Warning: Permanently added '[localhost]:5444' (ECDSA) to the list of known hosts. 2024/11/28 16:43:09 fuzzer started 2024/11/28 16:43:10 dialing manager at localhost:37935 syzkaller login: [ 59.637807] cgroup: Unknown subsys name 'net' [ 59.738197] cgroup: Unknown subsys name 'cpuset' [ 59.776443] cgroup: Unknown subsys name 'rlimit' 2024/11/28 16:43:29 syscalls: 2217 2024/11/28 16:43:29 code coverage: enabled 2024/11/28 16:43:29 comparison tracing: enabled 2024/11/28 16:43:29 extra coverage: enabled 2024/11/28 16:43:29 setuid sandbox: enabled 2024/11/28 16:43:29 namespace sandbox: enabled 2024/11/28 16:43:29 Android sandbox: enabled 2024/11/28 16:43:29 fault injection: enabled 2024/11/28 16:43:29 leak checking: enabled 2024/11/28 16:43:29 net packet injection: enabled 2024/11/28 16:43:29 net device setup: enabled 2024/11/28 16:43:29 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2024/11/28 16:43:29 devlink PCI setup: PCI device 0000:00:10.0 is not available 2024/11/28 16:43:29 USB emulation: enabled 2024/11/28 16:43:29 hci packet injection: enabled 2024/11/28 16:43:29 wifi device emulation: enabled 2024/11/28 16:43:29 802.15.4 emulation: enabled 2024/11/28 16:43:29 fetching corpus: 0, signal 0/2000 (executing program) 2024/11/28 16:43:29 fetching corpus: 47, signal 17864/21446 (executing program) 2024/11/28 16:43:29 fetching corpus: 90, signal 25731/30848 (executing program) 2024/11/28 16:43:29 fetching corpus: 130, signal 34274/40697 (executing program) 2024/11/28 16:43:29 fetching corpus: 176, signal 39301/47053 (executing program) 2024/11/28 16:43:29 fetching corpus: 224, signal 43354/52391 (executing program) 2024/11/28 16:43:29 fetching corpus: 274, signal 50590/60542 (executing program) 2024/11/28 16:43:29 fetching corpus: 323, signal 57344/68086 (executing program) 2024/11/28 16:43:30 fetching corpus: 372, signal 60775/72478 (executing program) 2024/11/28 16:43:30 fetching corpus: 422, signal 63901/76521 (executing program) 2024/11/28 16:43:30 fetching corpus: 472, signal 67426/80897 (executing program) 2024/11/28 16:43:30 fetching corpus: 522, signal 70803/85057 (executing program) 2024/11/28 16:43:30 fetching corpus: 571, signal 72623/87794 (executing program) 2024/11/28 16:43:30 fetching corpus: 621, signal 75354/91262 (executing program) 2024/11/28 16:43:30 fetching corpus: 671, signal 77353/94099 (executing program) 2024/11/28 16:43:30 fetching corpus: 721, signal 80207/97586 (executing program) 2024/11/28 16:43:30 fetching corpus: 770, signal 82631/100624 (executing program) 2024/11/28 16:43:30 fetching corpus: 820, signal 84365/103094 (executing program) 2024/11/28 16:43:31 fetching corpus: 869, signal 86850/106078 (executing program) 2024/11/28 16:43:31 fetching corpus: 919, signal 88376/108302 (executing program) 2024/11/28 16:43:31 fetching corpus: 969, signal 89426/110096 (executing program) 2024/11/28 16:43:31 fetching corpus: 1019, signal 92286/113261 (executing program) 2024/11/28 16:43:31 fetching corpus: 1069, signal 93101/114790 (executing program) 2024/11/28 16:43:31 fetching corpus: 1119, signal 94869/117028 (executing program) 2024/11/28 16:43:31 fetching corpus: 1169, signal 97564/119877 (executing program) 2024/11/28 16:43:31 fetching corpus: 1218, signal 99425/122066 (executing program) 2024/11/28 16:43:31 fetching corpus: 1268, signal 100918/123963 (executing program) 2024/11/28 16:43:31 fetching corpus: 1318, signal 101971/125591 (executing program) 2024/11/28 16:43:32 fetching corpus: 1368, signal 105748/128933 (executing program) 2024/11/28 16:43:32 fetching corpus: 1418, signal 107144/130655 (executing program) 2024/11/28 16:43:32 fetching corpus: 1468, signal 108307/132212 (executing program) 2024/11/28 16:43:32 fetching corpus: 1517, signal 109865/133954 (executing program) 2024/11/28 16:43:32 fetching corpus: 1567, signal 110871/135347 (executing program) 2024/11/28 16:43:32 fetching corpus: 1617, signal 112753/137183 (executing program) 2024/11/28 16:43:32 fetching corpus: 1667, signal 114276/138848 (executing program) 2024/11/28 16:43:32 fetching corpus: 1717, signal 115390/140265 (executing program) 2024/11/28 16:43:32 fetching corpus: 1766, signal 116367/141520 (executing program) 2024/11/28 16:43:32 fetching corpus: 1816, signal 117738/142991 (executing program) 2024/11/28 16:43:33 fetching corpus: 1866, signal 118451/144039 (executing program) 2024/11/28 16:43:33 fetching corpus: 1916, signal 119255/145159 (executing program) 2024/11/28 16:43:33 fetching corpus: 1966, signal 121091/146762 (executing program) 2024/11/28 16:43:33 fetching corpus: 2016, signal 122072/147882 (executing program) 2024/11/28 16:43:33 fetching corpus: 2065, signal 122799/148935 (executing program) 2024/11/28 16:43:33 fetching corpus: 2115, signal 123577/149942 (executing program) 2024/11/28 16:43:33 fetching corpus: 2165, signal 124475/150941 (executing program) 2024/11/28 16:43:33 fetching corpus: 2215, signal 125231/151883 (executing program) 2024/11/28 16:43:33 fetching corpus: 2265, signal 126093/152939 (executing program) 2024/11/28 16:43:33 fetching corpus: 2315, signal 126804/153838 (executing program) 2024/11/28 16:43:34 fetching corpus: 2365, signal 127594/154695 (executing program) 2024/11/28 16:43:34 fetching corpus: 2415, signal 128375/155584 (executing program) 2024/11/28 16:43:34 fetching corpus: 2465, signal 128970/156358 (executing program) 2024/11/28 16:43:34 fetching corpus: 2514, signal 129748/157233 (executing program) 2024/11/28 16:43:34 fetching corpus: 2563, signal 130393/157991 (executing program) 2024/11/28 16:43:34 fetching corpus: 2613, signal 130964/158756 (executing program) 2024/11/28 16:43:34 fetching corpus: 2663, signal 131547/159479 (executing program) 2024/11/28 16:43:34 fetching corpus: 2713, signal 132362/160292 (executing program) 2024/11/28 16:43:34 fetching corpus: 2763, signal 133082/161006 (executing program) 2024/11/28 16:43:34 fetching corpus: 2813, signal 133582/161690 (executing program) 2024/11/28 16:43:35 fetching corpus: 2861, signal 134233/162395 (executing program) 2024/11/28 16:43:35 fetching corpus: 2911, signal 134713/163034 (executing program) 2024/11/28 16:43:35 fetching corpus: 2961, signal 135523/163754 (executing program) 2024/11/28 16:43:35 fetching corpus: 3011, signal 136109/164403 (executing program) 2024/11/28 16:43:35 fetching corpus: 3061, signal 136913/165067 (executing program) 2024/11/28 16:43:35 fetching corpus: 3110, signal 137571/165706 (executing program) 2024/11/28 16:43:35 fetching corpus: 3159, signal 138136/166314 (executing program) 2024/11/28 16:43:35 fetching corpus: 3207, signal 138840/166927 (executing program) 2024/11/28 16:43:35 fetching corpus: 3257, signal 139454/167461 (executing program) 2024/11/28 16:43:35 fetching corpus: 3307, signal 139992/167967 (executing program) 2024/11/28 16:43:36 fetching corpus: 3357, signal 140866/168550 (executing program) 2024/11/28 16:43:36 fetching corpus: 3407, signal 141401/169049 (executing program) 2024/11/28 16:43:36 fetching corpus: 3457, signal 142161/169586 (executing program) 2024/11/28 16:43:36 fetching corpus: 3507, signal 142496/170049 (executing program) 2024/11/28 16:43:36 fetching corpus: 3557, signal 143247/170566 (executing program) 2024/11/28 16:43:36 fetching corpus: 3607, signal 143637/171039 (executing program) 2024/11/28 16:43:36 fetching corpus: 3656, signal 144230/171505 (executing program) 2024/11/28 16:43:36 fetching corpus: 3706, signal 144588/171935 (executing program) 2024/11/28 16:43:36 fetching corpus: 3756, signal 145577/172412 (executing program) 2024/11/28 16:43:36 fetching corpus: 3806, signal 146325/172807 (executing program) 2024/11/28 16:43:37 fetching corpus: 3855, signal 146947/173225 (executing program) 2024/11/28 16:43:37 fetching corpus: 3905, signal 147453/173603 (executing program) 2024/11/28 16:43:37 fetching corpus: 3955, signal 147880/173956 (executing program) 2024/11/28 16:43:37 fetching corpus: 4002, signal 148423/174329 (executing program) 2024/11/28 16:43:37 fetching corpus: 4052, signal 148973/174678 (executing program) 2024/11/28 16:43:37 fetching corpus: 4101, signal 149861/175029 (executing program) 2024/11/28 16:43:37 fetching corpus: 4151, signal 150268/175329 (executing program) 2024/11/28 16:43:37 fetching corpus: 4200, signal 150640/175643 (executing program) 2024/11/28 16:43:37 fetching corpus: 4250, signal 150978/175943 (executing program) 2024/11/28 16:43:37 fetching corpus: 4300, signal 151301/176247 (executing program) 2024/11/28 16:43:37 fetching corpus: 4350, signal 151856/176292 (executing program) 2024/11/28 16:43:38 fetching corpus: 4400, signal 152311/176292 (executing program) 2024/11/28 16:43:38 fetching corpus: 4450, signal 152697/176294 (executing program) 2024/11/28 16:43:38 fetching corpus: 4500, signal 153345/176294 (executing program) 2024/11/28 16:43:38 fetching corpus: 4550, signal 154411/176294 (executing program) 2024/11/28 16:43:38 fetching corpus: 4599, signal 154871/176297 (executing program) 2024/11/28 16:43:38 fetching corpus: 4648, signal 155225/176324 (executing program) 2024/11/28 16:43:38 fetching corpus: 4696, signal 155476/176324 (executing program) 2024/11/28 16:43:38 fetching corpus: 4745, signal 155754/176324 (executing program) 2024/11/28 16:43:38 fetching corpus: 4795, signal 156005/176326 (executing program) 2024/11/28 16:43:38 fetching corpus: 4845, signal 156342/176326 (executing program) 2024/11/28 16:43:39 fetching corpus: 4895, signal 156656/176330 (executing program) 2024/11/28 16:43:39 fetching corpus: 4945, signal 157047/176330 (executing program) 2024/11/28 16:43:39 fetching corpus: 4994, signal 157441/176331 (executing program) 2024/11/28 16:43:39 fetching corpus: 5044, signal 157962/176351 (executing program) 2024/11/28 16:43:39 fetching corpus: 5093, signal 158350/176371 (executing program) 2024/11/28 16:43:39 fetching corpus: 5143, signal 158769/176371 (executing program) 2024/11/28 16:43:39 fetching corpus: 5193, signal 159007/176371 (executing program) 2024/11/28 16:43:39 fetching corpus: 5243, signal 159394/176371 (executing program) 2024/11/28 16:43:39 fetching corpus: 5293, signal 159798/176373 (executing program) 2024/11/28 16:43:39 fetching corpus: 5343, signal 160240/176378 (executing program) 2024/11/28 16:43:40 fetching corpus: 5393, signal 160585/176455 (executing program) 2024/11/28 16:43:40 fetching corpus: 5442, signal 161039/176455 (executing program) 2024/11/28 16:43:40 fetching corpus: 5492, signal 161439/176455 (executing program) 2024/11/28 16:43:40 fetching corpus: 5541, signal 161779/176455 (executing program) 2024/11/28 16:43:40 fetching corpus: 5591, signal 162065/176457 (executing program) 2024/11/28 16:43:40 fetching corpus: 5640, signal 162418/176457 (executing program) 2024/11/28 16:43:40 fetching corpus: 5690, signal 162981/176481 (executing program) 2024/11/28 16:43:40 fetching corpus: 5740, signal 163300/176512 (executing program) 2024/11/28 16:43:40 fetching corpus: 5789, signal 163593/176517 (executing program) 2024/11/28 16:43:40 fetching corpus: 5839, signal 164119/176523 (executing program) 2024/11/28 16:43:41 fetching corpus: 5889, signal 164438/176523 (executing program) 2024/11/28 16:43:41 fetching corpus: 5939, signal 165066/176523 (executing program) 2024/11/28 16:43:41 fetching corpus: 5989, signal 165360/176525 (executing program) 2024/11/28 16:43:41 fetching corpus: 6039, signal 165594/176542 (executing program) 2024/11/28 16:43:41 fetching corpus: 6089, signal 165889/176542 (executing program) 2024/11/28 16:43:41 fetching corpus: 6139, signal 166182/176542 (executing program) 2024/11/28 16:43:41 fetching corpus: 6188, signal 166744/176543 (executing program) 2024/11/28 16:43:41 fetching corpus: 6238, signal 167198/176544 (executing program) 2024/11/28 16:43:41 fetching corpus: 6287, signal 167498/176556 (executing program) 2024/11/28 16:43:41 fetching corpus: 6335, signal 167900/176556 (executing program) 2024/11/28 16:43:41 fetching corpus: 6385, signal 168081/176558 (executing program) 2024/11/28 16:43:42 fetching corpus: 6435, signal 168281/176558 (executing program) 2024/11/28 16:43:42 fetching corpus: 6484, signal 168613/176562 (executing program) 2024/11/28 16:43:42 fetching corpus: 6534, signal 168953/176591 (executing program) 2024/11/28 16:43:42 fetching corpus: 6584, signal 169266/176709 (executing program) 2024/11/28 16:43:42 fetching corpus: 6632, signal 169619/176709 (executing program) 2024/11/28 16:43:42 fetching corpus: 6682, signal 169989/176709 (executing program) 2024/11/28 16:43:42 fetching corpus: 6732, signal 170174/176709 (executing program) 2024/11/28 16:43:42 fetching corpus: 6782, signal 170544/176716 (executing program) 2024/11/28 16:43:42 fetching corpus: 6832, signal 170782/176716 (executing program) 2024/11/28 16:43:42 fetching corpus: 6882, signal 170972/176716 (executing program) 2024/11/28 16:43:42 fetching corpus: 6932, signal 171368/176716 (executing program) 2024/11/28 16:43:42 fetching corpus: 6982, signal 171816/176722 (executing program) 2024/11/28 16:43:42 fetching corpus: 7032, signal 172041/176722 (executing program) 2024/11/28 16:43:43 fetching corpus: 7081, signal 172397/176722 (executing program) 2024/11/28 16:43:43 fetching corpus: 7131, signal 172913/176722 (executing program) 2024/11/28 16:43:43 fetching corpus: 7181, signal 173177/176722 (executing program) 2024/11/28 16:43:43 fetching corpus: 7231, signal 173399/176722 (executing program) 2024/11/28 16:43:43 fetching corpus: 7281, signal 173747/176723 (executing program) 2024/11/28 16:43:43 fetching corpus: 7330, signal 173970/176723 (executing program) 2024/11/28 16:43:43 fetching corpus: 7380, signal 174361/176726 (executing program) 2024/11/28 16:43:43 fetching corpus: 7429, signal 174594/176761 (executing program) 2024/11/28 16:43:43 fetching corpus: 7479, signal 174811/176761 (executing program) 2024/11/28 16:43:43 fetching corpus: 7529, signal 175127/176764 (executing program) 2024/11/28 16:43:43 fetching corpus: 7579, signal 175359/176764 (executing program) 2024/11/28 16:43:43 fetching corpus: 7629, signal 175560/176764 (executing program) 2024/11/28 16:43:43 fetching corpus: 7679, signal 175782/176764 (executing program) 2024/11/28 16:43:44 fetching corpus: 7725, signal 175995/176764 (executing program) 2024/11/28 16:43:44 fetching corpus: 7725, signal 175995/176764 (executing program) 2024/11/28 16:43:46 starting 8 fuzzer processes 16:43:46 executing program 0: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) pkey_mprotect(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x1, 0xffffffffffffffff) perf_event_open(&(0x7f0000000100)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 16:43:46 executing program 1: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_mount_image$tmpfs(0x0, &(0x7f0000003240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount$cgroup2(0x20100000, &(0x7f0000000180)='./file0/../file0\x00', &(0x7f0000000100), 0x0, 0x0) rmdir(&(0x7f0000000300)='./file0\x00') 16:43:46 executing program 2: readlink(&(0x7f0000000140)='\x00', &(0x7f0000000280)=""/213, 0xd5) [ 94.421251] audit: type=1400 audit(1732812226.697:7): avc: denied { execmem } for pid=270 comm="syz-executor.0" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1 16:43:46 executing program 3: r0 = openat$sr(0xffffffffffffff9c, &(0x7f00000001c0), 0x105802, 0x0) ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000200)={'\x00', 0x0, 0x20, 0x10000, 0x0, 0x1}) ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0) 16:43:46 executing program 6: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) r0 = socket$inet6_udp(0xa, 0x2, 0x0) r1 = dup(r0) r2 = epoll_create(0x9) connect$inet6(r1, &(0x7f00000000c0)={0xa, 0x0, 0x0, @mcast1, 0x3}, 0x1c) mount$9p_fd(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f0000000200)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@noextend}], [{@euid_gt}]}}) sendmmsg$inet6(r1, &(0x7f0000002880), 0x4000101, 0x0) 16:43:46 executing program 4: r0 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) getsockopt$WPAN_SECURITY_LEVEL(r0, 0x0, 0x2, &(0x7f0000003100), &(0x7f0000003140)=0x4) 16:43:46 executing program 5: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) fcntl$notify(r0, 0x402, 0x80000009) r1 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) fcntl$notify(r1, 0x402, 0x80000009) r2 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) fcntl$notify(r2, 0x402, 0x80000009) 16:43:46 executing program 7: openat$vcsa(0xffffffffffffff9c, &(0x7f0000000900), 0x309000, 0x0) [ 95.813113] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 95.814255] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 95.817580] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 95.820717] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 95.820807] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 95.823459] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 95.827386] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 95.829114] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 95.830254] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 95.831313] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 95.836817] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 95.838484] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 95.865328] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 95.868350] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 95.869333] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 95.871586] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 95.872903] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 95.873982] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 95.963393] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 95.977709] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 95.979710] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 95.989115] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 95.991224] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 96.000658] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 96.001501] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 96.005952] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 96.019525] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 96.020691] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 96.021635] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 96.031509] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 96.033587] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 96.034534] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 96.049659] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 96.050670] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 96.062384] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 96.067462] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 96.082397] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 96.083743] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 96.087197] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 96.090135] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 96.092360] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 96.093359] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 96.095351] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 96.099454] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 96.109536] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 96.126864] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 96.133215] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 96.134937] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 97.903521] Bluetooth: hci2: command tx timeout [ 97.903530] Bluetooth: hci1: command tx timeout [ 97.903849] Bluetooth: hci0: command tx timeout [ 98.096633] Bluetooth: hci3: command tx timeout [ 98.159068] Bluetooth: hci4: command tx timeout [ 98.159757] Bluetooth: hci6: command tx timeout [ 98.159813] Bluetooth: hci7: command tx timeout [ 98.160554] Bluetooth: hci5: command tx timeout [ 99.951094] Bluetooth: hci0: command tx timeout [ 99.951608] Bluetooth: hci2: command tx timeout [ 99.952228] Bluetooth: hci1: command tx timeout [ 100.143154] Bluetooth: hci3: command tx timeout [ 100.207969] Bluetooth: hci7: command tx timeout [ 100.208436] Bluetooth: hci4: command tx timeout [ 100.208857] Bluetooth: hci6: command tx timeout [ 100.209380] Bluetooth: hci5: command tx timeout [ 101.999214] Bluetooth: hci1: command tx timeout [ 101.999707] Bluetooth: hci2: command tx timeout [ 102.000888] Bluetooth: hci0: command tx timeout [ 102.191070] Bluetooth: hci3: command tx timeout [ 102.255140] Bluetooth: hci5: command tx timeout [ 102.255570] Bluetooth: hci6: command tx timeout [ 102.256041] Bluetooth: hci4: command tx timeout [ 102.256454] Bluetooth: hci7: command tx timeout [ 104.049224] Bluetooth: hci0: command tx timeout [ 104.049735] Bluetooth: hci1: command tx timeout [ 104.051053] Bluetooth: hci2: command tx timeout [ 104.239075] Bluetooth: hci3: command tx timeout [ 104.303109] Bluetooth: hci7: command tx timeout [ 104.303540] Bluetooth: hci4: command tx timeout [ 104.303953] Bluetooth: hci6: command tx timeout [ 104.304604] Bluetooth: hci5: command tx timeout [ 151.196581] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 151.197329] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 151.433201] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 151.433837] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 151.703129] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 151.703788] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 151.945159] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 151.945813] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 152.143810] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 152.144781] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 152.287198] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 152.287857] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 152.429777] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 152.430475] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 152.536361] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 152.537018] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 152.655571] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 152.656259] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 152.791654] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 152.792346] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 152.910667] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 152.911818] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 153.040340] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 153.040944] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 153.188592] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 153.189293] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 153.234673] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 153.235343] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 153.383751] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 153.384408] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 153.444678] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 153.445509] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 153.734182] audit: type=1400 audit(1732812286.010:8): avc: denied { watch_reads } for pid=3917 comm="syz-executor.5" path="/dev/bsg" dev="devtmpfs" ino=113 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:object_r:device_t:s0 tclass=dir permissive=1 [ 154.238536] audit: type=1400 audit(1732812286.514:9): avc: denied { open } for pid=3937 comm="syz-executor.1" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 [ 154.240858] audit: type=1400 audit(1732812286.515:10): avc: denied { kernel } for pid=3937 comm="syz-executor.1" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 16:44:47 executing program 0: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) pkey_mprotect(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x1, 0xffffffffffffffff) perf_event_open(&(0x7f0000000100)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 16:44:47 executing program 7: syz_io_uring_setup(0x0, &(0x7f0000001300), &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000001380), &(0x7f00000013c0)) 16:44:47 executing program 5: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) fcntl$notify(r0, 0x402, 0x80000009) r1 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) fcntl$notify(r1, 0x402, 0x80000009) r2 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) fcntl$notify(r2, 0x402, 0x80000009) 16:44:47 executing program 1: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_mount_image$tmpfs(0x0, &(0x7f0000003240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount$cgroup2(0x20100000, &(0x7f0000000180)='./file0/../file0\x00', &(0x7f0000000100), 0x0, 0x0) rmdir(&(0x7f0000000300)='./file0\x00') 16:44:47 executing program 4: r0 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) getsockopt$WPAN_SECURITY_LEVEL(r0, 0x0, 0x2, &(0x7f0000003100), &(0x7f0000003140)=0x4) 16:44:47 executing program 2: readlink(&(0x7f0000000140)='\x00', &(0x7f0000000280)=""/213, 0xd5) 16:44:47 executing program 6: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) r0 = socket$inet6_udp(0xa, 0x2, 0x0) r1 = dup(r0) r2 = epoll_create(0x9) connect$inet6(r1, &(0x7f00000000c0)={0xa, 0x0, 0x0, @mcast1, 0x3}, 0x1c) mount$9p_fd(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f0000000200)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@noextend}], [{@euid_gt}]}}) sendmmsg$inet6(r1, &(0x7f0000002880), 0x4000101, 0x0) 16:44:47 executing program 3: r0 = openat$sr(0xffffffffffffff9c, &(0x7f00000001c0), 0x105802, 0x0) ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000200)={'\x00', 0x0, 0x20, 0x10000, 0x0, 0x1}) ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0) 16:44:47 executing program 5: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) fcntl$notify(r0, 0x402, 0x80000009) r1 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) fcntl$notify(r1, 0x402, 0x80000009) r2 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) fcntl$notify(r2, 0x402, 0x80000009) 16:44:47 executing program 0: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) pkey_mprotect(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x1, 0xffffffffffffffff) perf_event_open(&(0x7f0000000100)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 16:44:47 executing program 7: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) r0 = socket$inet6_udp(0xa, 0x2, 0x0) r1 = dup(r0) r2 = epoll_create(0x9) connect$inet6(r1, &(0x7f00000000c0)={0xa, 0x0, 0x0, @mcast1, 0x3}, 0x1c) mount$9p_fd(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f0000000200)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@noextend}], [{@euid_gt}]}}) sendmmsg$inet6(r1, &(0x7f0000002880), 0x4000101, 0x0) 16:44:47 executing program 2: readlink(&(0x7f0000000140)='\x00', &(0x7f0000000280)=""/213, 0xd5) 16:44:47 executing program 4: r0 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) getsockopt$WPAN_SECURITY_LEVEL(r0, 0x0, 0x2, &(0x7f0000003100), &(0x7f0000003140)=0x4) 16:44:47 executing program 1: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_mount_image$tmpfs(0x0, &(0x7f0000003240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount$cgroup2(0x20100000, &(0x7f0000000180)='./file0/../file0\x00', &(0x7f0000000100), 0x0, 0x0) rmdir(&(0x7f0000000300)='./file0\x00') 16:44:48 executing program 5: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) fcntl$notify(r0, 0x402, 0x80000009) r1 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) fcntl$notify(r1, 0x402, 0x80000009) r2 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) fcntl$notify(r2, 0x402, 0x80000009) 16:44:48 executing program 0: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) pkey_mprotect(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x1, 0xffffffffffffffff) perf_event_open(&(0x7f0000000100)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 16:44:48 executing program 2: readlink(&(0x7f0000000140)='\x00', &(0x7f0000000280)=""/213, 0xd5) 16:44:48 executing program 4: r0 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) getsockopt$WPAN_SECURITY_LEVEL(r0, 0x0, 0x2, &(0x7f0000003100), &(0x7f0000003140)=0x4) 16:44:48 executing program 3: r0 = openat$sr(0xffffffffffffff9c, &(0x7f00000001c0), 0x105802, 0x0) ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000200)={'\x00', 0x0, 0x20, 0x10000, 0x0, 0x1}) ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0) 16:44:48 executing program 1: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_mount_image$tmpfs(0x0, &(0x7f0000003240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount$cgroup2(0x20100000, &(0x7f0000000180)='./file0/../file0\x00', &(0x7f0000000100), 0x0, 0x0) rmdir(&(0x7f0000000300)='./file0\x00') 16:44:48 executing program 7: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) r0 = socket$inet6_udp(0xa, 0x2, 0x0) r1 = dup(r0) r2 = epoll_create(0x9) connect$inet6(r1, &(0x7f00000000c0)={0xa, 0x0, 0x0, @mcast1, 0x3}, 0x1c) mount$9p_fd(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f0000000200)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@noextend}], [{@euid_gt}]}}) sendmmsg$inet6(r1, &(0x7f0000002880), 0x4000101, 0x0) 16:44:48 executing program 6: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) r0 = socket$inet6_udp(0xa, 0x2, 0x0) r1 = dup(r0) r2 = epoll_create(0x9) connect$inet6(r1, &(0x7f00000000c0)={0xa, 0x0, 0x0, @mcast1, 0x3}, 0x1c) mount$9p_fd(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f0000000200)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@noextend}], [{@euid_gt}]}}) sendmmsg$inet6(r1, &(0x7f0000002880), 0x4000101, 0x0) 16:44:48 executing program 4: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) r0 = socket$inet6_udp(0xa, 0x2, 0x0) r1 = dup(r0) r2 = epoll_create(0x9) connect$inet6(r1, &(0x7f00000000c0)={0xa, 0x0, 0x0, @mcast1, 0x3}, 0x1c) mount$9p_fd(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f0000000200)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@noextend}], [{@euid_gt}]}}) sendmmsg$inet6(r1, &(0x7f0000002880), 0x4000101, 0x0) 16:44:48 executing program 2: r0 = openat$sr(0xffffffffffffff9c, &(0x7f00000001c0), 0x105802, 0x0) ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000200)={'\x00', 0x0, 0x20, 0x10000, 0x0, 0x1}) ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0) 16:44:48 executing program 3: r0 = openat$sr(0xffffffffffffff9c, &(0x7f00000001c0), 0x105802, 0x0) ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000200)={'\x00', 0x0, 0x20, 0x10000, 0x0, 0x1}) ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0) 16:44:48 executing program 5: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_mount_image$tmpfs(0x0, &(0x7f0000003240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount$cgroup2(0x20100000, &(0x7f0000000180)='./file0/../file0\x00', &(0x7f0000000100), 0x0, 0x0) rmdir(&(0x7f0000000300)='./file0\x00') 16:44:48 executing program 0: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_mount_image$tmpfs(0x0, &(0x7f0000003240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount$cgroup2(0x20100000, &(0x7f0000000180)='./file0/../file0\x00', &(0x7f0000000100), 0x0, 0x0) rmdir(&(0x7f0000000300)='./file0\x00') 16:44:48 executing program 1: r0 = syz_open_dev$tty20(0xc, 0x4, 0x0) ioctl$TIOCL_BLANKSCREEN(r0, 0x560f, &(0x7f0000000000)) 16:44:48 executing program 5: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_mount_image$tmpfs(0x0, &(0x7f0000003240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount$cgroup2(0x20100000, &(0x7f0000000180)='./file0/../file0\x00', &(0x7f0000000100), 0x0, 0x0) rmdir(&(0x7f0000000300)='./file0\x00') 16:44:48 executing program 2: r0 = openat$sr(0xffffffffffffff9c, &(0x7f00000001c0), 0x105802, 0x0) ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000200)={'\x00', 0x0, 0x20, 0x10000, 0x0, 0x1}) ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0) 16:44:48 executing program 0: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_mount_image$tmpfs(0x0, &(0x7f0000003240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount$cgroup2(0x20100000, &(0x7f0000000180)='./file0/../file0\x00', &(0x7f0000000100), 0x0, 0x0) rmdir(&(0x7f0000000300)='./file0\x00') 16:44:48 executing program 1: r0 = syz_open_dev$tty20(0xc, 0x4, 0x0) ioctl$TIOCL_BLANKSCREEN(r0, 0x560f, &(0x7f0000000000)) 16:44:49 executing program 2: r0 = openat$sr(0xffffffffffffff9c, &(0x7f00000001c0), 0x105802, 0x0) ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000200)={'\x00', 0x0, 0x20, 0x10000, 0x0, 0x1}) ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0) 16:44:49 executing program 5: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_mount_image$tmpfs(0x0, &(0x7f0000003240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount$cgroup2(0x20100000, &(0x7f0000000180)='./file0/../file0\x00', &(0x7f0000000100), 0x0, 0x0) rmdir(&(0x7f0000000300)='./file0\x00') 16:44:49 executing program 1: r0 = syz_open_dev$tty20(0xc, 0x4, 0x0) ioctl$TIOCL_BLANKSCREEN(r0, 0x560f, &(0x7f0000000000)) 16:44:49 executing program 7: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) r0 = socket$inet6_udp(0xa, 0x2, 0x0) r1 = dup(r0) r2 = epoll_create(0x9) connect$inet6(r1, &(0x7f00000000c0)={0xa, 0x0, 0x0, @mcast1, 0x3}, 0x1c) mount$9p_fd(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f0000000200)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@noextend}], [{@euid_gt}]}}) sendmmsg$inet6(r1, &(0x7f0000002880), 0x4000101, 0x0) 16:44:49 executing program 0: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_mount_image$tmpfs(0x0, &(0x7f0000003240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount$cgroup2(0x20100000, &(0x7f0000000180)='./file0/../file0\x00', &(0x7f0000000100), 0x0, 0x0) rmdir(&(0x7f0000000300)='./file0\x00') 16:44:49 executing program 6: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) r0 = socket$inet6_udp(0xa, 0x2, 0x0) r1 = dup(r0) r2 = epoll_create(0x9) connect$inet6(r1, &(0x7f00000000c0)={0xa, 0x0, 0x0, @mcast1, 0x3}, 0x1c) mount$9p_fd(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f0000000200)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@noextend}], [{@euid_gt}]}}) sendmmsg$inet6(r1, &(0x7f0000002880), 0x4000101, 0x0) 16:44:49 executing program 4: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) r0 = socket$inet6_udp(0xa, 0x2, 0x0) r1 = dup(r0) r2 = epoll_create(0x9) connect$inet6(r1, &(0x7f00000000c0)={0xa, 0x0, 0x0, @mcast1, 0x3}, 0x1c) mount$9p_fd(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f0000000200)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@noextend}], [{@euid_gt}]}}) sendmmsg$inet6(r1, &(0x7f0000002880), 0x4000101, 0x0) 16:44:49 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) r2 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000300)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_FRAME(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)={0x70, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_FRAME={0x52, 0x33, @beacon={@wo_ht={{}, {}, @device_b, @device_a, @from_mac=@device_b}, 0x0, @random, 0x0, @void, @void, @val={0x3, 0x1, 0xd}, @void, @val={0x6, 0x2}, @val={0x5, 0x3}, @val={0x25, 0x3}, @val={0x2a, 0x1}, @val={0x3c, 0x4}, @void, @val={0x72, 0x6}, @void, @val={0x76, 0x6}}}]}, 0x70}}, 0x0) 16:44:49 executing program 1: r0 = syz_open_dev$tty20(0xc, 0x4, 0x0) ioctl$TIOCL_BLANKSCREEN(r0, 0x560f, &(0x7f0000000000)) 16:44:49 executing program 5: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) lseek(r0, 0xfffffffffffffff9, 0x1) 16:44:50 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x15f) write$binfmt_elf64(r0, &(0x7f0000000140)=ANY=[@ANYBLOB="7f454c4600000000000000000000000003003e"], 0x78) close(r0) execveat(0xffffffffffffff9c, &(0x7f0000000480)='./file1\x00', 0x0, 0x0, 0x0) 16:44:50 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) r2 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000300)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_FRAME(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)={0x70, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_FRAME={0x52, 0x33, @beacon={@wo_ht={{}, {}, @device_b, @device_a, @from_mac=@device_b}, 0x0, @random, 0x0, @void, @void, @val={0x3, 0x1, 0xd}, @void, @val={0x6, 0x2}, @val={0x5, 0x3}, @val={0x25, 0x3}, @val={0x2a, 0x1}, @val={0x3c, 0x4}, @void, @val={0x72, 0x6}, @void, @val={0x76, 0x6}}}]}, 0x70}}, 0x0) 16:44:50 executing program 2: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET_UNCONFIRMED(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000380)={0x14, 0x7, 0x1, 0x801}, 0x14}}, 0x0) 16:44:50 executing program 7: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x26e1, 0x0) fcntl$setlease(r0, 0x400, 0x1) fcntl$setown(r0, 0x8, 0xffffffffffffffff) openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0xc02, 0x0) 16:44:50 executing program 4: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) r0 = socket$inet6_udp(0xa, 0x2, 0x0) r1 = dup(r0) r2 = epoll_create(0x9) connect$inet6(r1, &(0x7f00000000c0)={0xa, 0x0, 0x0, @mcast1, 0x3}, 0x1c) mount$9p_fd(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f0000000200)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@noextend}], [{@euid_gt}]}}) sendmmsg$inet6(r1, &(0x7f0000002880), 0x4000101, 0x0) 16:44:50 executing program 5: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) lseek(r0, 0xfffffffffffffff9, 0x1) [ 158.230159] process 'syz-executor.0' launched './file1' with NULL argv: empty string added 16:44:50 executing program 6: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_TRIGGER_SCAN(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000440)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="0107000000000000000020ffec0008000300", @ANYRES32=r2], 0x30}}, 0x0) 16:44:50 executing program 1: r0 = inotify_init() inotify_add_watch(r0, &(0x7f0000000240)='.\x00', 0x1630009be) syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) open(&(0x7f00000000c0)='./file0\x00', 0x4580, 0x0) 16:44:50 executing program 7: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x26e1, 0x0) fcntl$setlease(r0, 0x400, 0x1) fcntl$setown(r0, 0x8, 0xffffffffffffffff) openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0xc02, 0x0) 16:44:50 executing program 5: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) lseek(r0, 0xfffffffffffffff9, 0x1) 16:44:50 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x15f) write$binfmt_elf64(r0, &(0x7f0000000140)=ANY=[@ANYBLOB="7f454c4600000000000000000000000003003e"], 0x78) close(r0) execveat(0xffffffffffffff9c, &(0x7f0000000480)='./file1\x00', 0x0, 0x0, 0x0) [ 158.344718] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.6'. 16:44:50 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) r2 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000300)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_FRAME(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)={0x70, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_FRAME={0x52, 0x33, @beacon={@wo_ht={{}, {}, @device_b, @device_a, @from_mac=@device_b}, 0x0, @random, 0x0, @void, @void, @val={0x3, 0x1, 0xd}, @void, @val={0x6, 0x2}, @val={0x5, 0x3}, @val={0x25, 0x3}, @val={0x2a, 0x1}, @val={0x3c, 0x4}, @void, @val={0x72, 0x6}, @void, @val={0x76, 0x6}}}]}, 0x70}}, 0x0) [ 158.380520] audit: type=1400 audit(1732812290.656:11): avc: denied { watch_reads } for pid=4060 comm="syz-executor.1" path="/syzkaller-testdir838211129/syzkaller.tw0yTI/8" dev="sda" ino=15977 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=dir permissive=1 16:44:50 executing program 2: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET_UNCONFIRMED(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000380)={0x14, 0x7, 0x1, 0x801}, 0x14}}, 0x0) 16:44:50 executing program 6: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_TRIGGER_SCAN(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000440)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="0107000000000000000020ffec0008000300", @ANYRES32=r2], 0x30}}, 0x0) 16:44:50 executing program 7: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x26e1, 0x0) fcntl$setlease(r0, 0x400, 0x1) fcntl$setown(r0, 0x8, 0xffffffffffffffff) openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0xc02, 0x0) 16:44:50 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x15f) write$binfmt_elf64(r0, &(0x7f0000000140)=ANY=[@ANYBLOB="7f454c4600000000000000000000000003003e"], 0x78) close(r0) execveat(0xffffffffffffff9c, &(0x7f0000000480)='./file1\x00', 0x0, 0x0, 0x0) 16:44:50 executing program 1: r0 = inotify_init() inotify_add_watch(r0, &(0x7f0000000240)='.\x00', 0x1630009be) syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) open(&(0x7f00000000c0)='./file0\x00', 0x4580, 0x0) 16:44:50 executing program 5: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) lseek(r0, 0xfffffffffffffff9, 0x1) [ 158.599878] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.6'. 16:44:50 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) r2 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000300)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_FRAME(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)={0x70, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_FRAME={0x52, 0x33, @beacon={@wo_ht={{}, {}, @device_b, @device_a, @from_mac=@device_b}, 0x0, @random, 0x0, @void, @void, @val={0x3, 0x1, 0xd}, @void, @val={0x6, 0x2}, @val={0x5, 0x3}, @val={0x25, 0x3}, @val={0x2a, 0x1}, @val={0x3c, 0x4}, @void, @val={0x72, 0x6}, @void, @val={0x76, 0x6}}}]}, 0x70}}, 0x0) 16:44:50 executing program 2: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET_UNCONFIRMED(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000380)={0x14, 0x7, 0x1, 0x801}, 0x14}}, 0x0) 16:44:51 executing program 7: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x26e1, 0x0) fcntl$setlease(r0, 0x400, 0x1) fcntl$setown(r0, 0x8, 0xffffffffffffffff) openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0xc02, 0x0) 16:44:51 executing program 6: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_TRIGGER_SCAN(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000440)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="0107000000000000000020ffec0008000300", @ANYRES32=r2], 0x30}}, 0x0) 16:44:51 executing program 3: openat$sndseq(0xffffffffffffff9c, &(0x7f00000000c0), 0x0) 16:44:51 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x15f) write$binfmt_elf64(r0, &(0x7f0000000140)=ANY=[@ANYBLOB="7f454c4600000000000000000000000003003e"], 0x78) close(r0) execveat(0xffffffffffffff9c, &(0x7f0000000480)='./file1\x00', 0x0, 0x0, 0x0) 16:44:51 executing program 5: prctl$PR_MCE_KILL(0x21, 0x0, 0x0) 16:44:51 executing program 1: r0 = inotify_init() inotify_add_watch(r0, &(0x7f0000000240)='.\x00', 0x1630009be) syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) open(&(0x7f00000000c0)='./file0\x00', 0x4580, 0x0) 16:44:51 executing program 2: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET_UNCONFIRMED(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000380)={0x14, 0x7, 0x1, 0x801}, 0x14}}, 0x0) [ 159.182611] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.6'. 16:44:51 executing program 4: syz_emit_ethernet(0x4e, &(0x7f00000000c0)={@local, @dev, @val={@void}, {@ipv6={0x86dd, @tcp={0x0, 0x6, "0a2adc", 0x14, 0x6, 0x0, @ipv4, @mcast2, {[], {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x0) 16:44:51 executing program 3: openat$sndseq(0xffffffffffffff9c, &(0x7f00000000c0), 0x0) 16:44:51 executing program 5: prctl$PR_MCE_KILL(0x21, 0x0, 0x0) 16:44:51 executing program 6: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_TRIGGER_SCAN(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000440)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="0107000000000000000020ffec0008000300", @ANYRES32=r2], 0x30}}, 0x0) 16:44:51 executing program 1: r0 = inotify_init() inotify_add_watch(r0, &(0x7f0000000240)='.\x00', 0x1630009be) syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) open(&(0x7f00000000c0)='./file0\x00', 0x4580, 0x0) 16:44:51 executing program 7: r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001840)={0x1, 0x80, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) close_range(r0, 0xffffffffffffffff, 0x0) [ 159.402675] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.6'. 16:44:51 executing program 4: syz_emit_ethernet(0x4e, &(0x7f00000000c0)={@local, @dev, @val={@void}, {@ipv6={0x86dd, @tcp={0x0, 0x6, "0a2adc", 0x14, 0x6, 0x0, @ipv4, @mcast2, {[], {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x0) 16:44:51 executing program 3: openat$sndseq(0xffffffffffffff9c, &(0x7f00000000c0), 0x0) 16:44:51 executing program 5: prctl$PR_MCE_KILL(0x21, 0x0, 0x0) 16:44:51 executing program 2: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) lstat(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0}) lchown(&(0x7f0000000140)='./file0\x00', r0, 0x0) 16:44:51 executing program 7: r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001840)={0x1, 0x80, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) close_range(r0, 0xffffffffffffffff, 0x0) 16:44:51 executing program 4: syz_emit_ethernet(0x4e, &(0x7f00000000c0)={@local, @dev, @val={@void}, {@ipv6={0x86dd, @tcp={0x0, 0x6, "0a2adc", 0x14, 0x6, 0x0, @ipv4, @mcast2, {[], {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x0) 16:44:51 executing program 5: prctl$PR_MCE_KILL(0x21, 0x0, 0x0) 16:44:51 executing program 0: r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001840)={0x1, 0x80, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) close_range(r0, 0xffffffffffffffff, 0x0) 16:44:51 executing program 3: openat$sndseq(0xffffffffffffff9c, &(0x7f00000000c0), 0x0) 16:44:51 executing program 1: r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) bind$bt_sco(r0, &(0x7f0000000000)={0x1f, @fixed}, 0x8) listen(r0, 0x0) r1 = fsopen(&(0x7f0000000100)='devtmpfs\x00', 0x0) dup3(r1, r0, 0x80000) [ 159.744770] loop2: detected capacity change from 0 to 40 16:44:52 executing program 6: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) utimes(&(0x7f0000000000)='./file1\x00', 0x0) 16:44:52 executing program 4: syz_emit_ethernet(0x4e, &(0x7f00000000c0)={@local, @dev, @val={@void}, {@ipv6={0x86dd, @tcp={0x0, 0x6, "0a2adc", 0x14, 0x6, 0x0, @ipv4, @mcast2, {[], {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x0) 16:44:52 executing program 7: r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001840)={0x1, 0x80, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) close_range(r0, 0xffffffffffffffff, 0x0) 16:44:52 executing program 3: syz_emit_ethernet(0x2e, &(0x7f0000000000)={@local, @local, @void, {@ipv4={0x800, @udp={{0x6, 0x4, 0x0, 0x0, 0x20, 0x0, 0x3415, 0x0, 0x11, 0x0, @private=0xa010101, @remote, {[@timestamp_addr={0x44, 0x4, 0x0, 0x3}]}}, {0x0, 0x0, 0x8}}}}}, 0x0) 16:44:52 executing program 5: r0 = syz_io_uring_setup(0x7644, &(0x7f0000000140), &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f00000001c0), &(0x7f0000000200)) io_uring_register$IORING_REGISTER_FILES(r0, 0x11, 0x0, 0x0) 16:44:52 executing program 0: r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001840)={0x1, 0x80, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) close_range(r0, 0xffffffffffffffff, 0x0) 16:44:52 executing program 1: r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) bind$bt_sco(r0, &(0x7f0000000000)={0x1f, @fixed}, 0x8) listen(r0, 0x0) r1 = fsopen(&(0x7f0000000100)='devtmpfs\x00', 0x0) dup3(r1, r0, 0x80000) 16:44:52 executing program 2: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) lstat(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0}) lchown(&(0x7f0000000140)='./file0\x00', r0, 0x0) [ 160.013468] loop2: detected capacity change from 0 to 40 16:44:52 executing program 3: syz_emit_ethernet(0x2e, &(0x7f0000000000)={@local, @local, @void, {@ipv4={0x800, @udp={{0x6, 0x4, 0x0, 0x0, 0x20, 0x0, 0x3415, 0x0, 0x11, 0x0, @private=0xa010101, @remote, {[@timestamp_addr={0x44, 0x4, 0x0, 0x3}]}}, {0x0, 0x0, 0x8}}}}}, 0x0) 16:44:52 executing program 0: r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001840)={0x1, 0x80, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) close_range(r0, 0xffffffffffffffff, 0x0) 16:44:52 executing program 5: r0 = syz_io_uring_setup(0x7644, &(0x7f0000000140), &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f00000001c0), &(0x7f0000000200)) io_uring_register$IORING_REGISTER_FILES(r0, 0x11, 0x0, 0x0) 16:44:52 executing program 4: r0 = shmget$private(0x0, 0x14000, 0x0, &(0x7f0000fe7000/0x14000)=nil) shmat(r0, &(0x7f0000ff0000/0x3000)=nil, 0x4000) remap_file_pages(&(0x7f0000ff5000/0x4000)=nil, 0x7fffdf00a000, 0x0, 0x0, 0x0) 16:44:52 executing program 7: r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001840)={0x1, 0x80, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) close_range(r0, 0xffffffffffffffff, 0x0) 16:44:52 executing program 1: r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) bind$bt_sco(r0, &(0x7f0000000000)={0x1f, @fixed}, 0x8) listen(r0, 0x0) r1 = fsopen(&(0x7f0000000100)='devtmpfs\x00', 0x0) dup3(r1, r0, 0x80000) 16:44:52 executing program 2: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) lstat(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0}) lchown(&(0x7f0000000140)='./file0\x00', r0, 0x0) 16:44:52 executing program 6: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) lstat(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0}) lchown(&(0x7f0000000140)='./file0\x00', r0, 0x0) [ 160.223293] loop2: detected capacity change from 0 to 40 [ 160.243838] mmap: syz-executor.4 (4163) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 160.264177] loop6: detected capacity change from 0 to 40 16:44:52 executing program 3: syz_emit_ethernet(0x2e, &(0x7f0000000000)={@local, @local, @void, {@ipv4={0x800, @udp={{0x6, 0x4, 0x0, 0x0, 0x20, 0x0, 0x3415, 0x0, 0x11, 0x0, @private=0xa010101, @remote, {[@timestamp_addr={0x44, 0x4, 0x0, 0x3}]}}, {0x0, 0x0, 0x8}}}}}, 0x0) 16:44:52 executing program 1: r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) bind$bt_sco(r0, &(0x7f0000000000)={0x1f, @fixed}, 0x8) listen(r0, 0x0) r1 = fsopen(&(0x7f0000000100)='devtmpfs\x00', 0x0) dup3(r1, r0, 0x80000) 16:44:52 executing program 4: r0 = shmget$private(0x0, 0x14000, 0x0, &(0x7f0000fe7000/0x14000)=nil) shmat(r0, &(0x7f0000ff0000/0x3000)=nil, 0x4000) remap_file_pages(&(0x7f0000ff5000/0x4000)=nil, 0x7fffdf00a000, 0x0, 0x0, 0x0) 16:44:52 executing program 2: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) lstat(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0}) lchown(&(0x7f0000000140)='./file0\x00', r0, 0x0) 16:44:52 executing program 6: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) lstat(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0}) lchown(&(0x7f0000000140)='./file0\x00', r0, 0x0) 16:44:52 executing program 5: r0 = syz_io_uring_setup(0x7644, &(0x7f0000000140), &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f00000001c0), &(0x7f0000000200)) io_uring_register$IORING_REGISTER_FILES(r0, 0x11, 0x0, 0x0) 16:44:52 executing program 7: r0 = shmget$private(0x0, 0x14000, 0x0, &(0x7f0000fe7000/0x14000)=nil) shmat(r0, &(0x7f0000ff0000/0x3000)=nil, 0x4000) remap_file_pages(&(0x7f0000ff5000/0x4000)=nil, 0x7fffdf00a000, 0x0, 0x0, 0x0) 16:44:52 executing program 0: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_netfilter(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)={0x1c, 0x1a, 0x0, 0x101, 0x0, 0x0, {}, [@typed={0x8, 0x0, 0x0, 0x0, @ipv4=@broadcast}]}, 0x1c}}, 0x0) [ 160.497097] loop2: detected capacity change from 0 to 40 [ 160.549960] loop6: detected capacity change from 0 to 40 16:44:52 executing program 4: r0 = shmget$private(0x0, 0x14000, 0x0, &(0x7f0000fe7000/0x14000)=nil) shmat(r0, &(0x7f0000ff0000/0x3000)=nil, 0x4000) remap_file_pages(&(0x7f0000ff5000/0x4000)=nil, 0x7fffdf00a000, 0x0, 0x0, 0x0) 16:44:52 executing program 3: syz_emit_ethernet(0x2e, &(0x7f0000000000)={@local, @local, @void, {@ipv4={0x800, @udp={{0x6, 0x4, 0x0, 0x0, 0x20, 0x0, 0x3415, 0x0, 0x11, 0x0, @private=0xa010101, @remote, {[@timestamp_addr={0x44, 0x4, 0x0, 0x3}]}}, {0x0, 0x0, 0x8}}}}}, 0x0) 16:44:52 executing program 1: r0 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) r1 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) dup2(r0, r1) 16:44:53 executing program 1: r0 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) r1 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) dup2(r0, r1) 16:44:53 executing program 5: r0 = syz_io_uring_setup(0x7644, &(0x7f0000000140), &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f00000001c0), &(0x7f0000000200)) io_uring_register$IORING_REGISTER_FILES(r0, 0x11, 0x0, 0x0) 16:44:53 executing program 6: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) lstat(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0}) lchown(&(0x7f0000000140)='./file0\x00', r0, 0x0) 16:44:53 executing program 7: r0 = shmget$private(0x0, 0x14000, 0x0, &(0x7f0000fe7000/0x14000)=nil) shmat(r0, &(0x7f0000ff0000/0x3000)=nil, 0x4000) remap_file_pages(&(0x7f0000ff5000/0x4000)=nil, 0x7fffdf00a000, 0x0, 0x0, 0x0) 16:44:53 executing program 4: r0 = shmget$private(0x0, 0x14000, 0x0, &(0x7f0000fe7000/0x14000)=nil) shmat(r0, &(0x7f0000ff0000/0x3000)=nil, 0x4000) remap_file_pages(&(0x7f0000ff5000/0x4000)=nil, 0x7fffdf00a000, 0x0, 0x0, 0x0) 16:44:53 executing program 0: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_netfilter(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)={0x1c, 0x1a, 0x0, 0x101, 0x0, 0x0, {}, [@typed={0x8, 0x0, 0x0, 0x0, @ipv4=@broadcast}]}, 0x1c}}, 0x0) 16:44:53 executing program 3: r0 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) r1 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) dup2(r0, r1) 16:44:53 executing program 2: syz_emit_ethernet(0x36, &(0x7f0000000040)={@local, @link_local, @void, {@ipv4={0x800, @dccp={{0x6, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x21, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @initdev={0xac, 0x1e, 0x0, 0x0}, {[@ra={0x94, 0x4}]}}, {{0x0, 0x0, 0x4, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, "953212", 0x0, "cb70f9"}}}}}}, 0x0) [ 160.868760] loop6: detected capacity change from 0 to 40 16:44:53 executing program 7: r0 = shmget$private(0x0, 0x14000, 0x0, &(0x7f0000fe7000/0x14000)=nil) shmat(r0, &(0x7f0000ff0000/0x3000)=nil, 0x4000) remap_file_pages(&(0x7f0000ff5000/0x4000)=nil, 0x7fffdf00a000, 0x0, 0x0, 0x0) 16:44:53 executing program 0: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_netfilter(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)={0x1c, 0x1a, 0x0, 0x101, 0x0, 0x0, {}, [@typed={0x8, 0x0, 0x0, 0x0, @ipv4=@broadcast}]}, 0x1c}}, 0x0) 16:44:53 executing program 1: r0 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) r1 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) dup2(r0, r1) 16:44:53 executing program 4: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x82, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) memfd_secret(0x0) 16:44:53 executing program 6: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000100), 0x44b43, 0x0) ioctl$SG_EMULATED_HOST(r0, 0x127e, &(0x7f0000002340)) r1 = openat$sr(0xffffffffffffff9c, &(0x7f0000000100), 0x44b43, 0x0) ioctl$SG_EMULATED_HOST(r1, 0x127e, &(0x7f0000002340)) 16:44:53 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup/cgroup.procs\x00', 0x0, 0x0) fcntl$setlease(r0, 0x400, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup/cgroup.procs\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup/cgroup.procs\x00', 0x0, 0x0) close_range(r1, 0xffffffffffffffff, 0x0) 16:44:53 executing program 3: r0 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) r1 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) dup2(r0, r1) 16:44:53 executing program 2: syz_emit_ethernet(0x36, &(0x7f0000000040)={@local, @link_local, @void, {@ipv4={0x800, @dccp={{0x6, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x21, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @initdev={0xac, 0x1e, 0x0, 0x0}, {[@ra={0x94, 0x4}]}}, {{0x0, 0x0, 0x4, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, "953212", 0x0, "cb70f9"}}}}}}, 0x0) 16:44:53 executing program 1: r0 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) r1 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) dup2(r0, r1) 16:44:53 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup/cgroup.procs\x00', 0x0, 0x0) fcntl$setlease(r0, 0x400, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup/cgroup.procs\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup/cgroup.procs\x00', 0x0, 0x0) close_range(r1, 0xffffffffffffffff, 0x0) 16:44:53 executing program 0: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_netfilter(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)={0x1c, 0x1a, 0x0, 0x101, 0x0, 0x0, {}, [@typed={0x8, 0x0, 0x0, 0x0, @ipv4=@broadcast}]}, 0x1c}}, 0x0) 16:44:53 executing program 4: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000100), 0x44b43, 0x0) ioctl$SG_EMULATED_HOST(r0, 0x127e, &(0x7f0000002340)) r1 = openat$sr(0xffffffffffffff9c, &(0x7f0000000100), 0x44b43, 0x0) ioctl$SG_EMULATED_HOST(r1, 0x127e, &(0x7f0000002340)) 16:44:53 executing program 6: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000100), 0x44b43, 0x0) ioctl$SG_EMULATED_HOST(r0, 0x127e, &(0x7f0000002340)) r1 = openat$sr(0xffffffffffffff9c, &(0x7f0000000100), 0x44b43, 0x0) ioctl$SG_EMULATED_HOST(r1, 0x127e, &(0x7f0000002340)) 16:44:53 executing program 3: r0 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) r1 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) dup2(r0, r1) 16:44:53 executing program 2: syz_emit_ethernet(0x36, &(0x7f0000000040)={@local, @link_local, @void, {@ipv4={0x800, @dccp={{0x6, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x21, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @initdev={0xac, 0x1e, 0x0, 0x0}, {[@ra={0x94, 0x4}]}}, {{0x0, 0x0, 0x4, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, "953212", 0x0, "cb70f9"}}}}}}, 0x0) 16:44:53 executing program 7: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup/cgroup.procs\x00', 0x0, 0x0) fcntl$setlease(r0, 0x400, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup/cgroup.procs\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup/cgroup.procs\x00', 0x0, 0x0) close_range(r1, 0xffffffffffffffff, 0x0) 16:44:53 executing program 6: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000100), 0x44b43, 0x0) ioctl$SG_EMULATED_HOST(r0, 0x127e, &(0x7f0000002340)) r1 = openat$sr(0xffffffffffffff9c, &(0x7f0000000100), 0x44b43, 0x0) ioctl$SG_EMULATED_HOST(r1, 0x127e, &(0x7f0000002340)) 16:44:53 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup/cgroup.procs\x00', 0x0, 0x0) fcntl$setlease(r0, 0x400, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup/cgroup.procs\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup/cgroup.procs\x00', 0x0, 0x0) close_range(r1, 0xffffffffffffffff, 0x0) 16:44:53 executing program 2: syz_emit_ethernet(0x36, &(0x7f0000000040)={@local, @link_local, @void, {@ipv4={0x800, @dccp={{0x6, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x21, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @initdev={0xac, 0x1e, 0x0, 0x0}, {[@ra={0x94, 0x4}]}}, {{0x0, 0x0, 0x4, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, "953212", 0x0, "cb70f9"}}}}}}, 0x0) 16:44:53 executing program 4: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000100), 0x44b43, 0x0) ioctl$SG_EMULATED_HOST(r0, 0x127e, &(0x7f0000002340)) r1 = openat$sr(0xffffffffffffff9c, &(0x7f0000000100), 0x44b43, 0x0) ioctl$SG_EMULATED_HOST(r1, 0x127e, &(0x7f0000002340)) 16:44:53 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup/cgroup.procs\x00', 0x0, 0x0) fcntl$setlease(r0, 0x400, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup/cgroup.procs\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup/cgroup.procs\x00', 0x0, 0x0) close_range(r1, 0xffffffffffffffff, 0x0) 16:44:53 executing program 7: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup/cgroup.procs\x00', 0x0, 0x0) fcntl$setlease(r0, 0x400, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup/cgroup.procs\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup/cgroup.procs\x00', 0x0, 0x0) close_range(r1, 0xffffffffffffffff, 0x0) 16:44:53 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup/cgroup.procs\x00', 0x0, 0x0) fcntl$setlease(r0, 0x400, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup/cgroup.procs\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup/cgroup.procs\x00', 0x0, 0x0) close_range(r1, 0xffffffffffffffff, 0x0) 16:44:53 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup/cgroup.procs\x00', 0x0, 0x0) fcntl$setlease(r0, 0x400, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup/cgroup.procs\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup/cgroup.procs\x00', 0x0, 0x0) close_range(r1, 0xffffffffffffffff, 0x0) 16:44:53 executing program 0: r0 = syz_open_dev$tty20(0xc, 0x4, 0x0) ioctl$TIOCL_PASTESEL(r0, 0x541c, &(0x7f0000000180)) 16:44:54 executing program 2: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet6_udp(0xa, 0x2, 0x0) r1 = dup(r0) r2 = dup2(r1, r1) connect$inet6(r2, &(0x7f00000000c0)={0xa, 0x0, 0x0, @mcast2}, 0x1c) r3 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/udp6\x00') pread64(r3, &(0x7f0000000100)=""/4110, 0x100e, 0x0) 16:44:54 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup/cgroup.procs\x00', 0x0, 0x0) fcntl$setlease(r0, 0x400, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup/cgroup.procs\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup/cgroup.procs\x00', 0x0, 0x0) close_range(r1, 0xffffffffffffffff, 0x0) 16:44:54 executing program 4: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000100), 0x44b43, 0x0) ioctl$SG_EMULATED_HOST(r0, 0x127e, &(0x7f0000002340)) r1 = openat$sr(0xffffffffffffff9c, &(0x7f0000000100), 0x44b43, 0x0) ioctl$SG_EMULATED_HOST(r1, 0x127e, &(0x7f0000002340)) 16:44:54 executing program 6: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000100), 0x44b43, 0x0) ioctl$SG_EMULATED_HOST(r0, 0x127e, &(0x7f0000002340)) r1 = openat$sr(0xffffffffffffff9c, &(0x7f0000000100), 0x44b43, 0x0) ioctl$SG_EMULATED_HOST(r1, 0x127e, &(0x7f0000002340)) 16:44:54 executing program 7: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup/cgroup.procs\x00', 0x0, 0x0) fcntl$setlease(r0, 0x400, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup/cgroup.procs\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup/cgroup.procs\x00', 0x0, 0x0) close_range(r1, 0xffffffffffffffff, 0x0) 16:44:54 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup/cgroup.procs\x00', 0x0, 0x0) fcntl$setlease(r0, 0x400, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup/cgroup.procs\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup/cgroup.procs\x00', 0x0, 0x0) close_range(r1, 0xffffffffffffffff, 0x0) 16:44:54 executing program 5: r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xcc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) gettid() sendmmsg$unix(r1, &(0x7f00000006c0)=[{{0x0, 0x0, 0x0}}, {{&(0x7f0000000000)=@file={0x0, './file0\x00'}, 0x6e, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [r0]}}], 0x18}}], 0x2, 0x0) 16:44:54 executing program 2: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet6_udp(0xa, 0x2, 0x0) r1 = dup(r0) r2 = dup2(r1, r1) connect$inet6(r2, &(0x7f00000000c0)={0xa, 0x0, 0x0, @mcast2}, 0x1c) r3 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/udp6\x00') pread64(r3, &(0x7f0000000100)=""/4110, 0x100e, 0x0) 16:44:54 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup/cgroup.procs\x00', 0x0, 0x0) fcntl$setlease(r0, 0x400, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup/cgroup.procs\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup/cgroup.procs\x00', 0x0, 0x0) close_range(r1, 0xffffffffffffffff, 0x0) 16:44:54 executing program 0: r0 = openat$sr(0xffffffffffffff9c, &(0x7f00000001c0), 0x105802, 0x0) ioctl$SG_IO(r0, 0x5310, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, @scatter={0x0, 0x0, 0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) 16:44:54 executing program 4: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x82, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x1c1042, 0x0) unlink(&(0x7f0000000000)='./file1\x00') 16:44:54 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup/cgroup.procs\x00', 0x0, 0x0) fcntl$setlease(r0, 0x400, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup/cgroup.procs\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup/cgroup.procs\x00', 0x0, 0x0) close_range(r1, 0xffffffffffffffff, 0x0) 16:44:54 executing program 7: r0 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$sock_int(r0, 0x1, 0xb, &(0x7f0000000100)=0x1, 0x4) sendmsg$inet(r0, &(0x7f0000000280)={&(0x7f0000000300)={0x2, 0x4e23, @local}, 0x10, 0x0}, 0x0) 16:44:54 executing program 2: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet6_udp(0xa, 0x2, 0x0) r1 = dup(r0) r2 = dup2(r1, r1) connect$inet6(r2, &(0x7f00000000c0)={0xa, 0x0, 0x0, @mcast2}, 0x1c) r3 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/udp6\x00') pread64(r3, &(0x7f0000000100)=""/4110, 0x100e, 0x0) 16:44:54 executing program 3: openat$dir(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x4840, 0x131) setresuid(0xee00, 0xee00, 0x0) openat$dir(0xffffffffffffff9c, 0x0, 0x0, 0x0) fsetxattr$trusted_overlay_redirect(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) syz_mount_image$msdos(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) syz_open_dev$loop(0x0, 0x0, 0x0) truncate(&(0x7f0000000a40)='./file0\x00', 0x0) 16:44:54 executing program 6: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000005b00), 0x0, 0x0) ioctl$TIOCGLCKTRMIOS(r0, 0x80045432, &(0x7f0000005b40)={0x0, 0x0, 0x0, 0x0, 0x0, "934be6c67b33230e57a0a542100ac4e32eabce"}) 16:44:54 executing program 5: r0 = openat$sr(0xffffffffffffff9c, &(0x7f00000001c0), 0x105802, 0x0) ioctl$SG_IO(r0, 0x5310, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, @scatter={0x0, 0x0, 0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) 16:44:54 executing program 0: r0 = openat$sr(0xffffffffffffff9c, &(0x7f00000001c0), 0x105802, 0x0) ioctl$SG_IO(r0, 0x5310, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, @scatter={0x0, 0x0, 0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) 16:44:54 executing program 4: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x82, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x1c1042, 0x0) unlink(&(0x7f0000000000)='./file1\x00') 16:44:54 executing program 7: r0 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$sock_int(r0, 0x1, 0xb, &(0x7f0000000100)=0x1, 0x4) sendmsg$inet(r0, &(0x7f0000000280)={&(0x7f0000000300)={0x2, 0x4e23, @local}, 0x10, 0x0}, 0x0) 16:44:54 executing program 1: r0 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$sock_int(r0, 0x1, 0xb, &(0x7f0000000100)=0x1, 0x4) sendmsg$inet(r0, &(0x7f0000000280)={&(0x7f0000000300)={0x2, 0x4e23, @local}, 0x10, 0x0}, 0x0) 16:44:54 executing program 6: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000005b00), 0x0, 0x0) ioctl$TIOCGLCKTRMIOS(r0, 0x80045432, &(0x7f0000005b40)={0x0, 0x0, 0x0, 0x0, 0x0, "934be6c67b33230e57a0a542100ac4e32eabce"}) 16:44:54 executing program 3: openat$dir(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x4840, 0x131) setresuid(0xee00, 0xee00, 0x0) openat$dir(0xffffffffffffff9c, 0x0, 0x0, 0x0) fsetxattr$trusted_overlay_redirect(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) syz_mount_image$msdos(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) syz_open_dev$loop(0x0, 0x0, 0x0) truncate(&(0x7f0000000a40)='./file0\x00', 0x0) 16:44:54 executing program 7: r0 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$sock_int(r0, 0x1, 0xb, &(0x7f0000000100)=0x1, 0x4) sendmsg$inet(r0, &(0x7f0000000280)={&(0x7f0000000300)={0x2, 0x4e23, @local}, 0x10, 0x0}, 0x0) 16:44:54 executing program 4: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x82, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x1c1042, 0x0) unlink(&(0x7f0000000000)='./file1\x00') 16:44:54 executing program 5: r0 = openat$sr(0xffffffffffffff9c, &(0x7f00000001c0), 0x105802, 0x0) ioctl$SG_IO(r0, 0x5310, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, @scatter={0x0, 0x0, 0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) 16:44:54 executing program 2: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet6_udp(0xa, 0x2, 0x0) r1 = dup(r0) r2 = dup2(r1, r1) connect$inet6(r2, &(0x7f00000000c0)={0xa, 0x0, 0x0, @mcast2}, 0x1c) r3 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/udp6\x00') pread64(r3, &(0x7f0000000100)=""/4110, 0x100e, 0x0) 16:44:54 executing program 0: r0 = openat$sr(0xffffffffffffff9c, &(0x7f00000001c0), 0x105802, 0x0) ioctl$SG_IO(r0, 0x5310, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, @scatter={0x0, 0x0, 0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) 16:44:54 executing program 1: r0 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$sock_int(r0, 0x1, 0xb, &(0x7f0000000100)=0x1, 0x4) sendmsg$inet(r0, &(0x7f0000000280)={&(0x7f0000000300)={0x2, 0x4e23, @local}, 0x10, 0x0}, 0x0) 16:44:55 executing program 3: openat$dir(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x4840, 0x131) setresuid(0xee00, 0xee00, 0x0) openat$dir(0xffffffffffffff9c, 0x0, 0x0, 0x0) fsetxattr$trusted_overlay_redirect(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) syz_mount_image$msdos(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) syz_open_dev$loop(0x0, 0x0, 0x0) truncate(&(0x7f0000000a40)='./file0\x00', 0x0) 16:44:55 executing program 7: r0 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$sock_int(r0, 0x1, 0xb, &(0x7f0000000100)=0x1, 0x4) sendmsg$inet(r0, &(0x7f0000000280)={&(0x7f0000000300)={0x2, 0x4e23, @local}, 0x10, 0x0}, 0x0) 16:44:55 executing program 4: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x82, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x1c1042, 0x0) unlink(&(0x7f0000000000)='./file1\x00') 16:44:55 executing program 0: r0 = openat$sr(0xffffffffffffff9c, &(0x7f00000001c0), 0x105802, 0x0) ioctl$SG_IO(r0, 0x5310, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, @scatter={0x0, 0x0, 0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) 16:44:55 executing program 6: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000005b00), 0x0, 0x0) ioctl$TIOCGLCKTRMIOS(r0, 0x80045432, &(0x7f0000005b40)={0x0, 0x0, 0x0, 0x0, 0x0, "934be6c67b33230e57a0a542100ac4e32eabce"}) 16:44:55 executing program 5: r0 = openat$sr(0xffffffffffffff9c, &(0x7f00000001c0), 0x105802, 0x0) ioctl$SG_IO(r0, 0x5310, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, @scatter={0x0, 0x0, 0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) 16:44:55 executing program 2: r0 = semget$private(0x0, 0x1, 0x0) semctl$IPC_STAT(r0, 0x0, 0x2, 0x0) 16:44:55 executing program 3: openat$dir(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x4840, 0x131) setresuid(0xee00, 0xee00, 0x0) openat$dir(0xffffffffffffff9c, 0x0, 0x0, 0x0) fsetxattr$trusted_overlay_redirect(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) syz_mount_image$msdos(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) syz_open_dev$loop(0x0, 0x0, 0x0) truncate(&(0x7f0000000a40)='./file0\x00', 0x0) 16:44:55 executing program 1: r0 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$sock_int(r0, 0x1, 0xb, &(0x7f0000000100)=0x1, 0x4) sendmsg$inet(r0, &(0x7f0000000280)={&(0x7f0000000300)={0x2, 0x4e23, @local}, 0x10, 0x0}, 0x0) 16:44:55 executing program 0: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) pread64(0xffffffffffffffff, 0x0, 0x0, 0x0) r0 = socket$unix(0x1, 0x2, 0x0) bind$unix(r0, &(0x7f00000000c0)=@file={0x1, './file0\x00'}, 0x6e) connect$unix(r0, &(0x7f00000020c0)=@file={0x1, './file0\x00'}, 0x6e) setsockopt$sock_linger(0xffffffffffffffff, 0x1, 0xd, 0x0, 0x0) connect$unix(r0, &(0x7f0000000140)=@file={0x1, './file0\x00'}, 0x6e) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x0) 16:44:55 executing program 2: r0 = semget$private(0x0, 0x1, 0x0) semctl$IPC_STAT(r0, 0x0, 0x2, 0x0) 16:44:55 executing program 6: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000005b00), 0x0, 0x0) ioctl$TIOCGLCKTRMIOS(r0, 0x80045432, &(0x7f0000005b40)={0x0, 0x0, 0x0, 0x0, 0x0, "934be6c67b33230e57a0a542100ac4e32eabce"}) 16:44:55 executing program 4: prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000000)) clock_settime(0x0, &(0x7f0000000040)={0x77359400}) 16:44:55 executing program 7: syz_emit_ethernet(0x6e, &(0x7f0000000500)={@random="e59d5193649e", @multicast, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "2ddc20", 0x38, 0x3a, 0x0, @dev, @local, {[], @pkt_toobig={0x2, 0x0, 0x0, 0x2000, {0x0, 0x6, "e860f2", 0x0, 0x3a, 0x0, @remote, @remote, [], "3f6d3aab4ecc6e29"}}}}}}}, 0x0) 03:33:20 executing program 0: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) pread64(0xffffffffffffffff, 0x0, 0x0, 0x0) r0 = socket$unix(0x1, 0x2, 0x0) bind$unix(r0, &(0x7f00000000c0)=@file={0x1, './file0\x00'}, 0x6e) connect$unix(r0, &(0x7f00000020c0)=@file={0x1, './file0\x00'}, 0x6e) setsockopt$sock_linger(0xffffffffffffffff, 0x1, 0xd, 0x0, 0x0) connect$unix(r0, &(0x7f0000000140)=@file={0x1, './file0\x00'}, 0x6e) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x0) 03:33:20 executing program 2: r0 = semget$private(0x0, 0x1, 0x0) semctl$IPC_STAT(r0, 0x0, 0x2, 0x0) 03:33:20 executing program 0: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) pread64(0xffffffffffffffff, 0x0, 0x0, 0x0) r0 = socket$unix(0x1, 0x2, 0x0) bind$unix(r0, &(0x7f00000000c0)=@file={0x1, './file0\x00'}, 0x6e) connect$unix(r0, &(0x7f00000020c0)=@file={0x1, './file0\x00'}, 0x6e) setsockopt$sock_linger(0xffffffffffffffff, 0x1, 0xd, 0x0, 0x0) connect$unix(r0, &(0x7f0000000140)=@file={0x1, './file0\x00'}, 0x6e) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x0) 03:33:20 executing program 5: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff}) setsockopt$sock_int(r0, 0x1, 0xa, &(0x7f0000000040), 0x4) 03:33:20 executing program 1: msgctl$IPC_RMID(0x0, 0x2) 03:33:20 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x26e1, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$netlink(0xffffffffffffffff, 0x0, 0x0) epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000140)) 03:33:20 executing program 7: syz_emit_ethernet(0x6e, &(0x7f0000000500)={@random="e59d5193649e", @multicast, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "2ddc20", 0x38, 0x3a, 0x0, @dev, @local, {[], @pkt_toobig={0x2, 0x0, 0x0, 0x2000, {0x0, 0x6, "e860f2", 0x0, 0x3a, 0x0, @remote, @remote, [], "3f6d3aab4ecc6e29"}}}}}}}, 0x0) 03:33:20 executing program 6: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000040)="601c6d6b646f736602106c00080120010200004000f8000020004000000000000000000000d24efb3caed92dacccc2b879", 0x31}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000000080)) 03:33:20 executing program 4: prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000000)) clock_settime(0x0, &(0x7f0000000040)={0x77359400}) [ 163.539850] loop6: detected capacity change from 0 to 256 [ 163.562376] FAT-fs (loop6): bread failed, FSINFO block (sector = 121) [ 163.578693] loop6: detected capacity change from 0 to 256 03:33:20 executing program 4: prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000000)) clock_settime(0x0, &(0x7f0000000040)={0x77359400}) [ 163.593509] FAT-fs (loop6): bread failed, FSINFO block (sector = 121) 03:33:20 executing program 7: syz_emit_ethernet(0x6e, &(0x7f0000000500)={@random="e59d5193649e", @multicast, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "2ddc20", 0x38, 0x3a, 0x0, @dev, @local, {[], @pkt_toobig={0x2, 0x0, 0x0, 0x2000, {0x0, 0x6, "e860f2", 0x0, 0x3a, 0x0, @remote, @remote, [], "3f6d3aab4ecc6e29"}}}}}}}, 0x0) 03:33:20 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x26e1, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$netlink(0xffffffffffffffff, 0x0, 0x0) epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000140)) 03:33:20 executing program 5: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff}) setsockopt$sock_int(r0, 0x1, 0xa, &(0x7f0000000040), 0x4) 03:33:20 executing program 1: syz_emit_ethernet(0x19, &(0x7f0000000180)={@multicast, @multicast, @val={@val={0x8100}}, {@llc={0x8100, {@llc={0x0, 0x0, '\x00'}}}}}, 0x0) 03:33:20 executing program 0: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) pread64(0xffffffffffffffff, 0x0, 0x0, 0x0) r0 = socket$unix(0x1, 0x2, 0x0) bind$unix(r0, &(0x7f00000000c0)=@file={0x1, './file0\x00'}, 0x6e) connect$unix(r0, &(0x7f00000020c0)=@file={0x1, './file0\x00'}, 0x6e) setsockopt$sock_linger(0xffffffffffffffff, 0x1, 0xd, 0x0, 0x0) connect$unix(r0, &(0x7f0000000140)=@file={0x1, './file0\x00'}, 0x6e) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x0) 03:33:20 executing program 2: r0 = semget$private(0x0, 0x1, 0x0) semctl$IPC_STAT(r0, 0x0, 0x2, 0x0) 03:33:20 executing program 6: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000040)="601c6d6b646f736602106c00080120010200004000f8000020004000000000000000000000d24efb3caed92dacccc2b879", 0x31}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000000080)) [ 163.873817] loop6: detected capacity change from 0 to 256 03:33:20 executing program 4: prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000000)) clock_settime(0x0, &(0x7f0000000040)={0x77359400}) [ 163.888755] FAT-fs (loop6): bread failed, FSINFO block (sector = 121) 03:33:20 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x26e1, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$netlink(0xffffffffffffffff, 0x0, 0x0) epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000140)) 03:33:20 executing program 1: syz_emit_ethernet(0x19, &(0x7f0000000180)={@multicast, @multicast, @val={@val={0x8100}}, {@llc={0x8100, {@llc={0x0, 0x0, '\x00'}}}}}, 0x0) 03:33:20 executing program 1: syz_emit_ethernet(0x19, &(0x7f0000000180)={@multicast, @multicast, @val={@val={0x8100}}, {@llc={0x8100, {@llc={0x0, 0x0, '\x00'}}}}}, 0x0) 03:33:20 executing program 2: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', 0x0, 0x0, &(0x7f00000001c0)) setsockopt$inet6_udp_int(0xffffffffffffffff, 0x11, 0x66, &(0x7f0000000540)=0x3f, 0x4) r0 = socket$inet6_udp(0xa, 0x2, 0x0) r1 = dup(r0) r2 = epoll_create(0x9) epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r0, &(0x7f0000000040)={0x80000014}) connect$inet6(r1, &(0x7f00000000c0)={0xa, 0x0, 0x0, @mcast1, 0x3}, 0x1c) sendmmsg$inet6(r1, &(0x7f0000002880), 0x4000101, 0x0) 03:33:20 executing program 6: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000040)="601c6d6b646f736602106c00080120010200004000f8000020004000000000000000000000d24efb3caed92dacccc2b879", 0x31}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000000080)) 03:33:20 executing program 7: syz_emit_ethernet(0x6e, &(0x7f0000000500)={@random="e59d5193649e", @multicast, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "2ddc20", 0x38, 0x3a, 0x0, @dev, @local, {[], @pkt_toobig={0x2, 0x0, 0x0, 0x2000, {0x0, 0x6, "e860f2", 0x0, 0x3a, 0x0, @remote, @remote, [], "3f6d3aab4ecc6e29"}}}}}}}, 0x0) 03:33:20 executing program 5: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff}) setsockopt$sock_int(r0, 0x1, 0xa, &(0x7f0000000040), 0x4) 03:33:20 executing program 0: r0 = syz_io_uring_setup(0x4c8f, &(0x7f0000000080), &(0x7f0000ffa000/0x2000)=nil, &(0x7f0000ffb000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000000)) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x0, 0x11, r1, 0x0) io_uring_register$IORING_REGISTER_FILES(r0, 0x18, &(0x7f0000000140)=[0xffffffffffffffff], 0x1) 03:33:20 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x26e1, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$netlink(0xffffffffffffffff, 0x0, 0x0) epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000140)) 03:33:20 executing program 4: r0 = memfd_secret(0x0) close(r0) [ 164.169539] loop6: detected capacity change from 0 to 256 [ 164.184113] FAT-fs (loop6): bread failed, FSINFO block (sector = 121) 03:33:20 executing program 1: syz_emit_ethernet(0x19, &(0x7f0000000180)={@multicast, @multicast, @val={@val={0x8100}}, {@llc={0x8100, {@llc={0x0, 0x0, '\x00'}}}}}, 0x0) 03:33:20 executing program 5: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff}) setsockopt$sock_int(r0, 0x1, 0xa, &(0x7f0000000040), 0x4) 03:33:20 executing program 0: r0 = syz_io_uring_setup(0x4c8f, &(0x7f0000000080), &(0x7f0000ffa000/0x2000)=nil, &(0x7f0000ffb000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000000)) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x0, 0x11, r1, 0x0) io_uring_register$IORING_REGISTER_FILES(r0, 0x18, &(0x7f0000000140)=[0xffffffffffffffff], 0x1) 03:33:20 executing program 6: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000040)="601c6d6b646f736602106c00080120010200004000f8000020004000000000000000000000d24efb3caed92dacccc2b879", 0x31}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000000080)) 03:33:20 executing program 4: r0 = memfd_secret(0x0) close(r0) [ 164.439954] loop6: detected capacity change from 0 to 256 [ 164.455851] FAT-fs (loop6): bread failed, FSINFO block (sector = 121) 03:33:21 executing program 7: r0 = syz_io_uring_setup(0x4c8f, &(0x7f0000000080), &(0x7f0000ffa000/0x2000)=nil, &(0x7f0000ffb000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000000)) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x0, 0x11, r1, 0x0) io_uring_register$IORING_REGISTER_FILES(r0, 0x18, &(0x7f0000000140)=[0xffffffffffffffff], 0x1) 03:33:21 executing program 4: r0 = memfd_secret(0x0) close(r0) 03:33:21 executing program 0: r0 = syz_io_uring_setup(0x4c8f, &(0x7f0000000080), &(0x7f0000ffa000/0x2000)=nil, &(0x7f0000ffb000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000000)) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x0, 0x11, r1, 0x0) io_uring_register$IORING_REGISTER_FILES(r0, 0x18, &(0x7f0000000140)=[0xffffffffffffffff], 0x1) 03:33:21 executing program 5: mknod(&(0x7f0000008d80)='./file0\x00', 0x0, 0x0) stat(&(0x7f0000000540)='./file0\x00', &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x0}) setresuid(0x0, r0, 0x0) setpriority(0x2, 0x0, 0x0) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f00000018c0)={0x0, 0x0, 0x0}, &(0x7f0000001900)=0xc) fchown(0xffffffffffffffff, r0, r1) ioctl$AUTOFS_DEV_IOCTL_OPENMOUNT(0xffffffffffffffff, 0xc0189374, &(0x7f0000000000)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x6}}, './file1\x00'}) recvmmsg$unix(0xffffffffffffffff, &(0x7f0000000300)=[{{&(0x7f0000000100)=@abs, 0x6e, &(0x7f0000000280)=[{&(0x7f0000000180)=""/228, 0xe4}, {&(0x7f0000000580)=""/4096, 0x1000}], 0x2, &(0x7f00000002c0)=[@cred={{0x1c}}], 0x20}}], 0x1, 0x20000000, &(0x7f0000000340)={0x0, 0x3938700}) stat(&(0x7f0000000380)='./file0\x00', &(0x7f00000003c0)) r2 = clone3(&(0x7f0000000380)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) tkill(r2, 0x0) 03:33:21 executing program 2: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', 0x0, 0x0, &(0x7f00000001c0)) setsockopt$inet6_udp_int(0xffffffffffffffff, 0x11, 0x66, &(0x7f0000000540)=0x3f, 0x4) r0 = socket$inet6_udp(0xa, 0x2, 0x0) r1 = dup(r0) r2 = epoll_create(0x9) epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r0, &(0x7f0000000040)={0x80000014}) connect$inet6(r1, &(0x7f00000000c0)={0xa, 0x0, 0x0, @mcast1, 0x3}, 0x1c) sendmmsg$inet6(r1, &(0x7f0000002880), 0x4000101, 0x0) 03:33:21 executing program 3: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$sock_bt_hci(r0, 0x400448dd, &(0x7f0000000300)="fe") 03:33:21 executing program 4: r0 = memfd_secret(0x0) close(r0) 03:33:21 executing program 3: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$sock_bt_hci(r0, 0x400448dd, &(0x7f0000000300)="fe") 03:33:21 executing program 0: r0 = syz_io_uring_setup(0x4c8f, &(0x7f0000000080), &(0x7f0000ffa000/0x2000)=nil, &(0x7f0000ffb000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000000)) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x0, 0x11, r1, 0x0) io_uring_register$IORING_REGISTER_FILES(r0, 0x18, &(0x7f0000000140)=[0xffffffffffffffff], 0x1) 03:33:21 executing program 7: r0 = syz_io_uring_setup(0x4c8f, &(0x7f0000000080), &(0x7f0000ffa000/0x2000)=nil, &(0x7f0000ffb000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000000)) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x0, 0x11, r1, 0x0) io_uring_register$IORING_REGISTER_FILES(r0, 0x18, &(0x7f0000000140)=[0xffffffffffffffff], 0x1) 03:33:21 executing program 5: mknod(&(0x7f0000008d80)='./file0\x00', 0x0, 0x0) stat(&(0x7f0000000540)='./file0\x00', &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x0}) setresuid(0x0, r0, 0x0) setpriority(0x2, 0x0, 0x0) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f00000018c0)={0x0, 0x0, 0x0}, &(0x7f0000001900)=0xc) fchown(0xffffffffffffffff, r0, r1) ioctl$AUTOFS_DEV_IOCTL_OPENMOUNT(0xffffffffffffffff, 0xc0189374, &(0x7f0000000000)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x6}}, './file1\x00'}) recvmmsg$unix(0xffffffffffffffff, &(0x7f0000000300)=[{{&(0x7f0000000100)=@abs, 0x6e, &(0x7f0000000280)=[{&(0x7f0000000180)=""/228, 0xe4}, {&(0x7f0000000580)=""/4096, 0x1000}], 0x2, &(0x7f00000002c0)=[@cred={{0x1c}}], 0x20}}], 0x1, 0x20000000, &(0x7f0000000340)={0x0, 0x3938700}) stat(&(0x7f0000000380)='./file0\x00', &(0x7f00000003c0)) r2 = clone3(&(0x7f0000000380)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) tkill(r2, 0x0) 03:33:21 executing program 3: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$sock_bt_hci(r0, 0x400448dd, &(0x7f0000000300)="fe") 03:33:21 executing program 7: r0 = syz_io_uring_setup(0x4c8f, &(0x7f0000000080), &(0x7f0000ffa000/0x2000)=nil, &(0x7f0000ffb000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000000)) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x0, 0x11, r1, 0x0) io_uring_register$IORING_REGISTER_FILES(r0, 0x18, &(0x7f0000000140)=[0xffffffffffffffff], 0x1) 03:33:21 executing program 3: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$sock_bt_hci(r0, 0x400448dd, &(0x7f0000000300)="fe") 03:33:21 executing program 2: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', 0x0, 0x0, &(0x7f00000001c0)) setsockopt$inet6_udp_int(0xffffffffffffffff, 0x11, 0x66, &(0x7f0000000540)=0x3f, 0x4) r0 = socket$inet6_udp(0xa, 0x2, 0x0) r1 = dup(r0) r2 = epoll_create(0x9) epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r0, &(0x7f0000000040)={0x80000014}) connect$inet6(r1, &(0x7f00000000c0)={0xa, 0x0, 0x0, @mcast1, 0x3}, 0x1c) sendmmsg$inet6(r1, &(0x7f0000002880), 0x4000101, 0x0) 03:33:21 executing program 5: mknod(&(0x7f0000008d80)='./file0\x00', 0x0, 0x0) stat(&(0x7f0000000540)='./file0\x00', &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x0}) setresuid(0x0, r0, 0x0) setpriority(0x2, 0x0, 0x0) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f00000018c0)={0x0, 0x0, 0x0}, &(0x7f0000001900)=0xc) fchown(0xffffffffffffffff, r0, r1) ioctl$AUTOFS_DEV_IOCTL_OPENMOUNT(0xffffffffffffffff, 0xc0189374, &(0x7f0000000000)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x6}}, './file1\x00'}) recvmmsg$unix(0xffffffffffffffff, &(0x7f0000000300)=[{{&(0x7f0000000100)=@abs, 0x6e, &(0x7f0000000280)=[{&(0x7f0000000180)=""/228, 0xe4}, {&(0x7f0000000580)=""/4096, 0x1000}], 0x2, &(0x7f00000002c0)=[@cred={{0x1c}}], 0x20}}], 0x1, 0x20000000, &(0x7f0000000340)={0x0, 0x3938700}) stat(&(0x7f0000000380)='./file0\x00', &(0x7f00000003c0)) r2 = clone3(&(0x7f0000000380)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) tkill(r2, 0x0) 03:33:22 executing program 5: mknod(&(0x7f0000008d80)='./file0\x00', 0x0, 0x0) stat(&(0x7f0000000540)='./file0\x00', &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x0}) setresuid(0x0, r0, 0x0) setpriority(0x2, 0x0, 0x0) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f00000018c0)={0x0, 0x0, 0x0}, &(0x7f0000001900)=0xc) fchown(0xffffffffffffffff, r0, r1) ioctl$AUTOFS_DEV_IOCTL_OPENMOUNT(0xffffffffffffffff, 0xc0189374, &(0x7f0000000000)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x6}}, './file1\x00'}) recvmmsg$unix(0xffffffffffffffff, &(0x7f0000000300)=[{{&(0x7f0000000100)=@abs, 0x6e, &(0x7f0000000280)=[{&(0x7f0000000180)=""/228, 0xe4}, {&(0x7f0000000580)=""/4096, 0x1000}], 0x2, &(0x7f00000002c0)=[@cred={{0x1c}}], 0x20}}], 0x1, 0x20000000, &(0x7f0000000340)={0x0, 0x3938700}) stat(&(0x7f0000000380)='./file0\x00', &(0x7f00000003c0)) r2 = clone3(&(0x7f0000000380)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) tkill(r2, 0x0) 03:33:22 executing program 2: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', 0x0, 0x0, &(0x7f00000001c0)) setsockopt$inet6_udp_int(0xffffffffffffffff, 0x11, 0x66, &(0x7f0000000540)=0x3f, 0x4) r0 = socket$inet6_udp(0xa, 0x2, 0x0) r1 = dup(r0) r2 = epoll_create(0x9) epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r0, &(0x7f0000000040)={0x80000014}) connect$inet6(r1, &(0x7f00000000c0)={0xa, 0x0, 0x0, @mcast1, 0x3}, 0x1c) sendmmsg$inet6(r1, &(0x7f0000002880), 0x4000101, 0x0) 03:33:23 executing program 6: openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz1\x00', 0x200002, 0x0) socket$inet_udp(0x2, 0x2, 0x0) openat$cgroup_devices(0xffffffffffffffff, 0x0, 0x2, 0x0) openat$sr(0xffffffffffffff9c, &(0x7f0000000180), 0x81, 0x0) r0 = io_uring_setup(0x787b, &(0x7f0000000640)={0x0, 0xc64f, 0x0, 0x0, 0x35b}) mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x20010, r0, 0x8000000) 03:33:23 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) pwritev(r0, &(0x7f0000000340)=[{&(0x7f00000000c0)='\"', 0x1}], 0x1, 0x0, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) r2 = openat$tcp_congestion(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0) sendfile(r2, r1, 0x0, 0x4000000000004) 03:33:23 executing program 5: mknod(&(0x7f0000008d80)='./file0\x00', 0x0, 0x0) mount$9p_unix(&(0x7f0000000080)='\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x13901e, 0x0) 03:33:23 executing program 4: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0) syz_io_uring_setup(0x0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x13}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ff9000/0x4000)=nil, 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000000)) ioctl$TUNSETTXFILTER(r0, 0x401054d6, 0x0) 03:33:23 executing program 0: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = creat(&(0x7f0000000040)='./file0\x00', 0x0) sync_file_range(r0, 0x0, 0x0, 0x0) 03:33:23 executing program 7: r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) getpeername(r0, 0x0, &(0x7f0000004e00)) 03:33:23 executing program 3: openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000240), 0x0) 03:33:23 executing program 2: openat$dir(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x2000, 0x43) r0 = openat(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x301400, 0x10) ioctl$CDROMREADMODE1(r0, 0x530d, &(0x7f0000001640)={0x6, 0x9, 0x0, 0x1, 0x6, 0x81}) syz_io_uring_setup(0x101, &(0x7f0000000080), &(0x7f0000ffb000/0x1000)=nil, &(0x7f00000b0000)=nil, 0x0, &(0x7f0000000040)=0x0) r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x0, 0x0) io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0) syz_io_uring_submit(0x0, r1, 0x0, 0x8001) r3 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000240)='/proc/stat\x00', 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_EXPIRE(r3, 0xc018937c, &(0x7f0000000140)={{0x1, 0x1, 0x18, r2, {0x4}}, './file0\x00'}) r4 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x7fff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r4, 0x81f8943c, &(0x7f0000001280)) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) r5 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x26e1, 0x0) ioctl$FS_IOC_GETFSMAP(r5, 0xc0c0583b, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, '\x00', [{}, {0x0, 0x0, 0x0, 0x0, 0x80000000000000}]}) epoll_ctl$EPOLL_CTL_ADD(r5, 0x1, 0xffffffffffffffff, &(0x7f0000000000)={0x20000000}) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) openat$vcsa(0xffffffffffffff9c, &(0x7f0000001600), 0x400000, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) [ 168.002527] audit: type=1400 audit(2000000003.991:12): avc: denied { write } for pid=4501 comm="syz-executor.2" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 [ 168.031838] hrtimer: interrupt took 33564 ns 03:33:24 executing program 0: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = creat(&(0x7f0000000040)='./file0\x00', 0x0) sync_file_range(r0, 0x0, 0x0, 0x0) 03:33:24 executing program 5: mknod(&(0x7f0000008d80)='./file0\x00', 0x0, 0x0) mount$9p_unix(&(0x7f0000000080)='\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x13901e, 0x0) 03:33:24 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f000004cb00)={0xf2, [], 0x0, "2dbae8f8a25191"}) sendfile(r1, r0, 0x0, 0xfffffdef) 03:33:24 executing program 7: r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) getpeername(r0, 0x0, &(0x7f0000004e00)) 03:33:24 executing program 3: r0 = socket$inet6(0xa, 0x1, 0x0) setsockopt$inet6_IPV6_HOPOPTS(r0, 0x29, 0x36, &(0x7f0000000140)=ANY=[@ANYBLOB="931119000787"], 0x90) setsockopt$inet6_IPV6_HOPOPTS(r0, 0x29, 0x36, 0x0, 0x0) 03:33:24 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) pwritev(r0, &(0x7f0000000340)=[{&(0x7f00000000c0)='\"', 0x1}], 0x1, 0x0, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) r2 = openat$tcp_congestion(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0) sendfile(r2, r1, 0x0, 0x4000000000004) 03:33:24 executing program 4: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0) syz_io_uring_setup(0x0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x13}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ff9000/0x4000)=nil, 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000000)) ioctl$TUNSETTXFILTER(r0, 0x401054d6, 0x0) 03:33:24 executing program 3: r0 = socket$inet6(0xa, 0x1, 0x0) setsockopt$inet6_IPV6_HOPOPTS(r0, 0x29, 0x36, &(0x7f0000000140)=ANY=[@ANYBLOB="931119000787"], 0x90) setsockopt$inet6_IPV6_HOPOPTS(r0, 0x29, 0x36, 0x0, 0x0) 03:33:24 executing program 0: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = creat(&(0x7f0000000040)='./file0\x00', 0x0) sync_file_range(r0, 0x0, 0x0, 0x0) 03:33:24 executing program 3: r0 = socket$inet6(0xa, 0x1, 0x0) setsockopt$inet6_IPV6_HOPOPTS(r0, 0x29, 0x36, &(0x7f0000000140)=ANY=[@ANYBLOB="931119000787"], 0x90) setsockopt$inet6_IPV6_HOPOPTS(r0, 0x29, 0x36, 0x0, 0x0) 03:33:24 executing program 7: r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) getpeername(r0, 0x0, &(0x7f0000004e00)) 03:33:24 executing program 6: r0 = socket$inet6(0xa, 0x1, 0x0) setsockopt$inet6_IPV6_HOPOPTS(r0, 0x29, 0x36, &(0x7f0000000140)=ANY=[@ANYBLOB="931119000787"], 0x90) setsockopt$inet6_IPV6_HOPOPTS(r0, 0x29, 0x36, 0x0, 0x0) 03:33:24 executing program 6: r0 = socket$inet6(0xa, 0x1, 0x0) setsockopt$inet6_IPV6_HOPOPTS(r0, 0x29, 0x36, &(0x7f0000000140)=ANY=[@ANYBLOB="931119000787"], 0x90) setsockopt$inet6_IPV6_HOPOPTS(r0, 0x29, 0x36, 0x0, 0x0) 03:33:25 executing program 7: r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) getpeername(r0, 0x0, &(0x7f0000004e00)) 03:33:25 executing program 3: r0 = socket$inet6(0xa, 0x1, 0x0) setsockopt$inet6_IPV6_HOPOPTS(r0, 0x29, 0x36, &(0x7f0000000140)=ANY=[@ANYBLOB="931119000787"], 0x90) setsockopt$inet6_IPV6_HOPOPTS(r0, 0x29, 0x36, 0x0, 0x0) 03:33:42 executing program 5: mknod(&(0x7f0000008d80)='./file0\x00', 0x0, 0x0) mount$9p_unix(&(0x7f0000000080)='\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x13901e, 0x0) 03:33:42 executing program 6: r0 = socket$inet6(0xa, 0x1, 0x0) setsockopt$inet6_IPV6_HOPOPTS(r0, 0x29, 0x36, &(0x7f0000000140)=ANY=[@ANYBLOB="931119000787"], 0x90) setsockopt$inet6_IPV6_HOPOPTS(r0, 0x29, 0x36, 0x0, 0x0) 03:33:42 executing program 7: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$sock_timeval(r0, 0x1, 0x2a, &(0x7f0000000200)={0x77359400}, 0x10) 03:33:42 executing program 4: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0) syz_io_uring_setup(0x0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x13}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ff9000/0x4000)=nil, 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000000)) ioctl$TUNSETTXFILTER(r0, 0x401054d6, 0x0) 03:33:42 executing program 3: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0) syz_io_uring_setup(0x0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x13}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ff9000/0x4000)=nil, 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000000)) ioctl$TUNSETTXFILTER(r0, 0x401054d6, 0x0) 03:33:42 executing program 0: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = creat(&(0x7f0000000040)='./file0\x00', 0x0) sync_file_range(r0, 0x0, 0x0, 0x0) 03:33:42 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) pwritev(r0, &(0x7f0000000340)=[{&(0x7f00000000c0)='\"', 0x1}], 0x1, 0x0, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) r2 = openat$tcp_congestion(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0) sendfile(r2, r1, 0x0, 0x4000000000004) 03:33:42 executing program 2: openat$dir(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x2000, 0x43) r0 = openat(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x301400, 0x10) ioctl$CDROMREADMODE1(r0, 0x530d, &(0x7f0000001640)={0x6, 0x9, 0x0, 0x1, 0x6, 0x81}) syz_io_uring_setup(0x101, &(0x7f0000000080), &(0x7f0000ffb000/0x1000)=nil, &(0x7f00000b0000)=nil, 0x0, &(0x7f0000000040)=0x0) r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x0, 0x0) io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0) syz_io_uring_submit(0x0, r1, 0x0, 0x8001) r3 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000240)='/proc/stat\x00', 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_EXPIRE(r3, 0xc018937c, &(0x7f0000000140)={{0x1, 0x1, 0x18, r2, {0x4}}, './file0\x00'}) r4 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x7fff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r4, 0x81f8943c, &(0x7f0000001280)) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) r5 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x26e1, 0x0) ioctl$FS_IOC_GETFSMAP(r5, 0xc0c0583b, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, '\x00', [{}, {0x0, 0x0, 0x0, 0x0, 0x80000000000000}]}) epoll_ctl$EPOLL_CTL_ADD(r5, 0x1, 0xffffffffffffffff, &(0x7f0000000000)={0x20000000}) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) openat$vcsa(0xffffffffffffff9c, &(0x7f0000001600), 0x400000, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 03:33:43 executing program 6: openat$dir(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x2000, 0x43) r0 = openat(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x301400, 0x10) ioctl$CDROMREADMODE1(r0, 0x530d, &(0x7f0000001640)={0x6, 0x9, 0x0, 0x1, 0x6, 0x81}) syz_io_uring_setup(0x101, &(0x7f0000000080), &(0x7f0000ffb000/0x1000)=nil, &(0x7f00000b0000)=nil, 0x0, &(0x7f0000000040)=0x0) r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x0, 0x0) io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0) syz_io_uring_submit(0x0, r1, 0x0, 0x8001) r3 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000240)='/proc/stat\x00', 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_EXPIRE(r3, 0xc018937c, &(0x7f0000000140)={{0x1, 0x1, 0x18, r2, {0x4}}, './file0\x00'}) r4 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x7fff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r4, 0x81f8943c, &(0x7f0000001280)) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) r5 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x26e1, 0x0) ioctl$FS_IOC_GETFSMAP(r5, 0xc0c0583b, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, '\x00', [{}, {0x0, 0x0, 0x0, 0x0, 0x80000000000000}]}) epoll_ctl$EPOLL_CTL_ADD(r5, 0x1, 0xffffffffffffffff, &(0x7f0000000000)={0x20000000}) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) openat$vcsa(0xffffffffffffff9c, &(0x7f0000001600), 0x400000, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 03:33:43 executing program 0: openat$dir(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x2000, 0x43) r0 = openat(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x301400, 0x10) ioctl$CDROMREADMODE1(r0, 0x530d, &(0x7f0000001640)={0x6, 0x9, 0x0, 0x1, 0x6, 0x81}) syz_io_uring_setup(0x101, &(0x7f0000000080), &(0x7f0000ffb000/0x1000)=nil, &(0x7f00000b0000)=nil, 0x0, &(0x7f0000000040)=0x0) r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x0, 0x0) io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0) syz_io_uring_submit(0x0, r1, 0x0, 0x8001) r3 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000240)='/proc/stat\x00', 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_EXPIRE(r3, 0xc018937c, &(0x7f0000000140)={{0x1, 0x1, 0x18, r2, {0x4}}, './file0\x00'}) r4 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x7fff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r4, 0x81f8943c, &(0x7f0000001280)) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) r5 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x26e1, 0x0) ioctl$FS_IOC_GETFSMAP(r5, 0xc0c0583b, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, '\x00', [{}, {0x0, 0x0, 0x0, 0x0, 0x80000000000000}]}) epoll_ctl$EPOLL_CTL_ADD(r5, 0x1, 0xffffffffffffffff, &(0x7f0000000000)={0x20000000}) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) openat$vcsa(0xffffffffffffff9c, &(0x7f0000001600), 0x400000, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 03:34:04 executing program 6: openat$dir(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x2000, 0x43) r0 = openat(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x301400, 0x10) ioctl$CDROMREADMODE1(r0, 0x530d, &(0x7f0000001640)={0x6, 0x9, 0x0, 0x1, 0x6, 0x81}) syz_io_uring_setup(0x101, &(0x7f0000000080), &(0x7f0000ffb000/0x1000)=nil, &(0x7f00000b0000)=nil, 0x0, &(0x7f0000000040)=0x0) r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x0, 0x0) io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0) syz_io_uring_submit(0x0, r1, 0x0, 0x8001) r3 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000240)='/proc/stat\x00', 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_EXPIRE(r3, 0xc018937c, &(0x7f0000000140)={{0x1, 0x1, 0x18, r2, {0x4}}, './file0\x00'}) r4 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x7fff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r4, 0x81f8943c, &(0x7f0000001280)) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) r5 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x26e1, 0x0) ioctl$FS_IOC_GETFSMAP(r5, 0xc0c0583b, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, '\x00', [{}, {0x0, 0x0, 0x0, 0x0, 0x80000000000000}]}) epoll_ctl$EPOLL_CTL_ADD(r5, 0x1, 0xffffffffffffffff, &(0x7f0000000000)={0x20000000}) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) openat$vcsa(0xffffffffffffff9c, &(0x7f0000001600), 0x400000, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 03:34:04 executing program 7: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$sock_timeval(r0, 0x1, 0x2a, &(0x7f0000000200)={0x77359400}, 0x10) 03:34:04 executing program 2: openat$dir(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x2000, 0x43) r0 = openat(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x301400, 0x10) ioctl$CDROMREADMODE1(r0, 0x530d, &(0x7f0000001640)={0x6, 0x9, 0x0, 0x1, 0x6, 0x81}) syz_io_uring_setup(0x101, &(0x7f0000000080), &(0x7f0000ffb000/0x1000)=nil, &(0x7f00000b0000)=nil, 0x0, &(0x7f0000000040)=0x0) r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x0, 0x0) io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0) syz_io_uring_submit(0x0, r1, 0x0, 0x8001) r3 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000240)='/proc/stat\x00', 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_EXPIRE(r3, 0xc018937c, &(0x7f0000000140)={{0x1, 0x1, 0x18, r2, {0x4}}, './file0\x00'}) r4 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x7fff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r4, 0x81f8943c, &(0x7f0000001280)) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) r5 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x26e1, 0x0) ioctl$FS_IOC_GETFSMAP(r5, 0xc0c0583b, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, '\x00', [{}, {0x0, 0x0, 0x0, 0x0, 0x80000000000000}]}) epoll_ctl$EPOLL_CTL_ADD(r5, 0x1, 0xffffffffffffffff, &(0x7f0000000000)={0x20000000}) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) openat$vcsa(0xffffffffffffff9c, &(0x7f0000001600), 0x400000, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 03:34:04 executing program 4: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0) syz_io_uring_setup(0x0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x13}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ff9000/0x4000)=nil, 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000000)) ioctl$TUNSETTXFILTER(r0, 0x401054d6, 0x0) 03:34:04 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) pwritev(r0, &(0x7f0000000340)=[{&(0x7f00000000c0)='\"', 0x1}], 0x1, 0x0, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) r2 = openat$tcp_congestion(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0) sendfile(r2, r1, 0x0, 0x4000000000004) 03:34:04 executing program 0: openat$dir(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x2000, 0x43) r0 = openat(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x301400, 0x10) ioctl$CDROMREADMODE1(r0, 0x530d, &(0x7f0000001640)={0x6, 0x9, 0x0, 0x1, 0x6, 0x81}) syz_io_uring_setup(0x101, &(0x7f0000000080), &(0x7f0000ffb000/0x1000)=nil, &(0x7f00000b0000)=nil, 0x0, &(0x7f0000000040)=0x0) r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x0, 0x0) io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0) syz_io_uring_submit(0x0, r1, 0x0, 0x8001) r3 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000240)='/proc/stat\x00', 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_EXPIRE(r3, 0xc018937c, &(0x7f0000000140)={{0x1, 0x1, 0x18, r2, {0x4}}, './file0\x00'}) r4 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x7fff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r4, 0x81f8943c, &(0x7f0000001280)) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) r5 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x26e1, 0x0) ioctl$FS_IOC_GETFSMAP(r5, 0xc0c0583b, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, '\x00', [{}, {0x0, 0x0, 0x0, 0x0, 0x80000000000000}]}) epoll_ctl$EPOLL_CTL_ADD(r5, 0x1, 0xffffffffffffffff, &(0x7f0000000000)={0x20000000}) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) openat$vcsa(0xffffffffffffff9c, &(0x7f0000001600), 0x400000, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 03:34:04 executing program 3: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0) syz_io_uring_setup(0x0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x13}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ff9000/0x4000)=nil, 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000000)) ioctl$TUNSETTXFILTER(r0, 0x401054d6, 0x0) 03:34:04 executing program 5: mknod(&(0x7f0000008d80)='./file0\x00', 0x0, 0x0) mount$9p_unix(&(0x7f0000000080)='\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x13901e, 0x0) 03:34:05 executing program 5: openat$dir(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x2000, 0x43) r0 = openat(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x301400, 0x10) ioctl$CDROMREADMODE1(r0, 0x530d, &(0x7f0000001640)={0x6, 0x9, 0x0, 0x1, 0x6, 0x81}) syz_io_uring_setup(0x101, &(0x7f0000000080), &(0x7f0000ffb000/0x1000)=nil, &(0x7f00000b0000)=nil, 0x0, &(0x7f0000000040)=0x0) r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x0, 0x0) io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0) syz_io_uring_submit(0x0, r1, 0x0, 0x8001) r3 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000240)='/proc/stat\x00', 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_EXPIRE(r3, 0xc018937c, &(0x7f0000000140)={{0x1, 0x1, 0x18, r2, {0x4}}, './file0\x00'}) r4 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x7fff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r4, 0x81f8943c, &(0x7f0000001280)) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) r5 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x26e1, 0x0) ioctl$FS_IOC_GETFSMAP(r5, 0xc0c0583b, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, '\x00', [{}, {0x0, 0x0, 0x0, 0x0, 0x80000000000000}]}) epoll_ctl$EPOLL_CTL_ADD(r5, 0x1, 0xffffffffffffffff, &(0x7f0000000000)={0x20000000}) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) openat$vcsa(0xffffffffffffff9c, &(0x7f0000001600), 0x400000, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) [ 209.962622] syz-executor.1 (4588) used greatest stack depth: 23536 bytes left 03:34:06 executing program 7: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$sock_timeval(r0, 0x1, 0x2a, &(0x7f0000000200)={0x77359400}, 0x10) 03:34:06 executing program 3: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0) syz_io_uring_setup(0x0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x13}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ff9000/0x4000)=nil, 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000000)) ioctl$TUNSETTXFILTER(r0, 0x401054d6, 0x0) 03:34:06 executing program 1: openat$dir(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x2000, 0x43) r0 = openat(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x301400, 0x10) ioctl$CDROMREADMODE1(r0, 0x530d, &(0x7f0000001640)={0x6, 0x9, 0x0, 0x1, 0x6, 0x81}) syz_io_uring_setup(0x101, &(0x7f0000000080), &(0x7f0000ffb000/0x1000)=nil, &(0x7f00000b0000)=nil, 0x0, &(0x7f0000000040)=0x0) r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x0, 0x0) io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0) syz_io_uring_submit(0x0, r1, 0x0, 0x8001) r3 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000240)='/proc/stat\x00', 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_EXPIRE(r3, 0xc018937c, &(0x7f0000000140)={{0x1, 0x1, 0x18, r2, {0x4}}, './file0\x00'}) r4 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x7fff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r4, 0x81f8943c, &(0x7f0000001280)) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) r5 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x26e1, 0x0) ioctl$FS_IOC_GETFSMAP(r5, 0xc0c0583b, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, '\x00', [{}, {0x0, 0x0, 0x0, 0x0, 0x80000000000000}]}) epoll_ctl$EPOLL_CTL_ADD(r5, 0x1, 0xffffffffffffffff, &(0x7f0000000000)={0x20000000}) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) openat$vcsa(0xffffffffffffff9c, &(0x7f0000001600), 0x400000, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 03:34:06 executing program 4: r0 = syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000040)='ns/uts\x00') ioctl$NS_GET_USERNS(r0, 0xb703, 0x0) 03:34:06 executing program 7: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$sock_timeval(r0, 0x1, 0x2a, &(0x7f0000000200)={0x77359400}, 0x10) 03:34:07 executing program 4: r0 = syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000040)='ns/uts\x00') ioctl$NS_GET_USERNS(r0, 0xb703, 0x0) 03:34:07 executing program 4: r0 = syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000040)='ns/uts\x00') ioctl$NS_GET_USERNS(r0, 0xb703, 0x0) [ 220.463193] Bluetooth: hci0: command 0x0406 tx timeout [ 220.464232] Bluetooth: hci1: command 0x0406 tx timeout [ 220.468811] Bluetooth: hci5: command 0x0406 tx timeout [ 220.594060] Bluetooth: hci2: command 0x0406 tx timeout [ 220.595137] Bluetooth: hci3: command 0x0406 tx timeout [ 220.596141] Bluetooth: hci4: command 0x0406 tx timeout [ 220.597103] Bluetooth: hci7: command 0x0406 tx timeout [ 220.599495] Bluetooth: hci6: command 0x0406 tx timeout [ 232.707519] watchdog: BUG: soft lockup - CPU#1 stuck for 22s! [syz-executor.0:4590] [ 232.708282] Modules linked in: [ 232.708578] irq event stamp: 2293581 [ 232.708902] hardirqs last enabled at (2293580): [] irqentry_exit+0x3b/0x90 [ 232.709662] hardirqs last disabled at (2293581): [] sysvec_apic_timer_interrupt+0xf/0x80 [ 232.711002] softirqs last enabled at (2271100): [] handle_softirqs+0x50c/0x770 [ 232.713024] softirqs last disabled at (2271117): [] __irq_exit_rcu+0xc4/0x100 [ 232.715255] CPU: 1 UID: 0 PID: 4590 Comm: syz-executor.0 Not tainted 6.12.0-next-20241128 #1 [ 232.717057] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 232.718896] RIP: 0010:__sanitizer_cov_trace_const_cmp1+0x4/0x20 [ 232.719435] Code: f2 48 89 fe bf 06 00 00 00 e9 a8 fe ff ff 0f 1f 84 00 00 00 00 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa <48> 8b 0c 24 40 0f b6 d6 40 0f b6 f7 bf 01 00 00 00 e9 76 fe ff ff [ 232.720902] RSP: 0018:ffff88806cf094c0 EFLAGS: 00000246 [ 232.721373] RAX: 0000000000000001 RBX: 0000000000000001 RCX: ffffffff8152831b [ 232.721976] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000 [ 232.722605] RBP: 0000000000000001 R08: 0000000000000000 R09: fffffbfff0fdddec [ 232.723203] R10: 0000000000000001 R11: 00000000000c3a23 R12: 0000000000000000 [ 232.723801] R13: 0000000000000000 R14: ffffffff85c6dbe8 R15: 0000000000092820 [ 232.724404] FS: 00007ffa28266700(0000) GS:ffff88806cf00000(0000) knlGS:0000000000000000 [ 232.725083] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 232.725584] CR2: 0000001b2cd28000 CR3: 000000000d35c000 CR4: 0000000000350ef0 [ 232.726185] Call Trace: [ 232.726426] [ 232.726635] ? watchdog_timer_fn+0x3ee/0x510 [ 232.727057] ? __pfx_watchdog_timer_fn+0x10/0x10 [ 232.727508] ? __hrtimer_run_queues+0x57c/0xa80 [ 232.727968] ? __pfx___hrtimer_run_queues+0x10/0x10 [ 232.728429] ? ktime_get_update_offsets_now+0x260/0x3c0 [ 232.728927] ? hrtimer_interrupt+0x369/0x830 [ 232.729375] ? __sysvec_apic_timer_interrupt+0xc2/0x330 [ 232.729856] ? sysvec_apic_timer_interrupt+0x34/0x80 [ 232.730327] ? asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 232.730844] ? __is_insn_slot_addr+0x11b/0x290 [ 232.731275] ? __sanitizer_cov_trace_const_cmp1+0x4/0x20 [ 232.731759] __is_insn_slot_addr+0x1e7/0x290 [ 232.732183] kernel_text_address+0x48/0xc0 [ 232.732587] __kernel_text_address+0xd/0x40 [ 232.732994] unwind_get_return_address+0x59/0xa0 [ 232.733428] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 232.733911] arch_stack_walk+0x9d/0xf0 [ 232.734317] stack_trace_save+0x8f/0xc0 [ 232.734694] ? __pfx_stack_trace_save+0x10/0x10 [ 232.735115] ? srso_return_thunk+0x5/0x5f [ 232.735527] kasan_save_stack+0x24/0x50 [ 232.735905] ? kasan_save_stack+0x24/0x50 [ 232.736292] ? kasan_save_track+0x14/0x30 [ 232.736681] ? __kasan_slab_alloc+0x59/0x70 [ 232.737087] ? kmem_cache_alloc_noprof+0x13d/0x3d0 [ 232.737530] ? __alloc_object+0x2f/0x270 [ 232.737920] ? __create_object+0x1d/0x80 [ 232.738311] ? kmem_cache_alloc_node_noprof+0x311/0x3e0 [ 232.738794] ? kmalloc_reserve+0x189/0x2b0 [ 232.739186] ? __alloc_skb+0x162/0x370 [ 232.739557] ? skb_copy+0x1d5/0x3b0 [ 232.739913] ? mac80211_hwsim_tx_frame_no_nl.isra.0+0xafb/0x1320 [ 232.740466] ? mac80211_hwsim_tx_frame+0x1ee/0x2a0 [ 232.740918] ? mac80211_hwsim_beacon_tx+0x546/0x950 [ 232.741381] ? __iterate_interfaces+0x2e0/0x650 [ 232.741807] ? ieee80211_iterate_active_interfaces_atomic+0x71/0x1b0 [ 232.742372] ? mac80211_hwsim_beacon+0x105/0x200 [ 232.742811] ? __hrtimer_run_queues+0x1ab/0xa80 [ 232.743251] ? hrtimer_run_softirq+0x14c/0x310 [ 232.743681] ? handle_softirqs+0x1b1/0x770 [ 232.744064] ? __irq_exit_rcu+0xc4/0x100 [ 232.744436] ? irq_exit_rcu+0x9/0x20 [ 232.744785] ? sysvec_apic_timer_interrupt+0x70/0x80 [ 232.745257] ? asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 232.745751] ? _raw_spin_unlock_irqrestore+0x34/0x50 [ 232.746210] ? __put_partials+0xc4/0x110 [ 232.746586] ? qlist_free_all+0x50/0x160 [ 232.746966] ? kasan_quarantine_reduce+0x19f/0x240 [ 232.747413] ? __kasan_slab_alloc+0x49/0x70 [ 232.747818] ? __kmalloc_noprof+0x195/0x4b0 [ 232.748213] ? __register_sysctl_table+0xb6/0x16d0 [ 232.748661] ? __devinet_sysctl_register+0x163/0x290 [ 232.749115] ? devinet_init_net+0x347/0x910 [ 232.749514] ? ops_init+0x1e1/0x650 [ 232.749851] ? setup_net+0x1d7/0x7a0 [ 232.750195] ? copy_net_ns+0x2e3/0x6f0 [ 232.750562] ? create_new_namespaces+0x3f6/0xaf0 [ 232.751012] ? copy_namespaces+0x45c/0x580 [ 232.751425] ? copy_process+0x2704/0x8ee0 [ 232.751810] ? kernel_clone+0xeb/0x850 [ 232.752180] ? __do_sys_clone3+0x1d9/0x260 [ 232.752571] ? do_syscall_64+0xbf/0x1d0 [ 232.752957] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 232.753436] ? __irq_exit_rcu+0xc4/0x100 [ 232.753807] ? irq_exit_rcu+0x9/0x20 [ 232.754158] ? sysvec_apic_timer_interrupt+0x70/0x80 [ 232.754629] ? asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 232.755122] ? _raw_spin_unlock_irqrestore+0x34/0x50 [ 232.755583] ? __put_partials+0xc4/0x110 [ 232.755952] ? qlist_free_all+0x50/0x160 [ 232.756327] ? kasan_quarantine_reduce+0x19f/0x240 [ 232.756777] ? __kasan_slab_alloc+0x49/0x70 [ 232.757182] ? __kmalloc_noprof+0x195/0x4b0 [ 232.757571] ? __register_sysctl_table+0xb6/0x16d0 [ 232.758018] ? __devinet_sysctl_register+0x163/0x290 [ 232.758477] ? devinet_init_net+0x347/0x910 [ 232.758870] ? ops_init+0x1e1/0x650 [ 232.759207] ? setup_net+0x1d7/0x7a0 [ 232.759548] ? copy_net_ns+0x2e3/0x6f0 [ 232.759904] ? create_new_namespaces+0x3f6/0xaf0 [ 232.760360] ? copy_namespaces+0x45c/0x580 [ 232.760768] ? copy_process+0x2704/0x8ee0 [ 232.761151] ? kernel_clone+0xeb/0x850 [ 232.761516] ? __do_sys_clone3+0x1d9/0x260 [ 232.761912] ? do_syscall_64+0xbf/0x1d0 [ 232.762306] kasan_save_track+0x14/0x30 [ 232.762688] __kasan_slab_alloc+0x59/0x70 [ 232.763085] kmem_cache_alloc_noprof+0x13d/0x3d0 [ 232.763519] ? lock_downgrade+0x600/0x6e0 [ 232.763912] __alloc_object+0x2f/0x270 [ 232.764295] __create_object+0x1d/0x80 [ 232.764679] kmem_cache_alloc_node_noprof+0x311/0x3e0 [ 232.765136] ? __create_object+0x59/0x80 [ 232.765526] ? kmalloc_reserve+0x189/0x2b0 [ 232.765917] ? srso_return_thunk+0x5/0x5f [ 232.766318] kmalloc_reserve+0x189/0x2b0 [ 232.766705] __alloc_skb+0x162/0x370 [ 232.767068] ? __pfx___alloc_skb+0x10/0x10 [ 232.767474] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 232.767920] ? srso_return_thunk+0x5/0x5f [ 232.768317] ? do_raw_spin_lock+0x124/0x270 [ 232.768718] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 232.769154] skb_copy+0x1d5/0x3b0 [ 232.769497] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 232.769960] mac80211_hwsim_tx_frame_no_nl.isra.0+0xafb/0x1320 [ 232.770514] ? __pfx_lock_release+0x10/0x10 [ 232.770904] ? srso_return_thunk+0x5/0x5f [ 232.771305] ? __pfx_mac80211_hwsim_tx_frame_no_nl.isra.0+0x10/0x10 [ 232.771877] ? srso_return_thunk+0x5/0x5f [ 232.772275] ? srso_untrain_ret+0x2/0x2 [ 232.772668] ? srso_return_thunk+0x5/0x5f [ 232.773066] ? srso_return_thunk+0x5/0x5f [ 232.773461] ? srso_return_thunk+0x5/0x5f [ 232.773856] ? mac80211_hwsim_monitor_rx+0x1be/0x820 [ 232.774328] mac80211_hwsim_tx_frame+0x1ee/0x2a0 [ 232.774786] mac80211_hwsim_beacon_tx+0x546/0x950 [ 232.775241] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 232.775679] ? srso_return_thunk+0x5/0x5f [ 232.776081] __iterate_interfaces+0x2e0/0x650 [ 232.776500] ? __pfx_mac80211_hwsim_beacon_tx+0x10/0x10 [ 232.776994] ? __pfx_mac80211_hwsim_beacon_tx+0x10/0x10 [ 232.777485] ieee80211_iterate_active_interfaces_atomic+0x71/0x1b0 [ 232.778036] mac80211_hwsim_beacon+0x105/0x200 [ 232.778459] ? __pfx_mac80211_hwsim_beacon+0x10/0x10 [ 232.778917] __hrtimer_run_queues+0x1ab/0xa80 [ 232.779360] ? __pfx___hrtimer_run_queues+0x10/0x10 [ 232.779821] ? ktime_get_update_offsets_now+0x260/0x3c0 [ 232.780316] hrtimer_run_softirq+0x14c/0x310 [ 232.780739] handle_softirqs+0x1b1/0x770 [ 232.781128] __irq_exit_rcu+0xc4/0x100 [ 232.781488] irq_exit_rcu+0x9/0x20 [ 232.781825] sysvec_apic_timer_interrupt+0x70/0x80 [ 232.782279] [ 232.782497] [ 232.782714] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 232.783195] RIP: 0010:_raw_spin_unlock_irqrestore+0x34/0x50 [ 232.783703] Code: c7 18 53 48 89 f3 48 8b 74 24 10 e8 86 1c a9 fc 48 89 ef e8 5e 8f a9 fc 80 e7 02 74 06 e8 64 ee d2 fc fb 65 ff 0d 44 8c 7c 7b <74> 07 5b 5d e9 93 1e 00 00 0f 1f 44 00 00 5b 5d e9 87 1e 00 00 0f [ 232.785178] RSP: 0018:ffff88800f3bf4c0 EFLAGS: 00000246 [ 232.785646] RAX: 000000000022a78b RBX: 0000000000000246 RCX: 1ffffffff0fdfeb6 [ 232.786245] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffffff84871a7c [ 232.786847] RBP: ffff888008c4e900 R08: 0000000000000001 R09: fffffbfff0fdddf1 [ 232.787455] R10: ffffffff87eeef8f R11: 00000000000007e0 R12: 0000000000000000 [ 232.788050] R13: 0000000000000000 R14: ffff888008c4f780 R15: 0000000000000246 [ 232.788670] ? _raw_spin_unlock_irqrestore+0x2c/0x50 [ 232.789138] __put_partials+0xc4/0x110 [ 232.789500] qlist_free_all+0x50/0x160 [ 232.789873] ? __register_sysctl_table+0xb6/0x16d0 [ 232.790320] kasan_quarantine_reduce+0x19f/0x240 [ 232.790773] __kasan_slab_alloc+0x49/0x70 [ 232.791172] __kmalloc_noprof+0x195/0x4b0 [ 232.791552] ? srso_safe_ret+0x1/0x20 [ 232.791930] __register_sysctl_table+0xb6/0x16d0 [ 232.792366] ? __pfx_snprintf+0x10/0x10 [ 232.792748] ? __kasan_kmalloc+0x7f/0x90 [ 232.793133] ? __kmalloc_node_track_caller_noprof+0x20c/0x490 [ 232.793650] ? __pfx___register_sysctl_table+0x10/0x10 [ 232.794120] ? rtnl_notify+0x40/0xe0 [ 232.794470] ? __devinet_sysctl_register+0x98/0x290 [ 232.794914] ? srso_return_thunk+0x5/0x5f [ 232.795314] ? register_net_sysctl_sz+0x20b/0x290 [ 232.795783] __devinet_sysctl_register+0x163/0x290 [ 232.796230] ? __pfx___devinet_sysctl_register+0x10/0x10 [ 232.796707] ? srso_return_thunk+0x5/0x5f [ 232.797106] ? srso_untrain_ret+0x2/0x2 [ 232.797490] ? devinet_init_net+0xeb/0x910 [ 232.797885] ? srso_return_thunk+0x5/0x5f [ 232.798285] ? __asan_memcpy+0x3d/0x60 [ 232.798667] devinet_init_net+0x347/0x910 [ 232.799056] ? __pfx_devinet_init_net+0x10/0x10 [ 232.799486] ops_init+0x1e1/0x650 [ 232.799810] ? srso_untrain_ret+0x2/0x2 [ 232.800201] setup_net+0x1d7/0x7a0 [ 232.800536] ? srso_return_thunk+0x5/0x5f [ 232.800936] ? __pfx_setup_net+0x10/0x10 [ 232.801308] ? __pfx_down_read_killable+0x10/0x10 [ 232.801763] ? __raw_spin_lock_init+0x3a/0x110 [ 232.802186] ? srso_return_thunk+0x5/0x5f [ 232.802592] ? debug_mutex_init+0x37/0x70 [ 232.802992] copy_net_ns+0x2e3/0x6f0 [ 232.803344] create_new_namespaces+0x3f6/0xaf0 [ 232.803796] copy_namespaces+0x45c/0x580 [ 232.804200] copy_process+0x2704/0x8ee0 [ 232.804574] ? srso_return_thunk+0x5/0x5f [ 232.804972] ? lockdep_hardirqs_on_prepare+0x262/0x3f0 [ 232.805446] ? srso_return_thunk+0x5/0x5f [ 232.805875] ? __pfx_copy_process+0x10/0x10 [ 232.806278] ? __pfx_lock_release+0x10/0x10 [ 232.806675] ? trace_lock_acquire+0x13b/0x1b0 [ 232.807108] ? srso_return_thunk+0x5/0x5f [ 232.807505] ? lock_acquire+0x32/0xc0 [ 232.807855] ? __might_fault+0xe0/0x190 [ 232.808242] ? __might_fault+0xe0/0x190 [ 232.808633] ? srso_return_thunk+0x5/0x5f [ 232.809030] ? _copy_from_user+0x5b/0xd0 [ 232.809435] kernel_clone+0xeb/0x850 [ 232.809791] ? __hrtimer_run_queues+0x23d/0xa80 [ 232.810236] ? __pfx_kernel_clone+0x10/0x10 [ 232.810655] ? srso_return_thunk+0x5/0x5f [ 232.811052] ? lock_release+0x20f/0x6f0 [ 232.811425] ? __pfx_lock_release+0x10/0x10 [ 232.811821] __do_sys_clone3+0x1d9/0x260 [ 232.812210] ? __pfx___do_sys_clone3+0x10/0x10 [ 232.812634] ? clockevents_program_event+0x14f/0x360 [ 232.813120] ? srso_return_thunk+0x5/0x5f [ 232.813516] ? lockdep_hardirqs_on_prepare+0x262/0x3f0 [ 232.813984] ? srso_return_thunk+0x5/0x5f [ 232.814419] do_syscall_64+0xbf/0x1d0 [ 232.814803] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 232.815274] RIP: 0033:0x7ffa2acf0b19 [ 232.815613] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 232.817081] RSP: 002b:00007ffa28266188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 232.817731] RAX: ffffffffffffffda RBX: 00007ffa2ae03f60 RCX: 00007ffa2acf0b19 [ 232.818332] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020004c00 [ 232.818940] RBP: 00007ffa2ad4af6d R08: 0000000000000000 R09: 0000000000000000 [ 232.819540] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 232.820140] R13: 00007fffcebac6df R14: 00007ffa28266300 R15: 0000000000022000 [ 232.820769] [ 232.820988] Sending NMI from CPU 1 to CPUs 0: [ 232.821401] NMI backtrace for cpu 0 [ 232.821445] CPU: 0 UID: 0 PID: 0 Comm: swapper/0 Not tainted 6.12.0-next-20241128 #1 [ 232.821531] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 232.821570] RIP: 0010:kasan_check_range+0x10f/0x1b0 [ 232.821659] Code: 00 00 48 85 d2 0f 84 4c ff ff ff 41 83 e2 07 49 39 d1 0f 85 34 ff ff ff 45 3a 11 0f 8d 2b ff ff ff 5b b8 01 00 00 00 5d 41 5c 6c 47 fb 02 41 bc 08 00 00 00 48 89 ea 45 29 dc 4d 8d 1c 2c eb [ 232.821733] RSP: 0018:ffff88806ce099d8 EFLAGS: 00000246 [ 232.821792] RAX: 0000000000000001 RBX: 0000000000000001 RCX: ffffffff848722cf [ 232.821842] RDX: fffffbfff0c1b789 RSI: 0000000000000004 RDI: ffffffff860dbc40 [ 232.821893] RBP: ffffffff860dbc40 R08: 0000000000000000 R09: fffffbfff0c1b788 [ 232.821944] R10: ffffffff860dbc43 R11: 5050505000000011 R12: 1ffff1100d9c133d [ 232.822003] R13: 0000000000000003 R14: fffffbfff0c1b788 R15: ffff88806ce09a18 [ 232.822058] FS: 0000000000000000(0000) GS:ffff88806ce00000(0000) knlGS:0000000000000000 [ 232.822127] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 232.822182] CR2: 000055a3d4697d30 CR3: 0000000009b9e000 CR4: 0000000000350ef0 [ 232.822233] Call Trace: [ 232.822252] [ 232.822276] ? nmi_cpu_backtrace+0x179/0x260 [ 232.822378] ? nmi_cpu_backtrace_handler+0xc/0x20 [ 232.822515] ? nmi_handle+0x1a6/0x560 [ 232.822640] ? kasan_check_range+0x10f/0x1b0 [ 232.822713] ? kasan_check_range+0x10f/0x1b0 [ 232.822787] ? default_do_nmi+0x64/0x1c0 [ 232.822872] ? exc_nmi+0x188/0x1c0 [ 232.822951] ? end_repeat_nmi+0xf/0x53 [ 232.823069] ? queued_spin_lock_slowpath+0xaf/0xb60 [ 232.823178] ? kasan_check_range+0x10f/0x1b0 [ 232.823254] ? kasan_check_range+0x10f/0x1b0 [ 232.823332] ? kasan_check_range+0x10f/0x1b0 [ 232.823408] [ 232.823429] [ 232.823451] queued_spin_lock_slowpath+0xaf/0xb60 [ 232.823559] ? __pfx_queued_spin_lock_slowpath+0x10/0x10 [ 232.823667] ? srso_return_thunk+0x5/0x5f [ 232.823799] do_raw_spin_lock+0x1de/0x270 [ 232.823893] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 232.823987] ? lock_acquire+0x32/0xc0 [ 232.824059] ? mac80211_hwsim_tx_frame_no_nl.isra.0+0x6d1/0x1320 [ 232.824189] mac80211_hwsim_tx_frame_no_nl.isra.0+0x6d1/0x1320 [ 232.824308] ? __mac80211_hwsim_beacon_tx.part.0+0x1e6/0x5c0 [ 232.824432] ? __pfx_lock_release+0x10/0x10 [ 232.824504] ? srso_return_thunk+0x5/0x5f [ 232.824616] ? trace_lock_acquire+0x13b/0x1b0 [ 232.824726] ? __pfx_mac80211_hwsim_tx_frame_no_nl.isra.0+0x10/0x10 [ 232.824849] ? srso_return_thunk+0x5/0x5f [ 232.824970] ? srso_return_thunk+0x5/0x5f [ 232.825082] ? srso_return_thunk+0x5/0x5f [ 232.825196] ? srso_return_thunk+0x5/0x5f [ 232.825307] ? mac80211_hwsim_monitor_rx+0x1be/0x820 [ 232.825409] mac80211_hwsim_tx_frame+0x1ee/0x2a0 [ 232.825524] mac80211_hwsim_beacon_tx+0x546/0x950 [ 232.825643] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 232.825722] ? srso_return_thunk+0x5/0x5f [ 232.825841] __iterate_interfaces+0x2e0/0x650 [ 232.825921] ? __pfx_mac80211_hwsim_beacon_tx+0x10/0x10 [ 232.826040] ? __pfx_mac80211_hwsim_beacon_tx+0x10/0x10 [ 232.826154] ieee80211_iterate_active_interfaces_atomic+0x71/0x1b0 [ 232.826251] mac80211_hwsim_beacon+0x105/0x200 [ 232.826332] ? __pfx_mac80211_hwsim_beacon+0x10/0x10 [ 232.826430] __hrtimer_run_queues+0x1ab/0xa80 [ 232.826562] ? __pfx___hrtimer_run_queues+0x10/0x10 [ 232.826676] ? ktime_get_update_offsets_now+0x260/0x3c0 [ 232.826787] hrtimer_run_softirq+0x14c/0x310 [ 232.826907] handle_softirqs+0x1b1/0x770 [ 232.826999] __irq_exit_rcu+0xc4/0x100 [ 232.827076] irq_exit_rcu+0x9/0x20 [ 232.827152] sysvec_apic_timer_interrupt+0x70/0x80 [ 232.827255] [ 232.827276] [ 232.827300] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 232.827409] RIP: 0010:default_idle+0x1e/0x30 [ 232.827530] Code: 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 0f 1f 44 00 00 eb 0c 0f 1f 44 00 00 0f 00 2d d9 80 3d 00 0f 1f 44 00 00 fb f4 e9 6c 2e 02 00 66 66 2e 0f 1f 84 00 00 00 00 00 90 90 90 90 90 [ 232.827602] RSP: 0018:ffffffff85a07e10 EFLAGS: 00000202 [ 232.827658] RAX: 00000000000c557f RBX: 0000000000000000 RCX: ffffffff8484fb07 [ 232.827708] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffffff812b110a [ 232.827758] RBP: dffffc0000000000 R08: 0000000000000001 R09: ffffed100d9c6cba [ 232.827809] R10: ffff88806ce365d3 R11: 0000000000000000 R12: ffffffff863f9f10 [ 232.827860] R13: 1ffffffff0b40fc7 R14: 0000000000000000 R15: 0000000000000000 [ 232.827923] ? ct_kernel_exit.constprop.0+0x127/0x150 [ 232.828043] ? do_idle+0x2fa/0x3b0 [ 232.828142] default_idle_call+0x6d/0xb0 [ 232.828261] do_idle+0x2fa/0x3b0 [ 232.828359] ? __pfx_do_idle+0x10/0x10 [ 232.828472] cpu_startup_entry+0x4f/0x60 [ 232.828574] rest_init+0x164/0x290 [ 232.828637] ? srso_return_thunk+0x5/0x5f [ 232.828752] start_kernel+0x40d/0x530 [ 232.828831] x86_64_start_reservations+0x18/0x30 [ 232.828955] x86_64_start_kernel+0xcb/0xe0 [ 232.829079] common_startup_64+0x12c/0x138 [ 232.829190] 03:34:32 executing program 0: openat$dir(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x2000, 0x43) r0 = openat(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x301400, 0x10) ioctl$CDROMREADMODE1(r0, 0x530d, &(0x7f0000001640)={0x6, 0x9, 0x0, 0x1, 0x6, 0x81}) syz_io_uring_setup(0x101, &(0x7f0000000080), &(0x7f0000ffb000/0x1000)=nil, &(0x7f00000b0000)=nil, 0x0, &(0x7f0000000040)=0x0) r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x0, 0x0) io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0) syz_io_uring_submit(0x0, r1, 0x0, 0x8001) r3 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000240)='/proc/stat\x00', 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_EXPIRE(r3, 0xc018937c, &(0x7f0000000140)={{0x1, 0x1, 0x18, r2, {0x4}}, './file0\x00'}) r4 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x7fff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r4, 0x81f8943c, &(0x7f0000001280)) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) r5 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x26e1, 0x0) ioctl$FS_IOC_GETFSMAP(r5, 0xc0c0583b, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, '\x00', [{}, {0x0, 0x0, 0x0, 0x0, 0x80000000000000}]}) epoll_ctl$EPOLL_CTL_ADD(r5, 0x1, 0xffffffffffffffff, &(0x7f0000000000)={0x20000000}) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) openat$vcsa(0xffffffffffffff9c, &(0x7f0000001600), 0x400000, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 03:34:32 executing program 4: r0 = syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000040)='ns/uts\x00') ioctl$NS_GET_USERNS(r0, 0xb703, 0x0) 03:34:32 executing program 6: openat$dir(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x2000, 0x43) r0 = openat(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x301400, 0x10) ioctl$CDROMREADMODE1(r0, 0x530d, &(0x7f0000001640)={0x6, 0x9, 0x0, 0x1, 0x6, 0x81}) syz_io_uring_setup(0x101, &(0x7f0000000080), &(0x7f0000ffb000/0x1000)=nil, &(0x7f00000b0000)=nil, 0x0, &(0x7f0000000040)=0x0) r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x0, 0x0) io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0) syz_io_uring_submit(0x0, r1, 0x0, 0x8001) r3 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000240)='/proc/stat\x00', 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_EXPIRE(r3, 0xc018937c, &(0x7f0000000140)={{0x1, 0x1, 0x18, r2, {0x4}}, './file0\x00'}) r4 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x7fff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r4, 0x81f8943c, &(0x7f0000001280)) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) r5 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x26e1, 0x0) ioctl$FS_IOC_GETFSMAP(r5, 0xc0c0583b, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, '\x00', [{}, {0x0, 0x0, 0x0, 0x0, 0x80000000000000}]}) epoll_ctl$EPOLL_CTL_ADD(r5, 0x1, 0xffffffffffffffff, &(0x7f0000000000)={0x20000000}) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) openat$vcsa(0xffffffffffffff9c, &(0x7f0000001600), 0x400000, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 03:34:32 executing program 1: openat$dir(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x2000, 0x43) r0 = openat(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x301400, 0x10) ioctl$CDROMREADMODE1(r0, 0x530d, &(0x7f0000001640)={0x6, 0x9, 0x0, 0x1, 0x6, 0x81}) syz_io_uring_setup(0x101, &(0x7f0000000080), &(0x7f0000ffb000/0x1000)=nil, &(0x7f00000b0000)=nil, 0x0, &(0x7f0000000040)=0x0) r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x0, 0x0) io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0) syz_io_uring_submit(0x0, r1, 0x0, 0x8001) r3 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000240)='/proc/stat\x00', 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_EXPIRE(r3, 0xc018937c, &(0x7f0000000140)={{0x1, 0x1, 0x18, r2, {0x4}}, './file0\x00'}) r4 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x7fff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r4, 0x81f8943c, &(0x7f0000001280)) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) r5 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x26e1, 0x0) ioctl$FS_IOC_GETFSMAP(r5, 0xc0c0583b, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, '\x00', [{}, {0x0, 0x0, 0x0, 0x0, 0x80000000000000}]}) epoll_ctl$EPOLL_CTL_ADD(r5, 0x1, 0xffffffffffffffff, &(0x7f0000000000)={0x20000000}) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) openat$vcsa(0xffffffffffffff9c, &(0x7f0000001600), 0x400000, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 03:34:32 executing program 2: openat$dir(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x2000, 0x43) r0 = openat(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x301400, 0x10) ioctl$CDROMREADMODE1(r0, 0x530d, &(0x7f0000001640)={0x6, 0x9, 0x0, 0x1, 0x6, 0x81}) syz_io_uring_setup(0x101, &(0x7f0000000080), &(0x7f0000ffb000/0x1000)=nil, &(0x7f00000b0000)=nil, 0x0, &(0x7f0000000040)=0x0) r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x0, 0x0) io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0) syz_io_uring_submit(0x0, r1, 0x0, 0x8001) r3 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000240)='/proc/stat\x00', 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_EXPIRE(r3, 0xc018937c, &(0x7f0000000140)={{0x1, 0x1, 0x18, r2, {0x4}}, './file0\x00'}) r4 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x7fff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r4, 0x81f8943c, &(0x7f0000001280)) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) r5 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x26e1, 0x0) ioctl$FS_IOC_GETFSMAP(r5, 0xc0c0583b, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, '\x00', [{}, {0x0, 0x0, 0x0, 0x0, 0x80000000000000}]}) epoll_ctl$EPOLL_CTL_ADD(r5, 0x1, 0xffffffffffffffff, &(0x7f0000000000)={0x20000000}) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) openat$vcsa(0xffffffffffffff9c, &(0x7f0000001600), 0x400000, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 03:34:32 executing program 3: perf_event_open$cgroup(&(0x7f00000000c0)={0x2, 0x80, 0xe2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 03:34:32 executing program 7: r0 = socket$packet(0x11, 0x2, 0x300) mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x0, 0x13, r0, 0x0) 03:34:33 executing program 4: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount$9p_unix(&(0x7f0000000000)='./file1\x00', &(0x7f0000000300)='./file1\x00', 0x0, 0x91010, 0x0) move_mount(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0xffffffffffffff9c, &(0x7f0000000080)='.\x00', 0x35) VM DIAGNOSIS: 16:46:05 Registers: info registers vcpu 0 RAX=00000000000c54ed RBX=0000000000000000 RCX=ffffffff8484fb07 RDX=0000000000000000 RSI=0000000000000000 RDI=ffffffff812b110a RBP=dffffc0000000000 RSP=ffffffff85a07e10 R8 =0000000000000001 R9 =ffffed100d9c6cba R10=ffff88806ce365d3 R11=0000000000000000 R12=ffffffff863f9f10 R13=1ffffffff0b40fc7 R14=0000000000000000 R15=0000000000000000 RIP=ffffffff84850aae RFL=00000206 [-----P-] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 0000000000000000 00000000 00000000 GS =0000 ffff88806ce00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=000055a3d4697d30 CR3=0000000009b9e000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001fa0 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=00000000000000004159adc467f22f51 XMM01=00000000000000003f847ae147ae147b XMM02=00000000000000000000000000000000 XMM03=00000000000000003f744d80f8df1132 XMM04=307830202c307830202c7d307830202c XMM05=6666666666666666666666667830202c XMM06=616573246c746379656b0a2965666666 XMM07=302826202c3072202c61783028686372 XMM08=6666667830202c307830202c30783020 XMM09=6b0a2965666666666666666666666666 XMM10=61783028686372616573246c74637965 XMM11=30303030663778302826202c3072202c XMM12=7365725f736e64273d29303430303030 XMM13=78302826202c273030785c7265766c6f XMM14=277b3d29303031303030303030306637 XMM15=0a293072202c7d337830202c277a7973 info registers vcpu 1 RAX=0000000000000046 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff826492d5 RDI=ffffffff8867b720 RBP=ffffffff8867b6e0 RSP=ffff88806cf08cd8 R8 =0000000000000000 R9 =ffffed1001483046 R10=0000000000000046 R11=6572617764726148 R12=0000000000000046 R13=ffffffff8867b6e0 R14=0000000000000010 R15=ffffffff826492c0 RIP=ffffffff8264932d RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 00007ffa28266700 00000000 00000000 GS =0000 ffff88806cf00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=0000001b2cd28000 CR3=000000000d35c000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=00000000000000000000000000000000 XMM01=ffffffffffffffffffffffffffffffff XMM02=00000000000000000000000000000000 XMM03=00000000000000000000000000000000 XMM04=000000000000000000000000000000ff XMM05=00000000000000000000000000000000 XMM06=0000000000000000000000524f525245 XMM07=00000000000000000000000000000000 XMM08=000000000000000000524f5252450040 XMM09=00000000000000000000000000000000 XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000