Warning: Permanently added '[localhost]:38824' (ECDSA) to the list of known hosts. 2022/11/01 12:39:42 fuzzer started 2022/11/01 12:39:42 dialing manager at localhost:42881 syzkaller login: [ 36.433222] cgroup: Unknown subsys name 'net' [ 36.526554] cgroup: Unknown subsys name 'rlimit' 2022/11/01 12:39:57 syscalls: 2217 2022/11/01 12:39:57 code coverage: enabled 2022/11/01 12:39:57 comparison tracing: enabled 2022/11/01 12:39:57 extra coverage: enabled 2022/11/01 12:39:57 setuid sandbox: enabled 2022/11/01 12:39:57 namespace sandbox: enabled 2022/11/01 12:39:57 Android sandbox: enabled 2022/11/01 12:39:57 fault injection: enabled 2022/11/01 12:39:57 leak checking: enabled 2022/11/01 12:39:57 net packet injection: enabled 2022/11/01 12:39:57 net device setup: enabled 2022/11/01 12:39:57 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2022/11/01 12:39:57 devlink PCI setup: PCI device 0000:00:10.0 is not available 2022/11/01 12:39:57 USB emulation: enabled 2022/11/01 12:39:57 hci packet injection: enabled 2022/11/01 12:39:57 wifi device emulation: enabled 2022/11/01 12:39:57 802.15.4 emulation: enabled 2022/11/01 12:39:57 fetching corpus: 0, signal 0/2000 (executing program) 2022/11/01 12:39:57 fetching corpus: 48, signal 35822/39323 (executing program) 2022/11/01 12:39:57 fetching corpus: 98, signal 45875/50940 (executing program) 2022/11/01 12:39:57 fetching corpus: 148, signal 55788/62268 (executing program) 2022/11/01 12:39:57 fetching corpus: 198, signal 65950/73666 (executing program) 2022/11/01 12:39:57 fetching corpus: 248, signal 76852/85678 (executing program) 2022/11/01 12:39:58 fetching corpus: 298, signal 81696/91779 (executing program) 2022/11/01 12:39:58 fetching corpus: 348, signal 85560/96920 (executing program) 2022/11/01 12:39:58 fetching corpus: 398, signal 90275/102803 (executing program) 2022/11/01 12:39:58 fetching corpus: 448, signal 93922/107626 (executing program) 2022/11/01 12:39:58 fetching corpus: 498, signal 98297/113050 (executing program) 2022/11/01 12:39:58 fetching corpus: 548, signal 101250/117031 (executing program) 2022/11/01 12:39:58 fetching corpus: 598, signal 104563/121355 (executing program) 2022/11/01 12:39:58 fetching corpus: 648, signal 108784/126485 (executing program) 2022/11/01 12:39:59 fetching corpus: 698, signal 111770/130414 (executing program) 2022/11/01 12:39:59 fetching corpus: 748, signal 114827/134351 (executing program) 2022/11/01 12:39:59 fetching corpus: 798, signal 118273/138575 (executing program) 2022/11/01 12:39:59 fetching corpus: 848, signal 120370/141640 (executing program) 2022/11/01 12:39:59 fetching corpus: 898, signal 122799/144950 (executing program) 2022/11/01 12:39:59 fetching corpus: 948, signal 125275/148238 (executing program) 2022/11/01 12:39:59 fetching corpus: 998, signal 127455/151202 (executing program) 2022/11/01 12:39:59 fetching corpus: 1048, signal 130240/154743 (executing program) 2022/11/01 12:39:59 fetching corpus: 1098, signal 132642/157910 (executing program) 2022/11/01 12:39:59 fetching corpus: 1148, signal 135480/161404 (executing program) 2022/11/01 12:40:00 fetching corpus: 1198, signal 137287/163982 (executing program) 2022/11/01 12:40:00 fetching corpus: 1248, signal 141268/168354 (executing program) 2022/11/01 12:40:00 fetching corpus: 1298, signal 143216/170995 (executing program) 2022/11/01 12:40:00 fetching corpus: 1348, signal 144884/173388 (executing program) 2022/11/01 12:40:00 fetching corpus: 1398, signal 147427/176432 (executing program) 2022/11/01 12:40:00 fetching corpus: 1448, signal 150471/179884 (executing program) 2022/11/01 12:40:00 fetching corpus: 1498, signal 152492/182462 (executing program) 2022/11/01 12:40:01 fetching corpus: 1548, signal 153975/184610 (executing program) 2022/11/01 12:40:01 fetching corpus: 1598, signal 155402/186730 (executing program) 2022/11/01 12:40:01 fetching corpus: 1648, signal 157732/189432 (executing program) 2022/11/01 12:40:01 fetching corpus: 1698, signal 158706/191102 (executing program) 2022/11/01 12:40:01 fetching corpus: 1748, signal 160267/193217 (executing program) 2022/11/01 12:40:01 fetching corpus: 1798, signal 161346/194968 (executing program) 2022/11/01 12:40:01 fetching corpus: 1848, signal 162978/197158 (executing program) 2022/11/01 12:40:01 fetching corpus: 1898, signal 164962/199513 (executing program) 2022/11/01 12:40:01 fetching corpus: 1948, signal 166758/201684 (executing program) 2022/11/01 12:40:02 fetching corpus: 1998, signal 168088/203551 (executing program) 2022/11/01 12:40:02 fetching corpus: 2048, signal 169296/205276 (executing program) 2022/11/01 12:40:02 fetching corpus: 2098, signal 170731/207097 (executing program) 2022/11/01 12:40:02 fetching corpus: 2148, signal 172632/209248 (executing program) 2022/11/01 12:40:02 fetching corpus: 2198, signal 173969/210999 (executing program) 2022/11/01 12:40:02 fetching corpus: 2248, signal 175593/212904 (executing program) 2022/11/01 12:40:02 fetching corpus: 2297, signal 177102/214737 (executing program) 2022/11/01 12:40:03 fetching corpus: 2347, signal 178567/216526 (executing program) 2022/11/01 12:40:03 fetching corpus: 2397, signal 179706/218055 (executing program) 2022/11/01 12:40:03 fetching corpus: 2447, signal 181161/219783 (executing program) 2022/11/01 12:40:03 fetching corpus: 2497, signal 182562/221495 (executing program) 2022/11/01 12:40:03 fetching corpus: 2547, signal 183605/222952 (executing program) 2022/11/01 12:40:03 fetching corpus: 2597, signal 184836/224475 (executing program) 2022/11/01 12:40:03 fetching corpus: 2647, signal 186275/226102 (executing program) 2022/11/01 12:40:04 fetching corpus: 2697, signal 187469/227652 (executing program) 2022/11/01 12:40:04 fetching corpus: 2747, signal 189489/229617 (executing program) 2022/11/01 12:40:04 fetching corpus: 2797, signal 190663/231065 (executing program) 2022/11/01 12:40:04 fetching corpus: 2847, signal 192111/232709 (executing program) 2022/11/01 12:40:04 fetching corpus: 2897, signal 193773/234418 (executing program) 2022/11/01 12:40:04 fetching corpus: 2947, signal 194893/235813 (executing program) 2022/11/01 12:40:04 fetching corpus: 2997, signal 196318/237307 (executing program) 2022/11/01 12:40:05 fetching corpus: 3047, signal 197230/238524 (executing program) 2022/11/01 12:40:05 fetching corpus: 3097, signal 198134/239683 (executing program) 2022/11/01 12:40:05 fetching corpus: 3145, signal 199104/240897 (executing program) 2022/11/01 12:40:05 fetching corpus: 3195, signal 200119/242103 (executing program) 2022/11/01 12:40:05 fetching corpus: 3245, signal 201544/243461 (executing program) 2022/11/01 12:40:05 fetching corpus: 3295, signal 202747/244725 (executing program) 2022/11/01 12:40:05 fetching corpus: 3343, signal 203517/245771 (executing program) 2022/11/01 12:40:05 fetching corpus: 3393, signal 204458/246940 (executing program) 2022/11/01 12:40:05 fetching corpus: 3443, signal 205061/247890 (executing program) 2022/11/01 12:40:05 fetching corpus: 3493, signal 206179/249095 (executing program) 2022/11/01 12:40:06 fetching corpus: 3543, signal 207307/250288 (executing program) 2022/11/01 12:40:06 fetching corpus: 3593, signal 207692/251049 (executing program) 2022/11/01 12:40:06 fetching corpus: 3643, signal 208720/252155 (executing program) 2022/11/01 12:40:06 fetching corpus: 3691, signal 209666/253182 (executing program) 2022/11/01 12:40:06 fetching corpus: 3741, signal 210464/254116 (executing program) 2022/11/01 12:40:06 fetching corpus: 3791, signal 211166/255044 (executing program) 2022/11/01 12:40:06 fetching corpus: 3840, signal 211974/256027 (executing program) 2022/11/01 12:40:07 fetching corpus: 3890, signal 213032/257120 (executing program) 2022/11/01 12:40:07 fetching corpus: 3940, signal 213631/257962 (executing program) 2022/11/01 12:40:07 fetching corpus: 3990, signal 214254/258797 (executing program) 2022/11/01 12:40:07 fetching corpus: 4039, signal 214922/259610 (executing program) 2022/11/01 12:40:07 fetching corpus: 4089, signal 215887/260555 (executing program) 2022/11/01 12:40:07 fetching corpus: 4139, signal 216638/261400 (executing program) 2022/11/01 12:40:07 fetching corpus: 4189, signal 217880/262429 (executing program) 2022/11/01 12:40:07 fetching corpus: 4239, signal 218599/263256 (executing program) 2022/11/01 12:40:08 fetching corpus: 4289, signal 219325/264075 (executing program) 2022/11/01 12:40:08 fetching corpus: 4338, signal 220057/264865 (executing program) 2022/11/01 12:40:08 fetching corpus: 4388, signal 220781/265646 (executing program) 2022/11/01 12:40:08 fetching corpus: 4438, signal 221481/266446 (executing program) 2022/11/01 12:40:08 fetching corpus: 4488, signal 222216/267200 (executing program) 2022/11/01 12:40:08 fetching corpus: 4538, signal 222976/268005 (executing program) 2022/11/01 12:40:08 fetching corpus: 4588, signal 223577/268714 (executing program) 2022/11/01 12:40:09 fetching corpus: 4638, signal 224527/269522 (executing program) 2022/11/01 12:40:09 fetching corpus: 4688, signal 225278/270265 (executing program) 2022/11/01 12:40:09 fetching corpus: 4736, signal 226212/271054 (executing program) 2022/11/01 12:40:09 fetching corpus: 4786, signal 226921/271775 (executing program) 2022/11/01 12:40:09 fetching corpus: 4836, signal 227862/272558 (executing program) 2022/11/01 12:40:09 fetching corpus: 4885, signal 228311/273173 (executing program) 2022/11/01 12:40:09 fetching corpus: 4934, signal 229246/273922 (executing program) 2022/11/01 12:40:09 fetching corpus: 4984, signal 229800/274574 (executing program) 2022/11/01 12:40:10 fetching corpus: 5034, signal 230329/275148 (executing program) 2022/11/01 12:40:10 fetching corpus: 5084, signal 231128/275842 (executing program) 2022/11/01 12:40:10 fetching corpus: 5132, signal 231693/276400 (executing program) 2022/11/01 12:40:10 fetching corpus: 5182, signal 232340/277028 (executing program) 2022/11/01 12:40:10 fetching corpus: 5232, signal 233130/277650 (executing program) 2022/11/01 12:40:10 fetching corpus: 5282, signal 233897/278287 (executing program) 2022/11/01 12:40:10 fetching corpus: 5332, signal 234460/278819 (executing program) 2022/11/01 12:40:11 fetching corpus: 5382, signal 235061/279375 (executing program) 2022/11/01 12:40:11 fetching corpus: 5432, signal 235709/279971 (executing program) 2022/11/01 12:40:11 fetching corpus: 5480, signal 236787/280631 (executing program) 2022/11/01 12:40:11 fetching corpus: 5530, signal 237275/281137 (executing program) 2022/11/01 12:40:11 fetching corpus: 5578, signal 238448/281803 (executing program) 2022/11/01 12:40:11 fetching corpus: 5628, signal 239122/282335 (executing program) 2022/11/01 12:40:11 fetching corpus: 5678, signal 239947/282893 (executing program) 2022/11/01 12:40:11 fetching corpus: 5728, signal 240507/283407 (executing program) 2022/11/01 12:40:12 fetching corpus: 5778, signal 241178/283952 (executing program) 2022/11/01 12:40:12 fetching corpus: 5828, signal 241709/284436 (executing program) 2022/11/01 12:40:12 fetching corpus: 5878, signal 242164/284876 (executing program) 2022/11/01 12:40:12 fetching corpus: 5928, signal 242711/285323 (executing program) 2022/11/01 12:40:12 fetching corpus: 5977, signal 243376/285828 (executing program) 2022/11/01 12:40:12 fetching corpus: 6027, signal 244134/286273 (executing program) 2022/11/01 12:40:12 fetching corpus: 6077, signal 244719/286696 (executing program) 2022/11/01 12:40:12 fetching corpus: 6126, signal 245375/287167 (executing program) 2022/11/01 12:40:13 fetching corpus: 6176, signal 246016/287609 (executing program) 2022/11/01 12:40:13 fetching corpus: 6226, signal 246480/287996 (executing program) 2022/11/01 12:40:13 fetching corpus: 6275, signal 247189/288399 (executing program) 2022/11/01 12:40:13 fetching corpus: 6325, signal 247813/288811 (executing program) 2022/11/01 12:40:13 fetching corpus: 6375, signal 248294/289207 (executing program) 2022/11/01 12:40:13 fetching corpus: 6424, signal 248892/289583 (executing program) 2022/11/01 12:40:13 fetching corpus: 6474, signal 249475/290000 (executing program) 2022/11/01 12:40:14 fetching corpus: 6524, signal 249918/290390 (executing program) 2022/11/01 12:40:14 fetching corpus: 6574, signal 250482/290752 (executing program) 2022/11/01 12:40:14 fetching corpus: 6624, signal 251054/291103 (executing program) 2022/11/01 12:40:14 fetching corpus: 6674, signal 251748/291439 (executing program) 2022/11/01 12:40:14 fetching corpus: 6724, signal 252193/291758 (executing program) 2022/11/01 12:40:14 fetching corpus: 6774, signal 252774/292098 (executing program) 2022/11/01 12:40:14 fetching corpus: 6824, signal 253510/292438 (executing program) 2022/11/01 12:40:14 fetching corpus: 6874, signal 254008/292770 (executing program) 2022/11/01 12:40:14 fetching corpus: 6924, signal 255060/293111 (executing program) 2022/11/01 12:40:14 fetching corpus: 6974, signal 255388/293381 (executing program) 2022/11/01 12:40:15 fetching corpus: 7024, signal 255940/293663 (executing program) 2022/11/01 12:40:15 fetching corpus: 7074, signal 256559/294002 (executing program) 2022/11/01 12:40:15 fetching corpus: 7124, signal 257106/294282 (executing program) 2022/11/01 12:40:15 fetching corpus: 7174, signal 257767/294544 (executing program) 2022/11/01 12:40:15 fetching corpus: 7224, signal 258502/294814 (executing program) 2022/11/01 12:40:15 fetching corpus: 7272, signal 259001/295085 (executing program) 2022/11/01 12:40:15 fetching corpus: 7322, signal 259539/295128 (executing program) 2022/11/01 12:40:15 fetching corpus: 7371, signal 260003/295128 (executing program) 2022/11/01 12:40:16 fetching corpus: 7420, signal 260761/295130 (executing program) 2022/11/01 12:40:16 fetching corpus: 7469, signal 261469/295130 (executing program) 2022/11/01 12:40:16 fetching corpus: 7518, signal 261802/295130 (executing program) 2022/11/01 12:40:16 fetching corpus: 7568, signal 262186/295130 (executing program) 2022/11/01 12:40:16 fetching corpus: 7617, signal 262576/295130 (executing program) 2022/11/01 12:40:16 fetching corpus: 7667, signal 263162/295136 (executing program) 2022/11/01 12:40:16 fetching corpus: 7717, signal 263495/295141 (executing program) 2022/11/01 12:40:16 fetching corpus: 7761, signal 263809/295145 (executing program) 2022/11/01 12:40:16 fetching corpus: 7811, signal 264338/295182 (executing program) 2022/11/01 12:40:17 fetching corpus: 7861, signal 264979/295184 (executing program) 2022/11/01 12:40:17 fetching corpus: 7911, signal 265460/295184 (executing program) 2022/11/01 12:40:17 fetching corpus: 7961, signal 265939/295193 (executing program) 2022/11/01 12:40:17 fetching corpus: 8011, signal 266342/295193 (executing program) 2022/11/01 12:40:17 fetching corpus: 8061, signal 266671/295197 (executing program) 2022/11/01 12:40:17 fetching corpus: 8111, signal 267249/295198 (executing program) 2022/11/01 12:40:17 fetching corpus: 8161, signal 267824/295216 (executing program) 2022/11/01 12:40:17 fetching corpus: 8210, signal 268343/295217 (executing program) 2022/11/01 12:40:18 fetching corpus: 8260, signal 268844/295220 (executing program) 2022/11/01 12:40:18 fetching corpus: 8308, signal 269329/295221 (executing program) 2022/11/01 12:40:18 fetching corpus: 8358, signal 269926/295221 (executing program) 2022/11/01 12:40:18 fetching corpus: 8408, signal 270350/295221 (executing program) 2022/11/01 12:40:18 fetching corpus: 8458, signal 270734/295223 (executing program) 2022/11/01 12:40:18 fetching corpus: 8506, signal 271205/295256 (executing program) 2022/11/01 12:40:18 fetching corpus: 8556, signal 271629/295265 (executing program) 2022/11/01 12:40:19 fetching corpus: 8606, signal 271951/295265 (executing program) 2022/11/01 12:40:19 fetching corpus: 8656, signal 272280/295265 (executing program) 2022/11/01 12:40:19 fetching corpus: 8705, signal 272874/295266 (executing program) 2022/11/01 12:40:19 fetching corpus: 8755, signal 273282/295266 (executing program) 2022/11/01 12:40:19 fetching corpus: 8805, signal 273615/295266 (executing program) 2022/11/01 12:40:19 fetching corpus: 8854, signal 274034/295266 (executing program) 2022/11/01 12:40:19 fetching corpus: 8904, signal 274397/295266 (executing program) 2022/11/01 12:40:19 fetching corpus: 8953, signal 274807/295282 (executing program) 2022/11/01 12:40:20 fetching corpus: 9001, signal 275248/295282 (executing program) 2022/11/01 12:40:20 fetching corpus: 9051, signal 275695/295285 (executing program) 2022/11/01 12:40:20 fetching corpus: 9099, signal 276364/295298 (executing program) 2022/11/01 12:40:20 fetching corpus: 9149, signal 276742/295298 (executing program) 2022/11/01 12:40:20 fetching corpus: 9199, signal 277372/295300 (executing program) 2022/11/01 12:40:20 fetching corpus: 9248, signal 277853/295300 (executing program) 2022/11/01 12:40:20 fetching corpus: 9297, signal 278332/295309 (executing program) 2022/11/01 12:40:21 fetching corpus: 9347, signal 278762/295309 (executing program) 2022/11/01 12:40:21 fetching corpus: 9397, signal 279088/295309 (executing program) 2022/11/01 12:40:21 fetching corpus: 9447, signal 279479/295310 (executing program) 2022/11/01 12:40:21 fetching corpus: 9497, signal 279856/295310 (executing program) 2022/11/01 12:40:21 fetching corpus: 9544, signal 280099/295313 (executing program) 2022/11/01 12:40:21 fetching corpus: 9593, signal 280437/295319 (executing program) 2022/11/01 12:40:21 fetching corpus: 9641, signal 280819/295321 (executing program) 2022/11/01 12:40:22 fetching corpus: 9689, signal 281251/295323 (executing program) 2022/11/01 12:40:22 fetching corpus: 9739, signal 281594/295323 (executing program) 2022/11/01 12:40:22 fetching corpus: 9788, signal 281909/295329 (executing program) 2022/11/01 12:40:22 fetching corpus: 9837, signal 282421/295329 (executing program) 2022/11/01 12:40:22 fetching corpus: 9887, signal 282924/295330 (executing program) 2022/11/01 12:40:22 fetching corpus: 9933, signal 283316/295389 (executing program) 2022/11/01 12:40:22 fetching corpus: 9983, signal 283621/295389 (executing program) 2022/11/01 12:40:22 fetching corpus: 10032, signal 283901/295393 (executing program) 2022/11/01 12:40:23 fetching corpus: 10081, signal 284374/295430 (executing program) 2022/11/01 12:40:23 fetching corpus: 10131, signal 284605/295459 (executing program) 2022/11/01 12:40:23 fetching corpus: 10179, signal 285063/295471 (executing program) 2022/11/01 12:40:23 fetching corpus: 10228, signal 285554/295472 (executing program) 2022/11/01 12:40:23 fetching corpus: 10278, signal 285910/295472 (executing program) 2022/11/01 12:40:23 fetching corpus: 10327, signal 286195/295475 (executing program) 2022/11/01 12:40:23 fetching corpus: 10376, signal 286586/295475 (executing program) 2022/11/01 12:40:23 fetching corpus: 10423, signal 287019/295480 (executing program) 2022/11/01 12:40:23 fetching corpus: 10472, signal 287320/295480 (executing program) 2022/11/01 12:40:24 fetching corpus: 10520, signal 287624/295505 (executing program) 2022/11/01 12:40:24 fetching corpus: 10570, signal 287976/295508 (executing program) 2022/11/01 12:40:24 fetching corpus: 10620, signal 288508/295508 (executing program) 2022/11/01 12:40:24 fetching corpus: 10669, signal 288751/295527 (executing program) 2022/11/01 12:40:24 fetching corpus: 10718, signal 289091/295528 (executing program) 2022/11/01 12:40:24 fetching corpus: 10758, signal 289549/295528 (executing program) 2022/11/01 12:40:24 fetching corpus: 10758, signal 289549/295528 (executing program) 2022/11/01 12:40:27 starting 8 fuzzer processes 12:40:27 executing program 0: perf_event_open$cgroup(&(0x7f0000000200)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1901c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 12:40:27 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup3(r1, r0, 0x0) sendmsg$NL80211_CMD_REGISTER_BEACONS(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={0x0, 0x28}}, 0x0) 12:40:27 executing program 1: r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='clear_refs\x00') write$tcp_mem(r0, 0x0, 0x0) 12:40:27 executing program 3: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x76, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_open_dev$tty20(0xc, 0x4, 0x0) ioctl$TCSETAW(r0, 0x540b, 0x0) 12:40:27 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) open_by_handle_at(r0, &(0x7f0000000140)=@ceph_nfs_confh={0x10, 0x2, {0x28}}, 0x257) 12:40:27 executing program 5: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0xcc80, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat$random(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$RNDADDTOENTCNT(r0, 0x5207, 0x0) 12:40:27 executing program 6: r0 = syz_io_uring_setup(0x1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100)=0x0, &(0x7f0000000140)=0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_CONNECT={0x10, 0x0, 0x0, r3, 0x54, &(0x7f0000000300)=@pppol2tpv3}, 0x0) ioctl$AUTOFS_DEV_IOCTL_FAIL(0xffffffffffffffff, 0xc0189377, &(0x7f0000000300)=ANY=[@ANYBLOB='\x00']) io_uring_enter(r0, 0x1, 0x0, 0x0, 0x0, 0x0) 12:40:27 executing program 7: getresuid(&(0x7f0000007f80), &(0x7f0000007fc0), &(0x7f0000008000)) [ 80.744339] audit: type=1400 audit(1667306427.266:6): avc: denied { execmem } for pid=283 comm="syz-executor.0" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1 [ 82.126885] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 82.128481] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 82.130000] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 82.131790] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 82.132735] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 82.134147] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 82.135075] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 82.152799] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 82.153742] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 82.154964] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 82.157656] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 82.158761] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 82.159728] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 82.160804] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 82.162253] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 82.163496] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 82.165009] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 82.166615] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 82.167584] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 82.168885] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 82.169894] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 82.171213] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 82.172258] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 82.173774] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 82.174958] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 82.176639] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 82.177605] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 82.178694] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 82.183903] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 82.186651] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 82.188198] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 82.189717] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 82.190876] Bluetooth: hci7: HCI_REQ-0x0c1a [ 82.192181] Bluetooth: hci4: HCI_REQ-0x0c1a [ 82.195324] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 82.197378] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 82.199392] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 82.200901] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 82.206668] Bluetooth: hci0: HCI_REQ-0x0c1a [ 82.210790] Bluetooth: hci3: HCI_REQ-0x0c1a [ 82.211063] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 82.225124] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 82.226077] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 82.232293] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 82.233212] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 82.234704] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 82.235736] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 82.238293] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 82.240981] Bluetooth: hci6: HCI_REQ-0x0c1a [ 82.244888] Bluetooth: hci2: HCI_REQ-0x0c1a [ 82.250383] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 82.254614] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 82.255834] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 82.257671] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 82.262587] Bluetooth: hci1: HCI_REQ-0x0c1a [ 82.263261] Bluetooth: hci5: HCI_REQ-0x0c1a [ 84.216946] Bluetooth: hci7: command 0x0409 tx timeout [ 84.218049] Bluetooth: hci4: command 0x0409 tx timeout [ 84.280595] Bluetooth: hci6: command 0x0409 tx timeout [ 84.281730] Bluetooth: hci1: command 0x0409 tx timeout [ 84.282558] Bluetooth: hci5: command 0x0409 tx timeout [ 84.283386] Bluetooth: hci2: command 0x0409 tx timeout [ 84.284230] Bluetooth: hci0: command 0x0409 tx timeout [ 84.285239] Bluetooth: hci3: command 0x0409 tx timeout [ 86.265972] Bluetooth: hci4: command 0x041b tx timeout [ 86.266362] Bluetooth: hci7: command 0x041b tx timeout [ 86.329490] Bluetooth: hci3: command 0x041b tx timeout [ 86.329864] Bluetooth: hci0: command 0x041b tx timeout [ 86.330219] Bluetooth: hci2: command 0x041b tx timeout [ 86.330607] Bluetooth: hci5: command 0x041b tx timeout [ 86.330967] Bluetooth: hci1: command 0x041b tx timeout [ 86.331326] Bluetooth: hci6: command 0x041b tx timeout [ 88.313019] Bluetooth: hci7: command 0x040f tx timeout [ 88.314357] Bluetooth: hci4: command 0x040f tx timeout [ 88.376624] Bluetooth: hci6: command 0x040f tx timeout [ 88.377325] Bluetooth: hci1: command 0x040f tx timeout [ 88.378035] Bluetooth: hci5: command 0x040f tx timeout [ 88.378741] Bluetooth: hci2: command 0x040f tx timeout [ 88.379390] Bluetooth: hci0: command 0x040f tx timeout [ 88.380077] Bluetooth: hci3: command 0x040f tx timeout [ 90.361518] Bluetooth: hci4: command 0x0419 tx timeout [ 90.361965] Bluetooth: hci7: command 0x0419 tx timeout [ 90.425519] Bluetooth: hci3: command 0x0419 tx timeout [ 90.425908] Bluetooth: hci0: command 0x0419 tx timeout [ 90.426280] Bluetooth: hci2: command 0x0419 tx timeout [ 90.426697] Bluetooth: hci5: command 0x0419 tx timeout [ 90.427069] Bluetooth: hci1: command 0x0419 tx timeout [ 90.427463] Bluetooth: hci6: command 0x0419 tx timeout [ 135.115741] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 135.116337] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 135.117750] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 135.298868] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 135.299483] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 135.300884] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 136.294011] audit: type=1400 audit(1667306482.816:7): avc: denied { open } for pid=3809 comm="syz-executor.0" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 [ 136.445695] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 136.446309] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 136.448133] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 136.561774] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 136.562336] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 136.564057] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 136.690835] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 136.691938] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 136.724157] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 136.737107] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 136.737715] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 136.739349] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 136.874567] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 136.875156] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 136.877083] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 136.882916] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 136.883579] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 136.885096] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 136.956883] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 136.957507] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 136.959000] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 137.043685] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 137.044296] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 137.045738] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 137.280175] audit: type=1400 audit(1667306483.802:8): avc: denied { kernel } for pid=3867 comm="syz-executor.3" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 [ 137.934776] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 137.935438] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 137.937048] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 137.974726] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 137.975278] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 137.976384] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 138.196504] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 138.197082] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 138.198468] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 138.230565] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 138.231095] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 138.232299] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 138.356879] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 138.357483] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 138.358760] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 138.404791] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 138.405437] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 138.406874] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready 12:41:25 executing program 0: perf_event_open$cgroup(&(0x7f0000000200)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1901c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 12:41:25 executing program 3: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x76, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_open_dev$tty20(0xc, 0x4, 0x0) ioctl$TCSETAW(r0, 0x540b, 0x0) 12:41:25 executing program 5: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x76, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_open_dev$tty20(0xc, 0x4, 0x0) ioctl$TCSETAW(r0, 0x540b, 0x0) 12:41:25 executing program 6: mbind(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x1, &(0x7f0000001280)=0xe8, 0x4b, 0x2) 12:41:25 executing program 2: mlock2(&(0x7f0000ff7000/0x4000)=nil, 0x4000, 0x0) shmat(0xffffffffffffffff, &(0x7f0000fed000/0x13000)=nil, 0x0) r0 = shmget(0x3, 0xa000, 0x20, &(0x7f0000ff6000/0xa000)=nil) shmat(r0, &(0x7f0000ffe000/0x2000)=nil, 0x2000) r1 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x81}, 0x8, 0x7ff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x3) mmap$perf(&(0x7f0000fed000/0x3000)=nil, 0x3000, 0x0, 0x13, r1, 0x4) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x2000000000000000}, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x41, 0x0) perf_event_open(&(0x7f00000001c0)={0x4, 0x80, 0x1, 0x8a, 0x20, 0xa9, 0x0, 0x0, 0x8, 0x3, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x3, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100, 0x0, @perf_config_ext={0xa000000000000000, 0xa8f}, 0x3a00, 0x5, 0x80000000, 0x4, 0x0, 0x6, 0x3c3f, 0x0, 0x6, 0x0, 0x3}, 0x0, 0x7, 0xffffffffffffffff, 0x2) openat2(0xffffffffffffffff, &(0x7f0000000240)='./file0\x00', &(0x7f0000000300)={0x200, 0x21, 0x1b}, 0x18) mincore(&(0x7f0000ff8000/0x2000)=nil, 0x2000, &(0x7f0000000700)=""/4096) r3 = ioctl$LOOP_CTL_GET_FREE(r2, 0x4c82) perf_event_open(&(0x7f0000000100)={0x3, 0x80, 0x2, 0x3f, 0x5, 0x3, 0x0, 0x89d9, 0x1000, 0xc, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x2, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x4, @perf_config_ext={0x4, 0x8}, 0x8040, 0x1, 0x400, 0x6, 0xa2, 0x0, 0x7, 0x0, 0x4, 0x0, 0x239b}, 0xffffffffffffffff, 0x9, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_DEFAULT_SUBVOL(r2, 0x40089413, &(0x7f0000000180)=0x1) ioctl$LOOP_CTL_REMOVE(r2, 0x4c81, r3) ioctl$SNAPSHOT_FREE(0xffffffffffffffff, 0x3305) 12:41:25 executing program 7: getresuid(&(0x7f0000007f80), &(0x7f0000007fc0), &(0x7f0000008000)) 12:41:25 executing program 1: r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='clear_refs\x00') write$tcp_mem(r0, 0x0, 0x0) 12:41:25 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) open_by_handle_at(r0, &(0x7f0000000140)=@ceph_nfs_confh={0x10, 0x2, {0x28}}, 0x257) [ 138.785412] hrtimer: interrupt took 18645 ns 12:41:25 executing program 7: getresuid(&(0x7f0000007f80), &(0x7f0000007fc0), &(0x7f0000008000)) 12:41:25 executing program 0: perf_event_open$cgroup(&(0x7f0000000200)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1901c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 12:41:25 executing program 6: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) io_setup(0x4, &(0x7f00000000c0)=0x0) io_destroy(r0) 12:41:25 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) open_by_handle_at(r0, &(0x7f0000000140)=@ceph_nfs_confh={0x10, 0x2, {0x28}}, 0x257) 12:41:25 executing program 3: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x76, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_open_dev$tty20(0xc, 0x4, 0x0) ioctl$TCSETAW(r0, 0x540b, 0x0) 12:41:25 executing program 5: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x76, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_open_dev$tty20(0xc, 0x4, 0x0) ioctl$TCSETAW(r0, 0x540b, 0x0) 12:41:25 executing program 1: r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='clear_refs\x00') write$tcp_mem(r0, 0x0, 0x0) 12:41:25 executing program 0: perf_event_open$cgroup(&(0x7f0000000200)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1901c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 139.278115] BUG: unable to handle page fault for address: ffffed100fffc000 [ 139.278604] #PF: supervisor write access in kernel mode [ 139.278978] #PF: error_code(0x0002) - not-present page [ 139.279353] PGD 7ffd3067 P4D 7ffd3067 PUD 7ffd2067 PMD 7ffd1067 PTE 0 [ 139.279797] Oops: 0002 [#1] PREEMPT SMP KASAN NOPTI [ 139.280382] CPU: 0 PID: 3965 Comm: syz-executor.2 Not tainted 6.1.0-rc3-next-20221101 #1 [ 139.281438] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 139.282665] RIP: 0010:__memset+0x24/0x50 [ 139.283185] Code: 90 90 90 90 90 90 0f 1f 44 00 00 49 89 f9 48 89 d1 83 e2 07 48 c1 e9 03 40 0f b6 f6 48 b8 01 01 01 01 01 01 01 01 48 0f af c6 48 ab 89 d1 f3 aa 4c 89 c8 e9 0d d4 12 00 66 66 2e 0f 1f 84 00 [ 139.284295] RSP: 0018:ffff8880420d7cc0 EFLAGS: 00010216 [ 139.284620] RAX: 0000000000000000 RBX: ffff88800c0930c0 RCX: 1ffffe21fe6058d2 [ 139.285045] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffed100fffc000 [ 139.285474] RBP: ffff88800c0b03c0 R08: 0000000000000005 R09: ffffed1001812618 [ 139.285898] R10: 0000000000000001 R11: 0000000000000001 R12: ffff88800c0b03c0 [ 139.286327] R13: ffff88800c0930c0 R14: ffffffff815f2620 R15: 1ffff1100112281f [ 139.286790] FS: 00007fc5a604a700(0000) GS:ffff88806d000000(0000) knlGS:0000000000000000 [ 139.287320] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 139.287708] CR2: ffffed100fffc000 CR3: 00000000169de000 CR4: 0000000000350ef0 [ 139.288175] Call Trace: [ 139.288349] [ 139.288502] kasan_unpoison+0x23/0x60 [ 139.288767] mempool_exit+0x1c2/0x330 [ 139.289031] bioset_exit+0x2c9/0x630 [ 139.289297] disk_release+0x143/0x490 [ 139.289561] ? disk_release+0x0/0x490 [ 139.289823] ? device_release+0x0/0x250 [ 139.290093] device_release+0xa2/0x250 [ 139.290355] ? device_release+0x0/0x250 [ 139.290620] kobject_put+0x173/0x280 [ 139.290874] put_device+0x1b/0x40 [ 139.291114] put_disk+0x41/0x60 [ 139.291359] loop_control_ioctl+0x4d1/0x630 [ 139.291655] ? loop_control_ioctl+0x0/0x630 [ 139.291950] ? selinux_file_ioctl+0xb1/0x270 [ 139.292257] ? loop_control_ioctl+0x0/0x630 [ 139.292547] __x64_sys_ioctl+0x19a/0x220 [ 139.292829] do_syscall_64+0x3b/0xa0 [ 139.293087] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 139.293433] RIP: 0033:0x7fc5a8ad4b19 [ 139.293684] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 139.294849] RSP: 002b:00007fc5a604a188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 139.295315] RAX: ffffffffffffffda RBX: 00007fc5a8be7f60 RCX: 00007fc5a8ad4b19 [ 139.295747] RDX: 0000000000000000 RSI: 0000000000004c81 RDI: 0000000000000005 [ 139.296173] RBP: 00007fc5a8b2ef6d R08: 0000000000000000 R09: 0000000000000000 [ 139.296597] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 139.297098] R13: 00007ffd018ad74f R14: 00007fc5a604a300 R15: 0000000000022000 [ 139.297594] [ 139.297760] Modules linked in: [ 139.297992] CR2: ffffed100fffc000 [ 139.298233] ---[ end trace 0000000000000000 ]--- [ 139.298563] RIP: 0010:__memset+0x24/0x50 [ 139.298866] Code: 90 90 90 90 90 90 0f 1f 44 00 00 49 89 f9 48 89 d1 83 e2 07 48 c1 e9 03 40 0f b6 f6 48 b8 01 01 01 01 01 01 01 01 48 0f af c6 48 ab 89 d1 f3 aa 4c 89 c8 e9 0d d4 12 00 66 66 2e 0f 1f 84 00 [ 139.300126] RSP: 0018:ffff8880420d7cc0 EFLAGS: 00010216 [ 139.300496] RAX: 0000000000000000 RBX: ffff88800c0930c0 RCX: 1ffffe21fe6058d2 [ 139.300974] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffed100fffc000 [ 139.301472] RBP: ffff88800c0b03c0 R08: 0000000000000005 R09: ffffed1001812618 [ 139.301965] R10: 0000000000000001 R11: 0000000000000001 R12: ffff88800c0b03c0 [ 139.302466] R13: ffff88800c0930c0 R14: ffffffff815f2620 R15: 1ffff1100112281f [ 139.302953] FS: 00007fc5a604a700(0000) GS:ffff88806d000000(0000) knlGS:0000000000000000 [ 139.303505] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 139.303914] CR2: ffffed100fffc000 CR3: 00000000169de000 CR4: 0000000000350ef0 [ 139.707079] BUG: unable to handle page fault for address: ffffed100fffc000 [ 139.707725] #PF: supervisor write access in kernel mode [ 139.708294] #PF: error_code(0x0002) - not-present page [ 139.708857] PGD 7ffd3067 P4D 7ffd3067 PUD 7ffd2067 PMD 7ffd1067 PTE 0 [ 139.709463] Oops: 0002 [#2] PREEMPT SMP KASAN NOPTI [ 139.709890] CPU: 0 PID: 3994 Comm: syz-executor.2 Tainted: G D 6.1.0-rc3-next-20221101 #1 [ 139.710808] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 139.711593] RIP: 0010:__memset+0x24/0x50 [ 139.711991] Code: 90 90 90 90 90 90 0f 1f 44 00 00 49 89 f9 48 89 d1 83 e2 07 48 c1 e9 03 40 0f b6 f6 48 b8 01 01 01 01 01 01 01 01 48 0f af c6 48 ab 89 d1 f3 aa 4c 89 c8 e9 0d d4 12 00 66 66 2e 0f 1f 84 00 [ 139.713588] RSP: 0018:ffff888041647cc0 EFLAGS: 00010216 [ 139.714067] RAX: 0000000000000000 RBX: ffff88800c093240 RCX: 1ffffe21fe6058d8 [ 139.714694] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffed100fffc000 [ 139.715349] RBP: ffff88800c0b03c0 R08: 0000000000000005 R09: ffffed1001812648 [ 139.715985] R10: 0000000000000001 R11: 0000000000000001 R12: ffff88800c0b03c0 [ 139.716753] R13: ffff88800c093240 R14: ffffffff815f2620 R15: 1ffff1100112241f [ 139.717474] FS: 00007fc5a6008700(0000) GS:ffff88806d000000(0000) knlGS:0000000000000000 [ 139.718185] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 139.718706] CR2: ffffed100fffc000 CR3: 00000000169de000 CR4: 0000000000350ef0 [ 139.719352] Call Trace: [ 139.719594] [ 139.719804] kasan_unpoison+0x23/0x60 [ 139.720161] mempool_exit+0x1c2/0x330 [ 139.720526] bioset_exit+0x2c9/0x630 [ 139.720873] ? _raw_spin_unlock+0x24/0x50 [ 139.721266] ? blkg_destroy_all.isra.0+0x157/0x230 [ 139.721731] disk_release+0x143/0x490 [ 139.722083] ? disk_release+0x0/0x490 [ 139.722446] ? device_release+0x0/0x250 [ 139.722812] device_release+0xa2/0x250 [ 139.723172] ? device_release+0x0/0x250 [ 139.723551] kobject_put+0x173/0x280 [ 139.723903] put_device+0x1b/0x40 [ 139.724223] put_disk+0x41/0x60 [ 139.724531] loop_control_ioctl+0x4d1/0x630 [ 139.724921] ? loop_control_ioctl+0x0/0x630 [ 139.725310] ? __x64_sys_ioctl+0x140/0x220 [ 139.725690] ? loop_control_ioctl+0x0/0x630 [ 139.726076] __x64_sys_ioctl+0x19a/0x220 [ 139.726443] do_syscall_64+0x3b/0xa0 [ 139.726785] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 139.727238] RIP: 0033:0x7fc5a8ad4b19 [ 139.727578] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 139.729139] RSP: 002b:00007fc5a6008188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 139.729820] RAX: ffffffffffffffda RBX: 00007fc5a8be80e0 RCX: 00007fc5a8ad4b19 [ 139.730459] RDX: 0000000000000001 RSI: 0000000000004c81 RDI: 0000000000000005 [ 139.731095] RBP: 00007fc5a8b2ef6d R08: 0000000000000000 R09: 0000000000000000 [ 139.731733] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 139.732368] R13: 00007ffd018ad74f R14: 00007fc5a6008300 R15: 0000000000022000 [ 139.733020] [ 139.733243] Modules linked in: [ 139.733548] CR2: ffffed100fffc000 [ 139.733868] ---[ end trace 0000000000000000 ]--- [ 139.734289] RIP: 0010:__memset+0x24/0x50 [ 139.734683] Code: 90 90 90 90 90 90 0f 1f 44 00 00 49 89 f9 48 89 d1 83 e2 07 48 c1 e9 03 40 0f b6 f6 48 b8 01 01 01 01 01 01 01 01 48 0f af c6 48 ab 89 d1 f3 aa 4c 89 c8 e9 0d d4 12 00 66 66 2e 0f 1f 84 00 [ 139.736266] RSP: 0018:ffff8880420d7cc0 EFLAGS: 00010216 [ 139.736731] RAX: 0000000000000000 RBX: ffff88800c0930c0 RCX: 1ffffe21fe6058d2 [ 139.737339] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffed100fffc000 [ 139.737945] RBP: ffff88800c0b03c0 R08: 0000000000000005 R09: ffffed1001812618 [ 139.738549] R10: 0000000000000001 R11: 0000000000000001 R12: ffff88800c0b03c0 [ 139.739165] R13: ffff88800c0930c0 R14: ffffffff815f2620 R15: 1ffff1100112281f [ 139.739780] FS: 00007fc5a6008700(0000) GS:ffff88806d000000(0000) knlGS:0000000000000000 [ 139.740473] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 139.740985] CR2: ffffed100fffc000 CR3: 00000000169de000 CR4: 0000000000350ef0 12:41:26 executing program 7: getresuid(&(0x7f0000007f80), &(0x7f0000007fc0), &(0x7f0000008000)) 12:41:26 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) open_by_handle_at(r0, &(0x7f0000000140)=@ceph_nfs_confh={0x10, 0x2, {0x28}}, 0x257) 12:41:26 executing program 6: r0 = openat$ptp0(0xffffffffffffff9c, &(0x7f0000000580), 0x0, 0x0) ioctl$PTP_PIN_SETFUNC(r0, 0x541b, 0x0) 12:41:26 executing program 3: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x76, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_open_dev$tty20(0xc, 0x4, 0x0) ioctl$TCSETAW(r0, 0x540b, 0x0) 12:41:26 executing program 5: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x76, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_open_dev$tty20(0xc, 0x4, 0x0) ioctl$TCSETAW(r0, 0x540b, 0x0) 12:41:26 executing program 1: r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='clear_refs\x00') write$tcp_mem(r0, 0x0, 0x0) 12:41:26 executing program 0: r0 = add_key$keyring(&(0x7f00000003c0), &(0x7f0000000400)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffb) r1 = add_key$keyring(&(0x7f0000000000), &(0x7f00000001c0)={'syz', 0x3}, 0x0, 0x0, 0xffffffffffffffff) keyctl$revoke(0x3, r1) keyctl$describe(0x6, r0, 0x0, 0x0) 12:41:26 executing program 2: mlock2(&(0x7f0000ff7000/0x4000)=nil, 0x4000, 0x0) shmat(0xffffffffffffffff, &(0x7f0000fed000/0x13000)=nil, 0x0) r0 = shmget(0x3, 0xa000, 0x20, &(0x7f0000ff6000/0xa000)=nil) shmat(r0, &(0x7f0000ffe000/0x2000)=nil, 0x2000) r1 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x81}, 0x8, 0x7ff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x3) mmap$perf(&(0x7f0000fed000/0x3000)=nil, 0x3000, 0x0, 0x13, r1, 0x4) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x2000000000000000}, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x41, 0x0) perf_event_open(&(0x7f00000001c0)={0x4, 0x80, 0x1, 0x8a, 0x20, 0xa9, 0x0, 0x0, 0x8, 0x3, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x3, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100, 0x0, @perf_config_ext={0xa000000000000000, 0xa8f}, 0x3a00, 0x5, 0x80000000, 0x4, 0x0, 0x6, 0x3c3f, 0x0, 0x6, 0x0, 0x3}, 0x0, 0x7, 0xffffffffffffffff, 0x2) openat2(0xffffffffffffffff, &(0x7f0000000240)='./file0\x00', &(0x7f0000000300)={0x200, 0x21, 0x1b}, 0x18) mincore(&(0x7f0000ff8000/0x2000)=nil, 0x2000, &(0x7f0000000700)=""/4096) r3 = ioctl$LOOP_CTL_GET_FREE(r2, 0x4c82) perf_event_open(&(0x7f0000000100)={0x3, 0x80, 0x2, 0x3f, 0x5, 0x3, 0x0, 0x89d9, 0x1000, 0xc, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x2, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x4, @perf_config_ext={0x4, 0x8}, 0x8040, 0x1, 0x400, 0x6, 0xa2, 0x0, 0x7, 0x0, 0x4, 0x0, 0x239b}, 0xffffffffffffffff, 0x9, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_DEFAULT_SUBVOL(r2, 0x40089413, &(0x7f0000000180)=0x1) ioctl$LOOP_CTL_REMOVE(r2, 0x4c81, r3) ioctl$SNAPSHOT_FREE(0xffffffffffffffff, 0x3305) 12:41:26 executing program 4: mlock2(&(0x7f0000ff7000/0x4000)=nil, 0x4000, 0x0) shmat(0xffffffffffffffff, &(0x7f0000fed000/0x13000)=nil, 0x0) r0 = shmget(0x3, 0xa000, 0x20, &(0x7f0000ff6000/0xa000)=nil) shmat(r0, &(0x7f0000ffe000/0x2000)=nil, 0x2000) r1 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x81}, 0x8, 0x7ff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x3) mmap$perf(&(0x7f0000fed000/0x3000)=nil, 0x3000, 0x0, 0x13, r1, 0x4) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x2000000000000000}, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x41, 0x0) perf_event_open(&(0x7f00000001c0)={0x4, 0x80, 0x1, 0x8a, 0x20, 0xa9, 0x0, 0x0, 0x8, 0x3, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x3, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100, 0x0, @perf_config_ext={0xa000000000000000, 0xa8f}, 0x3a00, 0x5, 0x80000000, 0x4, 0x0, 0x6, 0x3c3f, 0x0, 0x6, 0x0, 0x3}, 0x0, 0x7, 0xffffffffffffffff, 0x2) openat2(0xffffffffffffffff, &(0x7f0000000240)='./file0\x00', &(0x7f0000000300)={0x200, 0x21, 0x1b}, 0x18) mincore(&(0x7f0000ff8000/0x2000)=nil, 0x2000, &(0x7f0000000700)=""/4096) r3 = ioctl$LOOP_CTL_GET_FREE(r2, 0x4c82) perf_event_open(&(0x7f0000000100)={0x3, 0x80, 0x2, 0x3f, 0x5, 0x3, 0x0, 0x89d9, 0x1000, 0xc, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x2, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x4, @perf_config_ext={0x4, 0x8}, 0x8040, 0x1, 0x400, 0x6, 0xa2, 0x0, 0x7, 0x0, 0x4, 0x0, 0x239b}, 0xffffffffffffffff, 0x9, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_DEFAULT_SUBVOL(r2, 0x40089413, &(0x7f0000000180)=0x1) ioctl$LOOP_CTL_REMOVE(r2, 0x4c81, r3) ioctl$SNAPSHOT_FREE(0xffffffffffffffff, 0x3305) 12:41:26 executing program 6: mlock2(&(0x7f0000ff7000/0x4000)=nil, 0x4000, 0x0) shmat(0xffffffffffffffff, &(0x7f0000fed000/0x13000)=nil, 0x0) r0 = shmget(0x3, 0xa000, 0x20, &(0x7f0000ff6000/0xa000)=nil) shmat(r0, &(0x7f0000ffe000/0x2000)=nil, 0x2000) r1 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x81}, 0x8, 0x7ff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x3) mmap$perf(&(0x7f0000fed000/0x3000)=nil, 0x3000, 0x0, 0x13, r1, 0x4) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x2000000000000000}, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x41, 0x0) perf_event_open(&(0x7f00000001c0)={0x4, 0x80, 0x1, 0x8a, 0x20, 0xa9, 0x0, 0x0, 0x8, 0x3, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x3, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100, 0x0, @perf_config_ext={0xa000000000000000, 0xa8f}, 0x3a00, 0x5, 0x80000000, 0x4, 0x0, 0x6, 0x3c3f, 0x0, 0x6, 0x0, 0x3}, 0x0, 0x7, 0xffffffffffffffff, 0x2) openat2(0xffffffffffffffff, &(0x7f0000000240)='./file0\x00', &(0x7f0000000300)={0x200, 0x21, 0x1b}, 0x18) mincore(&(0x7f0000ff8000/0x2000)=nil, 0x2000, &(0x7f0000000700)=""/4096) r3 = ioctl$LOOP_CTL_GET_FREE(r2, 0x4c82) perf_event_open(&(0x7f0000000100)={0x3, 0x80, 0x2, 0x3f, 0x5, 0x3, 0x0, 0x89d9, 0x1000, 0xc, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x2, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x4, @perf_config_ext={0x4, 0x8}, 0x8040, 0x1, 0x400, 0x6, 0xa2, 0x0, 0x7, 0x0, 0x4, 0x0, 0x239b}, 0xffffffffffffffff, 0x9, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_DEFAULT_SUBVOL(r2, 0x40089413, &(0x7f0000000180)=0x1) ioctl$LOOP_CTL_REMOVE(r2, 0x4c81, r3) ioctl$SNAPSHOT_FREE(0xffffffffffffffff, 0x3305) 12:41:26 executing program 7: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) recvmmsg$unix(r1, &(0x7f0000004640)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) recvmmsg$unix(r1, &(0x7f0000004680)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) bind$unix(r0, &(0x7f0000000000)=@file={0x1, './file0\x00'}, 0x6e) connect$unix(r1, &(0x7f0000000100)=@file={0x0, './file0\x00'}, 0x6e) 12:41:26 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000400), 0xffffffffffffffff) sendmsg$NL80211_CMD_ASSOCIATE(r0, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000001340)={&(0x7f0000001180)={0x130, r1, 0x2f581cf9885e0c23, 0x0, 0x0, {{}, {@val={0x8}, @val={0xc}}}, [@NL80211_ATTR_IE={0x108, 0x2a, [@perr={0x84, 0x102, {0x0, 0x10, [@not_ext, @ext, @ext={{}, @device_b, 0x0, @device_b}, @ext={{}, @broadcast}, @ext={{}, @device_b, 0x0, @device_b}, @ext={{}, @broadcast}, @not_ext={{}, @device_b}, @not_ext={{}, @broadcast}, @ext={{}, @device_a, 0x0, @broadcast}, @not_ext, @ext={{}, @device_a, 0x0, @broadcast}, @not_ext, @ext={{}, @device_b}, @not_ext, @not_ext={{}, @broadcast}, @not_ext={{}, @broadcast}]}}]}]}, 0x130}}, 0x0) 12:41:26 executing program 2: mlock2(&(0x7f0000ff7000/0x4000)=nil, 0x4000, 0x0) shmat(0xffffffffffffffff, &(0x7f0000fed000/0x13000)=nil, 0x0) r0 = shmget(0x3, 0xa000, 0x20, &(0x7f0000ff6000/0xa000)=nil) shmat(r0, &(0x7f0000ffe000/0x2000)=nil, 0x2000) r1 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x81}, 0x8, 0x7ff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x3) mmap$perf(&(0x7f0000fed000/0x3000)=nil, 0x3000, 0x0, 0x13, r1, 0x4) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x2000000000000000}, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x41, 0x0) perf_event_open(&(0x7f00000001c0)={0x4, 0x80, 0x1, 0x8a, 0x20, 0xa9, 0x0, 0x0, 0x8, 0x3, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x3, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100, 0x0, @perf_config_ext={0xa000000000000000, 0xa8f}, 0x3a00, 0x5, 0x80000000, 0x4, 0x0, 0x6, 0x3c3f, 0x0, 0x6, 0x0, 0x3}, 0x0, 0x7, 0xffffffffffffffff, 0x2) openat2(0xffffffffffffffff, &(0x7f0000000240)='./file0\x00', &(0x7f0000000300)={0x200, 0x21, 0x1b}, 0x18) mincore(&(0x7f0000ff8000/0x2000)=nil, 0x2000, &(0x7f0000000700)=""/4096) r3 = ioctl$LOOP_CTL_GET_FREE(r2, 0x4c82) perf_event_open(&(0x7f0000000100)={0x3, 0x80, 0x2, 0x3f, 0x5, 0x3, 0x0, 0x89d9, 0x1000, 0xc, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x2, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x4, @perf_config_ext={0x4, 0x8}, 0x8040, 0x1, 0x400, 0x6, 0xa2, 0x0, 0x7, 0x0, 0x4, 0x0, 0x239b}, 0xffffffffffffffff, 0x9, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_DEFAULT_SUBVOL(r2, 0x40089413, &(0x7f0000000180)=0x1) ioctl$LOOP_CTL_REMOVE(r2, 0x4c81, r3) ioctl$SNAPSHOT_FREE(0xffffffffffffffff, 0x3305) 12:41:27 executing program 4: mlock2(&(0x7f0000ff7000/0x4000)=nil, 0x4000, 0x0) shmat(0xffffffffffffffff, &(0x7f0000fed000/0x13000)=nil, 0x0) r0 = shmget(0x3, 0xa000, 0x20, &(0x7f0000ff6000/0xa000)=nil) shmat(r0, &(0x7f0000ffe000/0x2000)=nil, 0x2000) r1 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x81}, 0x8, 0x7ff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x3) mmap$perf(&(0x7f0000fed000/0x3000)=nil, 0x3000, 0x0, 0x13, r1, 0x4) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x2000000000000000}, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x41, 0x0) perf_event_open(&(0x7f00000001c0)={0x4, 0x80, 0x1, 0x8a, 0x20, 0xa9, 0x0, 0x0, 0x8, 0x3, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x3, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100, 0x0, @perf_config_ext={0xa000000000000000, 0xa8f}, 0x3a00, 0x5, 0x80000000, 0x4, 0x0, 0x6, 0x3c3f, 0x0, 0x6, 0x0, 0x3}, 0x0, 0x7, 0xffffffffffffffff, 0x2) openat2(0xffffffffffffffff, &(0x7f0000000240)='./file0\x00', &(0x7f0000000300)={0x200, 0x21, 0x1b}, 0x18) mincore(&(0x7f0000ff8000/0x2000)=nil, 0x2000, &(0x7f0000000700)=""/4096) r3 = ioctl$LOOP_CTL_GET_FREE(r2, 0x4c82) perf_event_open(&(0x7f0000000100)={0x3, 0x80, 0x2, 0x3f, 0x5, 0x3, 0x0, 0x89d9, 0x1000, 0xc, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x2, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x4, @perf_config_ext={0x4, 0x8}, 0x8040, 0x1, 0x400, 0x6, 0xa2, 0x0, 0x7, 0x0, 0x4, 0x0, 0x239b}, 0xffffffffffffffff, 0x9, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_DEFAULT_SUBVOL(r2, 0x40089413, &(0x7f0000000180)=0x1) ioctl$LOOP_CTL_REMOVE(r2, 0x4c81, r3) ioctl$SNAPSHOT_FREE(0xffffffffffffffff, 0x3305) 12:41:27 executing program 7: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) recvmmsg$unix(r1, &(0x7f0000004640)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) recvmmsg$unix(r1, &(0x7f0000004680)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) bind$unix(r0, &(0x7f0000000000)=@file={0x1, './file0\x00'}, 0x6e) connect$unix(r1, &(0x7f0000000100)=@file={0x0, './file0\x00'}, 0x6e) 12:41:27 executing program 5: mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x0, 0x40031, 0xffffffffffffffff, 0x0) 12:41:27 executing program 3: futex(&(0x7f0000000300), 0x5, 0x0, 0x0, &(0x7f0000000380), 0x3000000) 12:41:27 executing program 1: prctl$PR_CAPBSET_READ(0x17, 0x0) 12:41:27 executing program 2: mlock2(&(0x7f0000ff7000/0x4000)=nil, 0x4000, 0x0) shmat(0xffffffffffffffff, &(0x7f0000fed000/0x13000)=nil, 0x0) r0 = shmget(0x3, 0xa000, 0x20, &(0x7f0000ff6000/0xa000)=nil) shmat(r0, &(0x7f0000ffe000/0x2000)=nil, 0x2000) r1 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x81}, 0x8, 0x7ff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x3) mmap$perf(&(0x7f0000fed000/0x3000)=nil, 0x3000, 0x0, 0x13, r1, 0x4) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x2000000000000000}, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x41, 0x0) perf_event_open(&(0x7f00000001c0)={0x4, 0x80, 0x1, 0x8a, 0x20, 0xa9, 0x0, 0x0, 0x8, 0x3, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x3, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100, 0x0, @perf_config_ext={0xa000000000000000, 0xa8f}, 0x3a00, 0x5, 0x80000000, 0x4, 0x0, 0x6, 0x3c3f, 0x0, 0x6, 0x0, 0x3}, 0x0, 0x7, 0xffffffffffffffff, 0x2) openat2(0xffffffffffffffff, &(0x7f0000000240)='./file0\x00', &(0x7f0000000300)={0x200, 0x21, 0x1b}, 0x18) mincore(&(0x7f0000ff8000/0x2000)=nil, 0x2000, &(0x7f0000000700)=""/4096) r3 = ioctl$LOOP_CTL_GET_FREE(r2, 0x4c82) perf_event_open(&(0x7f0000000100)={0x3, 0x80, 0x2, 0x3f, 0x5, 0x3, 0x0, 0x89d9, 0x1000, 0xc, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x2, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x4, @perf_config_ext={0x4, 0x8}, 0x8040, 0x1, 0x400, 0x6, 0xa2, 0x0, 0x7, 0x0, 0x4, 0x0, 0x239b}, 0xffffffffffffffff, 0x9, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_DEFAULT_SUBVOL(r2, 0x40089413, &(0x7f0000000180)=0x1) ioctl$LOOP_CTL_REMOVE(r2, 0x4c81, r3) ioctl$SNAPSHOT_FREE(0xffffffffffffffff, 0x3305) 12:41:27 executing program 6: mlock2(&(0x7f0000ff7000/0x4000)=nil, 0x4000, 0x0) shmat(0xffffffffffffffff, &(0x7f0000fed000/0x13000)=nil, 0x0) r0 = shmget(0x3, 0xa000, 0x20, &(0x7f0000ff6000/0xa000)=nil) shmat(r0, &(0x7f0000ffe000/0x2000)=nil, 0x2000) r1 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x81}, 0x8, 0x7ff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x3) mmap$perf(&(0x7f0000fed000/0x3000)=nil, 0x3000, 0x0, 0x13, r1, 0x4) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x2000000000000000}, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x41, 0x0) perf_event_open(&(0x7f00000001c0)={0x4, 0x80, 0x1, 0x8a, 0x20, 0xa9, 0x0, 0x0, 0x8, 0x3, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x3, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100, 0x0, @perf_config_ext={0xa000000000000000, 0xa8f}, 0x3a00, 0x5, 0x80000000, 0x4, 0x0, 0x6, 0x3c3f, 0x0, 0x6, 0x0, 0x3}, 0x0, 0x7, 0xffffffffffffffff, 0x2) openat2(0xffffffffffffffff, &(0x7f0000000240)='./file0\x00', &(0x7f0000000300)={0x200, 0x21, 0x1b}, 0x18) mincore(&(0x7f0000ff8000/0x2000)=nil, 0x2000, &(0x7f0000000700)=""/4096) r3 = ioctl$LOOP_CTL_GET_FREE(r2, 0x4c82) perf_event_open(&(0x7f0000000100)={0x3, 0x80, 0x2, 0x3f, 0x5, 0x3, 0x0, 0x89d9, 0x1000, 0xc, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x2, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x4, @perf_config_ext={0x4, 0x8}, 0x8040, 0x1, 0x400, 0x6, 0xa2, 0x0, 0x7, 0x0, 0x4, 0x0, 0x239b}, 0xffffffffffffffff, 0x9, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_DEFAULT_SUBVOL(r2, 0x40089413, &(0x7f0000000180)=0x1) ioctl$LOOP_CTL_REMOVE(r2, 0x4c81, r3) ioctl$SNAPSHOT_FREE(0xffffffffffffffff, 0x3305) 12:41:27 executing program 0: setsockopt$WPAN_WANTACK(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000000), 0x4) setsockopt$WPAN_SECURITY(0xffffffffffffffff, 0x0, 0x1, 0x0, 0x0) r0 = syz_genetlink_get_family_id$smc(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$SMC_PNETID_ADD(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000100)={0x84, r0, 0x2, 0x70bd2a, 0x25dfdbff, {}, [@SMC_PNETID_IBPORT={0x5, 0x4, 0x2}, @SMC_PNETID_IBNAME={0x9, 0x3, 'syz1\x00'}, @SMC_PNETID_NAME={0x9, 0x1, 'syz1\x00'}, @SMC_PNETID_IBPORT={0x5, 0x4, 0x2}, @SMC_PNETID_IBNAME={0x9, 0x3, 'syz2\x00'}, @SMC_PNETID_IBNAME={0x9, 0x3, 'syz2\x00'}, @SMC_PNETID_ETHNAME={0x14, 0x2, 'erspan0\x00'}, @SMC_PNETID_NAME={0x9, 0x1, 'syz0\x00'}, @SMC_PNETID_IBPORT={0x5}, @SMC_PNETID_IBPORT={0x5, 0x4, 0x1}]}, 0x84}}, 0x4000000) sendmsg$SMC_PNETID_ADD(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x180c00400}, 0xc, &(0x7f00000002c0)={&(0x7f0000000280)={0x20, r0, 0x0, 0x70bd27, 0x25dfdbff, {}, [@SMC_PNETID_IBNAME={0x9, 0x3, 'syz2\x00'}]}, 0x20}}, 0x20000041) syz_genetlink_get_family_id$smc(&(0x7f00000004c0), 0xffffffffffffffff) sendmsg$SMC_PNETID_DEL(0xffffffffffffffff, &(0x7f0000000580)={&(0x7f0000000480)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000540)={0x0}}, 0x4000) socket(0x1, 0x2, 0x0) sync() syz_genetlink_get_family_id$smc(&(0x7f00000056c0), 0xffffffffffffffff) 12:41:27 executing program 1: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) recvmmsg$unix(r1, &(0x7f0000004640)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) recvmmsg$unix(r1, &(0x7f0000004680)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) bind$unix(r0, &(0x7f0000000000)=@file={0x1, './file0\x00'}, 0x6e) connect$unix(r1, &(0x7f0000000100)=@file={0x0, './file0\x00'}, 0x6e) 12:41:27 executing program 3: futex(&(0x7f0000000300), 0x5, 0x0, 0x0, &(0x7f0000000380), 0x3000000) 12:41:27 executing program 5: mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x0, 0x40031, 0xffffffffffffffff, 0x0) 12:41:27 executing program 5: mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x0, 0x40031, 0xffffffffffffffff, 0x0) 12:41:27 executing program 3: futex(&(0x7f0000000300), 0x5, 0x0, 0x0, &(0x7f0000000380), 0x3000000) 12:41:28 executing program 5: mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x0, 0x40031, 0xffffffffffffffff, 0x0) 12:41:28 executing program 3: futex(&(0x7f0000000300), 0x5, 0x0, 0x0, &(0x7f0000000380), 0x3000000) 12:41:28 executing program 6: mlock2(&(0x7f0000ff7000/0x4000)=nil, 0x4000, 0x0) shmat(0xffffffffffffffff, &(0x7f0000fed000/0x13000)=nil, 0x0) r0 = shmget(0x3, 0xa000, 0x20, &(0x7f0000ff6000/0xa000)=nil) shmat(r0, &(0x7f0000ffe000/0x2000)=nil, 0x2000) r1 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x81}, 0x8, 0x7ff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x3) mmap$perf(&(0x7f0000fed000/0x3000)=nil, 0x3000, 0x0, 0x13, r1, 0x4) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x2000000000000000}, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x41, 0x0) perf_event_open(&(0x7f00000001c0)={0x4, 0x80, 0x1, 0x8a, 0x20, 0xa9, 0x0, 0x0, 0x8, 0x3, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x3, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100, 0x0, @perf_config_ext={0xa000000000000000, 0xa8f}, 0x3a00, 0x5, 0x80000000, 0x4, 0x0, 0x6, 0x3c3f, 0x0, 0x6, 0x0, 0x3}, 0x0, 0x7, 0xffffffffffffffff, 0x2) openat2(0xffffffffffffffff, &(0x7f0000000240)='./file0\x00', &(0x7f0000000300)={0x200, 0x21, 0x1b}, 0x18) mincore(&(0x7f0000ff8000/0x2000)=nil, 0x2000, &(0x7f0000000700)=""/4096) r3 = ioctl$LOOP_CTL_GET_FREE(r2, 0x4c82) perf_event_open(&(0x7f0000000100)={0x3, 0x80, 0x2, 0x3f, 0x5, 0x3, 0x0, 0x89d9, 0x1000, 0xc, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x2, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x4, @perf_config_ext={0x4, 0x8}, 0x8040, 0x1, 0x400, 0x6, 0xa2, 0x0, 0x7, 0x0, 0x4, 0x0, 0x239b}, 0xffffffffffffffff, 0x9, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_DEFAULT_SUBVOL(r2, 0x40089413, &(0x7f0000000180)=0x1) ioctl$LOOP_CTL_REMOVE(r2, 0x4c81, r3) ioctl$SNAPSHOT_FREE(0xffffffffffffffff, 0x3305) 12:41:28 executing program 0: r0 = syz_io_uring_setup(0xfa7, &(0x7f0000000080), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000100)=0x0, &(0x7f0000000380)=0x0) r3 = socket$inet_tcp(0x2, 0x1, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_CONNECT={0x10, 0x0, 0x0, r3, 0x80, &(0x7f0000000200)=@in6={0xa, 0x0, 0x0, @empty}}, 0x0) io_uring_enter(r0, 0x100001, 0x0, 0x0, 0x0, 0x0) 12:41:28 executing program 2: syz_emit_ethernet(0x56, &(0x7f0000000000)={@link_local, @empty, @void, {@ipv6={0x86dd, @generic={0x0, 0x6, "e81eaf", 0x20, 0x0, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @empty, {[@dstopts={0x0, 0x3, '\x00', [@calipso={0x7, 0x10, {0x0, 0x3, 0x0, 0x0, [0x0]}}, @jumbo]}]}}}}}, 0x0) 12:41:28 executing program 7: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) recvmmsg$unix(r1, &(0x7f0000004640)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) recvmmsg$unix(r1, &(0x7f0000004680)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) bind$unix(r0, &(0x7f0000000000)=@file={0x1, './file0\x00'}, 0x6e) connect$unix(r1, &(0x7f0000000100)=@file={0x0, './file0\x00'}, 0x6e) 12:41:28 executing program 4: mlock2(&(0x7f0000ff7000/0x4000)=nil, 0x4000, 0x0) shmat(0xffffffffffffffff, &(0x7f0000fed000/0x13000)=nil, 0x0) r0 = shmget(0x3, 0xa000, 0x20, &(0x7f0000ff6000/0xa000)=nil) shmat(r0, &(0x7f0000ffe000/0x2000)=nil, 0x2000) r1 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x81}, 0x8, 0x7ff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x3) mmap$perf(&(0x7f0000fed000/0x3000)=nil, 0x3000, 0x0, 0x13, r1, 0x4) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x2000000000000000}, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x41, 0x0) perf_event_open(&(0x7f00000001c0)={0x4, 0x80, 0x1, 0x8a, 0x20, 0xa9, 0x0, 0x0, 0x8, 0x3, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x3, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100, 0x0, @perf_config_ext={0xa000000000000000, 0xa8f}, 0x3a00, 0x5, 0x80000000, 0x4, 0x0, 0x6, 0x3c3f, 0x0, 0x6, 0x0, 0x3}, 0x0, 0x7, 0xffffffffffffffff, 0x2) openat2(0xffffffffffffffff, &(0x7f0000000240)='./file0\x00', &(0x7f0000000300)={0x200, 0x21, 0x1b}, 0x18) mincore(&(0x7f0000ff8000/0x2000)=nil, 0x2000, &(0x7f0000000700)=""/4096) r3 = ioctl$LOOP_CTL_GET_FREE(r2, 0x4c82) perf_event_open(&(0x7f0000000100)={0x3, 0x80, 0x2, 0x3f, 0x5, 0x3, 0x0, 0x89d9, 0x1000, 0xc, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x2, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x4, @perf_config_ext={0x4, 0x8}, 0x8040, 0x1, 0x400, 0x6, 0xa2, 0x0, 0x7, 0x0, 0x4, 0x0, 0x239b}, 0xffffffffffffffff, 0x9, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_DEFAULT_SUBVOL(r2, 0x40089413, &(0x7f0000000180)=0x1) ioctl$LOOP_CTL_REMOVE(r2, 0x4c81, r3) ioctl$SNAPSHOT_FREE(0xffffffffffffffff, 0x3305) 12:41:28 executing program 1: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) recvmmsg$unix(r1, &(0x7f0000004640)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) recvmmsg$unix(r1, &(0x7f0000004680)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) bind$unix(r0, &(0x7f0000000000)=@file={0x1, './file0\x00'}, 0x6e) connect$unix(r1, &(0x7f0000000100)=@file={0x0, './file0\x00'}, 0x6e) 12:41:28 executing program 2: read(0xffffffffffffffff, 0x0, 0x0) r0 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$RTC_IRQP_SET(0xffffffffffffffff, 0x4008700c, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3ff}, 0x0, 0xfffff7ffffffffff, 0xffffffffffffffff, 0xb) r1 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r1, 0xc0481273, &(0x7f0000000000)={'\x00', 0x3e, 0x1, 0xd6c2, 0x0, 0x2}) r2 = socket$inet_udp(0x2, 0x2, 0x0) r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r4 = socket$nl_audit(0x10, 0x3, 0x9) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000340)={'sit0\x00', 0x0}) sendmsg$inet(r3, &(0x7f0000000780)={&(0x7f0000000000)={0x2, 0x0, @local}, 0x10, &(0x7f00000003c0)=[{&(0x7f0000000300)="6fb9", 0xffeb}], 0x1, &(0x7f0000000700)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {r5, @remote, @broadcast}}}], 0x20}, 0x0) setsockopt$inet_mreqn(r2, 0x0, 0x23, &(0x7f0000000080)={@empty, @dev={0xac, 0x14, 0x14, 0x3a}, r5}, 0xc) setsockopt$inet_mreqn(r2, 0x0, 0x24, &(0x7f0000000180)={@multicast2, @private}, 0xc) r6 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1000002, 0x401a012, r6, 0x0) setsockopt$inet_mreqn(r0, 0x0, 0x24, 0x0, 0x0) 12:41:29 executing program 0: r0 = syz_open_procfs(0x0, &(0x7f0000000100)='net/raw\x00') preadv(r0, &(0x7f0000001140)=[{&(0x7f0000000140)=""/4096, 0x1000}], 0x1, 0x2, 0x0) 12:41:29 executing program 0: ioctl$CDROMREADMODE1(0xffffffffffffffff, 0x530d, &(0x7f0000000800)={0x6, 0x0, 0x20, 0x81, 0x6, 0x89}) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000001280)) ioctl$sock_SIOCGPGRP(0xffffffffffffffff, 0x8904, &(0x7f0000000300)) openat$ttyS3(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0) r0 = epoll_create(0x4) epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, 0xffffffffffffffff, &(0x7f0000000400)={0x30000004}) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r1 = socket$inet6_udp(0xa, 0x2, 0x0) r2 = dup(r1) connect$inet6(r2, &(0x7f0000000200)={0xa, 0x4e22, 0x0, @ipv4={'\x00', '\xff\xff', @dev}}, 0x1c) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) epoll_create(0x5) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) [ 142.811214] BUG: unable to handle page fault for address: ffffed100fffc000 [ 142.811915] #PF: supervisor write access in kernel mode [ 142.812396] #PF: error_code(0x0002) - not-present page [ 142.812880] PGD 7ffd3067 P4D 7ffd3067 PUD 7ffd2067 PMD 7ffd1067 PTE 0 [ 142.813514] Oops: 0002 [#3] PREEMPT SMP KASAN NOPTI [ 142.813986] CPU: 1 PID: 4075 Comm: syz-executor.4 Tainted: G D 6.1.0-rc3-next-20221101 #1 [ 142.814873] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 142.815642] RIP: 0010:__memset+0x24/0x50 [ 142.816053] Code: 90 90 90 90 90 90 0f 1f 44 00 00 49 89 f9 48 89 d1 83 e2 07 48 c1 e9 03 40 0f b6 f6 48 b8 01 01 01 01 01 01 01 01 48 0f af c6 48 ab 89 d1 f3 aa 4c 89 c8 e9 0d d4 12 00 66 66 2e 0f 1f 84 00 [ 142.817719] RSP: 0018:ffff88804110fcc0 EFLAGS: 00010216 [ 142.818216] RAX: 0000000000000000 RBX: ffff88800c0933c0 RCX: 1ffffe21fe6058de [ 142.818882] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffed100fffc000 [ 142.819552] RBP: ffff88800c0b03c0 R08: 0000000000000005 R09: ffffed1001812678 [ 142.820214] R10: 0000000000000001 R11: 0000000000000001 R12: ffff88800c0b03c0 [ 142.820875] R13: ffff88800c0933c0 R14: ffffffff815f2620 R15: 1ffff1100112201f [ 142.821531] FS: 00007ff19fc69700(0000) GS:ffff88806d100000(0000) knlGS:0000000000000000 [ 142.822273] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 142.822814] CR2: ffffed100fffc000 CR3: 000000000ee4a000 CR4: 0000000000350ee0 [ 142.823489] Call Trace: [ 142.823736] [ 142.823959] kasan_unpoison+0x23/0x60 [ 142.824333] mempool_exit+0x1c2/0x330 [ 142.824709] bioset_exit+0x2c9/0x630 [ 142.825077] disk_release+0x143/0x490 [ 142.825447] ? disk_release+0x0/0x490 [ 142.825815] ? device_release+0x0/0x250 [ 142.826199] device_release+0xa2/0x250 [ 142.826586] ? device_release+0x0/0x250 [ 142.826970] kobject_put+0x173/0x280 [ 142.827350] put_device+0x1b/0x40 [ 142.827691] put_disk+0x41/0x60 [ 142.828022] loop_control_ioctl+0x4d1/0x630 [ 142.828443] ? loop_control_ioctl+0x0/0x630 [ 142.828856] ? selinux_file_ioctl+0xb1/0x270 [ 142.829296] ? loop_control_ioctl+0x0/0x630 [ 142.829709] __x64_sys_ioctl+0x19a/0x220 [ 142.830103] do_syscall_64+0x3b/0xa0 [ 142.830465] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 142.830955] RIP: 0033:0x7ff1a26f3b19 [ 142.831317] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 142.832989] RSP: 002b:00007ff19fc69188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 142.833686] RAX: ffffffffffffffda RBX: 00007ff1a2806f60 RCX: 00007ff1a26f3b19 [ 142.834341] RDX: 0000000000000002 RSI: 0000000000004c81 RDI: 0000000000000005 [ 142.835003] RBP: 00007ff1a274df6d R08: 0000000000000000 R09: 0000000000000000 [ 142.835683] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 142.836355] R13: 00007fffddb673df R14: 00007ff19fc69300 R15: 0000000000022000 [ 142.837026] [ 142.837250] Modules linked in: [ 142.837558] CR2: ffffed100fffc000 [ 142.837887] ---[ end trace 0000000000000000 ]--- [ 142.838319] RIP: 0010:__memset+0x24/0x50 [ 142.838720] Code: 90 90 90 90 90 90 0f 1f 44 00 00 49 89 f9 48 89 d1 83 e2 07 48 c1 e9 03 40 0f b6 f6 48 b8 01 01 01 01 01 01 01 01 48 0f af c6 48 ab 89 d1 f3 aa 4c 89 c8 e9 0d d4 12 00 66 66 2e 0f 1f 84 00 [ 142.840399] RSP: 0018:ffff8880420d7cc0 EFLAGS: 00010216 [ 142.840894] RAX: 0000000000000000 RBX: ffff88800c0930c0 RCX: 1ffffe21fe6058d2 [ 142.841557] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffed100fffc000 [ 142.842214] RBP: ffff88800c0b03c0 R08: 0000000000000005 R09: ffffed1001812618 [ 142.842870] R10: 0000000000000001 R11: 0000000000000001 R12: ffff88800c0b03c0 [ 142.843534] R13: ffff88800c0930c0 R14: ffffffff815f2620 R15: 1ffff1100112281f [ 142.844194] FS: 00007ff19fc69700(0000) GS:ffff88806d100000(0000) knlGS:0000000000000000 [ 142.844937] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 142.845483] CR2: ffffed100fffc000 CR3: 000000000ee4a000 CR4: 0000000000350ee0 12:41:29 executing program 3: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x19020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xf470, 0x0, @perf_config_ext={0x9, 0x4}, 0x40021, 0x6, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1be2f630}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000000100)={0x3014c200, &(0x7f0000000180), 0x0, 0x0, {0xa}, 0x0, 0x0, 0x0, 0x0}, 0x58) r1 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$sock_timeval(r1, 0x1, 0x49, &(0x7f0000000000)={0x77359400}, 0x10) ioctl$FS_IOC_FSGETXATTR(r0, 0x801c581f, &(0x7f0000000340)={0xff, 0x2d1, 0x9, 0x9, 0x5b8e7df3}) sendmsg$BATADV_CMD_GET_MCAST_FLAGS(0xffffffffffffffff, &(0x7f0000000240)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000200)={&(0x7f00000001c0)={0x34, 0x0, 0x2, 0x70bd28, 0x25dfdbfc, {}, [@BATADV_ATTR_TPMETER_TEST_TIME={0x8, 0xb, 0x3}, @BATADV_ATTR_THROUGHPUT_OVERRIDE={0x8, 0x3b, 0x5}, @BATADV_ATTR_MULTICAST_FORCEFLOOD_ENABLED={0x5, 0x37, 0x1}, @BATADV_ATTR_ISOLATION_MARK={0x8, 0x2b, 0x7ff}]}, 0x34}, 0x1, 0x0, 0x0, 0x40800}, 0x0) 12:41:29 executing program 5: clone3(&(0x7f0000000100)={0xe8043100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 12:41:29 executing program 1: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) recvmmsg$unix(r1, &(0x7f0000004640)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) recvmmsg$unix(r1, &(0x7f0000004680)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) bind$unix(r0, &(0x7f0000000000)=@file={0x1, './file0\x00'}, 0x6e) connect$unix(r1, &(0x7f0000000100)=@file={0x0, './file0\x00'}, 0x6e) 12:41:29 executing program 7: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) recvmmsg$unix(r1, &(0x7f0000004640)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) recvmmsg$unix(r1, &(0x7f0000004680)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) bind$unix(r0, &(0x7f0000000000)=@file={0x1, './file0\x00'}, 0x6e) connect$unix(r1, &(0x7f0000000100)=@file={0x0, './file0\x00'}, 0x6e) 12:41:29 executing program 5: clone3(&(0x7f0000000100)={0xe8043100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 12:41:29 executing program 4: mknod(&(0x7f0000008d80)='./file0\x00', 0x0, 0x0) mount$9p_unix(&(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x1a901e, 0x0) mount$9p_unix(0x0, &(0x7f00000001c0)='./file0\x00', 0x0, 0x200865, &(0x7f0000000300)) [ 143.217641] audit: type=1400 audit(1667306489.511:9): avc: denied { write } for pid=4106 comm="syz-executor.3" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 [ 143.294898] ======================================================= [ 143.294898] WARNING: The mand mount option has been deprecated and [ 143.294898] and is ignored by this kernel. Remove the mand [ 143.294898] option from the mount to silence this warning. [ 143.294898] ======================================================= [ 143.297851] ext4: Unknown parameter 'trans' [ 143.300363] ext4: Unknown parameter 'trans' 12:41:29 executing program 5: clone3(&(0x7f0000000100)={0xe8043100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) [ 143.389622] BUG: unable to handle page fault for address: ffffed100fffc000 [ 143.390304] #PF: supervisor write access in kernel mode [ 143.390779] #PF: error_code(0x0002) - not-present page [ 143.391241] PGD 7ffd3067 P4D 7ffd3067 PUD 7ffd2067 PMD 7ffd1067 PTE 0 [ 143.391853] Oops: 0002 [#4] PREEMPT SMP KASAN NOPTI [ 143.392302] CPU: 1 PID: 4098 Comm: syz-executor.6 Tainted: G D 6.1.0-rc3-next-20221101 #1 [ 143.393137] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 143.393858] RIP: 0010:__memset+0x24/0x50 [ 143.394246] Code: 90 90 90 90 90 90 0f 1f 44 00 00 49 89 f9 48 89 d1 83 e2 07 48 c1 e9 03 40 0f b6 f6 48 b8 01 01 01 01 01 01 01 01 48 0f af c6 48 ab 89 d1 f3 aa 4c 89 c8 e9 0d d4 12 00 66 66 2e 0f 1f 84 00 [ 143.395843] RSP: 0018:ffff8880425dfcc0 EFLAGS: 00010216 [ 143.396323] RAX: 0000000000000000 RBX: ffff88800c093540 RCX: 1ffffe21fe6058e4 [ 143.396958] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffed100fffc000 [ 143.397584] RBP: ffff88800c0b03c0 R08: 0000000000000005 R09: ffffed10018126a8 [ 143.398209] R10: 0000000000000001 R11: 0000000000000001 R12: ffff88800c0b03c0 [ 143.398843] R13: ffff88800c093540 R14: ffffffff815f2620 R15: 1ffff11001124c1f [ 143.399480] FS: 00007fbb17565700(0000) GS:ffff88806d100000(0000) knlGS:0000000000000000 [ 143.400189] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 143.400707] CR2: ffffed100fffc000 CR3: 0000000015ae8000 CR4: 0000000000350ee0 [ 143.401337] Call Trace: [ 143.401571] [ 143.401781] kasan_unpoison+0x23/0x60 [ 143.402132] mempool_exit+0x1c2/0x330 [ 143.402494] bioset_exit+0x2c9/0x630 [ 143.402850] disk_release+0x143/0x490 [ 143.403207] ? disk_release+0x0/0x490 [ 143.403579] ? device_release+0x0/0x250 [ 143.403947] device_release+0xa2/0x250 [ 143.404303] ? device_release+0x0/0x250 [ 143.404671] kobject_put+0x173/0x280 [ 143.405021] put_device+0x1b/0x40 [ 143.405346] put_disk+0x41/0x60 [ 143.405662] loop_control_ioctl+0x4d1/0x630 [ 143.406064] ? loop_control_ioctl+0x0/0x630 [ 143.406458] ? selinux_file_ioctl+0xb1/0x270 [ 143.406872] ? loop_control_ioctl+0x0/0x630 [ 143.407270] __x64_sys_ioctl+0x19a/0x220 [ 143.407661] do_syscall_64+0x3b/0xa0 [ 143.408011] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 143.408479] RIP: 0033:0x7fbb1a031b19 [ 143.408820] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 143.410401] RSP: 002b:00007fbb17565188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 143.411071] RAX: ffffffffffffffda RBX: 00007fbb1a1450e0 RCX: 00007fbb1a031b19 [ 143.411716] RDX: 0000000000000003 RSI: 0000000000004c81 RDI: 0000000000000005 [ 143.412350] RBP: 00007fbb1a08bf6d R08: 0000000000000000 R09: 0000000000000000 [ 143.412971] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 143.413602] R13: 00007ffc469220ff R14: 00007fbb17565300 R15: 0000000000022000 [ 143.414240] [ 143.414455] Modules linked in: [ 143.414751] CR2: ffffed100fffc000 [ 143.415068] ---[ end trace 0000000000000000 ]--- [ 143.415491] RIP: 0010:__memset+0x24/0x50 [ 143.415875] Code: 90 90 90 90 90 90 0f 1f 44 00 00 49 89 f9 48 89 d1 83 e2 07 48 c1 e9 03 40 0f b6 f6 48 b8 01 01 01 01 01 01 01 01 48 0f af c6 48 ab 89 d1 f3 aa 4c 89 c8 e9 0d d4 12 00 66 66 2e 0f 1f 84 00 [ 143.417455] RSP: 0018:ffff8880420d7cc0 EFLAGS: 00010216 [ 143.417928] RAX: 0000000000000000 RBX: ffff88800c0930c0 RCX: 1ffffe21fe6058d2 [ 143.418561] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffed100fffc000 [ 143.419190] RBP: ffff88800c0b03c0 R08: 0000000000000005 R09: ffffed1001812618 [ 143.419826] R10: 0000000000000001 R11: 0000000000000001 R12: ffff88800c0b03c0 [ 143.420461] R13: ffff88800c0930c0 R14: ffffffff815f2620 R15: 1ffff1100112281f [ 143.421099] FS: 00007fbb17565700(0000) GS:ffff88806d100000(0000) knlGS:0000000000000000 [ 143.421809] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 143.422328] CR2: ffffed100fffc000 CR3: 0000000015ae8000 CR4: 0000000000350ee0 12:41:30 executing program 2: r0 = add_key$fscrypt_v1(&(0x7f0000000640), &(0x7f0000000680), &(0x7f00000006c0)={0x0, "0201d3ac2e2b4947dfa75ef80072cf20c1c161cea53e9d5a6e3d5ffe2c2a788b4644d9bfd25cd04830882b3b72df194ddcdc639eb5c8a7e7d4dd8b94e714103b"}, 0x48, 0xffffffffffffffff) keyctl$update(0x2, r0, 0x0, 0x0) 12:41:30 executing program 5: clone3(&(0x7f0000000100)={0xe8043100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 12:41:30 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000009c0), r0) sendmsg$IEEE802154_LLSEC_DEL_KEY(r1, &(0x7f0000000a80)={0x0, 0x0, &(0x7f0000000a40)={&(0x7f0000000a00)={0x20, r2, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan4\x00'}]}, 0x20}}, 0x0) 12:41:30 executing program 2: r0 = timerfd_create(0x0, 0x0) timerfd_settime(r0, 0x1, &(0x7f0000000280)={{0x77359400}, {0x0, 0x3938700}}, 0x0) read(r0, &(0x7f00000000c0)=""/171, 0xab) 12:41:30 executing program 6: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x76, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) times(0xfffffffffffffffc) 12:41:30 executing program 0: ioctl$CDROMREADMODE1(0xffffffffffffffff, 0x530d, &(0x7f0000000800)={0x6, 0x0, 0x20, 0x81, 0x6, 0x89}) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000001280)) ioctl$sock_SIOCGPGRP(0xffffffffffffffff, 0x8904, &(0x7f0000000300)) openat$ttyS3(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0) r0 = epoll_create(0x4) epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, 0xffffffffffffffff, &(0x7f0000000400)={0x30000004}) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r1 = socket$inet6_udp(0xa, 0x2, 0x0) r2 = dup(r1) connect$inet6(r2, &(0x7f0000000200)={0xa, 0x4e22, 0x0, @ipv4={'\x00', '\xff\xff', @dev}}, 0x1c) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) epoll_create(0x5) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 12:41:30 executing program 5: syz_mount_image$tmpfs(&(0x7f0000000200), &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000100)=ANY=[]) chroot(&(0x7f0000000040)='./file0\x00') umount2(&(0x7f00000000c0)='./file0\x00', 0x2) 12:41:30 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) r1 = socket$nl_xfrm(0x10, 0x3, 0x6) mount$9p_fd(0x0, &(0x7f00000001c0)='./file1\x00', &(0x7f0000000180), 0x0, &(0x7f0000000000)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 12:41:30 executing program 3: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x19020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xf470, 0x0, @perf_config_ext={0x9, 0x4}, 0x40021, 0x6, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1be2f630}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000000100)={0x3014c200, &(0x7f0000000180), 0x0, 0x0, {0xa}, 0x0, 0x0, 0x0, 0x0}, 0x58) r1 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$sock_timeval(r1, 0x1, 0x49, &(0x7f0000000000)={0x77359400}, 0x10) ioctl$FS_IOC_FSGETXATTR(r0, 0x801c581f, &(0x7f0000000340)={0xff, 0x2d1, 0x9, 0x9, 0x5b8e7df3}) sendmsg$BATADV_CMD_GET_MCAST_FLAGS(0xffffffffffffffff, &(0x7f0000000240)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000200)={&(0x7f00000001c0)={0x34, 0x0, 0x2, 0x70bd28, 0x25dfdbfc, {}, [@BATADV_ATTR_TPMETER_TEST_TIME={0x8, 0xb, 0x3}, @BATADV_ATTR_THROUGHPUT_OVERRIDE={0x8, 0x3b, 0x5}, @BATADV_ATTR_MULTICAST_FORCEFLOOD_ENABLED={0x5, 0x37, 0x1}, @BATADV_ATTR_ISOLATION_MARK={0x8, 0x2b, 0x7ff}]}, 0x34}, 0x1, 0x0, 0x0, 0x40800}, 0x0) [ 143.665860] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=65380 sclass=netlink_xfrm_socket pid=12 comm=kworker/0:1 12:41:30 executing program 2: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x19020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xf470, 0x0, @perf_config_ext={0x9, 0x4}, 0x40021, 0x6, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1be2f630}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000000100)={0x3014c200, &(0x7f0000000180), 0x0, 0x0, {0xa}, 0x0, 0x0, 0x0, 0x0}, 0x58) r1 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$sock_timeval(r1, 0x1, 0x49, &(0x7f0000000000)={0x77359400}, 0x10) ioctl$FS_IOC_FSGETXATTR(r0, 0x801c581f, &(0x7f0000000340)={0xff, 0x2d1, 0x9, 0x9, 0x5b8e7df3}) sendmsg$BATADV_CMD_GET_MCAST_FLAGS(0xffffffffffffffff, &(0x7f0000000240)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000200)={&(0x7f00000001c0)={0x34, 0x0, 0x2, 0x70bd28, 0x25dfdbfc, {}, [@BATADV_ATTR_TPMETER_TEST_TIME={0x8, 0xb, 0x3}, @BATADV_ATTR_THROUGHPUT_OVERRIDE={0x8, 0x3b, 0x5}, @BATADV_ATTR_MULTICAST_FORCEFLOOD_ENABLED={0x5, 0x37, 0x1}, @BATADV_ATTR_ISOLATION_MARK={0x8, 0x2b, 0x7ff}]}, 0x34}, 0x1, 0x0, 0x0, 0x40800}, 0x0) 12:41:30 executing program 6: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x76, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) times(0xfffffffffffffffc) 12:41:30 executing program 4: r0 = add_key$keyring(&(0x7f0000000080), &(0x7f00000000c0)={'syz', 0x0}, 0x0, 0x0, 0xfffffffffffffffe) keyctl$setperm(0x5, r0, 0x20082000) keyctl$join(0x1, &(0x7f0000000300)={'syz', 0x0}) keyctl$join(0x1, &(0x7f0000000000)={'syz', 0x0}) 12:41:30 executing program 4: openat$snapshot(0xffffffffffffff9c, &(0x7f0000000080), 0x121802, 0x0) 12:41:30 executing program 0: ioctl$CDROMREADMODE1(0xffffffffffffffff, 0x530d, &(0x7f0000000800)={0x6, 0x0, 0x20, 0x81, 0x6, 0x89}) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000001280)) ioctl$sock_SIOCGPGRP(0xffffffffffffffff, 0x8904, &(0x7f0000000300)) openat$ttyS3(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0) r0 = epoll_create(0x4) epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, 0xffffffffffffffff, &(0x7f0000000400)={0x30000004}) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r1 = socket$inet6_udp(0xa, 0x2, 0x0) r2 = dup(r1) connect$inet6(r2, &(0x7f0000000200)={0xa, 0x4e22, 0x0, @ipv4={'\x00', '\xff\xff', @dev}}, 0x1c) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) epoll_create(0x5) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 12:41:30 executing program 2: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x19020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xf470, 0x0, @perf_config_ext={0x9, 0x4}, 0x40021, 0x6, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1be2f630}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000000100)={0x3014c200, &(0x7f0000000180), 0x0, 0x0, {0xa}, 0x0, 0x0, 0x0, 0x0}, 0x58) r1 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$sock_timeval(r1, 0x1, 0x49, &(0x7f0000000000)={0x77359400}, 0x10) ioctl$FS_IOC_FSGETXATTR(r0, 0x801c581f, &(0x7f0000000340)={0xff, 0x2d1, 0x9, 0x9, 0x5b8e7df3}) sendmsg$BATADV_CMD_GET_MCAST_FLAGS(0xffffffffffffffff, &(0x7f0000000240)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000200)={&(0x7f00000001c0)={0x34, 0x0, 0x2, 0x70bd28, 0x25dfdbfc, {}, [@BATADV_ATTR_TPMETER_TEST_TIME={0x8, 0xb, 0x3}, @BATADV_ATTR_THROUGHPUT_OVERRIDE={0x8, 0x3b, 0x5}, @BATADV_ATTR_MULTICAST_FORCEFLOOD_ENABLED={0x5, 0x37, 0x1}, @BATADV_ATTR_ISOLATION_MARK={0x8, 0x2b, 0x7ff}]}, 0x34}, 0x1, 0x0, 0x0, 0x40800}, 0x0) 12:41:30 executing program 5: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x76, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat$loop_ctrl(0xffffffffffffff9c, 0x0, 0x0, 0x0) timer_create(0x2, 0x0, &(0x7f0000000140)) timer_settime(0x0, 0x0, &(0x7f0000000200)={{}, {0x77359400}}, 0x0) 12:41:30 executing program 1: r0 = socket$inet6(0xa, 0x1, 0x0) getsockopt$inet6_int(r0, 0x29, 0x6, 0x0, &(0x7f0000000080)=0x1b000000) 12:41:30 executing program 3: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x19020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xf470, 0x0, @perf_config_ext={0x9, 0x4}, 0x40021, 0x6, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1be2f630}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000000100)={0x3014c200, &(0x7f0000000180), 0x0, 0x0, {0xa}, 0x0, 0x0, 0x0, 0x0}, 0x58) r1 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$sock_timeval(r1, 0x1, 0x49, &(0x7f0000000000)={0x77359400}, 0x10) ioctl$FS_IOC_FSGETXATTR(r0, 0x801c581f, &(0x7f0000000340)={0xff, 0x2d1, 0x9, 0x9, 0x5b8e7df3}) sendmsg$BATADV_CMD_GET_MCAST_FLAGS(0xffffffffffffffff, &(0x7f0000000240)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000200)={&(0x7f00000001c0)={0x34, 0x0, 0x2, 0x70bd28, 0x25dfdbfc, {}, [@BATADV_ATTR_TPMETER_TEST_TIME={0x8, 0xb, 0x3}, @BATADV_ATTR_THROUGHPUT_OVERRIDE={0x8, 0x3b, 0x5}, @BATADV_ATTR_MULTICAST_FORCEFLOOD_ENABLED={0x5, 0x37, 0x1}, @BATADV_ATTR_ISOLATION_MARK={0x8, 0x2b, 0x7ff}]}, 0x34}, 0x1, 0x0, 0x0, 0x40800}, 0x0) 12:41:30 executing program 7: syz_io_uring_setup(0x6, &(0x7f0000001300), &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000001380), &(0x7f00000013c0)) 12:41:30 executing program 6: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x76, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) times(0xfffffffffffffffc) [ 144.451290] audit: type=1326 audit(1667306490.973:10): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=4192 comm="syz-executor.7" exe="/syz-executor.7" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f7b5bf3db19 code=0x0 12:41:30 executing program 4: mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x0, 0x4d031, 0xffffffffffffffff, 0x0) recvmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000004140)) 12:41:30 executing program 7: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000008f40)={0x2, &(0x7f0000008f00)=[{0x15}, {0x6}]}) openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) 12:41:30 executing program 5: unshare(0x28000200) unshare(0x20020000) syz_mount_image$ext4(0x0, &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f00000000c0)='./file0\x00', 0x0, 0x1020, 0x0) 12:41:30 executing program 6: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x76, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) times(0xfffffffffffffffc) 12:41:30 executing program 1: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) sendto$inet(r0, &(0x7f0000000140)="c3c420ddc7599ba34c0ccf5ccf393060ba8c4316c48ddbba644e12463d444b15baa31ddc975aff3ed7c73a0c1adaffa97dfaa7dc04d64553f7c7cd81cdaf640ec993fcbab975dc78f9c1db2bdf78fee6c7e4f53be90d9d26bfd6751f3ff37cdb9afaa7a3cd3081a58ffe4d45ed1727c14c1f86c7a5936a9689a4f728066f6698b4b16402cd29875f56340ee2d52c642404c1dd047fb671593aa5d7a1e97c0db6d83ff4471b5921662cc42e9fa46b8daffc15fe6de29d37a684cd70dbad9d011a861292ecd77ff2b2bbc7f17f7d21dfec6162", 0xd2, 0x10, &(0x7f0000000340)={0x2, 0x0, @broadcast}, 0xfffffffffffffeca) 12:41:30 executing program 2: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x19020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xf470, 0x0, @perf_config_ext={0x9, 0x4}, 0x40021, 0x6, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1be2f630}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000000100)={0x3014c200, &(0x7f0000000180), 0x0, 0x0, {0xa}, 0x0, 0x0, 0x0, 0x0}, 0x58) r1 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$sock_timeval(r1, 0x1, 0x49, &(0x7f0000000000)={0x77359400}, 0x10) ioctl$FS_IOC_FSGETXATTR(r0, 0x801c581f, &(0x7f0000000340)={0xff, 0x2d1, 0x9, 0x9, 0x5b8e7df3}) sendmsg$BATADV_CMD_GET_MCAST_FLAGS(0xffffffffffffffff, &(0x7f0000000240)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000200)={&(0x7f00000001c0)={0x34, 0x0, 0x2, 0x70bd28, 0x25dfdbfc, {}, [@BATADV_ATTR_TPMETER_TEST_TIME={0x8, 0xb, 0x3}, @BATADV_ATTR_THROUGHPUT_OVERRIDE={0x8, 0x3b, 0x5}, @BATADV_ATTR_MULTICAST_FORCEFLOOD_ENABLED={0x5, 0x37, 0x1}, @BATADV_ATTR_ISOLATION_MARK={0x8, 0x2b, 0x7ff}]}, 0x34}, 0x1, 0x0, 0x0, 0x40800}, 0x0) 12:41:30 executing program 0: ioctl$CDROMREADMODE1(0xffffffffffffffff, 0x530d, &(0x7f0000000800)={0x6, 0x0, 0x20, 0x81, 0x6, 0x89}) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000001280)) ioctl$sock_SIOCGPGRP(0xffffffffffffffff, 0x8904, &(0x7f0000000300)) openat$ttyS3(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0) r0 = epoll_create(0x4) epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, 0xffffffffffffffff, &(0x7f0000000400)={0x30000004}) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r1 = socket$inet6_udp(0xa, 0x2, 0x0) r2 = dup(r1) connect$inet6(r2, &(0x7f0000000200)={0xa, 0x4e22, 0x0, @ipv4={'\x00', '\xff\xff', @dev}}, 0x1c) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) epoll_create(0x5) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 12:41:30 executing program 3: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x19020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xf470, 0x0, @perf_config_ext={0x9, 0x4}, 0x40021, 0x6, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1be2f630}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000000100)={0x3014c200, &(0x7f0000000180), 0x0, 0x0, {0xa}, 0x0, 0x0, 0x0, 0x0}, 0x58) r1 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$sock_timeval(r1, 0x1, 0x49, &(0x7f0000000000)={0x77359400}, 0x10) ioctl$FS_IOC_FSGETXATTR(r0, 0x801c581f, &(0x7f0000000340)={0xff, 0x2d1, 0x9, 0x9, 0x5b8e7df3}) sendmsg$BATADV_CMD_GET_MCAST_FLAGS(0xffffffffffffffff, &(0x7f0000000240)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000200)={&(0x7f00000001c0)={0x34, 0x0, 0x2, 0x70bd28, 0x25dfdbfc, {}, [@BATADV_ATTR_TPMETER_TEST_TIME={0x8, 0xb, 0x3}, @BATADV_ATTR_THROUGHPUT_OVERRIDE={0x8, 0x3b, 0x5}, @BATADV_ATTR_MULTICAST_FORCEFLOOD_ENABLED={0x5, 0x37, 0x1}, @BATADV_ATTR_ISOLATION_MARK={0x8, 0x2b, 0x7ff}]}, 0x34}, 0x1, 0x0, 0x0, 0x40800}, 0x0) 12:41:30 executing program 5: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) sendmsg$inet6(r0, &(0x7f0000000680)={&(0x7f0000000000)={0xa, 0x4e23, 0x0, @mcast2}, 0x1c, 0x0, 0x0, &(0x7f0000000480)=[@flowinfo={{0x14, 0x29, 0xb, 0x9}}, @flowinfo={{0x14}}], 0x30}, 0x0) 12:41:31 executing program 4: setgroups(0x0, 0x0) getgroups(0x1, &(0x7f0000003400)=[0x0]) 12:41:31 executing program 1: socket$inet6(0xa, 0x0, 0xfd2) open$dir(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) openat$autofs(0xffffffffffffff9c, &(0x7f0000000b40), 0x0, 0x0) socket$inet6_udp(0xa, 0x2, 0x0) syz_open_dev$loop(&(0x7f0000000d80), 0xb5d, 0x101001) 12:41:31 executing program 6: futex(&(0x7f0000000300), 0x5, 0x0, 0x0, &(0x7f0000000380), 0x1000000) [ 145.288112] audit: type=1326 audit(1667306491.810:11): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=4192 comm="syz-executor.7" exe="/syz-executor.7" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f7b5bf3db19 code=0x0 12:41:31 executing program 5: getpgrp(0xffffffffffffffff) 12:41:31 executing program 1: openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x101042, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x401c5820, &(0x7f0000000000)=0x800f0) 12:41:31 executing program 6: r0 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) getsockopt$WPAN_WANTLQI(r0, 0x0, 0x3, 0x0, &(0x7f00000019c0)) 12:41:31 executing program 2: r0 = fork() rt_sigqueueinfo(r0, 0x9, &(0x7f0000001180)={0x0, 0x0, 0xffffff81}) waitid(0x2, 0x0, &(0x7f0000000080), 0xe100000c, 0x0) 12:41:31 executing program 4: setgroups(0x0, 0x0) getgroups(0x1, &(0x7f0000003400)=[0x0]) 12:41:31 executing program 3: mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x0, 0x4d031, 0xffffffffffffffff, 0x0) mq_timedsend(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000300)) 12:41:31 executing program 0: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000004c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000540)="601c6d6b646f7366d8a02b000801010004407b00000001c14e5afe7f7b201da624e63d1924580caa4a67ffc34c97a60a7821e7b7a67e9415b30b3362a483b14a5f1f21e9d1b932a216e0420930259ebdf649c29dcef71be318220a7c9bb03b05d2ca86762f0c07c36bbbf1934202d19751fac47f5b25f7dda7ef900072d8b66188ca481b89ff54574af657f975145852519f81ceb11565db40f6ba56dee944c290bfa2efff2e9b8ad6555b146507f1b06ff4e81f624dd5a9716097c1fc2033bdef27813dc8bc43ab6c9172dc8bb7e5ce8ea713d29d0d27ee8b65458b1efd5d945e591c626e7d06e38d5eee1ba932df3895438fd54575c4192831658382036a9ae6bd30375046baa2b18b083e2c187c5028ec99e14008205c97d0bc36a48d", 0x11e}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000440)={0x1, 0x80, 0x82, 0x81, 0xfe, 0x9, 0x0, 0x8, 0x25882, 0xc, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x8000, 0x0, @perf_config_ext={0x1ff, 0x9}, 0x824, 0x5, 0x20, 0x9, 0x200, 0x200, 0x0, 0x0, 0x8, 0x0, 0x2}, 0x0, 0x6, 0xffffffffffffffff, 0x4) openat$snapshot(0xffffffffffffff9c, &(0x7f00000001c0), 0x301c03, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x8001) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xb) fsconfig$FSCONFIG_SET_FD(0xffffffffffffffff, 0x5, &(0x7f0000000380)=']p\"\xae\x06\xc40\x1a\x1a\\\x9e\x8a\x17@)#\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x004I\x1c4P\x0e\xc4!\xc9\xece\x84\x85\xf2\xdb\xd3\xa7_\xe5\x95\x04\xdae\xca\xfd\xe2\xd1\xc5\x13\xf3u\xea\xc0\xb5b[\x9adH~\n\xe1\x86\x1f\xe7s\x04\xe8\xf2$\xae\xa8\xe7\xbd\x05\xb0B\xf2\x9cp\xc73\x9db\xc4\xe8EC\xbd\xc9\xf8\x0e\xd7\x1b\x11\xaf\xbf0x0, &(0x7f0000000040)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x9, 0x0, 0x0}, 0x0) io_uring_enter(r0, 0x64d0, 0x0, 0x0, 0x0, 0x0) 12:41:33 executing program 0: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fffffff}]}) syz_mount_image$ext4(0x0, &(0x7f0000000200)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) lchown(&(0x7f0000000080)='./file1\x00', 0xee01, 0xee00) 12:41:33 executing program 6: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x2, 0x0) pwrite64(r0, &(0x7f00000000c0)='9', 0x1, 0x8040000) r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x4042, 0x0) fallocate(r1, 0x3, 0x0, 0x4000) writev(r0, &(0x7f0000000000)=[{&(0x7f0000000140)='Z', 0x1}], 0x1) 12:41:33 executing program 2: socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) sendto(r0, &(0x7f0000000040)="ae", 0x1, 0x881, 0x0, 0x0) recvfrom(r1, 0x0, 0x0, 0x20012003, 0x0, 0x0) 12:41:33 executing program 3: unshare(0x4020000) execveat(0xffffffffffffffff, &(0x7f0000000000)='./file1\x00', 0x0, 0x0, 0x0) 12:41:33 executing program 4: r0 = fsopen(&(0x7f0000000000)='ramfs\x00', 0x0) fsconfig$FSCONFIG_SET_PATH_EMPTY(r0, 0x4, &(0x7f0000000040)='ramfs\x00', &(0x7f0000000080)='./file0\x00', 0xffffffffffffff9c) 12:41:33 executing program 1: r0 = syz_io_uring_setup(0x51dc, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000000000)=0x0, &(0x7f0000000040)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x9, 0x0, 0x0}, 0x0) io_uring_enter(r0, 0x64d0, 0x0, 0x0, 0x0, 0x0) 12:41:33 executing program 0: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fffffff}]}) syz_mount_image$ext4(0x0, &(0x7f0000000200)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) lchown(&(0x7f0000000080)='./file1\x00', 0xee01, 0xee00) 12:41:33 executing program 6: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$netlink(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000000)={0x18, 0x58, 0x1, 0x0, 0x0, "", [@generic="006f75b66e"]}, 0x18}], 0x1}, 0x0) 12:41:33 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000008f40)={0x2, &(0x7f0000008f00)=[{0x15}, {0x6}]}) openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) 12:41:33 executing program 7: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000008f40)={0x2, &(0x7f0000008f00)=[{0x15}, {0x6}]}) openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) [ 147.320189] audit: type=1326 audit(1667306493.842:16): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=4306 comm="syz-executor.7" exe="/syz-executor.7" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f7b5bf3db19 code=0x0 [ 147.337069] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.6'. [ 147.349356] audit: type=1326 audit(1667306493.871:17): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=4313 comm="syz-executor.5" exe="/syz-executor.5" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f5a7d2c1b19 code=0x0 12:41:33 executing program 1: r0 = syz_io_uring_setup(0x51dc, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000000000)=0x0, &(0x7f0000000040)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x9, 0x0, 0x0}, 0x0) io_uring_enter(r0, 0x64d0, 0x0, 0x0, 0x0, 0x0) 12:41:33 executing program 3: r0 = socket$inet6(0xa, 0x1, 0x0) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x14, &(0x7f0000000080), 0x4) 12:41:33 executing program 2: perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_procfs(0x0, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getdents64(0xffffffffffffffff, &(0x7f0000000600)=""/148, 0x94) r0 = syz_open_procfs(0x0, &(0x7f0000000f00)='mountinfo\x00') read$hiddev(r0, &(0x7f0000000040)=""/169, 0x200000e9) memfd_secret(0x80000) ioctl$VT_DISALLOCATE(0xffffffffffffffff, 0x5608) ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(0xffffffffffffffff, 0xc0189375, &(0x7f0000000480)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES16, @ANYBLOB="00000000000000002e2f66696c6531c92698cd002f00"]) ioctl$TCSETAW(0xffffffffffffffff, 0x5407, &(0x7f0000000000)={0x1000, 0x0, 0x0, 0x0, 0x10, "ddab93e1adcbd470"}) ioctl$VT_DISALLOCATE(0xffffffffffffffff, 0x5608) 12:41:33 executing program 4: r0 = fsopen(&(0x7f0000000000)='ramfs\x00', 0x0) fsconfig$FSCONFIG_SET_PATH_EMPTY(r0, 0x4, &(0x7f0000000040)='ramfs\x00', &(0x7f0000000080)='./file0\x00', 0xffffffffffffff9c) 12:41:33 executing program 6: r0 = socket$packet(0x11, 0x3, 0x300) bind$packet(r0, &(0x7f0000000900)={0x11, 0x1}, 0x14) 12:41:33 executing program 0: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fffffff}]}) syz_mount_image$ext4(0x0, &(0x7f0000000200)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) lchown(&(0x7f0000000080)='./file1\x00', 0xee01, 0xee00) 12:41:33 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x42, 0x0) write$binfmt_aout(r0, &(0x7f0000000280), 0x20) ioctl$FS_IOC_FIEMAP(r0, 0xc020660b, &(0x7f0000000180)={0x0, 0x4, 0x1}) 12:41:34 executing program 1: r0 = syz_io_uring_setup(0x51dc, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000000000)=0x0, &(0x7f0000000040)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x9, 0x0, 0x0}, 0x0) io_uring_enter(r0, 0x64d0, 0x0, 0x0, 0x0, 0x0) 12:41:34 executing program 6: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000700)={0x14, 0x8, 0x4, 0x801}, 0x14}}, 0x0) 12:41:34 executing program 4: r0 = fsopen(&(0x7f0000000000)='ramfs\x00', 0x0) fsconfig$FSCONFIG_SET_PATH_EMPTY(r0, 0x4, &(0x7f0000000040)='ramfs\x00', &(0x7f0000000080)='./file0\x00', 0xffffffffffffff9c) 12:41:34 executing program 3: r0 = socket$inet6(0xa, 0x1, 0x0) getsockopt$IP6T_SO_GET_INFO(r0, 0x29, 0x49, 0x0, &(0x7f00000000c0)) 12:41:34 executing program 0: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x9c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) open_by_handle_at(0xffffffffffffffff, 0x0, 0x0) 12:41:34 executing program 1: perf_event_open(&(0x7f0000000080)={0x2, 0x92, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x10) r0 = syz_open_procfs(0xffffffffffffffff, 0x0) preadv(0xffffffffffffffff, &(0x7f0000000200), 0x0, 0x0, 0x0) write(r0, 0x0, 0x0) perf_event_open(&(0x7f0000001840)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) vmsplice(r2, &(0x7f0000000100)=[{&(0x7f0000000140)="84", 0x20000141}], 0x1, 0x0) write$binfmt_script(r2, &(0x7f0000000040)={'#! ', './file0', [{0x20, '@,'}, {0x20, '\\$\x19&!\xb2(}'}, {}, {}], 0xa, "d005a8edff0362a8c8170f0a990844da0cbbb2c736321267ade8bec8377c645e8254d15f64"}, 0x3e) write$P9_RMKDIR(r2, &(0x7f0000000000)={0x14}, 0x14) fcntl$setpipe(r1, 0x407, 0x10001) 12:41:34 executing program 6: utimensat(0xffffffffffffffff, &(0x7f0000000140)='./cgroup/cgroup.procs\x00', 0x0, 0xabc12a54a6320d65) 12:41:34 executing program 2: perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_procfs(0x0, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getdents64(0xffffffffffffffff, &(0x7f0000000600)=""/148, 0x94) r0 = syz_open_procfs(0x0, &(0x7f0000000f00)='mountinfo\x00') read$hiddev(r0, &(0x7f0000000040)=""/169, 0x200000e9) memfd_secret(0x80000) ioctl$VT_DISALLOCATE(0xffffffffffffffff, 0x5608) ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(0xffffffffffffffff, 0xc0189375, &(0x7f0000000480)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES16, @ANYBLOB="00000000000000002e2f66696c6531c92698cd002f00"]) ioctl$TCSETAW(0xffffffffffffffff, 0x5407, &(0x7f0000000000)={0x1000, 0x0, 0x0, 0x0, 0x10, "ddab93e1adcbd470"}) ioctl$VT_DISALLOCATE(0xffffffffffffffff, 0x5608) 12:41:34 executing program 7: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) read(0xffffffffffffffff, 0x0, 0x0) socket$inet_udp(0x2, 0x2, 0x0) ioctl$RTC_IRQP_SET(0xffffffffffffffff, 0x4008700c, 0x0) r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xb) r1 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r1, 0xc0481273, &(0x7f0000000000)={'\x00', 0x3e, 0x1, 0xd6c2, 0x0, 0x2}) r2 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$inet_mreqn(r2, 0x0, 0x23, &(0x7f0000000080)={@multicast2, @dev}, 0xc) setsockopt$inet_mreqn(r2, 0x0, 0x24, &(0x7f0000000180)={@multicast2, @private}, 0xc) r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1000002, 0x401a012, r3, 0x0) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r3, 0xc0189373, &(0x7f0000000140)={{0x1, 0x1, 0x18, r0, {0xfffff801}}, './file1\x00'}) getsockopt$inet_IP_XFRM_POLICY(r4, 0x0, 0x11, &(0x7f0000000300)={{{@in6=@dev, @in6=@ipv4={""/10, ""/2, @initdev}}}, {{@in6=@mcast1}, 0x0, @in=@empty}}, 0x0) ioctl$BLKTRACETEARDOWN(r1, 0x1276, 0x0) 12:41:34 executing program 3: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x9d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) utimes(0x0, 0x0) 12:41:34 executing program 5: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x77, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) close(r0) 12:41:34 executing program 6: r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000000100)=0x0, &(0x7f0000000380)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000000c0)=@IORING_OP_FSYNC, 0x3988) io_uring_enter(r0, 0x59e3, 0x0, 0x0, 0x0, 0x0) [ 148.307820] blktrace: Concurrent blktraces are not allowed on sg0 12:41:34 executing program 0: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x9c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) open_by_handle_at(0xffffffffffffffff, 0x0, 0x0) 12:41:34 executing program 1: perf_event_open(&(0x7f0000000080)={0x2, 0x92, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x10) r0 = syz_open_procfs(0xffffffffffffffff, 0x0) preadv(0xffffffffffffffff, &(0x7f0000000200), 0x0, 0x0, 0x0) write(r0, 0x0, 0x0) perf_event_open(&(0x7f0000001840)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) vmsplice(r2, &(0x7f0000000100)=[{&(0x7f0000000140)="84", 0x20000141}], 0x1, 0x0) write$binfmt_script(r2, &(0x7f0000000040)={'#! ', './file0', [{0x20, '@,'}, {0x20, '\\$\x19&!\xb2(}'}, {}, {}], 0xa, "d005a8edff0362a8c8170f0a990844da0cbbb2c736321267ade8bec8377c645e8254d15f64"}, 0x3e) write$P9_RMKDIR(r2, &(0x7f0000000000)={0x14}, 0x14) fcntl$setpipe(r1, 0x407, 0x10001) 12:41:34 executing program 4: r0 = fsopen(&(0x7f0000000000)='ramfs\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0) r1 = fsmount(r0, 0x0, 0x0) mknodat$null(r1, &(0x7f0000000040)='./file0\x00', 0x2000, 0x103) 12:41:34 executing program 5: r0 = syz_open_dev$loop(&(0x7f0000000180), 0x478ebb03, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) ioctl$LOOP_SET_FD(r0, 0x40081271, r1) 12:41:34 executing program 3: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x9d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) utimes(0x0, 0x0) 12:41:34 executing program 2: perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_procfs(0x0, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getdents64(0xffffffffffffffff, &(0x7f0000000600)=""/148, 0x94) r0 = syz_open_procfs(0x0, &(0x7f0000000f00)='mountinfo\x00') read$hiddev(r0, &(0x7f0000000040)=""/169, 0x200000e9) memfd_secret(0x80000) ioctl$VT_DISALLOCATE(0xffffffffffffffff, 0x5608) ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(0xffffffffffffffff, 0xc0189375, &(0x7f0000000480)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES16, @ANYBLOB="00000000000000002e2f66696c6531c92698cd002f00"]) ioctl$TCSETAW(0xffffffffffffffff, 0x5407, &(0x7f0000000000)={0x1000, 0x0, 0x0, 0x0, 0x10, "ddab93e1adcbd470"}) ioctl$VT_DISALLOCATE(0xffffffffffffffff, 0x5608) 12:41:35 executing program 6: r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000000100)=0x0, &(0x7f0000000380)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000000c0)=@IORING_OP_FSYNC, 0x3988) io_uring_enter(r0, 0x59e3, 0x0, 0x0, 0x0, 0x0) VM DIAGNOSIS: 12:41:26 Registers: info registers vcpu 0 RAX=0000000000000039 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff82451491 RDI=ffffffff879a19e0 RBP=ffffffff879a19a0 RSP=ffff8880420d7530 R8 =0000000000000001 R9 =000000000000000a R10=0000000000000039 R11=0000000000000001 R12=0000000000000039 R13=ffffffff879a19a0 R14=0000000000000010 R15=ffffffff82451480 RIP=ffffffff824514e9 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 00007fc5a604a700 00000000 00000000 GS =0000 ffff88806d000000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe4c638f8000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe4c638f6000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=ffffed100fffc000 CR3=00000000169de000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001fa0 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=00000000000000000000000000000000 XMM01=6fbd62a3f1ee3321255c30da55119567 XMM02=a8e66938b365aa5c806e64f849f11955 XMM03=66d52220ddc1b9df67b4c1dfa518374c XMM04=0a29307830202c323430313031783020 XMM05=615f656c646e61685f79625f6e65706f XMM06=30303030663778302826202c30722874 XMM07=666e5f68706563403d29303431303030 XMM08=2e273d29303031303030303030306637 XMM09=317830202c273030785c31656c69662f XMM10=6e65706f0a29307830202c3234303130 XMM11=30722874615f656c646e61685f79625f XMM12=3130303030303030663778302826202c XMM13=6f635f73666e5f68706563403d293034 XMM14=202c327830202c303178307b3d68666e XMM15=0a293735327830202c7d7d383278307b info registers vcpu 1 RAX=000000000000000e RBX=ffffed1003d02edb RCX=0000000000000000 RDX=0000000000000000 RSI=0000000000000000 RDI=ffffffff8590bbd0 RBP=ffff888007c4f780 RSP=ffff88801e8176d8 R8 =0000000000000000 R9 =ffffffff8590bbd7 R10=0000000000000000 R11=0000000000000001 R12=0000000000092cc0 R13=0000000000092cc0 R14=0000000000092cc0 R15=0000000000000000 RIP=ffffffff8137621e RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 00007f98660eb8c0 00000000 00000000 GS =0000 ffff88806d100000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe7786d9f000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe7786d9d000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007f9866503ae0 CR3=000000001e25c000 CR4=00350ee0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=ffffffffffffffff0000000000000000 XMM01=00007f986666ac0033706f6f6c2f2e2e XMM02=ffffffffff0f0e0d0c0b0a0908070605 XMM03=0000000000ff0000000000ff000000ff XMM04=2f2f2f2f2f2f2f2f2f2f2f2f2f2f2f2f XMM05=ffffffffffff00000000000000000000 XMM06=00000000000065616124242f6867632f XMM07=00000000000000000000000000000000 XMM08=75253a75252f73252f7665642f007261 XMM09=00000000000000000000000000000000 XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000