Warning: Permanently added '[localhost]:62643' (ECDSA) to the list of known hosts. 2022/09/14 14:04:50 fuzzer started 2022/09/14 14:04:51 dialing manager at localhost:33849 syzkaller login: [ 43.949299] cgroup: Unknown subsys name 'net' [ 44.055695] cgroup: Unknown subsys name 'rlimit' 2022/09/14 14:05:06 syscalls: 2215 2022/09/14 14:05:06 code coverage: enabled 2022/09/14 14:05:06 comparison tracing: enabled 2022/09/14 14:05:06 extra coverage: enabled 2022/09/14 14:05:06 setuid sandbox: enabled 2022/09/14 14:05:06 namespace sandbox: enabled 2022/09/14 14:05:06 Android sandbox: enabled 2022/09/14 14:05:06 fault injection: enabled 2022/09/14 14:05:06 leak checking: enabled 2022/09/14 14:05:06 net packet injection: enabled 2022/09/14 14:05:06 net device setup: enabled 2022/09/14 14:05:06 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2022/09/14 14:05:06 devlink PCI setup: PCI device 0000:00:10.0 is not available 2022/09/14 14:05:06 USB emulation: enabled 2022/09/14 14:05:06 hci packet injection: enabled 2022/09/14 14:05:06 wifi device emulation: failed to parse kernel version (6.0.0-rc5-next-20220914) 2022/09/14 14:05:06 802.15.4 emulation: enabled 2022/09/14 14:05:06 fetching corpus: 0, signal 0/2000 (executing program) 2022/09/14 14:05:06 fetching corpus: 50, signal 31535/35096 (executing program) 2022/09/14 14:05:07 fetching corpus: 100, signal 46919/51924 (executing program) 2022/09/14 14:05:07 fetching corpus: 150, signal 55707/62111 (executing program) 2022/09/14 14:05:07 fetching corpus: 200, signal 59693/67550 (executing program) 2022/09/14 14:05:07 fetching corpus: 250, signal 67079/76184 (executing program) 2022/09/14 14:05:07 fetching corpus: 300, signal 73339/83614 (executing program) 2022/09/14 14:05:07 fetching corpus: 350, signal 81731/92881 (executing program) 2022/09/14 14:05:07 fetching corpus: 400, signal 86440/98606 (executing program) 2022/09/14 14:05:07 fetching corpus: 450, signal 93467/106496 (executing program) 2022/09/14 14:05:08 fetching corpus: 500, signal 97561/111507 (executing program) 2022/09/14 14:05:08 fetching corpus: 550, signal 99353/114433 (executing program) 2022/09/14 14:05:08 fetching corpus: 600, signal 103286/119205 (executing program) 2022/09/14 14:05:08 fetching corpus: 650, signal 105588/122444 (executing program) 2022/09/14 14:05:08 fetching corpus: 700, signal 108155/125911 (executing program) 2022/09/14 14:05:08 fetching corpus: 750, signal 112708/131053 (executing program) 2022/09/14 14:05:08 fetching corpus: 800, signal 115927/134965 (executing program) 2022/09/14 14:05:09 fetching corpus: 850, signal 119040/138769 (executing program) 2022/09/14 14:05:09 fetching corpus: 900, signal 122485/142746 (executing program) 2022/09/14 14:05:09 fetching corpus: 950, signal 124048/145111 (executing program) 2022/09/14 14:05:09 fetching corpus: 1000, signal 126420/148182 (executing program) 2022/09/14 14:05:09 fetching corpus: 1050, signal 128101/150595 (executing program) 2022/09/14 14:05:09 fetching corpus: 1100, signal 129683/152954 (executing program) 2022/09/14 14:05:09 fetching corpus: 1150, signal 132256/156091 (executing program) 2022/09/14 14:05:09 fetching corpus: 1200, signal 134022/158503 (executing program) 2022/09/14 14:05:10 fetching corpus: 1250, signal 137591/162269 (executing program) 2022/09/14 14:05:10 fetching corpus: 1300, signal 139070/164346 (executing program) 2022/09/14 14:05:10 fetching corpus: 1350, signal 140528/166382 (executing program) 2022/09/14 14:05:10 fetching corpus: 1400, signal 142383/168734 (executing program) 2022/09/14 14:05:10 fetching corpus: 1450, signal 144884/171500 (executing program) 2022/09/14 14:05:10 fetching corpus: 1500, signal 147669/174424 (executing program) 2022/09/14 14:05:10 fetching corpus: 1550, signal 149098/176339 (executing program) 2022/09/14 14:05:11 fetching corpus: 1600, signal 151022/178569 (executing program) 2022/09/14 14:05:11 fetching corpus: 1650, signal 153723/181384 (executing program) 2022/09/14 14:05:11 fetching corpus: 1700, signal 156169/183951 (executing program) 2022/09/14 14:05:11 fetching corpus: 1750, signal 157540/185721 (executing program) 2022/09/14 14:05:11 fetching corpus: 1800, signal 158632/187310 (executing program) 2022/09/14 14:05:11 fetching corpus: 1850, signal 159813/188944 (executing program) 2022/09/14 14:05:11 fetching corpus: 1900, signal 161062/190580 (executing program) 2022/09/14 14:05:12 fetching corpus: 1950, signal 162342/192156 (executing program) 2022/09/14 14:05:12 fetching corpus: 2000, signal 163802/193869 (executing program) 2022/09/14 14:05:12 fetching corpus: 2050, signal 166125/196172 (executing program) 2022/09/14 14:05:12 fetching corpus: 2100, signal 167659/197897 (executing program) 2022/09/14 14:05:12 fetching corpus: 2150, signal 169245/199643 (executing program) 2022/09/14 14:05:12 fetching corpus: 2200, signal 170523/201193 (executing program) 2022/09/14 14:05:12 fetching corpus: 2250, signal 171817/202733 (executing program) 2022/09/14 14:05:13 fetching corpus: 2300, signal 172923/204107 (executing program) 2022/09/14 14:05:13 fetching corpus: 2350, signal 173878/205342 (executing program) 2022/09/14 14:05:13 fetching corpus: 2400, signal 175380/206915 (executing program) 2022/09/14 14:05:13 fetching corpus: 2450, signal 176724/208415 (executing program) 2022/09/14 14:05:13 fetching corpus: 2500, signal 178630/210144 (executing program) 2022/09/14 14:05:13 fetching corpus: 2550, signal 180116/211620 (executing program) 2022/09/14 14:05:14 fetching corpus: 2600, signal 181748/213145 (executing program) 2022/09/14 14:05:14 fetching corpus: 2650, signal 182927/214388 (executing program) 2022/09/14 14:05:14 fetching corpus: 2700, signal 184378/215812 (executing program) 2022/09/14 14:05:14 fetching corpus: 2750, signal 185304/216934 (executing program) 2022/09/14 14:05:14 fetching corpus: 2800, signal 186414/218070 (executing program) 2022/09/14 14:05:14 fetching corpus: 2850, signal 187699/219325 (executing program) 2022/09/14 14:05:14 fetching corpus: 2900, signal 188361/220250 (executing program) 2022/09/14 14:05:15 fetching corpus: 2950, signal 189919/221598 (executing program) 2022/09/14 14:05:15 fetching corpus: 3000, signal 190540/222489 (executing program) 2022/09/14 14:05:15 fetching corpus: 3050, signal 191249/223342 (executing program) 2022/09/14 14:05:15 fetching corpus: 3100, signal 192802/224810 (executing program) 2022/09/14 14:05:15 fetching corpus: 3150, signal 193786/225879 (executing program) 2022/09/14 14:05:15 fetching corpus: 3200, signal 195374/227152 (executing program) 2022/09/14 14:05:15 fetching corpus: 3250, signal 196550/228238 (executing program) 2022/09/14 14:05:16 fetching corpus: 3300, signal 197449/229121 (executing program) 2022/09/14 14:05:16 fetching corpus: 3350, signal 198481/230054 (executing program) 2022/09/14 14:05:16 fetching corpus: 3400, signal 199859/231068 (executing program) 2022/09/14 14:05:16 fetching corpus: 3450, signal 201457/232181 (executing program) 2022/09/14 14:05:16 fetching corpus: 3500, signal 202557/233094 (executing program) 2022/09/14 14:05:16 fetching corpus: 3550, signal 203556/233917 (executing program) 2022/09/14 14:05:17 fetching corpus: 3600, signal 204459/234740 (executing program) 2022/09/14 14:05:17 fetching corpus: 3650, signal 205188/235408 (executing program) 2022/09/14 14:05:17 fetching corpus: 3700, signal 205948/236119 (executing program) 2022/09/14 14:05:17 fetching corpus: 3750, signal 207071/236997 (executing program) 2022/09/14 14:05:17 fetching corpus: 3800, signal 207800/237660 (executing program) 2022/09/14 14:05:17 fetching corpus: 3850, signal 209028/238499 (executing program) 2022/09/14 14:05:18 fetching corpus: 3900, signal 209572/239058 (executing program) 2022/09/14 14:05:18 fetching corpus: 3950, signal 210282/239686 (executing program) 2022/09/14 14:05:18 fetching corpus: 4000, signal 210759/240217 (executing program) 2022/09/14 14:05:18 fetching corpus: 4050, signal 211495/240823 (executing program) 2022/09/14 14:05:18 fetching corpus: 4100, signal 212235/241500 (executing program) 2022/09/14 14:05:18 fetching corpus: 4150, signal 212934/242061 (executing program) 2022/09/14 14:05:18 fetching corpus: 4200, signal 213736/242671 (executing program) 2022/09/14 14:05:19 fetching corpus: 4250, signal 214433/243287 (executing program) 2022/09/14 14:05:19 fetching corpus: 4300, signal 215346/243913 (executing program) 2022/09/14 14:05:19 fetching corpus: 4350, signal 215967/244437 (executing program) 2022/09/14 14:05:19 fetching corpus: 4400, signal 216831/245016 (executing program) 2022/09/14 14:05:19 fetching corpus: 4450, signal 217157/245450 (executing program) 2022/09/14 14:05:19 fetching corpus: 4500, signal 217829/245983 (executing program) 2022/09/14 14:05:19 fetching corpus: 4550, signal 218933/246624 (executing program) 2022/09/14 14:05:20 fetching corpus: 4600, signal 219763/247149 (executing program) 2022/09/14 14:05:20 fetching corpus: 4650, signal 220238/247554 (executing program) 2022/09/14 14:05:20 fetching corpus: 4700, signal 221034/248010 (executing program) 2022/09/14 14:05:20 fetching corpus: 4750, signal 222075/248528 (executing program) 2022/09/14 14:05:20 fetching corpus: 4800, signal 223231/249029 (executing program) 2022/09/14 14:05:20 fetching corpus: 4850, signal 223768/249394 (executing program) 2022/09/14 14:05:20 fetching corpus: 4900, signal 224630/249836 (executing program) 2022/09/14 14:05:21 fetching corpus: 4950, signal 225299/250270 (executing program) 2022/09/14 14:05:21 fetching corpus: 5000, signal 225976/250631 (executing program) 2022/09/14 14:05:21 fetching corpus: 5050, signal 226669/251041 (executing program) 2022/09/14 14:05:21 fetching corpus: 5100, signal 227318/251448 (executing program) 2022/09/14 14:05:21 fetching corpus: 5150, signal 227778/251726 (executing program) 2022/09/14 14:05:21 fetching corpus: 5200, signal 228333/252052 (executing program) 2022/09/14 14:05:21 fetching corpus: 5250, signal 229458/252449 (executing program) 2022/09/14 14:05:21 fetching corpus: 5300, signal 230065/252786 (executing program) 2022/09/14 14:05:22 fetching corpus: 5350, signal 230600/253126 (executing program) 2022/09/14 14:05:22 fetching corpus: 5400, signal 231205/253426 (executing program) 2022/09/14 14:05:22 fetching corpus: 5450, signal 231831/253700 (executing program) 2022/09/14 14:05:22 fetching corpus: 5500, signal 232367/253966 (executing program) 2022/09/14 14:05:22 fetching corpus: 5550, signal 233115/254240 (executing program) 2022/09/14 14:05:22 fetching corpus: 5600, signal 233829/254482 (executing program) 2022/09/14 14:05:22 fetching corpus: 5650, signal 234536/254733 (executing program) 2022/09/14 14:05:23 fetching corpus: 5700, signal 235028/254942 (executing program) 2022/09/14 14:05:23 fetching corpus: 5750, signal 235842/255137 (executing program) 2022/09/14 14:05:23 fetching corpus: 5800, signal 236506/255359 (executing program) 2022/09/14 14:05:23 fetching corpus: 5850, signal 236901/255532 (executing program) 2022/09/14 14:05:23 fetching corpus: 5900, signal 237506/255706 (executing program) 2022/09/14 14:05:23 fetching corpus: 5950, signal 238323/255742 (executing program) 2022/09/14 14:05:24 fetching corpus: 6000, signal 239075/255743 (executing program) 2022/09/14 14:05:24 fetching corpus: 6050, signal 239372/255755 (executing program) 2022/09/14 14:05:24 fetching corpus: 6100, signal 239825/255809 (executing program) 2022/09/14 14:05:24 fetching corpus: 6150, signal 240370/255835 (executing program) 2022/09/14 14:05:24 fetching corpus: 6200, signal 241389/255868 (executing program) 2022/09/14 14:05:24 fetching corpus: 6250, signal 242498/255932 (executing program) 2022/09/14 14:05:24 fetching corpus: 6300, signal 242855/255935 (executing program) 2022/09/14 14:05:24 fetching corpus: 6350, signal 243476/255953 (executing program) 2022/09/14 14:05:25 fetching corpus: 6400, signal 243886/255973 (executing program) 2022/09/14 14:05:25 fetching corpus: 6450, signal 244398/255989 (executing program) 2022/09/14 14:05:25 fetching corpus: 6500, signal 244697/255996 (executing program) 2022/09/14 14:05:25 fetching corpus: 6550, signal 245122/256002 (executing program) 2022/09/14 14:05:25 fetching corpus: 6600, signal 245874/256025 (executing program) 2022/09/14 14:05:25 fetching corpus: 6650, signal 246549/256029 (executing program) 2022/09/14 14:05:25 fetching corpus: 6700, signal 246983/256051 (executing program) 2022/09/14 14:05:25 fetching corpus: 6750, signal 247374/256059 (executing program) 2022/09/14 14:05:26 fetching corpus: 6783, signal 247594/256062 (executing program) 2022/09/14 14:05:26 fetching corpus: 6783, signal 247594/256062 (executing program) 2022/09/14 14:05:28 starting 8 fuzzer processes 14:05:28 executing program 2: r0 = fsopen(&(0x7f0000000000)='bdev\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x6, 0x0, 0x0, 0x0) fsmount(r0, 0x0, 0x0) fsconfig$FSCONFIG_CMD_RECONFIGURE(r0, 0x7, 0x0, 0x0, 0x0) 14:05:28 executing program 1: syz_emit_ethernet(0x3e, &(0x7f0000000080)={@multicast, @broadcast, @void, {@ipv4={0x800, @igmp={{0x5, 0x4, 0x0, 0x0, 0x30, 0x0, 0x0, 0x0, 0x2, 0x0, @empty, @multicast1}, {0x14, 0x0, 0x0, @empty, "39a4ba8385314b5edc3d8aabae540cb5a69bcbd9"}}}}}, 0x0) 14:05:28 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_RINGS_SET(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000001c0)={0x14, r1, 0x1, 0x0, 0x0, {0x3}}, 0x14}}, 0x0) 14:05:28 executing program 0: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000001c0)={0x20, 0x3, 0x1, 0x201, 0x0, 0x0, {}, [@nested={0xc, 0x19, 0x0, 0x1, [@typed={0x8, 0x2, 0x0, 0x0, @pid}]}]}, 0x20}}, 0x0) 14:05:28 executing program 4: r0 = syz_open_dev$usbmon(&(0x7f0000000100), 0x0, 0x0) ioctl$MON_IOCX_GETX(r0, 0x4018920a, 0x0) 14:05:28 executing program 5: syz_open_dev$loop(&(0x7f0000000140), 0x0, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x9}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) fcntl$dupfd(0xffffffffffffffff, 0x406, r0) fcntl$F_SET_FILE_RW_HINT(0xffffffffffffffff, 0x40e, &(0x7f0000000040)=0x1) perf_event_open(&(0x7f0000001840)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000001800), 0xd}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x3) write(r0, &(0x7f0000000080)="01", 0x292e9) 14:05:28 executing program 6: r0 = socket$inet_udp(0x2, 0x2, 0x0) getsockopt$inet_int(r0, 0x0, 0xa, 0xfffffffffffffffc, &(0x7f0000000480)) 14:05:28 executing program 7: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x1030c2, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x11, r0, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000140), 0x0, &(0x7f0000000000)) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, 0xffffffffffffffff, &(0x7f0000000240)={0xc0000008}) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xb) r2 = socket$inet6_udp(0xa, 0x2, 0x0) r3 = dup(r2) connect$inet6(r3, &(0x7f00000000c0)={0xa, 0x0, 0x0, @local, 0x2}, 0x1c) setsockopt$inet6_opts(r3, 0x29, 0x3b, &(0x7f00000001c0)=ANY=[], 0x8) sendmmsg$inet6(r3, &(0x7f0000002880), 0x4000101, 0x0) getsockname$packet(r3, &(0x7f0000003ac0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000003b00)=0x14) ioctl$FICLONERANGE(0xffffffffffffffff, 0x4020940d, &(0x7f00000001c0)={{}, 0x9, 0x100000000, 0x100000001}) io_uring_register$IORING_REGISTER_BUFFERS(0xffffffffffffffff, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)=""/85, 0x55}], 0x1) [ 80.873657] audit: type=1400 audit(1663164328.311:6): avc: denied { execmem } for pid=287 comm="syz-executor.2" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1 [ 82.130832] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 82.132859] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 82.134647] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 82.136019] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 82.137342] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 82.139181] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 82.143040] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 82.144985] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 82.146413] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 82.151486] Bluetooth: hci0: HCI_REQ-0x0c1a [ 82.157339] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 82.158874] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 82.163497] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 82.168611] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 82.177615] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 82.179081] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 82.180861] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 82.182003] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 82.183126] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 82.184624] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 82.186611] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 82.188568] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 82.190031] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 82.192727] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 82.194624] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 82.196506] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 82.197922] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 82.199455] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 82.204556] Bluetooth: hci5: HCI_REQ-0x0c1a [ 82.206434] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 82.209314] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 82.211963] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 82.215600] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 82.223214] Bluetooth: hci2: HCI_REQ-0x0c1a [ 82.225417] Bluetooth: hci6: HCI_REQ-0x0c1a [ 82.227302] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 82.230723] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 82.237422] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 82.239067] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 82.243655] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 82.244802] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 82.246343] Bluetooth: hci3: HCI_REQ-0x0c1a [ 82.246527] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 82.253519] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 82.254947] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 82.257232] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 82.258451] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 82.259993] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 82.262518] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 82.266106] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 82.267238] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 82.271913] Bluetooth: hci7: HCI_REQ-0x0c1a [ 82.272742] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 82.277966] Bluetooth: hci1: HCI_REQ-0x0c1a [ 82.280011] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 82.295438] Bluetooth: hci4: HCI_REQ-0x0c1a [ 84.213420] Bluetooth: hci5: command 0x0409 tx timeout [ 84.213421] Bluetooth: hci0: command 0x0409 tx timeout [ 84.277809] Bluetooth: hci3: command 0x0409 tx timeout [ 84.278356] Bluetooth: hci2: command 0x0409 tx timeout [ 84.340832] Bluetooth: hci6: command 0x0409 tx timeout [ 84.341337] Bluetooth: hci4: command 0x0409 tx timeout [ 84.341735] Bluetooth: hci1: command 0x0409 tx timeout [ 84.342597] Bluetooth: hci7: command 0x0409 tx timeout [ 86.261849] Bluetooth: hci5: command 0x041b tx timeout [ 86.262394] Bluetooth: hci0: command 0x041b tx timeout [ 86.324870] Bluetooth: hci2: command 0x041b tx timeout [ 86.325814] Bluetooth: hci3: command 0x041b tx timeout [ 86.388890] Bluetooth: hci7: command 0x041b tx timeout [ 86.389408] Bluetooth: hci1: command 0x041b tx timeout [ 86.390626] Bluetooth: hci4: command 0x041b tx timeout [ 86.391401] Bluetooth: hci6: command 0x041b tx timeout [ 88.309842] Bluetooth: hci0: command 0x040f tx timeout [ 88.310379] Bluetooth: hci5: command 0x040f tx timeout [ 88.372819] Bluetooth: hci3: command 0x040f tx timeout [ 88.373331] Bluetooth: hci2: command 0x040f tx timeout [ 88.437874] Bluetooth: hci6: command 0x040f tx timeout [ 88.438405] Bluetooth: hci4: command 0x040f tx timeout [ 88.438880] Bluetooth: hci1: command 0x040f tx timeout [ 88.439312] Bluetooth: hci7: command 0x040f tx timeout [ 90.357890] Bluetooth: hci5: command 0x0419 tx timeout [ 90.358391] Bluetooth: hci0: command 0x0419 tx timeout [ 90.421818] Bluetooth: hci2: command 0x0419 tx timeout [ 90.422294] Bluetooth: hci3: command 0x0419 tx timeout [ 90.485823] Bluetooth: hci7: command 0x0419 tx timeout [ 90.486299] Bluetooth: hci1: command 0x0419 tx timeout [ 90.486700] Bluetooth: hci4: command 0x0419 tx timeout [ 90.487628] Bluetooth: hci6: command 0x0419 tx timeout 14:06:21 executing program 4: r0 = syz_open_dev$usbmon(&(0x7f0000000100), 0x0, 0x0) ioctl$MON_IOCX_GETX(r0, 0x4018920a, 0x0) 14:06:21 executing program 4: r0 = syz_open_dev$usbmon(&(0x7f0000000100), 0x0, 0x0) ioctl$MON_IOCX_GETX(r0, 0x4018920a, 0x0) 14:06:21 executing program 4: r0 = syz_open_dev$usbmon(&(0x7f0000000100), 0x0, 0x0) ioctl$MON_IOCX_GETX(r0, 0x4018920a, 0x0) 14:06:21 executing program 4: syz_mount_image$vfat(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) pwritev(r0, &(0x7f0000000140)=[{&(0x7f0000000000)='%', 0x1}], 0x1, 0x10000, 0x0) ioctl$SNDRV_SEQ_IOCTL_RUNNING_MODE(r0, 0xc0105303, &(0x7f0000000180)={0xfc, 0xd0, 0x9}) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) chdir(&(0x7f0000000040)='./file1\x00') r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) ioctl$FS_IOC_MEASURE_VERITY(0xffffffffffffffff, 0xc0046686, &(0x7f0000000300)={0x0, 0x1000, "37ada02d80227aa759a856f48dedb86ef0f2ab3112244bb09c04179ab2064f7400864c93b1b5d0934ed773b9af1382dfd18c18d0f494e2b43c2d6efd4a58689f6bf01e0209c14fc48e9603befab7b68dc603e8df556d5f6276aaa6298a20c13f58d18f65af9bbf7a3e44cd1c0983ebfcf7a7e29f42bcc91b77ea9338f31d95129137aefc88fa34b91d9e64b007e3078aceab2158db7bf0142db13250d530f77bb1f01281bbf40cc50bfc29c89785a2dbbdfa85aaae1a5deafb693a53e2a9a75c2174bd217d064626877a568810d43c9666a2e4c2a503bcc89c1d6db656b0487d74200870565871b72648b6f942a400af6b6319dbc159f0f941991b7205a47d667b15db59c76dd7606cac7f4dfacc9ab41f2267d608c118f41e8dd779d1141288261dd7594aaab12296b502585ec040ec98f10775a218314cffb0d99e320c261b69b696dfbfeb3850ed532f3899203d11a644f1c40b4c9de20bd77b36e25bbbd15c62b3ad817512b9acefb7ea02784b5e8267356c152b7cf2ac8feb340b8700797989b2940f2d7a23ccb0b9b58af02d89a010ce4fa04f27fd7e95db7d7e042297bf8777e3e371836130a26f67f3d2c14a84cbd70fd5141aa6cfc61374a3e4ecd4a7a42406d1225311c0bbd8f62dab74b3ef4d25b145bb221ad3cae5fdf4d783870a2edc1dad6cb659b70ee8078b7f107e1043c1d5e78f3b19dd0650719e5f086507755c0ea1f36f4e7c98e596468d90a2d3d2613e2d4282245942af42ec848c899080000d97c452db11c2bb5bf3c39b640fe5b18786c1083bfe368531f18dcd76dadf6c13eb53761182b2fd57880196dacdea259ac7f0462663febec93d8da374be467272e685f4f68b62cb08239ac9abc40794c5d2cd25aebec48a69f152ed4be4cefbe621e5becaca1f499b478d66d1069259a728f2e1b7513bad040df38f987abe12d711f014b6948154d5343592e99ba867cd5143d4f90cd6ccfa87b412191b143086aa948e59eb9de31df88fe0e37b8a4366c29b3dcbfb53f4cb13c2be05ea9d4aaeac797540b9387aece1fb6151322b87b8999e81e40bea5fbe3882fac16f23c57dcaf454461606cfe8f6413ac6608d1f0b29fedd6ab7b7ecc83fedeab21690f4de447368099fb0cabf16281af22b7543a610548deff97f79110c3c410f85185607e0f7782f84b42fc8d6f23d39d9f3ba2d6cdc4db7ab9d2503fc056812efa844ed079f51b2d2e34bb996d842c397251c7b33ff7a138462db9d1d3623f0c89b60de7083efbc64c01ce929313f853dec449eff5232be7ba3bd7ca76ea9cf889c7118926143cf0a807446254b0436dd6b821d24aed21f8d10b83730ef07ee4b4e55e84363fc81e9c4c1ce72d3139581518046b126873be8d6d1eea4f8085a6c2e1e53933dbf0a7bb5087ebc404b5e15b8edeafdd377f3d594b5f9f0039321d8aa0f6a291c00b1867b515291f9cc7f8d46339a92e59a240d2a7b72cce215e16a8493f12d7c109e2690ae1974b3a1d9ff3c42399a678e3cd384aebf9799b025210893f012c7ae45fee18704911cba525246ee3e961b115535d526ce27df5845ae36025c20db2aca5091336b908ca83be450e7712f8ac3aaf48125383d2361d3439833b44086db8bd53fbecf61b89b33d67a23e69f78beeef2e9f10e77f7a81965aaff2ff27564b47178fb457d3e4877baae363809d887a6cdc84ab1d4c8c0c27c50dd69a318a45d825918dcd1fa9bcbf5df1427b66812ba45742eb3215f1ff7637c37a12b70f1515a3272197c0aca0eecc6d5474575f4104529b916714bd9c51c2890feda118a0c742a69ea2e83ed2ec93f7861aefe160d885275d907a313e893beccdd2f213f85c1f1477301adc6916caeeb568c6b470bf11a5cc1db32b98c7749eaeeb30fa747744e7190bbf8ebe351a8c02c8f93abb92f5d9fbf878bde2a7617c4b932eb62285c04bd1d0f61a5b8d2ce412b5bfe45e2823c5a73597b3ebeccd82f2ce49893635bbf413c6157158d48873e4408ce76d40b4f51ca0ba2c7204b2c8103de18a842a322b1c700b430820c20d76b0c402d1052967cf74be5503720fe9b3ed75a8a598a1981e18a178c57e899cb11691e2b29c05ef63612f5eb646756be84aaa624767a625d58e460e55de3a81a36f45d2e6cf518ae198726da52ab5dde67a88844ff91ba70de627581b6319f46b4adad31171c2c619ada3571387d1f28bbc4aa7f00d14921e7ac1b38953913047e04b65c275c93e0eb6b0a0733c08a017e944b75c3c0fa9818022790cf456434e8c22a027ddb2a4862944e19c38d6013ea498f45313581b030b9530a6b70a9b2569ecd0f6f52d8778aff25430f3c66bf6fa86b9c6c733055ce26fa543efb0e12c99372d567e70a7ed8d6117d3795dc77510bb61374b69254e2e6c6f51a67396b171fef6edd17c9f0d9a658f9dfb80f7cf846370a7da186020c84f3213588076fcbc89b057fdbaf52bf04ecead0f01c4e0c9844aa01697e2d58eead28c1de8b3d5dfd699417606b70d54f8d794a07e3d80dac5912a0e4f15e2b58cf9d9400e196e840302f12c7dc6c45a72238fe060e08eacc520bb37034083394760167189146de24d765c475fffc4347cc129c1271b530eef508b759ceac5cf53618f4f995d146f4895cbbec7a110a64dbecadf7d5630ffa4c3677a7441576e5817ce30206c2c1e8609ccd84aa5ab8d4cd3b9e293c86e177dd53d161994b7838c6b7afbe27bc4cdaef768e86cff23100df86cc88e6fcc5d83bba4ab6599a39d1c1f5cee0560907e5b67043d25552db6ec5f06b322bf29d038117cae2d5e6003a4c10cbaefa3bd8f78c198dbafbf95c87c3b2ed0eb73453635cfe603f1debb3161a7932572e6056da0e19b551bb4838fbb6ce73ee608f1b76a5ab373912337189800f866adf4ee44dda6a653761e8aa11a807bd929b206d42cb8ab92b49bef65c347a2198d2207208f87bcb11676b1b2980da69bdd716f184484edf27d357e1a32d29f6442da8aa8e1d61fecf07e83383cf88c351d8fd7acf3888ee755d587380e5921d4d3e8911bd2b6452a409deefac57baf9022ac1866c67616e16a69207d30c6275b12eba8b98d405af644184b78240f9773abfa6519850b337891fe8f45891afcb31bdcebfefdbb89574febc2e87eb84822ff34052972ae8a6c482860b2f79306114e581916a12f16aa25960e6257d5b4d316e69e34394f88cbd10ca2056dc01aefc2080c8c639c4e66abdf6c1c594520f0fcf806c0dee82cf47a59d2ffff0d135ad5977ae0be482c30129ebdac98360c896e7d8951b58580beb396d6d9d32dd90c50167e909474b65687d08c3e246046a3de6deb8b7b2f9e54a3fbf59c95241b8f5fa34135a1960ae4b97a8a76f1d7730d91c3a5404a0bd46ef2e334003216488a5e7c03eaaff4a4fcbe2a20096b9e4982c56285563c8dfd587ad3d7365aebed28b4809e55dd12cd66d13e9d9d3e6a974e6675ea981a08b5f7e109e7aed9b34f20d0c069adaf50c9fb19b2a4cd0453fa6a094ccc80c265360da8974a1af04ce8789f1b528b333f76d501e3a5ad86b175a9d9bc7f96fbde45203eed298acdd2d1a75eeba43d3ba237f5caf41cb00dda88a94f9e5590380837a3f05f7c882ba62326518d666237e31542599800cf4ef5c04619ff67b3023af6598e8292626da4f0ec2d1bfcf2135e51207e595f5305020eb47fa55ca4507a88a8354311fdd5b795c999e3db8c7d0674aa09278bb1097c530188416abb8055199c17f0932277ea3e20f2801872f6e06f4a7d7d844e80bdff624c655020935b8769989d8fe3411da7d6b4dc8314dde94f13df3c866f340187ca9a13a8e2eabb153a9c5f58d06fdddeda18e11ecc6e29e5b676644214a765f86ca0b86d6d362e382fc0a0faa3262638de42aa589f37079f76ab97921f869fdd0b24a77219014a20e13e2250e663be0c98958275fcd746d489387a654d8a55567d91c3f539486f2ad9f44a4995cafa9da4762b8d535bc16f878fb337fb3073d9126a66b6d900b24f5d7aba5b085255070e9e330618e228d52bef8cf4fa38228817c2bb503641ac2a223d105ecd232fe1c0cc8c21c0409ed13487915f6b32f6b882c1a0a4ba64aa0afef3ec277abe1cd73899033218f3bc953c3ac5ad3b587473acae7bd1ddf877af22e15457677c69ba4f88baf5f4a559b21f4a24dba45397c186449067fe347c4de30fc4c92b835f90d76deb494a78e5afceb526d65aa7e2db70adce3168d84298e899ba74842aefe056e8a4931d51eb2af649f0aa66316fb8fe30d7f0952d34501a5a72ddfcfb73c8819bb30d5f3bcea1022fdbcf9f40fafc631e702a80058d4eb59310193f00d986373e0b61a48a026a348c99075de9c564a6f132bc4fc881cf181ed9de284828ec682dbce1ea18879751412057e1b9d80ee0cb0dc9f1f7274904090917b2dd19c9d70376f88be87991e52649d06ca7bbc9315f122c69d87832d18404198b11562d1a103802ec9d89ec549704ab76708e62e12800c63453ea1613becd381ad0596090b8ab7df52c49a82d7c40b76c797b2e39f4e56f566f2df1e7625c12a16be9615b7a102cd504b916471a8b85d2a7e6511918d8a6d9af9281c7cf48494e34e613ddf0c6312849379d16662df8f5321a523cbc48d53668e944c383c9e3fb73e9466ddab3ecde8e6c482f46e0e201fe733e62a544a5e81a41094d5188ac2f6d1fd515443d4c98b9fb43b529e534b0a4f93636efab68a7c2b2223ae5773c2d741293b74159d1f34768086aafb0e964b82534011fafd5f3244978c573a206cb9fb6709473310a9148cbb0818e7e56a21833876b9b08a030eb0343862f7fdf9b5745503f5cec75782b37ffc294bc0f59feea788770c701139eecd7671ef21cfdcb879cf1143e19a85d291605a0a3c7603d6861235c08d1cf91567bd53ddb1dea8c6b4beab626a5afe530527988b1c755a8247c230c2eca917f0fb81a2331f633ff7f2eea2c5af19a9634cebc9d6c73a1c2a882b259d29439afe86a8e6abd95756efc69eaf7a23d7a801b089ee85f7e3793357f8afe32a2215acc5f57f4100c75618f5aac5dee8f1eddca1fce6427d35412489082d3859624db42d3dd6f9e795fa095401edb82b8ca82fdb86c2b9fdd7d9d2d10d48f41eeff27a77252ed8dade4d880b6dfc41d0f01c1d54ba8a1333157b69c298f04adb1002e878153a1a7bd577bae6ab5670cad2a435547d02f36cdc960bbfc4162092c4df9ea501eac62e44772eb52a63452a129ab263e188766d3c6d5ca78580eee3000cfa63d1f0ec866a48a073f649a4494ca39333ba22f0e47c596459caafcd2808e282811d68d924cd8bbc53e8c5b0f0b681b6b644f2ecea876c2526046eaf29f4584ac587d89c57753fb23494b5dd7c7c0734805e6df221a0ef08d265ec066f89c9871f26aeafb00ea20f490e99b1b17a6da610379e389e2a46bb2a86374f4c83ea15f81df16ad76183a3616814914addf6c78593a0b6893bb79f2c20c57b0b921a3d7b14c361f9b5156d38aeb887c206d6b7fd6c933cf8f9c6816e35c146a052952cb12ad315d62ae679ba17dbc51366b0b624cab38d6685250b1d54a50dfa47fec65803d575b5441dc04634dab43fc73a5f254ffcf95d7ac6ca6ec72561a55d57323fbb1ba8e22638d465eeb99098f88dc7037bb9d656a8ed80172da6d3a858fcd8cc96b21fea99f1af684f987725abbb627faa6928cfc4bc3245caf536c12aa54e2c273313bcc73fe5f538485049afc7e9aa209214135b4bc5c569"}) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xb, 0x7}, 0x15182, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xb) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r2, r1, 0x0, 0xfffffdef) 14:06:21 executing program 0: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000001c0)={0x20, 0x3, 0x1, 0x201, 0x0, 0x0, {}, [@nested={0xc, 0x19, 0x0, 0x1, [@typed={0x8, 0x2, 0x0, 0x0, @pid}]}]}, 0x20}}, 0x0) [ 134.293034] audit: type=1400 audit(1663164381.730:7): avc: denied { open } for pid=3805 comm="syz-executor.4" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 [ 134.294397] audit: type=1400 audit(1663164381.731:8): avc: denied { kernel } for pid=3805 comm="syz-executor.4" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 [ 134.312280] ------------[ cut here ]------------ [ 134.312303] [ 134.312307] ====================================================== [ 134.312310] WARNING: possible circular locking dependency detected [ 134.312315] 6.0.0-rc5-next-20220914 #1 Not tainted [ 134.312321] ------------------------------------------------------ [ 134.312324] syz-executor.4/3806 is trying to acquire lock: [ 134.312331] ffffffff853fa878 ((console_sem).lock){....}-{2:2}, at: down_trylock+0xe/0x70 [ 134.312369] [ 134.312369] but task is already holding lock: [ 134.312372] ffff88800e0d6020 (&ctx->lock){....}-{2:2}, at: __perf_event_task_sched_out+0x53b/0x18d0 [ 134.312399] [ 134.312399] which lock already depends on the new lock. [ 134.312399] [ 134.312403] [ 134.312403] the existing dependency chain (in reverse order) is: [ 134.312406] [ 134.312406] -> #3 (&ctx->lock){....}-{2:2}: [ 134.312420] _raw_spin_lock+0x2a/0x40 [ 134.312438] __perf_event_task_sched_out+0x53b/0x18d0 [ 134.312450] __schedule+0xedd/0x2470 [ 134.312461] schedule+0xda/0x1b0 [ 134.312471] exit_to_user_mode_prepare+0x114/0x1a0 [ 134.312490] syscall_exit_to_user_mode+0x19/0x40 [ 134.312508] do_syscall_64+0x48/0x90 [ 134.312522] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 134.312539] [ 134.312539] -> #2 (&rq->__lock){-.-.}-{2:2}: [ 134.312553] _raw_spin_lock_nested+0x30/0x40 [ 134.312567] raw_spin_rq_lock_nested+0x1e/0x30 [ 134.312581] task_fork_fair+0x63/0x4d0 [ 134.312597] sched_cgroup_fork+0x3d0/0x540 [ 134.312611] copy_process+0x4183/0x6e20 [ 134.312621] kernel_clone+0xe7/0x890 [ 134.312631] user_mode_thread+0xad/0xf0 [ 134.312641] rest_init+0x24/0x250 [ 134.312657] arch_call_rest_init+0xf/0x14 [ 134.312669] start_kernel+0x4c1/0x4e6 [ 134.312679] secondary_startup_64_no_verify+0xe0/0xeb [ 134.312693] [ 134.312693] -> #1 (&p->pi_lock){-.-.}-{2:2}: [ 134.312706] _raw_spin_lock_irqsave+0x39/0x60 [ 134.312721] try_to_wake_up+0xab/0x1920 [ 134.312734] up+0x75/0xb0 [ 134.312748] __up_console_sem+0x6e/0x80 [ 134.312764] console_unlock+0x46a/0x590 [ 134.312780] vt_ioctl+0x2822/0x2ca0 [ 134.312793] tty_ioctl+0x7c4/0x1700 [ 134.312804] __x64_sys_ioctl+0x19a/0x210 [ 134.312819] do_syscall_64+0x3b/0x90 [ 134.312832] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 134.312849] [ 134.312849] -> #0 ((console_sem).lock){....}-{2:2}: [ 134.312862] __lock_acquire+0x2a02/0x5e70 [ 134.312878] lock_acquire+0x1a2/0x530 [ 134.312894] _raw_spin_lock_irqsave+0x39/0x60 [ 134.312908] down_trylock+0xe/0x70 [ 134.312920] __down_trylock_console_sem+0x3b/0xd0 [ 134.312936] vprintk_emit+0x16b/0x560 [ 134.312952] vprintk+0x84/0xa0 [ 134.312968] _printk+0xba/0xf1 [ 134.312985] report_bug.cold+0x72/0xab [ 134.312998] handle_bug+0x3c/0x70 [ 134.313010] exc_invalid_op+0x14/0x50 [ 134.313023] asm_exc_invalid_op+0x16/0x20 [ 134.313039] group_sched_out.part.0+0x2c7/0x460 [ 134.313049] ctx_sched_out+0x8f1/0xc10 [ 134.313059] __perf_event_task_sched_out+0x6d0/0x18d0 [ 134.313071] __schedule+0xedd/0x2470 [ 134.313080] schedule+0xda/0x1b0 [ 134.313090] exit_to_user_mode_prepare+0x114/0x1a0 [ 134.313108] syscall_exit_to_user_mode+0x19/0x40 [ 134.313125] do_syscall_64+0x48/0x90 [ 134.313137] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 134.313154] [ 134.313154] other info that might help us debug this: [ 134.313154] [ 134.313156] Chain exists of: [ 134.313156] (console_sem).lock --> &rq->__lock --> &ctx->lock [ 134.313156] [ 134.313171] Possible unsafe locking scenario: [ 134.313171] [ 134.313174] CPU0 CPU1 [ 134.313176] ---- ---- [ 134.313178] lock(&ctx->lock); [ 134.313184] lock(&rq->__lock); [ 134.313191] lock(&ctx->lock); [ 134.313197] lock((console_sem).lock); [ 134.313203] [ 134.313203] *** DEADLOCK *** [ 134.313203] [ 134.313205] 2 locks held by syz-executor.4/3806: [ 134.313211] #0: ffff88806ce37cd8 (&rq->__lock){-.-.}-{2:2}, at: __schedule+0x1cf/0x2470 [ 134.313237] #1: ffff88800e0d6020 (&ctx->lock){....}-{2:2}, at: __perf_event_task_sched_out+0x53b/0x18d0 [ 134.313264] [ 134.313264] stack backtrace: [ 134.313267] CPU: 0 PID: 3806 Comm: syz-executor.4 Not tainted 6.0.0-rc5-next-20220914 #1 [ 134.313280] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 134.313289] Call Trace: [ 134.313292] [ 134.313297] dump_stack_lvl+0x8b/0xb3 [ 134.313311] check_noncircular+0x263/0x2e0 [ 134.313328] ? format_decode+0x26c/0xb50 [ 134.313343] ? print_circular_bug+0x450/0x450 [ 134.313359] ? enable_ptr_key_workfn+0x20/0x20 [ 134.313374] ? format_decode+0x26c/0xb50 [ 134.313389] ? alloc_chain_hlocks+0x1ec/0x5a0 [ 134.313407] __lock_acquire+0x2a02/0x5e70 [ 134.313428] ? lockdep_hardirqs_on_prepare+0x410/0x410 [ 134.313450] lock_acquire+0x1a2/0x530 [ 134.313466] ? down_trylock+0xe/0x70 [ 134.313480] ? rcu_read_unlock+0x40/0x40 [ 134.313501] ? vprintk+0x84/0xa0 [ 134.313518] _raw_spin_lock_irqsave+0x39/0x60 [ 134.313533] ? down_trylock+0xe/0x70 [ 134.313547] down_trylock+0xe/0x70 [ 134.313560] ? vprintk+0x84/0xa0 [ 134.313576] __down_trylock_console_sem+0x3b/0xd0 [ 134.313593] vprintk_emit+0x16b/0x560 [ 134.313612] vprintk+0x84/0xa0 [ 134.313629] _printk+0xba/0xf1 [ 134.313646] ? record_print_text.cold+0x16/0x16 [ 134.313667] ? report_bug.cold+0x66/0xab [ 134.313681] ? group_sched_out.part.0+0x2c7/0x460 [ 134.313692] report_bug.cold+0x72/0xab [ 134.313707] handle_bug+0x3c/0x70 [ 134.313721] exc_invalid_op+0x14/0x50 [ 134.313735] asm_exc_invalid_op+0x16/0x20 [ 134.313752] RIP: 0010:group_sched_out.part.0+0x2c7/0x460 [ 134.313765] Code: 5e 41 5f e9 3b b7 ef ff e8 36 b7 ef ff 65 8b 1d ab 15 ac 7e 31 ff 89 de e8 d6 b3 ef ff 85 db 0f 84 8a 00 00 00 e8 19 b7 ef ff <0f> 0b e9 a5 fe ff ff e8 0d b7 ef ff 48 8d 7d 10 48 b8 00 00 00 00 [ 134.313776] RSP: 0018:ffff88801efafc48 EFLAGS: 00010006 [ 134.313785] RAX: 0000000040000002 RBX: 0000000000000000 RCX: 0000000000000000 [ 134.313793] RDX: ffff888040dc9ac0 RSI: ffffffff81566027 RDI: 0000000000000005 [ 134.313800] RBP: ffff888008660000 R08: 0000000000000005 R09: 0000000000000001 [ 134.313808] R10: 0000000000000000 R11: ffffffff865ac01b R12: ffff88800e0d6000 [ 134.313816] R13: ffff88806ce3d100 R14: ffffffff8547c660 R15: 0000000000000002 [ 134.313827] ? group_sched_out.part.0+0x2c7/0x460 [ 134.313840] ? group_sched_out.part.0+0x2c7/0x460 [ 134.313852] ctx_sched_out+0x8f1/0xc10 [ 134.313865] __perf_event_task_sched_out+0x6d0/0x18d0 [ 134.313880] ? lock_is_held_type+0xd7/0x130 [ 134.313898] ? __perf_cgroup_move+0x160/0x160 [ 134.313910] ? set_next_entity+0x304/0x550 [ 134.313927] ? update_curr+0x267/0x740 [ 134.313945] ? lock_is_held_type+0xd7/0x130 [ 134.313963] __schedule+0xedd/0x2470 [ 134.313976] ? io_schedule_timeout+0x150/0x150 [ 134.313989] ? rcu_read_lock_sched_held+0x3e/0x80 [ 134.314009] schedule+0xda/0x1b0 [ 134.314020] exit_to_user_mode_prepare+0x114/0x1a0 [ 134.314040] syscall_exit_to_user_mode+0x19/0x40 [ 134.314058] do_syscall_64+0x48/0x90 [ 134.314071] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 134.314089] RIP: 0033:0x7f9957addb19 [ 134.314097] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 134.314108] RSP: 002b:00007f9955053218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 134.314119] RAX: 0000000000000001 RBX: 00007f9957bf0f68 RCX: 00007f9957addb19 [ 134.314126] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f9957bf0f6c [ 134.314134] RBP: 00007f9957bf0f60 R08: 000000000000000e R09: 0000000000000000 [ 134.314141] R10: 0000000000000006 R11: 0000000000000246 R12: 00007f9957bf0f6c [ 134.314148] R13: 00007ffe2edb7b0f R14: 00007f9955053300 R15: 0000000000022000 [ 134.314161] [ 134.370566] WARNING: CPU: 0 PID: 3806 at kernel/events/core.c:2309 group_sched_out.part.0+0x2c7/0x460 [ 134.371273] Modules linked in: [ 134.371522] CPU: 0 PID: 3806 Comm: syz-executor.4 Not tainted 6.0.0-rc5-next-20220914 #1 [ 134.372126] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 134.372975] RIP: 0010:group_sched_out.part.0+0x2c7/0x460 [ 134.373391] Code: 5e 41 5f e9 3b b7 ef ff e8 36 b7 ef ff 65 8b 1d ab 15 ac 7e 31 ff 89 de e8 d6 b3 ef ff 85 db 0f 84 8a 00 00 00 e8 19 b7 ef ff <0f> 0b e9 a5 fe ff ff e8 0d b7 ef ff 48 8d 7d 10 48 b8 00 00 00 00 [ 134.374769] RSP: 0018:ffff88801efafc48 EFLAGS: 00010006 [ 134.375179] RAX: 0000000040000002 RBX: 0000000000000000 RCX: 0000000000000000 [ 134.375721] RDX: ffff888040dc9ac0 RSI: ffffffff81566027 RDI: 0000000000000005 [ 134.376274] RBP: ffff888008660000 R08: 0000000000000005 R09: 0000000000000001 [ 134.376823] R10: 0000000000000000 R11: ffffffff865ac01b R12: ffff88800e0d6000 [ 134.377356] R13: ffff88806ce3d100 R14: ffffffff8547c660 R15: 0000000000000002 [ 134.377900] FS: 00007f9955053700(0000) GS:ffff88806ce00000(0000) knlGS:0000000000000000 [ 134.378507] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 134.378957] CR2: 00007f50a1833228 CR3: 000000000eeb6000 CR4: 0000000000350ef0 [ 134.379496] Call Trace: [ 134.379694] [ 134.379873] ctx_sched_out+0x8f1/0xc10 [ 134.380162] __perf_event_task_sched_out+0x6d0/0x18d0 [ 134.380545] ? lock_is_held_type+0xd7/0x130 [ 134.380872] ? __perf_cgroup_move+0x160/0x160 [ 134.381205] ? set_next_entity+0x304/0x550 [ 134.381520] ? update_curr+0x267/0x740 [ 134.381818] ? lock_is_held_type+0xd7/0x130 [ 134.382144] __schedule+0xedd/0x2470 [ 134.382425] ? io_schedule_timeout+0x150/0x150 [ 134.382760] ? rcu_read_lock_sched_held+0x3e/0x80 [ 134.383133] schedule+0xda/0x1b0 [ 134.383387] exit_to_user_mode_prepare+0x114/0x1a0 [ 134.383754] syscall_exit_to_user_mode+0x19/0x40 [ 134.384111] do_syscall_64+0x48/0x90 [ 134.384391] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 134.384779] RIP: 0033:0x7f9957addb19 [ 134.385052] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 134.386357] RSP: 002b:00007f9955053218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 134.386900] RAX: 0000000000000001 RBX: 00007f9957bf0f68 RCX: 00007f9957addb19 [ 134.387422] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f9957bf0f6c [ 134.387931] RBP: 00007f9957bf0f60 R08: 000000000000000e R09: 0000000000000000 [ 134.388448] R10: 0000000000000006 R11: 0000000000000246 R12: 00007f9957bf0f6c [ 134.388960] R13: 00007ffe2edb7b0f R14: 00007f9955053300 R15: 0000000000022000 [ 134.389480] [ 134.389656] irq event stamp: 1524 [ 134.389910] hardirqs last enabled at (1523): [] exit_to_user_mode_prepare+0x109/0x1a0 [ 134.390617] hardirqs last disabled at (1524): [] __schedule+0x1225/0x2470 [ 134.391236] softirqs last enabled at (1038): [] __irq_exit_rcu+0x11b/0x180 [ 134.391875] softirqs last disabled at (983): [] __irq_exit_rcu+0x11b/0x180 [ 134.392504] ---[ end trace 0000000000000000 ]--- 14:06:21 executing program 0: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000001c0)={0x20, 0x3, 0x1, 0x201, 0x0, 0x0, {}, [@nested={0xc, 0x19, 0x0, 0x1, [@typed={0x8, 0x2, 0x0, 0x0, @pid}]}]}, 0x20}}, 0x0) 14:06:22 executing program 0: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000001c0)={0x20, 0x3, 0x1, 0x201, 0x0, 0x0, {}, [@nested={0xc, 0x19, 0x0, 0x1, [@typed={0x8, 0x2, 0x0, 0x0, @pid}]}]}, 0x20}}, 0x0) [ 134.611101] syz-executor.4 (3806) used greatest stack depth: 23448 bytes left 14:06:22 executing program 4: syz_mount_image$vfat(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) pwritev(r0, &(0x7f0000000140)=[{&(0x7f0000000000)='%', 0x1}], 0x1, 0x10000, 0x0) ioctl$SNDRV_SEQ_IOCTL_RUNNING_MODE(r0, 0xc0105303, &(0x7f0000000180)={0xfc, 0xd0, 0x9}) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) chdir(&(0x7f0000000040)='./file1\x00') r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) ioctl$FS_IOC_MEASURE_VERITY(0xffffffffffffffff, 0xc0046686, &(0x7f0000000300)={0x0, 0x1000, "37ada02d80227aa759a856f48dedb86ef0f2ab3112244bb09c04179ab2064f7400864c93b1b5d0934ed773b9af1382dfd18c18d0f494e2b43c2d6efd4a58689f6bf01e0209c14fc48e9603befab7b68dc603e8df556d5f6276aaa6298a20c13f58d18f65af9bbf7a3e44cd1c0983ebfcf7a7e29f42bcc91b77ea9338f31d95129137aefc88fa34b91d9e64b007e3078aceab2158db7bf0142db13250d530f77bb1f01281bbf40cc50bfc29c89785a2dbbdfa85aaae1a5deafb693a53e2a9a75c2174bd217d064626877a568810d43c9666a2e4c2a503bcc89c1d6db656b0487d74200870565871b72648b6f942a400af6b6319dbc159f0f941991b7205a47d667b15db59c76dd7606cac7f4dfacc9ab41f2267d608c118f41e8dd779d1141288261dd7594aaab12296b502585ec040ec98f10775a218314cffb0d99e320c261b69b696dfbfeb3850ed532f3899203d11a644f1c40b4c9de20bd77b36e25bbbd15c62b3ad817512b9acefb7ea02784b5e8267356c152b7cf2ac8feb340b8700797989b2940f2d7a23ccb0b9b58af02d89a010ce4fa04f27fd7e95db7d7e042297bf8777e3e371836130a26f67f3d2c14a84cbd70fd5141aa6cfc61374a3e4ecd4a7a42406d1225311c0bbd8f62dab74b3ef4d25b145bb221ad3cae5fdf4d783870a2edc1dad6cb659b70ee8078b7f107e1043c1d5e78f3b19dd0650719e5f086507755c0ea1f36f4e7c98e596468d90a2d3d2613e2d4282245942af42ec848c899080000d97c452db11c2bb5bf3c39b640fe5b18786c1083bfe368531f18dcd76dadf6c13eb53761182b2fd57880196dacdea259ac7f0462663febec93d8da374be467272e685f4f68b62cb08239ac9abc40794c5d2cd25aebec48a69f152ed4be4cefbe621e5becaca1f499b478d66d1069259a728f2e1b7513bad040df38f987abe12d711f014b6948154d5343592e99ba867cd5143d4f90cd6ccfa87b412191b143086aa948e59eb9de31df88fe0e37b8a4366c29b3dcbfb53f4cb13c2be05ea9d4aaeac797540b9387aece1fb6151322b87b8999e81e40bea5fbe3882fac16f23c57dcaf454461606cfe8f6413ac6608d1f0b29fedd6ab7b7ecc83fedeab21690f4de447368099fb0cabf16281af22b7543a610548deff97f79110c3c410f85185607e0f7782f84b42fc8d6f23d39d9f3ba2d6cdc4db7ab9d2503fc056812efa844ed079f51b2d2e34bb996d842c397251c7b33ff7a138462db9d1d3623f0c89b60de7083efbc64c01ce929313f853dec449eff5232be7ba3bd7ca76ea9cf889c7118926143cf0a807446254b0436dd6b821d24aed21f8d10b83730ef07ee4b4e55e84363fc81e9c4c1ce72d3139581518046b126873be8d6d1eea4f8085a6c2e1e53933dbf0a7bb5087ebc404b5e15b8edeafdd377f3d594b5f9f0039321d8aa0f6a291c00b1867b515291f9cc7f8d46339a92e59a240d2a7b72cce215e16a8493f12d7c109e2690ae1974b3a1d9ff3c42399a678e3cd384aebf9799b025210893f012c7ae45fee18704911cba525246ee3e961b115535d526ce27df5845ae36025c20db2aca5091336b908ca83be450e7712f8ac3aaf48125383d2361d3439833b44086db8bd53fbecf61b89b33d67a23e69f78beeef2e9f10e77f7a81965aaff2ff27564b47178fb457d3e4877baae363809d887a6cdc84ab1d4c8c0c27c50dd69a318a45d825918dcd1fa9bcbf5df1427b66812ba45742eb3215f1ff7637c37a12b70f1515a3272197c0aca0eecc6d5474575f4104529b916714bd9c51c2890feda118a0c742a69ea2e83ed2ec93f7861aefe160d885275d907a313e893beccdd2f213f85c1f1477301adc6916caeeb568c6b470bf11a5cc1db32b98c7749eaeeb30fa747744e7190bbf8ebe351a8c02c8f93abb92f5d9fbf878bde2a7617c4b932eb62285c04bd1d0f61a5b8d2ce412b5bfe45e2823c5a73597b3ebeccd82f2ce49893635bbf413c6157158d48873e4408ce76d40b4f51ca0ba2c7204b2c8103de18a842a322b1c700b430820c20d76b0c402d1052967cf74be5503720fe9b3ed75a8a598a1981e18a178c57e899cb11691e2b29c05ef63612f5eb646756be84aaa624767a625d58e460e55de3a81a36f45d2e6cf518ae198726da52ab5dde67a88844ff91ba70de627581b6319f46b4adad31171c2c619ada3571387d1f28bbc4aa7f00d14921e7ac1b38953913047e04b65c275c93e0eb6b0a0733c08a017e944b75c3c0fa9818022790cf456434e8c22a027ddb2a4862944e19c38d6013ea498f45313581b030b9530a6b70a9b2569ecd0f6f52d8778aff25430f3c66bf6fa86b9c6c733055ce26fa543efb0e12c99372d567e70a7ed8d6117d3795dc77510bb61374b69254e2e6c6f51a67396b171fef6edd17c9f0d9a658f9dfb80f7cf846370a7da186020c84f3213588076fcbc89b057fdbaf52bf04ecead0f01c4e0c9844aa01697e2d58eead28c1de8b3d5dfd699417606b70d54f8d794a07e3d80dac5912a0e4f15e2b58cf9d9400e196e840302f12c7dc6c45a72238fe060e08eacc520bb37034083394760167189146de24d765c475fffc4347cc129c1271b530eef508b759ceac5cf53618f4f995d146f4895cbbec7a110a64dbecadf7d5630ffa4c3677a7441576e5817ce30206c2c1e8609ccd84aa5ab8d4cd3b9e293c86e177dd53d161994b7838c6b7afbe27bc4cdaef768e86cff23100df86cc88e6fcc5d83bba4ab6599a39d1c1f5cee0560907e5b67043d25552db6ec5f06b322bf29d038117cae2d5e6003a4c10cbaefa3bd8f78c198dbafbf95c87c3b2ed0eb73453635cfe603f1debb3161a7932572e6056da0e19b551bb4838fbb6ce73ee608f1b76a5ab373912337189800f866adf4ee44dda6a653761e8aa11a807bd929b206d42cb8ab92b49bef65c347a2198d2207208f87bcb11676b1b2980da69bdd716f184484edf27d357e1a32d29f6442da8aa8e1d61fecf07e83383cf88c351d8fd7acf3888ee755d587380e5921d4d3e8911bd2b6452a409deefac57baf9022ac1866c67616e16a69207d30c6275b12eba8b98d405af644184b78240f9773abfa6519850b337891fe8f45891afcb31bdcebfefdbb89574febc2e87eb84822ff34052972ae8a6c482860b2f79306114e581916a12f16aa25960e6257d5b4d316e69e34394f88cbd10ca2056dc01aefc2080c8c639c4e66abdf6c1c594520f0fcf806c0dee82cf47a59d2ffff0d135ad5977ae0be482c30129ebdac98360c896e7d8951b58580beb396d6d9d32dd90c50167e909474b65687d08c3e246046a3de6deb8b7b2f9e54a3fbf59c95241b8f5fa34135a1960ae4b97a8a76f1d7730d91c3a5404a0bd46ef2e334003216488a5e7c03eaaff4a4fcbe2a20096b9e4982c56285563c8dfd587ad3d7365aebed28b4809e55dd12cd66d13e9d9d3e6a974e6675ea981a08b5f7e109e7aed9b34f20d0c069adaf50c9fb19b2a4cd0453fa6a094ccc80c265360da8974a1af04ce8789f1b528b333f76d501e3a5ad86b175a9d9bc7f96fbde45203eed298acdd2d1a75eeba43d3ba237f5caf41cb00dda88a94f9e5590380837a3f05f7c882ba62326518d666237e31542599800cf4ef5c04619ff67b3023af6598e8292626da4f0ec2d1bfcf2135e51207e595f5305020eb47fa55ca4507a88a8354311fdd5b795c999e3db8c7d0674aa09278bb1097c530188416abb8055199c17f0932277ea3e20f2801872f6e06f4a7d7d844e80bdff624c655020935b8769989d8fe3411da7d6b4dc8314dde94f13df3c866f340187ca9a13a8e2eabb153a9c5f58d06fdddeda18e11ecc6e29e5b676644214a765f86ca0b86d6d362e382fc0a0faa3262638de42aa589f37079f76ab97921f869fdd0b24a77219014a20e13e2250e663be0c98958275fcd746d489387a654d8a55567d91c3f539486f2ad9f44a4995cafa9da4762b8d535bc16f878fb337fb3073d9126a66b6d900b24f5d7aba5b085255070e9e330618e228d52bef8cf4fa38228817c2bb503641ac2a223d105ecd232fe1c0cc8c21c0409ed13487915f6b32f6b882c1a0a4ba64aa0afef3ec277abe1cd73899033218f3bc953c3ac5ad3b587473acae7bd1ddf877af22e15457677c69ba4f88baf5f4a559b21f4a24dba45397c186449067fe347c4de30fc4c92b835f90d76deb494a78e5afceb526d65aa7e2db70adce3168d84298e899ba74842aefe056e8a4931d51eb2af649f0aa66316fb8fe30d7f0952d34501a5a72ddfcfb73c8819bb30d5f3bcea1022fdbcf9f40fafc631e702a80058d4eb59310193f00d986373e0b61a48a026a348c99075de9c564a6f132bc4fc881cf181ed9de284828ec682dbce1ea18879751412057e1b9d80ee0cb0dc9f1f7274904090917b2dd19c9d70376f88be87991e52649d06ca7bbc9315f122c69d87832d18404198b11562d1a103802ec9d89ec549704ab76708e62e12800c63453ea1613becd381ad0596090b8ab7df52c49a82d7c40b76c797b2e39f4e56f566f2df1e7625c12a16be9615b7a102cd504b916471a8b85d2a7e6511918d8a6d9af9281c7cf48494e34e613ddf0c6312849379d16662df8f5321a523cbc48d53668e944c383c9e3fb73e9466ddab3ecde8e6c482f46e0e201fe733e62a544a5e81a41094d5188ac2f6d1fd515443d4c98b9fb43b529e534b0a4f93636efab68a7c2b2223ae5773c2d741293b74159d1f34768086aafb0e964b82534011fafd5f3244978c573a206cb9fb6709473310a9148cbb0818e7e56a21833876b9b08a030eb0343862f7fdf9b5745503f5cec75782b37ffc294bc0f59feea788770c701139eecd7671ef21cfdcb879cf1143e19a85d291605a0a3c7603d6861235c08d1cf91567bd53ddb1dea8c6b4beab626a5afe530527988b1c755a8247c230c2eca917f0fb81a2331f633ff7f2eea2c5af19a9634cebc9d6c73a1c2a882b259d29439afe86a8e6abd95756efc69eaf7a23d7a801b089ee85f7e3793357f8afe32a2215acc5f57f4100c75618f5aac5dee8f1eddca1fce6427d35412489082d3859624db42d3dd6f9e795fa095401edb82b8ca82fdb86c2b9fdd7d9d2d10d48f41eeff27a77252ed8dade4d880b6dfc41d0f01c1d54ba8a1333157b69c298f04adb1002e878153a1a7bd577bae6ab5670cad2a435547d02f36cdc960bbfc4162092c4df9ea501eac62e44772eb52a63452a129ab263e188766d3c6d5ca78580eee3000cfa63d1f0ec866a48a073f649a4494ca39333ba22f0e47c596459caafcd2808e282811d68d924cd8bbc53e8c5b0f0b681b6b644f2ecea876c2526046eaf29f4584ac587d89c57753fb23494b5dd7c7c0734805e6df221a0ef08d265ec066f89c9871f26aeafb00ea20f490e99b1b17a6da610379e389e2a46bb2a86374f4c83ea15f81df16ad76183a3616814914addf6c78593a0b6893bb79f2c20c57b0b921a3d7b14c361f9b5156d38aeb887c206d6b7fd6c933cf8f9c6816e35c146a052952cb12ad315d62ae679ba17dbc51366b0b624cab38d6685250b1d54a50dfa47fec65803d575b5441dc04634dab43fc73a5f254ffcf95d7ac6ca6ec72561a55d57323fbb1ba8e22638d465eeb99098f88dc7037bb9d656a8ed80172da6d3a858fcd8cc96b21fea99f1af684f987725abbb627faa6928cfc4bc3245caf536c12aa54e2c273313bcc73fe5f538485049afc7e9aa209214135b4bc5c569"}) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xb, 0x7}, 0x15182, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xb) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r2, r1, 0x0, 0xfffffdef) 14:06:23 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x1030c2, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x11, r0, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000140), 0x0, &(0x7f0000000000)) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, 0xffffffffffffffff, &(0x7f0000000240)={0xc0000008}) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xb) r2 = socket$inet6_udp(0xa, 0x2, 0x0) r3 = dup(r2) connect$inet6(r3, &(0x7f00000000c0)={0xa, 0x0, 0x0, @local, 0x2}, 0x1c) setsockopt$inet6_opts(r3, 0x29, 0x3b, &(0x7f00000001c0)=ANY=[], 0x8) sendmmsg$inet6(r3, &(0x7f0000002880), 0x4000101, 0x0) getsockname$packet(r3, &(0x7f0000003ac0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000003b00)=0x14) ioctl$FICLONERANGE(0xffffffffffffffff, 0x4020940d, &(0x7f00000001c0)={{}, 0x9, 0x100000000, 0x100000001}) io_uring_register$IORING_REGISTER_BUFFERS(0xffffffffffffffff, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)=""/85, 0x55}], 0x1) 14:06:23 executing program 2: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) stat(&(0x7f0000000240)='./file0\x00', &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0}) setresuid(0x0, r0, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_inet_SIOCSIFADDR(r1, 0x890b, &(0x7f0000000880)={'wg1\x00'}) 14:06:23 executing program 0: add_key(&(0x7f0000000000)='cifs.spnego\x00', &(0x7f0000000040)={'syz', 0x2}, &(0x7f0000000080), 0x0, 0xfffffffffffffffe) request_key(&(0x7f0000008f80)='asymmetric\x00', &(0x7f0000008fc0)={'syz', 0x1}, &(0x7f0000009000)='trusted\x00', 0x0) 14:06:23 executing program 4: syz_mount_image$vfat(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) pwritev(r0, &(0x7f0000000140)=[{&(0x7f0000000000)='%', 0x1}], 0x1, 0x10000, 0x0) ioctl$SNDRV_SEQ_IOCTL_RUNNING_MODE(r0, 0xc0105303, &(0x7f0000000180)={0xfc, 0xd0, 0x9}) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) chdir(&(0x7f0000000040)='./file1\x00') r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) ioctl$FS_IOC_MEASURE_VERITY(0xffffffffffffffff, 0xc0046686, &(0x7f0000000300)={0x0, 0x1000, "37ada02d80227aa759a856f48dedb86ef0f2ab3112244bb09c04179ab2064f7400864c93b1b5d0934ed773b9af1382dfd18c18d0f494e2b43c2d6efd4a58689f6bf01e0209c14fc48e9603befab7b68dc603e8df556d5f6276aaa6298a20c13f58d18f65af9bbf7a3e44cd1c0983ebfcf7a7e29f42bcc91b77ea9338f31d95129137aefc88fa34b91d9e64b007e3078aceab2158db7bf0142db13250d530f77bb1f01281bbf40cc50bfc29c89785a2dbbdfa85aaae1a5deafb693a53e2a9a75c2174bd217d064626877a568810d43c9666a2e4c2a503bcc89c1d6db656b0487d74200870565871b72648b6f942a400af6b6319dbc159f0f941991b7205a47d667b15db59c76dd7606cac7f4dfacc9ab41f2267d608c118f41e8dd779d1141288261dd7594aaab12296b502585ec040ec98f10775a218314cffb0d99e320c261b69b696dfbfeb3850ed532f3899203d11a644f1c40b4c9de20bd77b36e25bbbd15c62b3ad817512b9acefb7ea02784b5e8267356c152b7cf2ac8feb340b8700797989b2940f2d7a23ccb0b9b58af02d89a010ce4fa04f27fd7e95db7d7e042297bf8777e3e371836130a26f67f3d2c14a84cbd70fd5141aa6cfc61374a3e4ecd4a7a42406d1225311c0bbd8f62dab74b3ef4d25b145bb221ad3cae5fdf4d783870a2edc1dad6cb659b70ee8078b7f107e1043c1d5e78f3b19dd0650719e5f086507755c0ea1f36f4e7c98e596468d90a2d3d2613e2d4282245942af42ec848c899080000d97c452db11c2bb5bf3c39b640fe5b18786c1083bfe368531f18dcd76dadf6c13eb53761182b2fd57880196dacdea259ac7f0462663febec93d8da374be467272e685f4f68b62cb08239ac9abc40794c5d2cd25aebec48a69f152ed4be4cefbe621e5becaca1f499b478d66d1069259a728f2e1b7513bad040df38f987abe12d711f014b6948154d5343592e99ba867cd5143d4f90cd6ccfa87b412191b143086aa948e59eb9de31df88fe0e37b8a4366c29b3dcbfb53f4cb13c2be05ea9d4aaeac797540b9387aece1fb6151322b87b8999e81e40bea5fbe3882fac16f23c57dcaf454461606cfe8f6413ac6608d1f0b29fedd6ab7b7ecc83fedeab21690f4de447368099fb0cabf16281af22b7543a610548deff97f79110c3c410f85185607e0f7782f84b42fc8d6f23d39d9f3ba2d6cdc4db7ab9d2503fc056812efa844ed079f51b2d2e34bb996d842c397251c7b33ff7a138462db9d1d3623f0c89b60de7083efbc64c01ce929313f853dec449eff5232be7ba3bd7ca76ea9cf889c7118926143cf0a807446254b0436dd6b821d24aed21f8d10b83730ef07ee4b4e55e84363fc81e9c4c1ce72d3139581518046b126873be8d6d1eea4f8085a6c2e1e53933dbf0a7bb5087ebc404b5e15b8edeafdd377f3d594b5f9f0039321d8aa0f6a291c00b1867b515291f9cc7f8d46339a92e59a240d2a7b72cce215e16a8493f12d7c109e2690ae1974b3a1d9ff3c42399a678e3cd384aebf9799b025210893f012c7ae45fee18704911cba525246ee3e961b115535d526ce27df5845ae36025c20db2aca5091336b908ca83be450e7712f8ac3aaf48125383d2361d3439833b44086db8bd53fbecf61b89b33d67a23e69f78beeef2e9f10e77f7a81965aaff2ff27564b47178fb457d3e4877baae363809d887a6cdc84ab1d4c8c0c27c50dd69a318a45d825918dcd1fa9bcbf5df1427b66812ba45742eb3215f1ff7637c37a12b70f1515a3272197c0aca0eecc6d5474575f4104529b916714bd9c51c2890feda118a0c742a69ea2e83ed2ec93f7861aefe160d885275d907a313e893beccdd2f213f85c1f1477301adc6916caeeb568c6b470bf11a5cc1db32b98c7749eaeeb30fa747744e7190bbf8ebe351a8c02c8f93abb92f5d9fbf878bde2a7617c4b932eb62285c04bd1d0f61a5b8d2ce412b5bfe45e2823c5a73597b3ebeccd82f2ce49893635bbf413c6157158d48873e4408ce76d40b4f51ca0ba2c7204b2c8103de18a842a322b1c700b430820c20d76b0c402d1052967cf74be5503720fe9b3ed75a8a598a1981e18a178c57e899cb11691e2b29c05ef63612f5eb646756be84aaa624767a625d58e460e55de3a81a36f45d2e6cf518ae198726da52ab5dde67a88844ff91ba70de627581b6319f46b4adad31171c2c619ada3571387d1f28bbc4aa7f00d14921e7ac1b38953913047e04b65c275c93e0eb6b0a0733c08a017e944b75c3c0fa9818022790cf456434e8c22a027ddb2a4862944e19c38d6013ea498f45313581b030b9530a6b70a9b2569ecd0f6f52d8778aff25430f3c66bf6fa86b9c6c733055ce26fa543efb0e12c99372d567e70a7ed8d6117d3795dc77510bb61374b69254e2e6c6f51a67396b171fef6edd17c9f0d9a658f9dfb80f7cf846370a7da186020c84f3213588076fcbc89b057fdbaf52bf04ecead0f01c4e0c9844aa01697e2d58eead28c1de8b3d5dfd699417606b70d54f8d794a07e3d80dac5912a0e4f15e2b58cf9d9400e196e840302f12c7dc6c45a72238fe060e08eacc520bb37034083394760167189146de24d765c475fffc4347cc129c1271b530eef508b759ceac5cf53618f4f995d146f4895cbbec7a110a64dbecadf7d5630ffa4c3677a7441576e5817ce30206c2c1e8609ccd84aa5ab8d4cd3b9e293c86e177dd53d161994b7838c6b7afbe27bc4cdaef768e86cff23100df86cc88e6fcc5d83bba4ab6599a39d1c1f5cee0560907e5b67043d25552db6ec5f06b322bf29d038117cae2d5e6003a4c10cbaefa3bd8f78c198dbafbf95c87c3b2ed0eb73453635cfe603f1debb3161a7932572e6056da0e19b551bb4838fbb6ce73ee608f1b76a5ab373912337189800f866adf4ee44dda6a653761e8aa11a807bd929b206d42cb8ab92b49bef65c347a2198d2207208f87bcb11676b1b2980da69bdd716f184484edf27d357e1a32d29f6442da8aa8e1d61fecf07e83383cf88c351d8fd7acf3888ee755d587380e5921d4d3e8911bd2b6452a409deefac57baf9022ac1866c67616e16a69207d30c6275b12eba8b98d405af644184b78240f9773abfa6519850b337891fe8f45891afcb31bdcebfefdbb89574febc2e87eb84822ff34052972ae8a6c482860b2f79306114e581916a12f16aa25960e6257d5b4d316e69e34394f88cbd10ca2056dc01aefc2080c8c639c4e66abdf6c1c594520f0fcf806c0dee82cf47a59d2ffff0d135ad5977ae0be482c30129ebdac98360c896e7d8951b58580beb396d6d9d32dd90c50167e909474b65687d08c3e246046a3de6deb8b7b2f9e54a3fbf59c95241b8f5fa34135a1960ae4b97a8a76f1d7730d91c3a5404a0bd46ef2e334003216488a5e7c03eaaff4a4fcbe2a20096b9e4982c56285563c8dfd587ad3d7365aebed28b4809e55dd12cd66d13e9d9d3e6a974e6675ea981a08b5f7e109e7aed9b34f20d0c069adaf50c9fb19b2a4cd0453fa6a094ccc80c265360da8974a1af04ce8789f1b528b333f76d501e3a5ad86b175a9d9bc7f96fbde45203eed298acdd2d1a75eeba43d3ba237f5caf41cb00dda88a94f9e5590380837a3f05f7c882ba62326518d666237e31542599800cf4ef5c04619ff67b3023af6598e8292626da4f0ec2d1bfcf2135e51207e595f5305020eb47fa55ca4507a88a8354311fdd5b795c999e3db8c7d0674aa09278bb1097c530188416abb8055199c17f0932277ea3e20f2801872f6e06f4a7d7d844e80bdff624c655020935b8769989d8fe3411da7d6b4dc8314dde94f13df3c866f340187ca9a13a8e2eabb153a9c5f58d06fdddeda18e11ecc6e29e5b676644214a765f86ca0b86d6d362e382fc0a0faa3262638de42aa589f37079f76ab97921f869fdd0b24a77219014a20e13e2250e663be0c98958275fcd746d489387a654d8a55567d91c3f539486f2ad9f44a4995cafa9da4762b8d535bc16f878fb337fb3073d9126a66b6d900b24f5d7aba5b085255070e9e330618e228d52bef8cf4fa38228817c2bb503641ac2a223d105ecd232fe1c0cc8c21c0409ed13487915f6b32f6b882c1a0a4ba64aa0afef3ec277abe1cd73899033218f3bc953c3ac5ad3b587473acae7bd1ddf877af22e15457677c69ba4f88baf5f4a559b21f4a24dba45397c186449067fe347c4de30fc4c92b835f90d76deb494a78e5afceb526d65aa7e2db70adce3168d84298e899ba74842aefe056e8a4931d51eb2af649f0aa66316fb8fe30d7f0952d34501a5a72ddfcfb73c8819bb30d5f3bcea1022fdbcf9f40fafc631e702a80058d4eb59310193f00d986373e0b61a48a026a348c99075de9c564a6f132bc4fc881cf181ed9de284828ec682dbce1ea18879751412057e1b9d80ee0cb0dc9f1f7274904090917b2dd19c9d70376f88be87991e52649d06ca7bbc9315f122c69d87832d18404198b11562d1a103802ec9d89ec549704ab76708e62e12800c63453ea1613becd381ad0596090b8ab7df52c49a82d7c40b76c797b2e39f4e56f566f2df1e7625c12a16be9615b7a102cd504b916471a8b85d2a7e6511918d8a6d9af9281c7cf48494e34e613ddf0c6312849379d16662df8f5321a523cbc48d53668e944c383c9e3fb73e9466ddab3ecde8e6c482f46e0e201fe733e62a544a5e81a41094d5188ac2f6d1fd515443d4c98b9fb43b529e534b0a4f93636efab68a7c2b2223ae5773c2d741293b74159d1f34768086aafb0e964b82534011fafd5f3244978c573a206cb9fb6709473310a9148cbb0818e7e56a21833876b9b08a030eb0343862f7fdf9b5745503f5cec75782b37ffc294bc0f59feea788770c701139eecd7671ef21cfdcb879cf1143e19a85d291605a0a3c7603d6861235c08d1cf91567bd53ddb1dea8c6b4beab626a5afe530527988b1c755a8247c230c2eca917f0fb81a2331f633ff7f2eea2c5af19a9634cebc9d6c73a1c2a882b259d29439afe86a8e6abd95756efc69eaf7a23d7a801b089ee85f7e3793357f8afe32a2215acc5f57f4100c75618f5aac5dee8f1eddca1fce6427d35412489082d3859624db42d3dd6f9e795fa095401edb82b8ca82fdb86c2b9fdd7d9d2d10d48f41eeff27a77252ed8dade4d880b6dfc41d0f01c1d54ba8a1333157b69c298f04adb1002e878153a1a7bd577bae6ab5670cad2a435547d02f36cdc960bbfc4162092c4df9ea501eac62e44772eb52a63452a129ab263e188766d3c6d5ca78580eee3000cfa63d1f0ec866a48a073f649a4494ca39333ba22f0e47c596459caafcd2808e282811d68d924cd8bbc53e8c5b0f0b681b6b644f2ecea876c2526046eaf29f4584ac587d89c57753fb23494b5dd7c7c0734805e6df221a0ef08d265ec066f89c9871f26aeafb00ea20f490e99b1b17a6da610379e389e2a46bb2a86374f4c83ea15f81df16ad76183a3616814914addf6c78593a0b6893bb79f2c20c57b0b921a3d7b14c361f9b5156d38aeb887c206d6b7fd6c933cf8f9c6816e35c146a052952cb12ad315d62ae679ba17dbc51366b0b624cab38d6685250b1d54a50dfa47fec65803d575b5441dc04634dab43fc73a5f254ffcf95d7ac6ca6ec72561a55d57323fbb1ba8e22638d465eeb99098f88dc7037bb9d656a8ed80172da6d3a858fcd8cc96b21fea99f1af684f987725abbb627faa6928cfc4bc3245caf536c12aa54e2c273313bcc73fe5f538485049afc7e9aa209214135b4bc5c569"}) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xb, 0x7}, 0x15182, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xb) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r2, r1, 0x0, 0xfffffdef) 14:06:23 executing program 5: r0 = syz_open_procfs$namespace(0x0, &(0x7f0000000880)='ns/mnt\x00') setns(r0, 0x0) 14:06:23 executing program 7: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x1030c2, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x11, r0, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000140), 0x0, &(0x7f0000000000)) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, 0xffffffffffffffff, &(0x7f0000000240)={0xc0000008}) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xb) r2 = socket$inet6_udp(0xa, 0x2, 0x0) r3 = dup(r2) connect$inet6(r3, &(0x7f00000000c0)={0xa, 0x0, 0x0, @local, 0x2}, 0x1c) setsockopt$inet6_opts(r3, 0x29, 0x3b, &(0x7f00000001c0)=ANY=[], 0x8) sendmmsg$inet6(r3, &(0x7f0000002880), 0x4000101, 0x0) getsockname$packet(r3, &(0x7f0000003ac0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000003b00)=0x14) ioctl$FICLONERANGE(0xffffffffffffffff, 0x4020940d, &(0x7f00000001c0)={{}, 0x9, 0x100000000, 0x100000001}) io_uring_register$IORING_REGISTER_BUFFERS(0xffffffffffffffff, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)=""/85, 0x55}], 0x1) 14:06:23 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x1030c2, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x11, r0, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000140), 0x0, &(0x7f0000000000)) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, 0xffffffffffffffff, &(0x7f0000000240)={0xc0000008}) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xb) r2 = socket$inet6_udp(0xa, 0x2, 0x0) r3 = dup(r2) connect$inet6(r3, &(0x7f00000000c0)={0xa, 0x0, 0x0, @local, 0x2}, 0x1c) setsockopt$inet6_opts(r3, 0x29, 0x3b, &(0x7f00000001c0)=ANY=[], 0x8) sendmmsg$inet6(r3, &(0x7f0000002880), 0x4000101, 0x0) getsockname$packet(r3, &(0x7f0000003ac0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000003b00)=0x14) ioctl$FICLONERANGE(0xffffffffffffffff, 0x4020940d, &(0x7f00000001c0)={{}, 0x9, 0x100000000, 0x100000001}) io_uring_register$IORING_REGISTER_BUFFERS(0xffffffffffffffff, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)=""/85, 0x55}], 0x1) 14:06:23 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_RINGS_SET(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000001c0)={0x14, r1, 0x1, 0x0, 0x0, {0x3}}, 0x14}}, 0x0) 14:06:24 executing program 5: r0 = syz_open_procfs$namespace(0x0, &(0x7f0000000880)='ns/mnt\x00') setns(r0, 0x0) 14:06:24 executing program 0: r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$sock_timeval(r0, 0x1, 0x24, &(0x7f0000000000)={0x77359400}, 0x10) 14:06:24 executing program 4: syz_mount_image$vfat(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) pwritev(r0, &(0x7f0000000140)=[{&(0x7f0000000000)='%', 0x1}], 0x1, 0x10000, 0x0) ioctl$SNDRV_SEQ_IOCTL_RUNNING_MODE(r0, 0xc0105303, &(0x7f0000000180)={0xfc, 0xd0, 0x9}) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) chdir(&(0x7f0000000040)='./file1\x00') r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) ioctl$FS_IOC_MEASURE_VERITY(0xffffffffffffffff, 0xc0046686, &(0x7f0000000300)={0x0, 0x1000, "37ada02d80227aa759a856f48dedb86ef0f2ab3112244bb09c04179ab2064f7400864c93b1b5d0934ed773b9af1382dfd18c18d0f494e2b43c2d6efd4a58689f6bf01e0209c14fc48e9603befab7b68dc603e8df556d5f6276aaa6298a20c13f58d18f65af9bbf7a3e44cd1c0983ebfcf7a7e29f42bcc91b77ea9338f31d95129137aefc88fa34b91d9e64b007e3078aceab2158db7bf0142db13250d530f77bb1f01281bbf40cc50bfc29c89785a2dbbdfa85aaae1a5deafb693a53e2a9a75c2174bd217d064626877a568810d43c9666a2e4c2a503bcc89c1d6db656b0487d74200870565871b72648b6f942a400af6b6319dbc159f0f941991b7205a47d667b15db59c76dd7606cac7f4dfacc9ab41f2267d608c118f41e8dd779d1141288261dd7594aaab12296b502585ec040ec98f10775a218314cffb0d99e320c261b69b696dfbfeb3850ed532f3899203d11a644f1c40b4c9de20bd77b36e25bbbd15c62b3ad817512b9acefb7ea02784b5e8267356c152b7cf2ac8feb340b8700797989b2940f2d7a23ccb0b9b58af02d89a010ce4fa04f27fd7e95db7d7e042297bf8777e3e371836130a26f67f3d2c14a84cbd70fd5141aa6cfc61374a3e4ecd4a7a42406d1225311c0bbd8f62dab74b3ef4d25b145bb221ad3cae5fdf4d783870a2edc1dad6cb659b70ee8078b7f107e1043c1d5e78f3b19dd0650719e5f086507755c0ea1f36f4e7c98e596468d90a2d3d2613e2d4282245942af42ec848c899080000d97c452db11c2bb5bf3c39b640fe5b18786c1083bfe368531f18dcd76dadf6c13eb53761182b2fd57880196dacdea259ac7f0462663febec93d8da374be467272e685f4f68b62cb08239ac9abc40794c5d2cd25aebec48a69f152ed4be4cefbe621e5becaca1f499b478d66d1069259a728f2e1b7513bad040df38f987abe12d711f014b6948154d5343592e99ba867cd5143d4f90cd6ccfa87b412191b143086aa948e59eb9de31df88fe0e37b8a4366c29b3dcbfb53f4cb13c2be05ea9d4aaeac797540b9387aece1fb6151322b87b8999e81e40bea5fbe3882fac16f23c57dcaf454461606cfe8f6413ac6608d1f0b29fedd6ab7b7ecc83fedeab21690f4de447368099fb0cabf16281af22b7543a610548deff97f79110c3c410f85185607e0f7782f84b42fc8d6f23d39d9f3ba2d6cdc4db7ab9d2503fc056812efa844ed079f51b2d2e34bb996d842c397251c7b33ff7a138462db9d1d3623f0c89b60de7083efbc64c01ce929313f853dec449eff5232be7ba3bd7ca76ea9cf889c7118926143cf0a807446254b0436dd6b821d24aed21f8d10b83730ef07ee4b4e55e84363fc81e9c4c1ce72d3139581518046b126873be8d6d1eea4f8085a6c2e1e53933dbf0a7bb5087ebc404b5e15b8edeafdd377f3d594b5f9f0039321d8aa0f6a291c00b1867b515291f9cc7f8d46339a92e59a240d2a7b72cce215e16a8493f12d7c109e2690ae1974b3a1d9ff3c42399a678e3cd384aebf9799b025210893f012c7ae45fee18704911cba525246ee3e961b115535d526ce27df5845ae36025c20db2aca5091336b908ca83be450e7712f8ac3aaf48125383d2361d3439833b44086db8bd53fbecf61b89b33d67a23e69f78beeef2e9f10e77f7a81965aaff2ff27564b47178fb457d3e4877baae363809d887a6cdc84ab1d4c8c0c27c50dd69a318a45d825918dcd1fa9bcbf5df1427b66812ba45742eb3215f1ff7637c37a12b70f1515a3272197c0aca0eecc6d5474575f4104529b916714bd9c51c2890feda118a0c742a69ea2e83ed2ec93f7861aefe160d885275d907a313e893beccdd2f213f85c1f1477301adc6916caeeb568c6b470bf11a5cc1db32b98c7749eaeeb30fa747744e7190bbf8ebe351a8c02c8f93abb92f5d9fbf878bde2a7617c4b932eb62285c04bd1d0f61a5b8d2ce412b5bfe45e2823c5a73597b3ebeccd82f2ce49893635bbf413c6157158d48873e4408ce76d40b4f51ca0ba2c7204b2c8103de18a842a322b1c700b430820c20d76b0c402d1052967cf74be5503720fe9b3ed75a8a598a1981e18a178c57e899cb11691e2b29c05ef63612f5eb646756be84aaa624767a625d58e460e55de3a81a36f45d2e6cf518ae198726da52ab5dde67a88844ff91ba70de627581b6319f46b4adad31171c2c619ada3571387d1f28bbc4aa7f00d14921e7ac1b38953913047e04b65c275c93e0eb6b0a0733c08a017e944b75c3c0fa9818022790cf456434e8c22a027ddb2a4862944e19c38d6013ea498f45313581b030b9530a6b70a9b2569ecd0f6f52d8778aff25430f3c66bf6fa86b9c6c733055ce26fa543efb0e12c99372d567e70a7ed8d6117d3795dc77510bb61374b69254e2e6c6f51a67396b171fef6edd17c9f0d9a658f9dfb80f7cf846370a7da186020c84f3213588076fcbc89b057fdbaf52bf04ecead0f01c4e0c9844aa01697e2d58eead28c1de8b3d5dfd699417606b70d54f8d794a07e3d80dac5912a0e4f15e2b58cf9d9400e196e840302f12c7dc6c45a72238fe060e08eacc520bb37034083394760167189146de24d765c475fffc4347cc129c1271b530eef508b759ceac5cf53618f4f995d146f4895cbbec7a110a64dbecadf7d5630ffa4c3677a7441576e5817ce30206c2c1e8609ccd84aa5ab8d4cd3b9e293c86e177dd53d161994b7838c6b7afbe27bc4cdaef768e86cff23100df86cc88e6fcc5d83bba4ab6599a39d1c1f5cee0560907e5b67043d25552db6ec5f06b322bf29d038117cae2d5e6003a4c10cbaefa3bd8f78c198dbafbf95c87c3b2ed0eb73453635cfe603f1debb3161a7932572e6056da0e19b551bb4838fbb6ce73ee608f1b76a5ab373912337189800f866adf4ee44dda6a653761e8aa11a807bd929b206d42cb8ab92b49bef65c347a2198d2207208f87bcb11676b1b2980da69bdd716f184484edf27d357e1a32d29f6442da8aa8e1d61fecf07e83383cf88c351d8fd7acf3888ee755d587380e5921d4d3e8911bd2b6452a409deefac57baf9022ac1866c67616e16a69207d30c6275b12eba8b98d405af644184b78240f9773abfa6519850b337891fe8f45891afcb31bdcebfefdbb89574febc2e87eb84822ff34052972ae8a6c482860b2f79306114e581916a12f16aa25960e6257d5b4d316e69e34394f88cbd10ca2056dc01aefc2080c8c639c4e66abdf6c1c594520f0fcf806c0dee82cf47a59d2ffff0d135ad5977ae0be482c30129ebdac98360c896e7d8951b58580beb396d6d9d32dd90c50167e909474b65687d08c3e246046a3de6deb8b7b2f9e54a3fbf59c95241b8f5fa34135a1960ae4b97a8a76f1d7730d91c3a5404a0bd46ef2e334003216488a5e7c03eaaff4a4fcbe2a20096b9e4982c56285563c8dfd587ad3d7365aebed28b4809e55dd12cd66d13e9d9d3e6a974e6675ea981a08b5f7e109e7aed9b34f20d0c069adaf50c9fb19b2a4cd0453fa6a094ccc80c265360da8974a1af04ce8789f1b528b333f76d501e3a5ad86b175a9d9bc7f96fbde45203eed298acdd2d1a75eeba43d3ba237f5caf41cb00dda88a94f9e5590380837a3f05f7c882ba62326518d666237e31542599800cf4ef5c04619ff67b3023af6598e8292626da4f0ec2d1bfcf2135e51207e595f5305020eb47fa55ca4507a88a8354311fdd5b795c999e3db8c7d0674aa09278bb1097c530188416abb8055199c17f0932277ea3e20f2801872f6e06f4a7d7d844e80bdff624c655020935b8769989d8fe3411da7d6b4dc8314dde94f13df3c866f340187ca9a13a8e2eabb153a9c5f58d06fdddeda18e11ecc6e29e5b676644214a765f86ca0b86d6d362e382fc0a0faa3262638de42aa589f37079f76ab97921f869fdd0b24a77219014a20e13e2250e663be0c98958275fcd746d489387a654d8a55567d91c3f539486f2ad9f44a4995cafa9da4762b8d535bc16f878fb337fb3073d9126a66b6d900b24f5d7aba5b085255070e9e330618e228d52bef8cf4fa38228817c2bb503641ac2a223d105ecd232fe1c0cc8c21c0409ed13487915f6b32f6b882c1a0a4ba64aa0afef3ec277abe1cd73899033218f3bc953c3ac5ad3b587473acae7bd1ddf877af22e15457677c69ba4f88baf5f4a559b21f4a24dba45397c186449067fe347c4de30fc4c92b835f90d76deb494a78e5afceb526d65aa7e2db70adce3168d84298e899ba74842aefe056e8a4931d51eb2af649f0aa66316fb8fe30d7f0952d34501a5a72ddfcfb73c8819bb30d5f3bcea1022fdbcf9f40fafc631e702a80058d4eb59310193f00d986373e0b61a48a026a348c99075de9c564a6f132bc4fc881cf181ed9de284828ec682dbce1ea18879751412057e1b9d80ee0cb0dc9f1f7274904090917b2dd19c9d70376f88be87991e52649d06ca7bbc9315f122c69d87832d18404198b11562d1a103802ec9d89ec549704ab76708e62e12800c63453ea1613becd381ad0596090b8ab7df52c49a82d7c40b76c797b2e39f4e56f566f2df1e7625c12a16be9615b7a102cd504b916471a8b85d2a7e6511918d8a6d9af9281c7cf48494e34e613ddf0c6312849379d16662df8f5321a523cbc48d53668e944c383c9e3fb73e9466ddab3ecde8e6c482f46e0e201fe733e62a544a5e81a41094d5188ac2f6d1fd515443d4c98b9fb43b529e534b0a4f93636efab68a7c2b2223ae5773c2d741293b74159d1f34768086aafb0e964b82534011fafd5f3244978c573a206cb9fb6709473310a9148cbb0818e7e56a21833876b9b08a030eb0343862f7fdf9b5745503f5cec75782b37ffc294bc0f59feea788770c701139eecd7671ef21cfdcb879cf1143e19a85d291605a0a3c7603d6861235c08d1cf91567bd53ddb1dea8c6b4beab626a5afe530527988b1c755a8247c230c2eca917f0fb81a2331f633ff7f2eea2c5af19a9634cebc9d6c73a1c2a882b259d29439afe86a8e6abd95756efc69eaf7a23d7a801b089ee85f7e3793357f8afe32a2215acc5f57f4100c75618f5aac5dee8f1eddca1fce6427d35412489082d3859624db42d3dd6f9e795fa095401edb82b8ca82fdb86c2b9fdd7d9d2d10d48f41eeff27a77252ed8dade4d880b6dfc41d0f01c1d54ba8a1333157b69c298f04adb1002e878153a1a7bd577bae6ab5670cad2a435547d02f36cdc960bbfc4162092c4df9ea501eac62e44772eb52a63452a129ab263e188766d3c6d5ca78580eee3000cfa63d1f0ec866a48a073f649a4494ca39333ba22f0e47c596459caafcd2808e282811d68d924cd8bbc53e8c5b0f0b681b6b644f2ecea876c2526046eaf29f4584ac587d89c57753fb23494b5dd7c7c0734805e6df221a0ef08d265ec066f89c9871f26aeafb00ea20f490e99b1b17a6da610379e389e2a46bb2a86374f4c83ea15f81df16ad76183a3616814914addf6c78593a0b6893bb79f2c20c57b0b921a3d7b14c361f9b5156d38aeb887c206d6b7fd6c933cf8f9c6816e35c146a052952cb12ad315d62ae679ba17dbc51366b0b624cab38d6685250b1d54a50dfa47fec65803d575b5441dc04634dab43fc73a5f254ffcf95d7ac6ca6ec72561a55d57323fbb1ba8e22638d465eeb99098f88dc7037bb9d656a8ed80172da6d3a858fcd8cc96b21fea99f1af684f987725abbb627faa6928cfc4bc3245caf536c12aa54e2c273313bcc73fe5f538485049afc7e9aa209214135b4bc5c569"}) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xb, 0x7}, 0x15182, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xb) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r2, r1, 0x0, 0xfffffdef) 14:06:24 executing program 5: r0 = syz_open_procfs$namespace(0x0, &(0x7f0000000880)='ns/mnt\x00') setns(r0, 0x0) 14:06:24 executing program 2: r0 = socket$packet(0x11, 0x3, 0x300) getpeername(r0, 0x0, 0x0) 14:06:24 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_RINGS_SET(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000001c0)={0x14, r1, 0x1, 0x0, 0x0, {0x3}}, 0x14}}, 0x0) 14:06:24 executing program 5: r0 = syz_open_procfs$namespace(0x0, &(0x7f0000000880)='ns/mnt\x00') setns(r0, 0x0) 14:06:24 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x1030c2, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x11, r0, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000140), 0x0, &(0x7f0000000000)) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, 0xffffffffffffffff, &(0x7f0000000240)={0xc0000008}) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xb) r2 = socket$inet6_udp(0xa, 0x2, 0x0) r3 = dup(r2) connect$inet6(r3, &(0x7f00000000c0)={0xa, 0x0, 0x0, @local, 0x2}, 0x1c) setsockopt$inet6_opts(r3, 0x29, 0x3b, &(0x7f00000001c0)=ANY=[], 0x8) sendmmsg$inet6(r3, &(0x7f0000002880), 0x4000101, 0x0) getsockname$packet(r3, &(0x7f0000003ac0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000003b00)=0x14) ioctl$FICLONERANGE(0xffffffffffffffff, 0x4020940d, &(0x7f00000001c0)={{}, 0x9, 0x100000000, 0x100000001}) io_uring_register$IORING_REGISTER_BUFFERS(0xffffffffffffffff, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)=""/85, 0x55}], 0x1) 14:06:24 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x1030c2, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x11, r0, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000140), 0x0, &(0x7f0000000000)) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, 0xffffffffffffffff, &(0x7f0000000240)={0xc0000008}) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xb) r2 = socket$inet6_udp(0xa, 0x2, 0x0) r3 = dup(r2) connect$inet6(r3, &(0x7f00000000c0)={0xa, 0x0, 0x0, @local, 0x2}, 0x1c) setsockopt$inet6_opts(r3, 0x29, 0x3b, &(0x7f00000001c0)=ANY=[], 0x8) sendmmsg$inet6(r3, &(0x7f0000002880), 0x4000101, 0x0) getsockname$packet(r3, &(0x7f0000003ac0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000003b00)=0x14) ioctl$FICLONERANGE(0xffffffffffffffff, 0x4020940d, &(0x7f00000001c0)={{}, 0x9, 0x100000000, 0x100000001}) io_uring_register$IORING_REGISTER_BUFFERS(0xffffffffffffffff, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)=""/85, 0x55}], 0x1) 14:06:24 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x1030c2, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x11, r0, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000140), 0x0, &(0x7f0000000000)) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, 0xffffffffffffffff, &(0x7f0000000240)={0xc0000008}) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xb) r2 = socket$inet6_udp(0xa, 0x2, 0x0) r3 = dup(r2) connect$inet6(r3, &(0x7f00000000c0)={0xa, 0x0, 0x0, @local, 0x2}, 0x1c) setsockopt$inet6_opts(r3, 0x29, 0x3b, &(0x7f00000001c0)=ANY=[], 0x8) sendmmsg$inet6(r3, &(0x7f0000002880), 0x4000101, 0x0) getsockname$packet(r3, &(0x7f0000003ac0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000003b00)=0x14) ioctl$FICLONERANGE(0xffffffffffffffff, 0x4020940d, &(0x7f00000001c0)={{}, 0x9, 0x100000000, 0x100000001}) io_uring_register$IORING_REGISTER_BUFFERS(0xffffffffffffffff, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)=""/85, 0x55}], 0x1) 14:06:24 executing program 4: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f00000000c0)=0x1, 0x4) setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r0, 0x6, 0x14, &(0x7f0000000000), 0x4) 14:06:24 executing program 0: r0 = syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) openat(r0, &(0x7f0000000300)='./file1\x00', 0x200, 0xb1) chdir(&(0x7f0000000140)='./file0\x00') openat(r0, &(0x7f0000000000)='./file0\x00', 0x20c0, 0x141) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) openat(0xffffffffffffffff, &(0x7f00000001c0)='./file0\x00', 0x0, 0xc0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x11, 0xffffffffffffffff, 0xa015000) r2 = perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) r3 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x26e1, 0x0) ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r4, 0xc0189375, &(0x7f0000000340)=ANY=[@ANYBLOB="873b07000000efb1606e00770100"/24, @ANYRES32=r3, @ANYBLOB='Y0\x00``\x00'/18]) fsconfig$FSCONFIG_SET_FD(r4, 0x5, &(0x7f0000000180)=']{\x00', 0x0, r1) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x11, r2, 0xa015000) r5 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x4042, 0x0) fallocate(r5, 0x8, 0x0, 0x8000000) ioctl$AUTOFS_IOC_CATATONIC(r5, 0x9362, 0x0) r6 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r6, &(0x7f0000001180)=ANY=[], 0x220) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r6, r1, 0x0, 0xfffffdef) 14:06:24 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_RINGS_SET(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000001c0)={0x14, r1, 0x1, 0x0, 0x0, {0x3}}, 0x14}}, 0x0) 14:06:24 executing program 2: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) get_robust_list(0x0, 0x0, &(0x7f0000000500)) 14:06:24 executing program 7: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x1030c2, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x11, r0, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000140), 0x0, &(0x7f0000000000)) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, 0xffffffffffffffff, &(0x7f0000000240)={0xc0000008}) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xb) r2 = socket$inet6_udp(0xa, 0x2, 0x0) r3 = dup(r2) connect$inet6(r3, &(0x7f00000000c0)={0xa, 0x0, 0x0, @local, 0x2}, 0x1c) setsockopt$inet6_opts(r3, 0x29, 0x3b, &(0x7f00000001c0)=ANY=[], 0x8) sendmmsg$inet6(r3, &(0x7f0000002880), 0x4000101, 0x0) getsockname$packet(r3, &(0x7f0000003ac0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000003b00)=0x14) ioctl$FICLONERANGE(0xffffffffffffffff, 0x4020940d, &(0x7f00000001c0)={{}, 0x9, 0x100000000, 0x100000001}) io_uring_register$IORING_REGISTER_BUFFERS(0xffffffffffffffff, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)=""/85, 0x55}], 0x1) 14:06:24 executing program 5: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) getsockopt$inet6_tcp_buf(r0, 0x6, 0x17, &(0x7f0000000080)=""/74, &(0x7f0000000100)=0x4a) [ 137.032246] loop0: detected capacity change from 0 to 40 [ 137.055769] hrtimer: interrupt took 18535 ns 14:06:24 executing program 5: r0 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x43, &(0x7f00000001c0)={{{@in=@broadcast, @in=@broadcast}}, {{@in=@initdev={0xac, 0x1e, 0x0, 0x0}}, 0x0, @in=@dev}}, 0xe8) 14:06:24 executing program 2: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$netlink(r0, &(0x7f0000001480)={0x0, 0x0, &(0x7f0000000b40)=[{&(0x7f0000000280)={0x20, 0x5a, 0x1, 0x0, 0x0, "", [@nested={0x10, 0x0, 0x0, 0x1, [@typed={0xc, 0x1, 0x0, 0x0, @u64}]}]}, 0x20}], 0x1}, 0x0) 14:06:24 executing program 4: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f00000000c0)=0x1, 0x4) setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r0, 0x6, 0x14, &(0x7f0000000000), 0x4) 14:06:24 executing program 3: sendmsg$ETHTOOL_MSG_PRIVFLAGS_SET(0xffffffffffffffff, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000680)={&(0x7f0000000000)={0x28, 0x0, 0x0, 0x0, 0x0, {}, [@ETHTOOL_A_PRIVFLAGS_FLAGS={0x8, 0x2, 0x0, 0x1, [@ETHTOOL_A_BITSET_BITS={0x4}]}, @ETHTOOL_A_PRIVFLAGS_HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}]}, 0x28}}, 0x0) r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$netlink(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f000000a940)=[{&(0x7f0000000000)=ANY=[@ANYBLOB="28000000580001"], 0x28}], 0x1}, 0x0) [ 137.194259] netlink: 'syz-executor.2': attribute type 1 has an invalid length. [ 137.224201] netlink: 'syz-executor.3': attribute type 1 has an invalid length. [ 137.265101] netlink: 'syz-executor.3': attribute type 1 has an invalid length. 14:06:24 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_netfilter(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)={0x1c, 0x18, 0x0, 0x101, 0x0, 0x0, {0xa, 0x0, 0x300}, [@typed={0x8, 0x0, 0x0, 0x0, @ipv4=@multicast1}]}, 0x1c}}, 0x0) 14:06:24 executing program 4: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f00000000c0)=0x1, 0x4) setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r0, 0x6, 0x14, &(0x7f0000000000), 0x4) 14:06:24 executing program 3: sendmsg$ETHTOOL_MSG_PRIVFLAGS_SET(0xffffffffffffffff, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000680)={&(0x7f0000000000)={0x28, 0x0, 0x0, 0x0, 0x0, {}, [@ETHTOOL_A_PRIVFLAGS_FLAGS={0x8, 0x2, 0x0, 0x1, [@ETHTOOL_A_BITSET_BITS={0x4}]}, @ETHTOOL_A_PRIVFLAGS_HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}]}, 0x28}}, 0x0) r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$netlink(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f000000a940)=[{&(0x7f0000000000)=ANY=[@ANYBLOB="28000000580001"], 0x28}], 0x1}, 0x0) 14:06:24 executing program 5: r0 = io_uring_setup(0x5766, &(0x7f0000000040)) io_uring_register$IORING_REGISTER_FILES(r0, 0x12, 0x0, 0xfffffeed) [ 137.434128] netlink: 'syz-executor.3': attribute type 1 has an invalid length. [ 137.860204] syz-executor.0: attempt to access beyond end of device [ 137.860204] loop0: rw=2049, sector=40, nr_sectors = 4 limit=40 [ 137.862426] Buffer I/O error on dev loop0, logical block 10, lost async page write 14:06:25 executing program 0: r0 = syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) openat(r0, &(0x7f0000000300)='./file1\x00', 0x200, 0xb1) chdir(&(0x7f0000000140)='./file0\x00') openat(r0, &(0x7f0000000000)='./file0\x00', 0x20c0, 0x141) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) openat(0xffffffffffffffff, &(0x7f00000001c0)='./file0\x00', 0x0, 0xc0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x11, 0xffffffffffffffff, 0xa015000) r2 = perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) r3 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x26e1, 0x0) ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r4, 0xc0189375, &(0x7f0000000340)=ANY=[@ANYBLOB="873b07000000efb1606e00770100"/24, @ANYRES32=r3, @ANYBLOB='Y0\x00``\x00'/18]) fsconfig$FSCONFIG_SET_FD(r4, 0x5, &(0x7f0000000180)=']{\x00', 0x0, r1) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x11, r2, 0xa015000) r5 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x4042, 0x0) fallocate(r5, 0x8, 0x0, 0x8000000) ioctl$AUTOFS_IOC_CATATONIC(r5, 0x9362, 0x0) r6 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r6, &(0x7f0000001180)=ANY=[], 0x220) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r6, r1, 0x0, 0xfffffdef) 14:06:25 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) getsockopt$sock_int(r0, 0x1, 0x28, 0x0, &(0x7f00000000c0)) 14:06:25 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x1030c2, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x11, r0, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000140), 0x0, &(0x7f0000000000)) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, 0xffffffffffffffff, &(0x7f0000000240)={0xc0000008}) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xb) r2 = socket$inet6_udp(0xa, 0x2, 0x0) r3 = dup(r2) connect$inet6(r3, &(0x7f00000000c0)={0xa, 0x0, 0x0, @local, 0x2}, 0x1c) setsockopt$inet6_opts(r3, 0x29, 0x3b, &(0x7f00000001c0)=ANY=[], 0x8) sendmmsg$inet6(r3, &(0x7f0000002880), 0x4000101, 0x0) getsockname$packet(r3, &(0x7f0000003ac0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000003b00)=0x14) ioctl$FICLONERANGE(0xffffffffffffffff, 0x4020940d, &(0x7f00000001c0)={{}, 0x9, 0x100000000, 0x100000001}) io_uring_register$IORING_REGISTER_BUFFERS(0xffffffffffffffff, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)=""/85, 0x55}], 0x1) 14:06:25 executing program 5: r0 = syz_open_dev$tty20(0xc, 0x4, 0x1) ioctl$TIOCGSOFTCAR(r0, 0x541a, &(0x7f0000000040)) 14:06:25 executing program 4: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f00000000c0)=0x1, 0x4) setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r0, 0x6, 0x14, &(0x7f0000000000), 0x4) 14:06:25 executing program 7: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x1030c2, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x11, r0, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000140), 0x0, &(0x7f0000000000)) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, 0xffffffffffffffff, &(0x7f0000000240)={0xc0000008}) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xb) r2 = socket$inet6_udp(0xa, 0x2, 0x0) r3 = dup(r2) connect$inet6(r3, &(0x7f00000000c0)={0xa, 0x0, 0x0, @local, 0x2}, 0x1c) setsockopt$inet6_opts(r3, 0x29, 0x3b, &(0x7f00000001c0)=ANY=[], 0x8) sendmmsg$inet6(r3, &(0x7f0000002880), 0x4000101, 0x0) getsockname$packet(r3, &(0x7f0000003ac0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000003b00)=0x14) ioctl$FICLONERANGE(0xffffffffffffffff, 0x4020940d, &(0x7f00000001c0)={{}, 0x9, 0x100000000, 0x100000001}) io_uring_register$IORING_REGISTER_BUFFERS(0xffffffffffffffff, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)=""/85, 0x55}], 0x1) 14:06:25 executing program 3: sendmsg$ETHTOOL_MSG_PRIVFLAGS_SET(0xffffffffffffffff, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000680)={&(0x7f0000000000)={0x28, 0x0, 0x0, 0x0, 0x0, {}, [@ETHTOOL_A_PRIVFLAGS_FLAGS={0x8, 0x2, 0x0, 0x1, [@ETHTOOL_A_BITSET_BITS={0x4}]}, @ETHTOOL_A_PRIVFLAGS_HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}]}, 0x28}}, 0x0) r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$netlink(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f000000a940)=[{&(0x7f0000000000)=ANY=[@ANYBLOB="28000000580001"], 0x28}], 0x1}, 0x0) [ 137.948363] netlink: 'syz-executor.3': attribute type 1 has an invalid length. 14:06:25 executing program 6: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x2}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syncfs(0xffffffffffffffff) gettid() migrate_pages(0x0, 0x9, 0x0, &(0x7f0000000180)=0x10001) sched_getattr(0x0, 0x0, 0x0, 0x0) process_vm_writev(0x0, 0x0, 0x0, &(0x7f0000000780), 0x0, 0x0) [ 137.973523] loop0: detected capacity change from 0 to 40 14:06:25 executing program 3: sendmsg$ETHTOOL_MSG_PRIVFLAGS_SET(0xffffffffffffffff, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000680)={&(0x7f0000000000)={0x28, 0x0, 0x0, 0x0, 0x0, {}, [@ETHTOOL_A_PRIVFLAGS_FLAGS={0x8, 0x2, 0x0, 0x1, [@ETHTOOL_A_BITSET_BITS={0x4}]}, @ETHTOOL_A_PRIVFLAGS_HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}]}, 0x28}}, 0x0) r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$netlink(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f000000a940)=[{&(0x7f0000000000)=ANY=[@ANYBLOB="28000000580001"], 0x28}], 0x1}, 0x0) 14:06:25 executing program 2: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000003c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000003c0)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r0, &(0x7f000000d480)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000200)=[@rights={{0x14, 0x1, 0x1, [r2]}}, @rights={{0x14, 0x1, 0x1, [r1]}}], 0x30}}], 0x1, 0x0) 14:06:25 executing program 4: r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0) ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000200)=0x15) 14:06:25 executing program 6: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x2}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syncfs(0xffffffffffffffff) gettid() migrate_pages(0x0, 0x9, 0x0, &(0x7f0000000180)=0x10001) sched_getattr(0x0, 0x0, 0x0, 0x0) process_vm_writev(0x0, 0x0, 0x0, &(0x7f0000000780), 0x0, 0x0) 14:06:25 executing program 5: r0 = syz_open_dev$tty20(0xc, 0x4, 0x1) ioctl$TIOCGSOFTCAR(r0, 0x541a, &(0x7f0000000040)) [ 138.143584] syz-executor.0: attempt to access beyond end of device [ 138.143584] loop0: rw=2049, sector=40, nr_sectors = 4 limit=40 [ 138.144832] Buffer I/O error on dev loop0, logical block 10, lost async page write [ 138.147454] netlink: 'syz-executor.3': attribute type 1 has an invalid length. 14:06:25 executing program 2: r0 = syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000000)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f00000001c0)='./file0\x00') r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) openat(0xffffffffffffffff, &(0x7f0000000040)='./file1\x00', 0x200200, 0x4) write$binfmt_aout(r2, &(0x7f0000001180)=ANY=[], 0x220) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r0, 0x81f8943c, &(0x7f0000000480)) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r2, r1, 0x0, 0xfffffdef) [ 138.217503] loop2: detected capacity change from 0 to 40 [ 138.342186] syz-executor.2: attempt to access beyond end of device [ 138.342186] loop2: rw=2049, sector=40, nr_sectors = 4 limit=40 [ 138.343775] Buffer I/O error on dev loop2, logical block 10, lost async page write [ 138.397320] syz-executor.2: attempt to access beyond end of device [ 138.397320] loop2: rw=2049, sector=40, nr_sectors = 4 limit=40 [ 138.399027] Buffer I/O error on dev loop2, logical block 10, lost async page write 14:06:26 executing program 0: r0 = syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) openat(r0, &(0x7f0000000300)='./file1\x00', 0x200, 0xb1) chdir(&(0x7f0000000140)='./file0\x00') openat(r0, &(0x7f0000000000)='./file0\x00', 0x20c0, 0x141) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) openat(0xffffffffffffffff, &(0x7f00000001c0)='./file0\x00', 0x0, 0xc0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x11, 0xffffffffffffffff, 0xa015000) r2 = perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) r3 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x26e1, 0x0) ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r4, 0xc0189375, &(0x7f0000000340)=ANY=[@ANYBLOB="873b07000000efb1606e00770100"/24, @ANYRES32=r3, @ANYBLOB='Y0\x00``\x00'/18]) fsconfig$FSCONFIG_SET_FD(r4, 0x5, &(0x7f0000000180)=']{\x00', 0x0, r1) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x11, r2, 0xa015000) r5 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x4042, 0x0) fallocate(r5, 0x8, 0x0, 0x8000000) ioctl$AUTOFS_IOC_CATATONIC(r5, 0x9362, 0x0) r6 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r6, &(0x7f0000001180)=ANY=[], 0x220) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r6, r1, 0x0, 0xfffffdef) 14:06:26 executing program 4: sendmsg$TIPC_CMD_SHOW_LINK_STATS(0xffffffffffffffff, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20004001}, 0x2c008000) r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}, 0x0, 0x0, 0x1, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$pidfd(0xffffffffffffff9c, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xb) r2 = fsopen(&(0x7f0000000040)='cgroup2\x00', 0x0) r3 = getpgid(0xffffffffffffffff) r4 = fcntl$dupfd(r0, 0x0, r1) perf_event_open(&(0x7f0000000140)={0x5, 0x80, 0x9, 0x4, 0x80, 0x1f, 0x0, 0x40, 0x208, 0x8, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0xc1, 0x2, @perf_bp={&(0x7f0000000000), 0x9}, 0x40000, 0x2, 0x1, 0x6, 0xfffffffffffffffe, 0x8, 0x7, 0x0, 0x3, 0x0, 0x1f}, r3, 0x5, r4, 0x2) fsconfig$FSCONFIG_CMD_RECONFIGURE(r2, 0x6, 0x0, 0x0, 0x0) r5 = socket$packet(0x11, 0x3, 0x300) getsockopt$packet_int(r5, 0x107, 0xe, &(0x7f0000000780), &(0x7f00000007c0)=0x4) fallocate(r5, 0x8, 0x2, 0xfffffffffffffffe) fsmount(r2, 0x1, 0x0) r6 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000300), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'wpan1\x00', 0x0}) sendmsg$NL802154_CMD_SET_TX_POWER(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000440)=ANY=[@ANYBLOB="a5eb4057be", @ANYRES16=r6, @ANYBLOB="856c00000000000000000c000000080001000100000008000300", @ANYRES32=r7, @ANYBLOB="42ee238162b6c8bc3a8dcad42617866a76c855722068c1513a1e88e767a7f7b4f0c895b7"], 0x24}}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x1000004, 0x2811, 0xffffffffffffffff, 0x0) 14:06:26 executing program 1: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x2, &(0x7f0000000100)=[{0xc}, {0x6, 0x0, 0x0, 0x7fffffff}]}) pipe2(&(0x7f0000000000), 0x0) 14:06:26 executing program 5: r0 = syz_open_dev$tty20(0xc, 0x4, 0x1) ioctl$TIOCGSOFTCAR(r0, 0x541a, &(0x7f0000000040)) 14:06:26 executing program 6: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x2}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syncfs(0xffffffffffffffff) gettid() migrate_pages(0x0, 0x9, 0x0, &(0x7f0000000180)=0x10001) sched_getattr(0x0, 0x0, 0x0, 0x0) process_vm_writev(0x0, 0x0, 0x0, &(0x7f0000000780), 0x0, 0x0) 14:06:26 executing program 2: r0 = syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000000)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f00000001c0)='./file0\x00') r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) openat(0xffffffffffffffff, &(0x7f0000000040)='./file1\x00', 0x200200, 0x4) write$binfmt_aout(r2, &(0x7f0000001180)=ANY=[], 0x220) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r0, 0x81f8943c, &(0x7f0000000480)) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r2, r1, 0x0, 0xfffffdef) 14:06:26 executing program 3: r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$SG_GET_REQUEST_TABLE(r0, 0x2271, &(0x7f0000000000)) [ 138.881557] loop2: detected capacity change from 0 to 40 14:06:26 executing program 5: r0 = syz_open_dev$tty20(0xc, 0x4, 0x1) ioctl$TIOCGSOFTCAR(r0, 0x541a, &(0x7f0000000040)) [ 138.934869] loop0: detected capacity change from 0 to 40 14:06:26 executing program 7: r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000040)={'syz_tun\x00', &(0x7f0000000000)=@ethtool_channels={0x24}}) 14:06:26 executing program 3: r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$SG_GET_REQUEST_TABLE(r0, 0x2271, &(0x7f0000000000)) 14:06:26 executing program 6: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x2}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syncfs(0xffffffffffffffff) gettid() migrate_pages(0x0, 0x9, 0x0, &(0x7f0000000180)=0x10001) sched_getattr(0x0, 0x0, 0x0, 0x0) process_vm_writev(0x0, 0x0, 0x0, &(0x7f0000000780), 0x0, 0x0) [ 139.050281] syz-executor.0: attempt to access beyond end of device [ 139.050281] loop0: rw=2049, sector=40, nr_sectors = 4 limit=40 [ 139.051382] Buffer I/O error on dev loop0, logical block 10, lost async page write [ 139.333266] syz-executor.2: attempt to access beyond end of device [ 139.333266] loop2: rw=2049, sector=40, nr_sectors = 4 limit=40 [ 139.335485] Buffer I/O error on dev loop2, logical block 10, lost async page write 14:06:26 executing program 1: sendmsg$TIPC_CMD_SHOW_LINK_STATS(0xffffffffffffffff, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20004001}, 0x2c008000) r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}, 0x0, 0x0, 0x1, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$pidfd(0xffffffffffffff9c, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xb) r2 = fsopen(&(0x7f0000000040)='cgroup2\x00', 0x0) r3 = getpgid(0xffffffffffffffff) r4 = fcntl$dupfd(r0, 0x0, r1) perf_event_open(&(0x7f0000000140)={0x5, 0x80, 0x9, 0x4, 0x80, 0x1f, 0x0, 0x40, 0x208, 0x8, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0xc1, 0x2, @perf_bp={&(0x7f0000000000), 0x9}, 0x40000, 0x2, 0x1, 0x6, 0xfffffffffffffffe, 0x8, 0x7, 0x0, 0x3, 0x0, 0x1f}, r3, 0x5, r4, 0x2) fsconfig$FSCONFIG_CMD_RECONFIGURE(r2, 0x6, 0x0, 0x0, 0x0) r5 = socket$packet(0x11, 0x3, 0x300) getsockopt$packet_int(r5, 0x107, 0xe, &(0x7f0000000780), &(0x7f00000007c0)=0x4) fallocate(r5, 0x8, 0x2, 0xfffffffffffffffe) fsmount(r2, 0x1, 0x0) r6 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000300), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'wpan1\x00', 0x0}) sendmsg$NL802154_CMD_SET_TX_POWER(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000440)=ANY=[@ANYBLOB="a5eb4057be", @ANYRES16=r6, @ANYBLOB="856c00000000000000000c000000080001000100000008000300", @ANYRES32=r7, @ANYBLOB="42ee238162b6c8bc3a8dcad42617866a76c855722068c1513a1e88e767a7f7b4f0c895b7"], 0x24}}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x1000004, 0x2811, 0xffffffffffffffff, 0x0) 14:06:26 executing program 7: r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000040)={'syz_tun\x00', &(0x7f0000000000)=@ethtool_channels={0x24}}) 14:06:26 executing program 3: r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$SG_GET_REQUEST_TABLE(r0, 0x2271, &(0x7f0000000000)) 14:06:26 executing program 4: sendmsg$TIPC_CMD_SHOW_LINK_STATS(0xffffffffffffffff, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20004001}, 0x2c008000) r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}, 0x0, 0x0, 0x1, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$pidfd(0xffffffffffffff9c, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xb) r2 = fsopen(&(0x7f0000000040)='cgroup2\x00', 0x0) r3 = getpgid(0xffffffffffffffff) r4 = fcntl$dupfd(r0, 0x0, r1) perf_event_open(&(0x7f0000000140)={0x5, 0x80, 0x9, 0x4, 0x80, 0x1f, 0x0, 0x40, 0x208, 0x8, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0xc1, 0x2, @perf_bp={&(0x7f0000000000), 0x9}, 0x40000, 0x2, 0x1, 0x6, 0xfffffffffffffffe, 0x8, 0x7, 0x0, 0x3, 0x0, 0x1f}, r3, 0x5, r4, 0x2) fsconfig$FSCONFIG_CMD_RECONFIGURE(r2, 0x6, 0x0, 0x0, 0x0) r5 = socket$packet(0x11, 0x3, 0x300) getsockopt$packet_int(r5, 0x107, 0xe, &(0x7f0000000780), &(0x7f00000007c0)=0x4) fallocate(r5, 0x8, 0x2, 0xfffffffffffffffe) fsmount(r2, 0x1, 0x0) r6 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000300), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'wpan1\x00', 0x0}) sendmsg$NL802154_CMD_SET_TX_POWER(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000440)=ANY=[@ANYBLOB="a5eb4057be", @ANYRES16=r6, @ANYBLOB="856c00000000000000000c000000080001000100000008000300", @ANYRES32=r7, @ANYBLOB="42ee238162b6c8bc3a8dcad42617866a76c855722068c1513a1e88e767a7f7b4f0c895b7"], 0x24}}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x1000004, 0x2811, 0xffffffffffffffff, 0x0) 14:06:26 executing program 5: sendmsg$TIPC_CMD_SHOW_LINK_STATS(0xffffffffffffffff, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20004001}, 0x2c008000) r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}, 0x0, 0x0, 0x1, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$pidfd(0xffffffffffffff9c, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xb) r2 = fsopen(&(0x7f0000000040)='cgroup2\x00', 0x0) r3 = getpgid(0xffffffffffffffff) r4 = fcntl$dupfd(r0, 0x0, r1) perf_event_open(&(0x7f0000000140)={0x5, 0x80, 0x9, 0x4, 0x80, 0x1f, 0x0, 0x40, 0x208, 0x8, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0xc1, 0x2, @perf_bp={&(0x7f0000000000), 0x9}, 0x40000, 0x2, 0x1, 0x6, 0xfffffffffffffffe, 0x8, 0x7, 0x0, 0x3, 0x0, 0x1f}, r3, 0x5, r4, 0x2) fsconfig$FSCONFIG_CMD_RECONFIGURE(r2, 0x6, 0x0, 0x0, 0x0) r5 = socket$packet(0x11, 0x3, 0x300) getsockopt$packet_int(r5, 0x107, 0xe, &(0x7f0000000780), &(0x7f00000007c0)=0x4) fallocate(r5, 0x8, 0x2, 0xfffffffffffffffe) fsmount(r2, 0x1, 0x0) r6 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000300), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'wpan1\x00', 0x0}) sendmsg$NL802154_CMD_SET_TX_POWER(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000440)=ANY=[@ANYBLOB="a5eb4057be", @ANYRES16=r6, @ANYBLOB="856c00000000000000000c000000080001000100000008000300", @ANYRES32=r7, @ANYBLOB="42ee238162b6c8bc3a8dcad42617866a76c855722068c1513a1e88e767a7f7b4f0c895b7"], 0x24}}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x1000004, 0x2811, 0xffffffffffffffff, 0x0) 14:06:26 executing program 6: sendmsg$TIPC_CMD_SHOW_LINK_STATS(0xffffffffffffffff, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20004001}, 0x2c008000) r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}, 0x0, 0x0, 0x1, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$pidfd(0xffffffffffffff9c, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xb) r2 = fsopen(&(0x7f0000000040)='cgroup2\x00', 0x0) r3 = getpgid(0xffffffffffffffff) r4 = fcntl$dupfd(r0, 0x0, r1) perf_event_open(&(0x7f0000000140)={0x5, 0x80, 0x9, 0x4, 0x80, 0x1f, 0x0, 0x40, 0x208, 0x8, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0xc1, 0x2, @perf_bp={&(0x7f0000000000), 0x9}, 0x40000, 0x2, 0x1, 0x6, 0xfffffffffffffffe, 0x8, 0x7, 0x0, 0x3, 0x0, 0x1f}, r3, 0x5, r4, 0x2) fsconfig$FSCONFIG_CMD_RECONFIGURE(r2, 0x6, 0x0, 0x0, 0x0) r5 = socket$packet(0x11, 0x3, 0x300) getsockopt$packet_int(r5, 0x107, 0xe, &(0x7f0000000780), &(0x7f00000007c0)=0x4) fallocate(r5, 0x8, 0x2, 0xfffffffffffffffe) fsmount(r2, 0x1, 0x0) r6 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000300), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'wpan1\x00', 0x0}) sendmsg$NL802154_CMD_SET_TX_POWER(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000440)=ANY=[@ANYBLOB="a5eb4057be", @ANYRES16=r6, @ANYBLOB="856c00000000000000000c000000080001000100000008000300", @ANYRES32=r7, @ANYBLOB="42ee238162b6c8bc3a8dcad42617866a76c855722068c1513a1e88e767a7f7b4f0c895b7"], 0x24}}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x1000004, 0x2811, 0xffffffffffffffff, 0x0) 14:06:26 executing program 2: r0 = syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000000)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f00000001c0)='./file0\x00') r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) openat(0xffffffffffffffff, &(0x7f0000000040)='./file1\x00', 0x200200, 0x4) write$binfmt_aout(r2, &(0x7f0000001180)=ANY=[], 0x220) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r0, 0x81f8943c, &(0x7f0000000480)) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r2, r1, 0x0, 0xfffffdef) 14:06:26 executing program 0: r0 = syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) openat(r0, &(0x7f0000000300)='./file1\x00', 0x200, 0xb1) chdir(&(0x7f0000000140)='./file0\x00') openat(r0, &(0x7f0000000000)='./file0\x00', 0x20c0, 0x141) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) openat(0xffffffffffffffff, &(0x7f00000001c0)='./file0\x00', 0x0, 0xc0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x11, 0xffffffffffffffff, 0xa015000) r2 = perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) r3 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x26e1, 0x0) ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r4, 0xc0189375, &(0x7f0000000340)=ANY=[@ANYBLOB="873b07000000efb1606e00770100"/24, @ANYRES32=r3, @ANYBLOB='Y0\x00``\x00'/18]) fsconfig$FSCONFIG_SET_FD(r4, 0x5, &(0x7f0000000180)=']{\x00', 0x0, r1) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x11, r2, 0xa015000) r5 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x4042, 0x0) fallocate(r5, 0x8, 0x0, 0x8000000) ioctl$AUTOFS_IOC_CATATONIC(r5, 0x9362, 0x0) r6 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r6, &(0x7f0000001180)=ANY=[], 0x220) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r6, r1, 0x0, 0xfffffdef) [ 139.390058] loop0: detected capacity change from 0 to 40 [ 139.406682] loop2: detected capacity change from 0 to 40 14:06:26 executing program 3: r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$SG_GET_REQUEST_TABLE(r0, 0x2271, &(0x7f0000000000)) 14:06:26 executing program 7: r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000040)={'syz_tun\x00', &(0x7f0000000000)=@ethtool_channels={0x24}}) 14:06:26 executing program 4: sendmsg$TIPC_CMD_SHOW_LINK_STATS(0xffffffffffffffff, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20004001}, 0x2c008000) r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}, 0x0, 0x0, 0x1, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$pidfd(0xffffffffffffff9c, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xb) r2 = fsopen(&(0x7f0000000040)='cgroup2\x00', 0x0) r3 = getpgid(0xffffffffffffffff) r4 = fcntl$dupfd(r0, 0x0, r1) perf_event_open(&(0x7f0000000140)={0x5, 0x80, 0x9, 0x4, 0x80, 0x1f, 0x0, 0x40, 0x208, 0x8, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0xc1, 0x2, @perf_bp={&(0x7f0000000000), 0x9}, 0x40000, 0x2, 0x1, 0x6, 0xfffffffffffffffe, 0x8, 0x7, 0x0, 0x3, 0x0, 0x1f}, r3, 0x5, r4, 0x2) fsconfig$FSCONFIG_CMD_RECONFIGURE(r2, 0x6, 0x0, 0x0, 0x0) r5 = socket$packet(0x11, 0x3, 0x300) getsockopt$packet_int(r5, 0x107, 0xe, &(0x7f0000000780), &(0x7f00000007c0)=0x4) fallocate(r5, 0x8, 0x2, 0xfffffffffffffffe) fsmount(r2, 0x1, 0x0) r6 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000300), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'wpan1\x00', 0x0}) sendmsg$NL802154_CMD_SET_TX_POWER(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000440)=ANY=[@ANYBLOB="a5eb4057be", @ANYRES16=r6, @ANYBLOB="856c00000000000000000c000000080001000100000008000300", @ANYRES32=r7, @ANYBLOB="42ee238162b6c8bc3a8dcad42617866a76c855722068c1513a1e88e767a7f7b4f0c895b7"], 0x24}}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x1000004, 0x2811, 0xffffffffffffffff, 0x0) [ 139.485937] syz-executor.0: attempt to access beyond end of device [ 139.485937] loop0: rw=2049, sector=40, nr_sectors = 4 limit=40 [ 139.486987] Buffer I/O error on dev loop0, logical block 10, lost async page write 14:06:26 executing program 1: sendmsg$TIPC_CMD_SHOW_LINK_STATS(0xffffffffffffffff, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20004001}, 0x2c008000) r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}, 0x0, 0x0, 0x1, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$pidfd(0xffffffffffffff9c, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xb) r2 = fsopen(&(0x7f0000000040)='cgroup2\x00', 0x0) r3 = getpgid(0xffffffffffffffff) r4 = fcntl$dupfd(r0, 0x0, r1) perf_event_open(&(0x7f0000000140)={0x5, 0x80, 0x9, 0x4, 0x80, 0x1f, 0x0, 0x40, 0x208, 0x8, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0xc1, 0x2, @perf_bp={&(0x7f0000000000), 0x9}, 0x40000, 0x2, 0x1, 0x6, 0xfffffffffffffffe, 0x8, 0x7, 0x0, 0x3, 0x0, 0x1f}, r3, 0x5, r4, 0x2) fsconfig$FSCONFIG_CMD_RECONFIGURE(r2, 0x6, 0x0, 0x0, 0x0) r5 = socket$packet(0x11, 0x3, 0x300) getsockopt$packet_int(r5, 0x107, 0xe, &(0x7f0000000780), &(0x7f00000007c0)=0x4) fallocate(r5, 0x8, 0x2, 0xfffffffffffffffe) fsmount(r2, 0x1, 0x0) r6 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000300), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'wpan1\x00', 0x0}) sendmsg$NL802154_CMD_SET_TX_POWER(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000440)=ANY=[@ANYBLOB="a5eb4057be", @ANYRES16=r6, @ANYBLOB="856c00000000000000000c000000080001000100000008000300", @ANYRES32=r7, @ANYBLOB="42ee238162b6c8bc3a8dcad42617866a76c855722068c1513a1e88e767a7f7b4f0c895b7"], 0x24}}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x1000004, 0x2811, 0xffffffffffffffff, 0x0) 14:06:27 executing program 7: r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000040)={'syz_tun\x00', &(0x7f0000000000)=@ethtool_channels={0x24}}) 14:06:27 executing program 3: sendmsg$TIPC_CMD_SHOW_LINK_STATS(0xffffffffffffffff, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20004001}, 0x2c008000) r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}, 0x0, 0x0, 0x1, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$pidfd(0xffffffffffffff9c, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xb) r2 = fsopen(&(0x7f0000000040)='cgroup2\x00', 0x0) r3 = getpgid(0xffffffffffffffff) r4 = fcntl$dupfd(r0, 0x0, r1) perf_event_open(&(0x7f0000000140)={0x5, 0x80, 0x9, 0x4, 0x80, 0x1f, 0x0, 0x40, 0x208, 0x8, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0xc1, 0x2, @perf_bp={&(0x7f0000000000), 0x9}, 0x40000, 0x2, 0x1, 0x6, 0xfffffffffffffffe, 0x8, 0x7, 0x0, 0x3, 0x0, 0x1f}, r3, 0x5, r4, 0x2) fsconfig$FSCONFIG_CMD_RECONFIGURE(r2, 0x6, 0x0, 0x0, 0x0) r5 = socket$packet(0x11, 0x3, 0x300) getsockopt$packet_int(r5, 0x107, 0xe, &(0x7f0000000780), &(0x7f00000007c0)=0x4) fallocate(r5, 0x8, 0x2, 0xfffffffffffffffe) fsmount(r2, 0x1, 0x0) r6 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000300), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'wpan1\x00', 0x0}) sendmsg$NL802154_CMD_SET_TX_POWER(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000440)=ANY=[@ANYBLOB="a5eb4057be", @ANYRES16=r6, @ANYBLOB="856c00000000000000000c000000080001000100000008000300", @ANYRES32=r7, @ANYBLOB="42ee238162b6c8bc3a8dcad42617866a76c855722068c1513a1e88e767a7f7b4f0c895b7"], 0x24}}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x1000004, 0x2811, 0xffffffffffffffff, 0x0) 14:06:27 executing program 6: sendmsg$TIPC_CMD_SHOW_LINK_STATS(0xffffffffffffffff, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20004001}, 0x2c008000) r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}, 0x0, 0x0, 0x1, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$pidfd(0xffffffffffffff9c, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xb) r2 = fsopen(&(0x7f0000000040)='cgroup2\x00', 0x0) r3 = getpgid(0xffffffffffffffff) r4 = fcntl$dupfd(r0, 0x0, r1) perf_event_open(&(0x7f0000000140)={0x5, 0x80, 0x9, 0x4, 0x80, 0x1f, 0x0, 0x40, 0x208, 0x8, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0xc1, 0x2, @perf_bp={&(0x7f0000000000), 0x9}, 0x40000, 0x2, 0x1, 0x6, 0xfffffffffffffffe, 0x8, 0x7, 0x0, 0x3, 0x0, 0x1f}, r3, 0x5, r4, 0x2) fsconfig$FSCONFIG_CMD_RECONFIGURE(r2, 0x6, 0x0, 0x0, 0x0) r5 = socket$packet(0x11, 0x3, 0x300) getsockopt$packet_int(r5, 0x107, 0xe, &(0x7f0000000780), &(0x7f00000007c0)=0x4) fallocate(r5, 0x8, 0x2, 0xfffffffffffffffe) fsmount(r2, 0x1, 0x0) r6 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000300), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'wpan1\x00', 0x0}) sendmsg$NL802154_CMD_SET_TX_POWER(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000440)=ANY=[@ANYBLOB="a5eb4057be", @ANYRES16=r6, @ANYBLOB="856c00000000000000000c000000080001000100000008000300", @ANYRES32=r7, @ANYBLOB="42ee238162b6c8bc3a8dcad42617866a76c855722068c1513a1e88e767a7f7b4f0c895b7"], 0x24}}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x1000004, 0x2811, 0xffffffffffffffff, 0x0) [ 139.640376] syz-executor.2: attempt to access beyond end of device [ 139.640376] loop2: rw=2049, sector=40, nr_sectors = 4 limit=40 [ 139.643603] Buffer I/O error on dev loop2, logical block 10, lost async page write 14:06:27 executing program 3: sendmsg$TIPC_CMD_SHOW_LINK_STATS(0xffffffffffffffff, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20004001}, 0x2c008000) r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}, 0x0, 0x0, 0x1, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$pidfd(0xffffffffffffff9c, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xb) r2 = fsopen(&(0x7f0000000040)='cgroup2\x00', 0x0) r3 = getpgid(0xffffffffffffffff) r4 = fcntl$dupfd(r0, 0x0, r1) perf_event_open(&(0x7f0000000140)={0x5, 0x80, 0x9, 0x4, 0x80, 0x1f, 0x0, 0x40, 0x208, 0x8, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0xc1, 0x2, @perf_bp={&(0x7f0000000000), 0x9}, 0x40000, 0x2, 0x1, 0x6, 0xfffffffffffffffe, 0x8, 0x7, 0x0, 0x3, 0x0, 0x1f}, r3, 0x5, r4, 0x2) fsconfig$FSCONFIG_CMD_RECONFIGURE(r2, 0x6, 0x0, 0x0, 0x0) r5 = socket$packet(0x11, 0x3, 0x300) getsockopt$packet_int(r5, 0x107, 0xe, &(0x7f0000000780), &(0x7f00000007c0)=0x4) fallocate(r5, 0x8, 0x2, 0xfffffffffffffffe) fsmount(r2, 0x1, 0x0) r6 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000300), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'wpan1\x00', 0x0}) sendmsg$NL802154_CMD_SET_TX_POWER(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000440)=ANY=[@ANYBLOB="a5eb4057be", @ANYRES16=r6, @ANYBLOB="856c00000000000000000c000000080001000100000008000300", @ANYRES32=r7, @ANYBLOB="42ee238162b6c8bc3a8dcad42617866a76c855722068c1513a1e88e767a7f7b4f0c895b7"], 0x24}}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x1000004, 0x2811, 0xffffffffffffffff, 0x0) 14:06:27 executing program 5: sendmsg$TIPC_CMD_SHOW_LINK_STATS(0xffffffffffffffff, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20004001}, 0x2c008000) r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}, 0x0, 0x0, 0x1, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$pidfd(0xffffffffffffff9c, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xb) r2 = fsopen(&(0x7f0000000040)='cgroup2\x00', 0x0) r3 = getpgid(0xffffffffffffffff) r4 = fcntl$dupfd(r0, 0x0, r1) perf_event_open(&(0x7f0000000140)={0x5, 0x80, 0x9, 0x4, 0x80, 0x1f, 0x0, 0x40, 0x208, 0x8, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0xc1, 0x2, @perf_bp={&(0x7f0000000000), 0x9}, 0x40000, 0x2, 0x1, 0x6, 0xfffffffffffffffe, 0x8, 0x7, 0x0, 0x3, 0x0, 0x1f}, r3, 0x5, r4, 0x2) fsconfig$FSCONFIG_CMD_RECONFIGURE(r2, 0x6, 0x0, 0x0, 0x0) r5 = socket$packet(0x11, 0x3, 0x300) getsockopt$packet_int(r5, 0x107, 0xe, &(0x7f0000000780), &(0x7f00000007c0)=0x4) fallocate(r5, 0x8, 0x2, 0xfffffffffffffffe) fsmount(r2, 0x1, 0x0) r6 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000300), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'wpan1\x00', 0x0}) sendmsg$NL802154_CMD_SET_TX_POWER(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000440)=ANY=[@ANYBLOB="a5eb4057be", @ANYRES16=r6, @ANYBLOB="856c00000000000000000c000000080001000100000008000300", @ANYRES32=r7, @ANYBLOB="42ee238162b6c8bc3a8dcad42617866a76c855722068c1513a1e88e767a7f7b4f0c895b7"], 0x24}}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x1000004, 0x2811, 0xffffffffffffffff, 0x0) 14:06:27 executing program 1: sendmsg$TIPC_CMD_SHOW_LINK_STATS(0xffffffffffffffff, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20004001}, 0x2c008000) r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}, 0x0, 0x0, 0x1, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$pidfd(0xffffffffffffff9c, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xb) r2 = fsopen(&(0x7f0000000040)='cgroup2\x00', 0x0) r3 = getpgid(0xffffffffffffffff) r4 = fcntl$dupfd(r0, 0x0, r1) perf_event_open(&(0x7f0000000140)={0x5, 0x80, 0x9, 0x4, 0x80, 0x1f, 0x0, 0x40, 0x208, 0x8, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0xc1, 0x2, @perf_bp={&(0x7f0000000000), 0x9}, 0x40000, 0x2, 0x1, 0x6, 0xfffffffffffffffe, 0x8, 0x7, 0x0, 0x3, 0x0, 0x1f}, r3, 0x5, r4, 0x2) fsconfig$FSCONFIG_CMD_RECONFIGURE(r2, 0x6, 0x0, 0x0, 0x0) r5 = socket$packet(0x11, 0x3, 0x300) getsockopt$packet_int(r5, 0x107, 0xe, &(0x7f0000000780), &(0x7f00000007c0)=0x4) fallocate(r5, 0x8, 0x2, 0xfffffffffffffffe) fsmount(r2, 0x1, 0x0) r6 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000300), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'wpan1\x00', 0x0}) sendmsg$NL802154_CMD_SET_TX_POWER(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000440)=ANY=[@ANYBLOB="a5eb4057be", @ANYRES16=r6, @ANYBLOB="856c00000000000000000c000000080001000100000008000300", @ANYRES32=r7, @ANYBLOB="42ee238162b6c8bc3a8dcad42617866a76c855722068c1513a1e88e767a7f7b4f0c895b7"], 0x24}}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x1000004, 0x2811, 0xffffffffffffffff, 0x0) 14:06:27 executing program 6: sendmsg$TIPC_CMD_SHOW_LINK_STATS(0xffffffffffffffff, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20004001}, 0x2c008000) r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}, 0x0, 0x0, 0x1, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$pidfd(0xffffffffffffff9c, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xb) r2 = fsopen(&(0x7f0000000040)='cgroup2\x00', 0x0) r3 = getpgid(0xffffffffffffffff) r4 = fcntl$dupfd(r0, 0x0, r1) perf_event_open(&(0x7f0000000140)={0x5, 0x80, 0x9, 0x4, 0x80, 0x1f, 0x0, 0x40, 0x208, 0x8, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0xc1, 0x2, @perf_bp={&(0x7f0000000000), 0x9}, 0x40000, 0x2, 0x1, 0x6, 0xfffffffffffffffe, 0x8, 0x7, 0x0, 0x3, 0x0, 0x1f}, r3, 0x5, r4, 0x2) fsconfig$FSCONFIG_CMD_RECONFIGURE(r2, 0x6, 0x0, 0x0, 0x0) r5 = socket$packet(0x11, 0x3, 0x300) getsockopt$packet_int(r5, 0x107, 0xe, &(0x7f0000000780), &(0x7f00000007c0)=0x4) fallocate(r5, 0x8, 0x2, 0xfffffffffffffffe) fsmount(r2, 0x1, 0x0) r6 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000300), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'wpan1\x00', 0x0}) sendmsg$NL802154_CMD_SET_TX_POWER(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000440)=ANY=[@ANYBLOB="a5eb4057be", @ANYRES16=r6, @ANYBLOB="856c00000000000000000c000000080001000100000008000300", @ANYRES32=r7, @ANYBLOB="42ee238162b6c8bc3a8dcad42617866a76c855722068c1513a1e88e767a7f7b4f0c895b7"], 0x24}}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x1000004, 0x2811, 0xffffffffffffffff, 0x0) 14:06:27 executing program 7: r0 = shmget(0x3, 0x3000, 0x200, &(0x7f0000ffa000/0x3000)=nil) shmat(r0, &(0x7f0000ffd000/0x3000)=nil, 0x5000) shmctl$IPC_RMID(r0, 0x0) 14:06:27 executing program 4: sendmsg$TIPC_CMD_SHOW_LINK_STATS(0xffffffffffffffff, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20004001}, 0x2c008000) r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}, 0x0, 0x0, 0x1, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$pidfd(0xffffffffffffff9c, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xb) r2 = fsopen(&(0x7f0000000040)='cgroup2\x00', 0x0) r3 = getpgid(0xffffffffffffffff) r4 = fcntl$dupfd(r0, 0x0, r1) perf_event_open(&(0x7f0000000140)={0x5, 0x80, 0x9, 0x4, 0x80, 0x1f, 0x0, 0x40, 0x208, 0x8, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0xc1, 0x2, @perf_bp={&(0x7f0000000000), 0x9}, 0x40000, 0x2, 0x1, 0x6, 0xfffffffffffffffe, 0x8, 0x7, 0x0, 0x3, 0x0, 0x1f}, r3, 0x5, r4, 0x2) fsconfig$FSCONFIG_CMD_RECONFIGURE(r2, 0x6, 0x0, 0x0, 0x0) r5 = socket$packet(0x11, 0x3, 0x300) getsockopt$packet_int(r5, 0x107, 0xe, &(0x7f0000000780), &(0x7f00000007c0)=0x4) fallocate(r5, 0x8, 0x2, 0xfffffffffffffffe) fsmount(r2, 0x1, 0x0) r6 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000300), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'wpan1\x00', 0x0}) sendmsg$NL802154_CMD_SET_TX_POWER(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000440)=ANY=[@ANYBLOB="a5eb4057be", @ANYRES16=r6, @ANYBLOB="856c00000000000000000c000000080001000100000008000300", @ANYRES32=r7, @ANYBLOB="42ee238162b6c8bc3a8dcad42617866a76c855722068c1513a1e88e767a7f7b4f0c895b7"], 0x24}}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x1000004, 0x2811, 0xffffffffffffffff, 0x0) 14:06:27 executing program 2: r0 = syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000000)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f00000001c0)='./file0\x00') r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) openat(0xffffffffffffffff, &(0x7f0000000040)='./file1\x00', 0x200200, 0x4) write$binfmt_aout(r2, &(0x7f0000001180)=ANY=[], 0x220) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r0, 0x81f8943c, &(0x7f0000000480)) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r2, r1, 0x0, 0xfffffdef) [ 139.951619] loop2: detected capacity change from 0 to 40 [ 140.027316] syz-executor.2: attempt to access beyond end of device [ 140.027316] loop2: rw=2049, sector=40, nr_sectors = 4 limit=40 [ 140.028435] Buffer I/O error on dev loop2, logical block 10, lost async page write 14:06:27 executing program 7: openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x0) syz_io_uring_setup(0x4001, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000ffb000/0x3000)=nil, 0x0, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)) pselect6(0x40, &(0x7f0000000100)={0x5f}, 0x0, 0x0, 0x0, 0x0) 14:06:27 executing program 5: sendmsg$TIPC_CMD_SHOW_LINK_STATS(0xffffffffffffffff, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20004001}, 0x2c008000) r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}, 0x0, 0x0, 0x1, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$pidfd(0xffffffffffffff9c, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xb) r2 = fsopen(&(0x7f0000000040)='cgroup2\x00', 0x0) r3 = getpgid(0xffffffffffffffff) r4 = fcntl$dupfd(r0, 0x0, r1) perf_event_open(&(0x7f0000000140)={0x5, 0x80, 0x9, 0x4, 0x80, 0x1f, 0x0, 0x40, 0x208, 0x8, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0xc1, 0x2, @perf_bp={&(0x7f0000000000), 0x9}, 0x40000, 0x2, 0x1, 0x6, 0xfffffffffffffffe, 0x8, 0x7, 0x0, 0x3, 0x0, 0x1f}, r3, 0x5, r4, 0x2) fsconfig$FSCONFIG_CMD_RECONFIGURE(r2, 0x6, 0x0, 0x0, 0x0) r5 = socket$packet(0x11, 0x3, 0x300) getsockopt$packet_int(r5, 0x107, 0xe, &(0x7f0000000780), &(0x7f00000007c0)=0x4) fallocate(r5, 0x8, 0x2, 0xfffffffffffffffe) fsmount(r2, 0x1, 0x0) r6 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000300), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'wpan1\x00', 0x0}) sendmsg$NL802154_CMD_SET_TX_POWER(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000440)=ANY=[@ANYBLOB="a5eb4057be", @ANYRES16=r6, @ANYBLOB="856c00000000000000000c000000080001000100000008000300", @ANYRES32=r7, @ANYBLOB="42ee238162b6c8bc3a8dcad42617866a76c855722068c1513a1e88e767a7f7b4f0c895b7"], 0x24}}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x1000004, 0x2811, 0xffffffffffffffff, 0x0) 14:06:27 executing program 0: clock_adjtime(0x0, &(0x7f0000000000)={0x2edf, 0x0, 0x0, 0x0, 0x0, 0xb}) 14:06:27 executing program 1: r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) setresuid(0x0, 0x0, 0x0) readv(r0, &(0x7f0000000540)=[{&(0x7f0000000000)=""/87, 0x57}], 0x1) [ 140.079340] sg_read: process 23 (syz-executor.1) changed security contexts after opening file descriptor, this is not allowed. 14:06:27 executing program 3: sendmsg$TIPC_CMD_SHOW_LINK_STATS(0xffffffffffffffff, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20004001}, 0x2c008000) r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}, 0x0, 0x0, 0x1, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$pidfd(0xffffffffffffff9c, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xb) r2 = fsopen(&(0x7f0000000040)='cgroup2\x00', 0x0) r3 = getpgid(0xffffffffffffffff) r4 = fcntl$dupfd(r0, 0x0, r1) perf_event_open(&(0x7f0000000140)={0x5, 0x80, 0x9, 0x4, 0x80, 0x1f, 0x0, 0x40, 0x208, 0x8, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0xc1, 0x2, @perf_bp={&(0x7f0000000000), 0x9}, 0x40000, 0x2, 0x1, 0x6, 0xfffffffffffffffe, 0x8, 0x7, 0x0, 0x3, 0x0, 0x1f}, r3, 0x5, r4, 0x2) fsconfig$FSCONFIG_CMD_RECONFIGURE(r2, 0x6, 0x0, 0x0, 0x0) r5 = socket$packet(0x11, 0x3, 0x300) getsockopt$packet_int(r5, 0x107, 0xe, &(0x7f0000000780), &(0x7f00000007c0)=0x4) fallocate(r5, 0x8, 0x2, 0xfffffffffffffffe) fsmount(r2, 0x1, 0x0) r6 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000300), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'wpan1\x00', 0x0}) sendmsg$NL802154_CMD_SET_TX_POWER(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000440)=ANY=[@ANYBLOB="a5eb4057be", @ANYRES16=r6, @ANYBLOB="856c00000000000000000c000000080001000100000008000300", @ANYRES32=r7, @ANYBLOB="42ee238162b6c8bc3a8dcad42617866a76c855722068c1513a1e88e767a7f7b4f0c895b7"], 0x24}}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x1000004, 0x2811, 0xffffffffffffffff, 0x0) 14:06:27 executing program 1: r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) setresuid(0x0, 0x0, 0x0) readv(r0, &(0x7f0000000540)=[{&(0x7f0000000000)=""/87, 0x57}], 0x1) 14:06:27 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmmsg(r0, &(0x7f00000025c0)=[{{0x0, 0x0, &(0x7f00000005c0)=[{&(0x7f0000000300)="fb", 0x1}], 0x1}}, {{&(0x7f0000000a80)=@l2tp6={0xa, 0x0, 0x0, @remote}, 0xb, &(0x7f00000010c0)=[{&(0x7f0000000b00)='a', 0x1}], 0x1}}], 0x2, 0x0) 14:06:27 executing program 0: clock_adjtime(0x0, &(0x7f0000000000)={0x2edf, 0x0, 0x0, 0x0, 0x0, 0xb}) 14:06:27 executing program 7: openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) r0 = fsopen(&(0x7f0000000000)='ramfs\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0) r1 = fsmount(r0, 0x0, 0x0) symlinkat(&(0x7f0000000000)='.\x00', r1, &(0x7f00000001c0)='./file0\x00') renameat(r1, &(0x7f0000000140)='./file0/file0\x00', r1, &(0x7f0000000180)='./file1\x00') fspick(r1, &(0x7f0000000040)='./file1\x00', 0x0) perf_event_open(&(0x7f0000000140)={0x6, 0x80, 0xff, 0x7f, 0x8, 0x8, 0x0, 0x5, 0x0, 0x8, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xffffff80, 0x4, @perf_bp={&(0x7f0000000040), 0xa}, 0x1200, 0x81, 0x20, 0x1, 0x9, 0xf5, 0x7, 0x0, 0x8}, 0x0, 0x6, r1, 0x9) r2 = open(&(0x7f0000000000)='./file0\x00', 0x535081, 0x0) r3 = inotify_init1(0x0) dup2(r3, r2) 14:06:27 executing program 1: r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) setresuid(0x0, 0x0, 0x0) readv(r0, &(0x7f0000000540)=[{&(0x7f0000000000)=""/87, 0x57}], 0x1) 14:06:27 executing program 6: r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000140), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000000100)=0x0, &(0x7f0000000080)=0x0) r3 = socket$inet_udp(0x2, 0x2, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r3, 0x8001, &(0x7f00000008c0)=[{0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}], 0x9}, 0x0) io_uring_enter(r0, 0x100001, 0x0, 0x0, 0x0, 0x0) 14:06:27 executing program 3: r0 = syz_io_uring_setup(0xb9b, &(0x7f0000000440), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f00000004c0), &(0x7f0000000500)) io_uring_register$IORING_REGISTER_FILES_UPDATE(r0, 0x14, &(0x7f0000000580)={0xc00c, 0x0, &(0x7f0000000300)=[0xffffffffffffffff]}, 0x1) 14:06:27 executing program 4: r0 = gettid() r1 = gettid() kcmp(r1, r0, 0xca60f8548e3b1cf7, 0xffffffffffffffff, 0xffffffffffffffff) 14:06:27 executing program 5: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_TCP_MD5SIG(r0, 0x6, 0xe, &(0x7f0000000280)={@in={{0x2, 0x0, @loopback}}, 0x0, 0x0, 0x16, 0x0, "6b51e774d3e10adccd8b3e4258f17f6eec3206b65278061ff13b242f8b95f20acc2d1f8c12206f09a08ae4237149ce43be167c5ea95254905607000000fd512be11486b137ba4486569c6f7e295dc705"}, 0xd8) setsockopt$inet_tcp_int(r0, 0x6, 0x22, &(0x7f0000000000)=0x1, 0x4) sendmsg$inet(r0, &(0x7f00000000c0)={&(0x7f0000000040)={0x2, 0x0, @empty}, 0x10, &(0x7f0000001480)=[{&(0x7f0000000080)="01", 0x1}], 0x1}, 0x20000040) 14:06:27 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmmsg(r0, &(0x7f00000025c0)=[{{0x0, 0x0, &(0x7f00000005c0)=[{&(0x7f0000000300)="fb", 0x1}], 0x1}}, {{&(0x7f0000000a80)=@l2tp6={0xa, 0x0, 0x0, @remote}, 0xb, &(0x7f00000010c0)=[{&(0x7f0000000b00)='a', 0x1}], 0x1}}], 0x2, 0x0) 14:06:27 executing program 1: r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) setresuid(0x0, 0x0, 0x0) readv(r0, &(0x7f0000000540)=[{&(0x7f0000000000)=""/87, 0x57}], 0x1) 14:06:27 executing program 0: clock_adjtime(0x0, &(0x7f0000000000)={0x2edf, 0x0, 0x0, 0x0, 0x0, 0xb}) 14:06:27 executing program 5: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_TCP_MD5SIG(r0, 0x6, 0xe, &(0x7f0000000280)={@in={{0x2, 0x0, @loopback}}, 0x0, 0x0, 0x16, 0x0, "6b51e774d3e10adccd8b3e4258f17f6eec3206b65278061ff13b242f8b95f20acc2d1f8c12206f09a08ae4237149ce43be167c5ea95254905607000000fd512be11486b137ba4486569c6f7e295dc705"}, 0xd8) setsockopt$inet_tcp_int(r0, 0x6, 0x22, &(0x7f0000000000)=0x1, 0x4) sendmsg$inet(r0, &(0x7f00000000c0)={&(0x7f0000000040)={0x2, 0x0, @empty}, 0x10, &(0x7f0000001480)=[{&(0x7f0000000080)="01", 0x1}], 0x1}, 0x20000040) 14:06:27 executing program 6: r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000140), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000000100)=0x0, &(0x7f0000000080)=0x0) r3 = socket$inet_udp(0x2, 0x2, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r3, 0x8001, &(0x7f00000008c0)=[{0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}], 0x9}, 0x0) io_uring_enter(r0, 0x100001, 0x0, 0x0, 0x0, 0x0) 14:06:27 executing program 3: r0 = syz_io_uring_setup(0xb9b, &(0x7f0000000440), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f00000004c0), &(0x7f0000000500)) io_uring_register$IORING_REGISTER_FILES_UPDATE(r0, 0x14, &(0x7f0000000580)={0xc00c, 0x0, &(0x7f0000000300)=[0xffffffffffffffff]}, 0x1) 14:06:27 executing program 4: r0 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f00000002c0)={0xa, 0x4e20, 0x0, @empty}, 0x1c) setsockopt$inet6_int(r0, 0x29, 0x3c, &(0x7f00000030c0)=0x5, 0x4) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) sendmmsg(r0, &(0x7f0000002f80)=[{{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f00000000c0)="e9", 0x1}], 0x1}}], 0x1, 0x0) 14:06:27 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmmsg(r0, &(0x7f00000025c0)=[{{0x0, 0x0, &(0x7f00000005c0)=[{&(0x7f0000000300)="fb", 0x1}], 0x1}}, {{&(0x7f0000000a80)=@l2tp6={0xa, 0x0, 0x0, @remote}, 0xb, &(0x7f00000010c0)=[{&(0x7f0000000b00)='a', 0x1}], 0x1}}], 0x2, 0x0) 14:06:27 executing program 7: openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) r0 = fsopen(&(0x7f0000000000)='ramfs\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0) r1 = fsmount(r0, 0x0, 0x0) symlinkat(&(0x7f0000000000)='.\x00', r1, &(0x7f00000001c0)='./file0\x00') renameat(r1, &(0x7f0000000140)='./file0/file0\x00', r1, &(0x7f0000000180)='./file1\x00') fspick(r1, &(0x7f0000000040)='./file1\x00', 0x0) perf_event_open(&(0x7f0000000140)={0x6, 0x80, 0xff, 0x7f, 0x8, 0x8, 0x0, 0x5, 0x0, 0x8, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xffffff80, 0x4, @perf_bp={&(0x7f0000000040), 0xa}, 0x1200, 0x81, 0x20, 0x1, 0x9, 0xf5, 0x7, 0x0, 0x8}, 0x0, 0x6, r1, 0x9) r2 = open(&(0x7f0000000000)='./file0\x00', 0x535081, 0x0) r3 = inotify_init1(0x0) dup2(r3, r2) 14:06:27 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmmsg(r0, &(0x7f00000025c0)=[{{0x0, 0x0, &(0x7f00000005c0)=[{&(0x7f0000000300)="fb", 0x1}], 0x1}}, {{&(0x7f0000000a80)=@l2tp6={0xa, 0x0, 0x0, @remote}, 0xb, &(0x7f00000010c0)=[{&(0x7f0000000b00)='a', 0x1}], 0x1}}], 0x2, 0x0) 14:06:27 executing program 1: openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) r0 = fsopen(&(0x7f0000000000)='ramfs\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0) r1 = fsmount(r0, 0x0, 0x0) symlinkat(&(0x7f0000000000)='.\x00', r1, &(0x7f00000001c0)='./file0\x00') renameat(r1, &(0x7f0000000140)='./file0/file0\x00', r1, &(0x7f0000000180)='./file1\x00') fspick(r1, &(0x7f0000000040)='./file1\x00', 0x0) perf_event_open(&(0x7f0000000140)={0x6, 0x80, 0xff, 0x7f, 0x8, 0x8, 0x0, 0x5, 0x0, 0x8, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xffffff80, 0x4, @perf_bp={&(0x7f0000000040), 0xa}, 0x1200, 0x81, 0x20, 0x1, 0x9, 0xf5, 0x7, 0x0, 0x8}, 0x0, 0x6, r1, 0x9) r2 = open(&(0x7f0000000000)='./file0\x00', 0x535081, 0x0) r3 = inotify_init1(0x0) dup2(r3, r2) 14:06:28 executing program 5: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_TCP_MD5SIG(r0, 0x6, 0xe, &(0x7f0000000280)={@in={{0x2, 0x0, @loopback}}, 0x0, 0x0, 0x16, 0x0, "6b51e774d3e10adccd8b3e4258f17f6eec3206b65278061ff13b242f8b95f20acc2d1f8c12206f09a08ae4237149ce43be167c5ea95254905607000000fd512be11486b137ba4486569c6f7e295dc705"}, 0xd8) setsockopt$inet_tcp_int(r0, 0x6, 0x22, &(0x7f0000000000)=0x1, 0x4) sendmsg$inet(r0, &(0x7f00000000c0)={&(0x7f0000000040)={0x2, 0x0, @empty}, 0x10, &(0x7f0000001480)=[{&(0x7f0000000080)="01", 0x1}], 0x1}, 0x20000040) 14:06:28 executing program 3: r0 = syz_io_uring_setup(0xb9b, &(0x7f0000000440), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f00000004c0), &(0x7f0000000500)) io_uring_register$IORING_REGISTER_FILES_UPDATE(r0, 0x14, &(0x7f0000000580)={0xc00c, 0x0, &(0x7f0000000300)=[0xffffffffffffffff]}, 0x1) 14:06:28 executing program 0: clock_adjtime(0x0, &(0x7f0000000000)={0x2edf, 0x0, 0x0, 0x0, 0x0, 0xb}) 14:06:28 executing program 4: r0 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f00000002c0)={0xa, 0x4e20, 0x0, @empty}, 0x1c) setsockopt$inet6_int(r0, 0x29, 0x3c, &(0x7f00000030c0)=0x5, 0x4) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) sendmmsg(r0, &(0x7f0000002f80)=[{{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f00000000c0)="e9", 0x1}], 0x1}}], 0x1, 0x0) 14:06:28 executing program 6: r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000140), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000000100)=0x0, &(0x7f0000000080)=0x0) r3 = socket$inet_udp(0x2, 0x2, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r3, 0x8001, &(0x7f00000008c0)=[{0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}], 0x9}, 0x0) io_uring_enter(r0, 0x100001, 0x0, 0x0, 0x0, 0x0) 14:06:28 executing program 2: openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) r0 = fsopen(&(0x7f0000000000)='ramfs\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0) r1 = fsmount(r0, 0x0, 0x0) symlinkat(&(0x7f0000000000)='.\x00', r1, &(0x7f00000001c0)='./file0\x00') renameat(r1, &(0x7f0000000140)='./file0/file0\x00', r1, &(0x7f0000000180)='./file1\x00') fspick(r1, &(0x7f0000000040)='./file1\x00', 0x0) perf_event_open(&(0x7f0000000140)={0x6, 0x80, 0xff, 0x7f, 0x8, 0x8, 0x0, 0x5, 0x0, 0x8, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xffffff80, 0x4, @perf_bp={&(0x7f0000000040), 0xa}, 0x1200, 0x81, 0x20, 0x1, 0x9, 0xf5, 0x7, 0x0, 0x8}, 0x0, 0x6, r1, 0x9) r2 = open(&(0x7f0000000000)='./file0\x00', 0x535081, 0x0) r3 = inotify_init1(0x0) dup2(r3, r2) 14:06:28 executing program 1: openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f VM DIAGNOSIS: 14:06:22 Registers: info registers vcpu 0 RAX=0000000000000064 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff822b24f1 RDI=ffffffff87641b60 RBP=ffffffff87641b20 RSP=ffff88801efaf698 R8 =0000000000000001 R9 =000000000000000a R10=0000000000000064 R11=0000000000000001 R12=0000000000000064 R13=ffffffff87641b20 R14=0000000000000010 R15=ffffffff822b24e0 RIP=ffffffff822b2549 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 00007f9955053700 00000000 00000000 GS =0000 ffff88806ce00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007f50a1833228 CR3=000000000eeb6000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 YMM00=0000000000000000 0000000000000000 00ff000000000000 0000000000ff0000 YMM01=0000000000000000 0000000000000000 ff00ffffffffffff ffffffffff0000ff YMM02=0000000000000000 0000000000000000 00666e6f63737973 00657a696c616e69 YMM03=0000000000000000 0000000000000000 0000000000000000 0000000000616e69 YMM04=0000000000000000 0000000000000000 68637300666e6f63 73797300657a696c YMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 RAX=fffff9400017e801 RBX=800000002fd00007 RCX=ffffffff816a3c3a RDX=fffff9400017e801 RSI=0000000000000008 RDI=ffffea0000bf4000 RBP=fffff9400017e800 RSP=ffff88801b0f7728 R8 =0000000000000000 R9 =ffffea0000bf4007 R10=fffff9400017e800 R11=0000000000000001 R12=0000000000000010 R13=dffffc0000000000 R14=ffffea0000bf4000 R15=ffffea0000bf4000 RIP=ffffffff81787ef4 RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 000055555653a400 00000000 00000000 GS =0000 ffff88806cf00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007f034e9dec48 CR3=0000000031664000 CR4=00350ee0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 YMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM01=0000000000000000 0000000000000000 2e6f747079726362 696c2f756e672d78 YMM02=0000000000000000 0000000000000000 00312e312e6f732e 6f74707972636269 YMM03=0000000000000000 0000000000000000 6c2f756e672d7875 6e696c2d34365f36 YMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000