0x0}}, {{0x0, 0x0, &(0x7f0000002d80)}}], 0x3, 0x44894) getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(r0, 0x6, 0x23, &(0x7f0000000100)={&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000000140)=0x40) 03:33:20 executing program 2: io_setup(0x1, &(0x7f0000000040)) perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) setpgid(0x0, 0x0) openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x40002, 0x0) perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = fork() waitid(0x1, r0, &(0x7f0000000040), 0x3, &(0x7f0000000cc0)) 03:33:21 executing program 2: io_setup(0x1, &(0x7f0000000040)) perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) setpgid(0x0, 0x0) openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x40002, 0x0) perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = fork() waitid(0x1, r0, &(0x7f0000000040), 0x3, &(0x7f0000000cc0)) 03:33:21 executing program 7: io_setup(0x1, &(0x7f0000000040)) perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) setpgid(0x0, 0x0) openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x40002, 0x0) perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = fork() waitid(0x1, r0, &(0x7f0000000040), 0x3, &(0x7f0000000cc0)) 03:33:21 executing program 6: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/devices.allow\x00', 0x121802, 0x0) write$cgroup_devices(r0, &(0x7f00000004c0)={'b', ' *:* ', 'rwm\x00'}, 0xa) 03:33:21 executing program 1: ftruncate(0xffffffffffffffff, 0xfffffffffffffff9) 03:33:21 executing program 0: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_calipso(&(0x7f0000000280), r1) sendmsg$NLBL_CALIPSO_C_LIST(r0, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f00000003c0)={0x1c, r2, 0x1, 0x0, 0x0, {}, [@NLBL_CALIPSO_A_DOI={0x8}]}, 0x1c}}, 0x0) 03:33:21 executing program 4: r0 = memfd_create(&(0x7f0000000000)=':^/\x00', 0x7) lseek(r0, 0x0, 0x3) 03:33:21 executing program 3: r0 = io_uring_setup(0x3e96, &(0x7f0000000140)={0x0, 0x0, 0x1}) io_uring_enter(r0, 0x743d, 0x326c, 0x0, 0x0, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat$snapshot(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) close_range(r0, 0xffffffffffffffff, 0x0) 03:33:21 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x2, 0xc, 0x0) 03:33:21 executing program 2: r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @loopback}, 0x1c) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) sendmmsg$inet6(r0, &(0x7f0000006140)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, 0x0, 0x0, &(0x7f0000000080)=[@hopopts_2292={{0x28, 0x29, 0x36, {0x0, 0x200000000000038a, '\x00', [@enc_lim, @pad1, @pad1, @enc_lim]}}}], 0x28}}], 0x2, 0x0) 03:33:21 executing program 4: creat(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x0, 0x0) preadv2(r0, 0x0, 0x0, 0x0, 0x0, 0x0) [ 130.961968] kmemleak: Cannot insert 0x607f1a62cbac into the object search tree (overlaps existing) [ 130.961989] CPU: 1 UID: 0 PID: 4288 Comm: syz-executor.2 Tainted: G W 6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) [ 130.962009] Tainted: [W]=WARN [ 130.962013] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 130.962021] Call Trace: [ 130.962025] [ 130.962031] dump_stack_lvl+0xca/0x120 [ 130.962059] __link_object+0x190/0x210 [ 130.962080] __create_object+0x48/0x80 [ 130.962099] pcpu_alloc_noprof+0x87a/0x1170 [ 130.962125] bpf_prog_alloc_no_stats+0x14d/0x440 [ 130.962148] ? __pfx_seccomp_check_filter+0x10/0x10 [ 130.962165] bpf_prog_alloc+0x39/0x200 [ 130.962184] ? __pfx_seccomp_check_filter+0x10/0x10 [ 130.962199] bpf_prog_create_from_user+0xb2/0x2f0 [ 130.962221] do_seccomp+0x349/0x25e0 [ 130.962236] ? __pfx___schedule+0x10/0x10 [ 130.962253] ? find_held_lock+0x2b/0x80 [ 130.962275] ? __pfx_do_seccomp+0x10/0x10 [ 130.962291] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 130.962313] ? trace_irq_enable.constprop.0+0xc2/0x100 [ 130.962334] do_syscall_64+0xbf/0x360 [ 130.962347] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 130.962361] RIP: 0033:0x7febae897b19 [ 130.962370] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 130.962383] RSP: 002b:00007febabdec188 EFLAGS: 00000246 ORIG_RAX: 000000000000013d [ 130.962396] RAX: ffffffffffffffda RBX: 00007febae9ab020 RCX: 00007febae897b19 [ 130.962405] RDX: 00000000200000c0 RSI: 0000000000000000 RDI: 0000000000000001 [ 130.962413] RBP: 00007febae8f1f6d R08: 0000000000000000 R09: 0000000000000000 [ 130.962420] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 130.962428] R13: 00007fff539174ff R14: 00007febabdec300 R15: 0000000000022000 [ 130.962446] [ 130.962965] kmemleak: Kernel memory leak detector disabled [ 130.962970] kmemleak: Object (percpu) 0x607f1a62cba8 (size 8): [ 130.962977] kmemleak: comm "(ogrotate)", pid 4188, jiffies 4294797325 [ 130.962985] kmemleak: min_count = 1 [ 130.962989] kmemleak: count = 0 [ 130.962993] kmemleak: flags = 0x21 [ 130.962997] kmemleak: checksum = 0 [ 130.963002] kmemleak: backtrace: [ 130.963005] pcpu_alloc_noprof+0x87a/0x1170 [ 130.963022] alloc_vfsmnt+0x135/0x6e0 [ 130.963037] clone_mnt+0x6c/0xb70 [ 130.963053] copy_tree+0x34b/0xaf0 [ 130.963064] copy_mnt_ns+0x1ab/0xab0 [ 130.963076] create_new_namespaces+0xd6/0xab0 [ 130.963095] unshare_nsproxy_namespaces+0xc0/0x200 [ 130.963113] ksys_unshare+0x468/0xa10 [ 130.963126] __x64_sys_unshare+0x31/0x40 [ 130.963139] do_syscall_64+0xbf/0x360 [ 130.963148] entry_SYSCALL_64_after_hwframe+0x77/0x7f 03:33:21 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./mnt\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="1000000040000000030000002b00000005000000010000000000000000000000002000000020000010000000000000009f09c75f0000ffff53ef", 0x3a, 0x400}, {&(0x7f0000010100)="000000000000000000000000000000000000000000000000000000005178aedb030000001300000023", 0x29, 0x7e0}, {&(0x7f0000010ce0)="00000000000000000000000000000000000000000000000000000000c99b0000ed410000000400009f09c75f9f09c75f9f09c75f000000000000030002000000000008", 0x43, 0x8c60}], 0x0, &(0x7f0000000780)) 03:33:21 executing program 1: ftruncate(0xffffffffffffffff, 0xfffffffffffffff9) [ 130.990905] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 130.991691] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 131.003972] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 131.006901] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 131.007426] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 131.013549] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 131.019752] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 131.025382] kmemleak: Found object by alias at 0x607f1a62cbac [ 131.025397] CPU: 0 UID: 0 PID: 59 Comm: kworker/0:2 Tainted: G W 6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) [ 131.025415] Tainted: [W]=WARN [ 131.025419] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 131.025427] Workqueue: events bpf_prog_free_deferred [ 131.025444] Call Trace: [ 131.025448] [ 131.025453] dump_stack_lvl+0xca/0x120 [ 131.025474] __lookup_object+0x94/0xb0 [ 131.025490] delete_object_full+0x27/0x70 [ 131.025506] free_percpu+0x30/0x1160 [ 131.025526] __bpf_prog_free+0x12f/0x190 [ 131.025545] bpf_prog_free_deferred+0x2e5/0x420 [ 131.025560] process_one_work+0x8e1/0x19c0 [ 131.025582] ? __pfx_process_one_work+0x10/0x10 [ 131.025595] ? move_linked_works+0x172/0x270 [ 131.025616] ? assign_work+0x196/0x240 [ 131.025631] worker_thread+0x67e/0xe90 [ 131.025645] ? trace_irq_enable.constprop.0+0xc2/0x100 [ 131.025662] ? __pfx_worker_thread+0x10/0x10 [ 131.025677] kthread+0x3c8/0x740 [ 131.025690] ? __pfx_kthread+0x10/0x10 [ 131.025701] ? ret_from_fork+0x23/0x430 [ 131.025720] ? lock_release+0xc8/0x290 [ 131.025734] ? __pfx_kthread+0x10/0x10 [ 131.025747] ret_from_fork+0x34b/0x430 [ 131.025763] ? __pfx_kthread+0x10/0x10 [ 131.025775] ret_from_fork_asm+0x1a/0x30 [ 131.025805] [ 131.025809] kmemleak: Object (percpu) 0x607f1a62cba8 (size 8): [ 131.025816] kmemleak: comm "(ogrotate)", pid 4188, jiffies 4294797325 [ 131.025823] kmemleak: min_count = 1 [ 131.025827] kmemleak: count = 0 [ 131.025831] kmemleak: flags = 0x21 [ 131.025834] kmemleak: checksum = 0 [ 131.025838] kmemleak: backtrace: [ 131.025842] pcpu_alloc_noprof+0x87a/0x1170 [ 131.025856] alloc_vfsmnt+0x135/0x6e0 [ 131.025870] clone_mnt+0x6c/0xb70 [ 131.025883] copy_tree+0x34b/0xaf0 [ 131.025893] copy_mnt_ns+0x1ab/0xab0 [ 131.025904] create_new_namespaces+0xd6/0xab0 [ 131.025919] unshare_nsproxy_namespaces+0xc0/0x200 [ 131.025935] ksys_unshare+0x468/0xa10 [ 131.025947] __x64_sys_unshare+0x31/0x40 [ 131.025958] do_syscall_64+0xbf/0x360 [ 131.025967] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 131.054012] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 131.056869] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 131.058218] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 131.058721] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 131.061113] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 131.063404] Bluetooth: hci6: Opcode 0x0c1a failed: -4 [ 131.063910] Bluetooth: hci6: Opcode 0x0406 failed: -4 [ 131.082613] Bluetooth: hci6: Opcode 0x0406 failed: -4 [ 131.089364] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 131.089875] Bluetooth: hci4: Opcode 0x0406 failed: -4 [ 131.095181] Bluetooth: hci4: Opcode 0x0406 failed: -4 [ 131.102690] Bluetooth: hci7: Opcode 0x0c1a failed: -4 [ 131.103171] Bluetooth: hci7: Opcode 0x0406 failed: -4 [ 131.109209] Bluetooth: hci5: Opcode 0x0c1a failed: -4 [ 131.109781] Bluetooth: hci5: Opcode 0x0406 failed: -4 [ 131.111499] Bluetooth: hci5: Opcode 0x0406 failed: -4 [ 131.117147] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 131.117664] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 131.118863] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 131.119967] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 131.120711] Bluetooth: hci6: Opcode 0x0c1a failed: -4 [ 131.121297] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 131.122039] Bluetooth: hci7: Opcode 0x0c1a failed: -4 [ 131.122561] Bluetooth: hci5: Opcode 0x0c1a failed: -4 03:33:21 executing program 6: r0 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) lseek(r0, 0x0, 0x0) 03:33:21 executing program 5: perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xec, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$NL80211_CMD_START_AP(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)={0x44, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8}, @void}}, [@beacon=[@NL80211_ATTR_BEACON_HEAD={0x28, 0xe, {@wo_ht={{0x0, 0x2}, {}, @broadcast, @device_a, @from_mac}, 0x0, @default, 0x0, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void}}]]}, 0x44}}, 0x0) 03:33:21 executing program 4: syz_mount_image$iso9660(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='rpc_pipefs\x00', 0x0, 0x0) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) umount2(&(0x7f0000000000)='./file0\x00', 0x0) 03:33:21 executing program 1: ftruncate(0xffffffffffffffff, 0xfffffffffffffff9) 03:33:21 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./mnt\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="1000000040000000030000002b00000005000000010000000000000000000000002000000020000010000000000000009f09c75f0000ffff53ef", 0x3a, 0x400}, {&(0x7f0000010100)="000000000000000000000000000000000000000000000000000000005178aedb030000001300000023", 0x29, 0x7e0}, {&(0x7f0000010ce0)="00000000000000000000000000000000000000000000000000000000c99b0000ed410000000400009f09c75f9f09c75f9f09c75f000000000000030002000000000008", 0x43, 0x8c60}], 0x0, &(0x7f0000000780)) 03:33:21 executing program 7: io_setup(0x1, &(0x7f0000000040)) perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) setpgid(0x0, 0x0) openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x40002, 0x0) perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = fork() waitid(0x1, r0, &(0x7f0000000040), 0x3, &(0x7f0000000cc0)) 03:33:21 executing program 2: r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @loopback}, 0x1c) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) sendmmsg$inet6(r0, &(0x7f0000006140)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, 0x0, 0x0, &(0x7f0000000080)=[@hopopts_2292={{0x28, 0x29, 0x36, {0x0, 0x200000000000038a, '\x00', [@enc_lim, @pad1, @pad1, @enc_lim]}}}], 0x28}}], 0x2, 0x0) 03:33:21 executing program 3: r0 = io_uring_setup(0x3e96, &(0x7f0000000140)={0x0, 0x0, 0x1}) io_uring_enter(r0, 0x743d, 0x326c, 0x0, 0x0, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat$snapshot(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) close_range(r0, 0xffffffffffffffff, 0x0) 03:33:21 executing program 4: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000a00)=@delpolicy={0x64, 0x14, 0x1, 0x0, 0x0, {{@in=@empty, @in=@remote, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xee01}}, [@policy_type={0xa}, @XFRMA_IF_ID={0x8}]}, 0x64}}, 0x0) 03:33:21 executing program 6: r0 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) lseek(r0, 0x0, 0x0) 03:33:21 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./mnt\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="1000000040000000030000002b00000005000000010000000000000000000000002000000020000010000000000000009f09c75f0000ffff53ef", 0x3a, 0x400}, {&(0x7f0000010100)="000000000000000000000000000000000000000000000000000000005178aedb030000001300000023", 0x29, 0x7e0}, {&(0x7f0000010ce0)="00000000000000000000000000000000000000000000000000000000c99b0000ed410000000400009f09c75f9f09c75f9f09c75f000000000000030002000000000008", 0x43, 0x8c60}], 0x0, &(0x7f0000000780)) 03:33:21 executing program 1: ftruncate(0xffffffffffffffff, 0xfffffffffffffff9) 03:33:21 executing program 4: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000a00)=@delpolicy={0x64, 0x14, 0x1, 0x0, 0x0, {{@in=@empty, @in=@remote, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xee01}}, [@policy_type={0xa}, @XFRMA_IF_ID={0x8}]}, 0x64}}, 0x0) 03:33:21 executing program 6: r0 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) lseek(r0, 0x0, 0x0) 03:33:21 executing program 5: perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xec, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$NL80211_CMD_START_AP(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)={0x44, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8}, @void}}, [@beacon=[@NL80211_ATTR_BEACON_HEAD={0x28, 0xe, {@wo_ht={{0x0, 0x2}, {}, @broadcast, @device_a, @from_mac}, 0x0, @default, 0x0, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void}}]]}, 0x44}}, 0x0) [ 131.278231] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 131.278776] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 131.280121] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 131.282952] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 131.284038] Bluetooth: hci6: Opcode 0x0c1a failed: -4 [ 131.286880] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 131.288903] Bluetooth: hci7: Opcode 0x0c1a failed: -4 [ 131.289707] Bluetooth: hci5: Opcode 0x0c1a failed: -4 03:33:21 executing program 2: r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @loopback}, 0x1c) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) sendmmsg$inet6(r0, &(0x7f0000006140)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, 0x0, 0x0, &(0x7f0000000080)=[@hopopts_2292={{0x28, 0x29, 0x36, {0x0, 0x200000000000038a, '\x00', [@enc_lim, @pad1, @pad1, @enc_lim]}}}], 0x28}}], 0x2, 0x0) 03:33:21 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./mnt\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="1000000040000000030000002b00000005000000010000000000000000000000002000000020000010000000000000009f09c75f0000ffff53ef", 0x3a, 0x400}, {&(0x7f0000010100)="000000000000000000000000000000000000000000000000000000005178aedb030000001300000023", 0x29, 0x7e0}, {&(0x7f0000010ce0)="00000000000000000000000000000000000000000000000000000000c99b0000ed410000000400009f09c75f9f09c75f9f09c75f000000000000030002000000000008", 0x43, 0x8c60}], 0x0, &(0x7f0000000780)) 03:33:21 executing program 4: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000a00)=@delpolicy={0x64, 0x14, 0x1, 0x0, 0x0, {{@in=@empty, @in=@remote, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xee01}}, [@policy_type={0xa}, @XFRMA_IF_ID={0x8}]}, 0x64}}, 0x0) 03:33:21 executing program 6: r0 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) lseek(r0, 0x0, 0x0) 03:33:21 executing program 3: r0 = io_uring_setup(0x3e96, &(0x7f0000000140)={0x0, 0x0, 0x1}) io_uring_enter(r0, 0x743d, 0x326c, 0x0, 0x0, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat$snapshot(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) close_range(r0, 0xffffffffffffffff, 0x0) 03:33:21 executing program 5: perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xec, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$NL80211_CMD_START_AP(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)={0x44, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8}, @void}}, [@beacon=[@NL80211_ATTR_BEACON_HEAD={0x28, 0xe, {@wo_ht={{0x0, 0x2}, {}, @broadcast, @device_a, @from_mac}, 0x0, @default, 0x0, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void}}]]}, 0x44}}, 0x0) 03:33:21 executing program 7: io_setup(0x1, &(0x7f0000000040)) perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) setpgid(0x0, 0x0) openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x40002, 0x0) perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = fork() waitid(0x1, r0, &(0x7f0000000040), 0x3, &(0x7f0000000cc0)) 03:33:21 executing program 1: rt_tgsigqueueinfo(0x0, 0x0, 0x5, &(0x7f0000000200)={0x0, 0x0, 0x3ff}) [ 131.354008] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000032: 0000 [#1] SMP KASAN NOPTI [ 131.354985] KASAN: null-ptr-deref in range [0x0000000000000190-0x0000000000000197] [ 131.355579] CPU: 1 UID: 0 PID: 252 Comm: syz-fuzzer Tainted: G W 6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) [ 131.357320] Tainted: [W]=WARN [ 131.358060] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 131.359716] RIP: 0010:perf_tp_event+0x175/0xe70 [ 131.360761] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01 [ 131.364887] RSP: 0018:ffff888018457780 EFLAGS: 00010012 [ 131.365301] RAX: 0000000000000032 RBX: ffffffffffffffa1 RCX: 0000000000000002 [ 131.365855] RDX: ffff888016358000 RSI: ffffffff818995b7 RDI: 0000000000000191 [ 131.366418] RBP: ffff8880184579f0 R08: ffff88806cf31340 R09: ffffe8ffffd09ba8 [ 131.366973] R10: 0000000000000000 R11: 0000000000000001 R12: dffffc0000000000 [ 131.367529] R13: 0000000000000014 R14: ffff88806cf31340 R15: dffffc0000000000 [ 131.368089] FS: 000000c000030410(0000) GS:ffff8880e56dd000(0000) knlGS:0000000000000000 [ 131.368723] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 131.369187] CR2: 00007fbe8929e000 CR3: 00000000200ad000 CR4: 0000000000350ef0 [ 131.369744] Call Trace: [ 131.369952] [ 131.370136] ? __pfx_perf_tp_event+0x10/0x10 [ 131.370489] ? __lock_acquire+0xc65/0x1b70 [ 131.370827] ? __lock_acquire+0xc65/0x1b70 [ 131.371162] ? finish_task_switch.isra.0+0x201/0x840 [ 131.371572] ? perf_trace_run_bpf_submit+0xef/0x180 [ 131.371964] ? __lock_acquire+0xc65/0x1b70 [ 131.372302] perf_trace_run_bpf_submit+0xef/0x180 [ 131.372691] perf_trace_preemptirq_template+0x259/0x430 [ 131.373117] ? __mutex_unlock_slowpath+0x157/0x750 [ 131.373509] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 131.373974] ? _raw_spin_lock_irqsave+0x53/0x60 [ 131.374345] trace_irq_disable.constprop.0+0xa6/0x100 [ 131.374753] _raw_spin_lock_irqsave+0x53/0x60 [ 131.375108] try_to_wake_up+0xa0/0x11d0 [ 131.375437] ? __pfx_try_to_wake_up+0x10/0x10 [ 131.375799] ? plist_del+0x122/0x270 [ 131.376100] ? find_held_lock+0x2b/0x80 [ 131.376422] ? futex_wake+0x474/0x540 [ 131.376738] wake_up_q+0xa1/0x130 [ 131.377022] futex_wake+0x47e/0x540 [ 131.377315] ? __pfx_futex_wake+0x10/0x10 [ 131.377645] ? __pfx_do_epoll_wait+0x10/0x10 [ 131.378001] do_futex+0x26d/0x370 [ 131.378280] ? __pfx_do_futex+0x10/0x10 [ 131.378597] ? __pfx_set_user_sigmask+0x10/0x10 [ 131.378972] __x64_sys_futex+0x1c9/0x4d0 [ 131.379294] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 131.379756] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 131.380225] ? __pfx___x64_sys_futex+0x10/0x10 [ 131.380597] ? xfd_validate_state+0x55/0x180 [ 131.380955] ? __pfx_ksys_read+0x10/0x10 [ 131.381279] do_syscall_64+0xbf/0x360 [ 131.381581] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 131.381985] RIP: 0033:0x466533 [ 131.382249] Code: 24 20 c3 cc cc cc cc 48 8b 7c 24 08 8b 74 24 10 8b 54 24 14 4c 8b 54 24 18 4c 8b 44 24 20 44 8b 4c 24 28 b8 ca 00 00 00 0f 05 <89> 44 24 30 c3 cc cc cc cc cc cc cc cc 8b 7c 24 08 48 8b 74 24 10 [ 131.383665] RSP: 002b:000000c000041f30 EFLAGS: 00000202 ORIG_RAX: 00000000000000ca [ 131.384258] RAX: ffffffffffffffda RBX: 000000c000041fd0 RCX: 0000000000466533 [ 131.384821] RDX: 0000000000000001 RSI: 0000000000000081 RDI: 0000000001f20e78 [ 131.385375] RBP: 000000c000041f80 R08: 0000000000000000 R09: 0000000000000000 [ 131.385932] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000003 [ 131.386485] R13: 000000c000000900 R14: 000000c0028665a0 R15: 0000000000000000 [ 131.387044] [ 131.387231] Modules linked in: [ 131.387486] ---[ end trace 0000000000000000 ]--- [ 131.387851] RIP: 0010:perf_tp_event+0x175/0xe70 [ 131.388222] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01 [ 131.389635] RSP: 0018:ffff888018457780 EFLAGS: 00010012 [ 131.390052] RAX: 0000000000000032 RBX: ffffffffffffffa1 RCX: 0000000000000002 [ 131.390608] RDX: ffff888016358000 RSI: ffffffff818995b7 RDI: 0000000000000191 [ 131.391161] RBP: ffff8880184579f0 R08: ffff88806cf31340 R09: ffffe8ffffd09ba8 [ 131.391718] R10: 0000000000000000 R11: 0000000000000001 R12: dffffc0000000000 [ 131.392272] R13: 0000000000000014 R14: ffff88806cf31340 R15: dffffc0000000000 [ 131.392834] FS: 000000c000030410(0000) GS:ffff8880e56dd000(0000) knlGS:0000000000000000 [ 131.393459] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 131.393913] CR2: 00007fbe8929e000 CR3: 00000000200ad000 CR4: 0000000000350ef0 [ 131.394478] note: syz-fuzzer[252] exited with irqs disabled [ 131.394966] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000032: 0000 [#2] SMP KASAN NOPTI [ 131.395841] KASAN: null-ptr-deref in range [0x0000000000000190-0x0000000000000197] [ 131.396442] CPU: 1 UID: 0 PID: 252 Comm: syz-fuzzer Tainted: G D W 6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) [ 131.397345] Tainted: [D]=DIE, [W]=WARN [ 131.397648] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 131.398286] RIP: 0010:perf_tp_event+0x175/0xe70 [ 131.398661] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01 [ 131.400066] RSP: 0018:ffff88806cf08ac0 EFLAGS: 00010012 [ 131.400491] RAX: 0000000000000032 RBX: ffffffffffffffa1 RCX: 0000000000000002 [ 131.401050] RDX: ffff888016358000 RSI: ffffffff818995b7 RDI: 0000000000000191 [ 131.401610] RBP: ffff88806cf08d30 R08: ffff88806cf313e8 R09: ffffe8ffffd09ba8 [ 131.402171] R10: 0000000000000000 R11: ffff88806cf37018 R12: dffffc0000000000 [ 131.402727] R13: 0000000000000014 R14: ffff88806cf313e8 R15: dffffc0000000000 [ 131.403291] FS: 000000c000030410(0000) GS:ffff8880e56dd000(0000) knlGS:0000000000000000 [ 131.403921] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 131.404378] CR2: 00007fbe8929e000 CR3: 00000000200ad000 CR4: 0000000000350ef0 [ 131.404945] Call Trace: [ 131.405153] [ 131.405338] ? __pfx_perf_tp_event+0x10/0x10 [ 131.405693] ? lock_release+0x1c7/0x290 [ 131.406010] ? do_raw_read_unlock+0x44/0xe0 [ 131.406354] ? _raw_read_unlock_irqrestore+0x22/0x50 [ 131.406758] ? css_rstat_updated+0x1b8/0x4d0 [ 131.407118] ? __pfx_css_rstat_updated+0x10/0x10 [ 131.407502] ? trace_pelt_se_tp+0xdf/0x130 [ 131.407840] ? __cgroup_account_cputime+0x31/0xc0 [ 131.408227] ? lock_acquire+0x18c/0x2f0 [ 131.408551] ? update_cfs_group+0x11d/0x260 [ 131.408893] ? lock_release+0x1c7/0x290 [ 131.409211] ? perf_trace_run_bpf_submit+0xef/0x180 [ 131.409607] perf_trace_run_bpf_submit+0xef/0x180 [ 131.409995] perf_trace_preemptirq_template+0x259/0x430 [ 131.410424] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 131.410892] ? timerqueue_add+0x1c2/0x330 [ 131.411223] ? lock_acquire+0x18c/0x2f0 [ 131.411541] ? sched_balance_update_blocked_averages+0xff6/0x18f0 [ 131.412028] trace_irq_disable.constprop.0+0xa6/0x100 [ 131.412435] sched_balance_update_blocked_averages+0xff6/0x18f0 [ 131.412922] ? ktime_get+0x16d/0x270 [ 131.413224] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 131.413687] ? __pfx_lapic_next_deadline+0x10/0x10 [ 131.414082] ? clockevents_program_event+0x135/0x360 [ 131.414487] ? tick_program_event+0xac/0x140 [ 131.414836] sched_balance_softirq+0xc6/0x150 [ 131.415199] handle_softirqs+0x1b1/0x770 [ 131.415530] __irq_exit_rcu+0xc4/0x100 [ 131.415848] irq_exit_rcu+0x9/0x20 [ 131.416131] sysvec_apic_timer_interrupt+0x70/0x80 [ 131.416538] [ 131.416718] [ 131.416903] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 131.417316] RIP: 0010:make_task_dead+0xa2/0x3b0 [ 131.417690] Code: 38 00 85 db 0f 84 21 01 00 00 e8 d9 96 38 00 9c 5b 81 e3 00 02 00 00 31 ff 48 89 de e8 27 92 38 00 48 85 db 0f 84 17 01 00 00 b9 96 38 00 31 ff 65 8b 1d 60 df 48 06 81 e3 ff ff ff 7f 89 de [ 131.419118] RSP: 0018:ffff888018457f28 EFLAGS: 00000246 [ 131.419538] RAX: 0000000000000001 RBX: ffff888016358000 RCX: ffffffff817c2b86 [ 131.420093] RDX: 0000000000000000 RSI: 0000000000000008 RDI: ffffffff813b5234 [ 131.420665] RBP: 000000000000000b R08: 0000000000000000 R09: 0000000000000000 [ 131.421220] R10: ffffffff8643ac57 R11: 0000000000000001 R12: ffff888016358000 [ 131.421775] R13: 0000000000000000 R14: dffffc0000000032 R15: 0000000000000000 [ 131.422340] ? trace_irq_enable.constprop.0+0x26/0x100 [ 131.422755] ? make_task_dead+0x214/0x3b0 [ 131.423085] ? make_task_dead+0x214/0x3b0 [ 131.423421] ? do_syscall_64+0xbf/0x360 [ 131.423733] rewind_stack_and_make_dead+0x16/0x20 [ 131.424120] RIP: 0033:0x466533 [ 131.424376] Code: 24 20 c3 cc cc cc cc 48 8b 7c 24 08 8b 74 24 10 8b 54 24 14 4c 8b 54 24 18 4c 8b 44 24 20 44 8b 4c 24 28 b8 ca 00 00 00 0f 05 <89> 44 24 30 c3 cc cc cc cc cc cc cc cc 8b 7c 24 08 48 8b 74 24 10 [ 131.425800] RSP: 002b:000000c000041f30 EFLAGS: 00000202 ORIG_RAX: 00000000000000ca [ 131.426401] RAX: ffffffffffffffda RBX: 000000c000041fd0 RCX: 0000000000466533 [ 131.426960] RDX: 0000000000000001 RSI: 0000000000000081 RDI: 0000000001f20e78 [ 131.427515] RBP: 000000c000041f80 R08: 0000000000000000 R09: 0000000000000000 [ 131.428076] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000003 [ 131.428636] R13: 000000c000000900 R14: 000000c0028665a0 R15: 0000000000000000 [ 131.429199] [ 131.429390] Modules linked in: [ 131.429647] ---[ end trace 0000000000000000 ]--- [ 131.430013] RIP: 0010:perf_tp_event+0x175/0xe70 [ 131.430391] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01 [ 131.431803] RSP: 0018:ffff888018457780 EFLAGS: 00010012 [ 131.432221] RAX: 0000000000000032 RBX: ffffffffffffffa1 RCX: 0000000000000002 [ 131.432781] RDX: ffff888016358000 RSI: ffffffff818995b7 RDI: 0000000000000191 [ 131.433336] RBP: ffff8880184579f0 R08: ffff88806cf31340 R09: ffffe8ffffd09ba8 [ 131.433894] R10: 0000000000000000 R11: 0000000000000001 R12: dffffc0000000000 [ 131.434457] R13: 0000000000000014 R14: ffff88806cf31340 R15: dffffc0000000000 [ 131.435015] FS: 000000c000030410(0000) GS:ffff8880e56dd000(0000) knlGS:0000000000000000 [ 131.435655] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 131.436113] CR2: 00007fbe8929e000 CR3: 00000000200ad000 CR4: 0000000000350ef0 [ 131.436682] Kernel panic - not syncing: Fatal exception in interrupt [ 131.437381] Kernel Offset: disabled [ 131.437669] ---[ end Kernel panic - not syncing: Fatal exception in interrupt ]--- VM DIAGNOSIS: 13:40:16 Registers: info registers vcpu 0 RAX=00000000000165e5 RBX=ffff88806cf3c300 RCX=ffffc90000a8f000 RDX=0000000000040000 RSI=ffffffff816880d6 RDI=0000000000000005 RBP=0000000000000003 RSP=ffff888047d877d8 R8 =0000000000000000 R9 =0000000000000000 R10=0000000000000001 R11=1ffff1100d9c6bb1 R12=ffffed100d9e7861 R13=ffff88806cf3c308 R14=0000000000000001 R15=dffffc0000000000 RIP=ffffffff8173e7e0 RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 00007febabe0d700 00000000 00000000 GS =0000 ffff8880e55dd000 00000000 00000000 LDT=0000 fffffe6d00000000 00000000 00000000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007febae8ec6b0 CR3=0000000047770000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=00000000000000000000000000000000 XMM01=00007febae97e7c000007febae97e7c8 XMM02=00007febae97e7e000007febae97e7c0 XMM03=00007febae97e7c800007febae97e7c0 XMM04=ffffffff0000ff00000000ff00000000 XMM05=00000000000000000000000000000000 XMM06=00000000000000000000000000000000 XMM07=00000000000000000000000000000000 XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000 XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000 info registers vcpu 1 RAX=0000000000000030 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff828e32c5 RDI=ffffffff88724180 RBP=ffffffff88724140 RSP=ffff888018457070 R8 =0000000000000000 R9 =ffffed100141d046 R10=0000000000000030 R11=0000000065646f43 R12=0000000000000030 R13=0000000000000010 R14=ffffffff88724140 R15=ffffffff828e32b0 RIP=ffffffff828e331d RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 000000c000030410 00000000 00000000 GS =0000 ffff8880e56dd000 00000000 00000000 LDT=0000 fffffe0100000000 00000000 00000000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007fbe8929e000 CR3=00000000200ad000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001fa0 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=00000000000000000000000000000000 XMM01=00000000000000000000000000000000 XMM02=652e29646e616d6d6f632a282e637069 XMM03=00000000000000000000000000000000 XMM04=2c307830286f666e6965756575716769 XMM05=3778302826202c357830202c30783020 XMM06=78307b3d293030323030303030303066 XMM07=0a297d6666337830202c307830202c30 XMM08=6f66203d2030720a29307830202c6666 XMM09=2c317830286469746961770a29286b72 XMM10=3030303030663778302826202c307220 XMM11=302826202c337830202c293034303030 XMM12=0a292930636330303030303030663778 XMM13=307830202c307830202c307830202c30 XMM14=2c307830202c307830202c307830202c XMM15=202c307830202c307830202c30783020