Warning: Permanently added '[localhost]:30711' (ECDSA) to the list of known hosts. 2023/03/27 12:42:21 fuzzer started 2023/03/27 12:42:21 dialing manager at localhost:45291 syzkaller login: [ 34.706247] cgroup: Unknown subsys name 'net' [ 34.791044] cgroup: Unknown subsys name 'rlimit' 2023/03/27 12:42:34 syscalls: 2217 2023/03/27 12:42:34 code coverage: enabled 2023/03/27 12:42:34 comparison tracing: enabled 2023/03/27 12:42:34 extra coverage: enabled 2023/03/27 12:42:34 setuid sandbox: enabled 2023/03/27 12:42:34 namespace sandbox: enabled 2023/03/27 12:42:34 Android sandbox: enabled 2023/03/27 12:42:34 fault injection: enabled 2023/03/27 12:42:34 leak checking: enabled 2023/03/27 12:42:34 net packet injection: enabled 2023/03/27 12:42:34 net device setup: enabled 2023/03/27 12:42:34 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2023/03/27 12:42:34 devlink PCI setup: PCI device 0000:00:10.0 is not available 2023/03/27 12:42:34 USB emulation: enabled 2023/03/27 12:42:34 hci packet injection: enabled 2023/03/27 12:42:34 wifi device emulation: enabled 2023/03/27 12:42:34 802.15.4 emulation: enabled 2023/03/27 12:42:34 fetching corpus: 0, signal 0/2000 (executing program) 2023/03/27 12:42:34 fetching corpus: 50, signal 25925/29580 (executing program) 2023/03/27 12:42:34 fetching corpus: 100, signal 38393/43603 (executing program) 2023/03/27 12:42:34 fetching corpus: 150, signal 53835/60336 (executing program) 2023/03/27 12:42:35 fetching corpus: 200, signal 64867/72572 (executing program) 2023/03/27 12:42:35 fetching corpus: 250, signal 71385/80344 (executing program) 2023/03/27 12:42:35 fetching corpus: 300, signal 77219/87387 (executing program) 2023/03/27 12:42:35 fetching corpus: 350, signal 82833/94117 (executing program) 2023/03/27 12:42:35 fetching corpus: 400, signal 88393/100742 (executing program) 2023/03/27 12:42:35 fetching corpus: 450, signal 95112/108330 (executing program) 2023/03/27 12:42:35 fetching corpus: 500, signal 98701/112910 (executing program) 2023/03/27 12:42:35 fetching corpus: 550, signal 103536/118653 (executing program) 2023/03/27 12:42:36 fetching corpus: 600, signal 107563/123580 (executing program) 2023/03/27 12:42:36 fetching corpus: 650, signal 111305/128193 (executing program) 2023/03/27 12:42:36 fetching corpus: 700, signal 114640/132351 (executing program) 2023/03/27 12:42:36 fetching corpus: 750, signal 117252/135842 (executing program) 2023/03/27 12:42:36 fetching corpus: 800, signal 119061/138633 (executing program) 2023/03/27 12:42:36 fetching corpus: 850, signal 121656/142044 (executing program) 2023/03/27 12:42:36 fetching corpus: 900, signal 123655/144900 (executing program) 2023/03/27 12:42:37 fetching corpus: 950, signal 126939/148768 (executing program) 2023/03/27 12:42:37 fetching corpus: 1000, signal 129540/152054 (executing program) 2023/03/27 12:42:37 fetching corpus: 1050, signal 131868/155076 (executing program) 2023/03/27 12:42:37 fetching corpus: 1100, signal 133493/157522 (executing program) 2023/03/27 12:42:37 fetching corpus: 1150, signal 135310/160095 (executing program) 2023/03/27 12:42:37 fetching corpus: 1200, signal 137365/162835 (executing program) 2023/03/27 12:42:37 fetching corpus: 1250, signal 139797/165836 (executing program) 2023/03/27 12:42:37 fetching corpus: 1300, signal 142365/168899 (executing program) 2023/03/27 12:42:38 fetching corpus: 1350, signal 144340/171464 (executing program) 2023/03/27 12:42:38 fetching corpus: 1400, signal 145993/173761 (executing program) 2023/03/27 12:42:38 fetching corpus: 1450, signal 147320/175744 (executing program) 2023/03/27 12:42:38 fetching corpus: 1500, signal 148709/177762 (executing program) 2023/03/27 12:42:38 fetching corpus: 1550, signal 150539/180098 (executing program) 2023/03/27 12:42:38 fetching corpus: 1600, signal 151867/182022 (executing program) 2023/03/27 12:42:38 fetching corpus: 1650, signal 152600/183503 (executing program) 2023/03/27 12:42:38 fetching corpus: 1700, signal 155315/186408 (executing program) 2023/03/27 12:42:38 fetching corpus: 1750, signal 156341/188035 (executing program) 2023/03/27 12:42:39 fetching corpus: 1800, signal 158414/190366 (executing program) 2023/03/27 12:42:39 fetching corpus: 1850, signal 159714/192178 (executing program) 2023/03/27 12:42:39 fetching corpus: 1900, signal 160747/193783 (executing program) 2023/03/27 12:42:39 fetching corpus: 1950, signal 162098/195588 (executing program) 2023/03/27 12:42:39 fetching corpus: 2000, signal 163288/197285 (executing program) 2023/03/27 12:42:39 fetching corpus: 2050, signal 164841/199158 (executing program) 2023/03/27 12:42:39 fetching corpus: 2100, signal 166459/201050 (executing program) 2023/03/27 12:42:39 fetching corpus: 2150, signal 167569/202653 (executing program) 2023/03/27 12:42:39 fetching corpus: 2200, signal 169447/204778 (executing program) 2023/03/27 12:42:40 fetching corpus: 2250, signal 170718/206438 (executing program) 2023/03/27 12:42:40 fetching corpus: 2300, signal 172221/208226 (executing program) 2023/03/27 12:42:40 fetching corpus: 2350, signal 173383/209754 (executing program) 2023/03/27 12:42:40 fetching corpus: 2400, signal 174565/211300 (executing program) 2023/03/27 12:42:40 fetching corpus: 2450, signal 175594/212699 (executing program) 2023/03/27 12:42:40 fetching corpus: 2500, signal 176709/214161 (executing program) 2023/03/27 12:42:40 fetching corpus: 2550, signal 177851/215598 (executing program) 2023/03/27 12:42:40 fetching corpus: 2600, signal 178835/216932 (executing program) 2023/03/27 12:42:41 fetching corpus: 2650, signal 179526/218102 (executing program) 2023/03/27 12:42:41 fetching corpus: 2700, signal 180482/219397 (executing program) 2023/03/27 12:42:41 fetching corpus: 2750, signal 181002/220436 (executing program) 2023/03/27 12:42:41 fetching corpus: 2800, signal 181727/221550 (executing program) 2023/03/27 12:42:41 fetching corpus: 2850, signal 182741/222842 (executing program) 2023/03/27 12:42:41 fetching corpus: 2900, signal 183896/224183 (executing program) 2023/03/27 12:42:41 fetching corpus: 2950, signal 184734/225313 (executing program) 2023/03/27 12:42:41 fetching corpus: 3000, signal 185476/226347 (executing program) 2023/03/27 12:42:41 fetching corpus: 3050, signal 186631/227684 (executing program) 2023/03/27 12:42:42 fetching corpus: 3100, signal 187616/228922 (executing program) 2023/03/27 12:42:42 fetching corpus: 3150, signal 188908/230300 (executing program) 2023/03/27 12:42:42 fetching corpus: 3200, signal 189500/231281 (executing program) 2023/03/27 12:42:42 fetching corpus: 3250, signal 190288/232293 (executing program) 2023/03/27 12:42:42 fetching corpus: 3300, signal 191249/233434 (executing program) 2023/03/27 12:42:42 fetching corpus: 3350, signal 192111/234480 (executing program) 2023/03/27 12:42:42 fetching corpus: 3400, signal 193352/235740 (executing program) 2023/03/27 12:42:42 fetching corpus: 3450, signal 193921/236633 (executing program) 2023/03/27 12:42:43 fetching corpus: 3500, signal 194624/237587 (executing program) 2023/03/27 12:42:43 fetching corpus: 3550, signal 195533/238679 (executing program) 2023/03/27 12:42:43 fetching corpus: 3600, signal 196580/239828 (executing program) 2023/03/27 12:42:43 fetching corpus: 3650, signal 198464/241285 (executing program) 2023/03/27 12:42:43 fetching corpus: 3700, signal 199173/242206 (executing program) 2023/03/27 12:42:43 fetching corpus: 3750, signal 200001/243134 (executing program) 2023/03/27 12:42:43 fetching corpus: 3800, signal 200704/244036 (executing program) 2023/03/27 12:42:43 fetching corpus: 3850, signal 201385/244928 (executing program) 2023/03/27 12:42:44 fetching corpus: 3900, signal 202166/245823 (executing program) 2023/03/27 12:42:44 fetching corpus: 3950, signal 202874/246622 (executing program) 2023/03/27 12:42:44 fetching corpus: 4000, signal 204401/247798 (executing program) 2023/03/27 12:42:44 fetching corpus: 4050, signal 205268/248689 (executing program) 2023/03/27 12:42:44 fetching corpus: 4100, signal 206145/249572 (executing program) 2023/03/27 12:42:44 fetching corpus: 4150, signal 206716/250288 (executing program) 2023/03/27 12:42:44 fetching corpus: 4200, signal 207355/251053 (executing program) 2023/03/27 12:42:44 fetching corpus: 4250, signal 208462/251993 (executing program) 2023/03/27 12:42:45 fetching corpus: 4300, signal 209328/252867 (executing program) 2023/03/27 12:42:45 fetching corpus: 4350, signal 210020/253598 (executing program) 2023/03/27 12:42:45 fetching corpus: 4400, signal 210485/254246 (executing program) 2023/03/27 12:42:45 fetching corpus: 4450, signal 211302/254988 (executing program) 2023/03/27 12:42:45 fetching corpus: 4500, signal 211990/255721 (executing program) 2023/03/27 12:42:45 fetching corpus: 4550, signal 212906/256537 (executing program) 2023/03/27 12:42:45 fetching corpus: 4600, signal 213622/257269 (executing program) 2023/03/27 12:42:46 fetching corpus: 4650, signal 213955/257833 (executing program) 2023/03/27 12:42:46 fetching corpus: 4700, signal 214822/258588 (executing program) 2023/03/27 12:42:46 fetching corpus: 4750, signal 215486/259258 (executing program) 2023/03/27 12:42:46 fetching corpus: 4800, signal 216083/259905 (executing program) 2023/03/27 12:42:46 fetching corpus: 4850, signal 216530/260481 (executing program) 2023/03/27 12:42:46 fetching corpus: 4900, signal 217238/261158 (executing program) 2023/03/27 12:42:46 fetching corpus: 4950, signal 217671/261731 (executing program) 2023/03/27 12:42:46 fetching corpus: 5000, signal 218307/262364 (executing program) 2023/03/27 12:42:46 fetching corpus: 5050, signal 218928/262932 (executing program) 2023/03/27 12:42:47 fetching corpus: 5100, signal 219612/263562 (executing program) 2023/03/27 12:42:47 fetching corpus: 5150, signal 220218/264161 (executing program) 2023/03/27 12:42:47 fetching corpus: 5200, signal 220729/264707 (executing program) 2023/03/27 12:42:47 fetching corpus: 5250, signal 221245/265283 (executing program) 2023/03/27 12:42:47 fetching corpus: 5300, signal 221941/265858 (executing program) 2023/03/27 12:42:47 fetching corpus: 5350, signal 222502/266422 (executing program) 2023/03/27 12:42:47 fetching corpus: 5400, signal 223083/266922 (executing program) 2023/03/27 12:42:48 fetching corpus: 5450, signal 223824/267505 (executing program) 2023/03/27 12:42:48 fetching corpus: 5500, signal 224220/267966 (executing program) 2023/03/27 12:42:48 fetching corpus: 5550, signal 224787/268480 (executing program) 2023/03/27 12:42:48 fetching corpus: 5600, signal 225242/268938 (executing program) 2023/03/27 12:42:48 fetching corpus: 5650, signal 226012/269417 (executing program) 2023/03/27 12:42:48 fetching corpus: 5700, signal 226666/269940 (executing program) 2023/03/27 12:42:48 fetching corpus: 5750, signal 227213/270439 (executing program) 2023/03/27 12:42:48 fetching corpus: 5800, signal 227757/270882 (executing program) 2023/03/27 12:42:49 fetching corpus: 5850, signal 228404/271334 (executing program) 2023/03/27 12:42:49 fetching corpus: 5900, signal 228757/271756 (executing program) 2023/03/27 12:42:49 fetching corpus: 5950, signal 229240/272193 (executing program) 2023/03/27 12:42:49 fetching corpus: 6000, signal 229550/272575 (executing program) 2023/03/27 12:42:49 fetching corpus: 6050, signal 230016/272962 (executing program) 2023/03/27 12:42:49 fetching corpus: 6100, signal 230523/273320 (executing program) 2023/03/27 12:42:49 fetching corpus: 6150, signal 230877/273687 (executing program) 2023/03/27 12:42:49 fetching corpus: 6200, signal 231335/274055 (executing program) 2023/03/27 12:42:50 fetching corpus: 6250, signal 231834/274411 (executing program) 2023/03/27 12:42:50 fetching corpus: 6300, signal 232366/274784 (executing program) 2023/03/27 12:42:50 fetching corpus: 6350, signal 232805/275162 (executing program) 2023/03/27 12:42:50 fetching corpus: 6400, signal 233502/275523 (executing program) 2023/03/27 12:42:50 fetching corpus: 6450, signal 234079/275891 (executing program) 2023/03/27 12:42:50 fetching corpus: 6500, signal 234809/276277 (executing program) 2023/03/27 12:42:50 fetching corpus: 6550, signal 235248/276649 (executing program) 2023/03/27 12:42:50 fetching corpus: 6600, signal 235605/277012 (executing program) 2023/03/27 12:42:51 fetching corpus: 6650, signal 236136/277301 (executing program) 2023/03/27 12:42:51 fetching corpus: 6700, signal 236693/277626 (executing program) 2023/03/27 12:42:51 fetching corpus: 6750, signal 237119/277935 (executing program) 2023/03/27 12:42:51 fetching corpus: 6800, signal 237436/278263 (executing program) 2023/03/27 12:42:51 fetching corpus: 6850, signal 237889/278565 (executing program) 2023/03/27 12:42:51 fetching corpus: 6900, signal 238400/278876 (executing program) 2023/03/27 12:42:51 fetching corpus: 6950, signal 238862/279001 (executing program) 2023/03/27 12:42:51 fetching corpus: 7000, signal 239285/279001 (executing program) 2023/03/27 12:42:51 fetching corpus: 7050, signal 239776/279001 (executing program) 2023/03/27 12:42:52 fetching corpus: 7100, signal 240404/279001 (executing program) 2023/03/27 12:42:52 fetching corpus: 7150, signal 240970/279001 (executing program) 2023/03/27 12:42:52 fetching corpus: 7200, signal 241660/279002 (executing program) 2023/03/27 12:42:52 fetching corpus: 7250, signal 241933/279002 (executing program) 2023/03/27 12:42:52 fetching corpus: 7300, signal 242377/279002 (executing program) 2023/03/27 12:42:52 fetching corpus: 7350, signal 242882/279002 (executing program) 2023/03/27 12:42:52 fetching corpus: 7400, signal 243419/279002 (executing program) 2023/03/27 12:42:52 fetching corpus: 7450, signal 243781/279002 (executing program) 2023/03/27 12:42:53 fetching corpus: 7500, signal 244112/279002 (executing program) 2023/03/27 12:42:53 fetching corpus: 7550, signal 244584/279002 (executing program) 2023/03/27 12:42:53 fetching corpus: 7600, signal 245055/279004 (executing program) 2023/03/27 12:42:53 fetching corpus: 7650, signal 245439/279004 (executing program) 2023/03/27 12:42:53 fetching corpus: 7700, signal 245855/279004 (executing program) 2023/03/27 12:42:53 fetching corpus: 7750, signal 246221/279004 (executing program) 2023/03/27 12:42:53 fetching corpus: 7800, signal 246514/279004 (executing program) 2023/03/27 12:42:53 fetching corpus: 7850, signal 246915/279004 (executing program) 2023/03/27 12:42:53 fetching corpus: 7900, signal 247492/279014 (executing program) 2023/03/27 12:42:54 fetching corpus: 7950, signal 248046/279014 (executing program) 2023/03/27 12:42:54 fetching corpus: 8000, signal 248413/279014 (executing program) 2023/03/27 12:42:54 fetching corpus: 8050, signal 248942/279014 (executing program) 2023/03/27 12:42:54 fetching corpus: 8100, signal 249297/279014 (executing program) 2023/03/27 12:42:54 fetching corpus: 8150, signal 249661/279014 (executing program) 2023/03/27 12:42:54 fetching corpus: 8200, signal 250034/279014 (executing program) 2023/03/27 12:42:54 fetching corpus: 8250, signal 250305/279014 (executing program) 2023/03/27 12:42:54 fetching corpus: 8300, signal 250736/279016 (executing program) 2023/03/27 12:42:55 fetching corpus: 8350, signal 251092/279016 (executing program) 2023/03/27 12:42:55 fetching corpus: 8400, signal 251477/279016 (executing program) 2023/03/27 12:42:55 fetching corpus: 8450, signal 251917/279016 (executing program) 2023/03/27 12:42:55 fetching corpus: 8500, signal 252344/279016 (executing program) 2023/03/27 12:42:55 fetching corpus: 8550, signal 252846/279016 (executing program) 2023/03/27 12:42:55 fetching corpus: 8600, signal 253123/279016 (executing program) 2023/03/27 12:42:55 fetching corpus: 8650, signal 253866/279020 (executing program) 2023/03/27 12:42:55 fetching corpus: 8700, signal 254262/279020 (executing program) 2023/03/27 12:42:56 fetching corpus: 8750, signal 254606/279020 (executing program) 2023/03/27 12:42:56 fetching corpus: 8800, signal 255049/279020 (executing program) 2023/03/27 12:42:56 fetching corpus: 8850, signal 255392/279020 (executing program) 2023/03/27 12:42:56 fetching corpus: 8900, signal 255797/279027 (executing program) 2023/03/27 12:42:56 fetching corpus: 8950, signal 256111/279027 (executing program) 2023/03/27 12:42:56 fetching corpus: 9000, signal 256437/279027 (executing program) 2023/03/27 12:42:56 fetching corpus: 9050, signal 256708/279027 (executing program) 2023/03/27 12:42:56 fetching corpus: 9100, signal 256922/279027 (executing program) 2023/03/27 12:42:57 fetching corpus: 9150, signal 257395/279027 (executing program) 2023/03/27 12:42:57 fetching corpus: 9200, signal 257714/279027 (executing program) 2023/03/27 12:42:57 fetching corpus: 9250, signal 258174/279027 (executing program) 2023/03/27 12:42:57 fetching corpus: 9300, signal 258575/279027 (executing program) 2023/03/27 12:42:57 fetching corpus: 9350, signal 258951/279027 (executing program) 2023/03/27 12:42:57 fetching corpus: 9400, signal 259134/279027 (executing program) 2023/03/27 12:42:57 fetching corpus: 9450, signal 259429/279027 (executing program) 2023/03/27 12:42:57 fetching corpus: 9500, signal 259865/279027 (executing program) 2023/03/27 12:42:57 fetching corpus: 9550, signal 260252/279027 (executing program) 2023/03/27 12:42:58 fetching corpus: 9600, signal 260502/279028 (executing program) 2023/03/27 12:42:58 fetching corpus: 9650, signal 260886/279033 (executing program) 2023/03/27 12:42:58 fetching corpus: 9700, signal 261343/279033 (executing program) 2023/03/27 12:42:58 fetching corpus: 9750, signal 261627/279033 (executing program) 2023/03/27 12:42:58 fetching corpus: 9800, signal 262020/279033 (executing program) 2023/03/27 12:42:58 fetching corpus: 9850, signal 262340/279033 (executing program) 2023/03/27 12:42:58 fetching corpus: 9900, signal 262555/279033 (executing program) 2023/03/27 12:42:58 fetching corpus: 9950, signal 262887/279034 (executing program) 2023/03/27 12:42:59 fetching corpus: 10000, signal 263261/279038 (executing program) 2023/03/27 12:42:59 fetching corpus: 10050, signal 263582/279038 (executing program) 2023/03/27 12:42:59 fetching corpus: 10100, signal 263837/279038 (executing program) 2023/03/27 12:42:59 fetching corpus: 10150, signal 264329/279038 (executing program) 2023/03/27 12:42:59 fetching corpus: 10200, signal 264574/279038 (executing program) 2023/03/27 12:42:59 fetching corpus: 10250, signal 264859/279038 (executing program) 2023/03/27 12:42:59 fetching corpus: 10300, signal 265231/279038 (executing program) 2023/03/27 12:42:59 fetching corpus: 10350, signal 265485/279038 (executing program) 2023/03/27 12:42:59 fetching corpus: 10400, signal 265747/279038 (executing program) 2023/03/27 12:42:59 fetching corpus: 10450, signal 265955/279038 (executing program) 2023/03/27 12:43:00 fetching corpus: 10500, signal 266352/279038 (executing program) 2023/03/27 12:43:00 fetching corpus: 10550, signal 266670/279040 (executing program) 2023/03/27 12:43:00 fetching corpus: 10600, signal 267000/279040 (executing program) 2023/03/27 12:43:00 fetching corpus: 10650, signal 267207/279045 (executing program) 2023/03/27 12:43:00 fetching corpus: 10700, signal 267527/279045 (executing program) 2023/03/27 12:43:00 fetching corpus: 10750, signal 267762/279045 (executing program) 2023/03/27 12:43:00 fetching corpus: 10800, signal 268068/279045 (executing program) 2023/03/27 12:43:00 fetching corpus: 10850, signal 268408/279045 (executing program) 2023/03/27 12:43:01 fetching corpus: 10900, signal 268733/279045 (executing program) 2023/03/27 12:43:01 fetching corpus: 10950, signal 268984/279050 (executing program) 2023/03/27 12:43:01 fetching corpus: 11000, signal 269184/279050 (executing program) 2023/03/27 12:43:01 fetching corpus: 11050, signal 269450/279066 (executing program) 2023/03/27 12:43:01 fetching corpus: 11100, signal 269831/279066 (executing program) 2023/03/27 12:43:01 fetching corpus: 11150, signal 270410/279066 (executing program) 2023/03/27 12:43:01 fetching corpus: 11200, signal 270761/279066 (executing program) 2023/03/27 12:43:01 fetching corpus: 11250, signal 270923/279066 (executing program) 2023/03/27 12:43:02 fetching corpus: 11300, signal 271137/279066 (executing program) 2023/03/27 12:43:02 fetching corpus: 11350, signal 271444/279066 (executing program) 2023/03/27 12:43:02 fetching corpus: 11400, signal 271656/279066 (executing program) 2023/03/27 12:43:02 fetching corpus: 11450, signal 272068/279066 (executing program) 2023/03/27 12:43:02 fetching corpus: 11500, signal 272229/279066 (executing program) 2023/03/27 12:43:02 fetching corpus: 11550, signal 272483/279066 (executing program) 2023/03/27 12:43:02 fetching corpus: 11600, signal 272715/279067 (executing program) 2023/03/27 12:43:02 fetching corpus: 11650, signal 272938/279067 (executing program) 2023/03/27 12:43:02 fetching corpus: 11700, signal 273326/279067 (executing program) 2023/03/27 12:43:03 fetching corpus: 11750, signal 273720/279070 (executing program) 2023/03/27 12:43:03 fetching corpus: 11800, signal 273998/279070 (executing program) 2023/03/27 12:43:03 fetching corpus: 11850, signal 274290/279081 (executing program) 2023/03/27 12:43:03 fetching corpus: 11900, signal 274649/279081 (executing program) 2023/03/27 12:43:03 fetching corpus: 11950, signal 274990/279081 (executing program) 2023/03/27 12:43:03 fetching corpus: 12000, signal 275220/279081 (executing program) 2023/03/27 12:43:03 fetching corpus: 12050, signal 275526/279081 (executing program) 2023/03/27 12:43:03 fetching corpus: 12085, signal 275654/279081 (executing program) 2023/03/27 12:43:03 fetching corpus: 12085, signal 275654/279081 (executing program) 2023/03/27 12:43:05 starting 8 fuzzer processes 12:43:05 executing program 1: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6_udp(0xa, 0x2, 0x0) r1 = dup(r0) connect$inet6(r1, &(0x7f00000000c0)={0xa, 0x0, 0x0, @mcast2, 0x2}, 0x1c) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f00000018c0)=0x1, 0x4) setsockopt$inet6_tcp_TCP_REPAIR_WINDOW(r2, 0x6, 0x1d, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x4}, 0x14) getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000000140)={0x0}, &(0x7f0000000180)=0xc) r4 = memfd_secret(0x0) perf_event_open(&(0x7f0000000300)={0x1, 0x80, 0x4, 0x2, 0x6, 0x9, 0x0, 0x20, 0x5900, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x40, 0x2, @perf_bp={&(0x7f0000000040), 0x4}, 0x4000, 0x5, 0x9, 0x0, 0x1, 0x10000, 0xe727, 0x0, 0x6, 0x0, 0x9}, r3, 0x1, r4, 0x3) connect$inet6(r1, &(0x7f0000000200)={0xa, 0x4e22, 0x0, @ipv4={'\x00', '\xff\xff', @multicast2}}, 0x1c) sendmmsg$inet6(r1, &(0x7f0000002880), 0x4000101, 0x0) setsockopt$inet6_mtu(r0, 0x29, 0x17, &(0x7f0000000000)=0x2, 0x4) 12:43:05 executing program 3: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000002380), 0x121800, 0x0) ioctl$FIBMAP(r0, 0x127f, 0x0) 12:43:05 executing program 2: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$netlink(r0, &(0x7f0000001480)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000040)={0x20, 0x11, 0x1, 0x0, 0x0, "", [@typed={0x8, 0x0, 0x0, 0x0, @u32=0x5}, @typed={0x8, 0x0, 0x0, 0x0, @u32}]}, 0x20}], 0x1}, 0x0) 12:43:05 executing program 0: timer_create(0x5, &(0x7f0000001100)={0x0, 0x0, 0x0, @thr={0x0, 0x0}}, 0x0) 12:43:05 executing program 7: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000100)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 12:43:06 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) pwritev(r1, &(0x7f0000000080)=[{&(0x7f0000000140)='\x00', 0x1a}], 0x1, 0x7fffffc, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = socket$nl_audit(0x10, 0x3, 0x9) sendfile(r2, r0, 0x0, 0x100000) 12:43:06 executing program 5: r0 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) connect$802154_dgram(r0, &(0x7f00000005c0)={0x24, @long}, 0x11) 12:43:06 executing program 6: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000003c0)={0xffffffffffffffff}) openat$snapshot(0xffffffffffffff9c, &(0x7f0000000480), 0x0, 0x0) syz_open_dev$evdev(&(0x7f0000000040), 0x0, 0x0) close_range(r0, 0xffffffffffffffff, 0x0) [ 78.653910] audit: type=1400 audit(1679920986.026:6): avc: denied { execmem } for pid=261 comm="syz-executor.2" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1 [ 79.900150] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 79.902208] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 79.903526] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 79.904176] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 79.905366] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 79.906205] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 79.906929] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 79.917631] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 79.918337] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 79.918847] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 79.919369] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 79.920110] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 79.924034] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 79.926492] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 79.927236] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 79.927782] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 79.927835] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 79.929719] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 79.931313] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 79.932298] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 79.933181] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 79.934351] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 79.935051] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 79.935103] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 79.935827] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 79.937076] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 79.937110] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 79.938627] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 79.939631] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 79.940865] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 79.942063] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 79.943300] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 79.945919] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 79.945991] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 79.950843] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 79.953218] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 79.982225] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 79.982987] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 79.985314] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 79.987364] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 79.988628] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 79.989341] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 79.993127] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 79.994583] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 79.996946] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 79.999077] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 80.001373] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 80.005344] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 81.957417] Bluetooth: hci3: command 0x0409 tx timeout [ 82.020752] Bluetooth: hci6: command 0x0409 tx timeout [ 82.021430] Bluetooth: hci0: command 0x0409 tx timeout [ 82.021954] Bluetooth: hci4: command 0x0409 tx timeout [ 82.022412] Bluetooth: hci2: command 0x0409 tx timeout [ 82.022907] Bluetooth: hci5: command 0x0409 tx timeout [ 82.023362] Bluetooth: hci7: command 0x0409 tx timeout [ 82.023854] Bluetooth: hci1: command 0x0409 tx timeout [ 84.005269] Bluetooth: hci3: command 0x041b tx timeout [ 84.068863] Bluetooth: hci1: command 0x041b tx timeout [ 84.069291] Bluetooth: hci7: command 0x041b tx timeout [ 84.069696] Bluetooth: hci5: command 0x041b tx timeout [ 84.070059] Bluetooth: hci2: command 0x041b tx timeout [ 84.070419] Bluetooth: hci4: command 0x041b tx timeout [ 84.070822] Bluetooth: hci0: command 0x041b tx timeout [ 84.071185] Bluetooth: hci6: command 0x041b tx timeout [ 86.052706] Bluetooth: hci3: command 0x040f tx timeout [ 86.116771] Bluetooth: hci6: command 0x040f tx timeout [ 86.117193] Bluetooth: hci0: command 0x040f tx timeout [ 86.117571] Bluetooth: hci4: command 0x040f tx timeout [ 86.117973] Bluetooth: hci2: command 0x040f tx timeout [ 86.118323] Bluetooth: hci5: command 0x040f tx timeout [ 86.118691] Bluetooth: hci7: command 0x040f tx timeout [ 86.119053] Bluetooth: hci1: command 0x040f tx timeout [ 88.100787] Bluetooth: hci3: command 0x0419 tx timeout [ 88.164846] Bluetooth: hci1: command 0x0419 tx timeout [ 88.165433] Bluetooth: hci7: command 0x0419 tx timeout [ 88.166431] Bluetooth: hci5: command 0x0419 tx timeout [ 88.167000] Bluetooth: hci2: command 0x0419 tx timeout [ 88.167545] Bluetooth: hci4: command 0x0419 tx timeout [ 88.168096] Bluetooth: hci0: command 0x0419 tx timeout [ 88.168622] Bluetooth: hci6: command 0x0419 tx timeout [ 126.131913] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 126.132538] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 126.133714] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 126.291175] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 126.291823] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 126.293219] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 126.747557] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 126.749285] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 126.752062] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 126.874194] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 126.875520] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 126.879423] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready 12:43:55 executing program 5: syz_mount_image$ext4(0x0, &(0x7f0000000200)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f0000000000)='./file1\x00', &(0x7f0000000040)='sysfs\x00', 0x0, 0x0) umount2(&(0x7f0000000140)='./file1\x00', 0x3) [ 128.059437] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 128.060486] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 128.062902] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready 12:43:55 executing program 5: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) creat(&(0x7f0000000100)='./file0\x00', 0x82) name_to_handle_at(0xffffffffffffff9c, &(0x7f0000000300)='./file0\x00', &(0x7f0000000340)=@orangefs={0x14, 0x1, {"c50a3b6b291d19e0569a555b7d23df9c"}}, &(0x7f0000000380), 0x400) [ 128.283877] audit: type=1400 audit(1679921035.656:7): avc: denied { open } for pid=3802 comm="syz-executor.5" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 [ 128.287569] audit: type=1400 audit(1679921035.656:8): avc: denied { kernel } for pid=3802 comm="syz-executor.5" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 [ 128.311217] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 128.312498] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 128.315115] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready 12:43:55 executing program 5: r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$SG_IO(r0, 0x227a, 0x0) 12:43:55 executing program 7: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) sendmsg$MPTCP_PM_CMD_DEL_ADDR(0xffffffffffffffff, 0x0, 0x40) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) io_uring_setup(0x578, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0x383}) openat$cgroup_procs(0xffffffffffffffff, &(0x7f0000000380)='cgroup.procs\x00', 0x2, 0x0) 12:43:56 executing program 5: r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$SG_IO(r0, 0x227a, 0x0) 12:43:56 executing program 7: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) sendmsg$MPTCP_PM_CMD_DEL_ADDR(0xffffffffffffffff, 0x0, 0x40) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) io_uring_setup(0x578, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0x383}) openat$cgroup_procs(0xffffffffffffffff, &(0x7f0000000380)='cgroup.procs\x00', 0x2, 0x0) 12:43:56 executing program 5: r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$SG_IO(r0, 0x227a, 0x0) 12:43:56 executing program 7: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) sendmsg$MPTCP_PM_CMD_DEL_ADDR(0xffffffffffffffff, 0x0, 0x40) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) io_uring_setup(0x578, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0x383}) openat$cgroup_procs(0xffffffffffffffff, &(0x7f0000000380)='cgroup.procs\x00', 0x2, 0x0) [ 129.521535] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 129.522610] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 129.525542] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 129.682974] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 129.683623] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 129.685401] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 129.755097] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 129.755734] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 129.789670] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 129.910780] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 129.911851] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 129.914481] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 129.988152] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 129.988774] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 129.990122] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 130.118552] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 130.119422] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 130.120975] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 130.204545] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 130.205143] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 130.206721] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 130.266915] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 130.267975] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 130.270241] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 130.843195] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 130.843878] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 130.845327] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 130.866394] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 130.866955] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 130.868217] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 130.990663] hrtimer: interrupt took 18976 ns 12:44:01 executing program 1: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6_udp(0xa, 0x2, 0x0) r1 = dup(r0) connect$inet6(r1, &(0x7f00000000c0)={0xa, 0x0, 0x0, @mcast2, 0x2}, 0x1c) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f00000018c0)=0x1, 0x4) setsockopt$inet6_tcp_TCP_REPAIR_WINDOW(r2, 0x6, 0x1d, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x4}, 0x14) getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000000140)={0x0}, &(0x7f0000000180)=0xc) r4 = memfd_secret(0x0) perf_event_open(&(0x7f0000000300)={0x1, 0x80, 0x4, 0x2, 0x6, 0x9, 0x0, 0x20, 0x5900, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x40, 0x2, @perf_bp={&(0x7f0000000040), 0x4}, 0x4000, 0x5, 0x9, 0x0, 0x1, 0x10000, 0xe727, 0x0, 0x6, 0x0, 0x9}, r3, 0x1, r4, 0x3) connect$inet6(r1, &(0x7f0000000200)={0xa, 0x4e22, 0x0, @ipv4={'\x00', '\xff\xff', @multicast2}}, 0x1c) sendmmsg$inet6(r1, &(0x7f0000002880), 0x4000101, 0x0) setsockopt$inet6_mtu(r0, 0x29, 0x17, &(0x7f0000000000)=0x2, 0x4) 12:44:01 executing program 5: r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$SG_IO(r0, 0x227a, 0x0) 12:44:01 executing program 7: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) sendmsg$MPTCP_PM_CMD_DEL_ADDR(0xffffffffffffffff, 0x0, 0x40) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) io_uring_setup(0x578, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0x383}) openat$cgroup_procs(0xffffffffffffffff, &(0x7f0000000380)='cgroup.procs\x00', 0x2, 0x0) 12:44:01 executing program 6: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) sendmsg$MPTCP_PM_CMD_DEL_ADDR(0xffffffffffffffff, 0x0, 0x40) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) io_uring_setup(0x578, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0x383}) openat$cgroup_procs(0xffffffffffffffff, &(0x7f0000000380)='cgroup.procs\x00', 0x2, 0x0) 12:44:01 executing program 0: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) sendmsg$MPTCP_PM_CMD_DEL_ADDR(0xffffffffffffffff, 0x0, 0x40) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) io_uring_setup(0x578, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0x383}) openat$cgroup_procs(0xffffffffffffffff, &(0x7f0000000380)='cgroup.procs\x00', 0x2, 0x0) 12:44:01 executing program 4: syz_emit_ethernet(0x3e, &(0x7f0000000140)={@local, @dev, @void, {@ipv6={0x86dd, @generic={0x0, 0x6, "b0e0ee", 0x8, 0x2c, 0x0, @private0, @mcast2, {[@routing={0x11, 0x0, 0x0, 0x7}]}}}}}, 0x0) 12:44:01 executing program 3: syz_io_uring_setup(0x6d0f, &(0x7f0000000000), &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffe000/0x2000)=nil, 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup3(r1, r0, 0x0) ioctl$sock_SIOCETHTOOL(r2, 0x8946, &(0x7f0000000080)={'syz_tun\x00', &(0x7f0000000000)=@ethtool_sset_info={0x2}}) 12:44:01 executing program 2: syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_link_key_notify={{0x18, 0x17}, {@fixed, "c1e0fa5e8c9077bfb4fb320b6ce8a13b"}}}, 0x1a) syz_emit_vhci(0x0, 0x0) 12:44:01 executing program 4: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x76, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$inet6_udp_int(r0, 0x11, 0x68, &(0x7f0000000240), 0x3e) 12:44:01 executing program 2: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x77, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff}) bind$unix(r0, &(0x7f0000000100)=@file={0x1, './file0\x00'}, 0x6e) connect$unix(r0, &(0x7f0000000080)=@file={0x1, './file0\x00'}, 0x6e) 12:44:01 executing program 0: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) sendmsg$MPTCP_PM_CMD_DEL_ADDR(0xffffffffffffffff, 0x0, 0x40) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) io_uring_setup(0x578, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0x383}) openat$cgroup_procs(0xffffffffffffffff, &(0x7f0000000380)='cgroup.procs\x00', 0x2, 0x0) 12:44:01 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) fsetxattr$system_posix_acl(r0, &(0x7f0000000440)='system.posix_acl_access\x00', &(0x7f0000001900)=ANY=[@ANYBLOB="02000000010000000000000004000300320c0000200004000000000020"], 0x24, 0x0) 12:44:01 executing program 6: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) sendmsg$MPTCP_PM_CMD_DEL_ADDR(0xffffffffffffffff, 0x0, 0x40) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) io_uring_setup(0x578, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0x383}) openat$cgroup_procs(0xffffffffffffffff, &(0x7f0000000380)='cgroup.procs\x00', 0x2, 0x0) 12:44:01 executing program 4: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc4}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$EVIOCGID(0xffffffffffffffff, 0x80084502, 0x0) r0 = timerfd_create(0x0, 0x80800) readv(r0, &(0x7f00000008c0)=[{&(0x7f0000000640)=""/163, 0xa3}], 0x1) creat(0x0, 0x0) 12:44:02 executing program 5: syz_emit_ethernet(0xbe, &(0x7f0000000040)={@link_local, @remote, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0xb0, 0x0, 0x0, 0x0, 0x29, 0x0, @private=0x9c, @local}, {0x0, 0x0, 0x9c, 0x0, @wg=@initiation={0x220, 0x9c02, "9cdf3f090000000051710000000000000000000000002200", "117ad553083cf29887cf5f29c7a6c95c7558a7482e05b26986482338c4a4807a788dafc8181760316d293733eea7f8d3", "a75e81563131a3cfe7a7f5a39f877d4c3d74923d6412b791b7128fae", {"452bd88da6fe3cce2e1d7da77bb012ba", "e313e602785b0268a2ed03bd928c6509"}}}}}}}, 0x0) 12:44:02 executing program 3: r0 = socket$packet(0x11, 0x2, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000080), 0x4) syz_emit_ethernet(0x2a, &(0x7f0000000000)={@local, @random="7700c24d06a7", @void, {@ipv4={0x800, @igmp={{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x0, 0x6, 0x0, @empty, @private}, {0x0, 0x0, 0x0, @dev}}}}}, 0x0) [ 134.678714] sit: Src spoofed 0.0.0.156/2002:0:29c:0:9cdf:3f09:: -> 172.20.20.170/5171::2200 [ 134.691417] sit: Src spoofed 0.0.0.156/2002:0:29c:0:9cdf:3f09:: -> 172.20.20.170/5171::2200 [ 134.698757] general protection fault, probably for non-canonical address 0xdffffc00040000c8: 0000 [#1] PREEMPT SMP KASAN NOPTI [ 134.700233] KASAN: probably user-memory-access in range [0x0000000020000640-0x0000000020000647] [ 134.701303] CPU: 1 PID: 3984 Comm: syz-executor.4 Not tainted 6.3.0-rc3-next-20230327 #1 [ 134.705004] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 134.705998] RIP: 0010:do_iter_read+0x481/0x750 [ 134.706578] Code: 00 0f 85 52 02 00 00 4d 8b 7c 24 28 e8 48 2c c6 ff 48 8b 44 24 18 80 38 00 0f 85 1c 02 00 00 48 8b 43 18 48 89 c2 48 c1 ea 03 <42> 80 3c 32 00 0f 85 ef 01 00 00 48 8b 4c 24 20 48 8b 30 80 39 00 [ 134.708770] RSP: 0018:ffff888042b47c70 EFLAGS: 00010212 [ 134.709453] RAX: 0000000020000640 RBX: ffff888042b47d58 RCX: ffffc90005610000 [ 134.710361] RDX: 00000000040000c8 RSI: ffffffff81855c98 RDI: 0000000000000007 [ 134.711258] RBP: 00000000000000a3 R08: 0000000000000007 R09: 0000000000000000 [ 134.712151] R10: 00000000000000a3 R11: 0000000000000001 R12: ffff888016132000 [ 134.713054] R13: 0000000000000000 R14: dffffc0000000000 R15: ffffffff84910f40 [ 134.714046] FS: 00007ff795bae700(0000) GS:ffff88806cf00000(0000) knlGS:0000000000000000 [ 134.715040] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 134.715722] CR2: 00007f3cbf159de0 CR3: 000000000f2bc000 CR4: 0000000000350ee0 [ 134.716554] Call Trace: [ 134.716867] [ 134.717150] ? import_iovec+0x87/0xb0 [ 134.717625] vfs_readv+0xe5/0x160 [ 134.718070] ? __pfx_vfs_readv+0x10/0x10 [ 134.718574] ? lock_release+0x1e3/0x680 [ 134.719080] ? __pfx_lock_release+0x10/0x10 [ 134.719621] ? do_futex+0x13a/0x380 [ 134.720086] ? __fget_files+0x270/0x480 [ 134.720578] ? __fget_light+0xe5/0x280 [ 134.721059] do_readv+0x133/0x300 [ 134.721497] ? __pfx_do_readv+0x10/0x10 [ 134.722008] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 134.722658] do_syscall_64+0x3f/0x90 [ 134.723117] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 134.723739] RIP: 0033:0x7ff798638b19 [ 134.724193] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 134.726287] RSP: 002b:00007ff795bae188 EFLAGS: 00000246 ORIG_RAX: 0000000000000013 [ 134.727182] RAX: ffffffffffffffda RBX: 00007ff79874bf60 RCX: 00007ff798638b19 [ 134.728020] RDX: 0000000000000001 RSI: 00000000200008c0 RDI: 0000000000000004 [ 134.728863] RBP: 00007ff798692f6d R08: 0000000000000000 R09: 0000000000000000 [ 134.729699] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 134.730657] R13: 00007fffaf44754f R14: 00007ff795bae300 R15: 0000000000022000 [ 134.731502] [ 134.731788] Modules linked in: [ 134.732248] ---[ end trace 0000000000000000 ]--- [ 134.732833] RIP: 0010:do_iter_read+0x481/0x750 [ 134.733394] Code: 00 0f 85 52 02 00 00 4d 8b 7c 24 28 e8 48 2c c6 ff 48 8b 44 24 18 80 38 00 0f 85 1c 02 00 00 48 8b 43 18 48 89 c2 48 c1 ea 03 <42> 80 3c 32 00 0f 85 ef 01 00 00 48 8b 4c 24 20 48 8b 30 80 39 00 [ 134.735548] RSP: 0018:ffff888042b47c70 EFLAGS: 00010212 [ 134.736197] RAX: 0000000020000640 RBX: ffff888042b47d58 RCX: ffffc90005610000 [ 134.737065] RDX: 00000000040000c8 RSI: ffffffff81855c98 RDI: 0000000000000007 [ 134.737916] RBP: 00000000000000a3 R08: 0000000000000007 R09: 0000000000000000 [ 134.738779] R10: 00000000000000a3 R11: 0000000000000001 R12: ffff888016132000 [ 134.739621] R13: 0000000000000000 R14: dffffc0000000000 R15: ffffffff84910f40 [ 134.740484] FS: 00007ff795bae700(0000) GS:ffff88806cf00000(0000) knlGS:0000000000000000 [ 134.741442] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 134.742320] CR2: 00007f3cbf159de0 CR3: 000000000f2bc000 CR4: 0000000000350ee0 [ 135.532565] general protection fault, probably for non-canonical address 0xdffffc00040000c8: 0000 [#2] PREEMPT SMP KASAN NOPTI [ 135.534035] KASAN: probably user-memory-access in range [0x0000000020000640-0x0000000020000647] [ 135.535112] CPU: 0 PID: 3985 Comm: syz-executor.4 Tainted: G D 6.3.0-rc3-next-20230327 #1 [ 135.536289] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 135.537301] RIP: 0010:do_iter_read+0x481/0x750 [ 135.537908] Code: 00 0f 85 52 02 00 00 4d 8b 7c 24 28 e8 48 2c c6 ff 48 8b 44 24 18 80 38 00 0f 85 1c 02 00 00 48 8b 43 18 48 89 c2 48 c1 ea 03 <42> 80 3c 32 00 0f 85 ef 01 00 00 48 8b 4c 24 20 48 8b 30 80 39 00 [ 135.540158] RSP: 0018:ffff8880432d7c70 EFLAGS: 00010212 [ 135.540831] RAX: 0000000020000640 RBX: ffff8880432d7d58 RCX: ffffc90006417000 [ 135.541726] RDX: 00000000040000c8 RSI: ffffffff81855c98 RDI: 0000000000000007 [ 135.542642] RBP: 00000000000000a3 R08: 0000000000000007 R09: 0000000000000000 [ 135.543532] R10: 00000000000000a3 R11: 0000000000000001 R12: ffff888016cc4780 [ 135.544423] R13: 0000000000000000 R14: dffffc0000000000 R15: ffffffff84910f40 [ 135.545321] FS: 00007ff795b8d700(0000) GS:ffff88806ce00000(0000) knlGS:0000000000000000 [ 135.546333] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 135.547062] CR2: 00005582d6ead390 CR3: 000000000f2bc000 CR4: 0000000000350ef0 [ 135.547949] Call Trace: [ 135.548285] [ 135.548593] ? import_iovec+0x87/0xb0 [ 135.549092] vfs_readv+0xe5/0x160 [ 135.549554] ? __pfx_vfs_readv+0x10/0x10 [ 135.550104] ? lock_release+0x4d8/0x680 [ 135.550641] ? __pfx_lock_release+0x10/0x10 [ 135.551198] ? fd_install+0x1f7/0x6e0 [ 135.551723] ? __fget_files+0x270/0x480 [ 135.552242] ? __fget_light+0xe5/0x280 [ 135.552747] do_readv+0x133/0x300 [ 135.553200] ? __pfx_do_readv+0x10/0x10 [ 135.553728] do_syscall_64+0x3f/0x90 [ 135.554226] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 135.554890] RIP: 0033:0x7ff798638b19 [ 135.555369] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 135.557616] RSP: 002b:00007ff795b8d188 EFLAGS: 00000246 ORIG_RAX: 0000000000000013 [ 135.558584] RAX: ffffffffffffffda RBX: 00007ff79874c020 RCX: 00007ff798638b19 [ 135.559483] RDX: 0000000000000001 RSI: 00000000200008c0 RDI: 0000000000000004 [ 135.560364] RBP: 00007ff798692f6d R08: 0000000000000000 R09: 0000000000000000 [ 135.561240] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 135.562129] R13: 00007fffaf44754f R14: 00007ff795b8d300 R15: 0000000000022000 [ 135.563034] [ 135.563340] Modules linked in: [ 135.563943] ---[ end trace 0000000000000000 ]--- [ 135.564541] RIP: 0010:do_iter_read+0x481/0x750 [ 135.565175] Code: 00 0f 85 52 02 00 00 4d 8b 7c 24 28 e8 48 2c c6 ff 48 8b 44 24 18 80 38 00 0f 85 1c 02 00 00 48 8b 43 18 48 89 c2 48 c1 ea 03 <42> 80 3c 32 00 0f 85 ef 01 00 00 48 8b 4c 24 20 48 8b 30 80 39 00 [ 135.567468] RSP: 0018:ffff888042b47c70 EFLAGS: 00010212 [ 135.568155] RAX: 0000000020000640 RBX: ffff888042b47d58 RCX: ffffc90005610000 [ 135.569068] RDX: 00000000040000c8 RSI: ffffffff81855c98 RDI: 0000000000000007 [ 135.571182] RBP: 00000000000000a3 R08: 0000000000000007 R09: 0000000000000000 [ 135.572310] R10: 00000000000000a3 R11: 0000000000000001 R12: ffff888016132000 [ 135.573224] R13: 0000000000000000 R14: dffffc0000000000 R15: ffffffff84910f40 [ 135.574136] FS: 00007ff795b8d700(0000) GS:ffff88806ce00000(0000) knlGS:0000000000000000 [ 135.575156] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 135.575922] CR2: 00005582d6ead390 CR3: 000000000f2bc000 CR4: 0000000000350ef0 12:44:02 executing program 1: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6_udp(0xa, 0x2, 0x0) r1 = dup(r0) connect$inet6(r1, &(0x7f00000000c0)={0xa, 0x0, 0x0, @mcast2, 0x2}, 0x1c) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f00000018c0)=0x1, 0x4) setsockopt$inet6_tcp_TCP_REPAIR_WINDOW(r2, 0x6, 0x1d, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x4}, 0x14) getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000000140)={0x0}, &(0x7f0000000180)=0xc) r4 = memfd_secret(0x0) perf_event_open(&(0x7f0000000300)={0x1, 0x80, 0x4, 0x2, 0x6, 0x9, 0x0, 0x20, 0x5900, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x40, 0x2, @perf_bp={&(0x7f0000000040), 0x4}, 0x4000, 0x5, 0x9, 0x0, 0x1, 0x10000, 0xe727, 0x0, 0x6, 0x0, 0x9}, r3, 0x1, r4, 0x3) connect$inet6(r1, &(0x7f0000000200)={0xa, 0x4e22, 0x0, @ipv4={'\x00', '\xff\xff', @multicast2}}, 0x1c) sendmmsg$inet6(r1, &(0x7f0000002880), 0x4000101, 0x0) setsockopt$inet6_mtu(r0, 0x29, 0x17, &(0x7f0000000000)=0x2, 0x4) 12:44:02 executing program 4: r0 = socket$unix(0x1, 0x1, 0x0) bind$unix(r0, &(0x7f00000000c0)=@file={0x1, './file0\x00'}, 0x6e) listen(r0, 0x0) listen(r0, 0x0) 12:44:02 executing program 2: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x1c5042, 0x0) 12:44:02 executing program 5: syz_emit_ethernet(0xbe, &(0x7f0000000040)={@link_local, @remote, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0xb0, 0x0, 0x0, 0x0, 0x29, 0x0, @private=0x9c, @local}, {0x0, 0x0, 0x9c, 0x0, @wg=@initiation={0x220, 0x9c02, "9cdf3f090000000051710000000000000000000000002200", "117ad553083cf29887cf5f29c7a6c95c7558a7482e05b26986482338c4a4807a788dafc8181760316d293733eea7f8d3", "a75e81563131a3cfe7a7f5a39f877d4c3d74923d6412b791b7128fae", {"452bd88da6fe3cce2e1d7da77bb012ba", "e313e602785b0268a2ed03bd928c6509"}}}}}}}, 0x0) 12:44:02 executing program 6: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) sendmsg$MPTCP_PM_CMD_DEL_ADDR(0xffffffffffffffff, 0x0, 0x40) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) io_uring_setup(0x578, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0x383}) openat$cgroup_procs(0xffffffffffffffff, &(0x7f0000000380)='cgroup.procs\x00', 0x2, 0x0) 12:44:02 executing program 0: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) sendmsg$MPTCP_PM_CMD_DEL_ADDR(0xffffffffffffffff, 0x0, 0x40) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) io_uring_setup(0x578, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0x383}) openat$cgroup_procs(0xffffffffffffffff, &(0x7f0000000380)='cgroup.procs\x00', 0x2, 0x0) 12:44:02 executing program 3: ioctl$AUTOFS_DEV_IOCTL_FAIL(0xffffffffffffffff, 0xc0189377, &(0x7f00000000c0)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x979}}, './file0\x00'}) ioctl$HCIINQUIRY(0xffffffffffffffff, 0x800448f0, &(0x7f0000000100)={0x3, 0x0, "3782a3", 0x9}) openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000280), 0x6101, 0x0) 12:44:02 executing program 7: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x77, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup3(r1, r0, 0x0) ioctl$sock_SIOCETHTOOL(r2, 0x8943, &(0x7f0000000080)={'syz_tun\x00', 0x0}) [ 135.620704] sit: Src spoofed 0.0.0.156/2002:0:29c:0:9cdf:3f09:: -> 172.20.20.170/5171::2200 12:44:03 executing program 5: syz_emit_ethernet(0xbe, &(0x7f0000000040)={@link_local, @remote, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0xb0, 0x0, 0x0, 0x0, 0x29, 0x0, @private=0x9c, @local}, {0x0, 0x0, 0x9c, 0x0, @wg=@initiation={0x220, 0x9c02, "9cdf3f090000000051710000000000000000000000002200", "117ad553083cf29887cf5f29c7a6c95c7558a7482e05b26986482338c4a4807a788dafc8181760316d293733eea7f8d3", "a75e81563131a3cfe7a7f5a39f877d4c3d74923d6412b791b7128fae", {"452bd88da6fe3cce2e1d7da77bb012ba", "e313e602785b0268a2ed03bd928c6509"}}}}}}}, 0x0) 12:44:03 executing program 3: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x9d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) readv(r0, &(0x7f0000000040)=[{&(0x7f0000000100)=""/151, 0x97}], 0x1) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$sock_int(r1, 0x1, 0xe, &(0x7f0000000000), 0x4) [ 135.782135] sit: Src spoofed 0.0.0.156/2002:0:29c:0:9cdf:3f09:: -> 172.20.20.170/5171::2200 12:44:03 executing program 7: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x77, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup3(r1, r0, 0x0) ioctl$sock_SIOCETHTOOL(r2, 0x8943, &(0x7f0000000080)={'syz_tun\x00', 0x0}) 12:44:03 executing program 4: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa) r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, @perf_config_ext, 0x2002}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) readv(r0, &(0x7f0000000240)=[{&(0x7f0000000140)=""/17, 0x11}, {&(0x7f0000000180)=""/91, 0x5b}], 0x2) syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='hugetlbfs\x00', 0x0, 0x0) pivot_root(&(0x7f0000000800)='./file0\x00', &(0x7f0000000840)='./file0\x00') r1 = socket$nl_sock_diag(0x10, 0x3, 0x4) fcntl$setownex(r1, 0xf, &(0x7f0000000400)={0x0, 0xffffffffffffffff}) lstat(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r4 = getuid() fsetxattr$system_posix_acl(0xffffffffffffffff, &(0x7f0000000000)='system.posix_acl_access\x00', &(0x7f0000000200)={{}, {}, [{0x2, 0x0, r2}, {0x2, 0x1, r4}, {0x2, 0x4}], {}, [], {0x10, 0x2}, {0x20, 0x2}}, 0x3c, 0x0) r5 = epoll_create1(0x0) lsetxattr$system_posix_acl(&(0x7f0000000780)='./file0\x00', &(0x7f00000007c0)='system.posix_acl_access\x00', &(0x7f0000000440)={{}, {0x1, 0x5}, [{0x2, 0x6}, {0x2, 0x1}, {}], {}, [{0x8, 0x2, r3}, {0x8, 0x4}, {0x8, 0x2, r3}, {0x8, 0x1}, {0x8, 0x0, r3}, {}, {0x8, 0x1, r3}, {0x8, 0x5}, {0x8, 0x7, r3}], {0x10, 0x7}, {0x20, 0x4}}, 0x84, 0x2) dup2(r5, r5) r6 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r7 = dup(0xffffffffffffffff) ioctl$EVIOCSABS2F(r7, 0x401845ef, &(0x7f00000003c0)={0x1, 0x7f, 0x10001, 0x2, 0x3, 0x4}) setxattr$security_capability(&(0x7f0000000300)='./file0\x00', &(0x7f0000000340), &(0x7f0000000380)=@v2={0x2000000, [{0x2, 0x400}, {0x1, 0x4}]}, 0x14, 0x2) fchdir(r6) 12:44:03 executing program 5: syz_emit_ethernet(0xbe, &(0x7f0000000040)={@link_local, @remote, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0xb0, 0x0, 0x0, 0x0, 0x29, 0x0, @private=0x9c, @local}, {0x0, 0x0, 0x9c, 0x0, @wg=@initiation={0x220, 0x9c02, "9cdf3f090000000051710000000000000000000000002200", "117ad553083cf29887cf5f29c7a6c95c7558a7482e05b26986482338c4a4807a788dafc8181760316d293733eea7f8d3", "a75e81563131a3cfe7a7f5a39f877d4c3d74923d6412b791b7128fae", {"452bd88da6fe3cce2e1d7da77bb012ba", "e313e602785b0268a2ed03bd928c6509"}}}}}}}, 0x0) [ 135.874244] audit: type=1400 audit(1679921043.242:9): avc: denied { read } for pid=4024 comm="syz-executor.4" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 12:44:03 executing program 3: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r1 = dup(r0) ioctl$BTRFS_IOC_SCRUB_CANCEL(r0, 0x941c, 0x0) bind$bt_hci(r1, &(0x7f0000000080)={0x1f, 0xffffffffffffffff, 0x3}, 0x6) write$bt_hci(0xffffffffffffffff, 0x0, 0x6) perf_event_open(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) socket$packet(0x11, 0x0, 0x300) getsockopt$packet_int(0xffffffffffffffff, 0x107, 0x0, 0x0, 0x0) [ 135.897170] sit: Src spoofed 0.0.0.156/2002:0:29c:0:9cdf:3f09:: -> 172.20.20.170/5171::2200 12:44:03 executing program 7: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x77, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup3(r1, r0, 0x0) ioctl$sock_SIOCETHTOOL(r2, 0x8943, &(0x7f0000000080)={'syz_tun\x00', 0x0}) 12:44:03 executing program 0: creat(&(0x7f00000000c0)='./file0\x00', 0x0) openat2$dir(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', &(0x7f0000000280)={0x200000, 0x0, 0x2}, 0x18) [ 136.045620] audit: type=1400 audit(1679921043.418:10): avc: denied { tracepoint } for pid=4024 comm="syz-executor.4" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 12:44:03 executing program 1: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6_udp(0xa, 0x2, 0x0) r1 = dup(r0) connect$inet6(r1, &(0x7f00000000c0)={0xa, 0x0, 0x0, @mcast2, 0x2}, 0x1c) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f00000018c0)=0x1, 0x4) setsockopt$inet6_tcp_TCP_REPAIR_WINDOW(r2, 0x6, 0x1d, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x4}, 0x14) getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000000140)={0x0}, &(0x7f0000000180)=0xc) r4 = memfd_secret(0x0) perf_event_open(&(0x7f0000000300)={0x1, 0x80, 0x4, 0x2, 0x6, 0x9, 0x0, 0x20, 0x5900, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x40, 0x2, @perf_bp={&(0x7f0000000040), 0x4}, 0x4000, 0x5, 0x9, 0x0, 0x1, 0x10000, 0xe727, 0x0, 0x6, 0x0, 0x9}, r3, 0x1, r4, 0x3) connect$inet6(r1, &(0x7f0000000200)={0xa, 0x4e22, 0x0, @ipv4={'\x00', '\xff\xff', @multicast2}}, 0x1c) sendmmsg$inet6(r1, &(0x7f0000002880), 0x4000101, 0x0) setsockopt$inet6_mtu(r0, 0x29, 0x17, &(0x7f0000000000)=0x2, 0x4) 12:44:03 executing program 7: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x77, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup3(r1, r0, 0x0) ioctl$sock_SIOCETHTOOL(r2, 0x8943, &(0x7f0000000080)={'syz_tun\x00', 0x0}) 12:44:03 executing program 0: perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x79, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) 12:44:03 executing program 3: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r1 = dup(r0) ioctl$BTRFS_IOC_SCRUB_CANCEL(r0, 0x941c, 0x0) bind$bt_hci(r1, &(0x7f0000000080)={0x1f, 0xffffffffffffffff, 0x3}, 0x6) write$bt_hci(0xffffffffffffffff, 0x0, 0x6) perf_event_open(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) socket$packet(0x11, 0x0, 0x300) getsockopt$packet_int(0xffffffffffffffff, 0x107, 0x0, 0x0, 0x0) 12:44:03 executing program 5: r0 = socket$packet(0x11, 0x3, 0x300) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'syz_tun\x00', 0x0}) bind$packet(r0, &(0x7f00000000c0)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @random="2037f1375c88"}, 0x14) sendmmsg(r0, &(0x7f00000083c0)=[{{0x0, 0x0, &(0x7f0000000500)=[{&(0x7f00000002c0)="dd2ff1d20610eea9cd8f517b94e0", 0xe}], 0x1}}, {{0x0, 0x0, 0x0, 0x0, &(0x7f0000001a80)=ANY=[@ANYBLOB='Y'], 0x10}}], 0x2, 0x0) 12:44:03 executing program 6: semctl$SEM_STAT(0x0, 0x0, 0x12, 0x0) 12:44:03 executing program 2: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x1c5042, 0x0) 12:44:03 executing program 4: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa) r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, @perf_config_ext, 0x2002}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) readv(r0, &(0x7f0000000240)=[{&(0x7f0000000140)=""/17, 0x11}, {&(0x7f0000000180)=""/91, 0x5b}], 0x2) syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='hugetlbfs\x00', 0x0, 0x0) pivot_root(&(0x7f0000000800)='./file0\x00', &(0x7f0000000840)='./file0\x00') r1 = socket$nl_sock_diag(0x10, 0x3, 0x4) fcntl$setownex(r1, 0xf, &(0x7f0000000400)={0x0, 0xffffffffffffffff}) lstat(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r4 = getuid() fsetxattr$system_posix_acl(0xffffffffffffffff, &(0x7f0000000000)='system.posix_acl_access\x00', &(0x7f0000000200)={{}, {}, [{0x2, 0x0, r2}, {0x2, 0x1, r4}, {0x2, 0x4}], {}, [], {0x10, 0x2}, {0x20, 0x2}}, 0x3c, 0x0) r5 = epoll_create1(0x0) lsetxattr$system_posix_acl(&(0x7f0000000780)='./file0\x00', &(0x7f00000007c0)='system.posix_acl_access\x00', &(0x7f0000000440)={{}, {0x1, 0x5}, [{0x2, 0x6}, {0x2, 0x1}, {}], {}, [{0x8, 0x2, r3}, {0x8, 0x4}, {0x8, 0x2, r3}, {0x8, 0x1}, {0x8, 0x0, r3}, {}, {0x8, 0x1, r3}, {0x8, 0x5}, {0x8, 0x7, r3}], {0x10, 0x7}, {0x20, 0x4}}, 0x84, 0x2) dup2(r5, r5) r6 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r7 = dup(0xffffffffffffffff) ioctl$EVIOCSABS2F(r7, 0x401845ef, &(0x7f00000003c0)={0x1, 0x7f, 0x10001, 0x2, 0x3, 0x4}) setxattr$security_capability(&(0x7f0000000300)='./file0\x00', &(0x7f0000000340), &(0x7f0000000380)=@v2={0x2000000, [{0x2, 0x400}, {0x1, 0x4}]}, 0x14, 0x2) fchdir(r6) 12:44:03 executing program 3: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r1 = dup(r0) ioctl$BTRFS_IOC_SCRUB_CANCEL(r0, 0x941c, 0x0) bind$bt_hci(r1, &(0x7f0000000080)={0x1f, 0xffffffffffffffff, 0x3}, 0x6) write$bt_hci(0xffffffffffffffff, 0x0, 0x6) perf_event_open(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) socket$packet(0x11, 0x0, 0x300) getsockopt$packet_int(0xffffffffffffffff, 0x107, 0x0, 0x0, 0x0) 12:44:03 executing program 6: r0 = syz_open_dev$usbmon(&(0x7f0000000080), 0x0, 0x800) preadv(r0, &(0x7f0000001440)=[{&(0x7f00000000c0)=""/4096, 0x1000}], 0x1, 0x0, 0x0) 12:44:03 executing program 0: perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x79, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) 12:44:03 executing program 5: setsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x20, 0x0, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$sock_timeval(r0, 0x1, 0x49, &(0x7f0000000000)={0x77359400}, 0x10) r1 = socket$inet6_udp(0xa, 0x2, 0x0) dup(r1) fdatasync(r1) [ 136.417793] general protection fault, probably for non-canonical address 0xdffffc0004000018: 0000 [#3] PREEMPT SMP KASAN NOPTI [ 136.419364] KASAN: probably user-memory-access in range [0x00000000200000c0-0x00000000200000c7] [ 136.420541] CPU: 1 PID: 4060 Comm: syz-executor.6 Tainted: G D 6.3.0-rc3-next-20230327 #1 [ 136.421833] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 136.422953] RIP: 0010:do_iter_read+0x481/0x750 [ 136.423618] Code: 00 0f 85 52 02 00 00 4d 8b 7c 24 28 e8 48 2c c6 ff 48 8b 44 24 18 80 38 00 0f 85 1c 02 00 00 48 8b 43 18 48 89 c2 48 c1 ea 03 <42> 80 3c 32 00 0f 85 ef 01 00 00 48 8b 4c 24 20 48 8b 30 80 39 00 [ 136.426067] RSP: 0018:ffff888043577c78 EFLAGS: 00010216 [ 136.426802] RAX: 00000000200000c0 RBX: ffff888043577d60 RCX: ffffc90006819000 [ 136.427771] RDX: 0000000004000018 RSI: ffffffff81855c98 RDI: 0000000000000007 [ 136.428739] RBP: 0000000000001000 R08: 0000000000000007 R09: 0000000000000000 [ 136.429707] R10: 0000000000001000 R11: 0000000000000001 R12: ffff88800f205900 [ 136.430686] R13: 0000000000000000 R14: dffffc0000000000 R15: ffffffff84c6aba0 [ 136.431643] FS: 00007f71efb7a700(0000) GS:ffff88806cf00000(0000) knlGS:0000000000000000 [ 136.432717] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 136.433491] CR2: 00007f71efb79d58 CR3: 000000000f8b6000 CR4: 0000000000350ee0 [ 136.434450] Call Trace: [ 136.434805] [ 136.435126] ? import_iovec+0x87/0xb0 [ 136.435657] vfs_readv+0xe5/0x160 [ 136.436149] ? __pfx_vfs_readv+0x10/0x10 [ 136.436716] ? lock_release+0x4d8/0x680 [ 136.437278] ? kmem_cache_free+0xff/0x4a0 [ 136.437870] ? do_futex+0x13a/0x380 [ 136.438414] ? __fget_files+0x270/0x480 [ 136.438969] __x64_sys_preadv+0x233/0x310 [ 136.439550] ? __pfx___x64_sys_preadv+0x10/0x10 [ 136.440207] do_syscall_64+0x3f/0x90 [ 136.440726] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 136.441424] RIP: 0033:0x7f71f2604b19 [ 136.441929] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 136.444321] RSP: 002b:00007f71efb7a188 EFLAGS: 00000246 ORIG_RAX: 0000000000000127 [ 136.445329] RAX: ffffffffffffffda RBX: 00007f71f2717f60 RCX: 00007f71f2604b19 [ 136.446285] RDX: 0000000000000001 RSI: 0000000020001440 RDI: 0000000000000003 [ 136.447226] RBP: 00007f71f265ef6d R08: 0000000000000000 R09: 0000000000000000 [ 136.448278] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 136.449212] R13: 00007fff8aad615f R14: 00007f71efb7a300 R15: 0000000000022000 [ 136.450196] [ 136.450507] Modules linked in: [ 136.451358] ---[ end trace 0000000000000000 ]--- [ 136.452253] RIP: 0010:do_iter_read+0x481/0x750 [ 136.452899] Code: 00 0f 85 52 02 00 00 4d 8b 7c 24 28 e8 48 2c c6 ff 48 8b 44 24 18 80 38 00 0f 85 1c 02 00 00 48 8b 43 18 48 89 c2 48 c1 ea 03 <42> 80 3c 32 00 0f 85 ef 01 00 00 48 8b 4c 24 20 48 8b 30 80 39 00 [ 136.455184] RSP: 0018:ffff888042b47c70 EFLAGS: 00010212 [ 136.455896] RAX: 0000000020000640 RBX: ffff888042b47d58 RCX: ffffc90005610000 [ 136.456813] RDX: 00000000040000c8 RSI: ffffffff81855c98 RDI: 0000000000000007 [ 136.457783] RBP: 00000000000000a3 R08: 0000000000000007 R09: 0000000000000000 [ 136.458725] R10: 00000000000000a3 R11: 0000000000000001 R12: ffff888016132000 [ 136.459632] R13: 0000000000000000 R14: dffffc0000000000 R15: ffffffff84910f40 [ 136.460569] FS: 00007f71efb7a700(0000) GS:ffff88806cf00000(0000) knlGS:0000000000000000 [ 136.461620] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 136.462439] CR2: 00007f71efb79d58 CR3: 000000000f8b6000 CR4: 0000000000350ee0 12:44:03 executing program 7: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) fcntl$setlease(r0, 0x400, 0x1) 12:44:03 executing program 3: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r1 = dup(r0) ioctl$BTRFS_IOC_SCRUB_CANCEL(r0, 0x941c, 0x0) bind$bt_hci(r1, &(0x7f0000000080)={0x1f, 0xffffffffffffffff, 0x3}, 0x6) write$bt_hci(0xffffffffffffffff, 0x0, 0x6) perf_event_open(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) socket$packet(0x11, 0x0, 0x300) getsockopt$packet_int(0xffffffffffffffff, 0x107, 0x0, 0x0, 0x0) 12:44:04 executing program 0: perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x79, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) 12:44:04 executing program 0: perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x79, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) 12:44:04 executing program 6: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat$sr(0xffffffffffffff9c, &(0x7f00000001c0), 0x105802, 0x0) sendmsg$NL80211_CMD_SET_BSS(0xffffffffffffffff, 0x0, 0x0) ioctl$CDROM_SEND_PACKET(r0, 0x40081271, &(0x7f0000000100)={"089d47017a4dc4c025b155af", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) 12:44:04 executing program 4: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa) r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, @perf_config_ext, 0x2002}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) readv(r0, &(0x7f0000000240)=[{&(0x7f0000000140)=""/17, 0x11}, {&(0x7f0000000180)=""/91, 0x5b}], 0x2) syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='hugetlbfs\x00', 0x0, 0x0) pivot_root(&(0x7f0000000800)='./file0\x00', &(0x7f0000000840)='./file0\x00') r1 = socket$nl_sock_diag(0x10, 0x3, 0x4) fcntl$setownex(r1, 0xf, &(0x7f0000000400)={0x0, 0xffffffffffffffff}) lstat(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r4 = getuid() fsetxattr$system_posix_acl(0xffffffffffffffff, &(0x7f0000000000)='system.posix_acl_access\x00', &(0x7f0000000200)={{}, {}, [{0x2, 0x0, r2}, {0x2, 0x1, r4}, {0x2, 0x4}], {}, [], {0x10, 0x2}, {0x20, 0x2}}, 0x3c, 0x0) r5 = epoll_create1(0x0) lsetxattr$system_posix_acl(&(0x7f0000000780)='./file0\x00', &(0x7f00000007c0)='system.posix_acl_access\x00', &(0x7f0000000440)={{}, {0x1, 0x5}, [{0x2, 0x6}, {0x2, 0x1}, {}], {}, [{0x8, 0x2, r3}, {0x8, 0x4}, {0x8, 0x2, r3}, {0x8, 0x1}, {0x8, 0x0, r3}, {}, {0x8, 0x1, r3}, {0x8, 0x5}, {0x8, 0x7, r3}], {0x10, 0x7}, {0x20, 0x4}}, 0x84, 0x2) dup2(r5, r5) r6 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r7 = dup(0xffffffffffffffff) ioctl$EVIOCSABS2F(r7, 0x401845ef, &(0x7f00000003c0)={0x1, 0x7f, 0x10001, 0x2, 0x3, 0x4}) setxattr$security_capability(&(0x7f0000000300)='./file0\x00', &(0x7f0000000340), &(0x7f0000000380)=@v2={0x2000000, [{0x2, 0x400}, {0x1, 0x4}]}, 0x14, 0x2) fchdir(r6) 12:44:04 executing program 3: perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x79, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) write$P9_RLOPEN(r0, &(0x7f0000000240)={0x18}, 0x18) 12:44:04 executing program 7: pidfd_open(0x0, 0x2) 12:44:04 executing program 5: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/consoles\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x77, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) readv(r0, &(0x7f0000000300)=[{&(0x7f0000000080)=""/134, 0x86}], 0x1) 12:44:04 executing program 2: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x1c5042, 0x0) 12:44:04 executing program 0: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = timerfd_create(0x0, 0x0) timerfd_settime(r0, 0x0, &(0x7f0000000040)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) 12:44:04 executing program 1: r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) r2 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x0, 0x13, r2, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r1, 0x2405, r2) pkey_mprotect(&(0x7f0000ff7000/0x9000)=nil, 0x9000, 0x2000007, 0xffffffffffffffff) r3 = dup(r2) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r1, 0x2405, r3) [ 137.394243] audit: type=1400 audit(1679921044.767:11): avc: denied { write } for pid=4097 comm="syz-executor.1" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 12:44:04 executing program 0: getsockname$packet(0xffffffffffffffff, 0x0, 0x0) 12:44:04 executing program 7: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) io_setup(0x2, &(0x7f0000000000)=0x0) r2 = eventfd2(0x0, 0x0) io_submit(r1, 0x1, &(0x7f0000001a00)=[&(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, r0, 0x0, 0x0, 0x0, 0x0, 0x1, r2}]) flistxattr(0xffffffffffffffff, 0x0, 0x0) 12:44:04 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) ioctl$EXT4_IOC_GET_ES_CACHE(r0, 0x40305839, &(0x7f0000000080)=ANY=[@ANYBLOB="0600000000007cd181000000000000000089"]) pwrite64(r0, &(0x7f0000000140)="01", 0x1, 0x7fff) pwrite64(r0, &(0x7f0000000180)='\x00', 0x1, 0x1000) write$bt_hci(r0, &(0x7f0000000040)={0x1, @remote_name_req_cancel={{0x41a, 0x6}, {@none}}}, 0xa) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) ioctl$EXT4_IOC_GET_ES_CACHE(r1, 0x40305839, &(0x7f0000000080)=ANY=[]) 12:44:04 executing program 1: r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000002340), 0x0) ioctl$SNDRV_SEQ_IOCTL_GET_SUBSCRIPTION(r0, 0x408c5333, &(0x7f0000000000)={{0x0, 0xff}}) 12:44:05 executing program 2: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x1c5042, 0x0) 12:44:05 executing program 3: perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x79, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) write$P9_RLOPEN(r0, &(0x7f0000000240)={0x18}, 0x18) 12:44:05 executing program 5: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x8001) 12:44:05 executing program 0: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_TCP_REPAIR(r0, 0x6, 0x3, &(0x7f0000000000), 0x4) 12:44:05 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) pwritev(r1, &(0x7f0000000080)=[{&(0x7f0000000140)='\x00', 0x1a}], 0x1, 0x7fffffc, 0x0) ioctl$BLKFRASET(0xffffffffffffffff, 0x1264, &(0x7f0000000040)=0x9) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r0, 0x0, 0x100000) r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x1c5042, 0x0) write(r2, &(0x7f0000000200)='E', 0x140000) openat$sr(0xffffffffffffff9c, &(0x7f0000002380), 0x121800, 0x0) stat(&(0x7f0000000240)='./file0\x00', &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0}) setresuid(0x0, r3, 0x0) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000180), &(0x7f0000000380)=0xc) r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) r5 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r5, &(0x7f0000001180)=ANY=[], 0x220) sendfile(r5, r4, 0x0, 0xfffffdef) openat(r5, &(0x7f0000000300)='./file0\x00', 0x400, 0x10) 12:44:05 executing program 1: ioctl$CDROMREADMODE1(0xffffffffffffffff, 0x530d, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x1}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000080)) ioctl$CDROM_NEXT_WRITABLE(r0, 0x5394, &(0x7f0000000000)) ioctl$sock_bt_hci(0xffffffffffffffff, 0x400448cb, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000000500)) syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000340)) r1 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0) ioctl$FAT_IOCTL_GET_VOLUME_ID(r1, 0x80047213, &(0x7f00000004c0)) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, 0x0) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) openat$vcsa(0xffffffffffffff9c, &(0x7f0000001600), 0x400000, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 12:44:05 executing program 7: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) io_setup(0x2, &(0x7f0000000000)=0x0) r2 = eventfd2(0x0, 0x0) io_submit(r1, 0x1, &(0x7f0000001a00)=[&(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, r0, 0x0, 0x0, 0x0, 0x0, 0x1, r2}]) flistxattr(0xffffffffffffffff, 0x0, 0x0) 12:44:05 executing program 4: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa) r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, @perf_config_ext, 0x2002}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) readv(r0, &(0x7f0000000240)=[{&(0x7f0000000140)=""/17, 0x11}, {&(0x7f0000000180)=""/91, 0x5b}], 0x2) syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='hugetlbfs\x00', 0x0, 0x0) pivot_root(&(0x7f0000000800)='./file0\x00', &(0x7f0000000840)='./file0\x00') r1 = socket$nl_sock_diag(0x10, 0x3, 0x4) fcntl$setownex(r1, 0xf, &(0x7f0000000400)={0x0, 0xffffffffffffffff}) lstat(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r4 = getuid() fsetxattr$system_posix_acl(0xffffffffffffffff, &(0x7f0000000000)='system.posix_acl_access\x00', &(0x7f0000000200)={{}, {}, [{0x2, 0x0, r2}, {0x2, 0x1, r4}, {0x2, 0x4}], {}, [], {0x10, 0x2}, {0x20, 0x2}}, 0x3c, 0x0) r5 = epoll_create1(0x0) lsetxattr$system_posix_acl(&(0x7f0000000780)='./file0\x00', &(0x7f00000007c0)='system.posix_acl_access\x00', &(0x7f0000000440)={{}, {0x1, 0x5}, [{0x2, 0x6}, {0x2, 0x1}, {}], {}, [{0x8, 0x2, r3}, {0x8, 0x4}, {0x8, 0x2, r3}, {0x8, 0x1}, {0x8, 0x0, r3}, {}, {0x8, 0x1, r3}, {0x8, 0x5}, {0x8, 0x7, r3}], {0x10, 0x7}, {0x20, 0x4}}, 0x84, 0x2) dup2(r5, r5) r6 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r7 = dup(0xffffffffffffffff) ioctl$EVIOCSABS2F(r7, 0x401845ef, &(0x7f00000003c0)={0x1, 0x7f, 0x10001, 0x2, 0x3, 0x4}) setxattr$security_capability(&(0x7f0000000300)='./file0\x00', &(0x7f0000000340), &(0x7f0000000380)=@v2={0x2000000, [{0x2, 0x400}, {0x1, 0x4}]}, 0x14, 0x2) fchdir(r6) 12:44:05 executing program 3: perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x79, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) write$P9_RLOPEN(r0, &(0x7f0000000240)={0x18}, 0x18) 12:44:05 executing program 0: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_TCP_REPAIR(r0, 0x6, 0x3, &(0x7f0000000000), 0x4) 12:44:05 executing program 7: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) io_setup(0x2, &(0x7f0000000000)=0x0) r2 = eventfd2(0x0, 0x0) io_submit(r1, 0x1, &(0x7f0000001a00)=[&(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, r0, 0x0, 0x0, 0x0, 0x0, 0x1, r2}]) flistxattr(0xffffffffffffffff, 0x0, 0x0) 12:44:05 executing program 5: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x77, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x1, 0x0) getsockopt$inet6_int(r0, 0x29, 0x10, 0x0, &(0x7f0000000040)) 12:44:05 executing program 3: perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x79, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) write$P9_RLOPEN(r0, &(0x7f0000000240)={0x18}, 0x18) 12:44:05 executing program 0: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_TCP_REPAIR(r0, 0x6, 0x3, &(0x7f0000000000), 0x4) 12:44:05 executing program 7: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) io_setup(0x2, &(0x7f0000000000)=0x0) r2 = eventfd2(0x0, 0x0) io_submit(r1, 0x1, &(0x7f0000001a00)=[&(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, r0, 0x0, 0x0, 0x0, 0x0, 0x1, r2}]) flistxattr(0xffffffffffffffff, 0x0, 0x0) 12:44:05 executing program 5: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x77, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x1, 0x0) getsockopt$inet6_int(r0, 0x29, 0x10, 0x0, &(0x7f0000000040)) 12:44:05 executing program 0: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_TCP_REPAIR(r0, 0x6, 0x3, &(0x7f0000000000), 0x4) 12:44:05 executing program 5: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x77, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x1, 0x0) getsockopt$inet6_int(r0, 0x29, 0x10, 0x0, &(0x7f0000000040)) 12:44:05 executing program 2: r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x2, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) r2 = fcntl$dupfd(r0, 0x0, r1) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0xb, 0x13, r2, 0x0) write(r1, &(0x7f0000000080)="01", 0x41030) 12:44:05 executing program 5: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x77, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x1, 0x0) getsockopt$inet6_int(r0, 0x29, 0x10, 0x0, &(0x7f0000000040)) 12:44:06 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) pwritev(r1, &(0x7f0000000080)=[{&(0x7f0000000140)='\x00', 0x1a}], 0x1, 0x7fffffc, 0x0) ioctl$BLKFRASET(0xffffffffffffffff, 0x1264, &(0x7f0000000040)=0x9) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r0, 0x0, 0x100000) r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x1c5042, 0x0) write(r2, &(0x7f0000000200)='E', 0x140000) openat$sr(0xffffffffffffff9c, &(0x7f0000002380), 0x121800, 0x0) stat(&(0x7f0000000240)='./file0\x00', &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0}) setresuid(0x0, r3, 0x0) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000180), &(0x7f0000000380)=0xc) r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) r5 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r5, &(0x7f0000001180)=ANY=[], 0x220) sendfile(r5, r4, 0x0, 0xfffffdef) openat(r5, &(0x7f0000000300)='./file0\x00', 0x400, 0x10) 12:44:06 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) lseek(r0, 0xfffffffffffffffc, 0x4) 12:44:06 executing program 1: ioctl$CDROMREADMODE1(0xffffffffffffffff, 0x530d, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x1}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000080)) ioctl$CDROM_NEXT_WRITABLE(r0, 0x5394, &(0x7f0000000000)) ioctl$sock_bt_hci(0xffffffffffffffff, 0x400448cb, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000000500)) syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000340)) r1 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0) ioctl$FAT_IOCTL_GET_VOLUME_ID(r1, 0x80047213, &(0x7f00000004c0)) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, 0x0) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) openat$vcsa(0xffffffffffffff9c, &(0x7f0000001600), 0x400000, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 12:44:06 executing program 2: kexec_load(0x0, 0x0, 0x0, 0x2) 12:44:06 executing program 3: madvise(&(0x7f0000ffb000/0x2000)=nil, 0x2000, 0x17) madvise(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x8) mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x7, &(0x7f0000ffa000/0x1000)=nil) madvise(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x15) 12:44:06 executing program 0: r0 = openat$cdrom(0xffffffffffffff9c, &(0x7f0000000000), 0x800, 0x0) ioctl$CDROM_TIMED_MEDIA_CHANGE(r0, 0x5396, &(0x7f0000000040)) 12:44:06 executing program 7: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000440)={'wlan1\x00', &(0x7f0000000400)=@ethtool_ringparam={0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}}) 12:44:06 executing program 5: prctl$PR_CAP_AMBIENT(0x2f, 0x4, 0x10) 12:44:06 executing program 7: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000440)={'wlan1\x00', &(0x7f0000000400)=@ethtool_ringparam={0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}}) 12:44:06 executing program 3: r0 = socket$inet6(0xa, 0x3, 0xff) connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @empty}, 0x1c) sendmmsg$inet6(r0, &(0x7f0000000140)=[{{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="9c08c10a5e769fca815874eaf5ece38a1f8cc5a85857c94ad2624a8833900e2dc09b45daf46d8571", 0x28}], 0x1}}], 0x1, 0x4884) 12:44:06 executing program 5: creat(&(0x7f0000000840)='./file0\x00', 0x0) mount$cgroup(0x0, &(0x7f0000000980)='./file0\x00', &(0x7f00000009c0), 0x0, &(0x7f0000000a00)={[{@none}]}) 12:44:06 executing program 2: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x1, 0x0) setsockopt$inet6_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f00000001c0)=0x1, 0x4) connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @empty}, 0x7e) 12:44:06 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL802154_CMD_SET_CCA_MODE(r0, &(0x7f0000000800)={0x0, 0x0, &(0x7f00000007c0)={&(0x7f0000000740)={0x14}, 0x14}}, 0x0) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL802154_CMD_NEW_SEC_DEVKEY(r1, &(0x7f0000001880)={0x0, 0x0, &(0x7f0000001840)={&(0x7f0000001800)={0x14}, 0x14}}, 0x0) 12:44:06 executing program 0: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x78, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$packet(0x11, 0x0, 0x300) syz_genetlink_get_family_id$tipc2(&(0x7f0000000100), 0xffffffffffffffff) sendmsg$TIPC_NL_MEDIA_SET(0xffffffffffffffff, 0x0, 0x0) [ 139.032376] cgroup: Need name or subsystem set 12:44:06 executing program 7: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000440)={'wlan1\x00', &(0x7f0000000400)=@ethtool_ringparam={0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}}) 12:44:06 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x4000000000000006) 12:44:07 executing program 3: r0 = socket$inet6(0xa, 0x3, 0xff) connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @empty}, 0x1c) sendmmsg$inet6(r0, &(0x7f0000000140)=[{{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="9c08c10a5e769fca815874eaf5ece38a1f8cc5a85857c94ad2624a8833900e2dc09b45daf46d8571", 0x28}], 0x1}}], 0x1, 0x4884) 12:44:07 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) getxattr(&(0x7f0000000340)='./file1\x00', &(0x7f0000000380)=@known='security.selinux\x00', &(0x7f0000000700)=""/140, 0x8c) 12:44:07 executing program 2: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x1, 0x0) setsockopt$inet6_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f00000001c0)=0x1, 0x4) connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @empty}, 0x7e) 12:44:07 executing program 5: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$HCIINQUIRY(r0, 0x800448d2, &(0x7f0000000680)={0x0, 0x0, "a2279b"}) 12:44:07 executing program 7: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000440)={'wlan1\x00', &(0x7f0000000400)=@ethtool_ringparam={0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}}) 12:44:07 executing program 1: ioctl$CDROMREADMODE1(0xffffffffffffffff, 0x530d, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x1}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000080)) ioctl$CDROM_NEXT_WRITABLE(r0, 0x5394, &(0x7f0000000000)) ioctl$sock_bt_hci(0xffffffffffffffff, 0x400448cb, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000000500)) syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000340)) r1 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0) ioctl$FAT_IOCTL_GET_VOLUME_ID(r1, 0x80047213, &(0x7f00000004c0)) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, 0x0) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) openat$vcsa(0xffffffffffffff9c, &(0x7f0000001600), 0x400000, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 12:44:07 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) pwritev(r1, &(0x7f0000000080)=[{&(0x7f0000000140)='\x00', 0x1a}], 0x1, 0x7fffffc, 0x0) ioctl$BLKFRASET(0xffffffffffffffff, 0x1264, &(0x7f0000000040)=0x9) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r0, 0x0, 0x100000) r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x1c5042, 0x0) write(r2, &(0x7f0000000200)='E', 0x140000) openat$sr(0xffffffffffffff9c, &(0x7f0000002380), 0x121800, 0x0) stat(&(0x7f0000000240)='./file0\x00', &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0}) setresuid(0x0, r3, 0x0) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000180), &(0x7f0000000380)=0xc) r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) r5 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r5, &(0x7f0000001180)=ANY=[], 0x220) sendfile(r5, r4, 0x0, 0xfffffdef) openat(r5, &(0x7f0000000300)='./file0\x00', 0x400, 0x10) 12:44:07 executing program 0: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x76, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x0, &(0x7f0000000000), &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000fff000/0x1000)=nil, 0xfffffffffffffffc, 0x0) 12:44:08 executing program 3: r0 = socket$inet6(0xa, 0x3, 0xff) connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @empty}, 0x1c) sendmmsg$inet6(r0, &(0x7f0000000140)=[{{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="9c08c10a5e769fca815874eaf5ece38a1f8cc5a85857c94ad2624a8833900e2dc09b45daf46d8571", 0x28}], 0x1}}], 0x1, 0x4884) 12:44:08 executing program 2: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x1, 0x0) setsockopt$inet6_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f00000001c0)=0x1, 0x4) connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @empty}, 0x7e) 12:44:08 executing program 5: r0 = openat$ptp0(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$PTP_PIN_SETFUNC2(r0, 0x40103d02, &(0x7f0000000040)) 12:44:08 executing program 0: r0 = socket$inet6_udp(0xa, 0x2, 0x0) bind$inet6(r0, &(0x7f00000000c0)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @private}}, 0x1c) connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @loopback}}, 0x1c) 12:44:08 executing program 7: perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x79, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$inet_mreqn(r0, 0x0, 0x0, 0x0, 0x0) socket$nl_audit(0x10, 0x3, 0x9) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0) 12:44:08 executing program 4: mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz1\x00', 0x1ff) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x77, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) pipe2(&(0x7f0000000780)={0xffffffffffffffff}, 0x0) ioctl$sock_TIOCINQ(r0, 0x541b, &(0x7f0000001800)) 12:44:08 executing program 1: ioctl$CDROMREADMODE1(0xffffffffffffffff, 0x530d, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x1}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000080)) ioctl$CDROM_NEXT_WRITABLE(r0, 0x5394, &(0x7f0000000000)) ioctl$sock_bt_hci(0xffffffffffffffff, 0x400448cb, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000000500)) syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000340)) r1 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0) ioctl$FAT_IOCTL_GET_VOLUME_ID(r1, 0x80047213, &(0x7f00000004c0)) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, 0x0) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) openat$vcsa(0xffffffffffffff9c, &(0x7f0000001600), 0x400000, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 12:44:08 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) pwritev(r1, &(0x7f0000000080)=[{&(0x7f0000000140)='\x00', 0x1a}], 0x1, 0x7fffffc, 0x0) ioctl$BLKFRASET(0xffffffffffffffff, 0x1264, &(0x7f0000000040)=0x9) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r0, 0x0, 0x100000) r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x1c5042, 0x0) write(r2, &(0x7f0000000200)='E', 0x140000) openat$sr(0xffffffffffffff9c, &(0x7f0000002380), 0x121800, 0x0) stat(&(0x7f0000000240)='./file0\x00', &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0}) setresuid(0x0, r3, 0x0) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000180), &(0x7f0000000380)=0xc) r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) r5 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r5, &(0x7f0000001180)=ANY=[], 0x220) sendfile(r5, r4, 0x0, 0xfffffdef) openat(r5, &(0x7f0000000300)='./file0\x00', 0x400, 0x10) 12:44:08 executing program 2: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x1, 0x0) setsockopt$inet6_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f00000001c0)=0x1, 0x4) connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @empty}, 0x7e) 12:44:08 executing program 5: r0 = openat$ptp0(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$PTP_PIN_SETFUNC2(r0, 0x40103d02, &(0x7f0000000040)) 12:44:08 executing program 7: clock_getres(0x9, &(0x7f0000000000)) 12:44:08 executing program 0: r0 = socket$inet6_udp(0xa, 0x2, 0x0) bind$inet6(r0, &(0x7f00000000c0)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @private}}, 0x1c) connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @loopback}}, 0x1c) 12:44:08 executing program 3: r0 = socket$inet6(0xa, 0x3, 0xff) connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @empty}, 0x1c) sendmmsg$inet6(r0, &(0x7f0000000140)=[{{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="9c08c10a5e769fca815874eaf5ece38a1f8cc5a85857c94ad2624a8833900e2dc09b45daf46d8571", 0x28}], 0x1}}], 0x1, 0x4884) 12:44:08 executing program 4: r0 = socket$inet6_udp(0xa, 0x2, 0x0) bind$inet6(r0, &(0x7f00000000c0)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @private}}, 0x1c) connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @loopback}}, 0x1c) 12:44:09 executing program 1: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$sock_bt_hci(r0, 0x400448cc, 0x0) 12:44:09 executing program 7: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000a00)={0x0, 0x0, &(0x7f00000009c0)={&(0x7f0000000000)=@polexpire={0xc0, 0x1b, 0x1, 0x0, 0x0, {{{@in6=@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @in, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xee00}, {}, {}, 0x0, 0x1000}}}, 0xc0}}, 0x0) 12:44:09 executing program 5: r0 = openat$ptp0(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$PTP_PIN_SETFUNC2(r0, 0x40103d02, &(0x7f0000000040)) 12:44:09 executing program 0: r0 = socket$inet6_udp(0xa, 0x2, 0x0) bind$inet6(r0, &(0x7f00000000c0)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @private}}, 0x1c) connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @loopback}}, 0x1c) 12:44:09 executing program 3: r0 = socket$packet(0x11, 0x3, 0x300) sendmmsg(r0, &(0x7f0000000940)=[{{&(0x7f0000000780)=@hci={0x1f, 0x5865, 0x2}, 0x80, &(0x7f0000000900)=[{&(0x7f0000000800)="9c", 0x1}], 0x1}}], 0x1, 0x0) 12:44:09 executing program 4: r0 = socket$inet6_udp(0xa, 0x2, 0x0) bind$inet6(r0, &(0x7f00000000c0)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @private}}, 0x1c) connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @loopback}}, 0x1c) 12:44:09 executing program 5: r0 = openat$ptp0(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$PTP_PIN_SETFUNC2(r0, 0x40103d02, &(0x7f0000000040)) 12:44:09 executing program 0: r0 = socket$inet6_udp(0xa, 0x2, 0x0) bind$inet6(r0, &(0x7f00000000c0)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @private}}, 0x1c) connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @loopback}}, 0x1c) 12:44:09 executing program 4: r0 = socket$inet6_udp(0xa, 0x2, 0x0) bind$inet6(r0, &(0x7f00000000c0)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @private}}, 0x1c) connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @loopback}}, 0x1c) 12:44:09 executing program 3: r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000040)={'syz_tun\x00', &(0x7f0000000080)=@ethtool_per_queue_op={0x4b, 0xe}}) 12:44:09 executing program 1: sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x4}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$netlink(r0, 0x0, 0x0) io_uring_register$IORING_REGISTER_FILES(0xffffffffffffffff, 0x2, 0x0, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$BTRFS_IOC_INO_LOOKUP_USER(0xffffffffffffffff, 0xd000943e, 0x0) perf_event_open(&(0x7f0000001840)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x3) r1 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000700)={'wlan1\x00', 0x0}) r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$NL80211_CMD_TRIGGER_SCAN(r1, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000080)={0x1c, r3, 0x5, 0x0, 0x0, {{0x14}, {@val={0x8, 0x3, r2}, @void}}}, 0x1c}}, 0x0) 12:44:09 executing program 7: syz_mount_image$ext4(0x0, &(0x7f00000000c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount$9p_unix(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x163008, 0x0) syz_mount_image$ext4(&(0x7f0000000140)='ext3\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0xae, &(0x7f0000000100)={[{@usrjquota}]}) 12:44:09 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0xc042, 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)) ioctl$FS_IOC_FIEMAP(r0, 0xc020660b, &(0x7f0000000140)={0x0, 0xfffffffffffffffe}) [ 142.138634] EXT4-fs (sda): re-mounted 7b5d9a40-9011-49ec-8035-27953f97a4d8. Quota mode: none. [ 142.148713] EXT4-fs (sda): re-mounted 7b5d9a40-9011-49ec-8035-27953f97a4d8. Quota mode: none. 12:44:09 executing program 6: socket(0xb, 0x0, 0x0) 12:44:09 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) sendmsg$netlink(r0, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000480)={0x14, 0x1c, 0x1, 0x0, 0x0, "", [@typed={0x4, 0x0, 0x0, 0x0, @binary}, @generic]}, 0x14}], 0x1}, 0x0) 12:44:09 executing program 7: syz_mount_image$ext4(0x0, &(0x7f00000000c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount$9p_unix(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x163008, 0x0) syz_mount_image$ext4(&(0x7f0000000140)='ext3\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0xae, &(0x7f0000000100)={[{@usrjquota}]}) 12:44:09 executing program 3: r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0) ioctl$TIOCMSET(r0, 0x545d, &(0x7f0000000040)) 12:44:09 executing program 4: syz_mount_image$tmpfs(&(0x7f00000000c0), &(0x7f0000000000)='./file1\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000100)) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f00000002c0)='./file1/file0\x00', 0x101042, 0x0) write(r0, &(0x7f0000000080)="01", 0x292e9) 12:44:09 executing program 5: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x2}]}, 0x24}}, 0x0) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x3c, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x3c}}, 0x0) syz_80211_join_ibss(&(0x7f0000000040)='wlan1\x00', &(0x7f0000000080)=@default_ap_ssid, 0x6, 0x0) 12:44:09 executing program 0: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_TCP_MD5SIG(r0, 0x6, 0xe, &(0x7f0000000240)={@in6={{0xa, 0x0, 0x0, @empty}}, 0x0, 0x0, 0x2a, 0x0, "76e67ed465702fea8894065981e3921f72ece3e5cbaa694c0dd5aa08ac7194507750a155ae9f8371365fd733baabf57d2e14bbada41a2b08ceea2929ad215839c2414502dbb7fbd52c5fce47538018d9"}, 0xd8) setsockopt$inet6_tcp_TCP_MD5SIG(r0, 0x6, 0xe, &(0x7f00000000c0)={@in6={{0xa, 0x0, 0x0, @private0}}, 0x0, 0x0, 0xa, 0x0, "704f38582a91ca97213cf4774a2e4c820d00000000ffffff7f00000000fa311b916bf00bdf2d125e5e096cc4cbb5be4a2fb7dd8fd0dfa22b4100"}, 0xd8) setsockopt$inet6_tcp_TCP_MD5SIG(r0, 0x6, 0xe, &(0x7f0000000340)={@in6={{0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @multicast2}}}, 0x0, 0x0, 0x22, 0x0, "b7ca4515f7039d8b73ce15d13d93f7c2ef862dedc7c5b470c940c3734addbc949d3c30dfcf5652c92cc78b8e3fa5ace291ca3517ffc2fe32c73014be6a37dc4d1c8bbe98a4729f2652748fd60a9d1e97"}, 0xd8) [ 142.269302] EXT4-fs (sda): re-mounted 7b5d9a40-9011-49ec-8035-27953f97a4d8. Quota mode: none. 12:44:09 executing program 2: r0 = syz_open_dev$evdev(&(0x7f00000000c0), 0x0, 0x0) ioctl$EVIOCSMASK(r0, 0x400445a0, &(0x7f0000000080)={0x0, 0x0, 0x0}) [ 142.296903] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 142.297854] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 12:44:09 executing program 0: sendmsg$NL80211_CMD_TRIGGER_SCAN(0xffffffffffffffff, 0x0, 0x4000000) r0 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file1\x00', 0x4042, 0x1) preadv(r0, &(0x7f0000002700)=[{0x0}, {&(0x7f0000001600)=""/121, 0x79}, {0x0}], 0x3, 0x0, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) pwritev(r1, &(0x7f0000000040)=[{&(0x7f0000000000)="ca", 0x1}, {0x0}], 0x2, 0x7fffffc, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r0, 0x0, 0x100000) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) fallocate(r2, 0x0, 0x0, 0x87ffffc) syz_genetlink_get_family_id$devlink(&(0x7f00000001c0), r1) 12:44:09 executing program 7: syz_mount_image$ext4(0x0, &(0x7f00000000c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount$9p_unix(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x163008, 0x0) syz_mount_image$ext4(&(0x7f0000000140)='ext3\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0xae, &(0x7f0000000100)={[{@usrjquota}]}) 12:44:09 executing program 4: syz_mount_image$tmpfs(&(0x7f00000000c0), &(0x7f0000000000)='./file1\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000100)) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f00000002c0)='./file1/file0\x00', 0x101042, 0x0) write(r0, &(0x7f0000000080)="01", 0x292e9) 12:44:09 executing program 6: setsockopt$inet6_tcp_TCP_REPAIR(0xffffffffffffffff, 0x6, 0x13, &(0x7f00000018c0), 0x4) r0 = socket$inet6(0xa, 0x1, 0x0) mmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x0, 0x401a012, r0, 0x0) 12:44:09 executing program 3: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = epoll_create(0x1) r1 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x80000000, 0x81}, 0x703, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffefffffffff, 0xffffffffffffffff, 0x0) epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000100)={0x6000200a}) openat$sndseq(0xffffffffffffff9c, &(0x7f0000002340), 0x0) pread64(0xffffffffffffffff, &(0x7f0000000300)=""/138, 0x8a, 0x0) socketpair(0x0, 0xa, 0x2, &(0x7f0000000040)) [ 142.419064] EXT4-fs (sda): re-mounted 7b5d9a40-9011-49ec-8035-27953f97a4d8. Quota mode: none. [ 142.465780] audit: type=1400 audit(1679921049.836:12): avc: denied { block_suspend } for pid=4338 comm="syz-executor.3" capability=36 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=1 12:44:10 executing program 1: r0 = syz_open_dev$tty20(0xc, 0x4, 0x0) ioctl$VT_DISALLOCATE(r0, 0x5608) 12:44:10 executing program 7: syz_mount_image$ext4(0x0, &(0x7f00000000c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount$9p_unix(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x163008, 0x0) syz_mount_image$ext4(&(0x7f0000000140)='ext3\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0xae, &(0x7f0000000100)={[{@usrjquota}]}) 12:44:10 executing program 5: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x2}]}, 0x24}}, 0x0) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x3c, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x3c}}, 0x0) syz_80211_join_ibss(&(0x7f0000000040)='wlan1\x00', &(0x7f0000000080)=@default_ap_ssid, 0x6, 0x0) 12:44:10 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x2}]}, 0x24}}, 0x0) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x3c, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x3c}}, 0x0) syz_80211_join_ibss(&(0x7f0000000040)='wlan1\x00', &(0x7f0000000080)=@default_ap_ssid, 0x6, 0x0) 12:44:10 executing program 6: setsockopt$inet6_tcp_TCP_REPAIR(0xffffffffffffffff, 0x6, 0x13, &(0x7f00000018c0), 0x4) r0 = socket$inet6(0xa, 0x1, 0x0) mmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x0, 0x401a012, r0, 0x0) 12:44:10 executing program 4: syz_mount_image$tmpfs(&(0x7f00000000c0), &(0x7f0000000000)='./file1\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000100)) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f00000002c0)='./file1/file0\x00', 0x101042, 0x0) write(r0, &(0x7f0000000080)="01", 0x292e9) 12:44:10 executing program 3: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = epoll_create(0x1) r1 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x80000000, 0x81}, 0x703, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffefffffffff, 0xffffffffffffffff, 0x0) epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000100)={0x6000200a}) openat$sndseq(0xffffffffffffff9c, &(0x7f0000002340), 0x0) pread64(0xffffffffffffffff, &(0x7f0000000300)=""/138, 0x8a, 0x0) socketpair(0x0, 0xa, 0x2, &(0x7f0000000040)) 12:44:10 executing program 0: sendmsg$NL80211_CMD_TRIGGER_SCAN(0xffffffffffffffff, 0x0, 0x4000000) r0 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file1\x00', 0x4042, 0x1) preadv(r0, &(0x7f0000002700)=[{0x0}, {&(0x7f0000001600)=""/121, 0x79}, {0x0}], 0x3, 0x0, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) pwritev(r1, &(0x7f0000000040)=[{&(0x7f0000000000)="ca", 0x1}, {0x0}], 0x2, 0x7fffffc, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r0, 0x0, 0x100000) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) fallocate(r2, 0x0, 0x0, 0x87ffffc) syz_genetlink_get_family_id$devlink(&(0x7f00000001c0), r1) [ 143.363691] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 143.364781] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 12:44:10 executing program 6: setsockopt$inet6_tcp_TCP_REPAIR(0xffffffffffffffff, 0x6, 0x13, &(0x7f00000018c0), 0x4) r0 = socket$inet6(0xa, 0x1, 0x0) mmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x0, 0x401a012, r0, 0x0) [ 143.388891] EXT4-fs (sda): re-mounted 7b5d9a40-9011-49ec-8035-27953f97a4d8. Quota mode: none. [ 143.416504] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 143.417808] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 12:44:10 executing program 5: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x2}]}, 0x24}}, 0x0) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x3c, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x3c}}, 0x0) syz_80211_join_ibss(&(0x7f0000000040)='wlan1\x00', &(0x7f0000000080)=@default_ap_ssid, 0x6, 0x0) 12:44:10 executing program 4: syz_mount_image$tmpfs(&(0x7f00000000c0), &(0x7f0000000000)='./file1\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000100)) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f00000002c0)='./file1/file0\x00', 0x101042, 0x0) write(r0, &(0x7f0000000080)="01", 0x292e9) [ 143.536242] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 143.537538] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 12:44:11 executing program 1: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x80000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000700100000f000000000000000000000004000000000002000020000020000000def4655fdef4655f0100ffff53ef010001000000def4655f000000000000000001000000000000000b0000000004000008000000d2c201001203", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000efdd79b7c3654313ac0cec53e79dcbaf010040", 0x1f, 0x4e0}, {&(0x7f0000010400)="03000000040000000500000017000f000300040000000000000000000f008551", 0x20, 0x800}, {&(0x7f0000010e00)="ed41000000040000def4655fdef4655fdef4655f000000000000040020", 0x1d, 0x1800}], 0x0, &(0x7f0000013800)) 12:44:11 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x2}]}, 0x24}}, 0x0) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x3c, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x3c}}, 0x0) syz_80211_join_ibss(&(0x7f0000000040)='wlan1\x00', &(0x7f0000000080)=@default_ap_ssid, 0x6, 0x0) 12:44:11 executing program 0: sendmsg$NL80211_CMD_TRIGGER_SCAN(0xffffffffffffffff, 0x0, 0x4000000) r0 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file1\x00', 0x4042, 0x1) preadv(r0, &(0x7f0000002700)=[{0x0}, {&(0x7f0000001600)=""/121, 0x79}, {0x0}], 0x3, 0x0, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) pwritev(r1, &(0x7f0000000040)=[{&(0x7f0000000000)="ca", 0x1}, {0x0}], 0x2, 0x7fffffc, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r0, 0x0, 0x100000) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) fallocate(r2, 0x0, 0x0, 0x87ffffc) syz_genetlink_get_family_id$devlink(&(0x7f00000001c0), r1) 12:44:11 executing program 6: setsockopt$inet6_tcp_TCP_REPAIR(0xffffffffffffffff, 0x6, 0x13, &(0x7f00000018c0), 0x4) r0 = socket$inet6(0xa, 0x1, 0x0) mmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x0, 0x401a012, r0, 0x0) 12:44:11 executing program 7: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendmsg$ETHTOOL_MSG_PAUSE_SET(0xffffffffffffffff, &(0x7f0000000440)={0x0, 0x0, 0x0}, 0x0) mknod$loop(&(0x7f0000000100)='./file0/file0\x00', 0x0, 0x0) faccessat(0xffffffffffffffff, &(0x7f0000000140)='./file0\x00', 0x19) fallocate(0xffffffffffffffff, 0x12, 0x0, 0x3) fchmodat(0xffffffffffffffff, &(0x7f0000004680)='./file0/file0\x00', 0x80) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000480), 0x1}, 0x603}, 0x0, 0xffffffefffffffff, 0xffffffffffffffff, 0x0) r0 = getpgid(0x0) process_vm_readv(r0, &(0x7f00000000c0)=[{&(0x7f0000000000)=""/168, 0xa8}], 0x1, &(0x7f0000000240)=[{&(0x7f0000000100)=""/177, 0xa7}, {&(0x7f00000001c0)=""/102, 0xffffff1f}], 0x2, 0x0) r1 = getpgid(0x0) process_vm_readv(r1, &(0x7f00000000c0)=[{&(0x7f0000000000)=""/168, 0xa8}], 0x1, &(0x7f0000000240)=[{&(0x7f0000000100)=""/177, 0xa7}, {&(0x7f00000001c0)=""/102, 0xffffff1f}], 0x2, 0x0) 12:44:11 executing program 3: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = epoll_create(0x1) r1 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x80000000, 0x81}, 0x703, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffefffffffff, 0xffffffffffffffff, 0x0) epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000100)={0x6000200a}) openat$sndseq(0xffffffffffffff9c, &(0x7f0000002340), 0x0) pread64(0xffffffffffffffff, &(0x7f0000000300)=""/138, 0x8a, 0x0) socketpair(0x0, 0xa, 0x2, &(0x7f0000000040)) 12:44:11 executing program 5: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x2}]}, 0x24}}, 0x0) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x3c, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x3c}}, 0x0) syz_80211_join_ibss(&(0x7f0000000040)='wlan1\x00', &(0x7f0000000080)=@default_ap_ssid, 0x6, 0x0) 12:44:11 executing program 4: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = getpgrp(0x0) r1 = perf_event_open(&(0x7f0000000300)={0x2, 0x80, 0xc1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x75c}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, r1, 0x0) r3 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x26e1, 0x0) ioctl$FS_IOC_GETFSMAP(r3, 0xc0c0583b, &(0x7f0000000080)={0x0, 0x0, 0x4d, 0x0, '\x00', [{}, {0x800, 0x0, 0x80000000000}]}) r4 = syz_open_procfs(0x0, &(0x7f0000001580)='net/icmp6\x00') lseek(r4, 0x0, 0x0) r5 = openat$cgroup_procs(r3, &(0x7f00000001c0)='tasks\x00', 0x2, 0x0) r6 = syz_open_procfs(0x0, &(0x7f0000001580)='net/icmp6\x00') pread64(r6, &(0x7f0000000000)=""/186, 0xba, 0x0) lseek(r6, 0x0, 0x0) io_submit(0x0, 0x3, &(0x7f0000000540)=[&(0x7f0000000180)={0x0, 0x0, 0x0, 0x1, 0x3ff, r4, 0x0, 0x0, 0x3ff}, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x2, 0x7fff, r5, &(0x7f0000000380)="88773ff6b793755a8277c5086e0250b0de3ed3e1049963feb43fca8d3271ba468964dbec20e192a102d0b67f89a3b14feaf164bc521d03ee9c87215a8567fcbf057bf304be40a0c1f2710c6da2558a697c5a5ba39bdcf333ef87676c970a40e8f10afc99c473d50d80c060a4acbc11665e5c67b9bcef9698c292850577a8cb736e521fc26b262a12fc7a1b4904e764809c908fc34d9b593807bf143e601e1ca05edc9b86e3cf74a746026dc6ad519bde356b95e3511a28d1dc0356b342a0095344a2786031a62f4214ff985d4dc7fbde", 0xd0, 0x2, 0x0, 0x2, r3}, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x8, 0x4, r2, 0x0, 0x0, 0x0, 0x0, 0x1, r6}]) perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x8, 0x81, 0x7f, 0x2, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x2, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x8001, 0x2, @perf_config_ext={0x8, 0x5}, 0x1000, 0x7ff, 0xfffffff8, 0x8, 0x200, 0x4, 0x6021, 0x0, 0x6, 0x0, 0x100}, r0, 0x8, r4, 0x0) [ 144.329401] memfd_create() without MFD_EXEC nor MFD_NOEXEC_SEAL, pid=4388 'syz-executor.1' [ 144.356960] loop1: detected capacity change from 0 to 1024 [ 144.370069] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 144.370953] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 144.381102] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 without journal. Quota mode: writeback. [ 144.403986] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 144.404713] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 12:44:11 executing program 6: r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000000)=0x1c) [ 144.492885] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. 12:44:11 executing program 6: r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000000)=0x1c) 12:44:11 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x2}]}, 0x24}}, 0x0) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x3c, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x3c}}, 0x0) syz_80211_join_ibss(&(0x7f0000000040)='wlan1\x00', &(0x7f0000000080)=@default_ap_ssid, 0x6, 0x0) [ 144.652858] loop1: detected capacity change from 0 to 1024 12:44:12 executing program 1: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x80000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000700100000f000000000000000000000004000000000002000020000020000000def4655fdef4655f0100ffff53ef010001000000def4655f000000000000000001000000000000000b0000000004000008000000d2c201001203", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000efdd79b7c3654313ac0cec53e79dcbaf010040", 0x1f, 0x4e0}, {&(0x7f0000010400)="03000000040000000500000017000f000300040000000000000000000f008551", 0x20, 0x800}, {&(0x7f0000010e00)="ed41000000040000def4655fdef4655fdef4655f000000000000040020", 0x1d, 0x1800}], 0x0, &(0x7f0000013800)) [ 144.664465] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 144.665207] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 VM DIAGNOSIS: 12:44:02 Registers: info registers vcpu 0 RAX=00007fedca939000 RBX=00007fedca938000 RCX=ffffffff816fecaa RDX=ffff88801f515040 RSI=0000000000000000 RDI=0000000000000006 RBP=0000000000000000 RSP=ffff8880432d76f0 R8 =0000000000000006 R9 =00007fedca986000 R10=00007fedca938000 R11=0000000000000001 R12=0000000000000002 R13=dffffc0000000000 R14=ffff8880432d7ad8 R15=00007fedca986000 RIP=ffffffff816fecc4 RFL=00000206 [-----P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 0000000000000000 00000000 00000000 GS =0000 ffff88806ce00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=000000c00063f000 CR3=00000000160f4000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=ffffffffffffff00ffffffffffffffff XMM01=ffffffffffffffffffffffffffffffff XMM02=00000000000000000000000000000000 XMM03=00000000000000000000000000000000 XMM04=000000000000000000000000000000ff XMM05=00000000000000000000000000000000 XMM06=0000000000000000000000524f525245 XMM07=00000000000000000000000000000000 XMM08=000000000000000000524f5252450040 XMM09=00000000000000000000000000000000 XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000 info registers vcpu 1 RAX=000000000000006f RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff824f8615 RDI=ffffffff87f0bdc0 RBP=ffffffff87f0bd80 RSP=ffff888042b47660 R8 =0000000000000001 R9 =000000000000000a R10=000000000000006f R11=0000000000000001 R12=000000000000006f R13=ffffffff87f0bd80 R14=0000000000000010 R15=ffffffff824f8600 RIP=ffffffff824f866d RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 00007ff795bae700 00000000 00000000 GS =0000 ffff88806cf00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007f3cbf159de0 CR3=000000000f2bc000 CR4=00350ee0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=00000000000000000000000000000000 XMM01=00007ff79871f7c000007ff79871f7c8 XMM02=00007ff79871f7e000007ff79871f7c0 XMM03=00007ff79871f7c800007ff79871f7c0 XMM04=ffffffffffffffffffffffff00000000 XMM05=00000000000000000000000000000000 XMM06=0000000000000000000000524f525245 XMM07=00000000000000000000000000000000 XMM08=000000000000000000524f5252450040 XMM09=00000000000000000000000000000000 XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000