Warning: Permanently added '[localhost]:8934' (ECDSA) to the list of known hosts. 2023/03/27 12:45:35 fuzzer started 2023/03/27 12:45:35 dialing manager at localhost:45291 syzkaller login: [ 44.146601] cgroup: Unknown subsys name 'net' [ 44.253719] cgroup: Unknown subsys name 'rlimit' 2023/03/27 12:45:48 syscalls: 2217 2023/03/27 12:45:48 code coverage: enabled 2023/03/27 12:45:48 comparison tracing: enabled 2023/03/27 12:45:48 extra coverage: enabled 2023/03/27 12:45:48 setuid sandbox: enabled 2023/03/27 12:45:48 namespace sandbox: enabled 2023/03/27 12:45:48 Android sandbox: enabled 2023/03/27 12:45:48 fault injection: enabled 2023/03/27 12:45:48 leak checking: enabled 2023/03/27 12:45:48 net packet injection: enabled 2023/03/27 12:45:48 net device setup: enabled 2023/03/27 12:45:48 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2023/03/27 12:45:48 devlink PCI setup: PCI device 0000:00:10.0 is not available 2023/03/27 12:45:48 USB emulation: enabled 2023/03/27 12:45:48 hci packet injection: enabled 2023/03/27 12:45:48 wifi device emulation: enabled 2023/03/27 12:45:48 802.15.4 emulation: enabled 2023/03/27 12:45:48 fetching corpus: 0, signal 0/2000 (executing program) 2023/03/27 12:45:48 fetching corpus: 44, signal 34993/38483 (executing program) 2023/03/27 12:45:48 fetching corpus: 94, signal 48367/53310 (executing program) 2023/03/27 12:45:49 fetching corpus: 144, signal 58012/64326 (executing program) 2023/03/27 12:45:49 fetching corpus: 194, signal 66331/73930 (executing program) 2023/03/27 12:45:49 fetching corpus: 244, signal 76143/84850 (executing program) 2023/03/27 12:45:49 fetching corpus: 293, signal 82705/92541 (executing program) 2023/03/27 12:45:49 fetching corpus: 343, signal 88603/99549 (executing program) 2023/03/27 12:45:49 fetching corpus: 393, signal 93266/105265 (executing program) 2023/03/27 12:45:49 fetching corpus: 443, signal 96482/109600 (executing program) 2023/03/27 12:45:50 fetching corpus: 493, signal 100056/114212 (executing program) 2023/03/27 12:45:50 fetching corpus: 543, signal 104751/119780 (executing program) 2023/03/27 12:45:50 fetching corpus: 593, signal 110024/125803 (executing program) 2023/03/27 12:45:50 fetching corpus: 643, signal 112948/129644 (executing program) 2023/03/27 12:45:50 fetching corpus: 693, signal 115443/133038 (executing program) 2023/03/27 12:45:50 fetching corpus: 743, signal 117915/136435 (executing program) 2023/03/27 12:45:50 fetching corpus: 793, signal 120323/139727 (executing program) 2023/03/27 12:45:51 fetching corpus: 843, signal 123581/143651 (executing program) 2023/03/27 12:45:51 fetching corpus: 893, signal 126600/147378 (executing program) 2023/03/27 12:45:51 fetching corpus: 943, signal 128933/150454 (executing program) 2023/03/27 12:45:51 fetching corpus: 993, signal 130951/153232 (executing program) 2023/03/27 12:45:51 fetching corpus: 1043, signal 133319/156321 (executing program) 2023/03/27 12:45:51 fetching corpus: 1093, signal 135103/158851 (executing program) 2023/03/27 12:45:51 fetching corpus: 1143, signal 136755/161275 (executing program) 2023/03/27 12:45:51 fetching corpus: 1193, signal 138668/163903 (executing program) 2023/03/27 12:45:52 fetching corpus: 1243, signal 140437/166354 (executing program) 2023/03/27 12:45:52 fetching corpus: 1293, signal 142178/168771 (executing program) 2023/03/27 12:45:52 fetching corpus: 1343, signal 144941/171971 (executing program) 2023/03/27 12:45:52 fetching corpus: 1393, signal 146134/173864 (executing program) 2023/03/27 12:45:52 fetching corpus: 1443, signal 148269/176473 (executing program) 2023/03/27 12:45:52 fetching corpus: 1493, signal 149963/178707 (executing program) 2023/03/27 12:45:52 fetching corpus: 1543, signal 151046/180452 (executing program) 2023/03/27 12:45:52 fetching corpus: 1593, signal 152546/182544 (executing program) 2023/03/27 12:45:52 fetching corpus: 1643, signal 153707/184355 (executing program) 2023/03/27 12:45:53 fetching corpus: 1693, signal 155610/186686 (executing program) 2023/03/27 12:45:53 fetching corpus: 1743, signal 157300/188784 (executing program) 2023/03/27 12:45:53 fetching corpus: 1793, signal 158647/190656 (executing program) 2023/03/27 12:45:53 fetching corpus: 1843, signal 160633/192995 (executing program) 2023/03/27 12:45:53 fetching corpus: 1891, signal 162206/194952 (executing program) 2023/03/27 12:45:53 fetching corpus: 1941, signal 163712/196845 (executing program) 2023/03/27 12:45:53 fetching corpus: 1991, signal 165155/198700 (executing program) 2023/03/27 12:45:53 fetching corpus: 2041, signal 166409/200396 (executing program) 2023/03/27 12:45:53 fetching corpus: 2091, signal 167857/202230 (executing program) 2023/03/27 12:45:54 fetching corpus: 2140, signal 168811/203687 (executing program) 2023/03/27 12:45:54 fetching corpus: 2189, signal 170177/205463 (executing program) 2023/03/27 12:45:54 fetching corpus: 2238, signal 171297/206990 (executing program) 2023/03/27 12:45:54 fetching corpus: 2288, signal 172027/208230 (executing program) 2023/03/27 12:45:54 fetching corpus: 2338, signal 173204/209740 (executing program) 2023/03/27 12:45:54 fetching corpus: 2388, signal 173783/210833 (executing program) 2023/03/27 12:45:54 fetching corpus: 2437, signal 174645/212179 (executing program) 2023/03/27 12:45:54 fetching corpus: 2487, signal 175766/213629 (executing program) 2023/03/27 12:45:55 fetching corpus: 2537, signal 177097/215189 (executing program) 2023/03/27 12:45:55 fetching corpus: 2587, signal 178067/216504 (executing program) 2023/03/27 12:45:55 fetching corpus: 2637, signal 179003/217807 (executing program) 2023/03/27 12:45:55 fetching corpus: 2687, signal 180281/219282 (executing program) 2023/03/27 12:45:55 fetching corpus: 2736, signal 181442/220662 (executing program) 2023/03/27 12:45:55 fetching corpus: 2786, signal 182607/222067 (executing program) 2023/03/27 12:45:55 fetching corpus: 2836, signal 183373/223188 (executing program) 2023/03/27 12:45:55 fetching corpus: 2886, signal 184152/224330 (executing program) 2023/03/27 12:45:56 fetching corpus: 2936, signal 185182/225625 (executing program) 2023/03/27 12:45:56 fetching corpus: 2986, signal 186029/226769 (executing program) 2023/03/27 12:45:56 fetching corpus: 3036, signal 187434/228258 (executing program) 2023/03/27 12:45:56 fetching corpus: 3085, signal 188057/229255 (executing program) 2023/03/27 12:45:56 fetching corpus: 3135, signal 188839/230343 (executing program) 2023/03/27 12:45:56 fetching corpus: 3185, signal 189739/231482 (executing program) 2023/03/27 12:45:56 fetching corpus: 3235, signal 190764/232695 (executing program) 2023/03/27 12:45:56 fetching corpus: 3285, signal 191677/233809 (executing program) 2023/03/27 12:45:57 fetching corpus: 3335, signal 193595/235435 (executing program) 2023/03/27 12:45:57 fetching corpus: 3385, signal 194143/236333 (executing program) 2023/03/27 12:45:57 fetching corpus: 3434, signal 195203/237542 (executing program) 2023/03/27 12:45:57 fetching corpus: 3484, signal 195914/238472 (executing program) 2023/03/27 12:45:57 fetching corpus: 3534, signal 196626/239398 (executing program) 2023/03/27 12:45:57 fetching corpus: 3584, signal 197447/240417 (executing program) 2023/03/27 12:45:57 fetching corpus: 3634, signal 198284/241445 (executing program) 2023/03/27 12:45:57 fetching corpus: 3684, signal 199825/242768 (executing program) 2023/03/27 12:45:57 fetching corpus: 3734, signal 200848/243808 (executing program) 2023/03/27 12:45:57 fetching corpus: 3784, signal 201538/244683 (executing program) 2023/03/27 12:45:58 fetching corpus: 3834, signal 202261/245584 (executing program) 2023/03/27 12:45:58 fetching corpus: 3884, signal 203338/246592 (executing program) 2023/03/27 12:45:58 fetching corpus: 3934, signal 204389/247600 (executing program) 2023/03/27 12:45:58 fetching corpus: 3984, signal 205008/248370 (executing program) 2023/03/27 12:45:58 fetching corpus: 4034, signal 205533/249134 (executing program) 2023/03/27 12:45:58 fetching corpus: 4084, signal 206505/250056 (executing program) 2023/03/27 12:45:58 fetching corpus: 4134, signal 207133/250811 (executing program) 2023/03/27 12:45:58 fetching corpus: 4184, signal 208111/251752 (executing program) 2023/03/27 12:45:59 fetching corpus: 4234, signal 208749/252529 (executing program) 2023/03/27 12:45:59 fetching corpus: 4284, signal 209287/253275 (executing program) 2023/03/27 12:45:59 fetching corpus: 4334, signal 210310/254191 (executing program) 2023/03/27 12:45:59 fetching corpus: 4383, signal 210849/254900 (executing program) 2023/03/27 12:45:59 fetching corpus: 4433, signal 211703/255683 (executing program) 2023/03/27 12:45:59 fetching corpus: 4483, signal 212240/256355 (executing program) 2023/03/27 12:45:59 fetching corpus: 4533, signal 212857/257042 (executing program) 2023/03/27 12:45:59 fetching corpus: 4583, signal 213323/257636 (executing program) 2023/03/27 12:46:00 fetching corpus: 4633, signal 214087/258345 (executing program) 2023/03/27 12:46:00 fetching corpus: 4683, signal 214698/259014 (executing program) 2023/03/27 12:46:00 fetching corpus: 4732, signal 215289/259626 (executing program) 2023/03/27 12:46:00 fetching corpus: 4782, signal 216158/260384 (executing program) 2023/03/27 12:46:00 fetching corpus: 4832, signal 216681/261020 (executing program) 2023/03/27 12:46:00 fetching corpus: 4882, signal 217268/261650 (executing program) 2023/03/27 12:46:00 fetching corpus: 4931, signal 217930/262264 (executing program) 2023/03/27 12:46:00 fetching corpus: 4981, signal 218601/262943 (executing program) 2023/03/27 12:46:01 fetching corpus: 5031, signal 219147/263518 (executing program) 2023/03/27 12:46:01 fetching corpus: 5081, signal 219777/264156 (executing program) 2023/03/27 12:46:01 fetching corpus: 5131, signal 220600/264776 (executing program) 2023/03/27 12:46:01 fetching corpus: 5181, signal 220960/265252 (executing program) 2023/03/27 12:46:01 fetching corpus: 5231, signal 221606/265863 (executing program) 2023/03/27 12:46:01 fetching corpus: 5281, signal 222068/266384 (executing program) 2023/03/27 12:46:01 fetching corpus: 5331, signal 222913/267061 (executing program) 2023/03/27 12:46:01 fetching corpus: 5380, signal 223542/267570 (executing program) 2023/03/27 12:46:02 fetching corpus: 5429, signal 224107/268075 (executing program) 2023/03/27 12:46:02 fetching corpus: 5479, signal 224688/268622 (executing program) 2023/03/27 12:46:02 fetching corpus: 5528, signal 225272/269140 (executing program) 2023/03/27 12:46:02 fetching corpus: 5578, signal 225655/269611 (executing program) 2023/03/27 12:46:02 fetching corpus: 5628, signal 226183/270079 (executing program) 2023/03/27 12:46:02 fetching corpus: 5678, signal 226529/270503 (executing program) 2023/03/27 12:46:02 fetching corpus: 5728, signal 227003/270971 (executing program) 2023/03/27 12:46:02 fetching corpus: 5778, signal 227542/271456 (executing program) 2023/03/27 12:46:03 fetching corpus: 5828, signal 227913/271879 (executing program) 2023/03/27 12:46:03 fetching corpus: 5878, signal 228432/272329 (executing program) 2023/03/27 12:46:03 fetching corpus: 5928, signal 228962/272779 (executing program) 2023/03/27 12:46:03 fetching corpus: 5978, signal 229492/273229 (executing program) 2023/03/27 12:46:03 fetching corpus: 6028, signal 229925/273679 (executing program) 2023/03/27 12:46:03 fetching corpus: 6078, signal 230647/274130 (executing program) 2023/03/27 12:46:03 fetching corpus: 6128, signal 231292/274532 (executing program) 2023/03/27 12:46:03 fetching corpus: 6177, signal 232048/274956 (executing program) 2023/03/27 12:46:04 fetching corpus: 6227, signal 232529/275349 (executing program) 2023/03/27 12:46:04 fetching corpus: 6277, signal 232945/275723 (executing program) 2023/03/27 12:46:04 fetching corpus: 6327, signal 233426/276063 (executing program) 2023/03/27 12:46:04 fetching corpus: 6377, signal 234013/276466 (executing program) 2023/03/27 12:46:04 fetching corpus: 6427, signal 234447/276843 (executing program) 2023/03/27 12:46:04 fetching corpus: 6477, signal 234762/277205 (executing program) 2023/03/27 12:46:04 fetching corpus: 6526, signal 235275/277553 (executing program) 2023/03/27 12:46:04 fetching corpus: 6576, signal 235797/277890 (executing program) 2023/03/27 12:46:04 fetching corpus: 6626, signal 236270/278253 (executing program) 2023/03/27 12:46:05 fetching corpus: 6676, signal 236725/278556 (executing program) 2023/03/27 12:46:05 fetching corpus: 6726, signal 237253/278864 (executing program) 2023/03/27 12:46:05 fetching corpus: 6776, signal 237906/279189 (executing program) 2023/03/27 12:46:05 fetching corpus: 6826, signal 238459/279489 (executing program) 2023/03/27 12:46:05 fetching corpus: 6876, signal 239158/279784 (executing program) 2023/03/27 12:46:05 fetching corpus: 6926, signal 239504/280048 (executing program) 2023/03/27 12:46:05 fetching corpus: 6976, signal 239929/280048 (executing program) 2023/03/27 12:46:05 fetching corpus: 7025, signal 240324/280048 (executing program) 2023/03/27 12:46:06 fetching corpus: 7075, signal 240963/280048 (executing program) 2023/03/27 12:46:06 fetching corpus: 7125, signal 241325/280048 (executing program) 2023/03/27 12:46:06 fetching corpus: 7175, signal 241711/280048 (executing program) 2023/03/27 12:46:06 fetching corpus: 7225, signal 242133/280048 (executing program) 2023/03/27 12:46:06 fetching corpus: 7275, signal 242594/280050 (executing program) 2023/03/27 12:46:06 fetching corpus: 7325, signal 243066/280050 (executing program) 2023/03/27 12:46:06 fetching corpus: 7375, signal 243495/280050 (executing program) 2023/03/27 12:46:06 fetching corpus: 7425, signal 243918/280050 (executing program) 2023/03/27 12:46:06 fetching corpus: 7475, signal 244287/280050 (executing program) 2023/03/27 12:46:07 fetching corpus: 7525, signal 244701/280050 (executing program) 2023/03/27 12:46:07 fetching corpus: 7575, signal 245289/280060 (executing program) 2023/03/27 12:46:07 fetching corpus: 7625, signal 245857/280060 (executing program) 2023/03/27 12:46:07 fetching corpus: 7675, signal 246278/280060 (executing program) 2023/03/27 12:46:07 fetching corpus: 7725, signal 246654/280060 (executing program) 2023/03/27 12:46:07 fetching corpus: 7775, signal 247115/280060 (executing program) 2023/03/27 12:46:07 fetching corpus: 7825, signal 247454/280060 (executing program) 2023/03/27 12:46:08 fetching corpus: 7875, signal 247909/280060 (executing program) 2023/03/27 12:46:08 fetching corpus: 7925, signal 248221/280060 (executing program) 2023/03/27 12:46:08 fetching corpus: 7975, signal 248536/280060 (executing program) 2023/03/27 12:46:08 fetching corpus: 8025, signal 249026/280062 (executing program) 2023/03/27 12:46:08 fetching corpus: 8075, signal 249431/280062 (executing program) 2023/03/27 12:46:08 fetching corpus: 8125, signal 249793/280062 (executing program) 2023/03/27 12:46:08 fetching corpus: 8175, signal 250261/280062 (executing program) 2023/03/27 12:46:08 fetching corpus: 8225, signal 250737/280062 (executing program) 2023/03/27 12:46:09 fetching corpus: 8274, signal 251077/280062 (executing program) 2023/03/27 12:46:09 fetching corpus: 8324, signal 251488/280066 (executing program) 2023/03/27 12:46:09 fetching corpus: 8374, signal 252275/280066 (executing program) 2023/03/27 12:46:09 fetching corpus: 8424, signal 252633/280066 (executing program) 2023/03/27 12:46:09 fetching corpus: 8474, signal 252986/280066 (executing program) 2023/03/27 12:46:09 fetching corpus: 8524, signal 253373/280066 (executing program) 2023/03/27 12:46:09 fetching corpus: 8574, signal 253811/280073 (executing program) 2023/03/27 12:46:09 fetching corpus: 8624, signal 254223/280073 (executing program) 2023/03/27 12:46:10 fetching corpus: 8674, signal 254533/280073 (executing program) 2023/03/27 12:46:10 fetching corpus: 8724, signal 254816/280073 (executing program) 2023/03/27 12:46:10 fetching corpus: 8774, signal 255042/280073 (executing program) 2023/03/27 12:46:10 fetching corpus: 8823, signal 255460/280073 (executing program) 2023/03/27 12:46:10 fetching corpus: 8873, signal 255829/280073 (executing program) 2023/03/27 12:46:10 fetching corpus: 8923, signal 256265/280073 (executing program) 2023/03/27 12:46:10 fetching corpus: 8973, signal 256662/280073 (executing program) 2023/03/27 12:46:11 fetching corpus: 9023, signal 257091/280073 (executing program) 2023/03/27 12:46:11 fetching corpus: 9073, signal 257388/280073 (executing program) 2023/03/27 12:46:11 fetching corpus: 9123, signal 257604/280073 (executing program) 2023/03/27 12:46:11 fetching corpus: 9173, signal 258080/280073 (executing program) 2023/03/27 12:46:11 fetching corpus: 9223, signal 258402/280073 (executing program) 2023/03/27 12:46:11 fetching corpus: 9273, signal 258722/280073 (executing program) 2023/03/27 12:46:11 fetching corpus: 9323, signal 259000/280079 (executing program) 2023/03/27 12:46:11 fetching corpus: 9373, signal 259486/280079 (executing program) 2023/03/27 12:46:12 fetching corpus: 9423, signal 259872/280079 (executing program) 2023/03/27 12:46:12 fetching corpus: 9473, signal 260283/280079 (executing program) 2023/03/27 12:46:12 fetching corpus: 9523, signal 260630/280079 (executing program) 2023/03/27 12:46:12 fetching corpus: 9573, signal 260893/280079 (executing program) 2023/03/27 12:46:12 fetching corpus: 9623, signal 261192/280080 (executing program) 2023/03/27 12:46:12 fetching corpus: 9673, signal 261534/280082 (executing program) 2023/03/27 12:46:12 fetching corpus: 9723, signal 261909/280084 (executing program) 2023/03/27 12:46:12 fetching corpus: 9773, signal 262180/280084 (executing program) 2023/03/27 12:46:12 fetching corpus: 9823, signal 262647/280084 (executing program) 2023/03/27 12:46:12 fetching corpus: 9873, signal 262951/280084 (executing program) 2023/03/27 12:46:13 fetching corpus: 9923, signal 263291/280084 (executing program) 2023/03/27 12:46:13 fetching corpus: 9973, signal 263587/280084 (executing program) 2023/03/27 12:46:13 fetching corpus: 10023, signal 263933/280084 (executing program) 2023/03/27 12:46:13 fetching corpus: 10073, signal 264189/280084 (executing program) 2023/03/27 12:46:13 fetching corpus: 10123, signal 264393/280084 (executing program) 2023/03/27 12:46:13 fetching corpus: 10173, signal 264714/280084 (executing program) 2023/03/27 12:46:13 fetching corpus: 10223, signal 265108/280086 (executing program) 2023/03/27 12:46:13 fetching corpus: 10273, signal 265417/280086 (executing program) 2023/03/27 12:46:13 fetching corpus: 10323, signal 265695/280086 (executing program) 2023/03/27 12:46:14 fetching corpus: 10373, signal 265974/280091 (executing program) 2023/03/27 12:46:14 fetching corpus: 10423, signal 266223/280091 (executing program) 2023/03/27 12:46:14 fetching corpus: 10473, signal 266576/280091 (executing program) 2023/03/27 12:46:14 fetching corpus: 10523, signal 266771/280091 (executing program) 2023/03/27 12:46:14 fetching corpus: 10573, signal 267200/280091 (executing program) 2023/03/27 12:46:14 fetching corpus: 10623, signal 267464/280091 (executing program) 2023/03/27 12:46:14 fetching corpus: 10673, signal 267702/280096 (executing program) 2023/03/27 12:46:14 fetching corpus: 10723, signal 267930/280096 (executing program) 2023/03/27 12:46:14 fetching corpus: 10773, signal 268219/280112 (executing program) 2023/03/27 12:46:14 fetching corpus: 10823, signal 268633/280112 (executing program) 2023/03/27 12:46:15 fetching corpus: 10873, signal 269190/280112 (executing program) 2023/03/27 12:46:15 fetching corpus: 10923, signal 269523/280112 (executing program) 2023/03/27 12:46:15 fetching corpus: 10972, signal 269699/280112 (executing program) 2023/03/27 12:46:15 fetching corpus: 11022, signal 269968/280112 (executing program) 2023/03/27 12:46:15 fetching corpus: 11072, signal 270215/280112 (executing program) 2023/03/27 12:46:15 fetching corpus: 11121, signal 270481/280112 (executing program) 2023/03/27 12:46:15 fetching corpus: 11171, signal 270860/280112 (executing program) 2023/03/27 12:46:15 fetching corpus: 11221, signal 271076/280112 (executing program) 2023/03/27 12:46:15 fetching corpus: 11271, signal 271279/280112 (executing program) 2023/03/27 12:46:15 fetching corpus: 11321, signal 271530/280113 (executing program) 2023/03/27 12:46:15 fetching corpus: 11370, signal 271902/280113 (executing program) 2023/03/27 12:46:16 fetching corpus: 11420, signal 272139/280113 (executing program) 2023/03/27 12:46:16 fetching corpus: 11469, signal 272503/280116 (executing program) 2023/03/27 12:46:16 fetching corpus: 11519, signal 272826/280127 (executing program) 2023/03/27 12:46:16 fetching corpus: 11569, signal 273093/280127 (executing program) 2023/03/27 12:46:16 fetching corpus: 11619, signal 273493/280127 (executing program) 2023/03/27 12:46:16 fetching corpus: 11669, signal 273805/280127 (executing program) 2023/03/27 12:46:16 fetching corpus: 11719, signal 274031/280127 (executing program) 2023/03/27 12:46:17 fetching corpus: 11769, signal 274321/280127 (executing program) 2023/03/27 12:46:17 fetching corpus: 11819, signal 274563/280127 (executing program) 2023/03/27 12:46:17 fetching corpus: 11869, signal 274798/280127 (executing program) 2023/03/27 12:46:17 fetching corpus: 11919, signal 275111/280127 (executing program) 2023/03/27 12:46:17 fetching corpus: 11969, signal 275377/280127 (executing program) 2023/03/27 12:46:17 fetching corpus: 12019, signal 275728/280128 (executing program) 2023/03/27 12:46:17 fetching corpus: 12068, signal 275992/280128 (executing program) 2023/03/27 12:46:17 fetching corpus: 12118, signal 276224/280128 (executing program) 2023/03/27 12:46:18 fetching corpus: 12168, signal 276515/280128 (executing program) 2023/03/27 12:46:18 fetching corpus: 12193, signal 276654/280128 (executing program) 2023/03/27 12:46:18 fetching corpus: 12193, signal 276654/280128 (executing program) 2023/03/27 12:46:20 starting 8 fuzzer processes 12:46:20 executing program 0: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$HCIINQUIRY(r0, 0x800448f0, 0x0) bind$bt_hci(r0, &(0x7f0000000000)={0x1f, 0xffffffffffffffff, 0x2}, 0x6) 12:46:20 executing program 1: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000001480)={0x1, &(0x7f0000001440)=[{0x16}]}) 12:46:20 executing program 3: r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000040)={'syz_tun\x00', &(0x7f0000000000)=@ethtool_channels={0x41}}) 12:46:20 executing program 2: kexec_load(0x0, 0x1, &(0x7f0000003740)=[{0x0, 0x0, 0x0, 0x3d5ce000}], 0x0) 12:46:21 executing program 6: r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000040)={'syz_tun\x00', &(0x7f0000000000)=@ethtool_channels={0x45}}) [ 89.158948] audit: type=1400 audit(1679921180.998:6): avc: denied { execmem } for pid=259 comm="syz-executor.0" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1 12:46:21 executing program 4: mlock2(&(0x7f0000ff7000/0x4000)=nil, 0x4000, 0x0) mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mlock(&(0x7f0000ffb000/0x3000)=nil, 0x3000) 12:46:21 executing program 5: r0 = socket(0x2, 0xa, 0x0) getsockname$inet(r0, 0x0, &(0x7f0000000640)=0x53) 12:46:21 executing program 7: r0 = socket$inet6_udp(0xa, 0x2, 0x0) r1 = dup(r0) getsockopt$inet6_int(r1, 0x29, 0x19, 0x0, &(0x7f0000000100)) [ 90.513185] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 90.515233] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 90.516936] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 90.521528] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 90.523236] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 90.525317] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 90.527448] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 90.528941] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 90.530065] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 90.531162] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 90.539311] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 90.540426] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 90.541599] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 90.542552] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 90.543674] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 90.544597] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 90.545832] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 90.547165] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 90.549303] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 90.552698] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 90.553551] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 90.555955] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 90.557160] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 90.558524] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 90.560487] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 90.561419] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 90.562664] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 90.562705] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 90.565598] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 90.566931] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 90.580544] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 90.581707] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 90.586266] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 90.590683] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 90.593748] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 90.594749] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 90.595870] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 90.596816] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 90.598598] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 90.599796] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 90.602281] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 90.603594] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 90.605272] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 90.606441] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 90.607693] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 90.609116] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 90.614523] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 90.626526] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 92.602420] Bluetooth: hci3: command 0x0409 tx timeout [ 92.603702] Bluetooth: hci0: command 0x0409 tx timeout [ 92.666163] Bluetooth: hci6: command 0x0409 tx timeout [ 92.667288] Bluetooth: hci1: command 0x0409 tx timeout [ 92.668321] Bluetooth: hci2: command 0x0409 tx timeout [ 92.669210] Bluetooth: hci4: command 0x0409 tx timeout [ 92.670106] Bluetooth: hci7: command 0x0409 tx timeout [ 92.670961] Bluetooth: hci5: command 0x0409 tx timeout [ 94.650332] Bluetooth: hci0: command 0x041b tx timeout [ 94.651088] Bluetooth: hci3: command 0x041b tx timeout [ 94.714187] Bluetooth: hci5: command 0x041b tx timeout [ 94.714868] Bluetooth: hci7: command 0x041b tx timeout [ 94.715576] Bluetooth: hci4: command 0x041b tx timeout [ 94.716654] Bluetooth: hci2: command 0x041b tx timeout [ 94.717328] Bluetooth: hci1: command 0x041b tx timeout [ 94.717971] Bluetooth: hci6: command 0x041b tx timeout [ 96.699172] Bluetooth: hci3: command 0x040f tx timeout [ 96.699900] Bluetooth: hci0: command 0x040f tx timeout [ 96.762104] Bluetooth: hci6: command 0x040f tx timeout [ 96.762830] Bluetooth: hci1: command 0x040f tx timeout [ 96.763947] Bluetooth: hci2: command 0x040f tx timeout [ 96.764617] Bluetooth: hci4: command 0x040f tx timeout [ 96.765283] Bluetooth: hci7: command 0x040f tx timeout [ 96.765921] Bluetooth: hci5: command 0x040f tx timeout [ 98.746092] Bluetooth: hci0: command 0x0419 tx timeout [ 98.746973] Bluetooth: hci3: command 0x0419 tx timeout [ 98.810145] Bluetooth: hci5: command 0x0419 tx timeout [ 98.810936] Bluetooth: hci7: command 0x0419 tx timeout [ 98.811772] Bluetooth: hci4: command 0x0419 tx timeout [ 98.812585] Bluetooth: hci2: command 0x0419 tx timeout [ 98.813330] Bluetooth: hci1: command 0x0419 tx timeout [ 98.814089] Bluetooth: hci6: command 0x0419 tx timeout [ 137.678667] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 137.679810] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 137.684537] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 137.813497] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 137.814521] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 137.817020] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 138.053793] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 138.054743] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 138.056862] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 138.274829] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 138.275593] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 138.276906] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 138.520919] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 138.522149] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 138.526163] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 138.687418] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 138.688501] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 138.690426] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready 12:47:10 executing program 2: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_buf(r0, 0x6, 0xe, &(0x7f00000004c0)="52db0379", 0x4) 12:47:10 executing program 2: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) rmdir(0x0) mkdir(&(0x7f0000000240)='./file0\x00', 0x5a) [ 138.976799] audit: type=1400 audit(1679921230.816:7): avc: denied { open } for pid=3811 comm="syz-executor.2" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 [ 138.978503] audit: type=1400 audit(1679921230.816:8): avc: denied { kernel } for pid=3811 comm="syz-executor.2" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 12:47:10 executing program 2: mq_open(&(0x7f0000000000)='..\x00', 0x0, 0x0, 0x0) 12:47:10 executing program 2: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r1 = dup(r0) setsockopt$inet_IP_IPSEC_POLICY(r1, 0x0, 0x10, 0x0, 0x0) 12:47:11 executing program 2: syz_mount_image$tmpfs(0x0, &(0x7f0000000300)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount_setattr(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0, &(0x7f0000000080)={0x0, 0x0, 0x100000}, 0x20) 12:47:11 executing program 6: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) writev(r0, &(0x7f0000000000)=[{&(0x7f0000000140)="02b2dccad213e1e6cf54b7a797f8f22a47f25b7658fb110b2e76f95b0f318b8fa745e6ffba4414d29a42bfab524bc5bffb17decc4540a6f00b9772f5f9789a9525790df8d989b23530d0a1398f2ad734c7ff47961be476ffeec81efa3d3aa64b8ea329261dfc2e1047a68670f0e5950d6a5414956bddd09e101b5b66e5742fe843413e065e3b86a242b37bc58c68153a45015f6f1ea67762c302e461e0c84bbb7f8d464f5a72d9fad56dac0c5028a4012a93dbc7da640786e3c9898cdd8fe091b166bfcd66e6257abc923ceaf90e994deded3fe8a59c2105f5caf366d32170ef51299dbf441bc3cddda3", 0xea}], 0x1) 12:47:11 executing program 2: syz_emit_ethernet(0x4e, &(0x7f0000000180)={@broadcast, @local, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "2ddc20", 0x18, 0x3a, 0xff, @local, @local, {[], @ndisc_ra={0x86, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [{0x5, 0x1, "1fee1643e7e3"}]}}}}}}, 0x0) 12:47:11 executing program 2: syz_emit_ethernet(0x4e, &(0x7f0000000180)={@broadcast, @local, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "2ddc20", 0x18, 0x3a, 0xff, @local, @local, {[], @ndisc_ra={0x86, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [{0x5, 0x1, "1fee1643e7e3"}]}}}}}}, 0x0) [ 139.565922] syz-executor.5 uses obsolete (PF_INET,SOCK_PACKET) [ 139.597730] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 139.598712] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 139.599929] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 139.657656] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 139.658920] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 139.663285] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 139.863436] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 139.864575] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 139.867410] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 140.034450] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 140.035395] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 140.036570] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 140.269452] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 140.270068] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 140.271591] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 140.323394] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 140.323916] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 140.325186] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 140.700736] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 140.701688] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 140.703970] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 140.736940] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 140.737805] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 140.741042] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 141.081512] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 141.082268] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 141.091410] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 141.097852] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 141.098910] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 141.100602] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 141.356681] audit: type=1326 audit(1679921233.196:9): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=3946 comm="syz-executor.1" exe="/syz-executor.1" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fbce43f9b19 code=0x0 12:47:13 executing program 0: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$HCIINQUIRY(r0, 0x800448f0, 0x0) bind$bt_hci(r0, &(0x7f0000000000)={0x1f, 0xffffffffffffffff, 0x2}, 0x6) 12:47:13 executing program 6: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) kexec_load(0x0, 0x1, &(0x7f0000000300)=[{0x0, 0x2}], 0x0) 12:47:13 executing program 2: syz_emit_ethernet(0x4e, &(0x7f0000000180)={@broadcast, @local, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "2ddc20", 0x18, 0x3a, 0xff, @local, @local, {[], @ndisc_ra={0x86, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [{0x5, 0x1, "1fee1643e7e3"}]}}}}}}, 0x0) 12:47:13 executing program 5: r0 = socket(0x2, 0xa, 0x0) getsockname$inet(r0, 0x0, &(0x7f0000000640)=0x53) 12:47:13 executing program 4: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) chdir(0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1/file0\x00', 0x100, 0x106) r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x1c5042, 0x0) write(r2, &(0x7f0000000200)='E', 0x140000) perf_event_open(&(0x7f0000000140)={0x4, 0x80, 0x7, 0x56, 0x1f, 0x92, 0x0, 0x1, 0x10000, 0x2, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x4, @perf_config_ext={0x5, 0x7ff}, 0x10800, 0x3, 0x1ea, 0x1, 0x7, 0x8195, 0x8, 0x0, 0x5, 0x0, 0x9}, 0xffffffffffffffff, 0x6, r2, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={0x0}, 0x800}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r1, r0, 0x0, 0xfffffdef) syz_open_dev$vcsa(&(0x7f00000001c0), 0x8, 0x0) ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x8946, &(0x7f0000000000)={'sit0\x00', &(0x7f0000000100)=@ethtool_dump}) 12:47:13 executing program 7: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x76, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={0xffffffffffffffff}) sendmmsg$unix(r0, &(0x7f00000006c0)=[{{0x0, 0x0, 0x0}}, {{&(0x7f0000000000)=@file={0x0, './file0\x00'}, 0x6e, 0x0, 0x0, 0x0, 0x6e000000}}], 0x2, 0x0) 12:47:13 executing program 3: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$netlink(r0, &(0x7f0000001480)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)={0x18, 0x5f, 0x1, 0x0, 0x0, "", [@typed={0x8, 0x0, 0x0, 0x0, @fd}]}, 0x18}], 0x1}, 0x0) 12:47:13 executing program 1: io_setup(0x40, &(0x7f0000000240)=0x0) r1 = eventfd2(0x0, 0x0) io_submit(r0, 0x1, &(0x7f0000000040)=[&(0x7f0000000440)={0x0, 0x0, 0x0, 0x5, 0x0, r1, 0x0}]) writev(r1, &(0x7f0000002500)=[{&(0x7f0000000480)="e8fe863d5de31d44", 0x8}], 0x1) 12:47:13 executing program 3: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000200)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0x8}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) [ 141.592260] general protection fault, probably for non-canonical address 0xdffffc0004000090: 0000 [#1] PREEMPT SMP KASAN NOPTI [ 141.593585] KASAN: probably user-memory-access in range [0x0000000020000480-0x0000000020000487] [ 141.594623] CPU: 0 PID: 3963 Comm: syz-executor.1 Not tainted 6.3.0-rc3-next-20230327 #1 [ 141.599074] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 141.599991] RIP: 0010:do_iter_write+0x477/0x700 [ 141.600541] Code: 00 0f 85 fd 01 00 00 4d 8b 7c 24 28 e8 d2 05 c6 ff 48 8b 44 24 18 80 38 00 0f 85 68 01 00 00 48 8b 43 18 48 89 c2 48 c1 ea 03 <42> 80 3c 32 00 0f 85 3b 01 00 00 48 8b 4c 24 20 48 8b 30 80 39 00 [ 141.602509] RSP: 0018:ffff8880435d7c68 EFLAGS: 00010216 [ 141.603100] RAX: 0000000020000480 RBX: ffff8880435d7d58 RCX: ffffc90000e0e000 [ 141.603902] RDX: 0000000004000090 RSI: ffffffff8185830e RDI: 0000000000000007 [ 141.604733] RBP: 0000000000000008 R08: 0000000000000007 R09: 0000000000000000 [ 141.605669] R10: 0000000000000008 R11: 0000000000000001 R12: ffff888018d48c80 [ 141.606500] R13: 0000000000000000 R14: dffffc0000000000 R15: ffffffff84911240 [ 141.607299] FS: 00007fbce196f700(0000) GS:ffff88806ce00000(0000) knlGS:0000000000000000 12:47:13 executing program 2: syz_emit_ethernet(0x4e, &(0x7f0000000180)={@broadcast, @local, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "2ddc20", 0x18, 0x3a, 0xff, @local, @local, {[], @ndisc_ra={0x86, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [{0x5, 0x1, "1fee1643e7e3"}]}}}}}}, 0x0) [ 141.608198] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 141.608944] CR2: 0000000020002500 CR3: 000000000fde4000 CR4: 0000000000350ef0 [ 141.609745] Call Trace: [ 141.610040] [ 141.610307] ? import_iovec+0x87/0xb0 [ 141.610750] vfs_writev+0x1ae/0x660 [ 141.611188] ? __pfx_vfs_writev+0x10/0x10 [ 141.611668] ? lock_release+0x1e3/0x680 [ 141.612172] ? __pfx_lock_release+0x10/0x10 [ 141.612679] ? finish_task_switch.isra.0+0x203/0x830 [ 141.613277] ? __fget_files+0x270/0x480 [ 141.613737] ? __fget_light+0xe5/0x280 [ 141.614187] do_writev+0x133/0x300 [ 141.614631] ? __pfx_do_writev+0x10/0x10 [ 141.615139] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 141.615797] do_syscall_64+0x3f/0x90 [ 141.616244] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 141.616835] RIP: 0033:0x7fbce43f9b19 [ 141.617256] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 141.619235] RSP: 002b:00007fbce196f188 EFLAGS: 00000246 ORIG_RAX: 0000000000000014 [ 141.620083] RAX: ffffffffffffffda RBX: 00007fbce450cf60 RCX: 00007fbce43f9b19 [ 141.620832] RDX: 0000000000000001 RSI: 0000000020002500 RDI: 0000000000000003 [ 141.621562] RBP: 00007fbce4453f6d R08: 0000000000000000 R09: 0000000000000000 [ 141.622290] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 141.623005] R13: 00007fff013cc40f R14: 00007fbce196f300 R15: 0000000000022000 [ 141.623752] [ 141.624004] Modules linked in: [ 141.624704] ---[ end trace 0000000000000000 ]--- [ 141.625209] RIP: 0010:do_iter_write+0x477/0x700 [ 141.625710] Code: 00 0f 85 fd 01 00 00 4d 8b 7c 24 28 e8 d2 05 c6 ff 48 8b 44 24 18 80 38 00 0f 85 68 01 00 00 48 8b 43 18 48 89 c2 48 c1 ea 03 <42> 80 3c 32 00 0f 85 3b 01 00 00 48 8b 4c 24 20 48 8b 30 80 39 00 [ 141.627687] RSP: 0018:ffff8880435d7c68 EFLAGS: 00010216 [ 141.628469] RAX: 0000000020000480 RBX: ffff8880435d7d58 RCX: ffffc90000e0e000 [ 141.629373] RDX: 0000000004000090 RSI: ffffffff8185830e RDI: 0000000000000007 [ 141.630304] RBP: 0000000000000008 R08: 0000000000000007 R09: 0000000000000000 [ 141.631136] R10: 0000000000000008 R11: 0000000000000001 R12: ffff888018d48c80 [ 141.631953] R13: 0000000000000000 R14: dffffc0000000000 R15: ffffffff84911240 [ 141.632777] FS: 00007fbce196f700(0000) GS:ffff88806ce00000(0000) knlGS:0000000000000000 [ 141.633690] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 141.634372] CR2: 0000000020002500 CR3: 000000000fde4000 CR4: 0000000000350ef0 [ 141.659000] hrtimer: interrupt took 16792 ns 12:47:14 executing program 0: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$HCIINQUIRY(r0, 0x800448f0, 0x0) bind$bt_hci(r0, &(0x7f0000000000)={0x1f, 0xffffffffffffffff, 0x2}, 0x6) 12:47:14 executing program 5: r0 = socket(0x2, 0xa, 0x0) getsockname$inet(r0, 0x0, &(0x7f0000000640)=0x53) 12:47:14 executing program 7: r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) recvmmsg(r0, &(0x7f0000000000), 0x1, 0x0, 0x0) recvfrom(r0, 0x0, 0x0, 0x0, 0x0, 0x0) shutdown(r0, 0x0) 12:47:14 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x1c1042, 0x0) read$eventfd(r0, &(0x7f0000000080), 0x8) 12:47:14 executing program 3: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000200)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0x8}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 12:47:14 executing program 2: r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x1c1042, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/tty/drivers\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x10000027f) 12:47:14 executing program 1: get_robust_list(0xffffffffffffffff, 0x0, 0x0) 12:47:14 executing program 4: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) chdir(0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1/file0\x00', 0x100, 0x106) r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x1c5042, 0x0) write(r2, &(0x7f0000000200)='E', 0x140000) perf_event_open(&(0x7f0000000140)={0x4, 0x80, 0x7, 0x56, 0x1f, 0x92, 0x0, 0x1, 0x10000, 0x2, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x4, @perf_config_ext={0x5, 0x7ff}, 0x10800, 0x3, 0x1ea, 0x1, 0x7, 0x8195, 0x8, 0x0, 0x5, 0x0, 0x9}, 0xffffffffffffffff, 0x6, r2, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={0x0}, 0x800}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r1, r0, 0x0, 0xfffffdef) syz_open_dev$vcsa(&(0x7f00000001c0), 0x8, 0x0) ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x8946, &(0x7f0000000000)={'sit0\x00', &(0x7f0000000100)=@ethtool_dump}) 12:47:14 executing program 6: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0) ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f00000001c0)={'batadv0\x00'}) ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f00000003c0)={'ipvlan1\x00'}) r1 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100), 0x4}, 0x40210}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0xfffffffd, &(0x7f0000000000)={0x0, 0x0, 0x1, 0x0, 0x8000039a}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000fec000/0x14000)=nil, 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000000)={'rose0\x00'}) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) pwritev(r0, &(0x7f0000000340)=[{&(0x7f0000000600)="96146f3e10793b3b15dd2ffb3772a45505df015b0418934efe533cc5936663634910e73b753331168bc21e14ac6dd399a3aa0bb3bcef6c3aae1f2044c606391246fea85c441d7c06a9c795774933ff84df42bf417a1b052b0c0c2d2cb8eb60433382ef8b68783fe8f6eed8a466f87a7c8d3cb392461cbbae842c2d276aaea82e45e3af6a992d5c5b742f39c89f4baebc6d93a99d3977674d5ec4c44717602534c89f55df979a6a4b9c88c6a50f9df99cc664da15097a3bebf0369bdbef4dbb63906370", 0xc3}], 0x1, 0xbffb, 0x6) ioctl$FS_IOC_SETFLAGS(0xffffffffffffffff, 0x40086602, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3000d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x101}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syslog(0x3, 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x1ff) syslog(0x3, &(0x7f0000000300)=""/65, 0x41) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r1, 0x81f8943c, 0x0) 12:47:14 executing program 0: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$HCIINQUIRY(r0, 0x800448f0, 0x0) bind$bt_hci(r0, &(0x7f0000000000)={0x1f, 0xffffffffffffffff, 0x2}, 0x6) 12:47:14 executing program 3: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000200)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0x8}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) [ 142.924912] audit: type=1400 audit(1679921234.763:10): avc: denied { write } for pid=3995 comm="syz-executor.6" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 [ 143.485377] syz-executor.4 (3989) used greatest stack depth: 23384 bytes left 12:47:15 executing program 1: get_robust_list(0xffffffffffffffff, 0x0, 0x0) 12:47:15 executing program 5: r0 = socket(0x2, 0xa, 0x0) getsockname$inet(r0, 0x0, &(0x7f0000000640)=0x53) 12:47:15 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) shutdown(r0, 0x1) 12:47:15 executing program 0: io_setup(0xc8, &(0x7f0000000380)=0x0) io_cancel(r0, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0) 12:47:15 executing program 7: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x820008, 0x0) mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='hugetlbfs\x00', 0x0, 0x0) syz_mount_image$ext4(0x0, 0x0, 0x0, 0x1, &(0x7f0000000680)=[{0x0, 0x0, 0x9d6}], 0x0, 0x0) 12:47:15 executing program 3: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000200)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0x8}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 12:47:15 executing program 4: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) chdir(0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1/file0\x00', 0x100, 0x106) r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x1c5042, 0x0) write(r2, &(0x7f0000000200)='E', 0x140000) perf_event_open(&(0x7f0000000140)={0x4, 0x80, 0x7, 0x56, 0x1f, 0x92, 0x0, 0x1, 0x10000, 0x2, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x4, @perf_config_ext={0x5, 0x7ff}, 0x10800, 0x3, 0x1ea, 0x1, 0x7, 0x8195, 0x8, 0x0, 0x5, 0x0, 0x9}, 0xffffffffffffffff, 0x6, r2, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={0x0}, 0x800}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r1, r0, 0x0, 0xfffffdef) syz_open_dev$vcsa(&(0x7f00000001c0), 0x8, 0x0) ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x8946, &(0x7f0000000000)={'sit0\x00', &(0x7f0000000100)=@ethtool_dump}) 12:47:15 executing program 6: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0) ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f00000001c0)={'batadv0\x00'}) ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f00000003c0)={'ipvlan1\x00'}) r1 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100), 0x4}, 0x40210}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0xfffffffd, &(0x7f0000000000)={0x0, 0x0, 0x1, 0x0, 0x8000039a}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000fec000/0x14000)=nil, 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000000)={'rose0\x00'}) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) pwritev(r0, &(0x7f0000000340)=[{&(0x7f0000000600)="96146f3e10793b3b15dd2ffb3772a45505df015b0418934efe533cc5936663634910e73b753331168bc21e14ac6dd399a3aa0bb3bcef6c3aae1f2044c606391246fea85c441d7c06a9c795774933ff84df42bf417a1b052b0c0c2d2cb8eb60433382ef8b68783fe8f6eed8a466f87a7c8d3cb392461cbbae842c2d276aaea82e45e3af6a992d5c5b742f39c89f4baebc6d93a99d3977674d5ec4c44717602534c89f55df979a6a4b9c88c6a50f9df99cc664da15097a3bebf0369bdbef4dbb63906370", 0xc3}], 0x1, 0xbffb, 0x6) ioctl$FS_IOC_SETFLAGS(0xffffffffffffffff, 0x40086602, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3000d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x101}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syslog(0x3, 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x1ff) syslog(0x3, &(0x7f0000000300)=""/65, 0x41) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r1, 0x81f8943c, 0x0) 12:47:15 executing program 1: get_robust_list(0xffffffffffffffff, 0x0, 0x0) 12:47:15 executing program 2: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0) ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f00000001c0)={'batadv0\x00'}) ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f00000003c0)={'ipvlan1\x00'}) r1 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100), 0x4}, 0x40210}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0xfffffffd, &(0x7f0000000000)={0x0, 0x0, 0x1, 0x0, 0x8000039a}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000fec000/0x14000)=nil, 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000000)={'rose0\x00'}) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) pwritev(r0, &(0x7f0000000340)=[{&(0x7f0000000600)="96146f3e10793b3b15dd2ffb3772a45505df015b0418934efe533cc5936663634910e73b753331168bc21e14ac6dd399a3aa0bb3bcef6c3aae1f2044c606391246fea85c441d7c06a9c795774933ff84df42bf417a1b052b0c0c2d2cb8eb60433382ef8b68783fe8f6eed8a466f87a7c8d3cb392461cbbae842c2d276aaea82e45e3af6a992d5c5b742f39c89f4baebc6d93a99d3977674d5ec4c44717602534c89f55df979a6a4b9c88c6a50f9df99cc664da15097a3bebf0369bdbef4dbb63906370", 0xc3}], 0x1, 0xbffb, 0x6) ioctl$FS_IOC_SETFLAGS(0xffffffffffffffff, 0x40086602, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3000d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x101}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syslog(0x3, 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x1ff) syslog(0x3, &(0x7f0000000300)=""/65, 0x41) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r1, 0x81f8943c, 0x0) [ 143.582871] memfd_create() without MFD_EXEC nor MFD_NOEXEC_SEAL, pid=4016 'syz-executor.7' [ 143.628540] loop7: detected capacity change from 0 to 9 12:47:15 executing program 5: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0) ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f00000001c0)={'batadv0\x00'}) ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f00000003c0)={'ipvlan1\x00'}) r1 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100), 0x4}, 0x40210}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0xfffffffd, &(0x7f0000000000)={0x0, 0x0, 0x1, 0x0, 0x8000039a}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000fec000/0x14000)=nil, 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000000)={'rose0\x00'}) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) pwritev(r0, &(0x7f0000000340)=[{&(0x7f0000000600)="96146f3e10793b3b15dd2ffb3772a45505df015b0418934efe533cc5936663634910e73b753331168bc21e14ac6dd399a3aa0bb3bcef6c3aae1f2044c606391246fea85c441d7c06a9c795774933ff84df42bf417a1b052b0c0c2d2cb8eb60433382ef8b68783fe8f6eed8a466f87a7c8d3cb392461cbbae842c2d276aaea82e45e3af6a992d5c5b742f39c89f4baebc6d93a99d3977674d5ec4c44717602534c89f55df979a6a4b9c88c6a50f9df99cc664da15097a3bebf0369bdbef4dbb63906370", 0xc3}], 0x1, 0xbffb, 0x6) ioctl$FS_IOC_SETFLAGS(0xffffffffffffffff, 0x40086602, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3000d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x101}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syslog(0x3, 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x1ff) syslog(0x3, &(0x7f0000000300)=""/65, 0x41) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r1, 0x81f8943c, 0x0) 12:47:15 executing program 0: r0 = syz_open_dev$tty20(0xc, 0x4, 0x0) ioctl$PIO_UNIMAP(r0, 0x4bfb, &(0x7f00000000c0)={0x1, &(0x7f0000000080)=[{}]}) [ 143.690934] loop7: detected capacity change from 0 to 9 12:47:15 executing program 7: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x820008, 0x0) mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='hugetlbfs\x00', 0x0, 0x0) syz_mount_image$ext4(0x0, 0x0, 0x0, 0x1, &(0x7f0000000680)=[{0x0, 0x0, 0x9d6}], 0x0, 0x0) 12:47:15 executing program 1: get_robust_list(0xffffffffffffffff, 0x0, 0x0) [ 143.797295] loop7: detected capacity change from 0 to 9 12:47:15 executing program 1: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x820008, 0x0) mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='hugetlbfs\x00', 0x0, 0x0) syz_mount_image$ext4(0x0, 0x0, 0x0, 0x1, &(0x7f0000000680)=[{0x0, 0x0, 0x9d6}], 0x0, 0x0) 12:47:15 executing program 3: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x820008, 0x0) mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='hugetlbfs\x00', 0x0, 0x0) syz_mount_image$ext4(0x0, 0x0, 0x0, 0x1, &(0x7f0000000680)=[{0x0, 0x0, 0x9d6}], 0x0, 0x0) 12:47:15 executing program 7: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x820008, 0x0) mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='hugetlbfs\x00', 0x0, 0x0) syz_mount_image$ext4(0x0, 0x0, 0x0, 0x1, &(0x7f0000000680)=[{0x0, 0x0, 0x9d6}], 0x0, 0x0) 12:47:15 executing program 6: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0) ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f00000001c0)={'batadv0\x00'}) ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f00000003c0)={'ipvlan1\x00'}) r1 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100), 0x4}, 0x40210}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0xfffffffd, &(0x7f0000000000)={0x0, 0x0, 0x1, 0x0, 0x8000039a}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000fec000/0x14000)=nil, 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000000)={'rose0\x00'}) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) pwritev(r0, &(0x7f0000000340)=[{&(0x7f0000000600)="96146f3e10793b3b15dd2ffb3772a45505df015b0418934efe533cc5936663634910e73b753331168bc21e14ac6dd399a3aa0bb3bcef6c3aae1f2044c606391246fea85c441d7c06a9c795774933ff84df42bf417a1b052b0c0c2d2cb8eb60433382ef8b68783fe8f6eed8a466f87a7c8d3cb392461cbbae842c2d276aaea82e45e3af6a992d5c5b742f39c89f4baebc6d93a99d3977674d5ec4c44717602534c89f55df979a6a4b9c88c6a50f9df99cc664da15097a3bebf0369bdbef4dbb63906370", 0xc3}], 0x1, 0xbffb, 0x6) ioctl$FS_IOC_SETFLAGS(0xffffffffffffffff, 0x40086602, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3000d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x101}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syslog(0x3, 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x1ff) syslog(0x3, &(0x7f0000000300)=""/65, 0x41) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r1, 0x81f8943c, 0x0) 12:47:15 executing program 5: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0) ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f00000001c0)={'batadv0\x00'}) ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f00000003c0)={'ipvlan1\x00'}) r1 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100), 0x4}, 0x40210}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0xfffffffd, &(0x7f0000000000)={0x0, 0x0, 0x1, 0x0, 0x8000039a}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000fec000/0x14000)=nil, 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000000)={'rose0\x00'}) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) pwritev(r0, &(0x7f0000000340)=[{&(0x7f0000000600)="96146f3e10793b3b15dd2ffb3772a45505df015b0418934efe533cc5936663634910e73b753331168bc21e14ac6dd399a3aa0bb3bcef6c3aae1f2044c606391246fea85c441d7c06a9c795774933ff84df42bf417a1b052b0c0c2d2cb8eb60433382ef8b68783fe8f6eed8a466f87a7c8d3cb392461cbbae842c2d276aaea82e45e3af6a992d5c5b742f39c89f4baebc6d93a99d3977674d5ec4c44717602534c89f55df979a6a4b9c88c6a50f9df99cc664da15097a3bebf0369bdbef4dbb63906370", 0xc3}], 0x1, 0xbffb, 0x6) ioctl$FS_IOC_SETFLAGS(0xffffffffffffffff, 0x40086602, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3000d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x101}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syslog(0x3, 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x1ff) syslog(0x3, &(0x7f0000000300)=""/65, 0x41) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r1, 0x81f8943c, 0x0) 12:47:15 executing program 4: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) chdir(0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1/file0\x00', 0x100, 0x106) r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x1c5042, 0x0) write(r2, &(0x7f0000000200)='E', 0x140000) perf_event_open(&(0x7f0000000140)={0x4, 0x80, 0x7, 0x56, 0x1f, 0x92, 0x0, 0x1, 0x10000, 0x2, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x4, @perf_config_ext={0x5, 0x7ff}, 0x10800, 0x3, 0x1ea, 0x1, 0x7, 0x8195, 0x8, 0x0, 0x5, 0x0, 0x9}, 0xffffffffffffffff, 0x6, r2, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={0x0}, 0x800}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r1, r0, 0x0, 0xfffffdef) syz_open_dev$vcsa(&(0x7f00000001c0), 0x8, 0x0) ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x8946, &(0x7f0000000000)={'sit0\x00', &(0x7f0000000100)=@ethtool_dump}) 12:47:15 executing program 2: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0) ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f00000001c0)={'batadv0\x00'}) ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f00000003c0)={'ipvlan1\x00'}) r1 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100), 0x4}, 0x40210}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0xfffffffd, &(0x7f0000000000)={0x0, 0x0, 0x1, 0x0, 0x8000039a}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000fec000/0x14000)=nil, 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000000)={'rose0\x00'}) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) pwritev(r0, &(0x7f0000000340)=[{&(0x7f0000000600)="96146f3e10793b3b15dd2ffb3772a45505df015b0418934efe533cc5936663634910e73b753331168bc21e14ac6dd399a3aa0bb3bcef6c3aae1f2044c606391246fea85c441d7c06a9c795774933ff84df42bf417a1b052b0c0c2d2cb8eb60433382ef8b68783fe8f6eed8a466f87a7c8d3cb392461cbbae842c2d276aaea82e45e3af6a992d5c5b742f39c89f4baebc6d93a99d3977674d5ec4c44717602534c89f55df979a6a4b9c88c6a50f9df99cc664da15097a3bebf0369bdbef4dbb63906370", 0xc3}], 0x1, 0xbffb, 0x6) ioctl$FS_IOC_SETFLAGS(0xffffffffffffffff, 0x40086602, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3000d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x101}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syslog(0x3, 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x1ff) syslog(0x3, &(0x7f0000000300)=""/65, 0x41) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r1, 0x81f8943c, 0x0) 12:47:15 executing program 0: r0 = syz_mount_image$tmpfs(0x0, &(0x7f0000000580)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000840)=ANY=[]) r1 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000b00), 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r1, 0xc0189375, &(0x7f0000000200)=ANY=[@ANYBLOB="0100000800002482000018000000", @ANYRES32=r0]) openat$snapshot(0xffffffffffffff9c, 0x0, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040), 0x1}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x7, 0x7}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x1010c2, 0x0) r3 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/diskstats\x00', 0x0, 0x0) sendfile(r2, r3, 0x0, 0x10000027f) perf_event_open(&(0x7f0000000500)={0x1, 0x80, 0x1, 0x1, 0x0, 0x6, 0x0, 0x5, 0x10000, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x3, 0x4, @perf_bp={0x0, 0x8}, 0x100, 0xfffffffffffffffe, 0x40, 0x1, 0x84, 0x2, 0x1000, 0x0, 0xfffffffe, 0x0, 0x6e8f}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x8) signalfd(r3, &(0x7f0000000100)={[0x20]}, 0x8) sendmmsg$inet(0xffffffffffffffff, &(0x7f0000000ec0)=[{{&(0x7f0000000000)={0x2, 0x0, @remote}, 0x10, &(0x7f0000001040)=[{&(0x7f0000000040)="881a", 0x2}], 0x1}}, {{&(0x7f0000000180)={0x2, 0x0, @remote}, 0xf, 0x0, 0x0, &(0x7f00000006c0)=[@ip_retopts={{0x14, 0x0, 0x7, {[@lsrr={0x83, 0x3}]}}}], 0x18}}], 0x2, 0x0) ioctl$BTRFS_IOC_SEND(0xffffffffffffffff, 0x40489426, &(0x7f0000000400)={{}, 0x5, &(0x7f0000000380)=[0x1a4, 0x101, 0x2, 0x80000000, 0x0], 0x7, 0x4, [0xfffffffffffffffa, 0xfffffffffffffffc, 0x3, 0x7]}) syz_mount_image$tmpfs(&(0x7f00000006c0), &(0x7f0000000700)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) umount2(&(0x7f0000000080)='./file0\x00', 0x4) lstat(&(0x7f00000003c0)='./file1\x00', &(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, 0x0}) setxattr$security_capability(&(0x7f0000000000)='./file0\x00', &(0x7f0000000140), &(0x7f00000001c0)=@v3={0x3000000, [{0x0, 0x3f}, {0xffffffff}], r4}, 0x18, 0x0) umount2(&(0x7f0000000000)='./file0\x00', 0x4) [ 144.261232] loop7: detected capacity change from 0 to 9 12:47:16 executing program 0: r0 = syz_mount_image$tmpfs(0x0, &(0x7f0000000580)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000840)=ANY=[]) r1 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000b00), 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r1, 0xc0189375, &(0x7f0000000200)=ANY=[@ANYBLOB="0100000800002482000018000000", @ANYRES32=r0]) openat$snapshot(0xffffffffffffff9c, 0x0, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040), 0x1}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x7, 0x7}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x1010c2, 0x0) r3 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/diskstats\x00', 0x0, 0x0) sendfile(r2, r3, 0x0, 0x10000027f) perf_event_open(&(0x7f0000000500)={0x1, 0x80, 0x1, 0x1, 0x0, 0x6, 0x0, 0x5, 0x10000, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x3, 0x4, @perf_bp={0x0, 0x8}, 0x100, 0xfffffffffffffffe, 0x40, 0x1, 0x84, 0x2, 0x1000, 0x0, 0xfffffffe, 0x0, 0x6e8f}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x8) signalfd(r3, &(0x7f0000000100)={[0x20]}, 0x8) sendmmsg$inet(0xffffffffffffffff, &(0x7f0000000ec0)=[{{&(0x7f0000000000)={0x2, 0x0, @remote}, 0x10, &(0x7f0000001040)=[{&(0x7f0000000040)="881a", 0x2}], 0x1}}, {{&(0x7f0000000180)={0x2, 0x0, @remote}, 0xf, 0x0, 0x0, &(0x7f00000006c0)=[@ip_retopts={{0x14, 0x0, 0x7, {[@lsrr={0x83, 0x3}]}}}], 0x18}}], 0x2, 0x0) ioctl$BTRFS_IOC_SEND(0xffffffffffffffff, 0x40489426, &(0x7f0000000400)={{}, 0x5, &(0x7f0000000380)=[0x1a4, 0x101, 0x2, 0x80000000, 0x0], 0x7, 0x4, [0xfffffffffffffffa, 0xfffffffffffffffc, 0x3, 0x7]}) syz_mount_image$tmpfs(&(0x7f00000006c0), &(0x7f0000000700)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) umount2(&(0x7f0000000080)='./file0\x00', 0x4) lstat(&(0x7f00000003c0)='./file1\x00', &(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, 0x0}) setxattr$security_capability(&(0x7f0000000000)='./file0\x00', &(0x7f0000000140), &(0x7f00000001c0)=@v3={0x3000000, [{0x0, 0x3f}, {0xffffffff}], r4}, 0x18, 0x0) umount2(&(0x7f0000000000)='./file0\x00', 0x4) [ 144.388243] loop1: detected capacity change from 0 to 9 12:47:16 executing program 7: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x820008, 0x0) mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='hugetlbfs\x00', 0x0, 0x0) syz_mount_image$ext4(0x0, 0x0, 0x0, 0x1, &(0x7f0000000680)=[{0x0, 0x0, 0x9d6}], 0x0, 0x0) 12:47:16 executing program 0: r0 = syz_mount_image$tmpfs(0x0, &(0x7f0000000580)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000840)=ANY=[]) r1 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000b00), 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r1, 0xc0189375, &(0x7f0000000200)=ANY=[@ANYBLOB="0100000800002482000018000000", @ANYRES32=r0]) openat$snapshot(0xffffffffffffff9c, 0x0, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040), 0x1}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x7, 0x7}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x1010c2, 0x0) r3 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/diskstats\x00', 0x0, 0x0) sendfile(r2, r3, 0x0, 0x10000027f) perf_event_open(&(0x7f0000000500)={0x1, 0x80, 0x1, 0x1, 0x0, 0x6, 0x0, 0x5, 0x10000, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x3, 0x4, @perf_bp={0x0, 0x8}, 0x100, 0xfffffffffffffffe, 0x40, 0x1, 0x84, 0x2, 0x1000, 0x0, 0xfffffffe, 0x0, 0x6e8f}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x8) signalfd(r3, &(0x7f0000000100)={[0x20]}, 0x8) sendmmsg$inet(0xffffffffffffffff, &(0x7f0000000ec0)=[{{&(0x7f0000000000)={0x2, 0x0, @remote}, 0x10, &(0x7f0000001040)=[{&(0x7f0000000040)="881a", 0x2}], 0x1}}, {{&(0x7f0000000180)={0x2, 0x0, @remote}, 0xf, 0x0, 0x0, &(0x7f00000006c0)=[@ip_retopts={{0x14, 0x0, 0x7, {[@lsrr={0x83, 0x3}]}}}], 0x18}}], 0x2, 0x0) ioctl$BTRFS_IOC_SEND(0xffffffffffffffff, 0x40489426, &(0x7f0000000400)={{}, 0x5, &(0x7f0000000380)=[0x1a4, 0x101, 0x2, 0x80000000, 0x0], 0x7, 0x4, [0xfffffffffffffffa, 0xfffffffffffffffc, 0x3, 0x7]}) syz_mount_image$tmpfs(&(0x7f00000006c0), &(0x7f0000000700)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) umount2(&(0x7f0000000080)='./file0\x00', 0x4) lstat(&(0x7f00000003c0)='./file1\x00', &(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, 0x0}) setxattr$security_capability(&(0x7f0000000000)='./file0\x00', &(0x7f0000000140), &(0x7f00000001c0)=@v3={0x3000000, [{0x0, 0x3f}, {0xffffffff}], r4}, 0x18, 0x0) umount2(&(0x7f0000000000)='./file0\x00', 0x4) [ 144.559218] loop3: detected capacity change from 0 to 9 12:47:16 executing program 3: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x820008, 0x0) mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='hugetlbfs\x00', 0x0, 0x0) syz_mount_image$ext4(0x0, 0x0, 0x0, 0x1, &(0x7f0000000680)=[{0x0, 0x0, 0x9d6}], 0x0, 0x0) 12:47:16 executing program 0: r0 = syz_mount_image$tmpfs(0x0, &(0x7f0000000580)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000840)=ANY=[]) r1 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000b00), 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r1, 0xc0189375, &(0x7f0000000200)=ANY=[@ANYBLOB="0100000800002482000018000000", @ANYRES32=r0]) openat$snapshot(0xffffffffffffff9c, 0x0, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040), 0x1}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x7, 0x7}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x1010c2, 0x0) r3 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/diskstats\x00', 0x0, 0x0) sendfile(r2, r3, 0x0, 0x10000027f) perf_event_open(&(0x7f0000000500)={0x1, 0x80, 0x1, 0x1, 0x0, 0x6, 0x0, 0x5, 0x10000, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x3, 0x4, @perf_bp={0x0, 0x8}, 0x100, 0xfffffffffffffffe, 0x40, 0x1, 0x84, 0x2, 0x1000, 0x0, 0xfffffffe, 0x0, 0x6e8f}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x8) signalfd(r3, &(0x7f0000000100)={[0x20]}, 0x8) sendmmsg$inet(0xffffffffffffffff, &(0x7f0000000ec0)=[{{&(0x7f0000000000)={0x2, 0x0, @remote}, 0x10, &(0x7f0000001040)=[{&(0x7f0000000040)="881a", 0x2}], 0x1}}, {{&(0x7f0000000180)={0x2, 0x0, @remote}, 0xf, 0x0, 0x0, &(0x7f00000006c0)=[@ip_retopts={{0x14, 0x0, 0x7, {[@lsrr={0x83, 0x3}]}}}], 0x18}}], 0x2, 0x0) ioctl$BTRFS_IOC_SEND(0xffffffffffffffff, 0x40489426, &(0x7f0000000400)={{}, 0x5, &(0x7f0000000380)=[0x1a4, 0x101, 0x2, 0x80000000, 0x0], 0x7, 0x4, [0xfffffffffffffffa, 0xfffffffffffffffc, 0x3, 0x7]}) syz_mount_image$tmpfs(&(0x7f00000006c0), &(0x7f0000000700)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) umount2(&(0x7f0000000080)='./file0\x00', 0x4) lstat(&(0x7f00000003c0)='./file1\x00', &(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, 0x0}) setxattr$security_capability(&(0x7f0000000000)='./file0\x00', &(0x7f0000000140), &(0x7f00000001c0)=@v3={0x3000000, [{0x0, 0x3f}, {0xffffffff}], r4}, 0x18, 0x0) umount2(&(0x7f0000000000)='./file0\x00', 0x4) [ 144.785475] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 12:47:16 executing program 4: r0 = socket$netlink(0x10, 0x3, 0x4) setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r0, 0x10e, 0x1, &(0x7f0000000040)=0x1f, 0x4) [ 144.885319] loop7: detected capacity change from 0 to 9 [ 144.938157] loop3: detected capacity change from 0 to 9 12:47:16 executing program 4: r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x77, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) read(r0, &(0x7f00000001c0)=""/80, 0x50) 12:47:16 executing program 3: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x820008, 0x0) mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='hugetlbfs\x00', 0x0, 0x0) syz_mount_image$ext4(0x0, 0x0, 0x0, 0x1, &(0x7f0000000680)=[{0x0, 0x0, 0x9d6}], 0x0, 0x0) 12:47:16 executing program 2: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0) ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f00000001c0)={'batadv0\x00'}) ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f00000003c0)={'ipvlan1\x00'}) r1 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100), 0x4}, 0x40210}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0xfffffffd, &(0x7f0000000000)={0x0, 0x0, 0x1, 0x0, 0x8000039a}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000fec000/0x14000)=nil, 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000000)={'rose0\x00'}) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) pwritev(r0, &(0x7f0000000340)=[{&(0x7f0000000600)="96146f3e10793b3b15dd2ffb3772a45505df015b0418934efe533cc5936663634910e73b753331168bc21e14ac6dd399a3aa0bb3bcef6c3aae1f2044c606391246fea85c441d7c06a9c795774933ff84df42bf417a1b052b0c0c2d2cb8eb60433382ef8b68783fe8f6eed8a466f87a7c8d3cb392461cbbae842c2d276aaea82e45e3af6a992d5c5b742f39c89f4baebc6d93a99d3977674d5ec4c44717602534c89f55df979a6a4b9c88c6a50f9df99cc664da15097a3bebf0369bdbef4dbb63906370", 0xc3}], 0x1, 0xbffb, 0x6) ioctl$FS_IOC_SETFLAGS(0xffffffffffffffff, 0x40086602, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3000d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x101}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syslog(0x3, 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x1ff) syslog(0x3, &(0x7f0000000300)=""/65, 0x41) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r1, 0x81f8943c, 0x0) 12:47:16 executing program 5: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0) ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f00000001c0)={'batadv0\x00'}) ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f00000003c0)={'ipvlan1\x00'}) r1 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100), 0x4}, 0x40210}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0xfffffffd, &(0x7f0000000000)={0x0, 0x0, 0x1, 0x0, 0x8000039a}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000fec000/0x14000)=nil, 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000000)={'rose0\x00'}) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) pwritev(r0, &(0x7f0000000340)=[{&(0x7f0000000600)="96146f3e10793b3b15dd2ffb3772a45505df015b0418934efe533cc5936663634910e73b753331168bc21e14ac6dd399a3aa0bb3bcef6c3aae1f2044c606391246fea85c441d7c06a9c795774933ff84df42bf417a1b052b0c0c2d2cb8eb60433382ef8b68783fe8f6eed8a466f87a7c8d3cb392461cbbae842c2d276aaea82e45e3af6a992d5c5b742f39c89f4baebc6d93a99d3977674d5ec4c44717602534c89f55df979a6a4b9c88c6a50f9df99cc664da15097a3bebf0369bdbef4dbb63906370", 0xc3}], 0x1, 0xbffb, 0x6) ioctl$FS_IOC_SETFLAGS(0xffffffffffffffff, 0x40086602, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3000d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x101}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syslog(0x3, 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x1ff) syslog(0x3, &(0x7f0000000300)=""/65, 0x41) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r1, 0x81f8943c, 0x0) 12:47:16 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) ioctl$BTRFS_IOC_QGROUP_ASSIGN(r0, 0x40189429, &(0x7f0000000300)) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x2, 0x0) pwrite64(r2, &(0x7f00000000c0)='9', 0x1, 0x8040000) write$binfmt_script(r2, &(0x7f0000000340)={'#! ', './file1', [{}, {0x20, '\\'}, {0x20, '\x94'}], 0xa, "1aa9077a0502cd288571cbe8849b382060f27bf7bbeba8305fd4d2c532e999d796a82808c1bb194650fb3180beabf4a7e9dc"}, 0x42) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x4}, 0x0, 0x0, 0x0, 0x0, 0x6dc8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) pwritev(r1, &(0x7f0000000080)=[{&(0x7f0000000140)='\x00', 0x1}], 0x1, 0x7fffffb, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x8}, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r0, 0x0, 0x100000) r3 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x1c5042, 0x0) write(r3, &(0x7f0000000200)='E', 0x140000) stat(&(0x7f0000000240)='./file1\x00', &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0}) setresuid(0x0, r4, 0x0) getgid() 12:47:16 executing program 6: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0) ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f00000001c0)={'batadv0\x00'}) ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f00000003c0)={'ipvlan1\x00'}) r1 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100), 0x4}, 0x40210}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0xfffffffd, &(0x7f0000000000)={0x0, 0x0, 0x1, 0x0, 0x8000039a}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000fec000/0x14000)=nil, 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000000)={'rose0\x00'}) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) pwritev(r0, &(0x7f0000000340)=[{&(0x7f0000000600)="96146f3e10793b3b15dd2ffb3772a45505df015b0418934efe533cc5936663634910e73b753331168bc21e14ac6dd399a3aa0bb3bcef6c3aae1f2044c606391246fea85c441d7c06a9c795774933ff84df42bf417a1b052b0c0c2d2cb8eb60433382ef8b68783fe8f6eed8a466f87a7c8d3cb392461cbbae842c2d276aaea82e45e3af6a992d5c5b742f39c89f4baebc6d93a99d3977674d5ec4c44717602534c89f55df979a6a4b9c88c6a50f9df99cc664da15097a3bebf0369bdbef4dbb63906370", 0xc3}], 0x1, 0xbffb, 0x6) ioctl$FS_IOC_SETFLAGS(0xffffffffffffffff, 0x40086602, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3000d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x101}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syslog(0x3, 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x1ff) syslog(0x3, &(0x7f0000000300)=""/65, 0x41) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r1, 0x81f8943c, 0x0) 12:47:16 executing program 1: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x820008, 0x0) mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='hugetlbfs\x00', 0x0, 0x0) syz_mount_image$ext4(0x0, 0x0, 0x0, 0x1, &(0x7f0000000680)=[{0x0, 0x0, 0x9d6}], 0x0, 0x0) 12:47:16 executing program 7: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) stat(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0}) setresuid(0x0, r0, 0x0) stat(&(0x7f0000000980)='./file0/file0\x00', 0x0) [ 145.030573] audit: type=1400 audit(1679921236.870:11): avc: denied { read } for pid=4088 comm="syz-executor.4" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 [ 145.056883] loop1: detected capacity change from 0 to 9 12:47:16 executing program 7: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) r0 = fsopen(&(0x7f0000000000)='hugetlbfs\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000080)='&,@.\\\'\x00', &(0x7f00000000c0)=':\x00', 0x0) r1 = fsmount(r0, 0x1, 0x0) r2 = openat(r1, &(0x7f0000000140)='./file0\x00', 0x42141, 0xc4) ioctl$BTRFS_IOC_SYNC(r2, 0x9408, 0x0) 12:47:16 executing program 4: r0 = memfd_create(&(0x7f00000002c0)='B\xdb/\x89\x03l\xdeb\xcb\xb54\xed\xbeLY\xb5Z\xe1\x12S\xf5G\xcc\xf3\xe9\x02h\v\xca(\x96\xe1C\xdf\x1c\xea\x85C\xfb\x10\x13\xfa\x03\x16\xcd\x17\xa2\x80\xa1z\xb4r\x95\xc3@\x9d\xa6\xf1\x92#}g\xd3`\xf7\xcez\xcb\xb3\x1a\xbb\xc48e\x8e\xb1&\xd1\x8a\xe6!\x7f\x8d\xea,qx\xa28\xbf\"\xc7e\x06L\xb06\xeb<$\xd7\xba\xe5\x01\x03\x94r\xab\xd4J\x03s\xaf\xf6A\xbfV\xfa\x1ew\x8d\xbf\x99I\x97\xd8\xd2\xe8\x11\xc4\x04\x00\x84\xd5i\xee\xaf\xae[E\x1f\xdd\xd7#rT+\xb621p\xaf[\x99\" 1\xeb\xc7)\xd2\x1dh\xf2\xd5s\xfd?\fa>\x9f;\xe5r\xe5\xbd\xb0|=\x8eZcPY\xf8\xbd\x13\xaa\x8b\xdf\xbc\x93u\xd5\xb0r\xfb\xde\xe7\xd9k\xe2\xc6\x1b\xf2o@&>\xf2M\xe7\x8c\xeb\xee\xf5\x02~\x85\x14\xf3\xc6v\xf15PE\x8c\xca\x16$\xc2\x01#\xb563\rbq\xbf64\xfaW\x17\xdfa\xe6\xca\x86\xd7\xf8\x81X\x9bg4\xc1\xdam\xcf=Rq6\xb0\xd4D=I\x1a\x0e\xd0\xabz\xe2\x19\x0fM\xad\xdco\xa4\xb2\x8c?\xc1\x10\xf273\xd00\xb3_\xe8\x9a*\xfcL\xea;\xc0\x9a\xdbx!N;\xb5x\t\xa4E\xbe\x93r\x04\xf5\xf0\xf5\x7f\x9a)\xf5\x1b\"\xa1\xd8\x06>\xc9\xe2r\xe9_\xfe\xc0\b\x81\x98\x1c\xe2\xe0?\x8f\xa1\xbel\aN\x83@\xb1\x03)4A\x83\xd6\xcf\xf6\xb5\x82\xb7\x9dA\b$\xa2x\x8a@\xfaj~\xef\x93\xb1/L\x01\xe2\xba|\xf0\x01)PP\xcdl\x06\xfc\x15;qZ\xb1u\xc9\xd0\xd16~JEGm\xe4\x1e@\x9dG\xe4@\xdf\xba\'\x8b\x1cD\xc7\xec\xd1@}tR\xd9P\xf4N\xe3\xd8x\xa0\x91\x17\xc2}\x13\b\xca\t(Z\xa3_\xa1\x90\x15T\x93\xe7%\x98\xa7\xfb\x8bp/eq\x93\xbf\x1f =|\xf3\xb1\xfcR\xd8\nM,\xcb%@\'\x15\x88\xd8\xad\f\x91|\x95\x8fq+\x98\x81W\xba\x9f\xe0elOt\xbd\by\r\x87\x1c\xba\xbd\x8e+S>\xb8\xe29\x91h^x\xfb`\x00\xdd/\xa6\xb1\x16=\xa1bw\xc5I\xb1\x00'/549, 0x0) lseek(r0, 0xfffffffffffffffb, 0x4) 12:47:17 executing program 1: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x820008, 0x0) mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='hugetlbfs\x00', 0x0, 0x0) syz_mount_image$ext4(0x0, 0x0, 0x0, 0x1, &(0x7f0000000680)=[{0x0, 0x0, 0x9d6}], 0x0, 0x0) 12:47:17 executing program 7: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) r0 = fsopen(&(0x7f0000000000)='hugetlbfs\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000080)='&,@.\\\'\x00', &(0x7f00000000c0)=':\x00', 0x0) r1 = fsmount(r0, 0x1, 0x0) r2 = openat(r1, &(0x7f0000000140)='./file0\x00', 0x42141, 0xc4) ioctl$BTRFS_IOC_SYNC(r2, 0x9408, 0x0) 12:47:17 executing program 4: perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x76f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040), 0xb}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$FAT_IOCTL_SET_ATTRIBUTES(0xffffffffffffffff, 0x40047211, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='clear_refs\x00') r1 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000180), 0x48103, 0x0) r2 = perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x3, 0xec, 0x20, 0x8, 0x0, 0x3, 0x40, 0x8, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x5, 0x4, @perf_config_ext={0x6, 0xffffffffffffffa8}, 0x2010, 0x4, 0x7af6, 0x1, 0xffffffff, 0x3f, 0x9, 0x0, 0x3, 0x0, 0x9}, 0xffffffffffffffff, 0x5, r1, 0x2) r3 = socket$nl_generic(0x10, 0x3, 0x10) getsockopt$sock_int(r3, 0x1, 0x3c, 0x0, &(0x7f0000001300)) r4 = accept$packet(r0, &(0x7f00000003c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @local}, &(0x7f0000000400)=0x14) io_uring_register$IORING_REGISTER_FILES_UPDATE(0xffffffffffffffff, 0x6, &(0x7f0000000480)={0x7ff, 0x0, &(0x7f0000000440)=[r3, r2, r4]}, 0x3) pwritev(r0, &(0x7f0000000000)=[{&(0x7f00000000c0)='3', 0x1}], 0x1, 0x0, 0x0) syncfs(0xffffffffffffffff) ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000300)=ANY=[@ANYRESHEX, @ANYRES32, @ANYRES64, @ANYRESHEX, @ANYRES16, @ANYRESDEC, @ANYRES64, @ANYRES32, @ANYRESOCT]) 12:47:17 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x1c1042, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/vmallocinfo\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x77, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) sendfile(r0, r1, 0x0, 0x10000027f) [ 145.264903] loop1: detected capacity change from 0 to 9 [ 145.291759] general protection fault, probably for non-canonical address 0xdffffc0004000018: 0000 [#2] PREEMPT SMP KASAN NOPTI [ 145.292522] KASAN: probably user-memory-access in range [0x00000000200000c0-0x00000000200000c7] [ 145.293197] CPU: 1 PID: 4122 Comm: syz-executor.4 Tainted: G D 6.3.0-rc3-next-20230327 #1 [ 145.293817] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 145.294352] RIP: 0010:do_iter_write+0x477/0x700 [ 145.294681] Code: 00 0f 85 fd 01 00 00 4d 8b 7c 24 28 e8 d2 05 c6 ff 48 8b 44 24 18 80 38 00 0f 85 68 01 00 00 48 8b 43 18 48 89 c2 48 c1 ea 03 <42> 80 3c 32 00 0f 85 3b 01 00 00 48 8b 4c 24 20 48 8b 30 80 39 00 [ 145.295870] RSP: 0018:ffff8880445cfc70 EFLAGS: 00010216 [ 145.296243] RAX: 00000000200000c0 RBX: ffff8880445cfd60 RCX: ffffc90004429000 [ 145.296822] RDX: 0000000004000018 RSI: ffffffff8185830e RDI: 0000000000000007 [ 145.297299] RBP: 0000000000000001 R08: 0000000000000007 R09: 0000000000000000 [ 145.297788] R10: 0000000000000001 R11: 0000000000000001 R12: ffff88800e2f8f00 [ 145.298279] R13: 0000000000000000 R14: dffffc0000000000 R15: ffffffff8491cda0 [ 145.298847] FS: 00007f391b53b700(0000) GS:ffff88806cf00000(0000) knlGS:0000000000000000 [ 145.299401] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 145.299816] CR2: 0000000020001300 CR3: 0000000040344000 CR4: 0000000000350ee0 [ 145.300278] Call Trace: [ 145.300452] [ 145.300607] ? import_iovec+0x87/0xb0 [ 145.300890] vfs_writev+0x1ae/0x660 [ 145.301167] ? __pfx_vfs_writev+0x10/0x10 [ 145.301482] ? lock_release+0x4d8/0x680 [ 145.301885] ? finish_task_switch.isra.0+0x203/0x830 [ 145.302269] ? trace_hardirqs_on+0x16/0x100 [ 145.302597] ? __schedule+0x995/0x2a00 [ 145.302906] ? __fget_files+0x270/0x480 [ 145.303299] __x64_sys_pwritev+0x233/0x310 [ 145.303618] ? __pfx___x64_sys_pwritev+0x10/0x10 [ 145.303988] do_syscall_64+0x3f/0x90 [ 145.304274] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 145.304673] RIP: 0033:0x7f391dfc5b19 [ 145.304946] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 145.306287] RSP: 002b:00007f391b53b188 EFLAGS: 00000246 ORIG_RAX: 0000000000000128 [ 145.306950] RAX: ffffffffffffffda RBX: 00007f391e0d8f60 RCX: 00007f391dfc5b19 [ 145.308036] RDX: 0000000000000001 RSI: 0000000020000000 RDI: 0000000000000004 [ 145.309010] RBP: 00007f391e01ff6d R08: 0000000000000000 R09: 0000000000000000 [ 145.309996] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 145.310958] R13: 00007ffec5bf8b2f R14: 00007f391b53b300 R15: 0000000000022000 [ 145.311948] [ 145.312280] Modules linked in: [ 145.313438] ---[ end trace 0000000000000000 ]--- [ 145.316689] RIP: 0010:do_iter_write+0x477/0x700 [ 145.318079] Code: 00 0f 85 fd 01 00 00 4d 8b 7c 24 28 e8 d2 05 c6 ff 48 8b 44 24 18 80 38 00 0f 85 68 01 00 00 48 8b 43 18 48 89 c2 48 c1 ea 03 <42> 80 3c 32 00 0f 85 3b 01 00 00 48 8b 4c 24 20 48 8b 30 80 39 00 [ 145.320378] RSP: 0018:ffff8880435d7c68 EFLAGS: 00010216 [ 145.321049] RAX: 0000000020000480 RBX: ffff8880435d7d58 RCX: ffffc90000e0e000 [ 145.321848] RDX: 0000000004000090 RSI: ffffffff8185830e RDI: 0000000000000007 [ 145.322709] RBP: 0000000000000008 R08: 0000000000000007 R09: 0000000000000000 [ 145.323517] R10: 0000000000000008 R11: 0000000000000001 R12: ffff888018d48c80 [ 145.324329] R13: 0000000000000000 R14: dffffc0000000000 R15: ffffffff84911240 [ 145.325167] FS: 00007f391b53b700(0000) GS:ffff88806cf00000(0000) knlGS:0000000000000000 [ 145.326079] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 145.326761] CR2: 0000000020001300 CR3: 0000000040344000 CR4: 0000000000350ee0 12:47:17 executing program 7: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) r0 = fsopen(&(0x7f0000000000)='hugetlbfs\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000080)='&,@.\\\'\x00', &(0x7f00000000c0)=':\x00', 0x0) r1 = fsmount(r0, 0x1, 0x0) r2 = openat(r1, &(0x7f0000000140)='./file0\x00', 0x42141, 0xc4) ioctl$BTRFS_IOC_SYNC(r2, 0x9408, 0x0) 12:47:17 executing program 2: syz_mount_image$vfat(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) stat(&(0x7f0000000240)='./file0\x00', &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0}) setresuid(0x0, r0, 0x0) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) r2 = dup2(r1, r1) getsockopt$IP6T_SO_GET_INFO(r2, 0x29, 0x40, 0x0, &(0x7f0000000200)) 12:47:17 executing program 5: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) sendmmsg$inet6(r1, &(0x7f0000002600)=[{{&(0x7f0000000000)={0xa, 0x4e22, 0x0, @remote}, 0x1c, 0x0}}], 0x1, 0x8004) sendmmsg$inet6(r1, &(0x7f0000002580)=[{{0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000080)="941ec779750fea938762", 0xa}, {&(0x7f00000000c0)="3512eb7480b7711b34d49bc123ec1382ff4598369fe0398a7b855894bb2a4b37a20788a845f63f0bc3496e4f40a84489e80357b46027f469227b8109dddbe42d703b50ca30458854a0adbaa2184bb5d128723deace5512d5ab15592ecdce627bb583dfc106da8320d5cef3b9a398b64cdc44c795b253396b1b3b613ea363735065ed85778df112b6b5b9abc291d757525b9339d16985e77fa92e002d61c67794d52272cf095faf7a2e4a6eabe53ee5ad281618175d67d03d9381584af00fa922516bd25c205c0590b0648fc847fce117832b185cb025de2bb0f9f75688770d9fdcc1cca97f16d85a10a23d739d42cc8293f18417ef160bf06f6347e662a55ec76e772739aef55543e23d36e429cd07632e5f2c32b55c903202947f8d1ef539b2e937c1300405dbb7c20fcadcd397d09a1831a799dfc14f37f44e1a92c4bddbbeeff2f3d2a53f2ec480097618fd4d838cb08a42de627c85dbdc4458f616bdc3ea05f256d17ba7b97f2e3b75e849ff556898a0bb66c4517097dde3825b24505a3ebabff35d02c416f4b9cc39eaff97f49daec9ba40ace918226551308ad8ea16e8efbe0fc82e466da1d5277519f1d46fd5ea284e0f5ebb682e659006ba30bfe60b5d49f02e503a0ec078ca7c1055403e91c75cb72a587d8906241659543017e530a9966e92548d8ad81751db0a205e75ea87e7b97bd15f0b741a29c70a164c8ee929db9b657b5d4341ba2c1b37c8348e95341d48574d60a050a173f42f8a2430a64f644dafd6e55b5985dd09b78535c9d816be83a80bf683293c7e753dd1b59dd0d96f4a3bb7a73bc547dee2a2f484a739570a09c8e468160b09dc7bce8c4ca2b89e9cffc295d498b9af77067be32a40c22f9e29f5b1b432350586d030139437f76f2149005c045c34e14c32c20368d9424111745485f72d38703bd516c6e3c465d8ff93ea86353db9d01ff449d68dbc3e5a2da8de1d401b19b72e5642e754502458c9ea55e9e2dc3efc5949aa52e70cc25025dea28189a529fcd9081f73c991a47e4dd4451c6b333fbfd0d9eb2c886940c4e268d7173b0c3407177f3dd097f24b0cfab7c2db81d939be89d4ad49fbf9b7ff41f2f8cd4b9ad7c313770c467157df01067968b353f051b5303c3c2c6b3bb4d268c1fdd5b4100c537c33912e92d5a599e26703bee35093cb79f2137f9d3831c15e863952c397aa288fc44448534c15b17e43b8bd3aacf8483fc0a49c93b0d018cbceb41f25069a4e2f0524711ddc2af9f1ce2dfa8d6bf444cf62a3c8e42e4f2817ba29c2ac3c5182fbdef680df27c83534e31993b3bbae42e653d3634a7075ef1addf6670b1019fe28160b079978c230b0fe2486d7c049542c169f423cbce9c51330afa65a7ab9217eb46dfaad25c6824482e166977d5ff535c408b76766406d398d802e348e9891f05bb1d5427059ffd4aa961d84dde15c7c3071123f6cdc745b09167e43af3fc9c443056c2f075600ef6f4332db0c12a24023cc4c85031e3cb931d2e53d5914670e856c54119be44b40fa158b5f8d275e2f8754efa47d5d8d535e3962c9586abd9284085f0e86610c5dc30296950452d744c68d79d6e88032f9d591185e8a4d6c3d6e4ac8cd3a0035657ba49a7b7f8b7757e68a5a3af5f2e87d99da237eb7a773ba0c345966b408be725371d0fd72832f649ed37b27197ed33efdc882aabec48abdb4e02005030e12efdc72cbffc4c09104a4fa35485ba76059a6b0d8b80cc5d0245d293479342c0a0e148cb4038e5b065341b8d6d4ef67d8f69807d894d0ed9acb4b8bec7ccd3e3f012413b66ced5eb8853a313f9180ca87a8b2c8d6399d950fb2bf18c56364c5a65eb0f3f85a81ab98136f96ed79f1577cde92f1ccd80509ecab5f9795de29826c10fe4e3d187c19e441f9b1f5be515fc7b31812519794953edd6c57ebe2ef8957441639ba3b0216f49240cd0458c586a3ff55914e306dc8664e510dffd0b5ea87ac6289e408af3f7ea8799ab504810c68f6635059aa87d208abe9151d2fe08ed5508057be7312822165cd8cd19197756745aba53468a89b12f4a9e626c83ccafd17f6bb022ea207034a625173d0d51cdae0a4fc97d29a12ef96281517117255992f87a13e44ac519533c8250d63c95c43c538d639f0541157e54ac198fd9d249cbc102cbb944213d3ee9eaed65cf1bc591cf78b1ec785ec86cf9142cab754b17b85cc38a09683f2c126520255814d29d8d60e574d7214a22a4d816943123f739bfec0f9894937fb3eb1b316fffc1e96bbf9912c82cbb10d0a3ff2cff465175134724936972f79f0126f4f7f9658be63e5615a957d697bccdb3898acfd0bafc6761242886d5a4310088a1b9e9202eff1a3b97e47c63d1d174d0314cdab51e9cc4d630beeb0e7d1e6018fffd9b99a8d6de13389e32116decf15a56d2c9a58f3a4d32a47423b39bb7fdfd98122bc0f486fc4d3a80e198d7c0e4472952b1eaed10b8255853e77165d126ad52183500c045ad33209ab1ff5eb1f0ba267218cc16c88cf963708d4ab748476f5b8c5e8b27c7063998593d67a58ccd188cebfb4d96b03ac368fc38be38716f02bc9c68a265fb40b2136a5f1ad5c53161e4f867b8aad5838ed63c25adbcd1af66b05573e337a186a3406988d5937d2c78a3da093cc3a5e97df0d4898702a6a934471326075309ef9e63b206f35c488a2d28814e2fb1d64c2955453efff1513df4acf8526ef632ba508040f60726330bb6821b17cbb845b02a207bc604357025847b50a8bfdb1b18065755d86447d10c46ee7ebbba923e5b2f86d431f242cd2625573728460de96a328bc9673a90221ce30e680f372f9d01b265c8c17c8ccfab7be0d4b30a0ba3902e5a6dfe8fee966bd53eb3eb3309adaaa538ac71e31780d85d82e39b22337d3cd7b3c6c717c4687781fdbdf8d257c79875954", 0x823}, {&(0x7f0000000900)="957a5c3043c1e1bb2141f63db46b8d43cc4011a54520d5a0c9656e322d7d316a42e5702f83069363471f881b5b440c9aa5b63a1465bcc05be4ba3ddbce7b4fa8f8324746", 0x44}], 0x3}}], 0x1, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x26e1, 0x0) ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0xc0c0583b, &(0x7f0000000080)={0x0, 0x0, 0x4d, 0x0, '\x00', [{}, {0x800, 0x0, 0x80000000000}]}) getsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000a00)={{{@in6=@loopback, @in=@initdev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@private0}, 0x0, @in6=@private1}}, &(0x7f0000000b00)=0xe8) ioctl$sock_ipv6_tunnel_SIOCGET6RD(0xffffffffffffffff, 0x89f8, &(0x7f0000000bc0)={'syztnl1\x00', &(0x7f0000000b40)={'ip6_vti0\x00', r3, 0x29, 0x6, 0x2, 0x80, 0x27, @dev={0xfe, 0x80, '\x00', 0x39}, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x589ff656ee4d7171, 0x7800, 0x9, 0x80}}) getsockopt$IP6T_SO_GET_REVISION_TARGET(r2, 0x29, 0x45, &(0x7f0000000980)={'icmp\x00'}, &(0x7f00000009c0)=0x1e) finit_module(0xffffffffffffffff, &(0x7f0000000180)='\x00', 0x2) 12:47:17 executing program 7: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) r0 = fsopen(&(0x7f0000000000)='hugetlbfs\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000080)='&,@.\\\'\x00', &(0x7f00000000c0)=':\x00', 0x0) r1 = fsmount(r0, 0x1, 0x0) r2 = openat(r1, &(0x7f0000000140)='./file0\x00', 0x42141, 0xc4) ioctl$BTRFS_IOC_SYNC(r2, 0x9408, 0x0) 12:47:17 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x1c1042, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/vmallocinfo\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x77, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) sendfile(r0, r1, 0x0, 0x10000027f) [ 146.117591] general protection fault, probably for non-canonical address 0xdffffc0004000018: 0000 [#3] PREEMPT SMP KASAN NOPTI [ 146.119021] KASAN: probably user-memory-access in range [0x00000000200000c0-0x00000000200000c7] [ 146.120083] CPU: 0 PID: 4143 Comm: syz-executor.4 Tainted: G D 6.3.0-rc3-next-20230327 #1 [ 146.121215] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 146.122210] RIP: 0010:do_iter_write+0x477/0x700 [ 146.122808] Code: 00 0f 85 fd 01 00 00 4d 8b 7c 24 28 e8 d2 05 c6 ff 48 8b 44 24 18 80 38 00 0f 85 68 01 00 00 48 8b 43 18 48 89 c2 48 c1 ea 03 <42> 80 3c 32 00 0f 85 3b 01 00 00 48 8b 4c 24 20 48 8b 30 80 39 00 [ 146.124989] RSP: 0018:ffff88800ecb7c70 EFLAGS: 00010216 [ 146.125632] RAX: 00000000200000c0 RBX: ffff88800ecb7d60 RCX: ffffc90005632000 [ 146.126484] RDX: 0000000004000018 RSI: ffffffff8185830e RDI: 0000000000000007 [ 146.127335] RBP: 0000000000000001 R08: 0000000000000007 R09: 0000000000000000 [ 146.128188] R10: 0000000000000001 R11: 0000000000000001 R12: ffff88800fba3b80 [ 146.129062] R13: 0000000000000000 R14: dffffc0000000000 R15: ffffffff8491cda0 [ 146.129959] FS: 00007f391b4f9700(0000) GS:ffff88806ce00000(0000) knlGS:0000000000000000 [ 146.130990] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 146.131735] CR2: 00005555562fa098 CR3: 0000000040344000 CR4: 0000000000350ef0 [ 146.132656] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 146.133561] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 146.134459] Call Trace: [ 146.134792] [ 146.135091] ? import_iovec+0x87/0xb0 [ 146.135594] vfs_writev+0x1ae/0x660 [ 146.136092] ? __pfx_vfs_writev+0x10/0x10 [ 146.136634] ? lock_release+0x4d8/0x680 [ 146.137166] ? finish_task_switch.isra.0+0x203/0x830 [ 146.137829] ? trace_hardirqs_on+0x16/0x100 [ 146.138407] ? __schedule+0x995/0x2a00 [ 146.138941] ? __fget_files+0x270/0x480 [ 146.139469] __x64_sys_pwritev+0x233/0x310 [ 146.140049] ? __pfx___x64_sys_pwritev+0x10/0x10 [ 146.140688] ? switch_fpu_return+0x157/0x2e0 [ 146.141284] do_syscall_64+0x3f/0x90 [ 146.141780] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 146.142464] RIP: 0033:0x7f391dfc5b19 [ 146.142959] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 146.145173] RSP: 002b:00007f391b4f9188 EFLAGS: 00000246 ORIG_RAX: 0000000000000128 [ 146.146092] RAX: ffffffffffffffda RBX: 00007f391e0d90e0 RCX: 00007f391dfc5b19 [ 146.146971] RDX: 0000000000000001 RSI: 0000000020000000 RDI: 0000000000000004 [ 146.147843] RBP: 00007f391e01ff6d R08: 0000000000000000 R09: 0000000000000000 [ 146.148704] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 146.149567] R13: 00007ffec5bf8b2f R14: 00007f391b4f9300 R15: 0000000000022000 [ 146.150436] [ 146.150745] Modules linked in: [ 146.151230] ---[ end trace 0000000000000000 ]--- [ 146.151837] RIP: 0010:do_iter_write+0x477/0x700 [ 146.152450] Code: 00 0f 85 fd 01 00 00 4d 8b 7c 24 28 e8 d2 05 c6 ff 48 8b 44 24 18 80 38 00 0f 85 68 01 00 00 48 8b 43 18 48 89 c2 48 c1 ea 03 <42> 80 3c 32 00 0f 85 3b 01 00 00 48 8b 4c 24 20 48 8b 30 80 39 00 [ 146.154638] RSP: 0018:ffff8880435d7c68 EFLAGS: 00010216 [ 146.155304] RAX: 0000000020000480 RBX: ffff8880435d7d58 RCX: ffffc90000e0e000 [ 146.156195] RDX: 0000000004000090 RSI: ffffffff8185830e RDI: 0000000000000007 [ 146.157082] RBP: 0000000000000008 R08: 0000000000000007 R09: 0000000000000000 [ 146.157938] R10: 0000000000000008 R11: 0000000000000001 R12: ffff888018d48c80 [ 146.158820] R13: 0000000000000000 R14: dffffc0000000000 R15: ffffffff84911240 [ 146.159713] FS: 00007f391b4f9700(0000) GS:ffff88806ce00000(0000) knlGS:0000000000000000 [ 146.160723] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 146.161450] CR2: 00005555562fa098 CR3: 0000000040344000 CR4: 0000000000350ef0 [ 146.162335] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 146.163224] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000600 12:47:18 executing program 2: r0 = syz_io_uring_setup(0x7645, &(0x7f00000001c0), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000240), &(0x7f0000000280)) io_uring_enter(r0, 0x0, 0x6bde, 0x3, 0x0, 0x0) 12:47:18 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) getsockopt$sock_buf(r0, 0x1, 0x1a, 0x0, &(0x7f00000000c0)) 12:47:18 executing program 6: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$KDFONTOP_SET_DEF(r0, 0x4b72, &(0x7f0000000400)={0x2, 0x0, 0x0, 0x0, 0x0, 0x0}) 12:47:18 executing program 7: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$netlink(r0, &(0x7f0000001480)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000100)={0x20, 0x1a, 0x101, 0x0, 0x0, "", [@nested={0x10, 0x0, 0x0, 0x1, [@typed={0xc, 0x0, 0x0, 0x0, @u64}]}]}, 0x20}], 0x1}, 0x0) 12:47:18 executing program 1: request_key(&(0x7f0000002880)='big_key\x00', 0x0, 0x0, 0x0) 12:47:18 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x1c1042, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/vmallocinfo\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x77, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) sendfile(r0, r1, 0x0, 0x10000027f) 12:47:18 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) ioctl$BTRFS_IOC_QGROUP_ASSIGN(r0, 0x40189429, &(0x7f0000000300)) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x2, 0x0) pwrite64(r2, &(0x7f00000000c0)='9', 0x1, 0x8040000) write$binfmt_script(r2, &(0x7f0000000340)={'#! ', './file1', [{}, {0x20, '\\'}, {0x20, '\x94'}], 0xa, "1aa9077a0502cd288571cbe8849b382060f27bf7bbeba8305fd4d2c532e999d796a82808c1bb194650fb3180beabf4a7e9dc"}, 0x42) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x4}, 0x0, 0x0, 0x0, 0x0, 0x6dc8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) pwritev(r1, &(0x7f0000000080)=[{&(0x7f0000000140)='\x00', 0x1}], 0x1, 0x7fffffb, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x8}, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r0, 0x0, 0x100000) r3 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x1c5042, 0x0) write(r3, &(0x7f0000000200)='E', 0x140000) stat(&(0x7f0000000240)='./file1\x00', &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0}) setresuid(0x0, r4, 0x0) getgid() 12:47:18 executing program 6: r0 = perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x79, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8}, 0x0, 0x101}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = perf_event_open(&(0x7f0000000280)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r2 = syz_open_procfs(0x0, &(0x7f00000012c0)='pagemap\x00') ioctl$F2FS_IOC_RELEASE_VOLATILE_WRITE(r0, 0xf504, 0x0) close(r2) dup3(r1, r2, 0x0) 12:47:18 executing program 4: perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x76f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040), 0xb}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$FAT_IOCTL_SET_ATTRIBUTES(0xffffffffffffffff, 0x40047211, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='clear_refs\x00') r1 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000180), 0x48103, 0x0) r2 = perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x3, 0xec, 0x20, 0x8, 0x0, 0x3, 0x40, 0x8, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x5, 0x4, @perf_config_ext={0x6, 0xffffffffffffffa8}, 0x2010, 0x4, 0x7af6, 0x1, 0xffffffff, 0x3f, 0x9, 0x0, 0x3, 0x0, 0x9}, 0xffffffffffffffff, 0x5, r1, 0x2) r3 = socket$nl_generic(0x10, 0x3, 0x10) getsockopt$sock_int(r3, 0x1, 0x3c, 0x0, &(0x7f0000001300)) r4 = accept$packet(r0, &(0x7f00000003c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @local}, &(0x7f0000000400)=0x14) io_uring_register$IORING_REGISTER_FILES_UPDATE(0xffffffffffffffff, 0x6, &(0x7f0000000480)={0x7ff, 0x0, &(0x7f0000000440)=[r3, r2, r4]}, 0x3) pwritev(r0, &(0x7f0000000000)=[{&(0x7f00000000c0)='3', 0x1}], 0x1, 0x0, 0x0) syncfs(0xffffffffffffffff) ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000300)=ANY=[@ANYRESHEX, @ANYRES32, @ANYRES64, @ANYRESHEX, @ANYRES16, @ANYRESDEC, @ANYRES64, @ANYRES32, @ANYRESOCT]) 12:47:18 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) getsockopt$sock_buf(r0, 0x1, 0x1a, 0x0, &(0x7f00000000c0)) 12:47:18 executing program 7: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$netlink(r0, &(0x7f0000001480)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000100)={0x20, 0x1a, 0x101, 0x0, 0x0, "", [@nested={0x10, 0x0, 0x0, 0x1, [@typed={0xc, 0x0, 0x0, 0x0, @u64}]}]}, 0x20}], 0x1}, 0x0) 12:47:18 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) getsockopt$sock_buf(r0, 0x1, 0x1a, 0x0, &(0x7f00000000c0)) 12:47:18 executing program 7: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$netlink(r0, &(0x7f0000001480)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000100)={0x20, 0x1a, 0x101, 0x0, 0x0, "", [@nested={0x10, 0x0, 0x0, 0x1, [@typed={0xc, 0x0, 0x0, 0x0, @u64}]}]}, 0x20}], 0x1}, 0x0) 12:47:18 executing program 1: pipe(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x77, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fcntl$setstatus(r0, 0x4, 0x42800) close(r1) [ 146.390481] general protection fault, probably for non-canonical address 0xdffffc0004000018: 0000 [#4] PREEMPT SMP KASAN NOPTI [ 146.391674] KASAN: probably user-memory-access in range [0x00000000200000c0-0x00000000200000c7] [ 146.392493] CPU: 1 PID: 4162 Comm: syz-executor.4 Tainted: G D 6.3.0-rc3-next-20230327 #1 [ 146.393431] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 146.394224] RIP: 0010:do_iter_write+0x477/0x700 [ 146.394762] Code: 00 0f 85 fd 01 00 00 4d 8b 7c 24 28 e8 d2 05 c6 ff 48 8b 44 24 18 80 38 00 0f 85 68 01 00 00 48 8b 43 18 48 89 c2 48 c1 ea 03 <42> 80 3c 32 00 0f 85 3b 01 00 00 48 8b 4c 24 20 48 8b 30 80 39 00 [ 146.396435] RSP: 0018:ffff888043dbfc70 EFLAGS: 00010216 [ 146.396898] RAX: 00000000200000c0 RBX: ffff888043dbfd60 RCX: ffffc90004429000 [ 146.397558] RDX: 0000000004000018 RSI: ffffffff8185830e RDI: 0000000000000007 [ 146.398239] RBP: 0000000000000001 R08: 0000000000000007 R09: 0000000000000000 [ 146.398931] R10: 0000000000000001 R11: 0000000000000001 R12: ffff888041b64500 [ 146.399632] R13: 0000000000000000 R14: dffffc0000000000 R15: ffffffff8491cda0 [ 146.400317] FS: 00007f391b53b700(0000) GS:ffff88806cf00000(0000) knlGS:0000000000000000 [ 146.401048] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 146.401605] CR2: 00007fa38d226904 CR3: 000000000e3ac000 CR4: 0000000000350ee0 [ 146.402299] Call Trace: [ 146.402558] [ 146.402796] ? import_iovec+0x87/0xb0 [ 146.403163] vfs_writev+0x1ae/0x660 [ 146.403536] ? __pfx_vfs_writev+0x10/0x10 [ 146.403961] ? __fget_files+0x24e/0x480 [ 146.404363] ? lock_release+0x4d8/0x680 [ 146.404796] ? __fget_files+0xdd/0x480 [ 146.405205] ? __fget_files+0x270/0x480 [ 146.405636] __x64_sys_pwritev+0x233/0x310 [ 146.406072] ? __pfx___x64_sys_pwritev+0x10/0x10 [ 146.406565] do_syscall_64+0x3f/0x90 [ 146.406948] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 146.407422] RIP: 0033:0x7f391dfc5b19 [ 146.407747] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 146.409349] RSP: 002b:00007f391b53b188 EFLAGS: 00000246 ORIG_RAX: 0000000000000128 [ 146.410055] RAX: ffffffffffffffda RBX: 00007f391e0d8f60 RCX: 00007f391dfc5b19 [ 146.410705] RDX: 0000000000000001 RSI: 0000000020000000 RDI: 0000000000000004 [ 146.411432] RBP: 00007f391e01ff6d R08: 0000000000000000 R09: 0000000000000000 [ 146.412076] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 146.412702] R13: 00007ffec5bf8b2f R14: 00007f391b53b300 R15: 0000000000022000 [ 146.413443] [ 146.413661] Modules linked in: [ 146.414077] ---[ end trace 0000000000000000 ]--- [ 146.414647] RIP: 0010:do_iter_write+0x477/0x700 [ 146.415238] Code: 00 0f 85 fd 01 00 00 4d 8b 7c 24 28 e8 d2 05 c6 ff 48 8b 44 24 18 80 38 00 0f 85 68 01 00 00 48 8b 43 18 48 89 c2 48 c1 ea 03 <42> 80 3c 32 00 0f 85 3b 01 00 00 48 8b 4c 24 20 48 8b 30 80 39 00 [ 146.417107] RSP: 0018:ffff8880435d7c68 EFLAGS: 00010216 [ 146.417770] RAX: 0000000020000480 RBX: ffff8880435d7d58 RCX: ffffc90000e0e000 [ 146.418557] RDX: 0000000004000090 RSI: ffffffff8185830e RDI: 0000000000000007 [ 146.419357] RBP: 0000000000000008 R08: 0000000000000007 R09: 0000000000000000 [ 146.420136] R10: 0000000000000008 R11: 0000000000000001 R12: ffff888018d48c80 [ 146.420878] R13: 0000000000000000 R14: dffffc0000000000 R15: ffffffff84911240 [ 146.421657] FS: 00007f391b53b700(0000) GS:ffff88806cf00000(0000) knlGS:0000000000000000 [ 146.422517] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 146.423311] CR2: 00007fa38d226904 CR3: 000000000e3ac000 CR4: 0000000000350ee0 12:47:18 executing program 7: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$netlink(r0, &(0x7f0000001480)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000100)={0x20, 0x1a, 0x101, 0x0, 0x0, "", [@nested={0x10, 0x0, 0x0, 0x1, [@typed={0xc, 0x0, 0x0, 0x0, @u64}]}]}, 0x20}], 0x1}, 0x0) 12:47:18 executing program 4: perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x76f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040), 0xb}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$FAT_IOCTL_SET_ATTRIBUTES(0xffffffffffffffff, 0x40047211, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='clear_refs\x00') r1 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000180), 0x48103, 0x0) r2 = perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x3, 0xec, 0x20, 0x8, 0x0, 0x3, 0x40, 0x8, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x5, 0x4, @perf_config_ext={0x6, 0xffffffffffffffa8}, 0x2010, 0x4, 0x7af6, 0x1, 0xffffffff, 0x3f, 0x9, 0x0, 0x3, 0x0, 0x9}, 0xffffffffffffffff, 0x5, r1, 0x2) r3 = socket$nl_generic(0x10, 0x3, 0x10) getsockopt$sock_int(r3, 0x1, 0x3c, 0x0, &(0x7f0000001300)) r4 = accept$packet(r0, &(0x7f00000003c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @local}, &(0x7f0000000400)=0x14) io_uring_register$IORING_REGISTER_FILES_UPDATE(0xffffffffffffffff, 0x6, &(0x7f0000000480)={0x7ff, 0x0, &(0x7f0000000440)=[r3, r2, r4]}, 0x3) pwritev(r0, &(0x7f0000000000)=[{&(0x7f00000000c0)='3', 0x1}], 0x1, 0x0, 0x0) syncfs(0xffffffffffffffff) ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000300)=ANY=[@ANYRESHEX, @ANYRES32, @ANYRES64, @ANYRESHEX, @ANYRES16, @ANYRESDEC, @ANYRES64, @ANYRES32, @ANYRESOCT]) 12:47:18 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x1c1042, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/vmallocinfo\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x77, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) sendfile(r0, r1, 0x0, 0x10000027f) 12:47:18 executing program 6: r0 = perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x79, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8}, 0x0, 0x101}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = perf_event_open(&(0x7f0000000280)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r2 = syz_open_procfs(0x0, &(0x7f00000012c0)='pagemap\x00') ioctl$F2FS_IOC_RELEASE_VOLATILE_WRITE(r0, 0xf504, 0x0) close(r2) dup3(r1, r2, 0x0) 12:47:18 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) ioctl$BTRFS_IOC_QGROUP_ASSIGN(r0, 0x40189429, &(0x7f0000000300)) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x2, 0x0) pwrite64(r2, &(0x7f00000000c0)='9', 0x1, 0x8040000) write$binfmt_script(r2, &(0x7f0000000340)={'#! ', './file1', [{}, {0x20, '\\'}, {0x20, '\x94'}], 0xa, "1aa9077a0502cd288571cbe8849b382060f27bf7bbeba8305fd4d2c532e999d796a82808c1bb194650fb3180beabf4a7e9dc"}, 0x42) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x4}, 0x0, 0x0, 0x0, 0x0, 0x6dc8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) pwritev(r1, &(0x7f0000000080)=[{&(0x7f0000000140)='\x00', 0x1}], 0x1, 0x7fffffb, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x8}, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r0, 0x0, 0x100000) r3 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x1c5042, 0x0) write(r3, &(0x7f0000000200)='E', 0x140000) stat(&(0x7f0000000240)='./file1\x00', &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0}) setresuid(0x0, r4, 0x0) getgid() 12:47:18 executing program 2: r0 = syz_io_uring_setup(0x7645, &(0x7f00000001c0), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000240), &(0x7f0000000280)) io_uring_enter(r0, 0x0, 0x6bde, 0x3, 0x0, 0x0) 12:47:18 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) getsockopt$sock_buf(r0, 0x1, 0x1a, 0x0, &(0x7f00000000c0)) 12:47:18 executing program 1: io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_TCP_MD5SIG(r0, 0x6, 0xe, &(0x7f00000000c0)={@in6={{0xa, 0x0, 0x0, @loopback}}, 0x0, 0x0, 0x44, 0x0, "704f5992d666aa2888e479ca552ee155f638582a91ca97213cf4774a2e4c350cdc3f9f62a4c21970bd149a52fa311b916bf00b51b808c412ed6b9fcbb5be4a2fb7dd8fd0dfa22b4100"}, 0xd8) setsockopt$inet6_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f00000018c0)=0x1, 0x4) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @loopback}, 0x1c) r1 = socket(0x11, 0x3, 0x4) setsockopt$inet6_tcp_TLS_TX(r1, 0x6, 0x1, &(0x7f0000000200)=@ccm_128={{0x303}, "9ea4184388e52d6f", "89f22edc3cd92189abaff362e2d637ee", "008a3503", "7feb260c022b5e63"}, 0x28) setsockopt$inet6_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f0000000000), 0x4) socket$unix(0x1, 0x5, 0x0) ioctl$LOOP_CHANGE_FD(0xffffffffffffffff, 0x4c06, r0) r2 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x258101, 0x0) setsockopt$inet6_tcp_TCP_MD5SIG(r0, 0x6, 0xe, &(0x7f0000000480)={@in6={{0xa, 0x4e23, 0x6, @private1={0xfc, 0x1, '\x00', 0x1}, 0x9}}, 0x0, 0x0, 0x2c, 0x0, "a5294180139273e40a4f4300ead5260bbb12a8169e37ae7a7a262ca89833e6c28a17a4eca7509f182dbe5a55444efcf08db3bf31aad51981f89f2a857f2e4c970bffac7732194c81162b457ca45bcf80"}, 0xd8) perf_event_open(&(0x7f0000000300)={0x3, 0x80, 0x53, 0x8, 0x6, 0x1, 0x0, 0x7, 0x10e44, 0x8, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x9cfb, 0x0, @perf_config_ext={0x2, 0x9}, 0x19940, 0x445, 0x7ff, 0x4, 0x0, 0xe9cf, 0x1d, 0x0, 0x7, 0x0, 0x7ff}, 0x0, 0x8, r2, 0x2) ioctl$CDROMREADTOCENTRY(0xffffffffffffffff, 0x125d, &(0x7f0000000000)) r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) fallocate(r3, 0x0, 0x0, 0x87ffffc) getsockopt$inet6_tcp_buf(r0, 0x6, 0x1c, &(0x7f0000000040)=""/42, &(0x7f00000001c0)=0x2a) 12:47:19 executing program 6: r0 = perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x79, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8}, 0x0, 0x101}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = perf_event_open(&(0x7f0000000280)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r2 = syz_open_procfs(0x0, &(0x7f00000012c0)='pagemap\x00') ioctl$F2FS_IOC_RELEASE_VOLATILE_WRITE(r0, 0xf504, 0x0) close(r2) dup3(r1, r2, 0x0) [ 147.250028] general protection fault, probably for non-canonical address 0xdffffc0004000018: 0000 [#5] PREEMPT SMP KASAN NOPTI [ 147.251230] KASAN: probably user-memory-access in range [0x00000000200000c0-0x00000000200000c7] [ 147.252057] CPU: 0 PID: 4197 Comm: syz-executor.4 Tainted: G D 6.3.0-rc3-next-20230327 #1 [ 147.252994] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 147.253787] RIP: 0010:do_iter_write+0x477/0x700 [ 147.254243] Code: 00 0f 85 fd 01 00 00 4d 8b 7c 24 28 e8 d2 05 c6 ff 48 8b 44 24 18 80 38 00 0f 85 68 01 00 00 48 8b 43 18 48 89 c2 48 c1 ea 03 <42> 80 3c 32 00 0f 85 3b 01 00 00 48 8b 4c 24 20 48 8b 30 80 39 00 [ 147.255922] RSP: 0018:ffff8880440efc70 EFLAGS: 00010216 [ 147.256447] RAX: 00000000200000c0 RBX: ffff8880440efd60 RCX: ffffc90004429000 [ 147.257139] RDX: 0000000004000018 RSI: ffffffff8185830e RDI: 0000000000000007 [ 147.257799] RBP: 0000000000000001 R08: 0000000000000007 R09: 0000000000000000 [ 147.258536] R10: 0000000000000001 R11: 0000000000000001 R12: ffff88800f08a280 [ 147.259200] R13: 0000000000000000 R14: dffffc0000000000 R15: ffffffff8491cda0 [ 147.259900] FS: 00007f391b53b700(0000) GS:ffff88806ce00000(0000) knlGS:0000000000000000 [ 147.260711] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 147.261304] CR2: 0000000020001300 CR3: 0000000041e06000 CR4: 0000000000350ef0 [ 147.262000] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 147.262714] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 147.263410] Call Trace: [ 147.263668] [ 147.263903] vfs_writev+0x1ae/0x660 [ 147.264270] ? __pfx_vfs_writev+0x10/0x10 [ 147.264695] ? lock_release+0x4d8/0x680 [ 147.265103] ? finish_task_switch.isra.0+0x203/0x830 [ 147.265605] ? trace_hardirqs_on+0x16/0x100 [ 147.266022] ? __schedule+0x995/0x2a00 [ 147.266411] ? __fget_files+0x270/0x480 [ 147.266797] __x64_sys_pwritev+0x233/0x310 [ 147.267217] ? __pfx___x64_sys_pwritev+0x10/0x10 [ 147.267683] do_syscall_64+0x3f/0x90 [ 147.268067] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 147.268570] RIP: 0033:0x7f391dfc5b19 [ 147.268943] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 147.270689] RSP: 002b:00007f391b53b188 EFLAGS: 00000246 ORIG_RAX: 0000000000000128 [ 147.271438] RAX: ffffffffffffffda RBX: 00007f391e0d8f60 RCX: 00007f391dfc5b19 [ 147.272146] RDX: 0000000000000001 RSI: 0000000020000000 RDI: 0000000000000004 [ 147.272847] RBP: 00007f391e01ff6d R08: 0000000000000000 R09: 0000000000000000 [ 147.273536] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 147.274236] R13: 00007ffec5bf8b2f R14: 00007f391b53b300 R15: 0000000000022000 [ 147.274922] [ 147.275150] Modules linked in: [ 147.275905] ---[ end trace 0000000000000000 ]--- [ 147.276474] RIP: 0010:do_iter_write+0x477/0x700 [ 147.277065] Code: 00 0f 85 fd 01 00 00 4d 8b 7c 24 28 e8 d2 05 c6 ff 48 8b 44 24 18 80 38 00 0f 85 68 01 00 00 48 8b 43 18 48 89 c2 48 c1 ea 03 <42> 80 3c 32 00 0f 85 3b 01 00 00 48 8b 4c 24 20 48 8b 30 80 39 00 [ 147.278884] RSP: 0018:ffff8880435d7c68 EFLAGS: 00010216 [ 147.279594] RAX: 0000000020000480 RBX: ffff8880435d7d58 RCX: ffffc90000e0e000 [ 147.280559] RDX: 0000000004000090 RSI: ffffffff8185830e RDI: 0000000000000007 [ 147.281556] RBP: 0000000000000008 R08: 0000000000000007 R09: 0000000000000000 [ 147.282505] R10: 0000000000000008 R11: 0000000000000001 R12: ffff888018d48c80 [ 147.283455] R13: 0000000000000000 R14: dffffc0000000000 R15: ffffffff84911240 [ 147.284464] FS: 00007f391b53b700(0000) GS:ffff88806ce00000(0000) knlGS:0000000000000000 [ 147.285615] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 147.288064] CR2: 0000000020001300 CR3: 0000000041e06000 CR4: 0000000000350ef0 [ 147.288894] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 147.289715] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000600 12:47:19 executing program 7: r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000011c0)='/sys/kernel/address_bits', 0x0, 0x0) preadv(r0, &(0x7f0000000100)=[{&(0x7f0000000000)=""/211, 0xd3}], 0x1, 0x0, 0x0) 12:47:19 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) ioctl$BTRFS_IOC_QGROUP_ASSIGN(r0, 0x40189429, &(0x7f0000000300)) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x2, 0x0) pwrite64(r2, &(0x7f00000000c0)='9', 0x1, 0x8040000) write$binfmt_script(r2, &(0x7f0000000340)={'#! ', './file1', [{}, {0x20, '\\'}, {0x20, '\x94'}], 0xa, "1aa9077a0502cd288571cbe8849b382060f27bf7bbeba8305fd4d2c532e999d796a82808c1bb194650fb3180beabf4a7e9dc"}, 0x42) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x4}, 0x0, 0x0, 0x0, 0x0, 0x6dc8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) pwritev(r1, &(0x7f0000000080)=[{&(0x7f0000000140)='\x00', 0x1}], 0x1, 0x7fffffb, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x8}, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r0, 0x0, 0x100000) r3 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x1c5042, 0x0) write(r3, &(0x7f0000000200)='E', 0x140000) stat(&(0x7f0000000240)='./file1\x00', &(0x7f00000001c0)) ioctl$AUTOFS_IOC_CATATONIC(r1, 0x9362, 0x0) getgid() 12:47:19 executing program 6: r0 = perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x79, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8}, 0x0, 0x101}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = perf_event_open(&(0x7f0000000280)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r2 = syz_open_procfs(0x0, &(0x7f00000012c0)='pagemap\x00') ioctl$F2FS_IOC_RELEASE_VOLATILE_WRITE(r0, 0xf504, 0x0) close(r2) dup3(r1, r2, 0x0) 12:47:19 executing program 7: r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000011c0)='/sys/kernel/address_bits', 0x0, 0x0) preadv(r0, &(0x7f0000000100)=[{&(0x7f0000000000)=""/211, 0xd3}], 0x1, 0x0, 0x0) 12:47:19 executing program 7: r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000011c0)='/sys/kernel/address_bits', 0x0, 0x0) preadv(r0, &(0x7f0000000100)=[{&(0x7f0000000000)=""/211, 0xd3}], 0x1, 0x0, 0x0) 12:47:19 executing program 1: io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_TCP_MD5SIG(r0, 0x6, 0xe, &(0x7f00000000c0)={@in6={{0xa, 0x0, 0x0, @loopback}}, 0x0, 0x0, 0x44, 0x0, "704f5992d666aa2888e479ca552ee155f638582a91ca97213cf4774a2e4c350cdc3f9f62a4c21970bd149a52fa311b916bf00b51b808c412ed6b9fcbb5be4a2fb7dd8fd0dfa22b4100"}, 0xd8) setsockopt$inet6_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f00000018c0)=0x1, 0x4) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @loopback}, 0x1c) r1 = socket(0x11, 0x3, 0x4) setsockopt$inet6_tcp_TLS_TX(r1, 0x6, 0x1, &(0x7f0000000200)=@ccm_128={{0x303}, "9ea4184388e52d6f", "89f22edc3cd92189abaff362e2d637ee", "008a3503", "7feb260c022b5e63"}, 0x28) setsockopt$inet6_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f0000000000), 0x4) socket$unix(0x1, 0x5, 0x0) ioctl$LOOP_CHANGE_FD(0xffffffffffffffff, 0x4c06, r0) r2 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x258101, 0x0) setsockopt$inet6_tcp_TCP_MD5SIG(r0, 0x6, 0xe, &(0x7f0000000480)={@in6={{0xa, 0x4e23, 0x6, @private1={0xfc, 0x1, '\x00', 0x1}, 0x9}}, 0x0, 0x0, 0x2c, 0x0, "a5294180139273e40a4f4300ead5260bbb12a8169e37ae7a7a262ca89833e6c28a17a4eca7509f182dbe5a55444efcf08db3bf31aad51981f89f2a857f2e4c970bffac7732194c81162b457ca45bcf80"}, 0xd8) perf_event_open(&(0x7f0000000300)={0x3, 0x80, 0x53, 0x8, 0x6, 0x1, 0x0, 0x7, 0x10e44, 0x8, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x9cfb, 0x0, @perf_config_ext={0x2, 0x9}, 0x19940, 0x445, 0x7ff, 0x4, 0x0, 0xe9cf, 0x1d, 0x0, 0x7, 0x0, 0x7ff}, 0x0, 0x8, r2, 0x2) ioctl$CDROMREADTOCENTRY(0xffffffffffffffff, 0x125d, &(0x7f0000000000)) r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) fallocate(r3, 0x0, 0x0, 0x87ffffc) getsockopt$inet6_tcp_buf(r0, 0x6, 0x1c, &(0x7f0000000040)=""/42, &(0x7f00000001c0)=0x2a) 12:47:19 executing program 7: r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000011c0)='/sys/kernel/address_bits', 0x0, 0x0) preadv(r0, &(0x7f0000000100)=[{&(0x7f0000000000)=""/211, 0xd3}], 0x1, 0x0, 0x0) 12:47:19 executing program 3: io_setup(0xb4, &(0x7f0000000000)=0x0) io_getevents(r0, 0x0, 0x0, 0x0, &(0x7f0000000a40)) 12:47:20 executing program 1: io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_TCP_MD5SIG(r0, 0x6, 0xe, &(0x7f00000000c0)={@in6={{0xa, 0x0, 0x0, @loopback}}, 0x0, 0x0, 0x44, 0x0, "704f5992d666aa2888e479ca552ee155f638582a91ca97213cf4774a2e4c350cdc3f9f62a4c21970bd149a52fa311b916bf00b51b808c412ed6b9fcbb5be4a2fb7dd8fd0dfa22b4100"}, 0xd8) setsockopt$inet6_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f00000018c0)=0x1, 0x4) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @loopback}, 0x1c) r1 = socket(0x11, 0x3, 0x4) setsockopt$inet6_tcp_TLS_TX(r1, 0x6, 0x1, &(0x7f0000000200)=@ccm_128={{0x303}, "9ea4184388e52d6f", "89f22edc3cd92189abaff362e2d637ee", "008a3503", "7feb260c022b5e63"}, 0x28) setsockopt$inet6_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f0000000000), 0x4) socket$unix(0x1, 0x5, 0x0) ioctl$LOOP_CHANGE_FD(0xffffffffffffffff, 0x4c06, r0) r2 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x258101, 0x0) setsockopt$inet6_tcp_TCP_MD5SIG(r0, 0x6, 0xe, &(0x7f0000000480)={@in6={{0xa, 0x4e23, 0x6, @private1={0xfc, 0x1, '\x00', 0x1}, 0x9}}, 0x0, 0x0, 0x2c, 0x0, "a5294180139273e40a4f4300ead5260bbb12a8169e37ae7a7a262ca89833e6c28a17a4eca7509f182dbe5a55444efcf08db3bf31aad51981f89f2a857f2e4c970bffac7732194c81162b457ca45bcf80"}, 0xd8) perf_event_open(&(0x7f0000000300)={0x3, 0x80, 0x53, 0x8, 0x6, 0x1, 0x0, 0x7, 0x10e44, 0x8, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x9cfb, 0x0, @perf_config_ext={0x2, 0x9}, 0x19940, 0x445, 0x7ff, 0x4, 0x0, 0xe9cf, 0x1d, 0x0, 0x7, 0x0, 0x7ff}, 0x0, 0x8, r2, 0x2) ioctl$CDROMREADTOCENTRY(0xffffffffffffffff, 0x125d, &(0x7f0000000000)) r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) fallocate(r3, 0x0, 0x0, 0x87ffffc) getsockopt$inet6_tcp_buf(r0, 0x6, 0x1c, &(0x7f0000000040)=""/42, &(0x7f00000001c0)=0x2a) 12:47:20 executing program 7: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mq_unlink(0x0) 12:47:20 executing program 2: r0 = syz_io_uring_setup(0x7645, &(0x7f00000001c0), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000240), &(0x7f0000000280)) io_uring_enter(r0, 0x0, 0x6bde, 0x3, 0x0, 0x0) 12:47:20 executing program 4: perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x76f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040), 0xb}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$FAT_IOCTL_SET_ATTRIBUTES(0xffffffffffffffff, 0x40047211, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='clear_refs\x00') r1 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000180), 0x48103, 0x0) r2 = perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x3, 0xec, 0x20, 0x8, 0x0, 0x3, 0x40, 0x8, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x5, 0x4, @perf_config_ext={0x6, 0xffffffffffffffa8}, 0x2010, 0x4, 0x7af6, 0x1, 0xffffffff, 0x3f, 0x9, 0x0, 0x3, 0x0, 0x9}, 0xffffffffffffffff, 0x5, r1, 0x2) r3 = socket$nl_generic(0x10, 0x3, 0x10) getsockopt$sock_int(r3, 0x1, 0x3c, 0x0, &(0x7f0000001300)) r4 = accept$packet(r0, &(0x7f00000003c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @local}, &(0x7f0000000400)=0x14) io_uring_register$IORING_REGISTER_FILES_UPDATE(0xffffffffffffffff, 0x6, &(0x7f0000000480)={0x7ff, 0x0, &(0x7f0000000440)=[r3, r2, r4]}, 0x3) pwritev(r0, &(0x7f0000000000)=[{&(0x7f00000000c0)='3', 0x1}], 0x1, 0x0, 0x0) syncfs(0xffffffffffffffff) ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000300)=ANY=[@ANYRESHEX, @ANYRES32, @ANYRES64, @ANYRESHEX, @ANYRES16, @ANYRESDEC, @ANYRES64, @ANYRES32, @ANYRESOCT]) 12:47:20 executing program 5: syz_emit_ethernet(0x56, &(0x7f0000000140)={@multicast, @multicast, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x48, 0x0, 0x0, 0x0, 0x1, 0x0, @rand_addr=0x640100fd, @remote}, @time_exceeded={0xb, 0x0, 0x0, 0x0, 0x0, 0x0, {0xb, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast, @empty, {[@timestamp_prespec={0x44, 0x4}, @timestamp_addr={0x44, 0x14, 0x0, 0x1, 0x0, [{@empty}, {@remote}]}]}}}}}}}, 0x0) 12:47:20 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) ioctl$BTRFS_IOC_QGROUP_ASSIGN(r0, 0x40189429, &(0x7f0000000300)) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x2, 0x0) pwrite64(r2, &(0x7f00000000c0)='9', 0x1, 0x8040000) write$binfmt_script(r2, &(0x7f0000000340)={'#! ', './file1', [{}, {0x20, '\\'}, {0x20, '\x94'}], 0xa, "1aa9077a0502cd288571cbe8849b382060f27bf7bbeba8305fd4d2c532e999d796a82808c1bb194650fb3180beabf4a7e9dc"}, 0x42) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x4}, 0x0, 0x0, 0x0, 0x0, 0x6dc8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) pwritev(r1, &(0x7f0000000080)=[{&(0x7f0000000140)='\x00', 0x1}], 0x1, 0x7fffffb, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x8}, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r0, 0x0, 0x100000) r3 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x1c5042, 0x0) write(r3, &(0x7f0000000200)='E', 0x140000) stat(&(0x7f0000000240)='./file1\x00', &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0}) setresuid(0x0, r4, 0x0) getgid() 12:47:20 executing program 6: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x80000, 0xc, &(0x7f0000000200)=[{&(0x7f0000010000)="eb58906d6b66732e66617400028020000200000004f800002000400000000000000000000100000000000000020000000100060000000000000000000000000080002911f042f153595a4b414c4c4552202046415433322020200e1fbe777cac22c0740b56b40ebb0700cd105eebf032e4cd16cd19ebfe54686973206973206e6f74206120626f6f7461626c65206469736b2e2020506c6561736520696e73657274206120626f6f7461626c6520666c6f70707920616e640d0a707265737320616e79206b657920746f2074727920616761696e202e2e2e200d0a0000000000", 0xe0}, {&(0x7f0000010100)="00000000000000000000000000000000000000000000000000000000000055aa5252614100"/64, 0x40, 0x1e0}, {&(0x7f0000010200)="00000000727241610100000007000000000000000000000000000000000055aa", 0x20, 0x3e0}, {&(0x7f0000010300)="eb58906d6b66732e66617400028020000200000004f800002000400000000000000000000100000000000000020000000100060000000000000000000000000080002911f042f153595a4b414c4c4552202046415433322020200e1fbe777cac22c0740b56b40ebb0700cd105eebf032e4cd16cd19ebfe54686973206973206e6f74206120626f6f7461626c65206469736b2e2020506c6561736520696e73657274206120626f6f7461626c6520666c6f70707920616e640d0a707265737320616e79206b657920746f2074727920616761696e202e2e2e200d0a0000000000", 0xe0, 0xc00}, {&(0x7f0000010400)="00000000000000000000000000000000000000000000000000000000000055aa", 0x20, 0xde0}, {&(0x7f0000010500)="f8ffff0fffffff0ff8ffff0fffffff0fffffff0fffffff0fffffff0fffffff0f", 0x20, 0x4000}, {&(0x7f0000010600)="f8ffff0fffffff0ff8ffff0fffffff0fffffff0fffffff0fffffff0fffffff0f", 0x20, 0x4200}, {&(0x7f0000010700)="53595a4b414c4c45522020080000e880325132510000e880325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100034e870325132510000e870325103000000000041660069006c00650031000f00100000ffffffffffffffffffff0000ffffffff46494c4531202020202020200034e870325132510000e870325105000a00000041660069006c00650032000f00140000ffffffffffffffffffff0000ffffffff46494c4532202020202020200034e870325132510000e870325106002823000041660069006c0065002e000f00d263006f006c0064000000ffff0000ffffffff46494c457e312020434f4c200034e870325132510000e8703251070064000000", 0x120, 0x4400}, {&(0x7f0000010900)="2e20202020202020202020100034e870325132510000e87032510300000000002e2e202020202020202020100034e870325132510000e870325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020200034e870325132510000e870325104001a040000", 0x80, 0x14400}, {&(0x7f0000010a00)='syzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkal\x00\x00\x00\x00\x00\x00', 0x420, 0x24400}, {&(0x7f0000010f00)='syzkallers\x00'/32, 0x20, 0x34400}, {&(0x7f0000011000)='syzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallers\x00'/128, 0x80, 0x54400}], 0x0, &(0x7f0000011100)) 12:47:20 executing program 3: r0 = syz_open_dev$mouse(&(0x7f0000000000), 0x1e, 0x81) mq_open(0x0, 0x0, 0x0, 0x0) socket$inet6(0xa, 0x0, 0x1c98) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x6dc8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$AUTOFS_DEV_IOCTL_READY(0xffffffffffffffff, 0xc0189376, 0x0) ioctl$AUTOFS_DEV_IOCTL_PROTOVER(0xffffffffffffffff, 0xc0189372, &(0x7f0000000600)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x2}}, './file0\x00'}) ioctl$AUTOFS_DEV_IOCTL_EXPIRE(r0, 0xc018937c, 0x0) io_submit(0x0, 0x0, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioprio_get$pid(0x2, 0xffffffffffffffff) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8001}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioprio_set$pid(0x3, 0x0, 0x4007) [ 148.339596] loop6: detected capacity change from 0 to 1348 12:47:20 executing program 7: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mount(0x0, &(0x7f0000000000)='./file1\x00', &(0x7f0000000080)='sysfs\x00', 0x0, 0x0) 12:47:20 executing program 6: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x80000, 0xc, &(0x7f0000000200)=[{&(0x7f0000010000)="eb58906d6b66732e66617400028020000200000004f800002000400000000000000000000100000000000000020000000100060000000000000000000000000080002911f042f153595a4b414c4c4552202046415433322020200e1fbe777cac22c0740b56b40ebb0700cd105eebf032e4cd16cd19ebfe54686973206973206e6f74206120626f6f7461626c65206469736b2e2020506c6561736520696e73657274206120626f6f7461626c6520666c6f70707920616e640d0a707265737320616e79206b657920746f2074727920616761696e202e2e2e200d0a0000000000", 0xe0}, {&(0x7f0000010100)="00000000000000000000000000000000000000000000000000000000000055aa5252614100"/64, 0x40, 0x1e0}, {&(0x7f0000010200)="00000000727241610100000007000000000000000000000000000000000055aa", 0x20, 0x3e0}, {&(0x7f0000010300)="eb58906d6b66732e66617400028020000200000004f800002000400000000000000000000100000000000000020000000100060000000000000000000000000080002911f042f153595a4b414c4c4552202046415433322020200e1fbe777cac22c0740b56b40ebb0700cd105eebf032e4cd16cd19ebfe54686973206973206e6f74206120626f6f7461626c65206469736b2e2020506c6561736520696e73657274206120626f6f7461626c6520666c6f70707920616e640d0a707265737320616e79206b657920746f2074727920616761696e202e2e2e200d0a0000000000", 0xe0, 0xc00}, {&(0x7f0000010400)="00000000000000000000000000000000000000000000000000000000000055aa", 0x20, 0xde0}, {&(0x7f0000010500)="f8ffff0fffffff0ff8ffff0fffffff0fffffff0fffffff0fffffff0fffffff0f", 0x20, 0x4000}, {&(0x7f0000010600)="f8ffff0fffffff0ff8ffff0fffffff0fffffff0fffffff0fffffff0fffffff0f", 0x20, 0x4200}, {&(0x7f0000010700)="53595a4b414c4c45522020080000e880325132510000e880325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100034e870325132510000e870325103000000000041660069006c00650031000f00100000ffffffffffffffffffff0000ffffffff46494c4531202020202020200034e870325132510000e870325105000a00000041660069006c00650032000f00140000ffffffffffffffffffff0000ffffffff46494c4532202020202020200034e870325132510000e870325106002823000041660069006c0065002e000f00d263006f006c0064000000ffff0000ffffffff46494c457e312020434f4c200034e870325132510000e8703251070064000000", 0x120, 0x4400}, {&(0x7f0000010900)="2e20202020202020202020100034e870325132510000e87032510300000000002e2e202020202020202020100034e870325132510000e870325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020200034e870325132510000e870325104001a040000", 0x80, 0x14400}, {&(0x7f0000010a00)='syzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkal\x00\x00\x00\x00\x00\x00', 0x420, 0x24400}, {&(0x7f0000010f00)='syzkallers\x00'/32, 0x20, 0x34400}, {&(0x7f0000011000)='syzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallers\x00'/128, 0x80, 0x54400}], 0x0, &(0x7f0000011100)) 12:47:20 executing program 5: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp, 0x0, 0x8, 0x0, 0x0, 0x6dc8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) pwritev(0xffffffffffffffff, &(0x7f0000000080)=[{0x0}], 0x1, 0x7fffffc, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = gettid() recvmsg$unix(r1, &(0x7f0000000300)={&(0x7f0000000400), 0x6e, &(0x7f0000000a80)=[{&(0x7f0000000480)=""/172, 0xac}, {&(0x7f0000000540)=""/131, 0x83}, {&(0x7f00000001c0)=""/44, 0x2c}, {&(0x7f0000000700)=""/225, 0xe1}, {&(0x7f0000000840)=""/94, 0x5e}, {&(0x7f00000008c0)=""/202, 0xca}, {&(0x7f00000009c0)=""/176, 0xb0}], 0x7, &(0x7f0000000240)=[@rights={{0x2c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0x30}, 0x2000) sendmsg$unix(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000800)="84", 0x8ec0}], 0xc0, &(0x7f0000000340)=[@rights={{0x14, 0x1, 0x1, [r1]}}, @cred={{0x1c, 0x1, 0x2, {r2}}}], 0x38}, 0x0) 12:47:20 executing program 3: r0 = syz_open_dev$mouse(&(0x7f0000000000), 0x1e, 0x81) mq_open(0x0, 0x0, 0x0, 0x0) socket$inet6(0xa, 0x0, 0x1c98) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x6dc8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$AUTOFS_DEV_IOCTL_READY(0xffffffffffffffff, 0xc0189376, 0x0) ioctl$AUTOFS_DEV_IOCTL_PROTOVER(0xffffffffffffffff, 0xc0189372, &(0x7f0000000600)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x2}}, './file0\x00'}) ioctl$AUTOFS_DEV_IOCTL_EXPIRE(r0, 0xc018937c, 0x0) io_submit(0x0, 0x0, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioprio_get$pid(0x2, 0xffffffffffffffff) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8001}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioprio_set$pid(0x3, 0x0, 0x4007) 12:47:20 executing program 4: syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000003400)={[{@journal_path={'journal_path', 0x2c}}]}) [ 149.105425] journal_path: not usable as path [ 149.106088] EXT4-fs: error: could not find journal device path [ 149.109605] journal_path: not usable as path [ 149.110169] EXT4-fs: error: could not find journal device path 12:47:20 executing program 4: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getpid() getpid() pipe2(&(0x7f0000000140), 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000440), 0xffffffffffffffff) 12:47:20 executing program 7: ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0) r0 = socket$inet6(0xa, 0x3, 0xff) connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @empty}, 0x1c) sendmmsg(r0, &(0x7f0000000c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x810) syz_open_dev$tty1(0xc, 0x4, 0x1) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) 12:47:21 executing program 7: socket$nl_generic(0x10, 0x3, 0x10) socket$netlink(0x10, 0x3, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x76, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f00000b0000)=nil, 0x0, 0x0) getsockopt(0xffffffffffffffff, 0x0, 0x3, 0x0, &(0x7f0000007300)) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000180)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0x10000000) pselect6(0x40, &(0x7f0000000100)={0x5f}, 0x0, 0x0, 0x0, 0x0) [ 150.230902] loop6: detected capacity change from 0 to 1348 12:47:22 executing program 4: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getpid() getpid() pipe2(&(0x7f0000000140), 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000440), 0xffffffffffffffff) 12:47:22 executing program 1: io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_TCP_MD5SIG(r0, 0x6, 0xe, &(0x7f00000000c0)={@in6={{0xa, 0x0, 0x0, @loopback}}, 0x0, 0x0, 0x44, 0x0, "704f5992d666aa2888e479ca552ee155f638582a91ca97213cf4774a2e4c350cdc3f9f62a4c21970bd149a52fa311b916bf00b51b808c412ed6b9fcbb5be4a2fb7dd8fd0dfa22b4100"}, 0xd8) setsockopt$inet6_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f00000018c0)=0x1, 0x4) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @loopback}, 0x1c) r1 = socket(0x11, 0x3, 0x4) setsockopt$inet6_tcp_TLS_TX(r1, 0x6, 0x1, &(0x7f0000000200)=@ccm_128={{0x303}, "9ea4184388e52d6f", "89f22edc3cd92189abaff362e2d637ee", "008a3503", "7feb260c022b5e63"}, 0x28) setsockopt$inet6_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f0000000000), 0x4) socket$unix(0x1, 0x5, 0x0) ioctl$LOOP_CHANGE_FD(0xffffffffffffffff, 0x4c06, r0) r2 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x258101, 0x0) setsockopt$inet6_tcp_TCP_MD5SIG(r0, 0x6, 0xe, &(0x7f0000000480)={@in6={{0xa, 0x4e23, 0x6, @private1={0xfc, 0x1, '\x00', 0x1}, 0x9}}, 0x0, 0x0, 0x2c, 0x0, "a5294180139273e40a4f4300ead5260bbb12a8169e37ae7a7a262ca89833e6c28a17a4eca7509f182dbe5a55444efcf08db3bf31aad51981f89f2a857f2e4c970bffac7732194c81162b457ca45bcf80"}, 0xd8) perf_event_open(&(0x7f0000000300)={0x3, 0x80, 0x53, 0x8, 0x6, 0x1, 0x0, 0x7, 0x10e44, 0x8, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x9cfb, 0x0, @perf_config_ext={0x2, 0x9}, 0x19940, 0x445, 0x7ff, 0x4, 0x0, 0xe9cf, 0x1d, 0x0, 0x7, 0x0, 0x7ff}, 0x0, 0x8, r2, 0x2) ioctl$CDROMREADTOCENTRY(0xffffffffffffffff, 0x125d, &(0x7f0000000000)) r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) fallocate(r3, 0x0, 0x0, 0x87ffffc) getsockopt$inet6_tcp_buf(r0, 0x6, 0x1c, &(0x7f0000000040)=""/42, &(0x7f00000001c0)=0x2a) 12:47:22 executing program 3: r0 = syz_open_dev$mouse(&(0x7f0000000000), 0x1e, 0x81) mq_open(0x0, 0x0, 0x0, 0x0) socket$inet6(0xa, 0x0, 0x1c98) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x6dc8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$AUTOFS_DEV_IOCTL_READY(0xffffffffffffffff, 0xc0189376, 0x0) ioctl$AUTOFS_DEV_IOCTL_PROTOVER(0xffffffffffffffff, 0xc0189372, &(0x7f0000000600)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x2}}, './file0\x00'}) ioctl$AUTOFS_DEV_IOCTL_EXPIRE(r0, 0xc018937c, 0x0) io_submit(0x0, 0x0, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioprio_get$pid(0x2, 0xffffffffffffffff) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8001}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioprio_set$pid(0x3, 0x0, 0x4007) 12:47:22 executing program 6: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x80000, 0xc, &(0x7f0000000200)=[{&(0x7f0000010000)="eb58906d6b66732e66617400028020000200000004f800002000400000000000000000000100000000000000020000000100060000000000000000000000000080002911f042f153595a4b414c4c4552202046415433322020200e1fbe777cac22c0740b56b40ebb0700cd105eebf032e4cd16cd19ebfe54686973206973206e6f74206120626f6f7461626c65206469736b2e2020506c6561736520696e73657274206120626f6f7461626c6520666c6f70707920616e640d0a707265737320616e79206b657920746f2074727920616761696e202e2e2e200d0a0000000000", 0xe0}, {&(0x7f0000010100)="00000000000000000000000000000000000000000000000000000000000055aa5252614100"/64, 0x40, 0x1e0}, {&(0x7f0000010200)="00000000727241610100000007000000000000000000000000000000000055aa", 0x20, 0x3e0}, {&(0x7f0000010300)="eb58906d6b66732e66617400028020000200000004f800002000400000000000000000000100000000000000020000000100060000000000000000000000000080002911f042f153595a4b414c4c4552202046415433322020200e1fbe777cac22c0740b56b40ebb0700cd105eebf032e4cd16cd19ebfe54686973206973206e6f74206120626f6f7461626c65206469736b2e2020506c6561736520696e73657274206120626f6f7461626c6520666c6f70707920616e640d0a707265737320616e79206b657920746f2074727920616761696e202e2e2e200d0a0000000000", 0xe0, 0xc00}, {&(0x7f0000010400)="00000000000000000000000000000000000000000000000000000000000055aa", 0x20, 0xde0}, {&(0x7f0000010500)="f8ffff0fffffff0ff8ffff0fffffff0fffffff0fffffff0fffffff0fffffff0f", 0x20, 0x4000}, {&(0x7f0000010600)="f8ffff0fffffff0ff8ffff0fffffff0fffffff0fffffff0fffffff0fffffff0f", 0x20, 0x4200}, {&(0x7f0000010700)="53595a4b414c4c45522020080000e880325132510000e880325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100034e870325132510000e870325103000000000041660069006c00650031000f00100000ffffffffffffffffffff0000ffffffff46494c4531202020202020200034e870325132510000e870325105000a00000041660069006c00650032000f00140000ffffffffffffffffffff0000ffffffff46494c4532202020202020200034e870325132510000e870325106002823000041660069006c0065002e000f00d263006f006c0064000000ffff0000ffffffff46494c457e312020434f4c200034e870325132510000e8703251070064000000", 0x120, 0x4400}, {&(0x7f0000010900)="2e20202020202020202020100034e870325132510000e87032510300000000002e2e202020202020202020100034e870325132510000e870325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020200034e870325132510000e870325104001a040000", 0x80, 0x14400}, {&(0x7f0000010a00)='syzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkal\x00\x00\x00\x00\x00\x00', 0x420, 0x24400}, {&(0x7f0000010f00)='syzkallers\x00'/32, 0x20, 0x34400}, {&(0x7f0000011000)='syzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallers\x00'/128, 0x80, 0x54400}], 0x0, &(0x7f0000011100)) 12:47:22 executing program 5: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp, 0x0, 0x8, 0x0, 0x0, 0x6dc8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) pwritev(0xffffffffffffffff, &(0x7f0000000080)=[{0x0}], 0x1, 0x7fffffc, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = gettid() recvmsg$unix(r1, &(0x7f0000000300)={&(0x7f0000000400), 0x6e, &(0x7f0000000a80)=[{&(0x7f0000000480)=""/172, 0xac}, {&(0x7f0000000540)=""/131, 0x83}, {&(0x7f00000001c0)=""/44, 0x2c}, {&(0x7f0000000700)=""/225, 0xe1}, {&(0x7f0000000840)=""/94, 0x5e}, {&(0x7f00000008c0)=""/202, 0xca}, {&(0x7f00000009c0)=""/176, 0xb0}], 0x7, &(0x7f0000000240)=[@rights={{0x2c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0x30}, 0x2000) sendmsg$unix(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000800)="84", 0x8ec0}], 0xc0, &(0x7f0000000340)=[@rights={{0x14, 0x1, 0x1, [r1]}}, @cred={{0x1c, 0x1, 0x2, {r2}}}], 0x38}, 0x0) 12:47:22 executing program 7: r0 = syz_io_uring_setup(0x1e53, &(0x7f0000000080), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000001440), &(0x7f0000000040)) [ 150.434493] loop6: detected capacity change from 0 to 1348 ioctl$BTRFS_IOC_SNAP_DESTROY_V2(0xffffffffffffffff, 0x5000943f, &(0x7f0000000200)={{}, 0x0, 0x0, @unused, @name="d89fabe8ed9d3692721b0896c26263c6076e51c462d1acd19b7c61b67610aa0d381bb54fa02d3defec8b656827844c718ac6c4162b70b3fc09bf710bf4b9cda417f6d459202f6f36bf640753174938594782ed6add4f535f61c9d2c61fc136f9ce6083a1f129241f05c9672852103a92b4c735539eeb6d3106cf414fe7fff0bcf96f8ce93066ef667f0c53df0ffbbd6348e596abaeecef8241a65d076ae2da86e41f357d61e25ab727af86dc356d4cea581d4dd2c626951d4967047a7029ef28a8e78c6e3e890015c0c3767e794c642b575fae3b2f8ec071a41b0c957f8bc081dd3425aa62b311a5eecf31844b69c525173919a7df6f442467d2495d6f84965c8d277c61947efb3e58c293acd46ed65599401d0226631a3ce49f9b3628aa89aceb79959b8327aa32aee48c915480db62b6eb5eabe20ab2174e85510a4d23d9f518d38db24f18b1a7c07f9559420d89c161e4b926f3b5f6b73833aea1f2c9c2927fe477415065f5f2fedf23cc043ac93f2d5af6736d7e545b1dab154f8a25fb2dcf972bdd7db204e7387c9ff671dae1c6d2fb03ff7f462e34c931bf1d10b2399a607cd1fa9e77f24dc41433ba3b3071eb7bc29facde8a82a0564690e2fd1b7eafb3f731352ae2b4b4092f7735aa08a2111b24903781b32f3d4811fb2f88cac2fba2849c3f8757b0bcaed42b2e56264c30dd475411f6cc516e6e4c29f9a8580ebc69228da51c92c853f736cc40f9c0a1bf4c4e1276841f00d8e610b1ba3c5cb6efe4c988638bd53666f0f4cf41cfe12fc3068dd9e5a0676751fc41832cbdf2b25252b242c03d41edfe61dc6f8c0190ad8703e55c05509e9286f8d8acf41d767662610dcca6c4294768d240c97103568fca01d1a9da12fc36906e609599ddae47015be3aa96a1ab6e41e682133cd4d79686f393ad564e30af0da6aa8794b03f7ff8bda754242eef7ded99d185d667480b801c4de7af4af1d7531696db527b722a3f4bff6391d603a98869be6fe2f338ad3276e84ad0219714bb834b7f5f359bc59b81a70dc09d7119ae4a9bf00b2b452e0ae138304a2b76d9f1630cdb951031ac305013c5b6f45183791ef4285f66f54267d9b6f453ccb1b011bbfcb13c6ae9e84aa6d8bd51ff8534c19b5d8f2a07a1870d4f9304b7f14c46db81fc894ecd90630cf72c383b99b20c55202dc6ce968318c98b6b59212f826654d1ab3adf1197ed3baf8047f0844cddeb488b858162f3cc10a27e10f30ade652b086d76f21c8d037b43976d2c02bd2ee574fbf1ea19b811fdedba8f8da153c2bcc6388d615fadccaf5a8145fc6effd86f8d3c04caa23901e0dd76cd48d925a6b521477278a029db8b65948f37153fe4d6333963df8c44b1589a4172d10f2b5ec6337f0df908ee657dcaa1c6c883257f4d372342f1391661979685a68d07cba5e3df0ab800bd64e08e87b332cec21dc49e0696c617c6811c28f3efbfa44077f2dac0aed6267ae4a4f65e0bec1e368065b94133315b450dfb046e37103f042ec37dd2978c17f5c99c2a92ebd28b0fa209f5afac2ae07419c141544c3e2f07eb207aa24a266e27a43f82eb191076b4f8d65d8b9deb339fb3573a8ac2f6cb0f8524c3fbf946c1dd19e3b1d92ae29bc84045561fd7af46d44b5009091d7c0d94690e2b26f828afddcc0b63b02f7accce8e52249936c48ff20d35cf94b686969b0085d0483a302140199b62edaa1c9172208d79f5ebb876ce2ff3dd5d0e6fa2334ccf5236c9d3408ed4460d3b44d8147c7d6d454947bbe1d09e75591078f815f8323326f7bfb7f230b80f1e3eeba9d57c84b93fb465e11f49c9e5fddc6e627dc09971db34e1e84189f0c16727578096a7eaff5b982f91c95f28171bdea8db0eb64a3ce904c09267f60aa87cab7cf7adb01edd0d18c3a2b85c23d47e62c336fe02e8946c028b423a11214a11541a0232818b643f6fcba98d64690b1938e06cdc27650a925a3dda561d88fdfe124713f6514446bf218a244d6365273244dee2d3e80f1cc752a9257dd738584836425816bfa1bf2f59ecc7be32f69697cf0951aa4f34e323cfd315d526e049e450dca60be279ecce5ccdbb92150d293de1fd9d2670d84b95e76cddd403d2ab3774ca3b715f6231444e28b4ecf9a0d233c7cad179683f3a347dd7a81b8f9d4ecfda56746614d0a2c062fb89592c3199ec940c3482fa2339da8627dd814925554a916ba677bca470a41598c175853b485ba99a2890c106b032dba62999b8c4a5e2bca5705f333597730c46b1cc7d58a23f015209ff785602bd18d1c4601c3db15c319592f81bc6869b02c9a308bc2d4a3e0113be42aa736525ed45f22472095f692425fea25d8d1f4bc58b982063188c6c352286182514c11957aea21917ff8fba1e1769f176f105cc747d899a979979ac9474726001e01c6179805bee63727882b0df7f05a225926ec1bb07b4887e1ad3a746a7b690063ce8c7a38f99acf8be0368c4996667b52e6b6c96b2b22053dbb555f1d8d0db6d8d583c76d791b90404826242979f07bb63d36a41669b29c46de28561ed10679aa1eafa921dc972c7948797b19ea7a3889c2fc53f9dacb13d02b359010ddac48cf7a76ee8d85049cc4884a081afa50e2f4bfa7a9788fa382d1db65ab4ba6991675c8f33c339e2848d76e12baa2886833195b722faf10e2a023a8dcb931252928da1bb7ceb0a2cf87d95719582aa662ca9cffd547f0e514c89243e120033b4ed9a76240b58f28f2a0c9538e82dd037360222d9ddfa66ff3ceb7ef27d54156bda0a5d0757b6b89abce1abcdc796a6f3eb661f8b2d220dbf576f8bb1621dbca76bacb7ecac9c11253d867c2d1bba3cf9fad7c65d73ebf1f2ffd32b03e14b988275847c811492138aea789c11f7ae0797719a9ce64403350a874f9cd38cb4ece7d3eade32a77f178d7b73a9bdbe2c6ccf895368feb7b62532d69c05768534d80e7fee1d839ba214a17e5d75777d95736c3cf5d045cf22d5d2f11bff104f71fa17e44863c8d222b2179786fdf80dcf1bcf3a3427be8bbc1d65131e7a0bed5f2d23aabd0c1cdeff7b3a33804dccf8710bcff70332b6543e60906841d93e0cbe136c6cdddcaaa47e18c715f26ce1e4835f67ea850e826bbd2470e7cc4c978bf22c488d38c03aaba15b833cee48af87104d313261a560d0fabe74c70620ace185d95067518b0dd01f477fc8b7d8b0d660c01a348af77d7844bc753dc9f2b250a2d2610dbcf01e0c150508f28f8d4a1a4a3d0e737b50f0fe9d2daa2363253086690e09788efc1566a0f1997d00d14cb30cb98e0c6659a0edaf34a00b9546500366e3fdd5c63c30a14650d12a959f6e3a1e9b3fc3ae5a8a1a4d5535f55a12ca6855664ed9c94d0cbca7b48ed7f59e6252e71102d2471ccd0a38bedcdb04698259fadf8369db1e2251a8868f2da8a511bc8b07d0ab47ecd15b7cab2d783633a7cd054bd05beeaaa09f2d8faa5cb1c679c0bb63219bb8d856412c7850f433a8c6969eecf1ce46144146a49fa8fd5ead7742b479b07a22efe2349caf8685767b13439a63e0bed41d224cdb27b7f25d78b52f8bec06fa364fe08ddf709409edf6ebb00a15adb5abae03d56bd4e682d302dbdf20d908642f96cd18721441f470810b9e30b61719d183a7a7b637ea8cce30edc72d5dfa6f98192938735f490809b1346a70b3253bc452053cffd4712688c2620a405fded49c24af1b92384fa5569880b9d2a111c3402f6f1c2ed73fad916b097870edd8e976b09210f2b23cde73c82a163ecee5edb17ac34c22c5394f85c128afc6c969d7d2dad6d876da5d2b321f2a46949a86bfc9ca8774701d2a8aeeadb13d417288c52b337ac274ff80c65cc115ebbbd2476afe81aa79f44310d7f12cb595b16d2725f6059ffd6309b2c7786a9bd76fd7246d863fcee2b0d7e307d34274854f695ae3f08b7161ad6c90f8cb9b847342f759e3d7e1f35fa5a6868675ceda6f0f710032c32e19c0f9dbbcb3ce6a8ece0c696641246a416f74f5502f3c1f081bec61e979bf3253a2652bfff1ac7a1272a07ec44bfba6e9487ff32800e1b988952a8ae8af3341ca4af974123b193a1204dca26d9ac4ba30c4209b2ade32a0b2cbf6e1148c13312e0c4ad9fba3d3c2f27387796666e58c1633018b303cb0c07c37d0cddb4b4751677281c2d1cf96d5c58f92c39f2f13027b1d284805f2cba15949e1d45d351953e5d5c9a513849cb81507a3904b521337f0217603d77564be14fdfcbda58f86cb8be237d11f14407485b07535d7034418564884f3365b6c892726de3f836b5a589b4a8edd50193a7a0f7ad01fc4488e902a9ef057c941bf445b3fd7649211bc2d221fd7f69bb92e3b64785c014047470474bd5fa2d91a6146ac4247bce48931079ede1efa7bc7ab5063a27fcd1fbe96e27f2fca1c1d5c6962aa9d5fa778fa9adc33c9b913fc15f7cc6992aad740945e3616351ee0f6e53df41933dde5079c3092d3a2d9628f9b603e3fe2810efae60fbbd8e5443465c9d4c0891fd081e9ff7f0fc58a934b9339eee42aecebf5089f9e4d8d6747f2e95991f8e006ef71973c53c21e0e5678ed5b8a4b5a2ceaf2989e65897013ad0953a4f0a63186f57b79c202a647e2d4b2e14a3e8fd453cbe2ab560a4a18aea87121a4d668244c79de0caadd1af0cc22e11e697a97cfbcc165ff4c35e2cc0b68b8683ec6ecb751ec59e5ef7c08539f9d701e2503d52f17111fce919266a71762e7cd8de5e4d116e68326364ce702d8c712695285fc1d1b1a6b2a6ac8ffe94fb601014e091fd5b20cd9b0104907432c9b5a15e8f8edd6ec95b88b4fdb8d3cd96f3f9a72e4d13c7904ab0a03c277f71011da93c44fccc2269c43272b06710247982a92ccba695a2c446b88ba18635e3d1044251244e6332a9d95cde5a56958447dbb4c75f276795477d3a43ce1689887db592d0393a4fcbca85c0b5cf684873fa9815720fc3d16510dff7eaccf9395baeca8ad2767e21ab8ff5ce15f4e19d9496d04ef910bbac7a420a72df2a772bd99717940b7799bf7b710190d1fac5837191528d3ea0ad4e1b1901f9a18a01bb896b17b3c04f7dcf45be138abf9276d2acaa274e683e317d22cd4b6ae555c1e49dfe882fc0e016b94464bbe866a4ea22f86cbfe6ed5dbac23fc5b9ed685c3634a782d061b3cc81999a6d1d0223ea174a63484659bd42d542dad5128ca477dfead13cf0bf9c9ad484a987a44f25108373557b2ebf5f40bfc0e0ae380cd5833a550204213f13e1c1d0cd9f964291f9c9792295a2ea18e74ee8493d2158f67c2d93211587ad143425c09242cb7680372f89eb667d23e6bf8add7daa2aff93befc92661a2381cb75e3b20986008e68e68a778daee527281e8f001ea3ae95b606f13a36c94013ddd7536a6b2992947cb4035d9048c5ad2d2b059a1e628a85561e2cb668e9202845e356500cca329bdffa2102e659f05202cab2863e9d65afaae9f6f4ffe7d84bf2513b76a9e0e800db99f75ccf2510926d27626b80e24586863853f6f5267ea68e86dab68e4625aea0c678f6fb2309544e229806a86ffb7c09f47f51443a5a28a9eaa5d6b3ecd1fb95dae251510fb9d98dfad7f5f301ba17b3e380a0ffc691b3d7af0291729760deb95581df506224361fb5ef1d018b3aa747326e0c42e836f169a7c4bdb194c5d656bf5feb2a250f3ecb5147ed50ecf37ba2a7a6908"}) io_uring_register$IORING_REGISTER_FILES(r0, 0x19, &(0x7f00000002c0), 0x0) 12:47:22 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$NL80211_CMD_GET_REG(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000380)={0x14, r1, 0x321}, 0x14}}, 0x0) 12:47:22 executing program 2: r0 = syz_io_uring_setup(0x7645, &(0x7f00000001c0), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000240), &(0x7f0000000280)) io_uring_enter(r0, 0x0, 0x6bde, 0x3, 0x0, 0x0) 12:47:22 executing program 3: r0 = syz_open_dev$mouse(&(0x7f0000000000), 0x1e, 0x81) mq_open(0x0, 0x0, 0x0, 0x0) socket$inet6(0xa, 0x0, 0x1c98) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x6dc8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$AUTOFS_DEV_IOCTL_READY(0xffffffffffffffff, 0xc0189376, 0x0) ioctl$AUTOFS_DEV_IOCTL_PROTOVER(0xffffffffffffffff, 0xc0189372, &(0x7f0000000600)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x2}}, './file0\x00'}) ioctl$AUTOFS_DEV_IOCTL_EXPIRE(r0, 0xc018937c, 0x0) io_submit(0x0, 0x0, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioprio_get$pid(0x2, 0xffffffffffffffff) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8001}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioprio_set$pid(0x3, 0x0, 0x4007) 12:47:22 executing program 7: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getpid() getpid() pipe2(&(0x7f0000000140), 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000440), 0xffffffffffffffff) 12:47:22 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$NL80211_CMD_GET_REG(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000380)={0x14, r1, 0x321}, 0x14}}, 0x0) 12:47:22 executing program 6: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x80000, 0xc, &(0x7f0000000200)=[{&(0x7f0000010000)="eb58906d6b66732e66617400028020000200000004f800002000400000000000000000000100000000000000020000000100060000000000000000000000000080002911f042f153595a4b414c4c4552202046415433322020200e1fbe777cac22c0740b56b40ebb0700cd105eebf032e4cd16cd19ebfe54686973206973206e6f74206120626f6f7461626c65206469736b2e2020506c6561736520696e73657274206120626f6f7461626c6520666c6f70707920616e640d0a707265737320616e79206b657920746f2074727920616761696e202e2e2e200d0a0000000000", 0xe0}, {&(0x7f0000010100)="00000000000000000000000000000000000000000000000000000000000055aa5252614100"/64, 0x40, 0x1e0}, {&(0x7f0000010200)="00000000727241610100000007000000000000000000000000000000000055aa", 0x20, 0x3e0}, {&(0x7f0000010300)="eb58906d6b66732e66617400028020000200000004f800002000400000000000000000000100000000000000020000000100060000000000000000000000000080002911f042f153595a4b414c4c4552202046415433322020200e1fbe777cac22c0740b56b40ebb0700cd105eebf032e4cd16cd19ebfe54686973206973206e6f74206120626f6f7461626c65206469736b2e2020506c6561736520696e73657274206120626f6f7461626c6520666c6f70707920616e640d0a707265737320616e79206b657920746f2074727920616761696e202e2e2e200d0a0000000000", 0xe0, 0xc00}, {&(0x7f0000010400)="00000000000000000000000000000000000000000000000000000000000055aa", 0x20, 0xde0}, {&(0x7f0000010500)="f8ffff0fffffff0ff8ffff0fffffff0fffffff0fffffff0fffffff0fffffff0f", 0x20, 0x4000}, {&(0x7f0000010600)="f8ffff0fffffff0ff8ffff0fffffff0fffffff0fffffff0fffffff0fffffff0f", 0x20, 0x4200}, {&(0x7f0000010700)="53595a4b414c4c45522020080000e880325132510000e880325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100034e870325132510000e870325103000000000041660069006c00650031000f00100000ffffffffffffffffffff0000ffffffff46494c4531202020202020200034e870325132510000e870325105000a00000041660069006c00650032000f00140000ffffffffffffffffffff0000ffffffff46494c4532202020202020200034e870325132510000e870325106002823000041660069006c0065002e000f00d263006f006c0064000000ffff0000ffffffff46494c457e312020434f4c200034e870325132510000e8703251070064000000", 0x120, 0x4400}, {&(0x7f0000010900)="2e20202020202020202020100034e870325132510000e87032510300000000002e2e202020202020202020100034e870325132510000e870325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020200034e870325132510000e870325104001a040000", 0x80, 0x14400}, {&(0x7f0000010a00)='syzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkal\x00\x00\x00\x00\x00\x00', 0x420, 0x24400}, {&(0x7f0000010f00)='syzkallers\x00'/32, 0x20, 0x34400}, {&(0x7f0000011000)='syzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallers\x00'/128, 0x80, 0x54400}], 0x0, &(0x7f0000011100)) 12:47:22 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$NL80211_CMD_GET_REG(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000380)={0x14, r1, 0x321}, 0x14}}, 0x0) 12:47:22 executing program 5: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp, 0x0, 0x8, 0x0, 0x0, 0x6dc8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) pwritev(0xffffffffffffffff, &(0x7f0000000080)=[{0x0}], 0x1, 0x7fffffc, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = gettid() recvmsg$unix(r1, &(0x7f0000000300)={&(0x7f0000000400), 0x6e, &(0x7f0000000a80)=[{&(0x7f0000000480)=""/172, 0xac}, {&(0x7f0000000540)=""/131, 0x83}, {&(0x7f00000001c0)=""/44, 0x2c}, {&(0x7f0000000700)=""/225, 0xe1}, {&(0x7f0000000840)=""/94, 0x5e}, {&(0x7f00000008c0)=""/202, 0xca}, {&(0x7f00000009c0)=""/176, 0xb0}], 0x7, &(0x7f0000000240)=[@rights={{0x2c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0x30}, 0x2000) sendmsg$unix(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000800)="84", 0x8ec0}], 0xc0, &(0x7f0000000340)=[@rights={{0x14, 0x1, 0x1, [r1]}}, @cred={{0x1c, 0x1, 0x2, {r2}}}], 0x38}, 0x0) 12:47:22 executing program 4: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getpid() getpid() pipe2(&(0x7f0000000140), 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000440), 0xffffffffffffffff) 12:47:22 executing program 3: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp, 0x0, 0x8, 0x0, 0x0, 0x6dc8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) pwritev(0xffffffffffffffff, &(0x7f0000000080)=[{0x0}], 0x1, 0x7fffffc, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = gettid() recvmsg$unix(r1, &(0x7f0000000300)={&(0x7f0000000400), 0x6e, &(0x7f0000000a80)=[{&(0x7f0000000480)=""/172, 0xac}, {&(0x7f0000000540)=""/131, 0x83}, {&(0x7f00000001c0)=""/44, 0x2c}, {&(0x7f0000000700)=""/225, 0xe1}, {&(0x7f0000000840)=""/94, 0x5e}, {&(0x7f00000008c0)=""/202, 0xca}, {&(0x7f00000009c0)=""/176, 0xb0}], 0x7, &(0x7f0000000240)=[@rights={{0x2c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0x30}, 0x2000) sendmsg$unix(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000800)="84", 0x8ec0}], 0xc0, &(0x7f0000000340)=[@rights={{0x14, 0x1, 0x1, [r1]}}, @cred={{0x1c, 0x1, 0x2, {r2}}}], 0x38}, 0x0) [ 150.712155] loop6: detected capacity change from 0 to 1348 12:47:22 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$NL80211_CMD_GET_REG(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000380)={0x14, r1, 0x321}, 0x14}}, 0x0) 12:47:22 executing program 3: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp, 0x0, 0x8, 0x0, 0x0, 0x6dc8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) pwritev(0xffffffffffffffff, &(0x7f0000000080)=[{0x0}], 0x1, 0x7fffffc, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = gettid() recvmsg$unix(r1, &(0x7f0000000300)={&(0x7f0000000400), 0x6e, &(0x7f0000000a80)=[{&(0x7f0000000480)=""/172, 0xac}, {&(0x7f0000000540)=""/131, 0x83}, {&(0x7f00000001c0)=""/44, 0x2c}, {&(0x7f0000000700)=""/225, 0xe1}, {&(0x7f0000000840)=""/94, 0x5e}, {&(0x7f00000008c0)=""/202, 0xca}, {&(0x7f00000009c0)=""/176, 0xb0}], 0x7, &(0x7f0000000240)=[@rights={{0x2c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0x30}, 0x2000) sendmsg$unix(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000800)="84", 0x8ec0}], 0xc0, &(0x7f0000000340)=[@rights={{0x14, 0x1, 0x1, [r1]}}, @cred={{0x1c, 0x1, 0x2, {r2}}}], 0x38}, 0x0) 12:47:22 executing program 4: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getpid() getpid() pipe2(&(0x7f0000000140), 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000440), 0xffffffffffffffff) 12:47:22 executing program 7: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getpid() getpid() pipe2(&(0x7f0000000140), 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000440), 0xffffffffffffffff) 12:47:23 executing program 5: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp, 0x0, 0x8, 0x0, 0x0, 0x6dc8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) pwritev(0xffffffffffffffff, &(0x7f0000000080)=[{0x0}], 0x1, 0x7fffffc, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = gettid() recvmsg$unix(r1, &(0x7f0000000300)={&(0x7f0000000400), 0x6e, &(0x7f0000000a80)=[{&(0x7f0000000480)=""/172, 0xac}, {&(0x7f0000000540)=""/131, 0x83}, {&(0x7f00000001c0)=""/44, 0x2c}, {&(0x7f0000000700)=""/225, 0xe1}, {&(0x7f0000000840)=""/94, 0x5e}, {&(0x7f00000008c0)=""/202, 0xca}, {&(0x7f00000009c0)=""/176, 0xb0}], 0x7, &(0x7f0000000240)=[@rights={{0x2c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0x30}, 0x2000) sendmsg$unix(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000800)="84", 0x8ec0}], 0xc0, &(0x7f0000000340)=[@rights={{0x14, 0x1, 0x1, [r1]}}, @cred={{0x1c, 0x1, 0x2, {r2}}}], 0x38}, 0x0) 12:47:23 executing program 1: r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x76, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x200000b, 0x11, r0, 0x0) 12:47:23 executing program 0: timer_create(0x3, 0x0, &(0x7f0000000480)) clock_gettime(0x0, &(0x7f0000000040)={0x0, 0x0}) timer_settime(0x0, 0x0, &(0x7f0000000100)={{0x77359400}, {0x0, r0+60000000}}, 0x0) timer_gettime(0x0, &(0x7f0000000000)) 12:47:23 executing program 7: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getpid() getpid() pipe2(&(0x7f0000000140), 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000440), 0xffffffffffffffff) 12:47:23 executing program 6: syz_genetlink_get_family_id$nbd(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$NBD_CMD_RECONFIGURE(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, 0x0}, 0x0) rt_sigpending(&(0x7f0000000180), 0x8) syz_genetlink_get_family_id$nl802154(&(0x7f0000000440), 0xffffffffffffffff) 12:47:23 executing program 3: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp, 0x0, 0x8, 0x0, 0x0, 0x6dc8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) pwritev(0xffffffffffffffff, &(0x7f0000000080)=[{0x0}], 0x1, 0x7fffffc, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = gettid() recvmsg$unix(r1, &(0x7f0000000300)={&(0x7f0000000400), 0x6e, &(0x7f0000000a80)=[{&(0x7f0000000480)=""/172, 0xac}, {&(0x7f0000000540)=""/131, 0x83}, {&(0x7f00000001c0)=""/44, 0x2c}, {&(0x7f0000000700)=""/225, 0xe1}, {&(0x7f0000000840)=""/94, 0x5e}, {&(0x7f00000008c0)=""/202, 0xca}, {&(0x7f00000009c0)=""/176, 0xb0}], 0x7, &(0x7f0000000240)=[@rights={{0x2c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0x30}, 0x2000) sendmsg$unix(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000800)="84", 0x8ec0}], 0xc0, &(0x7f0000000340)=[@rights={{0x14, 0x1, 0x1, [r1]}}, @cred={{0x1c, 0x1, 0x2, {r2}}}], 0x38}, 0x0) 12:47:23 executing program 4: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$sock_bt_hci(r0, 0x400448cb, 0x0) 12:47:23 executing program 2: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x8, 0x0, 0x0, 0x6dc8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) pwritev(0xffffffffffffffff, 0x0, 0x0, 0x7fffffc, 0x0) ioctl$BLKFRASET(0xffffffffffffffff, 0x1264, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x100000) io_setup(0xd29, &(0x7f0000000780)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x1255c2, 0x0) io_submit(r0, 0x1, &(0x7f0000000040)=[&(0x7f0000000200)={0x0, 0x0, 0x0, 0x8, 0x0, r1}]) r2 = openat(0xffffffffffffffff, &(0x7f0000000040)='./file1\x00', 0x1c5042, 0x54) write(r2, &(0x7f0000000240)='E', 0x1) openat(r1, &(0x7f0000000140)='./file1\x00', 0x14000, 0x40) getegid() perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa) 12:47:23 executing program 0: timer_create(0x3, 0x0, &(0x7f0000000480)) clock_gettime(0x0, &(0x7f0000000040)={0x0, 0x0}) timer_settime(0x0, 0x0, &(0x7f0000000100)={{0x77359400}, {0x0, r0+60000000}}, 0x0) timer_gettime(0x0, &(0x7f0000000000)) 12:47:23 executing program 0: timer_create(0x3, 0x0, &(0x7f0000000480)) clock_gettime(0x0, &(0x7f0000000040)={0x0, 0x0}) timer_settime(0x0, 0x0, &(0x7f0000000100)={{0x77359400}, {0x0, r0+60000000}}, 0x0) timer_gettime(0x0, &(0x7f0000000000)) 12:47:23 executing program 2: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x8, 0x0, 0x0, 0x6dc8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) pwritev(0xffffffffffffffff, 0x0, 0x0, 0x7fffffc, 0x0) ioctl$BLKFRASET(0xffffffffffffffff, 0x1264, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x100000) io_setup(0xd29, &(0x7f0000000780)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x1255c2, 0x0) io_submit(r0, 0x1, &(0x7f0000000040)=[&(0x7f0000000200)={0x0, 0x0, 0x0, 0x8, 0x0, r1}]) r2 = openat(0xffffffffffffffff, &(0x7f0000000040)='./file1\x00', 0x1c5042, 0x54) write(r2, &(0x7f0000000240)='E', 0x1) openat(r1, &(0x7f0000000140)='./file1\x00', 0x14000, 0x40) getegid() perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa) 12:47:23 executing program 1: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x8, 0x0, 0x0, 0x6dc8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) pwritev(0xffffffffffffffff, 0x0, 0x0, 0x7fffffc, 0x0) ioctl$BLKFRASET(0xffffffffffffffff, 0x1264, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x100000) io_setup(0xd29, &(0x7f0000000780)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x1255c2, 0x0) io_submit(r0, 0x1, &(0x7f0000000040)=[&(0x7f0000000200)={0x0, 0x0, 0x0, 0x8, 0x0, r1}]) r2 = openat(0xffffffffffffffff, &(0x7f0000000040)='./file1\x00', 0x1c5042, 0x54) write(r2, &(0x7f0000000240)='E', 0x1) openat(r1, &(0x7f0000000140)='./file1\x00', 0x14000, 0x40) getegid() perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa) 12:47:23 executing program 5: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x8, 0x0, 0x0, 0x6dc8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) pwritev(0xffffffffffffffff, 0x0, 0x0, 0x7fffffc, 0x0) ioctl$BLKFRASET(0xffffffffffffffff, 0x1264, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x100000) io_setup(0xd29, &(0x7f0000000780)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x1255c2, 0x0) io_submit(r0, 0x1, &(0x7f0000000040)=[&(0x7f0000000200)={0x0, 0x0, 0x0, 0x8, 0x0, r1}]) r2 = openat(0xffffffffffffffff, &(0x7f0000000040)='./file1\x00', 0x1c5042, 0x54) write(r2, &(0x7f0000000240)='E', 0x1) openat(r1, &(0x7f0000000140)='./file1\x00', 0x14000, 0x40) getegid() perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa) 12:47:23 executing program 7: r0 = syz_open_dev$tty20(0xc, 0x4, 0x1) ioctl$VT_GETSTATE(r0, 0x560d, &(0x7f0000000040)) 12:47:23 executing program 3: syz_emit_ethernet(0x66, &(0x7f0000000000)={@local, @multicast, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "2ddc20", 0x30, 0x2f, 0x0, @remote, @local, {[], @pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "f2e2a6", 0x0, 0x0, 0x0, @private1, @rand_addr=' \x01\x00'}}}}}}}, 0x0) 12:47:23 executing program 6: syz_emit_ethernet(0x6e, &(0x7f0000000080)={@local, @broadcast, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "2cf627", 0x38, 0x3a, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @local, {[], @time_exceed={0x3, 0x0, 0x0, 0x0, '\x00', {0x0, 0x6, "59b65b", 0x0, 0x88, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @mcast1, [], "f2551ef03e40d2ed"}}}}}}}, 0x0) 12:47:23 executing program 7: r0 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0) ioctl$SCSI_IOCTL_SEND_COMMAND(r0, 0x1, 0x0) [ 151.541942] program syz-executor.7 is using a deprecated SCSI ioctl, please convert it to SG_IO VM DIAGNOSIS: 12:47:13 Registers: info registers vcpu 0 RAX=0000000000000020 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff824f8615 RDI=ffffffff87f0bdc0 RBP=ffffffff87f0bd80 RSP=ffff8880435d7650 R8 =0000000000000001 R9 =000000000000000a R10=0000000000000020 R11=0000000000000001 R12=0000000000000020 R13=ffffffff87f0bd80 R14=0000000000000010 R15=ffffffff824f8600 RIP=ffffffff824f866d RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 00007fbce196f700 00000000 00000000 GS =0000 ffff88806ce00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=0000000020002500 CR3=000000000fde4000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=00000000000000000000000000000000 XMM01=00007fbce44e07c000007fbce44e07c8 XMM02=00007fbce44e07e000007fbce44e07c0 XMM03=00007fbce44e07c800007fbce44e07c0 XMM04=ffffffffffffffffffffffff00000000 XMM05=00000000000000000000000000000000 XMM06=0000000000000000000000524f525245 XMM07=00000000000000000000000000000000 XMM08=000000000000000000524f5252450040 XMM09=00000000000000000000000000000000 XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000 info registers vcpu 1 RAX=ffffffff8180455a RBX=ffffffff813a70c0 RCX=ffffffff8611d301 RDX=1ffff11008749eac RSI=ffffffff8180455a RDI=ffff888043a4f5d0 RBP=ffff888043a4f5a0 RSP=ffff888043a4f500 R8 =ffffffff8611d3c8 R9 =ffff888043a4f548 R10=0000000000038001 R11=0000000000000001 R12=ffff888043a4f5d0 R13=0000000000000000 R14=ffff888043a39ac0 R15=ffff88800f0a1850 RIP=ffffffff813a70c4 RFL=00000286 [--S--P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 0000000000000000 00000000 00000000 GS =0000 ffff88806cf00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007fb5669f3718 CR3=000000000efd4000 CR4=00350ee0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=00000000000000000000000000000000 XMM01=ffffffffffffffffffffffffffffffff XMM02=00000000000000000000000000000000 XMM03=00000000000000000000000000000000 XMM04=000000000000000000000000000000ff XMM05=00000000000000000000000000000000 XMM06=0000000000000000000000524f525245 XMM07=00000000000000000000000000000000 XMM08=000000000000000000524f5252450040 XMM09=00000000000000000000000000000000 XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000