Warning: Permanently added '[localhost]:35182' (ECDSA) to the list of known hosts. 2023/03/27 11:10:43 fuzzer started 2023/03/27 11:10:43 dialing manager at localhost:45291 syzkaller login: [ 40.771803] cgroup: Unknown subsys name 'net' [ 40.855366] cgroup: Unknown subsys name 'rlimit' 2023/03/27 11:10:56 syscalls: 2217 2023/03/27 11:10:56 code coverage: enabled 2023/03/27 11:10:56 comparison tracing: enabled 2023/03/27 11:10:56 extra coverage: enabled 2023/03/27 11:10:56 setuid sandbox: enabled 2023/03/27 11:10:56 namespace sandbox: enabled 2023/03/27 11:10:56 Android sandbox: enabled 2023/03/27 11:10:56 fault injection: enabled 2023/03/27 11:10:56 leak checking: enabled 2023/03/27 11:10:56 net packet injection: enabled 2023/03/27 11:10:56 net device setup: enabled 2023/03/27 11:10:56 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2023/03/27 11:10:56 devlink PCI setup: PCI device 0000:00:10.0 is not available 2023/03/27 11:10:56 USB emulation: enabled 2023/03/27 11:10:56 hci packet injection: enabled 2023/03/27 11:10:56 wifi device emulation: enabled 2023/03/27 11:10:56 802.15.4 emulation: enabled 2023/03/27 11:10:56 fetching corpus: 0, signal 0/2000 (executing program) 2023/03/27 11:10:56 fetching corpus: 37, signal 23772/27305 (executing program) 2023/03/27 11:10:56 fetching corpus: 85, signal 40955/45673 (executing program) 2023/03/27 11:10:56 fetching corpus: 135, signal 52348/58173 (executing program) 2023/03/27 11:10:56 fetching corpus: 185, signal 59292/66202 (executing program) 2023/03/27 11:10:57 fetching corpus: 235, signal 66069/73919 (executing program) 2023/03/27 11:10:57 fetching corpus: 285, signal 69976/78827 (executing program) 2023/03/27 11:10:57 fetching corpus: 335, signal 74367/84102 (executing program) 2023/03/27 11:10:57 fetching corpus: 385, signal 81231/91466 (executing program) 2023/03/27 11:10:57 fetching corpus: 435, signal 85705/96661 (executing program) 2023/03/27 11:10:57 fetching corpus: 485, signal 89900/101438 (executing program) 2023/03/27 11:10:57 fetching corpus: 535, signal 94715/106680 (executing program) 2023/03/27 11:10:57 fetching corpus: 585, signal 97814/110361 (executing program) 2023/03/27 11:10:58 fetching corpus: 635, signal 101269/114250 (executing program) 2023/03/27 11:10:58 fetching corpus: 685, signal 103967/117404 (executing program) 2023/03/27 11:10:58 fetching corpus: 735, signal 106461/120363 (executing program) 2023/03/27 11:10:58 fetching corpus: 785, signal 108825/123141 (executing program) 2023/03/27 11:10:58 fetching corpus: 835, signal 111358/126016 (executing program) 2023/03/27 11:10:58 fetching corpus: 885, signal 113422/128472 (executing program) 2023/03/27 11:10:58 fetching corpus: 934, signal 115500/130875 (executing program) 2023/03/27 11:10:59 fetching corpus: 984, signal 117708/133349 (executing program) 2023/03/27 11:10:59 fetching corpus: 1033, signal 119158/135230 (executing program) 2023/03/27 11:10:59 fetching corpus: 1083, signal 121430/137656 (executing program) 2023/03/27 11:10:59 fetching corpus: 1133, signal 123151/139603 (executing program) 2023/03/27 11:10:59 fetching corpus: 1182, signal 124207/141085 (executing program) 2023/03/27 11:10:59 fetching corpus: 1232, signal 125729/142864 (executing program) 2023/03/27 11:10:59 fetching corpus: 1282, signal 127446/144718 (executing program) 2023/03/27 11:10:59 fetching corpus: 1332, signal 128749/146274 (executing program) 2023/03/27 11:11:00 fetching corpus: 1382, signal 131227/148620 (executing program) 2023/03/27 11:11:00 fetching corpus: 1432, signal 133285/150622 (executing program) 2023/03/27 11:11:00 fetching corpus: 1480, signal 135127/152483 (executing program) 2023/03/27 11:11:00 fetching corpus: 1529, signal 136864/154262 (executing program) 2023/03/27 11:11:00 fetching corpus: 1579, signal 138171/155654 (executing program) 2023/03/27 11:11:00 fetching corpus: 1629, signal 139635/157106 (executing program) 2023/03/27 11:11:00 fetching corpus: 1678, signal 141169/158564 (executing program) 2023/03/27 11:11:01 fetching corpus: 1728, signal 143529/160503 (executing program) 2023/03/27 11:11:01 fetching corpus: 1778, signal 144811/161750 (executing program) 2023/03/27 11:11:01 fetching corpus: 1828, signal 146162/163051 (executing program) 2023/03/27 11:11:01 fetching corpus: 1878, signal 148071/164598 (executing program) 2023/03/27 11:11:01 fetching corpus: 1928, signal 150067/166169 (executing program) 2023/03/27 11:11:01 fetching corpus: 1978, signal 151545/167444 (executing program) 2023/03/27 11:11:01 fetching corpus: 2027, signal 152979/168637 (executing program) 2023/03/27 11:11:02 fetching corpus: 2076, signal 154464/169801 (executing program) 2023/03/27 11:11:02 fetching corpus: 2125, signal 156120/171000 (executing program) 2023/03/27 11:11:02 fetching corpus: 2175, signal 157524/172033 (executing program) 2023/03/27 11:11:02 fetching corpus: 2225, signal 158618/172918 (executing program) 2023/03/27 11:11:02 fetching corpus: 2275, signal 160453/174175 (executing program) 2023/03/27 11:11:02 fetching corpus: 2325, signal 161604/174983 (executing program) 2023/03/27 11:11:03 fetching corpus: 2375, signal 163284/176057 (executing program) 2023/03/27 11:11:03 fetching corpus: 2425, signal 163759/176518 (executing program) 2023/03/27 11:11:03 fetching corpus: 2475, signal 164701/177215 (executing program) 2023/03/27 11:11:03 fetching corpus: 2525, signal 165402/177759 (executing program) 2023/03/27 11:11:03 fetching corpus: 2574, signal 166640/178535 (executing program) 2023/03/27 11:11:03 fetching corpus: 2624, signal 167871/179286 (executing program) 2023/03/27 11:11:03 fetching corpus: 2674, signal 168826/179932 (executing program) 2023/03/27 11:11:03 fetching corpus: 2724, signal 169831/180511 (executing program) 2023/03/27 11:11:04 fetching corpus: 2774, signal 171110/181209 (executing program) 2023/03/27 11:11:04 fetching corpus: 2824, signal 171879/181703 (executing program) 2023/03/27 11:11:04 fetching corpus: 2874, signal 172678/182154 (executing program) 2023/03/27 11:11:04 fetching corpus: 2924, signal 173923/182831 (executing program) 2023/03/27 11:11:04 fetching corpus: 2974, signal 174706/183262 (executing program) 2023/03/27 11:11:04 fetching corpus: 3024, signal 175551/183682 (executing program) 2023/03/27 11:11:04 fetching corpus: 3074, signal 176031/183950 (executing program) 2023/03/27 11:11:04 fetching corpus: 3122, signal 176733/184297 (executing program) 2023/03/27 11:11:05 fetching corpus: 3171, signal 177510/184671 (executing program) 2023/03/27 11:11:05 fetching corpus: 3221, signal 178377/185027 (executing program) 2023/03/27 11:11:05 fetching corpus: 3271, signal 179034/185325 (executing program) 2023/03/27 11:11:05 fetching corpus: 3321, signal 179737/185643 (executing program) 2023/03/27 11:11:05 fetching corpus: 3371, signal 180980/186073 (executing program) 2023/03/27 11:11:05 fetching corpus: 3421, signal 181956/186372 (executing program) 2023/03/27 11:11:05 fetching corpus: 3471, signal 182473/186586 (executing program) 2023/03/27 11:11:05 fetching corpus: 3521, signal 183853/186985 (executing program) 2023/03/27 11:11:06 fetching corpus: 3571, signal 184452/187146 (executing program) 2023/03/27 11:11:06 fetching corpus: 3604, signal 185023/187321 (executing program) 2023/03/27 11:11:06 fetching corpus: 3604, signal 185023/187343 (executing program) 2023/03/27 11:11:06 fetching corpus: 3604, signal 185023/187384 (executing program) 2023/03/27 11:11:06 fetching corpus: 3604, signal 185023/187417 (executing program) 2023/03/27 11:11:06 fetching corpus: 3604, signal 185023/187449 (executing program) 2023/03/27 11:11:06 fetching corpus: 3604, signal 185023/187476 (executing program) 2023/03/27 11:11:06 fetching corpus: 3604, signal 185023/187512 (executing program) 2023/03/27 11:11:06 fetching corpus: 3605, signal 185199/187575 (executing program) 2023/03/27 11:11:06 fetching corpus: 3605, signal 185199/187606 (executing program) 2023/03/27 11:11:06 fetching corpus: 3605, signal 185199/187636 (executing program) 2023/03/27 11:11:06 fetching corpus: 3605, signal 185199/187659 (executing program) 2023/03/27 11:11:06 fetching corpus: 3605, signal 185199/187684 (executing program) 2023/03/27 11:11:06 fetching corpus: 3605, signal 185199/187711 (executing program) 2023/03/27 11:11:06 fetching corpus: 3605, signal 185199/187739 (executing program) 2023/03/27 11:11:06 fetching corpus: 3605, signal 185199/187760 (executing program) 2023/03/27 11:11:06 fetching corpus: 3607, signal 185201/187785 (executing program) 2023/03/27 11:11:06 fetching corpus: 3607, signal 185201/187813 (executing program) 2023/03/27 11:11:06 fetching corpus: 3607, signal 185201/187839 (executing program) 2023/03/27 11:11:06 fetching corpus: 3607, signal 185201/187869 (executing program) 2023/03/27 11:11:06 fetching corpus: 3608, signal 185206/187897 (executing program) 2023/03/27 11:11:06 fetching corpus: 3608, signal 185206/187944 (executing program) 2023/03/27 11:11:06 fetching corpus: 3608, signal 185206/187944 (executing program) 2023/03/27 11:11:09 starting 8 fuzzer processes 11:11:09 executing program 0: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) process_madvise(0xffffffffffffffff, 0x0, 0xfffffffffffffec0, 0x0, 0x0) 11:11:09 executing program 1: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x1c5042, 0x0) removexattr(&(0x7f0000000000)='./file1\x00', &(0x7f0000000100)=@known='system.posix_acl_access\x00') 11:11:09 executing program 2: io_setup(0xd29, &(0x7f0000000780)=0x0) r1 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TIOCVHANGUP(r1, 0x5437, 0x0) io_submit(r0, 0x1, &(0x7f0000000340)=[&(0x7f0000000080)={0x0, 0x0, 0x0, 0x1, 0x0, r1, 0x0}]) [ 66.203600] audit: type=1400 audit(1679915469.039:6): avc: denied { execmem } for pid=258 comm="syz-executor.0" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1 11:11:09 executing program 4: r0 = syz_open_dev$evdev(&(0x7f00000000c0), 0x0, 0x0) r1 = dup(r0) ioctl$EVIOCGUNIQ(r1, 0x80404508, 0x0) 11:11:09 executing program 3: syz_open_dev$loop(&(0x7f0000000140), 0x0, 0x0) r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000380), 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_PROTOVER(0xffffffffffffffff, 0xc0189372, 0x0) sendmmsg$unix(0xffffffffffffffff, &(0x7f00000001c0), 0x0, 0x4800) ioctl$LOOP_SET_BLOCK_SIZE(0xffffffffffffffff, 0x4c09, 0xa4b1) openat(0xffffffffffffffff, &(0x7f0000000000)='./file1\x00', 0x400, 0x20) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) ioctl$LOOP_SET_BLOCK_SIZE(r1, 0x4c09, 0x0) fallocate(r1, 0x0, 0x0, 0x87ffffc) readv(r1, &(0x7f0000000300)=[{0x0}, {&(0x7f0000000340)=""/30, 0x2b}], 0x24) ioctl$LOOP_SET_BLOCK_SIZE(r0, 0x4c09, 0x80000001) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) perf_event_open(&(0x7f0000001840)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x3) write(r2, &(0x7f0000000080)="01", 0x292e9) sendmsg$NL80211_CMD_FRAME_WAIT_CANCEL(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)=ANY=[@ANYBLOB='d\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000428bd7000fedbdf254300000008000300", @ANYRES32=0x0, @ANYBLOB="0c0058094a000000000000000c00580048000000000000000c00580050000000000000000c00580013000000000000000c003ef5de3093f13ea333a6ce896d58001c000000000000"], 0x64}, 0x1, 0x0, 0x0, 0x48880}, 0x4) 11:11:09 executing program 5: r0 = socket$nl_sock_diag(0x10, 0x3, 0x4) setsockopt$sock_int(r0, 0x1, 0x3c, &(0x7f0000000080), 0x4) 11:11:09 executing program 7: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="cc0000001b0001000000000000000000e0000001000000000000000000000000fe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000000000000000000009d8e102000000000000000000000000000000000000000000feff970007000000000000000000000000000000512851cd8b72897a00000000000000d4b9000075e283995bf57d02ee62dd000000000000000000000000000062000000f3"], 0xcc}}, 0x0) 11:11:09 executing program 6: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_TCP_MD5SIG(r0, 0x6, 0xe, &(0x7f00000000c0)={@in6={{0xa, 0x0, 0x0, @loopback}}, 0x0, 0x0, 0x3f, 0x0, "704f5992d666aa2888e479ca552ee155f638582a91ca97213cf4774a2e4c350cdc3f9f62a4c21970bd149a52fa311b916bf00b51b808c412ed6b9fcbb5be4a2fb7dd8fd0dfa22b4100"}, 0xd8) setsockopt$inet6_tcp_TCP_MD5SIG(r0, 0x6, 0xe, &(0x7f0000000340)={@in6={{0xa, 0x0, 0x0, @loopback}}, 0x0, 0x0, 0x0, 0x0, "8fcf37e83856fa6b4f208edebad177093eb0bca98099ec47386a6063f1ddb9f48fafedb7ea3e381106d7b1e4f1a38c361b3146c3f222a763f9fbb240b192309012da6ecff1e5db9f4ecc20c137a8efa8"}, 0xf0) setsockopt$inet6_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f0000000000)=0x1, 0x4) connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) [ 67.426646] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 67.429263] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 67.430596] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 67.433975] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 67.437448] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 67.438970] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 67.481219] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 67.482598] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 67.492604] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 67.495233] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 67.496981] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 67.497908] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 67.499209] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 67.500991] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 67.502605] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 67.504097] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 67.505268] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 67.506360] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 67.507308] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 67.508333] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 67.509238] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 67.510442] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 67.512850] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 67.522510] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 67.524242] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 67.525909] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 67.527206] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 67.529746] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 67.530931] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 67.532661] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 67.534004] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 67.535241] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 67.536793] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 67.542120] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 67.548592] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 67.560931] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 67.563615] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 67.563650] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 67.566850] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 67.589849] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 67.591594] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 67.593815] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 67.605846] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 67.608961] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 67.611420] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 67.618172] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 67.619752] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 67.621522] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 69.510121] Bluetooth: hci0: command 0x0409 tx timeout [ 69.574145] Bluetooth: hci6: command 0x0409 tx timeout [ 69.574179] Bluetooth: hci1: command 0x0409 tx timeout [ 69.637140] Bluetooth: hci7: command 0x0409 tx timeout [ 69.637774] Bluetooth: hci5: command 0x0409 tx timeout [ 69.638323] Bluetooth: hci2: command 0x0409 tx timeout [ 69.638776] Bluetooth: hci4: command 0x0409 tx timeout [ 69.639242] Bluetooth: hci3: command 0x0409 tx timeout [ 71.557094] Bluetooth: hci0: command 0x041b tx timeout [ 71.621130] Bluetooth: hci1: command 0x041b tx timeout [ 71.621534] Bluetooth: hci6: command 0x041b tx timeout [ 71.685323] Bluetooth: hci3: command 0x041b tx timeout [ 71.685724] Bluetooth: hci4: command 0x041b tx timeout [ 71.686138] Bluetooth: hci2: command 0x041b tx timeout [ 71.686521] Bluetooth: hci5: command 0x041b tx timeout [ 71.686880] Bluetooth: hci7: command 0x041b tx timeout [ 73.605081] Bluetooth: hci0: command 0x040f tx timeout [ 73.669154] Bluetooth: hci6: command 0x040f tx timeout [ 73.669571] Bluetooth: hci1: command 0x040f tx timeout [ 73.733332] Bluetooth: hci7: command 0x040f tx timeout [ 73.733739] Bluetooth: hci5: command 0x040f tx timeout [ 73.734132] Bluetooth: hci2: command 0x040f tx timeout [ 73.734501] Bluetooth: hci4: command 0x040f tx timeout [ 73.734855] Bluetooth: hci3: command 0x040f tx timeout [ 75.653062] Bluetooth: hci0: command 0x0419 tx timeout [ 75.717098] Bluetooth: hci1: command 0x0419 tx timeout [ 75.717508] Bluetooth: hci6: command 0x0419 tx timeout [ 75.781093] Bluetooth: hci3: command 0x0419 tx timeout [ 75.781538] Bluetooth: hci4: command 0x0419 tx timeout [ 75.781885] Bluetooth: hci2: command 0x0419 tx timeout [ 75.782273] Bluetooth: hci5: command 0x0419 tx timeout [ 75.782647] Bluetooth: hci7: command 0x0419 tx timeout [ 107.540546] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 107.541360] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 107.543038] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 107.685845] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 107.686490] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 107.688218] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 108.557873] audit: type=1400 audit(1679915511.393:7): avc: denied { open } for pid=3793 comm="syz-executor.3" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 [ 108.559167] audit: type=1400 audit(1679915511.393:8): avc: denied { kernel } for pid=3793 comm="syz-executor.3" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 [ 108.694314] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 108.694921] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 108.696460] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready 11:11:51 executing program 3: syz_open_dev$loop(&(0x7f0000000140), 0x0, 0x0) r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000380), 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_PROTOVER(0xffffffffffffffff, 0xc0189372, 0x0) sendmmsg$unix(0xffffffffffffffff, &(0x7f00000001c0), 0x0, 0x4800) ioctl$LOOP_SET_BLOCK_SIZE(0xffffffffffffffff, 0x4c09, 0xa4b1) openat(0xffffffffffffffff, &(0x7f0000000000)='./file1\x00', 0x400, 0x20) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) ioctl$LOOP_SET_BLOCK_SIZE(r1, 0x4c09, 0x0) fallocate(r1, 0x0, 0x0, 0x87ffffc) readv(r1, &(0x7f0000000300)=[{0x0}, {&(0x7f0000000340)=""/30, 0x2b}], 0x24) ioctl$LOOP_SET_BLOCK_SIZE(r0, 0x4c09, 0x80000001) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) perf_event_open(&(0x7f0000001840)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x3) write(r2, &(0x7f0000000080)="01", 0x292e9) sendmsg$NL80211_CMD_FRAME_WAIT_CANCEL(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)=ANY=[@ANYBLOB='d\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000428bd7000fedbdf254300000008000300", @ANYRES32=0x0, @ANYBLOB="0c0058094a000000000000000c00580048000000000000000c00580050000000000000000c00580013000000000000000c003ef5de3093f13ea333a6ce896d58001c000000000000"], 0x64}, 0x1, 0x0, 0x0, 0x48880}, 0x4) [ 108.817234] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 108.817876] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 108.819510] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready 11:11:51 executing program 3: syz_open_dev$loop(&(0x7f0000000140), 0x0, 0x0) r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000380), 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_PROTOVER(0xffffffffffffffff, 0xc0189372, 0x0) sendmmsg$unix(0xffffffffffffffff, &(0x7f00000001c0), 0x0, 0x4800) ioctl$LOOP_SET_BLOCK_SIZE(0xffffffffffffffff, 0x4c09, 0xa4b1) openat(0xffffffffffffffff, &(0x7f0000000000)='./file1\x00', 0x400, 0x20) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) ioctl$LOOP_SET_BLOCK_SIZE(r1, 0x4c09, 0x0) fallocate(r1, 0x0, 0x0, 0x87ffffc) readv(r1, &(0x7f0000000300)=[{0x0}, {&(0x7f0000000340)=""/30, 0x2b}], 0x24) ioctl$LOOP_SET_BLOCK_SIZE(r0, 0x4c09, 0x80000001) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) perf_event_open(&(0x7f0000001840)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x3) write(r2, &(0x7f0000000080)="01", 0x292e9) sendmsg$NL80211_CMD_FRAME_WAIT_CANCEL(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)=ANY=[@ANYBLOB='d\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000428bd7000fedbdf254300000008000300", @ANYRES32=0x0, @ANYBLOB="0c0058094a000000000000000c00580048000000000000000c00580050000000000000000c00580013000000000000000c003ef5de3093f13ea333a6ce896d58001c000000000000"], 0x64}, 0x1, 0x0, 0x0, 0x48880}, 0x4) [ 109.003028] hrtimer: interrupt took 19236 ns 11:11:51 executing program 3: syz_open_dev$loop(&(0x7f0000000140), 0x0, 0x0) r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000380), 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_PROTOVER(0xffffffffffffffff, 0xc0189372, 0x0) sendmmsg$unix(0xffffffffffffffff, &(0x7f00000001c0), 0x0, 0x4800) ioctl$LOOP_SET_BLOCK_SIZE(0xffffffffffffffff, 0x4c09, 0xa4b1) openat(0xffffffffffffffff, &(0x7f0000000000)='./file1\x00', 0x400, 0x20) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) ioctl$LOOP_SET_BLOCK_SIZE(r1, 0x4c09, 0x0) fallocate(r1, 0x0, 0x0, 0x87ffffc) readv(r1, &(0x7f0000000300)=[{0x0}, {&(0x7f0000000340)=""/30, 0x2b}], 0x24) ioctl$LOOP_SET_BLOCK_SIZE(r0, 0x4c09, 0x80000001) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) perf_event_open(&(0x7f0000001840)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x3) write(r2, &(0x7f0000000080)="01", 0x292e9) sendmsg$NL80211_CMD_FRAME_WAIT_CANCEL(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)=ANY=[@ANYBLOB='d\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000428bd7000fedbdf254300000008000300", @ANYRES32=0x0, @ANYBLOB="0c0058094a000000000000000c00580048000000000000000c00580050000000000000000c00580013000000000000000c003ef5de3093f13ea333a6ce896d58001c000000000000"], 0x64}, 0x1, 0x0, 0x0, 0x48880}, 0x4) [ 109.102318] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 109.102896] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 109.104593] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 109.181667] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 109.182445] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 109.184050] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready 11:11:52 executing program 3: r0 = io_uring_setup(0x2a6e, &(0x7f0000000040)) fremovexattr(r0, &(0x7f00000004c0)=@known='security.selinux\x00') 11:11:52 executing program 3: r0 = io_uring_setup(0x2a6e, &(0x7f0000000040)) fremovexattr(r0, &(0x7f00000004c0)=@known='security.selinux\x00') 11:11:52 executing program 3: r0 = io_uring_setup(0x2a6e, &(0x7f0000000040)) fremovexattr(r0, &(0x7f00000004c0)=@known='security.selinux\x00') [ 109.525309] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 109.526781] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 109.540160] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 109.570576] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 109.571578] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 109.573912] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready 11:11:52 executing program 3: r0 = io_uring_setup(0x2a6e, &(0x7f0000000040)) fremovexattr(r0, &(0x7f00000004c0)=@known='security.selinux\x00') [ 109.698893] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 109.699521] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 109.700915] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready 11:11:52 executing program 3: r0 = io_uring_setup(0x2a6e, &(0x7f0000000040)) fremovexattr(r0, &(0x7f00000004c0)=@known='security.selinux\x00') [ 109.760238] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 109.760865] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 109.762391] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 109.798813] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 109.800003] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 109.802696] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 109.926674] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 109.927667] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 109.929386] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 109.956669] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.7'. [ 110.045929] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 110.046718] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 110.048620] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 110.106544] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 110.107523] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 110.110036] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 110.168459] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 110.169736] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 110.171918] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 110.232619] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 110.233831] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 110.235790] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready 11:11:53 executing program 0: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) process_madvise(0xffffffffffffffff, 0x0, 0xfffffffffffffec0, 0x0, 0x0) 11:11:53 executing program 2: io_setup(0xd29, &(0x7f0000000780)=0x0) r1 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TIOCVHANGUP(r1, 0x5437, 0x0) io_submit(r0, 0x1, &(0x7f0000000340)=[&(0x7f0000000080)={0x0, 0x0, 0x0, 0x1, 0x0, r1, 0x0}]) 11:11:53 executing program 1: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_TCP_MD5SIG(r0, 0x6, 0xe, &(0x7f00000000c0)={@in6={{0xa, 0x0, 0x0, @loopback}}, 0x0, 0x0, 0x3f, 0x0, "704f5992d666aa2888e479ca552ee155f638582a91ca97213cf4774a2e4c350cdc3f9f62a4c21970bd149a52fa311b916bf00b51b808c412ed6b9fcbb5be4a2fb7dd8fd0dfa22b4100"}, 0xd8) setsockopt$inet6_tcp_TCP_MD5SIG(r0, 0x6, 0xe, &(0x7f0000000340)={@in6={{0xa, 0x0, 0x0, @loopback}}, 0x0, 0x0, 0x0, 0x0, "8fcf37e83856fa6b4f208edebad177093eb0bca98099ec47386a6063f1ddb9f48fafedb7ea3e381106d7b1e4f1a38c361b3146c3f222a763f9fbb240b192309012da6ecff1e5db9f4ecc20c137a8efa8"}, 0xf0) setsockopt$inet6_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f0000000000)=0x1, 0x4) connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) 11:11:53 executing program 6: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_TCP_MD5SIG(r0, 0x6, 0xe, &(0x7f00000000c0)={@in6={{0xa, 0x0, 0x0, @loopback}}, 0x0, 0x0, 0x3f, 0x0, "704f5992d666aa2888e479ca552ee155f638582a91ca97213cf4774a2e4c350cdc3f9f62a4c21970bd149a52fa311b916bf00b51b808c412ed6b9fcbb5be4a2fb7dd8fd0dfa22b4100"}, 0xd8) setsockopt$inet6_tcp_TCP_MD5SIG(r0, 0x6, 0xe, &(0x7f0000000340)={@in6={{0xa, 0x0, 0x0, @loopback}}, 0x0, 0x0, 0x0, 0x0, "8fcf37e83856fa6b4f208edebad177093eb0bca98099ec47386a6063f1ddb9f48fafedb7ea3e381106d7b1e4f1a38c361b3146c3f222a763f9fbb240b192309012da6ecff1e5db9f4ecc20c137a8efa8"}, 0xf0) setsockopt$inet6_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f0000000000)=0x1, 0x4) connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) 11:11:53 executing program 3: r0 = io_uring_setup(0x2a6e, &(0x7f0000000040)) fremovexattr(r0, &(0x7f00000004c0)=@known='security.selinux\x00') 11:11:53 executing program 5: r0 = socket$nl_sock_diag(0x10, 0x3, 0x4) setsockopt$sock_int(r0, 0x1, 0x3c, &(0x7f0000000080), 0x4) 11:11:53 executing program 7: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="cc0000001b0001000000000000000000e0000001000000000000000000000000fe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000000000000000000009d8e102000000000000000000000000000000000000000000feff970007000000000000000000000000000000512851cd8b72897a00000000000000d4b9000075e283995bf57d02ee62dd000000000000000000000000000062000000f3"], 0xcc}}, 0x0) 11:11:53 executing program 4: r0 = syz_open_dev$evdev(&(0x7f00000000c0), 0x0, 0x0) r1 = dup(r0) ioctl$EVIOCGUNIQ(r1, 0x80404508, 0x0) [ 110.871095] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.7'. 11:11:53 executing program 5: r0 = socket$nl_sock_diag(0x10, 0x3, 0x4) setsockopt$sock_int(r0, 0x1, 0x3c, &(0x7f0000000080), 0x4) 11:11:53 executing program 3: r0 = io_uring_setup(0x2a6e, &(0x7f0000000040)) fremovexattr(r0, &(0x7f00000004c0)=@known='security.selinux\x00') 11:11:53 executing program 7: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="cc0000001b0001000000000000000000e0000001000000000000000000000000fe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000000000000000000009d8e102000000000000000000000000000000000000000000feff970007000000000000000000000000000000512851cd8b72897a00000000000000d4b9000075e283995bf57d02ee62dd000000000000000000000000000062000000f3"], 0xcc}}, 0x0) 11:11:53 executing program 6: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_TCP_MD5SIG(r0, 0x6, 0xe, &(0x7f00000000c0)={@in6={{0xa, 0x0, 0x0, @loopback}}, 0x0, 0x0, 0x3f, 0x0, "704f5992d666aa2888e479ca552ee155f638582a91ca97213cf4774a2e4c350cdc3f9f62a4c21970bd149a52fa311b916bf00b51b808c412ed6b9fcbb5be4a2fb7dd8fd0dfa22b4100"}, 0xd8) setsockopt$inet6_tcp_TCP_MD5SIG(r0, 0x6, 0xe, &(0x7f0000000340)={@in6={{0xa, 0x0, 0x0, @loopback}}, 0x0, 0x0, 0x0, 0x0, "8fcf37e83856fa6b4f208edebad177093eb0bca98099ec47386a6063f1ddb9f48fafedb7ea3e381106d7b1e4f1a38c361b3146c3f222a763f9fbb240b192309012da6ecff1e5db9f4ecc20c137a8efa8"}, 0xf0) setsockopt$inet6_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f0000000000)=0x1, 0x4) connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) 11:11:53 executing program 4: r0 = syz_open_dev$evdev(&(0x7f00000000c0), 0x0, 0x0) r1 = dup(r0) ioctl$EVIOCGUNIQ(r1, 0x80404508, 0x0) 11:11:53 executing program 1: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_TCP_MD5SIG(r0, 0x6, 0xe, &(0x7f00000000c0)={@in6={{0xa, 0x0, 0x0, @loopback}}, 0x0, 0x0, 0x3f, 0x0, "704f5992d666aa2888e479ca552ee155f638582a91ca97213cf4774a2e4c350cdc3f9f62a4c21970bd149a52fa311b916bf00b51b808c412ed6b9fcbb5be4a2fb7dd8fd0dfa22b4100"}, 0xd8) setsockopt$inet6_tcp_TCP_MD5SIG(r0, 0x6, 0xe, &(0x7f0000000340)={@in6={{0xa, 0x0, 0x0, @loopback}}, 0x0, 0x0, 0x0, 0x0, "8fcf37e83856fa6b4f208edebad177093eb0bca98099ec47386a6063f1ddb9f48fafedb7ea3e381106d7b1e4f1a38c361b3146c3f222a763f9fbb240b192309012da6ecff1e5db9f4ecc20c137a8efa8"}, 0xf0) setsockopt$inet6_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f0000000000)=0x1, 0x4) connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) [ 110.988167] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.7'. 11:11:53 executing program 0: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) process_madvise(0xffffffffffffffff, 0x0, 0xfffffffffffffec0, 0x0, 0x0) 11:11:53 executing program 7: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="cc0000001b0001000000000000000000e0000001000000000000000000000000fe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000000000000000000009d8e102000000000000000000000000000000000000000000feff970007000000000000000000000000000000512851cd8b72897a00000000000000d4b9000075e283995bf57d02ee62dd000000000000000000000000000062000000f3"], 0xcc}}, 0x0) 11:11:53 executing program 5: r0 = socket$nl_sock_diag(0x10, 0x3, 0x4) setsockopt$sock_int(r0, 0x1, 0x3c, &(0x7f0000000080), 0x4) 11:11:53 executing program 6: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_TCP_MD5SIG(r0, 0x6, 0xe, &(0x7f00000000c0)={@in6={{0xa, 0x0, 0x0, @loopback}}, 0x0, 0x0, 0x3f, 0x0, "704f5992d666aa2888e479ca552ee155f638582a91ca97213cf4774a2e4c350cdc3f9f62a4c21970bd149a52fa311b916bf00b51b808c412ed6b9fcbb5be4a2fb7dd8fd0dfa22b4100"}, 0xd8) setsockopt$inet6_tcp_TCP_MD5SIG(r0, 0x6, 0xe, &(0x7f0000000340)={@in6={{0xa, 0x0, 0x0, @loopback}}, 0x0, 0x0, 0x0, 0x0, "8fcf37e83856fa6b4f208edebad177093eb0bca98099ec47386a6063f1ddb9f48fafedb7ea3e381106d7b1e4f1a38c361b3146c3f222a763f9fbb240b192309012da6ecff1e5db9f4ecc20c137a8efa8"}, 0xf0) setsockopt$inet6_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f0000000000)=0x1, 0x4) connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) 11:11:53 executing program 1: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_TCP_MD5SIG(r0, 0x6, 0xe, &(0x7f00000000c0)={@in6={{0xa, 0x0, 0x0, @loopback}}, 0x0, 0x0, 0x3f, 0x0, "704f5992d666aa2888e479ca552ee155f638582a91ca97213cf4774a2e4c350cdc3f9f62a4c21970bd149a52fa311b916bf00b51b808c412ed6b9fcbb5be4a2fb7dd8fd0dfa22b4100"}, 0xd8) setsockopt$inet6_tcp_TCP_MD5SIG(r0, 0x6, 0xe, &(0x7f0000000340)={@in6={{0xa, 0x0, 0x0, @loopback}}, 0x0, 0x0, 0x0, 0x0, "8fcf37e83856fa6b4f208edebad177093eb0bca98099ec47386a6063f1ddb9f48fafedb7ea3e381106d7b1e4f1a38c361b3146c3f222a763f9fbb240b192309012da6ecff1e5db9f4ecc20c137a8efa8"}, 0xf0) setsockopt$inet6_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f0000000000)=0x1, 0x4) connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) 11:11:53 executing program 4: r0 = syz_open_dev$evdev(&(0x7f00000000c0), 0x0, 0x0) r1 = dup(r0) ioctl$EVIOCGUNIQ(r1, 0x80404508, 0x0) 11:11:53 executing program 2: io_setup(0xd29, &(0x7f0000000780)=0x0) r1 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TIOCVHANGUP(r1, 0x5437, 0x0) io_submit(r0, 0x1, &(0x7f0000000340)=[&(0x7f0000000080)={0x0, 0x0, 0x0, 0x1, 0x0, r1, 0x0}]) [ 111.093000] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.7'. 11:11:53 executing program 3: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000004c0)=@acquire={0x128, 0x17, 0x12f, 0x0, 0x0, {{@in6=@remote}, @in6=@ipv4={'\x00', '\xff\xff', @multicast2}, {@in6=@private0, @in=@broadcast, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {{@in=@loopback, @in6=@private0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}}}}, 0x128}}, 0x0) 11:11:54 executing program 3: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000004c0)=@acquire={0x128, 0x17, 0x12f, 0x0, 0x0, {{@in6=@remote}, @in6=@ipv4={'\x00', '\xff\xff', @multicast2}, {@in6=@private0, @in=@broadcast, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {{@in=@loopback, @in6=@private0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}}}}, 0x128}}, 0x0) 11:11:54 executing program 0: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) process_madvise(0xffffffffffffffff, 0x0, 0xfffffffffffffec0, 0x0, 0x0) 11:11:54 executing program 7: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x8, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$AUTOFS_DEV_IOCTL_VERSION(0xffffffffffffffff, 0xc0189371, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x77, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f00000001c0)={0x123363500, &(0x7f0000000180), 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$sock_timeval(r0, 0x1, 0x49, &(0x7f0000000000)={0x77359400}, 0x10) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) 11:11:54 executing program 2: io_setup(0xd29, &(0x7f0000000780)=0x0) r1 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TIOCVHANGUP(r1, 0x5437, 0x0) io_submit(r0, 0x1, &(0x7f0000000340)=[&(0x7f0000000080)={0x0, 0x0, 0x0, 0x1, 0x0, r1, 0x0}]) 11:11:54 executing program 1: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_drop_memb(r0, 0x107, 0x11, 0x0, 0x0) 11:11:54 executing program 6: r0 = syz_open_dev$tty20(0xc, 0x4, 0x1) ioctl$KDFONTOP_SET(r0, 0x4b72, &(0x7f0000000000)={0x0, 0x0, 0x11, 0x0, 0x0, &(0x7f0000000140)="ea3dc82d22ab56c985b82e65ad4647d30270d511d2ba282e06e7a40c653cc34a92bb9a54d9620184e489ff00e04ac4788c0e9a73f289a86ab6576bbdeb5ff37e1653fd58c9526780aa171e596f066c6310884ab277bc3a6df569fd6f7297bf5ee2c13123610edaf4dc4f3fd84b92ead054ee5c4fe4a2ef9528acdd3997531fe338c32bcee325b466cd308343379f643c1bae6d27d29854d2fc6c7e2fce61a7643a931c9531573563ffc12d56b519673c5d9c353997ad34ba2c1256673901a90060a858c12304ea9d5fa76b57b924edeb1b1b59ccbd0c6c72a16ea9d6c8e015b3d8d5f848f1b2799487acb01ee47f7cacf2e4691b360d0b8b1452f23fbe4d55f7d0724a19ced5f777a62f2be0aa57697c50fbf8a2cdedcc4d39053110e9a36c993b53cda4294f62e4712ccd079c848b24e87292330b82ef2e46f8e6a9aad895c505f44718b56b0ca1cecb51eac0bf438f351a7b05986de15e0ba737d3925375fe86b7a6c7f324809592f35e331de6ffb1010ea08e348a928adfaa91523ac9c0a079f38226f167eb3b2fdb1ea0aaa2b9ca974dc8fdd196726f93115ec46b8fba7782978d0ba179c9e51a0b154fcd3c13a63bef261b51b9efed465662fd8ff20207ae1071c5031507d9d5de0812ceda26e0e1235c979eacf5ff9f11e093dedc91b172bbbd7fad6d35be0d5b0b75da95bea4624feb011a757ac70b4dde2e345f9b7ba5b5b3b17627ac2df426bb413186526cdcafcc1ffd24f69479c82b098920284a12b833a7318efe02a0bbfc67b5d5aa3b8d971fbae93502154032764cbbfbf01a77300150d88e015ad92455f177f28fc964b95f404490412edf2e7841b17f962dcdfd489db0ee366617390ce419d926786f5bc878811b52867c3600c46fe030926c9b6379f0350e7713dfaa729cff424daf146674b099d2a1939a9809ff9d21d01e95a6915038171d86b16acecad8f2cb00cd4a04c7dbe6be4e187a88e68c9bf5676c1287292baecb3c862fad907ac357f50b5f5668f2aa3085b2189f66eebd5fa40cf13fbc5312c230225517324318ac60dfe290180140312a8c8ad9d681faf9377ee41d5950d97a8939a393479b9cf917daee4b5faae2d8404a8ef443db86b2153470ef24e8c2553be41fe52e770c43666b84f1b49d019f714992c448cb88831085df116c62c989c1f1505acb38a7e3fee04c385de41a15adcb63133fcdea5f3caed32e163b07e85d0b0e23991bfce728c69f168a7d3b6f6b4949f587867362cc3c00f1c8e3ffc3b34a3d9c49fb051904ffcf6efbe0645470fa88544b32c44742f72c1ce0bc3ba06de58458c9422d56eb999b3efe319722c4be85fc2140d77982a6943d29477078b2ad4b986fe63d9c0408fa4611bcb68e76cdd96a77501b3d4a783151bd542eda0ba452c24220b855ac6c0ac3d62fc2a5d38fe7c1a7edbb9b"}) 11:11:54 executing program 5: r0 = syz_open_procfs(0x0, &(0x7f0000000040)='net/mcfilter\x00') preadv(r0, &(0x7f0000000680)=[{&(0x7f00000001c0)=""/195, 0xc3}], 0x1, 0x0, 0x0) 11:11:54 executing program 4: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x541b, 0x0) [ 111.270710] general protection fault, probably for non-canonical address 0xdffffc0004000038: 0000 [#1] PREEMPT SMP KASAN NOPTI [ 111.271548] KASAN: probably user-memory-access in range [0x00000000200001c0-0x00000000200001c7] [ 111.272138] CPU: 1 PID: 4001 Comm: syz-executor.5 Not tainted 6.3.0-rc3-next-20230327 #1 [ 111.274102] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 111.276845] RIP: 0010:do_iter_read+0x481/0x750 [ 111.277299] Code: 00 0f 85 52 02 00 00 4d 8b 7c 24 28 e8 48 2c c6 ff 48 8b 44 24 18 80 38 00 0f 85 1c 02 00 00 48 8b 43 18 48 89 c2 48 c1 ea 03 <42> 80 3c 32 00 0f 85 ef 01 00 00 48 8b 4c 24 20 48 8b 30 80 39 00 [ 111.278994] RSP: 0018:ffff88803fb6fc78 EFLAGS: 00010212 [ 111.279507] RAX: 00000000200001c0 RBX: ffff88803fb6fd60 RCX: ffffc9000380f000 [ 111.280183] RDX: 0000000004000038 RSI: ffffffff81855c98 RDI: 0000000000000007 [ 111.280841] RBP: 00000000000000c3 R08: 0000000000000007 R09: 0000000000000000 [ 111.281493] R10: 00000000000000c3 R11: 0000000000000001 R12: ffff88800f359400 [ 111.282148] R13: 0000000000000000 R14: dffffc0000000000 R15: ffffffff8491de20 [ 111.282858] FS: 00007f452667b700(0000) GS:ffff88806cf00000(0000) knlGS:0000000000000000 [ 111.283599] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 111.284149] CR2: 0000001b2c522000 CR3: 000000001f106000 CR4: 0000000000350ee0 [ 111.284858] Call Trace: [ 111.285104] [ 111.285325] ? import_iovec+0x87/0xb0 [ 111.285699] vfs_readv+0xe5/0x160 [ 111.286048] ? __pfx_vfs_readv+0x10/0x10 [ 111.286445] ? __fget_files+0x24e/0x480 [ 111.286466] ? lock_release+0x1e3/0x680 [ 111.286505] ? __schedule+0x995/0x2a00 [ 111.286540] ? __fget_files+0x270/0x480 [ 111.286564] __x64_sys_preadv+0x233/0x310 [ 111.286596] ? __pfx___x64_sys_preadv+0x10/0x10 [ 111.286629] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 11:11:54 executing program 0: setsockopt$inet_group_source_req(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) sendmsg$ETHTOOL_MSG_TSINFO_GET(0xffffffffffffffff, 0x0, 0x0) r0 = socket$inet_udp(0x2, 0x2, 0x0) geteuid() setsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x11, &(0x7f0000000300)={{{@in=@multicast2, @in6=@ipv4={'\x00', '\xff\xff', @dev}, 0x0, 0x0, 0x0, 0x6}, {}, {0x0, 0x0, 0x60f, 0x4}, 0x7fffffff}, {{@in6=@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x4d5, 0xff}, 0x0, @in6=@mcast1}}, 0xe8) getsockopt$IPT_SO_GET_INFO(0xffffffffffffffff, 0x0, 0x40, 0x0, 0x0) [ 111.286667] do_syscall_64+0x3f/0x90 [ 111.286690] entry_SYSCALL_64_after_hwframe+0x72/0xdc 11:11:54 executing program 7: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x8, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$AUTOFS_DEV_IOCTL_VERSION(0xffffffffffffffff, 0xc0189371, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x77, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f00000001c0)={0x123363500, &(0x7f0000000180), 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$sock_timeval(r0, 0x1, 0x49, &(0x7f0000000000)={0x77359400}, 0x10) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) [ 111.286715] RIP: 0033:0x7f4529105b19 [ 111.286730] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 111.286750] RSP: 002b:00007f452667b188 EFLAGS: 00000246 ORIG_RAX: 0000000000000127 [ 111.286770] RAX: ffffffffffffffda RBX: 00007f4529218f60 RCX: 00007f4529105b19 [ 111.286784] RDX: 0000000000000001 RSI: 0000000020000680 RDI: 0000000000000003 11:11:54 executing program 4: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x541b, 0x0) [ 111.286797] RBP: 00007f452915ff6d R08: 0000000000000000 R09: 0000000000000000 [ 111.286811] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 111.286824] R13: 00007ffcf4bbfe8f R14: 00007f452667b300 R15: 0000000000022000 11:11:54 executing program 1: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_drop_memb(r0, 0x107, 0x11, 0x0, 0x0) [ 111.286865] 11:11:54 executing program 7: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x8, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$AUTOFS_DEV_IOCTL_VERSION(0xffffffffffffffff, 0xc0189371, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x77, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f00000001c0)={0x123363500, &(0x7f0000000180), 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$sock_timeval(r0, 0x1, 0x49, &(0x7f0000000000)={0x77359400}, 0x10) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) [ 111.286871] Modules linked in: [ 111.286918] ---[ end trace 0000000000000000 ]--- [ 111.286927] RIP: 0010:do_iter_read+0x481/0x750 [ 111.286955] Code: 00 0f 85 52 02 00 00 4d 8b 7c 24 28 e8 48 2c c6 ff 48 8b 44 24 18 80 38 00 0f 85 1c 02 00 00 48 8b 43 18 48 89 c2 48 c1 ea 03 <42> 80 3c 32 00 0f 85 ef 01 00 00 48 8b 4c 24 20 48 8b 30 80 39 00 11:11:54 executing program 3: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000004c0)=@acquire={0x128, 0x17, 0x12f, 0x0, 0x0, {{@in6=@remote}, @in6=@ipv4={'\x00', '\xff\xff', @multicast2}, {@in6=@private0, @in=@broadcast, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {{@in=@loopback, @in6=@private0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}}}}, 0x128}}, 0x0) [ 111.286976] RSP: 0018:ffff88803fb6fc78 EFLAGS: 00010212 [ 111.286992] RAX: 00000000200001c0 RBX: ffff88803fb6fd60 RCX: ffffc9000380f000 [ 111.287035] RDX: 0000000004000038 RSI: ffffffff81855c98 RDI: 0000000000000007 [ 111.287050] RBP: 00000000000000c3 R08: 0000000000000007 R09: 0000000000000000 [ 111.287063] R10: 00000000000000c3 R11: 0000000000000001 R12: ffff88800f359400 [ 111.287077] R13: 0000000000000000 R14: dffffc0000000000 R15: ffffffff8491de20 [ 111.287093] FS: 00007f452667b700(0000) GS:ffff88806cf00000(0000) knlGS:0000000000000000 [ 111.287112] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 111.287129] CR2: 0000001b2c522000 CR3: 000000001f106000 CR4: 0000000000350ee0 11:11:54 executing program 4: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x541b, 0x0) 11:11:54 executing program 0: setsockopt$inet_group_source_req(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) sendmsg$ETHTOOL_MSG_TSINFO_GET(0xffffffffffffffff, 0x0, 0x0) r0 = socket$inet_udp(0x2, 0x2, 0x0) geteuid() setsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x11, &(0x7f0000000300)={{{@in=@multicast2, @in6=@ipv4={'\x00', '\xff\xff', @dev}, 0x0, 0x0, 0x0, 0x6}, {}, {0x0, 0x0, 0x60f, 0x4}, 0x7fffffff}, {{@in6=@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x4d5, 0xff}, 0x0, @in6=@mcast1}}, 0xe8) getsockopt$IPT_SO_GET_INFO(0xffffffffffffffff, 0x0, 0x40, 0x0, 0x0) 11:11:54 executing program 7: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x8, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$AUTOFS_DEV_IOCTL_VERSION(0xffffffffffffffff, 0xc0189371, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x77, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f00000001c0)={0x123363500, &(0x7f0000000180), 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$sock_timeval(r0, 0x1, 0x49, &(0x7f0000000000)={0x77359400}, 0x10) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) 11:11:54 executing program 6: r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$inet_mreqn(r0, 0x0, 0x19, &(0x7f0000000100)={@multicast1}, 0xc) 11:11:54 executing program 3: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000004c0)=@acquire={0x128, 0x17, 0x12f, 0x0, 0x0, {{@in6=@remote}, @in6=@ipv4={'\x00', '\xff\xff', @multicast2}, {@in6=@private0, @in=@broadcast, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {{@in=@loopback, @in6=@private0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}}}}, 0x128}}, 0x0) 11:11:54 executing program 1: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_drop_memb(r0, 0x107, 0x11, 0x0, 0x0) 11:11:54 executing program 5: r0 = syz_open_procfs(0x0, &(0x7f0000000040)='net/mcfilter\x00') preadv(r0, &(0x7f0000000680)=[{&(0x7f00000001c0)=""/195, 0xc3}], 0x1, 0x0, 0x0) 11:11:54 executing program 2: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) getsockopt$inet6_tcp_int(r0, 0x6, 0x24, 0x0, &(0x7f0000000040)) 11:11:55 executing program 0: setsockopt$inet_group_source_req(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) sendmsg$ETHTOOL_MSG_TSINFO_GET(0xffffffffffffffff, 0x0, 0x0) r0 = socket$inet_udp(0x2, 0x2, 0x0) geteuid() setsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x11, &(0x7f0000000300)={{{@in=@multicast2, @in6=@ipv4={'\x00', '\xff\xff', @dev}, 0x0, 0x0, 0x0, 0x6}, {}, {0x0, 0x0, 0x60f, 0x4}, 0x7fffffff}, {{@in6=@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x4d5, 0xff}, 0x0, @in6=@mcast1}}, 0xe8) getsockopt$IPT_SO_GET_INFO(0xffffffffffffffff, 0x0, 0x40, 0x0, 0x0) [ 112.179519] general protection fault, probably for non-canonical address 0xdffffc0004000038: 0000 [#2] PREEMPT SMP KASAN NOPTI [ 112.180329] KASAN: probably user-memory-access in range [0x00000000200001c0-0x00000000200001c7] [ 112.180891] CPU: 1 PID: 4048 Comm: syz-executor.5 Tainted: G D 6.3.0-rc3-next-20230327 #1 [ 112.181500] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 112.182027] RIP: 0010:do_iter_read+0x481/0x750 [ 112.182339] Code: 00 0f 85 52 02 00 00 4d 8b 7c 24 28 e8 48 2c c6 ff 48 8b 44 24 18 80 38 00 0f 85 1c 02 00 00 48 8b 43 18 48 89 c2 48 c1 ea 03 <42> 80 3c 32 00 0f 85 ef 01 00 00 48 8b 4c 24 20 48 8b 30 80 39 00 [ 112.183522] RSP: 0018:ffff888040c87c78 EFLAGS: 00010212 [ 112.183876] RAX: 00000000200001c0 RBX: ffff888040c87d60 RCX: ffffc9000380f000 [ 112.184334] RDX: 0000000004000038 RSI: ffffffff81855c98 RDI: 0000000000000007 [ 112.184795] RBP: 00000000000000c3 R08: 0000000000000007 R09: 0000000000000000 [ 112.185249] R10: 00000000000000c3 R11: 0000000000000001 R12: ffff88800eeb4780 [ 112.185706] R13: 0000000000000000 R14: dffffc0000000000 R15: ffffffff8491de20 [ 112.186172] FS: 00007f452667b700(0000) GS:ffff88806cf00000(0000) knlGS:0000000000000000 [ 112.186694] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 112.187083] CR2: 0000001b2c523000 CR3: 000000001026a000 CR4: 0000000000350ee0 [ 112.187543] Call Trace: [ 112.187722] [ 112.187886] ? import_iovec+0x87/0xb0 [ 112.188148] vfs_readv+0xe5/0x160 [ 112.188392] ? __pfx_vfs_readv+0x10/0x10 [ 112.188670] ? lock_release+0x4d8/0x680 [ 112.188947] ? finish_task_switch.isra.0+0x203/0x830 [ 112.189294] ? trace_hardirqs_on+0x16/0x100 [ 112.189587] ? __schedule+0x995/0x2a00 [ 112.189860] ? __fget_files+0x270/0x480 [ 112.190131] __x64_sys_preadv+0x233/0x310 [ 112.190419] ? __pfx___x64_sys_preadv+0x10/0x10 [ 112.190739] do_syscall_64+0x3f/0x90 [ 112.190998] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 112.191343] RIP: 0033:0x7f4529105b19 [ 112.191588] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 112.192736] RSP: 002b:00007f452667b188 EFLAGS: 00000246 ORIG_RAX: 0000000000000127 [ 112.193226] RAX: ffffffffffffffda RBX: 00007f4529218f60 RCX: 00007f4529105b19 [ 112.193687] RDX: 0000000000000001 RSI: 0000000020000680 RDI: 0000000000000003 [ 112.194143] RBP: 00007f452915ff6d R08: 0000000000000000 R09: 0000000000000000 [ 112.194601] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 112.195072] R13: 00007ffcf4bbfe8f R14: 00007f452667b300 R15: 0000000000022000 [ 112.195561] [ 112.195729] Modules linked in: [ 112.196014] ---[ end trace 0000000000000000 ]--- [ 112.196320] RIP: 0010:do_iter_read+0x481/0x750 [ 112.196653] Code: 00 0f 85 52 02 00 00 4d 8b 7c 24 28 e8 48 2c c6 ff 48 8b 44 24 18 80 38 00 0f 85 1c 02 00 00 48 8b 43 18 48 89 c2 48 c1 ea 03 <42> 80 3c 32 00 0f 85 ef 01 00 00 48 8b 4c 24 20 48 8b 30 80 39 00 [ 112.197831] RSP: 0018:ffff88803fb6fc78 EFLAGS: 00010212 [ 112.198206] RAX: 00000000200001c0 RBX: ffff88803fb6fd60 RCX: ffffc9000380f000 [ 112.198691] RDX: 0000000004000038 RSI: ffffffff81855c98 RDI: 0000000000000007 [ 112.199197] RBP: 00000000000000c3 R08: 0000000000000007 R09: 0000000000000000 [ 112.199684] R10: 00000000000000c3 R11: 0000000000000001 R12: ffff88800f359400 [ 112.200188] R13: 0000000000000000 R14: dffffc0000000000 R15: ffffffff8491de20 [ 112.200679] FS: 00007f452667b700(0000) GS:ffff88806cf00000(0000) knlGS:0000000000000000 [ 112.201233] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 112.201636] CR2: 0000001b2c523000 CR3: 000000001026a000 CR4: 0000000000350ee0 11:11:55 executing program 2: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) getsockopt$inet6_tcp_int(r0, 0x6, 0x24, 0x0, &(0x7f0000000040)) 11:11:55 executing program 4: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x541b, 0x0) 11:11:55 executing program 6: r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$inet_mreqn(r0, 0x0, 0x19, &(0x7f0000000100)={@multicast1}, 0xc) 11:11:55 executing program 0: setsockopt$inet_group_source_req(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) sendmsg$ETHTOOL_MSG_TSINFO_GET(0xffffffffffffffff, 0x0, 0x0) r0 = socket$inet_udp(0x2, 0x2, 0x0) geteuid() setsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x11, &(0x7f0000000300)={{{@in=@multicast2, @in6=@ipv4={'\x00', '\xff\xff', @dev}, 0x0, 0x0, 0x0, 0x6}, {}, {0x0, 0x0, 0x60f, 0x4}, 0x7fffffff}, {{@in6=@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x4d5, 0xff}, 0x0, @in6=@mcast1}}, 0xe8) getsockopt$IPT_SO_GET_INFO(0xffffffffffffffff, 0x0, 0x40, 0x0, 0x0) 11:11:55 executing program 1: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_drop_memb(r0, 0x107, 0x11, 0x0, 0x0) 11:11:55 executing program 2: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) getsockopt$inet6_tcp_int(r0, 0x6, 0x24, 0x0, &(0x7f0000000040)) 11:11:55 executing program 2: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) getsockopt$inet6_tcp_int(r0, 0x6, 0x24, 0x0, &(0x7f0000000040)) 11:11:55 executing program 3: openat$vcsa(0xffffffffffffff9c, 0x0, 0x90042, 0x0) 11:11:55 executing program 4: syz_mount_image$ext4(0x0, &(0x7f0000000000)='./file0\x00', 0x0, 0x0, 0x0, 0x10b4, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) rmdir(&(0x7f0000000180)='./file0\x00') [ 113.061987] general protection fault, probably for non-canonical address 0xdffffc0004000038: 0000 [#3] PREEMPT SMP KASAN NOPTI [ 113.062832] KASAN: probably user-memory-access in range [0x00000000200001c0-0x00000000200001c7] [ 113.063449] CPU: 1 PID: 4072 Comm: syz-executor.5 Tainted: G D 6.3.0-rc3-next-20230327 #1 [ 113.064104] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 113.064677] RIP: 0010:do_iter_read+0x481/0x750 [ 113.065019] Code: 00 0f 85 52 02 00 00 4d 8b 7c 24 28 e8 48 2c c6 ff 48 8b 44 24 18 80 38 00 0f 85 1c 02 00 00 48 8b 43 18 48 89 c2 48 c1 ea 03 <42> 80 3c 32 00 0f 85 ef 01 00 00 48 8b 4c 24 20 48 8b 30 80 39 00 [ 113.066303] RSP: 0018:ffff888040d27c78 EFLAGS: 00010212 [ 113.066687] RAX: 00000000200001c0 RBX: ffff888040d27d60 RCX: ffffc9000380f000 [ 113.067183] RDX: 0000000004000038 RSI: ffffffff81855c98 RDI: 0000000000000007 [ 113.067672] RBP: 00000000000000c3 R08: 0000000000000007 R09: 0000000000000000 [ 113.068199] R10: 00000000000000c3 R11: 0000000000000001 R12: ffff8880101f7900 [ 113.068728] R13: 0000000000000000 R14: dffffc0000000000 R15: ffffffff8491de20 [ 113.069233] FS: 00007f452667b700(0000) GS:ffff88806cf00000(0000) knlGS:0000000000000000 [ 113.069782] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 113.070215] CR2: 0000001b2c523000 CR3: 0000000016e38000 CR4: 0000000000350ee0 [ 113.070713] Call Trace: [ 113.070916] [ 113.071095] ? import_iovec+0x87/0xb0 [ 113.071386] vfs_readv+0xe5/0x160 [ 113.071643] ? __pfx_vfs_readv+0x10/0x10 [ 113.071937] ? lock_release+0x4d8/0x680 [ 113.072232] ? kmem_cache_free+0xff/0x4a0 [ 113.072532] ? do_futex+0x13a/0x380 [ 113.072802] ? __fget_files+0x270/0x480 [ 113.073113] __x64_sys_preadv+0x233/0x310 [ 113.073417] ? __pfx___x64_sys_preadv+0x10/0x10 [ 113.073757] ? switch_fpu_return+0x157/0x2e0 [ 113.074093] do_syscall_64+0x3f/0x90 [ 113.074361] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 113.074713] RIP: 0033:0x7f4529105b19 [ 113.075006] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 113.076283] RSP: 002b:00007f452667b188 EFLAGS: 00000246 ORIG_RAX: 0000000000000127 [ 113.076812] RAX: ffffffffffffffda RBX: 00007f4529218f60 RCX: 00007f4529105b19 [ 113.077334] RDX: 0000000000000001 RSI: 0000000020000680 RDI: 0000000000000003 [ 113.077857] RBP: 00007f452915ff6d R08: 0000000000000000 R09: 0000000000000000 [ 113.078359] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 113.078858] R13: 00007ffcf4bbfe8f R14: 00007f452667b300 R15: 0000000000022000 [ 113.079402] [ 113.079564] Modules linked in: [ 113.080274] ---[ end trace 0000000000000000 ]--- [ 113.080624] RIP: 0010:do_iter_read+0x481/0x750 [ 113.080961] Code: 00 0f 85 52 02 00 00 4d 8b 7c 24 28 e8 48 2c c6 ff 48 8b 44 24 18 80 38 00 0f 85 1c 02 00 00 48 8b 43 18 48 89 c2 48 c1 ea 03 <42> 80 3c 32 00 0f 85 ef 01 00 00 48 8b 4c 24 20 48 8b 30 80 39 00 [ 113.082327] RSP: 0018:ffff88803fb6fc78 EFLAGS: 00010212 [ 113.082711] RAX: 00000000200001c0 RBX: ffff88803fb6fd60 RCX: ffffc9000380f000 [ 113.083267] RDX: 0000000004000038 RSI: ffffffff81855c98 RDI: 0000000000000007 [ 113.083744] RBP: 00000000000000c3 R08: 0000000000000007 R09: 0000000000000000 [ 113.084258] R10: 00000000000000c3 R11: 0000000000000001 R12: ffff88800f359400 [ 113.084778] R13: 0000000000000000 R14: dffffc0000000000 R15: ffffffff8491de20 [ 113.085305] FS: 00007f452667b700(0000) GS:ffff88806cf00000(0000) knlGS:0000000000000000 11:11:55 executing program 6: r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$inet_mreqn(r0, 0x0, 0x19, &(0x7f0000000100)={@multicast1}, 0xc) 11:11:55 executing program 7: keyctl$chown(0x4, 0x0, 0xee00, 0x0) r0 = pidfd_getfd(0xffffffffffffffff, 0xffffffffffffffff, 0x0) read$hiddev(0xffffffffffffffff, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(r0, 0xc0506617, &(0x7f0000000380)=ANY=[@ANYRESHEX, @ANYRES32, @ANYBLOB="00000000000000000000000000000000000000000000008004edff000000000061f3efc4936caf5662635665666768f8bc0083193f767778797a303132333435360400000007f381af5f321c7a3b06738afcc8e7abb239"]) keyctl$get_security(0x11, 0x0, &(0x7f0000000240)=""/154, 0x9a) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x228842, 0x0) r1 = add_key$fscrypt_v1(&(0x7f00000001c0), &(0x7f0000000200)={'fscrypt:', @auto=[0x31, 0x35, 0x62, 0x38, 0x31, 0x35, 0x65, 0x0, 0x30, 0x30, 0x0, 0x6, 0x33, 0x61, 0x30, 0x66]}, 0x0, 0x0, 0x0) perf_event_open(&(0x7f00000004c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x3}, 0x0, 0x0, 0xffffffffffffffff) r3 = add_key$keyring(&(0x7f00000005c0), &(0x7f0000000600)={'syz', 0x2}, 0x0, 0x0, r2) r4 = add_key$user(&(0x7f0000000180), &(0x7f00000001c0)={'syz', 0x1}, &(0x7f0000000200)="8b", 0x1, r2) openat(0xffffffffffffff9c, &(0x7f0000000480)='./file1\x00', 0x800, 0x10) r5 = add_key$fscrypt_v1(&(0x7f0000000400), &(0x7f0000000440)={'fscrypt:', @desc4}, &(0x7f0000000540)={0x0, "dac3f7b7f13cd94537bcd6764e95b06a3519b0c249f0643eb0e6328928bcce4539df514ffec0a49a3c1b2c4028265fe551a496263d053993408f235289be5770", 0x16}, 0x48, 0x0) r6 = add_key(&(0x7f0000000640)='logon\x00', &(0x7f0000000680)={'syz', 0x3}, &(0x7f00000006c0)="d3a99864cf180299f151cec943928b6bd524a77f95519ac3a2235d29b85fd04b334592200b20357d355efc50f58dd11594403a53090f59baf4c1e51c650f124726cf3e207de3e37e9620441cbe355c8159138c4fb6b07c2f87316b6541bf2cb5e6060fa8dfe98ec2633993370cf56cbcd4550ded9cedbe9e8336f444e1fa685b573beb17ecbb2330fba61fffdc236b5cc4e9e3366fc697c83d9782fbd0b67e3718c2473ff2f8fd3265b57ee8cace36ffac01da1357d09584586e736d8bdd575930c44c860150a097049d06c46efcbd4f7a473f14d573f27857ba923e5f6b7ae8fc977216285303e4b17e82cf0172618dbe5ab3e4f866f3d0c66e0b3c90a1", 0xfe, r5) keyctl$KEYCTL_MOVE(0x1e, r3, r6, r1, 0x0) add_key$keyring(&(0x7f0000000140), &(0x7f0000000300)={'syz', 0x3}, 0x0, 0x0, r5) keyctl$KEYCTL_MOVE(0x1e, r4, r2, 0xfffffffffffffffe, 0x0) r7 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) ioctl$EXT4_IOC_CHECKPOINT(r7, 0x4004662b, &(0x7f0000000340)) 11:11:55 executing program 1: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) bind$unix(r0, &(0x7f0000000100)=@abs={0x1, 0x0, 0x4e20}, 0x6e) bind$unix(r1, &(0x7f0000000200)=@abs={0x1, 0x0, 0x4e20}, 0x1f) 11:11:55 executing program 5: r0 = syz_open_procfs(0x0, &(0x7f0000000040)='net/mcfilter\x00') preadv(r0, &(0x7f0000000680)=[{&(0x7f00000001c0)=""/195, 0xc3}], 0x1, 0x0, 0x0) 11:11:55 executing program 0: perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x79, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) [ 113.085888] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 r0 = syz_io_uring_setup(0x101, &(0x7f0000000180)={0x0, 0x0, 0x2, 0x203}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffb000/0x5000)=nil, &(0x7f0000000100), &(0x7f0000000140)) io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0) [ 113.086443] CR2: 0000001b2c523000 CR3: 0000000016e38000 CR4: 0000000000350ee0 11:11:55 executing program 2: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x19, &(0x7f0000000040)=0x3, 0x4) 11:11:55 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000440), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000300)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r1, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000240)={0x38, r2, 0x1, 0x0, 0x0, {{}, {@void, @val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_4ADDR={0x5}, @NL80211_ATTR_IFNAME={0x14, 0x4, 'ipvlan1\x00'}]}, 0x38}}, 0x0) 11:11:56 executing program 7: keyctl$chown(0x4, 0x0, 0xee00, 0x0) r0 = pidfd_getfd(0xffffffffffffffff, 0xffffffffffffffff, 0x0) read$hiddev(0xffffffffffffffff, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(r0, 0xc0506617, &(0x7f0000000380)=ANY=[@ANYRESHEX, @ANYRES32, @ANYBLOB="00000000000000000000000000000000000000000000008004edff000000000061f3efc4936caf5662635665666768f8bc0083193f767778797a303132333435360400000007f381af5f321c7a3b06738afcc8e7abb239"]) keyctl$get_security(0x11, 0x0, &(0x7f0000000240)=""/154, 0x9a) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x228842, 0x0) r1 = add_key$fscrypt_v1(&(0x7f00000001c0), &(0x7f0000000200)={'fscrypt:', @auto=[0x31, 0x35, 0x62, 0x38, 0x31, 0x35, 0x65, 0x0, 0x30, 0x30, 0x0, 0x6, 0x33, 0x61, 0x30, 0x66]}, 0x0, 0x0, 0x0) perf_event_open(&(0x7f00000004c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x3}, 0x0, 0x0, 0xffffffffffffffff) r3 = add_key$keyring(&(0x7f00000005c0), &(0x7f0000000600)={'syz', 0x2}, 0x0, 0x0, r2) r4 = add_key$user(&(0x7f0000000180), &(0x7f00000001c0)={'syz', 0x1}, &(0x7f0000000200)="8b", 0x1, r2) openat(0xffffffffffffff9c, &(0x7f0000000480)='./file1\x00', 0x800, 0x10) r5 = add_key$fscrypt_v1(&(0x7f0000000400), &(0x7f0000000440)={'fscrypt:', @desc4}, &(0x7f0000000540)={0x0, "dac3f7b7f13cd94537bcd6764e95b06a3519b0c249f0643eb0e6328928bcce4539df514ffec0a49a3c1b2c4028265fe551a496263d053993408f235289be5770", 0x16}, 0x48, 0x0) r6 = add_key(&(0x7f0000000640)='logon\x00', &(0x7f0000000680)={'syz', 0x3}, &(0x7f00000006c0)="d3a99864cf180299f151cec943928b6bd524a77f95519ac3a2235d29b85fd04b334592200b20357d355efc50f58dd11594403a53090f59baf4c1e51c650f124726cf3e207de3e37e9620441cbe355c8159138c4fb6b07c2f87316b6541bf2cb5e6060fa8dfe98ec2633993370cf56cbcd4550ded9cedbe9e8336f444e1fa685b573beb17ecbb2330fba61fffdc236b5cc4e9e3366fc697c83d9782fbd0b67e3718c2473ff2f8fd3265b57ee8cace36ffac01da1357d09584586e736d8bdd575930c44c860150a097049d06c46efcbd4f7a473f14d573f27857ba923e5f6b7ae8fc977216285303e4b17e82cf0172618dbe5ab3e4f866f3d0c66e0b3c90a1", 0xfe, r5) keyctl$KEYCTL_MOVE(0x1e, r3, r6, r1, 0x0) add_key$keyring(&(0x7f0000000140), &(0x7f0000000300)={'syz', 0x3}, 0x0, 0x0, r5) keyctl$KEYCTL_MOVE(0x1e, r4, r2, 0xfffffffffffffffe, 0x0) r7 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) ioctl$EXT4_IOC_CHECKPOINT(r7, 0x4004662b, &(0x7f0000000340)) 11:11:56 executing program 1: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) bind$unix(r0, &(0x7f0000000100)=@abs={0x1, 0x0, 0x4e20}, 0x6e) bind$unix(r1, &(0x7f0000000200)=@abs={0x1, 0x0, 0x4e20}, 0x1f) 11:11:56 executing program 6: r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$inet_mreqn(r0, 0x0, 0x19, &(0x7f0000000100)={@multicast1}, 0xc) 11:11:56 executing program 2: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x19, &(0x7f0000000040)=0x3, 0x4) 11:11:56 executing program 7: keyctl$chown(0x4, 0x0, 0xee00, 0x0) r0 = pidfd_getfd(0xffffffffffffffff, 0xffffffffffffffff, 0x0) read$hiddev(0xffffffffffffffff, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(r0, 0xc0506617, &(0x7f0000000380)=ANY=[@ANYRESHEX, @ANYRES32, @ANYBLOB="00000000000000000000000000000000000000000000008004edff000000000061f3efc4936caf5662635665666768f8bc0083193f767778797a303132333435360400000007f381af5f321c7a3b06738afcc8e7abb239"]) keyctl$get_security(0x11, 0x0, &(0x7f0000000240)=""/154, 0x9a) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x228842, 0x0) r1 = add_key$fscrypt_v1(&(0x7f00000001c0), &(0x7f0000000200)={'fscrypt:', @auto=[0x31, 0x35, 0x62, 0x38, 0x31, 0x35, 0x65, 0x0, 0x30, 0x30, 0x0, 0x6, 0x33, 0x61, 0x30, 0x66]}, 0x0, 0x0, 0x0) perf_event_open(&(0x7f00000004c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x3}, 0x0, 0x0, 0xffffffffffffffff) r3 = add_key$keyring(&(0x7f00000005c0), &(0x7f0000000600)={'syz', 0x2}, 0x0, 0x0, r2) r4 = add_key$user(&(0x7f0000000180), &(0x7f00000001c0)={'syz', 0x1}, &(0x7f0000000200)="8b", 0x1, r2) openat(0xffffffffffffff9c, &(0x7f0000000480)='./file1\x00', 0x800, 0x10) r5 = add_key$fscrypt_v1(&(0x7f0000000400), &(0x7f0000000440)={'fscrypt:', @desc4}, &(0x7f0000000540)={0x0, "dac3f7b7f13cd94537bcd6764e95b06a3519b0c249f0643eb0e6328928bcce4539df514ffec0a49a3c1b2c4028265fe551a496263d053993408f235289be5770", 0x16}, 0x48, 0x0) r6 = add_key(&(0x7f0000000640)='logon\x00', &(0x7f0000000680)={'syz', 0x3}, &(0x7f00000006c0)="d3a99864cf180299f151cec943928b6bd524a77f95519ac3a2235d29b85fd04b334592200b20357d355efc50f58dd11594403a53090f59baf4c1e51c650f124726cf3e207de3e37e9620441cbe355c8159138c4fb6b07c2f87316b6541bf2cb5e6060fa8dfe98ec2633993370cf56cbcd4550ded9cedbe9e8336f444e1fa685b573beb17ecbb2330fba61fffdc236b5cc4e9e3366fc697c83d9782fbd0b67e3718c2473ff2f8fd3265b57ee8cace36ffac01da1357d09584586e736d8bdd575930c44c860150a097049d06c46efcbd4f7a473f14d573f27857ba923e5f6b7ae8fc977216285303e4b17e82cf0172618dbe5ab3e4f866f3d0c66e0b3c90a1", 0xfe, r5) keyctl$KEYCTL_MOVE(0x1e, r3, r6, r1, 0x0) add_key$keyring(&(0x7f0000000140), &(0x7f0000000300)={'syz', 0x3}, 0x0, 0x0, r5) keyctl$KEYCTL_MOVE(0x1e, r4, r2, 0xfffffffffffffffe, 0x0) r7 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) ioctl$EXT4_IOC_CHECKPOINT(r7, 0x4004662b, &(0x7f0000000340)) 11:11:56 executing program 0: perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x79, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x101, &(0x7f0000000180)={0x0, 0x0, 0x2, 0x203}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffb000/0x5000)=nil, &(0x7f0000000100), &(0x7f0000000140)) io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0) 11:11:56 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000440), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000300)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r1, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000240)={0x38, r2, 0x1, 0x0, 0x0, {{}, {@void, @val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_4ADDR={0x5}, @NL80211_ATTR_IFNAME={0x14, 0x4, 'ipvlan1\x00'}]}, 0x38}}, 0x0) 11:11:56 executing program 7: keyctl$chown(0x4, 0x0, 0xee00, 0x0) r0 = pidfd_getfd(0xffffffffffffffff, 0xffffffffffffffff, 0x0) read$hiddev(0xffffffffffffffff, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(r0, 0xc0506617, &(0x7f0000000380)=ANY=[@ANYRESHEX, @ANYRES32, @ANYBLOB="00000000000000000000000000000000000000000000008004edff000000000061f3efc4936caf5662635665666768f8bc0083193f767778797a303132333435360400000007f381af5f321c7a3b06738afcc8e7abb239"]) keyctl$get_security(0x11, 0x0, &(0x7f0000000240)=""/154, 0x9a) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x228842, 0x0) r1 = add_key$fscrypt_v1(&(0x7f00000001c0), &(0x7f0000000200)={'fscrypt:', @auto=[0x31, 0x35, 0x62, 0x38, 0x31, 0x35, 0x65, 0x0, 0x30, 0x30, 0x0, 0x6, 0x33, 0x61, 0x30, 0x66]}, 0x0, 0x0, 0x0) perf_event_open(&(0x7f00000004c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x3}, 0x0, 0x0, 0xffffffffffffffff) r3 = add_key$keyring(&(0x7f00000005c0), &(0x7f0000000600)={'syz', 0x2}, 0x0, 0x0, r2) r4 = add_key$user(&(0x7f0000000180), &(0x7f00000001c0)={'syz', 0x1}, &(0x7f0000000200)="8b", 0x1, r2) openat(0xffffffffffffff9c, &(0x7f0000000480)='./file1\x00', 0x800, 0x10) r5 = add_key$fscrypt_v1(&(0x7f0000000400), &(0x7f0000000440)={'fscrypt:', @desc4}, &(0x7f0000000540)={0x0, "dac3f7b7f13cd94537bcd6764e95b06a3519b0c249f0643eb0e6328928bcce4539df514ffec0a49a3c1b2c4028265fe551a496263d053993408f235289be5770", 0x16}, 0x48, 0x0) r6 = add_key(&(0x7f0000000640)='logon\x00', &(0x7f0000000680)={'syz', 0x3}, &(0x7f00000006c0)="d3a99864cf180299f151cec943928b6bd524a77f95519ac3a2235d29b85fd04b334592200b20357d355efc50f58dd11594403a53090f59baf4c1e51c650f124726cf3e207de3e37e9620441cbe355c8159138c4fb6b07c2f87316b6541bf2cb5e6060fa8dfe98ec2633993370cf56cbcd4550ded9cedbe9e8336f444e1fa685b573beb17ecbb2330fba61fffdc236b5cc4e9e3366fc697c83d9782fbd0b67e3718c2473ff2f8fd3265b57ee8cace36ffac01da1357d09584586e736d8bdd575930c44c860150a097049d06c46efcbd4f7a473f14d573f27857ba923e5f6b7ae8fc977216285303e4b17e82cf0172618dbe5ab3e4f866f3d0c66e0b3c90a1", 0xfe, r5) keyctl$KEYCTL_MOVE(0x1e, r3, r6, r1, 0x0) add_key$keyring(&(0x7f0000000140), &(0x7f0000000300)={'syz', 0x3}, 0x0, 0x0, r5) keyctl$KEYCTL_MOVE(0x1e, r4, r2, 0xfffffffffffffffe, 0x0) r7 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) ioctl$EXT4_IOC_CHECKPOINT(r7, 0x4004662b, &(0x7f0000000340)) 11:11:56 executing program 2: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x19, &(0x7f0000000040)=0x3, 0x4) 11:11:56 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000440), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000300)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r1, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000240)={0x38, r2, 0x1, 0x0, 0x0, {{}, {@void, @val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_4ADDR={0x5}, @NL80211_ATTR_IFNAME={0x14, 0x4, 'ipvlan1\x00'}]}, 0x38}}, 0x0) 11:11:56 executing program 6: perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x79, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x101, &(0x7f0000000180)={0x0, 0x0, 0x2, 0x203}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffb000/0x5000)=nil, &(0x7f0000000100), &(0x7f0000000140)) io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0) 11:11:56 executing program 1: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) bind$unix(r0, &(0x7f0000000100)=@abs={0x1, 0x0, 0x4e20}, 0x6e) bind$unix(r1, &(0x7f0000000200)=@abs={0x1, 0x0, 0x4e20}, 0x1f) 11:11:56 executing program 5: r0 = syz_open_procfs(0x0, &(0x7f0000000040)='net/mcfilter\x00') preadv(r0, &(0x7f0000000680)=[{&(0x7f00000001c0)=""/195, 0xc3}], 0x1, 0x0, 0x0) 11:11:56 executing program 4: keyctl$chown(0x4, 0x0, 0xee00, 0x0) r0 = pidfd_getfd(0xffffffffffffffff, 0xffffffffffffffff, 0x0) read$hiddev(0xffffffffffffffff, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(r0, 0xc0506617, &(0x7f0000000380)=ANY=[@ANYRESHEX, @ANYRES32, @ANYBLOB="00000000000000000000000000000000000000000000008004edff000000000061f3efc4936caf5662635665666768f8bc0083193f767778797a303132333435360400000007f381af5f321c7a3b06738afcc8e7abb239"]) keyctl$get_security(0x11, 0x0, &(0x7f0000000240)=""/154, 0x9a) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x228842, 0x0) r1 = add_key$fscrypt_v1(&(0x7f00000001c0), &(0x7f0000000200)={'fscrypt:', @auto=[0x31, 0x35, 0x62, 0x38, 0x31, 0x35, 0x65, 0x0, 0x30, 0x30, 0x0, 0x6, 0x33, 0x61, 0x30, 0x66]}, 0x0, 0x0, 0x0) perf_event_open(&(0x7f00000004c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x3}, 0x0, 0x0, 0xffffffffffffffff) r3 = add_key$keyring(&(0x7f00000005c0), &(0x7f0000000600)={'syz', 0x2}, 0x0, 0x0, r2) r4 = add_key$user(&(0x7f0000000180), &(0x7f00000001c0)={'syz', 0x1}, &(0x7f0000000200)="8b", 0x1, r2) openat(0xffffffffffffff9c, &(0x7f0000000480)='./file1\x00', 0x800, 0x10) r5 = add_key$fscrypt_v1(&(0x7f0000000400), &(0x7f0000000440)={'fscrypt:', @desc4}, &(0x7f0000000540)={0x0, "dac3f7b7f13cd94537bcd6764e95b06a3519b0c249f0643eb0e6328928bcce4539df514ffec0a49a3c1b2c4028265fe551a496263d053993408f235289be5770", 0x16}, 0x48, 0x0) r6 = add_key(&(0x7f0000000640)='logon\x00', &(0x7f0000000680)={'syz', 0x3}, &(0x7f00000006c0)="d3a99864cf180299f151cec943928b6bd524a77f95519ac3a2235d29b85fd04b334592200b20357d355efc50f58dd11594403a53090f59baf4c1e51c650f124726cf3e207de3e37e9620441cbe355c8159138c4fb6b07c2f87316b6541bf2cb5e6060fa8dfe98ec2633993370cf56cbcd4550ded9cedbe9e8336f444e1fa685b573beb17ecbb2330fba61fffdc236b5cc4e9e3366fc697c83d9782fbd0b67e3718c2473ff2f8fd3265b57ee8cace36ffac01da1357d09584586e736d8bdd575930c44c860150a097049d06c46efcbd4f7a473f14d573f27857ba923e5f6b7ae8fc977216285303e4b17e82cf0172618dbe5ab3e4f866f3d0c66e0b3c90a1", 0xfe, r5) keyctl$KEYCTL_MOVE(0x1e, r3, r6, r1, 0x0) add_key$keyring(&(0x7f0000000140), &(0x7f0000000300)={'syz', 0x3}, 0x0, 0x0, r5) keyctl$KEYCTL_MOVE(0x1e, r4, r2, 0xfffffffffffffffe, 0x0) r7 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) ioctl$EXT4_IOC_CHECKPOINT(r7, 0x4004662b, &(0x7f0000000340)) 11:11:56 executing program 0: perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x79, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x101, &(0x7f0000000180)={0x0, 0x0, 0x2, 0x203}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffb000/0x5000)=nil, &(0x7f0000000100), &(0x7f0000000140)) io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0) 11:11:56 executing program 7: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) ioctl$BTRFS_IOC_QGROUP_ASSIGN(r0, 0x40189429, &(0x7f0000000300)={0x0, 0xfffffffffffff0c5, 0x7}) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x4}, 0x0, 0x0, 0x0, 0x0, 0x6dc8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) pwritev(r1, &(0x7f0000000080)=[{&(0x7f0000000140)='\x00', 0x1a}], 0x1, 0x7fffffc, 0x0) ioctl$BLKFRASET(0xffffffffffffffff, 0x1264, &(0x7f0000000040)=0x9) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x8}, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r0, 0x0, 0x100000) r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x1c5042, 0x0) write(r2, &(0x7f0000000200)='E', 0x140000) stat(&(0x7f0000000240)='./file1\x00', &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0}) setresuid(0x0, r3, 0x0) openat(r2, &(0x7f0000000180)='./file1\x00', 0x10041, 0x14c) getgid() 11:11:56 executing program 2: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x19, &(0x7f0000000040)=0x3, 0x4) [ 113.966370] general protection fault, probably for non-canonical address 0xdffffc0004000038: 0000 [#4] PREEMPT SMP KASAN NOPTI [ 113.967112] KASAN: probably user-memory-access in range [0x00000000200001c0-0x00000000200001c7] [ 113.967638] CPU: 1 PID: 4122 Comm: syz-executor.5 Tainted: G D 6.3.0-rc3-next-20230327 #1 [ 113.968206] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 113.968740] RIP: 0010:do_iter_read+0x481/0x750 [ 113.969064] Code: 00 0f 85 52 02 00 00 4d 8b 7c 24 28 e8 48 2c c6 ff 48 8b 44 24 18 80 38 00 0f 85 1c 02 00 00 48 8b 43 18 48 89 c2 48 c1 ea 03 <42> 80 3c 32 00 0f 85 ef 01 00 00 48 8b 4c 24 20 48 8b 30 80 39 00 [ 113.970219] RSP: 0018:ffff88803fb37c78 EFLAGS: 00010212 [ 113.970570] RAX: 00000000200001c0 RBX: ffff88803fb37d60 RCX: ffffc9000380f000 [ 113.971047] RDX: 0000000004000038 RSI: ffffffff81855c98 RDI: 0000000000000007 [ 113.971513] RBP: 00000000000000c3 R08: 0000000000000007 R09: 0000000000000000 [ 113.971981] R10: 00000000000000c3 R11: 0000000000000001 R12: ffff88801a047900 [ 113.972439] R13: 0000000000000000 R14: dffffc0000000000 R15: ffffffff8491de20 [ 113.972901] FS: 00007f452667b700(0000) GS:ffff88806cf00000(0000) knlGS:0000000000000000 [ 113.973420] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 113.973799] CR2: 0000001b2c523000 CR3: 000000001f010000 CR4: 0000000000350ee0 [ 113.974259] Call Trace: [ 113.974431] [ 113.974583] ? import_iovec+0x87/0xb0 [ 113.974846] vfs_readv+0xe5/0x160 [ 113.975102] ? __pfx_vfs_readv+0x10/0x10 [ 113.975376] ? lock_release+0x4d8/0x680 [ 113.975654] ? finish_task_switch.isra.0+0x203/0x830 [ 113.975994] ? trace_hardirqs_on+0x16/0x100 [ 113.976287] ? __schedule+0x995/0x2a00 [ 113.976563] ? __fget_files+0x270/0x480 [ 113.976832] __x64_sys_preadv+0x233/0x310 [ 113.977123] ? __pfx___x64_sys_preadv+0x10/0x10 [ 113.977455] do_syscall_64+0x3f/0x90 [ 113.977716] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 113.978081] RIP: 0033:0x7f4529105b19 [ 113.978340] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 113.979534] RSP: 002b:00007f452667b188 EFLAGS: 00000246 ORIG_RAX: 0000000000000127 [ 113.980042] RAX: ffffffffffffffda RBX: 00007f4529218f60 RCX: 00007f4529105b19 [ 113.980521] RDX: 0000000000000001 RSI: 0000000020000680 RDI: 0000000000000003 [ 113.981000] RBP: 00007f452915ff6d R08: 0000000000000000 R09: 0000000000000000 [ 113.981479] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 113.981949] R13: 00007ffcf4bbfe8f R14: 00007f452667b300 R15: 0000000000022000 [ 113.982425] [ 113.982583] Modules linked in: [ 113.982906] ---[ end trace 0000000000000000 ]--- [ 113.983233] RIP: 0010:do_iter_read+0x481/0x750 [ 113.983551] Code: 00 0f 85 52 02 00 00 4d 8b 7c 24 28 e8 48 2c c6 ff 48 8b 44 24 18 80 38 00 0f 85 1c 02 00 00 48 8b 43 18 48 89 c2 48 c1 ea 03 <42> 80 3c 32 00 0f 85 ef 01 00 00 48 8b 4c 24 20 48 8b 30 80 39 00 [ 113.984792] RSP: 0018:ffff88803fb6fc78 EFLAGS: 00010212 [ 113.985170] RAX: 00000000200001c0 RBX: ffff88803fb6fd60 RCX: ffffc9000380f000 [ 113.985658] RDX: 0000000004000038 RSI: ffffffff81855c98 RDI: 0000000000000007 [ 113.986156] RBP: 00000000000000c3 R08: 0000000000000007 R09: 0000000000000000 [ 113.986653] R10: 00000000000000c3 R11: 0000000000000001 R12: ffff88800f359400 [ 113.987155] R13: 0000000000000000 R14: dffffc0000000000 R15: ffffffff8491de20 [ 113.987650] FS: 00007f452667b700(0000) GS:ffff88806cf00000(0000) knlGS:0000000000000000 [ 113.988215] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 113.988621] CR2: 0000001b2c523000 CR3: 000000001f010000 CR4: 0000000000350ee0 11:11:56 executing program 0: perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x79, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x101, &(0x7f0000000180)={0x0, 0x0, 0x2, 0x203}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffb000/0x5000)=nil, &(0x7f0000000100), &(0x7f0000000140)) io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0) 11:11:56 executing program 4: keyctl$chown(0x4, 0x0, 0xee00, 0x0) r0 = pidfd_getfd(0xffffffffffffffff, 0xffffffffffffffff, 0x0) read$hiddev(0xffffffffffffffff, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(r0, 0xc0506617, &(0x7f0000000380)=ANY=[@ANYRESHEX, @ANYRES32, @ANYBLOB="00000000000000000000000000000000000000000000008004edff000000000061f3efc4936caf5662635665666768f8bc0083193f767778797a303132333435360400000007f381af5f321c7a3b06738afcc8e7abb239"]) keyctl$get_security(0x11, 0x0, &(0x7f0000000240)=""/154, 0x9a) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x228842, 0x0) r1 = add_key$fscrypt_v1(&(0x7f00000001c0), &(0x7f0000000200)={'fscrypt:', @auto=[0x31, 0x35, 0x62, 0x38, 0x31, 0x35, 0x65, 0x0, 0x30, 0x30, 0x0, 0x6, 0x33, 0x61, 0x30, 0x66]}, 0x0, 0x0, 0x0) perf_event_open(&(0x7f00000004c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x3}, 0x0, 0x0, 0xffffffffffffffff) r3 = add_key$keyring(&(0x7f00000005c0), &(0x7f0000000600)={'syz', 0x2}, 0x0, 0x0, r2) r4 = add_key$user(&(0x7f0000000180), &(0x7f00000001c0)={'syz', 0x1}, &(0x7f0000000200)="8b", 0x1, r2) openat(0xffffffffffffff9c, &(0x7f0000000480)='./file1\x00', 0x800, 0x10) r5 = add_key$fscrypt_v1(&(0x7f0000000400), &(0x7f0000000440)={'fscrypt:', @desc4}, &(0x7f0000000540)={0x0, "dac3f7b7f13cd94537bcd6764e95b06a3519b0c249f0643eb0e6328928bcce4539df514ffec0a49a3c1b2c4028265fe551a496263d053993408f235289be5770", 0x16}, 0x48, 0x0) r6 = add_key(&(0x7f0000000640)='logon\x00', &(0x7f0000000680)={'syz', 0x3}, &(0x7f00000006c0)="d3a99864cf180299f151cec943928b6bd524a77f95519ac3a2235d29b85fd04b334592200b20357d355efc50f58dd11594403a53090f59baf4c1e51c650f124726cf3e207de3e37e9620441cbe355c8159138c4fb6b07c2f87316b6541bf2cb5e6060fa8dfe98ec2633993370cf56cbcd4550ded9cedbe9e8336f444e1fa685b573beb17ecbb2330fba61fffdc236b5cc4e9e3366fc697c83d9782fbd0b67e3718c2473ff2f8fd3265b57ee8cace36ffac01da1357d09584586e736d8bdd575930c44c860150a097049d06c46efcbd4f7a473f14d573f27857ba923e5f6b7ae8fc977216285303e4b17e82cf0172618dbe5ab3e4f866f3d0c66e0b3c90a1", 0xfe, r5) keyctl$KEYCTL_MOVE(0x1e, r3, r6, r1, 0x0) add_key$keyring(&(0x7f0000000140), &(0x7f0000000300)={'syz', 0x3}, 0x0, 0x0, r5) keyctl$KEYCTL_MOVE(0x1e, r4, r2, 0xfffffffffffffffe, 0x0) r7 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) ioctl$EXT4_IOC_CHECKPOINT(r7, 0x4004662b, &(0x7f0000000340)) 11:11:56 executing program 1: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) bind$unix(r0, &(0x7f0000000100)=@abs={0x1, 0x0, 0x4e20}, 0x6e) bind$unix(r1, &(0x7f0000000200)=@abs={0x1, 0x0, 0x4e20}, 0x1f) 11:11:56 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000440), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000300)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r1, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000240)={0x38, r2, 0x1, 0x0, 0x0, {{}, {@void, @val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_4ADDR={0x5}, @NL80211_ATTR_IFNAME={0x14, 0x4, 'ipvlan1\x00'}]}, 0x38}}, 0x0) 11:11:56 executing program 6: perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x79, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x101, &(0x7f0000000180)={0x0, 0x0, 0x2, 0x203}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffb000/0x5000)=nil, &(0x7f0000000100), &(0x7f0000000140)) io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0) 11:11:56 executing program 4: keyctl$chown(0x4, 0x0, 0xee00, 0x0) r0 = pidfd_getfd(0xffffffffffffffff, 0xffffffffffffffff, 0x0) read$hiddev(0xffffffffffffffff, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(r0, 0xc0506617, &(0x7f0000000380)=ANY=[@ANYRESHEX, @ANYRES32, @ANYBLOB="00000000000000000000000000000000000000000000008004edff000000000061f3efc4936caf5662635665666768f8bc0083193f767778797a303132333435360400000007f381af5f321c7a3b06738afcc8e7abb239"]) keyctl$get_security(0x11, 0x0, &(0x7f0000000240)=""/154, 0x9a) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x228842, 0x0) r1 = add_key$fscrypt_v1(&(0x7f00000001c0), &(0x7f0000000200)={'fscrypt:', @auto=[0x31, 0x35, 0x62, 0x38, 0x31, 0x35, 0x65, 0x0, 0x30, 0x30, 0x0, 0x6, 0x33, 0x61, 0x30, 0x66]}, 0x0, 0x0, 0x0) perf_event_open(&(0x7f00000004c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x3}, 0x0, 0x0, 0xffffffffffffffff) r3 = add_key$keyring(&(0x7f00000005c0), &(0x7f0000000600)={'syz', 0x2}, 0x0, 0x0, r2) r4 = add_key$user(&(0x7f0000000180), &(0x7f00000001c0)={'syz', 0x1}, &(0x7f0000000200)="8b", 0x1, r2) openat(0xffffffffffffff9c, &(0x7f0000000480)='./file1\x00', 0x800, 0x10) r5 = add_key$fscrypt_v1(&(0x7f0000000400), &(0x7f0000000440)={'fscrypt:', @desc4}, &(0x7f0000000540)={0x0, "dac3f7b7f13cd94537bcd6764e95b06a3519b0c249f0643eb0e6328928bcce4539df514ffec0a49a3c1b2c4028265fe551a496263d053993408f235289be5770", 0x16}, 0x48, 0x0) r6 = add_key(&(0x7f0000000640)='logon\x00', &(0x7f0000000680)={'syz', 0x3}, &(0x7f00000006c0)="d3a99864cf180299f151cec943928b6bd524a77f95519ac3a2235d29b85fd04b334592200b20357d355efc50f58dd11594403a53090f59baf4c1e51c650f124726cf3e207de3e37e9620441cbe355c8159138c4fb6b07c2f87316b6541bf2cb5e6060fa8dfe98ec2633993370cf56cbcd4550ded9cedbe9e8336f444e1fa685b573beb17ecbb2330fba61fffdc236b5cc4e9e3366fc697c83d9782fbd0b67e3718c2473ff2f8fd3265b57ee8cace36ffac01da1357d09584586e736d8bdd575930c44c860150a097049d06c46efcbd4f7a473f14d573f27857ba923e5f6b7ae8fc977216285303e4b17e82cf0172618dbe5ab3e4f866f3d0c66e0b3c90a1", 0xfe, r5) keyctl$KEYCTL_MOVE(0x1e, r3, r6, r1, 0x0) add_key$keyring(&(0x7f0000000140), &(0x7f0000000300)={'syz', 0x3}, 0x0, 0x0, r5) keyctl$KEYCTL_MOVE(0x1e, r4, r2, 0xfffffffffffffffe, 0x0) r7 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) ioctl$EXT4_IOC_CHECKPOINT(r7, 0x4004662b, &(0x7f0000000340)) 11:11:56 executing program 0: r0 = syz_open_dev$tty20(0xc, 0x4, 0x0) ioctl$VT_RESIZE(r0, 0x560e, &(0x7f0000000000)) 11:11:57 executing program 2: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) sendmsg$NL80211_CMD_JOIN_MESH(0xffffffffffffffff, 0x0, 0x0) perf_event_open(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) write$binfmt_aout(r0, &(0x7f0000000100)={{0x108, 0x34, 0x0, 0x2c2, 0x0, 0x20, 0x144, 0xffffffe1}, "", ['\x00']}, 0x120) 11:11:57 executing program 0: r0 = syz_open_dev$tty20(0xc, 0x4, 0x0) ioctl$VT_RESIZE(r0, 0x560e, &(0x7f0000000000)) 11:11:57 executing program 6: perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x79, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x101, &(0x7f0000000180)={0x0, 0x0, 0x2, 0x203}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffb000/0x5000)=nil, &(0x7f0000000100), &(0x7f0000000140)) io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0) 11:11:57 executing program 2: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) sendmsg$NL80211_CMD_JOIN_MESH(0xffffffffffffffff, 0x0, 0x0) perf_event_open(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) write$binfmt_aout(r0, &(0x7f0000000100)={{0x108, 0x34, 0x0, 0x2c2, 0x0, 0x20, 0x144, 0xffffffe1}, "", ['\x00']}, 0x120) 11:11:57 executing program 7: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) ioctl$BTRFS_IOC_QGROUP_ASSIGN(r0, 0x40189429, &(0x7f0000000300)={0x0, 0xfffffffffffff0c5, 0x7}) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x4}, 0x0, 0x0, 0x0, 0x0, 0x6dc8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) pwritev(r1, &(0x7f0000000080)=[{&(0x7f0000000140)='\x00', 0x1a}], 0x1, 0x7fffffc, 0x0) ioctl$BLKFRASET(0xffffffffffffffff, 0x1264, &(0x7f0000000040)=0x9) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x8}, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r0, 0x0, 0x100000) r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x1c5042, 0x0) write(r2, &(0x7f0000000200)='E', 0x140000) stat(&(0x7f0000000240)='./file1\x00', &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0}) setresuid(0x0, r3, 0x0) openat(r2, &(0x7f0000000180)='./file1\x00', 0x10041, 0x14c) getgid() 11:11:57 executing program 4: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x2, &(0x7f0000000100)=[{0x20, 0x0, 0x0, 0x8000}, {0x6}]}) 11:11:57 executing program 3: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = syz_open_dev$vcsn(&(0x7f0000000080), 0x3, 0x149481) tee(r1, r0, 0x1, 0x0) 11:11:57 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) ioctl$BTRFS_IOC_QGROUP_ASSIGN(r0, 0x40189429, &(0x7f0000000300)={0x0, 0xfffffffffffff0c5, 0x7}) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x4}, 0x0, 0x0, 0x0, 0x0, 0x6dc8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) pwritev(r1, &(0x7f0000000080)=[{&(0x7f0000000140)='\x00', 0x1a}], 0x1, 0x7fffffc, 0x0) ioctl$BLKFRASET(0xffffffffffffffff, 0x1264, &(0x7f0000000040)=0x9) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x8}, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r0, 0x0, 0x100000) r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x1c5042, 0x0) write(r2, &(0x7f0000000200)='E', 0x140000) stat(&(0x7f0000000240)='./file1\x00', &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0}) setresuid(0x0, r3, 0x0) openat(r2, &(0x7f0000000180)='./file1\x00', 0x10041, 0x14c) getgid() 11:11:57 executing program 1: r0 = fork() ptrace$setopts(0x4206, r0, 0x0, 0x0) ptrace(0x8, r0) fork() ptrace(0x11, r0) r1 = perf_event_open(&(0x7f0000000080)={0x5, 0x80, 0x82, 0x0, 0x0, 0x0, 0x0, 0x0, 0x810d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x8480, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe}, r0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x1200}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = fork() ptrace$setopts(0x4206, r2, 0x0, 0x0) ptrace(0x8, r2) ptrace(0x10, r2) wait4(r2, &(0x7f0000000000), 0x2, &(0x7f0000000480)) wait4(0x0, 0x0, 0x0, 0x0) r3 = openat$cgroup_freezer_state(0xffffffffffffffff, &(0x7f0000000240), 0x2, 0x0) kcmp(r2, 0x0, 0x2, r3, r1) r4 = signalfd(r1, &(0x7f0000000440)={[0x4]}, 0x8) perf_event_open(&(0x7f0000000300)={0x4, 0x80, 0x7, 0x78, 0x21, 0x3, 0x0, 0x6, 0x10014, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0xfb3, 0x2, @perf_bp={&(0x7f0000000200), 0x8}, 0xc0, 0x5c, 0x3, 0x7, 0x1, 0xd5e, 0xfffb, 0x0, 0x81, 0x0, 0x6}, 0x0, 0x3, r4, 0x3) 11:11:57 executing program 4: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x2, &(0x7f0000000100)=[{0x20, 0x0, 0x0, 0x8000}, {0x6}]}) 11:11:58 executing program 2: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) sendmsg$NL80211_CMD_JOIN_MESH(0xffffffffffffffff, 0x0, 0x0) perf_event_open(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) write$binfmt_aout(r0, &(0x7f0000000100)={{0x108, 0x34, 0x0, 0x2c2, 0x0, 0x20, 0x144, 0xffffffe1}, "", ['\x00']}, 0x120) 11:11:58 executing program 3: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = syz_open_dev$vcsn(&(0x7f0000000080), 0x3, 0x149481) tee(r1, r0, 0x1, 0x0) 11:11:59 executing program 3: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = syz_open_dev$vcsn(&(0x7f0000000080), 0x3, 0x149481) tee(r1, r0, 0x1, 0x0) 11:11:59 executing program 4: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x2, &(0x7f0000000100)=[{0x20, 0x0, 0x0, 0x8000}, {0x6}]}) 11:11:59 executing program 6: syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x1c1042, 0x0) statx(0xffffffffffffff9c, &(0x7f0000000180)='./file1\x00', 0x0, 0x800, &(0x7f0000000300)) 11:11:59 executing program 2: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) sendmsg$NL80211_CMD_JOIN_MESH(0xffffffffffffffff, 0x0, 0x0) perf_event_open(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) write$binfmt_aout(r0, &(0x7f0000000100)={{0x108, 0x34, 0x0, 0x2c2, 0x0, 0x20, 0x144, 0xffffffe1}, "", ['\x00']}, 0x120) 11:11:59 executing program 0: r0 = syz_open_dev$tty20(0xc, 0x4, 0x0) ioctl$VT_RESIZE(r0, 0x560e, &(0x7f0000000000)) 11:11:59 executing program 1: r0 = fork() ptrace$setopts(0x4206, r0, 0x0, 0x0) ptrace(0x8, r0) fork() ptrace(0x11, r0) r1 = perf_event_open(&(0x7f0000000080)={0x5, 0x80, 0x82, 0x0, 0x0, 0x0, 0x0, 0x0, 0x810d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x8480, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe}, r0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x1200}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = fork() ptrace$setopts(0x4206, r2, 0x0, 0x0) ptrace(0x8, r2) ptrace(0x10, r2) wait4(r2, &(0x7f0000000000), 0x2, &(0x7f0000000480)) wait4(0x0, 0x0, 0x0, 0x0) r3 = openat$cgroup_freezer_state(0xffffffffffffffff, &(0x7f0000000240), 0x2, 0x0) kcmp(r2, 0x0, 0x2, r3, r1) r4 = signalfd(r1, &(0x7f0000000440)={[0x4]}, 0x8) perf_event_open(&(0x7f0000000300)={0x4, 0x80, 0x7, 0x78, 0x21, 0x3, 0x0, 0x6, 0x10014, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0xfb3, 0x2, @perf_bp={&(0x7f0000000200), 0x8}, 0xc0, 0x5c, 0x3, 0x7, 0x1, 0xd5e, 0xfffb, 0x0, 0x81, 0x0, 0x6}, 0x0, 0x3, r4, 0x3) 11:11:59 executing program 7: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) ioctl$BTRFS_IOC_QGROUP_ASSIGN(r0, 0x40189429, &(0x7f0000000300)={0x0, 0xfffffffffffff0c5, 0x7}) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x4}, 0x0, 0x0, 0x0, 0x0, 0x6dc8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) pwritev(r1, &(0x7f0000000080)=[{&(0x7f0000000140)='\x00', 0x1a}], 0x1, 0x7fffffc, 0x0) ioctl$BLKFRASET(0xffffffffffffffff, 0x1264, &(0x7f0000000040)=0x9) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x8}, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r0, 0x0, 0x100000) r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x1c5042, 0x0) write(r2, &(0x7f0000000200)='E', 0x140000) stat(&(0x7f0000000240)='./file1\x00', &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0}) setresuid(0x0, r3, 0x0) openat(r2, &(0x7f0000000180)='./file1\x00', 0x10041, 0x14c) getgid() 11:11:59 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) ioctl$BTRFS_IOC_QGROUP_ASSIGN(r0, 0x40189429, &(0x7f0000000300)={0x0, 0xfffffffffffff0c5, 0x7}) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x4}, 0x0, 0x0, 0x0, 0x0, 0x6dc8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) pwritev(r1, &(0x7f0000000080)=[{&(0x7f0000000140)='\x00', 0x1a}], 0x1, 0x7fffffc, 0x0) ioctl$BLKFRASET(0xffffffffffffffff, 0x1264, &(0x7f0000000040)=0x9) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x8}, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r0, 0x0, 0x100000) r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x1c5042, 0x0) write(r2, &(0x7f0000000200)='E', 0x140000) stat(&(0x7f0000000240)='./file1\x00', &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0}) setresuid(0x0, r3, 0x0) openat(r2, &(0x7f0000000180)='./file1\x00', 0x10041, 0x14c) getgid() 11:11:59 executing program 3: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = syz_open_dev$vcsn(&(0x7f0000000080), 0x3, 0x149481) tee(r1, r0, 0x1, 0x0) 11:11:59 executing program 6: syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x1c1042, 0x0) statx(0xffffffffffffff9c, &(0x7f0000000180)='./file1\x00', 0x0, 0x800, &(0x7f0000000300)) 11:11:59 executing program 4: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x2, &(0x7f0000000100)=[{0x20, 0x0, 0x0, 0x8000}, {0x6}]}) 11:11:59 executing program 2: r0 = fork() ptrace$setopts(0x4206, r0, 0x0, 0x0) ptrace(0x8, r0) fork() ptrace(0x11, r0) r1 = perf_event_open(&(0x7f0000000080)={0x5, 0x80, 0x82, 0x0, 0x0, 0x0, 0x0, 0x0, 0x810d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x8480, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe}, r0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x1200}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = fork() ptrace$setopts(0x4206, r2, 0x0, 0x0) ptrace(0x8, r2) ptrace(0x10, r2) wait4(r2, &(0x7f0000000000), 0x2, &(0x7f0000000480)) wait4(0x0, 0x0, 0x0, 0x0) r3 = openat$cgroup_freezer_state(0xffffffffffffffff, &(0x7f0000000240), 0x2, 0x0) kcmp(r2, 0x0, 0x2, r3, r1) r4 = signalfd(r1, &(0x7f0000000440)={[0x4]}, 0x8) perf_event_open(&(0x7f0000000300)={0x4, 0x80, 0x7, 0x78, 0x21, 0x3, 0x0, 0x6, 0x10014, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0xfb3, 0x2, @perf_bp={&(0x7f0000000200), 0x8}, 0xc0, 0x5c, 0x3, 0x7, 0x1, 0xd5e, 0xfffb, 0x0, 0x81, 0x0, 0x6}, 0x0, 0x3, r4, 0x3) 11:11:59 executing program 3: r0 = fork() ptrace$setopts(0x4206, r0, 0x0, 0x0) ptrace(0x8, r0) fork() ptrace(0x11, r0) r1 = perf_event_open(&(0x7f0000000080)={0x5, 0x80, 0x82, 0x0, 0x0, 0x0, 0x0, 0x0, 0x810d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x8480, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe}, r0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x1200}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = fork() ptrace$setopts(0x4206, r2, 0x0, 0x0) ptrace(0x8, r2) ptrace(0x10, r2) wait4(r2, &(0x7f0000000000), 0x2, &(0x7f0000000480)) wait4(0x0, 0x0, 0x0, 0x0) r3 = openat$cgroup_freezer_state(0xffffffffffffffff, &(0x7f0000000240), 0x2, 0x0) kcmp(r2, 0x0, 0x2, r3, r1) r4 = signalfd(r1, &(0x7f0000000440)={[0x4]}, 0x8) perf_event_open(&(0x7f0000000300)={0x4, 0x80, 0x7, 0x78, 0x21, 0x3, 0x0, 0x6, 0x10014, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0xfb3, 0x2, @perf_bp={&(0x7f0000000200), 0x8}, 0xc0, 0x5c, 0x3, 0x7, 0x1, 0xd5e, 0xfffb, 0x0, 0x81, 0x0, 0x6}, 0x0, 0x3, r4, 0x3) 11:11:59 executing program 6: syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x1c1042, 0x0) statx(0xffffffffffffff9c, &(0x7f0000000180)='./file1\x00', 0x0, 0x800, &(0x7f0000000300)) 11:11:59 executing program 4: r0 = fork() ptrace$setopts(0x4206, r0, 0x0, 0x0) ptrace(0x8, r0) fork() ptrace(0x11, r0) r1 = perf_event_open(&(0x7f0000000080)={0x5, 0x80, 0x82, 0x0, 0x0, 0x0, 0x0, 0x0, 0x810d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x8480, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe}, r0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x1200}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = fork() ptrace$setopts(0x4206, r2, 0x0, 0x0) ptrace(0x8, r2) ptrace(0x10, r2) wait4(r2, &(0x7f0000000000), 0x2, &(0x7f0000000480)) wait4(0x0, 0x0, 0x0, 0x0) r3 = openat$cgroup_freezer_state(0xffffffffffffffff, &(0x7f0000000240), 0x2, 0x0) kcmp(r2, 0x0, 0x2, r3, r1) r4 = signalfd(r1, &(0x7f0000000440)={[0x4]}, 0x8) perf_event_open(&(0x7f0000000300)={0x4, 0x80, 0x7, 0x78, 0x21, 0x3, 0x0, 0x6, 0x10014, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0xfb3, 0x2, @perf_bp={&(0x7f0000000200), 0x8}, 0xc0, 0x5c, 0x3, 0x7, 0x1, 0xd5e, 0xfffb, 0x0, 0x81, 0x0, 0x6}, 0x0, 0x3, r4, 0x3) 11:11:59 executing program 6: syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x1c1042, 0x0) statx(0xffffffffffffff9c, &(0x7f0000000180)='./file1\x00', 0x0, 0x800, &(0x7f0000000300)) 11:12:01 executing program 1: r0 = fork() ptrace$setopts(0x4206, r0, 0x0, 0x0) ptrace(0x8, r0) fork() ptrace(0x11, r0) r1 = perf_event_open(&(0x7f0000000080)={0x5, 0x80, 0x82, 0x0, 0x0, 0x0, 0x0, 0x0, 0x810d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x8480, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe}, r0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x1200}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = fork() ptrace$setopts(0x4206, r2, 0x0, 0x0) ptrace(0x8, r2) ptrace(0x10, r2) wait4(r2, &(0x7f0000000000), 0x2, &(0x7f0000000480)) wait4(0x0, 0x0, 0x0, 0x0) r3 = openat$cgroup_freezer_state(0xffffffffffffffff, &(0x7f0000000240), 0x2, 0x0) kcmp(r2, 0x0, 0x2, r3, r1) r4 = signalfd(r1, &(0x7f0000000440)={[0x4]}, 0x8) perf_event_open(&(0x7f0000000300)={0x4, 0x80, 0x7, 0x78, 0x21, 0x3, 0x0, 0x6, 0x10014, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0xfb3, 0x2, @perf_bp={&(0x7f0000000200), 0x8}, 0xc0, 0x5c, 0x3, 0x7, 0x1, 0xd5e, 0xfffb, 0x0, 0x81, 0x0, 0x6}, 0x0, 0x3, r4, 0x3) 11:12:01 executing program 7: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) ioctl$BTRFS_IOC_QGROUP_ASSIGN(r0, 0x40189429, &(0x7f0000000300)={0x0, 0xfffffffffffff0c5, 0x7}) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x4}, 0x0, 0x0, 0x0, 0x0, 0x6dc8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) pwritev(r1, &(0x7f0000000080)=[{&(0x7f0000000140)='\x00', 0x1a}], 0x1, 0x7fffffc, 0x0) ioctl$BLKFRASET(0xffffffffffffffff, 0x1264, &(0x7f0000000040)=0x9) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x8}, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r0, 0x0, 0x100000) r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x1c5042, 0x0) write(r2, &(0x7f0000000200)='E', 0x140000) stat(&(0x7f0000000240)='./file1\x00', &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0}) setresuid(0x0, r3, 0x0) openat(r2, &(0x7f0000000180)='./file1\x00', 0x10041, 0x14c) getgid() 11:12:01 executing program 3: r0 = fork() ptrace$setopts(0x4206, r0, 0x0, 0x0) ptrace(0x8, r0) fork() ptrace(0x11, r0) r1 = perf_event_open(&(0x7f0000000080)={0x5, 0x80, 0x82, 0x0, 0x0, 0x0, 0x0, 0x0, 0x810d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x8480, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe}, r0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x1200}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = fork() ptrace$setopts(0x4206, r2, 0x0, 0x0) ptrace(0x8, r2) ptrace(0x10, r2) wait4(r2, &(0x7f0000000000), 0x2, &(0x7f0000000480)) wait4(0x0, 0x0, 0x0, 0x0) r3 = openat$cgroup_freezer_state(0xffffffffffffffff, &(0x7f0000000240), 0x2, 0x0) kcmp(r2, 0x0, 0x2, r3, r1) r4 = signalfd(r1, &(0x7f0000000440)={[0x4]}, 0x8) perf_event_open(&(0x7f0000000300)={0x4, 0x80, 0x7, 0x78, 0x21, 0x3, 0x0, 0x6, 0x10014, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0xfb3, 0x2, @perf_bp={&(0x7f0000000200), 0x8}, 0xc0, 0x5c, 0x3, 0x7, 0x1, 0xd5e, 0xfffb, 0x0, 0x81, 0x0, 0x6}, 0x0, 0x3, r4, 0x3) 11:12:01 executing program 2: r0 = fork() ptrace$setopts(0x4206, r0, 0x0, 0x0) ptrace(0x8, r0) fork() ptrace(0x11, r0) r1 = perf_event_open(&(0x7f0000000080)={0x5, 0x80, 0x82, 0x0, 0x0, 0x0, 0x0, 0x0, 0x810d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x8480, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe}, r0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x1200}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = fork() ptrace$setopts(0x4206, r2, 0x0, 0x0) ptrace(0x8, r2) ptrace(0x10, r2) wait4(r2, &(0x7f0000000000), 0x2, &(0x7f0000000480)) wait4(0x0, 0x0, 0x0, 0x0) r3 = openat$cgroup_freezer_state(0xffffffffffffffff, &(0x7f0000000240), 0x2, 0x0) kcmp(r2, 0x0, 0x2, r3, r1) r4 = signalfd(r1, &(0x7f0000000440)={[0x4]}, 0x8) perf_event_open(&(0x7f0000000300)={0x4, 0x80, 0x7, 0x78, 0x21, 0x3, 0x0, 0x6, 0x10014, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0xfb3, 0x2, @perf_bp={&(0x7f0000000200), 0x8}, 0xc0, 0x5c, 0x3, 0x7, 0x1, 0xd5e, 0xfffb, 0x0, 0x81, 0x0, 0x6}, 0x0, 0x3, r4, 0x3) 11:12:01 executing program 4: r0 = fork() ptrace$setopts(0x4206, r0, 0x0, 0x0) ptrace(0x8, r0) fork() ptrace(0x11, r0) r1 = perf_event_open(&(0x7f0000000080)={0x5, 0x80, 0x82, 0x0, 0x0, 0x0, 0x0, 0x0, 0x810d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x8480, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe}, r0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x1200}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = fork() ptrace$setopts(0x4206, r2, 0x0, 0x0) ptrace(0x8, r2) ptrace(0x10, r2) wait4(r2, &(0x7f0000000000), 0x2, &(0x7f0000000480)) wait4(0x0, 0x0, 0x0, 0x0) r3 = openat$cgroup_freezer_state(0xffffffffffffffff, &(0x7f0000000240), 0x2, 0x0) kcmp(r2, 0x0, 0x2, r3, r1) r4 = signalfd(r1, &(0x7f0000000440)={[0x4]}, 0x8) perf_event_open(&(0x7f0000000300)={0x4, 0x80, 0x7, 0x78, 0x21, 0x3, 0x0, 0x6, 0x10014, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0xfb3, 0x2, @perf_bp={&(0x7f0000000200), 0x8}, 0xc0, 0x5c, 0x3, 0x7, 0x1, 0xd5e, 0xfffb, 0x0, 0x81, 0x0, 0x6}, 0x0, 0x3, r4, 0x3) 11:12:01 executing program 0: r0 = syz_open_dev$tty20(0xc, 0x4, 0x0) ioctl$VT_RESIZE(r0, 0x560e, &(0x7f0000000000)) 11:12:01 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) ioctl$BTRFS_IOC_QGROUP_ASSIGN(r0, 0x40189429, &(0x7f0000000300)={0x0, 0xfffffffffffff0c5, 0x7}) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x4}, 0x0, 0x0, 0x0, 0x0, 0x6dc8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) pwritev(r1, &(0x7f0000000080)=[{&(0x7f0000000140)='\x00', 0x1a}], 0x1, 0x7fffffc, 0x0) ioctl$BLKFRASET(0xffffffffffffffff, 0x1264, &(0x7f0000000040)=0x9) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x8}, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r0, 0x0, 0x100000) r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x1c5042, 0x0) write(r2, &(0x7f0000000200)='E', 0x140000) stat(&(0x7f0000000240)='./file1\x00', &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0}) setresuid(0x0, r3, 0x0) openat(r2, &(0x7f0000000180)='./file1\x00', 0x10041, 0x14c) getgid() 11:12:01 executing program 6: r0 = fork() ptrace$setopts(0x4206, r0, 0x0, 0x0) ptrace(0x8, r0) fork() ptrace(0x11, r0) r1 = perf_event_open(&(0x7f0000000080)={0x5, 0x80, 0x82, 0x0, 0x0, 0x0, 0x0, 0x0, 0x810d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x8480, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe}, r0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x1200}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = fork() ptrace$setopts(0x4206, r2, 0x0, 0x0) ptrace(0x8, r2) ptrace(0x10, r2) wait4(r2, &(0x7f0000000000), 0x2, &(0x7f0000000480)) wait4(0x0, 0x0, 0x0, 0x0) r3 = openat$cgroup_freezer_state(0xffffffffffffffff, &(0x7f0000000240), 0x2, 0x0) kcmp(r2, 0x0, 0x2, r3, r1) r4 = signalfd(r1, &(0x7f0000000440)={[0x4]}, 0x8) perf_event_open(&(0x7f0000000300)={0x4, 0x80, 0x7, 0x78, 0x21, 0x3, 0x0, 0x6, 0x10014, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0xfb3, 0x2, @perf_bp={&(0x7f0000000200), 0x8}, 0xc0, 0x5c, 0x3, 0x7, 0x1, 0xd5e, 0xfffb, 0x0, 0x81, 0x0, 0x6}, 0x0, 0x3, r4, 0x3) 11:12:01 executing program 2: r0 = fork() ptrace$setopts(0x4206, r0, 0x0, 0x0) ptrace(0x8, r0) fork() ptrace(0x11, r0) r1 = perf_event_open(&(0x7f0000000080)={0x5, 0x80, 0x82, 0x0, 0x0, 0x0, 0x0, 0x0, 0x810d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x8480, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe}, r0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x1200}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = fork() ptrace$setopts(0x4206, r2, 0x0, 0x0) ptrace(0x8, r2) ptrace(0x10, r2) wait4(r2, &(0x7f0000000000), 0x2, &(0x7f0000000480)) wait4(0x0, 0x0, 0x0, 0x0) r3 = openat$cgroup_freezer_state(0xffffffffffffffff, &(0x7f0000000240), 0x2, 0x0) kcmp(r2, 0x0, 0x2, r3, r1) r4 = signalfd(r1, &(0x7f0000000440)={[0x4]}, 0x8) perf_event_open(&(0x7f0000000300)={0x4, 0x80, 0x7, 0x78, 0x21, 0x3, 0x0, 0x6, 0x10014, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0xfb3, 0x2, @perf_bp={&(0x7f0000000200), 0x8}, 0xc0, 0x5c, 0x3, 0x7, 0x1, 0xd5e, 0xfffb, 0x0, 0x81, 0x0, 0x6}, 0x0, 0x3, r4, 0x3) 11:12:01 executing program 1: r0 = fork() ptrace$setopts(0x4206, r0, 0x0, 0x0) ptrace(0x8, r0) fork() ptrace(0x11, r0) r1 = perf_event_open(&(0x7f0000000080)={0x5, 0x80, 0x82, 0x0, 0x0, 0x0, 0x0, 0x0, 0x810d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x8480, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe}, r0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x1200}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = fork() ptrace$setopts(0x4206, r2, 0x0, 0x0) ptrace(0x8, r2) ptrace(0x10, r2) wait4(r2, &(0x7f0000000000), 0x2, &(0x7f0000000480)) wait4(0x0, 0x0, 0x0, 0x0) r3 = openat$cgroup_freezer_state(0xffffffffffffffff, &(0x7f0000000240), 0x2, 0x0) kcmp(r2, 0x0, 0x2, r3, r1) r4 = signalfd(r1, &(0x7f0000000440)={[0x4]}, 0x8) perf_event_open(&(0x7f0000000300)={0x4, 0x80, 0x7, 0x78, 0x21, 0x3, 0x0, 0x6, 0x10014, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0xfb3, 0x2, @perf_bp={&(0x7f0000000200), 0x8}, 0xc0, 0x5c, 0x3, 0x7, 0x1, 0xd5e, 0xfffb, 0x0, 0x81, 0x0, 0x6}, 0x0, 0x3, r4, 0x3) 11:12:01 executing program 7: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001840)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) 11:12:01 executing program 7: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001840)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) 11:12:01 executing program 3: r0 = fork() ptrace$setopts(0x4206, r0, 0x0, 0x0) ptrace(0x8, r0) fork() ptrace(0x11, r0) r1 = perf_event_open(&(0x7f0000000080)={0x5, 0x80, 0x82, 0x0, 0x0, 0x0, 0x0, 0x0, 0x810d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x8480, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe}, r0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x1200}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = fork() ptrace$setopts(0x4206, r2, 0x0, 0x0) ptrace(0x8, r2) ptrace(0x10, r2) wait4(r2, &(0x7f0000000000), 0x2, &(0x7f0000000480)) wait4(0x0, 0x0, 0x0, 0x0) r3 = openat$cgroup_freezer_state(0xffffffffffffffff, &(0x7f0000000240), 0x2, 0x0) kcmp(r2, 0x0, 0x2, r3, r1) r4 = signalfd(r1, &(0x7f0000000440)={[0x4]}, 0x8) perf_event_open(&(0x7f0000000300)={0x4, 0x80, 0x7, 0x78, 0x21, 0x3, 0x0, 0x6, 0x10014, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0xfb3, 0x2, @perf_bp={&(0x7f0000000200), 0x8}, 0xc0, 0x5c, 0x3, 0x7, 0x1, 0xd5e, 0xfffb, 0x0, 0x81, 0x0, 0x6}, 0x0, 0x3, r4, 0x3) 11:12:01 executing program 6: r0 = fork() ptrace$setopts(0x4206, r0, 0x0, 0x0) ptrace(0x8, r0) fork() ptrace(0x11, r0) r1 = perf_event_open(&(0x7f0000000080)={0x5, 0x80, 0x82, 0x0, 0x0, 0x0, 0x0, 0x0, 0x810d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x8480, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe}, r0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x1200}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = fork() ptrace$setopts(0x4206, r2, 0x0, 0x0) ptrace(0x8, r2) ptrace(0x10, r2) wait4(r2, &(0x7f0000000000), 0x2, &(0x7f0000000480)) wait4(0x0, 0x0, 0x0, 0x0) r3 = openat$cgroup_freezer_state(0xffffffffffffffff, &(0x7f0000000240), 0x2, 0x0) kcmp(r2, 0x0, 0x2, r3, r1) r4 = signalfd(r1, &(0x7f0000000440)={[0x4]}, 0x8) perf_event_open(&(0x7f0000000300)={0x4, 0x80, 0x7, 0x78, 0x21, 0x3, 0x0, 0x6, 0x10014, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0xfb3, 0x2, @perf_bp={&(0x7f0000000200), 0x8}, 0xc0, 0x5c, 0x3, 0x7, 0x1, 0xd5e, 0xfffb, 0x0, 0x81, 0x0, 0x6}, 0x0, 0x3, r4, 0x3) 11:12:01 executing program 7: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001840)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) 11:12:01 executing program 5: r0 = memfd_create(&(0x7f0000000040)='B\xdb/\x89\x03l\xdeb\xcb\xb54\xed\xbeLY\xb5Z\xe1\x12S\xf5G\xcc\xf3\xe9\x02h\v\xca(\x96\xe1C\xdf\x1c\t\x00\x00\x00\x00\x00\x00\x00\x16\xcd\x17\xa2\x80\xa1z\xb4r\x95\xc3@\x9d\xa6\xf1\x92#}g\xd3`\xf7\xcez\xcb\xb3\x1a\xbb\xc48e\x8e\xb1&\xd1\x8a\xe6!\x7f\x8d\xea,qx\xa28\xbf\"\xc7e\x06L\xb06\xeb<$\xd7\xba\xe5\x01\x03\x94r\xab\xd4J\x03s\xaf\xf6A\xbfV\xfa\x1ew\x8d\xbf\x99I\x97\xd8\xd2\xe8\x11\xc4\x04\x00\x84\xd5i\xee\xaf\xae[E\x1f\xdd\xd7#rT+\xb621p\xaf[\x99\" 1\xeb\xc7)\xd2\x1dh\xf2\xd5s\xfd?\fa>\x9f;\xe5r\xe5\xbd\xb0|=\x8eZcPY\xf8\xbd\x13\xaa\x8b\xdf\xbc\x93u\xd5\xb0r\xfb\xde\xe7\xd9k\xe2\xc6\x1b\xf2o@&>\xf2M\xe7\x8c\xeb\xee\xf5\x02~\x85\x14\xf3\xc6v\xf15PE\x8c\xca\x16$\xc2\x01#\xb563\rbq\xbf64\xfaW\x17\xdfa\xe6\xca\x86\xd7\xf8\x81X\x9bg4\xc1\xdam\xcf=Rq6\xb0\xd4D=I\x1a\x0e\xd0\xabz\xe2\x19\x0fM\xad\xdco\xa4\xb2\x8c?\xc1\x10\xf273\xd00\xb3_\xe8\x9a*\xfcL\xea;\xc0\x9a\xdbx!N;\xb5x\t\xa4E\xbe\x93r\x04\xf5\xf0\xf5\x7f\x9a)\xf5\x1b\"\xa1\xd8\x06>\xc9\xe2r\xe9\xbb\xfe\xc0\b\x81\x98\x1c\xe2\xe0?\x8f\xa1\xbel\aN\x83@\xb1\x03)4A\x83\xd6\xcf\xf6\xb5\x82\xb7\x9dA\b$\xa2x\x8a@\xfaj~\xef\x93\xb1/L\x01\xe2\xba}\xf0\x01)PP\xcdl\x06\xfc\x15;qZ\xb1u\xc9\xd0\xd16~JEGm\xe4\x1e@\x9dG\xe4@\xdf\xba\'\x8b\x1cD\xc7\xec\xd1@}tR\xd9P\xf4N\xe3\xd8x\xa0\x91\x17\xc2}\x13\b\xca\t(Z\xa3_\xa1\x90\x15T\xa4\xe7%\x98\xa7\xfb\x8bp/eq\x93\xbf\x1f =|\xf3\xb1\xfcR\xd8\nM,\xcb%@\'\x15\x88\xd8\xad\f\x91|\x95\x8fq+\x98\x81W\xba\x9f\xe0elOt\xbd\by\r\x87\x1c\xba\xbd\x8e+S>\xb8\xe29\x91h^x\xfb`\x00\xdd/\xa6\xb1\x16=\xa1bw\xc5I\xb1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00}\xb7\xd5\x1a\xc3~\xa93n\x139\xf1\xca\xe5\x0f\xdce\x9b\xf3yd\x8c\x11\xee\xe5\xa5\vS\xe2 k\xd5\xe1\xab\r\xb6\xa5\xfe\x9f\xb3\xd05>^\xa6\xf4\x0f\xfc\xf6\x10\xfe\x84\xc7\x1cf\'\xab7\xcb:\x1f=T\xf4\xf9p\x8f]\x00\xc7}\xf60s\xfa@\xc8;\x15\x9b\xb1M\xc7\x9e\xc7\x8f\xe6\xe4\x86\x15\x16\x8c\x85\b\xee\x05\xd0\x87\xa4\xbd*\xd9\xe2S/U\xd6\x92\xe4\x89\x0e\x11*\x03Zj@\xc3.C7\xefx\xd6\xe3\x89\x01\x81w\x89\xefb\xb2\xaf\xf3\xa1\x7f(\xd3y\x1c\x16\xbb0\x06wG\xb7s\xe1\xf2\xc0\x92\x7f3\xf9\x11<\xa7e\x90\x9b(\xf7\x19\x82yt(\xe5\xd6\x96\xbf\xbf\xb4\x8b\xba\xcf\xdc\x90\x98B\xe1\xc0\xc3\xc7\xcc', 0x0) write$binfmt_aout(r0, &(0x7f0000000340)={{}, "8442fcd5a511b88e6a8db0b14fcea98c1ca27e82ccd86d67e22492932c3f5220d63b4a1183e70673ff1295a9f0994ec3714c2ab4cc92621dc251b6f706ec009cb17c1749beb4c852ad374f850b120566e6da8177540afd3ec0faaa0577d835f82e0213e1f2e126bcac822969694c19dd7390f90d60b1d2880e5d02442c0eb41dc1d2347c70be4bcf343dfd6ad6b66e4dc243cecaab98298806ae1f76075da2693b2b724d0431e7b5bd207e8dbdd12a0e1195f7e47732d12b8f99b6b670f4ad0f126820426c796c7848d1ec79c298a5fc93fac630f5c0668ab25c0faf172aa3d4316cb2b3525faeed2107d9dced38bffdf38014c818a8233515998589cfea8936cc0dbfbdea75960e5158c77dadaeb161249e4766f5590a286049d260a56c9082ebf319b11bf0344ef51132df040b50393067cd87948ea27854e3d1650ce108d2e6b4b83beb6de504de9dbb189ade457f40f8c18c50be037bc25b7c308c6e9c70810418b4dd1ce9e41b6f2a2dc37b245730743f280a62c3d2c90a55c025ccace22f3636a09f8d2d618f2430480a4c48a2843c6b8509b6a026115b212f6765de526db6900014a5234a968e3c44d82ea0b44ec29fe939614733e7fffbe878b70f770fa84d0fea5d1081bbb670b1f8c0449809665a8b302b35a8c5edde66d1dcf7cdd52ffe3651a0b97e31b3be10a3f8787cf72d60cb56aa6e3733c0cd0e0dddc606f6173e705dfa8beb028a34ccc6d96e6658233724c14d705a7c31f1f724d041c292052907883478fc5151bb6e22f4ee4bb0571d8c5fe5efd75471595634ee8a1a03f15935a415c27b4630aa2ff45f7ea59a151c69229fe9e2668fae1976dfabc9c23cce679d084c6d08730ccbff35fbb8130087e48d4a84cc08ad03566d159bfa937a86c31010d6c3e45fb4455974901d2f5aea033301abefb2451b36340be9fa1f9c862a39d2084d5d60e02c416dcbc52def2de40a11e3e4444093b31d0e27ceb762a391ca601df4b6116864349294820708b5adc0bde61edebdfa9cc0acdd066b3de3cb497cfb6ae6c258b41c402ab911a3faa9cf7a29c02c502ac56d4661b4a86a7a64fc3e602c58b14d8adf37ecd89cedfcb5a22f251a84b941a4c174e880ce7966a49e2dc6b92c69aab490c9cdd4bd59361fc7eebe2b596101d299c5c81fb7630b6feb0ed310df2d4e478ff3eb7e9a17b972dec74ad814cbba7a197e964bb259d207deb8ae3a3b2e0d5bc72841cf6809a3c3c0a830adb7dad4b2388fb8e6ac2cb1a2d4c19879dd3b8d0762be4fcb6261011a51b3892aa6b6c4c027614777d2e795d57019058a8c6e5db6147a8b29f3e128d6e83c4dcba9da916d9bdedd4dc945a40b01f3f6fe536f6e572f41665743f78baef38e32e7fe0bd28e31e174c4b83ea9553bed1e75420e0504e9094e6242d6c3ec81eaa20cc507f1c01afb939870a1a30e4ef2c4c04e689502f30efbb0764754b4c54471482b539ac642efaefb80e9fde613b3b0e0d0f56b3964060df2e7290496cfd3d58ba70acf7b918796a204bb8f87bf816defde1772a5ca1242c04d172e611a594607d1ad3c5b2455f9e296d888176c69b34d624998805387e4ef6eea7e94544f122b6b2d25312c08ebd4d591102cf739a582ff7249f7a726da683ecab81188c499edea3791c1f5edd852bdbb97a62f142ecf5b51e5b920a507e18cee50b77559fb6c193b87d495c0444d66c148c6de35aa563eb6a690a39697f14d502a325586bffeac56c5db6dca3bfad1c9bb9bbfca511747b2512b03c1fea41ea242dc56e6ddd1ba5e453a10d2036efec901fdbf8938006da633332de6c0c0889e86ae2032d70901e11cb2111bdcb3131ad81f14e338275a94b8ce58d772b6043697bda4f9d18f9ecb922be5420c7830caf44e13ca3ebb4e00bfecbcbb41a745fe655f02e941994008dcdfeb2cc6ea2bc87b2b9f7b859eb91f381b93112e95d0928e2b4691833807a3ed5af53c08b368d58e1cc11a093e9416e1b6fbfadda92d0bb0d71ab565fee40045e3bd704591cb493aa3205cd5781b397e20b4e16b736a762d756e7aec439b15cbff37b7f1b93a5ff62f702394369b26964ffcd78fac560a84096f0fe362311368de1f5b7c441dfff3fef3edff9d39395d2899bc969e5bd2e40c4f48f5f8ce0c73798d4a39d08bb478b2f55c70693f181459b49bfcf64f279fe93a0d54e1daff13ce120b3389062ca988a116312a786f394bf478721fab9ec8ccad47cb37332c22eaafcd9c2af5ae8bd3abc36e149ea4d07c3434a44f4ff3b67539b5d703c240c0d9e74f53b149e90db452c7a99002d60bd0ede7dd3d317f7c416f11c3b1f253e57a0b420daf7fcd79a2def772542e72dd5160022eefdc6d6b5ef097a6b0496492723e919ce265bd93705987a5431656a60ff5ff3093a8faab54fd6663a6255794a376aec3014cf28e99de21c84f8c33961f861ca65fa4b8f34b7f834e0063c158c358e7ab653e67367b431492e2d47a0a1004fac3ba0ed5117cc38ddaead4cbfa5215720f5359f27813217e18504ab3c5931e942bc5bfdc6ced0cf1c98aa4c7ecaa19f8e862b798ee7e1fe4639397808fb665a9fc81da305ffe0e6115dd803e4ba616307243e9663a8896ff5f12ea855725acae71bbcd388ae2b989952972e3dee04f38a3a31850f076fe71b545a9f674eebfa710db50d0972ee629d1ab721e881decca9af0570a9e9025a8391d45ab223e527df911e5178b1d9caf86111fc19ec3946c7a5fb9d1bc7e282e52f5b108504e2d7f39e2e0ca1d955a9a21e54cf335913bbbea5c5b24254acf83051dc55e7328b4a4439394da1dd42b625acff37a8d8b5c8fcf0f3432d5b56688c1e316457753bd3591d971ef3f5131a81376e31a5ec7804a8b8f04487831d99805f52352ebae3381e57aca8667e78d0dc1b36515b2fd4a0f4e6625b60bdd11a02864b03b16e981a9a53f6c3ca15d8d024694a6005eaf11e1ed1981ce2f53ec0dff4f16dd67e463accecd16cd7389d08bf82d1e5dfee570e57ffd6f46eb803e2af2d441863d937b4b2ff2cbb83a2a8453539044bcc586faf3301708f958394418534a1aab6a7c955eea458e20d74cd8f0df6c4a6895d20beea8efbf71ea36e10bc325b5ef3dd3f838bcca527046f5340032153671e1389e813183ccee7e6f5d042b23bb58c3237818f91cdcd866955c9334f770abd87e6ac153c3610d7dfbcb9eb68942d0cced8d8b7eac7ca090c54c0d390a48a8b7b5e55a18f696046098d8d6ec29cc892953c7b1dd3489af9d76983d3f2b4cb8f5625cf783316c58204609565d4ee7fc35391af16ff21e19018a605fa08c2608ff6ed12d0fe3a7a3b7e47220e51b0fb11063a9d59cfcef934af3e0c6f8d31a11307d56720027c08fe09407e9db42e1e4f01d799bab3fd9dc33f77108b4979c2e30578b64aee78bb936590fe8e6eb10d3732a2ff6740b4767f8679b5af5d488655280ad07a2d3abc8a96d4c3703c9f1a28e42817da976274a53a4bf7634360994d08d0c9bdcd41a42e74567ea45db0caa60a0dfae5d8153641c65992eaf9d424476afee130851277a688b3d95b17aa293e92bfb64d339daec2b19ab52b0d64ae193605a08ea387d381fb9f39f02ea1398f7e5351e3df9c0b49aba33fabc381c021b650fb20d3958affa6cf99d5a0589bfe0aa06a08b180c8a2c4ca8632550c8748791c8ea00a425f3cf67132143b7d19d5cbda4620681d2e6f4e88c8596c9356d7991ad3464a04468c5248be6bc1b2606c064fe3beccaae28766ea2c99c415794e23b2dc801d1f5e4b945989a6d65d3b217b20130a41b232c17c45c557c8dec6f83840c1d10f6d977bae4759aa90cb2f04ab52d7bd5b8a11e527af944642227f087fe27007a19bc12ca92ceb24b76bc47274bd93b8ea78c556d6b99ba7a8998d1315a9410c5667bab9d617dec78ca49adc10c0ed8589772fec7407c1d02fbe33865f519a35392aac5230d246f7866c688b48b9916d23ca8c42e53b925b5395cf4d0956666a109e73f23f7be5e1d7891e026947e08cfe911be4456002d95cbb0623d4b6b5964ec258986f8eb5fed68209462151c47967d45b5b91c744c2c8b5f88534117bd589d85337ecdbf78ae62525fc141428b68ed4fe2de5d61cb1208d31b681d5c826d5922ce6f7fc5ff17833e8dcdfd2c9cba20ebf66f19a43926936dd321e8e011144bbeda1189e442718c3efdd32c59a819008a246a9baa6d6dc41de26da1272da2964881b35a63d5864607170d019ad33f53f5f00a3c9a834ae7a4ed9fb3b087221961c3af7c537fa58b5d0cfc6051091b0dcd731339bc73c1012f9b2e6e13b0ac04601b6b13787fe7f39d717ae672c3197addfd69e28358a581fa9615c02775ebed7f8f0a953eff01c1e3bc95b044c4e8f56d04a4bc266efc60bc079014a78759f664794a82ecb1a8385e9a8d39af3e923fd851a2314b9b363849b4f4bd1e067f14b6646facbb77363f24576d886055b6185120edb2c77cb1ca656ec4d1f34fc4c19d4a4fd7fbbbd09cc8b3c56ebde79a79e44f1b18e3ea4fe0f8c61e96e72d41df14ba5d823be8f1f731ca90c64ae692e631b3c39e0e7a0ba7fab78e8061be495e684f48f681678893cbde476cdd14f751bfbff055230017dedae9533ac99ca43438af35a3d707e81e9abba0a0e354a3454678870bd2d00d92fbe090087e62fff585885888d3658073f17a505be9e9694d23b2956557dda20ee32570a2e7ecdcd68da8903895cece62c922e2effcb51d7842ecfba34fb9899a93151729c00a2a64a10b6622a99e38450d7e139eed001eccf42bbac79feeac8b70c490a7dc02d13d04fb5ec6a1c401fcc0fe408ed4f04327d9e4b829d271b09234f5ecd4ef015f9d577518ac10e5f443aa8b0343d9c339d580e1a04f05908781fe06fe31c822d3c0026a480677d05370755bdb3bdd7eaa8695cdd6d2ce67745180840ba883a284181ab0808317bcdd5e06bcf9d00bcaac994047adaac293705baf33fba3ef4a6e1a1f", ['\x00', '\x00']}, 0x1001) readahead(r0, 0x0, 0x0) [ 118.785968] memfd_create() without MFD_EXEC nor MFD_NOEXEC_SEAL, pid=4302 'syz-executor.5' 11:12:01 executing program 2: r0 = socket$inet6_udp(0xa, 0x2, 0x0) r1 = dup(r0) sendmmsg$inet6(r1, &(0x7f0000003400)=[{{&(0x7f0000000140)={0xa, 0x4e21, 0x0, @remote}, 0x1c, 0x0}}, {{&(0x7f0000000500)={0xa, 0x0, 0x0, @local}, 0x1c, 0x0}}], 0x2, 0x0) 11:12:02 executing program 4: r0 = fork() ptrace$setopts(0x4206, r0, 0x0, 0x0) ptrace(0x8, r0) fork() ptrace(0x11, r0) r1 = perf_event_open(&(0x7f0000000080)={0x5, 0x80, 0x82, 0x0, 0x0, 0x0, 0x0, 0x0, 0x810d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x8480, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe}, r0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x1200}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = fork() ptrace$setopts(0x4206, r2, 0x0, 0x0) ptrace(0x8, r2) ptrace(0x10, r2) wait4(r2, &(0x7f0000000000), 0x2, &(0x7f0000000480)) wait4(0x0, 0x0, 0x0, 0x0) r3 = openat$cgroup_freezer_state(0xffffffffffffffff, &(0x7f0000000240), 0x2, 0x0) kcmp(r2, 0x0, 0x2, r3, r1) r4 = signalfd(r1, &(0x7f0000000440)={[0x4]}, 0x8) perf_event_open(&(0x7f0000000300)={0x4, 0x80, 0x7, 0x78, 0x21, 0x3, 0x0, 0x6, 0x10014, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0xfb3, 0x2, @perf_bp={&(0x7f0000000200), 0x8}, 0xc0, 0x5c, 0x3, 0x7, 0x1, 0xd5e, 0xfffb, 0x0, 0x81, 0x0, 0x6}, 0x0, 0x3, r4, 0x3) 11:12:02 executing program 1: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f00000018c0)=0x1, 0x4) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @loopback}, 0x1c) setsockopt$inet6_int(r0, 0x29, 0x10, &(0x7f0000000040), 0x4) setsockopt$inet6_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f0000000000), 0x4) 11:12:02 executing program 3: read$char_usb(0xffffffffffffffff, 0x0, 0x0) 11:12:02 executing program 5: r0 = memfd_create(&(0x7f0000000040)='B\xdb/\x89\x03l\xdeb\xcb\xb54\xed\xbeLY\xb5Z\xe1\x12S\xf5G\xcc\xf3\xe9\x02h\v\xca(\x96\xe1C\xdf\x1c\t\x00\x00\x00\x00\x00\x00\x00\x16\xcd\x17\xa2\x80\xa1z\xb4r\x95\xc3@\x9d\xa6\xf1\x92#}g\xd3`\xf7\xcez\xcb\xb3\x1a\xbb\xc48e\x8e\xb1&\xd1\x8a\xe6!\x7f\x8d\xea,qx\xa28\xbf\"\xc7e\x06L\xb06\xeb<$\xd7\xba\xe5\x01\x03\x94r\xab\xd4J\x03s\xaf\xf6A\xbfV\xfa\x1ew\x8d\xbf\x99I\x97\xd8\xd2\xe8\x11\xc4\x04\x00\x84\xd5i\xee\xaf\xae[E\x1f\xdd\xd7#rT+\xb621p\xaf[\x99\" 1\xeb\xc7)\xd2\x1dh\xf2\xd5s\xfd?\fa>\x9f;\xe5r\xe5\xbd\xb0|=\x8eZcPY\xf8\xbd\x13\xaa\x8b\xdf\xbc\x93u\xd5\xb0r\xfb\xde\xe7\xd9k\xe2\xc6\x1b\xf2o@&>\xf2M\xe7\x8c\xeb\xee\xf5\x02~\x85\x14\xf3\xc6v\xf15PE\x8c\xca\x16$\xc2\x01#\xb563\rbq\xbf64\xfaW\x17\xdfa\xe6\xca\x86\xd7\xf8\x81X\x9bg4\xc1\xdam\xcf=Rq6\xb0\xd4D=I\x1a\x0e\xd0\xabz\xe2\x19\x0fM\xad\xdco\xa4\xb2\x8c?\xc1\x10\xf273\xd00\xb3_\xe8\x9a*\xfcL\xea;\xc0\x9a\xdbx!N;\xb5x\t\xa4E\xbe\x93r\x04\xf5\xf0\xf5\x7f\x9a)\xf5\x1b\"\xa1\xd8\x06>\xc9\xe2r\xe9\xbb\xfe\xc0\b\x81\x98\x1c\xe2\xe0?\x8f\xa1\xbel\aN\x83@\xb1\x03)4A\x83\xd6\xcf\xf6\xb5\x82\xb7\x9dA\b$\xa2x\x8a@\xfaj~\xef\x93\xb1/L\x01\xe2\xba}\xf0\x01)PP\xcdl\x06\xfc\x15;qZ\xb1u\xc9\xd0\xd16~JEGm\xe4\x1e@\x9dG\xe4@\xdf\xba\'\x8b\x1cD\xc7\xec\xd1@}tR\xd9P\xf4N\xe3\xd8x\xa0\x91\x17\xc2}\x13\b\xca\t(Z\xa3_\xa1\x90\x15T\xa4\xe7%\x98\xa7\xfb\x8bp/eq\x93\xbf\x1f =|\xf3\xb1\xfcR\xd8\nM,\xcb%@\'\x15\x88\xd8\xad\f\x91|\x95\x8fq+\x98\x81W\xba\x9f\xe0elOt\xbd\by\r\x87\x1c\xba\xbd\x8e+S>\xb8\xe29\x91h^x\xfb`\x00\xdd/\xa6\xb1\x16=\xa1bw\xc5I\xb1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00}\xb7\xd5\x1a\xc3~\xa93n\x139\xf1\xca\xe5\x0f\xdce\x9b\xf3yd\x8c\x11\xee\xe5\xa5\vS\xe2 k\xd5\xe1\xab\r\xb6\xa5\xfe\x9f\xb3\xd05>^\xa6\xf4\x0f\xfc\xf6\x10\xfe\x84\xc7\x1cf\'\xab7\xcb:\x1f=T\xf4\xf9p\x8f]\x00\xc7}\xf60s\xfa@\xc8;\x15\x9b\xb1M\xc7\x9e\xc7\x8f\xe6\xe4\x86\x15\x16\x8c\x85\b\xee\x05\xd0\x87\xa4\xbd*\xd9\xe2S/U\xd6\x92\xe4\x89\x0e\x11*\x03Zj@\xc3.C7\xefx\xd6\xe3\x89\x01\x81w\x89\xefb\xb2\xaf\xf3\xa1\x7f(\xd3y\x1c\x16\xbb0\x06wG\xb7s\xe1\xf2\xc0\x92\x7f3\xf9\x11<\xa7e\x90\x9b(\xf7\x19\x82yt(\xe5\xd6\x96\xbf\xbf\xb4\x8b\xba\xcf\xdc\x90\x98B\xe1\xc0\xc3\xc7\xcc', 0x0) write$binfmt_aout(r0, &(0x7f0000000340)={{}, "8442fcd5a511b88e6a8db0b14fcea98c1ca27e82ccd86d67e22492932c3f5220d63b4a1183e70673ff1295a9f0994ec3714c2ab4cc92621dc251b6f706ec009cb17c1749beb4c852ad374f850b120566e6da8177540afd3ec0faaa0577d835f82e0213e1f2e126bcac822969694c19dd7390f90d60b1d2880e5d02442c0eb41dc1d2347c70be4bcf343dfd6ad6b66e4dc243cecaab98298806ae1f76075da2693b2b724d0431e7b5bd207e8dbdd12a0e1195f7e47732d12b8f99b6b670f4ad0f126820426c796c7848d1ec79c298a5fc93fac630f5c0668ab25c0faf172aa3d4316cb2b3525faeed2107d9dced38bffdf38014c818a8233515998589cfea8936cc0dbfbdea75960e5158c77dadaeb161249e4766f5590a286049d260a56c9082ebf319b11bf0344ef51132df040b50393067cd87948ea27854e3d1650ce108d2e6b4b83beb6de504de9dbb189ade457f40f8c18c50be037bc25b7c308c6e9c70810418b4dd1ce9e41b6f2a2dc37b245730743f280a62c3d2c90a55c025ccace22f3636a09f8d2d618f2430480a4c48a2843c6b8509b6a026115b212f6765de526db6900014a5234a968e3c44d82ea0b44ec29fe939614733e7fffbe878b70f770fa84d0fea5d1081bbb670b1f8c0449809665a8b302b35a8c5edde66d1dcf7cdd52ffe3651a0b97e31b3be10a3f8787cf72d60cb56aa6e3733c0cd0e0dddc606f6173e705dfa8beb028a34ccc6d96e6658233724c14d705a7c31f1f724d041c292052907883478fc5151bb6e22f4ee4bb0571d8c5fe5efd75471595634ee8a1a03f15935a415c27b4630aa2ff45f7ea59a151c69229fe9e2668fae1976dfabc9c23cce679d084c6d08730ccbff35fbb8130087e48d4a84cc08ad03566d159bfa937a86c31010d6c3e45fb4455974901d2f5aea033301abefb2451b36340be9fa1f9c862a39d2084d5d60e02c416dcbc52def2de40a11e3e4444093b31d0e27ceb762a391ca601df4b6116864349294820708b5adc0bde61edebdfa9cc0acdd066b3de3cb497cfb6ae6c258b41c402ab911a3faa9cf7a29c02c502ac56d4661b4a86a7a64fc3e602c58b14d8adf37ecd89cedfcb5a22f251a84b941a4c174e880ce7966a49e2dc6b92c69aab490c9cdd4bd59361fc7eebe2b596101d299c5c81fb7630b6feb0ed310df2d4e478ff3eb7e9a17b972dec74ad814cbba7a197e964bb259d207deb8ae3a3b2e0d5bc72841cf6809a3c3c0a830adb7dad4b2388fb8e6ac2cb1a2d4c19879dd3b8d0762be4fcb6261011a51b3892aa6b6c4c027614777d2e795d57019058a8c6e5db6147a8b29f3e128d6e83c4dcba9da916d9bdedd4dc945a40b01f3f6fe536f6e572f41665743f78baef38e32e7fe0bd28e31e174c4b83ea9553bed1e75420e0504e9094e6242d6c3ec81eaa20cc507f1c01afb939870a1a30e4ef2c4c04e689502f30efbb0764754b4c54471482b539ac642efaefb80e9fde613b3b0e0d0f56b3964060df2e7290496cfd3d58ba70acf7b918796a204bb8f87bf816defde1772a5ca1242c04d172e611a594607d1ad3c5b2455f9e296d888176c69b34d624998805387e4ef6eea7e94544f122b6b2d25312c08ebd4d591102cf739a582ff7249f7a726da683ecab81188c499edea3791c1f5edd852bdbb97a62f142ecf5b51e5b920a507e18cee50b77559fb6c193b87d495c0444d66c148c6de35aa563eb6a690a39697f14d502a325586bffeac56c5db6dca3bfad1c9bb9bbfca511747b2512b03c1fea41ea242dc56e6ddd1ba5e453a10d2036efec901fdbf8938006da633332de6c0c0889e86ae2032d70901e11cb2111bdcb3131ad81f14e338275a94b8ce58d772b6043697bda4f9d18f9ecb922be5420c7830caf44e13ca3ebb4e00bfecbcbb41a745fe655f02e941994008dcdfeb2cc6ea2bc87b2b9f7b859eb91f381b93112e95d0928e2b4691833807a3ed5af53c08b368d58e1cc11a093e9416e1b6fbfadda92d0bb0d71ab565fee40045e3bd704591cb493aa3205cd5781b397e20b4e16b736a762d756e7aec439b15cbff37b7f1b93a5ff62f702394369b26964ffcd78fac560a84096f0fe362311368de1f5b7c441dfff3fef3edff9d39395d2899bc969e5bd2e40c4f48f5f8ce0c73798d4a39d08bb478b2f55c70693f181459b49bfcf64f279fe93a0d54e1daff13ce120b3389062ca988a116312a786f394bf478721fab9ec8ccad47cb37332c22eaafcd9c2af5ae8bd3abc36e149ea4d07c3434a44f4ff3b67539b5d703c240c0d9e74f53b149e90db452c7a99002d60bd0ede7dd3d317f7c416f11c3b1f253e57a0b420daf7fcd79a2def772542e72dd5160022eefdc6d6b5ef097a6b0496492723e919ce265bd93705987a5431656a60ff5ff3093a8faab54fd6663a6255794a376aec3014cf28e99de21c84f8c33961f861ca65fa4b8f34b7f834e0063c158c358e7ab653e67367b431492e2d47a0a1004fac3ba0ed5117cc38ddaead4cbfa5215720f5359f27813217e18504ab3c5931e942bc5bfdc6ced0cf1c98aa4c7ecaa19f8e862b798ee7e1fe4639397808fb665a9fc81da305ffe0e6115dd803e4ba616307243e9663a8896ff5f12ea855725acae71bbcd388ae2b989952972e3dee04f38a3a31850f076fe71b545a9f674eebfa710db50d0972ee629d1ab721e881decca9af0570a9e9025a8391d45ab223e527df911e5178b1d9caf86111fc19ec3946c7a5fb9d1bc7e282e52f5b108504e2d7f39e2e0ca1d955a9a21e54cf335913bbbea5c5b24254acf83051dc55e7328b4a4439394da1dd42b625acff37a8d8b5c8fcf0f3432d5b56688c1e316457753bd3591d971ef3f5131a81376e31a5ec7804a8b8f04487831d99805f52352ebae3381e57aca8667e78d0dc1b36515b2fd4a0f4e6625b60bdd11a02864b03b16e981a9a53f6c3ca15d8d024694a6005eaf11e1ed1981ce2f53ec0dff4f16dd67e463accecd16cd7389d08bf82d1e5dfee570e57ffd6f46eb803e2af2d441863d937b4b2ff2cbb83a2a8453539044bcc586faf3301708f958394418534a1aab6a7c955eea458e20d74cd8f0df6c4a6895d20beea8efbf71ea36e10bc325b5ef3dd3f838bcca527046f5340032153671e1389e813183ccee7e6f5d042b23bb58c3237818f91cdcd866955c9334f770abd87e6ac153c3610d7dfbcb9eb68942d0cced8d8b7eac7ca090c54c0d390a48a8b7b5e55a18f696046098d8d6ec29cc892953c7b1dd3489af9d76983d3f2b4cb8f5625cf783316c58204609565d4ee7fc35391af16ff21e19018a605fa08c2608ff6ed12d0fe3a7a3b7e47220e51b0fb11063a9d59cfcef934af3e0c6f8d31a11307d56720027c08fe09407e9db42e1e4f01d799bab3fd9dc33f77108b4979c2e30578b64aee78bb936590fe8e6eb10d3732a2ff6740b4767f8679b5af5d488655280ad07a2d3abc8a96d4c3703c9f1a28e42817da976274a53a4bf7634360994d08d0c9bdcd41a42e74567ea45db0caa60a0dfae5d8153641c65992eaf9d424476afee130851277a688b3d95b17aa293e92bfb64d339daec2b19ab52b0d64ae193605a08ea387d381fb9f39f02ea1398f7e5351e3df9c0b49aba33fabc381c021b650fb20d3958affa6cf99d5a0589bfe0aa06a08b180c8a2c4ca8632550c8748791c8ea00a425f3cf67132143b7d19d5cbda4620681d2e6f4e88c8596c9356d7991ad3464a04468c5248be6bc1b2606c064fe3beccaae28766ea2c99c415794e23b2dc801d1f5e4b945989a6d65d3b217b20130a41b232c17c45c557c8dec6f83840c1d10f6d977bae4759aa90cb2f04ab52d7bd5b8a11e527af944642227f087fe27007a19bc12ca92ceb24b76bc47274bd93b8ea78c556d6b99ba7a8998d1315a9410c5667bab9d617dec78ca49adc10c0ed8589772fec7407c1d02fbe33865f519a35392aac5230d246f7866c688b48b9916d23ca8c42e53b925b5395cf4d0956666a109e73f23f7be5e1d7891e026947e08cfe911be4456002d95cbb0623d4b6b5964ec258986f8eb5fed68209462151c47967d45b5b91c744c2c8b5f88534117bd589d85337ecdbf78ae62525fc141428b68ed4fe2de5d61cb1208d31b681d5c826d5922ce6f7fc5ff17833e8dcdfd2c9cba20ebf66f19a43926936dd321e8e011144bbeda1189e442718c3efdd32c59a819008a246a9baa6d6dc41de26da1272da2964881b35a63d5864607170d019ad33f53f5f00a3c9a834ae7a4ed9fb3b087221961c3af7c537fa58b5d0cfc6051091b0dcd731339bc73c1012f9b2e6e13b0ac04601b6b13787fe7f39d717ae672c3197addfd69e28358a581fa9615c02775ebed7f8f0a953eff01c1e3bc95b044c4e8f56d04a4bc266efc60bc079014a78759f664794a82ecb1a8385e9a8d39af3e923fd851a2314b9b363849b4f4bd1e067f14b6646facbb77363f24576d886055b6185120edb2c77cb1ca656ec4d1f34fc4c19d4a4fd7fbbbd09cc8b3c56ebde79a79e44f1b18e3ea4fe0f8c61e96e72d41df14ba5d823be8f1f731ca90c64ae692e631b3c39e0e7a0ba7fab78e8061be495e684f48f681678893cbde476cdd14f751bfbff055230017dedae9533ac99ca43438af35a3d707e81e9abba0a0e354a3454678870bd2d00d92fbe090087e62fff585885888d3658073f17a505be9e9694d23b2956557dda20ee32570a2e7ecdcd68da8903895cece62c922e2effcb51d7842ecfba34fb9899a93151729c00a2a64a10b6622a99e38450d7e139eed001eccf42bbac79feeac8b70c490a7dc02d13d04fb5ec6a1c401fcc0fe408ed4f04327d9e4b829d271b09234f5ecd4ef015f9d577518ac10e5f443aa8b0343d9c339d580e1a04f05908781fe06fe31c822d3c0026a480677d05370755bdb3bdd7eaa8695cdd6d2ce67745180840ba883a284181ab0808317bcdd5e06bcf9d00bcaac994047adaac293705baf33fba3ef4a6e1a1f", ['\x00', '\x00']}, 0x1001) readahead(r0, 0x0, 0x0) 11:12:02 executing program 6: r0 = fork() ptrace$setopts(0x4206, r0, 0x0, 0x0) ptrace(0x8, r0) fork() ptrace(0x11, r0) r1 = perf_event_open(&(0x7f0000000080)={0x5, 0x80, 0x82, 0x0, 0x0, 0x0, 0x0, 0x0, 0x810d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x8480, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe}, r0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x1200}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = fork() ptrace$setopts(0x4206, r2, 0x0, 0x0) ptrace(0x8, r2) ptrace(0x10, r2) wait4(r2, &(0x7f0000000000), 0x2, &(0x7f0000000480)) wait4(0x0, 0x0, 0x0, 0x0) r3 = openat$cgroup_freezer_state(0xffffffffffffffff, &(0x7f0000000240), 0x2, 0x0) kcmp(r2, 0x0, 0x2, r3, r1) r4 = signalfd(r1, &(0x7f0000000440)={[0x4]}, 0x8) perf_event_open(&(0x7f0000000300)={0x4, 0x80, 0x7, 0x78, 0x21, 0x3, 0x0, 0x6, 0x10014, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0xfb3, 0x2, @perf_bp={&(0x7f0000000200), 0x8}, 0xc0, 0x5c, 0x3, 0x7, 0x1, 0xd5e, 0xfffb, 0x0, 0x81, 0x0, 0x6}, 0x0, 0x3, r4, 0x3) 11:12:02 executing program 0: clone3(&(0x7f0000005d80)={0x0, 0x0, 0x0, 0x0, {}, &(0x7f0000005cc0), 0x0, 0x0, &(0x7f0000005d40)=[0x0], 0x1}, 0x58) 11:12:02 executing program 7: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001840)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) 11:12:02 executing program 2: r0 = socket$inet6_udp(0xa, 0x2, 0x0) r1 = dup(r0) sendmmsg$inet6(r1, &(0x7f0000003400)=[{{&(0x7f0000000140)={0xa, 0x4e21, 0x0, @remote}, 0x1c, 0x0}}, {{&(0x7f0000000500)={0xa, 0x0, 0x0, @local}, 0x1c, 0x0}}], 0x2, 0x0) 11:12:02 executing program 0: clone3(&(0x7f0000005d80)={0x0, 0x0, 0x0, 0x0, {}, &(0x7f0000005cc0), 0x0, 0x0, &(0x7f0000005d40)=[0x0], 0x1}, 0x58) 11:12:02 executing program 5: r0 = memfd_create(&(0x7f0000000040)='B\xdb/\x89\x03l\xdeb\xcb\xb54\xed\xbeLY\xb5Z\xe1\x12S\xf5G\xcc\xf3\xe9\x02h\v\xca(\x96\xe1C\xdf\x1c\t\x00\x00\x00\x00\x00\x00\x00\x16\xcd\x17\xa2\x80\xa1z\xb4r\x95\xc3@\x9d\xa6\xf1\x92#}g\xd3`\xf7\xcez\xcb\xb3\x1a\xbb\xc48e\x8e\xb1&\xd1\x8a\xe6!\x7f\x8d\xea,qx\xa28\xbf\"\xc7e\x06L\xb06\xeb<$\xd7\xba\xe5\x01\x03\x94r\xab\xd4J\x03s\xaf\xf6A\xbfV\xfa\x1ew\x8d\xbf\x99I\x97\xd8\xd2\xe8\x11\xc4\x04\x00\x84\xd5i\xee\xaf\xae[E\x1f\xdd\xd7#rT+\xb621p\xaf[\x99\" 1\xeb\xc7)\xd2\x1dh\xf2\xd5s\xfd?\fa>\x9f;\xe5r\xe5\xbd\xb0|=\x8eZcPY\xf8\xbd\x13\xaa\x8b\xdf\xbc\x93u\xd5\xb0r\xfb\xde\xe7\xd9k\xe2\xc6\x1b\xf2o@&>\xf2M\xe7\x8c\xeb\xee\xf5\x02~\x85\x14\xf3\xc6v\xf15PE\x8c\xca\x16$\xc2\x01#\xb563\rbq\xbf64\xfaW\x17\xdfa\xe6\xca\x86\xd7\xf8\x81X\x9bg4\xc1\xdam\xcf=Rq6\xb0\xd4D=I\x1a\x0e\xd0\xabz\xe2\x19\x0fM\xad\xdco\xa4\xb2\x8c?\xc1\x10\xf273\xd00\xb3_\xe8\x9a*\xfcL\xea;\xc0\x9a\xdbx!N;\xb5x\t\xa4E\xbe\x93r\x04\xf5\xf0\xf5\x7f\x9a)\xf5\x1b\"\xa1\xd8\x06>\xc9\xe2r\xe9\xbb\xfe\xc0\b\x81\x98\x1c\xe2\xe0?\x8f\xa1\xbel\aN\x83@\xb1\x03)4A\x83\xd6\xcf\xf6\xb5\x82\xb7\x9dA\b$\xa2x\x8a@\xfaj~\xef\x93\xb1/L\x01\xe2\xba}\xf0\x01)PP\xcdl\x06\xfc\x15;qZ\xb1u\xc9\xd0\xd16~JEGm\xe4\x1e@\x9dG\xe4@\xdf\xba\'\x8b\x1cD\xc7\xec\xd1@}tR\xd9P\xf4N\xe3\xd8x\xa0\x91\x17\xc2}\x13\b\xca\t(Z\xa3_\xa1\x90\x15T\xa4\xe7%\x98\xa7\xfb\x8bp/eq\x93\xbf\x1f =|\xf3\xb1\xfcR\xd8\nM,\xcb%@\'\x15\x88\xd8\xad\f\x91|\x95\x8fq+\x98\x81W\xba\x9f\xe0elOt\xbd\by\r\x87\x1c\xba\xbd\x8e+S>\xb8\xe29\x91h^x\xfb`\x00\xdd/\xa6\xb1\x16=\xa1bw\xc5I\xb1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00}\xb7\xd5\x1a\xc3~\xa93n\x139\xf1\xca\xe5\x0f\xdce\x9b\xf3yd\x8c\x11\xee\xe5\xa5\vS\xe2 k\xd5\xe1\xab\r\xb6\xa5\xfe\x9f\xb3\xd05>^\xa6\xf4\x0f\xfc\xf6\x10\xfe\x84\xc7\x1cf\'\xab7\xcb:\x1f=T\xf4\xf9p\x8f]\x00\xc7}\xf60s\xfa@\xc8;\x15\x9b\xb1M\xc7\x9e\xc7\x8f\xe6\xe4\x86\x15\x16\x8c\x85\b\xee\x05\xd0\x87\xa4\xbd*\xd9\xe2S/U\xd6\x92\xe4\x89\x0e\x11*\x03Zj@\xc3.C7\xefx\xd6\xe3\x89\x01\x81w\x89\xefb\xb2\xaf\xf3\xa1\x7f(\xd3y\x1c\x16\xbb0\x06wG\xb7s\xe1\xf2\xc0\x92\x7f3\xf9\x11<\xa7e\x90\x9b(\xf7\x19\x82yt(\xe5\xd6\x96\xbf\xbf\xb4\x8b\xba\xcf\xdc\x90\x98B\xe1\xc0\xc3\xc7\xcc', 0x0) write$binfmt_aout(r0, &(0x7f0000000340)={{}, "8442fcd5a511b88e6a8db0b14fcea98c1ca27e82ccd86d67e22492932c3f5220d63b4a1183e70673ff1295a9f0994ec3714c2ab4cc92621dc251b6f706ec009cb17c1749beb4c852ad374f850b120566e6da8177540afd3ec0faaa0577d835f82e0213e1f2e126bcac822969694c19dd7390f90d60b1d2880e5d02442c0eb41dc1d2347c70be4bcf343dfd6ad6b66e4dc243cecaab98298806ae1f76075da2693b2b724d0431e7b5bd207e8dbdd12a0e1195f7e47732d12b8f99b6b670f4ad0f126820426c796c7848d1ec79c298a5fc93fac630f5c0668ab25c0faf172aa3d4316cb2b3525faeed2107d9dced38bffdf38014c818a8233515998589cfea8936cc0dbfbdea75960e5158c77dadaeb161249e4766f5590a286049d260a56c9082ebf319b11bf0344ef51132df040b50393067cd87948ea27854e3d1650ce108d2e6b4b83beb6de504de9dbb189ade457f40f8c18c50be037bc25b7c308c6e9c70810418b4dd1ce9e41b6f2a2dc37b245730743f280a62c3d2c90a55c025ccace22f3636a09f8d2d618f2430480a4c48a2843c6b8509b6a026115b212f6765de526db6900014a5234a968e3c44d82ea0b44ec29fe939614733e7fffbe878b70f770fa84d0fea5d1081bbb670b1f8c0449809665a8b302b35a8c5edde66d1dcf7cdd52ffe3651a0b97e31b3be10a3f8787cf72d60cb56aa6e3733c0cd0e0dddc606f6173e705dfa8beb028a34ccc6d96e6658233724c14d705a7c31f1f724d041c292052907883478fc5151bb6e22f4ee4bb0571d8c5fe5efd75471595634ee8a1a03f15935a415c27b4630aa2ff45f7ea59a151c69229fe9e2668fae1976dfabc9c23cce679d084c6d08730ccbff35fbb8130087e48d4a84cc08ad03566d159bfa937a86c31010d6c3e45fb4455974901d2f5aea033301abefb2451b36340be9fa1f9c862a39d2084d5d60e02c416dcbc52def2de40a11e3e4444093b31d0e27ceb762a391ca601df4b6116864349294820708b5adc0bde61edebdfa9cc0acdd066b3de3cb497cfb6ae6c258b41c402ab911a3faa9cf7a29c02c502ac56d4661b4a86a7a64fc3e602c58b14d8adf37ecd89cedfcb5a22f251a84b941a4c174e880ce7966a49e2dc6b92c69aab490c9cdd4bd59361fc7eebe2b596101d299c5c81fb7630b6feb0ed310df2d4e478ff3eb7e9a17b972dec74ad814cbba7a197e964bb259d207deb8ae3a3b2e0d5bc72841cf6809a3c3c0a830adb7dad4b2388fb8e6ac2cb1a2d4c19879dd3b8d0762be4fcb6261011a51b3892aa6b6c4c027614777d2e795d57019058a8c6e5db6147a8b29f3e128d6e83c4dcba9da916d9bdedd4dc945a40b01f3f6fe536f6e572f41665743f78baef38e32e7fe0bd28e31e174c4b83ea9553bed1e75420e0504e9094e6242d6c3ec81eaa20cc507f1c01afb939870a1a30e4ef2c4c04e689502f30efbb0764754b4c54471482b539ac642efaefb80e9fde613b3b0e0d0f56b3964060df2e7290496cfd3d58ba70acf7b918796a204bb8f87bf816defde1772a5ca1242c04d172e611a594607d1ad3c5b2455f9e296d888176c69b34d624998805387e4ef6eea7e94544f122b6b2d25312c08ebd4d591102cf739a582ff7249f7a726da683ecab81188c499edea3791c1f5edd852bdbb97a62f142ecf5b51e5b920a507e18cee50b77559fb6c193b87d495c0444d66c148c6de35aa563eb6a690a39697f14d502a325586bffeac56c5db6dca3bfad1c9bb9bbfca511747b2512b03c1fea41ea242dc56e6ddd1ba5e453a10d2036efec901fdbf8938006da633332de6c0c0889e86ae2032d70901e11cb2111bdcb3131ad81f14e338275a94b8ce58d772b6043697bda4f9d18f9ecb922be5420c7830caf44e13ca3ebb4e00bfecbcbb41a745fe655f02e941994008dcdfeb2cc6ea2bc87b2b9f7b859eb91f381b93112e95d0928e2b4691833807a3ed5af53c08b368d58e1cc11a093e9416e1b6fbfadda92d0bb0d71ab565fee40045e3bd704591cb493aa3205cd5781b397e20b4e16b736a762d756e7aec439b15cbff37b7f1b93a5ff62f702394369b26964ffcd78fac560a84096f0fe362311368de1f5b7c441dfff3fef3edff9d39395d2899bc969e5bd2e40c4f48f5f8ce0c73798d4a39d08bb478b2f55c70693f181459b49bfcf64f279fe93a0d54e1daff13ce120b3389062ca988a116312a786f394bf478721fab9ec8ccad47cb37332c22eaafcd9c2af5ae8bd3abc36e149ea4d07c3434a44f4ff3b67539b5d703c240c0d9e74f53b149e90db452c7a99002d60bd0ede7dd3d317f7c416f11c3b1f253e57a0b420daf7fcd79a2def772542e72dd5160022eefdc6d6b5ef097a6b0496492723e919ce265bd93705987a5431656a60ff5ff3093a8faab54fd6663a6255794a376aec3014cf28e99de21c84f8c33961f861ca65fa4b8f34b7f834e0063c158c358e7ab653e67367b431492e2d47a0a1004fac3ba0ed5117cc38ddaead4cbfa5215720f5359f27813217e18504ab3c5931e942bc5bfdc6ced0cf1c98aa4c7ecaa19f8e862b798ee7e1fe4639397808fb665a9fc81da305ffe0e6115dd803e4ba616307243e9663a8896ff5f12ea855725acae71bbcd388ae2b989952972e3dee04f38a3a31850f076fe71b545a9f674eebfa710db50d0972ee629d1ab721e881decca9af0570a9e9025a8391d45ab223e527df911e5178b1d9caf86111fc19ec3946c7a5fb9d1bc7e282e52f5b108504e2d7f39e2e0ca1d955a9a21e54cf335913bbbea5c5b24254acf83051dc55e7328b4a4439394da1dd42b625acff37a8d8b5c8fcf0f3432d5b56688c1e316457753bd3591d971ef3f5131a81376e31a5ec7804a8b8f04487831d99805f52352ebae3381e57aca8667e78d0dc1b36515b2fd4a0f4e6625b60bdd11a02864b03b16e981a9a53f6c3ca15d8d024694a6005eaf11e1ed1981ce2f53ec0dff4f16dd67e463accecd16cd7389d08bf82d1e5dfee570e57ffd6f46eb803e2af2d441863d937b4b2ff2cbb83a2a8453539044bcc586faf3301708f958394418534a1aab6a7c955eea458e20d74cd8f0df6c4a6895d20beea8efbf71ea36e10bc325b5ef3dd3f838bcca527046f5340032153671e1389e813183ccee7e6f5d042b23bb58c3237818f91cdcd866955c9334f770abd87e6ac153c3610d7dfbcb9eb68942d0cced8d8b7eac7ca090c54c0d390a48a8b7b5e55a18f696046098d8d6ec29cc892953c7b1dd3489af9d76983d3f2b4cb8f5625cf783316c58204609565d4ee7fc35391af16ff21e19018a605fa08c2608ff6ed12d0fe3a7a3b7e47220e51b0fb11063a9d59cfcef934af3e0c6f8d31a11307d56720027c08fe09407e9db42e1e4f01d799bab3fd9dc33f77108b4979c2e30578b64aee78bb936590fe8e6eb10d3732a2ff6740b4767f8679b5af5d488655280ad07a2d3abc8a96d4c3703c9f1a28e42817da976274a53a4bf7634360994d08d0c9bdcd41a42e74567ea45db0caa60a0dfae5d8153641c65992eaf9d424476afee130851277a688b3d95b17aa293e92bfb64d339daec2b19ab52b0d64ae193605a08ea387d381fb9f39f02ea1398f7e5351e3df9c0b49aba33fabc381c021b650fb20d3958affa6cf99d5a0589bfe0aa06a08b180c8a2c4ca8632550c8748791c8ea00a425f3cf67132143b7d19d5cbda4620681d2e6f4e88c8596c9356d7991ad3464a04468c5248be6bc1b2606c064fe3beccaae28766ea2c99c415794e23b2dc801d1f5e4b945989a6d65d3b217b20130a41b232c17c45c557c8dec6f83840c1d10f6d977bae4759aa90cb2f04ab52d7bd5b8a11e527af944642227f087fe27007a19bc12ca92ceb24b76bc47274bd93b8ea78c556d6b99ba7a8998d1315a9410c5667bab9d617dec78ca49adc10c0ed8589772fec7407c1d02fbe33865f519a35392aac5230d246f7866c688b48b9916d23ca8c42e53b925b5395cf4d0956666a109e73f23f7be5e1d7891e026947e08cfe911be4456002d95cbb0623d4b6b5964ec258986f8eb5fed68209462151c47967d45b5b91c744c2c8b5f88534117bd589d85337ecdbf78ae62525fc141428b68ed4fe2de5d61cb1208d31b681d5c826d5922ce6f7fc5ff17833e8dcdfd2c9cba20ebf66f19a43926936dd321e8e011144bbeda1189e442718c3efdd32c59a819008a246a9baa6d6dc41de26da1272da2964881b35a63d5864607170d019ad33f53f5f00a3c9a834ae7a4ed9fb3b087221961c3af7c537fa58b5d0cfc6051091b0dcd731339bc73c1012f9b2e6e13b0ac04601b6b13787fe7f39d717ae672c3197addfd69e28358a581fa9615c02775ebed7f8f0a953eff01c1e3bc95b044c4e8f56d04a4bc266efc60bc079014a78759f664794a82ecb1a8385e9a8d39af3e923fd851a2314b9b363849b4f4bd1e067f14b6646facbb77363f24576d886055b6185120edb2c77cb1ca656ec4d1f34fc4c19d4a4fd7fbbbd09cc8b3c56ebde79a79e44f1b18e3ea4fe0f8c61e96e72d41df14ba5d823be8f1f731ca90c64ae692e631b3c39e0e7a0ba7fab78e8061be495e684f48f681678893cbde476cdd14f751bfbff055230017dedae9533ac99ca43438af35a3d707e81e9abba0a0e354a3454678870bd2d00d92fbe090087e62fff585885888d3658073f17a505be9e9694d23b2956557dda20ee32570a2e7ecdcd68da8903895cece62c922e2effcb51d7842ecfba34fb9899a93151729c00a2a64a10b6622a99e38450d7e139eed001eccf42bbac79feeac8b70c490a7dc02d13d04fb5ec6a1c401fcc0fe408ed4f04327d9e4b829d271b09234f5ecd4ef015f9d577518ac10e5f443aa8b0343d9c339d580e1a04f05908781fe06fe31c822d3c0026a480677d05370755bdb3bdd7eaa8695cdd6d2ce67745180840ba883a284181ab0808317bcdd5e06bcf9d00bcaac994047adaac293705baf33fba3ef4a6e1a1f", ['\x00', '\x00']}, 0x1001) readahead(r0, 0x0, 0x0) 11:12:02 executing program 2: r0 = socket$inet6_udp(0xa, 0x2, 0x0) r1 = dup(r0) sendmmsg$inet6(r1, &(0x7f0000003400)=[{{&(0x7f0000000140)={0xa, 0x4e21, 0x0, @remote}, 0x1c, 0x0}}, {{&(0x7f0000000500)={0xa, 0x0, 0x0, @local}, 0x1c, 0x0}}], 0x2, 0x0) 11:12:02 executing program 3: syz_mount_image$ext4(0x0, &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_setup(0x373, &(0x7f0000000140)=0x0) io_submit(r0, 0x0, 0x0) mount$9p_fd(0x0, &(0x7f0000000c00)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000200)=ANY=[]) syz_open_procfs(0x0, &(0x7f0000000000)='net/packet\x00') r1 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$sock_timeval(r1, 0x1, 0x49, &(0x7f0000000000)={0x77359400}, 0x10) r2 = open(&(0x7f0000000200)='./file0\x00', 0x600000, 0xe0) io_cancel(r0, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x4, 0x4b, r1, &(0x7f0000000180)="b649978ea10fafec40c3913cb8ccfc5bb536f04d0145c163ba6e51e2a32640b1c4bd381cc66c61d6df831527705af7cfdb40a8b668bf7bb769a5fd19200d3669e27dc9df310f52df7d1a", 0x4a, 0x8, 0x0, 0x2, r2}, &(0x7f0000000300)) 11:12:02 executing program 1: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f00000018c0)=0x1, 0x4) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @loopback}, 0x1c) setsockopt$inet6_int(r0, 0x29, 0x10, &(0x7f0000000040), 0x4) setsockopt$inet6_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f0000000000), 0x4) 11:12:02 executing program 0: clone3(&(0x7f0000005d80)={0x0, 0x0, 0x0, 0x0, {}, &(0x7f0000005cc0), 0x0, 0x0, &(0x7f0000005d40)=[0x0], 0x1}, 0x58) 11:12:02 executing program 5: r0 = memfd_create(&(0x7f0000000040)='B\xdb/\x89\x03l\xdeb\xcb\xb54\xed\xbeLY\xb5Z\xe1\x12S\xf5G\xcc\xf3\xe9\x02h\v\xca(\x96\xe1C\xdf\x1c\t\x00\x00\x00\x00\x00\x00\x00\x16\xcd\x17\xa2\x80\xa1z\xb4r\x95\xc3@\x9d\xa6\xf1\x92#}g\xd3`\xf7\xcez\xcb\xb3\x1a\xbb\xc48e\x8e\xb1&\xd1\x8a\xe6!\x7f\x8d\xea,qx\xa28\xbf\"\xc7e\x06L\xb06\xeb<$\xd7\xba\xe5\x01\x03\x94r\xab\xd4J\x03s\xaf\xf6A\xbfV\xfa\x1ew\x8d\xbf\x99I\x97\xd8\xd2\xe8\x11\xc4\x04\x00\x84\xd5i\xee\xaf\xae[E\x1f\xdd\xd7#rT+\xb621p\xaf[\x99\" 1\xeb\xc7)\xd2\x1dh\xf2\xd5s\xfd?\fa>\x9f;\xe5r\xe5\xbd\xb0|=\x8eZcPY\xf8\xbd\x13\xaa\x8b\xdf\xbc\x93u\xd5\xb0r\xfb\xde\xe7\xd9k\xe2\xc6\x1b\xf2o@&>\xf2M\xe7\x8c\xeb\xee\xf5\x02~\x85\x14\xf3\xc6v\xf15PE\x8c\xca\x16$\xc2\x01#\xb563\rbq\xbf64\xfaW\x17\xdfa\xe6\xca\x86\xd7\xf8\x81X\x9bg4\xc1\xdam\xcf=Rq6\xb0\xd4D=I\x1a\x0e\xd0\xabz\xe2\x19\x0fM\xad\xdco\xa4\xb2\x8c?\xc1\x10\xf273\xd00\xb3_\xe8\x9a*\xfcL\xea;\xc0\x9a\xdbx!N;\xb5x\t\xa4E\xbe\x93r\x04\xf5\xf0\xf5\x7f\x9a)\xf5\x1b\"\xa1\xd8\x06>\xc9\xe2r\xe9\xbb\xfe\xc0\b\x81\x98\x1c\xe2\xe0?\x8f\xa1\xbel\aN\x83@\xb1\x03)4A\x83\xd6\xcf\xf6\xb5\x82\xb7\x9dA\b$\xa2x\x8a@\xfaj~\xef\x93\xb1/L\x01\xe2\xba}\xf0\x01)PP\xcdl\x06\xfc\x15;qZ\xb1u\xc9\xd0\xd16~JEGm\xe4\x1e@\x9dG\xe4@\xdf\xba\'\x8b\x1cD\xc7\xec\xd1@}tR\xd9P\xf4N\xe3\xd8x\xa0\x91\x17\xc2}\x13\b\xca\t(Z\xa3_\xa1\x90\x15T\xa4\xe7%\x98\xa7\xfb\x8bp/eq\x93\xbf\x1f =|\xf3\xb1\xfcR\xd8\nM,\xcb%@\'\x15\x88\xd8\xad\f\x91|\x95\x8fq+\x98\x81W\xba\x9f\xe0elOt\xbd\by\r\x87\x1c\xba\xbd\x8e+S>\xb8\xe29\x91h^x\xfb`\x00\xdd/\xa6\xb1\x16=\xa1bw\xc5I\xb1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00}\xb7\xd5\x1a\xc3~\xa93n\x139\xf1\xca\xe5\x0f\xdce\x9b\xf3yd\x8c\x11\xee\xe5\xa5\vS\xe2 k\xd5\xe1\xab\r\xb6\xa5\xfe\x9f\xb3\xd05>^\xa6\xf4\x0f\xfc\xf6\x10\xfe\x84\xc7\x1cf\'\xab7\xcb:\x1f=T\xf4\xf9p\x8f]\x00\xc7}\xf60s\xfa@\xc8;\x15\x9b\xb1M\xc7\x9e\xc7\x8f\xe6\xe4\x86\x15\x16\x8c\x85\b\xee\x05\xd0\x87\xa4\xbd*\xd9\xe2S/U\xd6\x92\xe4\x89\x0e\x11*\x03Zj@\xc3.C7\xefx\xd6\xe3\x89\x01\x81w\x89\xefb\xb2\xaf\xf3\xa1\x7f(\xd3y\x1c\x16\xbb0\x06wG\xb7s\xe1\xf2\xc0\x92\x7f3\xf9\x11<\xa7e\x90\x9b(\xf7\x19\x82yt(\xe5\xd6\x96\xbf\xbf\xb4\x8b\xba\xcf\xdc\x90\x98B\xe1\xc0\xc3\xc7\xcc', 0x0) write$binfmt_aout(r0, &(0x7f0000000340)={{}, "8442fcd5a511b88e6a8db0b14fcea98c1ca27e82ccd86d67e22492932c3f5220d63b4a1183e70673ff1295a9f0994ec3714c2ab4cc92621dc251b6f706ec009cb17c1749beb4c852ad374f850b120566e6da8177540afd3ec0faaa0577d835f82e0213e1f2e126bcac822969694c19dd7390f90d60b1d2880e5d02442c0eb41dc1d2347c70be4bcf343dfd6ad6b66e4dc243cecaab98298806ae1f76075da2693b2b724d0431e7b5bd207e8dbdd12a0e1195f7e47732d12b8f99b6b670f4ad0f126820426c796c7848d1ec79c298a5fc93fac630f5c0668ab25c0faf172aa3d4316cb2b3525faeed2107d9dced38bffdf38014c818a8233515998589cfea8936cc0dbfbdea75960e5158c77dadaeb161249e4766f5590a286049d260a56c9082ebf319b11bf0344ef51132df040b50393067cd87948ea27854e3d1650ce108d2e6b4b83beb6de504de9dbb189ade457f40f8c18c50be037bc25b7c308c6e9c70810418b4dd1ce9e41b6f2a2dc37b245730743f280a62c3d2c90a55c025ccace22f3636a09f8d2d618f2430480a4c48a2843c6b8509b6a026115b212f6765de526db6900014a5234a968e3c44d82ea0b44ec29fe939614733e7fffbe878b70f770fa84d0fea5d1081bbb670b1f8c0449809665a8b302b35a8c5edde66d1dcf7cdd52ffe3651a0b97e31b3be10a3f8787cf72d60cb56aa6e3733c0cd0e0dddc606f6173e705dfa8beb028a34ccc6d96e6658233724c14d705a7c31f1f724d041c292052907883478fc5151bb6e22f4ee4bb0571d8c5fe5efd75471595634ee8a1a03f15935a415c27b4630aa2ff45f7ea59a151c69229fe9e2668fae1976dfabc9c23cce679d084c6d08730ccbff35fbb8130087e48d4a84cc08ad03566d159bfa937a86c31010d6c3e45fb4455974901d2f5aea033301abefb2451b36340be9fa1f9c862a39d2084d5d60e02c416dcbc52def2de40a11e3e4444093b31d0e27ceb762a391ca601df4b6116864349294820708b5adc0bde61edebdfa9cc0acdd066b3de3cb497cfb6ae6c258b41c402ab911a3faa9cf7a29c02c502ac56d4661b4a86a7a64fc3e602c58b14d8adf37ecd89cedfcb5a22f251a84b941a4c174e880ce7966a49e2dc6b92c69aab490c9cdd4bd59361fc7eebe2b596101d299c5c81fb7630b6feb0ed310df2d4e478ff3eb7e9a17b972dec74ad814cbba7a197e964bb259d207deb8ae3a3b2e0d5bc72841cf6809a3c3c0a830adb7dad4b2388fb8e6ac2cb1a2d4c19879dd3b8d0762be4fcb6261011a51b3892aa6b6c4c027614777d2e795d57019058a8c6e5db6147a8b29f3e128d6e83c4dcba9da916d9bdedd4dc945a40b01f3f6fe536f6e572f41665743f78baef38e32e7fe0bd28e31e174c4b83ea9553bed1e75420e0504e9094e6242d6c3ec81eaa20cc507f1c01afb939870a1a30e4ef2c4c04e689502f30efbb0764754b4c54471482b539ac642efaefb80e9fde613b3b0e0d0f56b3964060df2e7290496cfd3d58ba70acf7b918796a204bb8f87bf816defde1772a5ca1242c04d172e611a594607d1ad3c5b2455f9e296d888176c69b34d624998805387e4ef6eea7e94544f122b6b2d25312c08ebd4d591102cf739a582ff7249f7a726da683ecab81188c499edea3791c1f5edd852bdbb97a62f142ecf5b51e5b920a507e18cee50b77559fb6c193b87d495c0444d66c148c6de35aa563eb6a690a39697f14d502a325586bffeac56c5db6dca3bfad1c9bb9bbfca511747b2512b03c1fea41ea242dc56e6ddd1ba5e453a10d2036efec901fdbf8938006da633332de6c0c0889e86ae2032d70901e11cb2111bdcb3131ad81f14e338275a94b8ce58d772b6043697bda4f9d18f9ecb922be5420c7830caf44e13ca3ebb4e00bfecbcbb41a745fe655f02e941994008dcdfeb2cc6ea2bc87b2b9f7b859eb91f381b93112e95d0928e2b4691833807a3ed5af53c08b368d58e1cc11a093e9416e1b6fbfadda92d0bb0d71ab565fee40045e3bd704591cb493aa3205cd5781b397e20b4e16b736a762d756e7aec439b15cbff37b7f1b93a5ff62f702394369b26964ffcd78fac560a84096f0fe362311368de1f5b7c441dfff3fef3edff9d39395d2899bc969e5bd2e40c4f48f5f8ce0c73798d4a39d08bb478b2f55c70693f181459b49bfcf64f279fe93a0d54e1daff13ce120b3389062ca988a116312a786f394bf478721fab9ec8ccad47cb37332c22eaafcd9c2af5ae8bd3abc36e149ea4d07c3434a44f4ff3b67539b5d703c240c0d9e74f53b149e90db452c7a99002d60bd0ede7dd3d317f7c416f11c3b1f253e57a0b420daf7fcd79a2def772542e72dd5160022eefdc6d6b5ef097a6b0496492723e919ce265bd93705987a5431656a60ff5ff3093a8faab54fd6663a6255794a376aec3014cf28e99de21c84f8c33961f861ca65fa4b8f34b7f834e0063c158c358e7ab653e67367b431492e2d47a0a1004fac3ba0ed5117cc38ddaead4cbfa5215720f5359f27813217e18504ab3c5931e942bc5bfdc6ced0cf1c98aa4c7ecaa19f8e862b798ee7e1fe4639397808fb665a9fc81da305ffe0e6115dd803e4ba616307243e9663a8896ff5f12ea855725acae71bbcd388ae2b989952972e3dee04f38a3a31850f076fe71b545a9f674eebfa710db50d0972ee629d1ab721e881decca9af0570a9e9025a8391d45ab223e527df911e5178b1d9caf86111fc19ec3946c7a5fb9d1bc7e282e52f5b108504e2d7f39e2e0ca1d955a9a21e54cf335913bbbea5c5b24254acf83051dc55e7328b4a4439394da1dd42b625acff37a8d8b5c8fcf0f3432d5b56688c1e316457753bd3591d971ef3f5131a81376e31a5ec7804a8b8f04487831d99805f52352ebae3381e57aca8667e78d0dc1b36515b2fd4a0f4e6625b60bdd11a02864b03b16e981a9a53f6c3ca15d8d024694a6005eaf11e1ed1981ce2f53ec0dff4f16dd67e463accecd16cd7389d08bf82d1e5dfee570e57ffd6f46eb803e2af2d441863d937b4b2ff2cbb83a2a8453539044bcc586faf3301708f958394418534a1aab6a7c955eea458e20d74cd8f0df6c4a6895d20beea8efbf71ea36e10bc325b5ef3dd3f838bcca527046f5340032153671e1389e813183ccee7e6f5d042b23bb58c3237818f91cdcd866955c9334f770abd87e6ac153c3610d7dfbcb9eb68942d0cced8d8b7eac7ca090c54c0d390a48a8b7b5e55a18f696046098d8d6ec29cc892953c7b1dd3489af9d76983d3f2b4cb8f5625cf783316c58204609565d4ee7fc35391af16ff21e19018a605fa08c2608ff6ed12d0fe3a7a3b7e47220e51b0fb11063a9d59cfcef934af3e0c6f8d31a11307d56720027c08fe09407e9db42e1e4f01d799bab3fd9dc33f77108b4979c2e30578b64aee78bb936590fe8e6eb10d3732a2ff6740b4767f8679b5af5d488655280ad07a2d3abc8a96d4c3703c9f1a28e42817da976274a53a4bf7634360994d08d0c9bdcd41a42e74567ea45db0caa60a0dfae5d8153641c65992eaf9d424476afee130851277a688b3d95b17aa293e92bfb64d339daec2b19ab52b0d64ae193605a08ea387d381fb9f39f02ea1398f7e5351e3df9c0b49aba33fabc381c021b650fb20d3958affa6cf99d5a0589bfe0aa06a08b180c8a2c4ca8632550c8748791c8ea00a425f3cf67132143b7d19d5cbda4620681d2e6f4e88c8596c9356d7991ad3464a04468c5248be6bc1b2606c064fe3beccaae28766ea2c99c415794e23b2dc801d1f5e4b945989a6d65d3b217b20130a41b232c17c45c557c8dec6f83840c1d10f6d977bae4759aa90cb2f04ab52d7bd5b8a11e527af944642227f087fe27007a19bc12ca92ceb24b76bc47274bd93b8ea78c556d6b99ba7a8998d1315a9410c5667bab9d617dec78ca49adc10c0ed8589772fec7407c1d02fbe33865f519a35392aac5230d246f7866c688b48b9916d23ca8c42e53b925b5395cf4d0956666a109e73f23f7be5e1d7891e026947e08cfe911be4456002d95cbb0623d4b6b5964ec258986f8eb5fed68209462151c47967d45b5b91c744c2c8b5f88534117bd589d85337ecdbf78ae62525fc141428b68ed4fe2de5d61cb1208d31b681d5c826d5922ce6f7fc5ff17833e8dcdfd2c9cba20ebf66f19a43926936dd321e8e011144bbeda1189e442718c3efdd32c59a819008a246a9baa6d6dc41de26da1272da2964881b35a63d5864607170d019ad33f53f5f00a3c9a834ae7a4ed9fb3b087221961c3af7c537fa58b5d0cfc6051091b0dcd731339bc73c1012f9b2e6e13b0ac04601b6b13787fe7f39d717ae672c3197addfd69e28358a581fa9615c02775ebed7f8f0a953eff01c1e3bc95b044c4e8f56d04a4bc266efc60bc079014a78759f664794a82ecb1a8385e9a8d39af3e923fd851a2314b9b363849b4f4bd1e067f14b6646facbb77363f24576d886055b6185120edb2c77cb1ca656ec4d1f34fc4c19d4a4fd7fbbbd09cc8b3c56ebde79a79e44f1b18e3ea4fe0f8c61e96e72d41df14ba5d823be8f1f731ca90c64ae692e631b3c39e0e7a0ba7fab78e8061be495e684f48f681678893cbde476cdd14f751bfbff055230017dedae9533ac99ca43438af35a3d707e81e9abba0a0e354a3454678870bd2d00d92fbe090087e62fff585885888d3658073f17a505be9e9694d23b2956557dda20ee32570a2e7ecdcd68da8903895cece62c922e2effcb51d7842ecfba34fb9899a93151729c00a2a64a10b6622a99e38450d7e139eed001eccf42bbac79feeac8b70c490a7dc02d13d04fb5ec6a1c401fcc0fe408ed4f04327d9e4b829d271b09234f5ecd4ef015f9d577518ac10e5f443aa8b0343d9c339d580e1a04f05908781fe06fe31c822d3c0026a480677d05370755bdb3bdd7eaa8695cdd6d2ce67745180840ba883a284181ab0808317bcdd5e06bcf9d00bcaac994047adaac293705baf33fba3ef4a6e1a1f", ['\x00', '\x00']}, 0x1001) readahead(r0, 0x0, 0x0) 11:12:02 executing program 2: r0 = socket$inet6_udp(0xa, 0x2, 0x0) r1 = dup(r0) sendmmsg$inet6(r1, &(0x7f0000003400)=[{{&(0x7f0000000140)={0xa, 0x4e21, 0x0, @remote}, 0x1c, 0x0}}, {{&(0x7f0000000500)={0xa, 0x0, 0x0, @local}, 0x1c, 0x0}}], 0x2, 0x0) 11:12:03 executing program 0: clone3(&(0x7f0000005d80)={0x0, 0x0, 0x0, 0x0, {}, &(0x7f0000005cc0), 0x0, 0x0, &(0x7f0000005d40)=[0x0], 0x1}, 0x58) 11:12:03 executing program 2: perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={0x0, 0xd}, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0) preadv(r0, &(0x7f0000000100)=[{&(0x7f0000002240)=""/4109, 0x100d}], 0x1, 0x0, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x3}, 0x1022d, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r1, 0xc0481273, &(0x7f0000000000)={'\x00', 0x0, 0x1, 0xd6c2}) ioctl$BLKTRACETEARDOWN(r1, 0x1276, 0x0) readv(0xffffffffffffffff, 0x0, 0x0) ioctl$SCSI_IOCTL_SEND_COMMAND(0xffffffffffffffff, 0x1, &(0x7f0000000180)=ANY=[@ANYBLOB]) close(r1) openat$hwrng(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) lseek(r2, 0x20, 0x1) open_by_handle_at(0xffffffffffffffff, &(0x7f0000000140)=ANY=[@ANYBLOB="1c0000004e00000000100400000000000000ad0f0000000000"], 0xc0001) fallocate(r2, 0x0, 0x0, 0x87ffffc) getsockopt$bt_BT_DEFER_SETUP(0xffffffffffffffff, 0x112, 0x7, 0x0, &(0x7f0000001580)) 11:12:03 executing program 6: r0 = syz_open_procfs(0x0, &(0x7f0000000040)='net/psched\x00') write$binfmt_aout(r0, 0x0, 0x2b) 11:12:03 executing program 3: syz_mount_image$ext4(0x0, &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_setup(0x373, &(0x7f0000000140)=0x0) io_submit(r0, 0x0, 0x0) mount$9p_fd(0x0, &(0x7f0000000c00)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000200)=ANY=[]) syz_open_procfs(0x0, &(0x7f0000000000)='net/packet\x00') r1 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$sock_timeval(r1, 0x1, 0x49, &(0x7f0000000000)={0x77359400}, 0x10) r2 = open(&(0x7f0000000200)='./file0\x00', 0x600000, 0xe0) io_cancel(r0, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x4, 0x4b, r1, &(0x7f0000000180)="b649978ea10fafec40c3913cb8ccfc5bb536f04d0145c163ba6e51e2a32640b1c4bd381cc66c61d6df831527705af7cfdb40a8b668bf7bb769a5fd19200d3669e27dc9df310f52df7d1a", 0x4a, 0x8, 0x0, 0x2, r2}, &(0x7f0000000300)) 11:12:03 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) faccessat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x1) 11:12:03 executing program 7: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f00000018c0)=0x1, 0x4) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @loopback}, 0x1c) setsockopt$inet6_int(r0, 0x29, 0x10, &(0x7f0000000040), 0x4) setsockopt$inet6_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f0000000000), 0x4) 11:12:03 executing program 1: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f00000018c0)=0x1, 0x4) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @loopback}, 0x1c) setsockopt$inet6_int(r0, 0x29, 0x10, &(0x7f0000000040), 0x4) setsockopt$inet6_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f0000000000), 0x4) 11:12:03 executing program 5: syz_mount_image$ext4(0x0, &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_setup(0x373, &(0x7f0000000140)=0x0) io_submit(r0, 0x0, 0x0) mount$9p_fd(0x0, &(0x7f0000000c00)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000200)=ANY=[]) syz_open_procfs(0x0, &(0x7f0000000000)='net/packet\x00') r1 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$sock_timeval(r1, 0x1, 0x49, &(0x7f0000000000)={0x77359400}, 0x10) r2 = open(&(0x7f0000000200)='./file0\x00', 0x600000, 0xe0) io_cancel(r0, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x4, 0x4b, r1, &(0x7f0000000180)="b649978ea10fafec40c3913cb8ccfc5bb536f04d0145c163ba6e51e2a32640b1c4bd381cc66c61d6df831527705af7cfdb40a8b668bf7bb769a5fd19200d3669e27dc9df310f52df7d1a", 0x4a, 0x8, 0x0, 0x2, r2}, &(0x7f0000000300)) 11:12:03 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) faccessat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x1) 11:12:03 executing program 1: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f00000018c0)=0x1, 0x4) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @loopback}, 0x1c) setsockopt$inet6_int(r0, 0x29, 0x10, &(0x7f0000000040), 0x4) setsockopt$inet6_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f0000000000), 0x4) 11:12:03 executing program 6: r0 = syz_open_procfs(0x0, &(0x7f0000000040)='net/psched\x00') write$binfmt_aout(r0, 0x0, 0x2b) 11:12:03 executing program 7: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f00000018c0)=0x1, 0x4) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @loopback}, 0x1c) setsockopt$inet6_int(r0, 0x29, 0x10, &(0x7f0000000040), 0x4) setsockopt$inet6_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f0000000000), 0x4) 11:12:03 executing program 0: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) pwritev(0xffffffffffffffff, &(0x7f0000000080)=[{0x0}], 0x1, 0x7fffffc, 0x0) ioctl$BLKFRASET(0xffffffffffffffff, 0x1264, &(0x7f0000000040)=0x9) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) preadv2(r0, &(0x7f00000003c0)=[{&(0x7f0000000140)=""/75, 0x4b}], 0x1, 0x0, 0x0, 0x8) openat(r0, &(0x7f0000000240)='./file1\x00', 0x26003, 0xb) r1 = openat(0xffffffffffffff9c, 0x0, 0x1c5042, 0x0) write(r1, 0x0, 0x0) setresuid(0x0, 0x0, 0x0) getegid() r2 = perf_event_open(&(0x7f0000000080)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000300)={0x0, 0x80, 0x7f, 0x5, 0x9, 0x1f, 0x0, 0xa4, 0x0, 0x6, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x2, 0x4, @perf_bp={0x0, 0x4}, 0x6a00, 0x0, 0x0, 0x0, 0x100, 0x2, 0x840, 0x0, 0x701, 0x0, 0x1}, 0xffffffffffffffff, 0x8, r2, 0x2) 11:12:03 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) faccessat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x1) 11:12:03 executing program 6: r0 = syz_open_procfs(0x0, &(0x7f0000000040)='net/psched\x00') write$binfmt_aout(r0, 0x0, 0x2b) [ 120.704326] audit: type=1400 audit(1679915523.540:9): avc: denied { write } for pid=4359 comm="syz-executor.2" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 11:12:03 executing program 7: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f00000018c0)=0x1, 0x4) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @loopback}, 0x1c) setsockopt$inet6_int(r0, 0x29, 0x10, &(0x7f0000000040), 0x4) setsockopt$inet6_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f0000000000), 0x4) 11:12:03 executing program 1: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = signalfd4(0xffffffffffffffff, &(0x7f0000000200), 0x8, 0x0) syz_io_uring_setup(0x5eb3, &(0x7f0000000040)={0x0, 0x0, 0x20, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f00000000c0), &(0x7f0000000140)) VM DIAGNOSIS: 11:11:54 Registers: info registers vcpu 0 RAX=0000000000000000 RBX=ffff88800e0046c0 RCX=ffffffff8171314e RDX=ffff888015c60000 RSI=0000000000000004 RDI=ffff88800e0046c0 RBP=0000000000000008 RSP=ffff8880374a7750 R8 =0000000000000007 R9 =0000000000000000 R10=0000000000000000 R11=0000000000000001 R12=ffffea0000cb8740 R13=ffff88803b73d5c0 R14=00007ff5df30b000 R15=dffffc0000000000 RIP=ffffffff81807998 RFL=00000293 [--S-A-C] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 0000555556ce0400 00000000 00000000 GS =0000 ffff88806ce00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007fd7d3e2fbd8 CR3=000000000c926000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=00000000000000000000000000000000 XMM01=00007fd7d3e0a7c000007fd7d3e0a7c8 XMM02=00007fd7d3e0a7e000007fd7d3e0a7c0 XMM03=00007fd7d3e0a7c800007fd7d3e0a7c0 XMM04=ffffffffffffffffffffffff00000000 XMM05=00000000000000000000000000000000 XMM06=0000000000000000000000524f525245 XMM07=00000000000000000000000000000000 XMM08=000000000000000000524f5252450040 XMM09=00000000000000000000000000000000 XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000 info registers vcpu 1 RAX=0000000000000053 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff824f8615 RDI=ffffffff87f0bdc0 RBP=ffffffff87f0bd80 RSP=ffff88803fb6f688 R8 =0000000000000001 R9 =000000000000000a R10=0000000000000053 R11=0000000000000001 R12=0000000000000053 R13=ffffffff87f0bd80 R14=0000000000000010 R15=ffffffff824f8600 RIP=ffffffff824f866d RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 00007f452667b700 00000000 00000000 GS =0000 ffff88806cf00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=0000001b2c522000 CR3=000000001f106000 CR4=00350ee0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=000000000000000000000000000000ff XMM01=25252525252525252525252525252525 XMM02=00000000000000000000000000000000 XMM03=00000000000000000000000000000000 XMM04=000000000000000000000000000000ff XMM05=00000000000000000000000000000000 XMM06=0000000000000000000000524f525245 XMM07=00000000000000000000000000000000 XMM08=000000000000000000524f5252450040 XMM09=00000000000000000000000000000000 XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000