Warning: Permanently added '[localhost]:47877' (ECDSA) to the list of known hosts. 2024/10/17 00:53:37 fuzzer started 2024/10/17 00:53:37 dialing manager at localhost:46303 syzkaller login: [ 69.410452] cgroup: Unknown subsys name 'net' [ 69.502673] cgroup: Unknown subsys name 'cpuset' [ 69.530487] cgroup: Unknown subsys name 'rlimit' 2024/10/17 00:53:56 syscalls: 2217 2024/10/17 00:53:56 code coverage: enabled 2024/10/17 00:53:56 comparison tracing: enabled 2024/10/17 00:53:56 extra coverage: enabled 2024/10/17 00:53:56 setuid sandbox: enabled 2024/10/17 00:53:56 namespace sandbox: enabled 2024/10/17 00:53:56 Android sandbox: enabled 2024/10/17 00:53:56 fault injection: enabled 2024/10/17 00:53:56 leak checking: enabled 2024/10/17 00:53:56 net packet injection: enabled 2024/10/17 00:53:56 net device setup: enabled 2024/10/17 00:53:56 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2024/10/17 00:53:56 devlink PCI setup: PCI device 0000:00:10.0 is not available 2024/10/17 00:53:56 USB emulation: enabled 2024/10/17 00:53:56 hci packet injection: enabled 2024/10/17 00:53:56 wifi device emulation: enabled 2024/10/17 00:53:56 802.15.4 emulation: enabled 2024/10/17 00:53:56 fetching corpus: 0, signal 0/2000 (executing program) 2024/10/17 00:53:56 fetching corpus: 46, signal 24847/28312 (executing program) 2024/10/17 00:53:56 fetching corpus: 95, signal 34067/38960 (executing program) 2024/10/17 00:53:56 fetching corpus: 145, signal 40184/46407 (executing program) 2024/10/17 00:53:56 fetching corpus: 195, signal 45080/52622 (executing program) 2024/10/17 00:53:56 fetching corpus: 245, signal 50576/59263 (executing program) 2024/10/17 00:53:56 fetching corpus: 295, signal 54122/63942 (executing program) 2024/10/17 00:53:56 fetching corpus: 345, signal 61752/72329 (executing program) 2024/10/17 00:53:57 fetching corpus: 395, signal 65143/76688 (executing program) 2024/10/17 00:53:57 fetching corpus: 445, signal 69340/81648 (executing program) 2024/10/17 00:53:57 fetching corpus: 495, signal 71858/85122 (executing program) 2024/10/17 00:53:57 fetching corpus: 545, signal 74351/88502 (executing program) 2024/10/17 00:53:57 fetching corpus: 595, signal 76931/91880 (executing program) 2024/10/17 00:53:57 fetching corpus: 645, signal 79622/95316 (executing program) 2024/10/17 00:53:57 fetching corpus: 695, signal 82000/98471 (executing program) 2024/10/17 00:53:57 fetching corpus: 745, signal 84216/101393 (executing program) 2024/10/17 00:53:57 fetching corpus: 794, signal 85991/103894 (executing program) 2024/10/17 00:53:57 fetching corpus: 844, signal 88168/106767 (executing program) 2024/10/17 00:53:57 fetching corpus: 894, signal 90097/109307 (executing program) 2024/10/17 00:53:57 fetching corpus: 944, signal 91352/111280 (executing program) 2024/10/17 00:53:58 fetching corpus: 994, signal 93110/113623 (executing program) 2024/10/17 00:53:58 fetching corpus: 1044, signal 94726/115828 (executing program) 2024/10/17 00:53:58 fetching corpus: 1093, signal 96832/118410 (executing program) 2024/10/17 00:53:58 fetching corpus: 1143, signal 98583/120659 (executing program) 2024/10/17 00:53:58 fetching corpus: 1192, signal 99848/122441 (executing program) 2024/10/17 00:53:58 fetching corpus: 1241, signal 100692/123913 (executing program) 2024/10/17 00:53:58 fetching corpus: 1291, signal 101898/125590 (executing program) 2024/10/17 00:53:58 fetching corpus: 1341, signal 103390/127546 (executing program) 2024/10/17 00:53:58 fetching corpus: 1390, signal 104374/129146 (executing program) 2024/10/17 00:53:58 fetching corpus: 1440, signal 106229/131244 (executing program) 2024/10/17 00:53:59 fetching corpus: 1490, signal 107228/132733 (executing program) 2024/10/17 00:53:59 fetching corpus: 1540, signal 108158/134175 (executing program) 2024/10/17 00:53:59 fetching corpus: 1590, signal 109070/135594 (executing program) 2024/10/17 00:53:59 fetching corpus: 1640, signal 109907/136909 (executing program) 2024/10/17 00:53:59 fetching corpus: 1690, signal 111254/138512 (executing program) 2024/10/17 00:53:59 fetching corpus: 1740, signal 112284/139902 (executing program) 2024/10/17 00:53:59 fetching corpus: 1790, signal 113747/141517 (executing program) 2024/10/17 00:53:59 fetching corpus: 1840, signal 114491/142712 (executing program) 2024/10/17 00:53:59 fetching corpus: 1890, signal 115727/144152 (executing program) 2024/10/17 00:54:00 fetching corpus: 1939, signal 116658/145372 (executing program) 2024/10/17 00:54:00 fetching corpus: 1989, signal 117684/146707 (executing program) 2024/10/17 00:54:00 fetching corpus: 2037, signal 118334/147763 (executing program) 2024/10/17 00:54:00 fetching corpus: 2087, signal 119287/149005 (executing program) 2024/10/17 00:54:00 fetching corpus: 2137, signal 120049/150097 (executing program) 2024/10/17 00:54:00 fetching corpus: 2186, signal 120960/151248 (executing program) 2024/10/17 00:54:00 fetching corpus: 2236, signal 121820/152350 (executing program) 2024/10/17 00:54:00 fetching corpus: 2286, signal 122529/153362 (executing program) 2024/10/17 00:54:00 fetching corpus: 2336, signal 123575/154581 (executing program) 2024/10/17 00:54:00 fetching corpus: 2386, signal 124340/155597 (executing program) 2024/10/17 00:54:01 fetching corpus: 2436, signal 125036/156602 (executing program) 2024/10/17 00:54:01 fetching corpus: 2486, signal 125606/157473 (executing program) 2024/10/17 00:54:01 fetching corpus: 2536, signal 126568/158521 (executing program) 2024/10/17 00:54:01 fetching corpus: 2586, signal 127503/159577 (executing program) 2024/10/17 00:54:01 fetching corpus: 2636, signal 128239/160443 (executing program) 2024/10/17 00:54:01 fetching corpus: 2686, signal 129178/161413 (executing program) 2024/10/17 00:54:01 fetching corpus: 2736, signal 129739/162239 (executing program) 2024/10/17 00:54:01 fetching corpus: 2786, signal 130269/162996 (executing program) 2024/10/17 00:54:01 fetching corpus: 2836, signal 130995/163848 (executing program) 2024/10/17 00:54:01 fetching corpus: 2886, signal 131736/164677 (executing program) 2024/10/17 00:54:02 fetching corpus: 2936, signal 132140/165377 (executing program) 2024/10/17 00:54:02 fetching corpus: 2986, signal 132733/166178 (executing program) 2024/10/17 00:54:02 fetching corpus: 3036, signal 133411/166962 (executing program) 2024/10/17 00:54:02 fetching corpus: 3085, signal 133750/167595 (executing program) 2024/10/17 00:54:02 fetching corpus: 3135, signal 134269/168291 (executing program) 2024/10/17 00:54:02 fetching corpus: 3185, signal 134978/169059 (executing program) 2024/10/17 00:54:02 fetching corpus: 3235, signal 135443/169699 (executing program) 2024/10/17 00:54:02 fetching corpus: 3283, signal 135990/170346 (executing program) 2024/10/17 00:54:02 fetching corpus: 3333, signal 136505/171016 (executing program) 2024/10/17 00:54:03 fetching corpus: 3383, signal 137138/171655 (executing program) 2024/10/17 00:54:03 fetching corpus: 3431, signal 137625/172322 (executing program) 2024/10/17 00:54:03 fetching corpus: 3480, signal 138236/172964 (executing program) 2024/10/17 00:54:03 fetching corpus: 3530, signal 138718/173579 (executing program) 2024/10/17 00:54:03 fetching corpus: 3580, signal 139238/174176 (executing program) 2024/10/17 00:54:03 fetching corpus: 3630, signal 140074/174817 (executing program) 2024/10/17 00:54:03 fetching corpus: 3680, signal 140592/175399 (executing program) 2024/10/17 00:54:03 fetching corpus: 3730, signal 141173/175995 (executing program) 2024/10/17 00:54:04 fetching corpus: 3780, signal 141837/176555 (executing program) 2024/10/17 00:54:04 fetching corpus: 3829, signal 142316/177075 (executing program) 2024/10/17 00:54:04 fetching corpus: 3879, signal 143160/177642 (executing program) 2024/10/17 00:54:04 fetching corpus: 3929, signal 143588/178149 (executing program) 2024/10/17 00:54:04 fetching corpus: 3979, signal 144214/178652 (executing program) 2024/10/17 00:54:04 fetching corpus: 4029, signal 144545/179103 (executing program) 2024/10/17 00:54:04 fetching corpus: 4079, signal 145073/179566 (executing program) 2024/10/17 00:54:04 fetching corpus: 4129, signal 145595/180017 (executing program) 2024/10/17 00:54:05 fetching corpus: 4179, signal 145988/180420 (executing program) 2024/10/17 00:54:05 fetching corpus: 4229, signal 146490/180832 (executing program) 2024/10/17 00:54:05 fetching corpus: 4279, signal 146902/181238 (executing program) 2024/10/17 00:54:05 fetching corpus: 4329, signal 147554/181681 (executing program) 2024/10/17 00:54:05 fetching corpus: 4379, signal 148039/182073 (executing program) 2024/10/17 00:54:05 fetching corpus: 4429, signal 148551/182489 (executing program) 2024/10/17 00:54:05 fetching corpus: 4479, signal 150146/182891 (executing program) 2024/10/17 00:54:05 fetching corpus: 4529, signal 150730/183092 (executing program) 2024/10/17 00:54:05 fetching corpus: 4578, signal 151000/183092 (executing program) 2024/10/17 00:54:05 fetching corpus: 4628, signal 151364/183092 (executing program) 2024/10/17 00:54:06 fetching corpus: 4678, signal 151738/183092 (executing program) 2024/10/17 00:54:06 fetching corpus: 4728, signal 152309/183097 (executing program) 2024/10/17 00:54:06 fetching corpus: 4777, signal 152543/183097 (executing program) 2024/10/17 00:54:06 fetching corpus: 4827, signal 152894/183097 (executing program) 2024/10/17 00:54:06 fetching corpus: 4877, signal 153183/183097 (executing program) 2024/10/17 00:54:06 fetching corpus: 4927, signal 153417/183097 (executing program) 2024/10/17 00:54:06 fetching corpus: 4977, signal 153826/183097 (executing program) 2024/10/17 00:54:06 fetching corpus: 5027, signal 154423/183097 (executing program) 2024/10/17 00:54:06 fetching corpus: 5077, signal 154802/183097 (executing program) 2024/10/17 00:54:06 fetching corpus: 5127, signal 155092/183097 (executing program) 2024/10/17 00:54:06 fetching corpus: 5177, signal 155385/183097 (executing program) 2024/10/17 00:54:06 fetching corpus: 5227, signal 155738/183097 (executing program) 2024/10/17 00:54:06 fetching corpus: 5277, signal 156117/183097 (executing program) 2024/10/17 00:54:06 fetching corpus: 5327, signal 156338/183102 (executing program) 2024/10/17 00:54:07 fetching corpus: 5377, signal 157002/183102 (executing program) 2024/10/17 00:54:07 fetching corpus: 5427, signal 157693/183102 (executing program) 2024/10/17 00:54:07 fetching corpus: 5477, signal 157936/183102 (executing program) 2024/10/17 00:54:07 fetching corpus: 5527, signal 158311/183102 (executing program) 2024/10/17 00:54:07 fetching corpus: 5577, signal 158596/183102 (executing program) 2024/10/17 00:54:07 fetching corpus: 5627, signal 158944/183102 (executing program) 2024/10/17 00:54:07 fetching corpus: 5677, signal 159358/183102 (executing program) 2024/10/17 00:54:07 fetching corpus: 5727, signal 159753/183102 (executing program) 2024/10/17 00:54:07 fetching corpus: 5777, signal 160067/183102 (executing program) 2024/10/17 00:54:07 fetching corpus: 5827, signal 160285/183102 (executing program) 2024/10/17 00:54:07 fetching corpus: 5877, signal 160678/183102 (executing program) 2024/10/17 00:54:07 fetching corpus: 5926, signal 161000/183106 (executing program) 2024/10/17 00:54:08 fetching corpus: 5976, signal 161360/183106 (executing program) 2024/10/17 00:54:08 fetching corpus: 6026, signal 161775/183106 (executing program) 2024/10/17 00:54:08 fetching corpus: 6076, signal 162000/183106 (executing program) 2024/10/17 00:54:08 fetching corpus: 6126, signal 162453/183106 (executing program) 2024/10/17 00:54:08 fetching corpus: 6176, signal 162809/183106 (executing program) 2024/10/17 00:54:08 fetching corpus: 6226, signal 163031/183106 (executing program) 2024/10/17 00:54:08 fetching corpus: 6276, signal 163244/183106 (executing program) 2024/10/17 00:54:08 fetching corpus: 6326, signal 163452/183106 (executing program) 2024/10/17 00:54:08 fetching corpus: 6375, signal 163745/183106 (executing program) 2024/10/17 00:54:09 fetching corpus: 6425, signal 163996/183106 (executing program) 2024/10/17 00:54:09 fetching corpus: 6475, signal 164297/183106 (executing program) 2024/10/17 00:54:09 fetching corpus: 6525, signal 164537/183108 (executing program) 2024/10/17 00:54:09 fetching corpus: 6575, signal 164913/183108 (executing program) 2024/10/17 00:54:09 fetching corpus: 6625, signal 165191/183108 (executing program) 2024/10/17 00:54:09 fetching corpus: 6675, signal 165526/183108 (executing program) 2024/10/17 00:54:09 fetching corpus: 6724, signal 165911/183108 (executing program) 2024/10/17 00:54:09 fetching corpus: 6773, signal 166104/183108 (executing program) 2024/10/17 00:54:09 fetching corpus: 6823, signal 166375/183108 (executing program) 2024/10/17 00:54:10 fetching corpus: 6872, signal 166788/183112 (executing program) 2024/10/17 00:54:10 fetching corpus: 6921, signal 166968/183112 (executing program) 2024/10/17 00:54:10 fetching corpus: 6971, signal 167246/183112 (executing program) 2024/10/17 00:54:10 fetching corpus: 7021, signal 167533/183112 (executing program) 2024/10/17 00:54:10 fetching corpus: 7071, signal 167810/183112 (executing program) 2024/10/17 00:54:10 fetching corpus: 7119, signal 168142/183112 (executing program) 2024/10/17 00:54:10 fetching corpus: 7169, signal 168427/183116 (executing program) 2024/10/17 00:54:10 fetching corpus: 7218, signal 168786/183116 (executing program) 2024/10/17 00:54:10 fetching corpus: 7267, signal 169068/183117 (executing program) 2024/10/17 00:54:11 fetching corpus: 7317, signal 169305/183117 (executing program) 2024/10/17 00:54:11 fetching corpus: 7367, signal 169736/183117 (executing program) 2024/10/17 00:54:11 fetching corpus: 7416, signal 169987/183117 (executing program) 2024/10/17 00:54:11 fetching corpus: 7466, signal 170455/183117 (executing program) 2024/10/17 00:54:11 fetching corpus: 7515, signal 170737/183117 (executing program) 2024/10/17 00:54:11 fetching corpus: 7565, signal 171041/183117 (executing program) 2024/10/17 00:54:11 fetching corpus: 7615, signal 171234/183117 (executing program) 2024/10/17 00:54:11 fetching corpus: 7665, signal 171584/183119 (executing program) 2024/10/17 00:54:12 fetching corpus: 7715, signal 171997/183119 (executing program) 2024/10/17 00:54:12 fetching corpus: 7765, signal 172227/183119 (executing program) 2024/10/17 00:54:12 fetching corpus: 7815, signal 172465/183131 (executing program) 2024/10/17 00:54:12 fetching corpus: 7865, signal 172707/183131 (executing program) 2024/10/17 00:54:12 fetching corpus: 7915, signal 172953/183131 (executing program) 2024/10/17 00:54:12 fetching corpus: 7965, signal 173247/183131 (executing program) 2024/10/17 00:54:12 fetching corpus: 8014, signal 173443/183131 (executing program) 2024/10/17 00:54:12 fetching corpus: 8064, signal 173666/183140 (executing program) 2024/10/17 00:54:12 fetching corpus: 8114, signal 173969/183140 (executing program) 2024/10/17 00:54:13 fetching corpus: 8164, signal 174171/183140 (executing program) 2024/10/17 00:54:13 fetching corpus: 8213, signal 174377/183140 (executing program) 2024/10/17 00:54:13 fetching corpus: 8263, signal 174592/183140 (executing program) 2024/10/17 00:54:13 fetching corpus: 8312, signal 174761/183140 (executing program) 2024/10/17 00:54:13 fetching corpus: 8362, signal 175020/183140 (executing program) 2024/10/17 00:54:13 fetching corpus: 8412, signal 175375/183140 (executing program) 2024/10/17 00:54:13 fetching corpus: 8462, signal 175795/183140 (executing program) 2024/10/17 00:54:13 fetching corpus: 8512, signal 176001/183140 (executing program) 2024/10/17 00:54:13 fetching corpus: 8562, signal 176227/183140 (executing program) 2024/10/17 00:54:13 fetching corpus: 8612, signal 176740/183140 (executing program) 2024/10/17 00:54:13 fetching corpus: 8662, signal 176988/183140 (executing program) 2024/10/17 00:54:13 fetching corpus: 8712, signal 177204/183140 (executing program) 2024/10/17 00:54:13 fetching corpus: 8762, signal 177350/183143 (executing program) 2024/10/17 00:54:14 fetching corpus: 8812, signal 177502/183143 (executing program) 2024/10/17 00:54:14 fetching corpus: 8862, signal 177814/183143 (executing program) 2024/10/17 00:54:14 fetching corpus: 8911, signal 178136/183144 (executing program) 2024/10/17 00:54:14 fetching corpus: 8961, signal 178416/183144 (executing program) 2024/10/17 00:54:14 fetching corpus: 9010, signal 178672/183144 (executing program) 2024/10/17 00:54:14 fetching corpus: 9059, signal 178846/183144 (executing program) 2024/10/17 00:54:14 fetching corpus: 9109, signal 179092/183144 (executing program) 2024/10/17 00:54:14 fetching corpus: 9159, signal 179263/183144 (executing program) 2024/10/17 00:54:14 fetching corpus: 9208, signal 179565/183144 (executing program) 2024/10/17 00:54:14 fetching corpus: 9257, signal 179795/183144 (executing program) 2024/10/17 00:54:14 fetching corpus: 9307, signal 180012/183144 (executing program) 2024/10/17 00:54:14 fetching corpus: 9356, signal 180219/183144 (executing program) 2024/10/17 00:54:15 fetching corpus: 9405, signal 180382/183144 (executing program) 2024/10/17 00:54:15 fetching corpus: 9455, signal 180525/183144 (executing program) 2024/10/17 00:54:15 fetching corpus: 9505, signal 180735/183144 (executing program) 2024/10/17 00:54:15 fetching corpus: 9555, signal 180944/183144 (executing program) 2024/10/17 00:54:15 fetching corpus: 9605, signal 181074/183144 (executing program) 2024/10/17 00:54:15 fetching corpus: 9654, signal 181284/183144 (executing program) 2024/10/17 00:54:15 fetching corpus: 9704, signal 181557/183145 (executing program) 2024/10/17 00:54:15 fetching corpus: 9754, signal 181852/183145 (executing program) 2024/10/17 00:54:15 fetching corpus: 9803, signal 182146/183145 (executing program) 2024/10/17 00:54:15 fetching corpus: 9831, signal 182204/183145 (executing program) 2024/10/17 00:54:15 fetching corpus: 9831, signal 182204/183145 (executing program) 2024/10/17 00:54:19 starting 8 fuzzer processes 00:54:19 executing program 0: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$netlbl_cipso(&(0x7f0000000100), r0) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_CIPSOV4_C_ADD(r2, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000300)={0x34, r1, 0x1, 0x0, 0x0, {}, [@NLBL_CIPSOV4_A_MTYPE={0x8, 0x2, 0x1}, @NLBL_CIPSOV4_A_TAGLST={0x4}, @NLBL_CIPSOV4_A_MLSLVLLST={0xc, 0x8, 0x0, 0x1, [{0x4, 0xc}, {0x4}]}, @NLBL_CIPSOV4_A_DOI={0x8}]}, 0x34}}, 0x0) 00:54:19 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000600), 0xffffffffffffffff) r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000080)={'wlan1\x00', 0x0}) sendmsg$ETHTOOL_MSG_LINKINFO_SET(r0, &(0x7f0000000740)={0x0, 0x0, &(0x7f0000000700)={&(0x7f0000000180)={0x20, r1, 0x1, 0x0, 0x0, {}, [@ETHTOOL_A_LINKINFO_HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r3}]}]}, 0x20}}, 0x0) 00:54:19 executing program 2: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$sock_int(r0, 0x1, 0x49, &(0x7f0000000040)=0x7000000, 0x4) 00:54:19 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x5c000, 0xa, &(0x7f0000000200)=[{&(0x7f0000010000)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d2020202020202020202020202020202020202020202020202020200000000000000000b8000000000000b800000000000000000000000000000000000000000000000000000000000000000100000101000001000808001800000000000018130000000000000000000015000000002200170000000000001700080000000008007809140b2a3a08020000010000010100202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202073797a6b616c6c65722020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202047454e49534f494d4147452049534f20393636302f4846532046494c4553595354454d2043524541544f5220284329203139393320452e594f554e4744414c452028432920313939372d32303036204a2e50454152534f4e2f4a2e534348494c4c494e472028432920323030362d32303037204344524b4954205445414d202066696c6533202020202020202020202020202020202020202020202020202020202020202066696c6531202020202020202020202020202020202020202020202020202020202020202066696c6532202020202020202020202020202020202020202020202020202020202020202032303230303932303131343235383030083230323030393230313134323538303008303030303030303030303030303030300032303230303932303131343235383030080100202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202000"/1408, 0x580, 0x8000}, {&(0x7f0000010600)="ff43443030310100"/32, 0x20, 0x8800}, {&(0x7f0000010700)="01001700000001000000050018000000010046494c4530000000000000000000", 0x20, 0x9800}, {&(0x7f0000010800)="01000000001700010000050000000018000146494c4530000000000000000000", 0x20, 0xa800}, {&(0x7f0000010900)="8800170000000000001700080000000008007809140b2a3a0802000001000001010053500701beef005252050181505824016d4100000000416d03000000000000030000000000000000000000000000000054461a010e7809140b2a3a087809140b2a3a087809140b2a3a0843451c0119000000000000190000000000000000ed000000000000ed6600170000000000001700080000000008007809140b2a3a080200000100000101015252050181505824016d4100000000416d02000000000000020000000000000000000000000000000054461a010e7809140b2a3a087809140b2a3a087809140b2a3a08008c001a0000000000001a64000000000000647809140b2a3a08000000010000010a46494c452e434f4c3b310041410e0254455854756e6978000052520501894e4d0e010066696c652e636f6c64505824016d8100000000816d01000000000000010000000000000000000000000000000054461a010e7809140b2a3a087809140b2a3a087809140b2a3a08007400180000000000001800080000000008007809140b2a3a08020000010000010546494c453052520501894e4d0a010066696c6530505824016d4100000000416d02000000000000020000000000000000000000000000000054461a010e7809140b2a3a087809140b2a3a087809140b2a3a080086001b0000000000001b0a0000000000000a7809140b2a3a08000000010000010846494c45312e3b310041410e0254455854756e6978000052520501894e4d0a010066696c6531505824016d8100000000816d01000000000000010000000000000000000000000000000054461a010e7809140b2a3a087809140b2a3a087809140b2a3a080086001c0000000000001c28230000000023287809140b2a3a08000000010000010846494c45322e3b310041410e0254455854756e6978000052520501894e4d0a010066696c6532505824016d8100000000816d02000000000000020000000000000000000000000000000054461a010e7809140b2a3a087809140b2a3a087809140b2a3a080086001c0000000000001c28230000000023287809140b2a3a08000000010000010846494c45332e3b310041410e0254455854756e6978000052520501894e4d0a010066696c6533505824016d8100000000816d02000000000000020000000000000000000000000000000054461a010e7809140b2a3a087809140b2a3a087809140b2a3a0800", 0x380, 0xb800}, {&(0x7f0000010d00)="6600180000000000001800080000000008007809140b2a3a080200000100000101005252050181505824016d4100000000416d02000000000000020000000000000000000000000000000054461a010e7809140b2a3a087809140b2a3a087809140b2a3a08006600170000000000001700080000000008007809140b2a3a080200000100000101015252050181505824016d4100000000416d03000000000000030000000000000000000000000000000054461a010e7809140b2a3a087809140b2a3a087809140b2a3a0800860021000000000000211a0400000000041a7809140b2a3a08000000010000010846494c45302e3b310041410e0254455854756e6978000052520501894e4d0a010066696c6530505824016d8100000000816d01000000000000010000000000000000000000000000000054461a010e7809140b2a3a087809140b2a3a087809140b2a3a0800a800220000000000002200000000000000007809140b2a3a08000000010000010846494c45312e3b3100525205018d4e4d0a010066696c6531505824016da100000000a16d010000000000000100000000000000000000000000000000534c31010008000003746d70001573797a2d696d61676567656e393632343934303438000566696c6530000566696c653054461a010e7809140b2a3a087809140b2a3a087809140b2a3a08000000000000", 0x200, 0xc000}, {&(0x7f0000010f00)="4552ed010a548701525249505f313939314154484520524f434b20524944474520494e5445524348414e47452050524f544f434f4c2050524f564944455320535550504f525420464f5220504f5349582046494c452053595354454d2053454d414e54494353504c4541534520434f4e544143542044495343205055424c495348455220464f522053504543494649434154494f4e20534f555243452e2020534545205055424c4953484552204944454e54494649455220494e205052494d41525920564f4c554d452044455343524950544f5220464f5220434f4e5441435420494e464f524d4154494f4e2e00"/256, 0x100, 0xc800}, {&(0x7f0000011000)='syzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallers\x00'/128, 0x80, 0xd000}, {&(0x7f0000011100)='syzkallers\x00'/32, 0x20, 0xd800}, {&(0x7f0000011200)='syzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkal\x00\x00\x00\x00\x00\x00', 0x420, 0x10800}], 0x0, &(0x7f0000011700)) [ 110.622485] audit: type=1400 audit(1729126459.610:7): avc: denied { execmem } for pid=271 comm="syz-executor.1" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1 00:54:19 executing program 4: r0 = socket$inet6_udp(0xa, 0x2, 0x0) fcntl$lock(r0, 0x6, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}) fcntl$lock(r0, 0x5, &(0x7f0000000180)) 00:54:19 executing program 6: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup2(r1, r0) bind$unix(r2, &(0x7f0000000200)=@abs, 0x2) 00:54:19 executing program 5: ioctl$sock_ipv6_tunnel_SIOCCHG6RD(0xffffffffffffffff, 0x89fb, 0x0) ioctl$sock_ipv6_tunnel_SIOCGETPRL(0xffffffffffffffff, 0x89f4, &(0x7f0000000240)={'ip6tnl0\x00', &(0x7f00000001c0)={'syztnl1\x00', 0x0, 0x4, 0x0, 0x0, 0x1, 0x0, @local, @local, 0x0, 0x10, 0x1, 0x9}}) syz_genetlink_get_family_id$fou(&(0x7f00000055c0), 0xffffffffffffffff) sendmsg$FOU_CMD_DEL(0xffffffffffffffff, 0x0, 0x0) ioctl$sock_ipv6_tunnel_SIOCADDPRL(0xffffffffffffffff, 0x89f5, &(0x7f0000005780)={'syztnl2\x00', 0x0}) syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0) openat$autofs(0xffffffffffffff9c, &(0x7f0000005980), 0x0, 0x0) syz_io_uring_setup(0x2c83, &(0x7f0000005a00)={0x0, 0xe81b, 0x8, 0x2}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffb000/0x4000)=nil, &(0x7f0000005a80), &(0x7f0000005ac0)) execveat(0xffffffffffffffff, &(0x7f0000005b80)='./file0\x00', 0x0, &(0x7f0000005d00)=[&(0x7f0000005c40)='%^\x00', &(0x7f0000005c80)='\x00', 0x0], 0x800) 00:54:19 executing program 7: perf_event_open(&(0x7f0000000280)={0x8, 0x80, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) [ 112.143484] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 112.147264] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 112.150275] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 112.156376] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 112.162438] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 112.164156] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 112.270289] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 112.273910] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 112.275729] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 112.283290] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 112.287134] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 112.289664] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 112.351672] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 112.353549] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 112.359859] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 112.363994] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 112.365675] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 112.368053] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 112.371105] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 112.373853] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 112.375049] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 112.378856] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 112.386400] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 112.395558] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 112.396184] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 112.407844] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 112.422500] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 112.430115] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 112.437033] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 112.443711] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 112.447880] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 112.454543] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 112.472544] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 112.477964] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 112.479511] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 112.482100] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 112.484043] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 112.486969] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 112.490229] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 112.493713] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 112.510529] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 112.516501] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 112.518052] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 112.520798] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 112.522055] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 112.525781] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 112.556226] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 112.562698] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 114.231919] Bluetooth: hci0: command tx timeout [ 114.359414] Bluetooth: hci1: command tx timeout [ 114.422464] Bluetooth: hci3: command tx timeout [ 114.487414] Bluetooth: hci2: command tx timeout [ 114.614673] Bluetooth: hci7: command tx timeout [ 114.615547] Bluetooth: hci5: command tx timeout [ 114.615980] Bluetooth: hci4: command tx timeout [ 114.678489] Bluetooth: hci6: command tx timeout [ 116.279399] Bluetooth: hci0: command tx timeout [ 116.408249] Bluetooth: hci1: command tx timeout [ 116.471355] Bluetooth: hci3: command tx timeout [ 116.535099] Bluetooth: hci2: command tx timeout [ 116.662425] Bluetooth: hci5: command tx timeout [ 116.662690] Bluetooth: hci7: command tx timeout [ 116.665455] Bluetooth: hci4: command tx timeout [ 116.726474] Bluetooth: hci6: command tx timeout [ 118.328498] Bluetooth: hci0: command tx timeout [ 118.456421] Bluetooth: hci1: command tx timeout [ 118.519703] Bluetooth: hci3: command tx timeout [ 118.583487] Bluetooth: hci2: command tx timeout [ 118.710512] Bluetooth: hci4: command tx timeout [ 118.711182] Bluetooth: hci7: command tx timeout [ 118.711921] Bluetooth: hci5: command tx timeout [ 118.774804] Bluetooth: hci6: command tx timeout [ 120.374485] Bluetooth: hci0: command tx timeout [ 120.502513] Bluetooth: hci1: command tx timeout [ 120.566688] Bluetooth: hci3: command tx timeout [ 120.630575] Bluetooth: hci2: command tx timeout [ 120.758496] Bluetooth: hci7: command tx timeout [ 120.759001] Bluetooth: hci5: command tx timeout [ 120.759740] Bluetooth: hci4: command tx timeout [ 120.822478] Bluetooth: hci6: command tx timeout [ 174.215644] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 174.218852] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 174.228165] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 174.233822] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 174.236800] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 174.244759] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 174.278938] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 174.286215] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 174.289886] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 174.290025] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 174.292942] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 174.296792] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 174.299141] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 174.302213] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 174.304027] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 174.306861] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 174.313626] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 174.317202] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 174.350891] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 174.357757] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 174.361080] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 174.371844] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 174.376719] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 174.384962] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 174.412283] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 174.416016] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 174.428693] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 174.430124] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 174.433915] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 174.436475] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 174.436698] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 174.437885] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 174.442709] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 174.473471] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 174.479861] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 174.493624] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 174.592921] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 174.606522] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 174.670756] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 174.708994] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 174.732858] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 174.744493] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 175.089528] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 175.103061] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 175.104777] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 175.109947] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 175.114577] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 175.115955] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 176.311425] Bluetooth: hci0: command tx timeout [ 176.374686] Bluetooth: hci2: command tx timeout [ 176.375359] Bluetooth: hci1: command tx timeout [ 176.438405] Bluetooth: hci3: command tx timeout [ 176.504076] Bluetooth: hci4: command tx timeout [ 176.568361] Bluetooth: hci5: command tx timeout [ 176.950439] Bluetooth: hci6: command tx timeout [ 177.206412] Bluetooth: hci7: command tx timeout [ 178.359369] Bluetooth: hci0: command tx timeout [ 178.425358] Bluetooth: hci2: command tx timeout [ 178.425699] Bluetooth: hci1: command tx timeout [ 178.487359] Bluetooth: hci3: command tx timeout [ 178.551391] Bluetooth: hci4: command tx timeout [ 178.615365] Bluetooth: hci5: command tx timeout [ 178.999375] Bluetooth: hci6: command tx timeout [ 179.255579] Bluetooth: hci7: command tx timeout [ 180.406484] Bluetooth: hci0: command tx timeout [ 180.472489] Bluetooth: hci1: command tx timeout [ 180.472832] Bluetooth: hci2: command tx timeout [ 180.536357] Bluetooth: hci3: command tx timeout [ 180.598457] Bluetooth: hci4: command tx timeout [ 180.664043] Bluetooth: hci5: command tx timeout [ 181.047549] Bluetooth: hci6: command tx timeout [ 181.303393] Bluetooth: hci7: command tx timeout [ 182.454382] Bluetooth: hci0: command tx timeout [ 182.519404] Bluetooth: hci2: command tx timeout [ 182.519758] Bluetooth: hci1: command tx timeout [ 182.583458] Bluetooth: hci3: command tx timeout [ 182.646351] Bluetooth: hci4: command tx timeout [ 182.711476] Bluetooth: hci5: command tx timeout [ 183.095329] Bluetooth: hci6: command tx timeout [ 183.352332] Bluetooth: hci7: command tx timeout [ 229.211915] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 229.212541] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 229.548095] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 229.548842] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 230.105709] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 230.106197] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 230.655413] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 230.655914] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 230.824578] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 230.825637] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 231.071398] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 231.072243] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 231.356758] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 231.357312] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 231.640393] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 231.640877] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 231.907899] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 231.908521] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 232.077405] loop3: detected capacity change from 0 to 736 [ 232.080022] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 232.080588] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 232.129924] audit: type=1400 audit(1729126581.117:8): avc: denied { open } for pid=7402 comm="syz-executor.7" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 [ 232.132515] audit: type=1400 audit(1729126581.118:9): avc: denied { kernel } for pid=7402 comm="syz-executor.7" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 [ 232.199444] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 232.199940] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 232.260708] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 232.261202] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 232.319804] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 232.320253] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 232.414944] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 232.415485] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 232.491632] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 232.492100] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 232.586570] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 232.587080] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 235.713430] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 235.715969] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 235.718065] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 235.722625] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 235.725474] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 235.727180] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 235.839518] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 235.841728] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 235.848133] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 235.852465] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 235.855237] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 235.857135] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 237.750475] Bluetooth: hci0: command tx timeout [ 237.878438] Bluetooth: hci3: command tx timeout [ 239.799360] Bluetooth: hci0: command tx timeout [ 239.927376] Bluetooth: hci3: command tx timeout [ 241.847349] Bluetooth: hci0: command tx timeout [ 241.974416] Bluetooth: hci3: command tx timeout [ 243.895348] Bluetooth: hci0: command tx timeout [ 244.022446] Bluetooth: hci3: command tx timeout [ 250.870385] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 250.870878] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 250.955030] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 250.955700] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 254.911358] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 254.912145] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 254.969399] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 254.970156] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 00:56:44 executing program 0: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000000300)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fcntl$getownex(0xffffffffffffffff, 0x10, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000000)='net/mcfilter\x00') pread64(r0, &(0x7f0000000140)=""/77, 0x4d, 0xaa0) perf_event_open(&(0x7f0000000180)={0x0, 0x80, 0x0, 0x0, 0x2, 0x27, 0x0, 0x2, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x2, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0x0, r0, 0xa) syz_mount_image$tmpfs(0x0, &(0x7f0000000700)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) 00:56:44 executing program 5: syz_mount_image$tmpfs(&(0x7f0000000680), &(0x7f00000006c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000007c0)={[{@mpol={'mpol', 0x3d, {'interleave', '', @val={0x3a, [0x37, 0x34]}}}}]}) 00:56:44 executing program 1: syz_mount_image$msdos(&(0x7f00000000c0), &(0x7f0000000140)='./file0\x00', 0x0, 0x0, &(0x7f0000000540), 0x0, &(0x7f0000000600)={[{@fat=@nfs_nostale_ro}]}) 00:56:44 executing program 2: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) mknod(&(0x7f0000008d80)='./file0\x00', 0x0, 0x0) stat(&(0x7f0000000540)='./file0\x00', &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x0}) setresuid(0x0, r1, 0x0) sendmmsg$sock(r0, &(0x7f0000002d40)=[{{&(0x7f00000000c0)=@in={0x2, 0x0, @dev}, 0x80, &(0x7f0000000200)=[{&(0x7f00000003c0)="eaec", 0x2}], 0x1}}, {{&(0x7f0000000500)=@in={0x2, 0x0, @multicast2}, 0x80, 0x0, 0x0, &(0x7f0000001640)=[@mark={{0x14}}], 0x18}}], 0x2, 0x0) 00:56:44 executing program 7: syz_mount_image$tmpfs(&(0x7f00000000c0), &(0x7f0000000000)='./file1\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000400)=ANY=[]) prctl$PR_CAPBSET_READ(0x17, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x2141135a248505a6}, 0x0, 0x0, 0x9}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000580)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x10000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat$sr(0xffffffffffffff9c, &(0x7f00000001c0), 0x105802, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x1000004, 0x2811, r0, 0x0) io_getevents(0x0, 0x0, 0x0, 0x0, 0x0) clone3(&(0x7f0000000640)={0x0, &(0x7f00000000c0), 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) getpid() r1 = openat$sr(0xffffffffffffff9c, &(0x7f00000001c0), 0x105802, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r1, 0x0) syz_io_uring_submit(0x0, 0x0, 0x0, 0x9) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000140)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd_index, 0x0, 0x0}, 0x0) io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0) 00:56:44 executing program 3: syz_mount_image$ext4(&(0x7f0000000140)='ext3\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000800)={[{@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x8}}]}) 00:56:44 executing program 4: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_mount_image$ext4(0x0, &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000280)='devpts\x00', 0x0, 0x0) r0 = inotify_init() inotify_add_watch(r0, &(0x7f0000000100)='./file0\x00', 0x500) umount2(&(0x7f0000000000)='./file0\x00', 0x0) close(r0) 00:56:44 executing program 6: r0 = syz_open_procfs(0x0, &(0x7f0000000000)='net/unix\x00') pread64(r0, &(0x7f0000000180)=""/127, 0x7f, 0x38) [ 255.763826] tmpfs: Bad value for 'mpol' [ 255.767361] No source specified [ 255.770721] hrtimer: interrupt took 47840 ns [ 255.776237] No source specified [ 255.779918] tmpfs: Bad value for 'mpol' [ 255.804198] syz-executor.1: attempt to access beyond end of device [ 255.804198] loop1: rw=0, sector=0, nr_sectors = 1 limit=0 [ 255.903085] FAT-fs (loop1): unable to read boot sector [ 255.956647] syz-executor.1: attempt to access beyond end of device [ 255.956647] loop1: rw=0, sector=0, nr_sectors = 1 limit=0 [ 255.958591] FAT-fs (loop1): unable to read boot sector 00:56:44 executing program 6: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x3c, &(0x7f0000000080)={0x0, 0x0}, 0x10) 00:56:44 executing program 3: syz_mount_image$iso9660(&(0x7f00000005c0), &(0x7f0000000600)='./file0\x00', 0x0, 0x0, &(0x7f0000001740), 0x0, &(0x7f0000000000)={[{@utf8}, {@utf8}]}) 00:56:45 executing program 1: syz_mount_image$ext4(0x0, &(0x7f00000000c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount$tmpfs(0x0, &(0x7f0000000680)='./file0\x00', &(0x7f00000006c0), 0x0, &(0x7f0000000ec0)={[{@huge_always}]}) 00:56:45 executing program 5: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xa7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) getsockopt$inet6_tcp_int(r0, 0x6, 0x22, 0x0, &(0x7f0000000140)) setsockopt$inet6_tcp_TCP_REPAIR(0xffffffffffffffff, 0x6, 0x13, &(0x7f00000018c0), 0x4) 00:56:45 executing program 2: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fchdir(0xffffffffffffffff) perf_event_open(&(0x7f0000000340)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0xfffffffe}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) close(r0) ioctl$TCSETSF2(r0, 0x402c542d, &(0x7f0000000040)={0x0, 0x8, 0xb, 0x0, 0x0, "d4a89354cdc0e1d1ad0964940f221679708fb7", 0x0, 0x9}) 00:56:45 executing program 4: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_mount_image$ext4(0x0, &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000280)='devpts\x00', 0x0, 0x0) r0 = inotify_init() inotify_add_watch(r0, &(0x7f0000000100)='./file0\x00', 0x500) umount2(&(0x7f0000000000)='./file0\x00', 0x0) close(r0) [ 256.310724] syz-executor.3: attempt to access beyond end of device [ 256.310724] loop3: rw=0, sector=64, nr_sectors = 2 limit=0 [ 256.315325] isofs_fill_super: bread failed, dev=loop3, iso_blknum=16, block=32 [ 256.348606] tmpfs: Unsupported parameter 'huge' [ 256.358211] syz-executor.3: attempt to access beyond end of device [ 256.358211] loop3: rw=0, sector=64, nr_sectors = 2 limit=0 [ 256.361690] isofs_fill_super: bread failed, dev=loop3, iso_blknum=16, block=32 00:56:45 executing program 1: connect$inet6(0xffffffffffffffff, 0x0, 0x0) ioctl$KDGKBLED(0xffffffffffffffff, 0x4b64, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000580)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x240, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="eb3c906d6b66732e66617400020801000440008000f801", 0x17}, {&(0x7f0000000340)="53595a4b414c4c45522020080000eb80325132510000eb80325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020", 0x4b, 0xa04}], 0x0, &(0x7f0000000080)) ioctl$INCFS_IOC_PERMIT_FILL(r0, 0x40046721, 0x0) ioctl$VT_RESIZE(0xffffffffffffffff, 0x4b47, &(0x7f0000000000)={0x0, 0x8001}) 00:56:45 executing program 3: syz_mount_image$iso9660(&(0x7f00000005c0), &(0x7f0000000600)='./file0\x00', 0x0, 0x0, &(0x7f0000001740), 0x0, &(0x7f0000000000)={[{@utf8}, {@utf8}]}) [ 256.699770] loop1: detected capacity change from 0 to 10 [ 256.792639] syz-executor.3: attempt to access beyond end of device [ 256.792639] loop3: rw=0, sector=64, nr_sectors = 2 limit=0 [ 256.793744] isofs_fill_super: bread failed, dev=loop3, iso_blknum=16, block=32 [ 281.074557] watchdog: BUG: soft lockup - CPU#0 stuck for 21s! [syz-executor.7:8377] [ 281.075030] Modules linked in: [ 281.075234] irq event stamp: 3578067 [ 281.075455] hardirqs last enabled at (3578066): [] irqentry_exit+0x3b/0x90 [ 281.075975] hardirqs last disabled at (3578067): [] sysvec_apic_timer_interrupt+0xf/0x80 [ 281.077764] softirqs last enabled at (3574204): [] handle_softirqs+0x50c/0x770 [ 281.079020] softirqs last disabled at (3574213): [] irq_exit_rcu+0x94/0xc0 [ 281.079508] CPU: 0 UID: 0 PID: 8377 Comm: syz-executor.7 Not tainted 6.12.0-rc3-next-20241016 #1 [ 281.079989] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 281.080428] RIP: 0010:kasan_unpoison+0x43/0x60 [ 281.080730] Code: 31 d2 48 89 fb 48 83 c6 01 e8 39 ff ff ff 48 89 e8 83 e0 07 74 14 48 ba 00 00 00 00 00 fc ff df 48 01 eb 48 c1 eb 03 88 04 13 <5b> 5d e9 16 2f f9 02 90 0f 0b 90 e9 0d 2f f9 02 66 66 2e 0f 1f 84 [ 281.081658] RSP: 0018:ffff88806ce09400 EFLAGS: 00000246 [ 281.081971] RAX: 0000000000000000 RBX: ffff8880158c8250 RCX: 0000000000000000 [ 281.082364] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffed1002b19067 [ 281.082751] RBP: 00000000000000e8 R08: 0000000000000006 R09: 0000000000000002 [ 281.083138] R10: ffffed1002b1904a R11: 00000000ffffffff R12: ffff8880158c8250 [ 281.083531] R13: 0000000000092820 R14: 00000000000000e8 R15: 0000000000092820 [ 281.083920] FS: 00007fa16e752700(0000) GS:ffff88806ce00000(0000) knlGS:0000000000000000 [ 281.084363] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 281.084694] CR2: 00007f938478d998 CR3: 000000004074e000 CR4: 0000000000350ef0 [ 281.085084] Call Trace: [ 281.085245] [ 281.085392] ? watchdog_timer_fn+0x3ee/0x510 [ 281.085682] ? __pfx_watchdog_timer_fn+0x10/0x10 [ 281.085986] ? __hrtimer_run_queues+0x57c/0xa70 [ 281.086295] ? __pfx___hrtimer_run_queues+0x10/0x10 [ 281.086603] ? ktime_get_update_offsets_now+0x260/0x3c0 [ 281.086960] ? hrtimer_interrupt+0x2f2/0x750 [ 281.087265] ? __sysvec_apic_timer_interrupt+0xc2/0x390 [ 281.087593] ? sysvec_apic_timer_interrupt+0x34/0x80 [ 281.087917] ? asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 281.088278] ? kasan_unpoison+0x43/0x60 [ 281.088554] __kasan_slab_alloc+0x30/0x70 [ 281.088819] kmem_cache_alloc_noprof+0x13d/0x3d0 [ 281.089123] ? write_comp_data+0xa/0xa0 [ 281.089398] ? srso_return_thunk+0x5/0x5f [ 281.089697] ? cfg80211_inform_single_bss_data+0x4f1/0x1c50 [ 281.090053] __alloc_object+0x2f/0x270 [ 281.090305] __create_object+0x1d/0x80 [ 281.090557] ? cfg80211_inform_single_bss_data+0x4f1/0x1c50 [ 281.090908] __kmalloc_noprof+0x37e/0x4b0 [ 281.091183] ? __sanitizer_cov_trace_switch+0x51/0x90 [ 281.091515] ? srso_return_thunk+0x5/0x5f [ 281.091810] cfg80211_inform_single_bss_data+0x4f1/0x1c50 [ 281.092164] ? srso_return_thunk+0x5/0x5f [ 281.092450] ? perf_misc_flags+0x9a/0xc0 [ 281.092712] ? srso_return_thunk+0x5/0x5f [ 281.092997] ? __pfx_cfg80211_inform_single_bss_data+0x10/0x10 [ 281.093369] ? srso_return_thunk+0x5/0x5f [ 281.093657] ? hlock_class+0x4e/0x130 [ 281.093941] ? srso_return_thunk+0x5/0x5f [ 281.094224] ? lock_acquire+0x32/0xc0 [ 281.094496] ? perf_swevent_hrtimer+0x224/0x3d0 [ 281.094796] cfg80211_inform_bss_data+0x20f/0x3510 [ 281.095115] ? srso_return_thunk+0x5/0x5f [ 281.095402] ? hlock_class+0x4e/0x130 [ 281.095655] ? mark_lock+0xac/0x1370 [ 281.095917] ? srso_return_thunk+0x5/0x5f [ 281.096201] ? srso_return_thunk+0x5/0x5f [ 281.096489] ? __pfx_mark_lock+0x10/0x10 [ 281.096778] ? __pfx_cfg80211_inform_bss_data+0x10/0x10 [ 281.097121] ? __pfx___lock_acquire+0x10/0x10 [ 281.097423] ? lock_acquire.part.0+0xeb/0x320 [ 281.097730] ? __hrtimer_run_queues+0x23d/0xa70 [ 281.098026] ? srso_return_thunk+0x5/0x5f [ 281.098310] ? hlock_class+0x4e/0x130 [ 281.098563] ? srso_return_thunk+0x5/0x5f [ 281.098845] ? __lock_acquire+0xcb8/0x4360 [ 281.099162] ? srso_return_thunk+0x5/0x5f [ 281.099448] ? hlock_class+0x4e/0x130 [ 281.099709] ? srso_return_thunk+0x5/0x5f [ 281.099991] ? find_held_lock+0x2c/0x110 [ 281.100258] ? ieee80211_bss_info_update+0x2b4/0xa90 [ 281.100564] ? srso_return_thunk+0x5/0x5f [ 281.100846] ? lock_release+0x20f/0x6f0 [ 281.101130] cfg80211_inform_bss_frame_data+0x250/0x690 [ 281.101486] ieee80211_bss_info_update+0x2f6/0xa90 [ 281.101804] ? __pfx_ieee80211_bss_info_update+0x10/0x10 [ 281.102126] ? lockdep_hardirqs_on_prepare+0x12b/0x3f0 [ 281.102468] ? srso_return_thunk+0x5/0x5f [ 281.102760] ? kcov_remote_stop+0x67/0x490 [ 281.103043] ? srso_return_thunk+0x5/0x5f [ 281.103330] ? ieee80211_get_channel_khz+0x149/0x1d0 [ 281.103655] ieee80211_scan_rx+0x474/0xac0 [ 281.103918] ? ieee80211_clean_skb+0x18f/0x6f0 [ 281.104233] ieee80211_rx_list+0x21ec/0x2cf0 [ 281.104521] ? hlock_class+0x4e/0x130 [ 281.104773] ? srso_return_thunk+0x5/0x5f [ 281.105061] ? __pfx_ieee80211_rx_list+0x10/0x10 [ 281.105353] ? srso_return_thunk+0x5/0x5f [ 281.105642] ? lock_acquire.part.0+0xeb/0x320 [ 281.105944] ? ieee80211_rx_napi+0x97/0x3b0 [ 281.106234] ? srso_return_thunk+0x5/0x5f [ 281.106517] ? lock_acquire+0x32/0xc0 [ 281.106782] ? ieee80211_rx_napi+0x97/0x3b0 [ 281.107057] ieee80211_rx_napi+0xdc/0x3b0 [ 281.107321] ? __pfx_ieee80211_rx_napi+0x10/0x10 [ 281.107615] ? srso_return_thunk+0x5/0x5f [ 281.107902] ? _raw_spin_unlock_irqrestore+0x2c/0x50 [ 281.108230] ieee80211_handle_queued_frames+0xd9/0x130 [ 281.108575] tasklet_action_common+0x235/0x3b0 [ 281.108861] ? workqueue_softirq_action+0x1a/0x170 [ 281.109188] handle_softirqs+0x1b1/0x770 [ 281.109459] irq_exit_rcu+0x94/0xc0 [ 281.109702] sysvec_apic_timer_interrupt+0x70/0x80 [ 281.110018] [ 281.110165] [ 281.110316] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 281.110648] RIP: 0010:in_gate_area_no_mm+0x25/0x80 [ 281.110969] Code: 90 90 90 90 90 66 0f 1f 00 41 54 55 53 48 89 fb e8 40 e3 50 00 8b 2d ba 97 7c 04 bf 02 00 00 00 89 ee e8 5e e6 50 00 83 fd 02 <74> 24 e8 24 e3 50 00 48 81 e3 00 f0 ff ff 48 c7 c7 00 00 60 ff 48 [ 281.111893] RSP: 0018:ffff8880323870c0 EFLAGS: 00000297 [ 281.112205] RAX: 0000000000000002 RBX: 00007fa1711dcb19 RCX: ffffffff810098f2 [ 281.112597] RDX: ffff88801890d280 RSI: 0000000000000002 RDI: 0000000000000005 [ 281.112985] RBP: 0000000000000001 R08: ffffffff86bee0fa R09: ffff888032387178 [ 281.113377] R10: 0000000000000001 R11: 00000000000c2f81 R12: ffff888032387200 [ 281.113769] R13: 0000000000000000 R14: ffff88801890d280 R15: ffff88800706e500 [ 281.114171] ? in_gate_area_no_mm+0x22/0x80 [ 281.114473] core_kernel_text+0x24/0xa0 [ 281.114736] kernel_text_address+0x11/0xc0 [ 281.115013] ? srso_return_thunk+0x5/0x5f [ 281.115298] __kernel_text_address+0xd/0x40 [ 281.115576] unwind_get_return_address+0x59/0xa0 [ 281.115868] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 281.116211] arch_stack_walk+0x9d/0xf0 [ 281.116505] stack_trace_save+0x8f/0xc0 [ 281.116779] ? __pfx_stack_trace_save+0x10/0x10 [ 281.117083] ? srso_return_thunk+0x5/0x5f [ 281.117385] kasan_save_stack+0x24/0x50 [ 281.117663] ? kasan_save_stack+0x24/0x50 [ 281.117948] ? __kasan_record_aux_stack+0x8c/0xa0 [ 281.118248] ? __call_rcu_common.constprop.0+0x6a/0xaa0 [ 281.118589] ? kfree+0x28e/0x480 [ 281.118819] ? __free_slab+0x100/0x120 [ 281.119074] ? qlist_free_all+0x50/0x160 [ 281.119348] ? kasan_quarantine_reduce+0x19c/0x230 [ 281.119664] ? __kasan_slab_alloc+0x49/0x70 [ 281.119928] ? kmem_cache_alloc_noprof+0x13d/0x3d0 [ 281.120238] ? ptlock_alloc+0x21/0x70 [ 281.120503] ? pte_alloc_one+0x78/0x320 [ 281.120751] ? __pte_alloc+0x6d/0x330 [ 281.121007] ? copy_page_range+0x2845/0x4cf0 [ 281.121299] ? copy_process+0x7d17/0x8e00 [ 281.121579] ? kernel_clone+0xeb/0x850 [ 281.121846] ? __do_sys_clone3+0x1d5/0x250 [ 281.122115] ? do_syscall_64+0xbf/0x1d0 [ 281.122369] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 281.122712] ? srso_return_thunk+0x5/0x5f [ 281.122993] ? find_held_lock+0x2c/0x110 [ 281.123259] ? __virt_addr_valid+0x2e8/0x5d0 [ 281.123537] ? srso_return_thunk+0x5/0x5f [ 281.123824] ? lock_release+0x20f/0x6f0 [ 281.124101] ? __pfx_lock_release+0x10/0x10 [ 281.124391] ? trace_lock_acquire+0x137/0x1b0 [ 281.124685] ? srso_return_thunk+0x5/0x5f [ 281.124967] ? lock_acquire+0x32/0xc0 [ 281.125231] ? __virt_addr_valid+0x1c6/0x5d0 [ 281.125526] ? srso_return_thunk+0x5/0x5f [ 281.125811] ? __virt_addr_valid+0x100/0x5d0 [ 281.126088] ? __pfx_free_object_rcu+0x10/0x10 [ 281.126397] ? srso_return_thunk+0x5/0x5f [ 281.126682] __kasan_record_aux_stack+0x8c/0xa0 [ 281.126983] ? __pfx_free_object_rcu+0x10/0x10 [ 281.127289] __call_rcu_common.constprop.0+0x6a/0xaa0 [ 281.127621] ? srso_return_thunk+0x5/0x5f [ 281.127903] ? lockdep_hardirqs_on_prepare+0x262/0x3f0 [ 281.128247] kfree+0x28e/0x480 [ 281.128473] ? __free_slab+0x100/0x120 [ 281.128739] __free_slab+0x100/0x120 [ 281.128991] qlist_free_all+0x50/0x160 [ 281.129262] kasan_quarantine_reduce+0x19c/0x230 [ 281.129585] __kasan_slab_alloc+0x49/0x70 [ 281.129846] kmem_cache_alloc_noprof+0x13d/0x3d0 [ 281.130148] ? __pfx_alloc_pages_mpol_noprof+0x10/0x10 [ 281.130476] ? __x86_indirect_jump_thunk_r12+0x20/0x20 [ 281.130823] ptlock_alloc+0x21/0x70 [ 281.131083] pte_alloc_one+0x78/0x320 [ 281.131330] __pte_alloc+0x6d/0x330 [ 281.131578] ? __pfx___pte_alloc+0x10/0x10 [ 281.131854] ? srso_return_thunk+0x5/0x5f [ 281.132146] copy_page_range+0x2845/0x4cf0 [ 281.132483] ? __pfx_copy_page_range+0x10/0x10 [ 281.132780] ? mark_held_locks+0x9e/0xe0 [ 281.133062] ? srso_return_thunk+0x5/0x5f [ 281.133352] ? srso_return_thunk+0x5/0x5f [ 281.133657] ? up_write+0x195/0x520 [ 281.133907] ? up_write+0x195/0x520 [ 281.134142] ? srso_return_thunk+0x5/0x5f [ 281.134436] copy_process+0x7d17/0x8e00 [ 281.134730] ? __pfx_copy_process+0x10/0x10 [ 281.135009] ? srso_return_thunk+0x5/0x5f [ 281.135314] ? copy_clone_args_from_user+0x198/0x780 [ 281.135623] ? __pfx___sanitizer_cov_trace_pc+0x10/0x10 [ 281.135965] kernel_clone+0xeb/0x850 [ 281.136217] ? __pfx_kernel_clone+0x10/0x10 [ 281.136494] ? srso_return_thunk+0x5/0x5f [ 281.136795] ? __do_sys_clone3+0x1cb/0x250 [ 281.137074] __do_sys_clone3+0x1d5/0x250 [ 281.137341] ? __pfx___do_sys_clone3+0x10/0x10 [ 281.137661] ? srso_return_thunk+0x5/0x5f [ 281.137943] ? lockdep_hardirqs_on_prepare+0x262/0x3f0 [ 281.138279] ? srso_return_thunk+0x5/0x5f [ 281.138589] do_syscall_64+0xbf/0x1d0 [ 281.138837] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 281.139162] RIP: 0033:0x7fa1711dcb19 [ 281.139394] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 281.140322] RSP: 002b:00007fa16e752188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 281.140747] RAX: ffffffffffffffda RBX: 00007fa1712eff60 RCX: 00007fa1711dcb19 [ 281.141136] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020000640 [ 281.141536] RBP: 00007fa171236f6d R08: 0000000000000000 R09: 0000000000000000 [ 281.141923] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 281.142311] R13: 00007fffd4e83b2f R14: 00007fa16e752300 R15: 0000000000022000 [ 281.142725] [ 281.142877] Sending NMI from CPU 0 to CPUs 1: [ 281.143164] NMI backtrace for cpu 1 skipped: idling at default_idle+0x1e/0x30 00:57:13 executing program 6: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TCSETA(r0, 0x5406, &(0x7f0000000040)={0x0, 0x0, 0xfffb, 0x0, 0x0, "60758fc574b92af4"}) 00:57:13 executing program 7: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TCSETSF2(r0, 0x402c542d, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, "375546309920824ce34233ead021e4552f8d10"}) 00:57:13 executing program 0: r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) io_setup(0xd29, &(0x7f0000000780)=0x0) io_submit(r1, 0x2, &(0x7f00000001c0)=[&(0x7f0000000080)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000040)="f9", 0x1}, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x5, 0x0, r0, &(0x7f00000000c0)}]) 00:57:13 executing program 5: r0 = openat$cdrom(0xffffffffffffff9c, &(0x7f0000000140), 0x8800, 0x0) ioctl$CDROM_SEND_PACKET(0xffffffffffffffff, 0x5393, 0x0) ioctl$DVD_READ_STRUCT(r0, 0x5390, &(0x7f0000000180)=@copyright) 00:57:13 executing program 1: connect$inet6(0xffffffffffffffff, 0x0, 0x0) ioctl$KDGKBLED(0xffffffffffffffff, 0x4b64, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000580)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x240, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="eb3c906d6b66732e66617400020801000440008000f801", 0x17}, {&(0x7f0000000340)="53595a4b414c4c45522020080000eb80325132510000eb80325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020", 0x4b, 0xa04}], 0x0, &(0x7f0000000080)) ioctl$INCFS_IOC_PERMIT_FILL(r0, 0x40046721, 0x0) ioctl$VT_RESIZE(0xffffffffffffffff, 0x4b47, &(0x7f0000000000)={0x0, 0x8001}) 00:57:13 executing program 4: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_mount_image$ext4(0x0, &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000280)='devpts\x00', 0x0, 0x0) r0 = inotify_init() inotify_add_watch(r0, &(0x7f0000000100)='./file0\x00', 0x500) umount2(&(0x7f0000000000)='./file0\x00', 0x0) close(r0) 00:57:13 executing program 3: syz_mount_image$iso9660(&(0x7f00000005c0), &(0x7f0000000600)='./file0\x00', 0x0, 0x0, &(0x7f0000001740), 0x0, &(0x7f0000000000)={[{@utf8}, {@utf8}]}) 00:57:13 executing program 2: openat$ptmx(0xffffffffffffff9c, &(0x7f0000002900), 0x0, 0x0) [ 284.291593] sr 1:0:0:0: [sr0] CDROM not ready. Make sure there is a disc in the drive. [ 284.318204] syz-executor.3: attempt to access beyond end of device [ 284.318204] loop3: rw=0, sector=64, nr_sectors = 2 limit=0 [ 284.345822] loop1: detected capacity change from 0 to 10 [ 284.348592] isofs_fill_super: bread failed, dev=loop3, iso_blknum=16, block=32 [ 284.390309] sr 1:0:0:0: [sr0] CDROM not ready. Make sure there is a disc in the drive. 00:57:13 executing program 2: signalfd(0xffffffffffffffff, &(0x7f00000011c0), 0x8) dup(0xffffffffffffffff) clone3(0x0, 0x0) r0 = epoll_create1(0x0) r1 = syz_open_dev$tty1(0xc, 0x4, 0x1) epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000000)) ioctl$TIOCVHANGUP(r1, 0x5437, 0x0) syz_open_dev$tty1(0xc, 0x4, 0x1) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, 0x0) 00:57:13 executing program 6: openat$rtc(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$FAT_IOCTL_GET_VOLUME_ID(0xffffffffffffffff, 0x80047213, 0x0) ioctl$RTC_SET_TIME(0xffffffffffffffff, 0x4024700a, 0x0) ioctl$BTRFS_IOC_SUBVOL_CREATE_V2(0xffffffffffffffff, 0x50009418, 0x0) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x50550}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000000), 0x4) setsockopt$packet_rx_ring(r0, 0x107, 0x5, &(0x7f0000000100)=@req3, 0x1c) 00:57:13 executing program 5: syz_mount_image$tmpfs(0x0, &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) stat(&(0x7f0000000240)='./file0\x00', &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0}) setresuid(0x0, r0, 0x0) setgroups(0x0, 0x0) 00:57:13 executing program 3: syz_mount_image$iso9660(&(0x7f00000005c0), &(0x7f0000000600)='./file0\x00', 0x0, 0x0, &(0x7f0000001740), 0x0, &(0x7f0000000000)={[{@utf8}, {@utf8}]}) 00:57:13 executing program 1: connect$inet6(0xffffffffffffffff, 0x0, 0x0) ioctl$KDGKBLED(0xffffffffffffffff, 0x4b64, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000580)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x240, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="eb3c906d6b66732e66617400020801000440008000f801", 0x17}, {&(0x7f0000000340)="53595a4b414c4c45522020080000eb80325132510000eb80325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020", 0x4b, 0xa04}], 0x0, &(0x7f0000000080)) ioctl$INCFS_IOC_PERMIT_FILL(r0, 0x40046721, 0x0) ioctl$VT_RESIZE(0xffffffffffffffff, 0x4b47, &(0x7f0000000000)={0x0, 0x8001}) 00:57:13 executing program 4: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_mount_image$ext4(0x0, &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000280)='devpts\x00', 0x0, 0x0) r0 = inotify_init() inotify_add_watch(r0, &(0x7f0000000100)='./file0\x00', 0x500) umount2(&(0x7f0000000000)='./file0\x00', 0x0) close(r0) [ 284.690875] syz-executor.3: attempt to access beyond end of device [ 284.690875] loop3: rw=0, sector=64, nr_sectors = 2 limit=0 [ 284.696400] isofs_fill_super: bread failed, dev=loop3, iso_blknum=16, block=32 00:57:13 executing program 0: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = perf_event_open(&(0x7f0000000580)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$FS_IOC_GETFLAGS(r0, 0x80086601, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) r1 = getpid() perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r1, 0x0, 0xffffffffffffffff, 0x0) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, 0x0, 0x0) setxattr$security_capability(0x0, &(0x7f0000000040), 0x0, 0x0, 0x0) read$hiddev(0xffffffffffffffff, 0x0, 0x0) [ 284.948169] audit: type=1400 audit(1729126633.926:10): avc: denied { write } for pid=8450 comm="syz-executor.0" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 [ 287.003573] loop1: detected capacity change from 0 to 10 VM DIAGNOSIS: 00:57:10 Registers: info registers vcpu 0 RAX=000000000000002b RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff8262d465 RDI=ffffffff886610c0 RBP=ffffffff88661080 RSP=ffff88806ce08c50 R8 =0000000000000000 R9 =ffffed100150a046 R10=000000000000002b R11=7371726964726168 R12=000000000000002b R13=ffffffff88661080 R14=0000000000000010 R15=ffffffff8262d450 RIP=ffffffff8262d4bd RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 00007fa16e752700 00000000 00000000 GS =0000 ffff88806ce00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007f938478d998 CR3=000000004074e000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=00000000000000000000000000000000 XMM01=ffffffffffffffffffffffffffffffff XMM02=00000000000000000000000000000000 XMM03=00000000000000000000000000000000 XMM04=000000000000000000000000000000ff XMM05=00000000000000000000000000000000 XMM06=0000000000000000000000524f525245 XMM07=00000000000000000000000000000000 XMM08=000000000000000000524f5252450040 XMM09=00000000000000000000000000000000 XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000 info registers vcpu 1 RAX=00000000000bdf3f RBX=0000000000000001 RCX=ffffffff848238d7 RDX=0000000000000000 RSI=0000000000000000 RDI=ffffffff812ad1ed RBP=dffffc0000000000 RSP=ffff8880096c7e68 R8 =0000000000000001 R9 =ffffed100d9e6c70 R10=ffff88806cf36383 R11=0000000000000000 R12=ffffffff863f2748 R13=1ffff110012d8fd2 R14=0000000000000000 R15=0000000000000000 RIP=ffffffff8482487e RFL=00000206 [-----P-] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 0000000000000000 00000000 00000000 GS =0000 ffff88806cf00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007f6286484f78 CR3=000000000de9a000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001fa0 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=00000000000000000000000000000000 XMM01=00000000000000460000000000000046 XMM02=0000000000000000415201aa00000000 XMM03=2853454c49465f52455453494745525f XMM04=286e65706f5f746e6576655f66726570 XMM05=2c6c696e3d293030303178302f303030 XMM06=30313030303030303066377830282620 XMM07=303030303030663778302826202c2930 XMM08=5f676e6972755f6f690a292930303030 XMM09=5f474e49524f49247265747369676572 XMM10=722853454c49465f5245545349474552 XMM11=3030663778302826202c387830202c30 XMM12=0a29307830202c293034313030303030 XMM13=6e2464695f796c696d61665f7465675f XMM14=6666666666667830283435313230386c XMM15=0a293072202c65666666666666666666