Warning: Permanently added '[localhost]:64629' (ECDSA) to the list of known hosts.
2023/03/27 10:55:11 fuzzer started
2023/03/27 10:55:12 dialing manager at localhost:45291
syzkaller login: [ 43.470133] cgroup: Unknown subsys name 'net'
[ 43.583061] cgroup: Unknown subsys name 'rlimit'
2023/03/27 10:55:27 syscalls: 2217
2023/03/27 10:55:27 code coverage: enabled
2023/03/27 10:55:27 comparison tracing: enabled
2023/03/27 10:55:27 extra coverage: enabled
2023/03/27 10:55:27 setuid sandbox: enabled
2023/03/27 10:55:27 namespace sandbox: enabled
2023/03/27 10:55:27 Android sandbox: enabled
2023/03/27 10:55:27 fault injection: enabled
2023/03/27 10:55:27 leak checking: enabled
2023/03/27 10:55:27 net packet injection: enabled
2023/03/27 10:55:27 net device setup: enabled
2023/03/27 10:55:27 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist
2023/03/27 10:55:27 devlink PCI setup: PCI device 0000:00:10.0 is not available
2023/03/27 10:55:27 USB emulation: enabled
2023/03/27 10:55:27 hci packet injection: enabled
2023/03/27 10:55:27 wifi device emulation: enabled
2023/03/27 10:55:27 802.15.4 emulation: enabled
2023/03/27 10:55:27 fetching corpus: 0, signal 0/2000 (executing program)
2023/03/27 10:55:27 fetching corpus: 36, signal 22814/25998 (executing program)
2023/03/27 10:55:27 fetching corpus: 85, signal 39569/43387 (executing program)
2023/03/27 10:55:27 fetching corpus: 135, signal 48242/52733 (executing program)
2023/03/27 10:55:27 fetching corpus: 184, signal 55069/60059 (executing program)
2023/03/27 10:55:28 fetching corpus: 232, signal 59321/64847 (executing program)
2023/03/27 10:55:28 fetching corpus: 282, signal 66545/72065 (executing program)
2023/03/27 10:55:28 fetching corpus: 332, signal 73575/78901 (executing program)
2023/03/27 10:55:28 fetching corpus: 382, signal 78002/83258 (executing program)
2023/03/27 10:55:28 fetching corpus: 431, signal 80853/86187 (executing program)
2023/03/27 10:55:28 fetching corpus: 481, signal 87357/91833 (executing program)
2023/03/27 10:55:29 fetching corpus: 531, signal 90457/94647 (executing program)
2023/03/27 10:55:29 fetching corpus: 581, signal 93820/97519 (executing program)
2023/03/27 10:55:29 fetching corpus: 631, signal 98085/100985 (executing program)
2023/03/27 10:55:29 fetching corpus: 681, signal 102266/104233 (executing program)
2023/03/27 10:55:29 fetching corpus: 731, signal 106150/107023 (executing program)
2023/03/27 10:55:30 fetching corpus: 769, signal 107982/108374 (executing program)
2023/03/27 10:55:30 fetching corpus: 770, signal 108011/108416 (executing program)
2023/03/27 10:55:30 fetching corpus: 770, signal 108011/108443 (executing program)
2023/03/27 10:55:30 fetching corpus: 770, signal 108011/108469 (executing program)
2023/03/27 10:55:30 fetching corpus: 770, signal 108011/108498 (executing program)
2023/03/27 10:55:30 fetching corpus: 770, signal 108011/108524 (executing program)
2023/03/27 10:55:30 fetching corpus: 770, signal 108011/108543 (executing program)
2023/03/27 10:55:30 fetching corpus: 770, signal 108011/108561 (executing program)
2023/03/27 10:55:30 fetching corpus: 770, signal 108011/108586 (executing program)
2023/03/27 10:55:30 fetching corpus: 770, signal 108011/108606 (executing program)
2023/03/27 10:55:30 fetching corpus: 770, signal 108011/108629 (executing program)
2023/03/27 10:55:30 fetching corpus: 770, signal 108011/108644 (executing program)
2023/03/27 10:55:30 fetching corpus: 770, signal 108011/108670 (executing program)
2023/03/27 10:55:30 fetching corpus: 770, signal 108011/108694 (executing program)
2023/03/27 10:55:30 fetching corpus: 770, signal 108011/108714 (executing program)
2023/03/27 10:55:30 fetching corpus: 770, signal 108011/108733 (executing program)
2023/03/27 10:55:30 fetching corpus: 770, signal 108011/108753 (executing program)
2023/03/27 10:55:30 fetching corpus: 770, signal 108011/108777 (executing program)
2023/03/27 10:55:30 fetching corpus: 770, signal 108011/108801 (executing program)
2023/03/27 10:55:30 fetching corpus: 771, signal 108024/108833 (executing program)
2023/03/27 10:55:30 fetching corpus: 771, signal 108024/108853 (executing program)
2023/03/27 10:55:30 fetching corpus: 771, signal 108024/108874 (executing program)
2023/03/27 10:55:30 fetching corpus: 771, signal 108024/108903 (executing program)
2023/03/27 10:55:30 fetching corpus: 771, signal 108024/108921 (executing program)
2023/03/27 10:55:30 fetching corpus: 771, signal 108024/108941 (executing program)
2023/03/27 10:55:30 fetching corpus: 771, signal 108024/108962 (executing program)
2023/03/27 10:55:30 fetching corpus: 771, signal 108024/108982 (executing program)
2023/03/27 10:55:30 fetching corpus: 771, signal 108024/109008 (executing program)
2023/03/27 10:55:30 fetching corpus: 771, signal 108024/109030 (executing program)
2023/03/27 10:55:30 fetching corpus: 771, signal 108024/109056 (executing program)
2023/03/27 10:55:30 fetching corpus: 771, signal 108024/109073 (executing program)
2023/03/27 10:55:30 fetching corpus: 771, signal 108024/109099 (executing program)
2023/03/27 10:55:30 fetching corpus: 771, signal 108084/109177 (executing program)
2023/03/27 10:55:30 fetching corpus: 771, signal 108084/109194 (executing program)
2023/03/27 10:55:30 fetching corpus: 771, signal 108084/109211 (executing program)
2023/03/27 10:55:30 fetching corpus: 771, signal 108108/109229 (executing program)
2023/03/27 10:55:30 fetching corpus: 771, signal 108108/109252 (executing program)
2023/03/27 10:55:30 fetching corpus: 771, signal 108131/109279 (executing program)
2023/03/27 10:55:30 fetching corpus: 771, signal 108131/109288 (executing program)
2023/03/27 10:55:30 fetching corpus: 771, signal 108131/109288 (executing program)
2023/03/27 10:55:32 starting 8 fuzzer processes
10:55:32 executing program 0:
r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x4, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, r0, 0x0)
r1 = fsopen(&(0x7f0000000140)='devtmpfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_RECONFIGURE(r1, 0x6, 0x0, 0x0, 0x0)
fsmount(r1, 0x0, 0x0)
fsconfig$FSCONFIG_SET_STRING(r1, 0x1, &(0x7f0000000180)='/dev/hpet\x00', &(0x7f00000001c0)='{*\x00', 0x0)
r2 = mq_open(&(0x7f00000056c0)='syz1\x00', 0x842, 0x0, 0x0)
mq_timedsend(r2, 0x0, 0x0, 0x0, 0x0)
10:55:32 executing program 1:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000004c0)=@getsa={0x34, 0x12, 0x1, 0x0, 0x0, {@in6=@ipv4={'\x00', '\xff\xff', @broadcast}}, [@mark={0xc}]}, 0x34}}, 0x0)
10:55:32 executing program 2:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x2, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
openat(0xffffffffffffffff, 0x0, 0x10100, 0x100)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
fsetxattr$security_ima(0xffffffffffffffff, 0x0, &(0x7f0000000380)=@sha1={0x1, "485f629ef3f2e2f4f765ae1caa2669c2212b8ab0"}, 0x15, 0x1)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000000240)=ANY=[], 0x220)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x80000001, 0x1000}, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)
[ 63.226523] audit: type=1400 audit(1679914532.585:6): avc: denied { execmem } for pid=269 comm="syz-executor.1" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1
10:55:32 executing program 3:
syz_emit_ethernet(0x6f, &(0x7f0000000040)={@local, @local, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x61, 0x0, 0x0, 0x0, 0x6, 0x0, @private=0xa010101, @local}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}, {"be7b7540e0a521bf3bd8f58f3feb78058d91f6353e3314dfdfa342e6de1dee30d89fe314b0a132a8259c6f8bb7cd5c62750fe4bf6da157b727"}}}}}}, 0x0)
10:55:32 executing program 4:
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet6(0xa, 0x1, 0x0)
recvmmsg(r0, &(0x7f0000004700)=[{{0x0, 0x0, &(0x7f0000001700)=[{0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}], 0x9}}], 0x1, 0x0, 0x0)
10:55:32 executing program 5:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
fallocate(r0, 0x0, 0x0, 0x8531)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r2, &(0x7f0000001180)=ANY=[], 0x220)
sendfile(r2, r1, 0x0, 0xfffffdef)
10:55:32 executing program 7:
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
add_key$keyring(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffd)
10:55:32 executing program 6:
io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x10, 0x0, 0x0)
[ 64.381804] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 64.384351] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 64.385605] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 64.388591] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 64.390159] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[ 64.391917] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 64.440699] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[ 64.443072] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[ 64.446344] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[ 64.447549] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[ 64.448650] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[ 64.450664] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[ 64.451956] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[ 64.453229] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[ 64.454305] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[ 64.456224] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[ 64.458046] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[ 64.459506] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[ 64.460736] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[ 64.462633] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[ 64.464067] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[ 64.465216] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[ 64.469981] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[ 64.471183] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[ 64.525961] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[ 64.528347] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[ 64.531371] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[ 64.532894] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[ 64.535676] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[ 64.536768] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[ 64.538763] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[ 64.543905] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[ 64.544957] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[ 64.547206] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3
[ 64.548965] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[ 64.550033] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[ 64.562615] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[ 64.616517] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[ 64.658073] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[ 64.678630] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[ 64.691481] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3
[ 64.693076] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[ 66.408705] Bluetooth: hci0: command 0x0409 tx timeout
[ 66.471350] Bluetooth: hci1: command 0x0409 tx timeout
[ 66.535540] Bluetooth: hci3: command 0x0409 tx timeout
[ 66.536083] Bluetooth: hci2: command 0x0409 tx timeout
[ 66.599315] Bluetooth: hci7: Opcode 0x c03 failed: -110
[ 66.600383] Bluetooth: hci4: command 0x0409 tx timeout
[ 66.664341] Bluetooth: hci5: command 0x0409 tx timeout
[ 66.727310] Bluetooth: hci6: command 0x0409 tx timeout
[ 68.455861] Bluetooth: hci0: command 0x041b tx timeout
[ 68.519371] Bluetooth: hci1: command 0x041b tx timeout
[ 68.583381] Bluetooth: hci2: command 0x041b tx timeout
[ 68.583407] Bluetooth: hci3: command 0x041b tx timeout
[ 68.647337] Bluetooth: hci4: command 0x041b tx timeout
[ 68.711409] Bluetooth: hci5: command 0x041b tx timeout
[ 68.775596] Bluetooth: hci6: command 0x041b tx timeout
[ 70.503323] Bluetooth: hci0: command 0x040f tx timeout
[ 70.568296] Bluetooth: hci1: command 0x040f tx timeout
[ 70.631292] Bluetooth: hci2: command 0x040f tx timeout
[ 70.632884] Bluetooth: hci3: command 0x040f tx timeout
[ 70.696282] Bluetooth: hci4: command 0x040f tx timeout
[ 70.760297] Bluetooth: hci5: command 0x040f tx timeout
[ 70.824294] Bluetooth: hci6: command 0x040f tx timeout
[ 71.399304] Bluetooth: hci7: Opcode 0x c03 failed: -110
[ 72.552293] Bluetooth: hci0: command 0x0419 tx timeout
[ 72.615378] Bluetooth: hci1: command 0x0419 tx timeout
[ 72.680842] Bluetooth: hci3: command 0x0419 tx timeout
[ 72.680866] Bluetooth: hci2: command 0x0419 tx timeout
[ 72.743339] Bluetooth: hci4: command 0x0419 tx timeout
[ 72.807341] Bluetooth: hci5: command 0x0419 tx timeout
[ 72.871333] Bluetooth: hci6: command 0x0419 tx timeout
[ 73.794158] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1
[ 73.795117] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9
[ 73.796164] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9
[ 73.798384] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4
[ 73.799340] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3
[ 73.799996] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2
[ 75.815445] Bluetooth: hci7: command 0x0409 tx timeout
[ 77.864295] Bluetooth: hci7: command 0x041b tx timeout
[ 79.911296] Bluetooth: hci7: command 0x040f tx timeout
[ 81.959296] Bluetooth: hci7: command 0x0419 tx timeout
[ 104.694481] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 104.695196] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 104.696495] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[ 104.907421] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 104.908129] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 104.910026] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[ 105.536802] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 105.538179] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 105.541157] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[ 105.875117] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 105.876105] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 105.878155] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[ 106.083788] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 106.084795] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 106.144108] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[ 106.168573] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 106.169198] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 106.171161] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[ 106.288975] audit: type=1400 audit(1679914575.650:7): avc: denied { open } for pid=3739 comm="syz-executor.7" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1
[ 106.290338] audit: type=1400 audit(1679914575.651:8): avc: denied { kernel } for pid=3739 comm="syz-executor.7" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1
[ 106.356629] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 106.357196] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 106.360029] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
10:56:15 executing program 7:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000000)=[{0x28, 0x0, 0x0, 0xfffff034}, {0x6}]}, 0x10)
10:56:15 executing program 7:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000000)=[{0x28, 0x0, 0x0, 0xfffff034}, {0x6}]}, 0x10)
[ 106.526998] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 106.528354] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 106.530519] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
10:56:16 executing program 7:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000000)=[{0x28, 0x0, 0x0, 0xfffff034}, {0x6}]}, 0x10)
10:56:16 executing program 7:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000000)=[{0x28, 0x0, 0x0, 0xfffff034}, {0x6}]}, 0x10)
10:56:16 executing program 1:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000004c0)=@getsa={0x34, 0x12, 0x1, 0x0, 0x0, {@in6=@ipv4={'\x00', '\xff\xff', @broadcast}}, [@mark={0xc}]}, 0x34}}, 0x0)
10:56:16 executing program 7:
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
setresuid(0x0, 0x0, 0x0)
mount$9p_virtio(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000180), 0x2000, 0x0)
r0 = inotify_init1(0x0)
r1 = inotify_add_watch(r0, &(0x7f0000000400)='./file0\x00', 0x40000020)
inotify_rm_watch(r0, r1)
dup2(0xffffffffffffffff, 0xffffffffffffffff)
10:56:16 executing program 1:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000004c0)=@getsa={0x34, 0x12, 0x1, 0x0, 0x0, {@in6=@ipv4={'\x00', '\xff\xff', @broadcast}}, [@mark={0xc}]}, 0x34}}, 0x0)
10:56:16 executing program 1:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000004c0)=@getsa={0x34, 0x12, 0x1, 0x0, 0x0, {@in6=@ipv4={'\x00', '\xff\xff', @broadcast}}, [@mark={0xc}]}, 0x34}}, 0x0)
[ 107.275418] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 107.275966] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 107.277610] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[ 107.344973] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 107.345594] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 107.347080] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[ 107.389890] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 107.390499] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 107.391989] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[ 107.436705] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 107.437595] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 107.438926] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[ 107.474379] memfd_create() without MFD_EXEC nor MFD_NOEXEC_SEAL, pid=3821 'syz-executor.2'
[ 107.491669] loop2: detected capacity change from 0 to 40
[ 107.509183] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 107.510832] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 107.513166] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[ 107.561150] hrtimer: interrupt took 26359 ns
[ 107.590610] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 107.591726] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 107.594020] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[ 108.324174] syz-executor.2: attempt to access beyond end of device
[ 108.324174] loop2: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 108.326044] Buffer I/O error on dev loop2, logical block 10, lost async page write
[ 109.203453] loop5: detected capacity change from 0 to 40
[ 109.245313] syz-executor.5: attempt to access beyond end of device
[ 109.245313] loop5: rw=2049, sector=92, nr_sectors = 8 limit=40
[ 112.025401] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 112.025991] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 112.027597] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[ 112.054776] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 112.055380] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 112.056758] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
10:56:21 executing program 6:
io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x10, 0x0, 0x0)
10:56:21 executing program 3:
syz_emit_ethernet(0x6f, &(0x7f0000000040)={@local, @local, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x61, 0x0, 0x0, 0x0, 0x6, 0x0, @private=0xa010101, @local}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}, {"be7b7540e0a521bf3bd8f58f3feb78058d91f6353e3314dfdfa342e6de1dee30d89fe314b0a132a8259c6f8bb7cd5c62750fe4bf6da157b727"}}}}}}, 0x0)
10:56:21 executing program 4:
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet6(0xa, 0x1, 0x0)
recvmmsg(r0, &(0x7f0000004700)=[{{0x0, 0x0, &(0x7f0000001700)=[{0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}], 0x9}}], 0x1, 0x0, 0x0)
10:56:21 executing program 7:
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
setresuid(0x0, 0x0, 0x0)
mount$9p_virtio(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000180), 0x2000, 0x0)
r0 = inotify_init1(0x0)
r1 = inotify_add_watch(r0, &(0x7f0000000400)='./file0\x00', 0x40000020)
inotify_rm_watch(r0, r1)
dup2(0xffffffffffffffff, 0xffffffffffffffff)
10:56:21 executing program 5:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
fallocate(r0, 0x0, 0x0, 0x8531)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r2, &(0x7f0000001180)=ANY=[], 0x220)
sendfile(r2, r1, 0x0, 0xfffffdef)
10:56:21 executing program 1:
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
setresuid(0x0, 0x0, 0x0)
mount$9p_virtio(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000180), 0x2000, 0x0)
r0 = inotify_init1(0x0)
r1 = inotify_add_watch(r0, &(0x7f0000000400)='./file0\x00', 0x40000020)
inotify_rm_watch(r0, r1)
dup2(0xffffffffffffffff, 0xffffffffffffffff)
10:56:21 executing program 2:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x2, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
openat(0xffffffffffffffff, 0x0, 0x10100, 0x100)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
fsetxattr$security_ima(0xffffffffffffffff, 0x0, &(0x7f0000000380)=@sha1={0x1, "485f629ef3f2e2f4f765ae1caa2669c2212b8ab0"}, 0x15, 0x1)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000000240)=ANY=[], 0x220)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x80000001, 0x1000}, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)
[ 112.378162] loop2: detected capacity change from 0 to 40
[ 112.383086] loop5: detected capacity change from 0 to 40
10:56:21 executing program 0:
r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x4, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, r0, 0x0)
r1 = fsopen(&(0x7f0000000140)='devtmpfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_RECONFIGURE(r1, 0x6, 0x0, 0x0, 0x0)
fsmount(r1, 0x0, 0x0)
fsconfig$FSCONFIG_SET_STRING(r1, 0x1, &(0x7f0000000180)='/dev/hpet\x00', &(0x7f00000001c0)='{*\x00', 0x0)
r2 = mq_open(&(0x7f00000056c0)='syz1\x00', 0x842, 0x0, 0x0)
mq_timedsend(r2, 0x0, 0x0, 0x0, 0x0)
[ 112.430965] syz-executor.5: attempt to access beyond end of device
[ 112.430965] loop5: rw=2049, sector=92, nr_sectors = 8 limit=40
[ 112.499524] syz-executor.2: attempt to access beyond end of device
[ 112.499524] loop2: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 112.500492] Buffer I/O error on dev loop2, logical block 10, lost async page write
10:56:21 executing program 6:
io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x10, 0x0, 0x0)
10:56:21 executing program 2:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x2, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
openat(0xffffffffffffffff, 0x0, 0x10100, 0x100)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
fsetxattr$security_ima(0xffffffffffffffff, 0x0, &(0x7f0000000380)=@sha1={0x1, "485f629ef3f2e2f4f765ae1caa2669c2212b8ab0"}, 0x15, 0x1)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000000240)=ANY=[], 0x220)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x80000001, 0x1000}, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)
10:56:21 executing program 7:
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
setresuid(0x0, 0x0, 0x0)
mount$9p_virtio(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000180), 0x2000, 0x0)
r0 = inotify_init1(0x0)
r1 = inotify_add_watch(r0, &(0x7f0000000400)='./file0\x00', 0x40000020)
inotify_rm_watch(r0, r1)
dup2(0xffffffffffffffff, 0xffffffffffffffff)
10:56:21 executing program 3:
syz_emit_ethernet(0x6f, &(0x7f0000000040)={@local, @local, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x61, 0x0, 0x0, 0x0, 0x6, 0x0, @private=0xa010101, @local}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}, {"be7b7540e0a521bf3bd8f58f3feb78058d91f6353e3314dfdfa342e6de1dee30d89fe314b0a132a8259c6f8bb7cd5c62750fe4bf6da157b727"}}}}}}, 0x0)
10:56:21 executing program 4:
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet6(0xa, 0x1, 0x0)
recvmmsg(r0, &(0x7f0000004700)=[{{0x0, 0x0, &(0x7f0000001700)=[{0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}], 0x9}}], 0x1, 0x0, 0x0)
10:56:21 executing program 5:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
fallocate(r0, 0x0, 0x0, 0x8531)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r2, &(0x7f0000001180)=ANY=[], 0x220)
sendfile(r2, r1, 0x0, 0xfffffdef)
10:56:21 executing program 0:
r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x4, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, r0, 0x0)
r1 = fsopen(&(0x7f0000000140)='devtmpfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_RECONFIGURE(r1, 0x6, 0x0, 0x0, 0x0)
fsmount(r1, 0x0, 0x0)
fsconfig$FSCONFIG_SET_STRING(r1, 0x1, &(0x7f0000000180)='/dev/hpet\x00', &(0x7f00000001c0)='{*\x00', 0x0)
r2 = mq_open(&(0x7f00000056c0)='syz1\x00', 0x842, 0x0, 0x0)
mq_timedsend(r2, 0x0, 0x0, 0x0, 0x0)
10:56:21 executing program 1:
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
setresuid(0x0, 0x0, 0x0)
mount$9p_virtio(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000180), 0x2000, 0x0)
r0 = inotify_init1(0x0)
r1 = inotify_add_watch(r0, &(0x7f0000000400)='./file0\x00', 0x40000020)
inotify_rm_watch(r0, r1)
dup2(0xffffffffffffffff, 0xffffffffffffffff)
[ 112.543323] loop5: detected capacity change from 0 to 40
[ 112.584557] syz-executor.5: attempt to access beyond end of device
[ 112.584557] loop5: rw=2049, sector=92, nr_sectors = 8 limit=40
[ 112.605407] loop2: detected capacity change from 0 to 40
10:56:21 executing program 3:
syz_emit_ethernet(0x6f, &(0x7f0000000040)={@local, @local, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x61, 0x0, 0x0, 0x0, 0x6, 0x0, @private=0xa010101, @local}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}, {"be7b7540e0a521bf3bd8f58f3feb78058d91f6353e3314dfdfa342e6de1dee30d89fe314b0a132a8259c6f8bb7cd5c62750fe4bf6da157b727"}}}}}}, 0x0)
10:56:21 executing program 5:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
fallocate(r0, 0x0, 0x0, 0x8531)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r2, &(0x7f0000001180)=ANY=[], 0x220)
sendfile(r2, r1, 0x0, 0xfffffdef)
10:56:22 executing program 4:
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet6(0xa, 0x1, 0x0)
recvmmsg(r0, &(0x7f0000004700)=[{{0x0, 0x0, &(0x7f0000001700)=[{0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}], 0x9}}], 0x1, 0x0, 0x0)
10:56:22 executing program 6:
io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x10, 0x0, 0x0)
10:56:22 executing program 1:
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
setresuid(0x0, 0x0, 0x0)
mount$9p_virtio(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000180), 0x2000, 0x0)
r0 = inotify_init1(0x0)
r1 = inotify_add_watch(r0, &(0x7f0000000400)='./file0\x00', 0x40000020)
inotify_rm_watch(r0, r1)
dup2(0xffffffffffffffff, 0xffffffffffffffff)
[ 112.711115] loop5: detected capacity change from 0 to 40
[ 112.715193] syz-executor.2: attempt to access beyond end of device
[ 112.715193] loop2: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 112.716163] Buffer I/O error on dev loop2, logical block 10, lost async page write
[ 112.747826] syz-executor.5: attempt to access beyond end of device
[ 112.747826] loop5: rw=2049, sector=92, nr_sectors = 8 limit=40
10:56:22 executing program 2:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x2, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
openat(0xffffffffffffffff, 0x0, 0x10100, 0x100)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
fsetxattr$security_ima(0xffffffffffffffff, 0x0, &(0x7f0000000380)=@sha1={0x1, "485f629ef3f2e2f4f765ae1caa2669c2212b8ab0"}, 0x15, 0x1)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000000240)=ANY=[], 0x220)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x80000001, 0x1000}, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)
10:56:22 executing program 6:
r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x4, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, r0, 0x0)
r1 = fsopen(&(0x7f0000000140)='devtmpfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_RECONFIGURE(r1, 0x6, 0x0, 0x0, 0x0)
fsmount(r1, 0x0, 0x0)
fsconfig$FSCONFIG_SET_STRING(r1, 0x1, &(0x7f0000000180)='/dev/hpet\x00', &(0x7f00000001c0)='{*\x00', 0x0)
r2 = mq_open(&(0x7f00000056c0)='syz1\x00', 0x842, 0x0, 0x0)
mq_timedsend(r2, 0x0, 0x0, 0x0, 0x0)
[ 112.880161] loop2: detected capacity change from 0 to 40
[ 113.113952] syz-executor.2: attempt to access beyond end of device
[ 113.113952] loop2: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 113.115044] Buffer I/O error on dev loop2, logical block 10, lost async page write
10:56:22 executing program 0:
r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x4, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, r0, 0x0)
r1 = fsopen(&(0x7f0000000140)='devtmpfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_RECONFIGURE(r1, 0x6, 0x0, 0x0, 0x0)
fsmount(r1, 0x0, 0x0)
fsconfig$FSCONFIG_SET_STRING(r1, 0x1, &(0x7f0000000180)='/dev/hpet\x00', &(0x7f00000001c0)='{*\x00', 0x0)
r2 = mq_open(&(0x7f00000056c0)='syz1\x00', 0x842, 0x0, 0x0)
mq_timedsend(r2, 0x0, 0x0, 0x0, 0x0)
10:56:22 executing program 7:
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
setresuid(0x0, 0x0, 0x0)
mount$9p_virtio(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000180), 0x2000, 0x0)
r0 = inotify_init1(0x0)
r1 = inotify_add_watch(r0, &(0x7f0000000400)='./file0\x00', 0x40000020)
inotify_rm_watch(r0, r1)
dup2(0xffffffffffffffff, 0xffffffffffffffff)
10:56:22 executing program 6:
r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x4, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, r0, 0x0)
r1 = fsopen(&(0x7f0000000140)='devtmpfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_RECONFIGURE(r1, 0x6, 0x0, 0x0, 0x0)
fsmount(r1, 0x0, 0x0)
fsconfig$FSCONFIG_SET_STRING(r1, 0x1, &(0x7f0000000180)='/dev/hpet\x00', &(0x7f00000001c0)='{*\x00', 0x0)
r2 = mq_open(&(0x7f00000056c0)='syz1\x00', 0x842, 0x0, 0x0)
mq_timedsend(r2, 0x0, 0x0, 0x0, 0x0)
10:56:22 executing program 4:
r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x4, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, r0, 0x0)
r1 = fsopen(&(0x7f0000000140)='devtmpfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_RECONFIGURE(r1, 0x6, 0x0, 0x0, 0x0)
fsmount(r1, 0x0, 0x0)
fsconfig$FSCONFIG_SET_STRING(r1, 0x1, &(0x7f0000000180)='/dev/hpet\x00', &(0x7f00000001c0)='{*\x00', 0x0)
r2 = mq_open(&(0x7f00000056c0)='syz1\x00', 0x842, 0x0, 0x0)
mq_timedsend(r2, 0x0, 0x0, 0x0, 0x0)
10:56:22 executing program 5:
r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x4, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, r0, 0x0)
r1 = fsopen(&(0x7f0000000140)='devtmpfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_RECONFIGURE(r1, 0x6, 0x0, 0x0, 0x0)
fsmount(r1, 0x0, 0x0)
fsconfig$FSCONFIG_SET_STRING(r1, 0x1, &(0x7f0000000180)='/dev/hpet\x00', &(0x7f00000001c0)='{*\x00', 0x0)
r2 = mq_open(&(0x7f00000056c0)='syz1\x00', 0x842, 0x0, 0x0)
mq_timedsend(r2, 0x0, 0x0, 0x0, 0x0)
10:56:22 executing program 2:
r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x4, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, r0, 0x0)
r1 = fsopen(&(0x7f0000000140)='devtmpfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_RECONFIGURE(r1, 0x6, 0x0, 0x0, 0x0)
fsmount(r1, 0x0, 0x0)
fsconfig$FSCONFIG_SET_STRING(r1, 0x1, &(0x7f0000000180)='/dev/hpet\x00', &(0x7f00000001c0)='{*\x00', 0x0)
r2 = mq_open(&(0x7f00000056c0)='syz1\x00', 0x842, 0x0, 0x0)
mq_timedsend(r2, 0x0, 0x0, 0x0, 0x0)
10:56:22 executing program 1:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
fallocate(r0, 0x0, 0x0, 0x8531)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r2, &(0x7f0000001180)=ANY=[], 0x220)
sendfile(r2, r1, 0x0, 0xfffffdef)
10:56:22 executing program 6:
r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x4, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, r0, 0x0)
r1 = fsopen(&(0x7f0000000140)='devtmpfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_RECONFIGURE(r1, 0x6, 0x0, 0x0, 0x0)
fsmount(r1, 0x0, 0x0)
fsconfig$FSCONFIG_SET_STRING(r1, 0x1, &(0x7f0000000180)='/dev/hpet\x00', &(0x7f00000001c0)='{*\x00', 0x0)
r2 = mq_open(&(0x7f00000056c0)='syz1\x00', 0x842, 0x0, 0x0)
mq_timedsend(r2, 0x0, 0x0, 0x0, 0x0)
10:56:22 executing program 2:
r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x4, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, r0, 0x0)
r1 = fsopen(&(0x7f0000000140)='devtmpfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_RECONFIGURE(r1, 0x6, 0x0, 0x0, 0x0)
fsmount(r1, 0x0, 0x0)
fsconfig$FSCONFIG_SET_STRING(r1, 0x1, &(0x7f0000000180)='/dev/hpet\x00', &(0x7f00000001c0)='{*\x00', 0x0)
r2 = mq_open(&(0x7f00000056c0)='syz1\x00', 0x842, 0x0, 0x0)
mq_timedsend(r2, 0x0, 0x0, 0x0, 0x0)
[ 113.336786] loop1: detected capacity change from 0 to 40
10:56:22 executing program 3:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
fallocate(r0, 0x0, 0x0, 0x8531)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r2, &(0x7f0000001180)=ANY=[], 0x220)
sendfile(r2, r1, 0x0, 0xfffffdef)
[ 113.400209] syz-executor.1: attempt to access beyond end of device
[ 113.400209] loop1: rw=2049, sector=92, nr_sectors = 8 limit=40
[ 113.405298] loop3: detected capacity change from 0 to 40
10:56:22 executing program 4:
r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x4, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, r0, 0x0)
r1 = fsopen(&(0x7f0000000140)='devtmpfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_RECONFIGURE(r1, 0x6, 0x0, 0x0, 0x0)
fsmount(r1, 0x0, 0x0)
fsconfig$FSCONFIG_SET_STRING(r1, 0x1, &(0x7f0000000180)='/dev/hpet\x00', &(0x7f00000001c0)='{*\x00', 0x0)
r2 = mq_open(&(0x7f00000056c0)='syz1\x00', 0x842, 0x0, 0x0)
mq_timedsend(r2, 0x0, 0x0, 0x0, 0x0)
10:56:22 executing program 2:
r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x4, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, r0, 0x0)
r1 = fsopen(&(0x7f0000000140)='devtmpfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_RECONFIGURE(r1, 0x6, 0x0, 0x0, 0x0)
fsmount(r1, 0x0, 0x0)
fsconfig$FSCONFIG_SET_STRING(r1, 0x1, &(0x7f0000000180)='/dev/hpet\x00', &(0x7f00000001c0)='{*\x00', 0x0)
r2 = mq_open(&(0x7f00000056c0)='syz1\x00', 0x842, 0x0, 0x0)
mq_timedsend(r2, 0x0, 0x0, 0x0, 0x0)
[ 113.445552] syz-executor.3: attempt to access beyond end of device
[ 113.445552] loop3: rw=2049, sector=92, nr_sectors = 8 limit=40
10:56:22 executing program 1:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
fallocate(r0, 0x0, 0x0, 0x8531)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r2, &(0x7f0000001180)=ANY=[], 0x220)
sendfile(r2, r1, 0x0, 0xfffffdef)
[ 113.563873] loop1: detected capacity change from 0 to 40
[ 113.583475] syz-executor.1: attempt to access beyond end of device
[ 113.583475] loop1: rw=2049, sector=92, nr_sectors = 8 limit=40
10:56:23 executing program 3:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
fallocate(r0, 0x0, 0x0, 0x8531)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r2, &(0x7f0000001180)=ANY=[], 0x220)
sendfile(r2, r1, 0x0, 0xfffffdef)
10:56:23 executing program 2:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
fallocate(r0, 0x0, 0x0, 0x8531)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r2, &(0x7f0000001180)=ANY=[], 0x220)
sendfile(r2, r1, 0x0, 0xfffffdef)
[ 113.690436] loop2: detected capacity change from 0 to 40
[ 113.693480] loop7: detected capacity change from 0 to 40
[ 113.703912] loop3: detected capacity change from 0 to 40
10:56:23 executing program 7:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x2, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
openat(0xffffffffffffffff, 0x0, 0x10100, 0x100)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
fsetxattr$security_ima(0xffffffffffffffff, 0x0, &(0x7f0000000380)=@sha1={0x1, "485f629ef3f2e2f4f765ae1caa2669c2212b8ab0"}, 0x15, 0x1)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000000240)=ANY=[], 0x220)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x80000001, 0x1000}, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)
10:56:23 executing program 0:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x2, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
openat(0xffffffffffffffff, 0x0, 0x10100, 0x100)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
fsetxattr$security_ima(0xffffffffffffffff, 0x0, &(0x7f0000000380)=@sha1={0x1, "485f629ef3f2e2f4f765ae1caa2669c2212b8ab0"}, 0x15, 0x1)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000000240)=ANY=[], 0x220)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x80000001, 0x1000}, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)
10:56:23 executing program 1:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
fallocate(r0, 0x0, 0x0, 0x8531)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r2, &(0x7f0000001180)=ANY=[], 0x220)
sendfile(r2, r1, 0x0, 0xfffffdef)
10:56:23 executing program 4:
r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x4, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, r0, 0x0)
r1 = fsopen(&(0x7f0000000140)='devtmpfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_RECONFIGURE(r1, 0x6, 0x0, 0x0, 0x0)
fsmount(r1, 0x0, 0x0)
fsconfig$FSCONFIG_SET_STRING(r1, 0x1, &(0x7f0000000180)='/dev/hpet\x00', &(0x7f00000001c0)='{*\x00', 0x0)
r2 = mq_open(&(0x7f00000056c0)='syz1\x00', 0x842, 0x0, 0x0)
mq_timedsend(r2, 0x0, 0x0, 0x0, 0x0)
10:56:23 executing program 5:
r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x4, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, r0, 0x0)
r1 = fsopen(&(0x7f0000000140)='devtmpfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_RECONFIGURE(r1, 0x6, 0x0, 0x0, 0x0)
fsmount(r1, 0x0, 0x0)
fsconfig$FSCONFIG_SET_STRING(r1, 0x1, &(0x7f0000000180)='/dev/hpet\x00', &(0x7f00000001c0)='{*\x00', 0x0)
r2 = mq_open(&(0x7f00000056c0)='syz1\x00', 0x842, 0x0, 0x0)
mq_timedsend(r2, 0x0, 0x0, 0x0, 0x0)
10:56:23 executing program 6:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
fallocate(r0, 0x0, 0x0, 0x8531)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r2, &(0x7f0000001180)=ANY=[], 0x220)
sendfile(r2, r1, 0x0, 0xfffffdef)
[ 113.720066] loop6: detected capacity change from 0 to 40
[ 113.747874] loop1: detected capacity change from 0 to 40
[ 113.753347] loop0: detected capacity change from 0 to 40
[ 113.759386] syz-executor.6: attempt to access beyond end of device
[ 113.759386] loop6: rw=2049, sector=92, nr_sectors = 8 limit=40
10:56:23 executing program 5:
r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x4, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, r0, 0x0)
r1 = fsopen(&(0x7f0000000140)='devtmpfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_RECONFIGURE(r1, 0x6, 0x0, 0x0, 0x0)
fsmount(r1, 0x0, 0x0)
fsconfig$FSCONFIG_SET_STRING(r1, 0x1, &(0x7f0000000180)='/dev/hpet\x00', &(0x7f00000001c0)='{*\x00', 0x0)
r2 = mq_open(&(0x7f00000056c0)='syz1\x00', 0x842, 0x0, 0x0)
mq_timedsend(r2, 0x0, 0x0, 0x0, 0x0)
[ 113.773545] syz-executor.3: attempt to access beyond end of device
[ 113.773545] loop3: rw=2049, sector=92, nr_sectors = 8 limit=40
10:56:23 executing program 4:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x2, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
openat(0xffffffffffffffff, 0x0, 0x10100, 0x100)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
fsetxattr$security_ima(0xffffffffffffffff, 0x0, &(0x7f0000000380)=@sha1={0x1, "485f629ef3f2e2f4f765ae1caa2669c2212b8ab0"}, 0x15, 0x1)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000000240)=ANY=[], 0x220)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x80000001, 0x1000}, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)
[ 113.801764] syz-executor.2: attempt to access beyond end of device
10:56:23 executing program 6:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
fallocate(r0, 0x0, 0x0, 0x8531)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r2, &(0x7f0000001180)=ANY=[], 0x220)
sendfile(r2, r1, 0x0, 0xfffffdef)
[ 113.801764] loop2: rw=2049, sector=92, nr_sectors = 8 limit=40
[ 113.840800] syz-executor.1: attempt to access beyond end of device
[ 113.840800] loop1: rw=2049, sector=92, nr_sectors = 8 limit=40
[ 113.867062] loop6: detected capacity change from 0 to 40
10:56:23 executing program 3:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
fallocate(r0, 0x0, 0x0, 0x8531)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r2, &(0x7f0000001180)=ANY=[], 0x220)
sendfile(r2, r1, 0x0, 0xfffffdef)
[ 113.880453] syz-executor.7: attempt to access beyond end of device
[ 113.880453] loop7: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 113.881364] Buffer I/O error on dev loop7, logical block 10, lost async page write
[ 113.907160] syz-executor.6: attempt to access beyond end of device
[ 113.907160] loop6: rw=2049, sector=92, nr_sectors = 8 limit=40
10:56:23 executing program 5:
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
setresuid(0x0, 0x0, 0x0)
mount$9p_virtio(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000180), 0x2000, 0x0)
r0 = inotify_init1(0x0)
r1 = inotify_add_watch(r0, &(0x7f0000000400)='./file0\x00', 0x40000020)
inotify_rm_watch(r0, r1)
dup2(0xffffffffffffffff, 0xffffffffffffffff)
[ 113.924380] loop4: detected capacity change from 0 to 40
10:56:23 executing program 2:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
fallocate(r0, 0x0, 0x0, 0x8531)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r2, &(0x7f0000001180)=ANY=[], 0x220)
sendfile(r2, r1, 0x0, 0xfffffdef)
[ 113.957537] loop2: detected capacity change from 0 to 40
10:56:23 executing program 6:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
fallocate(r0, 0x0, 0x0, 0x8531)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r2, &(0x7f0000001180)=ANY=[], 0x220)
sendfile(r2, r1, 0x0, 0xfffffdef)
[ 113.970538] loop3: detected capacity change from 0 to 40
10:56:23 executing program 7:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x2, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
openat(0xffffffffffffffff, 0x0, 0x10100, 0x100)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
fsetxattr$security_ima(0xffffffffffffffff, 0x0, &(0x7f0000000380)=@sha1={0x1, "485f629ef3f2e2f4f765ae1caa2669c2212b8ab0"}, 0x15, 0x1)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000000240)=ANY=[], 0x220)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x80000001, 0x1000}, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)
[ 114.025882] loop6: detected capacity change from 0 to 40
[ 114.026598] loop7: detected capacity change from 0 to 40
10:56:23 executing program 1:
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
setresuid(0x0, 0x0, 0x0)
mount$9p_virtio(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000180), 0x2000, 0x0)
r0 = inotify_init1(0x0)
r1 = inotify_add_watch(r0, &(0x7f0000000400)='./file0\x00', 0x40000020)
inotify_rm_watch(r0, r1)
dup2(0xffffffffffffffff, 0xffffffffffffffff)
[ 114.040944] syz-executor.2: attempt to access beyond end of device
[ 114.040944] loop2: rw=2049, sector=92, nr_sectors = 8 limit=40
[ 114.104757] Buffer I/O error on dev loop7, logical block 10, lost async page write
[ 114.161577] Buffer I/O error on dev loop0, logical block 10, lost async page write
[ 114.458141] Buffer I/O error on dev loop4, logical block 10, lost async page write
10:56:23 executing program 5:
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
setresuid(0x0, 0x0, 0x0)
mount$9p_virtio(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000180), 0x2000, 0x0)
r0 = inotify_init1(0x0)
r1 = inotify_add_watch(r0, &(0x7f0000000400)='./file0\x00', 0x40000020)
inotify_rm_watch(r0, r1)
dup2(0xffffffffffffffff, 0xffffffffffffffff)
10:56:23 executing program 2:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
fallocate(r0, 0x0, 0x0, 0x8531)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r2, &(0x7f0000001180)=ANY=[], 0x220)
sendfile(r2, r1, 0x0, 0xfffffdef)
10:56:23 executing program 1:
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
setresuid(0x0, 0x0, 0x0)
mount$9p_virtio(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000180), 0x2000, 0x0)
r0 = inotify_init1(0x0)
r1 = inotify_add_watch(r0, &(0x7f0000000400)='./file0\x00', 0x40000020)
inotify_rm_watch(r0, r1)
dup2(0xffffffffffffffff, 0xffffffffffffffff)
10:56:23 executing program 6:
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
msgget$private(0x0, 0x0)
sendmmsg$inet6(r0, &(0x7f0000002580)=[{{&(0x7f00000013c0)={0xa, 0x0, 0x0, @remote}, 0x1c, &(0x7f0000000140)=[{&(0x7f00000000c0)="d7061e52", 0x4}], 0x1}}, {{&(0x7f0000000040)={0xa, 0x0, 0x0, @private1}, 0x1c, 0x0, 0x0, &(0x7f0000000180)=ANY=[], 0x38}}], 0x2, 0x0)
10:56:23 executing program 7:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x2, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
openat(0xffffffffffffffff, 0x0, 0x10100, 0x100)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
fsetxattr$security_ima(0xffffffffffffffff, 0x0, &(0x7f0000000380)=@sha1={0x1, "485f629ef3f2e2f4f765ae1caa2669c2212b8ab0"}, 0x15, 0x1)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000000240)=ANY=[], 0x220)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x80000001, 0x1000}, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)
10:56:23 executing program 3:
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mlockall(0x6)
10:56:23 executing program 0:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x2, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
openat(0xffffffffffffffff, 0x0, 0x10100, 0x100)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
fsetxattr$security_ima(0xffffffffffffffff, 0x0, &(0x7f0000000380)=@sha1={0x1, "485f629ef3f2e2f4f765ae1caa2669c2212b8ab0"}, 0x15, 0x1)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000000240)=ANY=[], 0x220)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x80000001, 0x1000}, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)
10:56:23 executing program 4:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x2, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
openat(0xffffffffffffffff, 0x0, 0x10100, 0x100)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
fsetxattr$security_ima(0xffffffffffffffff, 0x0, &(0x7f0000000380)=@sha1={0x1, "485f629ef3f2e2f4f765ae1caa2669c2212b8ab0"}, 0x15, 0x1)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000000240)=ANY=[], 0x220)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x80000001, 0x1000}, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)
[ 114.508936] loop2: detected capacity change from 0 to 40
[ 114.511418] loop7: detected capacity change from 0 to 40
[ 114.543574] loop0: detected capacity change from 0 to 40
[ 114.573961] loop4: detected capacity change from 0 to 40
10:56:23 executing program 3:
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mlockall(0x6)
[ 114.587199] Buffer I/O error on dev loop7, logical block 10, lost async page write
10:56:23 executing program 6:
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
msgget$private(0x0, 0x0)
sendmmsg$inet6(r0, &(0x7f0000002580)=[{{&(0x7f00000013c0)={0xa, 0x0, 0x0, @remote}, 0x1c, &(0x7f0000000140)=[{&(0x7f00000000c0)="d7061e52", 0x4}], 0x1}}, {{&(0x7f0000000040)={0xa, 0x0, 0x0, @private1}, 0x1c, 0x0, 0x0, &(0x7f0000000180)=ANY=[], 0x38}}], 0x2, 0x0)
10:56:24 executing program 3:
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mlockall(0x6)
10:56:24 executing program 6:
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
msgget$private(0x0, 0x0)
sendmmsg$inet6(r0, &(0x7f0000002580)=[{{&(0x7f00000013c0)={0xa, 0x0, 0x0, @remote}, 0x1c, &(0x7f0000000140)=[{&(0x7f00000000c0)="d7061e52", 0x4}], 0x1}}, {{&(0x7f0000000040)={0xa, 0x0, 0x0, @private1}, 0x1c, 0x0, 0x0, &(0x7f0000000180)=ANY=[], 0x38}}], 0x2, 0x0)
10:56:24 executing program 3:
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mlockall(0x6)
10:56:24 executing program 1:
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
setresuid(0x0, 0x0, 0x0)
mount$9p_virtio(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000180), 0x2000, 0x0)
r0 = inotify_init1(0x0)
r1 = inotify_add_watch(r0, &(0x7f0000000400)='./file0\x00', 0x40000020)
inotify_rm_watch(r0, r1)
dup2(0xffffffffffffffff, 0xffffffffffffffff)
[ 114.884674] Buffer I/O error on dev loop0, logical block 10, lost async page write
[ 115.401347] Buffer I/O error on dev loop4, logical block 10, lost async page write
10:56:24 executing program 6:
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
msgget$private(0x0, 0x0)
sendmmsg$inet6(r0, &(0x7f0000002580)=[{{&(0x7f00000013c0)={0xa, 0x0, 0x0, @remote}, 0x1c, &(0x7f0000000140)=[{&(0x7f00000000c0)="d7061e52", 0x4}], 0x1}}, {{&(0x7f0000000040)={0xa, 0x0, 0x0, @private1}, 0x1c, 0x0, 0x0, &(0x7f0000000180)=ANY=[], 0x38}}], 0x2, 0x0)
10:56:24 executing program 5:
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
setresuid(0x0, 0x0, 0x0)
mount$9p_virtio(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000180), 0x2000, 0x0)
r0 = inotify_init1(0x0)
r1 = inotify_add_watch(r0, &(0x7f0000000400)='./file0\x00', 0x40000020)
inotify_rm_watch(r0, r1)
dup2(0xffffffffffffffff, 0xffffffffffffffff)
10:56:24 executing program 7:
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
msgget$private(0x0, 0x0)
sendmmsg$inet6(r0, &(0x7f0000002580)=[{{&(0x7f00000013c0)={0xa, 0x0, 0x0, @remote}, 0x1c, &(0x7f0000000140)=[{&(0x7f00000000c0)="d7061e52", 0x4}], 0x1}}, {{&(0x7f0000000040)={0xa, 0x0, 0x0, @private1}, 0x1c, 0x0, 0x0, &(0x7f0000000180)=ANY=[], 0x38}}], 0x2, 0x0)
[ 115.467712] general protection fault, probably for non-canonical address 0xdffffc00040012f0: 0000 [#1] PREEMPT SMP KASAN NOPTI
[ 115.469078] KASAN: probably user-memory-access in range [0x0000000020009780-0x0000000020009787]
[ 115.470118] CPU: 1 PID: 4114 Comm: syz-executor.1 Not tainted 6.3.0-rc3-next-20230327 #1
[ 115.474610] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 115.475583] RIP: 0010:do_iter_write+0x477/0x700
[ 115.476167] Code: 00 0f 85 fd 01 00 00 4d 8b 7c 24 28 e8 d2 05 c6 ff 48 8b 44 24 18 80 38 00 0f 85 68 01 00 00 48 8b 43 18 48 89 c2 48 c1 ea 03 <42> 80 3c 32 00 0f 85 3b 01 00 00 48 8b 4c 24 20 48 8b 30 80 39 00
[ 115.478298] RSP: 0018:ffff88803df5fc70 EFLAGS: 00010216
[ 115.478944] RAX: 0000000020009780 RBX: ffff88803df5fd60 RCX: ffffc90000807000
[ 115.479784] RDX: 00000000040012f0 RSI: ffffffff8185830e RDI: 0000000000000007
[ 115.480633] RBP: 0000000000000001 R08: 0000000000000007 R09: 0000000000000000
[ 115.481494] R10: 0000000000000001 R11: 0000000000000001 R12: ffff888016d17900
[ 115.482342] R13: 0000000000000000 R14: dffffc0000000000 R15: ffffffff84a66820
[ 115.483197] FS: 00007f71754f2700(0000) GS:ffff88806cf00000(0000) knlGS:0000000000000000
[ 115.484148] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 115.484840] CR2: 0000000020009780 CR3: 0000000016c70000 CR4: 0000000000350ee0
[ 115.485687] Call Trace:
[ 115.486008]
[ 115.486295] ? import_iovec+0x87/0xb0
[ 115.486774] vfs_writev+0x1ae/0x660
[ 115.487239] ? __pfx_vfs_writev+0x10/0x10
[ 115.487748] ? __fget_files+0x24e/0x480
[ 115.488236] ? lock_release+0x1e3/0x680
[ 115.488432] loop4: detected capacity change from 0 to 40
[ 115.488743] ? __fget_files+0x270/0x480
[ 115.489649] __x64_sys_pwritev+0x233/0x310
[ 115.490184] ? __pfx___x64_sys_pwritev+0x10/0x10
[ 115.490781] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0
[ 115.491436] do_syscall_64+0x3f/0x90
[ 115.491899] entry_SYSCALL_64_after_hwframe+0x72/0xdc
[ 115.492527] RIP: 0033:0x7f7177f7cb19
[ 115.492978] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 115.495117] RSP: 002b:00007f71754f2188 EFLAGS: 00000246 ORIG_RAX: 0000000000000128
[ 115.496017] RAX: ffffffffffffffda RBX: 00007f717808ff60 RCX: 00007f7177f7cb19
[ 115.496853] RDX: 0000000000000001 RSI: 00000000200000c0 RDI: 0000000000000003
[ 115.497708] RBP: 00007f7177fd6f6d R08: 0000000000000000 R09: 0000000000000000
[ 115.498543] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 115.499379] R13: 00007ffc04b1f80f R14: 00007f71754f2300 R15: 0000000000022000
[ 115.500233]
[ 115.500518] Modules linked in:
[ 115.501110] ---[ end trace 0000000000000000 ]---
[ 115.501710] RIP: 0010:do_iter_write+0x477/0x700
[ 115.502319] Code: 00 0f 85 fd 01 00 00 4d 8b 7c 24 28 e8 d2 05 c6 ff 48 8b 44 24 18 80 38 00 0f 85 68 01 00 00 48 8b 43 18 48 89 c2 48 c1 ea 03 <42> 80 3c 32 00 0f 85 3b 01 00 00 48 8b 4c 24 20 48 8b 30 80 39 00
[ 115.504470] RSP: 0018:ffff88803df5fc70 EFLAGS: 00010216
[ 115.505105] RAX: 0000000020009780 RBX: ffff88803df5fd60 RCX: ffffc90000807000
[ 115.505993] RDX: 00000000040012f0 RSI: ffffffff8185830e RDI: 0000000000000007
[ 115.506854] RBP: 0000000000000001 R08: 0000000000000007 R09: 0000000000000000
[ 115.507727] R10: 0000000000000001 R11: 0000000000000001 R12: ffff888016d17900
[ 115.508598] R13: 0000000000000000 R14: dffffc0000000000 R15: ffffffff84a66820
[ 115.509504] FS: 00007f71754f2700(0000) GS:ffff88806cf00000(0000) knlGS:0000000000000000
[ 115.510495] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 115.511195] CR2: 0000000020009780 CR3: 0000000016c70000 CR4: 0000000000350ee0
10:56:24 executing program 3:
r0 = openat$sr(0xffffffffffffff9c, &(0x7f00000001c0), 0x105802, 0x0)
ioctl$CDROMVOLCTRL(r0, 0x5321, 0x0)
10:56:24 executing program 4:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x2, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
openat(0xffffffffffffffff, 0x0, 0x10100, 0x100)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
fsetxattr$security_ima(0xffffffffffffffff, 0x0, &(0x7f0000000380)=@sha1={0x1, "485f629ef3f2e2f4f765ae1caa2669c2212b8ab0"}, 0x15, 0x1)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000000240)=ANY=[], 0x220)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x80000001, 0x1000}, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)
10:56:24 executing program 0:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x2, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
openat(0xffffffffffffffff, 0x0, 0x10100, 0x100)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
fsetxattr$security_ima(0xffffffffffffffff, 0x0, &(0x7f0000000380)=@sha1={0x1, "485f629ef3f2e2f4f765ae1caa2669c2212b8ab0"}, 0x15, 0x1)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000000240)=ANY=[], 0x220)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x80000001, 0x1000}, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)
10:56:24 executing program 1:
r0 = syz_open_dev$vcsa(&(0x7f0000001440), 0x1ff, 0x48a81)
poll(&(0x7f0000000140)=[{r0}], 0x1, 0x0)
pwritev(r0, &(0x7f00000000c0)=[{&(0x7f0000009780)="da", 0x1}], 0x1, 0x0, 0x0)
10:56:24 executing program 2:
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000080)={'wlan1\x00', &(0x7f0000000000)=@ethtool_stats})
10:56:24 executing program 2:
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000080)={'wlan1\x00', &(0x7f0000000000)=@ethtool_stats})
[ 115.527610] loop0: detected capacity change from 0 to 40
10:56:24 executing program 2:
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000080)={'wlan1\x00', &(0x7f0000000000)=@ethtool_stats})
10:56:24 executing program 7:
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
msgget$private(0x0, 0x0)
sendmmsg$inet6(r0, &(0x7f0000002580)=[{{&(0x7f00000013c0)={0xa, 0x0, 0x0, @remote}, 0x1c, &(0x7f0000000140)=[{&(0x7f00000000c0)="d7061e52", 0x4}], 0x1}}, {{&(0x7f0000000040)={0xa, 0x0, 0x0, @private1}, 0x1c, 0x0, 0x0, &(0x7f0000000180)=ANY=[], 0x38}}], 0x2, 0x0)
10:56:24 executing program 3:
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = dup(r0)
bind$bt_hci(r1, &(0x7f0000000080)={0x1f, 0xffffffffffffffff, 0x3}, 0x6)
write$bt_hci(r1, &(0x7f0000000100)=ANY=[@ANYBLOB="15"], 0x6)
[ 115.575908] Buffer I/O error on dev loop4, logical block 10, lost async page write
10:56:24 executing program 6:
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
open_tree(0xffffffffffffff9c, 0x0, 0x0)
10:56:24 executing program 5:
r0 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
sendmsg$802154_raw(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f00000003c0)="3b8e9f", 0x3}}, 0x0)
[ 115.633544] Buffer I/O error on dev loop0, logical block 10, lost async page write
[ 115.634935] Bluetooth: MGMT ver 1.22
10:56:25 executing program 6:
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
chdir(0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
r0 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x1c5042, 0x0)
write(r1, &(0x7f0000000200)='E', 0x140000)
socket$inet_udp(0x2, 0x2, 0x0)
r2 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendfile(r0, 0xffffffffffffffff, 0x0, 0xfffffdef)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0)
sendfile(r4, r3, 0x0, 0x7fffffff)
sendfile(r2, r3, &(0x7f0000000000)=0x81, 0xfff)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'syz_tun\x00', 0x0})
bind$packet(0xffffffffffffffff, &(0x7f0000000000)={0x11, 0x0, r5, 0x1, 0x0, 0x6, @remote}, 0x14)
sendmsg$ETHTOOL_MSG_COALESCE_GET(0xffffffffffffffff, 0x0, 0x4000000)
ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x8946, 0x0)
10:56:25 executing program 7:
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
msgget$private(0x0, 0x0)
sendmmsg$inet6(r0, &(0x7f0000002580)=[{{&(0x7f00000013c0)={0xa, 0x0, 0x0, @remote}, 0x1c, &(0x7f0000000140)=[{&(0x7f00000000c0)="d7061e52", 0x4}], 0x1}}, {{&(0x7f0000000040)={0xa, 0x0, 0x0, @private1}, 0x1c, 0x0, 0x0, &(0x7f0000000180)=ANY=[], 0x38}}], 0x2, 0x0)
[ 115.660491] ieee802154 phy0 wpan0: encryption failed: -22
10:56:25 executing program 2:
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000080)={'wlan1\x00', &(0x7f0000000000)=@ethtool_stats})
10:56:25 executing program 3:
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = dup(r0)
bind$bt_hci(r1, &(0x7f0000000080)={0x1f, 0xffffffffffffffff, 0x3}, 0x6)
write$bt_hci(r1, &(0x7f0000000100)=ANY=[@ANYBLOB="15"], 0x6)
[ 116.297123] general protection fault, probably for non-canonical address 0xdffffc00040012f0: 0000 [#2] PREEMPT SMP KASAN NOPTI
[ 116.298116] KASAN: probably user-memory-access in range [0x0000000020009780-0x0000000020009787]
[ 116.298808] CPU: 1 PID: 4148 Comm: syz-executor.1 Tainted: G D 6.3.0-rc3-next-20230327 #1
[ 116.299562] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 116.300212] RIP: 0010:do_iter_write+0x477/0x700
[ 116.300601] Code: 00 0f 85 fd 01 00 00 4d 8b 7c 24 28 e8 d2 05 c6 ff 48 8b 44 24 18 80 38 00 0f 85 68 01 00 00 48 8b 43 18 48 89 c2 48 c1 ea 03 <42> 80 3c 32 00 0f 85 3b 01 00 00 48 8b 4c 24 20 48 8b 30 80 39 00
[ 116.302045] RSP: 0018:ffff88803fc27c70 EFLAGS: 00010216
[ 116.302482] RAX: 0000000020009780 RBX: ffff88803fc27d60 RCX: ffffc90000c09000
[ 116.303048] RDX: 00000000040012f0 RSI: ffffffff8185830e RDI: 0000000000000007
[ 116.303614] RBP: 0000000000000001 R08: 0000000000000007 R09: 0000000000000000
[ 116.304176] R10: 0000000000000001 R11: 0000000000000001 R12: ffff88800ebb2500
[ 116.304727] R13: 0000000000000000 R14: dffffc0000000000 R15: ffffffff84a66820
[ 116.305293] FS: 00007f71754b0700(0000) GS:ffff88806cf00000(0000) knlGS:0000000000000000
[ 116.305933] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 116.306405] CR2: 00007f71754b0718 CR3: 0000000016c70000 CR4: 0000000000350ee0
[ 116.306969] Call Trace:
[ 116.307180]
[ 116.307375] ? import_iovec+0x87/0xb0
[ 116.307699] vfs_writev+0x1ae/0x660
[ 116.308008] ? __pfx_vfs_writev+0x10/0x10
[ 116.308356] ? lock_release+0x4d8/0x680
[ 116.308705] ? __fget_files+0x270/0x480
[ 116.309040] __x64_sys_pwritev+0x233/0x310
[ 116.309391] ? __pfx___x64_sys_pwritev+0x10/0x10
[ 116.309808] do_syscall_64+0x3f/0x90
[ 116.310115] entry_SYSCALL_64_after_hwframe+0x72/0xdc
[ 116.310532] RIP: 0033:0x7f7177f7cb19
[ 116.310830] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 116.312256] RSP: 002b:00007f71754b0188 EFLAGS: 00000246 ORIG_RAX: 0000000000000128
[ 116.312854] RAX: ffffffffffffffda RBX: 00007f71780900e0 RCX: 00007f7177f7cb19
[ 116.313428] RDX: 0000000000000001 RSI: 00000000200000c0 RDI: 0000000000000003
[ 116.314037] RBP: 00007f7177fd6f6d R08: 0000000000000000 R09: 0000000000000000
[ 116.314602] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 116.315164] R13: 00007ffc04b1f80f R14: 00007f71754b0300 R15: 0000000000022000
[ 116.315774]
[ 116.315965] Modules linked in:
[ 116.316286] ---[ end trace 0000000000000000 ]---
[ 116.316659] RIP: 0010:do_iter_write+0x477/0x700
[ 116.317047] Code: 00 0f 85 fd 01 00 00 4d 8b 7c 24 28 e8 d2 05 c6 ff 48 8b 44 24 18 80 38 00 0f 85 68 01 00 00 48 8b 43 18 48 89 c2 48 c1 ea 03 <42> 80 3c 32 00 0f 85 3b 01 00 00 48 8b 4c 24 20 48 8b 30 80 39 00
[ 116.318489] RSP: 0018:ffff88803df5fc70 EFLAGS: 00010216
[ 116.318920] RAX: 0000000020009780 RBX: ffff88803df5fd60 RCX: ffffc90000807000
[ 116.319498] RDX: 00000000040012f0 RSI: ffffffff8185830e RDI: 0000000000000007
[ 116.320071] RBP: 0000000000000001 R08: 0000000000000007 R09: 0000000000000000
[ 116.320654] R10: 0000000000000001 R11: 0000000000000001 R12: ffff888016d17900
[ 116.321226] R13: 0000000000000000 R14: dffffc0000000000 R15: ffffffff84a66820
[ 116.321820] FS: 00007f71754b0700(0000) GS:ffff88806cf00000(0000) knlGS:0000000000000000
[ 116.322477] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 116.322950] CR2: 00007f71754b0718 CR3: 0000000016c70000 CR4: 0000000000350ee0
10:56:26 executing program 1:
r0 = syz_open_dev$vcsa(&(0x7f0000001440), 0x1ff, 0x48a81)
poll(&(0x7f0000000140)=[{r0}], 0x1, 0x0)
pwritev(r0, &(0x7f00000000c0)=[{&(0x7f0000009780)="da", 0x1}], 0x1, 0x0, 0x0)
10:56:26 executing program 0:
syz_mount_image$vfat(0x0, &(0x7f0000000280)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = open(&(0x7f0000000140)='./file0\x00', 0x0, 0x0)
rmdir(&(0x7f0000000000)='./file0\x00')
openat(r0, &(0x7f0000000040)='./file0/file0\x00', 0x0, 0x0)
10:56:26 executing program 4:
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0xffff)
r0 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
syncfs(r0)
ioctl$TIOCL_GETSHIFTSTATE(r0, 0x541c, &(0x7f0000000180))
sendmsg$GTP_CMD_DELPDP(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000240)={0x0}}, 0x0)
mlock2(&(0x7f0000ff7000/0x4000)=nil, 0x4000, 0x0)
sendmsg$DEVLINK_CMD_TRAP_GROUP_GET(r0, &(0x7f00000001c0)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000140)={&(0x7f0000000340)={0x100, 0x0, 0x8, 0x70bd29, 0x25dfdbff, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0xd}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0xd}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0xd}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0xd}}, {@pci={{0x8}, {0x11}}, {0xd}}]}, 0x100}, 0x1, 0x0, 0x0, 0x8000001}, 0x800)
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x200000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x80000001}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x3)
mincore(&(0x7f0000ffb000/0x1000)=nil, 0x1000, &(0x7f0000000540)=""/138)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x2000000000000000}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r2 = ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2)
ioctl$AUTOFS_DEV_IOCTL_FAIL(0xffffffffffffffff, 0xc0189377, &(0x7f0000000000)={{0x1, 0x1, 0x18, r1, {0x0, 0x5}}, './file0\x00'})
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
setsockopt$inet6_IPV6_RTHDR(r3, 0x29, 0xb, 0x0, 0x0)
mmap(&(0x7f0000ff8000/0x1000)=nil, 0x1000, 0x200000c, 0x10, r3, 0x27000000)
10:56:26 executing program 6:
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
chdir(0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
r0 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x1c5042, 0x0)
write(r1, &(0x7f0000000200)='E', 0x140000)
socket$inet_udp(0x2, 0x2, 0x0)
r2 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendfile(r0, 0xffffffffffffffff, 0x0, 0xfffffdef)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0)
sendfile(r4, r3, 0x0, 0x7fffffff)
sendfile(r2, r3, &(0x7f0000000000)=0x81, 0xfff)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'syz_tun\x00', 0x0})
bind$packet(0xffffffffffffffff, &(0x7f0000000000)={0x11, 0x0, r5, 0x1, 0x0, 0x6, @remote}, 0x14)
sendmsg$ETHTOOL_MSG_COALESCE_GET(0xffffffffffffffff, 0x0, 0x4000000)
ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x8946, 0x0)
10:56:26 executing program 3:
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = dup(r0)
bind$bt_hci(r1, &(0x7f0000000080)={0x1f, 0xffffffffffffffff, 0x3}, 0x6)
write$bt_hci(r1, &(0x7f0000000100)=ANY=[@ANYBLOB="15"], 0x6)
10:56:26 executing program 7:
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = dup(r0)
bind$bt_hci(r1, &(0x7f0000000080)={0x1f, 0xffffffffffffffff, 0x3}, 0x6)
write$bt_hci(r1, &(0x7f0000000100)=ANY=[@ANYBLOB="15"], 0x6)
10:56:26 executing program 5:
r0 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
sendmsg$802154_raw(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f00000003c0)="3b8e9f", 0x3}}, 0x0)
10:56:26 executing program 2:
r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000028c0), 0x481, 0x0)
write$binfmt_elf64(r0, 0x0, 0x0)
[ 117.199874] ieee802154 phy0 wpan0: encryption failed: -22
[ 117.207823] general protection fault, probably for non-canonical address 0xdffffc00040012f0: 0000 [#3] PREEMPT SMP KASAN NOPTI
[ 117.209303] KASAN: probably user-memory-access in range [0x0000000020009780-0x0000000020009787]
[ 117.210443] CPU: 0 PID: 4163 Comm: syz-executor.1 Tainted: G D 6.3.0-rc3-next-20230327 #1
[ 117.211676] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 117.212749] RIP: 0010:do_iter_write+0x477/0x700
[ 117.213385] Code: 00 0f 85 fd 01 00 00 4d 8b 7c 24 28 e8 d2 05 c6 ff 48 8b 44 24 18 80 38 00 0f 85 68 01 00 00 48 8b 43 18 48 89 c2 48 c1 ea 03 <42> 80 3c 32 00 0f 85 3b 01 00 00 48 8b 4c 24 20 48 8b 30 80 39 00
[ 117.215727] RSP: 0018:ffff88803ff27c70 EFLAGS: 00010216
[ 117.216434] RAX: 0000000020009780 RBX: ffff88803ff27d60 RCX: ffffc90000807000
[ 117.217340] RDX: 00000000040012f0 RSI: ffffffff8185830e RDI: 0000000000000007
[ 117.218283] RBP: 0000000000000001 R08: 0000000000000007 R09: 0000000000000000
[ 117.219179] R10: 0000000000000001 R11: 0000000000000001 R12: ffff888009a1b400
[ 117.220072] R13: 0000000000000000 R14: dffffc0000000000 R15: ffffffff84a66820
[ 117.220989] FS: 00007f71754f2700(0000) GS:ffff88806ce00000(0000) knlGS:0000000000000000
[ 117.222044] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 117.222807] CR2: 0000000020009780 CR3: 000000003c6b8000 CR4: 0000000000350ef0
[ 117.223749] Call Trace:
[ 117.224102]
[ 117.224415] ? import_iovec+0x87/0xb0
[ 117.224940] vfs_writev+0x1ae/0x660
[ 117.225464] ? __pfx_vfs_writev+0x10/0x10
[ 117.226024] ? lock_release+0x4d8/0x680
[ 117.226581] ? kmem_cache_free+0xff/0x4a0
[ 117.227148] ? do_futex+0x13a/0x380
[ 117.227660] ? __fget_files+0x270/0x480
[ 117.228204] __x64_sys_pwritev+0x233/0x310
[ 117.228783] ? __pfx___x64_sys_pwritev+0x10/0x10
[ 117.229431] ? switch_fpu_return+0x157/0x2e0
[ 117.230038] do_syscall_64+0x3f/0x90
[ 117.230544] entry_SYSCALL_64_after_hwframe+0x72/0xdc
[ 117.231227] RIP: 0033:0x7f7177f7cb19
[ 117.231718] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 117.234114] RSP: 002b:00007f71754f2188 EFLAGS: 00000246 ORIG_RAX: 0000000000000128
[ 117.235038] RAX: ffffffffffffffda RBX: 00007f717808ff60 RCX: 00007f7177f7cb19
[ 117.235909] RDX: 0000000000000001 RSI: 00000000200000c0 RDI: 0000000000000003
[ 117.236773] RBP: 00007f7177fd6f6d R08: 0000000000000000 R09: 0000000000000000
[ 117.237649] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 117.238508] R13: 00007ffc04b1f80f R14: 00007f71754f2300 R15: 0000000000022000
[ 117.239366]
[ 117.239666] Modules linked in:
[ 117.240186] ---[ end trace 0000000000000000 ]---
[ 117.240890] RIP: 0010:do_iter_write+0x477/0x700
[ 117.241553] Code: 00 0f 85 fd 01 00 00 4d 8b 7c 24 28 e8 d2 05 c6 ff 48 8b 44 24 18 80 38 00 0f 85 68 01 00 00 48 8b 43 18 48 89 c2 48 c1 ea 03 <42> 80 3c 32 00 0f 85 3b 01 00 00 48 8b 4c 24 20 48 8b 30 80 39 00
[ 117.243827] RSP: 0018:ffff88803df5fc70 EFLAGS: 00010216
[ 117.244569] RAX: 0000000020009780 RBX: ffff88803df5fd60 RCX: ffffc90000807000
[ 117.245509] RDX: 00000000040012f0 RSI: ffffffff8185830e RDI: 0000000000000007
[ 117.246459] RBP: 0000000000000001 R08: 0000000000000007 R09: 0000000000000000
[ 117.247391] R10: 0000000000000001 R11: 0000000000000001 R12: ffff888016d17900
[ 117.248311] R13: 0000000000000000 R14: dffffc0000000000 R15: ffffffff84a66820
[ 117.249214] FS: 00007f71754f2700(0000) GS:ffff88806ce00000(0000) knlGS:0000000000000000
[ 117.250310] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 117.251076] CR2: 0000000020009780 CR3: 000000003c6b8000 CR4: 0000000000350ef0
10:56:26 executing program 0:
syz_mount_image$vfat(0x0, &(0x7f0000000280)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = open(&(0x7f0000000140)='./file0\x00', 0x0, 0x0)
rmdir(&(0x7f0000000000)='./file0\x00')
openat(r0, &(0x7f0000000040)='./file0/file0\x00', 0x0, 0x0)
10:56:26 executing program 7:
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = dup(r0)
bind$bt_hci(r1, &(0x7f0000000080)={0x1f, 0xffffffffffffffff, 0x3}, 0x6)
write$bt_hci(r1, &(0x7f0000000100)=ANY=[@ANYBLOB="15"], 0x6)
10:56:26 executing program 2:
r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000028c0), 0x481, 0x0)
write$binfmt_elf64(r0, 0x0, 0x0)
10:56:26 executing program 5:
r0 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
sendmsg$802154_raw(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f00000003c0)="3b8e9f", 0x3}}, 0x0)
10:56:26 executing program 3:
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = dup(r0)
bind$bt_hci(r1, &(0x7f0000000080)={0x1f, 0xffffffffffffffff, 0x3}, 0x6)
write$bt_hci(r1, &(0x7f0000000100)=ANY=[@ANYBLOB="15"], 0x6)
10:56:26 executing program 7:
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = dup(r0)
bind$bt_hci(r1, &(0x7f0000000080)={0x1f, 0xffffffffffffffff, 0x3}, 0x6)
write$bt_hci(r1, &(0x7f0000000100)=ANY=[@ANYBLOB="15"], 0x6)
10:56:26 executing program 0:
syz_mount_image$vfat(0x0, &(0x7f0000000280)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = open(&(0x7f0000000140)='./file0\x00', 0x0, 0x0)
rmdir(&(0x7f0000000000)='./file0\x00')
openat(r0, &(0x7f0000000040)='./file0/file0\x00', 0x0, 0x0)
[ 117.340995] ieee802154 phy0 wpan0: encryption failed: -22
10:56:27 executing program 5:
r0 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
sendmsg$802154_raw(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f00000003c0)="3b8e9f", 0x3}}, 0x0)
10:56:27 executing program 3:
r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000028c0), 0x481, 0x0)
write$binfmt_elf64(r0, 0x0, 0x0)
10:56:27 executing program 2:
r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000028c0), 0x481, 0x0)
write$binfmt_elf64(r0, 0x0, 0x0)
10:56:27 executing program 0:
syz_mount_image$vfat(0x0, &(0x7f0000000280)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = open(&(0x7f0000000140)='./file0\x00', 0x0, 0x0)
rmdir(&(0x7f0000000000)='./file0\x00')
openat(r0, &(0x7f0000000040)='./file0/file0\x00', 0x0, 0x0)
10:56:27 executing program 6:
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
chdir(0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
r0 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x1c5042, 0x0)
write(r1, &(0x7f0000000200)='E', 0x140000)
socket$inet_udp(0x2, 0x2, 0x0)
r2 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendfile(r0, 0xffffffffffffffff, 0x0, 0xfffffdef)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0)
sendfile(r4, r3, 0x0, 0x7fffffff)
sendfile(r2, r3, &(0x7f0000000000)=0x81, 0xfff)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'syz_tun\x00', 0x0})
bind$packet(0xffffffffffffffff, &(0x7f0000000000)={0x11, 0x0, r5, 0x1, 0x0, 0x6, @remote}, 0x14)
sendmsg$ETHTOOL_MSG_COALESCE_GET(0xffffffffffffffff, 0x0, 0x4000000)
ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x8946, 0x0)
10:56:27 executing program 7:
syz_mount_image$vfat(0x0, &(0x7f0000000280)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = open(&(0x7f0000000140)='./file0\x00', 0x0, 0x0)
rmdir(&(0x7f0000000000)='./file0\x00')
openat(r0, &(0x7f0000000040)='./file0/file0\x00', 0x0, 0x0)
10:56:27 executing program 4:
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0xffff)
r0 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
syncfs(r0)
ioctl$TIOCL_GETSHIFTSTATE(r0, 0x541c, &(0x7f0000000180))
sendmsg$GTP_CMD_DELPDP(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000240)={0x0}}, 0x0)
mlock2(&(0x7f0000ff7000/0x4000)=nil, 0x4000, 0x0)
sendmsg$DEVLINK_CMD_TRAP_GROUP_GET(r0, &(0x7f00000001c0)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000140)={&(0x7f0000000340)={0x100, 0x0, 0x8, 0x70bd29, 0x25dfdbff, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0xd}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0xd}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0xd}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0xd}}, {@pci={{0x8}, {0x11}}, {0xd}}]}, 0x100}, 0x1, 0x0, 0x0, 0x8000001}, 0x800)
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x200000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x80000001}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x3)
mincore(&(0x7f0000ffb000/0x1000)=nil, 0x1000, &(0x7f0000000540)=""/138)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x2000000000000000}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r2 = ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2)
ioctl$AUTOFS_DEV_IOCTL_FAIL(0xffffffffffffffff, 0xc0189377, &(0x7f0000000000)={{0x1, 0x1, 0x18, r1, {0x0, 0x5}}, './file0\x00'})
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
setsockopt$inet6_IPV6_RTHDR(r3, 0x29, 0xb, 0x0, 0x0)
mmap(&(0x7f0000ff8000/0x1000)=nil, 0x1000, 0x200000c, 0x10, r3, 0x27000000)
10:56:27 executing program 1:
r0 = syz_open_dev$vcsa(&(0x7f0000001440), 0x1ff, 0x48a81)
poll(&(0x7f0000000140)=[{r0}], 0x1, 0x0)
pwritev(r0, &(0x7f00000000c0)=[{&(0x7f0000009780)="da", 0x1}], 0x1, 0x0, 0x0)
[ 118.104848] ieee802154 phy0 wpan0: encryption failed: -22
[ 118.146573] general protection fault, probably for non-canonical address 0xdffffc00040012f0: 0000 [#4] PREEMPT SMP KASAN NOPTI
[ 118.148242] KASAN: probably user-memory-access in range [0x0000000020009780-0x0000000020009787]
[ 118.149736] CPU: 0 PID: 4202 Comm: syz-executor.1 Tainted: G D 6.3.0-rc3-next-20230327 #1
[ 118.151124] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 118.152730] RIP: 0010:do_iter_write+0x477/0x700
[ 118.153691] Code: 00 0f 85 fd 01 00 00 4d 8b 7c 24 28 e8 d2 05 c6 ff 48 8b 44 24 18 80 38 00 0f 85 68 01 00 00 48 8b 43 18 48 89 c2 48 c1 ea 03 <42> 80 3c 32 00 0f 85 3b 01 00 00 48 8b 4c 24 20 48 8b 30 80 39 00
[ 118.157135] RSP: 0018:ffff88803e677c70 EFLAGS: 00010216
[ 118.158182] RAX: 0000000020009780 RBX: ffff88803e677d60 RCX: ffffc90000807000
[ 118.159572] RDX: 00000000040012f0 RSI: ffffffff8185830e RDI: 0000000000000007
10:56:27 executing program 3:
r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000028c0), 0x481, 0x0)
write$binfmt_elf64(r0, 0x0, 0x0)
[ 118.160955] RBP: 0000000000000001 R08: 0000000000000007 R09: 0000000000000000
[ 118.162501] R10: 0000000000000001 R11: 0000000000000001 R12: ffff888016488a00
[ 118.163882] R13: 0000000000000000 R14: dffffc0000000000 R15: ffffffff84a66820
[ 118.165273] FS: 00007f71754f2700(0000) GS:ffff88806ce00000(0000) knlGS:0000000000000000
[ 118.166870] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 118.167833] CR2: 0000000020009780 CR3: 000000003c78e000 CR4: 0000000000350ef0
[ 118.169018] Call Trace:
[ 118.169515]
[ 118.169863] ? import_iovec+0x87/0xb0
[ 118.170514] vfs_writev+0x1ae/0x660
[ 118.171083] ? __pfx_vfs_writev+0x10/0x10
[ 118.171709] ? lock_release+0x4d8/0x680
[ 118.172317] ? finish_task_switch.isra.0+0x203/0x830
[ 118.173077] ? trace_hardirqs_on+0x16/0x100
[ 118.173749] ? do_futex+0x13a/0x380
[ 118.174330] ? __fget_files+0x270/0x480
[ 118.174939] __x64_sys_pwritev+0x233/0x310
[ 118.175576] ? __pfx___x64_sys_pwritev+0x10/0x10
[ 118.176308] do_syscall_64+0x3f/0x90
[ 118.176869] entry_SYSCALL_64_after_hwframe+0x72/0xdc
[ 118.177656] RIP: 0033:0x7f7177f7cb19
[ 118.178212] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 118.180797] RSP: 002b:00007f71754f2188 EFLAGS: 00000246 ORIG_RAX: 0000000000000128
[ 118.181912] RAX: ffffffffffffffda RBX: 00007f717808ff60 RCX: 00007f7177f7cb19
[ 118.182969] RDX: 0000000000000001 RSI: 00000000200000c0 RDI: 0000000000000003
[ 118.183998] RBP: 00007f7177fd6f6d R08: 0000000000000000 R09: 0000000000000000
[ 118.185024] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 118.186084] R13: 00007ffc04b1f80f R14: 00007f71754f2300 R15: 0000000000022000
[ 118.187129]
[ 118.187479] Modules linked in:
[ 118.189208] ---[ end trace 0000000000000000 ]---
[ 118.190965] RIP: 0010:do_iter_write+0x477/0x700
[ 118.191962] Code: 00 0f 85 fd 01 00 00 4d 8b 7c 24 28 e8 d2 05 c6 ff 48 8b 44 24 18 80 38 00 0f 85 68 01 00 00 48 8b 43 18 48 89 c2 48 c1 ea 03 <42> 80 3c 32 00 0f 85 3b 01 00 00 48 8b 4c 24 20 48 8b 30 80 39 00
[ 118.194655] RSP: 0018:ffff88803df5fc70 EFLAGS: 00010216
[ 118.195478] RAX: 0000000020009780 RBX: ffff88803df5fd60 RCX: ffffc90000807000
[ 118.196541] RDX: 00000000040012f0 RSI: ffffffff8185830e RDI: 0000000000000007
[ 118.197635] RBP: 0000000000000001 R08: 0000000000000007 R09: 0000000000000000
[ 118.198662] R10: 0000000000000001 R11: 0000000000000001 R12: ffff888016d17900
[ 118.199543] R13: 0000000000000000 R14: dffffc0000000000 R15: ffffffff84a66820
[ 118.200416] FS: 00007f71754f2700(0000) GS:ffff88806ce00000(0000) knlGS:0000000000000000
[ 118.201411] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 118.202169] CR2: 0000000020009780 CR3: 000000003c78e000 CR4: 0000000000350ef0
10:56:27 executing program 2:
r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000028c0), 0x481, 0x0)
write$binfmt_elf64(r0, 0x0, 0x0)
10:56:27 executing program 5:
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0xffff)
r0 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
syncfs(r0)
ioctl$TIOCL_GETSHIFTSTATE(r0, 0x541c, &(0x7f0000000180))
sendmsg$GTP_CMD_DELPDP(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000240)={0x0}}, 0x0)
mlock2(&(0x7f0000ff7000/0x4000)=nil, 0x4000, 0x0)
sendmsg$DEVLINK_CMD_TRAP_GROUP_GET(r0, &(0x7f00000001c0)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000140)={&(0x7f0000000340)={0x100, 0x0, 0x8, 0x70bd29, 0x25dfdbff, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0xd}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0xd}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0xd}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0xd}}, {@pci={{0x8}, {0x11}}, {0xd}}]}, 0x100}, 0x1, 0x0, 0x0, 0x8000001}, 0x800)
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x200000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x80000001}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x3)
mincore(&(0x7f0000ffb000/0x1000)=nil, 0x1000, &(0x7f0000000540)=""/138)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x2000000000000000}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r2 = ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2)
ioctl$AUTOFS_DEV_IOCTL_FAIL(0xffffffffffffffff, 0xc0189377, &(0x7f0000000000)={{0x1, 0x1, 0x18, r1, {0x0, 0x5}}, './file0\x00'})
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
setsockopt$inet6_IPV6_RTHDR(r3, 0x29, 0xb, 0x0, 0x0)
mmap(&(0x7f0000ff8000/0x1000)=nil, 0x1000, 0x200000c, 0x10, r3, 0x27000000)
10:56:27 executing program 7:
syz_mount_image$vfat(0x0, &(0x7f0000000280)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = open(&(0x7f0000000140)='./file0\x00', 0x0, 0x0)
rmdir(&(0x7f0000000000)='./file0\x00')
openat(r0, &(0x7f0000000040)='./file0/file0\x00', 0x0, 0x0)
10:56:27 executing program 0:
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0xffff)
r0 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
syncfs(r0)
ioctl$TIOCL_GETSHIFTSTATE(r0, 0x541c, &(0x7f0000000180))
sendmsg$GTP_CMD_DELPDP(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000240)={0x0}}, 0x0)
mlock2(&(0x7f0000ff7000/0x4000)=nil, 0x4000, 0x0)
sendmsg$DEVLINK_CMD_TRAP_GROUP_GET(r0, &(0x7f00000001c0)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000140)={&(0x7f0000000340)={0x100, 0x0, 0x8, 0x70bd29, 0x25dfdbff, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0xd}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0xd}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0xd}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0xd}}, {@pci={{0x8}, {0x11}}, {0xd}}]}, 0x100}, 0x1, 0x0, 0x0, 0x8000001}, 0x800)
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x200000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x80000001}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x3)
mincore(&(0x7f0000ffb000/0x1000)=nil, 0x1000, &(0x7f0000000540)=""/138)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x2000000000000000}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r2 = ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2)
ioctl$AUTOFS_DEV_IOCTL_FAIL(0xffffffffffffffff, 0xc0189377, &(0x7f0000000000)={{0x1, 0x1, 0x18, r1, {0x0, 0x5}}, './file0\x00'})
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
setsockopt$inet6_IPV6_RTHDR(r3, 0x29, 0xb, 0x0, 0x0)
mmap(&(0x7f0000ff8000/0x1000)=nil, 0x1000, 0x200000c, 0x10, r3, 0x27000000)
10:56:27 executing program 3:
r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000028c0), 0x481, 0x0)
write$binfmt_elf64(r0, 0x0, 0x0)
10:56:27 executing program 2:
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0xffff)
r0 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
syncfs(r0)
ioctl$TIOCL_GETSHIFTSTATE(r0, 0x541c, &(0x7f0000000180))
sendmsg$GTP_CMD_DELPDP(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000240)={0x0}}, 0x0)
mlock2(&(0x7f0000ff7000/0x4000)=nil, 0x4000, 0x0)
sendmsg$DEVLINK_CMD_TRAP_GROUP_GET(r0, &(0x7f00000001c0)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000140)={&(0x7f0000000340)={0x100, 0x0, 0x8, 0x70bd29, 0x25dfdbff, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0xd}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0xd}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0xd}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0xd}}, {@pci={{0x8}, {0x11}}, {0xd}}]}, 0x100}, 0x1, 0x0, 0x0, 0x8000001}, 0x800)
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x200000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x80000001}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x3)
mincore(&(0x7f0000ffb000/0x1000)=nil, 0x1000, &(0x7f0000000540)=""/138)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x2000000000000000}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r2 = ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2)
ioctl$AUTOFS_DEV_IOCTL_FAIL(0xffffffffffffffff, 0xc0189377, &(0x7f0000000000)={{0x1, 0x1, 0x18, r1, {0x0, 0x5}}, './file0\x00'})
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
setsockopt$inet6_IPV6_RTHDR(r3, 0x29, 0xb, 0x0, 0x0)
mmap(&(0x7f0000ff8000/0x1000)=nil, 0x1000, 0x200000c, 0x10, r3, 0x27000000)
10:56:27 executing program 7:
syz_mount_image$vfat(0x0, &(0x7f0000000280)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = open(&(0x7f0000000140)='./file0\x00', 0x0, 0x0)
rmdir(&(0x7f0000000000)='./file0\x00')
openat(r0, &(0x7f0000000040)='./file0/file0\x00', 0x0, 0x0)
10:56:27 executing program 5:
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0xffff)
r0 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
syncfs(r0)
ioctl$TIOCL_GETSHIFTSTATE(r0, 0x541c, &(0x7f0000000180))
sendmsg$GTP_CMD_DELPDP(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000240)={0x0}}, 0x0)
mlock2(&(0x7f0000ff7000/0x4000)=nil, 0x4000, 0x0)
sendmsg$DEVLINK_CMD_TRAP_GROUP_GET(r0, &(0x7f00000001c0)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000140)={&(0x7f0000000340)={0x100, 0x0, 0x8, 0x70bd29, 0x25dfdbff, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0xd}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0xd}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0xd}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0xd}}, {@pci={{0x8}, {0x11}}, {0xd}}]}, 0x100}, 0x1, 0x0, 0x0, 0x8000001}, 0x800)
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x200000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x80000001}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x3)
mincore(&(0x7f0000ffb000/0x1000)=nil, 0x1000, &(0x7f0000000540)=""/138)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x2000000000000000}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r2 = ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2)
ioctl$AUTOFS_DEV_IOCTL_FAIL(0xffffffffffffffff, 0xc0189377, &(0x7f0000000000)={{0x1, 0x1, 0x18, r1, {0x0, 0x5}}, './file0\x00'})
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
setsockopt$inet6_IPV6_RTHDR(r3, 0x29, 0xb, 0x0, 0x0)
mmap(&(0x7f0000ff8000/0x1000)=nil, 0x1000, 0x200000c, 0x10, r3, 0x27000000)
10:56:28 executing program 3:
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0xffff)
r0 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
syncfs(r0)
ioctl$TIOCL_GETSHIFTSTATE(r0, 0x541c, &(0x7f0000000180))
sendmsg$GTP_CMD_DELPDP(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000240)={0x0}}, 0x0)
mlock2(&(0x7f0000ff7000/0x4000)=nil, 0x4000, 0x0)
sendmsg$DEVLINK_CMD_TRAP_GROUP_GET(r0, &(0x7f00000001c0)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000140)={&(0x7f0000000340)={0x100, 0x0, 0x8, 0x70bd29, 0x25dfdbff, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0xd}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0xd}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0xd}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0xd}}, {@pci={{0x8}, {0x11}}, {0xd}}]}, 0x100}, 0x1, 0x0, 0x0, 0x8000001}, 0x800)
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x200000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x80000001}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x3)
mincore(&(0x7f0000ffb000/0x1000)=nil, 0x1000, &(0x7f0000000540)=""/138)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x2000000000000000}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r2 = ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2)
ioctl$AUTOFS_DEV_IOCTL_FAIL(0xffffffffffffffff, 0xc0189377, &(0x7f0000000000)={{0x1, 0x1, 0x18, r1, {0x0, 0x5}}, './file0\x00'})
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
setsockopt$inet6_IPV6_RTHDR(r3, 0x29, 0xb, 0x0, 0x0)
mmap(&(0x7f0000ff8000/0x1000)=nil, 0x1000, 0x200000c, 0x10, r3, 0x27000000)
10:56:28 executing program 7:
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
chdir(0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
r0 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x1c5042, 0x0)
write(r1, &(0x7f0000000200)='E', 0x140000)
socket$inet_udp(0x2, 0x2, 0x0)
r2 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendfile(r0, 0xffffffffffffffff, 0x0, 0xfffffdef)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0)
sendfile(r4, r3, 0x0, 0x7fffffff)
sendfile(r2, r3, &(0x7f0000000000)=0x81, 0xfff)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'syz_tun\x00', 0x0})
bind$packet(0xffffffffffffffff, &(0x7f0000000000)={0x11, 0x0, r5, 0x1, 0x0, 0x6, @remote}, 0x14)
sendmsg$ETHTOOL_MSG_COALESCE_GET(0xffffffffffffffff, 0x0, 0x4000000)
ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x8946, 0x0)
10:56:28 executing program 6:
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
chdir(0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
r0 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x1c5042, 0x0)
write(r1, &(0x7f0000000200)='E', 0x140000)
socket$inet_udp(0x2, 0x2, 0x0)
r2 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendfile(r0, 0xffffffffffffffff, 0x0, 0xfffffdef)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0)
sendfile(r4, r3, 0x0, 0x7fffffff)
sendfile(r2, r3, &(0x7f0000000000)=0x81, 0xfff)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'syz_tun\x00', 0x0})
bind$packet(0xffffffffffffffff, &(0x7f0000000000)={0x11, 0x0, r5, 0x1, 0x0, 0x6, @remote}, 0x14)
sendmsg$ETHTOOL_MSG_COALESCE_GET(0xffffffffffffffff, 0x0, 0x4000000)
ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x8946, 0x0)
10:56:28 executing program 0:
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0xffff)
r0 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
syncfs(r0)
ioctl$TIOCL_GETSHIFTSTATE(r0, 0x541c, &(0x7f0000000180))
sendmsg$GTP_CMD_DELPDP(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000240)={0x0}}, 0x0)
mlock2(&(0x7f0000ff7000/0x4000)=nil, 0x4000, 0x0)
sendmsg$DEVLINK_CMD_TRAP_GROUP_GET(r0, &(0x7f00000001c0)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000140)={&(0x7f0000000340)={0x100, 0x0, 0x8, 0x70bd29, 0x25dfdbff, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0xd}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0xd}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0xd}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0xd}}, {@pci={{0x8}, {0x11}}, {0xd}}]}, 0x100}, 0x1, 0x0, 0x0, 0x8000001}, 0x800)
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x200000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x80000001}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x3)
mincore(&(0x7f0000ffb000/0x1000)=nil, 0x1000, &(0x7f0000000540)=""/138)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x2000000000000000}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r2 = ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2)
ioctl$AUTOFS_DEV_IOCTL_FAIL(0xffffffffffffffff, 0xc0189377, &(0x7f0000000000)={{0x1, 0x1, 0x18, r1, {0x0, 0x5}}, './file0\x00'})
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
setsockopt$inet6_IPV6_RTHDR(r3, 0x29, 0xb, 0x0, 0x0)
mmap(&(0x7f0000ff8000/0x1000)=nil, 0x1000, 0x200000c, 0x10, r3, 0x27000000)
10:56:28 executing program 1:
r0 = syz_open_dev$vcsa(&(0x7f0000001440), 0x1ff, 0x48a81)
poll(&(0x7f0000000140)=[{r0}], 0x1, 0x0)
pwritev(r0, &(0x7f00000000c0)=[{&(0x7f0000009780)="da", 0x1}], 0x1, 0x0, 0x0)
10:56:28 executing program 4:
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0xffff)
r0 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
syncfs(r0)
ioctl$TIOCL_GETSHIFTSTATE(r0, 0x541c, &(0x7f0000000180))
sendmsg$GTP_CMD_DELPDP(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000240)={0x0}}, 0x0)
mlock2(&(0x7f0000ff7000/0x4000)=nil, 0x4000, 0x0)
sendmsg$DEVLINK_CMD_TRAP_GROUP_GET(r0, &(0x7f00000001c0)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000140)={&(0x7f0000000340)={0x100, 0x0, 0x8, 0x70bd29, 0x25dfdbff, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0xd}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0xd}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0xd}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0xd}}, {@pci={{0x8}, {0x11}}, {0xd}}]}, 0x100}, 0x1, 0x0, 0x0, 0x8000001}, 0x800)
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x200000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x80000001}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x3)
mincore(&(0x7f0000ffb000/0x1000)=nil, 0x1000, &(0x7f0000000540)=""/138)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x2000000000000000}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r2 = ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2)
ioctl$AUTOFS_DEV_IOCTL_FAIL(0xffffffffffffffff, 0xc0189377, &(0x7f0000000000)={{0x1, 0x1, 0x18, r1, {0x0, 0x5}}, './file0\x00'})
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
setsockopt$inet6_IPV6_RTHDR(r3, 0x29, 0xb, 0x0, 0x0)
mmap(&(0x7f0000ff8000/0x1000)=nil, 0x1000, 0x200000c, 0x10, r3, 0x27000000)
10:56:28 executing program 7:
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
chdir(0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
r0 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x1c5042, 0x0)
write(r1, &(0x7f0000000200)='E', 0x140000)
socket$inet_udp(0x2, 0x2, 0x0)
r2 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendfile(r0, 0xffffffffffffffff, 0x0, 0xfffffdef)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0)
sendfile(r4, r3, 0x0, 0x7fffffff)
sendfile(r2, r3, &(0x7f0000000000)=0x81, 0xfff)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'syz_tun\x00', 0x0})
bind$packet(0xffffffffffffffff, &(0x7f0000000000)={0x11, 0x0, r5, 0x1, 0x0, 0x6, @remote}, 0x14)
sendmsg$ETHTOOL_MSG_COALESCE_GET(0xffffffffffffffff, 0x0, 0x4000000)
ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x8946, 0x0)
10:56:28 executing program 3:
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0xffff)
r0 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
syncfs(r0)
ioctl$TIOCL_GETSHIFTSTATE(r0, 0x541c, &(0x7f0000000180))
sendmsg$GTP_CMD_DELPDP(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000240)={0x0}}, 0x0)
mlock2(&(0x7f0000ff7000/0x4000)=nil, 0x4000, 0x0)
sendmsg$DEVLINK_CMD_TRAP_GROUP_GET(r0, &(0x7f00000001c0)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000140)={&(0x7f0000000340)={0x100, 0x0, 0x8, 0x70bd29, 0x25dfdbff, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0xd}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0xd}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0xd}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0xd}}, {@pci={{0x8}, {0x11}}, {0xd}}]}, 0x100}, 0x1, 0x0, 0x0, 0x8000001}, 0x800)
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x200000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x80000001}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x3)
mincore(&(0x7f0000ffb000/0x1000)=nil, 0x1000, &(0x7f0000000540)=""/138)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x2000000000000000}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r2 = ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2)
ioctl$AUTOFS_DEV_IOCTL_FAIL(0xffffffffffffffff, 0xc0189377, &(0x7f0000000000)={{0x1, 0x1, 0x18, r1, {0x0, 0x5}}, './file0\x00'})
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
setsockopt$inet6_IPV6_RTHDR(r3, 0x29, 0xb, 0x0, 0x0)
mmap(&(0x7f0000ff8000/0x1000)=nil, 0x1000, 0x200000c, 0x10, r3, 0x27000000)
10:56:28 executing program 6:
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
chdir(0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
r0 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x1c5042, 0x0)
write(r1, &(0x7f0000000200)='E', 0x140000)
socket$inet_udp(0x2, 0x2, 0x0)
r2 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendfile(r0, 0xffffffffffffffff, 0x0, 0xfffffdef)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0)
sendfile(r4, r3, 0x0, 0x7fffffff)
sendfile(r2, r3, &(0x7f0000000000)=0x81, 0xfff)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'syz_tun\x00', 0x0})
bind$packet(0xffffffffffffffff, &(0x7f0000000000)={0x11, 0x0, r5, 0x1, 0x0, 0x6, @remote}, 0x14)
sendmsg$ETHTOOL_MSG_COALESCE_GET(0xffffffffffffffff, 0x0, 0x4000000)
ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x8946, 0x0)
10:56:28 executing program 5:
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0xffff)
r0 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
syncfs(r0)
ioctl$TIOCL_GETSHIFTSTATE(r0, 0x541c, &(0x7f0000000180))
sendmsg$GTP_CMD_DELPDP(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000240)={0x0}}, 0x0)
mlock2(&(0x7f0000ff7000/0x4000)=nil, 0x4000, 0x0)
sendmsg$DEVLINK_CMD_TRAP_GROUP_GET(r0, &(0x7f00000001c0)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000140)={&(0x7f0000000340)={0x100, 0x0, 0x8, 0x70bd29, 0x25dfdbff, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0xd}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0xd}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0xd}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0xd}}, {@pci={{0x8}, {0x11}}, {0xd}}]}, 0x100}, 0x1, 0x0, 0x0, 0x8000001}, 0x800)
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x200000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x80000001}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x3)
mincore(&(0x7f0000ffb000/0x1000)=nil, 0x1000, &(0x7f0000000540)=""/138)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x2000000000000000}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r2 = ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2)
ioctl$AUTOFS_DEV_IOCTL_FAIL(0xffffffffffffffff, 0xc0189377, &(0x7f0000000000)={{0x1, 0x1, 0x18, r1, {0x0, 0x5}}, './file0\x00'})
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
setsockopt$inet6_IPV6_RTHDR(r3, 0x29, 0xb, 0x0, 0x0)
mmap(&(0x7f0000ff8000/0x1000)=nil, 0x1000, 0x200000c, 0x10, r3, 0x27000000)
10:56:28 executing program 2:
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0xffff)
r0 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
syncfs(r0)
ioctl$TIOCL_GETSHIFTSTATE(r0, 0x541c, &(0x7f0000000180))
sendmsg$GTP_CMD_DELPDP(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000240)={0x0}}, 0x0)
mlock2(&(0x7f0000ff7000/0x4000)=nil, 0x4000, 0x0)
sendmsg$DEVLINK_CMD_TRAP_GROUP_GET(r0, &(0x7f00000001c0)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000140)={&(0x7f0000000340)={0x100, 0x0, 0x8, 0x70bd29, 0x25dfdbff, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0xd}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0xd}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0xd}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0xd}}, {@pci={{0x8}, {0x11}}, {0xd}}]}, 0x100}, 0x1, 0x0, 0x0, 0x8000001}, 0x800)
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x200000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x80000001}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x3)
mincore(&(0x7f0000ffb000/0x1000)=nil, 0x1000, &(0x7f0000000540)=""/138)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x2000000000000000}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r2 = ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2)
ioctl$AUTOFS_DEV_IOCTL_FAIL(0xffffffffffffffff, 0xc0189377, &(0x7f0000000000)={{0x1, 0x1, 0x18, r1, {0x0, 0x5}}, './file0\x00'})
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
setsockopt$inet6_IPV6_RTHDR(r3, 0x29, 0xb, 0x0, 0x0)
mmap(&(0x7f0000ff8000/0x1000)=nil, 0x1000, 0x200000c, 0x10, r3, 0x27000000)
[ 119.508590] general protection fault, probably for non-canonical address 0xdffffc00040012f0: 0000 [#5] PREEMPT SMP KASAN NOPTI
[ 119.509686] KASAN: probably user-memory-access in range [0x0000000020009780-0x0000000020009787]
[ 119.510545] CPU: 1 PID: 4249 Comm: syz-executor.1 Tainted: G D 6.3.0-rc3-next-20230327 #1
[ 119.511511] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 119.512316] RIP: 0010:do_iter_write+0x477/0x700
[ 119.512809] Code: 00 0f 85 fd 01 00 00 4d 8b 7c 24 28 e8 d2 05 c6 ff 48 8b 44 24 18 80 38 00 0f 85 68 01 00 00 48 8b 43 18 48 89 c2 48 c1 ea 03 <42> 80 3c 32 00 0f 85 3b 01 00 00 48 8b 4c 24 20 48 8b 30 80 39 00
[ 119.514574] RSP: 0018:ffff88803e8ffc70 EFLAGS: 00010216
[ 119.515107] RAX: 0000000020009780 RBX: ffff88803e8ffd60 RCX: ffffc90000807000
[ 119.515822] RDX: 00000000040012f0 RSI: ffffffff8185830e RDI: 0000000000000007
[ 119.516522] RBP: 0000000000000001 R08: 0000000000000007 R09: 0000000000000000
[ 119.517225] R10: 0000000000000001 R11: 0000000000000001 R12: ffff88800caf1b80
[ 119.517977] R13: 0000000000000000 R14: dffffc0000000000 R15: ffffffff84a66820
[ 119.518673] FS: 00007f71754f2700(0000) GS:ffff88806cf00000(0000) knlGS:0000000000000000
[ 119.519451] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 119.520033] CR2: 0000000020009780 CR3: 000000003db8e000 CR4: 0000000000350ee0
[ 119.520738] Call Trace:
[ 119.521000]
[ 119.521239] ? import_iovec+0x87/0xb0
[ 119.521642] vfs_writev+0x1ae/0x660
[ 119.522026] ? __pfx_vfs_writev+0x10/0x10
[ 119.522461] ? lock_release+0x4d8/0x680
[ 119.522884] ? kmem_cache_free+0xff/0x4a0
[ 119.523315] ? do_futex+0x13a/0x380
[ 119.523711] ? __fget_files+0x270/0x480
[ 119.524128] __x64_sys_pwritev+0x233/0x310
[ 119.524573] ? __pfx___x64_sys_pwritev+0x10/0x10
[ 119.525066] ? switch_fpu_return+0x157/0x2e0
[ 119.525523] do_syscall_64+0x3f/0x90
[ 119.525914] entry_SYSCALL_64_after_hwframe+0x72/0xdc
[ 119.526436] RIP: 0033:0x7f7177f7cb19
[ 119.526815] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 119.528568] RSP: 002b:00007f71754f2188 EFLAGS: 00000246 ORIG_RAX: 0000000000000128
[ 119.529324] RAX: ffffffffffffffda RBX: 00007f717808ff60 RCX: 00007f7177f7cb19
[ 119.530048] RDX: 0000000000000001 RSI: 00000000200000c0 RDI: 0000000000000003
[ 119.530752] RBP: 00007f7177fd6f6d R08: 0000000000000000 R09: 0000000000000000
[ 119.531464] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 119.532174] R13: 00007ffc04b1f80f R14: 00007f71754f2300 R15: 0000000000022000
[ 119.532880]
[ 119.533119] Modules linked in:
[ 119.534474] ---[ end trace 0000000000000000 ]---
[ 119.534967] RIP: 0010:do_iter_write+0x477/0x700
[ 119.535657] Code: 00 0f 85 fd 01 00 00 4d 8b 7c 24 28 e8 d2 05 c6 ff 48 8b 44 24 18 80 38 00 0f 85 68 01 00 00 48 8b 43 18 48 89 c2 48 c1 ea 03 <42> 80 3c 32 00 0f 85 3b 01 00 00 48 8b 4c 24 20 48 8b 30 80 39 00
[ 119.537489] RSP: 0018:ffff88803df5fc70 EFLAGS: 00010216
[ 119.538047] RAX: 0000000020009780 RBX: ffff88803df5fd60 RCX: ffffc90000807000
[ 119.538770] RDX: 00000000040012f0 RSI: ffffffff8185830e RDI: 0000000000000007
[ 119.539489] RBP: 0000000000000001 R08: 0000000000000007 R09: 0000000000000000
[ 119.540200] R10: 0000000000000001 R11: 0000000000000001 R12: ffff888016d17900
[ 119.540902] R13: 0000000000000000 R14: dffffc0000000000 R15: ffffffff84a66820
[ 119.541557] FS: 00007f71754f2700(0000) GS:ffff88806cf00000(0000) knlGS:0000000000000000
[ 119.542255] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 119.542755] CR2: 0000000020009780 CR3: 000000003db8e000 CR4: 0000000000350ee0
10:56:28 executing program 0:
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0xffff)
r0 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
syncfs(r0)
ioctl$TIOCL_GETSHIFTSTATE(r0, 0x541c, &(0x7f0000000180))
sendmsg$GTP_CMD_DELPDP(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000240)={0x0}}, 0x0)
mlock2(&(0x7f0000ff7000/0x4000)=nil, 0x4000, 0x0)
sendmsg$DEVLINK_CMD_TRAP_GROUP_GET(r0, &(0x7f00000001c0)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000140)={&(0x7f0000000340)={0x100, 0x0, 0x8, 0x70bd29, 0x25dfdbff, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0xd}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0xd}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0xd}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0xd}}, {@pci={{0x8}, {0x11}}, {0xd}}]}, 0x100}, 0x1, 0x0, 0x0, 0x8000001}, 0x800)
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x200000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x80000001}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x3)
mincore(&(0x7f0000ffb000/0x1000)=nil, 0x1000, &(0x7f0000000540)=""/138)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x2000000000000000}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r2 = ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2)
ioctl$AUTOFS_DEV_IOCTL_FAIL(0xffffffffffffffff, 0xc0189377, &(0x7f0000000000)={{0x1, 0x1, 0x18, r1, {0x0, 0x5}}, './file0\x00'})
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
setsockopt$inet6_IPV6_RTHDR(r3, 0x29, 0xb, 0x0, 0x0)
mmap(&(0x7f0000ff8000/0x1000)=nil, 0x1000, 0x200000c, 0x10, r3, 0x27000000)
10:56:28 executing program 4:
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0xffff)
r0 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
syncfs(r0)
ioctl$TIOCL_GETSHIFTSTATE(r0, 0x541c, &(0x7f0000000180))
sendmsg$GTP_CMD_DELPDP(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000240)={0x0}}, 0x0)
mlock2(&(0x7f0000ff7000/0x4000)=nil, 0x4000, 0x0)
sendmsg$DEVLINK_CMD_TRAP_GROUP_GET(r0, &(0x7f00000001c0)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000140)={&(0x7f0000000340)={0x100, 0x0, 0x8, 0x70bd29, 0x25dfdbff, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0xd}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0xd}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0xd}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0xd}}, {@pci={{0x8}, {0x11}}, {0xd}}]}, 0x100}, 0x1, 0x0, 0x0, 0x8000001}, 0x800)
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x200000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x80000001}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x3)
mincore(&(0x7f0000ffb000/0x1000)=nil, 0x1000, &(0x7f0000000540)=""/138)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x2000000000000000}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r2 = ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2)
ioctl$AUTOFS_DEV_IOCTL_FAIL(0xffffffffffffffff, 0xc0189377, &(0x7f0000000000)={{0x1, 0x1, 0x18, r1, {0x0, 0x5}}, './file0\x00'})
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
setsockopt$inet6_IPV6_RTHDR(r3, 0x29, 0xb, 0x0, 0x0)
mmap(&(0x7f0000ff8000/0x1000)=nil, 0x1000, 0x200000c, 0x10, r3, 0x27000000)
10:56:28 executing program 5:
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
chdir(0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
r0 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x1c5042, 0x0)
write(r1, &(0x7f0000000200)='E', 0x140000)
socket$inet_udp(0x2, 0x2, 0x0)
r2 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendfile(r0, 0xffffffffffffffff, 0x0, 0xfffffdef)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0)
sendfile(r4, r3, 0x0, 0x7fffffff)
sendfile(r2, r3, &(0x7f0000000000)=0x81, 0xfff)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'syz_tun\x00', 0x0})
bind$packet(0xffffffffffffffff, &(0x7f0000000000)={0x11, 0x0, r5, 0x1, 0x0, 0x6, @remote}, 0x14)
sendmsg$ETHTOOL_MSG_COALESCE_GET(0xffffffffffffffff, 0x0, 0x4000000)
ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x8946, 0x0)
10:56:29 executing program 3:
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0xffff)
r0 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
syncfs(r0)
ioctl$TIOCL_GETSHIFTSTATE(r0, 0x541c, &(0x7f0000000180))
sendmsg$GTP_CMD_DELPDP(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000240)={0x0}}, 0x0)
mlock2(&(0x7f0000ff7000/0x4000)=nil, 0x4000, 0x0)
sendmsg$DEVLINK_CMD_TRAP_GROUP_GET(r0, &(0x7f00000001c0)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000140)={&(0x7f0000000340)={0x100, 0x0, 0x8, 0x70bd29, 0x25dfdbff, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0xd}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0xd}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0xd}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0xd}}, {@pci={{0x8}, {0x11}}, {0xd}}]}, 0x100}, 0x1, 0x0, 0x0, 0x8000001}, 0x800)
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x200000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x80000001}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x3)
mincore(&(0x7f0000ffb000/0x1000)=nil, 0x1000, &(0x7f0000000540)=""/138)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x2000000000000000}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r2 = ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2)
ioctl$AUTOFS_DEV_IOCTL_FAIL(0xffffffffffffffff, 0xc0189377, &(0x7f0000000000)={{0x1, 0x1, 0x18, r1, {0x0, 0x5}}, './file0\x00'})
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
setsockopt$inet6_IPV6_RTHDR(r3, 0x29, 0xb, 0x0, 0x0)
mmap(&(0x7f0000ff8000/0x1000)=nil, 0x1000, 0x200000c, 0x10, r3, 0x27000000)
10:56:29 executing program 0:
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
chdir(0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
r0 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x1c5042, 0x0)
write(r1, &(0x7f0000000200)='E', 0x140000)
socket$inet_udp(0x2, 0x2, 0x0)
r2 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendfile(r0, 0xffffffffffffffff, 0x0, 0xfffffdef)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0)
sendfile(r4, r3, 0x0, 0x7fffffff)
sendfile(r2, r3, &(0x7f0000000000)=0x81, 0xfff)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'syz_tun\x00', 0x0})
bind$packet(0xffffffffffffffff, &(0x7f0000000000)={0x11, 0x0, r5, 0x1, 0x0, 0x6, @remote}, 0x14)
sendmsg$ETHTOOL_MSG_COALESCE_GET(0xffffffffffffffff, 0x0, 0x4000000)
ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x8946, 0x0)
10:56:29 executing program 6:
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
chdir(0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
r0 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x1c5042, 0x0)
write(r1, &(0x7f0000000200)='E', 0x140000)
socket$inet_udp(0x2, 0x2, 0x0)
r2 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendfile(r0, 0xffffffffffffffff, 0x0, 0xfffffdef)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0)
sendfile(r4, r3, 0x0, 0x7fffffff)
sendfile(r2, r3, &(0x7f0000000000)=0x81, 0xfff)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'syz_tun\x00', 0x0})
bind$packet(0xffffffffffffffff, &(0x7f0000000000)={0x11, 0x0, r5, 0x1, 0x0, 0x6, @remote}, 0x14)
sendmsg$ETHTOOL_MSG_COALESCE_GET(0xffffffffffffffff, 0x0, 0x4000000)
ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x8946, 0x0)
10:56:29 executing program 2:
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0xffff)
r0 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
syncfs(r0)
ioctl$TIOCL_GETSHIFTSTATE(r0, 0x541c, &(0x7f0000000180))
sendmsg$GTP_CMD_DELPDP(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000240)={0x0}}, 0x0)
mlock2(&(0x7f0000ff7000/0x4000)=nil, 0x4000, 0x0)
sendmsg$DEVLINK_CMD_TRAP_GROUP_GET(r0, &(0x7f00000001c0)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000140)={&(0x7f0000000340)={0x100, 0x0, 0x8, 0x70bd29, 0x25dfdbff, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0xd}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0xd}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0xd}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0xd}}, {@pci={{0x8}, {0x11}}, {0xd}}]}, 0x100}, 0x1, 0x0, 0x0, 0x8000001}, 0x800)
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x200000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x80000001}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x3)
mincore(&(0x7f0000ffb000/0x1000)=nil, 0x1000, &(0x7f0000000540)=""/138)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x2000000000000000}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r2 = ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2)
ioctl$AUTOFS_DEV_IOCTL_FAIL(0xffffffffffffffff, 0xc0189377, &(0x7f0000000000)={{0x1, 0x1, 0x18, r1, {0x0, 0x5}}, './file0\x00'})
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
setsockopt$inet6_IPV6_RTHDR(r3, 0x29, 0xb, 0x0, 0x0)
mmap(&(0x7f0000ff8000/0x1000)=nil, 0x1000, 0x200000c, 0x10, r3, 0x27000000)
10:56:29 executing program 3:
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
chdir(0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
r0 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x1c5042, 0x0)
write(r1, &(0x7f0000000200)='E', 0x140000)
socket$inet_udp(0x2, 0x2, 0x0)
r2 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendfile(r0, 0xffffffffffffffff, 0x0, 0xfffffdef)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0)
sendfile(r4, r3, 0x0, 0x7fffffff)
sendfile(r2, r3, &(0x7f0000000000)=0x81, 0xfff)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'syz_tun\x00', 0x0})
bind$packet(0xffffffffffffffff, &(0x7f0000000000)={0x11, 0x0, r5, 0x1, 0x0, 0x6, @remote}, 0x14)
sendmsg$ETHTOOL_MSG_COALESCE_GET(0xffffffffffffffff, 0x0, 0x4000000)
ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x8946, 0x0)
10:56:29 executing program 7:
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
chdir(0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
r0 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x1c5042, 0x0)
write(r1, &(0x7f0000000200)='E', 0x140000)
socket$inet_udp(0x2, 0x2, 0x0)
r2 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendfile(r0, 0xffffffffffffffff, 0x0, 0xfffffdef)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0)
sendfile(r4, r3, 0x0, 0x7fffffff)
sendfile(r2, r3, &(0x7f0000000000)=0x81, 0xfff)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'syz_tun\x00', 0x0})
bind$packet(0xffffffffffffffff, &(0x7f0000000000)={0x11, 0x0, r5, 0x1, 0x0, 0x6, @remote}, 0x14)
sendmsg$ETHTOOL_MSG_COALESCE_GET(0xffffffffffffffff, 0x0, 0x4000000)
ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x8946, 0x0)
10:56:29 executing program 5:
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
chdir(0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
r0 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x1c5042, 0x0)
write(r1, &(0x7f0000000200)='E', 0x140000)
socket$inet_udp(0x2, 0x2, 0x0)
r2 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendfile(r0, 0xffffffffffffffff, 0x0, 0xfffffdef)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0)
sendfile(r4, r3, 0x0, 0x7fffffff)
sendfile(r2, r3, &(0x7f0000000000)=0x81, 0xfff)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'syz_tun\x00', 0x0})
bind$packet(0xffffffffffffffff, &(0x7f0000000000)={0x11, 0x0, r5, 0x1, 0x0, 0x6, @remote}, 0x14)
sendmsg$ETHTOOL_MSG_COALESCE_GET(0xffffffffffffffff, 0x0, 0x4000000)
ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x8946, 0x0)
10:56:29 executing program 4:
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
chdir(0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
r0 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x1c5042, 0x0)
write(r1, &(0x7f0000000200)='E', 0x140000)
socket$inet_udp(0x2, 0x2, 0x0)
r2 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendfile(r0, 0xffffffffffffffff, 0x0, 0xfffffdef)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0)
sendfile(r4, r3, 0x0, 0x7fffffff)
sendfile(r2, r3, &(0x7f0000000000)=0x81, 0xfff)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'syz_tun\x00', 0x0})
bind$packet(0xffffffffffffffff, &(0x7f0000000000)={0x11, 0x0, r5, 0x1, 0x0, 0x6, @remote}, 0x14)
sendmsg$ETHTOOL_MSG_COALESCE_GET(0xffffffffffffffff, 0x0, 0x4000000)
ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x8946, 0x0)
10:56:29 executing program 1:
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
chdir(0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
r0 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x1c5042, 0x0)
write(r1, &(0x7f0000000200)='E', 0x140000)
socket$inet_udp(0x2, 0x2, 0x0)
r2 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendfile(r0, 0xffffffffffffffff, 0x0, 0xfffffdef)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0)
sendfile(r4, r3, 0x0, 0x7fffffff)
sendfile(r2, r3, &(0x7f0000000000)=0x81, 0xfff)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'syz_tun\x00', 0x0})
bind$packet(0xffffffffffffffff, &(0x7f0000000000)={0x11, 0x0, r5, 0x1, 0x0, 0x6, @remote}, 0x14)
sendmsg$ETHTOOL_MSG_COALESCE_GET(0xffffffffffffffff, 0x0, 0x4000000)
ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x8946, 0x0)
10:56:30 executing program 2:
syz_mount_image$nfs(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
10:56:30 executing program 4:
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
chdir(0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
r0 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x1c5042, 0x0)
write(r1, &(0x7f0000000200)='E', 0x140000)
socket$inet_udp(0x2, 0x2, 0x0)
r2 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendfile(r0, 0xffffffffffffffff, 0x0, 0xfffffdef)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0)
sendfile(r4, r3, 0x0, 0x7fffffff)
sendfile(r2, r3, &(0x7f0000000000)=0x81, 0xfff)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'syz_tun\x00', 0x0})
bind$packet(0xffffffffffffffff, &(0x7f0000000000)={0x11, 0x0, r5, 0x1, 0x0, 0x6, @remote}, 0x14)
sendmsg$ETHTOOL_MSG_COALESCE_GET(0xffffffffffffffff, 0x0, 0x4000000)
ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x8946, 0x0)
10:56:30 executing program 2:
getsockopt$inet6_tcp_TCP_REPAIR_WINDOW(0xffffffffffffffff, 0x6, 0x1d, 0x0, &(0x7f0000000040))
syz_open_procfs(0x0, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000300)={'wlan0\x00', 0x0})
sendmsg$NL80211_CMD_FRAME(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000340)={0x40, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_FRAME={0x22, 0x33, @deauth={@with_ht={{{}, {}, @broadcast, @device_a, @from_mac=@broadcast}}, 0x0, @void}}]}, 0x40}}, 0x0)
10:56:30 executing program 2:
getsockopt$inet6_tcp_TCP_REPAIR_WINDOW(0xffffffffffffffff, 0x6, 0x1d, 0x0, &(0x7f0000000040))
syz_open_procfs(0x0, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000300)={'wlan0\x00', 0x0})
sendmsg$NL80211_CMD_FRAME(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000340)={0x40, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_FRAME={0x22, 0x33, @deauth={@with_ht={{{}, {}, @broadcast, @device_a, @from_mac=@broadcast}}, 0x0, @void}}]}, 0x40}}, 0x0)
10:56:30 executing program 2:
getsockopt$inet6_tcp_TCP_REPAIR_WINDOW(0xffffffffffffffff, 0x6, 0x1d, 0x0, &(0x7f0000000040))
syz_open_procfs(0x0, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000300)={'wlan0\x00', 0x0})
sendmsg$NL80211_CMD_FRAME(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000340)={0x40, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_FRAME={0x22, 0x33, @deauth={@with_ht={{{}, {}, @broadcast, @device_a, @from_mac=@broadcast}}, 0x0, @void}}]}, 0x40}}, 0x0)
10:56:30 executing program 6:
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
chdir(0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
r0 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x1c5042, 0x0)
write(r1, &(0x7f0000000200)='E', 0x140000)
socket$inet_udp(0x2, 0x2, 0x0)
r2 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendfile(r0, 0xffffffffffffffff, 0x0, 0xfffffdef)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0)
sendfile(r4, r3, 0x0, 0x7fffffff)
sendfile(r2, r3, &(0x7f0000000000)=0x81, 0xfff)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'syz_tun\x00', 0x0})
bind$packet(0xffffffffffffffff, &(0x7f0000000000)={0x11, 0x0, r5, 0x1, 0x0, 0x6, @remote}, 0x14)
sendmsg$ETHTOOL_MSG_COALESCE_GET(0xffffffffffffffff, 0x0, 0x4000000)
ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x8946, 0x0)
10:56:30 executing program 0:
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
chdir(0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
r0 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x1c5042, 0x0)
write(r1, &(0x7f0000000200)='E', 0x140000)
socket$inet_udp(0x2, 0x2, 0x0)
r2 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendfile(r0, 0xffffffffffffffff, 0x0, 0xfffffdef)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0)
sendfile(r4, r3, 0x0, 0x7fffffff)
sendfile(r2, r3, &(0x7f0000000000)=0x81, 0xfff)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'syz_tun\x00', 0x0})
bind$packet(0xffffffffffffffff, &(0x7f0000000000)={0x11, 0x0, r5, 0x1, 0x0, 0x6, @remote}, 0x14)
sendmsg$ETHTOOL_MSG_COALESCE_GET(0xffffffffffffffff, 0x0, 0x4000000)
ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x8946, 0x0)
[ 121.737281] syz-executor.4 (4299) used greatest stack depth: 23768 bytes left
10:56:31 executing program 2:
getsockopt$inet6_tcp_TCP_REPAIR_WINDOW(0xffffffffffffffff, 0x6, 0x1d, 0x0, &(0x7f0000000040))
syz_open_procfs(0x0, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000300)={'wlan0\x00', 0x0})
sendmsg$NL80211_CMD_FRAME(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000340)={0x40, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_FRAME={0x22, 0x33, @deauth={@with_ht={{{}, {}, @broadcast, @device_a, @from_mac=@broadcast}}, 0x0, @void}}]}, 0x40}}, 0x0)
10:56:31 executing program 3:
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
chdir(0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
r0 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x1c5042, 0x0)
write(r1, &(0x7f0000000200)='E', 0x140000)
socket$inet_udp(0x2, 0x2, 0x0)
r2 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendfile(r0, 0xffffffffffffffff, 0x0, 0xfffffdef)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0)
sendfile(r4, r3, 0x0, 0x7fffffff)
sendfile(r2, r3, &(0x7f0000000000)=0x81, 0xfff)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'syz_tun\x00', 0x0})
bind$packet(0xffffffffffffffff, &(0x7f0000000000)={0x11, 0x0, r5, 0x1, 0x0, 0x6, @remote}, 0x14)
sendmsg$ETHTOOL_MSG_COALESCE_GET(0xffffffffffffffff, 0x0, 0x4000000)
ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x8946, 0x0)
10:56:31 executing program 1:
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
chdir(0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
r0 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x1c5042, 0x0)
write(r1, &(0x7f0000000200)='E', 0x140000)
socket$inet_udp(0x2, 0x2, 0x0)
r2 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendfile(r0, 0xffffffffffffffff, 0x0, 0xfffffdef)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0)
sendfile(r4, r3, 0x0, 0x7fffffff)
sendfile(r2, r3, &(0x7f0000000000)=0x81, 0xfff)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'syz_tun\x00', 0x0})
bind$packet(0xffffffffffffffff, &(0x7f0000000000)={0x11, 0x0, r5, 0x1, 0x0, 0x6, @remote}, 0x14)
sendmsg$ETHTOOL_MSG_COALESCE_GET(0xffffffffffffffff, 0x0, 0x4000000)
ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x8946, 0x0)
10:56:31 executing program 5:
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
chdir(0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
r0 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x1c5042, 0x0)
write(r1, &(0x7f0000000200)='E', 0x140000)
socket$inet_udp(0x2, 0x2, 0x0)
r2 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendfile(r0, 0xffffffffffffffff, 0x0, 0xfffffdef)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0)
sendfile(r4, r3, 0x0, 0x7fffffff)
sendfile(r2, r3, &(0x7f0000000000)=0x81, 0xfff)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'syz_tun\x00', 0x0})
bind$packet(0xffffffffffffffff, &(0x7f0000000000)={0x11, 0x0, r5, 0x1, 0x0, 0x6, @remote}, 0x14)
sendmsg$ETHTOOL_MSG_COALESCE_GET(0xffffffffffffffff, 0x0, 0x4000000)
ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x8946, 0x0)
10:56:31 executing program 7:
getsockopt$inet6_tcp_TCP_REPAIR_WINDOW(0xffffffffffffffff, 0x6, 0x1d, 0x0, &(0x7f0000000040))
syz_open_procfs(0x0, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000300)={'wlan0\x00', 0x0})
sendmsg$NL80211_CMD_FRAME(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000340)={0x40, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_FRAME={0x22, 0x33, @deauth={@with_ht={{{}, {}, @broadcast, @device_a, @from_mac=@broadcast}}, 0x0, @void}}]}, 0x40}}, 0x0)
10:56:31 executing program 6:
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff})
sendto(r0, &(0x7f0000000040)="ae", 0x1, 0x881, 0x0, 0x0)
sendto(r0, &(0x7f0000000080)="ae", 0x1, 0x881, 0x0, 0x0)
10:56:31 executing program 4:
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
chdir(0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
r0 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x1c5042, 0x0)
write(r1, &(0x7f0000000200)='E', 0x140000)
socket$inet_udp(0x2, 0x2, 0x0)
r2 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendfile(r0, 0xffffffffffffffff, 0x0, 0xfffffdef)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0)
sendfile(r4, r3, 0x0, 0x7fffffff)
sendfile(r2, r3, &(0x7f0000000000)=0x81, 0xfff)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'syz_tun\x00', 0x0})
bind$packet(0xffffffffffffffff, &(0x7f0000000000)={0x11, 0x0, r5, 0x1, 0x0, 0x6, @remote}, 0x14)
sendmsg$ETHTOOL_MSG_COALESCE_GET(0xffffffffffffffff, 0x0, 0x4000000)
ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x8946, 0x0)
10:56:31 executing program 0:
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
chdir(0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
r0 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x1c5042, 0x0)
write(r1, &(0x7f0000000200)='E', 0x140000)
socket$inet_udp(0x2, 0x2, 0x0)
r2 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendfile(r0, 0xffffffffffffffff, 0x0, 0xfffffdef)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0)
sendfile(r4, r3, 0x0, 0x7fffffff)
sendfile(r2, r3, &(0x7f0000000000)=0x81, 0xfff)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'syz_tun\x00', 0x0})
bind$packet(0xffffffffffffffff, &(0x7f0000000000)={0x11, 0x0, r5, 0x1, 0x0, 0x6, @remote}, 0x14)
sendmsg$ETHTOOL_MSG_COALESCE_GET(0xffffffffffffffff, 0x0, 0x4000000)
ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x8946, 0x0)
10:56:31 executing program 6:
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff})
sendto(r0, &(0x7f0000000040)="ae", 0x1, 0x881, 0x0, 0x0)
sendto(r0, &(0x7f0000000080)="ae", 0x1, 0x881, 0x0, 0x0)
10:56:31 executing program 7:
getsockopt$inet6_tcp_TCP_REPAIR_WINDOW(0xffffffffffffffff, 0x6, 0x1d, 0x0, &(0x7f0000000040))
syz_open_procfs(0x0, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000300)={'wlan0\x00', 0x0})
sendmsg$NL80211_CMD_FRAME(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000340)={0x40, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_FRAME={0x22, 0x33, @deauth={@with_ht={{{}, {}, @broadcast, @device_a, @from_mac=@broadcast}}, 0x0, @void}}]}, 0x40}}, 0x0)
10:56:31 executing program 6:
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff})
sendto(r0, &(0x7f0000000040)="ae", 0x1, 0x881, 0x0, 0x0)
sendto(r0, &(0x7f0000000080)="ae", 0x1, 0x881, 0x0, 0x0)
10:56:31 executing program 7:
getsockopt$inet6_tcp_TCP_REPAIR_WINDOW(0xffffffffffffffff, 0x6, 0x1d, 0x0, &(0x7f0000000040))
syz_open_procfs(0x0, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000300)={'wlan0\x00', 0x0})
sendmsg$NL80211_CMD_FRAME(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000340)={0x40, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_FRAME={0x22, 0x33, @deauth={@with_ht={{{}, {}, @broadcast, @device_a, @from_mac=@broadcast}}, 0x0, @void}}]}, 0x40}}, 0x0)
10:56:31 executing program 3:
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
chdir(0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
r0 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x1c5042, 0x0)
write(r1, &(0x7f0000000200)='E', 0x140000)
socket$inet_udp(0x2, 0x2, 0x0)
r2 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendfile(r0, 0xffffffffffffffff, 0x0, 0xfffffdef)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0)
sendfile(r4, r3, 0x0, 0x7fffffff)
sendfile(r2, r3, &(0x7f0000000000)=0x81, 0xfff)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'syz_tun\x00', 0x0})
bind$packet(0xffffffffffffffff, &(0x7f0000000000)={0x11, 0x0, r5, 0x1, 0x0, 0x6, @remote}, 0x14)
sendmsg$ETHTOOL_MSG_COALESCE_GET(0xffffffffffffffff, 0x0, 0x4000000)
ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x8946, 0x0)
10:56:31 executing program 2:
syz_mount_image$ext4(0x0, &(0x7f0000000000)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
rmdir(&(0x7f0000000180)='./file0\x00')
10:56:31 executing program 6:
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff})
sendto(r0, &(0x7f0000000040)="ae", 0x1, 0x881, 0x0, 0x0)
sendto(r0, &(0x7f0000000080)="ae", 0x1, 0x881, 0x0, 0x0)
10:56:31 executing program 7:
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
futex(&(0x7f0000000940)=0x1, 0xd, 0x0, 0x0, 0x0, 0x0)
10:56:31 executing program 5:
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[])
openat(0xffffffffffffff9c, 0x0, 0x4042, 0x0)
10:56:31 executing program 1:
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
chdir(0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
r0 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x1c5042, 0x0)
write(r1, &(0x7f0000000200)='E', 0x140000)
socket$inet_udp(0x2, 0x2, 0x0)
r2 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendfile(r0, 0xffffffffffffffff, 0x0, 0xfffffdef)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0)
sendfile(r4, r3, 0x0, 0x7fffffff)
sendfile(r2, r3, &(0x7f0000000000)=0x81, 0xfff)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'syz_tun\x00', 0x0})
bind$packet(0xffffffffffffffff, &(0x7f0000000000)={0x11, 0x0, r5, 0x1, 0x0, 0x6, @remote}, 0x14)
sendmsg$ETHTOOL_MSG_COALESCE_GET(0xffffffffffffffff, 0x0, 0x4000000)
ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x8946, 0x0)
10:56:31 executing program 0:
r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000180)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x4}, 0x0, 0x0, r0, 0xb)
10:56:32 executing program 5:
unshare(0x40480)
pipe(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff})
pipe(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff})
close(r1)
tee(r0, r2, 0x1, 0x0)
10:56:32 executing program 6:
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x31, 0xffffffffffffffff, 0x0)
mbind(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x3, &(0x7f0000000040)=0x1, 0x7f, 0x0)
remap_file_pages(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x0, 0x0, 0x0)
[ 122.796256] mmap: syz-executor.6 (4371) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
10:56:32 executing program 5:
unshare(0x40480)
pipe(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff})
pipe(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff})
close(r1)
tee(r0, r2, 0x1, 0x0)
10:56:32 executing program 0:
r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000180)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x4}, 0x0, 0x0, r0, 0xb)
10:56:32 executing program 4:
unshare(0x40480)
pipe(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff})
pipe(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff})
close(r1)
tee(r0, r2, 0x1, 0x0)
10:56:32 executing program 6:
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x31, 0xffffffffffffffff, 0x0)
mbind(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x3, &(0x7f0000000040)=0x1, 0x7f, 0x0)
remap_file_pages(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x0, 0x0, 0x0)
10:56:32 executing program 3:
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x31, 0xffffffffffffffff, 0x0)
mbind(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x3, &(0x7f0000000040)=0x1, 0x7f, 0x0)
remap_file_pages(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x0, 0x0, 0x0)
10:56:32 executing program 2:
syz_mount_image$ext4(0x0, &(0x7f0000000000)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
rmdir(&(0x7f0000000180)='./file0\x00')
10:56:32 executing program 3:
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x31, 0xffffffffffffffff, 0x0)
mbind(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x3, &(0x7f0000000040)=0x1, 0x7f, 0x0)
remap_file_pages(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x0, 0x0, 0x0)
10:56:32 executing program 6:
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x31, 0xffffffffffffffff, 0x0)
mbind(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x3, &(0x7f0000000040)=0x1, 0x7f, 0x0)
remap_file_pages(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x0, 0x0, 0x0)
10:56:32 executing program 4:
unshare(0x40480)
pipe(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff})
pipe(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff})
close(r1)
tee(r0, r2, 0x1, 0x0)
10:56:32 executing program 1:
r0 = openat$full(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
vmsplice(r0, &(0x7f00000002c0)=[{&(0x7f00000000c0)='\n', 0x1}], 0x7ffff000, 0x0)
10:56:32 executing program 7:
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
futex(&(0x7f0000000940)=0x1, 0xd, 0x0, 0x0, 0x0, 0x0)
10:56:32 executing program 0:
r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000180)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x4}, 0x0, 0x0, r0, 0xb)
10:56:32 executing program 5:
unshare(0x40480)
pipe(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff})
pipe(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff})
close(r1)
tee(r0, r2, 0x1, 0x0)
10:56:33 executing program 5:
unshare(0x40480)
pipe(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff})
pipe(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff})
close(r1)
tee(r0, r2, 0x1, 0x0)
10:56:33 executing program 3:
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x31, 0xffffffffffffffff, 0x0)
mbind(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x3, &(0x7f0000000040)=0x1, 0x7f, 0x0)
remap_file_pages(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x0, 0x0, 0x0)
10:56:33 executing program 6:
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x31, 0xffffffffffffffff, 0x0)
mbind(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x3, &(0x7f0000000040)=0x1, 0x7f, 0x0)
remap_file_pages(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x0, 0x0, 0x0)
10:56:33 executing program 1:
r0 = openat$full(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
vmsplice(r0, &(0x7f00000002c0)=[{&(0x7f00000000c0)='\n', 0x1}], 0x7ffff000, 0x0)
10:56:33 executing program 0:
r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000180)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x4}, 0x0, 0x0, r0, 0xb)
10:56:33 executing program 4:
unshare(0x40480)
pipe(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff})
pipe(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff})
close(r1)
tee(r0, r2, 0x1, 0x0)
10:56:33 executing program 3:
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
futex(&(0x7f0000000940)=0x1, 0xd, 0x0, 0x0, 0x0, 0x0)
10:56:33 executing program 0:
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
futex(&(0x7f0000000940)=0x1, 0xd, 0x0, 0x0, 0x0, 0x0)
10:56:33 executing program 7:
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
futex(&(0x7f0000000940)=0x1, 0xd, 0x0, 0x0, 0x0, 0x0)
10:56:33 executing program 6:
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x2, 0x92, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={0x0, 0xd}, 0x0, 0x8, 0x0, 0x0, 0x5}, 0x0, 0xfffff7ffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
connect$inet6(r1, 0x0, 0x0)
r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
r3 = socket$nl_audit(0x10, 0x3, 0x9)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000040)={'wlan1\x00', 0x0})
sendmsg$inet(r2, &(0x7f0000000780)={&(0x7f0000000000)={0x2, 0x0, @local}, 0x10, &(0x7f00000003c0)=[{&(0x7f0000000300)="6fb9", 0xffeb}], 0x1, &(0x7f0000000700)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {r4, @remote, @broadcast}}}], 0x20}, 0x0)
r5 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0)
fsetxattr$system_posix_acl(r5, &(0x7f0000000000)='system.posix_acl_access\x00', &(0x7f0000000200)={{}, {}, [{}]}, 0x2c, 0x0)
perf_event_open(&(0x7f00000062c0)={0x4, 0x80, 0xdb, 0x7, 0xff, 0x8, 0x0, 0x1ff, 0xa01, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0xbee, 0x2, @perf_config_ext={0x8, 0x1}, 0x10, 0x1400, 0xf22, 0x0, 0x5, 0x3, 0x10e2, 0x0, 0x0, 0x0, 0x400}, 0xffffffffffffffff, 0x8, 0xffffffffffffffff, 0x1)
perf_event_open(&(0x7f0000000340)={0x5, 0x80, 0xe2, 0x7, 0xff, 0x3, 0x0, 0x8e, 0x41180, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x3, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x4, 0x4, @perf_config_ext={0xff, 0x80000000}, 0x101a5, 0x0, 0x6, 0x1, 0xfffffffffffffffd, 0x400, 0x2, 0x0, 0x4, 0x0, 0x48}, 0x0, 0xffffffffffffffff, r1, 0x1)
10:56:33 executing program 2:
syz_mount_image$ext4(0x0, &(0x7f0000000000)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
rmdir(&(0x7f0000000180)='./file0\x00')
10:56:33 executing program 1:
r0 = openat$full(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
vmsplice(r0, &(0x7f00000002c0)=[{&(0x7f00000000c0)='\n', 0x1}], 0x7ffff000, 0x0)
10:56:33 executing program 5:
syz_mount_image$ext4(0x0, &(0x7f0000000000)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
rmdir(&(0x7f0000000180)='./file0\x00')
[ 124.588907] audit: type=1400 audit(1679914593.951:9): avc: denied { tracepoint } for pid=4416 comm="syz-executor.6" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1
VM DIAGNOSIS:
10:56:24 Registers:
info registers vcpu 0
RAX=0000004c3ba6d7bc RBX=ffff88800bab0000 RCX=0000000000000000 RDX=0000000000005978
RSI=0000000000000000 RDI=0000004c3ba67e44 RBP=00000000000003e8 RSP=ffff88803eed6dd8
R8 =0000000000000000 R9 =0000000000006d2c R10=0000000000010376 R11=0000000000000001
R12=ffff88800bab0180 R13=ffffed1001756001 R14=dffffc0000000000 R15=0000000000000000
RIP=ffffffff8445fd42 RFL=00000083 [--S---C] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 00000000 00000000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA]
DS =0000 0000000000000000 00000000 00000000
FS =0000 00007f0958ae4700 00000000 00000000
GS =0000 ffff88806ce00000 00000000 00000000
LDT=0000 fffffe0000000000 00000000 00000000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT= fffffe0000001000 0000007f
IDT= fffffe0000000000 00000fff
CR0=80050033 CR2=0000001b2cc21000 CR3=000000003c70e000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=00000000000000000000000000000000 XMM01=ffffffffffffffffffffffffffffffff
XMM02=00000000000000000000000000000000 XMM03=00000000000000000000000000000000
XMM04=000000000000000000000000000000ff XMM05=00000000000000000000000000000000
XMM06=0000000000000000000000524f525245 XMM07=00000000000000000000000000000000
XMM08=000000000000000000524f5252450040 XMM09=00000000000000000000000000000000
XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000
XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000
XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000
info registers vcpu 1
RAX=0000000000000031 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff824f8615 RDI=ffffffff87f0bdc0 RBP=ffffffff87f0bd80 RSP=ffff88803df5f660
R8 =0000000000000001 R9 =000000000000000a R10=0000000000000031 R11=0000000000000001
R12=0000000000000031 R13=ffffffff87f0bd80 R14=0000000000000010 R15=ffffffff824f8600
RIP=ffffffff824f866d RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 00000000 00000000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA]
DS =0000 0000000000000000 00000000 00000000
FS =0000 00007f71754f2700 00000000 00000000
GS =0000 ffff88806cf00000 00000000 00000000
LDT=0000 fffffe0000000000 00000000 00000000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT= fffffe0000048000 0000007f
IDT= fffffe0000000000 00000fff
CR0=80050033 CR2=0000000020009780 CR3=0000000016c70000 CR4=00350ee0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=ffffffffffff00000000000000000000 XMM01=23232323232323232323232323232323
XMM02=ffffffffffffffffffffffffffffffff XMM03=00000000000000000000000000000000
XMM04=ffffffffffff00000000000000000000 XMM05=00000000000000000000000000000000
XMM06=0000000000000000000000524f525245 XMM07=00000000000000000000000000000000
XMM08=000000000000000000524f5252450040 XMM09=00000000000000000000000000000000
XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000
XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000
XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000