Warning: Permanently added '[localhost]:19668' (ECDSA) to the list of known hosts.
2022/09/15 11:50:59 fuzzer started
2022/09/15 11:50:59 dialing manager at localhost:36559
syzkaller login: [ 44.342722] cgroup: Unknown subsys name 'net'
[ 44.447030] cgroup: Unknown subsys name 'rlimit'
2022/09/15 11:51:12 syscalls: 2215
2022/09/15 11:51:12 code coverage: enabled
2022/09/15 11:51:12 comparison tracing: enabled
2022/09/15 11:51:12 extra coverage: enabled
2022/09/15 11:51:12 setuid sandbox: enabled
2022/09/15 11:51:12 namespace sandbox: enabled
2022/09/15 11:51:12 Android sandbox: enabled
2022/09/15 11:51:12 fault injection: enabled
2022/09/15 11:51:12 leak checking: enabled
2022/09/15 11:51:12 net packet injection: enabled
2022/09/15 11:51:12 net device setup: enabled
2022/09/15 11:51:12 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist
2022/09/15 11:51:12 devlink PCI setup: PCI device 0000:00:10.0 is not available
2022/09/15 11:51:12 USB emulation: enabled
2022/09/15 11:51:12 hci packet injection: enabled
2022/09/15 11:51:12 wifi device emulation: failed to parse kernel version (6.0.0-rc5-next-20220915������������������������������������������)
2022/09/15 11:51:12 802.15.4 emulation: enabled
2022/09/15 11:51:12 fetching corpus: 0, signal 0/2000 (executing program)
2022/09/15 11:51:12 fetching corpus: 42, signal 23690/27116 (executing program)
2022/09/15 11:51:12 fetching corpus: 92, signal 43619/48042 (executing program)
2022/09/15 11:51:12 fetching corpus: 141, signal 53800/59239 (executing program)
2022/09/15 11:51:12 fetching corpus: 191, signal 61697/68104 (executing program)
2022/09/15 11:51:13 fetching corpus: 239, signal 69380/76549 (executing program)
2022/09/15 11:51:13 fetching corpus: 289, signal 74695/82659 (executing program)
2022/09/15 11:51:13 fetching corpus: 339, signal 77981/86731 (executing program)
2022/09/15 11:51:13 fetching corpus: 389, signal 81876/91317 (executing program)
2022/09/15 11:51:13 fetching corpus: 439, signal 87278/97067 (executing program)
2022/09/15 11:51:13 fetching corpus: 488, signal 89670/100073 (executing program)
2022/09/15 11:51:13 fetching corpus: 536, signal 92514/103459 (executing program)
2022/09/15 11:51:14 fetching corpus: 586, signal 97072/108348 (executing program)
2022/09/15 11:51:14 fetching corpus: 636, signal 99841/111572 (executing program)
2022/09/15 11:51:14 fetching corpus: 686, signal 103511/115431 (executing program)
2022/09/15 11:51:14 fetching corpus: 736, signal 105344/117689 (executing program)
2022/09/15 11:51:14 fetching corpus: 786, signal 109266/121629 (executing program)
2022/09/15 11:51:14 fetching corpus: 836, signal 111948/124601 (executing program)
2022/09/15 11:51:15 fetching corpus: 886, signal 115352/128053 (executing program)
2022/09/15 11:51:15 fetching corpus: 936, signal 117370/130311 (executing program)
2022/09/15 11:51:15 fetching corpus: 986, signal 119977/132876 (executing program)
2022/09/15 11:51:15 fetching corpus: 1036, signal 122292/135241 (executing program)
2022/09/15 11:51:15 fetching corpus: 1086, signal 126109/138639 (executing program)
2022/09/15 11:51:15 fetching corpus: 1136, signal 127311/140058 (executing program)
2022/09/15 11:51:16 fetching corpus: 1186, signal 129033/141909 (executing program)
2022/09/15 11:51:16 fetching corpus: 1236, signal 130466/143457 (executing program)
2022/09/15 11:51:16 fetching corpus: 1286, signal 131954/144974 (executing program)
2022/09/15 11:51:16 fetching corpus: 1336, signal 134012/146878 (executing program)
2022/09/15 11:51:16 fetching corpus: 1384, signal 135510/148306 (executing program)
2022/09/15 11:51:16 fetching corpus: 1434, signal 138328/150597 (executing program)
2022/09/15 11:51:16 fetching corpus: 1484, signal 140024/152177 (executing program)
2022/09/15 11:51:17 fetching corpus: 1534, signal 141554/153571 (executing program)
2022/09/15 11:51:17 fetching corpus: 1584, signal 142576/154598 (executing program)
2022/09/15 11:51:17 fetching corpus: 1634, signal 143438/155583 (executing program)
2022/09/15 11:51:17 fetching corpus: 1684, signal 145798/157274 (executing program)
2022/09/15 11:51:17 fetching corpus: 1733, signal 147450/158561 (executing program)
2022/09/15 11:51:17 fetching corpus: 1783, signal 149182/159811 (executing program)
2022/09/15 11:51:17 fetching corpus: 1833, signal 150380/160769 (executing program)
2022/09/15 11:51:18 fetching corpus: 1883, signal 151309/161550 (executing program)
2022/09/15 11:51:18 fetching corpus: 1933, signal 152812/162613 (executing program)
2022/09/15 11:51:18 fetching corpus: 1983, signal 153672/163384 (executing program)
2022/09/15 11:51:18 fetching corpus: 2033, signal 154727/164107 (executing program)
2022/09/15 11:51:18 fetching corpus: 2083, signal 155364/164688 (executing program)
2022/09/15 11:51:18 fetching corpus: 2133, signal 156768/165581 (executing program)
2022/09/15 11:51:18 fetching corpus: 2183, signal 157551/166187 (executing program)
2022/09/15 11:51:18 fetching corpus: 2233, signal 158828/166960 (executing program)
2022/09/15 11:51:18 fetching corpus: 2283, signal 160233/167725 (executing program)
2022/09/15 11:51:19 fetching corpus: 2333, signal 161581/168470 (executing program)
2022/09/15 11:51:19 fetching corpus: 2383, signal 162410/168977 (executing program)
2022/09/15 11:51:19 fetching corpus: 2433, signal 163260/169438 (executing program)
2022/09/15 11:51:19 fetching corpus: 2483, signal 164341/169971 (executing program)
2022/09/15 11:51:19 fetching corpus: 2533, signal 165130/170413 (executing program)
2022/09/15 11:51:19 fetching corpus: 2583, signal 165909/170828 (executing program)
2022/09/15 11:51:19 fetching corpus: 2633, signal 166922/171308 (executing program)
2022/09/15 11:51:20 fetching corpus: 2649, signal 167907/171763 (executing program)
2022/09/15 11:51:20 fetching corpus: 2649, signal 167907/171828 (executing program)
2022/09/15 11:51:20 fetching corpus: 2649, signal 167907/171894 (executing program)
2022/09/15 11:51:20 fetching corpus: 2649, signal 167907/171974 (executing program)
2022/09/15 11:51:20 fetching corpus: 2649, signal 167907/172034 (executing program)
2022/09/15 11:51:20 fetching corpus: 2649, signal 167907/172096 (executing program)
2022/09/15 11:51:20 fetching corpus: 2649, signal 167907/172158 (executing program)
2022/09/15 11:51:20 fetching corpus: 2649, signal 167907/172231 (executing program)
2022/09/15 11:51:20 fetching corpus: 2649, signal 167907/172311 (executing program)
2022/09/15 11:51:20 fetching corpus: 2649, signal 167907/172378 (executing program)
2022/09/15 11:51:20 fetching corpus: 2649, signal 167907/172452 (executing program)
2022/09/15 11:51:20 fetching corpus: 2649, signal 167907/172514 (executing program)
2022/09/15 11:51:20 fetching corpus: 2649, signal 167907/172583 (executing program)
2022/09/15 11:51:20 fetching corpus: 2649, signal 167907/172659 (executing program)
2022/09/15 11:51:20 fetching corpus: 2649, signal 167907/172727 (executing program)
2022/09/15 11:51:20 fetching corpus: 2649, signal 167907/172806 (executing program)
2022/09/15 11:51:20 fetching corpus: 2649, signal 167907/172883 (executing program)
2022/09/15 11:51:20 fetching corpus: 2649, signal 167907/172955 (executing program)
2022/09/15 11:51:20 fetching corpus: 2649, signal 167907/173036 (executing program)
2022/09/15 11:51:20 fetching corpus: 2649, signal 167907/173110 (executing program)
2022/09/15 11:51:20 fetching corpus: 2649, signal 167907/173176 (executing program)
2022/09/15 11:51:20 fetching corpus: 2649, signal 167907/173257 (executing program)
2022/09/15 11:51:20 fetching corpus: 2649, signal 167907/173321 (executing program)
2022/09/15 11:51:20 fetching corpus: 2649, signal 167907/173390 (executing program)
2022/09/15 11:51:20 fetching corpus: 2649, signal 167907/173456 (executing program)
2022/09/15 11:51:20 fetching corpus: 2649, signal 167907/173545 (executing program)
2022/09/15 11:51:20 fetching corpus: 2649, signal 167907/173633 (executing program)
2022/09/15 11:51:20 fetching corpus: 2649, signal 167907/173719 (executing program)
2022/09/15 11:51:20 fetching corpus: 2649, signal 167907/173787 (executing program)
2022/09/15 11:51:20 fetching corpus: 2649, signal 167907/173788 (executing program)
2022/09/15 11:51:20 fetching corpus: 2649, signal 167907/173788 (executing program)
2022/09/15 11:51:23 starting 8 fuzzer processes
11:51:23 executing program 0:
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r0, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000007f00)={0x1c, 0x1a, 0x1, 0x0, 0x0, "", [@generic="026b02db13cfb35673"]}, 0x1c}], 0x1}, 0x0)
11:51:23 executing program 1:
r0 = timerfd_create(0x0, 0x0)
timerfd_gettime(r0, &(0x7f0000000000))
11:51:23 executing program 3:
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f00000000c0)='net/mcfilter6\x00')
preadv(r0, &(0x7f0000001140)=[{&(0x7f0000000140)=""/4096, 0x1000}], 0x1, 0x0, 0x0)
11:51:23 executing program 2:
io_destroy(0x0)
11:51:23 executing program 7:
syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x882400, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='proc\x00', 0x0, 0x0)
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = dup(r0)
bind$bt_hci(r1, &(0x7f0000000080)={0x1f, 0xffffffffffffffff, 0x3}, 0x6)
write$bt_hci(r1, &(0x7f0000000280)=ANY=[@ANYBLOB="1502b30a05aece6188827c76b9cd0d82f8863958367d8e76c4976d810f3b8e21d2181806360044b1797fb4365443"], 0x6)
mount_setattr(r1, &(0x7f0000000200)='./file0\x00', 0x100, &(0x7f0000000240)={0x4, 0xf0, 0xa0000}, 0x20)
chroot(&(0x7f0000000040)='./file0\x00')
umount2(&(0x7f0000000800)='./file0\x00', 0x5)
getuid()
syz_mount_image$vfat(&(0x7f0000000300), &(0x7f0000000340)='./file0\x00', 0x7, 0x2, &(0x7f0000000640)=[{&(0x7f00000004c0)="5950f02bb1ffe000cb3efa5db2449b557924455eec8987df15d6b597fb3ce29680dc1bd54ea53af8e8f3e5920efa598c81755edbfe100c31bd1828761d66453534940a957ba9b40def5b7556f85c9b74257b13bc04f48dfea9868bde2d74bdf5338caaa6fa2cde076458feefc32177486454010fb1e44b92aee44d7f2e001d201164af758f2d025baf1b4f8f41a5810b6681bc1bdc002b3a561a643c6cf1f66ac3ca6c22c829d0671cfdd08c8e46cc625b9dc3219c7cffa8b5b71e8d4f5f1dbcfcc637b761c826a7fb40bd", 0xcb, 0x7}, {&(0x7f00000005c0)="2edbce8b40c4128924a248f506e5605936664af6d15587f7fd3afd09652abc7a2d9fa49bb3bc2f072fe24d542c5d8ff72df342c2492efa608c8353fc0b83b4787c58eef498ec4a8a428fd21e3caccc29d9a57278a15b4e36a0b7a5210b998e9df3710ad8acf68d1567a443228c4c97c1146d8b847d076be97482", 0x7a, 0x3f}], 0x4b4aef126d1b3dc4, 0x0)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/kexec_crash_size', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x80, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
umount2(&(0x7f0000000140)='./file0\x00', 0x0)
r2 = openat$nvram(0xffffffffffffff9c, &(0x7f00000002c0), 0x1000, 0x0)
fspick(r2, &(0x7f0000000380)='./file0/file0\x00', 0x1)
11:51:23 executing program 4:
ioperm(0x0, 0x31, 0x2)
syz_open_procfs(0x0, &(0x7f0000000040)='net/ip_mr_vif\x00')
11:51:23 executing program 5:
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_EXP_DELETE(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000100)={0x20, 0x2, 0x2, 0x101, 0x0, 0x0, {}, [@CTA_EXPECT_TUPLE={0x4}, @CTA_EXPECT_ZONE={0x6}]}, 0x20}}, 0x0)
11:51:23 executing program 6:
capset(&(0x7f0000000040)={0x20080522}, &(0x7f0000000580))
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TCGETA(r0, 0x5606, 0x0)
[ 67.730098] audit: type=1400 audit(1663242683.234:6): avc: denied { execmem } for pid=286 comm="syz-executor.1" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1
[ 69.088068] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 69.091435] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[ 69.093110] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[ 69.097873] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 69.099576] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[ 69.101054] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[ 69.111837] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[ 69.114027] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 69.115917] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[ 69.120061] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[ 69.122111] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 69.126228] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[ 69.127296] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[ 69.136315] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[ 69.137763] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[ 69.138857] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[ 69.139849] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 69.145521] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[ 69.146818] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[ 69.148066] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1
[ 69.153921] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[ 69.154940] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[ 69.155931] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9
[ 69.157303] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[ 69.158281] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9
[ 69.159700] Bluetooth: hci1: HCI_REQ-0x0c1a
[ 69.161247] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[ 69.164008] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[ 69.168260] Bluetooth: hci0: HCI_REQ-0x0c1a
[ 69.170287] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[ 69.173212] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[ 69.180124] Bluetooth: hci2: HCI_REQ-0x0c1a
[ 69.180299] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[ 69.187025] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4
[ 69.188740] Bluetooth: hci3: HCI_REQ-0x0c1a
[ 69.209793] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[ 69.214880] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3
[ 69.217801] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3
[ 69.219065] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2
[ 69.220645] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[ 69.226223] Bluetooth: hci7: HCI_REQ-0x0c1a
[ 69.226392] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[ 69.230288] Bluetooth: hci6: HCI_REQ-0x0c1a
[ 69.260656] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[ 69.264719] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[ 69.270774] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[ 69.273579] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3
[ 69.275332] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[ 69.281302] Bluetooth: hci5: HCI_REQ-0x0c1a
[ 71.150868] Bluetooth: hci4: Opcode 0x c03 failed: -110
[ 71.215379] Bluetooth: hci0: command 0x0409 tx timeout
[ 71.215547] Bluetooth: hci3: command 0x0409 tx timeout
[ 71.216831] Bluetooth: hci2: command 0x0409 tx timeout
[ 71.216962] Bluetooth: hci1: command 0x0409 tx timeout
[ 71.278880] Bluetooth: hci6: command 0x0409 tx timeout
[ 71.279916] Bluetooth: hci7: command 0x0409 tx timeout
[ 71.343600] Bluetooth: hci5: command 0x0409 tx timeout
[ 73.262564] Bluetooth: hci1: command 0x041b tx timeout
[ 73.263351] Bluetooth: hci2: command 0x041b tx timeout
[ 73.263857] Bluetooth: hci3: command 0x041b tx timeout
[ 73.264295] Bluetooth: hci0: command 0x041b tx timeout
[ 73.326550] Bluetooth: hci7: command 0x041b tx timeout
[ 73.327021] Bluetooth: hci6: command 0x041b tx timeout
[ 73.390535] Bluetooth: hci5: command 0x041b tx timeout
[ 74.186932] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[ 74.207604] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[ 74.208584] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[ 74.211804] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[ 74.212995] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[ 74.213919] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[ 74.227202] Bluetooth: hci4: HCI_REQ-0x0c1a
[ 75.310646] Bluetooth: hci0: command 0x040f tx timeout
[ 75.312097] Bluetooth: hci3: command 0x040f tx timeout
[ 75.313229] Bluetooth: hci2: command 0x040f tx timeout
[ 75.314851] Bluetooth: hci1: command 0x040f tx timeout
[ 75.374561] Bluetooth: hci6: command 0x040f tx timeout
[ 75.375370] Bluetooth: hci7: command 0x040f tx timeout
[ 75.438600] Bluetooth: hci5: command 0x040f tx timeout
[ 76.270713] Bluetooth: hci4: command 0x0409 tx timeout
[ 77.358564] Bluetooth: hci1: command 0x0419 tx timeout
[ 77.359024] Bluetooth: hci2: command 0x0419 tx timeout
[ 77.359423] Bluetooth: hci3: command 0x0419 tx timeout
[ 77.359855] Bluetooth: hci0: command 0x0419 tx timeout
[ 77.422527] Bluetooth: hci7: command 0x0419 tx timeout
[ 77.422950] Bluetooth: hci6: command 0x0419 tx timeout
[ 77.486526] Bluetooth: hci5: command 0x0419 tx timeout
[ 78.318532] Bluetooth: hci4: command 0x041b tx timeout
[ 80.366666] Bluetooth: hci4: command 0x040f tx timeout
[ 82.414655] Bluetooth: hci4: command 0x0419 tx timeout
11:52:19 executing program 5:
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_EXP_DELETE(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000100)={0x20, 0x2, 0x2, 0x101, 0x0, 0x0, {}, [@CTA_EXPECT_TUPLE={0x4}, @CTA_EXPECT_ZONE={0x6}]}, 0x20}}, 0x0)
11:52:19 executing program 5:
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_EXP_DELETE(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000100)={0x20, 0x2, 0x2, 0x101, 0x0, 0x0, {}, [@CTA_EXPECT_TUPLE={0x4}, @CTA_EXPECT_ZONE={0x6}]}, 0x20}}, 0x0)
11:52:19 executing program 5:
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_EXP_DELETE(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000100)={0x20, 0x2, 0x2, 0x101, 0x0, 0x0, {}, [@CTA_EXPECT_TUPLE={0x4}, @CTA_EXPECT_ZONE={0x6}]}, 0x20}}, 0x0)
11:52:20 executing program 5:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
pwritev(r1, &(0x7f0000000080)=[{&(0x7f0000000140)='\x00', 0x1a}], 0x1, 0x7fffffc, 0x0)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext={0xfffffffffffffffe}, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendfile(r0, r0, 0x0, 0x100000)
r2 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000180), 0x2000, 0x0)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), r2)
fcntl$dupfd(0xffffffffffffffff, 0x406, 0xffffffffffffffff)
setsockopt$inet6_IPV6_PKTINFO(0xffffffffffffffff, 0x29, 0x1b, &(0x7f0000000000)={@dev}, 0x14)
getsockname$packet(r2, &(0x7f00000001c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000200)=0x14)
ioctl$sock_ipv6_tunnel_SIOCCHG6RD(r1, 0x89fb, &(0x7f0000000240)={'ip6gre0\x00', &(0x7f0000000300)={'syztnl2\x00', 0x0, 0x4, 0xfe, 0x40, 0x5, 0x32, @ipv4={'\x00', '\xff\xff', @local}, @initdev={0xfe, 0x88, '\x00', 0x2, 0x0}, 0x7, 0x7800, 0x10001}})
socket$inet6_udp(0xa, 0x2, 0x0)
socket$nl_audit(0x10, 0x3, 0x9)
setsockopt$inet6_IPV6_PKTINFO(0xffffffffffffffff, 0x29, 0x1b, &(0x7f0000000000)={@dev={0xfe, 0x80, '\x00', 0xfd}}, 0x14)
r3 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x2080000001}, 0x0, 0x7ff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000400)={0x3, 0x80, 0x6, 0x5, 0x1, 0x3f, 0x0, 0x3ff, 0x50000, 0x4, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x2, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x3b, 0x1, @perf_config_ext={0x1, 0x7fff}, 0xa8, 0x1, 0x20, 0x0, 0x0, 0x7fffffff, 0x9, 0x0, 0x4, 0x0, 0xdeb}, 0x0, 0x3, r3, 0x3)
[ 124.643053] audit: type=1400 audit(1663242740.148:7): avc: denied { open } for pid=3823 comm="syz-executor.5" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1
[ 124.647146] audit: type=1400 audit(1663242740.148:8): avc: denied { kernel } for pid=3823 comm="syz-executor.5" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1
[ 124.676322] ------------[ cut here ]------------
[ 124.676361]
[ 124.676367] ======================================================
[ 124.676373] WARNING: possible circular locking dependency detected
[ 124.676380] 6.0.0-rc5-next-20220915 #1 Not tainted
[ 124.676391] ------------------------------------------------------
[ 124.676397] syz-executor.5/3824 is trying to acquire lock:
[ 124.676409] ffffffff853fa878 ((console_sem).lock){....}-{2:2}, at: down_trylock+0xe/0x70
[ 124.676472]
[ 124.676472] but task is already holding lock:
[ 124.676482] ffff88803d144820 (&ctx->lock){....}-{2:2}, at: __perf_event_task_sched_out+0x53b/0x18d0
[ 124.676531]
[ 124.676531] which lock already depends on the new lock.
[ 124.676531]
[ 124.676536]
[ 124.676536] the existing dependency chain (in reverse order) is:
[ 124.676542]
[ 124.676542] -> #3 (&ctx->lock){....}-{2:2}:
[ 124.676567] _raw_spin_lock+0x2a/0x40
[ 124.676598] __perf_event_task_sched_out+0x53b/0x18d0
[ 124.676621] __schedule+0xedd/0x2470
[ 124.676640] schedule+0xda/0x1b0
[ 124.676658] futex_wait_queue+0xf5/0x1e0
[ 124.676678] futex_wait+0x28e/0x690
[ 124.676696] do_futex+0x2ff/0x380
[ 124.676713] __x64_sys_futex+0x1c6/0x4d0
[ 124.676731] do_syscall_64+0x3b/0x90
[ 124.676757] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 124.676789]
[ 124.676789] -> #2 (&rq->__lock){-.-.}-{2:2}:
[ 124.676815] _raw_spin_lock_nested+0x30/0x40
[ 124.676843] raw_spin_rq_lock_nested+0x1e/0x30
[ 124.676866] task_fork_fair+0x63/0x4d0
[ 124.676897] sched_cgroup_fork+0x3d0/0x540
[ 124.676928] copy_process+0x4183/0x6e20
[ 124.676946] kernel_clone+0xe7/0x890
[ 124.676963] user_mode_thread+0xad/0xf0
[ 124.676982] rest_init+0x24/0x250
[ 124.677013] arch_call_rest_init+0xf/0x14
[ 124.677034] start_kernel+0x4c1/0x4e6
[ 124.677052] secondary_startup_64_no_verify+0xe0/0xeb
[ 124.677078]
[ 124.677078] -> #1 (&p->pi_lock){-.-.}-{2:2}:
[ 124.677103] _raw_spin_lock_irqsave+0x39/0x60
[ 124.677132] try_to_wake_up+0xab/0x1920
[ 124.677156] up+0x75/0xb0
[ 124.677177] __up_console_sem+0x6e/0x80
[ 124.677206] console_unlock+0x46a/0x590
[ 124.677236] do_con_write+0xc05/0x1d50
[ 124.677257] con_write+0x21/0x40
[ 124.677275] n_tty_write+0x4d4/0xfe0
[ 124.677298] file_tty_write.constprop.0+0x49c/0x8f0
[ 124.677321] vfs_write+0x9c3/0xd90
[ 124.677354] ksys_write+0x127/0x250
[ 124.677386] do_syscall_64+0x3b/0x90
[ 124.677412] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 124.677444]
[ 124.677444] -> #0 ((console_sem).lock){....}-{2:2}:
[ 124.677470] __lock_acquire+0x2a02/0x5e70
[ 124.677500] lock_acquire+0x1a2/0x530
[ 124.677530] _raw_spin_lock_irqsave+0x39/0x60
[ 124.677559] down_trylock+0xe/0x70
[ 124.677582] __down_trylock_console_sem+0x3b/0xd0
[ 124.677613] vprintk_emit+0x16b/0x560
[ 124.677644] vprintk+0x84/0xa0
[ 124.677674] _printk+0xba/0xf1
[ 124.677707] report_bug.cold+0x72/0xab
[ 124.677731] handle_bug+0x3c/0x70
[ 124.677755] exc_invalid_op+0x14/0x50
[ 124.677781] asm_exc_invalid_op+0x16/0x20
[ 124.677812] group_sched_out.part.0+0x2c7/0x460
[ 124.677832] ctx_sched_out+0x8f1/0xc10
[ 124.677849] __perf_event_task_sched_out+0x6d0/0x18d0
[ 124.677872] __schedule+0xedd/0x2470
[ 124.677891] schedule+0xda/0x1b0
[ 124.677909] futex_wait_queue+0xf5/0x1e0
[ 124.677928] futex_wait+0x28e/0x690
[ 124.677946] do_futex+0x2ff/0x380
[ 124.677963] __x64_sys_futex+0x1c6/0x4d0
[ 124.677981] do_syscall_64+0x3b/0x90
[ 124.678006] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 124.678038]
[ 124.678038] other info that might help us debug this:
[ 124.678038]
[ 124.678043] Chain exists of:
[ 124.678043] (console_sem).lock --> &rq->__lock --> &ctx->lock
[ 124.678043]
[ 124.678071] Possible unsafe locking scenario:
[ 124.678071]
[ 124.678075] CPU0 CPU1
[ 124.678079] ---- ----
[ 124.678083] lock(&ctx->lock);
[ 124.678093] lock(&rq->__lock);
[ 124.678104] lock(&ctx->lock);
[ 124.678116] lock((console_sem).lock);
[ 124.678126]
[ 124.678126] *** DEADLOCK ***
[ 124.678126]
[ 124.678130] 2 locks held by syz-executor.5/3824:
[ 124.678142] #0: ffff88806ce37cd8 (&rq->__lock){-.-.}-{2:2}, at: __schedule+0x1cf/0x2470
[ 124.678191] #1: ffff88803d144820 (&ctx->lock){....}-{2:2}, at: __perf_event_task_sched_out+0x53b/0x18d0
[ 124.678242]
[ 124.678242] stack backtrace:
[ 124.678246] CPU: 0 PID: 3824 Comm: syz-executor.5 Not tainted 6.0.0-rc5-next-20220915 #1
[ 124.678269] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[ 124.678283] Call Trace:
[ 124.678289]
[ 124.678297] dump_stack_lvl+0x8b/0xb3
[ 124.678325] check_noncircular+0x263/0x2e0
[ 124.678356] ? format_decode+0x26c/0xb50
[ 124.678384] ? print_circular_bug+0x450/0x450
[ 124.678416] ? enable_ptr_key_workfn+0x20/0x20
[ 124.678445] ? format_decode+0x26c/0xb50
[ 124.678475] ? alloc_chain_hlocks+0x1ec/0x5a0
[ 124.678508] __lock_acquire+0x2a02/0x5e70
[ 124.678549] ? lockdep_hardirqs_on_prepare+0x410/0x410
[ 124.678591] lock_acquire+0x1a2/0x530
[ 124.678623] ? down_trylock+0xe/0x70
[ 124.678650] ? rcu_read_unlock+0x40/0x40
[ 124.678690] ? vprintk+0x84/0xa0
[ 124.678724] _raw_spin_lock_irqsave+0x39/0x60
[ 124.678754] ? down_trylock+0xe/0x70
[ 124.678788] down_trylock+0xe/0x70
[ 124.678813] ? vprintk+0x84/0xa0
[ 124.678846] __down_trylock_console_sem+0x3b/0xd0
[ 124.678878] vprintk_emit+0x16b/0x560
[ 124.678914] vprintk+0x84/0xa0
[ 124.678948] _printk+0xba/0xf1
[ 124.678982] ? record_print_text.cold+0x16/0x16
[ 124.679024] ? report_bug.cold+0x66/0xab
[ 124.679052] ? group_sched_out.part.0+0x2c7/0x460
[ 124.679073] report_bug.cold+0x72/0xab
[ 124.679102] handle_bug+0x3c/0x70
[ 124.679128] exc_invalid_op+0x14/0x50
[ 124.679156] asm_exc_invalid_op+0x16/0x20
[ 124.679190] RIP: 0010:group_sched_out.part.0+0x2c7/0x460
[ 124.679213] Code: 5e 41 5f e9 3b b7 ef ff e8 36 b7 ef ff 65 8b 1d ab 15 ac 7e 31 ff 89 de e8 d6 b3 ef ff 85 db 0f 84 8a 00 00 00 e8 19 b7 ef ff <0f> 0b e9 a5 fe ff ff e8 0d b7 ef ff 48 8d 7d 10 48 b8 00 00 00 00
[ 124.679234] RSP: 0018:ffff88803e67f8f8 EFLAGS: 00010006
[ 124.679251] RAX: 0000000040000002 RBX: 0000000000000000 RCX: 0000000000000000
[ 124.679265] RDX: ffff888018359ac0 RSI: ffffffff81566027 RDI: 0000000000000005
[ 124.679279] RBP: ffff888008660000 R08: 0000000000000005 R09: 0000000000000001
[ 124.679293] R10: 0000000000000000 R11: ffffffff865ac01b R12: ffff88803d144800
[ 124.679307] R13: ffff88806ce3d100 R14: ffffffff8547c660 R15: 0000000000000002
[ 124.679327] ? group_sched_out.part.0+0x2c7/0x460
[ 124.679351] ? group_sched_out.part.0+0x2c7/0x460
[ 124.679375] ctx_sched_out+0x8f1/0xc10
[ 124.679398] __perf_event_task_sched_out+0x6d0/0x18d0
[ 124.679427] ? lock_is_held_type+0xd7/0x130
[ 124.679462] ? __perf_cgroup_move+0x160/0x160
[ 124.679484] ? set_next_entity+0x304/0x550
[ 124.679522] ? lock_is_held_type+0xd7/0x130
[ 124.679557] __schedule+0xedd/0x2470
[ 124.679582] ? io_schedule_timeout+0x150/0x150
[ 124.679605] ? futex_wait_setup+0x166/0x230
[ 124.679631] schedule+0xda/0x1b0
[ 124.679652] futex_wait_queue+0xf5/0x1e0
[ 124.679675] futex_wait+0x28e/0x690
[ 124.679697] ? futex_wait_setup+0x230/0x230
[ 124.679722] ? wake_up_q+0x8b/0xf0
[ 124.679746] ? do_raw_spin_unlock+0x4f/0x220
[ 124.679783] ? futex_wake+0x158/0x490
[ 124.679813] ? fd_install+0x1f9/0x640
[ 124.679843] do_futex+0x2ff/0x380
[ 124.679863] ? __ia32_compat_sys_get_robust_list+0x3b0/0x3b0
[ 124.679892] __x64_sys_futex+0x1c6/0x4d0
[ 124.679915] ? __x64_sys_futex_time32+0x480/0x480
[ 124.679938] ? syscall_enter_from_user_mode+0x1d/0x50
[ 124.679974] ? syscall_enter_from_user_mode+0x1d/0x50
[ 124.680013] do_syscall_64+0x3b/0x90
[ 124.680040] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 124.680074] RIP: 0033:0x7fa7beffeb19
[ 124.680089] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 124.680109] RSP: 002b:00007fa7bc574218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 124.680129] RAX: ffffffffffffffda RBX: 00007fa7bf111f68 RCX: 00007fa7beffeb19
[ 124.680144] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007fa7bf111f68
[ 124.680157] RBP: 00007fa7bf111f60 R08: 0000000000000000 R09: 0000000000000000
[ 124.680170] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fa7bf111f6c
[ 124.680184] R13: 00007ffe20c9c4df R14: 00007fa7bc574300 R15: 0000000000022000
[ 124.680207]
[ 124.787455] WARNING: CPU: 0 PID: 3824 at kernel/events/core.c:2309 group_sched_out.part.0+0x2c7/0x460
[ 124.788697] Modules linked in:
[ 124.789136] CPU: 0 PID: 3824 Comm: syz-executor.5 Not tainted 6.0.0-rc5-next-20220915 #1
[ 124.790228] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[ 124.791736] RIP: 0010:group_sched_out.part.0+0x2c7/0x460
[ 124.792470] Code: 5e 41 5f e9 3b b7 ef ff e8 36 b7 ef ff 65 8b 1d ab 15 ac 7e 31 ff 89 de e8 d6 b3 ef ff 85 db 0f 84 8a 00 00 00 e8 19 b7 ef ff <0f> 0b e9 a5 fe ff ff e8 0d b7 ef ff 48 8d 7d 10 48 b8 00 00 00 00
[ 124.794902] RSP: 0018:ffff88803e67f8f8 EFLAGS: 00010006
[ 124.795626] RAX: 0000000040000002 RBX: 0000000000000000 RCX: 0000000000000000
[ 124.796592] RDX: ffff888018359ac0 RSI: ffffffff81566027 RDI: 0000000000000005
[ 124.797551] RBP: ffff888008660000 R08: 0000000000000005 R09: 0000000000000001
[ 124.798501] R10: 0000000000000000 R11: ffffffff865ac01b R12: ffff88803d144800
[ 124.799464] R13: ffff88806ce3d100 R14: ffffffff8547c660 R15: 0000000000000002
[ 124.800431] FS: 00007fa7bc574700(0000) GS:ffff88806ce00000(0000) knlGS:0000000000000000
[ 124.801518] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 124.802300] CR2: 00007efc25c4e028 CR3: 0000000015f70000 CR4: 0000000000350ef0
[ 124.803265] Call Trace:
[ 124.803618]
[ 124.803936] ctx_sched_out+0x8f1/0xc10
[ 124.804472] __perf_event_task_sched_out+0x6d0/0x18d0
[ 124.805180] ? lock_is_held_type+0xd7/0x130
[ 124.805791] ? __perf_cgroup_move+0x160/0x160
[ 124.806406] ? set_next_entity+0x304/0x550
[ 124.807010] ? lock_is_held_type+0xd7/0x130
[ 124.807612] __schedule+0xedd/0x2470
[ 124.808130] ? io_schedule_timeout+0x150/0x150
[ 124.808750] ? futex_wait_setup+0x166/0x230
[ 124.809343] schedule+0xda/0x1b0
[ 124.809824] futex_wait_queue+0xf5/0x1e0
[ 124.810384] futex_wait+0x28e/0x690
[ 124.810919] ? futex_wait_setup+0x230/0x230
[ 124.811508] ? wake_up_q+0x8b/0xf0
[ 124.812010] ? do_raw_spin_unlock+0x4f/0x220
[ 124.812634] ? futex_wake+0x158/0x490
[ 124.813163] ? fd_install+0x1f9/0x640
[ 124.813699] do_futex+0x2ff/0x380
[ 124.814180] ? __ia32_compat_sys_get_robust_list+0x3b0/0x3b0
[ 124.814983] __x64_sys_futex+0x1c6/0x4d0
[ 124.815546] ? __x64_sys_futex_time32+0x480/0x480
[ 124.816232] ? syscall_enter_from_user_mode+0x1d/0x50
[ 124.816967] ? syscall_enter_from_user_mode+0x1d/0x50
[ 124.817717] do_syscall_64+0x3b/0x90
[ 124.818257] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 124.819011] RIP: 0033:0x7fa7beffeb19
[ 124.819529] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 124.822021] RSP: 002b:00007fa7bc574218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 124.823068] RAX: ffffffffffffffda RBX: 00007fa7bf111f68 RCX: 00007fa7beffeb19
[ 124.824015] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007fa7bf111f68
[ 124.824985] RBP: 00007fa7bf111f60 R08: 0000000000000000 R09: 0000000000000000
[ 124.825942] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fa7bf111f6c
[ 124.826910] R13: 00007ffe20c9c4df R14: 00007fa7bc574300 R15: 0000000000022000
[ 124.827890]
[ 124.828220] irq event stamp: 990
[ 124.828687] hardirqs last enabled at (989): [] syscall_enter_from_user_mode+0x1d/0x50
[ 124.829979] hardirqs last disabled at (990): [] __schedule+0x1225/0x2470
[ 124.831107] softirqs last enabled at (792): [] __irq_exit_rcu+0x11b/0x180
[ 124.832251] softirqs last disabled at (783): [] __irq_exit_rcu+0x11b/0x180
[ 124.833393] ---[ end trace 0000000000000000 ]---
[ 125.030499] hrtimer: interrupt took 18625 ns
11:52:20 executing program 6:
capset(&(0x7f0000000040)={0x20080522}, &(0x7f0000000580))
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TCGETA(r0, 0x5606, 0x0)
11:52:20 executing program 6:
capset(&(0x7f0000000040)={0x20080522}, &(0x7f0000000580))
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TCGETA(r0, 0x5606, 0x0)
11:52:20 executing program 6:
capset(&(0x7f0000000040)={0x20080522}, &(0x7f0000000580))
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TCGETA(r0, 0x5606, 0x0)
11:52:20 executing program 6:
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r0 = openat$cdrom(0xffffffffffffff9c, &(0x7f0000000300), 0x82a00, 0x0)
ioctl$CDROMEJECT(r0, 0x5309)
openat$cdrom(0xffffffffffffff9c, 0x0, 0x0, 0x0)
[ 125.695308] syz-executor.5 (3828) used greatest stack depth: 24648 bytes left
11:52:24 executing program 0:
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r0, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000007f00)={0x1c, 0x1a, 0x1, 0x0, 0x0, "", [@generic="026b02db13cfb35673"]}, 0x1c}], 0x1}, 0x0)
11:52:24 executing program 7:
syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x882400, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='proc\x00', 0x0, 0x0)
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = dup(r0)
bind$bt_hci(r1, &(0x7f0000000080)={0x1f, 0xffffffffffffffff, 0x3}, 0x6)
write$bt_hci(r1, &(0x7f0000000280)=ANY=[@ANYBLOB="1502b30a05aece6188827c76b9cd0d82f8863958367d8e76c4976d810f3b8e21d2181806360044b1797fb4365443"], 0x6)
mount_setattr(r1, &(0x7f0000000200)='./file0\x00', 0x100, &(0x7f0000000240)={0x4, 0xf0, 0xa0000}, 0x20)
chroot(&(0x7f0000000040)='./file0\x00')
umount2(&(0x7f0000000800)='./file0\x00', 0x5)
getuid()
syz_mount_image$vfat(&(0x7f0000000300), &(0x7f0000000340)='./file0\x00', 0x7, 0x2, &(0x7f0000000640)=[{&(0x7f00000004c0)="5950f02bb1ffe000cb3efa5db2449b557924455eec8987df15d6b597fb3ce29680dc1bd54ea53af8e8f3e5920efa598c81755edbfe100c31bd1828761d66453534940a957ba9b40def5b7556f85c9b74257b13bc04f48dfea9868bde2d74bdf5338caaa6fa2cde076458feefc32177486454010fb1e44b92aee44d7f2e001d201164af758f2d025baf1b4f8f41a5810b6681bc1bdc002b3a561a643c6cf1f66ac3ca6c22c829d0671cfdd08c8e46cc625b9dc3219c7cffa8b5b71e8d4f5f1dbcfcc637b761c826a7fb40bd", 0xcb, 0x7}, {&(0x7f00000005c0)="2edbce8b40c4128924a248f506e5605936664af6d15587f7fd3afd09652abc7a2d9fa49bb3bc2f072fe24d542c5d8ff72df342c2492efa608c8353fc0b83b4787c58eef498ec4a8a428fd21e3caccc29d9a57278a15b4e36a0b7a5210b998e9df3710ad8acf68d1567a443228c4c97c1146d8b847d076be97482", 0x7a, 0x3f}], 0x4b4aef126d1b3dc4, 0x0)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/kexec_crash_size', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x80, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
umount2(&(0x7f0000000140)='./file0\x00', 0x0)
r2 = openat$nvram(0xffffffffffffff9c, &(0x7f00000002c0), 0x1000, 0x0)
fspick(r2, &(0x7f0000000380)='./file0/file0\x00', 0x1)
11:52:24 executing program 6:
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r0 = openat$cdrom(0xffffffffffffff9c, &(0x7f0000000300), 0x82a00, 0x0)
ioctl$CDROMEJECT(r0, 0x5309)
openat$cdrom(0xffffffffffffff9c, 0x0, 0x0, 0x0)
11:52:24 executing program 4:
ioperm(0x0, 0x31, 0x2)
syz_open_procfs(0x0, &(0x7f0000000040)='net/ip_mr_vif\x00')
11:52:24 executing program 2:
syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x882400, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='proc\x00', 0x0, 0x0)
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = dup(r0)
bind$bt_hci(r1, &(0x7f0000000080)={0x1f, 0xffffffffffffffff, 0x3}, 0x6)
write$bt_hci(r1, &(0x7f0000000280)=ANY=[@ANYBLOB="1502b30a05aece6188827c76b9cd0d82f8863958367d8e76c4976d810f3b8e21d2181806360044b1797fb4365443"], 0x6)
mount_setattr(r1, &(0x7f0000000200)='./file0\x00', 0x100, &(0x7f0000000240)={0x4, 0xf0, 0xa0000}, 0x20)
chroot(&(0x7f0000000040)='./file0\x00')
umount2(&(0x7f0000000800)='./file0\x00', 0x5)
getuid()
syz_mount_image$vfat(&(0x7f0000000300), &(0x7f0000000340)='./file0\x00', 0x7, 0x2, &(0x7f0000000640)=[{&(0x7f00000004c0)="5950f02bb1ffe000cb3efa5db2449b557924455eec8987df15d6b597fb3ce29680dc1bd54ea53af8e8f3e5920efa598c81755edbfe100c31bd1828761d66453534940a957ba9b40def5b7556f85c9b74257b13bc04f48dfea9868bde2d74bdf5338caaa6fa2cde076458feefc32177486454010fb1e44b92aee44d7f2e001d201164af758f2d025baf1b4f8f41a5810b6681bc1bdc002b3a561a643c6cf1f66ac3ca6c22c829d0671cfdd08c8e46cc625b9dc3219c7cffa8b5b71e8d4f5f1dbcfcc637b761c826a7fb40bd", 0xcb, 0x7}, {&(0x7f00000005c0)="2edbce8b40c4128924a248f506e5605936664af6d15587f7fd3afd09652abc7a2d9fa49bb3bc2f072fe24d542c5d8ff72df342c2492efa608c8353fc0b83b4787c58eef498ec4a8a428fd21e3caccc29d9a57278a15b4e36a0b7a5210b998e9df3710ad8acf68d1567a443228c4c97c1146d8b847d076be97482", 0x7a, 0x3f}], 0x4b4aef126d1b3dc4, 0x0)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/kexec_crash_size', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x80, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
umount2(&(0x7f0000000140)='./file0\x00', 0x0)
r2 = openat$nvram(0xffffffffffffff9c, &(0x7f00000002c0), 0x1000, 0x0)
fspick(r2, &(0x7f0000000380)='./file0/file0\x00', 0x1)
11:52:24 executing program 3:
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f00000000c0)='net/mcfilter6\x00')
preadv(r0, &(0x7f0000001140)=[{&(0x7f0000000140)=""/4096, 0x1000}], 0x1, 0x0, 0x0)
11:52:24 executing program 5:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
pwritev(r1, &(0x7f0000000080)=[{&(0x7f0000000140)='\x00', 0x1a}], 0x1, 0x7fffffc, 0x0)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext={0xfffffffffffffffe}, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendfile(r0, r0, 0x0, 0x100000)
r2 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000180), 0x2000, 0x0)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), r2)
fcntl$dupfd(0xffffffffffffffff, 0x406, 0xffffffffffffffff)
setsockopt$inet6_IPV6_PKTINFO(0xffffffffffffffff, 0x29, 0x1b, &(0x7f0000000000)={@dev}, 0x14)
getsockname$packet(r2, &(0x7f00000001c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000200)=0x14)
ioctl$sock_ipv6_tunnel_SIOCCHG6RD(r1, 0x89fb, &(0x7f0000000240)={'ip6gre0\x00', &(0x7f0000000300)={'syztnl2\x00', 0x0, 0x4, 0xfe, 0x40, 0x5, 0x32, @ipv4={'\x00', '\xff\xff', @local}, @initdev={0xfe, 0x88, '\x00', 0x2, 0x0}, 0x7, 0x7800, 0x10001}})
socket$inet6_udp(0xa, 0x2, 0x0)
socket$nl_audit(0x10, 0x3, 0x9)
setsockopt$inet6_IPV6_PKTINFO(0xffffffffffffffff, 0x29, 0x1b, &(0x7f0000000000)={@dev={0xfe, 0x80, '\x00', 0xfd}}, 0x14)
r3 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x2080000001}, 0x0, 0x7ff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000400)={0x3, 0x80, 0x6, 0x5, 0x1, 0x3f, 0x0, 0x3ff, 0x50000, 0x4, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x2, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x3b, 0x1, @perf_config_ext={0x1, 0x7fff}, 0xa8, 0x1, 0x20, 0x0, 0x0, 0x7fffffff, 0x9, 0x0, 0x4, 0x0, 0xdeb}, 0x0, 0x3, r3, 0x3)
11:52:24 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
r2 = dup(r1)
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(r2, 0xc0189372, &(0x7f0000000000)={{0x1, 0x1, 0x18, r0}, './file1\x00'})
r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
pwritev(r3, &(0x7f0000000080)=[{&(0x7f0000000140)='\x00', 0x1a}], 0x1, 0x7fffffc, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext={0xfffffffffffffffe}, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendfile(r0, r0, 0x0, 0x100000)
[ 128.802848] syz-executor.1 (3990) used greatest stack depth: 24408 bytes left
[ 128.847733] syz-executor.5 (3988) used greatest stack depth: 23960 bytes left
11:52:24 executing program 0:
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r0, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000007f00)={0x1c, 0x1a, 0x1, 0x0, 0x0, "", [@generic="026b02db13cfb35673"]}, 0x1c}], 0x1}, 0x0)
11:52:24 executing program 6:
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r0 = openat$cdrom(0xffffffffffffff9c, &(0x7f0000000300), 0x82a00, 0x0)
ioctl$CDROMEJECT(r0, 0x5309)
openat$cdrom(0xffffffffffffff9c, 0x0, 0x0, 0x0)
11:52:24 executing program 7:
syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x882400, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='proc\x00', 0x0, 0x0)
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = dup(r0)
bind$bt_hci(r1, &(0x7f0000000080)={0x1f, 0xffffffffffffffff, 0x3}, 0x6)
write$bt_hci(r1, &(0x7f0000000280)=ANY=[@ANYBLOB="1502b30a05aece6188827c76b9cd0d82f8863958367d8e76c4976d810f3b8e21d2181806360044b1797fb4365443"], 0x6)
mount_setattr(r1, &(0x7f0000000200)='./file0\x00', 0x100, &(0x7f0000000240)={0x4, 0xf0, 0xa0000}, 0x20)
chroot(&(0x7f0000000040)='./file0\x00')
umount2(&(0x7f0000000800)='./file0\x00', 0x5)
getuid()
syz_mount_image$vfat(&(0x7f0000000300), &(0x7f0000000340)='./file0\x00', 0x7, 0x2, &(0x7f0000000640)=[{&(0x7f00000004c0)="5950f02bb1ffe000cb3efa5db2449b557924455eec8987df15d6b597fb3ce29680dc1bd54ea53af8e8f3e5920efa598c81755edbfe100c31bd1828761d66453534940a957ba9b40def5b7556f85c9b74257b13bc04f48dfea9868bde2d74bdf5338caaa6fa2cde076458feefc32177486454010fb1e44b92aee44d7f2e001d201164af758f2d025baf1b4f8f41a5810b6681bc1bdc002b3a561a643c6cf1f66ac3ca6c22c829d0671cfdd08c8e46cc625b9dc3219c7cffa8b5b71e8d4f5f1dbcfcc637b761c826a7fb40bd", 0xcb, 0x7}, {&(0x7f00000005c0)="2edbce8b40c4128924a248f506e5605936664af6d15587f7fd3afd09652abc7a2d9fa49bb3bc2f072fe24d542c5d8ff72df342c2492efa608c8353fc0b83b4787c58eef498ec4a8a428fd21e3caccc29d9a57278a15b4e36a0b7a5210b998e9df3710ad8acf68d1567a443228c4c97c1146d8b847d076be97482", 0x7a, 0x3f}], 0x4b4aef126d1b3dc4, 0x0)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/kexec_crash_size', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x80, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
umount2(&(0x7f0000000140)='./file0\x00', 0x0)
r2 = openat$nvram(0xffffffffffffff9c, &(0x7f00000002c0), 0x1000, 0x0)
fspick(r2, &(0x7f0000000380)='./file0/file0\x00', 0x1)
11:52:24 executing program 2:
syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x882400, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='proc\x00', 0x0, 0x0)
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = dup(r0)
bind$bt_hci(r1, &(0x7f0000000080)={0x1f, 0xffffffffffffffff, 0x3}, 0x6)
write$bt_hci(r1, &(0x7f0000000280)=ANY=[@ANYBLOB="1502b30a05aece6188827c76b9cd0d82f8863958367d8e76c4976d810f3b8e21d2181806360044b1797fb4365443"], 0x6)
mount_setattr(r1, &(0x7f0000000200)='./file0\x00', 0x100, &(0x7f0000000240)={0x4, 0xf0, 0xa0000}, 0x20)
chroot(&(0x7f0000000040)='./file0\x00')
umount2(&(0x7f0000000800)='./file0\x00', 0x5)
getuid()
syz_mount_image$vfat(&(0x7f0000000300), &(0x7f0000000340)='./file0\x00', 0x7, 0x2, &(0x7f0000000640)=[{&(0x7f00000004c0)="5950f02bb1ffe000cb3efa5db2449b557924455eec8987df15d6b597fb3ce29680dc1bd54ea53af8e8f3e5920efa598c81755edbfe100c31bd1828761d66453534940a957ba9b40def5b7556f85c9b74257b13bc04f48dfea9868bde2d74bdf5338caaa6fa2cde076458feefc32177486454010fb1e44b92aee44d7f2e001d201164af758f2d025baf1b4f8f41a5810b6681bc1bdc002b3a561a643c6cf1f66ac3ca6c22c829d0671cfdd08c8e46cc625b9dc3219c7cffa8b5b71e8d4f5f1dbcfcc637b761c826a7fb40bd", 0xcb, 0x7}, {&(0x7f00000005c0)="2edbce8b40c4128924a248f506e5605936664af6d15587f7fd3afd09652abc7a2d9fa49bb3bc2f072fe24d542c5d8ff72df342c2492efa608c8353fc0b83b4787c58eef498ec4a8a428fd21e3caccc29d9a57278a15b4e36a0b7a5210b998e9df3710ad8acf68d1567a443228c4c97c1146d8b847d076be97482", 0x7a, 0x3f}], 0x4b4aef126d1b3dc4, 0x0)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/kexec_crash_size', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x80, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
umount2(&(0x7f0000000140)='./file0\x00', 0x0)
r2 = openat$nvram(0xffffffffffffff9c, &(0x7f00000002c0), 0x1000, 0x0)
fspick(r2, &(0x7f0000000380)='./file0/file0\x00', 0x1)
11:52:24 executing program 5:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
pwritev(r1, &(0x7f0000000080)=[{&(0x7f0000000140)='\x00', 0x1a}], 0x1, 0x7fffffc, 0x0)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext={0xfffffffffffffffe}, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendfile(r0, r0, 0x0, 0x100000)
r2 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000180), 0x2000, 0x0)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), r2)
fcntl$dupfd(0xffffffffffffffff, 0x406, 0xffffffffffffffff)
setsockopt$inet6_IPV6_PKTINFO(0xffffffffffffffff, 0x29, 0x1b, &(0x7f0000000000)={@dev}, 0x14)
getsockname$packet(r2, &(0x7f00000001c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000200)=0x14)
ioctl$sock_ipv6_tunnel_SIOCCHG6RD(r1, 0x89fb, &(0x7f0000000240)={'ip6gre0\x00', &(0x7f0000000300)={'syztnl2\x00', 0x0, 0x4, 0xfe, 0x40, 0x5, 0x32, @ipv4={'\x00', '\xff\xff', @local}, @initdev={0xfe, 0x88, '\x00', 0x2, 0x0}, 0x7, 0x7800, 0x10001}})
socket$inet6_udp(0xa, 0x2, 0x0)
socket$nl_audit(0x10, 0x3, 0x9)
setsockopt$inet6_IPV6_PKTINFO(0xffffffffffffffff, 0x29, 0x1b, &(0x7f0000000000)={@dev={0xfe, 0x80, '\x00', 0xfd}}, 0x14)
r3 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x2080000001}, 0x0, 0x7ff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000400)={0x3, 0x80, 0x6, 0x5, 0x1, 0x3f, 0x0, 0x3ff, 0x50000, 0x4, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x2, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x3b, 0x1, @perf_config_ext={0x1, 0x7fff}, 0xa8, 0x1, 0x20, 0x0, 0x0, 0x7fffffff, 0x9, 0x0, 0x4, 0x0, 0xdeb}, 0x0, 0x3, r3, 0x3)
11:52:24 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
r2 = dup(r1)
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(r2, 0xc0189372, &(0x7f0000000000)={{0x1, 0x1, 0x18, r0}, './file1\x00'})
r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
pwritev(r3, &(0x7f0000000080)=[{&(0x7f0000000140)='\x00', 0x1a}], 0x1, 0x7fffffc, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext={0xfffffffffffffffe}, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendfile(r0, r0, 0x0, 0x100000)
11:52:24 executing program 4:
ioperm(0x0, 0x31, 0x2)
syz_open_procfs(0x0, &(0x7f0000000040)='net/ip_mr_vif\x00')
11:52:24 executing program 3:
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f00000000c0)='net/mcfilter6\x00')
preadv(r0, &(0x7f0000001140)=[{&(0x7f0000000140)=""/4096, 0x1000}], 0x1, 0x0, 0x0)
11:52:24 executing program 0:
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r0, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000007f00)={0x1c, 0x1a, 0x1, 0x0, 0x0, "", [@generic="026b02db13cfb35673"]}, 0x1c}], 0x1}, 0x0)
11:52:24 executing program 6:
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r0 = openat$cdrom(0xffffffffffffff9c, &(0x7f0000000300), 0x82a00, 0x0)
ioctl$CDROMEJECT(r0, 0x5309)
openat$cdrom(0xffffffffffffff9c, 0x0, 0x0, 0x0)
11:52:24 executing program 2:
syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x882400, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='proc\x00', 0x0, 0x0)
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = dup(r0)
bind$bt_hci(r1, &(0x7f0000000080)={0x1f, 0xffffffffffffffff, 0x3}, 0x6)
write$bt_hci(r1, &(0x7f0000000280)=ANY=[@ANYBLOB="1502b30a05aece6188827c76b9cd0d82f8863958367d8e76c4976d810f3b8e21d2181806360044b1797fb4365443"], 0x6)
mount_setattr(r1, &(0x7f0000000200)='./file0\x00', 0x100, &(0x7f0000000240)={0x4, 0xf0, 0xa0000}, 0x20)
chroot(&(0x7f0000000040)='./file0\x00')
umount2(&(0x7f0000000800)='./file0\x00', 0x5)
getuid()
syz_mount_image$vfat(&(0x7f0000000300), &(0x7f0000000340)='./file0\x00', 0x7, 0x2, &(0x7f0000000640)=[{&(0x7f00000004c0)="5950f02bb1ffe000cb3efa5db2449b557924455eec8987df15d6b597fb3ce29680dc1bd54ea53af8e8f3e5920efa598c81755edbfe100c31bd1828761d66453534940a957ba9b40def5b7556f85c9b74257b13bc04f48dfea9868bde2d74bdf5338caaa6fa2cde076458feefc32177486454010fb1e44b92aee44d7f2e001d201164af758f2d025baf1b4f8f41a5810b6681bc1bdc002b3a561a643c6cf1f66ac3ca6c22c829d0671cfdd08c8e46cc625b9dc3219c7cffa8b5b71e8d4f5f1dbcfcc637b761c826a7fb40bd", 0xcb, 0x7}, {&(0x7f00000005c0)="2edbce8b40c4128924a248f506e5605936664af6d15587f7fd3afd09652abc7a2d9fa49bb3bc2f072fe24d542c5d8ff72df342c2492efa608c8353fc0b83b4787c58eef498ec4a8a428fd21e3caccc29d9a57278a15b4e36a0b7a5210b998e9df3710ad8acf68d1567a443228c4c97c1146d8b847d076be97482", 0x7a, 0x3f}], 0x4b4aef126d1b3dc4, 0x0)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/kexec_crash_size', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x80, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
umount2(&(0x7f0000000140)='./file0\x00', 0x0)
r2 = openat$nvram(0xffffffffffffff9c, &(0x7f00000002c0), 0x1000, 0x0)
fspick(r2, &(0x7f0000000380)='./file0/file0\x00', 0x1)
11:52:24 executing program 3:
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f00000000c0)='net/mcfilter6\x00')
preadv(r0, &(0x7f0000001140)=[{&(0x7f0000000140)=""/4096, 0x1000}], 0x1, 0x0, 0x0)
11:52:24 executing program 4:
ioperm(0x0, 0x31, 0x2)
syz_open_procfs(0x0, &(0x7f0000000040)='net/ip_mr_vif\x00')
11:52:24 executing program 7:
syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x882400, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='proc\x00', 0x0, 0x0)
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = dup(r0)
bind$bt_hci(r1, &(0x7f0000000080)={0x1f, 0xffffffffffffffff, 0x3}, 0x6)
write$bt_hci(r1, &(0x7f0000000280)=ANY=[@ANYBLOB="1502b30a05aece6188827c76b9cd0d82f8863958367d8e76c4976d810f3b8e21d2181806360044b1797fb4365443"], 0x6)
mount_setattr(r1, &(0x7f0000000200)='./file0\x00', 0x100, &(0x7f0000000240)={0x4, 0xf0, 0xa0000}, 0x20)
chroot(&(0x7f0000000040)='./file0\x00')
umount2(&(0x7f0000000800)='./file0\x00', 0x5)
getuid()
syz_mount_image$vfat(&(0x7f0000000300), &(0x7f0000000340)='./file0\x00', 0x7, 0x2, &(0x7f0000000640)=[{&(0x7f00000004c0)="5950f02bb1ffe000cb3efa5db2449b557924455eec8987df15d6b597fb3ce29680dc1bd54ea53af8e8f3e5920efa598c81755edbfe100c31bd1828761d66453534940a957ba9b40def5b7556f85c9b74257b13bc04f48dfea9868bde2d74bdf5338caaa6fa2cde076458feefc32177486454010fb1e44b92aee44d7f2e001d201164af758f2d025baf1b4f8f41a5810b6681bc1bdc002b3a561a643c6cf1f66ac3ca6c22c829d0671cfdd08c8e46cc625b9dc3219c7cffa8b5b71e8d4f5f1dbcfcc637b761c826a7fb40bd", 0xcb, 0x7}, {&(0x7f00000005c0)="2edbce8b40c4128924a248f506e5605936664af6d15587f7fd3afd09652abc7a2d9fa49bb3bc2f072fe24d542c5d8ff72df342c2492efa608c8353fc0b83b4787c58eef498ec4a8a428fd21e3caccc29d9a57278a15b4e36a0b7a5210b998e9df3710ad8acf68d1567a443228c4c97c1146d8b847d076be97482", 0x7a, 0x3f}], 0x4b4aef126d1b3dc4, 0x0)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/kexec_crash_size', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x80, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
umount2(&(0x7f0000000140)='./file0\x00', 0x0)
r2 = openat$nvram(0xffffffffffffff9c, &(0x7f00000002c0), 0x1000, 0x0)
fspick(r2, &(0x7f0000000380)='./file0/file0\x00', 0x1)
11:52:24 executing program 2:
syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x882400, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='proc\x00', 0x0, 0x0)
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = dup(r0)
bind$bt_hci(r1, &(0x7f0000000080)={0x1f, 0xffffffffffffffff, 0x3}, 0x6)
write$bt_hci(r1, &(0x7f0000000280)=ANY=[@ANYBLOB="1502b30a05aece6188827c76b9cd0d82f8863958367d8e76c4976d810f3b8e21d2181806360044b1797fb4365443"], 0x6)
mount_setattr(r1, &(0x7f0000000200)='./file0\x00', 0x100, &(0x7f0000000240)={0x4, 0xf0, 0xa0000}, 0x20)
chroot(&(0x7f0000000040)='./file0\x00')
umount2(&(0x7f0000000800)='./file0\x00', 0x5)
getuid()
syz_mount_image$vfat(&(0x7f0000000300), &(0x7f0000000340)='./file0\x00', 0x7, 0x2, &(0x7f0000000640)=[{&(0x7f00000004c0)="5950f02bb1ffe000cb3efa5db2449b557924455eec8987df15d6b597fb3ce29680dc1bd54ea53af8e8f3e5920efa598c81755edbfe100c31bd1828761d66453534940a957ba9b40def5b7556f85c9b74257b13bc04f48dfea9868bde2d74bdf5338caaa6fa2cde076458feefc32177486454010fb1e44b92aee44d7f2e001d201164af758f2d025baf1b4f8f41a5810b6681bc1bdc002b3a561a643c6cf1f66ac3ca6c22c829d0671cfdd08c8e46cc625b9dc3219c7cffa8b5b71e8d4f5f1dbcfcc637b761c826a7fb40bd", 0xcb, 0x7}, {&(0x7f00000005c0)="2edbce8b40c4128924a248f506e5605936664af6d15587f7fd3afd09652abc7a2d9fa49bb3bc2f072fe24d542c5d8ff72df342c2492efa608c8353fc0b83b4787c58eef498ec4a8a428fd21e3caccc29d9a57278a15b4e36a0b7a5210b998e9df3710ad8acf68d1567a443228c4c97c1146d8b847d076be97482", 0x7a, 0x3f}], 0x4b4aef126d1b3dc4, 0x0)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/kexec_crash_size', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x80, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
umount2(&(0x7f0000000140)='./file0\x00', 0x0)
r2 = openat$nvram(0xffffffffffffff9c, &(0x7f00000002c0), 0x1000, 0x0)
fspick(r2, &(0x7f0000000380)='./file0/file0\x00', 0x1)
11:52:24 executing program 6:
syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x882400, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='proc\x00', 0x0, 0x0)
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = dup(r0)
bind$bt_hci(r1, &(0x7f0000000080)={0x1f, 0xffffffffffffffff, 0x3}, 0x6)
write$bt_hci(r1, &(0x7f0000000280)=ANY=[@ANYBLOB="1502b30a05aece6188827c76b9cd0d82f8863958367d8e76c4976d810f3b8e21d2181806360044b1797fb4365443"], 0x6)
mount_setattr(r1, &(0x7f0000000200)='./file0\x00', 0x100, &(0x7f0000000240)={0x4, 0xf0, 0xa0000}, 0x20)
chroot(&(0x7f0000000040)='./file0\x00')
umount2(&(0x7f0000000800)='./file0\x00', 0x5)
getuid()
syz_mount_image$vfat(&(0x7f0000000300), &(0x7f0000000340)='./file0\x00', 0x7, 0x2, &(0x7f0000000640)=[{&(0x7f00000004c0)="5950f02bb1ffe000cb3efa5db2449b557924455eec8987df15d6b597fb3ce29680dc1bd54ea53af8e8f3e5920efa598c81755edbfe100c31bd1828761d66453534940a957ba9b40def5b7556f85c9b74257b13bc04f48dfea9868bde2d74bdf5338caaa6fa2cde076458feefc32177486454010fb1e44b92aee44d7f2e001d201164af758f2d025baf1b4f8f41a5810b6681bc1bdc002b3a561a643c6cf1f66ac3ca6c22c829d0671cfdd08c8e46cc625b9dc3219c7cffa8b5b71e8d4f5f1dbcfcc637b761c826a7fb40bd", 0xcb, 0x7}, {&(0x7f00000005c0)="2edbce8b40c4128924a248f506e5605936664af6d15587f7fd3afd09652abc7a2d9fa49bb3bc2f072fe24d542c5d8ff72df342c2492efa608c8353fc0b83b4787c58eef498ec4a8a428fd21e3caccc29d9a57278a15b4e36a0b7a5210b998e9df3710ad8acf68d1567a443228c4c97c1146d8b847d076be97482", 0x7a, 0x3f}], 0x4b4aef126d1b3dc4, 0x0)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/kexec_crash_size', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x80, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
umount2(&(0x7f0000000140)='./file0\x00', 0x0)
r2 = openat$nvram(0xffffffffffffff9c, &(0x7f00000002c0), 0x1000, 0x0)
fspick(r2, &(0x7f0000000380)='./file0/file0\x00', 0x1)
11:52:24 executing program 5:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
pwritev(r1, &(0x7f0000000080)=[{&(0x7f0000000140)='\x00', 0x1a}], 0x1, 0x7fffffc, 0x0)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext={0xfffffffffffffffe}, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendfile(r0, r0, 0x0, 0x100000)
r2 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000180), 0x2000, 0x0)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), r2)
fcntl$dupfd(0xffffffffffffffff, 0x406, 0xffffffffffffffff)
setsockopt$inet6_IPV6_PKTINFO(0xffffffffffffffff, 0x29, 0x1b, &(0x7f0000000000)={@dev}, 0x14)
getsockname$packet(r2, &(0x7f00000001c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000200)=0x14)
ioctl$sock_ipv6_tunnel_SIOCCHG6RD(r1, 0x89fb, &(0x7f0000000240)={'ip6gre0\x00', &(0x7f0000000300)={'syztnl2\x00', 0x0, 0x4, 0xfe, 0x40, 0x5, 0x32, @ipv4={'\x00', '\xff\xff', @local}, @initdev={0xfe, 0x88, '\x00', 0x2, 0x0}, 0x7, 0x7800, 0x10001}})
socket$inet6_udp(0xa, 0x2, 0x0)
socket$nl_audit(0x10, 0x3, 0x9)
setsockopt$inet6_IPV6_PKTINFO(0xffffffffffffffff, 0x29, 0x1b, &(0x7f0000000000)={@dev={0xfe, 0x80, '\x00', 0xfd}}, 0x14)
r3 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x2080000001}, 0x0, 0x7ff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000400)={0x3, 0x80, 0x6, 0x5, 0x1, 0x3f, 0x0, 0x3ff, 0x50000, 0x4, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x2, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x3b, 0x1, @perf_config_ext={0x1, 0x7fff}, 0xa8, 0x1, 0x20, 0x0, 0x0, 0x7fffffff, 0x9, 0x0, 0x4, 0x0, 0xdeb}, 0x0, 0x3, r3, 0x3)
11:52:24 executing program 7:
syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x882400, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='proc\x00', 0x0, 0x0)
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = dup(r0)
bind$bt_hci(r1, &(0x7f0000000080)={0x1f, 0xffffffffffffffff, 0x3}, 0x6)
write$bt_hci(r1, &(0x7f0000000280)=ANY=[@ANYBLOB="1502b30a05aece6188827c76b9cd0d82f8863958367d8e76c4976d810f3b8e21d2181806360044b1797fb4365443"], 0x6)
mount_setattr(r1, &(0x7f0000000200)='./file0\x00', 0x100, &(0x7f0000000240)={0x4, 0xf0, 0xa0000}, 0x20)
chroot(&(0x7f0000000040)='./file0\x00')
umount2(&(0x7f0000000800)='./file0\x00', 0x5)
getuid()
syz_mount_image$vfat(&(0x7f0000000300), &(0x7f0000000340)='./file0\x00', 0x7, 0x2, &(0x7f0000000640)=[{&(0x7f00000004c0)="5950f02bb1ffe000cb3efa5db2449b557924455eec8987df15d6b597fb3ce29680dc1bd54ea53af8e8f3e5920efa598c81755edbfe100c31bd1828761d66453534940a957ba9b40def5b7556f85c9b74257b13bc04f48dfea9868bde2d74bdf5338caaa6fa2cde076458feefc32177486454010fb1e44b92aee44d7f2e001d201164af758f2d025baf1b4f8f41a5810b6681bc1bdc002b3a561a643c6cf1f66ac3ca6c22c829d0671cfdd08c8e46cc625b9dc3219c7cffa8b5b71e8d4f5f1dbcfcc637b761c826a7fb40bd", 0xcb, 0x7}, {&(0x7f00000005c0)="2edbce8b40c4128924a248f506e5605936664af6d15587f7fd3afd09652abc7a2d9fa49bb3bc2f072fe24d542c5d8ff72df342c2492efa608c8353fc0b83b4787c58eef498ec4a8a428fd21e3caccc29d9a57278a15b4e36a0b7a5210b998e9df3710ad8acf68d1567a443228c4c97c1146d8b847d076be97482", 0x7a, 0x3f}], 0x4b4aef126d1b3dc4, 0x0)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/kexec_crash_size', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x80, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
umount2(&(0x7f0000000140)='./file0\x00', 0x0)
r2 = openat$nvram(0xffffffffffffff9c, &(0x7f00000002c0), 0x1000, 0x0)
fspick(r2, &(0x7f0000000380)='./file0/file0\x00', 0x1)
11:52:24 executing program 4:
syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x882400, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='proc\x00', 0x0, 0x0)
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = dup(r0)
bind$bt_hci(r1, &(0x7f0000000080)={0x1f, 0xffffffffffffffff, 0x3}, 0x6)
write$bt_hci(r1, &(0x7f0000000280)=ANY=[@ANYBLOB="1502b30a05aece6188827c76b9cd0d82f8863958367d8e76c4976d810f3b8e21d2181806360044b1797fb4365443"], 0x6)
mount_setattr(r1, &(0x7f0000000200)='./file0\x00', 0x100, &(0x7f0000000240)={0x4, 0xf0, 0xa0000}, 0x20)
chroot(&(0x7f0000000040)='./file0\x00')
umount2(&(0x7f0000000800)='./file0\x00', 0x5)
getuid()
syz_mount_image$vfat(&(0x7f0000000300), &(0x7f0000000340)='./file0\x00', 0x7, 0x2, &(0x7f0000000640)=[{&(0x7f00000004c0)="5950f02bb1ffe000cb3efa5db2449b557924455eec8987df15d6b597fb3ce29680dc1bd54ea53af8e8f3e5920efa598c81755edbfe100c31bd1828761d66453534940a957ba9b40def5b7556f85c9b74257b13bc04f48dfea9868bde2d74bdf5338caaa6fa2cde076458feefc32177486454010fb1e44b92aee44d7f2e001d201164af758f2d025baf1b4f8f41a5810b6681bc1bdc002b3a561a643c6cf1f66ac3ca6c22c829d0671cfdd08c8e46cc625b9dc3219c7cffa8b5b71e8d4f5f1dbcfcc637b761c826a7fb40bd", 0xcb, 0x7}, {&(0x7f00000005c0)="2edbce8b40c4128924a248f506e5605936664af6d15587f7fd3afd09652abc7a2d9fa49bb3bc2f072fe24d542c5d8ff72df342c2492efa608c8353fc0b83b4787c58eef498ec4a8a428fd21e3caccc29d9a57278a15b4e36a0b7a5210b998e9df3710ad8acf68d1567a443228c4c97c1146d8b847d076be97482", 0x7a, 0x3f}], 0x4b4aef126d1b3dc4, 0x0)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/kexec_crash_size', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x80, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
umount2(&(0x7f0000000140)='./file0\x00', 0x0)
r2 = openat$nvram(0xffffffffffffff9c, &(0x7f00000002c0), 0x1000, 0x0)
fspick(r2, &(0x7f0000000380)='./file0/file0\x00', 0x1)
11:52:24 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
r2 = dup(r1)
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(r2, 0xc0189372, &(0x7f0000000000)={{0x1, 0x1, 0x18, r0}, './file1\x00'})
r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
pwritev(r3, &(0x7f0000000080)=[{&(0x7f0000000140)='\x00', 0x1a}], 0x1, 0x7fffffc, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext={0xfffffffffffffffe}, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendfile(r0, r0, 0x0, 0x100000)
11:52:24 executing program 3:
syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x882400, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='proc\x00', 0x0, 0x0)
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = dup(r0)
bind$bt_hci(r1, &(0x7f0000000080)={0x1f, 0xffffffffffffffff, 0x3}, 0x6)
write$bt_hci(r1, &(0x7f0000000280)=ANY=[@ANYBLOB="1502b30a05aece6188827c76b9cd0d82f8863958367d8e76c4976d810f3b8e21d2181806360044b1797fb4365443"], 0x6)
mount_setattr(r1, &(0x7f0000000200)='./file0\x00', 0x100, &(0x7f0000000240)={0x4, 0xf0, 0xa0000}, 0x20)
chroot(&(0x7f0000000040)='./file0\x00')
umount2(&(0x7f0000000800)='./file0\x00', 0x5)
getuid()
syz_mount_image$vfat(&(0x7f0000000300), &(0x7f0000000340)='./file0\x00', 0x7, 0x2, &(0x7f0000000640)=[{&(0x7f00000004c0)="5950f02bb1ffe000cb3efa5db2449b557924455eec8987df15d6b597fb3ce29680dc1bd54ea53af8e8f3e5920efa598c81755edbfe100c31bd1828761d66453534940a957ba9b40def5b7556f85c9b74257b13bc04f48dfea9868bde2d74bdf5338caaa6fa2cde076458feefc32177486454010fb1e44b92aee44d7f2e001d201164af758f2d025baf1b4f8f41a5810b6681bc1bdc002b3a561a643c6cf1f66ac3ca6c22c829d0671cfdd08c8e46cc625b9dc3219c7cffa8b5b71e8d4f5f1dbcfcc637b761c826a7fb40bd", 0xcb, 0x7}, {&(0x7f00000005c0)="2edbce8b40c4128924a248f506e5605936664af6d15587f7fd3afd09652abc7a2d9fa49bb3bc2f072fe24d542c5d8ff72df342c2492efa608c8353fc0b83b4787c58eef498ec4a8a428fd21e3caccc29d9a57278a15b4e36a0b7a5210b998e9df3710ad8acf68d1567a443228c4c97c1146d8b847d076be97482", 0x7a, 0x3f}], 0x4b4aef126d1b3dc4, 0x0)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/kexec_crash_size', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x80, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
umount2(&(0x7f0000000140)='./file0\x00', 0x0)
r2 = openat$nvram(0xffffffffffffff9c, &(0x7f00000002c0), 0x1000, 0x0)
fspick(r2, &(0x7f0000000380)='./file0/file0\x00', 0x1)
11:52:24 executing program 0:
syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x882400, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='proc\x00', 0x0, 0x0)
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = dup(r0)
bind$bt_hci(r1, &(0x7f0000000080)={0x1f, 0xffffffffffffffff, 0x3}, 0x6)
write$bt_hci(r1, &(0x7f0000000280)=ANY=[@ANYBLOB="1502b30a05aece6188827c76b9cd0d82f8863958367d8e76c4976d810f3b8e21d2181806360044b1797fb4365443"], 0x6)
mount_setattr(r1, &(0x7f0000000200)='./file0\x00', 0x100, &(0x7f0000000240)={0x4, 0xf0, 0xa0000}, 0x20)
chroot(&(0x7f0000000040)='./file0\x00')
umount2(&(0x7f0000000800)='./file0\x00', 0x5)
getuid()
syz_mount_image$vfat(&(0x7f0000000300), &(0x7f0000000340)='./file0\x00', 0x7, 0x2, &(0x7f0000000640)=[{&(0x7f00000004c0)="5950f02bb1ffe000cb3efa5db2449b557924455eec8987df15d6b597fb3ce29680dc1bd54ea53af8e8f3e5920efa598c81755edbfe100c31bd1828761d66453534940a957ba9b40def5b7556f85c9b74257b13bc04f48dfea9868bde2d74bdf5338caaa6fa2cde076458feefc32177486454010fb1e44b92aee44d7f2e001d201164af758f2d025baf1b4f8f41a5810b6681bc1bdc002b3a561a643c6cf1f66ac3ca6c22c829d0671cfdd08c8e46cc625b9dc3219c7cffa8b5b71e8d4f5f1dbcfcc637b761c826a7fb40bd", 0xcb, 0x7}, {&(0x7f00000005c0)="2edbce8b40c4128924a248f506e5605936664af6d15587f7fd3afd09652abc7a2d9fa49bb3bc2f072fe24d542c5d8ff72df342c2492efa608c8353fc0b83b4787c58eef498ec4a8a428fd21e3caccc29d9a57278a15b4e36a0b7a5210b998e9df3710ad8acf68d1567a443228c4c97c1146d8b847d076be97482", 0x7a, 0x3f}], 0x4b4aef126d1b3dc4, 0x0)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/kexec_crash_size', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x80, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
umount2(&(0x7f0000000140)='./file0\x00', 0x0)
r2 = openat$nvram(0xffffffffffffff9c, &(0x7f00000002c0), 0x1000, 0x0)
fspick(r2, &(0x7f0000000380)='./file0/file0\x00', 0x1)
11:52:24 executing program 4:
syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x882400, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='proc\x00', 0x0, 0x0)
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = dup(r0)
bind$bt_hci(r1, &(0x7f0000000080)={0x1f, 0xffffffffffffffff, 0x3}, 0x6)
write$bt_hci(r1, &(0x7f0000000280)=ANY=[@ANYBLOB="1502b30a05aece6188827c76b9cd0d82f8863958367d8e76c4976d810f3b8e21d2181806360044b1797fb4365443"], 0x6)
mount_setattr(r1, &(0x7f0000000200)='./file0\x00', 0x100, &(0x7f0000000240)={0x4, 0xf0, 0xa0000}, 0x20)
chroot(&(0x7f0000000040)='./file0\x00')
umount2(&(0x7f0000000800)='./file0\x00', 0x5)
getuid()
syz_mount_image$vfat(&(0x7f0000000300), &(0x7f0000000340)='./file0\x00', 0x7, 0x2, &(0x7f0000000640)=[{&(0x7f00000004c0)="5950f02bb1ffe000cb3efa5db2449b557924455eec8987df15d6b597fb3ce29680dc1bd54ea53af8e8f3e5920efa598c81755edbfe100c31bd1828761d66453534940a957ba9b40def5b7556f85c9b74257b13bc04f48dfea9868bde2d74bdf5338caaa6fa2cde076458feefc32177486454010fb1e44b92aee44d7f2e001d201164af758f2d025baf1b4f8f41a5810b6681bc1bdc002b3a561a643c6cf1f66ac3ca6c22c829d0671cfdd08c8e46cc625b9dc3219c7cffa8b5b71e8d4f5f1dbcfcc637b761c826a7fb40bd", 0xcb, 0x7}, {&(0x7f00000005c0)="2edbce8b40c4128924a248f506e5605936664af6d15587f7fd3afd09652abc7a2d9fa49bb3bc2f072fe24d542c5d8ff72df342c2492efa608c8353fc0b83b4787c58eef498ec4a8a428fd21e3caccc29d9a57278a15b4e36a0b7a5210b998e9df3710ad8acf68d1567a443228c4c97c1146d8b847d076be97482", 0x7a, 0x3f}], 0x4b4aef126d1b3dc4, 0x0)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/kexec_crash_size', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x80, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
umount2(&(0x7f0000000140)='./file0\x00', 0x0)
r2 = openat$nvram(0xffffffffffffff9c, &(0x7f00000002c0), 0x1000, 0x0)
fspick(r2, &(0x7f0000000380)='./file0/file0\x00', 0x1)
11:52:24 executing program 7:
syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x882400, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='proc\x00', 0x0, 0x0)
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = dup(r0)
bind$bt_hci(r1, &(0x7f0000000080)={0x1f, 0xffffffffffffffff, 0x3}, 0x6)
write$bt_hci(r1, &(0x7f0000000280)=ANY=[@ANYBLOB="1502b30a05aece6188827c76b9cd0d82f8863958367d8e76c4976d810f3b8e21d2181806360044b1797fb4365443"], 0x6)
mount_setattr(r1, &(0x7f0000000200)='./file0\x00', 0x100, &(0x7f0000000240)={0x4, 0xf0, 0xa0000}, 0x20)
chroot(&(0x7f0000000040)='./file0\x00')
umount2(&(0x7f0000000800)='./file0\x00', 0x5)
getuid()
syz_mount_image$vfat(&(0x7f0000000300), &(0x7f0000000340)='./file0\x00', 0x7, 0x2, &(0x7f0000000640)=[{&(0x7f00000004c0)="5950f02bb1ffe000cb3efa5db2449b557924455eec8987df15d6b597fb3ce29680dc1bd54ea53af8e8f3e5920efa598c81755edbfe100c31bd1828761d66453534940a957ba9b40def5b7556f85c9b74257b13bc04f48dfea9868bde2d74bdf5338caaa6fa2cde076458feefc32177486454010fb1e44b92aee44d7f2e001d201164af758f2d025baf1b4f8f41a5810b6681bc1bdc002b3a561a643c6cf1f66ac3ca6c22c829d0671cfdd08c8e46cc625b9dc3219c7cffa8b5b71e8d4f5f1dbcfcc637b761c826a7fb40bd", 0xcb, 0x7}, {&(0x7f00000005c0)="2edbce8b40c4128924a248f506e5605936664af6d15587f7fd3afd09652abc7a2d9fa49bb3bc2f072fe24d542c5d8ff72df342c2492efa608c8353fc0b83b4787c58eef498ec4a8a428fd21e3caccc29d9a57278a15b4e36a0b7a5210b998e9df3710ad8acf68d1567a443228c4c97c1146d8b847d076be97482", 0x7a, 0x3f}], 0x4b4aef126d1b3dc4, 0x0)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/kexec_crash_size', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x80, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
umount2(&(0x7f0000000140)='./file0\x00', 0x0)
r2 = openat$nvram(0xffffffffffffff9c, &(0x7f00000002c0), 0x1000, 0x0)
fspick(r2, &(0x7f0000000380)='./file0/file0\x00', 0x1)
11:52:24 executing program 6:
syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x882400, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='proc\x00', 0x0, 0x0)
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = dup(r0)
bind$bt_hci(r1, &(0x7f0000000080)={0x1f, 0xffffffffffffffff, 0x3}, 0x6)
write$bt_hci(r1, &(0x7f0000000280)=ANY=[@ANYBLOB="1502b30a05aece6188827c76b9cd0d82f8863958367d8e76c4976d810f3b8e21d2181806360044b1797fb4365443"], 0x6)
mount_setattr(r1, &(0x7f0000000200)='./file0\x00', 0x100, &(0x7f0000000240)={0x4, 0xf0, 0xa0000}, 0x20)
chroot(&(0x7f0000000040)='./file0\x00')
umount2(&(0x7f0000000800)='./file0\x00', 0x5)
getuid()
syz_mount_image$vfat(&(0x7f0000000300), &(0x7f0000000340)='./file0\x00', 0x7, 0x2, &(0x7f0000000640)=[{&(0x7f00000004c0)="5950f02bb1ffe000cb3efa5db2449b557924455eec8987df15d6b597fb3ce29680dc1bd54ea53af8e8f3e5920efa598c81755edbfe100c31bd1828761d66453534940a957ba9b40def5b7556f85c9b74257b13bc04f48dfea9868bde2d74bdf5338caaa6fa2cde076458feefc32177486454010fb1e44b92aee44d7f2e001d201164af758f2d025baf1b4f8f41a5810b6681bc1bdc002b3a561a643c6cf1f66ac3ca6c22c829d0671cfdd08c8e46cc625b9dc3219c7cffa8b5b71e8d4f5f1dbcfcc637b761c826a7fb40bd", 0xcb, 0x7}, {&(0x7f00000005c0)="2edbce8b40c4128924a248f506e5605936664af6d15587f7fd3afd09652abc7a2d9fa49bb3bc2f072fe24d542c5d8ff72df342c2492efa608c8353fc0b83b4787c58eef498ec4a8a428fd21e3caccc29d9a57278a15b4e36a0b7a5210b998e9df3710ad8acf68d1567a443228c4c97c1146d8b847d076be97482", 0x7a, 0x3f}], 0x4b4aef126d1b3dc4, 0x0)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/kexec_crash_size', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x80, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
umount2(&(0x7f0000000140)='./file0\x00', 0x0)
r2 = openat$nvram(0xffffffffffffff9c, &(0x7f00000002c0), 0x1000, 0x0)
fspick(r2, &(0x7f0000000380)='./file0/file0\x00', 0x1)
11:52:24 executing program 2:
syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x882400, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='proc\x00', 0x0, 0x0)
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = dup(r0)
bind$bt_hci(r1, &(0x7f0000000080)={0x1f, 0xffffffffffffffff, 0x3}, 0x6)
write$bt_hci(r1, &(0x7f0000000280)=ANY=[@ANYBLOB="1502b30a05aece6188827c76b9cd0d82f8863958367d8e76c4976d810f3b8e21d2181806360044b1797fb4365443"], 0x6)
mount_setattr(r1, &(0x7f0000000200)='./file0\x00', 0x100, &(0x7f0000000240)={0x4, 0xf0, 0xa0000}, 0x20)
chroot(&(0x7f0000000040)='./file0\x00')
umount2(&(0x7f0000000800)='./file0\x00', 0x5)
getuid()
syz_mount_image$vfat(&(0x7f0000000300), &(0x7f0000000340)='./file0\x00', 0x7, 0x2, &(0x7f0000000640)=[{&(0x7f00000004c0)="5950f02bb1ffe000cb3efa5db2449b557924455eec8987df15d6b597fb3ce29680dc1bd54ea53af8e8f3e5920efa598c81755edbfe100c31bd1828761d66453534940a957ba9b40def5b7556f85c9b74257b13bc04f48dfea9868bde2d74bdf5338caaa6fa2cde076458feefc32177486454010fb1e44b92aee44d7f2e001d201164af758f2d025baf1b4f8f41a5810b6681bc1bdc002b3a561a643c6cf1f66ac3ca6c22c829d0671cfdd08c8e46cc625b9dc3219c7cffa8b5b71e8d4f5f1dbcfcc637b761c826a7fb40bd", 0xcb, 0x7}, {&(0x7f00000005c0)="2edbce8b40c4128924a248f506e5605936664af6d15587f7fd3afd09652abc7a2d9fa49bb3bc2f072fe24d542c5d8ff72df342c2492efa608c8353fc0b83b4787c58eef498ec4a8a428fd21e3caccc29d9a57278a15b4e36a0b7a5210b998e9df3710ad8acf68d1567a443228c4c97c1146d8b847d076be97482", 0x7a, 0x3f}], 0x4b4aef126d1b3dc4, 0x0)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/kexec_crash_size', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x80, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
umount2(&(0x7f0000000140)='./file0\x00', 0x0)
r2 = openat$nvram(0xffffffffffffff9c, &(0x7f00000002c0), 0x1000, 0x0)
fspick(r2, &(0x7f0000000380)='./file0/file0\x00', 0x1)
11:52:24 executing program 3:
syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x882400, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='proc\x00', 0x0, 0x0)
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = dup(r0)
bind$bt_hci(r1, &(0x7f0000000080)={0x1f, 0xffffffffffffffff, 0x3}, 0x6)
write$bt_hci(r1, &(0x7f0000000280)=ANY=[@ANYBLOB="1502b30a05aece6188827c76b9cd0d82f8863958367d8e76c4976d810f3b8e21d2181806360044b1797fb4365443"], 0x6)
mount_setattr(r1, &(0x7f0000000200)='./file0\x00', 0x100, &(0x7f0000000240)={0x4, 0xf0, 0xa0000}, 0x20)
chroot(&(0x7f0000000040)='./file0\x00')
umount2(&(0x7f0000000800)='./file0\x00', 0x5)
getuid()
syz_mount_image$vfat(&(0x7f0000000300), &(0x7f0000000340)='./file0\x00', 0x7, 0x2, &(0x7f0000000640)=[{&(0x7f00000004c0)="5950f02bb1ffe000cb3efa5db2449b557924455eec8987df15d6b597fb3ce29680dc1bd54ea53af8e8f3e5920efa598c81755edbfe100c31bd1828761d66453534940a957ba9b40def5b7556f85c9b74257b13bc04f48dfea9868bde2d74bdf5338caaa6fa2cde076458feefc32177486454010fb1e44b92aee44d7f2e001d201164af758f2d025baf1b4f8f41a5810b6681bc1bdc002b3a561a643c6cf1f66ac3ca6c22c829d0671cfdd08c8e46cc625b9dc3219c7cffa8b5b71e8d4f5f1dbcfcc637b761c826a7fb40bd", 0xcb, 0x7}, {&(0x7f00000005c0)="2edbce8b40c4128924a248f506e5605936664af6d15587f7fd3afd09652abc7a2d9fa49bb3bc2f072fe24d542c5d8ff72df342c2492efa608c8353fc0b83b4787c58eef498ec4a8a428fd21e3caccc29d9a57278a15b4e36a0b7a5210b998e9df3710ad8acf68d1567a443228c4c97c1146d8b847d076be97482", 0x7a, 0x3f}], 0x4b4aef126d1b3dc4, 0x0)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/kexec_crash_size', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x80, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
umount2(&(0x7f0000000140)='./file0\x00', 0x0)
r2 = openat$nvram(0xffffffffffffff9c, &(0x7f00000002c0), 0x1000, 0x0)
fspick(r2, &(0x7f0000000380)='./file0/file0\x00', 0x1)
11:52:24 executing program 0:
syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x882400, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='proc\x00', 0x0, 0x0)
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = dup(r0)
bind$bt_hci(r1, &(0x7f0000000080)={0x1f, 0xffffffffffffffff, 0x3}, 0x6)
write$bt_hci(r1, &(0x7f0000000280)=ANY=[@ANYBLOB="1502b30a05aece6188827c76b9cd0d82f8863958367d8e76c4976d810f3b8e21d2181806360044b1797fb4365443"], 0x6)
mount_setattr(r1, &(0x7f0000000200)='./file0\x00', 0x100, &(0x7f0000000240)={0x4, 0xf0, 0xa0000}, 0x20)
chroot(&(0x7f0000000040)='./file0\x00')
umount2(&(0x7f0000000800)='./file0\x00', 0x5)
getuid()
syz_mount_image$vfat(&(0x7f0000000300), &(0x7f0000000340)='./file0\x00', 0x7, 0x2, &(0x7f0000000640)=[{&(0x7f00000004c0)="5950f02bb1ffe000cb3efa5db2449b557924455eec8987df15d6b597fb3ce29680dc1bd54ea53af8e8f3e5920efa598c81755edbfe100c31bd1828761d66453534940a957ba9b40def5b7556f85c9b74257b13bc04f48dfea9868bde2d74bdf5338caaa6fa2cde076458feefc32177486454010fb1e44b92aee44d7f2e001d201164af758f2d025baf1b4f8f41a5810b6681bc1bdc002b3a561a643c6cf1f66ac3ca6c22c829d0671cfdd08c8e46cc625b9dc3219c7cffa8b5b71e8d4f5f1dbcfcc637b761c826a7fb40bd", 0xcb, 0x7}, {&(0x7f00000005c0)="2edbce8b40c4128924a248f506e5605936664af6d15587f7fd3afd09652abc7a2d9fa49bb3bc2f072fe24d542c5d8ff72df342c2492efa608c8353fc0b83b4787c58eef498ec4a8a428fd21e3caccc29d9a57278a15b4e36a0b7a5210b998e9df3710ad8acf68d1567a443228c4c97c1146d8b847d076be97482", 0x7a, 0x3f}], 0x4b4aef126d1b3dc4, 0x0)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/kexec_crash_size', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x80, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
umount2(&(0x7f0000000140)='./file0\x00', 0x0)
r2 = openat$nvram(0xffffffffffffff9c, &(0x7f00000002c0), 0x1000, 0x0)
fspick(r2, &(0x7f0000000380)='./file0/file0\x00', 0x1)
11:52:24 executing program 4:
syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x882400, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='proc\x00', 0x0, 0x0)
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = dup(r0)
bind$bt_hci(r1, &(0x7f0000000080)={0x1f, 0xffffffffffffffff, 0x3}, 0x6)
write$bt_hci(r1, &(0x7f0000000280)=ANY=[@ANYBLOB="1502b30a05aece6188827c76b9cd0d82f8863958367d8e76c4976d810f3b8e21d2181806360044b1797fb4365443"], 0x6)
mount_setattr(r1, &(0x7f0000000200)='./file0\x00', 0x100, &(0x7f0000000240)={0x4, 0xf0, 0xa0000}, 0x20)
chroot(&(0x7f0000000040)='./file0\x00')
umount2(&(0x7f0000000800)='./file0\x00', 0x5)
getuid()
syz_mount_image$vfat(&(0x7f0000000300), &(0x7f0000000340)='./file0\x00', 0x7, 0x2, &(0x7f0000000640)=[{&(0x7f00000004c0)="5950f02bb1ffe000cb3efa5db2449b557924455eec8987df15d6b597fb3ce29680dc1bd54ea53af8e8f3e5920efa598c81755edbfe100c31bd1828761d66453534940a957ba9b40def5b7556f85c9b74257b13bc04f48dfea9868bde2d74bdf5338caaa6fa2cde076458feefc32177486454010fb1e44b92aee44d7f2e001d201164af758f2d025baf1b4f8f41a5810b6681bc1bdc002b3a561a643c6cf1f66ac3ca6c22c829d0671cfdd08c8e46cc625b9dc3219c7cffa8b5b71e8d4f5f1dbcfcc637b761c826a7fb40bd", 0xcb, 0x7}, {&(0x7f00000005c0)="2edbce8b40c4128924a248f506e5605936664af6d15587f7fd3afd09652abc7a2d9fa49bb3bc2f072fe24d542c5d8ff72df342c2492efa608c8353fc0b83b4787c58eef498ec4a8a428fd21e3caccc29d9a57278a15b4e36a0b7a5210b998e9df3710ad8acf68d1567a443228c4c97c1146d8b847d076be97482", 0x7a, 0x3f}], 0x4b4aef126d1b3dc4, 0x0)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/kexec_crash_size', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x80, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
umount2(&(0x7f0000000140)='./file0\x00', 0x0)
r2 = openat$nvram(0xffffffffffffff9c, &(0x7f00000002c0), 0x1000, 0x0)
fspick(r2, &(0x7f0000000380)='./file0/file0\x00', 0x1)
11:52:24 executing program 7:
syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x882400, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='proc\x00', 0x0, 0x0)
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = dup(r0)
bind$bt_hci(r1, &(0x7f0000000080)={0x1f, 0xffffffffffffffff, 0x3}, 0x6)
write$bt_hci(r1, &(0x7f0000000280)=ANY=[@ANYBLOB="1502b30a05aece6188827c76b9cd0d82f8863958367d8e76c4976d810f3b8e21d2181806360044b1797fb4365443"], 0x6)
mount_setattr(r1, &(0x7f0000000200)='./file0\x00', 0x100, &(0x7f0000000240)={0x4, 0xf0, 0xa0000}, 0x20)
chroot(&(0x7f0000000040)='./file0\x00')
umount2(&(0x7f0000000800)='./file0\x00', 0x5)
getuid()
syz_mount_image$vfat(&(0x7f0000000300), &(0x7f0000000340)='./file0\x00', 0x7, 0x2, &(0x7f0000000640)=[{&(0x7f00000004c0)="5950f02bb1ffe000cb3efa5db2449b557924455eec8987df15d6b597fb3ce29680dc1bd54ea53af8e8f3e5920efa598c81755edbfe100c31bd1828761d66453534940a957ba9b40def5b7556f85c9b74257b13bc04f48dfea9868bde2d74bdf5338caaa6fa2cde076458feefc32177486454010fb1e44b92aee44d7f2e001d201164af758f2d025baf1b4f8f41a5810b6681bc1bdc002b3a561a643c6cf1f66ac3ca6c22c829d0671cfdd08c8e46cc625b9dc3219c7cffa8b5b71e8d4f5f1dbcfcc637b761c826a7fb40bd", 0xcb, 0x7}, {&(0x7f00000005c0)="2edbce8b40c4128924a248f506e5605936664af6d15587f7fd3afd09652abc7a2d9fa49bb3bc2f072fe24d542c5d8ff72df342c2492efa608c8353fc0b83b4787c58eef498ec4a8a428fd21e3caccc29d9a57278a15b4e36a0b7a5210b998e9df3710ad8acf68d1567a443228c4c97c1146d8b847d076be97482", 0x7a, 0x3f}], 0x4b4aef126d1b3dc4, 0x0)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/kexec_crash_size', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x80, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
umount2(&(0x7f0000000140)='./file0\x00', 0x0)
r2 = openat$nvram(0xffffffffffffff9c, &(0x7f00000002c0), 0x1000, 0x0)
fspick(r2, &(0x7f0000000380)='./file0/file0\x00', 0x1)
11:52:24 executing program 3:
syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x882400, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='proc\x00', 0x0, 0x0)
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = dup(r0)
bind$bt_hci(r1, &(0x7f0000000080)={0x1f, 0xffffffffffffffff, 0x3}, 0x6)
write$bt_hci(r1, &(0x7f0000000280)=ANY=[@ANYBLOB="1502b30a05aece6188827c76b9cd0d82f8863958367d8e76c4976d810f3b8e21d2181806360044b1797fb4365443"], 0x6)
mount_setattr(r1, &(0x7f0000000200)='./file0\x00', 0x100, &(0x7f0000000240)={0x4, 0xf0, 0xa0000}, 0x20)
chroot(&(0x7f0000000040)='./file0\x00')
umount2(&(0x7f0000000800)='./file0\x00', 0x5)
getuid()
syz_mount_image$vfat(&(0x7f0000000300), &(0x7f0000000340)='./file0\x00', 0x7, 0x2, &(0x7f0000000640)=[{&(0x7f00000004c0)="5950f02bb1ffe000cb3efa5db2449b557924455eec8987df15d6b597fb3ce29680dc1bd54ea53af8e8f3e5920efa598c81755edbfe100c31bd1828761d66453534940a957ba9b40def5b7556f85c9b74257b13bc04f48dfea9868bde2d74bdf5338caaa6fa2cde076458feefc32177486454010fb1e44b92aee44d7f2e001d201164af758f2d025baf1b4f8f41a5810b6681bc1bdc002b3a561a643c6cf1f66ac3ca6c22c829d0671cfdd08c8e46cc625b9dc3219c7cffa8b5b71e8d4f5f1dbcfcc637b761c826a7fb40bd", 0xcb, 0x7}, {&(0x7f00000005c0)="2edbce8b40c4128924a248f506e5605936664af6d15587f7fd3afd09652abc7a2d9fa49bb3bc2f072fe24d542c5d8ff72df342c2492efa608c8353fc0b83b4787c58eef498ec4a8a428fd21e3caccc29d9a57278a15b4e36a0b7a5210b998e9df3710ad8acf68d1567a443228c4c97c1146d8b847d076be97482", 0x7a, 0x3f}], 0x4b4aef126d1b3dc4, 0x0)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/kexec_crash_size', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x80, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
umount2(&(0x7f0000000140)='./file0\x00', 0x0)
r2 = openat$nvram(0xffffffffffffff9c, &(0x7f00000002c0), 0x1000, 0x0)
fspick(r2, &(0x7f0000000380)='./file0/file0\x00', 0x1)
11:52:24 executing program 2:
syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x882400, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='proc\x00', 0x0, 0x0)
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = dup(r0)
bind$bt_hci(r1, &(0x7f0000000080)={0x1f, 0xffffffffffffffff, 0x3}, 0x6)
write$bt_hci(r1, &(0x7f0000000280)=ANY=[@ANYBLOB="1502b30a05aece6188827c76b9cd0d82f8863958367d8e76c4976d810f3b8e21d2181806360044b1797fb4365443"], 0x6)
mount_setattr(r1, &(0x7f0000000200)='./file0\x00', 0x100, &(0x7f0000000240)={0x4, 0xf0, 0xa0000}, 0x20)
chroot(&(0x7f0000000040)='./file0\x00')
umount2(&(0x7f0000000800)='./file0\x00', 0x5)
getuid()
syz_mount_image$vfat(&(0x7f0000000300), &(0x7f0000000340)='./file0\x00', 0x7, 0x2, &(0x7f0000000640)=[{&(0x7f00000004c0)="5950f02bb1ffe000cb3efa5db2449b557924455eec8987df15d6b597fb3ce29680dc1bd54ea53af8e8f3e5920efa598c81755edbfe100c31bd1828761d66453534940a957ba9b40def5b7556f85c9b74257b13bc04f48dfea9868bde2d74bdf5338caaa6fa2cde076458feefc32177486454010fb1e44b92aee44d7f2e001d201164af758f2d025baf1b4f8f41a5810b6681bc1bdc002b3a561a643c6cf1f66ac3ca6c22c829d0671cfdd08c8e46cc625b9dc3219c7cffa8b5b71e8d4f5f1dbcfcc637b761c826a7fb40bd", 0xcb, 0x7}, {&(0x7f00000005c0)="2edbce8b40c4128924a248f506e5605936664af6d15587f7fd3afd09652abc7a2d9fa49bb3bc2f072fe24d542c5d8ff72df342c2492efa608c8353fc0b83b4787c58eef498ec4a8a428fd21e3caccc29d9a57278a15b4e36a0b7a5210b998e9df3710ad8acf68d1567a443228c4c97c1146d8b847d076be97482", 0x7a, 0x3f}], 0x4b4aef126d1b3dc4, 0x0)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/kexec_crash_size', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x80, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
umount2(&(0x7f0000000140)='./file0\x00', 0x0)
r2 = openat$nvram(0xffffffffffffff9c, &(0x7f00000002c0), 0x1000, 0x0)
fspick(r2, &(0x7f0000000380)='./file0/file0\x00', 0x1)
11:52:25 executing program 6:
syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x882400, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='proc\x00', 0x0, 0x0)
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = dup(r0)
bind$bt_hci(r1, &(0x7f0000000080)={0x1f, 0xffffffffffffffff, 0x3}, 0x6)
write$bt_hci(r1, &(0x7f0000000280)=ANY=[@ANYBLOB="1502b30a05aece6188827c76b9cd0d82f8863958367d8e76c4976d810f3b8e21d2181806360044b1797fb4365443"], 0x6)
mount_setattr(r1, &(0x7f0000000200)='./file0\x00', 0x100, &(0x7f0000000240)={0x4, 0xf0, 0xa0000}, 0x20)
chroot(&(0x7f0000000040)='./file0\x00')
umount2(&(0x7f0000000800)='./file0\x00', 0x5)
getuid()
syz_mount_image$vfat(&(0x7f0000000300), &(0x7f0000000340)='./file0\x00', 0x7, 0x2, &(0x7f0000000640)=[{&(0x7f00000004c0)="5950f02bb1ffe000cb3efa5db2449b557924455eec8987df15d6b597fb3ce29680dc1bd54ea53af8e8f3e5920efa598c81755edbfe100c31bd1828761d66453534940a957ba9b40def5b7556f85c9b74257b13bc04f48dfea9868bde2d74bdf5338caaa6fa2cde076458feefc32177486454010fb1e44b92aee44d7f2e001d201164af758f2d025baf1b4f8f41a5810b6681bc1bdc002b3a561a643c6cf1f66ac3ca6c22c829d0671cfdd08c8e46cc625b9dc3219c7cffa8b5b71e8d4f5f1dbcfcc637b761c826a7fb40bd", 0xcb, 0x7}, {&(0x7f00000005c0)="2edbce8b40c4128924a248f506e5605936664af6d15587f7fd3afd09652abc7a2d9fa49bb3bc2f072fe24d542c5d8ff72df342c2492efa608c8353fc0b83b4787c58eef498ec4a8a428fd21e3caccc29d9a57278a15b4e36a0b7a5210b998e9df3710ad8acf68d1567a443228c4c97c1146d8b847d076be97482", 0x7a, 0x3f}], 0x4b4aef126d1b3dc4, 0x0)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/kexec_crash_size', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x80, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
umount2(&(0x7f0000000140)='./file0\x00', 0x0)
r2 = openat$nvram(0xffffffffffffff9c, &(0x7f00000002c0), 0x1000, 0x0)
fspick(r2, &(0x7f0000000380)='./file0/file0\x00', 0x1)
11:52:25 executing program 0:
syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x882400, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='proc\x00', 0x0, 0x0)
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = dup(r0)
bind$bt_hci(r1, &(0x7f0000000080)={0x1f, 0xffffffffffffffff, 0x3}, 0x6)
write$bt_hci(r1, &(0x7f0000000280)=ANY=[@ANYBLOB="1502b30a05aece6188827c76b9cd0d82f8863958367d8e76c4976d810f3b8e21d2181806360044b1797fb4365443"], 0x6)
mount_setattr(r1, &(0x7f0000000200)='./file0\x00', 0x100, &(0x7f0000000240)={0x4, 0xf0, 0xa0000}, 0x20)
chroot(&(0x7f0000000040)='./file0\x00')
umount2(&(0x7f0000000800)='./file0\x00', 0x5)
getuid()
syz_mount_image$vfat(&(0x7f0000000300), &(0x7f0000000340)='./file0\x00', 0x7, 0x2, &(0x7f0000000640)=[{&(0x7f00000004c0)="5950f02bb1ffe000cb3efa5db2449b557924455eec8987df15d6b597fb3ce29680dc1bd54ea53af8e8f3e5920efa598c81755edbfe100c31bd1828761d66453534940a957ba9b40def5b7556f85c9b74257b13bc04f48dfea9868bde2d74bdf5338caaa6fa2cde076458feefc32177486454010fb1e44b92aee44d7f2e001d201164af758f2d025baf1b4f8f41a5810b6681bc1bdc002b3a561a643c6cf1f66ac3ca6c22c829d0671cfdd08c8e46cc625b9dc3219c7cffa8b5b71e8d4f5f1dbcfcc637b761c826a7fb40bd", 0xcb, 0x7}, {&(0x7f00000005c0)="2edbce8b40c4128924a248f506e5605936664af6d15587f7fd3afd09652abc7a2d9fa49bb3bc2f072fe24d542c5d8ff72df342c2492efa608c8353fc0b83b4787c58eef498ec4a8a428fd21e3caccc29d9a57278a15b4e36a0b7a5210b998e9df3710ad8acf68d1567a443228c4c97c1146d8b847d076be97482", 0x7a, 0x3f}], 0x4b4aef126d1b3dc4, 0x0)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/kexec_crash_size', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x80, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
umount2(&(0x7f0000000140)='./file0\x00', 0x0)
r2 = openat$nvram(0xffffffffffffff9c, &(0x7f00000002c0), 0x1000, 0x0)
fspick(r2, &(0x7f0000000380)='./file0/file0\x00', 0x1)
11:52:25 executing program 4:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff)
sendmsg$NL80211_CMD_VENDOR(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000100)={0x28, r1, 0x87d27e71721737b5, 0x0, 0x0, {{0x32}, {@void, @val={0x8, 0x10}, @val={0x2f}}}}, 0x28}}, 0x0)
11:52:25 executing program 2:
keyctl$restrict_keyring(0x1d, 0xfffffffffffffffe, 0x0, 0x0)
11:52:25 executing program 3:
mlockall(0x5)
11:52:25 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
r2 = dup(r1)
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(r2, 0xc0189372, &(0x7f0000000000)={{0x1, 0x1, 0x18, r0}, './file1\x00'})
r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
pwritev(r3, &(0x7f0000000080)=[{&(0x7f0000000140)='\x00', 0x1a}], 0x1, 0x7fffffc, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext={0xfffffffffffffffe}, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendfile(r0, r0, 0x0, 0x100000)
11:52:25 executing program 5:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TIOCL_GETKMSGREDIRECT(r0, 0x4b52, &(0x7f0000000000))
11:52:25 executing program 7:
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x3000001, 0x32, 0xffffffffffffffff, 0x0)
capget(&(0x7f0000000000), 0x0)
[ 129.689061] netlink: 'syz-executor.4': attribute type 16 has an invalid length.
[ 129.704176] netlink: 'syz-executor.4': attribute type 16 has an invalid length.
11:52:25 executing program 5:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TIOCL_GETKMSGREDIRECT(r0, 0x4b52, &(0x7f0000000000))
11:52:25 executing program 2:
keyctl$restrict_keyring(0x1d, 0xfffffffffffffffe, 0x0, 0x0)
11:52:25 executing program 4:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff)
sendmsg$NL80211_CMD_VENDOR(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000100)={0x28, r1, 0x87d27e71721737b5, 0x0, 0x0, {{0x32}, {@void, @val={0x8, 0x10}, @val={0x2f}}}}, 0x28}}, 0x0)
11:52:25 executing program 0:
r0 = socket$inet6(0xa, 0x1, 0x0)
setsockopt$inet6_IPV6_PKTINFO(r0, 0x29, 0x49, &(0x7f0000000000)={@dev}, 0x14)
11:52:25 executing program 6:
r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/slab', 0x0, 0x0)
mknodat$loop(r0, &(0x7f0000000000)='./file0\x00', 0x2000, 0x1)
11:52:25 executing program 3:
r0 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_VERSION(r0, 0xc0189371, &(0x7f0000000100)={{0x1, 0x1, 0x18}, './file0\x00'})
[ 129.841398] netlink: 'syz-executor.4': attribute type 16 has an invalid length.
11:52:25 executing program 0:
r0 = socket$inet6(0xa, 0x1, 0x0)
setsockopt$inet6_IPV6_PKTINFO(r0, 0x29, 0x49, &(0x7f0000000000)={@dev}, 0x14)
11:52:25 executing program 2:
keyctl$restrict_keyring(0x1d, 0xfffffffffffffffe, 0x0, 0x0)
11:52:25 executing program 5:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TIOCL_GETKMSGREDIRECT(r0, 0x4b52, &(0x7f0000000000))
11:52:25 executing program 6:
r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/slab', 0x0, 0x0)
mknodat$loop(r0, &(0x7f0000000000)='./file0\x00', 0x2000, 0x1)
11:52:25 executing program 0:
r0 = socket$inet6(0xa, 0x1, 0x0)
setsockopt$inet6_IPV6_PKTINFO(r0, 0x29, 0x49, &(0x7f0000000000)={@dev}, 0x14)
11:52:25 executing program 2:
keyctl$restrict_keyring(0x1d, 0xfffffffffffffffe, 0x0, 0x0)
11:52:25 executing program 4:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff)
sendmsg$NL80211_CMD_VENDOR(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000100)={0x28, r1, 0x87d27e71721737b5, 0x0, 0x0, {{0x32}, {@void, @val={0x8, 0x10}, @val={0x2f}}}}, 0x28}}, 0x0)
11:52:25 executing program 3:
r0 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_VERSION(r0, 0xc0189371, &(0x7f0000000100)={{0x1, 0x1, 0x18}, './file0\x00'})
11:52:25 executing program 7:
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x3000001, 0x32, 0xffffffffffffffff, 0x0)
capget(&(0x7f0000000000), 0x0)
[ 130.006380] netlink: 'syz-executor.4': attribute type 16 has an invalid length.
11:52:25 executing program 5:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TIOCL_GETKMSGREDIRECT(r0, 0x4b52, &(0x7f0000000000))
11:52:25 executing program 6:
r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/slab', 0x0, 0x0)
mknodat$loop(r0, &(0x7f0000000000)='./file0\x00', 0x2000, 0x1)
11:52:25 executing program 0:
r0 = socket$inet6(0xa, 0x1, 0x0)
setsockopt$inet6_IPV6_PKTINFO(r0, 0x29, 0x49, &(0x7f0000000000)={@dev}, 0x14)
11:52:25 executing program 7:
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x3000001, 0x32, 0xffffffffffffffff, 0x0)
capget(&(0x7f0000000000), 0x0)
11:52:25 executing program 4:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff)
sendmsg$NL80211_CMD_VENDOR(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000100)={0x28, r1, 0x87d27e71721737b5, 0x0, 0x0, {{0x32}, {@void, @val={0x8, 0x10}, @val={0x2f}}}}, 0x28}}, 0x0)
11:52:25 executing program 3:
r0 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_VERSION(r0, 0xc0189371, &(0x7f0000000100)={{0x1, 0x1, 0x18}, './file0\x00'})
[ 130.135825] netlink: 'syz-executor.4': attribute type 16 has an invalid length.
11:52:25 executing program 6:
r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/slab', 0x0, 0x0)
mknodat$loop(r0, &(0x7f0000000000)='./file0\x00', 0x2000, 0x1)
11:52:25 executing program 1:
syz_mount_image$iso9660(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
stat(&(0x7f0000000240)='./file0\x00', &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0})
setresuid(0x0, r0, 0x0)
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x20, &(0x7f00000000c0)={@remote, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x20)
[ 130.209531] audit: type=1400 audit(1663242745.714:9): avc: denied { tracepoint } for pid=4126 comm="syz-executor.0" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1
11:52:25 executing program 2:
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x77, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
pipe2$9p(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0)
write$P9_RXATTRWALK(r0, &(0x7f0000000080)={0xc5}, 0xf)
11:52:25 executing program 0:
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
io_uring_register$IORING_UNREGISTER_BUFFERS(0xffffffffffffffff, 0x1, 0x1000000, 0x0)
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000002480)='fd/3\x00')
r1 = signalfd(r0, &(0x7f00000007c0), 0x8)
r2 = syz_io_uring_setup(0x0, &(0x7f0000000700)={0x0, 0x573c, 0x4, 0x2, 0x309, 0x0, r1}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000000100), &(0x7f0000000340))
pidfd_open(0x0, 0x0)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x4, @perf_bp={&(0x7f0000000040), 0xb}, 0x0, 0x20, 0x101, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x3)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f00000004c0))
r3 = syz_io_uring_setup(0x33d, &(0x7f0000000200)={0x0, 0x933d, 0x2, 0x2, 0x38a, 0x0, r2}, &(0x7f0000ffb000/0x1000)=nil, &(0x7f0000ffb000/0x4000)=nil, &(0x7f0000000380), &(0x7f0000000000))
ioctl$TIOCGPGRP(r1, 0x540f, &(0x7f0000000140)=0x0)
pidfd_open(r4, 0x0)
openat$sr(0xffffffffffffff9c, &(0x7f00000001c0), 0x105802, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x4, 0x110, r2, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x0, 0x10, r3, 0x0)
close(0xffffffffffffffff)
11:52:25 executing program 7:
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x3000001, 0x32, 0xffffffffffffffff, 0x0)
capget(&(0x7f0000000000), 0x0)
11:52:25 executing program 3:
r0 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_VERSION(r0, 0xc0189371, &(0x7f0000000100)={{0x1, 0x1, 0x18}, './file0\x00'})
11:52:25 executing program 5:
syz_emit_ethernet(0x4a, &(0x7f00000000c0)={@local, @broadcast, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x3c, 0x0, 0x0, 0x0, 0x6, 0x0, @dev, @remote}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, {[@md5sig={0x13, 0x12, "05764bebd1d6a0ad5fa927cc88b0fd52"}]}}}}}}}, 0x0)
11:52:25 executing program 4:
mknod(&(0x7f0000008d80)='./file0\x00', 0x0, 0x0)
mount$9p_unix(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x123008, 0x0)
mount$9p_unix(0x0, &(0x7f00000000c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$9p_unix(&(0x7f0000000080)='./file0\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0xa5800, 0x0)
mount$9p_unix(&(0x7f0000000500)='./file0\x00', &(0x7f0000000580)='./file0\x00', 0x0, 0x2040, 0x0)
11:52:25 executing program 1:
syz_mount_image$iso9660(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
stat(&(0x7f0000000240)='./file0\x00', &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0})
setresuid(0x0, r0, 0x0)
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x20, &(0x7f00000000c0)={@remote, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x20)
11:52:25 executing program 5:
syz_emit_ethernet(0x4a, &(0x7f00000000c0)={@local, @broadcast, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x3c, 0x0, 0x0, 0x0, 0x6, 0x0, @dev, @remote}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, {[@md5sig={0x13, 0x12, "05764bebd1d6a0ad5fa927cc88b0fd52"}]}}}}}}}, 0x0)
11:52:25 executing program 3:
r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
mmap$IORING_OFF_SQES(&(0x7f0000ff9000/0x4000)=nil, 0x4000, 0x0, 0x12, r0, 0x10000000)
[ 130.295001] =======================================================
[ 130.295001] WARNING: The mand mount option has been deprecated and
[ 130.295001] and is ignored by this kernel. Remove the mand
[ 130.295001] option from the mount to silence this warning.
[ 130.295001] =======================================================
11:52:25 executing program 2:
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x77, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
pipe2$9p(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0)
write$P9_RXATTRWALK(r0, &(0x7f0000000080)={0xc5}, 0xf)
11:52:25 executing program 6:
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$HCIINQUIRY(r0, 0x400448e0, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = getpid()
sendmsg$netlink(r1, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000000)={0xffffffffffffff86, 0x0, 0x0, 0x0, 0x0, "", [@generic="600a451685ac0a7bc45895b67191df0ef6a04b9a6318ef8b25b3f3b65ba13c257903fd79e84ec86989e828b9dbd58609e0bb40bc1f9331b8792c4d8a7365da1497b8fa015d310cae61d187b6ce90fb6bc7104bb2009a7789cdda9185d864e9130eb363de689e7e7ab3cc904438d0ac79a43cb02cd6e2aecb6a7c402dc2598bf17fdc533044b85f566f0d61095a15c2d5789e597a0002baaddaf6faeeca8175f90fcd0f9891f4b89646950aa62ee9e78aadbc55f3266e4fcfbae21470692591f1deb9538c8fe29c2878db04", @typed={0x8, 0xf, 0x0, 0x0, @fd=r1}]}, 0xe4}], 0x1, &(0x7f0000007e00)=[@cred={{0x1c, 0x1, 0x2, {r2}}}], 0x20}, 0x0)
r3 = fsopen(&(0x7f0000000000)='ramfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r3, 0x6, 0x0, 0x0, 0x0)
r4 = fsmount(r3, 0x0, 0x0)
symlinkat(&(0x7f0000000000)='./file0\x00', r4, &(0x7f00000001c0)='./file0\x00')
statx(r4, &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000000140)={0x1, 0x80, 0x0, 0xbc, 0x81, 0x5, 0x0, 0x9, 0x2800, 0xc, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x3, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x5, 0x4ff9507ca5ac339f, @perf_config_ext={0xc4, 0x100000001}, 0x2000, 0x1, 0x413, 0x9, 0x9, 0x9, 0xab2, 0x0, 0x6, 0x0, 0x2}, r2, 0xffffffffffffffff, r4, 0x2)
ioctl$INCFS_IOC_GET_FILLED_BLOCKS(r0, 0x80286722, &(0x7f0000000100)={&(0x7f0000000000)=""/117, 0x75, 0x9, 0x5})
11:52:25 executing program 1:
syz_mount_image$iso9660(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
stat(&(0x7f0000000240)='./file0\x00', &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0})
setresuid(0x0, r0, 0x0)
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x20, &(0x7f00000000c0)={@remote, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x20)
11:52:25 executing program 5:
syz_emit_ethernet(0x4a, &(0x7f00000000c0)={@local, @broadcast, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x3c, 0x0, 0x0, 0x0, 0x6, 0x0, @dev, @remote}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, {[@md5sig={0x13, 0x12, "05764bebd1d6a0ad5fa927cc88b0fd52"}]}}}}}}}, 0x0)
11:52:25 executing program 7:
r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x2000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x0, 0x0)
write$binfmt_aout(r1, &(0x7f0000000c40)=ANY=[], 0x820)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
fsetxattr$trusted_overlay_upper(r0, &(0x7f0000000200), &(0x7f0000000240)={0x0, 0xfb, 0x16, 0x4, 0x7, "2a35603e7b266c3ac08bc86d576ecd03", "04"}, 0x16, 0x1)
sendfile(r1, r2, 0x0, 0x7fffffff)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
sendfile(r4, r3, 0x0, 0x0)
perf_event_open$cgroup(&(0x7f0000000180)={0x4, 0x80, 0x0, 0x8, 0x5, 0x40, 0x0, 0x2000000000000, 0xa0600, 0x9, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x5, 0x0, @perf_bp={&(0x7f0000000140), 0x4}, 0x10246, 0xe4, 0x7, 0x0, 0x7, 0xffff, 0x1, 0x0, 0x9, 0x0, 0x169}, r3, 0x3, 0xffffffffffffffff, 0xf)
r5 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$F2FS_IOC_FLUSH_DEVICE(0xffffffffffffffff, 0x4008f50a, &(0x7f0000000000))
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
signalfd4(r5, &(0x7f0000000040)={[0x101]}, 0x8, 0x40000)
ioctl$EXT4_IOC_CHECKPOINT(r4, 0x4004662b, &(0x7f0000000340))
11:52:25 executing program 3:
r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
mmap$IORING_OFF_SQES(&(0x7f0000ff9000/0x4000)=nil, 0x4000, 0x0, 0x12, r0, 0x10000000)
11:52:25 executing program 4:
mknod(&(0x7f0000008d80)='./file0\x00', 0x0, 0x0)
mount$9p_unix(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x123008, 0x0)
mount$9p_unix(0x0, &(0x7f00000000c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$9p_unix(&(0x7f0000000080)='./file0\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0xa5800, 0x0)
mount$9p_unix(&(0x7f0000000500)='./file0\x00', &(0x7f0000000580)='./file0\x00', 0x0, 0x2040, 0x0)
11:52:26 executing program 2:
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x77, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
pipe2$9p(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0)
write$P9_RXATTRWALK(r0, &(0x7f0000000080)={0xc5}, 0xf)
11:52:26 executing program 5:
syz_emit_ethernet(0x4a, &(0x7f00000000c0)={@local, @broadcast, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x3c, 0x0, 0x0, 0x0, 0x6, 0x0, @dev, @remote}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, {[@md5sig={0x13, 0x12, "05764bebd1d6a0ad5fa927cc88b0fd52"}]}}}}}}}, 0x0)
11:52:26 executing program 1:
syz_mount_image$iso9660(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
stat(&(0x7f0000000240)='./file0\x00', &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0})
setresuid(0x0, r0, 0x0)
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x20, &(0x7f00000000c0)={@remote, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x20)
11:52:26 executing program 4:
mknod(&(0x7f0000008d80)='./file0\x00', 0x0, 0x0)
mount$9p_unix(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x123008, 0x0)
mount$9p_unix(0x0, &(0x7f00000000c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$9p_unix(&(0x7f0000000080)='./file0\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0xa5800, 0x0)
mount$9p_unix(&(0x7f0000000500)='./file0\x00', &(0x7f0000000580)='./file0\x00', 0x0, 0x2040, 0x0)
11:52:26 executing program 7:
r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x2000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x0, 0x0)
write$binfmt_aout(r1, &(0x7f0000000c40)=ANY=[], 0x820)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
fsetxattr$trusted_overlay_upper(r0, &(0x7f0000000200), &(0x7f0000000240)={0x0, 0xfb, 0x16, 0x4, 0x7, "2a35603e7b266c3ac08bc86d576ecd03", "04"}, 0x16, 0x1)
sendfile(r1, r2, 0x0, 0x7fffffff)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
sendfile(r4, r3, 0x0, 0x0)
perf_event_open$cgroup(&(0x7f0000000180)={0x4, 0x80, 0x0, 0x8, 0x5, 0x40, 0x0, 0x2000000000000, 0xa0600, 0x9, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x5, 0x0, @perf_bp={&(0x7f0000000140), 0x4}, 0x10246, 0xe4, 0x7, 0x0, 0x7, 0xffff, 0x1, 0x0, 0x9, 0x0, 0x169}, r3, 0x3, 0xffffffffffffffff, 0xf)
r5 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$F2FS_IOC_FLUSH_DEVICE(0xffffffffffffffff, 0x4008f50a, &(0x7f0000000000))
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
signalfd4(r5, &(0x7f0000000040)={[0x101]}, 0x8, 0x40000)
ioctl$EXT4_IOC_CHECKPOINT(r4, 0x4004662b, &(0x7f0000000340))
11:52:26 executing program 0:
r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x2000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x0, 0x0)
write$binfmt_aout(r1, &(0x7f0000000c40)=ANY=[], 0x820)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
fsetxattr$trusted_overlay_upper(r0, &(0x7f0000000200), &(0x7f0000000240)={0x0, 0xfb, 0x16, 0x4, 0x7, "2a35603e7b266c3ac08bc86d576ecd03", "04"}, 0x16, 0x1)
sendfile(r1, r2, 0x0, 0x7fffffff)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
sendfile(r4, r3, 0x0, 0x0)
perf_event_open$cgroup(&(0x7f0000000180)={0x4, 0x80, 0x0, 0x8, 0x5, 0x40, 0x0, 0x2000000000000, 0xa0600, 0x9, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x5, 0x0, @perf_bp={&(0x7f0000000140), 0x4}, 0x10246, 0xe4, 0x7, 0x0, 0x7, 0xffff, 0x1, 0x0, 0x9, 0x0, 0x169}, r3, 0x3, 0xffffffffffffffff, 0xf)
r5 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$F2FS_IOC_FLUSH_DEVICE(0xffffffffffffffff, 0x4008f50a, &(0x7f0000000000))
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
signalfd4(r5, &(0x7f0000000040)={[0x101]}, 0x8, 0x40000)
ioctl$EXT4_IOC_CHECKPOINT(r4, 0x4004662b, &(0x7f0000000340))
11:52:26 executing program 3:
r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
mmap$IORING_OFF_SQES(&(0x7f0000ff9000/0x4000)=nil, 0x4000, 0x0, 0x12, r0, 0x10000000)
11:52:26 executing program 6:
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$HCIINQUIRY(r0, 0x400448e0, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = getpid()
sendmsg$netlink(r1, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000000)={0xffffffffffffff86, 0x0, 0x0, 0x0, 0x0, "", [@generic="600a451685ac0a7bc45895b67191df0ef6a04b9a6318ef8b25b3f3b65ba13c257903fd79e84ec86989e828b9dbd58609e0bb40bc1f9331b8792c4d8a7365da1497b8fa015d310cae61d187b6ce90fb6bc7104bb2009a7789cdda9185d864e9130eb363de689e7e7ab3cc904438d0ac79a43cb02cd6e2aecb6a7c402dc2598bf17fdc533044b85f566f0d61095a15c2d5789e597a0002baaddaf6faeeca8175f90fcd0f9891f4b89646950aa62ee9e78aadbc55f3266e4fcfbae21470692591f1deb9538c8fe29c2878db04", @typed={0x8, 0xf, 0x0, 0x0, @fd=r1}]}, 0xe4}], 0x1, &(0x7f0000007e00)=[@cred={{0x1c, 0x1, 0x2, {r2}}}], 0x20}, 0x0)
r3 = fsopen(&(0x7f0000000000)='ramfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r3, 0x6, 0x0, 0x0, 0x0)
r4 = fsmount(r3, 0x0, 0x0)
symlinkat(&(0x7f0000000000)='./file0\x00', r4, &(0x7f00000001c0)='./file0\x00')
statx(r4, &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000000140)={0x1, 0x80, 0x0, 0xbc, 0x81, 0x5, 0x0, 0x9, 0x2800, 0xc, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x3, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x5, 0x4ff9507ca5ac339f, @perf_config_ext={0xc4, 0x100000001}, 0x2000, 0x1, 0x413, 0x9, 0x9, 0x9, 0xab2, 0x0, 0x6, 0x0, 0x2}, r2, 0xffffffffffffffff, r4, 0x2)
ioctl$INCFS_IOC_GET_FILLED_BLOCKS(r0, 0x80286722, &(0x7f0000000100)={&(0x7f0000000000)=""/117, 0x75, 0x9, 0x5})
11:52:26 executing program 3:
r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
mmap$IORING_OFF_SQES(&(0x7f0000ff9000/0x4000)=nil, 0x4000, 0x0, 0x12, r0, 0x10000000)
11:52:26 executing program 0:
r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x2000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x0, 0x0)
write$binfmt_aout(r1, &(0x7f0000000c40)=ANY=[], 0x820)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
fsetxattr$trusted_overlay_upper(r0, &(0x7f0000000200), &(0x7f0000000240)={0x0, 0xfb, 0x16, 0x4, 0x7, "2a35603e7b266c3ac08bc86d576ecd03", "04"}, 0x16, 0x1)
sendfile(r1, r2, 0x0, 0x7fffffff)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
sendfile(r4, r3, 0x0, 0x0)
perf_event_open$cgroup(&(0x7f0000000180)={0x4, 0x80, 0x0, 0x8, 0x5, 0x40, 0x0, 0x2000000000000, 0xa0600, 0x9, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x5, 0x0, @perf_bp={&(0x7f0000000140), 0x4}, 0x10246, 0xe4, 0x7, 0x0, 0x7, 0xffff, 0x1, 0x0, 0x9, 0x0, 0x169}, r3, 0x3, 0xffffffffffffffff, 0xf)
r5 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$F2FS_IOC_FLUSH_DEVICE(0xffffffffffffffff, 0x4008f50a, &(0x7f0000000000))
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
signalfd4(r5, &(0x7f0000000040)={[0x101]}, 0x8, 0x40000)
ioctl$EXT4_IOC_CHECKPOINT(r4, 0x4004662b, &(0x7f0000000340))
11:52:26 executing program 4:
mknod(&(0x7f0000008d80)='./file0\x00', 0x0, 0x0)
mount$9p_unix(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x123008, 0x0)
mount$9p_unix(0x0, &(0x7f00000000c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$9p_unix(&(0x7f0000000080)='./file0\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0xa5800, 0x0)
mount$9p_unix(&(0x7f0000000500)='./file0\x00', &(0x7f0000000580)='./file0\x00', 0x0, 0x2040, 0x0)
11:52:26 executing program 2:
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x77, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
pipe2$9p(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0)
write$P9_RXATTRWALK(r0, &(0x7f0000000080)={0xc5}, 0xf)
11:52:26 executing program 0:
r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x2000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x0, 0x0)
write$binfmt_aout(r1, &(0x7f0000000c40)=ANY=[], 0x820)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
fsetxattr$trusted_overlay_upper(r0, &(0x7f0000000200), &(0x7f0000000240)={0x0, 0xfb, 0x16, 0x4, 0x7, "2a35603e7b266c3ac08bc86d576ecd03", "04"}, 0x16, 0x1)
sendfile(r1, r2, 0x0, 0x7fffffff)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
sendfile(r4, r3, 0x0, 0x0)
perf_event_open$cgroup(&(0x7f0000000180)={0x4, 0x80, 0x0, 0x8, 0x5, 0x40, 0x0, 0x2000000000000, 0xa0600, 0x9, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x5, 0x0, @perf_bp={&(0x7f0000000140), 0x4}, 0x10246, 0xe4, 0x7, 0x0, 0x7, 0xffff, 0x1, 0x0, 0x9, 0x0, 0x169}, r3, 0x3, 0xffffffffffffffff, 0xf)
r5 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$F2FS_IOC_FLUSH_DEVICE(0xffffffffffffffff, 0x4008f50a, &(0x7f0000000000))
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
signalfd4(r5, &(0x7f0000000040)={[0x101]}, 0x8, 0x40000)
ioctl$EXT4_IOC_CHECKPOINT(r4, 0x4004662b, &(0x7f0000000340))
11:52:26 executing program 5:
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$HCIINQUIRY(r0, 0x400448e0, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = getpid()
sendmsg$netlink(r1, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000000)={0xffffffffffffff86, 0x0, 0x0, 0x0, 0x0, "", [@generic="600a451685ac0a7bc45895b67191df0ef6a04b9a6318ef8b25b3f3b65ba13c257903fd79e84ec86989e828b9dbd58609e0bb40bc1f9331b8792c4d8a7365da1497b8fa015d310cae61d187b6ce90fb6bc7104bb2009a7789cdda9185d864e9130eb363de689e7e7ab3cc904438d0ac79a43cb02cd6e2aecb6a7c402dc2598bf17fdc533044b85f566f0d61095a15c2d5789e597a0002baaddaf6faeeca8175f90fcd0f9891f4b89646950aa62ee9e78aadbc55f3266e4fcfbae21470692591f1deb9538c8fe29c2878db04", @typed={0x8, 0xf, 0x0, 0x0, @fd=r1}]}, 0xe4}], 0x1, &(0x7f0000007e00)=[@cred={{0x1c, 0x1, 0x2, {r2}}}], 0x20}, 0x0)
r3 = fsopen(&(0x7f0000000000)='ramfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r3, 0x6, 0x0, 0x0, 0x0)
r4 = fsmount(r3, 0x0, 0x0)
symlinkat(&(0x7f0000000000)='./file0\x00', r4, &(0x7f00000001c0)='./file0\x00')
statx(r4, &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000000140)={0x1, 0x80, 0x0, 0xbc, 0x81, 0x5, 0x0, 0x9, 0x2800, 0xc, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x3, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x5, 0x4ff9507ca5ac339f, @perf_config_ext={0xc4, 0x100000001}, 0x2000, 0x1, 0x413, 0x9, 0x9, 0x9, 0xab2, 0x0, 0x6, 0x0, 0x2}, r2, 0xffffffffffffffff, r4, 0x2)
ioctl$INCFS_IOC_GET_FILLED_BLOCKS(r0, 0x80286722, &(0x7f0000000100)={&(0x7f0000000000)=""/117, 0x75, 0x9, 0x5})
11:52:26 executing program 1:
r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x2000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x0, 0x0)
write$binfmt_aout(r1, &(0x7f0000000c40)=ANY=[], 0x820)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
fsetxattr$trusted_overlay_upper(r0, &(0x7f0000000200), &(0x7f0000000240)={0x0, 0xfb, 0x16, 0x4, 0x7, "2a35603e7b266c3ac08bc86d576ecd03", "04"}, 0x16, 0x1)
sendfile(r1, r2, 0x0, 0x7fffffff)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
sendfile(r4, r3, 0x0, 0x0)
perf_event_open$cgroup(&(0x7f0000000180)={0x4, 0x80, 0x0, 0x8, 0x5, 0x40, 0x0, 0x2000000000000, 0xa0600, 0x9, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x5, 0x0, @perf_bp={&(0x7f0000000140), 0x4}, 0x10246, 0xe4, 0x7, 0x0, 0x7, 0xffff, 0x1, 0x0, 0x9, 0x0, 0x169}, r3, 0x3, 0xffffffffffffffff, 0xf)
r5 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$F2FS_IOC_FLUSH_DEVICE(0xffffffffffffffff, 0x4008f50a, &(0x7f0000000000))
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
signalfd4(r5, &(0x7f0000000040)={[0x101]}, 0x8, 0x40000)
ioctl$EXT4_IOC_CHECKPOINT(r4, 0x4004662b, &(0x7f0000000340))
11:52:26 executing program 1:
r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x2000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x0, 0x0)
write$binfmt_aout(r1, &(0x7f0000000c40)=ANY=[], 0x820)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
fsetxattr$trusted_overlay_upper(r0, &(0x7f0000000200), &(0x7f0000000240)={0x0, 0xfb, 0x16, 0x4, 0x7, "2a35603e7b266c3ac08bc86d576ecd03", "04"}, 0x16, 0x1)
sendfile(r1, r2, 0x0, 0x7fffffff)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
sendfile(r4, r3, 0x0, 0x0)
perf_event_open$cgroup(&(0x7f0000000180)={0x4, 0x80, 0x0, 0x8, 0x5, 0x40, 0x0, 0x2000000000000, 0xa0600, 0x9, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x5, 0x0, @perf_bp={&(0x7f0000000140), 0x4}, 0x10246, 0xe4, 0x7, 0x0, 0x7, 0xffff, 0x1, 0x0, 0x9, 0x0, 0x169}, r3, 0x3, 0xffffffffffffffff, 0xf)
r5 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$F2FS_IOC_FLUSH_DEVICE(0xffffffffffffffff, 0x4008f50a, &(0x7f0000000000))
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
signalfd4(r5, &(0x7f0000000040)={[0x101]}, 0x8, 0x40000)
ioctl$EXT4_IOC_CHECKPOINT(r4, 0x4004662b, &(0x7f0000000340))
11:52:26 executing program 5:
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$HCIINQUIRY(r0, 0x400448e0, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = getpid()
sendmsg$netlink(r1, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000000)={0xffffffffffffff86, 0x0, 0x0, 0x0, 0x0, "", [@generic="600a451685ac0a7bc45895b67191df0ef6a04b9a6318ef8b25b3f3b65ba13c257903fd79e84ec86989e828b9dbd58609e0bb40bc1f9331b8792c4d8a7365da1497b8fa015d310cae61d187b6ce90fb6bc7104bb2009a7789cdda9185d864e9130eb363de689e7e7ab3cc904438d0ac79a43cb02cd6e2aecb6a7c402dc2598bf17fdc533044b85f566f0d61095a15c2d5789e597a0002baaddaf6faeeca8175f90fcd0f9891f4b89646950aa62ee9e78aadbc55f3266e4fcfbae21470692591f1deb9538c8fe29c2878db04", @typed={0x8, 0xf, 0x0, 0x0, @fd=r1}]}, 0xe4}], 0x1, &(0x7f0000007e00)=[@cred={{0x1c, 0x1, 0x2, {r2}}}], 0x20}, 0x0)
r3 = fsopen(&(0x7f0000000000)='ramfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r3, 0x6, 0x0, 0x0, 0x0)
r4 = fsmount(r3, 0x0, 0x0)
symlinkat(&(0x7f0000000000)='./file0\x00', r4, &(0x7f00000001c0)='./file0\x00')
statx(r4, &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000000140)={0x1, 0x80, 0x0, 0xbc, 0x81, 0x5, 0x0, 0x9, 0x2800, 0xc, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x3, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x5, 0x4ff9507ca5ac339f, @perf_config_ext={0xc4, 0x100000001}, 0x2000, 0x1, 0x413, 0x9, 0x9, 0x9, 0xab2, 0x0, 0x6, 0x0, 0x2}, r2, 0xffffffffffffffff, r4, 0x2)
ioctl$INCFS_IOC_GET_FILLED_BLOCKS(r0, 0x80286722, &(0x7f0000000100)={&(0x7f0000000000)=""/117, 0x75, 0x9, 0x5})
11:52:26 executing program 0:
shmctl$SHM_INFO(0x0, 0xe, &(0x7f00000010c0)=""/205)
11:52:26 executing program 2:
r0 = memfd_create(&(0x7f0000000000)='B\xdb/\x89\x03l\xdeb\xcb\xb54\xed\xbeLK\xa4g?K)\xa0\xf0\x9b8Y\xb5Z\xe1\x12S\xf5G\xcc\xf3\xe9\x02h\v\xca(\x96\xe1C\xdf\x1c\xea\x85C\xfb\x10\x13\xfa\x03\x16\xcd\x05\x00\x80\xa1z\xb4r\x95\xc3@\x9d\xa6\xf1\xff#}g\xd3`\xf7\xcez\xcb\xb3\x1a\xbb\xc48e\x8e\xb1&\xd1\x8a\xe6!\x7f\x8d\xea,qx\xa28\xbf\"\xc7e\x80L\xb06\xeb<$\xd7\xba\xe5\x01\x03\x94r\xab\xd4J\x03s\xaf\xf6A\xbfV\xfa\x1ew\x8d\xbf\x99I\x97\xd8\xd2\xe8\x11\xc4\x04\x00\x04\xd5i\xee\xaf\xae[E\x1f\xdd\xd7#rT+\xb621p\xaf[\x99\" 1\xeb\xc7)\xd2\x1dh\xf2\xd5s\xfd?\fa>\x9f;\xe5r\xe5\xbd\xb0|=\x8eZcPY\xf8\xbd\x13\xaa\x8b\xdf\xbc\x93u\xd5\xb0r\xfb\xde\xe7\xd9k\xe2\xc6\x1b\xf2o@&>\xf2M\xe7\x8c\xeb\xee\xf5\x02~\x85\x14\xf3\xc6v\xf15PE\x8c\xca\x16$\xc2\x01#\xb563\rbq\xbf64\xfaW\x17\xdfa\xe6\xca\x86\xd7\xf8\x81X\x9bg4\xc1\xdam\xcf=Rq6\xb0\xd4D=I\x1a\x0e\xd0\xabz\xe2\x19\x0fM\xad\xdco\xa4\xb2\x8c?\xc1\x10\xf273\x01\x00\xb3_\xe8\x9a*\xfcL\xea;\xc0\x9a\xdbx!N;\xb5x\t\xa4E\xbe\x93r\x04\xf5\xf0\xf5\x7f\x9a)\xf5\x1b\"\xa1\xd8\x06>\xc9\xe2r\xe9_\xee\xc0\b\x81\x98\x1c\xe2\xe0?\x8f\xa1\xbel\aN\x83@\xb1\x03)4A\x83\x01\x01\x00\x00\x00\x00\x00\x00\b$\xa2x\x8a@\xfaj~\xef\x93\xb1/\\\x01\xe2\xba\x0e\xe3\xf95\x1d\x10\xa7\x97\xbf\x8e\xac\x81\xc9\x13\x8e\xb3\xf3\xb5d\xa1\xcf\x1d\x92\x9b\x9b\xa7\x12F\xa0\xe0\xff\x1a\x8e\xe2ae^=\n\xe1\xa6\xb8\xe9v\x8f2\xf4\xac\xe5\xdf\xffi`Mo\x1e\x1cMN<\x1b\xd8\xfe\xd6P\xcdQ\x83\xfa\xe7\x1d\xd5\x01n\xa7~\x8b\x90/62\xff;.S\xf7\x0flwa\x16\xf0\xf2(\x96V,\xd7s\xaaOE\xd3H\xfd`}\xd8\xbc\x9a\xca\xe3\n\xd7fCe\xd8\xbb\xdao\xb0\x85\xcc\xedv\x94\xb5\xc4\xb6[>\xb9,\xfch_-s\x94,F\x15\xd8m5>\x94\x84\xf5\x00\xc3\xf6m\xc7B\t{\xe0d\xc65(\x18\x9c\xad\x13b6\xca\x16\x95\xcb^zF\xd0\x1a\x8dP\x94\x19\xa4\xbfr=\xb6\xae', 0x0)
r1 = memfd_create(&(0x7f0000002800)='B\xdb/\x89\x03l\xdeb\xcb\xb54\xed\xbeLK\xa4g?K)\xa0\xf0\x9b8Y\xb5Z\xe1\x12S\xf5G\xcc\xf3\xe9\x02h\v\xca(\x96\xe1,\xdf\x1c\xea\x85C\xfb\x10\x13\xfa\x03\x16\xcd\x05\x00\x80\xa1z\xb4r\x95\xc3@\x9d\xa6\xf1\xff#}g\xd3`\xf7\xcez\xcb\xb3\x1a\xbb\xc48e\x8e\xb1&\xd1\x8a\xe6!\x7f\x8d\xea,qx\xa28\xbf\"\xc7e\x80L\xb06\xeb<$\xd7\xba\xe5\x01\x03\x94r\xab\xd4J\x03s\xaf\xf6A\xbfV\xfa\x1ew\x8d\xbf\x99I\x97\xd8\xd2\xe8\x11\xc4\x04\x00\x04\xd5i\xee\xaf\xae[E\x1f\xdd\xd7#rT+\xb621p\xaf[\x99\" 1\xeb\xc7)\xd2\x1dh\xf2\xd5s\xfd?\fa>\x9f;\xe5r\xe5\xbd\xb0|=\x8eZcPY\xf8\xbd\x13\xaa\x8b\xdf\xbc\x93u\xd5\xb0r\xfb\xde\xe7\xd9k\xe2\xc6\x1b\xf2o@&>\xf2M\xe7\x8c\xeb\xee\xf5\x02~\x85\x14\xf3\xc6v\xf15PE\x8c\xca\x16$\xc2\x01#\xb563\rbq\xbf64\xfaW\x17\xdfa\xe6\xca\x86\xd7\xf8\x81X\x9bg4\xc1\xdam\xcf=Rq6\xb0\xd4D=I\x1a\x0e\xd0\xabz\xe2\x19\x0fM\xad\xdco\xa4\xb2\x8c?\xc1\x10\xf273\x01\x00\xb3_\xe8\x9a*\xfcL\xea;\xc0\x9a\xdbx!N;\xb5x\t\xa4E\xbe\x93r\x04\xf5\xf0\xf5\x7f\x9a)\xf5\x1b\"\xa1\xd8\x06>\xc9\xe2r\xe9_\xee\xc0\b\x81\x98\x1c\xe2\xe0?\x8f\xa1\xbel\aN\x83@\xb1\x03)4A\x83\x01\x01\x00\x00\x00\x00\x00\x00\b$\xa2x\x8a@\xfaj~\xef\x93\xb1/\\\x01\xe2\xba\x0e\xe3\xf95\x1d\x10\xa7\x97\xbf\x8e\xac\x81\xc9\x13\x8e\xb3\xf3\xb5d\xa1\xcf\x1d\x92\x9b\x9b\xa7\x12F\x06\x00\xff\x1a\x8e\xe2ae\x1e=\n\xe1\xa6\xb8\xe9v\x8f2\xf4\xac\xe5\xdf\xffi`Mo\x1e\x1cMN<\x1b\xd8\xfe\xd6P\xcdQ\x83\xfa\xe7\x1d\xd5\x01n\xa7~\x8b\x90/62\xff;.S\xf7\x0flwa\x16\xf0\xf2(\x96V,\xd7s\xaaOE\xd3H\xfd`}\xd8\xbc\x9a\xca\xe3\n\xd7fCe\xd8\xbb\xdao\xb0\x85\xcc\xedv\x94\xb5\xc4\xb6[>\xb9,\xfch_-s\x94,F\x15\xd8m5>\x94\x84\xf5\x00\xc3\xf6m\xc7B\t{\xe0d\xc65(\x18\x9c\xad\x13b6\xca\x16\x95\xcb^zF\xd0\x1a\x8dP\x94\x19\xa4\xbfr=\xb6\xae\xc0\xa6d\x12\'y\x11Zcu\xe7\xc4{\\0Y[\xdf\x96\xbf\x97\xa7CS\xfe$\xeb\xac\x9a\xa9\x7f\x85G\xa2\xc8mt\x8fs-\xae\xc6\xd4\x8a|I\xe3\xfe\x04%\x1b\xd8F\xa9\x9f\x96?L\xb7MGE\xbf\x1b\xf8\t\f_\xa0j\x9e\xadM\xa4\xc8\xba\xdc\xabzO8\xeb#\xdc\x1e\v_\v\xc0\xbc\\r`\x8b\x11z\xbb\x89$\xe9t\x8c+6l\f\xd0\x0e\xd0K\x16C\xc8ty\x97\x8ev\x15\xe6\x8a\xc4p\xeb\xe5!\xcfS\x95\xe6\xfa\xb4+C\xc3\x01I\x1f\xea\xc27\xff\x9c\x13\xeed\xed8\xbfR\x01&\xe0@Y\xc9\xe6GL\xd5?\x03', 0x0)
ftruncate(r1, 0x2000000)
sendfile(r0, r1, 0x0, 0x7fff)
preadv(r0, &(0x7f00000024c0)=[{&(0x7f0000000280)=""/188, 0xbc}], 0x1, 0x1, 0x0)
11:52:26 executing program 4:
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x9d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
tgkill(0x0, 0x0, 0x0)
11:52:26 executing program 7:
r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x2000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x0, 0x0)
write$binfmt_aout(r1, &(0x7f0000000c40)=ANY=[], 0x820)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
fsetxattr$trusted_overlay_upper(r0, &(0x7f0000000200), &(0x7f0000000240)={0x0, 0xfb, 0x16, 0x4, 0x7, "2a35603e7b266c3ac08bc86d576ecd03", "04"}, 0x16, 0x1)
sendfile(r1, r2, 0x0, 0x7fffffff)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
sendfile(r4, r3, 0x0, 0x0)
perf_event_open$cgroup(&(0x7f0000000180)={0x4, 0x80, 0x0, 0x8, 0x5, 0x40, 0x0, 0x2000000000000, 0xa0600, 0x9, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x5, 0x0, @perf_bp={&(0x7f0000000140), 0x4}, 0x10246, 0xe4, 0x7, 0x0, 0x7, 0xffff, 0x1, 0x0, 0x9, 0x0, 0x169}, r3, 0x3, 0xffffffffffffffff, 0xf)
r5 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$F2FS_IOC_FLUSH_DEVICE(0xffffffffffffffff, 0x4008f50a, &(0x7f0000000000))
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
signalfd4(r5, &(0x7f0000000040)={[0x101]}, 0x8, 0x40000)
ioctl$EXT4_IOC_CHECKPOINT(r4, 0x4004662b, &(0x7f0000000340))
11:52:26 executing program 6:
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$HCIINQUIRY(r0, 0x400448e0, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = getpid()
sendmsg$netlink(r1, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000000)={0xffffffffffffff86, 0x0, 0x0, 0x0, 0x0, "", [@generic="600a451685ac0a7bc45895b67191df0ef6a04b9a6318ef8b25b3f3b65ba13c257903fd79e84ec86989e828b9dbd58609e0bb40bc1f9331b8792c4d8a7365da1497b8fa015d310cae61d187b6ce90fb6bc7104bb2009a7789cdda9185d864e9130eb363de689e7e7ab3cc904438d0ac79a43cb02cd6e2aecb6a7c402dc2598bf17fdc533044b85f566f0d61095a15c2d5789e597a0002baaddaf6faeeca8175f90fcd0f9891f4b89646950aa62ee9e78aadbc55f3266e4fcfbae21470692591f1deb9538c8fe29c2878db04", @typed={0x8, 0xf, 0x0, 0x0, @fd=r1}]}, 0xe4}], 0x1, &(0x7f0000007e00)=[@cred={{0x1c, 0x1, 0x2, {r2}}}], 0x20}, 0x0)
r3 = fsopen(&(0x7f0000000000)='ramfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r3, 0x6, 0x0, 0x0, 0x0)
r4 = fsmount(r3, 0x0, 0x0)
symlinkat(&(0x7f0000000000)='./file0\x00', r4, &(0x7f00000001c0)='./file0\x00')
statx(r4, &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000000140)={0x1, 0x80, 0x0, 0xbc, 0x81, 0x5, 0x0, 0x9, 0x2800, 0xc, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x3, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x5, 0x4ff9507ca5ac339f, @perf_config_ext={0xc4, 0x100000001}, 0x2000, 0x1, 0x413, 0x9, 0x9, 0x9, 0xab2, 0x0, 0x6, 0x0, 0x2}, r2, 0xffffffffffffffff, r4, 0x2)
ioctl$INCFS_IOC_GET_FILLED_BLOCKS(r0, 0x80286722, &(0x7f0000000100)={&(0x7f0000000000)=""/117, 0x75, 0x9, 0x5})
11:52:26 executing program 3:
r0 = socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000480)={'wlan0\x00'})
11:52:26 executing program 1:
r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x2000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x0, 0x0)
write$binfmt_aout(r1, &(0x7f0000000c40)=ANY=[], 0x820)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
fsetxattr$trusted_overlay_upper(r0, &(0x7f0000000200), &(0x7f0000000240)={0x0, 0xfb, 0x16, 0x4, 0x7, "2a35603e7b266c3ac08bc86d576ecd03", "04"}, 0x16, 0x1)
sendfile(r1, r2, 0x0, 0x7fffffff)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
sendfile(r4, r3, 0x0, 0x0)
perf_event_open$cgroup(&(0x7f0000000180)={0x4, 0x80, 0x0, 0x8, 0x5, 0x40, 0x0, 0x2000000000000, 0xa0600, 0x9, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x5, 0x0, @perf_bp={&(0x7f0000000140), 0x4}, 0x10246, 0xe4, 0x7, 0x0, 0x7, 0xffff, 0x1, 0x0, 0x9, 0x0, 0x169}, r3, 0x3, 0xffffffffffffffff, 0xf)
r5 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$F2FS_IOC_FLUSH_DEVICE(0xffffffffffffffff, 0x4008f50a, &(0x7f0000000000))
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
signalfd4(r5, &(0x7f0000000040)={[0x101]}, 0x8, 0x40000)
ioctl$EXT4_IOC_CHECKPOINT(r4, 0x4004662b, &(0x7f0000000340))
11:52:26 executing program 0:
shmctl$SHM_INFO(0x0, 0xe, &(0x7f00000010c0)=""/205)
11:52:26 executing program 0:
shmctl$SHM_INFO(0x0, 0xe, &(0x7f00000010c0)=""/205)
11:52:26 executing program 2:
r0 = memfd_create(&(0x7f0000000000)='B\xdb/\x89\x03l\xdeb\xcb\xb54\xed\xbeLK\xa4g?K)\xa0\xf0\x9b8Y\xb5Z\xe1\x12S\xf5G\xcc\xf3\xe9\x02h\v\xca(\x96\xe1C\xdf\x1c\xea\x85C\xfb\x10\x13\xfa\x03\x16\xcd\x05\x00\x80\xa1z\xb4r\x95\xc3@\x9d\xa6\xf1\xff#}g\xd3`\xf7\xcez\xcb\xb3\x1a\xbb\xc48e\x8e\xb1&\xd1\x8a\xe6!\x7f\x8d\xea,qx\xa28\xbf\"\xc7e\x80L\xb06\xeb<$\xd7\xba\xe5\x01\x03\x94r\xab\xd4J\x03s\xaf\xf6A\xbfV\xfa\x1ew\x8d\xbf\x99I\x97\xd8\xd2\xe8\x11\xc4\x04\x00\x04\xd5i\xee\xaf\xae[E\x1f\xdd\xd7#rT+\xb621p\xaf[\x99\" 1\xeb\xc7)\xd2\x1dh\xf2\xd5s\xfd?\fa>\x9f;\xe5r\xe5\xbd\xb0|=\x8eZcPY\xf8\xbd\x13\xaa\x8b\xdf\xbc\x93u\xd5\xb0r\xfb\xde\xe7\xd9k\xe2\xc6\x1b\xf2o@&>\xf2M\xe7\x8c\xeb\xee\xf5\x02~\x85\x14\xf3\xc6v\xf15PE\x8c\xca\x16$\xc2\x01#\xb563\rbq\xbf64\xfaW\x17\xdfa\xe6\xca\x86\xd7\xf8\x81X\x9bg4\xc1\xdam\xcf=Rq6\xb0\xd4D=I\x1a\x0e\xd0\xabz\xe2\x19\x0fM\xad\xdco\xa4\xb2\x8c?\xc1\x10\xf273\x01\x00\xb3_\xe8\x9a*\xfcL\xea;\xc0\x9a\xdbx!N;\xb5x\t\xa4E\xbe\x93r\x04\xf5\xf0\xf5\x7f\x9a)\xf5\x1b\"\xa1\xd8\x06>\xc9\xe2r\xe9_\xee\xc0\b\x81\x98\x1c\xe2\xe0?\x8f\xa1\xbel\aN\x83@\xb1\x03)4A\x83\x01\x01\x00\x00\x00\x00\x00\x00\b$\xa2x\x8a@\xfaj~\xef\x93\xb1/\\\x01\xe2\xba\x0e\xe3\xf95\x1d\x10\xa7\x97\xbf\x8e\xac\x81\xc9\x13\x8e\xb3\xf3\xb5d\xa1\xcf\x1d\x92\x9b\x9b\xa7\x12F\xa0\xe0\xff\x1a\x8e\xe2ae^=\n\xe1\xa6\xb8\xe9v\x8f2\xf4\xac\xe5\xdf\xffi`Mo\x1e\x1cMN<\x1b\xd8\xfe\xd6P\xcdQ\x83\xfa\xe7\x1d\xd5\x01n\xa7~\x8b\x90/62\xff;.S\xf7\x0flwa\x16\xf0\xf2(\x96V,\xd7s\xaaOE\xd3H\xfd`}\xd8\xbc\x9a\xca\xe3\n\xd7fCe\xd8\xbb\xdao\xb0\x85\xcc\xedv\x94\xb5\xc4\xb6[>\xb9,\xfch_-s\x94,F\x15\xd8m5>\x94\x84\xf5\x00\xc3\xf6m\xc7B\t{\xe0d\xc65(\x18\x9c\xad\x13b6\xca\x16\x95\xcb^zF\xd0\x1a\x8dP\x94\x19\xa4\xbfr=\xb6\xae', 0x0)
r1 = memfd_create(&(0x7f0000002800)='B\xdb/\x89\x03l\xdeb\xcb\xb54\xed\xbeLK\xa4g?K)\xa0\xf0\x9b8Y\xb5Z\xe1\x12S\xf5G\xcc\xf3\xe9\x02h\v\xca(\x96\xe1,\xdf\x1c\xea\x85C\xfb\x10\x13\xfa\x03\x16\xcd\x05\x00\x80\xa1z\xb4r\x95\xc3@\x9d\xa6\xf1\xff#}g\xd3`\xf7\xcez\xcb\xb3\x1a\xbb\xc48e\x8e\xb1&\xd1\x8a\xe6!\x7f\x8d\xea,qx\xa28\xbf\"\xc7e\x80L\xb06\xeb<$\xd7\xba\xe5\x01\x03\x94r\xab\xd4J\x03s\xaf\xf6A\xbfV\xfa\x1ew\x8d\xbf\x99I\x97\xd8\xd2\xe8\x11\xc4\x04\x00\x04\xd5i\xee\xaf\xae[E\x1f\xdd\xd7#rT+\xb621p\xaf[\x99\" 1\xeb\xc7)\xd2\x1dh\xf2\xd5s\xfd?\fa>\x9f;\xe5r\xe5\xbd\xb0|=\x8eZcPY\xf8\xbd\x13\xaa\x8b\xdf\xbc\x93u\xd5\xb0r\xfb\xde\xe7\xd9k\xe2\xc6\x1b\xf2o@&>\xf2M\xe7\x8c\xeb\xee\xf5\x02~\x85\x14\xf3\xc6v\xf15PE\x8c\xca\x16$\xc2\x01#\xb563\rbq\xbf64\xfaW\x17\xdfa\xe6\xca\x86\xd7\xf8\x81X\x9bg4\xc1\xdam\xcf=Rq6\xb0\xd4D=I\x1a\x0e\xd0\xabz\xe2\x19\x0fM\xad\xdco\xa4\xb2\x8c?\xc1\x10\xf273\x01\x00\xb3_\xe8\x9a*\xfcL\xea;\xc0\x9a\xdbx!N;\xb5x\t\xa4E\xbe\x93r\x04\xf5\xf0\xf5\x7f\x9a)\xf5\x1b\"\xa1\xd8\x06>\xc9\xe2r\xe9_\xee\xc0\b\x81\x98\x1c\xe2\xe0?\x8f\xa1\xbel\aN\x83@\xb1\x03)4A\x83\x01\x01\x00\x00\x00\x00\x00\x00\b$\xa2x\x8a@\xfaj~\xef\x93\xb1/\\\x01\xe2\xba\x0e\xe3\xf95\x1d\x10\xa7\x97\xbf\x8e\xac\x81\xc9\x13\x8e\xb3\xf3\xb5d\xa1\xcf\x1d\x92\x9b\x9b\xa7\x12F\x06\x00\xff\x1a\x8e\xe2ae\x1e=\n\xe1\xa6\xb8\xe9v\x8f2\xf4\xac\xe5\xdf\xffi`Mo\x1e\x1cMN<\x1b\xd8\xfe\xd6P\xcdQ\x83\xfa\xe7\x1d\xd5\x01n\xa7~\x8b\x90/62\xff;.S\xf7\x0flwa\x16\xf0\xf2(\x96V,\xd7s\xaaOE\xd3H\xfd`}\xd8\xbc\x9a\xca\xe3\n\xd7fCe\xd8\xbb\xdao\xb0\x85\xcc\xedv\x94\xb5\xc4\xb6[>\xb9,\xfch_-s\x94,F\x15\xd8m5>\x94\x84\xf5\x00\xc3\xf6m\xc7B\t{\xe0d\xc65(\x18\x9c\xad\x13b6\xca\x16\x95\xcb^zF\xd0\x1a\x8dP\x94\x19\xa4\xbfr=\xb6\xae\xc0\xa6d\x12\'y\x11Zcu\xe7\xc4{\\0Y[\xdf\x96\xbf\x97\xa7CS\xfe$\xeb\xac\x9a\xa9\x7f\x85G\xa2\xc8mt\x8fs-\xae\xc6\xd4\x8a|I\xe3\xfe\x04%\x1b\xd8F\xa9\x9f\x96?L\xb7MGE\xbf\x1b\xf8\t\f_\xa0j\x9e\xadM\xa4\xc8\xba\xdc\xabzO8\xeb#\xdc\x1e\v_\v\xc0\xbc\\r`\x8b\x11z\xbb\x89$\xe9t\x8c+6l\f\xd0\x0e\xd0K\x16C\xc8ty\x97\x8ev\x15\xe6\x8a\xc4p\xeb\xe5!\xcfS\x95\xe6\xfa\xb4+C\xc3\x01I\x1f\xea\xc27\xff\x9c\x13\xeed\xed8\xbfR\x01&\xe0@Y\xc9\xe6GL\xd5?\x03', 0x0)
ftruncate(r1, 0x2000000)
sendfile(r0, r1, 0x0, 0x7fff)
preadv(r0, &(0x7f00000024c0)=[{&(0x7f0000000280)=""/188, 0xbc}], 0x1, 0x1, 0x0)
11:52:26 executing program 5:
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$HCIINQUIRY(r0, 0x400448e0, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = getpid()
sendmsg$netlink(r1, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000000)={0xffffffffffffff86, 0x0, 0x0, 0x0, 0x0, "", [@generic="600a451685ac0a7bc45895b67191df0ef6a04b9a6318ef8b25b3f3b65ba13c257903fd79e84ec86989e828b9dbd58609e0bb40bc1f9331b8792c4d8a7365da1497b8fa015d310cae61d187b6ce90fb6bc7104bb2009a7789cdda9185d864e9130eb363de689e7e7ab3cc904438d0ac79a43cb02cd6e2aecb6a7c402dc2598bf17fdc533044b85f566f0d61095a15c2d5789e597a0002baaddaf6faeeca8175f90fcd0f9891f4b89646950aa62ee9e78aadbc55f3266e4fcfbae21470692591f1deb9538c8fe29c2878db04", @typed={0x8, 0xf, 0x0, 0x0, @fd=r1}]}, 0xe4}], 0x1, &(0x7f0000007e00)=[@cred={{0x1c, 0x1, 0x2, {r2}}}], 0x20}, 0x0)
r3 = fsopen(&(0x7f0000000000)='ramfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r3, 0x6, 0x0, 0x0, 0x0)
r4 = fsmount(r3, 0x0, 0x0)
symlinkat(&(0x7f0000000000)='./file0\x00', r4, &(0x7f00000001c0)='./file0\x00')
statx(r4, &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000000140)={0x1, 0x80, 0x0, 0xbc, 0x81, 0x5, 0x0, 0x9, 0x2800, 0xc, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x3, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x5, 0x4ff9507ca5ac339f, @perf_config_ext={0xc4, 0x100000001}, 0x2000, 0x1, 0x413, 0x9, 0x9, 0x9, 0xab2, 0x0, 0x6, 0x0, 0x2}, r2, 0xffffffffffffffff, r4, 0x2)
ioctl$INCFS_IOC_GET_FILLED_BLOCKS(r0, 0x80286722, &(0x7f0000000100)={&(0x7f0000000000)=""/117, 0x75, 0x9, 0x5})
11:52:26 executing program 4:
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x9d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
tgkill(0x0
VM DIAGNOSIS:
11:52:20 Registers:
info registers vcpu 0
RAX=0000000000000037 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff822b29f1 RDI=ffffffff87641ba0 RBP=ffffffff87641b60 RSP=ffff88803e67f348
R8 =0000000000000001 R9 =000000000000000a R10=0000000000000037 R11=0000000000000001
R12=0000000000000037 R13=ffffffff87641b60 R14=0000000000000010 R15=ffffffff822b29e0
RIP=ffffffff822b2a49 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 00000000 00000000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA]
DS =0000 0000000000000000 00000000 00000000
FS =0000 00007fa7bc574700 00000000 00000000
GS =0000 ffff88806ce00000 00000000 00000000
LDT=0000 fffffe0000000000 00000000 00000000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT= fffffe0000001000 0000007f
IDT= fffffe0000000000 00000fff
CR0=80050033 CR2=00007efc25c4e028 CR3=0000000015f70000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
YMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM01=0000000000000000 0000000000000000 00007fa7bf0e57c0 00007fa7bf0e57c8
YMM02=0000000000000000 0000000000000000 00007fa7bf0e57e0 00007fa7bf0e57c0
YMM03=0000000000000000 0000000000000000 00007fa7bf0e57c8 00007fa7bf0e57c0
YMM04=0000000000000000 0000000000000000 ffffffffffffffff ffffffff00000000
YMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM06=0000000000000000 0000000000000000 0000000000000000 000000524f525245
YMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM08=0000000000000000 0000000000000000 0000000000000000 00524f5252450040
YMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1
RAX=0000000000000000 RBX=0000000000000001 RCX=ffffffff84264287 RDX=ffffed100d9c6f99
RSI=0000000000000004 RDI=ffff88806ce37cc0 RBP=ffff88806ce37cc0 RSP=ffff88806cf09b20
R8 =0000000000000000 R9 =ffff88806ce37cc3 R10=ffffed100d9c6f98 R11=0000000000000001
R12=0000000000000003 R13=ffffed100d9c6f98 R14=0000000000000001 R15=1ffff1100d9e1365
RIP=ffffffff84264304 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 00000000 00000000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA]
DS =0000 0000000000000000 00000000 00000000
FS =0000 0000000000000000 00000000 00000000
GS =0000 ffff88806cf00000 00000000 00000000
LDT=0000 fffffe0000000000 00000000 00000000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT= fffffe0000048000 0000007f
IDT= fffffe0000000000 00000fff
CR0=80050033 CR2=00007fff6cda0ed0 CR3=000000003aca0000 CR4=00350ee0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
YMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM01=0000000000000000 0000000000000000 ffffffffffffffff ffffffffffffffff
YMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM04=0000000000000000 0000000000000000 0000000000000000 00000000000000ff
YMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM06=0000000000000000 0000000000000000 0000000000000000 000000524f525245
YMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM08=0000000000000000 0000000000000000 0000000000000000 00524f5252450040
YMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000