dc37fb3c53ae93c84c8d672966737a175f5ea5f0a2f761f7354e959c10f2c3eaf9e837e9a5b271bafef6e7ca081c37d20e853a785118eaea5272f061e42f07a97b709a401bd70fce8fd726e85fe7758e5fc70eeb4d67c8df9c2b405ebe206cbac024749e4442d6b3e64a0e9191e9f5df38316738e3b3e57597e5f3eeac283b810be65b33322f6b624ce566ca5ee517e39941605b80cd2a9ce96f80078ac062342cae9f8592349ea8f4103e9e5333166ef61025fd3ac603eb403a4e66cd78192ab998e8780e0bec06d6a61f644a515352370a5caffbe7e6362935da3cc3438a24dda8f8f25f672d24328352f6a3b376c47bcb98a4463a20a767693f204709f99e2dc9665a761b06b98554d5e73272d719c2d564253cab52e6cfdd08587d297f6cfd770630d61625382d08c88748ae714a0cd1f8ae68d22df28dc65eb802e43e6f9894616a09c9967004ff9a8f6c48c9da293320c87ae9c37a8b3c8d50ebe64ce53f0c26ed4b47471465a2187c3564aaa72e3b8fc2a68d00c25602539d269179acbb4b814cfcf6ced042fbaf5b6515bec038db88f4261afe7eac960e90537ff1984bf13697578c93093f74eac135c4dac38bfdb0577eb9b5a5cc098bf91c0cf0a568f94e864cc9deb63f7c602ac678e4a063217608dd2fac331765e17227484e38632fda38f337bdb9623f51336ca5f2b91368b25ba171100c2ca78f4a738a6501160af1e17a7e183c7aa393f0b94a314b438bf0469e6bbb8c4069b45141ac190266e8756c57a929744c8a5601aaff497eb2e9466a58588c28afe974a7bd5be408cdbae965a199e709b0c3f3d8c4cab951d53cf10cdef153dc1b85f5aa2d27bda611246f73770eb11007f366f3c365fdac44e4fdc8e4ad3f7d63fb3f286ff94ea490662434741847ffb93ecd5cba5e638731f6c3d265e6e02043335c948b6cbe3a31d31ca4cb36e88e55d37f6e77c80e506059dc83ff1f6b2f347fd3a9e1a17f9be8ff9cf49a556d9cefda9a1ce312eb28d6d032323a323f759b326a0c5302faef87bf55a9384991f9187e2f3f583e2ce879c48a5b051dd4a628e247dcf4cfda1e68b2ed448f3f19041c6a45e27e89f85b113c082ba77d695976c9096169d375ebe42b04ff518a71923260cdffa295fe510cc29771543ddf53a927c7194434242726abdba6d2857cbeab02e0175b341f5fd3665e2fa0c1404e73f0e43be1bd68e61b3b976727e4aad831f06d281c0441807b764aac1fcaf581ee104be31d42d2fb234a14d4df09e56d852c8388d6e0445a7588148c07a20ad4c617f6cf41f8cefc1b9260cd9cfc56e520ddc2c9dc5447e86e519b968e8fb074cae2236a54c4ae4d5d864728cb4633d0d24cfc080e8c49aed678c243819b18c49f4377c1ae5cbea774571c2e29080282704b8ed02112c332ca10b37bc336c73d90270e82bf4ad777dab05ce1e79826131b13a37ca1cf93651c180a6bfe45e4e50da86462ef6f2f615560c255f58534a8d5d7f4d0d94d73d90d5b34e12efdbd89f714d3f448f1cd6280e6fa8ba811f74193fb5b34bf37ee378fd8067c18e292a9653a4d53a1c0353669c447d9adb8fdbbf207e09d861209ab720c8135d2e370ea42e541aed43606a768f1e3a255493e410c4511f6e266c084e46ab56d2c6b329556f9d340e3bbe911155fedb526eeacba98b9efba9afa4aa3380d9f3fbeefd8726b1587eff19afa590dddc512a540a0b86730d6e6d05270f3325b4f2bd50ac397cc12756b025d30d914faad365bc99ad1026ca0322011e4f09d372a82150a2845b5cddf193ce04cf405e6b47fb1acc51c110f95864bcd9a37d0b7345b0152c85b93eebd851e206a7c65b80ca5c16ce2d4bfa8c44775db9805318793fd8734fbd0db40e448d3d33cfb9862046c2ac0f7d60826542b3374da47260a4100a87db81f24dad84f03995556ea7c1d96bb32e6af13ab1dcbdd9a1b477272f0ef5617117485fb684970fcfeedd7770bd2c04476a34b0fe5e444d388136a006237e0349ce869d35e562a078ee730c01087f3a92add9737112e75031abd77738e8e76663d1faa7cf5d17802e165ded074c72368c80962d83da4f4321a76d0588ae4dd9ac18ec8b214f329a24d933d472f2e35bb77", 0x1000, 0x100000000}, {&(0x7f0000001580)="622887b4d8659e60e8f83ce12aee0e0083fe05c67e6cef48237797bc6d84c9ba45a17d430e62208fff3479ea4afa1bf8be17dfffa135239aa790f7cb1168ce40f427fb8e40d9308118376a72a433820c5d4eb6bc058ab66c1b6910065a9606070b4cdec8a3f2fe87fe16a914750bebb4f782ec2899cf90d433c857791e97ff716ef5e81cdba017f457780e0d3a0dfb70a735c7e5758bc0e74c79cc4296e4d50b480b583ad07e", 0xa6}], 0x4000, &(0x7f0000001700)={[{@mode={'mode', 0x3d, 0x63}}, {@nr_inodes={'nr_inodes', 0x3d, [0x74, 0x67, 0x6b, 0x6d, 0x30, 0x0]}}], [{@euid_eq}, {@seclabel}, {@audit}, {@mask={'mask', 0x3d, '^MAY_WRITE'}}, {@smackfsfloor={'smackfsfloor', 0x3d, 'proc\x00'}}]})

08:58:44 executing program 0:
perf_event_open$cgroup(&(0x7f0000000c00)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

[ 2516.057964] Call Trace:
[ 2516.058391]  <TASK>
[ 2516.058687]  ? x86_pmu_start+0x1c0/0x240
[ 2516.059476]  x86_pmu_enable+0x580/0xd90
[ 2516.060035]  ? amd_pmu_disable_virt+0xa0/0xa0
[ 2516.060682]  ctx_resched+0x2b9/0x3a0
[ 2516.061213]  __perf_install_in_context+0x285/0xa40
[ 2516.061910]  ? ctx_resched+0x3a0/0x3a0
[ 2516.062445]  remote_function+0x125/0x1b0
[ 2516.063013]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 2516.063788]  ? perf_duration_warn+0x40/0x40
[ 2516.064358]  generic_exec_single+0x203/0x300
[ 2516.064954]  smp_call_function_single+0x189/0x460
[ 2516.065667]  ? perf_duration_warn+0x40/0x40
[ 2516.066251]  ? generic_exec_single+0x300/0x300
[ 2516.066864]  ? perf_duration_warn+0x40/0x40
[ 2516.067437]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 2516.068180]  ? lock_is_held_type+0xd7/0x130
[ 2516.068770]  perf_install_in_context+0x4da/0x590
[ 2516.069443]  ? list_add_event+0xeb0/0xeb0
[ 2516.069986]  ? ctx_resched+0x3a0/0x3a0
[ 2516.070506]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 2516.071273]  ? exclusive_event_installable+0x254/0x320
[ 2516.072028]  __do_sys_perf_event_open+0x1bf0/0x3040
[ 2516.072716]  ? __up_read+0x192/0x710
[ 2516.073213]  ? perf_remove_from_context+0x260/0x260
[ 2516.073987]  ? up_write+0x460/0x460
[ 2516.074528]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2516.075274]  do_syscall_64+0x3b/0x90
[ 2516.075808]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2516.076610] RIP: 0033:0x7f750a357b19
[ 2516.077172] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2516.079898] RSP: 002b:00007f75078cd188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a
[ 2516.080997] RAX: ffffffffffffffda RBX: 00007f750a46af60 RCX: 00007f750a357b19
[ 2516.082048] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000c00
[ 2516.083113] RBP: 00007f750a3b1f6d R08: 0000000000000000 R09: 0000000000000000
[ 2516.084187] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000000
[ 2516.085161] R13: 00007ffc8fa2e86f R14: 00007f75078cd300 R15: 0000000000022000
[ 2516.086249]  </TASK>
[ 2516.098031] 9pnet_fd: p9_fd_create_unix (12427): problem connecting socket: ./file0: -111
08:58:44 executing program 1:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{&(0x7f0000000040)=""/35, 0x23}, {0x0, 0x2}, {&(0x7f0000000300)=""/165, 0xa5}], 0x3, 0x0, 0x0)

08:58:44 executing program 6:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{&(0x7f0000000040)=""/35, 0x23}, {0x0}, {&(0x7f0000000300)=""/165, 0xa5}], 0xf18, 0x0, 0x0)

08:58:44 executing program 7:
openat$sndseq(0xffffffffffffff9c, 0x0, 0x0)
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{0x0}, {&(0x7f0000000300)=""/165, 0xa5}], 0x2, 0x7, 0x0)

[ 2516.136472] Call Trace:
[ 2516.136901]  <TASK>
[ 2516.137209]  x86_pmu_stop+0x149/0x330
[ 2516.137798]  x86_pmu_del+0x1be/0x610
[ 2516.138290]  event_sched_out+0x2ed/0xe80
[ 2516.138827]  __perf_remove_from_context+0x87/0xbe0
[ 2516.139470]  event_function+0x297/0x3d0
[ 2516.139968]  ? perf_uprobe_event_init+0x1c0/0x1c0
[ 2516.140610]  remote_function+0x125/0x1b0
[ 2516.141130]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 2516.141875]  ? perf_duration_warn+0x40/0x40
[ 2516.142451]  generic_exec_single+0x203/0x300
[ 2516.143058]  smp_call_function_single+0x189/0x460
[ 2516.143693]  ? perf_duration_warn+0x40/0x40
[ 2516.144264]  ? generic_exec_single+0x300/0x300
[ 2516.144860]  ? perf_duration_warn+0x40/0x40
[ 2516.145480]  ? lock_is_held_type+0xd7/0x130
[ 2516.146147]  event_function_call+0x3d0/0x430
[ 2516.146718]  ? perf_group_detach+0x11b0/0x11b0
[ 2516.147300]  ? perf_copy_attr+0x9c0/0x9c0
[ 2516.147840]  ? lock_release+0x3b2/0x6f0
[ 2516.148381]  ? perf_group_detach+0x11b0/0x11b0
[ 2516.149006]  ? perf_uprobe_event_init+0x1c0/0x1c0
[ 2516.149717]  ? _raw_spin_unlock_irq+0x1f/0x40
[ 2516.150437]  perf_remove_from_context+0x12e/0x260
[ 2516.151166]  perf_event_release_kernel+0x153/0x7f0
[ 2516.151801]  ? lock_is_held_type+0xd7/0x130
[ 2516.152394]  ? perf_pmu_migrate_context+0xae0/0xae0
[ 2516.153085]  ? lock_is_held_type+0xd7/0x130
[ 2516.153718]  perf_release+0x33/0x40
[ 2516.154194]  __fput+0x272/0x9d0
[ 2516.154664]  ? perf_event_release_kernel+0x7f0/0x7f0
[ 2516.155389]  task_work_run+0xe2/0x1a0
[ 2516.155921]  exit_to_user_mode_prepare+0x199/0x1a0
[ 2516.156593]  syscall_exit_to_user_mode+0x19/0x50
[ 2516.157224]  do_syscall_64+0x48/0x90
[ 2516.157755]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2516.158405] RIP: 0033:0x7f750a30a72b
[ 2516.158916] Code: 0f 05 48 3d 00 f0 ff ff 77 45 c3 0f 1f 40 00 48 83 ec 18 89 7c 24 0c e8 63 fc ff ff 8b 7c 24 0c 41 89 c0 b8 03 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 35 44 89 c7 89 44 24 0c e8 a1 fc ff ff 8b 44
[ 2516.161504] RSP: 002b:00007ffc8fa2e8d0 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[ 2516.162529] RAX: 0000000000000000 RBX: 0000000000000004 RCX: 00007f750a30a72b
[ 2516.163477] RDX: 0000000000000000 RSI: ffffffff8411f74e RDI: 0000000000000003
[ 2516.164491] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000001b30c2001c
[ 2516.165518] R10: 0000000000000f41 R11: 0000000000000293 R12: 00007f750a46bb60
[ 2516.166481] R13: 00007f750a46bb60 R14: 00007f750a46af60 R15: 00000000002663e2
[ 2516.167486]  ? syscall_exit_to_user_mode+0x1e/0x50
[ 2516.168161]  </TASK>
08:58:44 executing program 2:
syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='proc\x00', 0x0, 0x0)
mount$9p_unix(&(0x7f0000000140)='./file0\x00', &(0x7f00000001c0)='./file0\x00', &(0x7f0000000200), 0x4041, &(0x7f0000000240)={'trans=unix,', {[{@uname={'uname', 0x3d, 'proc\x00'}}, {@loose}, {@debug={'debug', 0x3d, 0x4}}, {@aname={'aname', 0x3d, ')**\xc7/-):'}}, {@version_L}, {@noextend}, {@cache_none}, {@cachetag={'cachetag', 0x3d, '/\\$&'}}, {@msize={'msize', 0x3d, 0x6}}], [{@measure}, {@smackfsroot={'smackfsroot', 0x3d, '+'}}, {@dont_appraise}, {@hash}]}})
chroot(&(0x7f0000000040)='./file0\x00')
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/kexec_crash_size', 0x0, 0x0)
umount2(&(0x7f0000000180)='./file0\x00', 0x0)

[ 2516.215817] 9pnet_fd: p9_fd_create_unix (12450): problem connecting socket: ./file0: -111
[ 2516.263001] Call Trace:
[ 2516.263469]  <TASK>
[ 2516.263782]  ? x86_pmu_start+0x1c0/0x240
[ 2516.264341]  x86_pmu_enable+0x580/0xd90
[ 2516.264866]  ? amd_pmu_disable_virt+0xa0/0xa0
[ 2516.265529]  ctx_resched+0x2b9/0x3a0
[ 2516.266042]  __perf_install_in_context+0x285/0xa40
[ 2516.266700]  ? ctx_resched+0x3a0/0x3a0
[ 2516.267239]  remote_function+0x125/0x1b0
[ 2516.267783]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 2516.268529]  ? perf_duration_warn+0x40/0x40
[ 2516.269098]  generic_exec_single+0x203/0x300
[ 2516.269751]  smp_call_function_single+0x189/0x460
[ 2516.270368]  ? perf_duration_warn+0x40/0x40
[ 2516.270946]  ? generic_exec_single+0x300/0x300
[ 2516.271570]  ? perf_duration_warn+0x40/0x40
[ 2516.272171]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 2516.272895]  ? lock_is_held_type+0xd7/0x130
[ 2516.273543]  perf_install_in_context+0x4da/0x590
[ 2516.274180]  ? list_add_event+0xeb0/0xeb0
[ 2516.274730]  ? ctx_resched+0x3a0/0x3a0
[ 2516.275247]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 2516.275978]  ? exclusive_event_installable+0x254/0x320
[ 2516.276705]  __do_sys_perf_event_open+0x1bf0/0x3040
[ 2516.277426]  ? perf_remove_from_context+0x260/0x260
[ 2516.278069]  ? __sanitizer_cov_trace_cmp8+0x1d/0x70
[ 2516.278757]  ? xfd_validate_state+0x59/0x180
[ 2516.279344]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2516.280063]  do_syscall_64+0x3b/0x90
[ 2516.280569]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2516.281314] RIP: 0033:0x7f750a357b19
[ 2516.281827] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2516.284332] RSP: 002b:00007f75078cd188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a
[ 2516.285399] RAX: ffffffffffffffda RBX: 00007f750a46af60 RCX: 00007f750a357b19
[ 2516.286399] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000c00
[ 2516.287392] RBP: 00007f750a3b1f6d R08: 0000000000000000 R09: 0000000000000000
[ 2516.288311] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000000
[ 2516.289199] R13: 00007ffc8fa2e86f R14: 00007f75078cd300 R15: 0000000000022000
[ 2516.290228]  </TASK>
[ 2516.311557] Call Trace:
[ 2516.312002]  <TASK>
[ 2516.312290]  x86_pmu_stop+0x149/0x330
[ 2516.312822]  x86_pmu_del+0x1be/0x610
[ 2516.313429]  event_sched_out+0x2ed/0xe80
[ 2516.314012]  __perf_remove_from_context+0x87/0xbe0
[ 2516.314700]  event_function+0x297/0x3d0
[ 2516.315317]  ? perf_uprobe_event_init+0x1c0/0x1c0
[ 2516.316011]  remote_function+0x125/0x1b0
[ 2516.316572]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 2516.317431]  ? perf_duration_warn+0x40/0x40
[ 2516.318040]  generic_exec_single+0x203/0x300
[ 2516.318666]  smp_call_function_single+0x189/0x460
[ 2516.319342]  ? perf_duration_warn+0x40/0x40
[ 2516.319968]  ? generic_exec_single+0x300/0x300
[ 2516.320628]  ? perf_duration_warn+0x40/0x40
[ 2516.321242]  ? lock_is_held_type+0xd7/0x130
[ 2516.321849]  event_function_call+0x3d0/0x430
[ 2516.322468]  ? perf_group_detach+0x11b0/0x11b0
[ 2516.323115]  ? perf_copy_attr+0x9c0/0x9c0
[ 2516.323724]  ? lock_release+0x3b2/0x6f0
[ 2516.324403]  ? perf_group_detach+0x11b0/0x11b0
[ 2516.325023]  ? perf_uprobe_event_init+0x1c0/0x1c0
[ 2516.325778]  ? _raw_spin_unlock_irq+0x1f/0x40
[ 2516.326404]  perf_remove_from_context+0x12e/0x260
[ 2516.327075]  perf_event_release_kernel+0x153/0x7f0
[ 2516.327764]  ? lock_is_held_type+0xd7/0x130
[ 2516.328377]  ? perf_pmu_migrate_context+0xae0/0xae0
[ 2516.329084]  ? lock_is_held_type+0xd7/0x130
[ 2516.329734]  perf_release+0x33/0x40
[ 2516.330251]  __fput+0x272/0x9d0
[ 2516.330735]  ? perf_event_release_kernel+0x7f0/0x7f0
[ 2516.331533]  task_work_run+0xe2/0x1a0
[ 2516.332084]  exit_to_user_mode_prepare+0x199/0x1a0
[ 2516.332849]  syscall_exit_to_user_mode+0x19/0x50
[ 2516.333578]  do_syscall_64+0x48/0x90
[ 2516.334150]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2516.334885] RIP: 0033:0x7f750a30a72b
[ 2516.335450] Code: 0f 05 48 3d 00 f0 ff ff 77 45 c3 0f 1f 40 00 48 83 ec 18 89 7c 24 0c e8 63 fc ff ff 8b 7c 24 0c 41 89 c0 b8 03 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 35 44 89 c7 89 44 24 0c e8 a1 fc ff ff 8b 44
[ 2516.338131] RSP: 002b:00007ffc8fa2e8d0 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[ 2516.339240] RAX: 0000000000000000 RBX: 0000000000000004 RCX: 00007f750a30a72b
[ 2516.340312] RDX: 00007f750a46fa68 RSI: 0000000000000080 RDI: 0000000000000003
[ 2516.341341] RBP: 0000000000000000 R08: 0000000000000000 R09: 00007f750a46fa70
[ 2516.342365] R10: 00007ffc8fa2e9c0 R11: 0000000000000293 R12: 00000000002664e5
[ 2516.343387] R13: 00000000000003e8 R14: 00007f750a46af60 R15: 00000000002663e2
[ 2516.344396]  </TASK>
08:58:59 executing program 0:
perf_event_open$cgroup(&(0x7f0000000c00)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x68, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

08:58:59 executing program 6:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{&(0x7f0000000040)=""/35, 0x23}, {0x0}, {&(0x7f0000000300)=""/165, 0xa5}], 0xf44, 0x0, 0x0)

08:58:59 executing program 7:
openat$sndseq(0xffffffffffffff9c, 0x0, 0x0)
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{0x0}, {&(0x7f0000000300)=""/165, 0xa5}], 0x2, 0xa, 0x0)

08:58:59 executing program 3:
r0 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r0, &(0x7f00000000c0)={0x2, 0x0, @loopback}, 0x10)
r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
r3 = socket$nl_audit(0x10, 0x3, 0x9)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000340)={'sit0\x00', <r4=>0x0})
sendmmsg$inet(r2, &(0x7f0000002600)=[{{&(0x7f0000000100)={0x2, 0x4e24, @loopback}, 0x10, 0x0, 0x0, &(0x7f0000002500)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {r4, @multicast2, @broadcast}}}], 0x20}}], 0x1, 0x0)
ioctl$sock_inet6_SIOCSIFADDR(r1, 0x8916, &(0x7f00000000c0)={@initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, 0x1c, r4})
setsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x3, &(0x7f0000000140)={@loopback, @loopback, r4}, 0xc)
r5 = fsopen(&(0x7f0000000080)='hugetlbfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r5, 0x6, 0x0, 0x0, 0x0)
r6 = fsmount(r5, 0x0, 0x0)
mknodat$null(r6, &(0x7f0000000040)='./file0\x00', 0x2000, 0x103)
setsockopt$inet_pktinfo(r6, 0x0, 0x8, &(0x7f0000000180)={0x0, @multicast2, @empty}, 0xc)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r7, 0x8933, &(0x7f0000000040)={'wlan1\x00', <r8=>0x0})
r9 = syz_genetlink_get_family_id$nl80211(&(0x7f0000001540), 0xffffffffffffffff)
sendmsg$NL80211_CMD_STOP_AP(r7, &(0x7f0000001600)={0x0, 0x0, &(0x7f00000015c0)={&(0x7f0000001580)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r9, @ANYBLOB="010000000000000002001000000008000300", @ANYRES32=r8, @ANYBLOB], 0x1c}}, 0x0)
fsconfig$FSCONFIG_SET_FD(r5, 0x5, &(0x7f0000000100)='([[-\x00', 0x0, r7)
bind$inet(r0, &(0x7f0000000040)={0x2, 0x0, @empty}, 0x10)

08:58:59 executing program 4:
syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='proc\x00', 0x0, 0x0)
chroot(&(0x7f0000000040)='./file0\x00')
recvmmsg$unix(0xffffffffffffffff, &(0x7f00000045c0)=[{{&(0x7f0000000440)=@abs, 0x6e, &(0x7f0000000700)=[{&(0x7f00000004c0)=""/214, 0xd6}, {&(0x7f00000005c0)=""/96, 0x60}, {&(0x7f0000000640)=""/162, 0xa2}], 0x3, &(0x7f0000000740)=[@rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}], 0x78}}, {{0x0, 0x0, &(0x7f0000001bc0)=[{&(0x7f00000007c0)=""/117, 0x75}, {&(0x7f0000000840)=""/153, 0x99}, {&(0x7f0000000900)=""/88, 0x58}, {&(0x7f0000000980)=""/19, 0x13}, {&(0x7f00000009c0)=""/32, 0x20}, {&(0x7f0000000a00)=""/4096, 0x1000}, {&(0x7f0000001a00)=""/237, 0xed}, {&(0x7f0000001b00)=""/36, 0x24}, {&(0x7f0000001b40)=""/67, 0x43}], 0x9, &(0x7f0000001c80)=[@rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c, 0x1, 0x2, {0x0, <r0=>0x0}}}, @cred={{0x1c}}], 0x58}}, {{&(0x7f0000001d00), 0x6e, &(0x7f0000002140)=[{&(0x7f0000001d80)=""/52, 0x34}, {&(0x7f0000001dc0)=""/250, 0xfa}, {&(0x7f0000001ec0)=""/169, 0xa9}, {&(0x7f0000001f80)=""/236, 0xec}, {&(0x7f0000002080)=""/144, 0x90}], 0x5, &(0x7f00000021c0)=[@rights={{0x34, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0x38}}, {{&(0x7f0000002200), 0x6e, &(0x7f0000002500)=[{&(0x7f0000002280)}, {&(0x7f00000022c0)=""/117, 0x75}, {&(0x7f0000002340)=""/208, 0xd0}, {&(0x7f0000002440)=""/53, 0x35}, {&(0x7f0000002480)=""/86, 0x56}], 0x5, &(0x7f0000002580)=[@cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x20, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @cred={{0x1c}}], 0xd8}}, {{&(0x7f0000002680)=@abs, 0x6e, &(0x7f0000002880)=[{&(0x7f0000002700)=""/150, 0x96}, {&(0x7f00000027c0)=""/97, 0x61}, {&(0x7f0000002840)=""/28, 0x1c}], 0x3, &(0x7f00000028c0)=[@cred={{0x1c}}, @rights={{0x34, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}], 0xd8}}, {{&(0x7f00000029c0), 0x6e, &(0x7f0000002c40)=[{&(0x7f0000002a40)=""/241, 0xf1}, {&(0x7f0000002b40)=""/198, 0xc6}], 0x2}}, {{&(0x7f0000002c80), 0x6e, &(0x7f0000003280)=[{&(0x7f0000002d00)=""/250, 0xfa}, {&(0x7f0000002e00)=""/44, 0x2c}, {&(0x7f0000002e40)=""/223, 0xdf}, {&(0x7f0000002f40)=""/9, 0x9}, {&(0x7f0000002f80)=""/150, 0x96}, {&(0x7f0000003040)=""/13, 0xd}, {&(0x7f0000003080)=""/21, 0x15}, {&(0x7f00000030c0)=""/158, 0x9e}, {&(0x7f0000003180)=""/14, 0xe}, {&(0x7f00000031c0)=""/135, 0x87}], 0xa, &(0x7f0000003340)=[@cred={{0x1c}}], 0x20}}, {{&(0x7f0000003380)=@abs, 0x6e, &(0x7f0000004500)=[{&(0x7f0000003400)=""/4096, 0x1000}, {&(0x7f0000004400)=""/221, 0xdd}], 0x2, &(0x7f0000004540)=[@cred={{0x1c}}, @rights={{0x34, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0x58}}], 0x8, 0x1, &(0x7f00000047c0)={0x77359400})
stat(&(0x7f0000000240)='./file0\x00', &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, <r1=>0x0})
setresuid(0x0, r1, 0x0)
syz_mount_image$tmpfs(&(0x7f0000000140), &(0x7f00000001c0)='./file0\x00', 0x6, 0x3, &(0x7f00000003c0)=[{&(0x7f0000000200)="ea2732fdf2b55b996751ce4296907e073658cd0550deada38520361ad8b3d6dc7491460d223dc3b656de5b5eab67885668ddd6980ab42283ae1a87c0d61b4a3cbbed4e530d43b50a65ccefac1dfcfa294242e33ba25e5757daaa", 0x5a, 0x9}, {&(0x7f0000000280)="23204487d0cbc72dd06c3afb824de7a78a0beec0cb9074680f0f96939df5e21043bc6c2bdded7b612a24c3f04d759a8813642a7b9aa988bd74d79d1bbf83e8d2122cf83a324f1a715c9b2831c19f16d3e06d6d4c7883fbc754d6940c4938a1b0595c133b65348802f69a09bb140bb7e36f2899dccdf85b5034663b36b0684c0bf1acf672afa35358e9", 0x89, 0x78cf}, {&(0x7f0000000340)="32c58b20389e1ad489cbe6630e4584cbeada14ca0346a13231d3fee8d157f30e7aa804c445e80553c5058222f3d04194de5413e1a4cbb310aa2cd9bdda6f1781e9612c7e6040339c4f5bbb70dfae2e22ef91bd443de33ad4ca45ec8a4f2b95833b797082af8f3f47694841e1e9a40bc35637bdf53a932b2a9a94789289", 0x7d, 0x380000000000000}], 0x8040, &(0x7f0000004800)={[{}, {@size={'size', 0x3d, [0x36, 0x67, 0x2d, 0x0, 0x32]}}, {@huge_always}, {@huge_advise}, {@huge_always}, {@huge_within_size}, {@huge_within_size}, {@size={'size', 0x3d, [0x6d, 0x67, 0x35, 0x35, 0x31, 0x39]}}], [{@uid_eq={'uid', 0x3d, r0}}, {@obj_user={'obj_user', 0x3d, '*]:}'}}, {@dont_measure}, {@appraise_type}, {@fscontext={'fscontext', 0x3d, 'staff_u'}}, {@fsname={'fsname', 0x3d, ',.^{}'}}, {@smackfsroot={'smackfsroot', 0x3d, '+**:('}}, {@euid_gt={'euid>', r1}}]})
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/kexec_crash_size', 0x0, 0x0)
umount2(&(0x7f0000000180)='./file0\x00', 0x0)

08:58:59 executing program 1:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{&(0x7f0000000040)=""/35, 0x23}, {0x0, 0x2}, {&(0x7f0000000300)=""/165, 0xa5}], 0x3, 0x2, 0x0)

08:58:59 executing program 2:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{&(0x7f0000000040)=""/35, 0x23}, {0x0}, {&(0x7f0000000300)=""/165, 0xa5}], 0xa, 0x0, 0x0)

[ 2531.220917] Call Trace:
[ 2531.221358]  <IRQ>
[ 2531.221715]  ? x86_pmu_start+0x1c0/0x240
[ 2531.222270]  x86_pmu_enable+0x580/0xd90
[ 2531.222808]  ? amd_pmu_disable_virt+0xa0/0xa0
[ 2531.223416]  ctx_resched+0x2b9/0x3a0
[ 2531.223941]  __perf_install_in_context+0x285/0xa40
[ 2531.224604]  ? __irq_exit_rcu+0x113/0x170
[ 2531.225130]  ? ctx_resched+0x3a0/0x3a0
[ 2531.225640]  remote_function+0x125/0x1b0
[ 2531.226154]  flush_smp_call_function_queue+0x1df/0x610
[ 2531.226826]  ? perf_duration_warn+0x40/0x40
[ 2531.227384]  __sysvec_call_function_single+0x92/0x3a0
[ 2531.228078]  sysvec_call_function_single+0x89/0xc0
[ 2531.228788]  </IRQ>
[ 2531.229091]  <TASK>
[ 2531.229427]  asm_sysvec_call_function_single+0x12/0x20
[ 2531.230158] RIP: 0010:__stack_depot_save+0x135/0x450
[ 2531.230878] Code: 05 89 d9 81 e1 ff ff 0f 00 48 8d 0c c8 48 8b 29 48 85 ed 75 12 e9 92 00 00 00 48 8b 6d 00 48 85 ed 0f 84 85 00 00 00 39 5d 08 <75> ee 44 3b 7d 0c 75 e8 31 c0 48 8b 74 c5 18 49 39 34 c6 75 db 48
[ 2531.233361] RSP: 0018:ffff8880174c7770 EFLAGS: 00000246
[ 2531.234135] RAX: ffff88806c300000 RBX: 0000000071043c9f RCX: ffff88806c51e4f8
[ 2531.235068] RDX: 000000000000000c RSI: 0000000000000003 RDI: 0000000004cab4cb
[ 2531.236005] RBP: ffff88800fa74a00 R08: 000000008307e3f9 R09: 0000000000000000
[ 2531.236907] R10: 0000000000000001 R11: 0000000000000001 R12: 0000000000000001
[ 2531.237891] R13: 0000000000000dc0 R14: ffff8880174c77c8 R15: 000000000000000c
[ 2531.238874]  kasan_save_stack+0x2e/0x40
[ 2531.239420]  ? kasan_save_stack+0x1e/0x40
[ 2531.239962]  ? __kasan_slab_alloc+0x66/0x80
[ 2531.240514]  ? kmem_cache_alloc+0x1aa/0x480
[ 2531.241073]  ? security_file_alloc+0x34/0x170
[ 2531.241663]  ? __alloc_file+0xb6/0x230
[ 2531.242185]  ? alloc_empty_file+0x6d/0x170
[ 2531.242743]  ? path_openat+0xe1/0x2870
[ 2531.243237]  ? do_filp_open+0x1aa/0x400
[ 2531.243770]  ? do_sys_openat2+0x16d/0x4c0
[ 2531.244311]  ? __x64_sys_openat+0x13f/0x1f0
[ 2531.244892]  ? do_syscall_64+0x3b/0x90
[ 2531.245410]  ? entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2531.246160]  ? lockdep_hardirqs_on_prepare+0x400/0x400
[ 2531.246847]  ? lockdep_hardirqs_on_prepare+0x400/0x400
[ 2531.247550]  ? lock_is_held_type+0xd7/0x130
[ 2531.248108]  ? lock_is_held_type+0xd7/0x130
[ 2531.248708]  ? find_held_lock+0x2c/0x110
[ 2531.249234]  ? lock_release+0x3b2/0x6f0
[ 2531.249792]  ? kmem_cache_alloc+0x43/0x480
[ 2531.250360]  ? lock_is_held_type+0xd7/0x130
[ 2531.250938]  ? kasan_unpoison+0x23/0x50
[ 2531.251468]  __kasan_slab_alloc+0x66/0x80
[ 2531.252026]  kmem_cache_alloc+0x1aa/0x480
[ 2531.252590]  security_file_alloc+0x34/0x170
[ 2531.253161]  __alloc_file+0xb6/0x230
[ 2531.253677]  alloc_empty_file+0x6d/0x170
[ 2531.254201]  path_openat+0xe1/0x2870
[ 2531.254706]  ? path_lookupat+0x850/0x850
[ 2531.255241]  ? lockdep_hardirqs_on_prepare+0x400/0x400
[ 2531.255946]  ? lock_is_held_type+0xd7/0x130
[ 2531.256516]  do_filp_open+0x1aa/0x400
[ 2531.257022]  ? may_open_dev+0xf0/0xf0
[ 2531.257592]  ? lock_release+0x3b2/0x6f0
[ 2531.258113]  ? alloc_fd+0x2f0/0x670
[ 2531.258596]  ? lock_downgrade+0x6d0/0x6d0
[ 2531.259137]  ? rwlock_bug.part.0+0x90/0x90
[ 2531.259704]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[ 2531.260432]  ? _find_next_bit+0x1e5/0x260
[ 2531.260989]  ? _raw_spin_unlock+0x24/0x40
[ 2531.261575]  ? alloc_fd+0x2f0/0x670
[ 2531.262073]  do_sys_openat2+0x16d/0x4c0
[ 2531.262666]  ? build_open_flags+0x6f0/0x6f0
[ 2531.263236]  ? up_write+0x460/0x460
[ 2531.263731]  __x64_sys_openat+0x13f/0x1f0
[ 2531.264281]  ? __x64_sys_open+0x1c0/0x1c0
[ 2531.264862]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2531.265644]  do_syscall_64+0x3b/0x90
[ 2531.266174]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2531.266887] RIP: 0033:0x7f928d2d6a04
[ 2531.267393] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44
[ 2531.269937] RSP: 002b:00007ffe916ec5b0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101
[ 2531.271034] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00007f928d2d6a04
[ 2531.272005] RDX: 0000000000080001 RSI: 00007f928d37dff5 RDI: 00000000ffffff9c
[ 2531.273031] RBP: 00007f928d37dff5 R08: 0000000000000000 R09: 00007ffe916ec5a0
[ 2531.274041] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000080001
[ 2531.275067] R13: 00007ffe916ec650 R14: 0000000000000000 R15: 00007ffe916ecbf0
[ 2531.276067]  </TASK>
08:58:59 executing program 5:
socketpair$unix(0x1, 0x5, 0x0, 0x0)
sendmsg$unix(0xffffffffffffffff, 0x0, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
pwritev(r0, &(0x7f0000000640), 0x0, 0x8000000, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0)
r2 = socket$inet6(0xa, 0x1, 0x0)
bind$inet6(r2, &(0x7f00000002c0)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c)
recvfrom(r2, &(0x7f00000003c0)=""/87, 0x20010397, 0x300, 0x0, 0x0)
sendfile(r2, r1, 0x0, 0xfffffdef)
readv(0xffffffffffffffff, &(0x7f0000000040), 0x0)
write$binfmt_aout(r2, &(0x7f0000000680)={{0xcc, 0x2, 0x3, 0x25a, 0x1d8, 0x6, 0x226, 0x2}, "e0ea4da24c4ff602c62ca2a8a42a330becf63a4e885841ba204c7ae1bc651ef9", ['\x00', '\x00']}, 0x240)
openat$cgroup_freezer_state(0xffffffffffffffff, 0x0, 0x2, 0x0)
close(0xffffffffffffffff)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000001540), 0xffffffffffffffff)
sendmsg$NL80211_CMD_STOP_AP(r3, &(0x7f0000001600)={0x0, 0x0, &(0x7f00000015c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="1c000000", @ANYRES16=0x0, @ANYBLOB="010000000000000000001000000008000300", @ANYRES32=0x0, @ANYBLOB="7983a1a23de9f1dcc6513746ef47eee8ab15321bd6dc2e11794c6eb4a34563f9707912a281358da2092e2615e574d17789bb43abec71009ba455d8ff6b02ca64a2b3741b2789ee25c020bca2eedd6d48169029e37a32b3ee227206a75fa091c859a9ae72f0552ca548dd61a05920c7163655871cfa3321ce89b89357517575b81846f41fe598cddd9a"], 0x1c}}, 0x0)
getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000000040), &(0x7f0000000080)=0xc)
syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x2200)

08:58:59 executing program 7:
openat$sndseq(0xffffffffffffff9c, 0x0, 0x0)
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{0x0}, {&(0x7f0000000300)=""/165, 0xa5}], 0x2, 0x10, 0x0)

08:58:59 executing program 1:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{&(0x7f0000000040)=""/35, 0x23}, {0x0, 0x2}, {&(0x7f0000000300)=""/165, 0xa5}], 0x3, 0x3, 0x0)

[ 2531.413959] Call Trace:
[ 2531.414393]  <IRQ>
[ 2531.414695]  x86_pmu_stop+0x149/0x330
[ 2531.415235]  x86_pmu_del+0x1be/0x610
[ 2531.415740]  event_sched_out+0x2ed/0xe80
[ 2531.416277]  __perf_remove_from_context+0x87/0xbe0
[ 2531.416943]  event_function+0x297/0x3d0
[ 2531.417477]  ? perf_uprobe_event_init+0x1c0/0x1c0
[ 2531.418184]  remote_function+0x125/0x1b0
[ 2531.418749]  flush_smp_call_function_queue+0x1df/0x610
[ 2531.419463]  ? perf_duration_warn+0x40/0x40
[ 2531.420040]  __sysvec_call_function_single+0x92/0x3a0
[ 2531.420710]  sysvec_call_function_single+0x89/0xc0
[ 2531.421357]  </IRQ>
[ 2531.421696]  <TASK>
[ 2531.422003]  asm_sysvec_call_function_single+0x12/0x20
[ 2531.422715] RIP: 0010:_raw_spin_unlock_irqrestore+0x2e/0x50
[ 2531.423495] Code: 48 83 c7 18 53 48 89 f3 48 8b 74 24 10 e8 7a 02 15 fd 48 89 ef e8 72 7f 15 fd 80 e7 02 74 06 e8 38 ae 36 fd fb bf 01 00 00 00 <e8> 6d 8b 0b fd 65 8b 05 e6 92 ee 7b 85 c0 74 03 5b 5d c3 0f 1f 44
[ 2531.426005] RSP: 0018:ffff88804227f8d8 EFLAGS: 00000202
[ 2531.426730] RAX: 0000000000000351 RBX: 0000000000000212 RCX: ffffffff81283e5f
[ 2531.427678] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000001
[ 2531.428700] RBP: ffffffff8570fe00 R08: 0000000000000001 R09: ffffffff86a3e7e7
[ 2531.429690] R10: fffffbfff0d47cfc R11: 0000000000000001 R12: 00000000000000a3
[ 2531.430677] R13: 0000000000000000 R14: 0000000000000212 R15: 0000000000000000
[ 2531.431634]  ? mark_lock.part.0+0xef/0x2f60
[ 2531.432277]  ? _raw_spin_unlock_irqrestore+0x28/0x50
[ 2531.432979]  snd_seq_client_use_ptr+0x284/0x3e0
[ 2531.433644]  snd_seq_info_clients_read+0x130/0x7d0
[ 2531.434346]  snd_info_seq_show+0xcd/0x120
[ 2531.434897]  traverse.part.0+0xd7/0x610
[ 2531.435432]  seq_read_iter+0x930/0x12b0
[ 2531.435974]  seq_read+0x337/0x4b0
[ 2531.436426]  ? seq_read_iter+0x12b0/0x12b0
[ 2531.436992]  ? lock_is_held_type+0xd7/0x130
[ 2531.437611]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[ 2531.438358]  ? fsnotify_perm.part.0+0x221/0x610
[ 2531.439030]  ? seq_read_iter+0x12b0/0x12b0
[ 2531.439582]  proc_reg_read+0x226/0x300
[ 2531.440116]  do_iter_read+0x4ed/0x750
[ 2531.440642]  ? import_iovec+0x83/0xb0
[ 2531.441174]  vfs_readv+0xe5/0x150
[ 2531.441756]  ? vfs_iter_read+0xa0/0xa0
[ 2531.442367]  ? lock_release+0x3b2/0x6f0
[ 2531.443008]  ? __fget_files+0x265/0x470
[ 2531.443558]  ? 0xffffffff81000000
[ 2531.444048]  ? do_futex+0x136/0x380
[ 2531.444560]  ? __fget_files+0x287/0x470
[ 2531.445100]  __x64_sys_preadv+0x22b/0x310
[ 2531.445747]  ? vfs_iocb_iter_write+0x480/0x480
[ 2531.446516]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2531.447360]  do_syscall_64+0x3b/0x90
[ 2531.447884]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2531.448606] RIP: 0033:0x7faa53ee7b19
[ 2531.449128] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2531.451806] RSP: 002b:00007faa5145d188 EFLAGS: 00000246 ORIG_RAX: 0000000000000127
[ 2531.452864] RAX: ffffffffffffffda RBX: 00007faa53ffaf60 RCX: 00007faa53ee7b19
[ 2531.453892] RDX: 0000000000000003 RSI: 00000000200002c0 RDI: 0000000000000003
[ 2531.454992] RBP: 00007faa53f41f6d R08: 0000000000000000 R09: 0000000000000000
[ 2531.455932] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000000000000
[ 2531.456912] R13: 00007ffd1c5993ef R14: 00007faa5145d300 R15: 0000000000022000
[ 2531.457961]  </TASK>
[ 2531.461831] Call Trace:
[ 2531.462251]  <TASK>
[ 2531.462567]  ? x86_pmu_start+0x1c0/0x240
[ 2531.463132]  x86_pmu_enable+0x580/0xd90
[ 2531.463709]  ? amd_pmu_disable_virt+0xa0/0xa0
[ 2531.464388]  ctx_resched+0x2b9/0x3a0
[ 2531.464953]  __perf_install_in_context+0x285/0xa40
[ 2531.465719]  ? ctx_resched+0x3a0/0x3a0
[ 2531.466263]  remote_function+0x125/0x1b0
[ 2531.466839]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 2531.467705]  ? perf_duration_warn+0x40/0x40
[ 2531.468372]  generic_exec_single+0x203/0x300
[ 2531.469010]  smp_call_function_single+0x189/0x460
[ 2531.469715]  ? perf_duration_warn+0x40/0x40
[ 2531.470337]  ? generic_exec_single+0x300/0x300
[ 2531.470979]  ? perf_duration_warn+0x40/0x40
[ 2531.471598]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 2531.472403]  ? lock_is_held_type+0xd7/0x130
[ 2531.473084]  perf_install_in_context+0x4da/0x590
[ 2531.473857]  ? list_add_event+0xeb0/0xeb0
[ 2531.474417]  ? ctx_resched+0x3a0/0x3a0
[ 2531.474958]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 2531.475714]  ? exclusive_event_installable+0x254/0x320
[ 2531.476442]  __do_sys_perf_event_open+0x1bf0/0x3040
[ 2531.477165]  ? perf_remove_from_context+0x260/0x260
[ 2531.477874]  ? xfd_validate_state+0x59/0x180
[ 2531.478514]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2531.479359]  do_syscall_64+0x3b/0x90
[ 2531.479951]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2531.480655] RIP: 0033:0x7f750a357b19
[ 2531.481156] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2531.483783] RSP: 002b:00007f75078cd188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a
[ 2531.484857] RAX: ffffffffffffffda RBX: 00007f750a46af60 RCX: 00007f750a357b19
[ 2531.485875] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000c00
[ 2531.486862] RBP: 00007f750a3b1f6d R08: 0000000000000000 R09: 0000000000000000
[ 2531.487925] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000000
[ 2531.488922] R13: 00007ffc8fa2e86f R14: 00007f75078cd300 R15: 0000000000022000
[ 2531.490119]  </TASK>
[ 2531.544731] Call Trace:
[ 2531.545209]  <TASK>
[ 2531.545528]  x86_pmu_stop+0x149/0x330
[ 2531.546069]  x86_pmu_del+0x1be/0x610
[ 2531.546595]  event_sched_out+0x2ed/0xe80
[ 2531.547160]  __perf_remove_from_context+0x87/0xbe0
[ 2531.547807]  event_function+0x297/0x3d0
[ 2531.548391]  ? perf_uprobe_event_init+0x1c0/0x1c0
[ 2531.549055]  remote_function+0x125/0x1b0
[ 2531.549679]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 2531.550428]  ? perf_duration_warn+0x40/0x40
[ 2531.551001]  generic_exec_single+0x203/0x300
[ 2531.551581]  smp_call_function_single+0x189/0x460
[ 2531.552227]  ? perf_duration_warn+0x40/0x40
[ 2531.552801]  ? generic_exec_single+0x300/0x300
[ 2531.553385]  ? perf_duration_warn+0x40/0x40
[ 2531.554018]  ? lock_is_held_type+0xd7/0x130
[ 2531.554618]  event_function_call+0x3d0/0x430
[ 2531.555266]  ? perf_group_detach+0x11b0/0x11b0
[ 2531.555895]  ? perf_copy_attr+0x9c0/0x9c0
[ 2531.556464]  ? lock_release+0x3b2/0x6f0
[ 2531.557054]  ? perf_group_detach+0x11b0/0x11b0
[ 2531.557897]  ? perf_uprobe_event_init+0x1c0/0x1c0
[ 2531.558571]  ? _raw_spin_unlock_irq+0x1f/0x40
[ 2531.559262]  perf_remove_from_context+0x12e/0x260
[ 2531.560032]  perf_event_release_kernel+0x153/0x7f0
[ 2531.560713]  ? lock_is_held_type+0xd7/0x130
[ 2531.561359]  ? perf_pmu_migrate_context+0xae0/0xae0
[ 2531.562040]  ? lock_is_held_type+0xd7/0x130
[ 2531.562650]  perf_release+0x33/0x40
[ 2531.563137]  __fput+0x272/0x9d0
[ 2531.563568]  ? perf_event_release_kernel+0x7f0/0x7f0
[ 2531.564233]  task_work_run+0xe2/0x1a0
[ 2531.564772]  do_exit+0xaf7/0x27e0
[ 2531.565255]  ? find_held_lock+0x2c/0x110
[ 2531.565810]  ? lock_release+0x3b2/0x6f0
[ 2531.566423]  ? mm_update_next_owner+0x7d0/0x7d0
[ 2531.567062]  ? lock_downgrade+0x6d0/0x6d0
[ 2531.567611]  ? lock_is_held_type+0xd7/0x130
[ 2531.568178]  do_group_exit+0xd2/0x2f0
[ 2531.568665]  get_signal+0x2303/0x2350
[ 2531.569172]  ? lock_downgrade+0x6d0/0x6d0
[ 2531.569789]  ? signal_setup_done+0x520/0x520
[ 2531.570377]  ? lock_is_held_type+0xd7/0x130
[ 2531.570967]  arch_do_signal_or_restart+0x88/0x1a40
[ 2531.571640]  ? __do_sys_perf_event_open+0xd2/0x3040
[ 2531.572314]  ? get_sigframe_size+0x10/0x10
[ 2531.572866]  ? perf_remove_from_context+0x260/0x260
[ 2531.573585]  ? xfd_validate_state+0x59/0x180
[ 2531.574198]  exit_to_user_mode_prepare+0x131/0x1a0
[ 2531.574865]  syscall_exit_to_user_mode+0x19/0x50
[ 2531.575546]  do_syscall_64+0x48/0x90
[ 2531.576046]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2531.576759] RIP: 0033:0x7f750a357b19
[ 2531.577271] Code: Unable to access opcode bytes at RIP 0x7f750a357aef.
[ 2531.578196] RSP: 002b:00007f75078cd188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a
[ 2531.579278] RAX: 0000000000000003 RBX: 00007f750a46af60 RCX: 00007f750a357b19
[ 2531.580291] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000c00
[ 2531.581315] RBP: 00007f750a3b1f6d R08: 0000000000000000 R09: 0000000000000000
[ 2531.582358] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000000
[ 2531.583350] R13: 00007ffc8fa2e86f R14: 00007f75078cd300 R15: 0000000000022000
[ 2531.584334]  </TASK>
08:59:14 executing program 1:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{&(0x7f0000000040)=""/35, 0x23}, {0x0, 0x2}, {&(0x7f0000000300)=""/165, 0xa5}], 0x3, 0x4, 0x0)

08:59:14 executing program 0:
perf_event_open$cgroup(&(0x7f0000000c00)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x6c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

08:59:14 executing program 5:
socketpair$unix(0x1, 0x5, 0x0, 0x0)
sendmsg$unix(0xffffffffffffffff, 0x0, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
pwritev(r0, &(0x7f0000000640)=[{&(0x7f00000002c0)="19", 0x1}], 0x1, 0x8000000, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0)
r2 = socket$inet6(0xa, 0x1, 0x0)
bind$inet6(r2, &(0x7f00000002c0)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
connect$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x4e28, 0x0, @rand_addr=' \x01\x00'}, 0x1c)
recvfrom(r2, &(0x7f00000003c0)=""/87, 0x20010397, 0x300, 0x0, 0x0)
sendfile(r2, r1, 0x0, 0xfffffdef)
r3 = accept$inet6(r1, &(0x7f00000000c0)={0xa, 0x0, 0x0, @ipv4={""/10, ""/2, @multicast1}}, &(0x7f0000000140)=0x1c)
ioctl$FS_IOC_GETVERSION(r3, 0x80087601, &(0x7f0000000180))
readv(0xffffffffffffffff, &(0x7f0000000040), 0x0)
openat$cgroup_freezer_state(0xffffffffffffffff, 0x0, 0x2, 0x0)
close(0xffffffffffffffff)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000001540), 0xffffffffffffffff)
sendmsg$NL80211_CMD_STOP_AP(r4, &(0x7f0000001600)={0x0, 0x0, &(0x7f00000015c0)={&(0x7f00000000c0)=ANY=[], 0x1c}, 0x1, 0x0, 0x0, 0x800}, 0x240000a0)
getsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f0000000040), &(0x7f0000000080)=0xc)
syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x2200)

08:59:14 executing program 3:
r0 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$sock_inet_SIOCSIFFLAGS(0xffffffffffffffff, 0x8914, &(0x7f0000000080)={'veth1_vlan\x00'})
bind$inet(r0, &(0x7f00000000c0)={0x2, 0x0, @loopback}, 0x10)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000040)={'wlan1\x00', <r2=>0x0})
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000001540), 0xffffffffffffffff)
sendmsg$NL80211_CMD_STOP_AP(r1, &(0x7f0000001600)={0x0, 0x0, &(0x7f00000015c0)={&(0x7f0000001580)={0x1c, r3, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}}, 0x1c}}, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000340)={'batadv_slave_0\x00'})
r4 = openat$full(0xffffffffffffff9c, &(0x7f0000000380), 0x4480, 0x0)
ioctl$EXT4_IOC_MIGRATE(r4, 0x6609)
bind$inet(r0, &(0x7f0000000040)={0x2, 0x0, @empty}, 0x10)
bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @loopback}, 0x10)
ioctl$EXT4_IOC_GET_ES_CACHE(0xffffffffffffffff, 0xc020662a, &(0x7f0000000100)={0x4, 0x69, 0x0, 0xce4, 0x9, [{0x0, 0x66, 0x7fffffff, '\x00', 0x704}, {0x8, 0xff80000000, 0x5000000, '\x00', 0x1204}, {0xfffffffffffffffb, 0x3, 0x2, '\x00', 0x1888}, {0x0, 0x6, 0x7f, '\x00', 0x2000}, {0x7, 0x7fffffff, 0x4, '\x00', 0x101}, {0x9, 0x6, 0x1000, '\x00', 0x906}, {0x100, 0x100000001, 0x7fffffff, '\x00', 0x2802}, {0x7, 0x9, 0x3, '\x00', 0x40a}, {0x81, 0x3, 0x10000, '\x00', 0x2000}]})

08:59:14 executing program 6:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{&(0x7f0000000040)=""/35, 0x23}, {0x0}, {&(0x7f0000000300)=""/165, 0xa5}], 0xf67, 0x0, 0x0)

08:59:14 executing program 2:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{&(0x7f0000000040)=""/35, 0x23}, {0x0}, {&(0x7f0000000300)=""/165, 0xa5}], 0xf44, 0x0, 0x0)

08:59:14 executing program 7:
openat$sndseq(0xffffffffffffff9c, 0x0, 0x0)
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{0x0}, {&(0x7f0000000300)=""/165, 0xa5}], 0x2, 0x48, 0x0)

08:59:14 executing program 4:
syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x1, 0x0, 0x0, 0x2000, 0x0)
mount(&(0x7f0000000140)=@sg0, &(0x7f00000001c0)='./file0/file0\x00', &(0x7f0000000200)='tmpfs\x00', 0x401, &(0x7f0000000240)='proc\x00')
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='proc\x00', 0x0, 0x0)
chroot(&(0x7f0000000040)='./file0\x00')
mount$9p_unix(&(0x7f0000000280)='./file0\x00', &(0x7f00000002c0)='./file0\x00', &(0x7f0000000300), 0x3d31b8b8878080ae, &(0x7f00000003c0)=ANY=[@ANYBLOB="7472616e733d756e69782c66756e633d4649524d574152455f434845434b2c7063723d302430303030303030303030303040e6491a1fd5aa7b4a923cda3030303032382c00"])
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/kexec_crash_size', 0x63c280, 0x22)
umount2(&(0x7f0000000180)='./file0\x00', 0x0)

[ 2546.041987] Call Trace:
[ 2546.042407]  <TASK>
[ 2546.042707]  ? x86_pmu_start+0x1c0/0x240
[ 2546.043275]  x86_pmu_enable+0x580/0xd90
[ 2546.043827]  ? amd_pmu_disable_virt+0xa0/0xa0
[ 2546.044439]  ctx_resched+0x2b9/0x3a0
[ 2546.044927]  __perf_install_in_context+0x285/0xa40
[ 2546.045565]  ? ctx_resched+0x3a0/0x3a0
[ 2546.046140]  remote_function+0x125/0x1b0
[ 2546.046703]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 2546.047427]  ? perf_duration_warn+0x40/0x40
[ 2546.047994]  generic_exec_single+0x203/0x300
[ 2546.048620]  smp_call_function_single+0x189/0x460
[ 2546.049300]  ? perf_duration_warn+0x40/0x40
[ 2546.049969]  ? generic_exec_single+0x300/0x300
[ 2546.050619]  ? perf_duration_warn+0x40/0x40
[ 2546.051203]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 2546.051936]  ? lock_is_held_type+0xd7/0x130
[ 2546.052518]  perf_install_in_context+0x4da/0x590
[ 2546.053167]  ? list_add_event+0xeb0/0xeb0
[ 2546.053772]  ? ctx_resched+0x3a0/0x3a0
[ 2546.054316]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 2546.055101]  ? exclusive_event_installable+0x254/0x320
[ 2546.055893]  __do_sys_perf_event_open+0x1bf0/0x3040
[ 2546.056587]  ? __up_read+0x192/0x710
[ 2546.057104]  ? perf_remove_from_context+0x260/0x260
[ 2546.057897]  ? up_write+0x460/0x460
[ 2546.058473]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2546.059175]  do_syscall_64+0x3b/0x90
[ 2546.059694]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2546.060414] RIP: 0033:0x7f750a357b19
[ 2546.060994] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2546.063755] RSP: 002b:00007f75078cd188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a
[ 2546.064823] RAX: ffffffffffffffda RBX: 00007f750a46af60 RCX: 00007f750a357b19
[ 2546.065905] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000c00
[ 2546.066902] RBP: 00007f750a3b1f6d R08: 0000000000000000 R09: 0000000000000000
[ 2546.067894] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000000
[ 2546.068877] R13: 00007ffc8fa2e86f R14: 00007f75078cd300 R15: 0000000000022000
[ 2546.069937]  </TASK>
08:59:14 executing program 7:
openat$sndseq(0xffffffffffffff9c, 0x0, 0x0)
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{0x0}, {&(0x7f0000000300)=""/165, 0xa5}], 0x2, 0x4c, 0x0)

08:59:14 executing program 6:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{&(0x7f0000000040)=""/35, 0x23}, {0x0}, {&(0x7f0000000300)=""/165, 0xa5}], 0xf86, 0x0, 0x0)

08:59:14 executing program 4:
syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
io_setup(0x6, &(0x7f0000000040))
io_setup(0x4e, &(0x7f0000000000))
io_submit(0x0, 0x1, &(0x7f0000000400)=[&(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0}])
io_setup(0x4, &(0x7f00000000c0))
io_setup(0x4, &(0x7f0000000140))
io_setup(0x4e, &(0x7f0000000000))
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='proc\x00', 0x0, 0x0)
chroot(&(0x7f0000000040)='./file0\x00')
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/kexec_crash_size', 0x0, 0x0)
umount2(&(0x7f0000000180)='./file0\x00', 0x0)

[ 2546.124873] Call Trace:
[ 2546.125280]  <IRQ>
[ 2546.125628]  x86_pmu_stop+0x149/0x330
[ 2546.126217]  x86_pmu_del+0x1be/0x610
[ 2546.126766]  event_sched_out+0x2ed/0xe80
[ 2546.127353]  __perf_remove_from_context+0x87/0xbe0
[ 2546.128052]  event_function+0x297/0x3d0
[ 2546.128624]  ? perf_uprobe_event_init+0x1c0/0x1c0
[ 2546.129290]  remote_function+0x125/0x1b0
[ 2546.129897]  flush_smp_call_function_queue+0x1df/0x610
[ 2546.130661]  ? perf_duration_warn+0x40/0x40
[ 2546.131271]  __sysvec_call_function_single+0x92/0x3a0
[ 2546.132024]  sysvec_call_function_single+0x89/0xc0
[ 2546.132707]  </IRQ>
[ 2546.132996]  <TASK>
[ 2546.133299]  asm_sysvec_call_function_single+0x12/0x20
[ 2546.134064] RIP: 0010:check_kcov_mode+0x2c/0x40
[ 2546.134706] Code: 05 89 b9 be 7e 89 c2 81 e2 00 01 00 00 a9 00 01 ff 00 74 10 31 c0 85 d2 74 15 8b 96 64 14 00 00 85 d2 74 0b 8b 86 40 14 00 00 <39> f8 0f 94 c0 c3 66 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 31 c0
[ 2546.137245] RSP: 0018:ffff88802089f9a8 EFLAGS: 00000246
[ 2546.138015] RAX: 0000000000000000 RBX: 0000000000000001 RCX: 0000000000000001
[ 2546.138999] RDX: 0000000000000000 RSI: ffff88801b598000 RDI: 0000000000000003
[ 2546.140000] RBP: 0000000000000001 R08: 0000000000000000 R09: ffff88802089fc40
[ 2546.141005] R10: ffffffff81eeaa63 R11: 0000000000000001 R12: 0000000000000000
[ 2546.142079] R13: ffff88802089fc28 R14: ffff88802089fc38 R15: 0000000000001032
[ 2546.143087]  ? mls_range_isvalid+0x233/0x2b0
[ 2546.143732]  __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 2546.144474]  mls_range_isvalid+0x233/0x2b0
[ 2546.145077]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 2546.145874]  mls_context_isvalid+0x71/0x340
[ 2546.146486]  policydb_context_isvalid+0x31b/0x3d0
[ 2546.147158]  security_compute_sid.part.0+0x90f/0x1670
[ 2546.147944]  ? security_compute_validatetrans.part.0+0x8f0/0x8f0
[ 2546.148813]  ? lockdep_hardirqs_on_prepare+0x400/0x400
[ 2546.149569]  ? lockdep_hardirqs_on_prepare+0x400/0x400
[ 2546.150346]  ? find_held_lock+0x2c/0x110
[ 2546.150915]  ? lock_release+0x3b2/0x6f0
[ 2546.151439]  security_transition_sid+0xc0/0x190
[ 2546.152048]  selinux_socket_post_create+0x4df/0x7f0
[ 2546.152725]  ? selinux_getprocattr+0x7c0/0x7c0
[ 2546.153348]  ? tcp_v4_send_reset+0x1e10/0x1e10
[ 2546.154016]  security_socket_post_create+0x6a/0xd0
[ 2546.154678]  __sock_create+0x63a/0x750
[ 2546.155159]  __sys_socket+0xef/0x200
[ 2546.155604]  ? compat_sock_ioctl+0x590/0x590
[ 2546.156166]  __x64_sys_socket+0x6f/0xb0
[ 2546.156692]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2546.157355]  do_syscall_64+0x3b/0x90
[ 2546.157895]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2546.158556] RIP: 0033:0x7f40f4030197
[ 2546.159037] Code: f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 b8 29 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2546.161565] RSP: 002b:00007ffe1d71ffa8 EFLAGS: 00000202 ORIG_RAX: 0000000000000029
[ 2546.162861] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f40f4030197
[ 2546.163913] RDX: 0000000000000006 RSI: 0000000000000001 RDI: 0000000000000002
[ 2546.164898] RBP: 00007ffe1d71ffd0 R08: 0000000000000000 R09: 00007ffe1d720530
[ 2546.165989] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000032
[ 2546.166995] R13: 0000000000000000 R14: 0000000000000002 R15: 00007f40f4111d20
[ 2546.167949]  </TASK>
08:59:14 executing program 5:
syz_usb_control_io$cdc_ncm(0xffffffffffffffff, &(0x7f0000000240)={0x14, &(0x7f0000000140)={0x20, 0xe, 0x7d, {0x7d, 0x22, "73f43c13e742e5f72a00d653f6b00df95bd8175e038ee2b8774440930c5006448c570e48953181dfd5063fb4955ccc8afd9cf512777e90bbdd47f1919a61f16d31b06123685c9e1ddec0a40e9dbdf40c7d7ba41a812ac397a1b8c40e2f96b51c797aca8cd9bc5de2c2cf8827c615f2de6111b674ca721c8785a78c"}}, &(0x7f0000000200)={0x0, 0x3, 0x1a, {0x1a}}}, &(0x7f0000000680)={0x44, &(0x7f0000000440)={0x20, 0x6, 0xd5, "0d9f189452d1ac8ae737fba5ac44b230d097c7b7576a94dc764366a21aa27ea22bc0c3c58b9957e2170eff4e6de490ab502554480d814add945cf81e415d94e13a6e0cc69436bc4d7aeabec151879c0c58c0e16419fcc0388bb813c0285c3fbcd86fc8762a8c0ffeb73d3a6e733f3cca1d4df2d5f46bfa842a8a48b81eab36ababb58b78ca26c46b38224be5a160fb5227bf3d832d1d2b9b69de60f7aac03149d6fa7fd24c0677511269b59d1106777b652038e3416c5b060b17f8d17ea50c3b7b6e2d4f9b22da06d967c0d0d366417cc23de2e93d"}, &(0x7f0000000280)={0x0, 0xa, 0x1, 0x40}, &(0x7f0000000300)={0x0, 0x8, 0x1, 0x1}, &(0x7f0000000340)={0x20, 0x80, 0x1c, {0x0, 0xfbff, 0x987d, 0x20, 0x8, 0x1f, 0xffff, 0x5, 0x1ff, 0x5, 0x4, 0x3}}, &(0x7f0000000380)={0x20, 0x85, 0x4, 0x5}, &(0x7f0000000540)={0x20, 0x83, 0x2, 0x1}, &(0x7f0000000580)={0x20, 0x87, 0x2, 0x2}, &(0x7f00000005c0)={0x20, 0x89, 0x2}})
socketpair$unix(0x1, 0x5, 0x0, 0x0)
sendmsg$unix(0xffffffffffffffff, 0x0, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
pwritev(r0, &(0x7f0000000640)=[{&(0x7f00000002c0)="19", 0x1}], 0x1, 0x8000000, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0)
r2 = socket$inet6(0xa, 0x1, 0x0)
sendmsg$NL80211_CMD_STOP_AP(0xffffffffffffffff, &(0x7f0000001600)={0x0, 0x0, &(0x7f00000015c0)={&(0x7f0000001580)={0x1c, 0x0, 0x1, 0x0, 0x0, {{}, {@val={0x8}, @void}}}, 0x1c}}, 0x0)
ioctl$FS_IOC_GETFLAGS(0xffffffffffffffff, 0x80086601, &(0x7f00000000c0))
bind$inet6(r2, &(0x7f00000002c0)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c)
recvfrom(r2, &(0x7f00000003c0)=""/87, 0x20010397, 0x300, 0x0, 0x0)
sendfile(r2, r1, 0x0, 0xfffffdef)
readv(0xffffffffffffffff, &(0x7f0000000d40)=[{&(0x7f0000000700)=""/217, 0xd9}, {&(0x7f0000000800)=""/210, 0xd2}, {&(0x7f0000000900)=""/205, 0xcd}, {&(0x7f0000000a00)=""/160, 0xa0}, {&(0x7f0000000ac0)=""/255, 0xff}, {&(0x7f0000001640)=""/102400, 0x19000}, {&(0x7f0000000600)=""/32, 0x20}, {&(0x7f0000000c40)=""/247, 0xf7}], 0x8)
openat$cgroup_freezer_state(0xffffffffffffffff, 0x0, 0x2, 0x0)
close(0xffffffffffffffff)
syz_genetlink_get_family_id$nl80211(&(0x7f0000001540), 0xffffffffffffffff)
sendmsg$NL80211_CMD_STOP_AP(0xffffffffffffffff, &(0x7f0000001600)={0x0, 0x0, &(0x7f00000015c0)={&(0x7f0000001580)={0x1c, 0x0, 0x1, 0x0, 0x0, {{}, {@val={0x8}, @void}}}, 0x1c}}, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000040), &(0x7f0000000080)=0xc)
syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x2200)

08:59:14 executing program 1:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{&(0x7f0000000040)=""/35, 0x23}, {0x0, 0x2}, {&(0x7f0000000300)=""/165, 0xa5}], 0x3, 0x5, 0x0)

08:59:14 executing program 2:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NLBL_MGMT_C_VERSION(r0, &(0x7f00000001c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x24, 0x0, 0x100, 0x70bd25, 0x25dfdbfd, {}, [@NLBL_MGMT_A_PROTOCOL={0x8}, @NLBL_MGMT_A_FAMILY={0x6, 0xb, 0x1}]}, 0x24}, 0x1, 0x0, 0x0, 0x4001}, 0x4080)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$netlbl_cipso(&(0x7f0000000340), r1)
sendmsg$NLBL_CIPSOV4_C_LIST(r1, &(0x7f0000000c80)={0x0, 0x0, &(0x7f0000000c40)={&(0x7f0000000980)={0x18, r2, 0x1, 0x0, 0x0, {}, [@NLBL_CIPSOV4_A_MLSLVLLST={0x4}]}, 0x18}}, 0x0)
ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000180)={'wpan0\x00', <r3=>0x0})
r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000780), r5)
sendmsg$IEEE802154_LLSEC_SETPARAMS(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000400)={0x24, r6, 0x10d, 0x0, 0x0, {}, [@IEEE802154_ATTR_DEV_INDEX={0x8, 0x2, r3}, @IEEE802154_ATTR_LLSEC_SECLEVEL={0x5, 0x2a, 0x20}]}, 0x24}}, 0x0)
ioctl$sock_SIOCGIFINDEX_802154(r1, 0x8933, &(0x7f0000000400)={'wpan4\x00', <r7=>0x0})
sendmsg$NL802154_CMD_DEL_SEC_DEV(r0, &(0x7f0000000500)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f00000004c0)={&(0x7f0000000440)={0x44, 0x0, 0x300, 0x70bd25, 0x25dfdbfc, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x100000001}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r3}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r7}, @NL802154_ATTR_IFINDEX={0x8}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x100000001}]}, 0x44}}, 0x4)
r8 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r9 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000080), r8)
sendmsg$NLBL_MGMT_C_ADD(r8, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)={0x4c, r9, 0x1, 0x0, 0x0, {}, [@NLBL_MGMT_A_DOMAIN={0x6, 0x1, '%\x00'}, @NLBL_MGMT_A_IPV6ADDR={0x14, 0x5, @local}, @NLBL_MGMT_A_IPV6MASK={0x14, 0x6, @mcast1}, @NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x5}]}, 0x4c}, 0x1, 0x700000000000000}, 0x0)
sendmsg$NLBL_MGMT_C_REMOVE(r1, &(0x7f0000000300)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000240)={0x64, r9, 0x30, 0x70bd29, 0x25dfdbfe, {}, [@NLBL_MGMT_A_IPV6ADDR={0x14, 0x5, @loopback}, @NLBL_MGMT_A_IPV4ADDR={0x8, 0x7, @loopback}, @NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x5}, @NLBL_MGMT_A_IPV4MASK={0x8, 0x8, @private=0xa010100}, @NLBL_MGMT_A_CLPDOI={0x8}, @NLBL_MGMT_A_FAMILY={0x6, 0xb, 0x2b}, @NLBL_MGMT_A_IPV6MASK={0x14, 0x6, @private0}]}, 0x64}, 0x1, 0x0, 0x0, 0x4}, 0x0)
add_key$fscrypt_v1(&(0x7f0000000040), &(0x7f0000000080)={'fscrypt:', @desc4}, &(0x7f00000000c0)={0x0, "13199de0bbe5bf0b1ca3f92d776a2d694b0e24589b8eec41fa1cff1a5d57b9aef9116a330909c3461d0f7a82f842a3885149ad018f2c60470600e5d48346b334"}, 0x48, 0xffffffffffffffff)
clone3(&(0x7f0000001500)={0x142100100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[0xffffffffffffffff], 0x1}, 0x58)

08:59:14 executing program 7:
openat$sndseq(0xffffffffffffff9c, 0x0, 0x0)
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{0x0}, {&(0x7f0000000300)=""/165, 0xa5}], 0x2, 0x68, 0x0)

08:59:14 executing program 3:
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(0xffffffffffffffff, 0xc0189373, &(0x7f0000000000)={{0x1, 0x1, 0x18, <r0=>0xffffffffffffffff, {0x1}}, './file0\x00'})
sendmsg$IPVS_CMD_GET_CONFIG(r0, &(0x7f0000000200)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x4010000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000100)={0xa8, 0x0, 0x300, 0x70bd27, 0x25dfdbfe, {}, [@IPVS_CMD_ATTR_DEST={0x64, 0x2, 0x0, 0x1, [@IPVS_DEST_ATTR_ADDR_FAMILY={0x6, 0xb, 0x2}, @IPVS_DEST_ATTR_FWD_METHOD={0x8, 0x3, 0x4}, @IPVS_DEST_ATTR_PORT={0x6, 0x2, 0x4e24}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x6, 0xb, 0xa}, @IPVS_DEST_ATTR_ADDR={0x14, 0x1, @ipv6=@private2}, @IPVS_DEST_ATTR_PORT={0x6, 0x2, 0x4e22}, @IPVS_DEST_ATTR_L_THRESH={0x8, 0x6, 0x6}, @IPVS_DEST_ATTR_INACT_CONNS={0x8, 0x8, 0x6}, @IPVS_DEST_ATTR_ADDR={0x14, 0x1, @ipv4=@rand_addr=0x64010100}]}, @IPVS_CMD_ATTR_DEST={0x30, 0x2, 0x0, 0x1, [@IPVS_DEST_ATTR_U_THRESH={0x8, 0x5, 0xd1}, @IPVS_DEST_ATTR_ADDR={0x14, 0x1, @ipv4=@broadcast}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x6, 0xb, 0x2}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x6, 0xb, 0xa}]}]}, 0xa8}, 0x1, 0x0, 0x0, 0x4000}, 0x42)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r1, &(0x7f00000000c0)={0x2, 0x0, @empty}, 0x10)
bind$inet(r1, &(0x7f0000000040)={0x2, 0x0, @empty}, 0x10)

08:59:14 executing program 6:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{&(0x7f0000000040)=""/35, 0x23}, {0x0}, {&(0x7f0000000300)=""/165, 0xa5}], 0xfa4, 0x0, 0x0)

08:59:30 executing program 4:
syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='proc\x00', 0x0, 0x0)
chroot(&(0x7f0000000040)='./file0\x00')
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/kexec_crash_size', 0x0, 0x0)
umount2(&(0x7f0000000180)='./file0\x00', 0x0)
mount(&(0x7f0000000140)=@nullb, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000200)='sysfs\x00', 0x8000, &(0x7f0000000240)='\x00')

08:59:30 executing program 2:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NLBL_MGMT_C_VERSION(r0, &(0x7f00000001c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x24, 0x0, 0x100, 0x70bd25, 0x25dfdbfd, {}, [@NLBL_MGMT_A_PROTOCOL={0x8}, @NLBL_MGMT_A_FAMILY={0x6, 0xb, 0x1}]}, 0x24}, 0x1, 0x0, 0x0, 0x4001}, 0x4080)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$netlbl_cipso(&(0x7f0000000340), r1)
sendmsg$NLBL_CIPSOV4_C_LIST(r1, &(0x7f0000000c80)={0x0, 0x0, &(0x7f0000000c40)={&(0x7f0000000980)={0x18, r2, 0x1, 0x0, 0x0, {}, [@NLBL_CIPSOV4_A_MLSLVLLST={0x4}]}, 0x18}}, 0x0)
ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000180)={'wpan0\x00', <r3=>0x0})
r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000780), r5)
sendmsg$IEEE802154_LLSEC_SETPARAMS(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000400)={0x24, r6, 0x10d, 0x0, 0x0, {}, [@IEEE802154_ATTR_DEV_INDEX={0x8, 0x2, r3}, @IEEE802154_ATTR_LLSEC_SECLEVEL={0x5, 0x2a, 0x20}]}, 0x24}}, 0x0)
ioctl$sock_SIOCGIFINDEX_802154(r1, 0x8933, &(0x7f0000000400)={'wpan4\x00', <r7=>0x0})
sendmsg$NL802154_CMD_DEL_SEC_DEV(r0, &(0x7f0000000500)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f00000004c0)={&(0x7f0000000440)={0x44, 0x0, 0x300, 0x70bd25, 0x25dfdbfc, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x100000001}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r3}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r7}, @NL802154_ATTR_IFINDEX={0x8}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x100000001}]}, 0x44}}, 0x4)
r8 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r9 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000080), r8)
sendmsg$NLBL_MGMT_C_ADD(r8, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)={0x4c, r9, 0x1, 0x0, 0x0, {}, [@NLBL_MGMT_A_DOMAIN={0x6, 0x1, '%\x00'}, @NLBL_MGMT_A_IPV6ADDR={0x14, 0x5, @local}, @NLBL_MGMT_A_IPV6MASK={0x14, 0x6, @mcast1}, @NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x5}]}, 0x4c}, 0x1, 0x700000000000000}, 0x0)
sendmsg$NLBL_MGMT_C_REMOVE(r1, &(0x7f0000000300)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000240)={0x64, r9, 0x30, 0x70bd29, 0x25dfdbfe, {}, [@NLBL_MGMT_A_IPV6ADDR={0x14, 0x5, @loopback}, @NLBL_MGMT_A_IPV4ADDR={0x8, 0x7, @loopback}, @NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x5}, @NLBL_MGMT_A_IPV4MASK={0x8, 0x8, @private=0xa010100}, @NLBL_MGMT_A_CLPDOI={0x8}, @NLBL_MGMT_A_FAMILY={0x6, 0xb, 0x2b}, @NLBL_MGMT_A_IPV6MASK={0x14, 0x6, @private0}]}, 0x64}, 0x1, 0x0, 0x0, 0x4}, 0x0)
add_key$fscrypt_v1(&(0x7f0000000040), &(0x7f0000000080)={'fscrypt:', @desc4}, &(0x7f00000000c0)={0x0, "13199de0bbe5bf0b1ca3f92d776a2d694b0e24589b8eec41fa1cff1a5d57b9aef9116a330909c3461d0f7a82f842a3885149ad018f2c60470600e5d48346b334"}, 0x48, 0xffffffffffffffff)
clone3(&(0x7f0000001500)={0x142100100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[0xffffffffffffffff], 0x1}, 0x58)

08:59:30 executing program 6:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{&(0x7f0000000040)=""/35, 0x23}, {0x0}, {&(0x7f0000000300)=""/165, 0xa5}], 0x3, 0x0, 0x0)

08:59:30 executing program 7:
openat$sndseq(0xffffffffffffff9c, 0x0, 0x0)
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{0x0}, {&(0x7f0000000300)=""/165, 0xa5}], 0x2, 0x6c, 0x0)

08:59:30 executing program 1:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{&(0x7f0000000040)=""/35, 0x23}, {0x0, 0x2}, {&(0x7f0000000300)=""/165, 0xa5}], 0x3, 0x6, 0x0)

08:59:30 executing program 0:
perf_event_open$cgroup(&(0x7f0000000c00)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x74, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

08:59:30 executing program 5:
socketpair$unix(0x1, 0x5, 0x0, 0x0)
sendmsg$unix(0xffffffffffffffff, 0x0, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
pwritev(r0, &(0x7f0000000640)=[{&(0x7f00000002c0)="19", 0x1}], 0x1, 0x8000000, 0x0)
sendmsg$unix(0xffffffffffffffff, &(0x7f0000000d00)={&(0x7f00000001c0)=@abs={0x1, 0x0, 0x4e24}, 0x6e, &(0x7f0000000340)=[{&(0x7f0000000240)="b3d41833cb34dd5578e5cd13374abfd6fb54a049dd355749299adf83e87a2e1dde37bfca57e7cb7b31c24d0b32dcdca364d7e8bc0be2b652b772f1bf81cae08816326f7f218d67a096fe96066755d9549ed8c280a4e42633db4d2be669f1", 0x5e}, {&(0x7f0000000440)="0236b607c232b8623716e2498a4baff713b6b7dfe1f4ea4955bdca035c6731bf0e1abae5bfc25aacb5a0673a3825444dca133cd349fb4c1e68996d234fec843ea34f80f7d731aa8da3ce5bd49d1bf84e4dfc8ac080d23607bdb414b695851debbe8e38c6e69faf386f0efc68371cfc91cd0615181c98d3e582bedabeda31c8ee2499d1c95190750398523f9c754ec28d627bc45aec5f1392c4a0e6359fe022888719b1f2ea92b66ae56f8ad4866e94d1aa929593dd1bc19b2eb65a21cac1a0b66d0336ceca5655eb1c3acd9aa2aed226227400d91bc4bb84c0f499fc753af20e734cbb9b4fc2b4672123d5de54ce8c81844e", 0xf2}, {&(0x7f0000000300)="9ffbcbe50e29bdc065f7396e0db83afa5e1da3a79bba06d1b674066401f145aa1f00e08bc375211dd06ccf332dc5cf5b", 0x30}, {&(0x7f0000000540)="201d6dfc0ef25d976387550535d4a640ac6bba4a25d3dbcb50888e2f3732ec8a041072e2ebaed30cf968850fba83d420e92e7edfb722e55ae98cd84e0ac62626712ac2f5dfb4fb0cd251eb393969bb5ebd7ebfc7459c7e0957aa769d2a6c6e6755b0ade362fc5ea9b34c7c64371c6089cb85ae60a6eab9c7634637cf9f735dce9aa61e881f0791ff4ee7cb916f91963b862175daf5e4056ceaec7b6727925ac0ef2ac188cf15601fcd3f2a19eff99c24e89e06e725", 0xb5}, {&(0x7f0000000680)="ee2bf7435d8fd3b6436d5998daf261017b9739f36211e4f205b038ed74b381619ab7192a718617e198f845747d96614cd9b8ebee914387b8832a843434ee95abc52e59d8102650c22d97f551fdc03544b8f039a786ae96dca7df9f38dd97089007e2a8e26cd56ba5d6b2d210247971b38ed02d73556b0d3ab5ea7964dd3aa0d542b070484272e60b36cb78082b661af910a16bb942f50f7ce43b2d1e5d11740a278d37aafb941671ff24b8f8ec8ae9491d937dc099778ad700c3d4fdd0e63b02f834445395e1a90458275a4b7c9e3906c4ee06b8a1d57b1b82af5db40d3cf24f8d86adb1311fc9", 0xe7}], 0x5, &(0x7f0000000c00)=[@cred={{0x1c, 0x1, 0x2, {0x0, 0xffffffffffffffff}}}, @rights={{0x24, 0x1, 0x1, [r0, r0, 0xffffffffffffffff, r0, 0xffffffffffffffff]}}, @rights={{0x30, 0x1, 0x1, [r0, 0xffffffffffffffff, r0, 0xffffffffffffffff, 0xffffffffffffffff, r0, 0xffffffffffffffff, r0]}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, r0, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x2c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, r0, 0xffffffffffffffff, r0]}}], 0xd0}, 0x4c480)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0)
r2 = socket$inet6(0xa, 0x1, 0x0)
bind$inet6(r2, &(0x7f00000002c0)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c)
mount$bind(&(0x7f00000000c0)='./file1\x00', &(0x7f0000000140)='./file1/file0\x00', &(0x7f0000000180), 0x28, 0x0)
recvfrom(r2, &(0x7f00000003c0)=""/87, 0x20010397, 0x300, 0x0, 0x0)
sendfile(r2, r1, 0x0, 0xfffffdef)
readv(0xffffffffffffffff, &(0x7f0000000040), 0x0)
openat$cgroup_freezer_state(0xffffffffffffffff, 0x0, 0x2, 0x0)
close(0xffffffffffffffff)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000001540), 0xffffffffffffffff)
sendmsg$NL80211_CMD_STOP_AP(r3, &(0x7f0000001600)={0x0, 0x0, &(0x7f00000015c0)={&(0x7f0000001580)={0x1c, 0x0, 0x1, 0x0, 0x0, {{}, {@val={0x8}, @void}}}, 0x1c}}, 0x0)
getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000000040), &(0x7f0000000080)=0xc)
syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x2200)

08:59:30 executing program 3:
r0 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r0, &(0x7f00000000c0)={0x2, 0x0, @broadcast}, 0x10)
bind$inet(r0, &(0x7f0000000040)={0x2, 0x0, @empty}, 0x10)

[ 2561.842131] Call Trace:
[ 2561.842714]  <TASK>
[ 2561.843163]  ? x86_pmu_start+0x1c0/0x240
[ 2561.843992]  x86_pmu_enable+0x580/0xd90
[ 2561.844787]  ? amd_pmu_disable_virt+0xa0/0xa0
[ 2561.845730]  ctx_resched+0x2b9/0x3a0
[ 2561.846508]  __perf_install_in_context+0x285/0xa40
[ 2561.847491]  ? ctx_resched+0x3a0/0x3a0
[ 2561.848270]  remote_function+0x125/0x1b0
[ 2561.849086]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 2561.850184]  ? perf_duration_warn+0x40/0x40
[ 2561.851056]  generic_exec_single+0x203/0x300
[ 2561.851935]  smp_call_function_single+0x189/0x460
[ 2561.852889]  ? perf_duration_warn+0x40/0x40
[ 2561.853755]  ? generic_exec_single+0x300/0x300
[ 2561.854665]  ? perf_duration_warn+0x40/0x40
[ 2561.855537]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 2561.856814]  ? lock_is_held_type+0xd7/0x130
[ 2561.857971]  perf_install_in_context+0x4da/0x590
[ 2561.859228]  ? list_add_event+0xeb0/0xeb0
[ 2561.860319]  ? ctx_resched+0x3a0/0x3a0
[ 2561.861357]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 2561.862817]  ? exclusive_event_installable+0x254/0x320
[ 2561.864224]  __do_sys_perf_event_open+0x1bf0/0x3040
[ 2561.865568]  ? __up_read+0x192/0x710
[ 2561.866572]  ? perf_remove_from_context+0x260/0x260
[ 2561.867879]  ? up_write+0x460/0x460
[ 2561.868870]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2561.870247]  do_syscall_64+0x3b/0x90
[ 2561.871220]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2561.872571] RIP: 0033:0x7f750a357b19
[ 2561.873523] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2561.878301] RSP: 002b:00007f75078cd188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a
[ 2561.880263] RAX: ffffffffffffffda RBX: 00007f750a46af60 RCX: 00007f750a357b19
[ 2561.882114] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000c00
[ 2561.883954] RBP: 00007f750a3b1f6d R08: 0000000000000000 R09: 0000000000000000
[ 2561.885793] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000000
[ 2561.887630] R13: 00007ffc8fa2e86f R14: 00007f75078cd300 R15: 0000000000022000
[ 2561.889488]  </TASK>
08:59:30 executing program 7:
openat$sndseq(0xffffffffffffff9c, 0x0, 0x0)
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{0x0}, {&(0x7f0000000300)=""/165, 0xa5}], 0x2, 0x74, 0x0)

08:59:30 executing program 1:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{&(0x7f0000000040)=""/35, 0x23}, {0x0, 0x2}, {&(0x7f0000000300)=""/165, 0xa5}], 0x3, 0x7, 0x0)

08:59:30 executing program 4:
syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='proc\x00', 0x0, 0x0)
chroot(&(0x7f0000000040)='./file0\x00')
listxattr(&(0x7f0000000140)='./file2\x00', &(0x7f00000001c0)=""/133, 0x85)
r0 = fsopen(&(0x7f0000000080)='hugetlbfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
r1 = fsmount(r0, 0x0, 0x0)
mknodat$null(r1, &(0x7f0000000040)='./file0\x00', 0x2000, 0x103)
statx(r1, &(0x7f0000000280)='./file1\x00', 0x4000, 0x400, &(0x7f00000002c0))
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/kexec_crash_size', 0x0, 0x0)
umount2(&(0x7f0000000180)='./file2\x00', 0x4)

[ 2562.062291] Call Trace:
[ 2562.062921]  <TASK>
[ 2562.063375]  x86_pmu_stop+0x149/0x330
[ 2562.064152]  x86_pmu_del+0x1be/0x610
[ 2562.064904]  event_sched_out+0x2ed/0xe80
[ 2562.065723]  __perf_remove_from_context+0x87/0xbe0
[ 2562.066730]  event_function+0x297/0x3d0
[ 2562.067530]  ? perf_uprobe_event_init+0x1c0/0x1c0
[ 2562.068516]  remote_function+0x125/0x1b0
[ 2562.069363]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 2562.070502]  ? perf_duration_warn+0x40/0x40
[ 2562.071393]  generic_exec_single+0x203/0x300
[ 2562.072297]  smp_call_function_single+0x189/0x460
[ 2562.073306]  ? perf_duration_warn+0x40/0x40
[ 2562.074214]  ? generic_exec_single+0x300/0x300
[ 2562.075156]  ? perf_duration_warn+0x40/0x40
[ 2562.076047]  ? lock_is_held_type+0xd7/0x130
[ 2562.076929]  event_function_call+0x3d0/0x430
[ 2562.077840]  ? perf_group_detach+0x11b0/0x11b0
[ 2562.078810]  ? perf_copy_attr+0x9c0/0x9c0
[ 2562.079631]  ? lock_release+0x3b2/0x6f0
[ 2562.080419]  ? perf_group_detach+0x11b0/0x11b0
[ 2562.081334]  ? perf_uprobe_event_init+0x1c0/0x1c0
[ 2562.082336]  ? _raw_spin_unlock_irq+0x1f/0x40
[ 2562.083226]  perf_remove_from_context+0x12e/0x260
[ 2562.084216]  perf_event_release_kernel+0x153/0x7f0
[ 2562.085257]  ? lock_is_held_type+0xd7/0x130
[ 2562.086140]  ? perf_pmu_migrate_context+0xae0/0xae0
[ 2562.087129]  ? lock_is_held_type+0xd7/0x130
[ 2562.087995]  perf_release+0x33/0x40
[ 2562.088722]  __fput+0x272/0x9d0
[ 2562.089371]  ? perf_event_release_kernel+0x7f0/0x7f0
[ 2562.090392]  task_work_run+0xe2/0x1a0
[ 2562.091168]  exit_to_user_mode_prepare+0x199/0x1a0
[ 2562.092147]  syscall_exit_to_user_mode+0x19/0x50
[ 2562.093086]  do_syscall_64+0x48/0x90
[ 2562.093821]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2562.094855] RIP: 0033:0x7f750a30a72b
[ 2562.095589] Code: 0f 05 48 3d 00 f0 ff ff 77 45 c3 0f 1f 40 00 48 83 ec 18 89 7c 24 0c e8 63 fc ff ff 8b 7c 24 0c 41 89 c0 b8 03 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 35 44 89 c7 89 44 24 0c e8 a1 fc ff ff 8b 44
[ 2562.099278] RSP: 002b:00007ffc8fa2e8d0 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[ 2562.100790] RAX: 0000000000000000 RBX: 0000000000000004 RCX: 00007f750a30a72b
[ 2562.102207] RDX: 0000000000000000 RSI: ffffffff8411f74e RDI: 0000000000000003
[ 2562.103610] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000001b30c2001c
[ 2562.105007] R10: 0000000000000f41 R11: 0000000000000293 R12: 00007f750a46bb60
[ 2562.106413] R13: 00007f750a46bb60 R14: 00007f750a46af60 R15: 00000000002716be
[ 2562.107830]  ? syscall_exit_to_user_mode+0x1e/0x50
[ 2562.108808]  </TASK>
[ 2562.175575] Call Trace:
[ 2562.176179]  <TASK>
[ 2562.176634]  ? x86_pmu_start+0x1c0/0x240
[ 2562.177470]  x86_pmu_enable+0x580/0xd90
[ 2562.178282]  ? amd_pmu_disable_virt+0xa0/0xa0
[ 2562.179212]  ctx_resched+0x2b9/0x3a0
[ 2562.179967]  __perf_install_in_context+0x285/0xa40
[ 2562.180952]  ? ctx_resched+0x3a0/0x3a0
[ 2562.181734]  remote_function+0x125/0x1b0
[ 2562.182577]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 2562.183679]  ? perf_duration_warn+0x40/0x40
[ 2562.184546]  generic_exec_single+0x203/0x300
[ 2562.185432]  smp_call_function_single+0x189/0x460
[ 2562.186400]  ? perf_duration_warn+0x40/0x40
[ 2562.187270]  ? generic_exec_single+0x300/0x300
[ 2562.188188]  ? perf_duration_warn+0x40/0x40
[ 2562.189070]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 2562.190176]  ? lock_is_held_type+0xd7/0x130
[ 2562.191052]  perf_install_in_context+0x4da/0x590
[ 2562.191999]  ? list_add_event+0xeb0/0xeb0
[ 2562.192829]  ? ctx_resched+0x3a0/0x3a0
[ 2562.193605]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 2562.194745]  ? exclusive_event_installable+0x254/0x320
[ 2562.195812]  __do_sys_perf_event_open+0x1bf0/0x3040
[ 2562.196834]  ? perf_remove_from_context+0x260/0x260
[ 2562.197825]  ? xfd_validate_state+0x59/0x180
[ 2562.198746]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2562.199776]  do_syscall_64+0x3b/0x90
[ 2562.200514]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2562.201542] RIP: 0033:0x7f750a357b19
[ 2562.202287] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2562.205967] RSP: 002b:00007f75078cd188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a
[ 2562.207466] RAX: ffffffffffffffda RBX: 00007f750a46af60 RCX: 00007f750a357b19
[ 2562.208899] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000c00
[ 2562.210328] RBP: 00007f750a3b1f6d R08: 0000000000000000 R09: 0000000000000000
[ 2562.211751] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000000
[ 2562.213185] R13: 00007ffc8fa2e86f R14: 00007f75078cd300 R15: 0000000000022000
[ 2562.214649]  </TASK>
[ 2562.216502] Call Trace:
[ 2562.217040]  <TASK>
[ 2562.217496]  x86_pmu_stop+0x149/0x330
[ 2562.218303]  x86_pmu_del+0x1be/0x610
[ 2562.219068]  event_sched_out+0x2ed/0xe80
[ 2562.219897]  __perf_remove_from_context+0x87/0xbe0
[ 2562.220900]  event_function+0x297/0x3d0
[ 2562.221695]  ? perf_uprobe_event_init+0x1c0/0x1c0
[ 2562.222670]  remote_function+0x125/0x1b0
[ 2562.223490]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 2562.224585]  ? perf_duration_warn+0x40/0x40
[ 2562.225451]  generic_exec_single+0x203/0x300
[ 2562.226355]  smp_call_function_single+0x189/0x460
[ 2562.227317]  ? perf_duration_warn+0x40/0x40
[ 2562.228185]  ? generic_exec_single+0x300/0x300
[ 2562.229098]  ? perf_duration_warn+0x40/0x40
[ 2562.229993]  ? lock_is_held_type+0xd7/0x130
[ 2562.230859]  event_function_call+0x3d0/0x430
[ 2562.231740]  ? perf_group_detach+0x11b0/0x11b0
[ 2562.232652]  ? perf_copy_attr+0x9c0/0x9c0
[ 2562.233483]  ? lock_release+0x3b2/0x6f0
[ 2562.234281]  ? perf_group_detach+0x11b0/0x11b0
[ 2562.235212]  ? perf_uprobe_event_init+0x1c0/0x1c0
[ 2562.236174]  ? _raw_spin_unlock_irq+0x1f/0x40
[ 2562.237087]  perf_remove_from_context+0x12e/0x260
[ 2562.238069]  perf_event_release_kernel+0x153/0x7f0
[ 2562.239053]  ? lock_is_held_type+0xd7/0x130
[ 2562.239915]  ? perf_pmu_migrate_context+0xae0/0xae0
[ 2562.240918]  ? lock_is_held_type+0xd7/0x130
[ 2562.241788]  perf_release+0x33/0x40
[ 2562.242539]  __fput+0x272/0x9d0
[ 2562.243199]  ? perf_event_release_kernel+0x7f0/0x7f0
[ 2562.244223]  task_work_run+0xe2/0x1a0
[ 2562.245008]  exit_to_user_mode_prepare+0x199/0x1a0
[ 2562.246011]  syscall_exit_to_user_mode+0x19/0x50
[ 2562.246951]  do_syscall_64+0x48/0x90
[ 2562.247695]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2562.248729] RIP: 0033:0x7f750a30a72b
[ 2562.249473] Code: 0f 05 48 3d 00 f0 ff ff 77 45 c3 0f 1f 40 00 48 83 ec 18 89 7c 24 0c e8 63 fc ff ff 8b 7c 24 0c 41 89 c0 b8 03 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 35 44 89 c7 89 44 24 0c e8 a1 fc ff ff 8b 44
[ 2562.253106] RSP: 002b:00007ffc8fa2e8d0 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[ 2562.254638] RAX: 0000000000000000 RBX: 0000000000000004 RCX: 00007f750a30a72b
[ 2562.256050] RDX: 00007f750a46fa68 RSI: 0000000000000080 RDI: 0000000000000003
[ 2562.257460] RBP: 0000000000000000 R08: 0000000000000000 R09: 00007f750a46fa70
[ 2562.258872] R10: 00007ffc8fa2e9c0 R11: 0000000000000293 R12: 0000000000271836
[ 2562.260273] R13: 00000000000003e8 R14: 00007f750a46af60 R15: 00000000002716be
[ 2562.261716]  </TASK>
08:59:51 executing program 1:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{&(0x7f0000000040)=""/35, 0x23}, {0x0, 0x2}, {&(0x7f0000000300)=""/165, 0xa5}], 0x3, 0xa, 0x0)

08:59:51 executing program 5:
socketpair$unix(0x1, 0x5, 0x0, 0x0)
sendmsg$unix(0xffffffffffffffff, 0x0, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
pwritev(r0, &(0x7f0000000640)=[{&(0x7f00000002c0)="19", 0x1}], 0x1, 0x8000000, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0)
r2 = socket$inet6(0xa, 0x1, 0x0)
bind$inet6(r2, &(0x7f00000002c0)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c)
recvfrom(r2, &(0x7f00000003c0)=""/87, 0x20010397, 0x300, 0x0, 0x0)
sendfile(r2, r1, 0x0, 0xfffffdef)
readv(0xffffffffffffffff, &(0x7f0000000040), 0x0)
openat$cgroup_freezer_state(0xffffffffffffffff, 0x0, 0x2, 0x0)
close(0xffffffffffffffff)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000001540), 0xffffffffffffffff)
sendmsg$NL80211_CMD_STOP_AP(r3, &(0x7f0000001600)={0x0, 0x0, &(0x7f00000015c0)={&(0x7f0000001580)={0x1c, 0x0, 0x1, 0x0, 0x0, {{}, {@val={0x8}, @void}}}, 0x1c}}, 0x0)
connect$inet6(r2, &(0x7f00000000c0)={0xa, 0x4e24, 0xaf, @mcast1, 0x8}, 0x1c)
getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000000040), &(0x7f0000000080)=0xc)
syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x2200)

[ 2583.753371] Call Trace:
[ 2583.753996]  <IRQ>
[ 2583.754469]  ? x86_pmu_start+0x1c0/0x240
[ 2583.755350]  x86_pmu_enable+0x580/0xd90
[ 2583.756201]  ? amd_pmu_disable_virt+0xa0/0xa0
[ 2583.757182]  ctx_resched+0x2b9/0x3a0
[ 2583.757985]  __perf_install_in_context+0x285/0xa40
[ 2583.759054]  ? lock_is_held_type+0xd7/0x130
[ 2583.759981]  ? ctx_resched+0x3a0/0x3a0
[ 2583.760814]  remote_function+0x125/0x1b0
[ 2583.761691]  flush_smp_call_function_queue+0x1df/0x610
[ 2583.762815]  ? perf_duration_warn+0x40/0x40
[ 2583.763746]  __sysvec_call_function_single+0x92/0x3a0
[ 2583.764833]  sysvec_call_function_single+0x89/0xc0
[ 2583.765867]  </IRQ>
[ 2583.766357]  <TASK>
[ 2583.766826]  asm_sysvec_call_function_single+0x12/0x20
[ 2583.767929] RIP: 0010:_raw_spin_unlock_irqrestore+0x2e/0x50
[ 2583.769116] Code: 48 83 c7 18 53 48 89 f3 48 8b 74 24 10 e8 7a 02 15 fd 48 89 ef e8 72 7f 15 fd 80 e7 02 74 06 e8 38 ae 36 fd fb bf 01 00 00 00 <e8> 6d 8b 0b fd 65 8b 05 e6 92 ee 7b 85 c0 74 03 5b 5d c3 0f 1f 44
[ 2583.772977] RSP: 0018:ffff8880081b7848 EFLAGS: 00000206
[ 2583.774084] RAX: 00000000004f39d1 RBX: 0000000000000246 RCX: ffffffff81283e5f
[ 2583.775597] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000001
[ 2583.777081] RBP: ffffffff852c2200 R08: 0000000000000001 R09: ffffffff86a3e7df
[ 2583.778594] R10: fffffbfff0d47cfb R11: 0000000000000001 R12: 0000000000000cc0
[ 2583.780082] R13: 0000000000000000 R14: 0000000000000cc0 R15: 0000000000000cc0
[ 2583.781587]  ? mark_lock.part.0+0xef/0x2f60
[ 2583.782514]  ? _raw_spin_unlock_irqrestore+0x28/0x50
[ 2583.783576]  kmem_cache_alloc+0x239/0x480
[ 2583.784460]  dup_fd+0x89/0xca0
[ 2583.785141]  ? audit_filter_inodes+0x40/0x40
[ 2583.786072]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 2583.787258]  ? security_task_alloc+0xe6/0x260
[ 2583.788212]  copy_process+0x2039/0x6d60
[ 2583.789058]  ? mark_lock.part.0+0xef/0x2f60
[ 2583.789968]  ? mark_lock.part.0+0xef/0x2f60
[ 2583.790892]  ? mark_lock.part.0+0xef/0x2f60
[ 2583.791826]  ? __cleanup_sighand+0xb0/0xb0
[ 2583.792735]  ? mark_lock.part.0+0xef/0x2f60
[ 2583.793650]  ? kernel_clone+0xc4/0xa60
[ 2583.794497]  kernel_clone+0xe7/0xa60
[ 2583.795297]  ? create_io_thread+0xf0/0xf0
[ 2583.796180]  ? lock_is_held_type+0xd7/0x130
[ 2583.797089]  ? find_held_lock+0x2c/0x110
[ 2583.797948]  ? lock_release+0x3b2/0x6f0
[ 2583.798838]  ? kernel_sigaction+0x143/0x220
[ 2583.799746]  ? umh_complete+0x90/0x90
[ 2583.800547]  kernel_thread+0xb5/0xf0
[ 2583.801335]  ? __ia32_sys_clone3+0x70/0x70
[ 2583.802226]  ? _raw_spin_unlock_irq+0x1f/0x40
[ 2583.803181]  ? umh_complete+0x90/0x90
[ 2583.803984]  ? lockdep_hardirqs_on_prepare+0x400/0x400
[ 2583.805093]  call_usermodehelper_exec_work+0x69/0x180
[ 2583.806169]  process_one_work+0xa1c/0x16a0
[ 2583.807110]  ? pwq_dec_nr_in_flight+0x2a0/0x2a0
[ 2583.808124]  ? rwlock_bug.part.0+0x90/0x90
[ 2583.809020]  ? _raw_spin_lock_irq+0x41/0x50
[ 2583.809957]  worker_thread+0x637/0x1250
[ 2583.810851]  ? process_one_work+0x16a0/0x16a0
[ 2583.811816]  kthread+0x2f2/0x3b0
[ 2583.812532]  ? kthread_complete_and_exit+0x40/0x40
[ 2583.813583]  ret_from_fork+0x22/0x30
[ 2583.814414]  </TASK>
[ 2583.825079] Call Trace:
[ 2583.825679]  <TASK>
[ 2583.826164]  x86_pmu_stop+0x149/0x330
[ 2583.826998]  x86_pmu_del+0x1be/0x610
[ 2583.827800]  event_sched_out+0x2ed/0xe80
[ 2583.828674]  __perf_remove_from_context+0x87/0xbe0
[ 2583.829722]  event_function+0x297/0x3d0
[ 2583.830603]  ? perf_uprobe_event_init+0x1c0/0x1c0
[ 2583.831623]  remote_function+0x125/0x1b0
[ 2583.832490]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 2583.833649]  ? perf_duration_warn+0x40/0x40
[ 2583.834585]  generic_exec_single+0x203/0x300
[ 2583.835535]  smp_call_function_single+0x189/0x460
[ 2583.836584]  ? perf_duration_warn+0x40/0x40
[ 2583.837516]  ? generic_exec_single+0x300/0x300
[ 2583.838527]  ? perf_duration_warn+0x40/0x40
[ 2583.839470]  ? lock_is_held_type+0xd7/0x130
[ 2583.840420]  event_function_call+0x3d0/0x430
[ 2583.841362]  ? perf_group_detach+0x11b0/0x11b0
[ 2583.842395]  ? perf_copy_attr+0x9c0/0x9c0
[ 2583.843279]  ? lock_release+0x3b2/0x6f0
[ 2583.844126]  ? perf_group_detach+0x11b0/0x11b0
[ 2583.845124]  ? perf_uprobe_event_init+0x1c0/0x1c0
[ 2583.846155]  ? _raw_spin_unlock_irq+0x1f/0x40
[ 2583.847137]  perf_remove_from_context+0x12e/0x260
[ 2583.848188]  perf_event_release_kernel+0x153/0x7f0
[ 2583.849267]  ? lock_is_held_type+0xd7/0x130
[ 2583.850204]  ? perf_pmu_migrate_context+0xae0/0xae0
[ 2583.851268]  ? lock_is_held_type+0xd7/0x130
[ 2583.852185]  perf_release+0x33/0x40
[ 2583.852977]  __fput+0x272/0x9d0
[ 2583.853692]  ? perf_event_release_kernel+0x7f0/0x7f0
[ 2583.854754]  task_work_run+0xe2/0x1a0
[ 2583.855603]  exit_to_user_mode_prepare+0x199/0x1a0
[ 2583.856666]  syscall_exit_to_user_mode+0x19/0x50
[ 2583.857614]  do_syscall_64+0x48/0x90
[ 2583.858433]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2583.859561] RIP: 0033:0x7f750a30a72b
[ 2583.860361] Code: 0f 05 48 3d 00 f0 ff ff 77 45 c3 0f 1f 40 00 48 83 ec 18 89 7c 24 0c e8 63 fc ff ff 8b 7c 24 0c 41 89 c0 b8 03 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 35 44 89 c7 89 44 24 0c e8 a1 fc ff ff 8b 44
[ 2583.864308] RSP: 002b:00007ffc8fa2e8d0 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[ 2583.865938] RAX: 0000000000000000 RBX: 0000000000000004 RCX: 00007f750a30a72b
[ 2583.867427] RDX: 0000000000000000 RSI: ffffffff81388253 RDI: 0000000000000003
[ 2583.869198] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000001b30c2001c
[ 2583.870747] R10: 0000000000000473 R11: 0000000000000293 R12: 00007f750a46bb60
[ 2583.872279] R13: 00007f750a46bb60 R14: 00007f750a46af60 R15: 0000000000276c4c
[ 2583.873830]  ? smp_call_function_single+0x193/0x460
[ 2583.874940]  </TASK>
08:59:51 executing program 0:
perf_event_open$cgroup(&(0x7f0000000c00)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

08:59:51 executing program 4:
syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='hpfs\x00', 0x0, 0x0)
chroot(&(0x7f0000000040)='./file0\x00')
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/kexec_crash_size', 0x0, 0x0)
umount2(&(0x7f0000000180)='./file0\x00', 0x0)

08:59:51 executing program 3:
r0 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r0, &(0x7f00000000c0)={0x2, 0x0, @loopback}, 0x10)
bind$inet(r0, &(0x7f0000000040)={0x2, 0x0, @empty}, 0x10)
r1 = openat$full(0xffffffffffffff9c, &(0x7f0000000000), 0x801c1, 0x0)
bind$inet(r1, &(0x7f0000000080)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x2d}}, 0x10)

08:59:51 executing program 6:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{&(0x7f0000000040)=""/35, 0x23}, {0x0}, {&(0x7f0000000300)=""/165, 0xa5}], 0x3, 0x2, 0x0)

08:59:51 executing program 7:
openat$sndseq(0xffffffffffffff9c, 0x0, 0x0)
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{0x0}, {&(0x7f0000000300)=""/165, 0xa5}], 0x2, 0x7a, 0x0)

08:59:51 executing program 2:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NLBL_MGMT_C_VERSION(r0, &(0x7f00000001c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x24, 0x0, 0x100, 0x70bd25, 0x25dfdbfd, {}, [@NLBL_MGMT_A_PROTOCOL={0x8}, @NLBL_MGMT_A_FAMILY={0x6, 0xb, 0x1}]}, 0x24}, 0x1, 0x0, 0x0, 0x4001}, 0x4080)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$netlbl_cipso(&(0x7f0000000340), r1)
sendmsg$NLBL_CIPSOV4_C_LIST(r1, &(0x7f0000000c80)={0x0, 0x0, &(0x7f0000000c40)={&(0x7f0000000980)={0x18, r2, 0x1, 0x0, 0x0, {}, [@NLBL_CIPSOV4_A_MLSLVLLST={0x4}]}, 0x18}}, 0x0)
ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000180)={'wpan0\x00', <r3=>0x0})
r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000780), r5)
sendmsg$IEEE802154_LLSEC_SETPARAMS(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000400)={0x24, r6, 0x10d, 0x0, 0x0, {}, [@IEEE802154_ATTR_DEV_INDEX={0x8, 0x2, r3}, @IEEE802154_ATTR_LLSEC_SECLEVEL={0x5, 0x2a, 0x20}]}, 0x24}}, 0x0)
ioctl$sock_SIOCGIFINDEX_802154(r1, 0x8933, &(0x7f0000000400)={'wpan4\x00', <r7=>0x0})
sendmsg$NL802154_CMD_DEL_SEC_DEV(r0, &(0x7f0000000500)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f00000004c0)={&(0x7f0000000440)={0x44, 0x0, 0x300, 0x70bd25, 0x25dfdbfc, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x100000001}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r3}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r7}, @NL802154_ATTR_IFINDEX={0x8}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x100000001}]}, 0x44}}, 0x4)
r8 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r9 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000080), r8)
sendmsg$NLBL_MGMT_C_ADD(r8, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)={0x4c, r9, 0x1, 0x0, 0x0, {}, [@NLBL_MGMT_A_DOMAIN={0x6, 0x1, '%\x00'}, @NLBL_MGMT_A_IPV6ADDR={0x14, 0x5, @local}, @NLBL_MGMT_A_IPV6MASK={0x14, 0x6, @mcast1}, @NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x5}]}, 0x4c}, 0x1, 0x700000000000000}, 0x0)
sendmsg$NLBL_MGMT_C_REMOVE(r1, &(0x7f0000000300)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000240)={0x64, r9, 0x30, 0x70bd29, 0x25dfdbfe, {}, [@NLBL_MGMT_A_IPV6ADDR={0x14, 0x5, @loopback}, @NLBL_MGMT_A_IPV4ADDR={0x8, 0x7, @loopback}, @NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x5}, @NLBL_MGMT_A_IPV4MASK={0x8, 0x8, @private=0xa010100}, @NLBL_MGMT_A_CLPDOI={0x8}, @NLBL_MGMT_A_FAMILY={0x6, 0xb, 0x2b}, @NLBL_MGMT_A_IPV6MASK={0x14, 0x6, @private0}]}, 0x64}, 0x1, 0x0, 0x0, 0x4}, 0x0)
add_key$fscrypt_v1(&(0x7f0000000040), &(0x7f0000000080)={'fscrypt:', @desc4}, &(0x7f00000000c0)={0x0, "13199de0bbe5bf0b1ca3f92d776a2d694b0e24589b8eec41fa1cff1a5d57b9aef9116a330909c3461d0f7a82f842a3885149ad018f2c60470600e5d48346b334"}, 0x48, 0xffffffffffffffff)
clone3(&(0x7f0000001500)={0x142100100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[0xffffffffffffffff], 0x1}, 0x58)

[ 2583.913576] Call Trace:
[ 2583.913990]  <TASK>
[ 2583.914305]  ? x86_pmu_start+0x1c0/0x240
[ 2583.914883]  x86_pmu_enable+0x580/0xd90
[ 2583.915436]  ? amd_pmu_disable_virt+0xa0/0xa0
[ 2583.916076]  ctx_resched+0x2b9/0x3a0
[ 2583.916608]  __perf_install_in_context+0x285/0xa40
[ 2583.917285]  ? ctx_resched+0x3a0/0x3a0
[ 2583.917852]  remote_function+0x125/0x1b0
[ 2583.918453]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 2583.919241]  ? perf_duration_warn+0x40/0x40
[ 2583.919845]  generic_exec_single+0x203/0x300
[ 2583.920459]  smp_call_function_single+0x189/0x460
[ 2583.921117]  ? perf_duration_warn+0x40/0x40
[ 2583.921725]  ? generic_exec_single+0x300/0x300
[ 2583.922364]  ? perf_duration_warn+0x40/0x40
[ 2583.922977]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 2583.923731]  ? lock_is_held_type+0xd7/0x130
[ 2583.924339]  perf_install_in_context+0x4da/0x590
[ 2583.924989]  ? list_add_event+0xeb0/0xeb0
08:59:52 executing program 1:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{&(0x7f0000000040)=""/35, 0x23}, {0x0, 0x2}, {&(0x7f0000000300)=""/165, 0xa5}], 0x3, 0x10, 0x0)

[ 2583.925552]  ? ctx_resched+0x3a0/0x3a0
[ 2583.926244]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 2583.927017]  ? exclusive_event_installable+0x254/0x320
[ 2583.927779]  __do_sys_perf_event_open+0x1bf0/0x3040
[ 2583.928480]  ? perf_remove_from_context+0x260/0x260
[ 2583.929165]  ? xfd_validate_state+0x59/0x180
[ 2583.929787]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2583.930554]  do_syscall_64+0x3b/0x90
[ 2583.931076]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2583.931796] RIP: 0033:0x7f750a357b19
[ 2583.932315] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2583.934856] RSP: 002b:00007f75078cd188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a
[ 2583.935917] RAX: ffffffffffffffda RBX: 00007f750a46af60 RCX: 00007f750a357b19
[ 2583.936908] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000c00
08:59:52 executing program 3:
r0 = socket$inet_udp(0x2, 0x2, 0x0)
r1 = fsopen(&(0x7f0000000080)='hugetlbfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r1, 0x6, 0x0, 0x0, 0x0)
r2 = fsmount(r1, 0x0, 0x0)
mknodat$null(r2, &(0x7f0000000040)='./file0\x00', 0x2000, 0x103)
ioctl$sock_inet_udp_SIOCINQ(r2, 0x541b, &(0x7f0000000000))
bind$inet(r0, &(0x7f00000000c0)={0x2, 0x0, @loopback}, 0x10)

[ 2583.937885] RBP: 00007f750a3b1f6d R08: 0000000000000000 R09: 0000000000000000
[ 2583.938927] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000000
[ 2583.939891] R13: 00007ffc8fa2e86f R14: 00007f75078cd300 R15: 0000000000022000
[ 2583.940873]  </TASK>
08:59:52 executing program 6:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{&(0x7f0000000040)=""/35, 0x23}, {0x0}, {&(0x7f0000000300)=""/165, 0xa5}], 0x3, 0x3, 0x0)

08:59:52 executing program 7:
openat$sndseq(0xffffffffffffff9c, 0x0, 0x0)
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{0x0}, {&(0x7f0000000300)=""/165, 0xa5}], 0x2, 0xa5, 0x0)

08:59:52 executing program 1:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{&(0x7f0000000040)=""/35, 0x23}, {0x0, 0x2}, {&(0x7f0000000300)=""/165, 0xa5}], 0x3, 0x21, 0x0)

08:59:52 executing program 6:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{&(0x7f0000000040)=""/35, 0x23}, {0x0}, {&(0x7f0000000300)=""/165, 0xa5}], 0x3, 0x4, 0x0)

08:59:52 executing program 7:
openat$sndseq(0xffffffffffffff9c, 0x0, 0x0)
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{0x0}, {&(0x7f0000000300)=""/165, 0xa5}], 0x2, 0xbf, 0x0)

08:59:52 executing program 3:
r0 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r0, &(0x7f0000000000)={0x2, 0x0, @loopback}, 0x10)
bind$inet(r0, &(0x7f0000000040)={0x2, 0x0, @empty}, 0x10)

[ 2584.141157] Call Trace:
[ 2584.141566]  <TASK>
[ 2584.141877]  x86_pmu_stop+0x149/0x330
[ 2584.142403]  x86_pmu_del+0x1be/0x610
[ 2584.142915]  event_sched_out+0x2ed/0xe80
[ 2584.143462]  __perf_remove_from_context+0x87/0xbe0
[ 2584.144110]  event_function+0x297/0x3d0
[ 2584.144631]  ? perf_uprobe_event_init+0x1c0/0x1c0
[ 2584.145264]  remote_function+0x125/0x1b0
[ 2584.145807]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 2584.146550]  ? perf_duration_warn+0x40/0x40
[ 2584.147112]  generic_exec_single+0x203/0x300
[ 2584.147679]  smp_call_function_single+0x189/0x460
[ 2584.148285]  ? perf_duration_warn+0x40/0x40
[ 2584.148876]  ? generic_exec_single+0x300/0x300
[ 2584.149478]  ? perf_duration_warn+0x40/0x40
[ 2584.150065]  ? lock_is_held_type+0xd7/0x130
[ 2584.150656]  event_function_call+0x3d0/0x430
[ 2584.151234]  ? perf_group_detach+0x11b0/0x11b0
[ 2584.151844]  ? perf_copy_attr+0x9c0/0x9c0
[ 2584.152398]  ? lock_release+0x3b2/0x6f0
[ 2584.152937]  ? perf_group_detach+0x11b0/0x11b0
[ 2584.153551]  ? perf_uprobe_event_init+0x1c0/0x1c0
[ 2584.154200]  ? _raw_spin_unlock_irq+0x1f/0x40
[ 2584.154789]  perf_remove_from_context+0x12e/0x260
[ 2584.155444]  perf_event_release_kernel+0x153/0x7f0
[ 2584.156097]  ? lock_is_held_type+0xd7/0x130
[ 2584.156670]  ? perf_pmu_migrate_context+0xae0/0xae0
[ 2584.157333]  ? lock_is_held_type+0xd7/0x130
[ 2584.157911]  perf_release+0x33/0x40
[ 2584.158419]  __fput+0x272/0x9d0
[ 2584.158867]  ? perf_event_release_kernel+0x7f0/0x7f0
[ 2584.159553]  task_work_run+0xe2/0x1a0
[ 2584.160078]  do_exit+0xaf7/0x27e0
[ 2584.160541]  ? find_held_lock+0x2c/0x110
[ 2584.161095]  ? lock_release+0x3b2/0x6f0
[ 2584.161622]  ? mm_update_next_owner+0x7d0/0x7d0
[ 2584.162238]  ? lock_downgrade+0x6d0/0x6d0
[ 2584.162805]  ? lock_is_held_type+0xd7/0x130
[ 2584.163389]  do_group_exit+0xd2/0x2f0
[ 2584.163902]  get_signal+0x2303/0x2350
[ 2584.164426]  ? lock_downgrade+0x6d0/0x6d0
[ 2584.164983]  ? signal_setup_done+0x520/0x520
[ 2584.165578]  ? lock_is_held_type+0xd7/0x130
[ 2584.166166]  arch_do_signal_or_restart+0x88/0x1a40
[ 2584.166852]  ? __do_sys_perf_event_open+0xd2/0x3040
[ 2584.167537]  ? get_sigframe_size+0x10/0x10
[ 2584.168109]  ? perf_remove_from_context+0x260/0x260
[ 2584.168773]  ? xfd_validate_state+0x59/0x180
[ 2584.169384]  exit_to_user_mode_prepare+0x131/0x1a0
[ 2584.170042]  syscall_exit_to_user_mode+0x19/0x50
[ 2584.170681]  do_syscall_64+0x48/0x90
[ 2584.171185]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2584.171845] RIP: 0033:0x7f750a357b19
[ 2584.172345] Code: Unable to access opcode bytes at RIP 0x7f750a357aef.
[ 2584.173161] RSP: 002b:00007f75078cd188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a
[ 2584.174184] RAX: 0000000000000003 RBX: 00007f750a46af60 RCX: 00007f750a357b19
[ 2584.175146] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000c00
[ 2584.176095] RBP: 00007f750a3b1f6d R08: 0000000000000000 R09: 0000000000000000
[ 2584.177040] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000000
[ 2584.177985] R13: 00007ffc8fa2e86f R14: 00007f75078cd300 R15: 0000000000022000
[ 2584.178950]  </TASK>
08:59:52 executing program 2:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NLBL_MGMT_C_VERSION(r0, &(0x7f00000001c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x24, 0x0, 0x100, 0x70bd25, 0x25dfdbfd, {}, [@NLBL_MGMT_A_PROTOCOL={0x8}, @NLBL_MGMT_A_FAMILY={0x6, 0xb, 0x1}]}, 0x24}, 0x1, 0x0, 0x0, 0x4001}, 0x4080)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$netlbl_cipso(&(0x7f0000000340), r1)
sendmsg$NLBL_CIPSOV4_C_LIST(r1, &(0x7f0000000c80)={0x0, 0x0, &(0x7f0000000c40)={&(0x7f0000000980)={0x18, r2, 0x1, 0x0, 0x0, {}, [@NLBL_CIPSOV4_A_MLSLVLLST={0x4}]}, 0x18}}, 0x0)
ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000180)={'wpan0\x00', <r3=>0x0})
r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000780), r5)
sendmsg$IEEE802154_LLSEC_SETPARAMS(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000400)={0x24, r6, 0x10d, 0x0, 0x0, {}, [@IEEE802154_ATTR_DEV_INDEX={0x8, 0x2, r3}, @IEEE802154_ATTR_LLSEC_SECLEVEL={0x5, 0x2a, 0x20}]}, 0x24}}, 0x0)
ioctl$sock_SIOCGIFINDEX_802154(r1, 0x8933, &(0x7f0000000400)={'wpan4\x00', <r7=>0x0})
sendmsg$NL802154_CMD_DEL_SEC_DEV(r0, &(0x7f0000000500)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f00000004c0)={&(0x7f0000000440)={0x44, 0x0, 0x300, 0x70bd25, 0x25dfdbfc, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x100000001}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r3}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r7}, @NL802154_ATTR_IFINDEX={0x8}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x100000001}]}, 0x44}}, 0x4)
r8 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r9 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000080), r8)
sendmsg$NLBL_MGMT_C_ADD(r8, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)={0x4c, r9, 0x1, 0x0, 0x0, {}, [@NLBL_MGMT_A_DOMAIN={0x6, 0x1, '%\x00'}, @NLBL_MGMT_A_IPV6ADDR={0x14, 0x5, @local}, @NLBL_MGMT_A_IPV6MASK={0x14, 0x6, @mcast1}, @NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x5}]}, 0x4c}, 0x1, 0x700000000000000}, 0x0)
sendmsg$NLBL_MGMT_C_REMOVE(r1, &(0x7f0000000300)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000240)={0x64, r9, 0x30, 0x70bd29, 0x25dfdbfe, {}, [@NLBL_MGMT_A_IPV6ADDR={0x14, 0x5, @loopback}, @NLBL_MGMT_A_IPV4ADDR={0x8, 0x7, @loopback}, @NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x5}, @NLBL_MGMT_A_IPV4MASK={0x8, 0x8, @private=0xa010100}, @NLBL_MGMT_A_CLPDOI={0x8}, @NLBL_MGMT_A_FAMILY={0x6, 0xb, 0x2b}, @NLBL_MGMT_A_IPV6MASK={0x14, 0x6, @private0}]}, 0x64}, 0x1, 0x0, 0x0, 0x4}, 0x0)
add_key$fscrypt_v1(&(0x7f0000000040), &(0x7f0000000080)={'fscrypt:', @desc4}, &(0x7f00000000c0)={0x0, "13199de0bbe5bf0b1ca3f92d776a2d694b0e24589b8eec41fa1cff1a5d57b9aef9116a330909c3461d0f7a82f842a3885149ad018f2c60470600e5d48346b334"}, 0x48, 0xffffffffffffffff)
clone3(&(0x7f0000001500)={0x142100100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[0xffffffffffffffff], 0x1}, 0x58)

09:00:07 executing program 7:
openat$sndseq(0xffffffffffffff9c, 0x0, 0x0)
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{0x0}, {&(0x7f0000000300)=""/165, 0xa5}], 0x2, 0x300, 0x0)

09:00:07 executing program 1:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{&(0x7f0000000040)=""/35, 0x23}, {0x0, 0x2}, {&(0x7f0000000300)=""/165, 0xa5}], 0x3, 0x48, 0x0)

09:00:07 executing program 6:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{&(0x7f0000000040)=""/35, 0x23}, {0x0}, {&(0x7f0000000300)=""/165, 0xa5}], 0x3, 0x5, 0x0)

09:00:07 executing program 3:
r0 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10)
r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
bind$inet(r1, &(0x7f00000000c0)={0x2, 0x0, @empty}, 0xfffffffffffffff2)
socket$inet_udp(0x2, 0x2, 0x0)

09:00:07 executing program 0:
perf_event_open$cgroup(&(0x7f0000000c00)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x300, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

09:00:07 executing program 4:
syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = accept$packet(0xffffffffffffffff, 0x0, &(0x7f0000000340))
r1 = accept4(r0, &(0x7f0000000240)=@vsock={0x28, 0x0, 0x0, @local}, &(0x7f00000002c0)=0x80, 0x80000)
ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(0xffffffffffffffff, 0xc018937e, &(0x7f0000000300)={{0x1, 0x1, 0x18, r1, @out_args}, './file0/file0\x00'})
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='proc\x00', 0x0, 0x0)
chroot(&(0x7f0000000040)='./file0\x00')
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/rcu_expedited', 0x103800, 0x47)
link(&(0x7f00000001c0)='./file0/file0\x00', &(0x7f0000000200)='./file0\x00')
umount2(&(0x7f0000000140)='./file0/file0\x00', 0x8)
umount2(&(0x7f0000000180)='./file0\x00', 0x0)

09:00:07 executing program 2:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NLBL_MGMT_C_VERSION(r0, &(0x7f00000001c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x24, 0x0, 0x100, 0x70bd25, 0x25dfdbfd, {}, [@NLBL_MGMT_A_PROTOCOL={0x8}, @NLBL_MGMT_A_FAMILY={0x6, 0xb, 0x1}]}, 0x24}, 0x1, 0x0, 0x0, 0x4001}, 0x4080)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$netlbl_cipso(&(0x7f0000000340), r1)
sendmsg$NLBL_CIPSOV4_C_LIST(r1, &(0x7f0000000c80)={0x0, 0x0, &(0x7f0000000c40)={&(0x7f0000000980)={0x18, r2, 0x1, 0x0, 0x0, {}, [@NLBL_CIPSOV4_A_MLSLVLLST={0x4}]}, 0x18}}, 0x0)
ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000180)={'wpan0\x00', <r3=>0x0})
r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000780), r5)
sendmsg$IEEE802154_LLSEC_SETPARAMS(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000400)={0x24, r6, 0x10d, 0x0, 0x0, {}, [@IEEE802154_ATTR_DEV_INDEX={0x8, 0x2, r3}, @IEEE802154_ATTR_LLSEC_SECLEVEL={0x5, 0x2a, 0x20}]}, 0x24}}, 0x0)
ioctl$sock_SIOCGIFINDEX_802154(r1, 0x8933, &(0x7f0000000400)={'wpan4\x00', <r7=>0x0})
sendmsg$NL802154_CMD_DEL_SEC_DEV(r0, &(0x7f0000000500)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f00000004c0)={&(0x7f0000000440)={0x44, 0x0, 0x300, 0x70bd25, 0x25dfdbfc, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x100000001}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r3}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r7}, @NL802154_ATTR_IFINDEX={0x8}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x100000001}]}, 0x44}}, 0x4)
r8 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r9 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000080), r8)
sendmsg$NLBL_MGMT_C_ADD(r8, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)={0x4c, r9, 0x1, 0x0, 0x0, {}, [@NLBL_MGMT_A_DOMAIN={0x6, 0x1, '%\x00'}, @NLBL_MGMT_A_IPV6ADDR={0x14, 0x5, @local}, @NLBL_MGMT_A_IPV6MASK={0x14, 0x6, @mcast1}, @NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x5}]}, 0x4c}, 0x1, 0x700000000000000}, 0x0)
sendmsg$NLBL_MGMT_C_REMOVE(r1, &(0x7f0000000300)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000240)={0x64, r9, 0x30, 0x70bd29, 0x25dfdbfe, {}, [@NLBL_MGMT_A_IPV6ADDR={0x14, 0x5, @loopback}, @NLBL_MGMT_A_IPV4ADDR={0x8, 0x7, @loopback}, @NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x5}, @NLBL_MGMT_A_IPV4MASK={0x8, 0x8, @private=0xa010100}, @NLBL_MGMT_A_CLPDOI={0x8}, @NLBL_MGMT_A_FAMILY={0x6, 0xb, 0x2b}, @NLBL_MGMT_A_IPV6MASK={0x14, 0x6, @private0}]}, 0x64}, 0x1, 0x0, 0x0, 0x4}, 0x0)
add_key$fscrypt_v1(&(0x7f0000000040), &(0x7f0000000080)={'fscrypt:', @desc4}, &(0x7f00000000c0)={0x0, "13199de0bbe5bf0b1ca3f92d776a2d694b0e24589b8eec41fa1cff1a5d57b9aef9116a330909c3461d0f7a82f842a3885149ad018f2c60470600e5d48346b334"}, 0x48, 0xffffffffffffffff)

09:00:07 executing program 5:
socketpair$unix(0x1, 0x5, 0x0, 0x0)
sendmsg$unix(0xffffffffffffffff, 0x0, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
pwritev(r0, &(0x7f0000000640)=[{&(0x7f00000002c0)="19", 0x1}], 0x1, 0x8000000, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0)
r2 = socket$inet6(0xa, 0x1, 0x0)
bind$inet6(r1, &(0x7f0000000140)={0xa, 0x4e1e, 0x2, @dev={0xfe, 0x80, '\x00', 0x20}, 0x1cc}, 0x1c)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c)
recvfrom(r2, &(0x7f00000003c0)=""/87, 0x20010397, 0x300, 0x0, 0x0)
sendfile(r2, r1, 0x0, 0xfffffdef)
readv(0xffffffffffffffff, &(0x7f0000000040), 0x0)
openat$cgroup_freezer_state(0xffffffffffffffff, 0x0, 0x2, 0x0)
close(0xffffffffffffffff)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000001540), 0xffffffffffffffff)
sendmsg$NL80211_CMD_STOP_AP(r3, &(0x7f0000001600)={0x0, 0x0, &(0x7f00000015c0)={&(0x7f0000001580)={0x1c, 0x0, 0x1, 0x0, 0x0, {{}, {@val={0x8}, @void}}}, 0x1c}}, 0x0)
getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000000040), &(0x7f0000000080)=0xc)
syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x2200)

[ 2599.262262] Call Trace:
[ 2599.262798]  <TASK>
[ 2599.263119]  ? x86_pmu_start+0x1c0/0x240
[ 2599.263701]  x86_pmu_enable+0x580/0xd90
[ 2599.264259]  ? amd_pmu_disable_virt+0xa0/0xa0
[ 2599.264981]  ctx_resched+0x2b9/0x3a0
[ 2599.265530]  __perf_install_in_context+0x285/0xa40
[ 2599.266219]  ? ctx_resched+0x3a0/0x3a0
[ 2599.266843]  remote_function+0x125/0x1b0
[ 2599.267420]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 2599.268279]  ? perf_duration_warn+0x40/0x40
[ 2599.268904]  generic_exec_single+0x203/0x300
[ 2599.269539]  smp_call_function_single+0x189/0x460
[ 2599.270226]  ? perf_duration_warn+0x40/0x40
[ 2599.270906]  ? generic_exec_single+0x300/0x300
[ 2599.271554]  ? perf_duration_warn+0x40/0x40
[ 2599.272183]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 2599.272981]  ? lock_is_held_type+0xd7/0x130
[ 2599.273603]  perf_install_in_context+0x4da/0x590
[ 2599.274321]  ? list_add_event+0xeb0/0xeb0
[ 2599.274928]  ? ctx_resched+0x3a0/0x3a0
[ 2599.275488]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 2599.276286]  ? exclusive_event_installable+0x254/0x320
[ 2599.277013]  __do_sys_perf_event_open+0x1bf0/0x3040
[ 2599.277705]  ? __up_read+0x192/0x710
[ 2599.278245]  ? perf_remove_from_context+0x260/0x260
[ 2599.278971]  ? up_write+0x460/0x460
[ 2599.279497]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2599.280232]  do_syscall_64+0x3b/0x90
[ 2599.280752]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2599.281474] RIP: 0033:0x7f750a357b19
[ 2599.281980] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2599.284583] RSP: 002b:00007f75078cd188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a
[ 2599.285673] RAX: ffffffffffffffda RBX: 00007f750a46af60 RCX: 00007f750a357b19
[ 2599.286707] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000c00
[ 2599.287679] RBP: 00007f750a3b1f6d R08: 0000000000000000 R09: 0000000000000000
[ 2599.288667] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000000
[ 2599.289652] R13: 00007ffc8fa2e86f R14: 00007f75078cd300 R15: 0000000000022000
[ 2599.290709]  </TASK>
09:00:07 executing program 1:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{&(0x7f0000000040)=""/35, 0x23}, {0x0, 0x2}, {&(0x7f0000000300)=""/165, 0xa5}], 0x3, 0x4c, 0x0)

09:00:07 executing program 6:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{&(0x7f0000000040)=""/35, 0x23}, {0x0}, {&(0x7f0000000300)=""/165, 0xa5}], 0x3, 0x6, 0x0)

09:00:07 executing program 3:
r0 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r0, &(0x7f00000000c0)={0x2, 0x0, @loopback}, 0x10)
r1 = signalfd(r0, &(0x7f0000000000)={[0xffffffff]}, 0x8)
bind$inet(r1, &(0x7f0000000040)={0x2, 0x0, @loopback}, 0x10)

09:00:07 executing program 5:
socketpair$unix(0x1, 0x5, 0x0, 0x0)
r0 = fsopen(&(0x7f0000000080)='hugetlbfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
sendmsg$unix(0xffffffffffffffff, 0x0, 0x4810)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
pwritev(r1, &(0x7f0000000640)=[{&(0x7f00000002c0)="19", 0x1}], 0x1, 0x8000000, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0)
r3 = socket$inet6(0xa, 0x1, 0x0)
bind$inet6(r3, &(0x7f00000002c0)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
connect$inet6(r3, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c)
recvfrom(r3, &(0x7f00000003c0)=""/87, 0x20010397, 0x300, 0x0, 0x0)
sendfile(r3, r2, 0x0, 0xfffffdef)
readv(0xffffffffffffffff, &(0x7f0000000040), 0x0)
openat$cgroup_freezer_state(0xffffffffffffffff, 0x0, 0x2, 0x0)
close(0xffffffffffffffff)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000001540), 0xffffffffffffffff)
sendmsg$NL80211_CMD_STOP_AP(r4, &(0x7f0000001600)={0x0, 0x0, &(0x7f00000015c0)={&(0x7f0000001580)={0x1c, 0x0, 0x1, 0x0, 0x0, {{}, {@val={0x8}, @void}}}, 0x1c}}, 0x0)
getsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f0000000040), &(0x7f0000000080)=0xc)
syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x2200)

[ 2599.406906] Call Trace:
[ 2599.407354]  <IRQ>
[ 2599.407654]  x86_pmu_stop+0x149/0x330
[ 2599.408224]  x86_pmu_del+0x1be/0x610
[ 2599.408759]  event_sched_out+0x2ed/0xe80
[ 2599.409385]  __perf_remove_from_context+0x87/0xbe0
[ 2599.410100]  event_function+0x297/0x3d0
[ 2599.410692]  ? perf_uprobe_event_init+0x1c0/0x1c0
[ 2599.411405]  remote_function+0x125/0x1b0
[ 2599.412008]  flush_smp_call_function_queue+0x1df/0x610
[ 2599.412755]  ? perf_duration_warn+0x40/0x40
[ 2599.413364]  __sysvec_call_function_single+0x92/0x3a0
[ 2599.414134]  sysvec_call_function_single+0x89/0xc0
[ 2599.414865]  </IRQ>
[ 2599.415166]  <TASK>
[ 2599.415476]  asm_sysvec_call_function_single+0x12/0x20
[ 2599.416214] RIP: 0010:lock_acquire+0x1db/0x4d0
[ 2599.416874] Code: 02 b8 ff ff ff ff 65 0f c1 05 49 91 d9 7e 83 f8 01 0f 85 86 02 00 00 48 83 7c 24 08 00 74 01 fb 48 b8 00 00 00 00 00 fc ff df <48> 01 c3 48 c7 03 00 00 00 00 48 c7 43 08 00 00 00 00 48 8b 84 24
[ 2599.419510] RSP: 0018:ffff888015cf7a18 EFLAGS: 00000206
[ 2599.420221] RAX: dffffc0000000000 RBX: 1ffff11002b9ef45 RCX: 00000000ef9db6ea
[ 2599.421214] RDX: 1ffff110036b348c RSI: 0000000000000000 RDI: 0000000000000000
[ 2599.422200] RBP: 0000000000000000 R08: 0000000000000000 R09: ffffffff86a3e787
[ 2599.423182] R10: fffffbfff0d47cf0 R11: 0000000000000001 R12: 0000000000000002
[ 2599.424196] R13: 0000000000000000 R14: ffffffff85201dc0 R15: 0000000000000000
[ 2599.425231]  ? lock_acquire+0x1b2/0x4d0
[ 2599.425837]  ? lock_release+0x6f0/0x6f0
[ 2599.426405]  ? __is_insn_slot_addr+0x122/0x250
[ 2599.427127]  ? lock_downgrade+0x6d0/0x6d0
[ 2599.427785]  ? entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2599.428551]  __is_insn_slot_addr+0x3d/0x250
[ 2599.429194]  ? __free_insn_slot+0x520/0x520
[ 2599.429794]  kernel_text_address+0x53/0xb0
[ 2599.430441]  __kernel_text_address+0x9/0x30
[ 2599.431230]  unwind_get_return_address+0x51/0x90
[ 2599.431903]  ? create_prof_cpu_mask+0x20/0x20
[ 2599.432578]  arch_stack_walk+0x99/0xf0
[ 2599.433190]  stack_trace_save+0x8c/0xc0
[ 2599.433753]  ? filter_irq_stacks+0x90/0x90
[ 2599.434384]  ? lockdep_init_map_type+0x21a/0x7e0
[ 2599.435167]  ? __raw_spin_lock_init+0x36/0x110
[ 2599.435824]  create_object.isra.0+0x372/0xa20
[ 2599.436539]  kmem_cache_alloc+0x239/0x480
[ 2599.437129]  sk_prot_alloc+0x63/0x2e0
[ 2599.437672]  sk_alloc+0x34/0x750
[ 2599.438229]  inet_create+0x365/0xdf0
[ 2599.438811]  __sock_create+0x345/0x750
[ 2599.439396]  ? blkcg_maybe_throttle_current+0x5ac/0xd50
[ 2599.440166]  __sys_socket+0xef/0x200
[ 2599.440687]  ? compat_sock_ioctl+0x590/0x590
[ 2599.441347]  __x64_sys_socket+0x6f/0xb0
[ 2599.441899]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2599.442710]  do_syscall_64+0x3b/0x90
[ 2599.443232]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2599.443945] RIP: 0033:0x7f457d3ea197
[ 2599.444481] Code: f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 b8 29 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2599.447129] RSP: 002b:00007ffd02447fb8 EFLAGS: 00000206 ORIG_RAX: 0000000000000029
[ 2599.448221] RAX: ffffffffffffffda RBX: 00007ffd024486f0 RCX: 00007f457d3ea197
[ 2599.449252] RDX: 0000000000000006 RSI: 0000000000000001 RDI: 0000000000000002
[ 2599.450299] RBP: 0000000000000003 R08: 0000000000000000 R09: 00007ffd02448500
[ 2599.451307] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000032
[ 2599.452336] R13: 0000000000000000 R14: 0000000000000003 R15: 00007ffd02448730
[ 2599.453394]  </TASK>
[ 2599.473841] Call Trace:
[ 2599.474313]  <IRQ>
[ 2599.474649]  ? x86_pmu_start+0x1c0/0x240
[ 2599.475273]  x86_pmu_enable+0x580/0xd90
[ 2599.475870]  ? amd_pmu_disable_virt+0xa0/0xa0
[ 2599.476544]  ctx_resched+0x2b9/0x3a0
[ 2599.477106]  __perf_install_in_context+0x285/0xa40
[ 2599.477851]  ? __irq_exit_rcu+0x113/0x170
[ 2599.478439]  ? ctx_resched+0x3a0/0x3a0
[ 2599.479113]  remote_function+0x125/0x1b0
[ 2599.479712]  flush_smp_call_function_queue+0x1df/0x610
[ 2599.480507]  ? perf_duration_warn+0x40/0x40
[ 2599.481137]  __sysvec_call_function_single+0x92/0x3a0
[ 2599.481866]  sysvec_call_function_single+0x89/0xc0
[ 2599.482600]  </IRQ>
[ 2599.482907]  <TASK>
[ 2599.483243]  asm_sysvec_call_function_single+0x12/0x20
[ 2599.483984] RIP: 0010:__rcu_read_lock+0xa6/0xf0
[ 2599.484642] Code: b8 00 00 00 00 00 fc ff df 89 9d f4 03 00 00 65 48 8b 1c 25 40 6f 02 00 48 8d bb f4 03 00 00 48 89 fa 48 c1 ea 03 0f b6 14 02 <48> 89 f8 83 e0 07 83 c0 03 38 d0 7c 04 84 d2 75 15 8b 83 f4 03 00
[ 2599.487320] RSP: 0018:ffff888041a27978 EFLAGS: 00000217
[ 2599.488065] RAX: dffffc0000000000 RBX: ffff888042398000 RCX: 0000000000000000
[ 2599.489094] RDX: 0000000000000000 RSI: ffffffff816c40c6 RDI: ffff8880423983f4
[ 2599.490104] RBP: ffff888042398000 R08: 0000000000000000 R09: 0000000000000000
[ 2599.491196] R10: ffffffff81673e59 R11: 0000000000000000 R12: 0000000000000000
[ 2599.492221] R13: ffff88800cbf1900 R14: dffffc0000000000 R15: ffff888041a27cf0
[ 2599.493232]  ? unmap_page_range+0x1099/0x2680
[ 2599.493881]  ? page_remove_rmap+0x16/0x490
[ 2599.494499]  ? vm_normal_page+0x162/0x2e0
[ 2599.495122]  folio_memcg_lock+0x1a/0x490
[ 2599.495724]  ? __pte_alloc_kernel+0x1c0/0x1c0
[ 2599.496422]  page_remove_rmap+0x1e/0x490
[ 2599.496998]  unmap_page_range+0x10eb/0x2680
[ 2599.497656]  ? vm_normal_page+0x2e0/0x2e0
[ 2599.498246]  ? lock_release+0x3b2/0x6f0
[ 2599.498844]  ? lock_downgrade+0x6d0/0x6d0
[ 2599.499404]  ? uprobe_munmap+0x1c/0x560
[ 2599.499957]  unmap_single_vma+0x198/0x310
[ 2599.500533]  unmap_vmas+0x16b/0x2f0
[ 2599.501012]  ? lock_downgrade+0x6d0/0x6d0
[ 2599.501567]  ? unmap_mapping_range+0x280/0x280
[ 2599.502235]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 2599.503051]  exit_mmap+0x192/0x460
[ 2599.503616]  ? do_munmap+0x40/0x40
[ 2599.504166]  ? delayed_uprobe_remove+0x27/0x230
[ 2599.504827]  mmput+0xc8/0x380
[ 2599.505285]  do_exit+0xa0a/0x27e0
[ 2599.505785]  ? __sanitizer_cov_trace_const_cmp1+0x22/0x80
[ 2599.506576]  ? mm_update_next_owner+0x7d0/0x7d0
[ 2599.507237]  do_group_exit+0xd2/0x2f0
[ 2599.507784]  __x64_sys_exit_group+0x3a/0x50
[ 2599.508390]  do_syscall_64+0x3b/0x90
[ 2599.508909]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2599.509647] RIP: 0033:0x7fa94dc25699
[ 2599.510173] Code: Unable to access opcode bytes at RIP 0x7fa94dc2566f.
[ 2599.511167] RSP: 002b:00007fffbf443ef8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7
[ 2599.512237] RAX: ffffffffffffffda RBX: 00007fa94dd1a610 RCX: 00007fa94dc25699
[ 2599.513259] RDX: 000000000000003c RSI: 00000000000000e7 RDI: 0000000000000001
[ 2599.514255] RBP: 0000000000000001 R08: ffffffffffffff80 R09: 0000000000000001
[ 2599.515295] R10: 0000000000000004 R11: 0000000000000246 R12: 00007fa94dd1a610
[ 2599.516295] R13: 0000000000000001 R14: 00007fa94dd1aae8 R15: 0000000000000000
[ 2599.517333]  </TASK>
09:00:07 executing program 6:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{&(0x7f0000000040)=""/35, 0x23}, {0x0}, {&(0x7f0000000300)=""/165, 0xa5}], 0x3, 0x7, 0x0)

09:00:07 executing program 4:
r0 = syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='proc\x00', 0x0, 0x0)
chroot(&(0x7f0000000040)='./file0\x00')
stat(&(0x7f0000000240)='./file0\x00', &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, <r1=>0x0})
setresuid(0x0, r1, 0x0)
mount$9p_fd(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f00000001c0), 0x4, &(0x7f0000000200)={'trans=fd,', {}, 0x2c, {'wfdno', 0x3d, r0}, 0x2c, {[{@loose}], [{@smackfsfloor={'smackfsfloor', 0x3d, 'proc\x00'}}, {@euid_lt={'euid<', 0xffffffffffffffff}}, {@euid_gt={'euid>', r1}}]}})
openat$dir(0xffffffffffffff9c, &(0x7f0000000300)='./file0\x00', 0x80200, 0x22)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/kexec_crash_size', 0x0, 0x0)
umount2(&(0x7f0000000180)='./file0\x00', 0x0)

09:00:07 executing program 7:
openat$sndseq(0xffffffffffffff9c, 0x0, 0x0)
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{0x0}, {&(0x7f0000000300)=""/165, 0xa5}], 0x2, 0x500, 0x0)

09:00:07 executing program 1:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{&(0x7f0000000040)=""/35, 0x23}, {0x0, 0x2}, {&(0x7f0000000300)=""/165, 0xa5}], 0x3, 0x68, 0x0)

09:00:07 executing program 3:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{&(0x7f0000000040)=""/35, 0x23}, {0x0, 0x2}, {&(0x7f0000000300)=""/165, 0xa5}], 0x3, 0x4c, 0x0)

[ 2599.663857] Call Trace:
[ 2599.664306]  <IRQ>
[ 2599.664619]  x86_pmu_stop+0x149/0x330
[ 2599.665156]  x86_pmu_del+0x1be/0x610
[ 2599.665682]  event_sched_out+0x2ed/0xe80
[ 2599.666221]  __perf_remove_from_context+0x87/0xbe0
[ 2599.666950]  event_function+0x297/0x3d0
[ 2599.667520]  ? perf_uprobe_event_init+0x1c0/0x1c0
[ 2599.668232]  remote_function+0x125/0x1b0
[ 2599.668844]  flush_smp_call_function_queue+0x1df/0x610
[ 2599.669623]  ? perf_duration_warn+0x40/0x40
[ 2599.670259]  __sysvec_call_function_single+0x92/0x3a0
[ 2599.671005]  sysvec_call_function_single+0x89/0xc0
[ 2599.671728]  </IRQ>
[ 2599.672037]  <TASK>
[ 2599.672346]  asm_sysvec_call_function_single+0x12/0x20
[ 2599.673101] RIP: 0010:__sanitizer_cov_trace_pc+0x7/0x60
[ 2599.673933] Code: 32 00 be 03 00 00 00 5d e9 b6 e9 c2 00 66 0f 1f 44 00 00 48 8b be a8 01 00 00 e8 b4 ff ff ff 31 c0 c3 90 65 8b 05 b9 b5 be 7e <89> c1 48 8b 34 24 81 e1 00 01 00 00 65 48 8b 14 25 40 6f 02 00 a9
[ 2599.676610] RSP: 0018:ffff888045f8f748 EFLAGS: 00000293
[ 2599.677415] RAX: 0000000080000001 RBX: ffff888040c53bc0 RCX: 0000000000000000
[ 2599.678475] RDX: ffff88804abf3580 RSI: ffffffff8161b750 RDI: 0000000000000003
[ 2599.679608] RBP: ffffea0000c44640 R08: 0000000000000000 R09: 0000000000000001
[ 2599.680607] R10: ffffffff8161b6af R11: 0000000000000002 R12: 0000000000000002
[ 2599.681624] R13: ffffea0000c44648 R14: dffffc0000000000 R15: ffff888045f8fa28
[ 2599.682714]  ? __page_mapcount+0xef/0x3a0
[ 2599.683336]  ? __page_mapcount+0x190/0x3a0
[ 2599.683986]  unmap_page_range+0x113e/0x2680
[ 2599.684645]  ? vm_normal_page+0x2e0/0x2e0
[ 2599.685221]  ? lock_release+0x3b2/0x6f0
[ 2599.685828]  ? lock_downgrade+0x6d0/0x6d0
[ 2599.686409]  ? uprobe_munmap+0x1c/0x560
[ 2599.686998]  unmap_single_vma+0x198/0x310
[ 2599.687645]  unmap_vmas+0x16b/0x2f0
[ 2599.688162]  ? lock_downgrade+0x6d0/0x6d0
[ 2599.688817]  ? unmap_mapping_range+0x280/0x280
[ 2599.689576]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 2599.690346]  exit_mmap+0x192/0x460
[ 2599.690905]  ? do_munmap+0x40/0x40
[ 2599.691475]  ? delayed_uprobe_remove+0x27/0x230
[ 2599.692188]  mmput+0xc8/0x380
[ 2599.692687]  do_exit+0xa0a/0x27e0
[ 2599.693195]  ? find_held_lock+0x2c/0x110
[ 2599.693813]  ? lock_release+0x3b2/0x6f0
[ 2599.694398]  ? mm_update_next_owner+0x7d0/0x7d0
[ 2599.695117]  ? lock_downgrade+0x6d0/0x6d0
[ 2599.695739]  ? lock_is_held_type+0xd7/0x130
[ 2599.696432]  do_group_exit+0xd2/0x2f0
[ 2599.697035]  get_signal+0x2303/0x2350
[ 2599.697570]  ? wake_up_q+0x8b/0xf0
[ 2599.698077]  ? signal_setup_done+0x520/0x520
[ 2599.698806]  arch_do_signal_or_restart+0x88/0x1a40
[ 2599.699505]  ? do_futex+0x136/0x380
[ 2599.700044]  ? __ia32_compat_sys_get_robust_list+0x3b0/0x3b0
[ 2599.700873]  ? get_sigframe_size+0x10/0x10
[ 2599.701485]  ? __x64_sys_futex+0x1c6/0x4c0
[ 2599.702095]  ? __x64_sys_openat+0x13f/0x1f0
[ 2599.702738]  ? __x64_sys_futex_time32+0x480/0x480
[ 2599.703420]  exit_to_user_mode_prepare+0x131/0x1a0
[ 2599.704119]  syscall_exit_to_user_mode+0x19/0x50
[ 2599.704776]  do_syscall_64+0x48/0x90
[ 2599.705281]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2599.705985] RIP: 0033:0x7faa53ee7b19
[ 2599.706482] Code: Unable to access opcode bytes at RIP 0x7faa53ee7aef.
[ 2599.707428] RSP: 002b:00007faa5145d218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 2599.708453] RAX: 0000000000000000 RBX: 00007faa53ffaf68 RCX: 00007faa53ee7b19
[ 2599.709431] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007faa53ffaf68
[ 2599.710427] RBP: 00007faa53ffaf60 R08: 0000000000000000 R09: 0000000000000000
[ 2599.711432] R10: 0000000000000000 R11: 0000000000000246 R12: 00007faa53ffaf6c
[ 2599.712439] R13: 00007ffd1c5993ef R14: 00007faa5145d300 R15: 0000000000022000
[ 2599.713430]  </TASK>
09:00:23 executing program 5:
socketpair$unix(0x1, 0x5, 0x0, 0x0)
sendmsg$unix(0xffffffffffffffff, 0x0, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
pwritev(r0, &(0x7f0000000640)=[{&(0x7f00000002c0)="19", 0x1}], 0x1, 0x8000000, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0)
r2 = socket$inet6(0xa, 0x1, 0x0)
bind$inet6(r2, &(0x7f00000002c0)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c)
recvfrom(r2, &(0x7f00000003c0)=""/87, 0x20010397, 0x300, 0x0, 0x0)
sendfile(r2, r1, 0x0, 0xfffffdef)
readv(0xffffffffffffffff, &(0x7f0000000040), 0x0)
openat$cgroup_freezer_state(0xffffffffffffffff, 0x0, 0x2, 0x0)
close(0xffffffffffffffff)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000001540), 0xffffffffffffffff)
sendmsg$NL80211_CMD_STOP_AP(r3, &(0x7f0000001600)={0x0, 0x0, &(0x7f00000015c0)={&(0x7f0000001580)=ANY=[@ANYBLOB="1c000000", @ANYRES16=0x0, @ANYBLOB="00e395d82d766a085b220000000000000000", @ANYRES32=0x0, @ANYBLOB], 0x1c}}, 0x0)
getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000000040), &(0x7f0000000080)=0xc)
syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x2200)

09:00:23 executing program 6:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{&(0x7f0000000040)=""/35, 0x23}, {0x0}, {&(0x7f0000000300)=""/165, 0xa5}], 0x3, 0xa, 0x0)

09:00:23 executing program 0:
perf_event_open$cgroup(&(0x7f0000000c00)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x500, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

[ 2615.571088] Call Trace:
[ 2615.571549]  <TASK>
[ 2615.571834]  ? x86_pmu_start+0x1c0/0x240
[ 2615.572374]  x86_pmu_enable+0x580/0xd90
[ 2615.572893]  ? amd_pmu_disable_virt+0xa0/0xa0
[ 2615.573490]  ctx_resched+0x2b9/0x3a0
[ 2615.574023]  __perf_install_in_context+0x285/0xa40
[ 2615.574673]  ? ctx_resched+0x3a0/0x3a0
[ 2615.575214]  remote_function+0x125/0x1b0
[ 2615.575798]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 2615.576551]  ? perf_duration_warn+0x40/0x40
[ 2615.577116]  generic_exec_single+0x203/0x300
[ 2615.577702]  smp_call_function_single+0x189/0x460
[ 2615.578335]  ? perf_duration_warn+0x40/0x40
[ 2615.578978]  ? generic_exec_single+0x300/0x300
[ 2615.579596]  ? perf_duration_warn+0x40/0x40
[ 2615.580171]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 2615.580898]  ? lock_is_held_type+0xd7/0x130
[ 2615.581471]  perf_install_in_context+0x4da/0x590
[ 2615.582104]  ? list_add_event+0xeb0/0xeb0
[ 2615.582716]  ? ctx_resched+0x3a0/0x3a0
[ 2615.583280]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 2615.584060]  ? exclusive_event_installable+0x254/0x320
[ 2615.584773]  __do_sys_perf_event_open+0x1bf0/0x3040
[ 2615.585519]  ? __up_read+0x192/0x710
[ 2615.586219]  ? perf_remove_from_context+0x260/0x260
[ 2615.586988]  ? up_write+0x460/0x460
[ 2615.587531]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2615.588240]  do_syscall_64+0x3b/0x90
[ 2615.588753]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2615.589452] RIP: 0033:0x7f750a357b19
[ 2615.589939] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2615.592469] RSP: 002b:00007f75078cd188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a
[ 2615.593452] RAX: ffffffffffffffda RBX: 00007f750a46af60 RCX: 00007f750a357b19
[ 2615.594387] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000c00
[ 2615.595345] RBP: 00007f750a3b1f6d R08: 0000000000000000 R09: 0000000000000000
[ 2615.596345] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000000
[ 2615.597303] R13: 00007ffc8fa2e86f R14: 00007f75078cd300 R15: 0000000000022000
[ 2615.598243]  </TASK>
09:00:23 executing program 7:
openat$sndseq(0xffffffffffffff9c, 0x0, 0x0)
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{0x0}, {&(0x7f0000000300)=""/165, 0xa5}], 0x2, 0x600, 0x0)

09:00:23 executing program 3:
openat$sndseq(0xffffffffffffff9c, 0x0, 0x0)
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{0x0}, {&(0x7f0000000300)=""/165, 0xa5}], 0x2, 0x300, 0x0)

09:00:23 executing program 1:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{&(0x7f0000000040)=""/35, 0x23}, {0x0, 0x2}, {&(0x7f0000000300)=""/165, 0xa5}], 0x3, 0x6c, 0x0)

09:00:23 executing program 2:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NLBL_MGMT_C_VERSION(r0, &(0x7f00000001c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x24, 0x0, 0x100, 0x70bd25, 0x25dfdbfd, {}, [@NLBL_MGMT_A_PROTOCOL={0x8}, @NLBL_MGMT_A_FAMILY={0x6, 0xb, 0x1}]}, 0x24}, 0x1, 0x0, 0x0, 0x4001}, 0x4080)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$netlbl_cipso(&(0x7f0000000340), r1)
sendmsg$NLBL_CIPSOV4_C_LIST(r1, &(0x7f0000000c80)={0x0, 0x0, &(0x7f0000000c40)={&(0x7f0000000980)={0x18, r2, 0x1, 0x0, 0x0, {}, [@NLBL_CIPSOV4_A_MLSLVLLST={0x4}]}, 0x18}}, 0x0)
ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000180)={'wpan0\x00', <r3=>0x0})
r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000780), r5)
sendmsg$IEEE802154_LLSEC_SETPARAMS(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000400)={0x24, r6, 0x10d, 0x0, 0x0, {}, [@IEEE802154_ATTR_DEV_INDEX={0x8, 0x2, r3}, @IEEE802154_ATTR_LLSEC_SECLEVEL={0x5, 0x2a, 0x20}]}, 0x24}}, 0x0)
ioctl$sock_SIOCGIFINDEX_802154(r1, 0x8933, &(0x7f0000000400)={'wpan4\x00', <r7=>0x0})
sendmsg$NL802154_CMD_DEL_SEC_DEV(r0, &(0x7f0000000500)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f00000004c0)={&(0x7f0000000440)={0x44, 0x0, 0x300, 0x70bd25, 0x25dfdbfc, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x100000001}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r3}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r7}, @NL802154_ATTR_IFINDEX={0x8}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x100000001}]}, 0x44}}, 0x4)
r8 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r9 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000080), r8)
sendmsg$NLBL_MGMT_C_ADD(r8, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)={0x4c, r9, 0x1, 0x0, 0x0, {}, [@NLBL_MGMT_A_DOMAIN={0x6, 0x1, '%\x00'}, @NLBL_MGMT_A_IPV6ADDR={0x14, 0x5, @local}, @NLBL_MGMT_A_IPV6MASK={0x14, 0x6, @mcast1}, @NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x5}]}, 0x4c}, 0x1, 0x700000000000000}, 0x0)
sendmsg$NLBL_MGMT_C_REMOVE(r1, &(0x7f0000000300)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000240)={0x64, r9, 0x30, 0x70bd29, 0x25dfdbfe, {}, [@NLBL_MGMT_A_IPV6ADDR={0x14, 0x5, @loopback}, @NLBL_MGMT_A_IPV4ADDR={0x8, 0x7, @loopback}, @NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x5}, @NLBL_MGMT_A_IPV4MASK={0x8, 0x8, @private=0xa010100}, @NLBL_MGMT_A_CLPDOI={0x8}, @NLBL_MGMT_A_FAMILY={0x6, 0xb, 0x2b}, @NLBL_MGMT_A_IPV6MASK={0x14, 0x6, @private0}]}, 0x64}, 0x1, 0x0, 0x0, 0x4}, 0x0)

09:00:23 executing program 4:
syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x80000, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='proc\x00', 0x0, 0x0)
chroot(&(0x7f0000000040)='./file0\x00')
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/kexec_crash_size', 0x0, 0x161)
umount2(&(0x7f0000000140)='./file0\x00', 0x5)
umount2(&(0x7f0000000180)='./file0\x00', 0x0)

09:00:23 executing program 1:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{&(0x7f0000000040)=""/35, 0x23}, {0x0, 0x2}, {&(0x7f0000000300)=""/165, 0xa5}], 0x3, 0x74, 0x0)

09:00:23 executing program 6:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{&(0x7f0000000040)=""/35, 0x23}, {0x0}, {&(0x7f0000000300)=""/165, 0xa5}], 0x3, 0x10, 0x0)

09:00:23 executing program 3:
r0 = syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='proc\x00', 0x0, 0x0)
chroot(&(0x7f0000000040)='./file0\x00')
stat(&(0x7f0000000240)='./file0\x00', &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, <r1=>0x0})
setresuid(0x0, r1, 0x0)
mount$9p_fd(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f00000001c0), 0x4, &(0x7f0000000200)={'trans=fd,', {}, 0x2c, {'wfdno', 0x3d, r0}, 0x2c, {[{@loose}], [{@smackfsfloor={'smackfsfloor', 0x3d, 'proc\x00'}}, {@euid_lt={'euid<', 0xffffffffffffffff}}, {@euid_gt={'euid>', r1}}]}})
openat$dir(0xffffffffffffff9c, &(0x7f0000000300)='./file0\x00', 0x80200, 0x22)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/kexec_crash_size', 0x0, 0x0)
umount2(&(0x7f0000000180)='./file0\x00', 0x0)

09:00:23 executing program 7:
openat$sndseq(0xffffffffffffff9c, 0x0, 0x0)
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{0x0}, {&(0x7f0000000300)=""/165, 0xa5}], 0x2, 0x700, 0x0)

09:00:23 executing program 4:
r0 = syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='proc\x00', 0x0, 0x0)
chroot(&(0x7f0000000040)='./file0\x00')
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/kexec_crash_size', 0x0, 0x0)
umount2(&(0x7f0000000180)='./file0\x00', 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000040)={'wlan1\x00', <r2=>0x0})
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000001540), 0xffffffffffffffff)
sendmsg$NL80211_CMD_STOP_AP(r1, &(0x7f0000001600)={0x0, 0x0, &(0x7f00000015c0)={&(0x7f00000001c0)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r3, @ANYBLOB="010000736aea013d7ba68248cdf561948723647b6ffe36154ce8d8538c0d15af4923246900f9fdda256f5ad8fe5d251ff116f76693650c1f416428d8ced7cc77b8f98271808a", @ANYRES32=r2, @ANYBLOB], 0x1c}, 0x1, 0x0, 0x0, 0x2}, 0x0)
sendfile(r1, r0, 0x0, 0x1000)

[ 2615.716413] Call Trace:
[ 2615.716852]  <TASK>
[ 2615.717173]  x86_pmu_stop+0x149/0x330
[ 2615.717695]  x86_pmu_del+0x1be/0x610
[ 2615.718213]  event_sched_out+0x2ed/0xe80
[ 2615.718781]  __perf_remove_from_context+0x87/0xbe0
[ 2615.719460]  event_function+0x297/0x3d0
[ 2615.719980]  ? perf_uprobe_event_init+0x1c0/0x1c0
[ 2615.720627]  remote_function+0x125/0x1b0
[ 2615.721179]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 2615.721920]  ? perf_duration_warn+0x40/0x40
[ 2615.722528]  generic_exec_single+0x203/0x300
[ 2615.723200]  smp_call_function_single+0x189/0x460
[ 2615.723868]  ? perf_duration_warn+0x40/0x40
[ 2615.724453]  ? generic_exec_single+0x300/0x300
[ 2615.725073]  ? perf_duration_warn+0x40/0x40
[ 2615.725678]  ? event_function_call+0x2ee/0x430
[ 2615.726314]  ? event_function_call+0x137/0x430
[ 2615.726971]  event_function_call+0x3d0/0x430
[ 2615.727570]  ? perf_group_detach+0x11b0/0x11b0
[ 2615.728180]  ? perf_copy_attr+0x9c0/0x9c0
[ 2615.728738]  ? lock_release+0x3b2/0x6f0
[ 2615.729259]  ? perf_group_detach+0x11b0/0x11b0
[ 2615.729869]  ? perf_uprobe_event_init+0x1c0/0x1c0
[ 2615.730506]  ? _raw_spin_unlock_irq+0x1f/0x40
[ 2615.731152]  perf_remove_from_context+0x12e/0x260
[ 2615.731820]  perf_event_release_kernel+0x153/0x7f0
[ 2615.732470]  ? lock_is_held_type+0xd7/0x130
[ 2615.733060]  ? perf_pmu_migrate_context+0xae0/0xae0
[ 2615.733741]  ? lock_is_held_type+0xd7/0x130
[ 2615.734314]  perf_release+0x33/0x40
[ 2615.734858]  __fput+0x272/0x9d0
[ 2615.735299]  ? perf_event_release_kernel+0x7f0/0x7f0
[ 2615.735988]  task_work_run+0xe2/0x1a0
[ 2615.736510]  exit_to_user_mode_prepare+0x199/0x1a0
[ 2615.737162]  syscall_exit_to_user_mode+0x19/0x50
[ 2615.737806]  do_syscall_64+0x48/0x90
[ 2615.738306]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2615.739028] RIP: 0033:0x7f750a30a72b
[ 2615.739523] Code: 0f 05 48 3d 00 f0 ff ff 77 45 c3 0f 1f 40 00 48 83 ec 18 89 7c 24 0c e8 63 fc ff ff 8b 7c 24 0c 41 89 c0 b8 03 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 35 44 89 c7 89 44 24 0c e8 a1 fc ff ff 8b 44
[ 2615.741967] RSP: 002b:00007ffc8fa2e8d0 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[ 2615.743043] RAX: 0000000000000000 RBX: 0000000000000004 RCX: 00007f750a30a72b
[ 2615.743982] RDX: 0000000000000000 RSI: ffffffff8411f74e RDI: 0000000000000003
[ 2615.744913] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000001b30c2001c
[ 2615.745869] R10: 0000000000000f41 R11: 0000000000000293 R12: 00007f750a46bb60
[ 2615.746881] R13: 00007f750a46bb60 R14: 00007f750a46af60 R15: 000000000027e89f
[ 2615.747837]  ? syscall_exit_to_user_mode+0x1e/0x50
[ 2615.748510]  </TASK>
09:00:24 executing program 1:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{&(0x7f0000000040)=""/35, 0x23}, {0x0, 0x2}, {&(0x7f0000000300)=""/165, 0xa5}], 0x3, 0x7a, 0x0)

[ 2615.817488] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.4'.
[ 2615.833643] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.4'.
09:00:24 executing program 7:
openat$sndseq(0xffffffffffffff9c, 0x0, 0x0)
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{0x0}, {&(0x7f0000000300)=""/165, 0xa5}], 0x2, 0xa00, 0x0)

09:00:24 executing program 6:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{&(0x7f0000000040)=""/35, 0x23}, {0x0}, {&(0x7f0000000300)=""/165, 0xa5}], 0x3, 0x48, 0x0)

09:00:39 executing program 4:
syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='proc\x00', 0x0, 0x0)
chroot(&(0x7f0000000040)='./file0\x00')
open$dir(&(0x7f0000000140)='./file0\x00', 0x109001, 0x190)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/kexec_crash_size', 0x0, 0x0)
umount2(&(0x7f0000000180)='./file0\x00', 0x0)

09:00:39 executing program 3:
socketpair$unix(0x1, 0x5, 0x0, 0x0)
r0 = fsopen(&(0x7f0000000080)='hugetlbfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
sendmsg$unix(0xffffffffffffffff, 0x0, 0x4810)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
pwritev(r1, &(0x7f0000000640)=[{&(0x7f00000002c0)="19", 0x1}], 0x1, 0x8000000, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0)
r3 = socket$inet6(0xa, 0x1, 0x0)
bind$inet6(r3, &(0x7f00000002c0)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
connect$inet6(r3, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c)
recvfrom(r3, &(0x7f00000003c0)=""/87, 0x20010397, 0x300, 0x0, 0x0)
sendfile(r3, r2, 0x0, 0xfffffdef)
readv(0xffffffffffffffff, &(0x7f0000000040), 0x0)
openat$cgroup_freezer_state(0xffffffffffffffff, 0x0, 0x2, 0x0)
close(0xffffffffffffffff)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000001540), 0xffffffffffffffff)
sendmsg$NL80211_CMD_STOP_AP(r4, &(0x7f0000001600)={0x0, 0x0, &(0x7f00000015c0)={&(0x7f0000001580)={0x1c, 0x0, 0x1, 0x0, 0x0, {{}, {@val={0x8}, @void}}}, 0x1c}}, 0x0)
getsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f0000000040), &(0x7f0000000080)=0xc)
syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x2200)

09:00:39 executing program 0:
perf_event_open$cgroup(&(0x7f0000000c00)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x600, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

09:00:39 executing program 6:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{&(0x7f0000000040)=""/35, 0x23}, {0x0}, {&(0x7f0000000300)=""/165, 0xa5}], 0x3, 0x4c, 0x0)

[ 2631.284656] Call Trace:
[ 2631.285015]  <TASK>
[ 2631.285284]  ? x86_pmu_start+0x1c0/0x240
[ 2631.285733]  x86_pmu_enable+0x580/0xd90
[ 2631.286171]  ? amd_pmu_disable_virt+0xa0/0xa0
[ 2631.286663]  ctx_resched+0x2b9/0x3a0
[ 2631.287113]  __perf_install_in_context+0x285/0xa40
[ 2631.287652]  ? ctx_resched+0x3a0/0x3a0
[ 2631.288072]  remote_function+0x125/0x1b0
[ 2631.288511]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 2631.289098]  ? perf_duration_warn+0x40/0x40
[ 2631.289558]  generic_exec_single+0x203/0x300
[ 2631.290029]  smp_call_function_single+0x189/0x460
[ 2631.290556]  ? perf_duration_warn+0x40/0x40
[ 2631.291705]  ? generic_exec_single+0x300/0x300
[ 2631.292197]  ? perf_duration_warn+0x40/0x40
[ 2631.292661]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 2631.293254]  ? lock_is_held_type+0xd7/0x130
[ 2631.293722]  perf_install_in_context+0x4da/0x590
[ 2631.294226]  ? list_add_event+0xeb0/0xeb0
[ 2631.294673]  ? ctx_resched+0x3a0/0x3a0
[ 2631.295192]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 2631.296058]  ? exclusive_event_installable+0x254/0x320
[ 2631.296892]  __do_sys_perf_event_open+0x1bf0/0x3040
[ 2631.297614]  ? __up_read+0x192/0x710
[ 2631.298147]  ? perf_remove_from_context+0x260/0x260
[ 2631.298859]  ? up_write+0x460/0x460
[ 2631.299415]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2631.300166]  do_syscall_64+0x3b/0x90
[ 2631.300678]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2631.301370] RIP: 0033:0x7f750a357b19
[ 2631.301859] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2631.304338] RSP: 002b:00007f75078cd188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a
[ 2631.305373] RAX: ffffffffffffffda RBX: 00007f750a46af60 RCX: 00007f750a357b19
[ 2631.306389] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000c00
[ 2631.307400] RBP: 00007f750a3b1f6d R08: 0000000000000000 R09: 0000000000000000
[ 2631.308334] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000000
[ 2631.309289] R13: 00007ffc8fa2e86f R14: 00007f75078cd300 R15: 0000000000022000
[ 2631.310331]  </TASK>
[ 2631.336287] Call Trace:
[ 2631.336714]  <IRQ>
[ 2631.337022]  x86_pmu_stop+0x149/0x330
[ 2631.337615]  x86_pmu_del+0x1be/0x610
[ 2631.338174]  event_sched_out+0x2ed/0xe80
[ 2631.338757]  __perf_remove_from_context+0x87/0xbe0
[ 2631.339481]  event_function+0x297/0x3d0
[ 2631.340031]  ? perf_uprobe_event_init+0x1c0/0x1c0
[ 2631.340749]  remote_function+0x125/0x1b0
[ 2631.341324]  flush_smp_call_function_queue+0x1df/0x610
[ 2631.342051]  ? perf_duration_warn+0x40/0x40
[ 2631.342663]  __sysvec_call_function_single+0x92/0x3a0
[ 2631.343451]  sysvec_call_function_single+0x89/0xc0
[ 2631.344149]  </IRQ>
[ 2631.344459]  <TASK>
[ 2631.344767]  asm_sysvec_call_function_single+0x12/0x20
[ 2631.345507] RIP: 0010:unwind_next_frame+0x276/0x2250
[ 2631.346210] Code: 48 89 54 24 30 48 89 74 24 28 44 89 5c 24 20 e8 00 31 65 00 48 8b 54 24 30 48 8b 74 24 28 44 8b 5c 24 20 8b 0c 95 18 c9 01 86 <8d> 56 01 48 b8 00 00 00 00 00 fc ff df 48 8d 3c 95 18 c9 01 86 49
[ 2631.348810] RSP: 0018:ffff8880175bf2d8 EFLAGS: 00000246
[ 2631.349579] RAX: 0000000000000007 RBX: 1ffff11002eb7e64 RCX: 0000000000023096
[ 2631.350575] RDX: 000000000000826b RSI: 000000000000826b RDI: ffffffff8603d2c4
[ 2631.351607] RBP: 0000000000000001 R08: ffffffff850c1400 R09: ffffffff85d2fd18
[ 2631.352627] R10: ffffed1002eb7e84 R11: 000000000003403b R12: ffff8880175bf410
[ 2631.353630] R13: ffff8880175bf3f9 R14: ffff8880175bf3b8 R15: ffffffff81826bf7
[ 2631.354642]  ? inode_init_always+0x5d7/0xd20
[ 2631.355349]  ? unwind_next_frame+0x120/0x2250
[ 2631.355971]  ? inode_init_always+0x5d8/0xd20
[ 2631.356566]  ? deref_stack_reg+0x150/0x150
[ 2631.357132]  ? inode_init_always+0x5d8/0xd20
[ 2631.357728]  ? kernel_text_address+0xd/0xb0
[ 2631.358323]  ? create_prof_cpu_mask+0x20/0x20
[ 2631.358934]  arch_stack_walk+0x83/0xf0
[ 2631.359532]  ? inode_init_always+0x5d8/0xd20
[ 2631.360135]  stack_trace_save+0x8c/0xc0
[ 2631.360692]  ? filter_irq_stacks+0x90/0x90
[ 2631.361259]  ? __lock_acquire+0x164e/0x6120
[ 2631.361825]  kasan_save_stack+0x1e/0x40
[ 2631.362357]  ? kasan_save_stack+0x1e/0x40
[ 2631.362893]  ? __kasan_slab_alloc+0x66/0x80
[ 2631.363471]  ? kmem_cache_alloc+0x1aa/0x480
[ 2631.364037]  ? security_inode_alloc+0x34/0x160
[ 2631.364647]  ? inode_init_always+0x5d8/0xd20
[ 2631.365224]  ? lockdep_hardirqs_on_prepare+0x400/0x400
[ 2631.365926]  ? lockdep_hardirqs_on_prepare+0x400/0x400
[ 2631.366671]  ? lock_is_held_type+0xd7/0x130
[ 2631.367381]  ? find_held_lock+0x2c/0x110
[ 2631.368023]  ? lock_release+0x3b2/0x6f0
[ 2631.368594]  ? fs_reclaim_acquire+0xb2/0x160
[ 2631.369208]  ? lock_is_held_type+0xd7/0x130
[ 2631.369801]  ? kasan_unpoison+0x23/0x50
[ 2631.370333]  __kasan_slab_alloc+0x66/0x80
[ 2631.370916]  kmem_cache_alloc+0x1aa/0x480
[ 2631.371549]  security_inode_alloc+0x34/0x160
[ 2631.372232]  inode_init_always+0x5d8/0xd20
[ 2631.372865]  alloc_inode+0x84/0x240
[ 2631.373406]  new_inode+0x23/0x240
[ 2631.373892]  proc_pid_make_inode+0x26/0x3c0
[ 2631.374528]  ? lock_is_held_type+0xd7/0x130
[ 2631.375145]  proc_pident_instantiate+0x81/0x310
[ 2631.375773]  proc_pident_lookup+0x1e7/0x270
[ 2631.376369]  lookup_open.isra.0+0x973/0x1680
[ 2631.376983]  ? lookup_fast+0x6e0/0x6e0
[ 2631.377519]  ? mac802154_llsec_dev_add+0x520/0x910
[ 2631.378191]  ? mac802154_llsec_dev_add+0x520/0x910
[ 2631.378852]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 2631.379642]  ? __mnt_want_write+0x1fa/0x2e0
[ 2631.380233]  path_openat+0x99f/0x2870
[ 2631.380782]  ? path_lookupat+0x850/0x850
[ 2631.381327]  ? lockdep_hardirqs_on_prepare+0x400/0x400
[ 2631.382047]  ? lock_is_held_type+0xd7/0x130
[ 2631.382639]  do_filp_open+0x1aa/0x400
[ 2631.383209]  ? may_open_dev+0xf0/0xf0
[ 2631.383710]  ? simple_attr_release+0x40/0x40
[ 2631.384289]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[ 2631.385000]  ? _find_next_bit+0x1e5/0x260
[ 2631.385536]  ? _raw_spin_unlock+0x24/0x40
[ 2631.386078]  ? alloc_fd+0x2f0/0x670
[ 2631.386548]  do_sys_openat2+0x16d/0x4c0
[ 2631.387104]  ? build_open_flags+0x6f0/0x6f0
[ 2631.387681]  ? up_write+0x460/0x460
[ 2631.388176]  __x64_sys_openat+0x13f/0x1f0
[ 2631.388736]  ? __x64_sys_open+0x1c0/0x1c0
[ 2631.389328]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2631.390055]  do_syscall_64+0x3b/0x90
[ 2631.390573]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2631.391319] RIP: 0033:0x7f928d2d6a04
[ 2631.391814] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44
[ 2631.394264] RSP: 002b:00007ffe916ec5b0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101
[ 2631.395350] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00007f928d2d6a04
[ 2631.396304] RDX: 0000000000080001 RSI: 00007f928d37dff5 RDI: 00000000ffffff9c
[ 2631.397344] RBP: 00007f928d37dff5 R08: 0000000000000000 R09: 00007ffe916ec5a0
[ 2631.398395] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000080001
[ 2631.399387] R13: 00007ffe916ec650 R14: 0000000000000000 R15: 00007ffe916ecbf0
[ 2631.400368]  </TASK>
09:00:39 executing program 7:
openat$sndseq(0xffffffffffffff9c, 0x0, 0x0)
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{0x0}, {&(0x7f0000000300)=""/165, 0xa5}], 0x2, 0x3f00, 0x0)

09:00:39 executing program 1:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{&(0x7f0000000040)=""/35, 0x23}, {0x0, 0x2}, {&(0x7f0000000300)=""/165, 0xa5}], 0x3, 0xbf, 0x0)

09:00:39 executing program 5:
socketpair$unix(0x1, 0x5, 0x0, 0x0)
sendmsg$unix(0xffffffffffffffff, 0x0, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
pwritev(r0, &(0x7f0000000640)=[{&(0x7f0000000180)="19", 0x1}], 0x1, 0x8000000, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0)
r2 = socket$inet6(0xa, 0x1, 0x0)
bind$inet6(r2, &(0x7f00000002c0)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c)
recvfrom(r2, &(0x7f00000003c0)=""/87, 0x20010397, 0x300, 0x0, 0x0)
sendfile(r2, r1, 0x0, 0xfffffdef)
readv(0xffffffffffffffff, &(0x7f0000000040), 0x0)
r3 = openat$cgroup_freezer_state(0xffffffffffffffff, 0x0, 0x2, 0x0)
close(0xffffffffffffffff)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000001540), 0xffffffffffffffff)
sendmsg$NL80211_CMD_STOP_AP(r4, &(0x7f0000001600)={0x0, 0x0, &(0x7f00000015c0)={&(0x7f0000001580)={0x1c, 0x0, 0x1, 0x0, 0x0, {{}, {@val={0x8}, @void}}}, 0x1c}}, 0x0)
sendmsg$NL80211_CMD_STOP_AP(0xffffffffffffffff, &(0x7f0000001600)={0x0, 0x0, &(0x7f00000015c0)={&(0x7f0000001580)={0x1c, 0x0, 0x1, 0x0, 0x0, {{}, {@val={0x8}, @void}}}, 0x1c}}, 0x0)
sendfile(r3, 0xffffffffffffffff, &(0x7f00000000c0)=0x7, 0x100)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000040), &(0x7f0000000140)=0xc)
syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x2200)

09:00:39 executing program 2:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NLBL_MGMT_C_VERSION(r0, &(0x7f00000001c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x24, 0x0, 0x100, 0x70bd25, 0x25dfdbfd, {}, [@NLBL_MGMT_A_PROTOCOL={0x8}, @NLBL_MGMT_A_FAMILY={0x6, 0xb, 0x1}]}, 0x24}, 0x1, 0x0, 0x0, 0x4001}, 0x4080)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$netlbl_cipso(&(0x7f0000000340), r1)
sendmsg$NLBL_CIPSOV4_C_LIST(r1, &(0x7f0000000c80)={0x0, 0x0, &(0x7f0000000c40)={&(0x7f0000000980)={0x18, r2, 0x1, 0x0, 0x0, {}, [@NLBL_CIPSOV4_A_MLSLVLLST={0x4}]}, 0x18}}, 0x0)
ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000180)={'wpan0\x00', <r3=>0x0})
r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000780), r5)
sendmsg$IEEE802154_LLSEC_SETPARAMS(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000400)={0x24, r6, 0x10d, 0x0, 0x0, {}, [@IEEE802154_ATTR_DEV_INDEX={0x8, 0x2, r3}, @IEEE802154_ATTR_LLSEC_SECLEVEL={0x5, 0x2a, 0x20}]}, 0x24}}, 0x0)
ioctl$sock_SIOCGIFINDEX_802154(r1, 0x8933, &(0x7f0000000400)={'wpan4\x00', <r7=>0x0})
sendmsg$NL802154_CMD_DEL_SEC_DEV(r0, &(0x7f0000000500)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f00000004c0)={&(0x7f0000000440)={0x44, 0x0, 0x300, 0x70bd25, 0x25dfdbfc, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x100000001}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r3}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r7}, @NL802154_ATTR_IFINDEX={0x8}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x100000001}]}, 0x44}}, 0x4)
r8 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r9 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000080), r8)
sendmsg$NLBL_MGMT_C_ADD(r8, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)={0x4c, r9, 0x1, 0x0, 0x0, {}, [@NLBL_MGMT_A_DOMAIN={0x6, 0x1, '%\x00'}, @NLBL_MGMT_A_IPV6ADDR={0x14, 0x5, @local}, @NLBL_MGMT_A_IPV6MASK={0x14, 0x6, @mcast1}, @NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x5}]}, 0x4c}, 0x1, 0x700000000000000}, 0x0)

09:00:39 executing program 1:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{&(0x7f0000000040)=""/35, 0x23}, {0x0, 0x2}, {&(0x7f0000000300)=""/165, 0xa5}], 0x3, 0x300, 0x0)

09:00:39 executing program 4:
syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = openat$cdrom(0xffffffffffffff9c, &(0x7f0000000040), 0x800, 0x0)
r1 = openat$cdrom(0xffffffffffffff9c, &(0x7f0000000040), 0x800, 0x0)
ioctl$CDROM_LOCKDOOR(r1, 0x5329, 0x0)
syz_mount_image$tmpfs(&(0x7f00000000c0), &(0x7f0000000140)='./file1\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000640)={[{@mpol={'mpol', 0x3d, {'bind', '', @val={0x3a, [0x30, 0x9]}}}}]})
r2 = openat$cdrom(0xffffffffffffff9c, &(0x7f0000000040), 0x800, 0x0)
ioctl$CDROM_LOCKDOOR(r2, 0x5329, 0x0)
ioctl$CDROM_LOCKDOOR(r2, 0x5329, 0x1)
ioctl$CDROMEJECT_SW(r0, 0x530f, 0x1)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='proc\x00', 0x0, 0x0)
chroot(&(0x7f0000000040)='./file0\x00')
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/kexec_crash_size', 0x0, 0x0)
umount2(&(0x7f0000000180)='./file0\x00', 0x0)

09:00:39 executing program 7:
openat$sndseq(0xffffffffffffff9c, 0x0, 0x0)
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{0x0}, {&(0x7f0000000300)=""/165, 0xa5}], 0x2, 0x4800, 0x0)

09:00:39 executing program 6:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{&(0x7f0000000040)=""/35, 0x23}, {0x0}, {&(0x7f0000000300)=""/165, 0xa5}], 0x3, 0x68, 0x0)

09:00:39 executing program 1:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{&(0x7f0000000040)=""/35, 0x23}, {0x0, 0x2}, {&(0x7f0000000300)=""/165, 0xa5}], 0x3, 0x500, 0x0)

[ 2631.498729] Call Trace:
[ 2631.499186]  <TASK>
[ 2631.499515]  ? x86_pmu_start+0x1c0/0x240
[ 2631.500098]  x86_pmu_enable+0x580/0xd90
[ 2631.500667]  ? amd_pmu_disable_virt+0xa0/0xa0
[ 2631.501326]  ctx_resched+0x2b9/0x3a0
[ 2631.501871]  __perf_install_in_context+0x285/0xa40
[ 2631.502603]  ? ctx_resched+0x3a0/0x3a0
[ 2631.503194]  remote_function+0x125/0x1b0
[ 2631.503811]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 2631.504607]  ? perf_duration_warn+0x40/0x40
[ 2631.505213]  generic_exec_single+0x203/0x300
[ 2631.505831]  smp_call_function_single+0x189/0x460
[ 2631.506515]  ? perf_duration_warn+0x40/0x40
[ 2631.507149]  ? generic_exec_single+0x300/0x300
[ 2631.507793]  ? perf_duration_warn+0x40/0x40
[ 2631.508405]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 2631.509173]  ? lock_is_held_type+0xd7/0x130
[ 2631.509789]  perf_install_in_context+0x4da/0x590
[ 2631.510475]  ? list_add_event+0xeb0/0xeb0
[ 2631.511067]  ? ctx_resched+0x3a0/0x3a0
[ 2631.511609]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 2631.512365]  ? exclusive_event_installable+0x254/0x320
[ 2631.513134]  __do_sys_perf_event_open+0x1bf0/0x3040
[ 2631.513905]  ? perf_remove_from_context+0x260/0x260
[ 2631.514587]  ? xfd_validate_state+0x59/0x180
[ 2631.515259]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2631.516006]  do_syscall_64+0x3b/0x90
[ 2631.516508]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2631.517200] RIP: 0033:0x7f750a357b19
[ 2631.517708] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2631.520300] RSP: 002b:00007f75078cd188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a
[ 2631.521336] RAX: ffffffffffffffda RBX: 00007f750a46af60 RCX: 00007f750a357b19
[ 2631.522320] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000c00
[ 2631.523347] RBP: 00007f750a3b1f6d R08: 0000000000000000 R09: 0000000000000000
[ 2631.524319] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000000
[ 2631.525278] R13: 00007ffc8fa2e86f R14: 00007f75078cd300 R15: 0000000000022000
[ 2631.526289]  </TASK>
09:00:39 executing program 7:
openat$sndseq(0xffffffffffffff9c, 0x0, 0x0)
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{0x0}, {&(0x7f0000000300)=""/165, 0xa5}], 0x2, 0x4c00, 0x0)

09:00:39 executing program 6:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{&(0x7f0000000040)=""/35, 0x23}, {0x0}, {&(0x7f0000000300)=""/165, 0xa5}], 0x3, 0x6c, 0x0)

[ 2631.758164] Call Trace:
[ 2631.758611]  <IRQ>
[ 2631.758908]  x86_pmu_stop+0x149/0x330
[ 2631.759465]  x86_pmu_del+0x1be/0x610
[ 2631.760011]  event_sched_out+0x2ed/0xe80
[ 2631.760550]  __perf_remove_from_context+0x87/0xbe0
[ 2631.761269]  event_function+0x297/0x3d0
[ 2631.761847]  ? perf_uprobe_event_init+0x1c0/0x1c0
[ 2631.762563]  remote_function+0x125/0x1b0
[ 2631.763185]  flush_smp_call_function_queue+0x1df/0x610
[ 2631.763949]  ? perf_duration_warn+0x40/0x40
[ 2631.764597]  __sysvec_call_function_single+0x92/0x3a0
[ 2631.765401]  sysvec_call_function_single+0x89/0xc0
[ 2631.766098]  </IRQ>
[ 2631.766390]  <TASK>
[ 2631.766685]  asm_sysvec_call_function_single+0x12/0x20
[ 2631.767475] RIP: 0010:lock_is_held_type+0x54/0x130
[ 2631.768250] Code: c0 0f 85 c3 00 00 00 65 4c 8b 24 25 40 6f 02 00 41 8b 94 24 a4 09 00 00 85 d2 0f 85 aa 00 00 00 48 89 fd 41 89 f6 9c 8f 04 24 <fa> 48 c7 c7 c0 b3 66 84 4d 8d ac 24 a8 09 00 00 31 db e8 c5 09 00
[ 2631.770869] RSP: 0018:ffff8880413af290 EFLAGS: 00000246
[ 2631.771664] RAX: 0000000000000000 RBX: 1ffff11008275e5e RCX: 0000000000000001
[ 2631.772655] RDX: 0000000000000000 RSI: 00000000ffffffff RDI: ffffffff85201d00
[ 2631.773615] RBP: ffffffff85201d00 R08: 0000000000000000 R09: ffffffff858dbcd7
[ 2631.774616] R10: fffffbfff0b1b79a R11: 0000000000000001 R12: ffff88804abf3580
[ 2631.775611] R13: 00000000ffffffff R14: 00000000ffffffff R15: 0000000000000000
[ 2631.776674]  rcu_read_lock_sched_held+0x3a/0x70
[ 2631.777340]  lock_acquire+0x41c/0x4d0
[ 2631.777877]  ? lock_release+0x6f0/0x6f0
[ 2631.778427]  ? lock_release+0x3b2/0x6f0
[ 2631.778974]  ? rcu_read_unlock+0x9/0x60
[ 2631.779518]  ? lock_downgrade+0x6d0/0x6d0
[ 2631.780093]  folio_add_lru+0x186/0x650
[ 2631.780638]  ? folio_add_lru+0x156/0x650
[ 2631.781224]  lru_cache_add_inactive_or_unevictable+0x106/0x240
[ 2631.782039]  __handle_mm_fault+0x1ecb/0x35c0
[ 2631.782666]  ? lock_is_held_type+0xd7/0x130
[ 2631.783335]  ? __pmd_alloc+0x680/0x680
[ 2631.783911]  handle_mm_fault+0x2e6/0xa20
[ 2631.784495]  do_user_addr_fault+0x54a/0x12a0
[ 2631.785093]  exc_page_fault+0xa2/0x1a0
[ 2631.785624]  asm_exc_page_fault+0x1e/0x30
[ 2631.786181] RIP: 0010:copy_user_generic_string+0x2c/0x40
[ 2631.786882] Code: cb 83 fa 08 72 27 89 f9 83 e1 07 74 15 83 e9 08 f7 d9 29 ca 8a 06 88 07 48 ff c6 48 ff c7 ff c9 75 f2 89 d1 c1 e9 03 83 e2 07 <f3> 48 a5 89 d1 f3 a4 31 c0 0f 01 ca c3 8d 0c ca 89 ca eb 20 0f 01
[ 2631.789367] RSP: 0018:ffff8880413af720 EFLAGS: 00050246
[ 2631.790111] RAX: 0000000000000001 RBX: 0000000000001000 RCX: 0000000000000078
[ 2631.791113] RDX: 0000000000000000 RSI: ffff88804132cc40 RDI: 000000002059e000
[ 2631.792104] RBP: 000000002059d3c0 R08: 0000000000000000 R09: ffff88804132cfff
[ 2631.793098] R10: ffffed10082659ff R11: 0000000000000001 R12: ffff88804132c000
[ 2631.794064] R13: 00007fffffffe000 R14: 0000000000000000 R15: ffff8880413afd70
[ 2631.795118]  copyout.part.0+0xd1/0x100
[ 2631.795658]  _copy_to_iter+0x2b1/0x1820
[ 2631.796210]  ? lock_is_held_type+0xd7/0x130
[ 2631.796806]  ? copy_page_from_iter+0x9f0/0x9f0
[ 2631.797438]  ? lock_is_held_type+0xd7/0x130
[ 2631.798044]  ? find_held_lock+0x2c/0x110
[ 2631.798616]  ? lock_release+0x3b2/0x6f0
[ 2631.799196]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[ 2631.799943]  ? __virt_addr_valid+0xe9/0x310
[ 2631.800548]  ? __sanitizer_cov_trace_const_cmp1+0x22/0x80
[ 2631.801308]  ? __sanitizer_cov_trace_cmp8+0x1d/0x70
[ 2631.801994]  ? __check_object_size+0x1b5/0x4e0
[ 2631.802609]  simple_copy_to_iter+0x4c/0x70
[ 2631.803196]  __skb_datagram_iter+0x4f1/0x880
[ 2631.803791]  ? receiver_wake_function+0x70/0x70
[ 2631.804451]  skb_copy_datagram_iter+0x85/0x270
[ 2631.805095]  tcp_recvmsg_locked+0xecf/0x1e80
[ 2631.805701]  ? tcp_update_recv_tstamps+0x230/0x230
[ 2631.806348]  ? mark_held_locks+0x9e/0xe0
[ 2631.806875]  ? __local_bh_enable_ip+0xa0/0x120
[ 2631.807513]  tcp_recvmsg+0x137/0x620
[ 2631.808007]  ? tcp_recv_timestamp+0x6e0/0x6e0
[ 2631.808600]  ? lock_release+0x3b2/0x6f0
[ 2631.809111]  ? selinux_socket_recvmsg+0x1fd/0x2b0
[ 2631.809746]  ? selinux_socket_getsockopt+0x2b0/0x2b0
[ 2631.810448]  ? tcp_recv_timestamp+0x6e0/0x6e0
[ 2631.811121]  inet6_recvmsg+0x13b/0x670
[ 2631.811648]  ? inet6_bind+0x120/0x120
[ 2631.812174]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 2631.812889]  ? security_socket_recvmsg+0x95/0xc0
[ 2631.813528]  ? inet6_bind+0x120/0x120
[ 2631.814049]  sock_recvmsg+0xfb/0x180
[ 2631.814578]  __sys_recvfrom+0x1b8/0x2f0
[ 2631.815150]  ? __ia32_sys_send+0x100/0x100
[ 2631.815716]  ? __sanitizer_cov_trace_cmp8+0x1d/0x70
[ 2631.816385]  ? xfd_validate_state+0x59/0x180
[ 2631.816972]  ? restore_fpregs_from_fpstate+0xcc/0x1e0
[ 2631.817680]  __x64_sys_recvfrom+0xdd/0x1b0
[ 2631.818271]  ? lockdep_hardirqs_on+0x79/0x100
[ 2631.818884]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2631.819615]  do_syscall_64+0x3b/0x90
[ 2631.820106]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2631.820831] RIP: 0033:0x7fd83d5f0b19
[ 2631.821341] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2631.823976] RSP: 002b:00007fd83ab66188 EFLAGS: 00000246 ORIG_RAX: 000000000000002d
[ 2631.824981] RAX: ffffffffffffffda RBX: 00007fd83d703f60 RCX: 00007fd83d5f0b19
[ 2631.825996] RDX: 0000000020010397 RSI: 00000000200003c0 RDI: 0000000000000005
[ 2631.826987] RBP: 00007fd83d64af6d R08: 0000000000000000 R09: 0000000000000000
[ 2631.827966] R10: 0000000000000300 R11: 0000000000000246 R12: 0000000000000000
[ 2631.829015] R13: 00007ffd342fb13f R14: 00007fd83ab66300 R15: 0000000000022000
[ 2631.829987]  </TASK>
09:00:55 executing program 5:
socketpair$unix(0x1, 0x5, 0x0, 0x0)
sendmsg$unix(0xffffffffffffffff, 0x0, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
pwritev(r0, &(0x7f0000000640)=[{&(0x7f00000002c0)="19", 0x1}], 0x1, 0x8000000, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0)
r2 = socket$inet6(0xa, 0x1, 0x0)
bind$inet6(r2, &(0x7f00000002c0)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c)
recvfrom(r2, &(0x7f00000003c0)=""/87, 0x20010397, 0x300, 0x0, 0x0)
sendfile(r2, r1, 0x0, 0xfffffdef)
readv(0xffffffffffffffff, &(0x7f0000000040), 0x0)
openat$cgroup_freezer_state(0xffffffffffffffff, 0x0, 0x2, 0x0)
mknodat$null(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x2000, 0x103)
openat$cgroup_netprio_ifpriomap(0xffffffffffffffff, &(0x7f00000000c0), 0x2, 0x0)
close(0xffffffffffffffff)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000001540), 0xffffffffffffffff)
sendmsg$NL80211_CMD_STOP_AP(r3, &(0x7f0000001600)={0x0, 0x0, &(0x7f00000015c0)={&(0x7f0000001580)={0x1c, 0x0, 0x1, 0x0, 0x0, {{}, {@val={0x8}, @void}}}, 0x1c}}, 0x0)
getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000000040), &(0x7f0000000080)=0xc)
syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x2200)

09:00:55 executing program 1:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{&(0x7f0000000040)=""/35, 0x23}, {0x0, 0x2}, {&(0x7f0000000300)=""/165, 0xa5}], 0x3, 0x600, 0x0)

09:00:55 executing program 3:
syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = openat$cdrom(0xffffffffffffff9c, &(0x7f0000000040), 0x800, 0x0)
r1 = openat$cdrom(0xffffffffffffff9c, &(0x7f0000000040), 0x800, 0x0)
ioctl$CDROM_LOCKDOOR(r1, 0x5329, 0x0)
syz_mount_image$tmpfs(&(0x7f00000000c0), &(0x7f0000000140)='./file1\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000640)={[{@mpol={'mpol', 0x3d, {'bind', '', @val={0x3a, [0x30, 0x9]}}}}]})
r2 = openat$cdrom(0xffffffffffffff9c, &(0x7f0000000040), 0x800, 0x0)
ioctl$CDROM_LOCKDOOR(r2, 0x5329, 0x0)
ioctl$CDROM_LOCKDOOR(r2, 0x5329, 0x1)
ioctl$CDROMEJECT_SW(r0, 0x530f, 0x1)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='proc\x00', 0x0, 0x0)
chroot(&(0x7f0000000040)='./file0\x00')
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/kexec_crash_size', 0x0, 0x0)
umount2(&(0x7f0000000180)='./file0\x00', 0x0)

09:00:55 executing program 6:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{&(0x7f0000000040)=""/35, 0x23}, {0x0}, {&(0x7f0000000300)=""/165, 0xa5}], 0x3, 0x74, 0x0)

09:00:55 executing program 4:
syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='proc\x00', 0x0, 0x0)
chroot(&(0x7f0000000040)='./file0\x00')
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000140)='/sys/module/nmi_backtrace', 0x400000, 0x0)
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736689254300080120000400004000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, 0x0, 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$P9_RREADLINK(r0, &(0x7f00000001c0)={0x10, 0x17, 0x1, {0x7, './file1'}}, 0x10)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r2, &(0x7f0000001180)=ANY=[], 0x220)
chdir(&(0x7f0000000040)='./file1\x00')
sendfile(r2, r1, 0x0, 0xfffffdef)
umount2(&(0x7f0000000180)='./file0\x00', 0x0)

09:00:55 executing program 7:
openat$sndseq(0xffffffffffffff9c, 0x0, 0x0)
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{0x0}, {&(0x7f0000000300)=""/165, 0xa5}], 0x2, 0x6800, 0x0)

09:00:55 executing program 0:
perf_event_open$cgroup(&(0x7f0000000c00)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x700, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

09:00:55 executing program 2:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NLBL_MGMT_C_VERSION(r0, &(0x7f00000001c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x24, 0x0, 0x100, 0x70bd25, 0x25dfdbfd, {}, [@NLBL_MGMT_A_PROTOCOL={0x8}, @NLBL_MGMT_A_FAMILY={0x6, 0xb, 0x1}]}, 0x24}, 0x1, 0x0, 0x0, 0x4001}, 0x4080)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$netlbl_cipso(&(0x7f0000000340), r1)
sendmsg$NLBL_CIPSOV4_C_LIST(r1, &(0x7f0000000c80)={0x0, 0x0, &(0x7f0000000c40)={&(0x7f0000000980)={0x18, r2, 0x1, 0x0, 0x0, {}, [@NLBL_CIPSOV4_A_MLSLVLLST={0x4}]}, 0x18}}, 0x0)
ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000180)={'wpan0\x00', <r3=>0x0})
r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000780), r5)
sendmsg$IEEE802154_LLSEC_SETPARAMS(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000400)={0x24, r6, 0x10d, 0x0, 0x0, {}, [@IEEE802154_ATTR_DEV_INDEX={0x8, 0x2, r3}, @IEEE802154_ATTR_LLSEC_SECLEVEL={0x5, 0x2a, 0x20}]}, 0x24}}, 0x0)
ioctl$sock_SIOCGIFINDEX_802154(r1, 0x8933, &(0x7f0000000400)={'wpan4\x00', <r7=>0x0})
sendmsg$NL802154_CMD_DEL_SEC_DEV(r0, &(0x7f0000000500)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f00000004c0)={&(0x7f0000000440)={0x44, 0x0, 0x300, 0x70bd25, 0x25dfdbfc, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x100000001}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r3}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r7}, @NL802154_ATTR_IFINDEX={0x8}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x100000001}]}, 0x44}}, 0x4)
r8 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NLBL_MGMT_C_ADD(r8, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)={0x4c, 0x0, 0x1, 0x0, 0x0, {}, [@NLBL_MGMT_A_DOMAIN={0x6, 0x1, '%\x00'}, @NLBL_MGMT_A_IPV6ADDR={0x14, 0x5, @local}, @NLBL_MGMT_A_IPV6MASK={0x14, 0x6, @mcast1}, @NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x5}]}, 0x4c}, 0x1, 0x700000000000000}, 0x0)

[ 2647.186767] Call Trace:
[ 2647.187312]  <IRQ>
[ 2647.187599]  ? x86_pmu_start+0x1c0/0x240
[ 2647.188161]  x86_pmu_enable+0x580/0xd90
[ 2647.188677]  ? amd_pmu_disable_virt+0xa0/0xa0
[ 2647.189300]  ctx_resched+0x2b9/0x3a0
[ 2647.189814]  __perf_install_in_context+0x285/0xa40
[ 2647.190479]  ? __irq_exit_rcu+0x113/0x170
[ 2647.191059]  ? ctx_resched+0x3a0/0x3a0
[ 2647.191633]  remote_function+0x125/0x1b0
[ 2647.192221]  flush_smp_call_function_queue+0x1df/0x610
[ 2647.192940]  ? perf_duration_warn+0x40/0x40
[ 2647.193556]  __sysvec_call_function_single+0x92/0x3a0
[ 2647.194296]  sysvec_call_function_single+0x89/0xc0
[ 2647.195041]  </IRQ>
[ 2647.195383]  <TASK>
[ 2647.195687]  asm_sysvec_call_function_single+0x12/0x20
[ 2647.196401] RIP: 0010:PageHuge+0x39/0x230
[ 2647.196990] Code: 08 00 00 00 48 89 df e8 c5 1a 04 00 48 89 da 48 b8 00 00 00 00 00 fc ff df 48 c1 ea 03 80 3c 02 00 0f 85 b6 01 00 00 48 8b 2b <31> ff 4c 8d 63 08 48 c1 ed 10 83 e5 01 89 ee e8 b3 5e d1 ff 40 84
[ 2647.199630] RSP: 0018:ffff888045c176f8 EFLAGS: 00000246
[ 2647.200386] RAX: dffffc0000000000 RBX: ffffea0000ef6900 RCX: ffffffff81725ebb
[ 2647.201404] RDX: 1ffffd40001ded20 RSI: 0000000000000008 RDI: ffffea0000ef6900
[ 2647.202394] RBP: 0100000000000000 R08: 0000000000000000 R09: ffffea0000ef6907
[ 2647.203415] R10: fffff940001ded20 R11: 0000000000000001 R12: 0000000000000000
[ 2647.204404] R13: ffff888041baa100 R14: 0000000000000001 R15: ffff888045c17a28
[ 2647.205399]  ? PageHuge+0x1b/0x230
[ 2647.205903]  ? PageHuge+0x1b/0x230
[ 2647.206400]  page_remove_rmap+0x1e2/0x490
[ 2647.206999]  unmap_page_range+0x10eb/0x2680
[ 2647.207674]  ? vm_normal_page+0x2e0/0x2e0
[ 2647.208288]  ? lock_release+0x3b2/0x6f0
[ 2647.208847]  ? lock_downgrade+0x6d0/0x6d0
[ 2647.209432]  ? uprobe_munmap+0x1c/0x560
[ 2647.209984]  unmap_single_vma+0x198/0x310
[ 2647.210560]  unmap_vmas+0x16b/0x2f0
[ 2647.211043]  ? lock_downgrade+0x6d0/0x6d0
[ 2647.211644]  ? unmap_mapping_range+0x280/0x280
[ 2647.212284]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 2647.213030]  exit_mmap+0x192/0x460
[ 2647.213530]  ? do_munmap+0x40/0x40
[ 2647.214040]  ? delayed_uprobe_remove+0x27/0x230
[ 2647.214684]  mmput+0xc8/0x380
[ 2647.215117]  do_exit+0xa0a/0x27e0
[ 2647.215626]  ? find_held_lock+0x2c/0x110
[ 2647.216174]  ? lock_release+0x3b2/0x6f0
[ 2647.216710]  ? mm_update_next_owner+0x7d0/0x7d0
[ 2647.217347]  ? lock_downgrade+0x6d0/0x6d0
[ 2647.217910]  ? lock_is_held_type+0xd7/0x130
[ 2647.218528]  do_group_exit+0xd2/0x2f0
[ 2647.219095]  get_signal+0x2303/0x2350
[ 2647.219667]  ? wake_up_q+0x8b/0xf0
[ 2647.220204]  ? signal_setup_done+0x520/0x520
[ 2647.220849]  arch_do_signal_or_restart+0x88/0x1a40
[ 2647.221564]  ? do_futex+0x136/0x380
[ 2647.222070]  ? __ia32_compat_sys_get_robust_list+0x3b0/0x3b0
[ 2647.222899]  ? get_sigframe_size+0x10/0x10
[ 2647.223514]  ? __x64_sys_futex+0x1c6/0x4c0
[ 2647.224092]  ? __x64_sys_openat+0x13f/0x1f0
[ 2647.224692]  ? __x64_sys_futex_time32+0x480/0x480
[ 2647.225353]  exit_to_user_mode_prepare+0x131/0x1a0
[ 2647.226028]  syscall_exit_to_user_mode+0x19/0x50
[ 2647.226698]  do_syscall_64+0x48/0x90
[ 2647.227219]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2647.227959] RIP: 0033:0x7f40f402eb19
[ 2647.228467] Code: Unable to access opcode bytes at RIP 0x7f40f402eaef.
[ 2647.229361] RSP: 002b:00007f40f15a4218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 2647.230351] RAX: 0000000000000000 RBX: 00007f40f4141f68 RCX: 00007f40f402eb19
[ 2647.231372] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f40f4141f68
[ 2647.232368] RBP: 00007f40f4141f60 R08: 0000000000000000 R09: 0000000000000000
[ 2647.233357] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f40f4141f6c
[ 2647.234330] R13: 00007ffe1d72044f R14: 00007f40f15a4300 R15: 0000000000022000
[ 2647.235346]  </TASK>
[ 2647.265869] Call Trace:
[ 2647.266274]  <IRQ>
[ 2647.266568]  x86_pmu_stop+0x149/0x330
[ 2647.267116]  x86_pmu_del+0x1be/0x610
[ 2647.267660]  event_sched_out+0x2ed/0xe80
[ 2647.268228]  __perf_remove_from_context+0x87/0xbe0
[ 2647.268912]  event_function+0x297/0x3d0
[ 2647.269434]  ? perf_uprobe_event_init+0x1c0/0x1c0
[ 2647.270076]  remote_function+0x125/0x1b0
[ 2647.270624]  flush_smp_call_function_queue+0x1df/0x610
[ 2647.271366]  ? perf_duration_warn+0x40/0x40
[ 2647.271937]  __sysvec_call_function_single+0x92/0x3a0
[ 2647.272646]  sysvec_call_function_single+0x89/0xc0
[ 2647.273324]  </IRQ>
[ 2647.273629]  <TASK>
[ 2647.273925]  asm_sysvec_call_function_single+0x12/0x20
[ 2647.274629] RIP: 0010:_raw_spin_unlock_irqrestore+0x2e/0x50
[ 2647.275399] Code: 48 83 c7 18 53 48 89 f3 48 8b 74 24 10 e8 7a 02 15 fd 48 89 ef e8 72 7f 15 fd 80 e7 02 74 06 e8 38 ae 36 fd fb bf 01 00 00 00 <e8> 6d 8b 0b fd 65 8b 05 e6 92 ee 7b 85 c0 74 03 5b 5d c3 0f 1f 44
[ 2647.277887] RSP: 0018:ffff888018427608 EFLAGS: 00000202
[ 2647.278637] RAX: 00000000002c1389 RBX: 0000000000000246 RCX: ffffffff81283e5f
[ 2647.279683] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000001
[ 2647.280729] RBP: ffff8880184277e0 R08: 0000000000000001 R09: ffffffff86a3e78f
[ 2647.281761] R10: fffffbfff0d47cf1 R11: 0000000000000001 R12: 0000000000000000
[ 2647.282754] R13: 0000000000000000 R14: 0000000000000003 R15: 0000000000000246
[ 2647.283906]  ? mark_lock.part.0+0xef/0x2f60
[ 2647.284540]  ? _raw_spin_unlock_irqrestore+0x28/0x50
[ 2647.285257]  __wake_up_common_lock+0xde/0x130
[ 2647.285919]  ? __wake_up_common+0x4c0/0x4c0
[ 2647.286539]  ? do_raw_spin_lock+0x121/0x260
[ 2647.287158]  __d_lookup_done+0x1dc/0x490
[ 2647.287771]  d_add+0x550/0x690
[ 2647.288244]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 2647.289004]  simple_lookup+0xc9/0x110
[ 2647.289552]  __lookup_slow+0x252/0x490
[ 2647.290088]  ? page_put_link+0x1f0/0x1f0
[ 2647.290647]  ? mac802154_llsec_dev_add+0x520/0x910
[ 2647.291390]  ? mac802154_llsec_dev_add+0x520/0x910
[ 2647.292103]  ? selinux_path_notify+0x470/0x470
[ 2647.292794]  walk_component+0x411/0x6a0
[ 2647.293386]  ? handle_dots.part.0+0x1500/0x1500
[ 2647.294077]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 2647.294855]  ? security_inode_permission+0xcb/0x100
[ 2647.295637]  ? inode_permission.part.0+0xb5/0x670
[ 2647.296318]  link_path_walk.part.0+0x7f8/0xf80
[ 2647.296978]  ? path_init+0x17b0/0x17b0
[ 2647.297553]  ? percpu_counter_add_batch+0xb4/0x170
[ 2647.298275]  path_openat+0x25d/0x2870
[ 2647.298851]  ? path_lookupat+0x850/0x850
[ 2647.299455]  ? lockdep_hardirqs_on_prepare+0x400/0x400
[ 2647.300208]  ? lock_is_held_type+0xd7/0x130
[ 2647.300840]  do_filp_open+0x1aa/0x400
[ 2647.301380]  ? may_open_dev+0xf0/0xf0
[ 2647.301926]  ? rwlock_bug.part.0+0x90/0x90
[ 2647.302544]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[ 2647.303491]  ? _find_next_bit+0x1e5/0x260
[ 2647.304104]  ? _raw_spin_unlock+0x24/0x40
[ 2647.304686]  ? alloc_fd+0x2f0/0x670
[ 2647.305197]  do_sys_openat2+0x16d/0x4c0
[ 2647.305756]  ? build_open_flags+0x6f0/0x6f0
[ 2647.306338]  ? seccomp_notify_ioctl+0xdc0/0xdc0
[ 2647.306993]  __x64_sys_openat+0x13f/0x1f0
[ 2647.307626]  ? __x64_sys_open+0x1c0/0x1c0
[ 2647.308218]  ? __secure_computing+0x195/0x2f0
[ 2647.308838]  do_syscall_64+0x3b/0x90
[ 2647.309363]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2647.310099] RIP: 0033:0x7f9e21b9ac64
[ 2647.310620] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 36 61 f9 ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 68 61 f9 ff 8b 44
[ 2647.313159] RSP: 002b:00007ffd3e915560 EFLAGS: 00000293 ORIG_RAX: 0000000000000101
[ 2647.314246] RAX: ffffffffffffffda RBX: 000055c722ba3d60 RCX: 00007f9e21b9ac64
[ 2647.315220] RDX: 0000000000080802 RSI: 000055c722bd9e60 RDI: 00000000ffffff9c
[ 2647.316248] RBP: 000055c722bd9e60 R08: 0000000000000000 R09: ffffffffffffff01
[ 2647.317230] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000080802
[ 2647.318201] R13: 00000000fffffffa R14: 000055c722be6d70 R15: 0000000000000002
[ 2647.319172]  </TASK>
[ 2647.344632] Call Trace:
[ 2647.345018]  <IRQ>
[ 2647.345321]  ? x86_pmu_start+0x1c0/0x240
[ 2647.345897]  x86_pmu_enable+0x580/0xd90
[ 2647.346449]  ? amd_pmu_disable_virt+0xa0/0xa0
[ 2647.347064]  ctx_resched+0x2b9/0x3a0
[ 2647.347607]  __perf_install_in_context+0x285/0xa40
[ 2647.348286]  ? lock_chain_count+0x20/0x20
[ 2647.348874]  ? ctx_resched+0x3a0/0x3a0
[ 2647.349423]  remote_function+0x125/0x1b0
[ 2647.349988]  flush_smp_call_function_queue+0x1df/0x610
[ 2647.350721]  ? perf_duration_warn+0x40/0x40
[ 2647.351364]  __sysvec_call_function_single+0x92/0x3a0
[ 2647.352063]  sysvec_call_function_single+0x3b/0xc0
[ 2647.352744]  asm_sysvec_call_function_single+0x12/0x20
[ 2647.353467] RIP: 0010:_raw_spin_unlock_irqrestore+0x2e/0x50
[ 2647.354237] Code: 48 83 c7 18 53 48 89 f3 48 8b 74 24 10 e8 7a 02 15 fd 48 89 ef e8 72 7f 15 fd 80 e7 02 74 06 e8 38 ae 36 fd fb bf 01 00 00 00 <e8> 6d 8b 0b fd 65 8b 05 e6 92 ee 7b 85 c0 74 03 5b 5d c3 0f 1f 44
[ 2647.356785] RSP: 0018:ffff88806ce09d98 EFLAGS: 00000206
[ 2647.357518] RAX: 0000000000000644 RBX: 0000000000000246 RCX: ffffffff81283e5f
[ 2647.358470] RDX: 0000000000000000 RSI: 0000000000000102 RDI: 0000000000000001
[ 2647.359480] RBP: ffff8880427f79a0 R08: 0000000000000001 R09: ffffffff86a3e797
[ 2647.360404] R10: fffffbfff0d47cf2 R11: 0000000000000001 R12: ffffffff81faf3b0
[ 2647.361261] R13: ffff88800ddbca00 R14: ffff88800f3810f8 R15: 0000000000000000
[ 2647.362149]  ? blk_mq_check_expired+0x2d0/0x2d0
[ 2647.362832]  ? mark_lock.part.0+0xef/0x2f60
[ 2647.363486]  ? _raw_spin_unlock_irqrestore+0x28/0x50
[ 2647.364205]  __blk_mq_end_request+0x125/0x580
[ 2647.364879]  scsi_end_request+0x485/0x9a0
[ 2647.365440]  scsi_io_completion+0xbc/0x1d20
[ 2647.366034]  ? scsi_run_host_queues+0x70/0x70
[ 2647.366658]  ? scsi_device_unbusy+0x25e/0x340
[ 2647.367348]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 2647.368176]  scsi_complete+0x114/0x560
[ 2647.368726]  blk_complete_reqs+0xb2/0xf0
[ 2647.369284]  __do_softirq+0x270/0x8c7
[ 2647.369818]  ? lock_is_held_type+0xd7/0x130
[ 2647.370406]  __irq_exit_rcu+0x113/0x170
[ 2647.370959]  irq_exit_rcu+0x5/0x20
[ 2647.371517]  sysvec_call_function_single+0x8e/0xc0
[ 2647.372166]  </IRQ>
[ 2647.372449]  <TASK>
[ 2647.372737]  asm_sysvec_call_function_single+0x12/0x20
[ 2647.373413] RIP: 0010:__tlb_remove_page_size+0xa6/0x420
[ 2647.374152] Code: 28 48 8d 7d 08 48 89 fa 48 c1 ea 03 0f b6 04 02 84 c0 74 08 3c 03 0f 8e ec 02 00 00 48 b8 00 00 00 00 00 fc ff df 44 8b 65 08 <4a> 8d 7c e5 10 45 8d 7c 24 01 48 89 fa 44 89 7d 08 48 c1 ea 03 80
[ 2647.376703] RSP: 0018:ffff88801840f718 EFLAGS: 00000246
[ 2647.377423] RAX: dffffc0000000000 RBX: ffff88801840fa28 RCX: 0000000000000000
[ 2647.378390] RDX: 1ffff110082e0801 RSI: ffffffff816abf40 RDI: ffff888041704008
[ 2647.379337] RBP: ffff888041704000 R08: 0000000000000000 R09: 0000000000000001
[ 2647.380246] R10: ffffffff816abf32 R11: 0000000000000002 R12: 00000000000000ff
[ 2647.381208] R13: ffffea0000c9e2c0 R14: ffff88801840fa50 R15: ffff88801840fa28
[ 2647.382172]  ? __tlb_remove_page_size+0x42/0x420
[ 2647.382849]  ? __tlb_remove_page_size+0x50/0x420
[ 2647.383592]  ? __tlb_remove_page_size+0x50/0x420
[ 2647.384254]  unmap_page_range+0x1166/0x2680
[ 2647.384920]  ? vm_normal_page+0x2e0/0x2e0
[ 2647.385497]  ? lock_release+0x3b2/0x6f0
[ 2647.386053]  ? lock_downgrade+0x6d0/0x6d0
[ 2647.386622]  ? uprobe_munmap+0x1c/0x560
[ 2647.387171]  unmap_single_vma+0x198/0x310
[ 2647.387803]  unmap_vmas+0x16b/0x2f0
[ 2647.388303]  ? lock_downgrade+0x6d0/0x6d0
[ 2647.388874]  ? unmap_mapping_range+0x280/0x280
[ 2647.389509]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 2647.390274]  exit_mmap+0x192/0x460
[ 2647.390799]  ? do_munmap+0x40/0x40
[ 2647.391327]  ? delayed_uprobe_remove+0x27/0x230
[ 2647.392014]  mmput+0xc8/0x380
[ 2647.392442]  do_exit+0xa0a/0x27e0
[ 2647.392901]  ? find_held_lock+0x2c/0x110
[ 2647.393466]  ? lock_release+0x3b2/0x6f0
[ 2647.394001]  ? mm_update_next_owner+0x7d0/0x7d0
[ 2647.394654]  ? lock_downgrade+0x6d0/0x6d0
[ 2647.395278]  ? lock_is_held_type+0xd7/0x130
[ 2647.395889]  do_group_exit+0xd2/0x2f0
[ 2647.396398]  get_signal+0x2303/0x2350
[ 2647.396937]  ? signal_setup_done+0x520/0x520
[ 2647.397568]  arch_do_signal_or_restart+0x88/0x1a40
[ 2647.398228]  ? do_futex+0x136/0x380
[ 2647.398719]  ? __ia32_compat_sys_get_robust_list+0x3b0/0x3b0
[ 2647.399511]  ? get_sigframe_size+0x10/0x10
[ 2647.400089]  ? __x64_sys_futex+0x1c6/0x4c0
[ 2647.400673]  ? __x64_sys_openat+0x13f/0x1f0
[ 2647.401258]  ? __x64_sys_futex_time32+0x480/0x480
[ 2647.401909]  exit_to_user_mode_prepare+0x131/0x1a0
[ 2647.402583]  syscall_exit_to_user_mode+0x19/0x50
[ 2647.403205]  do_syscall_64+0x48/0x90
[ 2647.403762]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2647.404461] RIP: 0033:0x7f457d3e8b19
[ 2647.405010] Code: Unable to access opcode bytes at RIP 0x7f457d3e8aef.
[ 2647.405886] RSP: 002b:00007f457a95e218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 2647.406893] RAX: fffffffffffffe00 RBX: 00007f457d4fbf68 RCX: 00007f457d3e8b19
[ 2647.407909] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f457d4fbf68
[ 2647.408837] RBP: 00007f457d4fbf60 R08: 0000000000000000 R09: 0000000000000000
[ 2647.409758] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f457d4fbf6c
[ 2647.410681] R13: 00007ffd0244841f R14: 00007f457a95e300 R15: 0000000000022000
[ 2647.411726]  </TASK>
[ 2647.413763] Call Trace:
[ 2647.414143]  <IRQ>
[ 2647.414435]  x86_pmu_stop+0x149/0x330
[ 2647.414976]  x86_pmu_del+0x1be/0x610
[ 2647.415490]  event_sched_out+0x2ed/0xe80
[ 2647.416016]  __perf_remove_from_context+0x87/0xbe0
[ 2647.416699]  event_function+0x297/0x3d0
[ 2647.417248]  ? perf_uprobe_event_init+0x1c0/0x1c0
[ 2647.417898]  remote_function+0x125/0x1b0
[ 2647.418475]  flush_smp_call_function_queue+0x1df/0x610
[ 2647.419222]  ? perf_duration_warn+0x40/0x40
[ 2647.419899]  __sysvec_call_function_single+0x92/0x3a0
[ 2647.420542]  sysvec_call_function_single+0x89/0xc0
[ 2647.421194]  </IRQ>
[ 2647.421512]  <TASK>
[ 2647.421832]  asm_sysvec_call_function_single+0x12/0x20
[ 2647.422614] RIP: 0010:___slab_alloc+0xbf/0xee0
[ 2647.423302] Code: 4f 02 00 00 83 f9 ff 0f 84 21 01 00 00 48 8b 10 48 c1 ea 3a 89 14 24 39 d1 0f 85 a3 04 00 00 48 8b 00 a8 20 0f 85 16 01 00 00 <9c> 41 5d fa 4c 89 e8 25 00 02 00 00 48 89 44 24 08 0f 85 e3 00 00
[ 2647.426037] RSP: 0018:ffff88804a21fa90 EFLAGS: 00000246
[ 2647.426896] RAX: 0100000000000200 RBX: ffff88806ce3dd90 RCX: 00000000ffffffff
[ 2647.427899] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000
[ 2647.428923] RBP: ffff888008062280 R08: 0000000000000001 R09: ffffffff86a3e78f
[ 2647.429917] R10: fffffbfff0d47cf1 R11: 0000000000000001 R12: 0000000000000d40
[ 2647.430894] R13: 0000000000000200 R14: ffffffff8175e425 R15: ffff88806ce3ddb0
[ 2647.432006]  ? ___slab_alloc+0x325/0xee0
[ 2647.432636]  ? security_inode_alloc+0x34/0x160
[ 2647.433258]  ? fs_reclaim_acquire+0xb2/0x160
[ 2647.433911]  ? lock_is_held_type+0xd7/0x130
[ 2647.434547]  ? security_inode_alloc+0x34/0x160
[ 2647.435172]  __slab_alloc.constprop.0+0x45/0x80
[ 2647.435894]  ? security_inode_alloc+0x34/0x160
[ 2647.436555]  kmem_cache_alloc+0x393/0x480
[ 2647.437138]  security_inode_alloc+0x34/0x160
[ 2647.437789]  inode_init_always+0x5d8/0xd20
[ 2647.438371]  alloc_inode+0x84/0x240
[ 2647.438891]  new_inode+0x23/0x240
[ 2647.439424]  shmem_get_inode+0x18b/0xd20
[ 2647.440033]  shmem_fill_super+0x6fc/0xdd0
[ 2647.440616]  ? shmem_rename2+0x4b0/0x4b0
[ 2647.441171]  get_tree_nodev+0xce/0x1d0
[ 2647.441720]  vfs_get_tree+0x8e/0x2f0
[ 2647.442237]  path_mount+0x131b/0x1f80
[ 2647.442776]  ? kasan_quarantine_put+0x87/0x1e0
[ 2647.443461]  ? finish_automount+0xa20/0xa20
[ 2647.444035]  ? kmem_cache_free+0xe0/0x420
[ 2647.444648]  ? putname+0xfe/0x140
[ 2647.445131]  __x64_sys_mount+0x27e/0x300
[ 2647.445689]  ? path_mount+0x1f80/0x1f80
[ 2647.446214]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2647.446905]  do_syscall_64+0x3b/0x90
[ 2647.447466]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2647.448155] RIP: 0033:0x7f7e5487e04a
[ 2647.448673] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2647.451278] RSP: 002b:00007f7e51dd0fa8 EFLAGS: 00000202 ORIG_RAX: 00000000000000a5
[ 2647.452284] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f7e5487e04a
[ 2647.453205] RDX: 00000000200000c0 RSI: 0000000020000140 RDI: 0000000000000000
[ 2647.454210] RBP: 00007f7e51dd1040 R08: 00007f7e51dd1040 R09: 00000000200000c0
[ 2647.455224] R10: 0000000000000000 R11: 0000000000000202 R12: 00000000200000c0
[ 2647.456334] R13: 0000000020000140 R14: 00007f7e51dd1000 R15: 0000000020000640
[ 2647.457263]  </TASK>
09:00:55 executing program 4:
syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='proc\x00', 0x0, 0x0)
chroot(&(0x7f0000000040)='./file0\x00')
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/loop', 0x325000, 0x48)
umount2(&(0x7f0000000180)='./file0\x00', 0x0)

09:00:55 executing program 1:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{&(0x7f0000000040)=""/35, 0x23}, {0x0, 0x2}, {&(0x7f0000000300)=""/165, 0xa5}], 0x3, 0x700, 0x0)

09:00:55 executing program 1:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{&(0x7f0000000040)=""/35, 0x23}, {0x0, 0x2}, {&(0x7f0000000300)=""/165, 0xa5}], 0x3, 0xa00, 0x0)

09:00:55 executing program 4:
r0 = syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x4, 0x0, 0x0, 0x100000, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='proc\x00', 0x0, 0x0)
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000280)={{{@in6=@mcast2, @in6=@local, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r1=>0x0}}, {{@in6=@private1}, 0x0, @in=@broadcast}}, &(0x7f0000000380)=0xe8)
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f00000003c0)={{{@in=@initdev, @in6=@private1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r2=>0x0}}, {{@in=@initdev}, 0x0, @in6}}, &(0x7f00000004c0)=0xe8)
mount$tmpfs(0x0, &(0x7f0000000200)='./file0/file0\x00', &(0x7f0000000240), 0x2000, &(0x7f0000000500)={[{@uid={'uid', 0x3d, 0xee00}}, {@gid={'gid', 0x3d, 0xffffffffffffffff}}, {@size={'size', 0x3d, [0x67, 0x39, 0x6d, 0x25, 0x37, 0x35, 0x6b, 0x31]}}, {@huge_advise}, {@nr_inodes={'nr_inodes', 0x3d, [0x31, 0x38, 0x36, 0x35, 0x35]}}], [{@uid_lt={'uid<', r1}}, {@fowner_eq={'fowner', 0x3d, r2}}, {@fsmagic={'fsmagic', 0x3d, 0x1}}, {@uid_lt={'uid<', 0xffffffffffffffff}}, {@mask={'mask', 0x3d, 'MAY_WRITE'}}]})
chroot(&(0x7f0000000040)='./file0\x00')
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/kexec_crash_size', 0x0, 0x0)
umount2(&(0x7f0000000180)='./file0\x00', 0x0)
umount2(&(0x7f0000000140)='./file0\x00', 0xc)
openat(r0, &(0x7f00000001c0)='./file0\x00', 0x121000, 0x0)

09:00:55 executing program 2:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NLBL_MGMT_C_VERSION(r0, &(0x7f00000001c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x24, 0x0, 0x100, 0x70bd25, 0x25dfdbfd, {}, [@NLBL_MGMT_A_PROTOCOL={0x8}, @NLBL_MGMT_A_FAMILY={0x6, 0xb, 0x1}]}, 0x24}, 0x1, 0x0, 0x0, 0x4001}, 0x4080)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$netlbl_cipso(&(0x7f0000000340), r1)
sendmsg$NLBL_CIPSOV4_C_LIST(r1, &(0x7f0000000c80)={0x0, 0x0, &(0x7f0000000c40)={&(0x7f0000000980)={0x18, r2, 0x1, 0x0, 0x0, {}, [@NLBL_CIPSOV4_A_MLSLVLLST={0x4}]}, 0x18}}, 0x0)
ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000180)={'wpan0\x00', <r3=>0x0})
r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000780), r5)
sendmsg$IEEE802154_LLSEC_SETPARAMS(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000400)={0x24, r6, 0x10d, 0x0, 0x0, {}, [@IEEE802154_ATTR_DEV_INDEX={0x8, 0x2, r3}, @IEEE802154_ATTR_LLSEC_SECLEVEL={0x5, 0x2a, 0x20}]}, 0x24}}, 0x0)
ioctl$sock_SIOCGIFINDEX_802154(r1, 0x8933, &(0x7f0000000400)={'wpan4\x00', <r7=>0x0})
sendmsg$NL802154_CMD_DEL_SEC_DEV(r0, &(0x7f0000000500)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f00000004c0)={&(0x7f0000000440)={0x44, 0x0, 0x300, 0x70bd25, 0x25dfdbfc, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x100000001}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r3}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r7}, @NL802154_ATTR_IFINDEX={0x8}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x100000001}]}, 0x44}}, 0x4)
r8 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NLBL_MGMT_C_ADD(r8, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)={0x4c, 0x0, 0x1, 0x0, 0x0, {}, [@NLBL_MGMT_A_DOMAIN={0x6, 0x1, '%\x00'}, @NLBL_MGMT_A_IPV6ADDR={0x14, 0x5, @local}, @NLBL_MGMT_A_IPV6MASK={0x14, 0x6, @mcast1}, @NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x5}]}, 0x4c}, 0x1, 0x700000000000000}, 0x0)

09:00:55 executing program 1:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{&(0x7f0000000040)=""/35, 0x23}, {0x0, 0x2}, {&(0x7f0000000300)=""/165, 0xa5}], 0x3, 0x3f00, 0x0)

09:00:55 executing program 6:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{&(0x7f0000000040)=""/35, 0x23}, {0x0}, {&(0x7f0000000300)=""/165, 0xa5}], 0x3, 0x7a, 0x0)

09:00:55 executing program 3:
socketpair$unix(0x1, 0x5, 0x0, 0x0)
sendmsg$unix(0xffffffffffffffff, 0x0, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
pwritev(r0, &(0x7f0000000640)=[{&(0x7f0000000180)="19", 0x1}], 0x1, 0x8000000, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0)
r2 = socket$inet6(0xa, 0x1, 0x0)
bind$inet6(r2, &(0x7f00000002c0)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c)
recvfrom(r2, &(0x7f00000003c0)=""/87, 0x20010397, 0x300, 0x0, 0x0)
sendfile(r2, r1, 0x0, 0xfffffdef)
readv(0xffffffffffffffff, &(0x7f0000000040), 0x0)
r3 = openat$cgroup_freezer_state(0xffffffffffffffff, 0x0, 0x2, 0x0)
close(0xffffffffffffffff)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000001540), 0xffffffffffffffff)
sendmsg$NL80211_CMD_STOP_AP(r4, &(0x7f0000001600)={0x0, 0x0, &(0x7f00000015c0)={&(0x7f0000001580)={0x1c, 0x0, 0x1, 0x0, 0x0, {{}, {@val={0x8}, @void}}}, 0x1c}}, 0x0)
sendmsg$NL80211_CMD_STOP_AP(0xffffffffffffffff, &(0x7f0000001600)={0x0, 0x0, &(0x7f00000015c0)={&(0x7f0000001580)={0x1c, 0x0, 0x1, 0x0, 0x0, {{}, {@val={0x8}, @void}}}, 0x1c}}, 0x0)
sendfile(r3, 0xffffffffffffffff, &(0x7f00000000c0)=0x7, 0x100)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000040), &(0x7f0000000140)=0xc)
syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x2200)

09:01:11 executing program 4:
syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='proc\x00', 0x0, 0x0)
chroot(&(0x7f0000000040)='./file0\x00')
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/kexec_crash_size', 0x410000, 0x0)
umount2(&(0x7f0000000180)='./file0\x00', 0x0)

09:01:11 executing program 1:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{&(0x7f0000000040)=""/35, 0x23}, {0x0, 0x2}, {&(0x7f0000000300)=""/165, 0xa5}], 0x3, 0x4800, 0x0)

09:01:11 executing program 3:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NLBL_MGMT_C_VERSION(r0, &(0x7f00000001c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x24, 0x0, 0x100, 0x70bd25, 0x25dfdbfd, {}, [@NLBL_MGMT_A_PROTOCOL={0x8}, @NLBL_MGMT_A_FAMILY={0x6, 0xb, 0x1}]}, 0x24}, 0x1, 0x0, 0x0, 0x4001}, 0x4080)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$netlbl_cipso(&(0x7f0000000340), r1)
sendmsg$NLBL_CIPSOV4_C_LIST(r1, &(0x7f0000000c80)={0x0, 0x0, &(0x7f0000000c40)={&(0x7f0000000980)={0x18, r2, 0x1, 0x0, 0x0, {}, [@NLBL_CIPSOV4_A_MLSLVLLST={0x4}]}, 0x18}}, 0x0)
ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000180)={'wpan0\x00', <r3=>0x0})
r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000780), r5)
sendmsg$IEEE802154_LLSEC_SETPARAMS(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000400)={0x24, r6, 0x10d, 0x0, 0x0, {}, [@IEEE802154_ATTR_DEV_INDEX={0x8, 0x2, r3}, @IEEE802154_ATTR_LLSEC_SECLEVEL={0x5, 0x2a, 0x20}]}, 0x24}}, 0x0)
ioctl$sock_SIOCGIFINDEX_802154(r1, 0x8933, &(0x7f0000000400)={'wpan4\x00', <r7=>0x0})
sendmsg$NL802154_CMD_DEL_SEC_DEV(r0, &(0x7f0000000500)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f00000004c0)={&(0x7f0000000440)={0x44, 0x0, 0x300, 0x70bd25, 0x25dfdbfc, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x100000001}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r3}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r7}, @NL802154_ATTR_IFINDEX={0x8}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x100000001}]}, 0x44}}, 0x4)
r8 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NLBL_MGMT_C_ADD(r8, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)={0x4c, 0x0, 0x1, 0x0, 0x0, {}, [@NLBL_MGMT_A_DOMAIN={0x6, 0x1, '%\x00'}, @NLBL_MGMT_A_IPV6ADDR={0x14, 0x5, @local}, @NLBL_MGMT_A_IPV6MASK={0x14, 0x6, @mcast1}, @NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x5}]}, 0x4c}, 0x1, 0x700000000000000}, 0x0)

09:01:11 executing program 5:
socketpair$unix(0x1, 0x5, 0x0, 0x0)
sendmsg$unix(0xffffffffffffffff, 0x0, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
pwritev(r0, &(0x7f0000000640)=[{&(0x7f00000002c0)="19", 0x1}], 0x1, 0x8000000, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0)
r2 = socket$inet6(0xa, 0x1, 0x0)
bind$inet6(r2, &(0x7f00000002c0)={0xa, 0x4e20, 0x0, @loopback}, 0x1c)
r3 = openat$nvram(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
ioctl$sock_SIOCSIFVLAN_GET_VLAN_EGRESS_PRIORITY_CMD(r3, 0x8983, &(0x7f0000000140))
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c)
recvfrom(r2, &(0x7f00000003c0)=""/87, 0x20010397, 0x300, 0x0, 0x0)
sendfile(r2, r1, 0x0, 0xfffffdef)
readv(0xffffffffffffffff, &(0x7f0000000040), 0x0)
openat$cgroup_freezer_state(r3, 0x0, 0x2, 0x0)
close(0xffffffffffffffff)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000001540), 0xffffffffffffffff)
sendmsg$NL80211_CMD_STOP_AP(r4, &(0x7f0000001600)={0x0, 0x0, &(0x7f00000015c0)={&(0x7f0000001580)=ANY=[@ANYBLOB="1c000000", @ANYRES16=0x0, @ANYBLOB="01000000000000aae8545b9f48852fe8bf67", @ANYRES32=0x0, @ANYBLOB], 0x1c}}, 0x20008801)
getsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f0000000040), &(0x7f0000000080)=0xc)
syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x2200)

09:01:11 executing program 6:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{&(0x7f0000000040)=""/35, 0x23}, {0x0}, {&(0x7f0000000300)=""/165, 0xa5}], 0x3, 0xa5, 0x0)

09:01:11 executing program 7:
openat$sndseq(0xffffffffffffff9c, 0x0, 0x0)
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{0x0}, {&(0x7f0000000300)=""/165, 0xa5}], 0x2, 0x6c00, 0x0)

09:01:11 executing program 2:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NLBL_MGMT_C_VERSION(r0, &(0x7f00000001c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x24, 0x0, 0x100, 0x70bd25, 0x25dfdbfd, {}, [@NLBL_MGMT_A_PROTOCOL={0x8}, @NLBL_MGMT_A_FAMILY={0x6, 0xb, 0x1}]}, 0x24}, 0x1, 0x0, 0x0, 0x4001}, 0x4080)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$netlbl_cipso(&(0x7f0000000340), r1)
sendmsg$NLBL_CIPSOV4_C_LIST(r1, &(0x7f0000000c80)={0x0, 0x0, &(0x7f0000000c40)={&(0x7f0000000980)={0x18, r2, 0x1, 0x0, 0x0, {}, [@NLBL_CIPSOV4_A_MLSLVLLST={0x4}]}, 0x18}}, 0x0)
ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000180)={'wpan0\x00', <r3=>0x0})
r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000780), r5)
sendmsg$IEEE802154_LLSEC_SETPARAMS(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000400)={0x24, r6, 0x10d, 0x0, 0x0, {}, [@IEEE802154_ATTR_DEV_INDEX={0x8, 0x2, r3}, @IEEE802154_ATTR_LLSEC_SECLEVEL={0x5, 0x2a, 0x20}]}, 0x24}}, 0x0)
ioctl$sock_SIOCGIFINDEX_802154(r1, 0x8933, &(0x7f0000000400)={'wpan4\x00', <r7=>0x0})
sendmsg$NL802154_CMD_DEL_SEC_DEV(r0, &(0x7f0000000500)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f00000004c0)={&(0x7f0000000440)={0x44, 0x0, 0x300, 0x70bd25, 0x25dfdbfc, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x100000001}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r3}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r7}, @NL802154_ATTR_IFINDEX={0x8}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x100000001}]}, 0x44}}, 0x4)
r8 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NLBL_MGMT_C_ADD(r8, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)={0x4c, 0x0, 0x1, 0x0, 0x0, {}, [@NLBL_MGMT_A_DOMAIN={0x6, 0x1, '%\x00'}, @NLBL_MGMT_A_IPV6ADDR={0x14, 0x5, @local}, @NLBL_MGMT_A_IPV6MASK={0x14, 0x6, @mcast1}, @NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x5}]}, 0x4c}, 0x1, 0x700000000000000}, 0x0)

09:01:11 executing program 0:
perf_event_open$cgroup(&(0x7f0000000c00)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0xa00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

[ 2663.029907] Call Trace:
[ 2663.030320]  <IRQ>
[ 2663.030595]  ? x86_pmu_start+0x1c0/0x240
[ 2663.031121]  x86_pmu_enable+0x580/0xd90
[ 2663.031654]  ? amd_pmu_disable_virt+0xa0/0xa0
[ 2663.032281]  ctx_resched+0x2b9/0x3a0
[ 2663.032794]  __perf_install_in_context+0x285/0xa40
[ 2663.033452]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 2663.034192]  ? ctx_resched+0x3a0/0x3a0
[ 2663.034704]  remote_function+0x125/0x1b0
[ 2663.035239]  flush_smp_call_function_queue+0x1df/0x610
[ 2663.035910]  ? perf_duration_warn+0x40/0x40
[ 2663.036465]  __sysvec_call_function_single+0x92/0x3a0
[ 2663.037101]  sysvec_call_function_single+0x89/0xc0
[ 2663.037750]  </IRQ>
[ 2663.038061]  <TASK>
[ 2663.038367]  asm_sysvec_call_function_single+0x12/0x20
[ 2663.039060] RIP: 0010:fsnotify_grab_connector+0x2/0x230
[ 2663.039818] Code: 00 00 be 03 00 00 00 e8 6c 29 98 ff 5b 5d e9 75 fe b5 ff e8 50 bb e8 ff eb bc e8 79 bb e8 ff e9 4d ff ff ff 0f 1f 40 00 41 55 <41> 54 49 89 fc 55 53 e8 52 fe b5 ff 48 c7 c7 e0 b3 38 87 e8 76 9f
[ 2663.042231] RSP: 0018:ffff88801af2fc28 EFLAGS: 00000212
[ 2663.042948] RAX: 0000000000001987 RBX: dffffc0000000000 RCX: ffffc90006e00000
[ 2663.043942] RDX: 0000000000040000 RSI: ffffffff818de7f2 RDI: ffff88801e66a238
[ 2663.044905] RBP: ffff88801e66a238 R08: 0000000000000001 R09: 0000000000000001
[ 2663.045889] R10: ffffffff814a8a78 R11: 0000000000000001 R12: ffff88801e669f88
[ 2663.046864] R13: ffff88801e669f78 R14: 1ffff110035e5f87 R15: ffff88801e669ea8
[ 2663.047866]  ? trace_hardirqs_on+0x38/0x190
[ 2663.048456]  ? fsnotify_destroy_marks+0x62/0x260
[ 2663.049131]  ? call_rcu+0x585/0xa20
[ 2663.049633]  fsnotify_destroy_marks+0x6a/0x260
[ 2663.050256]  ? fsnotify_clear_marks_by_group+0x3d0/0x3d0
[ 2663.050999]  ? call_rcu+0x585/0xa20
[ 2663.051520]  ? selinux_inode_free_security+0x18f/0x220
[ 2663.052250]  __destroy_inode+0x204/0x710
[ 2663.052799]  destroy_inode+0x91/0x1b0
[ 2663.053317]  iput.part.0+0x52d/0x7d0
[ 2663.053816]  iput+0x58/0x70
[ 2663.054220]  dentry_unlink_inode+0x2b4/0x460
[ 2663.054832]  __dentry_kill+0x36f/0x5c0
[ 2663.055364]  ? dput+0x35/0xe10
[ 2663.055827]  ? dput+0x35/0xe10
[ 2663.056293]  dput+0x821/0xe10
[ 2663.056745]  __fput+0x397/0x9d0
[ 2663.057209]  task_work_run+0xe2/0x1a0
[ 2663.057754]  exit_to_user_mode_prepare+0x199/0x1a0
[ 2663.058447]  syscall_exit_to_user_mode+0x19/0x50
[ 2663.059118]  do_syscall_64+0x48/0x90
[ 2663.059694]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2663.060422] RIP: 0033:0x7f7e5482f72b
[ 2663.060948] Code: 0f 05 48 3d 00 f0 ff ff 77 45 c3 0f 1f 40 00 48 83 ec 18 89 7c 24 0c e8 63 fc ff ff 8b 7c 24 0c 41 89 c0 b8 03 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 35 44 89 c7 89 44 24 0c e8 a1 fc ff ff 8b 44
[ 2663.063383] RSP: 002b:00007f7e51df2110 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[ 2663.064439] RAX: 0000000000000000 RBX: 0000000000000004 RCX: 00007f7e5482f72b
[ 2663.065386] RDX: 0000000000000010 RSI: 0000000000000000 RDI: 0000000000000003
[ 2663.066334] RBP: 0000000000000003 R08: 0000000000000000 R09: 0000000000000000
[ 2663.067287] R10: 0000000000000000 R11: 0000000000000293 R12: 00007f7e51df26bc
[ 2663.068271] R13: 000000000000000e R14: 00007f7e51df2300 R15: 0000000000022000
[ 2663.069258]  </TASK>
09:01:11 executing program 5:
socketpair$unix(0x1, 0x5, 0x0, 0x0)
sendmsg$unix(0xffffffffffffffff, 0x0, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
pwritev(r0, &(0x7f0000000640)=[{&(0x7f00000002c0)="19", 0x1}], 0x1, 0x8000000, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0)
r2 = socket$inet6(0xa, 0x1, 0x0)
bind$inet6(r2, &(0x7f00000002c0)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c)
recvfrom(r2, &(0x7f00000003c0)=""/87, 0x20010397, 0x300, 0x0, 0x0)
sendfile(r2, r1, 0x0, 0xfffffdef)
readv(0xffffffffffffffff, &(0x7f0000000040), 0x0)
openat$cgroup_freezer_state(0xffffffffffffffff, 0x0, 0x2, 0x0)
close(0xffffffffffffffff)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000001540), 0xffffffffffffffff)
sendmsg$NL80211_CMD_STOP_AP(r3, &(0x7f0000001600)={0x0, 0x0, &(0x7f00000015c0)={&(0x7f0000001580)=ANY=[@ANYBLOB="1c000000", @ANYRES16=0x0, @ANYBLOB="0127a13101bc890e2f9a", @ANYRES32=0x0, @ANYBLOB], 0x1c}}, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
getsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f0000000080), &(0x7f00000000c0)=0xc)
syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x2200)

09:01:11 executing program 6:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{&(0x7f0000000040)=""/35, 0x23}, {0x0}, {&(0x7f0000000300)=""/165, 0xa5}], 0x3, 0xbf, 0x0)

09:01:11 executing program 1:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{&(0x7f0000000040)=""/35, 0x23}, {0x0, 0x2}, {&(0x7f0000000300)=""/165, 0xa5}], 0x3, 0x4c00, 0x0)

09:01:11 executing program 7:
openat$sndseq(0xffffffffffffff9c, 0x0, 0x0)
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{0x0}, {&(0x7f0000000300)=""/165, 0xa5}], 0x2, 0x7400, 0x0)

09:01:11 executing program 4:
syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='proc\x00', 0x0, 0x0)
chroot(&(0x7f0000000040)='./file0\x00')
r0 = fsopen(&(0x7f0000000080)='hugetlbfs\x00', 0x0)
syz_mount_image$nfs(&(0x7f00000001c0), &(0x7f0000000200)='./file0/file0\x00', 0x7, 0x1, &(0x7f0000000300)=[{&(0x7f0000000240)="2fd1f4436ce05752a47fff68a9d0b9a95bc17dd708000e52f38b020b159595ad9ae405a5cc4b279215c1edb4d6e72f3a6c63161fc4d4148b13eb537f0a4d1c13d91beb89a084bdbe9783a74673daf3285e3085ca6bfbd91de49323d911acad5c3751532f25b4c01ebab454eeb31fbc613666f001d143c5ec57d5f2abbff44c21568120006a36e1e057afcddde555bb0567985abaf81e2935162cf778460187c2bd307b599a1b", 0xa6, 0x8}], 0x3084498, &(0x7f0000000340)={[{}, {'proc\x00'}, {'hugetlbfs\x00'}, {'($\x85'}, {}], [{@appraise_type}]})
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
r1 = fsmount(r0, 0x0, 0x0)
mknodat$null(r1, &(0x7f0000000040)='./file0\x00', 0x2000, 0x103)
inotify_add_watch(r1, &(0x7f0000000140)='./file0\x00', 0x2000000)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/kexec_crash_size', 0x0, 0x0)
mknodat$null(0xffffffffffffffff, &(0x7f0000000540)='./file0/file0\x00', 0x800, 0x103)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000040)={'wlan1\x00', <r3=>0x0})
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000001540), 0xffffffffffffffff)
sendmsg$NL80211_CMD_STOP_AP(r2, &(0x7f0000001600)={0x0, 0x0, &(0x7f00000015c0)={&(0x7f0000001580)={0x1c, r4, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}}, 0x1c}}, 0x0)
stat(&(0x7f0000000240)='./file0\x00', &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, <r5=>0x0})
setresuid(0x0, r5, 0x0)
mount$9p_fd(0x0, &(0x7f0000000380)='./file0/file0\x00', &(0x7f00000003c0), 0x41000, &(0x7f0000000400)={'trans=fd,', {}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@access_any}], [{@subj_role={'subj_role', 0x3d, 'proc\x00'}}, {@euid_lt={'euid<', 0xffffffffffffffff}}, {@fsuuid={'fsuuid', 0x3d, {[0x9, 0x38, 0x35, 0x61, 0x37, 0x30, 0x33, 0x32], 0x2d, [0x64, 0x62, 0x30, 0x32], 0x2d, [0x33, 0x34, 0x62, 0x65], 0x2d, [0x33, 0x63, 0x38, 0x35], 0x2d, [0x39, 0x61, 0x62, 0x34, 0x0, 0x65, 0x39, 0x35]}}}, {@measure}, {@dont_measure}, {@appraise}, {@euid_lt={'euid<', r5}}, {@subj_role}, {@dont_measure}]}})
fsmount(0xffffffffffffffff, 0x1, 0x0)
umount2(&(0x7f0000000180)='./file0\x00', 0x0)

[ 2663.195561] Call Trace:
[ 2663.195919]  <IRQ>
[ 2663.196157]  x86_pmu_stop+0x149/0x330
[ 2663.196574]  x86_pmu_del+0x1be/0x610
[ 2663.196977]  event_sched_out+0x2ed/0xe80
[ 2663.197415]  __perf_remove_from_context+0x87/0xbe0
[ 2663.197940]  event_function+0x297/0x3d0
[ 2663.198356]  ? perf_uprobe_event_init+0x1c0/0x1c0
[ 2663.198853]  remote_function+0x125/0x1b0
[ 2663.199304]  flush_smp_call_function_queue+0x1df/0x610
[ 2663.199897]  ? perf_duration_warn+0x40/0x40
[ 2663.200351]  __sysvec_call_function_single+0x92/0x3a0
[ 2663.200888]  sysvec_call_function_single+0x89/0xc0
[ 2663.201411]  </IRQ>
[ 2663.201644]  <TASK>
[ 2663.201879]  asm_sysvec_call_function_single+0x12/0x20
[ 2663.202425] RIP: 0010:do_syscall_64+0x36/0x90
[ 2663.202893] Code: 63 f6 4c 89 e7 e8 4a 50 00 00 3d c3 01 00 00 77 54 89 c2 48 81 fa c4 01 00 00 48 19 d2 21 d0 4c 89 e7 48 8b 04 c5 a0 38 60 84 <e8> 85 91 2e 00 49 89 44 24 50 4c 89 e7 e8 a8 50 00 00 4c 8b 65 f8
[ 2663.204860] RSP: 0018:ffff888015d8ff40 EFLAGS: 00000202
[ 2663.205409] RAX: ffffffff817ac950 RBX: 0000000000000000 RCX: 0000000000000000
[ 2663.206144] RDX: ffffffffffffffff RSI: ffffffff81453945 RDI: ffff888015d8ff58
[ 2663.206877] RBP: ffff888015d8ff48 R08: ffffffff846a4de0 R09: ffffffff8144feac
[ 2663.207708] R10: 0000000000000006 R11: 000000007fff0000 R12: ffff888015d8ff58
[ 2663.208640] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 2663.209564]  ? __seccomp_filter+0x2cc/0x1070
[ 2663.210145]  ? __x64_sys_open+0x1c0/0x1c0
[ 2663.210716]  ? __secure_computing+0x195/0x2f0
[ 2663.211330]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2663.212064] RIP: 0033:0x7fe025c73767
[ 2663.212583] Code: 25 00 00 41 00 3d 00 00 41 00 74 47 64 8b 04 25 18 00 00 00 85 c0 75 6b 44 89 e2 48 89 ee bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 0f 87 95 00 00 00 48 8b 4c 24 28 64 48 2b 0c 25
[ 2663.215102] RSP: 002b:00007fff3f1cb560 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 2663.216196] RAX: ffffffffffffffda RBX: 000055a0d780dcd0 RCX: 00007fe025c73767
[ 2663.217152] RDX: 0000000000290000 RSI: 000055a0d62e98f8 RDI: 00000000ffffff9c
[ 2663.218119] RBP: 000055a0d62e98f8 R08: 000055a0d783ede0 R09: 00007fe025c59be0
[ 2663.219088] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000290000
[ 2663.220066] R13: 00000000ffffffff R14: 000055a0d780dcd0 R15: 0000000000000000
[ 2663.221051]  </TASK>
09:01:11 executing program 5:
socketpair$unix(0x1, 0x5, 0x0, 0x0)
sendmsg$unix(0xffffffffffffffff, 0x0, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
pwritev(r0, &(0x7f0000000640)=[{&(0x7f00000002c0)="19", 0x1}], 0x1, 0x8000000, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0)
r2 = socket$inet6(0xa, 0x1, 0x0)
bind$inet6(r2, &(0x7f00000002c0)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c)
recvfrom(r2, &(0x7f00000003c0)=""/87, 0x20010397, 0x300, 0x0, 0x0)
sendfile(r2, r1, 0x0, 0xfffffdef)
readv(0xffffffffffffffff, &(0x7f0000000040), 0x0)
openat$cgroup_freezer_state(0xffffffffffffffff, 0x0, 0x2, 0x0)
close(0xffffffffffffffff)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000001540), 0xffffffffffffffff)
sendmsg$NL80211_CMD_STOP_AP(r3, &(0x7f0000001600)={0x0, 0x0, &(0x7f00000015c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB="1c000000", @ANYRES16=0x0, @ANYBLOB="01000000315058a6c358f37305f122e754d0cf860ef40000000000000000", @ANYRES32=0x0, @ANYBLOB], 0x1c}}, 0x0)
getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000000040), &(0x7f0000000080)=0xc)
syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x2200)

09:01:11 executing program 7:
openat$sndseq(0xffffffffffffff9c, 0x0, 0x0)
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{0x0}, {&(0x7f0000000300)=""/165, 0xa5}], 0x2, 0x7a00, 0x0)

09:01:11 executing program 6:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{&(0x7f0000000040)=""/35, 0x23}, {0x0}, {&(0x7f0000000300)=""/165, 0xa5}], 0x3, 0x300, 0x0)

09:01:11 executing program 1:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{&(0x7f0000000040)=""/35, 0x23}, {0x0, 0x2}, {&(0x7f0000000300)=""/165, 0xa5}], 0x3, 0x60ff, 0x0)

09:01:11 executing program 3:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{&(0x7f0000000040)=""/35, 0x23}, {0x0, 0x2}, {&(0x7f0000000300)=""/165, 0xa5}], 0x3, 0x3f00, 0x0)

09:01:11 executing program 0:
perf_event_open$cgroup(&(0x7f0000000c00)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0xf10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

09:01:11 executing program 2:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NLBL_MGMT_C_VERSION(r0, &(0x7f00000001c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x24, 0x0, 0x100, 0x70bd25, 0x25dfdbfd, {}, [@NLBL_MGMT_A_PROTOCOL={0x8}, @NLBL_MGMT_A_FAMILY={0x6, 0xb, 0x1}]}, 0x24}, 0x1, 0x0, 0x0, 0x4001}, 0x4080)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$netlbl_cipso(&(0x7f0000000340), r1)
sendmsg$NLBL_CIPSOV4_C_LIST(r1, &(0x7f0000000c80)={0x0, 0x0, &(0x7f0000000c40)={&(0x7f0000000980)={0x18, r2, 0x1, 0x0, 0x0, {}, [@NLBL_CIPSOV4_A_MLSLVLLST={0x4}]}, 0x18}}, 0x0)
ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000180)={'wpan0\x00', <r3=>0x0})
r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000780), r5)
sendmsg$IEEE802154_LLSEC_SETPARAMS(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000400)={0x24, r6, 0x10d, 0x0, 0x0, {}, [@IEEE802154_ATTR_DEV_INDEX={0x8, 0x2, r3}, @IEEE802154_ATTR_LLSEC_SECLEVEL={0x5, 0x2a, 0x20}]}, 0x24}}, 0x0)
ioctl$sock_SIOCGIFINDEX_802154(r1, 0x8933, &(0x7f0000000400)={'wpan4\x00', <r7=>0x0})
sendmsg$NL802154_CMD_DEL_SEC_DEV(r0, &(0x7f0000000500)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f00000004c0)={&(0x7f0000000440)={0x44, 0x0, 0x300, 0x70bd25, 0x25dfdbfc, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x100000001}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r3}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r7}, @NL802154_ATTR_IFINDEX={0x8}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x100000001}]}, 0x44}}, 0x4)
r8 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$NLBL_MGMT_C_ADD(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)={0x4c, r8, 0x1, 0x0, 0x0, {}, [@NLBL_MGMT_A_DOMAIN={0x6, 0x1, '%\x00'}, @NLBL_MGMT_A_IPV6ADDR={0x14, 0x5, @local}, @NLBL_MGMT_A_IPV6MASK={0x14, 0x6, @mcast1}, @NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x5}]}, 0x4c}, 0x1, 0x700000000000000}, 0x0)

09:01:11 executing program 4:
r0 = syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
r1 = fsopen(&(0x7f0000000080)='hugetlbfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r1, 0x6, 0x0, 0x0, 0x0)
r2 = fsmount(r1, 0x0, 0x0)
mknodat$null(r2, &(0x7f0000000040)='./file0\x00', 0x2000, 0x103)
mount$9p_fd(0x0, &(0x7f00000003c0)='./file0\x00', &(0x7f0000000400), 0x200814, &(0x7f0000000440)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r0}, 0x2c, {[{@aname={'aname', 0x3d, '\xc5'}}], [{@smackfshat={'smackfshat', 0x3d, 'proc\x00'}}, {@uid_gt={'uid>', 0xee00}}, {@subj_user}, {@euid_gt={'euid>', 0xee01}}, {@func={'func', 0x3d, 'FILE_CHECK'}}]}})
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='proc\x00', 0x0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(0xffffffffffffffff, 0xc0189378, &(0x7f00000001c0)={{0x1, 0x1, 0x18, <r3=>r0, {r0}}, './file0\x00'})
utimensat(r3, &(0x7f0000000340)='./file0\x00', &(0x7f0000000380)={{0x0, 0xea60}, {0x0, 0x2710}}, 0x100)
chroot(&(0x7f0000000040)='./file0\x00')
r4 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/kexec_crash_size', 0x0, 0x0)
umount2(&(0x7f0000000180)='./file0\x00', 0x0)
sendmsg$NL80211_CMD_CHANNEL_SWITCH(r4, &(0x7f0000000240)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000200)={&(0x7f0000000280)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000226bd7000fbdbdf25660000000800b700e20000000800b700bf0000000800b700b7000000e9b1845cc97d3b9ca8737b36dbb80f4344108ef61bd99cc49f91927a3ac64e19f25c59b612505ee5c2eb75d9070dde1f688f909a5b59402d8688aaaa2907b77d7c5fb85ddddea08fe9507eff21b7d4caa86592f8ac54ce7ce77e8f6d4ebf451d0a56bca52ad8d884d241af4b433cbd0141a6f539541886844d88fafeeaeecc"], 0x2c}}, 0x44000)

[ 2663.427797] Call Trace:
[ 2663.428216]  <IRQ>
[ 2663.428500]  ? x86_pmu_start+0x1c0/0x240
[ 2663.429048]  x86_pmu_enable+0x580/0xd90
[ 2663.429579]  ? amd_pmu_disable_virt+0xa0/0xa0
[ 2663.430183]  ctx_resched+0x2b9/0x3a0
[ 2663.430680]  __perf_install_in_context+0x285/0xa40
[ 2663.431320]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 2663.432072]  ? ctx_resched+0x3a0/0x3a0
[ 2663.432586]  remote_function+0x125/0x1b0
[ 2663.433123]  flush_smp_call_function_queue+0x1df/0x610
[ 2663.433804]  ? perf_duration_warn+0x40/0x40
[ 2663.434373]  __sysvec_call_function_single+0x92/0x3a0
[ 2663.435043]  sysvec_call_function_single+0x89/0xc0
[ 2663.435703]  </IRQ>
[ 2663.435995]  <TASK>
[ 2663.436290]  asm_sysvec_call_function_single+0x12/0x20
[ 2663.437028] RIP: 0010:unwind_get_return_address+0x51/0x90
[ 2663.437806] Code: 05 31 c0 5b 5d c3 48 b8 00 00 00 00 00 fc ff df 48 8d 6b 58 48 89 ea 48 c1 ea 03 80 3c 02 00 75 32 48 8b 7b 58 e8 ff 84 0b 00 <85> c0 74 d3 48 b8 00 00 00 00 00 fc ff df 48 89 ea 48 c1 ea 03 80
[ 2663.440272] RSP: 0018:ffff88804291f608 EFLAGS: 00000202
[ 2663.440968] RAX: 0000000000000001 RBX: ffff88804291f620 RCX: 0000000000000000
[ 2663.441897] RDX: 1ffff11008523ecf RSI: ffff88804291fb00 RDI: ffffffff81a9cb78
[ 2663.442818] RBP: ffff88804291f678 R08: ffffffff85d2f210 R09: ffffffff85d2f214
[ 2663.443762] R10: ffffed1008523ed1 R11: 000000000003403b R12: ffff88804291f6e8
[ 2663.444688] R13: 0000000000000000 R14: ffff88800b63d040 R15: ffff88804291fa68
[ 2663.445626]  ? __ext4_new_inode+0x39c8/0x5620
[ 2663.446222]  ? unwind_get_return_address+0x51/0x90
[ 2663.446858]  ? create_prof_cpu_mask+0x20/0x20
[ 2663.447446]  arch_stack_walk+0x99/0xf0
[ 2663.447987]  ? __ext4_new_inode+0x39c8/0x5620
[ 2663.448571]  ? security_inode_init_security+0x1d5/0x350
[ 2663.449264]  stack_trace_save+0x8c/0xc0
[ 2663.449785]  ? filter_irq_stacks+0x90/0x90
[ 2663.450367]  kasan_save_stack+0x1e/0x40
[ 2663.450896]  ? kasan_save_stack+0x1e/0x40
[ 2663.451439]  ? __kasan_record_aux_stack+0x97/0xa0
[ 2663.452100]  ? call_rcu+0x6a/0xa20
[ 2663.452567]  ? kfree+0x1b2/0x410
[ 2663.453006]  ? security_inode_init_security+0x1d5/0x350
[ 2663.453709]  ? mark_lock.part.0+0xef/0x2f60
[ 2663.454272]  ? lockdep_hardirqs_on_prepare+0x400/0x400
[ 2663.454951]  ? lock_chain_count+0x20/0x20
[ 2663.455511]  ? lock_is_held_type+0xd7/0x130
[ 2663.456070]  ? find_held_lock+0x2c/0x110
[ 2663.456596]  ? lock_release+0x3b2/0x6f0
[ 2663.457104]  ? __delete_object+0xb3/0x100
[ 2663.457689]  ? mark_held_locks+0x9e/0xe0
[ 2663.458258]  __kasan_record_aux_stack+0x97/0xa0
[ 2663.458888]  ? hugetlb_cgroup_migrate+0xf70/0xf70
[ 2663.459536]  call_rcu+0x6a/0xa20
[ 2663.459949]  ? _raw_spin_unlock_irqrestore+0x33/0x50
[ 2663.460594]  ? security_inode_init_security+0x1d5/0x350
[ 2663.461290]  kfree+0x1b2/0x410
[ 2663.461718]  security_inode_init_security+0x1d5/0x350
[ 2663.462390]  ? ext4_init_acl+0x310/0x310
[ 2663.462914]  ? inode_free_by_rcu+0x20/0x20
[ 2663.463508]  ? chksum_update+0x4c/0xb0
[ 2663.464013]  __ext4_new_inode+0x39c8/0x5620
[ 2663.464593]  ? ext4_mark_inode_used+0x14a0/0x14a0
[ 2663.465242]  ? ext4_mkdir+0x6c3/0xb20
[ 2663.465741]  ext4_mkdir+0x33a/0xb20
[ 2663.466225]  ? ext4_init_new_dir+0x4d0/0x4d0
[ 2663.466794]  ? inode_permission.part.0+0xb5/0x670
[ 2663.467414]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 2663.468139]  vfs_mkdir+0x1d0/0x3c0
[ 2663.468596]  do_mkdirat+0x17b/0x2e0
[ 2663.469070]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[ 2663.469786]  ? do_file_open_root+0x590/0x590
[ 2663.470362]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 2663.471078]  ? getname_flags.part.0+0x1dd/0x4f0
[ 2663.471725]  __x64_sys_mkdir+0xf2/0x140
[ 2663.472243]  do_syscall_64+0x3b/0x90
[ 2663.472715]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2663.473378] RIP: 0033:0x7f792bd1dc27
[ 2663.473855] Code: 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2663.476245] RSP: 002b:00007f7929293fa8 EFLAGS: 00000246 ORIG_RAX: 0000000000000053
[ 2663.477234] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f792bd1dc27
[ 2663.478172] RDX: 0000000000000000 RSI: 00000000000001ff RDI: 0000000020000100
[ 2663.479084] RBP: 00007f7929294040 R08: 0000000000000000 R09: 0000000000000000
[ 2663.480062] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 2663.481063] R13: 0000000020000100 R14: 00007f7929294000 R15: 0000000000000000
[ 2663.481985]  </TASK>
09:01:11 executing program 7:
openat$sndseq(0xffffffffffffff9c, 0x0, 0x0)
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{0x0}, {&(0x7f0000000300)=""/165, 0xa5}], 0x2, 0xa500, 0x0)

09:01:11 executing program 1:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{&(0x7f0000000040)=""/35, 0x23}, {0x0, 0x2}, {&(0x7f0000000300)=""/165, 0xa5}], 0x3, 0x6800, 0x0)

09:01:11 executing program 6:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{&(0x7f0000000040)=""/35, 0x23}, {0x0}, {&(0x7f0000000300)=""/165, 0xa5}], 0x3, 0x500, 0x0)

[ 2663.645593] 9pnet_fd: Insufficient options for proto=fd
[ 2663.686347] Call Trace:
[ 2663.686774]  <TASK>
[ 2663.687081]  x86_pmu_stop+0x149/0x330
[ 2663.687636]  x86_pmu_del+0x1be/0x610
[ 2663.688127]  event_sched_out+0x2ed/0xe80
[ 2663.688669]  __perf_remove_from_context+0x87/0xbe0
[ 2663.689321]  event_function+0x297/0x3d0
[ 2663.689837]  ? perf_uprobe_event_init+0x1c0/0x1c0
[ 2663.690464]  remote_function+0x125/0x1b0
[ 2663.690996]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 2663.691731]  ? perf_duration_warn+0x40/0x40
[ 2663.692304]  generic_exec_single+0x203/0x300
[ 2663.692877]  smp_call_function_single+0x189/0x460
[ 2663.693500]  ? perf_duration_warn+0x40/0x40
[ 2663.694057]  ? generic_exec_single+0x300/0x300
[ 2663.694642]  ? perf_duration_warn+0x40/0x40
[ 2663.695211]  ? lock_is_held_type+0xd7/0x130
[ 2663.695814]  event_function_call+0x3d0/0x430
[ 2663.696390]  ? perf_group_detach+0x11b0/0x11b0
[ 2663.696996]  ? perf_copy_attr+0x9c0/0x9c0
[ 2663.697550]  ? lock_release+0x3b2/0x6f0
[ 2663.698068]  ? perf_group_detach+0x11b0/0x11b0
[ 2663.698677]  ? perf_uprobe_event_init+0x1c0/0x1c0
[ 2663.699297]  ? _raw_spin_unlock_irq+0x1f/0x40
[ 2663.699922]  perf_remove_from_context+0x12e/0x260
[ 2663.700544]  perf_event_release_kernel+0x153/0x7f0
[ 2663.701210]  ? lock_is_held_type+0xd7/0x130
[ 2663.701803]  ? perf_pmu_migrate_context+0xae0/0xae0
[ 2663.702481]  ? lock_is_held_type+0xd7/0x130
[ 2663.703058]  perf_release+0x33/0x40
[ 2663.703588]  __fput+0x272/0x9d0
[ 2663.704016]  ? perf_event_release_kernel+0x7f0/0x7f0
[ 2663.704689]  task_work_run+0xe2/0x1a0
[ 2663.705192]  exit_to_user_mode_prepare+0x199/0x1a0
[ 2663.705875]  syscall_exit_to_user_mode+0x19/0x50
[ 2663.706524]  do_syscall_64+0x48/0x90
[ 2663.707029]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2663.707727] RIP: 0033:0x7f750a30a72b
[ 2663.708209] Code: 0f 05 48 3d 00 f0 ff ff 77 45 c3 0f 1f 40 00 48 83 ec 18 89 7c 24 0c e8 63 fc ff ff 8b 7c 24 0c 41 89 c0 b8 03 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 35 44 89 c7 89 44 24 0c e8 a1 fc ff ff 8b 44
[ 2663.710594] RSP: 002b:00007ffc8fa2e8d0 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[ 2663.711640] RAX: 0000000000000000 RBX: 0000000000000004 RCX: 00007f750a30a72b
[ 2663.712558] RDX: 0000000000000000 RSI: ffffffff81388253 RDI: 0000000000000003
[ 2663.713470] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000001b30c2001c
[ 2663.714434] R10: 0000000000000473 R11: 0000000000000293 R12: 00007f750a46bb60
[ 2663.715403] R13: 00007f750a46bb60 R14: 00007f750a46af60 R15: 000000000028a383
[ 2663.716361]  ? smp_call_function_single+0x193/0x460
[ 2663.717015]  </TASK>
[ 2663.730944] Call Trace:
[ 2663.731343]  <IRQ>
[ 2663.731677]  ? x86_pmu_start+0x1c0/0x240
[ 2663.732237]  x86_pmu_enable+0x580/0xd90
[ 2663.732778]  ? amd_pmu_disable_virt+0xa0/0xa0
[ 2663.733394]  ctx_resched+0x2b9/0x3a0
[ 2663.733890]  __perf_install_in_context+0x285/0xa40
[ 2663.734535]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 2663.735247]  ? ctx_resched+0x3a0/0x3a0
[ 2663.735774]  remote_function+0x125/0x1b0
[ 2663.736304]  flush_smp_call_function_queue+0x1df/0x610
[ 2663.736986]  ? perf_duration_warn+0x40/0x40
[ 2663.737592]  __sysvec_call_function_single+0x92/0x3a0
[ 2663.738298]  sysvec_call_function_single+0x89/0xc0
[ 2663.738954]  </IRQ>
[ 2663.739242]  <TASK>
[ 2663.739561]  asm_sysvec_call_function_single+0x12/0x20
[ 2663.740235] RIP: 0010:rcu_lockdep_current_cpu_online+0x14/0x130
[ 2663.741028] Code: c3 e8 c0 4b ff ff b8 01 00 00 00 c3 66 2e 0f 1f 84 00 00 00 00 00 65 8b 15 c9 a1 d2 7e 81 e2 00 00 f0 00 b8 01 00 00 00 75 0a <8b> 15 72 f0 5d 04 85 d2 75 01 c3 55 53 48 83 ec 08 65 ff 05 a4 a1
[ 2663.743403] RSP: 0018:ffff888018427408 EFLAGS: 00000246
[ 2663.744153] RAX: 0000000000000001 RBX: 0000000000000000 RCX: 1ffffffff09e311c
[ 2663.745092] RDX: 0000000000000000 RSI: 0000000000000002 RDI: ffffffff84f188e0
[ 2663.746011] RBP: 1ffff11003084e86 R08: 0000000000000000 R09: ffffffff858dbcd7
[ 2663.746934] R10: fffffbfff0b1b79a R11: 0000000000000001 R12: 0000000000000001
[ 2663.747918] R13: 0000000000000cc0 R14: 0000000000092cc0 R15: 0000000000092cc0
[ 2663.748875]  rcu_read_lock_sched_held+0x25/0x70
[ 2663.749507]  lock_release+0x505/0x6f0
[ 2663.750011]  ? kmem_cache_alloc+0x43/0x480
[ 2663.750592]  ? lock_downgrade+0x6d0/0x6d0
[ 2663.751141]  ? create_object.isra.0+0x3a/0xa20
[ 2663.751751]  ? create_object.isra.0+0x3a/0xa20
[ 2663.752349]  kmem_cache_alloc+0x43/0x480
[ 2663.752886]  create_object.isra.0+0x3a/0xa20
[ 2663.753458]  ? kasan_unpoison+0x23/0x50
[ 2663.753977]  kmem_cache_alloc_lru+0x2d3/0x7c0
[ 2663.754582]  ? __d_alloc+0x31/0x990
[ 2663.755074]  __d_alloc+0x31/0x990
[ 2663.755572]  d_alloc_parallel+0x10a/0x1c00
[ 2663.756129]  ? __lock_acquire+0x164e/0x6120
[ 2663.756724]  ? find_held_lock+0x2c/0x110
[ 2663.757253]  ? lockdep_hardirqs_on_prepare+0x400/0x400
[ 2663.757937]  ? lock_release+0x3b2/0x6f0
[ 2663.758451]  ? __d_lookup_rcu+0x730/0x730
[ 2663.758991]  ? lockdep_init_map_type+0x21a/0x7e0
[ 2663.759648]  ? lockdep_init_map_type+0x21a/0x7e0
[ 2663.760269]  __lookup_slow+0x193/0x490
[ 2663.760772]  ? page_put_link+0x1f0/0x1f0
[ 2663.761320]  ? mac802154_llsec_dev_add+0x520/0x910
[ 2663.761973]  ? mac802154_llsec_dev_add+0x520/0x910
[ 2663.762634]  ? selinux_path_notify+0x470/0x470
[ 2663.763256]  walk_component+0x411/0x6a0
[ 2663.763802]  ? handle_dots.part.0+0x1500/0x1500
[ 2663.764405]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 2663.765119]  ? security_inode_permission+0xcb/0x100
[ 2663.765767]  ? inode_permission.part.0+0xb5/0x670
[ 2663.766393]  link_path_walk.part.0+0x7f8/0xf80
[ 2663.766998]  ? path_init+0x17b0/0x17b0
[ 2663.767532]  ? percpu_counter_add_batch+0xb4/0x170
[ 2663.768197]  path_openat+0x25d/0x2870
[ 2663.768715]  ? path_lookupat+0x850/0x850
[ 2663.769256]  ? lockdep_hardirqs_on_prepare+0x400/0x400
[ 2663.769959]  ? lock_is_held_type+0xd7/0x130
[ 2663.770527]  do_filp_open+0x1aa/0x400
[ 2663.771023]  ? may_open_dev+0xf0/0xf0
[ 2663.771561]  ? rwlock_bug.part.0+0x90/0x90
[ 2663.772116]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[ 2663.772830]  ? _find_next_bit+0x1e5/0x260
[ 2663.773396]  ? _raw_spin_unlock+0x24/0x40
[ 2663.773960]  ? alloc_fd+0x2f0/0x670
[ 2663.774459]  do_sys_openat2+0x16d/0x4c0
[ 2663.775016]  ? build_open_flags+0x6f0/0x6f0
[ 2663.775640]  ? seccomp_notify_ioctl+0xdc0/0xdc0
[ 2663.776274]  __x64_sys_openat+0x13f/0x1f0
[ 2663.776817]  ? __x64_sys_open+0x1c0/0x1c0
[ 2663.777367]  ? __secure_computing+0x195/0x2f0
[ 2663.777960]  do_syscall_64+0x3b/0x90
[ 2663.778451]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2663.779125] RIP: 0033:0x7f9e21b9ac64
[ 2663.779631] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 36 61 f9 ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 68 61 f9 ff 8b 44
[ 2663.782075] RSP: 002b:00007ffd3e915560 EFLAGS: 00000293 ORIG_RAX: 0000000000000101
[ 2663.783076] RAX: ffffffffffffffda RBX: 000055c722ba3d60 RCX: 00007f9e21b9ac64
[ 2663.784049] RDX: 0000000000080802 RSI: 000055c722bd9e60 RDI: 00000000ffffff9c
[ 2663.784974] RBP: 000055c722bd9e60 R08: 0000000000000000 R09: ffffffffffffff01
[ 2663.785896] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000080802
[ 2663.786819] R13: 00000000fffffffa R14: 000055c722be6d70 R15: 0000000000000002
[ 2663.787807]  </TASK>
[ 2663.807705] Call Trace:
[ 2663.808159]  <TASK>
[ 2663.808463]  x86_pmu_stop+0x149/0x330
[ 2663.808987]  x86_pmu_del+0x1be/0x610
[ 2663.809491]  event_sched_out+0x2ed/0xe80
[ 2663.810038]  __perf_remove_from_context+0x87/0xbe0
[ 2663.810692]  event_function+0x297/0x3d0
[ 2663.811210]  ? perf_uprobe_event_init+0x1c0/0x1c0
[ 2663.811863]  remote_function+0x125/0x1b0
[ 2663.812403]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 2663.813133]  ? perf_duration_warn+0x40/0x40
[ 2663.813722]  generic_exec_single+0x203/0x300
[ 2663.814306]  smp_call_function_single+0x189/0x460
[ 2663.814950]  ? perf_duration_warn+0x40/0x40
[ 2663.815588]  ? generic_exec_single+0x300/0x300
[ 2663.816205]  ? perf_duration_warn+0x40/0x40
[ 2663.816788]  ? lock_is_held_type+0xd7/0x130
[ 2663.817366]  event_function_call+0x3d0/0x430
[ 2663.817948]  ? perf_group_detach+0x11b0/0x11b0
[ 2663.818552]  ? perf_copy_attr+0x9c0/0x9c0
[ 2663.819088]  ? lock_release+0x3b2/0x6f0
[ 2663.819636]  ? perf_group_detach+0x11b0/0x11b0
[ 2663.820237]  ? perf_uprobe_event_init+0x1c0/0x1c0
[ 2663.820878]  ? _raw_spin_unlock_irq+0x1f/0x40
[ 2663.821483]  perf_remove_from_context+0x12e/0x260
[ 2663.822139]  perf_event_release_kernel+0x153/0x7f0
[ 2663.822802]  ? lock_is_held_type+0xd7/0x130
[ 2663.823383]  ? perf_pmu_migrate_context+0xae0/0xae0
[ 2663.824065]  ? lock_is_held_type+0xd7/0x130
[ 2663.824639]  perf_release+0x33/0x40
[ 2663.825115]  __fput+0x272/0x9d0
[ 2663.825545]  ? perf_event_release_kernel+0x7f0/0x7f0
[ 2663.826212]  task_work_run+0xe2/0x1a0
[ 2663.826721]  do_exit+0xaf7/0x27e0
[ 2663.827174]  ? find_held_lock+0x2c/0x110
[ 2663.827746]  ? lock_release+0x3b2/0x6f0
[ 2663.828275]  ? mm_update_next_owner+0x7d0/0x7d0
[ 2663.828896]  ? lock_downgrade+0x6d0/0x6d0
[ 2663.829458]  ? lock_is_held_type+0xd7/0x130
[ 2663.830045]  do_group_exit+0xd2/0x2f0
[ 2663.830571]  get_signal+0x2303/0x2350
[ 2663.831098]  ? lock_downgrade+0x6d0/0x6d0
[ 2663.831674]  ? signal_setup_done+0x520/0x520
[ 2663.832249]  ? lock_is_held_type+0xd7/0x130
[ 2663.832819]  arch_do_signal_or_restart+0x88/0x1a40
[ 2663.833460]  ? __do_sys_perf_event_open+0xd2/0x3040
[ 2663.834117]  ? get_sigframe_size+0x10/0x10
[ 2663.834675]  ? perf_remove_from_context+0x260/0x260
[ 2663.835337]  ? xfd_validate_state+0x59/0x180
[ 2663.835993]  exit_to_user_mode_prepare+0x131/0x1a0
[ 2663.836665]  syscall_exit_to_user_mode+0x19/0x50
[ 2663.837320]  do_syscall_64+0x48/0x90
[ 2663.837821]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2663.838500] RIP: 0033:0x7f750a357b19
[ 2663.838979] Code: Unable to access opcode bytes at RIP 0x7f750a357aef.
[ 2663.839851] RSP: 002b:00007f75078cd188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a
[ 2663.840852] RAX: 0000000000000003 RBX: 00007f750a46af60 RCX: 00007f750a357b19
[ 2663.841789] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000c00
[ 2663.842721] RBP: 00007f750a3b1f6d R08: 0000000000000000 R09: 0000000000000000
[ 2663.843684] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000000
[ 2663.844679] R13: 00007ffc8fa2e86f R14: 00007f75078cd300 R15: 0000000000022000
[ 2663.845638]  </TASK>
09:01:27 executing program 0:
perf_event_open$cgroup(&(0x7f0000000c00)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x100f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

09:01:27 executing program 4:
r0 = syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='proc\x00', 0x0, 0x0)
chroot(&(0x7f0000000040)='./file0\x00')
r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/kexec_crash_size', 0x0, 0x0)
ioctl$F2FS_IOC_SET_PIN_FILE(r0, 0x4004f50d, &(0x7f0000000200)=0x1)
r2 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000140), 0x1, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r1, &(0x7f00000001c0)={0x4})
umount2(&(0x7f0000000180)='./file0\x00', 0x0)

09:01:27 executing program 6:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{&(0x7f0000000040)=""/35, 0x23}, {0x0}, {&(0x7f0000000300)=""/165, 0xa5}], 0x3, 0x600, 0x0)

09:01:27 executing program 3:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{&(0x7f0000000040)=""/35, 0x23}, {0x0}, {&(0x7f0000000300)=""/165, 0xa5}], 0x3, 0x4c, 0x0)

09:01:27 executing program 1:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{&(0x7f0000000040)=""/35, 0x23}, {0x0, 0x2}, {&(0x7f0000000300)=""/165, 0xa5}], 0x3, 0x6c00, 0x0)

09:01:27 executing program 5:
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f0000000140)={'team0\x00', <r0=>0x0})
sendmsg$ETHTOOL_MSG_PRIVFLAGS_GET(0xffffffffffffffff, &(0x7f0000000280)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000240)={&(0x7f0000000180)=ANY=[@ANYBLOB="8c000000", @ANYRES16=0x0, @ANYBLOB="010026bd7000ffdbdf250d0000002c0001800800030002000000080003000100000008000100", @ANYRES32=0x0, @ANYBLOB="080003000200000008000300020000001800018014000200697036746e6c300000000000000000002800018008000100", @ANYRES32=r0, @ANYBLOB="1c000000", @ANYRES32=0x0, @ANYBLOB="140002007465616d5f736c6176655f30000000000c0001800800030001000000"], 0x8c}, 0x1, 0x0, 0x0, 0x8005}, 0x48041)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
sendmsg$unix(0xffffffffffffffff, 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
pwritev(r1, &(0x7f0000000640)=[{&(0x7f00000002c0)="19", 0x1}], 0x1, 0x8000000, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0)
r3 = socket$inet6(0xa, 0x1, 0x0)
bind$inet6(r3, &(0x7f00000002c0)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
connect$inet6(r3, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c)
recvfrom(r3, &(0x7f00000003c0)=""/87, 0x20010397, 0x300, 0x0, 0x0)
sendfile(r3, r2, 0x0, 0xfffffdef)
readv(0xffffffffffffffff, &(0x7f0000000040), 0x0)
openat$cgroup_freezer_state(0xffffffffffffffff, 0x0, 0x2, 0x0)
close(0xffffffffffffffff)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000001540), 0xffffffffffffffff)
sendmsg$NL80211_CMD_STOP_AP(r4, &(0x7f0000001600)={0x0, 0x0, &(0x7f00000015c0)={&(0x7f0000000440)=ANY=[@ANYBLOB="1c00000097cd1721117347fa8e9e7e419f7dc8e0aaafd67700010000000000008837efb4681171d89fc47f4f63289ab66327f7bdf4ff0000008f48ddd00448f8bf2575f74334", @ANYRES16=0x0, @ANYBLOB="010000000000000000001000000008000300", @ANYRES32=0x0, @ANYBLOB="f1b8512249dd3b1117b25e7f090840be62669673ecaf30eedc7b9942749db2bfb4a93317696c5cf1420ce845da78167a15f900000000000000"], 0x1c}}, 0x0)
getsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f0000000040), &(0x7f0000000080)=0xc)
syz_open_dev$sg(&(0x7f0000001000), 0x61c6, 0x2200)

09:01:27 executing program 7:
openat$sndseq(0xffffffffffffff9c, 0x0, 0x0)
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{0x0}, {&(0x7f0000000300)=""/165, 0xa5}], 0x2, 0xbf00, 0x0)

09:01:27 executing program 2:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NLBL_MGMT_C_VERSION(r0, &(0x7f00000001c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x24, 0x0, 0x100, 0x70bd25, 0x25dfdbfd, {}, [@NLBL_MGMT_A_PROTOCOL={0x8}, @NLBL_MGMT_A_FAMILY={0x6, 0xb, 0x1}]}, 0x24}, 0x1, 0x0, 0x0, 0x4001}, 0x4080)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$netlbl_cipso(&(0x7f0000000340), r1)
sendmsg$NLBL_CIPSOV4_C_LIST(r1, &(0x7f0000000c80)={0x0, 0x0, &(0x7f0000000c40)={&(0x7f0000000980)={0x18, r2, 0x1, 0x0, 0x0, {}, [@NLBL_CIPSOV4_A_MLSLVLLST={0x4}]}, 0x18}}, 0x0)
ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000180)={'wpan0\x00', <r3=>0x0})
r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000780), r5)
sendmsg$IEEE802154_LLSEC_SETPARAMS(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000400)={0x24, r6, 0x10d, 0x0, 0x0, {}, [@IEEE802154_ATTR_DEV_INDEX={0x8, 0x2, r3}, @IEEE802154_ATTR_LLSEC_SECLEVEL={0x5, 0x2a, 0x20}]}, 0x24}}, 0x0)
ioctl$sock_SIOCGIFINDEX_802154(r1, 0x8933, &(0x7f0000000400)={'wpan4\x00', <r7=>0x0})
sendmsg$NL802154_CMD_DEL_SEC_DEV(r0, &(0x7f0000000500)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f00000004c0)={&(0x7f0000000440)={0x44, 0x0, 0x300, 0x70bd25, 0x25dfdbfc, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x100000001}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r3}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r7}, @NL802154_ATTR_IFINDEX={0x8}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x100000001}]}, 0x44}}, 0x4)
r8 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$NLBL_MGMT_C_ADD(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)={0x4c, r8, 0x1, 0x0, 0x0, {}, [@NLBL_MGMT_A_DOMAIN={0x6, 0x1, '%\x00'}, @NLBL_MGMT_A_IPV6ADDR={0x14, 0x5, @local}, @NLBL_MGMT_A_IPV6MASK={0x14, 0x6, @mcast1}, @NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x5}]}, 0x4c}, 0x1, 0x700000000000000}, 0x0)

[ 2679.109628] Call Trace:
[ 2679.110120]  <IRQ>
[ 2679.110441]  ? x86_pmu_start+0x1c0/0x240
[ 2679.111095]  x86_pmu_enable+0x580/0xd90
[ 2679.111797]  ? amd_pmu_disable_virt+0xa0/0xa0
[ 2679.112510]  ctx_resched+0x2b9/0x3a0
[ 2679.113026]  __perf_install_in_context+0x285/0xa40
[ 2679.113702]  ? __irq_exit_rcu+0x113/0x170
[ 2679.114267]  ? ctx_resched+0x3a0/0x3a0
[ 2679.114792]  remote_function+0x125/0x1b0
[ 2679.115348]  flush_smp_call_function_queue+0x1df/0x610
[ 2679.116126]  ? perf_duration_warn+0x40/0x40
[ 2679.116714]  __sysvec_call_function_single+0x92/0x3a0
[ 2679.117435]  sysvec_call_function_single+0x89/0xc0
[ 2679.118120]  </IRQ>
[ 2679.118426]  <TASK>
[ 2679.118737]  asm_sysvec_call_function_single+0x12/0x20
[ 2679.119467] RIP: 0010:check_kcov_mode+0x2e/0x40
[ 2679.120117] Code: b9 be 7e 89 c2 81 e2 00 01 00 00 a9 00 01 ff 00 74 10 31 c0 85 d2 74 15 8b 96 64 14 00 00 85 d2 74 0b 8b 86 40 14 00 00 39 f8 <0f> 94 c0 c3 66 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 31 c0 65 8b
[ 2679.122663] RSP: 0018:ffff88804abf7708 EFLAGS: 00000293
[ 2679.123420] RAX: 0000000000000000 RBX: ffffea0000dacf00 RCX: ffff888042398000
[ 2679.124440] RDX: 0000000000000000 RSI: ffff888042398000 RDI: 0000000000000003
[ 2679.125420] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 2679.126393] R10: ffffffff8161b692 R11: 0000000000000000 R12: 0000000000000001
[ 2679.127373] R13: ffffea0000dacf08 R14: 0000000000000001 R15: ffff88804abf7a28
[ 2679.128391]  ? __page_mapcount+0xd2/0x3a0
[ 2679.128987]  __sanitizer_cov_trace_const_cmp1+0x22/0x80
[ 2679.129693]  __page_mapcount+0xd2/0x3a0
[ 2679.130216]  unmap_page_range+0x1136/0x2680
[ 2679.130830]  ? vm_normal_page+0x2e0/0x2e0
[ 2679.131400]  ? lock_release+0x3b2/0x6f0
[ 2679.131987]  ? lock_downgrade+0x6d0/0x6d0
[ 2679.132535]  ? uprobe_munmap+0x1c/0x560
[ 2679.133067]  unmap_single_vma+0x198/0x310
[ 2679.133618]  unmap_vmas+0x16b/0x2f0
[ 2679.134109]  ? lock_downgrade+0x6d0/0x6d0
[ 2679.134684]  ? unmap_mapping_range+0x280/0x280
[ 2679.135331]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 2679.136088]  exit_mmap+0x192/0x460
[ 2679.136609]  ? do_munmap+0x40/0x40
[ 2679.137116]  ? delayed_uprobe_remove+0x27/0x230
[ 2679.137798]  mmput+0xc8/0x380
[ 2679.138253]  do_exit+0xa0a/0x27e0
[ 2679.138750]  ? find_held_lock+0x2c/0x110
[ 2679.139335]  ? lock_release+0x3b2/0x6f0
[ 2679.139933]  ? mm_update_next_owner+0x7d0/0x7d0
[ 2679.140583]  ? lock_downgrade+0x6d0/0x6d0
[ 2679.141177]  ? lock_is_held_type+0xd7/0x130
[ 2679.141781]  do_group_exit+0xd2/0x2f0
[ 2679.142310]  get_signal+0x2303/0x2350
[ 2679.142890]  ? wake_up_q+0x8b/0xf0
[ 2679.143389]  ? signal_setup_done+0x520/0x520
[ 2679.144095]  arch_do_signal_or_restart+0x88/0x1a40
[ 2679.144799]  ? do_futex+0x136/0x380
[ 2679.145300]  ? __ia32_compat_sys_get_robust_list+0x3b0/0x3b0
[ 2679.146102]  ? get_sigframe_size+0x10/0x10
[ 2679.146721]  ? __x64_sys_futex+0x1c6/0x4c0
[ 2679.147300]  ? __x64_sys_openat+0x13f/0x1f0
[ 2679.147944]  ? __x64_sys_futex_time32+0x480/0x480
[ 2679.148641]  exit_to_user_mode_prepare+0x131/0x1a0
[ 2679.149327]  syscall_exit_to_user_mode+0x19/0x50
[ 2679.150044]  do_syscall_64+0x48/0x90
[ 2679.150573]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2679.151295] RIP: 0033:0x7faa53ee7b19
[ 2679.151865] Code: Unable to access opcode bytes at RIP 0x7faa53ee7aef.
[ 2679.152787] RSP: 002b:00007faa5145d218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 2679.153868] RAX: 0000000000000000 RBX: 00007faa53ffaf68 RCX: 00007faa53ee7b19
[ 2679.154878] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007faa53ffaf68
[ 2679.155927] RBP: 00007faa53ffaf60 R08: 0000000000000000 R09: 0000000000000000
[ 2679.156932] R10: 0000000000000000 R11: 0000000000000246 R12: 00007faa53ffaf6c
[ 2679.157944] R13: 00007ffd1c5993ef R14: 00007faa5145d300 R15: 0000000000022000
[ 2679.158989]  </TASK>
09:01:27 executing program 3:
socketpair$unix(0x1, 0x5, 0x0, 0x0)
sendmsg$unix(0xffffffffffffffff, 0x0, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
pwritev(r0, &(0x7f0000000640)=[{&(0x7f00000002c0)="19", 0x1}], 0x1, 0x8000000, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0)
r2 = socket$inet6(0xa, 0x1, 0x0)
bind$inet6(r2, &(0x7f00000002c0)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c)
recvfrom(r2, &(0x7f00000003c0)=""/87, 0x20010397, 0x300, 0x0, 0x0)
sendfile(r2, r1, 0x0, 0xfffffdef)
readv(0xffffffffffffffff, &(0x7f0000000040), 0x0)
openat$cgroup_freezer_state(0xffffffffffffffff, 0x0, 0x2, 0x0)
close(0xffffffffffffffff)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000001540), 0xffffffffffffffff)
sendmsg$NL80211_CMD_STOP_AP(r3, &(0x7f0000001600)={0x0, 0x0, &(0x7f00000015c0)={&(0x7f0000001580)=ANY=[@ANYBLOB="1c000000", @ANYRES16=0x0, @ANYBLOB="00e395d82d766a085b220000000000000000", @ANYRES32=0x0, @ANYBLOB], 0x1c}}, 0x0)
getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000000040), &(0x7f0000000080)=0xc)
syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x2200)

09:01:27 executing program 6:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{&(0x7f0000000040)=""/35, 0x23}, {0x0}, {&(0x7f0000000300)=""/165, 0xa5}], 0x3, 0x700, 0x0)

09:01:27 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, 0x0)
sendmsg$unix(0xffffffffffffffff, 0x0, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
pwritev(r0, &(0x7f0000000640)=[{&(0x7f00000002c0)="19", 0x1}], 0x1, 0x8000000, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0)
r2 = socket$inet6(0xa, 0x1, 0x0)
bind$inet6(r2, &(0x7f00000002c0)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c)
recvfrom(r2, &(0x7f00000003c0)=""/87, 0x20010397, 0x300, 0x0, 0x0)
sendfile(r2, r1, 0x0, 0xfffffdef)
readv(0xffffffffffffffff, &(0x7f0000000040), 0x0)
openat$cgroup_freezer_state(0xffffffffffffffff, 0x0, 0x2, 0x0)
close(0xffffffffffffffff)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000001540), 0xffffffffffffffff)
sendmsg$NL80211_CMD_STOP_AP(r3, &(0x7f0000001600)={0x0, 0x0, &(0x7f00000015c0)={&(0x7f0000001580)={0x1c, 0x0, 0x1, 0x0, 0x0, {{}, {@val={0x8}, @void}}}, 0x1c}}, 0x0)
connect$inet6(r2, &(0x7f00000000c0)={0xa, 0x4e24, 0xaf, @mcast1, 0x8}, 0x1c)
getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000000040), &(0x7f0000000080)=0xc)
syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x2200)

[ 2679.326492] Call Trace:
[ 2679.326906]  <TASK>
[ 2679.327199]  x86_pmu_stop+0x149/0x330
[ 2679.327772]  x86_pmu_del+0x1be/0x610
[ 2679.328331]  event_sched_out+0x2ed/0xe80
[ 2679.328920]  __perf_remove_from_context+0x87/0xbe0
[ 2679.329572]  event_function+0x297/0x3d0
[ 2679.330135]  ? perf_uprobe_event_init+0x1c0/0x1c0
[ 2679.330809]  remote_function+0x125/0x1b0
[ 2679.331347]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 2679.332146]  ? perf_duration_warn+0x40/0x40
[ 2679.332758]  generic_exec_single+0x203/0x300
[ 2679.333382]  smp_call_function_single+0x189/0x460
[ 2679.334041]  ? perf_duration_warn+0x40/0x40
[ 2679.334650]  ? generic_exec_single+0x300/0x300
[ 2679.335289]  ? perf_duration_warn+0x40/0x40
[ 2679.335975]  ? lock_is_held_type+0xd7/0x130
[ 2679.336545]  event_function_call+0x3d0/0x430
[ 2679.337214]  ? perf_group_detach+0x11b0/0x11b0
[ 2679.337896]  ? perf_copy_attr+0x9c0/0x9c0
[ 2679.338513]  ? lock_release+0x3b2/0x6f0
[ 2679.339116]  ? perf_group_detach+0x11b0/0x11b0
[ 2679.339773]  ? perf_uprobe_event_init+0x1c0/0x1c0
[ 2679.340439]  ? _raw_spin_unlock_irq+0x1f/0x40
[ 2679.341088]  perf_remove_from_context+0x12e/0x260
[ 2679.341723]  perf_event_release_kernel+0x153/0x7f0
[ 2679.342365]  ? lock_is_held_type+0xd7/0x130
[ 2679.343033]  ? perf_pmu_migrate_context+0xae0/0xae0
[ 2679.343861]  ? lock_is_held_type+0xd7/0x130
[ 2679.344585]  perf_release+0x33/0x40
[ 2679.345097]  __fput+0x272/0x9d0
[ 2679.345545]  ? perf_event_release_kernel+0x7f0/0x7f0
[ 2679.346268]  task_work_run+0xe2/0x1a0
[ 2679.346824]  exit_to_user_mode_prepare+0x199/0x1a0
[ 2679.347513]  syscall_exit_to_user_mode+0x19/0x50
[ 2679.348242]  do_syscall_64+0x48/0x90
[ 2679.348760]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2679.349434] RIP: 0033:0x7f750a30a72b
[ 2679.349928] Code: 0f 05 48 3d 00 f0 ff ff 77 45 c3 0f 1f 40 00 48 83 ec 18 89 7c 24 0c e8 63 fc ff ff 8b 7c 24 0c 41 89 c0 b8 03 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 35 44 89 c7 89 44 24 0c e8 a1 fc ff ff 8b 44
[ 2679.352365] RSP: 002b:00007ffc8fa2e8d0 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[ 2679.353409] RAX: 0000000000000000 RBX: 0000000000000004 RCX: 00007f750a30a72b
[ 2679.354367] RDX: 0000000000000000 RSI: ffffffff81388253 RDI: 0000000000000003
[ 2679.355375] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000001b30c2001c
[ 2679.356392] R10: 0000000000000473 R11: 0000000000000293 R12: 00007f750a46bb60
[ 2679.357350] R13: 00007f750a46bb60 R14: 00007f750a46af60 R15: 000000000028e0d2
[ 2679.358312]  ? smp_call_function_single+0x193/0x460
[ 2679.358999]  </TASK>
[ 2679.383117] Call Trace:
[ 2679.383518]  <IRQ>
[ 2679.383824]  ? x86_pmu_start+0x1c0/0x240
[ 2679.384369]  x86_pmu_enable+0x580/0xd90
[ 2679.384890]  ? amd_pmu_disable_virt+0xa0/0xa0
[ 2679.385522]  ctx_resched+0x2b9/0x3a0
[ 2679.386044]  __perf_install_in_context+0x285/0xa40
[ 2679.386682]  ? ctx_resched+0x3a0/0x3a0
[ 2679.387218]  remote_function+0x125/0x1b0
[ 2679.391861]  flush_smp_call_function_queue+0x1df/0x610
[ 2679.392424]  ? perf_duration_warn+0x40/0x40
[ 2679.392893]  __sysvec_call_function_single+0x92/0x3a0
[ 2679.393435]  sysvec_call_function_single+0x3b/0xc0
[ 2679.393957]  asm_sysvec_call_function_single+0x12/0x20
[ 2679.394509] RIP: 0010:__sanitizer_cov_trace_pc+0x0/0x60
[ 2679.395060] Code: 48 89 ef 5d e9 61 19 32 00 be 03 00 00 00 5d e9 b6 e9 c2 00 66 0f 1f 44 00 00 48 8b be a8 01 00 00 e8 b4 ff ff ff 31 c0 c3 90 <65> 8b 05 b9 b5 be 7e 89 c1 48 8b 34 24 81 e1 00 01 00 00 65 48 8b
[ 2679.397011] RSP: 0018:ffff88806ce09bd8 EFLAGS: 00000246
[ 2679.397564] RAX: 0000000000000000 RBX: 0000000000000000 RCX: ffff88800fa20000
[ 2679.398317] RDX: 0000000000000000 RSI: ffff88800fa20000 RDI: 0000000000000003
[ 2679.399064] RBP: ffff88800f319f80 R08: 0000000000000000 R09: 0000000000000000
[ 2679.399900] R10: ffffffff83ea3d73 R11: 0000000000000000 R12: ffff888040710e60
[ 2679.400872] R13: 0000000000000000 R14: ffff88806ce09ca0 R15: ffff88800e061600
[ 2679.401837]  ? __ieee80211_beacon_get+0x6e3/0x11e0
[ 2679.402567]  __ieee80211_beacon_get+0x718/0x11e0
[ 2679.403203]  ? lockdep_hardirqs_on_prepare+0x400/0x400
[ 2679.403936]  ieee80211_beacon_get_tim+0x8f/0x8f0
[ 2679.404584]  ? ieee80211_get_unsol_bcast_probe_resp_tmpl+0x510/0x510
[ 2679.405479]  ? lock_acquire+0x1b2/0x4d0
[ 2679.406056]  mac80211_hwsim_beacon_tx+0x111/0x8f0
[ 2679.406707]  __iterate_interfaces+0x1f0/0x570
[ 2679.407322]  ? mac80211_hwsim_tx_frame+0x2a0/0x2a0
[ 2679.408017]  ? mac80211_hwsim_tx_frame+0x2a0/0x2a0
[ 2679.408673]  ieee80211_iterate_active_interfaces_atomic+0x70/0x180
[ 2679.409509]  mac80211_hwsim_beacon+0xcd/0x1c0
[ 2679.410114]  ? mac80211_hwsim_tx_frame_no_nl.isra.0+0x1450/0x1450
[ 2679.410948]  __hrtimer_run_queues+0x5e8/0xbd0
[ 2679.411564]  ? hrtimer_sleeper_start_expires+0x80/0x80
[ 2679.412366]  ? ktime_get_update_offsets_now+0x256/0x360
[ 2679.413127]  hrtimer_run_softirq+0x172/0x340
[ 2679.413730]  __do_softirq+0x270/0x8c7
[ 2679.414270]  __irq_exit_rcu+0x113/0x170
[ 2679.414815]  irq_exit_rcu+0x5/0x20
[ 2679.415295]  sysvec_apic_timer_interrupt+0x8e/0xc0
[ 2679.415993]  </IRQ>
[ 2679.416297]  <TASK>
[ 2679.416589]  asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 2679.417274] RIP: 0010:lock_acquire+0x1db/0x4d0
[ 2679.417881] Code: 02 b8 ff ff ff ff 65 0f c1 05 49 91 d9 7e 83 f8 01 0f 85 86 02 00 00 48 83 7c 24 08 00 74 01 fb 48 b8 00 00 00 00 00 fc ff df <48> 01 c3 48 c7 03 00 00 00 00 48 c7 43 08 00 00 00 00 48 8b 84 24
[ 2679.420352] RSP: 0018:ffff888045c8f2e0 EFLAGS: 00000206
[ 2679.421044] RAX: dffffc0000000000 RBX: 1ffff11008b91e5e RCX: 000000000000637e
[ 2679.421995] RDX: 1ffff11001f44134 RSI: 0000000000000002 RDI: 0000000000000000
[ 2679.422954] RBP: 0000000000000001 R08: 0000000000000000 R09: ffffffff86a3e7cf
[ 2679.423951] R10: fffffbfff0d47cf9 R11: 0000000000000001 R12: 0000000000000000
[ 2679.424907] R13: 0000000000000000 R14: ffff88806ce33d00 R15: 0000000000000000
[ 2679.425894]  ? lock_release+0x6f0/0x6f0
[ 2679.426446]  ? lock_release+0x3b2/0x6f0
[ 2679.426989]  ? rcu_read_unlock+0x9/0x60
[ 2679.427532]  ? lock_downgrade+0x6d0/0x6d0
[ 2679.428140]  folio_add_lru+0x186/0x650
[ 2679.428650]  ? folio_add_lru+0x156/0x650
[ 2679.429236]  lru_cache_add_inactive_or_unevictable+0x106/0x240
[ 2679.430049]  __handle_mm_fault+0x1ecb/0x35c0
[ 2679.430632]  ? lock_is_held_type+0xd7/0x130
[ 2679.431243]  ? __pmd_alloc+0x680/0x680
[ 2679.431844]  handle_mm_fault+0x2e6/0xa20
[ 2679.432367]  do_user_addr_fault+0x54a/0x12a0
[ 2679.432992]  exc_page_fault+0xa2/0x1a0
[ 2679.433493]  asm_exc_page_fault+0x1e/0x30
[ 2679.434064] RIP: 0010:copy_user_generic_string+0x2c/0x40
[ 2679.434754] Code: cb 83 fa 08 72 27 89 f9 83 e1 07 74 15 83 e9 08 f7 d9 29 ca 8a 06 88 07 48 ff c6 48 ff c7 ff c9 75 f2 89 d1 c1 e9 03 83 e2 07 <f3> 48 a5 89 d1 f3 a4 31 c0 0f 01 ca c3 8d 0c ca 89 ca eb 20 0f 01
[ 2679.437312] RSP: 0018:ffff888045c8f720 EFLAGS: 00050246
[ 2679.437999] RAX: 0000000000000001 RBX: 0000000000001000 RCX: 0000000000000078
[ 2679.438921] RDX: 0000000000000000 RSI: ffff8880427d6c40 RDI: 0000000020066000
[ 2679.439890] RBP: 00000000200653c0 R08: 0000000000000000 R09: ffff8880427d6fff
[ 2679.440819] R10: ffffed10084fadff R11: 0000000000000001 R12: ffff8880427d6000
[ 2679.441701] R13: 00007fffffffe000 R14: 0000000000000000 R15: ffff888045c8fd70
[ 2679.442657]  copyout.part.0+0xd1/0x100
[ 2679.443200]  _copy_to_iter+0x2b1/0x1820
[ 2679.443740]  ? lock_is_held_type+0xd7/0x130
[ 2679.444357]  ? copy_page_from_iter+0x9f0/0x9f0
[ 2679.444977]  ? lock_is_held_type+0xd7/0x130
[ 2679.445532]  ? find_held_lock+0x2c/0x110
[ 2679.446106]  ? lock_release+0x3b2/0x6f0
[ 2679.446629]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[ 2679.447364]  ? __virt_addr_valid+0xe9/0x310
[ 2679.447977]  ? __sanitizer_cov_trace_const_cmp1+0x22/0x80
[ 2679.448725]  ? __sanitizer_cov_trace_cmp8+0x1d/0x70
[ 2679.449391]  ? __check_object_size+0x1b5/0x4e0
[ 2679.450001]  simple_copy_to_iter+0x4c/0x70
[ 2679.450568]  __skb_datagram_iter+0x4f1/0x880
[ 2679.451150]  ? receiver_wake_function+0x70/0x70
[ 2679.451819]  skb_copy_datagram_iter+0x85/0x270
[ 2679.452429]  tcp_recvmsg_locked+0xecf/0x1e80
[ 2679.453037]  ? tcp_update_recv_tstamps+0x230/0x230
[ 2679.453661]  ? mark_held_locks+0x9e/0xe0
[ 2679.454185]  ? __local_bh_enable_ip+0xa0/0x120
[ 2679.454779]  tcp_recvmsg+0x137/0x620
[ 2679.455285]  ? tcp_recv_timestamp+0x6e0/0x6e0
[ 2679.455896]  ? lock_release+0x3b2/0x6f0
[ 2679.456410]  ? selinux_socket_recvmsg+0x1fd/0x2b0
[ 2679.457048]  ? selinux_socket_getsockopt+0x2b0/0x2b0
[ 2679.457742]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 2679.458450]  ? futex_unqueue+0xb3/0x120
[ 2679.458976]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 2679.459875]  ? futex_wait+0x533/0x660
[ 2679.460387]  ? tcp_recv_timestamp+0x6e0/0x6e0
[ 2679.461002]  inet6_recvmsg+0x13b/0x670
[ 2679.461555]  ? inet6_bind+0x120/0x120
[ 2679.462065]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 2679.462786]  ? security_socket_recvmsg+0x95/0xc0
[ 2679.463411]  ? inet6_bind+0x120/0x120
[ 2679.463928]  sock_recvmsg+0xfb/0x180
[ 2679.464410]  __sys_recvfrom+0x1b8/0x2f0
[ 2679.464929]  ? __ia32_sys_send+0x100/0x100
[ 2679.465508]  ? 0xffffffff81000000
[ 2679.465984]  ? __ia32_compat_sys_get_robust_list+0x3b0/0x3b0
[ 2679.466758]  ? __sanitizer_cov_trace_cmp8+0x1d/0x70
[ 2679.467423]  ? xfd_validate_state+0x59/0x180
[ 2679.468030]  ? restore_fpregs_from_fpstate+0xcc/0x1e0
[ 2679.468717]  __x64_sys_recvfrom+0xdd/0x1b0
[ 2679.469268]  ? lockdep_hardirqs_on+0x79/0x100
[ 2679.469860]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2679.470527]  do_syscall_64+0x3b/0x90
[ 2679.471004]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2679.471800] RIP: 0033:0x7f792bd1eb19
[ 2679.472342] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2679.474859] RSP: 002b:00007f7929294188 EFLAGS: 00000246 ORIG_RAX: 000000000000002d
[ 2679.475873] RAX: ffffffffffffffda RBX: 00007f792be31f60 RCX: 00007f792bd1eb19
[ 2679.476798] RDX: 0000000020010397 RSI: 00000000200003c0 RDI: 0000000000000005
[ 2679.477708] RBP: 00007f792bd78f6d R08: 0000000000000000 R09: 0000000000000000
[ 2679.478689] R10: 0000000000000300 R11: 0000000000000246 R12: 0000000000000000
[ 2679.479662] R13: 00007fffdbdaca8f R14: 00007f7929294300 R15: 0000000000022000
[ 2679.480725]  </TASK>
[ 2679.512079] Call Trace:
[ 2679.512548]  <IRQ>
[ 2679.512830]  x86_pmu_stop+0x149/0x330
[ 2679.513431]  x86_pmu_del+0x1be/0x610
[ 2679.514038]  event_sched_out+0x2ed/0xe80
[ 2679.514692]  __perf_remove_from_context+0x87/0xbe0
[ 2679.515454]  event_function+0x297/0x3d0
[ 2679.516014]  ? perf_uprobe_event_init+0x1c0/0x1c0
[ 2679.516626]  remote_function+0x125/0x1b0
[ 2679.517160]  flush_smp_call_function_queue+0x1df/0x610
[ 2679.517901]  ? perf_duration_warn+0x40/0x40
[ 2679.518514]  __sysvec_call_function_single+0x92/0x3a0
[ 2679.519221]  sysvec_call_function_single+0x89/0xc0
[ 2679.520043]  </IRQ>
[ 2679.520418]  <TASK>
[ 2679.520768]  asm_sysvec_call_function_single+0x12/0x20
[ 2679.521580] RIP: 0010:lock_acquire+0x1db/0x4d0
[ 2679.522231] Code: 02 b8 ff ff ff ff 65 0f c1 05 49 91 d9 7e 83 f8 01 0f 85 86 02 00 00 48 83 7c 24 08 00 74 01 fb 48 b8 00 00 00 00 00 fc ff df <48> 01 c3 48 c7 03 00 00 00 00 48 c7 43 08 00 00 00 00 48 8b 84 24
[ 2679.524662] RSP: 0018:ffff88800e91fc40 EFLAGS: 00000206
[ 2679.525394] RAX: dffffc0000000000 RBX: 1ffff11001d23f8a RCX: 000000000721f4e8
[ 2679.526347] RDX: 1ffff1100131e134 RSI: 0000000000000000 RDI: 0000000000000000
[ 2679.527330] RBP: 0000000000000000 R08: 0000000000000000 R09: ffffffff86a3e787
[ 2679.528351] R10: fffffbfff0d47cf0 R11: 0000000000000001 R12: 0000000000000002
[ 2679.529265] R13: 0000000000000000 R14: ffffffff85201dc0 R15: 0000000000000000
[ 2679.530214]  ? lock_release+0x6f0/0x6f0
[ 2679.530752]  ? mod_objcg_state+0x3ab/0x9e0
[ 2679.531308]  ? lockdep_hardirqs_on+0x79/0x100
[ 2679.531918]  ? mod_objcg_state+0x3ab/0x9e0
[ 2679.532485]  ___cache_free+0x249/0x380
[ 2679.532999]  ? ___cache_free+0x1df/0x380
[ 2679.533538]  ? qlist_free_all+0x4f/0x190
[ 2679.534076]  qlist_free_all+0x6d/0x190
[ 2679.534595]  kasan_quarantine_reduce+0x180/0x200
[ 2679.535230]  __kasan_slab_alloc+0x78/0x80
[ 2679.535790]  kmem_cache_alloc+0x1aa/0x480
[ 2679.536354]  prepare_creds+0x2b/0x6f0
[ 2679.536868]  do_faccessat+0x3f4/0x810
[ 2679.537384]  ? __ia32_sys_trusted_for+0x390/0x390
[ 2679.538017]  ? __secure_computing+0x195/0x2f0
[ 2679.538624]  do_syscall_64+0x3b/0x90
[ 2679.539139]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2679.539873] RIP: 0033:0x7fe025b8a27a
[ 2679.540382] Code: e8 03 39 e8 74 2f 48 8b 05 13 ec 0c 00 41 bc ff ff ff ff 64 c7 00 0d 00 00 00 eb 19 0f 1f 40 00 44 89 ea b8 0d 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 76 41 89 c4 48 8b 84 24 98 00 00 00 64 48 2b
[ 2679.542899] RSP: 002b:00007fff3f1c5e20 EFLAGS: 00000246 ORIG_RAX: 000000000000010d
[ 2679.543950] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fe025b8a27a
[ 2679.544914] RDX: 0000000000000000 RSI: 00007fe025cea9df RDI: 0000000000000011
[ 2679.545875] RBP: 0000000000000000 R08: 000055a0d78478d0 R09: 000055a0d6fcc010
[ 2679.546846] R10: 00007fe025c59b80 R11: 0000000000000246 R12: 0000000000000011
[ 2679.547907] R13: 0000000000000000 R14: 000055a0d788e720 R15: 00007fe0256da6c0
[ 2679.548927]  </TASK>
09:01:43 executing program 1:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{&(0x7f0000000040)=""/35, 0x23}, {0x0, 0x2}, {&(0x7f0000000300)=""/165, 0xa5}], 0x3, 0x7400, 0x0)

09:01:43 executing program 5:
socketpair$unix(0x1, 0x5, 0x0, 0x0)
sendmsg$unix(0xffffffffffffffff, 0x0, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
pwritev(r0, &(0x7f0000000640)=[{&(0x7f00000002c0)="19", 0x1}], 0x1, 0x8000000, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0)
r2 = socket$inet6(0xa, 0x1, 0x0)
bind$inet6(r2, &(0x7f00000002c0)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c)
recvfrom(r2, &(0x7f00000003c0)=""/87, 0x20010397, 0x300, 0x0, 0x0)
sendfile(r2, r1, 0x0, 0xfffffdef)
readv(0xffffffffffffffff, &(0x7f0000000040), 0x0)
openat$cgroup_freezer_state(0xffffffffffffffff, 0x0, 0x2, 0x0)
sendmsg$NL80211_CMD_STOP_AP(0xffffffffffffffff, &(0x7f0000001600)={0x0, 0x0, &(0x7f00000015c0)={&(0x7f0000001580)={0x1c, 0x0, 0x1, 0x0, 0x0, {{}, {@val={0x8}, @void}}}, 0x1c}}, 0x0)
fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
close(0xffffffffffffffff)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000001540), 0xffffffffffffffff)
sendmsg$NL80211_CMD_STOP_AP(r3, &(0x7f0000001600)={0x0, 0x0, &(0x7f00000015c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="1c000000", @ANYRES16=0x0, @ANYBLOB="0100000001000000000010fd3a3d08000300a2cfe88f43c023802202d636454c868ee7399c7ce8e17df539fc8baf2060cf8ea95c841a21c1e06a759d8317e96775515f54ae4ab76183b00fa5133bfaeef0a67b7b9f5f495101974e475de786100b3f705cf0cb10f1caf2", @ANYRES32=0x0, @ANYBLOB], 0x1c}}, 0x0)
getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000000040), &(0x7f0000000080)=0xc)
syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x2200)

09:01:43 executing program 4:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{&(0x7f0000000040)=""/35, 0x23}, {0x0}, {&(0x7f0000000300)=""/165, 0xa5}], 0x3, 0x4, 0x0)

09:01:43 executing program 3:
socketpair$unix(0x1, 0x5, 0x0, 0x0)
sendmsg$unix(0xffffffffffffffff, 0x0, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
pwritev(r0, &(0x7f0000000640)=[{&(0x7f00000002c0)="19", 0x1}], 0x1, 0x8000000, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0)
r2 = socket$inet6(0xa, 0x1, 0x0)
bind$inet6(r2, &(0x7f00000002c0)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c)
recvfrom(r2, &(0x7f00000003c0)=""/87, 0x20010397, 0x300, 0x0, 0x0)
sendfile(r2, r1, 0x0, 0xfffffdef)
readv(0xffffffffffffffff, &(0x7f0000000040), 0x0)
openat$cgroup_freezer_state(0xffffffffffffffff, 0x0, 0x2, 0x0)
close(0xffffffffffffffff)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000001540), 0xffffffffffffffff)
sendmsg$NL80211_CMD_STOP_AP(r3, &(0x7f0000001600)={0x0, 0x0, &(0x7f00000015c0)={&(0x7f0000001580)=ANY=[@ANYBLOB="1c000000", @ANYRES16=0x0, @ANYBLOB="00e395d82d766a085b220000000000000000", @ANYRES32=0x0, @ANYBLOB], 0x1c}}, 0x0)
getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000000040), &(0x7f0000000080)=0xc)
syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x2200)

09:01:43 executing program 6:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{&(0x7f0000000040)=""/35, 0x23}, {0x0}, {&(0x7f0000000300)=""/165, 0xa5}], 0x3, 0xa00, 0x0)

09:01:43 executing program 2:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NLBL_MGMT_C_VERSION(r0, &(0x7f00000001c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x24, 0x0, 0x100, 0x70bd25, 0x25dfdbfd, {}, [@NLBL_MGMT_A_PROTOCOL={0x8}, @NLBL_MGMT_A_FAMILY={0x6, 0xb, 0x1}]}, 0x24}, 0x1, 0x0, 0x0, 0x4001}, 0x4080)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$netlbl_cipso(&(0x7f0000000340), r1)
sendmsg$NLBL_CIPSOV4_C_LIST(r1, &(0x7f0000000c80)={0x0, 0x0, &(0x7f0000000c40)={&(0x7f0000000980)={0x18, r2, 0x1, 0x0, 0x0, {}, [@NLBL_CIPSOV4_A_MLSLVLLST={0x4}]}, 0x18}}, 0x0)
ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000180)={'wpan0\x00', <r3=>0x0})
r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000780), r5)
sendmsg$IEEE802154_LLSEC_SETPARAMS(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000400)={0x24, r6, 0x10d, 0x0, 0x0, {}, [@IEEE802154_ATTR_DEV_INDEX={0x8, 0x2, r3}, @IEEE802154_ATTR_LLSEC_SECLEVEL={0x5, 0x2a, 0x20}]}, 0x24}}, 0x0)
ioctl$sock_SIOCGIFINDEX_802154(r1, 0x8933, &(0x7f0000000400)={'wpan4\x00', <r7=>0x0})
sendmsg$NL802154_CMD_DEL_SEC_DEV(r0, &(0x7f0000000500)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f00000004c0)={&(0x7f0000000440)={0x44, 0x0, 0x300, 0x70bd25, 0x25dfdbfc, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x100000001}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r3}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r7}, @NL802154_ATTR_IFINDEX={0x8}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x100000001}]}, 0x44}}, 0x4)
r8 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$NLBL_MGMT_C_ADD(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)={0x4c, r8, 0x1, 0x0, 0x0, {}, [@NLBL_MGMT_A_DOMAIN={0x6, 0x1, '%\x00'}, @NLBL_MGMT_A_IPV6ADDR={0x14, 0x5, @local}, @NLBL_MGMT_A_IPV6MASK={0x14, 0x6, @mcast1}, @NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x5}]}, 0x4c}, 0x1, 0x700000000000000}, 0x0)

09:01:43 executing program 0:
perf_event_open$cgroup(&(0x7f0000000c00)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x1010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

09:01:43 executing program 7:
openat$sndseq(0xffffffffffffff9c, 0x0, 0x0)
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{0x0}, {&(0x7f0000000300)=""/165, 0xa5}], 0x2, 0x100000, 0x0)

[ 2695.191138] Call Trace:
[ 2695.191896]  <TASK>
[ 2695.192237]  ? x86_pmu_start+0x1c0/0x240
[ 2695.192839]  x86_pmu_enable+0x580/0xd90
[ 2695.193427]  ? amd_pmu_disable_virt+0xa0/0xa0
[ 2695.194102]  ctx_resched+0x2b9/0x3a0
[ 2695.194655]  __perf_install_in_context+0x285/0xa40
[ 2695.195372]  ? ctx_resched+0x3a0/0x3a0
[ 2695.195941]  remote_function+0x125/0x1b0
[ 2695.196575]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 2695.197392]  ? perf_duration_warn+0x40/0x40
[ 2695.198016]  generic_exec_single+0x203/0x300
[ 2695.198674]  smp_call_function_single+0x189/0x460
[ 2695.199368]  ? perf_duration_warn+0x40/0x40
[ 2695.200044]  ? generic_exec_single+0x300/0x300
[ 2695.200704]  ? perf_duration_warn+0x40/0x40
[ 2695.201338]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 2695.202142]  ? lock_is_held_type+0xd7/0x130
[ 2695.202772]  perf_install_in_context+0x4da/0x590
[ 2695.203482]  ? list_add_event+0xeb0/0xeb0
[ 2695.204183]  ? ctx_resched+0x3a0/0x3a0
[ 2695.204999]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 2695.205832]  ? exclusive_event_installable+0x254/0x320
[ 2695.206645]  __do_sys_perf_event_open+0x1bf0/0x3040
[ 2695.207388]  ? __up_read+0x192/0x710
[ 2695.207927]  ? perf_remove_from_context+0x260/0x260
[ 2695.208759]  ? up_write+0x460/0x460
[ 2695.209305]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2695.210117]  do_syscall_64+0x3b/0x90
[ 2695.210669]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2695.211449] RIP: 0033:0x7f750a357b19
[ 2695.211998] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2695.214631] RSP: 002b:00007f75078cd188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a
[ 2695.215758] RAX: ffffffffffffffda RBX: 00007f750a46af60 RCX: 00007f750a357b19
[ 2695.216871] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000c00
[ 2695.217916] RBP: 00007f750a3b1f6d R08: 0000000000000000 R09: 0000000000000000
[ 2695.218938] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000000
[ 2695.220017] R13: 00007ffc8fa2e86f R14: 00007f75078cd300 R15: 0000000000022000
[ 2695.221090]  </TASK>
09:01:43 executing program 4:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{&(0x7f0000000040)=""/35, 0x23}, {0x0}, {&(0x7f0000000300)=""/165, 0xa5}], 0x3, 0x4, 0x0)

09:01:43 executing program 1:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{&(0x7f0000000040)=""/35, 0x23}, {0x0, 0x2}, {&(0x7f0000000300)=""/165, 0xa5}], 0x3, 0x7a00, 0x0)

09:01:43 executing program 7:
openat$sndseq(0xffffffffffffff9c, 0x0, 0x0)
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{0x0}, {&(0x7f0000000300)=""/165, 0xa5}], 0x2, 0xf0ff7f, 0x0)

09:01:43 executing program 6:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{&(0x7f0000000040)=""/35, 0x23}, {0x0}, {&(0x7f0000000300)=""/165, 0xa5}], 0x3, 0x3f00, 0x0)

09:01:43 executing program 5:
socketpair$unix(0x1, 0x5, 0x0, 0x0)
sendmsg$unix(0xffffffffffffffff, 0x0, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
pwritev(r0, &(0x7f0000000640)=[{&(0x7f00000002c0)="19", 0x1}], 0x1, 0x8000000, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0)
r2 = socket$inet6(0xa, 0x4, 0x200)
bind$inet6(r2, &(0x7f00000002c0)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c)
recvfrom(r2, &(0x7f00000003c0)=""/87, 0x20010397, 0x300, 0x0, 0x0)
sendfile(r2, r1, 0x0, 0xfffffdef)
readv(0xffffffffffffffff, &(0x7f0000000040), 0x0)
openat$cgroup_freezer_state(0xffffffffffffffff, 0x0, 0x2, 0x0)
close(0xffffffffffffffff)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000001540), 0xffffffffffffffff)
sendmsg$NL80211_CMD_STOP_AP(r3, &(0x7f0000001600)={0x0, 0x0, &(0x7f00000015c0)={&(0x7f0000001580)={0x1c, 0x0, 0x1, 0x0, 0x0, {{}, {@val={0x8}, @void}}}, 0x1c}}, 0x0)
getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000000040), &(0x7f0000000080)=0xc)
syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x2200)

[ 2695.353057] Call Trace:
[ 2695.353496]  <IRQ>
[ 2695.353807]  x86_pmu_stop+0x149/0x330
[ 2695.354374]  x86_pmu_del+0x1be/0x610
[ 2695.354908]  event_sched_out+0x2ed/0xe80
[ 2695.355474]  __perf_remove_from_context+0x87/0xbe0
[ 2695.356172]  event_function+0x297/0x3d0
[ 2695.356724]  ? perf_uprobe_event_init+0x1c0/0x1c0
[ 2695.357387]  remote_function+0x125/0x1b0
[ 2695.357975]  flush_smp_call_function_queue+0x1df/0x610
[ 2695.358694]  ? perf_duration_warn+0x40/0x40
[ 2695.359295]  __sysvec_call_function_single+0x92/0x3a0
[ 2695.360035]  sysvec_call_function_single+0x89/0xc0
[ 2695.360707]  </IRQ>
[ 2695.361001]  <TASK>
[ 2695.361292]  asm_sysvec_call_function_single+0x12/0x20
[ 2695.362015] RIP: 0010:obj_cgroup_charge+0x24b/0x6a0
[ 2695.362693] Code: 85 1c 04 00 00 48 c7 45 28 00 00 00 00 48 c7 c6 36 06 79 81 48 89 ef e8 23 d8 af ff 4d 85 ed 74 06 e8 e9 83 d1 ff fb 45 31 ed <45> 84 ff 0f 85 f2 00 00 00 41 89 de 49 89 df 41 81 e6 ff 0f 00 00
[ 2695.367353] RSP: 0018:ffff888018427530 EFLAGS: 00000246
[ 2695.368138] RAX: 00000000002e834d RBX: 0000000000000180 RCX: ffffffff81283e5f
[ 2695.369072] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 2695.370027] RBP: ffff88806ce34ce0 R08: 0000000000000001 R09: ffffffff86a3e7ef
[ 2695.370962] R10: fffffbfff0d47cfd R11: 0000000000000001 R12: ffff88800cfea100
[ 2695.371917] R13: 0000000000000000 R14: ffffffff86dcb780 R15: 0000000000000001
[ 2695.372936]  ? mark_lock.part.0+0xef/0x2f60
[ 2695.373532]  kmem_cache_alloc_lru+0x132/0x7c0
[ 2695.374119]  ? __d_alloc+0x31/0x990
[ 2695.374626]  __d_alloc+0x31/0x990
[ 2695.375148]  d_alloc_parallel+0x10a/0x1c00
[ 2695.375815]  ? __lock_acquire+0x164e/0x6120
[ 2695.376463]  ? find_held_lock+0x2c/0x110
[ 2695.377027]  ? lockdep_hardirqs_on_prepare+0x400/0x400
[ 2695.377724]  ? lock_release+0x3b2/0x6f0
[ 2695.378256]  ? __d_lookup_rcu+0x730/0x730
[ 2695.378836]  ? lockdep_init_map_type+0x21a/0x7e0
[ 2695.379489]  ? lockdep_init_map_type+0x21a/0x7e0
[ 2695.380180]  __lookup_slow+0x193/0x490
[ 2695.380716]  ? page_put_link+0x1f0/0x1f0
[ 2695.381278]  ? mac802154_llsec_dev_add+0x520/0x910
[ 2695.381948]  ? mac802154_llsec_dev_add+0x520/0x910
[ 2695.382591]  ? selinux_path_notify+0x470/0x470
[ 2695.383224]  walk_component+0x411/0x6a0
[ 2695.383788]  ? handle_dots.part.0+0x1500/0x1500
[ 2695.384441]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 2695.385140]  ? security_inode_permission+0xcb/0x100
[ 2695.385799]  ? inode_permission.part.0+0xb5/0x670
[ 2695.386470]  link_path_walk.part.0+0x7f8/0xf80
[ 2695.387117]  ? path_init+0x17b0/0x17b0
[ 2695.387652]  ? percpu_counter_add_batch+0xb4/0x170
[ 2695.388411]  path_openat+0x25d/0x2870
[ 2695.388943]  ? path_lookupat+0x850/0x850
[ 2695.389461]  ? lockdep_hardirqs_on_prepare+0x400/0x400
[ 2695.390142]  ? lock_is_held_type+0xd7/0x130
[ 2695.390740]  do_filp_open+0x1aa/0x400
[ 2695.391243]  ? may_open_dev+0xf0/0xf0
[ 2695.391738]  ? rwlock_bug.part.0+0x90/0x90
[ 2695.392310]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[ 2695.393040]  ? _find_next_bit+0x1e5/0x260
[ 2695.393598]  ? _raw_spin_unlock+0x24/0x40
[ 2695.394205]  ? alloc_fd+0x2f0/0x670
[ 2695.394701]  do_sys_openat2+0x16d/0x4c0
[ 2695.395248]  ? build_open_flags+0x6f0/0x6f0
[ 2695.395812]  ? seccomp_notify_ioctl+0xdc0/0xdc0
[ 2695.396448]  __x64_sys_openat+0x13f/0x1f0
[ 2695.396988]  ? __x64_sys_open+0x1c0/0x1c0
[ 2695.397539]  ? __secure_computing+0x195/0x2f0
[ 2695.398131]  do_syscall_64+0x3b/0x90
[ 2695.398631]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2695.399298] RIP: 0033:0x7f9e21b9ac64
[ 2695.399780] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 36 61 f9 ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 68 61 f9 ff 8b 44
[ 2695.402252] RSP: 002b:00007ffd3e915560 EFLAGS: 00000293 ORIG_RAX: 0000000000000101
[ 2695.403260] RAX: ffffffffffffffda RBX: 000055c722ba3d60 RCX: 00007f9e21b9ac64
[ 2695.404244] RDX: 0000000000080802 RSI: 000055c722bd9e60 RDI: 00000000ffffff9c
[ 2695.405324] RBP: 000055c722bd9e60 R08: 0000000000000000 R09: ffffffffffffff01
[ 2695.406360] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000080802
[ 2695.407350] R13: 00000000fffffffa R14: 000055c722be6d70 R15: 0000000000000002
[ 2695.408619]  </TASK>
[ 2695.506757] Call Trace:
[ 2695.507236]  <TASK>
[ 2695.507550]  ? x86_pmu_start+0x1c0/0x240
[ 2695.508167]  x86_pmu_enable+0x580/0xd90
[ 2695.508749]  ? amd_pmu_disable_virt+0xa0/0xa0
[ 2695.509475]  ctx_resched+0x2b9/0x3a0
[ 2695.509990]  __perf_install_in_context+0x285/0xa40
[ 2695.510660]  ? ctx_resched+0x3a0/0x3a0
[ 2695.511166]  remote_function+0x125/0x1b0
[ 2695.511706]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 2695.512491]  ? perf_duration_warn+0x40/0x40
[ 2695.513096]  generic_exec_single+0x203/0x300
[ 2695.513723]  smp_call_function_single+0x189/0x460
[ 2695.514440]  ? perf_duration_warn+0x40/0x40
[ 2695.515081]  ? generic_exec_single+0x300/0x300
[ 2695.515700]  ? perf_duration_warn+0x40/0x40
[ 2695.516326]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 2695.517051]  ? lock_is_held_type+0xd7/0x130
[ 2695.517656]  perf_install_in_context+0x4da/0x590
[ 2695.518312]  ? list_add_event+0xeb0/0xeb0
[ 2695.519024]  ? ctx_resched+0x3a0/0x3a0
[ 2695.519560]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 2695.520367]  ? exclusive_event_installable+0x254/0x320
[ 2695.521077]  __do_sys_perf_event_open+0x1bf0/0x3040
[ 2695.521766]  ? perf_remove_from_context+0x260/0x260
[ 2695.522518]  ? xfd_validate_state+0x59/0x180
[ 2695.523147]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2695.523863]  do_syscall_64+0x3b/0x90
[ 2695.524426]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2695.525118] RIP: 0033:0x7f750a357b19
[ 2695.525625] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2695.528288] RSP: 002b:00007f75078cd188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a
[ 2695.529520] RAX: ffffffffffffffda RBX: 00007f750a46af60 RCX: 00007f750a357b19
[ 2695.530471] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000c00
[ 2695.531563] RBP: 00007f750a3b1f6d R08: 0000000000000000 R09: 0000000000000000
[ 2695.532554] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000000
[ 2695.533472] R13: 00007ffc8fa2e86f R14: 00007f75078cd300 R15: 0000000000022000
[ 2695.534518]  </TASK>
[ 2695.571920] Call Trace:
[ 2695.572421]  <TASK>
[ 2695.572723]  x86_pmu_stop+0x149/0x330
[ 2695.573249]  x86_pmu_del+0x1be/0x610
[ 2695.573783]  event_sched_out+0x2ed/0xe80
[ 2695.574394]  __perf_remove_from_context+0x87/0xbe0
[ 2695.575076]  event_function+0x297/0x3d0
[ 2695.575623]  ? perf_uprobe_event_init+0x1c0/0x1c0
[ 2695.576284]  remote_function+0x125/0x1b0
[ 2695.576832]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 2695.577562]  ? perf_duration_warn+0x40/0x40
[ 2695.578172]  generic_exec_single+0x203/0x300
[ 2695.578766]  smp_call_function_single+0x189/0x460
[ 2695.579407]  ? perf_duration_warn+0x40/0x40
[ 2695.580085]  ? generic_exec_single+0x300/0x300
[ 2695.580718]  ? perf_duration_warn+0x40/0x40
[ 2695.581294]  ? lock_is_held_type+0xd7/0x130
[ 2695.581868]  event_function_call+0x3d0/0x430
[ 2695.582455]  ? perf_group_detach+0x11b0/0x11b0
[ 2695.583075]  ? perf_copy_attr+0x9c0/0x9c0
[ 2695.583636]  ? lock_release+0x3b2/0x6f0
[ 2695.584223]  ? perf_group_detach+0x11b0/0x11b0
[ 2695.584858]  ? perf_uprobe_event_init+0x1c0/0x1c0
[ 2695.585519]  ? _raw_spin_unlock_irq+0x1f/0x40
[ 2695.586122]  perf_remove_from_context+0x12e/0x260
[ 2695.586766]  perf_event_release_kernel+0x153/0x7f0
[ 2695.587439]  ? lock_is_held_type+0xd7/0x130
[ 2695.588073]  ? perf_pmu_migrate_context+0xae0/0xae0
[ 2695.588745]  ? lock_is_held_type+0xd7/0x130
[ 2695.589348]  perf_release+0x33/0x40
[ 2695.589873]  __fput+0x272/0x9d0
[ 2695.590311]  ? perf_event_release_kernel+0x7f0/0x7f0
[ 2695.591007]  task_work_run+0xe2/0x1a0
[ 2695.591529]  exit_to_user_mode_prepare+0x199/0x1a0
[ 2695.592213]  syscall_exit_to_user_mode+0x19/0x50
[ 2695.592842]  do_syscall_64+0x48/0x90
[ 2695.593331]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2695.594015] RIP: 0033:0x7f750a30a72b
[ 2695.594505] Code: 0f 05 48 3d 00 f0 ff ff 77 45 c3 0f 1f 40 00 48 83 ec 18 89 7c 24 0c e8 63 fc ff ff 8b 7c 24 0c 41 89 c0 b8 03 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 35 44 89 c7 89 44 24 0c e8 a1 fc ff ff 8b 44
[ 2695.596924] RSP: 002b:00007ffc8fa2e8d0 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[ 2695.597921] RAX: 0000000000000000 RBX: 0000000000000004 RCX: 00007f750a30a72b
[ 2695.598908] RDX: 00007f750a46fa68 RSI: 0000000000000080 RDI: 0000000000000003
[ 2695.599850] RBP: 0000000000000000 R08: 0000000000000000 R09: 00007f750a46fa70
[ 2695.600843] R10: 00007ffc8fa2e9c0 R11: 0000000000000293 R12: 0000000000292121
[ 2695.601830] R13: 00000000000003e8 R14: 00007f750a46af60 R15: 0000000000291fa3
[ 2695.602863]  </TASK>
09:01:59 executing program 3:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{&(0x7f0000000040)=""/35, 0x23}, {0x0}, {&(0x7f0000000300)=""/165, 0xa5}], 0x3, 0x2, 0x0)

09:01:59 executing program 7:
openat$sndseq(0xffffffffffffff9c, 0x0, 0x0)
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{0x0}, {&(0x7f0000000300)=""/165, 0xa5}], 0x2, 0x1000000, 0x0)

[ 2711.163024] Call Trace:
[ 2711.163535]  <TASK>
[ 2711.163836]  ? x86_pmu_start+0x1c0/0x240
[ 2711.164436]  x86_pmu_enable+0x580/0xd90
[ 2711.164949]  ? amd_pmu_disable_virt+0xa0/0xa0
[ 2711.165575]  ctx_resched+0x2b9/0x3a0
[ 2711.166094]  __perf_install_in_context+0x285/0xa40
[ 2711.166887]  ? ctx_resched+0x3a0/0x3a0
09:01:59 executing program 4:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{&(0x7f0000000040)=""/35, 0x23}, {0x0}, {&(0x7f0000000300)=""/165, 0xa5}], 0x3, 0x4, 0x0)

09:01:59 executing program 2:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NLBL_MGMT_C_VERSION(r0, &(0x7f00000001c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x24, 0x0, 0x100, 0x70bd25, 0x25dfdbfd, {}, [@NLBL_MGMT_A_PROTOCOL={0x8}, @NLBL_MGMT_A_FAMILY={0x6, 0xb, 0x1}]}, 0x24}, 0x1, 0x0, 0x0, 0x4001}, 0x4080)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$netlbl_cipso(&(0x7f0000000340), r1)
sendmsg$NLBL_CIPSOV4_C_LIST(r1, &(0x7f0000000c80)={0x0, 0x0, &(0x7f0000000c40)={&(0x7f0000000980)={0x18, r2, 0x1, 0x0, 0x0, {}, [@NLBL_CIPSOV4_A_MLSLVLLST={0x4}]}, 0x18}}, 0x0)
ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000180)={'wpan0\x00', <r3=>0x0})
r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000780), r5)
sendmsg$IEEE802154_LLSEC_SETPARAMS(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000400)={0x24, r6, 0x10d, 0x0, 0x0, {}, [@IEEE802154_ATTR_DEV_INDEX={0x8, 0x2, r3}, @IEEE802154_ATTR_LLSEC_SECLEVEL={0x5, 0x2a, 0x20}]}, 0x24}}, 0x0)
ioctl$sock_SIOCGIFINDEX_802154(r1, 0x8933, &(0x7f0000000400)={'wpan4\x00'})
r7 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000080), r7)
sendmsg$NLBL_MGMT_C_ADD(r7, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)={0x4c, r8, 0x1, 0x0, 0x0, {}, [@NLBL_MGMT_A_DOMAIN={0x6, 0x1, '%\x00'}, @NLBL_MGMT_A_IPV6ADDR={0x14, 0x5, @local}, @NLBL_MGMT_A_IPV6MASK={0x14, 0x6, @mcast1}, @NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x5}]}, 0x4c}, 0x1, 0x700000000000000}, 0x0)

09:01:59 executing program 6:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{&(0x7f0000000040)=""/35, 0x23}, {0x0}, {&(0x7f0000000300)=""/165, 0xa5}], 0x3, 0x4800, 0x0)

09:01:59 executing program 5:
socketpair$unix(0x1, 0x5, 0x0, 0x0)
sendmsg$unix(0xffffffffffffffff, 0x0, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
pwritev(r0, &(0x7f0000000640)=[{&(0x7f00000002c0)="19", 0x1}], 0x1, 0x8000000, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0)
r2 = socket$inet6(0xa, 0x1, 0x0)
bind$inet6(r2, &(0x7f00000002c0)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c)
recvfrom(r2, &(0x7f00000003c0)=""/87, 0x20010397, 0x300, 0x0, 0x0)
sendfile(r2, r1, 0x0, 0xfffffdef)
readv(0xffffffffffffffff, &(0x7f0000000040), 0x0)
ioctl$KDSKBMODE(r0, 0x4b45, &(0x7f00000000c0)=0x3)
openat$cgroup_freezer_state(0xffffffffffffffff, 0x0, 0x2, 0x0)
close(0xffffffffffffffff)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000001540), 0xffffffffffffffff)
sendmsg$NL80211_CMD_STOP_AP(r3, &(0x7f0000001600)={0x0, 0x0, &(0x7f00000015c0)={&(0x7f0000001580)={0x1c, 0x0, 0x1, 0x0, 0x25dfdbfd, {{}, {@val={0x8}, @void}}}, 0x1c}}, 0x0)
getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000000040), &(0x7f0000000080)=0xc)
syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x2200)

09:01:59 executing program 1:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{&(0x7f0000000040)=""/35, 0x23}, {0x0, 0x2}, {&(0x7f0000000300)=""/165, 0xa5}], 0x3, 0xbf00, 0x0)

09:01:59 executing program 0:
perf_event_open$cgroup(&(0x7f0000000c00)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x1011, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

[ 2711.167418]  remote_function+0x125/0x1b0
[ 2711.168314]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 2711.169074]  ? perf_duration_warn+0x40/0x40
[ 2711.169698]  generic_exec_single+0x203/0x300
[ 2711.170343]  smp_call_function_single+0x189/0x460
[ 2711.171053]  ? perf_duration_warn+0x40/0x40
[ 2711.171673]  ? generic_exec_single+0x300/0x300
[ 2711.172407]  ? perf_duration_warn+0x40/0x40
[ 2711.173032]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 2711.173804]  ? lock_is_held_type+0xd7/0x130
[ 2711.174417]  perf_install_in_context+0x4da/0x590
[ 2711.175074]  ? list_add_event+0xeb0/0xeb0
[ 2711.175644]  ? ctx_resched+0x3a0/0x3a0
[ 2711.176191]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 2711.176995]  ? exclusive_event_installable+0x254/0x320
[ 2711.177750]  __do_sys_perf_event_open+0x1bf0/0x3040
[ 2711.178435]  ? __up_read+0x192/0x710
[ 2711.178934]  ? perf_remove_from_context+0x260/0x260
[ 2711.179597]  ? up_write+0x460/0x460
[ 2711.180104]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2711.180852]  do_syscall_64+0x3b/0x90
[ 2711.181358]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2711.182073] RIP: 0033:0x7f750a357b19
[ 2711.182580] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2711.185070] RSP: 002b:00007f75078cd188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a
[ 2711.186054] RAX: ffffffffffffffda RBX: 00007f750a46af60 RCX: 00007f750a357b19
[ 2711.186991] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000c00
[ 2711.187921] RBP: 00007f750a3b1f6d R08: 0000000000000000 R09: 0000000000000000
[ 2711.188896] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000000
[ 2711.189871] R13: 00007ffc8fa2e86f R14: 00007f75078cd300 R15: 0000000000022000
[ 2711.191049]  </TASK>
09:01:59 executing program 7:
openat$sndseq(0xffffffffffffff9c, 0x0, 0x0)
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{0x0}, {&(0x7f0000000300)=""/165, 0xa5}], 0x2, 0x2000000, 0x0)

09:01:59 executing program 1:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{&(0x7f0000000040)=""/35, 0x23}, {0x0, 0x2}, {&(0x7f0000000300)=""/165, 0xa5}], 0x3, 0x100000, 0x0)

[ 2711.261472] Call Trace:
[ 2711.261986]  <IRQ>
[ 2711.262277]  x86_pmu_stop+0x149/0x330
[ 2711.262843]  x86_pmu_del+0x1be/0x610
[ 2711.263376]  event_sched_out+0x2ed/0xe80
[ 2711.263958]  __perf_remove_from_context+0x87/0xbe0
[ 2711.264718]  event_function+0x297/0x3d0
[ 2711.265257]  ? perf_uprobe_event_init+0x1c0/0x1c0
[ 2711.265923]  remote_function+0x125/0x1b0
[ 2711.266558]  flush_smp_call_function_queue+0x1df/0x610
[ 2711.267273]  ? perf_duration_warn+0x40/0x40
[ 2711.267883]  __sysvec_call_function_single+0x92/0x3a0
[ 2711.268643]  sysvec_call_function_single+0x89/0xc0
[ 2711.269282]  </IRQ>
[ 2711.269567]  <TASK>
[ 2711.269861]  asm_sysvec_call_function_single+0x12/0x20
[ 2711.270565] RIP: 0010:_raw_spin_unlock_irqrestore+0x2e/0x50
[ 2711.271354] Code: 48 83 c7 18 53 48 89 f3 48 8b 74 24 10 e8 7a 02 15 fd 48 89 ef e8 72 7f 15 fd 80 e7 02 74 06 e8 38 ae 36 fd fb bf 01 00 00 00 <e8> 6d 8b 0b fd 65 8b 05 e6 92 ee 7b 85 c0 74 03 5b 5d c3 0f 1f 44
[ 2711.273949] RSP: 0018:ffff888015cf76d0 EFLAGS: 00000206
[ 2711.274681] RAX: 00000000001fea7d RBX: 0000000000000246 RCX: ffffffff81283e5f
[ 2711.275640] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000001
[ 2711.276654] RBP: ffffffff852c2200 R08: 0000000000000001 R09: ffffffff86a3e797
[ 2711.277627] R10: fffffbfff0d47cf2 R11: 0000000000000001 R12: 0000000000000cc0
[ 2711.278588] R13: 0000000000000000 R14: 0000000000000cc0 R15: 0000000000000cc0
[ 2711.279571]  ? mark_lock.part.0+0xef/0x2f60
[ 2711.280171]  kmem_cache_alloc+0x239/0x480
[ 2711.280806]  ptlock_alloc+0x1d/0x70
[ 2711.281305]  pte_alloc_one+0x68/0x1f0
[ 2711.281825]  __pte_alloc+0x69/0x200
[ 2711.282312]  ? pmd_install+0x250/0x250
[ 2711.282843]  copy_page_range+0x1b8b/0x3ed0
[ 2711.283460]  ? vm_iomap_memory+0x190/0x190
[ 2711.284033]  ? down_write+0xde/0x150
[ 2711.284563]  ? __sanitizer_cov_trace_cmp8+0x1d/0x70
[ 2711.285251]  ? __vma_link_rb+0x540/0x700
[ 2711.285786]  dup_mm+0x961/0x1250
[ 2711.286250]  ? replace_mm_exe_file+0x490/0x490
[ 2711.286831]  ? __raw_spin_lock_init+0x36/0x110
[ 2711.287436]  copy_process+0x6946/0x6d60
[ 2711.287969]  ? lock_is_held_type+0xd7/0x130
[ 2711.288581]  ? __cleanup_sighand+0xb0/0xb0
[ 2711.289143]  ? do_raw_spin_unlock+0x4f/0x210
[ 2711.289721]  ? _raw_spin_unlock+0x24/0x40
[ 2711.290261]  ? do_wp_page+0x28d/0x24d0
[ 2711.290787]  ? kernel_clone+0x2f8/0xa60
[ 2711.291311]  kernel_clone+0xe7/0xa60
[ 2711.291796]  ? __handle_mm_fault+0x9f3/0x35c0
[ 2711.292450]  ? create_io_thread+0xf0/0xf0
[ 2711.293007]  ? lock_is_held_type+0xd7/0x130
[ 2711.293585]  ? lock_is_held_type+0xd7/0x130
[ 2711.294167]  ? find_held_lock+0x2c/0x110
[ 2711.294714]  ? lock_release+0x3b2/0x6f0
[ 2711.295294]  __do_sys_clone+0xc8/0x110
[ 2711.295876]  ? __do_sys_vfork+0xd0/0xd0
[ 2711.296466]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2711.297185]  do_syscall_64+0x3b/0x90
[ 2711.297740]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2711.298451] RIP: 0033:0x7f457d3e710b
[ 2711.298960] Code: ed 0f 85 60 01 00 00 64 4c 8b 0c 25 10 00 00 00 45 31 c0 4d 8d 91 d0 02 00 00 31 d2 31 f6 bf 11 00 20 01 b8 38 00 00 00 0f 05 <48> 3d 00 f0 ff ff 0f 87 89 00 00 00 41 89 c5 85 c0 0f 85 90 00 00
[ 2711.301607] RSP: 002b:00007ffd02448650 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[ 2711.302702] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f457d3e710b
[ 2711.303677] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011
[ 2711.304812] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000555556e5e400
[ 2711.305781] R10: 0000555556e5e6d0 R11: 0000000000000246 R12: 0000000000000001
[ 2711.306792] R13: 0000000000000001 R14: 0000000000000001 R15: 00007ffd02448730
[ 2711.307787]  </TASK>
09:01:59 executing program 6:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{&(0x7f0000000040)=""/35, 0x23}, {0x0}, {&(0x7f0000000300)=""/165, 0xa5}], 0x3, 0x4c00, 0x0)

09:01:59 executing program 3:
socketpair$unix(0x1, 0x5, 0x0, 0x0)
sendmsg$unix(0xffffffffffffffff, 0x0, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
pwritev(r0, &(0x7f0000000640)=[{&(0x7f00000002c0)="19", 0x1}], 0x1, 0x8000000, 0x0)
sendmsg$unix(0xffffffffffffffff, &(0x7f0000000d00)={&(0x7f00000001c0)=@abs={0x1, 0x0, 0x4e24}, 0x6e, &(0x7f0000000340)=[{&(0x7f0000000240)="b3d41833cb34dd5578e5cd13374abfd6fb54a049dd355749299adf83e87a2e1dde37bfca57e7cb7b31c24d0b32dcdca364d7e8bc0be2b652b772f1bf81cae08816326f7f218d67a096fe96066755d9549ed8c280a4e42633db4d2be669f1", 0x5e}, {&(0x7f0000000440)="0236b607c232b8623716e2498a4baff713b6b7dfe1f4ea4955bdca035c6731bf0e1abae5bfc25aacb5a0673a3825444dca133cd349fb4c1e68996d234fec843ea34f80f7d731aa8da3ce5bd49d1bf84e4dfc8ac080d23607bdb414b695851debbe8e38c6e69faf386f0efc68371cfc91cd0615181c98d3e582bedabeda31c8ee2499d1c95190750398523f9c754ec28d627bc45aec5f1392c4a0e6359fe022888719b1f2ea92b66ae56f8ad4866e94d1aa929593dd1bc19b2eb65a21cac1a0b66d0336ceca5655eb1c3acd9aa2aed226227400d91bc4bb84c0f499fc753af20e734cbb9b4fc2b4672123d5de54ce8c81844e", 0xf2}, {&(0x7f0000000300)="9ffbcbe50e29bdc065f7396e0db83afa5e1da3a79bba06d1b674066401f145aa1f00e08bc375211dd06ccf332dc5cf5b", 0x30}, {&(0x7f0000000540)="201d6dfc0ef25d976387550535d4a640ac6bba4a25d3dbcb50888e2f3732ec8a041072e2ebaed30cf968850fba83d420e92e7edfb722e55ae98cd84e0ac62626712ac2f5dfb4fb0cd251eb393969bb5ebd7ebfc7459c7e0957aa769d2a6c6e6755b0ade362fc5ea9b34c7c64371c6089cb85ae60a6eab9c7634637cf9f735dce9aa61e881f0791ff4ee7cb916f91963b862175daf5e4056ceaec7b6727925ac0ef2ac188cf15601fcd3f2a19eff99c24e89e06e725", 0xb5}, {&(0x7f0000000680)="ee2bf7435d8fd3b6436d5998daf261017b9739f36211e4f205b038ed74b381619ab7192a718617e198f845747d96614cd9b8ebee914387b8832a843434ee95abc52e59d8102650c22d97f551fdc03544b8f039a786ae96dca7df9f38dd97089007e2a8e26cd56ba5d6b2d210247971b38ed02d73556b0d3ab5ea7964dd3aa0d542b070484272e60b36cb78082b661af910a16bb942f50f7ce43b2d1e5d11740a278d37aafb941671ff24b8f8ec8ae9491d937dc099778ad700c3d4fdd0e63b02f834445395e1a90458275a4b7c9e3906c4ee06b8a1d57b1b82af5db40d3cf24f8d86adb1311fc9", 0xe7}], 0x5, &(0x7f0000000c00)=[@cred={{0x1c, 0x1, 0x2, {0x0, 0xffffffffffffffff}}}, @rights={{0x24, 0x1, 0x1, [r0, r0, 0xffffffffffffffff, r0, 0xffffffffffffffff]}}, @rights={{0x30, 0x1, 0x1, [r0, 0xffffffffffffffff, r0, 0xffffffffffffffff, 0xffffffffffffffff, r0, 0xffffffffffffffff, r0]}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, r0, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x2c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, r0, 0xffffffffffffffff, r0]}}], 0xd0}, 0x4c480)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0)
r2 = socket$inet6(0xa, 0x1, 0x0)
bind$inet6(r2, &(0x7f00000002c0)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c)
mount$bind(&(0x7f00000000c0)='./file1\x00', &(0x7f0000000140)='./file1/file0\x00', &(0x7f0000000180), 0x28, 0x0)
recvfrom(r2, &(0x7f00000003c0)=""/87, 0x20010397, 0x300, 0x0, 0x0)
sendfile(r2, r1, 0x0, 0xfffffdef)
readv(0xffffffffffffffff, &(0x7f0000000040), 0x0)
openat$cgroup_freezer_state(0xffffffffffffffff, 0x0, 0x2, 0x0)
close(0xffffffffffffffff)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000001540), 0xffffffffffffffff)
sendmsg$NL80211_CMD_STOP_AP(r3, &(0x7f0000001600)={0x0, 0x0, &(0x7f00000015c0)={&(0x7f0000001580)={0x1c, 0x0, 0x1, 0x0, 0x0, {{}, {@val={0x8}, @void}}}, 0x1c}}, 0x0)
getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000000040), &(0x7f0000000080)=0xc)
syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x2200)

09:01:59 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, 0x0)
sendmsg$unix(0xffffffffffffffff, 0x0, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
pwritev(r0, &(0x7f0000000640)=[{&(0x7f00000002c0)="19", 0x1}], 0x1, 0x8000000, 0x0)
sendmsg$unix(0xffffffffffffffff, &(0x7f0000000d00)={&(0x7f00000001c0)=@abs={0x1, 0x0, 0x4e24}, 0x6e, &(0x7f0000000340)=[{&(0x7f0000000240)="b3d41833cb34dd5578e5cd13374abfd6fb54a049dd355749299adf83e87a2e1dde37bfca57e7cb7b31c24d0b32dcdca364d7e8bc0be2b652b772f1bf81cae08816326f7f218d67a096fe96066755d9549ed8c280a4e42633db4d2be669f1", 0x5e}, {&(0x7f0000000440)="0236b607c232b8623716e2498a4baff713b6b7dfe1f4ea4955bdca035c6731bf0e1abae5bfc25aacb5a0673a3825444dca133cd349fb4c1e68996d234fec843ea34f80f7d731aa8da3ce5bd49d1bf84e4dfc8ac080d23607bdb414b695851debbe8e38c6e69faf386f0efc68371cfc91cd0615181c98d3e582bedabeda31c8ee2499d1c95190750398523f9c754ec28d627bc45aec5f1392c4a0e6359fe022888719b1f2ea92b66ae56f8ad4866e94d1aa929593dd1bc19b2eb65a21cac1a0b66d0336ceca5655eb1c3acd9aa2aed226227400d91bc4bb84c0f499fc753af20e734cbb9b4fc2b4672123d5de54ce8c81844e", 0xf2}, {&(0x7f0000000300)="9ffbcbe50e29bdc065f7396e0db83afa5e1da3a79bba06d1b674066401f145aa1f00e08bc375211dd06ccf332dc5cf5b", 0x30}, {&(0x7f0000000540)="201d6dfc0ef25d976387550535d4a640ac6bba4a25d3dbcb50888e2f3732ec8a041072e2ebaed30cf968850fba83d420e92e7edfb722e55ae98cd84e0ac62626712ac2f5dfb4fb0cd251eb393969bb5ebd7ebfc7459c7e0957aa769d2a6c6e6755b0ade362fc5ea9b34c7c64371c6089cb85ae60a6eab9c7634637cf9f735dce9aa61e881f0791ff4ee7cb916f91963b862175daf5e4056ceaec7b6727925ac0ef2ac188cf15601fcd3f2a19eff99c24e89e06e725", 0xb5}, {&(0x7f0000000680)="ee2bf7435d8fd3b6436d5998daf261017b9739f36211e4f205b038ed74b381619ab7192a718617e198f845747d96614cd9b8ebee914387b8832a843434ee95abc52e59d8102650c22d97f551fdc03544b8f039a786ae96dca7df9f38dd97089007e2a8e26cd56ba5d6b2d210247971b38ed02d73556b0d3ab5ea7964dd3aa0d542b070484272e60b36cb78082b661af910a16bb942f50f7ce43b2d1e5d11740a278d37aafb941671ff24b8f8ec8ae9491d937dc099778ad700c3d4fdd0e63b02f834445395e1a90458275a4b7c9e3906c4ee06b8a1d57b1b82af5db40d3cf24f8d86adb1311fc9", 0xe7}], 0x5, &(0x7f0000000c00)=[@cred={{0x1c, 0x1, 0x2, {0x0, 0xffffffffffffffff}}}, @rights={{0x24, 0x1, 0x1, [r0, r0, 0xffffffffffffffff, r0, 0xffffffffffffffff]}}, @rights={{0x30, 0x1, 0x1, [r0, 0xffffffffffffffff, r0, 0xffffffffffffffff, 0xffffffffffffffff, r0, 0xffffffffffffffff, r0]}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, r0, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x2c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, r0, 0xffffffffffffffff, r0]}}], 0xd0}, 0x4c480)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0)
r2 = socket$inet6(0xa, 0x1, 0x0)
bind$inet6(r2, &(0x7f00000002c0)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c)
mount$bind(&(0x7f00000000c0)='./file1\x00', &(0x7f0000000140)='./file1/file0\x00', &(0x7f0000000180), 0x28, 0x0)
recvfrom(r2, &(0x7f00000003c0)=""/87, 0x20010397, 0x300, 0x0, 0x0)
sendfile(r2, r1, 0x0, 0xfffffdef)
readv(0xffffffffffffffff, &(0x7f0000000040), 0x0)
openat$cgroup_freezer_state(0xffffffffffffffff, 0x0, 0x2, 0x0)
close(0xffffffffffffffff)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000001540), 0xffffffffffffffff)
sendmsg$NL80211_CMD_STOP_AP(r3, &(0x7f0000001600)={0x0, 0x0, &(0x7f00000015c0)={&(0x7f0000001580)={0x1c, 0x0, 0x1, 0x0, 0x0, {{}, {@val={0x8}, @void}}}, 0x1c}}, 0x0)
getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000000040), &(0x7f0000000080)=0xc)
syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x2200)

[ 2711.411804] Call Trace:
[ 2711.412270]  <TASK>
[ 2711.412576]  ? x86_pmu_start+0x1c0/0x240
[ 2711.413139]  x86_pmu_enable+0x580/0xd90
[ 2711.413664]  ? amd_pmu_disable_virt+0xa0/0xa0
[ 2711.414274]  ctx_resched+0x2b9/0x3a0
[ 2711.414777]  __perf_install_in_context+0x285/0xa40
[ 2711.415441]  ? ctx_resched+0x3a0/0x3a0
[ 2711.415947]  remote_function+0x125/0x1b0
[ 2711.416555]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
09:01:59 executing program 7:
openat$sndseq(0xffffffffffffff9c, 0x0, 0x0)
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{0x0}, {&(0x7f0000000300)=""/165, 0xa5}], 0x2, 0x3000000, 0x0)

09:01:59 executing program 2:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NLBL_MGMT_C_VERSION(r0, &(0x7f00000001c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x24, 0x0, 0x100, 0x70bd25, 0x25dfdbfd, {}, [@NLBL_MGMT_A_PROTOCOL={0x8}, @NLBL_MGMT_A_FAMILY={0x6, 0xb, 0x1}]}, 0x24}, 0x1, 0x0, 0x0, 0x4001}, 0x4080)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$netlbl_cipso(&(0x7f0000000340), r1)
sendmsg$NLBL_CIPSOV4_C_LIST(r1, &(0x7f0000000c80)={0x0, 0x0, &(0x7f0000000c40)={&(0x7f0000000980)={0x18, r2, 0x1, 0x0, 0x0, {}, [@NLBL_CIPSOV4_A_MLSLVLLST={0x4}]}, 0x18}}, 0x0)
ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000180)={'wpan0\x00', <r3=>0x0})
r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000780), r5)
sendmsg$IEEE802154_LLSEC_SETPARAMS(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000400)={0x24, r6, 0x10d, 0x0, 0x0, {}, [@IEEE802154_ATTR_DEV_INDEX={0x8, 0x2, r3}, @IEEE802154_ATTR_LLSEC_SECLEVEL={0x5, 0x2a, 0x20}]}, 0x24}}, 0x0)
r7 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000080), r7)
sendmsg$NLBL_MGMT_C_ADD(r7, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)={0x4c, r8, 0x1, 0x0, 0x0, {}, [@NLBL_MGMT_A_DOMAIN={0x6, 0x1, '%\x00'}, @NLBL_MGMT_A_IPV6ADDR={0x14, 0x5, @local}, @NLBL_MGMT_A_IPV6MASK={0x14, 0x6, @mcast1}, @NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x5}]}, 0x4c}, 0x1, 0x700000000000000}, 0x0)

[ 2711.417287]  ? perf_duration_warn+0x40/0x40
[ 2711.418137]  generic_exec_single+0x203/0x300
[ 2711.418740]  smp_call_function_single+0x189/0x460
[ 2711.419367]  ? perf_duration_warn+0x40/0x40
[ 2711.419937]  ? generic_exec_single+0x300/0x300
[ 2711.420588]  ? perf_duration_warn+0x40/0x40
[ 2711.421179]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 2711.421926]  ? lock_is_held_type+0xd7/0x130
[ 2711.422532]  perf_install_in_context+0x4da/0x590
[ 2711.423168]  ? list_add_event+0xeb0/0xeb0
[ 2711.423715]  ? ctx_resched+0x3a0/0x3a0
[ 2711.424298]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 2711.425029]  ? exclusive_event_installable+0x254/0x320
[ 2711.425737]  __do_sys_perf_event_open+0x1bf0/0x3040
[ 2711.426415]  ? perf_remove_from_context+0x260/0x260
[ 2711.427058]  ? xfd_validate_state+0x59/0x180
[ 2711.427636]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2711.428358]  do_syscall_64+0x3b/0x90
[ 2711.428833]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2711.429501] RIP: 0033:0x7f750a357b19
[ 2711.429971] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2711.432315] RSP: 002b:00007f75078cd188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a
[ 2711.433359] RAX: ffffffffffffffda RBX: 00007f750a46af60 RCX: 00007f750a357b19
[ 2711.434312] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000c00
[ 2711.435236] RBP: 00007f750a3b1f6d R08: 0000000000000000 R09: 0000000000000000
[ 2711.436427] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000000
[ 2711.437354] R13: 00007ffc8fa2e86f R14: 00007f75078cd300 R15: 0000000000022000
[ 2711.438322]  </TASK>
09:01:59 executing program 1:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{&(0x7f0000000040)=""/35, 0x23}, {0x0, 0x2}, {&(0x7f0000000300)=""/165, 0xa5}], 0x3, 0xf0ff1f, 0x0)

09:01:59 executing program 6:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{&(0x7f0000000040)=""/35, 0x23}, {0x0}, {&(0x7f0000000300)=""/165, 0xa5}], 0x3, 0x6800, 0x0)

[ 2711.524989] Call Trace:
[ 2711.525503]  <TASK>
[ 2711.525805]  x86_pmu_stop+0x149/0x330
[ 2711.526332]  x86_pmu_del+0x1be/0x610
[ 2711.526878]  event_sched_out+0x2ed/0xe80
[ 2711.527507]  __perf_remove_from_context+0x87/0xbe0
[ 2711.528192]  event_function+0x297/0x3d0
[ 2711.528813]  ? perf_uprobe_event_init+0x1c0/0x1c0
[ 2711.529484]  remote_function+0x125/0x1b0
[ 2711.530042]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 2711.530762]  ? perf_duration_warn+0x40/0x40
[ 2711.531333]  generic_exec_single+0x203/0x300
[ 2711.531955]  smp_call_function_single+0x189/0x460
[ 2711.532612]  ? perf_duration_warn+0x40/0x40
[ 2711.533220]  ? generic_exec_single+0x300/0x300
[ 2711.533866]  ? perf_duration_warn+0x40/0x40
[ 2711.534504]  ? lock_is_held_type+0xd7/0x130
[ 2711.535106]  event_function_call+0x3d0/0x430
[ 2711.535739]  ? perf_group_detach+0x11b0/0x11b0
[ 2711.536437]  ? perf_copy_attr+0x9c0/0x9c0
[ 2711.537006]  ? lock_release+0x3b2/0x6f0
[ 2711.537557]  ? perf_group_detach+0x11b0/0x11b0
[ 2711.538174]  ? perf_uprobe_event_init+0x1c0/0x1c0
[ 2711.538772]  ? _raw_spin_unlock_irq+0x1f/0x40
[ 2711.539356]  perf_remove_from_context+0x12e/0x260
[ 2711.540044]  perf_event_release_kernel+0x153/0x7f0
[ 2711.540763]  ? lock_is_held_type+0xd7/0x130
[ 2711.541364]  ? perf_pmu_migrate_context+0xae0/0xae0
[ 2711.542049]  ? lock_is_held_type+0xd7/0x130
[ 2711.542660]  perf_release+0x33/0x40
[ 2711.543169]  __fput+0x272/0x9d0
[ 2711.543634]  ? perf_event_release_kernel+0x7f0/0x7f0
[ 2711.544406]  task_work_run+0xe2/0x1a0
[ 2711.544944]  do_exit+0xaf7/0x27e0
[ 2711.545407]  ? find_held_lock+0x2c/0x110
[ 2711.545992]  ? lock_release+0x3b2/0x6f0
[ 2711.546540]  ? mm_update_next_owner+0x7d0/0x7d0
[ 2711.547184]  ? lock_downgrade+0x6d0/0x6d0
[ 2711.547773]  ? lock_is_held_type+0xd7/0x130
[ 2711.548437]  do_group_exit+0xd2/0x2f0
[ 2711.548967]  get_signal+0x2303/0x2350
[ 2711.549514]  ? lock_downgrade+0x6d0/0x6d0
[ 2711.550107]  ? signal_setup_done+0x520/0x520
[ 2711.550719]  ? lock_is_held_type+0xd7/0x130
[ 2711.551320]  arch_do_signal_or_restart+0x88/0x1a40
[ 2711.552007]  ? __do_sys_perf_event_open+0xd2/0x3040
[ 2711.552727]  ? get_sigframe_size+0x10/0x10
[ 2711.553322]  ? perf_remove_from_context+0x260/0x260
[ 2711.554054]  ? xfd_validate_state+0x59/0x180
[ 2711.554705]  exit_to_user_mode_prepare+0x131/0x1a0
[ 2711.555412]  syscall_exit_to_user_mode+0x19/0x50
[ 2711.556076]  do_syscall_64+0x48/0x90
[ 2711.556618]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2711.557318] RIP: 0033:0x7f750a357b19
[ 2711.557832] Code: Unable to access opcode bytes at RIP 0x7f750a357aef.
[ 2711.558720] RSP: 002b:00007f75078cd188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a
[ 2711.559807] RAX: 0000000000000003 RBX: 00007f750a46af60 RCX: 00007f750a357b19
[ 2711.560835] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000c00
[ 2711.561814] RBP: 00007f750a3b1f6d R08: 0000000000000000 R09: 0000000000000000
[ 2711.562772] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000000
[ 2711.563745] R13: 00007ffc8fa2e86f R14: 00007f75078cd300 R15: 0000000000022000
[ 2711.564822]  </TASK>
09:02:15 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, 0x0)
sendmsg$unix(0xffffffffffffffff, 0x0, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
pwritev(r0, &(0x7f0000000640)=[{&(0x7f00000002c0)="19", 0x1}], 0x1, 0x8000000, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0)
r2 = socket$inet6(0xa, 0x1, 0x0)
bind$inet6(r2, &(0x7f00000002c0)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c)
recvfrom(r2, &(0x7f00000003c0)=""/87, 0x20010397, 0x300, 0x0, 0x0)
sendfile(r2, r1, 0x0, 0xfffffdef)
readv(0xffffffffffffffff, &(0x7f0000000040), 0x0)
ioctl$KDSKBMODE(r0, 0x4b45, &(0x7f00000000c0)=0x3)
openat$cgroup_freezer_state(0xffffffffffffffff, 0x0, 0x2, 0x0)
close(0xffffffffffffffff)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000001540), 0xffffffffffffffff)
sendmsg$NL80211_CMD_STOP_AP(r3, &(0x7f0000001600)={0x0, 0x0, &(0x7f00000015c0)={&(0x7f0000001580)={0x1c, 0x0, 0x1, 0x0, 0x25dfdbfd, {{}, {@val={0x8}, @void}}}, 0x1c}}, 0x0)
getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000000040), &(0x7f0000000080)=0xc)
syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x2200)

09:02:15 executing program 7:
openat$sndseq(0xffffffffffffff9c, 0x0, 0x0)
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{0x0}, {&(0x7f0000000300)=""/165, 0xa5}], 0x2, 0x4000000, 0x0)

09:02:15 executing program 3:
socketpair$unix(0x1, 0x5, 0x0, 0x0)
sendmsg$unix(0xffffffffffffffff, 0x0, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
pwritev(r0, &(0x7f0000000640)=[{&(0x7f00000002c0)="19", 0x1}], 0x1, 0x8000000, 0x0)
sendmsg$unix(0xffffffffffffffff, &(0x7f0000000d00)={&(0x7f00000001c0)=@abs={0x1, 0x0, 0x4e24}, 0x6e, &(0x7f0000000340)=[{&(0x7f0000000240)="b3d41833cb34dd5578e5cd13374abfd6fb54a049dd355749299adf83e87a2e1dde37bfca57e7cb7b31c24d0b32dcdca364d7e8bc0be2b652b772f1bf81cae08816326f7f218d67a096fe96066755d9549ed8c280a4e42633db4d2be669f1", 0x5e}, {&(0x7f0000000440)="0236b607c232b8623716e2498a4baff713b6b7dfe1f4ea4955bdca035c6731bf0e1abae5bfc25aacb5a0673a3825444dca133cd349fb4c1e68996d234fec843ea34f80f7d731aa8da3ce5bd49d1bf84e4dfc8ac080d23607bdb414b695851debbe8e38c6e69faf386f0efc68371cfc91cd0615181c98d3e582bedabeda31c8ee2499d1c95190750398523f9c754ec28d627bc45aec5f1392c4a0e6359fe022888719b1f2ea92b66ae56f8ad4866e94d1aa929593dd1bc19b2eb65a21cac1a0b66d0336ceca5655eb1c3acd9aa2aed226227400d91bc4bb84c0f499fc753af20e734cbb9b4fc2b4672123d5de54ce8c81844e", 0xf2}, {&(0x7f0000000300)="9ffbcbe50e29bdc065f7396e0db83afa5e1da3a79bba06d1b674066401f145aa1f00e08bc375211dd06ccf332dc5cf5b", 0x30}, {&(0x7f0000000540)="201d6dfc0ef25d976387550535d4a640ac6bba4a25d3dbcb50888e2f3732ec8a041072e2ebaed30cf968850fba83d420e92e7edfb722e55ae98cd84e0ac62626712ac2f5dfb4fb0cd251eb393969bb5ebd7ebfc7459c7e0957aa769d2a6c6e6755b0ade362fc5ea9b34c7c64371c6089cb85ae60a6eab9c7634637cf9f735dce9aa61e881f0791ff4ee7cb916f91963b862175daf5e4056ceaec7b6727925ac0ef2ac188cf15601fcd3f2a19eff99c24e89e06e725", 0xb5}, {&(0x7f0000000680)="ee2bf7435d8fd3b6436d5998daf261017b9739f36211e4f205b038ed74b381619ab7192a718617e198f845747d96614cd9b8ebee914387b8832a843434ee95abc52e59d8102650c22d97f551fdc03544b8f039a786ae96dca7df9f38dd97089007e2a8e26cd56ba5d6b2d210247971b38ed02d73556b0d3ab5ea7964dd3aa0d542b070484272e60b36cb78082b661af910a16bb942f50f7ce43b2d1e5d11740a278d37aafb941671ff24b8f8ec8ae9491d937dc099778ad700c3d4fdd0e63b02f834445395e1a90458275a4b7c9e3906c4ee06b8a1d57b1b82af5db40d3cf24f8d86adb1311fc9", 0xe7}], 0x5, &(0x7f0000000c00)=[@cred={{0x1c, 0x1, 0x2, {0x0, 0xffffffffffffffff}}}, @rights={{0x24, 0x1, 0x1, [r0, r0, 0xffffffffffffffff, r0, 0xffffffffffffffff]}}, @rights={{0x30, 0x1, 0x1, [r0, 0xffffffffffffffff, r0, 0xffffffffffffffff, 0xffffffffffffffff, r0, 0xffffffffffffffff, r0]}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, r0, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x2c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, r0, 0xffffffffffffffff, r0]}}], 0xd0}, 0x4c480)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0)
r2 = socket$inet6(0xa, 0x1, 0x0)
bind$inet6(r2, &(0x7f00000002c0)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c)
mount$bind(&(0x7f00000000c0)='./file1\x00', &(0x7f0000000140)='./file1/file0\x00', &(0x7f0000000180), 0x28, 0x0)
recvfrom(r2, &(0x7f00000003c0)=""/87, 0x20010397, 0x300, 0x0, 0x0)
sendfile(r2, r1, 0x0, 0xfffffdef)
readv(0xffffffffffffffff, &(0x7f0000000040), 0x0)
openat$cgroup_freezer_state(0xffffffffffffffff, 0x0, 0x2, 0x0)
close(0xffffffffffffffff)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000001540), 0xffffffffffffffff)
sendmsg$NL80211_CMD_STOP_AP(r3, &(0x7f0000001600)={0x0, 0x0, &(0x7f00000015c0)={&(0x7f0000001580)={0x1c, 0x0, 0x1, 0x0, 0x0, {{}, {@val={0x8}, @void}}}, 0x1c}}, 0x0)
getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000000040), &(0x7f0000000080)=0xc)
syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x2200)

09:02:15 executing program 6:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{&(0x7f0000000040)=""/35, 0x23}, {0x0}, {&(0x7f0000000300)=""/165, 0xa5}], 0x3, 0x6c00, 0x0)

09:02:15 executing program 2:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NLBL_MGMT_C_VERSION(r0, &(0x7f00000001c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x24, 0x0, 0x100, 0x70bd25, 0x25dfdbfd, {}, [@NLBL_MGMT_A_PROTOCOL={0x8}, @NLBL_MGMT_A_FAMILY={0x6, 0xb, 0x1}]}, 0x24}, 0x1, 0x0, 0x0, 0x4001}, 0x4080)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$netlbl_cipso(&(0x7f0000000340), r1)
sendmsg$NLBL_CIPSOV4_C_LIST(r1, &(0x7f0000000c80)={0x0, 0x0, &(0x7f0000000c40)={&(0x7f0000000980)={0x18, r2, 0x1, 0x0, 0x0, {}, [@NLBL_CIPSOV4_A_MLSLVLLST={0x4}]}, 0x18}}, 0x0)
ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000180)={'wpan0\x00'})
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ieee802154(&(0x7f0000000780), r3)
r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000080), r4)
sendmsg$NLBL_MGMT_C_ADD(r4, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)={0x4c, r5, 0x1, 0x0, 0x0, {}, [@NLBL_MGMT_A_DOMAIN={0x6, 0x1, '%\x00'}, @NLBL_MGMT_A_IPV6ADDR={0x14, 0x5, @local}, @NLBL_MGMT_A_IPV6MASK={0x14, 0x6, @mcast1}, @NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x5}]}, 0x4c}, 0x1, 0x700000000000000}, 0x0)

09:02:15 executing program 1:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{&(0x7f0000000040)=""/35, 0x23}, {0x0, 0x2}, {&(0x7f0000000300)=""/165, 0xa5}], 0x3, 0x1000000, 0x0)

09:02:15 executing program 0:
perf_event_open$cgroup(&(0x7f0000000c00)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x1012, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

09:02:15 executing program 5:
socketpair$unix(0x1, 0x5, 0x0, 0x0)
sendmsg$unix(0xffffffffffffffff, 0x0, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x101042, 0x0)
pwritev(r0, &(0x7f0000000640)=[{&(0x7f00000002c0)="19", 0x1}], 0x1, 0x8000000, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0)
r2 = socket$inet6(0xa, 0x1, 0x0)
bind$inet6(r2, &(0x7f00000002c0)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c)
recvfrom(r2, &(0x7f00000003c0)=""/87, 0x20010397, 0x300, 0x0, 0x0)
sendfile(r2, r1, 0x0, 0xfffffdef)
readv(0xffffffffffffffff, &(0x7f0000000040), 0x0)
ioctl$BTRFS_IOC_QUOTA_RESCAN_WAIT(0xffffffffffffffff, 0x942e, 0x0)
openat$cgroup_freezer_state(0xffffffffffffffff, 0x0, 0x2, 0x0)
close(0xffffffffffffffff)
ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(r0, 0x40106614, &(0x7f0000000140))
r3 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000001540), 0xffffffffffffffff)
sendmsg$NL80211_CMD_STOP_AP(r3, &(0x7f0000001600)={0x0, 0x0, &(0x7f00000015c0)={&(0x7f0000001580)={0x1c, 0x0, 0x1, 0x0, 0x0, {{}, {@val={0x8}, @void}}}, 0x1c}}, 0x0)
getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000000040), &(0x7f0000000080)=0xc)
syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x2200)

[ 2727.377824] Call Trace:
[ 2727.378253]  <TASK>
[ 2727.378555]  ? x86_pmu_start+0x1c0/0x240
[ 2727.379104]  x86_pmu_enable+0x580/0xd90
[ 2727.379637]  ? amd_pmu_disable_virt+0xa0/0xa0
[ 2727.380267]  ctx_resched+0x2b9/0x3a0
[ 2727.380836]  __perf_install_in_context+0x285/0xa40
[ 2727.381524]  ? ctx_resched+0x3a0/0x3a0
[ 2727.382075]  remote_function+0x125/0x1b0
[ 2727.382645]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 2727.383395]  ? perf_duration_warn+0x40/0x40
[ 2727.383972]  generic_exec_single+0x203/0x300
[ 2727.384613]  smp_call_function_single+0x189/0x460
[ 2727.385269]  ? perf_duration_warn+0x40/0x40
[ 2727.385899]  ? generic_exec_single+0x300/0x300
[ 2727.386538]  ? perf_duration_warn+0x40/0x40
[ 2727.387145]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 2727.387893]  ? lock_is_held_type+0xd7/0x130
[ 2727.388530]  perf_install_in_context+0x4da/0x590
[ 2727.389193]  ? list_add_event+0xeb0/0xeb0
[ 2727.390024]  ? ctx_resched+0x3a0/0x3a0
[ 2727.390559]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 2727.391295]  ? exclusive_event_installable+0x254/0x320
[ 2727.392026]  __do_sys_perf_event_open+0x1bf0/0x3040
[ 2727.392770]  ? __up_read+0x192/0x710
[ 2727.393282]  ? perf_remove_from_context+0x260/0x260
[ 2727.393951]  ? up_write+0x460/0x460
[ 2727.394454]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2727.395149]  do_syscall_64+0x3b/0x90
[ 2727.395676]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2727.396374] RIP: 0033:0x7f750a357b19
[ 2727.396941] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2727.399490] RSP: 002b:00007f75078cd188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a
[ 2727.400617] RAX: ffffffffffffffda RBX: 00007f750a46af60 RCX: 00007f750a357b19
[ 2727.401561] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000c00
[ 2727.402510] RBP: 00007f750a3b1f6d R08: 0000000000000000 R09: 0000000000000000
[ 2727.403513] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000000
[ 2727.404486] R13: 00007ffc8fa2e86f R14: 00007f75078cd300 R15: 0000000000022000
[ 2727.405432]  </TASK>
09:02:15 executing program 6:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{&(0x7f0000000040)=""/35, 0x23}, {0x0}, {&(0x7f0000000300)=""/165, 0xa5}], 0x3, 0x7400, 0x0)

09:02:15 executing program 1:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{&(0x7f0000000040)=""/35, 0x23}, {0x0, 0x2}, {&(0x7f0000000300)=""/165, 0xa5}], 0x3, 0x2000000, 0x0)

[ 2727.459559] Call Trace:
[ 2727.459939]  <IRQ>
[ 2727.460224]  x86_pmu_stop+0x149/0x330
[ 2727.460774]  x86_pmu_del+0x1be/0x610
[ 2727.461269]  event_sched_out+0x2ed/0xe80
[ 2727.461796]  __perf_remove_from_context+0x87/0xbe0
[ 2727.462436]  event_function+0x297/0x3d0
[ 2727.462934]  ? perf_uprobe_event_init+0x1c0/0x1c0
[ 2727.463583]  remote_function+0x125/0x1b0
[ 2727.464111]  flush_smp_call_function_queue+0x1df/0x610
[ 2727.464860]  ? perf_duration_warn+0x40/0x40
[ 2727.465426]  __sysvec_call_function_single+0x92/0x3a0
[ 2727.466105]  sysvec_call_function_single+0x89/0xc0
[ 2727.466746]  </IRQ>
[ 2727.467032]  <TASK>
[ 2727.467318]  asm_sysvec_call_function_single+0x12/0x20
[ 2727.467996] RIP: 0010:lock_acquire+0x1db/0x4d0
[ 2727.468643] Code: 02 b8 ff ff ff ff 65 0f c1 05 49 91 d9 7e 83 f8 01 0f 85 86 02 00 00 48 83 7c 24 08 00 74 01 fb 48 b8 00 00 00 00 00 fc ff df <48> 01 c3 48 c7 03 00 00 00 00 48 c7 43 08 00 00 00 00 48 8b 84 24
[ 2727.471001] RSP: 0018:ffff88804a3c75d8 EFLAGS: 00000206
[ 2727.471701] RAX: dffffc0000000000 RBX: 1ffff11009478ebd RCX: 000000008510dfec
[ 2727.472655] RDX: 1ffff110082a548c RSI: 0000000000000001 RDI: 0000000000000000
[ 2727.473577] RBP: 0000000000000000 R08: 0000000000000000 R09: ffffffff86a3e787
[ 2727.474504] R10: fffffbfff0d47cf0 R11: 0000000000000001 R12: 0000000000000002
[ 2727.475439] R13: 0000000000000000 R14: ffffffff85201dc0 R15: 0000000000000000
[ 2727.476381]  ? lock_acquire+0x1b2/0x4d0
[ 2727.476958]  ? lock_release+0x6f0/0x6f0
[ 2727.477469]  ? lock_is_held_type+0xd7/0x130
[ 2727.478020]  ? find_held_lock+0x2c/0x110
[ 2727.478560]  ? lock_release+0x3b2/0x6f0
[ 2727.479082]  ? unlock_page_memcg+0xbe/0x230
[ 2727.479660]  ? lock_downgrade+0x6d0/0x6d0
[ 2727.480211]  folio_memcg_lock+0x3a/0x490
[ 2727.480783]  ? mem_cgroup_get_oom_group+0x400/0x400
[ 2727.481446]  ? __pte_alloc_kernel+0x1c0/0x1c0
[ 2727.482052]  page_remove_rmap+0x1e/0x490
[ 2727.482587]  unmap_page_range+0x10eb/0x2680
[ 2727.483161]  ? vm_normal_page+0x2e0/0x2e0
[ 2727.483697]  ? lock_release+0x3b2/0x6f0
[ 2727.484213]  ? lock_downgrade+0x6d0/0x6d0
[ 2727.484821]  ? uprobe_munmap+0x1c/0x560
[ 2727.485345]  unmap_single_vma+0x198/0x310
[ 2727.485893]  unmap_vmas+0x16b/0x2f0
[ 2727.486373]  ? lock_downgrade+0x6d0/0x6d0
[ 2727.486909]  ? unmap_mapping_range+0x280/0x280
[ 2727.487491]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 2727.488295]  exit_mmap+0x192/0x460
[ 2727.488884]  ? do_munmap+0x40/0x40
[ 2727.489499]  ? delayed_uprobe_remove+0x27/0x230
[ 2727.490293]  mmput+0xc8/0x380
[ 2727.490838]  do_exit+0xa0a/0x27e0
[ 2727.491370]  ? find_held_lock+0x2c/0x110
[ 2727.491987]  ? lock_release+0x3b2/0x6f0
[ 2727.492658]  ? mm_update_next_owner+0x7d0/0x7d0
[ 2727.493335]  ? lock_downgrade+0x6d0/0x6d0
[ 2727.493978]  ? lock_is_held_type+0xd7/0x130
[ 2727.494718]  do_group_exit+0xd2/0x2f0
[ 2727.495335]  get_signal+0x2303/0x2350
[ 2727.495942]  ? lock_is_held_type+0xd7/0x130
[ 2727.496680]  ? signal_setup_done+0x520/0x520
[ 2727.497355]  ? call_rcu+0x585/0xa20
[ 2727.497942]  ? lockdep_hardirqs_on+0x79/0x100
[ 2727.498746]  arch_do_signal_or_restart+0x88/0x1a40
[ 2727.499604]  ? put_task_stack+0xe4/0x230
[ 2727.500260]  ? finish_task_switch.isra.0+0x650/0x870
[ 2727.501138]  ? get_sigframe_size+0x10/0x10
[ 2727.501830]  ? __schedule+0x895/0x2450
[ 2727.502472]  ? io_schedule_timeout+0x140/0x140
[ 2727.503201]  ? __x64_sys_openat+0x13f/0x1f0
[ 2727.503789]  ? __x64_sys_futex_time32+0x480/0x480
[ 2727.504605]  exit_to_user_mode_prepare+0x131/0x1a0
[ 2727.505338]  syscall_exit_to_user_mode+0x19/0x50
[ 2727.506000]  do_syscall_64+0x48/0x90
[ 2727.506533]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2727.507229] RIP: 0033:0x7f40f402eb19
[ 2727.507724] Code: Unable to access opcode bytes at RIP 0x7f40f402eaef.
[ 2727.508603] RSP: 002b:00007f40f15a4218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 2727.509652] RAX: 0000000000000001 RBX: 00007f40f4141f68 RCX: 00007f40f402eb19
[ 2727.510624] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f40f4141f6c
[ 2727.511565] RBP: 00007f40f4141f60 R08: 000000000000000e R09: 0000000000000000
[ 2727.512570] R10: 0000000000000003 R11: 0000000000000246 R12: 00007f40f4141f6c
[ 2727.513550] R13: 00007ffe1d72044f R14: 00007f40f15a4300 R15: 0000000000022000
[ 2727.514532]  </TASK>
09:02:15 executing program 7:
openat$sndseq(0xffffffffffffff9c, 0x0, 0x0)
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{0x0}, {&(0x7f0000000300)=""/165, 0xa5}], 0x2, 0x5000000, 0x0)

09:02:15 executing program 2:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NLBL_MGMT_C_VERSION(r0, &(0x7f00000001c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x24, 0x0, 0x100, 0x70bd25, 0x25dfdbfd, {}, [@NLBL_MGMT_A_PROTOCOL={0x8}, @NLBL_MGMT_A_FAMILY={0x6, 0xb, 0x1}]}, 0x24}, 0x1, 0x0, 0x0, 0x4001}, 0x4080)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$netlbl_cipso(&(0x7f0000000340), r1)
sendmsg$NLBL_CIPSOV4_C_LIST(r1, &(0x7f0000000c80)={0x0, 0x0, &(0x7f0000000c40)={&(0x7f0000000980)={0x18, r2, 0x1, 0x0, 0x0, {}, [@NLBL_CIPSOV4_A_MLSLVLLST={0x4}]}, 0x18}}, 0x0)
ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000180)={'wpan0\x00'})
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000080), r3)
sendmsg$NLBL_MGMT_C_ADD(r3, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)={0x4c, r4, 0x1, 0x0, 0x0, {}, [@NLBL_MGMT_A_DOMAIN={0x6, 0x1, '%\x00'}, @NLBL_MGMT_A_IPV6ADDR={0x14, 0x5, @local}, @NLBL_MGMT_A_IPV6MASK={0x14, 0x6, @mcast1}, @NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x5}]}, 0x4c}, 0x1, 0x700000000000000}, 0x0)

09:02:15 executing program 1:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{&(0x7f0000000040)=""/35, 0x23}, {0x0, 0x2}, {&(0x7f0000000300)=""/165, 0xa5}], 0x3, 0x3000000, 0x0)

09:02:15 executing program 7:
openat$sndseq(0xffffffffffffff9c, 0x0, 0x0)
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{0x0}, {&(0x7f0000000300)=""/165, 0xa5}], 0x2, 0x6000000, 0x0)

[ 2727.694503] Call Trace:
[ 2727.694935]  <IRQ>
[ 2727.695226]  ? x86_pmu_start+0x1c0/0x240
[ 2727.695789]  x86_pmu_enable+0x580/0xd90
[ 2727.696345]  ? amd_pmu_disable_virt+0xa0/0xa0
[ 2727.697092]  ctx_resched+0x2b9/0x3a0
[ 2727.697670]  __perf_install_in_context+0x285/0xa40
[ 2727.698456]  ? ctx_resched+0x3a0/0x3a0
[ 2727.699015]  remote_function+0x125/0x1b0
[ 2727.699565]  flush_smp_call_function_queue+0x1df/0x610
[ 2727.700279]  ? perf_duration_warn+0x40/0x40
[ 2727.700885]  __sysvec_call_function_single+0x92/0x3a0
[ 2727.701677]  sysvec_call_function_single+0x89/0xc0
[ 2727.702454]  </IRQ>
[ 2727.702804]  <TASK>
[ 2727.703145]  asm_sysvec_call_function_single+0x12/0x20
[ 2727.703901] RIP: 0010:__fget_light+0x1f2/0x270
[ 2727.704575] Code: b8 00 00 00 00 00 fc ff df 48 89 fa 48 c1 ea 03 0f b6 14 02 48 89 f8 83 e0 07 83 c0 03 38 d0 7c 04 84 d2 75 6e 45 23 6c 24 7c <31> ff 44 89 ee e8 f4 4d c0 ff 45 85 ed 0f 85 4b ff ff ff e8 46 4c
[ 2727.707219] RSP: 0018:ffff88804661fe60 EFLAGS: 00000246
[ 2727.708013] RAX: 0000000000000007 RBX: ffff88804a47d780 RCX: 0000000000000000
[ 2727.709048] RDX: 0000000000000000 RSI: ffffffff81836cb2 RDI: ffff88801b6687fc
[ 2727.710058] RBP: 00000000000000f0 R08: 00000000000000f0 R09: ffff88800cf5bc03
[ 2727.711109] R10: ffffffff81836c3c R11: 0000000000000001 R12: ffff88801b668780
[ 2727.712223] R13: 0000000000000000 R14: dffffc0000000000 R15: 00000000000003e8
[ 2727.713313]  ? __fget_light+0x14c/0x270
[ 2727.713852]  ? __fget_light+0x1c2/0x270
[ 2727.714407]  __fdget_pos+0x19/0x100
[ 2727.714928]  ksys_read+0x6e/0x250
[ 2727.715424]  ? __ia32_sys_pwrite64+0x220/0x220
[ 2727.716115]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2727.716954]  do_syscall_64+0x3b/0x90
[ 2727.717510]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2727.718235] RIP: 0033:0x7faa53e9a69c
[ 2727.718738] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 fc ff ff 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 2f fd ff ff 48
[ 2727.721457] RSP: 002b:00007ffd1c599210 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 2727.722539] RAX: ffffffffffffffda RBX: 00007ffd1c599240 RCX: 00007faa53e9a69c
[ 2727.723584] RDX: 00000000000003e8 RSI: 00007ffd1c599240 RDI: 00000000000000f0
[ 2727.724734] RBP: 0000000000000000 R08: 0000000000000000 R09: 00007ffd1c5990b0
[ 2727.725765] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2727.726779] R13: 0000000000000001 R14: 0000000000000001 R15: 00007ffd1c599700
[ 2727.727873]  </TASK>
09:02:15 executing program 2:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NLBL_MGMT_C_VERSION(r0, &(0x7f00000001c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x24, 0x0, 0x100, 0x70bd25, 0x25dfdbfd, {}, [@NLBL_MGMT_A_PROTOCOL={0x8}, @NLBL_MGMT_A_FAMILY={0x6, 0xb, 0x1}]}, 0x24}, 0x1, 0x0, 0x0, 0x4001}, 0x4080)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$netlbl_cipso(&(0x7f0000000340), r1)
sendmsg$NLBL_CIPSOV4_C_LIST(r1, &(0x7f0000000c80)={0x0, 0x0, &(0x7f0000000c40)={&(0x7f0000000980)={0x18, r2, 0x1, 0x0, 0x0, {}, [@NLBL_CIPSOV4_A_MLSLVLLST={0x4}]}, 0x18}}, 0x0)
ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000180)={'wpan0\x00'})
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000080), r3)
sendmsg$NLBL_MGMT_C_ADD(r3, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)={0x4c, r4, 0x1, 0x0, 0x0, {}, [@NLBL_MGMT_A_DOMAIN={0x6, 0x1, '%\x00'}, @NLBL_MGMT_A_IPV6ADDR={0x14, 0x5, @local}, @NLBL_MGMT_A_IPV6MASK={0x14, 0x6, @mcast1}, @NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x5}]}, 0x4c}, 0x1, 0x700000000000000}, 0x0)

09:02:16 executing program 7:
openat$sndseq(0xffffffffffffff9c, 0x0, 0x0)
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{0x0}, {&(0x7f0000000300)=""/165, 0xa5}], 0x2, 0x7000000, 0x0)

[ 2727.835737] Call Trace:
[ 2727.836176]  <IRQ>
[ 2727.836488]  x86_pmu_stop+0x149/0x330
[ 2727.837013]  x86_pmu_del+0x1be/0x610
[ 2727.837533]  event_sched_out+0x2ed/0xe80
[ 2727.838112]  __perf_remove_from_context+0x87/0xbe0
[ 2727.838824]  event_function+0x297/0x3d0
[ 2727.839431]  ? perf_uprobe_event_init+0x1c0/0x1c0
[ 2727.840150]  remote_function+0x125/0x1b0
[ 2727.840761]  flush_smp_call_function_queue+0x1df/0x610
[ 2727.841478]  ? perf_duration_warn+0x40/0x40
[ 2727.842067]  __sysvec_call_function_single+0x92/0x3a0
[ 2727.842761]  sysvec_call_function_single+0x89/0xc0
[ 2727.843419]  </IRQ>
[ 2727.843711]  <TASK>
[ 2727.843998]  asm_sysvec_call_function_single+0x12/0x20
[ 2727.844776] RIP: 0010:__orc_find+0x66/0xf0
[ 2727.845451] Code: 8d 6b 04 49 89 de 49 39 ec 72 4d 4c 89 e0 48 29 e8 48 89 c2 48 c1 e8 3f 48 c1 fa 02 48 01 d0 48 d1 f8 48 8d 5c 85 00 48 89 d8 <48> c1 e8 03 42 0f b6 14 38 48 89 d8 83 e0 07 83 c0 03 38 d0 7c 04
[ 2727.847903] RSP: 0018:ffff8880081df838 EFLAGS: 00000213
[ 2727.848663] RAX: ffffffff8590e1ec RBX: ffffffff8590e1ec RCX: ffffffff81003d41
[ 2727.849617] RDX: 000000000000001d RSI: ffffffff85be0f5c RDI: ffffffff8590e1b4
[ 2727.850583] RBP: ffffffff8590e1b4 R08: ffffffff85be0f5c R09: ffffffff85c189c4
[ 2727.851559] R10: ffffed100103bf39 R11: 000000000003403b R12: ffffffff8590e228
[ 2727.852595] R13: ffffffff8590e1b4 R14: ffffffff8590e1b4 R15: dffffc0000000000
[ 2727.853557]  ? ret_from_fork+0x21/0x30
[ 2727.854074]  ? arch_stack_walk+0x5f/0xf0
[ 2727.854614]  ? ret_from_fork+0x21/0x30
[ 2727.855133]  unwind_next_frame+0x32a/0x2250
[ 2727.855748]  ? ret_from_fork+0x22/0x30
[ 2727.856299]  ? deref_stack_reg+0x150/0x150
[ 2727.856893]  ? ret_from_fork+0x22/0x30
[ 2727.857402]  ? kernel_text_address+0xd/0xb0
[ 2727.857985]  ? create_prof_cpu_mask+0x20/0x20
[ 2727.858625]  arch_stack_walk+0x83/0xf0
[ 2727.859154]  ? ret_from_fork+0x22/0x30
[ 2727.859651]  ? rcu_core+0x7e5/0x1ff0
[ 2727.860133]  ? rcu_core+0x7e5/0x1ff0
[ 2727.860689]  stack_trace_save+0x8c/0xc0
[ 2727.861235]  ? filter_irq_stacks+0x90/0x90
[ 2727.861846]  ? rcu_core+0x7e5/0x1ff0
[ 2727.862350]  kasan_save_stack+0x1e/0x40
[ 2727.862863]  ? kasan_save_stack+0x1e/0x40
[ 2727.863430]  ? kasan_set_track+0x21/0x30
[ 2727.863974]  ? kasan_set_free_info+0x20/0x30
[ 2727.864591]  ? __kasan_slab_free+0x108/0x170
[ 2727.865185]  ? kmem_cache_free+0xe0/0x420
[ 2727.865748]  ? rcu_core+0x7e5/0x1ff0
[ 2727.866235]  ? __do_softirq+0x270/0x8c7
[ 2727.866766]  ? run_ksoftirqd+0x2d/0x60
[ 2727.867283]  ? smpboot_thread_fn+0x66f/0xa00
[ 2727.867857]  ? kthread+0x2f2/0x3b0
[ 2727.868326]  ? ret_from_fork+0x22/0x30
[ 2727.868912]  ? lockdep_hardirqs_on_prepare+0x400/0x400
[ 2727.869597]  ? lock_is_held_type+0xd7/0x130
[ 2727.870149]  ? find_held_lock+0x2c/0x110
[ 2727.870683]  ? lock_acquire+0x1b2/0x4d0
[ 2727.871203]  ? lock_release+0x6f0/0x6f0
[ 2727.871721]  kasan_set_track+0x21/0x30
[ 2727.872238]  kasan_set_free_info+0x20/0x30
[ 2727.872812]  __kasan_slab_free+0x108/0x170
[ 2727.873414]  kmem_cache_free+0xe0/0x420
[ 2727.873946]  rcu_core+0x7e5/0x1ff0
[ 2727.874439]  ? rcu_note_context_switch+0x19a0/0x19a0
[ 2727.875083]  ? lock_is_held_type+0xd7/0x130
[ 2727.875647]  __do_softirq+0x270/0x8c7
[ 2727.876182]  ? __irq_exit_rcu+0x170/0x170
[ 2727.876787]  run_ksoftirqd+0x2d/0x60
[ 2727.877273]  smpboot_thread_fn+0x66f/0xa00
[ 2727.877831]  ? sort_range+0x30/0x30
[ 2727.878305]  kthread+0x2f2/0x3b0
[ 2727.878747]  ? kthread_complete_and_exit+0x40/0x40
[ 2727.879369]  ret_from_fork+0x22/0x30
[ 2727.879859]  </TASK>
09:02:31 executing program 1:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{&(0x7f0000000040)=""/35, 0x23}, {0x0, 0x2}, {&(0x7f0000000300)=""/165, 0xa5}], 0x3, 0x4000000, 0x0)

09:02:31 executing program 3:
socketpair$unix(0x1, 0x5, 0x0, 0x0)
sendmsg$unix(0xffffffffffffffff, 0x0, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x101042, 0x0)
pwritev(r0, &(0x7f0000000640)=[{&(0x7f00000002c0)="19", 0x1}], 0x1, 0x8000000, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0)
r2 = socket$inet6(0xa, 0x1, 0x0)
bind$inet6(r2, &(0x7f00000002c0)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c)
recvfrom(r2, &(0x7f00000003c0)=""/87, 0x20010397, 0x300, 0x0, 0x0)
sendfile(r2, r1, 0x0, 0xfffffdef)
readv(0xffffffffffffffff, &(0x7f0000000040), 0x0)
ioctl$BTRFS_IOC_QUOTA_RESCAN_WAIT(0xffffffffffffffff, 0x942e, 0x0)
openat$cgroup_freezer_state(0xffffffffffffffff, 0x0, 0x2, 0x0)
close(0xffffffffffffffff)
ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(r0, 0x40106614, &(0x7f0000000140))
r3 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000001540), 0xffffffffffffffff)
sendmsg$NL80211_CMD_STOP_AP(r3, &(0x7f0000001600)={0x0, 0x0, &(0x7f00000015c0)={&(0x7f0000001580)={0x1c, 0x0, 0x1, 0x0, 0x0, {{}, {@val={0x8}, @void}}}, 0x1c}}, 0x0)
getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000000040), &(0x7f0000000080)=0xc)
syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x2200)

09:02:31 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, 0x0)
sendmsg$unix(0xffffffffffffffff, 0x0, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x101042, 0x0)
pwritev(r0, &(0x7f0000000640)=[{&(0x7f00000002c0)="19", 0x1}], 0x1, 0x8000000, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0)
r2 = socket$inet6(0xa, 0x1, 0x0)
bind$inet6(r2, &(0x7f00000002c0)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c)
recvfrom(r2, &(0x7f00000003c0)=""/87, 0x20010397, 0x300, 0x0, 0x0)
sendfile(r2, r1, 0x0, 0xfffffdef)
readv(0xffffffffffffffff, &(0x7f0000000040), 0x0)
ioctl$BTRFS_IOC_QUOTA_RESCAN_WAIT(0xffffffffffffffff, 0x942e, 0x0)
openat$cgroup_freezer_state(0xffffffffffffffff, 0x0, 0x2, 0x0)
close(0xffffffffffffffff)
ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(r0, 0x40106614, &(0x7f0000000140))
r3 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000001540), 0xffffffffffffffff)
sendmsg$NL80211_CMD_STOP_AP(r3, &(0x7f0000001600)={0x0, 0x0, &(0x7f00000015c0)={&(0x7f0000001580)={0x1c, 0x0, 0x1, 0x0, 0x0, {{}, {@val={0x8}, @void}}}, 0x1c}}, 0x0)
getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000000040), &(0x7f0000000080)=0xc)
syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x2200)

09:02:31 executing program 2:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NLBL_MGMT_C_VERSION(r0, &(0x7f00000001c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x24, 0x0, 0x100, 0x70bd25, 0x25dfdbfd, {}, [@NLBL_MGMT_A_PROTOCOL={0x8}, @NLBL_MGMT_A_FAMILY={0x6, 0xb, 0x1}]}, 0x24}, 0x1, 0x0, 0x0, 0x4001}, 0x4080)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$netlbl_cipso(&(0x7f0000000340), r1)
sendmsg$NLBL_CIPSOV4_C_LIST(r1, &(0x7f0000000c80)={0x0, 0x0, &(0x7f0000000c40)={&(0x7f0000000980)={0x18, r2, 0x1, 0x0, 0x0, {}, [@NLBL_CIPSOV4_A_MLSLVLLST={0x4}]}, 0x18}}, 0x0)
ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000180)={'wpan0\x00'})
r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000080), r3)
sendmsg$NLBL_MGMT_C_ADD(r3, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)={0x4c, r4, 0x1, 0x0, 0x0, {}, [@NLBL_MGMT_A_DOMAIN={0x6, 0x1, '%\x00'}, @NLBL_MGMT_A_IPV6ADDR={0x14, 0x5, @local}, @NLBL_MGMT_A_IPV6MASK={0x14, 0x6, @mcast1}, @NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x5}]}, 0x4c}, 0x1, 0x700000000000000}, 0x0)

09:02:31 executing program 7:
openat$sndseq(0xffffffffffffff9c, 0x0, 0x0)
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{0x0}, {&(0x7f0000000300)=""/165, 0xa5}], 0x2, 0xa000000, 0x0)

09:02:31 executing program 6:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{&(0x7f0000000040)=""/35, 0x23}, {0x0}, {&(0x7f0000000300)=""/165, 0xa5}], 0x3, 0x7a00, 0x0)

09:02:31 executing program 0:
perf_event_open$cgroup(&(0x7f0000000c00)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x1013, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

09:02:31 executing program 5:
socketpair$unix(0x1, 0x5, 0x0, 0x0)
sendmsg$unix(0xffffffffffffffff, 0x0, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
pwritev(r0, &(0x7f0000000640)=[{&(0x7f00000002c0)="19", 0x1}], 0x1, 0x8000000, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0)
r2 = socket$inet6(0xa, 0x1, 0x0)
bind$inet6(r2, &(0x7f00000002c0)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c)
recvfrom(r2, &(0x7f00000003c0)=""/87, 0x20010397, 0x300, 0x0, 0x0)
sendfile(r2, r1, 0x0, 0xfffffdef)
readv(0xffffffffffffffff, &(0x7f0000000040), 0x0)
openat$cgroup_freezer_state(0xffffffffffffffff, 0x0, 0x2, 0x0)
close(0xffffffffffffffff)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000001540), 0xffffffffffffffff)
sendmsg$NL80211_CMD_STOP_AP(r3, &(0x7f0000001600)={0x0, 0x0, &(0x7f00000015c0)={&(0x7f0000001580)=ANY=[@ANYBLOB="1c000000", @ANYRES16=0x0, @ANYBLOB="1700000000090000ff0000", @ANYRES32=0x0, @ANYBLOB], 0x1c}}, 0x0)
getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000000040), &(0x7f0000000080)=0xc)
syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x2200)

[ 2742.787835] Call Trace:
[ 2742.788288]  <IRQ>
[ 2742.788621]  ? x86_pmu_start+0x1c0/0x240
[ 2742.789240]  x86_pmu_enable+0x580/0xd90
[ 2742.789818]  ? amd_pmu_disable_virt+0xa0/0xa0
[ 2742.790451]  ctx_resched+0x2b9/0x3a0
[ 2742.790974]  __perf_install_in_context+0x285/0xa40
[ 2742.791651]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 2742.792408]  ? ctx_resched+0x3a0/0x3a0
[ 2742.792989]  remote_function+0x125/0x1b0
[ 2742.793570]  flush_smp_call_function_queue+0x1df/0x610
[ 2742.794293]  ? perf_duration_warn+0x40/0x40
[ 2742.794919]  __sysvec_call_function_single+0x92/0x3a0
[ 2742.795624]  sysvec_call_function_single+0x89/0xc0
[ 2742.796307]  </IRQ>
[ 2742.796602]  <TASK>
[ 2742.796960]  asm_sysvec_call_function_single+0x12/0x20
[ 2742.797671] RIP: 0010:stack_trace_consume_entry+0x4a/0x160
[ 2742.798455] Code: 04 02 84 c0 74 08 3c 03 0f 8e df 00 00 00 48 8d 7b 08 8b 6b 10 48 b8 00 00 00 00 00 fc ff df 48 89 fa 48 c1 ea 03 0f b6 04 02 <84> c0 74 08 3c 03 0f 8e a5 00 00 00 31 c0 3b 6b 08 0f 83 81 00 00
[ 2742.801053] RSP: 0018:ffff88800c9bf5a8 EFLAGS: 00000212
[ 2742.801843] RAX: 0000000000000000 RBX: ffff88800c9bf690 RCX: 0000000000000000
[ 2742.802876] RDX: 1ffff11001937ed3 RSI: ffffffff8411a67b RDI: ffff88800c9bf698
[ 2742.803842] RBP: 0000000000000005 R08: ffffffff85c08e68 R09: ffffffff85c08e6c
[ 2742.804902] R10: ffffed1001937ec6 R11: 000000000003403b R12: ffff88800c9bf690
[ 2742.805912] R13: 0000000000000000 R14: ffff88800db1b580 R15: ffff888018063b00
[ 2742.806966]  ? do_syscall_64+0x3b/0x90
[ 2742.807494]  ? unwind_get_return_address+0x51/0x90
[ 2742.808152]  ? create_prof_cpu_mask+0x20/0x20
[ 2742.808841]  arch_stack_walk+0x73/0xf0
[ 2742.809466]  ? do_syscall_64+0x3b/0x90
[ 2742.810064]  stack_trace_save+0x8c/0xc0
[ 2742.810621]  ? filter_irq_stacks+0x90/0x90
[ 2742.811197]  ? lockdep_init_map_type+0x21a/0x7e0
[ 2742.811891]  ? __raw_spin_lock_init+0x36/0x110
[ 2742.812619]  create_object.isra.0+0x372/0xa20
[ 2742.813297]  kmem_cache_alloc+0x239/0x480
[ 2742.813887]  vm_area_dup+0x78/0x290
[ 2742.814399]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[ 2742.815134]  ? copy_page_range+0x26fb/0x3ed0
[ 2742.815727]  ? lockdep_hardirqs_on_prepare+0x400/0x400
[ 2742.816465]  ? lock_is_held_type+0xd7/0x130
[ 2742.817050]  ? vm_area_alloc+0x110/0x110
[ 2742.817591]  ? dup_mm+0x6d2/0x1250
[ 2742.818099]  ? vm_iomap_memory+0x190/0x190
[ 2742.818699]  ? down_write+0xde/0x150
[ 2742.819192]  ? __sanitizer_cov_trace_cmp8+0x1d/0x70
[ 2742.819847]  ? __vma_link_rb+0x540/0x700
[ 2742.820419]  dup_mm+0x53f/0x1250
[ 2742.820920]  ? replace_mm_exe_file+0x490/0x490
[ 2742.821550]  ? __raw_spin_lock_init+0x36/0x110
[ 2742.822181]  copy_process+0x6946/0x6d60
[ 2742.822723]  ? lock_is_held_type+0xd7/0x130
[ 2742.823317]  ? __cleanup_sighand+0xb0/0xb0
[ 2742.823885]  ? do_raw_spin_unlock+0x4f/0x210
[ 2742.824486]  ? _raw_spin_unlock+0x24/0x40
[ 2742.825103]  ? do_wp_page+0x28d/0x24d0
[ 2742.825638]  ? kernel_clone+0x2f8/0xa60
[ 2742.826191]  kernel_clone+0xe7/0xa60
[ 2742.826712]  ? __handle_mm_fault+0x9f3/0x35c0
[ 2742.827333]  ? create_io_thread+0xf0/0xf0
[ 2742.827893]  ? lock_is_held_type+0xd7/0x130
[ 2742.828469]  ? lock_is_held_type+0xd7/0x130
[ 2742.829068]  ? find_held_lock+0x2c/0x110
[ 2742.829612]  ? lock_release+0x3b2/0x6f0
[ 2742.830160]  __do_sys_clone+0xc8/0x110
[ 2742.830691]  ? __do_sys_vfork+0xd0/0xd0
[ 2742.831257]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2742.831959]  do_syscall_64+0x3b/0x90
[ 2742.832442]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2742.833145] RIP: 0033:0x7f7e5487b10b
[ 2742.833656] Code: ed 0f 85 60 01 00 00 64 4c 8b 0c 25 10 00 00 00 45 31 c0 4d 8d 91 d0 02 00 00 31 d2 31 f6 bf 11 00 20 01 b8 38 00 00 00 0f 05 <48> 3d 00 f0 ff ff 0f 87 89 00 00 00 41 89 c5 85 c0 0f 85 90 00 00
[ 2742.836116] RSP: 002b:00007fffa39f9180 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[ 2742.837255] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f7e5487b10b
[ 2742.838218] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011
[ 2742.839219] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000555557379400
[ 2742.840234] R10: 00005555573796d0 R11: 0000000000000246 R12: 0000000000000001
[ 2742.841234] R13: 0000000000000000 R14: 0000000000000001 R15: 00007fffa39f9260
[ 2742.842270]  </TASK>
09:02:31 executing program 2:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NLBL_MGMT_C_VERSION(r0, &(0x7f00000001c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x24, 0x0, 0x100, 0x70bd25, 0x25dfdbfd, {}, [@NLBL_MGMT_A_PROTOCOL={0x8}, @NLBL_MGMT_A_FAMILY={0x6, 0xb, 0x1}]}, 0x24}, 0x1, 0x0, 0x0, 0x4001}, 0x4080)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$netlbl_cipso(&(0x7f0000000340), r1)
sendmsg$NLBL_CIPSOV4_C_LIST(r1, &(0x7f0000000c80)={0x0, 0x0, &(0x7f0000000c40)={&(0x7f0000000980)={0x18, r2, 0x1, 0x0, 0x0, {}, [@NLBL_CIPSOV4_A_MLSLVLLST={0x4}]}, 0x18}}, 0x0)
ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000180)={'wpan0\x00'})
r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000080), r3)
sendmsg$NLBL_MGMT_C_ADD(r3, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)={0x4c, r4, 0x1, 0x0, 0x0, {}, [@NLBL_MGMT_A_DOMAIN={0x6, 0x1, '%\x00'}, @NLBL_MGMT_A_IPV6ADDR={0x14, 0x5, @local}, @NLBL_MGMT_A_IPV6MASK={0x14, 0x6, @mcast1}, @NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x5}]}, 0x4c}, 0x1, 0x700000000000000}, 0x0)

09:02:31 executing program 6:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{&(0x7f0000000040)=""/35, 0x23}, {0x0}, {&(0x7f0000000300)=""/165, 0xa5}], 0x3, 0xa500, 0x0)

09:02:31 executing program 1:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{&(0x7f0000000040)=""/35, 0x23}, {0x0, 0x2}, {&(0x7f0000000300)=""/165, 0xa5}], 0x3, 0x5000000, 0x0)

09:02:31 executing program 7:
openat$sndseq(0xffffffffffffff9c, 0x0, 0x0)
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{0x0}, {&(0x7f0000000300)=""/165, 0xa5}], 0x2, 0x3f000000, 0x0)

09:02:31 executing program 6:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{&(0x7f0000000040)=""/35, 0x23}, {0x0}, {&(0x7f0000000300)=""/165, 0xa5}], 0x3, 0xbf00, 0x0)

[ 2743.002781] Call Trace:
[ 2743.003205]  <IRQ>
[ 2743.003499]  x86_pmu_stop+0x149/0x330
[ 2743.004028]  x86_pmu_del+0x1be/0x610
[ 2743.004531]  event_sched_out+0x2ed/0xe80
[ 2743.005093]  __perf_remove_from_context+0x87/0xbe0
[ 2743.005732]  event_function+0x297/0x3d0
[ 2743.006252]  ? perf_uprobe_event_init+0x1c0/0x1c0
[ 2743.006874]  remote_function+0x125/0x1b0
[ 2743.007395]  flush_smp_call_function_queue+0x1df/0x610
[ 2743.008086]  ? perf_duration_warn+0x40/0x40
[ 2743.008723]  __sysvec_call_function_single+0x92/0x3a0
[ 2743.009432]  sysvec_call_function_single+0x89/0xc0
[ 2743.010077]  </IRQ>
[ 2743.010367]  <TASK>
[ 2743.010660]  asm_sysvec_call_function_single+0x12/0x20
[ 2743.011343] RIP: 0010:syscall_enter_from_user_mode+0x27/0x50
[ 2743.012141] Code: fd 66 90 41 54 49 89 f4 55 48 89 fd 48 8b 7c 24 10 e8 ed f6 ff ff e8 b8 96 38 fd e8 83 93 38 fd fb 65 48 8b 04 25 40 6f 02 00 <48> 8b 70 08 40 f6 c6 3f 75 07 4c 89 e0 5d 41 5c c3 48 89 ef 5d 41
[ 2743.014637] RSP: 0018:ffff888015e97f28 EFLAGS: 00000202
[ 2743.015337] RAX: ffff8880405ed040 RBX: 0000000000000000 RCX: 1ffffffff0b1b2a1
[ 2743.016298] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 2743.017295] RBP: ffff888015e97f58 R08: 0000000000000001 R09: 0000000000000001
[ 2743.018261] R10: ffffffff814a8a78 R11: 0000000000000000 R12: 0000000000000003
[ 2743.019258] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 2743.020233]  ? trace_hardirqs_on+0x38/0x190
[ 2743.020838]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2743.021528]  do_syscall_64+0x16/0x90
[ 2743.022034]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2743.022701] RIP: 0033:0x7f928d2d672b
[ 2743.023209] Code: 0f 05 48 3d 00 f0 ff ff 77 45 c3 0f 1f 40 00 48 83 ec 18 89 7c 24 0c e8 63 fc ff ff 8b 7c 24 0c 41 89 c0 b8 03 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 35 44 89 c7 89 44 24 0c e8 a1 fc ff ff 8b 44
[ 2743.025622] RSP: 002b:00007ffe916ec940 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[ 2743.026702] RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 00007f928d2d672b
[ 2743.027641] RDX: ffffffffffffffbc RSI: ffffffff8411f74e RDI: 0000000000000006
[ 2743.028616] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000001b2db23870
[ 2743.029597] R10: 0000000000000f41 R11: 0000000000000293 R12: 000000000029da67
[ 2743.030529] R13: 00000000000003e8 R14: 00007f928d436f60 R15: 000000000029da42
[ 2743.031440]  ? syscall_exit_to_user_mode+0x1e/0x50
[ 2743.032099]  </TASK>
09:02:31 executing program 1:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{&(0x7f0000000040)=""/35, 0x23}, {0x0, 0x2}, {&(0x7f0000000300)=""/165, 0xa5}], 0x3, 0x6000000, 0x0)

09:02:31 executing program 7:
openat$sndseq(0xffffffffffffff9c, 0x0, 0x0)
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{0x0}, {&(0x7f0000000300)=""/165, 0xa5}], 0x2, 0x48000000, 0x0)

[ 2743.142362] Call Trace:
[ 2743.142819]  <IRQ>
[ 2743.143103]  ? x86_pmu_start+0x1c0/0x240
[ 2743.143636]  x86_pmu_enable+0x580/0xd90
[ 2743.144209]  ? amd_pmu_disable_virt+0xa0/0xa0
[ 2743.144843]  ctx_resched+0x2b9/0x3a0
[ 2743.145409]  __perf_install_in_context+0x285/0xa40
[ 2743.146116]  ? ctx_resched+0x3a0/0x3a0
[ 2743.146627]  remote_function+0x125/0x1b0
[ 2743.147201]  flush_smp_call_function_queue+0x1df/0x610
[ 2743.147914]  ? perf_duration_warn+0x40/0x40
[ 2743.148502]  __sysvec_call_function_single+0x92/0x3a0
[ 2743.149216]  sysvec_call_function_single+0x89/0xc0
[ 2743.149869]  </IRQ>
[ 2743.150175]  <TASK>
[ 2743.150484]  asm_sysvec_call_function_single+0x12/0x20
[ 2743.151219] RIP: 0010:try_charge_memcg+0x321/0x1360
[ 2743.151919] Code: 0e 00 00 49 c7 40 28 00 00 00 00 48 c7 c6 0a bb 78 81 4c 89 c7 e8 4f 23 b0 ff 48 83 3c 24 00 74 06 e8 13 cf d1 ff fb 45 84 ff <0f> 85 de 02 00 00 0f 1f 44 00 00 45 89 f5 4c 8d 7c 24 70 49 8d 9c
[ 2743.154487] RSP: 0018:ffff88804a21f2b8 EFLAGS: 00000202
[ 2743.155265] RAX: 0000000000004757 RBX: ffff88806ce34d08 RCX: ffffffff81283e5f
[ 2743.156243] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 2743.157297] RBP: 0000000000000001 R08: 0000000000000001 R09: ffffffff86a3e7af
[ 2743.158275] R10: fffffbfff0d47cf5 R11: 0000000000000001 R12: ffff888041c7c000
[ 2743.159255] R13: ffffffff86dcb780 R14: 0000000000000020 R15: 0000000000000001
[ 2743.160301]  ? mark_lock.part.0+0xef/0x2f60
[ 2743.160941]  ? try_charge_memcg+0x31d/0x1360
[ 2743.161568]  ? mem_cgroup_handle_over_high+0x480/0x480
[ 2743.162306]  ? lock_release+0x3b2/0x6f0
[ 2743.162850]  ? rcu_read_unlock+0x9/0x60
[ 2743.163402]  ? lock_downgrade+0x6d0/0x6d0
[ 2743.164006]  charge_memcg+0x233/0x370
[ 2743.164554]  __mem_cgroup_charge+0x24/0x80
[ 2743.165144]  __handle_mm_fault+0x10a9/0x35c0
[ 2743.165748]  ? lock_is_held_type+0xd7/0x130
[ 2743.166404]  ? __pmd_alloc+0x680/0x680
[ 2743.166996]  handle_mm_fault+0x2e6/0xa20
[ 2743.167561]  do_user_addr_fault+0x54a/0x12a0
[ 2743.168224]  exc_page_fault+0xa2/0x1a0
[ 2743.168816]  asm_exc_page_fault+0x1e/0x30
[ 2743.169398] RIP: 0010:copy_user_generic_string+0x2c/0x40
[ 2743.170142] Code: cb 83 fa 08 72 27 89 f9 83 e1 07 74 15 83 e9 08 f7 d9 29 ca 8a 06 88 07 48 ff c6 48 ff c7 ff c9 75 f2 89 d1 c1 e9 03 83 e2 07 <f3> 48 a5 89 d1 f3 a4 31 c0 0f 01 ca c3 8d 0c ca 89 ca eb 20 0f 01
[ 2743.172702] RSP: 0018:ffff88804a21f720 EFLAGS: 00050246
[ 2743.173439] RAX: 0000000000000001 RBX: 0000000000001000 RCX: 0000000000000078
[ 2743.174420] RDX: 0000000000000000 RSI: ffff88804668fc40 RDI: 000000002038d000
[ 2743.175433] RBP: 000000002038c3c0 R08: 0000000000000000 R09: ffff88804668ffff
[ 2743.176438] R10: ffffed1008cd1fff R11: 0000000000000001 R12: ffff88804668f000
[ 2743.177475] R13: 00007fffffffe000 R14: 0000000000000000 R15: ffff88804a21fd70
[ 2743.178502]  copyout.part.0+0xd1/0x100
[ 2743.179046]  _copy_to_iter+0x2b1/0x1820
[ 2743.179616]  ? lock_is_held_type+0xd7/0x130
[ 2743.180215]  ? copy_page_from_iter+0x9f0/0x9f0
[ 2743.180878]  ? lock_release+0x3b2/0x6f0
[ 2743.181452]  ? sk_wait_data+0x2f3/0x450
[ 2743.182018]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[ 2743.182775]  ? __virt_addr_valid+0xe9/0x310
[ 2743.183402]  ? __sanitizer_cov_trace_const_cmp1+0x22/0x80
[ 2743.184168]  ? __sanitizer_cov_trace_cmp8+0x1d/0x70
[ 2743.184876]  ? __check_object_size+0x1b5/0x4e0
[ 2743.185524]  simple_copy_to_iter+0x4c/0x70
[ 2743.186134]  __skb_datagram_iter+0x4f1/0x880
[ 2743.186745]  ? receiver_wake_function+0x70/0x70
[ 2743.187396]  skb_copy_datagram_iter+0x85/0x270
[ 2743.188050]  tcp_recvmsg_locked+0xecf/0x1e80
[ 2743.188719]  ? tcp_update_recv_tstamps+0x230/0x230
[ 2743.189413]  ? mark_held_locks+0x9e/0xe0
[ 2743.189986]  ? __local_bh_enable_ip+0xa0/0x120
[ 2743.190620]  tcp_recvmsg+0x137/0x620
[ 2743.191140]  ? tcp_recv_timestamp+0x6e0/0x6e0
[ 2743.191756]  ? lock_release+0x3b2/0x6f0
[ 2743.192312]  ? selinux_socket_recvmsg+0x1fd/0x2b0
[ 2743.192997]  ? selinux_socket_getsockopt+0x2b0/0x2b0
[ 2743.193709]  ? tcp_recv_timestamp+0x6e0/0x6e0
[ 2743.194336]  inet6_recvmsg+0x13b/0x670
[ 2743.194878]  ? inet6_bind+0x120/0x120
[ 2743.195416]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 2743.196179]  ? security_socket_recvmsg+0x95/0xc0
[ 2743.196851]  ? inet6_bind+0x120/0x120
[ 2743.197382]  sock_recvmsg+0xfb/0x180
[ 2743.197895]  __sys_recvfrom+0x1b8/0x2f0
[ 2743.198484]  ? __ia32_sys_send+0x100/0x100
[ 2743.199111]  ? __sanitizer_cov_trace_cmp8+0x1d/0x70
[ 2743.199806]  ? xfd_validate_state+0x59/0x180
[ 2743.200470]  ? restore_fpregs_from_fpstate+0xcc/0x1e0
[ 2743.201279]  __x64_sys_recvfrom+0xdd/0x1b0
[ 2743.201879]  ? lockdep_hardirqs_on+0x79/0x100
[ 2743.202530]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2743.203268]  do_syscall_64+0x3b/0x90
[ 2743.203806]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2743.204618] RIP: 0033:0x7fd83d5f0b19
[ 2743.205184] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2743.207727] RSP: 002b:00007fd83ab66188 EFLAGS: 00000246 ORIG_RAX: 000000000000002d
[ 2743.208826] RAX: ffffffffffffffda RBX: 00007fd83d703f60 RCX: 00007fd83d5f0b19
[ 2743.209780] RDX: 0000000020010397 RSI: 00000000200003c0 RDI: 0000000000000005
[ 2743.210780] RBP: 00007fd83d64af6d R08: 0000000000000000 R09: 0000000000000000
[ 2743.211757] R10: 0000000000000300 R11: 0000000000000246 R12: 0000000000000000
[ 2743.212736] R13: 00007ffd342fb13f R14: 00007fd83ab66300 R15: 0000000000022000
[ 2743.213736]  </TASK>
[ 2743.309493] Call Trace:
[ 2743.309986]  <TASK>
[ 2743.310366]  x86_pmu_stop+0x149/0x330
[ 2743.310969]  x86_pmu_del+0x1be/0x610
[ 2743.311563]  event_sched_out+0x2ed/0xe80
[ 2743.312190]  __perf_remove_from_context+0x87/0xbe0
[ 2743.312922]  event_function+0x297/0x3d0
[ 2743.313489]  ? perf_uprobe_event_init+0x1c0/0x1c0
[ 2743.314173]  remote_function+0x125/0x1b0
[ 2743.314688]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 2743.315401]  ? perf_duration_warn+0x40/0x40
[ 2743.315985]  generic_exec_single+0x203/0x300
[ 2743.316618]  smp_call_function_single+0x189/0x460
[ 2743.317247]  ? perf_duration_warn+0x40/0x40
[ 2743.317791]  ? generic_exec_single+0x300/0x300
[ 2743.318375]  ? perf_duration_warn+0x40/0x40
[ 2743.318957]  ? lock_is_held_type+0xd7/0x130
[ 2743.319504]  event_function_call+0x3d0/0x430
[ 2743.320071]  ? perf_group_detach+0x11b0/0x11b0
[ 2743.320705]  ? perf_copy_attr+0x9c0/0x9c0
[ 2743.321306]  ? lock_release+0x3b2/0x6f0
[ 2743.321843]  ? perf_group_detach+0x11b0/0x11b0
[ 2743.322474]  ? perf_uprobe_event_init+0x1c0/0x1c0
[ 2743.323152]  ? _raw_spin_unlock_irq+0x1f/0x40
[ 2743.323759]  perf_remove_from_context+0x12e/0x260
[ 2743.324412]  perf_event_release_kernel+0x153/0x7f0
[ 2743.325130]  ? lock_is_held_type+0xd7/0x130
[ 2743.325703]  ? perf_pmu_migrate_context+0xae0/0xae0
[ 2743.326343]  ? lock_is_held_type+0xd7/0x130
[ 2743.326944]  perf_release+0x33/0x40
[ 2743.327444]  __fput+0x272/0x9d0
[ 2743.327888]  ? perf_event_release_kernel+0x7f0/0x7f0
[ 2743.328570]  task_work_run+0xe2/0x1a0
[ 2743.329103]  exit_to_user_mode_prepare+0x199/0x1a0
[ 2743.329758]  syscall_exit_to_user_mode+0x19/0x50
[ 2743.330379]  do_syscall_64+0x48/0x90
[ 2743.330895]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2743.331612] RIP: 0033:0x7f750a30a72b
[ 2743.332114] Code: 0f 05 48 3d 00 f0 ff ff 77 45 c3 0f 1f 40 00 48 83 ec 18 89 7c 24 0c e8 63 fc ff ff 8b 7c 24 0c 41 89 c0 b8 03 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 35 44 89 c7 89 44 24 0c e8 a1 fc ff ff 8b 44
[ 2743.334623] RSP: 002b:00007ffc8fa2e8d0 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[ 2743.335653] RAX: 0000000000000000 RBX: 0000000000000004 RCX: 00007f750a30a72b
[ 2743.336602] RDX: 00007f750a46fa68 RSI: 0000000000000080 RDI: 0000000000000003
[ 2743.337589] RBP: 0000000000000000 R08: 0000000000000000 R09: 00007f750a46fa70
[ 2743.338562] R10: 00007ffc8fa2e9c0 R11: 0000000000000293 R12: 000000000029db7b
[ 2743.339469] R13: 00000000000003e8 R14: 00007f750a46af60 R15: 000000000029d990
[ 2743.340441]  </TASK>
09:02:46 executing program 6:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{&(0x7f0000000040)=""/35, 0x23}, {0x0}, {&(0x7f0000000300)=""/165, 0xa5}], 0x3, 0x100000, 0x0)

09:02:46 executing program 3:
socketpair$unix(0x1, 0x5, 0x0, 0x0)
sendmsg$unix(0xffffffffffffffff, 0x0, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
pwritev(r0, &(0x7f0000000640)=[{&(0x7f00000002c0)="19", 0x1}], 0x1, 0x8000000, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0)
r2 = socket$inet6(0xa, 0x1, 0x0)
bind$inet6(r2, &(0x7f00000002c0)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c)
recvfrom(r2, &(0x7f00000003c0)=""/87, 0x20010397, 0x300, 0x0, 0x0)
sendfile(r2, r1, 0x0, 0xfffffdef)
readv(0xffffffffffffffff, &(0x7f0000000040), 0x0)
openat$cgroup_freezer_state(0xffffffffffffffff, 0x0, 0x2, 0x0)
close(0xffffffffffffffff)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000001540), 0xffffffffffffffff)
sendmsg$NL80211_CMD_STOP_AP(r3, &(0x7f0000001600)={0x0, 0x0, &(0x7f00000015c0)={&(0x7f0000001580)=ANY=[@ANYBLOB="1c000000", @ANYRES16=0x0, @ANYBLOB="1700000000090000ff0000", @ANYRES32=0x0, @ANYBLOB], 0x1c}}, 0x0)
getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000000040), &(0x7f0000000080)=0xc)
syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x2200)

09:02:46 executing program 5:
socketpair$unix(0x1, 0x5, 0x0, 0x0)
sendmsg$unix(0xffffffffffffffff, 0x0, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
pwritev(r0, &(0x7f0000000640)=[{&(0x7f00000002c0)="19", 0x1}], 0x1, 0x8000000, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0)
r2 = socket$inet6(0xa, 0x1, 0x0)
bind$inet6(r2, &(0x7f00000002c0)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c)
recvfrom(r2, &(0x7f00000003c0)=""/87, 0x20010397, 0x300, 0x0, 0x0)
sendfile(r2, r1, 0x0, 0xfffffdef)
readv(0xffffffffffffffff, &(0x7f0000000040), 0x0)
openat$cgroup_freezer_state(0xffffffffffffffff, 0x0, 0x2, 0x0)
r3 = socket$inet6(0xa, 0x0, 0xfffffff8)
ioctl$F2FS_IOC_MOVE_RANGE(r2, 0xc020f509, &(0x7f00000000c0)={r3, 0x2, 0x10001, 0xa1e})
close(0xffffffffffffffff)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000001540), 0xffffffffffffffff)
sendmsg$NL80211_CMD_STOP_AP(r4, &(0x7f0000001600)={0x0, 0x0, &(0x7f00000015c0)={&(0x7f0000001580)={0x1c, 0x0, 0x100, 0x0, 0x0, {{}, {@val={0x8}, @void}}}, 0x1c}}, 0x0)
getsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f0000000040), &(0x7f0000000080)=0xc)
syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x2200)

09:02:46 executing program 2:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NLBL_MGMT_C_VERSION(r0, &(0x7f00000001c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x24, 0x0, 0x100, 0x70bd25, 0x25dfdbfd, {}, [@NLBL_MGMT_A_PROTOCOL={0x8}, @NLBL_MGMT_A_FAMILY={0x6, 0xb, 0x1}]}, 0x24}, 0x1, 0x0, 0x0, 0x4001}, 0x4080)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$netlbl_cipso(&(0x7f0000000340), r1)
sendmsg$NLBL_CIPSOV4_C_LIST(r1, &(0x7f0000000c80)={0x0, 0x0, &(0x7f0000000c40)={&(0x7f0000000980)={0x18, r2, 0x1, 0x0, 0x0, {}, [@NLBL_CIPSOV4_A_MLSLVLLST={0x4}]}, 0x18}}, 0x0)
r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000080), r3)
sendmsg$NLBL_MGMT_C_ADD(r3, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)={0x4c, r4, 0x1, 0x0, 0x0, {}, [@NLBL_MGMT_A_DOMAIN={0x6, 0x1, '%\x00'}, @NLBL_MGMT_A_IPV6ADDR={0x14, 0x5, @local}, @NLBL_MGMT_A_IPV6MASK={0x14, 0x6, @mcast1}, @NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x5}]}, 0x4c}, 0x1, 0x700000000000000}, 0x0)

09:02:46 executing program 1:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{&(0x7f0000000040)=""/35, 0x23}, {0x0, 0x2}, {&(0x7f0000000300)=""/165, 0xa5}], 0x3, 0x7000000, 0x0)

09:02:46 executing program 7:
openat$sndseq(0xffffffffffffff9c, 0x0, 0x0)
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{0x0}, {&(0x7f0000000300)=""/165, 0xa5}], 0x2, 0x4c000000, 0x0)

09:02:46 executing program 0:
perf_event_open$cgroup(&(0x7f0000000c00)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x1014, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

09:02:46 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, 0x0)
sendmsg$unix(0xffffffffffffffff, 0x0, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x101042, 0x0)
pwritev(r0, &(0x7f0000000640)=[{&(0x7f00000002c0)="19", 0x1}], 0x1, 0x8000000, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0)
r2 = socket$inet6(0xa, 0x1, 0x0)
bind$inet6(r2, &(0x7f00000002c0)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c)
recvfrom(r2, &(0x7f00000003c0)=""/87, 0x20010397, 0x300, 0x0, 0x0)
sendfile(r2, r1, 0x0, 0xfffffdef)
readv(0xffffffffffffffff, &(0x7f0000000040), 0x0)
ioctl$BTRFS_IOC_QUOTA_RESCAN_WAIT(0xffffffffffffffff, 0x942e, 0x0)
openat$cgroup_freezer_state(0xffffffffffffffff, 0x0, 0x2, 0x0)
close(0xffffffffffffffff)
ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(r0, 0x40106614, &(0x7f0000000140))
r3 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000001540), 0xffffffffffffffff)
sendmsg$NL80211_CMD_STOP_AP(r3, &(0x7f0000001600)={0x0, 0x0, &(0x7f00000015c0)={&(0x7f0000001580)={0x1c, 0x0, 0x1, 0x0, 0x0, {{}, {@val={0x8}, @void}}}, 0x1c}}, 0x0)
getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000000040), &(0x7f0000000080)=0xc)
syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x2200)

09:02:46 executing program 2:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NLBL_MGMT_C_VERSION(r0, &(0x7f00000001c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x24, 0x0, 0x100, 0x70bd25, 0x25dfdbfd, {}, [@NLBL_MGMT_A_PROTOCOL={0x8}, @NLBL_MGMT_A_FAMILY={0x6, 0xb, 0x1}]}, 0x24}, 0x1, 0x0, 0x0, 0x4001}, 0x4080)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$netlbl_cipso(&(0x7f0000000340), r1)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000080), r2)
sendmsg$NLBL_MGMT_C_ADD(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)={0x4c, r3, 0x1, 0x0, 0x0, {}, [@NLBL_MGMT_A_DOMAIN={0x6, 0x1, '%\x00'}, @NLBL_MGMT_A_IPV6ADDR={0x14, 0x5, @local}, @NLBL_MGMT_A_IPV6MASK={0x14, 0x6, @mcast1}, @NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x5}]}, 0x4c}, 0x1, 0x700000000000000}, 0x0)

[ 2758.564151] Call Trace:
[ 2758.564607]  <TASK>
[ 2758.564906]  ? x86_pmu_start+0x1c0/0x240
[ 2758.565493]  x86_pmu_enable+0x580/0xd90
[ 2758.566032]  ? amd_pmu_disable_virt+0xa0/0xa0
[ 2758.566671]  ctx_resched+0x2b9/0x3a0
[ 2758.567214]  __perf_install_in_context+0x285/0xa40
[ 2758.567866]  ? ctx_resched+0x3a0/0x3a0
[ 2758.568400]  remote_function+0x125/0x1b0
[ 2758.568982]  flush_smp_call_function_queue+0x1df/0x610
[ 2758.569707]  ? perf_duration_warn+0x40/0x40
[ 2758.570307]  __sysvec_call_function_single+0x92/0x3a0
[ 2758.571013]  sysvec_call_function_single+0x3b/0xc0
[ 2758.571683]  ? asm_sysvec_call_function_single+0xa/0x20
[ 2758.572437]  asm_sysvec_call_function_single+0x12/0x20
[ 2758.573222] RIP: 0033:0x7f792bcccbc7
[ 2758.573742] Code: 31 c0 80 3d eb e7 09 01 00 0f 85 74 ff ff ff bd 01 00 00 00 45 8d 58 04 44 89 c0 41 89 c2 41 81 e2 ff 1f 00 00 43 8b 7c 95 00 <41> 39 f8 0f 84 6b ff ff ff 85 ff 0f 84 58 01 00 00 83 c0 01 41 39
[ 2758.576244] RSP: 002b:00007fffdbdaca20 EFLAGS: 00000202
[ 2758.577018] RAX: 00000000bc2b7bb0 RBX: 00007f792ba96008 RCX: 0000001b2e220000
[ 2758.577981] RDX: 0000001b2e22c5a0 RSI: ffffffff817f7922 RDI: 000000003e871bb0
[ 2758.579025] RBP: 0000000000000001 R08: 00000000bc2b7bad R09: 0000001b2e22c528
[ 2758.579996] R10: 0000000000001bb0 R11: 00000000bc2b7bb1 R12: 0000000000000220
[ 2758.581049] R13: 00007f792be26000 R14: ffffffff817f7922 R15: 00007f792be31ff0
[ 2758.582023]  ? path_openat+0x252/0x2870
[ 2758.582588]  ? path_openat+0x252/0x2870
[ 2758.583140]  </TASK>
[ 2758.600296] Call Trace:
[ 2758.600674]  <IRQ>
[ 2758.601013]  x86_pmu_stop+0x149/0x330
[ 2758.601535]  x86_pmu_del+0x1be/0x610
[ 2758.602025]  event_sched_out+0x2ed/0xe80
[ 2758.602587]  __perf_remove_from_context+0x87/0xbe0
[ 2758.603248]  event_function+0x297/0x3d0
[ 2758.603762]  ? perf_uprobe_event_init+0x1c0/0x1c0
[ 2758.604404]  remote_function+0x125/0x1b0
[ 2758.605000]  flush_smp_call_function_queue+0x1df/0x610
[ 2758.605753]  ? perf_duration_warn+0x40/0x40
[ 2758.606369]  __sysvec_call_function_single+0x92/0x3a0
[ 2758.607074]  sysvec_call_function_single+0x89/0xc0
[ 2758.607763]  </IRQ>
[ 2758.608062]  <TASK>
[ 2758.608369]  asm_sysvec_call_function_single+0x12/0x20
[ 2758.609137] RIP: 0010:__sanitizer_cov_trace_pc+0xd/0x60
[ 2758.609851] Code: 00 5d e9 b6 e9 c2 00 66 0f 1f 44 00 00 48 8b be a8 01 00 00 e8 b4 ff ff ff 31 c0 c3 90 65 8b 05 b9 b5 be 7e 89 c1 48 8b 34 24 <81> e1 00 01 00 00 65 48 8b 14 25 40 6f 02 00 a9 00 01 ff 00 74 0e
[ 2758.612382] RSP: 0018:ffff888049f6f748 EFLAGS: 00000246
[ 2758.613130] RAX: 0000000080000001 RBX: ffff888041f2d100 RCX: 0000000080000001
[ 2758.614124] RDX: ffff8880098f0000 RSI: ffffffff81673b99 RDI: 0000000000000003
[ 2758.615066] RBP: ffffea0000e71e80 R08: 0000000000039c7a R09: 0000000000000001
[ 2758.616015] R10: ffffffff81673b65 R11: 0000000000000000 R12: ffff888049f6fa48
[ 2758.616983] R13: 0000000000000001 R14: dffffc0000000000 R15: ffff888049f6fa28
[ 2758.617948]  ? unmap_page_range+0xda5/0x2680
[ 2758.618548]  ? unmap_page_range+0xdd9/0x2680
[ 2758.619140]  unmap_page_range+0xdd9/0x2680
[ 2758.619724]  ? vm_normal_page+0x2e0/0x2e0
[ 2758.620280]  ? lock_release+0x3b2/0x6f0
[ 2758.620818]  ? lock_downgrade+0x6d0/0x6d0
[ 2758.621392]  ? uprobe_munmap+0x1c/0x560
[ 2758.621934]  unmap_single_vma+0x198/0x310
[ 2758.622523]  unmap_vmas+0x16b/0x2f0
[ 2758.623019]  ? lock_downgrade+0x6d0/0x6d0
[ 2758.623577]  ? unmap_mapping_range+0x280/0x280
[ 2758.624204]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 2758.625020]  exit_mmap+0x192/0x460
[ 2758.625499]  ? do_munmap+0x40/0x40
[ 2758.625990]  ? delayed_uprobe_remove+0x27/0x230
[ 2758.626654]  mmput+0xc8/0x380
[ 2758.627073]  do_exit+0xa0a/0x27e0
[ 2758.627583]  ? lockdep_hardirqs_on+0x79/0x100
[ 2758.628180]  ? mm_update_next_owner+0x7d0/0x7d0
[ 2758.628792]  ? trace_hardirqs_on+0x38/0x190
[ 2758.629405]  do_group_exit+0xd2/0x2f0
[ 2758.629900]  get_signal+0x2303/0x2350
[ 2758.630458]  ? signal_setup_done+0x520/0x520
[ 2758.631038]  arch_do_signal_or_restart+0x88/0x1a40
[ 2758.631701]  ? do_futex+0x136/0x380
[ 2758.632184]  ? __ia32_compat_sys_get_robust_list+0x3b0/0x3b0
[ 2758.632984]  ? get_sigframe_size+0x10/0x10
[ 2758.633561]  ? __fget_files+0x287/0x470
[ 2758.634098]  ? __x64_sys_futex+0x1c6/0x4c0
[ 2758.634649]  ? __fget_light+0x155/0x270
[ 2758.635171]  ? __x64_sys_futex_time32+0x480/0x480
[ 2758.635831]  exit_to_user_mode_prepare+0x131/0x1a0
[ 2758.636506]  syscall_exit_to_user_mode+0x19/0x50
[ 2758.637206]  do_syscall_64+0x48/0x90
[ 2758.637695]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2758.638398] RIP: 0033:0x7f40f402eb19
[ 2758.638889] Code: Unable to access opcode bytes at RIP 0x7f40f402eaef.
[ 2758.639800] RSP: 002b:00007f40f15a4218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 2758.640865] RAX: fffffffffffffe00 RBX: 00007f40f4141f68 RCX: 00007f40f402eb19
[ 2758.641857] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f40f4141f68
[ 2758.642881] RBP: 00007f40f4141f60 R08: 0000000000000000 R09: 0000000000000000
[ 2758.643890] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f40f4141f6c
[ 2758.644879] R13: 00007ffe1d72044f R14: 00007f40f15a4300 R15: 0000000000022000
[ 2758.645959]  </TASK>
[ 2758.650840] Call Trace:
[ 2758.651328]  <TASK>
[ 2758.651647]  ? x86_pmu_start+0x1c0/0x240
[ 2758.652230]  x86_pmu_enable+0x580/0xd90
[ 2758.652827]  ? amd_pmu_disable_virt+0xa0/0xa0
[ 2758.653585]  ctx_resched+0x2b9/0x3a0
[ 2758.654136]  __perf_install_in_context+0x285/0xa40
[ 2758.654812]  ? ctx_resched+0x3a0/0x3a0
[ 2758.655331]  remote_function+0x125/0x1b0
[ 2758.655866]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 2758.656636]  ? perf_duration_warn+0x40/0x40
[ 2758.657269]  generic_exec_single+0x203/0x300
[ 2758.657929]  smp_call_function_single+0x189/0x460
[ 2758.658674]  ? perf_duration_warn+0x40/0x40
[ 2758.659269]  ? generic_exec_single+0x300/0x300
[ 2758.659884]  ? perf_duration_warn+0x40/0x40
[ 2758.660473]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 2758.661267]  ? lock_is_held_type+0xd7/0x130
[ 2758.661913]  perf_install_in_context+0x4da/0x590
[ 2758.662577]  ? list_add_event+0xeb0/0xeb0
[ 2758.663145]  ? ctx_resched+0x3a0/0x3a0
[ 2758.663686]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 2758.664436]  ? exclusive_event_installable+0x254/0x320
[ 2758.665222]  __do_sys_perf_event_open+0x1bf0/0x3040
[ 2758.665970]  ? perf_remove_from_context+0x260/0x260
[ 2758.666657]  ? xfd_validate_state+0x59/0x180
[ 2758.667256]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2758.667968]  do_syscall_64+0x3b/0x90
[ 2758.668538]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2758.669325] RIP: 0033:0x7f750a357b19
[ 2758.669842] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2758.672464] RSP: 002b:00007f75078cd188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a
[ 2758.673547] RAX: ffffffffffffffda RBX: 00007f750a46af60 RCX: 00007f750a357b19
[ 2758.674550] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000c00
[ 2758.675514] RBP: 00007f750a3b1f6d R08: 0000000000000000 R09: 0000000000000000
[ 2758.676531] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000000
[ 2758.677555] R13: 00007ffc8fa2e86f R14: 00007f75078cd300 R15: 0000000000022000
[ 2758.678552]  </TASK>
09:02:46 executing program 7:
openat$sndseq(0xffffffffffffff9c, 0x0, 0x0)
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{0x0}, {&(0x7f0000000300)=""/165, 0xa5}], 0x2, 0x68000000, 0x0)

09:02:46 executing program 1:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{&(0x7f0000000040)=""/35, 0x23}, {0x0, 0x2}, {&(0x7f0000000300)=""/165, 0xa5}], 0x3, 0xa000000, 0x0)

09:02:47 executing program 2:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NLBL_MGMT_C_VERSION(r0, &(0x7f00000001c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x24, 0x0, 0x100, 0x70bd25, 0x25dfdbfd, {}, [@NLBL_MGMT_A_PROTOCOL={0x8}, @NLBL_MGMT_A_FAMILY={0x6, 0xb, 0x1}]}, 0x24}, 0x1, 0x0, 0x0, 0x4001}, 0x4080)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000080), r1)
sendmsg$NLBL_MGMT_C_ADD(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)={0x4c, r2, 0x1, 0x0, 0x0, {}, [@NLBL_MGMT_A_DOMAIN={0x6, 0x1, '%\x00'}, @NLBL_MGMT_A_IPV6ADDR={0x14, 0x5, @local}, @NLBL_MGMT_A_IPV6MASK={0x14, 0x6, @mcast1}, @NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x5}]}, 0x4c}, 0x1, 0x700000000000000}, 0x0)

09:02:47 executing program 6:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{&(0x7f0000000040)=""/35, 0x23}, {0x0}, {&(0x7f0000000300)=""/165, 0xa5}], 0x3, 0x1000000, 0x0)

09:02:47 executing program 2:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NLBL_MGMT_C_VERSION(r0, &(0x7f00000001c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x24, 0x0, 0x100, 0x70bd25, 0x25dfdbfd, {}, [@NLBL_MGMT_A_PROTOCOL={0x8}, @NLBL_MGMT_A_FAMILY={0x6, 0xb, 0x1}]}, 0x24}, 0x1, 0x0, 0x0, 0x4001}, 0x4080)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000080), r1)
sendmsg$NLBL_MGMT_C_ADD(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)={0x4c, r2, 0x1, 0x0, 0x0, {}, [@NLBL_MGMT_A_DOMAIN={0x6, 0x1, '%\x00'}, @NLBL_MGMT_A_IPV6ADDR={0x14, 0x5, @local}, @NLBL_MGMT_A_IPV6MASK={0x14, 0x6, @mcast1}, @NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x5}]}, 0x4c}, 0x1, 0x700000000000000}, 0x0)

[ 2758.874064] Call Trace:
[ 2758.874529]  <TASK>
[ 2758.874859]  x86_pmu_stop+0x149/0x330
[ 2758.875414]  x86_pmu_del+0x1be/0x610
[ 2758.875951]  event_sched_out+0x2ed/0xe80
[ 2758.876543]  __perf_remove_from_context+0x87/0xbe0
[ 2758.877257]  event_function+0x297/0x3d0
[ 2758.877843]  ? perf_uprobe_event_init+0x1c0/0x1c0
[ 2758.878540]  remote_function+0x125/0x1b0
[ 2758.879134]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 2758.879933]  ? perf_duration_warn+0x40/0x40
[ 2758.880558]  generic_exec_single+0x203/0x300
[ 2758.881221]  smp_call_function_single+0x189/0x460
[ 2758.881907]  ? perf_duration_warn+0x40/0x40
[ 2758.882535]  ? generic_exec_single+0x300/0x300
[ 2758.883197]  ? perf_duration_warn+0x40/0x40
[ 2758.883848]  ? lock_is_held_type+0xd7/0x130
[ 2758.884463]  event_function_call+0x3d0/0x430
[ 2758.885146]  ? perf_group_detach+0x11b0/0x11b0
[ 2758.885796]  ? perf_copy_attr+0x9c0/0x9c0
[ 2758.886387]  ? lock_release+0x3b2/0x6f0
[ 2758.886948]  ? perf_group_detach+0x11b0/0x11b0
[ 2758.887596]  ? perf_uprobe_event_init+0x1c0/0x1c0
[ 2758.888246]  ? _raw_spin_unlock_irq+0x1f/0x40
[ 2758.888877]  perf_remove_from_context+0x12e/0x260
[ 2758.889607]  perf_event_release_kernel+0x153/0x7f0
[ 2758.890305]  ? lock_is_held_type+0xd7/0x130
[ 2758.890931]  ? perf_pmu_migrate_context+0xae0/0xae0
[ 2758.891631]  ? lock_is_held_type+0xd7/0x130
[ 2758.892226]  perf_release+0x33/0x40
[ 2758.892734]  __fput+0x272/0x9d0
[ 2758.893244]  ? perf_event_release_kernel+0x7f0/0x7f0
[ 2758.893967]  task_work_run+0xe2/0x1a0
[ 2758.894534]  do_exit+0xaf7/0x27e0
[ 2758.895014]  ? find_held_lock+0x2c/0x110
[ 2758.895591]  ? lock_release+0x3b2/0x6f0
[ 2758.896179]  ? mm_update_next_owner+0x7d0/0x7d0
[ 2758.896812]  ? lock_downgrade+0x6d0/0x6d0
[ 2758.897426]  ? lock_is_held_type+0xd7/0x130
[ 2758.898049]  do_group_exit+0xd2/0x2f0
[ 2758.898592]  get_signal+0x2303/0x2350
[ 2758.899185]  ? lock_downgrade+0x6d0/0x6d0
[ 2758.899816]  ? signal_setup_done+0x520/0x520
[ 2758.900445]  ? lock_is_held_type+0xd7/0x130
[ 2758.901105]  arch_do_signal_or_restart+0x88/0x1a40
[ 2758.901835]  ? __do_sys_perf_event_open+0xd2/0x3040
[ 2758.902538]  ? get_sigframe_size+0x10/0x10
[ 2758.903127]  ? perf_remove_from_context+0x260/0x260
[ 2758.903833]  ? xfd_validate_state+0x59/0x180
[ 2758.904460]  exit_to_user_mode_prepare+0x131/0x1a0
[ 2758.905217]  syscall_exit_to_user_mode+0x19/0x50
[ 2758.905848]  do_syscall_64+0x48/0x90
[ 2758.906343]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2758.907024] RIP: 0033:0x7f750a357b19
[ 2758.907526] Code: Unable to access opcode bytes at RIP 0x7f750a357aef.
[ 2758.908415] RSP: 002b:00007f75078cd188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a
[ 2758.909470] RAX: 0000000000000003 RBX: 00007f750a46af60 RCX: 00007f750a357b19
[ 2758.910407] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000c00
[ 2758.911357] RBP: 00007f750a3b1f6d R08: 0000000000000000 R09: 0000000000000000
[ 2758.912331] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000000
[ 2758.913414] R13: 00007ffc8fa2e86f R14: 00007f75078cd300 R15: 0000000000022000
[ 2758.914423]  </TASK>
09:02:47 executing program 7:
openat$sndseq(0xffffffffffffff9c, 0x0, 0x0)
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{0x0}, {&(0x7f0000000300)=""/165, 0xa5}], 0x2, 0x6c000000, 0x0)

09:02:47 executing program 1:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{&(0x7f0000000040)=""/35, 0x23}, {0x0, 0x2}, {&(0x7f0000000300)=""/165, 0xa5}], 0x3, 0x10000000, 0x0)

09:03:02 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, 0x0)
sendmsg$unix(0xffffffffffffffff, 0x0, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
pwritev(r0, &(0x7f0000000640)=[{&(0x7f00000002c0)="19", 0x1}], 0x1, 0x8000000, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0)
r2 = socket$inet6(0xa, 0x1, 0x0)
bind$inet6(r2, &(0x7f00000002c0)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c)
recvfrom(r2, &(0x7f00000003c0)=""/87, 0x20010397, 0x300, 0x0, 0x0)
sendfile(r2, r1, 0x0, 0xfffffdef)
readv(0xffffffffffffffff, &(0x7f0000000040), 0x0)
openat$cgroup_freezer_state(0xffffffffffffffff, 0x0, 0x2, 0x0)
close(0xffffffffffffffff)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000001540), 0xffffffffffffffff)
sendmsg$NL80211_CMD_STOP_AP(r3, &(0x7f0000001600)={0x0, 0x0, &(0x7f00000015c0)={&(0x7f0000001580)=ANY=[@ANYBLOB="1c000000", @ANYRES16=0x0, @ANYBLOB="1700000000090000ff0000", @ANYRES32=0x0, @ANYBLOB], 0x1c}}, 0x0)
getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000000040), &(0x7f0000000080)=0xc)
syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x2200)

09:03:02 executing program 3:
socketpair$unix(0x1, 0x5, 0x0, 0x0)
sendmsg$unix(0xffffffffffffffff, 0x0, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
pwritev(r0, &(0x7f0000000640)=[{&(0x7f00000002c0)="19", 0x1}], 0x1, 0x8000000, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0)
r2 = socket$inet6(0xa, 0x1, 0x0)
bind$inet6(r2, &(0x7f00000002c0)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c)
recvfrom(r2, &(0x7f00000003c0)=""/87, 0x20010397, 0x300, 0x0, 0x0)
sendfile(r2, r1, 0x0, 0xfffffdef)
readv(0xffffffffffffffff, &(0x7f0000000040), 0x0)
openat$cgroup_freezer_state(0xffffffffffffffff, 0x0, 0x2, 0x0)
close(0xffffffffffffffff)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000001540), 0xffffffffffffffff)
sendmsg$NL80211_CMD_STOP_AP(r3, &(0x7f0000001600)={0x0, 0x0, &(0x7f00000015c0)={&(0x7f0000001580)=ANY=[@ANYBLOB="1c000000", @ANYRES16=0x0, @ANYBLOB="1700000000090000ff0000", @ANYRES32=0x0, @ANYBLOB], 0x1c}}, 0x0)
getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000000040), &(0x7f0000000080)=0xc)
syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x2200)

09:03:02 executing program 2:
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000080), r0)
sendmsg$NLBL_MGMT_C_ADD(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)={0x4c, r1, 0x1, 0x0, 0x0, {}, [@NLBL_MGMT_A_DOMAIN={0x6, 0x1, '%\x00'}, @NLBL_MGMT_A_IPV6ADDR={0x14, 0x5, @local}, @NLBL_MGMT_A_IPV6MASK={0x14, 0x6, @mcast1}, @NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x5}]}, 0x4c}, 0x1, 0x700000000000000}, 0x0)

09:03:02 executing program 7:
openat$sndseq(0xffffffffffffff9c, 0x0, 0x0)
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{0x0}, {&(0x7f0000000300)=""/165, 0xa5}], 0x2, 0x74000000, 0x0)

09:03:02 executing program 6:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{&(0x7f0000000040)=""/35, 0x23}, {0x0}, {&(0x7f0000000300)=""/165, 0xa5}], 0x3, 0x2000000, 0x0)

09:03:02 executing program 0:
perf_event_open$cgroup(&(0x7f0000000c00)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x1015, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

09:03:02 executing program 1:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{&(0x7f0000000040)=""/35, 0x23}, {0x0, 0x2}, {&(0x7f0000000300)=""/165, 0xa5}], 0x3, 0x1ffff000, 0x0)

09:03:02 executing program 5:
socketpair$unix(0x1, 0x5, 0x0, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
pwritev(r0, &(0x7f0000000640)=[{&(0x7f00000002c0)="19", 0x1}], 0x1, 0x8000000, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0)
r2 = socket$inet6(0xa, 0x1, 0x0)
bind$inet6(r2, &(0x7f00000002c0)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c)
recvfrom(0xffffffffffffffff, &(0x7f00000001c0)=""/100, 0x64, 0x300, 0x0, 0x0)
sendfile(r2, r1, 0x0, 0xfffffdef)
ioctl$AUTOFS_IOC_EXPIRE_MULTI(0xffffffffffffffff, 0x40049366, &(0x7f0000000700)=0x4)
readv(0xffffffffffffffff, &(0x7f0000000040), 0x0)
openat$cgroup_freezer_state(0xffffffffffffffff, 0x0, 0x2, 0x0)
close(0xffffffffffffffff)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000001540), 0xffffffffffffffff)
sendmsg$NL80211_CMD_STOP_AP(r3, &(0x7f0000001600)={0x0, 0x0, &(0x7f00000015c0)={&(0x7f0000000480)=ANY=[@ANYBLOB="1c000000a8905e7b1c5892c84e8fe7ce33460132a09545aaf086d9040d6f5126c721437c4891d9fbd9a43cd422701273e43a73dee6326d332745cb8135ee32e8a29fe769e60108281e68c9ce8aa921", @ANYRES16=0x0, @ANYBLOB="010000000000000000001000000008000300563222ec1e39a961b6f445a74cfc4f7bcec495a6039d1fd128fa55d26f60deadfe7837133deb3deadbf35742de78de7bb2583aef6ddf43d30b24707c7cf36a6c015b3facbc25ffa9cf522819a93fa0a3dbc940582059f0f5f7d82fb581e8c405016b108a9c25e9a3fc79344a25be3f8bdcd3", @ANYRES32=0x0, @ANYBLOB="ca53a9198d0c879777bb8c60eabb232bb8b435d0aaafab676648bd61338d3b25f426177fb1d2dc6e4b951e688fbdff332ae1b5b26ae1cdeae4fa1c9702b129b0651dac63852fb0b608b6f40e944533ed9376d243f8a8353b009c954721c5e4b9cc2b5b60d81d000000eaba"], 0x1c}}, 0x0)
kcmp(0x0, 0x0, 0x4, 0xffffffffffffffff, 0xffffffffffffffff)
syz_open_procfs(0x0, &(0x7f00000000c0)='net/sctp\x00')
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000040), &(0x7f0000000080)=0xc)
syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x2200)

[ 2774.426648] Call Trace:
[ 2774.427076]  <TASK>
[ 2774.427473]  ? x86_pmu_start+0x1c0/0x240
[ 2774.428091]  x86_pmu_enable+0x580/0xd90
[ 2774.428676]  ? amd_pmu_disable_virt+0xa0/0xa0
[ 2774.429342]  ctx_resched+0x2b9/0x3a0
[ 2774.429826]  __perf_install_in_context+0x285/0xa40
[ 2774.430504]  ? ctx_resched+0x3a0/0x3a0
[ 2774.431056]  remote_function+0x125/0x1b0
[ 2774.431646]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 2774.432480]  ? perf_duration_warn+0x40/0x40
[ 2774.433040]  generic_exec_single+0x203/0x300
[ 2774.433676]  smp_call_function_single+0x189/0x460
[ 2774.434337]  ? perf_duration_warn+0x40/0x40
[ 2774.434948]  ? generic_exec_single+0x300/0x300
[ 2774.435603]  ? perf_duration_warn+0x40/0x40
[ 2774.436171]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 2774.436896]  ? lock_is_held_type+0xd7/0x130
[ 2774.437541]  perf_install_in_context+0x4da/0x590
[ 2774.438182]  ? list_add_event+0xeb0/0xeb0
[ 2774.438733]  ? ctx_resched+0x3a0/0x3a0
[ 2774.439246]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 2774.439964]  ? exclusive_event_installable+0x254/0x320
[ 2774.440667]  __do_sys_perf_event_open+0x1bf0/0x3040
[ 2774.441372]  ? __up_read+0x192/0x710
[ 2774.441854]  ? perf_remove_from_context+0x260/0x260
[ 2774.442588]  ? up_write+0x460/0x460
[ 2774.443130]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2774.443851]  do_syscall_64+0x3b/0x90
[ 2774.444338]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2774.445039] RIP: 0033:0x7f750a357b19
[ 2774.445553] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2774.448101] RSP: 002b:00007f75078cd188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a
[ 2774.449223] RAX: ffffffffffffffda RBX: 00007f750a46af60 RCX: 00007f750a357b19
[ 2774.450237] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000c00
[ 2774.451211] RBP: 00007f750a3b1f6d R08: 0000000000000000 R09: 0000000000000000
[ 2774.452197] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000000
[ 2774.453276] R13: 00007ffc8fa2e86f R14: 00007f75078cd300 R15: 0000000000022000
[ 2774.454279]  </TASK>
09:03:02 executing program 1:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{&(0x7f0000000040)=""/35, 0x23}, {0x0, 0x2}, {&(0x7f0000000300)=""/165, 0xa5}], 0x3, 0x20000000, 0x0)

[ 2774.457384] Call Trace:
[ 2774.457786]  <TASK>
[ 2774.458107]  x86_pmu_stop+0x149/0x330
[ 2774.458651]  x86_pmu_del+0x1be/0x610
[ 2774.459173]  event_sched_out+0x2ed/0xe80
[ 2774.459740]  __perf_remove_from_context+0x87/0xbe0
[ 2774.460412]  event_function+0x297/0x3d0
[ 2774.460938]  ? perf_uprobe_event_init+0x1c0/0x1c0
[ 2774.461619]  remote_function+0x125/0x1b0
[ 2774.462373]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 2774.463140]  ? perf_duration_warn+0x40/0x40
[ 2774.463729]  generic_exec_single+0x203/0x300
[ 2774.464330]  smp_call_function_single+0x189/0x460
[ 2774.464982]  ? perf_duration_warn+0x40/0x40
[ 2774.465605]  ? generic_exec_single+0x300/0x300
[ 2774.466216]  ? perf_duration_warn+0x40/0x40
[ 2774.466788]  ? lock_is_held_type+0xd7/0x130
[ 2774.467370]  event_function_call+0x3d0/0x430
[ 2774.467955]  ? perf_group_detach+0x11b0/0x11b0
[ 2774.468585]  ? perf_copy_attr+0x9c0/0x9c0
[ 2774.469204]  ? lock_release+0x3b2/0x6f0
[ 2774.469763]  ? perf_group_detach+0x11b0/0x11b0
[ 2774.470379]  ? perf_uprobe_event_init+0x1c0/0x1c0
[ 2774.471020]  ? _raw_spin_unlock_irq+0x1f/0x40
[ 2774.471648]  perf_remove_from_context+0x12e/0x260
[ 2774.472322]  perf_event_release_kernel+0x153/0x7f0
[ 2774.472989]  ? lock_is_held_type+0xd7/0x130
[ 2774.473625]  ? perf_pmu_migrate_context+0xae0/0xae0
[ 2774.474295]  ? lock_is_held_type+0xd7/0x130
[ 2774.474863]  perf_release+0x33/0x40
[ 2774.475347]  __fput+0x272/0x9d0
[ 2774.475779]  ? perf_event_release_kernel+0x7f0/0x7f0
[ 2774.476452]  task_work_run+0xe2/0x1a0
[ 2774.476964]  exit_to_user_mode_prepare+0x199/0x1a0
[ 2774.477645]  syscall_exit_to_user_mode+0x19/0x50
[ 2774.478279]  do_syscall_64+0x48/0x90
[ 2774.478785]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2774.479494] RIP: 0033:0x7f750a30a72b
[ 2774.479987] Code: 0f 05 48 3d 00 f0 ff ff 77 45 c3 0f 1f 40 00 48 83 ec 18 89 7c 24 0c e8 63 fc ff ff 8b 7c 24 0c 41 89 c0 b8 03 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 35 44 89 c7 89 44 24 0c e8 a1 fc ff ff 8b 44
[ 2774.482485] RSP: 002b:00007ffc8fa2e8d0 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[ 2774.483509] RAX: 0000000000000000 RBX: 0000000000000004 RCX: 00007f750a30a72b
[ 2774.484448] RDX: 00007f750a46fa68 RSI: ffffffff8411f74e RDI: 0000000000000003
[ 2774.485425] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000001b30c2001c
[ 2774.486341] R10: 0000000000000f41 R11: 0000000000000293 R12: 00000000002a5516
[ 2774.487271] R13: 00000000000003e8 R14: 00007f750a46af60 R15: 00000000002a5515
[ 2774.488231]  ? syscall_exit_to_user_mode+0x1e/0x50
[ 2774.488911]  </TASK>
09:03:02 executing program 6:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{&(0x7f0000000040)=""/35, 0x23}, {0x0}, {&(0x7f0000000300)=""/165, 0xa5}], 0x3, 0x3000000, 0x0)

09:03:02 executing program 7:
openat$sndseq(0xffffffffffffff9c, 0x0, 0x0)
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{0x0}, {&(0x7f0000000300)=""/165, 0xa5}], 0x2, 0x7a000000, 0x0)

09:03:02 executing program 2:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000080), r0)
sendmsg$NLBL_MGMT_C_ADD(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)={0x4c, r1, 0x1, 0x0, 0x0, {}, [@NLBL_MGMT_A_DOMAIN={0x6, 0x1, '%\x00'}, @NLBL_MGMT_A_IPV6ADDR={0x14, 0x5, @local}, @NLBL_MGMT_A_IPV6MASK={0x14, 0x6, @mcast1}, @NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x5}]}, 0x4c}, 0x1, 0x700000000000000}, 0x0)

09:03:02 executing program 1:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{&(0x7f0000000040)=""/35, 0x23}, {0x0, 0x2}, {&(0x7f0000000300)=""/165, 0xa5}], 0x3, 0x21000000, 0x0)

[ 2774.589836] Call Trace:
[ 2774.590262]  <IRQ>
[ 2774.590567]  ? x86_pmu_start+0x1c0/0x240
[ 2774.591120]  x86_pmu_enable+0x580/0xd90
[ 2774.591647]  ? amd_pmu_disable_virt+0xa0/0xa0
[ 2774.592239]  ctx_resched+0x2b9/0x3a0
[ 2774.592740]  __perf_install_in_context+0x285/0xa40
[ 2774.593440]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 2774.594168]  ? ctx_resched+0x3a0/0x3a0
[ 2774.594688]  remote_function+0x125/0x1b0
[ 2774.595233]  flush_smp_call_function_queue+0x1df/0x610
[ 2774.595955]  ? perf_duration_warn+0x40/0x40
[ 2774.596559]  __sysvec_call_function_single+0x92/0x3a0
[ 2774.597422]  sysvec_call_function_single+0x89/0xc0
[ 2774.598120]  </IRQ>
[ 2774.598437]  <TASK>
[ 2774.598743]  asm_sysvec_call_function_single+0x12/0x20
[ 2774.599478] RIP: 0010:stack_trace_consume_entry+0xe8/0x160
[ 2774.600255] Code: 48 b8 00 00 00 00 00 fc ff df 48 89 ea 48 c1 ea 03 80 3c 02 00 75 5c 48 89 75 00 8b 43 08 39 43 10 0f 92 c0 48 83 c4 08 5b 5d <c3> 83 e8 01 89 43 0c 48 83 c4 08 b8 01 00 00 00 5b 5d c3 48 89 34
[ 2774.602808] RSP: 0018:ffff888015d8f940 EFLAGS: 00000296
[ 2774.603561] RAX: 0000000000000001 RBX: ffffffff813286e0 RCX: 0000000000000000
[ 2774.604563] RDX: 1ffff11002bb1f5a RSI: ffffffff8420007c RDI: ffff888015d8fa1c
[ 2774.605639] RBP: ffff888015d8f9e0 R08: ffffffff85fee9ec R09: ffffffff85fee9f0
[ 2774.606618] R10: ffffed1002bb1f36 R11: 000000000003403b R12: ffff888015d8fa10
[ 2774.607594] R13: 0000000000000000 R14: ffff88800fa4b580 R15: 0000000000000cc0
[ 2774.608607]  ? create_prof_cpu_mask+0x20/0x20
[ 2774.609279]  ? entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2774.610012]  arch_stack_walk+0x73/0xf0
[ 2774.610581]  ? entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2774.611330]  stack_trace_save+0x8c/0xc0
[ 2774.611879]  ? filter_irq_stacks+0x90/0x90
[ 2774.612457]  ? __lock_acquire+0x164e/0x6120
[ 2774.613063]  kasan_save_stack+0x1e/0x40
[ 2774.613681]  ? kasan_save_stack+0x1e/0x40
[ 2774.614262]  ? __kasan_slab_alloc+0x66/0x80
[ 2774.614854]  ? kmem_cache_alloc+0x1aa/0x480
[ 2774.615457]  ? getname_flags.part.0+0x50/0x4f0
[ 2774.616076]  ? getname_flags+0x9a/0xe0
[ 2774.616618]  ? user_path_at_empty+0x2b/0x60
[ 2774.617260]  ? do_utimes_path+0xd9/0x1a0
[ 2774.617830]  ? do_utimes+0x31/0xf0
[ 2774.618334]  ? __x64_sys_utimensat+0x190/0x250
[ 2774.618988]  ? do_syscall_64+0x3b/0x90
[ 2774.619527]  ? entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2774.620256]  ? lockdep_hardirqs_on_prepare+0x400/0x400
[ 2774.621004]  ? lock_is_held_type+0xd7/0x130
[ 2774.621667]  ? find_held_lock+0x2c/0x110
[ 2774.622242]  ? lock_release+0x3b2/0x6f0
[ 2774.622801]  ? kmem_cache_alloc+0x43/0x480
[ 2774.623396]  ? lock_is_held_type+0xd7/0x130
[ 2774.623998]  ? kasan_unpoison+0x23/0x50
[ 2774.624555]  __kasan_slab_alloc+0x66/0x80
[ 2774.625133]  kmem_cache_alloc+0x1aa/0x480
[ 2774.625741]  getname_flags.part.0+0x50/0x4f0
[ 2774.626398]  getname_flags+0x9a/0xe0
[ 2774.626947]  user_path_at_empty+0x2b/0x60
[ 2774.627554]  do_utimes_path+0xd9/0x1a0
[ 2774.628099]  ? vfs_utimes+0x7f0/0x7f0
[ 2774.628644]  ? __seccomp_filter+0x5ab/0x1070
[ 2774.629368]  ? __do_sys_newfstat+0x95/0x100
[ 2774.630021]  ? __ia32_sys_fstat+0x70/0x70
[ 2774.630578]  do_utimes+0x31/0xf0
[ 2774.631034]  __x64_sys_utimensat+0x190/0x250
[ 2774.631648]  ? __ia32_sys_utimes_time32+0x70/0x70
[ 2774.632347]  ? __secure_computing+0x195/0x2f0
[ 2774.633042]  do_syscall_64+0x3b/0x90
[ 2774.633670]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2774.634379] RIP: 0033:0x7fe025b8eb2f
[ 2774.634894] Code: 44 00 00 48 8b 15 61 a3 0c 00 f7 d8 64 89 02 b8 ff ff ff ff c3 66 0f 1f 44 00 00 41 89 ca 48 85 f6 74 2a b8 18 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 09 c3 0f 1f 84 00 00 00 00 00 48 8b 15 29 a3
[ 2774.637657] RSP: 002b:00007fff3f1cb978 EFLAGS: 00000202 ORIG_RAX: 0000000000000118
[ 2774.638716] RAX: ffffffffffffffda RBX: 00007fe0256da6c0 RCX: 00007fe025b8eb2f
[ 2774.639700] RDX: 0000000000000000 RSI: 00007fff3f1cb980 RDI: 00000000ffffff9c
[ 2774.640790] RBP: 000000000000000f R08: 0000000000000001 R09: 0000000000000000
[ 2774.641844] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000000
[ 2774.642842] R13: 00007fff3f1cb980 R14: 00000000ffffffff R15: 00007fff3f1cba08
[ 2774.643851]  </TASK>
09:03:02 executing program 6:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{&(0x7f0000000040)=""/35, 0x23}, {0x0}, {&(0x7f0000000300)=""/165, 0xa5}], 0x3, 0x4000000, 0x0)

[ 2774.875599] Call Trace:
[ 2774.876064]  <IRQ>
[ 2774.876365]  x86_pmu_stop+0x149/0x330
[ 2774.876888]  x86_pmu_del+0x1be/0x610
[ 2774.877452]  event_sched_out+0x2ed/0xe80
[ 2774.878013]  __perf_remove_from_context+0x87/0xbe0
[ 2774.878693]  event_function+0x297/0x3d0
[ 2774.879248]  ? perf_uprobe_event_init+0x1c0/0x1c0
[ 2774.879899]  remote_function+0x125/0x1b0
[ 2774.880471]  flush_smp_call_function_queue+0x1df/0x610
[ 2774.881228]  ? perf_duration_warn+0x40/0x40
[ 2774.881846]  __sysvec_call_function_single+0x92/0x3a0
[ 2774.882567]  sysvec_call_function_single+0x89/0xc0
[ 2774.883230]  </IRQ>
[ 2774.883535]  <TASK>
[ 2774.883866]  asm_sysvec_call_function_single+0x12/0x20
[ 2774.884560] RIP: 0010:__stack_depot_save+0x99/0x450
[ 2774.885436] Code: 12 89 c6 8d 3c 85 7b 71 f5 75 83 f8 03 0f 86 cf 01 00 00 89 fb 89 f8 4c 89 f1 44 8b 01 03 59 08 83 ee 03 48 83 c1 0c 03 41 f8 <41> 29 d8 41 01 f8 89 df 01 c3 c1 c7 04 44 31 c7 29 f8 41 89 c0 89
[ 2774.888000] RSP: 0018:ffff888008127a20 EFLAGS: 00000293
[ 2774.888731] RAX: 00000000be755c98 RBX: 00000000b6082f4e RCX: ffff888008127a9c
[ 2774.889744] RDX: 000000000000000b RSI: 000000000000000d RDI: 00000000208b1323
[ 2774.890736] RBP: ffff888008064280 R08: 0000000081816e61 R09: 0000000000000000
[ 2774.891732] R10: 0000000000000001 R11: 0000000000000001 R12: 0000000000000001
[ 2774.892710] R13: 0000000000000cc0 R14: ffff888008127a78 R15: 000000000000000b
[ 2774.893759]  kasan_save_stack+0x2e/0x40
[ 2774.894298]  ? kasan_save_stack+0x1e/0x40
[ 2774.894871]  ? __kasan_slab_alloc+0x66/0x80
[ 2774.895468]  ? kmem_cache_alloc_lru+0x240/0x7c0
[ 2774.896110]  ? __d_alloc+0x31/0x990
[ 2774.896629]  ? d_alloc_pseudo+0x19/0x70
[ 2774.897179]  ? alloc_file_pseudo+0xce/0x250
[ 2774.897759]  ? create_pipe_files+0x404/0x890
[ 2774.898350]  ? do_pipe2+0x96/0x1b0
[ 2774.898820]  ? __x64_sys_pipe2+0x50/0x70
[ 2774.899371]  ? do_syscall_64+0x3b/0x90
[ 2774.899860]  ? entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2774.900563]  ? xas_find_conflict+0x9e0/0x9e0
[ 2774.901261]  ? lock_is_held_type+0xd7/0x130
[ 2774.901861]  ? find_held_lock+0x2c/0x110
[ 2774.902436]  ? lock_release+0x3b2/0x6f0
[ 2774.902999]  ? obj_cgroup_charge+0x226/0x6a0
[ 2774.903604]  ? lock_downgrade+0x6d0/0x6d0
[ 2774.904170]  ? obj_cgroup_charge+0x247/0x6a0
[ 2774.904783]  ? lockdep_hardirqs_on+0x79/0x100
[ 2774.905442]  ? kasan_unpoison+0x23/0x50
[ 2774.905991]  __kasan_slab_alloc+0x66/0x80
[ 2774.906556]  kmem_cache_alloc_lru+0x240/0x7c0
[ 2774.907178]  ? __d_alloc+0x31/0x990
[ 2774.907690]  __d_alloc+0x31/0x990
[ 2774.908168]  d_alloc_pseudo+0x19/0x70
[ 2774.908685]  alloc_file_pseudo+0xce/0x250
[ 2774.909365]  ? alloc_file+0x580/0x580
[ 2774.909889]  ? file_remove_privs+0x5b0/0x5b0
[ 2774.910502]  ? alloc_pipe_info+0x3a9/0x580
[ 2774.911129]  create_pipe_files+0x404/0x890
[ 2774.911735]  do_pipe2+0x96/0x1b0
[ 2774.912230]  ? create_pipe_files+0x890/0x890
[ 2774.912864]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2774.913638]  __x64_sys_pipe2+0x50/0x70
[ 2774.914243]  do_syscall_64+0x3b/0x90
[ 2774.914826]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2774.915561] RIP: 0033:0x7f2d5a1bb807
[ 2774.916065] Code: 73 01 c3 48 8b 0d 89 e6 0c 00 f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 25 01 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 59 e6 0c 00 f7 d8 64 89 01 48
[ 2774.918894] RSP: 002b:00007ffd1035c6e8 EFLAGS: 00000286 ORIG_RAX: 0000000000000125
[ 2774.920008] RAX: ffffffffffffffda RBX: 000055df7c79d230 RCX: 00007f2d5a1bb807
[ 2774.920974] RDX: 0000000000000000 RSI: 0000000000080800 RDI: 000055df7c79d7b0
[ 2774.922009] RBP: 000055df7a1c2120 R08: 0000000000000ad6 R09: 00007ffd103ee080
[ 2774.923079] R10: 00007ffd103ee090 R11: 0000000000000286 R12: 0000000000000000
[ 2774.924230] R13: 000055df7c8612e0 R14: 0000000000000005 R15: 00007ffd1035c738
[ 2774.925295]  </TASK>
09:03:18 executing program 1:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{&(0x7f0000000040)=""/35, 0x23}, {0x0, 0x2}, {&(0x7f0000000300)=""/165, 0xa5}], 0x3, 0x3f000000, 0x0)

09:03:18 executing program 6:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{&(0x7f0000000040)=""/35, 0x23}, {0x0}, {&(0x7f0000000300)=""/165, 0xa5}], 0x3, 0x5000000, 0x0)

09:03:18 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, 0x0)
sendmsg$unix(0xffffffffffffffff, 0x0, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
pwritev(r0, &(0x7f0000000640)=[{&(0x7f00000002c0)="19", 0x1}], 0x1, 0x8000000, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0)
r2 = socket$inet6(0xa, 0x1, 0x0)
bind$inet6(r2, &(0x7f00000002c0)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c)
recvfrom(r2, &(0x7f00000003c0)=""/87, 0x20010397, 0x300, 0x0, 0x0)
sendfile(r2, r1, 0x0, 0xfffffdef)
readv(0xffffffffffffffff, &(0x7f0000000040), 0x0)
ioctl$KDSKBMODE(r0, 0x4b45, &(0x7f00000000c0)=0x3)
openat$cgroup_freezer_state(0xffffffffffffffff, 0x0, 0x2, 0x0)
close(0xffffffffffffffff)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000001540), 0xffffffffffffffff)
sendmsg$NL80211_CMD_STOP_AP(r3, &(0x7f0000001600)={0x0, 0x0, &(0x7f00000015c0)={&(0x7f0000001580)={0x1c, 0x0, 0x1, 0x0, 0x25dfdbfd, {{}, {@val={0x8}, @void}}}, 0x1c}}, 0x0)
getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000000040), &(0x7f0000000080)=0xc)
syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x2200)

09:03:18 executing program 2:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(0x0, r0)
sendmsg$NLBL_MGMT_C_ADD(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)={0x4c, r1, 0x1, 0x0, 0x0, {}, [@NLBL_MGMT_A_DOMAIN={0x6, 0x1, '%\x00'}, @NLBL_MGMT_A_IPV6ADDR={0x14, 0x5, @local}, @NLBL_MGMT_A_IPV6MASK={0x14, 0x6, @mcast1}, @NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x5}]}, 0x4c}, 0x1, 0x700000000000000}, 0x0)

09:03:18 executing program 0:
perf_event_open$cgroup(&(0x7f0000000c00)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x1016, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

09:03:18 executing program 3:
socketpair$unix(0x1, 0x5, 0x0, 0x0)
sendmsg$unix(0xffffffffffffffff, 0x0, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
pwritev(r0, &(0x7f0000000640)=[{&(0x7f00000002c0)="19", 0x1}], 0x1, 0x8000000, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0)
r2 = socket$inet6(0xa, 0x1, 0x0)
bind$inet6(r2, &(0x7f00000002c0)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c)
recvfrom(r2, &(0x7f00000003c0)=""/87, 0x20010397, 0x300, 0x0, 0x0)
sendfile(r2, r1, 0x0, 0xfffffdef)
readv(0xffffffffffffffff, &(0x7f0000000040), 0x0)
openat$cgroup_freezer_state(0xffffffffffffffff, 0x0, 0x2, 0x0)
close(0xffffffffffffffff)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000001540), 0xffffffffffffffff)
sendmsg$NL80211_CMD_STOP_AP(r3, &(0x7f0000001600)={0x0, 0x0, &(0x7f00000015c0)={&(0x7f0000001580)=ANY=[@ANYBLOB="1c000000", @ANYRES16=0x0, @ANYBLOB="1700000000090000ff0000", @ANYRES32=0x0, @ANYBLOB], 0x1c}}, 0x0)
getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000000040), &(0x7f0000000080)=0xc)
syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x2200)

09:03:18 executing program 7:
openat$sndseq(0xffffffffffffff9c, 0x0, 0x0)
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{0x0}, {&(0x7f0000000300)=""/165, 0xa5}], 0x2, 0x7ffff000, 0x0)

[ 2790.530502] Call Trace:
[ 2790.531004]  <TASK>
[ 2790.531321]  ? x86_pmu_start+0x1c0/0x240
[ 2790.531907]  x86_pmu_enable+0x580/0xd90
[ 2790.532492]  ? amd_pmu_disable_virt+0xa0/0xa0
[ 2790.533150]  ctx_resched+0x2b9/0x3a0
[ 2790.533728]  __perf_install_in_context+0x285/0xa40
[ 2790.534464]  ? ctx_resched+0x3a0/0x3a0
09:03:18 executing program 5:
socketpair$unix(0x1, 0x5, 0x0, 0x0)
sendmsg$unix(0xffffffffffffffff, 0x0, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
pwritev(r0, &(0x7f0000000640)=[{&(0x7f00000002c0)="19", 0x1}], 0x1, 0x8000000, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0)
r2 = socket$inet6(0xa, 0x1, 0x0)
bind$inet6(r2, &(0x7f00000002c0)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c)
recvfrom(r2, &(0x7f00000003c0)=""/87, 0x20010397, 0x300, 0x0, 0x0)
sendfile(r2, r1, 0x0, 0xfffffdef)
readv(0xffffffffffffffff, &(0x7f0000000040), 0x0)
openat$cgroup_freezer_state(0xffffffffffffffff, 0x0, 0x2, 0x0)
close(0xffffffffffffffff)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000001540), 0xffffffffffffffff)
sendmsg$NL80211_CMD_STOP_AP(r3, &(0x7f0000001600)={0x0, 0x0, &(0x7f00000015c0)={&(0x7f0000001580)={0x1c, 0x0, 0x1, 0x0, 0x0, {{}, {@val={0x8}, @void}}}, 0x1c}}, 0x0)
getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000000040)={0x0, 0x0, <r4=>0x0}, &(0x7f0000000080)=0xc)
syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x2200)
r5 = getegid()
fsetxattr$system_posix_acl(r1, &(0x7f00000000c0)='system.posix_acl_access\x00', &(0x7f0000000140)={{}, {0x1, 0x4}, [{0x2, 0x2}], {0x4, 0x7}, [{0x8, 0x6}, {0x8, 0x0, r4}, {}, {}, {0x8, 0x3, r5}, {0x8, 0x0, r4}, {0x8, 0x1, r4}, {0x8, 0x4, r4}], {0x10, 0x2}, {0x20, 0x2}}, 0x6c, 0x3)

[ 2790.535016]  remote_function+0x125/0x1b0
[ 2790.535818]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 2790.536579]  ? perf_duration_warn+0x40/0x40
[ 2790.537194]  generic_exec_single+0x203/0x300
[ 2790.538126]  smp_call_function_single+0x189/0x460
[ 2790.538791]  ? perf_duration_warn+0x40/0x40
[ 2790.539374]  ? generic_exec_single+0x300/0x300
[ 2790.540031]  ? perf_duration_warn+0x40/0x40
[ 2790.540669]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 2790.541510]  ? lock_is_held_type+0xd7/0x130
[ 2790.542128]  perf_install_in_context+0x4da/0x590
[ 2790.542817]  ? list_add_event+0xeb0/0xeb0
[ 2790.543395]  ? ctx_resched+0x3a0/0x3a0
[ 2790.543930]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 2790.544674]  ? exclusive_event_installable+0x254/0x320
[ 2790.545440]  __do_sys_perf_event_open+0x1bf0/0x3040
[ 2790.546124]  ? __up_read+0x192/0x710
[ 2790.546690]  ? perf_remove_from_context+0x260/0x260
[ 2790.547427]  ? up_write+0x460/0x460
[ 2790.547927]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2790.548672]  do_syscall_64+0x3b/0x90
[ 2790.549205]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2790.550010] RIP: 0033:0x7f750a357b19
[ 2790.550519] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2790.553057] RSP: 002b:00007f75078cd188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a
[ 2790.554124] RAX: ffffffffffffffda RBX: 00007f750a46af60 RCX: 00007f750a357b19
[ 2790.555086] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000c00
[ 2790.556113] RBP: 00007f750a3b1f6d R08: 0000000000000000 R09: 0000000000000000
[ 2790.557091] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000000
[ 2790.558114] R13: 00007ffc8fa2e86f R14: 00007f75078cd300 R15: 0000000000022000
[ 2790.559124]  </TASK>
09:03:18 executing program 2:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(0x0, r0)
sendmsg$NLBL_MGMT_C_ADD(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)={0x4c, r1, 0x1, 0x0, 0x0, {}, [@NLBL_MGMT_A_DOMAIN={0x6, 0x1, '%\x00'}, @NLBL_MGMT_A_IPV6ADDR={0x14, 0x5, @local}, @NLBL_MGMT_A_IPV6MASK={0x14, 0x6, @mcast1}, @NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x5}]}, 0x4c}, 0x1, 0x700000000000000}, 0x0)

[ 2790.601894] Call Trace:
[ 2790.602333]  <IRQ>
[ 2790.602614]  x86_pmu_stop+0x149/0x330
[ 2790.603160]  x86_pmu_del+0x1be/0x610
[ 2790.603681]  event_sched_out+0x2ed/0xe80
[ 2790.604242]  __perf_remove_from_context+0x87/0xbe0
[ 2790.604941]  event_function+0x297/0x3d0
[ 2790.605530]  ? perf_uprobe_event_init+0x1c0/0x1c0
[ 2790.606171]  remote_function+0x125/0x1b0
[ 2790.606716]  flush_smp_call_function_queue+0x1df/0x610
[ 2790.607425]  ? perf_duration_warn+0x40/0x40
[ 2790.608025]  __sysvec_call_function_single+0x92/0x3a0
[ 2790.608786]  sysvec_call_function_single+0x89/0xc0
[ 2790.609514]  </IRQ>
[ 2790.609835]  <TASK>
[ 2790.610144]  asm_sysvec_call_function_single+0x12/0x20
[ 2790.610894] RIP: 0010:__sanitizer_cov_trace_pc+0x1c/0x60
[ 2790.611680] Code: be a8 01 00 00 e8 b4 ff ff ff 31 c0 c3 90 65 8b 05 b9 b5 be 7e 89 c1 48 8b 34 24 81 e1 00 01 00 00 65 48 8b 14 25 40 6f 02 00 <a9> 00 01 ff 00 74 0e 85 c9 74 35 8b 82 64 14 00 00 85 c0 74 2b 8b
[ 2790.614338] RSP: 0018:ffff88801b55fbb8 EFLAGS: 00000246
[ 2790.615065] RAX: 0000000080000000 RBX: 0000000000000040 RCX: 0000000000000000
[ 2790.616054] RDX: ffff888008ae5040 RSI: ffffffff817f3bcc RDI: 0000000000000003
[ 2790.617032] RBP: ffff88801b55fc58 R08: 0000000000000000 R09: 000000000000002e
[ 2790.618064] R10: ffffffff817f3bbd R11: 000000000000002f R12: ffff88801b55fd00
[ 2790.619066] R13: 000000000000002e R14: ffffffff85014600 R15: 0000000000000000
[ 2790.620064]  ? path_init+0x74d/0x17b0
[ 2790.620619]  ? path_init+0x75c/0x17b0
[ 2790.621161]  path_init+0x75c/0x17b0
[ 2790.621701]  ? __is_insn_slot_addr+0x144/0x250
[ 2790.622349]  ? lockdep_hardirqs_on_prepare+0x400/0x400
[ 2790.623094]  ? filename_lookup+0x92/0x590
[ 2790.623681]  path_lookupat+0x30/0x850
[ 2790.624220]  ? lock_is_held_type+0xd7/0x130
[ 2790.624861]  filename_lookup+0x1c6/0x590
[ 2790.625500]  ? lock_release+0x3b2/0x6f0
[ 2790.626064]  ? may_linkat+0x500/0x500
[ 2790.626616]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[ 2790.627410]  ? __sanitizer_cov_trace_cmp8+0x1d/0x70
[ 2790.628099]  ? __check_object_size+0x1b5/0x4e0
[ 2790.628740]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[ 2790.629574]  ? strncpy_from_user+0x204/0x3d0
[ 2790.630200]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 2790.630978]  ? getname_flags.part.0+0x1dd/0x4f0
[ 2790.631646]  user_path_at_empty+0x42/0x60
[ 2790.632226]  __x64_sys_umount+0xf8/0x180
[ 2790.632799]  ? __ia32_sys_oldumount+0xf0/0xf0
[ 2790.633501]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2790.634214]  do_syscall_64+0x3b/0x90
[ 2790.634726]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2790.635438] RIP: 0033:0x7faa53ee8f87
[ 2790.635985] Code: ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2790.638655] RSP: 002b:00007ffd1c598538 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[ 2790.639780] RAX: ffffffffffffffda RBX: 0000000000000431 RCX: 00007faa53ee8f87
[ 2790.640780] RDX: 00007ffd1c598610 RSI: 000000000000000a RDI: 00007ffd1c598600
[ 2790.641814] RBP: 00007ffd1c598600 R08: 00000000ffffffff R09: 00007ffd1c5983d0
[ 2790.642816] R10: 0000555555d27c7b R11: 0000000000000246 R12: 00007faa53f41105
[ 2790.643818] R13: 00007ffd1c5996c0 R14: 0000555555d27c20 R15: 00007ffd1c599700
[ 2790.644868]  </TASK>
09:03:18 executing program 1:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{&(0x7f0000000040)=""/35, 0x23}, {0x0, 0x2}, {&(0x7f0000000300)=""/165, 0xa5}], 0x3, 0x48000000, 0x0)

09:03:18 executing program 6:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{&(0x7f0000000040)=""/35, 0x23}, {0x0}, {&(0x7f0000000300)=""/165, 0xa5}], 0x3, 0x6000000, 0x0)

09:03:18 executing program 7:
openat$sndseq(0xffffffffffffff9c, 0x0, 0x0)
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{0x0}, {&(0x7f0000000300)=""/165, 0xa5}], 0x2, 0xa5000000, 0x0)

09:03:19 executing program 2:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(0x0, r0)
sendmsg$NLBL_MGMT_C_ADD(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)={0x4c, r1, 0x1, 0x0, 0x0, {}, [@NLBL_MGMT_A_DOMAIN={0x6, 0x1, '%\x00'}, @NLBL_MGMT_A_IPV6ADDR={0x14, 0x5, @local}, @NLBL_MGMT_A_IPV6MASK={0x14, 0x6, @mcast1}, @NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x5}]}, 0x4c}, 0x1, 0x700000000000000}, 0x0)

[ 2790.781710] Call Trace:
[ 2790.782131]  <IRQ>
[ 2790.782416]  ? x86_pmu_start+0x1c0/0x240
[ 2790.782970]  x86_pmu_enable+0x580/0xd90
[ 2790.783506]  ? amd_pmu_disable_virt+0xa0/0xa0
[ 2790.784116]  ctx_resched+0x2b9/0x3a0
[ 2790.784619]  __perf_install_in_context+0x285/0xa40
[ 2790.785283]  ? ctx_resched+0x3a0/0x3a0
[ 2790.785859]  remote_function+0x125/0x1b0
[ 2790.786427]  flush_smp_call_function_queue+0x1df/0x610
[ 2790.787169]  ? perf_duration_warn+0x40/0x40
[ 2790.787764]  __sysvec_call_function_single+0x92/0x3a0
[ 2790.788446]  sysvec_call_function_single+0x89/0xc0
[ 2790.789124]  </IRQ>
[ 2790.789468]  <TASK>
[ 2790.789769]  asm_sysvec_call_function_single+0x12/0x20
[ 2790.790503] RIP: 0010:lock_is_held_type+0xf8/0x130
[ 2790.791227] Code: 80 b3 66 84 e8 59 09 00 00 b8 ff ff ff ff 65 0f c1 05 84 87 f0 7b 83 f8 01 75 22 48 f7 04 24 00 02 00 00 74 01 fb 48 83 c4 08 <44> 89 e8 5b 5d 41 5c 41 5d 41 5e 41 5f c3 45 31 ed eb c0 0f 0b 48
[ 2790.793777] RSP: 0018:ffff888015d8f960 EFLAGS: 00000296
[ 2790.794495] RAX: 0000000000000001 RBX: 0000000000000000 RCX: 0000000000000001
[ 2790.795447] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000
[ 2790.796389] RBP: ffffffff85201d00 R08: 0000000000000000 R09: ffffffff858dbcd7
[ 2790.797333] R10: fffffbfff0b1b79a R11: 0000000000000001 R12: ffff88800fa4b580
[ 2790.798302] R13: 0000000000000000 R14: 00000000ffffffff R15: 0000000000000000
[ 2790.799268]  rcu_read_lock_sched_held+0x3a/0x70
[ 2790.799910]  lock_acquire+0x41c/0x4d0
[ 2790.800453]  ? lock_release+0x6f0/0x6f0
[ 2790.801012]  ? __is_insn_slot_addr+0x122/0x250
[ 2790.801700]  ? lock_downgrade+0x6d0/0x6d0
[ 2790.802263]  ? entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2790.802963]  __is_insn_slot_addr+0x3d/0x250
[ 2790.803527]  ? __free_insn_slot+0x520/0x520
[ 2790.804108]  kernel_text_address+0x53/0xb0
[ 2790.804691]  __kernel_text_address+0x9/0x30
[ 2790.805310]  unwind_get_return_address+0x51/0x90
[ 2790.805972]  ? create_prof_cpu_mask+0x20/0x20
[ 2790.806576]  arch_stack_walk+0x99/0xf0
[ 2790.807136]  stack_trace_save+0x8c/0xc0
[ 2790.807688]  ? filter_irq_stacks+0x90/0x90
[ 2790.808257]  ? security_file_free+0xaa/0xd0
[ 2790.808840]  ? syscall_exit_to_user_mode+0x19/0x50
[ 2790.809516]  ? do_syscall_64+0x48/0x90
[ 2790.810072]  ? entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2790.810805]  ? lockdep_hardirqs_on_prepare+0x400/0x400
[ 2790.811497]  kasan_save_stack+0x1e/0x40
[ 2790.812070]  ? kasan_save_stack+0x1e/0x40
[ 2790.812629]  ? __kasan_record_aux_stack+0x97/0xa0
[ 2790.813269]  ? call_rcu+0x6a/0xa20
[ 2790.813793]  ? task_work_run+0xe2/0x1a0
[ 2790.814336]  ? exit_to_user_mode_prepare+0x199/0x1a0
[ 2790.815015]  ? syscall_exit_to_user_mode+0x19/0x50
[ 2790.815666]  ? do_syscall_64+0x48/0x90
[ 2790.816198]  ? entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2790.816928]  ? lock_is_held_type+0xd7/0x130
[ 2790.817544]  ? find_held_lock+0x2c/0x110
[ 2790.818085]  ? lock_release+0x3b2/0x6f0
[ 2790.818612]  ? __delete_object+0xb3/0x100
[ 2790.819176]  ? kasan_quarantine_put+0x87/0x1e0
[ 2790.819799]  ? security_file_free+0xaa/0xd0
[ 2790.820370]  ? lockdep_hardirqs_on+0x79/0x100
[ 2790.821023]  ? kasan_quarantine_put+0x87/0x1e0
[ 2790.821709]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 2790.822469]  ? percpu_counter_add_batch+0xb4/0x170
[ 2790.823170]  __kasan_record_aux_stack+0x97/0xa0
[ 2790.823786]  ? proc_nr_files+0x60/0x60
[ 2790.824360]  call_rcu+0x6a/0xa20
[ 2790.824869]  task_work_run+0xe2/0x1a0
[ 2790.825455]  exit_to_user_mode_prepare+0x199/0x1a0
[ 2790.826151]  syscall_exit_to_user_mode+0x19/0x50
[ 2790.826885]  do_syscall_64+0x48/0x90
[ 2790.827432]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2790.828168] RIP: 0033:0x7fe025c730f3
[ 2790.828698] Code: 8b 15 d9 9e 00 00 f7 d8 64 89 02 48 c7 c0 ff ff ff ff eb b7 0f 1f 00 64 8b 04 25 18 00 00 00 85 c0 75 14 b8 03 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 45 c3 0f 1f 40 00 48 83 ec 18 89 7c 24 0c e8
[ 2790.831318] RSP: 002b:00007fff3f1cb558 EFLAGS: 00000246 ORIG_RAX: 0000000000000003
[ 2790.832399] RAX: 0000000000000000 RBX: 00007fe0256da6c0 RCX: 00007fe025c730f3
[ 2790.833451] RDX: 00007fff3f1cb4c8 RSI: 0000000000000000 RDI: 0000000000000013
[ 2790.834525] RBP: 0000000000000013 R08: 000055a0d7836530 R09: 006c617574726976
[ 2790.835513] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 2790.836537] R13: 0000000000000012 R14: 0000000000000012 R15: 000055a0d786fff1
[ 2790.837601]  </TASK>
09:03:19 executing program 6:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{&(0x7f0000000040)=""/35, 0x23}, {0x0}, {&(0x7f0000000300)=""/165, 0xa5}], 0x3, 0x7000000, 0x0)

09:03:19 executing program 2:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$NLBL_MGMT_C_ADD(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)={0x4c, r1, 0x1, 0x0, 0x0, {}, [@NLBL_MGMT_A_DOMAIN={0x6, 0x1, '%\x00'}, @NLBL_MGMT_A_IPV6ADDR={0x14, 0x5, @local}, @NLBL_MGMT_A_IPV6MASK={0x14, 0x6, @mcast1}, @NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x5}]}, 0x4c}, 0x1, 0x700000000000000}, 0x0)

09:03:19 executing program 7:
openat$sndseq(0xffffffffffffff9c, 0x0, 0x0)
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{0x0}, {&(0x7f0000000300)=""/165, 0xa5}], 0x2, 0xbf000000, 0x0)

09:03:19 executing program 1:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{&(0x7f0000000040)=""/35, 0x23}, {0x0, 0x2}, {&(0x7f0000000300)=""/165, 0xa5}], 0x3, 0x4c000000, 0x0)

09:03:19 executing program 6:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{&(0x7f0000000040)=""/35, 0x23}, {0x0}, {&(0x7f0000000300)=""/165, 0xa5}], 0x3, 0xa000000, 0x0)

[ 2790.994532] Call Trace:
[ 2790.994975]  <TASK>
[ 2790.995276]  x86_pmu_stop+0x149/0x330
[ 2790.995803]  x86_pmu_del+0x1be/0x610
[ 2790.996310]  event_sched_out+0x2ed/0xe80
[ 2790.996861]  __perf_remove_from_context+0x87/0xbe0
[ 2790.997680]  event_function+0x297/0x3d0
[ 2790.998376]  ? perf_uprobe_event_init+0x1c0/0x1c0
[ 2790.999209]  remote_function+0x125/0x1b0
[ 2790.999815]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 2791.000585]  ? perf_duration_warn+0x40/0x40
[ 2791.001232]  generic_exec_single+0x203/0x300
[ 2791.001937]  smp_call_function_single+0x189/0x460
[ 2791.002634]  ? perf_duration_warn+0x40/0x40
[ 2791.003255]  ? generic_exec_single+0x300/0x300
[ 2791.003885]  ? perf_duration_warn+0x40/0x40
[ 2791.004565]  ? lock_is_held_type+0xd7/0x130
[ 2791.005305]  event_function_call+0x3d0/0x430
[ 2791.006066]  ? perf_group_detach+0x11b0/0x11b0
[ 2791.006728]  ? perf_copy_attr+0x9c0/0x9c0
[ 2791.007308]  ? lock_release+0x3b2/0x6f0
[ 2791.007857]  ? perf_group_detach+0x11b0/0x11b0
[ 2791.008482]  ? perf_uprobe_event_init+0x1c0/0x1c0
[ 2791.009134]  ? _raw_spin_unlock_irq+0x1f/0x40
[ 2791.009780]  perf_remove_from_context+0x12e/0x260
[ 2791.010446]  perf_event_release_kernel+0x153/0x7f0
[ 2791.011105]  ? lock_is_held_type+0xd7/0x130
[ 2791.011733]  ? perf_pmu_migrate_context+0xae0/0xae0
[ 2791.012450]  ? lock_is_held_type+0xd7/0x130
[ 2791.013100]  perf_release+0x33/0x40
[ 2791.013674]  __fput+0x272/0x9d0
[ 2791.014138]  ? perf_event_release_kernel+0x7f0/0x7f0
[ 2791.014900]  task_work_run+0xe2/0x1a0
[ 2791.015444]  exit_to_user_mode_prepare+0x199/0x1a0
[ 2791.016130]  syscall_exit_to_user_mode+0x19/0x50
[ 2791.016827]  do_syscall_64+0x48/0x90
[ 2791.017356]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2791.018085] RIP: 0033:0x7f750a30a72b
[ 2791.018630] Code: 0f 05 48 3d 00 f0 ff ff 77 45 c3 0f 1f 40 00 48 83 ec 18 89 7c 24 0c e8 63 fc ff ff 8b 7c 24 0c 41 89 c0 b8 03 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 35 44 89 c7 89 44 24 0c e8 a1 fc ff ff 8b 44
[ 2791.021144] RSP: 002b:00007ffc8fa2e8d0 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[ 2791.022286] RAX: 0000000000000000 RBX: 0000000000000004 RCX: 00007f750a30a72b
[ 2791.023292] RDX: 00007f750a46fa68 RSI: 0000000000000080 RDI: 0000000000000003
[ 2791.024315] RBP: 0000000000000000 R08: 0000000000000000 R09: 00007f750a46fa70
[ 2791.025284] R10: 00007ffc8fa2e9c0 R11: 0000000000000293 R12: 00000000002a95e0
[ 2791.026290] R13: 00000000000003e8 R14: 00007f750a46af60 R15: 00000000002a9408
[ 2791.027261]  </TASK>
09:03:34 executing program 3:
socketpair$unix(0x1, 0x5, 0x0, 0x0)
sendmsg$unix(0xffffffffffffffff, 0x0, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
pwritev(r0, &(0x7f0000000640)=[{&(0x7f00000002c0)="19", 0x1}], 0x1, 0x8000000, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0)
r2 = socket$inet6(0xa, 0x1, 0x0)
bind$inet6(r2, &(0x7f00000002c0)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c)
recvfrom(r2, &(0x7f00000003c0)=""/87, 0x20010397, 0x300, 0x0, 0x0)
sendfile(r2, r1, 0x0, 0xfffffdef)
readv(0xffffffffffffffff, &(0x7f0000000040), 0x0)
openat$cgroup_freezer_state(0xffffffffffffffff, 0x0, 0x2, 0x0)
close(0xffffffffffffffff)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000001540), 0xffffffffffffffff)
sendmsg$NL80211_CMD_STOP_AP(r3, &(0x7f0000001600)={0x0, 0x0, &(0x7f00000015c0)={&(0x7f0000001580)=ANY=[@ANYBLOB="1c000000", @ANYRES16=0x0, @ANYBLOB="1700000000090000ff0000", @ANYRES32=0x0, @ANYBLOB], 0x1c}}, 0x0)
getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000000040), &(0x7f0000000080)=0xc)
syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x2200)

09:03:34 executing program 7:
openat$sndseq(0xffffffffffffff9c, 0x0, 0x0)
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{0x0}, {&(0x7f0000000300)=""/165, 0xa5}], 0x2, 0xffffff7f, 0x0)

09:03:34 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, 0x0)
sendmsg$unix(0xffffffffffffffff, 0x0, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
pwritev(r0, &(0x7f0000000640)=[{&(0x7f00000002c0)="19", 0x1}], 0x1, 0x8000000, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0)
r2 = socket$inet6(0xa, 0x1, 0x0)
bind$inet6(r2, &(0x7f00000002c0)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c)
recvfrom(r2, &(0x7f00000003c0)=""/87, 0x20010397, 0x300, 0x0, 0x0)
sendfile(r2, r1, 0x0, 0xfffffdef)
readv(0xffffffffffffffff, &(0x7f0000000040), 0x0)
ioctl$KDSKBMODE(r0, 0x4b45, &(0x7f00000000c0)=0x3)
openat$cgroup_freezer_state(0xffffffffffffffff, 0x0, 0x2, 0x0)
close(0xffffffffffffffff)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000001540), 0xffffffffffffffff)
sendmsg$NL80211_CMD_STOP_AP(r3, &(0x7f0000001600)={0x0, 0x0, &(0x7f00000015c0)={&(0x7f0000001580)={0x1c, 0x0, 0x1, 0x0, 0x25dfdbfd, {{}, {@val={0x8}, @void}}}, 0x1c}}, 0x0)
getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000000040), &(0x7f0000000080)=0xc)
syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x2200)

09:03:34 executing program 2:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$NLBL_MGMT_C_ADD(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)={0x4c, r1, 0x1, 0x0, 0x0, {}, [@NLBL_MGMT_A_DOMAIN={0x6, 0x1, '%\x00'}, @NLBL_MGMT_A_IPV6ADDR={0x14, 0x5, @local}, @NLBL_MGMT_A_IPV6MASK={0x14, 0x6, @mcast1}, @NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x5}]}, 0x4c}, 0x1, 0x700000000000000}, 0x0)

09:03:34 executing program 6:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{&(0x7f0000000040)=""/35, 0x23}, {0x0}, {&(0x7f0000000300)=""/165, 0xa5}], 0x3, 0x3f000000, 0x0)

09:03:34 executing program 0:
perf_event_open$cgroup(&(0x7f0000000c00)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x1017, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

09:03:34 executing program 1:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{&(0x7f0000000040)=""/35, 0x23}, {0x0, 0x2}, {&(0x7f0000000300)=""/165, 0xa5}], 0x3, 0x68000000, 0x0)

09:03:34 executing program 5:
socketpair$unix(0x1, 0x5, 0x0, 0x0)
sendmsg$unix(0xffffffffffffffff, 0x0, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
pwritev(r0, &(0x7f0000000640)=[{&(0x7f00000002c0)="19", 0x1}], 0x1, 0x8000000, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0)
r2 = socket$inet6(0xa, 0x1, 0x0)
bind$inet6(r2, &(0x7f00000002c0)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c)
recvfrom(r2, &(0x7f00000003c0)=""/87, 0x20010397, 0x300, 0x0, 0x0)
sendfile(r2, r1, 0x0, 0x80000000)
readv(r0, &(0x7f0000000200)=[{&(0x7f0000000cc0)=""/207, 0xcf}, {&(0x7f0000000bc0)=""/244, 0xf4}], 0x2)
recvfrom(r2, &(0x7f00000000c0)=""/21, 0x15, 0x40, &(0x7f0000000140)=@ethernet={0x6, @broadcast}, 0x80)
openat$cgroup_freezer_state(0xffffffffffffffff, 0x0, 0x2, 0x0)
close(0xffffffffffffffff)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f00000001c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000280)={&(0x7f0000000880)=ANY=[@ANYBLOB="8c010000e2c5c1e44f17ac480d90eca54d3386ecb236be2ec0e1fff82e03d9358f5645ec60dfdf738a4bed231ccb3db86950428e47c17b6a483d3e1b1f3104d368e572136c4289d33d6a21ecf9d61cc5580df30f163ded249968e897cd6034bda34490ce85e31ba034ea758b8c", @ANYRES16=0x0, @ANYBLOB="08002dbd7000ffdbdf253b0000005f013300b02400000802110000000802110000015050505050509400000001005900ddcbd91a6bd75a68700f7e026f0560fc76c1c4e031639882243e1fbd3238b254a98e2b285c5551968a0a37d5587d91d2461b6a19b24d7958306af3e2217c0a71b18e6caf974d93e4443570209e803f16c2a24d5b6888a188a752fc07fe045210ef049a1b5a2471fea9f7d14b673c77c307b7b727d7feaa4c78861a266b52d3506fdfc0e336f6314f734b81261f747774db6dc03404a3db93dc862052fde786b779c89418e51e8abf69db62dd080a9b7f0df1516a0cd6ae135434a56419b126525ef9a27e0d5d20692884250501dd6e068548009ba320796082ed41fc4489836f8fb351578d9c3264e1f2cf1ae650e93c71acb6ac6583f4e02df4c4f63b980d417f6531ae1746270103a008c01a614060059d6a24dd5f2ec0feff2a81250d56dccf650ccac8ab510305e648353ca7387309797d15ed9855f903d7f4ef8f0008005700930000000a00cd00042d05000000000004006c00"], 0x18c}, 0x1, 0x0, 0x0, 0x11}, 0x40000)
sendmsg$NL80211_CMD_STOP_AP(r3, &(0x7f0000001600)={0x0, 0x0, &(0x7f00000015c0)={&(0x7f0000000440)=ANY=[@ANYBLOB="1c000000", @ANYRES16=0x0, @ANYBLOB="012000000000000000001000000008000300", @ANYRES32=0x0, @ANYBLOB="fe23fbf5cc23676c726a0d7183efc1711b048f949ada9c744fefe9b71e1f6a9cb62180c6c8cc6b900a7188d4578eefab7fb608f5df59a347e99648b881e1a82878096f851e60eb51ec9143036279ccbc1936fa7d94a69e3d4839f2c8e2cc69dfbf0e65bb4f32c0abfcb0bffc076018c3654e31f7a86b1d933990a661518e3c5a3eee25aecf"], 0x1c}}, 0x0)
getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000000040), &(0x7f0000000080)=0xc)
syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x2200)

[ 2806.554125] Call Trace:
[ 2806.554532]  <IRQ>
[ 2806.554822]  ? x86_pmu_start+0x1c0/0x240
[ 2806.555373]  x86_pmu_enable+0x580/0xd90
[ 2806.555908]  ? amd_pmu_disable_virt+0xa0/0xa0
[ 2806.556519]  ctx_resched+0x2b9/0x3a0
[ 2806.557020]  __perf_install_in_context+0x285/0xa40
[ 2806.557693]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 2806.558416]  ? ctx_resched+0x3a0/0x3a0
[ 2806.558932]  remote_function+0x125/0x1b0
[ 2806.559481]  flush_smp_call_function_queue+0x1df/0x610
[ 2806.560179]  ? perf_duration_warn+0x40/0x40
[ 2806.560769]  __sysvec_call_function_single+0x92/0x3a0
[ 2806.561457]  sysvec_call_function_single+0x89/0xc0
[ 2806.562098]  </IRQ>
[ 2806.562392]  <TASK>
[ 2806.562677]  asm_sysvec_call_function_single+0x12/0x20
[ 2806.563396] RIP: 0010:__sanitizer_cov_trace_pc+0x37/0x60
[ 2806.564149] Code: 81 e1 00 01 00 00 65 48 8b 14 25 40 6f 02 00 a9 00 01 ff 00 74 0e 85 c9 74 35 8b 82 64 14 00 00 85 c0 74 2b 8b 82 40 14 00 00 <83> f8 02 75 20 48 8b 8a 48 14 00 00 8b 92 44 14 00 00 48 8b 01 48
[ 2806.566588] RSP: 0018:ffff88802089f7f0 EFLAGS: 00000246
[ 2806.567306] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000
[ 2806.568253] RDX: ffff88801b598000 RSI: ffffffff81685ac6 RDI: 0000000000000003
[ 2806.569199] RBP: ffff88800f03da20 R08: 0000000000000000 R09: ffff88800f03da23
[ 2806.570189] R10: ffffffff81685f03 R11: 0000000000000001 R12: 0000000000000000
[ 2806.571136] R13: 0000000000000000 R14: ffff8880186dd0c0 R15: dffffc0000000000
[ 2806.572117]  ? copy_page_range+0x12e3/0x3ed0
[ 2806.572724]  ? copy_page_range+0xea6/0x3ed0
[ 2806.573305]  copy_page_range+0xea6/0x3ed0
[ 2806.573934]  ? vm_iomap_memory+0x190/0x190
[ 2806.574516]  ? down_write+0xde/0x150
[ 2806.575019]  ? __sanitizer_cov_trace_cmp8+0x1d/0x70
[ 2806.575688]  ? __vma_link_rb+0x540/0x700
[ 2806.576243]  dup_mm+0x961/0x1250
[ 2806.576708]  ? replace_mm_exe_file+0x490/0x490
[ 2806.577297]  ? __raw_spin_lock_init+0x36/0x110
[ 2806.577938]  copy_process+0x6946/0x6d60
[ 2806.578479]  ? lock_is_held_type+0xd7/0x130
[ 2806.579113]  ? __cleanup_sighand+0xb0/0xb0
[ 2806.579714]  ? do_raw_spin_unlock+0x4f/0x210
[ 2806.580310]  ? _raw_spin_unlock+0x24/0x40
[ 2806.580871]  ? do_wp_page+0x28d/0x24d0
[ 2806.581388]  ? kernel_clone+0x2f8/0xa60
[ 2806.581948]  kernel_clone+0xe7/0xa60
[ 2806.582448]  ? __handle_mm_fault+0x9f3/0x35c0
[ 2806.583067]  ? create_io_thread+0xf0/0xf0
[ 2806.583635]  ? lock_is_held_type+0xd7/0x130
[ 2806.584233]  ? lock_is_held_type+0xd7/0x130
[ 2806.584827]  ? find_held_lock+0x2c/0x110
[ 2806.585370]  ? lock_release+0x3b2/0x6f0
[ 2806.585928]  __do_sys_clone+0xc8/0x110
[ 2806.586449]  ? __do_sys_vfork+0xd0/0xd0
[ 2806.586997]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2806.587693]  do_syscall_64+0x3b/0x90
[ 2806.588193]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2806.588877] RIP: 0033:0x7f40f402d10b
[ 2806.589368] Code: ed 0f 85 60 01 00 00 64 4c 8b 0c 25 10 00 00 00 45 31 c0 4d 8d 91 d0 02 00 00 31 d2 31 f6 bf 11 00 20 01 b8 38 00 00 00 0f 05 <48> 3d 00 f0 ff ff 0f 87 89 00 00 00 41 89 c5 85 c0 0f 85 90 00 00
[ 2806.591816] RSP: 002b:00007ffe1d720680 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[ 2806.592833] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f40f402d10b
[ 2806.593853] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011
[ 2806.594827] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000555555c88400
[ 2806.595788] R10: 0000555555c886d0 R11: 0000000000000246 R12: 0000000000000001
[ 2806.596727] R13: 0000000000000001 R14: 0000000000000001 R15: 00007ffe1d720760
[ 2806.597729]  </TASK>
[ 2806.658612] Call Trace:
[ 2806.659010]  <IRQ>
[ 2806.659297]  x86_pmu_stop+0x149/0x330
[ 2806.659799]  x86_pmu_del+0x1be/0x610
[ 2806.660290]  event_sched_out+0x2ed/0xe80
[ 2806.660835]  __perf_remove_from_context+0x87/0xbe0
[ 2806.661480]  event_function+0x297/0x3d0
[ 2806.662042]  ? perf_uprobe_event_init+0x1c0/0x1c0
[ 2806.662675]  remote_function+0x125/0x1b0
[ 2806.663219]  flush_smp_call_function_queue+0x1df/0x610
[ 2806.663910]  ? perf_duration_warn+0x40/0x40
[ 2806.664489]  __sysvec_call_function_single+0x92/0x3a0
[ 2806.665171]  sysvec_call_function_single+0x89/0xc0
[ 2806.665830]  </IRQ>
[ 2806.666121]  <TASK>
[ 2806.666422]  asm_sysvec_call_function_single+0x12/0x20
[ 2806.667143] RIP: 0010:kasan_check_range+0x171/0x1e0
[ 2806.667829] Code: 0b 48 89 da 48 29 c2 e9 28 ff ff ff 48 89 d0 49 39 c2 75 96 4c 89 c8 49 0f be 12 83 e0 07 48 39 d0 7d 87 41 bb 01 00 00 00 5b <5d> 44 89 d8 41 5c c3 48 85 d2 74 ed 48 01 ea eb 09 48 83 c0 01 48
[ 2806.670298] RSP: 0018:ffff88804676f708 EFLAGS: 00000246
[ 2806.671026] RAX: fffff940001c2f5f RBX: 0000000000000000 RCX: ffffffff816c42b8
[ 2806.671997] RDX: fffff940001c2f5f RSI: 0000000000000004 RDI: ffffea0000e17af0
[ 2806.672973] RBP: fffff940001c2f5e R08: 0000000000000001 R09: ffffea0000e17af3
[ 2806.673959] R10: fffff940001c2f5e R11: 0000000000000001 R12: 0000000000000000
[ 2806.674947] R13: ffff88802090b900 R14: 0000000000000001 R15: ffff88804676fa28
[ 2806.675926]  ? page_remove_rmap+0x208/0x490
[ 2806.676530]  page_remove_rmap+0x208/0x490
[ 2806.677084]  unmap_page_range+0x10eb/0x2680
[ 2806.677705]  ? vm_normal_page+0x2e0/0x2e0
[ 2806.678265]  ? lock_release+0x3b2/0x6f0
[ 2806.678811]  ? lock_downgrade+0x6d0/0x6d0
[ 2806.679359]  ? uprobe_munmap+0x1c/0x560
[ 2806.679874]  unmap_single_vma+0x198/0x310
[ 2806.680428]  unmap_vmas+0x16b/0x2f0
[ 2806.680919]  ? lock_downgrade+0x6d0/0x6d0
[ 2806.681484]  ? unmap_mapping_range+0x280/0x280
[ 2806.682164]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 2806.682920]  exit_mmap+0x192/0x460
[ 2806.683405]  ? do_munmap+0x40/0x40
[ 2806.683920]  ? delayed_uprobe_remove+0x27/0x230
[ 2806.684574]  mmput+0xc8/0x380
[ 2806.685009]  do_exit+0xa0a/0x27e0
[ 2806.685483]  ? find_held_lock+0x2c/0x110
[ 2806.686040]  ? lock_release+0x3b2/0x6f0
[ 2806.686575]  ? mm_update_next_owner+0x7d0/0x7d0
[ 2806.687193]  ? lock_downgrade+0x6d0/0x6d0
[ 2806.687759]  ? lock_is_held_type+0xd7/0x130
[ 2806.688347]  do_group_exit+0xd2/0x2f0
[ 2806.688849]  get_signal+0x2303/0x2350
[ 2806.689356]  ? signal_setup_done+0x520/0x520
[ 2806.689966]  arch_do_signal_or_restart+0x88/0x1a40
[ 2806.690610]  ? do_futex+0x136/0x380
[ 2806.691099]  ? __ia32_compat_sys_get_robust_list+0x3b0/0x3b0
[ 2806.691889]  ? get_sigframe_size+0x10/0x10
[ 2806.692466]  ? __x64_sys_futex+0x1c6/0x4c0
[ 2806.693029]  ? __x64_sys_openat+0x13f/0x1f0
[ 2806.693616]  ? __x64_sys_futex_time32+0x480/0x480
[ 2806.694309]  exit_to_user_mode_prepare+0x131/0x1a0
[ 2806.694962]  syscall_exit_to_user_mode+0x19/0x50
[ 2806.695607]  do_syscall_64+0x48/0x90
[ 2806.696115]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2806.696826] RIP: 0033:0x7f457d3e8b19
[ 2806.697315] Code: Unable to access opcode bytes at RIP 0x7f457d3e8aef.
[ 2806.698231] RSP: 002b:00007f457a95e218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 2806.699235] RAX: fffffffffffffe00 RBX: 00007f457d4fbf68 RCX: 00007f457d3e8b19
[ 2806.700156] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f457d4fbf68
[ 2806.701097] RBP: 00007f457d4fbf60 R08: 0000000000000000 R09: 0000000000000000
[ 2806.702131] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f457d4fbf6c
[ 2806.703096] R13: 00007ffd0244841f R14: 00007f457a95e300 R15: 0000000000022000
[ 2806.704070]  </TASK>
09:03:34 executing program 2:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$NLBL_MGMT_C_ADD(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)={0x4c, r1, 0x1, 0x0, 0x0, {}, [@NLBL_MGMT_A_DOMAIN={0x6, 0x1, '%\x00'}, @NLBL_MGMT_A_IPV6ADDR={0x14, 0x5, @local}, @NLBL_MGMT_A_IPV6MASK={0x14, 0x6, @mcast1}, @NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x5}]}, 0x4c}, 0x1, 0x700000000000000}, 0x0)

09:03:35 executing program 6:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{&(0x7f0000000040)=""/35, 0x23}, {0x0}, {&(0x7f0000000300)=""/165, 0xa5}], 0x3, 0x48000000, 0x0)

09:03:35 executing program 1:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{&(0x7f0000000040)=""/35, 0x23}, {0x0, 0x2}, {&(0x7f0000000300)=""/165, 0xa5}], 0x3, 0x6c000000, 0x0)

09:03:35 executing program 2:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000080), r0)
sendmsg$NLBL_MGMT_C_ADD(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)={0x4c, r1, 0x1, 0x0, 0x0, {}, [@NLBL_MGMT_A_DOMAIN={0x6, 0x1, '%\x00'}, @NLBL_MGMT_A_IPV6ADDR={0x14, 0x5, @local}, @NLBL_MGMT_A_IPV6MASK={0x14, 0x6, @mcast1}, @NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x5}]}, 0x4c}, 0x1, 0x700000000000000}, 0x0)

[ 2806.803880] Call Trace:
[ 2806.804338]  <TASK>
[ 2806.804654]  ? x86_pmu_start+0x1c0/0x240
[ 2806.805228]  x86_pmu_enable+0x580/0xd90
[ 2806.805824]  ? amd_pmu_disable_virt+0xa0/0xa0
[ 2806.806465]  ctx_resched+0x2b9/0x3a0
[ 2806.806997]  __perf_install_in_context+0x285/0xa40
[ 2806.807673]  ? ctx_resched+0x3a0/0x3a0
[ 2806.808210]  remote_function+0x125/0x1b0
[ 2806.808786]  flush_smp_call_function_queue+0x1df/0x610
[ 2806.809547]  ? perf_duration_warn+0x40/0x40
[ 2806.810201]  __sysvec_call_function_single+0x92/0x3a0
[ 2806.811051]  sysvec_call_function_single+0x3b/0xc0
[ 2806.811751]  ? asm_sysvec_call_function_single+0xa/0x20
[ 2806.812536]  asm_sysvec_call_function_single+0x12/0x20
[ 2806.813327] RIP: 0033:0x7f7e5482a9cd
[ 2806.813847] Code: 48 39 cf 72 2f 48 83 e8 08 48 39 d1 73 14 0f 1f 80 00 00 00 00 48 8b 50 f8 48 83 e8 08 48 39 ca 77 f3 48 39 c3 73 3e 48 89 13 <48> 8b 50 f8 48 89 38 49 8b 0e 48 8b 3e 48 83 c3 08 48 83 c6 08 eb
[ 2806.816537] RSP: 002b:00007fffa39f8e60 EFLAGS: 00000283
[ 2806.817291] RAX: 00007f7e541f8500 RBX: 00007f7e541f8370 RCX: ffffffff814a8a49
[ 2806.818372] RDX: ffffffff814a8a49 RSI: 00007f7e541f8378 RDI: ffffffff814a8d77
[ 2806.819392] RBP: 00007f7e541f71c8 R08: 00007f7e541fa4a0 R09: 0000001b2e132f58
[ 2806.820410] R10: 0000000000000f41 R11: 0000000055a7af45 R12: 00007f7e541f71c0
[ 2806.821432] R13: 00007f7e541f8370 R14: 00007f7e541f71b8 R15: 0000000000000016
[ 2806.822482]  ? trace_hardirqs_on+0x9/0x190
[ 2806.823130]  ? trace_hardirqs_on+0x9/0x190
[ 2806.823714]  ? trace_hardirqs_off_finish+0x7/0x230
[ 2806.824373]  </TASK>
09:03:35 executing program 1:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{&(0x7f0000000040)=""/35, 0x23}, {0x0, 0x2}, {&(0x7f0000000300)=""/165, 0xa5}], 0x3, 0x74000000, 0x0)

09:03:35 executing program 2:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000080), r0)
sendmsg$NLBL_MGMT_C_ADD(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)={0x4c, r1, 0x1, 0x0, 0x0, {}, [@NLBL_MGMT_A_DOMAIN={0x6, 0x1, '%\x00'}, @NLBL_MGMT_A_IPV6ADDR={0x14, 0x5, @local}, @NLBL_MGMT_A_IPV6MASK={0x14, 0x6, @mcast1}, @NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x5}]}, 0x4c}, 0x1, 0x700000000000000}, 0x0)

[ 2806.885459] Call Trace:
[ 2806.885854]  <IRQ>
[ 2806.886137]  x86_pmu_stop+0x149/0x330
[ 2806.886661]  x86_pmu_del+0x1be/0x610
[ 2806.887188]  event_sched_out+0x2ed/0xe80
[ 2806.887761]  __perf_remove_from_context+0x87/0xbe0
[ 2806.888446]  event_function+0x297/0x3d0
[ 2806.888981]  ? perf_uprobe_event_init+0x1c0/0x1c0
[ 2806.889628]  remote_function+0x125/0x1b0
[ 2806.890230]  flush_smp_call_function_queue+0x1df/0x610
[ 2806.890938]  ? perf_duration_warn+0x40/0x40
[ 2806.891542]  __sysvec_call_function_single+0x92/0x3a0
[ 2806.892241]  sysvec_call_function_single+0x89/0xc0
[ 2806.892923]  </IRQ>
[ 2806.893218]  <TASK>
[ 2806.893525]  asm_sysvec_call_function_single+0x12/0x20
[ 2806.894286] RIP: 0010:finish_task_switch.isra.0+0x230/0x870
[ 2806.895060] Code: 89 f7 48 c7 03 00 00 00 00 e8 8c 9b 20 03 4d 85 e4 75 ba 4c 89 f7 e8 6f 3e f4 02 e8 7a ed 2a 00 fb 65 48 8b 1c 25 40 6f 02 00 <48> 8d bb 40 14 00 00 48 b8 00 00 00 00 00 fc ff df 48 89 fa 48 c1
[ 2806.897462] RSP: 0018:ffff888040d078b8 EFLAGS: 00000202
[ 2806.898220] RAX: 0000000000000b5d RBX: ffff88804670d040 RCX: ffffffff81283e5f
[ 2806.899176] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000
[ 2806.900155] RBP: ffff888040d078f8 R08: 0000000000000001 R09: ffffffff86a3e7af
[ 2806.901107] R10: fffffbfff0d47cf5 R11: 0000000000000001 R12: 0000000000000001
[ 2806.902113] R13: ffff88801b598000 R14: ffff88806ce37dc0 R15: ffff88806ce37dd8
[ 2806.903082]  ? mark_lock.part.0+0xef/0x2f60
[ 2806.903672]  ? finish_task_switch.isra.0+0x226/0x870
[ 2806.904366]  __schedule+0x895/0x2450
[ 2806.904881]  ? io_schedule_timeout+0x140/0x140
[ 2806.905484]  ? lock_is_held_type+0xd7/0x130
[ 2806.906077]  ? __cond_resched+0x13/0x20
[ 2806.906617]  preempt_schedule_common+0x45/0xc0
[ 2806.907233]  __cond_resched+0x13/0x20
[ 2806.907759]  unmap_page_range+0x129c/0x2680
[ 2806.908367]  ? vm_normal_page+0x2e0/0x2e0
[ 2806.908936]  ? lock_release+0x3b2/0x6f0
[ 2806.909454]  ? lock_downgrade+0x6d0/0x6d0
[ 2806.910041]  ? uprobe_munmap+0x1c/0x560
[ 2806.910560]  unmap_single_vma+0x198/0x310
[ 2806.911124]  unmap_vmas+0x16b/0x2f0
[ 2806.911618]  ? lock_downgrade+0x6d0/0x6d0
[ 2806.912199]  ? unmap_mapping_range+0x280/0x280
[ 2806.912840]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 2806.913576]  exit_mmap+0x192/0x460
[ 2806.914083]  ? do_munmap+0x40/0x40
[ 2806.914581]  ? delayed_uprobe_remove+0x27/0x230
[ 2806.915189]  mmput+0xc8/0x380
[ 2806.915614]  do_exit+0xa0a/0x27e0
[ 2806.916053]  ? lock_release+0x3b2/0x6f0
[ 2806.916559]  ? do_group_exit+0x1c0/0x2f0
[ 2806.917085]  ? lock_downgrade+0x6d0/0x6d0
[ 2806.917688]  ? mm_update_next_owner+0x7d0/0x7d0
[ 2806.918335]  ? _raw_spin_unlock_irq+0x1f/0x40
[ 2806.918933]  do_group_exit+0xd2/0x2f0
[ 2806.919455]  __x64_sys_exit_group+0x3a/0x50
[ 2806.920031]  do_syscall_64+0x3b/0x90
[ 2806.920535]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2806.921214] RIP: 0033:0x7f40f402eb19
[ 2806.921732] Code: Unable to access opcode bytes at RIP 0x7f40f402eaef.
[ 2806.922606] RSP: 002b:00007ffe1d720678 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7
[ 2806.923589] RAX: ffffffffffffffda RBX: 000000000000001e RCX: 00007f40f402eb19
[ 2806.924533] RDX: 00007f40f3fe172b RSI: ffffffffffffffbc RDI: 0000000000000000
[ 2806.925465] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000001
[ 2806.926409] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2806.927366] R13: 0000000000000001 R14: 0000000000000001 R15: 00007ffe1d720760
[ 2806.928353]  </TASK>
09:03:35 executing program 1:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{&(0x7f0000000040)=""/35, 0x23}, {0x0, 0x2}, {&(0x7f0000000300)=""/165, 0xa5}], 0x3, 0x7a000000, 0x0)

09:03:50 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, 0x0)
sendmsg$unix(0xffffffffffffffff, 0x0, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
pwritev(r0, &(0x7f0000000640)=[{&(0x7f00000002c0)="19", 0x1}], 0x1, 0x8000000, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0)
r2 = socket$inet6(0xa, 0x1, 0x0)
bind$inet6(r2, &(0x7f00000002c0)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c)
recvfrom(r2, &(0x7f00000003c0)=""/87, 0x20010397, 0x300, 0x0, 0x0)
sendfile(r2, r1, 0x0, 0x80000000)
readv(r0, &(0x7f0000000200)=[{&(0x7f0000000cc0)=""/207, 0xcf}, {&(0x7f0000000bc0)=""/244, 0xf4}], 0x2)
recvfrom(r2, &(0x7f00000000c0)=""/21, 0x15, 0x40, &(0x7f0000000140)=@ethernet={0x6, @broadcast}, 0x80)
openat$cgroup_freezer_state(0xffffffffffffffff, 0x0, 0x2, 0x0)
close(0xffffffffffffffff)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f00000001c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000280)={&(0x7f0000000880)=ANY=[@ANYBLOB="8c010000e2c5c1e44f17ac480d90eca54d3386ecb236be2ec0e1fff82e03d9358f5645ec60dfdf738a4bed231ccb3db86950428e47c17b6a483d3e1b1f3104d368e572136c4289d33d6a21ecf9d61cc5580df30f163ded249968e897cd6034bda34490ce85e31ba034ea758b8c", @ANYRES16=0x0, @ANYBLOB="08002dbd7000ffdbdf253b0000005f013300b02400000802110000000802110000015050505050509400000001005900ddcbd91a6bd75a68700f7e026f0560fc76c1c4e031639882243e1fbd3238b254a98e2b285c5551968a0a37d5587d91d2461b6a19b24d7958306af3e2217c0a71b18e6caf974d93e4443570209e803f16c2a24d5b6888a188a752fc07fe045210ef049a1b5a2471fea9f7d14b673c77c307b7b727d7feaa4c78861a266b52d3506fdfc0e336f6314f734b81261f747774db6dc03404a3db93dc862052fde786b779c89418e51e8abf69db62dd080a9b7f0df1516a0cd6ae135434a56419b126525ef9a27e0d5d20692884250501dd6e068548009ba320796082ed41fc4489836f8fb351578d9c3264e1f2cf1ae650e93c71acb6ac6583f4e02df4c4f63b980d417f6531ae1746270103a008c01a614060059d6a24dd5f2ec0feff2a81250d56dccf650ccac8ab510305e648353ca7387309797d15ed9855f903d7f4ef8f0008005700930000000a00cd00042d05000000000004006c00"], 0x18c}, 0x1, 0x0, 0x0, 0x11}, 0x40000)
sendmsg$NL80211_CMD_STOP_AP(r3, &(0x7f0000001600)={0x0, 0x0, &(0x7f00000015c0)={&(0x7f0000000440)=ANY=[@ANYBLOB="1c000000", @ANYRES16=0x0, @ANYBLOB="012000000000000000001000000008000300", @ANYRES32=0x0, @ANYBLOB="fe23fbf5cc23676c726a0d7183efc1711b048f949ada9c744fefe9b71e1f6a9cb62180c6c8cc6b900a7188d4578eefab7fb608f5df59a347e99648b881e1a82878096f851e60eb51ec9143036279ccbc1936fa7d94a69e3d4839f2c8e2cc69dfbf0e65bb4f32c0abfcb0bffc076018c3654e31f7a86b1d933990a661518e3c5a3eee25aecf"], 0x1c}}, 0x0)
getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000000040), &(0x7f0000000080)=0xc)
syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x2200)

09:03:50 executing program 2:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000080), r0)
sendmsg$NLBL_MGMT_C_ADD(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)={0x4c, r1, 0x1, 0x0, 0x0, {}, [@NLBL_MGMT_A_DOMAIN={0x6, 0x1, '%\x00'}, @NLBL_MGMT_A_IPV6ADDR={0x14, 0x5, @local}, @NLBL_MGMT_A_IPV6MASK={0x14, 0x6, @mcast1}, @NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x5}]}, 0x4c}, 0x1, 0x700000000000000}, 0x0)

09:03:50 executing program 5:
socketpair$unix(0x1, 0x5, 0x0, 0x0)
sendmsg$unix(0xffffffffffffffff, 0x0, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
pwritev(r0, &(0x7f0000000640), 0x0, 0x8000000, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0)
r2 = socket$inet6(0xa, 0x1, 0x0)
bind$inet6(r2, &(0x7f00000002c0)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c)
recvfrom(r2, &(0x7f00000003c0)=""/87, 0x20010397, 0x300, 0x0, 0x0)
sendfile(r2, r1, 0x0, 0xfffffdef)
readv(0xffffffffffffffff, &(0x7f0000000040), 0x0)
openat$cgroup_freezer_state(0xffffffffffffffff, 0x0, 0x2, 0x0)
close(0xffffffffffffffff)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000001540), 0xffffffffffffffff)
sendmsg$NL80211_CMD_STOP_AP(r3, &(0x7f0000001600)={0x0, 0x0, &(0x7f00000015c0)={&(0x7f0000001580)={0x1c, 0x0, 0x1, 0x0, 0x0, {{}, {@val={0x8}, @void}}}, 0x1c}}, 0x0)
getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000000040), &(0x7f0000000080)=0xc)
syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x2200)
sendmsg$NL80211_CMD_STOP_AP(0xffffffffffffffff, &(0x7f0000001600)={0x0, 0x0, &(0x7f00000015c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="1c000000", @ANYRES16=0x0, @ANYBLOB="010000000000000000001000000008000300", @ANYRES32=0x0, @ANYBLOB="d953a6391fe5907ebb8027406acfb66b4f1707a110da38836120e4d106e898edee115e36e2053435389d0cd84e5e13ca1931f080a6e640a0aac95531bbd73e9ab139c9340c0345be10d93e8f38bb1ac9080060e0307a6711e9810f3dfedf2ff81f73498fa8a76895b34f"], 0x1c}}, 0x0)
fcntl$setflags(0xffffffffffffffff, 0x2, 0x1)

09:03:50 executing program 0:
perf_event_open$cgroup(&(0x7f0000000c00)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x1018, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

09:03:50 executing program 7:
openat$sndseq(0xffffffffffffff9c, 0x0, 0x0)
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{0x0}, {&(0x7f0000000300)=""/165, 0xa5}], 0x2, 0x0, 0x0)

09:03:50 executing program 1:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{&(0x7f0000000040)=""/35, 0x23}, {0x0, 0x2}, {&(0x7f0000000300)=""/165, 0xa5}], 0x3, 0xbf000000, 0x0)

09:03:50 executing program 6:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{&(0x7f0000000040)=""/35, 0x23}, {0x0}, {&(0x7f0000000300)=""/165, 0xa5}], 0x3, 0x4c000000, 0x0)

09:03:50 executing program 3:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{&(0x7f0000000040)=""/35, 0x23}, {0x0, 0x2}, {&(0x7f0000000300)=""/165, 0xa5}], 0x3, 0x7a000000, 0x0)

[ 2822.395190] Call Trace:
[ 2822.395690]  <IRQ>
[ 2822.395979]  ? x86_pmu_start+0x1c0/0x240
[ 2822.396529]  x86_pmu_enable+0x580/0xd90
[ 2822.397065]  ? amd_pmu_disable_virt+0xa0/0xa0
[ 2822.397688]  ctx_resched+0x2b9/0x3a0
[ 2822.398227]  __perf_install_in_context+0x285/0xa40
[ 2822.398907]  ? ctx_resched+0x3a0/0x3a0
[ 2822.399442]  remote_function+0x125/0x1b0
[ 2822.400012]  flush_smp_call_function_queue+0x1df/0x610
[ 2822.400750]  ? perf_duration_warn+0x40/0x40
[ 2822.401315]  __sysvec_call_function_single+0x92/0x3a0
[ 2822.402049]  sysvec_call_function_single+0x89/0xc0
[ 2822.402722]  </IRQ>
[ 2822.403026]  <TASK>
[ 2822.403329]  asm_sysvec_call_function_single+0x12/0x20
[ 2822.404035] RIP: 0010:lock_acquire+0x116/0x4d0
[ 2822.404658] Code: 7c 03 00 00 8b 0d 76 e6 64 04 85 c9 0f 84 d3 00 00 00 65 8b 05 03 92 d9 7e 85 c0 0f 85 09 01 00 00 65 48 8b 14 25 40 6f 02 00 <48> 8d ba a4 09 00 00 48 b8 00 00 00 00 00 fc ff df 48 89 f9 48 c1
[ 2822.407130] RSP: 0018:ffff8880463375d8 EFLAGS: 00000246
[ 2822.407848] RAX: 0000000000000000 RBX: 1ffff11008c66ebd RCX: 0000000000000001
[ 2822.408837] RDX: ffff888017b71ac0 RSI: 0000000000000002 RDI: 0000000000000000
[ 2822.409820] RBP: 0000000000000000 R08: 0000000000000000 R09: ffffffff858dbcd7
[ 2822.410792] R10: fffffbfff0b1b79a R11: 0000000000000001 R12: 0000000000000002
[ 2822.411741] R13: 0000000000000000 R14: ffffffff85201dc0 R15: 0000000000000000
[ 2822.412712]  ? lock_acquire+0x41c/0x4d0
[ 2822.413265]  ? lock_release+0x6f0/0x6f0
[ 2822.413803]  ? lock_is_held_type+0xd7/0x130
[ 2822.414430]  ? find_held_lock+0x2c/0x110
[ 2822.414997]  ? lock_release+0x3b2/0x6f0
[ 2822.415531]  ? unlock_page_memcg+0xbe/0x230
[ 2822.416115]  ? lock_downgrade+0x6d0/0x6d0
[ 2822.416674]  folio_memcg_lock+0x3a/0x490
[ 2822.417228]  ? mem_cgroup_get_oom_group+0x400/0x400
[ 2822.417938]  ? __pte_alloc_kernel+0x1c0/0x1c0
[ 2822.418555]  page_remove_rmap+0x1e/0x490
[ 2822.419077]  unmap_page_range+0x10eb/0x2680
[ 2822.419676]  ? vm_normal_page+0x2e0/0x2e0
[ 2822.420220]  ? lock_release+0x3b2/0x6f0
[ 2822.420761]  ? lock_downgrade+0x6d0/0x6d0
[ 2822.421306]  ? uprobe_munmap+0x1c/0x560
[ 2822.421826]  unmap_single_vma+0x198/0x310
[ 2822.422424]  unmap_vmas+0x16b/0x2f0
[ 2822.422884]  ? lock_downgrade+0x6d0/0x6d0
[ 2822.423416]  ? unmap_mapping_range+0x280/0x280
[ 2822.424026]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 2822.424744]  exit_mmap+0x192/0x460
[ 2822.425210]  ? do_munmap+0x40/0x40
[ 2822.425712]  ? delayed_uprobe_remove+0x27/0x230
[ 2822.426367]  mmput+0xc8/0x380
[ 2822.426793]  do_exit+0xa0a/0x27e0
[ 2822.427256]  ? find_held_lock+0x2c/0x110
[ 2822.427801]  ? lock_release+0x3b2/0x6f0
[ 2822.428327]  ? mm_update_next_owner+0x7d0/0x7d0
[ 2822.428929]  ? lock_downgrade+0x6d0/0x6d0
[ 2822.429469]  ? lock_is_held_type+0xd7/0x130
[ 2822.430071]  do_group_exit+0xd2/0x2f0
[ 2822.430570]  get_signal+0x2303/0x2350
[ 2822.431073]  ? wake_up_q+0x8b/0xf0
[ 2822.431549]  ? signal_setup_done+0x520/0x520
[ 2822.432128]  arch_do_signal_or_restart+0x88/0x1a40
[ 2822.432783]  ? do_futex+0x136/0x380
[ 2822.433260]  ? __ia32_compat_sys_get_robust_list+0x3b0/0x3b0
[ 2822.434069]  ? get_sigframe_size+0x10/0x10
[ 2822.434620]  ? sockfd_lookup_light+0xc3/0x170
[ 2822.435220]  ? __x64_sys_futex+0x1c6/0x4c0
[ 2822.435786]  ? __x64_sys_futex_time32+0x480/0x480
[ 2822.436433]  exit_to_user_mode_prepare+0x131/0x1a0
[ 2822.437065]  syscall_exit_to_user_mode+0x19/0x50
[ 2822.437681]  do_syscall_64+0x48/0x90
[ 2822.438201]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2822.438856] RIP: 0033:0x7f928d323b19
[ 2822.439331] Code: Unable to access opcode bytes at RIP 0x7f928d323aef.
[ 2822.440198] RSP: 002b:00007f928a899218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 2822.441209] RAX: fffffffffffffe00 RBX: 00007f928d436f68 RCX: 00007f928d323b19
[ 2822.442278] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f928d436f68
[ 2822.443265] RBP: 00007f928d436f60 R08: 0000000000000000 R09: 0000000000000000
[ 2822.444368] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f928d436f6c
[ 2822.445319] R13: 00007ffe916ec8df R14: 00007f928a899300 R15: 0000000000022000
[ 2822.446427]  </TASK>
[ 2822.481968] Call Trace:
[ 2822.482399]  <TASK>
[ 2822.482703]  x86_pmu_stop+0x149/0x330
[ 2822.483229]  x86_pmu_del+0x1be/0x610
[ 2822.483758]  event_sched_out+0x2ed/0xe80
[ 2822.484341]  __perf_remove_from_context+0x87/0xbe0
[ 2822.485043]  event_function+0x297/0x3d0
[ 2822.485572]  ? perf_uprobe_event_init+0x1c0/0x1c0
[ 2822.486242]  remote_function+0x125/0x1b0
[ 2822.486776]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 2822.487481]  ? perf_duration_warn+0x40/0x40
[ 2822.488071]  generic_exec_single+0x203/0x300
[ 2822.488683]  smp_call_function_single+0x189/0x460
[ 2822.489333]  ? perf_duration_warn+0x40/0x40
[ 2822.489951]  ? generic_exec_single+0x300/0x300
[ 2822.490580]  ? perf_duration_warn+0x40/0x40
[ 2822.491186]  ? lock_is_held_type+0xd7/0x130
[ 2822.491783]  event_function_call+0x3d0/0x430
[ 2822.492363]  ? perf_group_detach+0x11b0/0x11b0
[ 2822.492957]  ? perf_copy_attr+0x9c0/0x9c0
[ 2822.493488]  ? lock_release+0x3b2/0x6f0
[ 2822.494149]  ? perf_group_detach+0x11b0/0x11b0
[ 2822.494778]  ? perf_uprobe_event_init+0x1c0/0x1c0
[ 2822.495411]  ? _raw_spin_unlock_irq+0x1f/0x40
[ 2822.496003]  perf_remove_from_context+0x12e/0x260
[ 2822.496633]  perf_event_release_kernel+0x153/0x7f0
[ 2822.497277]  ? lock_is_held_type+0xd7/0x130
[ 2822.497915]  ? perf_pmu_migrate_context+0xae0/0xae0
[ 2822.498611]  ? lock_is_held_type+0xd7/0x130
[ 2822.499214]  perf_release+0x33/0x40
[ 2822.499726]  __fput+0x272/0x9d0
[ 2822.500171]  ? perf_event_release_kernel+0x7f0/0x7f0
[ 2822.500830]  task_work_run+0xe2/0x1a0
[ 2822.501344]  exit_to_user_mode_prepare+0x199/0x1a0
[ 2822.502078]  syscall_exit_to_user_mode+0x19/0x50
[ 2822.502699]  do_syscall_64+0x48/0x90
[ 2822.503204]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2822.503900] RIP: 0033:0x7f750a30a72b
[ 2822.504388] Code: 0f 05 48 3d 00 f0 ff ff 77 45 c3 0f 1f 40 00 48 83 ec 18 89 7c 24 0c e8 63 fc ff ff 8b 7c 24 0c 41 89 c0 b8 03 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 35 44 89 c7 89 44 24 0c e8 a1 fc ff ff 8b 44
[ 2822.506895] RSP: 002b:00007ffc8fa2e8d0 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[ 2822.507923] RAX: 0000000000000000 RBX: 0000000000000004 RCX: 00007f750a30a72b
[ 2822.508878] RDX: 0000000000000000 RSI: ffffffff81388253 RDI: 0000000000000003
[ 2822.509813] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000001b30c2001c
[ 2822.510829] R10: 0000000000000473 R11: 0000000000000293 R12: 00007f750a46bb60
[ 2822.511790] R13: 00007f750a46bb60 R14: 00007f750a46af60 R15: 00000000002b1078
[ 2822.512736]  ? smp_call_function_single+0x193/0x460
[ 2822.513408]  </TASK>
09:03:50 executing program 1:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{&(0x7f0000000040)=""/35, 0x23}, {0x0, 0x2}, {&(0x7f0000000300)=""/165, 0xa5}], 0x3, 0xff600000, 0x0)

09:03:50 executing program 6:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{&(0x7f0000000040)=""/35, 0x23}, {0x0}, {&(0x7f0000000300)=""/165, 0xa5}], 0x3, 0x68000000, 0x0)

09:03:50 executing program 7:
openat$sndseq(0xffffffffffffff9c, 0x0, 0x0)
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{0x0}, {&(0x7f0000000300)=""/165, 0xa5}], 0x2, 0x0, 0x2)

09:03:50 executing program 2:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000080), r0)
sendmsg$NLBL_MGMT_C_ADD(r0, 0x0, 0x0)

09:03:50 executing program 3:
openat$sndseq(0xffffffffffffff9c, 0x0, 0x0)
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{0x0}, {&(0x7f0000000300)=""/165, 0xa5}], 0x2, 0x0, 0x0)

09:03:50 executing program 1:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{&(0x7f0000000040)=""/35, 0x23}, {0x0, 0x2}, {&(0x7f0000000300)=""/165, 0xa5}], 0x3, 0xffffff7f, 0x0)

09:03:50 executing program 6:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{&(0x7f0000000040)=""/35, 0x23}, {0x0}, {&(0x7f0000000300)=""/165, 0xa5}], 0x3, 0x6c000000, 0x0)

09:03:50 executing program 7:
openat$sndseq(0xffffffffffffff9c, 0x0, 0x0)
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{0x0}, {&(0x7f0000000300)=""/165, 0xa5}], 0x2, 0x0, 0x3)

[ 2822.777780] Call Trace:
[ 2822.778231]  <TASK>
[ 2822.778515]  ? x86_pmu_start+0x1c0/0x240
[ 2822.779042]  x86_pmu_enable+0x580/0xd90
[ 2822.779538]  ? amd_pmu_disable_virt+0xa0/0xa0
[ 2822.780112]  ctx_resched+0x2b9/0x3a0
[ 2822.780593]  __perf_install_in_context+0x285/0xa40
[ 2822.781217]  ? ctx_resched+0x3a0/0x3a0
[ 2822.781706]  remote_function+0x125/0x1b0
[ 2822.782248]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 2822.782937]  ? perf_duration_warn+0x40/0x40
[ 2822.783511]  generic_exec_single+0x203/0x300
[ 2822.784091]  smp_call_function_single+0x189/0x460
[ 2822.784715]  ? perf_duration_warn+0x40/0x40
[ 2822.785275]  ? generic_exec_single+0x300/0x300
[ 2822.785866]  ? perf_duration_warn+0x40/0x40
[ 2822.786507]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 2822.787231]  ? lock_is_held_type+0xd7/0x130
[ 2822.787796]  perf_install_in_context+0x4da/0x590
[ 2822.788411]  ? list_add_event+0xeb0/0xeb0
[ 2822.788937]  ? ctx_resched+0x3a0/0x3a0
[ 2822.789443]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 2822.790162]  ? exclusive_event_installable+0x254/0x320
[ 2822.790834]  __do_sys_perf_event_open+0x1bf0/0x3040
[ 2822.791490]  ? perf_remove_from_context+0x260/0x260
[ 2822.792130]  ? xfd_validate_state+0x59/0x180
[ 2822.792744]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2822.793435]  do_syscall_64+0x3b/0x90
[ 2822.793968]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2822.794631] RIP: 0033:0x7f750a357b19
[ 2822.795103] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2822.797509] RSP: 002b:00007f75078cd188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a
[ 2822.798550] RAX: ffffffffffffffda RBX: 00007f750a46af60 RCX: 00007f750a357b19
[ 2822.799509] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000c00
[ 2822.800435] RBP: 00007f750a3b1f6d R08: 0000000000000000 R09: 0000000000000000
[ 2822.801422] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000000
[ 2822.802412] R13: 00007ffc8fa2e86f R14: 00007f75078cd300 R15: 0000000000022000
[ 2822.803369]  </TASK>
[ 2822.848939] Call Trace:
[ 2822.849443]  <TASK>
[ 2822.849747]  x86_pmu_stop+0x149/0x330
[ 2822.850338]  x86_pmu_del+0x1be/0x610
[ 2822.850985]  event_sched_out+0x2ed/0xe80
[ 2822.851539]  __perf_remove_from_context+0x87/0xbe0
[ 2822.852236]  event_function+0x297/0x3d0
[ 2822.852778]  ? perf_uprobe_event_init+0x1c0/0x1c0
[ 2822.853462]  remote_function+0x125/0x1b0
[ 2822.854073]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 2822.854818]  ? perf_duration_warn+0x40/0x40
[ 2822.855408]  generic_exec_single+0x203/0x300
[ 2822.856006]  smp_call_function_single+0x189/0x460
[ 2822.856685]  ? perf_duration_warn+0x40/0x40
[ 2822.857288]  ? generic_exec_single+0x300/0x300
[ 2822.857967]  ? perf_duration_warn+0x40/0x40
[ 2822.858599]  ? lock_is_held_type+0xd7/0x130
[ 2822.859203]  event_function_call+0x3d0/0x430
[ 2822.859824]  ? perf_group_detach+0x11b0/0x11b0
[ 2822.860455]  ? perf_copy_attr+0x9c0/0x9c0
[ 2822.861017]  ? lock_release+0x3b2/0x6f0
[ 2822.861588]  ? perf_group_detach+0x11b0/0x11b0
[ 2822.862290]  ? perf_uprobe_event_init+0x1c0/0x1c0
[ 2822.862948]  ? _raw_spin_unlock_irq+0x1f/0x40
[ 2822.863564]  perf_remove_from_context+0x12e/0x260
[ 2822.864242]  perf_event_release_kernel+0x153/0x7f0
[ 2822.864933]  ? lock_is_held_type+0xd7/0x130
[ 2822.865522]  ? perf_pmu_migrate_context+0xae0/0xae0
[ 2822.866229]  ? lock_is_held_type+0xd7/0x130
[ 2822.866841]  perf_release+0x33/0x40
[ 2822.867363]  __fput+0x272/0x9d0
[ 2822.867830]  ? perf_event_release_kernel+0x7f0/0x7f0
[ 2822.868516]  task_work_run+0xe2/0x1a0
[ 2822.869058]  do_exit+0xaf7/0x27e0
[ 2822.869557]  ? find_held_lock+0x2c/0x110
[ 2822.870171]  ? lock_release+0x3b2/0x6f0
[ 2822.870732]  ? mm_update_next_owner+0x7d0/0x7d0
[ 2822.871361]  ? lock_downgrade+0x6d0/0x6d0
[ 2822.871923]  ? lock_is_held_type+0xd7/0x130
[ 2822.872547]  do_group_exit+0xd2/0x2f0
[ 2822.873086]  get_signal+0x2303/0x2350
[ 2822.873615]  ? lock_downgrade+0x6d0/0x6d0
[ 2822.874202]  ? signal_setup_done+0x520/0x520
[ 2822.874812]  ? lock_is_held_type+0xd7/0x130
[ 2822.875427]  arch_do_signal_or_restart+0x88/0x1a40
[ 2822.876104]  ? __do_sys_perf_event_open+0xd2/0x3040
[ 2822.876785]  ? get_sigframe_size+0x10/0x10
[ 2822.877384]  ? perf_remove_from_context+0x260/0x260
[ 2822.878131]  ? xfd_validate_state+0x59/0x180
[ 2822.878764]  exit_to_user_mode_prepare+0x131/0x1a0
[ 2822.879417]  syscall_exit_to_user_mode+0x19/0x50
[ 2822.880077]  do_syscall_64+0x48/0x90
[ 2822.880620]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2822.881316] RIP: 0033:0x7f750a357b19
[ 2822.881831] Code: Unable to access opcode bytes at RIP 0x7f750a357aef.
[ 2822.882759] RSP: 002b:00007f75078cd188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a
[ 2822.883838] RAX: 0000000000000003 RBX: 00007f750a46af60 RCX: 00007f750a357b19
[ 2822.884862] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000c00
[ 2822.885876] RBP: 00007f750a3b1f6d R08: 0000000000000000 R09: 0000000000000000
[ 2822.886914] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000000
[ 2822.887876] R13: 00007ffc8fa2e86f R14: 00007f75078cd300 R15: 0000000000022000
[ 2822.888895]  </TASK>
09:04:06 executing program 6:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{&(0x7f0000000040)=""/35, 0x23}, {0x0}, {&(0x7f0000000300)=""/165, 0xa5}], 0x3, 0x74000000, 0x0)

09:04:06 executing program 5:
socketpair$unix(0x1, 0x5, 0x0, 0x0)
sendmsg$unix(0xffffffffffffffff, 0x0, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
pwritev(r0, &(0x7f0000000640)=[{&(0x7f00000002c0)="19", 0x1}], 0x1, 0x8000000, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0)
r2 = openat$random(0xffffffffffffff9c, &(0x7f0000000300), 0x480600, 0x0)
mount$9p_fd(0x0, &(0x7f0000000240)='./file1\x00', &(0x7f0000000280), 0x1000, &(0x7f0000000440)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@access_user}, {@access_user}], [{@smackfsroot={'smackfsroot', 0x3d, '\xff\xff'}}, {@uid_eq={'uid', 0x3d, 0xffffffffffffffff}}, {@fsmagic={'fsmagic', 0x3d, 0x10001}}, {@fsmagic={'fsmagic', 0x3d, 0x7}}]}})
r3 = socket$inet6(0xa, 0x1, 0x0)
bind$inet6(r3, &(0x7f00000002c0)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
connect$inet6(r3, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c)
recvfrom(r3, &(0x7f00000003c0)=""/87, 0x20010397, 0x300, 0x0, 0x0)
sendfile(r3, r1, 0x0, 0xfffffdef)
readv(0xffffffffffffffff, &(0x7f0000000040), 0x0)
openat$cgroup_freezer_state(0xffffffffffffffff, 0x0, 0x2, 0x0)
close(0xffffffffffffffff)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000001540), 0xffffffffffffffff)
sendmsg$NL80211_CMD_STOP_AP(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f00000015c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="1c000000f760c17a79631fc2de85f756c801bf9a9729f3a3eeb29d9536b0f2311f08a0616a32e17699ff16b1a6ea47ee047d2466f606914c5eaa90c941d2fe57caa543fdc4d764f67c96f768028fdaf7feda6fed58f23bb7dcc5cd7b21c7001f5eea714e8c7f9305b307fd7ebc54aeeb451c23f63c3644f7a6744f708b62261567ae1f6c071a4fd36a45ce09bddeac2947fdb924ab4b8d15381ea399d07fc859e4bfbbdade33c1fb42dd1b2e91597308e3990d5c1e15e515bc1ce88dfa75cbd8be7e4c988c5d8c2baa1320542f55cccab9d8b6f9a938e17d003f7b", @ANYRES32=r0, @ANYBLOB="010000000000000000001000000008000300", @ANYRES32=0x0, @ANYRES16=r0], 0x1c}}, 0x4)
getsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f0000000040), &(0x7f0000000080)=0xc)
syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x2200)

09:04:06 executing program 4:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{&(0x7f0000000040)=""/35, 0x23}, {0x0, 0x2}, {&(0x7f0000000300)=""/165, 0xa5}], 0x3, 0x68000000, 0x0)

09:04:06 executing program 2:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000080), r0)
sendmsg$NLBL_MGMT_C_ADD(r0, 0x0, 0x0)

09:04:06 executing program 3:
socketpair$unix(0x1, 0x5, 0x0, 0x0)
sendmsg$unix(0xffffffffffffffff, 0x0, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
pwritev(r0, &(0x7f0000000640)=[{&(0x7f00000002c0)="19", 0x1}], 0x1, 0x8000000, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0)
r2 = socket$inet6(0xa, 0x1, 0x0)
bind$inet6(r2, &(0x7f00000002c0)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c)
recvfrom(r2, &(0x7f00000003c0)=""/87, 0x20010397, 0x300, 0x0, 0x0)
sendfile(r2, r1, 0x0, 0x80000000)
readv(r0, &(0x7f0000000200)=[{&(0x7f0000000cc0)=""/207, 0xcf}, {&(0x7f0000000bc0)=""/244, 0xf4}], 0x2)
recvfrom(r2, &(0x7f00000000c0)=""/21, 0x15, 0x40, &(0x7f0000000140)=@ethernet={0x6, @broadcast}, 0x80)
openat$cgroup_freezer_state(0xffffffffffffffff, 0x0, 0x2, 0x0)
close(0xffffffffffffffff)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f00000001c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000280)={&(0x7f0000000880)=ANY=[@ANYBLOB="8c010000e2c5c1e44f17ac480d90eca54d3386ecb236be2ec0e1fff82e03d9358f5645ec60dfdf738a4bed231ccb3db86950428e47c17b6a483d3e1b1f3104d368e572136c4289d33d6a21ecf9d61cc5580df30f163ded249968e897cd6034bda34490ce85e31ba034ea758b8c", @ANYRES16=0x0, @ANYBLOB="08002dbd7000ffdbdf253b0000005f013300b02400000802110000000802110000015050505050509400000001005900ddcbd91a6bd75a68700f7e026f0560fc76c1c4e031639882243e1fbd3238b254a98e2b285c5551968a0a37d5587d91d2461b6a19b24d7958306af3e2217c0a71b18e6caf974d93e4443570209e803f16c2a24d5b6888a188a752fc07fe045210ef049a1b5a2471fea9f7d14b673c77c307b7b727d7feaa4c78861a266b52d3506fdfc0e336f6314f734b81261f747774db6dc03404a3db93dc862052fde786b779c89418e51e8abf69db62dd080a9b7f0df1516a0cd6ae135434a56419b126525ef9a27e0d5d20692884250501dd6e068548009ba320796082ed41fc4489836f8fb351578d9c3264e1f2cf1ae650e93c71acb6ac6583f4e02df4c4f63b980d417f6531ae1746270103a008c01a614060059d6a24dd5f2ec0feff2a81250d56dccf650ccac8ab510305e648353ca7387309797d15ed9855f903d7f4ef8f0008005700930000000a00cd00042d05000000000004006c00"], 0x18c}, 0x1, 0x0, 0x0, 0x11}, 0x40000)
sendmsg$NL80211_CMD_STOP_AP(r3, &(0x7f0000001600)={0x0, 0x0, &(0x7f00000015c0)={&(0x7f0000000440)=ANY=[@ANYBLOB="1c000000", @ANYRES16=0x0, @ANYBLOB="012000000000000000001000000008000300", @ANYRES32=0x0, @ANYBLOB="fe23fbf5cc23676c726a0d7183efc1711b048f949ada9c744fefe9b71e1f6a9cb62180c6c8cc6b900a7188d4578eefab7fb608f5df59a347e99648b881e1a82878096f851e60eb51ec9143036279ccbc1936fa7d94a69e3d4839f2c8e2cc69dfbf0e65bb4f32c0abfcb0bffc076018c3654e31f7a86b1d933990a661518e3c5a3eee25aecf"], 0x1c}}, 0x0)
getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000000040), &(0x7f0000000080)=0xc)
syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x2200)

09:04:06 executing program 7:
openat$sndseq(0xffffffffffffff9c, 0x0, 0x0)
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{0x0}, {&(0x7f0000000300)=""/165, 0xa5}], 0x2, 0x0, 0x4)

09:04:06 executing program 1:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{&(0x7f0000000040)=""/35, 0x23}, {0x0, 0x2}, {&(0x7f0000000300)=""/165, 0xa5}], 0x3, 0xffffffff, 0x0)

09:04:06 executing program 0:
perf_event_open$cgroup(&(0x7f0000000c00)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x1019, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

[ 2838.413773] Call Trace:
[ 2838.414276]  <TASK>
[ 2838.414593]  ? x86_pmu_start+0x1c0/0x240
[ 2838.415164]  x86_pmu_enable+0x580/0xd90
[ 2838.415692]  ? amd_pmu_disable_virt+0xa0/0xa0
[ 2838.416322]  ctx_resched+0x2b9/0x3a0
[ 2838.416853]  __perf_install_in_context+0x285/0xa40
[ 2838.417531]  ? ctx_resched+0x3a0/0x3a0
[ 2838.418070]  remote_function+0x125/0x1b0
[ 2838.418697]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 2838.419423]  ? perf_duration_warn+0x40/0x40
[ 2838.420011]  generic_exec_single+0x203/0x300
[ 2838.420620]  smp_call_function_single+0x189/0x460
[ 2838.421261]  ? perf_duration_warn+0x40/0x40
[ 2838.421834]  ? generic_exec_single+0x300/0x300
[ 2838.422478]  ? perf_duration_warn+0x40/0x40
[ 2838.423376]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 2838.424152]  ? lock_is_held_type+0xd7/0x130
[ 2838.424782]  perf_install_in_context+0x4da/0x590
[ 2838.425427]  ? list_add_event+0xeb0/0xeb0
[ 2838.425976]  ? ctx_resched+0x3a0/0x3a0
[ 2838.426588]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 2838.427313]  ? exclusive_event_installable+0x254/0x320
[ 2838.428033]  __do_sys_perf_event_open+0x1bf0/0x3040
[ 2838.428710]  ? __up_read+0x192/0x710
[ 2838.429197]  ? perf_remove_from_context+0x260/0x260
[ 2838.429887]  ? up_write+0x460/0x460
[ 2838.430442]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2838.431169]  do_syscall_64+0x3b/0x90
[ 2838.431667]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2838.432333] RIP: 0033:0x7f750a357b19
[ 2838.432821] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2838.435250] RSP: 002b:00007f75078cd188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a
[ 2838.436313] RAX: ffffffffffffffda RBX: 00007f750a46af60 RCX: 00007f750a357b19
[ 2838.437310] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000c00
[ 2838.438354] RBP: 00007f750a3b1f6d R08: 0000000000000000 R09: 0000000000000000
[ 2838.439323] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000000
[ 2838.440333] R13: 00007ffc8fa2e86f R14: 00007f75078cd300 R15: 0000000000022000
[ 2838.441387]  </TASK>
09:04:06 executing program 1:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{&(0x7f0000000040)=""/35, 0x23}, {0x0, 0x2}, {&(0x7f0000000300)=""/165, 0xa5}], 0x3, 0x0, 0x0)

09:04:06 executing program 4:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{&(0x7f0000000040)=""/35, 0x23}, {0x0, 0x2}, {&(0x7f0000000300)=""/165, 0xa5}], 0x3, 0x68000000, 0x0)

[ 2838.464499] Call Trace:
[ 2838.464951]  <TASK>
[ 2838.465277]  x86_pmu_stop+0x149/0x330
[ 2838.465902]  x86_pmu_del+0x1be/0x610
[ 2838.466440]  event_sched_out+0x2ed/0xe80
[ 2838.467026]  __perf_remove_from_context+0x87/0xbe0
[ 2838.467727]  event_function+0x297/0x3d0
[ 2838.468332]  ? perf_uprobe_event_init+0x1c0/0x1c0
[ 2838.469097]  remote_function+0x125/0x1b0
[ 2838.469672]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 2838.470469]  ? perf_duration_warn+0x40/0x40
[ 2838.471054]  generic_exec_single+0x203/0x300
[ 2838.471673]  smp_call_function_single+0x189/0x460
[ 2838.472378]  ? perf_duration_warn+0x40/0x40
[ 2838.473005]  ? generic_exec_single+0x300/0x300
[ 2838.473633]  ? perf_duration_warn+0x40/0x40
[ 2838.474301]  ? lock_is_held_type+0xd7/0x130
[ 2838.474919]  event_function_call+0x3d0/0x430
[ 2838.475529]  ? perf_group_detach+0x11b0/0x11b0
[ 2838.476168]  ? perf_copy_attr+0x9c0/0x9c0
[ 2838.476755]  ? lock_release+0x3b2/0x6f0
[ 2838.477320]  ? perf_group_detach+0x11b0/0x11b0
[ 2838.477986]  ? perf_uprobe_event_init+0x1c0/0x1c0
[ 2838.478711]  ? _raw_spin_unlock_irq+0x1f/0x40
[ 2838.479349]  perf_remove_from_context+0x12e/0x260
[ 2838.480037]  perf_event_release_kernel+0x153/0x7f0
[ 2838.480700]  ? lock_is_held_type+0xd7/0x130
[ 2838.481270]  ? perf_pmu_migrate_context+0xae0/0xae0
[ 2838.481926]  ? lock_is_held_type+0xd7/0x130
[ 2838.482583]  perf_release+0x33/0x40
[ 2838.483103]  __fput+0x272/0x9d0
[ 2838.483558]  ? perf_event_release_kernel+0x7f0/0x7f0
[ 2838.484271]  task_work_run+0xe2/0x1a0
[ 2838.484814]  exit_to_user_mode_prepare+0x199/0x1a0
[ 2838.485491]  syscall_exit_to_user_mode+0x19/0x50
[ 2838.486183]  do_syscall_64+0x48/0x90
[ 2838.486704]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2838.487417] RIP: 0033:0x7f750a30a72b
[ 2838.487945] Code: 0f 05 48 3d 00 f0 ff ff 77 45 c3 0f 1f 40 00 48 83 ec 18 89 7c 24 0c e8 63 fc ff ff 8b 7c 24 0c 41 89 c0 b8 03 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 35 44 89 c7 89 44 24 0c e8 a1 fc ff ff 8b 44
[ 2838.490476] RSP: 002b:00007ffc8fa2e8d0 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[ 2838.491494] RAX: 0000000000000000 RBX: 0000000000000004 RCX: 00007f750a30a72b
[ 2838.492479] RDX: 00007f750a46fa68 RSI: ffffffff8411f74e RDI: 0000000000000003
[ 2838.493425] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000001b30c2001c
[ 2838.494409] R10: 0000000000000f41 R11: 0000000000000293 R12: 00000000002b4f15
[ 2838.495380] R13: 00000000000003e8 R14: 00007f750a46af60 R15: 00000000002b4f14
[ 2838.496376]  ? syscall_exit_to_user_mode+0x1e/0x50
[ 2838.497096]  </TASK>
09:04:06 executing program 2:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000080), r0)
sendmsg$NLBL_MGMT_C_ADD(r0, 0x0, 0x0)

09:04:06 executing program 6:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{&(0x7f0000000040)=""/35, 0x23}, {0x0}, {&(0x7f0000000300)=""/165, 0xa5}], 0x3, 0x7a000000, 0x0)

09:04:06 executing program 7:
openat$sndseq(0xffffffffffffff9c, 0x0, 0x0)
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{0x0}, {&(0x7f0000000300)=""/165, 0xa5}], 0x2, 0x0, 0x5)

09:04:06 executing program 5:
socketpair$unix(0x1, 0x5, 0x0, 0x0)
sendmsg$unix(0xffffffffffffffff, 0x0, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
pwritev(r0, &(0x7f0000000300)=[{&(0x7f0000000180)="000000000000929726f2db372180652edf45d849cf0fde92ce347f23c74492551cd11bde2f87a31262d8aaf1b342048959ff630db7160485317d3233a27864e1a5d53662d502d3d8d3c978fb9ffe7cb9f7c654ebd3683a01df3c914b45c8b17fd700", 0x62}, {&(0x7f0000001640)="69ab4af2ccfab3c14b2c8e1ccb39459af5634fd953a0c1235d11f6cf1415faf52ed3688823b47c4f15d33d5165ab06dad2eb5c7781ddbd7e7aba8f1c37760eab44d58110bfdba8637fa23f05b9683440a58137e48956b1ff7ce377cd72c09b1ed1201ba0f084859638614bf6b9aea10a52390f7e6f2eb1da94af64ffebace8c8e3054b5e274fb18a2abb9416f897e1ec670662c2f90fdfaa63bd7b201e6ac7945e327f47934a9a2c427b00cc76bb8d7cecd2cb5c7a23ae42a08e11119b51599e055d006a293bcd9d88281ff5927eaeb8d062177eafa5437490b1db90538162f7442e9a7e8b300b0de450d91345a9f44626482b79771fb4886bc9a4ff9be400b7cf782ccbc3b85bf101741424bbc04e5e258f28c94db6b705c11c799144dc8b3dbebb5cb2cf267b7b83defb49c6aafc019ebb4e7af20cc73cc483ae1d471655575abb423e14efdf012a96951020e92e11413b0229dd372f743021f5162b907e1298280dd6e6111c9802a809d92bd3b8bd952725c77bde2f26f3122d5fe6e2daa220dcb66f1787b265d864882f7dcdaeeb4b9bfa81c38e0a7c6539f86753d13ad3485492dd040b33d0e6795376edc11920afdec3195adbf67ce43281a870025171dd7ffbddea5d7b2662a8d249aaf3a9fcc24e1da1fc465e6ee2cbb771087528d66e681429a4355eb5629b9827b44f0f15ae31dc255d2ac3a334d62c1135c50f2326ec20744886fe47579f49c7c6e07656d4a0940a7a4b5c6d54da1f05d8fec5d7b725f3358164ba3d363f4fa6c4e654ef1e63909314a4294f5457a8734566a879ba9682a366c575023ea4c040688cde07d731ce962054527258a812979435e898bc8c2dcf2490f97ba0bf3dc04f702a7476e8016076a83479aaf9771dee26c9e790feb0487bf82e45fa3063920aecbcad8d7c53374dd5062c1f6881bfa68c78f3c0ccacb95c6cf1891fa53eb1cf8712e0557f391b33b50ab0b45d47c63689e0ea40cb7fb39ddf712fdd2f293b57120da3aaedfd6a0b9b380fd5c7a7bef592bb8c010dad45f1add1892a77e1b008e9618fddd02a0d3983e0c172ddbcb7917ce36d482d786f6ff757051e34a3a2ccc241fbf5f1489a98f7c99fd569b0e519207f7cb4d50bbd4648e8e59673cfb18486b6953acfa3a2dbc4d94bee11d0a32827de981eb9e11cc420b10da02d6bed1d3aadcec1e60ff9c31b4ee0cce2a35b246944ae8003fd924f7c4554e76ccdce57e2930d27e5567b85db95bb971950829cdbade82fd39bd087f223b858a5423ec7eb2767a3df79a2554335f3c8a84eaba960441769cfba68272cd631c2b579a1a9d59dba2ec2f689f08ce022aa14bc69424e9aab0862561f2d4f4e0d58bd37729aef4676126593fb92cd0664420b8f0f1d32b52d80615c15f2bd0010745df7248ba37d0628fc8f71d3fb2a37c222de358143bcaae46fae2e186d54c63bc554a979ab9c934c0b47d34b66733b38a0dc14a51e341f7af1ce32f8141e2c47a8b25ad8c21c41cad2770804a5b7cbb04de4d827ac5d25fe4ef948d83a793be7863985f2373d8dcafade3f4688c3e5e4cd3ea0b32c5ed3bbe25a5880c262a58015aa6a3b9bbf194e140e78ddabea9a2f0672a6cc1dba4b321b1bd7e04019cbfae7bf1569f1cbcb4cbf67b074b0427710001988a47065e2fd2583df68cb45739788e9b63787671b493766dbbc7a9e2fd9d54c0dd7916d59475c921a19ea0781e2e8d40bda6cc211930ac3cdc862c9f806cfda269863d6d774c2ae0ef3c0130095a59d99fcdadf42a9d398aaeaf9e92078f61d9db104963dd3d4b5ecddc58549dd01d4aebc9323122a1d8ae2e4231d0824828b8a325996dc5fcbbfe4b2bc95516b61dc3327b2c2de0c775cdace3023f3f3ef66a7ec944e1e4f781768b6d62ee14392fdedc1893c3af5285b32cbb8fbeb19a33ecb01d6a585bb436a4d369e8ee21987700b63f52754c4037cf34f4962370e30fac48bba1774ee5ad154c1c690800dffb8f72c83b2f41bd6bef79cb98c07ddcb8ae73c478ae9842edc2cd026bde2a57bed36c3513f27c80d1e46fab6ab11563be40e207b36e71e46c9b55701cf859ca7a3a4ef6b9f953f9dd817f6afa59f9a336a71e78755f1e52fda4abfeb1b219e490da211c0cb79b7ed65045128b3dca9e35046f940f14812643cc0d6c02aacd6f198c6734ebfc500c95da678bee82f5d996a16fc573f2b74803db831323076c55cf5267979cfa842f2c751b2b921d75dfa71f966dce0423f698c4e98ce419851ea14f24b6a9a761adfe9eb64e00df10421c77e307e3320a9a457739f207f37b16d4db7769d69f2910216b5b4aadac683f69b152a9714a245933675076d75aadfc08bd386a7fce2466562d6f9789241cdf2d7dfa489a8b042141e963115f5738e16507c1f7ad554e3636d23b5940ba1afe41ca1632124fa0923659f095d5b2c2700a620a9df9584fc2dbfa760419bfe8c0e4d6fc1aab6d2b05a75b8580f7aa0875a48d463b253a2b14ddf4ffa01632b21b8d2b21277a2c99f3acdcdcf979c4a65929a88ce615b3a80783ff83a75ef048122fe6f58e0a8062192e47790803fca1832a54483bf69d335384d051afb2b3746a0828e8a5051436bf101ba12c6b9b77dfa946dd4451f8916d813774782efb98f6f87c5f6e2a86e4bcfcbc7b1e92aebf2d8cf841253905d3e34863b97bd29a4ba3df880100c7ac9be50e7c97249fc46285f2ac3c8ec752119a16d04a62b61689946687867d5c54c5a5ece19ac285ad5d3cadf9868e0c49ed99e47ea4f2d010f17cce15152c4ff90984eb1a4c1437725281ff07f968b76e9fd8616b4e96b946a5c22c431dbc15483dfce82806df1c1a9fd44067af2739ed1a86e511171e417586b1142851ced9bd8d18d7ab075b8e409a70fee9503519e6ad6bd81c8837ba8f28649a1ba0404497a814a2e97fa09fb8cab24c6eedaf876e7a4faaada26361fdafd83a48cccd8b14e0210820df1351cca805442944f55ca0831d1f552e3c5a2629ace418eaec68e32ed5298ea37712ec5ab2736fa13b6a7a938a87643859a1987855defccdb517f05dd7cecb86ec834ef00b06371f9e0b5bdbb85a29982932159419958909fa82eb58aa6f006d3e7c3b353ad38b3e2024cdf2b434a32f9ba1a5ef69a4910179c006d423012e70acf64b27d648357efbcb69092ae03654f9b0afa1cc4351a16ab2dbc7d34fc1d225e15742be8f54bd8d7a39ae942a47bf8ff328e9cd424aa049b24e1e6c60582266757a56ebc8e61fff1427f3b3eb02f44815994edc3b052b7284ba78d3c5d8a25dfa7cff22c6a4a9a998946a741f18ed89607879bf994879891ca274219b202eaa1d7a6354657073e207b629be1607d0f55613e825206550bf11f6942fe9fc4e97f1008f4345610f009000eab2d4ad25f2775afe8aa978fdbbbbcc93c1c1f07c4c56531ba2aa2728b4424b53d2b8107b399ff7a8f823eedc14b2420aebc3fb5603b4a9e54d5072dd5bf31448d9d1d3788c3a15222db722f958b7097aff60afc1c23a50c37c61f5b63a8f93fa2c86ca9a434731eef75e494646a8574e1797875af4ce232594687fd078bcc475eeb38a24883c7aeba93605c209e24fdf9b85b50a453d405597c6d8d8ac839fd802db055af28766e72500ee126ff82daceece37272bca782b3de4247dd2d12492da3f046f6ba4a04f2b75d450cee1d691429c15e7f9a3f05cca17487fb37637296942a24e601f943b877cc73f5daf84cf01592d635f35e084e71e80aa6a95cf626c4c7223f9271965196ef5b153a848258d9c444dc5ab321d4ae99718752a361c3e6f7453de4a063b55eb66f4b3d9327c5c038733cd0637fcfd2168d438b5355f2a30f227b029de56d9664b5f363f11f97258755a9b6884d7a59d686e53c34a840253a909635ab2a6a2792fbade3aed7bb8f80da71d92373ce52e6de75192740f98413fa09d0a523ccb2d727a5354156ee4ef10c8a0c371b5cf347435e6d7d4f4044eb540bbeb2caa0a28c85298b367b2d9214bb2414daf3d3f6a8fd9ddd8f1489d152330e7cb6c447e9f959f20bea907d29c113a50b2e75ece702351caf8906abb8a5ba5db229dcd9f04b78221f1949399b17518b3ea768ff46d9cc65375a348ba145d7588f884cccfec39f33f251e932844fec02e66264c2bbe189f49f802cc34a689ddae3e24e1b68363203517ae67b75e9e2e7148ad5a90c66f58fc6a02f08263d48c89e0ee6d2d627227f62f496549168f8a18b0a921ac4a754bff4729c4de1f8e77d1f6571f711e8b242a20670c55f2cfe55fb6765550c991e3fd298eb033d9634747054b2f60d40a82a993ad5fd39397336546ffaf8d3dface6d77acff40b8679cf2b5e59f6cf22ddcecf052c464b400778b0cbea91bffdf02d22cbd8439a3bb9ef9733ca68b88b0c672351718e0147017ff0af0f0acfe600e5be53487bb6cc09966cbae9094d4423d340ac82bf06094a0d32b78258477dd6405b1d9976eaf1c77a02ad1ab90d27ffcbe71228216f14b793ff113b2a0f46a1cd463b7f8d23ca45a64cea541b2000ed771208945685a8e8371ae8aef08ff0326966c4107aa59ad0e3e057434d76805bd0871290459bfc733c27a65c57bae0cecbdb591b5a1bb4a78b13225c28091fbc8e4376cb761126d44231413a2091826f04e603c957bda56ae3f55e1cc40c7ce45bd3f95eac3bb0d304d7f023850c9b83337def2c790c5bb476d43add915d88d310d7f711f57c612f2f5879d8b3cc55081a0378455280dbd73d23db351123baabd3dbfa8667c474ad92120b011d4f9700268f644bf5a1fc51d225137cc2e1f68c36261441966dc35615cd8817dd5090a3905190edc6aa5a1408bffd5824e5cca66276d74b2b8aa515db55f58111610bc5dc5bfc9bf973a2223449c35825236838acb7d6b9a94e366f51d5c1d73c1d561d9c0019b34dfc3f069a60f7c29e3c08135282affdac91f7260f8b49578a2642e6932abb9d328a725402c473725b1b5a14c01dc58c9fa908b68eed77e5180992145b0f703a15deaf01b824805da357c385c17ecc7e3f419f8c7f6dcb08292a020baafb030284ea84797113bec2f9ac2f1ae6281344bde105fd40806654a138b148c7837445f3ed63de4f95c971e99b7e98aa20743ea57f7f31d2a4893142aa42fa7d6bc7fdc3fdf9e81ee6c5010f5df7c19a606561842e1532a6421f0c4fa18edc64b0f5094d1ce7928274277ee6ff2d5f72967ed63907b1d3c5d3a98e1722d5fac92d4f1be5674495ad0e1f5e399c6e73e92ecc8a9d41752112e459ce270b244df600ff526f7558cddc0cbfcb2480402a5e4983d8b957464d3952e24f0a1c13496f6f1c25e79d597228bca50264b1260dcda552dc0c4642055413009e81a1bc275afb9c53af69efae037942920519f7092663a3c6bfbdc6e61ba1d270ec93892cec858f4624d911836dd7b1187eaa86d292bd8c489d805dc0a01870157dda7bfaf63f436e5f7289901162dd8f5dc1f5408c3e4eea5619c2a50f90cfea026c0b837eaee9ccfb4ae9632731c14d3dbe8f9ece77ca743974d1fec00e094b0eaae02a3e898dde6de0e28b07e01fb169d8749fb45cc2ea85ae4c17ebfc4ddb4b3c084763ebdbd15715deeff7a009bbb2d2cda9d6c4b4b6e05915d6a8b8103dadd09d95024d7ac12b9993484626601bb01e985a730b4196bf33cc6e9b64239c1cb423d17bee364a82146b4e0d36aa0734d6c375c046ba48b08db334c71d3db66470770368c9414c50af69774e186c25c1e9da69df30b545", 0x1000}, {&(0x7f0000000240)="acf5a6dbaf9b823bd81cff200fb62e3b3fc19019fc4e5bbfd20fd55f84138acc30d7ee3b18bccce3186828177e8848f599f0d55050fc7963c9061a7ac98fed7241c5f2cd024a2c290d9bd768d1f239eb783fc93a99d17a4e5ebdee42117ed103f83dc5c75252cd4bc073de220c6e34c1e9", 0x71}], 0x3, 0x8000001, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0)
r2 = socket$inet6(0xa, 0x1, 0x0)
bind$inet6(r2, &(0x7f00000002c0)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c)
recvfrom(r2, &(0x7f00000003c0)=""/87, 0x20010397, 0x300, 0x0, 0x0)
sendfile(r2, r1, 0x0, 0xfffffdef)
readv(0xffffffffffffffff, &(0x7f0000000040), 0x0)
openat$cgroup_freezer_state(0xffffffffffffffff, 0x0, 0x2, 0x0)
close(0xffffffffffffffff)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000001540), 0xffffffffffffffff)
sendmsg$NL80211_CMD_STOP_AP(r3, &(0x7f0000001600)={0x0, 0x0, &(0x7f00000015c0)={&(0x7f0000000440)=ANY=[@ANYBLOB="1c000000", @ANYRES16=0x0, @ANYBLOB="0100000000000000000010d4b268d72980500000000800030080d24c65f4cd4b159ec278b4d98225bafab3b54d4390744233bd6eba1f9aa49237f667aefeef41cc398b664cb0bd3ffbfc0a69148eb3a6c54ee2c2e2099c4a149667fac4705134e73122b7c5c2290ad18da30f61a0aff5226043e77c7753d3e360323454de", @ANYRES32=0x0, @ANYBLOB="f822765604abdbeeaba15cdacb13ef282b00"], 0x1c}}, 0x0)
getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000000040), &(0x7f0000000080)=0xc)
syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x2200)
r4 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000140), 0x402201)
close_range(r4, r3, 0x2)

09:04:06 executing program 1:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{&(0x7f0000000040)=""/35, 0x23}, {0x0, 0x2}, {&(0x7f0000000300)=""/165, 0xa5}], 0x3, 0x0, 0x2)

09:04:06 executing program 4:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{&(0x7f0000000040)=""/35, 0x23}, {0x0, 0x2}, {&(0x7f0000000300)=""/165, 0xa5}], 0x3, 0x68000000, 0x0)

09:04:06 executing program 6:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{&(0x7f0000000040)=""/35, 0x23}, {0x0}, {&(0x7f0000000300)=""/165, 0xa5}], 0x3, 0x7fffefdd, 0x0)

09:04:06 executing program 2:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000080), r0)
sendmsg$NLBL_MGMT_C_ADD(r0, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x1, 0x700000000000000}, 0x0)

[ 2838.659197] Call Trace:
[ 2838.659667]  <TASK>
[ 2838.660003]  ? x86_pmu_start+0x1c0/0x240
[ 2838.660587]  x86_pmu_enable+0x580/0xd90
[ 2838.661156]  ? amd_pmu_disable_virt+0xa0/0xa0
[ 2838.661779]  ctx_resched+0x2b9/0x3a0
[ 2838.662335]  __perf_install_in_context+0x285/0xa40
[ 2838.663006]  ? ctx_resched+0x3a0/0x3a0
[ 2838.663543]  remote_function+0x125/0x1b0
[ 2838.664099]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 2838.664827]  ? perf_duration_warn+0x40/0x40
[ 2838.665447]  generic_exec_single+0x203/0x300
[ 2838.666075]  smp_call_function_single+0x189/0x460
[ 2838.666856]  ? perf_duration_warn+0x40/0x40
[ 2838.667476]  ? generic_exec_single+0x300/0x300
[ 2838.668124]  ? perf_duration_warn+0x40/0x40
[ 2838.668789]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 2838.669571]  ? lock_is_held_type+0xd7/0x130
[ 2838.670299]  perf_install_in_context+0x4da/0x590
[ 2838.670970]  ? list_add_event+0xeb0/0xeb0
[ 2838.671580]  ? ctx_resched+0x3a0/0x3a0
[ 2838.672143]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 2838.672929]  ? exclusive_event_installable+0x254/0x320
[ 2838.673733]  __do_sys_perf_event_open+0x1bf0/0x3040
[ 2838.674500]  ? perf_remove_from_context+0x260/0x260
[ 2838.675224]  ? xfd_validate_state+0x59/0x180
[ 2838.675918]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2838.676726]  do_syscall_64+0x3b/0x90
[ 2838.677273]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2838.677969] RIP: 0033:0x7f750a357b19
[ 2838.678599] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2838.681122] RSP: 002b:00007f75078cd188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a
[ 2838.682201] RAX: ffffffffffffffda RBX: 00007f750a46af60 RCX: 00007f750a357b19
[ 2838.683242] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000c00
[ 2838.684243] RBP: 00007f750a3b1f6d R08: 0000000000000000 R09: 0000000000000000
[ 2838.685276] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000000
[ 2838.686303] R13: 00007ffc8fa2e86f R14: 00007f75078cd300 R15: 0000000000022000
[ 2838.687321]  </TASK>
09:04:06 executing program 5:
socketpair$unix(0x1, 0x5, 0x0, 0x0)
sendmsg$unix(0xffffffffffffffff, 0x0, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
pwritev(r0, &(0x7f0000000640)=[{&(0x7f00000002c0)="19", 0x1}], 0x1, 0x8000000, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0)
r2 = socket$inet6(0xa, 0x1, 0x0)
bind$inet6(r2, &(0x7f00000002c0)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c)
recvfrom(r2, &(0x7f00000003c0)=""/87, 0x20010397, 0x300, 0x0, 0x0)
sendfile(r2, r1, 0x0, 0xfffffdef)
readv(0xffffffffffffffff, &(0x7f0000000040), 0x0)
openat$cgroup_freezer_state(0xffffffffffffffff, 0x0, 0x2, 0x0)
close(0xffffffffffffffff)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000001540), 0xffffffffffffffff)
sendmsg$NL80211_CMD_STOP_AP(r3, &(0x7f0000001600)={0x0, 0x0, &(0x7f00000015c0)={&(0x7f0000001580)=ANY=[@ANYBLOB="1c00626d", @ANYRES16=0x0, @ANYBLOB="010000000000000000001000000008000300", @ANYRES32=0x0, @ANYBLOB], 0x1c}}, 0x0)
getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000000040), &(0x7f0000000080)=0xc)
syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x2200)

09:04:06 executing program 7:
openat$sndseq(0xffffffffffffff9c, 0x0, 0x0)
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{0x0}, {&(0x7f0000000300)=""/165, 0xa5}], 0x2, 0x0, 0x6)

[ 2838.790392] Call Trace:
[ 2838.790852]  <TASK>
[ 2838.791171]  x86_pmu_stop+0x149/0x330
[ 2838.791712]  x86_pmu_del+0x1be/0x610
[ 2838.792240]  event_sched_out+0x2ed/0xe80
[ 2838.792805]  __perf_remove_from_context+0x87/0xbe0
[ 2838.793498]  event_function+0x297/0x3d0
[ 2838.794026]  ? perf_uprobe_event_init+0x1c0/0x1c0
[ 2838.794748]  remote_function+0x125/0x1b0
[ 2838.795316]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 2838.796071]  ? perf_duration_warn+0x40/0x40
[ 2838.796661]  generic_exec_single+0x203/0x300
[ 2838.797257]  smp_call_function_single+0x189/0x460
[ 2838.797911]  ? perf_duration_warn+0x40/0x40
[ 2838.798567]  ? generic_exec_single+0x300/0x300
[ 2838.799202]  ? perf_duration_warn+0x40/0x40
[ 2838.799835]  ? lock_is_held_type+0xd7/0x130
[ 2838.800459]  event_function_call+0x3d0/0x430
[ 2838.801098]  ? perf_group_detach+0x11b0/0x11b0
[ 2838.801748]  ? perf_copy_attr+0x9c0/0x9c0
[ 2838.802387]  ? lock_release+0x3b2/0x6f0
[ 2838.802945]  ? perf_group_detach+0x11b0/0x11b0
[ 2838.803603]  ? perf_uprobe_event_init+0x1c0/0x1c0
[ 2838.804253]  ? _raw_spin_unlock_irq+0x1f/0x40
[ 2838.804892]  perf_remove_from_context+0x12e/0x260
[ 2838.805576]  perf_event_release_kernel+0x153/0x7f0
[ 2838.806283]  ? lock_is_held_type+0xd7/0x130
[ 2838.806853]  ? perf_pmu_migrate_context+0xae0/0xae0
[ 2838.807522]  ? lock_is_held_type+0xd7/0x130
[ 2838.808116]  perf_release+0x33/0x40
[ 2838.808627]  __fput+0x272/0x9d0
[ 2838.809081]  ? perf_event_release_kernel+0x7f0/0x7f0
[ 2838.809812]  task_work_run+0xe2/0x1a0
[ 2838.810393]  exit_to_user_mode_prepare+0x199/0x1a0
[ 2838.811062]  syscall_exit_to_user_mode+0x19/0x50
[ 2838.811740]  do_syscall_64+0x48/0x90
[ 2838.812270]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2838.812995] RIP: 0033:0x7f750a30a72b
[ 2838.813529] Code: 0f 05 48 3d 00 f0 ff ff 77 45 c3 0f 1f 40 00 48 83 ec 18 89 7c 24 0c e8 63 fc ff ff 8b 7c 24 0c 41 89 c0 b8 03 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 35 44 89 c7 89 44 24 0c e8 a1 fc ff ff 8b 44
[ 2838.816046] RSP: 002b:00007ffc8fa2e8d0 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[ 2838.817058] RAX: 0000000000000000 RBX: 0000000000000004 RCX: 00007f750a30a72b
[ 2838.818011] RDX: 00007f750a46fa68 RSI: 0000000000000080 RDI: 0000000000000003
[ 2838.818961] RBP: 0000000000000000 R08: 0000000000000000 R09: 00007f750a46fa70
[ 2838.819914] R10: 00007ffc8fa2e9c0 R11: 0000000000000293 R12: 00000000002b5094
[ 2838.820843] R13: 00000000000003e8 R14: 00007f750a46af60 R15: 00000000002b4f14
[ 2838.821826]  </TASK>
09:04:22 executing program 1:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{&(0x7f0000000040)=""/35, 0x23}, {0x0, 0x2}, {&(0x7f0000000300)=""/165, 0xa5}], 0x3, 0x0, 0x3)

09:04:22 executing program 6:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{&(0x7f0000000040)=""/35, 0x23}, {0x0}, {&(0x7f0000000300)=""/165, 0xa5}], 0x3, 0xa5000000, 0x0)

09:04:22 executing program 3:
socketpair$unix(0x1, 0x5, 0x0, 0x0)
sendmsg$unix(0xffffffffffffffff, 0x0, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
pwritev(r0, &(0x7f0000000640)=[{&(0x7f00000002c0)="19", 0x1}], 0x1, 0x8000000, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0)
r2 = socket$inet6(0xa, 0x1, 0x0)
bind$inet6(r2, &(0x7f00000002c0)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c)
recvfrom(r2, &(0x7f00000003c0)=""/87, 0x20010397, 0x300, 0x0, 0x0)
sendfile(r2, r1, 0x0, 0xfffffdef)
readv(0xffffffffffffffff, &(0x7f0000000040), 0x0)
openat$cgroup_freezer_state(0xffffffffffffffff, 0x0, 0x2, 0x0)
close(0xffffffffffffffff)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000001540), 0xffffffffffffffff)
sendmsg$NL80211_CMD_STOP_AP(r3, &(0x7f0000001600)={0x0, 0x0, &(0x7f00000015c0)={&(0x7f0000001580)={0x1c, 0x0, 0x1, 0x0, 0x0, {{}, {@val={0x8}, @void}}}, 0x1c}}, 0x0)
getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000000040)={0x0, 0x0, <r4=>0x0}, &(0x7f0000000080)=0xc)
syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x2200)
r5 = getegid()
fsetxattr$system_posix_acl(r1, &(0x7f00000000c0)='system.posix_acl_access\x00', &(0x7f0000000140)={{}, {0x1, 0x4}, [{0x2, 0x2}], {0x4, 0x7}, [{0x8, 0x6}, {0x8, 0x0, r4}, {}, {}, {0x8, 0x3, r5}, {0x8, 0x0, r4}, {0x8, 0x1, r4}, {0x8, 0x4, r4}], {0x10, 0x2}, {0x20, 0x2}}, 0x6c, 0x3)

09:04:22 executing program 0:
perf_event_open$cgroup(&(0x7f0000000c00)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x101a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

[ 2854.273863] Call Trace:
[ 2854.274280]  <TASK>
[ 2854.274651]  ? x86_pmu_start+0x1c0/0x240
[ 2854.275224]  x86_pmu_enable+0x580/0xd90
[ 2854.275773]  ? amd_pmu_disable_virt+0xa0/0xa0
[ 2854.276398]  ctx_resched+0x2b9/0x3a0
[ 2854.276988]  __perf_install_in_context+0x285/0xa40
[ 2854.277674]  ? ctx_resched+0x3a0/0x3a0
[ 2854.278226]  remote_function+0x125/0x1b0
[ 2854.278850]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
09:04:22 executing program 7:
openat$sndseq(0xffffffffffffff9c, 0x0, 0x0)
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{0x0}, {&(0x7f0000000300)=""/165, 0xa5}], 0x2, 0x0, 0x7)

09:04:22 executing program 5:
socketpair$unix(0x1, 0x5, 0x0, 0x0)
sendmsg$unix(0xffffffffffffffff, 0x0, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
pwritev(r0, &(0x7f0000000640)=[{&(0x7f00000002c0)="19", 0x1}], 0x1, 0x8000000, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0)
r2 = socket$inet6(0xa, 0x1, 0x0)
bind$inet6(r2, &(0x7f00000002c0)={0xa, 0x4e20, 0x0, @dev={0xfe, 0x80, '\x00', 0xc}}, 0x1c)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c)
recvfrom(r2, &(0x7f00000003c0)=""/87, 0x20010397, 0x300, 0x0, 0x0)
sendfile(r2, r1, 0x0, 0xfffffdef)
readv(0xffffffffffffffff, &(0x7f0000000040), 0x0)
openat$cgroup_freezer_state(0xffffffffffffffff, 0x0, 0x2, 0x0)
close(0xffffffffffffffff)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000001540), 0xffffffffffffffff)
sendmsg$NL80211_CMD_STOP_AP(r3, &(0x7f0000001600)={0x0, 0x0, &(0x7f00000015c0)={&(0x7f0000001580)={0x1c, 0x0, 0x1, 0x0, 0x0, {{}, {@val={0x8}, @void}}}, 0x1c}}, 0x0)
getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000000040), &(0x7f0000000080)=0xc)
syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x2200)
r4 = memfd_secret(0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), r4)

09:04:22 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, 0x0)
sendmsg$unix(0xffffffffffffffff, 0x0, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
pwritev(r0, &(0x7f0000000640)=[{&(0x7f00000002c0)="19", 0x1}], 0x1, 0x8000000, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0)
r2 = socket$inet6(0xa, 0x1, 0x0)
bind$inet6(r2, &(0x7f00000002c0)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c)
recvfrom(r2, &(0x7f00000003c0)=""/87, 0x20010397, 0x300, 0x0, 0x0)
sendfile(r2, r1, 0x0, 0xfffffdef)
readv(0xffffffffffffffff, &(0x7f0000000040), 0x0)
openat$cgroup_freezer_state(0xffffffffffffffff, 0x0, 0x2, 0x0)
close(0xffffffffffffffff)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000001540), 0xffffffffffffffff)
sendmsg$NL80211_CMD_STOP_AP(r3, &(0x7f0000001600)={0x0, 0x0, &(0x7f00000015c0)={&(0x7f0000001580)={0x1c, 0x0, 0x1, 0x0, 0x0, {{}, {@val={0x8}, @void}}}, 0x1c}}, 0x0)
getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000000040)={0x0, 0x0, <r4=>0x0}, &(0x7f0000000080)=0xc)
syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x2200)
r5 = getegid()
fsetxattr$system_posix_acl(r1, &(0x7f00000000c0)='system.posix_acl_access\x00', &(0x7f0000000140)={{}, {0x1, 0x4}, [{0x2, 0x2}], {0x4, 0x7}, [{0x8, 0x6}, {0x8, 0x0, r4}, {}, {}, {0x8, 0x3, r5}, {0x8, 0x0, r4}, {0x8, 0x1, r4}, {0x8, 0x4, r4}], {0x10, 0x2}, {0x20, 0x2}}, 0x6c, 0x3)

09:04:22 executing program 2:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000080), r0)
sendmsg$NLBL_MGMT_C_ADD(r0, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x1, 0x700000000000000}, 0x0)

[ 2854.279644]  ? perf_duration_warn+0x40/0x40
[ 2854.280494]  generic_exec_single+0x203/0x300
[ 2854.281156]  smp_call_function_single+0x189/0x460
[ 2854.281894]  ? perf_duration_warn+0x40/0x40
[ 2854.282527]  ? generic_exec_single+0x300/0x300
[ 2854.283219]  ? perf_duration_warn+0x40/0x40
[ 2854.284147]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 2854.284901]  ? lock_is_held_type+0xd7/0x130
[ 2854.285521]  perf_install_in_context+0x4da/0x590
[ 2854.286183]  ? list_add_event+0xeb0/0xeb0
[ 2854.286796]  ? ctx_resched+0x3a0/0x3a0
[ 2854.287352]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 2854.288129]  ? exclusive_event_installable+0x254/0x320
[ 2854.288898]  __do_sys_perf_event_open+0x1bf0/0x3040
[ 2854.289620]  ? __up_read+0x192/0x710
[ 2854.290146]  ? perf_remove_from_context+0x260/0x260
[ 2854.290905]  ? up_write+0x460/0x460
[ 2854.291441]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2854.292170]  do_syscall_64+0x3b/0x90
[ 2854.292695]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2854.293418] RIP: 0033:0x7f750a357b19
[ 2854.293948] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2854.296500] RSP: 002b:00007f75078cd188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a
[ 2854.297583] RAX: ffffffffffffffda RBX: 00007f750a46af60 RCX: 00007f750a357b19
[ 2854.298652] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000c00
[ 2854.299657] RBP: 00007f750a3b1f6d R08: 0000000000000000 R09: 0000000000000000
[ 2854.300612] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000000
[ 2854.301601] R13: 00007ffc8fa2e86f R14: 00007f75078cd300 R15: 0000000000022000
[ 2854.302719]  </TASK>
[ 2854.316317] Call Trace:
[ 2854.316756]  <TASK>
[ 2854.317089]  x86_pmu_stop+0x149/0x330
[ 2854.317641]  x86_pmu_del+0x1be/0x610
[ 2854.318166]  event_sched_out+0x2ed/0xe80
[ 2854.319028]  __perf_remove_from_context+0x87/0xbe0
[ 2854.319740]  event_function+0x297/0x3d0
[ 2854.320297]  ? perf_uprobe_event_init+0x1c0/0x1c0
[ 2854.320991]  remote_function+0x125/0x1b0
[ 2854.321592]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 2854.322404]  ? perf_duration_warn+0x40/0x40
[ 2854.323026]  generic_exec_single+0x203/0x300
[ 2854.323650]  smp_call_function_single+0x189/0x460
[ 2854.324324]  ? perf_duration_warn+0x40/0x40
[ 2854.324935]  ? generic_exec_single+0x300/0x300
[ 2854.325559]  ? perf_duration_warn+0x40/0x40
[ 2854.326165]  ? lock_is_held_type+0xd7/0x130
[ 2854.326755]  event_function_call+0x3d0/0x430
[ 2854.327364]  ? perf_group_detach+0x11b0/0x11b0
[ 2854.327989]  ? perf_copy_attr+0x9c0/0x9c0
[ 2854.328558]  ? lock_release+0x3b2/0x6f0
[ 2854.329109]  ? perf_group_detach+0x11b0/0x11b0
[ 2854.329736]  ? perf_uprobe_event_init+0x1c0/0x1c0
[ 2854.330437]  ? _raw_spin_unlock_irq+0x1f/0x40
[ 2854.331068]  perf_remove_from_context+0x12e/0x260
[ 2854.331726]  perf_event_release_kernel+0x153/0x7f0
[ 2854.332406]  ? lockdep_hardirqs_on+0x79/0x100
[ 2854.333029]  ? perf_pmu_migrate_context+0xae0/0xae0
[ 2854.333694]  ? __fput+0x4fe/0x9d0
[ 2854.334178]  perf_release+0x33/0x40
[ 2854.334708]  __fput+0x272/0x9d0
[ 2854.335152]  ? perf_event_release_kernel+0x7f0/0x7f0
[ 2854.335848]  task_work_run+0xe2/0x1a0
[ 2854.336390]  exit_to_user_mode_prepare+0x199/0x1a0
[ 2854.337055]  syscall_exit_to_user_mode+0x19/0x50
[ 2854.337722]  do_syscall_64+0x48/0x90
[ 2854.338219]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2854.338933] RIP: 0033:0x7f750a30a72b
[ 2854.339429] Code: 0f 05 48 3d 00 f0 ff ff 77 45 c3 0f 1f 40 00 48 83 ec 18 89 7c 24 0c e8 63 fc ff ff 8b 7c 24 0c 41 89 c0 b8 03 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 35 44 89 c7 89 44 24 0c e8 a1 fc ff ff 8b 44
[ 2854.341981] RSP: 002b:00007ffc8fa2e8d0 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[ 2854.343092] RAX: 0000000000000000 RBX: 0000000000000004 RCX: 00007f750a30a72b
[ 2854.344136] RDX: 00007f750a46fa68 RSI: ffffffff8411f74e RDI: 0000000000000003
[ 2854.345119] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000001b30c2001c
[ 2854.346064] R10: 0000000000000f41 R11: 0000000000000293 R12: 00000000002b8d0f
[ 2854.347016] R13: 00000000000003e8 R14: 00007f750a46af60 R15: 00000000002b8cf8
[ 2854.347975]  ? syscall_exit_to_user_mode+0x1e/0x50
[ 2854.348635]  </TASK>
[ 2854.351534] Call Trace:
[ 2854.351945]  <TASK>
[ 2854.352248]  ? x86_pmu_start+0x1c0/0x240
[ 2854.352884]  x86_pmu_enable+0x580/0xd90
[ 2854.353517]  ? amd_pmu_disable_virt+0xa0/0xa0
[ 2854.354171]  ctx_resched+0x2b9/0x3a0
[ 2854.354793]  __perf_install_in_context+0x285/0xa40
[ 2854.355484]  ? ctx_resched+0x3a0/0x3a0
[ 2854.356061]  remote_function+0x125/0x1b0
[ 2854.356663]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 2854.357496]  ? perf_duration_warn+0x40/0x40
[ 2854.358128]  generic_exec_single+0x203/0x300
[ 2854.358955]  smp_call_function_single+0x189/0x460
[ 2854.359672]  ? perf_duration_warn+0x40/0x40
[ 2854.360268]  ? generic_exec_single+0x300/0x300
[ 2854.361023]  ? perf_duration_warn+0x40/0x40
[ 2854.361643]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 2854.362470]  ? lock_is_held_type+0xd7/0x130
[ 2854.363067]  perf_install_in_context+0x4da/0x590
[ 2854.363727]  ? list_add_event+0xeb0/0xeb0
[ 2854.364300]  ? ctx_resched+0x3a0/0x3a0
[ 2854.364858]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 2854.365622]  ? exclusive_event_installable+0x254/0x320
[ 2854.366382]  __do_sys_perf_event_open+0x1bf0/0x3040
[ 2854.367108]  ? perf_remove_from_context+0x260/0x260
[ 2854.367819]  ? xfd_validate_state+0x59/0x180
[ 2854.368458]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2854.369196]  do_syscall_64+0x3b/0x90
[ 2854.369723]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2854.370468] RIP: 0033:0x7f750a357b19
[ 2854.370979] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2854.373535] RSP: 002b:00007f75078cd188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a
09:04:22 executing program 1:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{&(0x7f0000000040)=""/35, 0x23}, {0x0, 0x2}, {&(0x7f0000000300)=""/165, 0xa5}], 0x3, 0x0, 0x4)

[ 2854.374653] RAX: ffffffffffffffda RBX: 00007f750a46af60 RCX: 00007f750a357b19
[ 2854.375769] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000c00
[ 2854.376870] RBP: 00007f750a3b1f6d R08: 0000000000000000 R09: 0000000000000000
[ 2854.377903] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000000
[ 2854.378950] R13: 00007ffc8fa2e86f R14: 00007f75078cd300 R15: 0000000000022000
[ 2854.379985]  </TASK>
[ 2854.382225] Call Trace:
[ 2854.382752]  <TASK>
[ 2854.383068]  x86_pmu_stop+0x149/0x330
[ 2854.383614]  x86_pmu_del+0x1be/0x610
[ 2854.384156]  event_sched_out+0x2ed/0xe80
[ 2854.384744]  __perf_remove_from_context+0x87/0xbe0
[ 2854.385444]  event_function+0x297/0x3d0
[ 2854.385987]  ? perf_uprobe_event_init+0x1c0/0x1c0
[ 2854.386694]  remote_function+0x125/0x1b0
[ 2854.387242]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 2854.388040]  ? perf_duration_warn+0x40/0x40
[ 2854.388631]  generic_exec_single+0x203/0x300
[ 2854.389276]  smp_call_function_single+0x189/0x460
[ 2854.389937]  ? perf_duration_warn+0x40/0x40
[ 2854.390553]  ? generic_exec_single+0x300/0x300
[ 2854.391181]  ? perf_duration_warn+0x40/0x40
[ 2854.391807]  ? lock_is_held_type+0xd7/0x130
09:04:22 executing program 6:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{&(0x7f0000000040)=""/35, 0x23}, {0x0}, {&(0x7f0000000300)=""/165, 0xa5}], 0x3, 0xbf000000, 0x0)

[ 2854.392494]  event_function_call+0x3d0/0x430
[ 2854.393501]  ? perf_group_detach+0x11b0/0x11b0
[ 2854.394096]  ? perf_copy_attr+0x9c0/0x9c0
[ 2854.394686]  ? lock_release+0x3b2/0x6f0
[ 2854.395245]  ? perf_group_detach+0x11b0/0x11b0
[ 2854.395917]  ? perf_uprobe_event_init+0x1c0/0x1c0
[ 2854.396576]  ? _raw_spin_unlock_irq+0x1f/0x40
[ 2854.397218]  perf_remove_from_context+0x12e/0x260
[ 2854.397919]  perf_event_release_kernel+0x153/0x7f0
[ 2854.399193]  ? lock_is_held_type+0xd7/0x130
[ 2854.399668]  ? perf_pmu_migrate_context+0xae0/0xae0
[ 2854.400198]  ? lock_is_held_type+0xd7/0x130
[ 2854.400659]  perf_release+0x33/0x40
[ 2854.401047]  __fput+0x272/0x9d0
[ 2854.401403]  ? perf_event_release_kernel+0x7f0/0x7f0
[ 2854.401948]  task_work_run+0xe2/0x1a0
[ 2854.402395]  exit_to_user_mode_prepare+0x199/0x1a0
[ 2854.402916]  syscall_exit_to_user_mode+0x19/0x50
[ 2854.403418]  do_syscall_64+0x48/0x90
[ 2854.403814]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2854.404357] RIP: 0033:0x7f750a30a72b
[ 2854.404762] Code: 0f 05 48 3d 00 f0 ff ff 77 45 c3 0f 1f 40 00 48 83 ec 18 89 7c 24 0c e8 63 fc ff ff 8b 7c 24 0c 41 89 c0 b8 03 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 35 44 89 c7 89 44 24 0c e8 a1 fc ff ff 8b 44
[ 2854.406937] RSP: 002b:00007ffc8fa2e8d0 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[ 2854.407987] RAX: 0000000000000000 RBX: 0000000000000004 RCX: 00007f750a30a72b
[ 2854.409037] RDX: 00007f750a46fa68 RSI: 0000000000000080 RDI: 0000000000000003
[ 2854.410098] RBP: 0000000000000000 R08: 0000000000000000 R09: 00007f750a46fa70
[ 2854.411282] R10: 00007ffc8fa2e9c0 R11: 0000000000000293 R12: 00000000002b8d7b
[ 2854.412292] R13: 00000000000003e8 R14: 00007f750a46af60 R15: 00000000002b8cf8
[ 2854.413378]  </TASK>
09:04:22 executing program 5:
socketpair$unix(0x1, 0x5, 0x0, 0x0)
sendmsg$unix(0xffffffffffffffff, 0x0, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
pwritev(r0, &(0x7f0000000640)=[{&(0x7f00000002c0)="19", 0x1}], 0x1, 0x8000000, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0)
r2 = socket$inet6(0xa, 0x1, 0x0)
bind$inet6(r2, &(0x7f00000002c0)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c)
recvfrom(r2, &(0x7f00000003c0)=""/87, 0x20010397, 0x300, 0x0, 0x0)
sendfile(r2, r1, 0x0, 0xfffffdef)
readv(0xffffffffffffffff, &(0x7f0000000040), 0x0)
openat$cgroup_freezer_state(0xffffffffffffffff, 0x0, 0x2, 0x0)
close(0xffffffffffffffff)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000001540), 0xffffffffffffffff)
sendmsg$NL80211_CMD_STOP_AP(r3, &(0x7f0000001600)={0x0, 0x0, &(0x7f00000015c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="1c000000", @ANYRES16=0x0, @ANYBLOB="010000000000000000001000000008000300", @ANYRES32=0x0, @ANYBLOB="ecf9b16126489bf0e03fcbaa4524053ccce58538e6f034497f0eadcfada6a27ad5cd696e02402efb6dbd4a7926180eab53e6ec27a41b02a2e54ec527ccae5078d37ad995e6618277cddf9783582faca8f4d5dcfee915582c1aefe03596504f9c8d7bb1c1a3a20b5f1c41474fd42f2c6c3d2e70b9dbc8e98114cab106904222238fcf0790"], 0x1c}}, 0x0)
getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000000040), &(0x7f0000000080)=0xc)
syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x2200)

09:04:22 executing program 7:
openat$sndseq(0xffffffffffffff9c, 0x0, 0x0)
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{0x0}, {&(0x7f0000000300)=""/165, 0xa5}], 0x2, 0x0, 0xa)

09:04:22 executing program 2:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000080), r0)
sendmsg$NLBL_MGMT_C_ADD(r0, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x1, 0x700000000000000}, 0x0)

09:04:22 executing program 6:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{&(0x7f0000000040)=""/35, 0x23}, {0x0}, {&(0x7f0000000300)=""/165, 0xa5}], 0x3, 0xddefff7f, 0x0)

09:04:22 executing program 7:
openat$sndseq(0xffffffffffffff9c, 0x0, 0x0)
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{0x0}, {&(0x7f0000000300)=""/165, 0xa5}], 0x2, 0x0, 0x10)

09:04:22 executing program 1:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{&(0x7f0000000040)=""/35, 0x23}, {0x0, 0x2}, {&(0x7f0000000300)=""/165, 0xa5}], 0x3, 0x0, 0x5)

[ 2870.068696] Call Trace:
[ 2870.069198]  <TASK>
[ 2870.069533]  ? x86_pmu_start+0x1c0/0x240
[ 2870.070128]  x86_pmu_enable+0x580/0xd90
09:04:38 executing program 4:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{&(0x7f0000000040)=""/35, 0x23}, {0x0}, {&(0x7f0000000300)=""/165, 0xa5}], 0x3, 0x5000000, 0x0)

09:04:38 executing program 3:
openat$sndseq(0xffffffffffffff9c, 0x0, 0x0)
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{0x0}, {&(0x7f0000000300)=""/165, 0xa5}], 0x2, 0x7ffff000, 0x0)

09:04:38 executing program 5:
socketpair$unix(0x1, 0x5, 0x0, 0x0)
sendmsg$unix(0xffffffffffffffff, 0x0, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
pwritev(r0, &(0x7f0000000640)=[{&(0x7f00000002c0)="19", 0x1}], 0x1, 0x8000000, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0)
r2 = socket$inet6(0xa, 0x1, 0x0)
bind$inet6(r2, &(0x7f00000002c0)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c)
recvfrom(r2, &(0x7f00000003c0)=""/87, 0x20010397, 0x300, 0x0, 0x0)
sendfile(r2, r1, 0x0, 0xfffffdef)
readv(0xffffffffffffffff, &(0x7f0000000040), 0x0)
openat$cgroup_freezer_state(0xffffffffffffffff, 0x0, 0x2, 0x0)
close(0xffffffffffffffff)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000001540), 0xffffffffffffffff)
sendmsg$NL80211_CMD_STOP_AP(r3, &(0x7f0000001600)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000001580)={0x1c, 0x0, 0x1, 0x0, 0x0, {{}, {@val={0x8}, @void}}}, 0x1c}}, 0x0)
getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000000040), &(0x7f0000000080)=0xc)
syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x2200)

09:04:38 executing program 6:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{&(0x7f0000000040)=""/35, 0x23}, {0x0}, {&(0x7f0000000300)=""/165, 0xa5}], 0x3, 0xffffff7f, 0x0)

09:04:38 executing program 0:
perf_event_open$cgroup(&(0x7f0000000c00)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x101b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

[ 2870.070791]  ? amd_pmu_disable_virt+0xa0/0xa0
[ 2870.071689]  ctx_resched+0x2b9/0x3a0
[ 2870.072183]  __perf_install_in_context+0x285/0xa40
[ 2870.072826]  ? ctx_resched+0x3a0/0x3a0
[ 2870.073330]  remote_function+0x125/0x1b0
[ 2870.073861]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 2870.074580]  ? perf_duration_warn+0x40/0x40
[ 2870.075176]  generic_exec_single+0x203/0x300
[ 2870.075740]  smp_call_function_single+0x189/0x460
[ 2870.076379]  ? perf_duration_warn+0x40/0x40
[ 2870.076954]  ? generic_exec_single+0x300/0x300
[ 2870.077564]  ? perf_duration_warn+0x40/0x40
[ 2870.078150]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 2870.078916]  ? lock_is_held_type+0xd7/0x130
[ 2870.079490]  perf_install_in_context+0x4da/0x590
[ 2870.080140]  ? list_add_event+0xeb0/0xeb0
[ 2870.080705]  ? ctx_resched+0x3a0/0x3a0
[ 2870.081232]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 2870.081960]  ? exclusive_event_installable+0x254/0x320
[ 2870.082733]  __do_sys_perf_event_open+0x1bf0/0x3040
[ 2870.083402]  ? __up_read+0x192/0x710
[ 2870.083902]  ? perf_remove_from_context+0x260/0x260
[ 2870.084595]  ? up_write+0x460/0x460
[ 2870.085083]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2870.085797]  do_syscall_64+0x3b/0x90
[ 2870.086282]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2870.086988] RIP: 0033:0x7f750a357b19
[ 2870.087474] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2870.089950] RSP: 002b:00007f75078cd188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a
[ 2870.091023] RAX: ffffffffffffffda RBX: 00007f750a46af60 RCX: 00007f750a357b19
[ 2870.091989] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000c00
[ 2870.092931] RBP: 00007f750a3b1f6d R08: 0000000000000000 R09: 0000000000000000
[ 2870.093858] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000000
[ 2870.094903] R13: 00007ffc8fa2e86f R14: 00007f75078cd300 R15: 0000000000022000
[ 2870.095894]  </TASK>
09:04:38 executing program 2:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000080), r0)
sendmsg$NLBL_MGMT_C_ADD(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={0x0}, 0x1, 0x700000000000000}, 0x0)

09:04:38 executing program 1:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{&(0x7f0000000040)=""/35, 0x23}, {0x0, 0x2}, {&(0x7f0000000300)=""/165, 0xa5}], 0x3, 0x0, 0x6)

09:04:38 executing program 7:
openat$sndseq(0xffffffffffffff9c, 0x0, 0x0)
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{0x0}, {&(0x7f0000000300)=""/165, 0xa5}], 0x2, 0x0, 0x48)

[ 2870.138013] Call Trace:
[ 2870.138522]  <TASK>
[ 2870.138934]  x86_pmu_stop+0x149/0x330
[ 2870.139500]  x86_pmu_del+0x1be/0x610
[ 2870.139997]  event_sched_out+0x2ed/0xe80
[ 2870.140580]  __perf_remove_from_context+0x87/0xbe0
[ 2870.141291]  event_function+0x297/0x3d0
09:04:38 executing program 4:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{&(0x7f0000000040)=""/35, 0x23}, {0x0}, {&(0x7f0000000300)=""/165, 0xa5}], 0x3, 0x5000000, 0x0)

[ 2870.141871]  ? perf_uprobe_event_init+0x1c0/0x1c0
[ 2870.142913]  remote_function+0x125/0x1b0
[ 2870.143483]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 2870.144334]  ? perf_duration_warn+0x40/0x40
[ 2870.144934]  generic_exec_single+0x203/0x300
[ 2870.145548]  smp_call_function_single+0x189/0x460
[ 2870.146295]  ? perf_duration_warn+0x40/0x40
[ 2870.146932]  ? generic_exec_single+0x300/0x300
[ 2870.147565]  ? perf_duration_warn+0x40/0x40
[ 2870.148187]  ? lock_is_held_type+0xd7/0x130
[ 2870.148841]  event_function_call+0x3d0/0x430
[ 2870.149629]  ? perf_group_detach+0x11b0/0x11b0
[ 2870.150376]  ? perf_copy_attr+0x9c0/0x9c0
[ 2870.151022]  ? lock_release+0x3b2/0x6f0
[ 2870.151566]  ? perf_group_detach+0x11b0/0x11b0
[ 2870.152197]  ? perf_uprobe_event_init+0x1c0/0x1c0
[ 2870.152861]  ? _raw_spin_unlock_irq+0x1f/0x40
[ 2870.153461]  perf_remove_from_context+0x12e/0x260
[ 2870.154110]  perf_event_release_kernel+0x153/0x7f0
[ 2870.154815]  ? lock_is_held_type+0xd7/0x130
[ 2870.155478]  ? perf_pmu_migrate_context+0xae0/0xae0
[ 2870.156312]  ? lock_is_held_type+0xd7/0x130
[ 2870.156931]  perf_release+0x33/0x40
[ 2870.157426]  __fput+0x272/0x9d0
[ 2870.157847]  ? perf_event_release_kernel+0x7f0/0x7f0
[ 2870.158518]  task_work_run+0xe2/0x1a0
[ 2870.159052]  exit_to_user_mode_prepare+0x199/0x1a0
[ 2870.159702]  syscall_exit_to_user_mode+0x19/0x50
[ 2870.160337]  do_syscall_64+0x48/0x90
[ 2870.160838]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2870.161572] RIP: 0033:0x7f750a30a72b
[ 2870.162115] Code: 0f 05 48 3d 00 f0 ff ff 77 45 c3 0f 1f 40 00 48 83 ec 18 89 7c 24 0c e8 63 fc ff ff 8b 7c 24 0c 41 89 c0 b8 03 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 35 44 89 c7 89 44 24 0c e8 a1 fc ff ff 8b 44
[ 2870.164683] RSP: 002b:00007ffc8fa2e8d0 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[ 2870.165708] RAX: 0000000000000000 RBX: 0000000000000004 RCX: 00007f750a30a72b
[ 2870.166693] RDX: 00007f750a46fa68 RSI: ffffffff8411f74e RDI: 0000000000000003
[ 2870.167656] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000001b30c2001c
[ 2870.168598] R10: 0000000000000f41 R11: 0000000000000293 R12: 00000000002bcac2
[ 2870.169591] R13: 00000000000003e8 R14: 00007f750a46af60 R15: 00000000002bcac1
[ 2870.170586]  ? syscall_exit_to_user_mode+0x1e/0x50
[ 2870.171296]  </TASK>
09:04:38 executing program 6:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{&(0x7f0000000040)=""/35, 0x23}, {0x0}, {&(0x7f0000000300)=""/165, 0xa5}], 0x3, 0x0, 0x0)

09:04:38 executing program 2:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000080), r0)
sendmsg$NLBL_MGMT_C_ADD(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={0x0}, 0x1, 0x700000000000000}, 0x0)

09:04:38 executing program 1:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{&(0x7f0000000040)=""/35, 0x23}, {0x0, 0x2}, {&(0x7f0000000300)=""/165, 0xa5}], 0x3, 0x0, 0x7)

09:04:38 executing program 3:
semget$private(0x0, 0x4, 0x474)
semctl$SEM_STAT_ANY(0xffffffffffffffff, 0x6, 0x14, &(0x7f0000000000)=""/173)
r0 = semget$private(0x0, 0x1, 0x0)
semctl$GETNCNT(r0, 0x2, 0xe, &(0x7f00000000c0)=""/4096)

[ 2870.211847] Call Trace:
[ 2870.212246]  <IRQ>
[ 2870.212542]  ? x86_pmu_start+0x1c0/0x240
[ 2870.213190]  x86_pmu_enable+0x580/0xd90
[ 2870.213810]  ? amd_pmu_disable_virt+0xa0/0xa0
[ 2870.214410]  ctx_resched+0x2b9/0x3a0
[ 2870.214975]  __perf_install_in_context+0x285/0xa40
[ 2870.215626]  ? __irq_exit_rcu+0x113/0x170
[ 2870.216196]  ? ctx_resched+0x3a0/0x3a0
[ 2870.216710]  remote_function+0x125/0x1b0
[ 2870.217299]  flush_smp_call_function_queue+0x1df/0x610
[ 2870.218062]  ? perf_duration_warn+0x40/0x40
[ 2870.218689]  __sysvec_call_function_single+0x92/0x3a0
[ 2870.219415]  sysvec_call_function_single+0x89/0xc0
[ 2870.220072]  </IRQ>
[ 2870.220385]  <TASK>
[ 2870.220683]  asm_sysvec_call_function_single+0x12/0x20
[ 2870.221423] RIP: 0010:__sanitizer_cov_trace_const_cmp4+0xe/0x70
[ 2870.222254] Code: 00 48 89 7c 30 e8 48 89 4c 30 f0 4c 89 54 d8 20 48 89 10 5b c3 0f 1f 80 00 00 00 00 41 89 f8 bf 03 00 00 00 89 f1 4c 8b 14 24 <65> 48 8b 34 25 40 6f 02 00 e8 74 fa ff ff 84 c0 74 4b 48 8b 86 48
[ 2870.224672] RSP: 0018:ffff888040417748 EFLAGS: 00000202
[ 2870.225390] RAX: 1ffffd40001bb031 RBX: ffff88803ff01b70 RCX: 0000000000000001
[ 2870.226375] RDX: ffff88800fa20000 RSI: 0000000000000001 RDI: 0000000000000003
[ 2870.227412] RBP: ffffea0000dd8180 R08: 0000000000000000 R09: 0000000000000000
[ 2870.228362] R10: ffffffff816740bb R11: 0000000000000000 R12: 0000000000000001
[ 2870.229315] R13: ffffea0000dd8188 R14: dffffc0000000000 R15: ffff888040417a28
[ 2870.230309]  ? unmap_page_range+0x12fb/0x2680
[ 2870.230933]  unmap_page_range+0x12fb/0x2680
[ 2870.231535]  ? vm_normal_page+0x2e0/0x2e0
[ 2870.232105]  ? lock_release+0x3b2/0x6f0
[ 2870.232621]  ? lock_downgrade+0x6d0/0x6d0
[ 2870.233196]  ? uprobe_munmap+0x1c/0x560
[ 2870.233763]  unmap_single_vma+0x198/0x310
[ 2870.234338]  unmap_vmas+0x16b/0x2f0
[ 2870.234888]  ? lock_downgrade+0x6d0/0x6d0
[ 2870.235428]  ? unmap_mapping_range+0x280/0x280
[ 2870.236028]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 2870.236760]  exit_mmap+0x192/0x460
[ 2870.237226]  ? do_munmap+0x40/0x40
[ 2870.237698]  ? delayed_uprobe_remove+0x27/0x230
[ 2870.238309]  mmput+0xc8/0x380
[ 2870.238740]  do_exit+0xa0a/0x27e0
[ 2870.239191]  ? find_held_lock+0x2c/0x110
[ 2870.239781]  ? lock_release+0x3b2/0x6f0
[ 2870.240336]  ? mm_update_next_owner+0x7d0/0x7d0
[ 2870.241013]  ? lock_downgrade+0x6d0/0x6d0
[ 2870.241575]  ? lock_is_held_type+0xd7/0x130
[ 2870.242152]  do_group_exit+0xd2/0x2f0
[ 2870.242734]  get_signal+0x2303/0x2350
[ 2870.243230]  ? signal_setup_done+0x520/0x520
[ 2870.243810]  arch_do_signal_or_restart+0x88/0x1a40
[ 2870.244453]  ? do_futex+0x136/0x380
[ 2870.244923]  ? __ia32_compat_sys_get_robust_list+0x3b0/0x3b0
[ 2870.245671]  ? get_sigframe_size+0x10/0x10
[ 2870.246259]  ? lockdep_hardirqs_on+0x79/0x100
[ 2870.246948]  ? __sanitizer_cov_trace_cmp4+0x1c/0x70
[ 2870.247617]  ? ktime_get+0x153/0x1f0
[ 2870.248102]  ? __x64_sys_futex+0x1c6/0x4c0
[ 2870.248658]  ? __x64_sys_futex_time32+0x480/0x480
[ 2870.249288]  exit_to_user_mode_prepare+0x131/0x1a0
[ 2870.249951]  syscall_exit_to_user_mode+0x19/0x50
[ 2870.250627]  do_syscall_64+0x48/0x90
[ 2870.251130]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2870.251786] RIP: 0033:0x7fd83d5f0b19
[ 2870.252257] Code: Unable to access opcode bytes at RIP 0x7fd83d5f0aef.
[ 2870.253108] RSP: 002b:00007ffd342fb1b8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 2870.254161] RAX: fffffffffffffdfc RBX: 0000000000000032 RCX: 00007fd83d5f0b19
[ 2870.255142] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007fd83d703f6c
[ 2870.256058] RBP: 00007fd83d703f6c R08: 00007ffd3432a080 R09: 0000000000000000
[ 2870.257062] R10: 00007ffd342fb290 R11: 0000000000000246 R12: 00000000002bcb2b
[ 2870.258002] R13: 00000000000003e8 R14: 00007fd83d703f60 R15: 00000000002bcaea
[ 2870.258989]  </TASK>
09:04:38 executing program 7:
openat$sndseq(0xffffffffffffff9c, 0x0, 0x0)
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{0x0}, {&(0x7f0000000300)=""/165, 0xa5}], 0x2, 0x0, 0x4c)

09:04:38 executing program 4:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{&(0x7f0000000040)=""/35, 0x23}, {0x0}, {&(0x7f0000000300)=""/165, 0xa5}], 0x3, 0x5000000, 0x0)

09:04:38 executing program 3:
r0 = syz_open_dev$sg(&(0x7f00000007c0), 0x0, 0x0)
ioctl$SG_SET_COMMAND_Q(r0, 0x2271, 0x0)
r1 = syz_open_dev$vcsa(&(0x7f0000000000), 0x8, 0x224840)
ioctl$SCSI_IOCTL_GET_IDLUN(r1, 0x5382, &(0x7f0000000040))

[ 2870.403397] Call Trace:
[ 2870.403831]  <IRQ>
[ 2870.404117]  x86_pmu_stop+0x149/0x330
[ 2870.404619]  x86_pmu_del+0x1be/0x610
[ 2870.405097]  event_sched_out+0x2ed/0xe80
[ 2870.405617]  __perf_remove_from_context+0x87/0xbe0
[ 2870.406247]  event_function+0x297/0x3d0
[ 2870.406771]  ? perf_uprobe_event_init+0x1c0/0x1c0
[ 2870.407462]  remote_function+0x125/0x1b0
[ 2870.408020]  flush_smp_call_function_queue+0x1df/0x610
[ 2870.408703]  ? perf_duration_warn+0x40/0x40
[ 2870.409264]  __sysvec_call_function_single+0x92/0x3a0
[ 2870.409925]  sysvec_call_function_single+0x89/0xc0
[ 2870.410567]  </IRQ>
[ 2870.410904]  <TASK>
[ 2870.411215]  asm_sysvec_call_function_single+0x12/0x20
[ 2870.411954] RIP: 0010:unwind_get_return_address+0x1a/0x90
[ 2870.412720] Code: 36 65 00 eb 80 66 66 2e 0f 1f 84 00 00 00 00 00 48 b8 00 00 00 00 00 fc ff df 48 89 fa 55 48 c1 ea 03 53 48 89 fb 0f b6 04 02 <84> c0 74 04 3c 03 7e 51 8b 03 85 c0 75 05 31 c0 5b 5d c3 48 b8 00
[ 2870.415256] RSP: 0018:ffff88800c9bf8d8 EFLAGS: 00000216
[ 2870.415991] RAX: 0000000000000000 RBX: ffff88800c9bf8f0 RCX: 0000000000000000
[ 2870.416985] RDX: 1ffff11001937f1e RSI: ffff88800c9bfcc8 RDI: ffff88800c9bf8f0
[ 2870.417963] RBP: ffff88800c9bf988 R08: ffffffff85c9dd76 R09: ffffffff85c9dd7a
[ 2870.419022] R10: ffffed1001937f2b R11: 000000000003403b R12: ffff88800c9bf9b8
[ 2870.419966] R13: 0000000000000000 R14: ffff88800db1b580 R15: ffff888008042aa0
[ 2870.420897]  ? create_prof_cpu_mask+0x20/0x20
[ 2870.421503]  arch_stack_walk+0x99/0xf0
[ 2870.422026]  ? security_sk_free+0x44/0x80
[ 2870.422629]  ? security_sk_free+0x44/0x80
[ 2870.423217]  stack_trace_save+0x8c/0xc0
[ 2870.423780]  ? filter_irq_stacks+0x90/0x90
[ 2870.424382]  ? __stack_depot_save+0x35/0x450
[ 2870.425018]  kasan_save_stack+0x1e/0x40
[ 2870.425552]  ? kasan_save_stack+0x1e/0x40
[ 2870.426135]  ? __kasan_record_aux_stack+0x97/0xa0
[ 2870.426868]  ? call_rcu+0x6a/0xa20
[ 2870.427353]  ? kfree+0x1b2/0x410
[ 2870.427832]  ? mark_lock.part.0+0xef/0x2f60
[ 2870.428452]  ? lockdep_hardirqs_on_prepare+0x400/0x400
[ 2870.429192]  ? lock_chain_count+0x20/0x20
[ 2870.429788]  ? lock_is_held_type+0xd7/0x130
[ 2870.430391]  ? find_held_lock+0x2c/0x110
[ 2870.430969]  ? lock_release+0x3b2/0x6f0
[ 2870.431523]  ? __delete_object+0xb3/0x100
[ 2870.432110]  ? mark_held_locks+0x9e/0xe0
[ 2870.432677]  __kasan_record_aux_stack+0x97/0xa0
[ 2870.433294]  ? hugetlb_cgroup_migrate+0xf70/0xf70
[ 2870.433961]  call_rcu+0x6a/0xa20
[ 2870.434447]  ? _raw_spin_unlock_irqrestore+0x33/0x50
[ 2870.435134]  ? security_sk_free+0x44/0x80
[ 2870.435659]  kfree+0x1b2/0x410
[ 2870.436069]  security_sk_free+0x44/0x80
[ 2870.436615]  __sk_destruct+0x539/0x810
[ 2870.437205]  sk_destruct+0x131/0x180
[ 2870.437753]  __sk_free+0xef/0x3d0
[ 2870.438252]  sk_free+0x78/0xa0
[ 2870.438755]  tcp_close+0x98/0xc0
[ 2870.439204]  inet_release+0xe9/0x1f0
[ 2870.439728]  inet6_release+0x4c/0x70
[ 2870.440257]  __sock_release+0xd2/0x290
[ 2870.440760]  sock_close+0x18/0x20
[ 2870.441234]  __fput+0x272/0x9d0
[ 2870.441710]  ? __sock_release+0x290/0x290
[ 2870.442299]  task_work_run+0xe2/0x1a0
[ 2870.442879]  exit_to_user_mode_prepare+0x199/0x1a0
[ 2870.443568]  syscall_exit_to_user_mode+0x19/0x50
[ 2870.444246]  do_syscall_64+0x48/0x90
[ 2870.444757]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2870.445466] RIP: 0033:0x7f7e5482f72b
[ 2870.445987] Code: 0f 05 48 3d 00 f0 ff ff 77 45 c3 0f 1f 40 00 48 83 ec 18 89 7c 24 0c e8 63 fc ff ff 8b 7c 24 0c 41 89 c0 b8 03 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 35 44 89 c7 89 44 24 0c e8 a1 fc ff ff 8b 44
[ 2870.448618] RSP: 002b:00007fffa39f9180 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[ 2870.449669] RAX: 0000000000000000 RBX: 00007fffa39f9220 RCX: 00007f7e5482f72b
[ 2870.450715] RDX: 0000000000000000 RSI: 000000814f09a1b8 RDI: 0000000000000003
[ 2870.451849] RBP: 0000000000000003 R08: 0000000000000000 R09: fefefefeff646b66
[ 2870.452879] R10: 0000000000000010 R11: 0000000000000293 R12: 0000000000000032
[ 2870.453776] R13: 0000000000000000 R14: 0000000000000004 R15: 00007fffa39f9260
[ 2870.454770]  </TASK>
09:04:53 executing program 3:
r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000000100)=<r1=>0x0, &(0x7f0000000380)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000280)=@IORING_OP_SYNC_FILE_RANGE, 0x0)
syz_io_uring_setup(0x1bb6, &(0x7f0000000180)={0x0, 0x724d, 0x20, 0x2, 0x2f5, 0x0, r0}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000002c0), &(0x7f0000000300))
syz_io_uring_setup(0x1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100)=<r3=>0x0, &(0x7f0000000140))
r4 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
syz_io_uring_submit(r3, r2, &(0x7f0000000080)=@IORING_OP_CONNECT={0x10, 0x0, 0x0, r4, 0x80, &(0x7f0000000000)=@can}, 0x0)
io_uring_enter(r0, 0x100001, 0x0, 0x0, 0x0, 0x0)

09:04:53 executing program 2:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000080), r0)
sendmsg$NLBL_MGMT_C_ADD(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={0x0}, 0x1, 0x700000000000000}, 0x0)

09:04:53 executing program 0:
perf_event_open$cgroup(&(0x7f0000000c00)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x101c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

[ 2885.415409] Call Trace:
[ 2885.415817]  <TASK>
[ 2885.416105]  ? x86_pmu_start+0x1c0/0x240
[ 2885.416650]  x86_pmu_enable+0x580/0xd90
[ 2885.417162]  ? amd_pmu_disable_virt+0xa0/0xa0
[ 2885.417752]  ctx_resched+0x2b9/0x3a0
[ 2885.418244]  __perf_install_in_context+0x285/0xa40
[ 2885.418900]  ? ctx_resched+0x3a0/0x3a0
[ 2885.419404]  remote_function+0x125/0x1b0
[ 2885.419933]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 2885.420637]  ? perf_duration_warn+0x40/0x40
[ 2885.421200]  generic_exec_single+0x203/0x300
[ 2885.421769]  smp_call_function_single+0x189/0x460
[ 2885.422395]  ? perf_duration_warn+0x40/0x40
[ 2885.422995]  ? generic_exec_single+0x300/0x300
[ 2885.423587]  ? perf_duration_warn+0x40/0x40
[ 2885.424152]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 2885.424990]  ? lock_is_held_type+0xd7/0x130
[ 2885.425595]  perf_install_in_context+0x4da/0x590
[ 2885.426207]  ? list_add_event+0xeb0/0xeb0
[ 2885.426739]  ? ctx_resched+0x3a0/0x3a0
[ 2885.427260]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 2885.427968]  ? exclusive_event_installable+0x254/0x320
[ 2885.428657]  __do_sys_perf_event_open+0x1bf0/0x3040
[ 2885.429279]  ? __up_read+0x192/0x710
[ 2885.429740]  ? perf_remove_from_context+0x260/0x260
[ 2885.430355]  ? up_write+0x460/0x460
[ 2885.430899]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2885.431633]  do_syscall_64+0x3b/0x90
[ 2885.432135]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2885.432803] RIP: 0033:0x7f750a357b19
[ 2885.433280] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2885.435649] RSP: 002b:00007f75078cd188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a
[ 2885.436625] RAX: ffffffffffffffda RBX: 00007f750a46af60 RCX: 00007f750a357b19
[ 2885.437539] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000c00
[ 2885.438450] RBP: 00007f750a3b1f6d R08: 0000000000000000 R09: 0000000000000000
[ 2885.439375] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000000
[ 2885.440289] R13: 00007ffc8fa2e86f R14: 00007f75078cd300 R15: 0000000000022000
[ 2885.441221]  </TASK>
09:04:53 executing program 7:
openat$sndseq(0xffffffffffffff9c, 0x0, 0x0)
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{0x0}, {&(0x7f0000000300)=""/165, 0xa5}], 0x2, 0x0, 0x68)

09:04:53 executing program 6:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{&(0x7f0000000040)=""/35, 0x23}, {0x0}, {&(0x7f0000000300)=""/165, 0xa5}], 0x3, 0x0, 0x2)

09:04:53 executing program 1:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{&(0x7f0000000040)=""/35, 0x23}, {0x0, 0x2}, {&(0x7f0000000300)=""/165, 0xa5}], 0x3, 0x0, 0xa)

09:04:53 executing program 5:
socketpair$unix(0x1, 0x5, 0x0, 0x0)
sendmsg$unix(0xffffffffffffffff, 0x0, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
pwritev(r0, &(0x7f0000000640)=[{&(0x7f00000002c0)="19", 0x1}], 0x1, 0x8000000, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0)
r2 = socket$inet6(0xa, 0x1, 0x0)
bind$inet6(r2, &(0x7f00000002c0)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c)
setxattr$security_ima(&(0x7f00000000c0)='./file1/file0\x00', &(0x7f0000000140), &(0x7f0000000180)=@sha1={0x1, "1bf3cbe0b75fa478d86c6242c84513d07a1a3bf8"}, 0x15, 0x3)
recvfrom(r2, &(0x7f00000003c0)=""/87, 0x20010397, 0x300, 0x0, 0x0)
sendfile(r2, r1, 0x0, 0xfffffdef)
readv(0xffffffffffffffff, &(0x7f0000000040), 0x0)
openat$cgroup_freezer_state(0xffffffffffffffff, 0x0, 0x2, 0x0)
close(0xffffffffffffffff)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000001540), 0xffffffffffffffff)
sendmsg$NL80211_CMD_STOP_AP(r3, &(0x7f0000001600)={0x0, 0x0, &(0x7f00000015c0)={&(0x7f0000001580)={0x1c, 0x0, 0x1, 0x0, 0x0, {{}, {@val={0x8}, @void}}}, 0x1c}}, 0x0)
getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000000040), &(0x7f0000000080)=0xc)
syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x2200)

09:04:53 executing program 4:
openat$sndseq(0xffffffffffffff9c, 0x0, 0x0)
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{0x0}, {&(0x7f0000000300)=""/165, 0xa5}], 0x2, 0x0, 0x4c)

09:04:53 executing program 1:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{&(0x7f0000000040)=""/35, 0x23}, {0x0, 0x2}, {&(0x7f0000000300)=""/165, 0xa5}], 0x3, 0x0, 0x10)

09:04:53 executing program 2:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000080), r0)
sendmsg$NLBL_MGMT_C_ADD(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)={0x4c, 0x0, 0x1, 0x0, 0x0, {}, [@NLBL_MGMT_A_DOMAIN={0x6, 0x1, '%\x00'}, @NLBL_MGMT_A_IPV6ADDR={0x14, 0x5, @local}, @NLBL_MGMT_A_IPV6MASK={0x14, 0x6, @mcast1}, @NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x5}]}, 0x4c}, 0x1, 0x700000000000000}, 0x0)

09:04:53 executing program 4:
openat$sndseq(0xffffffffffffff9c, 0x0, 0x0)
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{0x0}, {&(0x7f0000000300)=""/165, 0xa5}], 0x2, 0x0, 0x4c)

09:04:53 executing program 6:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{&(0x7f0000000040)=""/35, 0x23}, {0x0}, {&(0x7f0000000300)=""/165, 0xa5}], 0x3, 0x0, 0x3)

09:04:53 executing program 7:
openat$sndseq(0xffffffffffffff9c, 0x0, 0x0)
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{0x0}, {&(0x7f0000000300)=""/165, 0xa5}], 0x2, 0x0, 0x6c)

[ 2885.564965] Call Trace:
[ 2885.565484]  <TASK>
[ 2885.565830]  x86_pmu_stop+0x149/0x330
[ 2885.566431]  x86_pmu_del+0x1be/0x610
[ 2885.566961]  event_sched_out+0x2ed/0xe80
[ 2885.567492]  __perf_remove_from_context+0x87/0xbe0
[ 2885.568135]  event_function+0x297/0x3d0
[ 2885.568657]  ? perf_uprobe_event_init+0x1c0/0x1c0
[ 2885.569282]  remote_function+0x125/0x1b0
[ 2885.569789]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 2885.570469]  ? perf_duration_warn+0x40/0x40
[ 2885.575129]  generic_exec_single+0x203/0x300
[ 2885.575635]  smp_call_function_single+0x189/0x460
[ 2885.576145]  ? perf_duration_warn+0x40/0x40
[ 2885.576607]  ? generic_exec_single+0x300/0x300
[ 2885.577082]  ? perf_duration_warn+0x40/0x40
[ 2885.577544]  ? lock_is_held_type+0xd7/0x130
[ 2885.577997]  event_function_call+0x3d0/0x430
[ 2885.578461]  ? perf_group_detach+0x11b0/0x11b0
[ 2885.578977]  ? perf_copy_attr+0x9c0/0x9c0
[ 2885.579412]  ? lock_release+0x3b2/0x6f0
[ 2885.579831]  ? perf_group_detach+0x11b0/0x11b0
[ 2885.580312]  ? perf_uprobe_event_init+0x1c0/0x1c0
[ 2885.580813]  ? _raw_spin_unlock_irq+0x1f/0x40
[ 2885.581282]  perf_remove_from_context+0x12e/0x260
[ 2885.581794]  perf_event_release_kernel+0x153/0x7f0
[ 2885.582304]  ? lock_is_held_type+0xd7/0x130
[ 2885.582754]  ? perf_pmu_migrate_context+0xae0/0xae0
[ 2885.583449]  ? lock_is_held_type+0xd7/0x130
[ 2885.583984]  perf_release+0x33/0x40
[ 2885.584433]  __fput+0x272/0x9d0
[ 2885.584833]  ? perf_event_release_kernel+0x7f0/0x7f0
[ 2885.585474]  task_work_run+0xe2/0x1a0
[ 2885.585993]  exit_to_user_mode_prepare+0x199/0x1a0
[ 2885.586664]  syscall_exit_to_user_mode+0x19/0x50
[ 2885.587453]  do_syscall_64+0x48/0x90
[ 2885.588033]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2885.588749] RIP: 0033:0x7f750a30a72b
[ 2885.589231] Code: 0f 05 48 3d 00 f0 ff ff 77 45 c3 0f 1f 40 00 48 83 ec 18 89 7c 24 0c e8 63 fc ff ff 8b 7c 24 0c 41 89 c0 b8 03 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 35 44 89 c7 89 44 24 0c e8 a1 fc ff ff 8b 44
[ 2885.591756] RSP: 002b:00007ffc8fa2e8d0 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[ 2885.592748] RAX: 0000000000000000 RBX: 0000000000000004 RCX: 00007f750a30a72b
[ 2885.593678] RDX: 00007f750a46fa68 RSI: ffffffff8411f74e RDI: 0000000000000003
[ 2885.594706] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000001b30c2001c
[ 2885.595689] R10: 0000000000000f41 R11: 0000000000000293 R12: 00000000002c06b4
[ 2885.596618] R13: 00000000000003e8 R14: 00007f750a46af60 R15: 00000000002c06b4
[ 2885.597604]  ? syscall_exit_to_user_mode+0x1e/0x50
[ 2885.598280]  </TASK>
09:04:53 executing program 3:
r0 = syz_open_dev$evdev(&(0x7f0000000000), 0x0, 0x0)
ioctl$EVIOCGLED(r0, 0x80404519, 0x0)
r1 = syz_open_dev$evdev(&(0x7f00000000c0), 0x3, 0x0)
syz_open_dev$evdev(&(0x7f0000000180), 0x800, 0x4001)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), 0xffffffffffffffff)
ioctl$EVIOCGMASK(r1, 0x80104592, &(0x7f0000000100)={0x5, 0x6c, &(0x7f0000000040)="34a67609bf3ee2f4ef83d686640b2dd6da0b4aef7f36b604168a5cc11ac01760a670c6b4634596e93938abd4c5529e9ad48b4fe0ed636c99b4fe1426d914c662e9fc9145bf7fda7b9ba3d703ab1334c98f533dda2a5b882466e8342085c924bb8037c06bc4fbb0b50fc52035"})
sendmsg$NL80211_CMD_SET_BEACON(0xffffffffffffffff, 0x0, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000002480), 0xffffffffffffffff)
r2 = openat$bsg(0xffffffffffffff9c, &(0x7f0000002600), 0x0, 0x0)
socketpair(0x0, 0x0, 0x0, 0x0)
sendmsg$NL80211_CMD_GET_POWER_SAVE(r2, &(0x7f0000002a00)={0x0, 0x0, 0x0}, 0x4040)
syz_genetlink_get_family_id$nl80211(&(0x7f0000002a80), 0xffffffffffffffff)

[ 2885.740842] Call Trace:
[ 2885.741295]  <IRQ>
[ 2885.741579]  ? x86_pmu_start+0x1c0/0x240
[ 2885.742109]  x86_pmu_enable+0x580/0xd90
[ 2885.742620]  ? amd_pmu_disable_virt+0xa0/0xa0
[ 2885.743220]  ctx_resched+0x2b9/0x3a0
[ 2885.743718]  __perf_install_in_context+0x285/0xa40
[ 2885.744368]  ? __irq_exit_rcu+0x113/0x170
[ 2885.744915]  ? ctx_resched+0x3a0/0x3a0
[ 2885.745431]  remote_function+0x125/0x1b0
[ 2885.745973]  flush_smp_call_function_queue+0x1df/0x610
[ 2885.746645]  ? perf_duration_warn+0x40/0x40
[ 2885.747223]  __sysvec_call_function_single+0x92/0x3a0
[ 2885.747891]  sysvec_call_function_single+0x89/0xc0
[ 2885.748520]  </IRQ>
[ 2885.748805]  <TASK>
[ 2885.749090]  asm_sysvec_call_function_single+0x12/0x20
[ 2885.749762] RIP: 0010:unwind_next_frame+0x131d/0x2250
[ 2885.750425] Code: 36 02 00 00 3c 04 0f 84 be f8 ff ff 84 c0 0f 85 9d f8 ff ff 48 b8 00 00 00 00 00 fc ff df 48 8b 14 24 48 c1 ea 03 80 3c 02 00 <0f> 85 f3 0e 00 00 4d 8b 6e 60 4d 85 ed 0f 84 27 f9 ff ff 48 b8 00
[ 2885.752831] RSP: 0018:ffff888015d8f4d8 EFLAGS: 00000246
[ 2885.753535] RAX: dffffc0000000000 RBX: 1ffff11002bb1ea4 RCX: 0000000000000001
[ 2885.754441] RDX: 1ffff11002bb1ec3 RSI: 0000000000000001 RDI: ffff888015d8f620
[ 2885.755365] RBP: 0000000000000001 R08: ffffffff85ff333c R09: ffffffff85ff3340
[ 2885.756265] R10: ffffed1002bb1ec4 R11: 000000000003403b R12: ffff888015d8f5fa
[ 2885.757173] R13: ffff888015d8f5f9 R14: ffff888015d8f5b8 R15: 00007fff3f1cb6d0
[ 2885.758104]  ? unwind_next_frame+0x1408/0x2250
[ 2885.758693]  ? entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2885.759405]  ? __is_insn_slot_addr+0x122/0x250
[ 2885.760004]  ? deref_stack_reg+0x150/0x150
[ 2885.760564]  ? entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2885.761262]  ? kernel_text_address+0xd/0xb0
[ 2885.761838]  ? create_prof_cpu_mask+0x20/0x20
[ 2885.762435]  arch_stack_walk+0x83/0xf0
[ 2885.762982]  stack_trace_save+0x8c/0xc0
[ 2885.763497]  ? filter_irq_stacks+0x90/0x90
[ 2885.764035]  ? __lock_acquire+0x164e/0x6120
[ 2885.764591]  kasan_save_stack+0x1e/0x40
[ 2885.765101]  ? kasan_save_stack+0x1e/0x40
[ 2885.765629]  ? __kasan_slab_alloc+0x66/0x80
[ 2885.766184]  ? kmem_cache_alloc+0x1aa/0x480
[ 2885.766734]  ? create_object.isra.0+0x3a/0xa20
[ 2885.767353]  ? kmem_cache_alloc+0x239/0x480
[ 2885.767901]  ? anon_vma_fork+0xed/0x6a0
[ 2885.768405]  ? dup_mm+0x91b/0x1250
[ 2885.768858]  ? copy_process+0x6946/0x6d60
[ 2885.769395]  ? kernel_clone+0xe7/0xa60
[ 2885.769891]  ? __do_sys_clone+0xc8/0x110
[ 2885.770406]  ? do_syscall_64+0x3b/0x90
[ 2885.770919]  ? entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2885.771591]  ? lockdep_hardirqs_on_prepare+0x400/0x400
[ 2885.772256]  ? kasan_save_stack+0x2e/0x40
[ 2885.772792]  ? kasan_save_stack+0x1e/0x40
[ 2885.773339]  ? __kasan_slab_alloc+0x66/0x80
[ 2885.773911]  ? kmem_cache_alloc+0x1aa/0x480
[ 2885.774472]  ? anon_vma_fork+0xed/0x6a0
[ 2885.775030]  ? lock_is_held_type+0xd7/0x130
[ 2885.775600]  ? find_held_lock+0x2c/0x110
[ 2885.776127]  ? lock_release+0x3b2/0x6f0
[ 2885.776630]  ? kmem_cache_alloc+0x43/0x480
[ 2885.777175]  ? lock_is_held_type+0xd7/0x130
[ 2885.777728]  ? kasan_unpoison+0x23/0x50
[ 2885.778230]  __kasan_slab_alloc+0x66/0x80
[ 2885.778767]  kmem_cache_alloc+0x1aa/0x480
[ 2885.779344]  create_object.isra.0+0x3a/0xa20
[ 2885.779903]  ? kasan_unpoison+0x23/0x50
[ 2885.780412]  kmem_cache_alloc+0x239/0x480
[ 2885.780947]  anon_vma_fork+0xed/0x6a0
[ 2885.781437]  ? __sanitizer_cov_trace_cmp8+0x1d/0x70
[ 2885.782089]  ? __vm_enough_memory+0x184/0x360
[ 2885.782682]  dup_mm+0x91b/0x1250
[ 2885.783156]  ? replace_mm_exe_file+0x490/0x490
[ 2885.783764]  ? __raw_spin_lock_init+0x36/0x110
[ 2885.784381]  copy_process+0x6946/0x6d60
[ 2885.784912]  ? __lock_acquire+0x164e/0x6120
[ 2885.785492]  ? __cleanup_sighand+0xb0/0xb0
[ 2885.786057]  ? lockdep_hardirqs_on_prepare+0x400/0x400
[ 2885.786745]  ? lock_is_held_type+0xd7/0x130
[ 2885.787336]  ? kernel_clone+0x2f8/0xa60
[ 2885.787840]  kernel_clone+0xe7/0xa60
[ 2885.788333]  ? lock_is_held_type+0xd7/0x130
[ 2885.788912]  ? create_io_thread+0xf0/0xf0
[ 2885.789459]  ? lock_release+0x3b2/0x6f0
[ 2885.789985]  ? __might_fault+0xd1/0x170
[ 2885.790504]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 2885.791241]  ? populate_seccomp_data+0x214/0x540
[ 2885.791844]  ? __sanitizer_cov_trace_const_cmp1+0x22/0x80
[ 2885.792542]  ? __seccomp_filter+0x5ab/0x1070
[ 2885.793106]  __do_sys_clone+0xc8/0x110
[ 2885.793615]  ? __do_sys_vfork+0xd0/0xd0
[ 2885.794138]  ? __secure_computing+0x195/0x2f0
[ 2885.794717]  do_syscall_64+0x3b/0x90
[ 2885.795227]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2885.795903] RIP: 0033:0x7fe025b664bb
[ 2885.796393] Code: ed 0f 85 f8 00 00 00 64 4c 8b 0c 25 10 00 00 00 45 31 c0 4d 8d 91 d0 02 00 00 31 d2 31 f6 bf 11 00 20 01 b8 38 00 00 00 0f 05 <48> 3d 00 f0 ff ff 0f 87 91 00 00 00 41 89 c5 85 c0 0f 85 9e 00 00
[ 2885.798774] RSP: 002b:00007fff3f1cb6d0 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[ 2885.799807] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00007fe025b664bb
[ 2885.800720] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011
[ 2885.801635] RBP: 0000000000000000 R08: 0000000000000000 R09: 00007fe0256da8c0
[ 2885.802564] R10: 00007fe0256dab90 R11: 0000000000000246 R12: 0000000000000000
[ 2885.803516] R13: 00007fff3f1cb7a0 R14: 0000000000000000 R15: 0000000000000000
[ 2885.804472]  </TASK>
[ 2885.828920] Call Trace:
[ 2885.829381]  <TASK>
[ 2885.829710]  x86_pmu_stop+0x149/0x330
[ 2885.830353]  x86_pmu_del+0x1be/0x610
[ 2885.830964]  event_sched_out+0x2ed/0xe80
[ 2885.831561]  __perf_remove_from_context+0x87/0xbe0
[ 2885.832228]  event_function+0x297/0x3d0
[ 2885.832774]  ? perf_uprobe_event_init+0x1c0/0x1c0
[ 2885.833515]  remote_function+0x125/0x1b0
[ 2885.834179]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 2885.834995]  ? perf_duration_warn+0x40/0x40
[ 2885.835612]  generic_exec_single+0x203/0x300
[ 2885.836225]  smp_call_function_single+0x189/0x460
[ 2885.836957]  ? perf_duration_warn+0x40/0x40
[ 2885.837583]  ? generic_exec_single+0x300/0x300
[ 2885.838218]  ? perf_duration_warn+0x40/0x40
[ 2885.838814]  ? lock_is_held_type+0xd7/0x130
[ 2885.839491]  event_function_call+0x3d0/0x430
[ 2885.840120]  ? perf_group_detach+0x11b0/0x11b0
[ 2885.840796]  ? perf_copy_attr+0x9c0/0x9c0
[ 2885.841368]  ? lock_release+0x3b2/0x6f0
[ 2885.841892]  ? perf_group_detach+0x11b0/0x11b0
[ 2885.842528]  ? perf_uprobe_event_init+0x1c0/0x1c0
[ 2885.843302]  ? _raw_spin_unlock_irq+0x1f/0x40
[ 2885.843951]  perf_remove_from_context+0x12e/0x260
[ 2885.844611]  perf_event_release_kernel+0x153/0x7f0
[ 2885.845300]  ? lock_is_held_type+0xd7/0x130
[ 2885.846056]  ? perf_pmu_migrate_context+0xae0/0xae0
[ 2885.846939]  ? lock_is_held_type+0xd7/0x130
[ 2885.847551]  perf_release+0x33/0x40
[ 2885.848081]  __fput+0x272/0x9d0
[ 2885.848564]  ? perf_event_release_kernel+0x7f0/0x7f0
[ 2885.849392]  task_work_run+0xe2/0x1a0
[ 2885.849958]  do_exit+0xaf7/0x27e0
[ 2885.850437]  ? find_held_lock+0x2c/0x110
[ 2885.851025]  ? lock_release+0x3b2/0x6f0
[ 2885.851598]  ? mm_update_next_owner+0x7d0/0x7d0
[ 2885.852316]  ? lock_downgrade+0x6d0/0x6d0
[ 2885.852892]  ? lock_is_held_type+0xd7/0x130
[ 2885.853477]  do_group_exit+0xd2/0x2f0
[ 2885.853999]  get_signal+0x2303/0x2350
[ 2885.854584]  ? lock_downgrade+0x6d0/0x6d0
[ 2885.855266]  ? signal_setup_done+0x520/0x520
[ 2885.855880]  ? lock_is_held_type+0xd7/0x130
[ 2885.856473]  arch_do_signal_or_restart+0x88/0x1a40
[ 2885.857167]  ? __do_sys_perf_event_open+0xd2/0x3040
[ 2885.857954]  ? get_sigframe_size+0x10/0x10
[ 2885.858557]  ? perf_remove_from_context+0x260/0x260
[ 2885.859298]  ? xfd_validate_state+0x59/0x180
[ 2885.859941]  exit_to_user_mode_prepare+0x131/0x1a0
[ 2885.860717]  syscall_exit_to_user_mode+0x19/0x50
[ 2885.861397]  do_syscall_64+0x48/0x90
[ 2885.861896]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2885.862616] RIP: 0033:0x7f750a357b19
[ 2885.863247] Code: Unable to access opcode bytes at RIP 0x7f750a357aef.
[ 2885.864161] RSP: 002b:00007f75078cd188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a
[ 2885.865204] RAX: 0000000000000003 RBX: 00007f750a46af60 RCX: 00007f750a357b19
[ 2885.866281] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000c00
[ 2885.867277] RBP: 00007f750a3b1f6d R08: 0000000000000000 R09: 0000000000000000
[ 2885.868321] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000000
[ 2885.869317] R13: 00007ffc8fa2e86f R14: 00007f75078cd300 R15: 0000000000022000
[ 2885.870304]  </TASK>
09:05:08 executing program 4:
openat$sndseq(0xffffffffffffff9c, 0x0, 0x0)
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{0x0}, {&(0x7f0000000300)=""/165, 0xa5}], 0x2, 0x0, 0x4c)

09:05:08 executing program 5:
socketpair$unix(0x1, 0x5, 0x0, 0x0)
sendmsg$unix(0xffffffffffffffff, 0x0, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
pwritev(r0, &(0x7f0000000640)=[{&(0x7f00000002c0)="19", 0x1}], 0x1000000000000158, 0x8000000, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0)
r2 = socket$inet6(0xa, 0x1, 0x0)
bind$inet6(r2, &(0x7f00000002c0)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c)
recvfrom(r2, &(0x7f00000003c0)=""/87, 0x20010397, 0x300, 0x0, 0x0)
sendfile(r2, r1, 0x0, 0xfffffdef)
readv(0xffffffffffffffff, &(0x7f0000000040), 0x0)
openat$cgroup_freezer_state(0xffffffffffffffff, 0x0, 0x2, 0x0)
close(0xffffffffffffffff)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
pipe(&(0x7f0000000140)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r4)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000001540), 0xffffffffffffffff)
sendmsg$NL80211_CMD_STOP_AP(r3, &(0x7f0000001600)={0x0, 0x0, &(0x7f00000015c0)={&(0x7f0000000180)={0x14, r5, 0x1, 0x70bd26, 0x0, {{}, {@void, @void}}}, 0x14}}, 0x800)
getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f00000000c0), &(0x7f0000000080)=0xc)
syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x2200)

09:05:08 executing program 0:
perf_event_open$cgroup(&(0x7f0000000c00)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x101d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

09:05:08 executing program 2:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000080), r0)
sendmsg$NLBL_MGMT_C_ADD(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)={0x4c, 0x0, 0x1, 0x0, 0x0, {}, [@NLBL_MGMT_A_DOMAIN={0x6, 0x1, '%\x00'}, @NLBL_MGMT_A_IPV6ADDR={0x14, 0x5, @local}, @NLBL_MGMT_A_IPV6MASK={0x14, 0x6, @mcast1}, @NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x5}]}, 0x4c}, 0x1, 0x700000000000000}, 0x0)

09:05:08 executing program 6:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{&(0x7f0000000040)=""/35, 0x23}, {0x0}, {&(0x7f0000000300)=""/165, 0xa5}], 0x3, 0x0, 0x4)

09:05:08 executing program 3:
syz_mount_image$vfat(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f00000002c0), 0x8010, &(0x7f00000000c0)=ANY=[@ANYBLOB="c8984e3a3db2f690916d85d20e80d3c96d1538b74d91c165020000000fe7197c4194c375db882c860995b941d2ae6d067de253974e344da2d6628e0ccd6041d8d3c74827fce29d5fe985a62ec7198f595cbaa38ed03e59c919765a5ee51d441215be441a3b"])
openat(0xffffffffffffffff, &(0x7f0000000000)='./file0\x00', 0x705080, 0x20)

09:05:08 executing program 7:
openat$sndseq(0xffffffffffffff9c, 0x0, 0x0)
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{0x0}, {&(0x7f0000000300)=""/165, 0xa5}], 0x2, 0x0, 0x74)

09:05:08 executing program 1:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{&(0x7f0000000040)=""/35, 0x23}, {0x0, 0x2}, {&(0x7f0000000300)=""/165, 0xa5}], 0x3, 0x0, 0x21)

[ 2900.629895] Call Trace:
[ 2900.630451]  <IRQ>
[ 2900.630881]  ? x86_pmu_start+0x1c0/0x240
[ 2900.631728]  x86_pmu_enable+0x580/0xd90
[ 2900.632496]  ? amd_pmu_disable_virt+0xa0/0xa0
[ 2900.633395]  ctx_resched+0x2b9/0x3a0
[ 2900.634126]  __perf_install_in_context+0x285/0xa40
[ 2900.635135]  ? ctx_resched+0x3a0/0x3a0
[ 2900.635894]  remote_function+0x125/0x1b0
[ 2900.636697]  flush_smp_call_function_queue+0x1df/0x610
[ 2900.637724]  ? perf_duration_warn+0x40/0x40
[ 2900.638578]  __sysvec_call_function_single+0x92/0x3a0
[ 2900.639607]  sysvec_call_function_single+0x89/0xc0
[ 2900.640548]  </IRQ>
[ 2900.640972]  <TASK>
[ 2900.641397]  asm_sysvec_call_function_single+0x12/0x20
[ 2900.642420] RIP: 0010:check_kcov_mode+0x2e/0x40
[ 2900.643423] Code: b9 be 7e 89 c2 81 e2 00 01 00 00 a9 00 01 ff 00 74 10 31 c0 85 d2 74 15 8b 96 64 14 00 00 85 d2 74 0b 8b 86 40 14 00 00 39 f8 <0f> 94 c0 c3 66 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 31 c0 65 8b
[ 2900.647178] RSP: 0018:ffff88801b55f7e0 EFLAGS: 00000293
[ 2900.648300] RAX: 0000000000000000 RBX: 800000002f21d007 RCX: ffff888008ae5040
[ 2900.649767] RDX: 0000000000000000 RSI: ffff888008ae5040 RDI: 0000000000000003
[ 2900.651284] RBP: ffffea0000bc8740 R08: 0000000000000000 R09: 0000000000000000
[ 2900.652699] R10: ffffffff81685d0b R11: 0000000000000000 R12: 0000000000000008
[ 2900.654110] R13: 0000000000000000 R14: ffff88801ef093e0 R15: dffffc0000000000
[ 2900.655595]  ? copy_page_range+0x10eb/0x3ed0
[ 2900.656491]  __sanitizer_cov_trace_const_cmp1+0x22/0x80
[ 2900.657573]  copy_page_range+0x10eb/0x3ed0
[ 2900.658518]  ? vm_iomap_memory+0x190/0x190
[ 2900.659437]  ? down_write+0xde/0x150
[ 2900.660214]  ? __sanitizer_cov_trace_cmp8+0x1d/0x70
[ 2900.661265]  ? __vma_link_rb+0x540/0x700
[ 2900.662108]  dup_mm+0x961/0x1250
[ 2900.662847]  ? replace_mm_exe_file+0x490/0x490
[ 2900.663840]  ? __raw_spin_lock_init+0x36/0x110
[ 2900.664808]  copy_process+0x6946/0x6d60
[ 2900.665626]  ? lock_is_held_type+0xd7/0x130
[ 2900.666545]  ? __cleanup_sighand+0xb0/0xb0
[ 2900.667495]  ? do_raw_spin_unlock+0x4f/0x210
[ 2900.668457]  ? _raw_spin_unlock+0x24/0x40
[ 2900.669322]  ? do_wp_page+0x28d/0x24d0
[ 2900.670164]  ? kernel_clone+0x2f8/0xa60
[ 2900.670986]  kernel_clone+0xe7/0xa60
[ 2900.671785]  ? __handle_mm_fault+0x9f3/0x35c0
[ 2900.672704]  ? create_io_thread+0xf0/0xf0
[ 2900.673553]  ? lock_is_held_type+0xd7/0x130
[ 2900.674449]  ? lock_is_held_type+0xd7/0x130
[ 2900.675393]  ? find_held_lock+0x2c/0x110
[ 2900.676200]  ? lock_release+0x3b2/0x6f0
[ 2900.677000]  __do_sys_clone+0xc8/0x110
[ 2900.677816]  ? __do_sys_vfork+0xd0/0xd0
[ 2900.678639]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2900.679693]  do_syscall_64+0x3b/0x90
[ 2900.680431]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2900.681472] RIP: 0033:0x7faa53ee610b
[ 2900.682211] Code: ed 0f 85 60 01 00 00 64 4c 8b 0c 25 10 00 00 00 45 31 c0 4d 8d 91 d0 02 00 00 31 d2 31 f6 bf 11 00 20 01 b8 38 00 00 00 0f 05 <48> 3d 00 f0 ff ff 0f 87 89 00 00 00 41 89 c5 85 c0 0f 85 90 00 00
[ 2900.685844] RSP: 002b:00007ffd1c599620 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[ 2900.687389] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007faa53ee610b
[ 2900.688790] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011
[ 2900.690154] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000555555d26400
[ 2900.691549] R10: 0000555555d266d0 R11: 0000000000000246 R12: 0000000000000001
[ 2900.692920] R13: 0000000000000001 R14: 0000000000000001 R15: 00007ffd1c599700
[ 2900.694367]  </TASK>
09:05:08 executing program 2:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000080), r0)
sendmsg$NLBL_MGMT_C_ADD(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)={0x4c, 0x0, 0x1, 0x0, 0x0, {}, [@NLBL_MGMT_A_DOMAIN={0x6, 0x1, '%\x00'}, @NLBL_MGMT_A_IPV6ADDR={0x14, 0x5, @local}, @NLBL_MGMT_A_IPV6MASK={0x14, 0x6, @mcast1}, @NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x5}]}, 0x4c}, 0x1, 0x700000000000000}, 0x0)

09:05:09 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, 0x0)
sendmsg$unix(0xffffffffffffffff, 0x0, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
pwritev(r0, &(0x7f0000000640)=[{&(0x7f00000002c0)="19", 0x1}], 0x1, 0x8000000, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0)
r2 = socket$inet6(0xa, 0x1, 0x0)
bind$inet6(r2, &(0x7f00000002c0)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c)
setxattr$security_ima(&(0x7f00000000c0)='./file1/file0\x00', &(0x7f0000000140), &(0x7f0000000180)=@sha1={0x1, "1bf3cbe0b75fa478d86c6242c84513d07a1a3bf8"}, 0x15, 0x3)
recvfrom(r2, &(0x7f00000003c0)=""/87, 0x20010397, 0x300, 0x0, 0x0)
sendfile(r2, r1, 0x0, 0xfffffdef)
readv(0xffffffffffffffff, &(0x7f0000000040), 0x0)
openat$cgroup_freezer_state(0xffffffffffffffff, 0x0, 0x2, 0x0)
close(0xffffffffffffffff)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000001540), 0xffffffffffffffff)
sendmsg$NL80211_CMD_STOP_AP(r3, &(0x7f0000001600)={0x0, 0x0, &(0x7f00000015c0)={&(0x7f0000001580)={0x1c, 0x0, 0x1, 0x0, 0x0, {{}, {@val={0x8}, @void}}}, 0x1c}}, 0x0)
getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000000040), &(0x7f0000000080)=0xc)
syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x2200)

09:05:09 executing program 7:
openat$sndseq(0xffffffffffffff9c, 0x0, 0x0)
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{0x0}, {&(0x7f0000000300)=""/165, 0xa5}], 0x2, 0x0, 0x7a)

09:05:09 executing program 6:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{&(0x7f0000000040)=""/35, 0x23}, {0x0}, {&(0x7f0000000300)=""/165, 0xa5}], 0x3, 0x0, 0x5)

[ 2900.827876] Call Trace:
[ 2900.828432]  <TASK>
[ 2900.828816]  x86_pmu_stop+0x149/0x330
[ 2900.829461]  x86_pmu_del+0x1be/0x610
[ 2900.830082]  event_sched_out+0x2ed/0xe80
[ 2900.830755]  __perf_remove_from_context+0x87/0xbe0
[ 2900.831607]  event_function+0x297/0x3d0
[ 2900.832238]  ? perf_uprobe_event_init+0x1c0/0x1c0
[ 2900.833024]  remote_function+0x125/0x1b0
[ 2900.833709]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 2900.834644]  ? perf_duration_warn+0x40/0x40
[ 2900.835466]  generic_exec_single+0x203/0x300
[ 2900.836286]  smp_call_function_single+0x189/0x460
[ 2900.837191]  ? perf_duration_warn+0x40/0x40
[ 2900.838011]  ? generic_exec_single+0x300/0x300
[ 2900.838770]  ? perf_duration_warn+0x40/0x40
[ 2900.839577]  ? lock_is_held_type+0xd7/0x130
[ 2900.840298]  event_function_call+0x3d0/0x430
[ 2900.841014]  ? perf_group_detach+0x11b0/0x11b0
[ 2900.841772]  ? perf_copy_attr+0x9c0/0x9c0
[ 2900.842457]  ? lock_release+0x3b2/0x6f0
[ 2900.843184]  ? perf_group_detach+0x11b0/0x11b0
[ 2900.843936]  ? perf_uprobe_event_init+0x1c0/0x1c0
[ 2900.844744]  ? _raw_spin_unlock_irq+0x1f/0x40
[ 2900.845490]  perf_remove_from_context+0x12e/0x260
[ 2900.846290]  perf_event_release_kernel+0x153/0x7f0
[ 2900.847121]  ? lock_is_held_type+0xd7/0x130
[ 2900.847838]  ? perf_pmu_migrate_context+0xae0/0xae0
[ 2900.848665]  ? lock_is_held_type+0xd7/0x130
[ 2900.849396]  perf_release+0x33/0x40
[ 2900.850003]  __fput+0x272/0x9d0
[ 2900.850526]  ? perf_event_release_kernel+0x7f0/0x7f0
[ 2900.851432]  task_work_run+0xe2/0x1a0
[ 2900.852101]  exit_to_user_mode_prepare+0x199/0x1a0
[ 2900.852873]  syscall_exit_to_user_mode+0x19/0x50
[ 2900.853662]  do_syscall_64+0x48/0x90
[ 2900.854294]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2900.855205] RIP: 0033:0x7f750a30a72b
[ 2900.855826] Code: 0f 05 48 3d 00 f0 ff ff 77 45 c3 0f 1f 40 00 48 83 ec 18 89 7c 24 0c e8 63 fc ff ff 8b 7c 24 0c 41 89 c0 b8 03 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 35 44 89 c7 89 44 24 0c e8 a1 fc ff ff 8b 44
[ 2900.858948] RSP: 002b:00007ffc8fa2e8d0 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[ 2900.860319] RAX: 0000000000000000 RBX: 0000000000000004 RCX: 00007f750a30a72b
[ 2900.861542] RDX: 0000000000000000 RSI: ffffffff81388253 RDI: 0000000000000003
09:05:09 executing program 7:
openat$sndseq(0xffffffffffffff9c, 0x0, 0x0)
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{0x0}, {&(0x7f0000000300)=""/165, 0xa5}], 0x2, 0x0, 0xa5)

[ 2900.862749] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000001b30c2001c
[ 2900.864168] R10: 0000000000000473 R11: 0000000000000293 R12: 00007f750a46bb60
[ 2900.865415] R13: 00007f750a46bb60 R14: 00007f750a46af60 R15: 00000000002c4222
[ 2900.866625]  ? smp_call_function_single+0x193/0x460
[ 2900.867531]  </TASK>
09:05:09 executing program 3:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{&(0x7f0000000040)=""/35, 0x23}, {0x0}, {&(0x7f0000000300)=""/165, 0xa5}], 0x3, 0x0, 0x4)

09:05:09 executing program 1:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{&(0x7f0000000040)=""/35, 0x23}, {0x0, 0x2}, {&(0x7f0000000300)=""/165, 0xa5}], 0x3, 0x0, 0x48)

[ 2900.931623] Call Trace:
[ 2900.932164]  <IRQ>
[ 2900.932530]  ? x86_pmu_start+0x1c0/0x240
[ 2900.933226]  x86_pmu_enable+0x580/0xd90
[ 2900.933911]  ? amd_pmu_disable_virt+0xa0/0xa0
[ 2900.934700]  ctx_resched+0x2b9/0x3a0
[ 2900.935403]  __perf_install_in_context+0x285/0xa40
[ 2900.936230]  ? ctx_resched+0x3a0/0x3a0
[ 2900.936903]  remote_function+0x125/0x1b0
[ 2900.937606]  flush_smp_call_function_queue+0x1df/0x610
[ 2900.938491]  ? perf_duration_warn+0x40/0x40
[ 2900.939259]  __sysvec_call_function_single+0x92/0x3a0
[ 2900.940149]  sysvec_call_function_single+0x89/0xc0
[ 2900.940983]  </IRQ>
[ 2900.941354]  <TASK>
[ 2900.941714]  asm_sysvec_call_function_single+0x12/0x20
[ 2900.942601] RIP: 0010:_raw_spin_unlock_irqrestore+0x2e/0x50
[ 2900.943581] Code: 48 83 c7 18 53 48 89 f3 48 8b 74 24 10 e8 7a 02 15 fd 48 89 ef e8 72 7f 15 fd 80 e7 02 74 06 e8 38 ae 36 fd fb bf 01 00 00 00 <e8> 6d 8b 0b fd 65 8b 05 e6 92 ee 7b 85 c0 74 03 5b 5d c3 0f 1f 44
[ 2900.946712] RSP: 0018:ffff88800c9bf598 EFLAGS: 00000202
[ 2900.947613] RAX: 000000000024ca89 RBX: 0000000000000282 RCX: ffffffff81283e5f
[ 2900.948543] RDX: 0000000000000000 RSI: 0000000000000002 RDI: 0000000000000001
[ 2900.949464] RBP: ffff888008010d80 R08: 0000000000000001 R09: ffffffff86a3e797
[ 2900.950383] R10: fffffbfff0d47cf2 R11: 0000000000000001 R12: ffff88800e700c00
[ 2900.951334] R13: ffff88800ca60c00 R14: ffff888008010dc0 R15: ffff888008010dc0
[ 2900.952263]  ? mark_lock.part.0+0xef/0x2f60
[ 2900.952843]  ? _raw_spin_unlock_irqrestore+0x28/0x50
[ 2900.953504]  get_partial_node.part.0+0x186/0x1f0
[ 2900.954128]  ? mark_held_locks+0x9e/0xe0
[ 2900.954662]  ? ___slab_alloc+0x458/0xee0
[ 2900.955304]  ___slab_alloc+0x7f7/0xee0
[ 2900.955946]  ? vm_area_dup+0x78/0x290
[ 2900.956633]  ? vm_area_dup+0x78/0x290
[ 2900.957275]  __slab_alloc.constprop.0+0x45/0x80
[ 2900.958078]  ? vm_area_dup+0x78/0x290
[ 2900.958779]  kmem_cache_alloc+0x393/0x480
[ 2900.959532]  vm_area_dup+0x78/0x290
[ 2900.960172]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[ 2900.961092]  ? copy_page_range+0x26fb/0x3ed0
[ 2900.961897]  ? vm_area_alloc+0x110/0x110
[ 2900.962615]  ? vm_iomap_memory+0x190/0x190
[ 2900.963377]  ? down_write+0xde/0x150
[ 2900.964008]  ? __sanitizer_cov_trace_cmp8+0x1d/0x70
[ 2900.964833]  ? __vma_link_rb+0x540/0x700
[ 2900.965526]  dup_mm+0x53f/0x1250
[ 2900.966131]  ? replace_mm_exe_file+0x490/0x490
[ 2900.966896]  ? __raw_spin_lock_init+0x36/0x110
[ 2900.967745]  copy_process+0x6946/0x6d60
[ 2900.968430]  ? lock_is_held_type+0xd7/0x130
[ 2900.969178]  ? __cleanup_sighand+0xb0/0xb0
[ 2900.969902]  ? do_raw_spin_unlock+0x4f/0x210
[ 2900.970650]  ? _raw_spin_unlock+0x24/0x40
[ 2900.971399]  ? do_wp_page+0x28d/0x24d0
[ 2900.972054]  ? kernel_clone+0x2f8/0xa60
[ 2900.972733]  kernel_clone+0xe7/0xa60
[ 2900.973358]  ? __handle_mm_fault+0x9f3/0x35c0
[ 2900.974126]  ? create_io_thread+0xf0/0xf0
[ 2900.974830]  ? lock_is_held_type+0xd7/0x130
[ 2900.975595]  ? lock_is_held_type+0xd7/0x130
[ 2900.976289]  ? find_held_lock+0x2c/0x110
[ 2900.976951]  ? lock_release+0x3b2/0x6f0
[ 2900.977613]  __do_sys_clone+0xc8/0x110
[ 2900.978275]  ? __do_sys_vfork+0xd0/0xd0
[ 2900.978952]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2900.979836]  do_syscall_64+0x3b/0x90
[ 2900.980434]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2900.981266] RIP: 0033:0x7f7e5487b10b
[ 2900.981867] Code: ed 0f 85 60 01 00 00 64 4c 8b 0c 25 10 00 00 00 45 31 c0 4d 8d 91 d0 02 00 00 31 d2 31 f6 bf 11 00 20 01 b8 38 00 00 00 0f 05 <48> 3d 00 f0 ff ff 0f 87 89 00 00 00 41 89 c5 85 c0 0f 85 90 00 00
[ 2900.984877] RSP: 002b:00007fffa39f9180 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[ 2900.986128] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f7e5487b10b
[ 2900.987374] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011
[ 2900.988520] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000555557379400
[ 2900.989662] R10: 00005555573796d0 R11: 0000000000000246 R12: 0000000000000001
[ 2900.990840] R13: 0000000000000000 R14: 0000000000000001 R15: 00007fffa39f9260
[ 2900.992021]  </TASK>
09:05:09 executing program 6:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{&(0x7f0000000040)=""/35, 0x23}, {0x0}, {&(0x7f0000000300)=""/165, 0xa5}], 0x3, 0x0, 0x6)

[ 2901.154319] Call Trace:
[ 2901.154944]  <IRQ>
[ 2901.155419]  x86_pmu_stop+0x149/0x330
[ 2901.156288]  x86_pmu_del+0x1be/0x610
[ 2901.157036]  event_sched_out+0x2ed/0xe80
[ 2901.157857]  __perf_remove_from_context+0x87/0xbe0
[ 2901.158856]  event_function+0x297/0x3d0
[ 2901.159706]  ? perf_uprobe_event_init+0x1c0/0x1c0
[ 2901.160677]  remote_function+0x125/0x1b0
[ 2901.161615]  flush_smp_call_function_queue+0x1df/0x610
[ 2901.162614]  ? perf_duration_warn+0x40/0x40
[ 2901.163575]  __sysvec_call_function_single+0x92/0x3a0
[ 2901.164598]  sysvec_call_function_single+0x89/0xc0
[ 2901.165605]  </IRQ>
[ 2901.166050]  <TASK>
[ 2901.166477]  asm_sysvec_call_function_single+0x12/0x20
[ 2901.167553] RIP: 0010:kasan_check_range+0x57/0x1e0
[ 2901.168572] Code: 39 fa 0f 87 bc 00 00 00 4c 8d 48 ff 48 89 fd 48 b8 00 00 00 00 00 fc ff df 4d 89 ca 48 c1 ed 03 49 c1 ea 03 48 01 c5 49 01 c2 <48> 89 e8 49 8d 5a 01 48 89 da 48 29 ea 48 83 fa 10 0f 8e 0a 01 00
[ 2901.172246] RSP: 0000:ffff88801ae2fb90 EFLAGS: 00000282
[ 2901.173332] RAX: dffffc0000000000 RBX: 0000000000000001 RCX: ffffffff81586824
[ 2901.174744] RDX: ffff800000000000 RSI: 0000000000000008 RDI: ffffea00007c77c0
[ 2901.176183] RBP: fffff940000f8ef8 R08: 0000000000000001 R09: ffffea00007c77c7
[ 2901.177605] R10: fffff940000f8ef8 R11: 0000000000000000 R12: 0000000000000032
[ 2901.179024] R13: 0000000000000000 R14: ffffea00007c77c0 R15: dffffc0000000000
[ 2901.180492]  ? folio_unlock+0x54/0xb0
[ 2901.181289]  folio_unlock+0x54/0xb0
[ 2901.182041]  filemap_map_pages+0x8e3/0x1350
[ 2901.182937]  ? filemap_get_read_batch+0xae0/0xae0
[ 2901.183944]  ? lockdep_hardirqs_on_prepare+0x400/0x400
[ 2901.185000]  ? lock_chain_count+0x20/0x20
[ 2901.185818]  ? filemap_get_read_batch+0xae0/0xae0
[ 2901.186745]  __handle_mm_fault+0x200d/0x35c0
[ 2901.187638]  ? lock_is_held_type+0xd7/0x130
[ 2901.188493]  ? __pmd_alloc+0x680/0x680
[ 2901.189275]  handle_mm_fault+0x2e6/0xa20
[ 2901.190069]  do_user_addr_fault+0x54a/0x12a0
[ 2901.190962]  exc_page_fault+0xa2/0x1a0
[ 2901.191777]  ? asm_exc_page_fault+0x8/0x30
[ 2901.192648]  asm_exc_page_fault+0x1e/0x30
[ 2901.193482] RIP: 0033:0x7f7e548170f0
[ 2901.194228] Code: 68 05 00 00 00 e9 50 ff ff ff ff 25 92 4f 14 00 68 18 00 00 00 e9 40 ff ff ff ff 25 8a 4f 14 00 68 04 00 00 00 e9 30 ff ff ff <ff> 25 82 4f 14 00 68 03 00 00 00 e9 20 ff ff ff ff 25 7a 4f 14 00
[ 2901.197939] RSP: 002b:00007fffa39f89c8 EFLAGS: 00010246
[ 2901.199026] RAX: 00007fffa39f90e0 RBX: 0000000000000000 RCX: 0000000000000000
[ 2901.200506] RDX: 00007fffa39f90c0 RSI: 0000000000000025 RDI: 00007f7e548d6e8f
[ 2901.201925] RBP: 00007fffa39f8f20 R08: 0000000000000000 R09: 00007fffa39f9030
[ 2901.203400] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fffa39f8f40
[ 2901.204504] R13: 00007f7e548d6e8f R14: 00007fffa39f90c0 R15: 00000000fbad8001
[ 2901.205624]  </TASK>
09:05:24 executing program 7:
openat$sndseq(0xffffffffffffff9c, 0x0, 0x0)
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{0x0}, {&(0x7f0000000300)=""/165, 0xa5}], 0x2, 0x0, 0xbf)

09:05:24 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, 0x0)
sendmsg$unix(0xffffffffffffffff, 0x0, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
pwritev(r0, &(0x7f0000000640)=[{&(0x7f00000002c0)="19", 0x1}], 0x1, 0x8000000, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0)
r2 = socket$inet6(0xa, 0x1, 0x0)
bind$inet6(r2, &(0x7f00000002c0)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c)
setxattr$security_ima(&(0x7f00000000c0)='./file1/file0\x00', &(0x7f0000000140), &(0x7f0000000180)=@sha1={0x1, "1bf3cbe0b75fa478d86c6242c84513d07a1a3bf8"}, 0x15, 0x3)
recvfrom(r2, &(0x7f00000003c0)=""/87, 0x20010397, 0x300, 0x0, 0x0)
sendfile(r2, r1, 0x0, 0xfffffdef)
readv(0xffffffffffffffff, &(0x7f0000000040), 0x0)
openat$cgroup_freezer_state(0xffffffffffffffff, 0x0, 0x2, 0x0)
close(0xffffffffffffffff)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000001540), 0xffffffffffffffff)
sendmsg$NL80211_CMD_STOP_AP(r3, &(0x7f0000001600)={0x0, 0x0, &(0x7f00000015c0)={&(0x7f0000001580)={0x1c, 0x0, 0x1, 0x0, 0x0, {{}, {@val={0x8}, @void}}}, 0x1c}}, 0x0)
getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000000040), &(0x7f0000000080)=0xc)
syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x2200)

09:05:24 executing program 5:
socketpair$unix(0x1, 0x5, 0x0, 0x0)
sendmsg$unix(0xffffffffffffffff, 0x0, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
pwritev(r0, &(0x7f0000000640)=[{&(0x7f00000002c0)="19", 0x1}], 0x1, 0x8000000, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0)
r2 = socket$inet6(0xa, 0x1, 0x0)
bind$inet6(r2, &(0x7f00000002c0)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @empty}, 0x3}, 0x1c)
recvfrom(r2, &(0x7f00000003c0)=""/87, 0x20010397, 0x300, 0x0, 0x0)
ioctl$sock_SIOCGSKNS(0xffffffffffffffff, 0x894c, &(0x7f00000000c0))
sendfile(r2, r1, 0x0, 0xfffffdef)
readv(0xffffffffffffffff, &(0x7f0000000040), 0x0)
openat$cgroup_freezer_state(0xffffffffffffffff, 0x0, 0x2, 0x0)
close(0xffffffffffffffff)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000001540), 0xffffffffffffffff)
sendmsg$NL80211_CMD_STOP_AP(r3, &(0x7f0000001600)={0x0, 0x0, &(0x7f00000015c0)={&(0x7f0000001580)={0x1c, 0x0, 0x1, 0x0, 0x0, {{}, {@val={0x8}, @void}}}, 0x1c}}, 0x0)
getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000000040), &(0x7f0000000080)=0xc)
syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x2200)

09:05:24 executing program 1:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{&(0x7f0000000040)=""/35, 0x23}, {0x0, 0x2}, {&(0x7f0000000300)=""/165, 0xa5}], 0x3, 0x0, 0x4c)

09:05:24 executing program 2:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000080), r0)
sendmsg$NLBL_MGMT_C_ADD(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)={0x4c, r1, 0x0, 0x0, 0x0, {}, [@NLBL_MGMT_A_DOMAIN={0x6, 0x1, '%\x00'}, @NLBL_MGMT_A_IPV6ADDR={0x14, 0x5, @local}, @NLBL_MGMT_A_IPV6MASK={0x14, 0x6, @mcast1}, @NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x5}]}, 0x4c}, 0x1, 0x700000000000000}, 0x0)

09:05:24 executing program 6:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{&(0x7f0000000040)=""/35, 0x23}, {0x0}, {&(0x7f0000000300)=""/165, 0xa5}], 0x3, 0x0, 0x7)

09:05:24 executing program 0:
perf_event_open$cgroup(&(0x7f0000000c00)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x101e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

09:05:24 executing program 3:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{&(0x7f0000000040)=""/35, 0x23}, {0x0, 0x2}, {&(0x7f0000000300)=""/165, 0xa5}], 0x3, 0x0, 0x21)

[ 2916.782051] Call Trace:
[ 2916.782513]  <IRQ>
[ 2916.782813]  ? x86_pmu_start+0x1c0/0x240
[ 2916.783405]  x86_pmu_enable+0x580/0xd90
[ 2916.783955]  ? amd_pmu_disable_virt+0xa0/0xa0
[ 2916.784639]  ctx_resched+0x2b9/0x3a0
[ 2916.785154]  __perf_install_in_context+0x285/0xa40
[ 2916.785876]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 2916.786683]  ? ctx_resched+0x3a0/0x3a0
[ 2916.787368]  remote_function+0x125/0x1b0
[ 2916.787934]  flush_smp_call_function_queue+0x1df/0x610
[ 2916.788657]  ? perf_duration_warn+0x40/0x40
[ 2916.789306]  __sysvec_call_function_single+0x92/0x3a0
[ 2916.790087]  sysvec_call_function_single+0x89/0xc0
[ 2916.790751]  </IRQ>
[ 2916.791044]  <TASK>
[ 2916.791381]  asm_sysvec_call_function_single+0x12/0x20
[ 2916.792160] RIP: 0010:__sanitizer_cov_trace_const_cmp4+0x0/0x70
[ 2916.793055] Code: b7 c9 48 83 c2 01 48 c7 44 30 e0 03 00 00 00 48 89 7c 30 e8 48 89 4c 30 f0 4c 89 54 d8 20 48 89 10 5b c3 0f 1f 80 00 00 00 00 <41> 89 f8 bf 03 00 00 00 89 f1 4c 8b 14 24 65 48 8b 34 25 40 6f 02
[ 2916.795626] RSP: 0018:ffff888049edf748 EFLAGS: 00000246
[ 2916.796358] RAX: 0000000000000000 RBX: ffff888018135558 RCX: 0000000000000000
[ 2916.797338] RDX: ffff8880413b0000 RSI: 0000000000000000 RDI: 0000000000000000
[ 2916.798324] RBP: ffffea0000bf9300 R08: 0000000000000000 R09: 0000000000000000
[ 2916.799290] R10: ffffffff81673c8d R11: 0000000000000000 R12: 8000000000000007
[ 2916.800327] R13: ffffea0000bf9308 R14: dffffc0000000000 R15: ffff888049edfa28
[ 2916.801277]  ? unmap_page_range+0xecd/0x2680
[ 2916.801915]  unmap_page_range+0xefd/0x2680
[ 2916.802498]  ? vm_normal_page+0x2e0/0x2e0
[ 2916.803053]  ? lock_release+0x3b2/0x6f0
[ 2916.803615]  ? lock_downgrade+0x6d0/0x6d0
[ 2916.804195]  ? uprobe_munmap+0x1c/0x560
[ 2916.804773]  unmap_single_vma+0x198/0x310
[ 2916.805353]  unmap_vmas+0x16b/0x2f0
[ 2916.805848]  ? lock_downgrade+0x6d0/0x6d0
[ 2916.806419]  ? unmap_mapping_range+0x280/0x280
[ 2916.807061]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 2916.807886]  exit_mmap+0x192/0x460
[ 2916.808390]  ? do_munmap+0x40/0x40
[ 2916.808905]  ? delayed_uprobe_remove+0x27/0x230
[ 2916.809530]  mmput+0xc8/0x380
[ 2916.809951]  do_exit+0xa0a/0x27e0
[ 2916.810420]  ? find_held_lock+0x2c/0x110
[ 2916.810962]  ? lock_release+0x3b2/0x6f0
[ 2916.811545]  ? mm_update_next_owner+0x7d0/0x7d0
[ 2916.812166]  ? lock_downgrade+0x6d0/0x6d0
[ 2916.812777]  ? lock_is_held_type+0xd7/0x130
[ 2916.813357]  do_group_exit+0xd2/0x2f0
[ 2916.813861]  get_signal+0x2303/0x2350
[ 2916.814378]  ? lock_is_held_type+0xd7/0x130
[ 2916.814950]  ? signal_setup_done+0x520/0x520
[ 2916.815582]  ? call_rcu+0x585/0xa20
[ 2916.816062]  ? lockdep_hardirqs_on+0x79/0x100
[ 2916.816654]  arch_do_signal_or_restart+0x88/0x1a40
[ 2916.817319]  ? put_task_stack+0xe4/0x230
[ 2916.817854]  ? finish_task_switch.isra.0+0x650/0x870
[ 2916.818584]  ? get_sigframe_size+0x10/0x10
[ 2916.819225]  ? __schedule+0x895/0x2450
[ 2916.819873]  ? io_schedule_timeout+0x140/0x140
[ 2916.820558]  ? __x64_sys_openat+0x13f/0x1f0
[ 2916.821171]  ? __x64_sys_futex_time32+0x480/0x480
[ 2916.821900]  exit_to_user_mode_prepare+0x131/0x1a0
[ 2916.822620]  syscall_exit_to_user_mode+0x19/0x50
[ 2916.823246]  do_syscall_64+0x48/0x90
[ 2916.823814]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2916.824503] RIP: 0033:0x7faa53ee7b19
[ 2916.824989] Code: Unable to access opcode bytes at RIP 0x7faa53ee7aef.
[ 2916.825861] RSP: 002b:00007faa5145d218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 2916.826868] RAX: 0000000000000001 RBX: 00007faa53ffaf68 RCX: 00007faa53ee7b19
[ 2916.827853] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007faa53ffaf6c
[ 2916.828830] RBP: 00007faa53ffaf60 R08: 000000000000000e R09: 0000000000000000
[ 2916.829765] R10: 0000000000000003 R11: 0000000000000246 R12: 00007faa53ffaf6c
[ 2916.830763] R13: 00007ffd1c5993ef R14: 00007faa5145d300 R15: 0000000000022000
[ 2916.831804]  </TASK>
[ 2916.869523] Call Trace:
[ 2916.869962]  <IRQ>
[ 2916.870265]  x86_pmu_stop+0x149/0x330
[ 2916.870797]  x86_pmu_del+0x1be/0x610
[ 2916.871347]  event_sched_out+0x2ed/0xe80
[ 2916.871915]  __perf_remove_from_context+0x87/0xbe0
[ 2916.872615]  event_function+0x297/0x3d0
[ 2916.873157]  ? perf_uprobe_event_init+0x1c0/0x1c0
[ 2916.873822]  remote_function+0x125/0x1b0
[ 2916.874386]  flush_smp_call_function_queue+0x1df/0x610
[ 2916.875099]  ? perf_duration_warn+0x40/0x40
[ 2916.875777]  __sysvec_call_function_single+0x92/0x3a0
[ 2916.876507]  sysvec_call_function_single+0x89/0xc0
[ 2916.877187]  </IRQ>
[ 2916.877485]  <TASK>
[ 2916.877781]  asm_sysvec_call_function_single+0x12/0x20
[ 2916.878480] RIP: 0010:lock_is_held_type+0xf8/0x130
[ 2916.879125] Code: 80 b3 66 84 e8 59 09 00 00 b8 ff ff ff ff 65 0f c1 05 84 87 f0 7b 83 f8 01 75 22 48 f7 04 24 00 02 00 00 74 01 fb 48 83 c4 08 <44> 89 e8 5b 5d 41 5c 41 5d 41 5e 41 5f c3 45 31 ed eb c0 0f 0b 48
[ 2916.881715] RSP: 0018:ffff88804af9f590 EFLAGS: 00000296
[ 2916.882450] RAX: 0000000000000001 RBX: 0000000000000002 RCX: 0000000000000001
[ 2916.883413] RDX: 0000000000000000 RSI: 0000000000000002 RDI: 0000000000000000
[ 2916.884363] RBP: ffffffff85201d00 R08: 0000000000000000 R09: ffffffff858dbcd7
[ 2916.885399] R10: fffffbfff0b1b79a R11: 0000000000000001 R12: ffff888017469ac0
[ 2916.886455] R13: 0000000000000000 R14: 00000000ffffffff R15: ffff88801746a490
[ 2916.887626]  rcu_read_lock_sched_held+0x3a/0x70
[ 2916.888303]  lock_acquire+0x41c/0x4d0
[ 2916.888917]  ? lock_release+0x6f0/0x6f0
[ 2916.889485]  ? lock_is_held_type+0xd7/0x130
[ 2916.890111]  ? find_held_lock+0x2c/0x110
[ 2916.890735]  ? lock_release+0x3b2/0x6f0
[ 2916.891324]  ? unlock_page_memcg+0xbe/0x230
[ 2916.891951]  ? lock_downgrade+0x6d0/0x6d0
[ 2916.892531]  folio_memcg_lock+0x3a/0x490
[ 2916.893107]  ? mem_cgroup_get_oom_group+0x400/0x400
[ 2916.893865]  ? __pte_alloc_kernel+0x1c0/0x1c0
[ 2916.894500]  page_remove_rmap+0x1e/0x490
[ 2916.895090]  unmap_page_range+0x10eb/0x2680
[ 2916.895781]  ? vm_normal_page+0x2e0/0x2e0
[ 2916.896367]  ? lock_release+0x3b2/0x6f0
[ 2916.896959]  ? lock_downgrade+0x6d0/0x6d0
[ 2916.897547]  ? uprobe_munmap+0x1c/0x560
[ 2916.898089]  unmap_single_vma+0x198/0x310
[ 2916.898691]  unmap_vmas+0x16b/0x2f0
[ 2916.899207]  ? lock_downgrade+0x6d0/0x6d0
[ 2916.899839]  ? unmap_mapping_range+0x280/0x280
[ 2916.900503]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 2916.901270]  exit_mmap+0x192/0x460
[ 2916.901779]  ? do_munmap+0x40/0x40
[ 2916.902279]  ? delayed_uprobe_remove+0x27/0x230
[ 2916.902976]  mmput+0xc8/0x380
[ 2916.903443]  do_exit+0xa0a/0x27e0
[ 2916.903929]  ? find_held_lock+0x2c/0x110
[ 2916.904502]  ? lock_release+0x3b2/0x6f0
[ 2916.905072]  ? mm_update_next_owner+0x7d0/0x7d0
[ 2916.905730]  ? lock_downgrade+0x6d0/0x6d0
[ 2916.906311]  ? lock_is_held_type+0xd7/0x130
[ 2916.906967]  do_group_exit+0xd2/0x2f0
[ 2916.907525]  get_signal+0x2303/0x2350
[ 2916.908058]  ? rcu_read_lock_sched_held+0x3a/0x70
[ 2916.908810]  ? signal_setup_done+0x520/0x520
[ 2916.909431]  ? vfs_readv+0xf7/0x150
[ 2916.910020]  ? vfs_iter_read+0xa0/0xa0
[ 2916.910578]  arch_do_signal_or_restart+0x88/0x1a40
[ 2916.911340]  ? lock_is_held_type+0xd7/0x130
[ 2916.911997]  ? find_held_lock+0x2c/0x110
[ 2916.912576]  ? get_sigframe_size+0x10/0x10
[ 2916.913185]  ? kick_process+0xe8/0x170
[ 2916.913742]  ? task_work_add+0xa6/0x190
[ 2916.914305]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 2916.915077]  ? fput_many.part.0+0xc6/0x170
[ 2916.915693]  ? fput+0x3b/0x50
[ 2916.916116]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[ 2916.916869]  exit_to_user_mode_prepare+0x131/0x1a0
[ 2916.917568]  syscall_exit_to_user_mode+0x19/0x50
[ 2916.918253]  do_syscall_64+0x48/0x90
[ 2916.918779]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2916.919595] RIP: 0033:0x7f457d3e8b19
[ 2916.920095] Code: Unable to access opcode bytes at RIP 0x7f457d3e8aef.
[ 2916.921003] RSP: 002b:00007f457a93d188 EFLAGS: 00000246 ORIG_RAX: 0000000000000127
[ 2916.922063] RAX: 00000000000000a5 RBX: 00007f457d4fc020 RCX: 00007f457d3e8b19
[ 2916.923042] RDX: 0000000000000002 RSI: 00000000200002c0 RDI: 0000000000000003
[ 2916.924005] RBP: 00007f457d442f6d R08: 00000000000000bf R09: 0000000000000000
[ 2916.924976] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 2916.925953] R13: 00007ffd0244841f R14: 00007f457a93d300 R15: 0000000000022000
[ 2916.926992]  </TASK>
09:05:25 executing program 6:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{&(0x7f0000000040)=""/35, 0x23}, {0x0}, {&(0x7f0000000300)=""/165, 0xa5}], 0x3, 0x0, 0xa)

09:05:25 executing program 3:
socketpair$unix(0x1, 0x5, 0x0, 0x0)
sendmsg$unix(0xffffffffffffffff, 0x0, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
pwritev(r0, &(0x7f0000000640)=[{&(0x7f00000002c0)="19", 0x1}], 0x1000000000000158, 0x8000000, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0)
r2 = socket$inet6(0xa, 0x1, 0x0)
bind$inet6(r2, &(0x7f00000002c0)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c)
recvfrom(r2, &(0x7f00000003c0)=""/87, 0x20010397, 0x300, 0x0, 0x0)
sendfile(r2, r1, 0x0, 0xfffffdef)
readv(0xffffffffffffffff, &(0x7f0000000040), 0x0)
openat$cgroup_freezer_state(0xffffffffffffffff, 0x0, 0x2, 0x0)
close(0xffffffffffffffff)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
pipe(&(0x7f0000000140)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r4)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000001540), 0xffffffffffffffff)
sendmsg$NL80211_CMD_STOP_AP(r3, &(0x7f0000001600)={0x0, 0x0, &(0x7f00000015c0)={&(0x7f0000000180)={0x14, r5, 0x1, 0x70bd26, 0x0, {{}, {@void, @void}}}, 0x14}}, 0x800)
getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f00000000c0), &(0x7f0000000080)=0xc)
syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x2200)

09:05:25 executing program 2:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000080), r0)
sendmsg$NLBL_MGMT_C_ADD(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)={0x4c, r1, 0x0, 0x0, 0x0, {}, [@NLBL_MGMT_A_DOMAIN={0x6, 0x1, '%\x00'}, @NLBL_MGMT_A_IPV6ADDR={0x14, 0x5, @local}, @NLBL_MGMT_A_IPV6MASK={0x14, 0x6, @mcast1}, @NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x5}]}, 0x4c}, 0x1, 0x700000000000000}, 0x0)

09:05:25 executing program 1:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{&(0x7f0000000040)=""/35, 0x23}, {0x0, 0x2}, {&(0x7f0000000300)=""/165, 0xa5}], 0x3, 0x0, 0x68)

09:05:25 executing program 2:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000080), r0)
sendmsg$NLBL_MGMT_C_ADD(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)={0x4c, r1, 0x0, 0x0, 0x0, {}, [@NLBL_MGMT_A_DOMAIN={0x6, 0x1, '%\x00'}, @NLBL_MGMT_A_IPV6ADDR={0x14, 0x5, @local}, @NLBL_MGMT_A_IPV6MASK={0x14, 0x6, @mcast1}, @NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x5}]}, 0x4c}, 0x1, 0x700000000000000}, 0x0)

09:05:25 executing program 6:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{&(0x7f0000000040)=""/35, 0x23}, {0x0}, {&(0x7f0000000300)=""/165, 0xa5}], 0x3, 0x0, 0x10)

09:05:25 executing program 0:
perf_event_open$cgroup(&(0x7f0000000c00)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x101f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

09:05:25 executing program 1:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{&(0x7f0000000040)=""/35, 0x23}, {0x0, 0x2}, {&(0x7f0000000300)=""/165, 0xa5}], 0x3, 0x0, 0x6c)

09:05:25 executing program 7:
openat$sndseq(0xffffffffffffff9c, 0x0, 0x0)
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{0x0}, {&(0x7f0000000300)=""/165, 0xa5}], 0x2, 0x0, 0x300)

[ 2917.243943] Call Trace:
[ 2917.244372]  <IRQ>
[ 2917.244663]  ? x86_pmu_start+0x1c0/0x240
[ 2917.245209]  x86_pmu_enable+0x580/0xd90
[ 2917.245734]  ? amd_pmu_disable_virt+0xa0/0xa0
[ 2917.246350]  ctx_resched+0x2b9/0x3a0
[ 2917.246868]  __perf_install_in_context+0x285/0xa40
[ 2917.247570]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 2917.248304]  ? ctx_resched+0x3a0/0x3a0
[ 2917.248815]  remote_function+0x125/0x1b0
[ 2917.249357]  flush_smp_call_function_queue+0x1df/0x610
[ 2917.250045]  ? perf_duration_warn+0x40/0x40
[ 2917.250684]  __sysvec_call_function_single+0x92/0x3a0
[ 2917.251405]  sysvec_call_function_single+0x89/0xc0
[ 2917.252079]  </IRQ>
[ 2917.252375]  <TASK>
[ 2917.252671]  asm_sysvec_call_function_single+0x12/0x20
[ 2917.253399] RIP: 0010:lock_acquire+0x1db/0x4d0
[ 2917.254022] Code: 02 b8 ff ff ff ff 65 0f c1 05 49 91 d9 7e 83 f8 01 0f 85 86 02 00 00 48 83 7c 24 08 00 74 01 fb 48 b8 00 00 00 00 00 fc ff df <48> 01 c3 48 c7 03 00 00 00 00 48 c7 43 08 00 00 00 00 48 8b 84 24
[ 2917.256567] RSP: 0018:ffff88804a3c72f0 EFLAGS: 00000206
[ 2917.257335] RAX: dffffc0000000000 RBX: 1ffff11009478e60 RCX: 00000000e692cef7
[ 2917.258292] RDX: 1ffff1100883748c RSI: 0000000000000000 RDI: 0000000000000000
[ 2917.259238] RBP: 0000000000000000 R08: 0000000000000000 R09: ffffffff86a3e787
[ 2917.260214] R10: fffffbfff0d47cf0 R11: 0000000000000001 R12: 0000000000000002
[ 2917.261197] R13: 0000000000000000 R14: ffffffff85201dc0 R15: 0000000000000000
[ 2917.262217]  ? lock_release+0x6f0/0x6f0
[ 2917.262762]  ? __lock_acquire+0xbac/0x6120
[ 2917.263368]  get_mem_cgroup_from_mm+0x44/0x600
[ 2917.263976]  ? get_mem_cgroup_from_mm+0x1f/0x600
[ 2917.264664]  ? __sanitizer_cov_trace_const_cmp2+0x22/0x80
[ 2917.265460]  __mem_cgroup_charge+0x13/0x80
[ 2917.266078]  __handle_mm_fault+0x10a9/0x35c0
[ 2917.266803]  ? lock_is_held_type+0xd7/0x130
[ 2917.267449]  ? __pmd_alloc+0x680/0x680
[ 2917.268010]  handle_mm_fault+0x2e6/0xa20
[ 2917.268621]  do_user_addr_fault+0x54a/0x12a0
[ 2917.269310]  exc_page_fault+0xa2/0x1a0
[ 2917.269881]  asm_exc_page_fault+0x1e/0x30
[ 2917.270485] RIP: 0010:copy_user_generic_string+0x2c/0x40
[ 2917.271236] Code: cb 83 fa 08 72 27 89 f9 83 e1 07 74 15 83 e9 08 f7 d9 29 ca 8a 06 88 07 48 ff c6 48 ff c7 ff c9 75 f2 89 d1 c1 e9 03 83 e2 07 <f3> 48 a5 89 d1 f3 a4 31 c0 0f 01 ca c3 8d 0c ca 89 ca eb 20 0f 01
[ 2917.273937] RSP: 0018:ffff88804a3c7720 EFLAGS: 00050246
[ 2917.274681] RAX: 0000000000000001 RBX: 0000000000001000 RCX: 0000000000000078
[ 2917.275788] RDX: 0000000000000000 RSI: ffff888041b21c40 RDI: 0000000020204000
[ 2917.276806] RBP: 00000000202033c0 R08: 0000000000000000 R09: ffff888041b21fff
[ 2917.277799] R10: ffffed10083643ff R11: 0000000000000001 R12: ffff888041b21000
[ 2917.278847] R13: 00007fffffffe000 R14: 0000000000000000 R15: ffff88804a3c7d70
[ 2917.279940]  copyout.part.0+0xd1/0x100
[ 2917.280523]  _copy_to_iter+0x2b1/0x1820
[ 2917.281078]  ? lock_is_held_type+0xd7/0x130
[ 2917.281687]  ? copy_page_from_iter+0x9f0/0x9f0
[ 2917.282340]  ? lock_is_held_type+0xd7/0x130
[ 2917.282960]  ? find_held_lock+0x2c/0x110
[ 2917.283583]  ? lock_release+0x3b2/0x6f0
[ 2917.284191]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[ 2917.285001]  ? __virt_addr_valid+0xe9/0x310
[ 2917.285659]  ? __sanitizer_cov_trace_const_cmp1+0x22/0x80
[ 2917.286442]  ? __sanitizer_cov_trace_cmp8+0x1d/0x70
[ 2917.287143]  ? __check_object_size+0x1b5/0x4e0
[ 2917.287850]  simple_copy_to_iter+0x4c/0x70
[ 2917.288462]  __skb_datagram_iter+0x4f1/0x880
[ 2917.289082]  ? receiver_wake_function+0x70/0x70
[ 2917.289782]  skb_copy_datagram_iter+0x85/0x270
[ 2917.290418]  tcp_recvmsg_locked+0xecf/0x1e80
[ 2917.291023]  ? tcp_update_recv_tstamps+0x230/0x230
[ 2917.291730]  ? mark_held_locks+0x9e/0xe0
[ 2917.292364]  ? __local_bh_enable_ip+0xa0/0x120
[ 2917.293018]  tcp_recvmsg+0x137/0x620
[ 2917.293527]  ? tcp_recv_timestamp+0x6e0/0x6e0
[ 2917.294126]  ? lock_release+0x3b2/0x6f0
[ 2917.294699]  ? selinux_socket_recvmsg+0x1fd/0x2b0
[ 2917.295505]  ? selinux_socket_getsockopt+0x2b0/0x2b0
[ 2917.296213]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 2917.296961]  ? futex_unqueue+0xb3/0x120
[ 2917.297565]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 2917.298359]  ? futex_wait+0x533/0x660
[ 2917.298938]  ? tcp_recv_timestamp+0x6e0/0x6e0
[ 2917.299588]  inet6_recvmsg+0x13b/0x670
[ 2917.300109]  ? inet6_bind+0x120/0x120
[ 2917.300634]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 2917.301390]  ? security_socket_recvmsg+0x95/0xc0
[ 2917.302032]  ? inet6_bind+0x120/0x120
[ 2917.302567]  sock_recvmsg+0xfb/0x180
[ 2917.303076]  __sys_recvfrom+0x1b8/0x2f0
[ 2917.303649]  ? __ia32_sys_send+0x100/0x100
[ 2917.304232]  ? 0xffffffff81000000
[ 2917.304713]  ? __ia32_compat_sys_get_robust_list+0x3b0/0x3b0
[ 2917.305522]  ? __sanitizer_cov_trace_cmp8+0x1d/0x70
[ 2917.306209]  ? xfd_validate_state+0x59/0x180
[ 2917.306804]  ? restore_fpregs_from_fpstate+0xcc/0x1e0
[ 2917.307553]  __x64_sys_recvfrom+0xdd/0x1b0
[ 2917.308109]  ? lockdep_hardirqs_on+0x79/0x100
[ 2917.308721]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2917.309408]  do_syscall_64+0x3b/0x90
[ 2917.309899]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2917.310590] RIP: 0033:0x7f7e5487cb19
[ 2917.311081] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2917.313545] RSP: 002b:00007f7e51df2188 EFLAGS: 00000246 ORIG_RAX: 000000000000002d
[ 2917.314574] RAX: ffffffffffffffda RBX: 00007f7e5498ff60 RCX: 00007f7e5487cb19
[ 2917.315564] RDX: 0000000020010397 RSI: 00000000200003c0 RDI: 0000000000000005
[ 2917.316523] RBP: 00007f7e548d6f6d R08: 0000000000000000 R09: 0000000000000000
[ 2917.317479] R10: 0000000000000300 R11: 0000000000000246 R12: 0000000000000000
[ 2917.318474] R13: 00007fffa39f8f4f R14: 00007f7e51df2300 R15: 0000000000022000
[ 2917.319528]  </TASK>
[ 2917.337661] Call Trace:
[ 2917.338126]  <IRQ>
[ 2917.338435]  x86_pmu_stop+0x149/0x330
[ 2917.338992]  x86_pmu_del+0x1be/0x610
[ 2917.339588]  event_sched_out+0x2ed/0xe80
[ 2917.340157]  __perf_remove_from_context+0x87/0xbe0
[ 2917.340872]  event_function+0x297/0x3d0
[ 2917.341466]  ? perf_uprobe_event_init+0x1c0/0x1c0
[ 2917.342132]  remote_function+0x125/0x1b0
[ 2917.342710]  flush_smp_call_function_queue+0x1df/0x610
[ 2917.343507]  ? perf_duration_warn+0x40/0x40
[ 2917.344122]  __sysvec_call_function_single+0x92/0x3a0
[ 2917.344858]  sysvec_call_function_single+0x89/0xc0
[ 2917.345589]  </IRQ>
[ 2917.345903]  <TASK>
[ 2917.346216]  asm_sysvec_call_function_single+0x12/0x20
[ 2917.346978] RIP: 0010:lock_acquire+0x1db/0x4d0
[ 2917.347682] Code: 02 b8 ff ff ff ff 65 0f c1 05 49 91 d9 7e 83 f8 01 0f 85 86 02 00 00 48 83 7c 24 08 00 74 01 fb 48 b8 00 00 00 00 00 fc ff df <48> 01 c3 48 c7 03 00 00 00 00 48 c7 43 08 00 00 00 00 48 8b 84 24
[ 2917.350232] RSP: 0018:ffff8880413af5d8 EFLAGS: 00000206
[ 2917.351019] RAX: dffffc0000000000 RBX: 1ffff11008275ebd RCX: 000000008510dfec
[ 2917.352039] RDX: 1ffff11001b1e48c RSI: 0000000000000001 RDI: 0000000000000000
[ 2917.353173] RBP: 0000000000000000 R08: 0000000000000000 R09: ffffffff86a3e787
[ 2917.354143] R10: fffffbfff0d47cf0 R11: 0000000000000001 R12: 0000000000000002
[ 2917.355112] R13: 0000000000000000 R14: ffffffff85201dc0 R15: 0000000000000000
[ 2917.356162]  ? lock_acquire+0x1b2/0x4d0
[ 2917.356695]  ? lock_release+0x6f0/0x6f0
[ 2917.357224]  ? lock_is_held_type+0xd7/0x130
[ 2917.357794]  ? find_held_lock+0x2c/0x110
[ 2917.358332]  ? lock_release+0x3b2/0x6f0
[ 2917.358866]  ? unlock_page_memcg+0xbe/0x230
[ 2917.359489]  ? lock_downgrade+0x6d0/0x6d0
[ 2917.360044]  folio_memcg_lock+0x3a/0x490
[ 2917.360640]  ? mem_cgroup_get_oom_group+0x400/0x400
[ 2917.361315]  ? __pte_alloc_kernel+0x1c0/0x1c0
[ 2917.361915]  page_remove_rmap+0x1e/0x490
[ 2917.362453]  unmap_page_range+0x10eb/0x2680
[ 2917.363040]  ? vm_normal_page+0x2e0/0x2e0
[ 2917.363631]  ? lock_release+0x3b2/0x6f0
[ 2917.364167]  ? lock_downgrade+0x6d0/0x6d0
[ 2917.364722]  ? uprobe_munmap+0x1c/0x560
[ 2917.365328]  unmap_single_vma+0x198/0x310
[ 2917.365907]  unmap_vmas+0x16b/0x2f0
[ 2917.366389]  ? lock_downgrade+0x6d0/0x6d0
[ 2917.366993]  ? unmap_mapping_range+0x280/0x280
[ 2917.367696]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 2917.368603]  exit_mmap+0x192/0x460
[ 2917.369108]  ? do_munmap+0x40/0x40
[ 2917.369607]  ? delayed_uprobe_remove+0x27/0x230
[ 2917.370298]  mmput+0xc8/0x380
[ 2917.370777]  do_exit+0xa0a/0x27e0
[ 2917.371256]  ? find_held_lock+0x2c/0x110
[ 2917.371916]  ? lock_release+0x3b2/0x6f0
[ 2917.372465]  ? mm_update_next_owner+0x7d0/0x7d0
[ 2917.373121]  ? lock_downgrade+0x6d0/0x6d0
[ 2917.373740]  ? lock_is_held_type+0xd7/0x130
[ 2917.374403]  do_group_exit+0xd2/0x2f0
[ 2917.374942]  get_signal+0x2303/0x2350
[ 2917.375515]  ? wake_up_q+0x8b/0xf0
[ 2917.376026]  ? signal_setup_done+0x520/0x520
[ 2917.376696]  arch_do_signal_or_restart+0x88/0x1a40
[ 2917.377405]  ? do_futex+0x136/0x380
[ 2917.377946]  ? __ia32_compat_sys_get_robust_list+0x3b0/0x3b0
[ 2917.378751]  ? get_sigframe_size+0x10/0x10
[ 2917.379420]  ? __x64_sys_futex+0x1c6/0x4c0
[ 2917.380028]  ? __x64_sys_futex_time32+0x480/0x480
[ 2917.380729]  exit_to_user_mode_prepare+0x131/0x1a0
[ 2917.381443]  syscall_exit_to_user_mode+0x19/0x50
[ 2917.382114]  do_syscall_64+0x48/0x90
[ 2917.382644]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2917.383420] RIP: 0033:0x7faa53ee7b19
[ 2917.383945] Code: Unable to access opcode bytes at RIP 0x7faa53ee7aef.
[ 2917.384871] RSP: 002b:00007faa5145d218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 2917.385964] RAX: 0000000000000000 RBX: 00007faa53ffaf68 RCX: 00007faa53ee7b19
[ 2917.386988] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007faa53ffaf68
[ 2917.388065] RBP: 00007faa53ffaf60 R08: 0000000000000000 R09: 0000000000000000
[ 2917.389075] R10: 0000000000000000 R11: 0000000000000246 R12: 00007faa53ffaf6c
[ 2917.390117] R13: 00007ffd1c5993ef R14: 00007faa5145d300 R15: 0000000000022000
[ 2917.391182]  </TASK>
[ 2917.399944] Call Trace:
[ 2917.400361]  <IRQ>
[ 2917.400655]  ? x86_pmu_start+0x1c0/0x240
[ 2917.401200]  x86_pmu_enable+0x580/0xd90
[ 2917.401733]  ? amd_pmu_disable_virt+0xa0/0xa0
[ 2917.402347]  ctx_resched+0x2b9/0x3a0
[ 2917.402863]  __perf_install_in_context+0x285/0xa40
[ 2917.403585]  ? ctx_resched+0x3a0/0x3a0
[ 2917.404154]  remote_function+0x125/0x1b0
[ 2917.404743]  flush_smp_call_function_queue+0x1df/0x610
[ 2917.405464]  ? perf_duration_warn+0x40/0x40
[ 2917.406073]  __sysvec_call_function_single+0x92/0x3a0
[ 2917.406764]  sysvec_call_function_single+0x89/0xc0
[ 2917.407480]  </IRQ>
[ 2917.407787]  <TASK>
[ 2917.408084]  asm_sysvec_call_function_single+0x12/0x20
[ 2917.408797] RIP: 0010:check_kcov_mode+0x2c/0x40
[ 2917.409435] Code: 05 89 b9 be 7e 89 c2 81 e2 00 01 00 00 a9 00 01 ff 00 74 10 31 c0 85 d2 74 15 8b 96 64 14 00 00 85 d2 74 0b 8b 86 40 14 00 00 <39> f8 0f 94 c0 c3 66 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 31 c0
[ 2917.412023] RSP: 0018:ffff88801b4b7710 EFLAGS: 00000246
[ 2917.412769] RAX: 0000000000000000 RBX: ffffea0000c00001 RCX: 0000000000000001
[ 2917.413722] RDX: 0000000000000000 RSI: ffff88800faa9ac0 RDI: 0000000000000003
[ 2917.414686] RBP: ffffea0000c04d00 R08: 0000000000000000 R09: ffffea0000c00007
[ 2917.415716] R10: ffffffff816c4102 R11: 0000000000000001 R12: 0000000000000000
[ 2917.416660] R13: ffff8880184a7300 R14: 0000000000000001 R15: ffff88801b4b7a28
[ 2917.417629]  ? page_remove_rmap+0x52/0x490
[ 2917.418208]  __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[ 2917.418911]  page_remove_rmap+0x52/0x490
[ 2917.419527]  unmap_page_range+0x10eb/0x2680
[ 2917.420109]  ? vm_normal_page+0x2e0/0x2e0
[ 2917.420663]  ? lock_release+0x3b2/0x6f0
[ 2917.421209]  ? lock_downgrade+0x6d0/0x6d0
[ 2917.421772]  ? uprobe_munmap+0x1c/0x560
[ 2917.422305]  unmap_single_vma+0x198/0x310
[ 2917.422937]  unmap_vmas+0x16b/0x2f0
[ 2917.423444]  ? lock_downgrade+0x6d0/0x6d0
[ 2917.424040]  ? unmap_mapping_range+0x280/0x280
[ 2917.424756]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 2917.425697]  exit_mmap+0x192/0x460
[ 2917.426188]  ? do_munmap+0x40/0x40
[ 2917.426718]  ? delayed_uprobe_remove+0x27/0x230
[ 2917.427406]  mmput+0xc8/0x380
[ 2917.427882]  do_exit+0xa0a/0x27e0
[ 2917.428403]  ? find_held_lock+0x2c/0x110
[ 2917.428986]  ? lock_release+0x3b2/0x6f0
[ 2917.429557]  ? mm_update_next_owner+0x7d0/0x7d0
[ 2917.430231]  ? lock_downgrade+0x6d0/0x6d0
[ 2917.430837]  ? lock_is_held_type+0xd7/0x130
[ 2917.431492]  do_group_exit+0xd2/0x2f0
[ 2917.432078]  get_signal+0x2303/0x2350
[ 2917.432626]  ? lock_is_held_type+0xd7/0x130
[ 2917.433244]  ? signal_setup_done+0x520/0x520
[ 2917.433888]  ? call_rcu+0x585/0xa20
[ 2917.434398]  ? lockdep_hardirqs_on+0x79/0x100
[ 2917.435056]  arch_do_signal_or_restart+0x88/0x1a40
[ 2917.435803]  ? put_task_stack+0xe4/0x230
[ 2917.436362]  ? finish_task_switch.isra.0+0x650/0x870
[ 2917.437129]  ? get_sigframe_size+0x10/0x10
[ 2917.437725]  ? __schedule+0x895/0x2450
[ 2917.438272]  ? io_schedule_timeout+0x140/0x140
[ 2917.438937]  ? __x64_sys_futex_time32+0x480/0x480
[ 2917.439687]  exit_to_user_mode_prepare+0x131/0x1a0
[ 2917.440370]  syscall_exit_to_user_mode+0x19/0x50
[ 2917.441057]  do_syscall_64+0x48/0x90
[ 2917.441606]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2917.442405] RIP: 0033:0x7f928d323b19
[ 2917.442925] Code: Unable to access opcode bytes at RIP 0x7f928d323aef.
[ 2917.443906] RSP: 002b:00007f928a899218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 2917.445008] RAX: 0000000000000001 RBX: 00007f928d436f68 RCX: 00007f928d323b19
[ 2917.446006] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f928d436f6c
[ 2917.446994] RBP: 00007f928d436f60 R08: 000000000000000e R09: 0000000000000000
[ 2917.448020] R10: 000000000000004c R11: 0000000000000246 R12: 00007f928d436f6c
[ 2917.449055] R13: 00007ffe916ec8df R14: 00007f928a899300 R15: 0000000000022000
[ 2917.450127]  </TASK>
[ 2917.453074] Call Trace:
[ 2917.453484]  <IRQ>
[ 2917.453803]  x86_pmu_stop+0x149/0x330
[ 2917.454347]  x86_pmu_del+0x1be/0x610
[ 2917.454895]  event_sched_out+0x2ed/0xe80
[ 2917.455541]  __perf_remove_from_context+0x87/0xbe0
[ 2917.456276]  event_function+0x297/0x3d0
[ 2917.456820]  ? perf_uprobe_event_init+0x1c0/0x1c0
[ 2917.457503]  remote_function+0x125/0x1b0
[ 2917.458043]  flush_smp_call_function_queue+0x1df/0x610
[ 2917.458768]  ? perf_duration_warn+0x40/0x40
[ 2917.459419]  __sysvec_call_function_single+0x92/0x3a0
[ 2917.460135]  sysvec_call_function_single+0x89/0xc0
[ 2917.460856]  </IRQ>
[ 2917.461162]  <TASK>
[ 2917.461462]  asm_sysvec_call_function_single+0x12/0x20
[ 2917.462191] RIP: 0010:put_unused_fd+0x3c/0x70
[ 2917.462818] Code: 6d c0 ff 49 8d bc 24 c0 07 00 00 48 b8 00 00 00 00 00 fc ff df 48 89 fa 48 c1 ea 03 80 3c 02 00 75 2e 4d 8b ac 24 c0 07 00 00 <4d> 8d a5 c0 00 00 00 4c 89 e7 e8 55 8c 90 02 4c 89 ef 89 ee e8 bb
[ 2917.465330] RSP: 0018:ffff888018427d98 EFLAGS: 00000246
[ 2917.466076] RAX: dffffc0000000000 RBX: 1ffff11003084fba RCX: 0000000000000000
[ 2917.467081] RDX: 1ffff1100115c7a8 RSI: ffffffff81834bc5 RDI: ffff888008ae3d40
[ 2917.468095] RBP: 0000000000000012 R08: fffffffffffff000 R09: 0000000000000000
[ 2917.469061] R10: ffffffff817abdaf R11: 0000000000000000 R12: ffff888008ae3580
[ 2917.470002] R13: ffff88800cd4c000 R14: 00000000ffffff9c R15: dffffc0000000000
[ 2917.470955]  ? do_sys_openat2+0x17f/0x4c0
[ 2917.471552]  ? put_unused_fd+0x15/0x70
[ 2917.472087]  ? put_unused_fd+0x15/0x70
[ 2917.472606]  do_sys_openat2+0x448/0x4c0
[ 2917.473172]  ? build_open_flags+0x6f0/0x6f0
[ 2917.473774]  ? seccomp_notify_ioctl+0xdc0/0xdc0
[ 2917.474386]  __x64_sys_openat+0x13f/0x1f0
[ 2917.474955]  ? __x64_sys_open+0x1c0/0x1c0
[ 2917.475638]  ? __secure_computing+0x195/0x2f0
[ 2917.476388]  do_syscall_64+0x3b/0x90
[ 2917.477004]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2917.477812] RIP: 0033:0x7f9e21b9ac64
[ 2917.478396] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 36 61 f9 ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 68 61 f9 ff 8b 44
[ 2917.481108] RSP: 002b:00007ffd3e915560 EFLAGS: 00000293 ORIG_RAX: 0000000000000101
[ 2917.482204] RAX: ffffffffffffffda RBX: 000055c722ba3d60 RCX: 00007f9e21b9ac64
[ 2917.483226] RDX: 0000000000080802 RSI: 000055c722bd9e60 RDI: 00000000ffffff9c
[ 2917.484219] RBP: 000055c722bd9e60 R08: 0000000000000000 R09: ffffffffffffff01
[ 2917.485189] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000080802
[ 2917.486163] R13: 00000000fffffffa R14: 000055c722be6d70 R15: 0000000000000002
[ 2917.487132]  </TASK>
09:05:41 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, 0x0)
sendmsg$unix(0xffffffffffffffff, 0x0, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
pwritev(r0, &(0x7f0000000640)=[{&(0x7f00000002c0)="19", 0x1}], 0x1, 0x8000000, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0)
r2 = socket$inet6(0xa, 0x1, 0x0)
bind$inet6(r2, &(0x7f00000002c0)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c)
setxattr$security_ima(&(0x7f00000000c0)='./file1/file0\x00', &(0x7f0000000140), &(0x7f0000000180)=@sha1={0x1, "1bf3cbe0b75fa478d86c6242c84513d07a1a3bf8"}, 0x15, 0x3)
recvfrom(r2, &(0x7f00000003c0)=""/87, 0x20010397, 0x300, 0x0, 0x0)
sendfile(r2, r1, 0x0, 0xfffffdef)
readv(0xffffffffffffffff, &(0x7f0000000040), 0x0)
openat$cgroup_freezer_state(0xffffffffffffffff, 0x0, 0x2, 0x0)
close(0xffffffffffffffff)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000001540), 0xffffffffffffffff)
sendmsg$NL80211_CMD_STOP_AP(r3, &(0x7f0000001600)={0x0, 0x0, &(0x7f00000015c0)={&(0x7f0000001580)={0x1c, 0x0, 0x1, 0x0, 0x0, {{}, {@val={0x8}, @void}}}, 0x1c}}, 0x0)
getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000000040), &(0x7f0000000080)=0xc)
syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x2200)

09:05:41 executing program 2:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000080), r0)
sendmsg$NLBL_MGMT_C_ADD(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)={0x44, r1, 0x1, 0x0, 0x0, {}, [@NLBL_MGMT_A_DOMAIN={0x6, 0x1, '%\x00'}, @NLBL_MGMT_A_IPV6ADDR={0x14, 0x5, @local}, @NLBL_MGMT_A_IPV6MASK={0x14, 0x6, @mcast1}]}, 0x44}, 0x1, 0x700000000000000}, 0x0)

09:05:41 executing program 6:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{&(0x7f0000000040)=""/35, 0x23}, {0x0}, {&(0x7f0000000300)=""/165, 0xa5}], 0x3, 0x0, 0x48)

09:05:41 executing program 0:
perf_event_open$cgroup(&(0x7f0000000c00)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x1020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

09:05:41 executing program 7:
openat$sndseq(0xffffffffffffff9c, 0x0, 0x0)
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{0x0}, {&(0x7f0000000300)=""/165, 0xa5}], 0x2, 0x0, 0x500)

09:05:41 executing program 5:
socketpair$unix(0x1, 0x5, 0x0, 0x0)
sendmsg$unix(0xffffffffffffffff, 0x0, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
pwritev(r0, &(0x7f0000000640)=[{&(0x7f00000009c0)="07bc2bfa4afc9b5f76a470466aa09a2d1fd39b7c14f39bd95bde9419", 0x1c}], 0x1, 0x8000000, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0)
r2 = socket$inet6(0xa, 0x1, 0x0)
bind$inet6(r2, &(0x7f00000002c0)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c)
recvfrom(r2, &(0x7f00000003c0)=""/87, 0x20010397, 0x300, 0x0, 0x0)
sendfile(r2, r1, 0x0, 0xfffffdef)
readv(r1, &(0x7f0000000b40)=[{&(0x7f0000000780)=""/22, 0x16}, {&(0x7f00000007c0)=""/251, 0xfb}, {&(0x7f00000008c0)=""/236, 0xec}, {&(0x7f0000000bc0)=""/89, 0x59}, {&(0x7f0000000a40)=""/70, 0x46}, {&(0x7f0000000ac0)=""/96, 0x60}], 0x6)
r3 = openat$cgroup_freezer_state(0xffffffffffffffff, 0x0, 0x2, 0x0)
close(0xffffffffffffffff)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$inet(r1, &(0x7f0000000380)={&(0x7f00000000c0)={0x2, 0x4e20, @empty}, 0x10, &(0x7f00000005c0)=[{&(0x7f0000000140)="f42df5f5ab2875a2e02edf7dd1e0e8e18d6bd5d646603127538654fd2c3669236b1563a7243e4c4ab8e4bc8c5193ac79c2", 0x31}, {&(0x7f0000000180)="e01455e973edf151c71067c9e606280b97446cb74cf3d18f552e39c20d2db383cdfffd05a8580fbd00f23e3a4ff29c3e3a9dabe9e294798ab68d1974449571f5b2b55e1e18688a7628a6cf207baf29c02088b43b6cc7640958f2abb7a68370b45155bd3031d4ff9f8832e606fd61ebdbb059cc734962fd584b4fff8fa4d0c027a39ad9f56b313f693b1462f506be2d7d607d315d146bee82e2e5df18018f4332eda30d1ff882ad38330153703950d2040f1b80add8f852d25c8ea0106f30c8e90509048fd2fe38b0ed294702d2815dc6344d8391b085f065dd5d1f69b103dac5a251caef78ae984d80110fe34f4bb5", 0xef}, {&(0x7f0000000300)="6edc7a39727ca248390c09bada8a74d38fc41d32bd5272b2152347a2d7654810c0fedd48c9ef3bdc6893e3d6e65da2e7940845c7a59232f73999df4e740357fd2b6a42d6c8c898c9dbbf4f19a3a3ce7dbfce78b19b0947aa665bc3b09729", 0x5e}, {&(0x7f0000000440)="37179b940c41c41036d9e2c421da778203e730e358d439aa0b5c1e5bdd16931e0344024e19db81bb1fda7120bab5d8b71ad0f447be9da5e97d64115096d568e5ede6a5592887115f74f1803a24ba1aa72da59894be4fc85ff01120eae548cc7c1bdd9e46145320ab9032cc0fc3ead4b8ec2ab72193ba4976ad3ae40a22171ec9c18ce4b3e4c5c9bf268327bf19f60e4e16e54db47eebc1007d169f9f47d36644382bb955334aaa2ff29850f566978236cbb2362674b9", 0xb6}, {&(0x7f0000000500)="60fb778cb189b9944c6cfa9dff84a558b6639000e39df561690a3f36da5b0d5dc1d9cb9185178a7536244576721ad8c704b425bb6489247ff097d4f5ff02ec47d5b3c1c8e21bc778b2353eed9df324299ba5a0773df30a2a2409ec5b1da88df73c01ed5b66462fcff6b8c038860dfbb83910a228dc1398c65b54bf4f0c1abc0b1276af5a5761c19aae4a7ffd4cb71a2d12d606034c3386fe55711b82ce5732db231b415bac6f5514f50aa1edb1fb7f067382d53c3a06fdaeefdc3ece473927", 0xbf}, {&(0x7f0000000280)="a8bf1db747024e270f6de3bad81b7dfa0badbcf01434f3cb4deff928bfc5", 0x1e}], 0x6, &(0x7f0000000680)=ANY=[@ANYBLOB="1400000000001f0000000000020000007e0000000000000014000000000000000000000002000000ff01000000000000b400000000000000000000000700000000890710ac1e00010703d886110000000202071ce8c7478701042ea5071ffc64010101e0000001ac1414bbe0000002ac1414bc7802bc70b7749779bbac1e0001ac1414aa070f6d0a010102e0000002ac1414aa014444c0437f00000100000009ac1414bb000100010a010100000000017f00000100000004e00000020000020f6401010000000003ac1414bb00000005ac1414aa000000030044146963ac1414bb00000001ac1e01"], 0xe8}, 0x20040000)
syz_genetlink_get_family_id$nl80211(&(0x7f0000001540), 0xffffffffffffffff)
ioctl$FITHAW(r3, 0xc0045878)
sendmsg$NL80211_CMD_STOP_AP(r4, &(0x7f0000001600)={0x0, 0x0, &(0x7f00000015c0)={&(0x7f0000001580)=ANY=[@ANYBLOB="1c000000", @ANYRES16=0x0, @ANYBLOB="0100000000000000000010f8ff0008000300", @ANYRES32=0x0, @ANYBLOB], 0x1c}}, 0x0)
getsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f0000000040), &(0x7f0000000080)=0xc)
syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x2200)

09:05:41 executing program 1:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{&(0x7f0000000040)=""/35, 0x23}, {0x0, 0x2}, {&(0x7f0000000300)=""/165, 0xa5}], 0x3, 0x0, 0x74)

09:05:41 executing program 3:
socketpair$unix(0x1, 0x5, 0x0, 0x0)
sendmsg$unix(0xffffffffffffffff, 0x0, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
pwritev(r0, &(0x7f0000000640)=[{&(0x7f00000002c0)="19", 0x1}], 0x1, 0x8000000, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0)
r2 = socket$inet6(0xa, 0x1, 0x0)
bind$inet6(r2, &(0x7f00000002c0)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @empty}, 0x3}, 0x1c)
recvfrom(r2, &(0x7f00000003c0)=""/87, 0x20010397, 0x300, 0x0, 0x0)
ioctl$sock_SIOCGSKNS(0xffffffffffffffff, 0x894c, &(0x7f00000000c0))
sendfile(r2, r1, 0x0, 0xfffffdef)
readv(0xffffffffffffffff, &(0x7f0000000040), 0x0)
openat$cgroup_freezer_state(0xffffffffffffffff, 0x0, 0x2, 0x0)
close(0xffffffffffffffff)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000001540), 0xffffffffffffffff)
sendmsg$NL80211_CMD_STOP_AP(r3, &(0x7f0000001600)={0x0, 0x0, &(0x7f00000015c0)={&(0x7f0000001580)={0x1c, 0x0, 0x1, 0x0, 0x0, {{}, {@val={0x8}, @void}}}, 0x1c}}, 0x0)
getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000000040), &(0x7f0000000080)=0xc)
syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x2200)

[ 2932.872065] Call Trace:
[ 2932.872541]  <TASK>
[ 2932.872846]  ? x86_pmu_start+0x1c0/0x240
[ 2932.873417]  x86_pmu_enable+0x580/0xd90
[ 2932.873991]  ? amd_pmu_disable_virt+0xa0/0xa0
[ 2932.874617]  ctx_resched+0x2b9/0x3a0
[ 2932.875166]  __perf_install_in_context+0x285/0xa40
[ 2932.875902]  ? ctx_resched+0x3a0/0x3a0
[ 2932.876483]  remote_function+0x125/0x1b0
[ 2932.877047]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 2932.877763]  ? perf_duration_warn+0x40/0x40
[ 2932.878331]  generic_exec_single+0x203/0x300
[ 2932.878873]  smp_call_function_single+0x189/0x460
[ 2932.879583]  ? perf_duration_warn+0x40/0x40
[ 2932.880166]  ? generic_exec_single+0x300/0x300
[ 2932.880796]  ? perf_duration_warn+0x40/0x40
[ 2932.881378]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 2932.882146]  ? lock_is_held_type+0xd7/0x130
[ 2932.882743]  perf_install_in_context+0x4da/0x590
[ 2932.883373]  ? list_add_event+0xeb0/0xeb0
[ 2932.883981]  ? ctx_resched+0x3a0/0x3a0
[ 2932.884505]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 2932.885247]  ? exclusive_event_installable+0x254/0x320
[ 2932.885986]  __do_sys_perf_event_open+0x1bf0/0x3040
[ 2932.886674]  ? __up_read+0x192/0x710
[ 2932.887197]  ? perf_remove_from_context+0x260/0x260
[ 2932.887887]  ? up_write+0x460/0x460
[ 2932.888368]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2932.889032]  do_syscall_64+0x3b/0x90
[ 2932.889506]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2932.890164] RIP: 0033:0x7f750a357b19
[ 2932.890638] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2932.893028] RSP: 002b:00007f75078cd188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a
[ 2932.894002] RAX: ffffffffffffffda RBX: 00007f750a46af60 RCX: 00007f750a357b19
[ 2932.894908] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000c00
[ 2932.895880] RBP: 00007f750a3b1f6d R08: 0000000000000000 R09: 0000000000000000
[ 2932.896789] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000000
[ 2932.897699] R13: 00007ffc8fa2e86f R14: 00007f75078cd300 R15: 0000000000022000
[ 2932.898641]  </TASK>
[ 2932.947495] Call Trace:
[ 2932.947959]  <TASK>
[ 2932.948248]  x86_pmu_stop+0x149/0x330
[ 2932.948743]  x86_pmu_del+0x1be/0x610
[ 2932.949222]  event_sched_out+0x2ed/0xe80
[ 2932.949748]  __perf_remove_from_context+0x87/0xbe0
[ 2932.950379]  event_function+0x297/0x3d0
[ 2932.950905]  ? perf_uprobe_event_init+0x1c0/0x1c0
[ 2932.951553]  remote_function+0x125/0x1b0
[ 2932.952090]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 2932.952813]  ? perf_duration_warn+0x40/0x40
[ 2932.953397]  generic_exec_single+0x203/0x300
[ 2932.954005]  smp_call_function_single+0x189/0x460
[ 2932.954644]  ? perf_duration_warn+0x40/0x40
[ 2932.955196]  ? generic_exec_single+0x300/0x300
[ 2932.955800]  ? perf_duration_warn+0x40/0x40
[ 2932.956367]  ? lock_is_held_type+0xd7/0x130
[ 2932.956930]  event_function_call+0x3d0/0x430
[ 2932.957495]  ? perf_group_detach+0x11b0/0x11b0
[ 2932.958078]  ? perf_copy_attr+0x9c0/0x9c0
[ 2932.958599]  ? lock_release+0x3b2/0x6f0
[ 2932.959103]  ? perf_group_detach+0x11b0/0x11b0
[ 2932.959746]  ? perf_uprobe_event_init+0x1c0/0x1c0
[ 2932.960438]  ? _raw_spin_unlock_irq+0x1f/0x40
[ 2932.961068]  perf_remove_from_context+0x12e/0x260
[ 2932.961697]  perf_event_release_kernel+0x153/0x7f0
[ 2932.962326]  ? lock_is_held_type+0xd7/0x130
[ 2932.962885]  ? perf_pmu_migrate_context+0xae0/0xae0
[ 2932.963524]  ? lock_is_held_type+0xd7/0x130
[ 2932.964110]  perf_release+0x33/0x40
[ 2932.964580]  __fput+0x272/0x9d0
[ 2932.964998]  ? perf_event_release_kernel+0x7f0/0x7f0
[ 2932.965680]  task_work_run+0xe2/0x1a0
[ 2932.966209]  exit_to_user_mode_prepare+0x199/0x1a0
[ 2932.966879]  syscall_exit_to_user_mode+0x19/0x50
[ 2932.967500]  do_syscall_64+0x48/0x90
[ 2932.968033]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2932.968683] RIP: 0033:0x7f750a30a72b
[ 2932.969162] Code: 0f 05 48 3d 00 f0 ff ff 77 45 c3 0f 1f 40 00 48 83 ec 18 89 7c 24 0c e8 63 fc ff ff 8b 7c 24 0c 41 89 c0 b8 03 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 35 44 89 c7 89 44 24 0c e8 a1 fc ff ff 8b 44
[ 2932.971499] RSP: 002b:00007ffc8fa2e8d0 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[ 2932.972505] RAX: 0000000000000000 RBX: 0000000000000004 RCX: 00007f750a30a72b
[ 2932.973465] RDX: 0000000000000000 RSI: ffffffff8411f74e RDI: 0000000000000003
[ 2932.974366] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000001b30c2001c
[ 2932.975265] R10: 0000000000000f41 R11: 0000000000000293 R12: 00007f750a46bb60
[ 2932.976207] R13: 00007f750a46bb60 R14: 00007f750a46af60 R15: 00000000002cc014
[ 2932.977127]  ? syscall_exit_to_user_mode+0x1e/0x50
[ 2932.977759]  </TASK>
09:05:41 executing program 1:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{&(0x7f0000000040)=""/35, 0x23}, {0x0, 0x2}, {&(0x7f0000000300)=""/165, 0xa5}], 0x3, 0x0, 0x7a)

09:05:41 executing program 6:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{&(0x7f0000000040)=""/35, 0x23}, {0x0}, {&(0x7f0000000300)=""/165, 0xa5}], 0x3, 0x0, 0x4c)

09:05:41 executing program 7:
openat$sndseq(0xffffffffffffff9c, 0x0, 0x0)
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{0x0}, {&(0x7f0000000300)=""/165, 0xa5}], 0x2, 0x0, 0x600)

09:05:41 executing program 2:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000080), r0)
sendmsg$NLBL_MGMT_C_ADD(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)={0x44, r1, 0x1, 0x0, 0x0, {}, [@NLBL_MGMT_A_DOMAIN={0x6, 0x1, '%\x00'}, @NLBL_MGMT_A_IPV6ADDR={0x14, 0x5, @local}, @NLBL_MGMT_A_IPV6MASK={0x14, 0x6, @mcast1}]}, 0x44}, 0x1, 0x700000000000000}, 0x0)

[ 2933.001546] Call Trace:
[ 2933.002037]  <TASK>
[ 2933.002359]  ? x86_pmu_start+0x1c0/0x240
[ 2933.002934]  x86_pmu_enable+0x580/0xd90
[ 2933.003452]  ? amd_pmu_disable_virt+0xa0/0xa0
[ 2933.004123]  ctx_resched+0x2b9/0x3a0
[ 2933.004625]  __perf_install_in_context+0x285/0xa40
[ 2933.005262]  ? ctx_resched+0x3a0/0x3a0
[ 2933.005774]  remote_function+0x125/0x1b0
[ 2933.006324]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 2933.007048]  ? perf_duration_warn+0x40/0x40
[ 2933.007644]  generic_exec_single+0x203/0x300
[ 2933.008250]  smp_call_function_single+0x189/0x460
[ 2933.008921]  ? perf_duration_warn+0x40/0x40
[ 2933.009492]  ? generic_exec_single+0x300/0x300
[ 2933.010122]  ? perf_duration_warn+0x40/0x40
[ 2933.010728]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 2933.011494]  ? lock_is_held_type+0xd7/0x130
[ 2933.012135]  perf_install_in_context+0x4da/0x590
[ 2933.012790]  ? list_add_event+0xeb0/0xeb0
[ 2933.013364]  ? ctx_resched+0x3a0/0x3a0
[ 2933.013891]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 2933.014648]  ? exclusive_event_installable+0x254/0x320
[ 2933.015385]  __do_sys_perf_event_open+0x1bf0/0x3040
[ 2933.016117]  ? perf_remove_from_context+0x260/0x260
[ 2933.016763]  ? xfd_validate_state+0x59/0x180
[ 2933.017395]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2933.018136]  do_syscall_64+0x3b/0x90
[ 2933.018634]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2933.019316] RIP: 0033:0x7f750a357b19
[ 2933.019874] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2933.022355] RSP: 002b:00007f75078cd188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a
[ 2933.023341] RAX: ffffffffffffffda RBX: 00007f750a46af60 RCX: 00007f750a357b19
[ 2933.024330] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000c00
[ 2933.025268] RBP: 00007f750a3b1f6d R08: 0000000000000000 R09: 0000000000000000
[ 2933.026221] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000000
[ 2933.027184] R13: 00007ffc8fa2e86f R14: 00007f75078cd300 R15: 0000000000022000
[ 2933.028208]  </TASK>
09:05:41 executing program 6:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{&(0x7f0000000040)=""/35, 0x23}, {0x0}, {&(0x7f0000000300)=""/165, 0xa5}], 0x3, 0x0, 0x68)

09:05:41 executing program 1:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{&(0x7f0000000040)=""/35, 0x23}, {0x0, 0x2}, {&(0x7f0000000300)=""/165, 0xa5}], 0x3, 0x0, 0xbf)

[ 2933.195746] Call Trace:
[ 2933.196243]  <TASK>
[ 2933.196584]  x86_pmu_stop+0x149/0x330
[ 2933.197131]  x86_pmu_del+0x1be/0x610
[ 2933.197655]  event_sched_out+0x2ed/0xe80
[ 2933.198239]  __perf_remove_from_context+0x87/0xbe0
[ 2933.198932]  event_function+0x297/0x3d0
[ 2933.199481]  ? perf_uprobe_event_init+0x1c0/0x1c0
[ 2933.200222]  remote_function+0x125/0x1b0
[ 2933.200791]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 2933.201619]  ? perf_duration_warn+0x40/0x40
[ 2933.202281]  generic_exec_single+0x203/0x300
[ 2933.202956]  smp_call_function_single+0x189/0x460
[ 2933.203667]  ? perf_duration_warn+0x40/0x40
[ 2933.204262]  ? generic_exec_single+0x300/0x300
[ 2933.204884]  ? perf_duration_warn+0x40/0x40
[ 2933.205471]  ? lock_is_held_type+0xd7/0x130
[ 2933.206033]  event_function_call+0x3d0/0x430
[ 2933.206610]  ? perf_group_detach+0x11b0/0x11b0
[ 2933.207209]  ? perf_copy_attr+0x9c0/0x9c0
[ 2933.207770]  ? lock_release+0x3b2/0x6f0
[ 2933.208309]  ? perf_group_detach+0x11b0/0x11b0
[ 2933.208926]  ? perf_uprobe_event_init+0x1c0/0x1c0
[ 2933.209568]  ? _raw_spin_unlock_irq+0x1f/0x40
[ 2933.210170]  perf_remove_from_context+0x12e/0x260
[ 2933.210811]  perf_event_release_kernel+0x153/0x7f0
[ 2933.211461]  ? lock_is_held_type+0xd7/0x130
[ 2933.212098]  ? perf_pmu_migrate_context+0xae0/0xae0
[ 2933.212763]  ? lock_is_held_type+0xd7/0x130
[ 2933.213323]  perf_release+0x33/0x40
[ 2933.213792]  __fput+0x272/0x9d0
[ 2933.214205]  ? perf_event_release_kernel+0x7f0/0x7f0
[ 2933.214880]  task_work_run+0xe2/0x1a0
[ 2933.215390]  do_exit+0xaf7/0x27e0
[ 2933.215916]  ? find_held_lock+0x2c/0x110
[ 2933.216487]  ? lock_release+0x3b2/0x6f0
[ 2933.217065]  ? mm_update_next_owner+0x7d0/0x7d0
[ 2933.217719]  ? lock_downgrade+0x6d0/0x6d0
[ 2933.218323]  ? lock_is_held_type+0xd7/0x130
[ 2933.218945]  do_group_exit+0xd2/0x2f0
[ 2933.219520]  get_signal+0x2303/0x2350
[ 2933.220150]  ? lock_downgrade+0x6d0/0x6d0
[ 2933.220749]  ? signal_setup_done+0x520/0x520
[ 2933.221388]  ? lock_is_held_type+0xd7/0x130
[ 2933.222061]  arch_do_signal_or_restart+0x88/0x1a40
[ 2933.222773]  ? __do_sys_perf_event_open+0xd2/0x3040
[ 2933.223499]  ? get_sigframe_size+0x10/0x10
[ 2933.224227]  ? perf_remove_from_context+0x260/0x260
[ 2933.224945]  ? xfd_validate_state+0x59/0x180
[ 2933.225580]  exit_to_user_mode_prepare+0x131/0x1a0
[ 2933.226287]  syscall_exit_to_user_mode+0x19/0x50
[ 2933.226985]  do_syscall_64+0x48/0x90
[ 2933.227479]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2933.228246] RIP: 0033:0x7f750a357b19
[ 2933.228787] Code: Unable to access opcode bytes at RIP 0x7f750a357aef.
[ 2933.229706] RSP: 002b:00007f75078cd188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a
[ 2933.230781] RAX: 0000000000000003 RBX: 00007f750a46af60 RCX: 00007f750a357b19
[ 2933.231827] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000c00
[ 2933.232852] RBP: 00007f750a3b1f6d R08: 0000000000000000 R09: 0000000000000000
[ 2933.233843] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000000
[ 2933.234863] R13: 00007ffc8fa2e86f R14: 00007f75078cd300 R15: 0000000000022000
[ 2933.235955]  </TASK>
09:05:56 executing program 3:
socketpair$unix(0x1, 0x5, 0x0, 0x0)
sendmsg$unix(0xffffffffffffffff, 0x0, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
pwritev(r0, &(0x7f0000000640)=[{&(0x7f00000009c0)="07bc2bfa4afc9b5f76a470466aa09a2d1fd39b7c14f39bd95bde9419", 0x1c}], 0x1, 0x8000000, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0)
r2 = socket$inet6(0xa, 0x1, 0x0)
bind$inet6(r2, &(0x7f00000002c0)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c)
recvfrom(r2, &(0x7f00000003c0)=""/87, 0x20010397, 0x300, 0x0, 0x0)
sendfile(r2, r1, 0x0, 0xfffffdef)
readv(r1, &(0x7f0000000b40)=[{&(0x7f0000000780)=""/22, 0x16}, {&(0x7f00000007c0)=""/251, 0xfb}, {&(0x7f00000008c0)=""/236, 0xec}, {&(0x7f0000000bc0)=""/89, 0x59}, {&(0x7f0000000a40)=""/70, 0x46}, {&(0x7f0000000ac0)=""/96, 0x60}], 0x6)
r3 = openat$cgroup_freezer_state(0xffffffffffffffff, 0x0, 0x2, 0x0)
close(0xffffffffffffffff)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$inet(r1, &(0x7f0000000380)={&(0x7f00000000c0)={0x2, 0x4e20, @empty}, 0x10, &(0x7f00000005c0)=[{&(0x7f0000000140)="f42df5f5ab2875a2e02edf7dd1e0e8e18d6bd5d646603127538654fd2c3669236b1563a7243e4c4ab8e4bc8c5193ac79c2", 0x31}, {&(0x7f0000000180)="e01455e973edf151c71067c9e606280b97446cb74cf3d18f552e39c20d2db383cdfffd05a8580fbd00f23e3a4ff29c3e3a9dabe9e294798ab68d1974449571f5b2b55e1e18688a7628a6cf207baf29c02088b43b6cc7640958f2abb7a68370b45155bd3031d4ff9f8832e606fd61ebdbb059cc734962fd584b4fff8fa4d0c027a39ad9f56b313f693b1462f506be2d7d607d315d146bee82e2e5df18018f4332eda30d1ff882ad38330153703950d2040f1b80add8f852d25c8ea0106f30c8e90509048fd2fe38b0ed294702d2815dc6344d8391b085f065dd5d1f69b103dac5a251caef78ae984d80110fe34f4bb5", 0xef}, {&(0x7f0000000300)="6edc7a39727ca248390c09bada8a74d38fc41d32bd5272b2152347a2d7654810c0fedd48c9ef3bdc6893e3d6e65da2e7940845c7a59232f73999df4e740357fd2b6a42d6c8c898c9dbbf4f19a3a3ce7dbfce78b19b0947aa665bc3b09729", 0x5e}, {&(0x7f0000000440)="37179b940c41c41036d9e2c421da778203e730e358d439aa0b5c1e5bdd16931e0344024e19db81bb1fda7120bab5d8b71ad0f447be9da5e97d64115096d568e5ede6a5592887115f74f1803a24ba1aa72da59894be4fc85ff01120eae548cc7c1bdd9e46145320ab9032cc0fc3ead4b8ec2ab72193ba4976ad3ae40a22171ec9c18ce4b3e4c5c9bf268327bf19f60e4e16e54db47eebc1007d169f9f47d36644382bb955334aaa2ff29850f566978236cbb2362674b9", 0xb6}, {&(0x7f0000000500)="60fb778cb189b9944c6cfa9dff84a558b6639000e39df561690a3f36da5b0d5dc1d9cb9185178a7536244576721ad8c704b425bb6489247ff097d4f5ff02ec47d5b3c1c8e21bc778b2353eed9df324299ba5a0773df30a2a2409ec5b1da88df73c01ed5b66462fcff6b8c038860dfbb83910a228dc1398c65b54bf4f0c1abc0b1276af5a5761c19aae4a7ffd4cb71a2d12d606034c3386fe55711b82ce5732db231b415bac6f5514f50aa1edb1fb7f067382d53c3a06fdaeefdc3ece473927", 0xbf}, {&(0x7f0000000280)="a8bf1db747024e270f6de3bad81b7dfa0badbcf01434f3cb4deff928bfc5", 0x1e}], 0x6, &(0x7f0000000680)=ANY=[@ANYBLOB="1400000000001f0000000000020000007e0000000000000014000000000000000000000002000000ff01000000000000b400000000000000000000000700000000890710ac1e00010703d886110000000202071ce8c7478701042ea5071ffc64010101e0000001ac1414bbe0000002ac1414bc7802bc70b7749779bbac1e0001ac1414aa070f6d0a010102e0000002ac1414aa014444c0437f00000100000009ac1414bb000100010a010100000000017f00000100000004e00000020000020f6401010000000003ac1414bb00000005ac1414aa000000030044146963ac1414bb00000001ac1e01"], 0xe8}, 0x20040000)
syz_genetlink_get_family_id$nl80211(&(0x7f0000001540), 0xffffffffffffffff)
ioctl$FITHAW(r3, 0xc0045878)
sendmsg$NL80211_CMD_STOP_AP(r4, &(0x7f0000001600)={0x0, 0x0, &(0x7f00000015c0)={&(0x7f0000001580)=ANY=[@ANYBLOB="1c000000", @ANYRES16=0x0, @ANYBLOB="0100000000000000000010f8ff0008000300", @ANYRES32=0x0, @ANYBLOB], 0x1c}}, 0x0)
getsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f0000000040), &(0x7f0000000080)=0xc)
syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x2200)

09:05:56 executing program 5:
socketpair$unix(0x1, 0x5, 0x0, 0x0)
sendmsg$unix(0xffffffffffffffff, 0x0, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
pwritev(r0, &(0x7f0000000640)=[{&(0x7f00000002c0)="19", 0x1}], 0x1, 0x8000000, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0)
r2 = socket$inet6(0xa, 0x1, 0x0)
bind$inet6(r2, &(0x7f00000002c0)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c)
recvfrom(r2, &(0x7f00000003c0)=""/87, 0x20010397, 0x300, 0x0, 0x0)
sendfile(r2, r1, 0x0, 0xfffffdef)
readv(0xffffffffffffffff, &(0x7f0000000040), 0x0)
openat$cgroup_freezer_state(0xffffffffffffffff, 0x0, 0x2, 0x0)
close(0xffffffffffffffff)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000001540), 0xffffffffffffffff)
sendmsg$NL80211_CMD_STOP_AP(r3, &(0x7f0000001600)={0x0, 0x0, &(0x7f00000015c0)={&(0x7f00000000c0)={0x28, 0x0, 0x1, 0x0, 0x0, {{}, {@val={0x8}, @val={0xc, 0x99, {0x5, 0x13}}}}}, 0x28}}, 0x44000)
getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000000040), &(0x7f0000000080)=0xc)
syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x2200)

09:05:56 executing program 2:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000080), r0)
sendmsg$NLBL_MGMT_C_ADD(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)={0x44, r1, 0x1, 0x0, 0x0, {}, [@NLBL_MGMT_A_DOMAIN={0x6, 0x1, '%\x00'}, @NLBL_MGMT_A_IPV6ADDR={0x14, 0x5, @local}, @NLBL_MGMT_A_IPV6MASK={0x14, 0x6, @mcast1}]}, 0x44}, 0x1, 0x700000000000000}, 0x0)

09:05:57 executing program 6:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{&(0x7f0000000040)=""/35, 0x23}, {0x0}, {&(0x7f0000000300)=""/165, 0xa5}], 0x3, 0x0, 0x6c)

09:05:57 executing program 7:
openat$sndseq(0xffffffffffffff9c, 0x0, 0x0)
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{0x0}, {&(0x7f0000000300)=""/165, 0xa5}], 0x2, 0x0, 0x700)

09:05:57 executing program 1:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{&(0x7f0000000040)=""/35, 0x23}, {0x0, 0x2}, {&(0x7f0000000300)=""/165, 0xa5}], 0x3, 0x0, 0x300)

09:05:57 executing program 0:
perf_event_open$cgroup(&(0x7f0000000c00)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x1021, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

09:05:57 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, 0x0)
sendmsg$unix(0xffffffffffffffff, 0x0, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
pwritev(r0, &(0x7f0000000640)=[{&(0x7f00000002c0)="19", 0x1}], 0x1, 0x8000000, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0)
r2 = socket$inet6(0xa, 0x1, 0x0)
bind$inet6(r2, &(0x7f00000002c0)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @empty}, 0x3}, 0x1c)
recvfrom(r2, &(0x7f00000003c0)=""/87, 0x20010397, 0x300, 0x0, 0x0)
ioctl$sock_SIOCGSKNS(0xffffffffffffffff, 0x894c, &(0x7f00000000c0))
sendfile(r2, r1, 0x0, 0xfffffdef)
readv(0xffffffffffffffff, &(0x7f0000000040), 0x0)
openat$cgroup_freezer_state(0xffffffffffffffff, 0x0, 0x2, 0x0)
close(0xffffffffffffffff)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000001540), 0xffffffffffffffff)
sendmsg$NL80211_CMD_STOP_AP(r3, &(0x7f0000001600)={0x0, 0x0, &(0x7f00000015c0)={&(0x7f0000001580)={0x1c, 0x0, 0x1, 0x0, 0x0, {{}, {@val={0x8}, @void}}}, 0x1c}}, 0x0)
getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000000040), &(0x7f0000000080)=0xc)
syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x2200)

[ 2948.810458] Call Trace:
[ 2948.810945]  <TASK>
[ 2948.811284]  ? x86_pmu_start+0x1c0/0x240
[ 2948.811854]  x86_pmu_enable+0x580/0xd90
[ 2948.812396]  ? amd_pmu_disable_virt+0xa0/0xa0
[ 2948.813034]  ctx_resched+0x2b9/0x3a0
[ 2948.813548]  __perf_install_in_context+0x285/0xa40
[ 2948.814223]  ? ctx_resched+0x3a0/0x3a0
[ 2948.814759]  remote_function+0x125/0x1b0
[ 2948.815289]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 2948.816071]  ? perf_duration_warn+0x40/0x40
[ 2948.816692]  generic_exec_single+0x203/0x300
[ 2948.817285]  smp_call_function_single+0x189/0x460
[ 2948.817901]  ? perf_duration_warn+0x40/0x40
[ 2948.818462]  ? generic_exec_single+0x300/0x300
[ 2948.819052]  ? perf_duration_warn+0x40/0x40
[ 2948.819612]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 2948.820347]  ? lock_is_held_type+0xd7/0x130
[ 2948.820951]  perf_install_in_context+0x4da/0x590
[ 2948.821608]  ? list_add_event+0xeb0/0xeb0
[ 2948.822182]  ? ctx_resched+0x3a0/0x3a0
[ 2948.822688]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 2948.823396]  ? exclusive_event_installable+0x254/0x320
[ 2948.824142]  __do_sys_perf_event_open+0x1bf0/0x3040
[ 2948.824810]  ? __up_read+0x192/0x710
[ 2948.825295]  ? perf_remove_from_context+0x260/0x260
[ 2948.825993]  ? up_write+0x460/0x460
[ 2948.826561]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2948.827289]  do_syscall_64+0x3b/0x90
[ 2948.827897]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2948.828613] RIP: 0033:0x7f750a357b19
[ 2948.829139] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2948.831699] RSP: 002b:00007f75078cd188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a
[ 2948.832883] RAX: ffffffffffffffda RBX: 00007f750a46af60 RCX: 00007f750a357b19
[ 2948.833868] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000c00
[ 2948.834937] RBP: 00007f750a3b1f6d R08: 0000000000000000 R09: 0000000000000000
[ 2948.835982] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000000
[ 2948.836978] R13: 00007ffc8fa2e86f R14: 00007f75078cd300 R15: 0000000000022000
[ 2948.837989]  </TASK>
09:05:57 executing program 6:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{&(0x7f0000000040)=""/35, 0x23}, {0x0}, {&(0x7f0000000300)=""/165, 0xa5}], 0x3, 0x0, 0x74)

09:05:57 executing program 7:
openat$sndseq(0xffffffffffffff9c, 0x0, 0x0)
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{0x0}, {&(0x7f0000000300)=""/165, 0xa5}], 0x2, 0x0, 0xa00)

09:05:57 executing program 2:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000080), r0)
sendmsg$NLBL_MGMT_C_ADD(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)={0x4c, r1, 0x1, 0x0, 0x0, {}, [@NLBL_MGMT_A_DOMAIN={0x6, 0x1, '%\x00'}, @NLBL_MGMT_A_IPV6ADDR={0x14, 0x5, @local}, @NLBL_MGMT_A_IPV6MASK={0x14, 0x6, @mcast1}, @NLBL_MGMT_A_PROTOCOL={0x8}]}, 0x4c}, 0x1, 0x700000000000000}, 0x0)

09:05:57 executing program 1:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{&(0x7f0000000040)=""/35, 0x23}, {0x0, 0x2}, {&(0x7f0000000300)=""/165, 0xa5}], 0x3, 0x0, 0x500)

[ 2948.954196] Call Trace:
[ 2948.954735]  <TASK>
[ 2948.955047]  x86_pmu_stop+0x149/0x330
[ 2948.955560]  x86_pmu_del+0x1be/0x610
[ 2948.958789]  event_sched_out+0x2ed/0xe80
[ 2948.959366]  __perf_remove_from_context+0x87/0xbe0
[ 2948.960077]  event_function+0x297/0x3d0
[ 2948.960622]  ? perf_uprobe_event_init+0x1c0/0x1c0
[ 2948.961281]  remote_function+0x125/0x1b0
[ 2948.961862]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 2948.962627]  ? perf_duration_warn+0x40/0x40
[ 2948.963241]  generic_exec_single+0x203/0x300
[ 2948.963866]  smp_call_function_single+0x189/0x460
[ 2948.964515]  ? perf_duration_warn+0x40/0x40
[ 2948.965072]  ? generic_exec_single+0x300/0x300
[ 2948.965647]  ? perf_duration_warn+0x40/0x40
[ 2948.966209]  ? lock_is_held_type+0xd7/0x130
[ 2948.966760]  event_function_call+0x3d0/0x430
[ 2948.967317]  ? perf_group_detach+0x11b0/0x11b0
[ 2948.967932]  ? perf_copy_attr+0x9c0/0x9c0
[ 2948.968465]  ? lock_release+0x3b2/0x6f0
[ 2948.968982]  ? perf_group_detach+0x11b0/0x11b0
[ 2948.969564]  ? perf_uprobe_event_init+0x1c0/0x1c0
[ 2948.970174]  ? _raw_spin_unlock_irq+0x1f/0x40
[ 2948.970789]  perf_remove_from_context+0x12e/0x260
[ 2948.971444]  perf_event_release_kernel+0x153/0x7f0
[ 2948.972121]  ? lock_is_held_type+0xd7/0x130
[ 2948.972744]  ? perf_pmu_migrate_context+0xae0/0xae0
[ 2948.973432]  ? lock_is_held_type+0xd7/0x130
[ 2948.974078]  perf_release+0x33/0x40
[ 2948.974625]  __fput+0x272/0x9d0
[ 2948.975083]  ? perf_event_release_kernel+0x7f0/0x7f0
[ 2948.975844]  task_work_run+0xe2/0x1a0
[ 2948.976477]  exit_to_user_mode_prepare+0x199/0x1a0
[ 2948.977156]  syscall_exit_to_user_mode+0x19/0x50
[ 2948.977854]  do_syscall_64+0x48/0x90
[ 2948.978383]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2948.979106] RIP: 0033:0x7f750a30a72b
[ 2948.979692] Code: 0f 05 48 3d 00 f0 ff ff 77 45 c3 0f 1f 40 00 48 83 ec 18 89 7c 24 0c e8 63 fc ff ff 8b 7c 24 0c 41 89 c0 b8 03 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 35 44 89 c7 89 44 24 0c e8 a1 fc ff ff 8b 44
[ 2948.982228] RSP: 002b:00007ffc8fa2e8d0 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[ 2948.983272] RAX: 0000000000000000 RBX: 0000000000000004 RCX: 00007f750a30a72b
[ 2948.984331] RDX: 0000000000000000 RSI: ffffffff8411f74e RDI: 0000000000000003
[ 2948.985307] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000001b30c2001c
[ 2948.986339] R10: 0000000000000f41 R11: 0000000000000293 R12: 00007f750a46bb60
[ 2948.987410] R13: 00007f750a46bb60 R14: 00007f750a46af60 R15: 00000000002cfe57
[ 2948.988422]  ? syscall_exit_to_user_mode+0x1e/0x50
[ 2948.989131]  </TASK>
09:05:57 executing program 6:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{&(0x7f0000000040)=""/35, 0x23}, {0x0}, {&(0x7f0000000300)=""/165, 0xa5}], 0x3, 0x0, 0x7a)

09:05:57 executing program 7:
openat$sndseq(0xffffffffffffff9c, 0x0, 0x0)
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{0x0}, {&(0x7f0000000300)=""/165, 0xa5}], 0x2, 0x0, 0x3f00)

09:05:57 executing program 2:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000080), r0)
sendmsg$NLBL_MGMT_C_ADD(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)={0x4c, r1, 0x1, 0x0, 0x0, {}, [@NLBL_MGMT_A_DOMAIN={0x6, 0x1, '%\x00'}, @NLBL_MGMT_A_IPV6ADDR={0x14, 0x5, @local}, @NLBL_MGMT_A_IPV6MASK={0x14, 0x6, @mcast1}, @NLBL_MGMT_A_PROTOCOL={0x8}]}, 0x4c}, 0x1, 0x700000000000000}, 0x0)

09:05:57 executing program 1:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{&(0x7f0000000040)=""/35, 0x23}, {0x0, 0x2}, {&(0x7f0000000300)=""/165, 0xa5}], 0x3, 0x0, 0x600)

[ 2949.133959] Call Trace:
[ 2949.134426]  <TASK>
[ 2949.134744]  ? x86_pmu_start+0x1c0/0x240
[ 2949.135322]  x86_pmu_enable+0x580/0xd90
[ 2949.135885]  ? amd_pmu_disable_virt+0xa0/0xa0
[ 2949.136514]  ctx_resched+0x2b9/0x3a0
[ 2949.137037]  __perf_install_in_context+0x285/0xa40
[ 2949.137713]  ? ctx_resched+0x3a0/0x3a0
[ 2949.138246]  remote_function+0x125/0x1b0
[ 2949.138853]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 2949.139656]  ? perf_duration_warn+0x40/0x40
[ 2949.140283]  generic_exec_single+0x203/0x300
[ 2949.140912]  smp_call_function_single+0x189/0x460
[ 2949.141570]  ? perf_duration_warn+0x40/0x40
[ 2949.142170]  ? generic_exec_single+0x300/0x300
[ 2949.142860]  ? perf_duration_warn+0x40/0x40
[ 2949.143485]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 2949.144344]  ? lock_is_held_type+0xd7/0x130
[ 2949.144921]  perf_install_in_context+0x4da/0x590
[ 2949.145553]  ? list_add_event+0xeb0/0xeb0
[ 2949.146097]  ? ctx_resched+0x3a0/0x3a0
[ 2949.146602]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 2949.147350]  ? exclusive_event_installable+0x254/0x320
[ 2949.148128]  __do_sys_perf_event_open+0x1bf0/0x3040
[ 2949.148843]  ? perf_remove_from_context+0x260/0x260
[ 2949.149514]  ? xfd_validate_state+0x59/0x180
[ 2949.150132]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2949.150836]  do_syscall_64+0x3b/0x90
[ 2949.151367]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2949.152107] RIP: 0033:0x7f750a357b19
[ 2949.152621] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2949.155050] RSP: 002b:00007f75078cd188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a
[ 2949.156091] RAX: ffffffffffffffda RBX: 00007f750a46af60 RCX: 00007f750a357b19
[ 2949.157000] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000c00
[ 2949.157917] RBP: 00007f750a3b1f6d R08: 0000000000000000 R09: 0000000000000000
[ 2949.158825] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000000
[ 2949.159760] R13: 00007ffc8fa2e86f R14: 00007f75078cd300 R15: 0000000000022000
[ 2949.160727]  </TASK>
[ 2949.233447] Call Trace:
[ 2949.233873]  <IRQ>
[ 2949.234218]  x86_pmu_stop+0x149/0x330
[ 2949.234825]  x86_pmu_del+0x1be/0x610
[ 2949.235456]  event_sched_out+0x2ed/0xe80
[ 2949.236174]  __perf_remove_from_context+0x87/0xbe0
[ 2949.236955]  event_function+0x297/0x3d0
[ 2949.237503]  ? perf_uprobe_event_init+0x1c0/0x1c0
[ 2949.238183]  remote_function+0x125/0x1b0
[ 2949.238775]  flush_smp_call_function_queue+0x1df/0x610
[ 2949.239493]  ? perf_duration_warn+0x40/0x40
[ 2949.240127]  __sysvec_call_function_single+0x92/0x3a0
[ 2949.240920]  sysvec_call_function_single+0x89/0xc0
[ 2949.241623]  </IRQ>
[ 2949.241913]  <TASK>
[ 2949.242202]  asm_sysvec_call_function_single+0x12/0x20
[ 2949.242900] RIP: 0010:__sanitizer_cov_trace_pc+0x7/0x60
[ 2949.243606] Code: 32 00 be 03 00 00 00 5d e9 b6 e9 c2 00 66 0f 1f 44 00 00 48 8b be a8 01 00 00 e8 b4 ff ff ff 31 c0 c3 90 65 8b 05 b9 b5 be 7e <89> c1 48 8b 34 24 81 e1 00 01 00 00 65 48 8b 14 25 40 6f 02 00 a9
[ 2949.246104] RSP: 0018:ffff8880413af3a8 EFLAGS: 00000202
[ 2949.246842] RAX: 0000000080000000 RBX: 0000000000000001 RCX: ffff8880405ed040
[ 2949.247825] RDX: 0000000000000000 RSI: ffff8880405ed040 RDI: 0000000000000003
[ 2949.248782] RBP: ffff8880100a2c01 R08: 0000000000000001 R09: 0000000000000001
[ 2949.249708] R10: ffffffff83607f0f R11: 0000000000000000 R12: ffff88804270a0e8
[ 2949.250673] R13: 0000000000000000 R14: 0000000000000000 R15: ffff88800ff4a580
[ 2949.251620]  ? __ip_queue_xmit+0x92f/0x1f10
[ 2949.252247]  __ip_queue_xmit+0x93c/0x1f10
[ 2949.252795]  ? __ip_queue_xmit+0x1f10/0x1f10
[ 2949.253373]  __tcp_transmit_skb+0x2ab0/0x3600
[ 2949.253988]  ? __tcp_select_window+0xba0/0xba0
[ 2949.254612]  ? lockdep_hardirqs_on+0x79/0x100
[ 2949.255217]  ? __sanitizer_cov_trace_cmp4+0x1c/0x70
[ 2949.255927]  tcp_write_xmit+0xdde/0x5830
[ 2949.256486]  ? tcp_validate_incoming+0x431/0x16a0
[ 2949.257132]  __tcp_push_pending_frames+0xaa/0x330
[ 2949.257793]  tcp_rcv_established+0x8bb/0x2050
[ 2949.258379]  ? lock_release+0x3b2/0x6f0
[ 2949.258904]  ? __release_sock+0xd0/0x400
[ 2949.259449]  ? tcp_data_queue+0x48a0/0x48a0
[ 2949.260055]  ? rt_cpu_seq_stop+0x10/0x10
[ 2949.260587]  tcp_v4_do_rcv+0x684/0x9b0
[ 2949.261116]  ? tcp_v4_send_reset+0x1e10/0x1e10
[ 2949.261706]  __release_sock+0x318/0x400
[ 2949.262259]  release_sock+0x54/0x1b0
[ 2949.262755]  tcp_sendpage+0x90/0xd0
[ 2949.263239]  ? tcp_sendpage_locked+0xc0/0xc0
[ 2949.263879]  inet_sendpage+0xc9/0x130
[ 2949.264411]  kernel_sendpage.part.0+0x157/0x4a0
[ 2949.265037]  sock_sendpage+0xdf/0x140
[ 2949.265519]  ? kernel_sendpage+0xd0/0xd0
[ 2949.266035]  pipe_to_sendpage+0x2af/0x380
[ 2949.266565]  ? propagate_umount+0x1540/0x1540
[ 2949.267138]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 2949.267867]  ? splice_from_pipe_next.part.0+0x166/0x520
[ 2949.268558]  __splice_from_pipe+0x439/0x890
[ 2949.269121]  ? propagate_umount+0x1540/0x1540
[ 2949.269722]  generic_splice_sendpage+0xd5/0x140
[ 2949.270335]  ? __ia32_sys_vmsplice+0xf0/0xf0
[ 2949.270907]  ? security_file_permission+0xb1/0xd0
[ 2949.271520]  ? __ia32_sys_vmsplice+0xf0/0xf0
[ 2949.272128]  direct_splice_actor+0x10f/0x170
[ 2949.272692]  splice_direct_to_actor+0x350/0x8e0
[ 2949.273323]  ? pipe_to_sendpage+0x380/0x380
[ 2949.273913]  ? do_splice_to+0x240/0x240
[ 2949.274447]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 2949.275316]  ? security_file_permission+0xb1/0xd0
[ 2949.276065]  do_splice_direct+0x1b8/0x280
[ 2949.276621]  ? splice_direct_to_actor+0x8e0/0x8e0
[ 2949.277267]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 2949.277950]  ? security_file_permission+0xb1/0xd0
[ 2949.278556]  do_sendfile+0xad7/0x1230
[ 2949.279085]  ? __ia32_compat_sys_preadv64+0x2e0/0x2e0
[ 2949.279820]  __x64_sys_sendfile64+0x1cd/0x210
[ 2949.280551]  ? __ia32_compat_sys_sendfile64+0x210/0x210
[ 2949.281378]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2949.282052]  do_syscall_64+0x3b/0x90
[ 2949.282539]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2949.283210] RIP: 0033:0x7fd83d5f0b19
[ 2949.283707] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2949.286214] RSP: 002b:00007fd83ab45188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[ 2949.287255] RAX: ffffffffffffffda RBX: 00007fd83d704020 RCX: 00007fd83d5f0b19
[ 2949.288250] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000005
[ 2949.289227] RBP: 00007fd83d64af6d R08: 0000000000000000 R09: 0000000000000000
[ 2949.290194] R10: 00000000fffffdef R11: 0000000000000246 R12: 0000000000000000
[ 2949.291164] R13: 00007ffd342fb13f R14: 00007fd83ab45300 R15: 0000000000022000
[ 2949.292188]  </TASK>
09:06:12 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, 0x0)
sendmsg$unix(0xffffffffffffffff, 0x0, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
pwritev(r0, &(0x7f0000000640)=[{&(0x7f00000009c0)="07bc2bfa4afc9b5f76a470466aa09a2d1fd39b7c14f39bd95bde9419", 0x1c}], 0x1, 0x8000000, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0)
r2 = socket$inet6(0xa, 0x1, 0x0)
bind$inet6(r2, &(0x7f00000002c0)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c)
recvfrom(r2, &(0x7f00000003c0)=""/87, 0x20010397, 0x300, 0x0, 0x0)
sendfile(r2, r1, 0x0, 0xfffffdef)
readv(r1, &(0x7f0000000b40)=[{&(0x7f0000000780)=""/22, 0x16}, {&(0x7f00000007c0)=""/251, 0xfb}, {&(0x7f00000008c0)=""/236, 0xec}, {&(0x7f0000000bc0)=""/89, 0x59}, {&(0x7f0000000a40)=""/70, 0x46}, {&(0x7f0000000ac0)=""/96, 0x60}], 0x6)
r3 = openat$cgroup_freezer_state(0xffffffffffffffff, 0x0, 0x2, 0x0)
close(0xffffffffffffffff)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$inet(r1, &(0x7f0000000380)={&(0x7f00000000c0)={0x2, 0x4e20, @empty}, 0x10, &(0x7f00000005c0)=[{&(0x7f0000000140)="f42df5f5ab2875a2e02edf7dd1e0e8e18d6bd5d646603127538654fd2c3669236b1563a7243e4c4ab8e4bc8c5193ac79c2", 0x31}, {&(0x7f0000000180)="e01455e973edf151c71067c9e606280b97446cb74cf3d18f552e39c20d2db383cdfffd05a8580fbd00f23e3a4ff29c3e3a9dabe9e294798ab68d1974449571f5b2b55e1e18688a7628a6cf207baf29c02088b43b6cc7640958f2abb7a68370b45155bd3031d4ff9f8832e606fd61ebdbb059cc734962fd584b4fff8fa4d0c027a39ad9f56b313f693b1462f506be2d7d607d315d146bee82e2e5df18018f4332eda30d1ff882ad38330153703950d2040f1b80add8f852d25c8ea0106f30c8e90509048fd2fe38b0ed294702d2815dc6344d8391b085f065dd5d1f69b103dac5a251caef78ae984d80110fe34f4bb5", 0xef}, {&(0x7f0000000300)="6edc7a39727ca248390c09bada8a74d38fc41d32bd5272b2152347a2d7654810c0fedd48c9ef3bdc6893e3d6e65da2e7940845c7a59232f73999df4e740357fd2b6a42d6c8c898c9dbbf4f19a3a3ce7dbfce78b19b0947aa665bc3b09729", 0x5e}, {&(0x7f0000000440)="37179b940c41c41036d9e2c421da778203e730e358d439aa0b5c1e5bdd16931e0344024e19db81bb1fda7120bab5d8b71ad0f447be9da5e97d64115096d568e5ede6a5592887115f74f1803a24ba1aa72da59894be4fc85ff01120eae548cc7c1bdd9e46145320ab9032cc0fc3ead4b8ec2ab72193ba4976ad3ae40a22171ec9c18ce4b3e4c5c9bf268327bf19f60e4e16e54db47eebc1007d169f9f47d36644382bb955334aaa2ff29850f566978236cbb2362674b9", 0xb6}, {&(0x7f0000000500)="60fb778cb189b9944c6cfa9dff84a558b6639000e39df561690a3f36da5b0d5dc1d9cb9185178a7536244576721ad8c704b425bb6489247ff097d4f5ff02ec47d5b3c1c8e21bc778b2353eed9df324299ba5a0773df30a2a2409ec5b1da88df73c01ed5b66462fcff6b8c038860dfbb83910a228dc1398c65b54bf4f0c1abc0b1276af5a5761c19aae4a7ffd4cb71a2d12d606034c3386fe55711b82ce5732db231b415bac6f5514f50aa1edb1fb7f067382d53c3a06fdaeefdc3ece473927", 0xbf}, {&(0x7f0000000280)="a8bf1db747024e270f6de3bad81b7dfa0badbcf01434f3cb4deff928bfc5", 0x1e}], 0x6, &(0x7f0000000680)=ANY=[@ANYBLOB="1400000000001f0000000000020000007e0000000000000014000000000000000000000002000000ff01000000000000b400000000000000000000000700000000890710ac1e00010703d886110000000202071ce8c7478701042ea5071ffc64010101e0000001ac1414bbe0000002ac1414bc7802bc70b7749779bbac1e0001ac1414aa070f6d0a010102e0000002ac1414aa014444c0437f00000100000009ac1414bb000100010a010100000000017f00000100000004e00000020000020f6401010000000003ac1414bb00000005ac1414aa000000030044146963ac1414bb00000001ac1e01"], 0xe8}, 0x20040000)
syz_genetlink_get_family_id$nl80211(&(0x7f0000001540), 0xffffffffffffffff)
ioctl$FITHAW(r3, 0xc0045878)
sendmsg$NL80211_CMD_STOP_AP(r4, &(0x7f0000001600)={0x0, 0x0, &(0x7f00000015c0)={&(0x7f0000001580)=ANY=[@ANYBLOB="1c000000", @ANYRES16=0x0, @ANYBLOB="0100000000000000000010f8ff0008000300", @ANYRES32=0x0, @ANYBLOB], 0x1c}}, 0x0)
getsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f0000000040), &(0x7f0000000080)=0xc)
syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x2200)

09:06:12 executing program 7:
openat$sndseq(0xffffffffffffff9c, 0x0, 0x0)
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{0x0}, {&(0x7f0000000300)=""/165, 0xa5}], 0x2, 0x0, 0x4800)

09:06:12 executing program 3:
socketpair$unix(0x1, 0x5, 0x0, 0x0)
sendmsg$unix(0xffffffffffffffff, 0x0, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
pwritev(r0, &(0x7f0000000640)=[{&(0x7f00000002c0)="19", 0x1}], 0x1, 0x8000000, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0)
r2 = socket$inet6(0xa, 0x1, 0x0)
bind$inet6(r2, &(0x7f00000002c0)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c)
recvfrom(r2, &(0x7f00000003c0)=""/87, 0x20010397, 0x300, 0x0, 0x0)
sendfile(r2, r1, 0x0, 0xfffffdef)
readv(0xffffffffffffffff, &(0x7f0000000040), 0x0)
openat$cgroup_freezer_state(0xffffffffffffffff, 0x0, 0x2, 0x0)
close(0xffffffffffffffff)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000001540), 0xffffffffffffffff)
sendmsg$NL80211_CMD_STOP_AP(r3, &(0x7f0000001600)={0x0, 0x0, &(0x7f00000015c0)={&(0x7f00000000c0)={0x28, 0x0, 0x1, 0x0, 0x0, {{}, {@val={0x8}, @val={0xc, 0x99, {0x5, 0x13}}}}}, 0x28}}, 0x44000)
getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000000040), &(0x7f0000000080)=0xc)
syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x2200)

09:06:12 executing program 6:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{&(0x7f0000000040)=""/35, 0x23}, {0x0}, {&(0x7f0000000300)=""/165, 0xa5}], 0x3, 0x0, 0xa5)

09:06:12 executing program 0:
perf_event_open$cgroup(&(0x7f0000000c00)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x1022, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

09:06:12 executing program 1:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{&(0x7f0000000040)=""/35, 0x23}, {0x0, 0x2}, {&(0x7f0000000300)=""/165, 0xa5}], 0x3, 0x0, 0x700)

09:06:12 executing program 2:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000080), r0)
sendmsg$NLBL_MGMT_C_ADD(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)={0x4c, r1, 0x1, 0x0, 0x0, {}, [@NLBL_MGMT_A_DOMAIN={0x6, 0x1, '%\x00'}, @NLBL_MGMT_A_IPV6ADDR={0x14, 0x5, @local}, @NLBL_MGMT_A_IPV6MASK={0x14, 0x6, @mcast1}, @NLBL_MGMT_A_PROTOCOL={0x8}]}, 0x4c}, 0x1, 0x700000000000000}, 0x0)

09:06:12 executing program 5:
socketpair$unix(0x1, 0x5, 0x0, 0x0)
sendmsg$unix(0xffffffffffffffff, 0x0, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
pwritev(r0, &(0x7f0000000640)=[{&(0x7f00000002c0)="19", 0x1}], 0x1, 0x8000000, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0)
r2 = socket$inet6(0xa, 0x1, 0x0)
bind$inet6(r2, &(0x7f00000002c0)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c)
recvfrom(r2, &(0x7f00000003c0)=""/87, 0x20010397, 0x300, 0x0, 0x0)
sendfile(r2, r1, 0x0, 0xfffffdef)
r3 = fsmount(r1, 0x0, 0x80)
ioctl$FS_IOC_FSSETXATTR(r3, 0x401c5820, &(0x7f00000000c0)={0x4, 0x4d8, 0x1, 0x8001, 0x5a})
readv(0xffffffffffffffff, &(0x7f0000000040), 0x0)
openat$cgroup_freezer_state(0xffffffffffffffff, 0x0, 0x2, 0x0)
close(0xffffffffffffffff)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000001540), 0xffffffffffffffff)
sendmsg$NL80211_CMD_STOP_AP(r4, &(0x7f0000001600)={0x0, 0x0, &(0x7f00000015c0)={&(0x7f0000001580)=ANY=[@ANYBLOB="092ec700", @ANYRES16=0x0, @ANYBLOB="010000000000000000001000000008000300", @ANYRES32=0x0, @ANYBLOB], 0x1c}}, 0x0)
getsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f0000000040), &(0x7f0000000080)=0xc)
syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x2200)

[ 2964.627317] Call Trace:
[ 2964.627815]  <IRQ>
[ 2964.628183]  ? x86_pmu_start+0x1c0/0x240
[ 2964.628732]  x86_pmu_enable+0x580/0xd90
[ 2964.629318]  ? amd_pmu_disable_virt+0xa0/0xa0
[ 2964.629956]  ctx_resched+0x2b9/0x3a0
[ 2964.630557]  __perf_install_in_context+0x285/0xa40
[ 2964.631243]  ? __irq_exit_rcu+0x113/0x170
[ 2964.631905]  ? ctx_resched+0x3a0/0x3a0
[ 2964.632506]  remote_function+0x125/0x1b0
[ 2964.633077]  flush_smp_call_function_queue+0x1df/0x610
[ 2964.633835]  ? perf_duration_warn+0x40/0x40
[ 2964.634433]  __sysvec_call_function_single+0x92/0x3a0
[ 2964.635148]  sysvec_call_function_single+0x89/0xc0
[ 2964.635827]  </IRQ>
[ 2964.636176]  <TASK>
[ 2964.636492]  asm_sysvec_call_function_single+0x12/0x20
[ 2964.637197] RIP: 0010:_raw_spin_unlock_irqrestore+0x2e/0x50
[ 2964.637978] Code: 48 83 c7 18 53 48 89 f3 48 8b 74 24 10 e8 7a 02 15 fd 48 89 ef e8 72 7f 15 fd 80 e7 02 74 06 e8 38 ae 36 fd fb bf 01 00 00 00 <e8> 6d 8b 0b fd 65 8b 05 e6 92 ee 7b 85 c0 74 03 5b 5d c3 0f 1f 44
[ 2964.640630] RSP: 0018:ffff888042afec20 EFLAGS: 00000202
[ 2964.641358] RAX: 0000000000000229 RBX: 0000000000000246 RCX: ffffffff81283e5f
[ 2964.642364] RDX: 0000000000000000 RSI: 0000000000000002 RDI: 0000000000000001
[ 2964.643363] RBP: ffff88800f168000 R08: 0000000000000001 R09: ffffffff86a3e807
[ 2964.644406] R10: fffffbfff0d47d00 R11: 0000000000000001 R12: 0000000000000000
[ 2964.645399] R13: 0000000000000246 R14: ffff88800b5f8010 R15: ffff888009170000
[ 2964.646377]  ? mark_lock.part.0+0xef/0x2f60
[ 2964.646997]  ata_scsi_queuecmd+0xd8/0x160
[ 2964.647593]  scsi_queue_rq+0x17ff/0x31f0
[ 2964.648211]  blk_mq_dispatch_rq_list+0x6c2/0x21d0
[ 2964.648903]  ? sbitmap_get+0x4cb/0x6f0
[ 2964.649458]  ? blk_mq_plug_issue_direct.constprop.0+0xda0/0xda0
[ 2964.650283]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[ 2964.651055]  ? __blk_mq_get_driver_tag+0x196/0x9e0
[ 2964.651742]  blk_mq_do_dispatch_sched+0x911/0xc20
[ 2964.652457]  ? blk_mq_sched_mark_restart_hctx+0x80/0x80
[ 2964.653205]  __blk_mq_sched_dispatch_requests+0x26d/0x3d0
[ 2964.653977]  ? lock_release+0x6f0/0x6f0
[ 2964.654521]  ? blk_mq_do_dispatch_ctx+0x6d0/0x6d0
[ 2964.655238]  ? find_held_lock+0x2c/0x110
[ 2964.655815]  blk_mq_sched_dispatch_requests+0x101/0x180
[ 2964.656592]  __blk_mq_run_hw_queue+0xff/0x350
[ 2964.657213]  __blk_mq_delay_run_hw_queue+0x58a/0x670
[ 2964.657939]  ? dd_prepare_request+0x40/0x40
[ 2964.658568]  blk_mq_run_hw_queue+0x321/0x4a0
[ 2964.659179]  blk_mq_sched_insert_requests+0x1d8/0x990
[ 2964.659913]  blk_mq_flush_plug_list+0x380/0xee0
[ 2964.660650]  ? blk_mq_insert_requests+0x530/0x530
[ 2964.661320]  __blk_flush_plug+0x289/0x420
[ 2964.661965]  ? submit_bio_noacct+0x7d9/0x13a0
[ 2964.662642]  ? blk_start_plug_nr_ios+0x250/0x250
[ 2964.663330]  ? submit_bio+0x157/0x2b0
[ 2964.663845]  blk_finish_plug+0x50/0xa0
[ 2964.664409]  ext4_writepages+0x252d/0x36e0
[ 2964.665013]  ? __ext4_mark_inode_dirty+0x860/0x860
[ 2964.665675]  ? mark_lock.part.0+0xef/0x2f60
[ 2964.666302]  ? lock_chain_count+0x20/0x20
[ 2964.666955]  ? find_held_lock+0x2c/0x110
[ 2964.667514]  ? lock_release+0x3b2/0x6f0
[ 2964.668100]  ? do_writepages+0x513/0x690
[ 2964.668663]  ? lock_downgrade+0x6d0/0x6d0
[ 2964.669206]  ? do_raw_spin_lock+0x121/0x260
[ 2964.669769]  ? rwlock_bug.part.0+0x90/0x90
[ 2964.670431]  ? __ext4_mark_inode_dirty+0x860/0x860
[ 2964.671117]  do_writepages+0x1b0/0x690
[ 2964.671655]  ? writeback_set_ratelimit+0x150/0x150
[ 2964.672377]  ? lock_release+0x3b2/0x6f0
[ 2964.672927]  ? wbc_attach_and_unlock_inode+0x463/0x8d0
[ 2964.673604]  ? lock_downgrade+0x6d0/0x6d0
[ 2964.674150]  ? lock_downgrade+0x6d0/0x6d0
[ 2964.674719]  ? lock_release+0x6f0/0x6f0
[ 2964.675262]  ? lock_is_held_type+0xd7/0x130
[ 2964.675868]  ? do_raw_spin_unlock+0x4f/0x210
[ 2964.676473]  ? _raw_spin_unlock+0x24/0x40
[ 2964.677019]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[ 2964.677757]  ? wbc_attach_and_unlock_inode+0x4b9/0x8d0
[ 2964.678455]  filemap_fdatawrite_wbc+0x143/0x1b0
[ 2964.679078]  file_write_and_wait_range+0x163/0x1e0
[ 2964.679734]  ? file_fdatawait_range+0x60/0x60
[ 2964.680388]  ? lock_is_held_type+0xd7/0x130
[ 2964.680960]  ext4_sync_file+0x225/0xfa0
[ 2964.681472]  ? ext4_getfsmap+0x9a0/0x9a0
[ 2964.682028]  vfs_fsync_range+0x13d/0x230
[ 2964.682578]  ext4_buffered_write_iter+0x2b7/0x390
[ 2964.683220]  ext4_file_write_iter+0x3dc/0x1800
[ 2964.683823]  ? __lock_acquire+0x164e/0x6120
[ 2964.684450]  ? ext4_file_read_iter+0x3f0/0x3f0
[ 2964.685213]  ? lock_is_held_type+0xd7/0x130
[ 2964.685985]  do_iter_readv_writev+0x3d8/0x650
[ 2964.686747]  ? __sanitizer_cov_trace_const_cmp1+0x22/0x80
[ 2964.687623]  ? new_sync_write+0x560/0x560
[ 2964.688343]  ? avc_policy_seqno+0x9/0x70
[ 2964.688916]  ? __sanitizer_cov_trace_cmp4+0x1c/0x70
[ 2964.689608]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 2964.690351]  ? security_file_permission+0xb1/0xd0
[ 2964.691023]  do_iter_write+0x187/0x6f0
[ 2964.691583]  ? lock_is_held_type+0xd7/0x130
[ 2964.692262]  vfs_writev+0x1aa/0x630
[ 2964.692819]  ? vfs_iter_write+0xa0/0xa0
[ 2964.693371]  ? lock_release+0x3b2/0x6f0
[ 2964.693926]  ? __fget_files+0x265/0x470
[ 2964.694477]  ? x86_pmu_enable+0xc10/0xd90
[ 2964.695095]  ? do_futex+0x136/0x380
[ 2964.695616]  ? __fget_files+0x287/0x470
[ 2964.696265]  __x64_sys_pwritev+0x22b/0x310
[ 2964.696750]  ? __x64_sys_pwritev2+0x150/0x150
[ 2964.697254]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2964.697839]  do_syscall_64+0x3b/0x90
[ 2964.698254]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2964.698832] RIP: 0033:0x7fd83d5f0b19
[ 2964.699250] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2964.701216] RSP: 002b:00007fd83ab66188 EFLAGS: 00000246 ORIG_RAX: 0000000000000128
[ 2964.702068] RAX: ffffffffffffffda RBX: 00007fd83d703f60 RCX: 00007fd83d5f0b19
[ 2964.702828] RDX: 0000000000000001 RSI: 0000000020000640 RDI: 0000000000000003
[ 2964.703617] RBP: 00007fd83d64af6d R08: 0000000000000000 R09: 0000000000000000
[ 2964.708671] R10: 0000000008000000 R11: 0000000000000246 R12: 0000000000000000
[ 2964.709557] R13: 00007ffd342fb13f R14: 00007fd83ab66300 R15: 0000000000022000
[ 2964.710488]  </TASK>
09:06:13 executing program 7:
openat$sndseq(0xffffffffffffff9c, 0x0, 0x0)
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{0x0}, {&(0x7f0000000300)=""/165, 0xa5}], 0x2, 0x0, 0x4c00)

09:06:13 executing program 6:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{&(0x7f0000000040)=""/35, 0x23}, {0x0}, {&(0x7f0000000300)=""/165, 0xa5}], 0x3, 0x0, 0xbf)

09:06:13 executing program 2:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000080), r0)
sendmsg$NLBL_MGMT_C_ADD(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)={0x38, r1, 0x1, 0x0, 0x0, {}, [@NLBL_MGMT_A_DOMAIN={0x6, 0x1, '%\x00'}, @NLBL_MGMT_A_IPV6ADDR={0x14, 0x5, @local}, @NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x5}]}, 0x38}, 0x1, 0x700000000000000}, 0x0)

09:06:13 executing program 1:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{&(0x7f0000000040)=""/35, 0x23}, {0x0, 0x2}, {&(0x7f0000000300)=""/165, 0xa5}], 0x3, 0x0, 0xa00)

09:06:13 executing program 7:
openat$sndseq(0xffffffffffffff9c, 0x0, 0x0)
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{0x0}, {&(0x7f0000000300)=""/165, 0xa5}], 0x2, 0x0, 0x6800)

09:06:13 executing program 6:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{&(0x7f0000000040)=""/35, 0x23}, {0x0}, {&(0x7f0000000300)=""/165, 0xa5}], 0x3, 0x0, 0x300)

09:06:13 executing program 1:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{&(0x7f0000000040)=""/35, 0x23}, {0x0, 0x2}, {&(0x7f0000000300)=""/165, 0xa5}], 0x3, 0x0, 0x3f00)

09:06:13 executing program 2:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000080), r0)
sendmsg$NLBL_MGMT_C_ADD(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)={0x38, r1, 0x1, 0x0, 0x0, {}, [@NLBL_MGMT_A_DOMAIN={0x6, 0x1, '%\x00'}, @NLBL_MGMT_A_IPV6ADDR={0x14, 0x5, @local}, @NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x5}]}, 0x38}, 0x1, 0x700000000000000}, 0x0)

[ 2964.999826] Call Trace:
[ 2965.000291]  <IRQ>
[ 2965.000602]  x86_pmu_stop+0x149/0x330
[ 2965.001132]  x86_pmu_del+0x1be/0x610
[ 2965.001639]  event_sched_out+0x2ed/0xe80
[ 2965.002187]  __perf_remove_from_context+0x87/0xbe0
[ 2965.002828]  event_function+0x297/0x3d0
[ 2965.003390]  ? perf_uprobe_event_init+0x1c0/0x1c0
[ 2965.004108]  remote_function+0x125/0x1b0
[ 2965.004665]  flush_smp_call_function_queue+0x1df/0x610
[ 2965.005357]  ? perf_duration_warn+0x40/0x40
[ 2965.005934]  __sysvec_call_function_single+0x92/0x3a0
[ 2965.006669]  sysvec_call_function_single+0x89/0xc0
[ 2965.007338]  </IRQ>
[ 2965.007625]  <TASK>
[ 2965.007917]  asm_sysvec_call_function_single+0x12/0x20
[ 2965.008673] RIP: 0010:__alloc_pages+0x37c/0x4e0
[ 2965.009304] Code: 00 0f 84 46 fe ff ff 80 ce 01 e9 3e fe ff ff 81 e5 00 20 00 00 0f 84 da 00 00 00 45 31 e4 e9 a3 fe ff ff 65 ff 05 24 39 93 7e <48> c7 c0 40 ca 8b 85 48 ba 00 00 00 00 00 fc ff df 48 c1 e8 03 80
[ 2965.011721] RSP: 0018:ffff88804a4bf2f8 EFLAGS: 00000283
[ 2965.012498] RAX: 0000000000000001 RBX: 1ffff11009497e60 RCX: ffffffff816f346a
[ 2965.013480] RDX: fffffbfff0b1b79b RSI: 0000000000000008 RDI: ffffffff858dbcd0
[ 2965.014444] RBP: 0000000000000000 R08: 0000000000000000 R09: ffffffff858dbcd7
[ 2965.015377] R10: fffffbfff0b1b79a R11: 0000000000000001 R12: ffffea000114c0c0
[ 2965.016422] R13: 0000000000000000 R14: 0000000000000000 R15: ffff88804a4bf350
[ 2965.017400]  ? __alloc_pages+0x20a/0x4e0
[ 2965.017950]  ? __alloc_pages+0x20a/0x4e0
[ 2965.018484]  ? __alloc_pages_slowpath.constprop.0+0x1f10/0x1f10
[ 2965.019313]  ? __lock_acquire+0xbac/0x6120
[ 2965.019899]  ? mark_lock.part.0+0xef/0x2f60
[ 2965.020532]  alloc_pages_vma+0xde/0x500
[ 2965.021077]  __handle_mm_fault+0xfe8/0x35c0
[ 2965.021656]  ? lock_is_held_type+0xd7/0x130
[ 2965.022218]  ? __pmd_alloc+0x680/0x680
[ 2965.022754]  handle_mm_fault+0x2e6/0xa20
[ 2965.023315]  do_user_addr_fault+0x54a/0x12a0
[ 2965.023932]  exc_page_fault+0xa2/0x1a0
[ 2965.024510]  asm_exc_page_fault+0x1e/0x30
[ 2965.025061] RIP: 0010:copy_user_generic_string+0x2c/0x40
[ 2965.025786] Code: cb 83 fa 08 72 27 89 f9 83 e1 07 74 15 83 e9 08 f7 d9 29 ca 8a 06 88 07 48 ff c6 48 ff c7 ff c9 75 f2 89 d1 c1 e9 03 83 e2 07 <f3> 48 a5 89 d1 f3 a4 31 c0 0f 01 ca c3 8d 0c ca 89 ca eb 20 0f 01
[ 2965.028280] RSP: 0018:ffff88804a4bf720 EFLAGS: 00050246
[ 2965.029000] RAX: 0000000000000001 RBX: 0000000000001000 RCX: 0000000000000078
[ 2965.029948] RDX: 0000000000000000 RSI: ffff888041205c40 RDI: 0000000020376000
[ 2965.030942] RBP: 00000000203753c0 R08: 0000000000000000 R09: ffff888041205fff
[ 2965.031905] R10: ffffed1008240bff R11: 0000000000000001 R12: ffff888041205000
[ 2965.032899] R13: 00007fffffffe000 R14: 0000000000000000 R15: ffff88804a4bfd70
[ 2965.033920]  copyout.part.0+0xd1/0x100
[ 2965.034468]  _copy_to_iter+0x2b1/0x1820
[ 2965.035016]  ? lock_is_held_type+0xd7/0x130
[ 2965.035594]  ? copy_page_from_iter+0x9f0/0x9f0
[ 2965.036240]  ? lock_release+0x3b2/0x6f0
[ 2965.036760]  ? sk_wait_data+0x2f3/0x450
[ 2965.037286]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[ 2965.038009]  ? __virt_addr_valid+0xe9/0x310
[ 2965.038613]  ? __sanitizer_cov_trace_const_cmp1+0x22/0x80
[ 2965.039370]  ? __sanitizer_cov_trace_cmp8+0x1d/0x70
[ 2965.040129]  ? __check_object_size+0x1b5/0x4e0
[ 2965.040803]  simple_copy_to_iter+0x4c/0x70
[ 2965.041445]  __skb_datagram_iter+0x4f1/0x880
[ 2965.042089]  ? receiver_wake_function+0x70/0x70
[ 2965.042732]  skb_copy_datagram_iter+0x85/0x270
[ 2965.043370]  tcp_recvmsg_locked+0xecf/0x1e80
[ 2965.044158]  ? tcp_update_recv_tstamps+0x230/0x230
[ 2965.044855]  ? mark_held_locks+0x9e/0xe0
[ 2965.045456]  ? __local_bh_enable_ip+0xa0/0x120
[ 2965.046173]  tcp_recvmsg+0x137/0x620
[ 2965.046745]  ? tcp_recv_timestamp+0x6e0/0x6e0
[ 2965.047398]  ? lock_release+0x3b2/0x6f0
[ 2965.047974]  ? selinux_socket_recvmsg+0x1fd/0x2b0
[ 2965.048762]  ? selinux_socket_getsockopt+0x2b0/0x2b0
[ 2965.049466]  ? tcp_recv_timestamp+0x6e0/0x6e0
[ 2965.050060]  inet6_recvmsg+0x13b/0x670
[ 2965.050599]  ? inet6_bind+0x120/0x120
[ 2965.051122]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 2965.051870]  ? security_socket_recvmsg+0x95/0xc0
[ 2965.052577]  ? inet6_bind+0x120/0x120
[ 2965.053106]  sock_recvmsg+0xfb/0x180
[ 2965.053650]  __sys_recvfrom+0x1b8/0x2f0
[ 2965.054202]  ? __ia32_sys_send+0x100/0x100
[ 2965.054850]  ? __sanitizer_cov_trace_cmp8+0x1d/0x70
[ 2965.055624]  ? xfd_validate_state+0x59/0x180
[ 2965.056291]  ? restore_fpregs_from_fpstate+0xcc/0x1e0
[ 2965.057095]  __x64_sys_recvfrom+0xdd/0x1b0
[ 2965.057745]  ? lockdep_hardirqs_on+0x79/0x100
[ 2965.058377]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2965.059101]  do_syscall_64+0x3b/0x90
[ 2965.059632]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2965.060528] RIP: 0033:0x7f7e5487cb19
[ 2965.061058] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2965.063720] RSP: 002b:00007f7e51df2188 EFLAGS: 00000246 ORIG_RAX: 000000000000002d
[ 2965.064843] RAX: ffffffffffffffda RBX: 00007f7e5498ff60 RCX: 00007f7e5487cb19
[ 2965.065868] RDX: 0000000020010397 RSI: 00000000200003c0 RDI: 0000000000000005
[ 2965.066828] RBP: 00007f7e548d6f6d R08: 0000000000000000 R09: 0000000000000000
[ 2965.067843] R10: 0000000000000300 R11: 0000000000000246 R12: 0000000000000000
[ 2965.068982] R13: 00007fffa39f8f4f R14: 00007f7e51df2300 R15: 0000000000022000
[ 2965.070006]  </TASK>
[ 2965.185797] Call Trace:
[ 2965.186268]  <IRQ>
[ 2965.186570]  ? x86_pmu_start+0x1c0/0x240
[ 2965.187145]  x86_pmu_enable+0x580/0xd90
[ 2965.187698]  ? amd_pmu_disable_virt+0xa0/0xa0
[ 2965.188426]  ctx_resched+0x2b9/0x3a0
[ 2965.188966]  __perf_install_in_context+0x285/0xa40
[ 2965.189669]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 2965.190439]  ? ctx_resched+0x3a0/0x3a0
[ 2965.191048]  remote_function+0x125/0x1b0
[ 2965.191615]  flush_smp_call_function_queue+0x1df/0x610
[ 2965.192358]  ? perf_duration_warn+0x40/0x40
[ 2965.192966]  __sysvec_call_function_single+0x92/0x3a0
[ 2965.193676]  sysvec_call_function_single+0x89/0xc0
[ 2965.194373]  </IRQ>
[ 2965.194684]  <TASK>
[ 2965.194989]  asm_sysvec_call_function_single+0x12/0x20
[ 2965.195715] RIP: 0010:get_page_from_freelist+0x120f/0x25d0
[ 2965.196550] Code: 48 c7 45 28 00 00 00 00 48 c7 c6 65 f5 6e 81 48 89 ef e8 f4 e8 b9 ff 48 83 7c 24 70 00 74 06 e8 b7 94 db ff fb 48 8b 44 24 10 <49> 8d 9d d8 03 00 00 48 85 c0 0f 84 4f 02 00 00 48 c1 e8 03 42 80
[ 2965.199172] RSP: 0018:ffff88804a4bf170 EFLAGS: 00000206
[ 2965.199910] RAX: ffffea000112c080 RBX: 0000000000000000 RCX: ffffffff81283e5f
[ 2965.201027] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 2965.202049] RBP: ffff88806ce346a0 R08: 0000000000000001 R09: ffffffff86a3e7af
[ 2965.203101] R10: fffffbfff0d47cf5 R11: 0000000000000001 R12: ffff88806ce346c8
[ 2965.204207] R13: ffff88807ffdc500 R14: dffffc0000000000 R15: ffffea000112c0c0
[ 2965.205246]  ? mark_lock.part.0+0xef/0x2f60
[ 2965.205919]  ? __zone_watermark_ok+0x2d0/0x2d0
[ 2965.206579]  ? prepare_alloc_pages+0x371/0x500
[ 2965.207214]  __alloc_pages+0x1b6/0x4e0
[ 2965.207769]  ? __alloc_pages_slowpath.constprop.0+0x1f10/0x1f10
[ 2965.208670]  ? __lock_acquire+0xbac/0x6120
[ 2965.209282]  ? mark_lock.part.0+0xef/0x2f60
[ 2965.209909]  alloc_pages_vma+0xde/0x500
[ 2965.210481]  __handle_mm_fault+0xfe8/0x35c0
[ 2965.211102]  ? lock_is_held_type+0xd7/0x130
[ 2965.211700]  ? __pmd_alloc+0x680/0x680
[ 2965.212299]  handle_mm_fault+0x2e6/0xa20
[ 2965.212857]  do_user_addr_fault+0x54a/0x12a0
[ 2965.213484]  exc_page_fault+0xa2/0x1a0
[ 2965.214064]  asm_exc_page_fault+0x1e/0x30
[ 2965.214665] RIP: 0010:copy_user_generic_string+0x2c/0x40
[ 2965.215425] Code: cb 83 fa 08 72 27 89 f9 83 e1 07 74 15 83 e9 08 f7 d9 29 ca 8a 06 88 07 48 ff c6 48 ff c7 ff c9 75 f2 89 d1 c1 e9 03 83 e2 07 <f3> 48 a5 89 d1 f3 a4 31 c0 0f 01 ca c3 8d 0c ca 89 ca eb 20 0f 01
[ 2965.218051] RSP: 0018:ffff88804a4bf720 EFLAGS: 00050246
[ 2965.218808] RAX: 0000000000000001 RBX: 0000000000001000 RCX: 0000000000000078
[ 2965.219802] RDX: 0000000000000000 RSI: ffff88801ef48c40 RDI: 000000002042c000
[ 2965.220850] RBP: 000000002042b3c0 R08: 0000000000000000 R09: ffff88801ef48fff
[ 2965.221843] R10: ffffed1003de91ff R11: 0000000000000001 R12: ffff88801ef48000
[ 2965.222827] R13: 00007fffffffe000 R14: 0000000000000000 R15: ffff88804a4bfd70
[ 2965.223890]  copyout.part.0+0xd1/0x100
[ 2965.224478]  _copy_to_iter+0x2b1/0x1820
[ 2965.225071]  ? copy_page_from_iter+0x9f0/0x9f0
[ 2965.225737]  ? lock_is_held_type+0xd7/0x130
[ 2965.226358]  ? find_held_lock+0x2c/0x110
[ 2965.226956]  ? lock_release+0x3b2/0x6f0
[ 2965.227507]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[ 2965.228324]  ? __virt_addr_valid+0xe9/0x310
[ 2965.228976]  ? __sanitizer_cov_trace_const_cmp1+0x22/0x80
[ 2965.229754]  ? __sanitizer_cov_trace_cmp8+0x1d/0x70
[ 2965.230440]  ? __check_object_size+0x1b5/0x4e0
[ 2965.231107]  simple_copy_to_iter+0x4c/0x70
[ 2965.231748]  __skb_datagram_iter+0x4f1/0x880
[ 2965.232407]  ? receiver_wake_function+0x70/0x70
[ 2965.233118]  skb_copy_datagram_iter+0x85/0x270
[ 2965.233794]  tcp_recvmsg_locked+0xecf/0x1e80
[ 2965.234406]  ? tcp_update_recv_tstamps+0x230/0x230
[ 2965.235089]  ? mark_held_locks+0x9e/0xe0
[ 2965.235683]  ? __local_bh_enable_ip+0xa0/0x120
[ 2965.236403]  tcp_recvmsg+0x137/0x620
[ 2965.236932]  ? tcp_recv_timestamp+0x6e0/0x6e0
[ 2965.237541]  ? lock_release+0x3b2/0x6f0
[ 2965.238135]  ? selinux_socket_recvmsg+0x1fd/0x2b0
[ 2965.238818]  ? selinux_socket_getsockopt+0x2b0/0x2b0
[ 2965.239545]  ? tcp_recv_timestamp+0x6e0/0x6e0
[ 2965.240203]  inet6_recvmsg+0x13b/0x670
[ 2965.240721]  ? inet6_bind+0x120/0x120
[ 2965.241249]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 2965.242002]  ? security_socket_recvmsg+0x95/0xc0
[ 2965.242647]  ? inet6_bind+0x120/0x120
[ 2965.243168]  sock_recvmsg+0xfb/0x180
[ 2965.243686]  __sys_recvfrom+0x1b8/0x2f0
[ 2965.244240]  ? __ia32_sys_send+0x100/0x100
[ 2965.244809]  ? __sanitizer_cov_trace_cmp8+0x1d/0x70
[ 2965.245466]  ? xfd_validate_state+0x59/0x180
[ 2965.246096]  ? restore_fpregs_from_fpstate+0xcc/0x1e0
[ 2965.246785]  __x64_sys_recvfrom+0xdd/0x1b0
[ 2965.247345]  ? lockdep_hardirqs_on+0x79/0x100
[ 2965.247958]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2965.248691]  do_syscall_64+0x3b/0x90
[ 2965.249182]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2965.249855] RIP: 0033:0x7f7e5487cb19
[ 2965.250346] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2965.252890] RSP: 002b:00007f7e51df2188 EFLAGS: 00000246 ORIG_RAX: 000000000000002d
[ 2965.253896] RAX: ffffffffffffffda RBX: 00007f7e5498ff60 RCX: 00007f7e5487cb19
[ 2965.254830] RDX: 0000000020010397 RSI: 00000000200003c0 RDI: 0000000000000005
[ 2965.255781] RBP: 00007f7e548d6f6d R08: 0000000000000000 R09: 0000000000000000
[ 2965.256775] R10: 0000000000000300 R11: 0000000000000246 R12: 0000000000000000
[ 2965.257716] R13: 00007fffa39f8f4f R14: 00007f7e51df2300 R15: 0000000000022000
[ 2965.258717]  </TASK>
[ 2965.392482] Call Trace:
[ 2965.392895]  <IRQ>
[ 2965.393218]  x86_pmu_stop+0x149/0x330
[ 2965.393744]  x86_pmu_del+0x1be/0x610
[ 2965.394259]  event_sched_out+0x2ed/0xe80
[ 2965.394803]  __perf_remove_from_context+0x87/0xbe0
[ 2965.395481]  event_function+0x297/0x3d0
[ 2965.396104]  ? perf_uprobe_event_init+0x1c0/0x1c0
[ 2965.396785]  remote_function+0x125/0x1b0
[ 2965.397389]  flush_smp_call_function_queue+0x1df/0x610
[ 2965.398139]  ? perf_duration_warn+0x40/0x40
[ 2965.398773]  __sysvec_call_function_single+0x92/0x3a0
[ 2965.399470]  sysvec_call_function_single+0x89/0xc0
[ 2965.400273]  </IRQ>
[ 2965.400592]  <TASK>
[ 2965.400907]  asm_sysvec_call_function_single+0x12/0x20
[ 2965.401620] RIP: 0010:put_cpu_partial+0x115/0x1b0
[ 2965.402298] Code: 39 43 28 75 5d 48 c7 43 28 00 00 00 00 48 c7 c6 50 de 75 81 48 89 df e8 09 00 b3 ff 48 85 ed 74 06 e8 cf ab d4 ff fb 4d 85 ed <74> 21 5b 4c 89 ee 5d 4c 89 e7 41 5c 41 5d 41 5e 41 5f e9 84 fd ff
[ 2965.404827] RSP: 0018:ffff888015d8f860 EFLAGS: 00000286
[ 2965.405528] RAX: 00000000014c41e7 RBX: ffff88806ce3e120 RCX: ffffffff81283e5f
[ 2965.406465] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 2965.407407] RBP: 0000000000000200 R08: 0000000000000001 R09: ffffffff86a3e797
[ 2965.408380] R10: fffffbfff0d47cf2 R11: 0000000000000001 R12: ffff888008064140
[ 2965.409372] R13: ffffea0000c12400 R14: ffffea0001090c00 R15: 0000000000000001
[ 2965.410348]  ? mark_lock.part.0+0xef/0x2f60
[ 2965.411001]  qlist_free_all+0x6d/0x190
[ 2965.411517]  kasan_quarantine_reduce+0x180/0x200
[ 2965.412208]  __kasan_slab_alloc+0x78/0x80
[ 2965.412761]  kmem_cache_alloc+0x1aa/0x480
[ 2965.413323]  create_object.isra.0+0x3a/0xa20
[ 2965.413907]  ? kasan_unpoison+0x23/0x50
[ 2965.414448]  kmem_cache_alloc+0x239/0x480
[ 2965.415008]  anon_vma_fork+0x1de/0x6a0
[ 2965.415560]  dup_mm+0x91b/0x1250
[ 2965.416083]  ? replace_mm_exe_file+0x490/0x490
[ 2965.416686]  ? __raw_spin_lock_init+0x36/0x110
[ 2965.417341]  copy_process+0x6946/0x6d60
[ 2965.417885]  ? __lock_acquire+0x164e/0x6120
[ 2965.418500]  ? __cleanup_sighand+0xb0/0xb0
[ 2965.419079]  ? lockdep_hardirqs_on_prepare+0x400/0x400
[ 2965.419913]  ? lock_is_held_type+0xd7/0x130
[ 2965.420562]  ? kernel_clone+0x2f8/0xa60
[ 2965.421143]  kernel_clone+0xe7/0xa60
[ 2965.421720]  ? lock_is_held_type+0xd7/0x130
[ 2965.422482]  ? create_io_thread+0xf0/0xf0
[ 2965.423113]  ? lock_release+0x3b2/0x6f0
[ 2965.423661]  ? __might_fault+0xd1/0x170
[ 2965.424289]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 2965.425066]  ? populate_seccomp_data+0x214/0x540
[ 2965.425725]  ? __sanitizer_cov_trace_const_cmp1+0x22/0x80
[ 2965.426537]  ? __seccomp_filter+0x5ab/0x1070
[ 2965.427191]  __do_sys_clone+0xc8/0x110
[ 2965.427770]  ? __do_sys_vfork+0xd0/0xd0
[ 2965.428389]  ? __secure_computing+0x195/0x2f0
[ 2965.429029]  do_syscall_64+0x3b/0x90
[ 2965.429618]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2965.430333] RIP: 0033:0x7fe025b664bb
[ 2965.430856] Code: ed 0f 85 f8 00 00 00 64 4c 8b 0c 25 10 00 00 00 45 31 c0 4d 8d 91 d0 02 00 00 31 d2 31 f6 bf 11 00 20 01 b8 38 00 00 00 0f 05 <48> 3d 00 f0 ff ff 0f 87 91 00 00 00 41 89 c5 85 c0 0f 85 9e 00 00
[ 2965.433521] RSP: 002b:00007fff3f1cb6d0 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[ 2965.434599] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00007fe025b664bb
[ 2965.435601] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011
[ 2965.436652] RBP: 0000000000000000 R08: 0000000000000000 R09: 00007fe0256da8c0
[ 2965.437699] R10: 00007fe0256dab90 R11: 0000000000000246 R12: 0000000000000000
[ 2965.438714] R13: 00007fff3f1cb7a0 R14: 0000000000000000 R15: 0000000000000000
[ 2965.439698]  </TASK>
09:06:28 executing program 6:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{&(0x7f0000000040)=""/35, 0x23}, {0x0}, {&(0x7f0000000300)=""/165, 0xa5}], 0x3, 0x0, 0x500)

09:06:28 executing program 1:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{&(0x7f0000000040)=""/35, 0x23}, {0x0, 0x2}, {&(0x7f0000000300)=""/165, 0xa5}], 0x3, 0x0, 0x4800)

09:06:28 executing program 4:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000080), r0)
sendmsg$NLBL_MGMT_C_ADD(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)={0x4c, r1, 0x0, 0x0, 0x0, {}, [@NLBL_MGMT_A_DOMAIN={0x6, 0x1, '%\x00'}, @NLBL_MGMT_A_IPV6ADDR={0x14, 0x5, @local}, @NLBL_MGMT_A_IPV6MASK={0x14, 0x6, @mcast1}, @NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x5}]}, 0x4c}, 0x1, 0x700000000000000}, 0x0)

09:06:28 executing program 3:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{&(0x7f0000000040)=""/35, 0x23}, {0x0, 0x2}, {&(0x7f0000000300)=""/165, 0xa5}], 0x3, 0x0, 0x700)

09:06:28 executing program 2:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000080), r0)
sendmsg$NLBL_MGMT_C_ADD(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)={0x38, r1, 0x1, 0x0, 0x0, {}, [@NLBL_MGMT_A_DOMAIN={0x6, 0x1, '%\x00'}, @NLBL_MGMT_A_IPV6ADDR={0x14, 0x5, @local}, @NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x5}]}, 0x38}, 0x1, 0x700000000000000}, 0x0)

09:06:28 executing program 5:
socketpair$unix(0x1, 0x5, 0x0, 0x0)
sendmsg$unix(0xffffffffffffffff, 0x0, 0x0)
recvmsg$unix(0xffffffffffffffff, &(0x7f0000000280)={&(0x7f0000000140), 0x6e, &(0x7f0000000240)=[{&(0x7f00000000c0)=""/12, 0xc}, {&(0x7f00000001c0)=""/120, 0x78}], 0x2, &(0x7f0000000440)=ANY=[@ANYBLOB="1c000000000000000100000002000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="0000000024000000000000000100000001000000dd139da0336cf5cfc22c3334bfcc877b83cf90534b1c9d04431adeca2d6df73479215816eb4019cf347e", @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYBLOB='\x00\x00\x00\x00'], 0x48}, 0x40)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
pwritev(r0, &(0x7f0000000640)=[{&(0x7f00000002c0)="19", 0x1}], 0x1, 0x8000000, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0)
r2 = socket$inet6(0xa, 0x1, 0x0)
bind$inet6(r2, &(0x7f00000002c0)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c)
recvfrom(r2, &(0x7f00000003c0)=""/87, 0x20010397, 0x300, 0x0, 0x0)
sendfile(r2, r1, 0x0, 0xfffffdef)
readv(0xffffffffffffffff, &(0x7f0000000040), 0x0)
openat$cgroup_freezer_state(0xffffffffffffffff, 0x0, 0x2, 0x0)
close(0xffffffffffffffff)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000001540), 0xffffffffffffffff)
sendmsg$NL80211_CMD_STOP_AP(r3, &(0x7f0000001600)={0x0, 0x0, &(0x7f00000015c0)={&(0x7f0000001580)={0x1c, 0x0, 0x1, 0x0, 0x0, {{}, {@val={0x8}, @void}}}, 0x1c}}, 0x0)
ioctl$RTC_PLL_GET(r1, 0x80207011, &(0x7f0000000300))
getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000000040), &(0x7f0000000080)=0xc)
syz_open_dev$sg(&(0x7f0000001000), 0x1000, 0x5a700)

09:06:28 executing program 0:
perf_event_open$cgroup(&(0x7f0000000c00)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x1023, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

09:06:28 executing program 7:
openat$sndseq(0xffffffffffffff9c, 0x0, 0x0)
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{0x0}, {&(0x7f0000000300)=""/165, 0xa5}], 0x2, 0x0, 0x6c00)

[ 2980.674776] Call Trace:
[ 2980.675204]  <TASK>
[ 2980.675518]  ? x86_pmu_start+0x1c0/0x240
[ 2980.676066]  x86_pmu_enable+0x580/0xd90
[ 2980.676652]  ? amd_pmu_disable_virt+0xa0/0xa0
[ 2980.677273]  ctx_resched+0x2b9/0x3a0
[ 2980.677794]  __perf_install_in_context+0x285/0xa40
[ 2980.678466]  ? ctx_resched+0x3a0/0x3a0
[ 2980.678986]  remote_function+0x125/0x1b0
[ 2980.679546]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 2980.680315]  ? perf_duration_warn+0x40/0x40
[ 2980.681170]  generic_exec_single+0x203/0x300
[ 2980.681792]  smp_call_function_single+0x189/0x460
[ 2980.682410]  ? perf_duration_warn+0x40/0x40
[ 2980.682982]  ? generic_exec_single+0x300/0x300
[ 2980.683580]  ? perf_duration_warn+0x40/0x40
[ 2980.684170]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 2980.684963]  ? lock_is_held_type+0xd7/0x130
[ 2980.685558]  perf_install_in_context+0x4da/0x590
[ 2980.686210]  ? list_add_event+0xeb0/0xeb0
[ 2980.686761]  ? ctx_resched+0x3a0/0x3a0
[ 2980.687302]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 2980.688055]  ? exclusive_event_installable+0x254/0x320
[ 2980.688926]  __do_sys_perf_event_open+0x1bf0/0x3040
[ 2980.689710]  ? __up_read+0x192/0x710
[ 2980.690222]  ? perf_remove_from_context+0x260/0x260
[ 2980.690914]  ? up_write+0x460/0x460
[ 2980.691418]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2980.692113]  do_syscall_64+0x3b/0x90
[ 2980.692670]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2980.693384] RIP: 0033:0x7f750a357b19
[ 2980.693901] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2980.696439] RSP: 002b:00007f75078cd188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a
[ 2980.697473] RAX: ffffffffffffffda RBX: 00007f750a46af60 RCX: 00007f750a357b19
[ 2980.698490] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000c00
[ 2980.699467] RBP: 00007f750a3b1f6d R08: 0000000000000000 R09: 0000000000000000
[ 2980.700491] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000000
[ 2980.701503] R13: 00007ffc8fa2e86f R14: 00007f75078cd300 R15: 0000000000022000
[ 2980.702515]  </TASK>
09:06:28 executing program 1:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{&(0x7f0000000040)=""/35, 0x23}, {0x0, 0x2}, {&(0x7f0000000300)=""/165, 0xa5}], 0x3, 0x0, 0x4c00)

09:06:28 executing program 4:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000080), r0)
sendmsg$NLBL_MGMT_C_ADD(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)={0x4c, r1, 0x0, 0x0, 0x0, {}, [@NLBL_MGMT_A_DOMAIN={0x6, 0x1, '%\x00'}, @NLBL_MGMT_A_IPV6ADDR={0x14, 0x5, @local}, @NLBL_MGMT_A_IPV6MASK={0x14, 0x6, @mcast1}, @NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x5}]}, 0x4c}, 0x1, 0x700000000000000}, 0x0)

09:06:28 executing program 3:
socketpair$unix(0x1, 0x5, 0x0, 0x0)
sendmsg$unix(0xffffffffffffffff, 0x0, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
pwritev(r0, &(0x7f0000000640)=[{&(0x7f00000002c0)="19", 0x1}], 0x1, 0x8000000, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0)
r2 = socket$inet6(0xa, 0x1, 0x0)
bind$inet6(r2, &(0x7f00000002c0)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c)
setxattr$security_ima(&(0x7f00000000c0)='./file1/file0\x00', &(0x7f0000000140), &(0x7f0000000180)=@sha1={0x1, "1bf3cbe0b75fa478d86c6242c84513d07a1a3bf8"}, 0x15, 0x3)
recvfrom(r2, &(0x7f00000003c0)=""/87, 0x20010397, 0x300, 0x0, 0x0)
sendfile(r2, r1, 0x0, 0xfffffdef)
readv(0xffffffffffffffff, &(0x7f0000000040), 0x0)
openat$cgroup_freezer_state(0xffffffffffffffff, 0x0, 0x2, 0x0)
close(0xffffffffffffffff)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000001540), 0xffffffffffffffff)
sendmsg$NL80211_CMD_STOP_AP(r3, &(0x7f0000001600)={0x0, 0x0, &(0x7f00000015c0)={&(0x7f0000001580)={0x1c, 0x0, 0x1, 0x0, 0x0, {{}, {@val={0x8}, @void}}}, 0x1c}}, 0x0)
getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000000040), &(0x7f0000000080)=0xc)
syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x2200)

09:06:29 executing program 7:
openat$sndseq(0xffffffffffffff9c, 0x0, 0x0)
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{0x0}, {&(0x7f0000000300)=""/165, 0xa5}], 0x2, 0x0, 0x7400)

[ 2980.760205] Call Trace:
[ 2980.760627]  <IRQ>
[ 2980.760910]  x86_pmu_stop+0x149/0x330
[ 2980.761460]  x86_pmu_del+0x1be/0x610
[ 2980.761973]  event_sched_out+0x2ed/0xe80
[ 2980.762505]  __perf_remove_from_context+0x87/0xbe0
[ 2980.763206]  event_function+0x297/0x3d0
[ 2980.763731]  ? perf_uprobe_event_init+0x1c0/0x1c0
[ 2980.764408]  remote_function+0x125/0x1b0
[ 2980.765072]  flush_smp_call_function_queue+0x1df/0x610
[ 2980.765951]  ? perf_duration_warn+0x40/0x40
[ 2980.766649]  __sysvec_call_function_single+0x92/0x3a0
[ 2980.767422]  sysvec_call_function_single+0x89/0xc0
[ 2980.768114]  </IRQ>
[ 2980.768489]  <TASK>
[ 2980.768792]  asm_sysvec_call_function_single+0x12/0x20
[ 2980.769527] RIP: 0010:unwind_next_frame+0xa6c/0x2250
[ 2980.770207] Code: 24 30 84 c0 48 8b 4c 24 38 0f 84 61 0b 00 00 48 b8 00 00 00 00 00 fc ff df 4c 89 e2 48 c1 ea 03 80 3c 02 00 0f 85 36 11 00 00 <49> 8b 46 58 48 3d d0 2b 10 81 0f 84 50 0d 00 00 48 ba 00 00 00 00
[ 2980.772783] RSP: 0018:ffff888018427120 EFLAGS: 00000246
[ 2980.773503] RAX: dffffc0000000000 RBX: 1ffff11003084e2d RCX: ffffffff85cb2661
[ 2980.774468] RDX: 1ffff11003084e4b RSI: ffff8880184277a8 RDI: ffff8880184277a8
[ 2980.775418] RBP: 0000000000000001 R08: ffffffff85cb265c R09: ffffffff85cb2660
[ 2980.776413] R10: ffffed1003084e4d R11: 000000000003403b R12: ffff888018427258
[ 2980.777389] R13: ffff888018427241 R14: ffff888018427200 R15: ffff8880184277a8
[ 2980.778395]  ? d_alloc_parallel+0x10a/0x1c00
[ 2980.779005]  ? deref_stack_reg+0x150/0x150
[ 2980.779593]  ? d_alloc_parallel+0x10a/0x1c00
[ 2980.780176]  ? kernel_text_address+0xd/0xb0
[ 2980.780787]  ? create_prof_cpu_mask+0x20/0x20
[ 2980.781403]  arch_stack_walk+0x83/0xf0
[ 2980.781967]  ? __lookup_slow+0x193/0x490
[ 2980.782556]  stack_trace_save+0x8c/0xc0
[ 2980.783119]  ? filter_irq_stacks+0x90/0x90
[ 2980.783691]  kasan_save_stack+0x1e/0x40
[ 2980.784307]  ? kasan_save_stack+0x1e/0x40
[ 2980.784895]  ? __kasan_slab_alloc+0x66/0x80
[ 2980.785472]  ? kmem_cache_alloc_lru+0x240/0x7c0
[ 2980.786161]  ? __d_alloc+0x31/0x990
[ 2980.786674]  ? d_alloc_parallel+0x10a/0x1c00
[ 2980.787274]  ? lockdep_hardirqs_on_prepare+0x400/0x400
[ 2980.787975]  ? lock_chain_count+0x20/0x20
[ 2980.788605]  ? xas_find_conflict+0x9e0/0x9e0
[ 2980.789217]  ? lock_is_held_type+0xd7/0x130
[ 2980.789778]  ? find_held_lock+0x2c/0x110
[ 2980.790310]  ? lock_release+0x3b2/0x6f0
[ 2980.790825]  ? obj_cgroup_charge+0x226/0x6a0
[ 2980.791446]  ? mark_held_locks+0x9e/0xe0
[ 2980.791999]  ? obj_cgroup_charge+0x247/0x6a0
[ 2980.792677]  ? lockdep_hardirqs_on+0x79/0x100
[ 2980.793316]  ? kasan_unpoison+0x23/0x50
[ 2980.793837]  __kasan_slab_alloc+0x66/0x80
[ 2980.794454]  kmem_cache_alloc_lru+0x240/0x7c0
[ 2980.795085]  ? __d_alloc+0x31/0x990
[ 2980.795634]  __d_alloc+0x31/0x990
[ 2980.796190]  d_alloc_parallel+0x10a/0x1c00
[ 2980.796814]  ? __lock_acquire+0x164e/0x6120
[ 2980.797457]  ? find_held_lock+0x2c/0x110
[ 2980.798072]  ? lockdep_hardirqs_on_prepare+0x400/0x400
[ 2980.798912]  ? lock_release+0x3b2/0x6f0
[ 2980.799446]  ? __d_lookup_rcu+0x730/0x730
[ 2980.800028]  ? lockdep_init_map_type+0x21a/0x7e0
[ 2980.800718]  ? lockdep_init_map_type+0x21a/0x7e0
[ 2980.801413]  __lookup_slow+0x193/0x490
[ 2980.801978]  ? page_put_link+0x1f0/0x1f0
[ 2980.802555]  ? mac802154_llsec_dev_add+0x520/0x910
[ 2980.803291]  ? mac802154_llsec_dev_add+0x520/0x910
[ 2980.803988]  ? selinux_path_notify+0x470/0x470
[ 2980.804692]  walk_component+0x411/0x6a0
[ 2980.805264]  ? handle_dots.part.0+0x1500/0x1500
[ 2980.805920]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 2980.806695]  ? security_inode_permission+0xcb/0x100
[ 2980.807429]  ? inode_permission.part.0+0xb5/0x670
[ 2980.808115]  link_path_walk.part.0+0x7f8/0xf80
[ 2980.808768]  ? path_init+0x17b0/0x17b0
[ 2980.809353]  ? percpu_counter_add_batch+0xb4/0x170
[ 2980.810078]  path_openat+0x25d/0x2870
[ 2980.810624]  ? path_lookupat+0x850/0x850
[ 2980.811199]  ? lockdep_hardirqs_on_prepare+0x400/0x400
[ 2980.811917]  ? lock_is_held_type+0xd7/0x130
[ 2980.812531]  do_filp_open+0x1aa/0x400
[ 2980.813067]  ? may_open_dev+0xf0/0xf0
[ 2980.813627]  ? rwlock_bug.part.0+0x90/0x90
[ 2980.814218]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[ 2980.814961]  ? _find_next_bit+0x1e5/0x260
[ 2980.815548]  ? _raw_spin_unlock+0x24/0x40
[ 2980.816139]  ? alloc_fd+0x2f0/0x670
[ 2980.816682]  do_sys_openat2+0x16d/0x4c0
[ 2980.817271]  ? build_open_flags+0x6f0/0x6f0
[ 2980.817853]  ? seccomp_notify_ioctl+0xdc0/0xdc0
[ 2980.818489]  __x64_sys_openat+0x13f/0x1f0
[ 2980.819071]  ? __x64_sys_open+0x1c0/0x1c0
[ 2980.819656]  ? __secure_computing+0x195/0x2f0
[ 2980.820303]  do_syscall_64+0x3b/0x90
[ 2980.820836]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2980.821629] RIP: 0033:0x7f9e21b9ac64
[ 2980.822245] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 36 61 f9 ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 68 61 f9 ff 8b 44
[ 2980.824912] RSP: 002b:00007ffd3e915560 EFLAGS: 00000293 ORIG_RAX: 0000000000000101
[ 2980.825942] RAX: ffffffffffffffda RBX: 000055c722ba3d60 RCX: 00007f9e21b9ac64
[ 2980.826989] RDX: 0000000000080802 RSI: 000055c722bd9e60 RDI: 00000000ffffff9c
[ 2980.827982] RBP: 000055c722bd9e60 R08: 0000000000000000 R09: ffffffffffffff01
[ 2980.828981] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000080802
[ 2980.829998] R13: 00000000fffffffa R14: 000055c722be6d70 R15: 0000000000000002
[ 2980.831025]  </TASK>
09:06:29 executing program 7:
openat$sndseq(0xffffffffffffff9c, 0x0, 0x0)
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{0x0}, {&(0x7f0000000300)=""/165, 0xa5}], 0x2, 0x0, 0x7a00)

09:06:29 executing program 6:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{&(0x7f0000000040)=""/35, 0x23}, {0x0}, {&(0x7f0000000300)=""/165, 0xa5}], 0x3, 0x0, 0x600)

09:06:29 executing program 4:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000080), r0)
sendmsg$NLBL_MGMT_C_ADD(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)={0x4c, r1, 0x0, 0x0, 0x0, {}, [@NLBL_MGMT_A_DOMAIN={0x6, 0x1, '%\x00'}, @NLBL_MGMT_A_IPV6ADDR={0x14, 0x5, @local}, @NLBL_MGMT_A_IPV6MASK={0x14, 0x6, @mcast1}, @NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x5}]}, 0x4c}, 0x1, 0x700000000000000}, 0x0)

09:06:29 executing program 1:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{&(0x7f0000000040)=""/35, 0x23}, {0x0, 0x2}, {&(0x7f0000000300)=""/165, 0xa5}], 0x3, 0x0, 0x60ff)

09:06:29 executing program 2:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000080), r0)
sendmsg$NLBL_MGMT_C_ADD(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)={0x38, r1, 0x1, 0x0, 0x0, {}, [@NLBL_MGMT_A_DOMAIN={0x6, 0x1, '%\x00'}, @NLBL_MGMT_A_IPV6MASK={0x14, 0x6, @mcast1}, @NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x5}]}, 0x38}, 0x1, 0x700000000000000}, 0x0)

[ 2980.937235] Call Trace:
[ 2980.937617]  <IRQ>
[ 2980.937902]  ? x86_pmu_start+0x1c0/0x240
[ 2980.938454]  x86_pmu_enable+0x580/0xd90
[ 2980.938979]  ? amd_pmu_disable_virt+0xa0/0xa0
[ 2980.939584]  ctx_resched+0x2b9/0x3a0
[ 2980.940082]  __perf_install_in_context+0x285/0xa40
[ 2980.940766]  ? __irq_exit_rcu+0x113/0x170
[ 2980.941317]  ? ctx_resched+0x3a0/0x3a0
[ 2980.941841]  remote_function+0x125/0x1b0
[ 2980.942406]  flush_smp_call_function_queue+0x1df/0x610
[ 2980.943111]  ? perf_duration_warn+0x40/0x40
[ 2980.943698]  __sysvec_call_function_single+0x92/0x3a0
[ 2980.944424]  sysvec_call_function_single+0x89/0xc0
[ 2980.945076]  </IRQ>
[ 2980.945365]  <TASK>
[ 2980.945657]  asm_sysvec_call_function_single+0x12/0x20
[ 2980.946360] RIP: 0010:_raw_spin_unlock_irqrestore+0x2e/0x50
[ 2980.947126] Code: 48 83 c7 18 53 48 89 f3 48 8b 74 24 10 e8 7a 02 15 fd 48 89 ef e8 72 7f 15 fd 80 e7 02 74 06 e8 38 ae 36 fd fb bf 01 00 00 00 <e8> 6d 8b 0b fd 65 8b 05 e6 92 ee 7b 85 c0 74 03 5b 5d c3 0f 1f 44
[ 2980.949572] RSP: 0018:ffff8880208e7938 EFLAGS: 00000206
[ 2980.950282] RAX: 000000000025fd8b RBX: 0000000000000246 RCX: ffffffff81283e5f
[ 2980.951211] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000001
[ 2980.952207] RBP: ffffffff852c2200 R08: 0000000000000001 R09: ffffffff86a3e7df
[ 2980.953204] R10: fffffbfff0d47cfb R11: 0000000000000001 R12: 0000000000002800
[ 2980.954149] R13: ffff88800d67a280 R14: 0000000000002800 R15: 0000000000002800
[ 2980.955113]  ? mark_lock.part.0+0xef/0x2f60
[ 2980.955732]  ? _raw_spin_unlock_irqrestore+0x28/0x50
[ 2980.956439]  kmem_cache_alloc+0x239/0x480
[ 2980.956989]  anon_vma_clone+0xdc/0x580
[ 2980.957544]  anon_vma_fork+0x82/0x6a0
[ 2980.958079]  ? __sanitizer_cov_trace_cmp8+0x1d/0x70
[ 2980.958774]  ? __vm_enough_memory+0x184/0x360
[ 2980.959358]  dup_mm+0x91b/0x1250
[ 2980.959806]  ? replace_mm_exe_file+0x490/0x490
[ 2980.960463]  ? __raw_spin_lock_init+0x36/0x110
[ 2980.961088]  copy_process+0x6946/0x6d60
[ 2980.961637]  ? lock_is_held_type+0xd7/0x130
[ 2980.962266]  ? __cleanup_sighand+0xb0/0xb0
[ 2980.962824]  ? do_raw_spin_unlock+0x4f/0x210
[ 2980.963397]  ? _raw_spin_unlock+0x24/0x40
[ 2980.963939]  ? do_wp_page+0x28d/0x24d0
[ 2980.964520]  ? kernel_clone+0x2f8/0xa60
[ 2980.965064]  kernel_clone+0xe7/0xa60
[ 2980.965604]  ? __handle_mm_fault+0x9f3/0x35c0
[ 2980.966192]  ? create_io_thread+0xf0/0xf0
[ 2980.966733]  ? lock_is_held_type+0xd7/0x130
[ 2980.967312]  ? lock_is_held_type+0xd7/0x130
[ 2980.967899]  ? find_held_lock+0x2c/0x110
[ 2980.968524]  ? lock_release+0x3b2/0x6f0
[ 2980.969068]  __do_sys_clone+0xc8/0x110
[ 2980.969630]  ? __do_sys_vfork+0xd0/0xd0
[ 2980.970173]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2980.970885]  do_syscall_64+0x3b/0x90
[ 2980.971392]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2980.972086] RIP: 0033:0x7f792bd1d10b
[ 2980.972619] Code: ed 0f 85 60 01 00 00 64 4c 8b 0c 25 10 00 00 00 45 31 c0 4d 8d 91 d0 02 00 00 31 d2 31 f6 bf 11 00 20 01 b8 38 00 00 00 0f 05 <48> 3d 00 f0 ff ff 0f 87 89 00 00 00 41 89 c5 85 c0 0f 85 90 00 00
[ 2980.975197] RSP: 002b:00007fffdbdaccc0 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[ 2980.976442] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f792bd1d10b
[ 2980.977424] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011
[ 2980.978429] RBP: 0000000000000001 R08: 0000000000000000 R09: 000055555698b400
[ 2980.979466] R10: 000055555698b6d0 R11: 0000000000000246 R12: 0000000000000001
[ 2980.980555] R13: 0000000000000000 R14: 0000000000000001 R15: 00007fffdbdacda0
[ 2980.981593]  </TASK>
09:06:29 executing program 5:
socketpair$unix(0x1, 0x5, 0x0, 0x0)
sendmsg$unix(0xffffffffffffffff, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
pwritev(r0, &(0x7f00000000c0)=[{&(0x7f0000001640)="27695be798d6f6d2a4d8e198b26d8dd5cebcbde6e1f820c054b52347b763d0b7cc49054498e9089834aed192540aa1993e0b319a65924e834ae8e940d185e7575469fb305ffc1c1a6d7a843a52f73ad8a5d238a7218e67aa3c8a17a07da0ad7e214145a4ec6c3a869db07795043ff840a92bfe1aedffc11d447d43bd8bb3c9a6ea0f17322292484547ef94bbcab63d3ce5780bd8f413d8f6e07e3b391dea5215a1ba3ff1a608a34eb242cc98237e142b9f20baeffccde203d22b9ac72836331f37d8d1a431433dab22c83935e96a846649b5e0c2524817bea9caab6db7639336bda521937292a6f5039c51fa157be29002e0a3b87c734ae8364fbe3f44f7f2aa1987d8570a320ee7deb6322749b6a22e542e2586e2e2d391321b7d51de1c4f3f5c3cc75d800f17f45bd1c916e290beae4b442463447c5bddc0bce08e0b56c61251b3a3aaa3852cf4d4e901bf1fa952cf6c4cd9edaa9cebdc6f73a7d5df607f701db0a00703957ced279ce60a52a17331c4053e903ea150e1550c350f7115fc064931d68d4656764467ccecb42ea5cf24ab19bfd619a08ee2e4d7d2044402a8f809c2268f56165071260d0de3bf648657ea78834d9ce9ab0451b1aac19e3467984eb360a6b7f30ae26cf2913038b639682c45434a6e9e73fc0591489cab7c9ce99344fff4f624252b5b49fe17638625c06af165ed1bed15768657e76d981abefc6ecd0e11afb1ed6b404d3afe58132c717ba3a743351d7f06081c09b6ff9d331fd2e9b2dcbd89eac041c685ed0f138059b0a88e84a33cd35e335ad0b2d914cfe467e1c95993d34aaf3825ffeb3c0c8f209d716ba679b029dfcb344c1f9d81847939c83471c3a06f8fb5500c5a436d354d2cdb9781ff2455d0a24ae39d6d2259407aca4ad67a463a858f279e8a1a12af3a127acc3b1f95d9c12d510cbd3a16fd248ea74a1fd236bbfc5d691124fb7fdb4dca4269481dbec08dfb3ead8b836de2a898301d70b9d67048b4c846ae00977511c34dce4da578104e5fafaf1ce3025c2377437766dcb6e3bbec994c1352e9b982629f1cf307cf1b06a997831c02b59cc77aaae30cf6be3cc8b852f00becad465e1c28bd0adf92b5bf97db1563358c3363494d47d88772c8a2cf4251f22083037dd5b3ac0525d448938bed333c51a34a3dffd13c00174a31d7fb8554e62dbba4d2c40b9a46cddebb81fef66443e32eb7a8a875c975d988970895fe5c96d53fafd8a85f4f16549732a2ab32a1ea7693ac9289f43918901718b0a26c61c62e2bd1a5849f2d8f53d523fb4270b5aae1e12400eeb5256fc14c8aaeaa2f102b678de56a716794f4bcbe132a70053ff1857beff8fe6b4a6ddd99abe829e248002df69ea7add6c15b120ab8c654ead8b7c4fc9dbf429ada14a41cbd781a4b64ddc2b327083d361a91076b99c892be9d9116fae2c344882e730a58404113b77a4280880c863ffef77ff6a2c28d7a63138e40544595117cce74fee97521b1280b4e196ef45fa88d97b677fa6fcd3318defd6fbd6d97c1d4a7a3294bffa4dd890497c37763b42f64bf57ee2dc1b82ee3f2ed00ecb8129fd21d49f7ba49fcce38f5bd570fa0334b4fb9fe92598ea0249fb45b33095f81c25a3c0da03e5774683020b1fef7ec5c3a1879dd5464754c0b721e3bdafe1038874df9c1629d845c21415bf1b77001c272595b9e20eb2c55e2f74eaeadeb071e33a6d958952b4dc87a7c5f825ebbc81cd495ed4992326a4e330d80b52386361971f7ad3ba24d9048edf374f3ca7437af3a0ed6faaa7eddebc927099ff4bfd7b5af8855edc7c268f631a3e39910f147ad05aed14b31cbe53c7fc142fdaf6330a5b75c6eb15666ea7756c1121426b66509e2dfca74ed0e38d4d06145ef5075926ca320f3746d5bb55b67802b31e7293fd036dec8ae724451a93b60a6064c5f3ede5e1271b6162af5790a1feedf9a474bd43b5dddfcdcac7ae1d7e39c2a498b73e980932840715bfb5de27692d5df378734356f6061e1e9d2e3619c6d71544835ec2e77199127863c70d160584cf77fd0d4442193c79f1e1e835385853f206e18aa383bcf3527b8f3c1543f8d24ed5cc4af7e83bc2defc7cdf8fb1c67d6160b4d52110dad7e60aae30cba94d3afe1f52cbbb99f860010c648d2b8a29e55d4ef7425655f7e9747342c871ada53712cd92a481d437d12abdbecd8fb7195681400ea46184f1bafe5ddb30f1ec7c26ff44e0ade7c78b881bc0f2c3f612f78d710c476a7a4bdf46f90ab875320353f07a2777dd0a3bdb1fae00623471a0512422cc9ec84586552d206b2856560b6a2278f59e67ddc55926758d9b870dd1eae2f33e0dc5c510ad1dbe651cd2c09e331b5983eea1c761849a03be1292f76c17401924dce4909dc1289ace18daf6d663330e8b7fd6451eecf07bee83e6b54c44d5939af916fa7616b8a82e91aecbc4843dd4fc0a264f9f13a628eb5581861089ac12d4dde870aba905d6c473b36291bcd65cd0368886b8beb02e2d6f7ee7fd9cfaeadf12db309b261e99e95226914149455c6d6b1e67fc1fe9e82738a0f7e6988005c33f85deef79b123df8a367555bf4f423dd1dbfdb0599ade24f2be61c9f7de5f62b687cd629b35ace4c571933d622434b4773b0b67ab79eed6d97507a2ad433c77a2d2d58f9aa79bc49fd55ebfd9f23337376f2322ab0849debee0526a3b3528abfff9dda4b06e9cd43500f31ef32d4e698e9bf3c1c7ebfea1f269e8d4fd3822b2baa8d3d698db6fbf03d90afa1f25b2bd21d0427d18a84cdfd8ac810136d809027955b77c2a4e532b462488a42a3e8a08483cdcc855e4737fccaf2d058738c68c2a922f72231acbd8a133b8ef3dd7af8b48213f66a1b72463e2a9dd2968d21ae02ef96ff841c12881f47c84ed726c62d7dc672d59c7a0007bc1975ef9953b4c4de80e9224ef625567535de4e0c8d765d21e276e0ab258bda0bf19f83bc310a0071302ecc8983fa58c65be57bf04f5fda22e6211c5d2ac420171e0fbcd12cf732bf6dd9103511ffd31af4b22acd9b000df2c24b70d50b5555a922f9c68165b3231eba8e414ed9966151fb0dcde912a8a1959e7b1692ccc2f8fa83b23eaac742985c408e7c318b0e6b717347d4cd5776faa8fb4d4bee646ebd1f385795c1e41e24175676697aa391365362eb7eb33afcda76a472b10929fdbeea243f673872d6c87de1d5d79e6045990529d4d6020d0cca53df203b41c26d8de6b989fc02f570c7c6fd8bf009f3c753d3ee970306c676d9ab674085ce8bdafbc78a9b8c9c316075bfed6ed34027fcea22a9d5be3277a274664279da5cb184dbaf8e96e7e8cdbbc33ca9ed30710991d216421aba5121ff0d68f99bb9b78b66d14fb4dabe4b9ffc5108d6efd47d46c85a428132245027f2cde4a6ec9a0fd394725d29731bb3cef834054fb1430ce8494ef8107754ba76899140dd9594dbfbbce58c3718ad4bce09d3091174a5c9ed9a0f4f14b78861ed128a0c0cf70834d0797b02c2ed72a8001ff028d65346f66820b7bb74245434e417929b0988a01afe407d2559898e3205c5bcd9147fbdb8f3f7410ff9552f990c586eb23c1ef1555e4b64bfa4b724a984383775e01c8ac8f8be5ecb77692bef5d2042e4cb255c7b8dc1c5de9cfeab7086569d6f07de032ab4bd8e5d1014de2f84d2e4f98cbaf431885ff9b5147a2d31bfdf651e893a9c0c096e0eefea1c8ac562c670464f9f574ce34fd0fdb314b14873d002fdfff81fd6ca1485181803b2e512cc7a187aac8c4e7e4d8573b870cc7704ebd04dcdc93b90352a0aa73b777fa9292b1a177c305c6898c2544097933386c576fac16faa1f17d554824172b309fcaaa92cba2b2dd1cf8e0db22d5fd189b45820d2f7e51d2c1933a39370b4edbb0da80d11b3734629514cbdc9d9b53ba5bae808354c2a4bd67ab05f9178322672a0dba75a5a542a12897bebf2c4c238fff6dca5b4af40b9507d63cabcd70778847b207ee132c22c0bee36b6dd96220d2a0f0d8238985b359fff0cc41527c91bb2e56c60cd42e1b8e82c2773a8b29d774c50054d4fc6cf645955772164228aea7c3b3d8a32443ec47b5f7a9755c879e71f7f352a8d6dd140a84b133723be94b61a77be4c7c693e84c7abb0c6db0fb4a49fe445888c68864eecb44b686f2f4977a3431a795113c7a826ec1511da983e22604d64ed67c304ada165f96ad8975b52e45585d2def35c2962ab7da7a4371c31fea8f8fbb103aa00aa1898e85033608321b0a6250478e4802d00ada601bce3d0a08906dd136165b653119a9bb6da5009f61b43794913e2be27d23796ebc990df7241aaafb16bcef9f4ff248a3b077c4a99ec0966b1c1a648ed20f7dfcc7fc57920849a11a6b7860922740fee7152bb76420f27a01d4120fc4f9d4089e96eb1574db8ab2839e1c19f71db246982a207cd1059a974008ce5c1b9b8a0dbe008daae94007475ff1361c88d741dd862cc31a4d67da0770f58932ebb360cd815c0bd3f27a1ce5cbc844841ae7b693f23ec2492d424b62a8219237a807413441e84a977a962238097da4e63b52f5b2400c4b4c8e7c214d434b7635bf985b5c9678cab0c9b582687cfddec7bff2cc002bfbc3acf16117573132caf374f29651e5c09a32cfa269b7772d2412011622bb84e3c346379cab521f48f92c21eebd4efdb4e6d8490bb923e3ab8bd01d5fc27b9d85d7d99db1cead669dc99a0c9820dd6b79ad805fff10ddb5e97dfd26221c48a4f816c8187c992acc41afeaf5b6e32d9c7268e61302a185ded478df77700fcd2021c9524f8295f05838e0cd429ecc7162e44da07c4edfe5d234045353f1d825db3e8805e29b47f56a7c2406cb6c42afb6e84da5cb4e4ffd8106a8d322dc8fa2200dedb6f2594019c9e9e3c306ed6ee11f2c16370e3da7206f1517d7dcff7967767a86f26b2e7ed56c4d69ec9c22fc6b1ec79acd4481deda14205f70ca70cbcd988fc43c68459a4a2f00d62b326b0f29c127460dab35b9901db9a7a9ceb9a92d54da5804770159fec8b397a670d267305508c5f94b1deb81ce4f83c34281856ad8736a152d9158e703297e21fad53a4cbf0f48f7c42d4189cd914dc44b8616b5e0a181df9b5a617115443170cd210c7c54733520c0b8da6a50e29d052c1f609e9b31830847d74a46170cf05b4caae97e89b92fc0766a2d81071528701d34e76021daa8f74f4cd54b01fc989325636fc4fdc7961a1e3c4c5250e2ecb63e0c6b29b4d2afb1c6bdb851d1a3166ddd06e51e491b1352928d1bd3b7e603dae0c924071b3fa8e74ca8d4e7292d612363570d3778041560327275cec6a269e2c3de007287e1d1e8351e894fcf9d533b342b3e5d199463c6a6753b66126384f112f90ef1688360735fe6a851b1aff15fa11fedfb059f71c2aaa949537c7d99d3097684b74ca05554757c5b2ecd4475435b9dde2be3932433caaff9c5d4d1e12e14b6d5563872ac3a58db7482cc8884b2c6d1e7fc767ad441820511e8ae49664286efec815017b97cbd7c0af9a34a0ebef3e96e5e537219dc03f0fb3df1a2dd1dbb1f1676f46192cd824507841ed0af25083e1242e9cf6af8f6601a8b247fe9cec531ac14cd048fbe86a75718a3f0ddd26d2129f7ac2db8b2c4783397265a728dddecd40540026d62d5287d640c98a34679ad3a96eb68e015361c9ea72b3d80c5254b7cd865f01a080b8a67e04aeaa9255f068db76ad587ad26751c0a5668708617b3cd5e5af75b662fe69ef55006369bde71ea1e1d7eba7ea0f7171766d987ce5", 0x1000}], 0x1, 0x8000000, 0x2)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0)
r2 = socket$inet6(0xa, 0x1, 0x0)
bind$inet6(r2, &(0x7f00000002c0)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c)
recvfrom(r2, &(0x7f00000003c0)=""/87, 0x20010397, 0x300, 0x0, 0x0)
sendfile(r2, r1, 0x0, 0xfffffdef)
readv(0xffffffffffffffff, &(0x7f0000000040), 0x0)
openat$cgroup_freezer_state(0xffffffffffffffff, 0x0, 0x2, 0x0)
close(0xffffffffffffffff)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000001540), 0xffffffffffffffff)
sendmsg$NL80211_CMD_STOP_AP(r3, &(0x7f0000001600)={0x0, 0x0, &(0x7f00000015c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="010025bd7000f4a063d2a08b888508030000", @ANYRES32=0x0, @ANYBLOB="0c4d99000000000021000000"], 0x28}, 0x1, 0x0, 0x0, 0x2600c010}, 0x0)
getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000000040), &(0x7f0000000080)=0xc)
syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x2200)

09:06:29 executing program 1:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{&(0x7f0000000040)=""/35, 0x23}, {0x0, 0x2}, {&(0x7f0000000300)=""/165, 0xa5}], 0x3, 0x0, 0x6800)

[ 2981.176733] Call Trace:
[ 2981.177190]  <IRQ>
[ 2981.177507]  x86_pmu_stop+0x149/0x330
[ 2981.178147]  x86_pmu_del+0x1be/0x610
[ 2981.178697]  event_sched_out+0x2ed/0xe80
[ 2981.179259]  __perf_remove_from_context+0x87/0xbe0
[ 2981.179986]  event_function+0x297/0x3d0
[ 2981.180628]  ? perf_uprobe_event_init+0x1c0/0x1c0
[ 2981.181344]  remote_function+0x125/0x1b0
[ 2981.181964]  flush_smp_call_function_queue+0x1df/0x610
[ 2981.182716]  ? perf_duration_warn+0x40/0x40
[ 2981.183330]  __sysvec_call_function_single+0x92/0x3a0
[ 2981.184073]  sysvec_call_function_single+0x89/0xc0
[ 2981.184826]  </IRQ>
[ 2981.185134]  <TASK>
[ 2981.185449]  asm_sysvec_call_function_single+0x12/0x20
[ 2981.186172] RIP: 0010:finish_task_switch.isra.0+0x230/0x870
[ 2981.186996] Code: 89 f7 48 c7 03 00 00 00 00 e8 8c 9b 20 03 4d 85 e4 75 ba 4c 89 f7 e8 6f 3e f4 02 e8 7a ed 2a 00 fb 65 48 8b 1c 25 40 6f 02 00 <48> 8d bb 40 14 00 00 48 b8 00 00 00 00 00 fc ff df 48 89 fa 48 c1
[ 2981.189691] RSP: 0018:ffff8880208e7730 EFLAGS: 00000202
[ 2981.190488] RAX: 0000000000260e73 RBX: ffff88801b5ad040 RCX: ffffffff81283e5f
[ 2981.191562] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000
[ 2981.192602] RBP: ffff8880208e7770 R08: 0000000000000001 R09: ffffffff86a3e7d7
[ 2981.193608] R10: fffffbfff0d47cfa R11: 0000000000000001 R12: 0000000000000001
[ 2981.194676] R13: ffff8880081bd040 R14: ffff88806ce37dc0 R15: ffff88806ce37dd8
[ 2981.195691]  ? mark_lock.part.0+0xef/0x2f60
[ 2981.196397]  __schedule+0x895/0x2450
[ 2981.196971]  ? io_schedule_timeout+0x140/0x140
[ 2981.197612]  ? lock_is_held_type+0xd7/0x130
[ 2981.198218]  ? __cond_resched+0x13/0x20
[ 2981.198778]  preempt_schedule_common+0x45/0xc0
[ 2981.199413]  __cond_resched+0x13/0x20
[ 2981.199966]  alloc_vmap_area+0x150/0x1de0
[ 2981.200579]  ? kmem_cache_alloc_node_trace+0x256/0x3f0
[ 2981.201356]  ? lock_is_held_type+0xd7/0x130
[ 2981.201988]  ? purge_vmap_area_lazy+0xc0/0xc0
[ 2981.202614]  ? rcu_read_lock_sched_held+0x3a/0x70
[ 2981.203309]  ? trace_kmalloc_node+0x29/0xd0
[ 2981.203954]  __get_vm_area_node+0x13c/0x350
[ 2981.204571]  __vmalloc_node_range+0x258/0x13d0
[ 2981.205205]  ? do_ipt_get_ctl+0x59d/0x960
[ 2981.205790]  ? __mutex_lock+0x215/0x1480
[ 2981.206364]  ? do_ipt_get_ctl+0x59d/0x960
[ 2981.206950]  ? lock_release+0x3b2/0x6f0
[ 2981.207514]  ? __vmalloc_node+0x100/0x100
[ 2981.208100]  ? do_ipt_get_ctl+0x59d/0x960
[ 2981.208706]  __vmalloc_node+0xb5/0x100
[ 2981.209276]  ? do_ipt_get_ctl+0x59d/0x960
[ 2981.209858]  do_ipt_get_ctl+0x59d/0x960
[ 2981.210423]  ? __mutex_unlock_slowpath+0x15c/0x5e0
[ 2981.211142]  ? compat_get_entries+0x770/0x770
[ 2981.211769]  ? lock_release+0x3b2/0x6f0
[ 2981.212370]  ? nf_sockopt_find.constprop.0+0x22d/0x2a0
[ 2981.213208]  nf_getsockopt+0x78/0xd0
[ 2981.213757]  ip_getsockopt+0x164/0x1c0
[ 2981.214295]  ? do_ip_getsockopt+0x18d0/0x18d0
[ 2981.214898]  ? lock_downgrade+0x6d0/0x6d0
[ 2981.215465]  ? alloc_file+0x580/0x580
[ 2981.216050]  tcp_getsockopt+0x8c/0xd0
[ 2981.216640]  ? sock_def_destruct+0x10/0x10
[ 2981.217205]  __sys_getsockopt+0x14c/0x250
[ 2981.217737]  ? __ia32_sys_setsockopt+0x150/0x150
[ 2981.218359]  ? __sys_socket+0x16d/0x200
[ 2981.218898]  __x64_sys_getsockopt+0xba/0x150
[ 2981.219453]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2981.220140]  do_syscall_64+0x3b/0x90
[ 2981.220713]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2981.221409] RIP: 0033:0x7f792bd2013a
[ 2981.221907] Code: 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 49 89 ca b8 37 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2981.224410] RSP: 002b:00007fffdbdac5e8 EFLAGS: 00000216 ORIG_RAX: 0000000000000037
[ 2981.225450] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f792bd2013a
[ 2981.226413] RDX: 0000000000000041 RSI: 0000000000000000 RDI: 0000000000000003
[ 2981.227365] RBP: 00007fffdbdac610 R08: 00007fffdbdac60c R09: ffffffffffff0000
[ 2981.228344] R10: 00007fffdbdac670 R11: 0000000000000216 R12: 00007fffdbdac670
[ 2981.229256] R13: 0000000000000003 R14: 00007fffdbdac60c R15: 00007f792be01d20
[ 2981.230186]  </TASK>
09:06:44 executing program 7:
openat$sndseq(0xffffffffffffff9c, 0x0, 0x0)
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{0x0}, {&(0x7f0000000300)=""/165, 0xa5}], 0x2, 0x0, 0xa500)

09:06:44 executing program 2:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000080), r0)
sendmsg$NLBL_MGMT_C_ADD(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)={0x38, r1, 0x1, 0x0, 0x0, {}, [@NLBL_MGMT_A_DOMAIN={0x6, 0x1, '%\x00'}, @NLBL_MGMT_A_IPV6MASK={0x14, 0x6, @mcast1}, @NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x5}]}, 0x38}, 0x1, 0x700000000000000}, 0x0)

09:06:44 executing program 1:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{&(0x7f0000000040)=""/35, 0x23}, {0x0, 0x2}, {&(0x7f0000000300)=""/165, 0xa5}], 0x3, 0x0, 0x6c00)

09:06:44 executing program 5:
socketpair$unix(0x1, 0x5, 0x0, 0x0)
sendmsg$unix(0xffffffffffffffff, 0x0, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
pwritev(r0, &(0x7f0000000640)=[{&(0x7f00000002c0)="19", 0x1}], 0x1, 0x8000000, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0)
r2 = socket$inet6(0xa, 0x1, 0x0)
bind$inet6(r2, &(0x7f00000002c0)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c)
recvfrom(r2, &(0x7f00000003c0)=""/87, 0x20010397, 0x300, 0x0, 0x0)
r3 = perf_event_open(&(0x7f00000001c0)={0x1, 0x80, 0x92, 0x8, 0x5, 0x0, 0x0, 0x53b, 0x20424, 0x8, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x2, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x128, 0x2, @perf_config_ext={0x3, 0x100}, 0x5001, 0x3, 0x2, 0x5, 0xff, 0x80, 0x9, 0x0, 0x0, 0x0, 0x1f}, 0x0, 0xb, r1, 0x3)
sendfile(r2, r3, 0x0, 0xfffffdef)
readv(0xffffffffffffffff, &(0x7f0000000a00)=[{&(0x7f0000000300)=""/89, 0x59}, {&(0x7f0000000380)=""/49, 0x31}, {&(0x7f0000000440)=""/226, 0xe2}, {&(0x7f0000000540)=""/217, 0xd9}, {&(0x7f0000000680)=""/61, 0x3d}, {&(0x7f00000006c0)=""/165, 0xa5}, {&(0x7f0000000780)=""/100, 0x64}, {&(0x7f0000000800)=""/203, 0xcb}, {&(0x7f0000000900)=""/243, 0xf3}], 0x9)
openat$cgroup_freezer_state(0xffffffffffffffff, 0x0, 0x2, 0x0)
close(0xffffffffffffffff)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000001540), 0xffffffffffffffff)
sendmsg$NL80211_CMD_STOP_AP(r4, &(0x7f0000001600)={0x0, 0x0, &(0x7f00000015c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="1c000000", @ANYRES16=0x0, @ANYBLOB="010000000000000000001000000008000300", @ANYRES32=0x0, @ANYBLOB="7be942c46a1031d418f5fcb997353a1ab2909fd06c62b2827501fd0bc185bb2f7a238faa698a1fdcc9ef4ec149ea1becd5c3578a42f589137d4db511400f118fb9b299ec0f2c2f5759894c5c95f4ca45df094984b97d98"], 0x1c}}, 0x0)
getsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f0000000040), &(0x7f0000000080)=0xc)
syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x2200)
getsockopt$ARPT_SO_GET_INFO(r1, 0x0, 0x60, &(0x7f0000000240)={'filter\x00', 0x0, [0x6, 0x7f, 0x8]}, &(0x7f00000000c0)=0x44)

09:06:44 executing program 4:
r0 = add_key$keyring(&(0x7f0000000240), &(0x7f0000000280)={'syz', 0x0}, 0x0, 0x0, 0xfffffffffffffffd)
keyctl$update(0x2, r0, 0x0, 0x0)
keyctl$search(0xa, r0, &(0x7f0000000080)='cifs.spnego\x00', &(0x7f0000000140)={'syz', 0x1}, 0xfffffffffffffffe)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r2 = syz_io_uring_setup(0x10, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x39a}, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffe000/0x1000)=nil, 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000000)={'rose0\x00'})
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
io_uring_enter(r2, 0x789a, 0x2464, 0x3, &(0x7f00000012c0)={[0x3]}, 0x8)
r4 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0)
preadv(r4, &(0x7f00000011c0)=[{&(0x7f0000000180)=""/4096, 0x1000}], 0x1, 0x7, 0x0)
io_uring_enter(0xffffffffffffffff, 0x3072, 0x9e3c, 0x2, &(0x7f0000001300)={[0x4]}, 0x8)
r5 = socket$inet6_udp(0xa, 0x2, 0x0)
r6 = socket$nl_audit(0x10, 0x3, 0x9)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000340)={'sit0\x00', <r7=>0x0})
sendmmsg$inet(r5, &(0x7f0000002600)=[{{&(0x7f0000000100)={0x2, 0x4e24, @loopback}, 0x10, 0x0, 0x0, &(0x7f0000002500)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {r7, @dev, @broadcast}}}], 0x20}}], 0x1, 0x0)
ioctl$sock_inet6_SIOCSIFADDR(0xffffffffffffffff, 0x8916, &(0x7f00000000c0)={@private2, 0xc})
dup3(r3, r1, 0x0)
r8 = add_key$keyring(&(0x7f0000001180), &(0x7f0000001200)={'syz', 0x3}, 0x0, 0x0, r0)
ioctl$BTRFS_IOC_DEFRAG(r1, 0x50009402, 0x0)
keyctl$search(0xa, r8, &(0x7f0000001240)='cifs.spnego\x00', &(0x7f0000001280)={'syz', 0x1}, r0)

09:06:44 executing program 6:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{&(0x7f0000000040)=""/35, 0x23}, {0x0}, {&(0x7f0000000300)=""/165, 0xa5}], 0x3, 0x0, 0x700)

09:06:44 executing program 0:
perf_event_open$cgroup(&(0x7f0000000c00)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x1024, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

09:06:44 executing program 3:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', <r2=>0x0})
sendmsg$NL80211_CMD_REGISTER_FRAME(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000180)={0x1c, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}}, 0x1c}}, 0x0)
sendmsg$NL80211_CMD_SET_TID_CONFIG(r0, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000040)={&(0x7f00000002c0)={0x9ac, r1, 0x1, 0x70bd29, 0x25dfdbfb, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_TID_CONFIG={0x68, 0x11d, 0x0, 0x1, [{0xc, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_AMPDU_CTRL={0x5}]}, {0x2c, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_RTSCTS_CTRL={0x5}, @NL80211_TID_CONFIG_ATTR_AMSDU_CTRL={0x5, 0xb, 0x1}, @NL80211_TID_CONFIG_ATTR_OVERRIDE={0x4}, @NL80211_TID_CONFIG_ATTR_VIF_SUPP={0xc, 0x2, 0xfc191f7}, @NL80211_TID_CONFIG_ATTR_AMSDU_CTRL={0x5, 0xb, 0x1}]}, {0x2c, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_PEER_SUPP={0xc, 0x3, 0x401}, @NL80211_TID_CONFIG_ATTR_AMPDU_CTRL={0x5}, @NL80211_TID_CONFIG_ATTR_OVERRIDE={0x4}, @NL80211_TID_CONFIG_ATTR_RTSCTS_CTRL={0x5}, @NL80211_TID_CONFIG_ATTR_AMPDU_CTRL={0x5, 0x9, 0x1}]}]}, @NL80211_ATTR_TID_CONFIG={0x84, 0x11d, 0x0, 0x1, [{0x20, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_TX_RATE_TYPE={0x5}, @NL80211_TID_CONFIG_ATTR_TIDS={0x6, 0x5, 0x26}, @NL80211_TID_CONFIG_ATTR_PEER_SUPP={0xc, 0x3, 0x200}]}, {0x38, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_AMSDU_CTRL={0x5, 0xb, 0x1}, @NL80211_TID_CONFIG_ATTR_VIF_SUPP={0xc, 0x2, 0xfffffffffffff000}, @NL80211_TID_CONFIG_ATTR_PEER_SUPP={0xc, 0x3, 0x200000002000}, @NL80211_TID_CONFIG_ATTR_NOACK={0x5, 0x6, 0x1}, @NL80211_TID_CONFIG_ATTR_VIF_SUPP={0xc, 0x2, 0x8}]}, {0x28, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_VIF_SUPP={0xc, 0x2, 0x3}, @NL80211_TID_CONFIG_ATTR_RETRY_SHORT={0x5, 0x7, 0x10}, @NL80211_TID_CONFIG_ATTR_NOACK={0x5, 0x6, 0x1}, @NL80211_TID_CONFIG_ATTR_TX_RATE_TYPE={0x5}]}]}, @NL80211_ATTR_TID_CONFIG={0x570, 0x11d, 0x0, 0x1, [{0x50, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_TX_RATE_TYPE={0x5}, @NL80211_TID_CONFIG_ATTR_VIF_SUPP={0xc, 0x2, 0x7}, @NL80211_TID_CONFIG_ATTR_RETRY_LONG={0x5, 0x8, 0x7a}, @NL80211_TID_CONFIG_ATTR_PEER_SUPP={0xc, 0x3, 0x40}, @NL80211_TID_CONFIG_ATTR_NOACK={0x5}, @NL80211_TID_CONFIG_ATTR_PEER_SUPP={0xc, 0x3, 0xc07d}, @NL80211_TID_CONFIG_ATTR_TX_RATE_TYPE={0x5, 0xc, 0x1}, @NL80211_TID_CONFIG_ATTR_RETRY_LONG={0x5, 0x8, 0x15}]}, {0x270, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_RETRY_SHORT={0x5, 0x7, 0xad}, @NL80211_TID_CONFIG_ATTR_TIDS={0x6, 0x5, 0xae}, @NL80211_TID_CONFIG_ATTR_TX_RATE={0x24c, 0xd, 0x0, 0x1, [@NL80211_BAND_6GHZ={0xb4, 0x3, 0x0, 0x1, [@NL80211_TXRATE_HT={0xb, 0x2, [{0x0, 0x3}, {0x0, 0xa}, {0x4, 0xa}, {0x2, 0x9}, {0x1, 0x3}, {0x6, 0x2}, {0x5, 0x7}]}, @NL80211_TXRATE_GI={0x5}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x20, 0x8, 0x1f, 0x800, 0x101, 0x2, 0x7, 0x3]}}, @NL80211_TXRATE_LEGACY={0x19, 0x1, [0x4, 0x1b, 0x1b, 0x12, 0x24, 0x30, 0x6c, 0x1b, 0x6, 0x6, 0x60, 0x3, 0x9, 0x3, 0x1a, 0x2, 0x1b, 0x30, 0xb, 0x2, 0x16]}, @NL80211_TXRATE_HT={0x4c, 0x2, [{0x6}, {0x0, 0x8}, {0x1}, {0x1, 0x9}, {0x4, 0x3}, {0x1, 0xa}, {0x1, 0x7}, {0x0, 0x9}, {0x2, 0x6}, {0x5, 0xa}, {0x6, 0x3}, {0x2, 0x1}, {0x2, 0x4}, {0x7, 0xa}, {0x0, 0x6}, {0x1, 0x5}, {0x3, 0x7}, {0x5, 0x5}, {0x6, 0x7}, {0x4, 0x4}, {0x6, 0x8}, {0x1, 0x1}, {0x6, 0xa}, {0x0, 0x7}, {0x7, 0x4}, {0x2, 0x3}, {0x4, 0x1}, {0x0, 0x5}, {0x2, 0x5}, {0x7, 0x1}, {0x2, 0x9}, {0x6, 0xa}, {0x7, 0xa}, {0x3, 0xa}, {0x6, 0x12}, {0x2, 0x6}, {0x6, 0x8}, {}, {0x4, 0x5}, {}, {0x4, 0xa}, {0x0, 0x9}, {0x6}, {0x0, 0x4}, {0x7, 0x7}, {0x4, 0x6}, {0x0, 0x3}, {0x1}, {0x7, 0x2}, {0x7, 0x9}, {0x6, 0xa}, {0x4, 0x1}, {0x4, 0x5}, {0x6, 0x3}, {0x5, 0x1}, {0x1, 0xa}, {0x6, 0x3}, {0x0, 0x2}, {0x2}, {0x2, 0x5}, {0x7}, {0x1}, {0x0, 0x7}, {0x5, 0x1}, {0x7, 0x1}, {0x2, 0xa}, {0x4, 0xa}, {0x6, 0x9}, {0x4, 0x2}, {0x6, 0x8}, {0x5, 0x4}, {0x7, 0x8}]}, @NL80211_TXRATE_GI={0x5}, @NL80211_TXRATE_LEGACY={0x18, 0x1, [0x30, 0x18, 0x6, 0x24, 0x30, 0x5, 0x0, 0x5, 0xb, 0x1, 0x18, 0x48, 0x18, 0x1, 0xc, 0x36, 0x12, 0xb, 0x1, 0x24]}]}, @NL80211_BAND_6GHZ={0x48, 0x3, 0x0, 0x1, [@NL80211_TXRATE_VHT={0x14, 0x3, {[0x7ff, 0x80, 0x20, 0x7fff, 0xfff, 0x3, 0x5, 0x2]}}, @NL80211_TXRATE_GI={0x5, 0x4, 0x1}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0xa2, 0x20, 0x5, 0x100, 0x81, 0xfc01, 0x7, 0x8000]}}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x119, 0x8, 0xac, 0xebc4, 0x9691, 0x8, 0x7fff, 0xffc1]}}]}, @NL80211_BAND_5GHZ={0x90, 0x1, 0x0, 0x1, [@NL80211_TXRATE_GI={0x5}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x20, 0x98, 0x7, 0x5e2, 0xfa, 0x4, 0x2, 0x4]}}, @NL80211_TXRATE_HT={0x4b, 0x2, [{0x3, 0x6}, {0x6, 0x6}, {0x5, 0x4}, {0x7, 0x4}, {0x1, 0x7}, {0x3, 0x19}, {0x6, 0x2}, {0x0, 0x4}, {0x1, 0x3}, {0x4, 0x8}, {0x2, 0xa}, {0x0, 0x9}, {0x1, 0x6}, {0x1, 0x5}, {0x3, 0x6}, {0x1, 0x5}, {0x6, 0x3}, {0x7, 0x1}, {0x2, 0x2}, {0x4, 0x6}, {0x3, 0x8}, {0x5, 0x5}, {0x2, 0x9}, {0x1, 0xa}, {0x0, 0x3}, {0x6, 0x3}, {0x0, 0x9}, {0x1, 0x9}, {0x1, 0x1}, {0x0, 0x3}, {0x5, 0x2}, {0x0, 0x5}, {0x2, 0x1}, {0x0, 0x3}, {0x3, 0x3}, {0x0, 0xa}, {0x4, 0x6}, {0x0, 0x9}, {0x6, 0x1}, {0x0, 0x4}, {0x4, 0xa}, {0x2, 0x6}, {0x0, 0xa}, {0x5, 0x4}, {0x1, 0x9}, {0x4, 0x9}, {0x6, 0x5}, {0x3, 0x4}, {0x1}, {0x2, 0x1}, {0x0, 0x8}, {0x7, 0x7}, {0x2, 0x7}, {0x4, 0x6}, {0x6, 0x5}, {0x2}, {0x2, 0x9}, {0x7, 0x6}, {0x5, 0x5}, {0x0, 0x4}, {0x3, 0x2}, {0x3, 0x7}, {0x7, 0x8}, {0x0, 0x4}, {0x7, 0xa}, {0x3, 0x9}, {0x5, 0x2}, {0x5, 0x2}, {0x3, 0x5}, {0x7, 0x3}, {0x3, 0x1}]}, @NL80211_TXRATE_LEGACY={0x5, 0x1, [0x848f55f83f39ba62]}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x1, 0x0, 0xff, 0x1, 0x9, 0x4, 0x5, 0x5]}}, @NL80211_TXRATE_GI={0x5, 0x4, 0x2}]}, @NL80211_BAND_60GHZ={0x14, 0x2, 0x0, 0x1, [@NL80211_TXRATE_HT={0xe, 0x2, [{0x4, 0xa}, {0x7, 0x7}, {0x6, 0xa}, {0x4, 0x5}, {0x5, 0x3}, {0x5}, {0x5, 0x7}, {0x7, 0x2}, {0x0, 0xa}, {0x1, 0x5}]}]}, @NL80211_BAND_2GHZ={0x6c, 0x0, 0x0, 0x1, [@NL80211_TXRATE_HT={0x1f, 0x2, [{0x1, 0x2}, {0x0, 0xa}, {0x5, 0x5}, {0x7}, {0x0, 0x7}, {0x0, 0xa}, {0x4, 0x9}, {0x1, 0x2}, {0x5, 0xa}, {0x5, 0x4}, {0x5, 0x1}, {0x0, 0x5}, {0x0, 0x7}, {0x1, 0xa}, {0x5, 0x1}, {0x2}, {0x7, 0x9}, {0x5}, {0x7}, {0x6, 0x8}, {0x2, 0x1}, {0x4, 0x4}, {0x6, 0x6}, {0x2, 0x3}, {0x2, 0x5}, {0x1, 0x9}, {0x4, 0x6}]}, @NL80211_TXRATE_HT={0x1d, 0x2, [{0x3, 0x4}, {0x4, 0x1}, {0x6, 0x7}, {0x0, 0x8}, {0x0, 0x2}, {0x0, 0x2}, {0x7, 0xa}, {0x2, 0x7}, {0x4, 0x4}, {0x2, 0x7}, {0x2, 0x1}, {0x1, 0x1}, {0x4, 0x4}, {0x0, 0x4}, {0x3, 0x9}, {0x6, 0x3}, {0x5, 0x9}, {0x1, 0x9}, {0x3, 0x2}, {0x6, 0x3}, {0x3, 0x6}, {0x5, 0x2}, {0x2, 0x7}, {0x0, 0x3}, {0x4, 0x4}]}, @NL80211_TXRATE_LEGACY={0x1d, 0x1, [0x1, 0x16, 0x48, 0x2, 0x1, 0x1, 0x1b, 0x9, 0x12, 0x48, 0x1b, 0x0, 0x36, 0x16, 0x16, 0x2, 0x1b, 0x17, 0x30, 0x1, 0x4, 0x2, 0x36, 0x36, 0x29]}, @NL80211_TXRATE_GI={0x5, 0x4, 0x1}]}, @NL80211_BAND_60GHZ={0x3c, 0x2, 0x0, 0x1, [@NL80211_TXRATE_GI={0x5}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0xfff8, 0x7, 0x7, 0x3, 0x4, 0x9930, 0x3]}}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0xfcc3, 0x6, 0x8, 0x1, 0x0, 0x4, 0x5c54, 0x6]}}, @NL80211_TXRATE_GI={0x5, 0x4, 0x1}]}]}, @NL80211_TID_CONFIG_ATTR_AMPDU_CTRL={0x5}, @NL80211_TID_CONFIG_ATTR_AMSDU_CTRL={0x5}]}, {0xc, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_RTSCTS_CTRL={0x5}]}, {0xc, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_RETRY_LONG={0x5, 0x8, 0x17}]}, {0x50, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_TX_RATE_TYPE={0x5}, @NL80211_TID_CONFIG_ATTR_NOACK={0x5}, @NL80211_TID_CONFIG_ATTR_VIF_SUPP={0xc, 0x2, 0x10001}, @NL80211_TID_CONFIG_ATTR_RETRY_LONG={0x5, 0x8, 0xb}, @NL80211_TID_CONFIG_ATTR_RTSCTS_CTRL={0x5}, @NL80211_TID_CONFIG_ATTR_TX_RATE={0x4}, @NL80211_TID_CONFIG_ATTR_NOACK={0x5}, @NL80211_TID_CONFIG_ATTR_OVERRIDE={0x4}, @NL80211_TID_CONFIG_ATTR_RETRY_SHORT={0x5, 0x7, 0x39}, @NL80211_TID_CONFIG_ATTR_NOACK={0x5}]}, {0x34, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_TIDS={0x6, 0x5, 0xd9}, @NL80211_TID_CONFIG_ATTR_RETRY_LONG={0x5, 0x8, 0x6b}, @NL80211_TID_CONFIG_ATTR_NOACK={0x5}, @NL80211_TID_CONFIG_ATTR_AMPDU_CTRL={0x5, 0x9, 0x1}, @NL80211_TID_CONFIG_ATTR_TIDS={0x6, 0x5, 0xbf}, @NL80211_TID_CONFIG_ATTR_RETRY_LONG={0x5, 0x8, 0xa0}]}, {0x1c8, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_AMSDU_CTRL={0x5}, @NL80211_TID_CONFIG_ATTR_TX_RATE={0x17c, 0xd, 0x0, 0x1, [@NL80211_BAND_2GHZ={0xc8, 0x0, 0x0, 0x1, [@NL80211_TXRATE_LEGACY={0x1c, 0x1, [0x1, 0x36, 0x2a, 0x2, 0x16, 0x36, 0x9, 0x30, 0x12, 0x6c, 0x16, 0x6c, 0x12, 0x6c, 0x48, 0x9, 0x1b, 0x2, 0x24, 0x30, 0x60, 0x0, 0x48, 0x60]}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x7, 0x3, 0x8, 0xc97, 0x80, 0x1, 0x3, 0xaa8e]}}, @NL80211_TXRATE_HT={0x45, 0x2, [{0x0, 0x1}, {0x1, 0x7}, {0x4, 0x4}, {0x5, 0x5}, {}, {0x7, 0x6}, {0x4, 0x9}, {0x1, 0xa}, {0x3, 0x4}, {0x5, 0x7}, {0x1, 0x5}, {0x2, 0x4}, {0x5}, {0x7, 0x4}, {0x2}, {0x2, 0x2}, {0x2, 0x1}, {0x1, 0x9}, {0x5, 0x7}, {0x2, 0x5}, {0x2, 0xa}, {0x7}, {0x2, 0x1}, {0x4, 0x3}, {0x4, 0x2}, {0x5, 0x3}, {0x0, 0x1}, {0x5, 0x9}, {0x0, 0x2}, {0x1, 0x3}, {0x5, 0x9}, {0x3}, {0x3, 0x4}, {0x2, 0x2}, {0x3, 0x4}, {0x2, 0x5}, {0x5, 0x5}, {0x5, 0x3}, {0x1}, {0x6, 0x9}, {0x0, 0xa}, {0x1, 0x4}, {0x4, 0x5}, {0x6, 0x5}, {0x6}, {0x6, 0x8}, {0x4, 0x4}, {0x1, 0x4}, {0x5, 0x5}, {0x2, 0x6}, {0x4}, {0x1, 0x4}, {0x4, 0x7}, {0x6, 0x6}, {0x5, 0x5}, {0x1, 0x5}, {0x5, 0x1}, {0x3, 0x7}, {0x6, 0x7}, {0x5, 0xa}, {0x0, 0x6}, {0x3}, {0x0, 0xa}, {0x5, 0x7}, {0x3}]}, @NL80211_TXRATE_LEGACY={0x18, 0x1, [0x1, 0x1, 0x16, 0x6c, 0xc, 0x48, 0x36, 0x3, 0x12, 0x6c, 0x36, 0x1, 0x36, 0x48, 0x28, 0x18, 0x6, 0x30, 0xc, 0x7faf579ae0c01df5]}, @NL80211_TXRATE_HT={0x12, 0x2, [{0x3, 0xa}, {0x4, 0x8}, {0x4, 0x2}, {0x3, 0x4}, {0x7, 0x5}, {0x3, 0x5}, {0x4, 0x8}, {0x7, 0x6}, {0x5}, {0x1, 0x5}, {0x1, 0x6}, {0x7, 0x9}, {0x3}, {0x5, 0x3}]}, @NL80211_TXRATE_LEGACY={0x20, 0x1, [0x12, 0x48, 0x16, 0x5, 0x6, 0x18, 0x48, 0x73, 0x60, 0x12, 0x36, 0x24, 0x12, 0x3, 0x1, 0x9, 0x0, 0xb, 0x48, 0x6c, 0x12, 0x36, 0xb, 0x4, 0x6c, 0x12, 0x2, 0x1]}]}, @NL80211_BAND_6GHZ={0x2c, 0x3, 0x0, 0x1, [@NL80211_TXRATE_LEGACY={0x20, 0x1, [0x18, 0x12, 0x67, 0xbfe995d34286e247, 0x36, 0x6, 0x6, 0x30, 0x1, 0x24, 0x6c, 0x60, 0x5, 0x36, 0x6, 0x3, 0x30, 0x2, 0x30, 0x2, 0x1, 0x4, 0x48, 0xc, 0x12, 0x48, 0x24, 0x6]}, @NL80211_TXRATE_HT={0x8, 0x2, [{0x7, 0x1}, {0x2, 0xa}, {0x1, 0xa}, {0x2, 0x3}]}]}, @NL80211_BAND_6GHZ={0x58, 0x3, 0x0, 0x1, [@NL80211_TXRATE_LEGACY={0xa, 0x1, [0x6, 0x5, 0xb, 0x18, 0x4, 0x6b]}, @NL80211_TXRATE_HT={0x47, 0x2, [{0x1, 0x6}, {}, {0x2, 0x4}, {0x6, 0x9}, {0x2, 0x9}, {0x1, 0x8}, {0x3, 0x8}, {0x5, 0x8}, {0x3, 0x9}, {0x0, 0x2}, {0x4, 0x7}, {0x1, 0x4}, {0x4, 0x7}, {0x2, 0x6}, {0x7, 0x3}, {0x3, 0x1}, {0x4, 0x1}, {0x1, 0x3}, {0x6, 0x6}, {0x3, 0x6}, {0x7, 0x5}, {0x7, 0x4}, {0x6, 0x8}, {0x3, 0x3}, {0x7, 0xa}, {0x0, 0x6}, {0x5, 0x8}, {0x7, 0x9}, {0x5, 0x6}, {0x5, 0x6}, {0x7, 0x6}, {0x3, 0x4}, {0x6, 0x7}, {0x6, 0x7}, {0x7, 0x4}, {0x3, 0xa}, {0x1, 0x8}, {0x2, 0x7}, {0x7, 0x1}, {0x2, 0x6}, {0x6, 0x2}, {0x3, 0x8}, {0x7, 0x8}, {0x4, 0x4}, {0x6, 0x6}, {0x2, 0x7}, {0x2}, {0x3, 0x7}, {0x3, 0x3}, {0x2}, {0x2, 0x3}, {0x0, 0x2}, {0x6}, {0x0, 0x4}, {0x3, 0x6}, {0x4, 0x7}, {0x7, 0x5}, {0x6, 0x9}, {0x7, 0x5}, {0x4, 0x3}, {0x2, 0x1}, {0x7}, {0x2, 0x7}, {0x4, 0xa}, {0x7, 0x3}, {0x3, 0x9}, {0x5, 0x3}]}]}, @NL80211_BAND_5GHZ={0x2c, 0x1, 0x0, 0x1, [@NL80211_TXRATE_GI={0x5, 0x4, 0x1}, @NL80211_TXRATE_LEGACY={0x1e, 0x1, [0x5, 0x36, 0x18, 0xb, 0x12, 0x1, 0x6c, 0x2, 0x6c, 0x30, 0x6, 0x36, 0x1, 0x44, 0x2, 0x5, 0x48, 0x60, 0xc, 0x2, 0x4d, 0x30, 0x1, 0x36, 0x60, 0x6c]}]}]}, @NL80211_TID_CONFIG_ATTR_OVERRIDE={0x4}, @NL80211_TID_CONFIG_ATTR_PEER_SUPP={0xc}, @NL80211_TID_CONFIG_ATTR_NOACK={0x5}, @NL80211_TID_CONFIG_ATTR_TX_RATE_TYPE={0x5, 0xc, 0x1}, @NL80211_TID_CONFIG_ATTR_AMSDU_CTRL={0x5, 0xb, 0x1}, @NL80211_TID_CONFIG_ATTR_AMPDU_CTRL={0x5}, @NL80211_TID_CONFIG_ATTR_TX_RATE_TYPE={0x5, 0xc, 0x2}, @NL80211_TID_CONFIG_ATTR_RETRY_LONG={0x5, 0x8, 0xf0}]}, {0x20, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_PEER_SUPP={0xc, 0x3, 0x9}, @NL80211_TID_CONFIG_ATTR_TIDS={0x6, 0x5, 0xfe}, @NL80211_TID_CONFIG_ATTR_TIDS={0x6, 0x5, 0x8a}]}, {0x28, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_TX_RATE_TYPE={0x5, 0xc, 0x2}, @NL80211_TID_CONFIG_ATTR_RETRY_LONG={0x5, 0x8, 0x22}, @NL80211_TID_CONFIG_ATTR_OVERRIDE={0x4}, @NL80211_TID_CONFIG_ATTR_RETRY_LONG={0x5, 0x8, 0xa3}, @NL80211_TID_CONFIG_ATTR_RTSCTS_CTRL={0x5}]}]}, @NL80211_ATTR_TID_CONFIG={0x334, 0x11d, 0x0, 0x1, [{0x34, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_RTSCTS_CTRL={0x5}, @NL80211_TID_CONFIG_ATTR_RETRY_SHORT={0x5, 0x7, 0xe9}, @NL80211_TID_CONFIG_ATTR_RTSCTS_CTRL={0x5}, @NL80211_TID_CONFIG_ATTR_RTSCTS_CTRL={0x5}, @NL80211_TID_CONFIG_ATTR_RETRY_SHORT={0x5, 0x7, 0xac}, @NL80211_TID_CONFIG_ATTR_RETRY_LONG={0x5, 0x8, 0x18}]}, {0x2fc, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_TX_RATE={0x2c4, 0xd, 0x0, 0x1, [@NL80211_BAND_5GHZ={0xd0, 0x1, 0x0, 0x1, [@NL80211_TXRATE_LEGACY={0xe, 0x1, [0x2, 0x4, 0x9, 0x30, 0x6, 0x30, 0x2, 0x2, 0x65, 0x12]}, @NL80211_TXRATE_LEGACY={0x15, 0x1, [0x6c, 0x9, 0x12, 0x60, 0x36, 0x24, 0x16, 0x60, 0x16, 0x16, 0x18, 0x48, 0x36, 0x6c, 0x2, 0x1, 0x43]}, @NL80211_TXRATE_GI={0x5, 0x4, 0x2}, @NL80211_TXRATE_HT={0x4b, 0x2, [{0x0, 0xa}, {0x7, 0x4}, {0x0, 0x6}, {}, {0x4, 0x9}, {0x2}, {0x1, 0x9}, {0x2, 0xa}, {0x2, 0xa}, {0x7, 0x4}, {0x2, 0x7}, {}, {0x4}, {0x3, 0x9}, {0x2, 0x8}, {0x3, 0x6}, {0x7, 0x6}, {0x6, 0x7}, {0x7, 0x3}, {0x2, 0x4}, {0x5, 0x9}, {0x5, 0x3}, {0x3, 0x1}, {0x4, 0x9}, {0x2, 0x3}, {0x0, 0x5}, {0x2, 0x5}, {0x6, 0x4}, {0x2, 0x8}, {0x5, 0xa}, {0x1, 0x8}, {0x2, 0x1}, {0x4, 0x5}, {0x1, 0x7}, {0x5, 0x8}, {0x0, 0x9}, {0x4}, {0x3, 0x2}, {0x4, 0x8}, {0x2, 0xa}, {0x3, 0x9}, {0x5, 0x5}, {0x5, 0x8}, {0x2, 0xa}, {0x1, 0x7}, {0x2, 0x1}, {0x1, 0x8}, {0x2, 0x7}, {0x4, 0x8}, {0x7, 0x1}, {0x7, 0x3}, {0x4}, {0x5, 0x4}, {0x3, 0x8}, {0x6, 0xa}, {0x7, 0x5}, {0x6, 0x5}, {0x3, 0x7}, {0x0, 0x1}, {0x7, 0x9}, {0x2, 0x1}, {0x1, 0x6}, {0x6}, {0x6, 0x6}, {0x7, 0xa}, {0x3, 0x2}, {0x0, 0xa}, {0x6}, {0x2, 0x4}, {0x1, 0x8}, {0x6, 0x3}]}, @NL80211_TXRATE_HT={0x4e, 0x2, [{0x4}, {0x0, 0x9}, {0x3, 0x3}, {0x0, 0x7}, {0x4, 0x1}, {0x4}, {0x0, 0x4}, {0x4, 0x3}, {0x5, 0x5}, {0x7}, {0x3, 0x5}, {0x3, 0x4}, {0x0, 0x7}, {0x5, 0x7}, {0x1, 0x3}, {0x2, 0x4}, {0x4}, {0x4, 0x3}, {0x6, 0xa}, {0x4, 0x1}, {0x0, 0x8}, {0x5, 0x7}, {0x6, 0x4}, {0x4, 0x4}, {0x3, 0x5}, {}, {0x2}, {0x4, 0x5}, {0x4}, {0x4, 0xa}, {0x4, 0x5}, {0x6, 0x3}, {0x3, 0x3}, {0x5, 0x6}, {0x1, 0x5}, {0x0, 0x7}, {0x1, 0x2}, {0x4, 0x8}, {0x2, 0x3}, {0x7, 0x7}, {}, {0x7, 0x2}, {0x0, 0x3}, {0x0, 0x3}, {0x2, 0x1}, {0x2, 0x9}, {0x7, 0x7}, {0x0, 0x1}, {0x5, 0x7}, {0x3, 0x8}, {0x1, 0x2}, {0x3, 0x2}, {0x0, 0x9}, {0x7, 0x4}, {}, {0x2, 0x8}, {0x3, 0x7}, {0x2, 0x4}, {0x3, 0x5}, {0x2, 0xa}, {0x2, 0x8}, {0x3, 0x7}, {0x7, 0x5}, {0x6, 0x6}, {0x7, 0x3}, {0x1, 0x2}, {0x0, 0x9}, {0x0, 0x8}, {0x2, 0x5}, {0x1, 0x4}, {0x0, 0x3}, {0x2, 0xa}, {0x6, 0x4}, {0x1, 0x7}]}]}, @NL80211_BAND_2GHZ={0x70, 0x0, 0x0, 0x1, [@NL80211_TXRATE_LEGACY={0x1d, 0x1, [0x60, 0x4, 0xc, 0x30, 0xc, 0x2, 0x12, 0x36, 0x12, 0x30, 0xb, 0x2, 0x15, 0x60, 0x4, 0x12, 0x48, 0x24, 0x9, 0xba, 0x48, 0x6, 0x5, 0x1a, 0x48]}, @NL80211_TXRATE_GI={0x5, 0x4, 0x2}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x1d90, 0x220, 0x1000, 0x2000, 0x77a, 0x4, 0x3, 0xffe0]}}, @NL80211_TXRATE_LEGACY={0x9, 0x1, [0xc, 0xc, 0x18, 0x4, 0x4]}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x4, 0x2ccb, 0xffff, 0x8, 0xe07, 0x4, 0x4d9, 0x6]}}, @NL80211_TXRATE_LEGACY={0xd, 0x1, [0x60, 0x18, 0x1, 0x18, 0x3, 0x3, 0x2, 0x6c, 0x48]}]}, @NL80211_BAND_5GHZ={0x8c, 0x1, 0x0, 0x1, [@NL80211_TXRATE_VHT={0x14, 0x3, {[0x4, 0x1, 0x3ff, 0x7, 0xffff, 0x100, 0x8001, 0x6]}}, @NL80211_TXRATE_HT={0x16, 0x2, [{0x1, 0x7}, {0x4, 0x8}, {0x0, 0x6}, {0x4, 0x1}, {0x4}, {0x0, 0x7}, {}, {0x0, 0x1}, {0x0, 0x6}, {0x0, 0x9}, {0x4, 0x7}, {0x1, 0x6}, {0x5, 0x2}, {0x2, 0x6}, {0x5, 0x3}, {0x4, 0x4}, {0x4, 0x9}, {0x1, 0x3}]}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x5, 0x80, 0x8, 0x2, 0x9, 0x8d, 0x5, 0x1000]}}, @NL80211_TXRATE_HT={0x4}, @NL80211_TXRATE_GI={0x5, 0x4, 0x2}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x101, 0x401, 0x7, 0xfa1f, 0x3, 0x3, 0x40, 0x2]}}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x4, 0x3, 0x9, 0xff, 0x7, 0xc781, 0x6, 0x3]}}, @NL80211_TXRATE_LEGACY={0x14, 0x1, [0x60, 0xc, 0x30, 0x6, 0x1b, 0xc, 0x6, 0x48, 0xa, 0x60, 0x4, 0x18, 0x48, 0x0, 0x8e706004362cf545, 0xc]}]}, @NL80211_BAND_60GHZ={0x60, 0x2, 0x0, 0x1, [@NL80211_TXRATE_GI={0x5, 0x4, 0x1}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x636, 0x80, 0x1, 0xef, 0x5b, 0x0, 0xfffb, 0xff]}}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x4157, 0x3, 0x5, 0x80, 0x9, 0x0, 0xff, 0x1]}}, @NL80211_TXRATE_HT={0x29, 0x2, [{0x3, 0x1}, {0x6, 0xa}, {0x3, 0x3}, {0x1, 0x1}, {0x7, 0x3}, {0x3, 0x15}, {0x2}, {0x0, 0x8}, {0x5, 0x4}, {0x3, 0x4}, {0x3, 0x9}, {0x7, 0x9}, {0x4}, {0x3, 0x1}, {0x5, 0x3}, {0x3, 0xa}, {0x2, 0x2}, {0x7, 0x4}, {0x3, 0xa}, {0x1, 0x1}, {0x2, 0x4}, {0x4}, {0x1, 0x6}, {0x1, 0x4}, {0x0, 0x6}, {0x1, 0x6}, {0x3, 0x9}, {0x5, 0x1}, {0x5, 0x9}, {0x5, 0x9}, {0x1, 0x8}, {0x1}, {0x3, 0x2}, {0x5, 0x6}, {0x7, 0x5}, {0x5, 0x9}, {0x5, 0x8}]}]}, @NL80211_BAND_6GHZ={0x94, 0x3, 0x0, 0x1, [@NL80211_TXRATE_LEGACY={0x1f, 0x1, [0x1, 0x2, 0x4, 0xe, 0x3, 0x60, 0x36, 0x4, 0x6c, 0x16, 0x16, 0x9, 0x9, 0x48, 0x0, 0x1, 0x0, 0x6c, 0x12, 0x6, 0x30, 0x1b, 0x9, 0x12, 0x1, 0x4, 0x48]}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0xf001, 0x6, 0x3, 0x9, 0x6, 0x5, 0x4, 0x5]}}, @NL80211_TXRATE_LEGACY={0x11, 0x1, [0x1, 0x36, 0x3, 0x1b, 0x1b, 0xc, 0x6, 0xc, 0x1, 0x11, 0x12, 0xb, 0x30]}, @NL80211_TXRATE_GI={0x5, 0x4, 0x1}, @NL80211_TXRATE_GI={0x5, 0x4, 0x1}, @NL80211_TXRATE_HT={0x37, 0x2, [{0x5, 0x5}, {0x5, 0x3}, {0x5, 0xa}, {0x5, 0x5}, {0x4}, {0x5, 0x1}, {0x6, 0x6}, {0x6, 0x3}, {0x0, 0xa}, {0x7, 0x4}, {0x0, 0x3}, {0x2, 0x4}, {0x4, 0xa}, {0x5, 0x9}, {0x3}, {0x1, 0x5}, {0x0, 0x5}, {0x2, 0x1}, {0x2, 0xa}, {0x4, 0x5}, {0x4, 0x8}, {0x7, 0x6}, {0x2}, {0x3, 0x3}, {0x7, 0x5}, {0x5}, {0x0, 0xa}, {0x6, 0x4}, {0x7, 0x5}, {0x0, 0x3}, {0x5, 0xa}, {0x6}, {0x4, 0x5}, {0x7, 0xa}, {0x2, 0x3}, {0x0, 0x5}, {0x6, 0x8}, {0x2, 0x8}, {0x3, 0xa}, {0x1}, {0x3, 0x5}, {0x7, 0x2}, {0x4, 0x8}, {0x7, 0xa}, {0x6, 0x7}, {0x4, 0x1}, {0x5}, {0x6, 0x9}, {0x1, 0x8}, {0x5, 0xa}, {0x0, 0x8}]}]}]}, @NL80211_TID_CONFIG_ATTR_RETRY_SHORT={0x5, 0x7, 0x3b}, @NL80211_TID_CONFIG_ATTR_VIF_SUPP={0xc, 0x2, 0x3}, @NL80211_TID_CONFIG_ATTR_TIDS={0x6, 0x5, 0xca}, @NL80211_TID_CONFIG_ATTR_TX_RATE_TYPE={0x5, 0xc, 0x2}, @NL80211_TID_CONFIG_ATTR_TX_RATE_TYPE={0x5, 0xc, 0x1}, @NL80211_TID_CONFIG_ATTR_RETRY_LONG={0x5, 0x8, 0x30}]}]}]}, 0x9ac}, 0x1, 0x0, 0x0, 0x41}, 0x8004)
socket$nl_generic(0x10, 0x3, 0x10)

[ 2996.355772] Call Trace:
[ 2996.356203]  <TASK>
[ 2996.356540]  ? x86_pmu_start+0x1c0/0x240
[ 2996.357109]  x86_pmu_enable+0x580/0xd90
[ 2996.357652]  ? amd_pmu_disable_virt+0xa0/0xa0
[ 2996.358296]  ctx_resched+0x2b9/0x3a0
[ 2996.358810]  __perf_install_in_context+0x285/0xa40
[ 2996.359493]  ? ctx_resched+0x3a0/0x3a0
[ 2996.360039]  remote_function+0x125/0x1b0
[ 2996.360697]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 2996.361455]  ? perf_duration_warn+0x40/0x40
[ 2996.362067]  generic_exec_single+0x203/0x300
[ 2996.362726]  smp_call_function_single+0x189/0x460
[ 2996.363388]  ? perf_duration_warn+0x40/0x40
[ 2996.363981]  ? generic_exec_single+0x300/0x300
[ 2996.364640]  ? perf_duration_warn+0x40/0x40
[ 2996.365237]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 2996.366021]  ? lock_is_held_type+0xd7/0x130
[ 2996.366632]  perf_install_in_context+0x4da/0x590
[ 2996.367292]  ? list_add_event+0xeb0/0xeb0
[ 2996.367858]  ? ctx_resched+0x3a0/0x3a0
[ 2996.368390]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 2996.369155]  ? exclusive_event_installable+0x254/0x320
[ 2996.369858]  __do_sys_perf_event_open+0x1bf0/0x3040
[ 2996.370551]  ? __up_read+0x192/0x710
[ 2996.371042]  ? perf_remove_from_context+0x260/0x260
[ 2996.371693]  ? up_write+0x460/0x460
[ 2996.372179]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2996.372899]  do_syscall_64+0x3b/0x90
[ 2996.373597]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2996.374476] RIP: 0033:0x7f750a357b19
[ 2996.374993] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2996.377600] RSP: 002b:00007f75078cd188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a
[ 2996.378622] RAX: ffffffffffffffda RBX: 00007f750a46af60 RCX: 00007f750a357b19
[ 2996.379573] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000c00
[ 2996.380602] RBP: 00007f750a3b1f6d R08: 0000000000000000 R09: 0000000000000000
[ 2996.381388] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000000
[ 2996.382155] R13: 00007ffc8fa2e86f R14: 00007f75078cd300 R15: 0000000000022000
[ 2996.382935]  </TASK>
09:06:44 executing program 2:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000080), r0)
sendmsg$NLBL_MGMT_C_ADD(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)={0x38, r1, 0x1, 0x0, 0x0, {}, [@NLBL_MGMT_A_DOMAIN={0x6, 0x1, '%\x00'}, @NLBL_MGMT_A_IPV6MASK={0x14, 0x6, @mcast1}, @NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x5}]}, 0x38}, 0x1, 0x700000000000000}, 0x0)

09:06:44 executing program 1:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{&(0x7f0000000040)=""/35, 0x23}, {0x0, 0x2}, {&(0x7f0000000300)=""/165, 0xa5}], 0x3, 0x0, 0x7400)

09:06:44 executing program 7:
openat$sndseq(0xffffffffffffff9c, 0x0, 0x0)
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{0x0}, {&(0x7f0000000300)=""/165, 0xa5}], 0x2, 0x0, 0xbf00)

09:06:44 executing program 6:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{&(0x7f0000000040)=""/35, 0x23}, {0x0}, {&(0x7f0000000300)=""/165, 0xa5}], 0x3, 0x0, 0xa00)

09:06:44 executing program 3:
openat$sndseq(0xffffffffffffff9c, 0x0, 0x0)
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{0x0}, {&(0x7f0000000300)=""/165, 0xa5}], 0x2, 0x0, 0xa500)

[ 2996.520783] Call Trace:
[ 2996.521240]  <TASK>
[ 2996.521546]  x86_pmu_stop+0x149/0x330
[ 2996.522074]  x86_pmu_del+0x1be/0x610
[ 2996.522671]  event_sched_out+0x2ed/0xe80
[ 2996.523240]  __perf_remove_from_context+0x87/0xbe0
[ 2996.523867]  event_function+0x297/0x3d0
[ 2996.524425]  ? perf_uprobe_event_init+0x1c0/0x1c0
[ 2996.525180]  remote_function+0x125/0x1b0
[ 2996.525757]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 2996.526554]  ? perf_duration_warn+0x40/0x40
[ 2996.527232]  generic_exec_single+0x203/0x300
[ 2996.527864]  smp_call_function_single+0x189/0x460
[ 2996.528620]  ? perf_duration_warn+0x40/0x40
[ 2996.529222]  ? generic_exec_single+0x300/0x300
[ 2996.529817]  ? perf_duration_warn+0x40/0x40
[ 2996.530397]  ? lock_is_held_type+0xd7/0x130
[ 2996.530989]  event_function_call+0x3d0/0x430
[ 2996.531602]  ? perf_group_detach+0x11b0/0x11b0
[ 2996.532233]  ? perf_copy_attr+0x9c0/0x9c0
[ 2996.532817]  ? lock_release+0x3b2/0x6f0
[ 2996.533343]  ? perf_group_detach+0x11b0/0x11b0
[ 2996.533953]  ? perf_uprobe_event_init+0x1c0/0x1c0
[ 2996.534601]  ? _raw_spin_unlock_irq+0x1f/0x40
[ 2996.535235]  perf_remove_from_context+0x12e/0x260
[ 2996.535902]  perf_event_release_kernel+0x153/0x7f0
[ 2996.536607]  ? lock_is_held_type+0xd7/0x130
[ 2996.537177]  ? perf_pmu_migrate_context+0xae0/0xae0
[ 2996.537845]  ? lock_is_held_type+0xd7/0x130
[ 2996.538426]  perf_release+0x33/0x40
[ 2996.538917]  __fput+0x272/0x9d0
[ 2996.539351]  ? perf_event_release_kernel+0x7f0/0x7f0
[ 2996.540039]  task_work_run+0xe2/0x1a0
[ 2996.540595]  exit_to_user_mode_prepare+0x199/0x1a0
[ 2996.541255]  syscall_exit_to_user_mode+0x19/0x50
[ 2996.541909]  do_syscall_64+0x48/0x90
[ 2996.542420]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2996.543160] RIP: 0033:0x7f750a30a72b
[ 2996.543649] Code: 0f 05 48 3d 00 f0 ff ff 77 45 c3 0f 1f 40 00 48 83 ec 18 89 7c 24 0c e8 63 fc ff ff 8b 7c 24 0c 41 89 c0 b8 03 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 35 44 89 c7 89 44 24 0c e8 a1 fc ff ff 8b 44
[ 2996.546166] RSP: 002b:00007ffc8fa2e8d0 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[ 2996.547218] RAX: 0000000000000000 RBX: 0000000000000004 RCX: 00007f750a30a72b
[ 2996.548147] RDX: 00007f750a46fa68 RSI: ffffffff8411f74e RDI: 0000000000000003
[ 2996.549144] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000001b30c2001c
[ 2996.550088] R10: 0000000000000f41 R11: 0000000000000293 R12: 00000000002db811
[ 2996.551080] R13: 00000000000003e8 R14: 00007f750a46af60 R15: 00000000002db810
[ 2996.552054]  ? syscall_exit_to_user_mode+0x1e/0x50
[ 2996.552765]  </TASK>
09:06:44 executing program 4:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x20000, 0xb, &(0x7f0000000300)=[{&(0x7f0000010000)="601c6d6b646f736606ecb500080801000440004000f801002000400003000000000000008000"/64, 0x40}, {&(0x7f0000010100)="f8ffff00f0ffffffffffffff00"/32, 0x20, 0x800}, {&(0x7f0000010200)="f8ffff00f0ffffffffffffff00"/32, 0x20, 0x1000}, {&(0x7f0000010300)="f8ffff00f0ffffffffffffff00"/32, 0x20, 0x17fe}, {&(0x7f0000010400)="f8ffff00f0ffffffffffffff00"/32, 0x20, 0x2000}, {&(0x7f0000010500)="53595a4b414c4c45522020080000eb80325132510000eb80325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c45302020202020201000abeb70325132510000eb70325103000000000041660069006c00650031000f00100000ffffffffffffffffffff0000ffffffff46494c45312020202020202000abeb70325132510000eb70325105000a00000041660069006c00650032000f00140000ffffffffffffffffffff0000ffffffff46494c45322020202020202000abeb70325132510000eb70325106002823000041660069006c0065002e000f00d263006f006c0064000000ffff0000ffffffff46494c457e312020434f4c2000abeb70325132510000eb703251070064000000", 0x120, 0x2800}, {&(0x7f0000010700)="2e202020202020202020201000abeb70325132510000eb7032510300000000002e2e2020202020202020201000abeb70325132510000eb70325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c45302020202020202000abeb70325132510000eb70325104001a040000", 0x80, 0x7000}, {&(0x7f0000010800)='syzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkal\x00\x00\x00\x00\x00\x00', 0x420, 0xb000}, {&(0x7f0000010d00)='syzkallers\x00'/32, 0x20, 0xf000}, {&(0x7f0000010e00)='syzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallers\x00'/128, 0x80, 0x17000}, {&(0x7f0000000040)="b9d0010e1b219f677e0e16a0fc9f8eba75410ebf6fcc78f7de8b53da0585225cd9f858dc24f444c263b59a39cadaf2285e38672c0ad8a876ed5dda5ce0ac88b5ac9061", 0x43, 0x3b3f800}], 0x0, &(0x7f00000000c0)={[{@uni_xlate}]})
pivot_root(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='./file0\x00')
r0 = fsmount(0xffffffffffffffff, 0x1, 0x0)
openat(r0, &(0x7f0000000140)='./file0\x00', 0x121000, 0x40)

09:06:44 executing program 5:
socketpair$unix(0x1, 0x5, 0x0, 0x0)
sendmsg$unix(0xffffffffffffffff, 0x0, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
pwritev(r0, &(0x7f0000000640)=[{&(0x7f00000002c0)="19", 0x1}], 0x1, 0x8000000, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0)
r2 = socket$inet6(0xa, 0x1, 0x0)
bind$inet6(r2, &(0x7f00000002c0)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c)
recvfrom(r2, &(0x7f00000003c0)=""/87, 0x20010397, 0x300, 0x0, 0x0)
sendfile(r2, r1, 0x0, 0xfffffdef)
readv(0xffffffffffffffff, &(0x7f0000000040), 0x0)
openat$cgroup_freezer_state(0xffffffffffffffff, 0x0, 0x2, 0x0)
r3 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/module/yenta_socket', 0x1, 0x1a0)
fsconfig$FSCONFIG_SET_PATH(0xffffffffffffffff, 0x3, &(0x7f0000000140)='/dev/sg#\x00', &(0x7f0000000180)='./file1\x00', r3)
close(0xffffffffffffffff)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000001540), 0xffffffffffffffff)
sendmsg$NL80211_CMD_STOP_AP(r4, &(0x7f0000001600)={0x0, 0x0, &(0x7f00000015c0)={&(0x7f0000001580)={0x1c, 0x0, 0x1, 0x0, 0x0, {{}, {@val={0x8}, @void}}}, 0x1c}}, 0x0)
getsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f0000000040), &(0x7f0000000080)=0xc)
syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x2200)

09:06:44 executing program 1:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{&(0x7f0000000040)=""/35, 0x23}, {0x0, 0x2}, {&(0x7f0000000300)=""/165, 0xa5}], 0x3, 0x0, 0x7a00)

09:06:44 executing program 3:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), 0xffffffffffffffff)
r2 = socket$netlink(0x10, 0x3, 0xe)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan0\x00', <r3=>0x0})
sendmsg$NL80211_CMD_FRAME(r2, &(0x7f0000000580)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000540)={&(0x7f00000001c0)={0x35c, 0x0, 0x20, 0x70bd2c, 0x25dfdbfd, {{}, {@val={0x8, 0x3, r3}, @val={0xc, 0x99, {0x1f, 0x1d}}}}, [@NL80211_ATTR_DURATION={0x8, 0x57, 0x77a}, @NL80211_ATTR_DURATION={0x8, 0x57, 0x1074}, @NL80211_ATTR_DURATION={0x8, 0x57, 0xf23}, @NL80211_ATTR_FRAME={0x2d4, 0x33, @probe_response={@wo_ht={{0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x1, 0x1}, {0x40}, @broadcast, @broadcast, @random="3b5564a6362b", {0x5, 0x3f}}, 0xfffffffffffffff7, @random=0x7, 0x5110, @val={0x0, 0x6, @default_ap_ssid}, @val={0x1, 0x6, [{0x1b, 0x1}, {0x3f, 0x1}, {0x2, 0x1}, {0x16, 0x1}, {0x6}, {0x18}]}, @val={0x3, 0x1, 0xb1}, @void, @val={0x6, 0x2, 0x9}, @val={0x2d, 0x1a, {0x1, 0x0, 0x4, 0x0, {0x8, 0x3, 0x0, 0x4, 0x0, 0x1, 0x1, 0x1, 0x1}, 0xb09, 0x7}}, @void, @val={0x71, 0x7, {0xffffffffffffffff, 0x1, 0xffffffffffffffff, 0x1, 0xffffffffffffffff, 0x1f, 0x8}}, [{0xdd, 0x7e, "1713afc8a6d7989267a08d7b1de4da138d11263312092dad25d88c440300e5580df90ec924e83865e8f6b5a889348d90c822a77d129fef43f444d0b8bebb33e0e2f187b0dcb273fa178b60b60ffbef0c9b6ec0458df180ee0e43453915fc95dfc0beca4311c3e66c2d2ac4d26430497b4e7235ee5bbfdfd6d05f2a1fa7f5"}, {0xdd, 0x1c, "5c350322a1f827f4108c6132b232e4d23dc10fe09683ef98ea167ec5"}, {0xdd, 0x66, "b1a4f0887144158f166cf320b26fdea508b791274c054b7b999e1e0b85b6844bd019f63d233249fd6b8a57514cbf3fdc780eb8a64b1d98c2d4b252859f8aa677f97d6fb405e5ab6560b291222d03ef2eda39b35563b8eabb4e1645a2e1be734205b2889b2813"}, {0xdd, 0x7, "bf1d964737060c"}, {0xdd, 0xe8, "ff07869dc8ce43d642f46986037ffbd53f5f8f6a24180d92b19b0c58d042831cb5726e1bf967416282f4ed9b558d02aa518bc6c9497f49a876eee913aa447b04f90ffa00f089b74e39593a8d3e076cd20d798b98ac0a030fdd11681b59210ed0b6562111840faa70dbf13055e1bae1eeaab6dbb41fdb68cf4044ddd9cd52761a6d8d7d6c4e1987118683dd8b0dd6e28eedae4a8fe01d80f136a82a9c4b39945d514b6992d29f484ed1c55e74cb879f4e5d75a5f680de1881f54ee88f7380b127c3ee8fa69a2fa0c6612261f42cf3be8e31f690eda2ba9a5859cefed8e4614b4ef4efdf16df3163f0"}, {0xdd, 0x30, "a6ea41827ba10c3625df9e3cf63af921e0fbf53d02595c910cdd7a9224ee2c4124a6fe5cfb372f497f8142711818545c"}, {0xdd, 0x33, "4dab66ab7e10f3456e3552ba27c139955d89073fb5c18a1991119e3177efd28dba3f6e5aca8456705141957efcb12bbdf344aa"}, {0xdd, 0xe, "679017336b1e344e1a502d9fe516"}]}}, @NL80211_ATTR_DURATION={0x8, 0x57, 0x10e2}, @chandef_params=[@NL80211_ATTR_WIPHY_CHANNEL_TYPE={0x8}, @NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0x40}, @NL80211_ATTR_WIPHY_FREQ={0x8, 0x26, @random=0x98a}, @NL80211_ATTR_WIPHY_FREQ={0x8, 0x26, @random=0x980}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x1c}, @NL80211_ATTR_WIPHY_CHANNEL_TYPE={0x8, 0x27, 0x1}, @NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x100}, @NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x5}]]}, 0x35c}, 0x1, 0x0, 0x0, 0x10}, 0x4000001)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', <r4=>0x0})
sendmsg$NL80211_CMD_SET_TX_BITRATE_MASK(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=ANY=[@ANYBLOB='O\x00\x00\t', @ANYRES16=r1, @ANYBLOB="050d00000000000000003900000008000300", @ANYRES32=r4, @ANYBLOB="10005a800c0003800500040000000000"], 0x2c}}, 0x0)

09:06:44 executing program 4:
r0 = syz_io_uring_setup(0xeb3, &(0x7f0000000000), &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000000440)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r4 = syz_open_procfs(0x0, &(0x7f0000000f00)='mountinfo\x00')
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000100), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r3}, 0x2c, {[{@cache_none}, {@cache_fscache}], [{@fowner_lt={'fowner<', 0xee00}}, {@smackfstransmute}, {@smackfsroot={'smackfsroot', 0x3d, '\'}['}}, {@fscontext={'fscontext', 0x3d, 'root'}}]}})
signalfd4(0xffffffffffffffff, &(0x7f0000000340), 0x8, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000180)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x6, 0x0, 0x0}, 0x0)
io_uring_enter(r0, 0x100001, 0x0, 0x0, 0x0, 0x0)
syz_memcpy_off$IO_URING_METADATA_FLAGS(0x0, 0x0, 0x0, 0x0, 0x4)

[ 2996.650386] Call Trace:
[ 2996.650853]  <IRQ>
[ 2996.651134]  ? x86_pmu_start+0x1c0/0x240
[ 2996.651668]  x86_pmu_enable+0x580/0xd90
[ 2996.652211]  ? amd_pmu_disable_virt+0xa0/0xa0
[ 2996.652862]  ctx_resched+0x2b9/0x3a0
[ 2996.653364]  __perf_install_in_context+0x285/0xa40
[ 2996.653998]  ? ctx_resched+0x3a0/0x3a0
[ 2996.654494]  remote_function+0x125/0x1b0
[ 2996.655030]  flush_smp_call_function_queue+0x1df/0x610
[ 2996.655690]  ? perf_duration_warn+0x40/0x40
[ 2996.656253]  __sysvec_call_function_single+0x92/0x3a0
[ 2996.656930]  sysvec_call_function_single+0x89/0xc0
[ 2996.657558]  </IRQ>
[ 2996.657833]  <TASK>
[ 2996.658139]  asm_sysvec_call_function_single+0x12/0x20
[ 2996.658840] RIP: 0010:_raw_spin_unlock_irqrestore+0x2e/0x50
[ 2996.659549] Code: 48 83 c7 18 53 48 89 f3 48 8b 74 24 10 e8 7a 02 15 fd 48 89 ef e8 72 7f 15 fd 80 e7 02 74 06 e8 38 ae 36 fd fb bf 01 00 00 00 <e8> 6d 8b 0b fd 65 8b 05 e6 92 ee 7b 85 c0 74 03 5b 5d c3 0f 1f 44
[ 2996.662131] RSP: 0018:ffff88800fb5fa28 EFLAGS: 00000202
[ 2996.662969] RAX: 00000000001131df RBX: 0000000000000246 RCX: ffffffff81283e5f
[ 2996.663911] RDX: 0000000000000000 RSI: 0000000000000002 RDI: 0000000000000001
[ 2996.664872] RBP: ffffffff852c2200 R08: 0000000000000001 R09: ffffffff86a3e807
[ 2996.665863] R10: fffffbfff0d47d00 R11: 0000000000000001 R12: ffff888008de6bd0
[ 2996.666820] R13: ffff88800db01b48 R14: ffffffff81c1f825 R15: 0000000000000001
[ 2996.667797]  ? jbd2_journal_put_journal_head+0x3a5/0x5f0
[ 2996.668559]  ? mark_lock.part.0+0xef/0x2f60
[ 2996.669113]  ? _raw_spin_unlock_irqrestore+0x28/0x50
[ 2996.669810]  find_and_remove_object+0xe4/0x120
[ 2996.670445]  kmemleak_free+0x1f/0x30
[ 2996.670956]  kmem_cache_free+0x28a/0x420
[ 2996.671497]  jbd2_journal_put_journal_head+0x3a5/0x5f0
[ 2996.672211]  jbd2_journal_commit_transaction+0x510e/0x69c0
[ 2996.673041]  ? jbd2_journal_finish_inode_data_buffers+0xc0/0xc0
[ 2996.673860]  ? find_held_lock+0x2c/0x110
[ 2996.674413]  ? lock_release+0x3b2/0x6f0
[ 2996.674959]  ? lock_downgrade+0x6d0/0x6d0
[ 2996.675557]  ? _raw_spin_unlock_irqrestore+0x28/0x50
[ 2996.676266]  ? add_timer+0x80/0x80
[ 2996.676772]  ? do_raw_read_unlock+0x70/0x70
[ 2996.677347]  kjournald2+0x1d1/0x930
[ 2996.677823]  ? jbd2_journal_release_jbd_inode+0x2e0/0x2e0
[ 2996.678517]  ? destroy_sched_domains_rcu+0x50/0x50
[ 2996.679139]  ? __sanitizer_cov_trace_const_cmp1+0x22/0x80
[ 2996.679885]  ? __kthread_parkme+0x15a/0x220
[ 2996.680475]  ? jbd2_journal_release_jbd_inode+0x2e0/0x2e0
[ 2996.681244]  kthread+0x2f2/0x3b0
[ 2996.681714]  ? kthread_complete_and_exit+0x40/0x40
[ 2996.682399]  ret_from_fork+0x22/0x30
[ 2996.682922]  </TASK>
[ 2996.805648] Call Trace:
[ 2996.806076]  <IRQ>
[ 2996.806358]  x86_pmu_stop+0x149/0x330
[ 2996.806856]  x86_pmu_del+0x1be/0x610
[ 2996.807353]  event_sched_out+0x2ed/0xe80
[ 2996.807913]  __perf_remove_from_context+0x87/0xbe0
[ 2996.808688]  event_function+0x297/0x3d0
[ 2996.809224]  ? perf_uprobe_event_init+0x1c0/0x1c0
[ 2996.809868]  remote_function+0x125/0x1b0
[ 2996.810424]  flush_smp_call_function_queue+0x1df/0x610
[ 2996.811132]  ? perf_duration_warn+0x40/0x40
[ 2996.811748]  __sysvec_call_function_single+0x92/0x3a0
[ 2996.812469]  sysvec_call_function_single+0x89/0xc0
[ 2996.813185]  </IRQ>
[ 2996.813495]  <TASK>
[ 2996.813793]  asm_sysvec_call_function_single+0x12/0x20
[ 2996.814517] RIP: 0010:_raw_spin_unlock_irqrestore+0x2e/0x50
[ 2996.815293] Code: 48 83 c7 18 53 48 89 f3 48 8b 74 24 10 e8 7a 02 15 fd 48 89 ef e8 72 7f 15 fd 80 e7 02 74 06 e8 38 ae 36 fd fb bf 01 00 00 00 <e8> 6d 8b 0b fd 65 8b 05 e6 92 ee 7b 85 c0 74 03 5b 5d c3 0f 1f 44
[ 2996.817850] RSP: 0018:ffff888015d8fcf0 EFLAGS: 00000202
[ 2996.818578] RAX: 00000000014e5283 RBX: 0000000000000246 RCX: 1ffffffff0b1b2a1
[ 2996.819533] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000001
[ 2996.820519] RBP: ffffffff852c2200 R08: 0000000000000001 R09: 0000000000000001
[ 2996.821482] R10: ffffffff814a8a78 R11: 0000000000000001 R12: 0000000000000cc0
[ 2996.822410] R13: 0000000000000000 R14: 0000000000000cc0 R15: 0000000000000cc0
[ 2996.823378]  ? trace_hardirqs_on+0x38/0x190
[ 2996.823986]  kmem_cache_alloc+0x239/0x480
[ 2996.824595]  getname_flags.part.0+0x50/0x4f0
[ 2996.825205]  getname+0x8e/0xd0
[ 2996.825640]  do_sys_openat2+0xf5/0x4c0
[ 2996.826172]  ? build_open_flags+0x6f0/0x6f0
[ 2996.826783]  ? seccomp_notify_ioctl+0xdc0/0xdc0
[ 2996.827423]  __x64_sys_openat+0x13f/0x1f0
[ 2996.827998]  ? __x64_sys_open+0x1c0/0x1c0
[ 2996.828600]  ? __secure_computing+0x195/0x2f0
[ 2996.829214]  do_syscall_64+0x3b/0x90
[ 2996.829725]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2996.830430] RIP: 0033:0x7fe025b89d62
[ 2996.830933] Code: c0 f6 c2 40 75 52 89 d0 45 31 d2 25 00 00 41 00 3d 00 00 41 00 74 41 64 8b 04 25 18 00 00 00 85 c0 75 65 b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 0f 87 a2 00 00 00 48 8b 4c 24 38 64 48 2b 0c 25
[ 2996.833431] RSP: 002b:00007fff3f1ca5b0 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 2996.834467] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 00007fe025b89d62
[ 2996.835431] RDX: 00000000002a0000 RSI: 000055a0d7863271 RDI: 0000000000000010
[ 2996.836393] RBP: 000055a0d7863270 R08: 000055a0d62e98f0 R09: 006c617574726976
[ 2996.837401] R10: 0000000000000000 R11: 0000000000000246 R12: 000055a0d78632ac
[ 2996.838371] R13: 0000000000000010 R14: 0000000000000006 R15: 000055a0d7863271
[ 2996.839346]  </TASK>
[ 3011.189721] Call Trace:
[ 3011.190065]  <IRQ>
[ 3011.190298]  ? x86_pmu_start+0x1c0/0x240
[ 3011.190738]  x86_pmu_enable+0x580/0xd90
[ 3011.191168]  ? amd_pmu_disable_virt+0xa0/0xa0
[ 3011.191671]  ctx_resched+0x2b9/0x3a0
[ 3011.192078]  __perf_install_in_context+0x285/0xa40
[ 3011.192607]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 3011.193206]  ? ctx_resched+0x3a0/0x3a0
[ 3011.193628]  remote_function+0x125/0x1b0
[ 3011.194069]  flush_smp_call_function_queue+0x1df/0x610
[ 3011.194625]  ? perf_duration_warn+0x40/0x40
[ 3011.195087]  __sysvec_call_function_single+0x92/0x3a0
[ 3011.195651]  sysvec_call_function_single+0x89/0xc0
[ 3011.196193]  </IRQ>
[ 3011.196439]  <TASK>
[ 3011.196676]  asm_sysvec_call_function_single+0x12/0x20
[ 3011.197235] RIP: 0010:try_charge_memcg+0x321/0x1360
[ 3011.197772] Code: 0e 00 00 49 c7 40 28 00 00 00 00 48 c7 c6 0a bb 78 81 4c 89 c7 e8 4f 23 b0 ff 48 83 3c 24 00 74 06 e8 13 cf d1 ff fb 45 84 ff <0f> 85 de 02 00 00 0f 1f 44 00 00 45 89 f5 4c 8d 7c 24 70 49 8d 9c
[ 3011.199739] RSP: 0018:ffff88801ef07490 EFLAGS: 00000202
[ 3011.200325] RAX: 0000000000271b0b RBX: ffff88806ce34d08 RCX: ffffffff81283e5f
[ 3011.201115] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 3011.201900] RBP: 0000000000000001 R08: 0000000000000001 R09: ffffffff86a3e797
[ 3011.202635] R10: fffffbfff0d47cf2 R11: 0000000000000001 R12: ffff888041938000
[ 3011.203421] R13: ffffffff86dcb780 R14: 0000000000000020 R15: 0000000000000001
[ 3011.204208]  ? mark_lock.part.0+0xef/0x2f60
[ 3011.204727]  ? mem_cgroup_handle_over_high+0x480/0x480
[ 3011.205326]  ? lock_release+0x3b2/0x6f0
[ 3011.205762]  ? __memcg_kmem_charge_page+0x446/0x7e0
[ 3011.206319]  ? lock_downgrade+0x6d0/0x6d0
[ 3011.206763]  __memcg_kmem_charge_page+0x46c/0x7e0
[ 3011.207308]  __alloc_pages+0x1de/0x4e0
[ 3011.207721]  ? __alloc_pages_slowpath.constprop.0+0x1f10/0x1f10
[ 3011.208394]  ? lockdep_hardirqs_on_prepare+0x400/0x400
[ 3011.208946]  ? lock_chain_count+0x20/0x20
[ 3011.209419]  ? lock_is_held_type+0xd7/0x130
[ 3011.209879]  alloc_pages+0x1a0/0x2f0
[ 3011.210306]  pte_alloc_one+0x16/0x1f0
[ 3011.210713]  __pte_alloc+0x69/0x200
[ 3011.211120]  ? pmd_install+0x250/0x250
[ 3011.211541]  copy_page_range+0x1b8b/0x3ed0
[ 3011.212043]  ? vm_iomap_memory+0x190/0x190
[ 3011.212494]  ? down_write+0xde/0x150
[ 3011.212931]  ? __sanitizer_cov_trace_cmp8+0x1d/0x70
[ 3011.213478]  ? __vma_link_rb+0x540/0x700
[ 3011.213932]  dup_mm+0x961/0x1250
[ 3011.214320]  ? replace_mm_exe_file+0x490/0x490
[ 3011.214823]  ? __raw_spin_lock_init+0x36/0x110
[ 3011.215333]  copy_process+0x6946/0x6d60
[ 3011.215782]  ? lock_is_held_type+0xd7/0x130
[ 3011.216273]  ? __cleanup_sighand+0xb0/0xb0
[ 3011.216760]  ? do_raw_spin_unlock+0x4f/0x210
[ 3011.217248]  ? _raw_spin_unlock+0x24/0x40
[ 3011.217706]  ? do_wp_page+0x28d/0x24d0
[ 3011.218138]  ? kernel_clone+0x2f8/0xa60
[ 3011.218581]  kernel_clone+0xe7/0xa60
[ 3011.219000]  ? __handle_mm_fault+0x9f3/0x35c0
[ 3011.219497]  ? create_io_thread+0xf0/0xf0
[ 3011.219928]  ? lock_is_held_type+0xd7/0x130
[ 3011.220423]  ? lock_is_held_type+0xd7/0x130
[ 3011.220875]  ? find_held_lock+0x2c/0x110
[ 3011.221331]  ? lock_release+0x3b2/0x6f0
[ 3011.221782]  __do_sys_clone+0xc8/0x110
[ 3011.222212]  ? __do_sys_vfork+0xd0/0xd0
[ 3011.222678]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3011.223255]  do_syscall_64+0x3b/0x90
[ 3011.223665]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 3011.224241] RIP: 0033:0x7f928d32210b
[ 3011.224649] Code: ed 0f 85 60 01 00 00 64 4c 8b 0c 25 10 00 00 00 45 31 c0 4d 8d 91 d0 02 00 00 31 d2 31 f6 bf 11 00 20 01 b8 38 00 00 00 0f 05 <48> 3d 00 f0 ff ff 0f 87 89 00 00 00 41 89 c5 85 c0 0f 85 90 00 00
[ 3011.226690] RSP: 002b:00007ffe916ecb10 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[ 3011.227527] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f928d32210b
[ 3011.228310] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011
[ 3011.229077] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000555556e78400
[ 3011.229865] R10: 0000555556e786d0 R11: 0000000000000246 R12: 0000000000000001
[ 3011.230603] R13: 0000000000000000 R14: 0000000000000001 R15: 00007ffe916ecbf0
[ 3011.231405]  </TASK>
09:06:59 executing program 3:
openat$tcp_congestion(0xffffffffffffff9c, &(0x7f0000000040), 0x1, 0x0)
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000002480)='fd/3\x00')
syz_io_uring_setup(0x1d1b, &(0x7f00000002c0)={0x0, 0x28c3, 0x2, 0x7, 0x257, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000340)=<r1=>0x0, &(0x7f0000000380))
syz_io_uring_submit(r1, 0x0, &(0x7f0000000400)=@IORING_OP_OPENAT={0x12, 0x4, 0x0, r0, 0x0, &(0x7f00000003c0)='./file0\x00', 0x20, 0x1, 0x12345}, 0x200)
r2 = socket$nl_sock_diag(0x10, 0x3, 0x4)
r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x200, 0x0)
ioctl$KDSKBSENT(r3, 0x4b49, &(0x7f0000000080)={0xfd, "cff8afa2d2a9c8a657b2be7ebd487bf17e6db015eb7b268ca58e7868d1e471ae6c1d9cb5b6024754c80c543395f7b7a2fbd499a35902b14b57e470a5d7906256aa559c7348b2ecbf297110a15e34f25da5baf584155668824866a9158ee889cc84083c7862f34b316e705aab675927d4a537cd16256dfe7481cb51ca1749e31f37c602ac6fe64a62ba88ee3cdc4747e7acd44e1faeb3eac613ef9ef20d220f770f220237c2d336f120f2013b28b3975a0fb1f1924ea4a1a677db43a13340cb6f4e972c6ad9ba2e8f26b7e56a6d3f0de356ef94a42b674485d175572eaf497b07c3e75adfea2342c6d035d022bc4286d69e631caaf8a27cb9575a9d067f07c0488888421ee6a32029cbd80e769bf64801719a804ef02f1f6e9dd791d600b2966480f1ed613caf6ab5323fbe192e3307d2a398115a43e8f9d7426bc6ee8ceec5b57bdf35e4f24df291623716d3966481b5fc94961eefe9bf23e4090f4c98992e143da0af33876fb2f98f26e13c3a7d14caf12b079873992295b0efb3ccc37fae8475cb201bc28b197c847411bf006a030ae1715c5f357625002445a27f4d7b78bed67e61095f1d0db44b695ff034a2a00b293ae0f67b6da4de7e8883196e94d1cba92a011f3233ba48df3561dbe8461fc22f77e95d42ce58bd162031aabd684f8ba474f4f6032cb1e9a47ada034e3d46f3c57fa63306e142443e540f4a60ddc4f9"})
sendfile(r2, r0, 0x0, 0x5)

09:06:59 executing program 7:
openat$sndseq(0xffffffffffffff9c, 0x0, 0x0)
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{0x0}, {&(0x7f0000000300)=""/165, 0xa5}], 0x2, 0x0, 0x100000)

09:06:59 executing program 0:
perf_event_open$cgroup(&(0x7f0000000c00)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x1025, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

09:06:59 executing program 1:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{&(0x7f0000000040)=""/35, 0x23}, {0x0, 0x2}, {&(0x7f0000000300)=""/165, 0xa5}], 0x3, 0x0, 0xbf00)

09:06:59 executing program 2:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000080), r0)
sendmsg$NLBL_MGMT_C_ADD(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)={0x44, r1, 0x1, 0x0, 0x0, {}, [@NLBL_MGMT_A_IPV6ADDR={0x14, 0x5, @local}, @NLBL_MGMT_A_IPV6MASK={0x14, 0x6, @mcast1}, @NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x5}]}, 0x44}, 0x1, 0x700000000000000}, 0x0)

09:06:59 executing program 6:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{&(0x7f0000000040)=""/35, 0x23}, {0x0}, {&(0x7f0000000300)=""/165, 0xa5}], 0x3, 0x0, 0x3f00)

09:06:59 executing program 5:
socketpair$unix(0x1, 0x5, 0x0, 0x0)
sendmsg$unix(0xffffffffffffffff, 0x0, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
recvmsg$unix(0xffffffffffffffff, &(0x7f0000000a40)={&(0x7f0000000180)=@abs, 0x6e, &(0x7f0000000940)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000440)=""/207, 0xcf}, {&(0x7f0000000540)=""/223, 0xdf}, {&(0x7f0000000680)=""/222, 0xde}, {&(0x7f0000000300)=""/138, 0x8a}, {&(0x7f0000000780)=""/237, 0xed}, {&(0x7f0000000880)=""/124, 0x7c}, {&(0x7f0000000900)=""/33, 0x21}], 0x8, &(0x7f00000009c0)=[@cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}], 0x60}, 0x40)
pwritev(r0, &(0x7f0000000640)=[{&(0x7f00000002c0)="19", 0x1}], 0x1, 0x8000000, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0)
r2 = socket$inet6(0xa, 0x1, 0x0)
bind$inet6(r2, &(0x7f00000002c0)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c)
recvfrom(r2, &(0x7f00000003c0)=""/87, 0x20010397, 0x300, 0x0, 0x0)
sendfile(r2, r1, 0x0, 0xfffffdef)
readv(0xffffffffffffffff, &(0x7f0000000040), 0x0)
openat$cgroup_freezer_state(0xffffffffffffffff, 0x0, 0x2, 0x0)
close(0xffffffffffffffff)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000001540), 0xffffffffffffffff)
sendmsg$NL80211_CMD_STOP_AP(r3, &(0x7f0000001600)={0x0, 0x0, &(0x7f00000015c0)={&(0x7f0000001580)={0x1c, 0x0, 0x1, 0x0, 0x0, {{}, {@val={0x8}, @void}}}, 0x1c}}, 0x0)
getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000000040), &(0x7f0000000080)=0xc)
syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x2200)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f00000000c0)={'macvtap0\x00'})

09:06:59 executing program 4:
unshare(0x44000000)
unshare(0x50000)

09:06:59 executing program 1:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{&(0x7f0000000040)=""/35, 0x23}, {0x0, 0x2}, {&(0x7f0000000300)=""/165, 0xa5}], 0x3, 0x0, 0x100000)

09:06:59 executing program 6:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{&(0x7f0000000040)=""/35, 0x23}, {0x0}, {&(0x7f0000000300)=""/165, 0xa5}], 0x3, 0x0, 0x4800)

[ 3011.395813] Call Trace:
[ 3011.396161]  <TASK>
[ 3011.396410]  x86_pmu_stop+0x149/0x330
[ 3011.396850]  x86_pmu_del+0x1be/0x610
[ 3011.397266]  event_sched_out+0x2ed/0xe80
[ 3011.397710]  __perf_remove_from_context+0x87/0xbe0
[ 3011.398238]  event_function+0x297/0x3d0
[ 3011.398680]  ? perf_uprobe_event_init+0x1c0/0x1c0
[ 3011.399208]  remote_function+0x125/0x1b0
[ 3011.399658]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 3011.400267]  ? perf_duration_warn+0x40/0x40
[ 3011.400759]  generic_exec_single+0x203/0x300
[ 3011.401250]  smp_call_function_single+0x189/0x460
[ 3011.401760]  ? perf_duration_warn+0x40/0x40
[ 3011.402227]  ? generic_exec_single+0x300/0x300
[ 3011.402709]  ? perf_duration_warn+0x40/0x40
[ 3011.403174]  ? lock_is_held_type+0xd7/0x130
[ 3011.403649]  event_function_call+0x3d0/0x430
[ 3011.404116]  ? perf_group_detach+0x11b0/0x11b0
[ 3011.404610]  ? perf_copy_attr+0x9c0/0x9c0
[ 3011.405064]  ? lock_release+0x3b2/0x6f0
[ 3011.405497]  ? perf_group_detach+0x11b0/0x11b0
[ 3011.405999]  ? perf_uprobe_event_init+0x1c0/0x1c0
[ 3011.406516]  ? _raw_spin_unlock_irq+0x1f/0x40
[ 3011.407015]  perf_remove_from_context+0x12e/0x260
[ 3011.407538]  perf_event_release_kernel+0x153/0x7f0
[ 3011.408075]  ? lock_is_held_type+0xd7/0x130
[ 3011.408544]  ? perf_pmu_migrate_context+0xae0/0xae0
[ 3011.409083]  ? lock_is_held_type+0xd7/0x130
[ 3011.409555]  perf_release+0x33/0x40
[ 3011.409957]  __fput+0x272/0x9d0
[ 3011.410314]  ? perf_event_release_kernel+0x7f0/0x7f0
[ 3011.410870]  task_work_run+0xe2/0x1a0
[ 3011.411292]  exit_to_user_mode_prepare+0x199/0x1a0
[ 3011.411827]  syscall_exit_to_user_mode+0x19/0x50
[ 3011.412336]  do_syscall_64+0x48/0x90
[ 3011.412755]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 3011.413312] RIP: 0033:0x7f750a30a72b
[ 3011.413728] Code: 0f 05 48 3d 00 f0 ff ff 77 45 c3 0f 1f 40 00 48 83 ec 18 89 7c 24 0c e8 63 fc ff ff 8b 7c 24 0c 41 89 c0 b8 03 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 35 44 89 c7 89 44 24 0c e8 a1 fc ff ff 8b 44
[ 3011.415683] RSP: 002b:00007ffc8fa2e8d0 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[ 3011.416525] RAX: 0000000000000000 RBX: 0000000000000004 RCX: 00007f750a30a72b
[ 3011.417320] RDX: 0000000000000000 RSI: ffffffff81388253 RDI: 0000000000000003
[ 3011.418099] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000001b30c2001c
[ 3011.418878] R10: 0000000000000473 R11: 0000000000000293 R12: 00007f750a46bb60
[ 3011.419655] R13: 00007f750a46bb60 R14: 00007f750a46af60 R15: 00000000002df202
[ 3011.420449]  ? smp_call_function_single+0x193/0x460
[ 3011.421003]  </TASK>
[ 3011.446979] Call Trace:
[ 3011.447294]  <IRQ>
[ 3011.447528]  ? x86_pmu_start+0x1c0/0x240
[ 3011.447979]  x86_pmu_enable+0x580/0xd90
[ 3011.448412]  ? amd_pmu_disable_virt+0xa0/0xa0
[ 3011.448944]  ctx_resched+0x2b9/0x3a0
[ 3011.449362]  __perf_install_in_context+0x285/0xa40
[ 3011.449891]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 3011.450499]  ? ctx_resched+0x3a0/0x3a0
[ 3011.450932]  remote_function+0x125/0x1b0
[ 3011.451387]  flush_smp_call_function_queue+0x1df/0x610
[ 3011.451952]  ? perf_duration_warn+0x40/0x40
[ 3011.452434]  __sysvec_call_function_single+0x92/0x3a0
[ 3011.452995]  sysvec_call_function_single+0x89/0xc0
[ 3011.453528]  </IRQ>
[ 3011.453769]  <TASK>
[ 3011.454015]  asm_sysvec_call_function_single+0x12/0x20
[ 3011.454576] RIP: 0010:__rwlock_init+0x17/0x140
[ 3011.455083] Code: 1f 22 4d 00 eb a7 66 66 2e 0f 1f 84 00 00 00 00 00 66 90 41 54 49 89 d4 55 48 89 f5 be 40 00 00 00 53 48 89 fb e8 79 c6 fe ff <4c> 89 e2 48 8d 7b 18 45 31 c9 6a 00 41 b8 02 00 00 00 31 c9 48 89
[ 3011.457031] RSP: 0018:ffff888015d8fa60 EFLAGS: 00000286
[ 3011.457608] RAX: 0000000000000000 RBX: ffff88800ee6ed98 RCX: 1ffffffff0b1b999
[ 3011.458386] RDX: 1ffff11001f497e4 RSI: 0000000000000040 RDI: ffff88800fa4bf20
[ 3011.459165] RBP: ffffffff846f4000 R08: 0000000000000001 R09: ffff88800ee6ecf7
[ 3011.459936] R10: ffffed1001dcdd9e R11: 0000000000000001 R12: ffffffff87387840
[ 3011.460714] R13: ffff88800ee6ecf0 R14: 0000000000000000 R15: ffff888015d8fc40
[ 3011.461513]  __alloc_file+0x11f/0x230
[ 3011.461931]  alloc_empty_file+0x6d/0x170
[ 3011.462375]  path_openat+0xe1/0x2870
[ 3011.462795]  ? path_lookupat+0x850/0x850
[ 3011.463244]  ? lockdep_hardirqs_on_prepare+0x400/0x400
[ 3011.463822]  ? lock_is_held_type+0xd7/0x130
[ 3011.464298]  do_filp_open+0x1aa/0x400
[ 3011.464707]  ? may_open_dev+0xf0/0xf0
[ 3011.465132]  ? lock_release+0x3b2/0x6f0
[ 3011.465552]  ? alloc_fd+0x2f0/0x670
[ 3011.465961]  ? lock_downgrade+0x6d0/0x6d0
[ 3011.466409]  ? rwlock_bug.part.0+0x90/0x90
[ 3011.466870]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[ 3011.467474]  ? _find_next_bit+0x1e5/0x260
[ 3011.467916]  ? _raw_spin_unlock+0x24/0x40
[ 3011.468373]  ? alloc_fd+0x2f0/0x670
[ 3011.468777]  do_sys_openat2+0x16d/0x4c0
[ 3011.469217]  ? build_open_flags+0x6f0/0x6f0
[ 3011.469695]  ? seccomp_notify_ioctl+0xdc0/0xdc0
[ 3011.470211]  __x64_sys_openat+0x13f/0x1f0
[ 3011.470647]  ? __x64_sys_open+0x1c0/0x1c0
[ 3011.471110]  ? __secure_computing+0x195/0x2f0
[ 3011.471591]  do_syscall_64+0x3b/0x90
[ 3011.472000]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 3011.472561] RIP: 0033:0x7fe025b89d62
[ 3011.472977] Code: c0 f6 c2 40 75 52 89 d0 45 31 d2 25 00 00 41 00 3d 00 00 41 00 74 41 64 8b 04 25 18 00 00 00 85 c0 75 65 b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 0f 87 a2 00 00 00 48 8b 4c 24 38 64 48 2b 0c 25
[ 3011.474917] RSP: 002b:00007fff3f1cb5b0 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 3011.475740] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 00007fe025b89d62
[ 3011.476511] RDX: 00000000002a0000 RSI: 000055a0d7848991 RDI: 0000000000000011
[ 3011.477284] RBP: 000055a0d7848990 R08: 000055a0d62e98f0 R09: 00007fe025c59be0
[ 3011.478053] R10: 0000000000000000 R11: 0000000000000246 R12: 000055a0d7839328
[ 3011.478825] R13: 0000000000000011 R14: 0000000000000008 R15: 000055a0d7848991
[ 3011.479617]  </TASK>
[ 3011.480858] Call Trace:
[ 3011.481156]  <TASK>
[ 3011.481404]  x86_pmu_stop+0x149/0x330
[ 3011.481832]  x86_pmu_del+0x1be/0x610
[ 3011.482251]  event_sched_out+0x2ed/0xe80
[ 3011.482706]  __perf_remove_from_context+0x87/0xbe0
[ 3011.483269]  event_function+0x297/0x3d0
[ 3011.483709]  ? perf_uprobe_event_init+0x1c0/0x1c0
[ 3011.484232]  remote_function+0x125/0x1b0
[ 3011.484680]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 3011.485284]  ? perf_duration_warn+0x40/0x40
[ 3011.485758]  generic_exec_single+0x203/0x300
[ 3011.486224]  smp_call_function_single+0x189/0x460
[ 3011.486757]  ? perf_duration_warn+0x40/0x40
[ 3011.487212]  ? generic_exec_single+0x300/0x300
[ 3011.487710]  ? perf_duration_warn+0x40/0x40
[ 3011.488181]  ? lock_is_held_type+0xd7/0x130
[ 3011.488662]  event_function_call+0x3d0/0x430
[ 3011.489155]  ? perf_group_detach+0x11b0/0x11b0
[ 3011.489654]  ? perf_copy_attr+0x9c0/0x9c0
[ 3011.490083]  ? lock_release+0x3b2/0x6f0
[ 3011.490517]  ? perf_group_detach+0x11b0/0x11b0
[ 3011.491018]  ? perf_uprobe_event_init+0x1c0/0x1c0
[ 3011.491553]  ? _raw_spin_unlock_irq+0x1f/0x40
[ 3011.492043]  perf_remove_from_context+0x12e/0x260
[ 3011.492578]  perf_event_release_kernel+0x153/0x7f0
[ 3011.493132]  ? lock_is_held_type+0xd7/0x130
[ 3011.493603]  ? perf_pmu_migrate_context+0xae0/0xae0
[ 3011.494155]  ? lock_is_held_type+0xd7/0x130
[ 3011.494637]  perf_release+0x33/0x40
[ 3011.495036]  __fput+0x272/0x9d0
[ 3011.495397]  ? perf_event_release_kernel+0x7f0/0x7f0
[ 3011.495958]  task_work_run+0xe2/0x1a0
[ 3011.496390]  exit_to_user_mode_prepare+0x199/0x1a0
[ 3011.496941]  syscall_exit_to_user_mode+0x19/0x50
[ 3011.497460]  do_syscall_64+0x48/0x90
[ 3011.497864]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 3011.498429] RIP: 0033:0x7f750a30a72b
[ 3011.498830] Code: 0f 05 48 3d 00 f0 ff ff 77 45 c3 0f 1f 40 00 48 83 ec 18 89 7c 24 0c e8 63 fc ff ff 8b 7c 24 0c 41 89 c0 b8 03 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 35 44 89 c7 89 44 24 0c e8 a1 fc ff ff 8b 44
[ 3011.500826] RSP: 002b:00007ffc8fa2e8d0 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[ 3011.501654] RAX: 0000000000000000 RBX: 0000000000000004 RCX: 00007f750a30a72b
[ 3011.502429] RDX: 00007f750a46fa68 RSI: 0000000000000080 RDI: 0000000000000003
[ 3011.503198] RBP: 0000000000000000 R08: 0000000000000000 R09: 00007f750a46fa70
[ 3011.503965] R10: 00007ffc8fa2e9c0 R11: 0000000000000293 R12: 00000000002df304
[ 3011.504748] R13: 00000000000003e8 R14: 00007f750a46af60 R15: 00000000002df202
[ 3011.505535]  </TASK>
09:07:14 executing program 0:
perf_event_open$cgroup(&(0x7f0000000c00)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x1026, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

09:07:14 executing program 4:
r0 = add_key$fscrypt_v1(&(0x7f0000000000), &(0x7f0000000040)={'fscrypt:', @desc1}, &(0x7f0000000080)={0x0, "be80b90ae0c74c556cd5e9c03fd442fd41e3e64b6abaea34bc63984a5662eacc09b514d4b567dadf0deceaa11421027662dec117d813d43a59bc99b545ebc135"}, 0x48, 0xfffffffffffffffe)
r1 = add_key$fscrypt_v1(&(0x7f0000000000), &(0x7f0000000040)={'fscrypt:', @desc1}, &(0x7f0000000080)={0x0, "be80b90ae0c74c556cd5e9c03fd442fd41e3e64b6abaea34bc63984a5662eacc09b514d4b567dadf0deceaa11421027662dec117d813d43a59bc99b545ebc135"}, 0x48, 0xfffffffffffffffe)
r2 = add_key$fscrypt_v1(&(0x7f0000000000), &(0x7f0000000040)={'fscrypt:', @desc1}, &(0x7f0000000080)={0x0, "be80b90ae0c74c556cd5e9c03fd442fd41e3e64b6abaea34bc63984a5662eacc09b514d4b567dadf0deceaa11421027662dec117d813d43a59bc99b545ebc135"}, 0x48, 0xfffffffffffffffe)
r3 = add_key$keyring(&(0x7f0000000100), &(0x7f0000000140)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffff9)
keyctl$KEYCTL_MOVE(0x1e, r3, r2, r1, 0x1)
keyctl$KEYCTL_MOVE(0x1e, r0, r1, r2, 0x0)

09:07:14 executing program 5:
socketpair$unix(0x1, 0x5, 0x0, 0x0)
sendmsg$unix(0xffffffffffffffff, 0x0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_OPENMOUNT(0xffffffffffffffff, 0xc0189374, &(0x7f00000000c0)={{0x1, 0x1, 0x18, <r0=>0xffffffffffffffff, {0x14000}}, './file1\x00'})
connect$unix(r0, &(0x7f0000000140)=@file={0x0, './file1\x00'}, 0x6e)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
pwritev(r1, &(0x7f0000000640)=[{&(0x7f00000002c0)="19", 0x1}], 0x1, 0x8000000, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0)
r3 = socket$inet6(0xa, 0x1, 0x0)
bind$inet6(r3, &(0x7f00000002c0)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
connect$inet6(r3, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c)
recvfrom(r3, &(0x7f00000003c0)=""/87, 0x20010397, 0x300, 0x0, 0x0)
sendfile(r3, r2, 0x0, 0xfffffdef)
readv(0xffffffffffffffff, &(0x7f0000000040), 0x0)
openat$cgroup_freezer_state(0xffffffffffffffff, 0x0, 0x2, 0x0)
close(0xffffffffffffffff)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000001540), 0xffffffffffffffff)
sendmsg$NL80211_CMD_STOP_AP(r4, &(0x7f0000001600)={0x0, 0x0, &(0x7f00000015c0)={&(0x7f0000001580)={0x1c, 0x0, 0x1, 0x0, 0x0, {{}, {@val={0x8}, @void}}}, 0x1c}}, 0x0)
getsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f0000000040), &(0x7f0000000080)=0xc)
syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x2200)

09:07:14 executing program 2:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000080), r0)
sendmsg$NLBL_MGMT_C_ADD(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)={0x44, r1, 0x1, 0x0, 0x0, {}, [@NLBL_MGMT_A_IPV6ADDR={0x14, 0x5, @local}, @NLBL_MGMT_A_IPV6MASK={0x14, 0x6, @mcast1}, @NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x5}]}, 0x44}, 0x1, 0x700000000000000}, 0x0)

09:07:14 executing program 7:
openat$sndseq(0xffffffffffffff9c, 0x0, 0x0)
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{0x0}, {&(0x7f0000000300)=""/165, 0xa5}], 0x2, 0x0, 0xf0ff7f)

09:07:14 executing program 3:
openat$tcp_congestion(0xffffffffffffff9c, &(0x7f0000000040), 0x1, 0x0)
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000002480)='fd/3\x00')
syz_io_uring_setup(0x1d1b, &(0x7f00000002c0)={0x0, 0x28c3, 0x2, 0x7, 0x257, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000340)=<r1=>0x0, &(0x7f0000000380))
syz_io_uring_submit(r1, 0x0, &(0x7f0000000400)=@IORING_OP_OPENAT={0x12, 0x4, 0x0, r0, 0x0, &(0x7f00000003c0)='./file0\x00', 0x20, 0x1, 0x12345}, 0x200)
r2 = socket$nl_sock_diag(0x10, 0x3, 0x4)
r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x200, 0x0)
ioctl$KDSKBSENT(r3, 0x4b49, &(0x7f0000000080)={0xfd, "cff8afa2d2a9c8a657b2be7ebd487bf17e6db015eb7b268ca58e7868d1e471ae6c1d9cb5b6024754c80c543395f7b7a2fbd499a35902b14b57e470a5d7906256aa559c7348b2ecbf297110a15e34f25da5baf584155668824866a9158ee889cc84083c7862f34b316e705aab675927d4a537cd16256dfe7481cb51ca1749e31f37c602ac6fe64a62ba88ee3cdc4747e7acd44e1faeb3eac613ef9ef20d220f770f220237c2d336f120f2013b28b3975a0fb1f1924ea4a1a677db43a13340cb6f4e972c6ad9ba2e8f26b7e56a6d3f0de356ef94a42b674485d175572eaf497b07c3e75adfea2342c6d035d022bc4286d69e631caaf8a27cb9575a9d067f07c0488888421ee6a32029cbd80e769bf64801719a804ef02f1f6e9dd791d600b2966480f1ed613caf6ab5323fbe192e3307d2a398115a43e8f9d7426bc6ee8ceec5b57bdf35e4f24df291623716d3966481b5fc94961eefe9bf23e4090f4c98992e143da0af33876fb2f98f26e13c3a7d14caf12b079873992295b0efb3ccc37fae8475cb201bc28b197c847411bf006a030ae1715c5f357625002445a27f4d7b78bed67e61095f1d0db44b695ff034a2a00b293ae0f67b6da4de7e8883196e94d1cba92a011f3233ba48df3561dbe8461fc22f77e95d42ce58bd162031aabd684f8ba474f4f6032cb1e9a47ada034e3d46f3c57fa63306e142443e540f4a60ddc4f9"})
sendfile(r2, r0, 0x0, 0x5)

09:07:14 executing program 6:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{&(0x7f0000000040)=""/35, 0x23}, {0x0}, {&(0x7f0000000300)=""/165, 0xa5}], 0x3, 0x0, 0x4c00)

09:07:14 executing program 1:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{&(0x7f0000000040)=""/35, 0x23}, {0x0, 0x2}, {&(0x7f0000000300)=""/165, 0xa5}], 0x3, 0x0, 0xf0ff1f)

[ 3026.441562] Call Trace:
[ 3026.441977]  <IRQ>
[ 3026.442292]  ? x86_pmu_start+0x1c0/0x240
[ 3026.442883]  x86_pmu_enable+0x580/0xd90
[ 3026.443457]  ? amd_pmu_disable_virt+0xa0/0xa0
[ 3026.444125]  ctx_resched+0x2b9/0x3a0
[ 3026.444674]  __perf_install_in_context+0x285/0xa40
[ 3026.445417]  ? __irq_exit_rcu+0x113/0x170
[ 3026.446018]  ? ctx_resched+0x3a0/0x3a0
[ 3026.446578]  remote_function+0x125/0x1b0
[ 3026.447202]  flush_smp_call_function_queue+0x1df/0x610
[ 3026.447954]  ? perf_duration_warn+0x40/0x40
[ 3026.448587]  __sysvec_call_function_single+0x92/0x3a0
[ 3026.449384]  sysvec_call_function_single+0x89/0xc0
[ 3026.450087]  </IRQ>
[ 3026.450405]  <TASK>
[ 3026.450726]  asm_sysvec_call_function_single+0x12/0x20
[ 3026.451472] RIP: 0010:unwind_next_frame+0xab7/0x2250
[ 3026.452194] Code: 80 3c 16 00 0f 85 af 0f 00 00 48 8b 54 24 08 4c 8b 64 24 68 49 89 46 58 48 b8 00 00 00 00 00 fc ff df 48 c1 ea 03 80 3c 02 00 <0f> 85 5c 0f 00 00 48 8b 14 24 4d 89 66 48 48 b8 00 00 00 00 00 fc
[ 3026.454776] RSP: 0018:ffff8880425c7790 EFLAGS: 00000246
[ 3026.455528] RAX: dffffc0000000000 RBX: 1ffff110084b8efb RCX: ffffffff85c0303b
[ 3026.456532] RDX: 1ffff110084b8f21 RSI: 1ffff110084b8f23 RDI: ffff8880425c78b8
[ 3026.457551] RBP: 0000000000000001 R08: ffffffff85c03036 R09: ffffffff85c0303a
[ 3026.458554] R10: ffffed10084b8f25 R11: 000000000003403b R12: ffff8880425c78c0
[ 3026.459555] R13: ffff8880425c7901 R14: ffff8880425c78c0 R15: ffff8880425c78b8
[ 3026.460584]  ? __unwind_start+0x586/0x7c0
[ 3026.461209]  ? deref_stack_reg+0x150/0x150
[ 3026.461814]  ? get_stack_info_noinstr+0x12/0xf0
[ 3026.462480]  __unwind_start+0x50b/0x7c0
[ 3026.463047]  ? create_prof_cpu_mask+0x20/0x20
[ 3026.463696]  arch_stack_walk+0x5f/0xf0
[ 3026.464261]  ? arch_stack_walk+0x5f/0xf0
[ 3026.464840]  stack_trace_save+0x8c/0xc0
[ 3026.465420]  ? filter_irq_stacks+0x90/0x90
[ 3026.466030]  ? __lock_acquire+0x164e/0x6120
[ 3026.466646]  kasan_save_stack+0x1e/0x40
[ 3026.467224]  ? lockdep_hardirqs_on_prepare+0x400/0x400
[ 3026.467982]  ? lock_is_held_type+0xd7/0x130
[ 3026.468591]  ? find_held_lock+0x2c/0x110
[ 3026.469191]  ? lock_release+0x3b2/0x6f0
[ 3026.469754]  ? kmem_cache_alloc+0x43/0x480
[ 3026.470355]  ? lock_is_held_type+0xd7/0x130
[ 3026.470964]  ? kasan_unpoison+0x23/0x50
[ 3026.471529]  __kasan_slab_alloc+0x66/0x80
[ 3026.472129]  kmem_cache_alloc+0x1aa/0x480
[ 3026.472730]  create_object.isra.0+0x3a/0xa20
[ 3026.473373]  ? kasan_unpoison+0x23/0x50
[ 3026.473945]  __kmalloc+0x25b/0x440
[ 3026.474456]  sk_prot_alloc+0x154/0x2e0
[ 3026.475017]  sk_alloc+0x34/0x750
[ 3026.475510]  __netlink_create+0x63/0x2c0
[ 3026.476091]  netlink_create+0x3b2/0x5e0
[ 3026.476655]  ? genl_start+0x670/0x670
[ 3026.477222]  __sock_create+0x345/0x750
[ 3026.477771]  ? fput+0x2a/0x50
[ 3026.478258]  __sys_socket+0xef/0x200
[ 3026.478793]  ? compat_sock_ioctl+0x590/0x590
[ 3026.479434]  __x64_sys_socket+0x6f/0xb0
[ 3026.479993]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3026.480721]  do_syscall_64+0x3b/0x90
[ 3026.481259]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 3026.481979] RIP: 0033:0x7f928d323b19
[ 3026.482507] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3026.485089] RSP: 002b:00007f928a899128 EFLAGS: 00000246 ORIG_RAX: 0000000000000029
[ 3026.486155] RAX: ffffffffffffffda RBX: 00007f928d436f60 RCX: 00007f928d323b19
[ 3026.487152] RDX: 0000000000000010 RSI: 0000000000000003 RDI: 0000000000000010
[ 3026.488146] RBP: 0000000000000003 R08: 0000000000000000 R09: 0000000000000000
[ 3026.489173] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 3026.490162] R13: 00007ffe916ec8df R14: 00007f928a899300 R15: 0000000000022000
[ 3026.491173]  </TASK>
[ 3026.505961] Call Trace:
[ 3026.506428]  <TASK>
[ 3026.506792]  x86_pmu_stop+0x149/0x330
[ 3026.507375]  x86_pmu_del+0x1be/0x610
[ 3026.507945]  event_sched_out+0x2ed/0xe80
[ 3026.508561]  __perf_remove_from_context+0x87/0xbe0
[ 3026.509345]  event_function+0x297/0x3d0
[ 3026.509923]  ? perf_uprobe_event_init+0x1c0/0x1c0
[ 3026.510642]  remote_function+0x125/0x1b0
[ 3026.511252]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 3026.512067]  ? perf_duration_warn+0x40/0x40
[ 3026.512822]  generic_exec_single+0x203/0x300
[ 3026.513477]  smp_call_function_single+0x189/0x460
09:07:14 executing program 6:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{&(0x7f0000000040)=""/35, 0x23}, {0x0}, {&(0x7f0000000300)=""/165, 0xa5}], 0x3, 0x0, 0x6800)

[ 3026.514157]  ? perf_duration_warn+0x40/0x40
[ 3026.514928]  ? generic_exec_single+0x300/0x300
[ 3026.515578]  ? perf_duration_warn+0x40/0x40
[ 3026.516205]  ? lock_is_held_type+0xd7/0x130
[ 3026.516825]  event_function_call+0x3d0/0x430
[ 3026.517476]  ? perf_group_detach+0x11b0/0x11b0
[ 3026.518128]  ? perf_copy_attr+0x9c0/0x9c0
[ 3026.518702]  ? lock_release+0x3b2/0x6f0
[ 3026.519267]  ? perf_group_detach+0x11b0/0x11b0
[ 3026.519915]  ? perf_uprobe_event_init+0x1c0/0x1c0
[ 3026.520599]  ? _raw_spin_unlock_irq+0x1f/0x40
[ 3026.521244]  perf_remove_from_context+0x12e/0x260
[ 3026.521922]  perf_event_release_kernel+0x153/0x7f0
[ 3026.522619]  ? lock_is_held_type+0xd7/0x130
[ 3026.523228]  ? perf_pmu_migrate_context+0xae0/0xae0
[ 3026.523930]  ? lock_is_held_type+0xd7/0x130
[ 3026.524543]  perf_release+0x33/0x40
[ 3026.525067]  __fput+0x272/0x9d0
[ 3026.525539]  ? perf_event_release_kernel+0x7f0/0x7f0
[ 3026.526280]  task_work_run+0xe2/0x1a0
[ 3026.526838]  exit_to_user_mode_prepare+0x199/0x1a0
[ 3026.527539]  syscall_exit_to_user_mode+0x19/0x50
[ 3026.528217]  do_syscall_64+0x48/0x90
[ 3026.528745]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 3026.529504] RIP: 0033:0x7f750a30a72b
[ 3026.530019] Code: 0f 05 48 3d 00 f0 ff ff 77 45 c3 0f 1f 40 00 48 83 ec 18 89 7c 24 0c e8 63 fc ff ff 8b 7c 24 0c 41 89 c0 b8 03 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 35 44 89 c7 89 44 24 0c e8 a1 fc ff ff 8b 44
[ 3026.532596] RSP: 002b:00007ffc8fa2e8d0 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[ 3026.533677] RAX: 0000000000000000 RBX: 0000000000000004 RCX: 00007f750a30a72b
[ 3026.534673] RDX: 0000000000000000 RSI: ffffffff81388253 RDI: 0000000000000003
[ 3026.535678] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000001b30c2001c
[ 3026.536683] R10: 0000000000000473 R11: 0000000000000293 R12: 00007f750a46bb60
[ 3026.537708] R13: 00007f750a46bb60 R14: 00007f750a46af60 R15: 00000000002e2d84
[ 3026.538723]  ? smp_call_function_single+0x193/0x460
[ 3026.539436]  </TASK>
09:07:14 executing program 7:
openat$sndseq(0xffffffffffffff9c, 0x0, 0x0)
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{0x0}, {&(0x7f0000000300)=""/165, 0xa5}], 0x2, 0x0, 0x1000000)

09:07:14 executing program 1:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{&(0x7f0000000040)=""/35, 0x23}, {0x0, 0x2}, {&(0x7f0000000300)=""/165, 0xa5}], 0x3, 0x0, 0x1000000)

09:07:14 executing program 4:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x10000000000002, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x979}], 0x0, &(0x7f0000000500)=ANY=[@ANYRESOCT, @ANYRES32, @ANYRESOCT=0x0])
chdir(&(0x7f0000000140)='./file0\x00')
syz_mount_image$iso9660(&(0x7f0000000080), &(0x7f00000000c0)='./file1\x00', 0xffffffff7fffffff, 0x5, &(0x7f0000000400)=[{&(0x7f0000000180)="fcfe897756a78ee5622fed023a3c5956c592b9d4010f846ea2dde2", 0x1b, 0x6}, {&(0x7f0000000240)="2d744b94137d54917c4f4942c8239941079c8d6f3380d9336f2dacf1771c5c67c007be413cb2aeb3db5b797a00164d802ecf4948d528470eb176cf3e55ef45a0869d58ac1ecdc67862a233881795fb7d7613ff85c76b9ba26cdf3580", 0x5c, 0xfffffffffffff1b0}, {&(0x7f00000002c0)="2e6c2e10b9665f6938527063835e12196d23fc2c60fe2afc58bab1aee73e4e0db4890350f053e4c226832f55862c5c90ffedd2d200e0d168ef75b1a11447eeed5e255956290f56d78bc77750ded15b5aa3f52ed63131b8009fb881ab3773d31c62926a488f31944935a82d7c44b08f85a16c86d6b197218b6fdac910ec97eab4003e2f634231fee704b54c7cf4320e66d5e0f15e205c1ee6b4439f6163945a6e9f7bb64335e4559a2799305e69d8cc4e569f9871e9aa4731afe1033c1b", 0xbd, 0xffffffffffffffff}, {&(0x7f00000001c0)="e856a7b041c58ce19e16ab078fff50be3c64cce7b9f9a93b713360ae3bbc4f78b4434c1ffc", 0x25, 0x915}, {&(0x7f0000000380)="d1f87bb0f619c10b12699c78e9e5dec7524d8db668d193b1d859dfd490f51a8ed14f1e8973f82a812d487d403dded067a542f7501bdd559204a29d07def862fc91d525bae795d6e62431", 0x4a, 0x9}], 0x404, &(0x7f0000000480)={[{@uid}, {@nojoliet}, {}, {@uid={'uid', 0x3d, 0xee00}}, {@map_acorn}, {}, {@iocharset={'iocharset', 0x3d, 'macgreek'}}, {@cruft}]})
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000040)={'wlan1\x00', <r2=>0x0})
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000001540), 0xffffffffffffffff)
sendmsg$NL80211_CMD_STOP_AP(r1, &(0x7f0000001600)={0x0, 0x0, &(0x7f00000015c0)={&(0x7f0000001580)={0x1c, r3, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}}, 0x1c}}, 0x0)
fallocate(r1, 0x10, 0x5, 0x2519)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r4, &(0x7f0000001180)=ANY=[], 0x220)
truncate(&(0x7f0000000040)='./file1\x00', 0x80)
sendfile(r4, r0, 0x0, 0xfffffded)

09:07:14 executing program 7:
openat$sndseq(0xffffffffffffff9c, 0x0, 0x0)
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{0x0}, {&(0x7f0000000300)=""/165, 0xa5}], 0x2, 0x0, 0x2000000)

09:07:14 executing program 3:
r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x92f6, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="d71a906d6b6673ff0f000000020801000670008000f801", 0x17}], 0x0, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
r3 = dup2(r0, 0xffffffffffffffff)
ioctl$EXT4_IOC_MOVE_EXT(r2, 0xc028660f, &(0x7f0000000080)={0x0, r3, 0x401, 0x7, 0x0, 0x80})
mknod$loop(&(0x7f0000000140)='./file0\x00', 0x2000, 0x1)
ioctl$FITRIM(r1, 0xc0185879, &(0x7f00000001c0)={0x0, 0x7fffffff})

09:07:14 executing program 6:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{&(0x7f0000000040)=""/35, 0x23}, {0x0}, {&(0x7f0000000300)=""/165, 0xa5}], 0x3, 0x0, 0x6c00)

[ 3026.711041] loop3: detected capacity change from 0 to 73
[ 3026.744719] Call Trace:
[ 3026.745186]  <IRQ>
[ 3026.745500]  ? x86_pmu_start+0x1c0/0x240
[ 3026.746094]  x86_pmu_enable+0x580/0xd90
[ 3026.746667]  ? amd_pmu_disable_virt+0xa0/0xa0
[ 3026.747320]  ctx_resched+0x2b9/0x3a0
[ 3026.747850]  __perf_install_in_context+0x285/0xa40
[ 3026.748548]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 3026.749339]  ? ctx_resched+0x3a0/0x3a0
[ 3026.749899]  remote_function+0x125/0x1b0
[ 3026.750485]  flush_smp_call_function_queue+0x1df/0x610
[ 3026.751230]  ? perf_duration_warn+0x40/0x40
[ 3026.751854]  __sysvec_call_function_single+0x92/0x3a0
[ 3026.752582]  sysvec_call_function_single+0x89/0xc0
[ 3026.753302]  </IRQ>
[ 3026.753619]  <TASK>
[ 3026.753936]  asm_sysvec_call_function_single+0x12/0x20
[ 3026.754677] RIP: 0010:security_file_permission+0x42/0xd0
[ 3026.755428] Code: e8 b3 18 5d ff 48 8b 1d 44 cf 52 05 e8 a7 18 5d ff 48 85 db 74 50 e8 9d 18 5d ff 48 8d 7b 18 48 89 f8 48 c1 e8 03 80 3c 28 00 <75> 79 44 89 ee 4c 89 f7 48 8b 43 18 e8 3d 97 59 02 31 ff 41 89 c4
[ 3026.758000] RSP: 0018:ffff888018427e00 EFLAGS: 00000246
[ 3026.758746] RAX: 1ffffffff0a7b4b2 RBX: ffffffff853da578 RCX: 0000000000000000
[ 3026.759732] RDX: ffff888008ae3580 RSI: ffffffff81e6a0a3 RDI: ffffffff853da590
[ 3026.760720] RBP: dffffc0000000000 R08: 0000000000000000 R09: ffff88800cd4c003
[ 3026.761730] R10: ffffffff817ae3f3 R11: 0000000000000001 R12: 0000000000000000
[ 3026.762703] R13: 0000000000000004 R14: ffff88800cca0780 R15: 0000000000000001
[ 3026.763699]  ? rw_verify_area+0x93/0x1b0
[ 3026.764275]  ? security_file_permission+0x33/0xd0
[ 3026.764968]  rw_verify_area+0xae/0x1b0
[ 3026.765530]  vfs_read+0x15a/0x5d0
[ 3026.766031]  ksys_read+0x127/0x250
[ 3026.766529]  ? __ia32_sys_pwrite64+0x220/0x220
[ 3026.767164]  ? __secure_computing+0x195/0x2f0
[ 3026.767799]  do_syscall_64+0x3b/0x90
[ 3026.768319]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 3026.769046] RIP: 0033:0x7f9e21b9aecc
[ 3026.769566] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 c9 5e f9 ff 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ff 5e f9 ff 48
[ 3026.772067] RSP: 002b:00007ffd3e915900 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 3026.773139] RAX: ffffffffffffffda RBX: 00007ffd3e918220 RCX: 00007f9e21b9aecc
[ 3026.774101] RDX: 0000000000002000 RSI: 00007ffd3e9161b0 RDI: 0000000000000009
[ 3026.775071] RBP: 00007ffd3e9182e0 R08: 0000000000000000 R09: 00007ffd3e961080
[ 3026.776030] R10: 00007ffd3e9610f0 R11: 0000000000000246 R12: 0000000000000000
[ 3026.777002] R13: 00007ffd3e9161b0 R14: 0000000000000100 R15: 0000000000000000
[ 3026.778010]  </TASK>
[ 3026.812039] syz-executor.3: attempt to access beyond end of device
[ 3026.812039] loop3: rw=2051, want=126, limit=73
09:07:15 executing program 1:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{&(0x7f0000000040)=""/35, 0x23}, {0x0, 0x2}, {&(0x7f0000000300)=""/165, 0xa5}], 0x3, 0x0, 0x2000000)

[ 3026.914812] Call Trace:
[ 3026.915222]  <TASK>
[ 3026.915542]  x86_pmu_stop+0x149/0x330
[ 3026.916103]  x86_pmu_del+0x1be/0x610
[ 3026.916642]  event_sched_out+0x2ed/0xe80
[ 3026.917240]  __perf_remove_from_context+0x87/0xbe0
[ 3026.917939]  event_function+0x297/0x3d0
[ 3026.918499]  ? perf_uprobe_event_init+0x1c0/0x1c0
[ 3026.919180]  remote_function+0x125/0x1b0
[ 3026.919757]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 3026.920519]  ? perf_duration_warn+0x40/0x40
[ 3026.921148]  generic_exec_single+0x203/0x300
[ 3026.921769]  smp_call_function_single+0x189/0x460
[ 3026.922440]  ? perf_duration_warn+0x40/0x40
[ 3026.923053]  ? generic_exec_single+0x300/0x300
[ 3026.923683]  ? perf_duration_warn+0x40/0x40
[ 3026.924288]  ? lock_is_held_type+0xd7/0x130
[ 3026.924899]  event_function_call+0x3d0/0x430
[ 3026.925534]  ? perf_group_detach+0x11b0/0x11b0
[ 3026.926171]  ? perf_copy_attr+0x9c0/0x9c0
[ 3026.926745]  ? lock_release+0x3b2/0x6f0
[ 3026.927299]  ? perf_group_detach+0x11b0/0x11b0
[ 3026.927927]  ? perf_uprobe_event_init+0x1c0/0x1c0
[ 3026.928601]  ? _raw_spin_unlock_irq+0x1f/0x40
[ 3026.929241]  perf_remove_from_context+0x12e/0x260
[ 3026.929914]  perf_event_release_kernel+0x153/0x7f0
[ 3026.930597]  ? lock_is_held_type+0xd7/0x130
[ 3026.931200]  ? perf_pmu_migrate_context+0xae0/0xae0
[ 3026.931896]  ? lock_is_held_type+0xd7/0x130
[ 3026.932503]  perf_release+0x33/0x40
[ 3026.933028]  __fput+0x272/0x9d0
[ 3026.933486]  ? perf_event_release_kernel+0x7f0/0x7f0
[ 3026.934195]  task_work_run+0xe2/0x1a0
[ 3026.934734]  do_exit+0xaf7/0x27e0
[ 3026.935205]  ? find_held_lock+0x2c/0x110
[ 3026.935780]  ? lock_release+0x3b2/0x6f0
[ 3026.936347]  ? mm_update_next_owner+0x7d0/0x7d0
[ 3026.937013]  ? lock_downgrade+0x6d0/0x6d0
[ 3026.937607]  ? lock_is_held_type+0xd7/0x130
[ 3026.938212]  do_group_exit+0xd2/0x2f0
[ 3026.938754]  get_signal+0x2303/0x2350
[ 3026.939309]  ? lock_downgrade+0x6d0/0x6d0
[ 3026.939900]  ? signal_setup_done+0x520/0x520
[ 3026.940521]  ? lock_is_held_type+0xd7/0x130
[ 3026.941146]  arch_do_signal_or_restart+0x88/0x1a40
[ 3026.941843]  ? __do_sys_perf_event_open+0xd2/0x3040
[ 3026.942560]  ? get_sigframe_size+0x10/0x10
[ 3026.943161]  ? perf_remove_from_context+0x260/0x260
[ 3026.943864]  ? xfd_validate_state+0x59/0x180
[ 3026.944501]  exit_to_user_mode_prepare+0x131/0x1a0
[ 3026.945227]  syscall_exit_to_user_mode+0x19/0x50
[ 3026.945890]  do_syscall_64+0x48/0x90
[ 3026.946412]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 3026.947127] RIP: 0033:0x7f750a357b19
[ 3026.947635] Code: Unable to access opcode bytes at RIP 0x7f750a357aef.
[ 3026.948517] RSP: 002b:00007f75078cd188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a
[ 3026.949575] RAX: 0000000000000003 RBX: 00007f750a46af60 RCX: 00007f750a357b19
[ 3026.950551] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000c00
[ 3026.951520] RBP: 00007f750a3b1f6d R08: 0000000000000000 R09: 0000000000000000
[ 3026.952488] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000000
[ 3026.953488] R13: 00007ffc8fa2e86f R14: 00007f75078cd300 R15: 0000000000022000
[ 3026.954472]  </TASK>
09:07:32 executing program 6:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{&(0x7f0000000040)=""/35, 0x23}, {0x0}, {&(0x7f0000000300)=""/165, 0xa5}], 0x3, 0x0, 0x7400)

09:07:32 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, 0x0)
sendmsg$unix(0xffffffffffffffff, 0x0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_OPENMOUNT(0xffffffffffffffff, 0xc0189374, &(0x7f00000000c0)={{0x1, 0x1, 0x18, <r0=>0xffffffffffffffff, {0x14000}}, './file1\x00'})
connect$unix(r0, &(0x7f0000000140)=@file={0x0, './file1\x00'}, 0x6e)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
pwritev(r1, &(0x7f0000000640)=[{&(0x7f00000002c0)="19", 0x1}], 0x1, 0x8000000, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0)
r3 = socket$inet6(0xa, 0x1, 0x0)
bind$inet6(r3, &(0x7f00000002c0)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
connect$inet6(r3, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c)
recvfrom(r3, &(0x7f00000003c0)=""/87, 0x20010397, 0x300, 0x0, 0x0)
sendfile(r3, r2, 0x0, 0xfffffdef)
readv(0xffffffffffffffff, &(0x7f0000000040), 0x0)
openat$cgroup_freezer_state(0xffffffffffffffff, 0x0, 0x2, 0x0)
close(0xffffffffffffffff)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000001540), 0xffffffffffffffff)
sendmsg$NL80211_CMD_STOP_AP(r4, &(0x7f0000001600)={0x0, 0x0, &(0x7f00000015c0)={&(0x7f0000001580)={0x1c, 0x0, 0x1, 0x0, 0x0, {{}, {@val={0x8}, @void}}}, 0x1c}}, 0x0)
getsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f0000000040), &(0x7f0000000080)=0xc)
syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x2200)

09:07:32 executing program 5:
socketpair$unix(0x1, 0x5, 0x0, 0x0)
sendmsg$unix(0xffffffffffffffff, 0x0, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
pwritev(r0, &(0x7f0000000640)=[{&(0x7f00000002c0)="19", 0x1}], 0x1, 0x8000000, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0)
r2 = socket$inet6(0xa, 0x1, 0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
bind$inet6(r3, &(0x7f00000002c0)={0xa, 0x4e20, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}, 0x1c)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c)
recvfrom(r2, &(0x7f00000003c0)=""/87, 0x20010397, 0x300, 0x0, 0x0)
sendfile(r2, r1, 0x0, 0xfffffdef)
readv(0xffffffffffffffff, &(0x7f0000000040), 0x0)
openat$cgroup_freezer_state(0xffffffffffffffff, 0x0, 0x2, 0x0)
close(0xffffffffffffffff)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000001540), 0xffffffffffffffff)
sendmsg$NL80211_CMD_STOP_AP(r4, &(0x7f0000001600)={0x0, 0x0, &(0x7f00000015c0)={&(0x7f0000001580)=ANY=[@ANYBLOB="1c000000", @ANYRES16=0x0, @ANYBLOB="010000000080000000001080000008000300", @ANYRES32=0x0, @ANYBLOB], 0x1c}}, 0x0)
getsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f0000000040), &(0x7f0000000080)=0xc)
syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x2200)

09:07:32 executing program 1:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{&(0x7f0000000040)=""/35, 0x23}, {0x0, 0x2}, {&(0x7f0000000300)=""/165, 0xa5}], 0x3, 0x0, 0x3000000)

09:07:32 executing program 0:
perf_event_open$cgroup(&(0x7f0000000c00)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x1027, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

09:07:32 executing program 3:
r0 = syz_io_uring_setup(0x1, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100), &(0x7f0000000140)=<r1=>0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000000)={<r2=>0xffffffffffffffff})
r3 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ff8000/0x2000)=nil, 0x2000, 0x2000008, 0x4010, r0, 0x8000000)
syz_io_uring_setup(0x3f1c, &(0x7f00000003c0)={0x0, 0x8ebf, 0x4, 0x3, 0x327}, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000000440), &(0x7f0000000480))
r4 = socket$inet_tcp(0x2, 0x1, 0x0)
munmap(&(0x7f0000ff9000/0x4000)=nil, 0x4000)
syz_io_uring_submit(r3, r1, &(0x7f0000000280)=@IORING_OP_SEND={0x1a, 0x2, 0x0, r4, 0x0, &(0x7f0000000240)="99e8252dee6879877f2b770b9e6e50f24b19622e984720bce6287dcf19f9e823a69492315667", 0x26, 0x44000, 0x1}, 0x9)
pipe2(&(0x7f0000000080)={0xffffffffffffffff, <r5=>0xffffffffffffffff}, 0x0)
shmget$private(0x0, 0x13000, 0x4, &(0x7f0000fed000/0x13000)=nil)
r6 = syz_io_uring_setup(0x7ee6, &(0x7f0000000180)={0x0, 0x44ff, 0x28, 0x3, 0xc1, 0x0, r5}, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000000380), &(0x7f0000000200))
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000340))
setsockopt$SO_TIMESTAMP(r2, 0x1, 0x40, &(0x7f0000000040)=0x7, 0x4)
r7 = mmap$IORING_OFF_SQES(&(0x7f0000ff8000/0x2000)=nil, 0x2000, 0x0, 0x20010, r6, 0x10000000)
syz_io_uring_submit(r3, r7, &(0x7f00000000c0)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x0, 0x0, @fd_index=0x4, 0x401, 0x0, 0x1ff, 0x6, 0x1}, 0xb26)
syz_io_uring_setup(0xeaf, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x0, 0x2}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000fee000/0x4000)=nil, &(0x7f0000000100)=<r8=>0x0, &(0x7f0000000600)=<r9=>0x0)
r10 = socket$nl_generic(0x10, 0x3, 0x10)
syz_io_uring_submit(r8, r9, &(0x7f0000000000)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, r10, 0x0}, 0x0)
syz_io_uring_setup(0x7851, &(0x7f00000004c0)={0x0, 0xeea7, 0x1, 0x2, 0x1f4, 0x0, r6}, &(0x7f0000fef000/0x4000)=nil, &(0x7f0000ff6000/0x4000)=nil, &(0x7f0000000540), &(0x7f0000000580)=<r11=>0x0)
syz_io_uring_submit(r8, r11, &(0x7f00000005c0)=@IORING_OP_WRITE_FIXED={0x5, 0x5, 0x2004, @fd_index=0x3, 0xf18, 0x1ff, 0x2, 0x1a, 0x0, {0x2}}, 0x4)
close_range(r0, 0xffffffffffffffff, 0x0)

09:07:32 executing program 2:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000080), r0)
sendmsg$NLBL_MGMT_C_ADD(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)={0x44, r1, 0x1, 0x0, 0x0, {}, [@NLBL_MGMT_A_IPV6ADDR={0x14, 0x5, @local}, @NLBL_MGMT_A_IPV6MASK={0x14, 0x6, @mcast1}, @NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x5}]}, 0x44}, 0x1, 0x700000000000000}, 0x0)

09:07:32 executing program 7:
openat$sndseq(0xffffffffffffff9c, 0x0, 0x0)
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{0x0}, {&(0x7f0000000300)=""/165, 0xa5}], 0x2, 0x0, 0x3000000)

[ 3043.982104] Call Trace:
[ 3043.982560]  <IRQ>
[ 3043.982893]  ? x86_pmu_start+0x1c0/0x240
[ 3043.983531]  x86_pmu_enable+0x580/0xd90
[ 3043.984153]  ? amd_pmu_disable_virt+0xa0/0xa0
[ 3043.984852]  ctx_resched+0x2b9/0x3a0
[ 3043.985443]  __perf_install_in_context+0x285/0xa40
[ 3043.986176]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 3043.987038]  ? ctx_resched+0x3a0/0x3a0
[ 3043.987643]  remote_function+0x125/0x1b0
[ 3043.988274]  flush_smp_call_function_queue+0x1df/0x610
[ 3043.989073]  ? perf_duration_warn+0x40/0x40
[ 3043.989756]  __sysvec_call_function_single+0x92/0x3a0
[ 3043.990533]  sysvec_call_function_single+0x89/0xc0
[ 3043.991268]  </IRQ>
[ 3043.991596]  <TASK>
[ 3043.991926]  asm_sysvec_call_function_single+0x12/0x20
[ 3043.992705] RIP: 0010:obj_cgroup_charge+0x24b/0x6a0
[ 3043.993484] Code: 85 1c 04 00 00 48 c7 45 28 00 00 00 00 48 c7 c6 36 06 79 81 48 89 ef e8 23 d8 af ff 4d 85 ed 74 06 e8 e9 83 d1 ff fb 45 31 ed <45> 84 ff 0f 85 f2 00 00 00 41 89 de 49 89 df 41 81 e6 ff 0f 00 00
[ 3043.996280] RSP: 0000:ffff8880467efc50 EFLAGS: 00000246
[ 3043.997069] RAX: 00000000000005c3 RBX: 0000000000000108 RCX: ffffffff81283e5f
[ 3043.998195] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 3043.999282] RBP: ffff88806ce34ce0 R08: 0000000000000001 R09: ffffffff86a3e7af
[ 3044.000373] R10: fffffbfff0d47cf5 R11: 0000000000000001 R12: ffff88800926a800
[ 3044.001477] R13: 0000000000000000 R14: ffffffff86dcb780 R15: 0000000000000001
[ 3044.002554]  ? mark_lock.part.0+0xef/0x2f60
[ 3044.003230]  ? __anon_vma_prepare+0x27f/0x530
[ 3044.003930]  kmem_cache_alloc+0x9e/0x480
[ 3044.004562]  __anon_vma_prepare+0x27f/0x530
[ 3044.005261]  __handle_mm_fault+0x27e8/0x35c0
[ 3044.005932]  ? lock_is_held_type+0xd7/0x130
[ 3044.006579]  ? __pmd_alloc+0x680/0x680
[ 3044.007180]  handle_mm_fault+0x2e6/0xa20
[ 3044.007791]  do_user_addr_fault+0x54a/0x12a0
[ 3044.008465]  exc_page_fault+0xa2/0x1a0
[ 3044.009052]  ? asm_exc_page_fault+0x8/0x30
[ 3044.009719]  asm_exc_page_fault+0x1e/0x30
[ 3044.010347] RIP: 0033:0x7f928d2d407f
[ 3044.010905] Code: ff ff 4d 89 cd 48 85 c0 74 19 8b 95 44 ff ff ff 48 29 c6 48 01 c7 e8 b0 fb 04 00 85 c0 0f 85 0b 03 00 00 48 8b 85 48 ff ff ff <41> c7 45 18 01 00 00 00 4c 89 ef 49 89 85 90 06 00 00 48 8b 85 50
[ 3044.013704] RSP: 002b:00007ffe916ec880 EFLAGS: 00010246
[ 3044.014497] RAX: 00007f928a879000 RBX: 0000000000021000 RCX: 00007f928d323c27
[ 3044.015590] RDX: 0000000000000003 RSI: 0000000000020000 RDI: 00007f928a87a000
[ 3044.016672] RBP: 00007ffe916ec950 R08: 00000000ffffffff R09: 00007f928a899700
[ 3044.017750] R10: 0000000000020022 R11: 0000000000000206 R12: 00007ffe916eca60
[ 3044.018832] R13: 00007f928a899700 R14: 0000000000000000 R15: 0000000000022000
[ 3044.019938]  </TASK>
09:07:32 executing program 1:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{&(0x7f0000000040)=""/35, 0x23}, {0x0, 0x2}, {&(0x7f0000000300)=""/165, 0xa5}], 0x3, 0x0, 0x4000000)

09:07:32 executing program 7:
openat$sndseq(0xffffffffffffff9c, 0x0, 0x0)
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{0x0}, {&(0x7f0000000300)=""/165, 0xa5}], 0x2, 0x0, 0x4000000)

09:07:32 executing program 6:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{&(0x7f0000000040)=""/35, 0x23}, {0x0}, {&(0x7f0000000300)=""/165, 0xa5}], 0x3, 0x0, 0x7a00)

09:07:32 executing program 5:
socketpair$unix(0x1, 0x5, 0x0, 0x0)
sendmsg$unix(0xffffffffffffffff, 0x0, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
pwritev(r0, &(0x7f0000000640)=[{&(0x7f00000002c0)="19", 0x1}], 0x1, 0x8000000, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0)
r2 = socket$inet6(0xa, 0x1, 0x0)
bind$inet6(r2, &(0x7f00000002c0)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c)
recvfrom(r2, &(0x7f00000003c0)=""/87, 0x20010397, 0x300, 0x0, 0x0)
sendfile(r2, r1, 0x0, 0xfffffdef)
readv(0xffffffffffffffff, &(0x7f0000000040), 0x0)
openat$cgroup_freezer_state(0xffffffffffffffff, 0x0, 0x2, 0x0)
close(0xffffffffffffffff)
sendmmsg$inet6(r2, &(0x7f0000000280)=[{{&(0x7f00000000c0)={0xa, 0x4e23, 0x2, @private2={0xfc, 0x2, '\x00', 0x1}, 0x3}, 0x1c, &(0x7f0000000240)=[{&(0x7f0000000140)="06d586d56f26481f582a6058f16fe47c65785cc2530e68a314db230205a03ba213e84b002b1410d2e655582d312044a529189ad93fff1d27e98ee6f40902f0f5ab6a0904852d9e27a797e5bbd758cf3f872a80b4576840adb785f9d72f345d9a564e561efece83494f053ea98b21ebbf4dc0fd1e7aaa93d6940af3bd15750974c81e8beb", 0x84}, {&(0x7f0000000200)="3755a97a19", 0x5}], 0x2}}], 0x1, 0x4)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000001540), 0xffffffffffffffff)
sendmsg$NL80211_CMD_STOP_AP(r3, &(0x7f0000001600)={0x0, 0x0, &(0x7f00000015c0)={&(0x7f0000001580)={0x1c, 0x0, 0x1, 0x0, 0x0, {{}, {@val={0x8}, @void}}}, 0x1c}}, 0x0)
getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000000040), &(0x7f0000000080)=0xc)
syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x2200)

09:07:32 executing program 3:
signalfd4(0xffffffffffffffff, &(0x7f0000000000), 0x8, 0x80800)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000080), 0xffffffffffffffff)
pipe(&(0x7f0000000040)={<r0=>0xffffffffffffffff})
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000040)={'wlan1\x00', <r2=>0x0})
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000001540), 0xffffffffffffffff)
sendmsg$NL80211_CMD_STOP_AP(r1, &(0x7f0000001600)={0x0, 0x0, &(0x7f00000015c0)={&(0x7f0000001580)={0x1c, r3, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}}, 0x1c}}, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f00000000c0))
openat$vcsu(0xffffffffffffff9c, &(0x7f00000016c0), 0xc4140, 0x0)
syz_open_dev$mouse(&(0x7f0000002880), 0x27e6, 0x0)
signalfd4(0xffffffffffffffff, &(0x7f0000002980), 0x8, 0x800)
pipe(&(0x7f0000002dc0))
socket$inet_tcp(0x2, 0x1, 0x0)
syz_genetlink_get_family_id$ethtool(&(0x7f0000002f40), 0xffffffffffffffff)

[ 3044.172083] Call Trace:
[ 3044.172541]  <IRQ>
[ 3044.172859]  x86_pmu_stop+0x149/0x330
[ 3044.173468]  x86_pmu_del+0x1be/0x610
[ 3044.174029]  event_sched_out+0x2ed/0xe80
[ 3044.174634]  __perf_remove_from_context+0x87/0xbe0
[ 3044.175352]  event_function+0x297/0x3d0
[ 3044.175923]  ? perf_uprobe_event_init+0x1c0/0x1c0
[ 3044.176645]  remote_function+0x125/0x1b0
[ 3044.177260]  flush_smp_call_function_queue+0x1df/0x610
[ 3044.178025]  ? perf_duration_warn+0x40/0x40
[ 3044.178654]  __sysvec_call_function_single+0x92/0x3a0
[ 3044.179442]  sysvec_call_function_single+0x89/0xc0
[ 3044.180170]  </IRQ>
[ 3044.180507]  <TASK>
[ 3044.180861]  asm_sysvec_call_function_single+0x12/0x20
[ 3044.181671] RIP: 0010:lock_acquire+0x1db/0x4d0
[ 3044.182363] Code: 02 b8 ff ff ff ff 65 0f c1 05 49 91 d9 7e 83 f8 01 0f 85 86 02 00 00 48 83 7c 24 08 00 74 01 fb 48 b8 00 00 00 00 00 fc ff df <48> 01 c3 48 c7 03 00 00 00 00 48 c7 43 08 00 00 00 00 48 8b 84 24
[ 3044.185062] RSP: 0018:ffff8880427ff8c0 EFLAGS: 00000206
[ 3044.185874] RAX: dffffc0000000000 RBX: 1ffff110084fff1a RCX: 000000000000238c
[ 3044.186931] RDX: 1ffff110093e1b3c RSI: 0000000000000001 RDI: 0000000000000000
[ 3044.187988] RBP: 0000000000000001 R08: 0000000000000000 R09: ffffffff86a3e7d7
[ 3044.189040] R10: fffffbfff0d47cfa R11: 0000000000000001 R12: 0000000000000000
[ 3044.190124] R13: 0000000000000000 R14: ffff888049f0e2f0 R15: 0000000000000000
[ 3044.191208]  ? lock_release+0x6f0/0x6f0
[ 3044.191819]  ? lock_is_held_type+0xd7/0x130
[ 3044.192476]  __mutex_lock+0x136/0x1480
[ 3044.193046]  ? futex_exit_release+0x2d/0x220
[ 3044.193719]  ? taskstats_exit+0x1e9/0xab0
[ 3044.194349]  ? lock_downgrade+0x6d0/0x6d0
[ 3044.194947]  ? futex_exit_release+0x2d/0x220
[ 3044.195613]  ? mutex_lock_io_nested+0x12c0/0x12c0
[ 3044.196335]  ? _raw_spin_unlock_irqrestore+0x28/0x50
[ 3044.197066]  ? lockdep_hardirqs_on+0x79/0x100
[ 3044.197777]  ? _raw_spin_unlock_irqrestore+0x33/0x50
[ 3044.198519]  ? taskstats_exit+0x8a/0xab0
[ 3044.199116]  ? taskstats_user_cmd+0xfd0/0xfd0
[ 3044.199790]  futex_exit_release+0x2d/0x220
[ 3044.200414]  exit_mm_release+0x16/0x30
[ 3044.201046]  do_exit+0x8b9/0x27e0
[ 3044.201572]  ? find_held_lock+0x2c/0x110
[ 3044.202181]  ? lock_release+0x3b2/0x6f0
[ 3044.202763]  ? mm_update_next_owner+0x7d0/0x7d0
[ 3044.203439]  ? lock_downgrade+0x6d0/0x6d0
[ 3044.204045]  ? lock_is_held_type+0xd7/0x130
[ 3044.204689]  do_group_exit+0xd2/0x2f0
[ 3044.205276]  get_signal+0x2303/0x2350
[ 3044.205835]  ? lock_is_held_type+0xd7/0x130
[ 3044.206481]  ? signal_setup_done+0x520/0x520
[ 3044.207165]  ? call_rcu+0x585/0xa20
[ 3044.207714]  ? lockdep_hardirqs_on+0x79/0x100
[ 3044.208379]  arch_do_signal_or_restart+0x88/0x1a40
[ 3044.209110]  ? put_task_stack+0xe4/0x230
[ 3044.209728]  ? finish_task_switch.isra.0+0x650/0x870
[ 3044.210493]  ? get_sigframe_size+0x10/0x10
[ 3044.211129]  ? __schedule+0x895/0x2450
[ 3044.211717]  ? io_schedule_timeout+0x140/0x140
[ 3044.212400]  ? __x64_sys_futex_time32+0x480/0x480
[ 3044.213120]  exit_to_user_mode_prepare+0x131/0x1a0
[ 3044.213875]  syscall_exit_to_user_mode+0x19/0x50
[ 3044.214566]  do_syscall_64+0x48/0x90
[ 3044.215107]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 3044.215874] RIP: 0033:0x7f928d323b19
[ 3044.216424] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3044.219171] RSP: 002b:00007f928a899218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 3044.220282] RAX: 0000000000000001 RBX: 00007f928d436f68 RCX: 00007f928d323b19
[ 3044.221355] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f928d436f6c
[ 3044.222405] RBP: 00007f928d436f60 R08: 000000000000000e R09: 0000000000000000
[ 3044.223485] R10: 0000000000000044 R11: 0000000000000246 R12: 00007f928d436f6c
[ 3044.224577] R13: 00007ffe916ec8df R14: 00007f928a899300 R15: 0000000000022000
[ 3044.225663]  </TASK>
09:07:32 executing program 1:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{&(0x7f0000000040)=""/35, 0x23}, {0x0, 0x2}, {&(0x7f0000000300)=""/165, 0xa5}], 0x3, 0x0, 0x5000000)

09:07:32 executing program 7:
openat$sndseq(0xffffffffffffff9c, 0x0, 0x0)
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{0x0}, {&(0x7f0000000300)=""/165, 0xa5}], 0x2, 0x0, 0x5000000)

09:07:32 executing program 6:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{&(0x7f0000000040)=""/35, 0x23}, {0x0}, {&(0x7f0000000300)=""/165, 0xa5}], 0x3, 0x0, 0xa500)

[ 3044.416889] Call Trace:
[ 3044.417335]  <IRQ>
[ 3044.417641]  ? x86_pmu_start+0x1c0/0x240
[ 3044.418234]  x86_pmu_enable+0x580/0xd90
[ 3044.418805]  ? amd_pmu_disable_virt+0xa0/0xa0
[ 3044.419465]  ctx_resched+0x2b9/0x3a0
[ 3044.420052]  __perf_install_in_context+0x285/0xa40
[ 3044.420755]  ? __do_softirq+0x6b6/0x8c7
[ 3044.421365]  ? ctx_resched+0x3a0/0x3a0
[ 3044.421911]  remote_function+0x125/0x1b0
[ 3044.422493]  flush_smp_call_function_queue+0x1df/0x610
[ 3044.423237]  ? perf_duration_warn+0x40/0x40
[ 3044.423861]  __sysvec_call_function_single+0x92/0x3a0
[ 3044.424598]  sysvec_call_function_single+0x89/0xc0
[ 3044.425312]  </IRQ>
[ 3044.425626]  <TASK>
[ 3044.425941]  asm_sysvec_call_function_single+0x12/0x20
[ 3044.426683] RIP: 0010:__sanitizer_cov_trace_pc+0x37/0x60
[ 3044.427449] Code: 81 e1 00 01 00 00 65 48 8b 14 25 40 6f 02 00 a9 00 01 ff 00 74 0e 85 c9 74 35 8b 82 64 14 00 00 85 c0 74 2b 8b 82 40 14 00 00 <83> f8 02 75 20 48 8b 8a 48 14 00 00 8b 92 44 14 00 00 48 8b 01 48
[ 3044.430030] RSP: 0018:ffff88804264f800 EFLAGS: 00000246
[ 3044.430777] RAX: 0000000000000002 RBX: ffff88800ff4e400 RCX: 0000000000000000
[ 3044.431815] RDX: ffff888040738000 RSI: ffffffff836d8e07 RDI: 0000000000000003
[ 3044.432840] RBP: 000000000000a000 R08: 000000000000a000 R09: ffffffff86a3e827
[ 3044.433864] R10: ffffffff836d8df0 R11: 0000000000000001 R12: 000000000000ffcb
[ 3044.434855] R13: 0000000000000000 R14: 0000000000001000 R15: 0000000000028000
[ 3044.435856]  ? tcp_rate_check_app_limited+0xc0/0x350
[ 3044.436581]  ? tcp_rate_check_app_limited+0xd7/0x350
[ 3044.437311]  tcp_rate_check_app_limited+0xd7/0x350
[ 3044.438006]  tcp_sendpage+0x6c/0xd0
[ 3044.438523]  ? tcp_sendpage_locked+0xc0/0xc0
[ 3044.439165]  inet_sendpage+0xc9/0x130
[ 3044.439719]  kernel_sendpage.part.0+0x157/0x4a0
[ 3044.440392]  sock_sendpage+0xdf/0x140
[ 3044.440939]  ? kernel_sendpage+0xd0/0xd0
[ 3044.441530]  pipe_to_sendpage+0x2af/0x380
[ 3044.442124]  ? propagate_umount+0x1540/0x1540
[ 3044.442759]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 3044.443555]  ? splice_from_pipe_next.part.0+0x166/0x520
[ 3044.444328]  __splice_from_pipe+0x439/0x890
[ 3044.444948]  ? propagate_umount+0x1540/0x1540
[ 3044.445602]  generic_splice_sendpage+0xd5/0x140
[ 3044.446260]  ? __ia32_sys_vmsplice+0xf0/0xf0
[ 3044.446893]  ? security_file_permission+0xb1/0xd0
[ 3044.447581]  ? __ia32_sys_vmsplice+0xf0/0xf0
[ 3044.448206]  direct_splice_actor+0x10f/0x170
[ 3044.448833]  splice_direct_to_actor+0x350/0x8e0
[ 3044.449561]  ? pipe_to_sendpage+0x380/0x380
[ 3044.450180]  ? do_splice_to+0x240/0x240
[ 3044.450735]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 3044.451512]  ? security_file_permission+0xb1/0xd0
[ 3044.452213]  do_splice_direct+0x1b8/0x280
[ 3044.452807]  ? splice_direct_to_actor+0x8e0/0x8e0
[ 3044.453516]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 3044.454109]  ? security_file_permission+0xb1/0xd0
[ 3044.454631]  do_sendfile+0xad7/0x1230
[ 3044.455054]  ? __ia32_compat_sys_preadv64+0x2e0/0x2e0
[ 3044.455607]  __x64_sys_sendfile64+0x1cd/0x210
[ 3044.456087]  ? __ia32_compat_sys_sendfile64+0x210/0x210
[ 3044.456649]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3044.457377]  do_syscall_64+0x3b/0x90
[ 3044.457796]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 3044.458376] RIP: 0033:0x7f792bd1eb19
[ 3044.458799] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3044.460856] RSP: 002b:00007f7929273188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[ 3044.461910] RAX: ffffffffffffffda RBX: 00007f792be32020 RCX: 00007f792bd1eb19
[ 3044.462970] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000005
[ 3044.464009] RBP: 00007f792bd78f6d R08: 0000000000000000 R09: 0000000000000000
[ 3044.465042] R10: 00000000fffffdef R11: 0000000000000246 R12: 0000000000000000
[ 3044.466109] R13: 00007fffdbdaca8f R14: 00007f7929273300 R15: 0000000000022000
[ 3044.467175]  </TASK>
[ 3044.477410] Call Trace:
[ 3044.477848]  <TASK>
[ 3044.478190]  x86_pmu_stop+0x149/0x330
[ 3044.478869]  x86_pmu_del+0x1be/0x610
[ 3044.479408]  event_sched_out+0x2ed/0xe80
[ 3044.479986]  __perf_remove_from_context+0x87/0xbe0
[ 3044.480690]  event_function+0x297/0x3d0
[ 3044.481274]  ? perf_uprobe_event_init+0x1c0/0x1c0
[ 3044.481953]  remote_function+0x125/0x1b0
[ 3044.482531]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 3044.483306]  ? perf_duration_warn+0x40/0x40
[ 3044.483926]  generic_exec_single+0x203/0x300
[ 3044.484557]  smp_call_function_single+0x189/0x460
[ 3044.485266]  ? perf_duration_warn+0x40/0x40
[ 3044.485883]  ? generic_exec_single+0x300/0x300
[ 3044.486526]  ? perf_duration_warn+0x40/0x40
[ 3044.487148]  ? lock_is_held_type+0xd7/0x130
[ 3044.487763]  event_function_call+0x3d0/0x430
[ 3044.488387]  ? perf_group_detach+0x11b0/0x11b0
[ 3044.489038]  ? perf_copy_attr+0x9c0/0x9c0
[ 3044.489631]  ? lock_release+0x3b2/0x6f0
[ 3044.490187]  ? perf_group_detach+0x11b0/0x11b0
[ 3044.490828]  ? perf_uprobe_event_init+0x1c0/0x1c0
[ 3044.491518]  ? _raw_spin_unlock_irq+0x1f/0x40
[ 3044.492176]  perf_remove_from_context+0x12e/0x260
[ 3044.492877]  perf_event_release_kernel+0x153/0x7f0
[ 3044.493775]  ? lock_is_held_type+0xd7/0x130
[ 3044.494396]  ? perf_pmu_migrate_context+0xae0/0xae0
[ 3044.495126]  ? lock_is_held_type+0xd7/0x130
[ 3044.495761]  perf_release+0x33/0x40
[ 3044.496290]  __fput+0x272/0x9d0
[ 3044.496755]  ? perf_event_release_kernel+0x7f0/0x7f0
[ 3044.497513]  task_work_run+0xe2/0x1a0
[ 3044.498077]  exit_to_user_mode_prepare+0x199/0x1a0
[ 3044.498774]  syscall_exit_to_user_mode+0x19/0x50
[ 3044.499447]  do_syscall_64+0x48/0x90
[ 3044.499973]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 3044.500720] RIP: 0033:0x7f750a30a72b
[ 3044.501265] Code: 0f 05 48 3d 00 f0 ff ff 77 45 c3 0f 1f 40 00 48 83 ec 18 89 7c 24 0c e8 63 fc ff ff 8b 7c 24 0c 41 89 c0 b8 03 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 35 44 89 c7 89 44 24 0c e8 a1 fc ff ff 8b 44
[ 3044.503834] RSP: 002b:00007ffc8fa2e8d0 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[ 3044.504911] RAX: 0000000000000000 RBX: 0000000000000004 RCX: 00007f750a30a72b
[ 3044.505947] RDX: 00007f750a46fa68 RSI: 0000000000000080 RDI: 0000000000000003
[ 3044.506953] RBP: 0000000000000000 R08: 0000000000000000 R09: 00007f750a46fa70
[ 3044.507953] R10: 00007ffc8fa2e9c0 R11: 0000000000000293 R12: 00000000002e7404
[ 3044.508952] R13: 00000000000003e8 R14: 00007f750a46af60 R15: 00000000002e721a
[ 3044.509985]  </TASK>
09:07:49 executing program 7:
openat$sndseq(0xffffffffffffff9c, 0x0, 0x0)
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{0x0}, {&(0x7f0000000300)=""/165, 0xa5}], 0x2, 0x0, 0x6000000)

09:07:49 executing program 5:
socketpair$unix(0x1, 0x5, 0x0, 0x0)
sendmsg$unix(0xffffffffffffffff, 0x0, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x311200, 0x10)
pwritev(r0, &(0x7f0000000640)=[{&(0x7f00000002c0)="19", 0x1}], 0x1, 0x8000000, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0)
r2 = socket$inet6(0xa, 0x1, 0x0)
bind$inet6(r2, &(0x7f00000002c0)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c)
recvfrom(r2, &(0x7f00000003c0)=""/87, 0x20010397, 0x300, 0x0, 0x0)
sendfile(r2, r1, 0x0, 0xfffffdef)
readv(0xffffffffffffffff, &(0x7f0000000040), 0x0)
openat$cgroup_freezer_state(0xffffffffffffffff, 0x0, 0x2, 0x0)
close(0xffffffffffffffff)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000001540), 0xffffffffffffffff)
sendmsg$NL80211_CMD_STOP_AP(r3, &(0x7f0000001600)={0x0, 0x0, &(0x7f00000015c0)={&(0x7f0000001580)={0x1c, 0x0, 0x1, 0x0, 0x0, {{}, {@val={0x8}, @void}}}, 0x1c}}, 0x0)
getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000000040), &(0x7f0000000080)=0xc)
syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x2200)

09:07:49 executing program 1:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{&(0x7f0000000040)=""/35, 0x23}, {0x0, 0x2}, {&(0x7f0000000300)=""/165, 0xa5}], 0x3, 0x0, 0x6000000)

09:07:49 executing program 3:
r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0)
setsockopt$inet_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f0000000040), 0x4)

09:07:49 executing program 4:
prctl$PR_SET_NAME(0xf, &(0x7f0000000000)=',6\x92*!)/\x00')
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
setsockopt$bt_BT_VOICE(r0, 0x112, 0x10, &(0x7f0000000180), 0x2)

09:07:49 executing program 6:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{&(0x7f0000000040)=""/35, 0x23}, {0x0}, {&(0x7f0000000300)=""/165, 0xa5}], 0x3, 0x0, 0xbf00)

09:07:49 executing program 2:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000080), r0)
sendmsg$NLBL_MGMT_C_ADD(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)={0x4c, r1, 0x1, 0x0, 0x0, {}, [@NLBL_MGMT_A_DOMAIN={0x6, 0x1, '%\x00'}, @NLBL_MGMT_A_IPV6ADDR={0x14, 0x5, @local}, @NLBL_MGMT_A_IPV6MASK={0x14, 0x6, @mcast1}, @NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x5}]}, 0x4c}, 0x1, 0x700000000000000}, 0x0) (fail_nth: 1)

09:07:49 executing program 0:
perf_event_open$cgroup(&(0x7f0000000c00)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x1028, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

[ 3061.196977] FAULT_INJECTION: forcing a failure.
[ 3061.196977] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 3061.198726] Call Trace:
[ 3061.198737]  <IRQ>
[ 3061.198745]  ? x86_pmu_start+0x1c0/0x240
[ 3061.198778]  x86_pmu_enable+0x580/0xd90
[ 3061.198802]  ? amd_pmu_disable_virt+0xa0/0xa0
[ 3061.198844]  ctx_resched+0x2b9/0x3a0
[ 3061.198872]  __perf_install_in_context+0x285/0xa40
[ 3061.198896]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 3061.198922]  ? ctx_resched+0x3a0/0x3a0
[ 3061.198946]  remote_function+0x125/0x1b0
[ 3061.198976]  flush_smp_call_function_queue+0x1df/0x610
[ 3061.198998]  ? perf_duration_warn+0x40/0x40
[ 3061.199031]  __sysvec_call_function_single+0x92/0x3a0
[ 3061.199056]  sysvec_call_function_single+0x89/0xc0
[ 3061.199078]  </IRQ>
[ 3061.199083]  <TASK>
[ 3061.199089]  asm_sysvec_call_function_single+0x12/0x20
[ 3061.199113] RIP: 0010:console_unlock+0xcaa/0xd40
[ 3061.199136] Code: 0c 73 4b 00 e9 f3 f7 ff ff e8 e2 72 4b 00 e9 da f4 ff ff e8 f8 72 4b 00 e9 dc fc ff ff e8 de b5 18 00 e8 d9 86 1f 00 fb 31 f6 <31> ff e8 6f b7 18 00 e9 12 fe ff ff 48 c7 c7 40 ad 0d 85 e8 be 72
[ 3061.199153] RSP: 0018:ffff8880468bf788 EFLAGS: 00000246
[ 3061.199168] RAX: 00000000000002fd RBX: dffffc0000000000 RCX: ffffffff81283e5f
[ 3061.199180] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 3061.199191] RBP: 0000000000000000 R08: 0000000000000001 R09: ffffffff86a3e787
[ 3061.199203] R10: fffffbfff0d47cf0 R11: 0000000000000001 R12: ffff8880468bf7e0
[ 3061.199215] R13: ffffffff855ee750 R14: ffffffff82c6c7a0 R15: 0000000000000200
[ 3061.199228]  ? netconsole_netdev_event+0x360/0x360
[ 3061.199263]  ? mark_lock.part.0+0xef/0x2f60
[ 3061.199291]  ? console_unlock+0xca7/0xd40
[ 3061.199320]  ? devkmsg_read+0x730/0x730
[ 3061.199346]  ? lock_release+0x6f0/0x6f0
[ 3061.199378]  ? vprintk+0x80/0x90
[ 3061.199407]  vprintk_emit+0x1b4/0x550
[ 3061.199432]  vprintk+0x80/0x90
[ 3061.199456]  _printk+0xba/0xed
[ 3061.199482]  ? record_print_text.cold+0x16/0x16
[ 3061.199514]  ? lock_downgrade+0x6d0/0x6d0
[ 3061.199539]  ? ___ratelimit+0x21e/0x460
[ 3061.199564]  should_fail+0x472/0x5a0
[ 3061.199589]  _copy_from_user+0x2a/0x170
[ 3061.199617]  __copy_msghdr_from_user+0x91/0x4b0
[ 3061.199641]  ? __ia32_sys_shutdown+0x70/0x70
[ 3061.199669]  ? __lock_acquire+0xbac/0x6120
[ 3061.199701]  sendmsg_copy_msghdr+0xa1/0x160
[ 3061.199722]  ? __ia32_sys_recvmmsg+0x260/0x260
[ 3061.199742]  ? lockdep_hardirqs_on_prepare+0x400/0x400
[ 3061.199767]  ? lock_release+0x3b2/0x6f0
[ 3061.199796]  ___sys_sendmsg+0xc6/0x170
[ 3061.199819]  ? sendmsg_copy_msghdr+0x160/0x160
[ 3061.199841]  ? lock_release+0x3b2/0x6f0
[ 3061.199861]  ? __fget_files+0x265/0x470
[ 3061.199886]  ? lock_downgrade+0x6d0/0x6d0
[ 3061.199908]  ? lock_release+0x3b2/0x6f0
[ 3061.199928]  ? ksys_write+0x20c/0x250
[ 3061.199946]  ? lock_downgrade+0x6d0/0x6d0
[ 3061.199974]  ? __fget_files+0x287/0x470
[ 3061.200006]  ? __fget_light+0xea/0x270
[ 3061.200031]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[ 3061.200062]  __sys_sendmsg+0xe5/0x1b0
[ 3061.200081]  ? __sys_sendmsg_sock+0x30/0x30
[ 3061.200099]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 3061.200128]  ? __sanitizer_cov_trace_const_cmp1+0x22/0x80
[ 3061.200154]  ? fput+0x2a/0x50
[ 3061.200179]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3061.200207]  do_syscall_64+0x3b/0x90
[ 3061.200225]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 3061.200247] RIP: 0033:0x7f928d323b19
[ 3061.200260] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3061.200278] RSP: 002b:00007f928a899188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 3061.200296] RAX: ffffffffffffffda RBX: 00007f928d436f60 RCX: 00007f928d323b19
[ 3061.200308] RDX: 0000000000000000 RSI: 0000000020000200 RDI: 0000000000000004
[ 3061.200319] RBP: 00007f928a8991d0 R08: 0000000000000000 R09: 0000000000000000
[ 3061.200330] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 3061.200341] R13: 00007ffe916ec8df R14: 00007f928a899300 R15: 0000000000022000
[ 3061.200374]  </TASK>
[ 3061.207541] Call Trace:
[ 3061.207553]  <IRQ>
[ 3061.207564]  x86_pmu_stop+0x149/0x330
[ 3061.207593]  x86_pmu_del+0x1be/0x610
[ 3061.207622]  event_sched_out+0x2ed/0xe80
[ 3061.207652]  __perf_remove_from_context+0x87/0xbe0
[ 3061.207685]  event_function+0x297/0x3d0
[ 3061.207704]  ? perf_uprobe_event_init+0x1c0/0x1c0
[ 3061.207725]  remote_function+0x125/0x1b0
[ 3061.207756]  flush_smp_call_function_queue+0x1df/0x610
[ 3061.207775]  ? perf_duration_warn+0x40/0x40
[ 3061.207806]  __sysvec_call_function_single+0x92/0x3a0
[ 3061.207827]  sysvec_call_function_single+0x89/0xc0
[ 3061.207846]  </IRQ>
[ 3061.207851]  <TASK>
[ 3061.207858]  asm_sysvec_call_function_single+0x12/0x20
[ 3061.207877] RIP: 0010:console_unlock+0xcaa/0xd40
[ 3061.207896] Code: 0c 73 4b 00 e9 f3 f7 ff ff e8 e2 72 4b 00 e9 da f4 ff ff e8 f8 72 4b 00 e9 dc fc ff ff e8 de b5 18 00 e8 d9 86 1f 00 fb 31 f6 <31> ff e8 6f b7 18 00 e9 12 fe ff ff 48 c7 c7 40 ad 0d 85 e8 be 72
[ 3061.207911] RSP: 0018:ffff8880468bf788 EFLAGS: 00000246
[ 3061.207926] RAX: 0000000000000345 RBX: dffffc0000000000 RCX: ffffffff81283e5f
[ 3061.207937] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 3061.207946] RBP: 0000000000000000 R08: 0000000000000001 R09: ffffffff86a3e787
[ 3061.207957] R10: fffffbfff0d47cf0 R11: 0000000000000001 R12: ffff8880468bf7e0
[ 3061.207967] R13: ffffffff855ee750 R14: ffffffff82c6c7a0 R15: 0000000000000200
[ 3061.207979]  ? netconsole_netdev_event+0x360/0x360
[ 3061.208009]  ? mark_lock.part.0+0xef/0x2f60
[ 3061.208037]  ? console_unlock+0xca7/0xd40
[ 3061.208065]  ? devkmsg_read+0x730/0x730
[ 3061.208091]  ? lock_release+0x6f0/0x6f0
[ 3061.208126]  ? vprintk+0x80/0x90
[ 3061.208154]  vprintk_emit+0x1b4/0x550
[ 3061.208183]  vprintk+0x80/0x90
[ 3061.208205]  _printk+0xba/0xed
[ 3061.208229]  ? record_print_text.cold+0x16/0x16
[ 3061.208260]  ? lock_downgrade+0x6d0/0x6d0
[ 3061.208286]  ? ___ratelimit+0x21e/0x460
[ 3061.208310]  should_fail+0x472/0x5a0
[ 3061.208337]  _copy_from_user+0x2a/0x170
[ 3061.208364]  __copy_msghdr_from_user+0x91/0x4b0
[ 3061.208388]  ? __ia32_sys_shutdown+0x70/0x70
[ 3061.208417]  ? __lock_acquire+0xbac/0x6120
[ 3061.208445]  sendmsg_copy_msghdr+0xa1/0x160
[ 3061.208467]  ? __ia32_sys_recvmmsg+0x260/0x260
[ 3061.208488]  ? lockdep_hardirqs_on_prepare+0x400/0x400
[ 3061.208516]  ? lock_release+0x3b2/0x6f0
[ 3061.208547]  ___sys_sendmsg+0xc6/0x170
[ 3061.208570]  ? sendmsg_copy_msghdr+0x160/0x160
[ 3061.208592]  ? lock_release+0x3b2/0x6f0
[ 3061.208613]  ? __fget_files+0x265/0x470
[ 3061.208635]  ? lock_downgrade+0x6d0/0x6d0
[ 3061.208655]  ? lock_release+0x3b2/0x6f0
[ 3061.208674]  ? ksys_write+0x20c/0x250
[ 3061.208691]  ? lock_downgrade+0x6d0/0x6d0
[ 3061.208720]  ? __fget_files+0x287/0x470
[ 3061.208755]  ? __fget_light+0xea/0x270
[ 3061.208780]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[ 3061.208811]  __sys_sendmsg+0xe5/0x1b0
[ 3061.208831]  ? __sys_sendmsg_sock+0x30/0x30
[ 3061.208850]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 3061.208875]  ? __sanitizer_cov_trace_const_cmp1+0x22/0x80
[ 3061.208901]  ? fput+0x2a/0x50
[ 3061.208926]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3061.208957]  do_syscall_64+0x3b/0x90
[ 3061.208975]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 3061.208994] RIP: 0033:0x7f928d323b19
[ 3061.209007] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3061.209023] RSP: 002b:00007f928a899188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 3061.209041] RAX: ffffffffffffffda RBX: 00007f928d436f60 RCX: 00007f928d323b19
[ 3061.209053] RDX: 0000000000000000 RSI: 0000000020000200 RDI: 0000000000000004
09:07:49 executing program 6:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{&(0x7f0000000040)=""/35, 0x23}, {0x0}, {&(0x7f0000000300)=""/165, 0xa5}], 0x3, 0x0, 0x100000)

09:07:49 executing program 1:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{&(0x7f0000000040)=""/35, 0x23}, {0x0, 0x2}, {&(0x7f0000000300)=""/165, 0xa5}], 0x3, 0x0, 0x7000000)

09:07:49 executing program 0:
perf_event_open$cgroup(&(0x7f0000000c00)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x1029, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

[ 3061.209065] RBP: 00007f928a8991d0 R08: 0000000000000000 R09: 0000000000000000
[ 3061.209076] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 3061.209086] R13: 00007ffe916ec8df R14: 00007f928a899300 R15: 0000000000022000
[ 3061.209117]  </TASK>
[ 3061.215383] Call Trace:
[ 3061.215392]  <IRQ>
[ 3061.215399]  ? x86_pmu_start+0x1c0/0x240
[ 3061.215429]  x86_pmu_enable+0x580/0xd90
[ 3061.215450]  ? amd_pmu_disable_virt+0xa0/0xa0
[ 3061.215491]  ctx_resched+0x2b9/0x3a0
[ 3061.215519]  __perf_install_in_context+0x285/0xa40
[ 3061.215543]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 3061.215569]  ? ctx_resched+0x3a0/0x3a0
[ 3061.215592]  remote_function+0x125/0x1b0
[ 3061.215622]  flush_smp_call_function_queue+0x1df/0x610
[ 3061.215641]  ? perf_duration_warn+0x40/0x40
[ 3061.215672]  __sysvec_call_function_single+0x92/0x3a0
[ 3061.215697]  sysvec_call_function_single+0x89/0xc0
[ 3061.215719]  </IRQ>
[ 3061.215725]  <TASK>
[ 3061.215733]  asm_sysvec_call_function_single+0x12/0x20
[ 3061.215755] RIP: 0010:console_unlock+0xcaa/0xd40
[ 3061.215776] Code: 0c 73 4b 00 e9 f3 f7 ff ff e8 e2 72 4b 00 e9 da f4 ff ff e8 f8 72 4b 00 e9 dc fc ff ff e8 de b5 18 00 e8 d9 86 1f 00 fb 31 f6 <31> ff e8 6f b7 18 00 e9 12 fe ff ff 48 c7 c7 40 ad 0d 85 e8 be 72
[ 3061.215791] RSP: 0018:ffff8880468bf788 EFLAGS: 00000246
[ 3061.215807] RAX: 000000000000035f RBX: dffffc0000000000 RCX: ffffffff81283e5f
[ 3061.215820] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 3061.215831] RBP: 0000000000000000 R08: 0000000000000001 R09: ffffffff86a3e787
[ 3061.215843] R10: fffffbfff0d47cf0 R11: 0000000000000001 R12: ffff8880468bf7e0
[ 3061.215854] R13: ffffffff855ee750 R14: ffffffff82c6c7a0 R15: 0000000000000200
[ 3061.215866]  ? netconsole_netdev_event+0x360/0x360
[ 3061.215898]  ? mark_lock.part.0+0xef/0x2f60
[ 3061.215926]  ? console_unlock+0xca7/0xd40
[ 3061.215955]  ? devkmsg_read+0x730/0x730
[ 3061.215980]  ? lock_release+0x6f0/0x6f0
[ 3061.216016]  ? vprintk+0x80/0x90
[ 3061.216045]  vprintk_emit+0x1b4/0x550
[ 3061.216073]  vprintk+0x80/0x90
[ 3061.216093]  _printk+0xba/0xed
[ 3061.216116]  ? record_print_text.cold+0x16/0x16
[ 3061.216147]  ? lock_downgrade+0x6d0/0x6d0
[ 3061.216170]  ? ___ratelimit+0x21e/0x460
[ 3061.216195]  should_fail+0x472/0x5a0
[ 3061.216223]  _copy_from_user+0x2a/0x170
[ 3061.216249]  __copy_msghdr_from_user+0x91/0x4b0
[ 3061.216273]  ? __ia32_sys_shutdown+0x70/0x70
[ 3061.216300]  ? __lock_acquire+0xbac/0x6120
[ 3061.216328]  sendmsg_copy_msghdr+0xa1/0x160
[ 3061.216347]  ? __ia32_sys_recvmmsg+0x260/0x260
[ 3061.216367]  ? lockdep_hardirqs_on_prepare+0x400/0x400
[ 3061.216395]  ? lock_release+0x3b2/0x6f0
[ 3061.216426]  ___sys_sendmsg+0xc6/0x170
[ 3061.216449]  ? sendmsg_copy_msghdr+0x160/0x160
[ 3061.216471]  ? lock_release+0x3b2/0x6f0
[ 3061.216491]  ? __fget_files+0x265/0x470
[ 3061.216514]  ? lock_downgrade+0x6d0/0x6d0
[ 3061.216535]  ? lock_release+0x3b2/0x6f0
[ 3061.216555]  ? ksys_write+0x20c/0x250
[ 3061.216569]  ? lock_downgrade+0x6d0/0x6d0
[ 3061.216594]  ? __fget_files+0x287/0x470
[ 3061.216630]  ? __fget_light+0xea/0x270
[ 3061.216655]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[ 3061.216685]  __sys_sendmsg+0xe5/0x1b0
[ 3061.216706]  ? __sys_sendmsg_sock+0x30/0x30
[ 3061.216724]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 3061.216753]  ? __sanitizer_cov_trace_const_cmp1+0x22/0x80
[ 3061.216778]  ? fput+0x2a/0x50
[ 3061.216800]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3061.216829]  do_syscall_64+0x3b/0x90
[ 3061.216848]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 3061.216869] RIP: 0033:0x7f928d323b19
[ 3061.216883] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3061.216899] RSP: 002b:00007f928a899188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 3061.216915] RAX: ffffffffffffffda RBX: 00007f928d436f60 RCX: 00007f928d323b19
[ 3061.216927] RDX: 0000000000000000 RSI: 0000000020000200 RDI: 0000000000000004
[ 3061.216938] RBP: 00007f928a8991d0 R08: 0000000000000000 R09: 0000000000000000
[ 3061.216950] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 3061.216961] R13: 00007ffe916ec8df R14: 00007f928a899300 R15: 0000000000022000
[ 3061.216994]  </TASK>
[ 3061.223322] Call Trace:
[ 3061.223334]  <IRQ>
09:07:49 executing program 3:
socketpair$unix(0x1, 0x5, 0x0, 0x0)
sendmsg$unix(0xffffffffffffffff, 0x0, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
pwritev(r0, &(0x7f0000000640)=[{&(0x7f00000002c0)="19", 0x1}], 0x1, 0x8000000, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0)
r2 = socket$inet6(0xa, 0x1, 0x0)
bind$inet6(r2, &(0x7f00000002c0)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c)
recvfrom(r2, &(0x7f00000003c0)=""/87, 0x20010397, 0x300, 0x0, 0x0)
sendfile(r2, r1, 0x0, 0xfffffdef)
readv(0xffffffffffffffff, &(0x7f0000000040), 0x0)
openat$cgroup_freezer_state(0xffffffffffffffff, 0x0, 0x2, 0x0)
close(0xffffffffffffffff)
sendmmsg$inet6(r2, &(0x7f0000000280)=[{{&(0x7f00000000c0)={0xa, 0x4e23, 0x2, @private2={0xfc, 0x2, '\x00', 0x1}, 0x3}, 0x1c, &(0x7f0000000240)=[{&(0x7f0000000140)="06d586d56f26481f582a6058f16fe47c65785cc2530e68a314db230205a03ba213e84b002b1410d2e655582d312044a529189ad93fff1d27e98ee6f40902f0f5ab6a0904852d9e27a797e5bbd758cf3f872a80b4576840adb785f9d72f345d9a564e561efece83494f053ea98b21ebbf4dc0fd1e7aaa93d6940af3bd15750974c81e8beb", 0x84}, {&(0x7f0000000200)="3755a97a19", 0x5}], 0x2}}], 0x1, 0x4)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000001540), 0xffffffffffffffff)
sendmsg$NL80211_CMD_STOP_AP(r3, &(0x7f0000001600)={0x0, 0x0, &(0x7f00000015c0)={&(0x7f0000001580)={0x1c, 0x0, 0x1, 0x0, 0x0, {{}, {@val={0x8}, @void}}}, 0x1c}}, 0x0)
getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000000040), &(0x7f0000000080)=0xc)
syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x2200)

[ 3061.223345]  x86_pmu_stop+0x149/0x330
[ 3061.223373]  x86_pmu_del+0x1be/0x610
[ 3061.223401]  event_sched_out+0x2ed/0xe80
[ 3061.223429]  __perf_remove_from_context+0x87/0xbe0
[ 3061.223457]  event_function+0x297/0x3d0
[ 3061.223475]  ? perf_uprobe_event_init+0x1c0/0x1c0
[ 3061.223494]  remote_function+0x125/0x1b0
[ 3061.223522]  flush_smp_call_function_queue+0x1df/0x610
[ 3061.223542]  ? perf_duration_warn+0x40/0x40
[ 3061.223572]  __sysvec_call_function_single+0x92/0x3a0
[ 3061.223596]  sysvec_call_function_single+0x89/0xc0
[ 3061.223617]  </IRQ>
[ 3061.223622]  <TASK>
[ 3061.223629]  asm_sysvec_call_function_single+0x12/0x20
[ 3061.223650] RIP: 0010:console_unlock+0xcaa/0xd40
[ 3061.223672] Code: 0c 73 4b 00 e9 f3 f7 ff ff e8 e2 72 4b 00 e9 da f4 ff ff e8 f8 72 4b 00 e9 dc fc ff ff e8 de b5 18 00 e8 d9 86 1f 00 fb 31 f6 <31> ff e8 6f b7 18 00 e9 12 fe ff ff 48 c7 c7 40 ad 0d 85 e8 be 72
[ 3061.223687] RSP: 0018:ffff8880468bf788 EFLAGS: 00000246
[ 3061.223702] RAX: 0000000000000379 RBX: dffffc0000000000 RCX: ffffffff81283e5f
[ 3061.223715] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 3061.223726] RBP: 0000000000000000 R08: 0000000000000001 R09: ffffffff86a3e787
[ 3061.223736] R10: fffffbfff0d47cf0 R11: 0000000000000001 R12: ffff8880468bf7e0
[ 3061.223747] R13: ffffffff855ee750 R14: ffffffff82c6c7a0 R15: 0000000000000200
[ 3061.223761]  ? netconsole_netdev_event+0x360/0x360
[ 3061.223792]  ? mark_lock.part.0+0xef/0x2f60
[ 3061.223819]  ? console_unlock+0xca7/0xd40
[ 3061.223845]  ? devkmsg_read+0x730/0x730
[ 3061.223868]  ? lock_release+0x6f0/0x6f0
[ 3061.223898]  ? vprintk+0x80/0x90
[ 3061.223922]  vprintk_emit+0x1b4/0x550
[ 3061.223947]  vprintk+0x80/0x90
[ 3061.223968]  _printk+0xba/0xed
[ 3061.223993]  ? record_print_text.cold+0x16/0x16
[ 3061.224021]  ? lock_downgrade+0x6d0/0x6d0
[ 3061.224044]  ? ___ratelimit+0x21e/0x460
[ 3061.224068]  should_fail+0x472/0x5a0
[ 3061.224094]  _copy_from_user+0x2a/0x170
[ 3061.224119]  __copy_msghdr_from_user+0x91/0x4b0
[ 3061.224141]  ? __ia32_sys_shutdown+0x70/0x70
[ 3061.224166]  ? __lock_acquire+0xbac/0x6120
[ 3061.224196]  sendmsg_copy_msghdr+0xa1/0x160
[ 3061.224216]  ? __ia32_sys_recvmmsg+0x260/0x260
[ 3061.224236]  ? lockdep_hardirqs_on_prepare+0x400/0x400
[ 3061.224260]  ? lock_release+0x3b2/0x6f0
[ 3061.224288]  ___sys_sendmsg+0xc6/0x170
[ 3061.224309]  ? sendmsg_copy_msghdr+0x160/0x160
[ 3061.224328]  ? lock_release+0x3b2/0x6f0
[ 3061.224346]  ? __fget_files+0x265/0x470
[ 3061.224368]  ? lock_downgrade+0x6d0/0x6d0
[ 3061.224389]  ? lock_release+0x3b2/0x6f0
[ 3061.224408]  ? ksys_write+0x20c/0x250
[ 3061.224424]  ? lock_downgrade+0x6d0/0x6d0
[ 3061.224450]  ? __fget_files+0x287/0x470
[ 3061.224480]  ? __fget_light+0xea/0x270
[ 3061.224504]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[ 3061.224534]  __sys_sendmsg+0xe5/0x1b0
[ 3061.224553]  ? __sys_sendmsg_sock+0x30/0x30
[ 3061.224571]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 3061.224597]  ? __sanitizer_cov_trace_const_cmp1+0x22/0x80
[ 3061.224620]  ? fput+0x2a/0x50
[ 3061.224642]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3061.224671]  do_syscall_64+0x3b/0x90
[ 3061.224688]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 3061.224707] RIP: 0033:0x7f928d323b19
[ 3061.224722] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3061.224736] RSP: 002b:00007f928a899188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 3061.224753] RAX: ffffffffffffffda RBX: 00007f928d436f60 RCX: 00007f928d323b19
[ 3061.224765] RDX: 0000000000000000 RSI: 0000000020000200 RDI: 0000000000000004
[ 3061.224776] RBP: 00007f928a8991d0 R08: 0000000000000000 R09: 0000000000000000
[ 3061.224787] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 3061.224797] R13: 00007ffe916ec8df R14: 00007f928a899300 R15: 0000000000022000
[ 3061.224824]  </TASK>
[ 3061.370882] Call Trace:
[ 3061.370899]  <IRQ>
[ 3061.370908]  ? x86_pmu_start+0x1c0/0x240
[ 3061.370947]  x86_pmu_enable+0x580/0xd90
[ 3061.370969]  ? amd_pmu_disable_virt+0xa0/0xa0
[ 3061.371005]  ctx_resched+0x2b9/0x3a0
[ 3061.371032]  __perf_install_in_context+0x285/0xa40
[ 3061.371055]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 3061.371081]  ? ctx_resched+0x3a0/0x3a0
[ 3061.371104]  remote_function+0x125/0x1b0
[ 3061.371134]  flush_smp_call_function_queue+0x1df/0x610
[ 3061.371155]  ? perf_duration_warn+0x40/0x40
[ 3061.371183]  __sysvec_call_function_single+0x92/0x3a0
[ 3061.371207]  sysvec_call_function_single+0x89/0xc0
[ 3061.371230]  </IRQ>
[ 3061.371235]  <TASK>
[ 3061.371242]  asm_sysvec_call_function_single+0x12/0x20
[ 3061.371265] RIP: 0010:console_unlock+0xcaa/0xd40
[ 3061.371287] Code: 0c 73 4b 00 e9 f3 f7 ff ff e8 e2 72 4b 00 e9 da f4 ff ff e8 f8 72 4b 00 e9 dc fc ff ff e8 de b5 18 00 e8 d9 86 1f 00 fb 31 f6 <31> ff e8 6f b7 18 00 e9 12 fe ff ff 48 c7 c7 40 ad 0d 85 e8 be 72
[ 3061.371304] RSP: 0018:ffff8880468bf788 EFLAGS: 00000246
[ 3061.371319] RAX: 0000000000000905 RBX: dffffc0000000000 RCX: ffffffff81283e5f
[ 3061.371330] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 3061.371340] RBP: 0000000000000000 R08: 0000000000000001 R09: ffffffff86a3e787
[ 3061.371351] R10: fffffbfff0d47cf0 R11: 0000000000000001 R12: ffff8880468bf7e0
[ 3061.371362] R13: ffffffff855ee750 R14: ffffffff82c6c7a0 R15: 0000000000000200
[ 3061.371374]  ? netconsole_netdev_event+0x360/0x360
[ 3061.371406]  ? mark_lock.part.0+0xef/0x2f60
[ 3061.371432]  ? console_unlock+0xca7/0xd40
[ 3061.371456]  ? devkmsg_read+0x730/0x730
[ 3061.371478]  ? lock_release+0x6f0/0x6f0
[ 3061.371509]  ? vprintk+0x80/0x90
[ 3061.371534]  vprintk_emit+0x1b4/0x550
[ 3061.371559]  vprintk+0x80/0x90
[ 3061.371580]  _printk+0xba/0xed
[ 3061.371605]  ? record_print_text.cold+0x16/0x16
[ 3061.371633]  ? lock_downgrade+0x6d0/0x6d0
[ 3061.371655]  ? ___ratelimit+0x21e/0x460
[ 3061.371679]  should_fail+0x472/0x5a0
[ 3061.371703]  _copy_from_user+0x2a/0x170
[ 3061.371726]  __copy_msghdr_from_user+0x91/0x4b0
[ 3061.371747]  ? __ia32_sys_shutdown+0x70/0x70
[ 3061.371768]  ? __lock_acquire+0xbac/0x6120
[ 3061.371794]  sendmsg_copy_msghdr+0xa1/0x160
[ 3061.371811]  ? __ia32_sys_recvmmsg+0x260/0x260
[ 3061.371828]  ? lockdep_hardirqs_on_prepare+0x400/0x400
[ 3061.371849]  ? lock_release+0x3b2/0x6f0
[ 3061.371873]  ___sys_sendmsg+0xc6/0x170
[ 3061.371891]  ? sendmsg_copy_msghdr+0x160/0x160
[ 3061.371908]  ? lock_release+0x3b2/0x6f0
[ 3061.371923]  ? __fget_files+0x265/0x470
[ 3061.371943]  ? lock_downgrade+0x6d0/0x6d0
[ 3061.371962]  ? lock_release+0x3b2/0x6f0
[ 3061.371977]  ? ksys_write+0x20c/0x250
[ 3061.371992]  ? lock_downgrade+0x6d0/0x6d0
[ 3061.372016]  ? __fget_files+0x287/0x470
[ 3061.372047]  ? __fget_light+0xea/0x270
[ 3061.372069]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[ 3061.372097]  __sys_sendmsg+0xe5/0x1b0
[ 3061.372116]  ? __sys_sendmsg_sock+0x30/0x30
[ 3061.372133]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 3061.372160]  ? __sanitizer_cov_trace_const_cmp1+0x22/0x80
[ 3061.372183]  ? fput+0x2a/0x50
[ 3061.372206]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3061.372232]  do_syscall_64+0x3b/0x90
[ 3061.372248]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 3061.372269] RIP: 0033:0x7f928d323b19
[ 3061.372287] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3061.372303] RSP: 002b:00007f928a899188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 3061.372320] RAX: ffffffffffffffda RBX: 00007f928d436f60 RCX: 00007f928d323b19
[ 3061.372332] RDX: 0000000000000000 RSI: 0000000020000200 RDI: 0000000000000004
[ 3061.372343] RBP: 00007f928a8991d0 R08: 0000000000000000 R09: 0000000000000000
[ 3061.372354] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 3061.372364] R13: 00007ffe916ec8df R14: 00007f928a899300 R15: 0000000000022000
[ 3061.372395]  </TASK>
[ 3061.382323] Call Trace:
[ 3061.382335]  <IRQ>
[ 3061.382346]  x86_pmu_stop+0x149/0x330
[ 3061.382382]  x86_pmu_del+0x1be/0x610
[ 3061.382412]  event_sched_out+0x2ed/0xe80
[ 3061.382438]  __perf_remove_from_context+0x87/0xbe0
[ 3061.382469]  event_function+0x297/0x3d0
[ 3061.382489]  ? perf_uprobe_event_init+0x1c0/0x1c0
[ 3061.382510]  remote_function+0x125/0x1b0
[ 3061.382542]  flush_smp_call_function_queue+0x1df/0x610
[ 3061.382565]  ? perf_duration_warn+0x40/0x40
[ 3061.382596]  __sysvec_call_function_single+0x92/0x3a0
[ 3061.382621]  sysvec_call_function_single+0x89/0xc0
[ 3061.382645]  </IRQ>
[ 3061.382651]  <TASK>
[ 3061.382659]  asm_sysvec_call_function_single+0x12/0x20
[ 3061.382682] RIP: 0010:console_unlock+0xcaa/0xd40
[ 3061.382704] Code: 0c 73 4b 00 e9 f3 f7 ff ff e8 e2 72 4b 00 e9 da f4 ff ff e8 f8 72 4b 00 e9 dc fc ff ff e8 de b5 18 00 e8 d9 86 1f 00 fb 31 f6 <31> ff e8 6f b7 18 00 e9 12 fe ff ff 48 c7 c7 40 ad 0d 85 e8 be 72
[ 3061.382721] RSP: 0018:ffff8880468bf788 EFLAGS: 00000246
[ 3061.382737] RAX: 0000000000000939 RBX: dffffc0000000000 RCX: ffffffff81283e5f
[ 3061.382748] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 3061.382759] RBP: 0000000000000000 R08: 0000000000000001 R09: ffffffff86a3e787
[ 3061.382771] R10: fffffbfff0d47cf0 R11: 0000000000000001 R12: ffff8880468bf7e0
[ 3061.382783] R13: ffffffff855ee750 R14: ffffffff82c6c7a0 R15: 0000000000000200
[ 3061.382797]  ? netconsole_netdev_event+0x360/0x360
[ 3061.382834]  ? mark_lock.part.0+0xef/0x2f60
[ 3061.382863]  ? console_unlock+0xca7/0xd40
[ 3061.382892]  ? devkmsg_read+0x730/0x730
[ 3061.382917]  ? lock_release+0x6f0/0x6f0
[ 3061.382954]  ? vprintk+0x80/0x90
[ 3061.382981]  vprintk_emit+0x1b4/0x550
[ 3061.383010]  vprintk+0x80/0x90
[ 3061.383033]  _printk+0xba/0xed
[ 3061.383057]  ? record_print_text.cold+0x16/0x16
[ 3061.383085]  ? lock_downgrade+0x6d0/0x6d0
[ 3061.383111]  ? ___ratelimit+0x21e/0x460
[ 3061.383138]  should_fail+0x472/0x5a0
[ 3061.383167]  _copy_from_user+0x2a/0x170
[ 3061.383195]  __copy_msghdr_from_user+0x91/0x4b0
[ 3061.383218]  ? __ia32_sys_shutdown+0x70/0x70
[ 3061.383246]  ? __lock_acquire+0xbac/0x6120
[ 3061.383276]  sendmsg_copy_msghdr+0xa1/0x160
[ 3061.383299]  ? __ia32_sys_recvmmsg+0x260/0x260
[ 3061.383321]  ? lockdep_hardirqs_on_prepare+0x400/0x400
[ 3061.383348]  ? lock_release+0x3b2/0x6f0
[ 3061.383377]  ___sys_sendmsg+0xc6/0x170
[ 3061.383400]  ? sendmsg_copy_msghdr+0x160/0x160
[ 3061.383423]  ? lock_release+0x3b2/0x6f0
[ 3061.383443]  ? __fget_files+0x265/0x470
[ 3061.383468]  ? lock_downgrade+0x6d0/0x6d0
[ 3061.383491]  ? lock_release+0x3b2/0x6f0
[ 3061.383511]  ? ksys_write+0x20c/0x250
[ 3061.383528]  ? lock_downgrade+0x6d0/0x6d0
[ 3061.383555]  ? __fget_files+0x287/0x470
[ 3061.383591]  ? __fget_light+0xea/0x270
[ 3061.383615]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[ 3061.383649]  __sys_sendmsg+0xe5/0x1b0
[ 3061.383667]  ? __sys_sendmsg_sock+0x30/0x30
[ 3061.383685]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 3061.383714]  ? __sanitizer_cov_trace_const_cmp1+0x22/0x80
[ 3061.383740]  ? fput+0x2a/0x50
[ 3061.383765]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3061.383796]  do_syscall_64+0x3b/0x90
[ 3061.383813]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 3061.383832] RIP: 0033:0x7f928d323b19
[ 3061.383848] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3061.383865] RSP: 002b:00007f928a899188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 3061.383883] RAX: ffffffffffffffda RBX: 00007f928d436f60 RCX: 00007f928d323b19
[ 3061.383895] RDX: 0000000000000000 RSI: 0000000020000200 RDI: 0000000000000004
[ 3061.383907] RBP: 00007f928a8991d0 R08: 0000000000000000 R09: 0000000000000000
[ 3061.383921] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 3061.383934] R13: 00007ffe916ec8df R14: 00007f928a899300 R15: 0000000000022000
[ 3061.383968]  </TASK>
[ 3061.391525] Call Trace:
[ 3061.391536]  <IRQ>
[ 3061.391545]  ? x86_pmu_start+0x1c0/0x240
[ 3061.391579]  x86_pmu_enable+0x580/0xd90
[ 3061.391603]  ? amd_pmu_disable_virt+0xa0/0xa0
[ 3061.391644]  ctx_resched+0x2b9/0x3a0
[ 3061.391673]  __perf_install_in_context+0x285/0xa40
[ 3061.391698]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 3061.391720]  ? ctx_resched+0x3a0/0x3a0
[ 3061.391742]  remote_function+0x125/0x1b0
[ 3061.391775]  flush_smp_call_function_queue+0x1df/0x610
[ 3061.391797]  ? perf_duration_warn+0x40/0x40
[ 3061.391827]  __sysvec_call_function_single+0x92/0x3a0
[ 3061.391853]  sysvec_call_function_single+0x89/0xc0
[ 3061.391875]  </IRQ>
[ 3061.391881]  <TASK>
[ 3061.391888]  asm_sysvec_call_function_single+0x12/0x20
[ 3061.391911] RIP: 0010:console_unlock+0xcaa/0xd40
[ 3061.391934] Code: 0c 73 4b 00 e9 f3 f7 ff ff e8 e2 72 4b 00 e9 da f4 ff ff e8 f8 72 4b 00 e9 dc fc ff ff e8 de b5 18 00 e8 d9 86 1f 00 fb 31 f6 <31> ff e8 6f b7 18 00 e9 12 fe ff ff 48 c7 c7 40 ad 0d 85 e8 be 72
[ 3061.391952] RSP: 0018:ffff8880468bf788 EFLAGS: 00000246
[ 3061.391968] RAX: 0000000000000957 RBX: dffffc0000000000 RCX: ffffffff81283e5f
[ 3061.391981] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 3061.391993] RBP: 0000000000000000 R08: 0000000000000001 R09: ffffffff86a3e787
[ 3061.392005] R10: fffffbfff0d47cf0 R11: 0000000000000001 R12: ffff8880468bf7e0
[ 3061.392017] R13: ffffffff855ee750 R14: ffffffff82c6c7a0 R15: 0000000000000200
[ 3061.392030]  ? netconsole_netdev_event+0x360/0x360
[ 3061.392061]  ? mark_lock.part.0+0xef/0x2f60
[ 3061.392091]  ? console_unlock+0xca7/0xd40
[ 3061.392117]  ? devkmsg_read+0x730/0x730
[ 3061.392144]  ? lock_release+0x6f0/0x6f0
[ 3061.392179]  ? vprintk+0x80/0x90
[ 3061.392207]  vprintk_emit+0x1b4/0x550
[ 3061.392235]  vprintk+0x80/0x90
[ 3061.392258]  _printk+0xba/0xed
[ 3061.392284]  ? record_print_text.cold+0x16/0x16
[ 3061.392316]  ? lock_downgrade+0x6d0/0x6d0
[ 3061.392341]  ? ___ratelimit+0x21e/0x460
[ 3061.392362]  should_fail+0x472/0x5a0
[ 3061.392388]  _copy_from_user+0x2a/0x170
[ 3061.392414]  __copy_msghdr_from_user+0x91/0x4b0
[ 3061.392439]  ? __ia32_sys_shutdown+0x70/0x70
[ 3061.392466]  ? __lock_acquire+0xbac/0x6120
[ 3061.392499]  sendmsg_copy_msghdr+0xa1/0x160
[ 3061.392521]  ? __ia32_sys_recvmmsg+0x260/0x260
[ 3061.392542]  ? lockdep_hardirqs_on_prepare+0x400/0x400
[ 3061.392569]  ? lock_release+0x3b2/0x6f0
[ 3061.392601]  ___sys_sendmsg+0xc6/0x170
[ 3061.392624]  ? sendmsg_copy_msghdr+0x160/0x160
[ 3061.392647]  ? lock_release+0x3b2/0x6f0
[ 3061.392668]  ? __fget_files+0x265/0x470
[ 3061.392686]  ? lock_downgrade+0x6d0/0x6d0
[ 3061.392707]  ? lock_release+0x3b2/0x6f0
[ 3061.392728]  ? ksys_write+0x20c/0x250
[ 3061.392746]  ? lock_downgrade+0x6d0/0x6d0
[ 3061.392774]  ? __fget_files+0x287/0x470
[ 3061.392809]  ? __fget_light+0xea/0x270
[ 3061.392834]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[ 3061.392863]  __sys_sendmsg+0xe5/0x1b0
[ 3061.392885]  ? __sys_sendmsg_sock+0x30/0x30
[ 3061.392904]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 3061.392933]  ? __sanitizer_cov_trace_const_cmp1+0x22/0x80
[ 3061.392959]  ? fput+0x2a/0x50
[ 3061.392982]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3061.393009]  do_syscall_64+0x3b/0x90
[ 3061.393027]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 3061.393048] RIP: 0033:0x7f928d323b19
[ 3061.393063] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3061.393081] RSP: 002b:00007f928a899188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 3061.393100] RAX: ffffffffffffffda RBX: 00007f928d436f60 RCX: 00007f928d323b19
[ 3061.393112] RDX: 0000000000000000 RSI: 0000000020000200 RDI: 0000000000000004
[ 3061.393124] RBP: 00007f928a8991d0 R08: 0000000000000000 R09: 0000000000000000
[ 3061.393135] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 3061.393146] R13: 00007ffe916ec8df R14: 00007f928a899300 R15: 0000000000022000
[ 3061.393178]  </TASK>
[ 3061.398230] Call Trace:
[ 3061.398240]  <IRQ>
[ 3061.398251]  x86_pmu_stop+0x149/0x330
[ 3061.398285]  x86_pmu_del+0x1be/0x610
[ 3061.398314]  event_sched_out+0x2ed/0xe80
[ 3061.398340]  __perf_remove_from_context+0x87/0xbe0
[ 3061.398372]  event_function+0x297/0x3d0
[ 3061.398390]  ? perf_uprobe_event_init+0x1c0/0x1c0
[ 3061.398411]  remote_function+0x125/0x1b0
[ 3061.398443]  flush_smp_call_function_queue+0x1df/0x610
[ 3061.398465]  ? perf_duration_warn+0x40/0x40
[ 3061.398498]  __sysvec_call_function_single+0x92/0x3a0
[ 3061.398520]  sysvec_call_function_single+0x89/0xc0
[ 3061.398541]  </IRQ>
[ 3061.398547]  <TASK>
[ 3061.398555]  asm_sysvec_call_function_single+0x12/0x20
[ 3061.398578] RIP: 0010:console_unlock+0xcaa/0xd40
[ 3061.398600] Code: 0c 73 4b 00 e9 f3 f7 ff ff e8 e2 72 4b 00 e9 da f4 ff ff e8 f8 72 4b 00 e9 dc fc ff ff e8 de b5 18 00 e8 d9 86 1f 00 fb 31 f6 <31> ff e8 6f b7 18 00 e9 12 fe ff ff 48 c7 c7 40 ad 0d 85 e8 be 72
[ 3061.398617] RSP: 0018:ffff8880468bf788 EFLAGS: 00000246
[ 3061.398631] RAX: 000000000000096d RBX: dffffc0000000000 RCX: ffffffff81283e5f
[ 3061.398643] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 3061.398654] RBP: 0000000000000000 R08: 0000000000000001 R09: ffffffff86a3e787
[ 3061.398665] R10: fffffbfff0d47cf0 R11: 0000000000000001 R12: ffff8880468bf7e0
[ 3061.398678] R13: ffffffff855ee750 R14: ffffffff82c6c7a0 R15: 0000000000000200
[ 3061.398692]  ? netconsole_netdev_event+0x360/0x360
[ 3061.398726]  ? mark_lock.part.0+0xef/0x2f60
[ 3061.398755]  ? console_unlock+0xca7/0xd40
[ 3061.398784]  ? devkmsg_read+0x730/0x730
[ 3061.398810]  ? lock_release+0x6f0/0x6f0
[ 3061.398844]  ? vprintk+0x80/0x90
[ 3061.398870]  vprintk_emit+0x1b4/0x550
[ 3061.398898]  vprintk+0x80/0x90
[ 3061.398921]  _printk+0xba/0xed
[ 3061.398944]  ? record_print_text.cold+0x16/0x16
[ 3061.398970]  ? lock_downgrade+0x6d0/0x6d0
[ 3061.398991]  ? ___ratelimit+0x21e/0x460
[ 3061.399012]  should_fail+0x472/0x5a0
[ 3061.399036]  _copy_from_user+0x2a/0x170
[ 3061.399059]  __copy_msghdr_from_user+0x91/0x4b0
[ 3061.399080]  ? __ia32_sys_shutdown+0x70/0x70
[ 3061.399103]  ? __lock_acquire+0xbac/0x6120
[ 3061.399128]  sendmsg_copy_msghdr+0xa1/0x160
[ 3061.399147]  ? __ia32_sys_recvmmsg+0x260/0x260
[ 3061.399168]  ? lockdep_hardirqs_on_prepare+0x400/0x400
[ 3061.399195]  ? lock_release+0x3b2/0x6f0
[ 3061.399225]  ___sys_sendmsg+0xc6/0x170
[ 3061.399248]  ? sendmsg_copy_msghdr+0x160/0x160
[ 3061.399271]  ? lock_release+0x3b2/0x6f0
[ 3061.399291]  ? __fget_files+0x265/0x470
[ 3061.399314]  ? lock_downgrade+0x6d0/0x6d0
[ 3061.399338]  ? lock_release+0x3b2/0x6f0
[ 3061.399357]  ? ksys_write+0x20c/0x250
[ 3061.399372]  ? lock_downgrade+0x6d0/0x6d0
[ 3061.399401]  ? __fget_files+0x287/0x470
[ 3061.399433]  ? __fget_light+0xea/0x270
[ 3061.399457]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[ 3061.399488]  __sys_sendmsg+0xe5/0x1b0
[ 3061.399509]  ? __sys_sendmsg_sock+0x30/0x30
[ 3061.399528]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 3061.399556]  ? __sanitizer_cov_trace_const_cmp1+0x22/0x80
[ 3061.399582]  ? fput+0x2a/0x50
[ 3061.399607]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3061.399638]  do_syscall_64+0x3b/0x90
[ 3061.399657]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 3061.399675] RIP: 0033:0x7f928d323b19
[ 3061.399688] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3061.399705] RSP: 002b:00007f928a899188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 3061.399721] RAX: ffffffffffffffda RBX: 00007f928d436f60 RCX: 00007f928d323b19
[ 3061.399734] RDX: 0000000000000000 RSI: 0000000020000200 RDI: 0000000000000004
[ 3061.399746] RBP: 00007f928a8991d0 R08: 0000000000000000 R09: 0000000000000000
[ 3061.399758] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 3061.399769] R13: 00007ffe916ec8df R14: 00007f928a899300 R15: 0000000000022000
[ 3061.399802]  </TASK>
[ 3061.570702] Call Trace:
[ 3061.570720]  <IRQ>
[ 3061.570730]  ? x86_pmu_start+0x1c0/0x240
[ 3061.570768]  x86_pmu_enable+0x580/0xd90
[ 3061.570792]  ? amd_pmu_disable_virt+0xa0/0xa0
[ 3061.570830]  ctx_resched+0x2b9/0x3a0
[ 3061.570860]  __perf_install_in_context+0x285/0xa40
[ 3061.570882]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 3061.570910]  ? ctx_resched+0x3a0/0x3a0
[ 3061.570933]  remote_function+0x125/0x1b0
[ 3061.570964]  flush_smp_call_function_queue+0x1df/0x610
[ 3061.570986]  ? perf_duration_warn+0x40/0x40
[ 3061.571016]  __sysvec_call_function_single+0x92/0x3a0
[ 3061.571042]  sysvec_call_function_single+0x89/0xc0
[ 3061.571066]  </IRQ>
[ 3061.571072]  <TASK>
[ 3061.571080]  asm_sysvec_call_function_single+0x12/0x20
[ 3061.571106] RIP: 0010:console_unlock+0xcaa/0xd40
[ 3061.571132] Code: 0c 73 4b 00 e9 f3 f7 ff ff e8 e2 72 4b 00 e9 da f4 ff ff e8 f8 72 4b 00 e9 dc fc ff ff e8 de b5 18 00 e8 d9 86 1f 00 fb 31 f6 <31> ff e8 6f b7 18 00 e9 12 fe ff ff 48 c7 c7 40 ad 0d 85 e8 be 72
[ 3061.571149] RSP: 0018:ffff8880468bf788 EFLAGS: 00000246
[ 3061.571166] RAX: 0000000000000c9b RBX: dffffc0000000000 RCX: ffffffff81283e5f
[ 3061.571178] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 3061.571189] RBP: 0000000000000000 R08: 0000000000000001 R09: ffffffff86a3e787
[ 3061.571200] R10: fffffbfff0d47cf0 R11: 0000000000000001 R12: ffff8880468bf7e0
[ 3061.571212] R13: ffffffff855ee750 R14: ffffffff82c6c7a0 R15: 0000000000000200
[ 3061.571226]  ? netconsole_netdev_event+0x360/0x360
[ 3061.571262]  ? mark_lock.part.0+0xef/0x2f60
[ 3061.571292]  ? console_unlock+0xca7/0xd40
[ 3061.571320]  ? devkmsg_read+0x730/0x730
[ 3061.571345]  ? lock_release+0x6f0/0x6f0
[ 3061.571378]  ? vprintk+0x80/0x90
[ 3061.571405]  vprintk_emit+0x1b4/0x550
[ 3061.571431]  vprintk+0x80/0x90
[ 3061.571454]  _printk+0xba/0xed
[ 3061.571482]  ? record_print_text.cold+0x16/0x16
[ 3061.571513]  ? lock_downgrade+0x6d0/0x6d0
[ 3061.571537]  ? ___ratelimit+0x21e/0x460
[ 3061.571564]  should_fail+0x472/0x5a0
[ 3061.571593]  _copy_from_user+0x2a/0x170
[ 3061.571620]  __copy_msghdr_from_user+0x91/0x4b0
[ 3061.571644]  ? __ia32_sys_shutdown+0x70/0x70
[ 3061.571671]  ? __lock_acquire+0xbac/0x6120
[ 3061.571702]  sendmsg_copy_msghdr+0xa1/0x160
[ 3061.571723]  ? __ia32_sys_recvmmsg+0x260/0x260
[ 3061.571743]  ? lockdep_hardirqs_on_prepare+0x400/0x400
[ 3061.571770]  ? lock_release+0x3b2/0x6f0
[ 3061.571799]  ___sys_sendmsg+0xc6/0x170
[ 3061.571822]  ? sendmsg_copy_msghdr+0x160/0x160
[ 3061.571841]  ? lock_release+0x3b2/0x6f0
[ 3061.571861]  ? __fget_files+0x265/0x470
[ 3061.571883]  ? lock_downgrade+0x6d0/0x6d0
[ 3061.571904]  ? lock_release+0x3b2/0x6f0
[ 3061.571922]  ? ksys_write+0x20c/0x250
[ 3061.571940]  ? lock_downgrade+0x6d0/0x6d0
[ 3061.571966]  ? __fget_files+0x287/0x470
[ 3061.572001]  ? __fget_light+0xea/0x270
[ 3061.572023]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[ 3061.572053]  __sys_sendmsg+0xe5/0x1b0
[ 3061.572073]  ? __sys_sendmsg_sock+0x30/0x30
[ 3061.572090]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 3061.572119]  ? __sanitizer_cov_trace_const_cmp1+0x22/0x80
[ 3061.572141]  ? fput+0x2a/0x50
[ 3061.572164]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3061.572194]  do_syscall_64+0x3b/0x90
[ 3061.572211]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 3061.572233] RIP: 0033:0x7f928d323b19
[ 3061.572253] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3061.572268] RSP: 002b:00007f928a899188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 3061.572285] RAX: ffffffffffffffda RBX: 00007f928d436f60 RCX: 00007f928d323b19
[ 3061.572298] RDX: 0000000000000000 RSI: 0000000020000200 RDI: 0000000000000004
[ 3061.572308] RBP: 00007f928a8991d0 R08: 0000000000000000 R09: 0000000000000000
[ 3061.572319] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 3061.572329] R13: 00007ffe916ec8df R14: 00007f928a899300 R15: 0000000000022000
[ 3061.572361]  </TASK>
[ 3061.592128] Call Trace:
[ 3061.592144]  <IRQ>
[ 3061.592156]  x86_pmu_stop+0x149/0x330
[ 3061.592193]  x86_pmu_del+0x1be/0x610
[ 3061.592224]  event_sched_out+0x2ed/0xe80
[ 3061.592255]  __perf_remove_from_context+0x87/0xbe0
[ 3061.592285]  event_function+0x297/0x3d0
[ 3061.592302]  ? perf_uprobe_event_init+0x1c0/0x1c0
[ 3061.592323]  remote_function+0x125/0x1b0
[ 3061.592355]  flush_smp_call_function_queue+0x1df/0x610
[ 3061.592377]  ? perf_duration_warn+0x40/0x40
[ 3061.592411]  __sysvec_call_function_single+0x92/0x3a0
[ 3061.592436]  sysvec_call_function_single+0x89/0xc0
[ 3061.592460]  </IRQ>
[ 3061.592466]  <TASK>
[ 3061.592472]  asm_sysvec_call_function_single+0x12/0x20
[ 3061.592492] RIP: 0010:console_unlock+0xcaa/0xd40
[ 3061.592511] Code: 0c 73 4b 00 e9 f3 f7 ff ff e8 e2 72 4b 00 e9 da f4 ff ff e8 f8 72 4b 00 e9 dc fc ff ff e8 de b5 18 00 e8 d9 86 1f 00 fb 31 f6 <31> ff e8 6f b7 18 00 e9 12 fe ff ff 48 c7 c7 40 ad 0d 85 e8 be 72
[ 3061.592528] RSP: 0018:ffff8880468bf788 EFLAGS: 00000246
[ 3061.592545] RAX: 0000000000000cf5 RBX: dffffc0000000000 RCX: ffffffff81283e5f
[ 3061.592557] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 3061.592568] RBP: 0000000000000000 R08: 0000000000000001 R09: ffffffff86a3e787
[ 3061.592580] R10: fffffbfff0d47cf0 R11: 0000000000000001 R12: ffff8880468bf7e0
[ 3061.592592] R13: ffffffff855ee750 R14: ffffffff82c6c7a0 R15: 0000000000000200
[ 3061.592605]  ? netconsole_netdev_event+0x360/0x360
[ 3061.592643]  ? mark_lock.part.0+0xef/0x2f60
[ 3061.592673]  ? console_unlock+0xca7/0xd40
[ 3061.592699]  ? devkmsg_read+0x730/0x730
[ 3061.592723]  ? lock_release+0x6f0/0x6f0
[ 3061.592758]  ? vprintk+0x80/0x90
[ 3061.592787]  vprintk_emit+0x1b4/0x550
[ 3061.592814]  vprintk+0x80/0x90
[ 3061.592837]  _printk+0xba/0xed
[ 3061.592864]  ? record_print_text.cold+0x16/0x16
[ 3061.592891]  ? lock_downgrade+0x6d0/0x6d0
[ 3061.592915]  ? ___ratelimit+0x21e/0x460
[ 3061.592942]  should_fail+0x472/0x5a0
[ 3061.592971]  _copy_from_user+0x2a/0x170
[ 3061.593001]  __copy_msghdr_from_user+0x91/0x4b0
[ 3061.593027]  ? __ia32_sys_shutdown+0x70/0x70
[ 3061.593054]  ? __lock_acquire+0xbac/0x6120
[ 3061.593085]  sendmsg_copy_msghdr+0xa1/0x160
[ 3061.593107]  ? __ia32_sys_recvmmsg+0x260/0x260
[ 3061.593129]  ? lockdep_hardirqs_on_prepare+0x400/0x400
[ 3061.593155]  ? lock_release+0x3b2/0x6f0
[ 3061.593184]  ___sys_sendmsg+0xc6/0x170
[ 3061.593207]  ? sendmsg_copy_msghdr+0x160/0x160
[ 3061.593229]  ? lock_release+0x3b2/0x6f0
[ 3061.593248]  ? __fget_files+0x265/0x470
[ 3061.593268]  ? lock_downgrade+0x6d0/0x6d0
[ 3061.593291]  ? lock_release+0x3b2/0x6f0
[ 3061.593310]  ? ksys_write+0x20c/0x250
[ 3061.593328]  ? lock_downgrade+0x6d0/0x6d0
[ 3061.593355]  ? __fget_files+0x287/0x470
[ 3061.593390]  ? __fget_light+0xea/0x270
[ 3061.593413]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[ 3061.593444]  __sys_sendmsg+0xe5/0x1b0
[ 3061.593464]  ? __sys_sendmsg_sock+0x30/0x30
[ 3061.593507]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 3061.593535]  ? __sanitizer_cov_trace_const_cmp1+0x22/0x80
[ 3061.593561]  ? fput+0x2a/0x50
[ 3061.593585]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3061.593615]  do_syscall_64+0x3b/0x90
[ 3061.593633]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 3061.593654] RIP: 0033:0x7f928d323b19
[ 3061.593669] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3061.593685] RSP: 002b:00007f928a899188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 3061.593703] RAX: ffffffffffffffda RBX: 00007f928d436f60 RCX: 00007f928d323b19
[ 3061.593716] RDX: 0000000000000000 RSI: 0000000020000200 RDI: 0000000000000004
[ 3061.593727] RBP: 00007f928a8991d0 R08: 0000000000000000 R09: 0000000000000000
[ 3061.593738] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 3061.593750] R13: 00007ffe916ec8df R14: 00007f928a899300 R15: 0000000000022000
[ 3061.593781]  </TASK>
[ 3061.611547] Call Trace:
[ 3061.611562]  <IRQ>
[ 3061.611572]  ? x86_pmu_start+0x1c0/0x240
[ 3061.611606]  x86_pmu_enable+0x580/0xd90
[ 3061.611630]  ? amd_pmu_disable_virt+0xa0/0xa0
[ 3061.611668]  ctx_resched+0x2b9/0x3a0
[ 3061.611698]  __perf_install_in_context+0x285/0xa40
[ 3061.611720]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 3061.611747]  ? ctx_resched+0x3a0/0x3a0
[ 3061.611770]  remote_function+0x125/0x1b0
[ 3061.611800]  flush_smp_call_function_queue+0x1df/0x610
[ 3061.611822]  ? perf_duration_warn+0x40/0x40
[ 3061.611855]  __sysvec_call_function_single+0x92/0x3a0
[ 3061.611880]  sysvec_call_function_single+0x89/0xc0
[ 3061.611902]  </IRQ>
[ 3061.611908]  <TASK>
[ 3061.611915]  asm_sysvec_call_function_single+0x12/0x20
[ 3061.611939] RIP: 0010:console_unlock+0xcaa/0xd40
[ 3061.611964] Code: 0c 73 4b 00 e9 f3 f7 ff ff e8 e2 72 4b 00 e9 da f4 ff ff e8 f8 72 4b 00 e9 dc fc ff ff e8 de b5 18 00 e8 d9 86 1f 00 fb 31 f6 <31> ff e8 6f b7 18 00 e9 12 fe ff ff 48 c7 c7 40 ad 0d 85 e8 be 72
[ 3061.611981] RSP: 0018:ffff8880468bf788 EFLAGS: 00000246
[ 3061.611997] RAX: 0000000000000d45 RBX: dffffc0000000000 RCX: ffffffff81283e5f
[ 3061.612008] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 3061.612019] RBP: 0000000000000000 R08: 0000000000000001 R09: ffffffff86a3e787
[ 3061.612030] R10: fffffbfff0d47cf0 R11: 0000000000000001 R12: ffff8880468bf7e0
[ 3061.612042] R13: ffffffff855ee750 R14: ffffffff82c6c7a0 R15: 0000000000000200
[ 3061.612056]  ? netconsole_netdev_event+0x360/0x360
[ 3061.612092]  ? mark_lock.part.0+0xef/0x2f60
[ 3061.612119]  ? console_unlock+0xca7/0xd40
[ 3061.612147]  ? devkmsg_read+0x730/0x730
[ 3061.612172]  ? lock_release+0x6f0/0x6f0
[ 3061.612207]  ? vprintk+0x80/0x90
[ 3061.612233]  vprintk_emit+0x1b4/0x550
[ 3061.612262]  vprintk+0x80/0x90
[ 3061.612285]  _printk+0xba/0xed
[ 3061.612310]  ? record_print_text.cold+0x16/0x16
[ 3061.612340]  ? lock_downgrade+0x6d0/0x6d0
[ 3061.612364]  ? ___ratelimit+0x21e/0x460
[ 3061.612390]  should_fail+0x472/0x5a0
[ 3061.612418]  _copy_from_user+0x2a/0x170
[ 3061.612445]  __copy_msghdr_from_user+0x91/0x4b0
[ 3061.612470]  ? __ia32_sys_shutdown+0x70/0x70
[ 3061.612498]  ? __lock_acquire+0xbac/0x6120
[ 3061.612527]  sendmsg_copy_msghdr+0xa1/0x160
[ 3061.612548]  ? __ia32_sys_recvmmsg+0x260/0x260
[ 3061.612569]  ? lockdep_hardirqs_on_prepare+0x400/0x400
[ 3061.612597]  ? lock_release+0x3b2/0x6f0
[ 3061.612627]  ___sys_sendmsg+0xc6/0x170
[ 3061.612647]  ? sendmsg_copy_msghdr+0x160/0x160
[ 3061.612670]  ? lock_release+0x3b2/0x6f0
[ 3061.612690]  ? __fget_files+0x265/0x470
[ 3061.612712]  ? lock_downgrade+0x6d0/0x6d0
[ 3061.612734]  ? lock_release+0x3b2/0x6f0
[ 3061.612752]  ? ksys_write+0x20c/0x250
[ 3061.612768]  ? lock_downgrade+0x6d0/0x6d0
[ 3061.612796]  ? __fget_files+0x287/0x470
[ 3061.612831]  ? __fget_light+0xea/0x270
[ 3061.612854]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[ 3061.612883]  __sys_sendmsg+0xe5/0x1b0
[ 3061.612904]  ? __sys_sendmsg_sock+0x30/0x30
[ 3061.612923]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 3061.612951]  ? __sanitizer_cov_trace_const_cmp1+0x22/0x80
[ 3061.612974]  ? fput+0x2a/0x50
[ 3061.613000]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3061.613030]  do_syscall_64+0x3b/0x90
[ 3061.613048]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 3061.613069] RIP: 0033:0x7f928d323b19
[ 3061.613084] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3061.613102] RSP: 002b:00007f928a899188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 3061.613117] RAX: ffffffffffffffda RBX: 00007f928d436f60 RCX: 00007f928d323b19
[ 3061.613128] RDX: 0000000000000000 RSI: 0000000020000200 RDI: 0000000000000004
[ 3061.613140] RBP: 00007f928a8991d0 R08: 0000000000000000 R09: 0000000000000000
[ 3061.613151] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 3061.613163] R13: 00007ffe916ec8df R14: 00007f928a899300 R15: 0000000000022000
[ 3061.613192]  </TASK>
[ 3061.635675] Call Trace:
[ 3061.635691]  <IRQ>
[ 3061.635705]  x86_pmu_stop+0x149/0x330
[ 3061.635743]  x86_pmu_del+0x1be/0x610
[ 3061.635772]  event_sched_out+0x2ed/0xe80
[ 3061.635801]  __perf_remove_from_context+0x87/0xbe0
[ 3061.635834]  event_function+0x297/0x3d0
[ 3061.635852]  ? perf_uprobe_event_init+0x1c0/0x1c0
[ 3061.635874]  remote_function+0x125/0x1b0
[ 3061.635905]  flush_smp_call_function_queue+0x1df/0x610
[ 3061.635928]  ? perf_duration_warn+0x40/0x40
[ 3061.635960]  __sysvec_call_function_single+0x92/0x3a0
[ 3061.635984]  sysvec_call_function_single+0x89/0xc0
[ 3061.636007]  </IRQ>
[ 3061.636013]  <TASK>
[ 3061.636019]  asm_sysvec_call_function_single+0x12/0x20
[ 3061.636043] RIP: 0010:console_unlock+0xcaa/0xd40
[ 3061.636068] Code: 0c 73 4b 00 e9 f3 f7 ff ff e8 e2 72 4b 00 e9 da f4 ff ff e8 f8 72 4b 00 e9 dc fc ff ff e8 de b5 18 00 e8 d9 86 1f 00 fb 31 f6 <31> ff e8 6f b7 18 00 e9 12 fe ff ff 48 c7 c7 40 ad 0d 85 e8 be 72
[ 3061.636084] RSP: 0018:ffff8880468bf788 EFLAGS: 00000246
[ 3061.636101] RAX: 0000000000000da7 RBX: dffffc0000000000 RCX: ffffffff81283e5f
[ 3061.636113] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 3061.636124] RBP: 0000000000000000 R08: 0000000000000001 R09: ffffffff86a3e787
[ 3061.636135] R10: fffffbfff0d47cf0 R11: 0000000000000001 R12: ffff8880468bf7e0
[ 3061.636147] R13: ffffffff855ee750 R14: ffffffff82c6c7a0 R15: 0000000000000200
[ 3061.636160]  ? netconsole_netdev_event+0x360/0x360
[ 3061.636195]  ? mark_lock.part.0+0xef/0x2f60
[ 3061.636223]  ? console_unlock+0xca7/0xd40
[ 3061.636251]  ? devkmsg_read+0x730/0x730
[ 3061.636275]  ? lock_release+0x6f0/0x6f0
[ 3061.636310]  ? vprintk+0x80/0x90
[ 3061.636336]  vprintk_emit+0x1b4/0x550
[ 3061.636365]  vprintk+0x80/0x90
[ 3061.636386]  _printk+0xba/0xed
[ 3061.636412]  ? record_print_text.cold+0x16/0x16
[ 3061.636441]  ? lock_downgrade+0x6d0/0x6d0
[ 3061.636462]  ? ___ratelimit+0x21e/0x460
[ 3061.636486]  should_fail+0x472/0x5a0
[ 3061.636517]  _copy_from_user+0x2a/0x170
[ 3061.636542]  __copy_msghdr_from_user+0x91/0x4b0
[ 3061.636568]  ? __ia32_sys_shutdown+0x70/0x70
[ 3061.636594]  ? __lock_acquire+0xbac/0x6120
[ 3061.636624]  sendmsg_copy_msghdr+0xa1/0x160
[ 3061.636647]  ? __ia32_sys_recvmmsg+0x260/0x260
[ 3061.636665]  ? lockdep_hardirqs_on_prepare+0x400/0x400
[ 3061.636691]  ? lock_release+0x3b2/0x6f0
[ 3061.636720]  ___sys_sendmsg+0xc6/0x170
[ 3061.636741]  ? sendmsg_copy_msghdr+0x160/0x160
[ 3061.636762]  ? lock_release+0x3b2/0x6f0
[ 3061.636783]  ? __fget_files+0x265/0x470
[ 3061.636806]  ? lock_downgrade+0x6d0/0x6d0
[ 3061.636828]  ? lock_release+0x3b2/0x6f0
[ 3061.636849]  ? ksys_write+0x20c/0x250
[ 3061.636865]  ? lock_downgrade+0x6d0/0x6d0
[ 3061.636892]  ? __fget_files+0x287/0x470
[ 3061.636925]  ? __fget_light+0xea/0x270
[ 3061.636946]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[ 3061.636975]  __sys_sendmsg+0xe5/0x1b0
[ 3061.636996]  ? __sys_sendmsg_sock+0x30/0x30
[ 3061.637014]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 3061.637040]  ? __sanitizer_cov_trace_const_cmp1+0x22/0x80
[ 3061.637065]  ? fput+0x2a/0x50
[ 3061.637089]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3061.637118]  do_syscall_64+0x3b/0x90
[ 3061.637136]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 3061.637155] RIP: 0033:0x7f928d323b19
[ 3061.637171] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3061.637188] RSP: 002b:00007f928a899188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 3061.637206] RAX: ffffffffffffffda RBX: 00007f928d436f60 RCX: 00007f928d323b19
[ 3061.637217] RDX: 0000000000000000 RSI: 0000000020000200 RDI: 0000000000000004
[ 3061.637228] RBP: 00007f928a8991d0 R08: 0000000000000000 R09: 0000000000000000
[ 3061.637238] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 3061.637248] R13: 00007ffe916ec8df R14: 00007f928a899300 R15: 0000000000022000
[ 3061.637281]  </TASK>
[ 3061.879493] CPU: 0 PID: 13969 Comm: syz-executor.2 Not tainted 5.17.0-next-20220328 #1
[ 3061.880397] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[ 3061.881735] Call Trace:
[ 3061.882031]  <TASK>
[ 3061.882289]  dump_stack_lvl+0x8b/0xb3
[ 3061.882750]  should_fail.cold+0x5/0xa
[ 3061.883206]  _copy_from_user+0x2a/0x170
[ 3061.883672]  __copy_msghdr_from_user+0x91/0x4b0
[ 3061.884207]  ? __ia32_sys_shutdown+0x70/0x70
[ 3061.884720]  ? __lock_acquire+0xbac/0x6120
[ 3061.885223]  sendmsg_copy_msghdr+0xa1/0x160
[ 3061.885839]  ? __ia32_sys_recvmmsg+0x260/0x260
[ 3061.886492]  ? lockdep_hardirqs_on_prepare+0x400/0x400
[ 3061.887310]  ? lock_release+0x3b2/0x6f0
[ 3061.887919]  ___sys_sendmsg+0xc6/0x170
[ 3061.888509]  ? sendmsg_copy_msghdr+0x160/0x160
[ 3061.889186]  ? lock_release+0x3b2/0x6f0
[ 3061.889834]  ? __fget_files+0x265/0x470
[ 3061.890446]  ? lock_downgrade+0x6d0/0x6d0
[ 3061.891071]  ? lock_release+0x3b2/0x6f0
[ 3061.891680]  ? ksys_write+0x20c/0x250
[ 3061.892256]  ? lock_downgrade+0x6d0/0x6d0
[ 3061.892895]  ? __fget_files+0x287/0x470
[ 3061.893536]  ? __fget_light+0xea/0x270
[ 3061.894148]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[ 3061.894993]  __sys_sendmsg+0xe5/0x1b0
[ 3061.895596]  ? __sys_sendmsg_sock+0x30/0x30
[ 3061.896243]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 3061.897080]  ? __sanitizer_cov_trace_const_cmp1+0x22/0x80
[ 3061.897935]  ? fput+0x2a/0x50
[ 3061.898412]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3061.899211]  do_syscall_64+0x3b/0x90
[ 3061.899779]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 3061.900557] RIP: 0033:0x7f928d323b19
[ 3061.901119] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3061.903891] RSP: 002b:00007f928a899188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 3061.905035] RAX: ffffffffffffffda RBX: 00007f928d436f60 RCX: 00007f928d323b19
[ 3061.906119] RDX: 0000000000000000 RSI: 0000000020000200 RDI: 0000000000000004
[ 3061.907192] RBP: 00007f928a8991d0 R08: 0000000000000000 R09: 0000000000000000
[ 3061.908258] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 3061.909333] R13: 00007ffe916ec8df R14: 00007f928a899300 R15: 0000000000022000
[ 3061.910458]  </TASK>
09:07:49 executing program 6:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{&(0x7f0000000040)=""/35, 0x23}, {0x0}, {&(0x7f0000000300)=""/165, 0xa5}], 0x3, 0x0, 0x1000000)

09:07:49 executing program 0:
perf_event_open$cgroup(&(0x7f0000000c00)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x102a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

09:07:49 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, 0x0)
sendmsg$unix(0xffffffffffffffff, 0x0, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
pwritev(r0, &(0x7f0000000640)=[{&(0x7f00000002c0)="19", 0x1}], 0x1, 0x8000000, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0)
r2 = socket$inet6(0xa, 0x1, 0x0)
bind$inet6(r2, &(0x7f00000002c0)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c)
recvfrom(r2, &(0x7f00000003c0)=""/87, 0x20010397, 0x300, 0x0, 0x0)
sendfile(r2, r1, 0x0, 0xfffffdef)
readv(0xffffffffffffffff, &(0x7f0000000040), 0x0)
openat$cgroup_freezer_state(0xffffffffffffffff, 0x0, 0x2, 0x0)
close(0xffffffffffffffff)
sendmmsg$inet6(r2, &(0x7f0000000280)=[{{&(0x7f00000000c0)={0xa, 0x4e23, 0x2, @private2={0xfc, 0x2, '\x00', 0x1}, 0x3}, 0x1c, &(0x7f0000000240)=[{&(0x7f0000000140)="06d586d56f26481f582a6058f16fe47c65785cc2530e68a314db230205a03ba213e84b002b1410d2e655582d312044a529189ad93fff1d27e98ee6f40902f0f5ab6a0904852d9e27a797e5bbd758cf3f872a80b4576840adb785f9d72f345d9a564e561efece83494f053ea98b21ebbf4dc0fd1e7aaa93d6940af3bd15750974c81e8beb", 0x84}, {&(0x7f0000000200)="3755a97a19", 0x5}], 0x2}}], 0x1, 0x4)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000001540), 0xffffffffffffffff)
sendmsg$NL80211_CMD_STOP_AP(r3, &(0x7f0000001600)={0x0, 0x0, &(0x7f00000015c0)={&(0x7f0000001580)={0x1c, 0x0, 0x1, 0x0, 0x0, {{}, {@val={0x8}, @void}}}, 0x1c}}, 0x0)
getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000000040), &(0x7f0000000080)=0xc)
syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x2200)

09:07:49 executing program 6:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{&(0x7f0000000040)=""/35, 0x23}, {0x0}, {&(0x7f0000000300)=""/165, 0xa5}], 0x3, 0x0, 0x2000000)

09:07:49 executing program 7:
openat$sndseq(0xffffffffffffff9c, 0x0, 0x0)
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{0x0}, {&(0x7f0000000300)=""/165, 0xa5}], 0x2, 0x0, 0x7000000)

09:07:50 executing program 0:
perf_event_open$cgroup(&(0x7f0000000c00)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x1110, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

09:07:50 executing program 1:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{&(0x7f0000000040)=""/35, 0x23}, {0x0, 0x2}, {&(0x7f0000000300)=""/165, 0xa5}], 0x3, 0x0, 0xa000000)

09:07:50 executing program 7:
openat$sndseq(0xffffffffffffff9c, 0x0, 0x0)
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{0x0}, {&(0x7f0000000300)=""/165, 0xa5}], 0x2, 0x0, 0xa000000)

09:07:50 executing program 6:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{&(0x7f0000000040)=""/35, 0x23}, {0x0}, {&(0x7f0000000300)=""/165, 0xa5}], 0x3, 0x0, 0x3000000)

09:07:50 executing program 2:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000080), r0)
sendmsg$NLBL_MGMT_C_ADD(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)={0x4c, r1, 0x1, 0x0, 0x0, {}, [@NLBL_MGMT_A_DOMAIN={0x6, 0x1, '%\x00'}, @NLBL_MGMT_A_IPV6ADDR={0x14, 0x5, @local}, @NLBL_MGMT_A_IPV6MASK={0x14, 0x6, @mcast1}, @NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x5}]}, 0x4c}, 0x1, 0x700000000000000}, 0x0) (fail_nth: 2)

09:07:50 executing program 5:
socketpair$unix(0x1, 0x5, 0x0, 0x0)
sendmsg$unix(0xffffffffffffffff, 0x0, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
pwritev(r0, &(0x7f0000000640)=[{&(0x7f00000002c0)="19", 0x1}], 0x1, 0x8000000, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0)
r2 = socket$inet6(0xa, 0x1, 0x0)
bind$inet6(r2, &(0x7f00000002c0)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c)
recvfrom(r2, &(0x7f00000003c0)=""/87, 0x20010397, 0x300, 0x0, 0x0)
mknodat$null(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x2000, 0x103)
ioctl$LOOP_CLR_FD(0xffffffffffffffff, 0x4c01)
sendfile(r2, r1, 0x0, 0xfffffdef)
readv(0xffffffffffffffff, &(0x7f0000000040), 0x0)
openat$cgroup_freezer_state(0xffffffffffffffff, 0x0, 0x2, 0x0)
close(0xffffffffffffffff)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000001540), 0xffffffffffffffff)
sendmsg$NL80211_CMD_STOP_AP(r3, &(0x7f0000001600)={0x0, 0x0, &(0x7f00000015c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="2872f65da35cad8a4e6e12f6834e3b2c04d2fb32de920a889ddcb31d4ddda4d9f97a6ea15271159b629457f47a0ed0d65abd6153727b5b89069177708d49bb01582b73085bea91e3ff980bf6ba819af2f4b4bc6e098cc77ffae731469500c7a4cb1b759e05dc6359a993d42de0baf46d99a521e560c3d97d57e3090b0bdab377500888ff95072e3e36c8f73d3e3c723393a658776c2f875702a802", @ANYRES16=0x0, @ANYBLOB="010000000000000000001000000008000300", @ANYRES32=0x0, @ANYBLOB], 0x1c}}, 0x0)
getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000000040), &(0x7f0000000080)=0xc)
syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x2200)

[ 3062.399032] Call Trace:
[ 3062.399496]  <TASK>
[ 3062.399853]  ? x86_pmu_start+0x1c0/0x240
[ 3062.400498]  x86_pmu_enable+0x580/0xd90
[ 3062.401121]  ? amd_pmu_disable_virt+0xa0/0xa0
[ 3062.401831]  ctx_resched+0x2b9/0x3a0
[ 3062.402438]  __perf_install_in_context+0x285/0xa40
[ 3062.403199]  ? ctx_resched+0x3a0/0x3a0
[ 3062.403810]  remote_function+0x125/0x1b0
[ 3062.404421]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 3062.405293]  ? perf_duration_warn+0x40/0x40
[ 3062.405977]  generic_exec_single+0x203/0x300
[ 3062.406651]  smp_call_function_single+0x189/0x460
[ 3062.407391]  ? perf_duration_warn+0x40/0x40
[ 3062.408088]  ? generic_exec_single+0x300/0x300
[ 3062.408779]  ? perf_duration_warn+0x40/0x40
[ 3062.409439]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 3062.410324]  ? lock_is_held_type+0xd7/0x130
[ 3062.411042]  perf_install_in_context+0x4da/0x590
[ 3062.411772]  ? list_add_event+0xeb0/0xeb0
[ 3062.412400]  ? ctx_resched+0x3a0/0x3a0
[ 3062.413020]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 3062.413914]  ? exclusive_event_installable+0x254/0x320
[ 3062.414739]  __do_sys_perf_event_open+0x1bf0/0x3040
[ 3062.415513]  ? __up_read+0x192/0x710
[ 3062.416085]  ? perf_remove_from_context+0x260/0x260
[ 3062.416841]  ? up_write+0x460/0x460
[ 3062.417454]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3062.418247]  do_syscall_64+0x3b/0x90
[ 3062.418804]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 3062.419600] RIP: 0033:0x7f750a357b19
[ 3062.420194] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3062.423012] RSP: 002b:00007f75078cd188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a
[ 3062.424166] RAX: ffffffffffffffda RBX: 00007f750a46af60 RCX: 00007f750a357b19
[ 3062.425272] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000c00
[ 3062.426406] RBP: 00007f750a3b1f6d R08: 0000000000000000 R09: 0000000000000000
[ 3062.427539] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000000
[ 3062.428657] R13: 00007ffc8fa2e86f R14: 00007f75078cd300 R15: 0000000000022000
[ 3062.429792]  </TASK>
[ 3062.443292] FAULT_INJECTION: forcing a failure.
[ 3062.443292] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 3062.445148] CPU: 1 PID: 14014 Comm: syz-executor.2 Not tainted 5.17.0-next-20220328 #1
[ 3062.446366] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[ 3062.448123] Call Trace:
[ 3062.448484]  <TASK>
[ 3062.448823]  dump_stack_lvl+0x8b/0xb3
[ 3062.449418]  should_fail.cold+0x5/0xa
[ 3062.450047]  _copy_from_user+0x2a/0x170
[ 3062.450655]  iovec_from_user+0x236/0x3c0
[ 3062.451289]  ? _copy_from_user+0xf2/0x170
[ 3062.451904]  __import_iovec+0x64/0x5c0
[ 3062.452498]  import_iovec+0x83/0xb0
[ 3062.453039]  sendmsg_copy_msghdr+0x12d/0x160
[ 3062.453723]  ? __ia32_sys_recvmmsg+0x260/0x260
[ 3062.454385]  ? lockdep_hardirqs_on_prepare+0x400/0x400
[ 3062.455208]  ? lock_release+0x3b2/0x6f0
[ 3062.455795]  ___sys_sendmsg+0xc6/0x170
[ 3062.456441]  ? sendmsg_copy_msghdr+0x160/0x160
[ 3062.457106]  ? lock_release+0x3b2/0x6f0
[ 3062.457723]  ? __fget_files+0x265/0x470
[ 3062.458336]  ? lock_downgrade+0x6d0/0x6d0
[ 3062.458948]  ? lock_release+0x3b2/0x6f0
[ 3062.459543]  ? ksys_write+0x20c/0x250
[ 3062.460111]  ? lock_downgrade+0x6d0/0x6d0
[ 3062.460727]  ? __fget_files+0x287/0x470
[ 3062.461362]  ? __fget_light+0xea/0x270
[ 3062.461987]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[ 3062.462830]  __sys_sendmsg+0xe5/0x1b0
[ 3062.463439]  ? __sys_sendmsg_sock+0x30/0x30
[ 3062.464098]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 3062.464947]  ? fput+0x2a/0x50
[ 3062.465414]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3062.466249]  do_syscall_64+0x3b/0x90
[ 3062.466777]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 3062.467600] RIP: 0033:0x7f928d323b19
[ 3062.468139] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3062.471017] RSP: 002b:00007f928a899188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 3062.472145] RAX: ffffffffffffffda RBX: 00007f928d436f60 RCX: 00007f928d323b19
[ 3062.473219] RDX: 0000000000000000 RSI: 0000000020000200 RDI: 0000000000000004
[ 3062.474313] RBP: 00007f928a8991d0 R08: 0000000000000000 R09: 0000000000000000
[ 3062.475394] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 3062.476438] R13: 00007ffe916ec8df R14: 00007f928a899300 R15: 0000000000022000
[ 3062.477541]  </TASK>
09:07:50 executing program 7:
openat$sndseq(0xffffffffffffff9c, 0x0, 0x0)
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{0x0}, {&(0x7f0000000300)=""/165, 0xa5}], 0x2, 0x0, 0x3f000000)

[ 3062.529078] Call Trace:
[ 3062.529520]  <TASK>
[ 3062.529847]  x86_pmu_stop+0x149/0x330
[ 3062.530455]  x86_pmu_del+0x1be/0x610
[ 3062.531011]  event_sched_out+0x2ed/0xe80
[ 3062.531603]  __perf_remove_from_context+0x87/0xbe0
[ 3062.532339]  event_function+0x297/0x3d0
[ 3062.532906]  ? perf_uprobe_event_init+0x1c0/0x1c0
[ 3062.533658]  remote_function+0x125/0x1b0
[ 3062.534268]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 3062.535042]  ? perf_duration_warn+0x40/0x40
[ 3062.535705]  generic_exec_single+0x203/0x300
[ 3062.536342]  smp_call_function_single+0x189/0x460
[ 3062.537027]  ? perf_duration_warn+0x40/0x40
[ 3062.537682]  ? generic_exec_single+0x300/0x300
[ 3062.538328]  ? perf_duration_warn+0x40/0x40
[ 3062.538945]  ? lock_is_held_type+0xd7/0x130
[ 3062.539556]  event_function_call+0x3d0/0x430
[ 3062.540203]  ? perf_group_detach+0x11b0/0x11b0
[ 3062.540841]  ? perf_copy_attr+0x9c0/0x9c0
[ 3062.541466]  ? lock_release+0x3b2/0x6f0
[ 3062.542083]  ? perf_group_detach+0x11b0/0x11b0
[ 3062.542758]  ? perf_uprobe_event_init+0x1c0/0x1c0
[ 3062.543496]  ? _raw_spin_unlock_irq+0x1f/0x40
[ 3062.544151]  perf_remove_from_context+0x12e/0x260
[ 3062.544856]  perf_event_release_kernel+0x153/0x7f0
[ 3062.545586]  ? lock_is_held_type+0xd7/0x130
[ 3062.546237]  ? perf_pmu_migrate_context+0xae0/0xae0
[ 3062.546969]  ? lock_is_held_type+0xd7/0x130
[ 3062.547601]  perf_release+0x33/0x40
[ 3062.548155]  __fput+0x272/0x9d0
[ 3062.548622]  ? perf_event_release_kernel+0x7f0/0x7f0
[ 3062.549402]  task_work_run+0xe2/0x1a0
[ 3062.550001]  exit_to_user_mode_prepare+0x199/0x1a0
[ 3062.550703]  syscall_exit_to_user_mode+0x19/0x50
[ 3062.551403]  do_syscall_64+0x48/0x90
[ 3062.551923]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 3062.552684] RIP: 0033:0x7f750a30a72b
[ 3062.553213] Code: 0f 05 48 3d 00 f0 ff ff 77 45 c3 0f 1f 40 00 48 83 ec 18 89 7c 24 0c e8 63 fc ff ff 8b 7c 24 0c 41 89 c0 b8 03 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 35 44 89 c7 89 44 24 0c e8 a1 fc ff ff 8b 44
[ 3062.555847] RSP: 002b:00007ffc8fa2e8d0 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[ 3062.556912] RAX: 0000000000000000 RBX: 0000000000000004 RCX: 00007f750a30a72b
[ 3062.557965] RDX: 0000000000000000 RSI: ffffffff8411f74e RDI: 0000000000000003
[ 3062.559010] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000001b30c2001c
[ 3062.560035] R10: 0000000000000f41 R11: 0000000000000293 R12: 00007f750a46bb60
[ 3062.561060] R13: 00007f750a46bb60 R14: 00007f750a46af60 R15: 00000000002eba0c
[ 3062.562131]  ? syscall_exit_to_user_mode+0x1e/0x50
[ 3062.562841]  </TASK>
09:07:50 executing program 1:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{&(0x7f0000000040)=""/35, 0x23}, {0x0, 0x2}, {&(0x7f0000000300)=""/165, 0xa5}], 0x3, 0x0, 0x10000000)

09:07:50 executing program 7:
openat$sndseq(0xffffffffffffff9c, 0x0, 0x0)
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{0x0}, {&(0x7f0000000300)=""/165, 0xa5}], 0x2, 0x0, 0x48000000)

09:07:50 executing program 3:
socketpair$unix(0x1, 0x5, 0x0, 0x0)
sendmsg$unix(0xffffffffffffffff, 0x0, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
pwritev(r0, &(0x7f0000000640)=[{&(0x7f00000002c0)="19", 0x1}], 0x1, 0x8000000, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0)
r2 = socket$inet6(0xa, 0x1, 0x0)
bind$inet6(r2, &(0x7f00000002c0)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c)
recvfrom(r2, &(0x7f00000003c0)=""/87, 0x20010397, 0x300, 0x0, 0x0)
sendfile(r2, r1, 0x0, 0xfffffdef)
readv(0xffffffffffffffff, &(0x7f0000000040), 0x0)
openat$cgroup_freezer_state(0xffffffffffffffff, 0x0, 0x2, 0x0)
close(0xffffffffffffffff)
sendmmsg$inet6(r2, &(0x7f0000000280)=[{{&(0x7f00000000c0)={0xa, 0x4e23, 0x2, @private2={0xfc, 0x2, '\x00', 0x1}, 0x3}, 0x1c, &(0x7f0000000240)=[{&(0x7f0000000140)="06d586d56f26481f582a6058f16fe47c65785cc2530e68a314db230205a03ba213e84b002b1410d2e655582d312044a529189ad93fff1d27e98ee6f40902f0f5ab6a0904852d9e27a797e5bbd758cf3f872a80b4576840adb785f9d72f345d9a564e561efece83494f053ea98b21ebbf4dc0fd1e7aaa93d6940af3bd15750974c81e8beb", 0x84}, {&(0x7f0000000200)="3755a97a19", 0x5}], 0x2}}], 0x1, 0x4)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000001540), 0xffffffffffffffff)
sendmsg$NL80211_CMD_STOP_AP(r3, &(0x7f0000001600)={0x0, 0x0, &(0x7f00000015c0)={&(0x7f0000001580)={0x1c, 0x0, 0x1, 0x0, 0x0, {{}, {@val={0x8}, @void}}}, 0x1c}}, 0x0)
getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000000040), &(0x7f0000000080)=0xc)
syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x2200)

09:07:50 executing program 5:
socketpair$unix(0x1, 0x5, 0x0, 0x0)
sendmsg$unix(0xffffffffffffffff, 0x0, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
pwritev(r0, &(0x7f0000000640)=[{&(0x7f00000002c0)="19", 0x1}], 0x1, 0x8000000, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0)
r2 = socket$inet6(0xa, 0x1, 0x0)
bind$inet6(r2, &(0x7f00000002c0)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c)
recvfrom(r2, &(0x7f00000003c0)=""/87, 0x20010397, 0x300, 0x0, 0x0)
sendfile(r2, r1, 0x0, 0xfffffdef)
bind$inet6(0xffffffffffffffff, &(0x7f0000000140)={0xa, 0x4e22, 0x1, @mcast2, 0x2}, 0x1c)
readv(0xffffffffffffffff, &(0x7f0000000040), 0x0)
r3 = openat$cgroup_freezer_state(0xffffffffffffffff, 0x0, 0x2, 0x0)
close(0xffffffffffffffff)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000001540), 0xffffffffffffffff)
sendmsg$NL80211_CMD_STOP_AP(r4, &(0x7f0000001600)={0x0, 0x0, &(0x7f00000015c0)={&(0x7f0000000440)=ANY=[@ANYBLOB="14a1a45144423302a24aaebc09f80b1c000000", @ANYRES16=0x0, @ANYBLOB="01ffe5000000000000001040000008000300fa47e6b845e820ebe9ca29d2f710aa077704b8aad1d6bf187506073cdb112942abbeb659a1da03de258c389b26ce5932515c605e515bbdde733a1db488148ba0b2c4e58d8c7dfd02b420ab40f1836802e36d8f2013330e409c7df8277bb1e899f05e02c3edfa04b745b1fb104abf2ebb2f198c0179eab13c1338fa0b3c779cc70587a53b39b261cc8da7a3d3e0142a2d2362f9fba0c4232c7bf25205c64bf4df69b30bd2cf013ce39d9d5941cde2a50d1eacc3a0ffbe6eb80159647d7f9a11e7fc86d563509c376c79212c4e08354a743d103c7c3f12beb497af5237d3286861477abca5a4930facdb439c77836ca16106c82f904f8cced7b5c159a7d1342757dfa43a24f72ea5f342899a828d568884f40cf019e000b749b27cb3c05918edf8", @ANYRES32=0x0, @ANYBLOB], 0x1c}}, 0x4)
getsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f0000000040), &(0x7f00000000c0)=0x5)
syz_open_dev$sg(&(0x7f0000001000), 0x80000000, 0x2200)
ioctl$BTRFS_IOC_SYNC(r3, 0x9408, 0x0)

09:07:50 executing program 6:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{&(0x7f0000000040)=""/35, 0x23}, {0x0}, {&(0x7f0000000300)=""/165, 0xa5}], 0x3, 0x0, 0x4000000)

09:07:50 executing program 1:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{&(0x7f0000000040)=""/35, 0x23}, {0x0, 0x2}, {&(0x7f0000000300)=""/165, 0xa5}], 0x3, 0x0, 0x1ffff000)

09:08:07 executing program 7:
openat$sndseq(0xffffffffffffff9c, 0x0, 0x0)
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{0x0}, {&(0x7f0000000300)=""/165, 0xa5}], 0x2, 0x0, 0x4c000000)

09:08:07 executing program 4:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000040)='./file1\x00', 0x9, 0x3, &(0x7f0000000240)=[{&(0x7f0000000140)="47965a21a635f19fa19eea7ad2bda076a2643d9bccbddb2fad0fb7291c68a4579e4167bbca44658f37f680eb36068800c1393fd9192a84b30a2a29b263ce630db3de11f4f52db56e9f8e297c5cbfc694a36947528239ccd219c820292576f6a5f0708e22f24702db80acdf0bfd8b643a8ba1f6929836b4c1e5b243ff74103f0594777a231e1fe3f6dc89ec67614fc66ca90459c3afe77a30347e3b12de793802d0f40fdc49039c0bf92eb2227ceba249f00e345fcafe2e9b50b5e6d42ab99cbcbc15982cb0da1bead710626dd04acab3d211a0cc36010982ede3b8888987265cfaac91", 0xe3, 0x40}, {&(0x7f0000000300)="707984dd12d59b13f2f4b41ae0e572215b57743563895231b72a1dc7aa000e4903659947ff4f0317d25f1444f85a452a53657e60b03ab9bf11d727beb8a169fd3e40ef05181f1288c979041578430f1efbc7543bcfe22065277b68e8ff45fffbc3bbf3056bebb7107bfc37c4e315e6fe8e9171e51e6a8a3a7a6aa769de64f35711e0af8bd7fca7b47670cdda75c803c3af828187b5004a1ad9d73c068b49f5a8aeb912139a6a24df", 0xa8, 0x7}, {&(0x7f0000000680)="2a4e0c8fcf6944b926a1dd412fd6f52fbf1b4f459cc706997a2d15f11533df3de930165147a1d2b4f6938721d12eb1d7c6a566e1f59fd3b6f20c9c6cf36a37fe9391e00f53299e34f451bcbd5f119a9658809c809e3fadbe59bd557ba6fa581ccbd385787f9c824d1b88643505bd34eec361709bc77566b7437090af94bd074e1b10d6c66228fbd8ffce1e203195a3f341aac168fe382eb7738d140e548d4a26e83d9fb6a8cf2bf468f5a775ca81888d0e48021795ac8d9809f02fdfcf46690bff9b139e3b9bc50d5e456d9bd863cd8fb8bb2e07144a5b0657f7569a5579968d10c0b5374ecd3fb772f9dbff04d1f5b43ac9388243c1f5da64455e8a4730b4fb597711c6c5f2ac5e190d6d8df3cc4f01b2ea14a03338b1963b5f6eaf5af8f61e553611f4360d56288cc22ff172c113ea3a749450dde997654d2d4848078371b14bd7e46c756c19f6d411ef92487d579f5fe3574db9578261e4dbcbecf1de4dad74d2b99e50924f8a075d5a6075d5ad7a99b775ce698ed0e2181ab7ff85bba309197cfd2d58dc0e92681d8c7a87a420741e65da899874c8c80e00d7a00d154d2c7cc9d11e62abc9b40f8fe2bc3a8d14f39761c17cc87e6b3fe75ca9c255aff4a9e966bd377a1efebe50340df789d055b30f64355a9e8a9fdcdfbd5ab19433a8f8e31e3a8fb84e031b182f1e1452f6e294cb50b0ba4f6de0c880ebfdf07848e013af011d735126e15a01dfad478a8c30afbf146a1631b1aabcda1644317108b24d8f445cfabe9ec3eb11a607d78ebfec4e2f35e69dcb33b40a9efc8f0a663bc5d699bcf51c05de33b13f246a4fd45078195f04e9f807df90f8aef4652eb8cdd481ed6b7227b7fd11a902c11cfbc2e70e0dc8c4185666572cc9b71d4e6f94541296abb009bd6f3c43c7769f3b882d36926aae7f5ef2cc2c93009f058a80e5bfa2b405ff752eb236a8bd1acbbd37b2a7aba6ad194a6f5e10692271650a88b792aae0c61cda41184bcc86c74b91af7f899eb80b590284ace1d6422fe1e3a1b4911e70c3e62a98839a629faafddd8b473727eaa3a58639c7e60576a82c3d73a29c1dcad26b06598a7a6248bd2861c87201d6ef5cb118b31fdebeeb4b30bf7d8df3972f4bd2b2a5b2f6bf080248b21d943f986b09be4b70441aa41be268405c50244dfc0fe46c346b0beb260379fc93db5befffa0d13f39defab897f79dafb17f894cd19170cbafebb33eaa061c8159fb07ce866c020ba65f68944d08717177f4b9056344dab84e63bc7fb88be70ec131a73f4c0a3f00e7a607a190f4bee8430b9ee8de4192ebd35fe62367128f98d2fe3c5e02975d4c2e8535978d98e6b8af15ff55207866b89b02ad9a717fcbc6805d640d43973cea43d0e92de4a07e4a166a2393b73508875a61bb743f60bc5b6b46d5053dd59e6fc30c4b62719f829eeba09464a4b374c4e9e4909b15068ae97800b68fb42c93e7ced7f5ba49a566ebb67766aabf5619e993d21e9d0f1f5827494de2a7a794802c513051d39ec65cfa46503d377c8a434d03bf4835bc4a017d935333b9194cbf9fbba24bd36b12016975dbbb6f9e00be45915fbf55b977a4e4393db0380be5fb86fc61957019c14a4df362ae545ecac8fcca442353a5f30f48ff36e00835982a77848217c61db51af175fcf67ed909005c06c5d9b9e0b55e0dbd9384b847e32a8bf3b3efdfd15c78bd509fd2be4c6d0a84032c97df9a4fb5e27a96240d1ee491bc1ef22e77528ece3a5ad470fab8f4a1f95a8013b0a384dc07784dfd8e413793fb5487f4bb1345ea3c412be9890a3c4bcc22fab5097d3d5cba50934b3b11bdfde422f94eb30c7b1113a00baa9656d006d50019a37c829537166a3f161eb619589e9674a961cdf003fadcda6b536a8dbf18afeb92f07e9ca3e7417e7727db21107d14eac5bfdee988741f2f70fd8b8453192a360594909473c9dc76b1abcc501971656f1eaba0e93722712dd5e084dd98a139f3209d72617367e232fa195d1c163941e5e83e350d346c992484dd171a045fe2906d3eca96b2aecdd1ebf51eaa48393a017d71b07e640f8d46df5549b8aeda76a6f19ae5edddd1b8576e582a4e79b0e46bc0e4e70cc02cd6349b8751f89de020da71e7023a9d8f6b0213bc05f8f4889f6121a3a5626c1f121635dbcfd423665a3aaa5ccea2ddbd3a7d89eb2067887952589242a163f50cd050e86bb4787598e6cf94bf33d84191710419ee2e92bb4aa5ea47871d00df4e818ed2cd53bfa0b30051e8e9c1894c6f41b1e0a92909fd8224fb4e0490013a8f88d5e31bdb4fe5fa61a486dbc569d20074d5bf252a1f6b22f020f04e39f77f294143217101e639ac44840d2dcbf911807054d47d74040ae9d18ac7bf63cf5bbab8206a77a4a1691af9891aa589378ac7bfccdd9d2ad7b9bf022e63d950cb00278a89418af5dcf0d999fa5636e855629e4d3e7fea3b453fab3b0b170b5b2f3bd13366accd23f34a44f407be66d8f654c063b73cd11f7b70226237a18e9d1d2c128c6281ecc60555fb4d791b0258037029b396cf7dbffa5f16194a197cb846602e5d0d3cd5592aec8ba5e9372c92564570a2f45e06504535938a1546e74d01139c65e1ffd2e2d08c16cab89bea0bf908589c7e1c1405e7baf43af40dfc2eabc68d9a2a3aeae574d5207dd904cb41ecbb8b22d411f5d9d83307f4af589356d67c720b1f6c15f531f46b3c949c72e4710dea695762d78a5a85d021eee5da1ecef4ed5bdca83f0a341db9d5647b455b07b79c3830484598b41e7e05be48f98e11abaaf730ca68217df0e3f607c2f46ec494dc9e3c340dda0f4e5549b7a5f7201f77d4cb231e03c8d4e6789e5ca88a6ccf971e032e800aea392d8c29dd46f4730c63eee4e79454eb23db53b2cf756c244fcbf9e377579f970f3f8ffdcaebcb81bd13fd6f92ec18356dd4d5bd0be5fe6996171886cc656724d2dbd0f766cd1f3953831ca43e7bafffed25556efbfc4922eb917f9e799e04cad7582b78ec5c404d78191a6ed15aece8284d152fe551db9f0c69000b24165b526ded27780f1ca62e37f98cdc0a40c56d4e711ad7886e8b6b9768ee77240d9aa7b17b9a56831cba73c3bf8e793c25b5962b0e85210ad7a6646a3d359e3b85d14807b642b523680b4696963f721c4b23947eaf7f238b9a0e626111207fb655f4878ca0e003e756fbebeeedd61fbfad36f414bb92d957e571f131a0e729a0a09308d2beb803651b0b59c8894f3e6da524ab545426154482cf2bfed422bac284be2ba4e3dd8115a8c6372577558225024d7c88e9d88a5401d320e35b613cee7d285e751810e0d516402ea5674b7f3299895a6f16cfd8b5cca6168d13e7d3e10f9a2b6f0f888c108a9a664efd1de11f66640a1fd2a6a593efb544bda2ccb13e4f19e7483f666048610a22ff3ac60d47fa6f863ef99311b03caefd74a79b803a11900ba2e2fc2f1e70bc8d7f34cecf76f7ef6b33c74653f16e27b47c1b5b0d96512a9d511f497a2f0606522af8d860d9266a451d27341bb9eeaaf80222b814831125fcc885a32f7b1ef0e5dfd31d3febcb4b257cf8dc75a05a3a6df9d8572d8197379179e4dc80bf32033fe51ffbc3d1dfaac7258c931c7fab76131065c27f86b23ed9c9d259e55e3d11e0d7a8cb53842aa53c1c88d9e44409168acc021591b732dd5ccbde33902f4b22f398b827845af246fc45edb76c895f830fc5c36b7aff3c84c388fb3fad1ea940b3797cf8ce6836fabe06c3c157027cafe93247e19539bffe7449afd071905e707258ba125f9d578587bc1dfc724547cba13a18c19273ae1e42610ff0f9dfcf750181904cd9fce9107e30f851f72c6792a71efed3476d7ac1c7c35f4033af31bba0cd968a2d67833953ea674f2ecb0ba612bb2b03fc763478d73345a04338601de1f28efec354497e736de35d2c9e068a884dcd4a424d8673fda1164e60915acefe2c88529353372e629ffe06e75865966d7d1bbe3748a327b27e6741b6858bf20da950d8decbaa47bc8849f5e4806da072f2f82881a878b232ddfc8cc03b40f50478a321d53fed27f2185eb78a75a13c539480e1c724eefa18bbfdf01d8795b84c991502d81f24e8d817ae118330edd53e879c36ba5327619fa1e345d700c9b4d46188ca0698863c865d22392472647f54ceb9f701ddc6b5faa0ccfed188857670088598f32cfd098d5831e7a5c585e5031568642ee99714808eb9856182c6cee1a53ce0f3aed285e1996a05d323657678429a48c97c816a829251c7988fd62da54d81394bf6e6bbb7d0c656517fe75e91898d0f39d4e454215669137b9d5b9309bd1b9cc1393cf1a7c5e76a3fcfb90e4a1a8795e9e47ed47f82e87835ed5eb8c066557c975db3e845dab283fba53084f42f62645ceff0a60f422c79700270527f460f37144df49e2f2aba712d1b75adeeddcfd0a36c777ea0d7f4df77bc78e022739044b3a6cfb61fa44f1a6fc8fea8c9b15b95898a5efdb1aa709470c141ceace753efbbe5f9637d277bc889e1175481d6771a813975e2076490b2696f9458180cf53e52f323c3fae7573888310b953b3474ff9830b0c0918998de064f05385f7f0d36cc64e3551b43501187de31b0012886d119b2ac46ce9169db963193d8ce3354f9e6200108269f8fc30cdf5b7767be0f14adf915281dc6c1c03520f5e8df22d5670b22e5638519a7613fe32f03b20890630a3cfb03b507051b1a718b59dce1a5b5fd6c1ed1bfe7d2174441947173ec6952f2ccd68a1c8a7bf5bb5bc21276832e26b8a56e6414f2a05817778df9a04d9152849bc1f13f46791a0388e973d976306324db9ada1e9fdddb37dc53e65e3d31c78d56ce823487e5059ffaba0c5219893a6033d11a86fba05414dd61b4c0a410d49834982b417ab43c03c9d61ccc24f84c596f6067fa661c1a270aace8ec98eebc6340ed3b7ef7d874c01de9572f51364c1fbc1888d7409a1c0ff42444bffbb5c88af3c682f7fe8827115193051189f38d69a0ef32a3f1cb8e4efab1e8a6872a55d6acd6fca8f29e614c9255cb80ec560240aa02a3814eae6686bb06f8fd47860450a23765f13e9e08e406b210a8eee98311dcc1dd9d1f0dd83e7fe7039c76296e327ed6a06410ae6aa71b6e3abff525b449d8888d5be3e1cc75a3b9549b039267fb9df990ba7e051bf5730a96b6bbe9528bc18d69b626b0b9eabc97338e610c1948a2b01a5d061713c99695144cb4b9c925403f135ce70be0abd07eaf3bb47de52a51dae15cb2751057852fe1fad0dc24228cd2c756fbece2577976c5f99cf59cb8d0ed013eef4593d7a0ebce5c7cdda26332f60ddfcd11483dbec6b3098be6bfd77dbaca3348d40add50c2d12c13ea71ae835744aa72c7110928a514dc89a374c7df83f79633a434fde353c9f59bc67c49f96fd0e3002b269258289100f4ecee32f06a942c192db5b68cf365770b7e526833f852a9414f26e715b7b3392fc00236bd23906e07fba30ad257b537f1700f8f3387fc40f4d4bb490292d6f8ce0ad2ae5e00a5541ca317ec6a8b9877716a9e8ae0007faa62e045ff2576bc9f461ff48e87c54370bc42ca2a7515731433160985677470012f1e5c545d080800b506ac95fbcb5b9ed7dcc63c6ee2f4336adb368b99b6eed4fc0b8d87e47fd02e8b2261bfe37e110dcf16ef6a41ed503b2900197853aa0ba01ccb7c702a86490c8d446bf931b42b94c5d3b142f8ca18cc93c547f3a99841c5d39ce9e73f0483763ce783a546af98bf5fafcbdbdf457239d4d5fde328477d5d", 0x1000}], 0x10, &(0x7f00000000c0)={[{@nodelalloc}, {@usrjquota}, {@discard}, {@noauto_da_alloc}], [{@dont_hash}]})
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x141042, 0x0)
pwritev(r1, &(0x7f0000000640)=[{&(0x7f00000002c0)="02", 0x1}], 0x1, 0x7fffffe, 0x0)
write$P9_RREADLINK(0xffffffffffffffff, &(0x7f0000000240)=ANY=[], 0x10)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
sendfile(r0, r2, 0x0, 0x7fffffff)
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x20200, 0x0)

09:08:07 executing program 2:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000080), r0)
sendmsg$NLBL_MGMT_C_ADD(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)={0x4c, r1, 0x1, 0x0, 0x0, {}, [@NLBL_MGMT_A_DOMAIN={0x6, 0x1, '%\x00'}, @NLBL_MGMT_A_IPV6ADDR={0x14, 0x5, @local}, @NLBL_MGMT_A_IPV6MASK={0x14, 0x6, @mcast1}, @NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x5}]}, 0x4c}, 0x1, 0x700000000000000}, 0x0) (fail_nth: 3)

09:08:07 executing program 3:
ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000000000))
r0 = gettid()
r1 = gettid()
kcmp(r0, r1, 0x4, 0xffffffffffffffff, 0xffffffffffffffff)
r2 = syz_open_procfs$namespace(r0, &(0x7f0000000480)='ns/cgroup\x00')
sendfile(0xffffffffffffffff, r2, 0x0, 0xfffffffffffffffd)

09:08:07 executing program 1:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{&(0x7f0000000040)=""/35, 0x23}, {0x0, 0x2}, {&(0x7f0000000300)=""/165, 0xa5}], 0x3, 0x0, 0x20000000)

[ 3079.191970] Call Trace:
[ 3079.192401]  <TASK>
[ 3079.192730]  ? x86_pmu_start+0x1c0/0x240
[ 3079.193325]  x86_pmu_enable+0x580/0xd90
[ 3079.193945]  ? amd_pmu_disable_virt+0xa0/0xa0
[ 3079.194603]  ctx_resched+0x2b9/0x3a0
[ 3079.195149]  __perf_install_in_context+0x285/0xa40
[ 3079.195859]  ? ctx_resched+0x3a0/0x3a0
[ 3079.196428]  remote_function+0x125/0x1b0
[ 3079.197023]  flush_smp_call_function_queue+0x1df/0x610
[ 3079.197768]  ? perf_duration_warn+0x40/0x40
[ 3079.198388]  __sysvec_call_function_single+0x92/0x3a0
[ 3079.199128]  sysvec_call_function_single+0x3b/0xc0
[ 3079.199837]  ? asm_sysvec_call_function_single+0xa/0x20
[ 3079.200632]  asm_sysvec_call_function_single+0x12/0x20
[ 3079.201378] RIP: 0033:0x7f792bcbc657
[ 3079.201921] Code: 35 c2 b7 0b 00 48 8d 3d 37 bd 0a 00 31 c0 e8 60 fe ff ff 48 83 c4 08 5b 5d 41 5c 41 5d c3 0f 1f 44 00 00 48 8b 0d 59 ed 0a 01 <48> 8b 05 4a ed 0a 01 4c 8d 81 00 00 00 01 48 39 c8 72 13 4c 39 c0
[ 3079.204568] RSP: 002b:00007fffdbdaca18 EFLAGS: 00000202
[ 3079.205330] RAX: 0000000029671ef5 RBX: 00007f792ba96008 RCX: 0000001b2e220000
[ 3079.206371] RDX: 0000001b2e221050 RSI: ffffffff81a9a55f RDI: 0000000029671ef5
[ 3079.207363] RBP: 0000000000000001 R08: 0000000029671ef5 R09: 0000001b2e22001c
[ 3079.208346] R10: 0000000000001ef5 R11: 0000000029671ef9 R12: 0000000000000825
[ 3079.209351] R13: 00007f792be26000 R14: ffffffff81a9a55f R15: 00007f792be31ff0
[ 3079.210375]  ? __ext4_new_inode+0x13af/0x5620
[ 3079.211031]  ? __ext4_new_inode+0x13af/0x5620
[ 3079.211683]  </TASK>
09:08:07 executing program 0:
perf_event_open$cgroup(&(0x7f0000000c00)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x1210, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

09:08:07 executing program 6:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{&(0x7f0000000040)=""/35, 0x23}, {0x0}, {&(0x7f0000000300)=""/165, 0xa5}], 0x3, 0x0, 0x5000000)

09:08:07 executing program 5:
socketpair$unix(0x1, 0x5, 0x0, 0x0)
sendmsg$unix(0xffffffffffffffff, 0x0, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
pwritev(r0, &(0x7f0000000640)=[{&(0x7f00000002c0)="19", 0x1}], 0x1, 0x8000000, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0)
r2 = socket$inet6(0xa, 0x1, 0x0)
bind$inet6(r2, &(0x7f00000002c0)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c)
recvfrom(r2, &(0x7f00000003c0)=""/87, 0x20010397, 0x300, 0x0, 0x0)
sendfile(r2, r1, 0x0, 0xfffffdef)
readv(0xffffffffffffffff, &(0x7f00000000c0), 0x0)
openat$cgroup_freezer_state(0xffffffffffffffff, 0x0, 0x2, 0x0)
close(0xffffffffffffffff)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000001540), 0xffffffffffffffff)
sendmsg$NL80211_CMD_STOP_AP(r3, &(0x7f0000001600)={0x0, 0x0, &(0x7f00000015c0)={&(0x7f0000001580)={0x1c, 0x0, 0x1, 0x0, 0x0, {{}, {@val={0x8}, @void}}}, 0x1c}}, 0x0)
getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000000040), &(0x7f0000000080)=0xc)
syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x2200)

[ 3079.227847] FAULT_INJECTION: forcing a failure.
[ 3079.227847] name failslab, interval 1, probability 0, space 0, times 0
[ 3079.229928] CPU: 1 PID: 14051 Comm: syz-executor.2 Not tainted 5.17.0-next-20220328 #1
[ 3079.231105] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[ 3079.232784] Call Trace:
[ 3079.233165]  <TASK>
[ 3079.233484]  dump_stack_lvl+0x8b/0xb3
[ 3079.234084]  should_fail.cold+0x5/0xa
[ 3079.234661]  ? __alloc_skb+0x211/0x340
[ 3079.235237]  should_failslab+0x5/0x10
[ 3079.235813]  kmem_cache_alloc_node+0x55/0x490
[ 3079.236491]  __alloc_skb+0x211/0x340
[ 3079.237023]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 3079.237868]  netlink_sendmsg+0x98d/0xe00
[ 3079.238476]  ? netlink_unicast+0x800/0x800
[ 3079.239112]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 3079.239940]  ? netlink_unicast+0x800/0x800
[ 3079.240577]  sock_sendmsg+0x150/0x190
[ 3079.241143]  ____sys_sendmsg+0x703/0x870
[ 3079.241775]  ? kernel_sendmsg+0x50/0x50
[ 3079.242360]  ? __ia32_sys_recvmmsg+0x260/0x260
[ 3079.243045]  ? lockdep_hardirqs_on_prepare+0x400/0x400
[ 3079.243834]  ? lock_release+0x3b2/0x6f0
[ 3079.244435]  ___sys_sendmsg+0xf3/0x170
[ 3079.245017]  ? sendmsg_copy_msghdr+0x160/0x160
[ 3079.245691]  ? lock_release+0x3b2/0x6f0
[ 3079.246314]  ? lock_downgrade+0x6d0/0x6d0
[ 3079.246946]  ? lock_release+0x3b2/0x6f0
[ 3079.247533]  ? ksys_write+0x20c/0x250
[ 3079.248197]  ? lock_downgrade+0x6d0/0x6d0
[ 3079.248776]  ? __fget_files+0x287/0x470
[ 3079.249342]  ? __fget_light+0xea/0x270
[ 3079.249919]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[ 3079.250709]  __sys_sendmsg+0xe5/0x1b0
[ 3079.251247]  ? __sys_sendmsg_sock+0x30/0x30
[ 3079.251852]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 3079.252632]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3079.253364]  do_syscall_64+0x3b/0x90
[ 3079.253914]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 3079.254644] RIP: 0033:0x7f928d323b19
[ 3079.255180] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3079.257834] RSP: 002b:00007f928a899188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 3079.258909] RAX: ffffffffffffffda RBX: 00007f928d436f60 RCX: 00007f928d323b19
[ 3079.259916] RDX: 0000000000000000 RSI: 0000000020000200 RDI: 0000000000000004
[ 3079.260930] RBP: 00007f928a8991d0 R08: 0000000000000000 R09: 0000000000000000
[ 3079.261965] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 3079.262957] R13: 00007ffe916ec8df R14: 00007f928a899300 R15: 0000000000022000
[ 3079.263980]  </TASK>
[ 3079.313408] Call Trace:
[ 3079.313855]  <IRQ>
[ 3079.314166]  x86_pmu_stop+0x149/0x330
[ 3079.314727]  x86_pmu_del+0x1be/0x610
[ 3079.315274]  event_sched_out+0x2ed/0xe80
[ 3079.315870]  __perf_remove_from_context+0x87/0xbe0
[ 3079.316576]  event_function+0x297/0x3d0
[ 3079.317144]  ? perf_uprobe_event_init+0x1c0/0x1c0
[ 3079.317864]  remote_function+0x125/0x1b0
[ 3079.318454]  flush_smp_call_function_queue+0x1df/0x610
[ 3079.319192]  ? perf_duration_warn+0x40/0x40
[ 3079.319863]  __sysvec_call_function_single+0x92/0x3a0
[ 3079.320600]  sysvec_call_function_single+0x89/0xc0
[ 3079.321323]  </IRQ>
[ 3079.321643]  <TASK>
[ 3079.321981]  asm_sysvec_call_function_single+0x12/0x20
[ 3079.322728] RIP: 0010:_raw_spin_unlock_irqrestore+0x2e/0x50
[ 3079.323523] Code: 48 83 c7 18 53 48 89 f3 48 8b 74 24 10 e8 7a 02 15 fd 48 89 ef e8 72 7f 15 fd 80 e7 02 74 06 e8 38 ae 36 fd fb bf 01 00 00 00 <e8> 6d 8b 0b fd 65 8b 05 e6 92 ee 7b 85 c0 74 03 5b 5d c3 0f 1f 44
[ 3079.326175] RSP: 0018:ffff8880081dfcb0 EFLAGS: 00000206
[ 3079.326915] RAX: 0000000000e6558e RBX: 0000000000000246 RCX: 1ffffffff0b1b2a1
[ 3079.327899] RDX: 0000000000000000 RSI: 0000000000000101 RDI: 0000000000000001
[ 3079.328887] RBP: ffffffff852c2200 R08: 0000000000000001 R09: 0000000000000001
[ 3079.329908] R10: ffffffff814a8a78 R11: 0000000000000001 R12: ffff888045bd6870
[ 3079.330926] R13: ffff88801cf057e8 R14: ffffffff8130d315 R15: ffff88800ee6e780
[ 3079.331927]  ? rcu_core+0x7e5/0x1ff0
[ 3079.332467]  ? trace_hardirqs_on+0x38/0x190
[ 3079.333090]  find_and_remove_object+0xe4/0x120
[ 3079.333747]  kmemleak_free+0x1f/0x30
[ 3079.334270]  kmem_cache_free+0x28a/0x420
[ 3079.334843]  rcu_core+0x7e5/0x1ff0
[ 3079.335352]  ? rcu_note_context_switch+0x19a0/0x19a0
[ 3079.336069]  ? lock_is_held_type+0xd7/0x130
[ 3079.336673]  __do_softirq+0x270/0x8c7
[ 3079.337213]  ? __irq_exit_rcu+0x170/0x170
[ 3079.337814]  run_ksoftirqd+0x2d/0x60
[ 3079.338335]  smpboot_thread_fn+0x66f/0xa00
[ 3079.338932]  ? sort_range+0x30/0x30
[ 3079.339441]  kthread+0x2f2/0x3b0
[ 3079.339957]  ? kthread_complete_and_exit+0x40/0x40
[ 3079.340650]  ret_from_fork+0x22/0x30
[ 3079.341221]  </TASK>
[ 3079.345431] Call Trace:
[ 3079.345869]  <TASK>
[ 3079.346182]  ? x86_pmu_start+0x1c0/0x240
[ 3079.346766]  x86_pmu_enable+0x580/0xd90
[ 3079.347321]  ? amd_pmu_disable_virt+0xa0/0xa0
[ 3079.348097]  ctx_resched+0x2b9/0x3a0
[ 3079.348648]  __perf_install_in_context+0x285/0xa40
[ 3079.349391]  ? ctx_resched+0x3a0/0x3a0
[ 3079.349986]  remote_function+0x125/0x1b0
[ 3079.350594]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 3079.351409]  ? perf_duration_warn+0x40/0x40
[ 3079.352048]  generic_exec_single+0x203/0x300
[ 3079.352708]  smp_call_function_single+0x189/0x460
[ 3079.353413]  ? perf_duration_warn+0x40/0x40
[ 3079.354078]  ? generic_exec_single+0x300/0x300
[ 3079.354751]  ? perf_duration_warn+0x40/0x40
[ 3079.355412]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 3079.356232]  ? lock_is_held_type+0xd7/0x130
[ 3079.356887]  perf_install_in_context+0x4da/0x590
[ 3079.357595]  ? list_add_event+0xeb0/0xeb0
[ 3079.358250]  ? ctx_resched+0x3a0/0x3a0
[ 3079.358829]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 3079.359652]  ? exclusive_event_installable+0x254/0x320
[ 3079.360449]  __do_sys_perf_event_open+0x1bf0/0x3040
[ 3079.361214]  ? perf_remove_from_context+0x260/0x260
[ 3079.361971]  ? xfd_validate_state+0x59/0x180
[ 3079.362658]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3079.363426]  do_syscall_64+0x3b/0x90
[ 3079.363984]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 3079.364748] RIP: 0033:0x7f750a357b19
[ 3079.365407] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3079.368023] RSP: 002b:00007f75078cd188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a
[ 3079.369109] RAX: ffffffffffffffda RBX: 00007f750a46af60 RCX: 00007f750a357b19
[ 3079.370132] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000c00
[ 3079.371142] RBP: 00007f750a3b1f6d R08: 0000000000000000 R09: 0000000000000000
[ 3079.372187] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000000
[ 3079.373216] R13: 00007ffc8fa2e86f R14: 00007f75078cd300 R15: 0000000000022000
[ 3079.374258]  </TASK>
[ 3079.447693] Call Trace:
[ 3079.448157]  <TASK>
[ 3079.448480]  x86_pmu_stop+0x149/0x330
[ 3079.449029]  x86_pmu_del+0x1be/0x610
[ 3079.449562]  event_sched_out+0x2ed/0xe80
[ 3079.450186]  __perf_remove_from_context+0x87/0xbe0
[ 3079.450892]  event_function+0x297/0x3d0
[ 3079.451506]  ? perf_uprobe_event_init+0x1c0/0x1c0
[ 3079.452191]  remote_function+0x125/0x1b0
[ 3079.452776]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 3079.453552]  ? perf_duration_warn+0x40/0x40
[ 3079.454235]  generic_exec_single+0x203/0x300
[ 3079.454864]  smp_call_function_single+0x189/0x460
[ 3079.455553]  ? perf_duration_warn+0x40/0x40
[ 3079.456171]  ? generic_exec_single+0x300/0x300
[ 3079.456815]  ? perf_duration_warn+0x40/0x40
[ 3079.457434]  ? lock_is_held_type+0xd7/0x130
[ 3079.458117]  event_function_call+0x3d0/0x430
[ 3079.458768]  ? perf_group_detach+0x11b0/0x11b0
[ 3079.459454]  ? perf_copy_attr+0x9c0/0x9c0
[ 3079.460041]  ? lock_release+0x3b2/0x6f0
[ 3079.460610]  ? perf_group_detach+0x11b0/0x11b0
[ 3079.461309]  ? perf_uprobe_event_init+0x1c0/0x1c0
[ 3079.462019]  ? _raw_spin_unlock_irq+0x1f/0x40
[ 3079.462676]  perf_remove_from_context+0x12e/0x260
[ 3079.463371]  perf_event_release_kernel+0x153/0x7f0
[ 3079.464064]  ? lock_is_held_type+0xd7/0x130
[ 3079.464679]  ? perf_pmu_migrate_context+0xae0/0xae0
[ 3079.465574]  ? lock_is_held_type+0xd7/0x130
[ 3079.466254]  perf_release+0x33/0x40
[ 3079.466780]  __fput+0x272/0x9d0
[ 3079.467270]  ? perf_event_release_kernel+0x7f0/0x7f0
[ 3079.468033]  task_work_run+0xe2/0x1a0
[ 3079.468627]  do_exit+0xaf7/0x27e0
[ 3079.469150]  ? find_held_lock+0x2c/0x110
[ 3079.469774]  ? lock_release+0x3b2/0x6f0
[ 3079.470360]  ? mm_update_next_owner+0x7d0/0x7d0
[ 3079.471046]  ? lock_downgrade+0x6d0/0x6d0
[ 3079.471685]  ? lock_is_held_type+0xd7/0x130
[ 3079.472355]  do_group_exit+0xd2/0x2f0
[ 3079.472919]  get_signal+0x2303/0x2350
[ 3079.473489]  ? lock_downgrade+0x6d0/0x6d0
[ 3079.474132]  ? signal_setup_done+0x520/0x520
[ 3079.474810]  ? lock_is_held_type+0xd7/0x130
[ 3079.475491]  arch_do_signal_or_restart+0x88/0x1a40
[ 3079.476216]  ? __do_sys_perf_event_open+0xd2/0x3040
[ 3079.476980]  ? get_sigframe_size+0x10/0x10
[ 3079.477640]  ? perf_remove_from_context+0x260/0x260
[ 3079.478394]  ? xfd_validate_state+0x59/0x180
[ 3079.479067]  exit_to_user_mode_prepare+0x131/0x1a0
[ 3079.479795]  syscall_exit_to_user_mode+0x19/0x50
[ 3079.480496]  do_syscall_64+0x48/0x90
[ 3079.481042]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 3079.481865] RIP: 0033:0x7f750a357b19
[ 3079.482434] Code: Unable to access opcode bytes at RIP 0x7f750a357aef.
[ 3079.483366] RSP: 002b:00007f75078cd188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a
[ 3079.484458] RAX: 0000000000000003 RBX: 00007f750a46af60 RCX: 00007f750a357b19
[ 3079.485523] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000c00
[ 3079.486624] RBP: 00007f750a3b1f6d R08: 0000000000000000 R09: 0000000000000000
[ 3079.487653] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000000
[ 3079.488734] R13: 00007ffc8fa2e86f R14: 00007f75078cd300 R15: 0000000000022000
[ 3079.489827]  </TASK>
09:08:24 executing program 7:
openat$sndseq(0xffffffffffffff9c, 0x0, 0x0)
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{0x0}, {&(0x7f0000000300)=""/165, 0xa5}], 0x2, 0x0, 0x68000000)

09:08:24 executing program 3:
ioctl$sock_ipv6_tunnel_SIOCGETPRL(0xffffffffffffffff, 0x89f4, &(0x7f0000000180)={'syztnl2\x00', &(0x7f0000000000)={'sit0\x00', <r0=>0x0, 0x29, 0x6, 0x4, 0x8000, 0x44, @loopback, @private0, 0x7, 0x700, 0x0, 0x100}})
r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000200), 0xffffffffffffffff)
r2 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r3 = socket$inet6_udp(0xa, 0x2, 0x0)
r4 = socket$nl_audit(0x10, 0x3, 0x9)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000340)={'sit0\x00', <r5=>0x0})
sendmmsg$inet(r3, &(0x7f0000002600)=[{{&(0x7f0000000100)={0x2, 0x4e24, @loopback}, 0x10, 0x0, 0x0, &(0x7f0000002500)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {r5, @multicast2, @broadcast}}}], 0x20}}], 0x1, 0x0)
ioctl$sock_inet6_SIOCSIFADDR(r2, 0x8916, &(0x7f00000000c0)={@initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, 0x1c, r5})
r6 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r7 = socket$inet6_udp(0xa, 0x2, 0x0)
r8 = socket$nl_audit(0x10, 0x3, 0x9)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000340)={'sit0\x00', <r9=>0x0})
sendmmsg$inet(r7, &(0x7f0000002600)=[{{&(0x7f0000000100)={0x2, 0x4e24, @loopback}, 0x10, 0x0, 0x0, &(0x7f0000002500)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {r9, @multicast2, @broadcast}}}], 0x20}}], 0x1, 0x0)
ioctl$sock_inet6_SIOCSIFADDR(r6, 0x8916, &(0x7f00000000c0)={@initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, 0x1c, r9})
sendmsg$ETHTOOL_MSG_FEATURES_SET(0xffffffffffffffff, &(0x7f00000007c0)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000780)={&(0x7f0000000240)={0x510, r1, 0x800, 0x8, 0x25dfdbfd, {}, [@ETHTOOL_A_FEATURES_WANTED={0x118, 0x3, 0x0, 0x1, [@ETHTOOL_A_BITSET_SIZE={0x8, 0x2, 0x9}, @ETHTOOL_A_BITSET_NOMASK={0x4}, @ETHTOOL_A_BITSET_SIZE={0x8}, @ETHTOOL_A_BITSET_MASK={0xf9, 0x5, "cfadbf0e4e977adfd4c042fc52cfa45188c7fa1d3bbd23675bdf1733bda4950e3153a219c61cda26a1241ba308572a930945341c335f31ca69cf99bbf75779739f82a14231e304716e613e9da1af9e66bcd42b15c4941e94d388b3c7482704cdcb479dea4fd4388faccf01d68ac4608631031cc9faa57e2a010479541eb15e5f6314b1de93b4711fa4ba9102c7d4b20927c1c1ea54c0a0e61c69dcd5aab52063e61d368e6f41e7ea5939f078a98467d20acf4ea94dc43fa95fa54ec96646e0a20d13acd4d015a56bb1f7badf69987d107a92efaf13858fc736228b633e6849f7b7edfd1122b217c8eedd9abb16824eb555f16604b5"}, @ETHTOOL_A_BITSET_NOMASK={0x4}]}, @ETHTOOL_A_FEATURES_WANTED={0x1c8, 0x3, 0x0, 0x1, [@ETHTOOL_A_BITSET_VALUE={0xae, 0x4, "11c0314fe9d71383d7c0197251e44f267952db2d1bca1fab91571aa3a86cc69336677b2ceba8e1691f47746e25c308b04591a7ce0c6382f899ae0eb4df183c110f76ea5f591bf46bf49a9f0b099a52a125294ae43bc5634a63b533301139bed172fd00e8381c23f5e71a07069a36d70bbc7e4500932a301e7c35da4a97c34501c06ca8bfcb137fbc17d92b515bf2c4f50560d140d2bd21e4ed6bdb671e9a30da98040c01a1511275835b"}, @ETHTOOL_A_BITSET_MASK={0xcd, 0x5, "ed6fb5a54d1dcd0662d81d523a3e51f2258bab36c460aa3d149b894f9d48e585e4f87dddc27663b5207ff13600c86fdcdf19ef0133e738e57a65ca3238b3fc491578b45b09a378ea29bb49ac8df39feaec3b570beb54ffc57d484c3df6755f328d51e230ba5d5002bfa97b6c9cfa9cd4fd453b583b741da856adeefe4cf8bca534cf075fdab101b4790483a6cac1cc521ffec1fb36536ad66148e2e013e36ffe0dbb68d2dc716ae93ba25aae59a0143176e56b47360a69b5d32aaf516bce5d252c521533a5dcb13226"}, @ETHTOOL_A_BITSET_MASK={0x15, 0x5, "feade099e808eb55c428c169f77ef7f410"}, @ETHTOOL_A_BITSET_VALUE={0x27, 0x4, "8df25c9a7a6e833ef63663679f6ee2815b87a1c296f12bb3b9c4ad20b7d449c955df41"}, @ETHTOOL_A_BITSET_NOMASK={0x4}]}, @ETHTOOL_A_FEATURES_WANTED={0x170, 0x3, 0x0, 0x1, [@ETHTOOL_A_BITSET_VALUE={0xf9, 0x4, "e64de0bc7cf42a05ff5576bf09a0294c67e351b905299f8a7fa497296ddde140db8bc16856f949f6c4abe8079bcb979b59a2799be7a24e682c048d0a4af5f80af3f95233494a918921713234a1d290f4210d0c1acae4840cc29952db607c52992b7f2189640b1fd09e97a4bd156043aa0021ff1085931269c3765c00b7096b6a875ca959d2863aa37b41d3475f0574550cef888d81be3f0b52aaf0f441aa5414ab92a9c78e845213871256b6fb0cedce58be3262938ca77e01db8746d1799ba8e2e4d567569054aea64c8be4ef733675490fba09038656ee607faa8e818dfba58408d5e01c60ae4bda3346cbbf3cd4f2a82bea842b"}, @ETHTOOL_A_BITSET_MASK={0x70, 0x5, "bf3df948d1930896103227bbbc04b66130fa8912b18caa92e17ce99ce9d113d432d6e2cb7aa759a846be65fae05c3dc57b16d8b8495e76bb9b005a064a9716be5e8af7b306cc97bb43885658f4b549d1946d22124b44314b4558d5f5c84e821c6f493c5ce09269f391ffc362"}]}, @ETHTOOL_A_FEATURES_HEADER={0x74, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'batadv_slave_1\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r0}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'netpci0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r5}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r9}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'macvtap0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'bridge_slave_1\x00'}]}, @ETHTOOL_A_FEATURES_HEADER={0x20, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'bridge0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}]}, @ETHTOOL_A_FEATURES_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'netdevsim0\x00'}]}]}, 0x510}, 0x1, 0x0, 0x0, 0x48091}, 0x800)
syz_io_uring_setup(0x6dcb, &(0x7f0000000080), &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140))

09:08:24 executing program 4:
syz_80211_inject_frame(&(0x7f0000000040)=@broadcast, 0x0, 0x0)

09:08:24 executing program 0:
perf_event_open$cgroup(&(0x7f0000000c00)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x1310, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

09:08:24 executing program 6:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{&(0x7f0000000040)=""/35, 0x23}, {0x0}, {&(0x7f0000000300)=""/165, 0xa5}], 0x3, 0x0, 0x6000000)

09:08:24 executing program 2:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000080), r0)
sendmsg$NLBL_MGMT_C_ADD(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)={0x4c, r1, 0x1, 0x0, 0x0, {}, [@NLBL_MGMT_A_DOMAIN={0x6, 0x1, '%\x00'}, @NLBL_MGMT_A_IPV6ADDR={0x14, 0x5, @local}, @NLBL_MGMT_A_IPV6MASK={0x14, 0x6, @mcast1}, @NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x5}]}, 0x4c}, 0x1, 0x700000000000000}, 0x0) (fail_nth: 4)

09:08:24 executing program 5:
socketpair$unix(0x1, 0x5, 0x0, 0x0)
sendmsg$NL80211_CMD_STOP_AP(0xffffffffffffffff, &(0x7f0000001600)={0x0, 0x0, &(0x7f00000015c0)={&(0x7f0000001580)={0x1c, 0x0, 0x1, 0x0, 0x0, {{}, {@val={0x8}, @void}}}, 0x1c}}, 0x0)
ioctl$BTRFS_IOC_QUOTA_RESCAN_WAIT(0xffffffffffffffff, 0x942e, 0x0)
sendmsg$unix(0xffffffffffffffff, 0x0, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
pwritev(r0, &(0x7f0000000640)=[{&(0x7f00000002c0)="19", 0x1}], 0x1, 0x8000000, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0)
r2 = socket$inet6(0xa, 0xa, 0x0)
bind$inet6(r2, &(0x7f00000002c0)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c)
recvfrom(r2, &(0x7f0000000140)=""/75, 0xffffffeb, 0x301, 0x0, 0x0)
sendfile(r2, r1, 0x0, 0xfffffdef)
readv(0xffffffffffffffff, &(0x7f0000000040), 0x0)
openat$cgroup_freezer_state(0xffffffffffffffff, 0x0, 0x2, 0x0)
close(0xffffffffffffffff)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000001540), 0xffffffffffffffff)
sendmsg$NL80211_CMD_STOP_AP(r3, &(0x7f0000001600)={0x0, 0x0, &(0x7f00000015c0)={&(0x7f0000001580)=ANY=[@ANYBLOB="1c000000", @ANYRES16=0x0, @ANYBLOB="010000000000000040001000000008000300", @ANYRES32=0x0, @ANYBLOB], 0x1c}}, 0x0)
getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000000040), &(0x7f0000000080)=0xc)
syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x2200)

09:08:24 executing program 1:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{&(0x7f0000000040)=""/35, 0x23}, {0x0, 0x2}, {&(0x7f0000000300)=""/165, 0xa5}], 0x3, 0x0, 0x21000000)

[ 3095.920840] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 3095.931146] FAULT_INJECTION: forcing a failure.
[ 3095.931146] name failslab, interval 1, probability 0, space 0, times 0
[ 3095.933051] CPU: 0 PID: 14071 Comm: syz-executor.2 Not tainted 5.17.0-next-20220328 #1
[ 3095.934277] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[ 3095.936004] Call Trace:
[ 3095.936397]  <TASK>
[ 3095.936744]  dump_stack_lvl+0x8b/0xb3
[ 3095.937359]  should_fail.cold+0x5/0xa
[ 3095.937953]  ? create_object.isra.0+0x3a/0xa20
[ 3095.938680]  should_failslab+0x5/0x10
[ 3095.939286]  kmem_cache_alloc+0x5b/0x480
[ 3095.939924]  create_object.isra.0+0x3a/0xa20
[ 3095.940597]  ? kasan_unpoison+0x23/0x50
[ 3095.941213]  kmem_cache_alloc_node+0x248/0x490
[ 3095.941932]  __alloc_skb+0x211/0x340
[ 3095.942526]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 3095.943373]  netlink_sendmsg+0x98d/0xe00
[ 3095.944004]  ? netlink_unicast+0x800/0x800
[ 3095.944657]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 3095.945486]  ? netlink_unicast+0x800/0x800
[ 3095.946175]  sock_sendmsg+0x150/0x190
[ 3095.946747]  ____sys_sendmsg+0x703/0x870
[ 3095.947375]  ? kernel_sendmsg+0x50/0x50
[ 3095.947972]  ? __ia32_sys_recvmmsg+0x260/0x260
[ 3095.948673]  ? lockdep_hardirqs_on_prepare+0x400/0x400
[ 3095.949474]  ? lock_release+0x3b2/0x6f0
[ 3095.950121]  ___sys_sendmsg+0xf3/0x170
[ 3095.950717]  ? sendmsg_copy_msghdr+0x160/0x160
[ 3095.951416]  ? lock_release+0x3b2/0x6f0
[ 3095.952018]  ? lock_downgrade+0x6d0/0x6d0
[ 3095.952655]  ? lock_release+0x3b2/0x6f0
[ 3095.953270]  ? ksys_write+0x20c/0x250
[ 3095.953850]  ? lock_downgrade+0x6d0/0x6d0
[ 3095.954517]  ? __fget_files+0x287/0x470
[ 3095.955148]  ? __fget_light+0xea/0x270
[ 3095.955756]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[ 3095.956602]  __sys_sendmsg+0xe5/0x1b0
[ 3095.957196]  ? __sys_sendmsg_sock+0x30/0x30
[ 3095.957861]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 3095.958753]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3095.959554]  do_syscall_64+0x3b/0x90
[ 3095.960129]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 3095.960928] RIP: 0033:0x7f928d323b19
[ 3095.961500] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3095.964311] RSP: 002b:00007f928a899188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 3095.965475] RAX: ffffffffffffffda RBX: 00007f928d436f60 RCX: 00007f928d323b19
[ 3095.966581] RDX: 0000000000000000 RSI: 0000000020000200 RDI: 0000000000000004
[ 3095.967663] RBP: 00007f928a8991d0 R08: 0000000000000000 R09: 0000000000000000
[ 3095.968747] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 3095.969826] R13: 00007ffe916ec8df R14: 00007f928a899300 R15: 0000000000022000
[ 3095.970966]  </TASK>
[ 3095.987743] Call Trace:
[ 3095.988287]  <TASK>
[ 3095.988609]  ? x86_pmu_start+0x1c0/0x240
[ 3095.989206]  x86_pmu_enable+0x580/0xd90
[ 3095.989776]  ? amd_pmu_disable_virt+0xa0/0xa0
[ 3095.990469]  ctx_resched+0x2b9/0x3a0
[ 3095.991008]  __perf_install_in_context+0x285/0xa40
[ 3095.991709]  ? ctx_resched+0x3a0/0x3a0
[ 3095.992259]  remote_function+0x125/0x1b0
[ 3095.992834]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 3095.993617]  ? perf_duration_warn+0x40/0x40
[ 3095.994306]  generic_exec_single+0x203/0x300
[ 3095.994939]  smp_call_function_single+0x189/0x460
[ 3095.995665]  ? perf_duration_warn+0x40/0x40
[ 3095.996291]  ? generic_exec_single+0x300/0x300
[ 3095.996947]  ? perf_duration_warn+0x40/0x40
[ 3095.997574]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 3095.998383]  ? lock_is_held_type+0xd7/0x130
09:08:24 executing program 6:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{&(0x7f0000000040)=""/35, 0x23}, {0x0}, {&(0x7f0000000300)=""/165, 0xa5}], 0x3, 0x0, 0x7000000)

[ 3095.999007]  perf_install_in_context+0x4da/0x590
[ 3095.999842]  ? list_add_event+0xeb0/0xeb0
[ 3096.000442]  ? ctx_resched+0x3a0/0x3a0
[ 3096.001011]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 3096.001800]  ? exclusive_event_installable+0x254/0x320
[ 3096.002603]  __do_sys_perf_event_open+0x1bf0/0x3040
[ 3096.003320]  ? __up_read+0x192/0x710
[ 3096.003845]  ? perf_remove_from_context+0x260/0x260
[ 3096.004561]  ? up_write+0x460/0x460
[ 3096.005091]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3096.005844]  do_syscall_64+0x3b/0x90
[ 3096.006404]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 3096.007137] RIP: 0033:0x7f750a357b19
[ 3096.007663] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3096.010280] RSP: 002b:00007f75078cd188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a
[ 3096.011369] RAX: ffffffffffffffda RBX: 00007f750a46af60 RCX: 00007f750a357b19
[ 3096.012409] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000c00
[ 3096.013439] RBP: 00007f750a3b1f6d R08: 0000000000000000 R09: 0000000000000000
[ 3096.014502] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000000
[ 3096.015514] R13: 00007ffc8fa2e86f R14: 00007f75078cd300 R15: 0000000000022000
[ 3096.016561]  </TASK>
09:08:24 executing program 1:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{&(0x7f0000000040)=""/35, 0x23}, {0x0, 0x2}, {&(0x7f0000000300)=""/165, 0xa5}], 0x3, 0x0, 0x3f000000)

09:08:24 executing program 7:
openat$sndseq(0xffffffffffffff9c, 0x0, 0x0)
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{0x0}, {&(0x7f0000000300)=""/165, 0xa5}], 0x2, 0x0, 0x6c000000)

09:08:24 executing program 3:
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000040)={'wlan1\x00'})
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000001540), 0xffffffffffffffff)
sendmsg$NL80211_CMD_STOP_AP(r1, &(0x7f0000001600)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)={0x20, r2, 0x200, 0x70bd29, 0x0, {{}, {@void, @val={0xc, 0x99, {0x80000001, 0x2d}}}}}, 0x20}, 0x1, 0x0, 0x0, 0x20000000}, 0x20000040)
ioctl$sock_FIOGETOWN(r1, 0x8903, &(0x7f0000000000))
accept(r0, 0x0, 0x0)

[ 3096.119912] Call Trace:
[ 3096.120374]  <TASK>
[ 3096.120699]  x86_pmu_stop+0x149/0x330
[ 3096.121276]  x86_pmu_del+0x1be/0x610
[ 3096.121830]  event_sched_out+0x2ed/0xe80
[ 3096.122461]  __perf_remove_from_context+0x87/0xbe0
[ 3096.123194]  event_function+0x297/0x3d0
[ 3096.123771]  ? perf_uprobe_event_init+0x1c0/0x1c0
[ 3096.124477]  remote_function+0x125/0x1b0
[ 3096.125077]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 3096.125888]  ? perf_duration_warn+0x40/0x40
[ 3096.126548]  generic_exec_single+0x203/0x300
[ 3096.127187]  smp_call_function_single+0x189/0x460
[ 3096.127894]  ? perf_duration_warn+0x40/0x40
[ 3096.128526]  ? generic_exec_single+0x300/0x300
[ 3096.129186]  ? perf_duration_warn+0x40/0x40
[ 3096.129825]  ? lock_is_held_type+0xd7/0x130
[ 3096.130496]  event_function_call+0x3d0/0x430
[ 3096.131150]  ? perf_group_detach+0x11b0/0x11b0
[ 3096.131855]  ? perf_copy_attr+0x9c0/0x9c0
[ 3096.132463]  ? lock_release+0x3b2/0x6f0
[ 3096.133070]  ? perf_group_detach+0x11b0/0x11b0
[ 3096.133742]  ? perf_uprobe_event_init+0x1c0/0x1c0
[ 3096.134566]  ? _raw_spin_unlock_irq+0x1f/0x40
[ 3096.135265]  perf_remove_from_context+0x12e/0x260
[ 3096.135988]  perf_event_release_kernel+0x153/0x7f0
[ 3096.136720]  ? lock_is_held_type+0xd7/0x130
[ 3096.137358]  ? perf_pmu_migrate_context+0xae0/0xae0
[ 3096.138115]  ? lock_is_held_type+0xd7/0x130
[ 3096.138785]  perf_release+0x33/0x40
[ 3096.139333]  __fput+0x272/0x9d0
[ 3096.139828]  ? perf_event_release_kernel+0x7f0/0x7f0
[ 3096.140598]  task_work_run+0xe2/0x1a0
[ 3096.141183]  exit_to_user_mode_prepare+0x199/0x1a0
[ 3096.141933]  syscall_exit_to_user_mode+0x19/0x50
[ 3096.142680]  do_syscall_64+0x48/0x90
[ 3096.143237]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 3096.144106] RIP: 0033:0x7f750a30a72b
[ 3096.144616] Code: 0f 05 48 3d 00 f0 ff ff 77 45 c3 0f 1f 40 00 48 83 ec 18 89 7c 24 0c e8 63 fc ff ff 8b 7c 24 0c 41 89 c0 b8 03 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 35 44 89 c7 89 44 24 0c e8 a1 fc ff ff 8b 44
[ 3096.147211] RSP: 002b:00007ffc8fa2e8d0 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[ 3096.148281] RAX: 0000000000000000 RBX: 0000000000000004 RCX: 00007f750a30a72b
[ 3096.149292] RDX: 0000000000000000 RSI: ffffffff8411f74e RDI: 0000000000000003
[ 3096.150328] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000001b30c2001c
[ 3096.151308] R10: 0000000000000f41 R11: 0000000000000293 R12: 00007f750a46bb60
[ 3096.152292] R13: 00007f750a46bb60 R14: 00007f750a46af60 R15: 00000000002f3d3d
[ 3096.153317]  ? syscall_exit_to_user_mode+0x1e/0x50
[ 3096.154037]  </TASK>
[ 3096.238595] Call Trace:
[ 3096.239018]  <TASK>
[ 3096.239341]  ? x86_pmu_start+0x1c0/0x240
[ 3096.239928]  x86_pmu_enable+0x580/0xd90
[ 3096.240490]  ? amd_pmu_disable_virt+0xa0/0xa0
[ 3096.241155]  ctx_resched+0x2b9/0x3a0
[ 3096.241690]  __perf_install_in_context+0x285/0xa40
[ 3096.242416]  ? ctx_resched+0x3a0/0x3a0
[ 3096.242974]  remote_function+0x125/0x1b0
[ 3096.243551]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 3096.244483]  ? perf_duration_warn+0x40/0x40
[ 3096.245119]  generic_exec_single+0x203/0x300
[ 3096.245773]  smp_call_function_single+0x189/0x460
[ 3096.246498]  ? perf_duration_warn+0x40/0x40
[ 3096.247132]  ? generic_exec_single+0x300/0x300
[ 3096.247802]  ? perf_duration_warn+0x40/0x40
[ 3096.248464]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 3096.249292]  ? lock_is_held_type+0xd7/0x130
[ 3096.249939]  perf_install_in_context+0x4da/0x590
[ 3096.250684]  ? list_add_event+0xeb0/0xeb0
[ 3096.251305]  ? ctx_resched+0x3a0/0x3a0
[ 3096.251885]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 3096.252690]  ? exclusive_event_installable+0x254/0x320
[ 3096.253491]  __do_sys_perf_event_open+0x1bf0/0x3040
[ 3096.254271]  ? perf_remove_from_context+0x260/0x260
[ 3096.255019]  ? xfd_validate_state+0x59/0x180
[ 3096.255695]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3096.256462]  do_syscall_64+0x3b/0x90
[ 3096.257015]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 3096.257780] RIP: 0033:0x7f750a357b19
[ 3096.258336] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3096.261006] RSP: 002b:00007f75078cd188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a
[ 3096.262162] RAX: ffffffffffffffda RBX: 00007f750a46af60 RCX: 00007f750a357b19
[ 3096.263196] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000c00
[ 3096.264235] RBP: 00007f750a3b1f6d R08: 0000000000000000 R09: 0000000000000000
[ 3096.265253] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000000
[ 3096.266322] R13: 00007ffc8fa2e86f R14: 00007f75078cd300 R15: 0000000000022000
[ 3096.267395]  </TASK>
[ 3096.272844] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 3096.306343] Call Trace:
[ 3096.306766]  <TASK>
[ 3096.307081]  x86_pmu_stop+0x149/0x330
[ 3096.307658]  x86_pmu_del+0x1be/0x610
[ 3096.308216]  event_sched_out+0x2ed/0xe80
[ 3096.308847]  __perf_remove_from_context+0x87/0xbe0
[ 3096.309687]  event_function+0x297/0x3d0
[ 3096.310297]  ? perf_uprobe_event_init+0x1c0/0x1c0
[ 3096.310844]  remote_function+0x125/0x1b0
[ 3096.311299]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 3096.311954]  ? perf_duration_warn+0x40/0x40
[ 3096.312446]  generic_exec_single+0x203/0x300
[ 3096.312981]  smp_call_function_single+0x189/0x460
[ 3096.313526]  ? perf_duration_warn+0x40/0x40
[ 3096.314034]  ? generic_exec_single+0x300/0x300
[ 3096.314551]  ? perf_duration_warn+0x40/0x40
[ 3096.315051]  ? lock_is_held_type+0xd7/0x130
[ 3096.315548]  event_function_call+0x3d0/0x430
[ 3096.316042]  ? perf_group_detach+0x11b0/0x11b0
[ 3096.316565]  ? perf_copy_attr+0x9c0/0x9c0
[ 3096.317035]  ? lock_release+0x3b2/0x6f0
[ 3096.317490]  ? perf_group_detach+0x11b0/0x11b0
[ 3096.318063]  ? perf_uprobe_event_init+0x1c0/0x1c0
[ 3096.318755]  ? _raw_spin_unlock_irq+0x1f/0x40
[ 3096.319411]  perf_remove_from_context+0x12e/0x260
[ 3096.320103]  perf_event_release_kernel+0x153/0x7f0
[ 3096.320825]  ? lock_is_held_type+0xd7/0x130
[ 3096.321454]  ? perf_pmu_migrate_context+0xae0/0xae0
[ 3096.322241]  ? lock_is_held_type+0xd7/0x130
[ 3096.322932]  perf_release+0x33/0x40
[ 3096.323512]  __fput+0x272/0x9d0
[ 3096.324183]  ? perf_event_release_kernel+0x7f0/0x7f0
[ 3096.324940]  task_work_run+0xe2/0x1a0
[ 3096.325515]  exit_to_user_mode_prepare+0x199/0x1a0
[ 3096.326214]  syscall_exit_to_user_mode+0x19/0x50
[ 3096.326912]  do_syscall_64+0x48/0x90
[ 3096.327433]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 3096.328140] RIP: 0033:0x7f750a30a72b
[ 3096.328630] Code: 0f 05 48 3d 00 f0 ff ff 77 45 c3 0f 1f 40 00 48 83 ec 18 89 7c 24 0c e8 63 fc ff ff 8b 7c 24 0c 41 89 c0 b8 03 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 35 44 89 c7 89 44 24 0c e8 a1 fc ff ff 8b 44
[ 3096.331210] RSP: 002b:00007ffc8fa2e8d0 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[ 3096.332304] RAX: 0000000000000000 RBX: 0000000000000004 RCX: 00007f750a30a72b
[ 3096.333279] RDX: 00007f750a46fa68 RSI: 0000000000000080 RDI: 0000000000000003
[ 3096.334279] RBP: 0000000000000000 R08: 0000000000000000 R09: 00007f750a46fa70
[ 3096.335264] R10: 00007ffc8fa2e9c0 R11: 0000000000000293 R12: 00000000002f3e80
[ 3096.336267] R13: 00000000000003e8 R14: 00007f750a46af60 R15: 00000000002f3d3d
[ 3096.337271]  </TASK>
09:08:40 executing program 0:
perf_event_open$cgroup(&(0x7f0000000c00)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x1410, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

09:08:40 executing program 6:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{&(0x7f0000000040)=""/35, 0x23}, {0x0}, {&(0x7f0000000300)=""/165, 0xa5}], 0x3, 0x0, 0xa000000)

09:08:40 executing program 5:
socketpair$unix(0x1, 0x5, 0x0, 0x0)
sendmsg$unix(0xffffffffffffffff, 0x0, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
pwritev(r0, &(0x7f0000000640)=[{&(0x7f00000002c0)="19", 0x1}], 0x1, 0x8000000, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0)
r2 = socket$inet6(0xa, 0x1, 0x0)
bind$inet6(r2, &(0x7f00000002c0)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c)
recvfrom(r2, &(0x7f00000003c0)=""/87, 0x20010397, 0x300, 0x0, 0x0)
sendfile(r2, r1, 0x0, 0xfffffdef)
setresuid(0x0, 0x0, 0x0)
[ 3112.740936] Call Trace:
[ 3112.741416]  <TASK>
[ 3112.741757]  ? x86_pmu_start+0x1c0/0x240
[ 3112.742406]  x86_pmu_enable+0x580/0xd90
[ 3112.743009]  ? amd_pmu_disable_virt+0xa0/0xa0
[ 3112.743694]  ctx_resched+0x2b9/0x3a0
[ 3112.744271]  __perf_install_in_context+0x285/0xa40
[ 3112.745011]  ? ctx_resched+0x3a0/0x3a0
[ 3112.745609]  remote_function+0x125/0x1b0
[ 3112.746221]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 3112.747083]  ? perf_duration_warn+0x40/0x40
[ 3112.747753]  generic_exec_single+0x203/0x300
[ 3112.748427]  smp_call_function_single+0x189/0x460
[ 3112.749162]  ? perf_duration_warn+0x40/0x40
[ 3112.749849]  ? generic_exec_single+0x300/0x300
[ 3112.750565]  ? perf_duration_warn+0x40/0x40
[ 3112.751230]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 3112.752079]  ? lock_is_held_type+0xd7/0x130
[ 3112.752751]  perf_install_in_context+0x4da/0x590
[ 3112.753481]  ? list_add_event+0xeb0/0xeb0
[ 3112.754121]  ? ctx_resched+0x3a0/0x3a0
[ 3112.754739]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 3112.755581]  ? exclusive_event_installable+0x254/0x320
[ 3112.756396]  __do_sys_perf_event_open+0x1bf0/0x3040
[ 3112.757168]  ? __up_read+0x192/0x710
[ 3112.757729]  ? perf_remove_from_context+0x260/0x260
[ 3112.758514]  ? up_write+0x460/0x460
[ 3112.759082]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3112.759907]  do_syscall_64+0x3b/0x90
[ 3112.760489]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 3112.761282] RIP: 0033:0x7f750a357b19
[ 3112.761842] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3112.764654] RSP: 002b:00007f75078cd188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a
[ 3112.765819] RAX: ffffffffffffffda RBX: 00007f750a46af60 RCX: 00007f750a357b19
[ 3112.766877] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000c00
[ 3112.767958] RBP: 00007f750a3b1f6d R08: 0000000000000000 R09: 0000000000000000
[ 3112.769053] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000000
[ 3112.770104] R13: 00007ffc8fa2e86f R14: 00007f75078cd300 R15: 0000000000022000
[ 3112.771202]  </TASK>
[ 3112.779829] /dev/Loop0: Can't open blockdev
sendmmsg$unix(r0, &(0x7f0000007cc0)=[{{&(0x7f0000000200)=@abs={0x1, 0x0, 0x4e23}, 0x6e, &(0x7f0000000700)=[{&(0x7f0000000300)="95645094a5522435f850ef3f6ba0fd32e060919a7102b4a8371ee1f35ebf551577c5d9a122f8ce7057697a71c250ebde901aec34fb89a2fd89030d4ccab0f032650fd69f948f19ce4b56b6ce5ee7668a8f989549c34d4641700918b714d5c46e5689fa95235069a0729d3840d1cb7ddd77f2fd59676861", 0x77}, {&(0x7f00000000c0)}, {&(0x7f0000000440)="faff864659daa4222c273a93910bef75403516153bb1a59e3191e42524661b1ec69079851d2dac405540dfe4cefc67522e28225019e261b6dfe807c2820a6639272173b439bc5b2f09f13831c0f51d983fcfbda18dec5ba5d36f339b0c204863f76288c38d35dcd67f1401827ee3175eced4128b268a1e554e67b9546aae53930fef9afd8b69b58bb2f7f5522b2883877bfb944cc91dd6f954b6", 0x9a}, {&(0x7f0000000280)="12e3daba55e4997c0ce2225a5d1f5d52428f2f0312", 0x15}, {&(0x7f0000000500)="7550a8f163fc8991bce57836bee381765db67cda7712509e36f370723786cff36731b6916cd2e817af4ef7d642bf246ebcf28b2f06b94ba79723135c9a6fd9b161", 0x41}, {&(0x7f0000000580)="7e860dda7f004abd68d03bdc6c146ad7bcfe23d787b6dceab35544b55d343d6884ad50b9f0bd590aa0cae8a761ad78abc1ee3b4223dcc0b8943c20aa81cfc241655fd5ecefed4f7d327c1ededf7a1434700a7d3ea6bd2f48ec7fa18cb422a57f41d340d0a6ffa1fa794257ef0922691d55a3c40dfdf9a57b008f964ec55896bf52ace85ec54a", 0x86}, {&(0x7f0000000680)="78b126fdaaa1503184d7fe0b28899db59ae53aa56f537dbce3b42f17897bf9c75b01ab6de3d89587cff8e12d592209aec0677737449bdce31fabd3292b096ee37dcae864bb751e9f0b2e404d62f9bae5afd5a2802a90f8", 0x57}, {&(0x7f0000000380)="4ea15a17d4e9cdeb1f870d83dbc76522d8561beff409", 0x16}], 0x8, &(0x7f00000008c0)=[@cred={{0x1c, 0x1, 0x2, {0x0, 0xffffffffffffffff, 0xee00}}}, @rights={{0x14, 0x1, 0x1, [r0]}}, @rights={{0x30, 0x1, 0x1, [r0, r2, 0xffffffffffffffff, 0xffffffffffffffff, r0, r1, r2, r1]}}, @rights={{0x28, 0x1, 0x1, [r0, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, r1, 0xffffffffffffffff]}}], 0x90, 0x48854}}, {{&(0x7f0000000980)=@abs={0x0, 0x0, 0x4e22}, 0x6e, &(0x7f0000000c80)=[{&(0x7f0000000a00)="99359dd14726068fa20c10651878337f615b083cb97f028f9cf40869a2f90817ee7166c580f2fdd977c8c210a56c38da827fef6732d005e3bcf428d042c77cb68b044db3b3ef5edf5d7a835d032b58b2829a059c6c84c9a19784f961bd7f11695cd30ea65984ba4852fa39aeffa51ef704", 0x71}, {&(0x7f0000000a80)="7697311b36525b156e92d4823aa7f0fe9d165258d95d59cd5bdde9ff1e676835bb6fca60359f3e5218ef7dad80fa6c993f0900000000000000c8b02c8a4e50a7da5b277c5ba0277a54e011e3314d2a1ee8838e190e361cc7b8024bc365fc419f72e70738f40a98bcaf4d51696e9d8c0bf1b35f6bec6afb223c9767bddcf7da59ea54490a9c964442767bb0695853b1c18f4ddaeed9f944f659b1bd6eba25e1a780f8b6e93dc90a8d01b966631ba55a4a73f38a3f37e4d447c9f4f78426e0dc03641174efe454f1f9e1b6e93a42ebaf3ab899743b763bb38ee0279b49a8b305d5c15015090acf1e16ff", 0xe9}, {&(0x7f0000000b80)="767978e07ecf0700f4b9b2054fb50c4a9f4901e2545e84d94035cd26105569d0c04e41ad9a7d98b54e23f594135b283ca267d6620d769b730e10470d5857318f75f27698b51b04ed022bc15ed13e6e7301b59d40d51a33c1f801956131094668347e", 0x62}, {&(0x7f0000000c00)="4cb9b11613e75c6bf0448ef5adc903b928ac0954c3bc57cfba177ef2f4330773e579ed42fc201b74", 0x28}, {&(0x7f0000000c40)="b87391ffdf66ea9fed2db19791f6efbb9758", 0x12}], 0x5}}, {{&(0x7f0000000d00)=@file={0x1, './file0\x00'}, 0x6e, &(0x7f0000000dc0)=[{&(0x7f0000000d80)="a0f42f96c39e386d6a311c88331b80b969926073703521cf522f3c20b5ff99699ccbbe9336e4698a0de4a7449c78764cae2b", 0x32}], 0x1}}, {{&(0x7f0000000e00)=@file={0x1, './file1\x00'}, 0x6e, &(0x7f0000000f80)=[{&(0x7f0000001640)="4883d9946fcaa8590ecb7d0941b2711247889e188ea5b66bdf1b72e995be7967b939a502282cd40dafef6e1b2ee004c8a7679e2cf3125ef99091082a51099d0302d7e5f3f3b8a2bfff6b02babff93578aa7dccd6f9eeb588d7aff6aa1e77d8fca98545191a9069acb0b4425fcd1e4e5fea772c934d3f98c44aed70dcaa8760a215b1fdafc2caa2e8c209a7ecb9461471897e2b2130efb7bd450d228421657459db3c633a1b548c93a97b5aaf0cf138f094080cbe0e528fe211adb3ce4c2e2d415b3baf3bcc0ecdd40ef7bf7e64592bd763112075a3262620efcacd0ad200feff7b26d42ebe1ca61cd73c31d159a8b66d8fcfbdd318813d89dfeef2fd18839f4ef309e0e71e5f2945cdf5f3397de4588c80c87c907ead93b3e70f84e46d5d58cb5dba7c2858c6898ab3a910696b4d82031d5eed696ead53b5eab354808f1ec558baa14954152e5449a8cb4aa19f8c80d9b691b70c8e3c6156c4d52c52d0c9040597c07cd4985c642f01b72dc5b21f6c92aeaed4fb256430b3ae9308a1e4a65e832d108781fc1d00e705f787ee7560d58498aac558d7fe6d09be25161d872c5424b997d68352bf65a933ddc33e890f68a01a3a0da2a88e564131ea5074e3cde93a85f539160576860dc119d5ff87fe454128b8a7a0805b037b9e11b1e82a6dadee93bae0da8d21191a54f63eb384bf42fb20979ba88ed0d419add71c97bbf995e31f2761b3c2d319965c9b57efdc2ec0f27ba1bce07ed6a768020095e76814a8f6c5ee33adac06e0af33a0781644e0cd8dec2c0cab64787c89241c45dc28fe84676ca86bd211b24acc2c376180cc2c503fecc6d1cf851605f08b24db74d44965c85d902527d63796702242df6e0541dc4b8e35d90b794ec7444b73a0c3832b8625cb53b1fd28fa72dfa21cae3782e86e06ebcb3c7a935b1690780d21d9f81263d85b7d9db8117abd6d74c0e0d617bca5ffa2856ed07108483d592987e2b5610b112660532733113b06f674491d92312dd4b1b18887569d3ad1fa32f68087e8a15af22567696b2243c68545fd6a2f3fdf376dbfdb11ca44de5e28777b6018f9181e3784d1b6fc1a647e9508862889f4e929ec2ce66f0552b62b440f69a41d0a701b2d2adc88ef4cabb560c17ef94193eb0b07e564d6d4d327d07a01ab4b1742e049b4c05bcac80a9553c556ee9f84de6b1437297c84544f3b29bb1e347a046c7b4448ccadef2eae5cd3e57e5d58582dd6e690d920a4d46aea7e80a6264ccb5d0d39050a5d31d203d97aed5cdd0c11062ea483b9bd1faa7caf5c93f79c3d55474129a7342052a8e8a5bf5cc3aec06578eb1969138a2cf573d08143a113b19f1bc13dc01f5a062cd53849f486ef3a0121f3b9c0fb5b798c63c4e999fe162ec3f1b45ae4383385a5568540c882216be05c6c3904b87e3f67d92c02eb9b638597846498ce44422ed02fee123cebb5046f809a325845267a45525c9668e57d69f5722f6f1f2542ebe68c5f7845190ff1a2634b98d3d4cb5de4f2c749c711a9a967ee827fc5e8bff1f7eeee7cc7b8b4300a5a3e00e15068e99b9c24432ae1eea9991ac28a3b98dc3f576ee697c4130d11a9c55ff6e505ad2cc6d6165ed37b66c66c00239bd5c486cdaab51a1e1ef9bd6a2c99ebf96512b6c1aa4e8cfe973338050a956d9a4cef8cced2f448dc93f478696aa5862df07803a569aed830e43737830acb4048a98f3a61638be3f3c4220f18f27b665072992ad355f41a84bd954972658847bf0d71f88473fe4367054736981632f7a02521b3c7e0bce7fe4dea5c197e4335c7b6a17090b92546a1c3cb727a413d83061d3c14b437196d473bc4cd6a667a92c092ac6d5a8c8059520bb2030f9b2346e021a8ac9889215d5aab3c9a96d943be3ebe3b3d378027b94d8fc57bd8e84626f03fa1f98935d64c16f34219cd2922797584b3076504001bb94bb109779e8343aeb62107e2910e9a2aa72eb72b1b19e08c21c28e9c78718c76205174a759580b2b80399a5ba0d285941fca44d5ad0ce2a0bac0dc7ecb3fa2515485d3bde376a9a4c4c874e11e0d1d03fac86f7cd5e5eacffa9e683253c581bdaf41908fb0e0b1d021ca330fcb4e096399ea6edb7600b56b5ad0cbfdd72f6f07e09ba25b79932dcb78cb91a200235bd65fa1848bdf575c9ed445745cb0867b43c1fbaac292695d9edb41ce65038aa78943d67c1295037a43257743418a706361cd2afecf8c593452bbee25fabe5069f25121e0c701507d2b19552d51ef0e6126ddcca77bf3457dc2f63d7aa510ad29a4e9f24a125c4cdff43482d0cab923e88901a847884ec355d2bbab2d4cb86196849ec81bffeacdf263d3f90ced6ff086df44b71f5a8e67b2b461ed1f728f40bb5387cafadc96dcd7d014402a92498e4e4d4dd3fa4e30eb0dc4f023aa781bf082cd33422f6cd7a601e53da107cb4f04a5e21608d9184134dccfd5a7ca2e086a2455381507fc8fd37b8795a897dec4e66c285d57559b7461f91a7e1092754b632d063a19a0acf1e72e79bb059a63974900eecbd70aef3166854c17d8ebdd0b88b65f7bf87eb58dd2b1062e15a231f1e77e6bab53ef6f8dfc53eddd504b9936a4f421f7179d6458d31942c4b37399f901b86f3987b9f7f9f8f0a34dcc1c0e0ed60cae1039e625be280d346467cd34ca564eec705b6d8c50e053fd31493607e4266a244ecf13ad03e084e87e2905b9cc11b4a137a2d8b62331ae140b8091960ecd4b311bdf4df89e4ca671f09f249f9a488d4a1903a3e323bccc17720dca606996a5419066a02471a9619277f789af7836a9ce7e3db9cef01b54b706448398daea2f4c11ce33f53222c1fd92634442a094e145a6adbc61559afffcc02f0338b04a7a8cf3a12d03a85601b4db5a8e5eb5edb4828c0ed784239a8cf2422fe6b871b54cfbb73b53e0d41b357fea800a3ea38c4665a10b872e953fa3d3d161246e80fb4b17551a2e656f4367aebda84d22c9a5abd5bc997216f8859f910d565673bc54d81811be13994f5697c4e8c129cd94891aceaabbfb788f1cc7e87532ccd1bf71e092c3ed6d0390ca237874758ac1774788384f4c9e9f0637333fd7a323c30a360405c31769d906a05cc76939d281a46ff329fec35a413e1b0f9dae6b44344cc4ec763d6416002f02b1009a42d88484511fa6ead7eeeee8c77b1d3da54341100fba47969a3da39ce37f28b11332f38960ca73043028c25ce4d722eab1d6d3825ce86910a18a523e2d6b133cebc24dc7ff97c75feef05defb51af1d886d3a94e37bbe8c4bb7aaf2b2480c99349fb36bc1797630390539515b0eb0a27b4ae13a9c8e27f7aa907170211c6387b693fe854ed23a86faab5a2c6695de5be501e9886f6ace6ee5d4663fe26fe5a97a7baedbcbc43a4ef1cad45ffd4a2af9cd49f34554be995c62970894b4122f5fe1764bdb93ddc8ce5b25cfbffe4b701c9c00fc0656c698050edb0f6731f79f7f34a3d1cc5c3a63d8d7c0f62d2f743aa948648e057b11e0362e5e9186a4c4f74047ca00f8b9bb15dd1abf066e082ffe249d04abcaaef766d76fd84f1cf6caff946435f1053c4b1f1e96f5060d54af78aa943aa40c0d592e6525129c60e0256c7c20e51701b0fa6016cb484ad0e0a44de21064c2be36c40272d00126106514892e861354be0f70639257e8a6bca7fdc870d17e2d521eb64a832378586b7d6ae7d6e6bf64fa78a0e882d370b5db2020d87687fa1f032ce7917499dae5ef8c81e39404daed3863a7938f4c6e269fe8a1940897e602ba309b7fadf43fc826135548d2fa71242c19cb08ba04e5806c8ee14f4572285e5b8045532a61318cc3e679275a916e3d8661141251ac204a87b12b1874e4abdf9719edbb7fca1155eb969bb2c6bbe53dd6a727fc8bf5e5e79343134c4a7d04e60806b2d744a3fae813104fb7458d492c1043328c5ba159c8b2902ac869d6907694757ca740953485700321260c47cc44fb0b3fe91a9ac9367e21e9f043307439e350886e46583b4b4b0bf0bde20f98ad07d03132bfe1ceffb28816e86372ca3455b9a3f9cd46222264e49a88d9b400a6c35eb5f68d95af9e26b8ef9982f443f79ab90f31e2ab78a498a1d154a722acc69efca95d90539fa9d1313b9f6bf13f7fc0b41223df46f750d8e7f53ac8a85b41c423a6dbb8a33d812324c407b41debabc0ba31b2b34a8655a178f268f5d960bdad3dcadc5dd5cb5de369c4d51c6c7af69cf12f83083602602cf7a6d492e08387ab6b442cbd4aae615325b1858000bf2a928540746f130e7a9ba572733dc0b8e079d5df81227a73aad65e905c5356795f82e6eb478b36b0c10aba2faa0d0da86cd2ded9557f118b61a4e43dca6e60c5d1c00ceb7617693c5fdb33292a481d316ce3ae665588f56e99537b0a255af6ab635c0f3718928830dbe67d87bb4c9963df70a0c8c290b25c2f77045d451d04580cb41c8d1b2b9022108e5c156bba781b55a89529260d2ae659854cefb3650be56afd530f1c3d9189b01ee5ca5a258f45fd7f4117b48bc7edb408c6a0661c46c5ad508a6e39ff210b98fe8e0caafe7382d6246192c48634005175d25168e0eff873ea84df4f7628bbaaea754d58d9e749a35a4484aedf665ca258ce8bbf7c78f33db846eaf210ed12c474b86e848ff134eb445d9dfa8944936b097ce4c7e5662f1470cf38f9f263f737914f85fafdb1940fb096f93ce3bb71488235c2948ea8ed4f76b09a591f806766f840a7048643ae9c88e809677c0d40cfa2fe8f63975d033963a675ab0973ed71a9a3225fb29412cbb69e8b92b9ec50e36c0145f191ed100844ed480957c547cc32982a699cd9594317f40597b5f4d6a042785c68ac2eb1fea630f37f8e3876316585fad1c30db8fd3b2e85bf0dfc913c4835ce2dccffb3aba7133ae4faadea5298935f8a1a1ced88fc0680fbdfaecf3241ee279faf426b1d9f23a385600ed899035726f88b9da6877093e26f9315d28cec2604a95a19571a677c7863f5d6b7258a5df95457c7bac7616f12a3a54e6e35f948b022a26b9cf595861041451faa44e3fbe5ea915613cc424bab96cfbdb1ea915614925778a820f0d029f162e61b9e30290a6585022098babaed4793cdf1ca8ca9d63705357e3121c96c788a7a87ec652561bd34503d8d1f4337a8257d2eb3d04a0f75a62bf395a291d606c97aad5b9d9bbb430f3a59f2d72e42c71ae326fcb0605298da52bb195ff36a1cf0e244a1e36b929475ed9b959d0c967c74ecd1c9ac6fbb55d87e6114fc723728473ed877b9cfe11ac730cf245c6fe5cb9756cd5156f5e86c9e622991a58921ac8bf1cf5d8e5759d217ba9813b2b849a0a056585dd5e31a9c0470f8a3ea8fb010011cc5e172a6703a389016d65b7f30f42bd38abffc2ab4159b2d651b41df9901c4a0e76cc405f3ae962541c167284a9675457110174564d6ca99da0e41118b11bf8b68ac5feebefe89911c0275858f0967bf88745ccbd876de784fe8dfa5acfe34b6826672fb3e56284a10c28ebfb3f5bd1dd5815959ed47135374be5c583d2a1c1cb4b0035634fd374a2ba43cabdeb9b24ab32f81603039fbec89c0a361876257824a1f3d6774e8ec78ff33f1596ae62a41b1f79072df39e18926ff4c12b79fe0526e8b7cdecf6df9eb3a27a37814f114982244890fb17307d7391411a4794d90ef22fff9815f7545e7a53185ab10d79162a201c5dacff600c9a94e54a627c7d92697bde3d0c4dd99cd6e23d2704ebe1c92591e1740d44d39ec4bbdf986543ba2063623534ba4ce2", 0x1000}, {&(0x7f0000000e80)="121d2cb68b093d3295aeb9592e10142d0e50abdbaa55dde74674e3de06471114aa233811e37920854c264980917e0ab738eede974d01ee502c25610304e893fa147e249424c92ec8bbf331dd0b1c53fa648af00f9055762c98d4f348ead371fb6f9f7ef0ce7c", 0x66}, {&(0x7f0000000f00)="627f88c65ef6b2c74669d319fddd8e3588bc5c53c2c75448b80b92b20595cd6c9139e7a1e6aaa20fd6dc1f550a22e271d0230039a2f06363283caed1d1f163ec57c547599ed80ecb9797eee6bc1e3cfe03442b0bd61ca0032547b9420b7dbd36", 0x60}, {&(0x7f0000001040)="9d7f0f10534ffc811b9e604956d586f35d39c6f465aeb229cb4aae0342daf369d4c0ad26aa6199885fcf51a12ddf86b9b8e0910a82ddf51fb827f679d194bb833305c2a4bea437f576a7fe16180a4cdad4d891505993eab6e10fdabb46781ea42615d14fbca5253923b0d738b0b42acc0992eb6f6f2cfe215586aded13d866bbb5da3a48180d0f41df3240fa081a2e1b405f38696de9345863e86778a0ee2160f187", 0xa2}], 0x4, &(0x7f0000000780)=[@rights={{0x1c, 0x1, 0x1, [r2, 0xffffffffffffffff, r0]}}, @cred={{0x1c, 0x1, 0x2, {0xffffffffffffffff, 0xee00}}}, @rights={{0x14, 0x1, 0x1, [r1]}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0xffffffffffffffff, 0xee01}}}, @rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, r0, 0xffffffffffffffff]}}, @rights={{0x18, 0x1, 0x1, [r1, 0xffffffffffffffff]}}, @rights={{0x1c, 0x1, 0x1, [r0, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0x0, 0xee01}}}], 0x110, 0x4004815}}, {{&(0x7f0000005900)=@abs={0x1, 0x0, 0x4e21}, 0x6e, &(0x7f0000007c00)=[{&(0x7f0000005980)="62e0e25e6c79b6188f8042f4d2e30d8aa2f85edb5db80a57d546a2550c6ffaabfa758eb0004e36b6aa7fe853208cee79564f78c9b547adb8d4a4feb0f90389fcb09e90e6cd147663680440c3fbac9321d794353717ae0db366b12f87b40d8dd331603377a136342530289d0b57c0324db0cd6f27dcd8536d3ae6e74530ab4b12d6a5d9b2a2b4b1c79360362720ca1c06da8694af31190be499ac29cc0f9b11a186b222bf6177b6c7a3b02acf57d583a13ef350e8d74d01de591bbea063b6d3beb725fb99c155f199dcfe", 0xca}, {&(0x7f0000005a80)="73dc0316416aa699e86f34fe5e95cdb7a036529cc94d6d3fb9a4659ca32f9161a4b6519c65aef57ceefbf71d1bf8609fc52828d0a384e663745efe2b503ad5e8415315080750b1888831b6d126912dd8dcefcc5c15e1cc51f882ba64426d3782f07cc0b555de7de6e831c841c719b686e518c0740715cfb1d04787ffcdde1686fea4519f2fa39d8f57176811f1b517d5dd72630097fcadeaac8577d213a96af8dac51d26caa6784e94cb48acc147692bf218e362c4cf6ab84443840f1f2b87661a76a9bb0baebe4c01606ca65e2582c2d5a640ebe1dc4235af5bbceded658858de92b14c1304be93ef3b1d4f13e7cb4df27e489dbed1fa1dda0808449e97d7f48865bda33c544c02897215fd05c01d9b7f7be379b2f2384522834dd89a9885d23ef8096d637a733ebaf8caec9364406c6d9e6c81b52cf893e849af04883928bb00fe5c602ddce3a50430d1c12711d8524e5c55537d830917fa2413284c2e59012ac4ed1d9d96b4151d1491ee06eab9fca20a206963c5aabefded5afdd9ffacabd66fea8630e252668bf40ad74b2defecf7c90632818e0f16456fa7e954e687fbe267155b5e725966f4045bbe7469b6d9f286c092b57ba7c6844a75c7951567f5196b6f32da8d84b265fc18280dcf258af01626474bf27cd3c364c871e721212e56f67ed42119f3f14262c16e1c751995e6b2c4117f8ba6f4c7156b46ed1f3e8c7f402e160de6aed3704842ef2ce3c7823f9a3c627deef701b3500675342ce0e8b78656690e61235151071df90267a721e3e07ebc8f22dbebf5819c7a1762bb15f00edd60d29e034694c6a2cbc3299ddf8fbeb5825cc79d39979e0cd078c6344c2f517296be231df1872f2371bd1ae5fa387c60b76b0bd66eb982b0351d984b5eb2f3a68517584198b9f50b75f6399e71d4ff3f8e0b1645c6c5891f5b112016303f0dd10e8233169748fb41cd7b81be64eaafc32b3d2bc452e8ae689d2baceba656b23b167132628ff84d8c3de04b9c4d0edadf7747aa3f55faecfbe5072456232e42b556eae981d4ea2c76ba26fef7fea0b9f716d1ce03a076ba34d418876df45b03d98fb8f7d93abf0fc22d8e574a30a562a2f2e5779ef216f457621ab34ae1f9e85548113c3af8611ff6649bb6efb68ff77138465196d2ac0df50a5f8abf86b3952c92c04db6cb2613d1af62e3b0ae9338ac9b31cdbbde4f9d0b40629a1d25454c62f1d6a9c926abac9b12909561b4c813cb2588f6693f74d407be0943ec24f241e9c431de4a9066836f44995e05b8fd1f755bb210ec2ae269f994af1ef59e7031606c6aeebc4af7974b466cea73658d94614e928c4b10bb5b238efbd482e828d7cc61c2f140e2667a9d6f88e5a88db0771b9edb1cf15f7d524a653c8df772bcf9610f599911ca4904c34712f6104dec357437e4f9ffc6449215caa0adf9d966b61456892a35f7a4d278a93dce61607b1b968e0a5fbe5e8535d75743f54c649b15957d806a2903ef2e1d65313f3d3af81f30a03a8e0ffe5d2a91dd85bce545ad0dcc92513942d9356d7c127f7920a63878a7ab1d66427ee09259becfa0702feec24fb981e0a02c27928c37242a1d5dbf81afdfe0ceaa7c76b122cf3f717e193a1e7dda86ac48bb4792cd0a25b164d00470fe79e70dc93f1102fe87a75573f5c7da7f47fab65680f08434bdbd4cfe855d26b3bc33072853e80368c30da037a2b6ff2b1f72af7dd240dfcde1a9e1ceba65888e386d985ffa6417afbb07d3435b8157fd33f71db5aa5488c8409fdaffcb72fc876c269f60d654685fd5672927505abd44f76afb9148c2855f914b5e11e4892ae152824d7d1ea60d6fa3552975b713b73108c16cefb7ab1172b7a2df435b3e7b8cdc27bfc023f0eb13258988626c7cae761a8abc62fa2ad3e4b7dc7cbb86ffa4249d6154d9b99369429499ed6e7baa12075fa3f7a1028da2bfe7151ad1159291b535311fd2b7217ff4a7ea6e0b164514cac11c1bc60c9c6d16be862e270d11ab56c32b1d7ff4c93d9c2d95e53718663003bec79dd9f052e3b2606a5703072e7375b114b595a61dfcc59757da7143d1bf188a66fd2ed4008316f8596f5400b58225b416dbeff2a6479dd7249605c1fc4e4dc016b728c67ed45b49190d8c417af6b2af44e44797134e1c775f94796ffcd268f25be2e9576d9fafccc0db8eb4e5bb0cd683b50c4da3e5145a65ce4739bc558ca344c22fe498447cf789feb7262e2f550d24b2cc6c0af576af4599520054a08ae676388a0928b332261c9ad54fa1f1e55a148a82a68c409d8464d656213c13fbadc8964c7e8b0c138063fa4de99740a012bf6256263865f902dd627f6d2a280e359f5a23c1e63fe526e627a8033676b5044f2b1923362d4a9c7a6b73d51bdd3ea8fc6df7b462454f1ca6b58c70900ddc2025091bb982aca18201da87f2c97d2df791b5e2bc38aa33e9c1753731c5819ff8581179a4862353556ad7888e1e325cac605e9637847451c28889660a32fac834cee0f73ac87d5b029e8d02531bfa3ead659b64381b480bdac45d1ad795af8e9cfa8436d25bd662bd6cf87d45b410db7e8600874c2c71c7bd3c3489acc24b8ef93ba3bd94fb48ff84cbcd59397d2b634d2ada5d20f5d236158a4465c4fcdc0cb186d70fde7288899a4f43ea300ce6e84f55a5d2442cebd1e9e376badf4b1d667dfa46b4f38bfbb069a9d9b261a0c848627eae190138aa1d9ce220bdbee8b70436f5607e13adfa646eae499325b1ad913fc0b22544f61ae4271936f1737a3f7b9ffdd6268b1ea4d9e90915313682986d8018c70ca95c4294b69cd2f01a837fb25e17646c033b2c511d57cd8c7d458f42bb131e1d16119ce1d98392e5993a75f688cadf53607421a1e6a7bfa1cc3b35b98fd1a7d1491d7bddc659a19531c791ac5263fb418234e1e063b435a0eb97ae3af5992858365571cfbc2cc1f833c7d9c5f25a75f32d93c948eb5441f585fb100ba4b0636a3b6957921992580ed42f30dba7317171706e124995aa03b4619665cf68946f2f7d7e22544975ddf8cfec19bc6b0462f2762a414637b72bb07635d7c0aa3f2a2a4d3708f3396761ffe090f6d56d144a1b23f7ae5a62363421125e739d7b6f7f6aa7c7df208009849835179607a5ca4359b285949f49fd70572d8675ec44364954b29731243de457ffc87622aa2ce36eee440e554571191b401a4292b452b93a26524220533845ffd1c3f4fb9491e72d4253435c395c44f7670177781df2f6c194b5a5c33d489c332f32da1856df99ed6154f6befddfa1e1945faef5893d0745b7792d67caa2d8ec67666c36a6920613ccde59a8c73993b450166624862651f1ac77a1e58bd174ba4c2880c344da85a79e33b8c45930a794ac2ace6ddd414396a98db97aec0ef2c4db49112502c9ecca428b53e0dfc141f323ade0c797426c8bae1fe7f2ff826c41d773c1c3d1fb4dfdbf2596378dbe07c09a7d0cf3440048716b11f62dc4e4a79bf81def6a2424537f5edc2f507970c4f4b5a51bffe65d4b9c88859d577e83c0b850a34aecf2e78beb3de0ad489ace1696b89f91bf8429dbfc6f26ef2cf22792d7d928d147c9aab2384dd34ca78f0181d9258370853b54440c72396e28835292366ae140f3181bc91d4cb25a7fad475dce6ab2ca47996ea6a597bd968a759ab291fb17de6154a0a17449f2a67e85216f656aadf5aff2bab02329de7b3a824bcc794d8b8c5cac5006a451209843cc33911687885d3a52158157f1bbae968ab3d23cc573bc7ac0403c8419de6e99dda14393b072f74b1a9cf1440097fd229c0c823a26ea87a5baf1b85fb942e830dd53c462c7d283cd68815fb838287c28511f161594caaee79b7671b9e2da2440c26fe85bfd8f83bed2b99382fcdcff839aef4ebdc3a1bed86beabf3e12b3c7e48e36ae702f867b0b963212b53974e9a081023016764996672d9974f72067d5498e285bb3e9379b6fc2382a1cdf14b26d2898861a0e3c1a782a05989dbef7cd0e7281c2e963f1572d374f641ecfe4e47fbc919e5c97e1d474737cdc94e9a613dbfc8fb5f2ab3da992b30edac7c68c13f9b6cb2141285ea88a40d9e8f2776d3ab496c643347ac504aa4fa3119a5af6e4d68c6967c14962a0b319ec03e3abe77aab762b94669b746945b8c886f3fe4646383cb68eabf91da99edd21afbe235a40c45c30c0d3518c0f0dcb0be364d75b287301520e118a4796c7a7ee28fdebf1ecd659f8b4c23f63378c28de0d1b479c54114eb434c3a40eb58587be83d50d50bdde45dbe2716ba469561ad8766d5df9a5c666fa7786e4f1494c07e42fd2dbcfac775e88c2cb93833cdb68750bdf0817949a2d35c354d1d9a2c09315b788f90f652cdded8c3bc02a3c00d576a120235c4e4c92323a128daede4915c33aa1ff7c2c7f4ed32757fc29a1599d4f794cbbd9d205038e668f1a7d84723c6646289b1333a3fb38a446c499e3e4de84e65a2be696be0729fdad16bbb81cc518c05e4db476911de937d17313a93922bf919aa04172f04628bd907e79d5bde55a3ccfe6a4c4cb5aab1bf858efcc9b598e45d99c9e94c30f28aa0e5edde9bc5dd2af3485709ef4a793699699e781e9dd29451ab99988778a2b347a36fcdef8cd656226f9b63532b29248e4359c5ad0217903836d0a735aeac816095cf24a2348d2372faf452a83192b5c3e5867beb2ce679d68fa58f8fd97759e5795426ad852d92fedba2d5756091690c1e3549875792798b465f893ff1c2caa50dd7f02a7eb95b5b4d3ea41dd8240a3699808ba757b28787416e81cae817ee99ea09390cef2114699b49022602d5e4250c7b6ed47ab6683263d4d805c3c8252b383de110ee97622a552f9f40840c912609f6de8f06c2a368f4231333222bc46cfb348881db5fe547b40b31d6e7ffc1a69cd280c89cbc022035cfa9e7b977bec445701790d744181bc46d7532b8a525d24d36288385f6f6c092a69462b5e0f54b2f83a9b9ad5e00cf0023345fea31f92cfefa04197c05358616c3fef72e9413d4202de3b38f1d13726ddaececf8bab9b67966c00162f2b370f8bd7b92bd6273ce686ef2f66a1f764885ae72f51f54b38debbcdce93b65ff577890e3ea50b3dd935cf99da2034fdfda50422d7d8dbfe9e15f547d51d7f610312ae79b0a7d7f9c6875ae255c15aabfa5443c3607b3744497d21dd6ff844fef14fb0482a5096f1b313296a77815d63ef7c36a27a5e49c8be13debfdee6858b974501a145863b7bdca00f7eb6feb3a6cc350c6eb081064a1443f854a1266c2f4b0f5413b820fce58b35e7529b48f012e8bd16909d9ab33cc2b1dd3be558925b9bada2dc965a54870073df8b7f4e5120cdb9bda1fb641496e1c7c6a273bd5a667bad3274238b2761af1049c45d27f1fc233f06310b491e04399532ce7a94c736aad4c57271def835bafa457f285ee8de5fbc7f2acc61bf3fbdd5ce08d80c90e7111e21e25fb97d2ac66fda99c59bf81985ee2dbf41f13754220fd22a69fb9937806bb0777dc2a1f108fa083f6b1ef0b791b358d8fccad234381fee19952328f713f4ac3cc0f7f1d59bdfbf8cb5c1d273ebab7c089f346627b29768c1dff1a8f5175475c9a1968bf4199c92e067ca7c3a406b2f427ec7c7dee475a9c9f432262b1be31e281c3200efe8b5d789229438b2c8ff9f7674e67f3e3553ecd49946af7339250b97ecd91c06ef468fee49cfcfb400eea797e5d62467e7a0e0c87beb7887b00feaf1d31e215b65940f4fbf29bcaee2bc604fe2a38741ca7c3855", 0x1000}, {&(0x7f0000006a80)="14007f39a4aca2c50a499096acdcefd548f2f0ab199efb3155598d5dcdb888cd54e88a26c6552b7013f1b60f69a2aeed9dd8135167e103d80ff9b50f1c3085ee517af22e1c312a32759624ee0d625acdd15e5e197f47086d3c589e6608559a4928c71d8b1204d2f20e1bbe0f1d7f371a8d806ddcdb8db64229b356ac8e1f6c20c8eb75babaadab723f5d823042e114eea69b1b774da27c95290a0fe368fee72b7f4ceee4e0ea56c18e663f58fe8a4fdd207f5fa67ea453764a6d0992468267922a027948cac70ad832525fbe6355f6a99ff06fc785f635a2db19cd056ed5ce5b67fa0290ec1e20", 0xe7}, {&(0x7f0000006b80)="f71f96c72e9245bd", 0x8}, {&(0x7f0000006bc0)="73da68359e5de8b1752c5808bd36cf1970df881377b1ced39e3e3cd0d1170fd63e60de87bc27cb7c046e4a71f595cd4174f38232c83919dc1b09a89a0ea62b212b6ac152dbb8588327fd15694a0a8775f20864872043796d432282129080243a664f2f6c0ac8f368a2299077a524d18b5d3f3d27379d1e8f673e79a9e447475773c311b0e4e9c6e82a101e2caba1503b950be008998ef071291885a6b71835fbace5ff944f2fad993e7b4c6f114c93f40f436d9d24124e4e86ef9ebd32a5c6e0abbd8bf9ae5458ee22b346f0152c9b6675952911292d95480754db7ed57e82e7fe2d328ac9ba209d55feecc0f36639681b812abb77abae6d3851099bd229440eb4e6ff3677b1c013c8ed5aad28dbe59acd73ca50ea76e60b45aedf21085dad4300ef1ebe676385681a4eb175f6dcaefcaf5b66cecd4c15154bd4234a609c2db218995b6ad2a80195c8949158aaf997ff3f4dc526e6ea0717ade3abf725ab5a6a187a4a2e045998c8962b368292c925d0dd2b5a78fca175cf5877728368513e70878f9597b5946bd717349261330a0e9c83e4d60366f453699618adf63ffd09313e6d1bdabea8aa20f618690099e5346626de5a96b93d3d0ff40b4cabce2bcbdafc7d80c63c8a1ba4e9cf1765dabdb7cab39dcca6b7bd72d8253d40c65ef108291db8bfdd68d5bcb5b4281cc6f390392f93716d8f0dfafd02b243a588dc6bb3dce5b0aa34ca5a13ad5464d05689b60a2f6576746576d0b04a62a60eda0cce5a89ee43bd37597dbc6872d8d8e19b5027744ed822701d25c7db5fc3eda2e5bd62a43251367f9cd3baebe4a63b1d4cf0894cd36b9b6361f13fc8c45ad94e1528940ad9a7836484cf9b7d4406eb692df5c5ca49a18ec1dfd32c3606d3fb0899a2a06430bcb217a0c81d7a3ea2e968193593b2630ac15ed0ce7186e1c0cfa1075f2c39064436b1bbbe777a66ac81f801c772fc39a2f53b1d3716ee42782bfa80bd1f9ab6554a655fada6df398583f2cfa0b7291a39a5b7635b1a82e26279fbad21152b8dc44db0907ea59de94469ec68ae2d9d34fdc1586b5846e5ce3acfd4de288be5159206bcbfba933c7dfeb3b6d46f5fc31f524ece4719a9999cf22203fb5096b6ecf16f22bacfbed3fea9962406a735d01e1755e665efc5c4bd4e56ae5f1d3826a28063ec2b3ec31dda4b84e1081e267d265c0dad2b4b40f33ded420d4791ff3e32d2a11214220508b61e08012afac3627ea3f76dda6adae12b2328f3c6da38c5ba685ff525653b4784b848f1e4489e4fbf978a8063b6de684e61ed490447e8ac4cbf749407d264391a7219799a9f5f6b87cc6b1d9cc2d6255e12a3a6a35c318a7683d0fa94b5ffac1979fbbdc4a68efdc611ce4706d47dfe57ab09eb430e103eb8afd15a4cce3232b775c3ac06bbbe981064c8b4a5e4e73cb5963ba9e972e06b0b4fd77f0116783dfe373a68b9138fb2c46f29bffafdca8848caa981e2a04a5c40a0188a5963bd9269b358fcc0b31a4954b99727e02da7e4103e70f5160ed15388def5bdbc21a57aecda144a3e994dcb970f1071e6294175617fd4614cbbfb0c2ed091d8083ef894580e44cbc352c164b4a73818e3c56c67aec5f914d08584b2a63cdb51eb97d34dba0404c343ed4f879edcd97d1aed419a0b725a2daf47edd0a1f61627541da1c30f8a7e3a398e94bc17e722d685469b2894f4c12ea22faa39120a31efec38401a2b497bd19c68277b2b0545b0cdc1ec06801581955f640abeb979286e10244ebba040132321d6c074487a0ea129bd5513f28616cb0c32f5c5dc471584721c5e4ee8368f3d715b6e190e008bf5b71705bbb62932bb25d9ae46070fd5886da0dd040dcbbc792199c96496e5587ce673e6a0f5e2af051ed5dea80ea26a28a585ca91287a2bd9a343ac055049366015020773b4bbaef373ca7e625e9dcccf2b7a66be731436a8d1ac7e1a5e7c9ed8f1b1d895877a113f1b5a08ae5523caf2e7a1986b1145e900bc0655a3c9fc224141b05b919b11b364e17c13f10701c804bcdd0a1be68f53624cd6c4132caea341729511deb15198c5cb38ccc68fb9fa37f88b4f52479cf6ec29669228dd0a780c5ac7196b3e533c41acd42ee1e38bfa6a16090871bec80766defdb4c95543f98b24ef8d9d1c8e8a186a0a820d33bd0e15738df770860b00b06b6b9d7c924864b1474941bd608cdd3299a2e6e59ddffb1faab7c41f35b1e6f661b4d67457d557dc5cea9e34af16b7ff8731d882146740a44b19a59d15b98fb5c1dd6def0cd7560f0c8dc180286424144b83aeb75528c937778e4005abee246806037c43d2875dc7cdf602ae891d9519481b08bfbb7707f83baf444249e076d1f236a45c67ed4baa1f8f86a9a9813a000f8d59dd81bfb9df62e62a476bb05bf1fe2f48aa011872ae2efd536b9bbbf19f1e47e2f3e4be86ab806b2a69edf51d5c178d9d816ec7d1ddfc65f2fe1740b0c771ad183865b85c63a32e14d3704317802ffb5bccbebc08145857a413e318f6b6adccce55bf6c6a4ea9c6b39c279bc8c3a7fec699f55593945c0fb58b644739a3df15a5b086c33751ea87646d06dc5d799bc01e11eae28fc8e197bd4434b647465b6b728fed80446800aba53f75c339d8d648a620fc22086962a02c98242c859ce8b6a24a36225bc92b6bdbaab7b7a1956fba9dbdb8e01d804e7c4af62fdda94a42b5498452a80fca67aafa0f794596b7b212809ea413f4ee6b224f3924f8e695a7d1deb3ffd116f12fe920ae24d55bde43bb93aa27b820cfe26a59df031aa3cfbc7c92a648cde79e2994bcc77fd164c24b9d6241708396785d5900b2e3fe3539b7203bf3a538b9b87f95d0044301406dcdc650e13487fa9d14febfb0e523a8f9fd43ed63ce87c1c4f263728ba3367a438d71dffb0363aedde3baa464eec06094fc74c55653ef8d8c1fab61fc275a336209713e82bbfed0921803f2a2c0431e0a4ecaa2029de44da5d1ea087b0c3b1c25430f35c8d3e70b68578d48c2cdffdca4e25855d9dd0b387cf75910b3a325dcf008863235929bd3a2126d283c3694ea3a38569f3a9cb300c837139c7fa715d40bfe182aa15aaa846cb405dfaa2630441de98a949505e5b73f0711bf65f3b4aea77214c0ea8a55e0227ef16a481348e9a662f272e8d2f0ef975e226f05cd2882aad239c0652ea594b5952b4245e415eaadde545c1db9777bd227a29b49925ad0276f5b7da2e1f0e2d847053e7a857e014ffb27a4d2a1ee675d843f462b604015a62845eeee7b4136f0c245ce0e4694d6998a6f65c4b98a0f2f480d23925a0c1c782199f5331d24cd8af212a9793dd821a51021aaa33b176174c02dd763e5d8c44d06aa9660bea5f9a5fd76fdeb9403f2c9f11164f4353e35b42e0a2a705d95c383a3a9f24a2f719f948bade575faddc9bc06ad37b8f9caecbd2976da2e18940e86fb56678a1d2b7be25ff557d036ef5b2f7671a817219e1284175a44546e5f091a668fab91b80d4f1ae033a9e4917850965e155ff70ce51f0c8e5a9b21ffb4de596100af2ac9ef713e14a9189ee27772c45f1bbe130d3d6ffc5f8f3bbc8a7bcc9dbf5ff20130ad66e7f477dcc04279f077f94e0f7c73f7e112c267b4624fe15d440a8ed1cb8ac1be49c7dd1e4a450410d123baeb36bb63e05f847e0c4edfaa572236edb1d5474f026d8848bf07908f45d3985c8c9a6bd6dc4d1fc316ed7a7e45ef6b6003df2b35b5757280debc868dd1c191f30d65e7806aec087001a1210f46803bd10d6858e31b196fd36f1830bd29bff868ff453abcfebe3fedaa0cd02e3fd22e442ff2b6c95c05c11c199b72369e5c509e59056f6ad14dcc6771640c52159f3fab3a7bff2c076912601c12544a04ec73bb68899cf08a4673f0e74d0a6e68581d904af192e0873279b696d2b5e9ef16af003a4bddcab8a951b029c0b4b68270dd89bc18bd91aa24023e3a61edcf99b52854f4f7e6e8ec6df9b4ddcf75f021628cb93899d2541960042cafc7ab3988bf377d77a4bc79581d6b37e3ec72c8aee20be31f19db5018758ac7c4f064ca573576920a6a4dc322290f2492526260b6b52f15fe6e8b4eaf23535d3d9c6c7bcd41161032a4ce929239b5b9ab3efd9b33fa077fe189a61d702d31d77e4735f8a8d1f0a095c6f2671364269366c9244c364a59ed9c1d6a0846f0d0e966e7e4f2d34ff4d9e86a0a183d1d33997ffe743684a507e7fe17ab6910cec3c9520567ff1c06b1a4a06fba35e136743cd179a717cea796660698fb3c8416f35866e12ad32b6e06544943bc7f9eb1a854e5af66c46feb6d178b587759ac179fa9815faf10e6f8e285a1deb7cf16c27e4793a8c1f6eaff45d4e5ac053502cca1a2996e47c5877f77ebb1457ff160a7bba04eaf7c8992e9bfe6a740942eb86dc684d6c563e48d0dfec9f62d574b4c7705c5844e6c3068169469933b17b3aa16a1ebe4d4cc52d8b0033e9272656c60728b07bf8d7dc9c0d8cfe8dcbd658cdc5917d303f0430d6d56b4f2b69dec867df5ab3e265df18d1adebea176dd15f4d49bade69bf6586a20cfa6e68707f4465565b3e7d7e0652ae13fb0f7b814a0bf8eb09d1156068c45f81598144ce6981555183ec56b7414ad7f57d8be0cf853d64e510ae3550137d1d7c61096ac4054f9fac4039e65361069a659b33546ff0c198460cdc1f057e50521c089c61cfac248a6787e100d8eb1c4b025a41c01a10abe3928239b59e7f3c5e35ebaad5d829c907c76bd88efa3ddb01ea510c2dd43260723da5e517204986ca042eafa31850a4cd80a1eef448a7ce6556a97bbe1b4be02704fb63f27711e05e6906b89607a240420a3cb7eba5ac5edb5646a3cd864c67fcd649f3bcf6ac60589f855468c9836beaa4791fabf76b9f1f0783ad40c92ee05fc07bd6f2e8a2849c39171c90bc3a0381ee3bf3f38fd570f1f4fe4a5541255a36aa9c3f183435c336bf84fe39c87a732f8436a484f54a1bf3fff957a9ef304094286f0bc0ca06cbd7f6ff86e84ff60663a75e470ac7a4e6d1b30b4acb316499beacbad6a864a29e4b99a339ca051184a37b7fa4dc0648e6aaa28a788dec763d3176a42d116748dcecb61c9448bbcd6ecf5ad64f41501ffc16d79c4c04558be21a670cf24691a77081f24f959059ac2c5b8cc2f4300d8c808580d5a7552a8deb66377b39f4ff49b63de38f038999883d5c4ee9649e8e86809042b64513666b027d1c14664ec02204d6d2d501b81575527278804edea4cf359ef49defd8720c7ef2b71cc67bf235b46ffee42310264de3b7d01cd41be9bbb906057fa040523764a4ebfcfa41404502fbf228d7617b97fb616f6b0827f010c1d0c3be02ba00213838c0f176d3993610f16f4f24b178a7a81feeec4161afe2e879b3d116e4b9af33402e75b7f6605e46e3dc2173bb3a75d9f019eb2844aeb750a236a92ecb04010a7fad4c850534caa8680423df46f77ddb8ec552fad462a220d25a420d63ddf92253dff91b9f54cd2d6887d0f71019a51b9e5aa0e345b7a841d62d25a405912b34726858e209be6dde9c8e1d4777015f1852fe287c02d00b94b888354f2daa457bcfde78aef31dbae4c67bed9c2d3d2f62c9d8f493607cab23ef27eef2e5ea85e780285da77f183b8949cd9431082926c9ff9496010f13c09b1b096aa23e5c1674e8a3341f4b3dda0a221cbe15b7f292897ee193d8afed9f20594295e65dbde384d1ab53180ed4607961562826dc4d7c0becb1d09d6e4f284528750c9ffde05907689bc5ef3a04247f1180c071c32eb", 0x1000}, {&(0x7f0000007bc0)="c227947dbe1403be21676b4e094bc748c48f36c8a71fe003", 0x18}], 0x6, &(0x7f0000007c80)=[@cred={{0x1c, 0x1, 0x2, {0x0, 0x0, 0xee01}}}, @cred={{0x1c}}], 0x40, 0x800}}], 0x5, 0x8000)
readv(0xffffffffffffffff, &(0x7f0000000040), 0x0)
openat$cgroup_freezer_state(0xffffffffffffffff, 0x0, 0x2, 0x0)
close(0xffffffffffffffff)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000001540), 0xffffffffffffffff)
sendmsg$NL80211_CMD_STOP_AP(r3, &(0x7f0000001600)={0x0, 0x0, &(0x7f00000015c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="1c0000009225fbd20c8f5c571cfe76a499cdaba62463a115000f1ff50720f1e72a0454fc8ec698b37e9021757b24b3c80ec55d2ed87b66495038e1079ee50a83613973994e7c360e7881349172f0d95d17092d0e8b3823bae9d398e6db4767f02288a49f9ad72082fbe21c1da9a179360aa6ab4b3c1a059ef209eb60f8714c5f6d5ea3c6029c3319919317473f2ff36a83ddbb38b9b988c28b75d6e87a3f", @ANYRES16=0x0, @ANYBLOB="010000000000000000001000000008000300", @ANYRES32=0x0, @ANYBLOB], 0x1c}}, 0x0)
[ 3112.792420] /dev/Loop0: Can't open blockdev
getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000000040), &(0x7f0000000080)=0xc)
syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x2200)

09:08:40 executing program 3:
r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0xd438d41a2ef5ba3f, 0x0)
ioctl$SG_EMULATED_HOST(r0, 0x2282, 0x0)

09:08:40 executing program 1:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{&(0x7f0000000040)=""/35, 0x23}, {0x0, 0x2}, {&(0x7f0000000300)=""/165, 0xa5}], 0x3, 0x0, 0x48000000)

09:08:40 executing program 2:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000080), r0)
sendmsg$NLBL_MGMT_C_ADD(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)={0x4c, r1, 0x1, 0x0, 0x0, {}, [@NLBL_MGMT_A_DOMAIN={0x6, 0x1, '%\x00'}, @NLBL_MGMT_A_IPV6ADDR={0x14, 0x5, @local}, @NLBL_MGMT_A_IPV6MASK={0x14, 0x6, @mcast1}, @NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x5}]}, 0x4c}, 0x1, 0x700000000000000}, 0x0) (fail_nth: 5)

09:08:40 executing program 7:
openat$sndseq(0xffffffffffffff9c, 0x0, 0x0)
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{0x0}, {&(0x7f0000000300)=""/165, 0xa5}], 0x2, 0x0, 0x74000000)

09:08:40 executing program 4:
syz_mount_image$ext4(0x0, &(0x7f0000000000)='./file0\x00', 0x1, 0x0, 0x0, 0xb1e8a2, 0x0)
mount(&(0x7f0000000040)=ANY=[@ANYBLOB='/dev/Loop0\x00'], &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='ext2\x00', 0x0, 0x0)
umount2(&(0x7f0000000100)='./file0/file0\x00', 0x4)

[ 3112.814199] FAULT_INJECTION: forcing a failure.
[ 3112.814199] name failslab, interval 1, probability 0, space 0, times 0
[ 3112.815999] CPU: 1 PID: 14120 Comm: syz-executor.2 Not tainted 5.17.0-next-20220328 #1
[ 3112.817222] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[ 3112.818976] Call Trace:
[ 3112.819366]  <TASK>
[ 3112.819710]  dump_stack_lvl+0x8b/0xb3
[ 3112.820312]  should_fail.cold+0x5/0xa
[ 3112.820886]  should_failslab+0x5/0x10
[ 3112.821445]  __kmalloc_node_track_caller+0x7e/0x440
[ 3112.822230]  ? netlink_sendmsg+0x98d/0xe00
[ 3112.822422] Call Trace:
[ 3112.822915]  __alloc_skb+0xe3/0x340
[ 3112.823270]  <TASK>
[ 3112.823816]  netlink_sendmsg+0x98d/0xe00
[ 3112.824060]  x86_pmu_stop+0x149/0x330
[ 3112.824655]  ? netlink_unicast+0x800/0x800
[ 3112.825062]  x86_pmu_del+0x1be/0x610
[ 3112.825691]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 3112.826094]  event_sched_out+0x2ed/0xe80
[ 3112.826903]  ? netlink_unicast+0x800/0x800
[ 3112.827360]  __perf_remove_from_context+0x87/0xbe0
[ 3112.827972]  sock_sendmsg+0x150/0x190
[ 3112.828512]  event_function+0x297/0x3d0
[ 3112.829031]  ____sys_sendmsg+0x703/0x870
[ 3112.829473]  ? perf_uprobe_event_init+0x1c0/0x1c0
[ 3112.829995]  ? kernel_sendmsg+0x50/0x50
[ 3112.830690]  remote_function+0x125/0x1b0
[ 3112.831309]  ? __ia32_sys_recvmmsg+0x260/0x260
[ 3112.831893]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 3112.832512]  ? lockdep_hardirqs_on_prepare+0x400/0x400
[ 3112.833312]  ? perf_duration_warn+0x40/0x40
[ 3112.834100]  ? lock_release+0x3b2/0x6f0
[ 3112.834751]  generic_exec_single+0x203/0x300
[ 3112.835369]  ___sys_sendmsg+0xf3/0x170
[ 3112.836027]  smp_call_function_single+0x189/0x460
[ 3112.836615]  ? sendmsg_copy_msghdr+0x160/0x160
[ 3112.837356]  ? perf_duration_warn+0x40/0x40
[ 3112.838036]  ? lock_release+0x3b2/0x6f0
[ 3112.838684]  ? generic_exec_single+0x300/0x300
[ 3112.839274]  ? lock_downgrade+0x6d0/0x6d0
[ 3112.839921]  ? perf_duration_warn+0x40/0x40
[ 3112.840530]  ? lock_release+0x3b2/0x6f0
[ 3112.841163]  ? lock_is_held_type+0xd7/0x130
[ 3112.841758]  ? ksys_write+0x20c/0x250
[ 3112.842387]  event_function_call+0x3d0/0x430
[ 3112.842954]  ? lock_downgrade+0x6d0/0x6d0
[ 3112.843580]  ? perf_group_detach+0x11b0/0x11b0
[ 3112.844227]  ? __fget_files+0x287/0x470
[ 3112.844866]  ? perf_copy_attr+0x9c0/0x9c0
[ 3112.845466]  ? __fget_light+0xea/0x270
[ 3112.846043]  ? lock_release+0x3b2/0x6f0
[ 3112.846622]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[ 3112.847184]  ? perf_group_detach+0x11b0/0x11b0
[ 3112.847994]  __sys_sendmsg+0xe5/0x1b0
[ 3112.848646]  ? perf_uprobe_event_init+0x1c0/0x1c0
[ 3112.849225]  ? __sys_sendmsg_sock+0x30/0x30
[ 3112.849917]  ? _raw_spin_unlock_irq+0x1f/0x40
[ 3112.850585]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 3112.851233]  perf_remove_from_context+0x12e/0x260
[ 3112.852054]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3112.852734]  perf_event_release_kernel+0x153/0x7f0
[ 3112.853498]  do_syscall_64+0x3b/0x90
[ 3112.854192]  ? lock_is_held_type+0xd7/0x130
[ 3112.854750]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 3112.855387]  ? perf_pmu_migrate_context+0xae0/0xae0
[ 3112.856171] RIP: 0033:0x7f928d323b19
[ 3112.856900]  ? lock_is_held_type+0xd7/0x130
[ 3112.857452] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3112.858085]  perf_release+0x33/0x40
[ 3112.860851] RSP: 002b:00007f928a899188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 3112.861388]  __fput+0x272/0x9d0
[ 3112.862565] RAX: ffffffffffffffda RBX: 00007f928d436f60 RCX: 00007f928d323b19
[ 3112.863051]  ? perf_event_release_kernel+0x7f0/0x7f0
[ 3112.864098] RDX: 0000000000000000 RSI: 0000000020000200 RDI: 0000000000000004
[ 3112.864821]  task_work_run+0xe2/0x1a0
[ 3112.865885] RBP: 00007f928a8991d0 R08: 0000000000000000 R09: 0000000000000000
[ 3112.866453]  exit_to_user_mode_prepare+0x199/0x1a0
[ 3112.867517] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 3112.868220]  syscall_exit_to_user_mode+0x19/0x50
[ 3112.869285] R13: 00007ffe916ec8df R14: 00007f928a899300 R15: 0000000000022000
[ 3112.869956]  do_syscall_64+0x48/0x90
[ 3112.871062]  </TASK>
[ 3112.871569]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 3112.872649] RIP: 0033:0x7f750a30a72b
[ 3112.873209] Code: 0f 05 48 3d 00 f0 ff ff 77 45 c3 0f 1f 40 00 48 83 ec 18 89 7c 24 0c e8 63 fc ff ff 8b 7c 24 0c 41 89 c0 b8 03 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 35 44 89 c7 89 44 24 0c e8 a1 fc ff ff 8b 44
[ 3112.875865] RSP: 002b:00007ffc8fa2e8d0 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[ 3112.876948] RAX: 0000000000000000 RBX: 0000000000000004 RCX: 00007f750a30a72b
[ 3112.877988] RDX: 0000000000000000 RSI: ffffffff8411f74e RDI: 0000000000000003
[ 3112.879076] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000001b30c2001c
[ 3112.880134] R10: 0000000000000f41 R11: 0000000000000293 R12: 00007f750a46bb60
[ 3112.881137] R13: 00007f750a46bb60 R14: 00007f750a46af60 R15: 00000000002f7eb0
[ 3112.882149]  ? syscall_exit_to_user_mode+0x1e/0x50
[ 3112.882902]  </TASK>
09:08:41 executing program 1:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{&(0x7f0000000040)=""/35, 0x23}, {0x0, 0x2}, {&(0x7f0000000300)=""/165, 0xa5}], 0x3, 0x0, 0x4c000000)

09:08:41 executing program 7:
openat$sndseq(0xffffffffffffff9c, 0x0, 0x0)
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{0x0}, {&(0x7f0000000300)=""/165, 0xa5}], 0x2, 0x0, 0x7a000000)

09:08:41 executing program 4:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000080)=[{&(0x7f0000000140)="20000000000100000c000000500000000f000000000000000200000006000000000008000080000020000000dcf4655fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000008000000018000000c20500002b82", 0x66, 0x400}, {&(0x7f0000010100)="00000000000000000000000039c043f6970341999833e8e90d2470c4010040", 0x1f, 0x4e0}, {0x0, 0x0, 0x80000}], 0x8001, &(0x7f0000013b00))
syz_mount_image$tmpfs(&(0x7f0000000040), &(0x7f00000001c0)='./file0\x00', 0xffffffff, 0x8, &(0x7f0000000600)=[{&(0x7f0000000200)="51a43e0f2e718ecdd129866da246256c2a7928bc4086bb5bb44315bcda04b2aa0b30b9e3c8f618896515ac8aa8d1138d6cadfdc64b9e818c9d7360621943728a1e8ff752", 0x44, 0xffff}, {&(0x7f0000000280)="6e932cf185af9903df90402b3613301a06e9787531ce07af3d043be7452e9b21b839b6c558da", 0x26, 0x1f}, {&(0x7f00000002c0)="0d7052d90366704d6b8a00eef4dfd36b5d219e52a1c6b0a25a4d307c0f5849cd546ae3c80a99909608f819ae86c3de43e29790", 0x33, 0xffff}, {&(0x7f0000000300)="d404d3d34d1f1825764f1a7cab0c6c35e890bdf17a88b375c17589aec851c8b130996f36311584f31b0e3e880473ec657794e2e8ef66e3ed64b6db70a88004894fbc5ff2ffc86cd9eee74e8a76b521ee8e891bd5aa9cab4731a2e0680f47e9e178ddc9a2391fb650f27486b501ab80ec10dfd8da908c46ab7523fc4ca910e9c121a6db802791b95292ef243aaece44c83b3532bf11e41e51cf90c8cc27dd85ac50a37a3a48f2ad3df830e894f12c9cc67519fecfa606", 0xb6}, {&(0x7f00000003c0)="bbe94fb42919f5d15e62148879b9076867970da42a66209d6ee8ccf4cca39c0a952d26deba610d00a7bf5a0d9f0412eaa10996ac3f47282475b882971d5cdf675374cab008b6e1c7", 0x48, 0x5}, {&(0x7f0000000440)="661da61dfcc6c11c3e116ccb5c95faa246dcddbb9a4cf33b86fad2c4ee735fc85011d924b909191ed0f78d488be20c64f254f90aee9ed362", 0x38, 0x1}, {&(0x7f0000000480)="a1427f5489b3c129390affc8ff542373666824d86e3bc4c1d95daa48adbcad5328ab5903124f7ff082d2cf32bc8ec4724c0c6b57b83021f177810f0e08537cf147c599a9b74c169a15641b00d0729143779cb8debcd640c9df01182970f60e9ff63eb5ab57d6d7111d806e5ed8b620ed281bac88500a8ad6d9d359b05696e1b0dcfb60454e6461b4c1c6e5ebcec2853f05a6eaf33480058c80640ff9065cec1e843e8f9e534365b5877c94d3b0e0", 0xae, 0x1ff}, {&(0x7f0000000540)="70612e0ded2eb465240c1d6b8e5c0fdea4d89a01c32fdcf914ce89440be032ebfacf8d90eb6f31cce3652d47cad29b6db7515c254d738b9f16ba16818ee87c02d76e89b3c097e21b79155c0b027fcdcce2b5f91cfec669ead311069e35298d8795775923253f4e6ea01e73d45ac1fff8b63b6110200922465b1c7a740a34abbeb6229757c24dcacd4c76c0f9d0ce4d130ae0de64fc73be2fed9ac8c923f973ab089aded1f4eeb8c11cb92cbda76d45f115747bac605b13d776af3e27972334a0", 0xc0, 0x7fffffff}], 0x4, &(0x7f00000006c0)={[], [{@rootcontext={'rootcontext', 0x3d, 'sysadm_u'}}, {@smackfsdef={'smackfsdef', 0x3d, 'ext4\x00'}}]})

09:08:41 executing program 6:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{&(0x7f0000000040)=""/35, 0x23}, {0x0}, {&(0x7f0000000300)=""/165, 0xa5}], 0x3, 0x0, 0x3f000000)

09:08:41 executing program 5:
socketpair$unix(0x1, 0x5, 0x0, 0x0)
sendmsg$unix(0xffffffffffffffff, 0x0, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
pwritev(r0, &(0x7f0000000640)=[{&(0x7f00000002c0)="19", 0x1}], 0x1, 0x8000000, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0)
r2 = socket$inet6(0xa, 0x1, 0x0)
bind$inet6(r2, &(0x7f00000002c0)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c)
recvfrom(r2, &(0x7f00000003c0)=""/87, 0x20010397, 0x300, 0x0, 0x0)
sendfile(r2, r1, 0x0, 0xfffffdef)
sendmmsg(r2, &(0x7f0000001380)=[{{&(0x7f0000000140)=@nfc_llcp={0x27, 0x1, 0x2, 0x4, 0x2, 0x6, "8ed124e692e33282db70ee21ffdc904e945d0ff2003ea1726c2f747da47ff3eb749d8396e1c7b7bb15187c52c626422001a552a2bf438a4f73d562f710088c", 0x3c}, 0x80, &(0x7f00000000c0)=[{&(0x7f00000001c0)="99c3798d0aa6fac76cdecac7eadcd0133a263fb72852776f13ba0616ad5433771922b694db9bdfbbe717365de371a07bbe9ce3f4b1e9dcf0f3995b2e736e663af46e79", 0x43}, {&(0x7f0000000300)="be1acd74b55d45d145412f43718515452c02f92cfd1161125802a4223b688806f355fdc832520e361b4120ef776d0a8c445fecc2e1a00c2fb26e952d5aa85efb24fdc5d5191112e68696e63ca0e11431358d1e04c5c6cf5a33ebbc2bc1cab85164c88c3cec4f6862253e50947c5050ca36f76ef88cd68dc196cc052effdf4c79c8e55bfdbad07aad8c69975533dc199f0614653cbf54ecafcd1b6ddefffcf7b8600cd4a0ba0ef20d49dc93bc58c6ec87c3fd66", 0xb3}, {&(0x7f0000000240)="8eadcca4ec01201ea9a99da1939cec097de8f07c8293e88ec0ec9b9601bd4ab9258c8a907f9d9b7e5ebcb4ad5fa4891d84502ac14a4d065102a739ff2cb640f80f86f122884280ac856d08dc91e58236e3f1eb3076d6d803e76b3773cc", 0x5d}, {&(0x7f0000000440)="7518d10e83bc0f2753cb03b78633f7593d4ec0ef574f521eee0ddd366e78de9ff441f16d38a9822c9ae9c1cf8ee86ebfb8c20d02b99d8e8f5bdf26f6654f85fbe4095962dd7e3e2d0fc482c0cd24c307760cd82da33a51670c3536ea9a2d961ad63fecf66dc6f4cf44a021eaabd62d9f224ba48ac5f7f59ac67ffdb725c23485cbad2b61e4321331e4d42a2621d8", 0x8e}], 0x4}}, {{&(0x7f0000000500)=@pppol2tpv3={0x18, 0x1, {0x0, r1, {0x2, 0x4e22, @rand_addr=0x64010100}, 0x1, 0x3, 0x0, 0x3}}, 0x80, &(0x7f00000007c0)=[{&(0x7f0000000580)="7078dc554aaa8802fcec2c91bcfe0e231c8e6ad35a3843416b40d89968a71311734871044c8ca1ebfaca48835b531a984b0d1e7c74a04d747fbfeb073484f4ef64e2a9e132a35197752e6b452b0c35c2733879cb3a17728d49a5ae71c6da110ee42eb9cec8c54da4d6c21195bcaf091b9e331576d9b569ea16e12d1efd02713343", 0x81}, {&(0x7f0000000680)="faf46b1baccacd294b88a64f0353723cc67bedca36251ace0e7d", 0x1a}, {&(0x7f00000006c0)="d96d008b33b3cc7fa550f2800de5e433fe5b89000dad8d7639ced4ba39b71fa05496ea7dc28c3ed4466b5243129e851328621a62492be79ea7f29fef0f7a28ae23a0e26d9c98a10f58ed8a59cdc269aa4147e7a3515829cb05c5449465bb0fa2b680171dd6bf42f6facd18c2f034d15d8a18e369afe74757e89bf9ad29dc0e201347cbdf2ed8fe4f5e4d2276fc636cd75fd03401b399f3488878152748553bb6f5b7", 0xa2}, {&(0x7f0000000780)="3d3a7efca8dc83", 0x7}], 0x4}}, {{&(0x7f0000000800)=@can, 0x80, &(0x7f00000009c0)=[{&(0x7f0000000880)="f6d5aaa9d141d2f42d7899bcfbabcef5d9321027185fe7d6f2cdf57b8e9de64802b844f28ac723a01e536b9aec21fad3184f73d949362b1d7a8dc6a1afaa22e29e38cf44b676561e76f34dafe4247374dbbe66cda2fd91e64b36f9ac916c74e6415fb8b66810cee71d598ff51b4c2ffbdcd773d646affb33bde1e312123ab850c5b52090dcb323ede5da306defef15b3cacc9349cc90ba59d6cd07c92fbbe697d981c694b638eee269d24f2885c8ee516ace5a5db1aa68367ece43", 0xbb}, {&(0x7f0000001640)="c2a7f87aa7224803425f430a8b87bedfc2eced49140d485c9eb8572794efc889b479ca4f635555e9880cb3949ea812f8f550d8a2370abf42062d327ea62dbd590a5501bb223889555b7a19ef00365e887d2c78f4e4cec560aca54e66bcda273b84685e8045229b61d0eb237f6ee07658e569a456d2dd3e98e6a015bea0e01aab0c01089c44633d2ce00c501edf5e16de16680eaa6e92b8eeef22598e65dbf889d2e53ab5d074b1d0b65faf11849d82547d09a2f168d3549b2644c1d2c2790cfd794ef9df48a71af8f3152db14cfebfdc07e19b4d5c6f9430265fb461c8faa31509e3c1481c72eba5fdbae50a80d449d40cd817e667abc7b59478e3767fdd9fbe96c30ba3867afd054153b4405b816c3a3314eb0b182d3670665dc18c36722666d162dcfdc43cbc6bfd8125f3c035ff20773fd39812ccff973070b005edc77417bd39e53e5e47ac76c31d4b093de923b7262318f1eff396136e3fe3c8d6488e462377d9a2d1f2eed9a777857d3ebb2a8689a6de5ae4b1f9fa3105edd7196229fed1fb91ecab0d94334fa2bf1dfbda5f1654e885beb520e262fb258485807bafb09a0c3db8533fd38ae21d9bf34a6186c77fac174bdce8d499a6a92ca48d123a699c80c1e7e3f39b783c44972d6dae9b06d1919e6cb891de45166da3f452fca9e1bfa5196b9212e6eb4f9c530211ac1f1789e4a22815be6f7c8c49f1deb61240bebb4d38d09dcfbb969db2d1726c9b29cfba739a7f7acc29f939fe3497536dbc258af8c90c9cf5e05a5e4b37f1f926623b199c2e704690cd76c5d34f2dbdeff0e6b750c0992cc805ee7a9a42ff2e7290636927083f9c0ff114ac41ec8fa131b1e55f1f9dc01437f6d972b1496f509527513311c0edb0194e8d92fe9e196d0644deff53f642af399a8206e59a8c802b5a1f4fa99dc9f76b509a618221654ab934696c55a3a7f73e763ddc141485bcde042ddc12002187199f802f318357ce719c0a30dd2d5d6d7749a584c9289b85036b20d241d694c4218b82195103380d875aa707d92ee2d0f5bdbf52678c825368dbbf49cd5087fd4a00d60da82bb9dd0a36f2fcc49a729cc78e26db3b5b767c3966bec85e3fa1a4f26ae1da5e8594ec7899a31db352e32695c51c0f67af8195124ac3062646257c302506ba12ad00ec9d3b6b1fdbe44ae23236ca31aaddcf0107c4fcbecf372844f47e99665d10c1dcce31272674cb8eb99a143368608248110e6be5f94a2ab6ed4ba85c36343e80e276fbf9b3100f842a6c854b0fb7f25e4e6d27bb1ed2eb080eafd1cbf2b6ea8753f443185935e8fc10a3e113b8ad8b5f4f6e715a8d8447939a8d51e47dbfddebcd4a2527a4b6b4d21476f347f7b4afc212f8f825b00e38110f67727baa71a141fdae013c1c642e82a15855db24d86fff136d9eae908c98e303b257b9e4d7ed0dfe021976cb8786a4c7d1d5e3f3a89c751a63d1b69e130f775a716035cf07e0e888b7a2033e8a452394406aa626728bf242877f6a34bc200a7505dbdc8ab25b027e3ff409692091d937621b75a30d14beac0cb4c550c103fa0852aec214238993e142c67f4af7a0d4f7008a1b4c38d07d5d069deb9ac1f3465ae3934e319cf8d6b6cd33f6ddc357c7abcea507a86e2638a644b21596e1805514f7e24a1f5ee4b04e3e53de0cdf6c18d1149d4b6535b619fae457ac3f6175840b02b88e55a53c2d900153d0792b445ccb9166c496c72f2d81f59b583965a464ec6204854596cd1dc857d7f779a651e84ba9e9796045fe216d58ce51e6ba2d25edf1f3b75d463eb9b847d70a0434348f227af034cdf95ca9ec0230f689cca90dbd6751041577006ae7b76e0194cb717defa416e4fff8a365ebf4d87544151e0a4520c284f829aa997a9c2f8643639ef10033c42d431735ae6b5afe3dd6b9a88e243738291ecec6f1c8e3feb089ea34a0c197788afe6f9905cd47018edd899844c762e26579d1ccbdf6f6a9bb9eeca41adb1f00a2b5e11e8ee800903a1c24e8d3f7d1d55f19566e12d5e1afd2f07b2b62884bc214f5fc2ee6b7133b12ae4307b10c4fae04a976f793e72b0b7e200bf02f1e203520efd8ed4d3cfbe64d1ba4e132a774ee9cf8d44711a47cef4e6848e9cfd071ae133c38f51c8aef13f5ca65af60971c75dc2f4bcc5215b0702786ceb63dc9ce05ab64e9a58e2829a1648e4cc8ce1d745e6df3abe429f4122ad4ac3d9fbd84b0ae48b9c4391362dfdc1f10ccdd80e46120c156a039a014ed31f4d97398c0629afbe75c6828be06184bc013dc47a2a357eca804302534b184d0cac55c5d6f60f91b2cd2ba44e0559a9a9cc498618f1122cd4792de5822bc6f4a401823ad2d84310908d705c40e457560de77bff7191fb6fb8a5411e39ccddc09f95aaefd20351347796d2e141b1e89a60094f37634b5370dd7377e900f287d9386094e18ffb1976afa3c79f4549a8416a54013514a12b26e67bde7aea31a70f1c410726b8d004d7b960a1e0ced5557918630e99efec7b3bccd7221e8435bdece1fd5377d80743568db11e664c6366d5cb089fb53c140815d5b50a016358f7bfa1b8fd3a893608338f53523d8661e8f6b643a51a28b208836f4de87e2026a39d756c561b5282aceda810655c1a7f9e23e17ae069886b15651592d9b21e105dd234ff5476b691c948bb9a260da1137e17a59976e6a1bd7b1fe30a3d2252b98c49b2e68351550332707cc403543441695e58f55372df24d47b60132829f3eab74fba44216b0f74ce4e43fa28ac04ff6cb1ae0b3033d22586e3d65483420ddff1d3a30eac89438cb2dc10b47d0845d572a0c7110a193df6194fce4cb0836ea4a4340b592e52e2d6a12542449db7597a4aaaa0ee8f945635fd5ad94ec7931e2cf052982015c4b26498ac7b1caa007a05696f07d63dde889d02239115209794bf241ec7cbb792b72e276a14c333eed523175c815bf710550074e2031ca7c347de20eded4ad232073fccf9c732cd3a36df27e2fa1bb75c24d459faa0accd2a7d757690ac5e664446255b701b642d2294a0ba741b29cbd1688dd7b027f65868ace2461b62797362ceecc85fab8f4dde5870b75e3acfb45b5fab254e85e6d7ad658314789be03eef7908d492e12695b40a657f6350f8089b9544f398ce870c7be71d3c795e03c11739d1b739a0f208c15767799baffc84c57a55a987554eaa0f340cda16a2594bdce18116a9cd3ea90177b5faa22b8748afe4de4669da9352d774274ada405bde6197b76a64e1bc30194506b7605bd767890015d5762ff305bb0301ee91dfacb7cdc99213b1d768a465d13d008e72c900dc33d2451de5e33e2e207c22239d9882aff059e83e42b50d66a8ad474940ebd4b22e827b99c0f941517fe4bc09d05d838f53682ad7bbcf03199dd45b31a93c0392685e3b21252565907b8c505c2d1854451760c167037a33deda95e8fc6f0793ac14c77027ad83fd7df50c1e2cba90eb06ee0c88dd5eeb32e21cf3b705f38c59c74a9e6dfa25bad8b3c46837a462b57ebf3d5e8dbf32e494ad9f5534e202c4fa72d4a4e1aa33ee245b8ad3a13c72234de9d8bcc6165b58a2ee409d5b231bf5cc2af1c5fc76ccf558acec3f05b4f64ce24824b31c8a53f33f57c6e0d8f8d5808fa0871e9b40c974fe3df936ea6a6f0860ab05c2e1f63a9cfb4b8075a2a5a2d9b5f5b3e2d1d1fe97fc130a75710be7a12be3a2e5078752739a87986b26d3122d2ce8e5edb4b18d1a482b93a8ffef7966b09726c72ef6b67af9bb56e953b3d01e2c1c2c659bcbecdc66a7d8c1e3130d50cebab08fb85fe469043ab382e8e1b82428b9559c52c473ab4d7bbd0b73c6373149aaebe1b1376a7ace344d1cef184861ed0feb4807397a1c15a0678394535459c09fec961e895e52ed7d547edc52ce2e96d74d050eb5b58b5d318fd570976b8627b95fad049d2981bc7cdc3221dc0c368ead94fdfb5bfd22f608615515f7134ae54523c658edad62a953026ba266acfee8878d184beb11607f1665035a36fca6a7b9823e484c32d236459572c28a56f3cddaf0af5a4734d49c2f586a9c44fefea6a776da8caf00a79963c90527ac93204100c1e94ee22aa54b1eaed335772ef08ec4904052a67dbd338d225b194bc6d0efb0ad0c4d4ee9bc25fccd358b235097dbf5ae30176324914237e4d94065ec1e3d029cf5ad9e43128724b6e5b6868a4ac429133dca95798111e6190444b4b20bf3782d577b8220abcc3e18f916cf75dbf14078061fb3088d25b374b2c53d8f67fc38ee17b733aeb3e358f9b4db097b2273ae480e7c123fe95a27c768c1df9eff224c80cfd4a21116ffa188fa6edc6ce74d7cba1ddb4a473015030c186b19736d022fd381b08e9886267dbb4a00051c2bbe15d61ad77edfb60e0e7b99f56d0be7197c6e73e88c2a572dc12936bf44ada4eda697c6b5a59fe7c2ecccb39da84acb19a87d735149a4694485a2deba1de9756865c3ee73a2e569fd11ff87cc1af7be9115d33b912c1b6beb2cc40cb58844277be5838ef277ebe507b6727feb3e0d168d9fd8801215fb20a44cbd55e528070801dfe7a48cf011ed9a2f9fddb8d8a3a723ba06c7ff47bfb1aca58f18e3ce2b62931a3f4c5e220d2a6713277cbcf6dd91e82da613d20c9f6f24fe7567d5d29e5e22acc8a6779bacb2fea6ebe2a6932da3dbd94a9ac2ffbd7d6517234b3f0910e89a1e2e42073f1cef4b3cbe6802b74e59f728b4b15745665cd08c96907bbf63440cfeb5f20b1ed175f37afc97acde33a302fb2ae4c08d0a3ce79de3ec3150e323a079196301020de6d3fa034b12bb7b3c5272a48312b2d895e02441e2baa0f320003d7ec650febc4dcc56e14535670cd20cf58e1fd995035480621559bec8c1af7823442b77c3fe51b1709f86970c7c12027c84ddd6375c880450210eb4da2ca3ce047a553f12bd94847d41d4f278585818c3c93696b7956cfc48f2d554e7c9327bb40a697e6d04e34edef0a854aaaf0b2330268c9b37ee23272458a2a00d9eb997966dbd86f69dd1a709d7c5cdc1e0db50cfa26644babe23e7a58ca26920ddf1ccef1705304c70df637e1b780ff1051450c775a9c437dae92d6435d53778834f9a7f2ec4645fc29c10453f5bddfb176f7cfb066d25b9c2c4defd3fd7911800b7514b0996f6f0765464bf06b5cbd05015702148ee152228fd886ce462278fa2b8a90c907fdd69e2fda8fc4cacfc2e1e054fe3cf3f54e974d2cb7790f15a5182cae7d300559ea94b1162fc0c0ab6baafeb1bd6972ca7a22b2c12dab75ecb44b169b89a334a83761f1f64d113beb70fa5465c4b77cbaed38c021a374c0bf2ebfdc0cdecb24cd97c11927efbc0cee04c966a485eef9b9599d8e01002ebb620a8d21af0a6cf1904771ce5e9999433d0ad241c5960267fc38217322e546fbcfdd4c9e2ab48643f66569848437783457b1cd7f1abd3b7065ce00e1d84e296ff462b53a83e9013c3cbc16231fc44e0e2dc151a7b7d3082f0c103cef78a95bd152e7c494a1c45917df8d27cb16bcadfd66acebbdc809be5dc86b47ddb7b880a35bedcb8fa23ae63502d2201643a46d4f72975d999d15dbde7b533c6c37a3f9cb85c6f622af405d5da4e266f785db81f3ddf9df485b612b7d0e298e632af56d83d6ba9ee40643539983eb5890f261625ca0a467103ec5d2d560d5c0c0f43a6c3ce6faa3fa573cb11c8ba6b214868fb7c81630fcdfab65c0c8bd1ecd0920494457f97b1fc0e8d9c7a576f83fb9a60bf9972c29cbad49785749550510f21360aa8591e0d50f", 0x1000}, {&(0x7f0000000940)="555928116abbf70396235463ce2b6747f0ae6fbb39491464cd82d444f43b5a63d357351d34cfc859aeba9e53686d8551caefba9f4996654f780f06ac", 0x3c}, {&(0x7f0000000980)="afe09f76ed56601625b8ad70f47aa09bebbd638b7065466f86d390748b", 0x1d}], 0x4, &(0x7f0000000a00)=[{0x10, 0x10a, 0x9}, {0x18, 0x119, 0x0, "c0"}, {0x88, 0x119, 0x1, "7cfd708b98b6ab373deef160a630b9400fb4e658d8fb055d04555d0cfb9aed158fd4af1b60c941dbbbf5e71ad235eca57a3116c0a885d59ad0f1a007cccfacff049a4fb9043cfec8daf8f9942fa66b23f3decc009fcd6d2f5cab5ddc6a19b351cfe438e109f0c3a37ad07d524c922098aa00e75280e64b77"}, {0x18, 0xff, 0x7, "40259c95f68b"}, {0x40, 0x3a, 0x7fff, "b7c2c5e23170adf68b15876f89e229052153d24c3ae97929531c2cf5c41e35fd83bbb947c00272da76e1126188fee2"}, {0x98, 0x10c, 0x0, "ac18c1ea103ca612f596fa0f1f2f27dfe123cd10f59cbfa3de845df3a6c5c72adfe16171508c3e07646358a5c2fa9c56d1408fa2a0773b942f8118a2832b49bf0e326168f5a6cc5deb9e70ccdeb34b7886bde00c257094563fa7f11bcd5e1c69c40534f2468d2fbfbbb70d6a5e30cd4fd4080cbcbed583101a1c32346d077be64822e86b3c"}, {0x68, 0x11, 0x7, "f2d389d11b78ba4df37cc64d78b80c8859794341b4fad9a564e0aa61888014d1eccf7d78299c6249af208ab3877e2d08c30dd54177eb41ac61828f9a868c7684f5159df6a66fc2c5f8cef3c1c2dcd56dbf48345579aa"}], 0x208}}, {{&(0x7f0000000c40)=@alg={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_hmac_sha256\x00'}, 0x80, &(0x7f0000000f80)=[{&(0x7f0000000cc0)="c9156bae6b292e94afe585f4097aca24cbe722549c5f8db5396d57f0697fbd78ded52a2ca5073f3d354af9c93b8677178d51de065909018c26b2c9512e00289a8115fe964018e5edc202b6c013474c67468ce0d83905c6b3a3352e03c3a0da2a5f851fb7c80bcc840a5c92eb6c7a9e09db112d455395f668e6b332f9a787d82ecb547e7107dffd306227f61e0678c451c85489bfa944d744d716e88a75fe099d0ac19fe5dcc7d6ff30c240e4dbeadf87ab14988502d19248f9dacaa2d6c40823478ed31563163a6fa6bb6657709ae7", 0xcf}, {&(0x7f0000000dc0)="f8a9405d0bcf84bb5aa52885fad86f0cdadbc6a445e8604b6a928020a62a603990d4726f629266fe4f6c1fb9408772990439b18b355e21be49c28b750fd3ef62c06c95bea914e02725ec2bf627caa582df2994c2fb22abc5a191c34208b4bc70be5d3ad4bf0202187b6a7632128d9ffddbc12f5f", 0x74}, {&(0x7f0000000e40)="73edb2cb585445c777da1dcc3e9ca0a609c3b933eebe2e79a715debb68ae5335857ca184e6268743206f2ff46f1ec11a056bb21a9359802ca82122e21239d5ec43a6d9be6eb1b80f2dc6cffe46e76293bbcdb819a2cf959157f72937e5d906", 0x5f}, {&(0x7f0000000ec0)="6cb5bebe18cf6c29958ca825c19da08e1e98266366458b21bef69627d2f0eaf59801f22ecc287b811aa293d5f526b326c4873eeabc0fe531b67fc46e26ecb7efc8aca46c42fb577716190f29d0eb5635f5cbd6127ab33254098fc063de58b4760879a813b9cbb34efe1357f015088247c9d75c62de51688c5dcfdf6dca9f93afa31934b9349fe6f9ca6a41237eb1454c2d0848371d51b2172e2000cd8df5c4db5840e4f15bc1f47785ed9dbd4624518011750c281e5b3225", 0xb8}], 0x4, &(0x7f0000001040)=[{0x28, 0x111, 0xfffffff7, "9cfbb13d481ee8c08d76e620415f055c6d4d143733"}, {0xc0, 0x108, 0xcd5, "7b2ce49f5f87b695d5d9e70833cd0ec407e8e333a9654a7be1ff66091521712f302ffd997d3bf4f37c0c90e91d9def24f1a0592d2f1d308bfb9837303e7773d17453edfe0d8523e39c1fd921f921a7ed89f9a0c3371d1dd22c3d4c8fb21098a4dafb5608463cd54164c6b54277049a3d54deef0e59922b3b10e0ab5ebe8f4cb856da22095db823574ccd81cb5a489ec9b2154dc796d16edab763bf633a534a12ccbbdaaef285fa38d729140c294179"}, {0xe0, 0x107, 0x7, "4eaf729857e287899e8292338b4530fa11816b64f5c52e281022fbde046d130b8784e017801b9fba04f00fb472aa1729c35bc7b70cf4c59074396ac9ad611e392829f51c751acb87e9f636af6c877f45d94b1e4ae4acccdfda5839fed27568602e2e2dcfaaa82b90468483d9b22803afcfbe9483bd3650ea98dd51ce02b895786333172c3e0d1f1860be1a483589e2a68ef1b75ce79996b3868cc2eb512cfca20bd1913126e876ebcfe00356f2ead5ebcf0ce2210a07c1dcc0d45cce36f441f62384ce12e32d2fc9fc03b1ac"}, {0xc0, 0x119, 0x2, "0aaeed01f4f947aebc583efb4ef4d6c9b96c45ea43ee4af73362f54e7b72208400919029009aa974c2e57b95570880b990dbcf998015dafe11a4a3602926caabeb164a0261ebe7024daaa2253a361743c44180003804604c36eb68e96232800d796e9971baae47214e315d7d90679d05bf2fd198b71c0ff98f2781604647ce8c49eb87b6842b7347dfbf29caa6df3e5b31b97c979e5d4f5386de6d564c8802d0ee728a19cf0904b0f537ace147aa1fb8"}, {0x90, 0x0, 0x0, "9eb5b9c238739a8b21564c0d12265c04301b373ad888679714c29725ec4aa1e702d58914045f3feaf05ecf028a69a06ecbd552d82104933937f1d9595298c22a714e860da26b01071fd0222a33cedc861be20a678289161a245e9beb0f791c2b4adb3160f5709bc452b20c0822600b1c2470ae85008c0bc45f"}, {0x20, 0x10c, 0xff, "5ba2bd0d6fcaddf31241160ff2"}], 0x338}}], 0x4, 0x0)
readv(0xffffffffffffffff, &(0x7f0000000040), 0x0)
openat$cgroup_freezer_state(0xffffffffffffffff, 0x0, 0x2, 0x0)
close(0xffffffffffffffff)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000001540), 0xffffffffffffffff)
sendmsg$NL80211_CMD_STOP_AP(r3, &(0x7f0000001600)={0x0, 0x0, &(0x7f00000015c0)={&(0x7f0000001580)={0x1c, 0x0, 0x1, 0x0, 0x0, {{}, {@val={0x8}, @void}}}, 0x1c}}, 0x0)
getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000000040), &(0x7f0000000080)=0xc)
syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x2200)

09:08:41 executing program 1:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{&(0x7f0000000040)=""/35, 0x23}, {0x0, 0x2}, {&(0x7f0000000300)=""/165, 0xa5}], 0x3, 0x0, 0x68000000)

09:08:41 executing program 7:
openat$sndseq(0xffffffffffffff9c, 0x0, 0x0)
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{0x0}, {&(0x7f0000000300)=""/165, 0xa5}], 0x2, 0x0, 0x7ffff000)

09:08:41 executing program 3:
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/bus/nvmem', 0x20000, 0x80)
r2 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r3 = ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r2, 0x4c81, r3)
ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r3)
r4 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, r4)
ioctl$AUTOFS_DEV_IOCTL_VERSION(0xffffffffffffffff, 0xc0189371, 0x0)
ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82)
r5 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$INCFS_IOC_FILL_BLOCKS(r5, 0x80106720, &(0x7f00000001c0)={0x3, &(0x7f0000000580)=[{0x0, 0x0, 0x0, 0x0, 0x1}, {0x9e, 0x0, &(0x7f00000003c0), 0x0, 0x1}, {0x8, 0x0, 0x0}]})
openat2$dir(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080)={0x141000, 0x4, 0x4}, 0x18)
getsockopt$inet6_opts(0xffffffffffffffff, 0x29, 0x0, 0x0, 0x0)
ioctl$LOOP_CTL_REMOVE(r5, 0x4c81, r4)
openat$vcsu(0xffffffffffffff9c, 0x0, 0x204040, 0x0)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(r1, 0xc018937c, &(0x7f0000000500)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x4}}, './file0\x00'})
getsockopt$inet_IP_XFRM_POLICY(r1, 0x0, 0x11, &(0x7f0000000600)={{{@in=@local, @in6=@private0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r6=>0x0}}, {{@in=@local}, 0x0, @in6=@remote}}, &(0x7f0000000180)=0xe8)
syz_mount_image$ext4(&(0x7f0000000100)='ext3\x00', &(0x7f0000000140)='./file0\x00', 0x10000, 0x3, &(0x7f0000000440)=[{&(0x7f0000000280)="6919fa51411ec94efdfd81e59267d2a2249d90dd74eeea1eb90da97f78f9393fbb16ea5f3bd7b3e6adec192155cf01935e98690bd895922d74e5408974237ba9903e044131097527a9ef70190ba535271f74a73248c0f01be1de1267d2640b5296bc8621e2ce08a23535e17fc473c6176d5e199ff02f1220f2a43e9bbae0ed828b72490043bb1c38d6e7fcc98bc8a979503bc613c52c17a1", 0x98, 0xf2b}, {&(0x7f0000000340)="c4b059a62b6f2a01f89a811c39ee1bcd53610182908166adf7b252cd2e6c8ea27282e6de83a5c62ffe864dc8442b01516ee3ba54e3a76b85b931db3da204182a464cfd09372cbf", 0x47, 0x5}, {&(0x7f00000003c0)="9f46294156a6fccf4e609ea2ac4a137feebc1e764227a66fe28f4b7234e3cb5f2f45c049be247b04f466db3f9d97b4067adcc535b1385f23e10076ced6419812144eceebb0818430818ae6ce6651f2c40d52c867757b8dd427e7c3bd4aa862e990dd8bb6f3856c0f7f6bb1db05d75420da9572901b5bb5b6595d53b7da74", 0x7e, 0x7ff}], 0x2008000, &(0x7f0000000700)={[{@nouid32}, {@nombcache}, {@nodiscard}, {@noinit_itable}, {@commit={'commit', 0x3d, 0x3}}, {@barrier}], [{@permit_directio}, {@smackfstransmute={'smackfstransmute', 0x3d, '/dev/loop-control\x00'}}, {@fowner_eq={'fowner', 0x3d, r6}}, {@fsmagic={'fsmagic', 0x3d, 0x3}}, {@defcontext={'defcontext', 0x3d, 'user_u'}}]})
syz_io_uring_setup(0x2678, &(0x7f0000000200)={0x0, 0xb6bd, 0x21, 0x3, 0x269}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, 0x0)

[ 3113.120523] Call Trace:
[ 3113.120968]  <TASK>
[ 3113.121311]  ? x86_pmu_start+0x1c0/0x240
[ 3113.121958]  x86_pmu_enable+0x580/0xd90
[ 3113.122599]  ? amd_pmu_disable_virt+0xa0/0xa0
[ 3113.123315]  ctx_resched+0x2b9/0x3a0
[ 3113.123898]  __perf_install_in_context+0x285/0xa40
[ 3113.124659]  ? ctx_resched+0x3a0/0x3a0
[ 3113.125256]  remote_function+0x125/0x1b0
[ 3113.125885]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 3113.126723]  ? perf_duration_warn+0x40/0x40
[ 3113.127393]  generic_exec_single+0x203/0x300
[ 3113.128081]  smp_call_function_single+0x189/0x460
[ 3113.128819]  ? perf_duration_warn+0x40/0x40
[ 3113.129484]  ? generic_exec_single+0x300/0x300
[ 3113.130179]  ? perf_duration_warn+0x40/0x40
[ 3113.130881]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 3113.131750]  ? lock_is_held_type+0xd7/0x130
[ 3113.132405]  perf_install_in_context+0x4da/0x590
[ 3113.133166]  ? list_add_event+0xeb0/0xeb0
[ 3113.133800]  ? ctx_resched+0x3a0/0x3a0
[ 3113.134406]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 3113.135246]  ? exclusive_event_installable+0x254/0x320
[ 3113.136074]  __do_sys_perf_event_open+0x1bf0/0x3040
[ 3113.136868]  ? perf_remove_from_context+0x260/0x260
[ 3113.137636]  ? xfd_validate_state+0x59/0x180
[ 3113.138339]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3113.139137]  do_syscall_64+0x3b/0x90
[ 3113.139708]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 3113.140528] RIP: 0033:0x7f750a357b19
[ 3113.141095] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3113.143939] RSP: 002b:00007f75078cd188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a
[ 3113.145091] RAX: ffffffffffffffda RBX: 00007f750a46af60 RCX: 00007f750a357b19
[ 3113.146158] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000c00
[ 3113.147250] RBP: 00007f750a3b1f6d R08: 0000000000000000 R09: 0000000000000000
[ 3113.148348] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000000
[ 3113.149427] R13: 00007ffc8fa2e86f R14: 00007f75078cd300 R15: 0000000000022000
[ 3113.150558]  </TASK>
[ 3113.199429] Call Trace:
[ 3113.199893]  <IRQ>
[ 3113.200223]  x86_pmu_stop+0x149/0x330
[ 3113.200826]  x86_pmu_del+0x1be/0x610
[ 3113.201391]  event_sched_out+0x2ed/0xe80
[ 3113.202021]  __perf_remove_from_context+0x87/0xbe0
[ 3113.202808]  event_function+0x297/0x3d0
[ 3113.203411]  ? perf_uprobe_event_init+0x1c0/0x1c0
[ 3113.204141]  remote_function+0x125/0x1b0
[ 3113.204777]  flush_smp_call_function_queue+0x1df/0x610
[ 3113.205567]  ? perf_duration_warn+0x40/0x40
[ 3113.206303]  __sysvec_call_function_single+0x92/0x3a0
[ 3113.207094]  sysvec_call_function_single+0x89/0xc0
[ 3113.207815]  </IRQ>
[ 3113.208132]  <TASK>
[ 3113.208474]  asm_sysvec_call_function_single+0x12/0x20
[ 3113.209286] RIP: 0010:unwind_next_frame+0x107/0x2250
[ 3113.210017] Code: 17 00 00 49 8b 46 58 48 89 44 24 10 49 8d 46 48 48 89 c2 48 89 44 24 08 48 b8 00 00 00 00 00 fc ff df 48 c1 ea 03 80 3c 02 00 <0f> 85 80 17 00 00 49 8b 46 48 bf 01 00 00 00 48 89 44 24 18 e8 d0
[ 3113.212568] RSP: 0018:ffff888049e27398 EFLAGS: 00000246
[ 3113.213361] RAX: dffffc0000000000 RBX: 1ffff110093c4e7c RCX: ffff888049e27568
[ 3113.214452] RDX: 1ffff110093c4ea2 RSI: 0000000000000000 RDI: ffff888049e274c8
[ 3113.215416] RBP: 0000000000000001 R08: ffffffff85c03036 R09: ffffffff85c0303a
[ 3113.216394] R10: ffffed10093c4ea6 R11: 000000000003403b R12: ffff888049e27520
[ 3113.217408] R13: ffffed10093c4e9a R14: ffff888049e274c8 R15: ffff888049e274c8
[ 3113.218514]  ? unwind_next_frame+0xc8b/0x2250
[ 3113.219186]  ? arch_stack_walk+0x5f/0xf0
[ 3113.219824]  ? deref_stack_reg+0x150/0x150
[ 3113.220458]  ? __is_insn_slot_addr+0x144/0x250
[ 3113.221193]  ? get_stack_info_noinstr+0x12/0xf0
[ 3113.221916]  __unwind_start+0x50b/0x7c0
[ 3113.222544]  ? create_prof_cpu_mask+0x20/0x20
[ 3113.223219]  ? create_prof_cpu_mask+0x20/0x20
[ 3113.223897]  arch_stack_walk+0x5f/0xf0
[ 3113.224517]  ? arch_stack_walk+0x5f/0xf0
[ 3113.225127]  ? ___pte_free_tlb+0x19/0x100
[ 3113.225747]  ? ___pte_free_tlb+0x19/0x100
[ 3113.226374]  stack_trace_save+0x8c/0xc0
[ 3113.226984]  ? filter_irq_stacks+0x90/0x90
[ 3113.227634]  ? ___pte_free_tlb+0x19/0x100
[ 3113.228276]  ? kasan_save_stack+0x2e/0x40
[ 3113.228872]  ? kasan_save_stack+0x1e/0x40
[ 3113.229427]  ? __kasan_record_aux_stack+0x97/0xa0
[ 3113.230068]  kasan_save_stack+0x1e/0x40
[ 3113.230641]  ? free_pgd_range+0x732/0x1350
[ 3113.231235]  ? free_pgtables+0x230/0x2f0
[ 3113.231839]  ? mark_lock.part.0+0xef/0x2f60
[ 3113.232496]  ? arch_do_signal_or_restart+0x88/0x1a40
[ 3113.233193]  ? exit_to_user_mode_prepare+0x131/0x1a0
[ 3113.233899]  ? syscall_exit_to_user_mode+0x19/0x50
[ 3113.234665]  ? do_syscall_64+0x48/0x90
[ 3113.235291]  ? entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 3113.236093]  ? lock_chain_count+0x20/0x20
[ 3113.236670]  ? lock_chain_count+0x20/0x20
[ 3113.237207]  ? unlink_anon_vmas+0x402/0x740
[ 3113.237872]  ? lock_is_held_type+0xd7/0x130
[ 3113.238531]  ? find_held_lock+0x2c/0x110
[ 3113.239161]  ? lock_release+0x3b2/0x6f0
[ 3113.239780]  ? mark_held_locks+0x9e/0xe0
[ 3113.240403]  ? call_rcu+0x585/0xa20
[ 3113.240994]  ? lockdep_hardirqs_on+0x79/0x100
[ 3113.241668]  kasan_set_track+0x21/0x30
[ 3113.242269]  kasan_set_free_info+0x20/0x30
[ 3113.242929]  __kasan_slab_free+0x108/0x170
[ 3113.243589]  kmem_cache_free+0xe0/0x420
[ 3113.244207]  ___pte_free_tlb+0x19/0x100
[ 3113.244825]  free_pgd_range+0x732/0x1350
[ 3113.245470]  free_pgtables+0x230/0x2f0
[ 3113.246073]  exit_mmap+0x1a1/0x460
[ 3113.246633]  ? do_munmap+0x40/0x40
[ 3113.247183]  ? delayed_uprobe_remove+0x27/0x230
[ 3113.247915]  mmput+0xc8/0x380
[ 3113.248399]  do_exit+0xa0a/0x27e0
[ 3113.248914]  ? find_held_lock+0x2c/0x110
[ 3113.249525]  ? lock_release+0x3b2/0x6f0
[ 3113.250131]  ? mm_update_next_owner+0x7d0/0x7d0
[ 3113.250834]  ? lock_downgrade+0x6d0/0x6d0
[ 3113.251468]  ? lock_is_held_type+0xd7/0x130
[ 3113.252123]  do_group_exit+0xd2/0x2f0
[ 3113.252723]  get_signal+0x2303/0x2350
[ 3113.253310]  ? signal_setup_done+0x520/0x520
[ 3113.254011]  ? lock_downgrade+0x6d0/0x6d0
[ 3113.254677]  arch_do_signal_or_restart+0x88/0x1a40
[ 3113.255428]  ? finish_task_switch.isra.0+0x226/0x870
[ 3113.256205]  ? lockdep_hardirqs_on+0x79/0x100
[ 3113.256896]  ? finish_task_switch.isra.0+0x226/0x870
[ 3113.257678]  ? get_sigframe_size+0x10/0x10
[ 3113.258343]  ? __schedule+0x895/0x2450
[ 3113.258947]  ? io_schedule_timeout+0x140/0x140
[ 3113.259652]  ? __x64_sys_futex_time32+0x480/0x480
[ 3113.260435]  exit_to_user_mode_prepare+0x131/0x1a0
[ 3113.261188]  syscall_exit_to_user_mode+0x19/0x50
[ 3113.261904]  do_syscall_64+0x48/0x90
[ 3113.262483]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 3113.263267] RIP: 0033:0x7f7e5487cb19
[ 3113.263814] Code: Unable to access opcode bytes at RIP 0x7f7e5487caef.
[ 3113.264792] RSP: 002b:00007f7e51d8f218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 3113.265899] RAX: 0000000000000001 RBX: 00007f7e549901a8 RCX: 00007f7e5487cb19
[ 3113.266974] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f7e549901ac
[ 3113.268010] RBP: 00007f7e549901a0 R08: 0000000000000002 R09: 0000000000000000
[ 3113.269048] R10: ffffffffffffffff R11: 0000000000000246 R12: 00007f7e549901ac
[ 3113.270090] R13: 00007fffa39f8f4f R14: 00007f7e51d8f300 R15: 0000000000022000
[ 3113.271172]  </TASK>
09:08:57 executing program 3:
r0 = syz_io_uring_setup(0x46ac, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_setup(0x42a, &(0x7f0000000180)={0x0, 0x22d, 0x2, 0x0, 0xce, 0x0, r0}, &(0x7f0000ffb000/0x2000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000000000)=<r3=>0x0, &(0x7f0000000200))
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
syz_io_uring_submit(r3, r2, &(0x7f0000000280)=@IORING_OP_SEND={0x1a, 0x4, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000000240)="625e2e05", 0x4, 0x4, 0x1, {0x0, r4}}, 0x100)
r5 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0)
read(r5, &(0x7f0000000000), 0xfffffdef)
io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
r6 = syz_io_uring_setup(0x2caf, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x1000000, 0x35c}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f00000000c0)=<r7=>0x0, 0x0)
r8 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
syz_io_uring_submit(r7, 0x0, &(0x7f0000000c00)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000000bc0)={&(0x7f0000000980)=@x25, 0x80, &(0x7f0000000b80)=[{&(0x7f0000000a00)=""/102, 0x66}, {&(0x7f0000000a80)=""/206, 0xce}], 0x2}, 0x0, 0x40002120, 0x0, {0x2, r8}}, 0xffffff41)
syz_io_uring_submit(r1, r2, &(0x7f0000000040)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x2, 0x0, 0x400, 0x2, &(0x7f00000002c0)="6a58bec58603efac047238df613a7f3b62abfa4e31cebdb4a643f54d62d302819dd8283d73bf71af7d05077314718dd3bca31bef107f43214fa4216fe8366d984de0c06e656c1e3e6761bfc69cf2ae5984b5d8331e78c4c81444e37755150f034caab74b12dc65dcdabe670822ba001a096f63bcfe427797a9c8f87fe97414f8a3c3fceab5f3684e4e26e0d8fd87f7d0179e3bd14db12097b81d3387c93bc6c723609fe4d534e99399dc1cd4c1d1c3f514ed8444b5682b6a9d8fa6d7534570b35c0edce74026542c5cab5a469d59108d04f35446acef50b1b2452c96e1762660d217b3172eaf65de39320e8944", 0xfffffeff, 0x0, 0x0, {0x3, r8}}, 0x0)
syz_open_procfs(0xffffffffffffffff, 0x0)
ioctl$FS_IOC_SETFSLABEL(r6, 0x41009432, &(0x7f0000000500)="e4f8fded9356ef3bac5752ed788e8ced051a7bf30166aff1fe01015ab71e2da4692f53f36b3e4bd6b2fb301849a71581e7775706896a0cf2c8d84a1ec4848c7bc427af2923b3299b5f32a2d238903812585f6370482287720fa25b6decc8c9082c6e57690066fc3fc7f46d01871a88a8e3a7c30182b2d91c90319984f0da995f13a00ea2bbd31f191eb5878a5fcf85ee1fc049bbefc0944f867df3721bde5e31d81ca7462110448356cf4d477162579063e0914989ee29754f29b5a60c6bf5b215a9947eea554feebcf2f6a8ae09bcc386c29206d4a560cf2719a96bcbb3072fd11fb1d59accd84a3d58646bdbe2c5212c7aeead3a1e8e9cccec2f56124e1b13")
read$hiddev(0xffffffffffffffff, 0x0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_OPENMOUNT(r5, 0xc0189374, &(0x7f00000003c0)={{0x1, 0x1, 0x18, <r9=>r6, {0x3d}}, './file0\x00'})
read$hiddev(r9, &(0x7f0000000400)=""/202, 0xca)
io_uring_enter(r0, 0x7fd6, 0x0, 0x0, 0x0, 0x0)

09:08:57 executing program 5:
socketpair$unix(0x1, 0x5, 0x0, 0x0)
bind$unix(0xffffffffffffffff, &(0x7f0000000140)=@file={0x0, './file1\x00'}, 0x6e)
sendmsg$unix(0xffffffffffffffff, 0x0, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
pwritev(r0, &(0x7f0000000640)=[{&(0x7f00000002c0)="19", 0x1}], 0x1, 0x8000000, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0)
r2 = socket$inet6(0xa, 0x1, 0x0)
bind$inet6(r2, &(0x7f00000002c0)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c)
recvfrom(r2, &(0x7f00000003c0)=""/87, 0x20010397, 0x300, 0x0, 0x0)
sendfile(r2, r1, 0x0, 0xfffffdef)
readv(0xffffffffffffffff, &(0x7f0000000040), 0x0)
openat$cgroup_freezer_state(0xffffffffffffffff, 0x0, 0x2, 0x0)
close(0xffffffffffffffff)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000001540), 0xffffffffffffffff)
sendmsg$NL80211_CMD_STOP_AP(r3, &(0x7f0000001600)={0x0, 0x0, &(0x7f00000015c0)={&(0x7f0000001580)={0x1c, 0x0, 0x1, 0x0, 0x0, {{}, {@val={0x8}, @void}}}, 0x1c}}, 0x0)
getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000000040), &(0x7f0000000080)=0xc)
syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x2200)

09:08:57 executing program 6:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{&(0x7f0000000040)=""/35, 0x23}, {0x0}, {&(0x7f0000000300)=""/165, 0xa5}], 0x3, 0x0, 0x48000000)

09:08:57 executing program 0:
perf_event_open$cgroup(&(0x7f0000000c00)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x1510, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

09:08:57 executing program 4:
sendmsg$NL80211_CMD_GET_MESH_CONFIG(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x20, 0x0, 0x800, 0x70bd2b, 0x25dfdbfb, {{}, {@void, @val={0xc, 0x99, {0xdf, 0x29}}}}}, 0x20}, 0x1, 0x0, 0x0, 0x20000881}, 0x800)
sendmsg$IEEE802154_LLSEC_DEL_KEY(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x38, 0x0, 0x800, 0x70bd26, 0x25dfdbfd, {}, [@IEEE802154_ATTR_LLSEC_KEY_SOURCE_EXTENDED={0xc, 0x2d, {0xaaaaaaaaaaaa0202}}, @IEEE802154_ATTR_LLSEC_KEY_SOURCE_EXTENDED={0xc}, @IEEE802154_ATTR_HW_ADDR={0xc, 0x5, {0xaaaaaaaaaaaa0002}}]}, 0x38}, 0x1, 0x0, 0x0, 0x80}, 0x880)
sendmsg$IEEE802154_LLSEC_ADD_KEY(0xffffffffffffffff, &(0x7f0000000340)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000300)={&(0x7f0000000240)={0xa0, 0x0, 0x800, 0x70bd2b, 0x25dfdbfb, {}, [@IEEE802154_ATTR_LLSEC_KEY_MODE={0x5, 0x2b, 0x2}, @IEEE802154_ATTR_SHORT_ADDR={0x6, 0x4, 0xaaa2}, @IEEE802154_ATTR_PAN_ID={0x6, 0x6, 0x2}, @IEEE802154_ATTR_LLSEC_KEY_BYTES={0x14, 0x30, "423ae6a325224c1a6ef34d14bf8ae259"}, @IEEE802154_ATTR_HW_ADDR={0xc, 0x5, {0xaaaaaaaaaaaa0202}}, @IEEE802154_ATTR_LLSEC_KEY_ID={0x5, 0x2e, 0x1}, @IEEE802154_ATTR_LLSEC_KEY_BYTES={0x14, 0x30, "0f015d5ca7b2a7896f3492c6b68ef458"}, @IEEE802154_ATTR_LLSEC_KEY_BYTES={0x14, 0x30, "11c609da206dd70289edcef26cd7bddf"}, @IEEE802154_ATTR_LLSEC_KEY_USAGE_COMMANDS={0x24, 0x32, "d009f7aca466ce0d551fa33aea9a5a21cad7d1e89ba8682954d3b5971970a737"}]}, 0xa0}, 0x1, 0x0, 0x0, 0x4020000}, 0xe91e404c9285d5bd)
sendmsg$NL80211_CMD_SET_WDS_PEER(0xffffffffffffffff, &(0x7f0000000480)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000440)={&(0x7f00000003c0)={0x64, 0x0, 0x4, 0x70bd29, 0x25dfdbff, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_MAC={0xa, 0x6, @random="906283a760af"}, @NL80211_ATTR_MAC={0xa, 0x6, @random="1534663ad9bb"}, @NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_MAC={0xa, 0x6, @random="d6ce4f45df5d"}]}, 0x64}, 0x1, 0x0, 0x0, 0x100}, 0x80)
r0 = syz_genetlink_get_family_id$tipc(&(0x7f0000000500), 0xffffffffffffffff)
sendmsg$TIPC_CMD_SHOW_STATS(0xffffffffffffffff, &(0x7f00000005c0)={&(0x7f00000004c0)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000580)={&(0x7f0000000540)={0x1c, r0, 0x200, 0x70bd28, 0x25dfdbfe, {}, ["", "", "", "", "", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x8000}, 0x20004004)
sendmsg$NL80211_CMD_UNEXPECTED_FRAME(0xffffffffffffffff, &(0x7f00000006c0)={&(0x7f0000000600)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000680)={&(0x7f0000000640)={0x28, 0x0, 0x10, 0x70bd27, 0x25dfdbfc, {{}, {@val={0x8}, @val={0xc, 0x99, {0x7fff, 0x39}}}}}, 0x28}, 0x1, 0x0, 0x0, 0x800}, 0xc010)
sendmsg$BATADV_CMD_GET_VLAN(0xffffffffffffffff, &(0x7f00000007c0)={&(0x7f0000000700)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000780)={&(0x7f0000000740)={0x3c, 0x0, 0x520, 0x70bd2b, 0x25dfdbfc, {}, [@BATADV_ATTR_ISOLATION_MASK={0x8, 0x2c, 0x6}, @BATADV_ATTR_AP_ISOLATION_ENABLED={0x5}, @BATADV_ATTR_DISTRIBUTED_ARP_TABLE_ENABLED={0x5}, @BATADV_ATTR_ORIG_INTERVAL={0x8, 0x39, 0x3}, @BATADV_ATTR_THROUGHPUT_OVERRIDE={0x8, 0x3b, 0x9}]}, 0x3c}, 0x1, 0x0, 0x0, 0x40004}, 0x4000)
sendmsg$IPVS_CMD_GET_DEST(0xffffffffffffffff, &(0x7f0000000940)={&(0x7f0000000800)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000900)={&(0x7f0000000840)={0x94, 0x0, 0x2, 0x70bd25, 0x25dfdbff, {}, [@IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x7}, @IPVS_CMD_ATTR_SERVICE={0x2c, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_FWMARK={0x8, 0x5, 0x2}, @IPVS_SVC_ATTR_PE_NAME={0x8}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x6}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0x2}, @IPVS_SVC_ATTR_SCHED_NAME={0x7, 0x6, 'rr\x00'}]}, @IPVS_CMD_ATTR_DAEMON={0x4c, 0x3, 0x0, 0x1, [@IPVS_DAEMON_ATTR_MCAST_IFN={0x14, 0x2, 'veth1_to_batadv\x00'}, @IPVS_DAEMON_ATTR_SYNC_ID={0x8, 0x3, 0x4}, @IPVS_DAEMON_ATTR_SYNC_ID={0x8, 0x3, 0x4}, @IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @ipv4={'\x00', '\xff\xff', @local}}, @IPVS_DAEMON_ATTR_SYNC_ID={0x8, 0x3, 0x2}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x5, 0x8, 0x1}]}]}, 0x94}, 0x1, 0x0, 0x0, 0x4000}, 0x8004)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NLBL_MGMT_C_PROTOCOLS(r1, &(0x7f0000000a80)={&(0x7f0000000980)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000a40)={&(0x7f00000009c0)={0x80, 0x0, 0x20, 0x70bd2a, 0x25dfdbff, {}, [@NLBL_MGMT_A_IPV6MASK={0x14, 0x6, @local}, @NLBL_MGMT_A_IPV4MASK={0x8, 0x8, @loopback}, @NLBL_MGMT_A_CV4DOI={0x8, 0x4, 0x3}, @NLBL_MGMT_A_FAMILY={0x6, 0xb, 0x8}, @NLBL_MGMT_A_IPV6ADDR={0x14, 0x5, @local}, @NLBL_MGMT_A_CLPDOI={0x8}, @NLBL_MGMT_A_IPV6ADDR={0x14, 0x5, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x18}}}, @NLBL_MGMT_A_IPV4MASK={0x8, 0x8, @local}, @NLBL_MGMT_A_CLPDOI={0x8}]}, 0x80}, 0x1, 0x0, 0x0, 0x40840}, 0x0)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_802154(r1, 0x8933, &(0x7f0000000b00)={'wpan0\x00', <r3=>0x0})
sendmsg$NL802154_CMD_DEL_SEC_KEY(r2, &(0x7f0000000cc0)={&(0x7f0000000ac0)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000c80)={&(0x7f0000000b40)={0x128, 0x0, 0x8, 0x70bd2d, 0x25dfdbfc, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x2}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r3}, @NL802154_ATTR_SEC_KEY={0x48, 0x25, 0x0, 0x1, [@NL802154_KEY_ATTR_USAGE_FRAMES={0x5, 0x2, 0x5}, @NL802154_KEY_ATTR_ID={0x14, 0x1, 0x0, 0x1, [@NL802154_KEY_ID_ATTR_INDEX={0x5, 0x2, 0x3}, @NL802154_KEY_ID_ATTR_INDEX={0x5}]}, @NL802154_KEY_ATTR_ID={0x28, 0x1, 0x0, 0x1, [@NL802154_KEY_ID_ATTR_IMPLICIT={0x24, 0x3, 0x0, 0x1, [@NL802154_DEV_ADDR_ATTR_MODE={0x8}, @NL802154_DEV_ADDR_ATTR_MODE={0x8, 0x2, 0x1}, @NL802154_DEV_ADDR_ATTR_MODE={0x8}, @NL802154_DEV_ADDR_ATTR_SHORT={0x6, 0x3, 0xaaa1}]}]}]}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x100000001}, @NL802154_ATTR_SEC_KEY={0xa0, 0x25, 0x0, 0x1, [@NL802154_KEY_ATTR_USAGE_CMDS={0x24, 0x3, "266e617e5538ca683dd57eab8c2096d0840d1692209bde864015798f46c763ee"}, @NL802154_KEY_ATTR_USAGE_FRAMES={0x5, 0x2, 0x1}, @NL802154_KEY_ATTR_USAGE_CMDS={0x24, 0x3, "6aa73a4818bc9f667cbf3f6e159d4d6bdbc1ab5f73d3dc81646c1c91dcf8918b"}, @NL802154_KEY_ATTR_BYTES={0x14, 0x4, "0d4dfe07aead2f94618217b071cb7bb1"}, @NL802154_KEY_ATTR_BYTES={0x14, 0x4, "3ef7c6796bb6a5c719f4002a8f1c61af"}, @NL802154_KEY_ATTR_USAGE_CMDS={0x24, 0x3, "a37837dbcaed9f0e1f6b77772c9de23e439e612951bf6a3355a70291a3d3ab2e"}]}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x3}]}, 0x128}, 0x1, 0x0, 0x0, 0x41}, 0x44)
syz_genetlink_get_family_id$tipc(&(0x7f0000000d00), 0xffffffffffffffff)
sendmsg$NL802154_CMD_DEL_SEC_DEV(r2, &(0x7f0000000e80)={&(0x7f0000000d40)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000e40)={&(0x7f0000000d80)={0xa0, 0x0, 0x100, 0x70bd2c, 0x25dfdbff, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x300000003}, @NL802154_ATTR_SEC_DEVICE={0x10, 0x23, 0x0, 0x1, {0xc, 0x4, {0xaaaaaaaaaaaa0202}}}, @NL802154_ATTR_SEC_DEVICE={0x10, 0x23, 0x0, 0x1, {0xc, 0x4, {0xaaaaaaaaaaaa0102}}}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x3}, @NL802154_ATTR_SEC_DEVICE={0x10, 0x23, 0x0, 0x1, {0xc, 0x4, {0xaaaaaaaaaaaa0202}}}, @NL802154_ATTR_SEC_DEVICE={0x10, 0x23, 0x0, 0x1, {0xc, 0x4, {0xaaaaaaaaaaaa0102}}}, @NL802154_ATTR_IFINDEX={0x8}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x200000002}, @NL802154_ATTR_SEC_DEVICE={0x10, 0x23, 0x0, 0x1, {0xc, 0x4, {0xaaaaaaaaaaaa0002}}}, @NL802154_ATTR_SEC_DEVICE={0x10, 0x23, 0x0, 0x1, {0xc}}]}, 0xa0}, 0x1, 0x0, 0x0, 0x800}, 0x2004)
r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$IEEE802154_LLSEC_ADD_DEVKEY(r4, &(0x7f0000000f80)={&(0x7f0000000ec0)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000f40)={&(0x7f0000000f00)={0x34, 0x0, 0x8, 0x70bd2c, 0x25dfdbfe, {}, [@IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan0\x00'}, @IEEE802154_ATTR_SHORT_ADDR={0x6, 0x4, 0xaaa1}, @IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan1\x00'}]}, 0x34}, 0x1, 0x0, 0x0, 0x4006001}, 0x40000)
r5 = syz_genetlink_get_family_id$tipc2(&(0x7f0000001000), 0xffffffffffffffff)
sendmsg$TIPC_NL_MEDIA_GET(0xffffffffffffffff, &(0x7f0000001200)={&(0x7f0000000fc0)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f00000011c0)={&(0x7f0000001040)={0x164, r5, 0x400, 0x70bd2a, 0x25dfdbfb, {}, [@TIPC_NLA_NET={0x48, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_NODEID={0xc, 0x3, 0xff42}, @TIPC_NLA_NET_ID={0x8, 0x1, 0x2}, @TIPC_NLA_NET_ADDR={0x8, 0x2, 0x322702a2}, @TIPC_NLA_NET_ID={0x8, 0x1, 0xffff0001}, @TIPC_NLA_NET_ID={0x8, 0x1, 0x3}, @TIPC_NLA_NET_ID={0x8, 0x1, 0x918}, @TIPC_NLA_NET_ADDR={0x8, 0x2, 0x1}, @TIPC_NLA_NET_ADDR={0x8, 0x2, 0xa8b}]}, @TIPC_NLA_MON={0x24, 0x9, 0x0, 0x1, [@TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x2}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x9bea}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x3}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x92}]}, @TIPC_NLA_MON={0x3c, 0x9, 0x0, 0x1, [@TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0xffff}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x3f}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x5}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x8}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x7}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x7f}, @TIPC_NLA_MON_REF={0x8, 0x2, 0xfff}]}, @TIPC_NLA_BEARER={0x4}, @TIPC_NLA_SOCK={0xa4, 0x2, 0x0, 0x1, [@TIPC_NLA_SOCK_CON={0x44, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_FLAG={0x8, 0x1, 0x5}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x7}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x1ff}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x7}, @TIPC_NLA_CON_FLAG={0x8}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x1c}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0xf0000000}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x7}]}, @TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0x2}, @TIPC_NLA_SOCK_REF={0x8, 0x2, 0x1f}, @TIPC_NLA_SOCK_REF={0x8, 0x2, 0x1}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_REF={0x8, 0x2, 0x7}, @TIPC_NLA_SOCK_REF={0x8, 0x2, 0x20}, @TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0xa51}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_CON={0x24, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_NODE={0x8, 0x2, 0x271}, @TIPC_NLA_CON_FLAG={0x8}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x7ff}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x8001}]}]}]}, 0x164}, 0x1, 0x0, 0x0, 0x20044850}, 0x4000888)

09:08:57 executing program 1:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{&(0x7f0000000040)=""/35, 0x23}, {0x0, 0x2}, {&(0x7f0000000300)=""/165, 0xa5}], 0x3, 0x0, 0x6c000000)

09:08:57 executing program 7:
openat$sndseq(0xffffffffffffff9c, 0x0, 0x0)
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{0x0}, {&(0x7f0000000300)=""/165, 0xa5}], 0x2, 0x0, 0xa5000000)

09:08:57 executing program 2:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000080), r0)
sendmsg$NLBL_MGMT_C_ADD(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)={0x4c, r1, 0x1, 0x0, 0x0, {}, [@NLBL_MGMT_A_DOMAIN={0x6, 0x1, '%\x00'}, @NLBL_MGMT_A_IPV6ADDR={0x14, 0x5, @local}, @NLBL_MGMT_A_IPV6MASK={0x14, 0x6, @mcast1}, @NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x5}]}, 0x4c}, 0x1, 0x700000000000000}, 0x0) (fail_nth: 6)

[ 3129.447360] Call Trace:
[ 3129.447831]  <IRQ>
[ 3129.448163]  ? x86_pmu_start+0x1c0/0x240
[ 3129.448805]  x86_pmu_enable+0x580/0xd90
[ 3129.449406]  ? amd_pmu_disable_virt+0xa0/0xa0
[ 3129.450096]  ctx_resched+0x2b9/0x3a0
[ 3129.450700]  __perf_install_in_context+0x285/0xa40
[ 3129.451459]  ? ctx_resched+0x3a0/0x3a0
[ 3129.452063]  remote_function+0x125/0x1b0
[ 3129.452697]  flush_smp_call_function_queue+0x1df/0x610
[ 3129.453499]  ? perf_duration_warn+0x40/0x40
[ 3129.454159]  __sysvec_call_function_single+0x92/0x3a0
[ 3129.454948]  sysvec_call_function_single+0x89/0xc0
[ 3129.455704]  </IRQ>
[ 3129.456047]  <TASK>
[ 3129.456389]  asm_sysvec_call_function_single+0x12/0x20
[ 3129.457190] RIP: 0010:finish_task_switch.isra.0+0x230/0x870
[ 3129.458063] Code: 89 f7 48 c7 03 00 00 00 00 e8 8c 9b 20 03 4d 85 e4 75 ba 4c 89 f7 e8 6f 3e f4 02 e8 7a ed 2a 00 fb 65 48 8b 1c 25 40 6f 02 00 <48> 8d bb 40 14 00 00 48 b8 00 00 00 00 00 fc ff df 48 89 fa 48 c1
[ 3129.460895] RSP: 0018:ffff88801d13f8b8 EFLAGS: 00000202
[ 3129.461696] RAX: 0000000000000257 RBX: ffff8880417c3580 RCX: ffffffff81283e5f
[ 3129.462783] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000
[ 3129.463865] RBP: ffff88801d13f8f8 R08: 0000000000000001 R09: ffffffff86a3e807
[ 3129.464945] R10: fffffbfff0d47d00 R11: 0000000000000001 R12: 0000000000000001
[ 3129.466035] R13: ffff88800db1b580 R14: ffff88806ce37dc0 R15: ffff88806ce37dd8
[ 3129.467143]  ? mark_lock.part.0+0xef/0x2f60
[ 3129.467809]  ? finish_task_switch.isra.0+0x226/0x870
[ 3129.468595]  __schedule+0x895/0x2450
[ 3129.469181]  ? io_schedule_timeout+0x140/0x140
[ 3129.469880]  ? mark_held_locks+0x9e/0xe0
[ 3129.470525]  ? lock_is_held_type+0xd7/0x130
[ 3129.471188]  ? __cond_resched+0x13/0x20
[ 3129.471794]  preempt_schedule_common+0x45/0xc0
[ 3129.472496]  __cond_resched+0x13/0x20
[ 3129.473075]  __ext4_mark_inode_dirty+0xed/0x860
[ 3129.473786]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 3129.474653]  ? ext4_expand_extra_isize+0x5e0/0x5e0
[ 3129.475402]  ? inode_free_by_rcu+0x20/0x20
[ 3129.476069]  ? chksum_update+0x4c/0xb0
[ 3129.476677]  __ext4_new_inode+0x46f9/0x5620
[ 3129.477367]  ? ext4_mark_inode_used+0x14a0/0x14a0
[ 3129.478124]  ? may_create+0x1dd/0x370
[ 3129.478709]  ? ext4_symlink+0x968/0xc80
[ 3129.479311]  ext4_symlink+0x453/0xc80
[ 3129.479903]  ? ext4_mknod+0x4f0/0x4f0
[ 3129.480493]  ? inode_permission.part.0+0xb5/0x670
[ 3129.481237]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 3129.482074]  vfs_symlink+0x10e/0x2d0
[ 3129.482664]  do_symlinkat+0x144/0x2a0
[ 3129.483254]  ? __x64_sys_unlinkat+0x130/0x130
[ 3129.483942]  ? getname_flags.part.0+0x1dd/0x4f0
[ 3129.484650]  __x64_sys_symlink+0x75/0x90
[ 3129.485261]  do_syscall_64+0x3b/0x90
[ 3129.485825]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 3129.486616] RIP: 0033:0x7f7e5487c427
[ 3129.487170] Code: 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 58 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3129.489926] RSP: 002b:00007fffa39f9198 EFLAGS: 00000202 ORIG_RAX: 0000000000000058
[ 3129.491083] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f7e5487c427
[ 3129.492141] RDX: 00007fffa39f9277 RSI: 00007f7e548d7019 RDI: 00007fffa39f9260
[ 3129.493214] RBP: 0000000000000000 R08: 0000000000000000 R09: 00007fffa39f9030
[ 3129.494286] R10: 00007fffa39f8ee7 R11: 0000000000000202 R12: 0000000000000001
[ 3129.495389] R13: 0000000000000001 R14: 0000000000000001 R15: 00007fffa39f9260
[ 3129.496488]  </TASK>
[ 3129.527745] FAULT_INJECTION: forcing a failure.
[ 3129.527745] name failslab, interval 1, probability 0, space 0, times 0
[ 3129.529645] CPU: 0 PID: 14166 Comm: syz-executor.2 Not tainted 5.17.0-next-20220328 #1
[ 3129.530879] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[ 3129.532599] Call Trace:
[ 3129.532991]  <TASK>
[ 3129.533339]  dump_stack_lvl+0x8b/0xb3
[ 3129.533946]  should_fail.cold+0x5/0xa
[ 3129.534712]  ? create_object.isra.0+0x3a/0xa20
[ 3129.535441]  should_failslab+0x5/0x10
[ 3129.536041]  kmem_cache_alloc+0x5b/0x480
[ 3129.536683]  create_object.isra.0+0x3a/0xa20
[ 3129.537367]  ? kasan_unpoison+0x23/0x50
[ 3129.537979]  __kmalloc_node_track_caller+0x269/0x440
[ 3129.538800]  ? netlink_sendmsg+0x98d/0xe00
[ 3129.539473]  __alloc_skb+0xe3/0x340
[ 3129.540047]  netlink_sendmsg+0x98d/0xe00
[ 3129.540693]  ? netlink_unicast+0x800/0x800
[ 3129.541354]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 3129.542245]  ? netlink_unicast+0x800/0x800
[ 3129.542924]  sock_sendmsg+0x150/0x190
[ 3129.543512]  ____sys_sendmsg+0x703/0x870
[ 3129.544132]  ? kernel_sendmsg+0x50/0x50
[ 3129.544742]  ? __ia32_sys_recvmmsg+0x260/0x260
[ 3129.545426]  ? lockdep_hardirqs_on_prepare+0x400/0x400
[ 3129.546214]  ? lock_release+0x3b2/0x6f0
[ 3129.546837]  ___sys_sendmsg+0xf3/0x170
[ 3129.547441]  ? sendmsg_copy_msghdr+0x160/0x160
[ 3129.548125]  ? lock_release+0x3b2/0x6f0
[ 3129.548751]  ? lock_downgrade+0x6d0/0x6d0
[ 3129.549369]  ? lock_release+0x3b2/0x6f0
[ 3129.549990]  ? ksys_write+0x20c/0x250
[ 3129.550589]  ? lock_downgrade+0x6d0/0x6d0
[ 3129.551234]  ? __fget_files+0x287/0x470
[ 3129.551836]  ? __fget_light+0xea/0x270
[ 3129.552443]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[ 3129.553295]  __sys_sendmsg+0xe5/0x1b0
[ 3129.553882]  ? __sys_sendmsg_sock+0x30/0x30
[ 3129.554567]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 3129.555425]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3129.556198]  do_syscall_64+0x3b/0x90
[ 3129.556752]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 3129.557535] RIP: 0033:0x7f928d323b19
[ 3129.558088] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3129.560904] RSP: 002b:00007f928a899188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 3129.562062] RAX: ffffffffffffffda RBX: 00007f928d436f60 RCX: 00007f928d323b19
[ 3129.563162] RDX: 0000000000000000 RSI: 0000000020000200 RDI: 0000000000000004
[ 3129.564239] RBP: 00007f928a8991d0 R08: 0000000000000000 R09: 0000000000000000
[ 3129.565313] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 3129.566393] R13: 00007ffe916ec8df R14: 00007f928a899300 R15: 0000000000022000
[ 3129.567510]  </TASK>
[ 3129.567908] Call Trace:
[ 3129.568290]  <IRQ>
[ 3129.568613]  x86_pmu_stop+0x149/0x330
[ 3129.569205]  x86_pmu_del+0x1be/0x610
[ 3129.569785]  event_sched_out+0x2ed/0xe80
[ 3129.570403]  __perf_remove_from_context+0x87/0xbe0
[ 3129.571146]  event_function+0x297/0x3d0
[ 3129.571751]  ? perf_uprobe_event_init+0x1c0/0x1c0
[ 3129.572491]  remote_function+0x125/0x1b0
[ 3129.573113]  flush_smp_call_function_queue+0x1df/0x610
[ 3129.573918]  ? perf_duration_warn+0x40/0x40
[ 3129.574597]  __sysvec_call_function_single+0x92/0x3a0
[ 3129.575375]  sysvec_call_function_single+0x89/0xc0
[ 3129.576097]  </IRQ>
[ 3129.576431]  <TASK>
[ 3129.576764]  asm_sysvec_call_function_single+0x12/0x20
[ 3129.577544] RIP: 0010:dump_stack_lvl+0xab/0xb3
[ 3129.578230] Code: 31 ff 4c 89 e2 e8 70 36 fc ff e8 bd e3 24 fd 31 ff 48 89 de e8 73 d1 3d fd 48 85 db 74 0b e8 d9 ce 3d fd e8 d4 9f 44 fd fb 5b <5d> 41 5c e9 ca ce 3d fd e8 c5 ce 3d fd 48 c7 c7 20 af 7e 84 e9 3c
[ 3129.580983] RSP: 0018:ffff88804a54f8a0 EFLAGS: 00000206
[ 3129.581789] RAX: 000000000000031d RBX: ffffffff852b9c20 RCX: 1ffffffff0b1b2a1
[ 3129.582878] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 3129.583940] RBP: 0000000000000001 R08: 0000000000000001 R09: 0000000000000001
[ 3129.584995] R10: ffffffff814a8a78 R11: 0000000000000001 R12: ffffffff847eaf20
[ 3129.586052] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 3129.587132]  ? trace_hardirqs_on+0x38/0x190
[ 3129.587800]  should_fail.cold+0x5/0xa
[ 3129.588371]  ? create_object.isra.0+0x3a/0xa20
[ 3129.589066]  should_failslab+0x5/0x10
[ 3129.589642]  kmem_cache_alloc+0x5b/0x480
[ 3129.590257]  create_object.isra.0+0x3a/0xa20
[ 3129.590937]  ? kasan_unpoison+0x23/0x50
[ 3129.591546]  __kmalloc_node_track_caller+0x269/0x440
[ 3129.592288]  ? netlink_sendmsg+0x98d/0xe00
[ 3129.592924]  __alloc_skb+0xe3/0x340
[ 3129.593492]  netlink_sendmsg+0x98d/0xe00
[ 3129.594110]  ? netlink_unicast+0x800/0x800
[ 3129.594802]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 3129.595632]  ? netlink_unicast+0x800/0x800
[ 3129.596267]  sock_sendmsg+0x150/0x190
[ 3129.596833]  ____sys_sendmsg+0x703/0x870
[ 3129.597445]  ? kernel_sendmsg+0x50/0x50
[ 3129.598037]  ? __ia32_sys_recvmmsg+0x260/0x260
[ 3129.598731]  ? lockdep_hardirqs_on_prepare+0x400/0x400
[ 3129.599520]  ? lock_release+0x3b2/0x6f0
[ 3129.600134]  ___sys_sendmsg+0xf3/0x170
[ 3129.600723]  ? sendmsg_copy_msghdr+0x160/0x160
[ 3129.601409]  ? lock_release+0x3b2/0x6f0
[ 3129.602005]  ? lock_downgrade+0x6d0/0x6d0
[ 3129.602639]  ? lock_release+0x3b2/0x6f0
[ 3129.603235]  ? ksys_write+0x20c/0x250
[ 3129.603808]  ? lock_downgrade+0x6d0/0x6d0
[ 3129.604432]  ? __fget_files+0x287/0x470
[ 3129.605051]  ? __fget_light+0xea/0x270
[ 3129.605645]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[ 3129.606467]  __sys_sendmsg+0xe5/0x1b0
[ 3129.607061]  ? __sys_sendmsg_sock+0x30/0x30
[ 3129.607712]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 3129.608557]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3129.609337]  do_syscall_64+0x3b/0x90
[ 3129.609898]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 3129.610688] RIP: 0033:0x7f928d323b19
[ 3129.611241] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3129.613974] RSP: 002b:00007f928a899188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 3129.615150] RAX: ffffffffffffffda RBX: 00007f928d436f60 RCX: 00007f928d323b19
[ 3129.616207] RDX: 0000000000000000 RSI: 0000000020000200 RDI: 0000000000000004
[ 3129.617278] RBP: 00007f928a8991d0 R08: 0000000000000000 R09: 0000000000000000
[ 3129.618359] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 3129.619450] R13: 00007ffe916ec8df R14: 00007f928a899300 R15: 0000000000022000
[ 3129.620555]  </TASK>
09:08:57 executing program 7:
openat$sndseq(0xffffffffffffff9c, 0x0, 0x0)
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{0x0}, {&(0x7f0000000300)=""/165, 0xa5}], 0x2, 0x0, 0xbf000000)

09:08:57 executing program 6:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{&(0x7f0000000040)=""/35, 0x23}, {0x0}, {&(0x7f0000000300)=""/165, 0xa5}], 0x3, 0x0, 0x4c000000)

[ 3129.680480] Call Trace:
[ 3129.680951]  <TASK>
[ 3129.681279]  ? x86_pmu_start+0x1c0/0x240
[ 3129.681914]  x86_pmu_enable+0x580/0xd90
[ 3129.682523]  ? amd_pmu_disable_virt+0xa0/0xa0
[ 3129.683208]  ctx_resched+0x2b9/0x3a0
[ 3129.683770]  __perf_install_in_context+0x285/0xa40
[ 3129.684499]  ? ctx_resched+0x3a0/0x3a0
[ 3129.685076]  remote_function+0x125/0x1b0
[ 3129.685688]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 3129.686534]  ? perf_duration_warn+0x40/0x40
[ 3129.687204]  generic_exec_single+0x203/0x300
[ 3129.687881]  smp_call_function_single+0x189/0x460
[ 3129.688604]  ? perf_duration_warn+0x40/0x40
[ 3129.689269]  ? generic_exec_single+0x300/0x300
[ 3129.689954]  ? perf_duration_warn+0x40/0x40
[ 3129.690650]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 3129.691487]  ? lock_is_held_type+0xd7/0x130
[ 3129.692141]  perf_install_in_context+0x4da/0x590
[ 3129.692848]  ? list_add_event+0xeb0/0xeb0
[ 3129.693459]  ? ctx_resched+0x3a0/0x3a0
[ 3129.694050]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 3129.694895]  ? exclusive_event_installable+0x254/0x320
[ 3129.695707]  __do_sys_perf_event_open+0x1bf0/0x3040
[ 3129.696489]  ? perf_remove_from_context+0x260/0x260
[ 3129.697236]  ? xfd_validate_state+0x59/0x180
[ 3129.697937]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3129.698766]  do_syscall_64+0x3b/0x90
[ 3129.699325]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 3129.700103] RIP: 0033:0x7f750a357b19
[ 3129.700673] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3129.703464] RSP: 002b:00007f75078cd188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a
[ 3129.704643] RAX: ffffffffffffffda RBX: 00007f750a46af60 RCX: 00007f750a357b19
[ 3129.705727] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000c00
[ 3129.706819] RBP: 00007f750a3b1f6d R08: 0000000000000000 R09: 0000000000000000
[ 3129.707890] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000000
[ 3129.708960] R13: 00007ffc8fa2e86f R14: 00007f75078cd300 R15: 0000000000022000
[ 3129.710031]  </TASK>
09:08:57 executing program 1:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{&(0x7f0000000040)=""/35, 0x23}, {0x0, 0x2}, {&(0x7f0000000300)=""/165, 0xa5}], 0x3, 0x0, 0x74000000)

09:08:58 executing program 7:
openat$sndseq(0xffffffffffffff9c, 0x0, 0x0)
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{0x0}, {&(0x7f0000000300)=""/165, 0xa5}], 0x2, 0x0, 0xffffff7f)

09:08:58 executing program 2:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000080), r0)
sendmsg$NLBL_MGMT_C_ADD(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)={0x4c, r1, 0x1, 0x0, 0x0, {}, [@NLBL_MGMT_A_DOMAIN={0x6, 0x1, '%\x00'}, @NLBL_MGMT_A_IPV6ADDR={0x14, 0x5, @local}, @NLBL_MGMT_A_IPV6MASK={0x14, 0x6, @mcast1}, @NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x5}]}, 0x4c}, 0x1, 0x700000000000000}, 0x0) (fail_nth: 7)

09:08:58 executing program 6:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{&(0x7f0000000040)=""/35, 0x23}, {0x0}, {&(0x7f0000000300)=""/165, 0xa5}], 0x3, 0x0, 0x68000000)

[ 3129.863790] FAULT_INJECTION: forcing a failure.
[ 3129.863790] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 3129.865696] CPU: 0 PID: 14191 Comm: syz-executor.2 Not tainted 5.17.0-next-20220328 #1
[ 3129.866907] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[ 3129.868541] Call Trace:
[ 3129.868899]  <TASK>
[ 3129.869211]  dump_stack_lvl+0x8b/0xb3
[ 3129.869737]  should_fail.cold+0x5/0xa
[ 3129.870264]  _copy_from_iter+0x37d/0x14d0
[ 3129.870869]  ? _copy_from_iter_nocache+0x14a0/0x14a0
[ 3129.871598]  ? rcu_read_lock_sched_held+0x3a/0x70
[ 3129.872304]  ? memset+0x20/0x40
[ 3129.872764]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[ 3129.873535]  ? __virt_addr_valid+0xe9/0x310
[ 3129.874148]  ? __sanitizer_cov_trace_const_cmp1+0x22/0x80
[ 3129.874951]  ? __sanitizer_cov_trace_cmp8+0x1d/0x70
[ 3129.875706]  ? __check_object_size+0x1b5/0x4e0
[ 3129.876385]  netlink_sendmsg+0x86b/0xe00
[ 3129.877006]  ? netlink_unicast+0x800/0x800
[ 3129.877652]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 3129.878453]  ? netlink_unicast+0x800/0x800
[ 3129.879113]  sock_sendmsg+0x150/0x190
[ 3129.879673]  ____sys_sendmsg+0x703/0x870
[ 3129.880309]  ? kernel_sendmsg+0x50/0x50
[ 3129.880885]  ? __ia32_sys_recvmmsg+0x260/0x260
[ 3129.881615]  ? lockdep_hardirqs_on_prepare+0x400/0x400
[ 3129.882432]  ? lock_release+0x3b2/0x6f0
[ 3129.883067]  ___sys_sendmsg+0xf3/0x170
[ 3129.883664]  ? sendmsg_copy_msghdr+0x160/0x160
[ 3129.884343]  ? lock_release+0x3b2/0x6f0
[ 3129.884945]  ? lock_downgrade+0x6d0/0x6d0
[ 3129.885596]  ? lock_release+0x3b2/0x6f0
[ 3129.886196]  ? ksys_write+0x20c/0x250
[ 3129.886791]  ? lock_downgrade+0x6d0/0x6d0
[ 3129.887423]  ? __fget_files+0x287/0x470
[ 3129.888028]  ? __fget_light+0xea/0x270
[ 3129.888623]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[ 3129.889452]  __sys_sendmsg+0xe5/0x1b0
[ 3129.890019]  ? __sys_sendmsg_sock+0x30/0x30
[ 3129.890692]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 3129.891531]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3129.892305]  do_syscall_64+0x3b/0x90
[ 3129.892863]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 3129.893642] RIP: 0033:0x7f928d323b19
[ 3129.894195] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3129.896941] RSP: 002b:00007f928a899188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 3129.898102] RAX: ffffffffffffffda RBX: 00007f928d436f60 RCX: 00007f928d323b19
[ 3129.899202] RDX: 0000000000000000 RSI: 0000000020000200 RDI: 0000000000000004
[ 3129.900250] RBP: 00007f928a8991d0 R08: 0000000000000000 R09: 0000000000000000
[ 3129.901344] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 3129.902420] R13: 00007ffe916ec8df R14: 00007f928a899300 R15: 0000000000022000
[ 3129.903536]  </TASK>
[ 3129.911639] Call Trace:
[ 3129.912067]  <TASK>
[ 3129.912416]  x86_pmu_stop+0x149/0x330
[ 3129.913005]  x86_pmu_del+0x1be/0x610
[ 3129.913573]  event_sched_out+0x2ed/0xe80
[ 3129.914192]  __perf_remove_from_context+0x87/0xbe0
[ 3129.914968]  event_function+0x297/0x3d0
[ 3129.915561]  ? perf_uprobe_event_init+0x1c0/0x1c0
[ 3129.916271]  remote_function+0x125/0x1b0
[ 3129.916888]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 3129.917708]  ? perf_duration_warn+0x40/0x40
[ 3129.918365]  generic_exec_single+0x203/0x300
[ 3129.919040]  smp_call_function_single+0x189/0x460
[ 3129.919757]  ? perf_duration_warn+0x40/0x40
[ 3129.920408]  ? generic_exec_single+0x300/0x300
[ 3129.921095]  ? perf_duration_warn+0x40/0x40
[ 3129.921750]  ? lock_is_held_type+0xd7/0x130
[ 3129.922387]  event_function_call+0x3d0/0x430
[ 3129.923057]  ? perf_group_detach+0x11b0/0x11b0
[ 3129.923734]  ? perf_copy_attr+0x9c0/0x9c0
[ 3129.924340]  ? lock_release+0x3b2/0x6f0
[ 3129.924938]  ? perf_group_detach+0x11b0/0x11b0
[ 3129.925620]  ? perf_uprobe_event_init+0x1c0/0x1c0
[ 3129.926326]  ? _raw_spin_unlock_irq+0x1f/0x40
[ 3129.926996]  perf_remove_from_context+0x12e/0x260
[ 3129.927706]  perf_event_release_kernel+0x153/0x7f0
[ 3129.928445]  ? lock_is_held_type+0xd7/0x130
[ 3129.929094]  ? perf_pmu_migrate_context+0xae0/0xae0
[ 3129.929839]  ? lock_is_held_type+0xd7/0x130
[ 3129.930493]  perf_release+0x33/0x40
[ 3129.931053]  __fput+0x272/0x9d0
[ 3129.931551]  ? perf_event_release_kernel+0x7f0/0x7f0
[ 3129.932323]  task_work_run+0xe2/0x1a0
[ 3129.932908]  do_exit+0xaf7/0x27e0
[ 3129.933434]  ? find_held_lock+0x2c/0x110
[ 3129.934040]  ? lock_release+0x3b2/0x6f0
[ 3129.934675]  ? mm_update_next_owner+0x7d0/0x7d0
[ 3129.935375]  ? lock_downgrade+0x6d0/0x6d0
[ 3129.935999]  ? lock_is_held_type+0xd7/0x130
[ 3129.936648]  do_group_exit+0xd2/0x2f0
[ 3129.937221]  get_signal+0x2303/0x2350
[ 3129.937812]  ? lock_downgrade+0x6d0/0x6d0
[ 3129.938441]  ? signal_setup_done+0x520/0x520
[ 3129.939107]  ? lock_is_held_type+0xd7/0x130
[ 3129.939767]  arch_do_signal_or_restart+0x88/0x1a40
[ 3129.940504]  ? __do_sys_perf_event_open+0xd2/0x3040
[ 3129.941259]  ? get_sigframe_size+0x10/0x10
[ 3129.941908]  ? perf_remove_from_context+0x260/0x260
[ 3129.942676]  ? xfd_validate_state+0x59/0x180
[ 3129.943368]  exit_to_user_mode_prepare+0x131/0x1a0
[ 3129.944111]  syscall_exit_to_user_mode+0x19/0x50
[ 3129.944834]  do_syscall_64+0x48/0x90
[ 3129.945384]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 3129.946157] RIP: 0033:0x7f750a357b19
[ 3129.946711] Code: Unable to access opcode bytes at RIP 0x7f750a357aef.
[ 3129.947694] RSP: 002b:00007f75078cd188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a
[ 3129.948820] RAX: 0000000000000003 RBX: 00007f750a46af60 RCX: 00007f750a357b19
[ 3129.949892] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000c00
[ 3129.950980] RBP: 00007f750a3b1f6d R08: 0000000000000000 R09: 0000000000000000
[ 3129.952033] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000000
[ 3129.953085] R13: 00007ffc8fa2e86f R14: 00007f75078cd300 R15: 0000000000022000
[ 3129.954175]  </TASK>
09:08:58 executing program 1:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000002c0)=[{&(0x7f0000000040)=""/35, 0x23}, {0x0, 0x2}, {&(0x7f0000000300)=""/165, 0xa5}], 0x3, 0x0, 0x7a000000)

09:08:58 executing program 7:
r0 = openat$sndseq(0xffffffffffffff9c, 0x0, 0x0)
r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
r2 = fsopen(&(0x7f0000000080)='hugetlbfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r2, 0x6, 0x0, 0x0, 0x0)
r3 = fsmount(r2, 0x0, 0x0)
mknodat$null(r3, &(0x7f0000000040)='./file0\x00', 0x2000, 0x103)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r3, 0xc08c5332, &(0x7f0000000000)={0xa74d00e, 0x1, 0x0, 'queue1\x00', 0x9})
fcntl$setpipe(r3, 0x407, 0xed)
ioctl$FAT_IOCTL_SET_ATTRIBUTES(r0, 0x40047211, &(0x7f00000000c0)=0x4)
preadv(r1, &(0x7f0000000100)=[{0x0}, {&(0x7f0000000280)=""/169, 0xa9}], 0x2, 0x0, 0x8002000)

[ 3279.660280] INFO: task syz-executor.3:14168 blocked for more than 143 seconds.
[ 3279.661551]       Not tainted 5.17.0-next-20220328 #1
[ 3279.662403] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 3279.663595] task:syz-executor.3  state:D stack:27936 pid:14168 ppid:   303 flags:0x00004004
[ 3279.665029] Call Trace:
[ 3279.665482]  <TASK>
[ 3279.665786]  __schedule+0x88d/0x2450
[ 3279.666355]  ? io_schedule_timeout+0x140/0x140
[ 3279.666969]  ? rwlock_bug.part.0+0x90/0x90
[ 3279.667615]  schedule+0xd2/0x1f0
[ 3279.668138]  schedule_preempt_disabled+0xf/0x20
[ 3279.668949]  __mutex_lock+0xb7e/0x1480
[ 3279.670037]  ? io_uring_del_tctx_node+0x10b/0x24d
[ 3279.671242]  ? mutex_lock_io_nested+0x12c0/0x12c0
[ 3279.671993]  ? lock_downgrade+0x6d0/0x6d0
[ 3279.672706]  ? do_raw_spin_unlock+0x4f/0x210
[ 3279.673449]  io_uring_del_tctx_node+0x10b/0x24d
[ 3279.674197]  io_uring_cancel_generic+0x5bd/0x68f
[ 3279.674933]  ? io_submit_sqes.cold+0x3d5/0x3d5
[ 3279.675672]  ? lock_release+0x3b2/0x6f0
[ 3279.676309]  ? do_exit+0x187/0x27e0
[ 3279.676906]  ? lock_downgrade+0x6d0/0x6d0
[ 3279.677571]  ? destroy_sched_domains_rcu+0x50/0x50
[ 3279.678350]  ? rwlock_bug.part.0+0x90/0x90
[ 3279.679015]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 3279.679916]  ? io_uring_unreg_ringfd+0xe5/0x140
[ 3279.680701]  do_exit+0x4f1/0x27e0
[ 3279.681300]  ? find_held_lock+0x2c/0x110
[ 3279.681943]  ? lock_release+0x3b2/0x6f0
[ 3279.682578]  ? mm_update_next_owner+0x7d0/0x7d0
[ 3279.683313]  ? lock_downgrade+0x6d0/0x6d0
[ 3279.683962]  ? lock_is_held_type+0xd7/0x130
[ 3279.684666]  do_group_exit+0xd2/0x2f0
[ 3279.685309]  get_signal+0x2303/0x2350
[ 3279.685959]  ? signal_setup_done+0x520/0x520
[ 3279.686696]  arch_do_signal_or_restart+0x88/0x1a40
[ 3279.687500]  ? do_futex+0x136/0x380
[ 3279.688059]  ? __ia32_compat_sys_get_robust_list+0x3b0/0x3b0
[ 3279.688969]  ? get_sigframe_size+0x10/0x10
[ 3279.689647]  ? __bad_area_nosemaphore+0x314/0x3f0
[ 3279.690451]  ? __x64_sys_futex+0x1c6/0x4c0
[ 3279.691112]  ? __x64_sys_futex_time32+0x480/0x480
[ 3279.691948]  exit_to_user_mode_prepare+0x131/0x1a0
[ 3279.692781]  syscall_exit_to_user_mode+0x19/0x50
[ 3279.693540]  do_syscall_64+0x48/0x90
[ 3279.694110]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 3279.694928] RIP: 0033:0x7f7e5487cb19
[ 3279.695532] RSP: 002b:00007f7e51df2218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 3279.696757] RAX: fffffffffffffe00 RBX: 00007f7e5498ff68 RCX: 00007f7e5487cb19
[ 3279.697877] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f7e5498ff68
[ 3279.699002] RBP: 00007f7e5498ff60 R08: 0000000000000000 R09: 0000000000000000
[ 3279.700159] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7e5498ff6c
[ 3279.701339] R13: 00007fffa39f8f4f R14: 00007f7e51df2300 R15: 0000000000022000
[ 3279.702477]  </TASK>
[ 3279.702842] INFO: task syz-executor.3:14182 can't die for more than 143 seconds.
[ 3279.704017] task:syz-executor.3  state:R  running task     stack:25632 pid:14182 ppid:   303 flags:0x00004006
[ 3279.705611] Call Trace:
[ 3279.706010]  <TASK>
[ 3279.706382]  ? __schedule+0x88d/0x2450
[ 3279.707000]  ? do_shrink_slab+0xb00/0xb00
[ 3279.707674]  ? lock_is_held_type+0xd7/0x130
[ 3279.708369]  ? __cond_resched+0x13/0x20
[ 3279.708992]  ? shrink_node+0x892/0x1d50
[ 3279.709649]  ? do_try_to_free_pages+0x3cc/0x1680
[ 3279.710389]  ? __node_reclaim+0x9e0/0x9e0
[ 3279.710997]  ? lock_is_held_type+0xd7/0x130
[ 3279.711670]  ? try_to_free_mem_cgroup_pages+0x309/0x890
[ 3279.712485]  ? mem_cgroup_shrink_node+0x710/0x710
[ 3279.713375]  ? lockdep_hardirqs_on+0x79/0x100
[ 3279.714045]  ? _raw_spin_unlock_irqrestore+0x33/0x50
[ 3279.714826]  ? try_charge_memcg+0x423/0x1360
[ 3279.715520]  ? mem_cgroup_handle_over_high+0x480/0x480
[ 3279.716328]  ? lock_release+0x3b2/0x6f0
[ 3279.716932]  ? __memcg_kmem_charge_page+0x446/0x7e0
[ 3279.717683]  ? lock_downgrade+0x6d0/0x6d0
[ 3279.718348]  ? __memcg_kmem_charge_page+0x46c/0x7e0
[ 3279.719139]  ? __alloc_pages+0x1de/0x4e0
[ 3279.719764]  ? __alloc_pages_slowpath.constprop.0+0x1f10/0x1f10
[ 3279.720726]  ? __lock_acquire+0x164e/0x6120
[ 3279.721447]  ? alloc_pages+0x1a0/0x2f0
[ 3279.722037]  ? io_issue_sqe+0x304d/0x7c10
[ 3279.722710]  ? io_openat2+0xbb0/0xbb0
[ 3279.723310]  ? find_held_lock+0x2c/0x110
[ 3279.724008]  ? lock_release+0x3b2/0x6f0
[ 3279.724690]  ? tctx_task_work+0x13d/0x1430
[ 3279.725379]  ? mark_held_locks+0x9e/0xe0
[ 3279.726000]  ? rwlock_bug.part.0+0x90/0x90
[ 3279.726689]  ? io_req_task_submit+0xd2/0x720
[ 3279.727381]  ? tctx_task_work+0x1a3/0x1430
[ 3279.728066]  ? do_raw_spin_lock+0x121/0x260
[ 3279.728747]  ? io_poll_task_func+0x490/0x490
[ 3279.729425]  ? rwlock_bug.part.0+0x90/0x90
[ 3279.730390]  ? _raw_spin_unlock_irq+0x1f/0x40
[ 3279.731217]  ? task_work_run+0xe2/0x1a0
[ 3279.731831]  ? get_signal+0x1cd/0x2350
[ 3279.732647]  ? find_held_lock+0x2c/0x110
[ 3279.733306]  ? signal_setup_done+0x520/0x520
[ 3279.733968]  ? percpu_ref_put_many+0x152/0x270
[ 3279.734668]  ? lock_downgrade+0x6d0/0x6d0
[ 3279.735313]  ? arch_do_signal_or_restart+0x88/0x1a40
[ 3279.736096]  ? __sanitizer_cov_trace_const_cmp1+0x22/0x80
[ 3279.736985]  ? fput+0x2a/0x50
[ 3279.737477]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 3279.738332]  ? __do_sys_io_uring_enter+0x563/0x1520
[ 3279.739306]  ? get_sigframe_size+0x10/0x10
[ 3279.740193]  ? xfd_validate_state+0x59/0x180
[ 3279.740992]  ? io_submit_sqes+0x94a0/0x94a0
[ 3279.741672]  ? restore_fpregs_from_fpstate+0xcc/0x1e0
[ 3279.742473]  ? exit_to_user_mode_prepare+0x131/0x1a0
[ 3279.743259]  ? syscall_exit_to_user_mode+0x19/0x50
[ 3279.744022]  ? do_syscall_64+0x48/0x90
[ 3279.744645]  ? entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 3279.745507]  </TASK>
[ 3279.745857] 
[ 3279.745857] Showing all locks held in the system:
[ 3279.746814] 1 lock held by khungtaskd/24:
[ 3279.747456]  #0: ffffffff85201dc0 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x53/0x260
[ 3279.748892] 1 lock held by in:imklog/190:
[ 3279.749538] 3 locks held by rs:main Q:Reg/191:
[ 3279.750265] 1 lock held by syz-executor.3/14168:
[ 3279.750974]  #0: ffff88801872f0a8 (&ctx->uring_lock){+.+.}-{3:3}, at: io_uring_del_tctx_node+0x10b/0x24d
[ 3279.752454] 3 locks held by syz-executor.3/14182:
[ 3279.754220] 
[ 3279.754471] =============================================
[ 3279.754471] 

VM DIAGNOSIS:
09:11:28  Registers:
info registers vcpu 0
RAX=0000000000000030 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff823e3241 RDI=ffffffff873c4500 RBP=ffffffff873c44c0 RSP=ffff888008b9f908
R8 =0000000000000000 R9 =0000000000000030 R10=ffffffff823e4e03 R11=000000000000000a
R12=0000000000000030 R13=0000000000000030 R14=ffffffff873c44c0 R15=dffffc0000000000
RIP=ffffffff823e3298 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 00000000 00000000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 00000000 00000000
FS =0000 0000000000000000 00000000 00000000
GS =0000 ffff88806ce00000 00000000 00000000
LDT=0000 fffffe0000000000 00000000 00000000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=000055a0d782d648 CR3=0000000046bea000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001fa0
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
YMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM01=0000000000000000 0000000000000000 0000000000000001 0000000000000001
YMM02=0000000000000000 0000000000000000 00d602fe016c6c6f 502e726567616e61
YMM03=0000000000000000 0000000000000000 0000020101d63fbd 23fc0101039aff0f
YMM04=0000000000000000 0000000000000000 007a7a7566206365 7865090073747261
YMM05=0000000000000000 0000000000000000 78650d0065676169 727420636578650b
YMM06=0000000000000000 0000000000000000 6578650a00657a69 6d696e696d206365
YMM07=0000000000000000 0000000000000000 6f7420636578650a 006873616d732063
YMM08=0000000000000000 0000000000000000 726f747563657865 110073746e696820
YMM09=0000000000000000 0000000000000000 2063657865090073 7472617473657220
YMM10=0000000000000000 0000000000000000 6761697274206365 78650b007a7a7566
YMM11=0000000000000000 0000000000000000 657a696d696e696d 20636578650d0065
YMM12=0000000000000000 0000000000000000 78650a006873616d 7320636578650a00
YMM13=0000000000000000 0000000000000000 6720636578650800 6c61746f74206365
YMM14=0000000000000000 0000000000000000 616469646e616320 636578650e006e65
YMM15=0000000000000000 0000000000000000 0000736465657320 636578650a006574
info registers vcpu 1
RAX=0000000000000000 RBX=0000000080000002 RCX=0000000080000002 RDX=0000000000000000
RSI=ffff88804172d040 RDI=0000000000000003 RBP=ffff88806cf353a0 RSP=ffff888040e97cd0
R8 =0000000000000000 R9 =ffff888040e97ce3 R10=ffffffff82039a06 R11=0000000000000001
R12=00000000f45a913e R13=ffff88804172d9e8 R14=ffff88804172d9e8 R15=0000000000000000
RIP=ffffffff82039a06 RFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 00000000 00000000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 00000000 00000000
FS =0000 0000000000000000 00000000 00000000
GS =0000 ffff88806cf00000 00000000 00000000
LDT=0000 fffffe0000000000 00000000 00000000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00007f9e21c9f010 CR3=0000000046bea000 CR4=00350ee0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
YMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM01=0000000000000000 0000000000000000 0000ffff00000000 0000000000000000
YMM02=0000000000000000 0000000000000000 0000ffff00000000 0000000000000000
YMM03=0000000000000000 0000000000000000 747320443a657461 74732020332e726f
YMM04=0000000000000000 0000000000000000 6620666620666620 6666206362203163
YMM05=0000000000000000 0000000000000000 6666206666203066 203130206433203e
YMM06=0000000000000000 0000000000000000 6334206238206334 2038632039382064
YMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM08=0000000000000000 0000000000000000 6678000030383431 78302f6537627830
YMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000