Debian GNU/Linux 11 syzkaller ttyS0 Warning: Permanently added '[localhost]:25912' (ECDSA) to the list of known hosts. 2022/02/26 04:56:34 fuzzer started 2022/02/26 04:56:34 dialing manager at localhost:37115 syzkaller login: [ 27.939918] cgroup: Unknown subsys name 'net' [ 27.941093] cgroup: Unknown subsys name 'net_prio' [ 27.943187] cgroup: Unknown subsys name 'devices' [ 27.945149] cgroup: Unknown subsys name 'blkio' [ 27.988614] cgroup: Unknown subsys name 'hugetlb' [ 27.989857] cgroup: Unknown subsys name 'rlimit' 2022/02/26 04:56:45 syscalls: 2218 2022/02/26 04:56:45 code coverage: enabled 2022/02/26 04:56:45 comparison tracing: enabled 2022/02/26 04:56:45 extra coverage: enabled 2022/02/26 04:56:45 setuid sandbox: enabled 2022/02/26 04:56:45 namespace sandbox: enabled 2022/02/26 04:56:45 Android sandbox: enabled 2022/02/26 04:56:45 fault injection: enabled 2022/02/26 04:56:45 leak checking: enabled 2022/02/26 04:56:45 net packet injection: enabled 2022/02/26 04:56:45 net device setup: enabled 2022/02/26 04:56:45 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2022/02/26 04:56:45 devlink PCI setup: PCI device 0000:00:10.0 is not available 2022/02/26 04:56:45 USB emulation: enabled 2022/02/26 04:56:45 hci packet injection: enabled 2022/02/26 04:56:45 wifi device emulation: enabled 2022/02/26 04:56:45 802.15.4 emulation: enabled 2022/02/26 04:56:45 fetching corpus: 0, signal 0/2000 (executing program) 2022/02/26 04:56:45 fetching corpus: 42, signal 27639/31115 (executing program) 2022/02/26 04:56:46 fetching corpus: 86, signal 38304/43215 (executing program) 2022/02/26 04:56:46 fetching corpus: 136, signal 44224/50522 (executing program) 2022/02/26 04:56:46 fetching corpus: 186, signal 49495/57070 (executing program) 2022/02/26 04:56:46 fetching corpus: 235, signal 53923/62778 (executing program) 2022/02/26 04:56:46 fetching corpus: 284, signal 59141/69079 (executing program) 2022/02/26 04:56:46 fetching corpus: 334, signal 63195/74250 (executing program) 2022/02/26 04:56:46 fetching corpus: 384, signal 65915/78151 (executing program) 2022/02/26 04:56:46 fetching corpus: 434, signal 70073/83217 (executing program) 2022/02/26 04:56:46 fetching corpus: 484, signal 73481/87590 (executing program) 2022/02/26 04:56:47 fetching corpus: 534, signal 75790/90918 (executing program) 2022/02/26 04:56:47 fetching corpus: 584, signal 78318/94374 (executing program) 2022/02/26 04:56:47 fetching corpus: 634, signal 80227/97257 (executing program) 2022/02/26 04:56:47 fetching corpus: 684, signal 82388/100292 (executing program) 2022/02/26 04:56:47 fetching corpus: 734, signal 84970/103668 (executing program) 2022/02/26 04:56:47 fetching corpus: 784, signal 86503/106165 (executing program) 2022/02/26 04:56:47 fetching corpus: 834, signal 88554/109094 (executing program) 2022/02/26 04:56:47 fetching corpus: 883, signal 90484/111789 (executing program) 2022/02/26 04:56:48 fetching corpus: 933, signal 92022/114121 (executing program) 2022/02/26 04:56:48 fetching corpus: 983, signal 93711/116570 (executing program) 2022/02/26 04:56:48 fetching corpus: 1033, signal 95213/118850 (executing program) 2022/02/26 04:56:48 fetching corpus: 1083, signal 96283/120723 (executing program) 2022/02/26 04:56:48 fetching corpus: 1133, signal 97941/123044 (executing program) 2022/02/26 04:56:48 fetching corpus: 1183, signal 99119/124962 (executing program) 2022/02/26 04:56:48 fetching corpus: 1232, signal 100246/126781 (executing program) 2022/02/26 04:56:48 fetching corpus: 1282, signal 101216/128526 (executing program) 2022/02/26 04:56:48 fetching corpus: 1332, signal 102513/130460 (executing program) 2022/02/26 04:56:49 fetching corpus: 1381, signal 103724/132352 (executing program) 2022/02/26 04:56:49 fetching corpus: 1431, signal 104694/134051 (executing program) 2022/02/26 04:56:49 fetching corpus: 1481, signal 106331/136136 (executing program) 2022/02/26 04:56:49 fetching corpus: 1531, signal 107819/138118 (executing program) 2022/02/26 04:56:49 fetching corpus: 1580, signal 108712/139622 (executing program) 2022/02/26 04:56:49 fetching corpus: 1630, signal 109809/141296 (executing program) 2022/02/26 04:56:49 fetching corpus: 1680, signal 111091/143079 (executing program) 2022/02/26 04:56:49 fetching corpus: 1730, signal 112001/144559 (executing program) 2022/02/26 04:56:49 fetching corpus: 1780, signal 112995/146155 (executing program) 2022/02/26 04:56:50 fetching corpus: 1830, signal 113758/147552 (executing program) 2022/02/26 04:56:50 fetching corpus: 1880, signal 114558/148921 (executing program) 2022/02/26 04:56:50 fetching corpus: 1930, signal 115563/150416 (executing program) 2022/02/26 04:56:50 fetching corpus: 1977, signal 116720/151954 (executing program) 2022/02/26 04:56:50 fetching corpus: 2027, signal 117744/153400 (executing program) 2022/02/26 04:56:50 fetching corpus: 2076, signal 119093/155055 (executing program) 2022/02/26 04:56:50 fetching corpus: 2126, signal 119877/156348 (executing program) 2022/02/26 04:56:50 fetching corpus: 2176, signal 120536/157533 (executing program) 2022/02/26 04:56:50 fetching corpus: 2226, signal 121564/158898 (executing program) 2022/02/26 04:56:51 fetching corpus: 2276, signal 122947/160476 (executing program) 2022/02/26 04:56:51 fetching corpus: 2326, signal 124522/162142 (executing program) 2022/02/26 04:56:51 fetching corpus: 2376, signal 125236/163290 (executing program) 2022/02/26 04:56:51 fetching corpus: 2426, signal 125930/164396 (executing program) 2022/02/26 04:56:51 fetching corpus: 2475, signal 126770/165599 (executing program) 2022/02/26 04:56:51 fetching corpus: 2523, signal 127643/166807 (executing program) 2022/02/26 04:56:51 fetching corpus: 2573, signal 128273/167849 (executing program) 2022/02/26 04:56:51 fetching corpus: 2623, signal 129017/168945 (executing program) 2022/02/26 04:56:52 fetching corpus: 2672, signal 129640/169953 (executing program) 2022/02/26 04:56:52 fetching corpus: 2722, signal 130261/170942 (executing program) 2022/02/26 04:56:52 fetching corpus: 2772, signal 131606/172319 (executing program) 2022/02/26 04:56:52 fetching corpus: 2820, signal 132336/173310 (executing program) 2022/02/26 04:56:52 fetching corpus: 2869, signal 132937/174297 (executing program) 2022/02/26 04:56:52 fetching corpus: 2919, signal 133500/175248 (executing program) 2022/02/26 04:56:52 fetching corpus: 2969, signal 134134/176188 (executing program) 2022/02/26 04:56:52 fetching corpus: 3019, signal 134583/177074 (executing program) 2022/02/26 04:56:53 fetching corpus: 3069, signal 135233/178037 (executing program) 2022/02/26 04:56:53 fetching corpus: 3118, signal 135983/179005 (executing program) 2022/02/26 04:56:53 fetching corpus: 3167, signal 136675/179925 (executing program) 2022/02/26 04:56:53 fetching corpus: 3217, signal 137229/180769 (executing program) 2022/02/26 04:56:53 fetching corpus: 3266, signal 137953/181682 (executing program) 2022/02/26 04:56:53 fetching corpus: 3314, signal 138536/182534 (executing program) 2022/02/26 04:56:53 fetching corpus: 3364, signal 139145/183369 (executing program) 2022/02/26 04:56:53 fetching corpus: 3412, signal 139728/184181 (executing program) 2022/02/26 04:56:54 fetching corpus: 3460, signal 140322/184991 (executing program) 2022/02/26 04:56:54 fetching corpus: 3510, signal 140929/185804 (executing program) 2022/02/26 04:56:54 fetching corpus: 3559, signal 141591/186608 (executing program) 2022/02/26 04:56:54 fetching corpus: 3606, signal 142218/187411 (executing program) 2022/02/26 04:56:54 fetching corpus: 3655, signal 142652/188113 (executing program) 2022/02/26 04:56:54 fetching corpus: 3705, signal 143578/188955 (executing program) 2022/02/26 04:56:54 fetching corpus: 3755, signal 144364/189742 (executing program) 2022/02/26 04:56:54 fetching corpus: 3804, signal 144736/190438 (executing program) 2022/02/26 04:56:54 fetching corpus: 3853, signal 145429/191141 (executing program) 2022/02/26 04:56:55 fetching corpus: 3903, signal 146355/191945 (executing program) 2022/02/26 04:56:55 fetching corpus: 3953, signal 147082/192636 (executing program) 2022/02/26 04:56:55 fetching corpus: 4003, signal 147627/193312 (executing program) 2022/02/26 04:56:55 fetching corpus: 4053, signal 148034/193982 (executing program) 2022/02/26 04:56:55 fetching corpus: 4103, signal 148484/194606 (executing program) 2022/02/26 04:56:55 fetching corpus: 4151, signal 149108/195253 (executing program) 2022/02/26 04:56:55 fetching corpus: 4199, signal 149708/195874 (executing program) 2022/02/26 04:56:55 fetching corpus: 4248, signal 150107/196441 (executing program) 2022/02/26 04:56:56 fetching corpus: 4296, signal 150593/197033 (executing program) 2022/02/26 04:56:56 fetching corpus: 4346, signal 151129/197620 (executing program) 2022/02/26 04:56:56 fetching corpus: 4396, signal 151590/198173 (executing program) 2022/02/26 04:56:56 fetching corpus: 4444, signal 151925/198725 (executing program) 2022/02/26 04:56:56 fetching corpus: 4494, signal 152281/199298 (executing program) 2022/02/26 04:56:56 fetching corpus: 4544, signal 152682/199907 (executing program) 2022/02/26 04:56:56 fetching corpus: 4593, signal 153039/200473 (executing program) 2022/02/26 04:56:56 fetching corpus: 4642, signal 153561/201007 (executing program) 2022/02/26 04:56:56 fetching corpus: 4690, signal 153975/201541 (executing program) 2022/02/26 04:56:57 fetching corpus: 4738, signal 154382/202063 (executing program) 2022/02/26 04:56:57 fetching corpus: 4788, signal 154837/202605 (executing program) 2022/02/26 04:56:57 fetching corpus: 4838, signal 155394/203156 (executing program) 2022/02/26 04:56:57 fetching corpus: 4888, signal 155849/203657 (executing program) 2022/02/26 04:56:57 fetching corpus: 4938, signal 156362/204120 (executing program) 2022/02/26 04:56:57 fetching corpus: 4986, signal 156811/204584 (executing program) 2022/02/26 04:56:57 fetching corpus: 5035, signal 157136/204759 (executing program) 2022/02/26 04:56:57 fetching corpus: 5084, signal 157420/204759 (executing program) 2022/02/26 04:56:57 fetching corpus: 5133, signal 157689/204760 (executing program) 2022/02/26 04:56:58 fetching corpus: 5182, signal 158157/204770 (executing program) 2022/02/26 04:56:58 fetching corpus: 5230, signal 158592/204772 (executing program) 2022/02/26 04:56:58 fetching corpus: 5280, signal 159017/204772 (executing program) 2022/02/26 04:56:58 fetching corpus: 5329, signal 159452/204772 (executing program) 2022/02/26 04:56:58 fetching corpus: 5379, signal 159928/204772 (executing program) 2022/02/26 04:56:58 fetching corpus: 5429, signal 160340/204772 (executing program) 2022/02/26 04:56:58 fetching corpus: 5477, signal 161152/204772 (executing program) 2022/02/26 04:56:58 fetching corpus: 5527, signal 161507/204772 (executing program) 2022/02/26 04:56:58 fetching corpus: 5577, signal 161948/204772 (executing program) 2022/02/26 04:56:59 fetching corpus: 5627, signal 162559/204772 (executing program) 2022/02/26 04:56:59 fetching corpus: 5676, signal 162871/204772 (executing program) 2022/02/26 04:56:59 fetching corpus: 5724, signal 163256/204779 (executing program) 2022/02/26 04:56:59 fetching corpus: 5774, signal 163885/204779 (executing program) 2022/02/26 04:56:59 fetching corpus: 5824, signal 164158/204779 (executing program) 2022/02/26 04:56:59 fetching corpus: 5874, signal 164550/204779 (executing program) 2022/02/26 04:56:59 fetching corpus: 5923, signal 164997/204788 (executing program) 2022/02/26 04:56:59 fetching corpus: 5972, signal 165373/204788 (executing program) 2022/02/26 04:56:59 fetching corpus: 6022, signal 166275/204791 (executing program) 2022/02/26 04:57:00 fetching corpus: 6072, signal 166750/204791 (executing program) 2022/02/26 04:57:00 fetching corpus: 6122, signal 167082/204791 (executing program) 2022/02/26 04:57:00 fetching corpus: 6172, signal 167413/204791 (executing program) 2022/02/26 04:57:00 fetching corpus: 6219, signal 167712/204791 (executing program) 2022/02/26 04:57:00 fetching corpus: 6269, signal 167970/204791 (executing program) 2022/02/26 04:57:00 fetching corpus: 6319, signal 168434/204791 (executing program) 2022/02/26 04:57:00 fetching corpus: 6368, signal 168826/204791 (executing program) 2022/02/26 04:57:00 fetching corpus: 6417, signal 169253/204791 (executing program) 2022/02/26 04:57:00 fetching corpus: 6467, signal 169479/204791 (executing program) 2022/02/26 04:57:01 fetching corpus: 6514, signal 169734/204800 (executing program) 2022/02/26 04:57:01 fetching corpus: 6563, signal 170206/204800 (executing program) 2022/02/26 04:57:01 fetching corpus: 6613, signal 170753/204803 (executing program) 2022/02/26 04:57:01 fetching corpus: 6663, signal 170988/204803 (executing program) 2022/02/26 04:57:01 fetching corpus: 6713, signal 171261/204803 (executing program) 2022/02/26 04:57:01 fetching corpus: 6763, signal 171584/204803 (executing program) 2022/02/26 04:57:01 fetching corpus: 6813, signal 171847/204803 (executing program) 2022/02/26 04:57:01 fetching corpus: 6862, signal 172330/204803 (executing program) 2022/02/26 04:57:01 fetching corpus: 6912, signal 172606/204828 (executing program) 2022/02/26 04:57:02 fetching corpus: 6960, signal 172906/204838 (executing program) 2022/02/26 04:57:02 fetching corpus: 7010, signal 173167/204838 (executing program) 2022/02/26 04:57:02 fetching corpus: 7060, signal 173507/204841 (executing program) 2022/02/26 04:57:02 fetching corpus: 7110, signal 173889/204841 (executing program) 2022/02/26 04:57:02 fetching corpus: 7159, signal 174185/204841 (executing program) 2022/02/26 04:57:02 fetching corpus: 7209, signal 174552/204841 (executing program) 2022/02/26 04:57:02 fetching corpus: 7259, signal 174880/204849 (executing program) 2022/02/26 04:57:02 fetching corpus: 7309, signal 175142/204849 (executing program) 2022/02/26 04:57:02 fetching corpus: 7359, signal 175438/204849 (executing program) 2022/02/26 04:57:03 fetching corpus: 7409, signal 175687/204851 (executing program) 2022/02/26 04:57:03 fetching corpus: 7457, signal 175953/204860 (executing program) 2022/02/26 04:57:03 fetching corpus: 7506, signal 176493/204860 (executing program) 2022/02/26 04:57:03 fetching corpus: 7556, signal 176818/204860 (executing program) 2022/02/26 04:57:03 fetching corpus: 7605, signal 177041/204860 (executing program) 2022/02/26 04:57:03 fetching corpus: 7654, signal 177451/204860 (executing program) 2022/02/26 04:57:03 fetching corpus: 7703, signal 177752/204860 (executing program) 2022/02/26 04:57:03 fetching corpus: 7753, signal 178012/204860 (executing program) 2022/02/26 04:57:03 fetching corpus: 7803, signal 178290/204860 (executing program) 2022/02/26 04:57:03 fetching corpus: 7851, signal 178579/204861 (executing program) 2022/02/26 04:57:04 fetching corpus: 7901, signal 178842/204867 (executing program) 2022/02/26 04:57:04 fetching corpus: 7950, signal 179146/204867 (executing program) 2022/02/26 04:57:04 fetching corpus: 8000, signal 179424/204867 (executing program) 2022/02/26 04:57:04 fetching corpus: 8050, signal 180002/204867 (executing program) 2022/02/26 04:57:04 fetching corpus: 8099, signal 180287/204869 (executing program) 2022/02/26 04:57:04 fetching corpus: 8147, signal 180553/204869 (executing program) 2022/02/26 04:57:04 fetching corpus: 8197, signal 180858/204869 (executing program) 2022/02/26 04:57:04 fetching corpus: 8247, signal 181143/204872 (executing program) 2022/02/26 04:57:04 fetching corpus: 8297, signal 181430/204872 (executing program) 2022/02/26 04:57:05 fetching corpus: 8347, signal 181741/204872 (executing program) 2022/02/26 04:57:05 fetching corpus: 8396, signal 181958/204872 (executing program) 2022/02/26 04:57:05 fetching corpus: 8444, signal 182243/204909 (executing program) 2022/02/26 04:57:05 fetching corpus: 8492, signal 182552/204909 (executing program) 2022/02/26 04:57:05 fetching corpus: 8541, signal 182832/204909 (executing program) 2022/02/26 04:57:05 fetching corpus: 8589, signal 183104/204909 (executing program) 2022/02/26 04:57:05 fetching corpus: 8638, signal 183383/204951 (executing program) 2022/02/26 04:57:05 fetching corpus: 8686, signal 183722/204951 (executing program) 2022/02/26 04:57:05 fetching corpus: 8735, signal 184036/204951 (executing program) 2022/02/26 04:57:06 fetching corpus: 8784, signal 184305/204951 (executing program) 2022/02/26 04:57:06 fetching corpus: 8831, signal 184550/204951 (executing program) 2022/02/26 04:57:06 fetching corpus: 8881, signal 184844/204951 (executing program) 2022/02/26 04:57:06 fetching corpus: 8931, signal 185155/204951 (executing program) 2022/02/26 04:57:06 fetching corpus: 8979, signal 185403/204951 (executing program) 2022/02/26 04:57:06 fetching corpus: 9028, signal 185693/204951 (executing program) 2022/02/26 04:57:06 fetching corpus: 9078, signal 185896/204956 (executing program) 2022/02/26 04:57:07 fetching corpus: 9126, signal 186143/204956 (executing program) 2022/02/26 04:57:07 fetching corpus: 9176, signal 186416/204956 (executing program) 2022/02/26 04:57:07 fetching corpus: 9223, signal 186639/204956 (executing program) 2022/02/26 04:57:07 fetching corpus: 9272, signal 187110/204956 (executing program) 2022/02/26 04:57:07 fetching corpus: 9321, signal 187335/204956 (executing program) 2022/02/26 04:57:07 fetching corpus: 9371, signal 187602/204956 (executing program) 2022/02/26 04:57:07 fetching corpus: 9421, signal 187818/204956 (executing program) 2022/02/26 04:57:07 fetching corpus: 9467, signal 188238/204967 (executing program) 2022/02/26 04:57:07 fetching corpus: 9516, signal 188475/204967 (executing program) 2022/02/26 04:57:07 fetching corpus: 9565, signal 188706/204967 (executing program) 2022/02/26 04:57:08 fetching corpus: 9615, signal 188878/204967 (executing program) 2022/02/26 04:57:08 fetching corpus: 9664, signal 189132/204967 (executing program) 2022/02/26 04:57:08 fetching corpus: 9714, signal 189424/204976 (executing program) 2022/02/26 04:57:08 fetching corpus: 9764, signal 189734/204976 (executing program) 2022/02/26 04:57:08 fetching corpus: 9813, signal 190019/204976 (executing program) 2022/02/26 04:57:08 fetching corpus: 9860, signal 190251/204976 (executing program) 2022/02/26 04:57:08 fetching corpus: 9906, signal 190486/204976 (executing program) 2022/02/26 04:57:08 fetching corpus: 9954, signal 190700/204976 (executing program) 2022/02/26 04:57:08 fetching corpus: 10002, signal 190939/204981 (executing program) 2022/02/26 04:57:09 fetching corpus: 10051, signal 191228/204984 (executing program) 2022/02/26 04:57:09 fetching corpus: 10099, signal 191448/204986 (executing program) 2022/02/26 04:57:09 fetching corpus: 10149, signal 191761/204986 (executing program) 2022/02/26 04:57:09 fetching corpus: 10197, signal 192048/204986 (executing program) 2022/02/26 04:57:09 fetching corpus: 10246, signal 192232/205003 (executing program) 2022/02/26 04:57:09 fetching corpus: 10296, signal 192467/205003 (executing program) 2022/02/26 04:57:09 fetching corpus: 10345, signal 192770/205003 (executing program) 2022/02/26 04:57:09 fetching corpus: 10395, signal 193076/205003 (executing program) 2022/02/26 04:57:10 fetching corpus: 10444, signal 193335/205003 (executing program) 2022/02/26 04:57:10 fetching corpus: 10493, signal 193674/205014 (executing program) 2022/02/26 04:57:10 fetching corpus: 10542, signal 193881/205014 (executing program) 2022/02/26 04:57:10 fetching corpus: 10591, signal 194092/205014 (executing program) 2022/02/26 04:57:10 fetching corpus: 10639, signal 194339/205014 (executing program) 2022/02/26 04:57:10 fetching corpus: 10689, signal 194560/205014 (executing program) 2022/02/26 04:57:10 fetching corpus: 10738, signal 194909/205029 (executing program) 2022/02/26 04:57:10 fetching corpus: 10786, signal 195122/205029 (executing program) 2022/02/26 04:57:10 fetching corpus: 10836, signal 195317/205031 (executing program) 2022/02/26 04:57:11 fetching corpus: 10885, signal 195507/205031 (executing program) 2022/02/26 04:57:11 fetching corpus: 10934, signal 195754/205031 (executing program) 2022/02/26 04:57:11 fetching corpus: 10984, signal 196068/205031 (executing program) 2022/02/26 04:57:11 fetching corpus: 11032, signal 196313/205040 (executing program) 2022/02/26 04:57:11 fetching corpus: 11082, signal 196472/205040 (executing program) 2022/02/26 04:57:11 fetching corpus: 11131, signal 196687/205051 (executing program) 2022/02/26 04:57:11 fetching corpus: 11179, signal 196889/205051 (executing program) 2022/02/26 04:57:11 fetching corpus: 11229, signal 197156/205051 (executing program) 2022/02/26 04:57:11 fetching corpus: 11279, signal 197313/205051 (executing program) 2022/02/26 04:57:12 fetching corpus: 11329, signal 197482/205051 (executing program) 2022/02/26 04:57:12 fetching corpus: 11379, signal 197698/205051 (executing program) 2022/02/26 04:57:12 fetching corpus: 11427, signal 197907/205051 (executing program) 2022/02/26 04:57:12 fetching corpus: 11477, signal 198125/205051 (executing program) 2022/02/26 04:57:12 fetching corpus: 11527, signal 198316/205051 (executing program) 2022/02/26 04:57:12 fetching corpus: 11577, signal 198566/205052 (executing program) 2022/02/26 04:57:12 fetching corpus: 11626, signal 198749/205052 (executing program) 2022/02/26 04:57:12 fetching corpus: 11675, signal 198994/205052 (executing program) 2022/02/26 04:57:12 fetching corpus: 11724, signal 199173/205052 (executing program) 2022/02/26 04:57:12 fetching corpus: 11773, signal 199392/205052 (executing program) 2022/02/26 04:57:13 fetching corpus: 11823, signal 199515/205052 (executing program) 2022/02/26 04:57:13 fetching corpus: 11872, signal 199717/205052 (executing program) 2022/02/26 04:57:13 fetching corpus: 11921, signal 199950/205052 (executing program) 2022/02/26 04:57:13 fetching corpus: 11971, signal 200238/205052 (executing program) 2022/02/26 04:57:13 fetching corpus: 12017, signal 200445/205059 (executing program) 2022/02/26 04:57:13 fetching corpus: 12067, signal 200621/205059 (executing program) 2022/02/26 04:57:13 fetching corpus: 12117, signal 200803/205059 (executing program) 2022/02/26 04:57:13 fetching corpus: 12167, signal 200964/205059 (executing program) 2022/02/26 04:57:13 fetching corpus: 12214, signal 201127/205059 (executing program) 2022/02/26 04:57:14 fetching corpus: 12264, signal 201335/205059 (executing program) 2022/02/26 04:57:14 fetching corpus: 12314, signal 201614/205059 (executing program) 2022/02/26 04:57:14 fetching corpus: 12364, signal 201757/205059 (executing program) 2022/02/26 04:57:14 fetching corpus: 12411, signal 201961/205059 (executing program) 2022/02/26 04:57:14 fetching corpus: 12461, signal 202141/205059 (executing program) 2022/02/26 04:57:14 fetching corpus: 12510, signal 202328/205059 (executing program) 2022/02/26 04:57:14 fetching corpus: 12560, signal 202492/205059 (executing program) 2022/02/26 04:57:14 fetching corpus: 12609, signal 202782/205059 (executing program) 2022/02/26 04:57:14 fetching corpus: 12656, signal 202973/205059 (executing program) 2022/02/26 04:57:15 fetching corpus: 12705, signal 203120/205059 (executing program) 2022/02/26 04:57:15 fetching corpus: 12744, signal 203345/205059 (executing program) 2022/02/26 04:57:15 fetching corpus: 12744, signal 203346/205059 (executing program) 2022/02/26 04:57:15 fetching corpus: 12744, signal 203346/205059 (executing program) 2022/02/26 04:57:17 starting 8 fuzzer processes 04:57:17 executing program 0: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$netlink(r0, &(0x7f0000001480)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)={0x18, 0x43, 0x1, 0x0, 0x0, "", [@typed={0x8, 0x0, 0x0, 0x0, @fd}]}, 0x18}], 0x1}, 0x0) 04:57:17 executing program 2: r0 = memfd_create(&(0x7f0000000400)='B\xdb/\x89\x03l\xdeb\xcb\xb54\xed\xbeLY\xb5Z\xe1\x12S\xf5G\xcc\xf3\xe9\x02h\v\xca(\x96\xe1C\xdf\x1c\xea\x85C\xfb\x10\x13\xfa\x03\x16\xcd\x17\xa2\x80\xa1z\xb4r\x95\xc3@\x9d\xa6\xf1\x92#}g\xd3`\xf7\xcez\xcb\xb3\x1a\xbb\xc48e\x8e\xb1&\xd1\x8a\xe6!\x7f\x8d\xea,qx\xa28\xbf\"\xc7e\x06L\xb06\xeb<$\xd7\xba\xe5\x01\x03\x94r\xab\xd4J\x03s\xaf\xf6A\xbfV\xfa\x1ew\x8d\xbf\x99I\x97\xd8\xd2\xe8\x11\xc4\x04\x00\x84\xd5i\xee\xaf\xae[E\x1f\xdd\xd7#rT+\xb621p\xaf[\x99\" 1\xeb\xc7)\xd2\x1dh\xf2\xd5s\xfd?\fa>\x9f;\xe5r\xe5\xbd\xb0|=\x8eZcPY\xf8\xbd\x13\xaa\x8b\xdf\xbc\x93u\xd5\xb0r\xfb\xde\xe7\xd9k\xe2\xc6\x1b\xf2o@&>\xf2M\xe7\x8c\xeb\xee\xf5\x02~\x85\x14\xf3\xc6v\xf15PE\x8c\xca\x16$\xc2\x01#\xb563\rbq\xbf64\xfaW\x17\xdfa\xe6\xca\x86\xd7\xf8\x81X\x9bg4\xc1\xdam\xcf=Rq6\xb0\xd4D=I\x1a\x0e\xd0\xabz\xe2\x19\x0fM\xad\xdco\xa4\xb2\x8c?\xc1\x10\xf273\xd00\xb3_\xe8\x9a*\xfcL\xea;\xc0\x9a\xdbx!N;\xb5x\t\xa4E\xbe\x93r\x04\xf5\xf0\xf5\x7f\x9a)\xf5\x1b\"\xa1\xd8\x06>\xc9\xe2r\xe9\xbb\xfe\xc0\b\x81\x98\x1c\xe2\xe0?\x8f\xa1\xbel\aN\x83@\xb1\x03)4A\x83\xd6\xcf\xf6\xb5\x82\xb7\x9dA\b$\xa2x\x8a@\xfaj~\xef\x93\xb1/L\x01\xe2\xba|\xf0\x01)PP\xcdl\x06\xfc\x15;qZ\xb1u\xc9\xd0\xd16~JEGm\xe4\x1e@\x9dG\xe4@\xdf\xba\'\x8b\x1cD\xc7\xec\xd1@}tR\xd9P\xf4N\xe3\xd8x\xa0\x91\x17\xc2}\x13\b\xca\t(Z\xa3_\xa1\x90\x15T\xa4\xe7%\x98\xa7\xfb\x8bp/eq\x93\xbf\x1f =|\xf3\xb1\xfcR\xd8\nM,\xcb%@\'\x15\x88\xd8\xad\f\x91|\x95\x8fq+\x98\x81W\xba\x9f\xe0elOt\xbd\by\r\x87\x1c\xba\xbd\x8e+S>\xb8\xe29\x91h^x\xfb`\x00\xdd/\xa6\xb1\x16=\xa1bw\xc5I\xb1\x00'/549, 0x2) pwrite64(r0, &(0x7f0000000040)="080a3153087f04583985cf25918c99a2ae4e6c54c56b8881cc90329bb70beee10815a75dbbb52812736a910940b4d9be567e6f7357e2b22b6a7db5338d219684b048f6880f147fafebcde911d880590c47d7786598d86b9e0857b486273a0a36c92d1a2a1341a63272f93c791787cd93fa0f9a2e8448edc0760ea957310348a44602117d235f", 0xfffffcb4, 0x0) fcntl$addseals(r0, 0x409, 0x0) 04:57:17 executing program 5: r0 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f00000002c0)={0xa, 0x4e20, 0x0, @empty}, 0x1c) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x4e20, 0x10001, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c) sendmmsg(r0, &(0x7f0000004240)=[{{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000300)="e9", 0x100000}], 0x1}}], 0x1, 0x0) recvfrom(r0, &(0x7f00000003c0)=""/87, 0x20010397, 0x300, 0x0, 0x0) ioctl$sock_ipv6_tunnel_SIOCADDPRL(0xffffffffffffffff, 0x89f5, 0x0) sendmmsg$inet6(r0, &(0x7f0000002f00)=[{{0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000180)="1b", 0x1}], 0x1, &(0x7f0000000100)=ANY=[@ANYBLOB="200000000000000029000000040000000c020000000000000401b40001000000"], 0x20}}], 0x1, 0x10894) write$binfmt_elf64(0xffffffffffffffff, 0x0, 0x0) sendmmsg$inet6(r0, &(0x7f0000000140)=[{{0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000680)="b3ecb3994e1c", 0x6}], 0x1}}], 0x1, 0x41) 04:57:17 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) syz_mount_image$ext4(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(0x0, 0x0) pwrite64(r0, &(0x7f0000000000)='y', 0xfffffe5f, 0x8040c00) 04:57:17 executing program 4: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0, 0x0) lseek(r0, 0x0, 0x4) [ 70.603725] audit: type=1400 audit(1645851437.418:6): avc: denied { execmem } for pid=282 comm="syz-executor.0" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1 04:57:17 executing program 7: r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000180), 0x0) ioctl$SNDRV_TIMER_IOCTL_GSTATUS(r0, 0xc0505405, &(0x7f00000001c0)) 04:57:17 executing program 1: r0 = socket$inet_udp(0x2, 0x2, 0x0) getsockopt$inet_int(r0, 0x0, 0xc, 0x0, &(0x7f00000001c0)) 04:57:17 executing program 6: openat$nvram(0xffffffffffffff9c, &(0x7f0000000000), 0x42a01, 0x0) syz_open_procfs(0xffffffffffffffff, &(0x7f0000002480)='fd/3\x00') [ 71.769747] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 71.771527] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 71.773233] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 71.774804] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 71.776614] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 71.779057] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 71.780939] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 71.783212] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 71.784894] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 71.788550] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 71.802169] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 71.826395] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 71.830978] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 71.833491] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 71.835140] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 71.844637] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 71.846433] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 71.848592] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 71.872512] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 71.872649] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 71.876219] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 71.877793] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 71.880134] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 71.881815] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 71.883822] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 71.897276] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 71.898902] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 71.904412] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 71.906026] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 71.908150] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 71.909951] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 71.912497] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 71.914596] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 71.916262] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 71.918317] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 71.920271] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 73.853489] Bluetooth: hci1: command 0x0409 tx timeout [ 73.854284] Bluetooth: hci3: Opcode 0x c03 failed: -110 [ 73.855094] Bluetooth: hci2: Opcode 0x c03 failed: -110 [ 73.856263] Bluetooth: hci0: command 0x0409 tx timeout [ 73.917519] Bluetooth: hci5: command 0x0409 tx timeout [ 73.917557] Bluetooth: hci4: command 0x0409 tx timeout [ 73.982595] Bluetooth: hci7: command 0x0409 tx timeout [ 73.983481] Bluetooth: hci6: command 0x0409 tx timeout [ 75.901542] Bluetooth: hci0: command 0x041b tx timeout [ 75.902325] Bluetooth: hci1: command 0x041b tx timeout [ 75.965514] Bluetooth: hci4: command 0x041b tx timeout [ 75.966157] Bluetooth: hci5: command 0x041b tx timeout [ 76.029481] Bluetooth: hci6: command 0x041b tx timeout [ 76.030116] Bluetooth: hci7: command 0x041b tx timeout [ 77.949470] Bluetooth: hci1: command 0x040f tx timeout [ 77.950087] Bluetooth: hci0: command 0x040f tx timeout [ 78.013531] Bluetooth: hci5: command 0x040f tx timeout [ 78.014407] Bluetooth: hci4: command 0x040f tx timeout [ 78.077498] Bluetooth: hci7: command 0x040f tx timeout [ 78.078184] Bluetooth: hci6: command 0x040f tx timeout [ 78.654500] Bluetooth: hci2: Opcode 0x c03 failed: -110 [ 78.781494] Bluetooth: hci3: Opcode 0x c03 failed: -110 [ 79.998516] Bluetooth: hci0: command 0x0419 tx timeout [ 79.999206] Bluetooth: hci1: command 0x0419 tx timeout [ 80.061513] Bluetooth: hci4: command 0x0419 tx timeout [ 80.062234] Bluetooth: hci5: command 0x0419 tx timeout [ 80.126669] Bluetooth: hci6: command 0x0419 tx timeout [ 80.127309] Bluetooth: hci7: command 0x0419 tx timeout [ 81.412592] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 81.413413] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 81.414528] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 81.416862] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 81.421551] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 81.423576] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 83.133751] Bluetooth: hci2: Opcode 0x c03 failed: -110 [ 83.453546] Bluetooth: hci3: command 0x0409 tx timeout [ 85.501516] Bluetooth: hci3: command 0x041b tx timeout [ 86.082619] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 86.083418] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 86.084691] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 86.142229] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 86.143319] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 86.144161] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready 04:57:33 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x10) sendmsg$netlink(r0, &(0x7f0000007ec0)={0x0, 0x156e, &(0x7f0000000080)=[{&(0x7f00000000c0)={0x20, 0x1d, 0x1, 0x0, 0x0, "", [@typed={0x4, 0x0, 0x0, 0x0, @binary}, @nested={0xc, 0x11, 0x0, 0x1, [@typed={0x8, 0x0, 0x0, 0x0, @fd}]}]}, 0x20}], 0x1}, 0x0) 04:57:33 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x10) sendmsg$netlink(r0, &(0x7f0000007ec0)={0x0, 0x156e, &(0x7f0000000080)=[{&(0x7f00000000c0)={0x20, 0x1d, 0x1, 0x0, 0x0, "", [@typed={0x4, 0x0, 0x0, 0x0, @binary}, @nested={0xc, 0x11, 0x0, 0x1, [@typed={0x8, 0x0, 0x0, 0x0, @fd}]}]}, 0x20}], 0x1}, 0x0) 04:57:33 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x10) sendmsg$netlink(r0, &(0x7f0000007ec0)={0x0, 0x156e, &(0x7f0000000080)=[{&(0x7f00000000c0)={0x20, 0x1d, 0x1, 0x0, 0x0, "", [@typed={0x4, 0x0, 0x0, 0x0, @binary}, @nested={0xc, 0x11, 0x0, 0x1, [@typed={0x8, 0x0, 0x0, 0x0, @fd}]}]}, 0x20}], 0x1}, 0x0) [ 86.873491] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 86.875033] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 86.876501] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready 04:57:33 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x10) sendmsg$netlink(r0, &(0x7f0000007ec0)={0x0, 0x156e, &(0x7f0000000080)=[{&(0x7f00000000c0)={0x20, 0x1d, 0x1, 0x0, 0x0, "", [@typed={0x4, 0x0, 0x0, 0x0, @binary}, @nested={0xc, 0x11, 0x0, 0x1, [@typed={0x8, 0x0, 0x0, 0x0, @fd}]}]}, 0x20}], 0x1}, 0x0) [ 87.038640] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 87.040066] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 87.045603] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready 04:57:34 executing program 1: r0 = socket$inet6(0xa, 0x1, 0x0) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @remote}}, 0x1c) setsockopt$inet6_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f00000001c0)=0x1, 0x4) setsockopt$inet6_tcp_TCP_MD5SIG(r0, 0x6, 0xe, &(0x7f0000000200)={@in6={{0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @broadcast}}}, 0x0, 0x0, 0x38, 0x0, "214c7b9ab8cc33ae9f64baab2365176fb706bb51f035429511433a86a4a058470af7d1777a36fbb58bcfbb233e0d07f46d43e58611a03215b1c1b897cce295eac67a9f27b1c34bb6b13ecebf57cbf307"}, 0xd8) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @dev, 0x1}, 0x1c) [ 87.362898] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 87.363993] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 87.365111] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 87.388551] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 87.389343] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 87.390382] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready 04:57:34 executing program 1: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000180), 0x4) bind$packet(r0, &(0x7f0000000380), 0x14) 04:57:34 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) r2 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_GET_SCAN(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000040)={0x1c, r1, 0x301, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}}, 0x1c}}, 0x0) [ 87.475152] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 87.475956] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 87.476871] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 87.550346] Bluetooth: hci3: command 0x040f tx timeout [ 87.552303] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 87.553824] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 87.555485] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 87.672701] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 87.674233] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 87.675949] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready 04:57:34 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) r2 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_GET_SCAN(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000040)={0x1c, r1, 0x301, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}}, 0x1c}}, 0x0) [ 87.734563] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.0'. [ 87.748128] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 87.748961] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 87.750642] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 87.790663] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 87.791467] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 87.792309] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 87.806776] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 87.807589] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 87.808418] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 87.934144] Bluetooth: hci2: Opcode 0x c03 failed: -110 [ 89.597495] Bluetooth: hci3: command 0x0419 tx timeout [ 92.046242] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 92.047692] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 92.058819] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 92.065475] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 92.066974] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 92.068576] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 92.285476] Bluetooth: hci2: Opcode 0x c03 failed: -110 [ 96.509513] Bluetooth: hci2: Opcode 0x c03 failed: -110 [ 98.698475] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 98.700728] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 98.703050] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 98.705693] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 98.710059] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 98.711638] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 100.733554] Bluetooth: hci2: command 0x0409 tx timeout [ 102.781491] Bluetooth: hci2: command 0x041b tx timeout [ 104.829491] Bluetooth: hci2: command 0x040f tx timeout [ 105.609336] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 105.611013] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 105.612468] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 105.646142] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 105.647712] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 105.649146] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready 04:57:52 executing program 0: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) socket$inet_tcp(0x2, 0x1, 0x0) socket$nl_xfrm(0x10, 0x3, 0x6) socket$nl_generic(0x10, 0x3, 0x10) syz_open_procfs(0x0, &(0x7f0000000f00)='mountinfo\x00') pselect6(0x40, &(0x7f0000000100)={0x5e}, 0x0, 0x0, 0x0, 0x0) 04:57:52 executing program 2: r0 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f00000002c0)={0xa, 0x4e20, 0x0, @empty}, 0x1c) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x4e20, 0x10001, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c) sendmmsg(r0, &(0x7f0000004240)=[{{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000300)="e9", 0x100000}], 0x1}}], 0x1, 0x0) recvfrom(r0, &(0x7f00000003c0)=""/87, 0x20010397, 0x300, 0x0, 0x0) ioctl$sock_ipv6_tunnel_SIOCADDPRL(0xffffffffffffffff, 0x89f5, 0x0) sendmmsg$inet6(r0, &(0x7f0000002f00)=[{{0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000180)="1b", 0x1}], 0x1, &(0x7f0000000100)=ANY=[@ANYBLOB="200000000000000029000000040000000c020000000000000401b40001000000"], 0x20}}], 0x1, 0x10894) write$binfmt_elf64(0xffffffffffffffff, 0x0, 0x0) sendmmsg$inet6(r0, &(0x7f0000000140)=[{{0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000680)="b3ecb3994e1c", 0x6}], 0x1}}], 0x1, 0x41) 04:57:52 executing program 3: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) stat(&(0x7f0000000240)='./file0\x00', &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0}) setresuid(0x0, r0, 0x0) setxattr$security_capability(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040), &(0x7f0000000080)=@v2, 0x14, 0x0) 04:57:52 executing program 4: r0 = socket$inet_udp(0x2, 0x2, 0x0) getsockopt$inet_int(r0, 0x0, 0x13, 0x0, &(0x7f00000001c0)) 04:57:52 executing program 5: r0 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f00000002c0)={0xa, 0x4e20, 0x0, @empty}, 0x1c) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x4e20, 0x10001, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c) sendmmsg(r0, &(0x7f0000004240)=[{{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000300)="e9", 0x100000}], 0x1}}], 0x1, 0x0) recvfrom(r0, &(0x7f00000003c0)=""/87, 0x20010397, 0x300, 0x0, 0x0) ioctl$sock_ipv6_tunnel_SIOCADDPRL(0xffffffffffffffff, 0x89f5, 0x0) sendmmsg$inet6(r0, &(0x7f0000002f00)=[{{0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000180)="1b", 0x1}], 0x1, &(0x7f0000000100)=ANY=[@ANYBLOB="200000000000000029000000040000000c020000000000000401b40001000000"], 0x20}}], 0x1, 0x10894) write$binfmt_elf64(0xffffffffffffffff, 0x0, 0x0) sendmmsg$inet6(r0, &(0x7f0000000140)=[{{0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000680)="b3ecb3994e1c", 0x6}], 0x1}}], 0x1, 0x41) 04:57:52 executing program 6: r0 = syz_open_dev$tty20(0xc, 0x4, 0x1) ioctl$TCXONC(r0, 0x540a, 0x0) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x8}) ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000080)) 04:57:52 executing program 7: syz_mount_image$nfs(&(0x7f0000001880), &(0x7f00000018c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001a80)={[{'\x03\x00\x00\x00'}]}) 04:57:52 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) r2 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_GET_SCAN(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000040)={0x1c, r1, 0x301, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}}, 0x1c}}, 0x0) 04:57:52 executing program 4: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) io_setup(0x400, &(0x7f0000000000)=0x0) io_getevents(r0, 0x0, 0x0, 0x0, 0x0) 04:57:52 executing program 7: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) readahead(r0, 0x0, 0x0) 04:57:52 executing program 3: symlink(&(0x7f0000000000)='./file0/../file0\x00', &(0x7f00000000c0)='./file0\x00') mknod$loop(&(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x1) 04:57:52 executing program 6: r0 = syz_open_dev$tty20(0xc, 0x4, 0x1) ioctl$TCXONC(r0, 0x540a, 0x0) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x8}) ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000080)) 04:57:52 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) r2 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_GET_SCAN(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000040)={0x1c, r1, 0x301, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}}, 0x1c}}, 0x0) 04:57:52 executing program 0: r0 = syz_open_dev$evdev(&(0x7f0000000980), 0x0, 0x0) ioctl$EVIOCGSND(r0, 0x8040451a, 0x0) ioctl$EVIOCGKEY(r0, 0x80404518, &(0x7f0000000000)=""/208) 04:57:52 executing program 7: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) ioctl$EXT4_IOC_GET_ES_CACHE(r0, 0x40305839, &(0x7f0000000040)=ANY=[@ANYBLOB="06000000ffff0000000000000000000000000008"]) ioctl$TIOCGPTLCK(0xffffffffffffffff, 0x80045439, 0x0) syz_open_dev$tty20(0xc, 0x4, 0x1) syz_open_dev$tty20(0xc, 0x4, 0x1) openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$EXT4_IOC_GET_ES_CACHE(0xffffffffffffffff, 0x40305839, &(0x7f0000000040)=ANY=[]) ioctl$KDGETKEYCODE(r0, 0x4b4c, 0x0) [ 106.088207] audit: type=1400 audit(1645851472.903:7): avc: denied { open } for pid=4016 comm="syz-executor.3" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 [ 106.092141] audit: type=1400 audit(1645851472.903:8): avc: denied { kernel } for pid=4016 comm="syz-executor.3" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 04:57:52 executing program 3: perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x1, 0x0, 0x0, 0x0, 0x0, 0x88, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 04:57:52 executing program 4: syz_genetlink_get_family_id$tipc2(&(0x7f00000001c0), 0xffffffffffffffff) syz_io_uring_complete(0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000001dc0), 0xffffffffffffffff) 04:57:52 executing program 2: r0 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f00000002c0)={0xa, 0x4e20, 0x0, @empty}, 0x1c) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x4e20, 0x10001, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c) sendmmsg(r0, &(0x7f0000004240)=[{{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000300)="e9", 0x100000}], 0x1}}], 0x1, 0x0) recvfrom(r0, &(0x7f00000003c0)=""/87, 0x20010397, 0x300, 0x0, 0x0) ioctl$sock_ipv6_tunnel_SIOCADDPRL(0xffffffffffffffff, 0x89f5, 0x0) sendmmsg$inet6(r0, &(0x7f0000002f00)=[{{0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000180)="1b", 0x1}], 0x1, &(0x7f0000000100)=ANY=[@ANYBLOB="200000000000000029000000040000000c020000000000000401b40001000000"], 0x20}}], 0x1, 0x10894) write$binfmt_elf64(0xffffffffffffffff, 0x0, 0x0) sendmmsg$inet6(r0, &(0x7f0000000140)=[{{0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000680)="b3ecb3994e1c", 0x6}], 0x1}}], 0x1, 0x41) 04:57:52 executing program 5: r0 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f00000002c0)={0xa, 0x4e20, 0x0, @empty}, 0x1c) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x4e20, 0x10001, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c) sendmmsg(r0, &(0x7f0000004240)=[{{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000300)="e9", 0x100000}], 0x1}}], 0x1, 0x0) recvfrom(r0, &(0x7f00000003c0)=""/87, 0x20010397, 0x300, 0x0, 0x0) ioctl$sock_ipv6_tunnel_SIOCADDPRL(0xffffffffffffffff, 0x89f5, 0x0) sendmmsg$inet6(r0, &(0x7f0000002f00)=[{{0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000180)="1b", 0x1}], 0x1, &(0x7f0000000100)=ANY=[@ANYBLOB="200000000000000029000000040000000c020000000000000401b40001000000"], 0x20}}], 0x1, 0x10894) write$binfmt_elf64(0xffffffffffffffff, 0x0, 0x0) sendmmsg$inet6(r0, &(0x7f0000000140)=[{{0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000680)="b3ecb3994e1c", 0x6}], 0x1}}], 0x1, 0x41) 04:57:52 executing program 6: r0 = syz_open_dev$tty20(0xc, 0x4, 0x1) ioctl$TCXONC(r0, 0x540a, 0x0) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x8}) ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000080)) 04:57:52 executing program 3: mkdir(&(0x7f0000003b80)='./file0\x00', 0x0) stat(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0}) setresuid(0x0, r0, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0) preadv(r1, &(0x7f00000011c0)=[{&(0x7f0000000180)=""/4096, 0x1000}], 0x1, 0x0, 0x2) r2 = openat$null(0xffffffffffffff9c, &(0x7f0000000100), 0x80800, 0x0) setsockopt$inet6_udp_int(r2, 0x11, 0x65, &(0x7f0000000140)=0x80000000, 0x4) r3 = socket$inet6_udp(0xa, 0x2, 0x0) r4 = mq_open(&(0x7f00000008c0)='netpci0\x00', 0x840, 0x0, 0x0) mq_timedreceive(r4, &(0x7f0000000940)=""/161, 0xa1, 0x0, 0x0) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8921, &(0x7f0000000040)={'wlan1\x00'}) r5 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000000), 0x200141, 0x0) fcntl$getownex(r2, 0x10, &(0x7f0000001200)={0x0, 0x0}) fcntl$setownex(r5, 0xf, &(0x7f0000001240)={0x1, r6}) ioctl$FS_IOC_GET_ENCRYPTION_POLICY_EX(r3, 0xc0096616, &(0x7f0000001180)={0x2, [0x0, 0x0]}) 04:57:52 executing program 0: r0 = syz_open_procfs$userns(0xffffffffffffffff, &(0x7f0000000000)) fcntl$lock(r0, 0x26, &(0x7f0000000100)) r1 = syz_open_procfs$userns(0xffffffffffffffff, &(0x7f0000000000)) r2 = syz_open_procfs$userns(0x0, &(0x7f0000000080)) dup2(r1, r2) 04:57:52 executing program 6: r0 = syz_open_dev$tty20(0xc, 0x4, 0x1) ioctl$TCXONC(r0, 0x540a, 0x0) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x8}) ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000080)) 04:57:53 executing program 7: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x20000000, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="eb3c906d6b66732e66617400020801000270008000f801", 0x17}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) pwritev(r0, &(0x7f0000000640)=[{&(0x7f00000002c0)="19", 0x1}], 0x1, 0x8000000, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) sendfile(r1, r2, 0x0, 0x7fffffff) [ 106.262548] loop7: detected capacity change from 0 to 264192 04:57:53 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) recvmmsg(r0, &(0x7f00000026c0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) sendmsg$netlink(r0, &(0x7f000000c340)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000000)=ANY=[@ANYBLOB="240000002600210e"], 0x24}], 0x1}, 0x0) 04:57:53 executing program 2: r0 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f00000002c0)={0xa, 0x4e20, 0x0, @empty}, 0x1c) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x4e20, 0x10001, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c) sendmmsg(r0, &(0x7f0000004240)=[{{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000300)="e9", 0x100000}], 0x1}}], 0x1, 0x0) recvfrom(r0, &(0x7f00000003c0)=""/87, 0x20010397, 0x300, 0x0, 0x0) ioctl$sock_ipv6_tunnel_SIOCADDPRL(0xffffffffffffffff, 0x89f5, 0x0) sendmmsg$inet6(r0, &(0x7f0000002f00)=[{{0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000180)="1b", 0x1}], 0x1, &(0x7f0000000100)=ANY=[@ANYBLOB="200000000000000029000000040000000c020000000000000401b40001000000"], 0x20}}], 0x1, 0x10894) write$binfmt_elf64(0xffffffffffffffff, 0x0, 0x0) sendmmsg$inet6(r0, &(0x7f0000000140)=[{{0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000680)="b3ecb3994e1c", 0x6}], 0x1}}], 0x1, 0x41) 04:57:53 executing program 0: r0 = syz_open_procfs$userns(0xffffffffffffffff, &(0x7f0000000000)) fcntl$lock(r0, 0x26, &(0x7f0000000100)) r1 = syz_open_procfs$userns(0xffffffffffffffff, &(0x7f0000000000)) r2 = syz_open_procfs$userns(0x0, &(0x7f0000000080)) dup2(r1, r2) 04:57:53 executing program 6: r0 = syz_open_procfs$userns(0xffffffffffffffff, &(0x7f0000000000)) fcntl$lock(r0, 0x26, &(0x7f0000000100)) r1 = syz_open_procfs$userns(0xffffffffffffffff, &(0x7f0000000000)) r2 = syz_open_procfs$userns(0x0, &(0x7f0000000080)) dup2(r1, r2) 04:57:53 executing program 3: mkdir(&(0x7f0000003b80)='./file0\x00', 0x0) stat(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0}) setresuid(0x0, r0, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0) preadv(r1, &(0x7f00000011c0)=[{&(0x7f0000000180)=""/4096, 0x1000}], 0x1, 0x0, 0x2) r2 = openat$null(0xffffffffffffff9c, &(0x7f0000000100), 0x80800, 0x0) setsockopt$inet6_udp_int(r2, 0x11, 0x65, &(0x7f0000000140)=0x80000000, 0x4) r3 = socket$inet6_udp(0xa, 0x2, 0x0) r4 = mq_open(&(0x7f00000008c0)='netpci0\x00', 0x840, 0x0, 0x0) mq_timedreceive(r4, &(0x7f0000000940)=""/161, 0xa1, 0x0, 0x0) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8921, &(0x7f0000000040)={'wlan1\x00'}) r5 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000000), 0x200141, 0x0) fcntl$getownex(r2, 0x10, &(0x7f0000001200)={0x0, 0x0}) fcntl$setownex(r5, 0xf, &(0x7f0000001240)={0x1, r6}) ioctl$FS_IOC_GET_ENCRYPTION_POLICY_EX(r3, 0xc0096616, &(0x7f0000001180)={0x2, [0x0, 0x0]}) [ 106.407191] loop4: detected capacity change from 0 to 264192 04:57:53 executing program 5: r0 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f00000002c0)={0xa, 0x4e20, 0x0, @empty}, 0x1c) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x4e20, 0x10001, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c) sendmmsg(r0, &(0x7f0000004240)=[{{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000300)="e9", 0x100000}], 0x1}}], 0x1, 0x0) recvfrom(r0, &(0x7f00000003c0)=""/87, 0x20010397, 0x300, 0x0, 0x0) ioctl$sock_ipv6_tunnel_SIOCADDPRL(0xffffffffffffffff, 0x89f5, 0x0) sendmmsg$inet6(r0, &(0x7f0000002f00)=[{{0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000180)="1b", 0x1}], 0x1, &(0x7f0000000100)=ANY=[@ANYBLOB="200000000000000029000000040000000c020000000000000401b40001000000"], 0x20}}], 0x1, 0x10894) write$binfmt_elf64(0xffffffffffffffff, 0x0, 0x0) sendmmsg$inet6(r0, &(0x7f0000000140)=[{{0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000680)="b3ecb3994e1c", 0x6}], 0x1}}], 0x1, 0x41) 04:57:53 executing program 7: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x20000000, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="eb3c906d6b66732e66617400020801000270008000f801", 0x17}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) pwritev(r0, &(0x7f0000000640)=[{&(0x7f00000002c0)="19", 0x1}], 0x1, 0x8000000, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) sendfile(r1, r2, 0x0, 0x7fffffff) 04:57:53 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) recvmmsg(r0, &(0x7f00000026c0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) sendmsg$netlink(r0, &(0x7f000000c340)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000000)=ANY=[@ANYBLOB="240000002600210e"], 0x24}], 0x1}, 0x0) 04:57:53 executing program 4: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x20000000, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="eb3c906d6b66732e66617400020801000270008000f801", 0x17}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) pwritev(r0, &(0x7f0000000640)=[{&(0x7f00000002c0)="19", 0x1}], 0x1, 0x8000000, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) sendfile(r1, r2, 0x0, 0x7fffffff) 04:57:53 executing program 6: r0 = syz_open_procfs$userns(0xffffffffffffffff, &(0x7f0000000000)) fcntl$lock(r0, 0x26, &(0x7f0000000100)) r1 = syz_open_procfs$userns(0xffffffffffffffff, &(0x7f0000000000)) r2 = syz_open_procfs$userns(0x0, &(0x7f0000000080)) dup2(r1, r2) 04:57:53 executing program 3: mkdir(&(0x7f0000003b80)='./file0\x00', 0x0) stat(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0}) setresuid(0x0, r0, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0) preadv(r1, &(0x7f00000011c0)=[{&(0x7f0000000180)=""/4096, 0x1000}], 0x1, 0x0, 0x2) r2 = openat$null(0xffffffffffffff9c, &(0x7f0000000100), 0x80800, 0x0) setsockopt$inet6_udp_int(r2, 0x11, 0x65, &(0x7f0000000140)=0x80000000, 0x4) r3 = socket$inet6_udp(0xa, 0x2, 0x0) r4 = mq_open(&(0x7f00000008c0)='netpci0\x00', 0x840, 0x0, 0x0) mq_timedreceive(r4, &(0x7f0000000940)=""/161, 0xa1, 0x0, 0x0) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8921, &(0x7f0000000040)={'wlan1\x00'}) r5 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000000), 0x200141, 0x0) fcntl$getownex(r2, 0x10, &(0x7f0000001200)={0x0, 0x0}) fcntl$setownex(r5, 0xf, &(0x7f0000001240)={0x1, r6}) ioctl$FS_IOC_GET_ENCRYPTION_POLICY_EX(r3, 0xc0096616, &(0x7f0000001180)={0x2, [0x0, 0x0]}) [ 106.462359] loop7: detected capacity change from 0 to 264192 04:57:53 executing program 0: r0 = syz_open_procfs$userns(0xffffffffffffffff, &(0x7f0000000000)) fcntl$lock(r0, 0x26, &(0x7f0000000100)) r1 = syz_open_procfs$userns(0xffffffffffffffff, &(0x7f0000000000)) r2 = syz_open_procfs$userns(0x0, &(0x7f0000000080)) dup2(r1, r2) 04:57:53 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) recvmmsg(r0, &(0x7f00000026c0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) sendmsg$netlink(r0, &(0x7f000000c340)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000000)=ANY=[@ANYBLOB="240000002600210e"], 0x24}], 0x1}, 0x0) 04:57:53 executing program 4: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x20000000, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="eb3c906d6b66732e66617400020801000270008000f801", 0x17}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) pwritev(r0, &(0x7f0000000640)=[{&(0x7f00000002c0)="19", 0x1}], 0x1, 0x8000000, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) sendfile(r1, r2, 0x0, 0x7fffffff) 04:57:53 executing program 6: r0 = syz_open_procfs$userns(0xffffffffffffffff, &(0x7f0000000000)) fcntl$lock(r0, 0x26, &(0x7f0000000100)) r1 = syz_open_procfs$userns(0xffffffffffffffff, &(0x7f0000000000)) r2 = syz_open_procfs$userns(0x0, &(0x7f0000000080)) dup2(r1, r2) 04:57:53 executing program 3: mkdir(&(0x7f0000003b80)='./file0\x00', 0x0) stat(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0}) setresuid(0x0, r0, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0) preadv(r1, &(0x7f00000011c0)=[{&(0x7f0000000180)=""/4096, 0x1000}], 0x1, 0x0, 0x2) r2 = openat$null(0xffffffffffffff9c, &(0x7f0000000100), 0x80800, 0x0) setsockopt$inet6_udp_int(r2, 0x11, 0x65, &(0x7f0000000140)=0x80000000, 0x4) r3 = socket$inet6_udp(0xa, 0x2, 0x0) r4 = mq_open(&(0x7f00000008c0)='netpci0\x00', 0x840, 0x0, 0x0) mq_timedreceive(r4, &(0x7f0000000940)=""/161, 0xa1, 0x0, 0x0) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8921, &(0x7f0000000040)={'wlan1\x00'}) r5 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000000), 0x200141, 0x0) fcntl$getownex(r2, 0x10, &(0x7f0000001200)={0x0, 0x0}) fcntl$setownex(r5, 0xf, &(0x7f0000001240)={0x1, r6}) ioctl$FS_IOC_GET_ENCRYPTION_POLICY_EX(r3, 0xc0096616, &(0x7f0000001180)={0x2, [0x0, 0x0]}) 04:57:53 executing program 7: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x20000000, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="eb3c906d6b66732e66617400020801000270008000f801", 0x17}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) pwritev(r0, &(0x7f0000000640)=[{&(0x7f00000002c0)="19", 0x1}], 0x1, 0x8000000, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) sendfile(r1, r2, 0x0, 0x7fffffff) [ 106.649808] loop4: detected capacity change from 0 to 264192 [ 106.659651] loop7: detected capacity change from 0 to 264192 04:57:53 executing program 0: r0 = syz_open_procfs$userns(0xffffffffffffffff, &(0x7f0000000000)) fcntl$lock(r0, 0x26, &(0x7f0000000100)) r1 = syz_open_procfs$userns(0xffffffffffffffff, &(0x7f0000000000)) r2 = syz_open_procfs$userns(0x0, &(0x7f0000000080)) dup2(r1, r2) 04:57:53 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) recvmmsg(r0, &(0x7f00000026c0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) sendmsg$netlink(r0, &(0x7f000000c340)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000000)=ANY=[@ANYBLOB="240000002600210e"], 0x24}], 0x1}, 0x0) 04:57:53 executing program 5: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_MCAST_MSFILTER(r0, 0x0, 0x30, &(0x7f0000000080)={0x0, {{0x2, 0x0, @multicast1}}, 0x0, 0x2}, 0x90) 04:57:53 executing program 2: setgroups(0x2, &(0x7f0000000800)=[0x0, 0x0]) socket$inet_icmp(0x2, 0x2, 0x1) 04:57:53 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$TCSETS2(r0, 0x402c542b, &(0x7f0000000080)={0x6, 0x0, 0x4, 0x2631, 0xfd, "fd1f4a348a3045fc72c1e5004f0e07a7fcbac0", 0x8000}) syz_open_dev$ptys(0xc, 0x3, 0x1) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) 04:57:53 executing program 0: r0 = socket$nl_route(0x10, 0x3, 0x0) pipe(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$netlink(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000002c0)=ANY=[@ANYBLOB="2800000024000100000000000000000008000000", @ANYRES32=r1], 0x28}], 0x1}, 0x0) 04:57:53 executing program 2: r0 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x26e1, 0x0) ioctl$EXT4_IOC_GET_ES_CACHE(r0, 0xc020660b, &(0x7f0000000240)={0xffffffff000, 0x1}) 04:57:53 executing program 7: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x20000000, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="eb3c906d6b66732e66617400020801000270008000f801", 0x17}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) pwritev(r0, &(0x7f0000000640)=[{&(0x7f00000002c0)="19", 0x1}], 0x1, 0x8000000, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) sendfile(r1, r2, 0x0, 0x7fffffff) [ 106.789983] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.0'. [ 106.795742] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.0'. 04:57:53 executing program 4: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x20000000, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="eb3c906d6b66732e66617400020801000270008000f801", 0x17}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) pwritev(r0, &(0x7f0000000640)=[{&(0x7f00000002c0)="19", 0x1}], 0x1, 0x8000000, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) sendfile(r1, r2, 0x0, 0x7fffffff) 04:57:53 executing program 6: socket$inet_tcp(0x2, 0x1, 0x0) [ 106.832084] loop4: detected capacity change from 0 to 264192 04:57:53 executing program 5: r0 = socket$netlink(0x10, 0x3, 0x4) setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r0, 0x10e, 0x1, &(0x7f0000000400)=0x2, 0x47) [ 106.836488] loop7: detected capacity change from 0 to 264192 04:57:53 executing program 6: r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000680), 0x0, 0x0) syz_genetlink_get_family_id$batadv(&(0x7f0000000640), r0) 04:57:53 executing program 0: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='net\x00') getdents64(r0, &(0x7f0000000080)=""/250, 0xfa) [ 106.877582] Bluetooth: hci2: command 0x0419 tx timeout 04:57:53 executing program 2: r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0) ioctl$SNDRV_TIMER_IOCTL_SELECT(r0, 0x54a1, 0x0) 04:57:53 executing program 5: r0 = socket$netlink(0x10, 0x3, 0x4) setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r0, 0x10e, 0x1, &(0x7f0000000400)=0x2, 0x47) 04:57:53 executing program 0: clone3(&(0x7f0000000a00)={0x2000, 0x0, 0x0, 0x0, {}, 0x0, 0x0, &(0x7f0000000980)=""/29, 0x0}, 0x58) [ 107.011318] loop2: detected capacity change from 0 to 256 04:57:53 executing program 6: sendmsg$ETHTOOL_MSG_PRIVFLAGS_SET(0xffffffffffffffff, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000680)={&(0x7f0000000000)={0x20, 0x0, 0x0, 0x0, 0x0, {}, [@ETHTOOL_A_PRIVFLAGS_HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}]}, 0x20}}, 0x0) r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$netlink(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f000000a940)=[{&(0x7f0000000000)=ANY=[@ANYBLOB="28000000310001"], 0x28}], 0x1}, 0x0) 04:57:53 executing program 2: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736689254300080120000400004000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) fallocate(r0, 0x0, 0x0, 0xfff) 04:57:53 executing program 3: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x4000000000003, 0x1, &(0x7f0000000200)=[{&(0x7f00000000c0)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}], 0x2810000, &(0x7f0000000240)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) pwrite64(0xffffffffffffffff, 0x0, 0x0, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r1, &(0x7f0000000080)=ANY=[], 0x220) sendfile(r1, r0, 0x0, 0xfffffdef) pwrite64(0xffffffffffffffff, &(0x7f0000001040), 0x0, 0x0) [ 107.013415] loop3: detected capacity change from 0 to 264192 04:57:53 executing program 1: r0 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_inet_SIOCGARP(r0, 0x8954, &(0x7f00000000c0)={{0x2, 0x0, @dev}, {0x0, @remote}, 0x0, {0x2, 0x0, @dev}}) [ 107.020970] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.6'. [ 107.021782] FAT-fs (loop2): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 107.022753] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.6'. [ 107.048286] FAT-fs (loop2): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 107.053112] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.6'. [ 107.054220] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.6'. 04:57:53 executing program 2: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0x40b01, 0x0) ioctl$CDROMREADAUDIO(r0, 0x127e, &(0x7f00000000c0)={@lba, 0x0, 0x0, 0x0}) 04:57:53 executing program 1: r0 = mq_open(&(0x7f00000056c0)='syz1\x00', 0x842, 0x0, 0x0) r1 = creat(&(0x7f0000000080)='.\x00', 0x100) mq_getsetattr(r1, &(0x7f00000000c0)={0x3f, 0xa6e8, 0x4, 0x4}, &(0x7f0000000100)) creat(&(0x7f0000001180)='./file0\x00', 0x2) clock_gettime(0x0, &(0x7f0000000000)={0x0, 0x0}) mq_timedsend(r0, &(0x7f0000000180)="b455be25a1d2333ee01665e7b2f743f71d0df785277db708f941130a129382496ac1454f1766851808d812bb2ca0c57564403cd2a60d66ba09ae58f19b4e72cd345b05496125157e73d6b492367a51cb2f5358c3dbc05f133e71bed2fce6d0214761f1d86057bb0cb2caeeb04cc7b01145e4965f8cbff9c2bcf984f701520fea0578bbaa6b1f8f05abd5eb7123d39a1dd360c301306f9608b887902672620105390d9bb9325cc650923abd395490b2137cfdd2a4d8f1da5fc4577e4b60a974f1551d9e82cfcb29bb926bded262831d78f16fd5bcebe4a5a078602b9709e06ac9347a79da79cec5fbe17798525073f6dbc08a2daac7c7c99544e9280a52333182607e94261a9f64a2e9ef64ea6ff013609b88ee7bb9a3e5783bbac3874e223837cc74bec20a00ba1d19cb2049114dc3b28111bd73648b62b70568a93c406a3115244748adef2be8d999c1153ca8c0d4c6360c26cc268ea9e7737dcff6e83a31aa40f513ec2a362d7acf479738eea5af02356be3985a1d2ff7f519ce84ebe6112cbebc8f8de095e72610228831f9ddc76456081bd02d0ae95676493307b98101f16a8aa19d868f567a657038f3b7b3d6b774da710b8da04358844b14b1c563419820a54021054380fddd4188a167878b5ed728f501a24639485d5df8ad4f4d21b35fcec322c5b4feaa93ddcfd4be2548989f56f61b6acd30bd9cd1eab5f41e302d802d3236a8ebcb067283b9a0f880a31a34d7fadfecf7efcfdba329d5b50b7562c8d05aa678da6b6b3bd18287cfda7ad4e61f78100dbd4b91527b186b74b61b929a634347ebe849cef8d754ea32836b8710538460c4ce02f883b4adc89bd3db891cf432c79e5acd8afed96481ee2b314eb8387b3a6ae13e26bce351a9cb71ef1ac37bbafafedf3637d007d5fb25b15c766cfa8f359a4650f1d5691423806caafbbf5c527cf642885d2d2bdb69820a4c3145c24d7d5de5a295ec244234da88d41d1965b2d16349acf52373fc60787675867cb604cde0fe063cf762388af4777190d792d36120314ce51d48ce1c81e96bf41323cff3915cbcb73223044237c02a82a63b0f2878301ec3f85a0b3e46a631ac2a53d20b27834b8f5ef0ce1a496d71f838d259caaa16b2813ab9768c58d38366d19e8c458a1d7ae4cb67698c673aa3ae4e5ff9f2ded3b92c09ebce68de6a91dc1cc80e0a0eb57e8eb720e1a71d6405cc05a57a9eff2971ebe7e79f1db9af3377120a6feb6b83d30944c160b3a32663fdc376fa853b25ff58f2dc2c62f78f23702c80ee1f8661963ba07a44166556c780bdb5a87e618320e9b2eaa5bce45533e107e528790ba02afcdafc22c4a3b4b58d2658af77b38a6072dc835d31da898a0a89fcfd0cef9241a20ff2f7e8468aa333420c44e562c825165f7f943267bbdbc899f263006b0a88c22e5050889e83dbd57fb5c05682e8d722276a17bbf50d779e5d18479dc8bb89a20e0c0bd1a1873e52526a74d74fa78128d1e69136a1d4cb49212dd4fc10e35e0fdf3367c5d97987e33494c052fa89c80dc19b3b27b1b0d34304447b64c00f9155fef3a0c2870e97120a4fffb6f6d9bcf01271c0da27c07f39a300846795eff84d8e11bd54292e11fc476cb0e8c6d7ef0edac6482f8d1dfa4a1c3b87084386b752d30a47a1191221bed46fc7da07cf2f8e12f5647799d1ddd7d342156c4d637ba39e60b3418fc0de4fd639adc6d3d82a28d53e7d10f0d5036ec5a1921a59f1b01c552d2d28a2c9a34e8544f7fcec25c911aae5ed1d99a300102ed142de2bb2b9fb8073a3149f12b79a24ec6f5943f367b5ee0ab9d393eab42097cc321d3b257dc3466a9ef143ca2b90030fe9aae775b1ad150a6c8448170dbb09563855d655e4788a0a7186ad1365a3dcf58ef42d5cc87b58ad50e9af456e9a06048852aeb640fa31c6dd72e7db32797f146cf494ded289b00932e669b9bbc165dc5a263a41691ae0e18c0a4799b9b70cfdca2f7d48713207059d1628ac95e39ad4b23b0640bbba764353b06931cc49aa162e66dbfcb3c03da173260caaee3e87e27ad590865de7aef39c82db9f9de37d4de11595bf4f638b3e7e6cf0c337f0594525194aa7e26ee935f1213654d2c6e4c027ce3f584aa3f9829024b8c53acfce74637d5d83616a8beefb52736023bec5d650a3624b9c6ce626308769d2f3be804d657bfa6def42b210ce5d874977da784744e6a89c975947a39b797bced4b58d001cd93c2817c09f0df2b30feb4b50c84d3c9a1dfc6c43f81e3cd84188dbff963ff5f9ffb61ff7cba836ee6c8a1aee4fc65a0a3a85d968654981d2805f798f91c6b235af1e81e195bcdbd46ea80b0e2cdab3a9cebc6a3a0172172dde13e3dbe4e0f9db12db5850666fca7690af8fca785b27acc4ce4e7d55b26b04603c75d18d257aee756c52b2b4de64fa35a3bcf88d869971af4c7670586fcec4425ad841e302b577048d0cde744993a79b02bf7e5c0a2eebf039b5bc3532657f3f319eef016cc96b55f7aa1dae4023a937da840e3f964e6b4c8d127360ef6695245138f700da429e07ddef3bcd9967c0474821c9f82e1439542496c4803020bf328ab73d7c0b619ed859b8ed8774cc3d431e1c59f984fc09ff0639c1a68c2a8b560ffb79220a2c674dd7f7ecb79b33dbebf82300eb069939ed666c0d01857bc9d821abb2bb82e49630b8491fd2043ac59cacf07c9f7b7199aa61cb97eb014123eb7c631465652f8affb234f54473f8c54144b6bfd073d42737db57b0feb6587abcff4a96ce00aed56305c88043332453df93b6f5e5fa1a0fcc48f502bce6c4cdb3f06521d5e8add3b319675751e579155efc12e53eae3132bf75c013e3115fbb5430e55a530f46342cabf42c0088e2cfb10b7a480630d2a56708b7e8bf21662f5326190bf0b96cdff1aa74c167fd724134c134b644e1efd85d56417b794b0658837f387b0f1e475ee0369380fa7251571404509cfea4daa0f622fcb170179985037deeebce5c015a8c6071c4b0a1df9eec79cdc14f72ad8eb3e943dd13e7239daddeb7a34d508194a6dda91e1dd0e2031250fc23f9ff688c32c81190c36d7db59371617d7dbc55adc1c1226aa4ddb4500f36cc2b61a1ff4d866bf62d14814c3a4e1c434cffc66cd4dd57d2235934a4c504d6ed9a5d290be95a3c6d2ec9c405a5b3592348bb9730c92d4d298abf97ba3375bfff92fb89927b901d5469ca6812582841d7f6c53889440e18c62682ad88f06ae4fb5db67abb0b027b2949de6c8d430c26dc086e801f4711babb6cc6231c9bd3101fa792892a1c2c671acd3035c1b49c0d0217b8fa58f4666a34b5c40cf3a25b42fd95863e09379896f3c9b260f29089b2f45208c70f2f97a140aaf293c1d05f888c2d811dc74ee79ed3d1b4163603ef2570ce9b9210b46ca32411777ba76be6cfa8b0d1628ad6b83da2294e3e8f148dca8d782f5a9d41e5ebb5990590abc0d4afcb5b0179c554b4fa83c8f6cf690b5f0bb0ee368e094d247e58aec8485d3733711d2f5399ff5a3a4a64d4a8d5fe7ce6b089a81c41c03ba1a45c3f320489a252a3d5c3c42d31da2bf9e4148c00bba6afd9d364f72b13922ec41399dcc22e539cde00a7699a5fc12065c9c4dcdb2744efb57ac95e64501e10cbfb6c7c03bf6cd7c21bc2038890eb8f07bd77528af1d08c3932f48f3f5ddd3594bf6cb2aa4a1fb1aef241c5e92c1869277d17c724c847d3419d51a4cc7235e38cc2f452952fa39c03fbfb82da6d77384f89ffcc59c315f679937de7eefcb8f95c603ace26586bc523dbb5b08b6b6e0bad1f9d5c7ed32bea1e4ab8ce19c06a0c4bbd9c9ca096a319dd678c1d09fb9463e29d25b19f16af3ec29a99b703d452b425bf3369d66e56842dcc0061e31cbc36685b6b96ece60b16eb156b7fd42da637e36882a48bd911cde2d482a885cef303b3341fadafba1d13b420537f19daf29c4d6389f24050cadc7c053505f77899fd25f1271a29fd7c70e02b006ed66e3d18f38923f981a02c1bdc4fd7f3694eab5a7ef9c53182a972c5fa0bd75a3352bd39b9927c0f0dbe668f8ccb2e7d22baedfb89fd89d4c502726188a5b7794f2e3a31304e00c55014332bce9f53cc60d774b10dd6a060dfd93bca790c6a7ba1227e31f3bc4f23e8f5972515202607110a28201429906f90dbf578c83b93af097fd2d83f63e3aa4f202f6ee8b4d1f6d8515901001470fd8e311f560e306f542c389335a38c8fb9726f7637cbf01cb67f51bbf188f6744aa0d95d7bf5fb6792729889605b79d3e63d58ccdabf9be7cd0aaae6e3d90db7c1349f66db5a5b03dd46c6b4deb84c3ab058708eccde0f22cd456d8fed1f155a595c4cb0d58d6a3bc30e449d1856d3ba70776030ed8e0f7e9a6d30a9877dc731f8f7fe86dca4856b19b3a4ef4fb6be2bc9bb25fb169bbdcf048b0e7db61ece1e7ccab36d3f63f0c35990b4e9b20e22da4b02199f5162300f51d9104ea0faf52adbed9404e8a598fdb81c7ee740ac7953a4204cb0fee53b0ff20b8db286ef6b0fda15b881d0580aaf6564ef3fbddf80dc3bbab08ca46a09017ddc21e9f956572a087297f3700b3a599d680e34e5c3f466052c32ce225209b34ac1a471e3bfa358e97d8766efcb48d70bb2384b1751c3c59ba30b9f8156ababf3fee0a3367ff9d651ba6943eb25776a008e75b731a076aa5857d8b94443e7780dd9da2a967cdefdd9c607af516777c725a19722b4ad537f30c7b3d0dda18dcb1ee0cb7b0673c169a75683761b02f98f53c713688df0006bbdd109cb68b0272df1e7a7a7a284d66bdb83d839af37ee3de8df7daacb1aa8c05fcd9590e94598f6bbd22ab20ea4363c04497f8a807d629ee5c0162841291defac7b1ab0e1377d8b6606c7d9663a72abd54d9312ab09bd954345c9c76b186b7a1c987c470e9c8687d21f52ebc9bb6854a13e2d111549228350ab17531947561d7b1da6c2c10f5e06b974ddbf42bb645446df68fc472fbc85546d3fd6649f0ec741de14ad7c0ff14fe915db595f41e2335577988467bdea5bb472d0b9e39a63a32671e9d72b9ff66e4251e776b84611733989762fc774b33ba5466c10cd230c9870493c3e7a41842e46775c88aaab229e200a252ec6d9091f3eb7692bd67f47a8a7ff225d35b7eac799feadf7419aa8c1a05c38e426c3b40473b89b8660efbe87c44b12a517be59bc82566f6bcae074021dab7d6a1d54805c04ff6f4208e15fa6b4647a6c1890fcfc0b16699ea6085b16e6aa02f75466a3963f0bf5179024653c66fa48a9ad69d8c22051c280e63936e845d006bbabfe5fdf18870804faeb96b457bbde7e734558735c60f9b74d0f72320a0f218e67590c1723385c1e6cbb0e0875928f66e2823eae91e21fc6c5cfaee9dcf960e40586bf56b4d8559838df1d1ded05043cee70be6737d65bc90f3ac56c16bd655ae266f994d65086cc39acad17a06b579981d028fdfc49b74fcf717cf515f7af2c09c3188fe07fc274d96d70be412ca9a6857184fc1e1e5ba0abcf56986210430e83ad21ea550fb6df97b845001978157d280d3cc1dd4ee232023fec984dccfa630d8f857f5d197923191e60a5c9d07c5b0caa209f3cd07b75b6ca4b06fc38db956f121f50c41f7ef68fa67418e8f0756ba87c94947de6b3989b669040c03f33f7e09ca6c1a29efc8d9a8efa96b5da61f00043f41ab1433917a930289afdd6455efcd6e33d3373893be06bfe1eae24bf03c6e4e5731deb11c258de67e45508a43a70a01882f45aaa8ade304acb8158416e818b0d91", 0x1000, 0x5d2, &(0x7f0000000040)={r2, r3+10000000}) clock_gettime(0x7, &(0x7f00000011c0)) 04:57:53 executing program 5: r0 = socket$netlink(0x10, 0x3, 0x4) setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r0, 0x10e, 0x1, &(0x7f0000000400)=0x2, 0x47) 04:57:53 executing program 4: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0x40b01, 0x0) ioctl$CDROMVOLREAD(r0, 0x5323, 0x0) 04:57:53 executing program 6: r0 = syz_open_dev$usbmon(&(0x7f0000001e00), 0x0, 0x0) ioctl$BTRFS_IOC_RM_DEV(r0, 0x541b, 0x0) 04:57:53 executing program 0: r0 = socket$inet6(0xa, 0x1, 0x0) setsockopt$inet6_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f00000001c0)=0x1, 0x4) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @local}}, 0x1c) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x5, &(0x7f00000005c0), 0x4) 04:57:53 executing program 7: r0 = socket$inet_tcp(0x2, 0x1, 0x0) r1 = dup(r0) bind$inet(r1, &(0x7f0000000040)={0x2, 0x3, @loopback}, 0x10) r2 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r2, &(0x7f0000000000)={0x2, 0x3, @dev}, 0x10) r3 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r3, &(0x7f0000000000)={0x2, 0x3, @broadcast}, 0x10) 04:57:53 executing program 6: socket$inet_tcp(0x2, 0x1, 0x0) socket$nl_xfrm(0x10, 0x3, 0x6) socket$nl_generic(0x10, 0x3, 0x10) signalfd(0xffffffffffffffff, &(0x7f0000000000), 0x8) pselect6(0x39, &(0x7f0000000100), &(0x7f0000000080)={0x3}, 0x0, 0x0, 0x0) 04:57:54 executing program 4: r0 = perf_event_open(&(0x7f00000000c0)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) close(r0) 04:57:54 executing program 6: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x4000000000003, 0x1, &(0x7f0000000200)=[{&(0x7f00000000c0)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}], 0x2810000, &(0x7f0000000240)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) pwrite64(0xffffffffffffffff, 0x0, 0x0, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r1, &(0x7f0000000080)=ANY=[], 0x220) sendfile(r1, r0, 0x0, 0xfffffdef) pwrite64(0xffffffffffffffff, &(0x7f0000001040), 0x0, 0x0) 04:57:54 executing program 3: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x4000000000003, 0x1, &(0x7f0000000200)=[{&(0x7f00000000c0)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}], 0x2810000, &(0x7f0000000240)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) pwrite64(0xffffffffffffffff, 0x0, 0x0, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r1, &(0x7f0000000080)=ANY=[], 0x220) sendfile(r1, r0, 0x0, 0xfffffdef) pwrite64(0xffffffffffffffff, &(0x7f0000001040), 0x0, 0x0) 04:57:54 executing program 2: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0x40b01, 0x0) ioctl$CDROMREADAUDIO(r0, 0x127e, &(0x7f00000000c0)={@lba, 0x0, 0x0, 0x0}) 04:57:54 executing program 7: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000500000000f000000000000000200000006000000000008000080000020000000e1f4655fe2f4655f0100ffff53ef010001000000e1f4655f000000000000000001000000000000000b0000008000000018000000c20500002b82", 0x66, 0x400}, {&(0x7f0000010100)="00000000000000000000000047878d126f6347e1b360d317cdb2f98e010040", 0x1f, 0x4e0}, {&(0x7f0000010200)="010000000000050040", 0x9, 0x560}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012500)="ed41000000100000e1f4655fe1f4655fe1f4655f000000000000040080", 0x1d, 0x4080}, {0x0, 0x0, 0xfffffffffffffffc}, {&(0x7f0000013000)="504d4d00504d4dff", 0x8, 0x40000}], 0x0, &(0x7f0000000040)={[{@grpquota}]}) [ 107.270738] loop7: detected capacity change from 0 to 16383 04:57:54 executing program 5: r0 = socket$netlink(0x10, 0x3, 0x4) setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r0, 0x10e, 0x1, &(0x7f0000000400)=0x2, 0x47) 04:57:54 executing program 0: syz_mount_image$msdos(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) stat(&(0x7f0000000240)='./file0\x00', &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0}) setresuid(0x0, r0, 0x0) keyctl$invalidate(0x7, 0x0) 04:57:54 executing program 1: keyctl$unlink(0x9, 0x0, 0xfffffffffffffffb) 04:57:54 executing program 4: r0 = perf_event_open(&(0x7f00000000c0)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) close(r0) [ 107.301080] loop6: detected capacity change from 0 to 264192 [ 107.304343] loop3: detected capacity change from 0 to 264192 04:57:54 executing program 2: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0x40b01, 0x0) ioctl$CDROMREADAUDIO(r0, 0x127e, &(0x7f00000000c0)={@lba, 0x0, 0x0, 0x0}) 04:57:54 executing program 1: r0 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) sendmmsg(r0, &(0x7f0000001400)=[{{&(0x7f0000000100)=@pppol2tpin6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @empty}}}, 0x80, 0x0}}], 0x1, 0x0) setsockopt$WPAN_WANTLQI(r0, 0x0, 0x3, &(0x7f0000000240)=0x1, 0x4) recvmmsg(r0, &(0x7f0000000540)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000000)=""/170, 0xaa}, {&(0x7f00000000c0)=""/43, 0x2b}], 0x2}, 0x337}, {{&(0x7f0000000380)=@sco, 0x80, 0x0, 0x0, &(0x7f0000000500)=""/55, 0x37}, 0xffff4a67}], 0x2, 0x2022, 0x0) 04:57:54 executing program 2: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0x40b01, 0x0) ioctl$CDROMREADAUDIO(r0, 0x127e, &(0x7f00000000c0)={@lba, 0x0, 0x0, 0x0}) [ 107.384185] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: writeback. [ 107.386999] ext4 filesystem being mounted at /syzkaller-testdir289208769/syzkaller.nsIsRE/9/file0 supports timestamps until 2038 (0x7fffffff) 04:57:54 executing program 5: sendmsg$AUDIT_MAKE_EQUIV(0xffffffffffffffff, 0x0, 0x0) 04:57:54 executing program 0: r0 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000000c0)={'wlan1\x00', &(0x7f0000000000)=@ethtool_stats={0x49}}) 04:57:55 executing program 4: r0 = perf_event_open(&(0x7f00000000c0)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) close(r0) 04:57:55 executing program 5: r0 = add_key$keyring(&(0x7f0000000180), &(0x7f00000001c0)={'syz', 0x0}, 0x0, 0x0, 0xffffffffffffffff) r1 = add_key$fscrypt_v1(&(0x7f0000000200), &(0x7f0000000240)={'fscrypt:', @desc3}, &(0x7f0000000280)={0x0, "527799b05efa80ee5bba0671f9ffc848142e79b8c5a39c87406981b1e64a102a31501e104602838a18eb8e558f95532598330118268da6e798d2b0fc3cfeb41e"}, 0x48, r0) keyctl$update(0x2, r1, &(0x7f0000000300)="95", 0x1) keyctl$link(0x8, r1, r0) 04:57:55 executing program 6: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x4000000000003, 0x1, &(0x7f0000000200)=[{&(0x7f00000000c0)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}], 0x2810000, &(0x7f0000000240)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) pwrite64(0xffffffffffffffff, 0x0, 0x0, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r1, &(0x7f0000000080)=ANY=[], 0x220) sendfile(r1, r0, 0x0, 0xfffffdef) pwrite64(0xffffffffffffffff, &(0x7f0000001040), 0x0, 0x0) 04:57:55 executing program 0: r0 = socket$inet6_udp(0xa, 0x2, 0x0) sendmmsg$inet6(r0, &(0x7f0000002c40)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) r1 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r1, &(0x7f0000000000)={0xa, 0x0, 0x0, @dev}, 0x1c) r2 = syz_open_procfs(0x0, &(0x7f0000000000)='net/udp6\x00') read$hiddev(r2, &(0x7f0000001140)=""/212, 0xd4) read$hiddev(r2, &(0x7f0000000100)=""/160, 0xc2) read$hiddev(r2, &(0x7f0000001600)=""/4084, 0xff4) 04:57:55 executing program 3: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x4000000000003, 0x1, &(0x7f0000000200)=[{&(0x7f00000000c0)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}], 0x2810000, &(0x7f0000000240)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) pwrite64(0xffffffffffffffff, 0x0, 0x0, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r1, &(0x7f0000000080)=ANY=[], 0x220) sendfile(r1, r0, 0x0, 0xfffffdef) pwrite64(0xffffffffffffffff, &(0x7f0000001040), 0x0, 0x0) 04:57:55 executing program 1: r0 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) sendmmsg(r0, &(0x7f0000001400)=[{{&(0x7f0000000100)=@pppol2tpin6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @empty}}}, 0x80, 0x0}}], 0x1, 0x0) setsockopt$WPAN_WANTLQI(r0, 0x0, 0x3, &(0x7f0000000240)=0x1, 0x4) recvmmsg(r0, &(0x7f0000000540)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000000)=""/170, 0xaa}, {&(0x7f00000000c0)=""/43, 0x2b}], 0x2}, 0x337}, {{&(0x7f0000000380)=@sco, 0x80, 0x0, 0x0, &(0x7f0000000500)=""/55, 0x37}, 0xffff4a67}], 0x2, 0x2022, 0x0) 04:57:55 executing program 7: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000500000000f000000000000000200000006000000000008000080000020000000e1f4655fe2f4655f0100ffff53ef010001000000e1f4655f000000000000000001000000000000000b0000008000000018000000c20500002b82", 0x66, 0x400}, {&(0x7f0000010100)="00000000000000000000000047878d126f6347e1b360d317cdb2f98e010040", 0x1f, 0x4e0}, {&(0x7f0000010200)="010000000000050040", 0x9, 0x560}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012500)="ed41000000100000e1f4655fe1f4655fe1f4655f000000000000040080", 0x1d, 0x4080}, {0x0, 0x0, 0xfffffffffffffffc}, {&(0x7f0000013000)="504d4d00504d4dff", 0x8, 0x40000}], 0x0, &(0x7f0000000040)={[{@grpquota}]}) 04:57:55 executing program 2: r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$inet_mreqn(r0, 0x0, 0x27, &(0x7f0000000040)={@multicast2, @dev}, 0xc) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000000)={'lo\x00'}) fsetxattr$trusted_overlay_upper(0xffffffffffffffff, &(0x7f0000000000), 0x0, 0x1015, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(r1, 0x8914, &(0x7f0000000000)={'lo\x00'}) [ 108.309393] loop3: detected capacity change from 0 to 264192 [ 108.312026] loop6: detected capacity change from 0 to 264192 [ 108.315106] loop7: detected capacity change from 0 to 16383 [ 108.349180] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: writeback. [ 108.354341] ext4 filesystem being mounted at /syzkaller-testdir289208769/syzkaller.nsIsRE/10/file0 supports timestamps until 2038 (0x7fffffff) 04:57:55 executing program 4: r0 = perf_event_open(&(0x7f00000000c0)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) close(r0) 04:57:55 executing program 5: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000002580)) 04:57:55 executing program 0: r0 = socket$inet6_udp(0xa, 0x2, 0x0) sendmmsg$inet6(r0, &(0x7f0000002c40)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) r1 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r1, &(0x7f0000000000)={0xa, 0x0, 0x0, @dev}, 0x1c) r2 = syz_open_procfs(0x0, &(0x7f0000000000)='net/udp6\x00') read$hiddev(r2, &(0x7f0000001140)=""/212, 0xd4) read$hiddev(r2, &(0x7f0000000100)=""/160, 0xc2) read$hiddev(r2, &(0x7f0000001600)=""/4084, 0xff4) 04:57:55 executing program 2: r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$inet_mreqn(r0, 0x0, 0x27, &(0x7f0000000040)={@multicast2, @dev}, 0xc) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000000)={'lo\x00'}) fsetxattr$trusted_overlay_upper(0xffffffffffffffff, &(0x7f0000000000), 0x0, 0x1015, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(r1, 0x8914, &(0x7f0000000000)={'lo\x00'}) 04:57:55 executing program 7: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000500000000f000000000000000200000006000000000008000080000020000000e1f4655fe2f4655f0100ffff53ef010001000000e1f4655f000000000000000001000000000000000b0000008000000018000000c20500002b82", 0x66, 0x400}, {&(0x7f0000010100)="00000000000000000000000047878d126f6347e1b360d317cdb2f98e010040", 0x1f, 0x4e0}, {&(0x7f0000010200)="010000000000050040", 0x9, 0x560}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012500)="ed41000000100000e1f4655fe1f4655fe1f4655f000000000000040080", 0x1d, 0x4080}, {0x0, 0x0, 0xfffffffffffffffc}, {&(0x7f0000013000)="504d4d00504d4dff", 0x8, 0x40000}], 0x0, &(0x7f0000000040)={[{@grpquota}]}) 04:57:55 executing program 0: r0 = socket$inet6_udp(0xa, 0x2, 0x0) sendmmsg$inet6(r0, &(0x7f0000002c40)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) r1 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r1, &(0x7f0000000000)={0xa, 0x0, 0x0, @dev}, 0x1c) r2 = syz_open_procfs(0x0, &(0x7f0000000000)='net/udp6\x00') read$hiddev(r2, &(0x7f0000001140)=""/212, 0xd4) read$hiddev(r2, &(0x7f0000000100)=""/160, 0xc2) read$hiddev(r2, &(0x7f0000001600)=""/4084, 0xff4) 04:57:55 executing program 5: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000600)={&(0x7f0000000500)=@getsa={0x34, 0x12, 0x1, 0x0, 0x0, {@in=@empty}, [@mark={0xc}]}, 0x34}}, 0x0) [ 108.553155] loop7: detected capacity change from 0 to 16383 04:57:55 executing program 4: syz_io_uring_setup(0x75dc, &(0x7f0000000000)={0x0, 0x1b38d}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000001000/0x1000)=nil, &(0x7f0000000500), 0x0) syz_io_uring_setup(0x1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f00000b0000)=nil, 0x0, 0x0) syz_io_uring_setup(0xb40, &(0x7f0000000580), &(0x7f0000fff000/0x1000)=nil, &(0x7f0000000000/0x400000)=nil, &(0x7f00000004c0), &(0x7f0000000600)) [ 108.593718] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: writeback. 04:57:55 executing program 2: r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$inet_mreqn(r0, 0x0, 0x27, &(0x7f0000000040)={@multicast2, @dev}, 0xc) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000000)={'lo\x00'}) fsetxattr$trusted_overlay_upper(0xffffffffffffffff, &(0x7f0000000000), 0x0, 0x1015, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(r1, 0x8914, &(0x7f0000000000)={'lo\x00'}) 04:57:55 executing program 5: r0 = perf_event_open$cgroup(&(0x7f0000000bc0)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x46ac, &(0x7f0000000140)={0x0, 0x0, 0x2}, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000000), &(0x7f0000000040)) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000280)=0x800000) [ 108.603217] ext4 filesystem being mounted at /syzkaller-testdir289208769/syzkaller.nsIsRE/11/file0 supports timestamps until 2038 (0x7fffffff) [ 108.706749] audit: type=1400 audit(1645851475.522:9): avc: denied { write } for pid=4239 comm="syz-executor.5" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 [ 109.159998] loop3: detected capacity change from 0 to 264192 04:57:55 executing program 0: r0 = socket$inet6_udp(0xa, 0x2, 0x0) sendmmsg$inet6(r0, &(0x7f0000002c40)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) r1 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r1, &(0x7f0000000000)={0xa, 0x0, 0x0, @dev}, 0x1c) r2 = syz_open_procfs(0x0, &(0x7f0000000000)='net/udp6\x00') read$hiddev(r2, &(0x7f0000001140)=""/212, 0xd4) read$hiddev(r2, &(0x7f0000000100)=""/160, 0xc2) read$hiddev(r2, &(0x7f0000001600)=""/4084, 0xff4) 04:57:55 executing program 6: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x4000000000003, 0x1, &(0x7f0000000200)=[{&(0x7f00000000c0)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}], 0x2810000, &(0x7f0000000240)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) pwrite64(0xffffffffffffffff, 0x0, 0x0, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r1, &(0x7f0000000080)=ANY=[], 0x220) sendfile(r1, r0, 0x0, 0xfffffdef) pwrite64(0xffffffffffffffff, &(0x7f0000001040), 0x0, 0x0) 04:57:55 executing program 4: r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000340), 0x243, 0x0) ioctl$SNAPSHOT_ATOMIC_RESTORE(r0, 0x3304) 04:57:55 executing program 3: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x4000000000003, 0x1, &(0x7f0000000200)=[{&(0x7f00000000c0)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}], 0x2810000, &(0x7f0000000240)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) pwrite64(0xffffffffffffffff, 0x0, 0x0, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r1, &(0x7f0000000080)=ANY=[], 0x220) sendfile(r1, r0, 0x0, 0xfffffdef) pwrite64(0xffffffffffffffff, &(0x7f0000001040), 0x0, 0x0) 04:57:55 executing program 7: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000500000000f000000000000000200000006000000000008000080000020000000e1f4655fe2f4655f0100ffff53ef010001000000e1f4655f000000000000000001000000000000000b0000008000000018000000c20500002b82", 0x66, 0x400}, {&(0x7f0000010100)="00000000000000000000000047878d126f6347e1b360d317cdb2f98e010040", 0x1f, 0x4e0}, {&(0x7f0000010200)="010000000000050040", 0x9, 0x560}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012500)="ed41000000100000e1f4655fe1f4655fe1f4655f000000000000040080", 0x1d, 0x4080}, {0x0, 0x0, 0xfffffffffffffffc}, {&(0x7f0000013000)="504d4d00504d4dff", 0x8, 0x40000}], 0x0, &(0x7f0000000040)={[{@grpquota}]}) 04:57:55 executing program 1: r0 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) sendmmsg(r0, &(0x7f0000001400)=[{{&(0x7f0000000100)=@pppol2tpin6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @empty}}}, 0x80, 0x0}}], 0x1, 0x0) setsockopt$WPAN_WANTLQI(r0, 0x0, 0x3, &(0x7f0000000240)=0x1, 0x4) recvmmsg(r0, &(0x7f0000000540)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000000)=""/170, 0xaa}, {&(0x7f00000000c0)=""/43, 0x2b}], 0x2}, 0x337}, {{&(0x7f0000000380)=@sco, 0x80, 0x0, 0x0, &(0x7f0000000500)=""/55, 0x37}, 0xffff4a67}], 0x2, 0x2022, 0x0) 04:57:55 executing program 5: syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000180)) syz_genetlink_get_family_id$nl802154(&(0x7f00000003c0), 0xffffffffffffffff) syz_genetlink_get_family_id$netlbl_calipso(0x0, 0xffffffffffffffff) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) 04:57:55 executing program 2: r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$inet_mreqn(r0, 0x0, 0x27, &(0x7f0000000040)={@multicast2, @dev}, 0xc) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000000)={'lo\x00'}) fsetxattr$trusted_overlay_upper(0xffffffffffffffff, &(0x7f0000000000), 0x0, 0x1015, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(r1, 0x8914, &(0x7f0000000000)={'lo\x00'}) [ 109.178267] loop7: detected capacity change from 0 to 16383 [ 109.193511] loop6: detected capacity change from 0 to 264192 [ 109.234370] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: writeback. [ 109.251073] ext4 filesystem being mounted at /syzkaller-testdir289208769/syzkaller.nsIsRE/12/file0 supports timestamps until 2038 (0x7fffffff) 04:57:56 executing program 4: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$netlink(r0, &(0x7f0000001480)={0x0, 0x0, &(0x7f0000001440)=[{&(0x7f0000000000)=ANY=[@ANYBLOB="240000002400010000000000000000000c00000002"], 0x24}], 0x1}, 0x0) 04:57:56 executing program 5: syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000180)) syz_genetlink_get_family_id$nl802154(&(0x7f00000003c0), 0xffffffffffffffff) syz_genetlink_get_family_id$netlbl_calipso(0x0, 0xffffffffffffffff) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) 04:57:56 executing program 0: r0 = io_uring_setup(0x454c, &(0x7f0000000240)) io_uring_register$IORING_REGISTER_BUFFERS(r0, 0x0, &(0x7f0000000200)=[{0x0}], 0x1) r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000140)='fdinfo/3\x00') read$hiddev(r1, &(0x7f00000000c0)=""/114, 0x72) 04:57:56 executing program 2: r0 = socket$inet6(0xa, 0x1, 0x0) io_uring_setup(0x0, 0x0) r1 = syz_io_uring_setup(0x1, 0x0, &(0x7f00000a0000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100), 0x0) connect$inet6(r0, &(0x7f0000000240)={0xa, 0x0, 0x1, @empty, 0x8000}, 0x1c) syz_io_uring_setup(0x0, &(0x7f0000000140)={0x0, 0x574b, 0x0, 0x3, 0x0, 0x0, r1}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000200)) bind$inet6(r0, &(0x7f00000002c0)={0xa, 0x4e20, 0x0, @empty}, 0x1c) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @empty}, 0x1c) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x13, 0xffffffffffffffff, 0x0) 04:57:56 executing program 5: syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000180)) syz_genetlink_get_family_id$nl802154(&(0x7f00000003c0), 0xffffffffffffffff) syz_genetlink_get_family_id$netlbl_calipso(0x0, 0xffffffffffffffff) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) 04:57:56 executing program 0: r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000002880)='gid_map\x00') write$tun(r0, 0x0, 0x0) 04:57:56 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) syz_io_uring_setup(0x1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f00000b0000)=nil, 0x0, 0x0) ioctl$EXT4_IOC_GET_ES_CACHE(r0, 0x40305839, &(0x7f0000000080)=ANY=[]) 04:57:56 executing program 2: r0 = syz_open_procfs$userns(0xffffffffffffffff, &(0x7f0000000000)) fcntl$lock(r0, 0x6, &(0x7f0000000100)) fcntl$lock(r0, 0x26, &(0x7f0000000140)={0x0, 0x0, 0xa615}) r1 = syz_open_procfs$userns(0xffffffffffffffff, &(0x7f0000000000)) fcntl$lock(r1, 0x6, &(0x7f0000000100)) 04:57:56 executing program 0: r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$SCSI_IOCTL_SEND_COMMAND(r0, 0x1, &(0x7f0000000000)={0x2800}) 04:57:56 executing program 5: syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000180)) syz_genetlink_get_family_id$nl802154(&(0x7f00000003c0), 0xffffffffffffffff) syz_genetlink_get_family_id$netlbl_calipso(0x0, 0xffffffffffffffff) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) 04:57:56 executing program 7: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) r1 = dup(r0) sendmsg$IPCTNL_MSG_EXP_GET_STATS_CPU(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000140)={0x14, 0x3, 0x2, 0x101}, 0x14}}, 0x0) recvmmsg(r1, &(0x7f0000001600)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) [ 110.103145] program syz-executor.0 is using a deprecated SCSI ioctl, please convert it to SG_IO 04:57:56 executing program 6: r0 = socket$packet(0x11, 0x2, 0x300) getsockopt$packet_int(r0, 0x107, 0x6, 0x0, &(0x7f0000000180)) 04:57:56 executing program 1: r0 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) sendmmsg(r0, &(0x7f0000001400)=[{{&(0x7f0000000100)=@pppol2tpin6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @empty}}}, 0x80, 0x0}}], 0x1, 0x0) setsockopt$WPAN_WANTLQI(r0, 0x0, 0x3, &(0x7f0000000240)=0x1, 0x4) recvmmsg(r0, &(0x7f0000000540)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000000)=""/170, 0xaa}, {&(0x7f00000000c0)=""/43, 0x2b}], 0x2}, 0x337}, {{&(0x7f0000000380)=@sco, 0x80, 0x0, 0x0, &(0x7f0000000500)=""/55, 0x37}, 0xffff4a67}], 0x2, 0x2022, 0x0) 04:57:56 executing program 3: r0 = syz_open_procfs(0x0, &(0x7f0000000000)='statm\x00') read$hiddev(r0, &(0x7f0000002b80)=""/251, 0xfb) 04:57:56 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000002480)='fd/3\x00') ioctl$FS_IOC_SETFLAGS(r1, 0x40086602, &(0x7f0000000a40)) pwritev(r0, &(0x7f0000000640)=[{&(0x7f00000002c0)="19", 0x1}], 0x1, 0x8000000, 0x0) sendfile(r0, r0, 0x0, 0x20000) 04:57:57 executing program 0: r0 = syz_io_uring_setup(0xeb1, &(0x7f0000000200), &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000000100)=0x0, &(0x7f0000000380)=0x0) syz_io_uring_setup(0x1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f00000b0000)=nil, 0x0, 0x0) io_uring_setup(0x6098, &(0x7f0000000000)) openat$random(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000180)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x6, 0x0, 0x0}, 0x0) io_uring_enter(r0, 0x10001b, 0x0, 0x0, 0x0, 0x0) 04:57:57 executing program 6: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$netlink(r0, &(0x7f0000001480)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000180)={0x2c, 0x10, 0x1, 0x0, 0x0, "", [@typed={0xc, 0x0, 0x0, 0x0, @u64=0x2}, @typed={0x4, 0x0, 0x0, 0x0, @binary}, @nested={0xc, 0x1c, 0x0, 0x1, [@typed={0x8, 0x0, 0x0, 0x0, @u32}]}]}, 0x2c}], 0x1}, 0x0) 04:57:57 executing program 3: r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$SCSI_IOCTL_SEND_COMMAND(r0, 0x1, &(0x7f0000000000)={0x0, 0x0, 0xffffff93}) [ 110.207310] syz-executor.4 (4301) used greatest stack depth: 24736 bytes left 04:57:57 executing program 2: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x26e1, 0x0) ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000080)={0x17e}) mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x1ff) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000140)={0x17e}) 04:57:57 executing program 7: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) fallocate(r0, 0x3, 0x0, 0x8000) [ 110.246623] program syz-executor.3 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 110.249070] netlink: 'syz-executor.6': attribute type 28 has an invalid length. 04:57:57 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000002480)='fd/3\x00') ioctl$FS_IOC_SETFLAGS(r1, 0x40086602, &(0x7f0000000a40)) pwritev(r0, &(0x7f0000000640)=[{&(0x7f00000002c0)="19", 0x1}], 0x1, 0x8000000, 0x0) sendfile(r0, r0, 0x0, 0x20000) 04:57:57 executing program 6: syz_mount_image$tmpfs(0x0, &(0x7f0000000480)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) setxattr$system_posix_acl(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='system.posix_acl_access\x00', &(0x7f0000000e40), 0x24, 0x0) lsetxattr$security_selinux(&(0x7f0000000840)='./file0\x00', &(0x7f0000000880), &(0x7f00000008c0)='system_u:object_r:dhcpd_state_t:s0\x00', 0xff9b, 0x0) 04:57:57 executing program 2: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x26e1, 0x0) ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000080)={0x17e}) mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x1ff) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000140)={0x17e}) 04:57:57 executing program 3: mlock2(&(0x7f0000fef000/0x11000)=nil, 0x11000, 0x0) mremap(&(0x7f0000ff7000/0x1000)=nil, 0x1000, 0x3000, 0x3, &(0x7f0000ffd000/0x3000)=nil) mbind(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x0, 0x0, 0x2) [ 110.356057] general protection fault, probably for non-canonical address 0xdffffc0000000004: 0000 [#1] PREEMPT SMP KASAN NOPTI [ 110.358347] KASAN: null-ptr-deref in range [0x0000000000000020-0x0000000000000027] [ 110.359823] CPU: 1 PID: 4331 Comm: syz-executor.3 Tainted: G B 5.17.0-rc5-next-20220225 #1 [ 110.362220] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 110.364841] RIP: 0010:move_vma.constprop.0+0x9f4/0xf40 [ 110.365906] Code: 3c 02 00 0f 85 1d 05 00 00 48 8b 73 08 4c 89 e7 e8 31 5e fe ff 48 ba 00 00 00 00 00 fc ff df 48 8d 78 20 48 89 f9 48 c1 e9 03 <80> 3c 11 00 0f 85 e0 04 00 00 48 81 48 20 00 00 10 00 e9 fe fc ff [ 110.369623] RSP: 0018:ffff8880434dfc98 EFLAGS: 00010212 [ 110.370678] RAX: 0000000000000000 RBX: ffff88800beeb9c0 RCX: 0000000000000004 [ 110.372080] RDX: dffffc0000000000 RSI: ffffffff821199cd RDI: 0000000000000020 [ 110.373481] RBP: 0000000000002000 R08: 0000000000000000 R09: ffffffff858cc397 [ 110.375283] R10: 0000000000000000 R11: 0000000000000001 R12: ffff8880382b9500 [ 110.376851] R13: 0000000000000000 R14: 0000000000000001 R15: 0000000020ffd000 [ 110.378275] FS: 00007f46bdc2c700(0000) GS:ffff88806cf00000(0000) knlGS:0000000000000000 [ 110.380016] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 110.381251] CR2: 00007f46c07c6000 CR3: 0000000041178000 CR4: 0000000000350ee0 [ 110.382848] Call Trace: [ 110.383341] [ 110.383776] ? move_page_tables+0x1e70/0x1e70 [ 110.384655] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 110.385626] ? cap_mmap_addr+0x50/0x300 [ 110.386430] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 110.387506] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 110.388572] ? security_mmap_addr+0x79/0xa0 [ 110.389414] __do_sys_mremap+0x78f/0x14f0 [ 110.390240] ? move_vma.constprop.0+0xf40/0xf40 [ 110.391148] ? xfd_validate_state+0x59/0x180 [ 110.392008] ? restore_fpregs_from_fpstate+0xcc/0x1e0 [ 110.393016] ? __x64_sys_futex_time32+0x480/0x480 [ 110.393962] ? fpregs_restore_userregs+0x164/0x380 [ 110.394920] ? syscall_enter_from_user_mode+0x1d/0x50 [ 110.395933] do_syscall_64+0x3b/0x90 [ 110.396666] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 110.397666] RIP: 0033:0x7f46c06b6b19 [ 110.398405] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 110.401983] RSP: 002b:00007f46bdc2c188 EFLAGS: 00000246 ORIG_RAX: 0000000000000019 [ 110.403439] RAX: ffffffffffffffda RBX: 00007f46c07c9f60 RCX: 00007f46c06b6b19 [ 110.404803] RDX: 0000000000003000 RSI: 0000000000001000 RDI: 0000000020ff7000 [ 110.406175] RBP: 00007f46c0710f6d R08: 0000000020ffd000 R09: 0000000000000000 [ 110.407543] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000000000000 [ 110.408906] R13: 00007fffcb8e9a5f R14: 00007f46bdc2c300 R15: 0000000000022000 [ 110.410295] [ 110.410739] Modules linked in: [ 110.412245] ---[ end trace 0000000000000000 ]--- [ 110.413295] RIP: 0010:move_vma.constprop.0+0x9f4/0xf40 [ 110.414364] Code: 3c 02 00 0f 85 1d 05 00 00 48 8b 73 08 4c 89 e7 e8 31 5e fe ff 48 ba 00 00 00 00 00 fc ff df 48 8d 78 20 48 89 f9 48 c1 e9 03 <80> 3c 11 00 0f 85 e0 04 00 00 48 81 48 20 00 00 10 00 e9 fe fc ff [ 110.417950] RSP: 0018:ffff8880434dfc98 EFLAGS: 00010212 [ 110.419001] RAX: 0000000000000000 RBX: ffff88800beeb9c0 RCX: 0000000000000004 [ 110.420394] RDX: dffffc0000000000 RSI: ffffffff821199cd RDI: 0000000000000020 [ 110.421807] RBP: 0000000000002000 R08: 0000000000000000 R09: ffffffff858cc397 [ 110.423220] R10: 0000000000000000 R11: 0000000000000001 R12: ffff8880382b9500 [ 110.424625] R13: 0000000000000000 R14: 0000000000000001 R15: 0000000020ffd000 [ 110.426048] FS: 00007f46bdc2c700(0000) GS:ffff88806cf00000(0000) knlGS:0000000000000000 [ 110.427638] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 110.428785] CR2: 00007f46c07c6000 CR3: 0000000041178000 CR4: 0000000000350ee0 VM DIAGNOSIS: 04:57:57 Registers: info registers vcpu 0 RAX=0000000000000000 RBX=000055fd83f4b2b0 RCX=00007f05c2059f33 RDX=0000000000000000 RSI=00007ffeffcd50d0 RDI=000055fd83f4bd90 RBP=00007ffeffcd5180 RSP=00007ffeffcd50c8 R8 =0000000000000000 R9 =0000000000000000 R10=00007ffeffcd5130 R11=0000000000000246 R12=00007ffeffcd50d0 R13=0000000000000001 R14=0000000000000000 R15=00007ffeffcd5118 RIP=00007f05c1fc2ed0 RFL=00000246 [---Z-P-] CPL=3 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0033 0000000000000000 ffffffff 00a0fb00 DPL=3 CS64 [-RA] SS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 00007f05c1baa8c0 00000000 00000000 GS =0000 0000000000000000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=0000001b2d72a000 CR3=0000000041a52000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 YMM00=0000000000000000 0000000000000000 2525252525252525 2525252525252525 YMM01=0000000000000000 0000000000000000 00ff000000000000 00ff00000000ff00 YMM02=0000000000000000 0000000000000000 00ff000000000000 00ff00000000ff00 YMM03=0000000000000000 0000000000000000 00ff00000000ff00 000000ff000000ff YMM04=0000000000000000 0000000000000000 2f2f2f2f2f2f2f2f 2f2f2f2f2f2f2f2f YMM05=0000000000000000 0000000000000000 ffffffffffff0000 0000000000000000 YMM06=0000000000000000 0000000000000000 0000000000006561 6124242f6867632f YMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM08=0000000000000000 0000000000000000 49006d756e203c20 69000a313a56000a YMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 RAX=0000000000000074 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff823b5af1 RDI=ffffffff873a46c0 RBP=ffffffff873a4680 RSP=ffff8880434df6a8 R8 =0000000000000000 R9 =0000000000000074 R10=ffffffff823b76b3 R11=000000000000000a R12=0000000000000074 R13=0000000000000074 R14=ffffffff873a4680 R15=dffffc0000000000 RIP=ffffffff823b5b48 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 00007f46bdc2c700 00000000 00000000 GS =0000 ffff88806cf00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007f46c07c6000 CR3=0000000041178000 CR4=00350ee0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 YMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM01=0000000000000000 0000000000000000 00007f46c079d7c0 00007f46c079d7c8 YMM02=0000000000000000 0000000000000000 00007f46c079d7e0 00007f46c079d7c0 YMM03=0000000000000000 0000000000000000 00007f46c079d7c8 00007f46c079d7c0 YMM04=0000000000000000 0000000000000000 ffffffffffffffff ffffffff00000000 YMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM06=0000000000000000 0000000000000000 0000000000000000 000000524f525245 YMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM08=0000000000000000 0000000000000000 0000000000000000 00524f5252450040 YMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000