Warning: Permanently added '[localhost]:62945' (ECDSA) to the list of known hosts. 2024/11/04 08:58:18 fuzzer started 2024/11/04 08:58:19 dialing manager at localhost:46317 syzkaller login: [ 63.668312] cgroup: Unknown subsys name 'net' [ 63.805755] cgroup: Unknown subsys name 'cpuset' [ 63.851344] cgroup: Unknown subsys name 'rlimit' 2024/11/04 08:58:38 syscalls: 2217 2024/11/04 08:58:38 code coverage: enabled 2024/11/04 08:58:38 comparison tracing: enabled 2024/11/04 08:58:38 extra coverage: enabled 2024/11/04 08:58:38 setuid sandbox: enabled 2024/11/04 08:58:38 namespace sandbox: enabled 2024/11/04 08:58:38 Android sandbox: enabled 2024/11/04 08:58:38 fault injection: enabled 2024/11/04 08:58:38 leak checking: enabled 2024/11/04 08:58:38 net packet injection: enabled 2024/11/04 08:58:38 net device setup: enabled 2024/11/04 08:58:38 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2024/11/04 08:58:38 devlink PCI setup: PCI device 0000:00:10.0 is not available 2024/11/04 08:58:38 USB emulation: enabled 2024/11/04 08:58:38 hci packet injection: enabled 2024/11/04 08:58:38 wifi device emulation: enabled 2024/11/04 08:58:38 802.15.4 emulation: enabled 2024/11/04 08:58:38 fetching corpus: 0, signal 0/2000 (executing program) 2024/11/04 08:58:38 fetching corpus: 49, signal 14529/18193 (executing program) 2024/11/04 08:58:38 fetching corpus: 92, signal 27783/32844 (executing program) 2024/11/04 08:58:38 fetching corpus: 142, signal 38078/44374 (executing program) 2024/11/04 08:58:38 fetching corpus: 192, signal 45705/53180 (executing program) 2024/11/04 08:58:39 fetching corpus: 242, signal 49220/57946 (executing program) 2024/11/04 08:58:39 fetching corpus: 292, signal 53564/63446 (executing program) 2024/11/04 08:58:39 fetching corpus: 342, signal 58729/69526 (executing program) 2024/11/04 08:58:39 fetching corpus: 392, signal 62168/73957 (executing program) 2024/11/04 08:58:39 fetching corpus: 442, signal 65411/78166 (executing program) 2024/11/04 08:58:39 fetching corpus: 492, signal 68314/81942 (executing program) 2024/11/04 08:58:39 fetching corpus: 542, signal 71280/85726 (executing program) 2024/11/04 08:58:39 fetching corpus: 591, signal 74502/89691 (executing program) 2024/11/04 08:58:39 fetching corpus: 641, signal 76241/92312 (executing program) 2024/11/04 08:58:39 fetching corpus: 691, signal 79123/95851 (executing program) 2024/11/04 08:58:40 fetching corpus: 741, signal 81389/98829 (executing program) 2024/11/04 08:58:40 fetching corpus: 791, signal 83457/101578 (executing program) 2024/11/04 08:58:40 fetching corpus: 841, signal 85253/104080 (executing program) 2024/11/04 08:58:40 fetching corpus: 891, signal 88248/107468 (executing program) 2024/11/04 08:58:40 fetching corpus: 941, signal 90163/109942 (executing program) 2024/11/04 08:58:40 fetching corpus: 991, signal 91119/111624 (executing program) 2024/11/04 08:58:40 fetching corpus: 1041, signal 92903/113962 (executing program) 2024/11/04 08:58:41 fetching corpus: 1090, signal 94279/115961 (executing program) 2024/11/04 08:58:41 fetching corpus: 1140, signal 95452/117745 (executing program) 2024/11/04 08:58:41 fetching corpus: 1190, signal 96828/119642 (executing program) 2024/11/04 08:58:41 fetching corpus: 1240, signal 97888/121270 (executing program) 2024/11/04 08:58:41 fetching corpus: 1290, signal 98933/122891 (executing program) 2024/11/04 08:58:41 fetching corpus: 1340, signal 100545/124879 (executing program) 2024/11/04 08:58:41 fetching corpus: 1390, signal 102217/126833 (executing program) 2024/11/04 08:58:41 fetching corpus: 1440, signal 103965/128811 (executing program) 2024/11/04 08:58:41 fetching corpus: 1490, signal 105126/130373 (executing program) 2024/11/04 08:58:41 fetching corpus: 1540, signal 106448/132061 (executing program) 2024/11/04 08:58:41 fetching corpus: 1590, signal 107174/133282 (executing program) 2024/11/04 08:58:42 fetching corpus: 1640, signal 108277/134748 (executing program) 2024/11/04 08:58:42 fetching corpus: 1690, signal 109133/136086 (executing program) 2024/11/04 08:58:42 fetching corpus: 1740, signal 110249/137539 (executing program) 2024/11/04 08:58:42 fetching corpus: 1790, signal 110860/138642 (executing program) 2024/11/04 08:58:42 fetching corpus: 1840, signal 111989/140035 (executing program) 2024/11/04 08:58:42 fetching corpus: 1890, signal 112900/141283 (executing program) 2024/11/04 08:58:42 fetching corpus: 1940, signal 113789/142561 (executing program) 2024/11/04 08:58:42 fetching corpus: 1990, signal 114523/143640 (executing program) 2024/11/04 08:58:42 fetching corpus: 2040, signal 115201/144766 (executing program) 2024/11/04 08:58:42 fetching corpus: 2090, signal 116113/145969 (executing program) 2024/11/04 08:58:42 fetching corpus: 2140, signal 116936/147099 (executing program) 2024/11/04 08:58:42 fetching corpus: 2190, signal 117844/148259 (executing program) 2024/11/04 08:58:43 fetching corpus: 2240, signal 118829/149427 (executing program) 2024/11/04 08:58:43 fetching corpus: 2290, signal 119704/150493 (executing program) 2024/11/04 08:58:43 fetching corpus: 2340, signal 121100/151749 (executing program) 2024/11/04 08:58:43 fetching corpus: 2390, signal 123596/153503 (executing program) 2024/11/04 08:58:43 fetching corpus: 2440, signal 124680/154545 (executing program) 2024/11/04 08:58:43 fetching corpus: 2490, signal 125300/155419 (executing program) 2024/11/04 08:58:43 fetching corpus: 2540, signal 125861/156247 (executing program) 2024/11/04 08:58:43 fetching corpus: 2590, signal 127025/157306 (executing program) 2024/11/04 08:58:43 fetching corpus: 2640, signal 127946/158270 (executing program) 2024/11/04 08:58:43 fetching corpus: 2690, signal 129391/159442 (executing program) 2024/11/04 08:58:43 fetching corpus: 2740, signal 129827/160147 (executing program) 2024/11/04 08:58:44 fetching corpus: 2790, signal 130622/160964 (executing program) 2024/11/04 08:58:44 fetching corpus: 2840, signal 131302/161770 (executing program) 2024/11/04 08:58:44 fetching corpus: 2890, signal 132265/162651 (executing program) 2024/11/04 08:58:44 fetching corpus: 2940, signal 132964/163354 (executing program) 2024/11/04 08:58:44 fetching corpus: 2990, signal 133664/164094 (executing program) 2024/11/04 08:58:44 fetching corpus: 3040, signal 134248/164786 (executing program) 2024/11/04 08:58:44 fetching corpus: 3090, signal 134773/165431 (executing program) 2024/11/04 08:58:44 fetching corpus: 3140, signal 135300/166061 (executing program) 2024/11/04 08:58:44 fetching corpus: 3190, signal 135878/166697 (executing program) 2024/11/04 08:58:44 fetching corpus: 3240, signal 136489/167353 (executing program) 2024/11/04 08:58:44 fetching corpus: 3290, signal 136927/167966 (executing program) 2024/11/04 08:58:45 fetching corpus: 3340, signal 138076/168725 (executing program) 2024/11/04 08:58:45 fetching corpus: 3390, signal 138500/169287 (executing program) 2024/11/04 08:58:45 fetching corpus: 3440, signal 138833/169801 (executing program) 2024/11/04 08:58:45 fetching corpus: 3490, signal 139477/170409 (executing program) 2024/11/04 08:58:45 fetching corpus: 3540, signal 139876/170958 (executing program) 2024/11/04 08:58:45 fetching corpus: 3590, signal 140682/171528 (executing program) 2024/11/04 08:58:45 fetching corpus: 3640, signal 141350/172082 (executing program) 2024/11/04 08:58:45 fetching corpus: 3690, signal 142063/172610 (executing program) 2024/11/04 08:58:45 fetching corpus: 3740, signal 142685/173104 (executing program) 2024/11/04 08:58:45 fetching corpus: 3790, signal 142995/173566 (executing program) 2024/11/04 08:58:45 fetching corpus: 3840, signal 143352/173993 (executing program) 2024/11/04 08:58:46 fetching corpus: 3890, signal 143764/174437 (executing program) 2024/11/04 08:58:46 fetching corpus: 3940, signal 144165/174863 (executing program) 2024/11/04 08:58:46 fetching corpus: 3990, signal 144564/175283 (executing program) 2024/11/04 08:58:46 fetching corpus: 4040, signal 144930/175675 (executing program) 2024/11/04 08:58:46 fetching corpus: 4090, signal 145626/176114 (executing program) 2024/11/04 08:58:46 fetching corpus: 4139, signal 146026/176517 (executing program) 2024/11/04 08:58:46 fetching corpus: 4188, signal 146447/176895 (executing program) 2024/11/04 08:58:46 fetching corpus: 4238, signal 146756/177272 (executing program) 2024/11/04 08:58:46 fetching corpus: 4288, signal 147132/177627 (executing program) 2024/11/04 08:58:46 fetching corpus: 4338, signal 147601/177970 (executing program) 2024/11/04 08:58:46 fetching corpus: 4388, signal 148036/178327 (executing program) 2024/11/04 08:58:47 fetching corpus: 4438, signal 148725/178373 (executing program) 2024/11/04 08:58:47 fetching corpus: 4488, signal 149102/178373 (executing program) 2024/11/04 08:58:47 fetching corpus: 4538, signal 149452/178373 (executing program) 2024/11/04 08:58:47 fetching corpus: 4588, signal 149807/178373 (executing program) 2024/11/04 08:58:47 fetching corpus: 4638, signal 150144/178399 (executing program) 2024/11/04 08:58:47 fetching corpus: 4688, signal 150448/178399 (executing program) 2024/11/04 08:58:47 fetching corpus: 4738, signal 150795/178399 (executing program) 2024/11/04 08:58:47 fetching corpus: 4788, signal 151168/178399 (executing program) 2024/11/04 08:58:47 fetching corpus: 4838, signal 151491/178401 (executing program) 2024/11/04 08:58:47 fetching corpus: 4888, signal 152138/178410 (executing program) 2024/11/04 08:58:47 fetching corpus: 4938, signal 152594/178426 (executing program) 2024/11/04 08:58:47 fetching corpus: 4988, signal 153140/178426 (executing program) 2024/11/04 08:58:48 fetching corpus: 5038, signal 153448/178426 (executing program) 2024/11/04 08:58:48 fetching corpus: 5088, signal 154964/178426 (executing program) 2024/11/04 08:58:48 fetching corpus: 5138, signal 155411/178426 (executing program) 2024/11/04 08:58:48 fetching corpus: 5188, signal 155838/178430 (executing program) 2024/11/04 08:58:48 fetching corpus: 5238, signal 156338/178430 (executing program) 2024/11/04 08:58:48 fetching corpus: 5288, signal 156786/178430 (executing program) 2024/11/04 08:58:48 fetching corpus: 5338, signal 157215/178430 (executing program) 2024/11/04 08:58:48 fetching corpus: 5388, signal 157591/178430 (executing program) 2024/11/04 08:58:48 fetching corpus: 5438, signal 157933/178430 (executing program) 2024/11/04 08:58:48 fetching corpus: 5488, signal 158347/178430 (executing program) 2024/11/04 08:58:49 fetching corpus: 5538, signal 159004/178430 (executing program) 2024/11/04 08:58:49 fetching corpus: 5587, signal 159261/178436 (executing program) 2024/11/04 08:58:49 fetching corpus: 5636, signal 160017/178436 (executing program) 2024/11/04 08:58:49 fetching corpus: 5686, signal 160287/178439 (executing program) 2024/11/04 08:58:49 fetching corpus: 5736, signal 160621/178439 (executing program) 2024/11/04 08:58:49 fetching corpus: 5786, signal 160867/178439 (executing program) 2024/11/04 08:58:49 fetching corpus: 5836, signal 161417/178439 (executing program) 2024/11/04 08:58:49 fetching corpus: 5886, signal 161993/178439 (executing program) 2024/11/04 08:58:50 fetching corpus: 5936, signal 162586/178439 (executing program) 2024/11/04 08:58:50 fetching corpus: 5986, signal 163084/178439 (executing program) 2024/11/04 08:58:50 fetching corpus: 6036, signal 163468/178439 (executing program) 2024/11/04 08:58:50 fetching corpus: 6086, signal 163837/178439 (executing program) 2024/11/04 08:58:50 fetching corpus: 6136, signal 164240/178439 (executing program) 2024/11/04 08:58:50 fetching corpus: 6186, signal 164961/178439 (executing program) 2024/11/04 08:58:50 fetching corpus: 6236, signal 165151/178439 (executing program) 2024/11/04 08:58:50 fetching corpus: 6286, signal 165495/178439 (executing program) 2024/11/04 08:58:50 fetching corpus: 6336, signal 165868/178476 (executing program) 2024/11/04 08:58:51 fetching corpus: 6386, signal 166268/178479 (executing program) 2024/11/04 08:58:51 fetching corpus: 6436, signal 166495/178479 (executing program) 2024/11/04 08:58:51 fetching corpus: 6486, signal 166850/178479 (executing program) 2024/11/04 08:58:51 fetching corpus: 6536, signal 167127/178479 (executing program) 2024/11/04 08:58:51 fetching corpus: 6584, signal 167477/178479 (executing program) 2024/11/04 08:58:51 fetching corpus: 6634, signal 167792/178479 (executing program) 2024/11/04 08:58:51 fetching corpus: 6684, signal 168034/178503 (executing program) 2024/11/04 08:58:51 fetching corpus: 6734, signal 168296/178503 (executing program) 2024/11/04 08:58:51 fetching corpus: 6784, signal 168786/178503 (executing program) 2024/11/04 08:58:52 fetching corpus: 6834, signal 169050/178503 (executing program) 2024/11/04 08:58:52 fetching corpus: 6884, signal 169551/178514 (executing program) 2024/11/04 08:58:52 fetching corpus: 6934, signal 169780/178514 (executing program) 2024/11/04 08:58:52 fetching corpus: 6984, signal 170096/178514 (executing program) 2024/11/04 08:58:52 fetching corpus: 7034, signal 170341/178514 (executing program) 2024/11/04 08:58:52 fetching corpus: 7084, signal 170539/178514 (executing program) 2024/11/04 08:58:52 fetching corpus: 7134, signal 170692/178514 (executing program) 2024/11/04 08:58:52 fetching corpus: 7184, signal 170922/178514 (executing program) 2024/11/04 08:58:52 fetching corpus: 7234, signal 171123/178514 (executing program) 2024/11/04 08:58:53 fetching corpus: 7284, signal 171334/178514 (executing program) 2024/11/04 08:58:53 fetching corpus: 7334, signal 171614/178520 (executing program) 2024/11/04 08:58:53 fetching corpus: 7384, signal 171919/178523 (executing program) 2024/11/04 08:58:53 fetching corpus: 7433, signal 172154/178537 (executing program) 2024/11/04 08:58:53 fetching corpus: 7483, signal 172326/178537 (executing program) 2024/11/04 08:58:53 fetching corpus: 7533, signal 172664/178537 (executing program) 2024/11/04 08:58:53 fetching corpus: 7583, signal 172872/178537 (executing program) 2024/11/04 08:58:53 fetching corpus: 7633, signal 173257/178575 (executing program) 2024/11/04 08:58:54 fetching corpus: 7683, signal 173696/178575 (executing program) 2024/11/04 08:58:54 fetching corpus: 7733, signal 173943/178575 (executing program) 2024/11/04 08:58:54 fetching corpus: 7783, signal 174152/178575 (executing program) 2024/11/04 08:58:54 fetching corpus: 7833, signal 174401/178575 (executing program) 2024/11/04 08:58:54 fetching corpus: 7883, signal 174726/178575 (executing program) 2024/11/04 08:58:54 fetching corpus: 7933, signal 174955/178575 (executing program) 2024/11/04 08:58:54 fetching corpus: 7983, signal 175226/178579 (executing program) 2024/11/04 08:58:54 fetching corpus: 8032, signal 175508/178584 (executing program) 2024/11/04 08:58:54 fetching corpus: 8082, signal 175695/178584 (executing program) 2024/11/04 08:58:54 fetching corpus: 8132, signal 175928/178584 (executing program) 2024/11/04 08:58:54 fetching corpus: 8182, signal 176098/178584 (executing program) 2024/11/04 08:58:55 fetching corpus: 8232, signal 176358/178584 (executing program) 2024/11/04 08:58:55 fetching corpus: 8282, signal 176570/178584 (executing program) 2024/11/04 08:58:55 fetching corpus: 8332, signal 176801/178584 (executing program) 2024/11/04 08:58:55 fetching corpus: 8382, signal 176977/178584 (executing program) 2024/11/04 08:58:55 fetching corpus: 8432, signal 177152/178584 (executing program) 2024/11/04 08:58:55 fetching corpus: 8482, signal 177325/178587 (executing program) 2024/11/04 08:58:55 fetching corpus: 8532, signal 177501/178587 (executing program) 2024/11/04 08:58:55 fetching corpus: 8582, signal 177754/178587 (executing program) 2024/11/04 08:58:55 fetching corpus: 8632, signal 177954/178590 (executing program) 2024/11/04 08:58:55 fetching corpus: 8637, signal 177971/178590 (executing program) 2024/11/04 08:58:55 fetching corpus: 8637, signal 177971/178590 (executing program) 2024/11/04 08:59:00 starting 8 fuzzer processes 08:59:00 executing program 0: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000003c0)=@getsa={0x28, 0x12, 0x1, 0x0, 0x0, {@in=@private, 0x0, 0x0, 0x6c}}, 0x28}}, 0x0) 08:59:00 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) fallocate(r0, 0x0, 0x0, 0x8531) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) write$binfmt_aout(r0, &(0x7f0000000400), 0x20) preadv2(r1, &(0x7f00000003c0)=[{&(0x7f0000000140)=""/75, 0xfdef}], 0x1, 0x0, 0x0, 0x8) 08:59:00 executing program 2: prctl$PR_GET_TSC(0x19, &(0x7f0000000100)) prctl$PR_GET_TSC(0x19, &(0x7f0000000140)) 08:59:00 executing program 3: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000000)='securityfs\x00', 0x0, 0x0) r0 = open(&(0x7f00000000c0)='./file0\x00', 0x0, 0x0) getdents64(r0, &(0x7f0000000200)=""/4096, 0x18) getdents(r0, &(0x7f0000000040)=""/101, 0x65) 08:59:00 executing program 4: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mknod(&(0x7f0000000200)='./file0\x00', 0x1000, 0x0) open(&(0x7f0000000000)='./file0\x00', 0x3, 0x0) 08:59:00 executing program 5: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = perf_event_open(&(0x7f0000000340)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) perf_event_open(0x0, 0x0, 0xc, r1, 0x1) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) syz_emit_ethernet(0x0, 0x0, 0x0) fallocate(r2, 0x0, 0x0, 0x87ffffc) sendfile(0xffffffffffffffff, r1, 0x0, 0xfffffdef) perf_event_open(&(0x7f00000001c0)={0x3, 0x80, 0x3, 0xf8, 0x0, 0x0, 0x0, 0x38, 0x80000, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x3, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x8001, 0x0, @perf_config_ext={0x7f, 0x3ff}, 0x40008, 0x0, 0x0, 0x8, 0x1, 0xfffff001, 0x5}, 0x0, 0x5, r0, 0x1) write(0xffffffffffffffff, &(0x7f0000000140)="79c7aaf2b6d00372ce217c15a0cef1f813975b2a17e0c0e7e8696c4a64fdedf4bdf2bdfed64f6de6017f8e7ba9766b47ecd139a018d8f3a90042c27ad2fd1f2985fe2de3a7bba1ef83106c040661df2f0609989ef6a36a409497b3c5e5bf91", 0x5f) 08:59:00 executing program 6: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000240)={0xffffffffffffffff}) getsockname(r0, 0x0, &(0x7f0000000c00)) 08:59:00 executing program 7: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r0, &(0x7f0000000000)={0x1f, 0x0, 0x1}, 0x6) [ 102.792938] audit: type=1400 audit(1730710740.311:7): avc: denied { execmem } for pid=273 comm="syz-executor.2" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1 [ 104.150196] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 104.156661] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 104.158863] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 104.164145] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 104.173803] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 104.181148] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 104.183948] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 104.194713] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 104.201152] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 104.205109] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 104.210626] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 104.217666] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 104.220047] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 104.224034] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 104.226838] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 104.229899] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 104.235639] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 104.235778] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 104.238638] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 104.245762] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 104.251397] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 104.252824] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 104.254926] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 104.264883] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 104.267429] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 104.268020] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 104.273054] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 104.275601] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 104.277524] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 104.277812] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 104.279409] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 104.285658] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 104.293690] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 104.315060] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 104.319803] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 104.331101] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 104.334015] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 104.341336] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 104.341708] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 104.344852] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 104.348648] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 104.355765] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 104.361704] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 104.364196] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 104.366348] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 104.383044] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 104.406668] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 104.410656] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 106.288665] Bluetooth: hci1: command tx timeout [ 106.352402] Bluetooth: hci6: command tx timeout [ 106.353022] Bluetooth: hci5: command tx timeout [ 106.353719] Bluetooth: hci2: command tx timeout [ 106.354314] Bluetooth: hci3: command tx timeout [ 106.417136] Bluetooth: hci0: command tx timeout [ 106.417865] Bluetooth: hci4: command tx timeout [ 106.480342] Bluetooth: hci7: command tx timeout [ 108.337374] Bluetooth: hci1: command tx timeout [ 108.400740] Bluetooth: hci2: command tx timeout [ 108.401189] Bluetooth: hci6: command tx timeout [ 108.401962] Bluetooth: hci5: command tx timeout [ 108.402424] Bluetooth: hci3: command tx timeout [ 108.464347] Bluetooth: hci0: command tx timeout [ 108.464788] Bluetooth: hci4: command tx timeout [ 108.528294] Bluetooth: hci7: command tx timeout [ 110.384449] Bluetooth: hci1: command tx timeout [ 110.448413] Bluetooth: hci5: command tx timeout [ 110.448921] Bluetooth: hci3: command tx timeout [ 110.449567] Bluetooth: hci6: command tx timeout [ 110.450046] Bluetooth: hci2: command tx timeout [ 110.512370] Bluetooth: hci4: command tx timeout [ 110.512876] Bluetooth: hci0: command tx timeout [ 110.576297] Bluetooth: hci7: command tx timeout [ 112.432316] Bluetooth: hci1: command tx timeout [ 112.496420] Bluetooth: hci2: command tx timeout [ 112.496857] Bluetooth: hci6: command tx timeout [ 112.498319] Bluetooth: hci3: command tx timeout [ 112.498717] Bluetooth: hci5: command tx timeout [ 112.560356] Bluetooth: hci0: command tx timeout [ 112.560877] Bluetooth: hci4: command tx timeout [ 112.625209] Bluetooth: hci7: command tx timeout [ 161.421596] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 161.422360] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 161.760534] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 161.761460] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 162.072540] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 162.073210] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 162.566668] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 162.567706] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 166.918191] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 166.921108] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 166.926765] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 166.935650] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 166.939055] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 166.942619] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 167.036661] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 167.047395] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 167.050875] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 167.054117] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 167.058785] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 167.060525] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 167.063642] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 167.075569] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 167.078653] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 167.085201] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 167.089947] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 167.106395] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 167.109681] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 167.119403] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 167.133521] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 167.133727] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 167.134502] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 167.141654] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 167.143003] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 167.144134] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 167.146383] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 167.149955] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 167.152055] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 167.156319] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 167.159938] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 167.160961] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 167.161976] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 167.163837] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 167.164925] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 167.166087] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 167.252355] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 167.255897] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 167.273523] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 167.331569] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 167.338204] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 167.354074] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 167.383148] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 167.385862] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 167.388023] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 167.392103] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 167.394699] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 167.396711] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 169.009336] Bluetooth: hci0: command tx timeout [ 169.200409] Bluetooth: hci2: command tx timeout [ 169.201278] Bluetooth: hci1: command tx timeout [ 169.266066] Bluetooth: hci5: command tx timeout [ 169.266959] Bluetooth: hci3: command tx timeout [ 169.395373] Bluetooth: hci6: command tx timeout [ 169.457315] Bluetooth: hci7: command tx timeout [ 169.520380] Bluetooth: hci4: command tx timeout [ 171.056412] Bluetooth: hci0: command tx timeout [ 171.248497] Bluetooth: hci2: command tx timeout [ 171.248713] Bluetooth: hci1: command tx timeout [ 171.314307] Bluetooth: hci3: command tx timeout [ 171.314336] Bluetooth: hci5: command tx timeout [ 171.440677] Bluetooth: hci6: command tx timeout [ 171.504513] Bluetooth: hci7: command tx timeout [ 171.570419] Bluetooth: hci4: command tx timeout [ 173.104403] Bluetooth: hci0: command tx timeout [ 173.296308] Bluetooth: hci2: command tx timeout [ 173.297335] Bluetooth: hci1: command tx timeout [ 173.360954] Bluetooth: hci5: command tx timeout [ 173.361441] Bluetooth: hci3: command tx timeout [ 173.488427] Bluetooth: hci6: command tx timeout [ 173.552331] Bluetooth: hci7: command tx timeout [ 173.616295] Bluetooth: hci4: command tx timeout [ 175.152325] Bluetooth: hci0: command tx timeout [ 175.345317] Bluetooth: hci1: command tx timeout [ 175.345342] Bluetooth: hci2: command tx timeout [ 175.408305] Bluetooth: hci5: command tx timeout [ 175.409340] Bluetooth: hci3: command tx timeout [ 175.537523] Bluetooth: hci6: command tx timeout [ 175.600361] Bluetooth: hci7: command tx timeout [ 175.666258] Bluetooth: hci4: command tx timeout [ 225.426329] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 225.427706] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 225.956428] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 225.957099] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 229.060772] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 229.069639] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 229.076972] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 229.090088] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 229.095030] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 229.097183] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 229.446660] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 229.452451] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 229.456695] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 229.464798] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 229.468705] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 229.473497] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 229.518647] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 229.523730] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 229.525912] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 229.539011] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 229.543801] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 229.549753] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 229.850194] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 229.852484] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 229.854853] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 229.859060] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 229.866670] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 229.872178] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 229.878549] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 229.882943] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 229.885708] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 229.890621] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 229.892648] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 229.895019] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 229.897133] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 229.897627] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 229.908145] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 229.918755] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 229.925561] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 229.927057] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 229.929864] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 229.930054] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 229.938635] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 229.942579] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 229.959874] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 229.961978] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 229.965737] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 229.974966] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 229.984074] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 229.985458] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 229.992042] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 229.994599] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 231.153454] Bluetooth: hci0: command tx timeout [ 231.537292] Bluetooth: hci1: command tx timeout [ 231.600445] Bluetooth: hci2: command tx timeout [ 231.986293] Bluetooth: hci5: command tx timeout [ 232.049305] Bluetooth: hci6: command tx timeout [ 232.112324] Bluetooth: hci4: command tx timeout [ 232.114082] Bluetooth: hci3: command tx timeout [ 232.114133] Bluetooth: hci7: command tx timeout [ 233.202260] Bluetooth: hci0: command tx timeout [ 233.584289] Bluetooth: hci1: command tx timeout [ 233.648452] Bluetooth: hci2: command tx timeout [ 234.033308] Bluetooth: hci5: command tx timeout [ 234.096296] Bluetooth: hci6: command tx timeout [ 234.160311] Bluetooth: hci7: command tx timeout [ 234.161692] Bluetooth: hci3: command tx timeout [ 234.162162] Bluetooth: hci4: command tx timeout [ 235.248331] Bluetooth: hci0: command tx timeout [ 235.632327] Bluetooth: hci1: command tx timeout [ 235.696466] Bluetooth: hci2: command tx timeout [ 236.082243] Bluetooth: hci5: command tx timeout [ 236.144520] Bluetooth: hci6: command tx timeout [ 236.208338] Bluetooth: hci4: command tx timeout [ 236.208610] Bluetooth: hci3: command tx timeout [ 236.208887] Bluetooth: hci7: command tx timeout [ 237.297698] Bluetooth: hci0: command tx timeout [ 237.681278] Bluetooth: hci1: command tx timeout [ 237.744273] Bluetooth: hci2: command tx timeout [ 238.129269] Bluetooth: hci5: command tx timeout [ 238.192253] Bluetooth: hci6: command tx timeout [ 238.258290] Bluetooth: hci3: command tx timeout [ 238.258806] Bluetooth: hci4: command tx timeout [ 238.259375] Bluetooth: hci7: command tx timeout [ 283.856252] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 283.856914] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 284.135310] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 284.135951] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 09:02:03 executing program 7: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r0, &(0x7f0000000000)={0x1f, 0x0, 0x1}, 0x6) [ 285.795986] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 285.796667] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 09:02:03 executing program 7: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r0, &(0x7f0000000000)={0x1f, 0x0, 0x1}, 0x6) 09:02:03 executing program 7: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r0, &(0x7f0000000000)={0x1f, 0x0, 0x1}, 0x6) [ 286.056895] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 286.057593] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 286.182061] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 286.182717] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 09:02:03 executing program 7: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFULNL_MSG_CONFIG(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000240)={0x1c, 0x1, 0x4, 0x801, 0x0, 0x0, {}, [@NFULA_CFG_CMD={0x5}]}, 0x1c}}, 0x0) 09:02:03 executing program 7: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFULNL_MSG_CONFIG(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000240)={0x1c, 0x1, 0x4, 0x801, 0x0, 0x0, {}, [@NFULA_CFG_CMD={0x5}]}, 0x1c}}, 0x0) [ 286.345308] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 286.345938] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 09:02:04 executing program 7: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFULNL_MSG_CONFIG(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000240)={0x1c, 0x1, 0x4, 0x801, 0x0, 0x0, {}, [@NFULA_CFG_CMD={0x5}]}, 0x1c}}, 0x0) [ 286.593617] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 286.594353] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 09:02:04 executing program 7: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFULNL_MSG_CONFIG(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000240)={0x1c, 0x1, 0x4, 0x801, 0x0, 0x0, {}, [@NFULA_CFG_CMD={0x5}]}, 0x1c}}, 0x0) [ 286.941268] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 286.941932] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 09:02:04 executing program 7: r0 = syz_io_uring_setup(0x4c8f, &(0x7f0000000080), &(0x7f0000ffa000/0x2000)=nil, &(0x7f0000ffb000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000000)) io_uring_register$IORING_REGISTER_FILES(r0, 0x1a, 0x0, 0x0) [ 287.206768] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 287.207703] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 287.311385] audit: type=1400 audit(1730710924.829:8): avc: denied { open } for pid=10891 comm="syz-executor.5" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 [ 287.317057] audit: type=1400 audit(1730710924.830:9): avc: denied { kernel } for pid=10891 comm="syz-executor.5" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 [ 287.341228] hrtimer: interrupt took 62879 ns [ 287.405360] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 287.406001] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 287.553153] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 287.553830] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 287.727281] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 287.727917] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 287.815986] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 287.816825] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 288.020296] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 288.021486] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 291.138296] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 291.142829] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 291.146980] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 291.152696] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 291.158654] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 291.160811] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 291.204325] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 291.208865] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 291.212656] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 291.220634] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 291.230656] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 291.232912] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 291.285481] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 291.291624] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 291.293419] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 291.297516] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 291.300152] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 291.302043] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 291.326799] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 291.343552] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 291.346300] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 291.370918] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 291.374878] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 291.381587] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 293.232324] Bluetooth: hci2: command tx timeout [ 293.296814] Bluetooth: hci3: command tx timeout [ 293.360411] Bluetooth: hci5: command tx timeout [ 293.427164] Bluetooth: hci7: command tx timeout [ 295.280403] Bluetooth: hci2: command tx timeout [ 295.344464] Bluetooth: hci3: command tx timeout [ 295.408325] Bluetooth: hci5: command tx timeout [ 295.474660] Bluetooth: hci7: command tx timeout [ 297.328328] Bluetooth: hci2: command tx timeout [ 297.392311] Bluetooth: hci3: command tx timeout [ 297.456319] Bluetooth: hci5: command tx timeout [ 297.522139] Bluetooth: hci7: command tx timeout [ 299.376386] Bluetooth: hci2: command tx timeout [ 299.440545] Bluetooth: hci3: command tx timeout [ 299.504419] Bluetooth: hci5: command tx timeout [ 299.570272] Bluetooth: hci7: command tx timeout [ 321.115577] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 321.116254] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 321.228879] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 321.229624] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 321.343065] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 321.344038] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 321.422901] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 321.423791] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 322.284134] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 322.285004] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 322.344700] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 322.345490] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 322.786732] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 322.787702] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 322.823598] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 322.824330] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 09:02:40 executing program 0: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000003c0)=@getsa={0x28, 0x12, 0x1, 0x0, 0x0, {@in=@private, 0x0, 0x0, 0x6c}}, 0x28}}, 0x0) 09:02:40 executing program 7: r0 = openat$ptp0(0xffffffffffffff9c, &(0x7f0000004f00), 0x0, 0x0) ioctl$PTP_PIN_GETFUNC2(r0, 0xc0603d0f, &(0x7f0000004f40)) 09:02:40 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) fallocate(r0, 0x0, 0x0, 0x8531) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) write$binfmt_aout(r0, &(0x7f0000000400), 0x20) preadv2(r1, &(0x7f00000003c0)=[{&(0x7f0000000140)=""/75, 0xfdef}], 0x1, 0x0, 0x0, 0x8) 09:02:40 executing program 3: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000000)='securityfs\x00', 0x0, 0x0) r0 = open(&(0x7f00000000c0)='./file0\x00', 0x0, 0x0) getdents64(r0, &(0x7f0000000200)=""/4096, 0x18) getdents(r0, &(0x7f0000000040)=""/101, 0x65) 09:02:40 executing program 5: r0 = syz_io_uring_setup(0x60e0, &(0x7f0000000000)={0x0, 0x0, 0x2}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) io_uring_enter(r0, 0x0, 0x0, 0x0, 0x0, 0x0) 09:02:40 executing program 4: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mknod(&(0x7f0000000200)='./file0\x00', 0x1000, 0x0) open(&(0x7f0000000000)='./file0\x00', 0x3, 0x0) 09:02:40 executing program 6: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000240)={0xffffffffffffffff}) getsockname(r0, 0x0, &(0x7f0000000c00)) 09:02:40 executing program 2: prctl$PR_GET_TSC(0x19, &(0x7f0000000100)) prctl$PR_GET_TSC(0x19, &(0x7f0000000140)) 09:02:40 executing program 3: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000000)='securityfs\x00', 0x0, 0x0) r0 = open(&(0x7f00000000c0)='./file0\x00', 0x0, 0x0) getdents64(r0, &(0x7f0000000200)=""/4096, 0x18) getdents(r0, &(0x7f0000000040)=""/101, 0x65) 09:02:40 executing program 2: prctl$PR_GET_TSC(0x19, &(0x7f0000000100)) prctl$PR_GET_TSC(0x19, &(0x7f0000000140)) 09:02:41 executing program 0: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000003c0)=@getsa={0x28, 0x12, 0x1, 0x0, 0x0, {@in=@private, 0x0, 0x0, 0x6c}}, 0x28}}, 0x0) 09:02:41 executing program 4: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mknod(&(0x7f0000000200)='./file0\x00', 0x1000, 0x0) open(&(0x7f0000000000)='./file0\x00', 0x3, 0x0) 09:02:41 executing program 3: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000000)='securityfs\x00', 0x0, 0x0) r0 = open(&(0x7f00000000c0)='./file0\x00', 0x0, 0x0) getdents64(r0, &(0x7f0000000200)=""/4096, 0x18) getdents(r0, &(0x7f0000000040)=""/101, 0x65) 09:02:41 executing program 2: prctl$PR_GET_TSC(0x19, &(0x7f0000000100)) prctl$PR_GET_TSC(0x19, &(0x7f0000000140)) 09:02:41 executing program 7: ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(0xffffffffffffffff, 0xc0189373, &(0x7f00000001c0)=ANY=[@ANYBLOB="a769e0b3f75439f08a22df83906e9449012371ddbee90d0bdb0ad8f01964b2d11087262d1db46045d006c7ca73cd116980"]) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = perf_event_open(&(0x7f0000000580)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$sr(0xffffffffffffff9c, &(0x7f0000002380), 0x121800, 0x0) ioctl$AUTOFS_DEV_IOCTL_FAIL(r1, 0x530e, &(0x7f0000000480)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00.-file0\x00']) move_mount(r1, &(0x7f0000000140)='\x00', 0xffffffffffffffff, &(0x7f0000000180)='./file0\x00', 0x2) ioctl$EXT4_IOC_GETSTATE(r0, 0x40046629, 0x0) getsockopt$IP_SET_OP_VERSION(0xffffffffffffffff, 0x1, 0x27, 0x0, 0x0) flock(0xffffffffffffffff, 0x8) dup2(0xffffffffffffffff, 0xffffffffffffffff) syz_io_uring_setup(0x0, &(0x7f0000000000)={0x0, 0x0, 0x20, 0x0, 0x80000392}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ff9000/0x3000)=nil, 0x0, 0x0) r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000100)={0xa, &(0x7f0000000200)=[{0x1, 0x2, 0x7}, {0x4, 0x7, 0x0, 0x11}, {0x9, 0x2, 0xfb, 0x400}, {0x81, 0x3, 0x4, 0x10001}, {0x86f, 0x8, 0x1, 0xef}, {0xc02f, 0x5, 0x7, 0x27}, {0x7, 0xe8, 0x4}, {0x8af, 0x2, 0x80, 0x77e}, {0x3, 0xff, 0x2c, 0x5}, {0x9, 0x7, 0x6, 0x6}]}) flock(r2, 0x0) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0) finit_module(0xffffffffffffffff, 0x0, 0x3) 09:02:41 executing program 6: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000240)={0xffffffffffffffff}) getsockname(r0, 0x0, &(0x7f0000000c00)) 09:02:41 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) fallocate(r0, 0x0, 0x0, 0x8531) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) write$binfmt_aout(r0, &(0x7f0000000400), 0x20) preadv2(r1, &(0x7f00000003c0)=[{&(0x7f0000000140)=""/75, 0xfdef}], 0x1, 0x0, 0x0, 0x8) 09:02:41 executing program 5: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$NL80211_CMD_TRIGGER_SCAN(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000440)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="0107000000000000000020"], 0x30}}, 0x0) [ 323.606685] netlink: 28 bytes leftover after parsing attributes in process `syz-executor.5'. [ 323.624402] netlink: 28 bytes leftover after parsing attributes in process `syz-executor.5'. 09:02:41 executing program 4: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mknod(&(0x7f0000000200)='./file0\x00', 0x1000, 0x0) open(&(0x7f0000000000)='./file0\x00', 0x3, 0x0) 09:02:41 executing program 2: rt_sigaction(0x9, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x0, 0x8, &(0x7f0000000200)) 09:02:41 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) [ 323.776508] audit: type=1400 audit(1730710961.294:10): avc: denied { write } for pid=12802 comm="syz-executor.7" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 09:02:42 executing program 6: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000240)={0xffffffffffffffff}) getsockname(r0, 0x0, &(0x7f0000000c00)) 09:02:42 executing program 0: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000003c0)=@getsa={0x28, 0x12, 0x1, 0x0, 0x0, {@in=@private, 0x0, 0x0, 0x6c}}, 0x28}}, 0x0) 09:02:42 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000180), r0) sendmsg$IEEE802154_LLSEC_GETPARAMS(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="14000000", @ANYRES16=r1, @ANYBLOB="530ef21e72a0b746b9ad01"], 0x14}}, 0x0) 09:02:42 executing program 2: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xfffbffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) getpeername(r0, 0x0, 0x0) 09:02:42 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) fallocate(r0, 0x0, 0x0, 0x8531) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) write$binfmt_aout(r0, &(0x7f0000000400), 0x20) preadv2(r1, &(0x7f00000003c0)=[{&(0x7f0000000140)=""/75, 0xfdef}], 0x1, 0x0, 0x0, 0x8) 09:02:42 executing program 5: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x7c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff) r2 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f00000001c0)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_VENDOR(r0, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000380)={0x28, r1, 0x1, 0x0, 0x0, {{0x64}, {@void, @val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_VENDOR_SUBCMD={0x8}, @NL80211_ATTR_VENDOR_DATA={0x4}]}, 0x28}}, 0x0) 09:02:42 executing program 7: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) r0 = signalfd4(0xffffffffffffffff, &(0x7f00000003c0), 0x8, 0x0) syncfs(r0) 09:02:42 executing program 4: syz_open_dev$sg(&(0x7f0000000000), 0xfffffffffffff13b, 0x80143) 09:02:42 executing program 4: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xcb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioprio_set$pid(0x3, 0xffffffffffffffff, 0x0) ioprio_get$pid(0x3, 0x0) 09:02:42 executing program 3: syz_mount_image$vfat(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) stat(&(0x7f0000000240)='./file0\x00', &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0}) setresuid(0x0, r0, 0x0) r1 = semget$private(0x0, 0x4, 0x0) semctl$IPC_RMID(r1, 0x0, 0x10) 09:02:42 executing program 7: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff) r2 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f00000000c0)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_VENDOR(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000440)={0x1c, r1, 0x3ab, 0x0, 0x0, {{0x11}, {@void, @val={0x8, 0x3, r3}, @void}}}, 0x1c}}, 0x0) openat$rfkill(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) 09:02:42 executing program 1: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='configfs\x00', 0x0, 0x0) chmod(&(0x7f0000000180)='./file0\x00', 0x0) 09:02:42 executing program 3: syz_mount_image$vfat(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) stat(&(0x7f0000000240)='./file0\x00', &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0}) setresuid(0x0, r0, 0x0) r1 = semget$private(0x0, 0x4, 0x0) semctl$IPC_RMID(r1, 0x0, 0x10) 09:02:42 executing program 7: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) mq_timedreceive(r0, 0x0, 0x0, 0x0, 0x0) 09:02:42 executing program 3: syz_mount_image$vfat(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) stat(&(0x7f0000000240)='./file0\x00', &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0}) setresuid(0x0, r0, 0x0) r1 = semget$private(0x0, 0x4, 0x0) semctl$IPC_RMID(r1, 0x0, 0x10) 09:02:42 executing program 7: r0 = openat$random(0xffffffffffffff9c, &(0x7f0000002340), 0x0, 0x0) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) preadv(r0, 0x0, 0x0, 0x0, 0x0) 09:02:48 executing program 1: r0 = syz_open_procfs(0x0, &(0x7f0000000040)='net/ip_tables_matches\x00') pread64(r0, &(0x7f0000000300)=""/142, 0x8e, 0x0) 09:02:48 executing program 7: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000001c0)={0x28, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@mon_options=[@NL80211_ATTR_MU_MIMO_FOLLOW_MAC_ADDR={0xa, 0xe8, @device_b}]]}, 0x28}}, 0x0) 09:02:48 executing program 6: munmap(&(0x7f0000ffd000/0x1000)=nil, 0x1000) mbind(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, &(0x7f0000000000), 0x0, 0x0) mlock2(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0) 09:02:48 executing program 3: syz_mount_image$vfat(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) stat(&(0x7f0000000240)='./file0\x00', &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0}) setresuid(0x0, r0, 0x0) r1 = semget$private(0x0, 0x4, 0x0) semctl$IPC_RMID(r1, 0x0, 0x10) 09:02:48 executing program 5: r0 = epoll_create(0x1) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f00000001c0)) ioctl$TCXONC(r1, 0x540a, 0x2) 09:02:48 executing program 4: r0 = fsopen(&(0x7f0000000000)='ramfs\x00', 0x0) fsconfig$FSCONFIG_SET_PATH(r0, 0x3, &(0x7f0000000040)='nl80211\x00', 0x0, 0xffffffffffffffff) 09:02:48 executing program 2: r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) connect$inet6(r0, &(0x7f0000000580)={0xa, 0x0, 0x0, @mcast1, 0x6}, 0x1c) setsockopt$inet6_IPV6_PKTINFO(r0, 0x29, 0x32, &(0x7f0000000400)={@remote}, 0x14) 09:02:48 executing program 0: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000100), 0x44b43, 0x0) ioctl$SG_EMULATED_HOST(r0, 0xc0189436, &(0x7f0000000180)) 09:02:49 executing program 1: r0 = syz_open_procfs(0x0, &(0x7f0000000040)='net/ip_tables_matches\x00') pread64(r0, &(0x7f0000000300)=""/142, 0x8e, 0x0) 09:02:49 executing program 6: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) set_mempolicy(0x1, &(0x7f0000000040)=0x91c8, 0x5) 09:02:49 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000540)={0x28, r1, 0x25, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0xc, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_HWMP_PREQ_MIN_INTERVAL={0x6, 0xc, 0x4}]}]}, 0x28}}, 0x0) 09:02:49 executing program 4: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_open_dev$tty20(0xc, 0x4, 0x1) ioctl$PIO_UNISCRNMAP(r0, 0x4b32, &(0x7f0000000180)) 09:02:49 executing program 5: fcntl$F_GET_RW_HINT(0xffffffffffffffff, 0x40b, 0x0) r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$sock_SIOCSIFVLAN_SET_VLAN_INGRESS_PRIORITY_CMD(r0, 0x8983, 0x0) 09:02:49 executing program 0: semget$private(0x0, 0x4000, 0x0) unshare(0x8000000) semget$private(0x0, 0x4000, 0x0) 09:02:49 executing program 7: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) getpid() openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) r2 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x0, 0x13, r2, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r1, 0x2405, r2) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r1, 0x2405, r2) 09:02:49 executing program 3: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000002380), 0x121800, 0x0) ioctl$AUTOFS_DEV_IOCTL_FAIL(r0, 0x530e, &(0x7f0000000600)=ANY=[@ANYBLOB="0100000002"]) 09:02:49 executing program 1: r0 = syz_open_procfs(0x0, &(0x7f0000000040)='net/ip_tables_matches\x00') pread64(r0, &(0x7f0000000300)=""/142, 0x8e, 0x0) [ 332.068566] audit: type=1400 audit(1730710969.585:11): avc: denied { read } for pid=12902 comm="syz-executor.7" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 09:02:49 executing program 6: openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0, 0x0) r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl$sock_SIOCINQ(r0, 0x5421, &(0x7f0000000040)) read(r0, 0x0, 0x0) 09:02:49 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000540)={0x28, r1, 0x25, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0xc, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_HWMP_PREQ_MIN_INTERVAL={0x6, 0xc, 0x4}]}]}, 0x28}}, 0x0) 09:02:49 executing program 0: r0 = add_key$fscrypt_v1(&(0x7f0000000100), &(0x7f0000000140)={'fscrypt:', @desc4}, &(0x7f0000000180)={0x0, "4f86c31dbb85249241d18b1022d2db9fee153f125d88df3bd889fafa60b555a7eb92a9547b98cf488090461ead6c31b6039010119a53ee2519f1187bbb299c72"}, 0x48, 0xfffffffffffffffc) keyctl$update(0x1d, r0, &(0x7f0000001440)="ce", 0x1) 09:02:49 executing program 4: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_open_dev$tty20(0xc, 0x4, 0x1) ioctl$PIO_UNISCRNMAP(r0, 0x4b32, &(0x7f0000000180)) 09:02:49 executing program 1: r0 = syz_open_procfs(0x0, &(0x7f0000000040)='net/ip_tables_matches\x00') pread64(r0, &(0x7f0000000300)=""/142, 0x8e, 0x0) 09:02:49 executing program 3: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) eventfd(0x0) 09:02:49 executing program 7: r0 = syz_open_dev$evdev(&(0x7f0000000000), 0x0, 0x0) ioctl$EVIOCGMASK(r0, 0x400445a0, &(0x7f0000000080)={0x16, 0x0, 0x0}) 09:02:49 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000540)={0x28, r1, 0x25, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0xc, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_HWMP_PREQ_MIN_INTERVAL={0x6, 0xc, 0x4}]}]}, 0x28}}, 0x0) 09:02:49 executing program 5: ioperm(0x0, 0x7ff, 0x7) r0 = socket$nl_generic(0x10, 0x3, 0x10) fstatfs(r0, &(0x7f0000000000)=""/40) 09:02:49 executing program 6: creat(&(0x7f0000000240)='./file0\x00', 0x0) setxattr$trusted_overlay_upper(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, 0x0, 0x0) llistxattr(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)=""/26, 0x1a) setxattr$security_evm(&(0x7f0000000100)='./file0\x00', &(0x7f0000000140), 0x0, 0x0, 0x0) setxattr$security_evm(&(0x7f0000000440)='./file0\x00', &(0x7f0000000480), &(0x7f00000004c0)=@sha1={0x1, "9f6b702ee91953a62c471edb8ac95c857264dc48"}, 0x15, 0x0) 09:02:49 executing program 0: pipe2(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) splice(r0, 0x0, r1, 0x0, 0x4, 0x0) 09:02:50 executing program 4: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_open_dev$tty20(0xc, 0x4, 0x1) ioctl$PIO_UNISCRNMAP(r0, 0x4b32, &(0x7f0000000180)) 09:02:50 executing program 3: syz_mount_image$ext4(0x0, &(0x7f0000000540)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount$9p_fd(0x0, &(0x7f00000001c0)='./file1\x00', &(0x7f0000000240), 0x0, &(0x7f0000000280)) 09:02:50 executing program 5: ioperm(0x0, 0x7ff, 0x7) r0 = socket$nl_generic(0x10, 0x3, 0x10) fstatfs(r0, &(0x7f0000000000)=""/40) [ 332.812329] 9pnet_fd: Insufficient options for proto=fd 09:02:50 executing program 0: socket$unix(0x1, 0x5, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='fdinfo/3\x00') pread64(r0, &(0x7f0000001700)=""/4104, 0x1008, 0x0) 09:02:50 executing program 7: r0 = openat$sr(0xffffffffffffff9c, &(0x7f00000001c0), 0x105802, 0x0) ioctl$SG_IO(r0, 0x401070ca, 0x0) 09:02:50 executing program 1: prctl$PR_MCE_KILL(0x21, 0x1, 0x1) 09:02:50 executing program 4: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_open_dev$tty20(0xc, 0x4, 0x1) ioctl$PIO_UNISCRNMAP(r0, 0x4b32, &(0x7f0000000180)) 09:02:50 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000540)={0x28, r1, 0x25, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0xc, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_HWMP_PREQ_MIN_INTERVAL={0x6, 0xc, 0x4}]}]}, 0x28}}, 0x0) 09:02:50 executing program 6: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) r1 = socket$inet_tcp(0x2, 0x1, 0x0) getsockopt$inet_tcp_buf(r1, 0x6, 0x1a, 0x0, &(0x7f0000001000)) ioctl$TIOCL_PASTESEL(r0, 0x541c, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000010c0)) openat$cdrom(0xffffffffffffff9c, &(0x7f0000004f80), 0x40, 0x0) syz_open_dev$usbmon(&(0x7f00000050c0), 0x9, 0x2c0001) 09:02:50 executing program 3: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000)='debugfs\x00', 0x0, 0x0) mount$9p_virtio(0x0, &(0x7f0000000080)='./file0\x00', 0x0, 0x80020, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=virtio,uid=', @ANYRESDEC, @ANYRESOCT]) 09:02:50 executing program 5: ioperm(0x0, 0x7ff, 0x7) r0 = socket$nl_generic(0x10, 0x3, 0x10) fstatfs(r0, &(0x7f0000000000)=""/40) [ 332.991597] debugfs: Bad value for 'uid' [ 332.992079] debugfs: Bad value for 'uid' [ 333.001492] debugfs: Bad value for 'uid' [ 333.001937] debugfs: Bad value for 'uid' 09:02:50 executing program 1: r0 = socket$nl_route(0x10, 0x3, 0x0) fcntl$F_SET_FILE_RW_HINT(r0, 0x40e, 0x0) 09:02:50 executing program 0: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$netlink(r0, &(0x7f000000c340)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000140)={0x13, 0x32, 0xe21, 0x0, 0x0, "", [@generic="8e"]}, 0x14}], 0x1}, 0x0) 09:02:50 executing program 5: ioperm(0x0, 0x7ff, 0x7) r0 = socket$nl_generic(0x10, 0x3, 0x10) fstatfs(r0, &(0x7f0000000000)=""/40) 09:02:50 executing program 7: r0 = openat$sr(0xffffffffffffff9c, &(0x7f00000001c0), 0x105802, 0x0) ioctl$SG_IO(r0, 0x401070ca, 0x0) 09:02:50 executing program 3: mq_timedsend(0xffffffffffffffff, 0x0, 0x0, 0x39c0000000, 0x0) 09:02:50 executing program 6: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) r1 = socket$inet_tcp(0x2, 0x1, 0x0) getsockopt$inet_tcp_buf(r1, 0x6, 0x1a, 0x0, &(0x7f0000001000)) ioctl$TIOCL_PASTESEL(r0, 0x541c, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000010c0)) openat$cdrom(0xffffffffffffff9c, &(0x7f0000004f80), 0x40, 0x0) syz_open_dev$usbmon(&(0x7f00000050c0), 0x9, 0x2c0001) 09:02:50 executing program 2: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$netlink(r0, &(0x7f0000001480)={0x0, 0x0, &(0x7f0000001440)=[{&(0x7f0000000100)={0x24, 0x2a, 0x101, 0x0, 0x0, "", [@nested={0x14, 0x0, 0x0, 0x1, [@typed={0x4, 0xe}, @typed={0xc, 0x0, 0x0, 0x0, @u64}]}]}, 0x24}], 0x1}, 0x0) 09:02:50 executing program 4: ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(0xffffffffffffffff, 0xc0189373, 0x0) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000002380), 0x121800, 0x0) ioctl$AUTOFS_DEV_IOCTL_FAIL(r0, 0x530e, &(0x7f0000000100)=ANY=[@ANYBLOB="010000000100000018", @ANYBLOB]) move_mount(r0, &(0x7f0000000140)='\x00', 0xffffffffffffffff, 0x0, 0x0) syz_mount_image$nfs4(&(0x7f00000001c0), &(0x7f0000000200)='./file0\x00', 0x0, 0x0, 0x0, 0x12000, &(0x7f0000000600)={[{'/dev/sr0\x00'}], [{@rootcontext={'rootcontext', 0x3d, 'root'}}, {@seclabel}, {@dont_appraise}, {@fsmagic={'fsmagic', 0x3d, 0x7}}, {@seclabel}, {@uid_eq={'uid', 0x3d, 0xee01}}]}) r1 = socket$inet6_udp(0xa, 0x2, 0x0) dup(r1) getsockopt$IP_SET_OP_VERSION(0xffffffffffffffff, 0x1, 0x27, 0x0, 0x0) sendmsg$BATADV_CMD_GET_BLA_CLAIM(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000740)={0x1c, 0x0, 0x200, 0x70bd25, 0x25dfdbfe, {}, [@BATADV_ATTR_TPMETER_TEST_TIME={0x8, 0xb, 0x53}]}, 0x1c}}, 0x48000) ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0) 09:02:50 executing program 0: unshare(0x0) unshare(0x48040080) 09:02:50 executing program 1: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0xc042, 0x0) ioctl$EXT4_IOC_MOVE_EXT(r0, 0x5450, 0x0) 09:02:51 executing program 3: r0 = socket$netlink(0x10, 0x3, 0x0) r1 = dup2(r0, r0) bind$netlink(r1, &(0x7f0000000000)={0x10, 0x0, 0x0, 0x40000000}, 0xc) 09:02:51 executing program 2: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xcc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000580)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet_udp(0x2, 0x2, 0x0) getsockopt$inet_pktinfo(r0, 0x0, 0x8, &(0x7f0000000080)={0x0, @remote, @dev}, &(0x7f0000000040)=0x3) r1 = socket$inet_udp(0x2, 0x2, 0x0) r2 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$inet6_mreq(0xffffffffffffffff, 0x29, 0x15, &(0x7f0000000140)={@empty}, 0x14) setsockopt$inet6_udp_int(r2, 0x11, 0x68, &(0x7f0000000240), 0x3e) r3 = socket$nl_audit(0x10, 0x3, 0x9) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000040)={'wlan1\x00'}) sendmsg$inet(0xffffffffffffffff, &(0x7f0000000780)={&(0x7f0000000000)={0x2, 0x0, @local}, 0x10, &(0x7f00000003c0)}, 0x0) setsockopt$sock_timeval(r1, 0x1, 0x2f, &(0x7f0000000000), 0x10) sendmsg$unix(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f00000001c0)=@file={0x1, './file0\x00'}, 0x6e, 0x0, 0x0, 0x0, 0x0, 0x840}, 0x40000) 09:02:51 executing program 0: unshare(0x0) unshare(0x48040080) 09:02:51 executing program 5: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) stat(&(0x7f0000000240)='./file0\x00', &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0}) setresuid(0x0, r0, 0x0) r1 = socket$nl_audit(0x10, 0x3, 0x9) ioctl$sock_SIOCETHTOOL(r1, 0x8993, &(0x7f0000000400)={'team_slave_1\x00', 0x0}) 09:02:51 executing program 6: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) r1 = socket$inet_tcp(0x2, 0x1, 0x0) getsockopt$inet_tcp_buf(r1, 0x6, 0x1a, 0x0, &(0x7f0000001000)) ioctl$TIOCL_PASTESEL(r0, 0x541c, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000010c0)) openat$cdrom(0xffffffffffffff9c, &(0x7f0000004f80), 0x40, 0x0) syz_open_dev$usbmon(&(0x7f00000050c0), 0x9, 0x2c0001) 09:02:51 executing program 7: r0 = openat$sr(0xffffffffffffff9c, &(0x7f00000001c0), 0x105802, 0x0) ioctl$SG_IO(r0, 0x401070ca, 0x0) 09:02:51 executing program 4: ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(0xffffffffffffffff, 0xc0189373, 0x0) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000002380), 0x121800, 0x0) ioctl$AUTOFS_DEV_IOCTL_FAIL(r0, 0x530e, &(0x7f0000000100)=ANY=[@ANYBLOB="010000000100000018", @ANYBLOB]) move_mount(r0, &(0x7f0000000140)='\x00', 0xffffffffffffffff, 0x0, 0x0) syz_mount_image$nfs4(&(0x7f00000001c0), &(0x7f0000000200)='./file0\x00', 0x0, 0x0, 0x0, 0x12000, &(0x7f0000000600)={[{'/dev/sr0\x00'}], [{@rootcontext={'rootcontext', 0x3d, 'root'}}, {@seclabel}, {@dont_appraise}, {@fsmagic={'fsmagic', 0x3d, 0x7}}, {@seclabel}, {@uid_eq={'uid', 0x3d, 0xee01}}]}) r1 = socket$inet6_udp(0xa, 0x2, 0x0) dup(r1) getsockopt$IP_SET_OP_VERSION(0xffffffffffffffff, 0x1, 0x27, 0x0, 0x0) sendmsg$BATADV_CMD_GET_BLA_CLAIM(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000740)={0x1c, 0x0, 0x200, 0x70bd25, 0x25dfdbfe, {}, [@BATADV_ATTR_TPMETER_TEST_TIME={0x8, 0xb, 0x53}]}, 0x1c}}, 0x48000) ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0) 09:02:51 executing program 1: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000580)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f00000002c0)={0xa, 0x4e20, 0xfffffffe, @empty}, 0x1c) r1 = socket$inet6(0xa, 0x1, 0x0) r2 = dup3(0xffffffffffffffff, r1, 0x0) bind$inet6(r1, &(0x7f0000000040)={0xa, 0x4e21, 0x9, @mcast1, 0x8}, 0x1c) r3 = socket$inet6_udp(0xa, 0x2, 0x0) dup(r3) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r3, 0x29, 0x20, &(0x7f0000000100)={@loopback, 0xfff, 0x2, 0x2, 0x6, 0x5c2, 0x3}, 0x20) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) sendmmsg$inet6(r0, &(0x7f0000000200)=[{{0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000300)="a8", 0x1}], 0x1}}], 0x1, 0x90) setsockopt$SO_BINDTODEVICE(r3, 0x1, 0x19, &(0x7f00000001c0)='team_slave_1\x00', 0x10) sendmsg$IPVS_CMD_DEL_SERVICE(0xffffffffffffffff, 0x0, 0x4081) setsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x20, &(0x7f0000000480)={@private1={0xfc, 0x1, '\x00', 0x1}, 0xfff, 0x1, 0xff, 0x14, 0x6, 0xd0e}, 0x20) ioctl$PIO_SCRNMAP(r2, 0x4b41, &(0x7f0000000340)="74c446096c55cdac8597584a59587975a61083a4ab898472040a5e1bdf9208e51fe7d9cae4dd81391258a4e9756060a8c87cb35f63da2faf4919eb8d2f1536c24eee0744a066fbfa75a2507018a313a0d82d8b73410519a2425e945b52d9bad6fa589e9c7a3c076ae84b394f65ecf9b005b5ab2a100976d25a30a3177d18008cc084b56d8db97c0660a4203e8b1c") [ 333.900486] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list 09:02:51 executing program 3: modify_ldt$write(0x1, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x3}, 0x10) 09:02:51 executing program 7: r0 = openat$sr(0xffffffffffffff9c, &(0x7f00000001c0), 0x105802, 0x0) ioctl$SG_IO(r0, 0x401070ca, 0x0) 09:02:51 executing program 6: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) r1 = socket$inet_tcp(0x2, 0x1, 0x0) getsockopt$inet_tcp_buf(r1, 0x6, 0x1a, 0x0, &(0x7f0000001000)) ioctl$TIOCL_PASTESEL(r0, 0x541c, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000010c0)) openat$cdrom(0xffffffffffffff9c, &(0x7f0000004f80), 0x40, 0x0) syz_open_dev$usbmon(&(0x7f00000050c0), 0x9, 0x2c0001) 09:02:51 executing program 4: ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(0xffffffffffffffff, 0xc0189373, 0x0) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000002380), 0x121800, 0x0) ioctl$AUTOFS_DEV_IOCTL_FAIL(r0, 0x530e, &(0x7f0000000100)=ANY=[@ANYBLOB="010000000100000018", @ANYBLOB]) move_mount(r0, &(0x7f0000000140)='\x00', 0xffffffffffffffff, 0x0, 0x0) syz_mount_image$nfs4(&(0x7f00000001c0), &(0x7f0000000200)='./file0\x00', 0x0, 0x0, 0x0, 0x12000, &(0x7f0000000600)={[{'/dev/sr0\x00'}], [{@rootcontext={'rootcontext', 0x3d, 'root'}}, {@seclabel}, {@dont_appraise}, {@fsmagic={'fsmagic', 0x3d, 0x7}}, {@seclabel}, {@uid_eq={'uid', 0x3d, 0xee01}}]}) r1 = socket$inet6_udp(0xa, 0x2, 0x0) dup(r1) getsockopt$IP_SET_OP_VERSION(0xffffffffffffffff, 0x1, 0x27, 0x0, 0x0) sendmsg$BATADV_CMD_GET_BLA_CLAIM(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000740)={0x1c, 0x0, 0x200, 0x70bd25, 0x25dfdbfe, {}, [@BATADV_ATTR_TPMETER_TEST_TIME={0x8, 0xb, 0x53}]}, 0x1c}}, 0x48000) ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0) 09:02:51 executing program 5: r0 = socket$inet6_udp(0xa, 0x2, 0x0) getsockopt$IP6T_SO_GET_ENTRIES(r0, 0x29, 0x41, &(0x7f00000025c0)=ANY=[@ANYBLOB='mangle'], &(0x7f0000002680)=0x28) 09:02:51 executing program 2: mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x2000009, 0x32, 0xffffffffffffffff, 0x0) utime(0x0, &(0x7f0000000180)) 09:02:51 executing program 3: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) syz_emit_ethernet(0x3e, &(0x7f0000000000)={@multicast, @local, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x30, 0x0, 0x0, 0x0, 0x1, 0x0, @rand_addr, @multicast1}, @source_quench={0x2a, 0x0, 0x0, 0x0, {0x5, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @loopback, @local}}}}}}, 0x0) setsockopt$inet_int(r0, 0x0, 0x12, &(0x7f0000000100)=0x4, 0x4) setsockopt$inet_int(r0, 0x0, 0x14, &(0x7f0000000080)=0xfd, 0x4) recvfrom(r0, 0x0, 0x0, 0x0, 0x0, 0x0) 09:02:51 executing program 0: unshare(0x0) unshare(0x48040080) 09:02:52 executing program 5: r0 = socket$inet6_udp(0xa, 0x2, 0x0) ioctl$sock_inet6_SIOCDELRT(r0, 0x890c, &(0x7f0000000200)={@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', @private1, @empty, 0x0, 0x101, 0x0, 0x0, 0x0, 0x1510002}) 09:02:52 executing program 2: setregid(0xffffffffffffffff, 0xee01) getresgid(&(0x7f0000000000), &(0x7f0000000040), &(0x7f0000000080)) getgid() fork() 09:02:52 executing program 2: mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x0, 0x44031, 0xffffffffffffffff, 0x0) madvise(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x4) 09:02:52 executing program 7: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x12, &(0x7f0000000040), 0x4) 09:02:52 executing program 4: ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(0xffffffffffffffff, 0xc0189373, 0x0) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000002380), 0x121800, 0x0) ioctl$AUTOFS_DEV_IOCTL_FAIL(r0, 0x530e, &(0x7f0000000100)=ANY=[@ANYBLOB="010000000100000018", @ANYBLOB]) move_mount(r0, &(0x7f0000000140)='\x00', 0xffffffffffffffff, 0x0, 0x0) syz_mount_image$nfs4(&(0x7f00000001c0), &(0x7f0000000200)='./file0\x00', 0x0, 0x0, 0x0, 0x12000, &(0x7f0000000600)={[{'/dev/sr0\x00'}], [{@rootcontext={'rootcontext', 0x3d, 'root'}}, {@seclabel}, {@dont_appraise}, {@fsmagic={'fsmagic', 0x3d, 0x7}}, {@seclabel}, {@uid_eq={'uid', 0x3d, 0xee01}}]}) r1 = socket$inet6_udp(0xa, 0x2, 0x0) dup(r1) getsockopt$IP_SET_OP_VERSION(0xffffffffffffffff, 0x1, 0x27, 0x0, 0x0) sendmsg$BATADV_CMD_GET_BLA_CLAIM(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000740)={0x1c, 0x0, 0x200, 0x70bd25, 0x25dfdbfe, {}, [@BATADV_ATTR_TPMETER_TEST_TIME={0x8, 0xb, 0x53}]}, 0x1c}}, 0x48000) ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0) 09:02:52 executing program 5: prctl$PR_SET_MM(0x23, 0xa, &(0x7f0000ffc000/0x4000)=nil) prctl$PR_SET_MM(0x23, 0xb, &(0x7f0000ffd000/0x3000)=nil) 09:02:52 executing program 3: r0 = syz_open_dev$tty20(0xc, 0x4, 0x1) openat$hpet(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) ioctl$KDGKBTYPE(r0, 0x4b62, &(0x7f0000000040)) 09:02:52 executing program 0: unshare(0x0) unshare(0x48040080) 09:02:52 executing program 1: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000580)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f00000002c0)={0xa, 0x4e20, 0xfffffffe, @empty}, 0x1c) r1 = socket$inet6(0xa, 0x1, 0x0) r2 = dup3(0xffffffffffffffff, r1, 0x0) bind$inet6(r1, &(0x7f0000000040)={0xa, 0x4e21, 0x9, @mcast1, 0x8}, 0x1c) r3 = socket$inet6_udp(0xa, 0x2, 0x0) dup(r3) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r3, 0x29, 0x20, &(0x7f0000000100)={@loopback, 0xfff, 0x2, 0x2, 0x6, 0x5c2, 0x3}, 0x20) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) sendmmsg$inet6(r0, &(0x7f0000000200)=[{{0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000300)="a8", 0x1}], 0x1}}], 0x1, 0x90) setsockopt$SO_BINDTODEVICE(r3, 0x1, 0x19, &(0x7f00000001c0)='team_slave_1\x00', 0x10) sendmsg$IPVS_CMD_DEL_SERVICE(0xffffffffffffffff, 0x0, 0x4081) setsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x20, &(0x7f0000000480)={@private1={0xfc, 0x1, '\x00', 0x1}, 0xfff, 0x1, 0xff, 0x14, 0x6, 0xd0e}, 0x20) ioctl$PIO_SCRNMAP(r2, 0x4b41, &(0x7f0000000340)="74c446096c55cdac8597584a59587975a61083a4ab898472040a5e1bdf9208e51fe7d9cae4dd81391258a4e9756060a8c87cb35f63da2faf4919eb8d2f1536c24eee0744a066fbfa75a2507018a313a0d82d8b73410519a2425e945b52d9bad6fa589e9c7a3c076ae84b394f65ecf9b005b5ab2a100976d25a30a3177d18008cc084b56d8db97c0660a4203e8b1c") 09:02:52 executing program 5: r0 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_inet_SIOCGIFADDR(r0, 0x8915, &(0x7f0000000080)={'sit0\x00', {0x2, 0x0, @local}}) r1 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_inet_SIOCGIFADDR(r1, 0x8915, &(0x7f0000000080)={'sit0\x00', {0x2, 0x0, @local}}) 09:02:52 executing program 5: r0 = socket$packet(0x11, 0x3, 0x300) syz_emit_ethernet(0x46, &(0x7f0000000040)=ANY=[], 0x0) recvmsg(r0, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0) ioctl$SIOCGSTAMPNS(r0, 0x8907, &(0x7f0000000080)) 09:02:52 executing program 7: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_80211_inject_frame(&(0x7f0000000300), &(0x7f0000000600)=@mgmt_frame=@probe_response={@wo_ht={{}, {}, @device_b, @device_a, @from_mac}, 0x0, @default, 0x0, @val={0x0, 0x6, @default_ap_ssid}, @val, @val={0x3, 0x1}, @void, @void, @void, @val={0x72, 0x6}, @void}, 0x39) r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000140)='/sys/power/reserved_size', 0x40201, 0x24) stat(&(0x7f0000000540)='./file0\x00', &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0}) setresuid(0x0, r1, 0x0) fchown(r0, r1, 0x0) r2 = getpid() sched_setscheduler(r2, 0x2, &(0x7f0000000580)=0x6) ioprio_get$pid(0x1, r2) 09:02:52 executing program 6: syz_io_uring_submit(0x0, 0x0, &(0x7f0000000240)=@IORING_OP_ASYNC_CANCEL={0xe, 0x0, 0x0, 0x0, 0x0, 0x1}, 0xd5) r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f00000001c0)={0x0, 0x80, 0x3, 0x9, 0x0, 0x15, 0x0, 0x3, 0x10100, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x80, 0x4, @perf_bp={&(0x7f0000000180), 0x9}, 0x8464, 0x8000, 0x7ff, 0x6, 0x1, 0x200, 0x0, 0x0, 0x0, 0x0, 0x5}, 0xffffffffffffffff, 0x4, r0, 0xa) perf_event_open(&(0x7f0000000580)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0x7, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) lseek(r1, 0xfffffffffffffffc, 0x0) r2 = openat(0xffffffffffffffff, &(0x7f00000002c0)='./file0\x00', 0x84000, 0x185) move_mount(r1, &(0x7f0000000280)='./file0\x00', r2, &(0x7f0000000300)='./file0\x00', 0x21) 09:02:52 executing program 3: openat$sr(0xffffffffffffff9c, &(0x7f0000003780), 0x800, 0x0) 09:02:52 executing program 4: r0 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$inet6_int(r0, 0x29, 0x2, 0x0, 0x0) [ 335.324415] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 335.478387] random: crng reseeded on system resumption [ 336.392226] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 09:02:53 executing program 5: r0 = socket$netlink(0x10, 0x3, 0x0) read(r0, 0x0, 0xfffffffffffffd95) 09:02:53 executing program 2: openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) signalfd(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x76, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_DISABLE(0xffffffffffffffff, 0x2401, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x2400, 0x0) syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f00000000c0)='ramfs\x00', 0x14481, 0x0) setresuid(0x0, 0x0, 0x0) rmdir(&(0x7f0000000000)='./file0/file0\x00') 09:02:53 executing program 4: r0 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$inet6_int(r0, 0x29, 0x2, 0x0, 0x0) 09:02:53 executing program 0: r0 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_inet_SIOCGIFADDR(r0, 0x8915, &(0x7f0000000080)={'sit0\x00', {0x2, 0x0, @local}}) r1 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_inet_SIOCGIFADDR(r1, 0x891c, &(0x7f0000000080)={'sit0\x00', {0x2, 0x0, @local}}) 09:02:53 executing program 1: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000580)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f00000002c0)={0xa, 0x4e20, 0xfffffffe, @empty}, 0x1c) r1 = socket$inet6(0xa, 0x1, 0x0) r2 = dup3(0xffffffffffffffff, r1, 0x0) bind$inet6(r1, &(0x7f0000000040)={0xa, 0x4e21, 0x9, @mcast1, 0x8}, 0x1c) r3 = socket$inet6_udp(0xa, 0x2, 0x0) dup(r3) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r3, 0x29, 0x20, &(0x7f0000000100)={@loopback, 0xfff, 0x2, 0x2, 0x6, 0x5c2, 0x3}, 0x20) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) sendmmsg$inet6(r0, &(0x7f0000000200)=[{{0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000300)="a8", 0x1}], 0x1}}], 0x1, 0x90) setsockopt$SO_BINDTODEVICE(r3, 0x1, 0x19, &(0x7f00000001c0)='team_slave_1\x00', 0x10) sendmsg$IPVS_CMD_DEL_SERVICE(0xffffffffffffffff, 0x0, 0x4081) setsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x20, &(0x7f0000000480)={@private1={0xfc, 0x1, '\x00', 0x1}, 0xfff, 0x1, 0xff, 0x14, 0x6, 0xd0e}, 0x20) ioctl$PIO_SCRNMAP(r2, 0x4b41, &(0x7f0000000340)="74c446096c55cdac8597584a59587975a61083a4ab898472040a5e1bdf9208e51fe7d9cae4dd81391258a4e9756060a8c87cb35f63da2faf4919eb8d2f1536c24eee0744a066fbfa75a2507018a313a0d82d8b73410519a2425e945b52d9bad6fa589e9c7a3c076ae84b394f65ecf9b005b5ab2a100976d25a30a3177d18008cc084b56d8db97c0660a4203e8b1c") 09:02:53 executing program 6: syz_io_uring_submit(0x0, 0x0, &(0x7f0000000240)=@IORING_OP_ASYNC_CANCEL={0xe, 0x0, 0x0, 0x0, 0x0, 0x1}, 0xd5) r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f00000001c0)={0x0, 0x80, 0x3, 0x9, 0x0, 0x15, 0x0, 0x3, 0x10100, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x80, 0x4, @perf_bp={&(0x7f0000000180), 0x9}, 0x8464, 0x8000, 0x7ff, 0x6, 0x1, 0x200, 0x0, 0x0, 0x0, 0x0, 0x5}, 0xffffffffffffffff, 0x4, r0, 0xa) perf_event_open(&(0x7f0000000580)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0x7, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) lseek(r1, 0xfffffffffffffffc, 0x0) r2 = openat(0xffffffffffffffff, &(0x7f00000002c0)='./file0\x00', 0x84000, 0x185) move_mount(r1, &(0x7f0000000280)='./file0\x00', r2, &(0x7f0000000300)='./file0\x00', 0x21) 09:02:53 executing program 3: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000140)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffd) keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r0, &(0x7f0000000080)='asymmetric\x00', &(0x7f0000001700)=@keyring) 09:02:54 executing program 7: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_80211_inject_frame(&(0x7f0000000300), &(0x7f0000000600)=@mgmt_frame=@probe_response={@wo_ht={{}, {}, @device_b, @device_a, @from_mac}, 0x0, @default, 0x0, @val={0x0, 0x6, @default_ap_ssid}, @val, @val={0x3, 0x1}, @void, @void, @void, @val={0x72, 0x6}, @void}, 0x39) r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000140)='/sys/power/reserved_size', 0x40201, 0x24) stat(&(0x7f0000000540)='./file0\x00', &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0}) setresuid(0x0, r1, 0x0) fchown(r0, r1, 0x0) r2 = getpid() sched_setscheduler(r2, 0x2, &(0x7f0000000580)=0x6) ioprio_get$pid(0x1, r2) 09:02:54 executing program 5: r0 = epoll_create(0x4) r1 = openat$random(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000000)) [ 336.597671] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 09:02:54 executing program 2: r0 = fsopen(&(0x7f0000000080)='pipefs\x00', 0x0) r1 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) close_range(r0, r1, 0x4) 09:02:54 executing program 5: socketpair(0x0, 0x0, 0x0, &(0x7f0000000880)) 09:02:54 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f000000000000000200000006000000000008000080000020000000d6f4655fd6f4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000000040)) 09:02:54 executing program 4: r0 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$inet6_int(r0, 0x29, 0x2, 0x0, 0x0) 09:02:54 executing program 5: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000340)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x40, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$packet(0x11, 0x2, 0x300) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'syz_tun\x00', 0x0}) setsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x20, &(0x7f0000000000)={@rand_addr=0x64010102, @empty, r1}, 0xc) setsockopt$packet_add_memb(r0, 0x107, 0x1, &(0x7f0000000080)={r1, 0x1, 0x6}, 0x10) r2 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$sock_timeval(r2, 0x1, 0x49, &(0x7f0000000000)={0x77359400}, 0x10) [ 337.104793] loop3: detected capacity change from 0 to 4 [ 337.127696] EXT4-fs (loop3): Can't read superblock on 2nd try [ 337.145607] loop3: detected capacity change from 0 to 4 09:02:55 executing program 0: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) symlink(&(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='./file1\x00') link(&(0x7f0000001200)='./file1\x00', &(0x7f0000001240)='./file0\x00') 09:02:55 executing program 4: r0 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$inet6_int(r0, 0x29, 0x2, 0x0, 0x0) 09:02:55 executing program 0: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) symlink(&(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='./file1\x00') link(&(0x7f0000001200)='./file1\x00', &(0x7f0000001240)='./file0\x00') [ 339.257808] random: crng reseeded on system resumption 09:02:57 executing program 1: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000580)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f00000002c0)={0xa, 0x4e20, 0xfffffffe, @empty}, 0x1c) r1 = socket$inet6(0xa, 0x1, 0x0) r2 = dup3(0xffffffffffffffff, r1, 0x0) bind$inet6(r1, &(0x7f0000000040)={0xa, 0x4e21, 0x9, @mcast1, 0x8}, 0x1c) r3 = socket$inet6_udp(0xa, 0x2, 0x0) dup(r3) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r3, 0x29, 0x20, &(0x7f0000000100)={@loopback, 0xfff, 0x2, 0x2, 0x6, 0x5c2, 0x3}, 0x20) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) sendmmsg$inet6(r0, &(0x7f0000000200)=[{{0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000300)="a8", 0x1}], 0x1}}], 0x1, 0x90) setsockopt$SO_BINDTODEVICE(r3, 0x1, 0x19, &(0x7f00000001c0)='team_slave_1\x00', 0x10) sendmsg$IPVS_CMD_DEL_SERVICE(0xffffffffffffffff, 0x0, 0x4081) setsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x20, &(0x7f0000000480)={@private1={0xfc, 0x1, '\x00', 0x1}, 0xfff, 0x1, 0xff, 0x14, 0x6, 0xd0e}, 0x20) ioctl$PIO_SCRNMAP(r2, 0x4b41, &(0x7f0000000340)="74c446096c55cdac8597584a59587975a61083a4ab898472040a5e1bdf9208e51fe7d9cae4dd81391258a4e9756060a8c87cb35f63da2faf4919eb8d2f1536c24eee0744a066fbfa75a2507018a313a0d82d8b73410519a2425e945b52d9bad6fa589e9c7a3c076ae84b394f65ecf9b005b5ab2a100976d25a30a3177d18008cc084b56d8db97c0660a4203e8b1c") 09:02:57 executing program 4: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) symlink(&(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='./file1\x00') link(&(0x7f0000001200)='./file1\x00', &(0x7f0000001240)='./file0\x00') 09:02:57 executing program 0: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) symlink(&(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='./file1\x00') link(&(0x7f0000001200)='./file1\x00', &(0x7f0000001240)='./file0\x00') 09:02:57 executing program 6: syz_io_uring_submit(0x0, 0x0, &(0x7f0000000240)=@IORING_OP_ASYNC_CANCEL={0xe, 0x0, 0x0, 0x0, 0x0, 0x1}, 0xd5) r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f00000001c0)={0x0, 0x80, 0x3, 0x9, 0x0, 0x15, 0x0, 0x3, 0x10100, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x80, 0x4, @perf_bp={&(0x7f0000000180), 0x9}, 0x8464, 0x8000, 0x7ff, 0x6, 0x1, 0x200, 0x0, 0x0, 0x0, 0x0, 0x5}, 0xffffffffffffffff, 0x4, r0, 0xa) perf_event_open(&(0x7f0000000580)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0x7, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) lseek(r1, 0xfffffffffffffffc, 0x0) r2 = openat(0xffffffffffffffff, &(0x7f00000002c0)='./file0\x00', 0x84000, 0x185) move_mount(r1, &(0x7f0000000280)='./file0\x00', r2, &(0x7f0000000300)='./file0\x00', 0x21) 09:02:57 executing program 2: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='configfs\x00', 0x0, 0x0) r0 = open(&(0x7f00000000c0)='./file0\x00', 0x0, 0x0) move_mount(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', r0, &(0x7f0000000240)='./file0/file0\x00', 0x0) 09:02:57 executing program 7: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_80211_inject_frame(&(0x7f0000000300), &(0x7f0000000600)=@mgmt_frame=@probe_response={@wo_ht={{}, {}, @device_b, @device_a, @from_mac}, 0x0, @default, 0x0, @val={0x0, 0x6, @default_ap_ssid}, @val, @val={0x3, 0x1}, @void, @void, @void, @val={0x72, 0x6}, @void}, 0x39) r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000140)='/sys/power/reserved_size', 0x40201, 0x24) stat(&(0x7f0000000540)='./file0\x00', &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0}) setresuid(0x0, r1, 0x0) fchown(r0, r1, 0x0) r2 = getpid() sched_setscheduler(r2, 0x2, &(0x7f0000000580)=0x6) ioprio_get$pid(0x1, r2) [ 339.660473] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 09:02:57 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) fallocate(r0, 0x0, 0x0, 0x87ffffc) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x2000002, 0x13, r1, 0x0) perf_event_open(&(0x7f0000001840)={0x2, 0x80, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) madvise(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x17) 09:02:57 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f000000000000000200000006000000000008000080000020000000d6f4655fd6f4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000000040)) [ 339.726154] loop3: detected capacity change from 0 to 4 [ 339.735208] EXT4-fs (loop3): Can't read superblock on 2nd try [ 339.776661] random: crng reseeded on system resumption 09:02:57 executing program 0: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) symlink(&(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='./file1\x00') link(&(0x7f0000001200)='./file1\x00', &(0x7f0000001240)='./file0\x00') 09:02:57 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f000000000000000200000006000000000008000080000020000000d6f4655fd6f4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000000040)) 09:02:57 executing program 4: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) symlink(&(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='./file1\x00') link(&(0x7f0000001200)='./file1\x00', &(0x7f0000001240)='./file0\x00') [ 339.925912] loop3: detected capacity change from 0 to 4 [ 339.929199] EXT4-fs (loop3): Can't read superblock on 2nd try 09:02:57 executing program 0: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000100)=[{0x6}]}) socketpair(0x0, 0x0, 0x0, 0x0) close_range(r0, 0xffffffffffffffff, 0x0) [ 339.983743] audit: type=1326 audit(1730710977.502:12): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=13146 comm="syz-executor.0" exe="/syz-executor.0" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f1dc6b94b19 code=0x0 09:02:57 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f000000000000000200000006000000000008000080000020000000d6f4655fd6f4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000000040)) 09:02:57 executing program 7: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_80211_inject_frame(&(0x7f0000000300), &(0x7f0000000600)=@mgmt_frame=@probe_response={@wo_ht={{}, {}, @device_b, @device_a, @from_mac}, 0x0, @default, 0x0, @val={0x0, 0x6, @default_ap_ssid}, @val, @val={0x3, 0x1}, @void, @void, @void, @val={0x72, 0x6}, @void}, 0x39) r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000140)='/sys/power/reserved_size', 0x40201, 0x24) stat(&(0x7f0000000540)='./file0\x00', &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0}) setresuid(0x0, r1, 0x0) fchown(r0, r1, 0x0) r2 = getpid() sched_setscheduler(r2, 0x2, &(0x7f0000000580)=0x6) ioprio_get$pid(0x1, r2) 09:02:57 executing program 2: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='configfs\x00', 0x0, 0x0) r0 = open(&(0x7f00000000c0)='./file0\x00', 0x0, 0x0) move_mount(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', r0, &(0x7f0000000240)='./file0/file0\x00', 0x0) 09:02:57 executing program 6: syz_io_uring_submit(0x0, 0x0, &(0x7f0000000240)=@IORING_OP_ASYNC_CANCEL={0xe, 0x0, 0x0, 0x0, 0x0, 0x1}, 0xd5) r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f00000001c0)={0x0, 0x80, 0x3, 0x9, 0x0, 0x15, 0x0, 0x3, 0x10100, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x80, 0x4, @perf_bp={&(0x7f0000000180), 0x9}, 0x8464, 0x8000, 0x7ff, 0x6, 0x1, 0x200, 0x0, 0x0, 0x0, 0x0, 0x5}, 0xffffffffffffffff, 0x4, r0, 0xa) perf_event_open(&(0x7f0000000580)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0x7, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) lseek(r1, 0xfffffffffffffffc, 0x0) r2 = openat(0xffffffffffffffff, &(0x7f00000002c0)='./file0\x00', 0x84000, 0x185) move_mount(r1, &(0x7f0000000280)='./file0\x00', r2, &(0x7f0000000300)='./file0\x00', 0x21) [ 340.110463] loop3: detected capacity change from 0 to 4 [ 340.128459] EXT4-fs (loop3): Can't read superblock on 2nd try [ 340.270735] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 340.504736] random: crng reseeded on system resumption [ 351.601336] Bluetooth: hci0: command 0x0406 tx timeout [ 355.634014] Bluetooth: hci4: command 0x0406 tx timeout [ 355.635245] Bluetooth: hci6: command 0x0406 tx timeout [ 355.826236] Bluetooth: hci1: command 0x0406 tx timeout 09:03:29 executing program 4: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) symlink(&(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='./file1\x00') link(&(0x7f0000001200)='./file1\x00', &(0x7f0000001240)='./file0\x00') 09:03:29 executing program 1: keyctl$search(0x2, 0x0, 0x0, &(0x7f0000000100)={'syz', 0x1}, 0x0) 09:03:29 executing program 0: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000100)=[{0x6}]}) socketpair(0x0, 0x0, 0x0, 0x0) close_range(r0, 0xffffffffffffffff, 0x0) 09:03:29 executing program 3: rmdir(&(0x7f0000000000)='./file1\x00') 09:03:29 executing program 5: r0 = syz_open_dev$tty20(0xc, 0x4, 0x0) r1 = dup2(r0, r0) ioctl$PIO_UNIMAP(r1, 0x4b66, &(0x7f0000000e00)={0x0, 0x0}) 09:03:29 executing program 7: r0 = signalfd4(0xffffffffffffffff, &(0x7f00000000c0), 0x8, 0x800) read(r0, &(0x7f00000002c0)=""/151, 0x97) 09:03:29 executing program 2: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='configfs\x00', 0x0, 0x0) r0 = open(&(0x7f00000000c0)='./file0\x00', 0x0, 0x0) move_mount(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', r0, &(0x7f0000000240)='./file0/file0\x00', 0x0) 09:03:29 executing program 6: syz_emit_ethernet(0x36, &(0x7f0000000080)={@local, @random="2722b090ea1b", @void, {@ipv6={0x86dd, @generic={0x0, 0x6, "d138be", 0x0, 0x2f, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @empty}}}}, 0x0) [ 372.434510] audit: type=1326 audit(1730711009.948:13): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=13171 comm="syz-executor.0" exe="/syz-executor.0" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f1dc6b94b19 code=0x0 09:03:30 executing program 1: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = perf_event_open(&(0x7f0000000580)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x1010c2, 0x0) r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000100)='/proc/crypto\x00', 0x0, 0x0) sendfile(0xffffffffffffffff, r0, &(0x7f0000000280), 0x8000) sendfile(r1, r2, 0x0, 0x10000027f) r3 = gettid() syz_open_procfs(r3, 0x0) gettid() 09:03:30 executing program 3: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$TCFLSH(r0, 0x80045440, 0xf0ff1f00000000) 09:03:30 executing program 7: syz_genetlink_get_family_id$mptcp(&(0x7f0000001680), 0xffffffffffffffff) socket$nl_generic(0x10, 0x3, 0x10) 09:03:30 executing program 2: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='configfs\x00', 0x0, 0x0) r0 = open(&(0x7f00000000c0)='./file0\x00', 0x0, 0x0) move_mount(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', r0, &(0x7f0000000240)='./file0/file0\x00', 0x0) 09:03:30 executing program 5: r0 = syz_open_dev$tty20(0xc, 0x4, 0x0) r1 = dup2(r0, r0) ioctl$PIO_UNIMAP(r1, 0x4b66, &(0x7f0000000e00)={0x0, 0x0}) 09:03:30 executing program 6: syz_emit_ethernet(0x36, &(0x7f0000000080)={@local, @random="2722b090ea1b", @void, {@ipv6={0x86dd, @generic={0x0, 0x6, "d138be", 0x0, 0x2f, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @empty}}}}, 0x0) 09:03:30 executing program 5: r0 = syz_open_dev$tty20(0xc, 0x4, 0x0) r1 = dup2(r0, r0) ioctl$PIO_UNIMAP(r1, 0x4b66, &(0x7f0000000e00)={0x0, 0x0}) 09:03:30 executing program 4: r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x3}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmat(0x0, &(0x7f0000ff3000/0x4000)=nil, 0x4000) ioctl$PERF_EVENT_IOC_REFRESH(r0, 0x2402, 0x0) r1 = shmget$private(0x0, 0x4000, 0x0, &(0x7f0000ff8000/0x4000)=nil) shmctl$IPC_RMID(0x0, 0x0) shmctl$IPC_RMID(r1, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x2000000000000000}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) madvise(&(0x7f0000ff7000/0x1000)=nil, 0x1000, 0x15) shmctl$IPC_RMID(0xffffffffffffffff, 0x0) ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000300)=ANY=[]) sendfile(r0, 0xffffffffffffffff, 0x0, 0x0) r2 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) ioctl$TIOCSTI(r2, 0x5412, &(0x7f00000004c0)=0xff) r3 = socket$inet6_udp(0xa, 0x2, 0x0) r4 = dup(r3) connect$inet6(r4, &(0x7f00000000c0)={0xa, 0x0, 0x0, @mcast2, 0x2}, 0x1c) connect$inet6(r4, &(0x7f0000000200)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @dev}}, 0x1c) sendmmsg$inet6(r4, &(0x7f0000002880), 0x4000101, 0x0) perf_event_open(0x0, 0x0, 0x1, 0xffffffffffffffff, 0x8) 09:03:30 executing program 3: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) getrlimit(0x0, &(0x7f0000000000)) 09:03:30 executing program 6: syz_emit_ethernet(0x36, &(0x7f0000000080)={@local, @random="2722b090ea1b", @void, {@ipv6={0x86dd, @generic={0x0, 0x6, "d138be", 0x0, 0x2f, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @empty}}}}, 0x0) 09:03:30 executing program 5: r0 = syz_open_dev$tty20(0xc, 0x4, 0x0) r1 = dup2(r0, r0) ioctl$PIO_UNIMAP(r1, 0x4b66, &(0x7f0000000e00)={0x0, 0x0}) 09:03:31 executing program 5: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0xc0c0583b, &(0x7f0000000500)=ANY=[@ANYBLOB="0000000000000100000000000000000000000000000040000000000000000000000000000000000000000000000000523288b38851b39500000000000000ff070000ff01000006000000000000000700000000000000cc90000000000000080000000000000000000000000000000000000000000c000000000000002e09fb000000ff0700000100000000000a000000000000000000c656786500000000070000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000061133fa6006ee93fe2662ed4e800b2536f726b5aa23d4ff96a8d28c30cfc608084f90880ba4669563ec10bbb2672c50ac2fa93413095a593f471f7baf54741c64099495f53fc00350a6a2ee9aabfd1ba8af8403c5e30a935393101c6c019adcb685f9ce49fe3496ac33e4b707d1ccef10a65b6fffd513f82bac98e389cfd397500d50cad3209eaa83aebd987f874147b8abf82cf4acedfdcb95a1d0f4461cb6db07ad4cfa57ea1f4f8c5644c61c8dbbbe7a03ae5fceb8b1613ea8feab6e1ffc7df72028f68cfbef8fb1276c45e73c4d135d4ada381b5ffb6400bf5446ba759da25519fe01fbb83d351a87609"]) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000340)) r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0) ioctl$FAT_IOCTL_GET_VOLUME_ID(r0, 0x80047213, &(0x7f00000004c0)) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x301042, 0x0) r2 = openat$incfs(r1, &(0x7f0000000380)='.pending_reads\x00', 0x31b200, 0x44) ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000300)=0x4) pwrite64(r1, &(0x7f0000000080)="ee7b", 0x2, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) r3 = dup(r1) ioctl$TIOCVHANGUP(r3, 0x5437, 0x0) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x200000a, 0x1010, r1, 0x29287000) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x1, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 09:03:31 executing program 0: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000100)=[{0x6}]}) socketpair(0x0, 0x0, 0x0, 0x0) close_range(r0, 0xffffffffffffffff, 0x0) 09:03:31 executing program 3: perf_event_open(&(0x7f0000000080)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x3d, &(0x7f0000000080)={0x0, 0x0}, 0x8) 09:03:31 executing program 6: syz_emit_ethernet(0x36, &(0x7f0000000080)={@local, @random="2722b090ea1b", @void, {@ipv6={0x86dd, @generic={0x0, 0x6, "d138be", 0x0, 0x2f, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @empty}}}}, 0x0) 09:03:31 executing program 7: setrlimit(0x9, &(0x7f0000000000)) io_setup(0x3f, &(0x7f0000000200)) 09:03:31 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmmsg$inet(r0, &(0x7f0000002f00)=[{{0x0, 0x0, &(0x7f0000000c40)=[{&(0x7f0000000740)="a982068a8a95833153b8c0dd2ab421befd97133d63087cd914c268b9061ca135bcf07689ec0c870f3576e42c8ddcdb45ecd031e0a3b56fd09310253326689c7a5107d94441b420a1aff118e80418bbbbc57d56bf1b30a7329c4f083438fa7d41031d50c2f5cc1816fbc12767b27d901af4d91cd25850c2509f37508493246e39f04b8e70cf03ae6537e0c7ae96a019623053a69b67d0528bdc322e367bb8d25c4edf0fad0df250eb912123e5c7bf564cb757e92cc41a7db8246c737b862d3b33c6d586946c5c9a0abb7cccfa0d23cd4a0a4c21", 0xd3}, {&(0x7f0000000840)="c9e22564c6de25eca91c6806534c6a3c77fb5f117a768dd87dbe83c179bffa10ac09310904191da868", 0x29}, {0x0}, {&(0x7f00000008c0)="8d1ddec9b91d12c43376d6fe2d8ff546d172f864f3749a4f25a1e19781dfce4554c54fe9b89d", 0x26}, {&(0x7f0000000900)="260359a944f8fe3bc153a54e94b4709da0d85d904ab00232a2ed98eb6e1998", 0x1f}], 0x5}}, {{&(0x7f0000000cc0)={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, 0x0, 0x0, &(0x7f00000011c0)=[@ip_ttl={{0x14}}, @ip_tos_int={{0x14}}], 0x30}}], 0x2, 0x0) 09:03:31 executing program 1: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = perf_event_open(&(0x7f0000000580)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x1010c2, 0x0) r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000100)='/proc/crypto\x00', 0x0, 0x0) sendfile(0xffffffffffffffff, r0, &(0x7f0000000280), 0x8000) sendfile(r1, r2, 0x0, 0x10000027f) r3 = gettid() syz_open_procfs(r3, 0x0) gettid() 09:03:31 executing program 4: r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x3}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmat(0x0, &(0x7f0000ff3000/0x4000)=nil, 0x4000) ioctl$PERF_EVENT_IOC_REFRESH(r0, 0x2402, 0x0) r1 = shmget$private(0x0, 0x4000, 0x0, &(0x7f0000ff8000/0x4000)=nil) shmctl$IPC_RMID(0x0, 0x0) shmctl$IPC_RMID(r1, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x2000000000000000}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) madvise(&(0x7f0000ff7000/0x1000)=nil, 0x1000, 0x15) shmctl$IPC_RMID(0xffffffffffffffff, 0x0) ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000300)=ANY=[]) sendfile(r0, 0xffffffffffffffff, 0x0, 0x0) r2 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) ioctl$TIOCSTI(r2, 0x5412, &(0x7f00000004c0)=0xff) r3 = socket$inet6_udp(0xa, 0x2, 0x0) r4 = dup(r3) connect$inet6(r4, &(0x7f00000000c0)={0xa, 0x0, 0x0, @mcast2, 0x2}, 0x1c) connect$inet6(r4, &(0x7f0000000200)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @dev}}, 0x1c) sendmmsg$inet6(r4, &(0x7f0000002880), 0x4000101, 0x0) perf_event_open(0x0, 0x0, 0x1, 0xffffffffffffffff, 0x8) [ 373.742814] Zero length message leads to an empty skb [ 373.850256] audit: type=1326 audit(1730711011.359:14): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=13226 comm="syz-executor.0" exe="/syz-executor.0" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f1dc6b94b19 code=0x0 09:03:31 executing program 2: r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x3}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmat(0x0, &(0x7f0000ff3000/0x4000)=nil, 0x4000) ioctl$PERF_EVENT_IOC_REFRESH(r0, 0x2402, 0x0) r1 = shmget$private(0x0, 0x4000, 0x0, &(0x7f0000ff8000/0x4000)=nil) shmctl$IPC_RMID(0x0, 0x0) shmctl$IPC_RMID(r1, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x2000000000000000}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) madvise(&(0x7f0000ff7000/0x1000)=nil, 0x1000, 0x15) shmctl$IPC_RMID(0xffffffffffffffff, 0x0) ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000300)=ANY=[]) sendfile(r0, 0xffffffffffffffff, 0x0, 0x0) r2 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) ioctl$TIOCSTI(r2, 0x5412, &(0x7f00000004c0)=0xff) r3 = socket$inet6_udp(0xa, 0x2, 0x0) r4 = dup(r3) connect$inet6(r4, &(0x7f00000000c0)={0xa, 0x0, 0x0, @mcast2, 0x2}, 0x1c) connect$inet6(r4, &(0x7f0000000200)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @dev}}, 0x1c) sendmmsg$inet6(r4, &(0x7f0000002880), 0x4000101, 0x0) perf_event_open(0x0, 0x0, 0x1, 0xffffffffffffffff, 0x8) 09:03:31 executing program 3: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) setpriority(0x0, 0x0, 0x0) 09:03:31 executing program 7: syz_emit_ethernet(0x50, &(0x7f0000000180)={@multicast, @local, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "2ddc20", 0x1a, 0x3a, 0xff, @local, @local, {[], @ndisc_na={0x88, 0x0, 0x0, 0x0, '\x00', @loopback, [{}]}}}}}}, 0x0) 09:03:31 executing program 6: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0xa, 0x0) ioctl$sock_inet_SIOCDARP(r0, 0x8953, &(0x7f0000002440)={{0x2, 0x0, @loopback}, {0x0, @dev}, 0x18, {0x2, 0x0, @broadcast}, 'lo\x00'}) 09:03:31 executing program 1: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = perf_event_open(&(0x7f0000000580)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x1010c2, 0x0) r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000100)='/proc/crypto\x00', 0x0, 0x0) sendfile(0xffffffffffffffff, r0, &(0x7f0000000280), 0x8000) sendfile(r1, r2, 0x0, 0x10000027f) r3 = gettid() syz_open_procfs(r3, 0x0) gettid() 09:03:31 executing program 7: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xcc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x3c, &(0x7f0000000080)={0x0, &(0x7f0000000300)}, 0x10) 09:03:32 executing program 3: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_group_source_req(r0, 0x0, 0x2e, &(0x7f0000004b80)={0x1, {{0x2, 0x0, @multicast1}}}, 0x108) setsockopt$inet_group_source_req(r0, 0x0, 0x2f, &(0x7f0000004b80)={0x2, {{0x2, 0x0, @multicast1}}, {{0x2, 0x0, @private}}}, 0x108) [ 374.873409] syz-executor.6 uses obsolete (PF_INET,SOCK_PACKET) 09:03:32 executing program 0: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000100)=[{0x6}]}) socketpair(0x0, 0x0, 0x0, 0x0) close_range(r0, 0xffffffffffffffff, 0x0) [ 375.069826] audit: type=1326 audit(1730711012.586:15): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=13258 comm="syz-executor.0" exe="/syz-executor.0" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f1dc6b94b19 code=0x0 [ 400.696679] watchdog: BUG: soft lockup - CPU#0 stuck for 26s! [syz-executor.5:13229] [ 400.697441] Modules linked in: [ 400.697737] irq event stamp: 2882311 [ 400.698055] hardirqs last enabled at (2882310): [] irqentry_exit+0x3b/0x90 [ 400.698819] hardirqs last disabled at (2882311): [] sysvec_apic_timer_interrupt+0xf/0x80 [ 400.700318] softirqs last enabled at (2828832): [] handle_softirqs+0x50c/0x770 [ 400.703887] softirqs last disabled at (2828835): [] irq_exit_rcu+0x94/0xc0 [ 400.704604] CPU: 0 UID: 0 PID: 13229 Comm: syz-executor.5 Not tainted 6.12.0-rc5-next-20241104 #1 [ 400.705359] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 400.706041] RIP: 0010:__copy_skb_header+0x2/0x5a0 [ 400.706498] Code: 1a fd fd e9 a6 fe ff ff e8 8b 1a fd fd e9 c5 fe ff ff 66 0f 1f 44 00 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 41 56 <41> 55 41 54 55 48 89 f5 53 48 89 fb e8 fd 3c c3 fd 48 8d 7d 20 48 [ 400.707976] RSP: 0018:ffff88806ce09ad0 EFLAGS: 00000246 [ 400.708442] RAX: 0000000000000000 RBX: ffff888014c3bdc0 RCX: ffffffff838eb16d [ 400.709047] RDX: ffff88803c875280 RSI: ffff888014c3bc80 RDI: ffff888014c3bdc0 [ 400.709647] RBP: ffff888014c3bc80 R08: 01032418120c968b R09: 3004320000020601 [ 400.710251] R10: 0000000000000000 R11: 00010002f2500007 R12: ffff888014c3bdc0 [ 400.710855] R13: ffff888014c3bcf0 R14: 0000000000000000 R15: ffff888014c3bcf0 [ 400.711458] FS: 00007f75dff6a700(0000) GS:ffff88806ce00000(0000) knlGS:0000000000000000 [ 400.712135] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 400.712635] CR2: 00007fd80f85e7e0 CR3: 0000000007222000 CR4: 0000000000350ef0 [ 400.713243] Call Trace: [ 400.713477] [ 400.713683] ? watchdog_timer_fn+0x3ee/0x510 [ 400.714100] ? __pfx_watchdog_timer_fn+0x10/0x10 [ 400.714546] ? __hrtimer_run_queues+0x57c/0xa70 [ 400.714996] ? __pfx___hrtimer_run_queues+0x10/0x10 [ 400.715456] ? ktime_get_update_offsets_now+0x260/0x3c0 [ 400.715943] ? hrtimer_interrupt+0x2f2/0x750 [ 400.716380] ? __sysvec_apic_timer_interrupt+0xc2/0x330 [ 400.716859] ? sysvec_apic_timer_interrupt+0x34/0x80 [ 400.717331] ? asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 400.717837] ? skb_copy+0x2dd/0x3b0 [ 400.718202] ? __copy_skb_header+0x2/0x5a0 [ 400.718613] skb_copy_header+0x20/0x2b0 [ 400.719000] skb_copy+0x2f1/0x3b0 [ 400.719346] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 400.719830] mac80211_hwsim_tx_frame_no_nl.isra.0+0xafb/0x1320 [ 400.720395] ? __pfx_mac80211_hwsim_tx_frame_no_nl.isra.0+0x10/0x10 [ 400.720979] ? mac80211_hwsim_monitor_rx+0x190/0x820 [ 400.721458] ? srso_return_thunk+0x5/0x5f [ 400.721854] ? mac80211_hwsim_monitor_rx+0x1be/0x820 [ 400.722331] mac80211_hwsim_tx_frame+0x1ee/0x2a0 [ 400.722785] mac80211_hwsim_beacon_tx+0x546/0x950 [ 400.723247] ? __iterate_interfaces+0x141/0x650 [ 400.723678] __iterate_interfaces+0x2e0/0x650 [ 400.724084] ? __pfx_mac80211_hwsim_beacon_tx+0x10/0x10 [ 400.724580] ? __pfx_mac80211_hwsim_beacon_tx+0x10/0x10 [ 400.725080] ieee80211_iterate_active_interfaces_atomic+0x71/0x1b0 [ 400.725637] mac80211_hwsim_beacon+0x105/0x200 [ 400.726058] ? __pfx_mac80211_hwsim_beacon+0x10/0x10 [ 400.726522] __hrtimer_run_queues+0x1ab/0xa70 [ 400.726956] ? __pfx___hrtimer_run_queues+0x10/0x10 [ 400.727415] ? ktime_get_update_offsets_now+0x260/0x3c0 [ 400.727900] hrtimer_run_softirq+0x14c/0x310 [ 400.728321] handle_softirqs+0x1b1/0x770 [ 400.728702] irq_exit_rcu+0x94/0xc0 [ 400.729052] sysvec_apic_timer_interrupt+0x70/0x80 [ 400.729506] [ 400.729716] [ 400.729929] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 400.730406] RIP: 0010:free_unref_page_commit+0xa/0xd40 [ 400.730886] Code: 5d 41 5c 41 5d 41 5e 41 5f e9 92 ed 02 03 66 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 48 b8 00 00 00 00 00 fc ff df <41> 57 41 89 cf 44 89 c1 41 56 41 55 49 89 d5 41 54 49 89 f4 55 48 [ 400.732353] RSP: 0018:ffff8880410777f0 EFLAGS: 00000286 [ 400.732819] RAX: dffffc0000000000 RBX: 0000000000000001 RCX: 0000000000000002 [ 400.733427] RDX: ffffea000068e880 RSI: ffff88806ce41500 RDI: ffff88807ffdcb80 [ 400.734027] RBP: ffff88806ce41500 R08: 0000000000000000 R09: fffffbfff0fdc5e4 [ 400.734624] R10: ffffffff87ee2f27 R11: 0000000000000000 R12: ffff88807ffdcb80 [ 400.735227] R13: 000000000001a3a2 R14: 0000000000000000 R15: ffffea000068e880 [ 400.735851] free_unref_page+0x55e/0xc40 [ 400.736255] qlist_free_all+0x50/0x160 [ 400.736620] ? security_prepare_creds+0x101/0x160 [ 400.737078] kasan_quarantine_reduce+0x19f/0x240 [ 400.737511] __kasan_kmalloc+0x6f/0x90 [ 400.737877] __kmalloc_noprof+0x1f7/0x4b0 [ 400.738280] ? alloc_slab_page+0x71/0x100 [ 400.738675] security_prepare_creds+0x101/0x160 [ 400.739118] prepare_creds+0x54e/0x760 [ 400.739482] ? __pfx_get_random_u64+0x10/0x10 [ 400.739891] copy_creds+0x7a/0xa20 [ 400.740233] ? srso_return_thunk+0x5/0x5f [ 400.740635] copy_process+0xf57/0x8e60 [ 400.741011] ? __pfx_mark_lock+0x10/0x10 [ 400.741408] ? __pfx___lock_acquire+0x10/0x10 [ 400.741837] ? hlock_class+0x4e/0x130 [ 400.742196] ? srso_return_thunk+0x5/0x5f [ 400.742587] ? mark_lock+0xac/0x1370 [ 400.742957] ? __pfx_lock_release+0x10/0x10 [ 400.743385] ? __pfx_copy_process+0x10/0x10 [ 400.743788] ? srso_return_thunk+0x5/0x5f [ 400.744182] ? lockdep_hardirqs_on_prepare+0x262/0x3f0 [ 400.744669] ? srso_return_thunk+0x5/0x5f [ 400.745094] ? copy_clone_args_from_user+0x1e7/0x780 [ 400.745555] kernel_clone+0xeb/0x850 [ 400.745907] ? __hrtimer_run_queues+0x23d/0xa70 [ 400.746341] ? __pfx_kernel_clone+0x10/0x10 [ 400.746751] ? srso_return_thunk+0x5/0x5f [ 400.747142] ? lock_release+0x20f/0x6f0 [ 400.747529] ? __pfx_lock_release+0x10/0x10 [ 400.747948] __do_sys_clone3+0x1d9/0x260 [ 400.748330] ? __pfx___do_sys_clone3+0x10/0x10 [ 400.748748] ? clockevents_program_event+0x14f/0x360 [ 400.749236] ? srso_return_thunk+0x5/0x5f [ 400.749633] ? lockdep_hardirqs_on_prepare+0x262/0x3f0 [ 400.750124] ? srso_return_thunk+0x5/0x5f [ 400.750545] do_syscall_64+0xbf/0x1d0 [ 400.750920] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 400.751387] RIP: 0033:0x7f75e29f4b19 [ 400.751722] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 400.753182] RSP: 002b:00007f75dff6a188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 400.753834] RAX: ffffffffffffffda RBX: 00007f75e2b07f60 RCX: 00007f75e29f4b19 [ 400.754435] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020004c00 [ 400.755033] RBP: 00007f75e2a4ef6d R08: 0000000000000000 R09: 0000000000000000 [ 400.755633] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 400.756231] R13: 00007ffc8b59065f R14: 00007f75dff6a300 R15: 0000000000022000 [ 400.756854] [ 400.757081] Sending NMI from CPU 0 to CPUs 1: [ 400.757495] NMI backtrace for cpu 1 [ 400.757541] CPU: 1 UID: 0 PID: 0 Comm: swapper/1 Not tainted 6.12.0-rc5-next-20241104 #1 [ 400.757637] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 400.757682] RIP: 0010:queued_spin_lock_slowpath+0x242/0xb60 [ 400.757815] Code: 02 48 89 e8 83 e0 07 83 c0 01 38 d0 7c 08 84 d2 0f 85 85 08 00 00 b8 01 00 00 00 66 89 45 00 e9 bf fe ff ff 89 44 24 38 f3 90 5b fe ff ff 48 b8 00 00 00 00 00 fc ff df 48 89 fa 48 c1 ea 03 [ 400.757896] RSP: 0018:ffff88806cf099e8 EFLAGS: 00000202 [ 400.757961] RAX: 0000000000000001 RBX: 0000000000000001 RCX: ffffffff8485c27f [ 400.758017] RDX: fffffbfff0c1b4d5 RSI: 0000000000000004 RDI: ffffffff860da6a0 [ 400.758074] RBP: ffffffff860da6a0 R08: 0000000000000000 R09: fffffbfff0c1b4d4 [ 400.758131] R10: ffffffff860da6a3 R11: 5050505000000011 R12: 1ffff1100d9e133e [ 400.758197] R13: 0000000000000003 R14: fffffbfff0c1b4d4 R15: ffff88806cf09a20 [ 400.758258] FS: 0000000000000000(0000) GS:ffff88806cf00000(0000) knlGS:0000000000000000 [ 400.758336] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 400.758397] CR2: 000055b624395898 CR3: 0000000016a42000 CR4: 0000000000350ef0 [ 400.758454] Call Trace: [ 400.758475] [ 400.758503] ? nmi_cpu_backtrace+0x179/0x260 [ 400.758611] ? nmi_cpu_backtrace_handler+0xc/0x20 [ 400.758749] ? nmi_handle+0x1a1/0x550 [ 400.758885] ? queued_spin_lock_slowpath+0x242/0xb60 [ 400.759001] ? queued_spin_lock_slowpath+0x242/0xb60 [ 400.759118] ? default_do_nmi+0x64/0x1c0 [ 400.759212] ? exc_nmi+0x188/0x1c0 [ 400.759298] ? end_repeat_nmi+0xf/0x53 [ 400.759428] ? queued_spin_lock_slowpath+0xaf/0xb60 [ 400.759547] ? queued_spin_lock_slowpath+0x242/0xb60 [ 400.759667] ? queued_spin_lock_slowpath+0x242/0xb60 [ 400.759789] ? queued_spin_lock_slowpath+0x242/0xb60 [ 400.759909] [ 400.759933] [ 400.759961] ? __pfx_queued_spin_lock_slowpath+0x10/0x10 [ 400.760081] ? srso_return_thunk+0x5/0x5f [ 400.760226] do_raw_spin_lock+0x1de/0x270 [ 400.760322] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 400.760418] ? lock_acquire+0x32/0xc0 [ 400.760551] ? mac80211_hwsim_tx_frame_no_nl.isra.0+0x6d1/0x1320 [ 400.760710] mac80211_hwsim_tx_frame_no_nl.isra.0+0x6d1/0x1320 [ 400.760858] ? __mac80211_hwsim_beacon_tx.part.0+0x1e6/0x5c0 [ 400.761023] ? __pfx_lock_release+0x10/0x10 [ 400.761159] ? srso_return_thunk+0x5/0x5f [ 400.761281] ? trace_lock_acquire+0x137/0x1b0 [ 400.761391] ? __pfx_mac80211_hwsim_tx_frame_no_nl.isra.0+0x10/0x10 [ 400.761542] ? srso_return_thunk+0x5/0x5f [ 400.761676] ? srso_return_thunk+0x5/0x5f [ 400.761799] ? srso_return_thunk+0x5/0x5f [ 400.761924] ? srso_return_thunk+0x5/0x5f [ 400.762046] ? mac80211_hwsim_monitor_rx+0x1be/0x820 [ 400.762175] mac80211_hwsim_tx_frame+0x1ee/0x2a0 [ 400.762319] mac80211_hwsim_beacon_tx+0x546/0x950 [ 400.762466] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 400.762607] ? srso_return_thunk+0x5/0x5f [ 400.762738] __iterate_interfaces+0x2e0/0x650 [ 400.762830] ? __pfx_mac80211_hwsim_beacon_tx+0x10/0x10 [ 400.762977] ? __pfx_mac80211_hwsim_beacon_tx+0x10/0x10 [ 400.763118] ieee80211_iterate_active_interfaces_atomic+0x71/0x1b0 [ 400.763230] mac80211_hwsim_beacon+0x105/0x200 [ 400.763335] ? __pfx_mac80211_hwsim_beacon+0x10/0x10 [ 400.763448] __hrtimer_run_queues+0x1ab/0xa70 [ 400.763579] ? __pfx___hrtimer_run_queues+0x10/0x10 [ 400.763691] ? ktime_get_update_offsets_now+0x260/0x3c0 [ 400.763804] hrtimer_run_softirq+0x14c/0x310 [ 400.763923] handle_softirqs+0x1b1/0x770 [ 400.764020] irq_exit_rcu+0x94/0xc0 [ 400.764101] sysvec_apic_timer_interrupt+0x70/0x80 [ 400.764215] [ 400.764239] [ 400.764266] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 400.764387] RIP: 0010:default_idle+0x1e/0x30 [ 400.764521] Code: 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 0f 1f 44 00 00 eb 0c 0f 1f 44 00 00 0f 00 2d a9 df 3e 00 0f 1f 44 00 00 fb f4 e9 1c 2e 02 00 66 66 2e 0f 1f 84 00 00 00 00 00 90 90 90 90 90 [ 400.764602] RSP: 0018:ffff8880096c7e68 EFLAGS: 00000202 [ 400.764664] RAX: 00000000001205f1 RBX: 0000000000000001 RCX: ffffffff84839b17 [ 400.764721] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffffff812ae2ca [ 400.764776] RBP: dffffc0000000000 R08: 0000000000000001 R09: ffffed100d9e6cba [ 400.764834] R10: ffff88806cf365d3 R11: 0000000000000000 R12: ffffffff863f7790 [ 400.764891] R13: 1ffff110012d8fd2 R14: 0000000000000000 R15: 0000000000000000 [ 400.764979] ? ct_kernel_exit.constprop.0+0x127/0x150 [ 400.765111] ? do_idle+0x2fa/0x3b0 [ 400.765214] ? srso_return_thunk+0x5/0x5f [ 400.765337] default_idle_call+0x6d/0xb0 [ 400.765469] do_idle+0x2fa/0x3b0 [ 400.765571] ? __pfx_do_idle+0x10/0x10 [ 400.765688] cpu_startup_entry+0x4f/0x60 [ 400.765793] start_secondary+0x1c1/0x220 [ 400.765926] common_startup_64+0x12c/0x138 [ 400.766048] VM DIAGNOSIS: 09:03:58 Registers: info registers vcpu 0 RAX=000000000000005b RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff8263f685 RDI=ffffffff8866f580 RBP=ffffffff8866f540 RSP=ffff88806ce09320 R8 =0000000000000000 R9 =ffffed1001655046 R10=000000000000005b R11=7371726974666f73 R12=000000000000005b R13=ffffffff8866f540 R14=0000000000000010 R15=ffffffff8263f670 RIP=ffffffff8263f6dd RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 00007f75dff6a700 00000000 00000000 GS =0000 ffff88806ce00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007fd80f85e7e0 CR3=0000000007222000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=00ff000000000000ff0000000000ff00 XMM01=630033656e6f6c6300656e6f6c630065 XMM02=00010000000000000000000000000000 XMM03=b581a3add435d1c4735ec47612fbf8be XMM04=00000000000000000001000000000000 XMM05=0976a851d383bb1fe09f5125da59a76b XMM06=44f50b40b6ffb581a3add435d1c4735e XMM07=c47612fbf8becf688f0272dfc7ffe1b6 XMM08=ea8fea13168bebfce53aa0e7bbdbc861 XMM09=00000000000000000000000000000000 XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000 info registers vcpu 1 RAX=00000000001203b5 RBX=0000000000000001 RCX=ffffffff84839b17 RDX=0000000000000000 RSI=0000000000000000 RDI=ffffffff812ae2ca RBP=dffffc0000000000 RSP=ffff8880096c7e68 R8 =0000000000000001 R9 =ffffed100d9e6cba R10=ffff88806cf365d3 R11=0000000000000000 R12=ffffffff863f7790 R13=1ffff110012d8fd2 R14=0000000000000000 R15=0000000000000000 RIP=ffffffff8483aabe RFL=00000202 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 0000000000000000 00000000 00000000 GS =0000 ffff88806cf00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=000055b624395898 CR3=0000000016a42000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001fa0 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=00000000000000000000000000000000 XMM01=00000000000000000000000000000000 XMM02=652e29646e616d6d6f632a282e637069 XMM03=00000000000000000000000000000000 XMM04=6c74636f690a29317830202c33783020 XMM05=2c3072286963685f74625f6b636f7324 XMM06=302826202c3264383434303038783020 XMM07=0a292930303030303030303030663778 XMM08=30303030303030303066377830282620 XMM09=30663778302826202c3178307b3d2930 XMM10=3678307b5b3d29303031303030303030 XMM11=66377830202c307830202c307830202c XMM12=203d2030720a297d5d7d303030306666 XMM13=7063745f3674656e692474656b636f73 XMM14=0a29307830202c317830202c61783028 XMM15=0a29307830202c3072286e657473696c