Warning: Permanently added '[localhost]:17028' (ECDSA) to the list of known hosts. 2022/09/16 10:57:10 fuzzer started 2022/09/16 10:57:10 dialing manager at localhost:36051 syzkaller login: [ 43.709368] cgroup: Unknown subsys name 'net' [ 43.857500] cgroup: Unknown subsys name 'rlimit' 2022/09/16 10:57:25 syscalls: 2215 2022/09/16 10:57:25 code coverage: enabled 2022/09/16 10:57:25 comparison tracing: enabled 2022/09/16 10:57:25 extra coverage: enabled 2022/09/16 10:57:25 setuid sandbox: enabled 2022/09/16 10:57:25 namespace sandbox: enabled 2022/09/16 10:57:25 Android sandbox: enabled 2022/09/16 10:57:25 fault injection: enabled 2022/09/16 10:57:25 leak checking: enabled 2022/09/16 10:57:25 net packet injection: enabled 2022/09/16 10:57:25 net device setup: enabled 2022/09/16 10:57:25 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2022/09/16 10:57:25 devlink PCI setup: PCI device 0000:00:10.0 is not available 2022/09/16 10:57:25 USB emulation: enabled 2022/09/16 10:57:25 hci packet injection: enabled 2022/09/16 10:57:25 wifi device emulation: failed to parse kernel version (6.0.0-rc5-next-20220916) 2022/09/16 10:57:25 802.15.4 emulation: enabled 2022/09/16 10:57:25 fetching corpus: 0, signal 0/2000 (executing program) 2022/09/16 10:57:25 fetching corpus: 50, signal 37616/39575 (executing program) 2022/09/16 10:57:26 fetching corpus: 100, signal 48281/50398 (executing program) 2022/09/16 10:57:26 fetching corpus: 150, signal 56528/58472 (executing program) 2022/09/16 10:57:26 fetching corpus: 200, signal 66338/67495 (executing program) 2022/09/16 10:57:26 fetching corpus: 250, signal 69433/70301 (executing program) 2022/09/16 10:57:26 fetching corpus: 258, signal 69772/70729 (executing program) 2022/09/16 10:57:26 fetching corpus: 258, signal 69772/70847 (executing program) 2022/09/16 10:57:26 fetching corpus: 258, signal 69772/70976 (executing program) 2022/09/16 10:57:26 fetching corpus: 258, signal 69772/71124 (executing program) 2022/09/16 10:57:26 fetching corpus: 258, signal 69772/71271 (executing program) 2022/09/16 10:57:26 fetching corpus: 258, signal 69772/71389 (executing program) 2022/09/16 10:57:26 fetching corpus: 258, signal 69772/71525 (executing program) 2022/09/16 10:57:26 fetching corpus: 258, signal 69772/71655 (executing program) 2022/09/16 10:57:26 fetching corpus: 258, signal 69772/71781 (executing program) 2022/09/16 10:57:26 fetching corpus: 258, signal 69772/71932 (executing program) 2022/09/16 10:57:27 fetching corpus: 258, signal 69772/72098 (executing program) 2022/09/16 10:57:27 fetching corpus: 258, signal 69772/72227 (executing program) 2022/09/16 10:57:27 fetching corpus: 258, signal 69772/72380 (executing program) 2022/09/16 10:57:27 fetching corpus: 258, signal 69772/72512 (executing program) 2022/09/16 10:57:27 fetching corpus: 258, signal 69772/72646 (executing program) 2022/09/16 10:57:27 fetching corpus: 258, signal 69783/72781 (executing program) 2022/09/16 10:57:27 fetching corpus: 258, signal 69783/72904 (executing program) 2022/09/16 10:57:27 fetching corpus: 258, signal 69783/73026 (executing program) 2022/09/16 10:57:27 fetching corpus: 258, signal 69783/73150 (executing program) 2022/09/16 10:57:27 fetching corpus: 258, signal 69783/73293 (executing program) 2022/09/16 10:57:27 fetching corpus: 258, signal 69783/73422 (executing program) 2022/09/16 10:57:27 fetching corpus: 258, signal 69783/73540 (executing program) 2022/09/16 10:57:27 fetching corpus: 258, signal 69783/73663 (executing program) 2022/09/16 10:57:27 fetching corpus: 258, signal 69783/73802 (executing program) 2022/09/16 10:57:27 fetching corpus: 258, signal 69783/73942 (executing program) 2022/09/16 10:57:27 fetching corpus: 258, signal 69783/74074 (executing program) 2022/09/16 10:57:27 fetching corpus: 259, signal 69794/74204 (executing program) 2022/09/16 10:57:27 fetching corpus: 259, signal 69794/74355 (executing program) 2022/09/16 10:57:27 fetching corpus: 259, signal 69794/74478 (executing program) 2022/09/16 10:57:27 fetching corpus: 259, signal 69794/74604 (executing program) 2022/09/16 10:57:27 fetching corpus: 259, signal 69794/74604 (executing program) 2022/09/16 10:57:29 starting 8 fuzzer processes 10:57:29 executing program 0: getitimer(0x0, 0x0) 10:57:29 executing program 1: socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) write$binfmt_elf64(r0, &(0x7f0000000280)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40}, [{}]}, 0xffffff4c) 10:57:29 executing program 2: r0 = syz_open_procfs(0x0, &(0x7f0000000000)='net/softnet_stat\x00') r1 = syz_open_dev$loop(&(0x7f0000000140), 0x0, 0x0) ioctl$LOOP_SET_FD(r1, 0x40081271, r0) 10:57:29 executing program 3: syz_emit_vhci(&(0x7f0000000200)=@HCI_EVENT_PKT={0x4, @hci_ev_pin_code_req={{0x16, 0x6}, {@fixed}}}, 0x9) [ 62.577739] audit: type=1400 audit(1663325849.702:6): avc: denied { execmem } for pid=287 comm="syz-executor.1" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1 10:57:29 executing program 4: r0 = memfd_create(&(0x7f0000000400)='B\xdb/\x89\x03l\xdeb\xcb\xb54\xed\xbeLY\xb5Z\xe1\x12S\xf5G\xcc\xf3\xe9\x02h\v\xca(\x96\xe1C\xdf\x1c\xea\x85C\xfb\x10\x13\xfa\x03\x16\xcd\x17\xa2\x80\xa1z\xb4r\x95\xc3@\x9d\xa6\xf1\x92#}g\xd3`\xf7\xcez\xcb\xb3\x1a\xbb\xc48e\x8e\xb1&\xd1\x8a\xe6!\x7f\x8d\xea,qx\xa28\xbf\"\xc7e\x06L\xb06\xeb<$\xd7\xba\xe5\x01\x03\x94r\xab\xd4J\x03s\xaf\xf6A\xbfV\xfa\x1ew\x8d\xbf\x99I\x97\xd8\xd2\xe8\x11\xc4\x04\x00\x84\xd5i\xee\xaf\xae[E\x1f\xdd\xd7#rT+\xb621p\xaf[\x99\" 1\xeb\xc7)\xd2\x1dh\xf2\xd5s\xfd?\fa>\x9f;\xe5r\xe5\xbd\xb0|=\x8eZcPY\xf8\xbd\x13\xaa\x8b\xdf\xbc\x93u\xd5\xb0r\xfb\xde\xe7\xd9k\xe2\xc6\x1b\xf2o@&>\xf2M\xe7\x8c\xeb\xee\xf5\x02~\x85\x14\xf3\xc6v\xf15PE\x8c\xca\x16$\xc2\x01#\xb563\rbq\xbf64\xfaW\x17\xdfa\xe6\xca\x86\xd7\xf8\x81X\x9bg4\xc1\xdam\xcf=Rq6\xb0\xd4D=I\x1a\x0e\xd0\xabz\xe2\x19\x0fM\xad\xdco\xa4\xb2\x8c?\xc1\x10\xf273\xd00\xb3_\xe8\x9a*\xfcL\xea;\xc0\x9a\xdbx!N;\xb5x\t\xa4E\xbe\x93r\x04\xf5\xf0\xf5\x7f\x9a)\xf5\x1b\"\xa1\xd8\x06>\xc9\xe2r\xe9\xbb\xfe\xc0\b\x81\x98\x1c\xe2\xe0?\x8f\xa1\xbel\aN\x83@\xb1\x03)4A\x83\xd6\xcf\xf6\xb5\x82\xb7\x9dA\b$\xa2x\x8a@\xfaj~\xef\x93\xb1/L\x01\xe2\xba|\xf0\x01)PP\xcdl\x06\xfc\x15;qZ\xb1u\xc9\xd0\xd16~JEGm\xe4\x1e@\x9dG\xe4@\xdf\xba\'\x8b\x1cD\xc7\xec\xd1@}tR\xd9P\xf4N\xe3\xd8x\xa0\x91\x17\xc2}\x13\b\xca\t(Z\xa3_\xa1\x90\x15T\xa4\xe7%\x98\xa7\xfb\x8bp/eq\x93\xbf\x1f =|\xf3\xb1\xfcR\xd8\nM,\xcb%@\'\x15\x88\xd8\xad\f\x91|\x95\x8fq+\x98\x81W\xba\x9f\xe0elOt\xbd\by\r\x87\x1c\xba\xbd\x8e+S>\xb8\xe29\x91h^x\xfb`\x00\xdd/\xa6\xb1\x16=\xa1bw\xc5I\xb1\x00'/549, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x6}) fallocate(r0, 0x0, 0x0, 0x7) ftruncate(r0, 0x3e7e) read(r0, 0x0, 0x0) 10:57:29 executing program 5: r0 = socket$inet6(0xa, 0x1, 0x0) setsockopt$inet6_int(r0, 0x29, 0xcb, &(0x7f0000000040)=0x1, 0x4) socket$inet6(0xa, 0x5, 0xc) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$inet6_IPV6_ADDRFORM(r1, 0x29, 0x1, &(0x7f0000000140), 0x4) bind$inet6(r0, &(0x7f00000002c0)={0xa, 0xe20, 0x0, @empty}, 0x1c) fcntl$setstatus(r0, 0x4, 0x2000) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) 10:57:29 executing program 6: write$cgroup_int(0xffffffffffffffff, 0x0, 0x0) 10:57:29 executing program 7: syz_open_procfs$namespace(0x0, &(0x7f0000006e00)='ns/time_for_children\x00') socket(0x0, 0x0, 0x0) [ 63.890790] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 63.897354] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 63.898868] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 63.904608] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 63.906640] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 63.908104] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 63.913608] Bluetooth: hci0: HCI_REQ-0x0c1a [ 63.955329] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 63.961105] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 63.963033] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 63.964645] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 63.967432] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 63.969187] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 63.973180] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 63.975642] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 63.977148] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 63.982315] Bluetooth: hci3: HCI_REQ-0x0c1a [ 63.983744] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 63.993836] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 63.995913] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 63.997206] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 64.000298] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 64.002638] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 64.008103] Bluetooth: hci2: HCI_REQ-0x0c1a [ 64.023029] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 64.025948] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 64.027222] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 64.031910] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 64.035388] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 64.036914] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 64.037568] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 64.038425] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 64.040222] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 64.040913] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 64.043617] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 64.044873] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 64.045931] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 64.047277] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 64.049496] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 64.050869] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 64.051976] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 64.053922] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 64.055048] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 64.056637] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 64.057939] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 64.063150] Bluetooth: hci6: HCI_REQ-0x0c1a [ 64.063811] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 64.068577] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 64.069561] Bluetooth: hci4: HCI_REQ-0x0c1a [ 64.069956] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 64.081226] Bluetooth: hci7: HCI_REQ-0x0c1a [ 64.084469] Bluetooth: hci1: HCI_REQ-0x0c1a [ 64.097467] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 64.104877] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 64.107444] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 64.114947] Bluetooth: hci5: HCI_REQ-0x0c1a [ 65.980019] Bluetooth: hci0: command 0x0409 tx timeout [ 66.043783] Bluetooth: hci2: command 0x0409 tx timeout [ 66.044416] Bluetooth: hci3: command 0x0409 tx timeout [ 66.107721] Bluetooth: hci1: command 0x0409 tx timeout [ 66.107740] Bluetooth: hci6: command 0x0409 tx timeout [ 66.108190] Bluetooth: hci7: command 0x0409 tx timeout [ 66.109157] Bluetooth: hci4: command 0x0409 tx timeout [ 66.171744] Bluetooth: hci5: command 0x0409 tx timeout [ 68.027736] Bluetooth: hci0: command 0x041b tx timeout [ 68.091744] Bluetooth: hci3: command 0x041b tx timeout [ 68.092293] Bluetooth: hci2: command 0x041b tx timeout [ 68.155801] Bluetooth: hci4: command 0x041b tx timeout [ 68.156573] Bluetooth: hci7: command 0x041b tx timeout [ 68.157510] Bluetooth: hci6: command 0x041b tx timeout [ 68.158205] Bluetooth: hci1: command 0x041b tx timeout [ 68.219713] Bluetooth: hci5: command 0x041b tx timeout [ 70.075763] Bluetooth: hci0: command 0x040f tx timeout [ 70.139972] Bluetooth: hci2: command 0x040f tx timeout [ 70.140922] Bluetooth: hci3: command 0x040f tx timeout [ 70.203810] Bluetooth: hci1: command 0x040f tx timeout [ 70.206330] Bluetooth: hci6: command 0x040f tx timeout [ 70.207206] Bluetooth: hci7: command 0x040f tx timeout [ 70.209046] Bluetooth: hci4: command 0x040f tx timeout [ 70.267762] Bluetooth: hci5: command 0x040f tx timeout [ 72.123865] Bluetooth: hci0: command 0x0419 tx timeout [ 72.187877] Bluetooth: hci3: command 0x0419 tx timeout [ 72.189252] Bluetooth: hci2: command 0x0419 tx timeout [ 72.251794] Bluetooth: hci4: command 0x0419 tx timeout [ 72.252900] Bluetooth: hci7: command 0x0419 tx timeout [ 72.253889] Bluetooth: hci6: command 0x0419 tx timeout [ 72.254829] Bluetooth: hci1: command 0x0419 tx timeout [ 72.315755] Bluetooth: hci5: command 0x0419 tx timeout 10:58:25 executing program 3: syz_emit_vhci(&(0x7f0000000200)=@HCI_EVENT_PKT={0x4, @hci_ev_pin_code_req={{0x16, 0x6}, {@fixed}}}, 0x9) 10:58:25 executing program 4: r0 = memfd_create(&(0x7f0000000400)='B\xdb/\x89\x03l\xdeb\xcb\xb54\xed\xbeLY\xb5Z\xe1\x12S\xf5G\xcc\xf3\xe9\x02h\v\xca(\x96\xe1C\xdf\x1c\xea\x85C\xfb\x10\x13\xfa\x03\x16\xcd\x17\xa2\x80\xa1z\xb4r\x95\xc3@\x9d\xa6\xf1\x92#}g\xd3`\xf7\xcez\xcb\xb3\x1a\xbb\xc48e\x8e\xb1&\xd1\x8a\xe6!\x7f\x8d\xea,qx\xa28\xbf\"\xc7e\x06L\xb06\xeb<$\xd7\xba\xe5\x01\x03\x94r\xab\xd4J\x03s\xaf\xf6A\xbfV\xfa\x1ew\x8d\xbf\x99I\x97\xd8\xd2\xe8\x11\xc4\x04\x00\x84\xd5i\xee\xaf\xae[E\x1f\xdd\xd7#rT+\xb621p\xaf[\x99\" 1\xeb\xc7)\xd2\x1dh\xf2\xd5s\xfd?\fa>\x9f;\xe5r\xe5\xbd\xb0|=\x8eZcPY\xf8\xbd\x13\xaa\x8b\xdf\xbc\x93u\xd5\xb0r\xfb\xde\xe7\xd9k\xe2\xc6\x1b\xf2o@&>\xf2M\xe7\x8c\xeb\xee\xf5\x02~\x85\x14\xf3\xc6v\xf15PE\x8c\xca\x16$\xc2\x01#\xb563\rbq\xbf64\xfaW\x17\xdfa\xe6\xca\x86\xd7\xf8\x81X\x9bg4\xc1\xdam\xcf=Rq6\xb0\xd4D=I\x1a\x0e\xd0\xabz\xe2\x19\x0fM\xad\xdco\xa4\xb2\x8c?\xc1\x10\xf273\xd00\xb3_\xe8\x9a*\xfcL\xea;\xc0\x9a\xdbx!N;\xb5x\t\xa4E\xbe\x93r\x04\xf5\xf0\xf5\x7f\x9a)\xf5\x1b\"\xa1\xd8\x06>\xc9\xe2r\xe9\xbb\xfe\xc0\b\x81\x98\x1c\xe2\xe0?\x8f\xa1\xbel\aN\x83@\xb1\x03)4A\x83\xd6\xcf\xf6\xb5\x82\xb7\x9dA\b$\xa2x\x8a@\xfaj~\xef\x93\xb1/L\x01\xe2\xba|\xf0\x01)PP\xcdl\x06\xfc\x15;qZ\xb1u\xc9\xd0\xd16~JEGm\xe4\x1e@\x9dG\xe4@\xdf\xba\'\x8b\x1cD\xc7\xec\xd1@}tR\xd9P\xf4N\xe3\xd8x\xa0\x91\x17\xc2}\x13\b\xca\t(Z\xa3_\xa1\x90\x15T\xa4\xe7%\x98\xa7\xfb\x8bp/eq\x93\xbf\x1f =|\xf3\xb1\xfcR\xd8\nM,\xcb%@\'\x15\x88\xd8\xad\f\x91|\x95\x8fq+\x98\x81W\xba\x9f\xe0elOt\xbd\by\r\x87\x1c\xba\xbd\x8e+S>\xb8\xe29\x91h^x\xfb`\x00\xdd/\xa6\xb1\x16=\xa1bw\xc5I\xb1\x00'/549, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x6}) fallocate(r0, 0x0, 0x0, 0x7) ftruncate(r0, 0x3e7e) read(r0, 0x0, 0x0) 10:58:25 executing program 3: syz_emit_vhci(&(0x7f0000000200)=@HCI_EVENT_PKT={0x4, @hci_ev_pin_code_req={{0x16, 0x6}, {@fixed}}}, 0x9) 10:58:25 executing program 3: syz_emit_vhci(&(0x7f0000000200)=@HCI_EVENT_PKT={0x4, @hci_ev_pin_code_req={{0x16, 0x6}, {@fixed}}}, 0x9) 10:58:25 executing program 4: r0 = memfd_create(&(0x7f0000000400)='B\xdb/\x89\x03l\xdeb\xcb\xb54\xed\xbeLY\xb5Z\xe1\x12S\xf5G\xcc\xf3\xe9\x02h\v\xca(\x96\xe1C\xdf\x1c\xea\x85C\xfb\x10\x13\xfa\x03\x16\xcd\x17\xa2\x80\xa1z\xb4r\x95\xc3@\x9d\xa6\xf1\x92#}g\xd3`\xf7\xcez\xcb\xb3\x1a\xbb\xc48e\x8e\xb1&\xd1\x8a\xe6!\x7f\x8d\xea,qx\xa28\xbf\"\xc7e\x06L\xb06\xeb<$\xd7\xba\xe5\x01\x03\x94r\xab\xd4J\x03s\xaf\xf6A\xbfV\xfa\x1ew\x8d\xbf\x99I\x97\xd8\xd2\xe8\x11\xc4\x04\x00\x84\xd5i\xee\xaf\xae[E\x1f\xdd\xd7#rT+\xb621p\xaf[\x99\" 1\xeb\xc7)\xd2\x1dh\xf2\xd5s\xfd?\fa>\x9f;\xe5r\xe5\xbd\xb0|=\x8eZcPY\xf8\xbd\x13\xaa\x8b\xdf\xbc\x93u\xd5\xb0r\xfb\xde\xe7\xd9k\xe2\xc6\x1b\xf2o@&>\xf2M\xe7\x8c\xeb\xee\xf5\x02~\x85\x14\xf3\xc6v\xf15PE\x8c\xca\x16$\xc2\x01#\xb563\rbq\xbf64\xfaW\x17\xdfa\xe6\xca\x86\xd7\xf8\x81X\x9bg4\xc1\xdam\xcf=Rq6\xb0\xd4D=I\x1a\x0e\xd0\xabz\xe2\x19\x0fM\xad\xdco\xa4\xb2\x8c?\xc1\x10\xf273\xd00\xb3_\xe8\x9a*\xfcL\xea;\xc0\x9a\xdbx!N;\xb5x\t\xa4E\xbe\x93r\x04\xf5\xf0\xf5\x7f\x9a)\xf5\x1b\"\xa1\xd8\x06>\xc9\xe2r\xe9\xbb\xfe\xc0\b\x81\x98\x1c\xe2\xe0?\x8f\xa1\xbel\aN\x83@\xb1\x03)4A\x83\xd6\xcf\xf6\xb5\x82\xb7\x9dA\b$\xa2x\x8a@\xfaj~\xef\x93\xb1/L\x01\xe2\xba|\xf0\x01)PP\xcdl\x06\xfc\x15;qZ\xb1u\xc9\xd0\xd16~JEGm\xe4\x1e@\x9dG\xe4@\xdf\xba\'\x8b\x1cD\xc7\xec\xd1@}tR\xd9P\xf4N\xe3\xd8x\xa0\x91\x17\xc2}\x13\b\xca\t(Z\xa3_\xa1\x90\x15T\xa4\xe7%\x98\xa7\xfb\x8bp/eq\x93\xbf\x1f =|\xf3\xb1\xfcR\xd8\nM,\xcb%@\'\x15\x88\xd8\xad\f\x91|\x95\x8fq+\x98\x81W\xba\x9f\xe0elOt\xbd\by\r\x87\x1c\xba\xbd\x8e+S>\xb8\xe29\x91h^x\xfb`\x00\xdd/\xa6\xb1\x16=\xa1bw\xc5I\xb1\x00'/549, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x6}) fallocate(r0, 0x0, 0x0, 0x7) ftruncate(r0, 0x3e7e) read(r0, 0x0, 0x0) 10:58:25 executing program 3: r0 = memfd_create(&(0x7f0000000400)='B\xdb/\x89\x03l\xdeb\xcb\xb54\xed\xbeLY\xb5Z\xe1\x12S\xf5G\xcc\xf3\xe9\x02h\v\xca(\x96\xe1C\xdf\x1c\xea\x85C\xfb\x10\x13\xfa\x03\x16\xcd\x17\xa2\x80\xa1z\xb4r\x95\xc3@\x9d\xa6\xf1\x92#}g\xd3`\xf7\xcez\xcb\xb3\x1a\xbb\xc48e\x8e\xb1&\xd1\x8a\xe6!\x7f\x8d\xea,qx\xa28\xbf\"\xc7e\x06L\xb06\xeb<$\xd7\xba\xe5\x01\x03\x94r\xab\xd4J\x03s\xaf\xf6A\xbfV\xfa\x1ew\x8d\xbf\x99I\x97\xd8\xd2\xe8\x11\xc4\x04\x00\x84\xd5i\xee\xaf\xae[E\x1f\xdd\xd7#rT+\xb621p\xaf[\x99\" 1\xeb\xc7)\xd2\x1dh\xf2\xd5s\xfd?\fa>\x9f;\xe5r\xe5\xbd\xb0|=\x8eZcPY\xf8\xbd\x13\xaa\x8b\xdf\xbc\x93u\xd5\xb0r\xfb\xde\xe7\xd9k\xe2\xc6\x1b\xf2o@&>\xf2M\xe7\x8c\xeb\xee\xf5\x02~\x85\x14\xf3\xc6v\xf15PE\x8c\xca\x16$\xc2\x01#\xb563\rbq\xbf64\xfaW\x17\xdfa\xe6\xca\x86\xd7\xf8\x81X\x9bg4\xc1\xdam\xcf=Rq6\xb0\xd4D=I\x1a\x0e\xd0\xabz\xe2\x19\x0fM\xad\xdco\xa4\xb2\x8c?\xc1\x10\xf273\xd00\xb3_\xe8\x9a*\xfcL\xea;\xc0\x9a\xdbx!N;\xb5x\t\xa4E\xbe\x93r\x04\xf5\xf0\xf5\x7f\x9a)\xf5\x1b\"\xa1\xd8\x06>\xc9\xe2r\xe9\xbb\xfe\xc0\b\x81\x98\x1c\xe2\xe0?\x8f\xa1\xbel\aN\x83@\xb1\x03)4A\x83\xd6\xcf\xf6\xb5\x82\xb7\x9dA\b$\xa2x\x8a@\xfaj~\xef\x93\xb1/L\x01\xe2\xba|\xf0\x01)PP\xcdl\x06\xfc\x15;qZ\xb1u\xc9\xd0\xd16~JEGm\xe4\x1e@\x9dG\xe4@\xdf\xba\'\x8b\x1cD\xc7\xec\xd1@}tR\xd9P\xf4N\xe3\xd8x\xa0\x91\x17\xc2}\x13\b\xca\t(Z\xa3_\xa1\x90\x15T\xa4\xe7%\x98\xa7\xfb\x8bp/eq\x93\xbf\x1f =|\xf3\xb1\xfcR\xd8\nM,\xcb%@\'\x15\x88\xd8\xad\f\x91|\x95\x8fq+\x98\x81W\xba\x9f\xe0elOt\xbd\by\r\x87\x1c\xba\xbd\x8e+S>\xb8\xe29\x91h^x\xfb`\x00\xdd/\xa6\xb1\x16=\xa1bw\xc5I\xb1\x00'/549, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x6}) fallocate(r0, 0x0, 0x0, 0x7) ftruncate(r0, 0x3e7e) read(r0, 0x0, 0x0) 10:58:25 executing program 4: r0 = memfd_create(&(0x7f0000000400)='B\xdb/\x89\x03l\xdeb\xcb\xb54\xed\xbeLY\xb5Z\xe1\x12S\xf5G\xcc\xf3\xe9\x02h\v\xca(\x96\xe1C\xdf\x1c\xea\x85C\xfb\x10\x13\xfa\x03\x16\xcd\x17\xa2\x80\xa1z\xb4r\x95\xc3@\x9d\xa6\xf1\x92#}g\xd3`\xf7\xcez\xcb\xb3\x1a\xbb\xc48e\x8e\xb1&\xd1\x8a\xe6!\x7f\x8d\xea,qx\xa28\xbf\"\xc7e\x06L\xb06\xeb<$\xd7\xba\xe5\x01\x03\x94r\xab\xd4J\x03s\xaf\xf6A\xbfV\xfa\x1ew\x8d\xbf\x99I\x97\xd8\xd2\xe8\x11\xc4\x04\x00\x84\xd5i\xee\xaf\xae[E\x1f\xdd\xd7#rT+\xb621p\xaf[\x99\" 1\xeb\xc7)\xd2\x1dh\xf2\xd5s\xfd?\fa>\x9f;\xe5r\xe5\xbd\xb0|=\x8eZcPY\xf8\xbd\x13\xaa\x8b\xdf\xbc\x93u\xd5\xb0r\xfb\xde\xe7\xd9k\xe2\xc6\x1b\xf2o@&>\xf2M\xe7\x8c\xeb\xee\xf5\x02~\x85\x14\xf3\xc6v\xf15PE\x8c\xca\x16$\xc2\x01#\xb563\rbq\xbf64\xfaW\x17\xdfa\xe6\xca\x86\xd7\xf8\x81X\x9bg4\xc1\xdam\xcf=Rq6\xb0\xd4D=I\x1a\x0e\xd0\xabz\xe2\x19\x0fM\xad\xdco\xa4\xb2\x8c?\xc1\x10\xf273\xd00\xb3_\xe8\x9a*\xfcL\xea;\xc0\x9a\xdbx!N;\xb5x\t\xa4E\xbe\x93r\x04\xf5\xf0\xf5\x7f\x9a)\xf5\x1b\"\xa1\xd8\x06>\xc9\xe2r\xe9\xbb\xfe\xc0\b\x81\x98\x1c\xe2\xe0?\x8f\xa1\xbel\aN\x83@\xb1\x03)4A\x83\xd6\xcf\xf6\xb5\x82\xb7\x9dA\b$\xa2x\x8a@\xfaj~\xef\x93\xb1/L\x01\xe2\xba|\xf0\x01)PP\xcdl\x06\xfc\x15;qZ\xb1u\xc9\xd0\xd16~JEGm\xe4\x1e@\x9dG\xe4@\xdf\xba\'\x8b\x1cD\xc7\xec\xd1@}tR\xd9P\xf4N\xe3\xd8x\xa0\x91\x17\xc2}\x13\b\xca\t(Z\xa3_\xa1\x90\x15T\xa4\xe7%\x98\xa7\xfb\x8bp/eq\x93\xbf\x1f =|\xf3\xb1\xfcR\xd8\nM,\xcb%@\'\x15\x88\xd8\xad\f\x91|\x95\x8fq+\x98\x81W\xba\x9f\xe0elOt\xbd\by\r\x87\x1c\xba\xbd\x8e+S>\xb8\xe29\x91h^x\xfb`\x00\xdd/\xa6\xb1\x16=\xa1bw\xc5I\xb1\x00'/549, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x6}) fallocate(r0, 0x0, 0x0, 0x7) ftruncate(r0, 0x3e7e) read(r0, 0x0, 0x0) 10:58:25 executing program 3: r0 = memfd_create(&(0x7f0000000400)='B\xdb/\x89\x03l\xdeb\xcb\xb54\xed\xbeLY\xb5Z\xe1\x12S\xf5G\xcc\xf3\xe9\x02h\v\xca(\x96\xe1C\xdf\x1c\xea\x85C\xfb\x10\x13\xfa\x03\x16\xcd\x17\xa2\x80\xa1z\xb4r\x95\xc3@\x9d\xa6\xf1\x92#}g\xd3`\xf7\xcez\xcb\xb3\x1a\xbb\xc48e\x8e\xb1&\xd1\x8a\xe6!\x7f\x8d\xea,qx\xa28\xbf\"\xc7e\x06L\xb06\xeb<$\xd7\xba\xe5\x01\x03\x94r\xab\xd4J\x03s\xaf\xf6A\xbfV\xfa\x1ew\x8d\xbf\x99I\x97\xd8\xd2\xe8\x11\xc4\x04\x00\x84\xd5i\xee\xaf\xae[E\x1f\xdd\xd7#rT+\xb621p\xaf[\x99\" 1\xeb\xc7)\xd2\x1dh\xf2\xd5s\xfd?\fa>\x9f;\xe5r\xe5\xbd\xb0|=\x8eZcPY\xf8\xbd\x13\xaa\x8b\xdf\xbc\x93u\xd5\xb0r\xfb\xde\xe7\xd9k\xe2\xc6\x1b\xf2o@&>\xf2M\xe7\x8c\xeb\xee\xf5\x02~\x85\x14\xf3\xc6v\xf15PE\x8c\xca\x16$\xc2\x01#\xb563\rbq\xbf64\xfaW\x17\xdfa\xe6\xca\x86\xd7\xf8\x81X\x9bg4\xc1\xdam\xcf=Rq6\xb0\xd4D=I\x1a\x0e\xd0\xabz\xe2\x19\x0fM\xad\xdco\xa4\xb2\x8c?\xc1\x10\xf273\xd00\xb3_\xe8\x9a*\xfcL\xea;\xc0\x9a\xdbx!N;\xb5x\t\xa4E\xbe\x93r\x04\xf5\xf0\xf5\x7f\x9a)\xf5\x1b\"\xa1\xd8\x06>\xc9\xe2r\xe9\xbb\xfe\xc0\b\x81\x98\x1c\xe2\xe0?\x8f\xa1\xbel\aN\x83@\xb1\x03)4A\x83\xd6\xcf\xf6\xb5\x82\xb7\x9dA\b$\xa2x\x8a@\xfaj~\xef\x93\xb1/L\x01\xe2\xba|\xf0\x01)PP\xcdl\x06\xfc\x15;qZ\xb1u\xc9\xd0\xd16~JEGm\xe4\x1e@\x9dG\xe4@\xdf\xba\'\x8b\x1cD\xc7\xec\xd1@}tR\xd9P\xf4N\xe3\xd8x\xa0\x91\x17\xc2}\x13\b\xca\t(Z\xa3_\xa1\x90\x15T\xa4\xe7%\x98\xa7\xfb\x8bp/eq\x93\xbf\x1f =|\xf3\xb1\xfcR\xd8\nM,\xcb%@\'\x15\x88\xd8\xad\f\x91|\x95\x8fq+\x98\x81W\xba\x9f\xe0elOt\xbd\by\r\x87\x1c\xba\xbd\x8e+S>\xb8\xe29\x91h^x\xfb`\x00\xdd/\xa6\xb1\x16=\xa1bw\xc5I\xb1\x00'/549, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x6}) fallocate(r0, 0x0, 0x0, 0x7) ftruncate(r0, 0x3e7e) read(r0, 0x0, 0x0) 10:58:27 executing program 0: getitimer(0x0, 0x0) 10:58:27 executing program 4: r0 = memfd_create(&(0x7f0000000400)='B\xdb/\x89\x03l\xdeb\xcb\xb54\xed\xbeLY\xb5Z\xe1\x12S\xf5G\xcc\xf3\xe9\x02h\v\xca(\x96\xe1C\xdf\x1c\xea\x85C\xfb\x10\x13\xfa\x03\x16\xcd\x17\xa2\x80\xa1z\xb4r\x95\xc3@\x9d\xa6\xf1\x92#}g\xd3`\xf7\xcez\xcb\xb3\x1a\xbb\xc48e\x8e\xb1&\xd1\x8a\xe6!\x7f\x8d\xea,qx\xa28\xbf\"\xc7e\x06L\xb06\xeb<$\xd7\xba\xe5\x01\x03\x94r\xab\xd4J\x03s\xaf\xf6A\xbfV\xfa\x1ew\x8d\xbf\x99I\x97\xd8\xd2\xe8\x11\xc4\x04\x00\x84\xd5i\xee\xaf\xae[E\x1f\xdd\xd7#rT+\xb621p\xaf[\x99\" 1\xeb\xc7)\xd2\x1dh\xf2\xd5s\xfd?\fa>\x9f;\xe5r\xe5\xbd\xb0|=\x8eZcPY\xf8\xbd\x13\xaa\x8b\xdf\xbc\x93u\xd5\xb0r\xfb\xde\xe7\xd9k\xe2\xc6\x1b\xf2o@&>\xf2M\xe7\x8c\xeb\xee\xf5\x02~\x85\x14\xf3\xc6v\xf15PE\x8c\xca\x16$\xc2\x01#\xb563\rbq\xbf64\xfaW\x17\xdfa\xe6\xca\x86\xd7\xf8\x81X\x9bg4\xc1\xdam\xcf=Rq6\xb0\xd4D=I\x1a\x0e\xd0\xabz\xe2\x19\x0fM\xad\xdco\xa4\xb2\x8c?\xc1\x10\xf273\xd00\xb3_\xe8\x9a*\xfcL\xea;\xc0\x9a\xdbx!N;\xb5x\t\xa4E\xbe\x93r\x04\xf5\xf0\xf5\x7f\x9a)\xf5\x1b\"\xa1\xd8\x06>\xc9\xe2r\xe9\xbb\xfe\xc0\b\x81\x98\x1c\xe2\xe0?\x8f\xa1\xbel\aN\x83@\xb1\x03)4A\x83\xd6\xcf\xf6\xb5\x82\xb7\x9dA\b$\xa2x\x8a@\xfaj~\xef\x93\xb1/L\x01\xe2\xba|\xf0\x01)PP\xcdl\x06\xfc\x15;qZ\xb1u\xc9\xd0\xd16~JEGm\xe4\x1e@\x9dG\xe4@\xdf\xba\'\x8b\x1cD\xc7\xec\xd1@}tR\xd9P\xf4N\xe3\xd8x\xa0\x91\x17\xc2}\x13\b\xca\t(Z\xa3_\xa1\x90\x15T\xa4\xe7%\x98\xa7\xfb\x8bp/eq\x93\xbf\x1f =|\xf3\xb1\xfcR\xd8\nM,\xcb%@\'\x15\x88\xd8\xad\f\x91|\x95\x8fq+\x98\x81W\xba\x9f\xe0elOt\xbd\by\r\x87\x1c\xba\xbd\x8e+S>\xb8\xe29\x91h^x\xfb`\x00\xdd/\xa6\xb1\x16=\xa1bw\xc5I\xb1\x00'/549, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x6}) fallocate(r0, 0x0, 0x0, 0x7) ftruncate(r0, 0x3e7e) read(r0, 0x0, 0x0) 10:58:27 executing program 3: r0 = memfd_create(&(0x7f0000000400)='B\xdb/\x89\x03l\xdeb\xcb\xb54\xed\xbeLY\xb5Z\xe1\x12S\xf5G\xcc\xf3\xe9\x02h\v\xca(\x96\xe1C\xdf\x1c\xea\x85C\xfb\x10\x13\xfa\x03\x16\xcd\x17\xa2\x80\xa1z\xb4r\x95\xc3@\x9d\xa6\xf1\x92#}g\xd3`\xf7\xcez\xcb\xb3\x1a\xbb\xc48e\x8e\xb1&\xd1\x8a\xe6!\x7f\x8d\xea,qx\xa28\xbf\"\xc7e\x06L\xb06\xeb<$\xd7\xba\xe5\x01\x03\x94r\xab\xd4J\x03s\xaf\xf6A\xbfV\xfa\x1ew\x8d\xbf\x99I\x97\xd8\xd2\xe8\x11\xc4\x04\x00\x84\xd5i\xee\xaf\xae[E\x1f\xdd\xd7#rT+\xb621p\xaf[\x99\" 1\xeb\xc7)\xd2\x1dh\xf2\xd5s\xfd?\fa>\x9f;\xe5r\xe5\xbd\xb0|=\x8eZcPY\xf8\xbd\x13\xaa\x8b\xdf\xbc\x93u\xd5\xb0r\xfb\xde\xe7\xd9k\xe2\xc6\x1b\xf2o@&>\xf2M\xe7\x8c\xeb\xee\xf5\x02~\x85\x14\xf3\xc6v\xf15PE\x8c\xca\x16$\xc2\x01#\xb563\rbq\xbf64\xfaW\x17\xdfa\xe6\xca\x86\xd7\xf8\x81X\x9bg4\xc1\xdam\xcf=Rq6\xb0\xd4D=I\x1a\x0e\xd0\xabz\xe2\x19\x0fM\xad\xdco\xa4\xb2\x8c?\xc1\x10\xf273\xd00\xb3_\xe8\x9a*\xfcL\xea;\xc0\x9a\xdbx!N;\xb5x\t\xa4E\xbe\x93r\x04\xf5\xf0\xf5\x7f\x9a)\xf5\x1b\"\xa1\xd8\x06>\xc9\xe2r\xe9\xbb\xfe\xc0\b\x81\x98\x1c\xe2\xe0?\x8f\xa1\xbel\aN\x83@\xb1\x03)4A\x83\xd6\xcf\xf6\xb5\x82\xb7\x9dA\b$\xa2x\x8a@\xfaj~\xef\x93\xb1/L\x01\xe2\xba|\xf0\x01)PP\xcdl\x06\xfc\x15;qZ\xb1u\xc9\xd0\xd16~JEGm\xe4\x1e@\x9dG\xe4@\xdf\xba\'\x8b\x1cD\xc7\xec\xd1@}tR\xd9P\xf4N\xe3\xd8x\xa0\x91\x17\xc2}\x13\b\xca\t(Z\xa3_\xa1\x90\x15T\xa4\xe7%\x98\xa7\xfb\x8bp/eq\x93\xbf\x1f =|\xf3\xb1\xfcR\xd8\nM,\xcb%@\'\x15\x88\xd8\xad\f\x91|\x95\x8fq+\x98\x81W\xba\x9f\xe0elOt\xbd\by\r\x87\x1c\xba\xbd\x8e+S>\xb8\xe29\x91h^x\xfb`\x00\xdd/\xa6\xb1\x16=\xa1bw\xc5I\xb1\x00'/549, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x6}) fallocate(r0, 0x0, 0x0, 0x7) ftruncate(r0, 0x3e7e) read(r0, 0x0, 0x0) 10:58:27 executing program 5: r0 = socket$inet6(0xa, 0x1, 0x0) setsockopt$inet6_int(r0, 0x29, 0xcb, &(0x7f0000000040)=0x1, 0x4) socket$inet6(0xa, 0x5, 0xc) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$inet6_IPV6_ADDRFORM(r1, 0x29, 0x1, &(0x7f0000000140), 0x4) bind$inet6(r0, &(0x7f00000002c0)={0xa, 0xe20, 0x0, @empty}, 0x1c) fcntl$setstatus(r0, 0x4, 0x2000) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) 10:58:27 executing program 6: r0 = socket$inet6(0xa, 0x1, 0x0) setsockopt$inet6_int(r0, 0x29, 0xcb, &(0x7f0000000040)=0x1, 0x4) socket$inet6(0xa, 0x5, 0xc) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$inet6_IPV6_ADDRFORM(r1, 0x29, 0x1, &(0x7f0000000140), 0x4) bind$inet6(r0, &(0x7f00000002c0)={0xa, 0xe20, 0x0, @empty}, 0x1c) fcntl$setstatus(r0, 0x4, 0x2000) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) 10:58:27 executing program 7: syz_open_procfs$namespace(0x0, &(0x7f0000006e00)='ns/time_for_children\x00') socket(0x0, 0x0, 0x0) 10:58:27 executing program 2: r0 = syz_open_procfs(0x0, &(0x7f0000000000)='net/softnet_stat\x00') r1 = syz_open_dev$loop(&(0x7f0000000140), 0x0, 0x0) ioctl$LOOP_SET_FD(r1, 0x40081271, r0) 10:58:27 executing program 1: socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) write$binfmt_elf64(r0, &(0x7f0000000280)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40}, [{}]}, 0xffffff4c) 10:58:27 executing program 4: r0 = memfd_create(&(0x7f0000000400)='B\xdb/\x89\x03l\xdeb\xcb\xb54\xed\xbeLY\xb5Z\xe1\x12S\xf5G\xcc\xf3\xe9\x02h\v\xca(\x96\xe1C\xdf\x1c\xea\x85C\xfb\x10\x13\xfa\x03\x16\xcd\x17\xa2\x80\xa1z\xb4r\x95\xc3@\x9d\xa6\xf1\x92#}g\xd3`\xf7\xcez\xcb\xb3\x1a\xbb\xc48e\x8e\xb1&\xd1\x8a\xe6!\x7f\x8d\xea,qx\xa28\xbf\"\xc7e\x06L\xb06\xeb<$\xd7\xba\xe5\x01\x03\x94r\xab\xd4J\x03s\xaf\xf6A\xbfV\xfa\x1ew\x8d\xbf\x99I\x97\xd8\xd2\xe8\x11\xc4\x04\x00\x84\xd5i\xee\xaf\xae[E\x1f\xdd\xd7#rT+\xb621p\xaf[\x99\" 1\xeb\xc7)\xd2\x1dh\xf2\xd5s\xfd?\fa>\x9f;\xe5r\xe5\xbd\xb0|=\x8eZcPY\xf8\xbd\x13\xaa\x8b\xdf\xbc\x93u\xd5\xb0r\xfb\xde\xe7\xd9k\xe2\xc6\x1b\xf2o@&>\xf2M\xe7\x8c\xeb\xee\xf5\x02~\x85\x14\xf3\xc6v\xf15PE\x8c\xca\x16$\xc2\x01#\xb563\rbq\xbf64\xfaW\x17\xdfa\xe6\xca\x86\xd7\xf8\x81X\x9bg4\xc1\xdam\xcf=Rq6\xb0\xd4D=I\x1a\x0e\xd0\xabz\xe2\x19\x0fM\xad\xdco\xa4\xb2\x8c?\xc1\x10\xf273\xd00\xb3_\xe8\x9a*\xfcL\xea;\xc0\x9a\xdbx!N;\xb5x\t\xa4E\xbe\x93r\x04\xf5\xf0\xf5\x7f\x9a)\xf5\x1b\"\xa1\xd8\x06>\xc9\xe2r\xe9\xbb\xfe\xc0\b\x81\x98\x1c\xe2\xe0?\x8f\xa1\xbel\aN\x83@\xb1\x03)4A\x83\xd6\xcf\xf6\xb5\x82\xb7\x9dA\b$\xa2x\x8a@\xfaj~\xef\x93\xb1/L\x01\xe2\xba|\xf0\x01)PP\xcdl\x06\xfc\x15;qZ\xb1u\xc9\xd0\xd16~JEGm\xe4\x1e@\x9dG\xe4@\xdf\xba\'\x8b\x1cD\xc7\xec\xd1@}tR\xd9P\xf4N\xe3\xd8x\xa0\x91\x17\xc2}\x13\b\xca\t(Z\xa3_\xa1\x90\x15T\xa4\xe7%\x98\xa7\xfb\x8bp/eq\x93\xbf\x1f =|\xf3\xb1\xfcR\xd8\nM,\xcb%@\'\x15\x88\xd8\xad\f\x91|\x95\x8fq+\x98\x81W\xba\x9f\xe0elOt\xbd\by\r\x87\x1c\xba\xbd\x8e+S>\xb8\xe29\x91h^x\xfb`\x00\xdd/\xa6\xb1\x16=\xa1bw\xc5I\xb1\x00'/549, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x6}) fallocate(r0, 0x0, 0x0, 0x7) ftruncate(r0, 0x3e7e) read(r0, 0x0, 0x0) 10:58:27 executing program 2: r0 = syz_open_procfs(0x0, &(0x7f0000000000)='net/softnet_stat\x00') r1 = syz_open_dev$loop(&(0x7f0000000140), 0x0, 0x0) ioctl$LOOP_SET_FD(r1, 0x40081271, r0) 10:58:27 executing program 3: r0 = syz_open_procfs(0x0, &(0x7f0000000000)='net/softnet_stat\x00') r1 = syz_open_dev$loop(&(0x7f0000000140), 0x0, 0x0) ioctl$LOOP_SET_FD(r1, 0x40081271, r0) 10:58:28 executing program 0: getitimer(0x0, 0x0) 10:58:28 executing program 4: r0 = memfd_create(&(0x7f0000000400)='B\xdb/\x89\x03l\xdeb\xcb\xb54\xed\xbeLY\xb5Z\xe1\x12S\xf5G\xcc\xf3\xe9\x02h\v\xca(\x96\xe1C\xdf\x1c\xea\x85C\xfb\x10\x13\xfa\x03\x16\xcd\x17\xa2\x80\xa1z\xb4r\x95\xc3@\x9d\xa6\xf1\x92#}g\xd3`\xf7\xcez\xcb\xb3\x1a\xbb\xc48e\x8e\xb1&\xd1\x8a\xe6!\x7f\x8d\xea,qx\xa28\xbf\"\xc7e\x06L\xb06\xeb<$\xd7\xba\xe5\x01\x03\x94r\xab\xd4J\x03s\xaf\xf6A\xbfV\xfa\x1ew\x8d\xbf\x99I\x97\xd8\xd2\xe8\x11\xc4\x04\x00\x84\xd5i\xee\xaf\xae[E\x1f\xdd\xd7#rT+\xb621p\xaf[\x99\" 1\xeb\xc7)\xd2\x1dh\xf2\xd5s\xfd?\fa>\x9f;\xe5r\xe5\xbd\xb0|=\x8eZcPY\xf8\xbd\x13\xaa\x8b\xdf\xbc\x93u\xd5\xb0r\xfb\xde\xe7\xd9k\xe2\xc6\x1b\xf2o@&>\xf2M\xe7\x8c\xeb\xee\xf5\x02~\x85\x14\xf3\xc6v\xf15PE\x8c\xca\x16$\xc2\x01#\xb563\rbq\xbf64\xfaW\x17\xdfa\xe6\xca\x86\xd7\xf8\x81X\x9bg4\xc1\xdam\xcf=Rq6\xb0\xd4D=I\x1a\x0e\xd0\xabz\xe2\x19\x0fM\xad\xdco\xa4\xb2\x8c?\xc1\x10\xf273\xd00\xb3_\xe8\x9a*\xfcL\xea;\xc0\x9a\xdbx!N;\xb5x\t\xa4E\xbe\x93r\x04\xf5\xf0\xf5\x7f\x9a)\xf5\x1b\"\xa1\xd8\x06>\xc9\xe2r\xe9\xbb\xfe\xc0\b\x81\x98\x1c\xe2\xe0?\x8f\xa1\xbel\aN\x83@\xb1\x03)4A\x83\xd6\xcf\xf6\xb5\x82\xb7\x9dA\b$\xa2x\x8a@\xfaj~\xef\x93\xb1/L\x01\xe2\xba|\xf0\x01)PP\xcdl\x06\xfc\x15;qZ\xb1u\xc9\xd0\xd16~JEGm\xe4\x1e@\x9dG\xe4@\xdf\xba\'\x8b\x1cD\xc7\xec\xd1@}tR\xd9P\xf4N\xe3\xd8x\xa0\x91\x17\xc2}\x13\b\xca\t(Z\xa3_\xa1\x90\x15T\xa4\xe7%\x98\xa7\xfb\x8bp/eq\x93\xbf\x1f =|\xf3\xb1\xfcR\xd8\nM,\xcb%@\'\x15\x88\xd8\xad\f\x91|\x95\x8fq+\x98\x81W\xba\x9f\xe0elOt\xbd\by\r\x87\x1c\xba\xbd\x8e+S>\xb8\xe29\x91h^x\xfb`\x00\xdd/\xa6\xb1\x16=\xa1bw\xc5I\xb1\x00'/549, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x6}) fallocate(r0, 0x0, 0x0, 0x7) ftruncate(r0, 0x3e7e) read(r0, 0x0, 0x0) 10:58:28 executing program 2: r0 = syz_open_procfs(0x0, &(0x7f0000000000)='net/softnet_stat\x00') r1 = syz_open_dev$loop(&(0x7f0000000140), 0x0, 0x0) ioctl$LOOP_SET_FD(r1, 0x40081271, r0) 10:58:28 executing program 7: syz_open_procfs$namespace(0x0, &(0x7f0000006e00)='ns/time_for_children\x00') socket(0x0, 0x0, 0x0) 10:58:28 executing program 3: r0 = syz_open_procfs(0x0, &(0x7f0000000000)='net/softnet_stat\x00') r1 = syz_open_dev$loop(&(0x7f0000000140), 0x0, 0x0) ioctl$LOOP_SET_FD(r1, 0x40081271, r0) 10:58:28 executing program 6: r0 = socket$inet6(0xa, 0x1, 0x0) setsockopt$inet6_int(r0, 0x29, 0xcb, &(0x7f0000000040)=0x1, 0x4) socket$inet6(0xa, 0x5, 0xc) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$inet6_IPV6_ADDRFORM(r1, 0x29, 0x1, &(0x7f0000000140), 0x4) bind$inet6(r0, &(0x7f00000002c0)={0xa, 0xe20, 0x0, @empty}, 0x1c) fcntl$setstatus(r0, 0x4, 0x2000) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) 10:58:28 executing program 1: socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) write$binfmt_elf64(r0, &(0x7f0000000280)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40}, [{}]}, 0xffffff4c) 10:58:28 executing program 5: r0 = socket$inet6(0xa, 0x1, 0x0) setsockopt$inet6_int(r0, 0x29, 0xcb, &(0x7f0000000040)=0x1, 0x4) socket$inet6(0xa, 0x5, 0xc) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$inet6_IPV6_ADDRFORM(r1, 0x29, 0x1, &(0x7f0000000140), 0x4) bind$inet6(r0, &(0x7f00000002c0)={0xa, 0xe20, 0x0, @empty}, 0x1c) fcntl$setstatus(r0, 0x4, 0x2000) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) 10:58:28 executing program 0: getitimer(0x0, 0x0) 10:58:28 executing program 2: r0 = socket$inet6(0xa, 0x1, 0x0) setsockopt$inet6_int(r0, 0x29, 0xcb, &(0x7f0000000040)=0x1, 0x4) socket$inet6(0xa, 0x5, 0xc) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$inet6_IPV6_ADDRFORM(r1, 0x29, 0x1, &(0x7f0000000140), 0x4) bind$inet6(r0, &(0x7f00000002c0)={0xa, 0xe20, 0x0, @empty}, 0x1c) fcntl$setstatus(r0, 0x4, 0x2000) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) 10:58:28 executing program 3: r0 = syz_open_procfs(0x0, &(0x7f0000000000)='net/softnet_stat\x00') r1 = syz_open_dev$loop(&(0x7f0000000140), 0x0, 0x0) ioctl$LOOP_SET_FD(r1, 0x40081271, r0) 10:58:28 executing program 7: syz_open_procfs$namespace(0x0, &(0x7f0000006e00)='ns/time_for_children\x00') socket(0x0, 0x0, 0x0) 10:58:28 executing program 4: r0 = socket$inet6(0xa, 0x1, 0x0) setsockopt$inet6_int(r0, 0x29, 0xcb, &(0x7f0000000040)=0x1, 0x4) socket$inet6(0xa, 0x5, 0xc) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$inet6_IPV6_ADDRFORM(r1, 0x29, 0x1, &(0x7f0000000140), 0x4) bind$inet6(r0, &(0x7f00000002c0)={0xa, 0xe20, 0x0, @empty}, 0x1c) fcntl$setstatus(r0, 0x4, 0x2000) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) 10:58:28 executing program 0: r0 = socket$inet6(0xa, 0x1, 0x0) setsockopt$inet6_int(r0, 0x29, 0xcb, &(0x7f0000000040)=0x1, 0x4) socket$inet6(0xa, 0x5, 0xc) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$inet6_IPV6_ADDRFORM(r1, 0x29, 0x1, &(0x7f0000000140), 0x4) bind$inet6(r0, &(0x7f00000002c0)={0xa, 0xe20, 0x0, @empty}, 0x1c) fcntl$setstatus(r0, 0x4, 0x2000) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) 10:58:28 executing program 2: r0 = socket$inet6(0xa, 0x1, 0x0) setsockopt$inet6_int(r0, 0x29, 0xcb, &(0x7f0000000040)=0x1, 0x4) socket$inet6(0xa, 0x5, 0xc) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$inet6_IPV6_ADDRFORM(r1, 0x29, 0x1, &(0x7f0000000140), 0x4) bind$inet6(r0, &(0x7f00000002c0)={0xa, 0xe20, 0x0, @empty}, 0x1c) fcntl$setstatus(r0, 0x4, 0x2000) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) 10:58:28 executing program 3: r0 = socket$inet6(0xa, 0x1, 0x0) setsockopt$inet6_int(r0, 0x29, 0xcb, &(0x7f0000000040)=0x1, 0x4) socket$inet6(0xa, 0x5, 0xc) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$inet6_IPV6_ADDRFORM(r1, 0x29, 0x1, &(0x7f0000000140), 0x4) bind$inet6(r0, &(0x7f00000002c0)={0xa, 0xe20, 0x0, @empty}, 0x1c) fcntl$setstatus(r0, 0x4, 0x2000) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) 10:58:28 executing program 7: r0 = memfd_create(&(0x7f0000000400)='B\xdb/\x89\x03l\xdeb\xcb\xb54\xed\xbeLY\xb5Z\xe1\x12S\xf5G\xcc\xf3\xe9\x02h\v\xca(\x96\xe1C\xdf\x1c\xea\x85C\xfb\x10\x13\xfa\x03\x16\xcd\x17\xa2\x80\xa1z\xb4r\x95\xc3@\x9d\xa6\xf1\x92#}g\xd3`\xf7\xcez\xcb\xb3\x1a\xbb\xc48e\x8e\xb1&\xd1\x8a\xe6!\x7f\x8d\xea,qx\xa28\xbf\"\xc7e\x06L\xb06\xeb<$\xd7\xba\xe5\x01\x03\x94r\xab\xd4J\x03s\xaf\xf6A\xbfV\xfa\x1ew\x8d\xbf\x99I\x97\xd8\xd2\xe8\x11\xc4\x04\x00\x84\xd5i\xee\xaf\xae[E\x1f\xdd\xd7#rT+\xb621p\xaf[\x99\" 1\xeb\xc7)\xd2\x1dh\xf2\xd5s\xfd?\fa>\x9f;\xe5r\xe5\xbd\xb0|=\x8eZcPY\xf8\xbd\x13\xaa\x8b\xdf\xbc\x93u\xd5\xb0r\xfb\xde\xe7\xd9k\xe2\xc6\x1b\xf2o@&>\xf2M\xe7\x8c\xeb\xee\xf5\x02~\x85\x14\xf3\xc6v\xf15PE\x8c\xca\x16$\xc2\x01#\xb563\rbq\xbf64\xfaW\x17\xdfa\xe6\xca\x86\xd7\xf8\x81X\x9bg4\xc1\xdam\xcf=Rq6\xb0\xd4D=I\x1a\x0e\xd0\xabz\xe2\x19\x0fM\xad\xdco\xa4\xb2\x8c?\xc1\x10\xf273\xd00\xb3_\xe8\x9a*\xfcL\xea;\xc0\x9a\xdbx!N;\xb5x\t\xa4E\xbe\x93r\x04\xf5\xf0\xf5\x7f\x9a)\xf5\x1b\"\xa1\xd8\x06>\xc9\xe2r\xe9\xbb\xfe\xc0\b\x81\x98\x1c\xe2\xe0?\x8f\xa1\xbel\aN\x83@\xb1\x03)4A\x83\xd6\xcf\xf6\xb5\x82\xb7\x9dA\b$\xa2x\x8a@\xfaj~\xef\x93\xb1/L\x01\xe2\xba|\xf0\x01)PP\xcdl\x06\xfc\x15;qZ\xb1u\xc9\xd0\xd16~JEGm\xe4\x1e@\x9dG\xe4@\xdf\xba\'\x8b\x1cD\xc7\xec\xd1@}tR\xd9P\xf4N\xe3\xd8x\xa0\x91\x17\xc2}\x13\b\xca\t(Z\xa3_\xa1\x90\x15T\xa4\xe7%\x98\xa7\xfb\x8bp/eq\x93\xbf\x1f =|\xf3\xb1\xfcR\xd8\nM,\xcb%@\'\x15\x88\xd8\xad\f\x91|\x95\x8fq+\x98\x81W\xba\x9f\xe0elOt\xbd\by\r\x87\x1c\xba\xbd\x8e+S>\xb8\xe29\x91h^x\xfb`\x00\xdd/\xa6\xb1\x16=\xa1bw\xc5I\xb1\x00'/549, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x6}) fallocate(r0, 0x0, 0x0, 0x7) ftruncate(r0, 0x3e7e) read(r0, 0x0, 0x0) 10:58:28 executing program 0: r0 = socket$inet6(0xa, 0x1, 0x0) setsockopt$inet6_int(r0, 0x29, 0xcb, &(0x7f0000000040)=0x1, 0x4) socket$inet6(0xa, 0x5, 0xc) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$inet6_IPV6_ADDRFORM(r1, 0x29, 0x1, &(0x7f0000000140), 0x4) bind$inet6(r0, &(0x7f00000002c0)={0xa, 0xe20, 0x0, @empty}, 0x1c) fcntl$setstatus(r0, 0x4, 0x2000) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) 10:58:29 executing program 6: r0 = socket$inet6(0xa, 0x1, 0x0) setsockopt$inet6_int(r0, 0x29, 0xcb, &(0x7f0000000040)=0x1, 0x4) socket$inet6(0xa, 0x5, 0xc) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$inet6_IPV6_ADDRFORM(r1, 0x29, 0x1, &(0x7f0000000140), 0x4) bind$inet6(r0, &(0x7f00000002c0)={0xa, 0xe20, 0x0, @empty}, 0x1c) fcntl$setstatus(r0, 0x4, 0x2000) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) 10:58:29 executing program 2: r0 = socket$inet6(0xa, 0x1, 0x0) setsockopt$inet6_int(r0, 0x29, 0xcb, &(0x7f0000000040)=0x1, 0x4) socket$inet6(0xa, 0x5, 0xc) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$inet6_IPV6_ADDRFORM(r1, 0x29, 0x1, &(0x7f0000000140), 0x4) bind$inet6(r0, &(0x7f00000002c0)={0xa, 0xe20, 0x0, @empty}, 0x1c) fcntl$setstatus(r0, 0x4, 0x2000) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) 10:58:29 executing program 3: r0 = socket$inet6(0xa, 0x1, 0x0) setsockopt$inet6_int(r0, 0x29, 0xcb, &(0x7f0000000040)=0x1, 0x4) socket$inet6(0xa, 0x5, 0xc) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$inet6_IPV6_ADDRFORM(r1, 0x29, 0x1, &(0x7f0000000140), 0x4) bind$inet6(r0, &(0x7f00000002c0)={0xa, 0xe20, 0x0, @empty}, 0x1c) fcntl$setstatus(r0, 0x4, 0x2000) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) 10:58:29 executing program 0: r0 = socket$inet6(0xa, 0x1, 0x0) setsockopt$inet6_int(r0, 0x29, 0xcb, &(0x7f0000000040)=0x1, 0x4) socket$inet6(0xa, 0x5, 0xc) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$inet6_IPV6_ADDRFORM(r1, 0x29, 0x1, &(0x7f0000000140), 0x4) bind$inet6(r0, &(0x7f00000002c0)={0xa, 0xe20, 0x0, @empty}, 0x1c) fcntl$setstatus(r0, 0x4, 0x2000) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) 10:58:29 executing program 4: r0 = socket$inet6(0xa, 0x1, 0x0) setsockopt$inet6_int(r0, 0x29, 0xcb, &(0x7f0000000040)=0x1, 0x4) socket$inet6(0xa, 0x5, 0xc) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$inet6_IPV6_ADDRFORM(r1, 0x29, 0x1, &(0x7f0000000140), 0x4) bind$inet6(r0, &(0x7f00000002c0)={0xa, 0xe20, 0x0, @empty}, 0x1c) fcntl$setstatus(r0, 0x4, 0x2000) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) 10:58:29 executing program 1: socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) write$binfmt_elf64(r0, &(0x7f0000000280)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40}, [{}]}, 0xffffff4c) 10:58:29 executing program 5: r0 = socket$inet6(0xa, 0x1, 0x0) setsockopt$inet6_int(r0, 0x29, 0xcb, &(0x7f0000000040)=0x1, 0x4) socket$inet6(0xa, 0x5, 0xc) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$inet6_IPV6_ADDRFORM(r1, 0x29, 0x1, &(0x7f0000000140), 0x4) bind$inet6(r0, &(0x7f00000002c0)={0xa, 0xe20, 0x0, @empty}, 0x1c) fcntl$setstatus(r0, 0x4, 0x2000) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) 10:58:29 executing program 7: r0 = memfd_create(&(0x7f0000000400)='B\xdb/\x89\x03l\xdeb\xcb\xb54\xed\xbeLY\xb5Z\xe1\x12S\xf5G\xcc\xf3\xe9\x02h\v\xca(\x96\xe1C\xdf\x1c\xea\x85C\xfb\x10\x13\xfa\x03\x16\xcd\x17\xa2\x80\xa1z\xb4r\x95\xc3@\x9d\xa6\xf1\x92#}g\xd3`\xf7\xcez\xcb\xb3\x1a\xbb\xc48e\x8e\xb1&\xd1\x8a\xe6!\x7f\x8d\xea,qx\xa28\xbf\"\xc7e\x06L\xb06\xeb<$\xd7\xba\xe5\x01\x03\x94r\xab\xd4J\x03s\xaf\xf6A\xbfV\xfa\x1ew\x8d\xbf\x99I\x97\xd8\xd2\xe8\x11\xc4\x04\x00\x84\xd5i\xee\xaf\xae[E\x1f\xdd\xd7#rT+\xb621p\xaf[\x99\" 1\xeb\xc7)\xd2\x1dh\xf2\xd5s\xfd?\fa>\x9f;\xe5r\xe5\xbd\xb0|=\x8eZcPY\xf8\xbd\x13\xaa\x8b\xdf\xbc\x93u\xd5\xb0r\xfb\xde\xe7\xd9k\xe2\xc6\x1b\xf2o@&>\xf2M\xe7\x8c\xeb\xee\xf5\x02~\x85\x14\xf3\xc6v\xf15PE\x8c\xca\x16$\xc2\x01#\xb563\rbq\xbf64\xfaW\x17\xdfa\xe6\xca\x86\xd7\xf8\x81X\x9bg4\xc1\xdam\xcf=Rq6\xb0\xd4D=I\x1a\x0e\xd0\xabz\xe2\x19\x0fM\xad\xdco\xa4\xb2\x8c?\xc1\x10\xf273\xd00\xb3_\xe8\x9a*\xfcL\xea;\xc0\x9a\xdbx!N;\xb5x\t\xa4E\xbe\x93r\x04\xf5\xf0\xf5\x7f\x9a)\xf5\x1b\"\xa1\xd8\x06>\xc9\xe2r\xe9\xbb\xfe\xc0\b\x81\x98\x1c\xe2\xe0?\x8f\xa1\xbel\aN\x83@\xb1\x03)4A\x83\xd6\xcf\xf6\xb5\x82\xb7\x9dA\b$\xa2x\x8a@\xfaj~\xef\x93\xb1/L\x01\xe2\xba|\xf0\x01)PP\xcdl\x06\xfc\x15;qZ\xb1u\xc9\xd0\xd16~JEGm\xe4\x1e@\x9dG\xe4@\xdf\xba\'\x8b\x1cD\xc7\xec\xd1@}tR\xd9P\xf4N\xe3\xd8x\xa0\x91\x17\xc2}\x13\b\xca\t(Z\xa3_\xa1\x90\x15T\xa4\xe7%\x98\xa7\xfb\x8bp/eq\x93\xbf\x1f =|\xf3\xb1\xfcR\xd8\nM,\xcb%@\'\x15\x88\xd8\xad\f\x91|\x95\x8fq+\x98\x81W\xba\x9f\xe0elOt\xbd\by\r\x87\x1c\xba\xbd\x8e+S>\xb8\xe29\x91h^x\xfb`\x00\xdd/\xa6\xb1\x16=\xa1bw\xc5I\xb1\x00'/549, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x6}) fallocate(r0, 0x0, 0x0, 0x7) ftruncate(r0, 0x3e7e) read(r0, 0x0, 0x0) 10:58:29 executing program 7: r0 = memfd_create(&(0x7f0000000400)='B\xdb/\x89\x03l\xdeb\xcb\xb54\xed\xbeLY\xb5Z\xe1\x12S\xf5G\xcc\xf3\xe9\x02h\v\xca(\x96\xe1C\xdf\x1c\xea\x85C\xfb\x10\x13\xfa\x03\x16\xcd\x17\xa2\x80\xa1z\xb4r\x95\xc3@\x9d\xa6\xf1\x92#}g\xd3`\xf7\xcez\xcb\xb3\x1a\xbb\xc48e\x8e\xb1&\xd1\x8a\xe6!\x7f\x8d\xea,qx\xa28\xbf\"\xc7e\x06L\xb06\xeb<$\xd7\xba\xe5\x01\x03\x94r\xab\xd4J\x03s\xaf\xf6A\xbfV\xfa\x1ew\x8d\xbf\x99I\x97\xd8\xd2\xe8\x11\xc4\x04\x00\x84\xd5i\xee\xaf\xae[E\x1f\xdd\xd7#rT+\xb621p\xaf[\x99\" 1\xeb\xc7)\xd2\x1dh\xf2\xd5s\xfd?\fa>\x9f;\xe5r\xe5\xbd\xb0|=\x8eZcPY\xf8\xbd\x13\xaa\x8b\xdf\xbc\x93u\xd5\xb0r\xfb\xde\xe7\xd9k\xe2\xc6\x1b\xf2o@&>\xf2M\xe7\x8c\xeb\xee\xf5\x02~\x85\x14\xf3\xc6v\xf15PE\x8c\xca\x16$\xc2\x01#\xb563\rbq\xbf64\xfaW\x17\xdfa\xe6\xca\x86\xd7\xf8\x81X\x9bg4\xc1\xdam\xcf=Rq6\xb0\xd4D=I\x1a\x0e\xd0\xabz\xe2\x19\x0fM\xad\xdco\xa4\xb2\x8c?\xc1\x10\xf273\xd00\xb3_\xe8\x9a*\xfcL\xea;\xc0\x9a\xdbx!N;\xb5x\t\xa4E\xbe\x93r\x04\xf5\xf0\xf5\x7f\x9a)\xf5\x1b\"\xa1\xd8\x06>\xc9\xe2r\xe9\xbb\xfe\xc0\b\x81\x98\x1c\xe2\xe0?\x8f\xa1\xbel\aN\x83@\xb1\x03)4A\x83\xd6\xcf\xf6\xb5\x82\xb7\x9dA\b$\xa2x\x8a@\xfaj~\xef\x93\xb1/L\x01\xe2\xba|\xf0\x01)PP\xcdl\x06\xfc\x15;qZ\xb1u\xc9\xd0\xd16~JEGm\xe4\x1e@\x9dG\xe4@\xdf\xba\'\x8b\x1cD\xc7\xec\xd1@}tR\xd9P\xf4N\xe3\xd8x\xa0\x91\x17\xc2}\x13\b\xca\t(Z\xa3_\xa1\x90\x15T\xa4\xe7%\x98\xa7\xfb\x8bp/eq\x93\xbf\x1f =|\xf3\xb1\xfcR\xd8\nM,\xcb%@\'\x15\x88\xd8\xad\f\x91|\x95\x8fq+\x98\x81W\xba\x9f\xe0elOt\xbd\by\r\x87\x1c\xba\xbd\x8e+S>\xb8\xe29\x91h^x\xfb`\x00\xdd/\xa6\xb1\x16=\xa1bw\xc5I\xb1\x00'/549, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x6}) fallocate(r0, 0x0, 0x0, 0x7) ftruncate(r0, 0x3e7e) read(r0, 0x0, 0x0) 10:58:29 executing program 3: r0 = socket$inet6(0xa, 0x1, 0x0) setsockopt$inet6_int(r0, 0x29, 0xcb, &(0x7f0000000040)=0x1, 0x4) socket$inet6(0xa, 0x5, 0xc) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$inet6_IPV6_ADDRFORM(r1, 0x29, 0x1, &(0x7f0000000140), 0x4) bind$inet6(r0, &(0x7f00000002c0)={0xa, 0xe20, 0x0, @empty}, 0x1c) fcntl$setstatus(r0, 0x4, 0x2000) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) 10:58:29 executing program 4: r0 = socket$inet6(0xa, 0x1, 0x0) setsockopt$inet6_int(r0, 0x29, 0xcb, &(0x7f0000000040)=0x1, 0x4) socket$inet6(0xa, 0x5, 0xc) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$inet6_IPV6_ADDRFORM(r1, 0x29, 0x1, &(0x7f0000000140), 0x4) bind$inet6(r0, &(0x7f00000002c0)={0xa, 0xe20, 0x0, @empty}, 0x1c) fcntl$setstatus(r0, 0x4, 0x2000) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) 10:58:29 executing program 7: r0 = memfd_create(&(0x7f0000000400)='B\xdb/\x89\x03l\xdeb\xcb\xb54\xed\xbeLY\xb5Z\xe1\x12S\xf5G\xcc\xf3\xe9\x02h\v\xca(\x96\xe1C\xdf\x1c\xea\x85C\xfb\x10\x13\xfa\x03\x16\xcd\x17\xa2\x80\xa1z\xb4r\x95\xc3@\x9d\xa6\xf1\x92#}g\xd3`\xf7\xcez\xcb\xb3\x1a\xbb\xc48e\x8e\xb1&\xd1\x8a\xe6!\x7f\x8d\xea,qx\xa28\xbf\"\xc7e\x06L\xb06\xeb<$\xd7\xba\xe5\x01\x03\x94r\xab\xd4J\x03s\xaf\xf6A\xbfV\xfa\x1ew\x8d\xbf\x99I\x97\xd8\xd2\xe8\x11\xc4\x04\x00\x84\xd5i\xee\xaf\xae[E\x1f\xdd\xd7#rT+\xb621p\xaf[\x99\" 1\xeb\xc7)\xd2\x1dh\xf2\xd5s\xfd?\fa>\x9f;\xe5r\xe5\xbd\xb0|=\x8eZcPY\xf8\xbd\x13\xaa\x8b\xdf\xbc\x93u\xd5\xb0r\xfb\xde\xe7\xd9k\xe2\xc6\x1b\xf2o@&>\xf2M\xe7\x8c\xeb\xee\xf5\x02~\x85\x14\xf3\xc6v\xf15PE\x8c\xca\x16$\xc2\x01#\xb563\rbq\xbf64\xfaW\x17\xdfa\xe6\xca\x86\xd7\xf8\x81X\x9bg4\xc1\xdam\xcf=Rq6\xb0\xd4D=I\x1a\x0e\xd0\xabz\xe2\x19\x0fM\xad\xdco\xa4\xb2\x8c?\xc1\x10\xf273\xd00\xb3_\xe8\x9a*\xfcL\xea;\xc0\x9a\xdbx!N;\xb5x\t\xa4E\xbe\x93r\x04\xf5\xf0\xf5\x7f\x9a)\xf5\x1b\"\xa1\xd8\x06>\xc9\xe2r\xe9\xbb\xfe\xc0\b\x81\x98\x1c\xe2\xe0?\x8f\xa1\xbel\aN\x83@\xb1\x03)4A\x83\xd6\xcf\xf6\xb5\x82\xb7\x9dA\b$\xa2x\x8a@\xfaj~\xef\x93\xb1/L\x01\xe2\xba|\xf0\x01)PP\xcdl\x06\xfc\x15;qZ\xb1u\xc9\xd0\xd16~JEGm\xe4\x1e@\x9dG\xe4@\xdf\xba\'\x8b\x1cD\xc7\xec\xd1@}tR\xd9P\xf4N\xe3\xd8x\xa0\x91\x17\xc2}\x13\b\xca\t(Z\xa3_\xa1\x90\x15T\xa4\xe7%\x98\xa7\xfb\x8bp/eq\x93\xbf\x1f =|\xf3\xb1\xfcR\xd8\nM,\xcb%@\'\x15\x88\xd8\xad\f\x91|\x95\x8fq+\x98\x81W\xba\x9f\xe0elOt\xbd\by\r\x87\x1c\xba\xbd\x8e+S>\xb8\xe29\x91h^x\xfb`\x00\xdd/\xa6\xb1\x16=\xa1bw\xc5I\xb1\x00'/549, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x6}) fallocate(r0, 0x0, 0x0, 0x7) ftruncate(r0, 0x3e7e) read(r0, 0x0, 0x0) 10:58:29 executing program 7: r0 = memfd_create(&(0x7f0000000400)='B\xdb/\x89\x03l\xdeb\xcb\xb54\xed\xbeLY\xb5Z\xe1\x12S\xf5G\xcc\xf3\xe9\x02h\v\xca(\x96\xe1C\xdf\x1c\xea\x85C\xfb\x10\x13\xfa\x03\x16\xcd\x17\xa2\x80\xa1z\xb4r\x95\xc3@\x9d\xa6\xf1\x92#}g\xd3`\xf7\xcez\xcb\xb3\x1a\xbb\xc48e\x8e\xb1&\xd1\x8a\xe6!\x7f\x8d\xea,qx\xa28\xbf\"\xc7e\x06L\xb06\xeb<$\xd7\xba\xe5\x01\x03\x94r\xab\xd4J\x03s\xaf\xf6A\xbfV\xfa\x1ew\x8d\xbf\x99I\x97\xd8\xd2\xe8\x11\xc4\x04\x00\x84\xd5i\xee\xaf\xae[E\x1f\xdd\xd7#rT+\xb621p\xaf[\x99\" 1\xeb\xc7)\xd2\x1dh\xf2\xd5s\xfd?\fa>\x9f;\xe5r\xe5\xbd\xb0|=\x8eZcPY\xf8\xbd\x13\xaa\x8b\xdf\xbc\x93u\xd5\xb0r\xfb\xde\xe7\xd9k\xe2\xc6\x1b\xf2o@&>\xf2M\xe7\x8c\xeb\xee\xf5\x02~\x85\x14\xf3\xc6v\xf15PE\x8c\xca\x16$\xc2\x01#\xb563\rbq\xbf64\xfaW\x17\xdfa\xe6\xca\x86\xd7\xf8\x81X\x9bg4\xc1\xdam\xcf=Rq6\xb0\xd4D=I\x1a\x0e\xd0\xabz\xe2\x19\x0fM\xad\xdco\xa4\xb2\x8c?\xc1\x10\xf273\xd00\xb3_\xe8\x9a*\xfcL\xea;\xc0\x9a\xdbx!N;\xb5x\t\xa4E\xbe\x93r\x04\xf5\xf0\xf5\x7f\x9a)\xf5\x1b\"\xa1\xd8\x06>\xc9\xe2r\xe9\xbb\xfe\xc0\b\x81\x98\x1c\xe2\xe0?\x8f\xa1\xbel\aN\x83@\xb1\x03)4A\x83\xd6\xcf\xf6\xb5\x82\xb7\x9dA\b$\xa2x\x8a@\xfaj~\xef\x93\xb1/L\x01\xe2\xba|\xf0\x01)PP\xcdl\x06\xfc\x15;qZ\xb1u\xc9\xd0\xd16~JEGm\xe4\x1e@\x9dG\xe4@\xdf\xba\'\x8b\x1cD\xc7\xec\xd1@}tR\xd9P\xf4N\xe3\xd8x\xa0\x91\x17\xc2}\x13\b\xca\t(Z\xa3_\xa1\x90\x15T\xa4\xe7%\x98\xa7\xfb\x8bp/eq\x93\xbf\x1f =|\xf3\xb1\xfcR\xd8\nM,\xcb%@\'\x15\x88\xd8\xad\f\x91|\x95\x8fq+\x98\x81W\xba\x9f\xe0elOt\xbd\by\r\x87\x1c\xba\xbd\x8e+S>\xb8\xe29\x91h^x\xfb`\x00\xdd/\xa6\xb1\x16=\xa1bw\xc5I\xb1\x00'/549, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x6}) fallocate(r0, 0x0, 0x0, 0x7) ftruncate(r0, 0x3e7e) read(r0, 0x0, 0x0) 10:58:30 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) truncate(&(0x7f0000000040)='./file1\x00', 0x8000) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) pwrite64(r0, &(0x7f0000000200)="785538b608", 0x5, 0xffc) r2 = creat(&(0x7f0000000040)='./file0\x00', 0x0) fallocate(r2, 0x0, 0x1cba, 0xf06) ioctl$EXT4_IOC_MOVE_EXT(r0, 0xc028660f, &(0x7f0000000000)={0x0, r1, 0x0, 0x0, 0x2}) 10:58:30 executing program 2: r0 = syz_open_dev$loop(&(0x7f0000003ec0), 0x0, 0x0) ioctl$BLKROTATIONAL(r0, 0x127e, &(0x7f0000004200)) 10:58:30 executing program 4: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x11, 0xffffffffffffffff, 0xa015000) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x2, 0x0) pwrite64(r1, &(0x7f00000000c0)='9', 0x1, 0x8040000) ioctl$FS_IOC_FIEMAP(r1, 0xc020660b, &(0x7f0000000380)={0x0, 0x3ff}) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x11, 0xffffffffffffffff, 0xa015000) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r2, &(0x7f0000001180)=ANY=[], 0x220) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r2, r0, 0x0, 0xfffffdef) [ 123.132358] loop4: detected capacity change from 0 to 40 [ 123.160932] audit: type=1400 audit(1663325910.285:7): avc: denied { open } for pid=4119 comm="syz-executor.4" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 [ 123.162382] audit: type=1400 audit(1663325910.286:8): avc: denied { kernel } for pid=4119 comm="syz-executor.4" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 [ 123.177361] ------------[ cut here ]------------ [ 123.177381] [ 123.177384] ====================================================== [ 123.177387] WARNING: possible circular locking dependency detected [ 123.177391] 6.0.0-rc5-next-20220916 #1 Not tainted [ 123.177397] ------------------------------------------------------ [ 123.177400] syz-executor.4/4120 is trying to acquire lock: [ 123.177407] ffffffff853fa878 ((console_sem).lock){....}-{2:2}, at: down_trylock+0xe/0x70 [ 123.177443] [ 123.177443] but task is already holding lock: [ 123.177445] ffff88803eb16420 (&ctx->lock){....}-{2:2}, at: __perf_event_task_sched_out+0x53b/0x18d0 [ 123.177473] [ 123.177473] which lock already depends on the new lock. [ 123.177473] [ 123.177476] [ 123.177476] the existing dependency chain (in reverse order) is: [ 123.177479] [ 123.177479] -> #3 (&ctx->lock){....}-{2:2}: [ 123.177493] _raw_spin_lock+0x2a/0x40 [ 123.177510] __perf_event_task_sched_out+0x53b/0x18d0 [ 123.177523] __schedule+0xedd/0x2470 [ 123.177533] schedule+0xda/0x1b0 [ 123.177543] exit_to_user_mode_prepare+0x114/0x1a0 [ 123.177563] syscall_exit_to_user_mode+0x19/0x40 [ 123.177581] do_syscall_64+0x48/0x90 [ 123.177595] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 123.177612] [ 123.177612] -> #2 (&rq->__lock){-.-.}-{2:2}: [ 123.177626] _raw_spin_lock_nested+0x30/0x40 [ 123.177641] raw_spin_rq_lock_nested+0x1e/0x30 [ 123.177654] task_fork_fair+0x63/0x4d0 [ 123.177670] sched_cgroup_fork+0x3d0/0x540 [ 123.177687] copy_process+0x4183/0x6e20 [ 123.177697] kernel_clone+0xe7/0x890 [ 123.177707] user_mode_thread+0xad/0xf0 [ 123.177717] rest_init+0x24/0x250 [ 123.177733] arch_call_rest_init+0xf/0x14 [ 123.177745] start_kernel+0x4c1/0x4e6 [ 123.177755] secondary_startup_64_no_verify+0xe0/0xeb [ 123.177769] [ 123.177769] -> #1 (&p->pi_lock){-.-.}-{2:2}: [ 123.177782] _raw_spin_lock_irqsave+0x39/0x60 [ 123.177797] try_to_wake_up+0xab/0x1920 [ 123.177810] up+0x75/0xb0 [ 123.177821] __up_console_sem+0x6e/0x80 [ 123.177837] console_unlock+0x46a/0x590 [ 123.177852] vt_ioctl+0x2822/0x2ca0 [ 123.177865] tty_ioctl+0x7c4/0x1700 [ 123.177877] __x64_sys_ioctl+0x19a/0x210 [ 123.177892] do_syscall_64+0x3b/0x90 [ 123.177905] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 123.177922] [ 123.177922] -> #0 ((console_sem).lock){....}-{2:2}: [ 123.177936] __lock_acquire+0x2a02/0x5e70 [ 123.177952] lock_acquire+0x1a2/0x530 [ 123.177967] _raw_spin_lock_irqsave+0x39/0x60 [ 123.177982] down_trylock+0xe/0x70 [ 123.177994] __down_trylock_console_sem+0x3b/0xd0 [ 123.178009] vprintk_emit+0x16b/0x560 [ 123.178025] vprintk+0x84/0xa0 [ 123.178041] _printk+0xba/0xf1 [ 123.178059] report_bug.cold+0x72/0xab [ 123.178071] handle_bug+0x3c/0x70 10:58:30 executing program 7: r0 = memfd_create(&(0x7f0000000400)='B\xdb/\x89\x03l\xdeb\xcb\xb54\xed\xbeLY\xb5Z\xe1\x12S\xf5G\xcc\xf3\xe9\x02h\v\xca(\x96\xe1C\xdf\x1c\xea\x85C\xfb\x10\x13\xfa\x03\x16\xcd\x17\xa2\x80\xa1z\xb4r\x95\xc3@\x9d\xa6\xf1\x92#}g\xd3`\xf7\xcez\xcb\xb3\x1a\xbb\xc48e\x8e\xb1&\xd1\x8a\xe6!\x7f\x8d\xea,qx\xa28\xbf\"\xc7e\x06L\xb06\xeb<$\xd7\xba\xe5\x01\x03\x94r\xab\xd4J\x03s\xaf\xf6A\xbfV\xfa\x1ew\x8d\xbf\x99I\x97\xd8\xd2\xe8\x11\xc4\x04\x00\x84\xd5i\xee\xaf\xae[E\x1f\xdd\xd7#rT+\xb621p\xaf[\x99\" 1\xeb\xc7)\xd2\x1dh\xf2\xd5s\xfd?\fa>\x9f;\xe5r\xe5\xbd\xb0|=\x8eZcPY\xf8\xbd\x13\xaa\x8b\xdf\xbc\x93u\xd5\xb0r\xfb\xde\xe7\xd9k\xe2\xc6\x1b\xf2o@&>\xf2M\xe7\x8c\xeb\xee\xf5\x02~\x85\x14\xf3\xc6v\xf15PE\x8c\xca\x16$\xc2\x01#\xb563\rbq\xbf64\xfaW\x17\xdfa\xe6\xca\x86\xd7\xf8\x81X\x9bg4\xc1\xdam\xcf=Rq6\xb0\xd4D=I\x1a\x0e\xd0\xabz\xe2\x19\x0fM\xad\xdco\xa4\xb2\x8c?\xc1\x10\xf273\xd00\xb3_\xe8\x9a*\xfcL\xea;\xc0\x9a\xdbx!N;\xb5x\t\xa4E\xbe\x93r\x04\xf5\xf0\xf5\x7f\x9a)\xf5\x1b\"\xa1\xd8\x06>\xc9\xe2r\xe9\xbb\xfe\xc0\b\x81\x98\x1c\xe2\xe0?\x8f\xa1\xbel\aN\x83@\xb1\x03)4A\x83\xd6\xcf\xf6\xb5\x82\xb7\x9dA\b$\xa2x\x8a@\xfaj~\xef\x93\xb1/L\x01\xe2\xba|\xf0\x01)PP\xcdl\x06\xfc\x15;qZ\xb1u\xc9\xd0\xd16~JEGm\xe4\x1e@\x9dG\xe4@\xdf\xba\'\x8b\x1cD\xc7\xec\xd1@}tR\xd9P\xf4N\xe3\xd8x\xa0\x91\x17\xc2}\x13\b\xca\t(Z\xa3_\xa1\x90\x15T\xa4\xe7%\x98\xa7\xfb\x8bp/eq\x93\xbf\x1f =|\xf3\xb1\xfcR\xd8\nM,\xcb%@\'\x15\x88\xd8\xad\f\x91|\x95\x8fq+\x98\x81W\xba\x9f\xe0elOt\xbd\by\r\x87\x1c\xba\xbd\x8e+S>\xb8\xe29\x91h^x\xfb`\x00\xdd/\xa6\xb1\x16=\xa1bw\xc5I\xb1\x00'/549, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x6}) fallocate(r0, 0x0, 0x0, 0x7) ftruncate(r0, 0x3e7e) read(r0, 0x0, 0x0) 10:58:30 executing program 5: syz_emit_vhci(&(0x7f0000000200)=@HCI_EVENT_PKT={0x4, @hci_ev_pin_code_req={{0x16, 0x6}, {@fixed}}}, 0x9) 10:58:30 executing program 6: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = syz_io_uring_setup(0x37af, &(0x7f0000000180), &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000000000), &(0x7f0000000200)) syz_open_dev$sg(0x0, 0x0, 0x0) io_uring_register$IORING_REGISTER_FILES(r1, 0x2, &(0x7f0000000280)=[r0, r0], 0x2) [ 123.178084] exc_invalid_op+0x14/0x50 [ 123.178097] asm_exc_invalid_op+0x16/0x20 [ 123.178113] group_sched_out.part.0+0x2c7/0x460 [ 123.178124] ctx_sched_out+0x8f1/0xc10 [ 123.178133] __perf_event_task_sched_out+0x6d0/0x18d0 [ 123.178145] __schedule+0xedd/0x2470 [ 123.178155] schedule+0xda/0x1b0 [ 123.178165] exit_to_user_mode_prepare+0x114/0x1a0 [ 123.178183] syscall_exit_to_user_mode+0x19/0x40 [ 123.178200] do_syscall_64+0x48/0x90 [ 123.178213] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 123.178230] [ 123.178230] other info that might help us debug this: [ 123.178230] [ 123.178232] Chain exists of: [ 123.178232] (console_sem).lock --> &rq->__lock --> &ctx->lock [ 123.178232] [ 123.178247] Possible unsafe locking scenario: [ 123.178247] [ 123.178249] CPU0 CPU1 [ 123.178252] ---- ---- [ 123.178254] lock(&ctx->lock); [ 123.178259] lock(&rq->__lock); [ 123.178266] lock(&ctx->lock); [ 123.178272] lock((console_sem).lock); [ 123.178278] [ 123.178278] *** DEADLOCK *** [ 123.178278] [ 123.178280] 2 locks held by syz-executor.4/4120: [ 123.178286] #0: ffff88806cf37cd8 (&rq->__lock){-.-.}-{2:2}, at: __schedule+0x1cf/0x2470 [ 123.178312] #1: ffff88803eb16420 (&ctx->lock){....}-{2:2}, at: __perf_event_task_sched_out+0x53b/0x18d0 [ 123.178339] [ 123.178339] stack backtrace: [ 123.178342] CPU: 1 PID: 4120 Comm: syz-executor.4 Not tainted 6.0.0-rc5-next-20220916 #1 [ 123.178354] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 123.178363] Call Trace: [ 123.178366] [ 123.178370] dump_stack_lvl+0x8b/0xb3 [ 123.178384] check_noncircular+0x263/0x2e0 [ 123.178400] ? format_decode+0x26c/0xb50 [ 123.178416] ? print_circular_bug+0x450/0x450 [ 123.178432] ? enable_ptr_key_workfn+0x20/0x20 [ 123.178447] ? format_decode+0x26c/0xb50 [ 123.178463] ? alloc_chain_hlocks+0x1ec/0x5a0 [ 123.178480] __lock_acquire+0x2a02/0x5e70 [ 123.178501] ? lockdep_hardirqs_on_prepare+0x410/0x410 [ 123.178523] lock_acquire+0x1a2/0x530 [ 123.178539] ? down_trylock+0xe/0x70 [ 123.178554] ? rcu_read_unlock+0x40/0x40 [ 123.178574] ? vprintk+0x84/0xa0 [ 123.178591] _raw_spin_lock_irqsave+0x39/0x60 [ 123.178607] ? down_trylock+0xe/0x70 [ 123.178620] down_trylock+0xe/0x70 [ 123.178633] ? vprintk+0x84/0xa0 [ 123.178649] __down_trylock_console_sem+0x3b/0xd0 [ 123.178666] vprintk_emit+0x16b/0x560 [ 123.178684] vprintk+0x84/0xa0 [ 123.178701] _printk+0xba/0xf1 [ 123.178719] ? record_print_text.cold+0x16/0x16 [ 123.178740] ? report_bug.cold+0x66/0xab [ 123.178755] ? group_sched_out.part.0+0x2c7/0x460 [ 123.178766] report_bug.cold+0x72/0xab [ 123.178781] handle_bug+0x3c/0x70 [ 123.178795] exc_invalid_op+0x14/0x50 [ 123.178809] asm_exc_invalid_op+0x16/0x20 [ 123.178826] RIP: 0010:group_sched_out.part.0+0x2c7/0x460 [ 123.178840] Code: 5e 41 5f e9 3b b7 ef ff e8 36 b7 ef ff 65 8b 1d ab 15 ac 7e 31 ff 89 de e8 d6 b3 ef ff 85 db 0f 84 8a 00 00 00 e8 19 b7 ef ff <0f> 0b e9 a5 fe ff ff e8 0d b7 ef ff 48 8d 7d 10 48 b8 00 00 00 00 [ 123.178852] RSP: 0018:ffff88801d9c7c48 EFLAGS: 00010006 [ 123.178861] RAX: 0000000040000002 RBX: 0000000000000000 RCX: 0000000000000000 [ 123.178868] RDX: ffff88800fd9b580 RSI: ffffffff81566027 RDI: 0000000000000005 [ 123.178876] RBP: ffff88803f0e8000 R08: 0000000000000005 R09: 0000000000000001 [ 123.178883] R10: 0000000000000000 R11: ffffffff865ac05b R12: ffff88803eb16400 [ 123.178891] R13: ffff88806cf3d100 R14: ffffffff8547c660 R15: 0000000000000002 [ 123.178902] ? group_sched_out.part.0+0x2c7/0x460 [ 123.178915] ? group_sched_out.part.0+0x2c7/0x460 [ 123.178928] ctx_sched_out+0x8f1/0xc10 [ 123.178940] __perf_event_task_sched_out+0x6d0/0x18d0 [ 123.178955] ? lock_is_held_type+0xd7/0x130 [ 123.178974] ? __perf_cgroup_move+0x160/0x160 [ 123.178985] ? set_next_entity+0x304/0x550 [ 123.179003] ? update_curr+0x267/0x740 [ 123.179021] ? lock_is_held_type+0xd7/0x130 [ 123.179039] __schedule+0xedd/0x2470 [ 123.179052] ? io_schedule_timeout+0x150/0x150 [ 123.179065] ? rcu_read_lock_sched_held+0x3e/0x80 [ 123.179086] schedule+0xda/0x1b0 [ 123.179097] exit_to_user_mode_prepare+0x114/0x1a0 [ 123.179117] syscall_exit_to_user_mode+0x19/0x40 [ 123.179134] do_syscall_64+0x48/0x90 [ 123.179149] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 123.179166] RIP: 0033:0x7fa2c2f44b19 [ 123.179175] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 123.179185] RSP: 002b:00007fa2c04ba218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 123.179196] RAX: 0000000000000001 RBX: 00007fa2c3057f68 RCX: 00007fa2c2f44b19 [ 123.179204] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007fa2c3057f6c [ 123.179211] RBP: 00007fa2c3057f60 R08: 000000000000000e R09: 0000000000000000 [ 123.179218] R10: 0000000000000004 R11: 0000000000000246 R12: 00007fa2c3057f6c [ 123.179225] R13: 00007ffeb27b988f R14: 00007fa2c04ba300 R15: 0000000000022000 [ 123.179238] [ 123.234735] WARNING: CPU: 1 PID: 4120 at kernel/events/core.c:2309 group_sched_out.part.0+0x2c7/0x460 [ 123.235398] Modules linked in: [ 123.235638] CPU: 1 PID: 4120 Comm: syz-executor.4 Not tainted 6.0.0-rc5-next-20220916 #1 [ 123.236227] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 123.237049] RIP: 0010:group_sched_out.part.0+0x2c7/0x460 [ 123.237442] Code: 5e 41 5f e9 3b b7 ef ff e8 36 b7 ef ff 65 8b 1d ab 15 ac 7e 31 ff 89 de e8 d6 b3 ef ff 85 db 0f 84 8a 00 00 00 e8 19 b7 ef ff <0f> 0b e9 a5 fe ff ff e8 0d b7 ef ff 48 8d 7d 10 48 b8 00 00 00 00 [ 123.238742] RSP: 0018:ffff88801d9c7c48 EFLAGS: 00010006 [ 123.239124] RAX: 0000000040000002 RBX: 0000000000000000 RCX: 0000000000000000 [ 123.239639] RDX: ffff88800fd9b580 RSI: ffffffff81566027 RDI: 0000000000000005 [ 123.240153] RBP: ffff88803f0e8000 R08: 0000000000000005 R09: 0000000000000001 [ 123.240675] R10: 0000000000000000 R11: ffffffff865ac05b R12: ffff88803eb16400 [ 123.241191] R13: ffff88806cf3d100 R14: ffffffff8547c660 R15: 0000000000000002 [ 123.241713] FS: 00007fa2c04ba700(0000) GS:ffff88806cf00000(0000) knlGS:0000000000000000 [ 123.242301] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 123.242724] CR2: 00007f2177018820 CR3: 00000000186bc000 CR4: 0000000000350ee0 [ 123.243245] Call Trace: [ 123.243439] [ 123.243602] ctx_sched_out+0x8f1/0xc10 [ 123.243889] __perf_event_task_sched_out+0x6d0/0x18d0 [ 123.244274] ? lock_is_held_type+0xd7/0x130 [ 123.244598] ? __perf_cgroup_move+0x160/0x160 [ 123.244947] ? set_next_entity+0x304/0x550 [ 123.245266] ? update_curr+0x267/0x740 [ 123.245565] ? lock_is_held_type+0xd7/0x130 [ 123.245889] __schedule+0xedd/0x2470 [ 123.246164] ? io_schedule_timeout+0x150/0x150 [ 123.246505] ? rcu_read_lock_sched_held+0x3e/0x80 [ 123.246867] schedule+0xda/0x1b0 [ 123.247122] exit_to_user_mode_prepare+0x114/0x1a0 [ 123.247491] syscall_exit_to_user_mode+0x19/0x40 [ 123.247847] do_syscall_64+0x48/0x90 [ 123.248129] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 123.248505] RIP: 0033:0x7fa2c2f44b19 [ 123.248787] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 123.250087] RSP: 002b:00007fa2c04ba218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 123.250639] RAX: 0000000000000001 RBX: 00007fa2c3057f68 RCX: 00007fa2c2f44b19 [ 123.251160] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007fa2c3057f6c [ 123.251676] RBP: 00007fa2c3057f60 R08: 000000000000000e R09: 0000000000000000 [ 123.252191] R10: 0000000000000004 R11: 0000000000000246 R12: 00007fa2c3057f6c [ 123.252719] R13: 00007ffeb27b988f R14: 00007fa2c04ba300 R15: 0000000000022000 [ 123.253239] [ 123.253415] irq event stamp: 2534 [ 123.253669] hardirqs last enabled at (2533): [] exit_to_user_mode_prepare+0x109/0x1a0 [ 123.254357] hardirqs last disabled at (2534): [] __schedule+0x1225/0x2470 [ 123.254962] softirqs last enabled at (2040): [] __irq_exit_rcu+0x11b/0x180 [ 123.255586] softirqs last disabled at (2035): [] __irq_exit_rcu+0x11b/0x180 [ 123.256211] ---[ end trace 0000000000000000 ]--- 10:58:30 executing program 2: r0 = syz_open_dev$loop(&(0x7f0000003ec0), 0x0, 0x0) ioctl$BLKROTATIONAL(r0, 0x127e, &(0x7f0000004200)) [ 123.330668] hrtimer: interrupt took 18494 ns 10:58:30 executing program 6: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = syz_io_uring_setup(0x37af, &(0x7f0000000180), &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000000000), &(0x7f0000000200)) syz_open_dev$sg(0x0, 0x0, 0x0) io_uring_register$IORING_REGISTER_FILES(r1, 0x2, &(0x7f0000000280)=[r0, r0], 0x2) 10:58:30 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) truncate(&(0x7f0000000040)='./file1\x00', 0x8000) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) pwrite64(r0, &(0x7f0000000200)="785538b608", 0x5, 0xffc) r2 = creat(&(0x7f0000000040)='./file0\x00', 0x0) fallocate(r2, 0x0, 0x1cba, 0xf06) ioctl$EXT4_IOC_MOVE_EXT(r0, 0xc028660f, &(0x7f0000000000)={0x0, r1, 0x0, 0x0, 0x2}) 10:58:30 executing program 5: syz_emit_vhci(&(0x7f0000000200)=@HCI_EVENT_PKT={0x4, @hci_ev_pin_code_req={{0x16, 0x6}, {@fixed}}}, 0x9) 10:58:30 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) truncate(&(0x7f0000000040)='./file1\x00', 0x8000) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) pwrite64(r0, &(0x7f0000000200)="785538b608", 0x5, 0xffc) r2 = creat(&(0x7f0000000040)='./file0\x00', 0x0) fallocate(r2, 0x0, 0x1cba, 0xf06) ioctl$EXT4_IOC_MOVE_EXT(r0, 0xc028660f, &(0x7f0000000000)={0x0, r1, 0x0, 0x0, 0x2}) 10:58:30 executing program 7: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) truncate(&(0x7f0000000040)='./file1\x00', 0x8000) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) pwrite64(r0, &(0x7f0000000200)="785538b608", 0x5, 0xffc) r2 = creat(&(0x7f0000000040)='./file0\x00', 0x0) fallocate(r2, 0x0, 0x1cba, 0xf06) ioctl$EXT4_IOC_MOVE_EXT(r0, 0xc028660f, &(0x7f0000000000)={0x0, r1, 0x0, 0x0, 0x2}) [ 123.380567] syz-executor.4: attempt to access beyond end of device [ 123.380567] loop4: rw=2049, sector=124, nr_sectors = 4 limit=40 [ 123.381493] Buffer I/O error on dev loop4, logical block 31, lost async page write 10:58:30 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) truncate(&(0x7f0000000040)='./file1\x00', 0x8000) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) pwrite64(r0, &(0x7f0000000200)="785538b608", 0x5, 0xffc) r2 = creat(&(0x7f0000000040)='./file0\x00', 0x0) fallocate(r2, 0x0, 0x1cba, 0xf06) ioctl$EXT4_IOC_MOVE_EXT(r0, 0xc028660f, &(0x7f0000000000)={0x0, r1, 0x0, 0x0, 0x2}) 10:58:30 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) truncate(&(0x7f0000000040)='./file1\x00', 0x8000) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) pwrite64(r0, &(0x7f0000000200)="785538b608", 0x5, 0xffc) r2 = creat(&(0x7f0000000040)='./file0\x00', 0x0) fallocate(r2, 0x0, 0x1cba, 0xf06) ioctl$EXT4_IOC_MOVE_EXT(r0, 0xc028660f, &(0x7f0000000000)={0x0, r1, 0x0, 0x0, 0x2}) [ 123.425055] syz-executor.4: attempt to access beyond end of device [ 123.425055] loop4: rw=2049, sector=124, nr_sectors = 4 limit=40 [ 123.426007] Buffer I/O error on dev loop4, logical block 31, lost async page write 10:58:30 executing program 2: r0 = syz_open_dev$loop(&(0x7f0000003ec0), 0x0, 0x0) ioctl$BLKROTATIONAL(r0, 0x127e, &(0x7f0000004200)) 10:58:30 executing program 7: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) truncate(&(0x7f0000000040)='./file1\x00', 0x8000) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) pwrite64(r0, &(0x7f0000000200)="785538b608", 0x5, 0xffc) r2 = creat(&(0x7f0000000040)='./file0\x00', 0x0) fallocate(r2, 0x0, 0x1cba, 0xf06) ioctl$EXT4_IOC_MOVE_EXT(r0, 0xc028660f, &(0x7f0000000000)={0x0, r1, 0x0, 0x0, 0x2}) 10:58:30 executing program 5: syz_emit_vhci(&(0x7f0000000200)=@HCI_EVENT_PKT={0x4, @hci_ev_pin_code_req={{0x16, 0x6}, {@fixed}}}, 0x9) 10:58:30 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) truncate(&(0x7f0000000040)='./file1\x00', 0x8000) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) pwrite64(r0, &(0x7f0000000200)="785538b608", 0x5, 0xffc) r2 = creat(&(0x7f0000000040)='./file0\x00', 0x0) fallocate(r2, 0x0, 0x1cba, 0xf06) ioctl$EXT4_IOC_MOVE_EXT(r0, 0xc028660f, &(0x7f0000000000)={0x0, r1, 0x0, 0x0, 0x2}) 10:58:30 executing program 4: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x11, 0xffffffffffffffff, 0xa015000) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x2, 0x0) pwrite64(r1, &(0x7f00000000c0)='9', 0x1, 0x8040000) ioctl$FS_IOC_FIEMAP(r1, 0xc020660b, &(0x7f0000000380)={0x0, 0x3ff}) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x11, 0xffffffffffffffff, 0xa015000) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r2, &(0x7f0000001180)=ANY=[], 0x220) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r2, r0, 0x0, 0xfffffdef) 10:58:30 executing program 6: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = syz_io_uring_setup(0x37af, &(0x7f0000000180), &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000000000), &(0x7f0000000200)) syz_open_dev$sg(0x0, 0x0, 0x0) io_uring_register$IORING_REGISTER_FILES(r1, 0x2, &(0x7f0000000280)=[r0, r0], 0x2) 10:58:30 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) truncate(&(0x7f0000000040)='./file1\x00', 0x8000) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) pwrite64(r0, &(0x7f0000000200)="785538b608", 0x5, 0xffc) r2 = creat(&(0x7f0000000040)='./file0\x00', 0x0) fallocate(r2, 0x0, 0x1cba, 0xf06) ioctl$EXT4_IOC_MOVE_EXT(r0, 0xc028660f, &(0x7f0000000000)={0x0, r1, 0x0, 0x0, 0x2}) 10:58:30 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) truncate(&(0x7f0000000040)='./file1\x00', 0x8000) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) pwrite64(r0, &(0x7f0000000200)="785538b608", 0x5, 0xffc) r2 = creat(&(0x7f0000000040)='./file0\x00', 0x0) fallocate(r2, 0x0, 0x1cba, 0xf06) ioctl$EXT4_IOC_MOVE_EXT(r0, 0xc028660f, &(0x7f0000000000)={0x0, r1, 0x0, 0x0, 0x2}) [ 123.507636] loop4: detected capacity change from 0 to 40 10:58:30 executing program 2: r0 = syz_open_dev$loop(&(0x7f0000003ec0), 0x0, 0x0) ioctl$BLKROTATIONAL(r0, 0x127e, &(0x7f0000004200)) 10:58:30 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) truncate(&(0x7f0000000040)='./file1\x00', 0x8000) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) pwrite64(r0, &(0x7f0000000200)="785538b608", 0x5, 0xffc) r2 = creat(&(0x7f0000000040)='./file0\x00', 0x0) fallocate(r2, 0x0, 0x1cba, 0xf06) ioctl$EXT4_IOC_MOVE_EXT(r0, 0xc028660f, &(0x7f0000000000)={0x0, r1, 0x0, 0x0, 0x2}) 10:58:30 executing program 5: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x11, 0xffffffffffffffff, 0xa015000) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x2, 0x0) pwrite64(r1, &(0x7f00000000c0)='9', 0x1, 0x8040000) ioctl$FS_IOC_FIEMAP(r1, 0xc020660b, &(0x7f0000000380)={0x0, 0x3ff}) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x11, 0xffffffffffffffff, 0xa015000) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r2, &(0x7f0000001180)=ANY=[], 0x220) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r2, r0, 0x0, 0xfffffdef) [ 123.600811] syz-executor.4: attempt to access beyond end of device [ 123.600811] loop4: rw=2049, sector=124, nr_sectors = 4 limit=40 [ 123.601791] Buffer I/O error on dev loop4, logical block 31, lost async page write [ 123.631384] loop5: detected capacity change from 0 to 40 [ 123.637709] syz-executor.4 (4157) used greatest stack depth: 24472 bytes left [ 124.104541] syz-executor.5: attempt to access beyond end of device [ 124.104541] loop5: rw=2049, sector=124, nr_sectors = 4 limit=40 [ 124.109869] Buffer I/O error on dev loop5, logical block 31, lost async page write 10:58:31 executing program 4: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x11, 0xffffffffffffffff, 0xa015000) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x2, 0x0) pwrite64(r1, &(0x7f00000000c0)='9', 0x1, 0x8040000) ioctl$FS_IOC_FIEMAP(r1, 0xc020660b, &(0x7f0000000380)={0x0, 0x3ff}) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x11, 0xffffffffffffffff, 0xa015000) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r2, &(0x7f0000001180)=ANY=[], 0x220) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r2, r0, 0x0, 0xfffffdef) [ 124.239212] loop4: detected capacity change from 0 to 40 10:58:31 executing program 6: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = syz_io_uring_setup(0x37af, &(0x7f0000000180), &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000000000), &(0x7f0000000200)) syz_open_dev$sg(0x0, 0x0, 0x0) io_uring_register$IORING_REGISTER_FILES(r1, 0x2, &(0x7f0000000280)=[r0, r0], 0x2) 10:58:31 executing program 7: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) truncate(&(0x7f0000000040)='./file1\x00', 0x8000) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) pwrite64(r0, &(0x7f0000000200)="785538b608", 0x5, 0xffc) r2 = creat(&(0x7f0000000040)='./file0\x00', 0x0) fallocate(r2, 0x0, 0x1cba, 0xf06) ioctl$EXT4_IOC_MOVE_EXT(r0, 0xc028660f, &(0x7f0000000000)={0x0, r1, 0x0, 0x0, 0x2}) 10:58:31 executing program 3: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x11, 0xffffffffffffffff, 0xa015000) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x2, 0x0) pwrite64(r1, &(0x7f00000000c0)='9', 0x1, 0x8040000) ioctl$FS_IOC_FIEMAP(r1, 0xc020660b, &(0x7f0000000380)={0x0, 0x3ff}) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x11, 0xffffffffffffffff, 0xa015000) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r2, &(0x7f0000001180)=ANY=[], 0x220) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r2, r0, 0x0, 0xfffffdef) [ 124.248848] loop3: detected capacity change from 0 to 40 [ 124.256174] loop1: detected capacity change from 0 to 40 10:58:31 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) truncate(&(0x7f0000000040)='./file1\x00', 0x8000) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) pwrite64(r0, &(0x7f0000000200)="785538b608", 0x5, 0xffc) r2 = creat(&(0x7f0000000040)='./file0\x00', 0x0) fallocate(r2, 0x0, 0x1cba, 0xf06) ioctl$EXT4_IOC_MOVE_EXT(r0, 0xc028660f, &(0x7f0000000000)={0x0, r1, 0x0, 0x0, 0x2}) 10:58:31 executing program 5: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x11, 0xffffffffffffffff, 0xa015000) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x2, 0x0) pwrite64(r1, &(0x7f00000000c0)='9', 0x1, 0x8040000) ioctl$FS_IOC_FIEMAP(r1, 0xc020660b, &(0x7f0000000380)={0x0, 0x3ff}) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x11, 0xffffffffffffffff, 0xa015000) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r2, &(0x7f0000001180)=ANY=[], 0x220) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r2, r0, 0x0, 0xfffffdef) 10:58:31 executing program 1: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x11, 0xffffffffffffffff, 0xa015000) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x2, 0x0) pwrite64(r1, &(0x7f00000000c0)='9', 0x1, 0x8040000) ioctl$FS_IOC_FIEMAP(r1, 0xc020660b, &(0x7f0000000380)={0x0, 0x3ff}) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x11, 0xffffffffffffffff, 0xa015000) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r2, &(0x7f0000001180)=ANY=[], 0x220) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r2, r0, 0x0, 0xfffffdef) [ 124.272875] loop5: detected capacity change from 0 to 40 10:58:31 executing program 2: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x11, 0xffffffffffffffff, 0xa015000) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x2, 0x0) pwrite64(r1, &(0x7f00000000c0)='9', 0x1, 0x8040000) ioctl$FS_IOC_FIEMAP(r1, 0xc020660b, &(0x7f0000000380)={0x0, 0x3ff}) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x11, 0xffffffffffffffff, 0xa015000) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r2, &(0x7f0000001180)=ANY=[], 0x220) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r2, r0, 0x0, 0xfffffdef) [ 124.275035] loop2: detected capacity change from 0 to 40 [ 124.325024] syz-executor.5: attempt to access beyond end of device [ 124.325024] loop5: rw=2049, sector=124, nr_sectors = 4 limit=40 [ 124.326060] Buffer I/O error on dev loop5, logical block 31, lost async page write [ 124.329097] syz-executor.2: attempt to access beyond end of device [ 124.329097] loop2: rw=2049, sector=124, nr_sectors = 4 limit=40 [ 124.330067] Buffer I/O error on dev loop2, logical block 31, lost async page write [ 124.359434] syz-executor.4: attempt to access beyond end of device [ 124.359434] loop4: rw=2049, sector=124, nr_sectors = 4 limit=40 [ 124.360382] Buffer I/O error on dev loop4, logical block 31, lost async page write [ 124.373593] syz-executor.1: attempt to access beyond end of device [ 124.373593] loop1: rw=2049, sector=124, nr_sectors = 4 limit=40 [ 124.374477] Buffer I/O error on dev loop1, logical block 31, lost async page write 10:58:31 executing program 2: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x11, 0xffffffffffffffff, 0xa015000) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x2, 0x0) pwrite64(r1, &(0x7f00000000c0)='9', 0x1, 0x8040000) ioctl$FS_IOC_FIEMAP(r1, 0xc020660b, &(0x7f0000000380)={0x0, 0x3ff}) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x11, 0xffffffffffffffff, 0xa015000) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r2, &(0x7f0000001180)=ANY=[], 0x220) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r2, r0, 0x0, 0xfffffdef) 10:58:31 executing program 5: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x11, 0xffffffffffffffff, 0xa015000) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x2, 0x0) pwrite64(r1, &(0x7f00000000c0)='9', 0x1, 0x8040000) ioctl$FS_IOC_FIEMAP(r1, 0xc020660b, &(0x7f0000000380)={0x0, 0x3ff}) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x11, 0xffffffffffffffff, 0xa015000) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r2, &(0x7f0000001180)=ANY=[], 0x220) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r2, r0, 0x0, 0xfffffdef) 10:58:31 executing program 7: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x11, 0xffffffffffffffff, 0xa015000) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x2, 0x0) pwrite64(r1, &(0x7f00000000c0)='9', 0x1, 0x8040000) ioctl$FS_IOC_FIEMAP(r1, 0xc020660b, &(0x7f0000000380)={0x0, 0x3ff}) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x11, 0xffffffffffffffff, 0xa015000) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r2, &(0x7f0000001180)=ANY=[], 0x220) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r2, r0, 0x0, 0xfffffdef) [ 124.420878] loop5: detected capacity change from 0 to 40 [ 124.422992] loop2: detected capacity change from 0 to 40 [ 124.460163] syz-executor.2: attempt to access beyond end of device [ 124.460163] loop2: rw=2049, sector=124, nr_sectors = 4 limit=40 [ 124.461257] Buffer I/O error on dev loop2, logical block 31, lost async page write [ 124.462498] syz-executor.5: attempt to access beyond end of device [ 124.462498] loop5: rw=2049, sector=124, nr_sectors = 4 limit=40 [ 124.463499] Buffer I/O error on dev loop5, logical block 31, lost async page write 10:58:31 executing program 4: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x11, 0xffffffffffffffff, 0xa015000) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x2, 0x0) pwrite64(r1, &(0x7f00000000c0)='9', 0x1, 0x8040000) ioctl$FS_IOC_FIEMAP(r1, 0xc020660b, &(0x7f0000000380)={0x0, 0x3ff}) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x11, 0xffffffffffffffff, 0xa015000) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r2, &(0x7f0000001180)=ANY=[], 0x220) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r2, r0, 0x0, 0xfffffdef) [ 124.472000] loop7: detected capacity change from 0 to 40 10:58:31 executing program 6: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x11, 0xffffffffffffffff, 0xa015000) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x2, 0x0) pwrite64(r1, &(0x7f00000000c0)='9', 0x1, 0x8040000) ioctl$FS_IOC_FIEMAP(r1, 0xc020660b, &(0x7f0000000380)={0x0, 0x3ff}) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x11, 0xffffffffffffffff, 0xa015000) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r2, &(0x7f0000001180)=ANY=[], 0x220) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r2, r0, 0x0, 0xfffffdef) [ 124.493554] loop6: detected capacity change from 0 to 40 [ 124.495398] loop4: detected capacity change from 0 to 40 10:58:31 executing program 2: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x11, 0xffffffffffffffff, 0xa015000) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x2, 0x0) pwrite64(r1, &(0x7f00000000c0)='9', 0x1, 0x8040000) ioctl$FS_IOC_FIEMAP(r1, 0xc020660b, &(0x7f0000000380)={0x0, 0x3ff}) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x11, 0xffffffffffffffff, 0xa015000) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r2, &(0x7f0000001180)=ANY=[], 0x220) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r2, r0, 0x0, 0xfffffdef) 10:58:31 executing program 1: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x11, 0xffffffffffffffff, 0xa015000) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x2, 0x0) pwrite64(r1, &(0x7f00000000c0)='9', 0x1, 0x8040000) ioctl$FS_IOC_FIEMAP(r1, 0xc020660b, &(0x7f0000000380)={0x0, 0x3ff}) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x11, 0xffffffffffffffff, 0xa015000) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r2, &(0x7f0000001180)=ANY=[], 0x220) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r2, r0, 0x0, 0xfffffdef) 10:58:31 executing program 5: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x11, 0xffffffffffffffff, 0xa015000) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x2, 0x0) pwrite64(r1, &(0x7f00000000c0)='9', 0x1, 0x8040000) ioctl$FS_IOC_FIEMAP(r1, 0xc020660b, &(0x7f0000000380)={0x0, 0x3ff}) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x11, 0xffffffffffffffff, 0xa015000) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r2, &(0x7f0000001180)=ANY=[], 0x220) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r2, r0, 0x0, 0xfffffdef) 10:58:31 executing program 0: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x11, 0xffffffffffffffff, 0xa015000) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x2, 0x0) pwrite64(r1, &(0x7f00000000c0)='9', 0x1, 0x8040000) ioctl$FS_IOC_FIEMAP(r1, 0xc020660b, &(0x7f0000000380)={0x0, 0x3ff}) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x11, 0xffffffffffffffff, 0xa015000) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r2, &(0x7f0000001180)=ANY=[], 0x220) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r2, r0, 0x0, 0xfffffdef) [ 124.601275] loop1: detected capacity change from 0 to 40 [ 124.605201] loop5: detected capacity change from 0 to 40 10:58:31 executing program 6: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x11, 0xffffffffffffffff, 0xa015000) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x2, 0x0) pwrite64(r1, &(0x7f00000000c0)='9', 0x1, 0x8040000) ioctl$FS_IOC_FIEMAP(r1, 0xc020660b, &(0x7f0000000380)={0x0, 0x3ff}) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x11, 0xffffffffffffffff, 0xa015000) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r2, &(0x7f0000001180)=ANY=[], 0x220) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r2, r0, 0x0, 0xfffffdef) [ 124.612192] loop2: detected capacity change from 0 to 40 [ 124.618368] loop0: detected capacity change from 0 to 40 [ 124.667851] loop6: detected capacity change from 0 to 40 10:58:31 executing program 1: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x11, 0xffffffffffffffff, 0xa015000) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x2, 0x0) pwrite64(r1, &(0x7f00000000c0)='9', 0x1, 0x8040000) ioctl$FS_IOC_FIEMAP(r1, 0xc020660b, &(0x7f0000000380)={0x0, 0x3ff}) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x11, 0xffffffffffffffff, 0xa015000) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r2, &(0x7f0000001180)=ANY=[], 0x220) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r2, r0, 0x0, 0xfffffdef) [ 124.751248] loop1: detected capacity change from 0 to 40 [ 124.893644] loop6: detected capacity change from 0 to 40 [ 124.910107] loop5: detected capacity change from 0 to 40 [ 124.918081] loop0: detected capacity change from 0 to 40 [ 124.925566] loop3: detected capacity change from 0 to 40 10:58:32 executing program 5: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x11, 0xffffffffffffffff, 0xa015000) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x2, 0x0) pwrite64(r1, &(0x7f00000000c0)='9', 0x1, 0x8040000) ioctl$FS_IOC_FIEMAP(r1, 0xc020660b, &(0x7f0000000380)={0x0, 0x3ff}) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x11, 0xffffffffffffffff, 0xa015000) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r2, &(0x7f0000001180)=ANY=[], 0x220) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r2, r0, 0x0, 0xfffffdef) 10:58:32 executing program 6: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x11, 0xffffffffffffffff, 0xa015000) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x2, 0x0) pwrite64(r1, &(0x7f00000000c0)='9', 0x1, 0x8040000) ioctl$FS_IOC_FIEMAP(r1, 0xc020660b, &(0x7f0000000380)={0x0, 0x3ff}) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x11, 0xffffffffffffffff, 0xa015000) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r2, &(0x7f0000001180)=ANY=[], 0x220) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r2, r0, 0x0, 0xfffffdef) 10:58:32 executing program 7: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x11, 0xffffffffffffffff, 0xa015000) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x2, 0x0) pwrite64(r1, &(0x7f00000000c0)='9', 0x1, 0x8040000) ioctl$FS_IOC_FIEMAP(r1, 0xc020660b, &(0x7f0000000380)={0x0, 0x3ff}) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x11, 0xffffffffffffffff, 0xa015000) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r2, &(0x7f0000001180)=ANY=[], 0x220) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r2, r0, 0x0, 0xfffffdef) 10:58:32 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) truncate(&(0x7f0000000040)='./file1\x00', 0x8000) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) pwrite64(r0, &(0x7f0000000200)="785538b608", 0x5, 0xffc) r2 = creat(&(0x7f0000000040)='./file0\x00', 0x0) fallocate(r2, 0x0, 0x1cba, 0xf06) ioctl$EXT4_IOC_MOVE_EXT(r0, 0xc028660f, &(0x7f0000000000)={0x0, r1, 0x0, 0x0, 0x2}) 10:58:32 executing program 0: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x11, 0xffffffffffffffff, 0xa015000) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x2, 0x0) pwrite64(r1, &(0x7f00000000c0)='9', 0x1, 0x8040000) ioctl$FS_IOC_FIEMAP(r1, 0xc020660b, &(0x7f0000000380)={0x0, 0x3ff}) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x11, 0xffffffffffffffff, 0xa015000) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r2, &(0x7f0000001180)=ANY=[], 0x220) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r2, r0, 0x0, 0xfffffdef) 10:58:32 executing program 3: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x11, 0xffffffffffffffff, 0xa015000) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x2, 0x0) pwrite64(r1, &(0x7f00000000c0)='9', 0x1, 0x8040000) ioctl$FS_IOC_FIEMAP(r1, 0xc020660b, &(0x7f0000000380)={0x0, 0x3ff}) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x11, 0xffffffffffffffff, 0xa015000) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r2, &(0x7f0000001180)=ANY=[], 0x220) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r2, r0, 0x0, 0xfffffdef) 10:58:32 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) truncate(&(0x7f0000000040)='./file1\x00', 0x8000) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) pwrite64(r0, &(0x7f0000000200)="785538b608", 0x5, 0xffc) r2 = creat(&(0x7f0000000040)='./file0\x00', 0x0) fallocate(r2, 0x0, 0x1cba, 0xf06) ioctl$EXT4_IOC_MOVE_EXT(r0, 0xc028660f, &(0x7f0000000000)={0x0, r1, 0x0, 0x0, 0x2}) 10:58:32 executing program 2: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = syz_io_uring_setup(0x37af, &(0x7f0000000180), &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000000000), &(0x7f0000000200)) syz_open_dev$sg(0x0, 0x0, 0x0) io_uring_register$IORING_REGISTER_FILES(r1, 0x2, &(0x7f0000000280)=[r0, r0], 0x2) [ 124.940880] loop7: detected capacity change from 0 to 40 10:58:32 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) truncate(&(0x7f0000000040)='./file1\x00', 0x8000) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) pwrite64(r0, &(0x7f0000000200)="785538b608", 0x5, 0xffc) r2 = creat(&(0x7f0000000040)='./file0\x00', 0x0) fallocate(r2, 0x0, 0x1cba, 0xf06) ioctl$EXT4_IOC_MOVE_EXT(r0, 0xc028660f, &(0x7f0000000000)={0x0, r1, 0x0, 0x0, 0x2}) 10:58:32 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) truncate(&(0x7f0000000040)='./file1\x00', 0x8000) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) pwrite64(r0, &(0x7f0000000200)="785538b608", 0x5, 0xffc) r2 = creat(&(0x7f0000000040)='./file0\x00', 0x0) fallocate(r2, 0x0, 0x1cba, 0xf06) ioctl$EXT4_IOC_MOVE_EXT(r0, 0xc028660f, &(0x7f0000000000)={0x0, r1, 0x0, 0x0, 0x2}) 10:58:32 executing program 2: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = syz_io_uring_setup(0x37af, &(0x7f0000000180), &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000000000), &(0x7f0000000200)) syz_open_dev$sg(0x0, 0x0, 0x0) io_uring_register$IORING_REGISTER_FILES(r1, 0x2, &(0x7f0000000280)=[r0, r0], 0x2) 10:58:32 executing program 5: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x11, 0xffffffffffffffff, 0xa015000) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x2, 0x0) pwrite64(r1, &(0x7f00000000c0)='9', 0x1, 0x8040000) ioctl$FS_IOC_FIEMAP(r1, 0xc020660b, &(0x7f0000000380)={0x0, 0x3ff}) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x11, 0xffffffffffffffff, 0xa015000) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r2, &(0x7f0000001180)=ANY=[], 0x220) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r2, r0, 0x0, 0xfffffdef) 10:58:32 executing program 0: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x11, 0xffffffffffffffff, 0xa015000) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x2, 0x0) pwrite64(r1, &(0x7f00000000c0)='9', 0x1, 0x8040000) ioctl$FS_IOC_FIEMAP(r1, 0xc020660b, &(0x7f0000000380)={0x0, 0x3ff}) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x11, 0xffffffffffffffff, 0xa015000) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r2, &(0x7f0000001180)=ANY=[], 0x220) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r2, r0, 0x0, 0xfffffdef) 10:58:32 executing program 7: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x11, 0xffffffffffffffff, 0xa015000) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x2, 0x0) pwrite64(r1, &(0x7f00000000c0)='9', 0x1, 0x8040000) ioctl$FS_IOC_FIEMAP(r1, 0xc020660b, &(0x7f0000000380)={0x0, 0x3ff}) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x11, 0xffffffffffffffff, 0xa015000) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r2, &(0x7f0000001180)=ANY=[], 0x220) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r2, r0, 0x0, 0xfffffdef) 10:58:32 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) truncate(&(0x7f0000000040)='./file1\x00', 0x8000) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) pwrite64(r0, &(0x7f0000000200)="785538b608", 0x5, 0xffc) r2 = creat(&(0x7f0000000040)='./file0\x00', 0x0) fallocate(r2, 0x0, 0x1cba, 0xf06) ioctl$EXT4_IOC_MOVE_EXT(r0, 0xc028660f, &(0x7f0000000000)={0x0, r1, 0x0, 0x0, 0x2}) [ 125.074378] loop5: detected capacity change from 0 to 40 10:58:32 executing program 3: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x11, 0xffffffffffffffff, 0xa015000) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x2, 0x0) pwrite64(r1, &(0x7f00000000c0)='9', 0x1, 0x8040000) ioctl$FS_IOC_FIEMAP(r1, 0xc020660b, &(0x7f0000000380)={0x0, 0x3ff}) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x11, 0xffffffffffffffff, 0xa015000) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r2, &(0x7f0000001180)=ANY=[], 0x220) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r2, r0, 0x0, 0xfffffdef) [ 125.096516] loop7: detected capacity change from 0 to 40 [ 125.110281] loop0: detected capacity change from 0 to 40 10:58:32 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) truncate(&(0x7f0000000040)='./file1\x00', 0x8000) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) pwrite64(r0, &(0x7f0000000200)="785538b608", 0x5, 0xffc) r2 = creat(&(0x7f0000000040)='./file0\x00', 0x0) fallocate(r2, 0x0, 0x1cba, 0xf06) ioctl$EXT4_IOC_MOVE_EXT(r0, 0xc028660f, &(0x7f0000000000)={0x0, r1, 0x0, 0x0, 0x2}) [ 125.176089] loop3: detected capacity change from 0 to 40 [ 126.020160] EXT4-fs warning (device sda): verify_group_input:150: Cannot add at group 1025 (only 16 groups) 10:58:33 executing program 2: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = syz_io_uring_setup(0x37af, &(0x7f0000000180), &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000000000), &(0x7f0000000200)) syz_open_dev$sg(0x0, 0x0, 0x0) io_uring_register$IORING_REGISTER_FILES(r1, 0x2, &(0x7f0000000280)=[r0, r0], 0x2) 10:58:33 executing program 6: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = syz_io_uring_setup(0x37af, &(0x7f0000000180), &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000000000), &(0x7f0000000200)) syz_open_dev$sg(0x0, 0x0, 0x0) io_uring_register$IORING_REGISTER_FILES(r1, 0x2, &(0x7f0000000280)=[r0, r0], 0x2) 10:58:33 executing program 0: r0 = gettid() r1 = gettid() r2 = socket$netlink(0x10, 0x3, 0x0) kcmp$KCMP_EPOLL_TFD(r0, r1, 0x7, r2, &(0x7f0000000100)) 10:58:33 executing program 7: r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$EXT4_IOC_GROUP_ADD(r0, 0x40286608, &(0x7f0000000040)={0x401}) 10:58:33 executing program 3: r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$IPT_SO_SET_ADD_COUNTERS(r0, 0x0, 0x41, &(0x7f0000000000)={'filter\x00', 0x4, [{}, {}, {}, {}]}, 0x68) 10:58:33 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000004040), 0x0, 0x0) ioctl$TCSETSF2(r0, 0x402c542d, &(0x7f0000000040)={0x1, 0x0, 0x0, 0x0, 0x0, "d03e08c490e1d38a79f8f07c9bc13aa09a008e"}) 10:58:33 executing program 1: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000100), 0x44b43, 0x0) ioctl$SG_IO(r0, 0x5387, &(0x7f0000001380)={0x0, 0x0, 0x0, 0x0, @scatter={0x0, 0x0, 0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) 10:58:33 executing program 0: r0 = gettid() r1 = gettid() r2 = socket$netlink(0x10, 0x3, 0x0) kcmp$KCMP_EPOLL_TFD(r0, r1, 0x7, r2, &(0x7f0000000100)) 10:58:33 executing program 6: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = syz_io_uring_setup(0x37af, &(0x7f0000000180), &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000000000), &(0x7f0000000200)) syz_open_dev$sg(0x0, 0x0, 0x0) io_uring_register$IORING_REGISTER_FILES(r1, 0x2, &(0x7f0000000280)=[r0, r0], 0x2) 10:58:33 executing program 7: r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$EXT4_IOC_GROUP_ADD(r0, 0x40286608, &(0x7f0000000040)={0x401}) 10:58:33 executing program 3: r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$IPT_SO_SET_ADD_COUNTERS(r0, 0x0, 0x41, &(0x7f0000000000)={'filter\x00', 0x4, [{}, {}, {}, {}]}, 0x68) 10:58:33 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000004040), 0x0, 0x0) ioctl$TCSETSF2(r0, 0x402c542d, &(0x7f0000000040)={0x1, 0x0, 0x0, 0x0, 0x0, "d03e08c490e1d38a79f8f07c9bc13aa09a008e"}) 10:58:33 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000004040), 0x0, 0x0) ioctl$TCSETSF2(r0, 0x402c542d, &(0x7f0000000040)={0x1, 0x0, 0x0, 0x0, 0x0, "d03e08c490e1d38a79f8f07c9bc13aa09a008e"}) 10:58:33 executing program 5: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) rmdir(&(0x7f0000000140)='./file1\x00') [ 126.147751] EXT4-fs warning (device sda): verify_group_input:150: Cannot add at group 1025 (only 16 groups) 10:58:33 executing program 5: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) rmdir(&(0x7f0000000140)='./file1\x00') 10:58:33 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000004040), 0x0, 0x0) ioctl$TCSETSF2(r0, 0x402c542d, &(0x7f0000000040)={0x1, 0x0, 0x0, 0x0, 0x0, "d03e08c490e1d38a79f8f07c9bc13aa09a008e"}) 10:58:33 executing program 3: r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$IPT_SO_SET_ADD_COUNTERS(r0, 0x0, 0x41, &(0x7f0000000000)={'filter\x00', 0x4, [{}, {}, {}, {}]}, 0x68) 10:58:33 executing program 1: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000100), 0x44b43, 0x0) ioctl$SG_IO(r0, 0x5387, &(0x7f0000001380)={0x0, 0x0, 0x0, 0x0, @scatter={0x0, 0x0, 0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) 10:58:33 executing program 6: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = syz_io_uring_setup(0x37af, &(0x7f0000000180), &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000000000), &(0x7f0000000200)) syz_open_dev$sg(0x0, 0x0, 0x0) io_uring_register$IORING_REGISTER_FILES(r1, 0x2, &(0x7f0000000280)=[r0, r0], 0x2) 10:58:33 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000004040), 0x0, 0x0) ioctl$TCSETSF2(r0, 0x402c542d, &(0x7f0000000040)={0x1, 0x0, 0x0, 0x0, 0x0, "d03e08c490e1d38a79f8f07c9bc13aa09a008e"}) 10:58:33 executing program 0: r0 = gettid() r1 = gettid() r2 = socket$netlink(0x10, 0x3, 0x0) kcmp$KCMP_EPOLL_TFD(r0, r1, 0x7, r2, &(0x7f0000000100)) 10:58:33 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000004040), 0x0, 0x0) ioctl$TCSETSF2(r0, 0x402c542d, &(0x7f0000000040)={0x1, 0x0, 0x0, 0x0, 0x0, "d03e08c490e1d38a79f8f07c9bc13aa09a008e"}) 10:58:33 executing program 7: r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$EXT4_IOC_GROUP_ADD(r0, 0x40286608, &(0x7f0000000040)={0x401}) 10:58:33 executing program 1: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000100), 0x44b43, 0x0) ioctl$SG_IO(r0, 0x5387, &(0x7f0000001380)={0x0, 0x0, 0x0, 0x0, @scatter={0x0, 0x0, 0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) 10:58:33 executing program 5: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) rmdir(&(0x7f0000000140)='./file1\x00') 10:58:33 executing program 4: perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x84042, 0x0) unlink(&(0x7f0000000000)='./file1\x00') pwrite64(r0, &(0x7f00000006c0)='y', 0x1, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup/pids.max\x00', 0xa281, 0x0) write$cgroup_pid(r1, &(0x7f00000000c0)=0xffffffffffffffff, 0x10) r2 = timerfd_create(0x0, 0x0) timerfd_settime(r2, 0x1, &(0x7f0000000080)={{0x77359400}, {0x0, 0x989680}}, 0x0) close(r0) fallocate(r2, 0x1, 0x0, 0x2) 10:58:33 executing program 0: r0 = gettid() r1 = gettid() r2 = socket$netlink(0x10, 0x3, 0x0) kcmp$KCMP_EPOLL_TFD(r0, r1, 0x7, r2, &(0x7f0000000100)) 10:58:33 executing program 3: r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$IPT_SO_SET_ADD_COUNTERS(r0, 0x0, 0x41, &(0x7f0000000000)={'filter\x00', 0x4, [{}, {}, {}, {}]}, 0x68) 10:58:33 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000004040), 0x0, 0x0) ioctl$TCSETSF2(r0, 0x402c542d, &(0x7f0000000040)={0x1, 0x0, 0x0, 0x0, 0x0, "d03e08c490e1d38a79f8f07c9bc13aa09a008e"}) [ 126.366969] EXT4-fs warning (device sda): verify_group_input:150: Cannot add at group 1025 (only 16 groups) 10:58:33 executing program 5: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) rmdir(&(0x7f0000000140)='./file1\x00') 10:58:33 executing program 1: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000100), 0x44b43, 0x0) ioctl$SG_IO(r0, 0x5387, &(0x7f0000001380)={0x0, 0x0, 0x0, 0x0, @scatter={0x0, 0x0, 0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) 10:58:33 executing program 7: r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$EXT4_IOC_GROUP_ADD(r0, 0x40286608, &(0x7f0000000040)={0x401}) [ 126.569985] EXT4-fs warning (device sda): verify_group_input:150: Cannot add at group 1025 (only 16 groups) 10:58:33 executing program 6: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000440), 0xffffffffffffffff) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x7, 0x7}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)={0x1c, r1, 0x1, 0x0, 0x0, {{0x7e}, {@val={0x8}, @void}}}, 0x1c}}, 0x0) preadv(0xffffffffffffffff, &(0x7f0000000400)=[{&(0x7f0000000480)=""/156, 0x9c}, {0x0}, {&(0x7f0000000540)=""/253, 0xfd}], 0x3, 0x7706170c, 0x4) 10:58:33 executing program 0: poll(&(0x7f0000004a40)=[{}], 0x20000000000000eb, 0x0) 10:58:33 executing program 3: perf_event_open(&(0x7f0000000000)={0x1, 0x80, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='smaps\x00') 10:58:33 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x141042, 0x0) fcntl$setstatus(r0, 0x4, 0x46000) 10:58:33 executing program 2: r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000640), 0x0) ioctl$SNDRV_SEQ_IOCTL_GET_SUBSCRIPTION(r0, 0xc0505350, 0x0) 10:58:33 executing program 5: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r1 = dup(r0) bind$bt_hci(r1, &(0x7f0000000080)={0x1f, 0x8}, 0x6) 10:58:33 executing program 3: perf_event_open(&(0x7f0000000000)={0x1, 0x80, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='smaps\x00') 10:58:33 executing program 5: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r1 = dup(r0) bind$bt_hci(r1, &(0x7f0000000080)={0x1f, 0x8}, 0x6) 10:58:33 executing program 2: r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000640), 0x0) ioctl$SNDRV_SEQ_IOCTL_GET_SUBSCRIPTION(r0, 0xc0505350, 0x0) [ 127.119863] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 127.149672] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 127.162373] syz-executor.6 (4316) used greatest stack depth: 22680 bytes left 10:58:34 executing program 0: poll(&(0x7f0000004a40)=[{}], 0x20000000000000eb, 0x0) 10:58:34 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x141042, 0x0) fcntl$setstatus(r0, 0x4, 0x46000) 10:58:34 executing program 3: perf_event_open(&(0x7f0000000000)={0x1, 0x80, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='smaps\x00') 10:58:34 executing program 2: r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000640), 0x0) ioctl$SNDRV_SEQ_IOCTL_GET_SUBSCRIPTION(r0, 0xc0505350, 0x0) 10:58:34 executing program 7: r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000640), 0x0) ioctl$SNDRV_SEQ_IOCTL_GET_SUBSCRIPTION(r0, 0xc0505350, 0x0) 10:58:34 executing program 5: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r1 = dup(r0) bind$bt_hci(r1, &(0x7f0000000080)={0x1f, 0x8}, 0x6) 10:58:34 executing program 4: perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x84042, 0x0) unlink(&(0x7f0000000000)='./file1\x00') pwrite64(r0, &(0x7f00000006c0)='y', 0x1, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup/pids.max\x00', 0xa281, 0x0) write$cgroup_pid(r1, &(0x7f00000000c0)=0xffffffffffffffff, 0x10) r2 = timerfd_create(0x0, 0x0) timerfd_settime(r2, 0x1, &(0x7f0000000080)={{0x77359400}, {0x0, 0x989680}}, 0x0) close(r0) fallocate(r2, 0x1, 0x0, 0x2) 10:58:34 executing program 6: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000440), 0xffffffffffffffff) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x7, 0x7}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)={0x1c, r1, 0x1, 0x0, 0x0, {{0x7e}, {@val={0x8}, @void}}}, 0x1c}}, 0x0) preadv(0xffffffffffffffff, &(0x7f0000000400)=[{&(0x7f0000000480)=""/156, 0x9c}, {0x0}, {&(0x7f0000000540)=""/253, 0xfd}], 0x3, 0x7706170c, 0x4) [ 127.597286] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 10:58:34 executing program 0: poll(&(0x7f0000004a40)=[{}], 0x20000000000000eb, 0x0) 10:58:34 executing program 5: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r1 = dup(r0) bind$bt_hci(r1, &(0x7f0000000080)={0x1f, 0x8}, 0x6) 10:58:34 executing program 7: r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000640), 0x0) ioctl$SNDRV_SEQ_IOCTL_GET_SUBSCRIPTION(r0, 0xc0505350, 0x0) 10:58:34 executing program 4: perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x84042, 0x0) unlink(&(0x7f0000000000)='./file1\x00') pwrite64(r0, &(0x7f00000006c0)='y', 0x1, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup/pids.max\x00', 0xa281, 0x0) write$cgroup_pid(r1, &(0x7f00000000c0)=0xffffffffffffffff, 0x10) r2 = timerfd_create(0x0, 0x0) timerfd_settime(r2, 0x1, &(0x7f0000000080)={{0x77359400}, {0x0, 0x989680}}, 0x0) close(r0) fallocate(r2, 0x1, 0x0, 0x2) 10:58:34 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x141042, 0x0) fcntl$setstatus(r0, 0x4, 0x46000) 10:58:34 executing program 2: r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000640), 0x0) ioctl$SNDRV_SEQ_IOCTL_GET_SUBSCRIPTION(r0, 0xc0505350, 0x0) 10:58:34 executing program 6: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000440), 0xffffffffffffffff) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x7, 0x7}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)={0x1c, r1, 0x1, 0x0, 0x0, {{0x7e}, {@val={0x8}, @void}}}, 0x1c}}, 0x0) preadv(0xffffffffffffffff, &(0x7f0000000400)=[{&(0x7f0000000480)=""/156, 0x9c}, {0x0}, {&(0x7f0000000540)=""/253, 0xfd}], 0x3, 0x7706170c, 0x4) 10:58:34 executing program 3: perf_event_open(&(0x7f0000000000)={0x1, 0x80, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='smaps\x00') 10:58:34 executing program 7: r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000640), 0x0) ioctl$SNDRV_SEQ_IOCTL_GET_SUBSCRIPTION(r0, 0xc0505350, 0x0) 10:58:34 executing program 0: poll(&(0x7f0000004a40)=[{}], 0x20000000000000eb, 0x0) 10:58:35 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x141042, 0x0) fcntl$setstatus(r0, 0x4, 0x46000) 10:58:35 executing program 5: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000440), 0xffffffffffffffff) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x7, 0x7}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)={0x1c, r1, 0x1, 0x0, 0x0, {{0x7e}, {@val={0x8}, @void}}}, 0x1c}}, 0x0) preadv(0xffffffffffffffff, &(0x7f0000000400)=[{&(0x7f0000000480)=""/156, 0x9c}, {0x0}, {&(0x7f0000000540)=""/253, 0xfd}], 0x3, 0x7706170c, 0x4) 10:58:35 executing program 2: perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x84042, 0x0) unlink(&(0x7f0000000000)='./file1\x00') pwrite64(r0, &(0x7f00000006c0)='y', 0x1, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup/pids.max\x00', 0xa281, 0x0) write$cgroup_pid(r1, &(0x7f00000000c0)=0xffffffffffffffff, 0x10) r2 = timerfd_create(0x0, 0x0) timerfd_settime(r2, 0x1, &(0x7f0000000080)={{0x77359400}, {0x0, 0x989680}}, 0x0) close(r0) fallocate(r2, 0x1, 0x0, 0x2) 10:58:35 executing program 3: perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x84042, 0x0) unlink(&(0x7f0000000000)='./file1\x00') pwrite64(r0, &(0x7f00000006c0)='y', 0x1, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup/pids.max\x00', 0xa281, 0x0) write$cgroup_pid(r1, &(0x7f00000000c0)=0xffffffffffffffff, 0x10) r2 = timerfd_create(0x0, 0x0) timerfd_settime(r2, 0x1, &(0x7f0000000080)={{0x77359400}, {0x0, 0x989680}}, 0x0) close(r0) fallocate(r2, 0x1, 0x0, 0x2) [ 127.981384] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 10:58:35 executing program 2: perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x84042, 0x0) unlink(&(0x7f0000000000)='./file1\x00') pwrite64(r0, &(0x7f00000006c0)='y', 0x1, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup/pids.max\x00', 0xa281, 0x0) write$cgroup_pid(r1, &(0x7f00000000c0)=0xffffffffffffffff, 0x10) r2 = timerfd_create(0x0, 0x0) timerfd_settime(r2, 0x1, &(0x7f0000000080)={{0x77359400}, {0x0, 0x989680}}, 0x0) close(r0) fallocate(r2, 0x1, 0x0, 0x2) 10:58:35 executing program 4: perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x84042, 0x0) unlink(&(0x7f0000000000)='./file1\x00') pwrite64(r0, &(0x7f00000006c0)='y', 0x1, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup/pids.max\x00', 0xa281, 0x0) write$cgroup_pid(r1, &(0x7f00000000c0)=0xffffffffffffffff, 0x10) r2 = timerfd_create(0x0, 0x0) timerfd_settime(r2, 0x1, &(0x7f0000000080)={{0x77359400}, {0x0, 0x989680}}, 0x0) close(r0) fallocate(r2, 0x1, 0x0, 0x2) 10:58:35 executing program 1: perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x84042, 0x0) unlink(&(0x7f0000000000)='./file1\x00') pwrite64(r0, &(0x7f00000006c0)='y', 0x1, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup/pids.max\x00', 0xa281, 0x0) write$cgroup_pid(r1, &(0x7f00000000c0)=0xffffffffffffffff, 0x10) r2 = timerfd_create(0x0, 0x0) timerfd_settime(r2, 0x1, &(0x7f0000000080)={{0x77359400}, {0x0, 0x989680}}, 0x0) close(r0) fallocate(r2, 0x1, 0x0, 0x2) 10:58:35 executing program 0: perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x84042, 0x0) unlink(&(0x7f0000000000)='./file1\x00') pwrite64(r0, &(0x7f00000006c0)='y', 0x1, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup/pids.max\x00', 0xa281, 0x0) write$cgroup_pid(r1, &(0x7f00000000c0)=0xffffffffffffffff, 0x10) r2 = timerfd_create(0x0, 0x0) timerfd_settime(r2, 0x1, &(0x7f0000000080)={{0x77359400}, {0x0, 0x989680}}, 0x0) close(r0) fallocate(r2, 0x1, 0x0, 0x2) 10:58:35 executing program 6: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000440), 0xffffffffffffffff) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x7, 0x7}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)={0x1c, r1, 0x1, 0x0, 0x0, {{0x7e}, {@val={0x8}, @void}}}, 0x1c}}, 0x0) preadv(0xffffffffffffffff, &(0x7f0000000400)=[{&(0x7f0000000480)=""/156, 0x9c}, {0x0}, {&(0x7f0000000540)=""/253, 0xfd}], 0x3, 0x7706170c, 0x4) 10:58:35 executing program 5: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000440), 0xffffffffffffffff) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x7, 0x7}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)={0x1c, r1, 0x1, 0x0, 0x0, {{0x7e}, {@val={0x8}, @void}}}, 0x1c}}, 0x0) preadv(0xffffffffffffffff, &(0x7f0000000400)=[{&(0x7f0000000480)=""/156, 0x9c}, {0x0}, {&(0x7f0000000540)=""/253, 0xfd}], 0x3, 0x7706170c, 0x4) 10:58:35 executing program 3: perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x84042, 0x0) unlink(&(0x7f0000000000)='./file1\x00') pwrite64(r0, &(0x7f00000006c0)='y', 0x1, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup/pids.max\x00', 0xa281, 0x0) write$cgroup_pid(r1, &(0x7f00000000c0)=0xffffffffffffffff, 0x10) r2 = timerfd_create(0x0, 0x0) timerfd_settime(r2, 0x1, &(0x7f0000000080)={{0x77359400}, {0x0, 0x989680}}, 0x0) close(r0) fallocate(r2, 0x1, 0x0, 0x2) 10:58:35 executing program 7: perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x84042, 0x0) unlink(&(0x7f0000000000)='./file1\x00') pwrite64(r0, &(0x7f00000006c0)='y', 0x1, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup/pids.max\x00', 0xa281, 0x0) write$cgroup_pid(r1, &(0x7f00000000c0)=0xffffffffffffffff, 0x10) r2 = timerfd_create(0x0, 0x0) timerfd_settime(r2, 0x1, &(0x7f0000000080)={{0x77359400}, {0x0, 0x989680}}, 0x0) close(r0) fallocate(r2, 0x1, 0x0, 0x2) [ 128.307953] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 10:58:35 executing program 1: perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x84042, 0x0) unlink(&(0x7f0000000000)='./file1\x00') pwrite64(r0, &(0x7f00000006c0)='y', 0x1, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup/pids.max\x00', 0xa281, 0x0) write$cgroup_pid(r1, &(0x7f00000000c0)=0xffffffffffffffff, 0x10) r2 = timerfd_create(0x0, 0x0) timerfd_settime(r2, 0x1, &(0x7f0000000080)={{0x77359400}, {0x0, 0x989680}}, 0x0) close(r0) fallocate(r2, 0x1, 0x0, 0x2) 10:58:35 executing program 0: perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x84042, 0x0) unlink(&(0x7f0000000000)='./file1\x00') pwrite64(r0, &(0x7f00000006c0)='y', 0x1, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup/pids.max\x00', 0xa281, 0x0) write$cgroup_pid(r1, &(0x7f00000000c0)=0xffffffffffffffff, 0x10) r2 = timerfd_create(0x0, 0x0) timerfd_settime(r2, 0x1, &(0x7f0000000080)={{0x77359400}, {0x0, 0x989680}}, 0x0) close(r0) fallocate(r2, 0x1, 0x0, 0x2) 10:58:35 executing program 2: perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x84042, 0x0) unlink(&(0x7f0000000000)='./file1\x00') pwrite64(r0, &(0x7f00000006c0)='y', 0x1, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup/pids.max\x00', 0xa281, 0x0) write$cgroup_pid(r1, &(0x7f00000000c0)=0xffffffffffffffff, 0x10) r2 = timerfd_create(0x0, 0x0) timerfd_settime(r2, 0x1, &(0x7f0000000080)={{0x77359400}, {0x0, 0x989680}}, 0x0) close(r0) fallocate(r2, 0x1, 0x0, 0x2) 10:58:35 executing program 7: perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x84042, 0x0) unlink(&(0x7f0000000000)='./file1\x00') pwrite64(r0, &(0x7f00000006c0)='y', 0x1, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup/pids.max\x00', 0xa281, 0x0) write$cgroup_pid(r1, &(0x7f00000000c0)=0xffffffffffffffff, 0x10) r2 = timerfd_create(0x0, 0x0) timerfd_settime(r2, 0x1, &(0x7f0000000080)={{0x77359400}, {0x0, 0x989680}}, 0x0) close(r0) fallocate(r2, 0x1, 0x0, 0x2) 10:58:35 executing program 1: perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x84042, 0x0) unlink(&(0x7f0000000000)='./file1\x00') pwrite64(r0, &(0x7f00000006c0)='y', 0x1, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup/pids.max\x00', 0xa281, 0x0) write$cgroup_pid(r1, &(0x7f00000000c0)=0xffffffffffffffff, 0x10) r2 = timerfd_create(0x0, 0x0) timerfd_settime(r2, 0x1, &(0x7f0000000080)={{0x77359400}, {0x0, 0x989680}}, 0x0) close(r0) fallocate(r2, 0x1, 0x0, 0x2) [ 128.488230] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 10:58:35 executing program 0: perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x84042, 0x0) unlink(&(0x7f0000000000)='./file1\x00') pwrite64(r0, &(0x7f00000006c0)='y', 0x1, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup/pids.max\x00', 0xa281, 0x0) write$cgroup_pid(r1, &(0x7f00000000c0)=0xffffffffffffffff, 0x10) r2 = timerfd_create(0x0, 0x0) timerfd_settime(r2, 0x1, &(0x7f0000000080)={{0x77359400}, {0x0, 0x989680}}, 0x0) close(r0) fallocate(r2, 0x1, 0x0, 0x2) 10:58:35 executing program 3: perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x84042, 0x0) unlink(&(0x7f0000000000)='./file1\x00') pwrite64(r0, &(0x7f00000006c0)='y', 0x1, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup/pids.max\x00', 0xa281, 0x0) write$cgroup_pid(r1, &(0x7f00000000c0)=0xffffffffffffffff, 0x10) r2 = timerfd_create(0x0, 0x0) timerfd_settime(r2, 0x1, &(0x7f0000000080)={{0x77359400}, {0x0, 0x989680}}, 0x0) close(r0) fallocate(r2, 0x1, 0x0, 0x2) 10:58:35 executing program 6: perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x84042, 0x0) unlink(&(0x7f0000000000)='./file1\x00') pwrite64(r0, &(0x7f00000006c0)='y', 0x1, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup/pids.max\x00', 0xa281, 0x0) write$cgroup_pid(r1, &(0x7f00000000c0)=0xffffffffffffffff, 0x10) r2 = timerfd_create(0x0, 0x0) timerfd_settime(r2, 0x1, &(0x7f0000000080)={{0x77359400}, {0x0, 0x989680}}, 0x0) close(r0) fallocate(r2, 0x1, 0x0, 0x2) 10:58:35 executing program 4: perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x84042, 0x0) unlink(&(0x7f0000000000)='./file1\x00') pwrite64(r0, &(0x7f00000006c0)='y', 0x1, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup/pids.max\x00', 0xa281, 0x0) write$cgroup_pid(r1, &(0x7f00000000c0)=0xffffffffffffffff, 0x10) r2 = timerfd_create(0x0, 0x0) timerfd_settime(r2, 0x1, &(0x7f0000000080)={{0x77359400}, {0x0, 0x989680}}, 0x0) close(r0) fallocate(r2, 0x1, 0x0, 0x2) 10:58:35 executing program 7: perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x84042, 0x0) unlink(&(0x7f0000000000)='./file1\x00') pwrite64(r0, &(0x7f00000006c0)='y', 0x1, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup/pids.max\x00', 0xa281, 0x0) write$cgroup_pid(r1, &(0x7f00000000c0)=0xffffffffffffffff, 0x10) r2 = timerfd_create(0x0, 0x0) timerfd_settime(r2, 0x1, &(0x7f0000000080)={{0x77359400}, {0x0, 0x989680}}, 0x0) close(r0) fallocate(r2, 0x1, 0x0, 0x2) 10:58:35 executing program 3: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) r0 = inotify_init() inotify_add_watch(r0, &(0x7f0000000040)='./file0\x00', 0x4000920) creat(&(0x7f00000001c0)='./file0/file0\x00', 0x0) inotify_add_watch(r0, &(0x7f0000000080)='./file0/file0\x00', 0x42000080) creat(&(0x7f0000000000)='./file0/file0\x00', 0x0) 10:58:35 executing program 0: perf_event_open(&(0x7f0000000000)={0x1, 0x80, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='smaps\x00') 10:58:35 executing program 1: r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_mreq(r0, 0x29, 0x1d, 0x0, 0x0) 10:58:35 executing program 7: syz_emit_ethernet(0x6a, &(0x7f00000001c0)={@local, @multicast, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "2ddc20", 0x34, 0x3a, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @local, {[], @pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "f2e2a6", 0x0, 0x2b, 0x0, @private2, @remote, [], "52168a0f"}}}}}}}, 0x0) 10:58:35 executing program 5: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000440), 0xffffffffffffffff) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x7, 0x7}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)={0x1c, r1, 0x1, 0x0, 0x0, {{0x7e}, {@val={0x8}, @void}}}, 0x1c}}, 0x0) preadv(0xffffffffffffffff, &(0x7f0000000400)=[{&(0x7f0000000480)=""/156, 0x9c}, {0x0}, {&(0x7f0000000540)=""/253, 0xfd}], 0x3, 0x7706170c, 0x4) 10:58:35 executing program 6: perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x84042, 0x0) unlink(&(0x7f0000000000)='./file1\x00') pwrite64(r0, &(0x7f00000006c0)='y', 0x1, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup/pids.max\x00', 0xa281, 0x0) write$cgroup_pid(r1, &(0x7f00000000c0)=0xffffffffffffffff, 0x10) r2 = timerfd_create(0x0, 0x0) timerfd_settime(r2, 0x1, &(0x7f0000000080)={{0x77359400}, {0x0, 0x989680}}, 0x0) close(r0) fallocate(r2, 0x1, 0x0, 0x2) 10:58:35 executing program 4: perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x84042, 0x0) unlink(&(0x7f0000000000)='./file1\x00') pwrite64(r0, &(0x7f00000006c0)='y', 0x1, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup/pids.max\x00', 0xa281, 0x0) write$cgroup_pid(r1, &(0x7f00000000c0)=0xffffffffffffffff, 0x10) r2 = timerfd_create(0x0, 0x0) timerfd_settime(r2, 0x1, &(0x7f0000000080)={{0x77359400}, {0x0, 0x989680}}, 0x0) close(r0) fallocate(r2, 0x1, 0x0, 0x2) 10:58:35 executing program 2: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x9d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mbind(&(0x7f0000ff8000/0x4000)=nil, 0x4000, 0x0, 0x0, 0x0, 0x0) 10:58:36 executing program 1: r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_mreq(r0, 0x29, 0x1d, 0x0, 0x0) 10:58:36 executing program 3: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) r0 = inotify_init() inotify_add_watch(r0, &(0x7f0000000040)='./file0\x00', 0x4000920) creat(&(0x7f00000001c0)='./file0/file0\x00', 0x0) inotify_add_watch(r0, &(0x7f0000000080)='./file0/file0\x00', 0x42000080) creat(&(0x7f0000000000)='./file0/file0\x00', 0x0) 10:58:36 executing program 0: perf_event_open(&(0x7f0000000000)={0x1, 0x80, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='smaps\x00') 10:58:36 executing program 7: syz_emit_ethernet(0x6a, &(0x7f00000001c0)={@local, @multicast, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "2ddc20", 0x34, 0x3a, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @local, {[], @pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "f2e2a6", 0x0, 0x2b, 0x0, @private2, @remote, [], "52168a0f"}}}}}}}, 0x0) 10:58:36 executing program 2: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x9d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mbind(&(0x7f0000ff8000/0x4000)=nil, 0x4000, 0x0, 0x0, 0x0, 0x0) [ 128.980965] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 10:58:36 executing program 4: perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x84042, 0x0) unlink(&(0x7f0000000000)='./file1\x00') pwrite64(r0, &(0x7f00000006c0)='y', 0x1, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup/pids.max\x00', 0xa281, 0x0) write$cgroup_pid(r1, &(0x7f00000000c0)=0xffffffffffffffff, 0x10) r2 = timerfd_create(0x0, 0x0) timerfd_settime(r2, 0x1, &(0x7f0000000080)={{0x77359400}, {0x0, 0x989680}}, 0x0) close(r0) fallocate(r2, 0x1, 0x0, 0x2) 10:58:36 executing program 0: perf_event_open(&(0x7f0000000000)={0x1, 0x80, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='smaps\x00') 10:58:36 executing program 7: syz_emit_ethernet(0x6a, &(0x7f00000001c0)={@local, @multicast, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "2ddc20", 0x34, 0x3a, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @local, {[], @pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "f2e2a6", 0x0, 0x2b, 0x0, @private2, @remote, [], "52168a0f"}}}}}}}, 0x0) 10:58:36 executing program 1: r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_mreq(r0, 0x29, 0x1d, 0x0, 0x0) 10:58:36 executing program 3: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) r0 = inotify_init() inotify_add_watch(r0, &(0x7f0000000040)='./file0\x00', 0x4000920) creat(&(0x7f00000001c0)='./file0/file0\x00', 0x0) inotify_add_watch(r0, &(0x7f0000000080)='./file0/file0\x00', 0x42000080) creat(&(0x7f0000000000)='./file0/file0\x00', 0x0) 10:58:36 executing program 6: perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x84042, 0x0) unlink(&(0x7f0000000000)='./file1\x00') pwrite64(r0, &(0x7f00000006c0)='y', 0x1, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup/pids.max\x00', 0xa281, 0x0) write$cgroup_pid(r1, &(0x7f00000000c0)=0xffffffffffffffff, 0x10) r2 = timerfd_create(0x0, 0x0) timerfd_settime(r2, 0x1, &(0x7f0000000080)={{0x77359400}, {0x0, 0x989680}}, 0x0) close(r0) fallocate(r2, 0x1, 0x0, 0x2) 10:58:36 executing program 5: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x9d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mbind(&(0x7f0000ff8000/0x4000)=nil, 0x4000, 0x0, 0x0, 0x0, 0x0) 10:58:36 executing program 2: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x9d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mbind(&(0x7f0000ff8000/0x4000)=nil, 0x4000, 0x0, 0x0, 0x0, 0x0) 10:58:36 executing program 7: syz_emit_ethernet(0x6a, &(0x7f00000001c0)={@local, @multicast, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "2ddc20", 0x34, 0x3a, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @local, {[], @pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "f2e2a6", 0x0, 0x2b, 0x0, @private2, @remote, [], "52168a0f"}}}}}}}, 0x0) 10:58:36 executing program 0: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) r0 = inotify_init() inotify_add_watch(r0, &(0x7f0000000040)='./file0\x00', 0x4000920) creat(&(0x7f00000001c0)='./file0/file0\x00', 0x0) inotify_add_watch(r0, &(0x7f0000000080)='./file0/file0\x00', 0x42000080) creat(&(0x7f0000000000)='./file0/file0\x00', 0x0) 10:58:36 executing program 1: r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_mreq(r0, 0x29, 0x1d, 0x0, 0x0) 10:58:36 executing program 5: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x9d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mbind(&(0x7f0000ff8000/0x4000)=nil, 0x4000, 0x0, 0x0, 0x0, 0x0) 10:58:36 executing program 2: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x9d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mbind(&(0x7f0000ff8000/0x4000)=nil, 0x4000, 0x0, 0x0, 0x0, 0x0) 10:58:36 executing program 0: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) r0 = inotify_init() inotify_add_watch(r0, &(0x7f0000000040)='./file0\x00', 0x4000920) creat(&(0x7f00000001c0)='./file0/file0\x00', 0x0) inotify_add_watch(r0, &(0x7f0000000080)='./file0/file0\x00', 0x42000080) creat(&(0x7f0000000000)='./file0/file0\x00', 0x0) 10:58:36 executing program 3: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) r0 = inotify_init() inotify_add_watch(r0, &(0x7f0000000040)='./file0\x00', 0x4000920) creat(&(0x7f00000001c0)='./file0/file0\x00', 0x0) inotify_add_watch(r0, &(0x7f0000000080)='./file0/file0\x00', 0x42000080) creat(&(0x7f0000000000)='./file0/file0\x00', 0x0) 10:58:36 executing program 4: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) r0 = inotify_init() inotify_add_watch(r0, &(0x7f0000000040)='./file0\x00', 0x4000920) creat(&(0x7f00000001c0)='./file0/file0\x00', 0x0) inotify_add_watch(r0, &(0x7f0000000080)='./file0/file0\x00', 0x42000080) creat(&(0x7f0000000000)='./file0/file0\x00', 0x0) 10:58:36 executing program 4: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) r0 = inotify_init() inotify_add_watch(r0, &(0x7f0000000040)='./file0\x00', 0x4000920) creat(&(0x7f00000001c0)='./file0/file0\x00', 0x0) inotify_add_watch(r0, &(0x7f0000000080)='./file0/file0\x00', 0x42000080) creat(&(0x7f0000000000)='./file0/file0\x00', 0x0) 10:58:36 executing program 5: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x9d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mbind(&(0x7f0000ff8000/0x4000)=nil, 0x4000, 0x0, 0x0, 0x0, 0x0) 10:58:36 executing program 0: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) r0 = inotify_init() inotify_add_watch(r0, &(0x7f0000000040)='./file0\x00', 0x4000920) creat(&(0x7f00000001c0)='./file0/file0\x00', 0x0) inotify_add_watch(r0, &(0x7f0000000080)='./file0/file0\x00', 0x42000080) creat(&(0x7f0000000000)='./file0/file0\x00', 0x0) 10:58:36 executing program 4: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) r0 = inotify_init() inotify_add_watch(r0, &(0x7f0000000040)='./file0\x00', 0x4000920) creat(&(0x7f00000001c0)='./file0/file0\x00', 0x0) inotify_add_watch(r0, &(0x7f0000000080)='./file0/file0\x00', 0x42000080) creat(&(0x7f0000000000)='./file0/file0\x00', 0x0) 10:58:36 executing program 7: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) r0 = inotify_init() inotify_add_watch(r0, &(0x7f0000000040)='./file0\x00', 0x4000920) creat(&(0x7f00000001c0)='./file0/file0\x00', 0x0) inotify_add_watch(r0, &(0x7f0000000080)='./file0/file0\x00', 0x42000080) creat(&(0x7f0000000000)='./file0/file0\x00', 0x0) 10:58:36 executing program 6: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$netlink(r0, &(0x7f0000001480)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000000)={0x18, 0x6d, 0x1, 0x0, 0x0, "", [@typed={0x8, 0x0, 0x0, 0x0, @fd}]}, 0x18}], 0x1}, 0x0) 10:58:36 executing program 2: capset(&(0x7f0000000040)={0x20071026}, &(0x7f0000000080)) r0 = syz_open_dev$tty20(0xc, 0x4, 0x0) ioctl$GIO_SCRNMAP(r0, 0x4b52, 0x0) [ 129.409639] capability: warning: `syz-executor.2' uses deprecated v2 capabilities in a way that may be insecure 10:58:36 executing program 6: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$netlink(r0, &(0x7f0000001480)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000000)={0x18, 0x6d, 0x1, 0x0, 0x0, "", [@typed={0x8, 0x0, 0x0, 0x0, @fd}]}, 0x18}], 0x1}, 0x0) 10:58:36 executing program 7: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) r0 = inotify_init() inotify_add_watch(r0, &(0x7f0000000040)='./file0\x00', 0x4000920) creat(&(0x7f00000001c0)='./file0/file0\x00', 0x0) inotify_add_watch(r0, &(0x7f0000000080)='./file0/file0\x00', 0x42000080) creat(&(0x7f0000000000)='./file0/file0\x00', 0x0) 10:58:36 executing program 2: capset(&(0x7f0000000040)={0x20071026}, &(0x7f0000000080)) r0 = syz_open_dev$tty20(0xc, 0x4, 0x0) ioctl$GIO_SCRNMAP(r0, 0x4b52, 0x0) 10:58:36 executing program 1: capset(&(0x7f0000000040)={0x20071026}, &(0x7f0000000080)) r0 = syz_open_dev$tty20(0xc, 0x4, 0x0) ioctl$GIO_SCRNMAP(r0, 0x4b52, 0x0) 10:58:36 executing program 3: capset(&(0x7f0000000040)={0x20071026}, &(0x7f0000000080)) r0 = syz_open_dev$tty20(0xc, 0x4, 0x0) ioctl$GIO_SCRNMAP(r0, 0x4b52, 0x0) 10:58:36 executing program 6: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$netlink(r0, &(0x7f0000001480)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000000)={0x18, 0x6d, 0x1, 0x0, 0x0, "", [@typed={0x8, 0x0, 0x0, 0x0, @fd}]}, 0x18}], 0x1}, 0x0) 10:58:36 executing program 5: mount_setattr(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x57) 10:58:36 executing program 3: capset(&(0x7f0000000040)={0x20071026}, &(0x7f0000000080)) r0 = syz_open_dev$tty20(0xc, 0x4, 0x0) ioctl$GIO_SCRNMAP(r0, 0x4b52, 0x0) 10:58:36 executing program 7: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) r0 = inotify_init() inotify_add_watch(r0, &(0x7f0000000040)='./file0\x00', 0x4000920) creat(&(0x7f00000001c0)='./file0/file0\x00', 0x0) inotify_add_watch(r0, &(0x7f0000000080)='./file0/file0\x00', 0x42000080) creat(&(0x7f0000000000)='./file0/file0\x00', 0x0) 10:58:36 executing program 1: capset(&(0x7f0000000040)={0x20071026}, &(0x7f0000000080)) r0 = syz_open_dev$tty20(0xc, 0x4, 0x0) ioctl$GIO_SCRNMAP(r0, 0x4b52, 0x0) 10:58:36 executing program 6: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$netlink(r0, &(0x7f0000001480)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000000)={0x18, 0x6d, 0x1, 0x0, 0x0, "", [@typed={0x8, 0x0, 0x0, 0x0, @fd}]}, 0x18}], 0x1}, 0x0) 10:58:36 executing program 5: mount_setattr(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x57) 10:58:36 executing program 2: capset(&(0x7f0000000040)={0x20071026}, &(0x7f0000000080)) r0 = syz_open_dev$tty20(0xc, 0x4, 0x0) ioctl$GIO_SCRNMAP(r0, 0x4b52, 0x0) 10:58:36 executing program 0: syz_open_procfs$userns(0x0, &(0x7f0000000000)) clone3(&(0x7f0000000200)={0x100000100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, &(0x7f0000000000), 0x1}, 0x53) 10:58:36 executing program 4: syz_genetlink_get_family_id$ethtool(&(0x7f0000000340), 0xffffffffffffffff) socket$inet_tcp(0x2, 0x1, 0x0) syz_genetlink_get_family_id$tipc2(&(0x7f0000001100), 0xffffffffffffffff) syz_genetlink_get_family_id$ethtool(&(0x7f0000001180), 0xffffffffffffffff) 10:58:36 executing program 0: syz_open_procfs$userns(0x0, &(0x7f0000000000)) clone3(&(0x7f0000000200)={0x100000100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, &(0x7f0000000000), 0x1}, 0x53) 10:58:36 executing program 1: capset(&(0x7f0000000040)={0x20071026}, &(0x7f0000000080)) r0 = syz_open_dev$tty20(0xc, 0x4, 0x0) ioctl$GIO_SCRNMAP(r0, 0x4b52, 0x0) 10:58:36 executing program 3: capset(&(0x7f0000000040)={0x20071026}, &(0x7f0000000080)) r0 = syz_open_dev$tty20(0xc, 0x4, 0x0) ioctl$GIO_SCRNMAP(r0, 0x4b52, 0x0) 10:58:36 executing program 5: mount_setattr(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x57) 10:58:36 executing program 2: capset(&(0x7f0000000040)={0x20071026}, &(0x7f0000000080)) r0 = syz_open_dev$tty20(0xc, 0x4, 0x0) ioctl$GIO_SCRNMAP(r0, 0x4b52, 0x0) 10:58:36 executing program 6: syz_open_procfs$userns(0x0, &(0x7f0000000000)) clone3(&(0x7f0000000200)={0x100000100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, &(0x7f0000000000), 0x1}, 0x53) 10:58:36 executing program 7: r0 = fsopen(&(0x7f0000000180)='ramfs\x00', 0x0) r1 = dup(r0) dup(r1) r2 = syz_io_uring_setup(0x137, &(0x7f00000003c0), &(0x7f0000ff7000/0x9000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000000440)=0x0, &(0x7f0000000380)=0x0) syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_ASYNC_CANCEL={0xe, 0x5}, 0xfffffff7) syz_io_uring_submit(r3, r4, &(0x7f0000000180)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x6, 0x0, 0x0}, 0x0) syz_io_uring_setup(0x3514, &(0x7f0000000040), &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f00000000c0), &(0x7f0000000100)=0x0) syz_io_uring_submit(r3, r5, &(0x7f0000000480)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd_index}, 0x0) io_uring_enter(r2, 0x100001, 0x0, 0x0, 0x0, 0x0) 10:58:36 executing program 0: syz_open_procfs$userns(0x0, &(0x7f0000000000)) clone3(&(0x7f0000000200)={0x100000100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, &(0x7f0000000000), 0x1}, 0x53) 10:58:36 executing program 5: mount_setattr(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x57) 10:58:36 executing program 6: syz_open_procfs$userns(0x0, &(0x7f0000000000)) clone3(&(0x7f0000000200)={0x100000100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, &(0x7f0000000000), 0x1}, 0x53) 10:58:36 executing program 5: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x1000000000, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="eb3c906d6b66732e66617400020801000270008000f801", 0x17}], 0x0, &(0x7f00000006c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') openat$zero(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) openat(0xffffffffffffffff, &(0x7f00000003c0)='./file1\x00', 0x80000, 0x40) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x2088, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xb) socket$inet6(0xa, 0x1, 0x0) mount$9p_rdma(&(0x7f0000000140), &(0x7f0000000180)='./file1/file0\x00', 0x0, 0x4202402, &(0x7f0000000400)=ANY=[@ANYBLOB="616e733d72646d612c706f72743d3078303030303046303030303030346532332c6170700a197288f99d60eec4b572616973652c6f626a5f757365723d5e2c646f6e745f617070726169", @ANYRESDEC=0xee01, @ANYBLOB="2c1ac587813e95c81fa7cd62cee12f3900ba62ca87fb1ecea357fb0d4d84b3fe581ff63e6c805409792d15cdce83ac2541206d5f3e"]) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x4042, 0x0) write$binfmt_aout(r0, &(0x7f00000003c0)=ANY=[], 0x820) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x7fffffff) 10:58:36 executing program 7: r0 = fsopen(&(0x7f0000000180)='ramfs\x00', 0x0) r1 = dup(r0) dup(r1) r2 = syz_io_uring_setup(0x137, &(0x7f00000003c0), &(0x7f0000ff7000/0x9000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000000440)=0x0, &(0x7f0000000380)=0x0) syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_ASYNC_CANCEL={0xe, 0x5}, 0xfffffff7) syz_io_uring_submit(r3, r4, &(0x7f0000000180)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x6, 0x0, 0x0}, 0x0) syz_io_uring_setup(0x3514, &(0x7f0000000040), &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f00000000c0), &(0x7f0000000100)=0x0) syz_io_uring_submit(r3, r5, &(0x7f0000000480)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd_index}, 0x0) io_uring_enter(r2, 0x100001, 0x0, 0x0, 0x0, 0x0) 10:58:36 executing program 3: r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0) setsockopt$bt_l2cap_L2CAP_LM(r0, 0x6, 0x3, &(0x7f0000000000)=0x30, 0x4) getsockopt$bt_l2cap_L2CAP_LM(r0, 0x6, 0x3, &(0x7f0000000040), &(0x7f0000000080)=0x4) [ 129.852211] loop5: detected capacity change from 0 to 264192 10:58:36 executing program 1: r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) connect$inet6(r0, &(0x7f00000015c0)={0xa, 0x0, 0x0, @loopback}, 0x1c) sendmmsg$inet6(r0, &(0x7f0000002580)=[{{&(0x7f0000000040)={0xa, 0x0, 0x0, @mcast1}, 0x1c, &(0x7f0000000140)=[{&(0x7f0000000000)="d7061e52", 0x4}], 0x1}}], 0x1, 0x0) 10:58:36 executing program 0: syz_open_procfs$userns(0x0, &(0x7f0000000000)) clone3(&(0x7f0000000200)={0x100000100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, &(0x7f0000000000), 0x1}, 0x53) 10:58:36 executing program 4: syz_genetlink_get_family_id$ethtool(&(0x7f0000000340), 0xffffffffffffffff) socket$inet_tcp(0x2, 0x1, 0x0) syz_genetlink_get_family_id$tipc2(&(0x7f0000001100), 0xffffffffffffffff) syz_genetlink_get_family_id$ethtool(&(0x7f0000001180), 0xffffffffffffffff) 10:58:36 executing program 2: r0 = fsopen(&(0x7f0000000180)='ramfs\x00', 0x0) r1 = dup(r0) dup(r1) r2 = syz_io_uring_setup(0x137, &(0x7f00000003c0), &(0x7f0000ff7000/0x9000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000000440)=0x0, &(0x7f0000000380)=0x0) syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_ASYNC_CANCEL={0xe, 0x5}, 0xfffffff7) syz_io_uring_submit(r3, r4, &(0x7f0000000180)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x6, 0x0, 0x0}, 0x0) syz_io_uring_setup(0x3514, &(0x7f0000000040), &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f00000000c0), &(0x7f0000000100)=0x0) syz_io_uring_submit(r3, r5, &(0x7f0000000480)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd_index}, 0x0) io_uring_enter(r2, 0x100001, 0x0, 0x0, 0x0, 0x0) 10:58:36 executing program 0: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) clone3(&(0x7f0000000640)={0x123363500, &(0x7f00000000c0), 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1, @ANYBLOB=',access=any,cache=none,debug=0']) 10:58:37 executing program 6: syz_open_procfs$userns(0x0, &(0x7f0000000000)) clone3(&(0x7f0000000200)={0x100000100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, &(0x7f0000000000), 0x1}, 0x53) 10:58:37 executing program 7: r0 = fsopen(&(0x7f0000000180)='ramfs\x00', 0x0) r1 = dup(r0) dup(r1) r2 = syz_io_uring_setup(0x137, &(0x7f00000003c0), &(0x7f0000ff7000/0x9000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000000440)=0x0, &(0x7f0000000380)=0x0) syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_ASYNC_CANCEL={0xe, 0x5}, 0xfffffff7) syz_io_uring_submit(r3, r4, &(0x7f0000000180)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x6, 0x0, 0x0}, 0x0) syz_io_uring_setup(0x3514, &(0x7f0000000040), &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f00000000c0), &(0x7f0000000100)=0x0) syz_io_uring_submit(r3, r5, &(0x7f0000000480)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd_index}, 0x0) io_uring_enter(r2, 0x100001, 0x0, 0x0, 0x0, 0x0) 10:58:37 executing program 1: r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) connect$inet6(r0, &(0x7f00000015c0)={0xa, 0x0, 0x0, @loopback}, 0x1c) sendmmsg$inet6(r0, &(0x7f0000002580)=[{{&(0x7f0000000040)={0xa, 0x0, 0x0, @mcast1}, 0x1c, &(0x7f0000000140)=[{&(0x7f0000000000)="d7061e52", 0x4}], 0x1}}], 0x1, 0x0) 10:58:37 executing program 3: r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0) setsockopt$bt_l2cap_L2CAP_LM(r0, 0x6, 0x3, &(0x7f0000000000)=0x30, 0x4) getsockopt$bt_l2cap_L2CAP_LM(r0, 0x6, 0x3, &(0x7f0000000040), &(0x7f0000000080)=0x4) 10:58:37 executing program 2: r0 = fsopen(&(0x7f0000000180)='ramfs\x00', 0x0) r1 = dup(r0) dup(r1) r2 = syz_io_uring_setup(0x137, &(0x7f00000003c0), &(0x7f0000ff7000/0x9000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000000440)=0x0, &(0x7f0000000380)=0x0) syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_ASYNC_CANCEL={0xe, 0x5}, 0xfffffff7) syz_io_uring_submit(r3, r4, &(0x7f0000000180)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x6, 0x0, 0x0}, 0x0) syz_io_uring_setup(0x3514, &(0x7f0000000040), &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f00000000c0), &(0x7f0000000100)=0x0) syz_io_uring_submit(r3, r5, &(0x7f0000000480)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd_index}, 0x0) io_uring_enter(r2, 0x100001, 0x0, 0x0, 0x0, 0x0) 10:58:37 executing program 1: r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) connect$inet6(r0, &(0x7f00000015c0)={0xa, 0x0, 0x0, @loopback}, 0x1c) sendmmsg$inet6(r0, &(0x7f0000002580)=[{{&(0x7f0000000040)={0xa, 0x0, 0x0, @mcast1}, 0x1c, &(0x7f0000000140)=[{&(0x7f0000000000)="d7061e52", 0x4}], 0x1}}], 0x1, 0x0) 10:58:37 executing program 3: r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0) setsockopt$bt_l2cap_L2CAP_LM(r0, 0x6, 0x3, &(0x7f0000000000)=0x30, 0x4) getsockopt$bt_l2cap_L2CAP_LM(r0, 0x6, 0x3, &(0x7f0000000040), &(0x7f0000000080)=0x4) 10:58:37 executing program 0: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) clone3(&(0x7f0000000640)={0x123363500, &(0x7f00000000c0), 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1, @ANYBLOB=',access=any,cache=none,debug=0']) 10:58:37 executing program 4: syz_genetlink_get_family_id$ethtool(&(0x7f0000000340), 0xffffffffffffffff) socket$inet_tcp(0x2, 0x1, 0x0) syz_genetlink_get_family_id$tipc2(&(0x7f0000001100), 0xffffffffffffffff) syz_genetlink_get_family_id$ethtool(&(0x7f0000001180), 0xffffffffffffffff) 10:58:37 executing program 6: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) clone3(&(0x7f0000000640)={0x123363500, &(0x7f00000000c0), 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1, @ANYBLOB=',access=any,cache=none,debug=0']) 10:58:37 executing program 7: r0 = fsopen(&(0x7f0000000180)='ramfs\x00', 0x0) r1 = dup(r0) dup(r1) r2 = syz_io_uring_setup(0x137, &(0x7f00000003c0), &(0x7f0000ff7000/0x9000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000000440)=0x0, &(0x7f0000000380)=0x0) syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_ASYNC_CANCEL={0xe, 0x5}, 0xfffffff7) syz_io_uring_submit(r3, r4, &(0x7f0000000180)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x6, 0x0, 0x0}, 0x0) syz_io_uring_setup(0x3514, &(0x7f0000000040), &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f00000000c0), &(0x7f0000000100)=0x0) syz_io_uring_submit(r3, r5, &(0x7f0000000480)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd_index}, 0x0) io_uring_enter(r2, 0x100001, 0x0, 0x0, 0x0, 0x0) 10:58:37 executing program 2: r0 = fsopen(&(0x7f0000000180)='ramfs\x00', 0x0) r1 = dup(r0) dup(r1) r2 = syz_io_uring_setup(0x137, &(0x7f00000003c0), &(0x7f0000ff7000/0x9000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000000440)=0x0, &(0x7f0000000380)=0x0) syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_ASYNC_CANCEL={0xe, 0x5}, 0xfffffff7) syz_io_uring_submit(r3, r4, &(0x7f0000000180)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x6, 0x0, 0x0}, 0x0) syz_io_uring_setup(0x3514, &(0x7f0000000040), &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f00000000c0), &(0x7f0000000100)=0x0) syz_io_uring_submit(r3, r5, &(0x7f0000000480)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd_index}, 0x0) io_uring_enter(r2, 0x100001, 0x0, 0x0, 0x0, 0x0) 10:58:37 executing program 1: r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) connect$inet6(r0, &(0x7f00000015c0)={0xa, 0x0, 0x0, @loopback}, 0x1c) sendmmsg$inet6(r0, &(0x7f0000002580)=[{{&(0x7f0000000040)={0xa, 0x0, 0x0, @mcast1}, 0x1c, &(0x7f0000000140)=[{&(0x7f0000000000)="d7061e52", 0x4}], 0x1}}], 0x1, 0x0) 10:58:37 executing program 5: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x1000000000, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="eb3c906d6b66732e66617400020801000270008000f801", 0x17}], 0x0, &(0x7f00000006c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') openat$zero(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) openat(0xffffffffffffffff, &(0x7f00000003c0)='./file1\x00', 0x80000, 0x40) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x2088, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xb) socket$inet6(0xa, 0x1, 0x0 VM DIAGNOSIS: 10:58:30 Registers: info registers vcpu 0 RAX=0000000000000000 RBX=ffffffff8544d200 RCX=0000000000000000 RDX=ffff88803f46d040 RSI=ffffffff81468ed3 RDI=ffffffff8544d200 RBP=00007f8c6798b72b RSP=ffff88803fc87a20 R8 =0000000000000005 R9 =0000000000000000 R10=0000000080000000 R11=000000000003603d R12=00007f8c6798b72b R13=0000000000000000 R14=ffff88803f46d040 R15=ffff88803f08e000 RIP=ffffffff81461777 RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 0000555556087400 00000000 00000000 GS =0000 ffff88806ce00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007f8c64f0c718 CR3=000000003efe0000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 YMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM01=0000000000000000 0000000000000000 00007f8c67abf7c0 00007f8c67abf7c8 YMM02=0000000000000000 0000000000000000 00007f8c67abf7e0 00007f8c67abf7c0 YMM03=0000000000000000 0000000000000000 00007f8c67abf7c8 00007f8c67abf7c0 YMM04=0000000000000000 0000000000000000 ffffffffffffff00 ffffffff00000000 YMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM06=0000000000000000 0000000000000000 0000000000000000 000000524f525245 YMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM08=0000000000000000 0000000000000000 0000000000000000 00524f5252450040 YMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 RAX=0000000000000037 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff822b3251 RDI=ffffffff87641ba0 RBP=ffffffff87641b60 RSP=ffff88801d9c7698 R8 =0000000000000001 R9 =000000000000000a R10=0000000000000037 R11=0000000000000001 R12=0000000000000037 R13=ffffffff87641b60 R14=0000000000000010 R15=ffffffff822b3240 RIP=ffffffff822b32a9 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 00007fa2c04ba700 00000000 00000000 GS =0000 ffff88806cf00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007f2177018820 CR3=00000000186bc000 CR4=00350ee0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 YMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM01=0000000000000000 0000000000000000 ffffffffffffffff ffffffffffffffff YMM02=0000000000000000 0000000000000000 ffffffffffffffff ffffffffffffffff YMM03=0000000000000000 0000000000000000 ffffffffffffffff ffffffffffffffff YMM04=0000000000000000 0000000000000000 ffffffffffffffff ffffffffffffffff YMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM06=0000000000000000 0000000000000000 0000000000000000 000000524f525245 YMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM08=0000000000000000 0000000000000000 0000000000000000 00524f5252450040 YMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000