Warning: Permanently added '[localhost]:60981' (ECDSA) to the list of known hosts.
2022/11/01 11:14:47 fuzzer started
2022/11/01 11:14:47 dialing manager at localhost:42881
syzkaller login: [   36.505455] cgroup: Unknown subsys name 'net'
[   36.629727] cgroup: Unknown subsys name 'rlimit'
2022/11/01 11:15:02 syscalls: 2217
2022/11/01 11:15:02 code coverage: enabled
2022/11/01 11:15:02 comparison tracing: enabled
2022/11/01 11:15:02 extra coverage: enabled
2022/11/01 11:15:02 setuid sandbox: enabled
2022/11/01 11:15:02 namespace sandbox: enabled
2022/11/01 11:15:02 Android sandbox: enabled
2022/11/01 11:15:02 fault injection: enabled
2022/11/01 11:15:02 leak checking: enabled
2022/11/01 11:15:02 net packet injection: enabled
2022/11/01 11:15:02 net device setup: enabled
2022/11/01 11:15:02 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist
2022/11/01 11:15:02 devlink PCI setup: PCI device 0000:00:10.0 is not available
2022/11/01 11:15:02 USB emulation: enabled
2022/11/01 11:15:02 hci packet injection: enabled
2022/11/01 11:15:02 wifi device emulation: enabled
2022/11/01 11:15:02 802.15.4 emulation: enabled
2022/11/01 11:15:02 fetching corpus: 0, signal 0/2000 (executing program)
2022/11/01 11:15:02 fetching corpus: 50, signal 36184/39456 (executing program)
2022/11/01 11:15:02 fetching corpus: 100, signal 45183/49829 (executing program)
2022/11/01 11:15:02 fetching corpus: 150, signal 58551/64229 (executing program)
2022/11/01 11:15:02 fetching corpus: 200, signal 67757/74428 (executing program)
2022/11/01 11:15:02 fetching corpus: 250, signal 74460/82075 (executing program)
2022/11/01 11:15:03 fetching corpus: 300, signal 79227/87835 (executing program)
2022/11/01 11:15:03 fetching corpus: 350, signal 83378/92940 (executing program)
2022/11/01 11:15:03 fetching corpus: 400, signal 86679/97126 (executing program)
2022/11/01 11:15:03 fetching corpus: 450, signal 92368/103449 (executing program)
2022/11/01 11:15:03 fetching corpus: 500, signal 95631/107476 (executing program)
2022/11/01 11:15:03 fetching corpus: 550, signal 98551/111124 (executing program)
2022/11/01 11:15:03 fetching corpus: 600, signal 102752/115915 (executing program)
2022/11/01 11:15:04 fetching corpus: 650, signal 106659/120263 (executing program)
2022/11/01 11:15:04 fetching corpus: 700, signal 109656/123839 (executing program)
2022/11/01 11:15:04 fetching corpus: 750, signal 112106/126840 (executing program)
2022/11/01 11:15:04 fetching corpus: 800, signal 115445/130600 (executing program)
2022/11/01 11:15:04 fetching corpus: 850, signal 117642/133327 (executing program)
2022/11/01 11:15:04 fetching corpus: 900, signal 119288/135489 (executing program)
2022/11/01 11:15:04 fetching corpus: 950, signal 122613/139044 (executing program)
2022/11/01 11:15:05 fetching corpus: 1000, signal 124942/141719 (executing program)
2022/11/01 11:15:05 fetching corpus: 1050, signal 127232/144328 (executing program)
2022/11/01 11:15:05 fetching corpus: 1100, signal 129257/146704 (executing program)
2022/11/01 11:15:05 fetching corpus: 1150, signal 132033/149580 (executing program)
2022/11/01 11:15:05 fetching corpus: 1200, signal 134177/151928 (executing program)
2022/11/01 11:15:05 fetching corpus: 1250, signal 135960/154001 (executing program)
2022/11/01 11:15:05 fetching corpus: 1300, signal 137318/155646 (executing program)
2022/11/01 11:15:05 fetching corpus: 1350, signal 139212/157718 (executing program)
2022/11/01 11:15:06 fetching corpus: 1400, signal 141335/159957 (executing program)
2022/11/01 11:15:06 fetching corpus: 1450, signal 142733/161590 (executing program)
2022/11/01 11:15:06 fetching corpus: 1500, signal 144630/163574 (executing program)
2022/11/01 11:15:06 fetching corpus: 1550, signal 145744/164965 (executing program)
2022/11/01 11:15:06 fetching corpus: 1600, signal 147520/166787 (executing program)
2022/11/01 11:15:06 fetching corpus: 1650, signal 149143/168435 (executing program)
2022/11/01 11:15:06 fetching corpus: 1700, signal 150632/170043 (executing program)
2022/11/01 11:15:07 fetching corpus: 1750, signal 152372/171765 (executing program)
2022/11/01 11:15:07 fetching corpus: 1800, signal 153641/173095 (executing program)
2022/11/01 11:15:07 fetching corpus: 1850, signal 154907/174369 (executing program)
2022/11/01 11:15:07 fetching corpus: 1900, signal 156582/175977 (executing program)
2022/11/01 11:15:07 fetching corpus: 1950, signal 157965/177333 (executing program)
2022/11/01 11:15:07 fetching corpus: 2000, signal 159811/179046 (executing program)
2022/11/01 11:15:07 fetching corpus: 2050, signal 161482/180523 (executing program)
2022/11/01 11:15:08 fetching corpus: 2100, signal 162583/181642 (executing program)
2022/11/01 11:15:08 fetching corpus: 2150, signal 163733/182759 (executing program)
2022/11/01 11:15:08 fetching corpus: 2200, signal 165521/184213 (executing program)
2022/11/01 11:15:08 fetching corpus: 2250, signal 167446/185702 (executing program)
2022/11/01 11:15:08 fetching corpus: 2300, signal 169200/187088 (executing program)
2022/11/01 11:15:08 fetching corpus: 2350, signal 170290/188032 (executing program)
2022/11/01 11:15:09 fetching corpus: 2400, signal 171976/189325 (executing program)
2022/11/01 11:15:09 fetching corpus: 2450, signal 173350/190432 (executing program)
2022/11/01 11:15:09 fetching corpus: 2500, signal 174742/191460 (executing program)
2022/11/01 11:15:09 fetching corpus: 2550, signal 176258/192548 (executing program)
2022/11/01 11:15:09 fetching corpus: 2600, signal 177328/193395 (executing program)
2022/11/01 11:15:09 fetching corpus: 2650, signal 178322/194182 (executing program)
2022/11/01 11:15:09 fetching corpus: 2700, signal 179120/194844 (executing program)
2022/11/01 11:15:10 fetching corpus: 2750, signal 179978/195531 (executing program)
2022/11/01 11:15:10 fetching corpus: 2800, signal 180937/196244 (executing program)
2022/11/01 11:15:10 fetching corpus: 2850, signal 181643/196818 (executing program)
2022/11/01 11:15:10 fetching corpus: 2900, signal 182494/197494 (executing program)
2022/11/01 11:15:10 fetching corpus: 2950, signal 183429/198150 (executing program)
2022/11/01 11:15:10 fetching corpus: 3000, signal 184262/198732 (executing program)
2022/11/01 11:15:10 fetching corpus: 3050, signal 185089/199308 (executing program)
2022/11/01 11:15:11 fetching corpus: 3100, signal 185800/199796 (executing program)
2022/11/01 11:15:11 fetching corpus: 3150, signal 186963/200460 (executing program)
2022/11/01 11:15:11 fetching corpus: 3200, signal 187872/200996 (executing program)
2022/11/01 11:15:11 fetching corpus: 3250, signal 188643/201447 (executing program)
2022/11/01 11:15:11 fetching corpus: 3300, signal 189571/201992 (executing program)
2022/11/01 11:15:11 fetching corpus: 3350, signal 190852/202621 (executing program)
2022/11/01 11:15:11 fetching corpus: 3400, signal 192085/203211 (executing program)
2022/11/01 11:15:12 fetching corpus: 3450, signal 193249/203750 (executing program)
2022/11/01 11:15:12 fetching corpus: 3500, signal 194421/204268 (executing program)
2022/11/01 11:15:12 fetching corpus: 3550, signal 195361/204700 (executing program)
2022/11/01 11:15:12 fetching corpus: 3600, signal 196059/205036 (executing program)
2022/11/01 11:15:12 fetching corpus: 3650, signal 196889/205383 (executing program)
2022/11/01 11:15:12 fetching corpus: 3700, signal 197488/205659 (executing program)
2022/11/01 11:15:12 fetching corpus: 3750, signal 198012/205940 (executing program)
2022/11/01 11:15:13 fetching corpus: 3800, signal 199138/206341 (executing program)
2022/11/01 11:15:13 fetching corpus: 3850, signal 199743/206618 (executing program)
2022/11/01 11:15:13 fetching corpus: 3900, signal 200530/206913 (executing program)
2022/11/01 11:15:13 fetching corpus: 3950, signal 201373/207174 (executing program)
2022/11/01 11:15:13 fetching corpus: 4000, signal 202833/207619 (executing program)
2022/11/01 11:15:13 fetching corpus: 4050, signal 203941/207907 (executing program)
2022/11/01 11:15:13 fetching corpus: 4087, signal 204418/208042 (executing program)
2022/11/01 11:15:13 fetching corpus: 4087, signal 204418/208087 (executing program)
2022/11/01 11:15:13 fetching corpus: 4087, signal 204418/208139 (executing program)
2022/11/01 11:15:13 fetching corpus: 4087, signal 204418/208189 (executing program)
2022/11/01 11:15:14 fetching corpus: 4087, signal 204418/208224 (executing program)
2022/11/01 11:15:14 fetching corpus: 4087, signal 204418/208270 (executing program)
2022/11/01 11:15:14 fetching corpus: 4087, signal 204418/208321 (executing program)
2022/11/01 11:15:14 fetching corpus: 4087, signal 204418/208365 (executing program)
2022/11/01 11:15:14 fetching corpus: 4087, signal 204418/208407 (executing program)
2022/11/01 11:15:14 fetching corpus: 4087, signal 204418/208456 (executing program)
2022/11/01 11:15:14 fetching corpus: 4087, signal 204418/208508 (executing program)
2022/11/01 11:15:14 fetching corpus: 4087, signal 204418/208561 (executing program)
2022/11/01 11:15:14 fetching corpus: 4087, signal 204418/208613 (executing program)
2022/11/01 11:15:14 fetching corpus: 4087, signal 204418/208652 (executing program)
2022/11/01 11:15:14 fetching corpus: 4087, signal 204418/208690 (executing program)
2022/11/01 11:15:14 fetching corpus: 4087, signal 204418/208732 (executing program)
2022/11/01 11:15:14 fetching corpus: 4087, signal 204418/208772 (executing program)
2022/11/01 11:15:14 fetching corpus: 4087, signal 204418/208816 (executing program)
2022/11/01 11:15:14 fetching corpus: 4087, signal 204418/208864 (executing program)
2022/11/01 11:15:14 fetching corpus: 4087, signal 204418/208906 (executing program)
2022/11/01 11:15:14 fetching corpus: 4087, signal 204418/208943 (executing program)
2022/11/01 11:15:14 fetching corpus: 4087, signal 204418/208987 (executing program)
2022/11/01 11:15:14 fetching corpus: 4087, signal 204418/208988 (executing program)
2022/11/01 11:15:14 fetching corpus: 4087, signal 204418/208988 (executing program)
2022/11/01 11:15:16 starting 8 fuzzer processes
11:15:16 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
pwritev(r1, &(0x7f0000000080)=[{&(0x7f0000000140)='\x00', 0x1a}], 0x1, 0x7fffffc, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x121042, 0x21)
pwritev(r2, &(0x7f00000000c0)=[{0x0}, {&(0x7f0000000000)="dbf225f5a45686", 0x7}, {&(0x7f0000000240)}], 0x3, 0x8001, 0x0)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext={0xfffffffffffffffe}, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendfile(r0, r0, 0x0, 0x100000)

11:15:16 executing program 1:
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x76, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = fsopen(&(0x7f0000000000)='ramfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
r1 = fsmount(r0, 0x0, 0x0)
symlinkat(&(0x7f0000000000)='.\x00', r1, &(0x7f00000001c0)='./file0\x00')
fspick(r1, &(0x7f0000000140)='./file0\x00', 0x0)

11:15:16 executing program 2:
mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x0, 0x4d031, 0xffffffffffffffff, 0x0)
clone3(&(0x7f0000000540)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)

11:15:16 executing program 3:
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xb)
r0 = socket$inet_udp(0x2, 0x2, 0x0)
fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e20, @empty}, 0x10)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$sock_timeval(r1, 0x1, 0x49, &(0x7f0000000000)={0x77359400}, 0x10)

[   63.855777] audit: type=1400 audit(1667301316.749:6): avc:  denied  { execmem } for  pid=286 comm="syz-executor.0" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1
11:15:16 executing program 4:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_ifreq(r0, 0x894a, &(0x7f0000000000)={'lo\x00', @ifru_ivalue})

11:15:16 executing program 6:
r0 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000140)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffd)
r1 = add_key$keyring(&(0x7f0000000040), &(0x7f0000000080)={'syz', 0x3}, 0x0, 0x0, r0)
keyctl$KEYCTL_MOVE(0x11, r0, r0, r1, 0x0)

11:15:16 executing program 7:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000080), 0x0)
ioctl$BTRFS_IOC_QUOTA_RESCAN_STATUS(r0, 0x5420, 0x0)

11:15:16 executing program 5:
ustat(0x2, &(0x7f0000000040))

[   65.067229] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   65.069999] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   65.072192] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   65.075805] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   65.077838] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[   65.079450] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   65.085667] Bluetooth: hci0: HCI_REQ-0x0c1a
[   65.121303] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[   65.122781] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[   65.126646] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[   65.127616] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[   65.136786] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[   65.137734] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[   65.145639] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[   65.146625] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[   65.159000] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[   65.160089] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[   65.164329] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[   65.165480] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[   65.188560] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[   65.190445] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[   65.191925] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[   65.193028] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[   65.194682] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[   65.195631] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[   65.196618] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[   65.197896] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[   65.198991] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[   65.201996] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[   65.203968] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[   65.204920] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[   65.205993] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[   65.207399] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[   65.209005] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[   65.210035] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3
[   65.211221] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[   65.214114] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[   65.223056] Bluetooth: hci2: HCI_REQ-0x0c1a
[   65.225610] Bluetooth: hci1: HCI_REQ-0x0c1a
[   65.255387] Bluetooth: hci5: HCI_REQ-0x0c1a
[   65.258377] Bluetooth: hci3: HCI_REQ-0x0c1a
[   65.259173] Bluetooth: hci4: HCI_REQ-0x0c1a
[   65.345448] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1
[   65.350467] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9
[   65.406257] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9
[   65.430763] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4
[   65.440126] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3
[   65.451791] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2
[   65.472581] Bluetooth: hci7: HCI_REQ-0x0c1a
[   67.150015] Bluetooth: hci0: command 0x0409 tx timeout
[   67.276663] Bluetooth: hci3: command 0x0409 tx timeout
[   67.276818] Bluetooth: hci6: Opcode 0x c03 failed: -110
[   67.277761] Bluetooth: hci5: command 0x0409 tx timeout
[   67.279252] Bluetooth: hci1: command 0x0409 tx timeout
[   67.280183] Bluetooth: hci2: command 0x0409 tx timeout
[   67.340633] Bluetooth: hci4: command 0x0409 tx timeout
[   67.532688] Bluetooth: hci7: command 0x0409 tx timeout
[   69.196681] Bluetooth: hci0: command 0x041b tx timeout
[   69.324667] Bluetooth: hci1: command 0x041b tx timeout
[   69.325401] Bluetooth: hci5: command 0x041b tx timeout
[   69.326203] Bluetooth: hci3: command 0x041b tx timeout
[   69.326988] Bluetooth: hci2: command 0x041b tx timeout
[   69.388583] Bluetooth: hci4: command 0x041b tx timeout
[   69.580731] Bluetooth: hci7: command 0x041b tx timeout
[   71.244693] Bluetooth: hci0: command 0x040f tx timeout
[   71.372723] Bluetooth: hci2: command 0x040f tx timeout
[   71.372749] Bluetooth: hci3: command 0x040f tx timeout
[   71.374256] Bluetooth: hci5: command 0x040f tx timeout
[   71.374294] Bluetooth: hci1: command 0x040f tx timeout
[   71.436579] Bluetooth: hci4: command 0x040f tx timeout
[   71.628780] Bluetooth: hci7: command 0x040f tx timeout
[   72.780668] Bluetooth: hci6: Opcode 0x c03 failed: -110
[   73.292642] Bluetooth: hci0: command 0x0419 tx timeout
[   73.420778] Bluetooth: hci5: command 0x0419 tx timeout
[   73.421328] Bluetooth: hci1: command 0x0419 tx timeout
[   73.421882] Bluetooth: hci2: command 0x0419 tx timeout
[   73.422400] Bluetooth: hci3: command 0x0419 tx timeout
[   73.484541] Bluetooth: hci4: command 0x0419 tx timeout
[   73.676662] Bluetooth: hci7: command 0x0419 tx timeout
[   75.455670] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[   75.481164] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[   75.485070] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[   75.490547] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[   75.494967] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3
[   75.501962] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[   75.508595] Bluetooth: hci6: HCI_REQ-0x0c1a
[   77.516587] Bluetooth: hci6: command 0x0409 tx timeout
[   79.564562] Bluetooth: hci6: command 0x041b tx timeout
[   81.612629] Bluetooth: hci6: command 0x040f tx timeout
[   83.660618] Bluetooth: hci6: command 0x0419 tx timeout
[  117.896636] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  117.897275] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  117.898513] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  118.088751] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  118.089382] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  118.091276] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  119.100134] audit: type=1400 audit(1667301371.994:7): avc:  denied  { open } for  pid=3641 comm="syz-executor.3" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1
[  119.102816] audit: type=1400 audit(1667301371.994:8): avc:  denied  { kernel } for  pid=3641 comm="syz-executor.3" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1
[  119.382583] hrtimer: interrupt took 27471 ns
[  119.568598] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  119.569217] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  119.570982] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  119.746032] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  119.746668] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  119.748323] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
11:16:12 executing program 3:
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xb)
r0 = socket$inet_udp(0x2, 0x2, 0x0)
fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e20, @empty}, 0x10)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$sock_timeval(r1, 0x1, 0x49, &(0x7f0000000000)={0x77359400}, 0x10)

11:16:13 executing program 3:
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xb)
r0 = socket$inet_udp(0x2, 0x2, 0x0)
fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e20, @empty}, 0x10)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$sock_timeval(r1, 0x1, 0x49, &(0x7f0000000000)={0x77359400}, 0x10)

11:16:13 executing program 7:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000080), 0x0)
ioctl$BTRFS_IOC_QUOTA_RESCAN_STATUS(r0, 0x5420, 0x0)

11:16:13 executing program 7:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000080), 0x0)
ioctl$BTRFS_IOC_QUOTA_RESCAN_STATUS(r0, 0x5420, 0x0)

11:16:14 executing program 7:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000080), 0x0)
ioctl$BTRFS_IOC_QUOTA_RESCAN_STATUS(r0, 0x5420, 0x0)

11:16:14 executing program 3:
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xb)
r0 = socket$inet_udp(0x2, 0x2, 0x0)
fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e20, @empty}, 0x10)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$sock_timeval(r1, 0x1, 0x49, &(0x7f0000000000)={0x77359400}, 0x10)

11:16:14 executing program 7:
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xb)
r0 = socket$inet_udp(0x2, 0x2, 0x0)
fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e20, @empty}, 0x10)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$sock_timeval(r1, 0x1, 0x49, &(0x7f0000000000)={0x77359400}, 0x10)

11:16:15 executing program 7:
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xb)
r0 = socket$inet_udp(0x2, 0x2, 0x0)
fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e20, @empty}, 0x10)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$sock_timeval(r1, 0x1, 0x49, &(0x7f0000000000)={0x77359400}, 0x10)

[  123.021748] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  123.022884] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  123.025392] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  123.185618] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  123.186677] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  123.188947] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  123.825977] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  123.826616] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  123.828020] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  124.001787] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  124.002436] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  124.004028] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  126.570309] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  126.580282] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  126.581692] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  126.584780] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  126.586361] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  126.588441] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  126.593268] Bluetooth: hci0: HCI_REQ-0x0c1a
[  126.804215] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  126.806420] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  126.808182] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  126.811167] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  126.813016] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  126.814370] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  126.825285] Bluetooth: hci1: HCI_REQ-0x0c1a
[  126.948212] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  126.960283] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  126.962158] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  126.969639] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  126.976368] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[  126.984950] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  126.995555] Bluetooth: hci2: HCI_REQ-0x0c1a
[  127.056423] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  127.057763] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  127.061728] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  127.074711] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  127.076285] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[  127.078282] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  127.086702] Bluetooth: hci3: HCI_REQ-0x0c1a
[  127.501162] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  127.501743] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  127.503265] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  127.641433] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  127.642034] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  127.643655] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  128.652798] Bluetooth: hci0: command 0x0409 tx timeout
[  128.844597] Bluetooth: hci1: command 0x0409 tx timeout
[  129.036569] Bluetooth: hci2: command 0x0409 tx timeout
[  129.101628] Bluetooth: hci5: Opcode 0x c03 failed: -110
[  129.165237] Bluetooth: hci3: command 0x0409 tx timeout
[  130.700547] Bluetooth: hci0: command 0x041b tx timeout
[  130.892541] Bluetooth: hci1: command 0x041b tx timeout
[  131.084549] Bluetooth: hci2: command 0x041b tx timeout
[  131.213611] Bluetooth: hci3: command 0x041b tx timeout
[  132.750287] Bluetooth: hci0: command 0x040f tx timeout
[  132.940540] Bluetooth: hci1: command 0x040f tx timeout
[  133.132550] Bluetooth: hci2: command 0x040f tx timeout
[  133.261556] Bluetooth: hci3: command 0x040f tx timeout
[  133.516578] Bluetooth: hci5: Opcode 0x c03 failed: -110
[  134.797553] Bluetooth: hci0: command 0x0419 tx timeout
[  134.989574] Bluetooth: hci1: command 0x0419 tx timeout
[  135.180574] Bluetooth: hci2: command 0x0419 tx timeout
[  135.308551] Bluetooth: hci3: command 0x0419 tx timeout
[  137.868617] Bluetooth: hci5: Opcode 0x c03 failed: -110
[  142.220586] Bluetooth: hci5: Opcode 0x c03 failed: -110
[  146.572574] Bluetooth: hci5: Opcode 0x c03 failed: -110
[  150.988689] Bluetooth: hci5: Opcode 0x c03 failed: -110
[  155.596651] Bluetooth: hci5: Opcode 0x c03 failed: -110
[  155.900564] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  155.901619] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  155.904257] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  156.003337] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  156.004675] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  156.007104] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  156.084180] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  156.085231] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  156.087244] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  156.134888] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  156.135529] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  156.137613] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  157.228196] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  157.229325] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  157.231682] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  157.292242] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  157.292823] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  157.294902] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  157.303981] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  157.305741] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  157.312030] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  157.380603] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  157.381158] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  157.382692] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  160.204738] Bluetooth: hci5: Opcode 0x c03 failed: -110
[  162.454935] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  162.466193] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  162.467957] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  162.476272] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  162.478625] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3
[  162.482055] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  162.488020] Bluetooth: hci5: HCI_REQ-0x0c1a
[  164.556666] Bluetooth: hci5: command 0x0409 tx timeout
[  166.604584] Bluetooth: hci5: command 0x041b tx timeout
[  168.652565] Bluetooth: hci5: command 0x040f tx timeout
[  170.700637] Bluetooth: hci5: command 0x0419 tx timeout
[  184.321028] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  184.322949] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  184.325370] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  184.380795] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  184.381948] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  184.384127] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
11:17:17 executing program 1:
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x76, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = fsopen(&(0x7f0000000000)='ramfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
r1 = fsmount(r0, 0x0, 0x0)
symlinkat(&(0x7f0000000000)='.\x00', r1, &(0x7f00000001c0)='./file0\x00')
fspick(r1, &(0x7f0000000140)='./file0\x00', 0x0)

11:17:17 executing program 4:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_ifreq(r0, 0x894a, &(0x7f0000000000)={'lo\x00', @ifru_ivalue})

11:17:17 executing program 5:
ustat(0x2, &(0x7f0000000040))

11:17:17 executing program 7:
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xb)
r0 = socket$inet_udp(0x2, 0x2, 0x0)
fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e20, @empty}, 0x10)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$sock_timeval(r1, 0x1, 0x49, &(0x7f0000000000)={0x77359400}, 0x10)

11:17:17 executing program 3:
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xb)
r0 = socket$inet_udp(0x2, 0x2, 0x0)
fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e20, @empty}, 0x10)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$sock_timeval(r1, 0x1, 0x49, &(0x7f0000000000)={0x77359400}, 0x10)

11:17:17 executing program 2:
mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x0, 0x4d031, 0xffffffffffffffff, 0x0)
clone3(&(0x7f0000000540)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)

11:17:17 executing program 6:
r0 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000140)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffd)
r1 = add_key$keyring(&(0x7f0000000040), &(0x7f0000000080)={'syz', 0x3}, 0x0, 0x0, r0)
keyctl$KEYCTL_MOVE(0x11, r0, r0, r1, 0x0)

11:17:17 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
pwritev(r1, &(0x7f0000000080)=[{&(0x7f0000000140)='\x00', 0x1a}], 0x1, 0x7fffffc, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x121042, 0x21)
pwritev(r2, &(0x7f00000000c0)=[{0x0}, {&(0x7f0000000000)="dbf225f5a45686", 0x7}, {&(0x7f0000000240)}], 0x3, 0x8001, 0x0)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext={0xfffffffffffffffe}, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendfile(r0, r0, 0x0, 0x100000)

11:17:17 executing program 4:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_ifreq(r0, 0x894a, &(0x7f0000000000)={'lo\x00', @ifru_ivalue})

11:17:17 executing program 2:
mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x0, 0x4d031, 0xffffffffffffffff, 0x0)
clone3(&(0x7f0000000540)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)

11:17:18 executing program 1:
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x76, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = fsopen(&(0x7f0000000000)='ramfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
r1 = fsmount(r0, 0x0, 0x0)
symlinkat(&(0x7f0000000000)='.\x00', r1, &(0x7f00000001c0)='./file0\x00')
fspick(r1, &(0x7f0000000140)='./file0\x00', 0x0)

11:17:18 executing program 6:
r0 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000140)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffd)
r1 = add_key$keyring(&(0x7f0000000040), &(0x7f0000000080)={'syz', 0x3}, 0x0, 0x0, r0)
keyctl$KEYCTL_MOVE(0x11, r0, r0, r1, 0x0)

11:17:18 executing program 5:
ustat(0x2, &(0x7f0000000040))

11:17:18 executing program 2:
mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x0, 0x4d031, 0xffffffffffffffff, 0x0)
clone3(&(0x7f0000000540)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)

11:17:18 executing program 4:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_ifreq(r0, 0x894a, &(0x7f0000000000)={'lo\x00', @ifru_ivalue})

11:17:18 executing program 7:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
pwritev(r1, &(0x7f0000000080)=[{&(0x7f0000000140)='\x00', 0x1a}], 0x1, 0x7fffffc, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x121042, 0x21)
pwritev(r2, &(0x7f00000000c0)=[{0x0}, {&(0x7f0000000000)="dbf225f5a45686", 0x7}, {&(0x7f0000000240)}], 0x3, 0x8001, 0x0)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext={0xfffffffffffffffe}, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendfile(r0, r0, 0x0, 0x100000)

11:17:18 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
pwritev(r1, &(0x7f0000000080)=[{&(0x7f0000000140)='\x00', 0x1a}], 0x1, 0x7fffffc, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x121042, 0x21)
pwritev(r2, &(0x7f00000000c0)=[{0x0}, {&(0x7f0000000000)="dbf225f5a45686", 0x7}, {&(0x7f0000000240)}], 0x3, 0x8001, 0x0)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext={0xfffffffffffffffe}, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendfile(r0, r0, 0x0, 0x100000)

11:17:18 executing program 3:
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xb)
r0 = socket$inet_udp(0x2, 0x2, 0x0)
fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e20, @empty}, 0x10)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$sock_timeval(r1, 0x1, 0x49, &(0x7f0000000000)={0x77359400}, 0x10)

11:17:18 executing program 2:
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x76, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = fsopen(&(0x7f0000000000)='ramfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
r1 = fsmount(r0, 0x0, 0x0)
symlinkat(&(0x7f0000000000)='.\x00', r1, &(0x7f00000001c0)='./file0\x00')
fspick(r1, &(0x7f0000000140)='./file0\x00', 0x0)

11:17:19 executing program 6:
r0 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000140)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffd)
r1 = add_key$keyring(&(0x7f0000000040), &(0x7f0000000080)={'syz', 0x3}, 0x0, 0x0, r0)
keyctl$KEYCTL_MOVE(0x11, r0, r0, r1, 0x0)

11:17:19 executing program 5:
ustat(0x2, &(0x7f0000000040))

11:17:19 executing program 4:
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x76, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = fsopen(&(0x7f0000000000)='ramfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
r1 = fsmount(r0, 0x0, 0x0)
symlinkat(&(0x7f0000000000)='.\x00', r1, &(0x7f00000001c0)='./file0\x00')
fspick(r1, &(0x7f0000000140)='./file0\x00', 0x0)

11:17:19 executing program 1:
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x76, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = fsopen(&(0x7f0000000000)='ramfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
r1 = fsmount(r0, 0x0, 0x0)
symlinkat(&(0x7f0000000000)='.\x00', r1, &(0x7f00000001c0)='./file0\x00')
fspick(r1, &(0x7f0000000140)='./file0\x00', 0x0)

11:17:19 executing program 2:
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x76, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = fsopen(&(0x7f0000000000)='ramfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
r1 = fsmount(r0, 0x0, 0x0)
symlinkat(&(0x7f0000000000)='.\x00', r1, &(0x7f00000001c0)='./file0\x00')
fspick(r1, &(0x7f0000000140)='./file0\x00', 0x0)

11:17:19 executing program 5:
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xb)
r0 = socket$inet_udp(0x2, 0x2, 0x0)
fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e20, @empty}, 0x10)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$sock_timeval(r1, 0x1, 0x49, &(0x7f0000000000)={0x77359400}, 0x10)

11:17:19 executing program 3:
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xb)
r0 = socket$inet_udp(0x2, 0x2, 0x0)
fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e20, @empty}, 0x10)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$sock_timeval(r1, 0x1, 0x49, &(0x7f0000000000)={0x77359400}, 0x10)

11:17:19 executing program 2:
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x76, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = fsopen(&(0x7f0000000000)='ramfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
r1 = fsmount(r0, 0x0, 0x0)
symlinkat(&(0x7f0000000000)='.\x00', r1, &(0x7f00000001c0)='./file0\x00')
fspick(r1, &(0x7f0000000140)='./file0\x00', 0x0)

11:17:19 executing program 1:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000500)='/sys/module/drm_kms_helper', 0x0, 0x0)

11:17:19 executing program 6:
r0 = memfd_create(&(0x7f0000000000)='B\xdb/\x89\x03l\xdeb\xcb\xb54\xed\xbeLY\xb5Z\xe1\x12S\xf5G\xcc\xf3\xe9\x02h\v\xca(\x96\xe1C\xdf\x1c\xea\x85C\xfb\x10\x13\xfa\x03\x16\xcd\x17\xa2\x80\xa1z\xb4r\x95\xc3@\x9d\xa6\xf1\x92#}g\xd3`\xf7\xcez\xcb\xb3\x1a\xbb\xc48e\x8e\xb1&\xd1\x8a\xe6!\x7f\x8d\xea,qx\xa28\xbf\"\xc7e\x06L\xb06\xeb<$\xd7\xba\xe5\x01\x03\x94r\xab\xd4J\x03s\xaf\xf6A\xbfV\xfa\x1ew\x8d\xbf\x99I\x97\xd8\xd2\xe8\x11\xc4\x04\x00\x84\xd5i\xee\xaf\xae[E\x1f\xdd\xd7#rT+\xb621p\xaf[\x99\" 1\xeb\xc7)\xd2\x1dh\xf2\xd5s\xfd?\fa>\x9f;\xe5r\xe5\xbd\xb0|=\x8eZcPY\xf8\xbd\x13\xaa\x8b\xdf\xbc\x93u\xd5\xb0r\xfb\xde\xe7\xd9k\xe2\xc6\x1b\xf2o@&>\xf2M\xe7\x8c\xeb\xee\xf5\x02~\x85\x14\xf3\xc6v\xf15PE\x8c\xca\x16$\xc2\x01#\xb563\rbq\xbf64\xfaW\x17\xdfa\xe6\xca\x86\xd7\xf8\x81X\x9bg4\xc1\xdam\xcf=Rq6\xb0\xd4D=I\x1a\x0e\xd0\xabz\xe2\x19\x0fM\xad\xdco\xa4\xb2\x8c?\xc1\x10\xf273\xd00\xb3_\xe8\x9a*\xfcL\xea;\xc0\x9a\xdbx!N;\xb5x\t\xa4E\xbe\x93r\x04\xf5\xf0\xf5\x7f\x9a)\xf5\x1b\"\xa1\xd8\x06>\xc9\xe2r\xe9_\xfe\xc0\b\x81\x98\x1c\xe2\xe0?\x8f\xa1\xbel\aN\x83@\xb1\x03)4A\x83\xd6\xcf\xf6\xb5\x82\xb7\x9dA\b$\xa2x\x8a@\xfaj~\xef\x93\xb1/L\x01\xe2\xba|\xf0\x01)PP\xcdl\x06\xfc\x15;qZ\xb1u\xc9\xd0\xd16~JEGm\xe4\x1e@\x9dG\xe4@\xdf\xba\'\x8b\x1cD\xc7\xec\xd1@}tR\xd9P\xf4N\xe3\xd8x\xa0\x91\x17\xc2}\x13\b\xca\t(Z\xa3_\xa1\x90\x15T\x93\xe7%\x98\xa7\xfb\x8bp/eq\x93\xbf\x1f =|\xf3\xb1\xfcR\xd8\nM,\xcb%@\'\x15\x88\xd8\xad\f\x91|\x95\x8fq+\x98\x81W\xba\x9f\xe0elOt\xbd\by\r\x87\x1c\xba\xbd\x8e+S>\xb8\xe29\x91h^x\xfb`\x00\xdd/\xa6\xb1\x16=\xa1bw\xc5I\xb1\x00'/549, 0x0)
fallocate(r0, 0x0, 0x0, 0x9)
ioctl$FS_IOC_RESVSP(r0, 0x40305829, &(0x7f0000000280)={0x0, 0x2, 0x0, 0x8800000})

11:17:19 executing program 1:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
sendmmsg$inet6(r0, &(0x7f0000000d40)=[{{&(0x7f0000000000)={0xa, 0x4e22, 0x0, @loopback}, 0x1c, 0x0}}], 0x1, 0x8085)
close(r0)

11:17:19 executing program 4:
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x76, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = fsopen(&(0x7f0000000000)='ramfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
r1 = fsmount(r0, 0x0, 0x0)
symlinkat(&(0x7f0000000000)='.\x00', r1, &(0x7f00000001c0)='./file0\x00')
fspick(r1, &(0x7f0000000140)='./file0\x00', 0x0)

11:17:19 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
pwritev(r1, &(0x7f0000000080)=[{&(0x7f0000000140)='\x00', 0x1a}], 0x1, 0x7fffffc, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x121042, 0x21)
pwritev(r2, &(0x7f00000000c0)=[{0x0}, {&(0x7f0000000000)="dbf225f5a45686", 0x7}, {&(0x7f0000000240)}], 0x3, 0x8001, 0x0)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext={0xfffffffffffffffe}, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendfile(r0, r0, 0x0, 0x100000)

11:17:19 executing program 6:
r0 = memfd_create(&(0x7f0000000000)='B\xdb/\x89\x03l\xdeb\xcb\xb54\xed\xbeLY\xb5Z\xe1\x12S\xf5G\xcc\xf3\xe9\x02h\v\xca(\x96\xe1C\xdf\x1c\xea\x85C\xfb\x10\x13\xfa\x03\x16\xcd\x17\xa2\x80\xa1z\xb4r\x95\xc3@\x9d\xa6\xf1\x92#}g\xd3`\xf7\xcez\xcb\xb3\x1a\xbb\xc48e\x8e\xb1&\xd1\x8a\xe6!\x7f\x8d\xea,qx\xa28\xbf\"\xc7e\x06L\xb06\xeb<$\xd7\xba\xe5\x01\x03\x94r\xab\xd4J\x03s\xaf\xf6A\xbfV\xfa\x1ew\x8d\xbf\x99I\x97\xd8\xd2\xe8\x11\xc4\x04\x00\x84\xd5i\xee\xaf\xae[E\x1f\xdd\xd7#rT+\xb621p\xaf[\x99\" 1\xeb\xc7)\xd2\x1dh\xf2\xd5s\xfd?\fa>\x9f;\xe5r\xe5\xbd\xb0|=\x8eZcPY\xf8\xbd\x13\xaa\x8b\xdf\xbc\x93u\xd5\xb0r\xfb\xde\xe7\xd9k\xe2\xc6\x1b\xf2o@&>\xf2M\xe7\x8c\xeb\xee\xf5\x02~\x85\x14\xf3\xc6v\xf15PE\x8c\xca\x16$\xc2\x01#\xb563\rbq\xbf64\xfaW\x17\xdfa\xe6\xca\x86\xd7\xf8\x81X\x9bg4\xc1\xdam\xcf=Rq6\xb0\xd4D=I\x1a\x0e\xd0\xabz\xe2\x19\x0fM\xad\xdco\xa4\xb2\x8c?\xc1\x10\xf273\xd00\xb3_\xe8\x9a*\xfcL\xea;\xc0\x9a\xdbx!N;\xb5x\t\xa4E\xbe\x93r\x04\xf5\xf0\xf5\x7f\x9a)\xf5\x1b\"\xa1\xd8\x06>\xc9\xe2r\xe9_\xfe\xc0\b\x81\x98\x1c\xe2\xe0?\x8f\xa1\xbel\aN\x83@\xb1\x03)4A\x83\xd6\xcf\xf6\xb5\x82\xb7\x9dA\b$\xa2x\x8a@\xfaj~\xef\x93\xb1/L\x01\xe2\xba|\xf0\x01)PP\xcdl\x06\xfc\x15;qZ\xb1u\xc9\xd0\xd16~JEGm\xe4\x1e@\x9dG\xe4@\xdf\xba\'\x8b\x1cD\xc7\xec\xd1@}tR\xd9P\xf4N\xe3\xd8x\xa0\x91\x17\xc2}\x13\b\xca\t(Z\xa3_\xa1\x90\x15T\x93\xe7%\x98\xa7\xfb\x8bp/eq\x93\xbf\x1f =|\xf3\xb1\xfcR\xd8\nM,\xcb%@\'\x15\x88\xd8\xad\f\x91|\x95\x8fq+\x98\x81W\xba\x9f\xe0elOt\xbd\by\r\x87\x1c\xba\xbd\x8e+S>\xb8\xe29\x91h^x\xfb`\x00\xdd/\xa6\xb1\x16=\xa1bw\xc5I\xb1\x00'/549, 0x0)
fallocate(r0, 0x0, 0x0, 0x9)
ioctl$FS_IOC_RESVSP(r0, 0x40305829, &(0x7f0000000280)={0x0, 0x2, 0x0, 0x8800000})

11:17:19 executing program 2:
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_DELETE(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)={0x1c, 0x2, 0x1, 0x301, 0x0, 0x0, {}, [@CTA_STATUS={0x8, 0x3, 0x1, 0x0, 0x1406}]}, 0x1c}}, 0x0)

11:17:19 executing program 7:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
pwritev(r1, &(0x7f0000000080)=[{&(0x7f0000000140)='\x00', 0x1a}], 0x1, 0x7fffffc, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x121042, 0x21)
pwritev(r2, &(0x7f00000000c0)=[{0x0}, {&(0x7f0000000000)="dbf225f5a45686", 0x7}, {&(0x7f0000000240)}], 0x3, 0x8001, 0x0)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext={0xfffffffffffffffe}, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendfile(r0, r0, 0x0, 0x100000)

11:17:19 executing program 1:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
sendmmsg$inet6(r0, &(0x7f0000000d40)=[{{&(0x7f0000000000)={0xa, 0x4e22, 0x0, @loopback}, 0x1c, 0x0}}], 0x1, 0x8085)
close(r0)

11:17:19 executing program 4:
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x76, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = fsopen(&(0x7f0000000000)='ramfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
r1 = fsmount(r0, 0x0, 0x0)
symlinkat(&(0x7f0000000000)='.\x00', r1, &(0x7f00000001c0)='./file0\x00')
fspick(r1, &(0x7f0000000140)='./file0\x00', 0x0)

11:17:19 executing program 3:
r0 = memfd_create(&(0x7f0000000000)='B\xdb/\x89\x03l\xdeb\xcb\xb54\xed\xbeLY\xb5Z\xe1\x12S\xf5G\xcc\xf3\xe9\x02h\v\xca(\x96\xe1C\xdf\x1c\xea\x85C\xfb\x10\x13\xfa\x03\x16\xcd\x17\xa2\x80\xa1z\xb4r\x95\xc3@\x9d\xa6\xf1\x92#}g\xd3`\xf7\xcez\xcb\xb3\x1a\xbb\xc48e\x8e\xb1&\xd1\x8a\xe6!\x7f\x8d\xea,qx\xa28\xbf\"\xc7e\x06L\xb06\xeb<$\xd7\xba\xe5\x01\x03\x94r\xab\xd4J\x03s\xaf\xf6A\xbfV\xfa\x1ew\x8d\xbf\x99I\x97\xd8\xd2\xe8\x11\xc4\x04\x00\x84\xd5i\xee\xaf\xae[E\x1f\xdd\xd7#rT+\xb621p\xaf[\x99\" 1\xeb\xc7)\xd2\x1dh\xf2\xd5s\xfd?\fa>\x9f;\xe5r\xe5\xbd\xb0|=\x8eZcPY\xf8\xbd\x13\xaa\x8b\xdf\xbc\x93u\xd5\xb0r\xfb\xde\xe7\xd9k\xe2\xc6\x1b\xf2o@&>\xf2M\xe7\x8c\xeb\xee\xf5\x02~\x85\x14\xf3\xc6v\xf15PE\x8c\xca\x16$\xc2\x01#\xb563\rbq\xbf64\xfaW\x17\xdfa\xe6\xca\x86\xd7\xf8\x81X\x9bg4\xc1\xdam\xcf=Rq6\xb0\xd4D=I\x1a\x0e\xd0\xabz\xe2\x19\x0fM\xad\xdco\xa4\xb2\x8c?\xc1\x10\xf273\xd00\xb3_\xe8\x9a*\xfcL\xea;\xc0\x9a\xdbx!N;\xb5x\t\xa4E\xbe\x93r\x04\xf5\xf0\xf5\x7f\x9a)\xf5\x1b\"\xa1\xd8\x06>\xc9\xe2r\xe9_\xfe\xc0\b\x81\x98\x1c\xe2\xe0?\x8f\xa1\xbel\aN\x83@\xb1\x03)4A\x83\xd6\xcf\xf6\xb5\x82\xb7\x9dA\b$\xa2x\x8a@\xfaj~\xef\x93\xb1/L\x01\xe2\xba|\xf0\x01)PP\xcdl\x06\xfc\x15;qZ\xb1u\xc9\xd0\xd16~JEGm\xe4\x1e@\x9dG\xe4@\xdf\xba\'\x8b\x1cD\xc7\xec\xd1@}tR\xd9P\xf4N\xe3\xd8x\xa0\x91\x17\xc2}\x13\b\xca\t(Z\xa3_\xa1\x90\x15T\x93\xe7%\x98\xa7\xfb\x8bp/eq\x93\xbf\x1f =|\xf3\xb1\xfcR\xd8\nM,\xcb%@\'\x15\x88\xd8\xad\f\x91|\x95\x8fq+\x98\x81W\xba\x9f\xe0elOt\xbd\by\r\x87\x1c\xba\xbd\x8e+S>\xb8\xe29\x91h^x\xfb`\x00\xdd/\xa6\xb1\x16=\xa1bw\xc5I\xb1\x00'/549, 0x0)
fallocate(r0, 0x0, 0x0, 0x9)
ioctl$FS_IOC_RESVSP(r0, 0x40305829, &(0x7f0000000280)={0x0, 0x2, 0x0, 0x8800000})

11:17:19 executing program 5:
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xb)
r0 = socket$inet_udp(0x2, 0x2, 0x0)
fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e20, @empty}, 0x10)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$sock_timeval(r1, 0x1, 0x49, &(0x7f0000000000)={0x77359400}, 0x10)

11:17:19 executing program 1:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
sendmmsg$inet6(r0, &(0x7f0000000d40)=[{{&(0x7f0000000000)={0xa, 0x4e22, 0x0, @loopback}, 0x1c, 0x0}}], 0x1, 0x8085)
close(r0)

11:17:19 executing program 2:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
syz_emit_ethernet(0x3e, &(0x7f0000000000)={@multicast, @local, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x30, 0x0, 0x0, 0x0, 0x1, 0x0, @rand_addr, @multicast1}, @source_quench={0x4, 0x0, 0x0, 0x0, {0x5, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @loopback, @local}}}}}}, 0x0)
setsockopt$inet_int(r0, 0x0, 0x8, &(0x7f0000000040)=0x4, 0x4)
recvfrom(r0, 0x0, 0x0, 0x0, 0x0, 0x0)

11:17:20 executing program 3:
r0 = memfd_create(&(0x7f0000000000)='B\xdb/\x89\x03l\xdeb\xcb\xb54\xed\xbeLY\xb5Z\xe1\x12S\xf5G\xcc\xf3\xe9\x02h\v\xca(\x96\xe1C\xdf\x1c\xea\x85C\xfb\x10\x13\xfa\x03\x16\xcd\x17\xa2\x80\xa1z\xb4r\x95\xc3@\x9d\xa6\xf1\x92#}g\xd3`\xf7\xcez\xcb\xb3\x1a\xbb\xc48e\x8e\xb1&\xd1\x8a\xe6!\x7f\x8d\xea,qx\xa28\xbf\"\xc7e\x06L\xb06\xeb<$\xd7\xba\xe5\x01\x03\x94r\xab\xd4J\x03s\xaf\xf6A\xbfV\xfa\x1ew\x8d\xbf\x99I\x97\xd8\xd2\xe8\x11\xc4\x04\x00\x84\xd5i\xee\xaf\xae[E\x1f\xdd\xd7#rT+\xb621p\xaf[\x99\" 1\xeb\xc7)\xd2\x1dh\xf2\xd5s\xfd?\fa>\x9f;\xe5r\xe5\xbd\xb0|=\x8eZcPY\xf8\xbd\x13\xaa\x8b\xdf\xbc\x93u\xd5\xb0r\xfb\xde\xe7\xd9k\xe2\xc6\x1b\xf2o@&>\xf2M\xe7\x8c\xeb\xee\xf5\x02~\x85\x14\xf3\xc6v\xf15PE\x8c\xca\x16$\xc2\x01#\xb563\rbq\xbf64\xfaW\x17\xdfa\xe6\xca\x86\xd7\xf8\x81X\x9bg4\xc1\xdam\xcf=Rq6\xb0\xd4D=I\x1a\x0e\xd0\xabz\xe2\x19\x0fM\xad\xdco\xa4\xb2\x8c?\xc1\x10\xf273\xd00\xb3_\xe8\x9a*\xfcL\xea;\xc0\x9a\xdbx!N;\xb5x\t\xa4E\xbe\x93r\x04\xf5\xf0\xf5\x7f\x9a)\xf5\x1b\"\xa1\xd8\x06>\xc9\xe2r\xe9_\xfe\xc0\b\x81\x98\x1c\xe2\xe0?\x8f\xa1\xbel\aN\x83@\xb1\x03)4A\x83\xd6\xcf\xf6\xb5\x82\xb7\x9dA\b$\xa2x\x8a@\xfaj~\xef\x93\xb1/L\x01\xe2\xba|\xf0\x01)PP\xcdl\x06\xfc\x15;qZ\xb1u\xc9\xd0\xd16~JEGm\xe4\x1e@\x9dG\xe4@\xdf\xba\'\x8b\x1cD\xc7\xec\xd1@}tR\xd9P\xf4N\xe3\xd8x\xa0\x91\x17\xc2}\x13\b\xca\t(Z\xa3_\xa1\x90\x15T\x93\xe7%\x98\xa7\xfb\x8bp/eq\x93\xbf\x1f =|\xf3\xb1\xfcR\xd8\nM,\xcb%@\'\x15\x88\xd8\xad\f\x91|\x95\x8fq+\x98\x81W\xba\x9f\xe0elOt\xbd\by\r\x87\x1c\xba\xbd\x8e+S>\xb8\xe29\x91h^x\xfb`\x00\xdd/\xa6\xb1\x16=\xa1bw\xc5I\xb1\x00'/549, 0x0)
fallocate(r0, 0x0, 0x0, 0x9)
ioctl$FS_IOC_RESVSP(r0, 0x40305829, &(0x7f0000000280)={0x0, 0x2, 0x0, 0x8800000})

[  187.852577] Bluetooth: hci4: command 0x0406 tx timeout
11:17:20 executing program 6:
r0 = memfd_create(&(0x7f0000000000)='B\xdb/\x89\x03l\xdeb\xcb\xb54\xed\xbeLY\xb5Z\xe1\x12S\xf5G\xcc\xf3\xe9\x02h\v\xca(\x96\xe1C\xdf\x1c\xea\x85C\xfb\x10\x13\xfa\x03\x16\xcd\x17\xa2\x80\xa1z\xb4r\x95\xc3@\x9d\xa6\xf1\x92#}g\xd3`\xf7\xcez\xcb\xb3\x1a\xbb\xc48e\x8e\xb1&\xd1\x8a\xe6!\x7f\x8d\xea,qx\xa28\xbf\"\xc7e\x06L\xb06\xeb<$\xd7\xba\xe5\x01\x03\x94r\xab\xd4J\x03s\xaf\xf6A\xbfV\xfa\x1ew\x8d\xbf\x99I\x97\xd8\xd2\xe8\x11\xc4\x04\x00\x84\xd5i\xee\xaf\xae[E\x1f\xdd\xd7#rT+\xb621p\xaf[\x99\" 1\xeb\xc7)\xd2\x1dh\xf2\xd5s\xfd?\fa>\x9f;\xe5r\xe5\xbd\xb0|=\x8eZcPY\xf8\xbd\x13\xaa\x8b\xdf\xbc\x93u\xd5\xb0r\xfb\xde\xe7\xd9k\xe2\xc6\x1b\xf2o@&>\xf2M\xe7\x8c\xeb\xee\xf5\x02~\x85\x14\xf3\xc6v\xf15PE\x8c\xca\x16$\xc2\x01#\xb563\rbq\xbf64\xfaW\x17\xdfa\xe6\xca\x86\xd7\xf8\x81X\x9bg4\xc1\xdam\xcf=Rq6\xb0\xd4D=I\x1a\x0e\xd0\xabz\xe2\x19\x0fM\xad\xdco\xa4\xb2\x8c?\xc1\x10\xf273\xd00\xb3_\xe8\x9a*\xfcL\xea;\xc0\x9a\xdbx!N;\xb5x\t\xa4E\xbe\x93r\x04\xf5\xf0\xf5\x7f\x9a)\xf5\x1b\"\xa1\xd8\x06>\xc9\xe2r\xe9_\xfe\xc0\b\x81\x98\x1c\xe2\xe0?\x8f\xa1\xbel\aN\x83@\xb1\x03)4A\x83\xd6\xcf\xf6\xb5\x82\xb7\x9dA\b$\xa2x\x8a@\xfaj~\xef\x93\xb1/L\x01\xe2\xba|\xf0\x01)PP\xcdl\x06\xfc\x15;qZ\xb1u\xc9\xd0\xd16~JEGm\xe4\x1e@\x9dG\xe4@\xdf\xba\'\x8b\x1cD\xc7\xec\xd1@}tR\xd9P\xf4N\xe3\xd8x\xa0\x91\x17\xc2}\x13\b\xca\t(Z\xa3_\xa1\x90\x15T\x93\xe7%\x98\xa7\xfb\x8bp/eq\x93\xbf\x1f =|\xf3\xb1\xfcR\xd8\nM,\xcb%@\'\x15\x88\xd8\xad\f\x91|\x95\x8fq+\x98\x81W\xba\x9f\xe0elOt\xbd\by\r\x87\x1c\xba\xbd\x8e+S>\xb8\xe29\x91h^x\xfb`\x00\xdd/\xa6\xb1\x16=\xa1bw\xc5I\xb1\x00'/549, 0x0)
fallocate(r0, 0x0, 0x0, 0x9)
ioctl$FS_IOC_RESVSP(r0, 0x40305829, &(0x7f0000000280)={0x0, 0x2, 0x0, 0x8800000})

11:17:20 executing program 1:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
sendmmsg$inet6(r0, &(0x7f0000000d40)=[{{&(0x7f0000000000)={0xa, 0x4e22, 0x0, @loopback}, 0x1c, 0x0}}], 0x1, 0x8085)
close(r0)

11:17:20 executing program 2:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
syz_emit_ethernet(0x3e, &(0x7f0000000000)={@multicast, @local, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x30, 0x0, 0x0, 0x0, 0x1, 0x0, @rand_addr, @multicast1}, @source_quench={0x4, 0x0, 0x0, 0x0, {0x5, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @loopback, @local}}}}}}, 0x0)
setsockopt$inet_int(r0, 0x0, 0x8, &(0x7f0000000040)=0x4, 0x4)
recvfrom(r0, 0x0, 0x0, 0x0, 0x0, 0x0)

11:17:20 executing program 3:
r0 = memfd_create(&(0x7f0000000000)='B\xdb/\x89\x03l\xdeb\xcb\xb54\xed\xbeLY\xb5Z\xe1\x12S\xf5G\xcc\xf3\xe9\x02h\v\xca(\x96\xe1C\xdf\x1c\xea\x85C\xfb\x10\x13\xfa\x03\x16\xcd\x17\xa2\x80\xa1z\xb4r\x95\xc3@\x9d\xa6\xf1\x92#}g\xd3`\xf7\xcez\xcb\xb3\x1a\xbb\xc48e\x8e\xb1&\xd1\x8a\xe6!\x7f\x8d\xea,qx\xa28\xbf\"\xc7e\x06L\xb06\xeb<$\xd7\xba\xe5\x01\x03\x94r\xab\xd4J\x03s\xaf\xf6A\xbfV\xfa\x1ew\x8d\xbf\x99I\x97\xd8\xd2\xe8\x11\xc4\x04\x00\x84\xd5i\xee\xaf\xae[E\x1f\xdd\xd7#rT+\xb621p\xaf[\x99\" 1\xeb\xc7)\xd2\x1dh\xf2\xd5s\xfd?\fa>\x9f;\xe5r\xe5\xbd\xb0|=\x8eZcPY\xf8\xbd\x13\xaa\x8b\xdf\xbc\x93u\xd5\xb0r\xfb\xde\xe7\xd9k\xe2\xc6\x1b\xf2o@&>\xf2M\xe7\x8c\xeb\xee\xf5\x02~\x85\x14\xf3\xc6v\xf15PE\x8c\xca\x16$\xc2\x01#\xb563\rbq\xbf64\xfaW\x17\xdfa\xe6\xca\x86\xd7\xf8\x81X\x9bg4\xc1\xdam\xcf=Rq6\xb0\xd4D=I\x1a\x0e\xd0\xabz\xe2\x19\x0fM\xad\xdco\xa4\xb2\x8c?\xc1\x10\xf273\xd00\xb3_\xe8\x9a*\xfcL\xea;\xc0\x9a\xdbx!N;\xb5x\t\xa4E\xbe\x93r\x04\xf5\xf0\xf5\x7f\x9a)\xf5\x1b\"\xa1\xd8\x06>\xc9\xe2r\xe9_\xfe\xc0\b\x81\x98\x1c\xe2\xe0?\x8f\xa1\xbel\aN\x83@\xb1\x03)4A\x83\xd6\xcf\xf6\xb5\x82\xb7\x9dA\b$\xa2x\x8a@\xfaj~\xef\x93\xb1/L\x01\xe2\xba|\xf0\x01)PP\xcdl\x06\xfc\x15;qZ\xb1u\xc9\xd0\xd16~JEGm\xe4\x1e@\x9dG\xe4@\xdf\xba\'\x8b\x1cD\xc7\xec\xd1@}tR\xd9P\xf4N\xe3\xd8x\xa0\x91\x17\xc2}\x13\b\xca\t(Z\xa3_\xa1\x90\x15T\x93\xe7%\x98\xa7\xfb\x8bp/eq\x93\xbf\x1f =|\xf3\xb1\xfcR\xd8\nM,\xcb%@\'\x15\x88\xd8\xad\f\x91|\x95\x8fq+\x98\x81W\xba\x9f\xe0elOt\xbd\by\r\x87\x1c\xba\xbd\x8e+S>\xb8\xe29\x91h^x\xfb`\x00\xdd/\xa6\xb1\x16=\xa1bw\xc5I\xb1\x00'/549, 0x0)
fallocate(r0, 0x0, 0x0, 0x9)
ioctl$FS_IOC_RESVSP(r0, 0x40305829, &(0x7f0000000280)={0x0, 0x2, 0x0, 0x8800000})

11:17:20 executing program 4:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
syz_emit_ethernet(0x3e, &(0x7f0000000000)={@multicast, @local, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x30, 0x0, 0x0, 0x0, 0x1, 0x0, @rand_addr, @multicast1}, @source_quench={0x4, 0x0, 0x0, 0x0, {0x5, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @loopback, @local}}}}}}, 0x0)
setsockopt$inet_int(r0, 0x0, 0x8, &(0x7f0000000040)=0x4, 0x4)
recvfrom(r0, 0x0, 0x0, 0x0, 0x0, 0x0)

11:17:20 executing program 5:
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xb)
r0 = socket$inet_udp(0x2, 0x2, 0x0)
fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e20, @empty}, 0x10)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$sock_timeval(r1, 0x1, 0x49, &(0x7f0000000000)={0x77359400}, 0x10)

11:17:20 executing program 7:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
pwritev(r1, &(0x7f0000000080)=[{&(0x7f0000000140)='\x00', 0x1a}], 0x1, 0x7fffffc, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x121042, 0x21)
pwritev(r2, &(0x7f00000000c0)=[{0x0}, {&(0x7f0000000000)="dbf225f5a45686", 0x7}, {&(0x7f0000000240)}], 0x3, 0x8001, 0x0)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext={0xfffffffffffffffe}, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendfile(r0, r0, 0x0, 0x100000)

11:17:20 executing program 0:
r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f00000001c0), 0x1}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
perf_event_open(0x0, 0x0, 0x0, r0, 0x0)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x0, 0x8, 0x0, 0x0, 0x1}, 0x0, 0xfffbffffffffffff, 0xffffffffffffffff, 0xa)
fsopen(0x0, 0x1)
r1 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x9c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
perf_event_open(&(0x7f0000000100)={0x0, 0x80, 0x3f, 0x2, 0x9, 0x13, 0x0, 0x5, 0x62000, 0x5, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0xfffff0b3, 0x1, @perf_bp={&(0x7f0000000000), 0x6}, 0x4000, 0x321, 0x8c6c, 0x4, 0x1, 0x1, 0x1, 0x0, 0x3f, 0x0, 0x100}, 0x0, 0xc, r0, 0x0)
dup3(r2, r1, 0x0)

[  187.980778] Bluetooth: hci7: command 0x0406 tx timeout
11:17:20 executing program 1:
syz_mount_image$vfat(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
stat(&(0x7f0000000240)='./file0\x00', &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, <r0=>0x0})
setresuid(0x0, r0, 0x0)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
sendmmsg$inet6(r1, &(0x7f0000003a00)=[{{&(0x7f0000000000)={0xa, 0x4e21, 0x0, @ipv4={'\x00', '\xff\xff', @loopback}}, 0x1c, 0x0}}, {{&(0x7f0000000800)={0xa, 0x4e23, 0x0, @empty}, 0x1c, 0x0, 0x0, &(0x7f0000000c00)=[@dstopts_2292={{0x18}}], 0x18}}], 0x2, 0x0)

11:17:20 executing program 2:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
syz_emit_ethernet(0x3e, &(0x7f0000000000)={@multicast, @local, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x30, 0x0, 0x0, 0x0, 0x1, 0x0, @rand_addr, @multicast1}, @source_quench={0x4, 0x0, 0x0, 0x0, {0x5, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @loopback, @local}}}}}}, 0x0)
setsockopt$inet_int(r0, 0x0, 0x8, &(0x7f0000000040)=0x4, 0x4)
recvfrom(r0, 0x0, 0x0, 0x0, 0x0, 0x0)

11:17:20 executing program 4:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
syz_emit_ethernet(0x3e, &(0x7f0000000000)={@multicast, @local, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x30, 0x0, 0x0, 0x0, 0x1, 0x0, @rand_addr, @multicast1}, @source_quench={0x4, 0x0, 0x0, 0x0, {0x5, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @loopback, @local}}}}}}, 0x0)
setsockopt$inet_int(r0, 0x0, 0x8, &(0x7f0000000040)=0x4, 0x4)
recvfrom(r0, 0x0, 0x0, 0x0, 0x0, 0x0)

11:17:20 executing program 6:
r0 = memfd_create(&(0x7f0000000000)='B\xdb/\x89\x03l\xdeb\xcb\xb54\xed\xbeLY\xb5Z\xe1\x12S\xf5G\xcc\xf3\xe9\x02h\v\xca(\x96\xe1C\xdf\x1c\xea\x85C\xfb\x10\x13\xfa\x03\x16\xcd\x17\xa2\x80\xa1z\xb4r\x95\xc3@\x9d\xa6\xf1\x92#}g\xd3`\xf7\xcez\xcb\xb3\x1a\xbb\xc48e\x8e\xb1&\xd1\x8a\xe6!\x7f\x8d\xea,qx\xa28\xbf\"\xc7e\x06L\xb06\xeb<$\xd7\xba\xe5\x01\x03\x94r\xab\xd4J\x03s\xaf\xf6A\xbfV\xfa\x1ew\x8d\xbf\x99I\x97\xd8\xd2\xe8\x11\xc4\x04\x00\x84\xd5i\xee\xaf\xae[E\x1f\xdd\xd7#rT+\xb621p\xaf[\x99\" 1\xeb\xc7)\xd2\x1dh\xf2\xd5s\xfd?\fa>\x9f;\xe5r\xe5\xbd\xb0|=\x8eZcPY\xf8\xbd\x13\xaa\x8b\xdf\xbc\x93u\xd5\xb0r\xfb\xde\xe7\xd9k\xe2\xc6\x1b\xf2o@&>\xf2M\xe7\x8c\xeb\xee\xf5\x02~\x85\x14\xf3\xc6v\xf15PE\x8c\xca\x16$\xc2\x01#\xb563\rbq\xbf64\xfaW\x17\xdfa\xe6\xca\x86\xd7\xf8\x81X\x9bg4\xc1\xdam\xcf=Rq6\xb0\xd4D=I\x1a\x0e\xd0\xabz\xe2\x19\x0fM\xad\xdco\xa4\xb2\x8c?\xc1\x10\xf273\xd00\xb3_\xe8\x9a*\xfcL\xea;\xc0\x9a\xdbx!N;\xb5x\t\xa4E\xbe\x93r\x04\xf5\xf0\xf5\x7f\x9a)\xf5\x1b\"\xa1\xd8\x06>\xc9\xe2r\xe9_\xfe\xc0\b\x81\x98\x1c\xe2\xe0?\x8f\xa1\xbel\aN\x83@\xb1\x03)4A\x83\xd6\xcf\xf6\xb5\x82\xb7\x9dA\b$\xa2x\x8a@\xfaj~\xef\x93\xb1/L\x01\xe2\xba|\xf0\x01)PP\xcdl\x06\xfc\x15;qZ\xb1u\xc9\xd0\xd16~JEGm\xe4\x1e@\x9dG\xe4@\xdf\xba\'\x8b\x1cD\xc7\xec\xd1@}tR\xd9P\xf4N\xe3\xd8x\xa0\x91\x17\xc2}\x13\b\xca\t(Z\xa3_\xa1\x90\x15T\x93\xe7%\x98\xa7\xfb\x8bp/eq\x93\xbf\x1f =|\xf3\xb1\xfcR\xd8\nM,\xcb%@\'\x15\x88\xd8\xad\f\x91|\x95\x8fq+\x98\x81W\xba\x9f\xe0elOt\xbd\by\r\x87\x1c\xba\xbd\x8e+S>\xb8\xe29\x91h^x\xfb`\x00\xdd/\xa6\xb1\x16=\xa1bw\xc5I\xb1\x00'/549, 0x0)
fallocate(r0, 0x0, 0x0, 0x9)
ioctl$FS_IOC_RESVSP(r0, 0x40305829, &(0x7f0000000280)={0x0, 0x2, 0x0, 0x8800000})

11:17:21 executing program 3:
socket$inet_icmp_raw(0x2, 0x3, 0x1)
syz_emit_ethernet(0x3e, &(0x7f0000000000)={@multicast, @local, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x14, 0x0, 0x0, 0x0, 0x1, 0x0, @rand_addr, @multicast1}, @source_quench={0x4, 0x0, 0x0, 0x0, {0x5, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @loopback, @local}}}}}}, 0x0)

11:17:21 executing program 2:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
syz_emit_ethernet(0x3e, &(0x7f0000000000)={@multicast, @local, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x30, 0x0, 0x0, 0x0, 0x1, 0x0, @rand_addr, @multicast1}, @source_quench={0x4, 0x0, 0x0, 0x0, {0x5, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @loopback, @local}}}}}}, 0x0)
setsockopt$inet_int(r0, 0x0, 0x8, &(0x7f0000000040)=0x4, 0x4)
recvfrom(r0, 0x0, 0x0, 0x0, 0x0, 0x0)

11:17:21 executing program 1:
syz_mount_image$vfat(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
stat(&(0x7f0000000240)='./file0\x00', &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, <r0=>0x0})
setresuid(0x0, r0, 0x0)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
sendmmsg$inet6(r1, &(0x7f0000003a00)=[{{&(0x7f0000000000)={0xa, 0x4e21, 0x0, @ipv4={'\x00', '\xff\xff', @loopback}}, 0x1c, 0x0}}, {{&(0x7f0000000800)={0xa, 0x4e23, 0x0, @empty}, 0x1c, 0x0, 0x0, &(0x7f0000000c00)=[@dstopts_2292={{0x18}}], 0x18}}], 0x2, 0x0)

11:17:21 executing program 3:
socket$inet_icmp_raw(0x2, 0x3, 0x1)
syz_emit_ethernet(0x3e, &(0x7f0000000000)={@multicast, @local, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x14, 0x0, 0x0, 0x0, 0x1, 0x0, @rand_addr, @multicast1}, @source_quench={0x4, 0x0, 0x0, 0x0, {0x5, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @loopback, @local}}}}}}, 0x0)

11:17:21 executing program 0:
r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f00000001c0), 0x1}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
perf_event_open(0x0, 0x0, 0x0, r0, 0x0)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x0, 0x8, 0x0, 0x0, 0x1}, 0x0, 0xfffbffffffffffff, 0xffffffffffffffff, 0xa)
fsopen(0x0, 0x1)
r1 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x9c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
perf_event_open(&(0x7f0000000100)={0x0, 0x80, 0x3f, 0x2, 0x9, 0x13, 0x0, 0x5, 0x62000, 0x5, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0xfffff0b3, 0x1, @perf_bp={&(0x7f0000000000), 0x6}, 0x4000, 0x321, 0x8c6c, 0x4, 0x1, 0x1, 0x1, 0x0, 0x3f, 0x0, 0x100}, 0x0, 0xc, r0, 0x0)
dup3(r2, r1, 0x0)

11:17:21 executing program 1:
syz_mount_image$vfat(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
stat(&(0x7f0000000240)='./file0\x00', &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, <r0=>0x0})
setresuid(0x0, r0, 0x0)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
sendmmsg$inet6(r1, &(0x7f0000003a00)=[{{&(0x7f0000000000)={0xa, 0x4e21, 0x0, @ipv4={'\x00', '\xff\xff', @loopback}}, 0x1c, 0x0}}, {{&(0x7f0000000800)={0xa, 0x4e23, 0x0, @empty}, 0x1c, 0x0, 0x0, &(0x7f0000000c00)=[@dstopts_2292={{0x18}}], 0x18}}], 0x2, 0x0)

11:17:21 executing program 4:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
syz_emit_ethernet(0x3e, &(0x7f0000000000)={@multicast, @local, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x30, 0x0, 0x0, 0x0, 0x1, 0x0, @rand_addr, @multicast1}, @source_quench={0x4, 0x0, 0x0, 0x0, {0x5, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @loopback, @local}}}}}}, 0x0)
setsockopt$inet_int(r0, 0x0, 0x8, &(0x7f0000000040)=0x4, 0x4)
recvfrom(r0, 0x0, 0x0, 0x0, 0x0, 0x0)

11:17:21 executing program 3:
socket$inet_icmp_raw(0x2, 0x3, 0x1)
syz_emit_ethernet(0x3e, &(0x7f0000000000)={@multicast, @local, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x14, 0x0, 0x0, 0x0, 0x1, 0x0, @rand_addr, @multicast1}, @source_quench={0x4, 0x0, 0x0, 0x0, {0x5, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @loopback, @local}}}}}}, 0x0)

11:17:21 executing program 6:
r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f00000001c0), 0x1}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
perf_event_open(0x0, 0x0, 0x0, r0, 0x0)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x0, 0x8, 0x0, 0x0, 0x1}, 0x0, 0xfffbffffffffffff, 0xffffffffffffffff, 0xa)
fsopen(0x0, 0x1)
r1 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x9c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
perf_event_open(&(0x7f0000000100)={0x0, 0x80, 0x3f, 0x2, 0x9, 0x13, 0x0, 0x5, 0x62000, 0x5, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0xfffff0b3, 0x1, @perf_bp={&(0x7f0000000000), 0x6}, 0x4000, 0x321, 0x8c6c, 0x4, 0x1, 0x1, 0x1, 0x0, 0x3f, 0x0, 0x100}, 0x0, 0xc, r0, 0x0)
dup3(r2, r1, 0x0)

11:17:21 executing program 2:
ioctl$EXT4_IOC_CHECKPOINT(0xffffffffffffffff, 0x4004662b, &(0x7f0000000100))
mlock2(&(0x7f0000ff7000/0x4000)=nil, 0x4000, 0x0)
shmat(0xffffffffffffffff, &(0x7f0000fed000/0x13000)=nil, 0x0)
r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x6}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap$perf(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x10, 0xffffffffffffffff, 0x0)
shmctl$SHM_STAT(0xffffffffffffffff, 0xd, &(0x7f0000000380)=""/9)
read(r0, &(0x7f00000003c0)=""/4096, 0x1000)
shmat(0x0, &(0x7f0000ff6000/0x1000)=nil, 0x0)
ioctl$EXT4_IOC_CHECKPOINT(0xffffffffffffffff, 0x4004662b, &(0x7f0000000040))
shmat(0xffffffffffffffff, &(0x7f0000ff2000/0xe000)=nil, 0x5000)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000240), 0x5}, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x41, 0x0)
r2 = ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82)
shmctl$SHM_STAT(0x0, 0xd, &(0x7f0000000300)=""/69)
mbind(&(0x7f0000ffb000/0x2000)=nil, 0x2000, 0x0, &(0x7f0000000000)=0x35, 0x1000, 0x1)
ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2)

[  188.531206] audit: type=1400 audit(1667301441.425:9): avc:  denied  { read } for  pid=6359 comm="syz-executor.2" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1
[  188.939959] BUG: unable to handle page fault for address: ffffed100fffc000
[  188.940483] #PF: supervisor write access in kernel mode
[  188.940871] #PF: error_code(0x0002) - not-present page
[  188.941246] PGD 7ffd3067 P4D 7ffd3067 PUD 7ffd2067 PMD 7ffd1067 PTE 0
[  188.941718] Oops: 0002 [#1] PREEMPT SMP KASAN NOPTI
[  188.942081] CPU: 1 PID: 6360 Comm: syz-executor.2 Not tainted 6.1.0-rc3-next-20221101 #1
[  188.946136] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  188.946721] RIP: 0010:__memset+0x24/0x50
[  188.947039] Code: 90 90 90 90 90 90 0f 1f 44 00 00 49 89 f9 48 89 d1 83 e2 07 48 c1 e9 03 40 0f b6 f6 48 b8 01 01 01 01 01 01 01 01 48 0f af c6 <f3> 48 ab 89 d1 f3 aa 4c 89 c8 e9 0d d4 12 00 66 66 2e 0f 1f 84 00
[  188.948320] RSP: 0018:ffff88803f06fcc0 EFLAGS: 00010212
[  188.948668] RAX: 0000000000000000 RBX: ffff88800bfd10c0 RCX: 1ffffe21fe5ff826
[  188.949138] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffed100fffc000
[  188.949600] RBP: ffff88800bfef8c0 R08: 0000000000000005 R09: ffffed10017fa218
[  188.950064] R10: 0000000000000001 R11: 0000000000000001 R12: ffff88800bfef8c0
[  188.950527] R13: ffff88800bfd10c0 R14: ffffffff815f2620 R15: 1ffff1100112641f
[  188.950997] FS:  00007f8a39fa7700(0000) GS:ffff88806d100000(0000) knlGS:0000000000000000
[  188.951524] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  188.951935] CR2: ffffed100fffc000 CR3: 000000003d9ea000 CR4: 0000000000350ee0
[  188.952445] Call Trace:
[  188.952637]  <TASK>
[  188.952869]  kasan_unpoison+0x23/0x60
[  188.953258]  mempool_exit+0x1c2/0x330
[  188.953649]  bioset_exit+0x2c9/0x630
[  188.954041]  disk_release+0x143/0x490
[  188.954437]  ? disk_release+0x0/0x490
[  188.954826]  ? device_release+0x0/0x250
[  188.955226]  device_release+0xa2/0x250
[  188.955632]  ? device_release+0x0/0x250
[  188.956048]  kobject_put+0x173/0x280
[  188.956438]  put_device+0x1b/0x40
[  188.956793]  put_disk+0x41/0x60
[  188.957141]  loop_control_ioctl+0x4d1/0x630
[  188.957580]  ? loop_control_ioctl+0x0/0x630
[  188.958015]  ? selinux_file_ioctl+0xb1/0x270
[  188.958597]  ? loop_control_ioctl+0x0/0x630
[  188.959081]  __x64_sys_ioctl+0x19a/0x220
[  188.959482]  do_syscall_64+0x3b/0xa0
[  188.959871]  entry_SYSCALL_64_after_hwframe+0x72/0xdc
[  188.960378] RIP: 0033:0x7f8a3ca31b19
[  188.960711] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  188.961988] RSP: 002b:00007f8a39fa7188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  188.962523] RAX: ffffffffffffffda RBX: 00007f8a3cb44f60 RCX: 00007f8a3ca31b19
[  188.963032] RDX: 0000000000000000 RSI: 0000000000004c81 RDI: 0000000000000005
[  188.963542] RBP: 00007f8a3ca8bf6d R08: 0000000000000000 R09: 0000000000000000
[  188.964050] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  188.964556] R13: 00007fffb8fa757f R14: 00007f8a39fa7300 R15: 0000000000022000
[  188.965069]  </TASK>
[  188.965240] Modules linked in:
[  188.965474] CR2: ffffed100fffc000
[  188.965730] ---[ end trace 0000000000000000 ]---
[  188.966071] RIP: 0010:__memset+0x24/0x50
[  188.966386] Code: 90 90 90 90 90 90 0f 1f 44 00 00 49 89 f9 48 89 d1 83 e2 07 48 c1 e9 03 40 0f b6 f6 48 b8 01 01 01 01 01 01 01 01 48 0f af c6 <f3> 48 ab 89 d1 f3 aa 4c 89 c8 e9 0d d4 12 00 66 66 2e 0f 1f 84 00
[  188.967696] RSP: 0018:ffff88803f06fcc0 EFLAGS: 00010212
[  188.968076] RAX: 0000000000000000 RBX: ffff88800bfd10c0 RCX: 1ffffe21fe5ff826
[  188.968584] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffed100fffc000
[  188.969112] RBP: ffff88800bfef8c0 R08: 0000000000000005 R09: ffffed10017fa218
[  188.969639] R10: 0000000000000001 R11: 0000000000000001 R12: ffff88800bfef8c0
[  188.970157] R13: ffff88800bfd10c0 R14: ffffffff815f2620 R15: 1ffff1100112641f
[  188.970682] FS:  00007f8a39fa7700(0000) GS:ffff88806d100000(0000) knlGS:0000000000000000
[  188.971262] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  188.971674] CR2: ffffed100fffc000 CR3: 000000003d9ea000 CR4: 0000000000350ee0
11:17:22 executing program 2:
ioctl$EXT4_IOC_CHECKPOINT(0xffffffffffffffff, 0x4004662b, &(0x7f0000000100))
mlock2(&(0x7f0000ff7000/0x4000)=nil, 0x4000, 0x0)
shmat(0xffffffffffffffff, &(0x7f0000fed000/0x13000)=nil, 0x0)
r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x6}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap$perf(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x10, 0xffffffffffffffff, 0x0)
shmctl$SHM_STAT(0xffffffffffffffff, 0xd, &(0x7f0000000380)=""/9)
read(r0, &(0x7f00000003c0)=""/4096, 0x1000)
shmat(0x0, &(0x7f0000ff6000/0x1000)=nil, 0x0)
ioctl$EXT4_IOC_CHECKPOINT(0xffffffffffffffff, 0x4004662b, &(0x7f0000000040))
shmat(0xffffffffffffffff, &(0x7f0000ff2000/0xe000)=nil, 0x5000)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000240), 0x5}, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x41, 0x0)
r2 = ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82)
shmctl$SHM_STAT(0x0, 0xd, &(0x7f0000000300)=""/69)
mbind(&(0x7f0000ffb000/0x2000)=nil, 0x2000, 0x0, &(0x7f0000000000)=0x35, 0x1000, 0x1)
ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2)

11:17:22 executing program 3:
socket$inet_icmp_raw(0x2, 0x3, 0x1)
syz_emit_ethernet(0x3e, &(0x7f0000000000)={@multicast, @local, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x14, 0x0, 0x0, 0x0, 0x1, 0x0, @rand_addr, @multicast1}, @source_quench={0x4, 0x0, 0x0, 0x0, {0x5, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @loopback, @local}}}}}}, 0x0)

11:17:22 executing program 4:
syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
pipe2$9p(&(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
openat$sysfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
clone3(&(0x7f0000000640)={0x123363500, &(0x7f00000000c0), 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000500)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@privport}]}})
stat(0x0, &(0x7f0000000280))
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(0xffffffffffffffff, 0xc0189372, 0x0)
syz_io_uring_setup(0x0, 0x0, &(0x7f00000a0000)=nil, &(0x7f0000ffb000/0x3000)=nil, 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0))
dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)

11:17:22 executing program 0:
r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f00000001c0), 0x1}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
perf_event_open(0x0, 0x0, 0x0, r0, 0x0)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x0, 0x8, 0x0, 0x0, 0x1}, 0x0, 0xfffbffffffffffff, 0xffffffffffffffff, 0xa)
fsopen(0x0, 0x1)
r1 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x9c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
perf_event_open(&(0x7f0000000100)={0x0, 0x80, 0x3f, 0x2, 0x9, 0x13, 0x0, 0x5, 0x62000, 0x5, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0xfffff0b3, 0x1, @perf_bp={&(0x7f0000000000), 0x6}, 0x4000, 0x321, 0x8c6c, 0x4, 0x1, 0x1, 0x1, 0x0, 0x3f, 0x0, 0x100}, 0x0, 0xc, r0, 0x0)
dup3(r2, r1, 0x0)

11:17:22 executing program 6:
r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f00000001c0), 0x1}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
perf_event_open(0x0, 0x0, 0x0, r0, 0x0)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x0, 0x8, 0x0, 0x0, 0x1}, 0x0, 0xfffbffffffffffff, 0xffffffffffffffff, 0xa)
fsopen(0x0, 0x1)
r1 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x9c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
perf_event_open(&(0x7f0000000100)={0x0, 0x80, 0x3f, 0x2, 0x9, 0x13, 0x0, 0x5, 0x62000, 0x5, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0xfffff0b3, 0x1, @perf_bp={&(0x7f0000000000), 0x6}, 0x4000, 0x321, 0x8c6c, 0x4, 0x1, 0x1, 0x1, 0x0, 0x3f, 0x0, 0x100}, 0x0, 0xc, r0, 0x0)
dup3(r2, r1, 0x0)

11:17:22 executing program 5:
r0 = add_key$keyring(&(0x7f0000000100), &(0x7f0000000140)={'syz', 0x0}, 0x0, 0x0, 0xfffffffffffffffc)
r1 = add_key$fscrypt_v1(&(0x7f0000000340), &(0x7f0000000380)={'fscrypt:', @desc3}, &(0x7f00000003c0)={0x0, "2948cbca86d43f82f7e6188a6c6334c5cd44f59c20674adf2c5687c047044abfa56f39e13646620ed47b75b46ca50395a6ee465719bd824052e69c10a768bfed"}, 0x48, r0)
keyctl$unlink(0x9, r1, r0)

11:17:22 executing program 1:
syz_mount_image$vfat(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
stat(&(0x7f0000000240)='./file0\x00', &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, <r0=>0x0})
setresuid(0x0, r0, 0x0)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
sendmmsg$inet6(r1, &(0x7f0000003a00)=[{{&(0x7f0000000000)={0xa, 0x4e21, 0x0, @ipv4={'\x00', '\xff\xff', @loopback}}, 0x1c, 0x0}}, {{&(0x7f0000000800)={0xa, 0x4e23, 0x0, @empty}, 0x1c, 0x0, 0x0, &(0x7f0000000c00)=[@dstopts_2292={{0x18}}], 0x18}}], 0x2, 0x0)

11:17:22 executing program 7:
ioctl$EXT4_IOC_CHECKPOINT(0xffffffffffffffff, 0x4004662b, &(0x7f0000000100))
mlock2(&(0x7f0000ff7000/0x4000)=nil, 0x4000, 0x0)
shmat(0xffffffffffffffff, &(0x7f0000fed000/0x13000)=nil, 0x0)
r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x6}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap$perf(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x10, 0xffffffffffffffff, 0x0)
shmctl$SHM_STAT(0xffffffffffffffff, 0xd, &(0x7f0000000380)=""/9)
read(r0, &(0x7f00000003c0)=""/4096, 0x1000)
shmat(0x0, &(0x7f0000ff6000/0x1000)=nil, 0x0)
ioctl$EXT4_IOC_CHECKPOINT(0xffffffffffffffff, 0x4004662b, &(0x7f0000000040))
shmat(0xffffffffffffffff, &(0x7f0000ff2000/0xe000)=nil, 0x5000)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000240), 0x5}, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x41, 0x0)
r2 = ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82)
shmctl$SHM_STAT(0x0, 0xd, &(0x7f0000000300)=""/69)
mbind(&(0x7f0000ffb000/0x2000)=nil, 0x2000, 0x0, &(0x7f0000000000)=0x35, 0x1000, 0x1)
ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2)

[  189.583857] BUG: unable to handle page fault for address: ffffed100fffc000
[  189.584435] #PF: supervisor write access in kernel mode
[  189.584843] #PF: error_code(0x0002) - not-present page
[  189.585232] PGD 7ffd3067 P4D 7ffd3067 PUD 7ffd2067 PMD 7ffd1067 PTE 0
[  189.585746] Oops: 0002 [#2] PREEMPT SMP KASAN NOPTI
[  189.586123] CPU: 1 PID: 6385 Comm: syz-executor.2 Tainted: G      D            6.1.0-rc3-next-20221101 #1
[  189.586818] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  189.587409] RIP: 0010:__memset+0x24/0x50
[  189.587765] Code: 90 90 90 90 90 90 0f 1f 44 00 00 49 89 f9 48 89 d1 83 e2 07 48 c1 e9 03 40 0f b6 f6 48 b8 01 01 01 01 01 01 01 01 48 0f af c6 <f3> 48 ab 89 d1 f3 aa 4c 89 c8 e9 0d d4 12 00 66 66 2e 0f 1f 84 00
[  189.589136] RSP: 0018:ffff8880404e7cc0 EFLAGS: 00010212
[  189.589540] RAX: 0000000000000000 RBX: ffff88800bfd1240 RCX: 1ffffe21fe5ff82c
[  189.590066] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffed100fffc000
[  189.590616] RBP: ffff88800bfef8c0 R08: 0000000000000005 R09: ffffed10017fa248
[  189.591166] R10: 0000000000000001 R11: 0000000000000001 R12: ffff88800bfef8c0
[  189.591700] R13: ffff88800bfd1240 R14: ffffffff815f2620 R15: 1ffff1100112601f
[  189.592282] FS:  00007f8a39fa7700(0000) GS:ffff88806d100000(0000) knlGS:0000000000000000
[  189.592912] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  189.593363] CR2: ffffed100fffc000 CR3: 000000003d8b2000 CR4: 0000000000350ee0
[  189.593898] Call Trace:
[  189.594109]  <TASK>
[  189.594289]  kasan_unpoison+0x23/0x60
[  189.594608]  mempool_exit+0x1c2/0x330
[  189.594935]  bioset_exit+0x2c9/0x630
[  189.595262]  disk_release+0x143/0x490
[  189.595549]  ? disk_release+0x0/0x490
[  189.595888]  ? device_release+0x0/0x250
[  189.596186]  device_release+0xa2/0x250
[  189.596472]  ? device_release+0x0/0x250
[  189.596762]  kobject_put+0x173/0x280
[  189.597043]  put_device+0x1b/0x40
[  189.597306]  put_disk+0x41/0x60
[  189.597554]  loop_control_ioctl+0x4d1/0x630
[  189.597880]  ? loop_control_ioctl+0x0/0x630
[  189.598196]  ? selinux_file_ioctl+0xb1/0x270
[  189.598530]  ? loop_control_ioctl+0x0/0x630
[  189.598853]  __x64_sys_ioctl+0x19a/0x220
[  189.599170]  do_syscall_64+0x3b/0xa0
[  189.599455]  entry_SYSCALL_64_after_hwframe+0x72/0xdc
[  189.599842] RIP: 0033:0x7f8a3ca31b19
[  189.600125] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  189.601431] RSP: 002b:00007f8a39fa7188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  189.601970] RAX: ffffffffffffffda RBX: 00007f8a3cb44f60 RCX: 00007f8a3ca31b19
[  189.602478] RDX: 0000000000000001 RSI: 0000000000004c81 RDI: 0000000000000005
[  189.602991] RBP: 00007f8a3ca8bf6d R08: 0000000000000000 R09: 0000000000000000
[  189.603503] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  189.604025] R13: 00007fffb8fa757f R14: 00007f8a39fa7300 R15: 0000000000022000
[  189.604546]  </TASK>
[  189.604720] Modules linked in:
[  189.604960] CR2: ffffed100fffc000
[  189.605217] ---[ end trace 0000000000000000 ]---
[  189.605566] RIP: 0010:__memset+0x24/0x50
[  189.605884] Code: 90 90 90 90 90 90 0f 1f 44 00 00 49 89 f9 48 89 d1 83 e2 07 48 c1 e9 03 40 0f b6 f6 48 b8 01 01 01 01 01 01 01 01 48 0f af c6 <f3> 48 ab 89 d1 f3 aa 4c 89 c8 e9 0d d4 12 00 66 66 2e 0f 1f 84 00
[  189.607195] RSP: 0018:ffff88803f06fcc0 EFLAGS: 00010212
[  189.607588] RAX: 0000000000000000 RBX: ffff88800bfd10c0 RCX: 1ffffe21fe5ff826
[  189.608122] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffed100fffc000
[  189.608637] RBP: ffff88800bfef8c0 R08: 0000000000000005 R09: ffffed10017fa218
[  189.609153] R10: 0000000000000001 R11: 0000000000000001 R12: ffff88800bfef8c0
[  189.609671] R13: ffff88800bfd10c0 R14: ffffffff815f2620 R15: 1ffff1100112641f
[  189.610203] FS:  00007f8a39fa7700(0000) GS:ffff88806d100000(0000) knlGS:0000000000000000
[  189.610782] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  189.611212] CR2: ffffed100fffc000 CR3: 000000003d8b2000 CR4: 0000000000350ee0
11:17:22 executing program 5:
r0 = add_key$keyring(&(0x7f0000000100), &(0x7f0000000140)={'syz', 0x0}, 0x0, 0x0, 0xfffffffffffffffc)
r1 = add_key$fscrypt_v1(&(0x7f0000000340), &(0x7f0000000380)={'fscrypt:', @desc3}, &(0x7f00000003c0)={0x0, "2948cbca86d43f82f7e6188a6c6334c5cd44f59c20674adf2c5687c047044abfa56f39e13646620ed47b75b46ca50395a6ee465719bd824052e69c10a768bfed"}, 0x48, r0)
keyctl$unlink(0x9, r1, r0)

11:17:22 executing program 3:
ioctl$EXT4_IOC_CHECKPOINT(0xffffffffffffffff, 0x4004662b, &(0x7f0000000100))
mlock2(&(0x7f0000ff7000/0x4000)=nil, 0x4000, 0x0)
shmat(0xffffffffffffffff, &(0x7f0000fed000/0x13000)=nil, 0x0)
r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x6}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap$perf(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x10, 0xffffffffffffffff, 0x0)
shmctl$SHM_STAT(0xffffffffffffffff, 0xd, &(0x7f0000000380)=""/9)
read(r0, &(0x7f00000003c0)=""/4096, 0x1000)
shmat(0x0, &(0x7f0000ff6000/0x1000)=nil, 0x0)
ioctl$EXT4_IOC_CHECKPOINT(0xffffffffffffffff, 0x4004662b, &(0x7f0000000040))
shmat(0xffffffffffffffff, &(0x7f0000ff2000/0xe000)=nil, 0x5000)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000240), 0x5}, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x41, 0x0)
r2 = ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82)
shmctl$SHM_STAT(0x0, 0xd, &(0x7f0000000300)=""/69)
mbind(&(0x7f0000ffb000/0x2000)=nil, 0x2000, 0x0, &(0x7f0000000000)=0x35, 0x1000, 0x1)
ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2)

11:17:22 executing program 6:
r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f00000001c0), 0x1}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
perf_event_open(0x0, 0x0, 0x0, r0, 0x0)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x0, 0x8, 0x0, 0x0, 0x1}, 0x0, 0xfffbffffffffffff, 0xffffffffffffffff, 0xa)
fsopen(0x0, 0x1)
r1 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x9c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
perf_event_open(&(0x7f0000000100)={0x0, 0x80, 0x3f, 0x2, 0x9, 0x13, 0x0, 0x5, 0x62000, 0x5, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0xfffff0b3, 0x1, @perf_bp={&(0x7f0000000000), 0x6}, 0x4000, 0x321, 0x8c6c, 0x4, 0x1, 0x1, 0x1, 0x0, 0x3f, 0x0, 0x100}, 0x0, 0xc, r0, 0x0)
dup3(r2, r1, 0x0)

11:17:22 executing program 1:
ioctl$EXT4_IOC_CHECKPOINT(0xffffffffffffffff, 0x4004662b, &(0x7f0000000100))
mlock2(&(0x7f0000ff7000/0x4000)=nil, 0x4000, 0x0)
shmat(0xffffffffffffffff, &(0x7f0000fed000/0x13000)=nil, 0x0)
r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x6}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap$perf(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x10, 0xffffffffffffffff, 0x0)
shmctl$SHM_STAT(0xffffffffffffffff, 0xd, &(0x7f0000000380)=""/9)
read(r0, &(0x7f00000003c0)=""/4096, 0x1000)
shmat(0x0, &(0x7f0000ff6000/0x1000)=nil, 0x0)
ioctl$EXT4_IOC_CHECKPOINT(0xffffffffffffffff, 0x4004662b, &(0x7f0000000040))
shmat(0xffffffffffffffff, &(0x7f0000ff2000/0xe000)=nil, 0x5000)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000240), 0x5}, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x41, 0x0)
r2 = ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82)
shmctl$SHM_STAT(0x0, 0xd, &(0x7f0000000300)=""/69)
mbind(&(0x7f0000ffb000/0x2000)=nil, 0x2000, 0x0, &(0x7f0000000000)=0x35, 0x1000, 0x1)
ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2)

[  189.763473] BUG: unable to handle page fault for address: ffffed100fffc000
[  189.764036] #PF: supervisor write access in kernel mode
[  189.764386] #PF: error_code(0x0002) - not-present page
[  189.764735] PGD 7ffd3067 P4D 7ffd3067 PUD 7ffd2067 PMD 7ffd1067 PTE 0
[  189.765189] Oops: 0002 [#3] PREEMPT SMP KASAN NOPTI
[  189.765530] CPU: 1 PID: 6397 Comm: syz-executor.3 Tainted: G      D            6.1.0-rc3-next-20221101 #1
[  189.766155] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  189.766709] RIP: 0010:__memset+0x24/0x50
[  189.767004] Code: 90 90 90 90 90 90 0f 1f 44 00 00 49 89 f9 48 89 d1 83 e2 07 48 c1 e9 03 40 0f b6 f6 48 b8 01 01 01 01 01 01 01 01 48 0f af c6 <f3> 48 ab 89 d1 f3 aa 4c 89 c8 e9 0d d4 12 00 66 66 2e 0f 1f 84 00
[  189.768202] RSP: 0018:ffff888040677cc0 EFLAGS: 00010212
[  189.768559] RAX: 0000000000000000 RBX: ffff88800bfd1540 RCX: 1ffffe21fe5ff838
[  189.769030] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffed100fffc000
[  189.769504] RBP: ffff88800bfef8c0 R08: 0000000000000005 R09: ffffed10017fa2a8
[  189.769980] R10: 0000000000000001 R11: 0000000000000001 R12: ffff88800bfef8c0
[  189.770451] R13: ffff88800bfd1540 R14: ffffffff815f2620 R15: 1ffff110011aae1f
[  189.770927] FS:  00007f99cc874700(0000) GS:ffff88806d100000(0000) knlGS:0000000000000000
[  189.771455] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  189.771870] CR2: ffffed100fffc000 CR3: 000000003f474000 CR4: 0000000000350ee0
[  189.772353] Call Trace:
[  189.772544]  <TASK>
[  189.772714]  kasan_unpoison+0x23/0x60
[  189.773000]  mempool_exit+0x1c2/0x330
[  189.773284]  bioset_exit+0x2c9/0x630
[  189.773576]  disk_release+0x143/0x490
[  189.773866]  ? disk_release+0x0/0x490
[  189.774155]  ? device_release+0x0/0x250
[  189.774453]  device_release+0xa2/0x250
[  189.774744]  ? device_release+0x0/0x250
[  189.775039]  kobject_put+0x173/0x280
[  189.775325]  put_device+0x1b/0x40
[  189.775587]  put_disk+0x41/0x60
[  189.775850]  loop_control_ioctl+0x4d1/0x630
[  189.776181]  ? loop_control_ioctl+0x0/0x630
[  189.776507]  ? selinux_file_ioctl+0xb1/0x270
[  189.776831]  ? loop_control_ioctl+0x0/0x630
[  189.777141]  __x64_sys_ioctl+0x19a/0x220
[  189.777447]  do_syscall_64+0x3b/0xa0
[  189.777729]  entry_SYSCALL_64_after_hwframe+0x72/0xdc
[  189.778111] RIP: 0033:0x7f99cf2feb19
[  189.778391] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  189.779713] RSP: 002b:00007f99cc874188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  189.780285] RAX: ffffffffffffffda RBX: 00007f99cf411f60 RCX: 00007f99cf2feb19
[  189.780809] RDX: 0000000000000003 RSI: 0000000000004c81 RDI: 0000000000000005
[  189.781328] RBP: 00007f99cf358f6d R08: 0000000000000000 R09: 0000000000000000
[  189.781848] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  189.782372] R13: 00007ffe04fa04df R14: 00007f99cc874300 R15: 0000000000022000
[  189.782903]  </TASK>
[  189.783075] Modules linked in:
[  189.783313] CR2: ffffed100fffc000
[  189.783559] ---[ end trace 0000000000000000 ]---
[  189.783904] RIP: 0010:__memset+0x24/0x50
[  189.784220] Code: 90 90 90 90 90 90 0f 1f 44 00 00 49 89 f9 48 89 d1 83 e2 07 48 c1 e9 03 40 0f b6 f6 48 b8 01 01 01 01 01 01 01 01 48 0f af c6 <f3> 48 ab 89 d1 f3 aa 4c 89 c8 e9 0d d4 12 00 66 66 2e 0f 1f 84 00
[  189.785538] RSP: 0018:ffff88803f06fcc0 EFLAGS: 00010212
[  189.785924] RAX: 0000000000000000 RBX: ffff88800bfd10c0 RCX: 1ffffe21fe5ff826
[  189.786443] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffed100fffc000
[  189.786967] RBP: ffff88800bfef8c0 R08: 0000000000000005 R09: ffffed10017fa218
[  189.787489] R10: 0000000000000001 R11: 0000000000000001 R12: ffff88800bfef8c0
[  189.788010] R13: ffff88800bfd10c0 R14: ffffffff815f2620 R15: 1ffff1100112641f
[  189.788535] FS:  00007f99cc874700(0000) GS:ffff88806d100000(0000) knlGS:0000000000000000
[  189.789114] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  189.789524] CR2: ffffed100fffc000 CR3: 000000003f474000 CR4: 0000000000350ee0
11:17:22 executing program 5:
r0 = add_key$keyring(&(0x7f0000000100), &(0x7f0000000140)={'syz', 0x0}, 0x0, 0x0, 0xfffffffffffffffc)
r1 = add_key$fscrypt_v1(&(0x7f0000000340), &(0x7f0000000380)={'fscrypt:', @desc3}, &(0x7f00000003c0)={0x0, "2948cbca86d43f82f7e6188a6c6334c5cd44f59c20674adf2c5687c047044abfa56f39e13646620ed47b75b46ca50395a6ee465719bd824052e69c10a768bfed"}, 0x48, r0)
keyctl$unlink(0x9, r1, r0)

11:17:22 executing program 4:
syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
pipe2$9p(&(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
openat$sysfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
clone3(&(0x7f0000000640)={0x123363500, &(0x7f00000000c0), 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000500)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@privport}]}})
stat(0x0, &(0x7f0000000280))
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(0xffffffffffffffff, 0xc0189372, 0x0)
syz_io_uring_setup(0x0, 0x0, &(0x7f00000a0000)=nil, &(0x7f0000ffb000/0x3000)=nil, 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0))
dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)

11:17:22 executing program 0:
r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f00000001c0), 0x1}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
perf_event_open(0x0, 0x0, 0x0, r0, 0x0)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x0, 0x8, 0x0, 0x0, 0x1}, 0x0, 0xfffbffffffffffff, 0xffffffffffffffff, 0xa)
fsopen(0x0, 0x1)
r1 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x9c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
perf_event_open(&(0x7f0000000100)={0x0, 0x80, 0x3f, 0x2, 0x9, 0x13, 0x0, 0x5, 0x62000, 0x5, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0xfffff0b3, 0x1, @perf_bp={&(0x7f0000000000), 0x6}, 0x4000, 0x321, 0x8c6c, 0x4, 0x1, 0x1, 0x1, 0x0, 0x3f, 0x0, 0x100}, 0x0, 0xc, r0, 0x0)
dup3(r2, r1, 0x0)

11:17:22 executing program 5:
r0 = add_key$keyring(&(0x7f0000000100), &(0x7f0000000140)={'syz', 0x0}, 0x0, 0x0, 0xfffffffffffffffc)
r1 = add_key$fscrypt_v1(&(0x7f0000000340), &(0x7f0000000380)={'fscrypt:', @desc3}, &(0x7f00000003c0)={0x0, "2948cbca86d43f82f7e6188a6c6334c5cd44f59c20674adf2c5687c047044abfa56f39e13646620ed47b75b46ca50395a6ee465719bd824052e69c10a768bfed"}, 0x48, r0)
keyctl$unlink(0x9, r1, r0)

[  189.956804] BUG: unable to handle page fault for address: ffffed100fffc000
[  189.957339] #PF: supervisor write access in kernel mode
[  189.957698] #PF: error_code(0x0002) - not-present page
[  189.958044] PGD 7ffd3067 P4D 7ffd3067 PUD 7ffd2067 PMD 7ffd1067 PTE 0
[  189.958491] Oops: 0002 [#4] PREEMPT SMP KASAN NOPTI
[  189.958825] CPU: 1 PID: 6407 Comm: syz-executor.1 Tainted: G      D            6.1.0-rc3-next-20221101 #1
[  189.959443] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  189.959994] RIP: 0010:__memset+0x24/0x50
[  189.960287] Code: 90 90 90 90 90 90 0f 1f 44 00 00 49 89 f9 48 89 d1 83 e2 07 48 c1 e9 03 40 0f b6 f6 48 b8 01 01 01 01 01 01 01 01 48 0f af c6 <f3> 48 ab 89 d1 f3 aa 4c 89 c8 e9 0d d4 12 00 66 66 2e 0f 1f 84 00
[  189.961481] RSP: 0018:ffff8880405c7cc0 EFLAGS: 00010212
[  189.961860] RAX: 0000000000000000 RBX: ffff88800bfd16c0 RCX: 1ffffe21fe5ff83e
[  189.962336] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffed100fffc000
[  189.962823] RBP: ffff88800bfef8c0 R08: 0000000000000005 R09: ffffed10017fa2d8
[  189.963299] R10: 0000000000000001 R11: 0000000000000001 R12: ffff88800bfef8c0
[  189.963820] R13: ffff88800bfd16c0 R14: ffffffff815f2620 R15: 1ffff1100119ba1f
[  189.964342] FS:  00007f3a07d66700(0000) GS:ffff88806d100000(0000) knlGS:0000000000000000
[  189.964937] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  189.965370] CR2: ffffed100fffc000 CR3: 000000001fefa000 CR4: 0000000000350ee0
[  189.965894] Call Trace:
[  189.966090]  <TASK>
[  189.966270]  kasan_unpoison+0x23/0x60
[  189.966572]  mempool_exit+0x1c2/0x330
[  189.966871]  bioset_exit+0x2c9/0x630
[  189.967162]  disk_release+0x143/0x490
[  189.967454]  ? disk_release+0x0/0x490
[  189.967739]  ? device_release+0x0/0x250
[  189.968064]  device_release+0xa2/0x250
[  189.968346]  ? device_release+0x0/0x250
[  189.968618]  kobject_put+0x173/0x280
[  189.968875]  put_device+0x1b/0x40
[  189.969116]  put_disk+0x41/0x60
[  189.969356]  loop_control_ioctl+0x4d1/0x630
[  189.969654]  ? loop_control_ioctl+0x0/0x630
[  189.969945]  ? selinux_file_ioctl+0xb1/0x270
[  189.970248]  ? loop_control_ioctl+0x0/0x630
[  189.970543]  __x64_sys_ioctl+0x19a/0x220
[  189.970830]  do_syscall_64+0x3b/0xa0
[  189.971103]  entry_SYSCALL_64_after_hwframe+0x72/0xdc
[  189.971460] RIP: 0033:0x7f3a0a811b19
[  189.971712] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  189.972903] RSP: 002b:00007f3a07d66188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  189.973401] RAX: ffffffffffffffda RBX: 00007f3a0a925020 RCX: 00007f3a0a811b19
[  189.973878] RDX: 0000000000000004 RSI: 0000000000004c81 RDI: 0000000000000005
[  189.974343] RBP: 00007f3a0a86bf6d R08: 0000000000000000 R09: 0000000000000000
[  189.974811] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  189.975333] R13: 00007ffffb8a6a7f R14: 00007f3a07d66300 R15: 0000000000022000
[  189.975864]  </TASK>
[  189.976035] Modules linked in:
[  189.976273] CR2: ffffed100fffc000
[  189.976526] ---[ end trace 0000000000000000 ]---
[  189.976841] RIP: 0010:__memset+0x24/0x50
[  189.977128] Code: 90 90 90 90 90 90 0f 1f 44 00 00 49 89 f9 48 89 d1 83 e2 07 48 c1 e9 03 40 0f b6 f6 48 b8 01 01 01 01 01 01 01 01 48 0f af c6 <f3> 48 ab 89 d1 f3 aa 4c 89 c8 e9 0d d4 12 00 66 66 2e 0f 1f 84 00
[  189.978306] RSP: 0018:ffff88803f06fcc0 EFLAGS: 00010212
[  189.978653] RAX: 0000000000000000 RBX: ffff88800bfd10c0 RCX: 1ffffe21fe5ff826
[  189.979124] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffed100fffc000
[  189.979622] RBP: ffff88800bfef8c0 R08: 0000000000000005 R09: ffffed10017fa218
[  189.980145] R10: 0000000000000001 R11: 0000000000000001 R12: ffff88800bfef8c0
[  189.980655] R13: ffff88800bfd10c0 R14: ffffffff815f2620 R15: 1ffff1100112641f
[  189.981187] FS:  00007f3a07d66700(0000) GS:ffff88806d100000(0000) knlGS:0000000000000000
[  189.981776] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  189.982219] CR2: ffffed100fffc000 CR3: 000000001fefa000 CR4: 0000000000350ee0
[  190.194804] BUG: unable to handle page fault for address: ffffed100fffc000
[  190.195347] #PF: supervisor write access in kernel mode
[  190.195701] #PF: error_code(0x0002) - not-present page
[  190.196089] PGD 7ffd3067 P4D 7ffd3067 PUD 7ffd2067 PMD 7ffd1067 PTE 0
[  190.196535] Oops: 0002 [#5] PREEMPT SMP KASAN NOPTI
[  190.196873] CPU: 1 PID: 6390 Comm: syz-executor.7 Tainted: G      D            6.1.0-rc3-next-20221101 #1
[  190.197485] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  190.198028] RIP: 0010:__memset+0x24/0x50
[  190.198323] Code: 90 90 90 90 90 90 0f 1f 44 00 00 49 89 f9 48 89 d1 83 e2 07 48 c1 e9 03 40 0f b6 f6 48 b8 01 01 01 01 01 01 01 01 48 0f af c6 <f3> 48 ab 89 d1 f3 aa 4c 89 c8 e9 0d d4 12 00 66 66 2e 0f 1f 84 00
[  190.199500] RSP: 0018:ffff88803227fcc0 EFLAGS: 00010212
[  190.199865] RAX: 0000000000000000 RBX: ffff88800bfd13c0 RCX: 1ffffe21fe5ff832
[  190.200349] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffed100fffc000
[  190.200822] RBP: ffff88800bfef8c0 R08: 0000000000000005 R09: ffffed10017fa278
[  190.201294] R10: 0000000000000001 R11: 0000000000000001 R12: ffff88800bfef8c0
[  190.201762] R13: ffff88800bfd13c0 R14: ffffffff815f2620 R15: 1ffff110011a5e1f
[  190.202241] FS:  00007fe99071f700(0000) GS:ffff88806d100000(0000) knlGS:0000000000000000
[  190.202768] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  190.203157] CR2: ffffed100fffc000 CR3: 000000002f180000 CR4: 0000000000350ee0
[  190.203623] Call Trace:
[  190.203815]  <TASK>
[  190.203976]  kasan_unpoison+0x23/0x60
[  190.204257]  mempool_exit+0x1c2/0x330
[  190.204547]  bioset_exit+0x2c9/0x630
[  190.204832]  disk_release+0x143/0x490
[  190.205111]  ? disk_release+0x0/0x490
[  190.205393]  ? device_release+0x0/0x250
[  190.205687]  device_release+0xa2/0x250
[  190.205979]  ? device_release+0x0/0x250
[  190.206270]  kobject_put+0x173/0x280
[  190.206547]  put_device+0x1b/0x40
[  190.206800]  put_disk+0x41/0x60
[  190.207046]  loop_control_ioctl+0x4d1/0x630
[  190.207367]  ? loop_control_ioctl+0x0/0x630
[  190.207687]  ? selinux_file_ioctl+0xb1/0x270
[  190.208033]  ? loop_control_ioctl+0x0/0x630
[  190.208350]  __x64_sys_ioctl+0x19a/0x220
[  190.208654]  do_syscall_64+0x3b/0xa0
[  190.208931]  entry_SYSCALL_64_after_hwframe+0x72/0xdc
[  190.209315] RIP: 0033:0x7fe9931a9b19
[  190.209582] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  190.210890] RSP: 002b:00007fe99071f188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  190.211435] RAX: ffffffffffffffda RBX: 00007fe9932bcf60 RCX: 00007fe9931a9b19
[  190.211954] RDX: 0000000000000002 RSI: 0000000000004c81 RDI: 0000000000000005
[  190.212456] RBP: 00007fe993203f6d R08: 0000000000000000 R09: 0000000000000000
[  190.212970] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  190.213477] R13: 00007ffd96f30e8f R14: 00007fe99071f300 R15: 0000000000022000
[  190.213994]  </TASK>
[  190.214170] Modules linked in:
[  190.214405] CR2: ffffed100fffc000
[  190.214658] ---[ end trace 0000000000000000 ]---
[  190.215003] RIP: 0010:__memset+0x24/0x50
[  190.215304] Code: 90 90 90 90 90 90 0f 1f 44 00 00 49 89 f9 48 89 d1 83 e2 07 48 c1 e9 03 40 0f b6 f6 48 b8 01 01 01 01 01 01 01 01 48 0f af c6 <f3> 48 ab 89 d1 f3 aa 4c 89 c8 e9 0d d4 12 00 66 66 2e 0f 1f 84 00
[  190.216621] RSP: 0018:ffff88803f06fcc0 EFLAGS: 00010212
[  190.217005] RAX: 0000000000000000 RBX: ffff88800bfd10c0 RCX: 1ffffe21fe5ff826
[  190.217519] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffed100fffc000
[  190.218034] RBP: ffff88800bfef8c0 R08: 0000000000000005 R09: ffffed10017fa218
[  190.218541] R10: 0000000000000001 R11: 0000000000000001 R12: ffff88800bfef8c0
[  190.219044] R13: ffff88800bfd10c0 R14: ffffffff815f2620 R15: 1ffff1100112641f
[  190.219551] FS:  00007fe99071f700(0000) GS:ffff88806d100000(0000) knlGS:0000000000000000
[  190.220142] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  190.220561] CR2: ffffed100fffc000 CR3: 000000002f180000 CR4: 0000000000350ee0
11:17:23 executing program 2:
ioctl$EXT4_IOC_CHECKPOINT(0xffffffffffffffff, 0x4004662b, &(0x7f0000000100))
mlock2(&(0x7f0000ff7000/0x4000)=nil, 0x4000, 0x0)
shmat(0xffffffffffffffff, &(0x7f0000fed000/0x13000)=nil, 0x0)
r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x6}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap$perf(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x10, 0xffffffffffffffff, 0x0)
shmctl$SHM_STAT(0xffffffffffffffff, 0xd, &(0x7f0000000380)=""/9)
read(r0, &(0x7f00000003c0)=""/4096, 0x1000)
shmat(0x0, &(0x7f0000ff6000/0x1000)=nil, 0x0)
ioctl$EXT4_IOC_CHECKPOINT(0xffffffffffffffff, 0x4004662b, &(0x7f0000000040))
shmat(0xffffffffffffffff, &(0x7f0000ff2000/0xe000)=nil, 0x5000)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000240), 0x5}, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x41, 0x0)
r2 = ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82)
shmctl$SHM_STAT(0x0, 0xd, &(0x7f0000000300)=""/69)
mbind(&(0x7f0000ffb000/0x2000)=nil, 0x2000, 0x0, &(0x7f0000000000)=0x35, 0x1000, 0x1)
ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2)

11:17:23 executing program 7:
ioctl$EXT4_IOC_CHECKPOINT(0xffffffffffffffff, 0x4004662b, &(0x7f0000000100))
mlock2(&(0x7f0000ff7000/0x4000)=nil, 0x4000, 0x0)
shmat(0xffffffffffffffff, &(0x7f0000fed000/0x13000)=nil, 0x0)
r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x6}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap$perf(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x10, 0xffffffffffffffff, 0x0)
shmctl$SHM_STAT(0xffffffffffffffff, 0xd, &(0x7f0000000380)=""/9)
read(r0, &(0x7f00000003c0)=""/4096, 0x1000)
shmat(0x0, &(0x7f0000ff6000/0x1000)=nil, 0x0)
ioctl$EXT4_IOC_CHECKPOINT(0xffffffffffffffff, 0x4004662b, &(0x7f0000000040))
shmat(0xffffffffffffffff, &(0x7f0000ff2000/0xe000)=nil, 0x5000)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000240), 0x5}, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x41, 0x0)
r2 = ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82)
shmctl$SHM_STAT(0x0, 0xd, &(0x7f0000000300)=""/69)
mbind(&(0x7f0000ffb000/0x2000)=nil, 0x2000, 0x0, &(0x7f0000000000)=0x35, 0x1000, 0x1)
ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2)

11:17:23 executing program 1:
ioctl$EXT4_IOC_CHECKPOINT(0xffffffffffffffff, 0x4004662b, &(0x7f0000000100))
mlock2(&(0x7f0000ff7000/0x4000)=nil, 0x4000, 0x0)
shmat(0xffffffffffffffff, &(0x7f0000fed000/0x13000)=nil, 0x0)
r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x6}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap$perf(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x10, 0xffffffffffffffff, 0x0)
shmctl$SHM_STAT(0xffffffffffffffff, 0xd, &(0x7f0000000380)=""/9)
read(r0, &(0x7f00000003c0)=""/4096, 0x1000)
shmat(0x0, &(0x7f0000ff6000/0x1000)=nil, 0x0)
ioctl$EXT4_IOC_CHECKPOINT(0xffffffffffffffff, 0x4004662b, &(0x7f0000000040))
shmat(0xffffffffffffffff, &(0x7f0000ff2000/0xe000)=nil, 0x5000)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000240), 0x5}, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x41, 0x0)
r2 = ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82)
shmctl$SHM_STAT(0x0, 0xd, &(0x7f0000000300)=""/69)
mbind(&(0x7f0000ffb000/0x2000)=nil, 0x2000, 0x0, &(0x7f0000000000)=0x35, 0x1000, 0x1)
ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2)

11:17:23 executing program 6:
syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
pipe2$9p(&(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
openat$sysfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
clone3(&(0x7f0000000640)={0x123363500, &(0x7f00000000c0), 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000500)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@privport}]}})
stat(0x0, &(0x7f0000000280))
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(0xffffffffffffffff, 0xc0189372, 0x0)
syz_io_uring_setup(0x0, 0x0, &(0x7f00000a0000)=nil, &(0x7f0000ffb000/0x3000)=nil, 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0))
dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)

11:17:23 executing program 3:
ioctl$EXT4_IOC_CHECKPOINT(0xffffffffffffffff, 0x4004662b, &(0x7f0000000100))
mlock2(&(0x7f0000ff7000/0x4000)=nil, 0x4000, 0x0)
shmat(0xffffffffffffffff, &(0x7f0000fed000/0x13000)=nil, 0x0)
r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x6}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap$perf(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x10, 0xffffffffffffffff, 0x0)
shmctl$SHM_STAT(0xffffffffffffffff, 0xd, &(0x7f0000000380)=""/9)
read(r0, &(0x7f00000003c0)=""/4096, 0x1000)
shmat(0x0, &(0x7f0000ff6000/0x1000)=nil, 0x0)
ioctl$EXT4_IOC_CHECKPOINT(0xffffffffffffffff, 0x4004662b, &(0x7f0000000040))
shmat(0xffffffffffffffff, &(0x7f0000ff2000/0xe000)=nil, 0x5000)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000240), 0x5}, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x41, 0x0)
r2 = ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82)
shmctl$SHM_STAT(0x0, 0xd, &(0x7f0000000300)=""/69)
mbind(&(0x7f0000ffb000/0x2000)=nil, 0x2000, 0x0, &(0x7f0000000000)=0x35, 0x1000, 0x1)
ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2)

11:17:23 executing program 4:
syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
pipe2$9p(&(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
openat$sysfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
clone3(&(0x7f0000000640)={0x123363500, &(0x7f00000000c0), 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000500)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@privport}]}})
stat(0x0, &(0x7f0000000280))
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(0xffffffffffffffff, 0xc0189372, 0x0)
syz_io_uring_setup(0x0, 0x0, &(0x7f00000a0000)=nil, &(0x7f0000ffb000/0x3000)=nil, 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0))
dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)

11:17:23 executing program 5:
ioctl$EXT4_IOC_CHECKPOINT(0xffffffffffffffff, 0x4004662b, &(0x7f0000000100))
mlock2(&(0x7f0000ff7000/0x4000)=nil, 0x4000, 0x0)
shmat(0xffffffffffffffff, &(0x7f0000fed000/0x13000)=nil, 0x0)
r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x6}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap$perf(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x10, 0xffffffffffffffff, 0x0)
shmctl$SHM_STAT(0xffffffffffffffff, 0xd, &(0x7f0000000380)=""/9)
read(r0, &(0x7f00000003c0)=""/4096, 0x1000)
shmat(0x0, &(0x7f0000ff6000/0x1000)=nil, 0x0)
ioctl$EXT4_IOC_CHECKPOINT(0xffffffffffffffff, 0x4004662b, &(0x7f0000000040))
shmat(0xffffffffffffffff, &(0x7f0000ff2000/0xe000)=nil, 0x5000)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000240), 0x5}, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x41, 0x0)
r2 = ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82)
shmctl$SHM_STAT(0x0, 0xd, &(0x7f0000000300)=""/69)
mbind(&(0x7f0000ffb000/0x2000)=nil, 0x2000, 0x0, &(0x7f0000000000)=0x35, 0x1000, 0x1)
ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2)

11:17:23 executing program 0:
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x9c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000002c00), 0x0, 0x0)
fstatfs(r0, &(0x7f0000000000)=""/42)

11:17:23 executing program 4:
syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
pipe2$9p(&(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
openat$sysfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
clone3(&(0x7f0000000640)={0x123363500, &(0x7f00000000c0), 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000500)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@privport}]}})
stat(0x0, &(0x7f0000000280))
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(0xffffffffffffffff, 0xc0189372, 0x0)
syz_io_uring_setup(0x0, 0x0, &(0x7f00000a0000)=nil, &(0x7f0000ffb000/0x3000)=nil, 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0))
dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)

11:17:23 executing program 6:
syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
pipe2$9p(&(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
openat$sysfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
clone3(&(0x7f0000000640)={0x123363500, &(0x7f00000000c0), 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000500)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@privport}]}})
stat(0x0, &(0x7f0000000280))
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(0xffffffffffffffff, 0xc0189372, 0x0)
syz_io_uring_setup(0x0, 0x0, &(0x7f00000a0000)=nil, &(0x7f0000ffb000/0x3000)=nil, 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0))
dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)

[  190.814653] BUG: unable to handle page fault for address: ffffed100fffc000
[  190.815233] #PF: supervisor write access in kernel mode
[  190.815618] #PF: error_code(0x0002) - not-present page
[  190.816001] PGD 7ffd3067 P4D 7ffd3067 PUD 7ffd2067 PMD 7ffd1067 PTE 0
[  190.816457] Oops: 0002 [#6] PREEMPT SMP KASAN NOPTI
[  190.816801] CPU: 1 PID: 6439 Comm: syz-executor.3 Tainted: G      D            6.1.0-rc3-next-20221101 #1
[  190.817433] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  190.817987] RIP: 0010:__memset+0x24/0x50
[  190.818287] Code: 90 90 90 90 90 90 0f 1f 44 00 00 49 89 f9 48 89 d1 83 e2 07 48 c1 e9 03 40 0f b6 f6 48 b8 01 01 01 01 01 01 01 01 48 0f af c6 <f3> 48 ab 89 d1 f3 aa 4c 89 c8 e9 0d d4 12 00 66 66 2e 0f 1f 84 00
[  190.819507] RSP: 0018:ffff88803fbbfcc0 EFLAGS: 00010212
[  190.819913] RAX: 0000000000000000 RBX: ffff88800bfd1840 RCX: 1ffffe21fe5ff844
[  190.820429] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffed100fffc000
[  190.820938] RBP: ffff88800bfef8c0 R08: 0000000000000005 R09: ffffed10017fa308
[  190.821418] R10: 0000000000000001 R11: 0000000000000001 R12: ffff88800bfef8c0
[  190.821892] R13: ffff88800bfd1840 R14: ffffffff815f2620 R15: 1ffff1100119b41f
[  190.822372] FS:  00007f99cc874700(0000) GS:ffff88806d100000(0000) knlGS:0000000000000000
[  190.822906] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  190.823303] CR2: ffffed100fffc000 CR3: 000000003ee66000 CR4: 0000000000350ee0
[  190.823785] Call Trace:
[  190.823982]  <TASK>
[  190.824150]  kasan_unpoison+0x23/0x60
[  190.824423]  mempool_exit+0x1c2/0x330
[  190.824701]  bioset_exit+0x2c9/0x630
[  190.824973]  disk_release+0x143/0x490
[  190.825247]  ? disk_release+0x0/0x490
[  190.825521]  ? device_release+0x0/0x250
[  190.825803]  device_release+0xa2/0x250
[  190.826079]  ? device_release+0x0/0x250
[  190.826355]  kobject_put+0x173/0x280
[  190.826623]  put_device+0x1b/0x40
[  190.826869]  put_disk+0x41/0x60
[  190.827107]  loop_control_ioctl+0x4d1/0x630
[  190.827415]  ? loop_control_ioctl+0x0/0x630
[  190.827736]  ? selinux_file_ioctl+0xb1/0x270
[  190.828083]  ? loop_control_ioctl+0x0/0x630
[  190.828413]  __x64_sys_ioctl+0x19a/0x220
[  190.828721]  do_syscall_64+0x3b/0xa0
[  190.828996]  entry_SYSCALL_64_after_hwframe+0x72/0xdc
[  190.829353] RIP: 0033:0x7f99cf2feb19
[  190.829614] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  190.830810] RSP: 002b:00007f99cc874188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  190.831321] RAX: ffffffffffffffda RBX: 00007f99cf411f60 RCX: 00007f99cf2feb19
[  190.831824] RDX: 0000000000000005 RSI: 0000000000004c81 RDI: 0000000000000005
[  190.832339] RBP: 00007f99cf358f6d R08: 0000000000000000 R09: 0000000000000000
[  190.832847] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  190.833326] R13: 00007ffe04fa04df R14: 00007f99cc874300 R15: 0000000000022000
[  190.833824]  </TASK>
[  190.833999] Modules linked in:
[  190.834238] CR2: ffffed100fffc000
[  190.834493] ---[ end trace 0000000000000000 ]---
[  190.834831] RIP: 0010:__memset+0x24/0x50
[  190.835139] Code: 90 90 90 90 90 90 0f 1f 44 00 00 49 89 f9 48 89 d1 83 e2 07 48 c1 e9 03 40 0f b6 f6 48 b8 01 01 01 01 01 01 01 01 48 0f af c6 <f3> 48 ab 89 d1 f3 aa 4c 89 c8 e9 0d d4 12 00 66 66 2e 0f 1f 84 00
[  190.836419] RSP: 0018:ffff88803f06fcc0 EFLAGS: 00010212
[  190.836803] RAX: 0000000000000000 RBX: ffff88800bfd10c0 RCX: 1ffffe21fe5ff826
[  190.837313] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffed100fffc000
[  190.837819] RBP: ffff88800bfef8c0 R08: 0000000000000005 R09: ffffed10017fa218
[  190.838326] R10: 0000000000000001 R11: 0000000000000001 R12: ffff88800bfef8c0
[  190.838835] R13: ffff88800bfd10c0 R14: ffffffff815f2620 R15: 1ffff1100112641f
[  190.839342] FS:  00007f99cc874700(0000) GS:ffff88806d100000(0000) knlGS:0000000000000000
[  190.839930] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  190.840348] CR2: ffffed100fffc000 CR3: 000000003ee66000 CR4: 0000000000350ee0
11:17:23 executing program 7:
ioctl$EXT4_IOC_CHECKPOINT(0xffffffffffffffff, 0x4004662b, &(0x7f0000000100))
mlock2(&(0x7f0000ff7000/0x4000)=nil, 0x4000, 0x0)
shmat(0xffffffffffffffff, &(0x7f0000fed000/0x13000)=nil, 0x0)
r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x6}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap$perf(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x10, 0xffffffffffffffff, 0x0)
shmctl$SHM_STAT(0xffffffffffffffff, 0xd, &(0x7f0000000380)=""/9)
read(r0, &(0x7f00000003c0)=""/4096, 0x1000)
shmat(0x0, &(0x7f0000ff6000/0x1000)=nil, 0x0)
ioctl$EXT4_IOC_CHECKPOINT(0xffffffffffffffff, 0x4004662b, &(0x7f0000000040))
shmat(0xffffffffffffffff, &(0x7f0000ff2000/0xe000)=nil, 0x5000)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000240), 0x5}, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x41, 0x0)
r2 = ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82)
shmctl$SHM_STAT(0x0, 0xd, &(0x7f0000000300)=""/69)
mbind(&(0x7f0000ffb000/0x2000)=nil, 0x2000, 0x0, &(0x7f0000000000)=0x35, 0x1000, 0x1)
ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2)

[  190.922283] BUG: unable to handle page fault for address: ffffed100fffc000
[  190.922840] #PF: supervisor write access in kernel mode
[  190.923207] #PF: error_code(0x0002) - not-present page
[  190.923577] PGD 7ffd3067 P4D 7ffd3067 PUD 7ffd2067 PMD 7ffd1067 PTE 0
[  190.924076] Oops: 0002 [#7] PREEMPT SMP KASAN NOPTI
[  190.924434] CPU: 1 PID: 6435 Comm: syz-executor.1 Tainted: G      D            6.1.0-rc3-next-20221101 #1
[  190.925090] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  190.925622] RIP: 0010:__memset+0x24/0x50
[  190.925913] Code: 90 90 90 90 90 90 0f 1f 44 00 00 49 89 f9 48 89 d1 83 e2 07 48 c1 e9 03 40 0f b6 f6 48 b8 01 01 01 01 01 01 01 01 48 0f af c6 <f3> 48 ab 89 d1 f3 aa 4c 89 c8 e9 0d d4 12 00 66 66 2e 0f 1f 84 00
[  190.927128] RSP: 0018:ffff88803fc07cc0 EFLAGS: 00010212
[  190.927502] RAX: 0000000000000000 RBX: ffff88800bfd19c0 RCX: 1ffffe21fe5ff84a
[  190.928006] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffed100fffc000
[  190.928503] RBP: ffff88800bfef8c0 R08: 0000000000000005 R09: ffffed10017fa338
[  190.928995] R10: 0000000000000001 R11: 0000000000000001 R12: ffff88800bfef8c0
[  190.929495] R13: ffff88800bfd19c0 R14: ffffffff815f2620 R15: 1ffff1100119b01f
[  190.929992] FS:  00007f3a07d87700(0000) GS:ffff88806d100000(0000) knlGS:0000000000000000
[  190.930554] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  190.930964] CR2: ffffed100fffc000 CR3: 000000003d8b2000 CR4: 0000000000350ee0
[  190.931461] Call Trace:
[  190.931639]  <TASK>
[  190.931800]  kasan_unpoison+0x23/0x60
[  190.932066]  mempool_exit+0x1c2/0x330
[  190.932347]  bioset_exit+0x2c9/0x630
[  190.932621]  disk_release+0x143/0x490
[  190.932906]  ? disk_release+0x0/0x490
[  190.933188]  ? device_release+0x0/0x250
[  190.933475]  device_release+0xa2/0x250
[  190.933756]  ? device_release+0x0/0x250
[  190.934039]  kobject_put+0x173/0x280
[  190.934314]  put_device+0x1b/0x40
[  190.934566]  put_disk+0x41/0x60
[  190.934810]  loop_control_ioctl+0x4d1/0x630
[  190.935124]  ? loop_control_ioctl+0x0/0x630
[  190.935441]  ? selinux_file_ioctl+0xb1/0x270
[  190.935763]  ? loop_control_ioctl+0x0/0x630
[  190.936095]  __x64_sys_ioctl+0x19a/0x220
[  190.936395]  do_syscall_64+0x3b/0xa0
[  190.936670]  entry_SYSCALL_64_after_hwframe+0x72/0xdc
[  190.937031] RIP: 0033:0x7f3a0a811b19
[  190.937297] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  190.938514] RSP: 002b:00007f3a07d87188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  190.939008] RAX: ffffffffffffffda RBX: 00007f3a0a924f60 RCX: 00007f3a0a811b19
[  190.939500] RDX: 0000000000000006 RSI: 0000000000004c81 RDI: 0000000000000005
[  190.939995] RBP: 00007f3a0a86bf6d R08: 0000000000000000 R09: 0000000000000000
[  190.940484] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  190.940971] R13: 00007ffffb8a6a7f R14: 00007f3a07d87300 R15: 0000000000022000
[  190.941467]  </TASK>
[  190.941632] Modules linked in:
[  190.941865] CR2: ffffed100fffc000
[  190.942110] ---[ end trace 0000000000000000 ]---
[  190.942442] RIP: 0010:__memset+0x24/0x50
[  190.942741] Code: 90 90 90 90 90 90 0f 1f 44 00 00 49 89 f9 48 89 d1 83 e2 07 48 c1 e9 03 40 0f b6 f6 48 b8 01 01 01 01 01 01 01 01 48 0f af c6 <f3> 48 ab 89 d1 f3 aa 4c 89 c8 e9 0d d4 12 00 66 66 2e 0f 1f 84 00
[  190.943972] RSP: 0018:ffff88803f06fcc0 EFLAGS: 00010212
[  190.944347] RAX: 0000000000000000 RBX: ffff88800bfd10c0 RCX: 1ffffe21fe5ff826
[  190.944835] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffed100fffc000
[  190.945320] RBP: ffff88800bfef8c0 R08: 0000000000000005 R09: ffffed10017fa218
[  190.945812] R10: 0000000000000001 R11: 0000000000000001 R12: ffff88800bfef8c0
[  190.946301] R13: ffff88800bfd10c0 R14: ffffffff815f2620 R15: 1ffff1100112641f
[  190.946779] FS:  00007f3a07d87700(0000) GS:ffff88806d100000(0000) knlGS:0000000000000000
[  190.947336] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  190.947732] CR2: ffffed100fffc000 CR3: 000000003d8b2000 CR4: 0000000000350ee0
11:17:23 executing program 0:
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x9c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000002c00), 0x0, 0x0)
fstatfs(r0, &(0x7f0000000000)=""/42)

11:17:23 executing program 6:
syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
pipe2$9p(&(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
openat$sysfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
clone3(&(0x7f0000000640)={0x123363500, &(0x7f00000000c0), 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000500)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@privport}]}})
stat(0x0, &(0x7f0000000280))
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(0xffffffffffffffff, 0xc0189372, 0x0)
syz_io_uring_setup(0x0, 0x0, &(0x7f00000a0000)=nil, &(0x7f0000ffb000/0x3000)=nil, 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0))
dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)

[  191.084271] BUG: unable to handle page fault for address: ffffed100fffc000
[  191.084789] #PF: supervisor write access in kernel mode
[  191.085134] #PF: error_code(0x0002) - not-present page
[  191.085479] PGD 7ffd3067 P4D 7ffd3067 PUD 7ffd2067 PMD 7ffd1067 PTE 0
[  191.085919] Oops: 0002 [#8] PREEMPT SMP KASAN NOPTI
[  191.086250] CPU: 1 PID: 6443 Comm: syz-executor.2 Tainted: G      D            6.1.0-rc3-next-20221101 #1
[  191.086861] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  191.087387] RIP: 0010:__memset+0x24/0x50
[  191.087678] Code: 90 90 90 90 90 90 0f 1f 44 00 00 49 89 f9 48 89 d1 83 e2 07 48 c1 e9 03 40 0f b6 f6 48 b8 01 01 01 01 01 01 01 01 48 0f af c6 <f3> 48 ab 89 d1 f3 aa 4c 89 c8 e9 0d d4 12 00 66 66 2e 0f 1f 84 00
[  191.088848] RSP: 0018:ffff88803f99fcc0 EFLAGS: 00010212
[  191.089194] RAX: 0000000000000000 RBX: ffff88800bfd1b40 RCX: 1ffffe21fe5ff850
[  191.089653] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffed100fffc000
[  191.090113] RBP: ffff88800bfef8c0 R08: 0000000000000005 R09: ffffed10017fa368
[  191.090575] R10: 0000000000000001 R11: 0000000000000001 R12: ffff88800bfef8c0
[  191.091033] R13: ffff88800bfd1b40 R14: ffffffff815f2620 R15: 1ffff110011a8a1f
[  191.091500] FS:  00007f8a39fa7700(0000) GS:ffff88806d100000(0000) knlGS:0000000000000000
[  191.092032] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  191.092408] CR2: ffffed100fffc000 CR3: 000000001fefa000 CR4: 0000000000350ee0
[  191.092870] Call Trace:
[  191.093048]  <TASK>
[  191.093196]  kasan_unpoison+0x23/0x60
[  191.093460]  mempool_exit+0x1c2/0x330
[  191.093727]  bioset_exit+0x2c9/0x630
[  191.093990]  disk_release+0x143/0x490
[  191.094252]  ? disk_release+0x0/0x490
[  191.094509]  ? device_release+0x0/0x250
[  191.094782]  device_release+0xa2/0x250
[  191.095048]  ? device_release+0x0/0x250
[  191.095317]  kobject_put+0x173/0x280
[  191.095577]  put_device+0x1b/0x40
[  191.095816]  put_disk+0x41/0x60
[  191.096048]  loop_control_ioctl+0x4d1/0x630
[  191.096345]  ? loop_control_ioctl+0x0/0x630
[  191.096634]  ? selinux_file_ioctl+0xb1/0x270
[  191.096943]  ? loop_control_ioctl+0x0/0x630
[  191.097233]  __x64_sys_ioctl+0x19a/0x220
[  191.097514]  do_syscall_64+0x3b/0xa0
[  191.097776]  entry_SYSCALL_64_after_hwframe+0x72/0xdc
[  191.098123] RIP: 0033:0x7f8a3ca31b19
[  191.098367] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  191.099530] RSP: 002b:00007f8a39fa7188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  191.100035] RAX: ffffffffffffffda RBX: 00007f8a3cb44f60 RCX: 00007f8a3ca31b19
[  191.100502] RDX: 0000000000000007 RSI: 0000000000004c81 RDI: 0000000000000005
[  191.100966] RBP: 00007f8a3ca8bf6d R08: 0000000000000000 R09: 0000000000000000
[  191.101431] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  191.101894] R13: 00007fffb8fa757f R14: 00007f8a39fa7300 R15: 0000000000022000
[  191.102366]  </TASK>
[  191.102524] Modules linked in:
[  191.102745] CR2: ffffed100fffc000
[  191.102979] ---[ end trace 0000000000000000 ]---
[  191.103289] RIP: 0010:__memset+0x24/0x50
[  191.103572] Code: 90 90 90 90 90 90 0f 1f 44 00 00 49 89 f9 48 89 d1 83 e2 07 48 c1 e9 03 40 0f b6 f6 48 b8 01 01 01 01 01 01 01 01 48 0f af c6 <f3> 48 ab 89 d1 f3 aa 4c 89 c8 e9 0d d4 12 00 66 66 2e 0f 1f 84 00
[  191.104747] RSP: 0018:ffff88803f06fcc0 EFLAGS: 00010212
[  191.105096] RAX: 0000000000000000 RBX: ffff88800bfd10c0 RCX: 1ffffe21fe5ff826
[  191.105566] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffed100fffc000
[  191.106029] RBP: ffff88800bfef8c0 R08: 0000000000000005 R09: ffffed10017fa218
[  191.106492] R10: 0000000000000001 R11: 0000000000000001 R12: ffff88800bfef8c0
[  191.106956] R13: ffff88800bfd10c0 R14: ffffffff815f2620 R15: 1ffff1100112641f
[  191.107417] FS:  00007f8a39fa7700(0000) GS:ffff88806d100000(0000) knlGS:0000000000000000
[  191.107947] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  191.108337] CR2: ffffed100fffc000 CR3: 000000001fefa000 CR4: 0000000000350ee0
11:17:24 executing program 0:
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x9c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000002c00), 0x0, 0x0)
fstatfs(r0, &(0x7f0000000000)=""/42)

11:17:24 executing program 4:
r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setlease(r0, 0x400, 0x1)
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="601c6d6b646f736689254300080120000400004000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x200000000010000}], 0x0, &(0x7f0000000040)=ANY=[])
perf_event_open(&(0x7f0000000180)={0x4, 0x80, 0x80, 0x6, 0x2a, 0x9, 0x0, 0x7, 0xc0800, 0x6d4f961da046aa02, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x9bf, 0x2, @perf_config_ext={0x5, 0x6}, 0x164f8, 0x1, 0xbbac, 0x5, 0x2, 0x7, 0x1000, 0x0, 0x0, 0x0, 0x7}, 0x0, 0x4000e, 0xffffffffffffffff, 0x1)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000080))
read(0xffffffffffffffff, 0x0, 0x0)

11:17:24 executing program 6:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$BATADV_CMD_GET_ROUTING_ALGOS(r0, &(0x7f0000002540)={0x0, 0x0, &(0x7f0000002500)={&(0x7f00000024c0)={0x14, 0x0, 0x4}, 0x14}}, 0x0)
clock_gettime(0x0, &(0x7f0000006380)={0x0, <r1=>0x0})
recvmmsg(r0, &(0x7f0000006280)=[{{&(0x7f0000003580)=@pppoe={0x18, 0x0, {0x0, @local}}, 0x80, &(0x7f0000003740)=[{&(0x7f0000003600)=""/82, 0x52}], 0x1, &(0x7f0000003780)=""/34, 0x22}}, {{0x0, 0x0, &(0x7f0000005d00)=[{0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0, 0x1c}, {0x0}, {0x0}], 0x9}}, {{0x0, 0x0, 0x0}}], 0x3, 0x40010022, &(0x7f00000063c0)={0x0, r1+10000000})

11:17:25 executing program 4:
r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setlease(r0, 0x400, 0x1)
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="601c6d6b646f736689254300080120000400004000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x200000000010000}], 0x0, &(0x7f0000000040)=ANY=[])
perf_event_open(&(0x7f0000000180)={0x4, 0x80, 0x80, 0x6, 0x2a, 0x9, 0x0, 0x7, 0xc0800, 0x6d4f961da046aa02, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x9bf, 0x2, @perf_config_ext={0x5, 0x6}, 0x164f8, 0x1, 0xbbac, 0x5, 0x2, 0x7, 0x1000, 0x0, 0x0, 0x0, 0x7}, 0x0, 0x4000e, 0xffffffffffffffff, 0x1)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000080))
read(0xffffffffffffffff, 0x0, 0x0)

11:17:25 executing program 2:
ioctl$EXT4_IOC_CHECKPOINT(0xffffffffffffffff, 0x4004662b, &(0x7f0000000100))
mlock2(&(0x7f0000ff7000/0x4000)=nil, 0x4000, 0x0)
shmat(0xffffffffffffffff, &(0x7f0000fed000/0x13000)=nil, 0x0)
r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x6}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap$perf(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x10, 0xffffffffffffffff, 0x0)
shmctl$SHM_STAT(0xffffffffffffffff, 0xd, &(0x7f0000000380)=""/9)
read(r0, &(0x7f00000003c0)=""/4096, 0x1000)
shmat(0x0, &(0x7f0000ff6000/0x1000)=nil, 0x0)
ioctl$EXT4_IOC_CHECKPOINT(0xffffffffffffffff, 0x4004662b, &(0x7f0000000040))
shmat(0xffffffffffffffff, &(0x7f0000ff2000/0xe000)=nil, 0x5000)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000240), 0x5}, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x41, 0x0)
r2 = ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82)
shmctl$SHM_STAT(0x0, 0xd, &(0x7f0000000300)=""/69)
mbind(&(0x7f0000ffb000/0x2000)=nil, 0x2000, 0x0, &(0x7f0000000000)=0x35, 0x1000, 0x1)
ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2)

11:17:25 executing program 0:
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x9c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000002c00), 0x0, 0x0)
fstatfs(r0, &(0x7f0000000000)=""/42)

11:17:25 executing program 5:
ioctl$EXT4_IOC_CHECKPOINT(0xffffffffffffffff, 0x4004662b, &(0x7f0000000100))
mlock2(&(0x7f0000ff7000/0x4000)=nil, 0x4000, 0x0)
shmat(0xffffffffffffffff, &(0x7f0000fed000/0x13000)=nil, 0x0)
r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x6}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap$perf(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x10, 0xffffffffffffffff, 0x0)
shmctl$SHM_STAT(0xffffffffffffffff, 0xd, &(0x7f0000000380)=""/9)
read(r0, &(0x7f00000003c0)=""/4096, 0x1000)
shmat(0x0, &(0x7f0000ff6000/0x1000)=nil, 0x0)
ioctl$EXT4_IOC_CHECKPOINT(0xffffffffffffffff, 0x4004662b, &(0x7f0000000040))
shmat(0xffffffffffffffff, &(0x7f0000ff2000/0xe000)=nil, 0x5000)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000240), 0x5}, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x41, 0x0)
r2 = ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82)
shmctl$SHM_STAT(0x0, 0xd, &(0x7f0000000300)=""/69)
mbind(&(0x7f0000ffb000/0x2000)=nil, 0x2000, 0x0, &(0x7f0000000000)=0x35, 0x1000, 0x1)
ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2)

11:17:25 executing program 6:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$BATADV_CMD_GET_ROUTING_ALGOS(r0, &(0x7f0000002540)={0x0, 0x0, &(0x7f0000002500)={&(0x7f00000024c0)={0x14, 0x0, 0x4}, 0x14}}, 0x0)
clock_gettime(0x0, &(0x7f0000006380)={0x0, <r1=>0x0})
recvmmsg(r0, &(0x7f0000006280)=[{{&(0x7f0000003580)=@pppoe={0x18, 0x0, {0x0, @local}}, 0x80, &(0x7f0000003740)=[{&(0x7f0000003600)=""/82, 0x52}], 0x1, &(0x7f0000003780)=""/34, 0x22}}, {{0x0, 0x0, &(0x7f0000005d00)=[{0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0, 0x1c}, {0x0}, {0x0}], 0x9}}, {{0x0, 0x0, 0x0}}], 0x3, 0x40010022, &(0x7f00000063c0)={0x0, r1+10000000})

11:17:25 executing program 3:
ioctl$EXT4_IOC_CHECKPOINT(0xffffffffffffffff, 0x4004662b, &(0x7f0000000100))
mlock2(&(0x7f0000ff7000/0x4000)=nil, 0x4000, 0x0)
shmat(0xffffffffffffffff, &(0x7f0000fed000/0x13000)=nil, 0x0)
r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x6}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap$perf(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x10, 0xffffffffffffffff, 0x0)
shmctl$SHM_STAT(0xffffffffffffffff, 0xd, &(0x7f0000000380)=""/9)
read(r0, &(0x7f00000003c0)=""/4096, 0x1000)
shmat(0x0, &(0x7f0000ff6000/0x1000)=nil, 0x0)
ioctl$EXT4_IOC_CHECKPOINT(0xffffffffffffffff, 0x4004662b, &(0x7f0000000040))
shmat(0xffffffffffffffff, &(0x7f0000ff2000/0xe000)=nil, 0x5000)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000240), 0x5}, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x41, 0x0)
r2 = ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82)
shmctl$SHM_STAT(0x0, 0xd, &(0x7f0000000300)=""/69)
mbind(&(0x7f0000ffb000/0x2000)=nil, 0x2000, 0x0, &(0x7f0000000000)=0x35, 0x1000, 0x1)
ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2)

11:17:25 executing program 1:
ioctl$EXT4_IOC_CHECKPOINT(0xffffffffffffffff, 0x4004662b, &(0x7f0000000100))
mlock2(&(0x7f0000ff7000/0x4000)=nil, 0x4000, 0x0)
shmat(0xffffffffffffffff, &(0x7f0000fed000/0x13000)=nil, 0x0)
r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x6}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap$perf(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x10, 0xffffffffffffffff, 0x0)
shmctl$SHM_STAT(0xffffffffffffffff, 0xd, &(0x7f0000000380)=""/9)
read(r0, &(0x7f00000003c0)=""/4096, 0x1000)
shmat(0x0, &(0x7f0000ff6000/0x1000)=nil, 0x0)
ioctl$EXT4_IOC_CHECKPOINT(0xffffffffffffffff, 0x4004662b, &(0x7f0000000040))
shmat(0xffffffffffffffff, &(0x7f0000ff2000/0xe000)=nil, 0x5000)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000240), 0x5}, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x41, 0x0)
r2 = ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82)
shmctl$SHM_STAT(0x0, 0xd, &(0x7f0000000300)=""/69)
mbind(&(0x7f0000ffb000/0x2000)=nil, 0x2000, 0x0, &(0x7f0000000000)=0x35, 0x1000, 0x1)
ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2)

11:17:25 executing program 7:
r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setlease(r0, 0x400, 0x1)
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="601c6d6b646f736689254300080120000400004000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x200000000010000}], 0x0, &(0x7f0000000040)=ANY=[])
perf_event_open(&(0x7f0000000180)={0x4, 0x80, 0x80, 0x6, 0x2a, 0x9, 0x0, 0x7, 0xc0800, 0x6d4f961da046aa02, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x9bf, 0x2, @perf_config_ext={0x5, 0x6}, 0x164f8, 0x1, 0xbbac, 0x5, 0x2, 0x7, 0x1000, 0x0, 0x0, 0x0, 0x7}, 0x0, 0x4000e, 0xffffffffffffffff, 0x1)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000080))
read(0xffffffffffffffff, 0x0, 0x0)

11:17:25 executing program 0:
r0 = memfd_create(&(0x7f0000000200)=')*]\x00', 0x0)
ioctl$BTRFS_IOC_INO_LOOKUP_USER(r0, 0x40305828, 0x0)

11:17:26 executing program 6:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$BATADV_CMD_GET_ROUTING_ALGOS(r0, &(0x7f0000002540)={0x0, 0x0, &(0x7f0000002500)={&(0x7f00000024c0)={0x14, 0x0, 0x4}, 0x14}}, 0x0)
clock_gettime(0x0, &(0x7f0000006380)={0x0, <r1=>0x0})
recvmmsg(r0, &(0x7f0000006280)=[{{&(0x7f0000003580)=@pppoe={0x18, 0x0, {0x0, @local}}, 0x80, &(0x7f0000003740)=[{&(0x7f0000003600)=""/82, 0x52}], 0x1, &(0x7f0000003780)=""/34, 0x22}}, {{0x0, 0x0, &(0x7f0000005d00)=[{0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0, 0x1c}, {0x0}, {0x0}], 0x9}}, {{0x0, 0x0, 0x0}}], 0x3, 0x40010022, &(0x7f00000063c0)={0x0, r1+10000000})

11:17:26 executing program 0:
r0 = memfd_create(&(0x7f0000000200)=')*]\x00', 0x0)
ioctl$BTRFS_IOC_INO_LOOKUP_USER(r0, 0x40305828, 0x0)

11:17:26 executing program 1:
r0 = socket$unix(0x1, 0x2, 0x0)
r1 = syz_io_uring_setup(0x1a8a, &(0x7f0000000100)={0x0, 0x9a11}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000000180), &(0x7f00000001c0))
r2 = socket$unix(0x1, 0x2, 0x0)
r3 = fcntl$dupfd(r1, 0x0, r0)
io_uring_register$IORING_REGISTER_FILES(r1, 0x2, &(0x7f0000000300)=[r2, r3], 0x2)

11:17:26 executing program 6:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$BATADV_CMD_GET_ROUTING_ALGOS(r0, &(0x7f0000002540)={0x0, 0x0, &(0x7f0000002500)={&(0x7f00000024c0)={0x14, 0x0, 0x4}, 0x14}}, 0x0)
clock_gettime(0x0, &(0x7f0000006380)={0x0, <r1=>0x0})
recvmmsg(r0, &(0x7f0000006280)=[{{&(0x7f0000003580)=@pppoe={0x18, 0x0, {0x0, @local}}, 0x80, &(0x7f0000003740)=[{&(0x7f0000003600)=""/82, 0x52}], 0x1, &(0x7f0000003780)=""/34, 0x22}}, {{0x0, 0x0, &(0x7f0000005d00)=[{0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0, 0x1c}, {0x0}, {0x0}], 0x9}}, {{0x0, 0x0, 0x0}}], 0x3, 0x40010022, &(0x7f00000063c0)={0x0, r1+10000000})

11:17:26 executing program 0:
r0 = memfd_create(&(0x7f0000000200)=')*]\x00', 0x0)
ioctl$BTRFS_IOC_INO_LOOKUP_USER(r0, 0x40305828, 0x0)

11:17:26 executing program 7:
r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setlease(r0, 0x400, 0x1)
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="601c6d6b646f736689254300080120000400004000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x200000000010000}], 0x0, &(0x7f0000000040)=ANY=[])
perf_event_open(&(0x7f0000000180)={0x4, 0x80, 0x80, 0x6, 0x2a, 0x9, 0x0, 0x7, 0xc0800, 0x6d4f961da046aa02, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x9bf, 0x2, @perf_config_ext={0x5, 0x6}, 0x164f8, 0x1, 0xbbac, 0x5, 0x2, 0x7, 0x1000, 0x0, 0x0, 0x0, 0x7}, 0x0, 0x4000e, 0xffffffffffffffff, 0x1)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000080))
read(0xffffffffffffffff, 0x0, 0x0)

[  193.501882] BUG: unable to handle page fault for address: ffffed100fffc000
[  193.502481] #PF: supervisor write access in kernel mode
[  193.502897] #PF: error_code(0x0002) - not-present page
[  193.503292] PGD 7ffd3067 P4D 7ffd3067 PUD 7ffd2067 PMD 7ffd1067 PTE 0
[  193.503815] Oops: 0002 [#9] PREEMPT SMP KASAN NOPTI
[  193.504208] CPU: 1 PID: 6490 Comm: syz-executor.2 Tainted: G      D            6.1.0-rc3-next-20221101 #1
[  193.504901] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  193.505512] RIP: 0010:__memset+0x24/0x50
[  193.505845] Code: 90 90 90 90 90 90 0f 1f 44 00 00 49 89 f9 48 89 d1 83 e2 07 48 c1 e9 03 40 0f b6 f6 48 b8 01 01 01 01 01 01 01 01 48 0f af c6 <f3> 48 ab 89 d1 f3 aa 4c 89 c8 e9 0d d4 12 00 66 66 2e 0f 1f 84 00
[  193.507180] RSP: 0018:ffff88803ebefcc0 EFLAGS: 00010212
[  193.507587] RAX: 0000000000000000 RBX: ffff88800b7723c0 RCX: 1ffffe21fe5de072
[  193.508122] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffed100fffc000
[  193.508656] RBP: ffff88800bfef8c0 R08: 0000000000000005 R09: ffffed10016ee478
[  193.509184] R10: 0000000000000001 R11: 0000000000000001 R12: ffff88800bfef8c0
[  193.509707] R13: ffff88800b7723c0 R14: ffffffff815f2620 R15: 1ffff11007b9bc1f
[  193.510240] FS:  00007f8a39fa7700(0000) GS:ffff88806d100000(0000) knlGS:0000000000000000
[  193.510828] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  193.511274] CR2: ffffed100fffc000 CR3: 000000003e03a000 CR4: 0000000000350ee0
[  193.511799] Call Trace:
[  193.512024]  <TASK>
[  193.512198]  kasan_unpoison+0x23/0x60
[  193.512499]  mempool_exit+0x1c2/0x330
[  193.512806]  bioset_exit+0x2c9/0x630
[  193.513103]  disk_release+0x143/0x490
[  193.513403]  ? disk_release+0x0/0x490
[  193.513695]  ? device_release+0x0/0x250
[  193.514009]  device_release+0xa2/0x250
[  193.514315]  ? device_release+0x0/0x250
[  193.514620]  kobject_put+0x173/0x280
[  193.514912]  put_device+0x1b/0x40
[  193.515187]  put_disk+0x41/0x60
[  193.515453]  loop_control_ioctl+0x4d1/0x630
[  193.515789]  ? loop_control_ioctl+0x0/0x630
[  193.516138]  ? selinux_file_ioctl+0xb1/0x270
[  193.516493]  ? loop_control_ioctl+0x0/0x630
[  193.516825]  __x64_sys_ioctl+0x19a/0x220
[  193.517149]  do_syscall_64+0x3b/0xa0
[  193.517452]  entry_SYSCALL_64_after_hwframe+0x72/0xdc
[  193.517848] RIP: 0033:0x7f8a3ca31b19
[  193.518134] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  193.519437] RSP: 002b:00007f8a39fa7188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  193.520014] RAX: ffffffffffffffda RBX: 00007f8a3cb44f60 RCX: 00007f8a3ca31b19
[  193.520543] RDX: 0000000000000000 RSI: 0000000000004c81 RDI: 0000000000000005
[  193.521066] RBP: 00007f8a3ca8bf6d R08: 0000000000000000 R09: 0000000000000000
[  193.521595] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  193.522122] R13: 00007fffb8fa757f R14: 00007f8a39fa7300 R15: 0000000000022000
[  193.522658]  </TASK>
[  193.522839] Modules linked in:
[  193.523090] CR2: ffffed100fffc000
[  193.523357] ---[ end trace 0000000000000000 ]---
[  193.523706] RIP: 0010:__memset+0x24/0x50
[  193.524031] Code: 90 90 90 90 90 90 0f 1f 44 00 00 49 89 f9 48 89 d1 83 e2 07 48 c1 e9 03 40 0f b6 f6 48 b8 01 01 01 01 01 01 01 01 48 0f af c6 <f3> 48 ab 89 d1 f3 aa 4c 89 c8 e9 0d d4 12 00 66 66 2e 0f 1f 84 00
[  193.525335] RSP: 0018:ffff88803f06fcc0 EFLAGS: 00010212
[  193.525728] RAX: 0000000000000000 RBX: ffff88800bfd10c0 RCX: 1ffffe21fe5ff826
[  193.526252] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffed100fffc000
[  193.526774] RBP: ffff88800bfef8c0 R08: 0000000000000005 R09: ffffed10017fa218
[  193.527294] R10: 0000000000000001 R11: 0000000000000001 R12: ffff88800bfef8c0
[  193.527826] R13: ffff88800bfd10c0 R14: ffffffff815f2620 R15: 1ffff1100112641f
[  193.528353] FS:  00007f8a39fa7700(0000) GS:ffff88806d100000(0000) knlGS:0000000000000000
[  193.528938] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  193.529372] CR2: ffffed100fffc000 CR3: 000000003e03a000 CR4: 0000000000350ee0
[  193.814378] BUG: unable to handle page fault for address: ffffed100fffc000
[  193.815083] #PF: supervisor write access in kernel mode
[  193.815582] #PF: error_code(0x0002) - not-present page
[  193.816078] PGD 7ffd3067 P4D 7ffd3067 PUD 7ffd2067 PMD 7ffd1067 PTE 0
[  193.816705] Oops: 0002 [#10] PREEMPT SMP KASAN NOPTI
[  193.817175] CPU: 0 PID: 6494 Comm: syz-executor.3 Tainted: G      D            6.1.0-rc3-next-20221101 #1
[  193.818053] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  193.818821] RIP: 0010:__memset+0x24/0x50
[  193.819232] Code: 90 90 90 90 90 90 0f 1f 44 00 00 49 89 f9 48 89 d1 83 e2 07 48 c1 e9 03 40 0f b6 f6 48 b8 01 01 01 01 01 01 01 01 48 0f af c6 <f3> 48 ab 89 d1 f3 aa 4c 89 c8 e9 0d d4 12 00 66 66 2e 0f 1f 84 00
[  193.820904] RSP: 0018:ffff88803f337cc0 EFLAGS: 00010212
[  193.821402] RAX: 0000000000000000 RBX: ffff88800b772540 RCX: 1ffffe21fe5de078
[  193.822062] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffed100fffc000
[  193.822727] RBP: ffff88800bfef8c0 R08: 0000000000000005 R09: ffffed10016ee4a8
[  193.823398] R10: 0000000000000001 R11: 0000000000000001 R12: ffff88800bfef8c0
[  193.824081] R13: ffff88800b772540 R14: ffffffff815f2620 R15: 1ffff11007b9b41f
[  193.824750] FS:  00007f99cc874700(0000) GS:ffff88806d000000(0000) knlGS:0000000000000000
[  193.825505] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  193.826047] CR2: ffffed100fffc000 CR3: 000000003ee66000 CR4: 0000000000350ef0
[  193.826715] Call Trace:
[  193.826964]  <TASK>
[  193.827182]  kasan_unpoison+0x23/0x60
[  193.827561]  mempool_exit+0x1c2/0x330
[  193.827953]  bioset_exit+0x2c9/0x630
[  193.828323]  disk_release+0x143/0x490
[  193.828697]  ? disk_release+0x0/0x490
[  193.829070]  ? device_release+0x0/0x250
[  193.829453]  device_release+0xa2/0x250
[  193.829832]  ? device_release+0x0/0x250
[  193.830217]  kobject_put+0x173/0x280
[  193.830584]  put_device+0x1b/0x40
[  193.830928]  put_disk+0x41/0x60
[  193.831259]  loop_control_ioctl+0x4d1/0x630
[  193.831686]  ? loop_control_ioctl+0x0/0x630
[  193.832125]  ? selinux_file_ioctl+0xb1/0x270
[  193.832564]  ? loop_control_ioctl+0x0/0x630
[  193.832983]  __x64_sys_ioctl+0x19a/0x220
[  193.833386]  do_syscall_64+0x3b/0xa0
[  193.833756]  entry_SYSCALL_64_after_hwframe+0x72/0xdc
[  193.834249] RIP: 0033:0x7f99cf2feb19
[  193.834610] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  193.836302] RSP: 002b:00007f99cc874188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  193.837009] RAX: ffffffffffffffda RBX: 00007f99cf411f60 RCX: 00007f99cf2feb19
[  193.837678] RDX: 0000000000000001 RSI: 0000000000004c81 RDI: 0000000000000005
[  193.838343] RBP: 00007f99cf358f6d R08: 0000000000000000 R09: 0000000000000000
[  193.839008] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  193.839671] R13: 00007ffe04fa04df R14: 00007f99cc874300 R15: 0000000000022000
[  193.840345]  </TASK>
[  193.840573] Modules linked in:
[  193.840884] CR2: ffffed100fffc000
[  193.841214] ---[ end trace 0000000000000000 ]---
[  193.841654] RIP: 0010:__memset+0x24/0x50
[  193.842058] Code: 90 90 90 90 90 90 0f 1f 44 00 00 49 89 f9 48 89 d1 83 e2 07 48 c1 e9 03 40 0f b6 f6 48 b8 01 01 01 01 01 01 01 01 48 0f af c6 <f3> 48 ab 89 d1 f3 aa 4c 89 c8 e9 0d d4 12 00 66 66 2e 0f 1f 84 00
[  193.843726] RSP: 0018:ffff88803f06fcc0 EFLAGS: 00010212
[  193.844254] RAX: 0000000000000000 RBX: ffff88800bfd10c0 RCX: 1ffffe21fe5ff826
[  193.844912] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffed100fffc000
[  193.845571] RBP: ffff88800bfef8c0 R08: 0000000000000005 R09: ffffed10017fa218
[  193.846227] R10: 0000000000000001 R11: 0000000000000001 R12: ffff88800bfef8c0
[  193.846889] R13: ffff88800bfd10c0 R14: ffffffff815f2620 R15: 1ffff1100112641f
[  193.847556] FS:  00007f99cc874700(0000) GS:ffff88806d000000(0000) knlGS:0000000000000000
[  193.848316] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  193.848860] CR2: ffffed100fffc000 CR3: 000000003ee66000 CR4: 0000000000350ef0
11:17:26 executing program 4:
r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setlease(r0, 0x400, 0x1)
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="601c6d6b646f736689254300080120000400004000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x200000000010000}], 0x0, &(0x7f0000000040)=ANY=[])
perf_event_open(&(0x7f0000000180)={0x4, 0x80, 0x80, 0x6, 0x2a, 0x9, 0x0, 0x7, 0xc0800, 0x6d4f961da046aa02, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x9bf, 0x2, @perf_config_ext={0x5, 0x6}, 0x164f8, 0x1, 0xbbac, 0x5, 0x2, 0x7, 0x1000, 0x0, 0x0, 0x0, 0x7}, 0x0, 0x4000e, 0xffffffffffffffff, 0x1)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000080))
read(0xffffffffffffffff, 0x0, 0x0)

11:17:26 executing program 2:
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x75, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$sock_FIOGETOWN(r0, 0x8903, 0x0)
syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff)
socket$nl_generic(0x10, 0x3, 0x10)

11:17:26 executing program 0:
r0 = memfd_create(&(0x7f0000000200)=')*]\x00', 0x0)
ioctl$BTRFS_IOC_INO_LOOKUP_USER(r0, 0x40305828, 0x0)

11:17:26 executing program 5:
ioctl$EXT4_IOC_CHECKPOINT(0xffffffffffffffff, 0x4004662b, &(0x7f0000000100))
mlock2(&(0x7f0000ff7000/0x4000)=nil, 0x4000, 0x0)
shmat(0xffffffffffffffff, &(0x7f0000fed000/0x13000)=nil, 0x0)
r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x6}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap$perf(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x10, 0xffffffffffffffff, 0x0)
shmctl$SHM_STAT(0xffffffffffffffff, 0xd, &(0x7f0000000380)=""/9)
read(r0, &(0x7f00000003c0)=""/4096, 0x1000)
shmat(0x0, &(0x7f0000ff6000/0x1000)=nil, 0x0)
ioctl$EXT4_IOC_CHECKPOINT(0xffffffffffffffff, 0x4004662b, &(0x7f0000000040))
shmat(0xffffffffffffffff, &(0x7f0000ff2000/0xe000)=nil, 0x5000)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000240), 0x5}, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x41, 0x0)
r2 = ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82)
shmctl$SHM_STAT(0x0, 0xd, &(0x7f0000000300)=""/69)
mbind(&(0x7f0000ffb000/0x2000)=nil, 0x2000, 0x0, &(0x7f0000000000)=0x35, 0x1000, 0x1)
ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2)

11:17:26 executing program 7:
r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setlease(r0, 0x400, 0x1)
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="601c6d6b646f736689254300080120000400004000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x200000000010000}], 0x0, &(0x7f0000000040)=ANY=[])
perf_event_open(&(0x7f0000000180)={0x4, 0x80, 0x80, 0x6, 0x2a, 0x9, 0x0, 0x7, 0xc0800, 0x6d4f961da046aa02, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x9bf, 0x2, @perf_config_ext={0x5, 0x6}, 0x164f8, 0x1, 0xbbac, 0x5, 0x2, 0x7, 0x1000, 0x0, 0x0, 0x0, 0x7}, 0x0, 0x4000e, 0xffffffffffffffff, 0x1)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000080))
read(0xffffffffffffffff, 0x0, 0x0)

11:17:26 executing program 1:
r0 = socket$unix(0x1, 0x2, 0x0)
r1 = syz_io_uring_setup(0x1a8a, &(0x7f0000000100)={0x0, 0x9a11}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000000180), &(0x7f00000001c0))
r2 = socket$unix(0x1, 0x2, 0x0)
r3 = fcntl$dupfd(r1, 0x0, r0)
io_uring_register$IORING_REGISTER_FILES(r1, 0x2, &(0x7f0000000300)=[r2, r3], 0x2)

11:17:26 executing program 6:
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='oom_adj\x00')
pread64(r0, 0x0, 0x0, 0x0)

11:17:26 executing program 3:
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x10, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x7ebe, &(0x7f0000000000)={0x0, 0xf4a1, 0x8, 0x3}, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0))
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r0, 0x81f8943c, &(0x7f0000000100)={0x0, ""/256, 0x0, <r1=>0x0})
ioctl$BTRFS_IOC_TREE_SEARCH(r0, 0xd0009411, &(0x7f0000000300)={{<r2=>0x0, 0x0, 0x7, 0x2, 0x6e, 0xd1, 0x2, 0x0, 0x0, 0x6, 0xfffffeff, 0x1, 0x6, 0x710, 0x4b8}})
ioctl$BTRFS_IOC_INO_LOOKUP_USER(r0, 0xd000943e, &(0x7f0000001300)={r1, <r3=>r2, "583127ff5d1c94d033303461f98fabf0694d2ad7d7b14d108b78fca1cd60976bbb0e32e52204ac9482ce553b13a5c8275d32269f780409388e4a80451a5e684128963929731a98103372b7d6f910cbe4fc2711fe46cef6f2d37dd25069e00deeef23239fde47110832558adac99a4a8926254829cb097d2aa1797def4998d0eac6c9bab89e7208908c30ba11b2b7b5065335f9b261c38d3941ee8105436e4cce4d428d8d0506d391a0adefed38503022bdba800c9f7992d5b15cfcba54f4bdd5130e410c85d5260e3c9291f51330ebfa88b58c68c8973e5101c25e19edad3357022b449cc992e58b81f23abdbf8d5149aa719320c0420d5e1504b1c1fcd8a9f0", "4ed601f734875848e46d5ebde65124f7e7ca74b152efb8e66127f54c35384bea3c92e10676c72ead5edc34f678acdd2b7923e9bf5de4fdfec3e8ba38edc4bd90e02552ed9f86710496c62779cdf1e302ee2d0dfd447355718f2c347652ed507350eae195f1e1cfb50dd0e21787d06509c4c0c4e11d00c35d4bb216b31497d76e9c261d73bce7223d8e266371a9067abf1fb8f7e49cd0ad757a99c77b7f4fbbef95c908fbab7253035ae378fd2b4cc3217f136f171bc0b6b2dfc7ddbc9be5c8fbaebdf27b89dad2b154823d485263569672bf109ba178a691950eecd81923950e00e511a9e003da2aaeab2eea18b6441bbbc5cc4e992852c3b705c407af272c4358bdcf9ce9154fb6476ae0bfa7f7cf3939f9365a0b5cc0a330b1ebd339c804003c8d55cedf0bd4bc4411d09472c5aef7d9ca71bd3903589ef7452c6af45c13ea92c78fdfac948078c0786d980e19dcbff8e683ae48751b08dccb68ced1ff18e25f0bc1dd3175a7b66b1ed724e09f17284b0137f22069de71826e674ed396034b2cc86d5964ec55ff71f07a3e1146bd77e6a12f550106676858ed8ea59a3f3fa433395107180e87836f8b65ac77a761ba3663c0facf2945a46c3bf067ec4e7062ffc725774a714b907b791267e3c02df1c6b83a1d1c0357c1faed52280f1b1e0e34e4c7a028d232b7434dc4f32c4e1c4870c4734beacf85df6d1df7fd385b44d120c1985eef471740fb0835e7c569a839e3d24fa44e46110a0b3c28b6d3b539dbbf0f2044979deeb6b7619ce55bef546cc8d4cba7cfa169eea9f14428969e0a4ac16baffc3e2b3e165d8496761565f034abd4d5eef4b045427498215d266b612a95f9ddb835a1bdff753b884f20f6f600add3bc13cce95b09dd606a0c5d2b8953bb2c08aeba4e163c4eb765e0fab0c17d6e1688ca3d61ea19e72c296803cfd69e9c398ecfdc730bfe2e7f665b967d422ed14037957a6d7f16afa301b799c81ab2a418f9b1dc9edf53754f53783752583423c4a842780dce9643922d26ffba2eca17e42cf7043e40e6e85e5ffb2f89db3dc62bc96471d548ad510bc84442e83db11178bf1fbe3ed2dfc3e61b2249fb7cc3e48fd8b41ea5f9f608d9c5d0cc8d6456f6d64ed97f20f7668c48847a19294bab9acfabc2bc3d2f84c5a33ab509f1fd5552da7dacabaacb1899d8dc5ddedbb9c5108eba482491eff51b228c459d42a949f17b71be0344678dad5558c854f6a49a23cb54e815f644eeb0610ec21724f6338d02a29b1ea1a59f1aaef4ddd20b22621e2ce942b212ed0e817a22593d0e9b5344fef5345fbedaab9155c43881df8ecf8420e8d744f77be7c9974e385baf60a13a931d680a2224eb3586c8e256b1f165b3dc0a191aba1062c1dd9d270e3b9d85fc901d0c2ece0d4087bed03f6dbc31156b473a2efe6ca798d47603f93b6f2d0e761833e172f858b738b7b740eba4a27315d1728e4804e33f1bb44d0771b95e7c8b090723256a3675701b41a890fa7e2b0f31f46adcd6e2f153de719395373780906270d394eff473d18996660325396e19c526687b308a393590d515b922acd987a8eca9903cd2ebfd510951af457b8d1c4120c005154e72cad50b2b7d8ed163a9440feb8603acfb504c466ab16c90bf0759aa713d888f4e915fd68b7bdd56e4cecd28286df0284b9318f037bf2d42472819eceae5a5014e44b2b2eba3e30a24c861d81d7802f6f12251e66e2e52b00d75f6a7ea52662c014b9f93250de005ac92bc8ac46830f65e1927bd98d8cfb80c9b845b5b6e19e8f56cb126d30e445bcd4ef91616a1096ad5183bd29a777d9eff4eaeadad4ef20f075a3a6e51080656478b0e834f2d2857598e6e2c855ac9ee8240344c8031f4007a079e424062bfc5960f3b28f8a91cbdcb50b2daa11d7174fdac59c6e1a9dd9d467e9acdd94f40d74be6d9e4e5a74e104d1f50b21f1136e69069605d0b4f8932dbc5c221d6df139c72636a1a9fe0fc7bdabb4e4f2454c9396b335406cc28b688719f8a01505bafc1e39a8406551b09a028276ebdb46635a3667289164db95de5446d1f5e8e79687734c39ad8f02e4c33aea39c7b07e1487d2ef01d4aee13bdf1a7523014fe9324853d101792c68bf70547af3f7d6531304223d87cfe3dd7563e78d93b80faa77323fc0a91b9bb1949c4794a30e9a8b39d13dfee36d15b0e1df0336d66732d4ad71ed8936c17b8d073dd448e221cc503f96b0a2396289d093e8a19362c953ac1f74fea125d417a4f3e348838d8ddaffd94d430de4a6a276451b5914154ab15104b7feb16df3b39d90294d6fd36dab87ef1b4ed1d59682de98a8e2b016d5823d96fb271997183837586ffa3f6066ab2d15e3faba357d5f776c3eecfb92de2e55c8b49cacea3289abb1d295afb36f10476941ddaa8c0ed8285a642d6b8fc8376d7120e2a0f5e33a6898c48e39577710dd3f5f59376e35add057cbffd84afc8f895b2ac2772ff08d1f2c0b941f3999bc56a24e48c97ba89cf4e1a4697a686cbf942881411f101a46c2d00a1d190ca733f28e9bb4c15f67b9e611a97082cfc1c8c8bbdc1dc41c754495d050f138553d5a27ffbe593ce3a56691efc7429e422482aa509a6fec6ae5a91cdff9da440f4c56d0a7903ea6f6eb9b0943733a0395eacecf35862222af4600c30ce26cdcd14ef2392ae4bce9ac48c8a2ce90aef106c88e3bed53840fca0a8955541e31d9a2ef3b2edc7f1f2a6e6f1b477760107413846cd7196f54fe7cc507f14338f3e8193ce0057d189f5249484d2785863a8f4c81040454ddf04b38da594d096f362276b1b94acbda3788a6c698230bc670da5b74e5121706759fd91833bd981577b4cd4d31dc2cf1edf7c78cb31877a3258cbf5eaf6752b077e119d10a5d8ef436d05643b312ee5ee869a084f5ec913440ff1ef58eda89f1e7ee6eee7aaeb94c93ba5a703fdd508ebb1f98cb568064fac6244995268c70538f6ab6100e2602443246861877a5be82d7e7ac4eb31e70c7876e0c1ef6ce12d760d7c292ad2f958b07dd122065f8907385059fb506e2921029434404139fab186de3ab17c5dfd0a2d98122d328bdd2adf5cd6243db1d4e05a1a492f68b4aa3cb10450e76140f2acfe39df1fe8446245c7d39952f3b5d0c9c5d0922da9de4bd6bca0d460ce5ed40c2e61dfce808f31fa3afd5d1bbb8f1f5ec1f5cf7f8ff5045f2f3de90df0df092f605d1410691faf601c0ab1d288f9ffc85011a82fba2fa90c99ec83a513874eb1d42d8fbcfa608a9306b03ffe1f954b1bc6fb6a88db12443c10fee5cdafd9ea12f6da8663fc2ce29e33946240cbed26ab924eea6ea099b081305db1015da729bf90a0fcdf5fbc8dab91d0b134314ffca7bbeaab345aca0270fa1e801e31193188dd0940530117569d7a8c04f7c88bed9161dd7aeeaf911d4ae37917ae45ae73393587e80ae3c135e0455518911a9b59723312ba5b58d7948328a60a30b50bb171849b0e0e9d732dad2721730997f577264d37978c0bdc9dc568f1c7fa5e2484f79692e581503b8d96a4576461eafa48defc3fcd67b13f646a3a369d06b110d0027b5b23c3327dbcf551d523dbc268550a37a1965bdedab6a4af03d602529c2d8e06d2a5772f11003301be8108778bdfb259c8f5a0fc3fad6a97ba3ee493f02b3f7ded67861d87d0e7b59a6b4f50df9651209c91d5b41e9c49f83025e57ba56e7e26df22be8b6368cf61acd67d33e4225b185c95e6d5d4e89429a36ec1d90a3e3f15c14ee66588b0f0f79427cf7cfa2c7697cff89940a9b7741b607aeca1b320b7cc07847eec859a08fbdd05cd164bfd209c79203a72aac76dd6f0b618737bc09d979c7342d5b4c0c202a26af6629d1729e7645cfd7b7fa1a4bba34a9ddc904e28a31f5a9eec94e3d515c1ed18688746868bcbd327bb4bed1374df08e1bee70475770f6dfff38e6a43c6115bdbb886f12b1dc58b8c77dcba6efaa2bd841cb414534416c07f9f40207d774956cab72265f25f99ff4e557be8bdd3d61e4f674b980e143897762f2e3ae868f5d6f974b24fed344d6cf77b21e700249ea85b2e5a0ff6af34acfaf5647fb853aa03adde7a6dbf90ce0edded356f02bce452e9048196f789a8188f466068ee4568a28e562425043b7f4a29f8aac5c1efdc62d6a9660d23501e32f5c52248ea097da045d9c85fb205b77625179c06ca66adde63753f0b8dc0985980f60055593e8725e76870227b8742d0ce0dd724bae182c19c0f9426f43228b75e14d11c1b30c09b1228c921af051e0d092f09dfc74f2d6f32c6dcc17b0d74d5b6e8f02b32698d71227c185a3888326ac5d7871292e9d14211e669f775c72bd429ffa58ae18f6dac547994da628adba3cb5b3d05886f3f43b4ee3b19fc85441b4f8ae2118c143838094aaf29944de1a049b69399741f05fc880a45b5cb4957119f74371739d5477a6ac38364469745908ad5ab092fbc2aac564a0b08749135453eeeee6871c13decc975e434efc07e4815cff4cb00a9834d357e8263a3f1a30667b1c8917b5b5a2bb2b63fb82dbfe2f3e713616b401b2e631ceb4847859228760288806c67773d2a1148979b24e9557f2e54de947ffcac48fef1a6b0383dd6283557bec81b4f08523d963c0abdc42bc1f807cc45377baaad3dc64981eeb78a9cf98ec911dba455fb867dc3fd5df52eae4860af5e02231fa5e49e3db5f1d4fb743f7a9849143554c7a4aefd93dfda24284fa8a0494685da0a88e5c7bc7e82e5798f603f121b4a5c57ac3c35c1a5c8586bd79a77f6866c1d19f7f14e25a1a3bae193d820d760857ae1b40efb70d291d5e4887b2ea511db92cc961fd8d6a95d58c530cbf629807812f46378affe670e91839bb9d6ac3c48e08d54150df2482857f5774409dd33f57f7cc2e7ce7098f15e9a818898c8b61904b65a0dc63567626bdce94b921abfea1fdc41975808d754a0056437f882284cc9272e93de8e24cc02e5c68fbdcdd9e79e3a9f2317abebb887ff20e01d7fb7f8b2dffba4a35f5bdcf620871a50b74eb51cf0860626fc86a62db0b3969594788883b870c68951bdf64eaea548b6099d8948070e55c1b93d33a4ca82179e532a97f6f0d739d4f2c60892823d20c4bb7a0721ed33520677c29c8feea9983f076249ba8e1e89fdb1cf199d0f53c8c6aa5f13de4096104b86add30e80b91beab3c131c78cc71d067037fd65fee32e0610357e88e7452afa3b61840024206dd17e98c0bbc6e39f92ac83ab2ae00d7eca63c07480e9d7033fa23f2ac9a1ab0bdd7efc39f10786079d9ab9f002fd0eb99fd29efe946e79dd720dcdadf2f6b29454c1d6e99775264da0cd990d9adef352a069436539939c12c8ce4fa21417b4bb5bbd765d35d4b92287ba9d8fbeeeb1e97198db1224"})
r4 = socket(0x25, 0x0, 0x7f)
sendmsg$WG_CMD_SET_DEVICE(r4, &(0x7f0000002540)={&(0x7f0000002300)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000002500)={&(0x7f0000002340)={0x170, 0x0, 0x0, 0x70bd2d, 0x25dfdbff, {}, [@WGDEVICE_A_FWMARK={0x8, 0x7, 0x5}, @WGDEVICE_A_IFINDEX={0x8}, @WGDEVICE_A_LISTEN_PORT={0x6}, @WGDEVICE_A_IFINDEX={0x8}, @WGDEVICE_A_FLAGS={0x8}, @WGDEVICE_A_PEERS={0xf4, 0x8, 0x0, 0x1, [{0xf0, 0x0, 0x0, 0x1, [@WGPEER_A_ALLOWEDIPS={0xe4, 0x9, 0x0, 0x1, [{0x7c, 0x0, 0x0, 0x1, [@ipv6={{0x6}, {0x14, 0x2, @private1={0xfc, 0x1, '\x00', 0x1}}, {0x5}}, @ipv4={{0x6}, {0x8, 0x2, @broadcast}, {0x5, 0x3, 0x3}}, @ipv4={{0x6}, {0x8, 0x2, @initdev={0xac, 0x1e, 0x0, 0x0}}, {0x5, 0x3, 0x2}}, @ipv6={{0x6}, {0x14, 0x2, @mcast2}, {0x5, 0x3, 0x3}}]}, {0x64, 0x0, 0x0, 0x1, [@ipv4={{0x6}, {0x8, 0x2, @multicast2}, {0x5}}, @ipv6={{0x6}, {0x14, 0x2, @private1={0xfc, 0x1, '\x00', 0x1}}, {0x5, 0x3, 0x3}}, @ipv6={{0x6}, {0x14, 0x2, @rand_addr=' \x01\x00'}, {0x5, 0x3, 0x1}}]}]}, @WGPEER_A_PERSISTENT_KEEPALIVE_INTERVAL={0x6, 0x5, 0x4}]}]}, @WGDEVICE_A_IFNAME={0x14, 0x2, 'wg0\x00'}, @WGDEVICE_A_PRIVATE_KEY={0x24, 0x3, @b}, @WGDEVICE_A_FLAGS={0x8, 0x5, 0x1}]}, 0x170}}, 0x4)
syz_io_uring_setup(0x33e, &(0x7f0000002580)={0x0, 0xc386, 0x20, 0x0, 0x247}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000002600), &(0x7f0000002640))
ioctl$BTRFS_IOC_TREE_SEARCH(0xffffffffffffffff, 0xd0009411, &(0x7f0000002700)={{r3, 0x8000, 0x8, 0x1000, 0x7, 0x70c0, 0x7fff, 0x8001, 0xa8ee, 0x0, 0x4, 0xfffffffffffffff7, 0xa5, 0x2, 0x47}})
syz_genetlink_get_family_id$tipc2(&(0x7f0000003740), 0xffffffffffffffff)

11:17:26 executing program 6:
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='oom_adj\x00')
pread64(r0, 0x0, 0x0, 0x0)

11:17:26 executing program 0:
tgkill(0x0, 0xffffffffffffffff, 0x0)

11:17:26 executing program 1:
r0 = socket$unix(0x1, 0x2, 0x0)
r1 = syz_io_uring_setup(0x1a8a, &(0x7f0000000100)={0x0, 0x9a11}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000000180), &(0x7f00000001c0))
r2 = socket$unix(0x1, 0x2, 0x0)
r3 = fcntl$dupfd(r1, 0x0, r0)
io_uring_register$IORING_REGISTER_FILES(r1, 0x2, &(0x7f0000000300)=[r2, r3], 0x2)

[  195.505638] BUG: unable to handle page fault for address: ffffed100fffc000
[  195.506457] #PF: supervisor write access in kernel mode
[  195.507057] #PF: error_code(0x0002) - not-present page
[  195.507639] PGD 7ffd3067 P4D 7ffd3067 PUD 7ffd2067 PMD 7ffd1067 PTE 0
[  195.508399] Oops: 0002 [#11] PREEMPT SMP KASAN NOPTI
[  195.508973] CPU: 1 PID: 6532 Comm: syz-executor.5 Tainted: G      D            6.1.0-rc3-next-20221101 #1
[  195.510021] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  195.510925] RIP: 0010:__memset+0x24/0x50
[  195.511415] Code: 90 90 90 90 90 90 0f 1f 44 00 00 49 89 f9 48 89 d1 83 e2 07 48 c1 e9 03 40 0f b6 f6 48 b8 01 01 01 01 01 01 01 01 48 0f af c6 <f3> 48 ab 89 d1 f3 aa 4c 89 c8 e9 0d d4 12 00 66 66 2e 0f 1f 84 00
[  195.513409] RSP: 0018:ffff88802f1bfcc0 EFLAGS: 00010212
[  195.514011] RAX: 0000000000000000 RBX: ffff88800b7726c0 RCX: 1ffffe21fe5de07e
[  195.514804] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffed100fffc000
[  195.515610] RBP: ffff88800bfef8c0 R08: 0000000000000005 R09: ffffed10016ee4d8
[  195.516440] R10: 0000000000000001 R11: 0000000000000001 R12: ffff88800bfef8c0
[  195.517256] R13: ffff88800b7726c0 R14: ffffffff815f2620 R15: 1ffff11002b4901f
[  195.518072] FS:  00007f2b06ec8700(0000) GS:ffff88806d100000(0000) knlGS:0000000000000000
[  195.518988] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  195.519654] CR2: ffffed100fffc000 CR3: 0000000030432000 CR4: 0000000000350ee0
[  195.520478] Call Trace:
[  195.520783]  <TASK>
[  195.521054]  kasan_unpoison+0x23/0x60
[  195.521510]  mempool_exit+0x1c2/0x330
[  195.521975]  bioset_exit+0x2c9/0x630
[  195.522423]  ? _raw_spin_unlock+0x24/0x50
[  195.522927]  ? blkg_destroy_all.isra.0+0x157/0x230
[  195.523524]  disk_release+0x143/0x490
[  195.524000]  ? disk_release+0x0/0x490
[  195.524458]  ? device_release+0x0/0x250
[  195.524931]  device_release+0xa2/0x250
[  195.525393]  ? device_release+0x0/0x250
[  195.525862]  kobject_put+0x173/0x280
[  195.526310]  put_device+0x1b/0x40
[  195.526732]  put_disk+0x41/0x60
[  195.527138]  loop_control_ioctl+0x4d1/0x630
[  195.527626]  ? loop_control_ioctl+0x0/0x630
[  195.528113]  ? selinux_file_ioctl+0xb1/0x270
[  195.528618]  ? loop_control_ioctl+0x0/0x630
[  195.529099]  __x64_sys_ioctl+0x19a/0x220
[  195.529557]  do_syscall_64+0x3b/0xa0
[  195.529985]  entry_SYSCALL_64_after_hwframe+0x72/0xdc
[  195.530553] RIP: 0033:0x7f2b09952b19
[  195.530961] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  195.532866] RSP: 002b:00007f2b06ec8188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  195.533673] RAX: ffffffffffffffda RBX: 00007f2b09a65f60 RCX: 00007f2b09952b19
[  195.534430] RDX: 0000000000000002 RSI: 0000000000004c81 RDI: 0000000000000005
[  195.535191] RBP: 00007f2b099acf6d R08: 0000000000000000 R09: 0000000000000000
[  195.535947] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  195.536703] R13: 00007ffee83a991f R14: 00007f2b06ec8300 R15: 0000000000022000
[  195.537466]  </TASK>
[  195.537726] Modules linked in:
[  195.538082] CR2: ffffed100fffc000
[  195.538459] ---[ end trace 0000000000000000 ]---
[  195.538961] RIP: 0010:__memset+0x24/0x50
[  195.539424] Code: 90 90 90 90 90 90 0f 1f 44 00 00 49 89 f9 48 89 d1 83 e2 07 48 c1 e9 03 40 0f b6 f6 48 b8 01 01 01 01 01 01 01 01 48 0f af c6 <f3> 48 ab 89 d1 f3 aa 4c 89 c8 e9 0d d4 12 00 66 66 2e 0f 1f 84 00
[  195.541320] RSP: 0018:ffff88803f06fcc0 EFLAGS: 00010212
[  195.541889] RAX: 0000000000000000 RBX: ffff88800bfd10c0 RCX: 1ffffe21fe5ff826
[  195.542644] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffed100fffc000
[  195.543397] RBP: ffff88800bfef8c0 R08: 0000000000000005 R09: ffffed10017fa218
[  195.544168] R10: 0000000000000001 R11: 0000000000000001 R12: ffff88800bfef8c0
[  195.544949] R13: ffff88800bfd10c0 R14: ffffffff815f2620 R15: 1ffff1100112641f
[  195.545699] FS:  00007f2b06ec8700(0000) GS:ffff88806d100000(0000) knlGS:0000000000000000
[  195.546546] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  195.547159] CR2: ffffed100fffc000 CR3: 0000000030432000 CR4: 0000000000350ee0
11:17:28 executing program 2:
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x75, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$sock_FIOGETOWN(r0, 0x8903, 0x0)
syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff)
socket$nl_generic(0x10, 0x3, 0x10)

11:17:28 executing program 6:
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='oom_adj\x00')
pread64(r0, 0x0, 0x0, 0x0)

11:17:28 executing program 0:
tgkill(0x0, 0xffffffffffffffff, 0x0)

11:17:28 executing program 1:
r0 = socket$unix(0x1, 0x2, 0x0)
r1 = syz_io_uring_setup(0x1a8a, &(0x7f0000000100)={0x0, 0x9a11}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000000180), &(0x7f00000001c0))
r2 = socket$unix(0x1, 0x2, 0x0)
r3 = fcntl$dupfd(r1, 0x0, r0)
io_uring_register$IORING_REGISTER_FILES(r1, 0x2, &(0x7f0000000300)=[r2, r3], 0x2)

11:17:28 executing program 7:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000080)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r1, @ANYRES32, @ANYRES32, @ANYBLOB="084d01"], 0x24}}, 0x0)

11:17:28 executing program 4:
r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setlease(r0, 0x400, 0x1)
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="601c6d6b646f736689254300080120000400004000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x200000000010000}], 0x0, &(0x7f0000000040)=ANY=[])
perf_event_open(&(0x7f0000000180)={0x4, 0x80, 0x80, 0x6, 0x2a, 0x9, 0x0, 0x7, 0xc0800, 0x6d4f961da046aa02, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x9bf, 0x2, @perf_config_ext={0x5, 0x6}, 0x164f8, 0x1, 0xbbac, 0x5, 0x2, 0x7, 0x1000, 0x0, 0x0, 0x0, 0x7}, 0x0, 0x4000e, 0xffffffffffffffff, 0x1)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000080))
read(0xffffffffffffffff, 0x0, 0x0)

11:17:28 executing program 3:
r0 = openat$cdrom(0xffffffffffffff9c, &(0x7f0000000940), 0x82801, 0x0)
ioctl$DVD_READ_STRUCT(r0, 0x401070cd, 0x0)

11:17:28 executing program 5:
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x75, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$sock_FIOGETOWN(r0, 0x8903, 0x0)
syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff)
socket$nl_generic(0x10, 0x3, 0x10)

11:17:28 executing program 2:
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x75, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$sock_FIOGETOWN(r0, 0x8903, 0x0)
syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff)
socket$nl_generic(0x10, 0x3, 0x10)

[  195.653833] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.7'.
[  195.663297] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.7'.
11:17:28 executing program 5:
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x75, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$sock_FIOGETOWN(r0, 0x8903, 0x0)
syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff)
socket$nl_generic(0x10, 0x3, 0x10)

11:17:28 executing program 0:
tgkill(0x0, 0xffffffffffffffff, 0x0)

11:17:28 executing program 6:
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='oom_adj\x00')
pread64(r0, 0x0, 0x0, 0x0)

11:17:28 executing program 3:
r0 = openat$cdrom(0xffffffffffffff9c, &(0x7f0000000940), 0x82801, 0x0)
ioctl$DVD_READ_STRUCT(r0, 0x401070cd, 0x0)

11:17:28 executing program 1:
syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0)
syz_open_dev$usbmon(0x0, 0x0, 0x0)

11:17:28 executing program 6:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
getsockopt(r0, 0x0, 0xc9, 0x0, 0x0)

11:17:28 executing program 5:
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x75, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$sock_FIOGETOWN(r0, 0x8903, 0x0)
syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff)
socket$nl_generic(0x10, 0x3, 0x10)

11:17:28 executing program 7:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000080)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r1, @ANYRES32, @ANYRES32, @ANYBLOB="084d01"], 0x24}}, 0x0)

11:17:28 executing program 2:
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x75, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$sock_FIOGETOWN(r0, 0x8903, 0x0)
syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff)
socket$nl_generic(0x10, 0x3, 0x10)

11:17:28 executing program 0:
tgkill(0x0, 0xffffffffffffffff, 0x0)

11:17:28 executing program 4:
syz_mount_image$vfat(0x0, &(0x7f00000001c0)='./file0\x00', 0x0, 0xfe2c, 0x0, 0x0, 0x0)
syz_mount_image$tmpfs(0x0, &(0x7f0000000040)='./file0/file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
rename(&(0x7f00000000c0)='./file0/file0\x00', &(0x7f0000000180)='./file0\x00')

[  195.890987] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.7'.
11:17:28 executing program 6:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
getsockopt(r0, 0x0, 0xc9, 0x0, 0x0)

11:17:28 executing program 1:
syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0)
syz_open_dev$usbmon(0x0, 0x0, 0x0)

11:17:28 executing program 0:
syz_io_uring_setup(0x0, 0x0, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, 0x0, 0x0)
syz_io_uring_setup(0x1865, &(0x7f0000000240), &(0x7f0000ff5000/0x1000)=nil, &(0x7f0000fef000/0x1000)=nil, 0x0, 0x0)
syz_genetlink_get_family_id$tipc2(&(0x7f00000007c0), 0xffffffffffffffff)

11:17:28 executing program 5:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r0, 0x5452, &(0x7f0000000040)={{0x3}})

11:17:28 executing program 3:
r0 = openat$cdrom(0xffffffffffffff9c, &(0x7f0000000940), 0x82801, 0x0)
ioctl$DVD_READ_STRUCT(r0, 0x401070cd, 0x0)

11:17:28 executing program 4:
syz_mount_image$vfat(0x0, &(0x7f00000001c0)='./file0\x00', 0x0, 0xfe2c, 0x0, 0x0, 0x0)
syz_mount_image$tmpfs(0x0, &(0x7f0000000040)='./file0/file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
rename(&(0x7f00000000c0)='./file0/file0\x00', &(0x7f0000000180)='./file0\x00')

11:17:28 executing program 2:
set_robust_list(0x0, 0x0)

11:17:28 executing program 7:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000080)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r1, @ANYRES32, @ANYRES32, @ANYBLOB="084d01"], 0x24}}, 0x0)

11:17:28 executing program 6:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
getsockopt(r0, 0x0, 0xc9, 0x0, 0x0)

11:17:28 executing program 5:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r0, 0x5452, &(0x7f0000000040)={{0x3}})

11:17:28 executing program 2:
set_robust_list(0x0, 0x0)

[  196.064097] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.7'.
11:17:28 executing program 1:
syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0)
syz_open_dev$usbmon(0x0, 0x0, 0x0)

11:17:28 executing program 6:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
getsockopt(r0, 0x0, 0xc9, 0x0, 0x0)

11:17:29 executing program 7:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000080)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r1, @ANYRES32, @ANYRES32, @ANYBLOB="084d01"], 0x24}}, 0x0)

11:17:29 executing program 2:
set_robust_list(0x0, 0x0)

11:17:29 executing program 3:
r0 = openat$cdrom(0xffffffffffffff9c, &(0x7f0000000940), 0x82801, 0x0)
ioctl$DVD_READ_STRUCT(r0, 0x401070cd, 0x0)

11:17:29 executing program 5:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r0, 0x5452, &(0x7f0000000040)={{0x3}})

[  196.216846] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.7'.
11:17:29 executing program 0:
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x76, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000400)=0x305)
r0 = fork()
r1 = fork()
kcmp$KCMP_EPOLL_TFD(r0, r1, 0x7, 0xffffffffffffffff, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff, 0x8})
syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = socket$inet6(0xa, 0x2, 0x0)
r4 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
dup2(r3, r4)
mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x1000002, 0x10, r3, 0x1d745000)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000080)={'wlan0\x00', <r5=>0x0})
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$NL80211_CMD_FRAME(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000500)=ANY=[@ANYBLOB="00010000", @ANYRES16=r6, @ANYBLOB="010000000000000000003b00000008000300", @ANYRES32=r5, @ANYBLOB="e200330080800000080211000001080211"], 0x100}}, 0x0)

11:17:29 executing program 6:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000100), 0x141d40)
readv(r0, &(0x7f0000001600)=[{&(0x7f0000001480)=""/126, 0x7e}], 0x1)

11:17:29 executing program 4:
syz_mount_image$vfat(0x0, &(0x7f00000001c0)='./file0\x00', 0x0, 0xfe2c, 0x0, 0x0, 0x0)
syz_mount_image$tmpfs(0x0, &(0x7f0000000040)='./file0/file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
rename(&(0x7f00000000c0)='./file0/file0\x00', &(0x7f0000000180)='./file0\x00')

11:17:29 executing program 1:
syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0)
syz_open_dev$usbmon(0x0, 0x0, 0x0)

11:17:29 executing program 2:
set_robust_list(0x0, 0x0)

11:17:29 executing program 7:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000080), 0x0)
ioctl$BTRFS_IOC_QUOTA_RESCAN_STATUS(r0, 0x54a1, 0x0)

11:17:29 executing program 5:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r0, 0x5452, &(0x7f0000000040)={{0x3}})

11:17:29 executing program 3:
r0 = syz_open_procfs(0x0, &(0x7f00000007c0)='net/tcp6\x00')
pread64(r0, &(0x7f00000000c0)=""/98, 0x62, 0x7fff)

11:17:29 executing program 5:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
getsockopt$inet6_tcp_int(r0, 0x6, 0x1b, &(0x7f0000000580), &(0x7f00000005c0)=0x4)

11:17:29 executing program 1:
r0 = getpgrp(0x0)
ioprio_get$pid(0x2, r0)

11:17:29 executing program 6:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000100), 0x141d40)
readv(r0, &(0x7f0000001600)=[{&(0x7f0000001480)=""/126, 0x7e}], 0x1)

11:17:29 executing program 2:
fchownat(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x800)

11:17:29 executing program 3:
sysfs$3(0x3)

11:17:29 executing program 4:
syz_mount_image$vfat(0x0, &(0x7f00000001c0)='./file0\x00', 0x0, 0xfe2c, 0x0, 0x0, 0x0)
syz_mount_image$tmpfs(0x0, &(0x7f0000000040)='./file0/file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
rename(&(0x7f00000000c0)='./file0/file0\x00', &(0x7f0000000180)='./file0\x00')

11:17:29 executing program 7:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000080), 0x0)
ioctl$BTRFS_IOC_QUOTA_RESCAN_STATUS(r0, 0x54a1, 0x0)

11:17:29 executing program 0:
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x76, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000400)=0x305)
r0 = fork()
r1 = fork()
kcmp$KCMP_EPOLL_TFD(r0, r1, 0x7, 0xffffffffffffffff, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff, 0x8})
syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = socket$inet6(0xa, 0x2, 0x0)
r4 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
dup2(r3, r4)
mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x1000002, 0x10, r3, 0x1d745000)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000080)={'wlan0\x00', <r5=>0x0})
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$NL80211_CMD_FRAME(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000500)=ANY=[@ANYBLOB="00010000", @ANYRES16=r6, @ANYBLOB="010000000000000000003b00000008000300", @ANYRES32=r5, @ANYBLOB="e200330080800000080211000001080211"], 0x100}}, 0x0)

11:17:29 executing program 2:
fchownat(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x800)

11:17:29 executing program 5:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
getsockopt$inet6_tcp_int(r0, 0x6, 0x1b, &(0x7f0000000580), &(0x7f00000005c0)=0x4)

11:17:29 executing program 3:
sysfs$3(0x3)

11:17:29 executing program 2:
fchownat(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x800)

11:17:29 executing program 7:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000080), 0x0)
ioctl$BTRFS_IOC_QUOTA_RESCAN_STATUS(r0, 0x54a1, 0x0)

11:17:29 executing program 6:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000100), 0x141d40)
readv(r0, &(0x7f0000001600)=[{&(0x7f0000001480)=""/126, 0x7e}], 0x1)

11:17:29 executing program 1:
r0 = getpgrp(0x0)
ioprio_get$pid(0x2, r0)

11:17:29 executing program 4:
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x76, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000400)=0x305)
r0 = fork()
r1 = fork()
kcmp$KCMP_EPOLL_TFD(r0, r1, 0x7, 0xffffffffffffffff, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff, 0x8})
syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = socket$inet6(0xa, 0x2, 0x0)
r4 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
dup2(r3, r4)
mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x1000002, 0x10, r3, 0x1d745000)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000080)={'wlan0\x00', <r5=>0x0})
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$NL80211_CMD_FRAME(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000500)=ANY=[@ANYBLOB="00010000", @ANYRES16=r6, @ANYBLOB="010000000000000000003b00000008000300", @ANYRES32=r5, @ANYBLOB="e200330080800000080211000001080211"], 0x100}}, 0x0)

11:17:29 executing program 5:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
getsockopt$inet6_tcp_int(r0, 0x6, 0x1b, &(0x7f0000000580), &(0x7f00000005c0)=0x4)

11:17:29 executing program 3:
sysfs$3(0x3)

11:17:29 executing program 2:
fchownat(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x800)

11:17:29 executing program 6:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000100), 0x141d40)
readv(r0, &(0x7f0000001600)=[{&(0x7f0000001480)=""/126, 0x7e}], 0x1)

11:17:29 executing program 1:
r0 = getpgrp(0x0)
ioprio_get$pid(0x2, r0)

11:17:29 executing program 7:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000080), 0x0)
ioctl$BTRFS_IOC_QUOTA_RESCAN_STATUS(r0, 0x54a1, 0x0)

11:17:29 executing program 4:
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x76, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000400)=0x305)
r0 = fork()
r1 = fork()
kcmp$KCMP_EPOLL_TFD(r0, r1, 0x7, 0xffffffffffffffff, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff, 0x8})
syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = socket$inet6(0xa, 0x2, 0x0)
r4 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
dup2(r3, r4)
mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x1000002, 0x10, r3, 0x1d745000)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000080)={'wlan0\x00', <r5=>0x0})
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$NL80211_CMD_FRAME(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000500)=ANY=[@ANYBLOB="00010000", @ANYRES16=r6, @ANYBLOB="010000000000000000003b00000008000300", @ANYRES32=r5, @ANYBLOB="e200330080800000080211000001080211"], 0x100}}, 0x0)

11:17:29 executing program 0:
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x76, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000400)=0x305)
r0 = fork()
r1 = fork()
kcmp$KCMP_EPOLL_TFD(r0, r1, 0x7, 0xffffffffffffffff, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff, 0x8})
syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = socket$inet6(0xa, 0x2, 0x0)
r4 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
dup2(r3, r4)
mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x1000002, 0x10, r3, 0x1d745000)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000080)={'wlan0\x00', <r5=>0x0})
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$NL80211_CMD_FRAME(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000500)=ANY=[@ANYBLOB="00010000", @ANYRES16=r6, @ANYBLOB="010000000000000000003b00000008000300", @ANYRES32=r5, @ANYBLOB="e200330080800000080211000001080211"], 0x100}}, 0x0)

11:17:29 executing program 3:
sysfs$3(0x3)

11:17:29 executing program 5:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
getsockopt$inet6_tcp_int(r0, 0x6, 0x1b, &(0x7f0000000580), &(0x7f00000005c0)=0x4)

11:17:29 executing program 6:
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x76, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000400)=0x305)
r0 = fork()
r1 = fork()
kcmp$KCMP_EPOLL_TFD(r0, r1, 0x7, 0xffffffffffffffff, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff, 0x8})
syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = socket$inet6(0xa, 0x2, 0x0)
r4 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
dup2(r3, r4)
mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x1000002, 0x10, r3, 0x1d745000)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000080)={'wlan0\x00', <r5=>0x0})
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$NL80211_CMD_FRAME(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000500)=ANY=[@ANYBLOB="00010000", @ANYRES16=r6, @ANYBLOB="010000000000000000003b00000008000300", @ANYRES32=r5, @ANYBLOB="e200330080800000080211000001080211"], 0x100}}, 0x0)

11:17:29 executing program 1:
r0 = getpgrp(0x0)
ioprio_get$pid(0x2, r0)

11:17:29 executing program 7:
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x76, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000400)=0x305)
r0 = fork()
r1 = fork()
kcmp$KCMP_EPOLL_TFD(r0, r1, 0x7, 0xffffffffffffffff, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff, 0x8})
syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = socket$inet6(0xa, 0x2, 0x0)
r4 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
dup2(r3, r4)
mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x1000002, 0x10, r3, 0x1d745000)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000080)={'wlan0\x00', <r5=>0x0})
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$NL80211_CMD_FRAME(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000500)=ANY=[@ANYBLOB="00010000", @ANYRES16=r6, @ANYBLOB="010000000000000000003b00000008000300", @ANYRES32=r5, @ANYBLOB="e200330080800000080211000001080211"], 0x100}}, 0x0)

11:17:29 executing program 2:
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x76, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000400)=0x305)
r0 = fork()
r1 = fork()
kcmp$KCMP_EPOLL_TFD(r0, r1, 0x7, 0xffffffffffffffff, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff, 0x8})
syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = socket$inet6(0xa, 0x2, 0x0)
r4 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
dup2(r3, r4)
mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x1000002, 0x10, r3, 0x1d745000)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000080)={'wlan0\x00', <r5=>0x0})
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$NL80211_CMD_FRAME(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000500)=ANY=[@ANYBLOB="00010000", @ANYRES16=r6, @ANYBLOB="010000000000000000003b00000008000300", @ANYRES32=r5, @ANYBLOB="e200330080800000080211000001080211"], 0x100}}, 0x0)

11:17:29 executing program 3:
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x76, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000400)=0x305)
r0 = fork()
r1 = fork()
kcmp$KCMP_EPOLL_TFD(r0, r1, 0x7, 0xffffffffffffffff, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff, 0x8})
syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = socket$inet6(0xa, 0x2, 0x0)
r4 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
dup2(r3, r4)
mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x1000002, 0x10, r3, 0x1d745000)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000080)={'wlan0\x00', <r5=>0x0})
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$NL80211_CMD_FRAME(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000500)=ANY=[@ANYBLOB="00010000", @ANYRES16=r6, @ANYBLOB="010000000000000000003b00000008000300", @ANYRES32=r5, @ANYBLOB="e200330080800000080211000001080211"], 0x100}}, 0x0)

11:17:30 executing program 7:
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x76, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000400)=0x305)
r0 = fork()
r1 = fork()
kcmp$KCMP_EPOLL_TFD(r0, r1, 0x7, 0xffffffffffffffff, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff, 0x8})
syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = socket$inet6(0xa, 0x2, 0x0)
r4 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
dup2(r3, r4)
mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x1000002, 0x10, r3, 0x1d745000)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000080)={'wlan0\x00', <r5=>0x0})
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$NL80211_CMD_FRAME(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000500)=ANY=[@ANYBLOB="00010000", @ANYRES16=r6, @ANYBLOB="010000000000000000003b00000008000300", @ANYRES32=r5, @ANYBLOB="e200330080800000080211000001080211"], 0x100}}, 0x0)

11:17:30 executing program 0:
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x76, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000400)=0x305)
r0 = fork()
r1 = fork()
kcmp$KCMP_EPOLL_TFD(r0, r1, 0x7, 0xffffffffffffffff, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff, 0x8})
syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = socket$inet6(0xa, 0x2, 0x0)
r4 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
dup2(r3, r4)
mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x1000002, 0x10, r3, 0x1d745000)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000080)={'wlan0\x00', <r5=>0x0})
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$NL80211_CMD_FRAME(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000500)=ANY=[@ANYBLOB="00010000", @ANYRES16=r6, @ANYBLOB="010000000000000000003b00000008000300", @ANYRES32=r5, @ANYBLOB="e200330080800000080211000001080211"], 0x100}}, 0x0)

11:17:30 executing program 6:
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x76, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000400)=0x305)
r0 = fork()
r1 = fork()
kcmp$KCMP_EPOLL_TFD(r0, r1, 0x7, 0xffffffffffffffff, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff, 0x8})
syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = socket$inet6(0xa, 0x2, 0x0)
r4 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
dup2(r3, r4)
mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x1000002, 0x10, r3, 0x1d745000)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000080)={'wlan0\x00', <r5=>0x0})
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$NL80211_CMD_FRAME(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000500)=ANY=[@ANYBLOB="00010000", @ANYRES16=r6, @ANYBLOB="010000000000000000003b00000008000300", @ANYRES32=r5, @ANYBLOB="e200330080800000080211000001080211"], 0x100}}, 0x0)

11:17:30 executing program 1:
futex(&(0x7f0000000280), 0x5, 0x0, 0x0, &(0x7f0000000300), 0x0)

11:17:30 executing program 4:
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x76, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000400)=0x305)
r0 = fork()
r1 = fork()
kcmp$KCMP_EPOLL_TFD(r0, r1, 0x7, 0xffffffffffffffff, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff, 0x8})
syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = socket$inet6(0xa, 0x2, 0x0)
r4 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
dup2(r3, r4)
mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x1000002, 0x10, r3, 0x1d745000)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000080)={'wlan0\x00', <r5=>0x0})
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$NL80211_CMD_FRAME(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000500)=ANY=[@ANYBLOB="00010000", @ANYRES16=r6, @ANYBLOB="010000000000000000003b00000008000300", @ANYRES32=r5, @ANYBLOB="e200330080800000080211000001080211"], 0x100}}, 0x0)

11:17:30 executing program 3:
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x76, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000400)=0x305)
r0 = fork()
r1 = fork()
kcmp$KCMP_EPOLL_TFD(r0, r1, 0x7, 0xffffffffffffffff, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff, 0x8})
syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = socket$inet6(0xa, 0x2, 0x0)
r4 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
dup2(r3, r4)
mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x1000002, 0x10, r3, 0x1d745000)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000080)={'wlan0\x00', <r5=>0x0})
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$NL80211_CMD_FRAME(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000500)=ANY=[@ANYBLOB="00010000", @ANYRES16=r6, @ANYBLOB="010000000000000000003b00000008000300", @ANYRES32=r5, @ANYBLOB="e200330080800000080211000001080211"], 0x100}}, 0x0)

11:17:30 executing program 2:
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x76, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000400)=0x305)
r0 = fork()
r1 = fork()
kcmp$KCMP_EPOLL_TFD(r0, r1, 0x7, 0xffffffffffffffff, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff, 0x8})
syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = socket$inet6(0xa, 0x2, 0x0)
r4 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
dup2(r3, r4)
mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x1000002, 0x10, r3, 0x1d745000)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000080)={'wlan0\x00', <r5=>0x0})
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$NL80211_CMD_FRAME(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000500)=ANY=[@ANYBLOB="00010000", @ANYRES16=r6, @ANYBLOB="010000000000000000003b00000008000300", @ANYRES32=r5, @ANYBLOB="e200330080800000080211000001080211"], 0x100}}, 0x0)

11:17:30 executing program 5:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$KDFONTOP_GET(r0, 0x4bfb, &(0x7f0000000000)={0x1, 0x0, 0x0, 0x0, 0x0, 0x0})

11:17:30 executing program 5:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$KDFONTOP_GET(r0, 0x4bfb, &(0x7f0000000000)={0x1, 0x0, 0x0, 0x0, 0x0, 0x0})

11:17:30 executing program 1:
futex(&(0x7f0000000280), 0x5, 0x0, 0x0, &(0x7f0000000300), 0x0)

11:17:30 executing program 5:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$KDFONTOP_GET(r0, 0x4bfb, &(0x7f0000000000)={0x1, 0x0, 0x0, 0x0, 0x0, 0x0})

11:17:30 executing program 1:
futex(&(0x7f0000000280), 0x5, 0x0, 0x0, &(0x7f0000000300), 0x0)

11:17:30 executing program 5:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$KDFONTOP_GET(r0, 0x4bfb, &(0x7f0000000000)={0x1, 0x0, 0x0, 0x0, 0x0, 0x0})

11:17:30 executing program 0:
keyctl$invalidate(0x15, 0x0)
r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = perf_event_open(&(0x7f0000001840)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
keyctl$KEYCTL_MOVE(0x1e, 0x0, 0xfffffffffffffff8, 0xfffffffffffffff9, 0x0)
syz_read_part_table(0x0, 0x2, &(0x7f0000001f00)=[{&(0x7f0000000980)="c9", 0x1}, {0x0, 0x0, 0x10000}])
keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, 0x0, &(0x7f0000000240)='trusted\x00', 0x0)
keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, 0xffffffffffffffff, 0x0)
fstat(r1, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0, <r2=>0x0})
syz_mount_image$nfs4(&(0x7f00000002c0), &(0x7f0000000300)='./file0\x00', 0x0, 0x1, &(0x7f0000000380)=[{&(0x7f0000000340)="17225f736d73e5cc64", 0x9, 0x80000001}], 0x1, &(0x7f0000000440)=ANY=[@ANYBLOB="2c2fb127295c2ca95e952170653d115b252d2c657569643d", @ANYRESDEC=0x0, @ANYBLOB=',obj_user=@&[,euid<', @ANYRESDEC=r2, @ANYBLOB=',subj_role=,dont_appraise,\x00'])
ioctl$FS_IOC_GETFSMAP(r0, 0xc0c0583b, &(0x7f0000000100)=ANY=[@ANYBLOB="0000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000003000000ffffffff8c00000000000000010000000000000000000000010000000100010000000000000000000000000000000000000000000000000000000000ff010000060000004640000000000000000400000000000007000000000000000000008000000000000000000000000000000000000000000000000000000000001c3b8d10bb03159e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000d84d75e861f29fe72f469aad077142bc28315107b0f226afa295b92d627033f0be64d60f483df6e27b6a1b89a5bf13c7e0b85ea047a3dfd972ce93adbffa0fdf04f50125051eb2157b9781ef208f098a96b48eda38acc6c338654080202b"])

11:17:30 executing program 1:
futex(&(0x7f0000000280), 0x5, 0x0, 0x0, &(0x7f0000000300), 0x0)

11:17:30 executing program 7:
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x76, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000400)=0x305)
r0 = fork()
r1 = fork()
kcmp$KCMP_EPOLL_TFD(r0, r1, 0x7, 0xffffffffffffffff, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff, 0x8})
syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = socket$inet6(0xa, 0x2, 0x0)
r4 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
dup2(r3, r4)
mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x1000002, 0x10, r3, 0x1d745000)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000080)={'wlan0\x00', <r5=>0x0})
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$NL80211_CMD_FRAME(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000500)=ANY=[@ANYBLOB="00010000", @ANYRES16=r6, @ANYBLOB="010000000000000000003b00000008000300", @ANYRES32=r5, @ANYBLOB="e200330080800000080211000001080211"], 0x100}}, 0x0)

11:17:30 executing program 3:
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x76, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000400)=0x305)
r0 = fork()
r1 = fork()
kcmp$KCMP_EPOLL_TFD(r0, r1, 0x7, 0xffffffffffffffff, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff, 0x8})
syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = socket$inet6(0xa, 0x2, 0x0)
r4 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
dup2(r3, r4)
mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x1000002, 0x10, r3, 0x1d745000)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000080)={'wlan0\x00', <r5=>0x0})
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$NL80211_CMD_FRAME(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000500)=ANY=[@ANYBLOB="00010000", @ANYRES16=r6, @ANYBLOB="010000000000000000003b00000008000300", @ANYRES32=r5, @ANYBLOB="e200330080800000080211000001080211"], 0x100}}, 0x0)

11:17:30 executing program 6:
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x76, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000400)=0x305)
r0 = fork()
r1 = fork()
kcmp$KCMP_EPOLL_TFD(r0, r1, 0x7, 0xffffffffffffffff, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff, 0x8})
syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = socket$inet6(0xa, 0x2, 0x0)
r4 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
dup2(r3, r4)
mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x1000002, 0x10, r3, 0x1d745000)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000080)={'wlan0\x00', <r5=>0x0})
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$NL80211_CMD_FRAME(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000500)=ANY=[@ANYBLOB="00010000", @ANYRES16=r6, @ANYBLOB="010000000000000000003b00000008000300", @ANYRES32=r5, @ANYBLOB="e200330080800000080211000001080211"], 0x100}}, 0x0)

11:17:30 executing program 2:
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x76, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000400)=0x305)
r0 = fork()
r1 = fork()
kcmp$KCMP_EPOLL_TFD(r0, r1, 0x7, 0xffffffffffffffff, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff, 0x8})
syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = socket$inet6(0xa, 0x2, 0x0)
r4 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
dup2(r3, r4)
mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x1000002, 0x10, r3, 0x1d745000)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000080)={'wlan0\x00', <r5=>0x0})
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$NL80211_CMD_FRAME(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000500)=ANY=[@ANYBLOB="00010000", @ANYRES16=r6, @ANYBLOB="010000000000000000003b00000008000300", @ANYRES32=r5, @ANYBLOB="e200330080800000080211000001080211"], 0x100}}, 0x0)

11:17:30 executing program 4:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000e00), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_PRIVFLAGS_SET(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000f40)={0x18, r1, 0x1, 0x0, 0x0, {}, [@ETHTOOL_A_PRIVFLAGS_FLAGS={0x4}]}, 0x18}}, 0x0)

11:17:30 executing program 1:
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = gettid()
capget(&(0x7f0000000000)={0x20071026, r0}, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x6, 0x3})

11:17:30 executing program 5:
stat(&(0x7f0000001280)='./file0\x00', &(0x7f0000000580)={0x0, 0x0, 0x0, 0x0, <r0=>0x0, <r1=>0x0})
mount$9p_unix(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='./file0\x00', &(0x7f0000000100), 0xa8420, &(0x7f0000000940)={'trans=unix,', {[{@cache_fscache}, {@access_client}, {@access_any}, {@access_uid={'access', 0x3d, 0xee01}}, {@privport}, {@dfltgid={'dfltgid', 0x3d, r1}}], [{@fscontext={'fscontext', 0x3d, 'system_u'}}, {@obj_user={'obj_user', 0x3d, 'environ\x00'}}, {@subj_role={'subj_role', 0x3d, 'environ\x00'}}, {@euid_eq}, {@measure}]}})
fstat(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, <r2=>0x0})
semctl$IPC_SET(0x0, 0x0, 0x1, &(0x7f00000003c0)={{0x2, r2, r1, r0, 0xee00, 0x8e, 0x6}, 0xd590, 0x1, 0x0, 0x0, 0x0, 0x0, 0xfffc})
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000300)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000, 0x0, @perf_bp={&(0x7f0000000480), 0x1}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffefffffffff, 0xffffffffffffffff, 0x1)
r3 = epoll_create(0x4)
r4 = signalfd4(0xffffffffffffffff, &(0x7f0000000200), 0x8, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, r4, &(0x7f0000000240)={0xa0002000})
r5 = ioctl$TIOCGPTPEER(0xffffffffffffffff, 0x5441, 0x0)
dup2(r5, r3)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r6 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
ioctl$FS_IOC_SETFLAGS(r6, 0x40086602, &(0x7f0000000080))
dup(0xffffffffffffffff)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
creat(&(0x7f0000000240)='./file1\x00', 0x119)

[  197.707774] audit: type=1400 audit(1667301450.601:10): avc:  denied  { write } for  pid=6783 comm="syz-executor.0" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1
11:17:30 executing program 4:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000e00), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_PRIVFLAGS_SET(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000f40)={0x18, r1, 0x1, 0x0, 0x0, {}, [@ETHTOOL_A_PRIVFLAGS_FLAGS={0x4}]}, 0x18}}, 0x0)

[  197.761006] capability: warning: `syz-executor.1' uses deprecated v2 capabilities in a way that may be insecure
11:17:30 executing program 1:
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = gettid()
capget(&(0x7f0000000000)={0x20071026, r0}, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x6, 0x3})

11:17:30 executing program 4:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000e00), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_PRIVFLAGS_SET(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000f40)={0x18, r1, 0x1, 0x0, 0x0, {}, [@ETHTOOL_A_PRIVFLAGS_FLAGS={0x4}]}, 0x18}}, 0x0)

11:17:30 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x44142, 0x0)
ioctl$FS_IOC_GETFSMAP(r0, 0xc0c0583b, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, '\x00', [{0x0, 0x0, 0x0, 0x0, 0x7}]})

11:17:30 executing program 3:
semop(0x0, 0x0, 0xffffffb2)

11:17:30 executing program 1:
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = gettid()
capget(&(0x7f0000000000)={0x20071026, r0}, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x6, 0x3})

11:17:30 executing program 4:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000e00), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_PRIVFLAGS_SET(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000f40)={0x18, r1, 0x1, 0x0, 0x0, {}, [@ETHTOOL_A_PRIVFLAGS_FLAGS={0x4}]}, 0x18}}, 0x0)

11:17:31 executing program 3:
semop(0x0, 0x0, 0xffffffb2)

11:17:31 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x44142, 0x0)
ioctl$FS_IOC_GETFSMAP(r0, 0xc0c0583b, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, '\x00', [{0x0, 0x0, 0x0, 0x0, 0x7}]})

11:17:31 executing program 6:
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$TCSETSW2(r0, 0x402c542c, 0x0)

11:17:31 executing program 1:
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = gettid()
capget(&(0x7f0000000000)={0x20071026, r0}, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x6, 0x3})

11:17:31 executing program 7:
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
r1 = getpid()
pidfd_open(r1, 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)

11:17:31 executing program 5:
stat(&(0x7f0000001280)='./file0\x00', &(0x7f0000000580)={0x0, 0x0, 0x0, 0x0, <r0=>0x0, <r1=>0x0})
mount$9p_unix(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='./file0\x00', &(0x7f0000000100), 0xa8420, &(0x7f0000000940)={'trans=unix,', {[{@cache_fscache}, {@access_client}, {@access_any}, {@access_uid={'access', 0x3d, 0xee01}}, {@privport}, {@dfltgid={'dfltgid', 0x3d, r1}}], [{@fscontext={'fscontext', 0x3d, 'system_u'}}, {@obj_user={'obj_user', 0x3d, 'environ\x00'}}, {@subj_role={'subj_role', 0x3d, 'environ\x00'}}, {@euid_eq}, {@measure}]}})
fstat(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, <r2=>0x0})
semctl$IPC_SET(0x0, 0x0, 0x1, &(0x7f00000003c0)={{0x2, r2, r1, r0, 0xee00, 0x8e, 0x6}, 0xd590, 0x1, 0x0, 0x0, 0x0, 0x0, 0xfffc})
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000300)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000, 0x0, @perf_bp={&(0x7f0000000480), 0x1}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffefffffffff, 0xffffffffffffffff, 0x1)
r3 = epoll_create(0x4)
r4 = signalfd4(0xffffffffffffffff, &(0x7f0000000200), 0x8, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, r4, &(0x7f0000000240)={0xa0002000})
r5 = ioctl$TIOCGPTPEER(0xffffffffffffffff, 0x5441, 0x0)
dup2(r5, r3)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r6 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
ioctl$FS_IOC_SETFLAGS(r6, 0x40086602, &(0x7f0000000080))
dup(0xffffffffffffffff)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
creat(&(0x7f0000000240)='./file1\x00', 0x119)

11:17:31 executing program 4:
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x77, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000003c0)=@abs, 0x6e)
sendmmsg$unix(r0, &(0x7f00000006c0)=[{{0x0, 0x0, 0x0}}], 0x3ffffffffffff13, 0x33fe0)
sendmmsg$unix(r0, &(0x7f0000000380)=[{{0x0, 0x0, 0x0}}], 0x1, 0x20000840)

11:17:31 executing program 0:
keyctl$invalidate(0x15, 0x0)
r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = perf_event_open(&(0x7f0000001840)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
keyctl$KEYCTL_MOVE(0x1e, 0x0, 0xfffffffffffffff8, 0xfffffffffffffff9, 0x0)
syz_read_part_table(0x0, 0x2, &(0x7f0000001f00)=[{&(0x7f0000000980)="c9", 0x1}, {0x0, 0x0, 0x10000}])
keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, 0x0, &(0x7f0000000240)='trusted\x00', 0x0)
keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, 0xffffffffffffffff, 0x0)
fstat(r1, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0, <r2=>0x0})
syz_mount_image$nfs4(&(0x7f00000002c0), &(0x7f0000000300)='./file0\x00', 0x0, 0x1, &(0x7f0000000380)=[{&(0x7f0000000340)="17225f736d73e5cc64", 0x9, 0x80000001}], 0x1, &(0x7f0000000440)=ANY=[@ANYBLOB="2c2fb127295c2ca95e952170653d115b252d2c657569643d", @ANYRESDEC=0x0, @ANYBLOB=',obj_user=@&[,euid<', @ANYRESDEC=r2, @ANYBLOB=',subj_role=,dont_appraise,\x00'])
ioctl$FS_IOC_GETFSMAP(r0, 0xc0c0583b, &(0x7f0000000100)=ANY=[@ANYBLOB="0000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000003000000ffffffff8c00000000000000010000000000000000000000010000000100010000000000000000000000000000000000000000000000000000000000ff010000060000004640000000000000000400000000000007000000000000000000008000000000000000000000000000000000000000000000000000000000001c3b8d10bb03159e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000d84d75e861f29fe72f469aad077142bc28315107b0f226afa295b92d627033f0be64d60f483df6e27b6a1b89a5bf13c7e0b85ea047a3dfd972ce93adbffa0fdf04f50125051eb2157b9781ef208f098a96b48eda38acc6c338654080202b"])

11:17:31 executing program 3:
semop(0x0, 0x0, 0xffffffb2)

11:17:31 executing program 7:
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
r1 = getpid()
pidfd_open(r1, 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)

11:17:31 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x44142, 0x0)
ioctl$FS_IOC_GETFSMAP(r0, 0xc0c0583b, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, '\x00', [{0x0, 0x0, 0x0, 0x0, 0x7}]})

[  198.276106] audit: type=1400 audit(1667301451.169:11): avc:  denied  { block_suspend } for  pid=6846 comm="syz-executor.5" capability=36  scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=1
11:17:31 executing program 1:
syz_emit_ethernet(0x36, &(0x7f0000000100)={@local, @link_local, @void, {@ipv4={0x800, @dccp={{0x6, 0x4, 0x0, 0x0, 0x13, 0x0, 0x0, 0x0, 0x21, 0x0, @private, @dev, {[@generic={0x0, 0x2}, @noop]}}, {{0x0, 0x0, 0x4, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, "bd12f0", 0x0, "ac7c99"}}}}}}, 0x0)

11:17:31 executing program 0:
keyctl$invalidate(0x15, 0x0)
r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = perf_event_open(&(0x7f0000001840)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
keyctl$KEYCTL_MOVE(0x1e, 0x0, 0xfffffffffffffff8, 0xfffffffffffffff9, 0x0)
syz_read_part_table(0x0, 0x2, &(0x7f0000001f00)=[{&(0x7f0000000980)="c9", 0x1}, {0x0, 0x0, 0x10000}])
keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, 0x0, &(0x7f0000000240)='trusted\x00', 0x0)
keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, 0xffffffffffffffff, 0x0)
fstat(r1, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0, <r2=>0x0})
syz_mount_image$nfs4(&(0x7f00000002c0), &(0x7f0000000300)='./file0\x00', 0x0, 0x1, &(0x7f0000000380)=[{&(0x7f0000000340)="17225f736d73e5cc64", 0x9, 0x80000001}], 0x1, &(0x7f0000000440)=ANY=[@ANYBLOB="2c2fb127295c2ca95e952170653d115b252d2c657569643d", @ANYRESDEC=0x0, @ANYBLOB=',obj_user=@&[,euid<', @ANYRESDEC=r2, @ANYBLOB=',subj_role=,dont_appraise,\x00'])
ioctl$FS_IOC_GETFSMAP(r0, 0xc0c0583b, &(0x7f0000000100)=ANY=[@ANYBLOB="0000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000003000000ffffffff8c00000000000000010000000000000000000000010000000100010000000000000000000000000000000000000000000000000000000000ff010000060000004640000000000000000400000000000007000000000000000000008000000000000000000000000000000000000000000000000000000000001c3b8d10bb03159e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000d84d75e861f29fe72f469aad077142bc28315107b0f226afa295b92d627033f0be64d60f483df6e27b6a1b89a5bf13c7e0b85ea047a3dfd972ce93adbffa0fdf04f50125051eb2157b9781ef208f098a96b48eda38acc6c338654080202b"])

11:17:31 executing program 4:
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x77, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000003c0)=@abs, 0x6e)
sendmmsg$unix(r0, &(0x7f00000006c0)=[{{0x0, 0x0, 0x0}}], 0x3ffffffffffff13, 0x33fe0)
sendmmsg$unix(r0, &(0x7f0000000380)=[{{0x0, 0x0, 0x0}}], 0x1, 0x20000840)

11:17:31 executing program 6:
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$TCSETSW2(r0, 0x402c542c, 0x0)

11:17:31 executing program 3:
semop(0x0, 0x0, 0xffffffb2)

11:17:31 executing program 1:
syz_emit_ethernet(0x36, &(0x7f0000000100)={@local, @link_local, @void, {@ipv4={0x800, @dccp={{0x6, 0x4, 0x0, 0x0, 0x13, 0x0, 0x0, 0x0, 0x21, 0x0, @private, @dev, {[@generic={0x0, 0x2}, @noop]}}, {{0x0, 0x0, 0x4, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, "bd12f0", 0x0, "ac7c99"}}}}}}, 0x0)

11:17:31 executing program 7:
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
r1 = getpid()
pidfd_open(r1, 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)

11:17:31 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x44142, 0x0)
ioctl$FS_IOC_GETFSMAP(r0, 0xc0c0583b, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, '\x00', [{0x0, 0x0, 0x0, 0x0, 0x7}]})

11:17:31 executing program 0:
keyctl$invalidate(0x15, 0x0)
r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = perf_event_open(&(0x7f0000001840)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
keyctl$KEYCTL_MOVE(0x1e, 0x0, 0xfffffffffffffff8, 0xfffffffffffffff9, 0x0)
syz_read_part_table(0x0, 0x2, &(0x7f0000001f00)=[{&(0x7f0000000980)="c9", 0x1}, {0x0, 0x0, 0x10000}])
keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, 0x0, &(0x7f0000000240)='trusted\x00', 0x0)
keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, 0xffffffffffffffff, 0x0)
fstat(r1, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0, <r2=>0x0})
syz_mount_image$nfs4(&(0x7f00000002c0), &(0x7f0000000300)='./file0\x00', 0x0, 0x1, &(0x7f0000000380)=[{&(0x7f0000000340)="17225f736d73e5cc64", 0x9, 0x80000001}], 0x1, &(0x7f0000000440)=ANY=[@ANYBLOB="2c2fb127295c2ca95e952170653d115b252d2c657569643d", @ANYRESDEC=0x0, @ANYBLOB=',obj_user=@&[,euid<', @ANYRESDEC=r2, @ANYBLOB=',subj_role=,dont_appraise,\x00'])
ioctl$FS_IOC_GETFSMAP(r0, 0xc0c0583b, &(0x7f0000000100)=ANY=[@ANYBLOB="0000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000003000000ffffffff8c00000000000000010000000000000000000000010000000100010000000000000000000000000000000000000000000000000000000000ff010000060000004640000000000000000400000000000007000000000000000000008000000000000000000000000000000000000000000000000000000000001c3b8d10bb03159e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000d84d75e861f29fe72f469aad077142bc28315107b0f226afa295b92d627033f0be64d60f483df6e27b6a1b89a5bf13c7e0b85ea047a3dfd972ce93adbffa0fdf04f50125051eb2157b9781ef208f098a96b48eda38acc6c338654080202b"])

11:17:31 executing program 6:
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$TCSETSW2(r0, 0x402c542c, 0x0)

11:17:31 executing program 4:
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x77, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000003c0)=@abs, 0x6e)
sendmmsg$unix(r0, &(0x7f00000006c0)=[{{0x0, 0x0, 0x0}}], 0x3ffffffffffff13, 0x33fe0)
sendmmsg$unix(r0, &(0x7f0000000380)=[{{0x0, 0x0, 0x0}}], 0x1, 0x20000840)

11:17:31 executing program 5:
stat(&(0x7f0000001280)='./file0\x00', &(0x7f0000000580)={0x0, 0x0, 0x0, 0x0, <r0=>0x0, <r1=>0x0})
mount$9p_unix(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='./file0\x00', &(0x7f0000000100), 0xa8420, &(0x7f0000000940)={'trans=unix,', {[{@cache_fscache}, {@access_client}, {@access_any}, {@access_uid={'access', 0x3d, 0xee01}}, {@privport}, {@dfltgid={'dfltgid', 0x3d, r1}}], [{@fscontext={'fscontext', 0x3d, 'system_u'}}, {@obj_user={'obj_user', 0x3d, 'environ\x00'}}, {@subj_role={'subj_role', 0x3d, 'environ\x00'}}, {@euid_eq}, {@measure}]}})
fstat(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, <r2=>0x0})
semctl$IPC_SET(0x0, 0x0, 0x1, &(0x7f00000003c0)={{0x2, r2, r1, r0, 0xee00, 0x8e, 0x6}, 0xd590, 0x1, 0x0, 0x0, 0x0, 0x0, 0xfffc})
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000300)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000, 0x0, @perf_bp={&(0x7f0000000480), 0x1}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffefffffffff, 0xffffffffffffffff, 0x1)
r3 = epoll_create(0x4)
r4 = signalfd4(0xffffffffffffffff, &(0x7f0000000200), 0x8, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, r4, &(0x7f0000000240)={0xa0002000})
r5 = ioctl$TIOCGPTPEER(0xffffffffffffffff, 0x5441, 0x0)
dup2(r5, r3)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r6 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
ioctl$FS_IOC_SETFLAGS(r6, 0x40086602, &(0x7f0000000080))
dup(0xffffffffffffffff)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
creat(&(0x7f0000000240)='./file1\x00', 0x119)

11:17:31 executing program 1:
syz_emit_ethernet(0x36, &(0x7f0000000100)={@local, @link_local, @void, {@ipv4={0x800, @dccp={{0x6, 0x4, 0x0, 0x0, 0x13, 0x0, 0x0, 0x0, 0x21, 0x0, @private, @dev, {[@generic={0x0, 0x2}, @noop]}}, {{0x0, 0x0, 0x4, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, "bd12f0", 0x0, "ac7c99"}}}}}}, 0x0)

11:17:31 executing program 6:
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$TCSETSW2(r0, 0x402c542c, 0x0)

11:17:31 executing program 3:
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x77, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000003c0)=@abs, 0x6e)
sendmmsg$unix(r0, &(0x7f00000006c0)=[{{0x0, 0x0, 0x0}}], 0x3ffffffffffff13, 0x33fe0)
sendmmsg$unix(r0, &(0x7f0000000380)=[{{0x0, 0x0, 0x0}}], 0x1, 0x20000840)

11:17:31 executing program 7:
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
r1 = getpid()
pidfd_open(r1, 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)

11:17:31 executing program 2:
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x77, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000003c0)=@abs, 0x6e)
sendmmsg$unix(r0, &(0x7f00000006c0)=[{{0x0, 0x0, 0x0}}], 0x3ffffffffffff13, 0x33fe0)
sendmmsg$unix(r0, &(0x7f0000000380)=[{{0x0, 0x0, 0x0}}], 0x1, 0x20000840)

11:17:31 executing program 0:
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x77, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000003c0)=@abs, 0x6e)
sendmmsg$unix(r0, &(0x7f00000006c0)=[{{0x0, 0x0, 0x0}}], 0x3ffffffffffff13, 0x33fe0)
sendmmsg$unix(r0, &(0x7f0000000380)=[{{0x0, 0x0, 0x0}}], 0x1, 0x20000840)

11:17:31 executing program 7:
r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x77, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
fcntl$setownex(r0, 0xf, &(0x7f0000000680))

11:17:31 executing program 4:
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x77, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000003c0)=@abs, 0x6e)
sendmmsg$unix(r0, &(0x7f00000006c0)=[{{0x0, 0x0, 0x0}}], 0x3ffffffffffff13, 0x33fe0)
sendmmsg$unix(r0, &(0x7f0000000380)=[{{0x0, 0x0, 0x0}}], 0x1, 0x20000840)

11:17:31 executing program 1:
syz_emit_ethernet(0x36, &(0x7f0000000100)={@local, @link_local, @void, {@ipv4={0x800, @dccp={{0x6, 0x4, 0x0, 0x0, 0x13, 0x0, 0x0, 0x0, 0x21, 0x0, @private, @dev, {[@generic={0x0, 0x2}, @noop]}}, {{0x0, 0x0, 0x4, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, "bd12f0", 0x0, "ac7c99"}}}}}}, 0x0)

11:17:31 executing program 6:
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$TCSETS(r0, 0x4b72, &(0x7f0000000080)={0x2, 0x0, 0x0, 0x0, 0x0, "eaa995a0deddd9e9224634aca29c0ff721632c"})

11:17:31 executing program 3:
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x77, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000003c0)=@abs, 0x6e)
sendmmsg$unix(r0, &(0x7f00000006c0)=[{{0x0, 0x0, 0x0}}], 0x3ffffffffffff13, 0x33fe0)
sendmmsg$unix(r0, &(0x7f0000000380)=[{{0x0, 0x0, 0x0}}], 0x1, 0x20000840)

11:17:31 executing program 2:
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x77, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000003c0)=@abs, 0x6e)
sendmmsg$unix(r0, &(0x7f00000006c0)=[{{0x0, 0x0, 0x0}}], 0x3ffffffffffff13, 0x33fe0)
sendmmsg$unix(r0, &(0x7f0000000380)=[{{0x0, 0x0, 0x0}}], 0x1, 0x20000840)

11:17:31 executing program 0:
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x77, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000003c0)=@abs, 0x6e)
sendmmsg$unix(r0, &(0x7f00000006c0)=[{{0x0, 0x0, 0x0}}], 0x3ffffffffffff13, 0x33fe0)
sendmmsg$unix(r0, &(0x7f0000000380)=[{{0x0, 0x0, 0x0}}], 0x1, 0x20000840)


VM DIAGNOSIS:
11:17:22  Registers:
info registers vcpu 0
RAX=0000000000000006 RBX=1ffff11002d08f8b RCX=0000000000000000 RDX=0000000000000800
RSI=0000000000000000 RDI=ffffffff8590bbd0 RBP=ffff88800c7d7400 RSP=ffff888016847c58
R8 =0000000000000000 R9 =ffffffff8590bbd7 R10=0000000000000000 R11=0000000000000001
R12=ffff88800e0e59c8 R13=0000000000000000 R14=ffff88800e0e5a5c R15=ffff88800e0e5980
RIP=ffffffff817f03e9 RFL=00000287 [--S--PC] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 00000000 00000000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 00000000 00000000
FS =0000 00007ff4523058c0 00000000 00000000
GS =0000 ffff88806d000000 00000000 00000000
LDT=0000 fffffe0000000000 00000000 00000000
TR =0040 fffffe4c70d23000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe4c70d21000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=0000001b2e13e000 CR3=0000000015afe000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=00000000000000000000000000000000 XMM01=ffffffffffffff00ffffffffff000000
XMM02=00000000000000b10000000000716d2f XMM03=7269762f736563697665642f7379732f
XMM04=2f2f2f2f2f2f2f2f2f2f2f2f2f2f2f2f XMM05=000055913e5b6160000055913e5c8080
XMM06=0000000000000000ffffffff00000004 XMM07=00000000000000000000000000000000
XMM08=2f63697361622f6372732f2e2e000d0a XMM09=00000000000000000000000000000000
XMM10=00000000200020000000000020000000 XMM11=00000000000000000000000000000000
XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000
XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000
info registers vcpu 1
RAX=0000000000000078 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff82451491 RDI=ffffffff879a19e0 RBP=ffffffff879a19a0 RSP=ffff88803f06f508
R8 =0000000000000001 R9 =000000000000000a R10=0000000000000078 R11=0000000000000001
R12=0000000000000078 R13=ffffffff879a19a0 R14=0000000000000010 R15=ffffffff82451480
RIP=ffffffff824514e9 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 00000000 00000000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 00000000 00000000
FS =0000 00007f8a39fa7700 00000000 00000000
GS =0000 ffff88806d100000 00000000 00000000
LDT=0000 fffffe0000000000 00000000 00000000
TR =0040 fffffe3bf0a21000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe3bf0a1f000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=ffffed100fffc000 CR3=000000003d9ea000 CR4=00350ee0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001fa0
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=00000000000000000000000000000000 XMM01=000000c001fc5590000000c001fc5560
XMM02=000000c001f885f0000000c001f885c0 XMM03=000000c001f88650000000c001f88620
XMM04=000000c001f886b0000000c001f88680 XMM05=000000c001f88710000000c001f886e0
XMM06=000000c001f88770000000c001f88740 XMM07=000000c001f887d0000000c001f887a0
XMM08=000000c001f88830000000c001f88800 XMM09=000000c001f88890000000c001f88860
XMM10=000000c001f888f0000000c001f888c0 XMM11=000000c001f88950000000c001f88920
XMM12=000000c001f889b0000000c001f88980 XMM13=000000c001bd5c50000000c001bd5c20
XMM14=000000c001bd5cb0000000c001bd5c80 XMM15=000000c001bd5d10000000c001bd5ce0