syzkaller login: [ 42.545529] sshd (243) used greatest stack depth: 24768 bytes left Warning: Permanently added '[localhost]:31347' (ECDSA) to the list of known hosts. 2022/09/16 02:08:51 fuzzer started 2022/09/16 02:08:51 dialing manager at localhost:36559 [ 44.509547] cgroup: Unknown subsys name 'net' [ 44.599686] cgroup: Unknown subsys name 'rlimit' 2022/09/16 02:09:06 syscalls: 2215 2022/09/16 02:09:06 code coverage: enabled 2022/09/16 02:09:06 comparison tracing: enabled 2022/09/16 02:09:06 extra coverage: enabled 2022/09/16 02:09:06 setuid sandbox: enabled 2022/09/16 02:09:06 namespace sandbox: enabled 2022/09/16 02:09:06 Android sandbox: enabled 2022/09/16 02:09:06 fault injection: enabled 2022/09/16 02:09:06 leak checking: enabled 2022/09/16 02:09:06 net packet injection: enabled 2022/09/16 02:09:06 net device setup: enabled 2022/09/16 02:09:06 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2022/09/16 02:09:06 devlink PCI setup: PCI device 0000:00:10.0 is not available 2022/09/16 02:09:06 USB emulation: enabled 2022/09/16 02:09:06 hci packet injection: enabled 2022/09/16 02:09:06 wifi device emulation: failed to parse kernel version (6.0.0-rc5-next-20220915) 2022/09/16 02:09:06 802.15.4 emulation: enabled 2022/09/16 02:09:07 fetching corpus: 50, signal 36863/38577 (executing program) 2022/09/16 02:09:07 fetching corpus: 100, signal 44081/47413 (executing program) 2022/09/16 02:09:07 fetching corpus: 150, signal 50796/55656 (executing program) 2022/09/16 02:09:07 fetching corpus: 200, signal 58829/65088 (executing program) 2022/09/16 02:09:07 fetching corpus: 250, signal 67041/74542 (executing program) 2022/09/16 02:09:07 fetching corpus: 300, signal 71922/80681 (executing program) 2022/09/16 02:09:07 fetching corpus: 350, signal 76750/86681 (executing program) 2022/09/16 02:09:07 fetching corpus: 400, signal 81899/92898 (executing program) 2022/09/16 02:09:08 fetching corpus: 450, signal 86187/98239 (executing program) 2022/09/16 02:09:08 fetching corpus: 500, signal 92593/105526 (executing program) 2022/09/16 02:09:08 fetching corpus: 550, signal 97046/110888 (executing program) 2022/09/16 02:09:08 fetching corpus: 600, signal 101325/116022 (executing program) 2022/09/16 02:09:08 fetching corpus: 650, signal 105322/120846 (executing program) 2022/09/16 02:09:09 fetching corpus: 700, signal 108284/124678 (executing program) 2022/09/16 02:09:09 fetching corpus: 750, signal 110392/127742 (executing program) 2022/09/16 02:09:09 fetching corpus: 800, signal 112488/130764 (executing program) 2022/09/16 02:09:09 fetching corpus: 850, signal 116591/135446 (executing program) 2022/09/16 02:09:09 fetching corpus: 900, signal 119478/139074 (executing program) 2022/09/16 02:09:09 fetching corpus: 950, signal 121866/142182 (executing program) 2022/09/16 02:09:09 fetching corpus: 1000, signal 125538/146434 (executing program) 2022/09/16 02:09:10 fetching corpus: 1050, signal 126823/148583 (executing program) 2022/09/16 02:09:10 fetching corpus: 1100, signal 128365/150938 (executing program) 2022/09/16 02:09:10 fetching corpus: 1150, signal 131133/154237 (executing program) 2022/09/16 02:09:10 fetching corpus: 1200, signal 133421/157150 (executing program) 2022/09/16 02:09:10 fetching corpus: 1250, signal 135580/159897 (executing program) 2022/09/16 02:09:10 fetching corpus: 1300, signal 137355/162288 (executing program) 2022/09/16 02:09:10 fetching corpus: 1350, signal 139191/164722 (executing program) 2022/09/16 02:09:10 fetching corpus: 1400, signal 141094/167157 (executing program) 2022/09/16 02:09:11 fetching corpus: 1450, signal 142272/169009 (executing program) 2022/09/16 02:09:11 fetching corpus: 1500, signal 143443/170823 (executing program) 2022/09/16 02:09:11 fetching corpus: 1550, signal 145348/173233 (executing program) 2022/09/16 02:09:11 fetching corpus: 1600, signal 147585/175880 (executing program) 2022/09/16 02:09:11 fetching corpus: 1650, signal 149088/177914 (executing program) 2022/09/16 02:09:11 fetching corpus: 1700, signal 150420/179829 (executing program) 2022/09/16 02:09:11 fetching corpus: 1750, signal 151660/181671 (executing program) 2022/09/16 02:09:11 fetching corpus: 1800, signal 152922/183427 (executing program) 2022/09/16 02:09:12 fetching corpus: 1850, signal 154900/185731 (executing program) 2022/09/16 02:09:12 fetching corpus: 1900, signal 156793/187896 (executing program) 2022/09/16 02:09:12 fetching corpus: 1950, signal 158243/189760 (executing program) 2022/09/16 02:09:12 fetching corpus: 2000, signal 160308/191960 (executing program) 2022/09/16 02:09:12 fetching corpus: 2050, signal 161574/193582 (executing program) 2022/09/16 02:09:12 fetching corpus: 2100, signal 162674/195140 (executing program) 2022/09/16 02:09:12 fetching corpus: 2150, signal 164844/197289 (executing program) 2022/09/16 02:09:13 fetching corpus: 2200, signal 166126/198880 (executing program) 2022/09/16 02:09:13 fetching corpus: 2250, signal 167398/200571 (executing program) 2022/09/16 02:09:13 fetching corpus: 2300, signal 167901/201622 (executing program) 2022/09/16 02:09:13 fetching corpus: 2350, signal 169960/203732 (executing program) 2022/09/16 02:09:13 fetching corpus: 2400, signal 171241/205264 (executing program) 2022/09/16 02:09:13 fetching corpus: 2450, signal 172084/206467 (executing program) 2022/09/16 02:09:13 fetching corpus: 2500, signal 173121/207839 (executing program) 2022/09/16 02:09:14 fetching corpus: 2550, signal 174668/209542 (executing program) 2022/09/16 02:09:14 fetching corpus: 2600, signal 175775/210931 (executing program) 2022/09/16 02:09:14 fetching corpus: 2650, signal 176619/212148 (executing program) 2022/09/16 02:09:14 fetching corpus: 2700, signal 178504/213898 (executing program) 2022/09/16 02:09:14 fetching corpus: 2750, signal 179314/215024 (executing program) 2022/09/16 02:09:14 fetching corpus: 2800, signal 180317/216267 (executing program) 2022/09/16 02:09:14 fetching corpus: 2850, signal 180948/217290 (executing program) 2022/09/16 02:09:15 fetching corpus: 2900, signal 182010/218556 (executing program) 2022/09/16 02:09:15 fetching corpus: 2950, signal 182720/219599 (executing program) 2022/09/16 02:09:15 fetching corpus: 3000, signal 183707/220744 (executing program) 2022/09/16 02:09:15 fetching corpus: 3050, signal 184484/221766 (executing program) 2022/09/16 02:09:15 fetching corpus: 3100, signal 185650/223023 (executing program) 2022/09/16 02:09:15 fetching corpus: 3150, signal 187042/224391 (executing program) 2022/09/16 02:09:15 fetching corpus: 3200, signal 187766/225352 (executing program) 2022/09/16 02:09:15 fetching corpus: 3250, signal 188239/226166 (executing program) 2022/09/16 02:09:15 fetching corpus: 3300, signal 189598/227540 (executing program) 2022/09/16 02:09:16 fetching corpus: 3350, signal 190863/228734 (executing program) 2022/09/16 02:09:16 fetching corpus: 3400, signal 191796/229788 (executing program) 2022/09/16 02:09:16 fetching corpus: 3450, signal 192805/230860 (executing program) 2022/09/16 02:09:16 fetching corpus: 3500, signal 193734/231841 (executing program) 2022/09/16 02:09:16 fetching corpus: 3550, signal 194761/232873 (executing program) 2022/09/16 02:09:16 fetching corpus: 3600, signal 195810/233889 (executing program) 2022/09/16 02:09:16 fetching corpus: 3650, signal 196606/234769 (executing program) 2022/09/16 02:09:17 fetching corpus: 3700, signal 197490/235702 (executing program) 2022/09/16 02:09:17 fetching corpus: 3750, signal 198909/236813 (executing program) 2022/09/16 02:09:17 fetching corpus: 3800, signal 199847/237730 (executing program) 2022/09/16 02:09:17 fetching corpus: 3850, signal 200822/238666 (executing program) 2022/09/16 02:09:17 fetching corpus: 3900, signal 201631/239496 (executing program) 2022/09/16 02:09:17 fetching corpus: 3950, signal 202417/240307 (executing program) 2022/09/16 02:09:17 fetching corpus: 4000, signal 203216/241121 (executing program) 2022/09/16 02:09:18 fetching corpus: 4050, signal 204939/242246 (executing program) 2022/09/16 02:09:18 fetching corpus: 4100, signal 205733/242999 (executing program) 2022/09/16 02:09:18 fetching corpus: 4150, signal 206293/243675 (executing program) 2022/09/16 02:09:18 fetching corpus: 4200, signal 207545/244577 (executing program) 2022/09/16 02:09:18 fetching corpus: 4250, signal 208235/245336 (executing program) 2022/09/16 02:09:18 fetching corpus: 4300, signal 208814/245946 (executing program) 2022/09/16 02:09:18 fetching corpus: 4350, signal 209452/246620 (executing program) 2022/09/16 02:09:19 fetching corpus: 4400, signal 210686/247462 (executing program) 2022/09/16 02:09:19 fetching corpus: 4450, signal 211322/248099 (executing program) 2022/09/16 02:09:19 fetching corpus: 4500, signal 211979/248753 (executing program) 2022/09/16 02:09:19 fetching corpus: 4550, signal 212447/249318 (executing program) 2022/09/16 02:09:19 fetching corpus: 4600, signal 213114/249915 (executing program) 2022/09/16 02:09:19 fetching corpus: 4650, signal 213756/250511 (executing program) 2022/09/16 02:09:19 fetching corpus: 4700, signal 214338/251056 (executing program) 2022/09/16 02:09:19 fetching corpus: 4750, signal 215143/251664 (executing program) 2022/09/16 02:09:20 fetching corpus: 4800, signal 215725/252224 (executing program) 2022/09/16 02:09:20 fetching corpus: 4850, signal 216450/252801 (executing program) 2022/09/16 02:09:20 fetching corpus: 4900, signal 217487/253463 (executing program) 2022/09/16 02:09:20 fetching corpus: 4950, signal 218475/254105 (executing program) 2022/09/16 02:09:20 fetching corpus: 5000, signal 219185/254598 (executing program) 2022/09/16 02:09:20 fetching corpus: 5050, signal 219545/255036 (executing program) 2022/09/16 02:09:20 fetching corpus: 5100, signal 219959/255493 (executing program) 2022/09/16 02:09:20 fetching corpus: 5150, signal 220462/255945 (executing program) 2022/09/16 02:09:21 fetching corpus: 5200, signal 221296/256442 (executing program) 2022/09/16 02:09:21 fetching corpus: 5250, signal 221822/256915 (executing program) 2022/09/16 02:09:21 fetching corpus: 5300, signal 222596/257438 (executing program) 2022/09/16 02:09:21 fetching corpus: 5350, signal 223362/257991 (executing program) 2022/09/16 02:09:21 fetching corpus: 5400, signal 223730/258392 (executing program) 2022/09/16 02:09:21 fetching corpus: 5450, signal 224621/259015 (executing program) 2022/09/16 02:09:21 fetching corpus: 5500, signal 225104/259436 (executing program) 2022/09/16 02:09:21 fetching corpus: 5550, signal 225601/259801 (executing program) 2022/09/16 02:09:22 fetching corpus: 5600, signal 226152/260211 (executing program) 2022/09/16 02:09:22 fetching corpus: 5650, signal 227027/260643 (executing program) 2022/09/16 02:09:22 fetching corpus: 5700, signal 227636/261005 (executing program) 2022/09/16 02:09:22 fetching corpus: 5750, signal 228475/261393 (executing program) 2022/09/16 02:09:22 fetching corpus: 5800, signal 229108/261740 (executing program) 2022/09/16 02:09:22 fetching corpus: 5850, signal 230045/262054 (executing program) 2022/09/16 02:09:23 fetching corpus: 5900, signal 230348/262339 (executing program) 2022/09/16 02:09:23 fetching corpus: 5950, signal 230940/262650 (executing program) 2022/09/16 02:09:23 fetching corpus: 6000, signal 231866/262962 (executing program) 2022/09/16 02:09:23 fetching corpus: 6050, signal 232633/263394 (executing program) 2022/09/16 02:09:23 fetching corpus: 6100, signal 233087/263668 (executing program) 2022/09/16 02:09:23 fetching corpus: 6150, signal 233903/263972 (executing program) 2022/09/16 02:09:23 fetching corpus: 6200, signal 234516/264278 (executing program) 2022/09/16 02:09:23 fetching corpus: 6250, signal 235018/264642 (executing program) 2022/09/16 02:09:24 fetching corpus: 6300, signal 235511/264881 (executing program) 2022/09/16 02:09:24 fetching corpus: 6350, signal 235922/265159 (executing program) 2022/09/16 02:09:24 fetching corpus: 6400, signal 236422/265411 (executing program) 2022/09/16 02:09:24 fetching corpus: 6450, signal 236854/265578 (executing program) 2022/09/16 02:09:24 fetching corpus: 6500, signal 237369/265580 (executing program) 2022/09/16 02:09:24 fetching corpus: 6550, signal 237914/265590 (executing program) 2022/09/16 02:09:24 fetching corpus: 6600, signal 239098/265613 (executing program) 2022/09/16 02:09:24 fetching corpus: 6650, signal 239437/265640 (executing program) 2022/09/16 02:09:24 fetching corpus: 6700, signal 239940/265673 (executing program) 2022/09/16 02:09:25 fetching corpus: 6750, signal 240815/265674 (executing program) 2022/09/16 02:09:25 fetching corpus: 6800, signal 241136/265721 (executing program) 2022/09/16 02:09:25 fetching corpus: 6850, signal 241820/265722 (executing program) 2022/09/16 02:09:25 fetching corpus: 6900, signal 242327/265771 (executing program) 2022/09/16 02:09:25 fetching corpus: 6950, signal 242930/265802 (executing program) 2022/09/16 02:09:25 fetching corpus: 7000, signal 243351/265805 (executing program) 2022/09/16 02:09:25 fetching corpus: 7050, signal 243650/265805 (executing program) 2022/09/16 02:09:25 fetching corpus: 7100, signal 244072/265812 (executing program) 2022/09/16 02:09:26 fetching corpus: 7150, signal 244619/265826 (executing program) 2022/09/16 02:09:26 fetching corpus: 7200, signal 245156/265830 (executing program) 2022/09/16 02:09:26 fetching corpus: 7250, signal 245584/265834 (executing program) 2022/09/16 02:09:26 fetching corpus: 7300, signal 245942/265843 (executing program) 2022/09/16 02:09:26 fetching corpus: 7350, signal 246250/265846 (executing program) 2022/09/16 02:09:26 fetching corpus: 7400, signal 246774/265875 (executing program) 2022/09/16 02:09:27 fetching corpus: 7450, signal 247256/265909 (executing program) 2022/09/16 02:09:27 fetching corpus: 7500, signal 247642/265910 (executing program) 2022/09/16 02:09:27 fetching corpus: 7550, signal 248192/265970 (executing program) 2022/09/16 02:09:27 fetching corpus: 7567, signal 248444/265970 (executing program) 2022/09/16 02:09:27 fetching corpus: 7567, signal 248444/265970 (executing program) 2022/09/16 02:09:29 starting 8 fuzzer processes 02:09:29 executing program 0: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/crypto\x00', 0x0, 0x0) ioctl$SCSI_IOCTL_START_UNIT(r0, 0x5) sendfile(r0, 0xffffffffffffffff, &(0x7f0000000040)=0xfc00000000000, 0x9) ioctl$VFAT_IOCTL_READDIR_SHORT(r0, 0x82307202, &(0x7f0000000080)=[{0x0, 0x0, 0x100}, {0x0, 0x0, 0x100}]) ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f0000000340)={r0, 0x0, 0x5, 0x7fffffff}) mount$9p_fd(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000300), 0x10008, &(0x7f0000000380)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r0}, 0x2c, {[{@access_client}, {@dfltgid}], [{@context={'context', 0x3d, 'user_u'}}, {@defcontext={'defcontext', 0x3d, 'user_u'}}, {@fowner_lt={'fowner<', 0xffffffffffffffff}}, {@dont_appraise}]}}) r2 = eventfd(0x6) r3 = accept(r1, &(0x7f0000000440)=@sco, &(0x7f00000004c0)=0x80) ioctl$AUTOFS_DEV_IOCTL_VERSION(r0, 0xc0189371, &(0x7f0000000500)={{0x1, 0x1, 0x18, r0}, './file0\x00'}) r5 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f00000005c0)={0x9, &(0x7f0000000540)=[{0x40, 0x6, 0x0, 0x3}, {0x2, 0x7d, 0x0, 0x4f9db716}, {0x4, 0x5, 0xc6, 0x4}, {0x5, 0x2, 0x4, 0x800}, {0x6, 0x99, 0x81, 0x100}, {0x4, 0x1, 0x1, 0x7}, {0x1f, 0xff, 0x1, 0x20}, {0xc112, 0x2, 0x6, 0x5}, {0x6, 0x1, 0x0, 0x4}]}) r6 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000600), 0x0, 0x0) ioctl$FIDEDUPERANGE(r0, 0xc0189436, &(0x7f0000000640)={0x4, 0x5, 0xa, 0x0, 0x0, [{{r0}}, {{r2}, 0x1}, {{r3}, 0xddf4}, {{r1}, 0x4000000000000000}, {{r4}, 0x2}, {{r5}, 0x2}, {{}, 0x1f}, {{r1}, 0x7}, {{r0}, 0x1}, {{r6}, 0x1}]}) ioctl$SCSI_IOCTL_DOORUNLOCK(r0, 0x5381) r7 = openat$nvram(0xffffffffffffff9c, &(0x7f00000007c0), 0x1, 0x0) fcntl$notify(r7, 0x402, 0x12) mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x3000008, 0x10, r6, 0x4f9f9000) ioctl$BTRFS_IOC_GET_SUPPORTED_FEATURES(r3, 0x80489439, &(0x7f0000000800)) r8 = socket(0x6, 0x6, 0x7) ioctl$FS_IOC_GETFSMAP(r8, 0xc0c0583b, &(0x7f0000000880)={0x0, 0x0, 0x3, 0x0, '\x00', [{0x5, 0x6, 0x400, 0x3, 0x9, 0x7f}, {0x7, 0x3, 0x7, 0x100000000, 0x4, 0x61f2ef29}], ['\x00', '\x00', '\x00']}) ioctl$TIOCGPTPEER(r6, 0x5441, 0x5) 02:09:29 executing program 1: mkdir(&(0x7f0000000000)='./file0\x00', 0x23) stat(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)) utime(&(0x7f0000000100)='./file0\x00', &(0x7f0000000140)={0xc462, 0x70}) syz_io_uring_setup(0x328d, &(0x7f0000000180)={0x0, 0xc9b4, 0x0, 0x0, 0x244}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000200), &(0x7f0000000240)=0x0) syz_io_uring_submit(0x0, r0, &(0x7f0000000300)=@IORING_OP_OPENAT2={0x1c, 0x3, 0x0, 0xffffffffffffff9c, &(0x7f0000000280)={0x10001, 0xa4, 0x11}, &(0x7f00000002c0)='./file0\x00', 0x18, 0x0, 0x12345}, 0xffff) stat(&(0x7f0000000340)='./file0\x00', &(0x7f0000000380)) r1 = creat(&(0x7f0000000400)='./file0\x00', 0x100) r2 = syz_io_uring_setup(0x3775, &(0x7f0000000440)={0x0, 0xab1a, 0x2, 0x3, 0x1ef, 0x0, r1}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f00000004c0)=0x0, &(0x7f0000000500)=0x0) syz_io_uring_submit(r3, r4, &(0x7f0000000680)=@IORING_OP_STATX={0x15, 0x1, 0x0, 0xffffffffffffffff, &(0x7f0000000540), &(0x7f0000000640)='./file0\x00', 0x2, 0x100}, 0xff) ioctl$F2FS_IOC_MOVE_RANGE(r2, 0xc020f509, &(0x7f00000006c0)={r1, 0x0, 0x1, 0x5}) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x0, 0x1010, r5, 0x0) r6 = syz_io_uring_setup(0x7f0b, &(0x7f0000000700)={0x0, 0xc451, 0x8, 0x3, 0x1f0, 0x0, r5}, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000780), &(0x7f00000007c0)) ioctl$RNDGETENTCNT(r5, 0x80045200, &(0x7f0000000800)) r7 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) ioctl$sock_SIOCSIFVLAN_SET_VLAN_NAME_TYPE_CMD(r7, 0x8983, &(0x7f0000000840)={0x6, 'veth1_to_bridge\x00', {0x7f}, 0x1ff}) ioctl$TIOCL_SETSEL(r1, 0x541c, &(0x7f0000000880)={0x2, {0x2, 0x401, 0x1ff, 0x1}}) bind$802154_dgram(r5, &(0x7f00000008c0)={0x24, @short={0x2, 0x0, 0xfffe}}, 0x14) io_uring_enter(r6, 0x24b6, 0x6e8b, 0x2, &(0x7f0000000900)={[0x7]}, 0x8) ioctl$ifreq_SIOCGIFINDEX_team(r7, 0x8933, &(0x7f0000000940)) inotify_add_watch(r1, &(0x7f0000000980)='./file0\x00', 0x2000400) [ 82.825818] audit: type=1400 audit(1663294169.879:6): avc: denied { execmem } for pid=286 comm="syz-executor.0" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1 02:09:29 executing program 2: r0 = fsmount(0xffffffffffffffff, 0x0, 0x78) ioctl$BLKIOOPT(r0, 0x1279, &(0x7f0000000000)) r1 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0) flistxattr(r1, &(0x7f0000000080)=""/84, 0x54) ioctl$FS_IOC_SETVERSION(r0, 0x40087602, &(0x7f0000000100)=0x4) r2 = inotify_init() ioctl$BTRFS_IOC_FS_INFO(r2, 0x8400941f, &(0x7f0000000140)) pread64(r2, &(0x7f0000000540)=""/4, 0x4, 0x3ff) r3 = socket$inet6_icmp(0xa, 0x2, 0x3a) fsetxattr$trusted_overlay_opaque(r3, &(0x7f0000000580), &(0x7f00000005c0), 0x2, 0x1) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000600)='dctcp-reno\x00', 0xb) fsopen(&(0x7f0000000640)='btrfs\x00', 0x0) r4 = openat$nvram(0xffffffffffffff9c, &(0x7f0000000680), 0x50802, 0x0) fcntl$setpipe(r4, 0x407, 0x7) ioctl$AUTOFS_DEV_IOCTL_VERSION(0xffffffffffffffff, 0xc0189371, &(0x7f00000006c0)={{0x1, 0x1, 0x18, r2}, './file0\x00'}) write$binfmt_misc(r4, &(0x7f0000000700)={'syz1', "e3090f77368cd7b078df9c47902858fe4c022dd5dff146859f050c2743e16cba7b32e022e9d65fce086ef76d8b7dbaac041eca863efbc0ec4af77dd738c08331cc59f90e595fa989ea950156d41fa74802212ed901d9"}, 0x5a) syz_io_uring_setup(0x77e3, &(0x7f0000000780)={0x0, 0xb01d, 0x1, 0x1, 0x12b, 0x0, r1}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000000800), &(0x7f0000000840)=0x0) syz_io_uring_submit(0x0, r6, &(0x7f00000008c0)=@IORING_OP_EPOLL_CTL=@mod={0x1d, 0x0, 0x0, r1, &(0x7f0000000880)={0x10000000}, r5, 0x3, 0x0, 0x1}, 0x57) r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000940), r0) sendmsg$NL80211_CMD_SET_MPATH(r1, &(0x7f0000000a40)={&(0x7f0000000900)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000a00)={&(0x7f0000000980)={0x44, r7, 0x200, 0x70bd2c, 0x25dfdbfe, {{}, {@void, @void}}, [@NL80211_ATTR_MPATH_NEXT_HOP={0xa, 0x1a, @broadcast}, @NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_MAC={0xa}]}, 0x44}, 0x1, 0x0, 0x0, 0x4044014}, 0x40000) 02:09:29 executing program 3: r0 = gettid() pipe(&(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) perf_event_open(&(0x7f0000000040)={0x3, 0x80, 0x89, 0x0, 0x3, 0xfd, 0x0, 0xe47, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x2, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0xffffffff, 0x0, @perf_bp={&(0x7f0000000000), 0x2}, 0x10108, 0x8, 0xffff, 0x8, 0x3, 0x8, 0x5, 0x0, 0x20, 0x0, 0x20}, r0, 0x4, r1, 0x1) getsockopt$inet_IP_XFRM_POLICY(r2, 0x0, 0x11, &(0x7f0000000140)={{{@in=@loopback, @in6=@empty, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@empty}, 0x0, @in6=@initdev}}, &(0x7f0000000240)=0xe8) getsockopt$inet_IP_XFRM_POLICY(r2, 0x0, 0x11, &(0x7f0000000280)={{{@in6=@loopback, @in6=@initdev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{}, 0x0, @in6=@empty}}, &(0x7f0000000380)=0xe8) getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f00000003c0)={0x0, 0x0, 0x0}, &(0x7f0000000400)=0xc) r6 = getegid() recvmmsg$unix(r1, &(0x7f0000005680)=[{{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000440)=""/132, 0x84}, {&(0x7f0000000500)=""/100, 0x64}, {&(0x7f0000000580)=""/19, 0x13}, {&(0x7f00000005c0)=""/111, 0x6f}], 0x4, &(0x7f0000000680)=[@cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x20, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0x80}}, {{0x0, 0x0, &(0x7f0000001780)=[{&(0x7f0000000700)=""/32, 0x20}, {&(0x7f0000000740)}, {&(0x7f0000000780)=""/4096, 0x1000}], 0x3}}, {{&(0x7f00000017c0), 0x6e, &(0x7f0000001c40)=[{&(0x7f0000001840)=""/146, 0x92}, {&(0x7f0000001900)=""/249, 0xf9}, {&(0x7f0000001a00)=""/85, 0x55}, {&(0x7f0000001a80)=""/117, 0x75}, {&(0x7f0000001b00)=""/245, 0xf5}, {&(0x7f0000001c00)=""/35, 0x23}], 0x6, &(0x7f0000001cc0)=[@cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x2c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c, 0x1, 0x2, {0x0}}}, @rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0x0, 0x0}}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x10}}], 0x128}}, {{&(0x7f0000001e00), 0x6e, &(0x7f0000005100)=[{&(0x7f0000001e80)=""/65, 0x41}, {&(0x7f0000001f00)=""/60, 0x3c}, {&(0x7f0000001f40)=""/221, 0xdd}, {&(0x7f0000002040)=""/119, 0x77}, {&(0x7f00000020c0)=""/4096, 0x1000}, {&(0x7f00000030c0)=""/52, 0x34}, {&(0x7f0000003100)=""/4096, 0x1000}, {&(0x7f0000004100)=""/4096, 0x1000}], 0x8}}, {{&(0x7f0000005180), 0x6e, &(0x7f0000005340)=[{&(0x7f0000005200)=""/114, 0x72}, {&(0x7f0000005280)}, {&(0x7f00000052c0)=""/47, 0x2f}, {&(0x7f0000005300)=""/54, 0x36}], 0x4, &(0x7f0000005380)=[@rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0x38}}, {{&(0x7f00000053c0), 0x6e, &(0x7f0000005600)=[{&(0x7f0000005440)=""/163, 0xa3}, {&(0x7f0000005500)=""/139, 0x8b}, {&(0x7f00000055c0)=""/15, 0xf}], 0x3, &(0x7f0000005640)=[@rights={{0x34, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0x38}}], 0x6, 0x2102, &(0x7f0000005800)={0x77359400}) fsetxattr$system_posix_acl(r2, &(0x7f0000000100)='system.posix_acl_access\x00', &(0x7f0000005840)={{}, {0x1, 0x6}, [{0x2, 0x0, r3}, {0x2, 0x4, r4}, {0x2, 0x658711e3d3be13e5, 0xee01}, {0x2, 0x5, 0xee01}], {}, [{0x8, 0x6, r5}, {0x8, 0x1}, {0x8, 0x1, r6}, {0x8, 0x2, 0xffffffffffffffff}, {0x8, 0x1, r12}, {0x8, 0x2}], {0x10, 0x4}, {0x20, 0x5}}, 0x74, 0x2) execveat(r14, &(0x7f00000058c0)='./file0\x00', &(0x7f0000005940)=[&(0x7f0000005900)='}\x00'], &(0x7f0000005a40)=[&(0x7f0000005980)='system.posix_acl_access\x00', &(0x7f00000059c0)='system.posix_acl_access\x00', &(0x7f0000005a00)=']])\x00'], 0x1000) name_to_handle_at(r13, &(0x7f0000005a80)='./file0\x00', &(0x7f0000005ac0)=@ceph_nfs_fh={0x8, 0x1, {0x2}}, &(0x7f0000005b00), 0x400) getsockopt$sock_cred(r11, 0x1, 0x11, &(0x7f0000005b40), &(0x7f0000005b80)=0xc) dup(r9) r15 = syz_io_uring_complete(0x0) perf_event_open(&(0x7f0000005c00)={0x2, 0x80, 0x3, 0x4c, 0x1, 0xc8, 0x0, 0x5, 0x1088, 0x2, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0xfffffff9, 0x0, @perf_bp={&(0x7f0000005bc0), 0xb}, 0x51602, 0xffffffff, 0xfffffffe, 0x0, 0x9, 0x10000000, 0x6, 0x0, 0x0, 0x0, 0x5}, r10, 0xffffffffffffffff, r15, 0x2) r16 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000005d00), 0x123200, 0x0) r17 = perf_event_open$cgroup(&(0x7f0000005d40)={0x5, 0x80, 0x1f, 0x1f, 0xff, 0x6, 0x0, 0x1, 0xa0, 0xc, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x9, 0x0, @perf_config_ext={0x1000, 0x3f}, 0x40a, 0x7ff, 0x6, 0x1, 0x44, 0x0, 0x3f, 0x0, 0x2b, 0x0, 0x800}, r7, 0xf, 0xffffffffffffffff, 0xb) perf_event_open$cgroup(&(0x7f0000005c80)={0x2, 0x80, 0x8, 0xfc, 0x5, 0x83, 0x0, 0x3, 0x2240, 0x6, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x8, 0x0, @perf_config_ext={0x1, 0x5}, 0x4004, 0x1, 0x1, 0x6, 0x8, 0x5, 0x2, 0x0, 0x100, 0x0, 0x3}, r16, 0xf, r17, 0x1) r18 = mmap$IORING_OFF_CQ_RING(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x7, 0x10, r8, 0x8000000) syz_io_uring_submit(r18, 0x0, &(0x7f0000005dc0)=@IORING_OP_NOP={0x0, 0x1}, 0x0) 02:09:29 executing program 6: sched_getattr(0x0, &(0x7f0000000000)={0x38}, 0x38, 0x0) recvmmsg$unix(0xffffffffffffffff, &(0x7f0000002c80)=[{{&(0x7f0000000040), 0x6e, &(0x7f0000000340)=[{&(0x7f00000000c0)=""/126, 0x7e}, {&(0x7f0000000140)=""/159, 0x9f}, {&(0x7f0000000200)=""/55, 0x37}, {&(0x7f0000000240)=""/220, 0xdc}], 0x4}}, {{&(0x7f0000000380), 0x6e, &(0x7f00000014c0)=[{&(0x7f0000000400)=""/152, 0x98}, {&(0x7f00000004c0)=""/4096, 0x1000}], 0x2, &(0x7f0000001500)=[@rights={{0x10}}], 0x10}}, {{0x0, 0x0, &(0x7f0000001600)=[{&(0x7f0000001540)=""/24, 0x18}, {&(0x7f0000001580)=""/47, 0x2f}, {&(0x7f00000015c0)=""/19, 0x13}], 0x3, &(0x7f0000001640)=[@rights={{0x34, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c, 0x1, 0x2, {0x0}}}, @cred={{0x1c}}, @cred={{0x1c, 0x1, 0x2, {0x0}}}, @rights={{0x2c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}], 0xe8}}, {{0x0, 0x0, &(0x7f0000001a00)=[{&(0x7f0000001740)=""/133, 0x85}, {&(0x7f0000001800)=""/121, 0x79}, {&(0x7f0000001880)=""/73, 0x49}, {&(0x7f0000001900)=""/195, 0xc3}], 0x4, &(0x7f0000001a40)=[@rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x2c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0x48}}, {{&(0x7f0000001ac0), 0x6e, &(0x7f0000002b40)=[{&(0x7f0000001b40)=""/4096, 0x1000}], 0x1, &(0x7f0000002b80)=[@rights={{0x20, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c, 0x1, 0x2, {0x0}}}, @cred={{0x1c}}, @cred={{0x1c, 0x1, 0x2, {0x0}}}, @cred={{0x1c}}, @cred={{0x1c, 0x1, 0x2, {0x0}}}], 0xd8}}], 0x5, 0x40000000, &(0x7f0000002dc0)={0x77359400}) sched_getattr(r2, &(0x7f0000002e00)={0x38}, 0x38, 0x0) fcntl$addseals(r4, 0x409, 0x5) process_vm_writev(r8, &(0x7f0000002f40)=[{&(0x7f0000002e40)=""/53, 0x35}, {&(0x7f0000002e80)=""/117, 0x75}, {&(0x7f0000002f00)=""/59, 0x3b}], 0x3, &(0x7f0000003200)=[{&(0x7f0000002f80)=""/200, 0xc8}, {&(0x7f0000003080)=""/13, 0xd}, {&(0x7f00000030c0)=""/104, 0x68}, {&(0x7f0000003140)=""/118, 0x76}, {&(0x7f00000031c0)=""/6, 0x6}], 0x5, 0x0) r10 = openat$cgroup_procs(r5, &(0x7f0000003280)='cgroup.procs\x00', 0x2, 0x0) fcntl$addseals(r10, 0x409, 0x9) r11 = getpid() process_vm_writev(r11, &(0x7f0000003980)=[{&(0x7f0000003840)=""/57, 0x39}, {&(0x7f0000003880)=""/218, 0xda}], 0x2, &(0x7f0000003b00)=[{&(0x7f00000039c0)=""/76, 0x4c}, {&(0x7f0000003a40)=""/131, 0x83}], 0x2, 0x0) preadv2(r1, &(0x7f0000003e00)=[{&(0x7f0000003b40)}, {&(0x7f0000003b80)=""/178, 0xb2}, {&(0x7f0000003c40)=""/50, 0x32}, {&(0x7f0000003c80)=""/123, 0x7b}, {&(0x7f0000003d00)=""/205, 0xcd}], 0x5, 0xc7d, 0xfffffffd, 0x2) process_vm_writev(r11, &(0x7f0000004080)=[{&(0x7f0000003e80)=""/89, 0x59}, {&(0x7f0000003f00)=""/197, 0xc5}, {&(0x7f0000004000)=""/62, 0x3e}, {&(0x7f0000004040)=""/8, 0x8}], 0x4, &(0x7f0000004240)=[{&(0x7f00000040c0)=""/211, 0xd3}, {&(0x7f00000041c0)=""/127, 0x7f}], 0x2, 0x0) r12 = socket$nl_sock_diag(0x10, 0x3, 0x4) fcntl$getown(r12, 0x9) process_vm_writev(r3, &(0x7f0000004680)=[{&(0x7f0000004280)=""/144, 0x90}, {&(0x7f0000004340)=""/228, 0xe4}, {&(0x7f0000004440)=""/230, 0xe6}, {&(0x7f0000004540)=""/214, 0xd6}, {&(0x7f0000004640)=""/19, 0x13}], 0x5, &(0x7f0000004800)=[{&(0x7f0000004700)=""/248, 0xf8}], 0x1, 0x0) process_vm_writev(r7, &(0x7f0000004a80)=[{&(0x7f0000004840)=""/16, 0x10}, {&(0x7f0000004880)=""/146, 0x92}, {&(0x7f0000004940)=""/83, 0x53}, {&(0x7f00000049c0)=""/190, 0xbe}], 0x4, &(0x7f0000004e80)=[{&(0x7f0000004ac0)=""/83, 0x53}, {&(0x7f0000004b40)=""/162, 0xa2}, {&(0x7f0000004c00)=""/73, 0x49}, {&(0x7f0000004c80)=""/185, 0xb9}, {&(0x7f0000004d40)}, {&(0x7f0000004d80)=""/205, 0xcd}], 0x6, 0x0) process_vm_writev(r2, &(0x7f0000004fc0)=[{&(0x7f0000004f00)=""/84, 0x54}, {&(0x7f0000004f80)=""/8, 0x8}], 0x2, &(0x7f0000005240)=[{&(0x7f0000005000)=""/152, 0x98}, {&(0x7f00000050c0)=""/90, 0x5a}, {&(0x7f0000005140)=""/39, 0x27}, {&(0x7f0000005180)=""/31, 0x1f}, {&(0x7f00000051c0)=""/38, 0x26}, {&(0x7f0000005200)=""/24, 0x18}], 0x6, 0x0) r13 = fcntl$getown(r6, 0x9) process_vm_writev(r13, &(0x7f0000005340)=[{&(0x7f00000052c0)=""/68, 0x44}], 0x1, &(0x7f00000053c0)=[{&(0x7f0000005380)=""/42, 0x2a}], 0x1, 0x0) sendmsg$NFT_MSG_GETOBJ_RESET(r0, &(0x7f0000005500)={&(0x7f0000005400)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f00000054c0)={&(0x7f0000005440)={0x7c, 0x15, 0xa, 0x801, 0x0, 0x0, {0x5, 0x0, 0x3}, [@NFTA_OBJ_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_OBJ_NAME={0x9, 0x2, 'syz2\x00'}, @NFTA_OBJ_NAME={0x9, 0x2, 'syz2\x00'}, @NFTA_OBJ_NAME={0x9, 0x2, 'syz0\x00'}, @NFTA_OBJ_HANDLE={0xc, 0x6, 0x1, 0x0, 0x1}, @NFTA_OBJ_TYPE={0x8, 0x3, 0x1, 0x0, 0xa}, @NFTA_OBJ_TYPE={0x8, 0x3, 0x1, 0x0, 0x5}, @NFTA_OBJ_TYPE={0x8, 0x3, 0x1, 0x0, 0x7}, @NFTA_OBJ_TYPE={0x8, 0x3, 0x1, 0x0, 0x5}, @NFTA_OBJ_HANDLE={0xc, 0x6, 0x1, 0x0, 0x4}]}, 0x7c}, 0x1, 0x0, 0x0, 0x24000041}, 0x40010) process_vm_writev(r9, &(0x7f0000006840)=[{&(0x7f0000005540)=""/4096, 0x1000}, {&(0x7f0000006540)=""/132, 0x84}, {&(0x7f0000006600)=""/189, 0xbd}, {&(0x7f00000066c0)=""/85, 0x55}, {&(0x7f0000006740)=""/170, 0xaa}, {&(0x7f0000006800)=""/64, 0x40}], 0x6, &(0x7f0000006900)=[{&(0x7f00000068c0)=""/61, 0x3d}], 0x1, 0x0) 02:09:29 executing program 4: sendmsg$NFQNL_MSG_CONFIG(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x14, 0x2, 0x3, 0x5, 0x0, 0x0, {0x1, 0x0, 0x2}}, 0x14}, 0x1, 0x0, 0x0, 0x1000}, 0x4000000) sendmsg$OSF_MSG_REMOVE(0xffffffffffffffff, &(0x7f0000001200)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f00000011c0)={&(0x7f0000000140)={0x1060, 0x1, 0x5, 0xcfb1b2fd37ccf61c, 0x0, 0x0, {0x0, 0x0, 0x8}, [{{0x254, 0x1, {{0x3, 0x1}, 0x40, 0x8, 0x8, 0x1, 0x20, 'syz1\x00', "ea3545d67921e5d02f92fdc608a9d01fb0f510783d10b6fbb01f8b0a0c6b83e7", "5d337e44cb652c2525d1d424b5d24dbcfaf83edb727b1d1121f64bfb55feff45", [{0x7, 0x8, {0x2, 0x7fff}}, {0x100, 0xfff, {0x2, 0x101}}, {0x100, 0xffff, {0x3, 0xffffff7f}}, {0x3, 0x9, {0x3, 0x401}}, {0x4, 0x9, {0x3, 0x5d7f0}}, {0x7fff, 0xfc4a, {0x2}}, {0x2, 0x0, {0x2, 0x1}}, {0xfe00, 0x2, {0x3, 0x7}}, {0x0, 0x1f, {0x3, 0x7}}, {0x0, 0xea, {0x0, 0x7fff}}, {0x800, 0x23, {0x3, 0x6}}, {0xeb6, 0x3f, {0x1, 0xfffffffc}}, {0x5, 0x57, {0x1, 0x63}}, {0x7fff, 0x9, {0x2}}, {0x0, 0x8, {0x1, 0xc6c2}}, {0x454, 0x3f}, {0x0, 0x4000, {0x0, 0x10001}}, {0xf800, 0x46, {0x0, 0xffffff81}}, {0x3, 0x6, {0x1, 0x9}}, {0x2, 0x4b, {0x0, 0x8}}, {0x8, 0x80, {0x1, 0x6}}, {0x7ff, 0x200, {0x1, 0x1}}, {0x1000, 0xfd, {0x2, 0x9}}, {0x7, 0x100, {0x1, 0xfffffffe}}, {0x8000, 0x9, {0x1, 0x80000000}}, {0x8, 0xd37, {0xb05beec266dea865, 0xffff59ea}}, {0x5, 0x4, {0x1, 0x7e6}}, {0x2, 0xff, {0x3, 0x9}}, {0x19, 0x7, {0x1, 0x400}}, {0x7, 0x81, {0x0, 0x7}}, {0x941f, 0x80, {0x0, 0x1}}, {0x3, 0x1f, {0x0, 0x61}}, {0x7, 0x5, {0x1, 0x5}}, {0x40, 0x9, {0x2, 0x9}}, {0x980, 0xff, {0x3, 0x7fff}}, {0x200, 0x9, {0x2}}, {0x1000, 0x90, {0x3, 0x2}}, {0x3, 0xfff7, {0x2, 0x6}}, {0x6, 0x4, {0x2, 0x5}}, {0xfff, 0x3, {0x3, 0xffff}}]}}}, {{0x254, 0x1, {{0x2, 0x400}, 0x3, 0x80, 0x6, 0x3, 0xf, 'syz1\x00', "dd66dd8d215b9a3984c2cad8b2daec934771730ada24ddebd38ba42c826b8f86", "100b42c03a11ec01fc0dfc0e1dd2f084ee89b90d5d548d836372616cd02ec97b", [{0x4, 0xfff, {0x1, 0x7ff}}, {0x3, 0x8d, {0x1, 0x3}}, {0xfffc, 0x5521, {0x0, 0x3fcf}}, {0xffff, 0x7, {0x2, 0x4}}, {0x2, 0x5, {0x2, 0x401}}, {0x5, 0x6, {0x0, 0x80000000}}, {0x0, 0x4, {0x3, 0x3}}, {0x1, 0x1000, {0x1, 0x6}}, {0x1, 0x96, {0x2, 0xe7}}, {0x3ff, 0xd15d, {0x0, 0x1ff}}, {0x9, 0x5, {0x1, 0x6}}, {0x3ff, 0x8000, {0x3}}, {0x3ff, 0x3, {0x2, 0x68a}}, {0xf2, 0x400, {0x0, 0x10001}}, {0x80, 0x86, {0x1, 0x7ff}}, {0x400, 0x200, {0x3, 0x80000000}}, {0x1, 0x8000, {0x3, 0x3}}, {0x7c, 0x20, {0x2, 0x8000}}, {0xda3, 0xefb0, {0x0, 0x1795b1a4}}, {0x8, 0x1ff, {0x1, 0xee4e}}, {0x7, 0x3ff, {0x1, 0x2}}, {0x7, 0x401, {0x3, 0x2}}, {0x1b, 0x1ff, {0x0, 0x10000}}, {0x6, 0xfffa, {0x0, 0x7fff}}, {0x5, 0x7ff, {0x2, 0x4}}, {0x3, 0x2, {0x3, 0x3}}, {0x1, 0x9, {0x2, 0x68}}, {0x1, 0xa4, {0x3, 0xb4c}}, {0xfc27, 0x400, {0x2, 0x2}}, {0x3, 0x0, {0x0, 0x7fffffff}}, {0xe24, 0x5758, {0x1, 0x2}}, {0x81, 0x3f, {0x3}}, {0x4, 0x80, {0x2, 0x1}}, {0x7, 0x0, {0x3, 0x6}}, {0x0, 0xe40, {0x2, 0xae3d}}, {0x8001, 0x6, {0x0, 0x9}}, {0x3, 0x6, {0x2, 0x20}}, {0x6, 0x7fff, {0x0, 0xa172}}, {0xe4d1, 0x94, {0x3, 0x2}}, {0xf001, 0x5, {0x1, 0x7fffffff}}]}}}, {{0x254, 0x1, {{0x0, 0xfd9}, 0x4, 0x0, 0x9, 0x800, 0x0, 'syz0\x00', "cee74057a9e691f0bd5987fc270293fa39c90f830847b9c45aaa3be9cda2c311", "48c9d7045c74d147078b2bace6883edd49d070f0e2e1a2c887930013f60ea535", [{0x9, 0x5, {0x1, 0xb3f}}, {0xfffc, 0x8001, {0x0, 0x3}}, {0x9, 0x240, {0x2, 0x9}}, {0x2, 0x4, {0x0, 0x40}}, {0x3, 0x3, {0x3, 0x40}}, {0x1f, 0x100, {0x0, 0x66}}, {0x7, 0x8}, {0x0, 0x3f, {0x1, 0x5}}, {0x3, 0xff7f, {0x0, 0x3}}, {0x20, 0x7c0, {0x1, 0x4}}, {0x800, 0x1ff, {0x3, 0x4}}, {0x7cf1, 0x1717, {0xe7de8aa4d5547854, 0x2}}, {0x1f, 0x2, {0x2, 0x7}}, {0xff, 0x8000, {0x0, 0x9}}, {0xfffa, 0x1, {0x1, 0x7}}, {0x8, 0xc4, {0x2, 0x1ff}}, {0x80, 0x1, {0x1, 0x1f}}, {0xad7, 0x4, {0x3, 0x3}}, {0xec, 0x0, {0x0, 0x4}}, {0x5, 0xd75, {0x1, 0x5}}, {0x4, 0xf7, {0x0, 0x7fffffff}}, {0x2, 0x200, {0x1, 0x3}}, {0x318, 0x5, {0x1, 0x4c9e}}, {0x401, 0xdf48, {0x3}}, {0x3, 0x40}, {0x80, 0x9, {0x1, 0x10001}}, {0x4, 0x1ff, {0x1, 0x7ff}}, {0x8, 0x4, {0x2, 0x3f}}, {0x9, 0x1, {0x1, 0x7}}, {0x3, 0x0, {0x2, 0x3}}, {0xff, 0x8, {0x0, 0xff}}, {0x80, 0x7fff, {0x3, 0x20}}, {0x3, 0x1744, {0x2, 0x6}}, {0xff, 0x2, {0x3, 0x8}}, {0x3ff, 0x51, {0x0, 0x4}}, {0x2, 0x101, {0x2, 0x9}}, {0x8, 0x149, {0x1, 0x1000}}, {0x0, 0x7ff, {0x1, 0x7}}, {0x6, 0x1f, {0x0, 0x7fffffff}}, {0x9, 0xf58c, {0x2, 0x1000}}]}}}, {{0x254, 0x1, {{0x1, 0x2900000}, 0x7a, 0x40, 0x1, 0x1, 0x21, 'syz0\x00', "59fefc3f11316b9431f4706fcb37ac28e796be740f7401d80e365db6817068a6", "e1d433677cccc3b0f4ce49811399f027d9fd7af37bc5b50b881f42f051fbd12a", [{0xfff9, 0x7f, {0x3, 0xfff}}, {0x400, 0x800, {0x3, 0x9}}, {0x2, 0x3, {0x2, 0x20}}, {0x101, 0x8, {0x1, 0x7}}, {0x5, 0x0, {0x3, 0x80000001}}, {0x3, 0xff, {0x2, 0xfff}}, {0x7fff, 0x4, {0x0, 0x7}}, {0x2, 0x2, {0x0, 0x3}}, {0xe0, 0x1, {0x0, 0x3ff}}, {0x9, 0x15b7, {0x3, 0x7fffffff}}, {0x2, 0x100, {0x0, 0x7}}, {0x3f, 0xc00, {0x1, 0x100}}, {0x6, 0x6, {0x1, 0x16}}, {0xcd48, 0x8001, {0x3, 0x8}}, {0xfff, 0x0, {0x2, 0x7fff}}, {0xf1a1, 0x1, {0x1, 0x401}}, {0x5a31, 0xbbd, {0x1, 0xffffff01}}, {0xffbb, 0x3, {0x0, 0x1}}, {0x7, 0x5, {0x0, 0xc86}}, {0x2, 0x6dc9, {0x9857eb35d5281bc2}}, {0x8, 0x3cb, {0x3, 0x5}}, {0x0, 0x400, {0x0, 0x1}}, {0x81, 0x400, {0x0, 0x2000000}}, {0x48, 0x2, {0x1, 0x80000001}}, {0x1, 0x2, {0x0, 0x80000000}}, {0x4, 0x1, {0x0, 0x401}}, {0x3c, 0x1, {0x3, 0x9}}, {0x6, 0x4, {0x2, 0xfff}}, {0xd0b7, 0x4, {0x1, 0x51}}, {0x2, 0xff, {0x0, 0x5}}, {0x401, 0x5, {0x2, 0x1}}, {0x0, 0xfffd, {0x0, 0x20}}, {0xd99b, 0x7}, {0xcd8, 0x1, {0x1, 0x9}}, {0x6, 0x0, {0x1, 0x2}}, {0x5, 0xc765, {0x2, 0x52}}, {0x3, 0x6, {0x0, 0x5}}, {0x40, 0x18, {0x2, 0x3}}, {0x4c0f, 0x8001, {0x2, 0x5c}}, {0x20, 0x8001, {0x2, 0x800}}]}}}, {{0x254, 0x1, {{0x0, 0x5}, 0x3f, 0x6, 0x20, 0x401, 0x10, 'syz0\x00', "d7038ceef1c90e946743dbbfd29699cbf53b6acf5125bb74667e4a5b812970f0", "8fff687c45e77036595dabf39c5c94351ef8058fbe9a456182d346180794ab32", [{0x80, 0xfffc, {0x1, 0x7a4}}, {0xc1, 0xd8eb, {0x1, 0x11a40}}, {0xfff, 0x3, {0x0, 0xffffffff}}, {0x1, 0x401, {0x2, 0x243}}, {0x56, 0x8, {0x2, 0x1}}, {0x7f, 0x0, {0x2, 0x4}}, {0x4, 0x7, {0x1, 0x5}}, {0xffe1, 0x4, {0x3, 0x2}}, {0x7, 0x7, {0x3, 0x8}}, {0x100, 0x8, {0x1, 0x7}}, {0x3, 0xa6, {0x1, 0x8}}, {0x5, 0x0, {0x0, 0x1f}}, {0x1, 0x9}, {0x5223, 0x1, {0x2}}, {0x400, 0x101, {0x83f895b755ede664, 0x5}}, {0x80, 0x3, {0x1, 0x401}}, {0x5, 0x9, {0x0, 0xf5}}, {0x1000, 0x4, {0x0, 0x8}}, {0x3, 0x1, {0x0, 0x200}}, {0x400, 0x7ff, {0x0, 0x997}}, {0x0, 0xffff, {0x1, 0x4}}, {0x800, 0x5, {0x1, 0x7}}, {0xfbff, 0xdd, {0x1, 0x3}}, {0x80, 0x2bb, {0x3, 0x8000}}, {0x4, 0x6, {0x3, 0xff}}, {0x2, 0x7fff, {0x1, 0x4}}, {0x6, 0x60f, {0x2, 0x1}}, {0xfff, 0x5c, {0x2, 0x1}}, {0x2, 0x0, {0x2, 0x7fffffff}}, {0x4, 0x81, {0x1, 0x7fffffff}}, {0x1ff, 0x8, {0x3, 0x2}}, {0x101, 0xf6, {0x2, 0x8}}, {0x4, 0x9, {0x2, 0x5}}, {0xf4, 0x7ff, {0x1, 0x3}}, {0x0, 0x80, {0x3, 0x8}}, {0x1, 0x7f, {0x0, 0x2}}, {0x3ff, 0x6, {0x2, 0xa8}}, {0x9, 0x8, {0x0, 0xffff5afd}}, {0x7, 0x2, {0x2, 0x4}}, {0x1ff, 0x8000, {0x0, 0x2}}]}}}, {{0x254, 0x1, {{0x2, 0x7}, 0x6, 0x0, 0x9, 0x95, 0x5, 'syz1\x00', "5b8716df0def116ac76c9c700414fb79cd336648cd8b89c544833b606de16ba9", "1e19fe9823d4a7120a87ca519ed03033143cc83b91d09bae8da5e3a99d1d41ed", [{0xa9, 0x2, {0x3}}, {0x5, 0x7ff, {0x2, 0x10000}}, {0x3, 0x6, {0x2, 0x4}}, {0x1, 0x6, {0x2, 0x400}}, {0x0, 0x0, {0x0, 0x8000000}}, {0x0, 0x57, {0x0, 0x7fff}}, {0x2, 0xff01, {0x3, 0x40}}, {0xffff, 0x200, {0x3, 0xd65}}, {0x7e93, 0xffff, {0x0, 0xfffffff8}}, {0x1, 0x1393, {0x1, 0x1f}}, {0x1, 0x800, {0x1, 0xf6}}, {0x6, 0xf4, {0x0, 0x1}}, {0x171, 0x4, {0x0, 0x7}}, {0x3ff, 0x2, {0x1, 0xd34}}, {0x1, 0x8, {0x1, 0x6669}}, {0x2, 0x0, {0x0, 0x9}}, {0x200, 0x3, {0x2, 0x800}}, {0xfff9, 0x50fd, {0x1, 0x8}}, {0x0, 0x9, {0x2, 0x200}}, {0x9, 0x6, {0x2, 0x4}}, {0x6, 0x400, {0x2}}, {0xc04d, 0x7, {0x2, 0x81}}, {0x6, 0xffff, {0x3, 0xf80}}, {0xffff, 0xc32, {0x1, 0x7}}, {0x819, 0x8000, {0x1, 0x7}}, {0x5, 0x101, {0x1, 0x5}}, {0x3, 0x2a00, {0x2, 0xfe000000}}, {0xda, 0x1, {0x3}}, {0x1c, 0x81, {0x1, 0x8}}, {0x1d5, 0x18ab, {0x1, 0x1f}}, {0x7, 0x5, {0x1, 0x7af9013d}}, {0x7, 0x5, {0x3, 0x8000}}, {0x6, 0x6c94, {0x0, 0x7f}}, {0x26, 0xb9, {0x3, 0x9000000}}, {0xfffa, 0xae56, {0x1, 0x2}}, {0x101, 0x7}, {0x5, 0x401, {0x3, 0x4e0}}, {0x40, 0x12, {0x0, 0x7fff}}, {0x620, 0x7ff, {0x1, 0x2}}, {0xb9, 0x7, {0x6}}]}}}, {{0x254, 0x1, {{0x2}, 0x8, 0xfa, 0x3, 0x7f, 0x24, 'syz0\x00', "138ae6b1460fb5d9cb886853af42d29eb54caa400b2f6c958542b01f26a6b5e0", "07b30a6bb7c54d9a99ee5d64c1babb30ff3ba7b7255fa6702e26a8e340e8cac2", [{0x9, 0x101, {0x0, 0x7}}, {0x2, 0x1, {0x0, 0x7fffffff}}, {0x40, 0x79, {0x0, 0x8}}, {0x7fff, 0x3, {0x0, 0x1c}}, {0x4, 0x8, {0x2, 0xfffff25e}}, {0xfff, 0x400, {0x0, 0x3}}, {0x400, 0x7, {0x1, 0x5}}, {0x8000, 0x1, {0x3, 0x10001}}, {0xa19, 0x5, {0x0, 0x4}}, {0x5, 0x7fff, {0x1, 0x16ac}}, {0x7, 0x7, {0x0, 0xab8b}}, {0x8, 0x8000, {0x0, 0x5}}, {0x101, 0x1, {0x2, 0x1ff}}, {0xfe00, 0x4, {0x0, 0x6}}, {0x1, 0x0, {0x1, 0x1}}, {0x800, 0x2, {0x2, 0x7ff}}, {0xf5c2, 0x92, {0x3, 0x7}}, {0xff, 0x401, {0x1, 0x1}}, {0x0, 0x1, {0x3, 0x7fffffff}}, {0x8000, 0x8, {0x1, 0x7}}, {0xff, 0x8, {0x2, 0x7ff}}, {0x7a2, 0xcd2, {0x1, 0x4}}, {0x20, 0x1, {0x1, 0x1000}}, {0xc000, 0x1f, {0x2, 0x2}}, {0x4, 0x9, {0x2, 0x6}}, {0x1, 0x401, {0x2, 0xfff}}, {0x9, 0x1000, {0x0, 0x7}}, {0xffff, 0x6, {0x0, 0x3}}, {0x8, 0x5, {0x2, 0x3c3}}, {0x20, 0xfff, {0x0, 0x4}}, {0x7ff, 0x9, {0x3, 0x3}}, {0x2, 0xb7, {0x2, 0x7}}, {0x7fff, 0x47, {0x0, 0x8}}, {0x2, 0xb01, {0x0, 0x80}}, {0x1, 0x1, {0x0, 0x7ff}}, {0x1, 0x3, {0x0, 0x2}}, {0x6, 0x0, {0x2, 0x200}}, {0x7, 0x0, {0x2, 0xffff}}, {0x6, 0x9, {0x1, 0xc12}}, {0x9, 0x5, {0x3, 0x2}}]}}}]}, 0x1060}, 0x1, 0x0, 0x0, 0x4040081}, 0x40c0) r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NBD_CMD_CONNECT(r0, &(0x7f0000001300)={&(0x7f0000001240)={0x10, 0x0, 0x0, 0x22000}, 0xc, &(0x7f00000012c0)={&(0x7f0000001280)={0x38, 0x0, 0x0, 0x70bd29, 0x25dfdbff, {}, [@NBD_ATTR_SERVER_FLAGS={0xc, 0x5, 0x100}, @NBD_ATTR_SIZE_BYTES={0xc, 0x2, 0x38c73a99}, @NBD_ATTR_BLOCK_SIZE_BYTES={0xc, 0x3, 0x1f}]}, 0x38}, 0x1, 0x0, 0x0, 0x40800}, 0x880) r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000001380), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_TSINFO_GET(0xffffffffffffffff, &(0x7f0000001480)={&(0x7f0000001340)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000001440)={&(0x7f00000013c0)={0x4c, r1, 0x1a, 0x70bd27, 0x25dfdbfd, {}, [@HEADER={0x2c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'macvlan1\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'ip6tnl0\x00'}]}, @HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}]}]}, 0x4c}, 0x1, 0x0, 0x0, 0x4000040}, 0x2000c085) sendmsg$NLBL_MGMT_C_LISTALL(r0, &(0x7f0000001580)={&(0x7f00000014c0)={0x10, 0x0, 0x0, 0xc82bd9193a4d7359}, 0xc, &(0x7f0000001540)={&(0x7f0000001500)={0x40, 0x0, 0x100, 0x70bd2c, 0x25dfdbfe, {}, [@NLBL_MGMT_A_FAMILY={0x6, 0xb, 0x1}, @NLBL_MGMT_A_FAMILY={0x6, 0xb, 0xc}, @NLBL_MGMT_A_CLPDOI={0x8, 0xc, 0x3}, @NLBL_MGMT_A_IPV6MASK={0x14, 0x6, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01'}]}, 0x40}, 0x1, 0x0, 0x0, 0x20000000}, 0x40090) sendmsg$NLBL_MGMT_C_REMOVEDEF(r0, &(0x7f00000016c0)={&(0x7f00000015c0)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000001680)={&(0x7f0000001600)={0x6c, 0x0, 0x100, 0x70bd27, 0x25dfdbff, {}, [@NLBL_MGMT_A_IPV4ADDR={0x8, 0x7, @dev={0xac, 0x14, 0x14, 0x3a}}, @NLBL_MGMT_A_IPV4ADDR={0x8, 0x7, @broadcast}, @NLBL_MGMT_A_CLPDOI={0x8}, @NLBL_MGMT_A_IPV6ADDR={0x14, 0x5, @mcast2}, @NLBL_MGMT_A_CV4DOI={0x8, 0x4, 0x3}, @NLBL_MGMT_A_IPV6ADDR={0x14, 0x5, @private2={0xfc, 0x2, '\x00', 0x1}}, @NLBL_MGMT_A_CLPDOI={0x8, 0xc, 0x2}, @NLBL_MGMT_A_IPV4MASK={0x8, 0x8, @loopback}]}, 0x6c}, 0x1, 0x0, 0x0, 0x4000000}, 0x4004000) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000001740), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000001780)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_BEACON(0xffffffffffffffff, &(0x7f0000001a80)={&(0x7f0000001700), 0xc, &(0x7f0000001a40)={&(0x7f00000017c0)={0x258, r2, 0x8, 0x70bd2b, 0x25dfdbfd, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_BEACON_TAIL={0xbd, 0xf, [@mic={0x8c, 0x10, {0xb3, "7daf8cea60ee", @short="a2bdf513ccc7f357"}}, @link_id={0x65, 0x12, {@initial, @device_a, @device_b}}, @measure_req={0x26, 0x7f, {0x80, 0x7b, 0x1, "be7709a6e89e0de97b360ae7749c8be7052c89a4fb3b3be52e4ff534df88d02dd0906906ce71d3a0094ba3375a1df2b5c51846a256364c0722efb8a06db9b783799cb486866bf1403a85cfac6b2f90e712e31936db97c9cbb055270ab469f97bce73f4a9cbb627aa2f3a13b42d6c5cfde2a069ca022b9f297a7dda27"}}, @mic={0x8c, 0x10, {0xf93, "ab3d670cb597", @short="d481976b4848e142"}}]}, @NL80211_ATTR_IE={0x17b, 0x2a, [@fast_bss_trans={0x37, 0xd6, {0x64, 0x7, "23b620509bc857709c05d7a2e58e1a35", "519dc8afcf6df0ce0a1a3dab4431b901c3a84f32873628cef1997f6402c1e08c", "a748a751932a4ccc79611e0bc35502b7aa12238043e79824c20856008c07069b", [{0x2, 0x16, "6c737c6c5a281f6cf015b9b0988529579d8ef2243a33"}, {0x2, 0x2, '-8'}, {0x2}, {0x1, 0x14, "5e27be3d3b4f0a4f15f7dbb9ca4c29a7660eecc6"}, {0x3, 0x21, "7d32bf9de44cee0ae085858b6b9c2c13d4b36ad792e99fae244f879bd4b1ebfaa6"}, {0x2, 0x8, "9e496474b69c9fcb"}, {0x4, 0x21, "c006db19b4a9a361900971b4c32dcdd1088b530117fb25efa2cb8b3db65e8e25fe"}]}}, @sec_chan_ofs={0x3e, 0x1}, @cf={0x4, 0x6, {0x2, 0x6, 0x8}}, @sec_chan_ofs={0x3e, 0x1}, @perr={0x84, 0x8f, {0x80, 0x9, [@ext={{}, @broadcast, 0x1, @device_b, 0x14}, @ext={{}, @broadcast, 0xd5, @device_b, 0x1e}, @not_ext={{}, @device_a, 0x80000000, "", 0x3f}, @ext={{}, @device_a, 0xa17, @device_a, 0x37}, @not_ext={{}, @device_a, 0x16, "", 0xf}, @not_ext={{}, @device_b, 0x6, "", 0x7}, @not_ext={{}, @broadcast, 0x5, "", 0x2b}, @ext={{}, @device_a, 0x3, @device_b, 0xd}, @not_ext={{}, @device_b, 0x2, "", 0x7}]}}]}]}, 0x258}}, 0x48000) sendmsg$IEEE802154_SCAN_REQ(r0, &(0x7f0000001bc0)={&(0x7f0000001ac0)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000001b80)={&(0x7f0000001b00)={0x64, 0x0, 0x1, 0x70bd25, 0x25dfdbfe, {}, [@IEEE802154_ATTR_SCAN_TYPE={0x5, 0x13, 0xc1}, @IEEE802154_ATTR_DURATION={0x5, 0x15, 0x4}, @IEEE802154_ATTR_SCAN_TYPE={0x5, 0x13, 0x1}, @IEEE802154_ATTR_PAGE={0x5, 0x1d, 0xc}, @IEEE802154_ATTR_CHANNELS={0x8, 0x14, 0xe}, @IEEE802154_ATTR_PAGE={0x5, 0x1d, 0xf}, @IEEE802154_ATTR_SCAN_TYPE={0x5, 0x13, 0xfd}, @IEEE802154_ATTR_CHANNELS={0x8, 0x14, 0x1}, @IEEE802154_ATTR_SCAN_TYPE={0x5, 0x13, 0x50}, @IEEE802154_ATTR_CHANNELS={0x8, 0x14, 0x2}]}, 0x64}, 0x1, 0x0, 0x0, 0x4000}, 0x10810) r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$ieee802154(&(0x7f0000001c00), r4) ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, &(0x7f0000001c40)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x3}}, './file0\x00'}) r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000001cc0), 0xffffffffffffffff) sendmsg$NL80211_CMD_FRAME(r5, &(0x7f0000001d80)={&(0x7f0000001c80)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000001d40)={&(0x7f0000001d00)={0x2c, r6, 0x100, 0x70bd2c, 0x25dfdbfe, {{}, {@void, @void}}, [@NL80211_ATTR_DONT_WAIT_FOR_ACK={0x4}, @NL80211_ATTR_TX_NO_CCK_RATE={0x4}, @NL80211_ATTR_TX_NO_CCK_RATE={0x4}, @NL80211_ATTR_TX_NO_CCK_RATE={0x4}, @chandef_params=[@NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x8}]]}, 0x2c}, 0x1, 0x0, 0x0, 0x1}, 0x80000) r7 = openat$vcs(0xffffffffffffff9c, &(0x7f0000001dc0), 0x100, 0x0) sendmsg$NL80211_CMD_FRAME_WAIT_CANCEL(r7, &(0x7f0000001f00)={&(0x7f0000001e00)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000001ec0)={&(0x7f0000001e40)={0x64, r2, 0x100, 0x70bd27, 0x25dfdbfb, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_COOKIE={0xc, 0x58, 0x41}, @NL80211_ATTR_COOKIE={0xc, 0x58, 0xb}, @NL80211_ATTR_COOKIE={0xc, 0x58, 0x76}, @NL80211_ATTR_COOKIE={0xc, 0x58, 0x46}, @NL80211_ATTR_COOKIE={0xc, 0x58, 0x1c}, @NL80211_ATTR_COOKIE={0xc, 0x58, 0xf}]}, 0x64}, 0x1, 0x0, 0x0, 0x800}, 0x4040841) sendmsg$NBD_CMD_STATUS(r0, &(0x7f0000002040)={&(0x7f0000001f40)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000002000)={&(0x7f0000001f80)={0x4c, 0x0, 0x20, 0x70bd25, 0x25dfdbfe, {}, [@NBD_ATTR_DEAD_CONN_TIMEOUT={0xc, 0x8, 0x99}, @NBD_ATTR_SIZE_BYTES={0xc, 0x2, 0x5}, @NBD_ATTR_INDEX={0x8, 0x1, 0x0}, @NBD_ATTR_CLIENT_FLAGS={0xc, 0x6, 0x2}, @NBD_ATTR_SERVER_FLAGS={0xc, 0x5, 0x202}]}, 0x4c}, 0x1, 0x0, 0x0, 0xc000}, 0x4004) 02:09:29 executing program 5: getsockopt$ARPT_SO_GET_ENTRIES(0xffffffffffffffff, 0x0, 0x61, &(0x7f0000000000)={'filter\x00', 0x45, "f6ff3963ebee3df03bd4c8322a26a31de4648372cddaea87550011b08ac5f50c7d174b5c27fbce888528929a4e48a01c478577761084f729ad3a9110f16394a872cffa8fcd"}, &(0x7f0000000080)=0x69) getsockopt$inet_buf(0xffffffffffffffff, 0x0, 0x28, &(0x7f00000000c0)=""/248, &(0x7f00000001c0)=0xf8) r0 = open(&(0x7f0000000200)='./file0\x00', 0x121040, 0x10) getsockopt$EBT_SO_GET_INIT_INFO(r0, 0x0, 0x82, &(0x7f0000000240)={'nat\x00', 0x0, 0x0, 0x0, [0x7698, 0x100000000, 0xffffffffffffff97, 0x6, 0x5292c7ae, 0x9]}, &(0x7f00000002c0)=0x78) mount$bind(&(0x7f0000000300)='./file1\x00', &(0x7f0000000340)='./file0\x00', &(0x7f0000000380), 0x888008, 0x0) lsetxattr$system_posix_acl(&(0x7f00000003c0)='./file1\x00', &(0x7f0000000400)='system.posix_acl_default\x00', &(0x7f0000000440)={{}, {0x1, 0x2}, [{0x2, 0x1, 0xee00}], {}, [{0x8, 0x3, 0xee00}], {0x10, 0x1}}, 0x34, 0x1) ioctl$INCFS_IOC_CREATE_FILE(r0, 0xc058671e, &(0x7f0000000780)={{'\x00', 0x2}, {0x1f}, 0x80, 0x0, 0x0, &(0x7f0000000480)='./file1\x00', &(0x7f00000004c0)='./file0\x00', &(0x7f0000000500)="72eb099ca7eeb097498db89059c04eedfc973f2537c055ac192cac99bd0e9a040f66e48ebf5b8449b34c5e740d729c3413377fc9b181ef476d874f4422b96f31fd66ee16aea676fc914be9acf66f2c79a1659c1b2d44741e604f4152fd494905c144913958fc2f177e920aeb7012029421c83dae124d6491e3aa550785e68db575bb79ac87eb47707756dbc3f4a8a5ed6652", 0x92, 0x0, &(0x7f00000005c0)={0x2, 0x117, {0x1, 0xc, 0xd, "01385b62bc6dc0c6c7f1aa8103", 0xfd, "697cbb3d901994643c4919bc08bf4e3e9a1133cd8ff260e07bec6bda291ea86cf107f9ea0b676c96b87b3562065d406fc5bb256e4f62f84d2addc74ffbda3e1f3d0147ab7f74a267abd819e61a2b312f6ca84941b2060e494a41a2df8b60c7d039d96ed137460a17a403818d33e20f71f8b146c72fc27598913ae5b21eb4229ba219660f85ab4b8b40e42e16b8e5fea12d17d0d041e75d238a14482f547676fbc485d2ac6b1e88f8b725f88864f647924316c25fbc7b665527dcf6ad0c90d81c912f4ad11fcbbef8be1a05893cab872910ef8ab1c5b1baa9133a573010c191ea2f7a704b6c87dd562a05edf832c7466d75227463b88767372706467628"}, 0x97, "9af8324d68c4062648c4a745b8667e68e9ebf857e3fa89abaaa5db85f31e69a18e09f12a8cb8d5d727cef74c9de55a0946ae3b95d5464cc44c4f8213ff7ed78b9d467656335466004ef830dd5b97649ea8baa36ffb2b8ae6d6e52abcd10361f2a38a3d60138ca050d82432f73f7e11a70f038fcd28f9bd52bfff6239f566a616d0d89b8cdc387c9bdf50fa88d00238168ec195e6bb3a13"}, 0x1ba}) setsockopt$IP_VS_SO_SET_DELDEST(r0, 0x0, 0x488, &(0x7f0000000800)={{0x84, @multicast2, 0x4e22, 0x2, 'fo\x00', 0x8, 0x0, 0x49}, {@multicast1, 0x4e22, 0x4, 0x1, 0x3, 0x6}}, 0x44) syz_mount_image$nfs(&(0x7f0000000880), &(0x7f00000008c0)='./file1\x00', 0x3, 0x1, &(0x7f0000000940)=[{&(0x7f0000000900)="b2ff08ff717fbf93", 0x8, 0x1}], 0x800000, &(0x7f0000000980)={[{}], [{@rootcontext={'rootcontext', 0x3d, 'root'}}, {@smackfstransmute={'smackfstransmute', 0x3d, '\x00'}}]}) ioctl$AUTOFS_DEV_IOCTL_EXPIRE(r0, 0xc018937c, &(0x7f00000009c0)={{0x1, 0x1, 0x18, r0}, './file1/file0\x00'}) ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(r1, 0x89f0, &(0x7f0000000a80)={'sit0\x00', &(0x7f0000000a00)={'ip6_vti0\x00', 0x0, 0x4, 0x0, 0x5c, 0xaa, 0x3f, @private0={0xfc, 0x0, '\x00', 0x1}, @local, 0x700, 0x40, 0x10000, 0x100}}) setsockopt$inet_MCAST_JOIN_GROUP(0xffffffffffffffff, 0x0, 0x2a, &(0x7f0000000ac0)={0xfff, {{0x2, 0x4e21, @empty}}}, 0x88) r2 = accept4$inet6(r0, &(0x7f0000000b80)={0xa, 0x0, 0x0, @empty}, &(0x7f0000000bc0)=0x1c, 0x80800) ioctl$FS_IOC_GETFLAGS(r2, 0x80086601, &(0x7f0000000c00)) getsockopt$IPT_SO_GET_REVISION_MATCH(r1, 0x0, 0x42, &(0x7f0000000c40)={'icmp\x00'}, &(0x7f0000000c80)=0x1e) sendmsg$IPCTNL_MSG_CT_GET_CTRZERO(r0, &(0x7f0000000e00)={&(0x7f0000000cc0)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000dc0)={&(0x7f0000000d00)={0xac, 0x3, 0x1, 0x5, 0x0, 0x0, {0xa}, [@CTA_PROTOINFO={0x10, 0x4, 0x0, 0x1, @CTA_PROTOINFO_TCP={0xc, 0x1, 0x0, 0x1, [@CTA_PROTOINFO_TCP_WSCALE_ORIGINAL={0x5}]}}, @CTA_TUPLE_MASTER={0x88, 0xe, 0x0, 0x1, [@CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x4}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x11}}, @CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x2}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x84}}, @CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @private2}, {0x14, 0x4, @mcast2}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x6}}, @CTA_TUPLE_ZONE={0x6}, @CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x4}, @CTA_TUPLE_ZONE={0x6}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x11}}]}]}, 0xac}, 0x1, 0x0, 0x0, 0x4000000}, 0x24000041) r3 = openat$zero(0xffffffffffffff9c, &(0x7f0000000e40), 0x391082, 0x0) getsockopt$inet_pktinfo(r3, 0x0, 0x8, &(0x7f0000000e80)={0x0, @rand_addr, @remote}, &(0x7f0000000ec0)=0xc) sendmsg$MPTCP_PM_CMD_GET_ADDR(r0, &(0x7f0000001000)={&(0x7f0000000f00)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000fc0)={&(0x7f0000000f40)={0x50, 0x0, 0x800, 0x70bd28, 0x25dfdbfc, {}, [@MPTCP_PM_ATTR_ADDR={0x3c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @private2}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @private0}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x4}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @dev={0xac, 0x14, 0x14, 0x2b}}]}]}, 0x50}}, 0x44) ioctl$BLKPG(r1, 0x1269, &(0x7f0000001080)={0x40, 0x3, 0x3, &(0x7f0000001040)="88f03c"}) 02:09:29 executing program 7: r0 = accept4$packet(0xffffffffffffffff, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @multicast}, &(0x7f0000000040)=0x14, 0x800) fcntl$F_GET_RW_HINT(r0, 0x40b, &(0x7f0000000080)) ioctl$sock_ipv6_tunnel_SIOCCHG6RD(0xffffffffffffffff, 0x89fb, &(0x7f0000000180)={'ip6tnl0\x00', &(0x7f0000000100)={'sit0\x00', r1, 0x2f, 0xff, 0x1, 0x0, 0x20, @local, @remote, 0x80, 0x40, 0x386, 0x200}}) ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000940)={'syztnl2\x00', &(0x7f0000000880)={'gretap0\x00', r1, 0x8, 0x80, 0x8000, 0x7, {{0x1e, 0x4, 0x0, 0x28, 0x78, 0x66, 0x0, 0x7, 0x29, 0x0, @broadcast, @remote, {[@noop, @rr={0x7, 0x1b, 0xab, [@remote, @multicast1, @private=0xa010102, @broadcast, @local, @rand_addr=0x64010101]}, @end, @cipso={0x86, 0x1c, 0x1, [{0x5, 0x3, "97"}, {0x5, 0xe, "fc2907cd59848f903dfc722a"}, {0xab38b23273aa7543, 0x5, "3e6ff3"}]}, @timestamp={0x44, 0x28, 0x5e, 0x0, 0x9, [0x1, 0xffffffff, 0x433, 0x10001, 0x40, 0x2, 0x1a5, 0x6, 0x0]}]}}}}}) accept4$packet(r0, &(0x7f0000000980)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @local}, &(0x7f00000009c0)=0x14, 0x0) ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000001c80)={'vxcan1\x00', 0x0}) getsockname$packet(r0, &(0x7f0000001cc0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000001d00)=0x14) ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000001dc0)={'syztnl2\x00', &(0x7f0000001d40)={'sit0\x00', r1, 0x2f, 0x1, 0x5, 0xfffffc73, 0x10, @mcast1, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x10, 0x700, 0x4}}) sendmsg$TEAM_CMD_OPTIONS_SET(0xffffffffffffffff, &(0x7f0000002540)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000002500)={&(0x7f0000001e00)={0x6e4, 0x0, 0x1, 0x70bd27, 0x25dfdbff, {}, [{{0x8, 0x1, r1}, {0xb4, 0x2, 0x0, 0x1, [{0x3c, 0x1, @user_linkup={{{0x24}, {0x5}, {0x4}}, {0x8, 0x6, r2}}}, {0x38, 0x1, @mcast_rejoin_interval={{0x24}, {0x5}, {0x8, 0x4, 0x80}}}, {0x3c, 0x1, @lb_tx_method={{0x24}, {0x5}, {0x9, 0x4, 'hash\x00'}}}]}}, {{0x8, 0x1, r1}, {0x1a8, 0x2, 0x0, 0x1, [{0x38, 0x1, @mcast_rejoin_interval={{0x24}, {0x5}, {0x8}}}, {0x38, 0x1, @mcast_rejoin_count={{0x24}, {0x5}, {0x8, 0x4, 0x803}}}, {0x38, 0x1, @notify_peers_interval={{0x24}, {0x5}, {0x8, 0x4, 0x100}}}, {0x40, 0x1, @priority={{{0x24}, {0x5}, {0x8, 0x4, 0x8}}, {0x8, 0x6, r1}}}, {0x40, 0x1, @lb_hash_stats={{{0x24}, {0x5}, {0x8, 0x4, 0x7559}}, {0x8}}}, {0x3c, 0x1, @enabled={{{0x24}, {0x5}, {0x4}}, {0x8, 0x6, r1}}}, {0x40, 0x1, @lb_port_stats={{{0x24}, {0x5}, {0x8, 0x4, 0x3}}, {0x8, 0x6, r1}}}]}}, {{0x8, 0x1, r1}, {0x44, 0x2, 0x0, 0x1, [{0x40, 0x1, @priority={{{0x24}, {0x5}, {0x8, 0x4, 0x9}}, {0x8, 0x6, r3}}}]}}, {{0x8, 0x1, r1}, {0x14c, 0x2, 0x0, 0x1, [{0x40, 0x1, @priority={{{0x24}, {0x5}, {0x8, 0x4, 0x6}}, {0x8, 0x6, r4}}}, {0x4c, 0x1, @lb_tx_method={{0x24}, {0x5}, {0x19, 0x4, 'hash_to_port_mapping\x00'}}}, {0x40, 0x1, @lb_port_stats={{{0x24}, {0x5}, {0x8, 0x4, 0xfffffffd}}, {0x8, 0x6, r1}}}, {0x40, 0x1, @lb_hash_stats={{{0x24}, {0x5}, {0x8, 0x4, 0x8}}, {0x8}}}, {0x3c, 0x1, @name={{0x24}, {0x5}, {0xb, 0x4, 'random\x00'}}}]}}, {{0x8, 0x1, r1}, {0xb4, 0x2, 0x0, 0x1, [{0x3c, 0x1, @user_linkup_enabled={{{0x24}, {0x5}, {0x4}}, {0x8, 0x6, r1}}}, {0x38, 0x1, @lb_stats_refresh_interval={{0x24}, {0x5}, {0x8, 0x4, 0xb26}}}, {0x3c, 0x1, @lb_tx_method={{0x24}, {0x5}, {0x9, 0x4, 'hash\x00'}}}]}}, {{0x8, 0x1, r1}, {0xb0, 0x2, 0x0, 0x1, [{0x38, 0x1, @mcast_rejoin_count={{0x24}, {0x5}, {0x8, 0x4, 0x7}}}, {0x38, 0x1, @activeport={{0x24}, {0x5}, {0x8, 0x4, r1}}}, {0x3c, 0x1, @user_linkup={{{0x24}, {0x5}, {0x4}}, {0x8, 0x6, r5}}}]}}, {{0x8, 0x1, r1}, {0x50, 0x2, 0x0, 0x1, [{0x4c, 0x1, @lb_tx_method={{0x24}, {0x5}, {0x19, 0x4, 'hash_to_port_mapping\x00'}}}]}}, {{0x8, 0x1, r6}, {0xf0, 0x2, 0x0, 0x1, [{0x38, 0x1, @mcast_rejoin_interval={{0x24}, {0x5}, {0x8, 0x4, 0x81}}}, {0x3c, 0x1, @user_linkup={{{0x24}, {0x5}, {0x4}}, {0x8, 0x6, r1}}}, {0x38, 0x1, @lb_stats_refresh_interval={{0x24}, {0x5}, {0x8}}}, {0x40, 0x1, @lb_tx_hash_to_port_mapping={{{0x24}, {0x5}, {0x8, 0x4, r7}}, {0x8}}}]}}]}, 0x6e4}, 0x1, 0x0, 0x0, 0x20004000}, 0x4000) r8 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000002580), 0x900, 0x0) ioctl$F2FS_IOC_GET_PIN_FILE(r8, 0x8004f50e, &(0x7f00000025c0)) r9 = socket$nl_generic(0x10, 0x3, 0x10) r10 = syz_genetlink_get_family_id$team(&(0x7f0000002700), 0xffffffffffffffff) ioctl$sock_ipv6_tunnel_SIOCGETPRL(0xffffffffffffffff, 0x89f4, &(0x7f0000002800)={'sit0\x00', &(0x7f0000002780)={'ip6_vti0\x00', r2, 0x2f, 0xdf, 0x4, 0x8, 0x0, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, @ipv4={'\x00', '\xff\xff', @multicast2}, 0x20, 0x8, 0x7ff, 0x6}}) getsockname$packet(r0, &(0x7f0000002880)={0x11, 0x0, 0x0}, &(0x7f00000028c0)=0x14) getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, &(0x7f0000002900)={0x0, @initdev, @empty}, &(0x7f0000002940)=0xc) sendmsg$TEAM_CMD_PORT_LIST_GET(r9, &(0x7f0000002e40)={&(0x7f00000026c0)={0x10, 0x0, 0x0, 0x220810}, 0xc, &(0x7f0000002e00)={&(0x7f0000002980)={0x444, r10, 0x200, 0x70bd25, 0x25dfdbfd, {}, [{{0x8, 0x1, r7}, {0x128, 0x2, 0x0, 0x1, [{0x38, 0x1, @activeport={{0x24}, {0x5}, {0x8, 0x4, r11}}}, {0x3c, 0x1, @enabled={{{0x24}, {0x5}, {0x4}}, {0x8, 0x6, r12}}}, {0x38, 0x1, @notify_peers_count={{0x24}, {0x5}, {0x8, 0x4, 0x3}}}, {0x38, 0x1, @mcast_rejoin_interval={{0x24}, {0x5}, {0x8, 0x4, 0x8001}}}, {0x40, 0x1, @lb_tx_hash_to_port_mapping={{{0x24}, {0x5}, {0x8, 0x4, r3}}, {0x8}}}]}}, {{0x8, 0x1, r4}, {0x1fc, 0x2, 0x0, 0x1, [{0x54, 0x1, @bpf_hash_func={{0x24}, {0x5}, {0x24, 0x4, [{0x6, 0x80, 0x40, 0x1}, {0x3, 0x5, 0x38, 0x9}, {0x184, 0x20, 0x81, 0x3}, {0x6, 0xfc, 0x8, 0x1}]}}}, {0x38, 0x1, @mcast_rejoin_interval={{0x24}, {0x5}, {0x8, 0x4, 0x3}}}, {0x3c, 0x1, @bpf_hash_func={{0x24}, {0x5}, {0xc, 0x4, [{0x6, 0x6, 0x14, 0xff}]}}}, {0x3c, 0x1, @user_linkup={{{0x24}, {0x5}, {0x4}}, {0x8, 0x6, r13}}}, {0x40, 0x1, @lb_port_stats={{{0x24}, {0x5}, {0x8, 0x4, 0x1}}, {0x8, 0x6, r4}}}, {0x3c, 0x1, @lb_tx_method={{0x24}, {0x5}, {0x9, 0x4, 'hash\x00'}}}, {0x40, 0x1, @lb_hash_stats={{{0x24}, {0x5}, {0x8, 0x4, 0x2}}, {0x8}}}, {0x38, 0x1, @notify_peers_interval={{0x24}, {0x5}, {0x8, 0x4, 0x1f}}}]}}, {{0x8, 0x1, r6}, {0xf4, 0x2, 0x0, 0x1, [{0x40, 0x1, @queue_id={{{0x24}, {0x5}, {0x8, 0x4, 0x3}}, {0x8, 0x6, r3}}}, {0x38, 0x1, @notify_peers_interval={{0x24}, {0x5}, {0x8, 0x4, 0xc144}}}, {0x38, 0x1, @lb_stats_refresh_interval={{0x24}, {0x5}, {0x8, 0x4, 0xfffffffa}}}, {0x40, 0x1, @priority={{{0x24}, {0x5}, {0x8, 0x4, 0x401}}, {0x8, 0x6, r5}}}]}}]}, 0x444}, 0x1, 0x0, 0x0, 0x1}, 0x841) r14 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000002e80)='net/ip_vs_stats\x00') ioctl$sock_ipv6_tunnel_SIOCADD6RD(r14, 0x89f9, &(0x7f0000002f40)={'syztnl1\x00', &(0x7f0000002ec0)={'syztnl1\x00', r7, 0x4, 0x2, 0x5, 0x0, 0x61, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, @loopback, 0x7800, 0x10, 0x3, 0x81}}) ioctl$F2FS_IOC_PRECACHE_EXTENTS(0xffffffffffffffff, 0xf50f, 0x0) [ 84.112545] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 84.114471] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 84.115749] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 84.116932] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 84.119123] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 84.120152] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 84.121723] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 84.122688] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 84.123745] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 84.126508] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 84.129054] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 84.131381] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 84.132453] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 84.133795] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 84.135517] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 84.136754] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 84.138554] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 84.140169] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 84.142195] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 84.143429] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 84.144509] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 84.146053] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 84.150873] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 84.151912] Bluetooth: hci0: HCI_REQ-0x0c1a [ 84.153773] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 84.162091] Bluetooth: hci3: HCI_REQ-0x0c1a [ 84.163156] Bluetooth: hci1: HCI_REQ-0x0c1a [ 84.163675] Bluetooth: hci2: HCI_REQ-0x0c1a [ 84.223908] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 84.226174] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 84.229677] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 84.231626] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 84.246116] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 84.246790] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 84.250484] Bluetooth: hci6: HCI_REQ-0x0c1a [ 84.253644] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 84.330794] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 84.339357] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 84.352248] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 84.368032] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 84.376545] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 84.396697] Bluetooth: hci5: HCI_REQ-0x0c1a [ 86.185944] Bluetooth: hci2: command 0x0409 tx timeout [ 86.186308] Bluetooth: hci7: Opcode 0x c03 failed: -110 [ 86.187612] Bluetooth: hci1: command 0x0409 tx timeout [ 86.188509] Bluetooth: hci3: command 0x0409 tx timeout [ 86.188522] Bluetooth: hci0: command 0x0409 tx timeout [ 86.189909] Bluetooth: hci4: Opcode 0x c03 failed: -110 [ 86.313193] Bluetooth: hci6: command 0x0409 tx timeout [ 86.441042] Bluetooth: hci5: command 0x0409 tx timeout [ 88.233037] Bluetooth: hci2: command 0x041b tx timeout [ 88.233074] Bluetooth: hci3: command 0x041b tx timeout [ 88.236155] Bluetooth: hci0: command 0x041b tx timeout [ 88.236813] Bluetooth: hci1: command 0x041b tx timeout [ 88.361648] Bluetooth: hci6: command 0x041b tx timeout [ 88.490018] Bluetooth: hci5: command 0x041b tx timeout [ 89.442882] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 89.450672] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 89.457133] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 89.476521] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 89.484244] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 89.485638] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 89.497601] Bluetooth: hci4: HCI_REQ-0x0c1a [ 89.587557] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 89.589496] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 89.590805] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 89.642178] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 89.644809] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 89.664898] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 89.696918] Bluetooth: hci7: HCI_REQ-0x0c1a [ 90.281106] Bluetooth: hci1: command 0x040f tx timeout [ 90.281907] Bluetooth: hci0: command 0x040f tx timeout [ 90.282663] Bluetooth: hci3: command 0x040f tx timeout [ 90.283686] Bluetooth: hci2: command 0x040f tx timeout [ 90.409052] Bluetooth: hci6: command 0x040f tx timeout [ 90.537023] Bluetooth: hci5: command 0x040f tx timeout [ 91.561054] Bluetooth: hci4: command 0x0409 tx timeout [ 91.754059] Bluetooth: hci7: command 0x0409 tx timeout [ 92.329030] Bluetooth: hci2: command 0x0419 tx timeout [ 92.329516] Bluetooth: hci3: command 0x0419 tx timeout [ 92.329903] Bluetooth: hci0: command 0x0419 tx timeout [ 92.330345] Bluetooth: hci1: command 0x0419 tx timeout [ 92.457545] Bluetooth: hci6: command 0x0419 tx timeout [ 92.586057] Bluetooth: hci5: command 0x0419 tx timeout [ 93.609010] Bluetooth: hci4: command 0x041b tx timeout [ 93.801571] Bluetooth: hci7: command 0x041b tx timeout [ 95.657071] Bluetooth: hci4: command 0x040f tx timeout [ 95.850021] Bluetooth: hci7: command 0x040f tx timeout [ 97.705138] Bluetooth: hci4: command 0x0419 tx timeout [ 97.897069] Bluetooth: hci7: command 0x0419 tx timeout 02:10:24 executing program 4: syz_io_uring_setup(0x0, 0x0, &(0x7f0000ffb000/0x4000)=nil, &(0x7f0000ffb000/0x3000)=nil, 0x0, 0x0) syz_io_uring_setup(0x7a, &(0x7f0000000000)={0x0, 0xc248, 0xd, 0x2, 0x141}, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) io_uring_register$IORING_REGISTER_BUFFERS(0xffffffffffffffff, 0x0, &(0x7f0000000900)=[{&(0x7f0000000100)=""/9, 0x9}, {&(0x7f0000000140)=""/220, 0xdc}, {&(0x7f0000000240)=""/108, 0x6c}, {&(0x7f00000002c0)=""/185, 0xb9}, {&(0x7f0000000380)=""/197, 0xc5}, {&(0x7f0000000480)=""/196, 0xc4}, {&(0x7f0000000580)=""/64, 0x40}, {&(0x7f0000000800)=""/226, 0xe2}, {&(0x7f00000005c0)=""/120, 0x78}], 0x9) r0 = io_uring_setup(0x75c, &(0x7f0000000680)) syz_io_uring_setup(0x4736, &(0x7f0000000700)={0x0, 0x0, 0x20, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffb000/0x4000)=nil, &(0x7f0000000780), &(0x7f00000007c0)) 02:10:24 executing program 4: syz_io_uring_setup(0x0, 0x0, &(0x7f0000ffb000/0x4000)=nil, &(0x7f0000ffb000/0x3000)=nil, 0x0, 0x0) syz_io_uring_setup(0x7a, &(0x7f0000000000)={0x0, 0xc248, 0xd, 0x2, 0x141}, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) io_uring_register$IORING_REGISTER_BUFFERS(0xffffffffffffffff, 0x0, &(0x7f0000000900)=[{&(0x7f0000000100)=""/9, 0x9}, {&(0x7f0000000140)=""/220, 0xdc}, {&(0x7f0000000240)=""/108, 0x6c}, {&(0x7f00000002c0)=""/185, 0xb9}, {&(0x7f0000000380)=""/197, 0xc5}, {&(0x7f0000000480)=""/196, 0xc4}, {&(0x7f0000000580)=""/64, 0x40}, {&(0x7f0000000800)=""/226, 0xe2}, {&(0x7f00000005c0)=""/120, 0x78}], 0x9) r0 = io_uring_setup(0x75c, &(0x7f0000000680)) syz_io_uring_setup(0x4736, &(0x7f0000000700)={0x0, 0x0, 0x20, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffb000/0x4000)=nil, &(0x7f0000000780), &(0x7f00000007c0)) 02:10:24 executing program 4: syz_io_uring_setup(0x0, 0x0, &(0x7f0000ffb000/0x4000)=nil, &(0x7f0000ffb000/0x3000)=nil, 0x0, 0x0) syz_io_uring_setup(0x7a, &(0x7f0000000000)={0x0, 0xc248, 0xd, 0x2, 0x141}, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) io_uring_register$IORING_REGISTER_BUFFERS(0xffffffffffffffff, 0x0, &(0x7f0000000900)=[{&(0x7f0000000100)=""/9, 0x9}, {&(0x7f0000000140)=""/220, 0xdc}, {&(0x7f0000000240)=""/108, 0x6c}, {&(0x7f00000002c0)=""/185, 0xb9}, {&(0x7f0000000380)=""/197, 0xc5}, {&(0x7f0000000480)=""/196, 0xc4}, {&(0x7f0000000580)=""/64, 0x40}, {&(0x7f0000000800)=""/226, 0xe2}, {&(0x7f00000005c0)=""/120, 0x78}], 0x9) r0 = io_uring_setup(0x75c, &(0x7f0000000680)) syz_io_uring_setup(0x4736, &(0x7f0000000700)={0x0, 0x0, 0x20, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffb000/0x4000)=nil, &(0x7f0000000780), &(0x7f00000007c0)) 02:10:24 executing program 4: syz_io_uring_setup(0x0, 0x0, &(0x7f0000ffb000/0x4000)=nil, &(0x7f0000ffb000/0x3000)=nil, 0x0, 0x0) syz_io_uring_setup(0x7a, &(0x7f0000000000)={0x0, 0xc248, 0xd, 0x2, 0x141}, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) io_uring_register$IORING_REGISTER_BUFFERS(0xffffffffffffffff, 0x0, &(0x7f0000000900)=[{&(0x7f0000000100)=""/9, 0x9}, {&(0x7f0000000140)=""/220, 0xdc}, {&(0x7f0000000240)=""/108, 0x6c}, {&(0x7f00000002c0)=""/185, 0xb9}, {&(0x7f0000000380)=""/197, 0xc5}, {&(0x7f0000000480)=""/196, 0xc4}, {&(0x7f0000000580)=""/64, 0x40}, {&(0x7f0000000800)=""/226, 0xe2}, {&(0x7f00000005c0)=""/120, 0x78}], 0x9) r0 = io_uring_setup(0x75c, &(0x7f0000000680)) syz_io_uring_setup(0x4736, &(0x7f0000000700)={0x0, 0x0, 0x20, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffb000/0x4000)=nil, &(0x7f0000000780), &(0x7f00000007c0)) 02:10:24 executing program 4: syz_io_uring_setup(0x0, 0x0, &(0x7f0000ffb000/0x4000)=nil, &(0x7f0000ffb000/0x3000)=nil, 0x0, 0x0) syz_io_uring_setup(0x7a, &(0x7f0000000000)={0x0, 0xc248, 0xd, 0x2, 0x141}, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) io_uring_register$IORING_REGISTER_BUFFERS(0xffffffffffffffff, 0x0, &(0x7f0000000900)=[{&(0x7f0000000100)=""/9, 0x9}, {&(0x7f0000000140)=""/220, 0xdc}, {&(0x7f0000000240)=""/108, 0x6c}, {&(0x7f00000002c0)=""/185, 0xb9}, {&(0x7f0000000380)=""/197, 0xc5}, {&(0x7f0000000480)=""/196, 0xc4}, {&(0x7f0000000580)=""/64, 0x40}, {&(0x7f0000000800)=""/226, 0xe2}, {&(0x7f00000005c0)=""/120, 0x78}], 0x9) io_uring_setup(0x75c, &(0x7f0000000680)) 02:10:24 executing program 4: syz_io_uring_setup(0x0, 0x0, &(0x7f0000ffb000/0x4000)=nil, &(0x7f0000ffb000/0x3000)=nil, 0x0, 0x0) syz_io_uring_setup(0x7a, &(0x7f0000000000)={0x0, 0xc248, 0xd, 0x2, 0x141}, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) io_uring_register$IORING_REGISTER_BUFFERS(0xffffffffffffffff, 0x0, &(0x7f0000000900)=[{&(0x7f0000000100)=""/9, 0x9}, {&(0x7f0000000140)=""/220, 0xdc}, {&(0x7f0000000240)=""/108, 0x6c}, {&(0x7f00000002c0)=""/185, 0xb9}, {&(0x7f0000000380)=""/197, 0xc5}, {&(0x7f0000000480)=""/196, 0xc4}, {&(0x7f0000000580)=""/64, 0x40}, {&(0x7f0000000800)=""/226, 0xe2}, {&(0x7f00000005c0)=""/120, 0x78}], 0x9) 02:10:25 executing program 4: syz_io_uring_setup(0x0, 0x0, &(0x7f0000ffb000/0x4000)=nil, &(0x7f0000ffb000/0x3000)=nil, 0x0, 0x0) syz_io_uring_setup(0x7a, &(0x7f0000000000)={0x0, 0xc248, 0xd, 0x2, 0x141}, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 02:10:25 executing program 4: syz_io_uring_setup(0x7a, &(0x7f0000000000)={0x0, 0xc248, 0xd, 0x2, 0x141}, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) [ 140.784043] audit: type=1400 audit(1663294227.837:7): avc: denied { open } for pid=3924 comm="syz-executor.3" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 [ 142.370611] SELinux: security_context_str_to_sid (root) failed with errno=-22 [ 142.389652] SELinux: security_context_str_to_sid (root) failed with errno=-22 02:10:45 executing program 4: syz_io_uring_setup(0x0, &(0x7f0000000000)={0x0, 0xc248, 0xd, 0x2, 0x141}, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 02:10:45 executing program 5: syz_emit_ethernet(0x7a, &(0x7f0000000300)={@local, @link_local, @void, {@ipv6={0x86dd, @gre_packet={0x0, 0x6, "e620b7", 0x44, 0x2f, 0x0, @dev, @private2}}}}, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff}) recvfrom(r0, &(0x7f0000000380)=""/4096, 0x1000, 0x10100, &(0x7f0000000040)=@nfc_llcp={0x27, 0x1, 0x2, 0x3, 0x9, 0x2, "9767e4b41f46e909b5d3364fac5f7f50554ea7db726277e2da229a22206a0695acd0fad21e49500f89d8fd182bdf38d35f36b4b5c319904a2860ec280ea753", 0xd}, 0x80) 02:10:45 executing program 6: r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000000), 0x204800, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40042409, 0x1) r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000002480)='fd/3\x00') r2 = dup(r1) fdatasync(r2) ioctl$TIOCVHANGUP(r2, 0x5437, 0x0) ioctl$AUTOFS_DEV_IOCTL_READY(r1, 0xc0189376, &(0x7f0000000040)={{0x1, 0x1, 0x18, r1, {0x40}}, './file0\x00'}) preadv2(r3, &(0x7f0000001300)=[{&(0x7f0000000080)=""/193, 0xc1}, {&(0x7f0000000180)=""/250, 0xfa}, {&(0x7f0000000300)=""/4096, 0x1000}], 0x3, 0x80000000, 0x66, 0x18) r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x90) ioctl$FS_IOC_SETFLAGS(r4, 0x40086602, &(0x7f0000000040)) ioctl$BTRFS_IOC_QGROUP_CREATE(0xffffffffffffffff, 0x4010942a, &(0x7f0000001400)={0x0, 0x800}) pwrite64(r4, &(0x7f0000001340)="8ecb7e02000000000000002ab37eb9", 0xf, 0x8048c00) r5 = openat(r4, 0x0, 0x422e1, 0x0) ioctl$BTRFS_IOC_DEFAULT_SUBVOL(r0, 0x40089413, &(0x7f0000001380)=0x100000) r6 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) fallocate(r6, 0x0, 0x0, 0x87ffffc) r7 = openat$vcsu(0xffffffffffffff9c, &(0x7f00000013c0), 0x840, 0x0) ioctl$PERF_EVENT_IOC_DISABLE(r7, 0x2401, 0x7) sendfile(r6, r5, 0x0, 0x80000000) 02:10:45 executing program 0: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) socket$inet_udp(0x2, 0x2, 0x0) perf_event_open(&(0x7f00000001c0)={0x5, 0x80, 0x1, 0x20, 0x8, 0x6, 0x0, 0x8, 0x80, 0xa, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x200, 0x4, @perf_config_ext={0x7ff, 0x1}, 0x40000, 0x3ff, 0x9, 0x7, 0x7fff, 0xfff, 0xc0, 0x0, 0x3, 0x0, 0x9}, 0xffffffffffffffff, 0xc, 0xffffffffffffffff, 0x3) ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, 0x0) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000100)=0x0) syz_open_procfs(r0, &(0x7f0000000180)='net/bnep\x00') r1 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r1, 0xc0481273, &(0x7f0000000000)={'\x00', 0x3, 0x1, 0xd6c3}) ioctl$BLKTRACETEARDOWN(r1, 0x1276, 0x0) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x2, &(0x7f0000000140)=0x100, 0x4) sendmsg$NFT_MSG_GETTABLE(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x4850}, 0x0) [ 158.236690] audit: type=1400 audit(1663294245.290:8): avc: denied { kernel } for pid=3997 comm="syz-executor.1" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 [ 158.242818] ------------[ cut here ]------------ [ 158.243768] WARNING: CPU: 0 PID: 298 at kernel/events/core.c:2233 event_filter_match+0x422/0x660 [ 158.245181] Modules linked in: [ 158.245650] CPU: 0 PID: 298 Comm: syz-executor.7 Not tainted 6.0.0-rc5-next-20220915 #1 [ 158.246759] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 158.249515] RIP: 0010:event_filter_match+0x422/0x660 [ 158.250348] Code: 00 00 00 e9 7c fc ff ff e8 4b 15 f1 ff 65 8b 2d c0 73 ad 7e 31 ff 89 ee e8 eb 11 f1 ff 85 ed 0f 84 ef 00 00 00 e8 2e 15 f1 ff <0f> 0b eb 9f e8 55 88 23 00 e9 17 fc ff ff e8 1b 15 f1 ff 48 8d 7b [ 158.253183] RSP: 0018:ffff88806ce09c70 EFLAGS: 00010046 [ 158.254048] RAX: 0000000080010001 RBX: ffff888042a585c8 RCX: 0000000000000000 [ 158.255197] RDX: ffff888019d18000 RSI: ffffffff81550212 RDI: 0000000000000005 [ 158.256340] RBP: 0000000000000000 R08: 0000000000000005 R09: 0000000000000001 [ 158.257491] R10: 0000000000000000 R11: ffffffff865ac01b R12: ffff888042a587e8 [ 158.258621] R13: 0000000000000000 R14: ffff888042a58670 R15: ffff888042a587e8 [ 158.259762] FS: 00005555555c8400(0000) GS:ffff88806ce00000(0000) knlGS:0000000000000000 [ 158.261049] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 158.262009] CR2: 00000000200001c1 CR3: 000000003c276000 CR4: 0000000000350ef0 [ 158.263156] Call Trace: [ 158.263568] [ 158.263936] merge_sched_in+0x107/0x1110 [ 158.264608] visit_groups_merge.constprop.0.isra.0+0x4fc/0xef0 [ 158.265591] ? merge_sched_in+0x1110/0x1110 [ 158.266288] ? lock_is_held_type+0xd7/0x130 [ 158.267044] ctx_sched_in+0x2e6/0x770 [ 158.267671] ? lock_acquire+0x1b2/0x530 [ 158.268347] ? visit_groups_merge.constprop.0.isra.0+0xef0/0xef0 [ 158.269342] ? lock_is_held_type+0xd7/0x130 [ 158.270062] perf_event_sched_in+0x75/0x80 [ 158.270743] ctx_resched+0x1ce/0x390 [ 158.271359] __perf_install_in_context+0x285/0x9c0 [ 158.272165] ? __irq_exit_rcu+0x11b/0x180 [ 158.272860] ? ctx_resched+0x390/0x390 [ 158.273513] remote_function+0x125/0x1b0 [ 158.274191] __flush_smp_call_function_queue+0x1df/0x5a0 [ 158.275075] ? perf_duration_warn+0x40/0x40 [ 158.275787] __sysvec_call_function_single+0x92/0x3a0 [ 158.276630] sysvec_call_function_single+0x89/0xc0 [ 158.277472] [ 158.277843] [ 158.278222] asm_sysvec_call_function_single+0x16/0x20 [ 158.279112] RIP: 0010:__sanitizer_cov_trace_pc+0x0/0x70 [ 158.279979] Code: 00 00 5d e9 b2 dd b7 02 66 90 48 8b be a8 01 00 00 e8 b4 ff ff ff 31 c0 e9 cd 23 1a 03 66 66 2e 0f 1f 84 00 00 00 00 00 66 90 <65> 8b 05 39 57 bc 7e 89 c1 48 8b 34 24 81 e1 00 01 00 00 65 48 8b [ 158.282887] RSP: 0018:ffff888020187690 EFLAGS: 00000202 [ 158.283729] RAX: 0000000000020f5d RBX: 0000000000000200 RCX: ffffffff812999ff [ 158.284880] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 158.286003] RBP: 00000000f0000000 R08: 0000000000000001 R09: ffffffff86ccb7d7 [ 158.287145] R10: fffffbfff0d996fa R11: 0000000000000001 R12: ffffea000103c9c0 [ 158.288287] R13: ffff88800d030ec0 R14: ffff88800d030ec0 R15: 00007fd37b000000 [ 158.289465] ? mark_lock.part.0+0xef/0x2f70 [ 158.290182] pte_alloc_one+0x196/0x200 [ 158.290829] __pte_alloc+0x69/0x210 [ 158.291453] ? pmd_install+0x260/0x260 [ 158.292122] copy_page_range+0x1c0b/0x43b0 [ 158.292878] ? vm_iomap_memory+0x190/0x190 [ 158.293566] ? mas_empty_area_rev+0x12d0/0x12d0 [ 158.294361] ? up_write+0x148/0x480 [ 158.294976] dup_mmap+0xa4a/0xfc0 [ 158.295592] ? replace_mm_exe_file+0x4b0/0x4b0 [ 158.296358] ? do_raw_spin_unlock+0x4f/0x220 [ 158.297126] ? lockdep_init_map_type+0x2c7/0x7a0 [ 158.297931] ? __init_rwsem+0x129/0x1b0 [ 158.298592] dup_mm+0x91/0x380 [ 158.299145] copy_process+0x6ac7/0x6e20 [ 158.299791] ? lock_is_held_type+0xd7/0x130 [ 158.300526] ? __cleanup_sighand+0xb0/0xb0 [ 158.301228] ? _raw_spin_unlock+0x24/0x40 [ 158.301912] ? do_wp_page+0x1a1/0x2050 [ 158.302569] kernel_clone+0xe7/0x890 [ 158.303183] ? create_io_thread+0xf0/0xf0 [ 158.303852] ? lock_is_held_type+0xd7/0x130 [ 158.304564] ? lock_is_held_type+0xd7/0x130 [ 158.305292] ? find_held_lock+0x2c/0x110 [ 158.305977] ? lock_release+0x3b2/0x750 [ 158.306655] __do_sys_clone+0xba/0x100 [ 158.307298] ? __do_sys_vfork+0xc0/0xc0 [ 158.307964] ? syscall_enter_from_user_mode+0x1d/0x50 [ 158.308834] ? syscall_enter_from_user_mode+0x1d/0x50 [ 158.309688] do_syscall_64+0x3b/0x90 [ 158.310313] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 158.311152] RIP: 0033:0x7fd37b8a610b [ 158.311764] Code: ed 0f 85 60 01 00 00 64 4c 8b 0c 25 10 00 00 00 45 31 c0 4d 8d 91 d0 02 00 00 31 d2 31 f6 bf 11 00 20 01 b8 38 00 00 00 0f 05 <48> 3d 00 f0 ff ff 0f 87 89 00 00 00 41 89 c5 85 c0 0f 85 90 00 00 [ 158.314670] RSP: 002b:00007ffd06c67e30 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 158.315881] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fd37b8a610b [ 158.317034] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011 [ 158.318164] RBP: 0000000000000001 R08: 0000000000000000 R09: 00005555555c8400 [ 158.319293] R10: 00005555555c86d0 R11: 0000000000000246 R12: 0000000000000001 [ 158.320432] R13: 0000000000000001 R14: 0000000000000001 R15: 00007ffd06c67f10 [ 158.321609] [ 158.321996] irq event stamp: 135006 [ 158.322584] hardirqs last enabled at (135005): [] pte_alloc_one+0x190/0x200 [ 158.323968] hardirqs last disabled at (135006): [] sysvec_call_function_single+0xb/0xc0 [ 158.325509] softirqs last enabled at (134924): [] __irq_exit_rcu+0x11b/0x180 [ 158.326911] softirqs last disabled at (134893): [] __irq_exit_rcu+0x11b/0x180 [ 158.328290] ---[ end trace 0000000000000000 ]--- [ 158.329145] ------------[ cut here ]------------ [ 158.329904] WARNING: CPU: 0 PID: 298 at kernel/events/core.c:2557 merge_sched_in+0xadb/0x1110 [ 158.331250] Modules linked in: [ 158.331771] CPU: 0 PID: 298 Comm: syz-executor.7 Tainted: G W 6.0.0-rc5-next-20220915 #1 [ 158.333252] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 158.334981] RIP: 0010:merge_sched_in+0xadb/0x1110 [ 158.335743] Code: ff ff e8 78 16 ef ff 65 8b 05 ed 74 ab 7e 31 ff 89 c6 89 04 24 e8 15 13 ef ff 8b 04 24 85 c0 0f 84 13 02 00 00 e8 55 16 ef ff <0f> 0b e9 c4 fb ff ff e8 49 16 ef ff 4c 89 e8 48 05 18 01 00 00 e9 [ 158.338573] RSP: 0018:ffff88806ce09cb0 EFLAGS: 00010046 [ 158.339403] RAX: 0000000080010001 RBX: ffff88806ce3d100 RCX: 0000000000000000 [ 158.340509] RDX: ffff888019d18000 RSI: ffffffff815700eb RDI: 0000000000000005 [ 158.341640] RBP: ffff888042a585c8 R08: 0000000000000005 R09: 0000000000000001 [ 158.342747] R10: 0000000000000000 R11: ffffffff865ac01b R12: ffff88806ce3d100 [ 158.343838] R13: ffff88806ce00000 R14: ffff888042a58670 R15: ffff888042a587e8 [ 158.344961] FS: 00005555555c8400(0000) GS:ffff88806ce00000(0000) knlGS:0000000000000000 [ 158.346219] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 158.347118] CR2: 00000000200001c1 CR3: 000000003c276000 CR4: 0000000000350ef0 [ 158.348226] Call Trace: [ 158.348636] [ 158.349031] visit_groups_merge.constprop.0.isra.0+0x4fc/0xef0 [ 158.349980] ? merge_sched_in+0x1110/0x1110 [ 158.350671] ? lock_is_held_type+0xd7/0x130 [ 158.351385] ctx_sched_in+0x2e6/0x770 [ 158.352002] ? lock_acquire+0x1b2/0x530 [ 158.352645] ? visit_groups_merge.constprop.0.isra.0+0xef0/0xef0 [ 158.353566] ? lock_is_held_type+0xd7/0x130 [ 158.354206] perf_event_sched_in+0x75/0x80 [ 158.354817] ctx_resched+0x1ce/0x390 [ 158.355373] __perf_install_in_context+0x285/0x9c0 [ 158.356078] ? __irq_exit_rcu+0x11b/0x180 [ 158.356699] ? ctx_resched+0x390/0x390 [ 158.357265] remote_function+0x125/0x1b0 [ 158.357865] __flush_smp_call_function_queue+0x1df/0x5a0 [ 158.358630] ? perf_duration_warn+0x40/0x40 [ 158.359264] __sysvec_call_function_single+0x92/0x3a0 [ 158.360003] sysvec_call_function_single+0x89/0xc0 [ 158.360737] [ 158.361065] [ 158.361393] asm_sysvec_call_function_single+0x16/0x20 [ 158.362148] RIP: 0010:__sanitizer_cov_trace_pc+0x0/0x70 [ 158.362902] Code: 00 00 5d e9 b2 dd b7 02 66 90 48 8b be a8 01 00 00 e8 b4 ff ff ff 31 c0 e9 cd 23 1a 03 66 66 2e 0f 1f 84 00 00 00 00 00 66 90 <65> 8b 05 39 57 bc 7e 89 c1 48 8b 34 24 81 e1 00 01 00 00 65 48 8b [ 158.365461] RSP: 0018:ffff888020187690 EFLAGS: 00000202 [ 158.366302] RAX: 0000000000020f5d RBX: 0000000000000200 RCX: ffffffff812999ff [ 158.367424] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 158.368546] RBP: 00000000f0000000 R08: 0000000000000001 R09: ffffffff86ccb7d7 [ 158.369688] R10: fffffbfff0d996fa R11: 0000000000000001 R12: ffffea000103c9c0 [ 158.370815] R13: ffff88800d030ec0 R14: ffff88800d030ec0 R15: 00007fd37b000000 [ 158.371951] ? mark_lock.part.0+0xef/0x2f70 [ 158.372678] pte_alloc_one+0x196/0x200 [ 158.373329] __pte_alloc+0x69/0x210 [ 158.373930] ? pmd_install+0x260/0x260 [ 158.374589] copy_page_range+0x1c0b/0x43b0 [ 158.375330] ? vm_iomap_memory+0x190/0x190 [ 158.376004] ? mas_empty_area_rev+0x12d0/0x12d0 [ 158.376799] ? up_write+0x148/0x480 [ 158.377400] dup_mmap+0xa4a/0xfc0 [ 158.378011] ? replace_mm_exe_file+0x4b0/0x4b0 [ 158.378761] ? do_raw_spin_unlock+0x4f/0x220 [ 158.379499] ? lockdep_init_map_type+0x2c7/0x7a0 [ 158.380285] ? __init_rwsem+0x129/0x1b0 [ 158.380966] dup_mm+0x91/0x380 [ 158.381511] copy_process+0x6ac7/0x6e20 [ 158.382157] ? lock_is_held_type+0xd7/0x130 [ 158.382890] ? __cleanup_sighand+0xb0/0xb0 [ 158.383572] ? _raw_spin_unlock+0x24/0x40 [ 158.384243] ? do_wp_page+0x1a1/0x2050 [ 158.384920] kernel_clone+0xe7/0x890 [ 158.385529] ? create_io_thread+0xf0/0xf0 [ 158.386193] ? lock_is_held_type+0xd7/0x130 [ 158.386893] ? lock_is_held_type+0xd7/0x130 [ 158.387589] ? find_held_lock+0x2c/0x110 [ 158.388261] ? lock_release+0x3b2/0x750 [ 158.388934] __do_sys_clone+0xba/0x100 [ 158.389561] ? __do_sys_vfork+0xc0/0xc0 [ 158.390219] ? syscall_enter_from_user_mode+0x1d/0x50 [ 158.391052] ? syscall_enter_from_user_mode+0x1d/0x50 [ 158.391896] do_syscall_64+0x3b/0x90 [ 158.392510] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 158.393340] RIP: 0033:0x7fd37b8a610b [ 158.393939] Code: ed 0f 85 60 01 00 00 64 4c 8b 0c 25 10 00 00 00 45 31 c0 4d 8d 91 d0 02 00 00 31 d2 31 f6 bf 11 00 20 01 b8 38 00 00 00 0f 05 <48> 3d 00 f0 ff ff 0f 87 89 00 00 00 41 89 c5 85 c0 0f 85 90 00 00 [ 158.396782] RSP: 002b:00007ffd06c67e30 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 158.397970] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fd37b8a610b [ 158.399091] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011 [ 158.400205] RBP: 0000000000000001 R08: 0000000000000000 R09: 00005555555c8400 [ 158.401327] R10: 00005555555c86d0 R11: 0000000000000246 R12: 0000000000000001 [ 158.402446] R13: 0000000000000001 R14: 0000000000000001 R15: 00007ffd06c67f10 [ 158.403591] [ 158.403982] irq event stamp: 135006 [ 158.404553] hardirqs last enabled at (135005): [] pte_alloc_one+0x190/0x200 [ 158.405937] hardirqs last disabled at (135006): [] sysvec_call_function_single+0xb/0xc0 [ 158.407428] softirqs last enabled at (134924): [] __irq_exit_rcu+0x11b/0x180 [ 158.408812] softirqs last disabled at (134893): [] __irq_exit_rcu+0x11b/0x180 [ 158.410192] ---[ end trace 0000000000000000 ]--- [ 158.417088] ------------[ cut here ]------------ [ 158.417111] [ 158.417114] ====================================================== [ 158.417117] WARNING: possible circular locking dependency detected [ 158.417122] 6.0.0-rc5-next-20220915 #1 Tainted: G W [ 158.417130] ------------------------------------------------------ [ 158.417133] syz-executor.0/4005 is trying to acquire lock: [ 158.417139] ffffffff853fa878 ((console_sem).lock){-...}-{2:2}, at: down_trylock+0xe/0x70 [ 158.417177] [ 158.417177] but task is already holding lock: [ 158.417180] ffff888010e77c20 (&ctx->lock){....}-{2:2}, at: __perf_event_task_sched_out+0x53b/0x18d0 [ 158.417207] [ 158.417207] which lock already depends on the new lock. [ 158.417207] [ 158.417210] [ 158.417210] the existing dependency chain (in reverse order) is: [ 158.417214] [ 158.417214] -> #3 (&ctx->lock){....}-{2:2}: [ 158.417227] _raw_spin_lock+0x2a/0x40 [ 158.417245] __perf_event_task_sched_out+0x53b/0x18d0 [ 158.417257] __schedule+0xedd/0x2470 [ 158.417267] schedule+0xda/0x1b0 [ 158.417277] futex_wait_queue+0xf5/0x1e0 [ 158.417289] futex_wait+0x28e/0x690 [ 158.417298] do_futex+0x2ff/0x380 [ 158.417307] __x64_sys_futex+0x1c6/0x4d0 [ 158.417317] do_syscall_64+0x3b/0x90 [ 158.417332] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 158.417349] [ 158.417349] -> #2 (&rq->__lock){-.-.}-{2:2}: [ 158.417363] _raw_spin_lock_nested+0x30/0x40 [ 158.417377] raw_spin_rq_lock_nested+0x1e/0x30 [ 158.417390] task_fork_fair+0x63/0x4d0 [ 158.417407] sched_cgroup_fork+0x3d0/0x540 [ 158.417420] copy_process+0x4183/0x6e20 [ 158.417431] kernel_clone+0xe7/0x890 [ 158.417440] user_mode_thread+0xad/0xf0 [ 158.417450] rest_init+0x24/0x250 [ 158.417467] arch_call_rest_init+0xf/0x14 [ 158.417479] start_kernel+0x4c1/0x4e6 [ 158.417489] secondary_startup_64_no_verify+0xe0/0xeb [ 158.417503] [ 158.417503] -> #1 (&p->pi_lock){-.-.}-{2:2}: [ 158.417516] _raw_spin_lock_irqsave+0x39/0x60 [ 158.417531] try_to_wake_up+0xab/0x1920 [ 158.417544] up+0x75/0xb0 [ 158.417555] __up_console_sem+0x6e/0x80 [ 158.417571] console_unlock+0x46a/0x590 [ 158.417586] do_con_write+0xc05/0x1d50 [ 158.417598] con_write+0x21/0x40 [ 158.417607] n_tty_write+0x4d4/0xfe0 [ 158.417620] file_tty_write.constprop.0+0x49c/0x8f0 [ 158.417633] vfs_write+0x9c3/0xd90 [ 158.417651] ksys_write+0x127/0x250 [ 158.417667] do_syscall_64+0x3b/0x90 [ 158.417680] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 158.417697] [ 158.417697] -> #0 ((console_sem).lock){-...}-{2:2}: [ 158.417710] __lock_acquire+0x2a02/0x5e70 [ 158.417726] lock_acquire+0x1a2/0x530 [ 158.417742] _raw_spin_lock_irqsave+0x39/0x60 [ 158.417756] down_trylock+0xe/0x70 [ 158.417768] __down_trylock_console_sem+0x3b/0xd0 [ 158.417784] vprintk_emit+0x16b/0x560 [ 158.417800] vprintk+0x84/0xa0 [ 158.417816] _printk+0xba/0xf1 [ 158.417833] report_bug.cold+0x72/0xab [ 158.417846] handle_bug+0x3c/0x70 [ 158.417858] exc_invalid_op+0x14/0x50 [ 158.417872] asm_exc_invalid_op+0x16/0x20 [ 158.417888] group_sched_out.part.0+0x2c7/0x460 [ 158.417898] ctx_sched_out+0x8f1/0xc10 [ 158.417908] __perf_event_task_sched_out+0x6d0/0x18d0 [ 158.417920] __schedule+0xedd/0x2470 [ 158.417930] schedule+0xda/0x1b0 [ 158.417939] exit_to_user_mode_prepare+0x114/0x1a0 [ 158.417959] syscall_exit_to_user_mode+0x19/0x40 [ 158.417976] do_syscall_64+0x48/0x90 [ 158.417989] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 158.418005] [ 158.418005] other info that might help us debug this: [ 158.418005] [ 158.418008] Chain exists of: [ 158.418008] (console_sem).lock --> &rq->__lock --> &ctx->lock [ 158.418008] [ 158.418023] Possible unsafe locking scenario: [ 158.418023] [ 158.418025] CPU0 CPU1 [ 158.418027] ---- ---- [ 158.418030] lock(&ctx->lock); [ 158.418035] lock(&rq->__lock); [ 158.418042] lock(&ctx->lock); [ 158.418048] lock((console_sem).lock); [ 158.418054] [ 158.418054] *** DEADLOCK *** [ 158.418054] [ 158.418056] 2 locks held by syz-executor.0/4005: [ 158.418062] #0: ffff88806cf37cd8 (&rq->__lock){-.-.}-{2:2}, at: __schedule+0x1cf/0x2470 [ 158.418088] #1: ffff888010e77c20 (&ctx->lock){....}-{2:2}, at: __perf_event_task_sched_out+0x53b/0x18d0 [ 158.418115] [ 158.418115] stack backtrace: [ 158.418119] CPU: 1 PID: 4005 Comm: syz-executor.0 Tainted: G W 6.0.0-rc5-next-20220915 #1 [ 158.418132] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 158.418141] Call Trace: [ 158.418144] [ 158.418148] dump_stack_lvl+0x8b/0xb3 [ 158.418163] check_noncircular+0x263/0x2e0 [ 158.418179] ? format_decode+0x26c/0xb50 [ 158.418195] ? print_circular_bug+0x450/0x450 [ 158.418211] ? enable_ptr_key_workfn+0x20/0x20 [ 158.418225] ? __lockdep_reset_lock+0x180/0x180 [ 158.418242] ? format_decode+0x26c/0xb50 [ 158.418257] ? alloc_chain_hlocks+0x1ec/0x5a0 [ 158.418275] __lock_acquire+0x2a02/0x5e70 [ 158.418296] ? lockdep_hardirqs_on_prepare+0x410/0x410 [ 158.418318] lock_acquire+0x1a2/0x530 [ 158.418334] ? down_trylock+0xe/0x70 [ 158.418348] ? rcu_read_unlock+0x40/0x40 [ 158.418366] ? find_held_lock+0x2c/0x110 [ 158.418383] ? vprintk+0x84/0xa0 [ 158.418400] _raw_spin_lock_irqsave+0x39/0x60 [ 158.418416] ? down_trylock+0xe/0x70 [ 158.418429] down_trylock+0xe/0x70 [ 158.418442] ? vprintk+0x84/0xa0 [ 158.418458] __down_trylock_console_sem+0x3b/0xd0 [ 158.418475] vprintk_emit+0x16b/0x560 [ 158.418494] vprintk+0x84/0xa0 [ 158.418511] _printk+0xba/0xf1 [ 158.418528] ? record_print_text.cold+0x16/0x16 [ 158.418548] ? hrtimer_try_to_cancel+0x163/0x2c0 [ 158.418562] ? lock_downgrade+0x6d0/0x6d0 [ 158.418579] ? report_bug.cold+0x66/0xab [ 158.418594] ? group_sched_out.part.0+0x2c7/0x460 [ 158.418605] report_bug.cold+0x72/0xab [ 158.418620] handle_bug+0x3c/0x70 [ 158.418634] exc_invalid_op+0x14/0x50 [ 158.418648] asm_exc_invalid_op+0x16/0x20 [ 158.418666] RIP: 0010:group_sched_out.part.0+0x2c7/0x460 [ 158.418679] Code: 5e 41 5f e9 3b b7 ef ff e8 36 b7 ef ff 65 8b 1d ab 15 ac 7e 31 ff 89 de e8 d6 b3 ef ff 85 db 0f 84 8a 00 00 00 e8 19 b7 ef ff <0f> 0b e9 a5 fe ff ff e8 0d b7 ef ff 48 8d 7d 10 48 b8 00 00 00 00 [ 158.418691] RSP: 0018:ffff888041b2fc48 EFLAGS: 00010006 [ 158.418700] RAX: 0000000040000002 RBX: 0000000000000000 RCX: 0000000000000000 [ 158.418707] RDX: ffff88801d1c0000 RSI: ffffffff81566027 RDI: 0000000000000005 [ 158.418715] RBP: ffff888042a58b90 R08: 0000000000000005 R09: 0000000000000001 [ 158.418722] R10: 0000000000000000 R11: 0000000000000001 R12: ffff888010e77c00 [ 158.418730] R13: ffff88806cf3d100 R14: ffffffff8547bfc0 R15: 0000000000000002 [ 158.418741] ? group_sched_out.part.0+0x2c7/0x460 [ 158.418754] ? group_sched_out.part.0+0x2c7/0x460 [ 158.418767] ctx_sched_out+0x8f1/0xc10 [ 158.418779] __perf_event_task_sched_out+0x6d0/0x18d0 [ 158.418794] ? lock_is_held_type+0xd7/0x130 [ 158.418813] ? __perf_cgroup_move+0x160/0x160 [ 158.418824] ? set_next_entity+0x304/0x550 [ 158.418842] ? update_curr+0x267/0x740 [ 158.418860] ? lock_is_held_type+0xd7/0x130 [ 158.418878] __schedule+0xedd/0x2470 [ 158.418892] ? io_schedule_timeout+0x150/0x150 [ 158.418904] ? trace_rcu_dyntick+0x1a7/0x250 [ 158.418925] schedule+0xda/0x1b0 [ 158.418936] exit_to_user_mode_prepare+0x114/0x1a0 [ 158.418956] syscall_exit_to_user_mode+0x19/0x40 [ 158.418974] do_syscall_64+0x48/0x90 [ 158.418988] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 158.419006] RIP: 0033:0x7f1fe14ceb19 [ 158.419014] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 158.419025] RSP: 002b:00007f1fdea23218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 158.419036] RAX: 0000000000000001 RBX: 00007f1fe15e2028 RCX: 00007f1fe14ceb19 [ 158.419043] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f1fe15e202c [ 158.419051] RBP: 00007f1fe15e2020 R08: 000000000000000e R09: 0000000000000000 [ 158.419058] R10: 0000000000000004 R11: 0000000000000246 R12: 00007f1fe15e202c [ 158.419065] R13: 00007ffc201f0a9f R14: 00007f1fdea23300 R15: 0000000000022000 [ 158.419078] [ 158.476085] WARNING: CPU: 1 PID: 4005 at kernel/events/core.c:2309 group_sched_out.part.0+0x2c7/0x460 [ 158.476750] Modules linked in: [ 158.477002] CPU: 1 PID: 4005 Comm: syz-executor.0 Tainted: G W 6.0.0-rc5-next-20220915 #1 [ 158.477683] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 158.478516] RIP: 0010:group_sched_out.part.0+0x2c7/0x460 [ 158.478915] Code: 5e 41 5f e9 3b b7 ef ff e8 36 b7 ef ff 65 8b 1d ab 15 ac 7e 31 ff 89 de e8 d6 b3 ef ff 85 db 0f 84 8a 00 00 00 e8 19 b7 ef ff <0f> 0b e9 a5 fe ff ff e8 0d b7 ef ff 48 8d 7d 10 48 b8 00 00 00 00 [ 158.480239] RSP: 0018:ffff888041b2fc48 EFLAGS: 00010006 [ 158.480633] RAX: 0000000040000002 RBX: 0000000000000000 RCX: 0000000000000000 [ 158.481168] RDX: ffff88801d1c0000 RSI: ffffffff81566027 RDI: 0000000000000005 [ 158.481701] RBP: ffff888042a58b90 R08: 0000000000000005 R09: 0000000000000001 [ 158.482227] R10: 0000000000000000 R11: 0000000000000001 R12: ffff888010e77c00 [ 158.482749] R13: ffff88806cf3d100 R14: ffffffff8547bfc0 R15: 0000000000000002 [ 158.483281] FS: 00007f1fdea23700(0000) GS:ffff88806cf00000(0000) knlGS:0000000000000000 [ 158.483871] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 158.484298] CR2: 00007fd8b27dadf0 CR3: 000000003ed54000 CR4: 0000000000350ee0 [ 158.484825] Call Trace: [ 158.485018] [ 158.485197] ctx_sched_out+0x8f1/0xc10 [ 158.485492] __perf_event_task_sched_out+0x6d0/0x18d0 [ 158.485877] ? lock_is_held_type+0xd7/0x130 [ 158.486199] ? __perf_cgroup_move+0x160/0x160 [ 158.486535] ? set_next_entity+0x304/0x550 [ 158.486851] ? update_curr+0x267/0x740 [ 158.487146] ? lock_is_held_type+0xd7/0x130 [ 158.487472] __schedule+0xedd/0x2470 [ 158.487750] ? io_schedule_timeout+0x150/0x150 [ 158.488089] ? trace_rcu_dyntick+0x1a7/0x250 [ 158.488427] schedule+0xda/0x1b0 [ 158.488694] exit_to_user_mode_prepare+0x114/0x1a0 [ 158.489068] syscall_exit_to_user_mode+0x19/0x40 [ 158.489423] do_syscall_64+0x48/0x90 [ 158.489703] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 158.490083] RIP: 0033:0x7f1fe14ceb19 [ 158.490361] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 158.491671] RSP: 002b:00007f1fdea23218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 158.492221] RAX: 0000000000000001 RBX: 00007f1fe15e2028 RCX: 00007f1fe14ceb19 [ 158.492746] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f1fe15e202c [ 158.493267] RBP: 00007f1fe15e2020 R08: 000000000000000e R09: 0000000000000000 [ 158.493788] R10: 0000000000000004 R11: 0000000000000246 R12: 00007f1fe15e202c [ 158.494303] R13: 00007ffc201f0a9f R14: 00007f1fdea23300 R15: 0000000000022000 [ 158.494825] [ 158.495001] irq event stamp: 112 [ 158.495250] hardirqs last enabled at (111): [] exit_to_user_mode_prepare+0x109/0x1a0 [ 158.495930] hardirqs last disabled at (112): [] __schedule+0x1225/0x2470 [ 158.496530] softirqs last enabled at (0): [] copy_process+0x1e15/0x6e20 [ 158.497134] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 158.497591] ---[ end trace 0000000000000000 ]--- 02:10:45 executing program 1: r0 = perf_event_open$cgroup(&(0x7f0000000040)={0x2, 0x80, 0x14, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_SET_FILTER(r0, 0x40082406, &(0x7f00000000c0)='\x00') ioctl$PERF_EVENT_IOC_SET_FILTER(r0, 0x5452, &(0x7f0000000180)='journal_checksum') r1 = syz_io_uring_setup(0x46ac, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100)=0x0, &(0x7f0000000140)=0x0) r4 = socket$inet_udp(0x2, 0x2, 0x0) r5 = fcntl$dupfd(r4, 0x0, r1) syz_io_uring_submit(r2, r3, &(0x7f00000001c0)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, r5, 0x0, 0x0, 0x0, 0xab358d1624cd19e7}, 0x0) io_uring_enter(r1, 0x1, 0x0, 0x0, 0x0, 0x0) close(r0) r6 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r7 = accept(r6, &(0x7f00000001c0)=@ll={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @local}, &(0x7f0000000000)=0x80) fsetxattr$security_selinux(r7, &(0x7f0000000140), &(0x7f0000000240)='system_u:object_r:tpm_device_t:s0\x00', 0x22, 0x1) r8 = dup(r6) r9 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x8, 0x110, r1, 0x10000000) r10 = accept4$unix(r5, 0x0, &(0x7f0000000500), 0x800) syz_io_uring_submit(r2, r9, &(0x7f0000000540)=@IORING_OP_TEE={0x21, 0x5, 0x0, @fd=r1, 0x0, 0x0, 0x9, 0x9, 0x1, {0x0, 0x0, r10}}, 0x7) bind$bt_hci(r8, &(0x7f0000000080)={0x1f, 0xffffffffffffffff, 0x3}, 0x6) write$bt_hci(r8, &(0x7f00000004c0)=ANY=[@ANYBLOB="0301"], 0x6) ioctl$VFAT_IOCTL_READDIR_BOTH(r8, 0x82307201, &(0x7f0000000280)=[{0x0, 0x0, 0x100}, {0x0, 0x0, 0x100}]) mmap$perf(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x1000001, 0x50, r8, 0x8) 02:10:45 executing program 3: io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0) r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) r1 = openat$sr(0xffffffffffffff9c, &(0x7f00000001c0), 0x105802, 0x0) close(r1) io_uring_register$IORING_REGISTER_FILES_UPDATE(0xffffffffffffffff, 0x6, &(0x7f00000001c0)={0x5, 0x0, &(0x7f0000000180)=[0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, r0, r1]}, 0x6) openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x200000, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_TCP_REPAIR(r3, 0x6, 0x13, &(0x7f00000018c0)=0x1, 0x4) connect$inet6(r3, &(0x7f0000000080)={0xa, 0x0, 0x0, @loopback}, 0x1c) setsockopt$inet6_tcp_TCP_REPAIR(r3, 0x6, 0x13, &(0x7f0000000000), 0x4) r4 = socket(0x37, 0x800, 0x6) r5 = dup3(r0, r2, 0x0) fsetxattr$trusted_overlay_origin(r5, &(0x7f0000000100), &(0x7f0000000140), 0x2, 0x1) setsockopt$inet6_tcp_TCP_REPAIR(r4, 0x6, 0x13, &(0x7f0000000540)=0xffffffffffffffff, 0x4) openat$ptp0(0xffffffffffffff9c, 0x0, 0x800, 0x0) 02:10:45 executing program 2: mlock2(&(0x7f0000ff7000/0x4000)=nil, 0x4000, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x80000001}, 0x0, 0x7ff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='net/route\x00') perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x2000000000000000}, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x41, 0x0) r2 = openat2(r0, &(0x7f0000000240)='./file0\x00', &(0x7f0000000300)={0x208600, 0x21, 0x16}, 0xfffffffffffffd79) ioctl$LOOP_CTL_ADD(r2, 0x4c80, 0xb) r3 = ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82) mremap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x1000, 0x6, &(0x7f0000ffc000/0x1000)=nil) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r3) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, r3) shmget$private(0x0, 0x2000, 0x54000000, &(0x7f0000ff5000/0x2000)=nil) 02:10:45 executing program 7: r0 = gettid() setpgid(0x0, r0) perf_event_open(&(0x7f0000000080)={0x4, 0x80, 0x8c, 0x0, 0x0, 0xfb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x66b}, 0x52140, 0xfffffffffffffffd, 0x1, 0x9, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x2000000}, r0, 0xd, 0xffffffffffffffff, 0x0) write(0xffffffffffffffff, &(0x7f00000011c0)="25f603b7fa9fa3548414e10992c1cf45f19705c7eee437fda4334d052aeb04b0d5037a01019288274bf0cb88e4b0d450527f3e3100845f824bd7c768b941d88d3d043f988b9894fe6bc6553b229e9e616dbeb1b077c3ff25d19fa7ce2453d6417761", 0x62) r1 = creat(&(0x7f0000000040)='./file1\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r1, 0x40086602, &(0x7f00000000c0)) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000000)={0x40000000}) perf_event_open(&(0x7f0000001840)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000001800), 0xd}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write(r2, &(0x7f0000000080)="01", 0x41030) preadv(0xffffffffffffffff, &(0x7f0000001140), 0x0, 0x0, 0x0) [ 158.604972] hrtimer: interrupt took 16040 ns [ 158.716386] audit: type=1400 audit(1663294245.770:9): avc: denied { write } for pid=3997 comm="syz-executor.1" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 VM DIAGNOSIS: 02:10:45 Registers: info registers vcpu 0 RAX=0000000000000058 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff822b29f1 RDI=ffffffff87641ba0 RBP=ffffffff87641b60 RSP=ffff88806ce09640 R8 =0000000000000001 R9 =000000000000000a R10=0000000000000058 R11=0000000000000001 R12=0000000000000058 R13=ffffffff87641b60 R14=0000000000000010 R15=ffffffff822b29e0 RIP=ffffffff822b2a49 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 00005555555c8400 00000000 00000000 GS =0000 ffff88806ce00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00000000200001c1 CR3=000000003c276000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 YMM00=0000000000000000 0000000000000000 0000000000000000 00000000000000ff YMM01=0000000000000000 0000000000000000 2525252525252525 2525252525252525 YMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM04=0000000000000000 0000000000000000 0000000000000000 00000000000000ff YMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM06=0000000000000000 0000000000000000 0000000000000000 000000524f525245 YMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM08=0000000000000000 0000000000000000 0000000000000000 00524f5252450040 YMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 RAX=0000000000023ab6 RBX=1ffff11008521f84 RCX=ffffc90001dda000 RDX=0000000000040000 RSI=ffffffff813bc113 RDI=0000000000000005 RBP=ffff88804290fcc8 RSP=ffff88804290fc00 R8 =0000000000000005 R9 =0000000000000000 R10=0000000000000001 R11=0000000000000001 R12=0000000000000001 R13=0000000000000000 R14=0000000000000000 R15=0000000000000200 RIP=ffffffff813bc115 RFL=00000212 [----A--] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 00007f91e729d700 00000000 00000000 GS =0000 ffff88806cf00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007fd8b2838b98 CR3=000000003dda4000 CR4=00350ee0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001fa0 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 YMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM02=0000000000000000 0000000000000000 0000000000000000 4184017640000000 YMM03=0000000000000000 0000000000000000 0000ff0000000000 0000000000000000 YMM04=0000000000000000 0000000000000000 732f6c61636f6c2f 7273752f3d485441 YMM05=0000000000000000 0000000000000000 622f6c61636f6c2f 7273752f3a6e6962 YMM06=0000000000000000 0000000000000000 73752f3a6e696273 2f7273752f3a6e69 YMM07=0000000000000000 0000000000000000 6e69622f3a6e6962 732f3a6e69622f72 YMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000