Warning: Permanently added '[localhost]:39026' (ECDSA) to the list of known hosts. 2022/10/02 22:58:24 fuzzer started 2022/10/02 22:58:25 dialing manager at localhost:35095 syzkaller login: [ 40.735943] cgroup: Unknown subsys name 'net' [ 40.855058] cgroup: Unknown subsys name 'rlimit' 2022/10/02 22:58:38 syscalls: 2215 2022/10/02 22:58:38 code coverage: enabled 2022/10/02 22:58:38 comparison tracing: enabled 2022/10/02 22:58:38 extra coverage: enabled 2022/10/02 22:58:38 setuid sandbox: enabled 2022/10/02 22:58:38 namespace sandbox: enabled 2022/10/02 22:58:38 Android sandbox: enabled 2022/10/02 22:58:38 fault injection: enabled 2022/10/02 22:58:38 leak checking: enabled 2022/10/02 22:58:38 net packet injection: enabled 2022/10/02 22:58:38 net device setup: enabled 2022/10/02 22:58:38 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2022/10/02 22:58:38 devlink PCI setup: PCI device 0000:00:10.0 is not available 2022/10/02 22:58:38 USB emulation: enabled 2022/10/02 22:58:38 hci packet injection: enabled 2022/10/02 22:58:38 wifi device emulation: failed to parse kernel version (6.0.0-rc7-next-20220930) 2022/10/02 22:58:38 802.15.4 emulation: enabled 2022/10/02 22:58:38 fetching corpus: 50, signal 19173/21028 (executing program) 2022/10/02 22:58:38 fetching corpus: 100, signal 33550/37100 (executing program) 2022/10/02 22:58:38 fetching corpus: 150, signal 42645/47763 (executing program) 2022/10/02 22:58:38 fetching corpus: 200, signal 52370/58894 (executing program) 2022/10/02 22:58:38 fetching corpus: 250, signal 56122/64183 (executing program) 2022/10/02 22:58:38 fetching corpus: 300, signal 61023/70474 (executing program) 2022/10/02 22:58:38 fetching corpus: 350, signal 65179/76030 (executing program) 2022/10/02 22:58:39 fetching corpus: 400, signal 70319/82439 (executing program) 2022/10/02 22:58:39 fetching corpus: 450, signal 72491/85995 (executing program) 2022/10/02 22:58:39 fetching corpus: 500, signal 76098/90859 (executing program) 2022/10/02 22:58:39 fetching corpus: 550, signal 77741/93840 (executing program) 2022/10/02 22:58:39 fetching corpus: 600, signal 81081/98332 (executing program) 2022/10/02 22:58:39 fetching corpus: 650, signal 84660/103041 (executing program) 2022/10/02 22:58:39 fetching corpus: 700, signal 86610/106232 (executing program) 2022/10/02 22:58:39 fetching corpus: 750, signal 88214/109061 (executing program) 2022/10/02 22:58:39 fetching corpus: 800, signal 91257/113125 (executing program) 2022/10/02 22:58:39 fetching corpus: 850, signal 93806/116794 (executing program) 2022/10/02 22:58:40 fetching corpus: 900, signal 95602/119739 (executing program) 2022/10/02 22:58:40 fetching corpus: 950, signal 98498/123597 (executing program) 2022/10/02 22:58:40 fetching corpus: 1000, signal 101661/127680 (executing program) 2022/10/02 22:58:40 fetching corpus: 1050, signal 103973/130955 (executing program) 2022/10/02 22:58:40 fetching corpus: 1100, signal 108839/136353 (executing program) 2022/10/02 22:58:40 fetching corpus: 1150, signal 111716/139973 (executing program) 2022/10/02 22:58:40 fetching corpus: 1200, signal 112711/142013 (executing program) 2022/10/02 22:58:41 fetching corpus: 1250, signal 114256/144483 (executing program) 2022/10/02 22:58:41 fetching corpus: 1300, signal 115577/146809 (executing program) 2022/10/02 22:58:41 fetching corpus: 1350, signal 118182/150166 (executing program) 2022/10/02 22:58:41 fetching corpus: 1400, signal 120030/152867 (executing program) 2022/10/02 22:58:41 fetching corpus: 1450, signal 120877/154682 (executing program) 2022/10/02 22:58:41 fetching corpus: 1500, signal 122538/157193 (executing program) 2022/10/02 22:58:41 fetching corpus: 1550, signal 124210/159659 (executing program) 2022/10/02 22:58:41 fetching corpus: 1600, signal 125177/161524 (executing program) 2022/10/02 22:58:41 fetching corpus: 1650, signal 126043/163342 (executing program) 2022/10/02 22:58:41 fetching corpus: 1700, signal 127271/165371 (executing program) 2022/10/02 22:58:42 fetching corpus: 1750, signal 130064/168632 (executing program) 2022/10/02 22:58:42 fetching corpus: 1800, signal 130946/170390 (executing program) 2022/10/02 22:58:42 fetching corpus: 1850, signal 133030/173039 (executing program) 2022/10/02 22:58:42 fetching corpus: 1900, signal 135198/175704 (executing program) 2022/10/02 22:58:42 fetching corpus: 1950, signal 136315/177583 (executing program) 2022/10/02 22:58:42 fetching corpus: 2000, signal 137519/179498 (executing program) 2022/10/02 22:58:42 fetching corpus: 2050, signal 138208/181061 (executing program) 2022/10/02 22:58:42 fetching corpus: 2100, signal 139159/182768 (executing program) 2022/10/02 22:58:42 fetching corpus: 2150, signal 140366/184656 (executing program) 2022/10/02 22:58:43 fetching corpus: 2200, signal 141733/186679 (executing program) 2022/10/02 22:58:43 fetching corpus: 2250, signal 144244/189443 (executing program) 2022/10/02 22:58:43 fetching corpus: 2300, signal 146020/191676 (executing program) 2022/10/02 22:58:43 fetching corpus: 2350, signal 146950/193276 (executing program) 2022/10/02 22:58:43 fetching corpus: 2400, signal 148337/195231 (executing program) 2022/10/02 22:58:43 fetching corpus: 2450, signal 149786/197183 (executing program) 2022/10/02 22:58:43 fetching corpus: 2500, signal 150629/198736 (executing program) 2022/10/02 22:58:44 fetching corpus: 2550, signal 151480/200245 (executing program) 2022/10/02 22:58:44 fetching corpus: 2600, signal 152028/201611 (executing program) 2022/10/02 22:58:44 fetching corpus: 2650, signal 153158/203380 (executing program) 2022/10/02 22:58:44 fetching corpus: 2700, signal 153843/204795 (executing program) 2022/10/02 22:58:44 fetching corpus: 2750, signal 154923/206419 (executing program) 2022/10/02 22:58:44 fetching corpus: 2800, signal 155584/207776 (executing program) 2022/10/02 22:58:44 fetching corpus: 2850, signal 156343/209146 (executing program) 2022/10/02 22:58:44 fetching corpus: 2900, signal 157408/210722 (executing program) 2022/10/02 22:58:44 fetching corpus: 2950, signal 158531/212318 (executing program) 2022/10/02 22:58:45 fetching corpus: 3000, signal 159588/213865 (executing program) 2022/10/02 22:58:45 fetching corpus: 3050, signal 160705/215413 (executing program) 2022/10/02 22:58:45 fetching corpus: 3100, signal 161956/217043 (executing program) 2022/10/02 22:58:45 fetching corpus: 3150, signal 163154/218585 (executing program) 2022/10/02 22:58:45 fetching corpus: 3200, signal 164158/219968 (executing program) 2022/10/02 22:58:45 fetching corpus: 3250, signal 164987/221281 (executing program) 2022/10/02 22:58:45 fetching corpus: 3300, signal 166092/222729 (executing program) 2022/10/02 22:58:45 fetching corpus: 3350, signal 167302/224178 (executing program) 2022/10/02 22:58:46 fetching corpus: 3400, signal 168373/225563 (executing program) 2022/10/02 22:58:46 fetching corpus: 3450, signal 169726/227144 (executing program) 2022/10/02 22:58:46 fetching corpus: 3500, signal 170387/228312 (executing program) 2022/10/02 22:58:46 fetching corpus: 3550, signal 171281/229555 (executing program) 2022/10/02 22:58:46 fetching corpus: 3600, signal 172160/230861 (executing program) 2022/10/02 22:58:46 fetching corpus: 3650, signal 173542/232371 (executing program) 2022/10/02 22:58:46 fetching corpus: 3700, signal 174550/233698 (executing program) 2022/10/02 22:58:46 fetching corpus: 3750, signal 175540/234953 (executing program) 2022/10/02 22:58:47 fetching corpus: 3800, signal 176285/236094 (executing program) 2022/10/02 22:58:47 fetching corpus: 3850, signal 177188/237371 (executing program) 2022/10/02 22:58:47 fetching corpus: 3900, signal 178138/238620 (executing program) 2022/10/02 22:58:47 fetching corpus: 3950, signal 178932/239823 (executing program) 2022/10/02 22:58:47 fetching corpus: 4000, signal 179520/240882 (executing program) 2022/10/02 22:58:47 fetching corpus: 4050, signal 180793/242170 (executing program) 2022/10/02 22:58:47 fetching corpus: 4100, signal 181337/243196 (executing program) 2022/10/02 22:58:47 fetching corpus: 4150, signal 182402/244364 (executing program) 2022/10/02 22:58:48 fetching corpus: 4200, signal 182804/245280 (executing program) 2022/10/02 22:58:48 fetching corpus: 4250, signal 183515/246338 (executing program) 2022/10/02 22:58:48 fetching corpus: 4300, signal 184284/247386 (executing program) 2022/10/02 22:58:48 fetching corpus: 4350, signal 184789/248344 (executing program) 2022/10/02 22:58:48 fetching corpus: 4400, signal 185788/249477 (executing program) 2022/10/02 22:58:48 fetching corpus: 4450, signal 186324/250406 (executing program) 2022/10/02 22:58:48 fetching corpus: 4500, signal 187598/251599 (executing program) 2022/10/02 22:58:48 fetching corpus: 4550, signal 188992/252830 (executing program) 2022/10/02 22:58:49 fetching corpus: 4600, signal 189546/253737 (executing program) 2022/10/02 22:58:49 fetching corpus: 4650, signal 190199/254648 (executing program) 2022/10/02 22:58:49 fetching corpus: 4700, signal 190676/255485 (executing program) 2022/10/02 22:58:49 fetching corpus: 4750, signal 191246/256302 (executing program) 2022/10/02 22:58:49 fetching corpus: 4800, signal 191805/257154 (executing program) 2022/10/02 22:58:49 fetching corpus: 4850, signal 192261/257946 (executing program) 2022/10/02 22:58:49 fetching corpus: 4900, signal 193176/259030 (executing program) 2022/10/02 22:58:49 fetching corpus: 4950, signal 194131/259990 (executing program) 2022/10/02 22:58:49 fetching corpus: 4997, signal 194783/260925 (executing program) 2022/10/02 22:58:49 fetching corpus: 4997, signal 194783/261552 (executing program) 2022/10/02 22:58:49 fetching corpus: 4997, signal 194783/262205 (executing program) 2022/10/02 22:58:49 fetching corpus: 4997, signal 194783/262871 (executing program) 2022/10/02 22:58:49 fetching corpus: 4997, signal 194783/263559 (executing program) 2022/10/02 22:58:49 fetching corpus: 4997, signal 194783/264212 (executing program) 2022/10/02 22:58:49 fetching corpus: 4997, signal 194783/264869 (executing program) 2022/10/02 22:58:49 fetching corpus: 4997, signal 194783/265530 (executing program) 2022/10/02 22:58:49 fetching corpus: 4997, signal 194783/266178 (executing program) 2022/10/02 22:58:49 fetching corpus: 4997, signal 194783/266805 (executing program) 2022/10/02 22:58:49 fetching corpus: 4997, signal 194783/267505 (executing program) 2022/10/02 22:58:49 fetching corpus: 4997, signal 194783/268180 (executing program) 2022/10/02 22:58:49 fetching corpus: 4997, signal 194783/268855 (executing program) 2022/10/02 22:58:49 fetching corpus: 4997, signal 194783/269481 (executing program) 2022/10/02 22:58:49 fetching corpus: 4997, signal 194783/270116 (executing program) 2022/10/02 22:58:49 fetching corpus: 4997, signal 194783/270772 (executing program) 2022/10/02 22:58:49 fetching corpus: 4997, signal 194783/271422 (executing program) 2022/10/02 22:58:49 fetching corpus: 4997, signal 194783/272108 (executing program) 2022/10/02 22:58:49 fetching corpus: 4997, signal 194783/272808 (executing program) 2022/10/02 22:58:50 fetching corpus: 4997, signal 194783/273483 (executing program) 2022/10/02 22:58:50 fetching corpus: 4997, signal 194783/274186 (executing program) 2022/10/02 22:58:50 fetching corpus: 4997, signal 194783/274848 (executing program) 2022/10/02 22:58:50 fetching corpus: 4997, signal 194783/275517 (executing program) 2022/10/02 22:58:50 fetching corpus: 4997, signal 194783/276129 (executing program) 2022/10/02 22:58:50 fetching corpus: 4997, signal 194783/276802 (executing program) 2022/10/02 22:58:50 fetching corpus: 4997, signal 194783/277483 (executing program) 2022/10/02 22:58:50 fetching corpus: 4997, signal 194783/278181 (executing program) 2022/10/02 22:58:50 fetching corpus: 4997, signal 194783/278839 (executing program) 2022/10/02 22:58:50 fetching corpus: 4997, signal 194783/279497 (executing program) 2022/10/02 22:58:50 fetching corpus: 4997, signal 194783/280133 (executing program) 2022/10/02 22:58:50 fetching corpus: 4997, signal 194783/280794 (executing program) 2022/10/02 22:58:50 fetching corpus: 4997, signal 194783/281435 (executing program) 2022/10/02 22:58:50 fetching corpus: 4997, signal 194783/282083 (executing program) 2022/10/02 22:58:50 fetching corpus: 4997, signal 194783/282739 (executing program) 2022/10/02 22:58:50 fetching corpus: 4997, signal 194783/283393 (executing program) 2022/10/02 22:58:50 fetching corpus: 4997, signal 194783/284038 (executing program) 2022/10/02 22:58:50 fetching corpus: 4997, signal 194783/284703 (executing program) 2022/10/02 22:58:50 fetching corpus: 4997, signal 194783/285368 (executing program) 2022/10/02 22:58:50 fetching corpus: 4997, signal 194783/286052 (executing program) 2022/10/02 22:58:50 fetching corpus: 4997, signal 194783/286709 (executing program) 2022/10/02 22:58:50 fetching corpus: 4997, signal 194783/287397 (executing program) 2022/10/02 22:58:50 fetching corpus: 4997, signal 194783/288083 (executing program) 2022/10/02 22:58:50 fetching corpus: 4997, signal 194783/288734 (executing program) 2022/10/02 22:58:50 fetching corpus: 4997, signal 194783/289403 (executing program) 2022/10/02 22:58:50 fetching corpus: 4997, signal 194783/289535 (executing program) 2022/10/02 22:58:50 fetching corpus: 4997, signal 194783/289535 (executing program) 2022/10/02 22:58:53 starting 8 fuzzer processes 22:58:53 executing program 0: pipe2(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x4000) r2 = syz_genetlink_get_family_id$tipc(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$TIPC_CMD_DISABLE_BEARER(r1, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x2c, r2, 0x200, 0x70bd2a, 0x25dfdbfd, {{}, {}, {0x10, 0x13, @udp='udp:syz2\x00'}}, ["", "", "", ""]}, 0x2c}, 0x1, 0x0, 0x0, 0x8010}, 0x8040) sendmsg$TIPC_CMD_SHOW_NAME_TABLE(r1, &(0x7f0000000240)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000200)={&(0x7f00000001c0)={0x30, r2, 0x100, 0x70bd2d, 0x25dfdbfe, {{}, {}, {0x14, 0x19, {0x3, 0x9, 0x3, 0x7}}}, [""]}, 0x30}}, 0x40) r3 = syz_genetlink_get_family_id$ethtool(&(0x7f00000002c0), r0) sendmsg$ETHTOOL_MSG_COALESCE_SET(r1, &(0x7f0000000380)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000340)={&(0x7f0000000300)={0x38, r3, 0x100, 0x70bd2c, 0x25dfdbfb, {}, [@ETHTOOL_A_COALESCE_USE_ADAPTIVE_TX={0x5, 0xc, 0x1}, @ETHTOOL_A_COALESCE_HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8}]}, @ETHTOOL_A_COALESCE_USE_ADAPTIVE_TX={0x5, 0xc, 0x1}, @ETHTOOL_A_COALESCE_TX_MAX_FRAMES_HIGH={0x8, 0x16, 0x3}]}, 0x38}, 0x1, 0x0, 0x0, 0x40000}, 0x80) r4 = openat(0xffffffffffffffff, &(0x7f00000003c0)='./file0\x00', 0x80003, 0x11d) socketpair(0x23, 0x6, 0xb3, &(0x7f0000000400)={0xffffffffffffffff}) sendmsg$TIPC_CMD_SET_LINK_WINDOW(r5, &(0x7f0000000540)={&(0x7f0000000440)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000500)={&(0x7f0000000480)={0x68, r2, 0x4, 0x70bd29, 0x25dfdbfe, {{}, {}, {0x4c, 0x18, {0x6, @link='syz0\x00'}}}, ["", "", ""]}, 0x68}, 0x1, 0x0, 0x0, 0x840}, 0x20000000) r6 = syz_genetlink_get_family_id$tipc2(&(0x7f00000005c0), r5) sendmsg$TIPC_NL_LINK_RESET_STATS(r5, &(0x7f00000006c0)={&(0x7f0000000580)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000680)={&(0x7f0000000600)={0x7c, r6, 0x400, 0x70bd2a, 0x25dfdbfb, {}, [@TIPC_NLA_SOCK={0x40, 0x2, 0x0, 0x1, [@TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_REF={0x8, 0x2, 0x6d}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_CON={0x24, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_NODE={0x8, 0x2, 0x28d}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x1000}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x5}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x6}]}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}]}, @TIPC_NLA_SOCK={0x28, 0x2, 0x0, 0x1, [@TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0x81}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_REF={0x8, 0x2, 0xa7}, @TIPC_NLA_SOCK_CON={0xc, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_NODE={0x8, 0x2, 0x800}]}]}]}, 0x7c}, 0x1, 0x0, 0x0, 0x40000}, 0x8000) r7 = syz_genetlink_get_family_id$tipc(&(0x7f0000000740), r4) sendmsg$TIPC_CMD_GET_NODES(0xffffffffffffffff, &(0x7f0000000800)={&(0x7f0000000700)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f00000007c0)={&(0x7f0000000780)={0x1c, r7, 0x100, 0x70bd27, 0x25dfdbfd, {}, ["", "", "", "", "", "", "", "", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x20000000}, 0x10) ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(r0, 0xc018937d, &(0x7f0000000840)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x9}}, './file0\x00'}) sendmsg$TIPC_CMD_SET_LINK_TOL(r8, &(0x7f0000000980)={&(0x7f0000000880)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000940)={&(0x7f00000008c0)={0x68, 0x0, 0x2, 0x70bd27, 0x25dfdbff, {{}, {}, {0x4c, 0x18, {0x1, @media='eth\x00'}}}, ["", "", "", "", "", "", "", "", ""]}, 0x68}, 0x1, 0x0, 0x0, 0x4}, 0x4000801) openat(0xffffffffffffff9c, &(0x7f00000009c0)='./file0\x00', 0x583002, 0xa) getsockopt$inet_pktinfo(r5, 0x0, 0x8, &(0x7f0000000a00)={0x0, @multicast1, @remote}, &(0x7f0000000a40)=0xc) ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(r5, 0x89f0, &(0x7f0000000b00)={'gre0\x00', &(0x7f0000000a80)={'gre0\x00', r9, 0x707, 0x8, 0x0, 0x1, {{0x17, 0x4, 0x0, 0xf, 0x5c, 0x67, 0x0, 0x7f, 0x4, 0x0, @rand_addr=0x64010102, @private=0xa010102, {[@timestamp={0x44, 0x14, 0xfd, 0x0, 0x1, [0x6, 0x8, 0x5, 0x1]}, @timestamp_addr={0x44, 0x34, 0xcc, 0x1, 0x8, [{@loopback, 0x81}, {@multicast1, 0x7}, {@initdev={0xac, 0x1e, 0x0, 0x0}, 0x80}, {@loopback, 0x40}, {@private=0xa010100, 0x9}, {@dev={0xac, 0x14, 0x14, 0x2b}, 0x9}]}]}}}}}) sendmsg$NL80211_CMD_SET_WIPHY(r4, &(0x7f0000000c40)={&(0x7f0000000b40)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000c00)={&(0x7f0000000b80)={0x58, 0x0, 0x2, 0x70bd2c, 0x25dfdbfe, {}, [@NL80211_ATTR_TXQ_LIMIT={0x8, 0x10a, 0x7f}, @NL80211_ATTR_WIPHY_FRAG_THRESHOLD={0x8, 0x3f, 0x3}, @NL80211_ATTR_WIPHY_COVERAGE_CLASS={0x5, 0x59, 0x4}, @NL80211_ATTR_WIPHY_NAME={0x14, 0x2, 'erspan0\x00'}, @NL80211_ATTR_WIPHY_TX_POWER_LEVEL={0x8, 0x62, 0xf5}, @NL80211_ATTR_TXQ_QUANTUM={0x8, 0x10c, 0x3}, @NL80211_ATTR_WIPHY_FREQ={0x8}]}, 0x58}, 0x1, 0x0, 0x0, 0xc000}, 0x40) sendmsg$TIPC_NL_MON_SET(0xffffffffffffffff, &(0x7f0000000dc0)={&(0x7f0000000cc0)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000d80)={&(0x7f0000000d00)={0x78, r6, 0x100, 0x70bd29, 0x25dfdbfe, {}, [@TIPC_NLA_MON={0x4}, @TIPC_NLA_NET={0x18, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x7}, @TIPC_NLA_NET_ID={0x8, 0x1, 0x820}]}, @TIPC_NLA_MEDIA={0x48, 0x5, 0x0, 0x1, [@TIPC_NLA_MEDIA_NAME={0x7, 0x1, 'ib\x00'}, @TIPC_NLA_MEDIA_PROP={0x34, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x800000}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x11}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x401}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0xf3}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0xee7}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0xfe}]}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'eth\x00'}]}]}, 0x78}, 0x1, 0x0, 0x0, 0x80}, 0x41) 22:58:53 executing program 1: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='./file0\x00', 0x80000, 0x104) r1 = fcntl$getown(0xffffffffffffffff, 0x9) sendmsg$NL80211_CMD_SET_WIPHY_NETNS(r0, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x3c, 0x0, 0x1, 0x70bd27, 0x25dfdbff, {{}, {@val={0x8, 0x1, 0x2b}, @void, @val={0xc, 0x99, {0xfdf, 0x4a}}}}, [@NL80211_ATTR_PID={0x8, 0x52, r1}, @NL80211_ATTR_WDEV={0xc, 0x99, {0x0, 0x1}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x40881}, 0x4000054) r2 = signalfd(r0, &(0x7f0000000140)={[0x8000]}, 0x8) getpeername$packet(r0, &(0x7f00000001c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000200)=0x14) sendmsg$DCCPDIAG_GETSOCK(r2, &(0x7f0000000600)={&(0x7f0000000180), 0xc, &(0x7f00000005c0)={&(0x7f0000000240)={0x350, 0x13, 0x300, 0x70bd28, 0x25dfdbfe, {0x1, 0x0, 0x7, 0x2b, {0x4e24, 0x4e23, [0xfffff801, 0x2, 0x4, 0x5], [0x5, 0x8, 0xb76, 0x18], r3, [0x2]}, 0xd2e, 0x3}, [@INET_DIAG_REQ_BYTECODE={0xdc, 0x1, "95942ee755513b53d45c77b9f81d817f1ef41d97a0507edb0cc336954711a4122b71513a3a62ffc8149907ce908c4ecfa384c82ae0b7042a4530ccbe5b3c1fbd5336a201073c9d059d6ca7bbd960cf5475a9f6792e381b4d18776e5995c37711aa2247f5572cc8ff674266b4d1628ce8e98a26b51731ea725849175c1554fc948cf63846f306236967c3aeb4d641237675d61fbc11ac9716ed8d69eace2a6f2649f432e92c615686b74d9713a1abf4a06973e4a78529485ab99fbedeed2a8b0d7300741a876aaca0ef85042f36ef5f9e39eed4b37d794d46"}, @INET_DIAG_REQ_BYTECODE={0x87, 0x1, "d89abfe2f26a1f47c970f1802d45a02b81044e9d6b5cd8dc96a63c69620e46666706958aff58f400e6d41221574eefaffc51d1c5b1a2a45f8ce17faab6940ca1cfd3bf76c3f9ff91a7c3dbc3b25e7a0d2dcb35d65947bd8456e9f6ea6a2eb4e653b36a9eeabc78f5a897d0bddc27f78d9645a0d10dd0292acf4d4dbf8248b50bf5dea7"}, @INET_DIAG_REQ_BYTECODE={0x22, 0x1, "3bf422957cbf088c903cb9e7fe376dd39406172e7c3e3b58bfa83517ae99"}, @INET_DIAG_REQ_BYTECODE={0xb3, 0x1, "8410d33f742753b126bb97cea8af1abe3bbbfbcad6fc2b6bf03ec4e4d51db0651b9da63e7605c16c231d26fb7a8c6614ebbc9ab829586d48d624b19d0534c6f62f99ed949676bcb08439ac10464f5d95e8e08bbf9b69ae8398435b85554aebff2dcdeace7bebe619d71f6417f1b75f4a9267b881f5d667c1fa95e77bdade1383592b3613dae10180ae905192864139ae6beb2813a72c8be90af88b9095cff9c630ae5a1dbe00e18cf8f751355febe8"}, @INET_DIAG_REQ_BYTECODE={0xc5, 0x1, "a206e00ac05af2ea4ffbb3e399e6e72822dd93b7886b981d2cbfb3270482662cdaceb86321657ea3aac5787b65378b13d3c47fb5bed77f2afe2ab8dc8e631ab8018df322613635e82d0ee5be098c0bfb44715ff8669d119895a69a0bc02f9092abca55b963589d6b1456d5989c8a503f80f3a499295a11fc4c8c0afbde14b8e8994db7c44fe52662bcf21ae64e4982a2b37e2260080e24f64f4c230c849682218cae02a38b5c15780afe116c2a04023571886a9444db7272e2b3d6cd583d111870"}]}, 0x350}, 0x1, 0x0, 0x0, 0x1}, 0x10) fallocate(r2, 0x15, 0x9a19, 0x2) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000640)={0xffffffffffffffff, 0xffffffffffffffff}) pwrite64(r4, &(0x7f0000000680)="beb386f5dda0f24bac3fc0c227e0182d12de0f6d605e0e62b8e756012f53b109fa4900ed7cb3213588b86e40aa3f840ea3d601d437f18b705cc2ae47fd4d6159851c340a4b8a97be7e47659b5aeeb18832eabb2f508f5bd4b1a6b71f2cd3973d9aa55d40759a2e2dd7ed0f35e15571cd919956753163b99a7fe432a6eb2a979e8ba39169f8279661fd3d4795051fe209c9046ba4f4a1804cee32237a2c79eb6f5821a6092bd7cb2dbb465a73fed2ffd034dfc30baa743ed5be3b5904c592c93acd67f4dafe60dd79a85828b0902348cf737496b317d9dc41ec", 0xd9, 0x8) r5 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000780)='/sys/kernel/iommu_groups', 0x404800, 0x59) getpeername$packet(r5, &(0x7f00000007c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @remote}, &(0x7f0000000800)=0x14) r6 = openat$null(0xffffffffffffff9c, &(0x7f00000008c0), 0x1, 0x0) perf_event_open(&(0x7f0000000840)={0x4, 0x80, 0x7, 0x2, 0x1f, 0x40, 0x0, 0xf1, 0x8441, 0xe, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x3, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0xffffddee, 0x1, @perf_config_ext={0x6}, 0x10838, 0x5, 0x40, 0x3, 0xa2, 0x8, 0x3f, 0x0, 0x5, 0x0, 0xffffffffffffea3a}, r1, 0x9, r6, 0x0) r7 = openat(r2, &(0x7f0000000900)='./file0\x00', 0x2141, 0x0) ioctl$BTRFS_IOC_START_SYNC(r0, 0x80089418, &(0x7f0000000940)=0x0) ioctl$BTRFS_IOC_RM_DEV_V2(r4, 0x5000943a, &(0x7f0000000980)={{r7}, r8, 0x14, @unused=[0x1000, 0x8, 0x7, 0xfffffffffffffc01], @devid}) r9 = openat$urandom(0xffffffffffffff9c, &(0x7f0000001980), 0x2, 0x0) ioctl$EXT4_IOC_CHECKPOINT(r9, 0x4004662b, &(0x7f00000019c0)) mmap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000000, 0x50, r5, 0x8381d000) recvfrom(r0, &(0x7f0000001a00)=""/173, 0xad, 0x0, 0x0, 0x0) 22:58:53 executing program 2: sendmsg$NFT_MSG_GETGEN(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x14, 0x10, 0xa, 0x101, 0x0, 0x0, {0x3, 0x0, 0x3}, [""]}, 0x14}, 0x1, 0x0, 0x0, 0x4000000}, 0x24004040) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc(&(0x7f0000000140), 0xffffffffffffffff) sendmsg$TIPC_CMD_ENABLE_BEARER(r0, &(0x7f0000000200)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000180)={0x34, r1, 0x20, 0x70bd29, 0x25dfdbfe, {{}, {}, {0x18, 0x17, {0x18, 0x0, @udp='udp:syz0\x00'}}}, ["", ""]}, 0x34}, 0x1, 0x0, 0x0, 0x24000000}, 0x4000000) sendmsg$NL80211_CMD_DISASSOCIATE(r0, &(0x7f0000000300)={&(0x7f0000000240), 0xc, &(0x7f00000002c0)={&(0x7f0000000280)={0x38, 0x0, 0x1, 0x70bd28, 0x25dfdbfd, {{}, {@val={0x8}, @val={0xc, 0x99, {0xffffffff, 0x2f}}}}, [@NL80211_ATTR_MAC={0xa, 0x6, @random="69300324dd08"}, @NL80211_ATTR_LOCAL_STATE_CHANGE={0x4}]}, 0x38}, 0x1, 0x0, 0x0, 0x24008040}, 0x4) r2 = fsmount(0xffffffffffffffff, 0x0, 0x4) sendmsg$DEVLINK_CMD_TRAP_GROUP_GET(r2, &(0x7f0000000480)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000440)={&(0x7f0000000380)={0x9c, 0x0, 0x4, 0x6, 0x25dfdbfc, {}, [{@pci={{0x8}, {0x11}}, {0xd}}, {@pci={{0x8}, {0x11}}, {0xd}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0xd}}]}, 0x9c}, 0x1, 0x0, 0x0, 0x200800d0}, 0x8) r3 = syz_genetlink_get_family_id$batadv(&(0x7f0000000500), r0) sendmsg$BATADV_CMD_SET_MESH(r0, &(0x7f0000000600)={&(0x7f00000004c0)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f00000005c0)={&(0x7f0000000540)={0x4c, r3, 0x200, 0x70bd2d, 0x25dfdbfc, {}, [@BATADV_ATTR_HARD_IFINDEX={0x8}, @BATADV_ATTR_AGGREGATED_OGMS_ENABLED={0x5}, @BATADV_ATTR_GW_BANDWIDTH_DOWN={0x8, 0x31, 0x3}, @BATADV_ATTR_AP_ISOLATION_ENABLED={0x5}, @BATADV_ATTR_ELP_INTERVAL={0x8}, @BATADV_ATTR_NETWORK_CODING_ENABLED={0x5, 0x38, 0x1}, @BATADV_ATTR_ISOLATION_MASK={0x8, 0x2c, 0x906}]}, 0x4c}, 0x1, 0x0, 0x0, 0x44000804}, 0x20008040) r4 = accept4$inet6(r2, &(0x7f0000000640)={0xa, 0x0, 0x0, @mcast1}, &(0x7f0000000680)=0x1c, 0x80000) fsetxattr$security_capability(r4, &(0x7f00000006c0), &(0x7f0000000700)=@v1={0x1000000, [{0x3, 0x3cf}]}, 0xc, 0x5) ioctl$BTRFS_IOC_SEND(r2, 0x40489426, &(0x7f0000000780)={{r0}, 0x7, &(0x7f0000000740)=[0x7ff, 0x100, 0x3, 0x9, 0x8, 0x100, 0x5], 0xffffffff00000001, 0x3, [0x9, 0x0, 0x2, 0x523]}) sendmsg$NLBL_UNLABEL_C_STATICLIST(0xffffffffffffffff, &(0x7f0000000940)={&(0x7f0000000800)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000900)={&(0x7f0000000840)={0xac, 0x0, 0x400, 0x70bd29, 0x25dfdbfd, {}, [@NLBL_UNLABEL_A_SECCTX={0x26, 0x7, 'system_u:object_r:policy_src_t:s0\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x8, 0x5, @private=0xa010102}, @NLBL_UNLABEL_A_IPV4MASK={0x8, 0x5, @initdev={0xac, 0x1e, 0x1, 0x0}}, @NLBL_UNLABEL_A_IPV6MASK={0x14, 0x3, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x2b}}}, @NLBL_UNLABEL_A_IPV6MASK={0x14, 0x3, @private0={0xfc, 0x0, '\x00', 0x1}}, @NLBL_UNLABEL_A_IPV4MASK={0x8, 0x5, @private=0xa010100}, @NLBL_UNLABEL_A_IPV4ADDR={0x8, 0x4, @local}, @NLBL_UNLABEL_A_SECCTX={0x27, 0x7, 'system_u:object_r:auditd_exec_t:s0\x00'}]}, 0xac}, 0x1, 0x0, 0x0, 0x4060000}, 0x20004000) r5 = syz_open_dev$mouse(&(0x7f0000000980), 0x7, 0x18100) sendmsg$BATADV_CMD_SET_MESH(r5, &(0x7f0000000ac0)={&(0x7f00000009c0)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000a80)={&(0x7f0000000a00)={0x64, r3, 0x400, 0x70bd2b, 0x25dfdbff, {}, [@BATADV_ATTR_ISOLATION_MASK={0x8, 0x2c, 0xcde}, @BATADV_ATTR_AP_ISOLATION_ENABLED={0x5, 0x2a, 0x1}, @BATADV_ATTR_MESH_IFINDEX={0x8}, @BATADV_ATTR_THROUGHPUT_OVERRIDE={0x8, 0x3b, 0x1000}, @BATADV_ATTR_ISOLATION_MARK={0x8, 0x2b, 0x400}, @BATADV_ATTR_TPMETER_TEST_TIME={0x8, 0xb, 0xfffffff9}, @BATADV_ATTR_NETWORK_CODING_ENABLED={0x5}, @BATADV_ATTR_ELP_INTERVAL={0x8, 0x3a, 0xc2}, @BATADV_ATTR_HOP_PENALTY={0x5, 0x35, 0x1}, @BATADV_ATTR_FRAGMENTATION_ENABLED={0x5}]}, 0x64}, 0x1, 0x0, 0x0, 0x80}, 0x8000) ioctl$F2FS_IOC_START_ATOMIC_WRITE(r4, 0xf501, 0x0) dup2(r2, 0xffffffffffffffff) sendmsg$BATADV_CMD_SET_MESH(r0, &(0x7f0000000bc0)={&(0x7f0000000b00)={0x10, 0x0, 0x0, 0x640000}, 0xc, &(0x7f0000000b80)={&(0x7f0000000b40)={0x2c, r3, 0x4f3852079aabd659, 0x70bd2b, 0x25dfdbfb, {}, [@BATADV_ATTR_VLANID={0x6}, @BATADV_ATTR_ELP_INTERVAL={0x8, 0x3a, 0x7}, @BATADV_ATTR_MULTICAST_FANOUT={0x8, 0x3c, 0x2800}]}, 0x2c}, 0x1, 0x0, 0x0, 0x4000}, 0x0) r6 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NBD_CMD_STATUS(r6, &(0x7f0000000d40)={&(0x7f0000000c00)={0x10, 0x0, 0x0, 0x28000180}, 0xc, &(0x7f0000000d00)={&(0x7f0000000c80)={0x50, 0x0, 0x4, 0x70bd26, 0x25dfdbfb, {}, [@NBD_ATTR_CLIENT_FLAGS={0xc}, @NBD_ATTR_SERVER_FLAGS={0xc, 0x5, 0x10b}, @NBD_ATTR_DEAD_CONN_TIMEOUT={0xc, 0x8, 0x7}, @NBD_ATTR_BLOCK_SIZE_BYTES={0xc, 0x3, 0x9}, @NBD_ATTR_BLOCK_SIZE_BYTES={0xc, 0x3, 0x100}]}, 0x50}, 0x1, 0x0, 0x0, 0x44}, 0x24) 22:58:53 executing program 4: ioctl$F2FS_IOC_WRITE_CHECKPOINT(0xffffffffffffffff, 0xf507, 0x0) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(0xffffffffffffffff, 0xc0189373, &(0x7f0000000000)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0xff}}, './file0\x00'}) sendmsg$NFQNL_MSG_CONFIG(r0, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x2c, 0x2, 0x3, 0x201, 0x0, 0x0, {0x1, 0x0, 0x3}, [@NFQA_CFG_QUEUE_MAXLEN={0x8, 0x3, 0x1, 0x0, 0x1ff}, @NFQA_CFG_QUEUE_MAXLEN={0x8, 0x3, 0x1, 0x0, 0x400}, @NFQA_CFG_FLAGS={0x8}]}, 0x2c}, 0x1, 0x0, 0x0, 0x1}, 0x4000081) sendmsg$IPSET_CMD_FLUSH(r0, &(0x7f0000000200)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000180)={0x24, 0x4, 0x6, 0xc91ffaf6fbeff324, 0x0, 0x0, {0x0, 0x0, 0x2}, [@IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_PROTOCOL={0x5}]}, 0x24}, 0x1, 0x0, 0x0, 0x2000080}, 0x90) r1 = syz_genetlink_get_family_id$nbd(&(0x7f0000000280), 0xffffffffffffffff) r2 = signalfd(r0, &(0x7f00000002c0)={[0x9]}, 0x8) sendmsg$NBD_CMD_STATUS(0xffffffffffffffff, &(0x7f0000000400)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f00000003c0)={&(0x7f0000000300)={0x94, r1, 0x100, 0x70bd26, 0x25dfdbff, {}, [@NBD_ATTR_SIZE_BYTES={0xc, 0x2, 0xfffffffffffffff9}, @NBD_ATTR_SOCKETS={0x2c, 0x7, 0x0, 0x1, [{0x8, 0x1, r2}, {0x8, 0x1, r0}, {0x8, 0x1, r0}, {0x8, 0x1, r0}, {0x8, 0x1, r0}]}, @NBD_ATTR_SIZE_BYTES={0xc, 0x2, 0x5}, @NBD_ATTR_CLIENT_FLAGS={0xc}, @NBD_ATTR_CLIENT_FLAGS={0xc, 0x6, 0x2}, @NBD_ATTR_CLIENT_FLAGS={0xc, 0x6, 0x2}, @NBD_ATTR_BLOCK_SIZE_BYTES={0xc, 0x3, 0x81}, @NBD_ATTR_CLIENT_FLAGS={0xc, 0x6, 0x2}]}, 0x94}, 0x1, 0x0, 0x0, 0x84010}, 0x0) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$ieee802154(&(0x7f0000000440), r3) r4 = openat2(0xffffffffffffffff, &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0)={0x400, 0x88}, 0x18) ioctl$BTRFS_IOC_BALANCE_V2(r0, 0xc4009420, &(0x7f0000000500)={0xc, 0x7, {0xbe, @struct={0x1, 0xd440}, 0x0, 0x40, 0x3, 0x8cb, 0x10b52152, 0x99c, 0x400, @struct={0x9, 0x9}, 0x1, 0x7, [0x762, 0x3f, 0x500, 0x7, 0x5, 0x4800]}, {0x7, @struct={0x3989, 0x7fffffff}, 0x0, 0x9, 0x4, 0x31666492, 0x7fff, 0x5, 0x50, @usage=0x33, 0x100, 0x1ff, [0x4, 0x2, 0xbb, 0x100]}, {0x80000000, @usage, 0x0, 0x4, 0x100000000, 0x6, 0x10000, 0x3c, 0xb, @usage=0xfffffffffffffffb, 0x71, 0xffffff81, [0x5, 0x7, 0x49, 0x8000, 0x7, 0x8]}, {0x4, 0x8, 0x3}}) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r4, 0xc0189373, &(0x7f0000000900)={{0x1, 0x1, 0x18, r0, {0x10001}}, './file0\x00'}) fsync(r5) r6 = openat2$dir(0xffffffffffffff9c, &(0x7f0000000940)='./file0\x00', &(0x7f0000000980)={0x2, 0x11, 0xa}, 0x18) poll(&(0x7f00000009c0)=[{r0, 0x4018}, {r5, 0x4000}, {r2, 0x70c8}, {r5, 0x4000}, {r0, 0x41e6}, {r4, 0x2000}, {r6, 0x41fc}, {r0, 0x100}, {r2, 0x200}], 0x9, 0x8) r7 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000a80), r3) sendmsg$NL802154_CMD_SET_WPAN_PHY_NETNS(0xffffffffffffffff, &(0x7f0000000b40)={&(0x7f0000000a40)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000b00)={&(0x7f0000000ac0)={0x14, r7, 0x200, 0x70bd28, 0x25dfdbfd}, 0x14}, 0x1, 0x0, 0x0, 0x20000000}, 0x40000) r8 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000bc0), 0xffffffffffffffff) sendmsg$NL802154_CMD_GET_WPAN_PHY(r3, &(0x7f0000000c80)={&(0x7f0000000b80)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000c40)={&(0x7f0000000c00)={0x20, r8, 0x200, 0x70bd29, 0x25dfdbfe, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x2}]}, 0x20}}, 0x40000c4) syz_genetlink_get_family_id$netlbl_cipso(&(0x7f0000000cc0), r3) 22:58:53 executing program 3: setsockopt$EBT_SO_SET_COUNTERS(0xffffffffffffffff, 0x0, 0x81, &(0x7f0000000040)={'filter\x00', 0x0, 0x0, 0x0, [0x7, 0x8, 0x0, 0x0, 0x9, 0x1], 0x5, &(0x7f0000000000)=[{}], 0x0, [{}, {}, {}, {}, {}]}, 0xc8) sync_file_range(0xffffffffffffffff, 0x80, 0xea, 0x1) write$P9_RSETATTR(0xffffffffffffffff, &(0x7f0000000140)={0x7, 0x1b, 0x1}, 0x7) recvmsg$unix(0xffffffffffffffff, &(0x7f0000001500)={0x0, 0x0, &(0x7f0000001380)=[{&(0x7f0000000180)=""/4096, 0x1000}, {&(0x7f0000001180)=""/195, 0xc3}, {&(0x7f0000001280)=""/241, 0xf1}], 0x3, &(0x7f00000013c0)=[@rights={{0x20, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0x0}}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}], 0x110}, 0x40000000) fchown(0xffffffffffffffff, r7, 0xffffffffffffffff) write$P9_RLOPEN(r3, &(0x7f0000001540)={0x18, 0xd, 0x2, {{0x21, 0x4, 0x3}, 0x4}}, 0x18) setsockopt$inet6_opts(r2, 0x29, 0x3b, &(0x7f0000001580)=@hopopts={0xeb72774b5373bd20, 0x2, '\x00', [@ra={0x5, 0x2, 0x6}, @jumbo={0xc2, 0x4, 0x3}, @jumbo={0xc2, 0x4, 0x80000001}, @jumbo={0xc2, 0x4, 0x40}]}, 0x20) sendmsg$IPVS_CMD_FLUSH(r4, &(0x7f00000016c0)={&(0x7f00000015c0)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000001680)={&(0x7f0000001600)={0x4c, 0x0, 0x300, 0x70bd27, 0x25dfdbfb, {}, [@IPVS_CMD_ATTR_SERVICE={0x14, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_PORT={0x6, 0x4, 0x4e21}, @IPVS_SVC_ATTR_PROTOCOL={0x6, 0x2, 0x2b}]}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x2}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x101}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x80000001}, @IPVS_CMD_ATTR_SERVICE={0xc, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_AF={0x6, 0x1, 0x2}]}]}, 0x4c}, 0x1, 0x0, 0x0, 0x20040001}, 0x4040005) ioctl$VT_GETMODE(r0, 0x5601, &(0x7f0000001700)) ioctl$CDROM_SET_OPTIONS(r6, 0x5320, 0x0) ioctl$VT_RELDISP(r1, 0x5605) ioctl$AUTOFS_DEV_IOCTL_FAIL(0xffffffffffffffff, 0xc0189377, &(0x7f0000001740)={{0x1, 0x1, 0x18, r4, {0x10001, 0x4}}, './file0\x00'}) ioctl$F2FS_IOC_START_ATOMIC_WRITE(r5, 0xf501, 0x0) sendmsg$TIPC_CMD_DISABLE_BEARER(r5, &(0x7f0000001840)={&(0x7f0000001780)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000001800)={&(0x7f00000017c0)={0x2c, 0x0, 0x10, 0x70bd2c, 0x25dfdbff, {{}, {}, {0x10, 0x13, @l2={'ib', 0x3a, 'vcan0\x00'}}}, [""]}, 0x2c}, 0x1, 0x0, 0x0, 0x400000c}, 0x80) r8 = syz_io_uring_complete(0x0) sendmsg$NL80211_CMD_SET_QOS_MAP(r8, &(0x7f0000001980)={&(0x7f0000001880)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000001940)={&(0x7f00000018c0)={0x7c, 0x0, 0x400, 0x70bd29, 0x25dfdbfc, {{}, {@void, @val={0xc, 0x99, {0x3, 0x2}}}}, [@NL80211_ATTR_QOS_MAP={0x2a, 0xc7, {[{0x3, 0x7}, {0x9, 0x3}, {0x8d, 0x5}, {0x7f, 0x5}, {0x9, 0x3}, {0x81, 0x3}, {0xb5}, {0x9, 0x4}, {0x81}, {0x80, 0x3}, {0xfa, 0x6}, {0x0, 0x1}, {0x9, 0x1}, {0x3f, 0x1}, {0x0, 0x5}], "cefd21d4d0af8fe8"}}, @NL80211_ATTR_QOS_MAP={0x30, 0xc7, {[{0x3}, {0x3f, 0x2}, {0xd4, 0x5}, {0x0, 0x6}, {0x3f, 0x4}, {0x9c, 0x3}, {0xc0, 0x3}, {0xff, 0x6}, {0x8, 0x3}, {0x9, 0x3}, {0xb3, 0x7}, {0x5, 0x7}, {0x3, 0x3}, {0x0, 0x3}, {0x3, 0x4}, {0x1, 0x3}, {0x9, 0x5}, {0x4}], "9e1703dd7575dd61"}}]}, 0x7c}, 0x1, 0x0, 0x0, 0x10}, 0x0) syz_mount_image$vfat(&(0x7f00000019c0), &(0x7f0000001a00)='./file0\x00', 0x7, 0x1, &(0x7f0000001a80)=[{&(0x7f0000001a40)="d7e7fdfe90c2dc8c7d", 0x9, 0xd1}], 0x800009, &(0x7f0000001ac0)={[{@uni_xlateno}, {@utf8}, {@uni_xlate}, {@uni_xlateno}, {@shortname_win95}], [{@seclabel}]}) acct(&(0x7f0000001b40)='./file0\x00') connect$inet6(r0, &(0x7f0000001b80)={0xa, 0x4e20, 0x3, @private0, 0xffffff01}, 0x1c) write$P9_RMKDIR(r1, &(0x7f0000001bc0)={0x14, 0x49, 0x2, {0x40, 0x2, 0x6}}, 0x14) [ 68.798924] audit: type=1400 audit(1664751533.277:6): avc: denied { execmem } for pid=284 comm="syz-executor.0" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1 22:58:53 executing program 5: r0 = openat$cgroup_netprio_ifpriomap(0xffffffffffffffff, &(0x7f0000000000), 0x2, 0x0) ioctl$AUTOFS_IOC_FAIL(r0, 0x9361, 0x2) ioctl$TCSETS2(0xffffffffffffffff, 0x402c542b, &(0x7f0000000040)={0xfffffff8, 0xe4e, 0x400, 0x4, 0xff, "73f7749628c908bc8ca4f9af45781536bbe2e3", 0x1ff, 0x1000}) r1 = syz_open_dev$tty1(0xc, 0x4, 0x2) ioctl$VT_DISALLOCATE(r1, 0x5608) ioctl$VT_DISALLOCATE(0xffffffffffffffff, 0x5608) r2 = perf_event_open$cgroup(&(0x7f00000000c0)={0x4, 0x80, 0x3, 0x40, 0x7, 0x40, 0x0, 0x1, 0x60, 0xf, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x7, 0x0, @perf_bp={&(0x7f0000000080), 0x7}, 0x2, 0x2, 0x7, 0x5, 0x4, 0x19, 0x9, 0x0, 0x101, 0x0, 0xfffffffffffffff8}, 0xffffffffffffffff, 0x3, 0xffffffffffffffff, 0x4) ioctl$TIOCSPTLCK(r1, 0x40045431, &(0x7f0000000140)=0x1) ioctl$KDGKBDIACR(r1, 0x4b4a, &(0x7f0000000180)=""/125) r3 = openat$incfs(0xffffffffffffff9c, &(0x7f0000000200)='.log\x00', 0x40000, 0x106) ioctl$PERF_EVENT_IOC_ID(r3, 0x80082407, &(0x7f0000000240)) ioctl$PERF_EVENT_IOC_SET_FILTER(r3, 0x40082406, &(0x7f0000000280)='-/\\%{#{\xe2/\x00') ioctl$PERF_EVENT_IOC_ID(r3, 0x80082407, &(0x7f00000002c0)) recvfrom(r3, &(0x7f0000000300)=""/136, 0x88, 0x40010023, &(0x7f00000003c0)=@vsock={0x28, 0x0, 0x2711, @local}, 0x80) getsockopt$inet6_int(r3, 0x29, 0xc9, &(0x7f0000000440), &(0x7f0000000480)=0x4) ioctl$KDFONTOP_COPY(r1, 0x4b72, &(0x7f00000008c0)={0x3, 0x1, 0x14, 0x1b, 0x19, &(0x7f00000004c0)}) ioctl$TIOCL_SELLOADLUT(r3, 0x541c, &(0x7f0000000900)={0x5, 0x1, 0x2, 0x3, 0x100}) ioctl$AUTOFS_DEV_IOCTL_PROTOVER(r3, 0xc0189372, &(0x7f0000000940)={{0x1, 0x1, 0x18, r1, {0x800}}, './file0\x00'}) ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(r4, 0xc018937e, &(0x7f0000000980)={{0x1, 0x1, 0x18, r2, @in_args={0x4}}, './file0\x00'}) mmap$perf(&(0x7f0000fec000/0x12000)=nil, 0x12000, 0x2000002, 0x10315ee749cb2451, r3, 0x2) 22:58:53 executing program 6: keyctl$join(0x1, 0x0) keyctl$join(0x1, &(0x7f0000000000)={'syz', 0x1}) keyctl$join(0x1, &(0x7f0000000040)={'syz', 0x0}) keyctl$join(0x1, &(0x7f0000000080)={'syz', 0x2}) keyctl$join(0x1, &(0x7f00000000c0)={'syz', 0x2}) keyctl$join(0x1, &(0x7f0000000100)={'syz', 0x2}) keyctl$join(0x1, &(0x7f0000000140)={'syz', 0x0}) keyctl$join(0x1, &(0x7f0000000180)={'syz', 0x1}) keyctl$join(0x1, &(0x7f00000001c0)={'syz', 0x2}) keyctl$join(0x1, &(0x7f0000000200)={'syz', 0x0}) keyctl$join(0x1, &(0x7f0000000240)={'syz', 0x1}) keyctl$join(0x1, 0x0) keyctl$join(0x1, 0x0) keyctl$join(0x1, &(0x7f0000000280)={'syz', 0x1}) keyctl$join(0x1, 0x0) keyctl$join(0x1, &(0x7f00000002c0)={'syz', 0x2}) keyctl$join(0x1, 0x0) keyctl$join(0x1, &(0x7f0000000300)={'syz', 0x3}) keyctl$join(0x1, &(0x7f0000000340)={'syz', 0x2}) keyctl$join(0x1, &(0x7f0000000380)={'syz', 0x3}) 22:58:53 executing program 7: prctl$PR_GET_TID_ADDRESS(0x28, &(0x7f0000000000)) prctl$PR_GET_TID_ADDRESS(0x28, &(0x7f0000000040)) prctl$PR_GET_TID_ADDRESS(0x28, &(0x7f0000000080)) prctl$PR_GET_TID_ADDRESS(0x28, &(0x7f00000000c0)) prctl$PR_GET_TID_ADDRESS(0x28, &(0x7f0000000100)) prctl$PR_GET_TID_ADDRESS(0x28, &(0x7f0000000140)) prctl$PR_GET_TID_ADDRESS(0x28, &(0x7f0000000180)) prctl$PR_GET_TID_ADDRESS(0x28, &(0x7f00000001c0)) prctl$PR_GET_TID_ADDRESS(0x28, &(0x7f0000000200)) prctl$PR_GET_TID_ADDRESS(0x28, &(0x7f0000000240)) prctl$PR_GET_TID_ADDRESS(0x28, &(0x7f0000000280)) prctl$PR_GET_TID_ADDRESS(0x28, &(0x7f00000002c0)) prctl$PR_GET_TID_ADDRESS(0x28, &(0x7f0000000300)) prctl$PR_GET_TID_ADDRESS(0x28, &(0x7f0000000340)) prctl$PR_GET_TID_ADDRESS(0x28, &(0x7f0000000380)) prctl$PR_GET_TID_ADDRESS(0x28, &(0x7f00000003c0)) prctl$PR_GET_TID_ADDRESS(0x28, &(0x7f0000000400)) prctl$PR_GET_TID_ADDRESS(0x28, &(0x7f0000000440)) prctl$PR_GET_TID_ADDRESS(0x28, &(0x7f0000000480)) prctl$PR_GET_TID_ADDRESS(0x28, &(0x7f00000004c0)) [ 70.142044] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 70.144347] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 70.146212] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 70.154041] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 70.156287] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 70.157824] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 70.167348] Bluetooth: hci0: HCI_REQ-0x0c1a [ 70.216252] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 70.217688] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 70.219966] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 70.221962] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 70.223753] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 70.224778] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 70.225015] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 70.226882] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 70.228680] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 70.228916] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 70.230197] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 70.232323] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 70.233360] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 70.233958] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 70.235795] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 70.237060] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 70.237124] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 70.238528] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 70.239550] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 70.241211] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 70.242419] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 70.246945] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 70.248652] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 70.249713] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 70.251187] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 70.252282] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 70.253867] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 70.255050] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 70.256649] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 70.259124] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 70.261683] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 70.262705] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 70.263931] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 70.264994] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 70.267164] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 70.268783] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 70.269839] Bluetooth: hci3: HCI_REQ-0x0c1a [ 70.271179] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 70.273388] Bluetooth: hci6: HCI_REQ-0x0c1a [ 70.283749] Bluetooth: hci1: HCI_REQ-0x0c1a [ 70.287224] Bluetooth: hci5: HCI_REQ-0x0c1a [ 70.288424] Bluetooth: hci4: HCI_REQ-0x0c1a [ 70.291358] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 70.292736] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 70.314255] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 70.315603] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 70.316806] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 70.323289] Bluetooth: hci2: HCI_REQ-0x0c1a [ 70.324233] Bluetooth: hci7: HCI_REQ-0x0c1a [ 72.282031] Bluetooth: hci0: command 0x0409 tx timeout [ 72.282062] Bluetooth: hci3: command 0x0409 tx timeout [ 72.345657] Bluetooth: hci7: command 0x0409 tx timeout [ 72.347666] Bluetooth: hci4: command 0x0409 tx timeout [ 72.349422] Bluetooth: hci5: command 0x0409 tx timeout [ 72.350440] Bluetooth: hci1: command 0x0409 tx timeout [ 72.351381] Bluetooth: hci6: command 0x0409 tx timeout [ 72.410571] Bluetooth: hci2: command 0x0409 tx timeout [ 74.329725] Bluetooth: hci0: command 0x041b tx timeout [ 74.330542] Bluetooth: hci3: command 0x041b tx timeout [ 74.393728] Bluetooth: hci6: command 0x041b tx timeout [ 74.394462] Bluetooth: hci5: command 0x041b tx timeout [ 74.395236] Bluetooth: hci7: command 0x041b tx timeout [ 74.396053] Bluetooth: hci1: command 0x041b tx timeout [ 74.396809] Bluetooth: hci4: command 0x041b tx timeout [ 74.457556] Bluetooth: hci2: command 0x041b tx timeout [ 76.377577] Bluetooth: hci3: command 0x040f tx timeout [ 76.378028] Bluetooth: hci0: command 0x040f tx timeout [ 76.441582] Bluetooth: hci4: command 0x040f tx timeout [ 76.442000] Bluetooth: hci1: command 0x040f tx timeout [ 76.442390] Bluetooth: hci7: command 0x040f tx timeout [ 76.442817] Bluetooth: hci5: command 0x040f tx timeout [ 76.443219] Bluetooth: hci6: command 0x040f tx timeout [ 76.505534] Bluetooth: hci2: command 0x040f tx timeout [ 78.426013] Bluetooth: hci0: command 0x0419 tx timeout [ 78.426503] Bluetooth: hci3: command 0x0419 tx timeout [ 78.489623] Bluetooth: hci6: command 0x0419 tx timeout [ 78.490065] Bluetooth: hci5: command 0x0419 tx timeout [ 78.490927] Bluetooth: hci7: command 0x0419 tx timeout [ 78.491334] Bluetooth: hci1: command 0x0419 tx timeout [ 78.491770] Bluetooth: hci4: command 0x0419 tx timeout [ 78.553607] Bluetooth: hci2: command 0x0419 tx timeout 22:59:47 executing program 7: r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x100000, 0x2c, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f000000000000000100000005000000000004000040000020000000d4f4655fd4f4655f0100ffff53ef010001000000d3f4655f000000000000000001000000000000000b0000000001000008000000d2420100120300000000000000000000000000000000000073797a6b616c6c6572000000000000002f746d702f73797a2d696d61676567656e32303232303739373400"/192, 0xc0, 0x400}, {&(0x7f0000010100)="00000000000000000000000076a34e3f63e54dbc8955dd45888f6106010040000c00000000000000d3f4655f00"/64, 0x40, 0x4e0}, {&(0x7f0000010200)="00000000000000000000000000000000000000000000000000000000200020000100000000000000000000000000000000000000040000004600000000000000", 0x40, 0x540}, {&(0x7f0000010300)="0300000004000000000000000000000000000000010400"/32, 0x20, 0x640}, {&(0x7f0000010400)="02000000030000000400000016000f000300040000000000000000000f00c5d7", 0x20, 0x800}, {&(0x7f0000010500)="ff030000ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff0100ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff0000000000000000d3f4655fd3f4655fd3f4655f00"/4128, 0x1020, 0x1000}, {&(0x7f0000011600)="ed41000000080000d3f4655fd4f4655fd4f4655f00000000000004004000000000000800050000000af301000400000000000000000000000100000010000000", 0x40, 0x2100}, {&(0x7f0000011700)="20000000945343359453433500000000d3f4655f00"/32, 0x20, 0x2180}, {&(0x7f0000011800)="8081000000180000d3f4655fd3f4655fd3f4655f00000000000001004000000010000800000000000af301000400000000000000000000000300000030000000", 0x40, 0x2200}, {&(0x7f0000011900)="20000000000000000000000000000000d3f4655f00"/32, 0x20, 0x2280}, {&(0x7f0000011a00)="8081000000180000d3f4655fd3f4655fd3f4655f00000000000001004000000010000800000000000af301000400000000000000000000000300000040000000", 0x40, 0x2300}, {&(0x7f0000011b00)="20000000000000000000000000000000d3f4655f00"/32, 0x20, 0x2380}, {&(0x7f0000011c00)="c041000000400000d3f4655fd3f4655fd3f4655f00000000000002004000000000000800000000000af301000400000000000000000000000800000020000000", 0x40, 0x2a00}, {&(0x7f0000011d00)="20000000000000000000000000000000d3f4655f00"/32, 0x20, 0x2a80}, {&(0x7f0000011e00)="ed41000000080000d4f4655fd4f4655fd4f4655f00000000000002004000000000000800030000000af301000400000000000000000000000100000050000000000000000000000000000000000000000000000000000000000000000000000000000000d6b05c9300000000000000000000000000000000000000000000000020000000945343359453433594534335d4f4655f945343350000000000000000", 0xa0, 0x2b00}, {&(0x7f0000011f00)="ed8100001a040000d4f4655fd4f4655fd4f4655f00000000000001004000000000000800010000000af3010004000000000000000000000001000000600000000000000000000000000000000000000000000000000000000000000000000000000000000da710e000000000000000000000000000000000000000000000000020000000945343359453433594534335d4f4655f945343350000000000000000", 0xa0, 0x2c00}, {&(0x7f0000012000)="ffa1000026000000d4f4655fd4f4655fd4f4655f00000000000001000000000000000000010000002f746d702f73797a2d696d61676567656e3230323230373937342f66696c65302f66696c653000000000000000000000000000000000000000000000d6e8afef00000000000000000000000000000000000000000000000020000000945343359453433594534335d4f4655f945343350000000000000000", 0xa0, 0x2d00}, {&(0x7f0000012100)="ed8100000a000000d4f4655fd4f4655fd4f4655f00000000000001004000000000000800010000000af301000400000000000000000000000100000070000000000000000000000000000000000000000000000000000000000000000000000000000000dd8c9f0800000000000000000000000000000000000000000000000020000000945343359453433594534335d4f4655f945343350000000000000000000002ea06015400000000000600000000000000786174747231000006014c0000000000060000000000000078617474723200000000000000000000000000000000000000000000000000000000000078617474723200007861747472310000ed81000028230000d4f4655fd4f4655fd4f4655f00000000000002004000000000000800010000000af3010004000000000000000000000005000000800000000000000000000000000000000000000000000000000000000000000000000000000000006a2520c300000000000000000000000000000000000000000000000020000000945343359453433594534335d4f4655f945343350000000000000000", 0x1a0, 0x2e00}, {&(0x7f0000012300)="ed81000064000000d4f4655fd4f4655fd4f4655f00000000000001004000000000000800010000000af301000400000000000000000000000100000090000000000000000000000000000000000000000000000000000000000000000000000000000000d9d9ad0100000000000000000000000000000000000000000000000020000000945343359453433594534335d4f4655f945343350000000000000000", 0xa0, 0x3000}, {&(0x7f0000012400)="020000000c0001022e000000020000000c0002022e2e00000b00000014000a026c6f73742b666f756e6400000c0000001000050266696c65300000000f0000001000050166696c6531000000100000001000050166696c6532000000100000001000050166696c6533000000110000009407090166696c652e636f6c64000000", 0x80, 0x8000}, {&(0x7f0000012500)="0b0000000c0001022e00000002000000f40702022e2e00"/32, 0x20, 0x10000}, {&(0x7f0000012600)='\x00\x00\x00\x00\x00\b\x00'/32, 0x20, 0x10800}, {&(0x7f0000012700)='\x00\x00\x00\x00\x00\b\x00'/32, 0x20, 0x11000}, {&(0x7f0000012800)='\x00\x00\x00\x00\x00\b\x00'/32, 0x20, 0x11800}, {&(0x7f0000012900)='\x00\x00\x00\x00\x00\b\x00'/32, 0x20, 0x12000}, {&(0x7f0000012a00)='\x00\x00\x00\x00\x00\b\x00'/32, 0x20, 0x12800}, {&(0x7f0000012b00)='\x00\x00\x00\x00\x00\b\x00'/32, 0x20, 0x13000}, {&(0x7f0000012c00)='\x00\x00\x00\x00\x00\b\x00'/32, 0x20, 0x13800}, {&(0x7f0000012d00)="111fc0d901000000803a0900803a090000000000060000000000000005000000", 0x20, 0x18000}, {&(0x7f0000012e00)="0200"/32, 0x20, 0x18400}, {&(0x7f0000012f00)="0300"/32, 0x20, 0x18800}, {&(0x7f0000013000)="0400"/32, 0x20, 0x18c00}, {&(0x7f0000013100)="0500"/32, 0x20, 0x19000}, {&(0x7f0000013200)="0000000000000000010000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000800300"/96, 0x60, 0x19400}, {&(0x7f0000013300)="2719c0d901000000803a0900803a090000000000060000000000000005000000", 0x20, 0x20000}, {&(0x7f0000013400)="0200"/32, 0x20, 0x20400}, {&(0x7f0000013500)="0300"/32, 0x20, 0x20800}, {&(0x7f0000013600)="0400"/32, 0x20, 0x20c00}, {&(0x7f0000013700)="0500"/32, 0x20, 0x21000}, {&(0x7f0000013800)="0000000000000000010000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000800300"/96, 0x60, 0x21400}, {&(0x7f0000013900)="0c0000000c0001022e000000020000000c0002022e2e00000d0000001000050166696c65300000000e000000d807050766696c653100"/64, 0x40, 0x28000}, {&(0x7f0000013a00)='syzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkal\x00\x00\x00\x00\x00\x00', 0x420, 0x30000}, {&(0x7f0000013f00)='syzkallers\x00'/32, 0x20, 0x38000}, {&(0x7f0000014000)='syzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallers\x00'/128, 0x80, 0x48000}], 0x0, &(0x7f0000014100)) r1 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_inet_SIOCADDRT(r1, 0x890b, &(0x7f0000000100)={0x0, {0x2, 0x0, @dev}, {0x2, 0x0, @dev={0xac, 0x14, 0x14, 0xa}}, {0x2, 0x0, @broadcast}, 0x0, 0x0, 0x0, 0x0, 0xcb3, 0x0, 0x0, 0xfffffffffffffffd}) fcntl$dupfd(r0, 0x0, r1) [ 123.173920] loop7: detected capacity change from 0 to 2048 [ 123.260978] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: writeback. 22:59:47 executing program 7: io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0) r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x10, 0x0, 0x4, 0x0, 0xfffffffffffffffe, 0x2040, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext={0x46}, 0x0, 0x101, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_TCP_MD5SIG(r1, 0x6, 0xe, &(0x7f00000000c0)={@in6={{0xa, 0x4e23, 0x401, @rand_addr=' \x01\x00', 0x10001}}, 0x0, 0x0, 0x44, 0x0, "704f5992d666aa2888e479ca552ee155f638582a91ca97213cf4774a2e4c350cdc3f9f62a4c21970bd149a52fa311b916bf00b51b808c412ed6b9fcbb5be4a2fb7dd8f720ca22b4100"}, 0xd8) setsockopt$inet6_tcp_TCP_REPAIR(r1, 0x6, 0x13, &(0x7f00000018c0)=0x1, 0x4) connect$inet6(r1, &(0x7f0000000080)={0xa, 0x0, 0x0, @private0}, 0x1c) setsockopt$inet6_tcp_TCP_REPAIR(0xffffffffffffffff, 0x6, 0x13, &(0x7f0000000000)=0x1, 0x4) ioctl$F2FS_IOC_MOVE_RANGE(r1, 0xc020f509, &(0x7f0000000040)={0xffffffffffffffff, 0xb58a, 0x100000001, 0x2}) r3 = openat(r2, &(0x7f0000000100)='./file1\x00', 0x404502, 0x283) pwritev(0xffffffffffffffff, &(0x7f0000000140)=[{&(0x7f0000000200)="98bd676a0e833a6524b16933bca513bdbe47444f2d1b0b464d61", 0x1a}], 0x1, 0x0, 0x0) socket$unix(0x1, 0x5, 0x0) ioctl$sock_inet_SIOCADDRT(0xffffffffffffffff, 0x890b, &(0x7f0000000100)={0x0, {0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, {0x2, 0xfffc, @dev={0xac, 0x14, 0x14, 0xa}}, {0x2, 0x0, @broadcast}, 0x0, 0x0, 0x0, 0x0, 0xcb3, 0x0, 0x0, 0xfffffffffffffffd}) dup(0xffffffffffffffff) ioctl$EXT4_IOC_SWAP_BOOT(r3, 0x6611) r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) fallocate(0xffffffffffffffff, 0x44, 0x7, 0x8800002) r5 = openat(r4, &(0x7f00000001c0)='./file1\x00', 0x400000, 0x102) openat(r2, &(0x7f0000000080)='/proc/self/exe\x00', 0x181e00, 0x0) pwritev(r5, &(0x7f00000013c0), 0x0, 0x8, 0x3) ioctl$EXT4_IOC_SWAP_BOOT(r0, 0x6611) [ 123.335593] EXT4-fs (loop7): unmounting filesystem. [ 123.446706] audit: type=1400 audit(1664751587.926:7): avc: denied { open } for pid=3790 comm="syz-executor.7" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 22:59:48 executing program 7: io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0) r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x10, 0x0, 0x4, 0x0, 0xfffffffffffffffe, 0x2040, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext={0x46}, 0x0, 0x101, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_TCP_MD5SIG(r1, 0x6, 0xe, &(0x7f00000000c0)={@in6={{0xa, 0x4e23, 0x401, @rand_addr=' \x01\x00', 0x10001}}, 0x0, 0x0, 0x44, 0x0, "704f5992d666aa2888e479ca552ee155f638582a91ca97213cf4774a2e4c350cdc3f9f62a4c21970bd149a52fa311b916bf00b51b808c412ed6b9fcbb5be4a2fb7dd8f720ca22b4100"}, 0xd8) setsockopt$inet6_tcp_TCP_REPAIR(r1, 0x6, 0x13, &(0x7f00000018c0)=0x1, 0x4) connect$inet6(r1, &(0x7f0000000080)={0xa, 0x0, 0x0, @private0}, 0x1c) setsockopt$inet6_tcp_TCP_REPAIR(0xffffffffffffffff, 0x6, 0x13, &(0x7f0000000000)=0x1, 0x4) ioctl$F2FS_IOC_MOVE_RANGE(r1, 0xc020f509, &(0x7f0000000040)={0xffffffffffffffff, 0xb58a, 0x100000001, 0x2}) r3 = openat(r2, &(0x7f0000000100)='./file1\x00', 0x404502, 0x283) pwritev(0xffffffffffffffff, &(0x7f0000000140)=[{&(0x7f0000000200)="98bd676a0e833a6524b16933bca513bdbe47444f2d1b0b464d61", 0x1a}], 0x1, 0x0, 0x0) socket$unix(0x1, 0x5, 0x0) ioctl$sock_inet_SIOCADDRT(0xffffffffffffffff, 0x890b, &(0x7f0000000100)={0x0, {0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, {0x2, 0xfffc, @dev={0xac, 0x14, 0x14, 0xa}}, {0x2, 0x0, @broadcast}, 0x0, 0x0, 0x0, 0x0, 0xcb3, 0x0, 0x0, 0xfffffffffffffffd}) dup(0xffffffffffffffff) ioctl$EXT4_IOC_SWAP_BOOT(r3, 0x6611) r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) fallocate(0xffffffffffffffff, 0x44, 0x7, 0x8800002) r5 = openat(r4, &(0x7f00000001c0)='./file1\x00', 0x400000, 0x102) openat(r2, &(0x7f0000000080)='/proc/self/exe\x00', 0x181e00, 0x0) pwritev(r5, &(0x7f00000013c0), 0x0, 0x8, 0x3) ioctl$EXT4_IOC_SWAP_BOOT(r0, 0x6611) 22:59:48 executing program 7: io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0) r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x10, 0x0, 0x4, 0x0, 0xfffffffffffffffe, 0x2040, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext={0x46}, 0x0, 0x101, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_TCP_MD5SIG(r1, 0x6, 0xe, &(0x7f00000000c0)={@in6={{0xa, 0x4e23, 0x401, @rand_addr=' \x01\x00', 0x10001}}, 0x0, 0x0, 0x44, 0x0, "704f5992d666aa2888e479ca552ee155f638582a91ca97213cf4774a2e4c350cdc3f9f62a4c21970bd149a52fa311b916bf00b51b808c412ed6b9fcbb5be4a2fb7dd8f720ca22b4100"}, 0xd8) setsockopt$inet6_tcp_TCP_REPAIR(r1, 0x6, 0x13, &(0x7f00000018c0)=0x1, 0x4) connect$inet6(r1, &(0x7f0000000080)={0xa, 0x0, 0x0, @private0}, 0x1c) setsockopt$inet6_tcp_TCP_REPAIR(0xffffffffffffffff, 0x6, 0x13, &(0x7f0000000000)=0x1, 0x4) ioctl$F2FS_IOC_MOVE_RANGE(r1, 0xc020f509, &(0x7f0000000040)={0xffffffffffffffff, 0xb58a, 0x100000001, 0x2}) r3 = openat(r2, &(0x7f0000000100)='./file1\x00', 0x404502, 0x283) pwritev(0xffffffffffffffff, &(0x7f0000000140)=[{&(0x7f0000000200)="98bd676a0e833a6524b16933bca513bdbe47444f2d1b0b464d61", 0x1a}], 0x1, 0x0, 0x0) socket$unix(0x1, 0x5, 0x0) ioctl$sock_inet_SIOCADDRT(0xffffffffffffffff, 0x890b, &(0x7f0000000100)={0x0, {0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, {0x2, 0xfffc, @dev={0xac, 0x14, 0x14, 0xa}}, {0x2, 0x0, @broadcast}, 0x0, 0x0, 0x0, 0x0, 0xcb3, 0x0, 0x0, 0xfffffffffffffffd}) dup(0xffffffffffffffff) ioctl$EXT4_IOC_SWAP_BOOT(r3, 0x6611) r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) fallocate(0xffffffffffffffff, 0x44, 0x7, 0x8800002) r5 = openat(r4, &(0x7f00000001c0)='./file1\x00', 0x400000, 0x102) openat(r2, &(0x7f0000000080)='/proc/self/exe\x00', 0x181e00, 0x0) pwritev(r5, &(0x7f00000013c0), 0x0, 0x8, 0x3) ioctl$EXT4_IOC_SWAP_BOOT(r0, 0x6611) 22:59:48 executing program 7: io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0) r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x10, 0x0, 0x4, 0x0, 0xfffffffffffffffe, 0x2040, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext={0x46}, 0x0, 0x101, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_TCP_MD5SIG(r1, 0x6, 0xe, &(0x7f00000000c0)={@in6={{0xa, 0x4e23, 0x401, @rand_addr=' \x01\x00', 0x10001}}, 0x0, 0x0, 0x44, 0x0, "704f5992d666aa2888e479ca552ee155f638582a91ca97213cf4774a2e4c350cdc3f9f62a4c21970bd149a52fa311b916bf00b51b808c412ed6b9fcbb5be4a2fb7dd8f720ca22b4100"}, 0xd8) setsockopt$inet6_tcp_TCP_REPAIR(r1, 0x6, 0x13, &(0x7f00000018c0)=0x1, 0x4) connect$inet6(r1, &(0x7f0000000080)={0xa, 0x0, 0x0, @private0}, 0x1c) setsockopt$inet6_tcp_TCP_REPAIR(0xffffffffffffffff, 0x6, 0x13, &(0x7f0000000000)=0x1, 0x4) ioctl$F2FS_IOC_MOVE_RANGE(r1, 0xc020f509, &(0x7f0000000040)={0xffffffffffffffff, 0xb58a, 0x100000001, 0x2}) r3 = openat(r2, &(0x7f0000000100)='./file1\x00', 0x404502, 0x283) pwritev(0xffffffffffffffff, &(0x7f0000000140)=[{&(0x7f0000000200)="98bd676a0e833a6524b16933bca513bdbe47444f2d1b0b464d61", 0x1a}], 0x1, 0x0, 0x0) socket$unix(0x1, 0x5, 0x0) ioctl$sock_inet_SIOCADDRT(0xffffffffffffffff, 0x890b, &(0x7f0000000100)={0x0, {0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, {0x2, 0xfffc, @dev={0xac, 0x14, 0x14, 0xa}}, {0x2, 0x0, @broadcast}, 0x0, 0x0, 0x0, 0x0, 0xcb3, 0x0, 0x0, 0xfffffffffffffffd}) dup(0xffffffffffffffff) ioctl$EXT4_IOC_SWAP_BOOT(r3, 0x6611) r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) fallocate(0xffffffffffffffff, 0x44, 0x7, 0x8800002) r5 = openat(r4, &(0x7f00000001c0)='./file1\x00', 0x400000, 0x102) openat(r2, &(0x7f0000000080)='/proc/self/exe\x00', 0x181e00, 0x0) pwritev(r5, &(0x7f00000013c0), 0x0, 0x8, 0x3) ioctl$EXT4_IOC_SWAP_BOOT(r0, 0x6611) 22:59:48 executing program 7: io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x10, 0x0, 0x4, 0x0, 0xfffffffffffffffe, 0x2040, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext={0x46}, 0x0, 0x101, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_TCP_MD5SIG(r0, 0x6, 0xe, &(0x7f00000000c0)={@in6={{0xa, 0x4e23, 0x401, @rand_addr=' \x01\x00', 0x10001}}, 0x0, 0x0, 0x44, 0x0, "704f5992d666aa2888e479ca552ee155f638582a91ca97213cf4774a2e4c350cdc3f9f62a4c21970bd149a52fa311b916bf00b51b808c412ed6b9fcbb5be4a2fb7dd8f720ca22b4100"}, 0xd8) setsockopt$inet6_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f00000018c0)=0x1, 0x4) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @private0}, 0x1c) setsockopt$inet6_tcp_TCP_REPAIR(0xffffffffffffffff, 0x6, 0x13, &(0x7f0000000000)=0x1, 0x4) ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f0000000040)={0xffffffffffffffff, 0xb58a, 0x100000001, 0x2}) r2 = openat(r1, &(0x7f0000000100)='./file1\x00', 0x404502, 0x283) pwritev(0xffffffffffffffff, &(0x7f0000000140)=[{&(0x7f0000000200)="98bd676a0e833a6524b16933bca513bdbe47444f2d1b0b464d61", 0x1a}], 0x1, 0x0, 0x0) socket$unix(0x1, 0x5, 0x0) ioctl$sock_inet_SIOCADDRT(0xffffffffffffffff, 0x890b, &(0x7f0000000100)={0x0, {0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, {0x2, 0xfffc, @dev={0xac, 0x14, 0x14, 0xa}}, {0x2, 0x0, @broadcast}, 0x0, 0x0, 0x0, 0x0, 0xcb3, 0x0, 0x0, 0xfffffffffffffffd}) dup(0xffffffffffffffff) ioctl$EXT4_IOC_SWAP_BOOT(r2, 0x6611) r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) fallocate(0xffffffffffffffff, 0x44, 0x7, 0x8800002) r4 = openat(r3, &(0x7f00000001c0)='./file1\x00', 0x400000, 0x102) openat(r1, &(0x7f0000000080)='/proc/self/exe\x00', 0x181e00, 0x0) pwritev(r4, &(0x7f00000013c0), 0x0, 0x8, 0x3) 22:59:48 executing program 7: io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x10, 0x0, 0x4, 0x0, 0xfffffffffffffffe, 0x2040, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext={0x46}, 0x0, 0x101, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_TCP_MD5SIG(r0, 0x6, 0xe, &(0x7f00000000c0)={@in6={{0xa, 0x4e23, 0x401, @rand_addr=' \x01\x00', 0x10001}}, 0x0, 0x0, 0x44, 0x0, "704f5992d666aa2888e479ca552ee155f638582a91ca97213cf4774a2e4c350cdc3f9f62a4c21970bd149a52fa311b916bf00b51b808c412ed6b9fcbb5be4a2fb7dd8f720ca22b4100"}, 0xd8) setsockopt$inet6_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f00000018c0)=0x1, 0x4) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @private0}, 0x1c) setsockopt$inet6_tcp_TCP_REPAIR(0xffffffffffffffff, 0x6, 0x13, &(0x7f0000000000)=0x1, 0x4) ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f0000000040)={0xffffffffffffffff, 0xb58a, 0x100000001, 0x2}) r2 = openat(r1, &(0x7f0000000100)='./file1\x00', 0x404502, 0x283) pwritev(0xffffffffffffffff, &(0x7f0000000140)=[{&(0x7f0000000200)="98bd676a0e833a6524b16933bca513bdbe47444f2d1b0b464d61", 0x1a}], 0x1, 0x0, 0x0) socket$unix(0x1, 0x5, 0x0) ioctl$sock_inet_SIOCADDRT(0xffffffffffffffff, 0x890b, &(0x7f0000000100)={0x0, {0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, {0x2, 0xfffc, @dev={0xac, 0x14, 0x14, 0xa}}, {0x2, 0x0, @broadcast}, 0x0, 0x0, 0x0, 0x0, 0xcb3, 0x0, 0x0, 0xfffffffffffffffd}) dup(0xffffffffffffffff) ioctl$EXT4_IOC_SWAP_BOOT(r2, 0x6611) r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) fallocate(0xffffffffffffffff, 0x44, 0x7, 0x8800002) openat(r3, &(0x7f00000001c0)='./file1\x00', 0x400000, 0x102) openat(r1, &(0x7f0000000080)='/proc/self/exe\x00', 0x181e00, 0x0) 22:59:48 executing program 7: io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x10, 0x0, 0x4, 0x0, 0xfffffffffffffffe, 0x2040, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext={0x46}, 0x0, 0x101, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_TCP_MD5SIG(r0, 0x6, 0xe, &(0x7f00000000c0)={@in6={{0xa, 0x4e23, 0x401, @rand_addr=' \x01\x00', 0x10001}}, 0x0, 0x0, 0x44, 0x0, "704f5992d666aa2888e479ca552ee155f638582a91ca97213cf4774a2e4c350cdc3f9f62a4c21970bd149a52fa311b916bf00b51b808c412ed6b9fcbb5be4a2fb7dd8f720ca22b4100"}, 0xd8) setsockopt$inet6_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f00000018c0)=0x1, 0x4) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @private0}, 0x1c) setsockopt$inet6_tcp_TCP_REPAIR(0xffffffffffffffff, 0x6, 0x13, &(0x7f0000000000)=0x1, 0x4) ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f0000000040)={0xffffffffffffffff, 0xb58a, 0x100000001, 0x2}) r2 = openat(r1, &(0x7f0000000100)='./file1\x00', 0x404502, 0x283) pwritev(0xffffffffffffffff, &(0x7f0000000140)=[{&(0x7f0000000200)="98bd676a0e833a6524b16933bca513bdbe47444f2d1b0b464d61", 0x1a}], 0x1, 0x0, 0x0) socket$unix(0x1, 0x5, 0x0) ioctl$sock_inet_SIOCADDRT(0xffffffffffffffff, 0x890b, &(0x7f0000000100)={0x0, {0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, {0x2, 0xfffc, @dev={0xac, 0x14, 0x14, 0xa}}, {0x2, 0x0, @broadcast}, 0x0, 0x0, 0x0, 0x0, 0xcb3, 0x0, 0x0, 0xfffffffffffffffd}) dup(0xffffffffffffffff) ioctl$EXT4_IOC_SWAP_BOOT(r2, 0x6611) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) fallocate(0xffffffffffffffff, 0x44, 0x7, 0x8800002) openat(r1, &(0x7f0000000080)='/proc/self/exe\x00', 0x181e00, 0x0) [ 126.444498] FAT-fs (loop3): bogus number of reserved sectors [ 126.445097] FAT-fs (loop3): Can't find a valid FAT filesystem [ 126.462504] FAT-fs (loop3): bogus number of reserved sectors [ 126.463072] FAT-fs (loop3): Can't find a valid FAT filesystem 23:00:08 executing program 7: io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x10, 0x0, 0x4, 0x0, 0xfffffffffffffffe, 0x2040, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext={0x46}, 0x0, 0x101, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_TCP_MD5SIG(r0, 0x6, 0xe, &(0x7f00000000c0)={@in6={{0xa, 0x4e23, 0x401, @rand_addr=' \x01\x00', 0x10001}}, 0x0, 0x0, 0x44, 0x0, "704f5992d666aa2888e479ca552ee155f638582a91ca97213cf4774a2e4c350cdc3f9f62a4c21970bd149a52fa311b916bf00b51b808c412ed6b9fcbb5be4a2fb7dd8f720ca22b4100"}, 0xd8) setsockopt$inet6_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f00000018c0)=0x1, 0x4) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @private0}, 0x1c) setsockopt$inet6_tcp_TCP_REPAIR(0xffffffffffffffff, 0x6, 0x13, &(0x7f0000000000)=0x1, 0x4) ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f0000000040)={0xffffffffffffffff, 0xb58a, 0x100000001, 0x2}) r2 = openat(r1, &(0x7f0000000100)='./file1\x00', 0x404502, 0x283) pwritev(0xffffffffffffffff, &(0x7f0000000140)=[{&(0x7f0000000200)="98bd676a0e833a6524b16933bca513bdbe47444f2d1b0b464d61", 0x1a}], 0x1, 0x0, 0x0) socket$unix(0x1, 0x5, 0x0) ioctl$sock_inet_SIOCADDRT(0xffffffffffffffff, 0x890b, &(0x7f0000000100)={0x0, {0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, {0x2, 0xfffc, @dev={0xac, 0x14, 0x14, 0xa}}, {0x2, 0x0, @broadcast}, 0x0, 0x0, 0x0, 0x0, 0xcb3, 0x0, 0x0, 0xfffffffffffffffd}) dup(0xffffffffffffffff) ioctl$EXT4_IOC_SWAP_BOOT(r2, 0x6611) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) openat(r1, &(0x7f0000000080)='/proc/self/exe\x00', 0x181e00, 0x0) 23:00:08 executing program 0: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$ieee802154(&(0x7f0000000000), r1) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000340), r0) sendmsg$IEEE802154_LLSEC_GETPARAMS(r0, &(0x7f00000004c0)={&(0x7f0000000300), 0xc, &(0x7f0000000480)={&(0x7f0000000400)={0x28, r2, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_DEV_INDEX={0x8}, @IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan0\x00'}]}, 0x28}}, 0x0) 23:00:08 executing program 2: r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x2080000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x1000, 0x3ff}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10005}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0xc042, 0x0) ioctl$FS_IOC_SETFLAGS(r1, 0x40086602, &(0x7f0000000040)) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x2, 0x0) pwrite64(r2, &(0x7f00000000c0)='9', 0x1, 0x8040000) setsockopt$inet6_tcp_TCP_MD5SIG(r2, 0x6, 0xe, &(0x7f0000000540)={@in6={{0xa, 0x4e20, 0xffff, @mcast2, 0x4}}, 0x0, 0x0, 0x15, 0x0, "b25da62d685a38083e45ab1950001ca46105939b4b3d83bd945bed03b30b62897693132cb6e12788b1d58f9b2fff886055bea488ee0e2918a8c961a2684924dfa9841132b1916476e31d06d76d34a918"}, 0xd8) r3 = openat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x4042, 0x0) sendfile(r2, r3, 0x0, 0xffff) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) r4 = openat$sr(0xffffffffffffff9c, &(0x7f0000000100), 0x44b43, 0x0) ioctl$SG_EMULATED_HOST(r4, 0x5390, &(0x7f0000002340)) ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r4, 0xc0189375, 0xfffffffffffffffc) syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000140)='./file1\x00', 0x3709, 0x3, &(0x7f0000000380)=[{&(0x7f0000000180)="1c2fe7f4768bbb4726372f7ae4f19dbebc055e338ef75483d768ff9661c6", 0x1e, 0x84a}, {&(0x7f00000001c0)="388cbf3d90953f6ab40ff6a75acbbf53880ed5b66aa541ae9a5f42fefb047436d6c2416285793361f23ace0e3666e47dac410a1047a20710ad0bc8781024d37ef2e3456ac7178fd2ea26d75d963423678b55bee32c0fc2696cb52f45a60b8e3635a982bbc6f643c54cfc4212fd717170f75e6fe08c5e2d007e43209704cc1e15c14da4db99a8a00e75", 0x89, 0x8}, {&(0x7f0000000300)="adbf3a6c6f8ced403e4d167f1835f0831b4a1878501e444d3fc569adb2d8dd01585c75b45e2624610b7f", 0x2a, 0xe9}], 0x200480c, &(0x7f0000000400)={[{@rodir}, {@numtail}, {@iocharset={'iocharset', 0x3d, 'koi8-u'}}], [{@uid_eq}, {@fscontext={'fscontext', 0x3d, 'sysadm_u'}}]}) ioctl$AUTOFS_DEV_IOCTL_OPENMOUNT(r3, 0xc0189374, &(0x7f00000004c0)={{0x1, 0x1, 0x18, r0, {0xffffffff}}, './file1\x00'}) utimensat(r5, &(0x7f0000000480)='./file1\x00', &(0x7f0000000500)={{}, {0x77359400}}, 0x100) 23:00:08 executing program 4: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) r2 = socket$packet(0x11, 0x3, 0x300) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'syz_tun\x00', 0x0}) setsockopt$packet_add_memb(r1, 0x107, 0x1, &(0x7f0000000080)={r3, 0x1, 0x6, @remote}, 0x10) setsockopt$packet_add_memb(r1, 0x107, 0x1, &(0x7f0000000000)={r3, 0x3, 0x6, @link_local}, 0x10) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000000)={'rose0\x00'}) close_range(r0, r0, 0x0) r4 = openat$incfs(r0, &(0x7f00000000c0)='.log\x00', 0x402200, 0x40) getsockopt$inet_pktinfo(r4, 0x0, 0x8, &(0x7f0000000100)={0x0, @private, @loopback}, &(0x7f0000000140)=0xc) [ 144.250616] audit: type=1400 audit(1664751608.728:8): avc: denied { kernel } for pid=4002 comm="syz-executor.2" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 23:00:08 executing program 1: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x77, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/class/wakeup', 0x20000, 0x54) r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000100), 0x25103, 0x0) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), r1) sendmsg$NL80211_CMD_START_AP(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)={0x25, r2, 0x5, 0x0, 0x0, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_BEACON_INTERVAL={0x8}, @NL80211_ATTR_DTIM_PERIOD={0x8}]}, 0x2c}}, 0x0) 23:00:08 executing program 5: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl$sock_inet6_udp_SIOCOUTQ(r0, 0x5411, &(0x7f0000000540)) r1 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_inet_SIOCADDRT(r1, 0x890b, &(0x7f0000000100)={0x0, {0x2, 0x0, @dev}, {0x2, 0x0, @dev={0xac, 0x14, 0x14, 0xa}}, {0x2, 0x0, @broadcast}, 0x0, 0x0, 0x0, 0x0, 0xcb3, 0x0, 0x0, 0xfffffffffffffffd}) ioctl$AUTOFS_DEV_IOCTL_VERSION(0xffffffffffffffff, 0xc0189371, &(0x7f0000000000)=ANY=[@ANYBLOB="010000001f0000001fffffff", @ANYRES32=r1, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00./file0\x00']) socket$inet6_udplite(0xa, 0x2, 0x88) 23:00:08 executing program 6: keyctl$join(0x1, 0x0) keyctl$join(0x1, &(0x7f0000000000)={'syz', 0x1}) keyctl$join(0x1, &(0x7f0000000040)={'syz', 0x0}) keyctl$join(0x1, &(0x7f0000000080)={'syz', 0x2}) keyctl$join(0x1, &(0x7f00000000c0)={'syz', 0x2}) keyctl$join(0x1, &(0x7f0000000100)={'syz', 0x2}) keyctl$join(0x1, &(0x7f0000000140)={'syz', 0x0}) keyctl$join(0x1, &(0x7f0000000180)={'syz', 0x1}) keyctl$join(0x1, &(0x7f00000001c0)={'syz', 0x2}) keyctl$join(0x1, &(0x7f0000000200)={'syz', 0x0}) keyctl$join(0x1, &(0x7f0000000240)={'syz', 0x1}) keyctl$join(0x1, 0x0) keyctl$join(0x1, 0x0) keyctl$join(0x1, &(0x7f0000000280)={'syz', 0x1}) keyctl$join(0x1, 0x0) keyctl$join(0x1, &(0x7f00000002c0)={'syz', 0x2}) keyctl$join(0x1, 0x0) keyctl$join(0x1, &(0x7f0000000300)={'syz', 0x3}) keyctl$join(0x1, &(0x7f0000000340)={'syz', 0x2}) keyctl$join(0x1, &(0x7f0000000380)={'syz', 0x3}) 23:00:08 executing program 3: r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000000100)=0x0, &(0x7f0000000080)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000040)=@IORING_OP_SYNC_FILE_RANGE, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE_FIXED={0x5, 0x0, 0x0, @fd_index}, 0x0) syz_io_uring_setup(0x1, &(0x7f0000000080), &(0x7f0000ffc000/0x4000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100)=0x0, &(0x7f0000000000)) r4 = syz_io_uring_setup(0x6d4e, &(0x7f0000000300)={0x0, 0xaceb, 0x2, 0x2, 0x3b5}, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000fed000/0x13000)=nil, &(0x7f00000002c0), &(0x7f0000000280)) io_uring_register$IORING_REGISTER_PERSONALITY(r4, 0x9, 0x0, 0x0) syz_io_uring_submit(r3, r2, &(0x7f0000000800)=@IORING_OP_WRITEV={0x2, 0x2, 0x0, @fd_index, 0x0, &(0x7f0000000740)=[{0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}], 0x9}, 0x0) io_uring_enter(r0, 0x4059, 0x0, 0x0, 0x0, 0x0) [ 144.288161] ------------[ cut here ]------------ [ 144.288199] [ 144.288204] ====================================================== [ 144.288210] WARNING: possible circular locking dependency detected [ 144.288217] 6.0.0-rc7-next-20220930 #1 Not tainted [ 144.288229] ------------------------------------------------------ [ 144.288234] syz-executor.2/4005 is trying to acquire lock: [ 144.288246] ffffffff853faab8 ((console_sem).lock){....}-{2:2}, at: down_trylock+0xe/0x70 [ 144.288313] [ 144.288313] but task is already holding lock: [ 144.288318] ffff88803f9acc20 (&ctx->lock){....}-{2:2}, at: __perf_event_task_sched_out+0x53b/0x18d0 [ 144.288365] [ 144.288365] which lock already depends on the new lock. [ 144.288365] [ 144.288370] [ 144.288370] the existing dependency chain (in reverse order) is: [ 144.288375] [ 144.288375] -> #3 (&ctx->lock){....}-{2:2}: [ 144.288400] _raw_spin_lock+0x2a/0x40 [ 144.288420] __perf_event_task_sched_out+0x53b/0x18d0 [ 144.288440] __schedule+0xedd/0x2470 [ 144.288465] preempt_schedule_common+0x45/0xc0 [ 144.288492] __cond_resched+0x17/0x30 [ 144.288518] __mutex_lock+0xa3/0x14d0 [ 144.288545] __do_sys_perf_event_open+0x1eec/0x32c0 [ 144.288566] do_syscall_64+0x3b/0x90 [ 144.288597] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 144.288620] [ 144.288620] -> #2 (&rq->__lock){-.-.}-{2:2}: [ 144.288644] _raw_spin_lock_nested+0x30/0x40 [ 144.288664] raw_spin_rq_lock_nested+0x1e/0x30 [ 144.288687] task_fork_fair+0x63/0x4d0 [ 144.288717] sched_cgroup_fork+0x3d0/0x540 [ 144.288743] copy_process+0x4183/0x6e20 [ 144.288761] kernel_clone+0xe7/0x890 [ 144.288779] user_mode_thread+0xad/0xf0 [ 144.288797] rest_init+0x24/0x250 [ 144.288819] arch_call_rest_init+0xf/0x14 [ 144.288849] start_kernel+0x4c6/0x4eb [ 144.288877] secondary_startup_64_no_verify+0xe0/0xeb [ 144.288902] [ 144.288902] -> #1 (&p->pi_lock){-.-.}-{2:2}: [ 144.288927] _raw_spin_lock_irqsave+0x39/0x60 [ 144.288947] try_to_wake_up+0xab/0x1930 [ 144.288971] up+0x75/0xb0 [ 144.288996] __up_console_sem+0x6e/0x80 [ 144.289025] console_unlock+0x46a/0x590 [ 144.289054] vt_ioctl+0x2822/0x2ca0 [ 144.289074] tty_ioctl+0x785/0x16b0 [ 144.289092] __x64_sys_ioctl+0x19a/0x210 [ 144.289117] do_syscall_64+0x3b/0x90 [ 144.289147] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 144.289170] [ 144.289170] -> #0 ((console_sem).lock){....}-{2:2}: [ 144.289195] __lock_acquire+0x2a02/0x5e70 [ 144.289225] lock_acquire+0x1a2/0x530 [ 144.289254] _raw_spin_lock_irqsave+0x39/0x60 [ 144.289274] down_trylock+0xe/0x70 [ 144.289301] __down_trylock_console_sem+0x3b/0xd0 [ 144.289330] vprintk_emit+0x16b/0x560 [ 144.289361] vprintk+0x84/0xa0 [ 144.289400] _printk+0xba/0xf1 [ 144.289426] report_bug.cold+0x72/0xab [ 144.289459] handle_bug+0x3c/0x70 [ 144.289490] exc_invalid_op+0x14/0x50 [ 144.289521] asm_exc_invalid_op+0x16/0x20 [ 144.289543] group_sched_out.part.0+0x2c7/0x460 [ 144.289575] ctx_sched_out+0x8f1/0xc10 [ 144.289605] __perf_event_task_sched_out+0x6d0/0x18d0 [ 144.289625] __schedule+0xedd/0x2470 [ 144.289650] preempt_schedule_common+0x45/0xc0 [ 144.289677] __cond_resched+0x17/0x30 [ 144.289702] __mutex_lock+0xa3/0x14d0 [ 144.289729] __do_sys_perf_event_open+0x1eec/0x32c0 [ 144.289756] netlink: 1 bytes leftover after parsing attributes in process `syz-executor.1'. [ 144.289750] do_syscall_64+0x3b/0x90 [ 144.289781] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 144.289805] [ 144.289805] other info that might help us debug this: [ 144.289805] [ 144.289809] Chain exists of: [ 144.289809] (console_sem).lock --> &rq->__lock --> &ctx->lock [ 144.289809] [ 144.289837] Possible unsafe locking scenario: [ 144.289837] [ 144.289841] CPU0 CPU1 [ 144.289845] ---- ---- [ 144.289849] lock(&ctx->lock); [ 144.289859] lock(&rq->__lock); [ 144.289870] lock(&ctx->lock); [ 144.289881] lock((console_sem).lock); [ 144.289892] [ 144.289892] *** DEADLOCK *** [ 144.289892] [ 144.289895] 2 locks held by syz-executor.2/4005: [ 144.289907] #0: ffff88806ce37e98 (&rq->__lock){-.-.}-{2:2}, at: __schedule+0x1cf/0x2470 [ 144.289961] #1: ffff88803f9acc20 (&ctx->lock){....}-{2:2}, at: __perf_event_task_sched_out+0x53b/0x18d0 [ 144.290009] [ 144.290009] stack backtrace: [ 144.290014] CPU: 0 PID: 4005 Comm: syz-executor.2 Not tainted 6.0.0-rc7-next-20220930 #1 [ 144.290037] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 144.290051] Call Trace: [ 144.290057] [ 144.290064] dump_stack_lvl+0x8b/0xb3 [ 144.290098] check_noncircular+0x263/0x2e0 [ 144.290128] ? format_decode+0x26c/0xb50 [ 144.290158] ? print_circular_bug+0x450/0x450 [ 144.290190] ? simple_strtoul+0x30/0x30 [ 144.290220] ? format_decode+0x26c/0xb50 [ 144.290253] ? alloc_chain_hlocks+0x1ec/0x5a0 [ 144.290287] __lock_acquire+0x2a02/0x5e70 [ 144.290330] ? lockdep_hardirqs_on_prepare+0x410/0x410 [ 144.290364] ? __mutex_add_waiter+0x120/0x120 [ 144.290399] lock_acquire+0x1a2/0x530 [ 144.290430] ? down_trylock+0xe/0x70 [ 144.290462] ? lock_release+0x750/0x750 [ 144.290524] ? vprintk+0x84/0xa0 [ 144.290558] _raw_spin_lock_irqsave+0x39/0x60 [ 144.290579] ? down_trylock+0xe/0x70 [ 144.290609] down_trylock+0xe/0x70 [ 144.290638] ? vprintk+0x84/0xa0 [ 144.290669] __down_trylock_console_sem+0x3b/0xd0 [ 144.290701] vprintk_emit+0x16b/0x560 [ 144.290737] vprintk+0x84/0xa0 [ 144.290771] _printk+0xba/0xf1 [ 144.290792] ? record_print_text.cold+0x16/0x16 [ 144.290824] ? report_bug.cold+0x66/0xab [ 144.290858] ? group_sched_out.part.0+0x2c7/0x460 [ 144.290892] report_bug.cold+0x72/0xab [ 144.290928] handle_bug+0x3c/0x70 [ 144.290960] exc_invalid_op+0x14/0x50 [ 144.290994] asm_exc_invalid_op+0x16/0x20 [ 144.291018] RIP: 0010:group_sched_out.part.0+0x2c7/0x460 [ 144.291055] Code: 5e 41 5f e9 8b ae ef ff e8 86 ae ef ff 65 8b 1d 0b 18 ac 7e 31 ff 89 de e8 26 ab ef ff 85 db 0f 84 8a 00 00 00 e8 69 ae ef ff <0f> 0b e9 a5 fe ff ff e8 5d ae ef ff 48 8d 7d 10 48 b8 00 00 00 00 [ 144.291075] RSP: 0018:ffff88804076f978 EFLAGS: 00010006 [ 144.291092] RAX: 0000000040000002 RBX: 0000000000000000 RCX: 0000000000000000 [ 144.291105] RDX: ffff88803ee65040 RSI: ffffffff81565dc7 RDI: 0000000000000005 [ 144.291119] RBP: ffff888008660000 R08: 0000000000000005 R09: 0000000000000001 [ 144.291132] R10: 0000000000000000 R11: ffffffff865b401b R12: ffff88803f9acc00 [ 144.291146] R13: ffff88806ce3d2c0 R14: ffffffff8547d000 R15: 0000000000000002 [ 144.291168] ? group_sched_out.part.0+0x2c7/0x460 [ 144.291206] ? group_sched_out.part.0+0x2c7/0x460 [ 144.291244] ctx_sched_out+0x8f1/0xc10 [ 144.291282] __perf_event_task_sched_out+0x6d0/0x18d0 [ 144.291309] ? lock_is_held_type+0xd7/0x130 [ 144.291336] ? __perf_cgroup_move+0x160/0x160 [ 144.291355] ? set_next_entity+0x304/0x550 [ 144.291387] ? update_curr+0x267/0x740 [ 144.291423] ? lock_is_held_type+0xd7/0x130 [ 144.291449] __schedule+0xedd/0x2470 [ 144.291483] ? io_schedule_timeout+0x150/0x150 [ 144.291510] ? find_held_lock+0x2c/0x110 [ 144.291541] ? lock_is_held_type+0xd7/0x130 [ 144.291566] ? __cond_resched+0x17/0x30 [ 144.291596] preempt_schedule_common+0x45/0xc0 [ 144.291627] __cond_resched+0x17/0x30 [ 144.291654] __mutex_lock+0xa3/0x14d0 [ 144.291685] ? lock_is_held_type+0xd7/0x130 [ 144.291709] ? __do_sys_perf_event_open+0x1eec/0x32c0 [ 144.291735] ? mutex_lock_io_nested+0x1310/0x1310 [ 144.291765] ? lock_release+0x3b2/0x750 [ 144.291798] ? __up_read+0x192/0x730 [ 144.291825] ? up_write+0x520/0x520 [ 144.291853] ? _raw_spin_unlock_irqrestore+0x28/0x60 [ 144.291880] __do_sys_perf_event_open+0x1eec/0x32c0 [ 144.291910] ? __up_read+0x192/0x730 [ 144.291936] ? perf_compat_ioctl+0x130/0x130 [ 144.291958] ? up_write+0x520/0x520 [ 144.291994] ? syscall_enter_from_user_mode+0x1d/0x50 [ 144.292020] ? syscall_enter_from_user_mode+0x1d/0x50 [ 144.292050] do_syscall_64+0x3b/0x90 [ 144.292084] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 144.292108] RIP: 0033:0x7f0b9c56ab19 [ 144.292123] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 144.292143] RSP: 002b:00007f0b99ae0188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a [ 144.292163] RAX: ffffffffffffffda RBX: 00007f0b9c67df60 RCX: 00007f0b9c56ab19 [ 144.292177] RDX: ffffffffffffffff RSI: 0000000000000000 RDI: 0000000020000080 [ 144.292191] RBP: 00007f0b9c5c4f6d R08: 0000000000000000 R09: 0000000000000000 [ 144.292204] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000000 [ 144.292217] R13: 00007ffe6f5824af R14: 00007f0b99ae0300 R15: 0000000000022000 [ 144.292244] [ 144.397442] WARNING: CPU: 0 PID: 4005 at kernel/events/core.c:2309 group_sched_out.part.0+0x2c7/0x460 [ 144.398671] Modules linked in: [ 144.399098] CPU: 0 PID: 4005 Comm: syz-executor.2 Not tainted 6.0.0-rc7-next-20220930 #1 [ 144.400174] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 144.401697] RIP: 0010:group_sched_out.part.0+0x2c7/0x460 [ 144.402446] Code: 5e 41 5f e9 8b ae ef ff e8 86 ae ef ff 65 8b 1d 0b 18 ac 7e 31 ff 89 de e8 26 ab ef ff 85 db 0f 84 8a 00 00 00 e8 69 ae ef ff <0f> 0b e9 a5 fe ff ff e8 5d ae ef ff 48 8d 7d 10 48 b8 00 00 00 00 [ 144.404857] RSP: 0018:ffff88804076f978 EFLAGS: 00010006 [ 144.405568] RAX: 0000000040000002 RBX: 0000000000000000 RCX: 0000000000000000 [ 144.406529] RDX: ffff88803ee65040 RSI: ffffffff81565dc7 RDI: 0000000000000005 [ 144.407459] RBP: ffff888008660000 R08: 0000000000000005 R09: 0000000000000001 [ 144.408397] R10: 0000000000000000 R11: ffffffff865b401b R12: ffff88803f9acc00 [ 144.409340] R13: ffff88806ce3d2c0 R14: ffffffff8547d000 R15: 0000000000000002 [ 144.410275] FS: 00007f0b99ae0700(0000) GS:ffff88806ce00000(0000) knlGS:0000000000000000 [ 144.411348] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 144.412117] CR2: 0000555556ee2708 CR3: 00000000207ae000 CR4: 0000000000350ef0 [ 144.413056] Call Trace: [ 144.413410] [ 144.413733] ctx_sched_out+0x8f1/0xc10 [ 144.414274] __perf_event_task_sched_out+0x6d0/0x18d0 [ 144.414966] ? lock_is_held_type+0xd7/0x130 [ 144.415552] ? __perf_cgroup_move+0x160/0x160 [ 144.416162] ? set_next_entity+0x304/0x550 [ 144.416736] ? update_curr+0x267/0x740 [ 144.417272] ? lock_is_held_type+0xd7/0x130 [ 144.417864] __schedule+0xedd/0x2470 [ 144.418379] ? io_schedule_timeout+0x150/0x150 [ 144.419026] ? find_held_lock+0x2c/0x110 [ 144.419588] ? lock_is_held_type+0xd7/0x130 [ 144.420166] ? __cond_resched+0x17/0x30 [ 144.420732] preempt_schedule_common+0x45/0xc0 [ 144.421341] __cond_resched+0x17/0x30 [ 144.421849] __mutex_lock+0xa3/0x14d0 [ 144.422387] ? lock_is_held_type+0xd7/0x130 [ 144.422997] ? __do_sys_perf_event_open+0x1eec/0x32c0 [ 144.423699] ? mutex_lock_io_nested+0x1310/0x1310 [ 144.424373] ? lock_release+0x3b2/0x750 [ 144.424938] ? __up_read+0x192/0x730 [ 144.425488] ? up_write+0x520/0x520 [ 144.426008] ? _raw_spin_unlock_irqrestore+0x28/0x60 [ 144.426704] __do_sys_perf_event_open+0x1eec/0x32c0 [ 144.427363] ? __up_read+0x192/0x730 [ 144.427859] ? perf_compat_ioctl+0x130/0x130 [ 144.428467] ? up_write+0x520/0x520 [ 144.428996] ? syscall_enter_from_user_mode+0x1d/0x50 [ 144.429709] ? syscall_enter_from_user_mode+0x1d/0x50 [ 144.430426] do_syscall_64+0x3b/0x90 [ 144.430958] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 144.431647] RIP: 0033:0x7f0b9c56ab19 [ 144.432138] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 144.434522] RSP: 002b:00007f0b99ae0188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a [ 144.435556] RAX: ffffffffffffffda RBX: 00007f0b9c67df60 RCX: 00007f0b9c56ab19 [ 144.436513] RDX: ffffffffffffffff RSI: 0000000000000000 RDI: 0000000020000080 [ 144.437460] RBP: 00007f0b9c5c4f6d R08: 0000000000000000 R09: 0000000000000000 [ 144.438400] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000000 [ 144.439362] R13: 00007ffe6f5824af R14: 00007f0b99ae0300 R15: 0000000000022000 [ 144.440360] [ 144.440691] irq event stamp: 526 [ 144.441138] hardirqs last enabled at (525): [] _raw_spin_unlock_irqrestore+0x28/0x60 [ 144.442369] hardirqs last disabled at (526): [] __schedule+0x1225/0x2470 [ 144.443488] softirqs last enabled at (522): [] __irq_exit_rcu+0x11b/0x180 [ 144.444602] softirqs last disabled at (481): [] __irq_exit_rcu+0x11b/0x180 [ 144.445715] ---[ end trace 0000000000000000 ]--- 23:00:08 executing program 5: r0 = openat$ptp0(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0xa) r1 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000380), 0x80802, 0x0) ioctl$PTP_PIN_SETFUNC(r1, 0x40603d07, &(0x7f00000003c0)={'\x00', 0x3, 0x2, 0x5}) ioctl$PTP_PIN_GETFUNC2(r0, 0xc0603d0f, &(0x7f0000000440)={'\x00', 0x6, 0x1, 0x2}) openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0) r2 = syz_open_dev$mouse(&(0x7f0000000080), 0x81, 0x2002) ioctl$PTP_EXTTS_REQUEST(r2, 0x40103d02, &(0x7f00000000c0)={0x6639, 0x3}) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000300), 0x400000, 0x0) ioctl$PTP_EXTTS_REQUEST2(r3, 0x40103d0b, &(0x7f0000000340)={0xfffffffa, 0x1}) close_range(r0, 0xffffffffffffffff, 0x0) r4 = openat$vcsu(0xffffffffffffff9c, &(0x7f0000000100), 0x100, 0x0) sendmsg$BATADV_CMD_GET_BLA_CLAIM(r4, &(0x7f0000000240)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)={0x58, 0x0, 0x800, 0x70bd2a, 0x25dfdbfe, {}, [@BATADV_ATTR_THROUGHPUT_OVERRIDE={0x8, 0x3b, 0x8}, @BATADV_ATTR_ISOLATION_MARK={0x8, 0x2b, 0xffff}, @BATADV_ATTR_AGGREGATED_OGMS_ENABLED={0x5, 0x29, 0x1}, @BATADV_ATTR_DISTRIBUTED_ARP_TABLE_ENABLED={0x5, 0x2f, 0x1}, @BATADV_ATTR_THROUGHPUT_OVERRIDE={0x8, 0x3b, 0x4}, @BATADV_ATTR_ORIG_ADDRESS={0xa, 0x9, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x13}}, @BATADV_ATTR_GW_MODE={0x5, 0x33, 0x1}, @BATADV_ATTR_BRIDGE_LOOP_AVOIDANCE_ENABLED={0x5, 0x2e, 0x1}]}, 0x58}, 0x1, 0x0, 0x0, 0x4008041}, 0x8) [ 144.465521] device syz_tun entered promiscuous mode 23:00:08 executing program 0: r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x200003, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000900100000f000000000000000200000006000000000008000080000020000000d5f4655fd5f4655f0100ffff53ef010001000000d4f4655f000000000000000001000000000000000b0000000004000008000000d2c200001203", 0x66, 0x400}, {&(0x7f0000010100)="00000000000000000000000091b73ef4b8d944c4be6aeaa0d6c47e6c010040", 0x1f, 0x4e0}, {&(0x7f0000010400)="02000000030000000400000019000f000300040000000000000000000f002e69", 0x20, 0x1000}, {&(0x7f0000000040)="ed41000000100000d4f4655fd5f4655fd5f4655f000000000000040080", 0x1d, 0x4400}], 0x0, &(0x7f0000014a00)) ioctl$FS_IOC_SET_ENCRYPTION_POLICY(r0, 0x800c6613, &(0x7f0000000080)=@v2={0x2, @aes128, 0x10, '\x00', @d}) lsetxattr$trusted_overlay_redirect(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x8, 0x3) 23:00:08 executing program 6: keyctl$join(0x1, 0x0) keyctl$join(0x1, &(0x7f0000000000)={'syz', 0x1}) keyctl$join(0x1, &(0x7f0000000040)={'syz', 0x0}) keyctl$join(0x1, &(0x7f0000000080)={'syz', 0x2}) keyctl$join(0x1, &(0x7f00000000c0)={'syz', 0x2}) keyctl$join(0x1, &(0x7f0000000100)={'syz', 0x2}) keyctl$join(0x1, &(0x7f0000000140)={'syz', 0x0}) keyctl$join(0x1, &(0x7f0000000180)={'syz', 0x1}) keyctl$join(0x1, &(0x7f00000001c0)={'syz', 0x2}) keyctl$join(0x1, &(0x7f0000000200)={'syz', 0x0}) keyctl$join(0x1, &(0x7f0000000240)={'syz', 0x1}) keyctl$join(0x1, 0x0) keyctl$join(0x1, 0x0) keyctl$join(0x1, &(0x7f0000000280)={'syz', 0x1}) keyctl$join(0x1, 0x0) keyctl$join(0x1, &(0x7f00000002c0)={'syz', 0x2}) keyctl$join(0x1, 0x0) keyctl$join(0x1, &(0x7f0000000300)={'syz', 0x3}) keyctl$join(0x1, &(0x7f0000000340)={'syz', 0x2}) keyctl$join(0x1, &(0x7f0000000380)={'syz', 0x3}) [ 144.494876] loop0: detected capacity change from 0 to 4096 [ 144.498910] EXT4-fs (loop0): couldn't mount as ext2 due to feature incompatibilities [ 144.575586] loop0: detected capacity change from 0 to 4096 [ 144.576898] device syz_tun left promiscuous mode [ 144.577847] EXT4-fs (loop0): couldn't mount as ext2 due to feature incompatibilities [ 144.602426] device syz_tun entered promiscuous mode [ 144.650444] device syz_tun left promiscuous mode [ 144.666971] netlink: 1 bytes leftover after parsing attributes in process `syz-executor.1'. [ 144.687038] loop2: detected capacity change from 0 to 27 [ 144.687725] SELinux: security_context_str_to_sid (sysadm_u) failed with errno=-22 [ 144.773863] loop2: detected capacity change from 0 to 27 [ 144.774572] SELinux: security_context_str_to_sid (sysadm_u) failed with errno=-22 [ 144.784478] hrtimer: interrupt took 20288 ns VM DIAGNOSIS: 23:00:09 Registers: info registers vcpu 0 RAX=0000000000000029 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff823bb0f1 RDI=ffffffff8765a9a0 RBP=ffffffff8765a960 RSP=ffff88804076f3c0 R8 =0000000000000001 R9 =000000000000000a R10=0000000000000029 R11=0000000000000001 R12=0000000000000029 R13=ffffffff8765a960 R14=0000000000000010 R15=ffffffff823bb0e0 RIP=ffffffff823bb149 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 00007f0b99ae0700 00000000 00000000 GS =0000 ffff88806ce00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=0000555556ee2708 CR3=00000000207ae000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 YMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM01=0000000000000000 0000000000000000 ffffffffffffffff ffffffffffffffff YMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM04=0000000000000000 0000000000000000 0000000000000000 00000000000000ff YMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM06=0000000000000000 0000000000000000 0000000000000000 000000524f525245 YMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM08=0000000000000000 0000000000000000 0000000000000000 00524f5252450040 YMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 RAX=0000000000000001 RBX=dffffc0000000000 RCX=0000000000000000 RDX=ffff88800fec1ac0 RSI=ffffffff84e059a0 RDI=0000000000000000 RBP=ffffffff8487a5c0 RSP=ffff8880186f76e0 R8 =0000000000000000 R9 =0000000000000025 R10=0000000000000025 R11=0000000000000001 R12=ffff8880186f7930 R13=ffffffff8487a5c1 R14=0000000000000000 R15=ffff8880186f77e0 RIP=ffffffff8412ef48 RFL=00000282 [--S----] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 00007f339c952700 00000000 00000000 GS =0000 ffff88806cf00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007fb1c7437f64 CR3=000000001757e000 CR4=00350ee0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 YMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM03=0000000000000000 0000000000000000 3365633630383838 66666666203a3331 YMM04=0000000000000000 0000000000000000 3420303120643720 6438203834206666 YMM05=0000000000000000 0000000000000000 6666206566203561 203965206230203e YMM06=0000000000000000 0000000000000000 3865203030203030 2030302061382034 YMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM08=0000000000000000 0000000000000000 6b636f6c5f646c65 685f646e6966203f YMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000