Warning: Permanently added '[localhost]:22662' (ECDSA) to the list of known hosts. 2025/09/01 18:51:33 fuzzer started 2025/09/01 18:51:34 dialing manager at localhost:35473 syzkaller login: [ 50.951923] cgroup: Unknown subsys name 'net' [ 51.107489] cgroup: Unknown subsys name 'cpuset' [ 51.159013] cgroup: Unknown subsys name 'rlimit' 2025/09/01 18:51:45 syscalls: 2214 2025/09/01 18:51:45 code coverage: enabled 2025/09/01 18:51:45 comparison tracing: enabled 2025/09/01 18:51:45 extra coverage: enabled 2025/09/01 18:51:45 setuid sandbox: enabled 2025/09/01 18:51:45 namespace sandbox: enabled 2025/09/01 18:51:45 Android sandbox: enabled 2025/09/01 18:51:45 fault injection: enabled 2025/09/01 18:51:45 leak checking: enabled 2025/09/01 18:51:45 net packet injection: enabled 2025/09/01 18:51:45 net device setup: enabled 2025/09/01 18:51:45 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2025/09/01 18:51:45 devlink PCI setup: PCI device 0000:00:10.0 is not available 2025/09/01 18:51:45 USB emulation: enabled 2025/09/01 18:51:45 hci packet injection: enabled 2025/09/01 18:51:45 wifi device emulation: enabled 2025/09/01 18:51:45 802.15.4 emulation: enabled 2025/09/01 18:51:45 fetching corpus: 50, signal 18529/20344 (executing program) 2025/09/01 18:51:45 fetching corpus: 100, signal 31936/35297 (executing program) 2025/09/01 18:51:45 fetching corpus: 150, signal 42074/46852 (executing program) 2025/09/01 18:51:45 fetching corpus: 200, signal 51358/57327 (executing program) 2025/09/01 18:51:45 fetching corpus: 250, signal 55383/62627 (executing program) 2025/09/01 18:51:45 fetching corpus: 300, signal 61034/69407 (executing program) 2025/09/01 18:51:45 fetching corpus: 350, signal 63230/72872 (executing program) 2025/09/01 18:51:45 fetching corpus: 400, signal 67064/77809 (executing program) 2025/09/01 18:51:45 fetching corpus: 450, signal 70019/81855 (executing program) 2025/09/01 18:51:46 fetching corpus: 500, signal 72837/85728 (executing program) 2025/09/01 18:51:46 fetching corpus: 550, signal 75804/89658 (executing program) 2025/09/01 18:51:46 fetching corpus: 600, signal 77248/92204 (executing program) 2025/09/01 18:51:46 fetching corpus: 650, signal 80662/96401 (executing program) 2025/09/01 18:51:46 fetching corpus: 700, signal 83749/100284 (executing program) 2025/09/01 18:51:46 fetching corpus: 750, signal 85644/103089 (executing program) 2025/09/01 18:51:46 fetching corpus: 800, signal 87631/105916 (executing program) 2025/09/01 18:51:46 fetching corpus: 850, signal 88695/107920 (executing program) 2025/09/01 18:51:46 fetching corpus: 900, signal 90219/110316 (executing program) 2025/09/01 18:51:46 fetching corpus: 950, signal 92293/113089 (executing program) 2025/09/01 18:51:47 fetching corpus: 1000, signal 93939/115539 (executing program) 2025/09/01 18:51:47 fetching corpus: 1050, signal 95857/118175 (executing program) 2025/09/01 18:51:47 fetching corpus: 1100, signal 98251/121133 (executing program) 2025/09/01 18:51:47 fetching corpus: 1150, signal 100057/123557 (executing program) 2025/09/01 18:51:47 fetching corpus: 1200, signal 102256/126206 (executing program) 2025/09/01 18:51:47 fetching corpus: 1250, signal 103573/128141 (executing program) 2025/09/01 18:51:47 fetching corpus: 1300, signal 104745/130013 (executing program) 2025/09/01 18:51:47 fetching corpus: 1350, signal 106233/132078 (executing program) 2025/09/01 18:51:47 fetching corpus: 1400, signal 107439/133898 (executing program) 2025/09/01 18:51:47 fetching corpus: 1450, signal 108528/135667 (executing program) 2025/09/01 18:51:47 fetching corpus: 1500, signal 109958/137620 (executing program) 2025/09/01 18:51:48 fetching corpus: 1550, signal 110638/139052 (executing program) 2025/09/01 18:51:48 fetching corpus: 1600, signal 111613/140607 (executing program) 2025/09/01 18:51:48 fetching corpus: 1650, signal 112749/142321 (executing program) 2025/09/01 18:51:48 fetching corpus: 1700, signal 113787/143964 (executing program) 2025/09/01 18:51:48 fetching corpus: 1750, signal 114576/145388 (executing program) 2025/09/01 18:51:48 fetching corpus: 1800, signal 115748/147052 (executing program) 2025/09/01 18:51:48 fetching corpus: 1850, signal 116900/148664 (executing program) 2025/09/01 18:51:48 fetching corpus: 1900, signal 117800/150101 (executing program) 2025/09/01 18:51:48 fetching corpus: 1950, signal 118567/151446 (executing program) 2025/09/01 18:51:48 fetching corpus: 2000, signal 119848/153067 (executing program) 2025/09/01 18:51:48 fetching corpus: 2050, signal 120973/154598 (executing program) 2025/09/01 18:51:48 fetching corpus: 2100, signal 122236/156162 (executing program) 2025/09/01 18:51:49 fetching corpus: 2150, signal 123036/157428 (executing program) 2025/09/01 18:51:49 fetching corpus: 2200, signal 123700/158608 (executing program) 2025/09/01 18:51:49 fetching corpus: 2250, signal 124472/159843 (executing program) 2025/09/01 18:51:49 fetching corpus: 2300, signal 125076/160985 (executing program) 2025/09/01 18:51:49 fetching corpus: 2350, signal 125912/162237 (executing program) 2025/09/01 18:51:49 fetching corpus: 2400, signal 126874/163526 (executing program) 2025/09/01 18:51:49 fetching corpus: 2450, signal 127688/164704 (executing program) 2025/09/01 18:51:49 fetching corpus: 2500, signal 128334/165806 (executing program) 2025/09/01 18:51:49 fetching corpus: 2550, signal 129007/166934 (executing program) 2025/09/01 18:51:49 fetching corpus: 2600, signal 129812/168125 (executing program) 2025/09/01 18:51:50 fetching corpus: 2650, signal 130369/169124 (executing program) 2025/09/01 18:51:50 fetching corpus: 2700, signal 131117/170188 (executing program) 2025/09/01 18:51:50 fetching corpus: 2750, signal 132301/171448 (executing program) 2025/09/01 18:51:50 fetching corpus: 2800, signal 132901/172476 (executing program) 2025/09/01 18:51:50 fetching corpus: 2850, signal 133873/173665 (executing program) 2025/09/01 18:51:50 fetching corpus: 2900, signal 135080/174911 (executing program) 2025/09/01 18:51:50 fetching corpus: 2950, signal 135584/175800 (executing program) 2025/09/01 18:51:50 fetching corpus: 3000, signal 136453/176864 (executing program) 2025/09/01 18:51:50 fetching corpus: 3050, signal 137348/177893 (executing program) 2025/09/01 18:51:50 fetching corpus: 3100, signal 138123/178843 (executing program) 2025/09/01 18:51:51 fetching corpus: 3150, signal 138906/179822 (executing program) 2025/09/01 18:51:51 fetching corpus: 3200, signal 139374/180595 (executing program) 2025/09/01 18:51:51 fetching corpus: 3250, signal 140044/181494 (executing program) 2025/09/01 18:51:51 fetching corpus: 3300, signal 140579/182322 (executing program) 2025/09/01 18:51:51 fetching corpus: 3350, signal 141096/183124 (executing program) 2025/09/01 18:51:51 fetching corpus: 3400, signal 141600/183906 (executing program) 2025/09/01 18:51:51 fetching corpus: 3450, signal 142181/184752 (executing program) 2025/09/01 18:51:51 fetching corpus: 3500, signal 142671/185541 (executing program) 2025/09/01 18:51:51 fetching corpus: 3550, signal 143632/186481 (executing program) 2025/09/01 18:51:51 fetching corpus: 3600, signal 144076/187202 (executing program) 2025/09/01 18:51:51 fetching corpus: 3650, signal 144607/187968 (executing program) 2025/09/01 18:51:52 fetching corpus: 3700, signal 145383/188785 (executing program) 2025/09/01 18:51:52 fetching corpus: 3750, signal 146085/189589 (executing program) 2025/09/01 18:51:52 fetching corpus: 3800, signal 146487/190277 (executing program) 2025/09/01 18:51:52 fetching corpus: 3850, signal 146885/190985 (executing program) 2025/09/01 18:51:52 fetching corpus: 3900, signal 147401/191684 (executing program) 2025/09/01 18:51:52 fetching corpus: 3950, signal 148208/192422 (executing program) 2025/09/01 18:51:52 fetching corpus: 4000, signal 148627/193055 (executing program) 2025/09/01 18:51:52 fetching corpus: 4050, signal 149117/193712 (executing program) 2025/09/01 18:51:52 fetching corpus: 4100, signal 149579/194364 (executing program) 2025/09/01 18:51:52 fetching corpus: 4150, signal 150027/194985 (executing program) 2025/09/01 18:51:52 fetching corpus: 4200, signal 150717/195751 (executing program) 2025/09/01 18:51:53 fetching corpus: 4250, signal 151198/196415 (executing program) 2025/09/01 18:51:53 fetching corpus: 4300, signal 151565/196983 (executing program) 2025/09/01 18:51:53 fetching corpus: 4350, signal 152024/197598 (executing program) 2025/09/01 18:51:53 fetching corpus: 4400, signal 152402/198161 (executing program) 2025/09/01 18:51:53 fetching corpus: 4450, signal 152817/198755 (executing program) 2025/09/01 18:51:53 fetching corpus: 4500, signal 153488/199343 (executing program) 2025/09/01 18:51:53 fetching corpus: 4550, signal 154008/199891 (executing program) 2025/09/01 18:51:53 fetching corpus: 4600, signal 154812/200479 (executing program) 2025/09/01 18:51:53 fetching corpus: 4650, signal 155242/201007 (executing program) 2025/09/01 18:51:53 fetching corpus: 4700, signal 155586/201531 (executing program) 2025/09/01 18:51:53 fetching corpus: 4750, signal 155984/202109 (executing program) 2025/09/01 18:51:54 fetching corpus: 4800, signal 156596/202633 (executing program) 2025/09/01 18:51:54 fetching corpus: 4850, signal 157127/203183 (executing program) 2025/09/01 18:51:54 fetching corpus: 4900, signal 157557/203682 (executing program) 2025/09/01 18:51:54 fetching corpus: 4950, signal 157916/204201 (executing program) 2025/09/01 18:51:54 fetching corpus: 5000, signal 158421/204678 (executing program) 2025/09/01 18:51:54 fetching corpus: 5050, signal 158708/205129 (executing program) 2025/09/01 18:51:54 fetching corpus: 5100, signal 159160/205342 (executing program) 2025/09/01 18:51:54 fetching corpus: 5150, signal 159553/205348 (executing program) 2025/09/01 18:51:54 fetching corpus: 5200, signal 159980/205363 (executing program) 2025/09/01 18:51:54 fetching corpus: 5250, signal 160411/205365 (executing program) 2025/09/01 18:51:54 fetching corpus: 5300, signal 160886/205372 (executing program) 2025/09/01 18:51:54 fetching corpus: 5350, signal 161269/205378 (executing program) 2025/09/01 18:51:55 fetching corpus: 5400, signal 161864/205414 (executing program) 2025/09/01 18:51:55 fetching corpus: 5450, signal 162340/205433 (executing program) 2025/09/01 18:51:55 fetching corpus: 5500, signal 162652/205441 (executing program) 2025/09/01 18:51:55 fetching corpus: 5550, signal 162988/205453 (executing program) 2025/09/01 18:51:55 fetching corpus: 5600, signal 163563/205465 (executing program) 2025/09/01 18:51:55 fetching corpus: 5650, signal 163998/205474 (executing program) 2025/09/01 18:51:55 fetching corpus: 5700, signal 164419/205484 (executing program) 2025/09/01 18:51:55 fetching corpus: 5750, signal 164992/205485 (executing program) 2025/09/01 18:51:55 fetching corpus: 5800, signal 165447/205491 (executing program) 2025/09/01 18:51:55 fetching corpus: 5850, signal 165751/205498 (executing program) 2025/09/01 18:51:55 fetching corpus: 5900, signal 166132/205501 (executing program) 2025/09/01 18:51:55 fetching corpus: 5950, signal 167921/205501 (executing program) 2025/09/01 18:51:56 fetching corpus: 6000, signal 168212/205507 (executing program) 2025/09/01 18:51:56 fetching corpus: 6050, signal 168770/205509 (executing program) 2025/09/01 18:51:56 fetching corpus: 6100, signal 169206/205587 (executing program) 2025/09/01 18:51:56 fetching corpus: 6150, signal 169444/205588 (executing program) 2025/09/01 18:51:56 fetching corpus: 6200, signal 169771/205591 (executing program) 2025/09/01 18:51:56 fetching corpus: 6250, signal 170059/205594 (executing program) 2025/09/01 18:51:56 fetching corpus: 6300, signal 171010/205599 (executing program) 2025/09/01 18:51:56 fetching corpus: 6350, signal 171682/205625 (executing program) 2025/09/01 18:51:56 fetching corpus: 6400, signal 172261/205629 (executing program) 2025/09/01 18:51:56 fetching corpus: 6450, signal 172659/205641 (executing program) 2025/09/01 18:51:56 fetching corpus: 6500, signal 172979/205646 (executing program) 2025/09/01 18:51:56 fetching corpus: 6550, signal 173226/205646 (executing program) 2025/09/01 18:51:56 fetching corpus: 6600, signal 173506/205650 (executing program) 2025/09/01 18:51:57 fetching corpus: 6650, signal 173964/205653 (executing program) 2025/09/01 18:51:57 fetching corpus: 6700, signal 174503/205665 (executing program) 2025/09/01 18:51:57 fetching corpus: 6750, signal 174996/205667 (executing program) 2025/09/01 18:51:57 fetching corpus: 6800, signal 175428/205722 (executing program) 2025/09/01 18:51:57 fetching corpus: 6850, signal 175755/205737 (executing program) 2025/09/01 18:51:57 fetching corpus: 6900, signal 176011/205737 (executing program) 2025/09/01 18:51:57 fetching corpus: 6950, signal 176818/205789 (executing program) 2025/09/01 18:51:57 fetching corpus: 7000, signal 177085/205792 (executing program) 2025/09/01 18:51:58 fetching corpus: 7050, signal 177571/205801 (executing program) 2025/09/01 18:51:58 fetching corpus: 7100, signal 177845/205809 (executing program) 2025/09/01 18:51:58 fetching corpus: 7150, signal 178378/205810 (executing program) 2025/09/01 18:51:58 fetching corpus: 7200, signal 178774/205815 (executing program) 2025/09/01 18:51:58 fetching corpus: 7250, signal 179144/205821 (executing program) 2025/09/01 18:51:58 fetching corpus: 7300, signal 179418/205832 (executing program) 2025/09/01 18:51:58 fetching corpus: 7350, signal 179784/205836 (executing program) 2025/09/01 18:51:58 fetching corpus: 7400, signal 180088/205858 (executing program) 2025/09/01 18:51:58 fetching corpus: 7450, signal 180595/205888 (executing program) 2025/09/01 18:51:58 fetching corpus: 7500, signal 180924/205890 (executing program) 2025/09/01 18:51:58 fetching corpus: 7550, signal 181290/205906 (executing program) 2025/09/01 18:51:58 fetching corpus: 7600, signal 181515/205911 (executing program) 2025/09/01 18:51:59 fetching corpus: 7650, signal 181748/205911 (executing program) 2025/09/01 18:51:59 fetching corpus: 7700, signal 182028/205925 (executing program) 2025/09/01 18:51:59 fetching corpus: 7750, signal 182308/205929 (executing program) 2025/09/01 18:51:59 fetching corpus: 7800, signal 182753/205939 (executing program) 2025/09/01 18:51:59 fetching corpus: 7850, signal 183160/205968 (executing program) 2025/09/01 18:51:59 fetching corpus: 7900, signal 183392/205972 (executing program) 2025/09/01 18:51:59 fetching corpus: 7950, signal 183753/205985 (executing program) 2025/09/01 18:51:59 fetching corpus: 8000, signal 184014/205985 (executing program) 2025/09/01 18:51:59 fetching corpus: 8050, signal 184349/205986 (executing program) 2025/09/01 18:51:59 fetching corpus: 8100, signal 184608/205988 (executing program) 2025/09/01 18:51:59 fetching corpus: 8150, signal 184853/206012 (executing program) 2025/09/01 18:52:00 fetching corpus: 8200, signal 185126/206012 (executing program) 2025/09/01 18:52:00 fetching corpus: 8250, signal 185439/206017 (executing program) 2025/09/01 18:52:00 fetching corpus: 8300, signal 185725/206025 (executing program) 2025/09/01 18:52:00 fetching corpus: 8350, signal 186066/206044 (executing program) 2025/09/01 18:52:00 fetching corpus: 8400, signal 186245/206048 (executing program) 2025/09/01 18:52:00 fetching corpus: 8450, signal 186489/206048 (executing program) 2025/09/01 18:52:00 fetching corpus: 8500, signal 186882/206049 (executing program) 2025/09/01 18:52:00 fetching corpus: 8550, signal 187217/206051 (executing program) 2025/09/01 18:52:00 fetching corpus: 8600, signal 187574/206051 (executing program) 2025/09/01 18:52:00 fetching corpus: 8650, signal 187874/206052 (executing program) 2025/09/01 18:52:00 fetching corpus: 8700, signal 188286/206053 (executing program) 2025/09/01 18:52:01 fetching corpus: 8750, signal 189041/206056 (executing program) 2025/09/01 18:52:01 fetching corpus: 8800, signal 189407/206069 (executing program) 2025/09/01 18:52:01 fetching corpus: 8850, signal 189643/206074 (executing program) 2025/09/01 18:52:01 fetching corpus: 8900, signal 189883/206076 (executing program) 2025/09/01 18:52:01 fetching corpus: 8950, signal 190215/206088 (executing program) 2025/09/01 18:52:01 fetching corpus: 9000, signal 190465/206088 (executing program) 2025/09/01 18:52:01 fetching corpus: 9050, signal 190654/206102 (executing program) 2025/09/01 18:52:01 fetching corpus: 9100, signal 190839/206103 (executing program) 2025/09/01 18:52:01 fetching corpus: 9150, signal 191067/206104 (executing program) 2025/09/01 18:52:01 fetching corpus: 9200, signal 191488/206111 (executing program) 2025/09/01 18:52:01 fetching corpus: 9250, signal 191763/206115 (executing program) 2025/09/01 18:52:01 fetching corpus: 9300, signal 191999/206131 (executing program) 2025/09/01 18:52:01 fetching corpus: 9350, signal 192237/206135 (executing program) 2025/09/01 18:52:02 fetching corpus: 9400, signal 192629/206137 (executing program) 2025/09/01 18:52:02 fetching corpus: 9450, signal 192874/206137 (executing program) 2025/09/01 18:52:02 fetching corpus: 9500, signal 193158/206137 (executing program) 2025/09/01 18:52:02 fetching corpus: 9550, signal 193330/206149 (executing program) 2025/09/01 18:52:02 fetching corpus: 9600, signal 193671/206151 (executing program) 2025/09/01 18:52:02 fetching corpus: 9650, signal 193818/206162 (executing program) 2025/09/01 18:52:02 fetching corpus: 9700, signal 194167/206164 (executing program) 2025/09/01 18:52:02 fetching corpus: 9750, signal 194605/206169 (executing program) 2025/09/01 18:52:02 fetching corpus: 9800, signal 194765/206176 (executing program) 2025/09/01 18:52:02 fetching corpus: 9850, signal 194948/206179 (executing program) 2025/09/01 18:52:02 fetching corpus: 9900, signal 195200/206186 (executing program) 2025/09/01 18:52:02 fetching corpus: 9950, signal 195451/206198 (executing program) 2025/09/01 18:52:02 fetching corpus: 10000, signal 195730/206269 (executing program) 2025/09/01 18:52:03 fetching corpus: 10050, signal 195903/206272 (executing program) 2025/09/01 18:52:03 fetching corpus: 10100, signal 196109/206278 (executing program) 2025/09/01 18:52:03 fetching corpus: 10140, signal 196309/206278 (executing program) 2025/09/01 18:52:03 fetching corpus: 10140, signal 196309/206278 (executing program) 2025/09/01 18:52:05 starting 8 fuzzer processes 18:52:05 executing program 0: ioctl$RTC_PIE_ON(0xffffffffffffffff, 0x7005) ioctl$BTRFS_IOC_SCRUB(0xffffffffffffffff, 0xc400941b, &(0x7f0000000000)={0x0, 0x3, 0x6}) recvmmsg$unix(0xffffffffffffffff, &(0x7f0000004200)=[{{&(0x7f0000000480), 0x6e, &(0x7f00000017c0)=[{&(0x7f0000000500)=""/4096, 0x1000}, {&(0x7f0000001500)=""/157, 0x9d}, {&(0x7f00000015c0)=""/111, 0x6f}, {&(0x7f0000001640)=""/66, 0x42}, {&(0x7f00000016c0)=""/98, 0x62}, {&(0x7f0000001740)=""/91, 0x5b}], 0x6, &(0x7f0000001840)}}, {{0x0, 0x0, &(0x7f00000019c0)=[{&(0x7f0000001880)=""/31, 0x1f}, {&(0x7f00000018c0)=""/244, 0xf4}], 0x2, &(0x7f0000001a00)=[@cred={{0x1c, 0x1, 0x2, {0x0, 0x0}}}, @rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x2c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x2c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}], 0x158}}, {{&(0x7f0000001b80)=@abs, 0x6e, &(0x7f0000003ec0)=[{&(0x7f0000001c00)=""/4096, 0x1000}, {&(0x7f0000002c00)=""/112, 0x70}, {&(0x7f0000002c80)=""/212, 0xd4}, {&(0x7f0000002d80)=""/4096, 0x1000}, {&(0x7f0000003d80)=""/149, 0x95}, {&(0x7f0000003e40)=""/82, 0x52}], 0x6}}, {{&(0x7f0000003f40), 0x6e, &(0x7f00000041c0)=[{&(0x7f0000003fc0)=""/18, 0x12}, {&(0x7f0000004000)=""/89, 0x59}, {&(0x7f0000004080)=""/79, 0x4f}, {&(0x7f0000004100)=""/134, 0x86}], 0x4}}], 0x4, 0x322, &(0x7f0000004300)) fchown(0xffffffffffffffff, r0, 0xee00) openat$cgroup_netprio_ifpriomap(r2, &(0x7f0000004340), 0x2, 0x0) r10 = fcntl$dupfd(r6, 0x406, r5) ioctl$BTRFS_IOC_QGROUP_ASSIGN(r10, 0x40189429, &(0x7f0000004380)={0x0, 0xffff, 0x80}) r11 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000043c0), 0x200, 0x0) fcntl$getown(r11, 0x9) ioctl$KDSIGACCEPT(r3, 0x4b4e, 0x5) r12 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000004400), 0x300, 0x0) ioctl$EVIOCGVERSION(r12, 0x80044501, &(0x7f0000004440)=""/215) ioctl$CDROMSUBCHNL(r9, 0x530b, &(0x7f0000004540)={0x1, 0x5, 0xd, 0x0, 0x5, 0x5, @msf={0x7, 0x9, 0xb8}, @lba=0x401}) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r1, 0x81f8943c, &(0x7f0000004580)) ioctl$BTRFS_IOC_SUBVOL_GETFLAGS(0xffffffffffffffff, 0x80089419, &(0x7f0000004780)) ioctl$RTC_PLL_SET(r7, 0x40207012, &(0x7f00000047c0)={0x4, 0x401, 0x3, 0x2, 0x25, 0x8001, 0x1}) fcntl$setlease(r8, 0x400, 0x2) ioctl$TUNGETFEATURES(0xffffffffffffffff, 0x800454cf, &(0x7f0000004800)) ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(r9, 0xc018937d, &(0x7f0000004840)={{0x1, 0x1, 0x18, r4, {0x20}}, './file0\x00'}) ioctl$RTC_IRQP_READ(r13, 0x8008700b, &(0x7f0000004880)) 18:52:05 executing program 1: r0 = shmget(0x0, 0x2000, 0x200, &(0x7f0000ffd000/0x2000)=nil) shmctl$IPC_RMID(r0, 0x0) r1 = getpgid(0xffffffffffffffff) r2 = syz_io_uring_complete(0x0) r3 = fspick(0xffffffffffffffff, &(0x7f0000000000)='./file0\x00', 0x1) kcmp(0x0, r1, 0x0, r2, r3) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r2, 0xc0502100, &(0x7f0000000040)={0x0, 0x0}) prlimit64(r4, 0x2, &(0x7f00000000c0)={0x0, 0x2}, 0x0) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000280)={0x0, 0x0}, &(0x7f00000002c0)=0xc) ioctl$NS_GET_OWNER_UID(r2, 0xb704, &(0x7f0000000300)=0x0) syz_mount_image$iso9660(&(0x7f0000000100), &(0x7f0000000140)='./file0\x00', 0x2, 0x2, &(0x7f0000000240)=[{&(0x7f0000000180)="91c542ded90b6dade85ff0c17858255a20be83912482f816172baa0dc0b861301e692e1f8aee81bd8eabeea3657a3ff626f0ae62a8247670b6fde1f672941a38d6a2c3d0444177e4929bb010f2", 0x4d, 0x80}, {&(0x7f0000000200)="b3bd4a465e83e063f2fd43c04f82fabcfc46d8df3d18ebccf66d4f", 0x1b, 0x6}], 0x840000, &(0x7f0000000340)={[{@unhide}], [{@fsname={'fsname', 0x3d, '.-'}}, {@euid_eq={'euid', 0x3d, 0xee00}}, {@euid_eq={'euid', 0x3d, r6}}, {@seclabel}, {@smackfsroot={'smackfsroot', 0x3d, '!]&-'}}, {@uid_eq={'uid', 0x3d, r7}}, {@fsmagic={'fsmagic', 0x3d, 0x8}}, {@smackfsdef={'smackfsdef', 0x3d, '\xa9'}}, {@fscontext={'fscontext', 0x3d, 'staff_u'}}, {@smackfshat}]}) r8 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r9 = dup3(r2, r3, 0x80000) sendmsg$NL802154_CMD_SET_WPAN_PHY_NETNS(r8, &(0x7f0000000500)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f00000004c0)={&(0x7f0000000440)={0x4c, 0x0, 0x300, 0x70bd2c, 0x25dfdbfb, {}, [@NL802154_ATTR_PID={0x8, 0x1c, r1}, @NL802154_ATTR_PID={0x8, 0x1c, r5}, @NL802154_ATTR_PID={0x8, 0x1c, r5}, @NL802154_ATTR_NETNS_FD={0x8, 0x1d, r9}, @NL802154_ATTR_NETNS_FD={0x8, 0x1d, r2}, @NL802154_ATTR_WPAN_PHY={0x8, 0x1, 0x2}, @NL802154_ATTR_IFINDEX={0x8}]}, 0x4c}, 0x1, 0x0, 0x0, 0x24004881}, 0x4000094) r10 = syz_io_uring_complete(0x0) setsockopt$bt_hci_HCI_DATA_DIR(r10, 0x0, 0x1, &(0x7f0000000540)=0x81, 0x4) fork() r11 = inotify_init1(0x0) dup2(r3, r11) shmctl$SHM_STAT_ANY(r0, 0xf, &(0x7f0000000580)=""/251) 18:52:05 executing program 7: sendmsg$IPVS_CMD_SET_SERVICE(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000180)={&(0x7f0000000040)={0x110, 0x0, 0x100, 0x70bd2a, 0x25dfdbfd, {}, [@IPVS_CMD_ATTR_DAEMON={0x4c, 0x3, 0x0, 0x1, [@IPVS_DAEMON_ATTR_SYNC_ID={0x8, 0x3, 0x4}, @IPVS_DAEMON_ATTR_MCAST_IFN={0x14, 0x2, 'team_slave_1\x00'}, @IPVS_DAEMON_ATTR_STATE={0x8}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x6, 0x4, 0x400}, @IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @private0={0xfc, 0x0, '\x00', 0x1}}, @IPVS_DAEMON_ATTR_MCAST_PORT={0x6, 0x7, 0x4e24}]}, @IPVS_CMD_ATTR_SERVICE={0x1c, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x20}}, @IPVS_SVC_ATTR_SCHED_NAME={0x9, 0x6, 'none\x00'}]}, @IPVS_CMD_ATTR_DAEMON={0x18, 0x3, 0x0, 0x1, [@IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @private0}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0xa9}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x2}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x4}, @IPVS_CMD_ATTR_DAEMON={0x5c, 0x3, 0x0, 0x1, [@IPVS_DAEMON_ATTR_SYNC_ID={0x8, 0x3, 0x1}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x6, 0x4, 0x4e6}, @IPVS_DAEMON_ATTR_MCAST_PORT={0x6, 0x7, 0x4e23}, @IPVS_DAEMON_ATTR_MCAST_PORT={0x6, 0x7, 0x4e21}, @IPVS_DAEMON_ATTR_MCAST_IFN={0x14, 0x2, 'netpci0\x00'}, @IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @remote}, @IPVS_DAEMON_ATTR_MCAST_PORT={0x6, 0x7, 0x4e22}, @IPVS_DAEMON_ATTR_MCAST_GROUP={0x8, 0x5, @rand_addr=0x64010100}]}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x6}]}, 0x110}, 0x1, 0x0, 0x0, 0x840}, 0x40000) sendmsg$TIPC_NL_PUBL_GET(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000240)={0x78, 0x0, 0x200, 0x70bd29, 0x25dfdbfc, {}, [@TIPC_NLA_MEDIA={0x64, 0x5, 0x0, 0x1, [@TIPC_NLA_MEDIA_PROP={0x1c, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x800}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x80000001}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x1f}]}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'udp\x00'}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'udp\x00'}, @TIPC_NLA_MEDIA_PROP={0x1c, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x8}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x12}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x2}]}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'eth\x00'}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'eth\x00'}, @TIPC_NLA_MEDIA_NAME={0x7, 0x1, 'ib\x00'}]}]}, 0x78}, 0x1, 0x0, 0x0, 0x80}, 0x4004000) sendmsg$BATADV_CMD_GET_ORIGINATORS(0xffffffffffffffff, &(0x7f0000000400)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f00000003c0)={&(0x7f0000000380)={0x34, 0x0, 0x10, 0x70bd2b, 0x25dfdbff, {}, [@BATADV_ATTR_NETWORK_CODING_ENABLED={0x5}, @BATADV_ATTR_MESH_IFINDEX={0x8}, @BATADV_ATTR_NETWORK_CODING_ENABLED={0x5}, @BATADV_ATTR_GW_MODE={0x5, 0x33, 0x2}]}, 0x34}, 0x1, 0x0, 0x0, 0x10}, 0x200000c2) recvmsg$unix(0xffffffffffffffff, &(0x7f0000001900)={&(0x7f0000000440)=@abs, 0x6e, &(0x7f0000001840)=[{&(0x7f00000004c0)=""/177, 0xb1}, {&(0x7f0000000580)=""/122, 0x7a}, {&(0x7f0000000600)=""/4096, 0x1000}, {&(0x7f0000001600)=""/118, 0x76}, {&(0x7f0000001680)=""/124, 0x7c}, {&(0x7f0000001700)=""/86, 0x56}, {&(0x7f0000001780)=""/65, 0x41}, {&(0x7f0000001800)}], 0x8, &(0x7f00000018c0)=[@rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}], 0x18}, 0x20a0) sendmsg$NL80211_CMD_FLUSH_PMKSA(r0, &(0x7f0000001a00)={&(0x7f0000001940)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f00000019c0)={&(0x7f0000001980)={0x20, 0x0, 0x400, 0x70bd2d, 0x25dfdbff, {{}, {@void, @val={0xc, 0x99, {0x2, 0x4a}}}}, ["", "", ""]}, 0x20}, 0x1, 0x0, 0x0, 0x4004}, 0x10) r2 = creat(&(0x7f0000001a40)='./file0\x00', 0x4) ioctl$SG_IO(r2, 0x2285, &(0x7f0000001c40)={0x53, 0x1, 0xec, 0x20, @buffer={0x0, 0xf, &(0x7f0000001a80)=""/15}, &(0x7f0000001ac0)="a5b33dddecd78908d6668f17c0e66545d41e5d61c72c6ba6968d50261a4d71658886a3791b136cda47b39456851ddd9a38ddb4bae5891f0541a97d5f0a0ed823b352641210ebd887a572e1edcbca3c48e5ca9b8a546f2c83bd5d31d67e3e0d8fdbfdc1f02718d42df00c8ce36d8a4dfba154ee1528d36071f7715450f7659d8cd8526403751815db80467113012b5890e1914f42c1b68492e7db493f873bc030459a2bc4ff0bd4e789de296b2b13307e7c50bc9b68625d39c21aaf3f6ab38710837a771ddd201db5e350e80aea7d8623e53e680c3c99ebc4c451572f6d22867dc657ea1be6c7077e2927dd8c", &(0x7f0000001bc0)=""/2, 0x778, 0x10000, 0x2, &(0x7f0000001c00)}) getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000001cc0), &(0x7f0000001d00)=0xc) sendmsg$NL80211_CMD_SET_WDS_PEER(r0, &(0x7f0000001e00)={&(0x7f0000001d40)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000001dc0)={&(0x7f0000001d80)={0x34, 0x0, 0x1, 0x70bd28, 0x25dfdbff, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_MAC={0xa, 0x6, @random="e296566d9f0b"}]}, 0x34}, 0x1, 0x0, 0x0, 0x23ccb3c3a682078e}, 0x4) sendmsg$TIPC_CMD_SET_NETID(r0, &(0x7f0000001f00)={&(0x7f0000001e40)={0x10, 0x0, 0x0, 0x40c}, 0xc, &(0x7f0000001ec0)={&(0x7f0000001e80)={0x24, 0x0, 0x200, 0x70bd2b, 0x25dfdbfb, {{}, {}, {0x8, 0x2, 0x7}}, ["", "", "", "", "", "", "", "", ""]}, 0x24}, 0x1, 0x0, 0x0, 0x4000004}, 0x81) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl802154(&(0x7f0000001f80), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CCA_ED_LEVEL(r3, &(0x7f0000002080)={&(0x7f0000001f40)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000002040)={&(0x7f0000001fc0)={0x6c, r4, 0x400, 0xe, 0x25dfdbfe, {}, [@NL802154_ATTR_WPAN_DEV={0xc}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0xf0eded90d634d1a3}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x3}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x300000003}, @NL802154_ATTR_WPAN_PHY={0x8, 0x1, 0x3}, @NL802154_ATTR_IFINDEX={0x8}, @NL802154_ATTR_WPAN_PHY={0x8, 0x1, 0xd5b1440f3285d068}, @NL802154_ATTR_WPAN_PHY={0x8, 0x1, 0x1}, @NL802154_ATTR_IFINDEX={0x8}]}, 0x6c}, 0x1, 0x0, 0x0, 0x24040094}, 0x4040000) openat$dir(0xffffffffffffff9c, &(0x7f00000020c0)='./file0\x00', 0x109100, 0x15) sendmsg$TIPC_CMD_SET_LINK_PRI(r1, &(0x7f00000021c0)={&(0x7f0000002100)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000002180)={&(0x7f0000002140)={0x30, 0x0, 0x240, 0x70bd2b, 0x25dfdbfc, {{}, {}, {0x14, 0x18, {0x0, @bearer=@udp='udp:syz0\x00'}}}, ["", ""]}, 0x30}, 0x1, 0x0, 0x0, 0x20000000}, 0x4000040) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f0000002200)) r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$nl802154(&(0x7f0000002280), r3) sendmsg$NL802154_CMD_SET_CHANNEL(r5, &(0x7f0000002340)={&(0x7f0000002240)={0x10, 0x0, 0x0, 0x10000002}, 0xc, &(0x7f0000002300)={&(0x7f00000022c0)={0x24, r6, 0x1, 0x70bd28, 0x25dfdbfd, {}, [@NL802154_ATTR_CHANNEL={0x5, 0x8, 0x1}, @NL802154_ATTR_WPAN_PHY={0x8, 0x1, 0x3}]}, 0x24}, 0x1, 0x0, 0x0, 0x20000000}, 0x8000) syz_genetlink_get_family_id$nl802154(&(0x7f0000002380), r3) 18:52:05 executing program 2: ioctl$TIOCMBIS(0xffffffffffffffff, 0x5416, &(0x7f0000000000)=0xfffffff7) ioctl$KDSIGACCEPT(0xffffffffffffffff, 0x4b4e, 0x5) ioctl$VT_RELDISP(0xffffffffffffffff, 0x5605) ioctl$KDSKBMODE(0xffffffffffffffff, 0x4b45, &(0x7f0000000040)=0x1) r0 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_PROTOVER(r0, 0xc0189372, &(0x7f00000000c0)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x6}}, './file0\x00'}) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_open_dev$vcsn(&(0x7f0000001ec0), 0x7, 0x101600) r4 = openat$tcp_mem(0xffffffffffffff9c, &(0x7f0000001f00)='/proc/sys/net/ipv4/tcp_wmem\x00', 0x1, 0x0) ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r1, 0xc0189375, &(0x7f0000001f40)={{0x1, 0x1, 0x18, r0}, './file0\x00'}) sendmsg$netlink(r2, &(0x7f0000002000)={0x0, 0x0, &(0x7f0000001e80)=[{&(0x7f00000001c0)={0x354, 0x3b, 0x800, 0x70bd2a, 0x25dfdbfe, "", [@nested={0x74, 0x51, 0x0, 0x1, [@typed={0xc, 0x7, 0x0, 0x0, @u64=0x4}, @generic="751d5191df477672921e25a9cdae618cd44371279e7571740a31e79e868f35b627555ce3f9ee2d3fbb0f916d7f1f231829ddad952ab126430da230f0119a3182343208c4fe1ed3dbc980e6cc6abc51f8a11600a64f12b0d1f1223367", @typed={0x8, 0x80, 0x0, 0x0, @uid=0xee01}]}, @nested={0x2bd, 0x21, 0x0, 0x1, [@generic="aaa3447c29949df71579474e79031416b5146fab6252681479d526cfc83834db0598365fce822d2e4d1964f7f880a8134e451e5662e9d961926c892b20f73fcd52c4d702bd7e27e93c2124883da932ac40b4c2d65e49305a6d0fe35cc8e0ee8951a86efa0898f645cccc985ff1ccd24944fe15a3f11d9b2e8796d495ac045cb72d3a9893d92f7f8d42c967121a45b4fea8bda6c3475f758e87a173a20f88cb1cbe12e4b0170cc20c37fa4f7e76dc55fc4f93bb826a00f242b1ea7491ee6271", @typed={0x8, 0x14, 0x0, 0x0, @uid=0xee00}, @typed={0x8, 0x4e, 0x0, 0x0, @uid=0xee00}, @generic="411271c893fb37dd0d283aac99746a3910e48b579338da01ec1bf06d217a67dca0451667a8c9353323e0fc1e0d3d68dec1b2ffffdc8d6a967d1f137b205c32", @generic="c7737b7f5e181be65e1bbdc62b0f629de551a8c7b25e61d151ad0bdf9fc1e1b93490ce0076edec40efd05b6452c8b6f1fafee353bb243836f415b680f929dedcca12cb314a6613cb51085ebf288b2b146bce515bcc55501c51e747cf9e76561e44452b58246ed9d3e8c5ec4ec90699e4f31da4f9f7abb896530ca8d63d83e31bfb41335473f5974424522f8e5d5df10f", @typed={0x8, 0x7f, 0x0, 0x0, @uid=0xee00}, @typed={0x8, 0x6d, 0x0, 0x0, @u32=0x3ff}, @generic, @generic="f4174a1128969ce9f5cd304d1036096c2f1c327e66cb1656e2ef3171a851175a214a1f039fef3839e83b8d260740a82b82dba1998bf5c923c3fcd27a5b7730822c0f1fd89961f6e507c3daac3e7146a0fa488a18833245a6c71aca910eea0c0991838a419a7de2778e3f7a6e3e729895d1d789983c202891e9a386e4d1e53573e68f05089745e08598f6f8cd0273b13a082c6b9468d4412e332644077035dc0386e363585eebfa9799fc9f74304d489df9fa9515bdccb8071da7bec5ad99faca27933f13a00856631b07e01a1c33f64086b8e88bff5a42642b9ba06456525f2512db8136cb58f9a7bb5a00bda2b1d0ae3ee681348f223d2a32f2", @generic="06c41cb3167917c7bc2839f52327e4e612"]}, @generic="b8ebdefb5e8355d2", @typed={0x8, 0x4d, 0x0, 0x0, @ipv4=@multicast1}]}, 0x354}, {&(0x7f0000000540)={0xbc, 0x14, 0x100, 0x70bd2d, 0x25dfdbff, "", [@typed={0x4, 0x84}, @generic="5e9e238c7cb905ca4dca5a96a4", @typed={0x8, 0x44, 0x0, 0x0, @pid=0xffffffffffffffff}, @nested={0x4, 0x1c}, @generic="39b2d8b907b2e2538024f8e4c94944e06225608f4a22862d5b655ea638f89bb4a9b2845d225794f8c04c0f72bafcd14b4060aefed5029ff5a9d99a57f6760148d51d1dabb1ee89ca258be608ca920255466fc2055352280bf606b2116adc24542f5de6067821a46783d1030d61dfc4c7f91726550dbf02b7f50e85f88aad6683558b17bedbe5ee8a0902df7fb0acb0"]}, 0xbc}, {&(0x7f0000000600)={0x108, 0x1d, 0x20, 0x70bd2a, 0x25dfdbfd, "", [@generic="5609f8780ba2926531e59718fecbb91e0297685d90b4f08e5679c1a6b774f1d96f5b8be2e9de6ce11c113680f09b4ff900675a6ed42df9abd63748b49571ec87fc6b34f9f9b5914503c1098db38ab8f17598ed22bc0385e5e159e4ca5a02a5fb8c0c2d343037340f639ffc9146c02e4ca43cd19e0190c28076e67ee2d97d9f63cf744393472e60257b4b8eaaf09c74608bbaceec706e9770cc3272d6781f07eaec5b02ef91e7616f5a2b947d4daa179a4b3f3cc478058c3037629b1ae5ab0a587b7464563c54252a4be62962f85b775dc4988b57a2555dfcb28b2342c543b4842a1351c558d6af161d49158088060fcc4cbe09370792bdeb"]}, 0x108}, {&(0x7f0000000740)={0x1720, 0x3b, 0x8, 0x70bd29, 0x25dfdbfe, "", [@nested={0x139d, 0x82, 0x0, 0x1, [@generic="1153997a6455d1a4a4cf908963e0ade6fd964072f4c0601cd4dc19ee6cce97ae7d553a1b211abf32f7b07cabcb789405762298f520c1a940639c74c8af0dc3e41c621088bbec0d21765ec14e459e8de6086f38cea61d3bfb33baf9fbf74af3655902daf52b7d4ac74ac4b0d9787d8ad827211be1ca6be7032b690ee029f9d67f26a5362946d3744fbb0c98ab58afaf419dc41509a1733be19352105ec6928a7ac0accf86e7ff32e8969608d3138160b40affd286aed04ce6775b59e45fcaa7b7bd73966159414a06d54ce219b8c68c8aa248bf02b3e1a1d5a20451df128b5c563c0fc35c892f9eb4f24d24", @generic="836770a1d691704131adba77505e5455f713b07aabd35b2b9346ded1aba5d3a1bf4b772812745f52dfdba6834f403514258bd41869dcef5aa48aa2052105c253eec56275a0a420f7b281f8a0e9b21da870ea0e6f9ba397b226da25fab57393682bc67b84bfa13dac7a639a380579c23678fc42945122ac13fe570d6a3be9974744f3ccb470af22252820ff9378464b640486445b1a15975bb1eac534f6c26ae1ea4b1814c7f32ccbb855a8a0d6f3aefeab3c4dcbf94641d6839e8190e4561ef5df2eb6", @typed={0x8, 0xe, 0x0, 0x0, @fd}, @generic="0ff6c83105054a81d42a32728c6007d0f1b1173947235b39c0b178e5a43750ea1451fb0036819f8a2a26a79678d43c611660d6168d680a27171bfedcd5f812e5966c7d94e4da49bacbb2bcac3cd14e28b82745d1011370e98826ea5fc8ed6a4b0f69fd24bc03d74644e17249dd4f706fac46409db435bf34fa66aa957bc33d6d4be127c4f5157ae23741c340d40ac47fe882728d4021f0af8a543d1915fe24f60e501e332ac16859701d7593820646e30d2fd23427", @generic="2ef6c24806cf91cae15720d07c3e44bedf6a7aa9dc513bd6409b158639fca6d02ec507ad299c82df3aed2fb46aef1c913be4b3ab869a9f637cd1b7597a8cdca0115a38309187764d6172cb6d7eeef15fda8c0d50442f5c859c12213140e52e43575451d8a9b6a6da44416c24d1f27b0be8014f3dfbaed9c425f6e54e1194483214a4e65465ffbb3b94fef66c1e607c8c87cc25feae5ba6e3327ce3d8edc93a136283702f439e2b8f73bffd92b41bcc377512c8321ecba04bece40b01769c1662a39b1d820d3ad9a00d60388ec1314283b761d74c6b0c347f9ef89b9f145469d0da4bf23deca765ef122f614339e6f5916ed5cb652b8a5d76d6e9f7a2826bf67d7ffbf18efc5ef6a08897d2d7562d1afba7f45937e9abf0897d6250c0ba2f5ced2fca78e94580e8edfc1bc1103cad900efcf4418b6dcada2f5a9e8767b9e3b15309382648fca846b261d4df2194642324e50427eda140a99b7681725ee6c439566361d0686b59c6b83786d7562802500f2ea36c659f9ce272929aea0dfbc5a17ab6244e1a3641efaf47c478753367b23e11435a789f351666bb3ecc0be500b12f72b7f47390c811b6d9faade8dd374a0e3e94f5fc904a6e1c418bf845b50f558ce8edf86d6a6fb5b59de8e54183152640894a319556499bf000e477c6f7cc585a9eb63eac447ef1caeb1b8c80795e0e358297f72e0f3acf1e1758006357a9cf7db75935945395d56ce0d30db4a65ab23b5ef244cfde6dcea2e7c834870d156115615189d4fb26183b6aa42745d63512942ef30b4cf409ffd1706fa902312c5c1b62390e568a91c1e87f79d1b228223d22707fcba84f428c54e2340906793b1c521aa84d2ebd330a8af29652ee9d2a8318c0de0badb9a62f07534c0d1153ced37fd435519602227c1d5fc14e54fc1756dc5e6acfd5b4d6a46c81ff1df2011008c4984a74ebff158378d886ab4bf9d75f8cbb7f0839a2ed4eadc8fb2cedce0b7ba2628f6c9eb23624b35eaeafca38311a3d8d382af31b4433dbac8237f6d5cc483be46f9f9795128530eff65095277358e026c4b4ed08eb612446cef47a49b47170b9f2c73acc3aca43dd14ebb57f23e14490808b535ff3e1c251ebd58350bcbc55d77b745209b70edc032056f6b850991977389ef5e030a5b73406433c9a3f05eddf2031f8f459f91200d1b3e2e827becbf02e9e39e0e70897d2771c541e1e9fbd1d620dc80745e314ebb40c5f339437c44674df36d9adbc87ed42570c1df917b3e339c7502da2942c22145d49bee4ddcf7415c1be61dc51d7bbe7280838ae6b601485b2cc7efb8806416020b1572534edc9c037152ca9b0f9fa4ae59110322ec3ee8ce8739269a58533a05155f01e1ba945cff50c3b95a9b74d48bbaa8fd9abd061dc5260340af37b9f24f76a5d880a597e3fe73ecdac78406ebb013696d8a3cb981a3845b519a23b1ff4b6d1b294c2b005aeef57853a570bced55aa0c4d4afca3188eef6c215a97eaa362c599976fd45a00911ca9ca5a80ec07ae74dc311aa37cfb5e4e273d2fa91d3c086bc9aa9758784d74f4132c477106b01340a8cb7a4762426c2f1cfb554e86be02bc2aed05afdaf6231eb36d6e7cbdc203b1a7594aa9815d048db5df1e9272b14882d41308d46a7ee85bb5a2d74049ccc178f751bff3f08826b4b5022c5d1508d9a512a76d0dbdfdf2e010f0a4f6a3a4a669aed73774f9516eef4483633a38f4c3982bc934befa1f939a21ac270f9d241b2a523c39df0de9665f82fb8b308799c9db7c1e6b50a3b31b10636d876757abc17f97b654ca3a4f22be753502451c71a07fb0ef6645f4aa053db3203c76a364be184dd2d362440724da28eaaedb5ba7da092d2df113d025c7b093af6f15501e12d0225e1b1e1b53fa0a6dd21d6970511100ec11bf1d0fc83a2edced5f6415fc73bd0710c1a2e7a4c121b7bfd07552556b6b32e6dfc35f6b07922e5b177a6d340647b7f6a25317824b43ba344b2ebec3317f36a0ead21d1b3c6290b03a91e2d6e50226d471d6d67d8e67a15534075d650aeffb633e6f06ea7bb4c3358b997486ce1b86fc933ed3eeca83646f21f3a1f46aa9a2f2438bec3754dc7a205bd21e6e759577bd3472e28694a6745afef930e2f8a718901921106a054c6d4818f6ff0a2a5d5652d46ca90edfd3002bfdeb7d59b6e6e1eaf531563db08579004491f9bacab172d3cb952ec3214e644d889fa0b88a0d1a3f8d67bf3357f893837623bfe7527306b7daf731a54bdaf142e72917af84c8b8a2f3b30219d7d6d52556245530747a6e665e78aeb34c85806701115351699ed6433bc1fdd6aa39755d308d52b7ff77b87dd372ebde4a63c388f3022dd0099fdf27cb0c53a89ef51e14b527265d380da0414467dd6b69639fb05947cdeb42beacbe2cfa244b61a193e8d63ab760b5a3ab75ba90b1630998b0187412477732f8f88cac6e25070d8de0c2ebefc5b5b60202fd9bc4e8f0c50abb98c2ce9356e149b87091aee1dae25a494b9b38c5f25be008c88419b9472eba5e99a52e0fc8bf3cf4c350826aabeef0c3a512a19023c355be295ffe92c51d0508dc4a7d96bd52e68ab792c5a4c26d52fa9b4d25c3cbe2dc49441e9b511592dae41eb40dbd89b2de9162188eba4cc5bf4888ba3ed4d92f1c7f0d6d3df224c84d0be77a6295f5a02559c4bc5312b3e0ffb5ccddb4861169b761a9a58fc922b0c31424389c253cb11c95a991b398a38eee03329e531030a02bfdfa35e6604db30cc72b7e2588376e142f6f6e4430079a3650ff246f34419849cf7e61149ee57d2961645e389012cbe89a7b390a0bb90527f3c792e1565dbefaefaaefc3f0605ab7b22be1aaa2f724ecb2eddfa8e0255355cae62aa5a58869182e2a57681c704283af8d42e8adc0d2575337379af434fbe1efea3319b4cde4363997f23471252f436ff5a8c4a60add6647f1a54c35f7a1972564be68ec0c52caa3bf2a855c3978d1ade9847e08cc62fb7c52753ef556620022fd15a307e7d7192165dec18d8a2fc5db367427988bb00107744ec36ba2ba415d5079642d60b713092559db1643f2554d4e6c8e7d001e83f6ff1154c3212b44468a47e87387bfc7d460a0c358e47e8030fa6ba5f2950958def1ad4800381488221d4fc355fcb1cc7a7dd81cf77c8d2a9d621087c0add07e9d0b305efb491ee27691f1b0e08f8a74667dfe14d8561cd8b0e6c9b0b15ffd9e12bab7336c9f5568dc77531807db04d53df755ad144988f316142df890e83715d65b147bb38e11e67c85b80a5953748dcd0dd7e8fdfdcdbc0a63fc7a90e7b6ecc2d5f6273b7eb300065be56e8a5c1cd053d3c68e3cfb025d2fe82351cfcd561b3b356e1c503e83c22d39224a7064bc6bc4006c2e761410b099c82b157bc714cbdc81f8396d6c8af37afde8045b5bd17e3a6772e18878a7c32da7de1021705731ca9beb0e9d7396ece08a64204a5fec67d8058a727a55fc0f530a98057226565139fcef5b101ea3b708eb29308f11b188664c2f9f7cc885206fac8fe5b906220b9126c0fac0e87c42f77b2696a92a553218428b0981ac0c3316bf3e26fda1ac202df82196c85744200b4f39d9f1518beb8858a117811f9c2c844a9cdb4f65ef2434ac3b85a4be7fe9f24a83623a39320684376fb35120a7734adace581d154c0f090607e3920325c1739d4552d85fe2a687a299f6879626753bf7f68865af48cfce238ca6a38050cd335a8dc8da28e5744582ad7a8ca2c2334f7021c00b52bc0fa30b9b505371f5f09acce1dfd35ffd4e63cec6696e9cbfeae913b28e1f28c2296fefa3a8d93a1fdd27dc00ba1c843afae0f5113748165544c675087cecbd5b68ba4d347fd8ec662f0c68adafed494f87b708be6cd53fe47efd8d12b1bc4f22b90cb50f8b422719d280e910ad4670192b30fb01e74eb33db98153f9a3a6c7be4c3139974e2aace052bd5ea7a1bead698080cecb8a8b36e7751a66f53c7f0aba5aed3590a15fa5a7ce39d41df2d8013269a20cc9330231d91d5c02d254000aa7cf01c4965afc70132e154c9baee7a799a27cf72ae049bedbd6a84d5df6a2c5fdf5614ee60685ecfef2ec8f0ffe536a7486b713d0a0e03c8366e161432eb1014ecbcf5a0e6108ae894ec9077a7b138fd0890d8ae4995e212df054974782c79a3cc02469e601e811acb636de823cea2c09260d267de0a3db873fc55b2dc087729f76305f017175dbd8728df8bf88e199192f69267bba93e99cffe7378e1966f2151c19bf422bd960335f7ce5916e1d9dbd6d107f969803f9ea378a5ef9321dada1e3c71c09af6ae5a02e43f5744403932f8651cbac11a426bc435d555419d804fea37d7019dba92efde0504397745e208320970cd50d79d4d6176ac9b9d6f8fa0cc39063078a1b8e74d08882997b7e654cb0018cde180708a329ed4363894083c7b7aaae9de3478deed725e2175f583eb1864e026667262209834d796a4f64429eb932f2a9755f602675b174d38d57e307c2f33f1d5f91b021d419875f97906f8ed98f156e869c83e2a19d99ea1fe2aa40c462ce507d980e96d8be3d56f7ec22fbc75989dd1170f498ca9a5313f7f96ce6d4f8ddd99e24481f17f2afb8cadb9d98bc2af476df2c89ea37ccd9076179544078dad028b0b8894b2c733f63a096dfb72d4cc4286fc213c702038b0915b6589892e8e85341b5b02a76935c6260f15efbd9c3864b84fe0a45c8bc0af53153179cb5bc2becff1b8dadfb6d62f553c370e99fd5a698272483b757007b67004712254dce925a464d59480624822630332cb18df9a8daf8c4e76b608884f51236ba0458767639192a2ef3094e1b1e965a02999ecbdea3b61cdde043576b7c325096bc30c5fc35bbb7387d827883c8e397ffb21997999a19dfa4de3720a536374f3a020bd0aa05a845686a9aeeeb909ce5d09fa21358d4e66a87017367be2bba6260a9b2eb2a2acd5df46b8a3bed71d5093838b63ef74ed23cbd86e81f6d2adc4aac16a6371f8dd5005a8a3edf146bdefba62474d2c0d200d2554f81faf56c5ddc9ff5b453baa4cc4b59538c5d314b809855cec8e1ea59c91d8e32a86f52d543fa1a8e54f04f40df6e9b0a3cf03a245c336833a674fe47c65f4eed1ad0fed112e180ddfa0f7c3e9c110ebb31a609bd84ade905ec69c841b52bfd778bfba8d629d352b30349a5ca7f2f813ab8b5dc9edd27255d81d89051d238181f534ce59f7cb6ed3330ab90dc1d9ae2e55b0d1132653c6d6a4ca3cd86513a3c09060511ff3748e4bfc39665b1912272decb8a843e76cb16e1bcaa7e8d4d36244f807d063ae8db9766dda479cffb08640a5eecc20d900cf119dcb5949f8a2d846a2cff0f6ac9b810fb2be55c56d0825e91a06f7f04bb3bd985a5cba5a61a68e2fc17d8b9344e794c7a8743333e6a1f693dfdbf41ed5870c8674f3e20dc15c0e413eddf713934fd8f2ac7a6bb788e113ca62558282da0e192d6b949771e6d6948d2c716079b9db083e10e76adaef04f9a6b504a44af77e298ae2abe27ec00bfe810ceccbf2f73dd468beec4bd09f76546641ad85e09c788cf3c8699952ac8796549e6c3ab1df1f4b3eb09adb58f6d6fe6037cc6424962fda07d08d733b800914239f5c67421797751ab28ef0e13c3ba72322d982b5222640a62a97c616e76888dd357408fa66520df7f6832d387b77c392d8dab9b9c94fb653622bc482fdcd8e8b761ba69045e26b931dfc8eb4056b2ab06d2a0b7e302b97a2a92b57f7626856095b24595a643e54dd5664fc14deb7", @generic="af369461a2f18ee8de0181998f120dc95bbeafc4fb91a8b427968ee3a0a3c6e5fdb5146427d263569cef59db53b9814c5927304785d08491dd8d75c1eb7e387a1eb71d69733d4f8b3cf58ae71559f1c5655b6927c07e85d01d552f4275a13747e00084fb7c99c1f6dd92e862785a7fed36dbda203d207143cc5da64895373a23a10e807516a286a5ff7e58beebc4cf0d47ba7552ae3cb9a8c8515dfc91f4c83efff83f8df627d3e04f130b33fb1320e2dd66e552585270dbc4f36d08df7b3469933df6cdd8a7e51480884b5cfcf8b8c7a733b1853722e95d1b39865bacfc", @generic="2ecce30bb9105e5ad5f4c8a82cbb10be49fff3be7793dc0f8771098a9543c2046741c716ad70a8fd4dd1e741fc2540ae13e4221b185f692f7a013120d0b8fc957b97b0940d2f730d", @typed={0x8, 0x62, 0x0, 0x0, @u32=0x6}, @generic]}, @typed={0x5, 0x4e, 0x0, 0x0, @str='\x00'}, @generic="b1fc04fd3a", @nested={0x68, 0x54, 0x0, 0x1, [@generic="f03446f379b22a178b51b7e0153ff394d3d36f463c61951ac97542bcd46fb8b5e9396b8c06db3d447cdd2363ab841bc7", @typed={0xe, 0x71, 0x0, 0x0, @str='/dev/full\x00'}, @typed={0x14, 0x3f, 0x0, 0x0, @ipv6=@mcast2}, @typed={0x8, 0xb, 0x0, 0x0, @u32=0x80000000}, @typed={0x8, 0x36, 0x0, 0x0, @ipv4=@rand_addr=0x64010100}]}, @nested={0x163, 0x17, 0x0, 0x1, [@generic="3ef377d157b98f70cf9b40a38a466458256c9f4e3b112f70cc4f9493736c263465a12aa3266ed99268cbb7cbfecd94d40da4f3d636c849abd4d4fffa67dc34d86f7b8a2db278cec0ab47d3a225c0791b282b2c02c176fa5b6b546fa154248d", @typed={0x8, 0x4, 0x0, 0x0, @fd=r0}, @typed={0x8, 0x46, 0x0, 0x0, @ipv4=@local}, @typed={0x8, 0x1e, 0x0, 0x0, @pid}, @generic="fb1a0f410eb72e179cddca5458bba636c5e22bba706e82f68e16fb9fff3ab9befc699450ff30fa159d8263a1853b99cde0f0639ac284b6a957df2f1bb9727201093cbbba898709325ae1b58ded6b162355c35213822bdc074f8ba943dd417e508fe6381b5f352cda58bcaf24ba33b99fbd57fe489769e62a6b783fa11e781d18e6bbc92e544b84380e9b38e2183d8c2c05bbb2596e0d4290ae2cfb79c5c578a441661d112e4e55c7d15ff5c1cba63cb922247b2193c541639c7c33abec1356c2cc97c4b40e25caa4e78f026f08cb332c868501f6891e27177c13b9a0", @generic="db65f038", @typed={0x6, 0x30, 0x0, 0x0, @str='(\x00'}]}, @typed={0x14, 0x12, 0x0, 0x0, @ipv6=@mcast1}, @nested={0x17d, 0x7a, 0x0, 0x1, [@generic="9e73ad72d12b043ef22c597144871d71ac567ed2606f830458e39e47a0836c4f4b3acba3335fa682767f919f6040c7a02def771163600bedb9667abc67d245da3fe94799d54961c0db5d5fb7586ddcf86e98dbbf435e2c17ac0a566a247c973d589086dcd7768037876c0dcc326da54efb61fe1d0af0959ab13c7e7101db964f5d85ec178c285f7a9c72ec31db65dbf76f975f17e9fed7a411927fb67dbd06ce836f6875a412d8e4be943912fdfa43ed2272e8c747fd8b4c524a3a9dee7d437ef565e58b1a49d361f1", @typed={0xb0, 0x7b, 0x0, 0x0, @binary="108726c67c49a6050916a7c53eb726b3979b2eb73ad3049c60a8a4f8f32c776cc20fdf05959d33df2305b89532d584ca8a2cd09c360565dd52ca0299cf35f2e34ec7f6b84cc7d3ddd314094cd67b444e60700f21bce6cd727ca8b62ab3d84429b73e46fd9b0f994456df6aac068b9e84027cab8d8dc9b4818afe758974f1dcc711ed2d0507f7a13f8b72c8dc5feffcafd75f4399e6d5a874eabb23ac9253f512e97d5cb21904685d7167f4f2"}]}]}, 0x1720}], 0x4, &(0x7f0000001f80)=[@rights={{0x18, 0x1, 0x1, [r0, r0]}}, @rights={{0x28, 0x1, 0x1, [r0, r3, r1, r4, r0, r0]}}, @rights={{0x20, 0x1, 0x1, [r0, r5, r1, r1]}}], 0x60, 0xc010}, 0x8800) symlink(&(0x7f0000002040)='./file0\x00', &(0x7f0000002080)='./file1\x00') ioctl$AUTOFS_DEV_IOCTL_OPENMOUNT(r5, 0xc0189374, &(0x7f00000020c0)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x7fff}}, './file0\x00'}) ioctl$TIOCL_BLANKSCREEN(r6, 0x541c, &(0x7f0000002100)) recvmmsg$unix(r0, &(0x7f0000006fc0)=[{{&(0x7f0000002140)=@abs, 0x6e, &(0x7f0000003380)=[{&(0x7f00000021c0)=""/167, 0xa7}, {&(0x7f0000002280)=""/224, 0xe0}, {&(0x7f0000002380)=""/4096, 0x1000}], 0x3}}, {{0x0, 0x0, &(0x7f00000047c0)=[{&(0x7f00000033c0)=""/4096, 0x1000}, {&(0x7f00000043c0)=""/205, 0xcd}, {&(0x7f00000044c0)=""/236, 0xec}, {&(0x7f00000045c0)=""/251, 0xfb}, {&(0x7f00000046c0)=""/240, 0xf0}], 0x5, &(0x7f0000004840)=[@cred={{0x1c}}], 0x20}}, {{0x0, 0x0, &(0x7f0000005880)=[{&(0x7f0000004880)=""/4096, 0x1000}], 0x1, &(0x7f00000058c0)=[@cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}], 0xe8}}, {{0x0, 0x0, &(0x7f0000006a40)=[{&(0x7f00000059c0)=""/4096, 0x1000}, {&(0x7f00000069c0)=""/107, 0x6b}], 0x2, &(0x7f0000006a80)=[@cred={{0x1c}}, @rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}], 0xd8}}, {{0x0, 0x0, &(0x7f0000006c00)=[{&(0x7f0000006b80)=""/116, 0x74}], 0x1, &(0x7f0000006c40)=[@cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}], 0x60}}, {{&(0x7f0000006cc0)=@abs, 0x6e, &(0x7f0000006f40)=[{&(0x7f0000006d40)=""/40, 0x28}, {&(0x7f0000006d80)=""/7, 0x7}, {&(0x7f0000006dc0)=""/46, 0x2e}, {&(0x7f0000006e00)=""/75, 0x4b}, {&(0x7f0000006e80)=""/163, 0xa3}], 0x5}}], 0x6, 0x0, &(0x7f0000007140)={0x77359400}) ioctl$TIOCPKT(r7, 0x5420, &(0x7f0000007180)=0x44b) ioctl$BTRFS_IOC_SCRUB_CANCEL(r1, 0x941c, 0x0) openat$ptmx(0xffffffffffffff9c, &(0x7f00000071c0), 0x1, 0x0) fstat(r3, &(0x7f0000007280)={0x0, 0x0, 0x0, 0x0, 0x0}) mount$9p_fd(0x0, &(0x7f0000007200)='./file0\x00', &(0x7f0000007240), 0x140882, &(0x7f0000007300)={'trans=fd,', {'rfdno', 0x3d, r8}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@access_user}, {@access_uid={'access', 0x3d, r9}}], [{@rootcontext={'rootcontext', 0x3d, 'staff_u'}}, {@fscontext={'fscontext', 0x3d, 'user_u'}}]}}) [ 82.102185] audit: type=1400 audit(1756752725.377:7): avc: denied { execmem } for pid=272 comm="syz-executor.0" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1 18:52:05 executing program 3: ioperm(0x7, 0x200, 0xcf81) ioperm(0x816, 0x3, 0x2) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000000200)={0x0, 0x0}) clone3(&(0x7f0000000540)={0x10000, &(0x7f0000000280), &(0x7f00000002c0)=0x0, &(0x7f0000000300)=0x0, {0x2e}, &(0x7f0000000340)=""/201, 0xc9, &(0x7f0000000440)=""/191, &(0x7f0000000500)=[0xffffffffffffffff, 0x0, 0x0], 0x3}, 0x58) r3 = clone3(&(0x7f0000000600)={0x100020000, &(0x7f0000000000), &(0x7f0000000040)=0x0, &(0x7f0000000080)=0x0, {0xd}, &(0x7f00000000c0)=""/123, 0x7b, &(0x7f0000000140)=""/187, &(0x7f00000005c0)=[0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, r0, r2], 0x7}, 0x58) mkdirat$cgroup(0xffffffffffffffff, &(0x7f0000000680)='syz0\x00', 0x1ff) ioperm(0x100, 0x401, 0xff) ioctl$sock_SIOCGPGRP(0xffffffffffffffff, 0x8904, &(0x7f00000008c0)=0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000000900)={0x0, 0x0}) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000000980)={0x0, 0x0}) clone3(&(0x7f0000000a40)={0x100044600, &(0x7f00000006c0)=0xffffffffffffffff, &(0x7f0000000700), &(0x7f0000000740), {0x23}, &(0x7f0000000780)=""/199, 0xc7, &(0x7f0000000880)=""/42, &(0x7f0000000a00)=[0xffffffffffffffff, r1, r6, r1, r4, r7, r3, r3, r8], 0x9}, 0x58) r10 = getpgrp(r3) r11 = getpgid(r7) r12 = getpgid(r4) r13 = creat(&(0x7f0000000d40)='./file0\x00', 0x8d) clone3(&(0x7f0000000d80)={0x800, &(0x7f0000000ac0), &(0x7f0000000b00)=0x0, &(0x7f0000000b40), {0x26}, &(0x7f0000000b80)=""/90, 0x5a, &(0x7f0000000c00)=""/195, &(0x7f0000000d00)=[r10, r5, r11, r12, r3], 0x5, {r13}}, 0x58) ioperm(0xbc, 0x9, 0x9) prctl$PR_SET_PTRACER(0x59616d61, r14) getpid() splice(r9, &(0x7f0000000e00)=0x132b, 0xffffffffffffffff, &(0x7f0000000e40)=0x80000001, 0x7, 0x1) 18:52:05 executing program 4: sendmsg$NL80211_CMD_DISASSOCIATE(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x30, 0x0, 0x400, 0x70bd29, 0x25dfdbfc, {{}, {@void, @void}}, [@NL80211_ATTR_MAC={0xa, 0x6, @from_mac=@broadcast}, @NL80211_ATTR_IE={0x10, 0x2a, [@challenge={0x10, 0x1, 0xc6}, @mesh_config={0x71, 0x7, {0x1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x3, 0x39}}]}]}, 0x30}, 0x1, 0x0, 0x0, 0x50}, 0x4000) sendmsg$NL80211_CMD_GET_STATION(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x3c, 0x0, 0x8, 0x70bd29, 0x25dfdbfe, {{}, {@void, @val={0xc, 0x99, {0xf33, 0x71}}}}, [@NL80211_ATTR_MESH_PEER_AID={0x6, 0xed, 0x6ec}, @NL80211_ATTR_STA_TX_POWER={0x6, 0x114, 0xfffd}, @NL80211_ATTR_MAC={0xa, 0x6, @broadcast}]}, 0x3c}, 0x1, 0x0, 0x0, 0x200040d0}, 0x10010) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000240)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_VENDOR(0xffffffffffffffff, &(0x7f0000000400)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f00000003c0)={&(0x7f0000000280)={0x140, 0x0, 0x1, 0x70bd2d, 0x25dfdbff, {{}, {@val={0x8, 0x1, 0x71}, @val={0x8, 0x3, r0}, @void}}, [@NL80211_ATTR_VENDOR_ID={0x8, 0xc3, 0x3}, @NL80211_ATTR_VENDOR_ID={0x8, 0xc3, 0x2}, @NL80211_ATTR_VENDOR_SUBCMD={0x8, 0xc4, 0xff}, @NL80211_ATTR_VENDOR_DATA={0x103, 0xc5, "b191915e0828a41de162516b2f4bdc936bfc99463f6d8aa9ac332639516081310bcb5371de6187dc614994ac284d566fdd3a47d566b8f9b20e3ea461ebd309b432800d4ea9e1f4f6f524520a981b6025f061019f836e5a7d5c78b225f3273e79b97aac7752e169f9cf6819bd8483c82e743e4e5ebc02258d200e3a11012be46abe254a39b4cf8839786b81272afe537d73f4562792aeacaf33cd7795e9d1116bb26f053f4fb8790479f50e71a0703cb9fd744acf6167dc7364021cc7304710cb2c69177685893ec2dba3929e60d7890104422d24469e0e091c67c01ad7c824f014261824e4f8cd20462248394cce468d57c49491ef555a6d424fd0e9070b32"}]}, 0x140}, 0x1, 0x0, 0x0, 0x24000000}, 0x40000) r1 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000480), 0xffffffffffffffff) sendmsg$MPTCP_PM_CMD_FLUSH_ADDRS(0xffffffffffffffff, &(0x7f0000000540)={&(0x7f0000000440)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000500)={&(0x7f00000004c0)={0x2c, r1, 0x100, 0x70bd25, 0x25dfdbfc, {}, [@MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x8}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x7}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x2}]}, 0x2c}, 0x1, 0x0, 0x0, 0x4050}, 0x24000800) sendmsg$FOU_CMD_ADD(0xffffffffffffffff, &(0x7f0000000640)={&(0x7f0000000580)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000600)={&(0x7f00000005c0)={0x18, 0x0, 0x20, 0x70bd2d, 0x25dfdbfc, {}, [@FOU_ATTR_REMCSUM_NOPARTIAL={0x4}]}, 0x18}, 0x1, 0x0, 0x0, 0x4008040}, 0x800) sendmsg$IEEE802154_LLSEC_LIST_KEY(0xffffffffffffffff, &(0x7f0000000740)={&(0x7f0000000680)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000700)={&(0x7f00000006c0)={0x14, 0x0, 0x200, 0x70bd2c, 0x25dfdbfe, {}, ["", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x20000050}, 0x20000040) sendmsg$TIPC_NL_SOCK_GET(0xffffffffffffffff, &(0x7f0000000880)={&(0x7f0000000780)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000840)={&(0x7f00000007c0)={0x78, 0x0, 0x400, 0x70bd2b, 0x25dfdbfe, {}, [@TIPC_NLA_NET={0x4c, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x3}, @TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x20000000000000}, @TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x5}, @TIPC_NLA_NET_ID={0x8, 0x1, 0x3}, @TIPC_NLA_NET_ID={0x8, 0x1, 0x14ce}, @TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x7}, @TIPC_NLA_NET_ID={0x8, 0x1, 0x32}]}, @TIPC_NLA_NET={0x18, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_ID={0x8, 0x1, 0xffffff00}, @TIPC_NLA_NET_NODEID={0xc, 0x3, 0x8}]}]}, 0x78}}, 0x4008060) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000900)={'wpan1\x00', 0x0}) ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000940)={'wpan0\x00', 0x0}) sendmsg$NL802154_CMD_DEL_SEC_DEVKEY(r2, &(0x7f0000000a00)={&(0x7f00000008c0)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f00000009c0)={&(0x7f0000000980)={0x34, 0x0, 0x100, 0x70bd2d, 0x25dfdbfe, {}, [@NL802154_ATTR_IFINDEX={0x8}, @NL802154_ATTR_IFINDEX={0x8}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r3}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r4}]}, 0x34}, 0x1, 0x0, 0x0, 0x8004}, 0x8040) syz_genetlink_get_family_id$ieee802154(&(0x7f0000000a40), r2) r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000ac0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_802154(r2, 0x8933, &(0x7f0000000b00)={'wpan1\x00', 0x0}) sendmsg$NL802154_CMD_SET_SEC_PARAMS(r5, &(0x7f0000000c00)={&(0x7f0000000a80)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000bc0)={&(0x7f0000000b40)={0x5c, r6, 0x200, 0x70bd29, 0x25dfdbfb, {}, [@NL802154_ATTR_SEC_ENABLED={0x5}, @NL802154_ATTR_WPAN_DEV={0xc}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r7}, @NL802154_ATTR_SEC_OUT_LEVEL={0x8}, @NL802154_ATTR_WPAN_DEV={0xc}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x200000002}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x2}]}, 0x5c}, 0x1, 0x0, 0x0, 0x40000000}, 0x8040) r8 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000c80), 0xffffffffffffffff) sendmsg$NL80211_CMD_DEL_PMK(0xffffffffffffffff, &(0x7f0000000d40)={&(0x7f0000000c40)={0x10, 0x0, 0x0, 0x4001000}, 0xc, &(0x7f0000000d00)={&(0x7f0000000cc0)={0x2c, r8, 0x200, 0x70bd25, 0x25dfdbfd, {{}, {@void, @val={0xc, 0x99, {0x4, 0x3}}}}, [@NL80211_ATTR_MAC={0xa, 0x6, @device_b}]}, 0x2c}, 0x1, 0x0, 0x0, 0x8011}, 0x880) 18:52:05 executing program 5: prctl$PR_GET_NO_NEW_PRIVS(0x27) prctl$PR_GET_NO_NEW_PRIVS(0x27) prctl$PR_GET_NO_NEW_PRIVS(0x27) prctl$PR_GET_NO_NEW_PRIVS(0x27) prctl$PR_GET_NO_NEW_PRIVS(0x27) prctl$PR_GET_NO_NEW_PRIVS(0x27) prctl$PR_GET_NO_NEW_PRIVS(0x27) prctl$PR_GET_NO_NEW_PRIVS(0x27) prctl$PR_GET_NO_NEW_PRIVS(0x27) prctl$PR_GET_NO_NEW_PRIVS(0x27) prctl$PR_GET_NO_NEW_PRIVS(0x27) prctl$PR_GET_NO_NEW_PRIVS(0x27) prctl$PR_GET_NO_NEW_PRIVS(0x27) prctl$PR_GET_NO_NEW_PRIVS(0x27) prctl$PR_GET_NO_NEW_PRIVS(0x27) prctl$PR_GET_NO_NEW_PRIVS(0x27) prctl$PR_GET_NO_NEW_PRIVS(0x27) prctl$PR_GET_NO_NEW_PRIVS(0x27) prctl$PR_GET_NO_NEW_PRIVS(0x27) prctl$PR_GET_NO_NEW_PRIVS(0x27) 18:52:05 executing program 6: ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000000)={0xffffffffffffffff, 0x80, 0x1, 0x1}) sendmsg$NL80211_CMD_DEAUTHENTICATE(r0, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x34, 0x0, 0x100, 0x70bd2d, 0x25dfdbfd, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_MAC={0xa, 0x6, @from_mac=@device_b}, @NL80211_ATTR_MAC={0xa, 0x6, @random="2b4756991a2c"}]}, 0x34}, 0x1, 0x0, 0x0, 0x20000000}, 0x20004000) ioctl$SNAPSHOT_ATOMIC_RESTORE(0xffffffffffffffff, 0x3304) ioctl$SNAPSHOT_ATOMIC_RESTORE(r0, 0x3304) ioctl$SNAPSHOT_ATOMIC_RESTORE(r0, 0x3304) ioctl$SNAPSHOT_ATOMIC_RESTORE(0xffffffffffffffff, 0x3304) ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(r0, 0xc018937e, &(0x7f0000000140)={{0x1, 0x1, 0x18, r0, @in_args={0x2}}, './file0\x00'}) sendmsg$NL80211_CMD_NEW_INTERFACE(r1, &(0x7f00000002c0)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000280)={&(0x7f00000001c0)={0xb8, 0x0, 0x800, 0x70bd28, 0x25dfdbfe, {{}, {@val={0x8, 0x1, 0xd}, @val={0x8}, @void}}, [@mon_options=[@NL80211_ATTR_MU_MIMO_GROUP_DATA={0x1c, 0xe7, "8c4d21ffa112d909b733e646eed1c5289c06ca0c6b99d74b"}, @NL80211_ATTR_MU_MIMO_GROUP_DATA={0x1c, 0xe7, "c610b78016e581da7fdee06a083e79db1a340b6f86c0c01e"}, @NL80211_ATTR_MU_MIMO_GROUP_DATA={0x1c, 0xe7, "387eee3305be8e56f66a16a1ae32ea193a1d7f51ffbd2062"}, @NL80211_ATTR_MU_MIMO_FOLLOW_MAC_ADDR={0xa, 0xe8, @device_b}, @NL80211_ATTR_MU_MIMO_FOLLOW_MAC_ADDR={0xa}, @NL80211_ATTR_MU_MIMO_FOLLOW_MAC_ADDR={0xa, 0xe8, @device_b}, @NL80211_ATTR_MU_MIMO_GROUP_DATA={0x1c, 0xe7, "6d2ce71d4ff1b8bc13a80b1964fa7e8d2d8ddd45ac80db20"}]]}, 0xb8}, 0x1, 0x0, 0x0, 0x20004850}, 0x20040480) r2 = syz_open_procfs$userns(0x0, &(0x7f0000000300)) ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(r1, 0xc018937e, &(0x7f0000000340)={{0x1, 0x1, 0x18, r2, @out_args}, '.\x00'}) ioctl$SNAPSHOT_ATOMIC_RESTORE(r1, 0x3304) ioctl$SNAPSHOT_ATOMIC_RESTORE(r0, 0x3304) write$P9_RATTACH(r3, &(0x7f0000000380)={0x14, 0x69, 0x2, {0x80, 0x3, 0x7}}, 0x14) openat$snapshot(0xffffffffffffff9c, &(0x7f00000003c0), 0x40900, 0x0) r4 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000400), 0x400, 0x0) ioctl$SNAPSHOT_PLATFORM_SUPPORT(r4, 0x330f, 0xfc) ioctl$VFAT_IOCTL_READDIR_BOTH(0xffffffffffffffff, 0x82307201, &(0x7f0000000440)=[{0x0, 0x0, 0x100}, {0x0, 0x0, 0x100}]) ioctl$SNAPSHOT_AVAIL_SWAP_SIZE(r3, 0x80083313, &(0x7f0000000680)) ioctl$SNAPSHOT_ATOMIC_RESTORE(r0, 0x3304) ioctl$BTRFS_IOC_QUOTA_RESCAN_WAIT(0xffffffffffffffff, 0x942e, 0x0) [ 83.232423] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 83.234858] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 83.237277] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 83.241828] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 83.244687] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 83.300765] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 83.305982] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 83.312879] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 83.316999] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 83.320726] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 83.326003] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 83.328625] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 83.331324] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 83.348973] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 83.355608] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 83.360611] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 83.366747] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 83.372381] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 83.379128] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 83.382754] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 83.516800] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 83.546305] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 83.548160] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 83.550864] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 83.550992] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 83.553543] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 83.555299] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 83.559864] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 83.559922] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 83.561868] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 83.571752] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 83.577288] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 83.578876] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 83.583797] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 83.585339] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 83.592883] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 83.602934] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 83.614729] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 83.632874] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 83.642963] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 85.266624] Bluetooth: hci0: command tx timeout [ 85.393649] Bluetooth: hci1: command tx timeout [ 85.395101] Bluetooth: hci2: command tx timeout [ 85.458527] Bluetooth: hci3: command tx timeout [ 85.649510] Bluetooth: hci4: command tx timeout [ 85.650354] Bluetooth: hci6: command tx timeout [ 85.713549] Bluetooth: hci7: command tx timeout [ 85.778111] Bluetooth: hci5: command tx timeout [ 87.315386] Bluetooth: hci0: command tx timeout [ 87.442596] Bluetooth: hci1: command tx timeout [ 87.443656] Bluetooth: hci2: command tx timeout [ 87.506756] Bluetooth: hci3: command tx timeout [ 87.697556] Bluetooth: hci6: command tx timeout [ 87.698359] Bluetooth: hci4: command tx timeout [ 87.761581] Bluetooth: hci7: command tx timeout [ 87.826720] Bluetooth: hci5: command tx timeout [ 89.361645] Bluetooth: hci0: command tx timeout [ 89.489508] Bluetooth: hci1: command tx timeout [ 89.489941] Bluetooth: hci2: command tx timeout [ 89.553608] Bluetooth: hci3: command tx timeout [ 89.745894] Bluetooth: hci4: command tx timeout [ 89.746334] Bluetooth: hci6: command tx timeout [ 89.809650] Bluetooth: hci7: command tx timeout [ 89.874492] Bluetooth: hci5: command tx timeout [ 91.409516] Bluetooth: hci0: command tx timeout [ 91.537631] Bluetooth: hci1: command tx timeout [ 91.538351] Bluetooth: hci2: command tx timeout [ 91.601664] Bluetooth: hci3: command tx timeout [ 91.793533] Bluetooth: hci6: command tx timeout [ 91.794307] Bluetooth: hci4: command tx timeout [ 91.857516] Bluetooth: hci7: command tx timeout [ 91.921744] Bluetooth: hci5: command tx timeout [ 120.640588] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 120.641238] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 120.807471] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 120.808108] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 18:52:44 executing program 2: r0 = getpgid(0x0) r1 = openat$zero(0xffffffffffffff9c, &(0x7f00000000c0), 0x48400, 0x0) r2 = perf_event_open(&(0x7f0000000340)={0x2, 0xfffffef4, 0x79, 0x0, 0x0, 0x7, 0x0, 0x0, 0xa4086, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext={0x100}, 0x0, 0x200000000000020, 0x5, 0x0, 0x4, 0x0, 0x5}, r0, 0xffffffffffffffff, r1, 0x0) readv(r2, &(0x7f0000000080)=[{&(0x7f0000000180)=""/234, 0xea}], 0x1) r3 = socket$nl_route(0x10, 0x3, 0x0) r4 = getpid() pidfd_open(r4, 0x0) r5 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000200)='net/psched\x00') pread64(r5, 0x0, 0x0, 0x0) setsockopt$sock_int(r5, 0x1, 0x10, &(0x7f0000000100)=0x4111, 0x4) r6 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000200)='net/psched\x00') pread64(r6, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000000280)={0x5, 0x80, 0xfb, 0x7f, 0x9, 0x1, 0x0, 0x8001, 0x8022, 0x4, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x3, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x9, 0x1, @perf_config_ext={0x3, 0x20}, 0x9000, 0x4, 0x5, 0x8, 0x9, 0x9, 0x80, 0x0, 0x1ff, 0x0, 0xfffffffffffffdb0}, r4, 0xa, r6, 0x0) fork() r7 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TIOCL_SCROLLCONSOLE(r7, 0x560a, &(0x7f0000000140)) fcntl$lock(r7, 0x24, &(0x7f0000000040)={0x0, 0x3, 0x6, 0x8, r0}) sendmsg$netlink(r3, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)=[{&(0x7f0000000000)=ANY=[@ANYBLOB="140000001c00ffff000000000000405200000000"], 0x14}], 0x1}, 0x0) 18:52:44 executing program 2: r0 = syz_open_procfs(0x0, &(0x7f0000000180)='net/tcp\x00') pread64(r0, &(0x7f0000000080)=""/203, 0xcb, 0x47) r1 = openat$nvram(0xffffffffffffff9c, &(0x7f0000000000), 0x4c8982, 0x0) ioctl$sock_SIOCSIFVLAN_GET_VLAN_REALDEV_NAME_CMD(r1, 0x8983, &(0x7f0000000040)={0x8, 'bond0\x00', {'ip6gretap0\x00'}, 0x40}) 18:52:44 executing program 2: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="939245b9c20109410a61ad39b7d7c54d7503d300e0c541b4224c528df6566aaab0b49c07d6f9d587682f826a560e8a2a112a8aae81d0babab4118b6372591cfdb475ec293a2389725d52d76eb3699a43b358759cbff5ccec0f8a725ae24fb6cded"]) r0 = accept(0xffffffffffffffff, &(0x7f0000000080)=@l2tp6={0xa, 0x0, 0x0, @private2}, &(0x7f0000000140)=0x80) umount2(&(0x7f0000000180)='./file0\x00', 0x4) accept$inet(r0, &(0x7f00000001c0)={0x2, 0x0, @loopback}, &(0x7f0000000200)=0x10) [ 121.731234] iso9660: Unknown parameter '“’E¹Â A [ 121.731234] a­9·×ÅMuÓ' [ 121.753230] iso9660: Unknown parameter '“’E¹Â A [ 121.753230] a­9·×ÅMuÓ' 18:52:45 executing program 2: r0 = signalfd4(0xffffffffffffffff, &(0x7f0000000640), 0x8, 0x0) r1 = openat$bsg(0xffffffffffffff9c, &(0x7f00000000c0), 0x8000, 0x0) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000100)={0x0, 0x0, 0x0}, &(0x7f0000000140)=0xc) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x2100000, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@dfltgid={'dfltgid', 0x3d, r3}}, {@cache_fscache}, {@aname={'aname', 0x3d, 'security.capability\x00'}}, {@debug={'debug', 0x3d, 0xffff}}], [{@euid_gt={'euid>', r2}}]}}) fsetxattr$security_capability(r0, &(0x7f0000000040), &(0x7f0000000180)=@v3={0x3000000, [{0xfffffffe}, {0x0, 0x80000001}]}, 0x18, 0x0) r4 = openat$nvram(0xffffffffffffff9c, &(0x7f0000000280), 0x20080, 0x0) write$binfmt_misc(r4, &(0x7f00000002c0)={'syz0', "a1a63c26e4fc1f89284fa7ff7b3ed13bf99c67f7c246455fd30795aa76161ba04b4830505c20e1e783156c0dab13e87ac72ffbefeca128c71d420cac12cc6485c026f6b27a28a5dc8c38324659180a49789f396e22d3ac38699361feea0cefef8d"}, 0x65) 18:52:45 executing program 2: setxattr$trusted_overlay_origin(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0), &(0x7f0000000100), 0x2, 0x2) syz_usb_connect$cdc_ncm(0x0, 0x6e, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x2, 0x0, 0x0, 0x0, 0x525, 0xa4a1, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x5c, 0x2, 0x1, 0x0, 0x0, 0x0, {{0x9, 0x4, 0x0, 0x0, 0x1, 0x2, 0xd, 0x0, 0x0, {{0x5}, {0x5}, {0xd}, {0x6}}}}}}]}}, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x0}) [ 121.988704] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 121.993956] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 122.236591] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 122.237212] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 122.352315] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 122.352956] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 122.459158] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 122.459803] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 122.498761] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 122.501971] misc raw-gadget: fail, usb_gadget_register_driver returned -16 18:52:45 executing program 2: r0 = syz_mount_image$tmpfs(0x0, &(0x7f00000001c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) openat2$dir(0xffffffffffffff9c, &(0x7f0000000080)='./file0/../file0\x00', &(0x7f0000000000)={0x0, 0xc0, 0xb}, 0xfffffffffffffe70) ioctl$AUTOFS_DEV_IOCTL_READY(0xffffffffffffffff, 0xc0189376, &(0x7f0000000480)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYBLOB="09000000000000002e2f66696c653100cffe2571c3a26b3c34e4b32d76990aa9474116463f7ced67beef55ac959913f1819f39f85598ea"]) execveat(r1, &(0x7f00000000c0)='./file0/../file0\x00', &(0x7f0000000240)=[&(0x7f0000000100)='@\x00', &(0x7f0000000140)='^\x00', &(0x7f0000000180)=')$\x00', &(0x7f0000000200)=',^\'\'}#!--]^$\\,)(,[,{)%-{/^%*\\)*[{\x00'], &(0x7f0000000440)=[&(0x7f0000000280)='\x89\x00', &(0x7f00000002c0)='\xa2/l,*@^\x00', &(0x7f0000000300)='-\x00', &(0x7f0000000340)='\x00', &(0x7f0000000380)='\x00', &(0x7f00000003c0)='@}*{^--::\x00', &(0x7f0000000400)='.-.%}\x00'], 0x1000) [ 122.595101] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 122.596025] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 18:52:45 executing program 2: r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) r2 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000200)={'wlan1\x00', 0x0}) ioctl(0xffffffffffffffff, 0x2, &(0x7f0000000000)="1e77755f3fb9d61ae8f784677b5b27") ioctl$sock_inet6_SIOCSIFADDR(r1, 0x8916, &(0x7f00000000c0)={@ipv4={'\x00', '\xff\xff', @dev={0xac, 0x3}}, 0x0, r3}) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) r4 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000140)='task\x00') pread64(r4, 0x0, 0x0, 0x0) r5 = accept4$packet(r4, &(0x7f0000000040)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @multicast}, &(0x7f0000000100)=0x14, 0x800) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000080)={'geneve0\x00', 0x0}) ioctl$sock_inet6_SIOCSIFADDR(r0, 0x8936, &(0x7f00000000c0)={@ipv4={'\x00', '\xff\xff', @dev={0xac, 0x3}}, 0x0, r6}) [ 122.702976] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 122.704036] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 122.765534] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 122.766141] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 122.841519] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 122.842140] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 122.919516] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 122.920123] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 123.034758] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 123.035379] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 123.138509] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 123.139140] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 123.384510] mmap: syz-executor.1 (3879): VmData 37515264 exceed data ulimit 0. Update limits or use boot option ignore_rlimit_data. [ 124.232624] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 124.233304] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 124.236342] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 124.239977] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 124.243210] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 124.246049] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 124.249854] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 124.250385] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 124.254487] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 124.257108] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 124.258499] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 124.261071] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 124.263705] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 124.264227] Bluetooth: hci4: Opcode 0x0406 failed: -4 [ 124.267928] Bluetooth: hci4: Opcode 0x0406 failed: -4 [ 124.272392] Bluetooth: hci5: Opcode 0x0c1a failed: -4 [ 124.273234] Bluetooth: hci5: Opcode 0x0406 failed: -4 [ 124.276630] Bluetooth: hci5: Opcode 0x0406 failed: -4 [ 124.279312] Bluetooth: hci6: Opcode 0x0c1a failed: -4 [ 124.281536] Bluetooth: hci6: Opcode 0x0406 failed: -4 [ 124.283959] Bluetooth: hci6: Opcode 0x0406 failed: -4 [ 124.287350] Bluetooth: hci7: Opcode 0x0c1a failed: -4 [ 124.288789] Bluetooth: hci7: Opcode 0x0406 failed: -4 [ 124.292625] Bluetooth: hci7: Opcode 0x0406 failed: -4 [ 124.322840] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 124.323507] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 124.343155] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 124.343739] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 124.379384] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 124.380020] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 124.415210] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 124.415943] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 125.393565] Bluetooth: hci0: command 0x0c1a tx timeout [ 126.289658] Bluetooth: hci7: command 0x0c1a tx timeout [ 126.290565] Bluetooth: hci6: command 0x0c1a tx timeout [ 126.290600] Bluetooth: hci5: command 0x0c1a tx timeout [ 126.291354] Bluetooth: hci4: command 0x0c1a tx timeout [ 126.292371] Bluetooth: hci3: command 0x0c1a tx timeout [ 126.293138] Bluetooth: hci1: command 0x0c1a tx timeout [ 126.294092] Bluetooth: hci2: command 0x0c1a tx timeout [ 127.442000] Bluetooth: hci0: command 0x0c1a tx timeout [ 128.338123] Bluetooth: hci5: command 0x0c1a tx timeout [ 128.338754] Bluetooth: hci2: command 0x0c1a tx timeout [ 128.338840] Bluetooth: hci1: command 0x0c1a tx timeout [ 128.339288] Bluetooth: hci3: command 0x0c1a tx timeout [ 128.340344] Bluetooth: hci4: command 0x0c1a tx timeout [ 128.340731] Bluetooth: hci6: command 0x0c1a tx timeout [ 128.341691] Bluetooth: hci7: command 0x0c1a tx timeout [ 129.489566] Bluetooth: hci0: command 0x0c1a tx timeout [ 130.385542] Bluetooth: hci6: command 0x0c1a tx timeout [ 130.386687] Bluetooth: hci3: command 0x0c1a tx timeout [ 130.387708] Bluetooth: hci5: command 0x0c1a tx timeout [ 130.388725] Bluetooth: hci2: command 0x0c1a tx timeout [ 130.388760] Bluetooth: hci4: command 0x0c1a tx timeout [ 130.389702] Bluetooth: hci1: command 0x0c1a tx timeout [ 130.390472] Bluetooth: hci7: command 0x0c1a tx timeout 18:52:59 executing program 3: r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000200)='net/psched\x00') pread64(r0, 0x0, 0x0, 0x0) write$P9_RFLUSH(r0, &(0x7f0000000080)={0x7, 0x6d, 0x1}, 0x7) r1 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) ioctl$FS_IOC_RESVSP(r1, 0x40305828, &(0x7f0000000040)={0x0, 0x0, 0x8, 0xfff}) r2 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x6002, 0x60) pwritev(r2, &(0x7f0000000300)=[{&(0x7f0000000440)="85", 0x40000}], 0x1, 0x1000, 0x0) 18:52:59 executing program 5: r0 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000000), 0x400, 0x0) dup2(r0, 0xffffffffffffffff) r1 = syz_open_dev$tty20(0xc, 0x4, 0x0) fcntl$setstatus(r1, 0x4, 0x2000) r2 = syz_open_dev$tty20(0xc, 0x4, 0x0) fcntl$setstatus(r2, 0x4, 0x426d7a1c33502a67) r3 = syz_open_dev$tty20(0xc, 0x4, 0x0) ioctl$TIOCVHANGUP(r3, 0x5437, 0x0) 18:52:59 executing program 7: sendmsg$ETHTOOL_MSG_LINKMODES_SET(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x2c, 0x0, 0x400, 0x70bd27, 0x25dfdbfb, {}, [@ETHTOOL_A_LINKMODES_SPEED={0x8, 0x5, 0x7}, @ETHTOOL_A_LINKMODES_AUTONEG={0x5, 0x2, 0x80}, @ETHTOOL_A_LINKMODES_AUTONEG={0x5, 0x2, 0x2}]}, 0x2c}}, 0x40080) r0 = socket$packet(0x11, 0x3, 0x300) getsockopt$packet_buf(r0, 0x107, 0x13, 0x0, &(0x7f0000000240)) r1 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) open_by_handle_at(r1, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}}}, 0xc0) 18:52:59 executing program 4: r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) write(r0, &(0x7f0000000900)="5ed0b2ff68d76fb346352b602a2a1295cbe01cb3f64fbed9e7f9bc9be0f300cb97f6a204cc586e45dfb949002f61f8fb969dd435dd0c37c5077e5b10cfeafd75205e215b167323a3b971b0ec98e6c3d4d825cae01271cb35cdd091e4872367f354e0dc81a7e4ac79775bc1dcaafe2f5079da79d1989f1ddce6722fc438a7217526cfe75d53471624d6f091e19a7fb699ea27efa9e0fd1914e7c35f297afd", 0xfe1e) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) truncate(&(0x7f0000000100)='./file0\x00', 0x8) r2 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/bus/mdio_bus', 0x200, 0x0) getsockopt$bt_hci(r2, 0x0, 0x2, &(0x7f0000000140)=""/193, &(0x7f0000000080)=0xc1) fcntl$setstatus(r0, 0x4, 0x44000) sendfile(r0, r1, 0x0, 0xfdef) 18:52:59 executing program 1: perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0xfffffffc, 0x0, 0xffffffffffffff1c, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = memfd_secret(0x80000) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000002200), 0x40002, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, r2) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000000), 0x2a4000, 0x0) ioctl$LOOP_CTL_REMOVE(r3, 0x4c81, 0xb) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, r2) sendmsg$SEG6_CMD_SETHMAC(r0, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x4c, 0x0, 0x400, 0x70bd2d, 0x25dfdbfe, {}, [@SEG6_ATTR_HMACKEYID={0x8, 0x3, 0xffe}, @SEG6_ATTR_DST={0x14, 0x1, @private0}, @SEG6_ATTR_DSTLEN={0x8, 0x2, 0x7f}, @SEG6_ATTR_HMACKEYID={0x8, 0x3, 0x7fffffff}, @SEG6_ATTR_ALGID={0x5, 0x6, 0x3f}, @SEG6_ATTR_SECRET={0x4}]}, 0x4c}, 0x1, 0x0, 0x0, 0x4000840}, 0x900) unshare(0x8020080) unshare(0x8040000) unshare(0x280) semget(0x1, 0x4, 0x1) 18:52:59 executing program 6: r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='net/ptype\x00') pread64(r0, &(0x7f0000000080)=""/203, 0xcb, 0x33) pread64(r0, &(0x7f0000000180)=""/95, 0x5f, 0x7) 18:52:59 executing program 2: perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x79, 0x8, 0x0, 0x0, 0x0, 0x0, 0x8800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x0, 0x0, 0xffffffffffffffff, 0x8) r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000440), 0x4840, 0x0) ioctl$SG_EMULATED_HOST(r0, 0x80041284, &(0x7f0000002040)) r1 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TIOCL_SCROLLCONSOLE(r1, 0x560a, &(0x7f0000000140)) ioctl$FS_IOC_RESVSP(r1, 0x40305828, &(0x7f0000000000)={0x0, 0x1, 0x8, 0x5}) 18:52:59 executing program 0: ioctl$HIDIOCGCOLLECTIONINDEX(0xffffffffffffffff, 0x40184810, 0x0) r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TIOCL_SCROLLCONSOLE(r0, 0x560a, &(0x7f0000000140)) fcntl$dupfd(0xffffffffffffffff, 0x406, r0) r1 = perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200), 0x2000, 0x0) pipe2(&(0x7f00000000c0), 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', 0x0, 0x0, 0x0) ioctl$TIOCSPTLCK(r2, 0x40045431, &(0x7f0000000040)) syz_open_pts(r2, 0x0) syz_open_pts(r2, 0x0) close_range(r1, 0xffffffffffffffff, 0x0) 18:52:59 executing program 6: r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='net/ptype\x00') pread64(r0, &(0x7f0000000080)=""/203, 0xcb, 0x33) pread64(r0, &(0x7f0000000180)=""/95, 0x5f, 0x7) [ 135.856166] kmemleak: Found object by alias at 0x607f1a63e3bc [ 135.856187] CPU: 1 UID: 0 PID: 3934 Comm: syz-executor.5 Tainted: G W 6.17.0-rc4-next-20250901 #1 PREEMPT(voluntary) [ 135.856206] Tainted: [W]=WARN [ 135.856209] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 135.856217] Call Trace: [ 135.856221] [ 135.856225] dump_stack_lvl+0xca/0x120 [ 135.856252] __lookup_object+0x94/0xb0 [ 135.856270] delete_object_full+0x27/0x70 [ 135.856287] free_percpu+0x30/0x1160 [ 135.856304] ? arch_uprobe_clear_state+0x16/0x140 [ 135.856324] futex_hash_free+0x38/0xc0 [ 135.856338] mmput+0x2d3/0x390 [ 135.856358] do_exit+0x79d/0x2970 [ 135.856372] ? signal_wake_up_state+0x85/0x120 [ 135.856388] ? zap_other_threads+0x2b9/0x3a0 [ 135.856404] ? __pfx_do_exit+0x10/0x10 [ 135.856417] ? do_group_exit+0x1c3/0x2a0 [ 135.856435] ? lock_release+0xc8/0x290 [ 135.856452] do_group_exit+0xd3/0x2a0 [ 135.856467] __x64_sys_exit_group+0x3e/0x50 [ 135.856481] x64_sys_call+0x18c5/0x18d0 [ 135.856498] do_syscall_64+0xbf/0x360 [ 135.856511] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 135.856522] RIP: 0033:0x7fb31c7e2b19 [ 135.856531] Code: Unable to access opcode bytes at 0x7fb31c7e2aef. [ 135.856536] RSP: 002b:00007ffe853652e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 135.856548] RAX: ffffffffffffffda RBX: 000000000000001e RCX: 00007fb31c7e2b19 [ 135.856556] RDX: 00007fb31c79572b RSI: ffffffffffffffbc RDI: 0000000000000000 [ 135.856563] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000001 [ 135.856569] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 135.856576] R13: 0000000000000001 R14: 0000000000000001 R15: 00007ffe853653d0 [ 135.856591] [ 135.856595] kmemleak: Object (percpu) 0x607f1a63e3b8 (size 8): [ 135.856602] kmemleak: comm "syz-executor.3", pid 3943, jiffies 4294802647 [ 135.856609] kmemleak: min_count = 1 [ 135.856613] kmemleak: count = 0 [ 135.856616] kmemleak: flags = 0x21 [ 135.856620] kmemleak: checksum = 0 [ 135.856624] kmemleak: backtrace: [ 135.856627] pcpu_alloc_noprof+0x87a/0x1170 [ 135.856643] percpu_ref_init+0x37/0x400 [ 135.856654] blkg_alloc+0xe9/0x7d0 [ 135.856666] blkg_create+0xe08/0x1420 [ 135.856679] bio_associate_blkg_from_css+0xe06/0x1380 [ 135.856693] bio_associate_blkg+0x10e/0x2a0 [ 135.856706] bio_init+0x2dd/0x570 [ 135.856719] bio_alloc_bioset+0x2cf/0x8c0 [ 135.856734] submit_bh_wbc+0x286/0x720 [ 135.856751] ext4_read_bh_nowait+0x156/0x240 [ 135.856764] ext4_read_bh_lock+0xa7/0xd0 [ 135.856775] ext4_block_write_begin+0x9ca/0xcd0 [ 135.856788] ext4_da_write_begin+0x4d5/0xb40 [ 135.856801] generic_perform_write+0x392/0x810 [ 135.856816] ext4_buffered_write_iter+0x11a/0x430 [ 135.856827] ext4_file_write_iter+0xff6/0x1990 [ 135.890547] audit: type=1400 audit(1756752779.133:8): avc: denied { open } for pid=3939 comm="syz-executor.1" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 [ 135.898832] audit: type=1400 audit(1756752779.133:9): avc: denied { kernel } for pid=3939 comm="syz-executor.1" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 [ 136.083955] syz-executor.4 (3950) used greatest stack depth: 24128 bytes left [ 136.091146] ------------[ cut here ]------------ [ 136.092664] WARNING: fs/namespace.c:1434 at mntput_no_expire+0x78e/0xbe0, CPU#1: syz-executor.1/3945 [ 136.093558] Modules linked in: [ 136.093891] CPU: 1 UID: 0 PID: 3945 Comm: syz-executor.1 Tainted: G W 6.17.0-rc4-next-20250901 #1 PREEMPT(voluntary) [ 136.095640] Tainted: [W]=WARN [ 136.096528] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 136.098321] RIP: 0010:mntput_no_expire+0x78e/0xbe0 [ 136.099678] Code: 05 d6 30 81 04 01 e8 71 df 91 ff e9 41 fc ff ff e8 27 47 b4 ff 31 ff 44 89 ee e8 4d 42 b4 ff 45 85 ed 79 09 e8 13 47 b4 ff 90 <0f> 0b 90 e8 0a 47 b4 ff e8 b5 2d fc 02 31 ff 89 c5 89 c6 e8 2a 42 [ 136.103177] RSP: 0018:ffff88800ddef9c0 EFLAGS: 00010293 [ 136.103635] RAX: 0000000000000000 RBX: 1ffff11001bbdf3d RCX: ffffffff81bfaf93 [ 136.104217] RDX: ffff888046073700 RSI: ffffffff81bfaf9d RDI: 0000000000000005 [ 136.104811] RBP: ffff88801e5f0e00 R08: 0000000000000001 R09: 0000000000000000 [ 136.105388] R10: 00000000ffffffff R11: 0000000000000001 R12: ffff88800ddefa28 [ 136.105999] R13: 00000000ffffffff R14: dead000000000100 R15: ffff88801e5f0e00 [ 136.106595] FS: 0000000000000000(0000) GS:ffff8880e56d8000(0000) knlGS:0000000000000000 [ 136.107260] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 136.107748] CR2: 00007f1285336200 CR3: 000000000e04f000 CR4: 0000000000350ef0 [ 136.108336] Call Trace: [ 136.108572] [ 136.108763] ? __pfx_autoremove_wake_function+0x10/0x10 [ 136.109204] ? __pfx_mntput_no_expire+0x10/0x10 [ 136.109627] ? __virt_addr_valid+0x100/0x5d0 [ 136.109996] ? __pfx_wait_rcu_exp_gp+0x10/0x10 [ 136.110384] ? shrink_dentry_list+0x1a/0x650 [ 136.110777] ? __call_rcu_common.constprop.0+0x4c1/0x960 [ 136.111245] namespace_unlock+0x7f1/0x810 [ 136.111614] ? __pfx_namespace_unlock+0x10/0x10 [ 136.112006] ? find_held_lock+0x2b/0x80 [ 136.112343] ? lock_release+0xc8/0x290 [ 136.112686] put_mnt_ns+0xf5/0x120 [ 136.112992] free_nsproxy+0x3a/0x400 [ 136.113309] switch_task_namespaces+0xe2/0x100 [ 136.113718] do_exit+0x841/0x2970 [ 136.114025] ? lock_release+0xc8/0x290 [ 136.114360] ? __pfx_do_exit+0x10/0x10 [ 136.114704] ? find_held_lock+0x2b/0x80 [ 136.115053] ? get_signal+0x835/0x2340 [ 136.115382] do_group_exit+0xd3/0x2a0 [ 136.115721] get_signal+0x2315/0x2340 [ 136.116043] ? __pfx_get_signal+0x10/0x10 [ 136.116384] ? do_futex+0x135/0x370 [ 136.116715] ? __pfx_do_futex+0x10/0x10 [ 136.117057] arch_do_signal_or_restart+0x80/0x790 [ 136.117493] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 136.117950] ? __x64_sys_futex+0x1c9/0x4d0 [ 136.118297] ? __x64_sys_futex+0x1d2/0x4d0 [ 136.118673] ? __pfx___x64_sys_futex+0x10/0x10 [ 136.119085] ? __x64_sys_semget+0x198/0x220 [ 136.119471] ? __pfx___x64_sys_semget+0x10/0x10 [ 136.119864] exit_to_user_mode_loop+0x8b/0x110 [ 136.120243] do_syscall_64+0x2f7/0x360 [ 136.120590] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 136.121013] RIP: 0033:0x7ff265f75b19 [ 136.121328] Code: Unable to access opcode bytes at 0x7ff265f75aef. [ 136.121851] RSP: 002b:00007ff2634eb218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 136.122486] RAX: fffffffffffffe00 RBX: 00007ff266088f68 RCX: 00007ff265f75b19 [ 136.123085] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007ff266088f68 [ 136.123686] RBP: 00007ff266088f60 R08: 0000000000000000 R09: 0000000000000000 [ 136.124268] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ff266088f6c [ 136.124873] R13: 00007ffdd7672cbf R14: 00007ff2634eb300 R15: 0000000000022000 [ 136.125492] [ 136.125686] irq event stamp: 5599 [ 136.125972] hardirqs last enabled at (5607): [] __up_console_sem+0x78/0x80 [ 136.126696] hardirqs last disabled at (5616): [] __up_console_sem+0x5d/0x80 [ 136.127416] softirqs last enabled at (5092): [] handle_softirqs+0x50c/0x770 [ 136.128137] softirqs last disabled at (5085): [] __irq_exit_rcu+0xc4/0x100 [ 136.128894] ---[ end trace 0000000000000000 ]--- 18:53:07 executing program 1: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x2000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_procfs$userns(0x0, &(0x7f0000000040)) 18:53:07 executing program 4: perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$procfs(0xffffffffffffff9c, &(0x7f0000000100)='/proc/sysvipc/shm\x00', 0x0, 0x0) syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0x20901, 0x0) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) getsockopt$IP_VS_SO_GET_TIMEOUT(0xffffffffffffffff, 0x0, 0x486, &(0x7f0000000140), &(0x7f0000000200)=0xc) r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000340), 0x608000, 0x0) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000180)={@mcast1, @ipv4={'\x00', '\xff\xff', @local}, @dev, 0x0, 0x0, 0x0, 0x700, 0x10000000, 0x80000005}) socket$inet6_udp(0xa, 0x2, 0x0) getpid() socket$nl_xfrm(0x10, 0x3, 0x6) r1 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000480)=ANY=[@ANYBLOB="100000001d0001514943baad3edebd00"], 0x10}}, 0x0) 18:53:07 executing program 2: perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x79, 0x8, 0x0, 0x0, 0x0, 0x0, 0x8800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x0, 0x0, 0xffffffffffffffff, 0x8) r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000440), 0x4840, 0x0) ioctl$SG_EMULATED_HOST(r0, 0x80041284, &(0x7f0000002040)) r1 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TIOCL_SCROLLCONSOLE(r1, 0x560a, &(0x7f0000000140)) ioctl$FS_IOC_RESVSP(r1, 0x40305828, &(0x7f0000000000)={0x0, 0x1, 0x8, 0x5}) 18:53:07 executing program 5: pipe(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$int_in(r0, 0x5421, &(0x7f0000000080)=0x200) ioctl$HIDIOCGSTRING(r0, 0x81044804, &(0x7f00000000c0)={0x89, "2f91c309843caeaad1bfd81117b6b5008aa2255a7e2494290ac8035674169d360ec34eb12e1b12f9a3ac71c698194a2661e066cb63a580db35c3c4f7da6266477ab375ce94fbaafdf8af219fb83caa226b385c303a979a1d5cad012357f324772168f3ee52a629311d1f71e5a3011cab7bc54e9e5c2cecc5e0e3b2ae8f810ec57a60849968028c8367"}) dup2(r0, r1) r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1) splice(r0, 0x0, r2, 0x0, 0x7ff, 0x0) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) r3 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000200)='net/psched\x00') pread64(r3, 0x0, 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r3, 0x4c81, 0x1) 18:53:07 executing program 6: r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='net/ptype\x00') pread64(r0, &(0x7f0000000080)=""/203, 0xcb, 0x33) pread64(r0, &(0x7f0000000180)=""/95, 0x5f, 0x7) 18:53:07 executing program 7: r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) open_by_handle_at(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="1000000002000000f9"], 0x2f00) creat(&(0x7f0000000000)='./file0\x00', 0x5) 18:53:07 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000080), 0x4) setsockopt$packet_fanout_data(r0, 0x107, 0x16, &(0x7f0000000180)={0x7, &(0x7f0000000140)=[{0x200, 0x13, 0x3, 0x80}, {0x8001, 0x4, 0x7, 0x80}, {0x2, 0x2, 0x0, 0x7}, {0x6f, 0x5, 0x6, 0x8}, {0x7, 0x7f, 0x3, 0x8}, {0x7, 0x7, 0x0, 0xf77}, {0x5, 0x3, 0x2, 0x40}]}, 0x10) setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f0000000000)=@req3={0x1000, 0x1, 0x400, 0x4}, 0x1c) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r1, &(0x7f0000000040)={0xa, 0x0, 0x0, @empty}, 0x1c) r2 = accept4(0xffffffffffffffff, 0x0, &(0x7f00000000c0), 0x80000) setsockopt$packet_fanout(r2, 0x107, 0x12, &(0x7f0000000100)={0x1, 0x1}, 0x4) 18:53:07 executing program 3: r0 = socket$inet(0x2, 0x80003, 0xff) r1 = socket$inet_tcp(0x2, 0x1, 0x0) sendto$inet(r1, &(0x7f0000000080)="4b5b8acbda400aace261ee5a5d9dd89bf8b586962112db5511491547ab476cbb0719a03a4385638307a3bc8ab77fe47a7ed12ba1661054b927e95205", 0x3c, 0x0, &(0x7f00000000c0)={0x2, 0x4e23, @private=0xa010102}, 0x10) r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000200)='net/psched\x00') pread64(r2, 0x0, 0x0, 0x0) r3 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000100), 0x501900, 0x0) sendto$inet(r3, &(0x7f0000000140)="089dd7283e86a38cb300e92885c51b7e1395c6a2120fd4551fd2f06edb0ae07e864c123c376740a2fab5bc71ec52f07f89247163309fec6418274453f3eb341d3f7938da6d07fc4879bd072c2f91c1f08aa2943fafb10006ae8558f7d09880bd4141afe74b44b8d3fa91e9f559f309c6e1bd00ac1ef419e17126c279d245b3d3b16492e361b8562341ff68f643b8bcc7a5896292986874c96dc5", 0x9a, 0x4000001, 0x0, 0x0) setsockopt$inet_int(r2, 0x0, 0x16, &(0x7f0000000040)=0x1e5f, 0x4) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000000)={'wlan1\x00'}) 18:53:07 executing program 3: r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) r2 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000200)={'wlan1\x00', 0x0}) r4 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_inet6_SIOCSIFADDR(r1, 0x8916, &(0x7f00000000c0)={@ipv4={'\x00', '\xff\xff', @dev={0xac, 0x3}}, 0x0, r3}) r5 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000200)={'wlan1\x00', 0x0}) r7 = socket$inet6_udp(0xa, 0x2, 0x0) ioctl$sock_inet6_SIOCSIFADDR(r7, 0x8916, &(0x7f0000001980)={@mcast1, 0x0, r6}) ioctl$sock_inet6_SIOCADDRT(r4, 0x890b, &(0x7f0000000000)={@initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, @private1, @loopback, 0xca4, 0x3ff, 0x8, 0x480, 0x3, 0x6000000, r6}) r8 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000200)={'wlan1\x00', 0x0}) ioctl$sock_inet6_SIOCSIFADDR(r0, 0x8936, &(0x7f00000000c0)={@ipv4={'\x00', '\xff\xff', @dev={0xac, 0x3, 0x14, 0xfd}}, 0x2000, r9}) 18:53:07 executing program 2: perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x79, 0x8, 0x0, 0x0, 0x0, 0x0, 0x8800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x0, 0x0, 0xffffffffffffffff, 0x8) r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000440), 0x4840, 0x0) ioctl$SG_EMULATED_HOST(r0, 0x80041284, &(0x7f0000002040)) r1 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TIOCL_SCROLLCONSOLE(r1, 0x560a, &(0x7f0000000140)) ioctl$FS_IOC_RESVSP(r1, 0x40305828, &(0x7f0000000000)={0x0, 0x1, 0x8, 0x5}) [ 144.246250] Oops: general protection fault, probably for non-canonical address 0xe7fffc0000000032: 0000 [#1] SMP KASAN NOPTI [ 144.248098] KASAN: maybe wild-memory-access in range [0x4000000000000190-0x4000000000000197] [ 144.249475] CPU: 0 UID: 0 PID: 3983 Comm: syz-executor.1 Tainted: G W 6.17.0-rc4-next-20250901 #1 PREEMPT(voluntary) [ 144.251412] Tainted: [W]=WARN [ 144.251948] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 144.253251] RIP: 0010:perf_tp_event+0x175/0xe70 [ 144.254019] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01 [ 144.256895] RSP: 0018:ffff88801601f800 EFLAGS: 00010212 [ 144.257779] RAX: 0800000000000032 RBX: 3fffffffffffffa0 RCX: ffffc900009f6000 [ 144.258920] RDX: 0000000000040000 RSI: ffffffff8189a4e7 RDI: 4000000000000190 [ 144.260076] RBP: ffff88801601fa70 R08: ffff88806ce31340 R09: ffffe8ffffc15f40 [ 144.261204] R10: 0000000000000000 R11: 0000000000000001 R12: dffffc0000000000 [ 144.262333] R13: 0000000000000000 R14: ffff88806ce31340 R15: dffffc0000000000 [ 144.263492] FS: 00007ff2634eb700(0000) GS:ffff8880e55d8000(0000) knlGS:0000000000000000 [ 144.264751] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 144.265673] CR2: 00007f1ea3279018 CR3: 000000000e730000 CR4: 0000000000350ef0 [ 144.266794] Call Trace: [ 144.267228] [ 144.267617] ? perf_swevent_event+0x63/0x3f0 [ 144.268331] ? __pfx_perf_tp_event+0x10/0x10 [ 144.269057] ? tracing_gen_ctx_irq_test+0x167/0x1f0 [ 144.269863] ? tracing_gen_ctx_irq_test+0x167/0x1f0 [ 144.270665] ? perf_swevent_event+0x63/0x3f0 [ 144.271397] ? perf_tp_event+0x807/0xe70 [ 144.272090] ? __pfx_perf_tp_event+0x10/0x10 [ 144.272827] ? __perf_install_in_context+0x503/0xb90 [ 144.273654] ? do_raw_spin_unlock+0x53/0x220 [ 144.274379] ? perf_trace_run_bpf_submit+0xef/0x180 [ 144.275208] perf_trace_run_bpf_submit+0xef/0x180 [ 144.276019] perf_trace_lock+0x337/0x5d0 [ 144.276695] ? __pfx_perf_trace_lock+0x10/0x10 [ 144.277431] ? lock_acquire+0x15e/0x2f0 [ 144.278088] ? futex_ref_get+0x48/0x300 [ 144.278740] ? futex_ref_get+0x114/0x300 [ 144.279395] ? futex_hash+0x15c/0x390 [ 144.280028] lock_release+0x1ab/0x290 [ 144.280656] ? futex_hash+0x15c/0x390 [ 144.281265] futex_ref_get+0x119/0x300 [ 144.281897] ? futex_hash+0x15c/0x390 [ 144.282518] futex_hash+0x70/0x390 [ 144.283095] futex_wake+0x143/0x540 [ 144.283728] ? __pfx_perf_trace_lock+0x10/0x10 [ 144.284478] ? __pfx_futex_wake+0x10/0x10 [ 144.285150] ? __do_sys_perf_event_open+0x44d/0x2c20 [ 144.285971] ? lock_release+0xc8/0x290 [ 144.286617] do_futex+0x26d/0x370 [ 144.287194] ? __pfx_do_futex+0x10/0x10 [ 144.287855] ? __pfx___do_sys_perf_event_open+0x10/0x10 [ 144.288727] ? find_held_lock+0x2b/0x80 [ 144.289373] __x64_sys_futex+0x1c9/0x4d0 [ 144.290177] ? __pfx___x64_sys_futex+0x10/0x10 [ 144.290956] ? xfd_validate_state+0x55/0x180 [ 144.291704] do_syscall_64+0xbf/0x360 [ 144.292314] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 144.293142] RIP: 0033:0x7ff265f75b19 [ 144.293741] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 144.296599] RSP: 002b:00007ff2634eb218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 144.297787] RAX: ffffffffffffffda RBX: 00007ff266088f68 RCX: 00007ff265f75b19 [ 144.298896] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007ff266088f6c [ 144.300017] RBP: 00007ff266088f60 R08: 000000000000000e R09: 0000000000000000 [ 144.301136] R10: 0000000000000003 R11: 0000000000000246 R12: 00007ff266088f6c [ 144.302241] R13: 00007ffdd7672cbf R14: 00007ff2634eb300 R15: 0000000000022000 [ 144.303375] [ 144.303762] Modules linked in: [ 144.304329] Oops: general protection fault, probably for non-canonical address 0xe7fffc0000000032: 0000 [#2] SMP KASAN NOPTI [ 144.306059] KASAN: maybe wild-memory-access in range [0x4000000000000190-0x4000000000000197] [ 144.307375] CPU: 0 UID: 0 PID: 3983 Comm: syz-executor.1 Tainted: G D W 6.17.0-rc4-next-20250901 #1 PREEMPT(voluntary) [ 144.309400] Tainted: [D]=DIE, [W]=WARN [ 144.310130] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 144.311415] RIP: 0010:perf_tp_event+0x175/0xe70 [ 144.312165] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01 [ 144.314966] RSP: 0018:ffff88806ce08a80 EFLAGS: 00010012 [ 144.315811] RAX: 0800000000000032 RBX: 3fffffffffffffa0 RCX: ffffffff818998a3 [ 144.316902] RDX: ffff88800dde0000 RSI: ffffffff8189a4e7 RDI: 4000000000000190 [ 144.318007] RBP: ffff88806ce08cf0 R08: ffff88806ce31490 R09: ffffe8ffffc15f40 [ 144.319102] R10: 0000000000000000 R11: 746e756f63716573 R12: dffffc0000000000 [ 144.320211] R13: 0000000000000000 R14: ffff88806ce31490 R15: dffffc0000000000 [ 144.321298] FS: 00007ff2634eb700(0000) GS:ffff8880e55d8000(0000) knlGS:0000000000000000 [ 144.322540] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 144.323437] CR2: 00007f1ea3279018 CR3: 000000000e730000 CR4: 0000000000350ef0 [ 144.324544] Call Trace: [ 144.324945] [ 144.325293] ? __pfx_perf_tp_event+0x10/0x10 [ 144.326006] ? trace_pelt_se_tp+0xdf/0x130 [ 144.326670] ? __update_load_avg_se+0x428/0xa40 [ 144.327410] ? lock_is_held_type+0x9e/0x120 [ 144.328096] ? perf_trace_lock+0xb5/0x5d0 [ 144.328742] ? perf_trace_lock+0xb5/0x5d0 [ 144.329482] ? __pfx_perf_trace_lock+0x10/0x10 [ 144.330367] ? __pfx_perf_trace_lock+0x10/0x10 [ 144.331260] ? check_preempt_wakeup_fair+0x406/0x950 [ 144.332229] ? perf_trace_run_bpf_submit+0xef/0x180 [ 144.333184] perf_trace_run_bpf_submit+0xef/0x180 [ 144.334121] perf_trace_lock+0x337/0x5d0 [ 144.334911] ? __pfx_perf_trace_lock+0x10/0x10 [ 144.335752] ? find_held_lock+0x2b/0x80 [ 144.336368] ? hrtimer_interrupt+0x114/0x830 [ 144.337051] lock_release+0x1ab/0x290 [ 144.337652] ktime_get_update_offsets_now+0xab/0x3c0 [ 144.338424] ? hrtimer_interrupt+0x114/0x830 [ 144.339121] ? __pfx_lapic_next_deadline+0x10/0x10 [ 144.339896] hrtimer_interrupt+0x114/0x830 [ 144.340562] ? __pfx_do_sync_core+0x10/0x10 [ 144.341221] ? trace_csd_function_exit+0x134/0x190 [ 144.341985] ? __flush_smp_call_function_queue+0x28c/0x740 [ 144.342843] __sysvec_apic_timer_interrupt+0xbb/0x330 [ 144.343651] sysvec_apic_timer_interrupt+0x6b/0x80 [ 144.344400] [ 144.344768] [ 144.345114] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 144.345909] RIP: 0010:oops_exit+0x0/0x50 [ 144.346543] Code: 00 3a 00 be ff ff ff ff 48 c7 c7 50 b4 43 86 e8 c6 0f f9 ff 5b e9 50 00 3a 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 <66> 0f 1f 00 53 e8 36 00 3a 00 8b 1d c0 3d 4f 06 31 ff 89 de e8 57 [ 144.349257] RSP: 0018:ffff88801601f690 EFLAGS: 00000202 [ 144.350066] RAX: 000000000002c2da RBX: 0000000000000202 RCX: ffffc900009f6000 [ 144.351143] RDX: 0000000000040000 RSI: ffffffff812a3dca RDI: 0000000000000007 [ 144.352205] RBP: 000000000000000b R08: 0000000000000001 R09: fffffbfff0f12690 [ 144.353274] R10: 0000000000000000 R11: 0000000000000001 R12: ffff88801601f758 [ 144.354325] R13: 0000000000000000 R14: e7fffc0000000032 R15: 0000000000000000 [ 144.355400] ? oops_end+0x4a/0xe0 [ 144.355952] oops_end+0x65/0xe0 [ 144.356482] exc_general_protection+0x1a2/0x330 [ 144.357207] asm_exc_general_protection+0x26/0x30 [ 144.357932] RIP: 0010:perf_tp_event+0x175/0xe70 [ 144.358645] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01 [ 144.361337] RSP: 0018:ffff88801601f800 EFLAGS: 00010212 [ 144.362136] RAX: 0800000000000032 RBX: 3fffffffffffffa0 RCX: ffffc900009f6000 [ 144.363314] RDX: 0000000000040000 RSI: ffffffff8189a4e7 RDI: 4000000000000190 [ 144.364529] RBP: ffff88801601fa70 R08: ffff88806ce31340 R09: ffffe8ffffc15f40 [ 144.365730] R10: 0000000000000000 R11: 0000000000000001 R12: dffffc0000000000 [ 144.366919] R13: 0000000000000000 R14: ffff88806ce31340 R15: dffffc0000000000 [ 144.368134] ? perf_tp_event+0x167/0xe70 [ 144.368864] ? perf_swevent_event+0x63/0x3f0 [ 144.369641] ? __pfx_perf_tp_event+0x10/0x10 [ 144.370393] ? tracing_gen_ctx_irq_test+0x167/0x1f0 [ 144.371261] ? tracing_gen_ctx_irq_test+0x167/0x1f0 [ 144.372132] ? perf_swevent_event+0x63/0x3f0 [ 144.373020] ? perf_tp_event+0x807/0xe70 [ 144.373835] ? __pfx_perf_tp_event+0x10/0x10 [ 144.374603] ? __perf_install_in_context+0x503/0xb90 [ 144.375473] ? do_raw_spin_unlock+0x53/0x220 [ 144.376252] ? perf_trace_run_bpf_submit+0xef/0x180 [ 144.377118] perf_trace_run_bpf_submit+0xef/0x180 [ 144.377952] perf_trace_lock+0x337/0x5d0 [ 144.378657] ? __pfx_perf_trace_lock+0x10/0x10 [ 144.379459] ? lock_acquire+0x15e/0x2f0 [ 144.380154] ? futex_ref_get+0x48/0x300 [ 144.380838] ? futex_ref_get+0x114/0x300 [ 144.381530] ? futex_hash+0x15c/0x390 [ 144.382167] lock_release+0x1ab/0x290 [ 144.382839] ? futex_hash+0x15c/0x390 [ 144.383517] futex_ref_get+0x119/0x300 [ 144.384356] ? futex_hash+0x15c/0x390 [ 144.385026] futex_hash+0x70/0x390 [ 144.385643] futex_wake+0x143/0x540 [ 144.386256] ? __pfx_perf_trace_lock+0x10/0x10 [ 144.387048] ? __pfx_futex_wake+0x10/0x10 [ 144.387779] ? __do_sys_perf_event_open+0x44d/0x2c20 [ 144.388639] ? lock_release+0xc8/0x290 [ 144.389298] do_futex+0x26d/0x370 [ 144.389899] ? __pfx_do_futex+0x10/0x10 [ 144.390590] ? __pfx___do_sys_perf_event_open+0x10/0x10 [ 144.391496] ? find_held_lock+0x2b/0x80 [ 144.392173] __x64_sys_futex+0x1c9/0x4d0 [ 144.392870] ? __pfx___x64_sys_futex+0x10/0x10 [ 144.393648] ? xfd_validate_state+0x55/0x180 [ 144.394398] do_syscall_64+0xbf/0x360 [ 144.395059] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 144.395932] RIP: 0033:0x7ff265f75b19 [ 144.396563] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 144.399538] RSP: 002b:00007ff2634eb218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 144.400782] RAX: ffffffffffffffda RBX: 00007ff266088f68 RCX: 00007ff265f75b19 [ 144.401943] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007ff266088f6c [ 144.403129] RBP: 00007ff266088f60 R08: 000000000000000e R09: 0000000000000000 [ 144.404300] R10: 0000000000000003 R11: 0000000000000246 R12: 00007ff266088f6c [ 144.405463] R13: 00007ffdd7672cbf R14: 00007ff2634eb300 R15: 0000000000022000 [ 144.406658] [ 144.407045] Modules linked in: [ 144.407608] ---[ end trace 0000000000000000 ]--- [ 144.408364] RIP: 0010:perf_tp_event+0x175/0xe70 [ 144.409145] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01 [ 144.412102] RSP: 0018:ffff88801601f800 EFLAGS: 00010212 [ 144.412995] RAX: 0800000000000032 RBX: 3fffffffffffffa0 RCX: ffffc900009f6000 [ 144.414175] RDX: 0000000000040000 RSI: ffffffff8189a4e7 RDI: 4000000000000190 [ 144.415347] RBP: ffff88801601fa70 R08: ffff88806ce31340 R09: ffffe8ffffc15f40 [ 144.416517] R10: 0000000000000000 R11: 0000000000000001 R12: dffffc0000000000 [ 144.417673] R13: 0000000000000000 R14: ffff88806ce31340 R15: dffffc0000000000 [ 144.418828] FS: 00007ff2634eb700(0000) GS:ffff8880e55d8000(0000) knlGS:0000000000000000 [ 144.420132] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 144.421076] CR2: 00007f1ea3279018 CR3: 000000000e730000 CR4: 0000000000350ef0 [ 144.422246] Kernel panic - not syncing: Fatal exception in interrupt [ 144.423427] Kernel Offset: disabled [ 144.424028] ---[ end Kernel panic - not syncing: Fatal exception in interrupt ]--- VM DIAGNOSIS: 18:52:59 Registers: info registers vcpu 0 RAX=dffffc0000000000 RBX=ffffea00010557c0 RCX=ffffffff81a29852 RDX=1ffffd400020aafb RSI=ffffffff81a29881 RDI=0000000000000007 RBP=0000000000000001 RSP=ffff88800a817838 R8 =0000000000000000 R9 =fffff9400020aaf8 R10=0000000000000000 R11=0000000000000001 R12=ffffea00010557c0 R13=ffffea00010557c0 R14=ffff888045c013c0 R15=ffffea00010557f0 RIP=ffffffff81a298a0 RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 0000000000000000 00000000 00000000 GS =0000 ffff8880e55d8000 00000000 00000000 LDT=0000 fffffe6000000000 00000000 00000000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=000055558f050c58 CR3=000000004232d000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=ff00000000ff000000000000000000ff XMM01=25252525252525252525252525252525 XMM02=00000000000000000000000000000000 XMM03=00000000000000000000000000000000 XMM04=000000000000000000000000000000ff XMM05=00000000000000000000000000000000 XMM06=00000000000000000000000000000000 XMM07=00000000000000000000000000000000 XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000 XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000 info registers vcpu 1 RAX=0000000000000065 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff828e5105 RDI=ffffffff88729280 RBP=ffffffff88729240 RSP=ffff88800ddef290 R8 =0000000000000000 R9 =ffffed1001476046 R10=0000000000000065 R11=0000000000000001 R12=0000000000000065 R13=0000000000000010 R14=ffffffff88729240 R15=ffffffff828e50f0 RIP=ffffffff828e515d RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 0000000000000000 00000000 00000000 GS =0000 ffff8880e56d8000 00000000 00000000 LDT=0000 fffffe5100000000 00000000 00000000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007f1285336200 CR3=000000000e04f000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=ffffffffffffffffffffffffffffffff XMM01=30306234386136303638616663356134 XMM02=38303062343861363036386166633561 XMM03=2f6c616e72756f6a2f676f6c2f6e7572 XMM04=0000000000000010000055da13474aa4 XMM05=000000000000001000007ffda7b9af50 XMM06=0000000000000011000055da13474ad2 XMM07=000000000000001400007ffda7b9aee0 XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000 XMM10=20000000000000002000000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000