Warning: Permanently added '[localhost]:50397' (ECDSA) to the list of known hosts. 2022/09/23 12:31:27 fuzzer started 2022/09/23 12:31:28 dialing manager at localhost:38881 syzkaller login: [ 46.591266] cgroup: Unknown subsys name 'net' [ 46.671523] cgroup: Unknown subsys name 'rlimit' 2022/09/23 12:31:44 syscalls: 2215 2022/09/23 12:31:44 code coverage: enabled 2022/09/23 12:31:44 comparison tracing: enabled 2022/09/23 12:31:44 extra coverage: enabled 2022/09/23 12:31:44 setuid sandbox: enabled 2022/09/23 12:31:44 namespace sandbox: enabled 2022/09/23 12:31:44 Android sandbox: enabled 2022/09/23 12:31:44 fault injection: enabled 2022/09/23 12:31:44 leak checking: enabled 2022/09/23 12:31:44 net packet injection: enabled 2022/09/23 12:31:44 net device setup: enabled 2022/09/23 12:31:44 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2022/09/23 12:31:44 devlink PCI setup: PCI device 0000:00:10.0 is not available 2022/09/23 12:31:44 USB emulation: enabled 2022/09/23 12:31:44 hci packet injection: enabled 2022/09/23 12:31:44 wifi device emulation: failed to parse kernel version (6.0.0-rc6-next-20220923) 2022/09/23 12:31:44 802.15.4 emulation: enabled 2022/09/23 12:31:44 fetching corpus: 0, signal 0/2000 (executing program) 2022/09/23 12:31:44 fetching corpus: 50, signal 24013/27461 (executing program) 2022/09/23 12:31:44 fetching corpus: 100, signal 37950/42618 (executing program) 2022/09/23 12:31:44 fetching corpus: 150, signal 44020/49961 (executing program) 2022/09/23 12:31:44 fetching corpus: 200, signal 49111/56243 (executing program) 2022/09/23 12:31:44 fetching corpus: 250, signal 56036/64058 (executing program) 2022/09/23 12:31:44 fetching corpus: 300, signal 60442/69410 (executing program) 2022/09/23 12:31:44 fetching corpus: 350, signal 66073/75844 (executing program) 2022/09/23 12:31:45 fetching corpus: 400, signal 68546/79331 (executing program) 2022/09/23 12:31:45 fetching corpus: 450, signal 74168/85458 (executing program) 2022/09/23 12:31:45 fetching corpus: 500, signal 77274/89268 (executing program) 2022/09/23 12:31:45 fetching corpus: 550, signal 83080/95397 (executing program) 2022/09/23 12:31:45 fetching corpus: 600, signal 86622/99349 (executing program) 2022/09/23 12:31:45 fetching corpus: 650, signal 90334/103387 (executing program) 2022/09/23 12:31:45 fetching corpus: 700, signal 94314/107672 (executing program) 2022/09/23 12:31:46 fetching corpus: 750, signal 98729/112160 (executing program) 2022/09/23 12:31:46 fetching corpus: 800, signal 101855/115539 (executing program) 2022/09/23 12:31:46 fetching corpus: 850, signal 103735/117823 (executing program) 2022/09/23 12:31:46 fetching corpus: 900, signal 104890/119543 (executing program) 2022/09/23 12:31:46 fetching corpus: 950, signal 107061/121993 (executing program) 2022/09/23 12:31:46 fetching corpus: 1000, signal 109295/124426 (executing program) 2022/09/23 12:31:46 fetching corpus: 1050, signal 111749/126967 (executing program) 2022/09/23 12:31:47 fetching corpus: 1100, signal 113222/128752 (executing program) 2022/09/23 12:31:47 fetching corpus: 1150, signal 114881/130648 (executing program) 2022/09/23 12:31:47 fetching corpus: 1200, signal 117163/132894 (executing program) 2022/09/23 12:31:47 fetching corpus: 1250, signal 119328/135020 (executing program) 2022/09/23 12:31:47 fetching corpus: 1300, signal 120260/136277 (executing program) 2022/09/23 12:31:47 fetching corpus: 1350, signal 121335/137609 (executing program) 2022/09/23 12:31:47 fetching corpus: 1400, signal 122321/138875 (executing program) 2022/09/23 12:31:47 fetching corpus: 1450, signal 123659/140315 (executing program) 2022/09/23 12:31:48 fetching corpus: 1500, signal 125738/142219 (executing program) 2022/09/23 12:31:48 fetching corpus: 1550, signal 127466/143857 (executing program) 2022/09/23 12:31:48 fetching corpus: 1600, signal 129365/145538 (executing program) 2022/09/23 12:31:48 fetching corpus: 1650, signal 130307/146565 (executing program) 2022/09/23 12:31:48 fetching corpus: 1700, signal 131684/147875 (executing program) 2022/09/23 12:31:48 fetching corpus: 1750, signal 133428/149351 (executing program) 2022/09/23 12:31:48 fetching corpus: 1800, signal 134327/150348 (executing program) 2022/09/23 12:31:48 fetching corpus: 1850, signal 135859/151594 (executing program) 2022/09/23 12:31:49 fetching corpus: 1900, signal 137560/152910 (executing program) 2022/09/23 12:31:49 fetching corpus: 1950, signal 139206/154199 (executing program) 2022/09/23 12:31:49 fetching corpus: 2000, signal 140289/155121 (executing program) 2022/09/23 12:31:49 fetching corpus: 2050, signal 141734/156206 (executing program) 2022/09/23 12:31:49 fetching corpus: 2100, signal 142908/157092 (executing program) 2022/09/23 12:31:49 fetching corpus: 2150, signal 144206/158036 (executing program) 2022/09/23 12:31:49 fetching corpus: 2200, signal 144967/158701 (executing program) 2022/09/23 12:31:49 fetching corpus: 2250, signal 145759/159380 (executing program) 2022/09/23 12:31:50 fetching corpus: 2300, signal 146442/159991 (executing program) 2022/09/23 12:31:50 fetching corpus: 2350, signal 148106/161196 (executing program) 2022/09/23 12:31:50 fetching corpus: 2400, signal 149294/161968 (executing program) 2022/09/23 12:31:50 fetching corpus: 2450, signal 150274/162587 (executing program) 2022/09/23 12:31:50 fetching corpus: 2500, signal 150956/163160 (executing program) 2022/09/23 12:31:50 fetching corpus: 2550, signal 152719/164216 (executing program) 2022/09/23 12:31:50 fetching corpus: 2600, signal 153814/164850 (executing program) 2022/09/23 12:31:50 fetching corpus: 2650, signal 154416/165297 (executing program) 2022/09/23 12:31:51 fetching corpus: 2700, signal 155389/165877 (executing program) 2022/09/23 12:31:51 fetching corpus: 2750, signal 156215/166365 (executing program) 2022/09/23 12:31:51 fetching corpus: 2800, signal 158288/167189 (executing program) 2022/09/23 12:31:51 fetching corpus: 2850, signal 159028/167610 (executing program) 2022/09/23 12:31:51 fetching corpus: 2900, signal 159687/167983 (executing program) 2022/09/23 12:31:51 fetching corpus: 2950, signal 160355/168328 (executing program) 2022/09/23 12:31:51 fetching corpus: 3000, signal 161295/168785 (executing program) 2022/09/23 12:31:51 fetching corpus: 3050, signal 161875/169075 (executing program) 2022/09/23 12:31:52 fetching corpus: 3100, signal 162656/169380 (executing program) 2022/09/23 12:31:52 fetching corpus: 3150, signal 163511/169691 (executing program) 2022/09/23 12:31:52 fetching corpus: 3200, signal 164482/170056 (executing program) 2022/09/23 12:31:52 fetching corpus: 3250, signal 165283/170332 (executing program) 2022/09/23 12:31:52 fetching corpus: 3300, signal 166377/170613 (executing program) 2022/09/23 12:31:52 fetching corpus: 3350, signal 167153/170851 (executing program) 2022/09/23 12:31:52 fetching corpus: 3375, signal 167370/170938 (executing program) 2022/09/23 12:31:52 fetching corpus: 3375, signal 167370/170998 (executing program) 2022/09/23 12:31:52 fetching corpus: 3375, signal 167370/171043 (executing program) 2022/09/23 12:31:52 fetching corpus: 3375, signal 167370/171094 (executing program) 2022/09/23 12:31:52 fetching corpus: 3375, signal 167370/171164 (executing program) 2022/09/23 12:31:52 fetching corpus: 3375, signal 167370/171224 (executing program) 2022/09/23 12:31:52 fetching corpus: 3375, signal 167370/171282 (executing program) 2022/09/23 12:31:52 fetching corpus: 3375, signal 167370/171343 (executing program) 2022/09/23 12:31:52 fetching corpus: 3375, signal 167370/171404 (executing program) 2022/09/23 12:31:52 fetching corpus: 3375, signal 167370/171450 (executing program) 2022/09/23 12:31:52 fetching corpus: 3375, signal 167370/171492 (executing program) 2022/09/23 12:31:52 fetching corpus: 3375, signal 167370/171547 (executing program) 2022/09/23 12:31:52 fetching corpus: 3375, signal 167370/171593 (executing program) 2022/09/23 12:31:52 fetching corpus: 3375, signal 167370/171659 (executing program) 2022/09/23 12:31:52 fetching corpus: 3375, signal 167370/171716 (executing program) 2022/09/23 12:31:52 fetching corpus: 3375, signal 167370/171763 (executing program) 2022/09/23 12:31:52 fetching corpus: 3375, signal 167370/171763 (executing program) 2022/09/23 12:31:55 starting 8 fuzzer processes 12:31:55 executing program 0: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff}) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup3(r0, r1, 0x0) ioctl$sock_SIOCETHTOOL(r2, 0x8946, &(0x7f0000000080)={'syz_tun\x00', &(0x7f0000000000)=@ethtool_sset_info={0x49}}) 12:31:55 executing program 1: r0 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) setsockopt$WPAN_SECURITY_LEVEL(r0, 0x0, 0x2, &(0x7f0000000000)=0x1000000, 0x4) 12:31:55 executing program 2: mknodat$loop(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x1) [ 72.569734] audit: type=1400 audit(1663936315.413:6): avc: denied { execmem } for pid=288 comm="syz-executor.1" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1 12:31:55 executing program 3: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IP_VS_SO_SET_DEL(r0, 0x0, 0x19, 0x0, 0x0) 12:31:55 executing program 4: r0 = io_uring_setup(0x7edc, &(0x7f0000000180)) io_uring_register$IORING_UNREGISTER_FILES(r0, 0x12, 0x0, 0x0) 12:31:55 executing program 5: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$GIO_SCRNMAP(r0, 0x4b4a, &(0x7f0000000380)=""/98) 12:31:55 executing program 6: futex(&(0x7f000000a900), 0x85, 0x0, 0x0, 0x0, 0x0) 12:31:55 executing program 7: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) stat(&(0x7f0000000240)='./file0\x00', &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0x0}) setresuid(0x0, r0, 0x0) pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) fcntl$setpipe(r1, 0x407, 0x5000000) [ 73.781510] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 73.784379] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 73.786848] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 73.792096] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 73.795691] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 73.798488] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 73.816431] Bluetooth: hci0: HCI_REQ-0x0c1a [ 73.836845] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 73.850264] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 73.852060] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 73.856313] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 73.858958] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 73.868647] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 73.886252] Bluetooth: hci1: HCI_REQ-0x0c1a [ 73.954300] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 73.958457] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 73.960423] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 73.966284] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 73.971346] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 73.974438] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 73.983056] Bluetooth: hci5: HCI_REQ-0x0c1a [ 73.995910] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 73.998220] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 74.000586] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 74.002804] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 74.005044] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 74.006817] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 74.008285] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 74.009906] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 74.011308] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 74.012607] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 74.014081] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 74.015378] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 74.021305] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 74.022526] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 74.023594] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 74.032302] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 74.036946] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 74.038518] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 74.040674] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 74.048283] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 74.049832] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 74.050585] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 74.054571] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 74.055873] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 74.057523] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 74.059372] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 74.059457] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 74.071214] Bluetooth: hci6: HCI_REQ-0x0c1a [ 74.074504] Bluetooth: hci7: HCI_REQ-0x0c1a [ 74.104924] Bluetooth: hci3: HCI_REQ-0x0c1a [ 74.127339] Bluetooth: hci4: HCI_REQ-0x0c1a [ 74.197343] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 74.217752] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 74.227287] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 74.240783] Bluetooth: hci2: HCI_REQ-0x0c1a [ 75.858458] Bluetooth: hci0: command 0x0409 tx timeout [ 75.985040] Bluetooth: hci1: command 0x0409 tx timeout [ 76.049151] Bluetooth: hci5: command 0x0409 tx timeout [ 76.113107] Bluetooth: hci6: command 0x0409 tx timeout [ 76.177042] Bluetooth: hci4: command 0x0409 tx timeout [ 76.177133] Bluetooth: hci3: command 0x0409 tx timeout [ 76.177695] Bluetooth: hci7: command 0x0409 tx timeout [ 76.305082] Bluetooth: hci2: command 0x0409 tx timeout [ 77.906078] Bluetooth: hci0: command 0x041b tx timeout [ 78.033116] Bluetooth: hci1: command 0x041b tx timeout [ 78.098109] Bluetooth: hci5: command 0x041b tx timeout [ 78.162050] Bluetooth: hci6: command 0x041b tx timeout [ 78.225076] Bluetooth: hci7: command 0x041b tx timeout [ 78.225487] Bluetooth: hci3: command 0x041b tx timeout [ 78.225854] Bluetooth: hci4: command 0x041b tx timeout [ 78.354075] Bluetooth: hci2: command 0x041b tx timeout [ 79.954020] Bluetooth: hci0: command 0x040f tx timeout [ 80.081068] Bluetooth: hci1: command 0x040f tx timeout [ 80.146058] Bluetooth: hci5: command 0x040f tx timeout [ 80.210028] Bluetooth: hci6: command 0x040f tx timeout [ 80.274027] Bluetooth: hci4: command 0x040f tx timeout [ 80.274424] Bluetooth: hci3: command 0x040f tx timeout [ 80.274782] Bluetooth: hci7: command 0x040f tx timeout [ 80.401074] Bluetooth: hci2: command 0x040f tx timeout [ 82.002383] Bluetooth: hci0: command 0x0419 tx timeout [ 82.129679] Bluetooth: hci1: command 0x0419 tx timeout [ 82.193031] Bluetooth: hci5: command 0x0419 tx timeout [ 82.258021] Bluetooth: hci6: command 0x0419 tx timeout [ 82.322087] Bluetooth: hci7: command 0x0419 tx timeout [ 82.322566] Bluetooth: hci3: command 0x0419 tx timeout [ 82.323013] Bluetooth: hci4: command 0x0419 tx timeout [ 82.449023] Bluetooth: hci2: command 0x0419 tx timeout 12:32:49 executing program 2: socket$inet_tcp(0x2, 0x1, 0x0) 12:32:49 executing program 4: r0 = io_uring_setup(0x7edc, &(0x7f0000000180)) io_uring_register$IORING_UNREGISTER_FILES(r0, 0x12, 0x0, 0x0) 12:32:49 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFULNL_MSG_CONFIG(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)={0x1c, 0x1, 0x4, 0x201, 0x0, 0x0, {}, [@NFULA_CFG_CMD={0x5, 0x1, 0x1}]}, 0x1c}}, 0x0) sendmsg$NFULNL_MSG_CONFIG(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)={0x1c, 0x1, 0x4, 0x201, 0x0, 0x0, {}, [@NFULA_CFG_CMD={0x5, 0x1, 0x1}]}, 0x1c}}, 0x0) 12:32:49 executing program 4: r0 = io_uring_setup(0x7edc, &(0x7f0000000180)) io_uring_register$IORING_UNREGISTER_FILES(r0, 0x12, 0x0, 0x0) 12:32:49 executing program 1: r0 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) setsockopt$WPAN_SECURITY_LEVEL(r0, 0x0, 0x2, &(0x7f0000000000)=0x1000000, 0x4) 12:32:49 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFULNL_MSG_CONFIG(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)={0x1c, 0x1, 0x4, 0x201, 0x0, 0x0, {}, [@NFULA_CFG_CMD={0x5, 0x1, 0x1}]}, 0x1c}}, 0x0) sendmsg$NFULNL_MSG_CONFIG(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)={0x1c, 0x1, 0x4, 0x201, 0x0, 0x0, {}, [@NFULA_CFG_CMD={0x5, 0x1, 0x1}]}, 0x1c}}, 0x0) 12:32:49 executing program 4: r0 = io_uring_setup(0x7edc, &(0x7f0000000180)) io_uring_register$IORING_UNREGISTER_FILES(r0, 0x12, 0x0, 0x0) 12:32:49 executing program 1: r0 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) setsockopt$WPAN_SECURITY_LEVEL(r0, 0x0, 0x2, &(0x7f0000000000)=0x1000000, 0x4) 12:32:50 executing program 0: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff}) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup3(r0, r1, 0x0) ioctl$sock_SIOCETHTOOL(r2, 0x8946, &(0x7f0000000080)={'syz_tun\x00', &(0x7f0000000000)=@ethtool_sset_info={0x49}}) 12:32:50 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFULNL_MSG_CONFIG(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)={0x1c, 0x1, 0x4, 0x201, 0x0, 0x0, {}, [@NFULA_CFG_CMD={0x5, 0x1, 0x1}]}, 0x1c}}, 0x0) sendmsg$NFULNL_MSG_CONFIG(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)={0x1c, 0x1, 0x4, 0x201, 0x0, 0x0, {}, [@NFULA_CFG_CMD={0x5, 0x1, 0x1}]}, 0x1c}}, 0x0) 12:32:50 executing program 1: r0 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) setsockopt$WPAN_SECURITY_LEVEL(r0, 0x0, 0x2, &(0x7f0000000000)=0x1000000, 0x4) 12:32:50 executing program 5: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$GIO_SCRNMAP(r0, 0x4b4a, &(0x7f0000000380)=""/98) 12:32:50 executing program 4: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFULNL_MSG_CONFIG(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)={0x1c, 0x1, 0x4, 0x201, 0x0, 0x0, {}, [@NFULA_CFG_CMD={0x5, 0x1, 0x1}]}, 0x1c}}, 0x0) sendmsg$NFULNL_MSG_CONFIG(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)={0x1c, 0x1, 0x4, 0x201, 0x0, 0x0, {}, [@NFULA_CFG_CMD={0x5, 0x1, 0x1}]}, 0x1c}}, 0x0) 12:32:50 executing program 6: futex(&(0x7f000000a900), 0x85, 0x0, 0x0, 0x0, 0x0) 12:32:50 executing program 7: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) stat(&(0x7f0000000240)='./file0\x00', &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0x0}) setresuid(0x0, r0, 0x0) pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) fcntl$setpipe(r1, 0x407, 0x5000000) 12:32:50 executing program 3: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IP_VS_SO_SET_DEL(r0, 0x0, 0x19, 0x0, 0x0) 12:32:50 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFULNL_MSG_CONFIG(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)={0x1c, 0x1, 0x4, 0x201, 0x0, 0x0, {}, [@NFULA_CFG_CMD={0x5, 0x1, 0x1}]}, 0x1c}}, 0x0) sendmsg$NFULNL_MSG_CONFIG(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)={0x1c, 0x1, 0x4, 0x201, 0x0, 0x0, {}, [@NFULA_CFG_CMD={0x5, 0x1, 0x1}]}, 0x1c}}, 0x0) 12:32:50 executing program 4: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFULNL_MSG_CONFIG(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)={0x1c, 0x1, 0x4, 0x201, 0x0, 0x0, {}, [@NFULA_CFG_CMD={0x5, 0x1, 0x1}]}, 0x1c}}, 0x0) sendmsg$NFULNL_MSG_CONFIG(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)={0x1c, 0x1, 0x4, 0x201, 0x0, 0x0, {}, [@NFULA_CFG_CMD={0x5, 0x1, 0x1}]}, 0x1c}}, 0x0) 12:32:50 executing program 7: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) stat(&(0x7f0000000240)='./file0\x00', &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0x0}) setresuid(0x0, r0, 0x0) pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) fcntl$setpipe(r1, 0x407, 0x5000000) 12:32:50 executing program 6: futex(&(0x7f000000a900), 0x85, 0x0, 0x0, 0x0, 0x0) 12:32:50 executing program 0: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff}) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup3(r0, r1, 0x0) ioctl$sock_SIOCETHTOOL(r2, 0x8946, &(0x7f0000000080)={'syz_tun\x00', &(0x7f0000000000)=@ethtool_sset_info={0x49}}) 12:32:50 executing program 5: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$GIO_SCRNMAP(r0, 0x4b4a, &(0x7f0000000380)=""/98) 12:32:50 executing program 1: setreuid(0xffffffffffffffff, 0xffffffffffffffff) 12:32:50 executing program 3: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IP_VS_SO_SET_DEL(r0, 0x0, 0x19, 0x0, 0x0) 12:32:50 executing program 6: futex(&(0x7f000000a900), 0x85, 0x0, 0x0, 0x0, 0x0) 12:32:50 executing program 7: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) stat(&(0x7f0000000240)='./file0\x00', &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0x0}) setresuid(0x0, r0, 0x0) pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) fcntl$setpipe(r1, 0x407, 0x5000000) 12:32:50 executing program 4: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFULNL_MSG_CONFIG(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)={0x1c, 0x1, 0x4, 0x201, 0x0, 0x0, {}, [@NFULA_CFG_CMD={0x5, 0x1, 0x1}]}, 0x1c}}, 0x0) sendmsg$NFULNL_MSG_CONFIG(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)={0x1c, 0x1, 0x4, 0x201, 0x0, 0x0, {}, [@NFULA_CFG_CMD={0x5, 0x1, 0x1}]}, 0x1c}}, 0x0) 12:32:50 executing program 2: capset(&(0x7f0000000040)={0x20080522}, &(0x7f0000000580)) clock_adjtime(0x0, &(0x7f0000000100)={0x8003}) 12:32:50 executing program 3: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IP_VS_SO_SET_DEL(r0, 0x0, 0x19, 0x0, 0x0) 12:32:50 executing program 0: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff}) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup3(r0, r1, 0x0) ioctl$sock_SIOCETHTOOL(r2, 0x8946, &(0x7f0000000080)={'syz_tun\x00', &(0x7f0000000000)=@ethtool_sset_info={0x49}}) 12:32:50 executing program 1: setreuid(0xffffffffffffffff, 0xffffffffffffffff) 12:32:50 executing program 1: setreuid(0xffffffffffffffff, 0xffffffffffffffff) 12:32:50 executing program 4: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_TCP_MD5SIG(r0, 0x6, 0xe, &(0x7f00000000c0)={@in6={{0xa, 0x4e22, 0x2, @empty, 0x4}}, 0x0, 0x0, 0x4, 0x0, "a746a17128ab789e5f70f170de3b09e7de49f919f5daa017ada1eadae7ef3b8be4b6bc597111d657c7039db2fb7beaf1d003a1fc7d14e5a1cc6db5be8e3aaffc6750fd094e7c1fdaf32ac14b0a7f4e58"}, 0xd8) ioctl$sock_inet_SIOCADDRT(r0, 0x890c, &(0x7f0000000000)={0x0, {0x2, 0x4e23, @multicast2}, {0x2, 0x4e23, @private=0xa010101}, {0x2, 0x4e20, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x27c, 0x0, 0x0, 0x0, 0x8, 0x0, 0x3dda, 0x5, 0x5}) 12:32:50 executing program 7: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x76, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) truncate(&(0x7f0000000000)='./cgroup.net/cgroup.procs\x00', 0x0) 12:32:50 executing program 3: syz_mount_image$tmpfs(&(0x7f0000000880), &(0x7f00000008c0)='./file0\x00', 0x0, 0x0, &(0x7f0000001dc0), 0x0, &(0x7f0000001e80)) 12:32:50 executing program 5: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$GIO_SCRNMAP(r0, 0x4b4a, &(0x7f0000000380)=""/98) 12:32:50 executing program 2: capset(&(0x7f0000000040)={0x20080522}, &(0x7f0000000580)) clock_adjtime(0x0, &(0x7f0000000100)={0x8003}) 12:32:50 executing program 0: r0 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000500), 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(r0, 0xc018937a, &(0x7f0000000540)=ANY=[@ANYBLOB="0100000100", @ANYRES32]) [ 127.867093] audit: type=1400 audit(1663936370.711:7): avc: denied { open } for pid=4016 comm="syz-executor.7" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 [ 127.868692] audit: type=1400 audit(1663936370.711:8): avc: denied { kernel } for pid=4016 comm="syz-executor.7" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 [ 127.885633] ------------[ cut here ]------------ [ 127.885655] [ 127.885658] ====================================================== [ 127.885661] WARNING: possible circular locking dependency detected [ 127.885665] 6.0.0-rc6-next-20220923 #1 Not tainted [ 127.885671] ------------------------------------------------------ [ 127.885674] syz-executor.7/4021 is trying to acquire lock: [ 127.885680] ffffffff853faaf8 ((console_sem).lock){....}-{2:2}, at: down_trylock+0xe/0x70 [ 127.885719] [ 127.885719] but task is already holding lock: [ 127.885721] ffff88800dbc2020 (&ctx->lock){....}-{2:2}, at: __perf_event_task_sched_out+0x53b/0x18d0 [ 127.885749] [ 127.885749] which lock already depends on the new lock. [ 127.885749] [ 127.885752] [ 127.885752] the existing dependency chain (in reverse order) is: [ 127.885755] [ 127.885755] -> #3 (&ctx->lock){....}-{2:2}: [ 127.885769] _raw_spin_lock+0x2a/0x40 [ 127.885787] __perf_event_task_sched_out+0x53b/0x18d0 [ 127.885800] __schedule+0xedd/0x2470 [ 127.885813] schedule+0xda/0x1b0 [ 127.885826] exit_to_user_mode_prepare+0x114/0x1a0 [ 127.885837] syscall_exit_to_user_mode+0x19/0x40 [ 127.885849] do_syscall_64+0x48/0x90 [ 127.885865] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 127.885877] [ 127.885877] -> #2 (&rq->__lock){-.-.}-{2:2}: [ 127.885891] _raw_spin_lock_nested+0x30/0x40 [ 127.885909] raw_spin_rq_lock_nested+0x1e/0x30 [ 127.885922] task_fork_fair+0x63/0x4d0 [ 127.885938] sched_cgroup_fork+0x3d0/0x540 [ 127.885952] copy_process+0x4183/0x6e20 [ 127.885965] kernel_clone+0xe7/0x890 [ 127.885974] user_mode_thread+0xad/0xf0 [ 127.885987] rest_init+0x24/0x250 [ 127.885998] arch_call_rest_init+0xf/0x14 [ 127.886015] start_kernel+0x4c1/0x4e6 [ 127.886030] secondary_startup_64_no_verify+0xe0/0xeb [ 127.886045] [ 127.886045] -> #1 (&p->pi_lock){-.-.}-{2:2}: [ 127.886058] _raw_spin_lock_irqsave+0x39/0x60 [ 127.886076] try_to_wake_up+0xab/0x1930 [ 127.886089] up+0x75/0xb0 [ 127.886102] __up_console_sem+0x6e/0x80 [ 127.886117] console_unlock+0x46a/0x590 [ 127.886133] vprintk_emit+0x1bd/0x560 [ 127.886148] vprintk+0x84/0xa0 [ 127.886164] _printk+0xba/0xf1 [ 127.886174] kauditd_hold_skb.cold+0x3f/0x4e [ 127.886191] kauditd_send_queue+0x233/0x290 [ 127.886205] kauditd_thread+0x5da/0x9a0 [ 127.886219] kthread+0x2ed/0x3a0 [ 127.886232] ret_from_fork+0x22/0x30 [ 127.886244] [ 127.886244] -> #0 ((console_sem).lock){....}-{2:2}: [ 127.886258] __lock_acquire+0x2a02/0x5e70 [ 127.886274] lock_acquire+0x1a2/0x530 [ 127.886289] _raw_spin_lock_irqsave+0x39/0x60 [ 127.886307] down_trylock+0xe/0x70 [ 127.886322] __down_trylock_console_sem+0x3b/0xd0 [ 127.886337] vprintk_emit+0x16b/0x560 [ 127.886353] vprintk+0x84/0xa0 [ 127.886368] _printk+0xba/0xf1 [ 127.886378] report_bug.cold+0x72/0xab [ 127.886393] handle_bug+0x3c/0x70 [ 127.886409] exc_invalid_op+0x14/0x50 [ 127.886425] asm_exc_invalid_op+0x16/0x20 [ 127.886436] group_sched_out.part.0+0x2c7/0x460 [ 127.886447] ctx_sched_out+0x8f1/0xc10 [ 127.886457] __perf_event_task_sched_out+0x6d0/0x18d0 [ 127.886469] __schedule+0xedd/0x2470 [ 127.886482] schedule+0xda/0x1b0 [ 127.886494] exit_to_user_mode_prepare+0x114/0x1a0 [ 127.886505] syscall_exit_to_user_mode+0x19/0x40 [ 127.886517] do_syscall_64+0x48/0x90 [ 127.886541] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 127.886553] [ 127.886553] other info that might help us debug this: [ 127.886553] [ 127.886555] Chain exists of: [ 127.886555] (console_sem).lock --> &rq->__lock --> &ctx->lock [ 127.886555] [ 127.886570] Possible unsafe locking scenario: [ 127.886570] [ 127.886572] CPU0 CPU1 [ 127.886575] ---- ---- [ 127.886577] lock(&ctx->lock); [ 127.886582] lock(&rq->__lock); [ 127.886588] lock(&ctx->lock); [ 127.886594] lock((console_sem).lock); [ 127.886600] [ 127.886600] *** DEADLOCK *** [ 127.886600] [ 127.886602] 2 locks held by syz-executor.7/4021: [ 127.886609] #0: ffff88806cf37d18 (&rq->__lock){-.-.}-{2:2}, at: __schedule+0x1cf/0x2470 [ 127.886637] #1: ffff88800dbc2020 (&ctx->lock){....}-{2:2}, at: __perf_event_task_sched_out+0x53b/0x18d0 [ 127.886664] [ 127.886664] stack backtrace: [ 127.886667] CPU: 1 PID: 4021 Comm: syz-executor.7 Not tainted 6.0.0-rc6-next-20220923 #1 [ 127.886679] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 127.886687] Call Trace: [ 127.886690] [ 127.886694] dump_stack_lvl+0x8b/0xb3 [ 127.886712] check_noncircular+0x263/0x2e0 [ 127.886728] ? format_decode+0x26c/0xb50 [ 127.886744] ? print_circular_bug+0x450/0x450 [ 127.886761] ? enable_ptr_key_workfn+0x20/0x20 [ 127.886777] ? perf_trace_lock+0x308/0x560 [ 127.886790] ? format_decode+0x26c/0xb50 [ 127.886808] ? alloc_chain_hlocks+0x1ec/0x5a0 [ 127.886826] __lock_acquire+0x2a02/0x5e70 [ 127.886849] ? lockdep_hardirqs_on_prepare+0x410/0x410 [ 127.886872] lock_acquire+0x1a2/0x530 [ 127.886889] ? down_trylock+0xe/0x70 [ 127.886906] ? lock_release+0x750/0x750 [ 127.886927] ? vprintk+0x84/0xa0 [ 127.886945] _raw_spin_lock_irqsave+0x39/0x60 [ 127.886964] ? down_trylock+0xe/0x70 [ 127.886979] down_trylock+0xe/0x70 [ 127.886994] ? vprintk+0x84/0xa0 [ 127.887011] __down_trylock_console_sem+0x3b/0xd0 [ 127.887028] vprintk_emit+0x16b/0x560 [ 127.887047] vprintk+0x84/0xa0 [ 127.887064] _printk+0xba/0xf1 [ 127.887075] ? record_print_text.cold+0x16/0x16 [ 127.887092] ? report_bug.cold+0x66/0xab [ 127.887110] ? group_sched_out.part.0+0x2c7/0x460 [ 127.887121] report_bug.cold+0x72/0xab [ 127.887140] handle_bug+0x3c/0x70 [ 127.887157] exc_invalid_op+0x14/0x50 [ 127.887175] asm_exc_invalid_op+0x16/0x20 [ 127.887187] RIP: 0010:group_sched_out.part.0+0x2c7/0x460 [ 127.887200] Code: 5e 41 5f e9 5b bb ef ff e8 56 bb ef ff 65 8b 1d 1b 26 ac 7e 31 ff 89 de e8 f6 b7 ef ff 85 db 0f 84 8a 00 00 00 e8 39 bb ef ff <0f> 0b e9 a5 fe ff ff e8 2d bb ef ff 48 8d 7d 10 48 b8 00 00 00 00 [ 127.887212] RSP: 0018:ffff88803f507c48 EFLAGS: 00010006 [ 127.887221] RAX: 0000000040000002 RBX: 0000000000000000 RCX: 0000000000000000 [ 127.887228] RDX: ffff88803f4b9ac0 RSI: ffffffff81564fb7 RDI: 0000000000000005 [ 127.887236] RBP: ffff88803f508000 R08: 0000000000000005 R09: 0000000000000001 [ 127.887243] R10: 0000000000000000 R11: ffffffff865b005b R12: ffff88800dbc2000 [ 127.887251] R13: ffff88806cf3d140 R14: ffffffff8547d040 R15: 0000000000000002 [ 127.887262] ? group_sched_out.part.0+0x2c7/0x460 [ 127.887276] ? group_sched_out.part.0+0x2c7/0x460 [ 127.887290] ctx_sched_out+0x8f1/0xc10 [ 127.887303] __perf_event_task_sched_out+0x6d0/0x18d0 [ 127.887320] ? lock_is_held_type+0xd7/0x130 [ 127.887333] ? __perf_cgroup_move+0x160/0x160 [ 127.887345] ? set_next_entity+0x304/0x550 [ 127.887362] ? update_curr+0x267/0x740 [ 127.887381] ? lock_is_held_type+0xd7/0x130 [ 127.887395] __schedule+0xedd/0x2470 [ 127.887412] ? io_schedule_timeout+0x150/0x150 [ 127.887429] ? __x64_sys_futex_time32+0x480/0x480 [ 127.887443] schedule+0xda/0x1b0 [ 127.887458] exit_to_user_mode_prepare+0x114/0x1a0 [ 127.887470] syscall_exit_to_user_mode+0x19/0x40 [ 127.887483] do_syscall_64+0x48/0x90 [ 127.887500] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 127.887513] RIP: 0033:0x7f601f21db19 [ 127.887521] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 127.887532] RSP: 002b:00007f601c793218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 127.887542] RAX: 0000000000000001 RBX: 00007f601f330f68 RCX: 00007f601f21db19 [ 127.887550] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f601f330f6c [ 127.887557] RBP: 00007f601f330f60 R08: 000000000000000e R09: 0000000000000000 [ 127.887564] R10: 0000000000000003 R11: 0000000000000246 R12: 00007f601f330f6c [ 127.887571] R13: 00007ffcf327eb7f R14: 00007f601c793300 R15: 0000000000022000 [ 127.887586] [ 127.945919] WARNING: CPU: 1 PID: 4021 at kernel/events/core.c:2309 group_sched_out.part.0+0x2c7/0x460 [ 127.946622] Modules linked in: [ 127.946872] CPU: 1 PID: 4021 Comm: syz-executor.7 Not tainted 6.0.0-rc6-next-20220923 #1 [ 127.947474] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 127.948317] RIP: 0010:group_sched_out.part.0+0x2c7/0x460 [ 127.948733] Code: 5e 41 5f e9 5b bb ef ff e8 56 bb ef ff 65 8b 1d 1b 26 ac 7e 31 ff 89 de e8 f6 b7 ef ff 85 db 0f 84 8a 00 00 00 e8 39 bb ef ff <0f> 0b e9 a5 fe ff ff e8 2d bb ef ff 48 8d 7d 10 48 b8 00 00 00 00 [ 127.950104] RSP: 0018:ffff88803f507c48 EFLAGS: 00010006 [ 127.950506] RAX: 0000000040000002 RBX: 0000000000000000 RCX: 0000000000000000 [ 127.951062] RDX: ffff88803f4b9ac0 RSI: ffffffff81564fb7 RDI: 0000000000000005 [ 127.951597] RBP: ffff88803f508000 R08: 0000000000000005 R09: 0000000000000001 [ 127.952139] R10: 0000000000000000 R11: ffffffff865b005b R12: ffff88800dbc2000 [ 127.952692] R13: ffff88806cf3d140 R14: ffffffff8547d040 R15: 0000000000000002 [ 127.953233] FS: 00007f601c793700(0000) GS:ffff88806cf00000(0000) knlGS:0000000000000000 [ 127.953850] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 127.954306] CR2: 000000c00065b000 CR3: 0000000019dc0000 CR4: 0000000000350ee0 [ 127.954877] Call Trace: [ 127.955070] [ 127.955254] ctx_sched_out+0x8f1/0xc10 [ 127.955568] __perf_event_task_sched_out+0x6d0/0x18d0 [ 127.955967] ? lock_is_held_type+0xd7/0x130 [ 127.956307] ? __perf_cgroup_move+0x160/0x160 [ 127.956658] ? set_next_entity+0x304/0x550 [ 127.956996] ? update_curr+0x267/0x740 [ 127.957305] ? lock_is_held_type+0xd7/0x130 [ 127.957643] __schedule+0xedd/0x2470 [ 127.957943] ? io_schedule_timeout+0x150/0x150 [ 127.958304] ? __x64_sys_futex_time32+0x480/0x480 [ 127.958687] schedule+0xda/0x1b0 [ 127.958957] exit_to_user_mode_prepare+0x114/0x1a0 [ 127.959333] syscall_exit_to_user_mode+0x19/0x40 [ 127.959702] do_syscall_64+0x48/0x90 [ 127.960003] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 127.960403] RIP: 0033:0x7f601f21db19 [ 127.960690] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 127.962065] RSP: 002b:00007f601c793218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 127.962658] RAX: 0000000000000001 RBX: 00007f601f330f68 RCX: 00007f601f21db19 [ 127.963203] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f601f330f6c [ 127.963744] RBP: 00007f601f330f60 R08: 000000000000000e R09: 0000000000000000 [ 127.964293] R10: 0000000000000003 R11: 0000000000000246 R12: 00007f601f330f6c [ 127.964833] R13: 00007ffcf327eb7f R14: 00007f601c793300 R15: 0000000000022000 [ 127.965377] [ 127.965557] irq event stamp: 590 [ 127.965810] hardirqs last enabled at (589): [] exit_to_user_mode_prepare+0x109/0x1a0 [ 127.966517] hardirqs last disabled at (590): [] __schedule+0x1225/0x2470 [ 127.967139] softirqs last enabled at (80): [] __irq_exit_rcu+0x11b/0x180 [ 127.967773] softirqs last disabled at (37): [] __irq_exit_rcu+0x11b/0x180 [ 127.968410] ---[ end trace 0000000000000000 ]--- [ 127.981893] autofs4:pid:4030:check_dev_ioctl_version: ioctl control interface version mismatch: kernel(1.1), user(16777217.4294967040), cmd(0xc018937a) [ 127.983026] autofs4:pid:4030:validate_dev_ioctl: invalid device control module version supplied for cmd(0xc018937a) 12:32:50 executing program 6: syz_open_procfs$namespace(0xffffffffffffffff, 0x0) r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0) ioctl$TUNSETNOCSUM(r0, 0x400454c8, 0x0) 12:32:50 executing program 1: setreuid(0xffffffffffffffff, 0xffffffffffffffff) 12:32:50 executing program 4: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_TCP_MD5SIG(r0, 0x6, 0xe, &(0x7f00000000c0)={@in6={{0xa, 0x4e22, 0x2, @empty, 0x4}}, 0x0, 0x0, 0x4, 0x0, "a746a17128ab789e5f70f170de3b09e7de49f919f5daa017ada1eadae7ef3b8be4b6bc597111d657c7039db2fb7beaf1d003a1fc7d14e5a1cc6db5be8e3aaffc6750fd094e7c1fdaf32ac14b0a7f4e58"}, 0xd8) ioctl$sock_inet_SIOCADDRT(r0, 0x890c, &(0x7f0000000000)={0x0, {0x2, 0x4e23, @multicast2}, {0x2, 0x4e23, @private=0xa010101}, {0x2, 0x4e20, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x27c, 0x0, 0x0, 0x0, 0x8, 0x0, 0x3dda, 0x5, 0x5}) 12:32:50 executing program 5: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_TCP_MD5SIG(r0, 0x6, 0xe, &(0x7f00000000c0)={@in6={{0xa, 0x4e22, 0x2, @empty, 0x4}}, 0x0, 0x0, 0x4, 0x0, "a746a17128ab789e5f70f170de3b09e7de49f919f5daa017ada1eadae7ef3b8be4b6bc597111d657c7039db2fb7beaf1d003a1fc7d14e5a1cc6db5be8e3aaffc6750fd094e7c1fdaf32ac14b0a7f4e58"}, 0xd8) ioctl$sock_inet_SIOCADDRT(r0, 0x890c, &(0x7f0000000000)={0x0, {0x2, 0x4e23, @multicast2}, {0x2, 0x4e23, @private=0xa010101}, {0x2, 0x4e20, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x27c, 0x0, 0x0, 0x0, 0x8, 0x0, 0x3dda, 0x5, 0x5}) 12:32:50 executing program 2: capset(&(0x7f0000000040)={0x20080522}, &(0x7f0000000580)) clock_adjtime(0x0, &(0x7f0000000100)={0x8003}) 12:32:50 executing program 0: r0 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000500), 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(r0, 0xc018937a, &(0x7f0000000540)=ANY=[@ANYBLOB="0100000100", @ANYRES32]) 12:32:50 executing program 6: syz_open_procfs$namespace(0xffffffffffffffff, 0x0) r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0) ioctl$TUNSETNOCSUM(r0, 0x400454c8, 0x0) [ 128.094713] autofs4:pid:4043:check_dev_ioctl_version: ioctl control interface version mismatch: kernel(1.1), user(16777217.4294967040), cmd(0xc018937a) [ 128.096025] autofs4:pid:4043:validate_dev_ioctl: invalid device control module version supplied for cmd(0xc018937a) 12:32:50 executing program 4: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_TCP_MD5SIG(r0, 0x6, 0xe, &(0x7f00000000c0)={@in6={{0xa, 0x4e22, 0x2, @empty, 0x4}}, 0x0, 0x0, 0x4, 0x0, "a746a17128ab789e5f70f170de3b09e7de49f919f5daa017ada1eadae7ef3b8be4b6bc597111d657c7039db2fb7beaf1d003a1fc7d14e5a1cc6db5be8e3aaffc6750fd094e7c1fdaf32ac14b0a7f4e58"}, 0xd8) ioctl$sock_inet_SIOCADDRT(r0, 0x890c, &(0x7f0000000000)={0x0, {0x2, 0x4e23, @multicast2}, {0x2, 0x4e23, @private=0xa010101}, {0x2, 0x4e20, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x27c, 0x0, 0x0, 0x0, 0x8, 0x0, 0x3dda, 0x5, 0x5}) 12:32:50 executing program 7: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x76, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) truncate(&(0x7f0000000000)='./cgroup.net/cgroup.procs\x00', 0x0) 12:32:50 executing program 5: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_TCP_MD5SIG(r0, 0x6, 0xe, &(0x7f00000000c0)={@in6={{0xa, 0x4e22, 0x2, @empty, 0x4}}, 0x0, 0x0, 0x4, 0x0, "a746a17128ab789e5f70f170de3b09e7de49f919f5daa017ada1eadae7ef3b8be4b6bc597111d657c7039db2fb7beaf1d003a1fc7d14e5a1cc6db5be8e3aaffc6750fd094e7c1fdaf32ac14b0a7f4e58"}, 0xd8) ioctl$sock_inet_SIOCADDRT(r0, 0x890c, &(0x7f0000000000)={0x0, {0x2, 0x4e23, @multicast2}, {0x2, 0x4e23, @private=0xa010101}, {0x2, 0x4e20, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x27c, 0x0, 0x0, 0x0, 0x8, 0x0, 0x3dda, 0x5, 0x5}) 12:32:50 executing program 1: truncate(0x0, 0xfffffffffffffffe) 12:32:50 executing program 6: syz_open_procfs$namespace(0xffffffffffffffff, 0x0) r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0) ioctl$TUNSETNOCSUM(r0, 0x400454c8, 0x0) 12:32:50 executing program 0: r0 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000500), 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(r0, 0xc018937a, &(0x7f0000000540)=ANY=[@ANYBLOB="0100000100", @ANYRES32]) 12:32:50 executing program 3: syz_mount_image$tmpfs(&(0x7f0000000880), &(0x7f00000008c0)='./file0\x00', 0x0, 0x0, &(0x7f0000001dc0), 0x0, &(0x7f0000001e80)) 12:32:50 executing program 2: capset(&(0x7f0000000040)={0x20080522}, &(0x7f0000000580)) clock_adjtime(0x0, &(0x7f0000000100)={0x8003}) [ 128.170347] autofs4:pid:4055:check_dev_ioctl_version: ioctl control interface version mismatch: kernel(1.1), user(16777217.4294967040), cmd(0xc018937a) [ 128.171301] autofs4:pid:4055:validate_dev_ioctl: invalid device control module version supplied for cmd(0xc018937a) 12:32:51 executing program 4: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_TCP_MD5SIG(r0, 0x6, 0xe, &(0x7f00000000c0)={@in6={{0xa, 0x4e22, 0x2, @empty, 0x4}}, 0x0, 0x0, 0x4, 0x0, "a746a17128ab789e5f70f170de3b09e7de49f919f5daa017ada1eadae7ef3b8be4b6bc597111d657c7039db2fb7beaf1d003a1fc7d14e5a1cc6db5be8e3aaffc6750fd094e7c1fdaf32ac14b0a7f4e58"}, 0xd8) ioctl$sock_inet_SIOCADDRT(r0, 0x890c, &(0x7f0000000000)={0x0, {0x2, 0x4e23, @multicast2}, {0x2, 0x4e23, @private=0xa010101}, {0x2, 0x4e20, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x27c, 0x0, 0x0, 0x0, 0x8, 0x0, 0x3dda, 0x5, 0x5}) 12:32:51 executing program 2: r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0) ioctl$RTC_IRQP_SET(r0, 0x4008700c, 0xc7e) read(r0, &(0x7f0000000740)=""/4096, 0x1000) ioctl$RTC_PIE_ON(r0, 0x7005) 12:32:51 executing program 1: truncate(0x0, 0xfffffffffffffffe) 12:32:51 executing program 5: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_TCP_MD5SIG(r0, 0x6, 0xe, &(0x7f00000000c0)={@in6={{0xa, 0x4e22, 0x2, @empty, 0x4}}, 0x0, 0x0, 0x4, 0x0, "a746a17128ab789e5f70f170de3b09e7de49f919f5daa017ada1eadae7ef3b8be4b6bc597111d657c7039db2fb7beaf1d003a1fc7d14e5a1cc6db5be8e3aaffc6750fd094e7c1fdaf32ac14b0a7f4e58"}, 0xd8) ioctl$sock_inet_SIOCADDRT(r0, 0x890c, &(0x7f0000000000)={0x0, {0x2, 0x4e23, @multicast2}, {0x2, 0x4e23, @private=0xa010101}, {0x2, 0x4e20, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x27c, 0x0, 0x0, 0x0, 0x8, 0x0, 0x3dda, 0x5, 0x5}) 12:32:51 executing program 3: syz_mount_image$tmpfs(&(0x7f0000000880), &(0x7f00000008c0)='./file0\x00', 0x0, 0x0, &(0x7f0000001dc0), 0x0, &(0x7f0000001e80)) 12:32:51 executing program 6: syz_open_procfs$namespace(0xffffffffffffffff, 0x0) r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0) ioctl$TUNSETNOCSUM(r0, 0x400454c8, 0x0) 12:32:51 executing program 7: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x76, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) truncate(&(0x7f0000000000)='./cgroup.net/cgroup.procs\x00', 0x0) 12:32:51 executing program 0: r0 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000500), 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(r0, 0xc018937a, &(0x7f0000000540)=ANY=[@ANYBLOB="0100000100", @ANYRES32]) [ 128.259940] autofs4:pid:4073:check_dev_ioctl_version: ioctl control interface version mismatch: kernel(1.1), user(16777217.4294967040), cmd(0xc018937a) [ 128.260894] autofs4:pid:4073:validate_dev_ioctl: invalid device control module version supplied for cmd(0xc018937a) 12:32:51 executing program 1: truncate(0x0, 0xfffffffffffffffe) 12:32:51 executing program 3: syz_mount_image$tmpfs(&(0x7f0000000880), &(0x7f00000008c0)='./file0\x00', 0x0, 0x0, &(0x7f0000001dc0), 0x0, &(0x7f0000001e80)) 12:32:51 executing program 4: r0 = socket$nl_generic(0x10, 0x3, 0x10) connect$netlink(r0, &(0x7f0000001480)=@proc={0x10, 0x0, 0x0, 0x40}, 0xc) 12:32:51 executing program 4: r0 = socket$nl_generic(0x10, 0x3, 0x10) connect$netlink(r0, &(0x7f0000001480)=@proc={0x10, 0x0, 0x0, 0x40}, 0xc) 12:32:51 executing program 7: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x76, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) truncate(&(0x7f0000000000)='./cgroup.net/cgroup.procs\x00', 0x0) 12:32:51 executing program 0: r0 = syz_open_dev$loop(&(0x7f0000000140), 0x0, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f0000000380)={r0, 0x8, 0x1, 0x400}) ioctl$PERF_EVENT_IOC_ID(r1, 0x80082407, &(0x7f00000003c0)) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x2, 0x0, 0x0, 0x0, 0x0, 0x2, 0x32261, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x5}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) perf_event_open(&(0x7f0000001840)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000001800), 0xd}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x3) write(r2, &(0x7f0000000080)="01", 0x292e9) 12:32:51 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) openat(r0, &(0x7f0000000300)='./file1\x00', 0x200, 0xb1) chdir(&(0x7f0000000140)='./file0\x00') openat(r0, &(0x7f0000000000)='./file0\x00', 0x20c0, 0x141) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) openat(0xffffffffffffffff, &(0x7f00000001c0)='./file0\x00', 0x0, 0xc0) r2 = perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) r3 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x26e1, 0x0) ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r4, 0xc0189375, &(0x7f0000000340)=ANY=[@ANYBLOB="873b07000000efb1606e00770100"/24, @ANYRES32=r3, @ANYBLOB='Y0\x00``\x00'/18]) fsconfig$FSCONFIG_SET_FD(r4, 0x5, &(0x7f0000000180)=']{\x00', 0x0, r1) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x11, r2, 0xa015000) r5 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x4042, 0x0) fallocate(r5, 0x8, 0x0, 0x8000000) ioctl$AUTOFS_IOC_CATATONIC(r5, 0x9362, 0x0) r6 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r6, &(0x7f0000001180)=ANY=[], 0x220) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r6, r1, 0x0, 0xfffffdef) 12:32:51 executing program 1: truncate(0x0, 0xfffffffffffffffe) 12:32:51 executing program 2: r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0) ioctl$RTC_IRQP_SET(r0, 0x4008700c, 0xc7e) read(r0, &(0x7f0000000740)=""/4096, 0x1000) ioctl$RTC_PIE_ON(r0, 0x7005) [ 128.379363] loop6: detected capacity change from 0 to 40 12:32:51 executing program 4: r0 = socket$nl_generic(0x10, 0x3, 0x10) connect$netlink(r0, &(0x7f0000001480)=@proc={0x10, 0x0, 0x0, 0x40}, 0xc) [ 128.430169] syz-executor.6: attempt to access beyond end of device [ 128.430169] loop6: rw=2049, sector=40, nr_sectors = 4 limit=40 [ 128.431659] Buffer I/O error on dev loop6, logical block 10, lost async page write [ 128.445425] syz-executor.6 (4087) used greatest stack depth: 24600 bytes left 12:32:51 executing program 4: r0 = socket$nl_generic(0x10, 0x3, 0x10) connect$netlink(r0, &(0x7f0000001480)=@proc={0x10, 0x0, 0x0, 0x40}, 0xc) 12:32:51 executing program 2: r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0) ioctl$RTC_IRQP_SET(r0, 0x4008700c, 0xc7e) read(r0, &(0x7f0000000740)=""/4096, 0x1000) ioctl$RTC_PIE_ON(r0, 0x7005) 12:32:51 executing program 3: r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0) ioctl$RTC_IRQP_SET(r0, 0x4008700c, 0xc7e) read(r0, &(0x7f0000000740)=""/4096, 0x1000) ioctl$RTC_PIE_ON(r0, 0x7005) 12:32:51 executing program 5: r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0) ioctl$RTC_IRQP_SET(r0, 0x4008700c, 0xc7e) read(r0, &(0x7f0000000740)=""/4096, 0x1000) ioctl$RTC_PIE_ON(r0, 0x7005) 12:32:51 executing program 1: clone(0x13000000, 0x0, &(0x7f0000000100), &(0x7f0000000140), &(0x7f0000000180)="8482b87a0f1c33136bd555121b5a6f8f70acfa2cc77b074ec5ac8789b41e4835cb06f0743e62322ae8eb3c9376140d41650e8092083f3c17f3112084519269b8980d4649965d853f58a8df14362903c78e07a16ce0de0331be12492c0708f16c5d17efb5d8ff96bf2dcae31d1fe0d406c395b13a83c63bb383223264742f10fa98046a27b45c") clone(0x800000, &(0x7f00000005c0)="85d1c678d5e9cf856043eb0bcfba252b9a344cc0b75163a3d83f6378b2e241fb111b95b4962ead3642d98078f7a594e519d40c65c215e21cabe3b39c821a93061631f99381802929087e4940d3ec", &(0x7f0000000640), &(0x7f0000000680), &(0x7f00000006c0)="26cd986a5f479e8f36901a58d9d4bab9719c08558435b344a330f53d4b1a6df8fe909bae2edb1c651646ebe6bb4a16316c19a0c6df3bd3427cf4aa1eeb8654c9d86d45ddd34d719501b442dacef459b834dc0aaa4fce7b3e040deb4f75a1c1ee7da539b372bbccdccea4f0dc89adb6df9e1e8a643d8a90f03769b7436744890e974a4fec742a5c0a7f6eddb626ed010ba88ffe0972fc2ba30a39351b52c92de7b7df3b2415df7d7f0baa7af0e2fd232c3b9449c35e3e3fcc4bc20e275c0c2182033a328dcf780aa67dae931ba4627071aa31d34b070c1aee9e") 12:32:51 executing program 7: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$sock_inet6_tcp_SIOCOUTQNSD(r0, 0x894b, &(0x7f0000000340)) 12:32:51 executing program 0: r0 = syz_open_dev$loop(&(0x7f0000000140), 0x0, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f0000000380)={r0, 0x8, 0x1, 0x400}) ioctl$PERF_EVENT_IOC_ID(r1, 0x80082407, &(0x7f00000003c0)) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x2, 0x0, 0x0, 0x0, 0x0, 0x2, 0x32261, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x5}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) perf_event_open(&(0x7f0000001840)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000001800), 0xd}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x3) write(r2, &(0x7f0000000080)="01", 0x292e9) 12:32:51 executing program 2: r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0) ioctl$RTC_IRQP_SET(r0, 0x4008700c, 0xc7e) read(r0, &(0x7f0000000740)=""/4096, 0x1000) ioctl$RTC_PIE_ON(r0, 0x7005) 12:32:51 executing program 1: clone(0x13000000, 0x0, &(0x7f0000000100), &(0x7f0000000140), &(0x7f0000000180)="8482b87a0f1c33136bd555121b5a6f8f70acfa2cc77b074ec5ac8789b41e4835cb06f0743e62322ae8eb3c9376140d41650e8092083f3c17f3112084519269b8980d4649965d853f58a8df14362903c78e07a16ce0de0331be12492c0708f16c5d17efb5d8ff96bf2dcae31d1fe0d406c395b13a83c63bb383223264742f10fa98046a27b45c") clone(0x800000, &(0x7f00000005c0)="85d1c678d5e9cf856043eb0bcfba252b9a344cc0b75163a3d83f6378b2e241fb111b95b4962ead3642d98078f7a594e519d40c65c215e21cabe3b39c821a93061631f99381802929087e4940d3ec", &(0x7f0000000640), &(0x7f0000000680), &(0x7f00000006c0)="26cd986a5f479e8f36901a58d9d4bab9719c08558435b344a330f53d4b1a6df8fe909bae2edb1c651646ebe6bb4a16316c19a0c6df3bd3427cf4aa1eeb8654c9d86d45ddd34d719501b442dacef459b834dc0aaa4fce7b3e040deb4f75a1c1ee7da539b372bbccdccea4f0dc89adb6df9e1e8a643d8a90f03769b7436744890e974a4fec742a5c0a7f6eddb626ed010ba88ffe0972fc2ba30a39351b52c92de7b7df3b2415df7d7f0baa7af0e2fd232c3b9449c35e3e3fcc4bc20e275c0c2182033a328dcf780aa67dae931ba4627071aa31d34b070c1aee9e") 12:32:51 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) openat(r0, &(0x7f0000000300)='./file1\x00', 0x200, 0xb1) chdir(&(0x7f0000000140)='./file0\x00') openat(r0, &(0x7f0000000000)='./file0\x00', 0x20c0, 0x141) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) openat(0xffffffffffffffff, &(0x7f00000001c0)='./file0\x00', 0x0, 0xc0) r2 = perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) r3 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x26e1, 0x0) ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r4, 0xc0189375, &(0x7f0000000340)=ANY=[@ANYBLOB="873b07000000efb1606e00770100"/24, @ANYRES32=r3, @ANYBLOB='Y0\x00``\x00'/18]) fsconfig$FSCONFIG_SET_FD(r4, 0x5, &(0x7f0000000180)=']{\x00', 0x0, r1) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x11, r2, 0xa015000) r5 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x4042, 0x0) fallocate(r5, 0x8, 0x0, 0x8000000) ioctl$AUTOFS_IOC_CATATONIC(r5, 0x9362, 0x0) r6 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r6, &(0x7f0000001180)=ANY=[], 0x220) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r6, r1, 0x0, 0xfffffdef) 12:32:51 executing program 3: r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0) ioctl$RTC_IRQP_SET(r0, 0x4008700c, 0xc7e) read(r0, &(0x7f0000000740)=""/4096, 0x1000) ioctl$RTC_PIE_ON(r0, 0x7005) [ 128.652038] loop6: detected capacity change from 0 to 40 12:32:51 executing program 4: r0 = syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) openat(r0, &(0x7f0000000300)='./file1\x00', 0x200, 0xb1) chdir(&(0x7f0000000140)='./file0\x00') openat(r0, &(0x7f0000000000)='./file0\x00', 0x20c0, 0x141) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) openat(0xffffffffffffffff, &(0x7f00000001c0)='./file0\x00', 0x0, 0xc0) r2 = perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) r3 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x26e1, 0x0) ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r4, 0xc0189375, &(0x7f0000000340)=ANY=[@ANYBLOB="873b07000000efb1606e00770100"/24, @ANYRES32=r3, @ANYBLOB='Y0\x00``\x00'/18]) fsconfig$FSCONFIG_SET_FD(r4, 0x5, &(0x7f0000000180)=']{\x00', 0x0, r1) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x11, r2, 0xa015000) r5 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x4042, 0x0) fallocate(r5, 0x8, 0x0, 0x8000000) ioctl$AUTOFS_IOC_CATATONIC(r5, 0x9362, 0x0) r6 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r6, &(0x7f0000001180)=ANY=[], 0x220) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r6, r1, 0x0, 0xfffffdef) 12:32:51 executing program 7: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$sock_inet6_tcp_SIOCOUTQNSD(r0, 0x894b, &(0x7f0000000340)) 12:32:51 executing program 5: r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0) ioctl$RTC_IRQP_SET(r0, 0x4008700c, 0xc7e) read(r0, &(0x7f0000000740)=""/4096, 0x1000) ioctl$RTC_PIE_ON(r0, 0x7005) 12:32:51 executing program 0: r0 = syz_open_dev$loop(&(0x7f0000000140), 0x0, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f0000000380)={r0, 0x8, 0x1, 0x400}) ioctl$PERF_EVENT_IOC_ID(r1, 0x80082407, &(0x7f00000003c0)) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x2, 0x0, 0x0, 0x0, 0x0, 0x2, 0x32261, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x5}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) perf_event_open(&(0x7f0000001840)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000001800), 0xd}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x3) write(r2, &(0x7f0000000080)="01", 0x292e9) [ 128.704655] loop4: detected capacity change from 0 to 40 12:32:51 executing program 5: r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0) ioctl$RTC_IRQP_SET(r0, 0x4008700c, 0xc7e) read(r0, &(0x7f0000000740)=""/4096, 0x1000) ioctl$RTC_PIE_ON(r0, 0x7005) 12:32:51 executing program 7: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$sock_inet6_tcp_SIOCOUTQNSD(r0, 0x894b, &(0x7f0000000340)) 12:32:51 executing program 2: r0 = syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) openat(r0, &(0x7f0000000300)='./file1\x00', 0x200, 0xb1) chdir(&(0x7f0000000140)='./file0\x00') openat(r0, &(0x7f0000000000)='./file0\x00', 0x20c0, 0x141) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) openat(0xffffffffffffffff, &(0x7f00000001c0)='./file0\x00', 0x0, 0xc0) r2 = perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) r3 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x26e1, 0x0) ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r4, 0xc0189375, &(0x7f0000000340)=ANY=[@ANYBLOB="873b07000000efb1606e00770100"/24, @ANYRES32=r3, @ANYBLOB='Y0\x00``\x00'/18]) fsconfig$FSCONFIG_SET_FD(r4, 0x5, &(0x7f0000000180)=']{\x00', 0x0, r1) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x11, r2, 0xa015000) r5 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x4042, 0x0) fallocate(r5, 0x8, 0x0, 0x8000000) ioctl$AUTOFS_IOC_CATATONIC(r5, 0x9362, 0x0) r6 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r6, &(0x7f0000001180)=ANY=[], 0x220) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r6, r1, 0x0, 0xfffffdef) 12:32:51 executing program 3: r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0) ioctl$RTC_IRQP_SET(r0, 0x4008700c, 0xc7e) read(r0, &(0x7f0000000740)=""/4096, 0x1000) ioctl$RTC_PIE_ON(r0, 0x7005) [ 128.768777] syz-executor.6: attempt to access beyond end of device [ 128.768777] loop6: rw=2049, sector=40, nr_sectors = 4 limit=40 [ 128.769907] Buffer I/O error on dev loop6, logical block 10, lost async page write [ 128.797002] syz-executor.6 (4122) used greatest stack depth: 24472 bytes left 12:32:51 executing program 0: r0 = syz_open_dev$loop(&(0x7f0000000140), 0x0, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f0000000380)={r0, 0x8, 0x1, 0x400}) ioctl$PERF_EVENT_IOC_ID(r1, 0x80082407, &(0x7f00000003c0)) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x2, 0x0, 0x0, 0x0, 0x0, 0x2, 0x32261, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x5}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) perf_event_open(&(0x7f0000001840)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000001800), 0xd}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x3) write(r2, &(0x7f0000000080)="01", 0x292e9) [ 128.807982] hrtimer: interrupt took 18906 ns 12:32:51 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) openat(r0, &(0x7f0000000300)='./file1\x00', 0x200, 0xb1) chdir(&(0x7f0000000140)='./file0\x00') openat(r0, &(0x7f0000000000)='./file0\x00', 0x20c0, 0x141) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) openat(0xffffffffffffffff, &(0x7f00000001c0)='./file0\x00', 0x0, 0xc0) r2 = perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) r3 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x26e1, 0x0) ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r4, 0xc0189375, &(0x7f0000000340)=ANY=[@ANYBLOB="873b07000000efb1606e00770100"/24, @ANYRES32=r3, @ANYBLOB='Y0\x00``\x00'/18]) fsconfig$FSCONFIG_SET_FD(r4, 0x5, &(0x7f0000000180)=']{\x00', 0x0, r1) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x11, r2, 0xa015000) r5 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x4042, 0x0) fallocate(r5, 0x8, 0x0, 0x8000000) ioctl$AUTOFS_IOC_CATATONIC(r5, 0x9362, 0x0) r6 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r6, &(0x7f0000001180)=ANY=[], 0x220) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r6, r1, 0x0, 0xfffffdef) 12:32:51 executing program 7: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$sock_inet6_tcp_SIOCOUTQNSD(r0, 0x894b, &(0x7f0000000340)) [ 128.864557] loop2: detected capacity change from 0 to 40 [ 128.868654] loop6: detected capacity change from 0 to 40 12:32:51 executing program 3: r0 = syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) openat(r0, &(0x7f0000000300)='./file1\x00', 0x200, 0xb1) chdir(&(0x7f0000000140)='./file0\x00') openat(r0, &(0x7f0000000000)='./file0\x00', 0x20c0, 0x141) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) openat(0xffffffffffffffff, &(0x7f00000001c0)='./file0\x00', 0x0, 0xc0) r2 = perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) r3 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x26e1, 0x0) ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r4, 0xc0189375, &(0x7f0000000340)=ANY=[@ANYBLOB="873b07000000efb1606e00770100"/24, @ANYRES32=r3, @ANYBLOB='Y0\x00``\x00'/18]) fsconfig$FSCONFIG_SET_FD(r4, 0x5, &(0x7f0000000180)=']{\x00', 0x0, r1) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x11, r2, 0xa015000) r5 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x4042, 0x0) fallocate(r5, 0x8, 0x0, 0x8000000) ioctl$AUTOFS_IOC_CATATONIC(r5, 0x9362, 0x0) r6 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r6, &(0x7f0000001180)=ANY=[], 0x220) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r6, r1, 0x0, 0xfffffdef) [ 128.878906] loop3: detected capacity change from 0 to 40 [ 128.949911] syz-executor.4: attempt to access beyond end of device [ 128.949911] loop4: rw=2049, sector=40, nr_sectors = 4 limit=40 [ 128.951191] Buffer I/O error on dev loop4, logical block 10, lost async page write [ 128.962891] syz-executor.6: attempt to access beyond end of device [ 128.962891] loop6: rw=2049, sector=40, nr_sectors = 4 limit=40 [ 128.964200] Buffer I/O error on dev loop6, logical block 10, lost async page write [ 128.965877] syz-executor.3: attempt to access beyond end of device [ 128.965877] loop3: rw=2049, sector=40, nr_sectors = 4 limit=40 [ 128.966860] Buffer I/O error on dev loop3, logical block 10, lost async page write 12:32:51 executing program 5: r0 = syz_open_dev$loop(&(0x7f0000000140), 0x0, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f0000000380)={r0, 0x8, 0x1, 0x400}) ioctl$PERF_EVENT_IOC_ID(r1, 0x80082407, &(0x7f00000003c0)) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x2, 0x0, 0x0, 0x0, 0x0, 0x2, 0x32261, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x5}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) perf_event_open(&(0x7f0000001840)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000001800), 0xd}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x3) write(r2, &(0x7f0000000080)="01", 0x292e9) [ 129.121560] syz-executor.2: attempt to access beyond end of device [ 129.121560] loop2: rw=2049, sector=40, nr_sectors = 4 limit=40 [ 129.122630] Buffer I/O error on dev loop2, logical block 10, lost async page write 12:32:51 executing program 1: clone(0x13000000, 0x0, &(0x7f0000000100), &(0x7f0000000140), &(0x7f0000000180)="8482b87a0f1c33136bd555121b5a6f8f70acfa2cc77b074ec5ac8789b41e4835cb06f0743e62322ae8eb3c9376140d41650e8092083f3c17f3112084519269b8980d4649965d853f58a8df14362903c78e07a16ce0de0331be12492c0708f16c5d17efb5d8ff96bf2dcae31d1fe0d406c395b13a83c63bb383223264742f10fa98046a27b45c") clone(0x800000, &(0x7f00000005c0)="85d1c678d5e9cf856043eb0bcfba252b9a344cc0b75163a3d83f6378b2e241fb111b95b4962ead3642d98078f7a594e519d40c65c215e21cabe3b39c821a93061631f99381802929087e4940d3ec", &(0x7f0000000640), &(0x7f0000000680), &(0x7f00000006c0)="26cd986a5f479e8f36901a58d9d4bab9719c08558435b344a330f53d4b1a6df8fe909bae2edb1c651646ebe6bb4a16316c19a0c6df3bd3427cf4aa1eeb8654c9d86d45ddd34d719501b442dacef459b834dc0aaa4fce7b3e040deb4f75a1c1ee7da539b372bbccdccea4f0dc89adb6df9e1e8a643d8a90f03769b7436744890e974a4fec742a5c0a7f6eddb626ed010ba88ffe0972fc2ba30a39351b52c92de7b7df3b2415df7d7f0baa7af0e2fd232c3b9449c35e3e3fcc4bc20e275c0c2182033a328dcf780aa67dae931ba4627071aa31d34b070c1aee9e") 12:32:51 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) openat(r0, &(0x7f0000000300)='./file1\x00', 0x200, 0xb1) chdir(&(0x7f0000000140)='./file0\x00') openat(r0, &(0x7f0000000000)='./file0\x00', 0x20c0, 0x141) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) openat(0xffffffffffffffff, &(0x7f00000001c0)='./file0\x00', 0x0, 0xc0) r2 = perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) r3 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x26e1, 0x0) ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r4, 0xc0189375, &(0x7f0000000340)=ANY=[@ANYBLOB="873b07000000efb1606e00770100"/24, @ANYRES32=r3, @ANYBLOB='Y0\x00``\x00'/18]) fsconfig$FSCONFIG_SET_FD(r4, 0x5, &(0x7f0000000180)=']{\x00', 0x0, r1) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x11, r2, 0xa015000) r5 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x4042, 0x0) fallocate(r5, 0x8, 0x0, 0x8000000) ioctl$AUTOFS_IOC_CATATONIC(r5, 0x9362, 0x0) r6 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r6, &(0x7f0000001180)=ANY=[], 0x220) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r6, r1, 0x0, 0xfffffdef) 12:32:51 executing program 3: r0 = syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) openat(r0, &(0x7f0000000300)='./file1\x00', 0x200, 0xb1) chdir(&(0x7f0000000140)='./file0\x00') openat(r0, &(0x7f0000000000)='./file0\x00', 0x20c0, 0x141) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) openat(0xffffffffffffffff, &(0x7f00000001c0)='./file0\x00', 0x0, 0xc0) r2 = perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) r3 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x26e1, 0x0) ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r4, 0xc0189375, &(0x7f0000000340)=ANY=[@ANYBLOB="873b07000000efb1606e00770100"/24, @ANYRES32=r3, @ANYBLOB='Y0\x00``\x00'/18]) fsconfig$FSCONFIG_SET_FD(r4, 0x5, &(0x7f0000000180)=']{\x00', 0x0, r1) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x11, r2, 0xa015000) r5 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x4042, 0x0) fallocate(r5, 0x8, 0x0, 0x8000000) ioctl$AUTOFS_IOC_CATATONIC(r5, 0x9362, 0x0) r6 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r6, &(0x7f0000001180)=ANY=[], 0x220) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r6, r1, 0x0, 0xfffffdef) 12:32:51 executing program 4: r0 = syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) openat(r0, &(0x7f0000000300)='./file1\x00', 0x200, 0xb1) chdir(&(0x7f0000000140)='./file0\x00') openat(r0, &(0x7f0000000000)='./file0\x00', 0x20c0, 0x141) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) openat(0xffffffffffffffff, &(0x7f00000001c0)='./file0\x00', 0x0, 0xc0) r2 = perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) r3 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x26e1, 0x0) ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r4, 0xc0189375, &(0x7f0000000340)=ANY=[@ANYBLOB="873b07000000efb1606e00770100"/24, @ANYRES32=r3, @ANYBLOB='Y0\x00``\x00'/18]) fsconfig$FSCONFIG_SET_FD(r4, 0x5, &(0x7f0000000180)=']{\x00', 0x0, r1) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x11, r2, 0xa015000) r5 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x4042, 0x0) fallocate(r5, 0x8, 0x0, 0x8000000) ioctl$AUTOFS_IOC_CATATONIC(r5, 0x9362, 0x0) r6 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r6, &(0x7f0000001180)=ANY=[], 0x220) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r6, r1, 0x0, 0xfffffdef) 12:32:51 executing program 5: r0 = syz_open_dev$loop(&(0x7f0000000140), 0x0, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f0000000380)={r0, 0x8, 0x1, 0x400}) ioctl$PERF_EVENT_IOC_ID(r1, 0x80082407, &(0x7f00000003c0)) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x2, 0x0, 0x0, 0x0, 0x0, 0x2, 0x32261, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x5}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) perf_event_open(&(0x7f0000001840)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000001800), 0xd}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x3) write(r2, &(0x7f0000000080)="01", 0x292e9) [ 129.141788] loop3: detected capacity change from 0 to 40 [ 129.146182] loop6: detected capacity change from 0 to 40 [ 129.178500] loop4: detected capacity change from 0 to 40 12:32:52 executing program 0: io_cancel(0x0, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0) 12:32:52 executing program 0: io_cancel(0x0, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0) [ 129.318422] syz-executor.4: attempt to access beyond end of device [ 129.318422] loop4: rw=2049, sector=40, nr_sectors = 4 limit=40 [ 129.319722] Buffer I/O error on dev loop4, logical block 10, lost async page write 12:32:52 executing program 0: io_cancel(0x0, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0) 12:32:52 executing program 1: clone(0x13000000, 0x0, &(0x7f0000000100), &(0x7f0000000140), &(0x7f0000000180)="8482b87a0f1c33136bd555121b5a6f8f70acfa2cc77b074ec5ac8789b41e4835cb06f0743e62322ae8eb3c9376140d41650e8092083f3c17f3112084519269b8980d4649965d853f58a8df14362903c78e07a16ce0de0331be12492c0708f16c5d17efb5d8ff96bf2dcae31d1fe0d406c395b13a83c63bb383223264742f10fa98046a27b45c") clone(0x800000, &(0x7f00000005c0)="85d1c678d5e9cf856043eb0bcfba252b9a344cc0b75163a3d83f6378b2e241fb111b95b4962ead3642d98078f7a594e519d40c65c215e21cabe3b39c821a93061631f99381802929087e4940d3ec", &(0x7f0000000640), &(0x7f0000000680), &(0x7f00000006c0)="26cd986a5f479e8f36901a58d9d4bab9719c08558435b344a330f53d4b1a6df8fe909bae2edb1c651646ebe6bb4a16316c19a0c6df3bd3427cf4aa1eeb8654c9d86d45ddd34d719501b442dacef459b834dc0aaa4fce7b3e040deb4f75a1c1ee7da539b372bbccdccea4f0dc89adb6df9e1e8a643d8a90f03769b7436744890e974a4fec742a5c0a7f6eddb626ed010ba88ffe0972fc2ba30a39351b52c92de7b7df3b2415df7d7f0baa7af0e2fd232c3b9449c35e3e3fcc4bc20e275c0c2182033a328dcf780aa67dae931ba4627071aa31d34b070c1aee9e") [ 129.457314] syz-executor.6: attempt to access beyond end of device [ 129.457314] loop6: rw=2049, sector=40, nr_sectors = 4 limit=40 [ 129.458446] Buffer I/O error on dev loop6, logical block 10, lost async page write [ 129.675128] syz-executor.3: attempt to access beyond end of device [ 129.675128] loop3: rw=2049, sector=40, nr_sectors = 4 limit=40 [ 129.677004] Buffer I/O error on dev loop3, logical block 10, lost async page write 12:32:52 executing program 3: r0 = syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) openat(r0, &(0x7f0000000300)='./file1\x00', 0x200, 0xb1) chdir(&(0x7f0000000140)='./file0\x00') openat(r0, &(0x7f0000000000)='./file0\x00', 0x20c0, 0x141) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) openat(0xffffffffffffffff, &(0x7f00000001c0)='./file0\x00', 0x0, 0xc0) r2 = perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) r3 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x26e1, 0x0) ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r4, 0xc0189375, &(0x7f0000000340)=ANY=[@ANYBLOB="873b07000000efb1606e00770100"/24, @ANYRES32=r3, @ANYBLOB='Y0\x00``\x00'/18]) fsconfig$FSCONFIG_SET_FD(r4, 0x5, &(0x7f0000000180)=']{\x00', 0x0, r1) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x11, r2, 0xa015000) r5 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x4042, 0x0) fallocate(r5, 0x8, 0x0, 0x8000000) ioctl$AUTOFS_IOC_CATATONIC(r5, 0x9362, 0x0) r6 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r6, &(0x7f0000001180)=ANY=[], 0x220) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r6, r1, 0x0, 0xfffffdef) 12:32:52 executing program 2: r0 = syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) openat(r0, &(0x7f0000000300)='./file1\x00', 0x200, 0xb1) chdir(&(0x7f0000000140)='./file0\x00') openat(r0, &(0x7f0000000000)='./file0\x00', 0x20c0, 0x141) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) openat(0xffffffffffffffff, &(0x7f00000001c0)='./file0\x00', 0x0, 0xc0) r2 = perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) r3 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x26e1, 0x0) ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r4, 0xc0189375, &(0x7f0000000340)=ANY=[@ANYBLOB="873b07000000efb1606e00770100"/24, @ANYRES32=r3, @ANYBLOB='Y0\x00``\x00'/18]) fsconfig$FSCONFIG_SET_FD(r4, 0x5, &(0x7f0000000180)=']{\x00', 0x0, r1) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x11, r2, 0xa015000) r5 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x4042, 0x0) fallocate(r5, 0x8, 0x0, 0x8000000) ioctl$AUTOFS_IOC_CATATONIC(r5, 0x9362, 0x0) r6 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r6, &(0x7f0000001180)=ANY=[], 0x220) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r6, r1, 0x0, 0xfffffdef) 12:32:52 executing program 4: r0 = syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) openat(r0, &(0x7f0000000300)='./file1\x00', 0x200, 0xb1) chdir(&(0x7f0000000140)='./file0\x00') openat(r0, &(0x7f0000000000)='./file0\x00', 0x20c0, 0x141) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) openat(0xffffffffffffffff, &(0x7f00000001c0)='./file0\x00', 0x0, 0xc0) r2 = perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) r3 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x26e1, 0x0) ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r4, 0xc0189375, &(0x7f0000000340)=ANY=[@ANYBLOB="873b07000000efb1606e00770100"/24, @ANYRES32=r3, @ANYBLOB='Y0\x00``\x00'/18]) fsconfig$FSCONFIG_SET_FD(r4, 0x5, &(0x7f0000000180)=']{\x00', 0x0, r1) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x11, r2, 0xa015000) r5 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x4042, 0x0) fallocate(r5, 0x8, 0x0, 0x8000000) ioctl$AUTOFS_IOC_CATATONIC(r5, 0x9362, 0x0) r6 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r6, &(0x7f0000001180)=ANY=[], 0x220) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r6, r1, 0x0, 0xfffffdef) 12:32:52 executing program 0: io_cancel(0x0, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0) 12:32:52 executing program 5: r0 = syz_open_dev$loop(&(0x7f0000000140), 0x0, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f0000000380)={r0, 0x8, 0x1, 0x400}) ioctl$PERF_EVENT_IOC_ID(r1, 0x80082407, &(0x7f00000003c0)) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x2, 0x0, 0x0, 0x0, 0x0, 0x2, 0x32261, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x5}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) perf_event_open(&(0x7f0000001840)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000001800), 0xd}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x3) write(r2, &(0x7f0000000080)="01", 0x292e9) 12:32:52 executing program 7: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) getsockopt$IP6T_SO_GET_REVISION_TARGET(r0, 0x29, 0x45, 0x0, &(0x7f00000069c0)) 12:32:52 executing program 6: r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) bind$bt_sco(r0, &(0x7f0000000040)={0x1f, @none}, 0x8) connect$bt_sco(r0, &(0x7f0000000000)={0x1f, @none}, 0x8) 12:32:52 executing program 1: syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8}}, 0x4) syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_remote_name={{0x7, 0xff}, {0x0, @none, "116eb99c6b8e4d7a402e2736d65ffa3b8993d3d7aa8d9ef4200797e797edbf3643b7bd29142e70f2ec8d225802b8a98ea3fdab6d686626c19f871c595f71988d1d66ebfa96dce5853fe1ee6a5a61f95d49c61f1e660506ac177a23fb02ec1120e1d858fcd79c61cce3d0fda5a367436b16a8d2d675d4f5f12177e6ccc0d308473cb564374984e28d83f8a96f5b19f96ee9330df15cfd4e8e38386fae10c9c9a3e186cfd28c6d25e4657f00cb95aab169bf352f024a85fc660fc10c8e27dda44b1131937f2cf57c3b5448856d1e546b3de7f13cd5cca83cd864eb634d271ff54b9bf18772359b69fa05f2e057a977ddd9f5cc4be87af95e0f"}}}, 0x102) syz_emit_vhci(&(0x7f0000000500)=@HCI_ACLDATA_PKT={0x2, {0x0, 0x0, 0x0, 0xa}, @l2cap_cid_signaling={{0x6}, [@l2cap_info_req={{0xa, 0x0, 0x2}}]}}, 0xf) [ 129.746247] loop2: detected capacity change from 0 to 40 [ 129.748184] Bluetooth: hci0: ACL packet for unknown connection handle 0 [ 129.749492] Bluetooth: hci0: ACL packet for unknown connection handle 0 [ 129.759048] loop4: detected capacity change from 0 to 40 [ 129.815549] syz-executor.4: attempt to access beyond end of device [ 129.815549] loop4: rw=2049, sector=40, nr_sectors = 4 limit=40 [ 129.816601] Buffer I/O error on dev loop4, logical block 10, lost async page write 12:32:52 executing program 1: syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8}}, 0x4) syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_remote_name={{0x7, 0xff}, {0x0, @none, "116eb99c6b8e4d7a402e2736d65ffa3b8993d3d7aa8d9ef4200797e797edbf3643b7bd29142e70f2ec8d225802b8a98ea3fdab6d686626c19f871c595f71988d1d66ebfa96dce5853fe1ee6a5a61f95d49c61f1e660506ac177a23fb02ec1120e1d858fcd79c61cce3d0fda5a367436b16a8d2d675d4f5f12177e6ccc0d308473cb564374984e28d83f8a96f5b19f96ee9330df15cfd4e8e38386fae10c9c9a3e186cfd28c6d25e4657f00cb95aab169bf352f024a85fc660fc10c8e27dda44b1131937f2cf57c3b5448856d1e546b3de7f13cd5cca83cd864eb634d271ff54b9bf18772359b69fa05f2e057a977ddd9f5cc4be87af95e0f"}}}, 0x102) syz_emit_vhci(&(0x7f0000000500)=@HCI_ACLDATA_PKT={0x2, {0x0, 0x0, 0x0, 0xa}, @l2cap_cid_signaling={{0x6}, [@l2cap_info_req={{0xa, 0x0, 0x2}}]}}, 0xf) 12:32:52 executing program 0: mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x0) truncate(&(0x7f0000000000)='./file1\x00', 0x0) [ 129.833777] Bluetooth: hci0: ACL packet for unknown connection handle 0 [ 129.848944] loop3: detected capacity change from 0 to 40 12:32:52 executing program 1: syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8}}, 0x4) syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_remote_name={{0x7, 0xff}, {0x0, @none, "116eb99c6b8e4d7a402e2736d65ffa3b8993d3d7aa8d9ef4200797e797edbf3643b7bd29142e70f2ec8d225802b8a98ea3fdab6d686626c19f871c595f71988d1d66ebfa96dce5853fe1ee6a5a61f95d49c61f1e660506ac177a23fb02ec1120e1d858fcd79c61cce3d0fda5a367436b16a8d2d675d4f5f12177e6ccc0d308473cb564374984e28d83f8a96f5b19f96ee9330df15cfd4e8e38386fae10c9c9a3e186cfd28c6d25e4657f00cb95aab169bf352f024a85fc660fc10c8e27dda44b1131937f2cf57c3b5448856d1e546b3de7f13cd5cca83cd864eb634d271ff54b9bf18772359b69fa05f2e057a977ddd9f5cc4be87af95e0f"}}}, 0x102) syz_emit_vhci(&(0x7f0000000500)=@HCI_ACLDATA_PKT={0x2, {0x0, 0x0, 0x0, 0xa}, @l2cap_cid_signaling={{0x6}, [@l2cap_info_req={{0xa, 0x0, 0x2}}]}}, 0xf) 12:32:52 executing program 0: mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x0) truncate(&(0x7f0000000000)='./file1\x00', 0x0) 12:32:52 executing program 7: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) getsockopt$IP6T_SO_GET_REVISION_TARGET(r0, 0x29, 0x45, 0x0, &(0x7f00000069c0)) 12:32:52 executing program 4: r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) bind$bt_sco(r0, &(0x7f0000000040)={0x1f, @none}, 0x8) connect$bt_sco(r0, &(0x7f0000000000)={0x1f, @none}, 0x8) 12:32:52 executing program 6: r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) bind$bt_sco(r0, &(0x7f0000000040)={0x1f, @none}, 0x8) connect$bt_sco(r0, &(0x7f0000000000)={0x1f, @none}, 0x8) [ 129.911165] Bluetooth: hci0: ACL packet for unknown connection handle 0 12:32:52 executing program 1: syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8}}, 0x4) syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_remote_name={{0x7, 0xff}, {0x0, @none, "116eb99c6b8e4d7a402e2736d65ffa3b8993d3d7aa8d9ef4200797e797edbf3643b7bd29142e70f2ec8d225802b8a98ea3fdab6d686626c19f871c595f71988d1d66ebfa96dce5853fe1ee6a5a61f95d49c61f1e660506ac177a23fb02ec1120e1d858fcd79c61cce3d0fda5a367436b16a8d2d675d4f5f12177e6ccc0d308473cb564374984e28d83f8a96f5b19f96ee9330df15cfd4e8e38386fae10c9c9a3e186cfd28c6d25e4657f00cb95aab169bf352f024a85fc660fc10c8e27dda44b1131937f2cf57c3b5448856d1e546b3de7f13cd5cca83cd864eb634d271ff54b9bf18772359b69fa05f2e057a977ddd9f5cc4be87af95e0f"}}}, 0x102) syz_emit_vhci(&(0x7f0000000500)=@HCI_ACLDATA_PKT={0x2, {0x0, 0x0, 0x0, 0xa}, @l2cap_cid_signaling={{0x6}, [@l2cap_info_req={{0xa, 0x0, 0x2}}]}}, 0xf) [ 129.984551] Bluetooth: hci0: ACL packet for unknown connection handle 0 12:32:53 executing program 4: r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) bind$bt_sco(r0, &(0x7f0000000040)={0x1f, @none}, 0x8) connect$bt_sco(r0, &(0x7f0000000000)={0x1f, @none}, 0x8) [ 130.666868] loop2: detected capacity change from 0 to 40 12:32:53 executing program 7: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) getsockopt$IP6T_SO_GET_REVISION_TARGET(r0, 0x29, 0x45, 0x0, &(0x7f00000069c0)) 12:32:53 executing program 0: mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x0) truncate(&(0x7f0000000000)='./file1\x00', 0x0) 12:32:53 executing program 6: r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) bind$bt_sco(r0, &(0x7f0000000040)={0x1f, @none}, 0x8) connect$bt_sco(r0, &(0x7f0000000000)={0x1f, @none}, 0x8) 12:32:53 executing program 1: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) io_setup(0xd29, &(0x7f0000000780)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) io_submit(r0, 0x1, &(0x7f0000000040)=[&(0x7f0000000200)={0x0, 0x0, 0x0, 0x8, 0x0, r1, &(0x7f0000000000)="1c", 0xf}]) 12:32:53 executing program 2: r0 = syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) openat(r0, &(0x7f0000000300)='./file1\x00', 0x200, 0xb1) chdir(&(0x7f0000000140)='./file0\x00') openat(r0, &(0x7f0000000000)='./file0\x00', 0x20c0, 0x141) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) openat(0xffffffffffffffff, &(0x7f00000001c0)='./file0\x00', 0x0, 0xc0) r2 = perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) r3 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x26e1, 0x0) ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r4, 0xc0189375, &(0x7f0000000340)=ANY=[@ANYBLOB="873b07000000efb1606e00770100"/24, @ANYRES32=r3, @ANYBLOB='Y0\x00``\x00'/18]) fsconfig$FSCONFIG_SET_FD(r4, 0x5, &(0x7f0000000180)=']{\x00', 0x0, r1) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x11, r2, 0xa015000) r5 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x4042, 0x0) fallocate(r5, 0x8, 0x0, 0x8000000) ioctl$AUTOFS_IOC_CATATONIC(r5, 0x9362, 0x0) r6 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r6, &(0x7f0000001180)=ANY=[], 0x220) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r6, r1, 0x0, 0xfffffdef) 12:32:53 executing program 6: r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) bind$bt_sco(r0, &(0x7f0000000040)={0x1f, @none}, 0x8) connect$bt_sco(r0, &(0x7f0000000000)={0x1f, @none}, 0x8) 12:32:53 executing program 4: r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) bind$bt_sco(r0, &(0x7f0000000040)={0x1f, @none}, 0x8) connect$bt_sco(r0, &(0x7f0000000000)={0x1f, @none}, 0x8) 12:32:53 executing program 1: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) io_setup(0xd29, &(0x7f0000000780)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) io_submit(r0, 0x1, &(0x7f0000000040)=[&(0x7f0000000200)={0x0, 0x0, 0x0, 0x8, 0x0, r1, &(0x7f0000000000)="1c", 0xf}]) 12:32:53 executing program 6: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x2, &(0x7f0000000100)=[{0x5}, {0x6, 0x0, 0x0, 0x7fffffff}]}) pipe2(&(0x7f0000000000), 0x0) 12:32:53 executing program 3: r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000500), 0x0, 0x0) ioctl$TIOCMBIC(r0, 0x5417, &(0x7f0000000540)) 12:32:53 executing program 0: mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x0) truncate(&(0x7f0000000000)='./file1\x00', 0x0) 12:32:53 executing program 5: r0 = syz_open_dev$evdev(&(0x7f0000000180), 0x0, 0x0) ioctl$EVIOCGSW(r0, 0x40284504, &(0x7f0000000000)=""/156) 12:32:53 executing program 7: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) getsockopt$IP6T_SO_GET_REVISION_TARGET(r0, 0x29, 0x45, 0x0, &(0x7f00000069c0)) 12:32:53 executing program 2: r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f000000f540), 0x0) ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r0, 0x40a85323, &(0x7f000000f580)={{}, 'port1\x00'}) 12:32:53 executing program 7: r0 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000040), 0x40a81, 0x0) write$vga_arbiter(r0, &(0x7f0000000140), 0x9) 12:32:53 executing program 0: mount$9p_fd(0x0, &(0x7f0000001840)='./file0\x00', 0x0, 0x0, 0x0) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_DEL(r0, &(0x7f0000001c00)={&(0x7f0000001b00)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000001bc0)={&(0x7f0000001b40)={0x14, 0xa, 0x6, 0x401}, 0x14}}, 0x0) 12:32:53 executing program 1: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) io_setup(0xd29, &(0x7f0000000780)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) io_submit(r0, 0x1, &(0x7f0000000040)=[&(0x7f0000000200)={0x0, 0x0, 0x0, 0x8, 0x0, r1, &(0x7f0000000000)="1c", 0xf}]) 12:32:53 executing program 4: clone3(&(0x7f00000007c0)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 12:32:53 executing program 6: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x2, &(0x7f0000000100)=[{0x5}, {0x6, 0x0, 0x0, 0x7fffffff}]}) pipe2(&(0x7f0000000000), 0x0) 12:32:53 executing program 5: r0 = syz_open_dev$evdev(&(0x7f0000000180), 0x0, 0x0) ioctl$EVIOCGSW(r0, 0x40284504, &(0x7f0000000000)=""/156) 12:32:53 executing program 3: r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000500), 0x0, 0x0) ioctl$TIOCMBIC(r0, 0x5417, &(0x7f0000000540)) 12:32:53 executing program 2: r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f000000f540), 0x0) ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r0, 0x40a85323, &(0x7f000000f580)={{}, 'port1\x00'}) 12:32:53 executing program 5: r0 = syz_open_dev$evdev(&(0x7f0000000180), 0x0, 0x0) ioctl$EVIOCGSW(r0, 0x40284504, &(0x7f0000000000)=""/156) 12:32:53 executing program 4: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x2, &(0x7f0000000100)=[{0x5}, {0x6, 0x0, 0x0, 0x7fffffff}]}) pipe2(&(0x7f0000000000), 0x0) 12:32:53 executing program 7: r0 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000040), 0x40a81, 0x0) write$vga_arbiter(r0, &(0x7f0000000140), 0x9) 12:32:53 executing program 1: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) io_setup(0xd29, &(0x7f0000000780)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) io_submit(r0, 0x1, &(0x7f0000000040)=[&(0x7f0000000200)={0x0, 0x0, 0x0, 0x8, 0x0, r1, &(0x7f0000000000)="1c", 0xf}]) 12:32:53 executing program 5: r0 = syz_open_dev$evdev(&(0x7f0000000180), 0x0, 0x0) ioctl$EVIOCGSW(r0, 0x40284504, &(0x7f0000000000)=""/156) 12:32:53 executing program 6: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x2, &(0x7f0000000100)=[{0x5}, {0x6, 0x0, 0x0, 0x7fffffff}]}) pipe2(&(0x7f0000000000), 0x0) 12:32:53 executing program 3: r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000500), 0x0, 0x0) ioctl$TIOCMBIC(r0, 0x5417, &(0x7f0000000540)) 12:32:53 executing program 4: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x2, &(0x7f0000000100)=[{0x5}, {0x6, 0x0, 0x0, 0x7fffffff}]}) pipe2(&(0x7f0000000000), 0x0) 12:32:53 executing program 2: r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f000000f540), 0x0) ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r0, 0x40a85323, &(0x7f000000f580)={{}, 'port1\x00'}) 12:32:54 executing program 0: move_pages(0x0, 0x2, &(0x7f00000021c0)=[&(0x7f0000ffb000/0x2000)=nil, &(0x7f0000ffb000/0x4000)=nil], 0x0, &(0x7f0000002240), 0x0) 12:32:54 executing program 3: r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000500), 0x0, 0x0) ioctl$TIOCMBIC(r0, 0x5417, &(0x7f0000000540)) 12:32:54 executing program 7: r0 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000040), 0x40a81, 0x0) write$vga_arbiter(r0, &(0x7f0000000140), 0x9) 12:32:54 executing program 5: syz_emit_ethernet(0x36, &(0x7f0000000140)={@local, @dev, @void, {@ipv6={0x86dd, @generic={0x0, 0x6, "b0e0ee", 0x0, 0x2c, 0x0, @private0, @mcast2}}}}, 0x0) 12:32:54 executing program 6: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x2, &(0x7f0000000100)=[{0x5}, {0x6, 0x0, 0x0, 0x7fffffff}]}) pipe2(&(0x7f0000000000), 0x0) 12:32:54 executing program 4: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x2, &(0x7f0000000100)=[{0x5}, {0x6, 0x0, 0x0, 0x7fffffff}]}) pipe2(&(0x7f0000000000), 0x0) 12:32:54 executing program 2: r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f000000f540), 0x0) ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r0, 0x40a85323, &(0x7f000000f580)={{}, 'port1\x00'}) 12:32:54 executing program 1: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x5}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = epoll_create1(0x0) fcntl$lock(r0, 0x26, &(0x7f0000000040)) 12:32:54 executing program 7: r0 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000040), 0x40a81, 0x0) write$vga_arbiter(r0, &(0x7f0000000140), 0x9) 12:32:54 executing program 0: r0 = socket$inet6_udp(0xa, 0x2, 0x0) getsockopt$inet6_udp_int(r0, 0x11, 0x0, 0x0, &(0x7f0000000300)) 12:32:54 executing program 5: syz_emit_ethernet(0x36, &(0x7f0000000140)={@local, @dev, @void, {@ipv6={0x86dd, @generic={0x0, 0x6, "b0e0ee", 0x0, 0x2c, 0x0, @private0, @mcast2}}}}, 0x0) 12:32:54 executing program 1: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x5}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = epoll_create1(0x0) fcntl$lock(r0, 0x26, &(0x7f0000000040)) 12:32:54 executing program 3: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x5}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = epoll_create1(0x0) fcntl$lock(r0, 0x26, &(0x7f0000000040)) 12:32:54 executing program 6: r0 = socket$inet6(0xa, 0x1, 0x0) setsockopt$inet6_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f00000001c0)=0x1, 0x4) connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @empty}, 0x7e) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000000)=[@timestamp, @window, @sack_perm, @sack_perm], 0x20000000000000aa) setsockopt$inet6_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f0000000000), 0x4) 12:32:54 executing program 7: sched_setscheduler(0x0, 0x2, &(0x7f0000000500)=0x4) 12:32:54 executing program 2: syz_genetlink_get_family_id$gtp(&(0x7f0000000000), 0xffffffffffffffff) r0 = openat$tcp_congestion(0xffffffffffffff9c, &(0x7f0000000040), 0x1, 0x0) write$tcp_congestion(r0, &(0x7f0000000080)='bbr\x00', 0x4) 12:32:54 executing program 0: r0 = socket$inet6_udp(0xa, 0x2, 0x0) getsockopt$inet6_udp_int(r0, 0x11, 0x0, 0x0, &(0x7f0000000300)) 12:32:54 executing program 1: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x5}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = epoll_create1(0x0) fcntl$lock(r0, 0x26, &(0x7f0000000040)) 12:32:54 executing program 4: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$HCIINQUIRY(r0, 0x400448e0, 0x0) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = getpid() sendmsg$netlink(r1, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000000)={0xffffffffffffff86, 0x0, 0x0, 0x0, 0x0, "", [@generic="600a451685ac0a7bc45895b67191df0ef6a04b9a6318ef8b25b3f3b65ba13c257903fd79e84ec86989e828b9dbd58609e0bb40bc1f9331b8792c4d8a7365da1497b8fa015d310cae61d187b6ce90fb6bc7104bb2009a7789cdda9185d864e9130eb363de689e7e7ab3cc904438d0ac79a43cb02cd6e2aecb6a7c402dc2598bf17fdc533044b85f566f0d61095a15c2d5789e597a0002baaddaf6faeeca8175f90fcd0f9891f4b89646950aa62ee9e78aadbc55f3266e4fcfbae21470692591f1deb9538c8fe29c2878db04", @typed={0x8, 0xf, 0x0, 0x0, @fd=r1}]}, 0xe4}], 0x1, &(0x7f0000007e00)=[@cred={{0x1c, 0x1, 0x2, {r2}}}], 0x20}, 0x0) r3 = fsopen(&(0x7f0000000000)='ramfs\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r3, 0x6, 0x0, 0x0, 0x0) r4 = fsmount(r3, 0x0, 0x0) symlinkat(&(0x7f0000000000)='./file0\x00', r4, &(0x7f00000001c0)='./file0\x00') statx(r4, &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000000140)={0x1, 0x80, 0x0, 0xbc, 0x81, 0x5, 0x0, 0x9, 0x2800, 0xc, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x3, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x5, 0x4ff9507ca5ac339f, @perf_config_ext={0xc4, 0x100000001}, 0x2000, 0x1, 0x413, 0x9, 0x9, 0x9, 0xab2, 0x0, 0x6, 0x0, 0x2}, r2, 0xffffffffffffffff, r4, 0x2) ioctl$INCFS_IOC_GET_FILLED_BLOCKS(r0, 0x80286722, &(0x7f0000000100)={&(0x7f0000000000)=""/117, 0x75, 0x9, 0x5}) 12:32:54 executing program 5: syz_emit_ethernet(0x36, &(0x7f0000000140)={@local, @dev, @void, {@ipv6={0x86dd, @generic={0x0, 0x6, "b0e0ee", 0x0, 0x2c, 0x0, @private0, @mcast2}}}}, 0x0) 12:32:54 executing program 6: r0 = socket$inet6(0xa, 0x1, 0x0) setsockopt$inet6_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f00000001c0)=0x1, 0x4) connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @empty}, 0x7e) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000000)=[@timestamp, @window, @sack_perm, @sack_perm], 0x20000000000000aa) setsockopt$inet6_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f0000000000), 0x4) 12:32:54 executing program 7: sched_setscheduler(0x0, 0x2, &(0x7f0000000500)=0x4) 12:32:54 executing program 3: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x5}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = epoll_create1(0x0) fcntl$lock(r0, 0x26, &(0x7f0000000040)) 12:32:54 executing program 0: r0 = socket$inet6_udp(0xa, 0x2, 0x0) getsockopt$inet6_udp_int(r0, 0x11, 0x0, 0x0, &(0x7f0000000300)) 12:32:54 executing program 5: syz_emit_ethernet(0x36, &(0x7f0000000140)={@local, @dev, @void, {@ipv6={0x86dd, @generic={0x0, 0x6, "b0e0ee", 0x0, 0x2c, 0x0, @private0, @mcast2}}}}, 0x0) 12:32:54 executing program 1: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x5}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = epoll_create1(0x0) fcntl$lock(r0, 0x26, &(0x7f0000000040)) 12:32:54 executing program 6: r0 = socket$inet6(0xa, 0x1, 0x0) setsockopt$inet6_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f00000001c0)=0x1, 0x4) connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @empty}, 0x7e) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000000)=[@timestamp, @window, @sack_perm, @sack_perm], 0x20000000000000aa) setsockopt$inet6_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f0000000000), 0x4) 12:32:54 executing program 4: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$HCIINQUIRY(r0, 0x400448e0, 0x0) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = getpid() sendmsg$netlink(r1, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000000)={0xffffffffffffff86, 0x0, 0x0, 0x0, 0x0, "", [@generic="600a451685ac0a7bc45895b67191df0ef6a04b9a6318ef8b25b3f3b65ba13c257903fd79e84ec86989e828b9dbd58609e0bb40bc1f9331b8792c4d8a7365da1497b8fa015d310cae61d187b6ce90fb6bc7104bb2009a7789cdda9185d864e9130eb363de689e7e7ab3cc904438d0ac79a43cb02cd6e2aecb6a7c402dc2598bf17fdc533044b85f566f0d61095a15c2d5789e597a0002baaddaf6faeeca8175f90fcd0f9891f4b89646950aa62ee9e78aadbc55f3266e4fcfbae21470692591f1deb9538c8fe29c2878db04", @typed={0x8, 0xf, 0x0, 0x0, @fd=r1}]}, 0xe4}], 0x1, &(0x7f0000007e00)=[@cred={{0x1c, 0x1, 0x2, {r2}}}], 0x20}, 0x0) r3 = fsopen(&(0x7f0000000000)='ramfs\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r3, 0x6, 0x0, 0x0, 0x0) r4 = fsmount(r3, 0x0, 0x0) symlinkat(&(0x7f0000000000)='./file0\x00', r4, &(0x7f00000001c0)='./file0\x00') statx(r4, &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000000140)={0x1, 0x80, 0x0, 0xbc, 0x81, 0x5, 0x0, 0x9, 0x2800, 0xc, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x3, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x5, 0x4ff9507ca5ac339f, @perf_config_ext={0xc4, 0x100000001}, 0x2000, 0x1, 0x413, 0x9, 0x9, 0x9, 0xab2, 0x0, 0x6, 0x0, 0x2}, r2, 0xffffffffffffffff, r4, 0x2) ioctl$INCFS_IOC_GET_FILLED_BLOCKS(r0, 0x80286722, &(0x7f0000000100)={&(0x7f0000000000)=""/117, 0x75, 0x9, 0x5}) 12:32:54 executing program 7: sched_setscheduler(0x0, 0x2, &(0x7f0000000500)=0x4) 12:32:54 executing program 3: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x5}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = epoll_create1(0x0) fcntl$lock(r0, 0x26, &(0x7f0000000040)) 12:32:54 executing program 2: syz_genetlink_get_family_id$gtp(&(0x7f0000000000), 0xffffffffffffffff) r0 = openat$tcp_congestion(0xffffffffffffff9c, &(0x7f0000000040), 0x1, 0x0) write$tcp_congestion(r0, &(0x7f0000000080)='bbr\x00', 0x4) 12:32:54 executing program 6: r0 = socket$inet6(0xa, 0x1, 0x0) setsockopt$inet6_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f00000001c0)=0x1, 0x4) connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @empty}, 0x7e) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000000)=[@timestamp, @window, @sack_perm, @sack_perm], 0x20000000000000aa) setsockopt$inet6_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f0000000000), 0x4) 12:32:54 executing program 0: r0 = socket$inet6_udp(0xa, 0x2, 0x0) getsockopt$inet6_udp_int(r0, 0x11, 0x0, 0x0, &(0x7f0000000300)) 12:32:54 executing program 7: sched_setscheduler(0x0, 0x2, &(0x7f0000000500)=0x4) 12:32:54 executing program 3: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$HCIINQUIRY(r0, 0x400448e0, 0x0) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = getpid() sendmsg$netlink(r1, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000000)={0xffffffffffffff86, 0x0, 0x0, 0x0, 0x0, "", [@generic="600a451685ac0a7bc45895b67191df0ef6a04b9a6318ef8b25b3f3b65ba13c257903fd79e84ec86989e828b9dbd58609e0bb40bc1f9331b8792c4d8a7365da1497b8fa015d310cae61d187b6ce90fb6bc7104bb2009a7789cdda9185d864e9130eb363de689e7e7ab3cc904438d0ac79a43cb02cd6e2aecb6a7c402dc2598bf17fdc533044b85f566f0d61095a15c2d5789e597a0002baaddaf6faeeca8175f90fcd0f9891f4b89646950aa62ee9e78aadbc55f3266e4fcfbae21470692591f1deb9538c8fe29c2878db04", @typed={0x8, 0xf, 0x0, 0x0, @fd=r1}]}, 0xe4}], 0x1, &(0x7f0000007e00)=[@cred={{0x1c, 0x1, 0x2, {r2}}}], 0x20}, 0x0) r3 = fsopen(&(0x7f0000000000)='ramfs\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r3, 0x6, 0x0, 0x0, 0x0) r4 = fsmount(r3, 0x0, 0x0) symlinkat(&(0x7f0000000000)='./file0\x00', r4, &(0x7f00000001c0)='./file0\x00') statx(r4, &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000000140)={0x1, 0x80, 0x0, 0xbc, 0x81, 0x5, 0x0, 0x9, 0x2800, 0xc, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x3, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x5, 0x4ff9507ca5ac339f, @perf_config_ext={0xc4, 0x100000001}, 0x2000, 0x1, 0x413, 0x9, 0x9, 0x9, 0xab2, 0x0, 0x6, 0x0, 0x2}, r2, 0xffffffffffffffff, r4, 0x2) ioctl$INCFS_IOC_GET_FILLED_BLOCKS(r0, 0x80286722, &(0x7f0000000100)={&(0x7f0000000000)=""/117, 0x75, 0x9, 0x5}) 12:32:54 executing program 5: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$HCIINQUIRY(r0, 0x400448e0, 0x0) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = getpid() sendmsg$netlink(r1, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000000)={0xffffffffffffff86, 0x0, 0x0, 0x0, 0x0, "", [@generic="600a451685ac0a7bc45895b67191df0ef6a04b9a6318ef8b25b3f3b65ba13c257903fd79e84ec86989e828b9dbd58609e0bb40bc1f9331b8792c4d8a7365da1497b8fa015d310cae61d187b6ce90fb6bc7104bb2009a7789cdda9185d864e9130eb363de689e7e7ab3cc904438d0ac79a43cb02cd6e2aecb6a7c402dc2598bf17fdc533044b85f566f0d61095a15c2d5789e597a0002baaddaf6faeeca8175f90fcd0f9891f4b89646950aa62ee9e78aadbc55f3266e4fcfbae21470692591f1deb9538c8fe29c2878db04", @typed={0x8, 0xf, 0x0, 0x0, @fd=r1}]}, 0xe4}], 0x1, &(0x7f0000007e00)=[@cred={{0x1c, 0x1, 0x2, {r2}}}], 0x20}, 0x0) r3 = fsopen(&(0x7f0000000000)='ramfs\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r3, 0x6, 0x0, 0x0, 0x0) r4 = fsmount(r3, 0x0, 0x0) symlinkat(&(0x7f0000000000)='./file0\x00', r4, &(0x7f00000001c0)='./file0\x00') statx(r4, &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000000140)={0x1, 0x80, 0x0, 0xbc, 0x81, 0x5, 0x0, 0x9, 0x2800, 0xc, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x3, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x5, 0x4ff9507ca5ac339f, @perf_config_ext={0xc4, 0x100000001}, 0x2000, 0x1, 0x413, 0x9, 0x9, 0x9, 0xab2, 0x0, 0x6, 0x0, 0x2}, r2, 0xffffffffffffffff, r4, 0x2) ioctl$INCFS_IOC_GET_FILLED_BLOCKS(r0, 0x80286722, &(0x7f0000000100)={&(0x7f0000000000)=""/117, 0x75, 0x9, 0x5}) 12:32:54 executing program 5: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$HCIINQUIRY(r0, 0x400448e0, 0x0) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = getpid() sendmsg$netlink(r1, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000000)={0xffffffffffffff86, 0x0, 0x0, 0x0, 0x0, "", [@generic="600a451685ac0a7bc45895b67191df0ef6a04b9a6318ef8b25b3f3b65ba13c257903fd79e84ec86989e828b9dbd58609e0bb40bc1f9331b8792c4d8a7365da1497b8fa015d310cae61d187b6ce90fb6bc7104bb2009a7789cdda9185d864e9130eb363de689e7e7ab3cc904438d0ac79a43cb02cd6e2aecb6a7c402dc2598bf17fdc533044b85f566f0d61095a15c2d5789e597a0002baaddaf6faeeca8175f90fcd0f9891f4b89646950aa62ee9e78aadbc55f3266e4fcfbae21470692591f1deb9538c8fe29c2878db04", @typed={0x8, 0xf, 0x0, 0x0, @fd=r1}]}, 0xe4}], 0x1, &(0x7f0000007e00)=[@cred={{0x1c, 0x1, 0x2, {r2}}}], 0x20}, 0x0) r3 = fsopen(&(0x7f0000000000)='ramfs\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r3, 0x6, 0x0, 0x0, 0x0) r4 = fsmount(r3, 0x0, 0x0) symlinkat(&(0x7f0000000000)='./file0\x00', r4, &(0x7f00000001c0)='./file0\x00') statx(r4, &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000000140)={0x1, 0x80, 0x0, 0xbc, 0x81, 0x5, 0x0, 0x9, 0x2800, 0xc, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x3, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x5, 0x4ff9507ca5ac339f, @perf_config_ext={0xc4, 0x100000001}, 0x2000, 0x1, 0x413, 0x9, 0x9, 0x9, 0xab2, 0x0, 0x6, 0x0, 0x2}, r2, 0xffffffffffffffff, r4, 0x2) ioctl$INCFS_IOC_GET_FILLED_BLOCKS(r0, 0x80286722, &(0x7f0000000100)={&(0x7f0000000000)=""/117, 0x75, 0x9, 0x5}) 12:32:54 executing program 1: r0 = socket$inet6(0xa, 0x1, 0x0) setsockopt$inet6_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f00000001c0)=0x1, 0x4) connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @empty}, 0x7e) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000000)=[@timestamp, @window, @sack_perm, @sack_perm], 0x20000000000000aa) setsockopt$inet6_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f0000000000), 0x4) 12:32:54 executing program 7: syz_mount_image$tmpfs(0x0, &(0x7f0000000480)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) stat(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0}) setreuid(r0, r0) setreuid(0x0, 0x0) 12:32:54 executing program 4: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$HCIINQUIRY(r0, 0x400448e0, 0x0) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = getpid() sendmsg$netlink(r1, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000000)={0xffffffffffffff86, 0x0, 0x0, 0x0, 0x0, "", [@generic="600a451685ac0a7bc45895b67191df0ef6a04b9a6318ef8b25b3f3b65ba13c257903fd79e84ec86989e828b9dbd58609e0bb40bc1f9331b8792c4d8a7365da1497b8fa015d310cae61d187b6ce90fb6bc7104bb2009a7789cdda9185d864e9130eb363de689e7e7ab3cc904438d0ac79a43cb02cd6e2aecb6a7c402dc2598bf17fdc533044b85f566f0d61095a15c2d5789e597a0002baaddaf6faeeca8175f90fcd0f9891f4b89646950aa62ee9e78aadbc55f3266e4fcfbae21470692591f1deb9538c8fe29c2878db04", @typed={0x8, 0xf, 0x0, 0x0, @fd=r1}]}, 0xe4}], 0x1, &(0x7f0000007e00)=[@cred={{0x1c, 0x1, 0x2, {r2}}}], 0x20}, 0x0) r3 = fsopen(&(0x7f0000000000)='ramfs\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r3, 0x6, 0x0, 0x0, 0x0) r4 = fsmount(r3, 0x0, 0x0) symlinkat(&(0x7f0000000000)='./file0\x00', r4, &(0x7f00000001c0)='./file0\x00') statx(r4, &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000000140)={0x1, 0x80, 0x0, 0xbc, 0x81, 0x5, 0x0, 0x9, 0x2800, 0xc, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x3, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x5, 0x4ff9507ca5ac339f, @perf_config_ext={0xc4, 0x100000001}, 0x2000, 0x1, 0x413, 0x9, 0x9, 0x9, 0xab2, 0x0, 0x6, 0x0, 0x2}, r2, 0xffffffffffffffff, r4, 0x2) ioctl$INCFS_IOC_GET_FILLED_BLOCKS(r0, 0x80286722, &(0x7f0000000100)={&(0x7f0000000000)=""/117, 0x75, 0x9, 0x5}) 12:32:54 executing program 2: syz_genetlink_get_family_id$gtp(&(0x7f0000000000), 0xffffffffffffffff) r0 = openat$tcp_congestion(0xffffffffffffff9c, &(0x7f0000000040), 0x1, 0x0) write$tcp_congestion(r0, &(0x7f0000000080)='bbr\x00', 0x4) 12:32:54 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) pwritev(r0, &(0x7f0000000080)=[{&(0x7f0000000140)='\x00', 0x1a}], 0x9, 0x7fffffc, 0x0) 12:32:54 executing program 3: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$HCIINQUIRY(r0, 0x400448e0, 0x0) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = getpid() sendmsg$netlink(r1, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000000)={0xffffffffffffff86, 0x0, 0x0, 0x0, 0x0, "", [@generic="600a451685ac0a7bc45895b67191df0ef6a04b9a6318ef8b25b3f3b65ba13c257903fd79e84ec86989e828b9dbd58609e0bb40bc1f9331b8792c4d8a7365da1497b8fa015d310cae61d187b6ce90fb6bc7104bb2009a7789cdda9185d864e9130eb363de689e7e7ab3cc904438d0ac79a43cb02cd6e2aecb6a7c402dc2598bf17fdc533044b85f566f0d61095a15c2d5789e597a0002baaddaf6faeeca8175f90fcd0f9891f4b89646950aa62ee9e78aadbc55f3266e4fcfbae21470692591f1deb9538c8fe29c2878db04", @typed={0x8, 0xf, 0x0, 0x0, @fd=r1}]}, 0xe4}], 0x1, &(0x7f0000007e00)=[@cred={{0x1c, 0x1, 0x2, {r2}}}], 0x20}, 0x0) r3 = fsopen(&(0x7f0000000000)='ramfs\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r3, 0x6, 0x0, 0x0, 0x0) r4 = fsmount(r3, 0x0, 0x0) symlinkat(&(0x7f0000000000)='./file0\x00', r4, &(0x7f00000001c0)='./file0\x00') statx(r4, &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000000140)={0x1, 0x80, 0x0, 0xbc, 0x81, 0x5, 0x0, 0x9, 0x2800, 0xc, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x3, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x5, 0x4ff9507ca5ac339f, @perf_config_ext={0xc4, 0x100000001}, 0x2000, 0x1, 0x413, 0x9, 0x9, 0x9, 0xab2, 0x0, 0x6, 0x0, 0x2}, r2, 0xffffffffffffffff, r4, 0x2) ioctl$INCFS_IOC_GET_FILLED_BLOCKS(r0, 0x80286722, &(0x7f0000000100)={&(0x7f0000000000)=""/117, 0x75, 0x9, 0x5}) 12:32:54 executing program 0: socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) sendto(r0, &(0x7f0000000040)="ae", 0x1, 0x881, 0x0, 0x0) poll(&(0x7f0000000100)=[{r1}], 0x1, 0x0) 12:32:54 executing program 1: r0 = socket$inet6(0xa, 0x1, 0x0) setsockopt$inet6_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f00000001c0)=0x1, 0x4) connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @empty}, 0x7e) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000000)=[@timestamp, @window, @sack_perm, @sack_perm], 0x20000000000000aa) setsockopt$inet6_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f0000000000), 0x4) 12:32:54 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) pwritev(r0, &(0x7f0000000080)=[{&(0x7f0000000140)='\x00', 0x1a}], 0x9, 0x7fffffc, 0x0) 12:32:54 executing program 7: syz_mount_image$tmpfs(0x0, &(0x7f0000000480)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) stat(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0}) setreuid(r0, r0) setreuid(0x0, 0x0) 12:32:54 executing program 0: socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) sendto(r0, &(0x7f0000000040)="ae", 0x1, 0x881, 0x0, 0x0) poll(&(0x7f0000000100)=[{r1}], 0x1, 0x0) 12:32:54 executing program 3: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$HCIINQUIRY(r0, 0x400448e0, 0x0) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = getpid() sendmsg$netlink(r1, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000000)={0xffffffffffffff86, 0x0, 0x0, 0x0, 0x0, "", [@generic="600a451685ac0a7bc45895b67191df0ef6a04b9a6318ef8b25b3f3b65ba13c257903fd79e84ec86989e828b9dbd58609e0bb40bc1f9331b8792c4d8a7365da1497b8fa015d310cae61d187b6ce90fb6bc7104bb2009a7789cdda9185d864e9130eb363de689e7e7ab3cc904438d0ac79a43cb02cd6e2aecb6a7c402dc2598bf17fdc533044b85f566f0d61095a15c2d5789e597a0002baaddaf6faeeca8175f90fcd0f9891f4b89646950aa62ee9e78aadbc55f3266e4fcfbae21470692591f1deb9538c8fe29c2878db04", @typed={0x8, 0xf, 0x0, 0x0, @fd=r1}]}, 0xe4}], 0x1, &(0x7f0000007e00)=[@cred={{0x1c, 0x1, 0x2, {r2}}}], 0x20}, 0x0) r3 = fsopen(&(0x7f0000000000)='ramfs\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r3, 0x6, 0x0, 0x0, 0x0) r4 = fsmount(r3, 0x0, 0x0) symlinkat(&(0x7f0000000000)='./file0\x00', r4, &(0x7f00000001c0)='./file0\x00') statx(r4, &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000000140)={0x1, 0x80, 0x0, 0xbc, 0x81, 0x5, 0x0, 0x9, 0x2800, 0xc, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x3, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x5, 0x4ff9507ca5ac339f, @perf_config_ext={0xc4, 0x100000001}, 0x2000, 0x1, 0x413, 0x9, 0x9, 0x9, 0xab2, 0x0, 0x6, 0x0, 0x2}, r2, 0xffffffffffffffff, r4, 0x2) ioctl$INCFS_IOC_GET_FILLED_BLOCKS(r0, 0x80286722, &(0x7f0000000100)={&(0x7f0000000000)=""/117, 0x75, 0x9, 0x5}) 12:32:54 executing program 5: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$HCIINQUIRY(r0, 0x400448e0, 0x0) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = getpid() sendmsg$netlink(r1, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000000)={0xffffffffffffff86, 0x0, 0x0, 0x0, 0x0, "", [@generic="600a451685ac0a7bc45895b67191df0ef6a04b9a6318ef8b25b3f3b65ba13c257903fd79e84ec86989e828b9dbd58609e0bb40bc1f9331b8792c4d8a7365da1497b8fa015d310cae61d187b6ce90fb6bc7104bb2009a7789cdda9185d864e9130eb363de689e7e7ab3cc904438d0ac79a43cb02cd6e2aecb6a7c402dc2598bf17fdc533044b85f566f0d61095a15c2d5789e597a0002baaddaf6faeeca8175f90fcd0f9891f4b89646950aa62ee9e78aadbc55f3266e4fcfbae21470692591f1deb9538c8fe29c2878db04", @typed={0x8, 0xf, 0x0, 0x0, @fd=r1}]}, 0xe4}], 0x1, &(0x7f0000007e00)=[@cred={{0x1c, 0x1, 0x2, {r2}}}], 0x20}, 0x0) r3 = fsopen(&(0x7f0000000000)='ramfs\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r3, 0x6, 0x0, 0x0, 0x0) r4 = fsmount(r3, 0x0, 0x0) symlinkat(&(0x7f0000000000)='./file0\x00', r4, &(0x7f00000001c0)='./file0\x00') statx(r4, &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000000140)={0x1, 0x80, 0x0, 0xbc, 0x81, 0x5, 0x0, 0x9, 0x2800, 0xc, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x3, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x5, 0x4ff9507ca5ac339f, @perf_config_ext={0xc4, 0x100000001}, 0x2000, 0x1, 0x413, 0x9, 0x9, 0x9, 0xab2, 0x0, 0x6, 0x0, 0x2}, r2, 0xffffffffffffffff, r4, 0x2) ioctl$INCFS_IOC_GET_FILLED_BLOCKS(r0, 0x80286722, &(0x7f0000000100)={&(0x7f0000000000)=""/117, 0x75, 0x9, 0x5}) 12:32:54 executing program 4: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$HCIINQUIRY(r0, 0x400448e0, 0x0) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = getpid() sendmsg$netlink(r1, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000000)={0xffffffffffffff86, 0x0, 0x0, 0x0, 0x0, "", [@generic="600a451685ac0a7bc45895b67191df0ef6a04b9a6318ef8b25b3f3b65ba13c257903fd79e84ec86989e828b9dbd58609e0bb40bc1f9331b8792c4d8a7365da1497b8fa015d310cae61d187b6ce90fb6bc7104bb2009a7789cdda9185d864e9130eb363de689e7e7ab3cc904438d0ac79a43cb02cd6e2aecb6a7c402dc2598bf17fdc533044b85f566f0d61095a15c2d5789e597a0002baaddaf6faeeca8175f90fcd0f9891f4b89646950aa62ee9e78aadbc55f3266e4fcfbae21470692591f1deb9538c8fe29c2878db04", @typed={0x8, 0xf, 0x0, 0x0, @fd=r1}]}, 0xe4}], 0x1, &(0x7f0000007e00)=[@cred={{0x1c, 0x1, 0x2, {r2}}}], 0x20}, 0x0) r3 = fsopen(&(0x7f0000000000)='ramfs\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r3, 0x6, 0x0, 0x0, 0x0) r4 = fsmount(r3, 0x0, 0x0) symlinkat(&(0x7f0000000000)='./file0\x00', r4, &(0x7f00000001c0)='./file0\x00') statx(r4, &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000000140)={0x1, 0x80, 0x0, 0xbc, 0x81, 0x5, 0x0, 0x9, 0x2800, 0xc, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x3, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x5, 0x4ff9507ca5ac339f, @perf_config_ext={0xc4, 0x100000001}, 0x2000, 0x1, 0x413, 0x9, 0x9, 0x9, 0xab2, 0x0, 0x6, 0x0, 0x2}, r2, 0xffffffffffffffff, r4, 0x2) ioctl$INCFS_IOC_GET_FILLED_BLOCKS(r0, 0x80286722, &(0x7f0000000100)={&(0x7f0000000000)=""/117, 0x75, 0x9, 0x5}) 12:32:54 executing program 1: r0 = socket$inet6(0xa, 0x1, 0x0) setsockopt$inet6_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f00000001c0)=0x1, 0x4) connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @empty}, 0x7e) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000000)=[@timestamp, @window, @sack_perm, @sack_perm], 0x20000000000000aa) setsockopt$inet6_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f0000000000), 0x4) 12:32:54 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) pwritev(r0, &(0x7f0000000080)=[{&(0x7f0000000140)='\x00', 0x1a}], 0x9, 0x7fffffc, 0x0) 12:32:54 executing program 2: syz_genetlink_get_family_id$gtp(&(0x7f0000000000), 0xffffffffffffffff) r0 = openat$tcp_congestion(0xffffffffffffff9c, &(0x7f0000000040), 0x1, 0x0) write$tcp_congestion(r0, &(0x7f0000000080)='bbr\x00', 0x4) 12:32:54 executing program 0: socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) sendto(r0, &(0x7f0000000040)="ae", 0x1, 0x881, 0x0, 0x0) poll(&(0x7f0000000100)=[{r1}], 0x1, 0x0) 12:32:54 executing program 7: syz_mount_image$tmpfs(0x0, &(0x7f0000000480)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) stat(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0}) setreuid(r0, r0) setreuid(0x0, 0x0) 12:32:54 executing program 1: syz_mount_image$tmpfs(0x0, &(0x7f0000000480)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) stat(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0}) setreuid(r0, r0) setreuid(0x0, 0x0) 12:32:54 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) pwritev(r0, &(0x7f0000000080)=[{&(0x7f0000000140)='\x00', 0x1a}], 0x9, 0x7fffffc, 0x0) 12:32:55 executing program 0: socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) sendto(r0, &(0x7f0000000040)="ae", 0x1, 0x881, 0x0, 0x0) poll(&(0x7f0000000100)=[{r1}], 0x1, 0x0) 12:32:55 executing program 4: syz_mount_image$tmpfs(&(0x7f0000000880), 0x0, 0x0, 0x2, &(0x7f0000001dc0)=[{&(0x7f0000000940)='f', 0x1}, {&(0x7f0000000a40)='J', 0x1, 0x6c96}], 0x0, &(0x7f0000001e80)) 12:32:55 executing program 3: io_setup(0x6, &(0x7f0000000040)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x8c3c1, 0x0) io_submit(r0, 0x4000, &(0x7f00000004c0)=[&(0x7f0000000200)={0x0, 0x0, 0x0, 0x2, 0x0, r1, 0x0, 0x200000000000000}]) 12:32:55 executing program 6: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$ext4(0x0, &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) r0 = syz_mount_image$tmpfs(&(0x7f0000000200), &(0x7f0000000240)='./file0/../file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000400)) name_to_handle_at(r0, &(0x7f0000000000)='\x00', &(0x7f00000001c0)=@reiserfs_5={0x14}, &(0x7f0000000280), 0x1000) 12:32:55 executing program 1: syz_mount_image$tmpfs(0x0, &(0x7f0000000480)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) stat(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0}) setreuid(r0, r0) setreuid(0x0, 0x0) [ 132.205478] loop4: detected capacity change from 0 to 108 12:32:55 executing program 7: syz_mount_image$tmpfs(0x0, &(0x7f0000000480)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) stat(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0}) setreuid(r0, r0) setreuid(0x0, 0x0) 12:32:55 executing program 2: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) mount$cgroup(0x0, &(0x7f0000001400)='./file1\x00', &(0x7f0000001440), 0x0, &(0x7f0000000040)={[{@name={'name', 0x3d, '\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xc76\xa5\x9f\xdf\x0e\xc3\x12\x97mW\xc8\xf3fB\xf8\xf1\xbf3\xc7\b\x06\x9aqq\x97\x0fH\xe0\xfa9\xb1\xb7;HZ\n\xddNF\xbc(\x80\x02R\x00\xe3\xd5\xd0\xbd/\xb60h\xcd\xf7t\xc0\xab\x96\x84\xa7\xc6\x12z\xd5\x03\x02(\x85\xa4\xe4\v\xaet\x8dJ\xed\x98!\x04\x81\\3B\xda\v\x82W\x062\xbf5\xa9\xa7G\xadK\xb0b\xb4\xe1Z\x1a0%H'}}]}) [ 132.223377] cgroup: Bad value for 'name' [ 132.234761] loop4: detected capacity change from 0 to 108 12:32:55 executing program 0: syz_mount_image$tmpfs(0x0, &(0x7f0000000700)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) setxattr$system_posix_acl(&(0x7f0000000140)='./file0\x00', &(0x7f0000000180)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [], {}, [{}, {}, {}, {}, {}, {}, {}]}, 0x5c, 0x0) creat(&(0x7f0000000080)='./file0/file0\x00', 0x0) listxattr(&(0x7f00000000c0)='./file0\x00', 0x0, 0x0) 12:32:55 executing program 7: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) getsockopt$inet6_mreq(r0, 0x29, 0x1, 0x0, &(0x7f0000000040)) 12:32:55 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x26e1, 0x0) ioctl$EXT4_IOC_GET_ES_CACHE(r0, 0xc0c0583b, &(0x7f0000000240)={0xf0ffffff0f0000}) 12:32:55 executing program 6: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$ext4(0x0, &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) r0 = syz_mount_image$tmpfs(&(0x7f0000000200), &(0x7f0000000240)='./file0/../file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000400)) name_to_handle_at(r0, &(0x7f0000000000)='\x00', &(0x7f00000001c0)=@reiserfs_5={0x14}, &(0x7f0000000280), 0x1000) 12:32:55 executing program 4: r0 = socket$inet_tcp(0x2, 0x1, 0x0) r1 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$sock_linger(r1, 0x1, 0xd, &(0x7f0000000040)={0x1}, 0x8) close_range(r0, 0xffffffffffffffff, 0x0) 12:32:55 executing program 1: syz_mount_image$tmpfs(0x0, &(0x7f0000000480)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) stat(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0}) setreuid(r0, r0) setreuid(0x0, 0x0) 12:32:55 executing program 3: io_setup(0x6, &(0x7f0000000040)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x8c3c1, 0x0) io_submit(r0, 0x4000, &(0x7f00000004c0)=[&(0x7f0000000200)={0x0, 0x0, 0x0, 0x2, 0x0, r1, 0x0, 0x200000000000000}]) 12:32:55 executing program 2: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) mount$cgroup(0x0, &(0x7f0000001400)='./file1\x00', &(0x7f0000001440), 0x0, &(0x7f0000000040)={[{@name={'name', 0x3d, '\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xc76\xa5\x9f\xdf\x0e\xc3\x12\x97mW\xc8\xf3fB\xf8\xf1\xbf3\xc7\b\x06\x9aqq\x97\x0fH\xe0\xfa9\xb1\xb7;HZ\n\xddNF\xbc(\x80\x02R\x00\xe3\xd5\xd0\xbd/\xb60h\xcd\xf7t\xc0\xab\x96\x84\xa7\xc6\x12z\xd5\x03\x02(\x85\xa4\xe4\v\xaet\x8dJ\xed\x98!\x04\x81\\3B\xda\v\x82W\x062\xbf5\xa9\xa7G\xadK\xb0b\xb4\xe1Z\x1a0%H'}}]}) [ 132.397322] cgroup: Bad value for 'name' 12:32:55 executing program 7: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) getsockopt$inet6_mreq(r0, 0x29, 0x1, 0x0, &(0x7f0000000040)) 12:32:55 executing program 2: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) mount$cgroup(0x0, &(0x7f0000001400)='./file1\x00', &(0x7f0000001440), 0x0, &(0x7f0000000040)={[{@name={'name', 0x3d, '\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xc76\xa5\x9f\xdf\x0e\xc3\x12\x97mW\xc8\xf3fB\xf8\xf1\xbf3\xc7\b\x06\x9aqq\x97\x0fH\xe0\xfa9\xb1\xb7;HZ\n\xddNF\xbc(\x80\x02R\x00\xe3\xd5\xd0\xbd/\xb60h\xcd\xf7t\xc0\xab\x96\x84\xa7\xc6\x12z\xd5\x03\x02(\x85\xa4\xe4\v\xaet\x8dJ\xed\x98!\x04\x81\\3B\xda\v\x82W\x062\xbf5\xa9\xa7G\xadK\xb0b\xb4\xe1Z\x1a0%H'}}]}) 12:32:55 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x26e1, 0x0) ioctl$EXT4_IOC_GET_ES_CACHE(r0, 0xc0c0583b, &(0x7f0000000240)={0xf0ffffff0f0000}) 12:32:55 executing program 4: r0 = socket$inet_tcp(0x2, 0x1, 0x0) r1 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$sock_linger(r1, 0x1, 0xd, &(0x7f0000000040)={0x1}, 0x8) close_range(r0, 0xffffffffffffffff, 0x0) 12:32:55 executing program 0: syz_mount_image$tmpfs(0x0, &(0x7f0000000700)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) setxattr$system_posix_acl(&(0x7f0000000140)='./file0\x00', &(0x7f0000000180)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [], {}, [{}, {}, {}, {}, {}, {}, {}]}, 0x5c, 0x0) creat(&(0x7f0000000080)='./file0/file0\x00', 0x0) listxattr(&(0x7f00000000c0)='./file0\x00', 0x0, 0x0) 12:32:55 executing program 3: io_setup(0x6, &(0x7f0000000040)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x8c3c1, 0x0) io_submit(r0, 0x4000, &(0x7f00000004c0)=[&(0x7f0000000200)={0x0, 0x0, 0x0, 0x2, 0x0, r1, 0x0, 0x200000000000000}]) 12:32:55 executing program 6: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$ext4(0x0, &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) r0 = syz_mount_image$tmpfs(&(0x7f0000000200), &(0x7f0000000240)='./file0/../file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000400)) name_to_handle_at(r0, &(0x7f0000000000)='\x00', &(0x7f00000001c0)=@reiserfs_5={0x14}, &(0x7f0000000280), 0x1000) [ 132.549342] cgroup: Bad value for 'name' 12:32:55 executing program 7: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) getsockopt$inet6_mreq(r0, 0x29, 0x1, 0x0, &(0x7f0000000040)) 12:32:55 executing program 2: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) mount$cgroup(0x0, &(0x7f0000001400)='./file1\x00', &(0x7f0000001440), 0x0, &(0x7f0000000040)={[{@name={'name', 0x3d, '\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xc76\xa5\x9f\xdf\x0e\xc3\x12\x97mW\xc8\xf3fB\xf8\xf1\xbf3\xc7\b\x06\x9aqq\x97\x0fH\xe0\xfa9\xb1\xb7;HZ\n\xddNF\xbc(\x80\x02R\x00\xe3\xd5\xd0\xbd/\xb60h\xcd\xf7t\xc0\xab\x96\x84\xa7\xc6\x12z\xd5\x03\x02(\x85\xa4\xe4\v\xaet\x8dJ\xed\x98!\x04\x81\\3B\xda\v\x82W\x062\xbf5\xa9\xa7G\xadK\xb0b\xb4\xe1Z\x1a0%H'}}]}) 12:32:55 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x26e1, 0x0) ioctl$EXT4_IOC_GET_ES_CACHE(r0, 0xc0c0583b, &(0x7f0000000240)={0xf0ffffff0f0000}) 12:32:55 executing program 4: r0 = socket$inet_tcp(0x2, 0x1, 0x0) r1 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$sock_linger(r1, 0x1, 0xd, &(0x7f0000000040)={0x1}, 0x8) close_range(r0, 0xffffffffffffffff, 0x0) 12:32:55 executing program 3: io_setup(0x6, &(0x7f0000000040)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x8c3c1, 0x0) io_submit(r0, 0x4000, &(0x7f00000004c0)=[&(0x7f0000000200)={0x0, 0x0, 0x0, 0x2, 0x0, r1, 0x0, 0x200000000000000}]) 12:32:55 executing program 0: syz_mount_image$tmpfs(0x0, &(0x7f0000000700)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) setxattr$system_posix_acl(&(0x7f0000000140)='./file0\x00', &(0x7f0000000180)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [], {}, [{}, {}, {}, {}, {}, {}, {}]}, 0x5c, 0x0) creat(&(0x7f0000000080)='./file0/file0\x00', 0x0) listxattr(&(0x7f00000000c0)='./file0\x00', 0x0, 0x0) [ 132.692510] cgroup: Bad value for 'name' 12:32:55 executing program 6: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$ext4(0x0, &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) r0 = syz_mount_image$tmpfs(&(0x7f0000000200), &(0x7f0000000240)='./file0/../file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000400)) name_to_handle_at(r0, &(0x7f0000000000)='\x00', &(0x7f00000001c0)=@reiserfs_5={0x14}, &(0x7f0000000280), 0x1000) 12:32:55 executing program 7: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) getsockopt$inet6_mreq(r0, 0x29, 0x1, 0x0, &(0x7f0000000040)) 12:32:55 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x26e1, 0x0) ioctl$EXT4_IOC_GET_ES_CACHE(r0, 0xc0c0583b, &(0x7f0000000240)={0xf0ffffff0f0000}) 12:32:55 executing program 0: syz_mount_image$tmpfs(0x0, &(0x7f0000000700)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) setxattr$system_posix_acl(&(0x7f0000000140)='./file0\x00', &(0x7f0000000180)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [], {}, [{}, {}, {}, {}, {}, {}, {}]}, 0x5c, 0x0) creat(&(0x7f0000000080)='./file0/file0\x00', 0x0) listxattr(&(0x7f00000000c0)='./file0\x00', 0x0, 0x0) 12:32:55 executing program 4: r0 = socket$inet_tcp(0x2, 0x1, 0x0) r1 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$sock_linger(r1, 0x1, 0xd, &(0x7f0000000040)={0x1}, 0x8) close_range(r0, 0xffffffffffffffff, 0x0) 12:32:55 executing program 1: syz_mount_image$tmpfs(0x0, &(0x7f0000000700)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) setxattr$system_posix_acl(&(0x7f0000000140)='./file0\x00', &(0x7f0000000180)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [], {}, [{}, {}, {}, {}, {}, {}, {}]}, 0x5c, 0x0) creat(&(0x7f0000000080)='./file0/file0\x00', 0x0) listxattr(&(0x7f00000000c0)='./file0\x00', 0x0, 0x0) 12:32:55 executing program 1: syz_mount_image$tmpfs(0x0, &(0x7f0000000700)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) setxattr$system_posix_acl(&(0x7f0000000140)='./file0\x00', &(0x7f0000000180)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [], {}, [{}, {}, {}, {}, {}, {}, {}]}, 0x5c, 0x0) creat(&(0x7f0000000080)='./file0/file0\x00', 0x0) listxattr(&(0x7f00000000c0)='./file0\x00', 0x0, 0x0) 12:32:55 executing program 2: syz_mount_image$tmpfs(0x0, &(0x7f0000000700)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) setxattr$system_posix_acl(&(0x7f0000000140)='./file0\x00', &(0x7f0000000180)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [], {}, [{}, {}, {}, {}, {}, {}, {}]}, 0x5c, 0x0) creat(&(0x7f0000000080)='./file0/file0\x00', 0x0) listxattr(&(0x7f00000000c0)='./file0\x00', 0x0, 0x0) 12:32:55 executing program 6: r0 = socket$inet_tcp(0x2, 0x1, 0x0) r1 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$sock_linger(r1, 0x1, 0xd, &(0x7f0000000040)={0x1}, 0x8) close_range(r0, 0xffffffffffffffff, 0x0) 12:32:55 executing program 3: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$ext4(0x0, &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) r0 = syz_mount_image$tmpfs(&(0x7f0000000200), &(0x7f0000000240)='./file0/../file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000400)) name_to_handle_at(r0, &(0x7f0000000000)='\x00', &(0x7f00000001c0)=@reiserfs_5={0x14}, &(0x7f0000000280), 0x1000) 12:32:55 executing program 0: r0 = add_key$keyring(&(0x7f0000000240), &(0x7f0000000280)={'syz', 0x0}, 0x0, 0x0, 0xfffffffffffffffd) keyctl$chown(0x4, r0, 0xffffffffffffffff, 0xee01) 12:32:55 executing program 4: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) stat(&(0x7f0000000240)='./file0\x00', &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0}) setresuid(0x0, r0, 0x0) fsopen(0x0, 0x0) 12:32:55 executing program 5: syz_io_uring_setup(0x3250, &(0x7f0000001880), &(0x7f0000feb000/0x14000)=nil, &(0x7f0000feb000/0x2000)=nil, 0x0, 0x0) 12:32:55 executing program 7: r0 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x41, &(0x7f0000000040)=0x146, 0x4) sendmmsg$inet(r0, &(0x7f0000002a00)=[{{&(0x7f0000000000)={0x2, 0x4e21, @empty}, 0x10, 0x0}}], 0x1, 0x0) recvmmsg(r0, &(0x7f0000007c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x40012301, 0x0) 12:32:55 executing program 6: r0 = socket$inet_tcp(0x2, 0x1, 0x0) r1 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$sock_linger(r1, 0x1, 0xd, &(0x7f0000000040)={0x1}, 0x8) close_range(r0, 0xffffffffffffffff, 0x0) 12:32:55 executing program 1: syz_mount_image$tmpfs(0x0, &(0x7f0000000700)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) setxattr$system_posix_acl(&(0x7f0000000140)='./file0\x00', &(0x7f0000000180)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [], {}, [{}, {}, {}, {}, {}, {}, {}]}, 0x5c, 0x0) creat(&(0x7f0000000080)='./file0/file0\x00', 0x0) listxattr(&(0x7f00000000c0)='./file0\x00', 0x0, 0x0) 12:32:55 executing program 2: syz_mount_image$tmpfs(0x0, &(0x7f0000000700)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) setxattr$system_posix_acl(&(0x7f0000000140)='./file0\x00', &(0x7f0000000180)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [], {}, [{}, {}, {}, {}, {}, {}, {}]}, 0x5c, 0x0) creat(&(0x7f0000000080)='./file0/file0\x00', 0x0) listxattr(&(0x7f00000000c0)='./file0\x00', 0x0, 0x0) 12:32:56 executing program 0: r0 = add_key$keyring(&(0x7f0000000240), &(0x7f0000000280)={'syz', 0x0}, 0x0, 0x0, 0xfffffffffffffffd) keyctl$chown(0x4, r0, 0xffffffffffffffff, 0xee01) 12:32:56 executing program 5: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000)='debugfs\x00', 0x0, 0x0) syz_mount_image$tmpfs(&(0x7f00000000c0), &(0x7f0000000140)='./file0\x00', 0x0, 0x0, 0x0, 0x20, &(0x7f0000000300)={[{@gid={'gid', 0x3d, 0xffffffffffffffff}}]}) 12:32:56 executing program 3: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$ext4(0x0, &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) r0 = syz_mount_image$tmpfs(&(0x7f0000000200), &(0x7f0000000240)='./file0/../file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000400)) name_to_handle_at(r0, &(0x7f0000000000)='\x00', &(0x7f00000001c0)=@reiserfs_5={0x14}, &(0x7f0000000280), 0x1000) 12:32:56 executing program 4: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) stat(&(0x7f0000000240)='./file0\x00', &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0}) setresuid(0x0, r0, 0x0) fsopen(0x0, 0x0) 12:32:56 executing program 6: r0 = socket$inet_tcp(0x2, 0x1, 0x0) r1 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$sock_linger(r1, 0x1, 0xd, &(0x7f0000000040)={0x1}, 0x8) close_range(r0, 0xffffffffffffffff, 0x0) 12:32:56 executing program 7: r0 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x41, &(0x7f0000000040)=0x146, 0x4) sendmmsg$inet(r0, &(0x7f0000002a00)=[{{&(0x7f0000000000)={0x2, 0x4e21, @empty}, 0x10, 0x0}}], 0x1, 0x0) recvmmsg(r0, &(0x7f0000007c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x40012301, 0x0) 12:32:56 executing program 2: syz_mount_image$tmpfs(0x0, &(0x7f0000000700)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) setxattr$system_posix_acl(&(0x7f0000000140)='./file0\x00', &(0x7f0000000180)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [], {}, [{}, {}, {}, {}, {}, {}, {}]}, 0x5c, 0x0) creat(&(0x7f0000000080)='./file0/file0\x00', 0x0) listxattr(&(0x7f00000000c0)='./file0\x00', 0x0, 0x0) 12:32:56 executing program 0: r0 = add_key$keyring(&(0x7f0000000240), &(0x7f0000000280)={'syz', 0x0}, 0x0, 0x0, 0xfffffffffffffffd) keyctl$chown(0x4, r0, 0xffffffffffffffff, 0xee01) 12:32:56 executing program 7: r0 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x41, &(0x7f0000000040)=0x146, 0x4) sendmmsg$inet(r0, &(0x7f0000002a00)=[{{&(0x7f0000000000)={0x2, 0x4e21, @empty}, 0x10, 0x0}}], 0x1, 0x0) recvmmsg(r0, &(0x7f0000007c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x40012301, 0x0) 12:32:56 executing program 5: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000)='debugfs\x00', 0x0, 0x0) syz_mount_image$tmpfs(&(0x7f00000000c0), &(0x7f0000000140)='./file0\x00', 0x0, 0x0, 0x0, 0x20, &(0x7f0000000300)={[{@gid={'gid', 0x3d, 0xffffffffffffffff}}]}) 12:32:56 executing program 4: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) stat(&(0x7f0000000240)='./file0\x00', &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0}) setresuid(0x0, r0, 0x0) fsopen(0x0, 0x0) 12:32:56 executing program 3: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$ext4(0x0, &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) r0 = syz_mount_image$tmpfs(&(0x7f0000000200), &(0x7f0000000240)='./file0/../file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000400)) name_to_handle_at(r0, &(0x7f0000000000)='\x00', &(0x7f00000001c0)=@reiserfs_5={0x14}, &(0x7f0000000280), 0x1000) 12:32:56 executing program 6: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000)='debugfs\x00', 0x0, 0x0) syz_mount_image$tmpfs(&(0x7f00000000c0), &(0x7f0000000140)='./file0\x00', 0x0, 0x0, 0x0, 0x20, &(0x7f0000000300)={[{@gid={'gid', 0x3d, 0xffffffffffffffff}}]}) 12:32:56 executing program 1: r0 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x41, &(0x7f0000000040)=0x146, 0x4) sendmmsg$inet(r0, &(0x7f0000002a00)=[{{&(0x7f0000000000)={0x2, 0x4e21, @empty}, 0x10, 0x0}}], 0x1, 0x0) recvmmsg(r0, &(0x7f0000007c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x40012301, 0x0) 12:32:56 executing program 0: r0 = add_key$keyring(&(0x7f0000000240), &(0x7f0000000280)={'syz', 0x0}, 0x0, 0x0, 0xfffffffffffffffd) keyctl$chown(0x4, r0, 0xffffffffffffffff, 0xee01) 12:32:56 executing program 4: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) stat(&(0x7f0000000240)='./file0\x00', &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0}) setresuid(0x0, r0, 0x0) fsopen(0x0, 0x0) 12:32:56 executing program 7: r0 = socket$inet6_udp(0xa, 0x2, 0x0) s VM DIAGNOSIS: 12:32:51 Registers: info registers vcpu 0 RAX=0000000000000000 RBX=0000000000000001 RCX=ffffffff84271427 RDX=ffffed100d9e6fa1 RSI=0000000000000004 RDI=ffff88806cf37d00 RBP=ffff88806cf37d00 RSP=ffff88803f4dfa98 R8 =0000000000000000 R9 =ffff88806cf37d03 R10=ffffed100d9e6fa0 R11=0000000000000001 R12=0000000000000003 R13=ffffed100d9e6fa0 R14=0000000000000001 R15=1ffff11007e9bf54 RIP=ffffffff842714a4 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 0000555556d1f400 00000000 00000000 GS =0000 ffff88806ce00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=0000555556d20c18 CR3=000000003e186000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 YMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM01=0000000000000000 0000000000000000 00007fdee4fbd7c0 00007fdee4fbd7c8 YMM02=0000000000000000 0000000000000000 00007fdee4fbd7e0 00007fdee4fbd7c0 YMM03=0000000000000000 0000000000000000 00007fdee4fbd7c8 00007fdee4fbd7c0 YMM04=0000000000000000 0000000000000000 ffffffffffffffff ffffffff00000000 YMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM06=0000000000000000 0000000000000000 0000000000000000 000000524f525245 YMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM08=0000000000000000 0000000000000000 0000000000000000 00524f5252450040 YMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 RAX=0000000000000038 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff822b17e1 RDI=ffffffff87645be0 RBP=ffffffff87645ba0 RSP=ffff88803f507698 R8 =0000000000000001 R9 =000000000000000a R10=0000000000000038 R11=0000000000000001 R12=0000000000000038 R13=ffffffff87645ba0 R14=0000000000000010 R15=ffffffff822b17d0 RIP=ffffffff822b1839 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 00007f601c793700 00000000 00000000 GS =0000 ffff88806cf00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=000000c00065b000 CR3=0000000019dc0000 CR4=00350ee0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 YMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM01=0000000000000000 0000000000000000 00007f601f3047c0 00007f601f3047c8 YMM02=0000000000000000 0000000000000000 00007f601f3047e0 00007f601f3047c0 YMM03=0000000000000000 0000000000000000 00007f601f3047c8 00007f601f3047c0 YMM04=0000000000000000 0000000000000000 ffffffffffffffff ffffffff00000000 YMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM06=0000000000000000 0000000000000000 0000000000000000 000000524f525245 YMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM08=0000000000000000 0000000000000000 0000000000000000 00524f5252450040 YMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000