Warning: Permanently added '[localhost]:4612' (ECDSA) to the list of known hosts.
2024/10/17 00:35:07 fuzzer started
2024/10/17 00:35:07 dialing manager at localhost:46303
syzkaller login: [   62.630568] cgroup: Unknown subsys name 'net'
[   62.726996] cgroup: Unknown subsys name 'cpuset'
[   62.754714] cgroup: Unknown subsys name 'rlimit'
2024/10/17 00:35:24 syscalls: 2217
2024/10/17 00:35:24 code coverage: enabled
2024/10/17 00:35:24 comparison tracing: enabled
2024/10/17 00:35:24 extra coverage: enabled
2024/10/17 00:35:24 setuid sandbox: enabled
2024/10/17 00:35:24 namespace sandbox: enabled
2024/10/17 00:35:24 Android sandbox: enabled
2024/10/17 00:35:24 fault injection: enabled
2024/10/17 00:35:24 leak checking: enabled
2024/10/17 00:35:24 net packet injection: enabled
2024/10/17 00:35:24 net device setup: enabled
2024/10/17 00:35:24 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist
2024/10/17 00:35:24 devlink PCI setup: PCI device 0000:00:10.0 is not available
2024/10/17 00:35:24 USB emulation: enabled
2024/10/17 00:35:24 hci packet injection: enabled
2024/10/17 00:35:24 wifi device emulation: enabled
2024/10/17 00:35:24 802.15.4 emulation: enabled
2024/10/17 00:35:24 fetching corpus: 0, signal 0/2000 (executing program)
2024/10/17 00:35:25 fetching corpus: 48, signal 16950/20550 (executing program)
2024/10/17 00:35:25 fetching corpus: 98, signal 29305/34262 (executing program)
2024/10/17 00:35:25 fetching corpus: 148, signal 41094/47198 (executing program)
2024/10/17 00:35:25 fetching corpus: 198, signal 50253/57366 (executing program)
2024/10/17 00:35:25 fetching corpus: 248, signal 55286/63441 (executing program)
2024/10/17 00:35:25 fetching corpus: 298, signal 59328/68622 (executing program)
2024/10/17 00:35:25 fetching corpus: 348, signal 62959/73276 (executing program)
2024/10/17 00:35:25 fetching corpus: 398, signal 66782/77987 (executing program)
2024/10/17 00:35:25 fetching corpus: 448, signal 68432/80679 (executing program)
2024/10/17 00:35:25 fetching corpus: 498, signal 71048/84168 (executing program)
2024/10/17 00:35:25 fetching corpus: 548, signal 72887/86961 (executing program)
2024/10/17 00:35:25 fetching corpus: 598, signal 74638/89643 (executing program)
2024/10/17 00:35:26 fetching corpus: 648, signal 76974/92734 (executing program)
2024/10/17 00:35:26 fetching corpus: 698, signal 79125/95642 (executing program)
2024/10/17 00:35:26 fetching corpus: 748, signal 81266/98456 (executing program)
2024/10/17 00:35:26 fetching corpus: 798, signal 82875/100835 (executing program)
2024/10/17 00:35:26 fetching corpus: 848, signal 85015/103575 (executing program)
2024/10/17 00:35:26 fetching corpus: 898, signal 88830/107548 (executing program)
2024/10/17 00:35:26 fetching corpus: 948, signal 91671/110742 (executing program)
2024/10/17 00:35:26 fetching corpus: 998, signal 93597/113195 (executing program)
2024/10/17 00:35:26 fetching corpus: 1048, signal 95457/115518 (executing program)
2024/10/17 00:35:27 fetching corpus: 1097, signal 97394/117897 (executing program)
2024/10/17 00:35:27 fetching corpus: 1147, signal 99233/120148 (executing program)
2024/10/17 00:35:27 fetching corpus: 1197, signal 100363/121826 (executing program)
2024/10/17 00:35:27 fetching corpus: 1247, signal 101442/123498 (executing program)
2024/10/17 00:35:27 fetching corpus: 1296, signal 102408/125030 (executing program)
2024/10/17 00:35:27 fetching corpus: 1346, signal 103680/126687 (executing program)
2024/10/17 00:35:27 fetching corpus: 1396, signal 104944/128347 (executing program)
2024/10/17 00:35:27 fetching corpus: 1446, signal 106361/130113 (executing program)
2024/10/17 00:35:27 fetching corpus: 1496, signal 107233/131467 (executing program)
2024/10/17 00:35:27 fetching corpus: 1546, signal 108308/132920 (executing program)
2024/10/17 00:35:28 fetching corpus: 1596, signal 109316/134314 (executing program)
2024/10/17 00:35:28 fetching corpus: 1646, signal 110230/135610 (executing program)
2024/10/17 00:35:28 fetching corpus: 1696, signal 111146/136869 (executing program)
2024/10/17 00:35:28 fetching corpus: 1746, signal 112379/138326 (executing program)
2024/10/17 00:35:28 fetching corpus: 1796, signal 113850/139896 (executing program)
2024/10/17 00:35:28 fetching corpus: 1846, signal 115236/141396 (executing program)
2024/10/17 00:35:28 fetching corpus: 1896, signal 117645/143437 (executing program)
2024/10/17 00:35:28 fetching corpus: 1946, signal 118205/144421 (executing program)
2024/10/17 00:35:28 fetching corpus: 1996, signal 119036/145493 (executing program)
2024/10/17 00:35:29 fetching corpus: 2046, signal 120299/146811 (executing program)
2024/10/17 00:35:29 fetching corpus: 2096, signal 120940/147778 (executing program)
2024/10/17 00:35:29 fetching corpus: 2146, signal 121689/148761 (executing program)
2024/10/17 00:35:29 fetching corpus: 2196, signal 122249/149616 (executing program)
2024/10/17 00:35:29 fetching corpus: 2246, signal 122872/150515 (executing program)
2024/10/17 00:35:29 fetching corpus: 2296, signal 123628/151454 (executing program)
2024/10/17 00:35:29 fetching corpus: 2346, signal 124265/152304 (executing program)
2024/10/17 00:35:29 fetching corpus: 2396, signal 124992/153219 (executing program)
2024/10/17 00:35:29 fetching corpus: 2446, signal 125948/154164 (executing program)
2024/10/17 00:35:29 fetching corpus: 2496, signal 126765/155093 (executing program)
2024/10/17 00:35:29 fetching corpus: 2546, signal 127195/155840 (executing program)
2024/10/17 00:35:30 fetching corpus: 2596, signal 128340/156832 (executing program)
2024/10/17 00:35:30 fetching corpus: 2646, signal 129171/157715 (executing program)
2024/10/17 00:35:30 fetching corpus: 2696, signal 129687/158463 (executing program)
2024/10/17 00:35:30 fetching corpus: 2746, signal 130969/159489 (executing program)
2024/10/17 00:35:30 fetching corpus: 2796, signal 131780/160283 (executing program)
2024/10/17 00:35:30 fetching corpus: 2846, signal 132550/161039 (executing program)
2024/10/17 00:35:30 fetching corpus: 2896, signal 133089/161677 (executing program)
2024/10/17 00:35:30 fetching corpus: 2946, signal 133740/162339 (executing program)
2024/10/17 00:35:30 fetching corpus: 2996, signal 134281/162991 (executing program)
2024/10/17 00:35:30 fetching corpus: 3046, signal 135158/163709 (executing program)
2024/10/17 00:35:31 fetching corpus: 3096, signal 135523/164293 (executing program)
2024/10/17 00:35:31 fetching corpus: 3146, signal 135927/164876 (executing program)
2024/10/17 00:35:31 fetching corpus: 3196, signal 136565/165478 (executing program)
2024/10/17 00:35:31 fetching corpus: 3246, signal 137729/166172 (executing program)
2024/10/17 00:35:31 fetching corpus: 3296, signal 138540/166778 (executing program)
2024/10/17 00:35:31 fetching corpus: 3346, signal 138998/167290 (executing program)
2024/10/17 00:35:31 fetching corpus: 3396, signal 139363/167809 (executing program)
2024/10/17 00:35:31 fetching corpus: 3446, signal 140008/168348 (executing program)
2024/10/17 00:35:31 fetching corpus: 3496, signal 140315/168821 (executing program)
2024/10/17 00:35:32 fetching corpus: 3546, signal 140958/169353 (executing program)
2024/10/17 00:35:32 fetching corpus: 3596, signal 141586/169867 (executing program)
2024/10/17 00:35:32 fetching corpus: 3646, signal 142015/170338 (executing program)
2024/10/17 00:35:32 fetching corpus: 3696, signal 142671/170798 (executing program)
2024/10/17 00:35:32 fetching corpus: 3746, signal 143110/171247 (executing program)
2024/10/17 00:35:32 fetching corpus: 3796, signal 143552/171692 (executing program)
2024/10/17 00:35:32 fetching corpus: 3846, signal 144009/172134 (executing program)
2024/10/17 00:35:32 fetching corpus: 3896, signal 144478/172547 (executing program)
2024/10/17 00:35:32 fetching corpus: 3946, signal 144962/172947 (executing program)
2024/10/17 00:35:32 fetching corpus: 3996, signal 145320/173323 (executing program)
2024/10/17 00:35:32 fetching corpus: 4045, signal 145803/173709 (executing program)
2024/10/17 00:35:33 fetching corpus: 4095, signal 146273/174102 (executing program)
2024/10/17 00:35:33 fetching corpus: 4145, signal 146764/174447 (executing program)
2024/10/17 00:35:33 fetching corpus: 4195, signal 147544/174793 (executing program)
2024/10/17 00:35:33 fetching corpus: 4245, signal 148031/175153 (executing program)
2024/10/17 00:35:33 fetching corpus: 4295, signal 148496/175477 (executing program)
2024/10/17 00:35:33 fetching corpus: 4345, signal 148869/175753 (executing program)
2024/10/17 00:35:33 fetching corpus: 4395, signal 149763/175753 (executing program)
2024/10/17 00:35:33 fetching corpus: 4445, signal 150227/175753 (executing program)
2024/10/17 00:35:33 fetching corpus: 4495, signal 150700/175753 (executing program)
2024/10/17 00:35:33 fetching corpus: 4545, signal 151019/175753 (executing program)
2024/10/17 00:35:34 fetching corpus: 4595, signal 151363/175753 (executing program)
2024/10/17 00:35:34 fetching corpus: 4645, signal 151659/175753 (executing program)
2024/10/17 00:35:34 fetching corpus: 4695, signal 151948/175753 (executing program)
2024/10/17 00:35:34 fetching corpus: 4745, signal 152360/175753 (executing program)
2024/10/17 00:35:34 fetching corpus: 4795, signal 152793/175753 (executing program)
2024/10/17 00:35:34 fetching corpus: 4845, signal 153096/175753 (executing program)
2024/10/17 00:35:34 fetching corpus: 4895, signal 153523/175753 (executing program)
2024/10/17 00:35:34 fetching corpus: 4945, signal 153895/175753 (executing program)
2024/10/17 00:35:34 fetching corpus: 4995, signal 154146/175753 (executing program)
2024/10/17 00:35:35 fetching corpus: 5045, signal 154525/175753 (executing program)
2024/10/17 00:35:35 fetching corpus: 5095, signal 154820/175753 (executing program)
2024/10/17 00:35:35 fetching corpus: 5145, signal 155275/175753 (executing program)
2024/10/17 00:35:35 fetching corpus: 5195, signal 155640/175753 (executing program)
2024/10/17 00:35:35 fetching corpus: 5245, signal 155994/175753 (executing program)
2024/10/17 00:35:35 fetching corpus: 5295, signal 156525/175753 (executing program)
2024/10/17 00:35:35 fetching corpus: 5345, signal 156854/175753 (executing program)
2024/10/17 00:35:35 fetching corpus: 5395, signal 157124/175753 (executing program)
2024/10/17 00:35:35 fetching corpus: 5445, signal 157424/175753 (executing program)
2024/10/17 00:35:35 fetching corpus: 5495, signal 157971/175753 (executing program)
2024/10/17 00:35:36 fetching corpus: 5545, signal 158203/175753 (executing program)
2024/10/17 00:35:36 fetching corpus: 5595, signal 158458/175753 (executing program)
2024/10/17 00:35:36 fetching corpus: 5645, signal 158679/175753 (executing program)
2024/10/17 00:35:36 fetching corpus: 5695, signal 159073/175753 (executing program)
2024/10/17 00:35:36 fetching corpus: 5745, signal 159496/175753 (executing program)
2024/10/17 00:35:36 fetching corpus: 5795, signal 159724/175753 (executing program)
2024/10/17 00:35:36 fetching corpus: 5845, signal 160095/175754 (executing program)
2024/10/17 00:35:36 fetching corpus: 5895, signal 160478/175754 (executing program)
2024/10/17 00:35:36 fetching corpus: 5945, signal 160882/175754 (executing program)
2024/10/17 00:35:36 fetching corpus: 5995, signal 161155/175754 (executing program)
2024/10/17 00:35:37 fetching corpus: 6045, signal 161408/175754 (executing program)
2024/10/17 00:35:37 fetching corpus: 6095, signal 161679/175754 (executing program)
2024/10/17 00:35:37 fetching corpus: 6145, signal 161968/175754 (executing program)
2024/10/17 00:35:37 fetching corpus: 6195, signal 162362/175754 (executing program)
2024/10/17 00:35:37 fetching corpus: 6245, signal 162678/175754 (executing program)
2024/10/17 00:35:37 fetching corpus: 6295, signal 162934/175754 (executing program)
2024/10/17 00:35:37 fetching corpus: 6345, signal 163166/175754 (executing program)
2024/10/17 00:35:37 fetching corpus: 6395, signal 163486/175754 (executing program)
2024/10/17 00:35:37 fetching corpus: 6445, signal 163711/175754 (executing program)
2024/10/17 00:35:37 fetching corpus: 6495, signal 164009/175754 (executing program)
2024/10/17 00:35:37 fetching corpus: 6545, signal 164699/175754 (executing program)
2024/10/17 00:35:38 fetching corpus: 6595, signal 164973/175754 (executing program)
2024/10/17 00:35:38 fetching corpus: 6645, signal 165262/175754 (executing program)
2024/10/17 00:35:38 fetching corpus: 6695, signal 165485/175754 (executing program)
2024/10/17 00:35:38 fetching corpus: 6745, signal 165673/175754 (executing program)
2024/10/17 00:35:38 fetching corpus: 6795, signal 166044/175756 (executing program)
2024/10/17 00:35:38 fetching corpus: 6845, signal 166462/175756 (executing program)
2024/10/17 00:35:38 fetching corpus: 6895, signal 166659/175756 (executing program)
2024/10/17 00:35:38 fetching corpus: 6945, signal 166998/175756 (executing program)
2024/10/17 00:35:38 fetching corpus: 6995, signal 167218/175756 (executing program)
2024/10/17 00:35:38 fetching corpus: 7045, signal 167389/175756 (executing program)
2024/10/17 00:35:39 fetching corpus: 7095, signal 167757/175756 (executing program)
2024/10/17 00:35:39 fetching corpus: 7145, signal 168149/175756 (executing program)
2024/10/17 00:35:39 fetching corpus: 7195, signal 168412/175756 (executing program)
2024/10/17 00:35:39 fetching corpus: 7245, signal 168675/175756 (executing program)
2024/10/17 00:35:39 fetching corpus: 7295, signal 169496/175756 (executing program)
2024/10/17 00:35:39 fetching corpus: 7345, signal 169734/175756 (executing program)
2024/10/17 00:35:39 fetching corpus: 7395, signal 169925/175756 (executing program)
2024/10/17 00:35:39 fetching corpus: 7445, signal 170139/175756 (executing program)
2024/10/17 00:35:39 fetching corpus: 7495, signal 170369/175756 (executing program)
2024/10/17 00:35:39 fetching corpus: 7545, signal 170749/175756 (executing program)
2024/10/17 00:35:40 fetching corpus: 7595, signal 170976/175756 (executing program)
2024/10/17 00:35:40 fetching corpus: 7645, signal 171293/175756 (executing program)
2024/10/17 00:35:40 fetching corpus: 7695, signal 171493/175756 (executing program)
2024/10/17 00:35:40 fetching corpus: 7745, signal 171734/175756 (executing program)
2024/10/17 00:35:40 fetching corpus: 7795, signal 171941/175756 (executing program)
2024/10/17 00:35:40 fetching corpus: 7845, signal 172163/175756 (executing program)
2024/10/17 00:35:40 fetching corpus: 7895, signal 172325/175756 (executing program)
2024/10/17 00:35:40 fetching corpus: 7945, signal 172567/175756 (executing program)
2024/10/17 00:35:40 fetching corpus: 7995, signal 172758/175756 (executing program)
2024/10/17 00:35:40 fetching corpus: 8045, signal 172916/175756 (executing program)
2024/10/17 00:35:40 fetching corpus: 8095, signal 173096/175756 (executing program)
2024/10/17 00:35:40 fetching corpus: 8145, signal 173406/175757 (executing program)
2024/10/17 00:35:41 fetching corpus: 8195, signal 173844/175757 (executing program)
2024/10/17 00:35:41 fetching corpus: 8245, signal 174099/175757 (executing program)
2024/10/17 00:35:41 fetching corpus: 8295, signal 174356/175757 (executing program)
2024/10/17 00:35:41 fetching corpus: 8345, signal 174542/175757 (executing program)
2024/10/17 00:35:41 fetching corpus: 8395, signal 174880/175757 (executing program)
2024/10/17 00:35:41 fetching corpus: 8430, signal 175042/175757 (executing program)
2024/10/17 00:35:41 fetching corpus: 8430, signal 175042/175757 (executing program)
2024/10/17 00:35:44 starting 8 fuzzer processes
00:35:44 executing program 0:
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r0, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)={0x1c, 0x19, 0x1, 0x0, 0x0, "", [@typed={0x2, 0x0, 0x0, 0x0, @binary="d8c9310200"}]}, 0x1c}], 0x1}, 0x0)

00:35:44 executing program 1:
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clock_gettime(0x3, &(0x7f0000000040))

00:35:44 executing program 2:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x17, &(0x7f0000000200)=[{&(0x7f0000010000)="2000000080000000060000006a0000000f000000000000000100000001000000004000000040000020000000e0f4655fe0f4655f0100ffff53ef010001000000dff4655f000000000000000001000000000000000b0000000001000028020000028401001b0000000000000000000000000000000000000073797a6b616c6c6572000000000000002f746d702f73797a2d696d61676567656e35313233303831343700"/192, 0xc0, 0x400}, {&(0x7f0000010100)="000000000000000000000000b00cb2cc029f49d8b90449a7ecd54d49010000000c00000000000000dff4655f00"/64, 0x40, 0x4e0}, {&(0x7f0000010200)="00000000000000000000000000000000000000000000000000000000200020000100000000000000000000000000000000000000000000002e00000000000000", 0x40, 0x540}, {&(0x7f0000010300)="0000000000000000000000000000000000000000010400"/32, 0x20, 0x640}, {&(0x7f0000010400)="0200000003000000040000006a000f000300040000000000000000000f00bc0f", 0x20, 0x800}, {&(0x7f0000010500)="ffff3f00000000000000000000000000ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff0100ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff0000000000000000dff4655fdff4655fdff4655f00"/4128, 0x1020, 0x1000}, {&(0x7f0000011600)="ed41000000080000dff4655fe0f4655fe0f4655f00000000000004000400000000000000050000000800"/64, 0x40, 0x2100}, {&(0x7f0000011700)="20000000b45b976cb45b976c00000000dff4655f00"/32, 0x20, 0x2180}, {&(0x7f0000011800)="c041000000380000dff4655fdff4655fdff4655f00000000000002001c0000000000000000000000090000000a0000000b0000000c0000000d0000000e0000000f00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000dff4655f000000000000000000000000000002ea00"/192, 0xc0, 0x2a00}, {&(0x7f0000011900)="ed4100003c000000e0f4655fe0f4655fe0f4655f0000000000000200000000000000001003000000020000000d0000001000050166696c65300000000e0000002800050766696c653100000000000000000000000000000000000000000000000000000024a8270e00000000000000000000000000000000000000000000000020000000b45b976cb45b976cb45b976ce0f4655fb45b976c0000000000000000000002ea04070000000000000000000000000000646174610000000000000000", 0xc0, 0x2b00}, {&(0x7f0000011a00)="ed8100001a040000e0f4655fe0f4655fe0f4655f000000000000010004000000000000000100000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000038ac705900000000000000000000000000000000000000000000000020000000b45b976cb45b976cb45b976ce0f4655fb45b976c0000000000000000", 0xa0, 0x2c00}, {&(0x7f0000011b00)="ffa1000026000000e0f4655fe0f4655fe0f4655f00000000000001000000000000000000010000002f746d702f73797a2d696d61676567656e3531323330383134372f66696c65302f66696c653000000000000000000000000000000000000000000000ae39138600000000000000000000000000000000000000000000000020000000b45b976cb45b976cb45b976ce0f4655fb45b976c0000000000000000", 0xa0, 0x2d00}, {&(0x7f0000011c00)="ed8100000a000000e0f4655fe0f4655fe0f4655f000000000000010000000000000000100100000073797a6b616c6c6572730000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000eabcf5b900000000000000000000000000000000000000000000000020000000b45b976cb45b976cb45b976ce0f4655fb45b976c0000000000000000000002ea040700000000000000000000000000006461746106015400000000000600000000000000786174747231000006014c000000000006000000000000007861747472320000000000000000000078617474723200007861747472310000ed81000028230000e0f4655fe0f4655fe0f4655f0000000000000200140000000000000001000000110000001200000013000000140000001500000000000000000000000000000000000000000000000000000000000000000000000000000000000000c28dc86400000000000000000000000000000000000000000000000020000000b45b976cb45b976cb45b976ce0f4655fb45b976c0000000000000000", 0x1a0, 0x2e00}, {&(0x7f0000011e00)="ed81000064000000e0f4655fe0f4655fe0f4655f000000000000010000000000000000100100000073797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c412e2ee000000000000000000000000000000000000000000000000020000000b45b976cb45b976cb45b976ce0f4655fb45b976c0000000000000000000002ea040734000000000028000000000000006461746100000000000000000000000000000000000000000000000000000000000000006c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273", 0x100, 0x3000}, {&(0x7f0000011f00)="020000000c0001022e000000020000000c0002022e2e00000b00000014000a026c6f73742b666f756e6400000c0000001000050266696c65300000000f0000001000050166696c6531000000100000001000050166696c6532000000100000001000050166696c6533000000110000009407090166696c652e636f6c64000000", 0x80, 0x4000}, {&(0x7f0000012000)="0b0000000c0001022e000000020000000c0002022e2e000000000000e8070000", 0x20, 0x4800}, {&(0x7f0000012100)='\x00\x00\x00\x00\x00\b\x00'/32, 0x20, 0x5000}, {&(0x7f0000012200)='\x00\x00\x00\x00\x00\b\x00'/32, 0x20, 0x5800}, {&(0x7f0000012300)='\x00\x00\x00\x00\x00\b\x00'/32, 0x20, 0x6000}, {&(0x7f0000012400)='\x00\x00\x00\x00\x00\b\x00'/32, 0x20, 0x6800}, {&(0x7f0000012500)='\x00\x00\x00\x00\x00\b\x00'/32, 0x20, 0x7000}, {&(0x7f0000012600)='\x00\x00\x00\x00\x00\b\x00'/32, 0x20, 0x7800}, {&(0x7f0000012700)='syzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkal\x00\x00\x00\x00\x00\x00', 0x420, 0x8000}], 0x0, &(0x7f0000012c00))

00:35:44 executing program 3:
r0 = add_key$fscrypt_v1(&(0x7f0000000100), &(0x7f0000000140)={'fscrypt:', @desc4}, &(0x7f0000000180)={0x0, "4f86c31dbb85249241d18b1022d2db9fee153f125d88df3bd889fafa60b555a7eb92a9547b98cf488090461ead6c31b6039010119a53ee2519f1187bbb299c72"}, 0x48, 0xfffffffffffffffc)
keyctl$update(0x1d, r0, &(0x7f0000001440)="ce", 0x1)

[   98.755055] audit: type=1400 audit(1729125344.132:7): avc:  denied  { execmem } for  pid=272 comm="syz-executor.0" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1
00:35:44 executing program 6:
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x1378, &(0x7f0000000100), &(0x7f0000ffb000/0x4000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180), &(0x7f00000001c0))
io_uring_register$IORING_REGISTER_BUFFERS(r0, 0x0, &(0x7f00000005c0)=[{&(0x7f0000000040)}], 0x1)

00:35:44 executing program 4:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000300)=[{0xb1}, {0x6}]}, 0x10)

00:35:44 executing program 5:
openat$dir(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x2000, 0x43)
r0 = openat(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x301400, 0x10)
ioctl$CDROMREADMODE1(r0, 0x530d, &(0x7f0000001640)={0x6, 0x9, 0x0, 0x1, 0x6, 0x81})
syz_io_uring_setup(0x101, &(0x7f0000000080), &(0x7f0000ffb000/0x1000)=nil, &(0x7f00000b0000)=nil, 0x0, &(0x7f0000000040)=<r1=>0x0)
r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x0, 0x0)
io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
syz_io_uring_submit(0x0, r1, 0x0, 0x8001)
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000240)='/proc/stat\x00', 0x0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(r3, 0xc018937c, &(0x7f0000000140)={{0x1, 0x1, 0x18, r2, {0x4}}, './file0\x00'})
r4 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x7fff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r4, 0x81f8943c, &(0x7f0000001280))
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0)
r5 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x26e1, 0x0)
ioctl$FS_IOC_GETFSMAP(r5, 0xc0c0583b, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, '\x00', [{}, {0x0, 0x0, 0x0, 0x0, 0x80000000000000}]})
epoll_ctl$EPOLL_CTL_ADD(r5, 0x1, 0xffffffffffffffff, &(0x7f0000000000)={0x20000000})
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
openat$vcsa(0xffffffffffffff9c, &(0x7f0000001600), 0x400000, 0x0)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)

00:35:44 executing program 7:
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x75, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x26e1, 0x0)
syncfs(r0)

[  100.045948] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  100.047930] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  100.049738] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  100.053197] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  100.054733] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  100.055766] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  100.106053] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  100.108596] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  100.109706] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  100.119258] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  100.120802] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  100.121689] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  100.171871] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  100.178766] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  100.192964] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  100.194301] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  100.204275] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  100.205299] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  100.208682] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  100.216688] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[  100.218366] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  100.230242] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  100.236735] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  100.239416] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  100.244123] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  100.273383] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[  100.274752] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  100.278579] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  100.281470] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[  100.282938] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  100.306800] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  100.325668] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  100.326917] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[  100.337252] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[  100.339405] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  100.342411] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1
[  100.344787] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9
[  100.346367] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9
[  100.349823] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4
[  100.352630] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3
[  100.354032] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  100.355697] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2
[  100.357967] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[  100.364208] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3
[  100.366864] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[  100.367969] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3
[  100.368755] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[  100.374778] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  102.141472] Bluetooth: hci1: command tx timeout
[  102.142260] Bluetooth: hci0: command tx timeout
[  102.269673] Bluetooth: hci2: command tx timeout
[  102.333190] Bluetooth: hci3: command tx timeout
[  102.398138] Bluetooth: hci4: command tx timeout
[  102.398671] Bluetooth: hci6: command tx timeout
[  102.461146] Bluetooth: hci5: command tx timeout
[  102.461622] Bluetooth: hci7: command tx timeout
[  104.189336] Bluetooth: hci0: command tx timeout
[  104.189704] Bluetooth: hci1: command tx timeout
[  104.317387] Bluetooth: hci2: command tx timeout
[  104.381163] Bluetooth: hci3: command tx timeout
[  104.446159] Bluetooth: hci6: command tx timeout
[  104.446491] Bluetooth: hci4: command tx timeout
[  104.509205] Bluetooth: hci7: command tx timeout
[  104.509550] Bluetooth: hci5: command tx timeout
[  106.237272] Bluetooth: hci1: command tx timeout
[  106.237655] Bluetooth: hci0: command tx timeout
[  106.366095] Bluetooth: hci2: command tx timeout
[  106.429170] Bluetooth: hci3: command tx timeout
[  106.493234] Bluetooth: hci4: command tx timeout
[  106.493534] Bluetooth: hci6: command tx timeout
[  106.558144] Bluetooth: hci5: command tx timeout
[  106.558468] Bluetooth: hci7: command tx timeout
[  108.285235] Bluetooth: hci0: command tx timeout
[  108.285593] Bluetooth: hci1: command tx timeout
[  108.413220] Bluetooth: hci2: command tx timeout
[  108.477181] Bluetooth: hci3: command tx timeout
[  108.541172] Bluetooth: hci6: command tx timeout
[  108.541477] Bluetooth: hci4: command tx timeout
[  108.605199] Bluetooth: hci7: command tx timeout
[  108.605506] Bluetooth: hci5: command tx timeout
[  157.819392] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  157.819952] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  158.152537] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  158.153104] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  158.569293] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  158.569779] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  158.589757] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  158.590320] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  159.096161] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  159.096656] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  162.832510] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  162.839244] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  162.843275] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  162.852998] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  162.858880] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  162.861732] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  163.025374] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  163.034865] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  163.037511] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  163.054246] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  163.057595] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  163.059277] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  163.282747] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  163.286930] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  163.289215] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  163.299902] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  163.304708] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[  163.306625] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  163.351372] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  163.362416] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  163.371790] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  163.374485] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  163.376632] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  163.379762] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  163.406255] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  163.419675] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  163.421755] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1
[  163.424842] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  163.426425] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9
[  163.428523] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9
[  163.435908] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4
[  163.438530] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3
[  163.440421] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  163.442515] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2
[  163.447755] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[  163.449793] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  163.467418] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  163.471638] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[  163.477245] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[  163.480377] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[  163.482433] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  163.487538] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[  163.495220] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[  163.506163] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3
[  163.530698] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  163.533539] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[  163.544457] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3
[  163.550845] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  164.925174] Bluetooth: hci0: command tx timeout
[  165.117207] Bluetooth: hci1: command tx timeout
[  165.438160] Bluetooth: hci2: command tx timeout
[  165.502279] Bluetooth: hci7: command tx timeout
[  165.565319] Bluetooth: hci3: command tx timeout
[  165.566214] Bluetooth: hci4: command tx timeout
[  165.630139] Bluetooth: hci6: command tx timeout
[  165.693140] Bluetooth: hci5: command tx timeout
[  166.974223] Bluetooth: hci0: command tx timeout
[  167.167197] Bluetooth: hci1: command tx timeout
[  167.487100] Bluetooth: hci2: command tx timeout
[  167.552092] Bluetooth: hci7: command tx timeout
[  167.614186] Bluetooth: hci3: command tx timeout
[  167.614547] Bluetooth: hci4: command tx timeout
[  167.678179] Bluetooth: hci6: command tx timeout
[  167.742363] Bluetooth: hci5: command tx timeout
[  169.022227] Bluetooth: hci0: command tx timeout
[  169.213266] Bluetooth: hci1: command tx timeout
[  169.535073] Bluetooth: hci2: command tx timeout
[  169.598224] Bluetooth: hci7: command tx timeout
[  169.662221] Bluetooth: hci3: command tx timeout
[  169.662581] Bluetooth: hci4: command tx timeout
[  169.726156] Bluetooth: hci6: command tx timeout
[  169.790104] Bluetooth: hci5: command tx timeout
[  171.069301] Bluetooth: hci0: command tx timeout
[  171.263138] Bluetooth: hci1: command tx timeout
[  171.581187] Bluetooth: hci2: command tx timeout
[  171.645141] Bluetooth: hci7: command tx timeout
[  171.710132] Bluetooth: hci4: command tx timeout
[  171.710474] Bluetooth: hci3: command tx timeout
[  171.774136] Bluetooth: hci6: command tx timeout
[  171.838301] Bluetooth: hci5: command tx timeout
[  218.651232] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  218.651724] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  218.922501] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  218.922968] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  219.445721] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  219.446301] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  219.719800] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  219.720437] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  219.900100] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  219.900553] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  220.089124] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  220.089552] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  220.277862] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  220.278399] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  220.510614] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  220.511108] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  220.679220] loop2: detected capacity change from 0 to 512
[  220.721205] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  220.721676] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  220.737877] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  220.880898] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  221.011996] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  221.012518] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  221.063362] audit: type=1400 audit(1729125466.440:8): avc:  denied  { open } for  pid=7470 comm="syz-executor.5" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1
[  221.067147] audit: type=1400 audit(1729125466.441:9): avc:  denied  { kernel } for  pid=7470 comm="syz-executor.5" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1
[  221.079474] audit: type=1400 audit(1729125466.457:10): avc:  denied  { write } for  pid=7470 comm="syz-executor.5" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1
[  221.098731] hrtimer: interrupt took 28424 ns
[  221.187644] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  221.188165] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  221.309466] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  221.310005] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  221.430406] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  221.430911] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  221.532569] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  221.533097] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  221.591850] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  221.592348] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  221.671959] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  221.672484] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  224.531542] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  224.537521] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  224.541711] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  224.548466] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  224.551525] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  224.554521] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  224.719980] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  224.724650] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  224.731973] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  224.738447] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  224.740941] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[  224.743100] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  224.861200] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[  224.864987] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[  224.868669] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[  224.889751] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[  224.903515] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3
[  224.905420] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[  224.922266] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1
[  224.926671] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9
[  224.929455] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9
[  224.943177] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4
[  224.946354] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3
[  224.953819] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2
[  226.621535] Bluetooth: hci1: command tx timeout
[  226.813165] Bluetooth: hci2: command tx timeout
[  226.941386] Bluetooth: hci6: command tx timeout
[  227.005221] Bluetooth: hci7: command tx timeout
[  228.670200] Bluetooth: hci1: command tx timeout
[  228.861139] Bluetooth: hci2: command tx timeout
[  228.989218] Bluetooth: hci6: command tx timeout
[  229.053123] Bluetooth: hci7: command tx timeout
[  230.717272] Bluetooth: hci1: command tx timeout
[  230.911325] Bluetooth: hci2: command tx timeout
[  231.037370] Bluetooth: hci6: command tx timeout
[  231.101145] Bluetooth: hci7: command tx timeout
[  232.765141] Bluetooth: hci1: command tx timeout
[  232.959052] Bluetooth: hci2: command tx timeout
[  233.086146] Bluetooth: hci6: command tx timeout
[  233.150654] Bluetooth: hci7: command tx timeout
[  252.807123] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  252.807619] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  252.956116] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  252.956608] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  253.560330] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  253.560809] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  253.630467] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  253.630921] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  253.714159] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  253.714657] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  253.763994] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  253.764647] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  253.836090] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  253.836562] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  253.898178] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  253.898683] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
00:38:19 executing program 1:
openat$dir(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x2000, 0x43)
r0 = openat(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x301400, 0x10)
ioctl$CDROMREADMODE1(r0, 0x530d, &(0x7f0000001640)={0x6, 0x9, 0x0, 0x1, 0x6, 0x81})
syz_io_uring_setup(0x101, &(0x7f0000000080), &(0x7f0000ffb000/0x1000)=nil, &(0x7f00000b0000)=nil, 0x0, &(0x7f0000000040)=<r1=>0x0)
r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x0, 0x0)
io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
syz_io_uring_submit(0x0, r1, 0x0, 0x8001)
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000240)='/proc/stat\x00', 0x0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(r3, 0xc018937c, &(0x7f0000000140)={{0x1, 0x1, 0x18, r2, {0x4}}, './file0\x00'})
r4 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x7fff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r4, 0x81f8943c, &(0x7f0000001280))
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0)
r5 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x26e1, 0x0)
ioctl$FS_IOC_GETFSMAP(r5, 0xc0c0583b, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, '\x00', [{}, {0x0, 0x0, 0x0, 0x0, 0x80000000000000}]})
epoll_ctl$EPOLL_CTL_ADD(r5, 0x1, 0xffffffffffffffff, &(0x7f0000000000)={0x20000000})
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
openat$vcsa(0xffffffffffffff9c, &(0x7f0000001600), 0x400000, 0x0)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)

00:38:19 executing program 7:
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x75, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x26e1, 0x0)
syncfs(r0)

00:38:19 executing program 2:
ioperm(0x0, 0xfff, 0x7)
mount_setattr(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)

00:38:19 executing program 6:
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x1378, &(0x7f0000000100), &(0x7f0000ffb000/0x4000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180), &(0x7f00000001c0))
io_uring_register$IORING_REGISTER_BUFFERS(r0, 0x0, &(0x7f00000005c0)=[{&(0x7f0000000040)}], 0x1)

00:38:19 executing program 4:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000300)=[{0xb1}, {0x6}]}, 0x10)

00:38:19 executing program 3:
r0 = add_key$fscrypt_v1(&(0x7f0000000100), &(0x7f0000000140)={'fscrypt:', @desc4}, &(0x7f0000000180)={0x0, "4f86c31dbb85249241d18b1022d2db9fee153f125d88df3bd889fafa60b555a7eb92a9547b98cf488090461ead6c31b6039010119a53ee2519f1187bbb299c72"}, 0x48, 0xfffffffffffffffc)
keyctl$update(0x1d, r0, &(0x7f0000001440)="ce", 0x1)

00:38:19 executing program 5:
openat$dir(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x2000, 0x43)
r0 = openat(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x301400, 0x10)
ioctl$CDROMREADMODE1(r0, 0x530d, &(0x7f0000001640)={0x6, 0x9, 0x0, 0x1, 0x6, 0x81})
syz_io_uring_setup(0x101, &(0x7f0000000080), &(0x7f0000ffb000/0x1000)=nil, &(0x7f00000b0000)=nil, 0x0, &(0x7f0000000040)=<r1=>0x0)
r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x0, 0x0)
io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
syz_io_uring_submit(0x0, r1, 0x0, 0x8001)
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000240)='/proc/stat\x00', 0x0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(r3, 0xc018937c, &(0x7f0000000140)={{0x1, 0x1, 0x18, r2, {0x4}}, './file0\x00'})
r4 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x7fff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r4, 0x81f8943c, &(0x7f0000001280))
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0)
r5 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x26e1, 0x0)
ioctl$FS_IOC_GETFSMAP(r5, 0xc0c0583b, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, '\x00', [{}, {0x0, 0x0, 0x0, 0x0, 0x80000000000000}]})
epoll_ctl$EPOLL_CTL_ADD(r5, 0x1, 0xffffffffffffffff, &(0x7f0000000000)={0x20000000})
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
openat$vcsa(0xffffffffffffff9c, &(0x7f0000001600), 0x400000, 0x0)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)

00:38:19 executing program 0:
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r0, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)={0x1c, 0x19, 0x1, 0x0, 0x0, "", [@typed={0x2, 0x0, 0x0, 0x0, @binary="d8c9310200"}]}, 0x1c}], 0x1}, 0x0)

00:38:20 executing program 6:
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x1378, &(0x7f0000000100), &(0x7f0000ffb000/0x4000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180), &(0x7f00000001c0))
io_uring_register$IORING_REGISTER_BUFFERS(r0, 0x0, &(0x7f00000005c0)=[{&(0x7f0000000040)}], 0x1)

00:38:20 executing program 0:
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r0, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)={0x1c, 0x19, 0x1, 0x0, 0x0, "", [@typed={0x2, 0x0, 0x0, 0x0, @binary="d8c9310200"}]}, 0x1c}], 0x1}, 0x0)

00:38:20 executing program 4:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000300)=[{0xb1}, {0x6}]}, 0x10)

00:38:20 executing program 3:
r0 = add_key$fscrypt_v1(&(0x7f0000000100), &(0x7f0000000140)={'fscrypt:', @desc4}, &(0x7f0000000180)={0x0, "4f86c31dbb85249241d18b1022d2db9fee153f125d88df3bd889fafa60b555a7eb92a9547b98cf488090461ead6c31b6039010119a53ee2519f1187bbb299c72"}, 0x48, 0xfffffffffffffffc)
keyctl$update(0x1d, r0, &(0x7f0000001440)="ce", 0x1)

00:38:20 executing program 2:
ioperm(0x0, 0xfff, 0x7)
mount_setattr(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)

00:38:20 executing program 7:
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x75, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x26e1, 0x0)
syncfs(r0)

00:38:20 executing program 3:
r0 = add_key$fscrypt_v1(&(0x7f0000000100), &(0x7f0000000140)={'fscrypt:', @desc4}, &(0x7f0000000180)={0x0, "4f86c31dbb85249241d18b1022d2db9fee153f125d88df3bd889fafa60b555a7eb92a9547b98cf488090461ead6c31b6039010119a53ee2519f1187bbb299c72"}, 0x48, 0xfffffffffffffffc)
keyctl$update(0x1d, r0, &(0x7f0000001440)="ce", 0x1)

00:38:22 executing program 6:
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x1378, &(0x7f0000000100), &(0x7f0000ffb000/0x4000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180), &(0x7f00000001c0))
io_uring_register$IORING_REGISTER_BUFFERS(r0, 0x0, &(0x7f00000005c0)=[{&(0x7f0000000040)}], 0x1)

00:38:22 executing program 7:
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x75, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x26e1, 0x0)
syncfs(r0)

00:38:22 executing program 0:
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r0, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)={0x1c, 0x19, 0x1, 0x0, 0x0, "", [@typed={0x2, 0x0, 0x0, 0x0, @binary="d8c9310200"}]}, 0x1c}], 0x1}, 0x0)

00:38:22 executing program 3:
msgctl$IPC_RMID(0x0, 0x2)

00:38:22 executing program 4:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000300)=[{0xb1}, {0x6}]}, 0x10)

00:38:22 executing program 2:
ioperm(0x0, 0xfff, 0x7)
mount_setattr(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)

00:38:22 executing program 1:
openat$dir(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x2000, 0x43)
r0 = openat(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x301400, 0x10)
ioctl$CDROMREADMODE1(r0, 0x530d, &(0x7f0000001640)={0x6, 0x9, 0x0, 0x1, 0x6, 0x81})
syz_io_uring_setup(0x101, &(0x7f0000000080), &(0x7f0000ffb000/0x1000)=nil, &(0x7f00000b0000)=nil, 0x0, &(0x7f0000000040)=<r1=>0x0)
r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x0, 0x0)
io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
syz_io_uring_submit(0x0, r1, 0x0, 0x8001)
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000240)='/proc/stat\x00', 0x0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(r3, 0xc018937c, &(0x7f0000000140)={{0x1, 0x1, 0x18, r2, {0x4}}, './file0\x00'})
r4 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x7fff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r4, 0x81f8943c, &(0x7f0000001280))
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0)
r5 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x26e1, 0x0)
ioctl$FS_IOC_GETFSMAP(r5, 0xc0c0583b, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, '\x00', [{}, {0x0, 0x0, 0x0, 0x0, 0x80000000000000}]})
epoll_ctl$EPOLL_CTL_ADD(r5, 0x1, 0xffffffffffffffff, &(0x7f0000000000)={0x20000000})
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
openat$vcsa(0xffffffffffffff9c, &(0x7f0000001600), 0x400000, 0x0)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)

00:38:22 executing program 5:
openat$dir(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x2000, 0x43)
r0 = openat(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x301400, 0x10)
ioctl$CDROMREADMODE1(r0, 0x530d, &(0x7f0000001640)={0x6, 0x9, 0x0, 0x1, 0x6, 0x81})
syz_io_uring_setup(0x101, &(0x7f0000000080), &(0x7f0000ffb000/0x1000)=nil, &(0x7f00000b0000)=nil, 0x0, &(0x7f0000000040)=<r1=>0x0)
r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x0, 0x0)
io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
syz_io_uring_submit(0x0, r1, 0x0, 0x8001)
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000240)='/proc/stat\x00', 0x0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(r3, 0xc018937c, &(0x7f0000000140)={{0x1, 0x1, 0x18, r2, {0x4}}, './file0\x00'})
r4 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x7fff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r4, 0x81f8943c, &(0x7f0000001280))
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0)
r5 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x26e1, 0x0)
ioctl$FS_IOC_GETFSMAP(r5, 0xc0c0583b, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, '\x00', [{}, {0x0, 0x0, 0x0, 0x0, 0x80000000000000}]})
epoll_ctl$EPOLL_CTL_ADD(r5, 0x1, 0xffffffffffffffff, &(0x7f0000000000)={0x20000000})
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
openat$vcsa(0xffffffffffffff9c, &(0x7f0000001600), 0x400000, 0x0)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)

00:38:22 executing program 3:
syz_mount_image$tmpfs(0x0, &(0x7f0000000700)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
stat(&(0x7f0000000240)='./file0\x00', &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, <r0=>0x0})
setresuid(0x0, r0, 0x0)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_inet6_SIOCSIFADDR(r1, 0x8936, 0x0)

00:38:22 executing program 2:
ioperm(0x0, 0xfff, 0x7)
mount_setattr(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)

00:38:22 executing program 4:
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$netlink(r0, &(0x7f0000001480)={0x0, 0x0, &(0x7f00000012c0)=[{&(0x7f00000014c0)={0x1c, 0x1a, 0x1, 0x0, 0x0, "", [@generic="801e15479665ae6bae"]}, 0x1c}], 0x1}, 0x0)

00:38:22 executing program 6:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000700)={0x0, 0x0, &(0x7f00000006c0)={&(0x7f0000000740)=@acquire={0x1ac, 0x17, 0x1, 0x0, 0x0, {{@in=@loopback}, @in=@private, {@in=@broadcast, @in=@dev}, {{@in=@dev, @in=@multicast2, 0x0, 0x0, 0x0, 0x0, 0xa}}}, [@tmpl={0x84, 0x5, [{{@in6=@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x0, 0x2b}, 0x0, @in=@multicast2}, {{@in=@loopback}, 0x0, @in6=@empty}]}]}, 0x1ac}}, 0x0)

00:38:22 executing program 0:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000540), r1)
sendmsg$NLBL_MGMT_C_ADDDEF(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000580)={0x14, r2, 0x1}, 0x14}}, 0x0)

00:38:23 executing program 0:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000540), r1)
sendmsg$NLBL_MGMT_C_ADDDEF(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000580)={0x14, r2, 0x1}, 0x14}}, 0x0)

00:38:23 executing program 0:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000540), r1)
sendmsg$NLBL_MGMT_C_ADDDEF(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000580)={0x14, r2, 0x1}, 0x14}}, 0x0)

00:38:23 executing program 3:
syz_mount_image$tmpfs(0x0, &(0x7f0000000700)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
stat(&(0x7f0000000240)='./file0\x00', &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, <r0=>0x0})
setresuid(0x0, r0, 0x0)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_inet6_SIOCSIFADDR(r1, 0x8936, 0x0)

00:38:23 executing program 3:
syz_mount_image$tmpfs(0x0, &(0x7f0000000700)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
stat(&(0x7f0000000240)='./file0\x00', &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, <r0=>0x0})
setresuid(0x0, r0, 0x0)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_inet6_SIOCSIFADDR(r1, 0x8936, 0x0)

00:38:24 executing program 6:
syz_mount_image$tmpfs(0x0, &(0x7f0000000700)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
stat(&(0x7f0000000240)='./file0\x00', &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, <r0=>0x0})
setresuid(0x0, r0, 0x0)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_inet6_SIOCSIFADDR(r1, 0x8936, 0x0)

00:38:24 executing program 3:
syz_mount_image$tmpfs(0x0, &(0x7f0000000700)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
stat(&(0x7f0000000240)='./file0\x00', &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, <r0=>0x0})
setresuid(0x0, r0, 0x0)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_inet6_SIOCSIFADDR(r1, 0x8936, 0x0)

00:38:41 executing program 1:
openat$dir(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x2000, 0x43)
r0 = openat(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x301400, 0x10)
ioctl$CDROMREADMODE1(r0, 0x530d, &(0x7f0000001640)={0x6, 0x9, 0x0, 0x1, 0x6, 0x81})
syz_io_uring_setup(0x101, &(0x7f0000000080), &(0x7f0000ffb000/0x1000)=nil, &(0x7f00000b0000)=nil, 0x0, &(0x7f0000000040)=<r1=>0x0)
r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x0, 0x0)
io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
syz_io_uring_submit(0x0, r1, 0x0, 0x8001)
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000240)='/proc/stat\x00', 0x0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(r3, 0xc018937c, &(0x7f0000000140)={{0x1, 0x1, 0x18, r2, {0x4}}, './file0\x00'})
r4 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x7fff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r4, 0x81f8943c, &(0x7f0000001280))
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0)
r5 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x26e1, 0x0)
ioctl$FS_IOC_GETFSMAP(r5, 0xc0c0583b, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, '\x00', [{}, {0x0, 0x0, 0x0, 0x0, 0x80000000000000}]})
epoll_ctl$EPOLL_CTL_ADD(r5, 0x1, 0xffffffffffffffff, &(0x7f0000000000)={0x20000000})
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
openat$vcsa(0xffffffffffffff9c, &(0x7f0000001600), 0x400000, 0x0)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)

00:38:41 executing program 4:
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$netlink(r0, &(0x7f0000001480)={0x0, 0x0, &(0x7f00000012c0)=[{&(0x7f00000014c0)={0x1c, 0x1a, 0x1, 0x0, 0x0, "", [@generic="801e15479665ae6bae"]}, 0x1c}], 0x1}, 0x0)

00:38:41 executing program 7:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
r0 = semget$private(0x0, 0x4, 0x0)
semtimedop(r0, &(0x7f0000000000)=[{}], 0x1, 0x0)

00:38:41 executing program 0:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000540), r1)
sendmsg$NLBL_MGMT_C_ADDDEF(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000580)={0x14, r2, 0x1}, 0x14}}, 0x0)

00:38:41 executing program 6:
syz_mount_image$tmpfs(0x0, &(0x7f0000000700)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
stat(&(0x7f0000000240)='./file0\x00', &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, <r0=>0x0})
setresuid(0x0, r0, 0x0)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_inet6_SIOCSIFADDR(r1, 0x8936, 0x0)

00:38:41 executing program 3:
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x17f}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000580)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, @perf_config_ext={0x1, 0x40}, 0x0, 0x0, 0x9, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000040)=0x1, 0x4)
setsockopt$inet6_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f00000018c0)=0x1, 0x4)
connect$inet6(r0, &(0x7f0000000080)={0xa, 0x1, 0x0, @loopback}, 0x1c)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x1c1042, 0x0)
r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000300)='/proc/diskstats\x00', 0x0, 0x0)
sendfile(r1, r2, 0x0, 0x10000027f)
r3 = socket$inet6_udp(0xa, 0x2, 0x0)
r4 = dup(r3)
connect$inet6(r4, &(0x7f0000000200)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @loopback}}, 0x1c)
sendmmsg$inet6(r4, &(0x7f00000007c0)=[{{0x0, 0x0, 0x0}}, {{&(0x7f0000000280)={0xa, 0x4e21, 0x0, @mcast1, 0x1000}, 0x1c, 0x0, 0x0, &(0x7f00000005c0)=[@pktinfo={{0x24, 0x29, 0x32, {@private2}}}], 0x28}}], 0x2, 0x0)

00:38:41 executing program 5:
openat$dir(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x2000, 0x43)
r0 = openat(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x301400, 0x10)
ioctl$CDROMREADMODE1(r0, 0x530d, &(0x7f0000001640)={0x6, 0x9, 0x0, 0x1, 0x6, 0x81})
syz_io_uring_setup(0x101, &(0x7f0000000080), &(0x7f0000ffb000/0x1000)=nil, &(0x7f00000b0000)=nil, 0x0, &(0x7f0000000040)=<r1=>0x0)
r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x0, 0x0)
io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
syz_io_uring_submit(0x0, r1, 0x0, 0x8001)
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000240)='/proc/stat\x00', 0x0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(r3, 0xc018937c, &(0x7f0000000140)={{0x1, 0x1, 0x18, r2, {0x4}}, './file0\x00'})
r4 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x7fff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r4, 0x81f8943c, &(0x7f0000001280))
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0)
r5 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x26e1, 0x0)
ioctl$FS_IOC_GETFSMAP(r5, 0xc0c0583b, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, '\x00', [{}, {0x0, 0x0, 0x0, 0x0, 0x80000000000000}]})
epoll_ctl$EPOLL_CTL_ADD(r5, 0x1, 0xffffffffffffffff, &(0x7f0000000000)={0x20000000})
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
openat$vcsa(0xffffffffffffff9c, &(0x7f0000001600), 0x400000, 0x0)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)

00:38:41 executing program 2:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000680)=@newpolicy={0xb8, 0x13, 0x221, 0x0, 0x0, {{@in=@private, @in6=@dev, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x80}}}, 0xb8}}, 0x0)

00:38:42 executing program 6:
syz_mount_image$tmpfs(0x0, &(0x7f0000000700)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
stat(&(0x7f0000000240)='./file0\x00', &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, <r0=>0x0})
setresuid(0x0, r0, 0x0)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_inet6_SIOCSIFADDR(r1, 0x8936, 0x0)

00:38:42 executing program 2:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000680)=@newpolicy={0xb8, 0x13, 0x221, 0x0, 0x0, {{@in=@private, @in6=@dev, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x80}}}, 0xb8}}, 0x0)

00:38:42 executing program 7:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
r0 = semget$private(0x0, 0x4, 0x0)
semtimedop(r0, &(0x7f0000000000)=[{}], 0x1, 0x0)

00:38:42 executing program 0:
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000380)={'lo\x00', &(0x7f0000000300)=@ethtool_gfeatures={0x3a, 0x1, [{}]}})

00:38:42 executing program 2:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000680)=@newpolicy={0xb8, 0x13, 0x221, 0x0, 0x0, {{@in=@private, @in6=@dev, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x80}}}, 0xb8}}, 0x0)

00:38:42 executing program 7:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
r0 = semget$private(0x0, 0x4, 0x0)
semtimedop(r0, &(0x7f0000000000)=[{}], 0x1, 0x0)

00:38:42 executing program 2:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000680)=@newpolicy={0xb8, 0x13, 0x221, 0x0, 0x0, {{@in=@private, @in6=@dev, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x80}}}, 0xb8}}, 0x0)

00:38:42 executing program 7:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
r0 = semget$private(0x0, 0x4, 0x0)
semtimedop(r0, &(0x7f0000000000)=[{}], 0x1, 0x0)

00:38:43 executing program 6:
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000004c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
write(r0, &(0x7f0000000040)="98", 0x1)
setsockopt$sock_int(r1, 0x1, 0x2a, &(0x7f0000000000), 0x4)
recvmsg(r1, &(0x7f0000000780)={0x0, 0x0, 0x0}, 0x0)

00:38:43 executing program 4:
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$netlink(r0, &(0x7f0000001480)={0x0, 0x0, &(0x7f00000012c0)=[{&(0x7f00000014c0)={0x1c, 0x1a, 0x1, 0x0, 0x0, "", [@generic="801e15479665ae6bae"]}, 0x1c}], 0x1}, 0x0)

00:38:43 executing program 2:
r0 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8931, &(0x7f0000000040)={'wlan0\x00'})

00:38:43 executing program 7:
syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
stat(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, <r0=>0x0})
setresuid(0x0, r0, 0x0)
setpriority(0x0, 0x0, 0x0)

00:38:43 executing program 0:
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xa7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
open_by_handle_at(0xffffffffffffffff, 0x0, 0x0)

00:38:54 executing program 6:
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000004c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
write(r0, &(0x7f0000000040)="98", 0x1)
setsockopt$sock_int(r1, 0x1, 0x2a, &(0x7f0000000000), 0x4)
recvmsg(r1, &(0x7f0000000780)={0x0, 0x0, 0x0}, 0x0)

[  289.470127] Bluetooth: hci0: command 0x0406 tx timeout
[  289.471168] Bluetooth: hci4: command 0x0406 tx timeout
[  289.471979] Bluetooth: hci5: command 0x0406 tx timeout
[  289.472840] Bluetooth: hci3: command 0x0406 tx timeout
[  316.782422] watchdog: BUG: soft lockup - CPU#0 stuck for 27s! [syz-executor.5:9418]
[  316.782940] Modules linked in:
[  316.783175] irq event stamp: 5877153
[  316.783418] hardirqs last  enabled at (5877152): [<ffffffff8482356b>] irqentry_exit+0x3b/0x90
[  316.783997] hardirqs last disabled at (5877153): [<ffffffff84821f2f>] sysvec_apic_timer_interrupt+0xf/0x80
[  316.784614] softirqs last  enabled at (5839768): [<ffffffff811a7dec>] handle_softirqs+0x50c/0x770
[  316.788637] softirqs last disabled at (5839771): [<ffffffff811a87f4>] irq_exit_rcu+0x94/0xc0
[  316.789180] CPU: 0 UID: 0 PID: 9418 Comm: syz-executor.5 Not tainted 6.12.0-rc3-next-20241016 #1
[  316.789732] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  316.790240] RIP: 0010:kasan_check_range+0x107/0x1b0
[  316.790596] Code: 74 f2 48 89 c2 b8 01 00 00 00 48 85 d2 0f 84 4c ff ff ff 41 83 e2 07 49 39 d1 0f 85 34 ff ff ff 45 3a 11 0f 8d 2b ff ff ff 5b <b8> 01 00 00 00 5d 41 5c e9 4c 3f f9 02 41 bc 08 00 00 00 48 89 ea
[  316.791675] RSP: 0018:ffff88806ce09a88 EFLAGS: 00000246
[  316.792026] RAX: ffffed1002c471ec RBX: ffff888016843060 RCX: ffffffff83387c38
[  316.792470] RDX: ffffed1002c471ec RSI: 0000000000000006 RDI: ffff888016238f54
[  316.792924] RBP: ffffed1002c471ea R08: 0000000000000000 R09: ffffed1002c471eb
[  316.793372] R10: ffff888016238f59 R11: 0000000000000000 R12: 0000000000000006
[  316.793824] R13: ffff88806ce09ae0 R14: ffff88803e36b2f8 R15: ffff88803e2b41b0
[  316.794272] FS:  00007ffae12e7700(0000) GS:ffff88806ce00000(0000) knlGS:0000000000000000
[  316.794776] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  316.795149] CR2: 0000001b30322000 CR3: 00000000360e4000 CR4: 0000000000350ef0
[  316.795603] Call Trace:
[  316.795784]  <IRQ>
[  316.795947]  ? watchdog_timer_fn+0x3ee/0x510
[  316.796262]  ? __pfx_watchdog_timer_fn+0x10/0x10
[  316.796607]  ? __hrtimer_run_queues+0x57c/0xa70
[  316.796949]  ? __pfx___hrtimer_run_queues+0x10/0x10
[  316.797291]  ? ktime_get_update_offsets_now+0x260/0x3c0
[  316.797685]  ? hrtimer_interrupt+0x2f2/0x750
[  316.798023]  ? __sysvec_apic_timer_interrupt+0xc2/0x390
[  316.798389]  ? sysvec_apic_timer_interrupt+0x34/0x80
[  316.798752]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  316.799145]  ? mac80211_hwsim_addr_match+0xf8/0x180
[  316.799510]  ? kasan_check_range+0x107/0x1b0
[  316.799834]  __asan_memcpy+0x24/0x60
[  316.800121]  mac80211_hwsim_addr_match+0xf8/0x180
[  316.800471]  ? __pfx_mac80211_hwsim_addr_match+0x10/0x10
[  316.800849]  ? skb_copy_header+0x20/0x2b0
[  316.801145]  ? srso_return_thunk+0x5/0x5f
[  316.801463]  ? skb_copy+0x2f6/0x3b0
[  316.801734]  mac80211_hwsim_tx_frame_no_nl.isra.0+0xb21/0x1320
[  316.802154]  ? __pfx_mac80211_hwsim_tx_frame_no_nl.isra.0+0x10/0x10
[  316.802578]  ? __mac80211_hwsim_beacon_tx.part.0+0x1e6/0x5c0
[  316.802972]  ? srso_return_thunk+0x5/0x5f
[  316.803295]  ? srso_return_thunk+0x5/0x5f
[  316.803606]  ? srso_return_thunk+0x5/0x5f
[  316.803917]  ? mac80211_hwsim_monitor_rx+0x1be/0x820
[  316.804296]  mac80211_hwsim_tx_frame+0x1ee/0x2a0
[  316.804633]  mac80211_hwsim_beacon_tx+0x546/0x950
[  316.804967]  ? srso_return_thunk+0x5/0x5f
[  316.805282]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  316.805642]  ? srso_return_thunk+0x5/0x5f
[  316.805957]  ? srso_return_thunk+0x5/0x5f
[  316.806276]  __iterate_interfaces+0x2cb/0x5d0
[  316.806596]  ? __pfx_mac80211_hwsim_beacon_tx+0x10/0x10
[  316.806958]  ? __pfx_mac80211_hwsim_beacon_tx+0x10/0x10
[  316.807327]  ieee80211_iterate_active_interfaces_atomic+0x71/0x1b0
[  316.807757]  mac80211_hwsim_beacon+0x105/0x200
[  316.808089]  ? __pfx_mac80211_hwsim_beacon+0x10/0x10
[  316.808456]  __hrtimer_run_queues+0x1ab/0xa70
[  316.808795]  ? __pfx___hrtimer_run_queues+0x10/0x10
[  316.809137]  ? ktime_get_update_offsets_now+0x260/0x3c0
[  316.809540]  hrtimer_run_softirq+0x14c/0x310
[  316.809860]  handle_softirqs+0x1b1/0x770
[  316.810158]  irq_exit_rcu+0x94/0xc0
[  316.810420]  sysvec_apic_timer_interrupt+0x70/0x80
[  316.810771]  </IRQ>
[  316.810933]  <TASK>
[  316.811100]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  316.811477] RIP: 0010:qlist_free_all+0xa9/0x160
[  316.811816] Code: 03 48 01 ca 48 c1 ea 0c 48 c1 e2 06 48 03 15 d6 ed f1 03 48 8b 72 08 48 89 d1 40 f6 c6 01 0f 85 a1 00 00 00 66 90 80 79 33 f5 <ba> 00 00 00 00 48 0f 45 ca 48 8b 69 08 e9 63 ff ff ff 48 83 7d 48
[  316.812894] RSP: 0018:ffff88803d2d7330 EFLAGS: 00000246
[  316.813249] RAX: ffff8880405d0000 RBX: ffff8880405d0000 RCX: ffffea0001017400
[  316.813699] RDX: ffffea0001017400 RSI: ffff888009402280 RDI: 0000000000080000
[  316.814150] RBP: 0000000000000000 R08: ffff888009dc2ae0 R09: 0000000000800008
[  316.814595] R10: ffffea0000277000 R11: 0000000000000000 R12: 0000000000000000
[  316.815039] R13: ffff88803d2d7368 R14: ffff888009dc2ae0 R15: ffff888009dc2ae0
[  316.815519]  kasan_quarantine_reduce+0x19c/0x230
[  316.815873]  __kasan_kmalloc+0x6f/0x90
[  316.816174]  __kmalloc_node_track_caller_noprof+0x1ef/0x490
[  316.816564]  ? __pfx___register_sysctl_table+0x10/0x10
[  316.816927]  ? register_net_sysctl_sz+0x82/0x290
[  316.817281]  ? __x86_indirect_jump_thunk_r12+0x20/0x20
[  316.817656]  ? __devinet_sysctl_register+0x98/0x290
[  316.818018]  kmemdup_noprof+0x2c/0x60
[  316.818290]  __devinet_sysctl_register+0x98/0x290
[  316.818639]  ? __pfx___devinet_sysctl_register+0x10/0x10
[  316.819017]  ? srso_return_thunk+0x5/0x5f
[  316.819338]  ? mark_held_locks+0x9e/0xe0
[  316.819651]  ? srso_return_thunk+0x5/0x5f
[  316.819962]  ? lockdep_hardirqs_on_prepare+0x262/0x3f0
[  316.820342]  devinet_sysctl_register+0x180/0x210
[  316.820691]  inetdev_init+0x268/0x550
[  316.820981]  inetdev_event+0xcd9/0x17f0
[  316.821277]  ? srso_return_thunk+0x5/0x5f
[  316.821590]  ? lockdep_hardirqs_on_prepare+0x262/0x3f0
[  316.821965]  ? srso_return_thunk+0x5/0x5f
[  316.822280]  ? __pfx_inetdev_event+0x10/0x10
[  316.822610]  ? srso_return_thunk+0x5/0x5f
[  316.822928]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  316.823309]  raw_notifier_call_chain+0xd6/0x140
[  316.823640]  call_netdevice_notifiers_info+0xbe/0x140
[  316.824005]  register_netdevice+0x1559/0x1ab0
[  316.824330]  ? __pfx_register_netdevice+0x10/0x10
[  316.824664]  ? __kvmalloc_node_noprof+0x180/0x200
[  316.825013]  ? srso_return_thunk+0x5/0x5f
[  316.825321]  ? alloc_netdev_mqs+0xddc/0x1250
[  316.825635]  register_netdev+0x31/0x60
[  316.825918]  sit_init_net+0x28b/0x5c0
[  316.826221]  ? __pfx_sit_init_net+0x10/0x10
[  316.826541]  ops_init+0x1e1/0x650
[  316.826821]  setup_net+0x1d7/0x7a0
[  316.827092]  ? srso_return_thunk+0x5/0x5f
[  316.827414]  ? __pfx_setup_net+0x10/0x10
[  316.827713]  ? __pfx_down_read_killable+0x10/0x10
[  316.828045]  ? __raw_spin_lock_init+0x3a/0x110
[  316.828367]  ? srso_return_thunk+0x5/0x5f
[  316.828679]  ? debug_mutex_init+0x37/0x70
[  316.828985]  copy_net_ns+0x2e3/0x6f0
[  316.829273]  create_new_namespaces+0x3f6/0xaf0
[  316.829629]  copy_namespaces+0x45c/0x580
[  316.829943]  copy_process+0x2704/0x8e00
[  316.830239]  ? __pfx___lock_acquire+0x10/0x10
[  316.830574]  ? srso_return_thunk+0x5/0x5f
[  316.830912]  ? __pfx_copy_process+0x10/0x10
[  316.831228]  ? __pfx_lock_release+0x10/0x10
[  316.831552]  ? trace_lock_acquire+0x137/0x1b0
[  316.831880]  ? srso_return_thunk+0x5/0x5f
[  316.832197]  ? lock_acquire+0x32/0xc0
[  316.832489]  ? __might_fault+0xe0/0x190
[  316.832779]  ? __might_fault+0xe0/0x190
[  316.833073]  ? srso_return_thunk+0x5/0x5f
[  316.833388]  ? _copy_from_user+0x5c/0xf0
[  316.833699]  kernel_clone+0xeb/0x850
[  316.833977]  ? srso_return_thunk+0x5/0x5f
[  316.834288]  ? find_held_lock+0x2c/0x110
[  316.834584]  ? __pfx_kernel_clone+0x10/0x10
[  316.834889]  ? task_mm_cid_work+0x32c/0x8b0
[  316.835234]  ? srso_return_thunk+0x5/0x5f
[  316.835545]  ? srso_return_thunk+0x5/0x5f
[  316.835861]  __do_sys_clone3+0x1d5/0x250
[  316.836154]  ? __pfx___do_sys_clone3+0x10/0x10
[  316.836479]  ? task_mm_cid_work+0x211/0x8b0
[  316.836824]  ? srso_return_thunk+0x5/0x5f
[  316.837139]  ? blkcg_maybe_throttle_current+0x2cd/0xe40
[  316.837521]  ? srso_return_thunk+0x5/0x5f
[  316.837834]  ? task_work_run+0x202/0x280
[  316.838132]  ? srso_return_thunk+0x5/0x5f
[  316.838443]  ? xfd_validate_state+0x51/0x180
[  316.838766]  ? srso_return_thunk+0x5/0x5f
[  316.839080]  ? trace_x86_fpu_regs_activated+0x135/0x190
[  316.839485]  do_syscall_64+0xbf/0x1d0
[  316.839759]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  316.840122] RIP: 0033:0x7ffae3d92b19
[  316.840377] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  316.841462] RSP: 002b:00007ffae12e7188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3
[  316.841951] RAX: ffffffffffffffda RBX: 00007ffae3ea6020 RCX: 00007ffae3d92b19
[  316.842394] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020004c00
[  316.842836] RBP: 00007ffae3decf6d R08: 0000000000000000 R09: 0000000000000000
[  316.843284] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  316.843728] R13: 00007fff96c13c3f R14: 00007ffae12e7300 R15: 0000000000022000
[  316.844203]  </TASK>
[  316.844371] Sending NMI from CPU 0 to CPUs 1:
[  316.844679] NMI backtrace for cpu 1
[  316.844722] CPU: 1 UID: 0 PID: 0 Comm: swapper/1 Not tainted 6.12.0-rc3-next-20241016 #1
[  316.844808] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  316.844846] RIP: 0010:queued_spin_lock_slowpath+0xb3/0xb60
[  316.844977] Code: 49 c1 ee 03 41 83 e5 07 48 b8 00 00 00 00 00 fc ff df 49 01 c6 41 83 c5 03 be 04 00 00 00 48 89 ef e8 d1 e4 06 fd 41 0f b6 06 <41> 38 c5 7c 08 84 c0 0f 85 48 09 00 00 8b 45 00 89 44 24 38 85 c0
[  316.845054] RSP: 0018:ffff88806cf099f8 EFLAGS: 00000246
[  316.845112] RAX: 0000000000000000 RBX: 0000000000000001 RCX: ffffffff84845a6f
[  316.845161] RDX: fffffbfff0c1a969 RSI: 0000000000000004 RDI: ffffffff860d4b40
[  316.845211] RBP: ffffffff860d4b40 R08: 0000000000000000 R09: fffffbfff0c1a968
[  316.845261] R10: ffffffff860d4b43 R11: 5050505000000011 R12: 1ffff1100d9e1340
[  316.845313] R13: 0000000000000003 R14: fffffbfff0c1a968 R15: ffff88806cf09a30
[  316.845365] FS:  0000000000000000(0000) GS:ffff88806cf00000(0000) knlGS:0000000000000000
[  316.845433] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  316.845487] CR2: 00007f98dd70a418 CR3: 0000000013aca000 CR4: 0000000000350ef0
[  316.845537] Call Trace:
[  316.845556]  <NMI>
[  316.845581]  ? nmi_cpu_backtrace+0x179/0x260
[  316.845691]  ? nmi_cpu_backtrace_handler+0xc/0x20
[  316.845813]  ? nmi_handle+0x1a1/0x550
[  316.845933]  ? queued_spin_lock_slowpath+0xb3/0xb60
[  316.846048]  ? queued_spin_lock_slowpath+0xb3/0xb60
[  316.846163]  ? default_do_nmi+0x64/0x1c0
[  316.846258]  ? exc_nmi+0x188/0x1c0
[  316.846349]  ? end_repeat_nmi+0xf/0x53
[  316.846474]  ? queued_spin_lock_slowpath+0xaf/0xb60
[  316.846591]  ? queued_spin_lock_slowpath+0xb3/0xb60
[  316.846709]  ? queued_spin_lock_slowpath+0xb3/0xb60
[  316.846829]  ? queued_spin_lock_slowpath+0xb3/0xb60
[  316.846946]  </NMI>
[  316.846967]  <IRQ>
[  316.846991]  ? __pfx_queued_spin_lock_slowpath+0x10/0x10
[  316.847109]  ? srso_return_thunk+0x5/0x5f
[  316.847260]  do_raw_spin_lock+0x1de/0x270
[  316.847343]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  316.847426]  ? lock_acquire+0x32/0xc0
[  316.847543]  ? mac80211_hwsim_tx_frame_no_nl.isra.0+0x6d1/0x1320
[  316.847650]  mac80211_hwsim_tx_frame_no_nl.isra.0+0x6d1/0x1320
[  316.847747]  ? __mac80211_hwsim_beacon_tx.part.0+0x1e6/0x5c0
[  316.847848]  ? __pfx_lock_release+0x10/0x10
[  316.847966]  ? srso_return_thunk+0x5/0x5f
[  316.848086]  ? trace_lock_acquire+0x137/0x1b0
[  316.848182]  ? __pfx_mac80211_hwsim_tx_frame_no_nl.isra.0+0x10/0x10
[  316.848282]  ? srso_return_thunk+0x5/0x5f
[  316.848413]  ? srso_return_thunk+0x5/0x5f
[  316.848534]  ? srso_return_thunk+0x5/0x5f
[  316.848657]  ? srso_return_thunk+0x5/0x5f
[  316.848778]  ? mac80211_hwsim_monitor_rx+0x1be/0x820
[  316.848913]  mac80211_hwsim_tx_frame+0x1ee/0x2a0
[  316.849006]  mac80211_hwsim_beacon_tx+0x546/0x950
[  316.849100]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  316.849225]  ? srso_return_thunk+0x5/0x5f
[  316.849346]  ? srso_return_thunk+0x5/0x5f
[  316.849474]  __iterate_interfaces+0x2cb/0x5d0
[  316.849571]  ? __pfx_mac80211_hwsim_beacon_tx+0x10/0x10
[  316.849665]  ? __pfx_mac80211_hwsim_beacon_tx+0x10/0x10
[  316.849755]  ieee80211_iterate_active_interfaces_atomic+0x71/0x1b0
[  316.849870]  mac80211_hwsim_beacon+0x105/0x200
[  316.849985]  ? __pfx_mac80211_hwsim_beacon+0x10/0x10
[  316.850107]  __hrtimer_run_queues+0x1ab/0xa70
[  316.850212]  ? __pfx___hrtimer_run_queues+0x10/0x10
[  316.850300]  ? ktime_get_update_offsets_now+0x260/0x3c0
[  316.850443]  hrtimer_run_softirq+0x14c/0x310
[  316.850537]  handle_softirqs+0x1b1/0x770
[  316.850622]  irq_exit_rcu+0x94/0xc0
[  316.850692]  sysvec_apic_timer_interrupt+0x70/0x80
[  316.850806]  </IRQ>
[  316.850827]  <TASK>
[  316.850851]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  316.850968] RIP: 0010:default_idle+0x1e/0x30
[  316.851044] Code: 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 0f 1f 44 00 00 eb 0c 0f 1f 44 00 00 0f 00 2d 69 41 40 00 0f 1f 44 00 00 fb f4 <fa> e9 5c 28 02 00 66 66 2e 0f 1f 84 00 00 00 00 00 90 90 90 90 90
[  316.851114] RSP: 0018:ffff8880096c7e68 EFLAGS: 00000202
[  316.851177] RAX: 000000000011a489 RBX: 0000000000000001 RCX: ffffffff848238d7
[  316.851226] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffffff812ad1ed
[  316.851275] RBP: dffffc0000000000 R08: 0000000000000001 R09: ffffed100d9e6c70
[  316.851325] R10: ffff88806cf36383 R11: 0000000000000000 R12: ffffffff863f2748
[  316.851375] R13: 1ffff110012d8fd2 R14: 0000000000000000 R15: 0000000000000000
[  316.851437]  ? ct_kernel_exit.constprop.0+0x127/0x150
[  316.851567]  ? do_idle+0x2fd/0x3b0
[  316.851659]  ? srso_return_thunk+0x5/0x5f
[  316.851780]  default_idle_call+0x6d/0xb0
[  316.851854]  do_idle+0x2fd/0x3b0
[  316.851942]  ? __pfx_do_idle+0x10/0x10
[  316.852044]  cpu_startup_entry+0x4f/0x60
[  316.852135]  start_secondary+0x1c1/0x220
[  316.852252]  common_startup_64+0x12c/0x138
[  316.852360]  </TASK>
00:39:22 executing program 0:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000200)={{{@in6=@remote, @in6=@private0, 0x0, 0x0, 0x0, 0x0, 0xa, 0x30, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {}, {}, 0x0, 0x0, 0x1}, {{@in6=@loopback, 0x0, 0x32}, 0x0, @in=@empty}}, 0xe8)
sendmmsg$inet6(r0, &(0x7f00000003c0)=[{{&(0x7f0000000000)={0xa, 0x4e26, 0x0, @ipv4={'\x00', '\xff\xff', @dev}}, 0x1c, 0x0}}, {{&(0x7f0000000300)={0xa, 0x4e20, 0x0, @remote}, 0x1c, 0x0}}], 0x2, 0x0)

00:39:22 executing program 6:
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000004c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
write(r0, &(0x7f0000000040)="98", 0x1)
setsockopt$sock_int(r1, 0x1, 0x2a, &(0x7f0000000000), 0x4)
recvmsg(r1, &(0x7f0000000780)={0x0, 0x0, 0x0}, 0x0)

00:39:22 executing program 3:
connect$inet6(0xffffffffffffffff, &(0x7f0000000240)={0xa, 0x0, 0x0, @mcast1}, 0x1c)
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000580)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x240, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="eb3c906d6b66732e66617400020801000440008000f801", 0x17}, {&(0x7f0000000340), 0x0, 0xa04}], 0x0, &(0x7f0000000080))

00:39:22 executing program 1:
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r0, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)={0x18, 0x1d, 0x1, 0x0, 0x0, "", [@typed={0x7, 0x0, 0x0, 0x0, @binary="d8c931"}]}, 0x18}], 0x1}, 0x0)

00:39:22 executing program 7:
syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
stat(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, <r0=>0x0})
setresuid(0x0, r0, 0x0)
setpriority(0x0, 0x0, 0x0)

00:39:22 executing program 4:
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$netlink(r0, &(0x7f0000001480)={0x0, 0x0, &(0x7f00000012c0)=[{&(0x7f00000014c0)={0x1c, 0x1a, 0x1, 0x0, 0x0, "", [@generic="801e15479665ae6bae"]}, 0x1c}], 0x1}, 0x0)

00:39:22 executing program 2:
r0 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8931, &(0x7f0000000040)={'wlan0\x00'})

00:39:22 executing program 6:
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000004c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
write(r0, &(0x7f0000000040)="98", 0x1)
setsockopt$sock_int(r1, 0x1, 0x2a, &(0x7f0000000000), 0x4)
recvmsg(r1, &(0x7f0000000780)={0x0, 0x0, 0x0}, 0x0)

00:39:22 executing program 5:
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
getpgid(0xffffffffffffffff)
perf_event_open(&(0x7f0000000580)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, @perf_bp={0x0, 0xa}, 0x4010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
io_setup(0x3ff, &(0x7f0000000140)=<r0=>0x0)
recvmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x40032110, &(0x7f0000000900)={0x77359400})
r1 = openat$nvram(0xffffffffffffff9c, &(0x7f0000000100), 0x3, 0x0)
perf_event_open(&(0x7f0000000440)={0x6, 0x80, 0x5, 0xff, 0x10, 0x5, 0x0, 0xb0, 0x28000, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x6, 0x0, @perf_config_ext={0x4, 0x1}, 0x8000, 0xfffffffffffffff8, 0x200, 0x5, 0x5d, 0xa0000000, 0x5, 0x0, 0x101, 0x0, 0x80000001}, 0xffffffffffffffff, 0xffffffffffffffff, r1, 0x1)
preadv(0xffffffffffffffff, &(0x7f0000000400)=[{0x0}, {&(0x7f0000000200)=""/162, 0xa2}, {&(0x7f00000002c0)=""/137, 0x89}, {&(0x7f0000000380)=""/117, 0x75}], 0x4, 0x0, 0x80000001)
io_destroy(r0)
io_setup(0xb, &(0x7f0000000000)=<r2=>0x0)
io_destroy(r2)
openat$sr(0xffffffffffffff9c, 0x0, 0x0, 0x0)
syz_io_uring_complete(0x0)
preadv(r1, &(0x7f00000004c0)=[{&(0x7f00000001c0)=""/51, 0x33}], 0x1, 0x8a, 0x8b)

00:39:22 executing program 7:
syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
stat(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, <r0=>0x0})
setresuid(0x0, r0, 0x0)
setpriority(0x0, 0x0, 0x0)

00:39:22 executing program 7:
syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
stat(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, <r0=>0x0})
setresuid(0x0, r0, 0x0)
setpriority(0x0, 0x0, 0x0)

00:39:22 executing program 1:
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r0, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)={0x18, 0x1d, 0x1, 0x0, 0x0, "", [@typed={0x7, 0x0, 0x0, 0x0, @binary="d8c931"}]}, 0x18}], 0x1}, 0x0)

00:39:22 executing program 2:
r0 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8931, &(0x7f0000000040)={'wlan0\x00'})

[  317.769033] loop3: detected capacity change from 0 to 10
00:39:24 executing program 6:
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TCSETSF2(r0, 0x5405, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "d4a89354cdc0e1d1ad0964940f221679708fb7"})

00:39:24 executing program 0:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000200)={{{@in6=@remote, @in6=@private0, 0x0, 0x0, 0x0, 0x0, 0xa, 0x30, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {}, {}, 0x0, 0x0, 0x1}, {{@in6=@loopback, 0x0, 0x32}, 0x0, @in=@empty}}, 0xe8)
sendmmsg$inet6(r0, &(0x7f00000003c0)=[{{&(0x7f0000000000)={0xa, 0x4e26, 0x0, @ipv4={'\x00', '\xff\xff', @dev}}, 0x1c, 0x0}}, {{&(0x7f0000000300)={0xa, 0x4e20, 0x0, @remote}, 0x1c, 0x0}}], 0x2, 0x0)

00:39:24 executing program 7:
mlock2(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1)
mlock2(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0)
mlock(&(0x7f0000ffb000/0x3000)=nil, 0x3000)

00:39:24 executing program 1:
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r0, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)={0x18, 0x1d, 0x1, 0x0, 0x0, "", [@typed={0x7, 0x0, 0x0, 0x0, @binary="d8c931"}]}, 0x18}], 0x1}, 0x0)

00:39:24 executing program 4:
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x5, 0x33942ce0}, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x67e4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = perf_event_open(&(0x7f0000000580)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_SET_FILTER(0xffffffffffffffff, 0x40082406, &(0x7f0000000200)='\x00')
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x5c3b00, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x121242, 0x0)
r3 = socket$inet6(0xa, 0x1, 0x0)
bind$inet6(r3, &(0x7f00000002c0)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
connect$inet6(r3, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @loopback}, 0x1c)
sendfile(r3, r2, 0x0, 0x10000)
openat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x4042, 0x0)
pread64(r0, &(0x7f0000000180)=""/13, 0xd, 0xffffffffffffb677)
r4 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r5 = ioctl$LOOP_CTL_GET_FREE(r4, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r4, 0x4c81, r5)
pread64(r4, &(0x7f00000002c0)=""/210, 0xd2, 0x3)
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(r1, 0xc0189372, &(0x7f00000003c0)=ANY=[@ANYBLOB="010000000100000018000000f0ad221584ae919b98300f28766ed40bfa48283f200730be245f88be34f27bb2a440d03d0849891609052e64957953ac5e20a393f427918520582e8b5924d3cb021239a8e5da9cec0710598e5a234628a483a0d18fc095c1cd4e768ba9c930a31879ea2d6333146048e5d85c79b16e741966d11377a09c5d81a7a79fec32357781ad4176564e3614e49d804675d577ac6db47cd207d4239f6a736df18f7c01663044f9f01188186506fe3c551aa5678604da59c0219715b0070ea5ae2dfcb35d0ed202675211735740ba66fb74acfb3e9a82b08e2a4c3950975a5a05fda87dd74204bb457f25a89a565b", @ANYRES32=r4, @ANYBLOB="0200000000000000"])
connect$inet6(0xffffffffffffffff, &(0x7f0000000280)={0xa, 0x0, 0x4, @dev={0xfe, 0x80, '\x00', 0x44}, 0x9}, 0x1c)
syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
pipe2$9p(&(0x7f0000000140)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r6}, 0x2c, {'wfdno', 0x3d, r7}})

00:39:24 executing program 5:
r0 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$inet_mreqn(r0, 0x0, 0x27, &(0x7f0000000180)={@multicast2, @private=0xac141400}, 0xc)
setsockopt$inet_mreqn(r0, 0x0, 0x24, &(0x7f0000000040)={@rand_addr, @remote}, 0xc)

00:39:24 executing program 3:
connect$inet6(0xffffffffffffffff, &(0x7f0000000240)={0xa, 0x0, 0x0, @mcast1}, 0x1c)
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000580)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x240, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="eb3c906d6b66732e66617400020801000440008000f801", 0x17}, {&(0x7f0000000340), 0x0, 0xa04}], 0x0, &(0x7f0000000080))

00:39:24 executing program 2:
r0 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8931, &(0x7f0000000040)={'wlan0\x00'})

00:39:24 executing program 5:
r0 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$inet_mreqn(r0, 0x0, 0x27, &(0x7f0000000180)={@multicast2, @private=0xac141400}, 0xc)
setsockopt$inet_mreqn(r0, 0x0, 0x24, &(0x7f0000000040)={@rand_addr, @remote}, 0xc)

00:39:24 executing program 0:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000200)={{{@in6=@remote, @in6=@private0, 0x0, 0x0, 0x0, 0x0, 0xa, 0x30, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {}, {}, 0x0, 0x0, 0x1}, {{@in6=@loopback, 0x0, 0x32}, 0x0, @in=@empty}}, 0xe8)
sendmmsg$inet6(r0, &(0x7f00000003c0)=[{{&(0x7f0000000000)={0xa, 0x4e26, 0x0, @ipv4={'\x00', '\xff\xff', @dev}}, 0x1c, 0x0}}, {{&(0x7f0000000300)={0xa, 0x4e20, 0x0, @remote}, 0x1c, 0x0}}], 0x2, 0x0)

[  320.394228] loop3: detected capacity change from 0 to 10
00:39:26 executing program 1:
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r0, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)={0x18, 0x1d, 0x1, 0x0, 0x0, "", [@typed={0x7, 0x0, 0x0, 0x0, @binary="d8c931"}]}, 0x18}], 0x1}, 0x0)

00:39:26 executing program 5:
r0 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$inet_mreqn(r0, 0x0, 0x27, &(0x7f0000000180)={@multicast2, @private=0xac141400}, 0xc)
setsockopt$inet_mreqn(r0, 0x0, 0x24, &(0x7f0000000040)={@rand_addr, @remote}, 0xc)

00:39:26 executing program 0:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000200)={{{@in6=@remote, @in6=@private0, 0x0, 0x0, 0x0, 0x0, 0xa, 0x30, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {}, {}, 0x0, 0x0, 0x1}, {{@in6=@loopback, 0x0, 0x32}, 0x0, @in=@empty}}, 0xe8)
sendmmsg$inet6(r0, &(0x7f00000003c0)=[{{&(0x7f0000000000)={0xa, 0x4e26, 0x0, @ipv4={'\x00', '\xff\xff', @dev}}, 0x1c, 0x0}}, {{&(0x7f0000000300)={0xa, 0x4e20, 0x0, @remote}, 0x1c, 0x0}}], 0x2, 0x0)

00:39:26 executing program 7:
openat$vcsu(0xffffffffffffff9c, 0x0, 0x10000, 0x0)
perf_event_open(&(0x7f0000001840)={0x2, 0x80, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
openat$vcsa(0xffffffffffffff9c, 0x0, 0x0, 0x0)
read$char_usb(0xffffffffffffffff, &(0x7f0000000080)=""/135, 0x87)
r0 = openat$vcsa(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
fsmount(r0, 0x0, 0x0)
lseek(r0, 0x3, 0x1)

00:39:26 executing program 4:
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x5, 0x33942ce0}, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x67e4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = perf_event_open(&(0x7f0000000580)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_SET_FILTER(0xffffffffffffffff, 0x40082406, &(0x7f0000000200)='\x00')
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x5c3b00, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x121242, 0x0)
r3 = socket$inet6(0xa, 0x1, 0x0)
bind$inet6(r3, &(0x7f00000002c0)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
connect$inet6(r3, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @loopback}, 0x1c)
sendfile(r3, r2, 0x0, 0x10000)
openat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x4042, 0x0)
pread64(r0, &(0x7f0000000180)=""/13, 0xd, 0xffffffffffffb677)
r4 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r5 = ioctl$LOOP_CTL_GET_FREE(r4, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r4, 0x4c81, r5)
pread64(r4, &(0x7f00000002c0)=""/210, 0xd2, 0x3)
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(r1, 0xc0189372, &(0x7f00000003c0)=ANY=[@ANYBLOB="010000000100000018000000f0ad221584ae919b98300f28766ed40bfa48283f200730be245f88be34f27bb2a440d03d0849891609052e64957953ac5e20a393f427918520582e8b5924d3cb021239a8e5da9cec0710598e5a234628a483a0d18fc095c1cd4e768ba9c930a31879ea2d6333146048e5d85c79b16e741966d11377a09c5d81a7a79fec32357781ad4176564e3614e49d804675d577ac6db47cd207d4239f6a736df18f7c01663044f9f01188186506fe3c551aa5678604da59c0219715b0070ea5ae2dfcb35d0ed202675211735740ba66fb74acfb3e9a82b08e2a4c3950975a5a05fda87dd74204bb457f25a89a565b", @ANYRES32=r4, @ANYBLOB="0200000000000000"])
connect$inet6(0xffffffffffffffff, &(0x7f0000000280)={0xa, 0x0, 0x4, @dev={0xfe, 0x80, '\x00', 0x44}, 0x9}, 0x1c)
syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
pipe2$9p(&(0x7f0000000140)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r6}, 0x2c, {'wfdno', 0x3d, r7}})

00:39:26 executing program 6:
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TCSETSF2(r0, 0x5405, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "d4a89354cdc0e1d1ad0964940f221679708fb7"})

00:39:26 executing program 3:
connect$inet6(0xffffffffffffffff, &(0x7f0000000240)={0xa, 0x0, 0x0, @mcast1}, 0x1c)
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000580)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x240, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="eb3c906d6b66732e66617400020801000440008000f801", 0x17}, {&(0x7f0000000340), 0x0, 0xa04}], 0x0, &(0x7f0000000080))

00:39:26 executing program 2:
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000580)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_SET_FILTER(0xffffffffffffffff, 0x40082406, 0x0)
r0 = openat(0xffffffffffffff9c, 0x0, 0x1c1a42, 0x0)
pread64(r0, &(0x7f0000000280)=""/13, 0xd, 0x0)
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r2 = ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82)
ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2)
pread64(r1, &(0x7f00000002c0)=""/210, 0xd2, 0x3)
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(r0, 0xc0189372, &(0x7f0000000040)={{0x1, 0x1, 0x18, r1}, './file0\x00'})
connect$inet6(0xffffffffffffffff, &(0x7f0000000280)={0xa, 0x0, 0x4, @dev={0xfe, 0x80, '\x00', 0x44}, 0x9}, 0x1c)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0))

[  322.199276] loop3: detected capacity change from 0 to 10
00:39:28 executing program 7:
openat$vcsu(0xffffffffffffff9c, 0x0, 0x10000, 0x0)
perf_event_open(&(0x7f0000001840)={0x2, 0x80, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
openat$vcsa(0xffffffffffffff9c, 0x0, 0x0, 0x0)
read$char_usb(0xffffffffffffffff, &(0x7f0000000080)=""/135, 0x87)
r0 = openat$vcsa(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
fsmount(r0, 0x0, 0x0)
lseek(r0, 0x3, 0x1)

00:39:28 executing program 5:
r0 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$inet_mreqn(r0, 0x0, 0x27, &(0x7f0000000180)={@multicast2, @private=0xac141400}, 0xc)
setsockopt$inet_mreqn(r0, 0x0, 0x24, &(0x7f0000000040)={@rand_addr, @remote}, 0xc)

00:39:28 executing program 3:
connect$inet6(0xffffffffffffffff, &(0x7f0000000240)={0xa, 0x0, 0x0, @mcast1}, 0x1c)
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000580)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x240, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="eb3c906d6b66732e66617400020801000440008000f801", 0x17}, {&(0x7f0000000340), 0x0, 0xa04}], 0x0, &(0x7f0000000080))

[  323.801859] loop3: detected capacity change from 0 to 10

VM DIAGNOSIS:
00:39:22  Registers:
info registers vcpu 0
RAX=0000000000000074 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff8262d465 RDI=ffffffff886610c0 RBP=ffffffff88661080 RSP=ffff88806ce092d0
R8 =0000000000000000 R9 =ffffed100134d046 R10=0000000000000074 R11=7371726974666f73
R12=0000000000000074 R13=ffffffff88661080 R14=0000000000000010 R15=ffffffff8262d450
RIP=ffffffff8262d4bd RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 00000000 00000000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 00000000 00000000
FS =0000 00007ffae12e7700 00000000 00000000
GS =0000 ffff88806ce00000 00000000 00000000
LDT=0000 fffffe0000000000 00000000 00000000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=0000001b30322000 CR3=00000000360e4000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=ff000000000000000000000000000000 XMM01=010000000000000000000000000000ff
XMM02=7463656a6e695f31313230385f7a7973 XMM03=00007f1d2330e7c800007f1d2330e7c0
XMM04=ffffffffffffffffffffffff00000000 XMM05=00000000000000000000000000000000
XMM06=0000000000000000000000524f525245 XMM07=00000000000000000000000000000000
XMM08=000000000000000000524f5252450040 XMM09=00000000000000000000000000000000
XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000
XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000
XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000
info registers vcpu 1
RAX=0000000000000001 RBX=0000000000000001 RCX=ffffffff84845a6f RDX=fffffbfff0c1a969
RSI=0000000000000004 RDI=ffffffff860d4b40 RBP=ffffffff860d4b40 RSP=ffff88806cf099f8
R8 =0000000000000000 R9 =fffffbfff0c1a968 R10=ffffffff860d4b43 R11=5050505000000011
R12=1ffff1100d9e1340 R13=0000000000000003 R14=fffffbfff0c1a968 R15=ffff88806cf09a30
RIP=ffffffff84845c02 RFL=00000202 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 00000000 00000000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 00000000 00000000
FS =0000 0000000000000000 00000000 00000000
GS =0000 ffff88806cf00000 00000000 00000000
LDT=0000 fffffe0000000000 00000000 00000000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00007f98dd70a418 CR3=0000000013aca000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001fa0
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=00000000000000000000000000000000 XMM01=00000000000000000000000000000000
XMM02=0000000000000000411bb76000000000 XMM03=0000ff00000000000000000000000000
XMM04=732f6c61636f6c2f7273752f3d485441 XMM05=622f6c61636f6c2f7273752f3a6e6962
XMM06=73752f3a6e6962732f7273752f3a6e69 XMM07=6e69622f3a6e6962732f3a6e69622f72
XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000
XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000
XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000
XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000