Warning: Permanently added '[localhost]:28307' (ECDSA) to the list of known hosts. 2022/10/01 16:28:28 fuzzer started 2022/10/01 16:28:28 dialing manager at localhost:35095 syzkaller login: [ 43.591352] cgroup: Unknown subsys name 'net' [ 43.719005] cgroup: Unknown subsys name 'rlimit' 2022/10/01 16:28:41 syscalls: 2215 2022/10/01 16:28:41 code coverage: enabled 2022/10/01 16:28:41 comparison tracing: enabled 2022/10/01 16:28:41 extra coverage: enabled 2022/10/01 16:28:41 setuid sandbox: enabled 2022/10/01 16:28:41 namespace sandbox: enabled 2022/10/01 16:28:41 Android sandbox: enabled 2022/10/01 16:28:41 fault injection: enabled 2022/10/01 16:28:41 leak checking: enabled 2022/10/01 16:28:41 net packet injection: enabled 2022/10/01 16:28:41 net device setup: enabled 2022/10/01 16:28:41 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2022/10/01 16:28:41 devlink PCI setup: PCI device 0000:00:10.0 is not available 2022/10/01 16:28:41 USB emulation: enabled 2022/10/01 16:28:41 hci packet injection: enabled 2022/10/01 16:28:41 wifi device emulation: failed to parse kernel version (6.0.0-rc7-next-20220930) 2022/10/01 16:28:41 802.15.4 emulation: enabled 2022/10/01 16:28:41 fetching corpus: 50, signal 25910/27696 (executing program) 2022/10/01 16:28:41 fetching corpus: 100, signal 36382/39755 (executing program) 2022/10/01 16:28:41 fetching corpus: 150, signal 43825/48707 (executing program) 2022/10/01 16:28:42 fetching corpus: 200, signal 52526/58702 (executing program) 2022/10/01 16:28:42 fetching corpus: 250, signal 59112/66551 (executing program) 2022/10/01 16:28:42 fetching corpus: 300, signal 63531/72289 (executing program) 2022/10/01 16:28:42 fetching corpus: 350, signal 68497/78426 (executing program) 2022/10/01 16:28:42 fetching corpus: 400, signal 73527/84572 (executing program) 2022/10/01 16:28:42 fetching corpus: 450, signal 75669/87949 (executing program) 2022/10/01 16:28:42 fetching corpus: 500, signal 77978/91432 (executing program) 2022/10/01 16:28:42 fetching corpus: 550, signal 80531/95090 (executing program) 2022/10/01 16:28:42 fetching corpus: 600, signal 84698/100174 (executing program) 2022/10/01 16:28:43 fetching corpus: 650, signal 88891/105255 (executing program) 2022/10/01 16:28:43 fetching corpus: 700, signal 90656/108095 (executing program) 2022/10/01 16:28:43 fetching corpus: 750, signal 92994/111364 (executing program) 2022/10/01 16:28:43 fetching corpus: 800, signal 95993/115207 (executing program) 2022/10/01 16:28:43 fetching corpus: 850, signal 97934/118008 (executing program) 2022/10/01 16:28:43 fetching corpus: 900, signal 99381/120412 (executing program) 2022/10/01 16:28:43 fetching corpus: 950, signal 101363/123217 (executing program) 2022/10/01 16:28:43 fetching corpus: 1000, signal 103965/126540 (executing program) 2022/10/01 16:28:43 fetching corpus: 1050, signal 106741/129927 (executing program) 2022/10/01 16:28:44 fetching corpus: 1100, signal 107986/132097 (executing program) 2022/10/01 16:28:44 fetching corpus: 1150, signal 109269/134232 (executing program) 2022/10/01 16:28:44 fetching corpus: 1200, signal 111677/137264 (executing program) 2022/10/01 16:28:44 fetching corpus: 1250, signal 112944/139342 (executing program) 2022/10/01 16:28:44 fetching corpus: 1300, signal 114342/141512 (executing program) 2022/10/01 16:28:44 fetching corpus: 1350, signal 116539/144324 (executing program) 2022/10/01 16:28:44 fetching corpus: 1400, signal 119430/147496 (executing program) 2022/10/01 16:28:44 fetching corpus: 1450, signal 121503/150101 (executing program) 2022/10/01 16:28:44 fetching corpus: 1500, signal 125236/153839 (executing program) 2022/10/01 16:28:44 fetching corpus: 1550, signal 126684/155862 (executing program) 2022/10/01 16:28:45 fetching corpus: 1600, signal 127396/157380 (executing program) 2022/10/01 16:28:45 fetching corpus: 1650, signal 128678/159274 (executing program) 2022/10/01 16:28:45 fetching corpus: 1700, signal 129686/160961 (executing program) 2022/10/01 16:28:45 fetching corpus: 1750, signal 131734/163316 (executing program) 2022/10/01 16:28:45 fetching corpus: 1800, signal 133305/165355 (executing program) 2022/10/01 16:28:45 fetching corpus: 1850, signal 134126/166815 (executing program) 2022/10/01 16:28:45 fetching corpus: 1900, signal 135486/168629 (executing program) 2022/10/01 16:28:45 fetching corpus: 1950, signal 136974/170479 (executing program) 2022/10/01 16:28:45 fetching corpus: 2000, signal 137746/171800 (executing program) 2022/10/01 16:28:46 fetching corpus: 2050, signal 138555/173177 (executing program) 2022/10/01 16:28:46 fetching corpus: 2100, signal 139774/174810 (executing program) 2022/10/01 16:28:46 fetching corpus: 2150, signal 141896/177049 (executing program) 2022/10/01 16:28:46 fetching corpus: 2200, signal 142774/178396 (executing program) 2022/10/01 16:28:46 fetching corpus: 2250, signal 145719/181121 (executing program) 2022/10/01 16:28:46 fetching corpus: 2300, signal 146650/182462 (executing program) 2022/10/01 16:28:46 fetching corpus: 2350, signal 147793/183930 (executing program) 2022/10/01 16:28:46 fetching corpus: 2400, signal 148504/185106 (executing program) 2022/10/01 16:28:46 fetching corpus: 2450, signal 149151/186246 (executing program) 2022/10/01 16:28:47 fetching corpus: 2500, signal 149952/187435 (executing program) 2022/10/01 16:28:47 fetching corpus: 2550, signal 151411/188974 (executing program) 2022/10/01 16:28:47 fetching corpus: 2600, signal 152968/190579 (executing program) 2022/10/01 16:28:47 fetching corpus: 2650, signal 155110/192494 (executing program) 2022/10/01 16:28:47 fetching corpus: 2700, signal 156154/193782 (executing program) 2022/10/01 16:28:47 fetching corpus: 2750, signal 156891/194880 (executing program) 2022/10/01 16:28:47 fetching corpus: 2800, signal 158667/196590 (executing program) 2022/10/01 16:28:48 fetching corpus: 2850, signal 159024/197429 (executing program) 2022/10/01 16:28:48 fetching corpus: 2900, signal 160162/198675 (executing program) 2022/10/01 16:28:48 fetching corpus: 2950, signal 160662/199596 (executing program) 2022/10/01 16:28:48 fetching corpus: 3000, signal 161437/200652 (executing program) 2022/10/01 16:28:48 fetching corpus: 3050, signal 162256/201832 (executing program) 2022/10/01 16:28:48 fetching corpus: 3100, signal 163239/203043 (executing program) 2022/10/01 16:28:48 fetching corpus: 3150, signal 163883/203956 (executing program) 2022/10/01 16:28:48 fetching corpus: 3200, signal 164491/204906 (executing program) 2022/10/01 16:28:48 fetching corpus: 3250, signal 165636/206074 (executing program) 2022/10/01 16:28:48 fetching corpus: 3300, signal 166544/207111 (executing program) 2022/10/01 16:28:49 fetching corpus: 3350, signal 167512/208145 (executing program) 2022/10/01 16:28:49 fetching corpus: 3400, signal 168651/209340 (executing program) 2022/10/01 16:28:49 fetching corpus: 3450, signal 169685/210374 (executing program) 2022/10/01 16:28:49 fetching corpus: 3500, signal 170741/211384 (executing program) 2022/10/01 16:28:49 fetching corpus: 3550, signal 171836/212408 (executing program) 2022/10/01 16:28:49 fetching corpus: 3600, signal 172391/213207 (executing program) 2022/10/01 16:28:49 fetching corpus: 3650, signal 173575/214235 (executing program) 2022/10/01 16:28:49 fetching corpus: 3700, signal 174568/215147 (executing program) 2022/10/01 16:28:49 fetching corpus: 3750, signal 175837/216138 (executing program) 2022/10/01 16:28:50 fetching corpus: 3800, signal 176979/217070 (executing program) 2022/10/01 16:28:50 fetching corpus: 3850, signal 177757/217852 (executing program) 2022/10/01 16:28:50 fetching corpus: 3900, signal 178382/218653 (executing program) 2022/10/01 16:28:50 fetching corpus: 3950, signal 179061/219411 (executing program) 2022/10/01 16:28:50 fetching corpus: 4000, signal 180451/220379 (executing program) 2022/10/01 16:28:50 fetching corpus: 4050, signal 181652/221257 (executing program) 2022/10/01 16:28:50 fetching corpus: 4100, signal 182304/221925 (executing program) 2022/10/01 16:28:51 fetching corpus: 4150, signal 182925/222616 (executing program) 2022/10/01 16:28:51 fetching corpus: 4200, signal 183807/223424 (executing program) 2022/10/01 16:28:51 fetching corpus: 4250, signal 184851/224188 (executing program) 2022/10/01 16:28:51 fetching corpus: 4300, signal 185533/224879 (executing program) 2022/10/01 16:28:51 fetching corpus: 4350, signal 186506/225639 (executing program) 2022/10/01 16:28:51 fetching corpus: 4400, signal 187311/226312 (executing program) 2022/10/01 16:28:51 fetching corpus: 4450, signal 187723/226854 (executing program) 2022/10/01 16:28:52 fetching corpus: 4500, signal 188539/227499 (executing program) 2022/10/01 16:28:52 fetching corpus: 4550, signal 189274/228109 (executing program) 2022/10/01 16:28:52 fetching corpus: 4600, signal 189921/228676 (executing program) 2022/10/01 16:28:52 fetching corpus: 4650, signal 190397/229193 (executing program) 2022/10/01 16:28:52 fetching corpus: 4700, signal 191267/229817 (executing program) 2022/10/01 16:28:52 fetching corpus: 4750, signal 191858/230355 (executing program) 2022/10/01 16:28:52 fetching corpus: 4800, signal 193036/230990 (executing program) 2022/10/01 16:28:52 fetching corpus: 4850, signal 193545/231525 (executing program) 2022/10/01 16:28:52 fetching corpus: 4871, signal 194680/232077 (executing program) 2022/10/01 16:28:52 fetching corpus: 4871, signal 194680/232443 (executing program) 2022/10/01 16:28:53 fetching corpus: 4871, signal 194680/232803 (executing program) 2022/10/01 16:28:53 fetching corpus: 4871, signal 194680/233162 (executing program) 2022/10/01 16:28:53 fetching corpus: 4871, signal 194680/233514 (executing program) 2022/10/01 16:28:53 fetching corpus: 4871, signal 194680/233905 (executing program) 2022/10/01 16:28:53 fetching corpus: 4871, signal 194680/234293 (executing program) 2022/10/01 16:28:53 fetching corpus: 4871, signal 194680/234666 (executing program) 2022/10/01 16:28:53 fetching corpus: 4871, signal 194680/235054 (executing program) 2022/10/01 16:28:53 fetching corpus: 4871, signal 194680/235429 (executing program) 2022/10/01 16:28:53 fetching corpus: 4871, signal 194680/235809 (executing program) 2022/10/01 16:28:53 fetching corpus: 4871, signal 194680/236166 (executing program) 2022/10/01 16:28:53 fetching corpus: 4871, signal 194680/236537 (executing program) 2022/10/01 16:28:53 fetching corpus: 4871, signal 194680/236885 (executing program) 2022/10/01 16:28:53 fetching corpus: 4871, signal 194680/237286 (executing program) 2022/10/01 16:28:53 fetching corpus: 4871, signal 194680/237659 (executing program) 2022/10/01 16:28:53 fetching corpus: 4871, signal 194680/238057 (executing program) 2022/10/01 16:28:53 fetching corpus: 4871, signal 194680/238445 (executing program) 2022/10/01 16:28:53 fetching corpus: 4871, signal 194680/238809 (executing program) 2022/10/01 16:28:53 fetching corpus: 4871, signal 194680/239142 (executing program) 2022/10/01 16:28:53 fetching corpus: 4871, signal 194680/239489 (executing program) 2022/10/01 16:28:53 fetching corpus: 4871, signal 194680/239489 (executing program) 2022/10/01 16:28:56 starting 8 fuzzer processes 16:28:56 executing program 0: lstat(&(0x7f0000000140)='./file0\x00', &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) mount$9p_virtio(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', &(0x7f0000000080), 0x19c43c, &(0x7f0000000200)={'trans=virtio,', {[{@cache_none}, {@cachetag}], [{@dont_hash}, {@fowner_lt={'fowner<', r0}}, {@mask={'mask', 0x3d, 'MAY_WRITE'}}, {@smackfshat={'smackfshat', 0x3d, '-#/{!-%'}}]}}) quotactl(0xc68b, &(0x7f0000000280)='./file0/file0\x00', r0, &(0x7f00000002c0)="08693edd421f0253f10cedc83c161d3e97921777d861634c687660854a2c502a9a67148c1e6312a008b8f7fad5d9dd156032e237b9bb7f076fe0dff0b3ea055d0cb60158a59f1e3c6b4a93a6061883480bd322f8d414360af5b3abab2a8b4bc62452898016cd6bd7d0c5469992bfb4558cf625d103") getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000380)={0x0, 0x0, 0x0}, &(0x7f00000003c0)=0xc) lchown(&(0x7f0000000340)='./file0\x00', r2, r1) fsconfig$FSCONFIG_SET_PATH(0xffffffffffffffff, 0x3, &(0x7f0000000400)='cache=none', &(0x7f0000000440)='./file0/file0\x00', 0xffffffffffffff9c) recvmsg$unix(0xffffffffffffffff, &(0x7f0000001840)={&(0x7f0000000480), 0x6e, &(0x7f0000001780)=[{&(0x7f0000000500)=""/127, 0x7f}, {&(0x7f0000000580)=""/4096, 0x1000}, {&(0x7f0000001580)=""/211, 0xd3}, {&(0x7f0000001680)=""/2, 0x2}, {&(0x7f00000016c0)=""/160, 0xa0}], 0x5, &(0x7f0000001800)}, 0x2000) recvmsg$unix(0xffffffffffffffff, &(0x7f0000002100)={&(0x7f0000001900)=@abs, 0x6e, &(0x7f0000001f40)=[{&(0x7f0000001980)=""/221, 0xdd}, {&(0x7f0000001a80)=""/91, 0x5b}, {&(0x7f0000001b00)=""/187, 0xbb}, {&(0x7f0000001bc0)=""/62, 0x3e}, {&(0x7f0000001c00)=""/247, 0xf7}, {&(0x7f0000001d00)=""/22, 0x16}, {&(0x7f0000001d40)=""/50, 0x32}, {&(0x7f0000001d80)=""/78, 0x4e}, {&(0x7f0000001e00)=""/132, 0x84}, {&(0x7f0000001ec0)=""/81, 0x51}], 0xa, &(0x7f0000002000)=[@cred={{0x1c}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c, 0x1, 0x2, {0x0}}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0x0, 0x0}}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x34, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}], 0x100}, 0x0) getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000002140)={{{@in=@loopback, @in=@multicast1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@private}, 0x0, @in6=@private2}}, &(0x7f0000002240)=0xe8) recvmmsg$unix(0xffffffffffffffff, &(0x7f0000009f40)=[{{&(0x7f0000002280)=@abs, 0x6e, &(0x7f0000002380)=[{&(0x7f0000002300)=""/88, 0x58}], 0x1, &(0x7f00000023c0)=[@cred={{0x1c}}], 0x20}}, {{&(0x7f0000002400), 0x6e, &(0x7f0000002580)=[{&(0x7f0000002480)=""/228, 0xe4}], 0x1, &(0x7f00000025c0)=[@rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c, 0x1, 0x2, {0x0}}}, @cred={{0x1c}}], 0xc0}}, {{0x0, 0x0, &(0x7f0000002780)=[{&(0x7f0000002680)=""/247, 0xf7}], 0x1}}, {{&(0x7f00000027c0)=@abs, 0x6e, &(0x7f0000003c80)=[{&(0x7f0000002840)=""/225, 0xe1}, {&(0x7f0000002940)=""/4096, 0x1000}, {&(0x7f0000003940)=""/172, 0xac}, {&(0x7f0000003a00)}, {&(0x7f0000003a40)=""/108, 0x6c}, {&(0x7f0000003ac0)=""/189, 0xbd}, {&(0x7f0000003b80)=""/187, 0xbb}, {&(0x7f0000003c40)=""/7, 0x7}], 0x8, &(0x7f0000003d00)=[@cred={{0x1c}}, @rights={{0x38, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0x58}}, {{&(0x7f0000003d80), 0x6e, &(0x7f0000005000)=[{&(0x7f0000003e00)=""/122, 0x7a}, {&(0x7f0000003e80)=""/4096, 0x1000}, {&(0x7f0000004e80)=""/218, 0xda}, {&(0x7f0000004f80)=""/74, 0x4a}], 0x4, &(0x7f0000005040)=[@cred={{0x1c}}, @rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x38, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}], 0x178}}, {{&(0x7f00000051c0)=@abs, 0x6e, &(0x7f0000006700)=[{&(0x7f0000005240)=""/4096, 0x1000}, {&(0x7f0000006240)=""/218, 0xda}, {&(0x7f0000006340)=""/227, 0xe3}, {&(0x7f0000006440)=""/101, 0x65}, {&(0x7f00000064c0)=""/83, 0x53}, {&(0x7f0000006540)=""/79, 0x4f}, {&(0x7f00000065c0)=""/171, 0xab}, {&(0x7f0000006680)}, {&(0x7f00000066c0)}], 0x9, &(0x7f00000067c0)=[@rights={{0x34, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c, 0x1, 0x2, {0x0}}}, @cred={{0x1c}}, @cred={{0x1c}}], 0x98}}, {{&(0x7f0000006880), 0x6e, &(0x7f0000009b80)=[{&(0x7f0000006900)=""/59, 0x3b}, {&(0x7f0000006940)=""/235, 0xeb}, {&(0x7f0000006a40)=""/91, 0x5b}, {&(0x7f0000006ac0)=""/4096, 0x1000}, {&(0x7f0000007ac0)=""/160, 0xa0}, {&(0x7f0000007b80)=""/4096, 0x1000}, {&(0x7f0000008b80)=""/4096, 0x1000}], 0x7, &(0x7f0000009c00)=[@cred={{0x1c}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0x0}}}], 0x40}}, {{&(0x7f0000009c40), 0x6e, &(0x7f0000009f00)=[{&(0x7f0000009cc0)=""/74, 0x4a}, {&(0x7f0000009d40)=""/253, 0xfd}, {&(0x7f0000009e40)=""/20, 0x14}, {&(0x7f0000009e80)=""/68, 0x44}], 0x4}}], 0x8, 0x40012002, &(0x7f000000a140)={0x77359400}) mount$tmpfs(0x0, &(0x7f0000001880)='./file0\x00', &(0x7f00000018c0), 0x80, &(0x7f000000a180)={[{@nr_blocks={'nr_blocks', 0x3d, [0x25, 0x25, 0x33, 0x65, 0x34, 0x6d, 0x34]}}, {@gid={'gid', 0x3d, r5}}, {@gid={'gid', 0x3d, r3}}, {@huge_always}, {@gid={'gid', 0x3d, r3}}, {@uid={'uid', 0x3d, r2}}, {@nr_blocks={'nr_blocks', 0x3d, [0x6d, 0x33, 0x78, 0x2d, 0x37, 0x38, 0x67, 0x35, 0x70]}}, {@huge_within_size}, {@huge_within_size}, {@gid={'gid', 0x3d, r3}}], [{@fsmagic={'fsmagic', 0x3d, 0xf4}}, {@mask={'mask', 0x3d, '^MAY_APPEND'}}, {@dont_measure}, {@fowner_lt={'fowner<', r7}}, {@audit}, {@fowner_lt={'fowner<', r12}}, {@seclabel}]}) clone3(&(0x7f000000a540)={0x20800000, &(0x7f000000a300), &(0x7f000000a340), &(0x7f000000a380), {0x15}, &(0x7f000000a3c0)=""/75, 0x4b, &(0x7f000000a440)=""/144, &(0x7f000000a500)=[r11, r8, r4], 0x3, {r6}}, 0x58) mount_setattr(0xffffffffffffffff, &(0x7f000000a5c0)='./file0/file0\x00', 0x800, &(0x7f000000a600)={0x800f0, 0x1, 0x100000, {r9}}, 0x20) syz_mount_image$vfat(&(0x7f000000a640), &(0x7f000000a680)='./file0/../file0\x00', 0xfffffffffffff80c, 0x1, &(0x7f000000a740)=[{&(0x7f000000a6c0)="3319ffecb6b92ec07811ddc54681aa90155a505c33ef440e13a909fd4343b8b38eefd4148584a2af5faac143a36d84637ee2550036ab1480bc1249ab3b31f549c2", 0x41, 0x4}], 0x2000, &(0x7f000000a780)={[{@shortname_lower}, {@fat=@dmask={'dmask', 0x3d, 0x400000000000}}, {@utf8}], [{@subj_role={'subj_role', 0x3d, '*['}}, {@obj_role={'obj_role', 0x3d, 'cachetag'}}, {@obj_type={'obj_type', 0x3d, '[%('}}, {@func={'func', 0x3d, 'KEXEC_INITRAMFS_CHECK'}}, {@fscontext={'fscontext', 0x3d, 'unconfined_u'}}, {@func={'func', 0x3d, 'KEXEC_KERNEL_CHECK'}}, {@fsmagic={'fsmagic', 0x3d, 0xfff}}]}) ioctl$NS_GET_OWNER_UID(r10, 0xb704, &(0x7f000000a8c0)=0x0) stat(&(0x7f000000ad80)='./file0\x00', &(0x7f000000adc0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) lchown(&(0x7f000000a880)='./file0/../file0\x00', r13, r14) openat2$dir(0xffffffffffffff9c, &(0x7f000000ae40)='./file0/file0\x00', &(0x7f000000ae80)={0x6840c0, 0x0, 0xc}, 0x18) r15 = openat$zero(0xffffffffffffff9c, &(0x7f000000aec0), 0x0, 0x0) setsockopt$inet6_IPV6_RTHDRDSTOPTS(r15, 0x29, 0x37, &(0x7f000000af00)={0x11, 0x2b, '\x00', [@hao={0xc9, 0x10, @private1}, @enc_lim={0x4, 0x1, 0x81}, @generic={0x1f, 0xce, "311efdf591e048162a65141abd0a86f17d096d45347d21fc74de9162a7ecd8424223d7f00eea2525c4f3a4efd1fb42c18c902072c2dff8883654da904b2f656a86347c6aa19ade00c5b9d4f8a2538f957018473744b1f90243f1586a45aa2990bb18c068e9cc886a1bdc2f838cf3a8cc1599d862dd6a1a796b6c0bad49982a8492ace0f16aca6d976cacf140cb095e491edb95690c10880ca3457257302b5c6ffe3730431d54b9106a3abf1035d0e6e3aab271999f489b618f354daca6f5cdac158377ea13d98389a66b3574c68b"}, @generic={0x5, 0x1a, "fc38dbe731c2909f3d901df86e604c957336bf8932406491f516"}, @calipso={0x7, 0x10, {0x0, 0x2, 0x9a, 0x1000, [0x8]}}, @hao={0xc9, 0x10, @rand_addr=' \x01\x00'}, @pad1, @enc_lim={0x4, 0x1, 0x14}, @generic={0x80, 0x2b, "11e9f9ffabcfbcf56fe3083577332524cceb6416750f42027f758d1c66f70da3db88b4718104a2fe380960"}, @ra={0x5, 0x2, 0x6}]}, 0x168) 16:28:56 executing program 1: modify_ldt$write(0x1, &(0x7f0000000000)={0xa, 0xffffffffffffffff, 0xffffffffffffffff, 0x1, 0x2, 0x1, 0x0, 0x0, 0x0, 0x1}, 0x10) modify_ldt$write(0x1, &(0x7f0000000040)={0x0, 0xffffffffffffffff, 0x0, 0x0, 0x2, 0x1, 0x1}, 0x10) modify_ldt$write(0x1, &(0x7f0000000080)={0x6a2, 0x0, 0x1000, 0x1, 0x3, 0x1, 0x1, 0x0, 0x1}, 0x10) set_thread_area(&(0x7f00000000c0)={0x3f, 0x100000, 0x0, 0x1, 0x3, 0x0, 0x1, 0x1, 0x0, 0x1}) modify_ldt$write(0x1, &(0x7f0000000100)={0x8, 0x100000, 0x0, 0x1, 0x2, 0x0, 0x0, 0x1, 0x1}, 0x10) set_thread_area(&(0x7f0000000140)={0x8, 0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x3, 0x0, 0x1, 0x0, 0x1}) get_thread_area(&(0x7f0000000180)={0x10000, 0x20001000, 0x2000, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1}) modify_ldt$write(0x1, &(0x7f00000001c0)={0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x1}, 0x10) modify_ldt$write(0x1, &(0x7f0000000200)={0x9, 0x20000800, 0xffffffffffffffff, 0x0, 0x3, 0x1, 0x0, 0x1, 0x1, 0x1}, 0x10) modify_ldt$write(0x1, &(0x7f0000000240)={0x51, 0x20000800, 0x400, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1}, 0x10) modify_ldt$write(0x1, &(0x7f0000000280)={0x1aae1736, 0x0, 0x1000, 0x1, 0x0, 0x1}, 0x10) modify_ldt$write2(0x11, &(0x7f00000002c0)={0x80b7, 0x20000800, 0x0, 0x1, 0x2, 0x0, 0x1, 0x0, 0x1, 0x1}, 0x10) modify_ldt$write(0x1, &(0x7f0000000300)={0xffffffff, 0x100000, 0xffffffffffffffff, 0x1, 0x3, 0x1}, 0x10) modify_ldt$write(0x1, &(0x7f0000000340)={0x4, 0x0, 0x2000, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1}, 0x10) modify_ldt$write(0x1, &(0x7f0000000380)={0x2, 0x100000, 0x2400, 0x1, 0x3, 0x1, 0x0, 0x0, 0x1}, 0x10) modify_ldt$write(0x1, &(0x7f00000003c0)={0x5, 0xffffffffffffffff, 0x1000, 0x1, 0x3, 0x1, 0x0, 0x0, 0x1, 0x1}, 0x10) modify_ldt$write2(0x11, &(0x7f0000000400)={0x100, 0x1000, 0x2000, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1}, 0x10) getresuid(&(0x7f0000000440), &(0x7f0000000480), &(0x7f00000004c0)) modify_ldt$write(0x1, &(0x7f0000000500)={0xfa, 0xffffffffffffffff, 0xfffffffffffffbff, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1}, 0x10) modify_ldt$write(0x1, &(0x7f0000000540)={0x7, 0x1000, 0x400, 0x1, 0x0, 0x0, 0x0, 0x1}, 0x10) 16:28:56 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_MSG_GETGEN(r0, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x14, 0x10, 0xa, 0x301, 0x0, 0x0, {0xa, 0x0, 0xa}, ["", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x20044090}, 0x40000) sendmsg$NL80211_CMD_STOP_P2P_DEVICE(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x14, 0x0, 0x4, 0x70bd2a, 0x25dfdbff, {{}, {@void, @void}}, ["", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0xc800}, 0x4) sendmsg$IPCTNL_MSG_CT_GET_STATS_CPU(r0, &(0x7f00000002c0)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000280)={&(0x7f0000000240)={0x14, 0x4, 0x1, 0x5, 0x0, 0x0, {0x3, 0x0, 0x3}, ["", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x20000000}, 0x40000c4) sendmsg$IPCTNL_MSG_CT_GET_CTRZERO(r0, &(0x7f0000000580)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000540)={&(0x7f0000000340)={0x1cc, 0x3, 0x1, 0x301, 0x0, 0x0, {0x2, 0x0, 0x3}, [@CTA_NAT_SRC={0x8c, 0x6, 0x0, 0x1, [@CTA_NAT_V6_MAXIP={0x14, 0x5, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}, @CTA_NAT_PROTO={0x1c, 0x3, 0x0, 0x1, [@CTA_PROTONAT_PORT_MIN={0x6, 0x1, 0x4e21}, @CTA_PROTONAT_PORT_MIN={0x6, 0x1, 0x4e23}, @CTA_PROTONAT_PORT_MAX={0x6, 0x2, 0x4e24}]}, @CTA_NAT_PROTO={0x14, 0x3, 0x0, 0x1, [@CTA_PROTONAT_PORT_MAX={0x6, 0x2, 0x4e24}, @CTA_PROTONAT_PORT_MAX={0x6, 0x2, 0x4e24}]}, @CTA_NAT_V4_MAXIP={0x8, 0x2, @multicast2}, @CTA_NAT_PROTO={0x3c, 0x3, 0x0, 0x1, [@CTA_PROTONAT_PORT_MIN={0x6, 0x1, 0x4e21}, @CTA_PROTONAT_PORT_MIN={0x6, 0x1, 0x4e21}, @CTA_PROTONAT_PORT_MAX={0x6, 0x2, 0x4e22}, @CTA_PROTONAT_PORT_MAX={0x6, 0x2, 0x4e23}, @CTA_PROTONAT_PORT_MAX={0x6, 0x2, 0x4e24}, @CTA_PROTONAT_PORT_MAX={0x6, 0x2, 0x4e22}, @CTA_PROTONAT_PORT_MIN={0x6, 0x1, 0x4e24}]}]}, @CTA_TUPLE_MASTER={0x3c, 0xe, 0x0, 0x1, [@CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @private2}, {0x14, 0x4, @ipv4={'\x00', '\xff\xff', @remote}}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x6}}]}, @CTA_LABELS_MASK={0x1c, 0x17, [0x0, 0x3f, 0x2, 0xff, 0x3104, 0xa89e]}, @CTA_TUPLE_MASTER={0x54, 0xe, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x88}}, @CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x3}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x6}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x42}}, @CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @dev={0xac, 0x14, 0x14, 0x3c}}, {0x8, 0x2, @multicast2}}}, @CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x1}, @CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x4}]}, @CTA_TUPLE_REPLY={0x64, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @rand_addr=0x64010102}, {0x8, 0x2, @dev={0xac, 0x14, 0x14, 0x1f}}}}, @CTA_TUPLE_ZONE={0x6}, @CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x4}, @CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x1}, @CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x1}, @CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @rand_addr=' \x01\x00'}, {0x14, 0x4, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}}}]}, @CTA_ID={0x8, 0xc, 0x1, 0x0, 0x2}, @CTA_SEQ_ADJ_REPLY={0x14, 0x10, 0x0, 0x1, [@CTA_SEQADJ_OFFSET_AFTER={0x8}, @CTA_SEQADJ_OFFSET_BEFORE={0x8, 0x2, 0x1, 0x0, 0x6f4}]}]}, 0x1cc}, 0x1, 0x0, 0x0, 0x40800}, 0x20008805) sendmsg$NL80211_CMD_SET_MAC_ACL(0xffffffffffffffff, &(0x7f0000000700)={&(0x7f00000005c0)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f00000006c0)={&(0x7f0000000600)={0x98, 0x0, 0x1, 0x70bd2a, 0x25dfdbfc, {{}, {@void, @val={0xc, 0x99, {0x4, 0x8}}}}, [@NL80211_ATTR_MAC_ADDRS={0x4c, 0xa6, 0x0, 0x1, [{0xa, 0x6, @broadcast}, {0xa, 0x6, @device_b}, {0xa}, {0xa, 0x6, @device_b}, {0xa, 0x6, @device_b}, {0xa}]}, @NL80211_ATTR_ACL_POLICY={0x8, 0xa5, 0x1}, @NL80211_ATTR_MAC_ADDRS={0x1c, 0xa6, 0x0, 0x1, [{0xa, 0x6, @device_b}, {0xa, 0x6, @broadcast}]}, @NL80211_ATTR_ACL_POLICY={0x8, 0xa5, 0x3}]}, 0x98}, 0x1, 0x0, 0x0, 0x40}, 0x8844) sendmsg$TIPC_CMD_GET_NODES(0xffffffffffffffff, &(0x7f0000000800)={&(0x7f0000000740)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f00000007c0)={&(0x7f0000000780)={0x1c, 0x0, 0x4, 0x70bd2c, 0x25dfdbfb, {}, ["", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x801}, 0x1) sendmsg$IPCTNL_MSG_EXP_DELETE(r0, &(0x7f0000000900)={&(0x7f0000000840)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f00000008c0)={&(0x7f0000000880)={0x20, 0x2, 0x2, 0x101, 0x0, 0x0, {0x7, 0x0, 0x9}, [@CTA_EXPECT_FN={0xa, 0xb, 'Q.931\x00'}]}, 0x20}, 0x1, 0x0, 0x0, 0x80}, 0x844) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000980), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f00000009c0)={'wpan1\x00', 0x0}) sendmsg$NL802154_CMD_DEL_SEC_DEVKEY(0xffffffffffffffff, &(0x7f0000000b00)={&(0x7f0000000940)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000ac0)={&(0x7f0000000a00)={0xa8, r1, 0x2, 0x70bd25, 0x25dfdbff, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r2}, @NL802154_ATTR_SEC_DEVKEY={0x74, 0x24, 0x0, 0x1, [@NL802154_DEVKEY_ATTR_EXTENDED_ADDR={0xc, 0x2, {0xaaaaaaaaaaaa0302}}, @NL802154_DEVKEY_ATTR_EXTENDED_ADDR={0xc, 0x2, {0xaaaaaaaaaaaa0102}}, @NL802154_DEVKEY_ATTR_EXTENDED_ADDR={0xc}, @NL802154_DEVKEY_ATTR_ID={0x40, 0x3, 0x0, 0x1, [@NL802154_KEY_ID_ATTR_SOURCE_EXTENDED={0xc, 0x5, 0x20}, @NL802154_KEY_ID_ATTR_SOURCE_EXTENDED={0xc, 0x5, 0x16}, @NL802154_KEY_ID_ATTR_INDEX={0x5, 0x2, 0x1}, @NL802154_KEY_ID_ATTR_MODE={0x8, 0x1, 0x3}, @NL802154_KEY_ID_ATTR_SOURCE_SHORT={0x8, 0x4, 0x24}, @NL802154_KEY_ID_ATTR_SOURCE_EXTENDED={0xc, 0x5, 0x7fffffff}]}, @NL802154_DEVKEY_ATTR_EXTENDED_ADDR={0xc, 0x2, {0xaaaaaaaaaaaa0102}}]}, @NL802154_ATTR_WPAN_DEV={0xc}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0xb1ea468d786c19ab}]}, 0xa8}, 0x1, 0x0, 0x0, 0x40000}, 0x800) r3 = openat$sr(0xffffffffffffff9c, &(0x7f0000000b40), 0x400, 0x0) pipe(&(0x7f0000000bc0)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = openat$sr(0xffffffffffffff9c, &(0x7f0000000c00), 0x103400, 0x0) sendmsg$GTP_CMD_GETPDP(r3, &(0x7f0000000d00)={&(0x7f0000000b80)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000cc0)={&(0x7f0000000c40)={0x54, 0x0, 0x800, 0x70bd28, 0x25dfdbfe, {}, [@GTPA_NET_NS_FD={0x8, 0x7, r4}, @GTPA_PEER_ADDRESS={0x8, 0x4, @private=0xa010102}, @GTPA_NET_NS_FD={0x8}, @GTPA_VERSION={0x8, 0x2, 0x1}, @GTPA_O_TEI={0x8}, @GTPA_NET_NS_FD={0x8, 0x7, r5}, @GTPA_MS_ADDRESS={0x8, 0x5, @dev={0xac, 0x14, 0x14, 0x1f}}, @GTPA_VERSION={0x8}]}, 0x54}, 0x1, 0x0, 0x0, 0x4000000}, 0x8010) r6 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000d80), r3) sendmsg$ETHTOOL_MSG_PRIVFLAGS_SET(0xffffffffffffffff, &(0x7f0000000f00)={&(0x7f0000000d40)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000ec0)={&(0x7f0000000dc0)={0xd4, r6, 0x4, 0x70bd2a, 0x25dfdbfc, {}, [@ETHTOOL_A_PRIVFLAGS_FLAGS={0xc0, 0x2, 0x0, 0x1, [@ETHTOOL_A_BITSET_NOMASK={0x4}, @ETHTOOL_A_BITSET_VALUE={0xb3, 0x4, "23fdc725bf0a64e17ca7f4e63aa43430aec8dfb81ae784eab5964bd731e8571dc16ba3d787886416293d1a60f557a863f523dad6473f475be7874925d648f2ca893f7d210637750a38df2405cc0458f20024653d701d89786b75e6f4da62c5fae2e9fa656ec86a96cee1d0382553710f327653d85567a5d90f487c35cb2df17660d0fc0d176c74c8d79e1b926a51fbac998001309dac8f3ab0cd2aa7112bf97041e27401ac771d22869f6e5e4eeb1f"}, @ETHTOOL_A_BITSET_NOMASK={0x4}]}]}, 0xd4}, 0x1, 0x0, 0x0, 0x40089}, 0x4040) sendmsg$IPCTNL_MSG_CT_GET_CTRZERO(r4, &(0x7f0000001000)={&(0x7f0000000f40)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000fc0)={&(0x7f0000000f80)={0x1c, 0x3, 0x1, 0x201, 0x0, 0x0, {0x5, 0x0, 0x3}, [@CTA_MARK_MASK={0x8, 0x15, 0x1, 0x0, 0x1}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4000}, 0x4000010) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000001080)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_UPDATE_FT_IES(r5, &(0x7f00000011c0)={&(0x7f0000001040), 0xc, &(0x7f0000001180)={&(0x7f00000010c0)={0xa8, 0x0, 0x4, 0x70bd2c, 0x25dfdbfd, {{}, {@val={0x8, 0x3, r7}, @void}}, [@NL80211_ATTR_IE={0x8b, 0x2a, [@ibss={0x6, 0x2, 0x9}, @perr={0x84, 0x62, {0x6, 0x6, [@ext={{}, @device_a, 0x5, @device_a, 0x1d}, @ext={{}, @device_a, 0x1, @device_a, 0x3f}, @not_ext={{}, @broadcast, 0xf4, "", 0xb}, @ext={{}, @broadcast, 0xffffffff, @device_a, 0x21}, @not_ext={{}, @device_a, 0x80000000, "", 0x8}, @not_ext={{}, @device_a, 0x8, "", 0x19}]}}, @channel_switch={0x25, 0x3, {0x1, 0xd, 0x13}}, @mic={0x8c, 0x18, {0x621, "ad9caeff029d", @long="30a4238b883e93afb8387997b2bd7b32"}}]}]}, 0xa8}, 0x1, 0x0, 0x0, 0x2000}, 0x200000d1) [ 71.061134] audit: type=1400 audit(1664641736.095:6): avc: denied { execmem } for pid=285 comm="syz-executor.0" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1 16:28:56 executing program 3: r0 = syz_open_procfs$userns(0xffffffffffffffff, &(0x7f0000000000)) r1 = eventfd(0x9) ioctl$BTRFS_IOC_FS_INFO(r1, 0x8400941f, &(0x7f0000000040)) ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(0xffffffffffffffff, 0xc0189375, &(0x7f0000000440)={{0x1, 0x1, 0x18, r0}, './file0\x00'}) io_uring_register$IORING_REGISTER_EVENTFD(r2, 0x4, &(0x7f0000000480)=r1, 0x1) fcntl$setflags(0xffffffffffffffff, 0x2, 0x0) r3 = io_uring_register$IORING_REGISTER_PERSONALITY(r2, 0x9, 0x0, 0x0) io_uring_register$IORING_UNREGISTER_PERSONALITY(r2, 0xa, 0x0, r3) ioctl$LOOP_SET_FD(0xffffffffffffffff, 0x4c00, r0) r4 = fsmount(r2, 0x0, 0x80) perf_event_open$cgroup(&(0x7f0000000500)={0x3, 0x80, 0x7, 0x7f, 0x2, 0x11, 0x0, 0x20, 0x0, 0x6, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x7ddf44291849a91e, @perf_bp={&(0x7f00000004c0), 0x7}, 0x40461, 0xfff, 0xa4, 0x8, 0x7, 0x4, 0x28e5, 0x0, 0x9}, r4, 0x5, r2, 0x0) ioctl$BTRFS_IOC_QUOTA_RESCAN(r1, 0x4040942c, &(0x7f0000000580)={0x0, 0x1000, [0x2, 0x8e, 0x19, 0x4, 0x81, 0x7]}) execveat(r2, &(0x7f00000005c0)='./file0\x00', &(0x7f0000000740)=[&(0x7f0000000600)=')\x00', &(0x7f0000000640)='ns/user\x00', &(0x7f0000000680)='(:)\x00', &(0x7f00000006c0)='#\x00', &(0x7f0000000700)='\xf1\x00'], &(0x7f0000000980)=[&(0x7f0000000780)='\x00', &(0x7f00000007c0)='ns/user\x00', &(0x7f0000000800)='ns/user\x00', &(0x7f0000000840)='.{\xce^-*(+\'\'{^#)#-{/$\x00', &(0x7f0000000880)='/\x00', &(0x7f00000008c0)='\x00', &(0x7f0000000900)='ns/user\x00', &(0x7f0000000940)='}#\x00'], 0x400) r5 = syz_mount_image$vfat(&(0x7f00000009c0), &(0x7f0000000a00)='./file0\x00', 0x10001, 0x5, &(0x7f0000001d80)=[{&(0x7f0000000a40)="21c3faa229baaf66a02c0b224160e54b481f8f9f24e5796814fbd55f87a78136be9844aae2da2e8a5707d2acbc89438e4c8a9e913733db15d1c30545bde7c1d68bbe2a377f32bf7852331cb3168c83d338ddef6c3c2c51d924733b9f7f19759e8ccb3696d7c663a7487d80f03b05926ac0ef3c4f2f97811b48f6b0611b3fc3b1195f82b931faca126abac385c1f000d4d35ae3127ff25da5fbed57f0a2b6cbfe1e9ffad676d7e411b96ed3650c83e006c8044bf8fb16e31c0f8c849ef38ef6847ff67a3f0ca72ffa27c0eeb641cebe227806eba0cc293784f75a6b03301f92efc3d973dd35fffedca660a1ead90fbdae629205d924be36453ae8f75b0931", 0xfe, 0x3}, {&(0x7f0000000b40)="d1bbf4ce0a2fec482ee65ce798631e1468f1290502fbf02923fe86a5ce17f96f143487f1c0967094f03f59cec19adb1e7196b56fb1526bfd10872d3b78e75655a53b8a21a6dfeaa411be44410334f4d7e33d4bb9e71a1fc7dda941b9f46915cd15cefb2a1e820baa22628a592629cbb272af2819275641a16d19baf100a0394347dfb235e8bce202aeac49c33066635cb0fbf455d501868cb3efd5f0e2c56af1885e70592ec2c4f2ec9574", 0xab, 0xfff}, {&(0x7f0000000c00)="3c145beba28d31dc3d5436f7751589287eb7d04b9a2e44fa64ee99daae612e8168e8444943a8221380bb90b2665e7ed8f72524a8d369db1b6a223865bfe619e775a67934fd38924733cece396bb16ae0e091578d54d2095c1302c479f687a7d44b94cc5847e57a14643fbe070db86c", 0x6f, 0x5}, {&(0x7f0000000c80)="ed1ce9053359379856002fed5b6e3865b6662fbdc19bac7b50eecdd634009be636128907646bc1c37a6c0a5fc027fa0fe0073ba65daf864ade78c50a5b7fac28f26149938efa467de3f6007e09b32c5821239dd10ca6e1fd062febd412cae5fb65448f92d86d1e5cb0763b2d79c9c4843707ee68e5951b284e2772881713108628b2df4f0296426182e495cd41de688b2240314f0bae8f21e85aef2d50617d0c4d21188d83ce79905d80d9e0d30f0e4b48a47c1d1f94a4c0cce845eda93549187b7cf7933a83100c5a6c2fe8c7db73d2877b1641980f49d0a087bbdbb3fc14040197932bcae51c87c0f6657e85e583d852ffd6530e6ca9f1ae67c301d69a166a5e8000040be73f91b0c75e553a420ce551c78fc63b3257133fb7a119c76b2ce7c7496c09e17fd1f1b539e628df66939b684ef552b33626b591849cf7a7ef0d57f7796b5abac6a1b04fe173b5347f7e32cec1794303a22fce6fa38d7013faf28627e3bd78ef7d3d966db78156d122511237dd2ce6e77da8a87d575526d18a8808c63b3ce33fc8d267e13542924ff5bc51401c1cf41c17643e8ba066a0786441f3e44869fd017e5db73a0fb030cfbd7a38fd4ec152d0caad2bc6453dbbe381bc570f790adf7acf909816a1eacb795d241e085e426184c2e18165892ff4dbb471e8cd40affd6d12af263fdc9c17c7558a46e03febca2340faa6af3fae35c91f14c8d2b6ed702dbdced7731650084b1943397dde3c90b77146bd6aa8ec83fe0eace800bce9c82bfa1970fbb45e1b4ec4a4be2ffb173b424c313cd295ca3eb634399cf77c50b9cca9bdcd8add19684fefd5886c5cb82a62c77f0da3a2eb9630290c6b4fb7c6ad9c3a3b86ce9f91e9df4c5fa9ed56a07e149bf98d853a8eb6566c098825c1e59151a941221488b7164ecc9a681002e29992c613b1dfa6409d12fb1dafb38aafabef639548358b1f7053a5bd6316821976a3e27c64e626e3c2fbb4b9df7c8de099bfee275ea20273b685a706f35ffee1ef7596f7dec0892902de89e44cd1e8ae44f7c7246365fa5770d243409328fe8fbbacfc3498802f0aec784562d867f9cc6e989cd1582788208145d76b5c6c4fd40c05d27e9ac0b804f93d9432bfb574717613c87da02a9990b45e72e0336416fd82d875cbb9f8b690111863c9a656c227e2205fd4f13238144f243a0d8b9ccecf5f25759a6c354ddff003655933096c60c311a1592fd502f726d83d0e5e33df7d02dff34e7a3d70b858550c3327f2595f82fee58dafc66b636e1dea0771d71a1498c7785ed2a7b07f5e055c2492e17c5c9c6033766292535c741c902eec702dcdb34e1e3104ebc2fc326a462ce446d4fb09f3e179e91c687cb5e54dc7f1bda973c8176896a4b5f72844410db0cd2f9be221b848fdd914021c79f79bdb2468eeddca5c5c05af04cc9bd0d4133625dc91fc913909b36fa73160d9aaf27d6027294c9c3946c8979e64440303022f7ad5772f4edc956b943bab837d5662b33a1df8d6f639f549e329598d6b68cf5aae7413146a95889c0b9694cd5767a2a9aae6418c4a221b058331e16edd6f3802e042893ffc1cf34d0d8285562a0a469ed71245fd1835575fc3d7c185f63484260f1a1ca7a9fdf864492f9c8b071cf9ca63220a94a2cf2f22604591a91aa25686ffed27d4e0428546e8b0c019cf4edae490ee9aa6be64df411a057dea8c9e29fc7ea337da69ee89a5ffa37cabdc7ec9ef193ae6520fa5ec6efe24aa1fd322eed6ecb3a23ac471588aab2d6c0d7611db76c1cf113575e8cbf9dd8054a02e75154a8fae1899cc2ef1a43b3b243cef7592764da7f608a074b66e9a958bf35c8d64d2faed08c20c8b60a46a9a111bcaab0af58e79b767a4e5d4732b1e65ae62073aae8423cb3dcdbd5d59aede80ca60afa96382ad04cfc066c9201d3ba080469dc97b10a4b2b025e7f3742d0c5163b4b5da946f2f169644cf9a8d0ec6877f93bf3c05544c84bc11e0b3f8895d6876e46815b88a25179f7f1fc8b15d00bfada36ae6a0212649ecb501a321549959e1cd54afe222cdbc87fa56dcf17b368fb01c35a80eeefd4e5db85fbd0f161cfda3c2caac87305d2139b95d3c04e36f5cd400e8b2f0e2729a6851f5339b356988183cbd2a60ad07c73b023cd02b325cadcb13d2356d583d2bad95a85f2e8c30dcc8bdbfa402bbbc7bcce7eb5ff690fd3856a635a176bd21a3fffb81eda08a021240d9a9545590a460d0da7422055a62c2565cd75bd7252a5bd920ede3ad872e3bdea6fee35f17730096992ac30d5d7a79509f74e5ce3f14a99509c91a39c84e9b792a391a29a239f04fea6baf8b1291515466b6e4546ae65e6572d93a2fc9ba4a05d6f57277234c227af606299721e3ead4deb4c2c42d9e39823408bbd447f1cd17144613918662b2930fd00727533607365006578f24ac0cb9a3eea4ea74018cbaba63d37f2034fa679310be81e6d8a2f3d847f0bba14c05ca36b2c286337ffb63f1fab31613ed073d38811794e0c613a2bb9344294dd5dba87d8782b8dbf2767c1aeeb7c65cf2e4ea1275ea7934091a6966e6bc22a5f297e5bb71905f990da915d57025bbb1a374b3a5e8efebc43521e563c880400933de254232ffcd33c76f3967384e1ca7365fd0c1ece6c02ddcce6954bc49720e300ccdc48bcffe4982b768c631eb3276351c4909bf37b4ce5342f7068f0b1516aafcfcda4a101a2524ac1bff71ac73ce224e034b474d664e2e68ac0c11a4f79aef8af038545fd875a2ae4b8387174471316df9e9fe28d90fe77113b4dec224353813d77a02443434a499bbeb2a9bc6bf3b4351893d7cb2b1fb812079f76928cca4f00b47460848de4f4e875bee007ae1b9ec85e9ff641f86f32d9fcdd89ad43c5cdabc3fdba26c2d3aa7e1f76b7667f70a5cd6ff5979feef6ba393b1c2fca6c3ab4f9c4ad084019631addd33136eec7fc62c5143f87574cef5e2aafd8861072d4c0cc5a8d88425554d4d5ea38d282d48d16ee062125e312ae092830c9da6a65ad3e4f579211a72f10aa48b29f8be042f8afcf4b824815ffc82d85e9e68a7a853193517caf75fc2b7e0941ca15be59cb9777bd771fc506a7ce87a08f35b49d19d29fb6ef02ef5d494890d0eaaef71bc6a9b85231afb62bd52eef24dbf685657591ac776c30337f028aa619c4dcf07645e2688fd432a8e57c685f90071d07f05ad1ea1b52ac36d456dfb005815ec6e8d75ee1fe71271dd292cc9232d3c1eb22e181b3b208da5d3ab10540a41e6e1692137eeefe98d4603f6a23470f7e74efa9b1404c4ffc4a344ed007c265ef685421ddabe12e3ad08516bda3925862523cf103985916203057ea9f3ca59d3a4b19e74f535894446c06d65eb69ef09f2e8b776022379eb68e4cb3924a05cac71c36302983ebdf66a649a4f7c0c730b72e61a63f6c76fb86649831a6ca597aecfc323594bc7ccdb00bae224f7d8c6f7e4219beecf989cbd0a70ca8332eb22e2404177f007fdfabd5ad7ee22b163f361caf3627fec77684aaee9faab3f0a57b97faa9bcc8d7564d135fbb806446aa2672b58e51d0f5b2262485444b37b72a1f9711d434d27fc21ecfd7729bb74d5a70d69bae4087cffdf573b714953ccda14a6b55462235f8515241fb57ee3938268bf1fa8059f594ac66aecd27b379a3cf05c228215bad657554d3d4056f5e9819ca05560ae0ec2cac95a2ab55130ba28c18074269db1c9250a7b626724059c206927ac3f86dad0cff1c820e92c9a9f934ae6746850ae805ef97945e1e3bba5c7340d6f6d6927ade8db07c7ee6531802ae9a71fe1d29a2a2218b2b0dcbd52104f4f953630cb51a5588d75b384df3871453769850c4fe4bf3d79fed068a1f463c46f2e80e7e7d2c3ebf373df754adf2d55ef1c5a89f89209e96b216e3049f72e1768f6212652efe6c38d2ec894bd6fe6d98644c211f59f958a32935e99bec09cf67b9555baeee177236a121af24cbe4482e452fddb764ea30223fa539d2e9c42bf27d40f0cabbb3e27fbd82856a6a68ef41fb58e270c63c5e2480a957a2941bd943c612da188c2d8780d8010ab85c3f1e9d9b28cc3ed23fde1b2dccb08df7efade56fd9e2654b6cc0546972036133559a7624f081660bdc9c0b87e0f23dfcfcf108b32356f0364b3455ebe1d8acfe337cb262b93b18b44e5bfcb8810195a3f6ba5b00fcaeef10c1fbc851cb82e85b11c6a23f447d5a5c0862e9cd43521e9cba1614e29523c8251073928e2e39ca1c595c071e0f2e3e97f1080e25dd77ac4c7eba161610274edee5979a1d26af24ab69cc6c637ba44809eb6b29e8de9abb9b548acd06b665effc43731483c04291cf0acbed8bcd6ccabf6df71e1c5ea0915fd2137e3ae46605a63c50c4cd2e44e496da69a78a77eaad83931a2f831d4e05dea11315c4b0e73451bbfe844905eda2ea5b45f8ead7f71efb0befa640af73a66fa9998f7436c70cc6a23dc39ed4d145bab580e840c51014ab43ce12a664d9f19a7b8c26681f70db5ba08902ba5508a5a7a0bbf6dadb54a29dabb08929cfe7380b865d36b7b8b41bf4d0faf19f53d624914682c262535689fbb322a37e884dd3422d18691cf33cdaf769077f7bcbe62bb885eec48c292a2eb03b001b36dc4c657478dc9cde04e5c0a9667ec88aa4c3dab45f2d5488142d50f1811722c52ae28445b05ec5cfd68859525f644275211c9e32afa7f165677b542bf01b12f19a4a51e80b51cec58a3be9e6ee2d2e5c13a35e9425310543d383ef2644d312dbb022d4577850f9099cdd19abefcbed1c0c6915043c398751e5c0312daa6f17ca3291d9aca9b30f4e3686e5267d4290d7ffc44f8aa7c7debf41fe3bf706c47d68c8a7bb09d6a80e39418fdbd88db38b953bdf346a79bd778f5a904717b9c509ac0207acc180f48219a4f3e0d0153c889a347843771a23f85f83f7964bd2ec18be5fd1de044f2bf2ac54c8a1f6cc079c2581e98138eca33d599e5948a793649f606df9e328a98e91f7d3296069f480fc0d0f893aa8e12b3f46192d9a0f056337498c3a67c17eba2e5136f34e22ed4968fe58034d961c528e1a3d20e461b5393185d73fb94848b49a96892fa074af92a9312b5466bb44027fcdf3c8d3eafefc42fbd3bfffcd5e3b57256b2252d4cdeee0497ad4de3e23e4b474ade4e7050719a4cbb6c7f4798f09403db7d5cc74a0bef2d80cc460e478974eccbb0136431d8b6eef78911411ae2602c31547a46857cb819bbdad4e95737e227623ff136ef2bd3698d331ade58d8f8238669ee203064e0e1f99a4f1f80779df5a00b3feeccfcb7d380dead7ed10a9983f2690be3889967aed8f958c8385277cb7bc7963e5b4debdf0ff8373fcb5030b5cca79b4e930962ee46913a193d490597d4c75b71c2a7dbabbe44784c0f617e2f80a25126af9f7028b2fa0dbbe44412c81b7c0fef14590c7e13c2b556aae756f714708284d7934b4fd6bf2e83f371d30c3c0b7efeb84cac9857d90c8df97d0e084b3b4723a69b776e7cfae745eeab2c36b42cc13d3ebe0b40b2c0f1a8e9ce9a49b0d07373669598ec5e844faa421806ea7b91c01bc9fb3b08d226eac6c46375cc90894f814703be77292d7253952a369e647046de94b7a9731be81f4c6e67c77cf533d9af32adfc942f1f845da2f14e177f897cc8c622e0840b16351abab16c815e0f5ea6c3f50937cfc4d658fb4ef58ea2d5287b50cf70f43954aaf632b8360ce478851e1993073e9c033fdfdba3c8265ed11916ebe4a4230fc05d5328856aa0e713d55dc48a", 0x1000, 0x10000}, {&(0x7f0000001c80)="766efa070f55702a5526cfda51aea46ed814a59b7cb08d1b659dabd54320debcf0dda9fbfbbb2089512f74f1b91cdc90513ed3111d46c70c7c90eb839a9fac726f9a24db377ad9100f322377fe3091903fa6e90ef011d54df0c1e699526e11af3d1bbe178fc7f9adf65f5918d4358bc26f7d76990b14f48f4ebd18929e07eb6055091dc8fe700b337bb2282947374a9c8d50899e93bd82bb412069cc018abaae125a43a32a20cdf9b700af671c4e36f52a94db51c6d3b650615052257da32e9e37317174907f79e401c0e106f13a5b7b27e21c1cadf708e92bce0e3d022e15df984bd5af7449ed", 0xe7, 0x8}], 0x4, &(0x7f0000001e00)={[{@shortname_mixed}, {@rodir}, {@rodir}, {@uni_xlate}], [{@euid_eq={'euid', 0x3d, 0xffffffffffffffff}}, {@euid_gt={'euid>', 0xee01}}, {@uid_gt={'uid>', 0xffffffffffffffff}}, {@pcr={'pcr', 0x3d, 0x2}}, {@smackfshat={'smackfshat', 0x3d, ']:@'}}, {@obj_type={'obj_type', 0x3d, '\x00'}}, {@fowner_eq={'fowner', 0x3d, 0xee01}}]}) ioctl$INCFS_IOC_READ_FILE_SIGNATURE(r5, 0x8010671f, &(0x7f0000001f40)={&(0x7f0000001f00)=""/34, 0x22}) syz_io_uring_setup(0x47aa, &(0x7f0000001f80)={0x0, 0x3c40, 0x0, 0x0, 0x2c9, 0x0, r2}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000002000), &(0x7f0000002040)) r6 = openat(r2, &(0x7f0000002080)='./file0\x00', 0x80, 0x190) mmap$perf(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0, 0x13, r6, 0x7) open(&(0x7f00000020c0)='./file0\x00', 0x40, 0x3) ioctl$BTRFS_IOC_FS_INFO(0xffffffffffffffff, 0x8400941f, &(0x7f0000002100)) 16:28:56 executing program 4: ioctl$PIO_UNIMAP(0xffffffffffffffff, 0x4b67, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x4, 0x40}]}) r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) recvmsg$unix(0xffffffffffffffff, &(0x7f0000000400)={&(0x7f0000000080)=@abs, 0x6e, &(0x7f00000002c0)=[{&(0x7f0000000100)=""/245, 0xf5}, {&(0x7f0000000200)=""/40, 0x28}, {&(0x7f0000000240)=""/17, 0x11}, {&(0x7f0000000280)=""/33, 0x21}], 0x4, &(0x7f0000000300)=[@rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c, 0x1, 0x2, {0x0}}}, @rights={{0x20, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x2c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0xe8}, 0x10000) ppoll(&(0x7f0000000440)=[{r0, 0x2002}, {0xffffffffffffffff, 0x4}, {r7}, {0xffffffffffffffff, 0x4}, {0xffffffffffffffff, 0x602}], 0x5, &(0x7f0000000480)={0x0, 0x989680}, &(0x7f00000004c0)={[0x6]}, 0x8) signalfd(r0, &(0x7f0000000500)={[0x8]}, 0x8) r13 = open_tree(r10, &(0x7f0000000540)='./file0\x00', 0x80900) ioctl$KDENABIO(r13, 0x4b36) ioctl$PIO_FONTX(r3, 0x4b6c, &(0x7f0000000980)={0x19e, 0xa, &(0x7f0000000580)="ffcb13f42619b843ad9dab3788fb9dd74e2fe88c6ef59f030234b522e7a3c849c902f7e2909ca0d3a791c3c9146550b1ff159de0bd6ba6876833590b27033a8ec697e57d55b90e4b5576e858970c0666f50a0d05eef644b585c34464b73ba0c341462d5e67944266ba172c79953b8bde534e2d480ec381d262869266717c9ddac844196da784296d3f047d7862e2ada61ebe2cd5bda5d6ae032f08eb53e82d16345d2168acbcd43b9fe8670fc6a262d22cafa90b7736a7af78835d02c7392df6b14af4fe0145dce806ad62ddfe423154b05a48a56afe039a8eb55f9daf1ff5bd15dffb934f28ca2a48953577ce0caf5a45e3497f8d8b3c35c857ad8fb0b6c431086d644da52a892db89bef8e2f8201ca8d20c33727eba38410da2e2fc8f6f550c005d70dcb6c42b38bdef3b3726ab8ab61108700b496225fdb6dab577bf1a3460d212d0c94fcf8dfd0b4f1b7c91c56b6f944f6bc6f2dfaeffe5c49177618d2c04282a7bd9a83451b9c871dbef0ae0a25ebe64341109cc3fc6170352957c6a17959f67f8be0bfdf0374102822474033669acd1d25f2d7d48a10d792756db98a038b58f3ed3badb9afc7a2ac2029709e4ee64acb7d47a406ea652999b7e4de82c8a46178fd39c17a481950c553547f61053fc25dfa1f0167350b673325540b85bce8cd4337066175c3518d39aff92c0151bbc28470a36b72cf133b327e8df93cf54d68741c74ee6dfd7fbda598c3bc49f8b0eb2425a6f6a335a3cba953d889f843fa4d3926abb589bf7ce557a7790c570890f9091a977debba8b16c31f938292d7f5a60ccf4f804410f1ca503cfa2f9f7404e6dc88822aa42037c575f09b749a56810d381dd52771a88ca993d11213ef20ef2a0f16b23986484f52aa0562b8f7d327e3c9d3ddb16f6a8d243a4a8ea878a08ff7d63df686464837ce1b4f2581cff9fe804b72de00232a01f92f2a8274207f0d995de1e37f633f720c06645bca34df9513a933128a0bc00192a32ff270bdd517d1aa87c1bb93dccfabb736d0f25a2a4a582f057e496ea73a89df960802b1a37b14a300dcdc0f79f259798d97264235aedd2b302d77a612b77b4bf820f0cc68a5f773ec531b9ee580ddc06dd2f0b2fa42a4e9266b83deaae206a8a8950adea99d43f3a324ae501874dc8307c66eca6de78c8c584261a8344fc18d912b42ddd7bb3e25995b8bb50c689f5a00f3bf60a7e1683482b30c575dbb2754a4729d3e277644445f0979ab8182bad85bc70863b026c638da83f5ec112743061c6f1b6359e4afe37d6aff114bd7397bb53b31ee86c2bc036b39ef6617fd2985e46c7c37c93df43cbba0d9ef21864a11a54254356202b456f865299a00c690cbf71366ef1fc6d854b9cfd5866c3137bbfbf694e917cb975d8a47a1be08edf7cdfe770358f5f8677d22dc53d47e7ecdfe4d4f92053d"}) r14 = openat$hpet(0xffffffffffffff9c, &(0x7f00000009c0), 0x210000, 0x0) epoll_pwait(r14, &(0x7f0000000a00)=[{}, {}, {}, {}, {}, {}, {}, {}, {}, {}], 0xa, 0x3, &(0x7f0000000a80)={[0x8]}, 0x8) r15 = mmap$IORING_OFF_CQ_RING(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x1, 0x8010, r5, 0x8000000) syz_io_uring_setup(0x5fb0, &(0x7f0000000ac0)={0x0, 0xf2a1, 0x2, 0x2, 0x1f1, 0x0, r13}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ff1000/0xe000)=nil, &(0x7f0000000b40), &(0x7f0000000b80)=0x0) r17 = io_uring_register$IORING_REGISTER_PERSONALITY(r12, 0x9, 0x0, 0x0) syz_io_uring_submit(r15, r16, &(0x7f0000000bc0)=@IORING_OP_READ=@use_registered_buffer={0x16, 0x1, 0x2004, @fd=r2, 0x10, 0x0, 0x0, 0x11, 0x0, {0x3, r17}}, 0x0) r18 = perf_event_open(&(0x7f0000000c40)={0x1, 0x80, 0x1f, 0x80, 0x20, 0x0, 0x0, 0x8, 0x8a044, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x6, 0x0, @perf_bp={&(0x7f0000000c00), 0xa}, 0x20, 0x101, 0x200, 0x8, 0x9, 0x4, 0xff, 0x0, 0x2b68, 0x0, 0x5}, r4, 0x2, r9, 0x0) signalfd(r18, &(0x7f0000000cc0)={[0xf33b]}, 0x8) ioctl$AUTOFS_DEV_IOCTL_VERSION(r8, 0xc0189371, &(0x7f0000000d00)={{0x1, 0x1, 0x18, r6}, './file0\x00'}) r20 = openat$incfs(r3, &(0x7f0000000d40)='.log\x00', 0x52fc42, 0x8) socketpair(0x1, 0x1, 0x0, &(0x7f0000000d80)={0xffffffffffffffff}) io_uring_register$IORING_REGISTER_FILES(r19, 0x2, &(0x7f0000000e00)=[r6, 0xffffffffffffffff, r11, r1, r20, r21, 0xffffffffffffffff], 0x7) 16:28:56 executing program 5: r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000000), 0x2000, 0x0) mkdirat(r0, &(0x7f0000000040)='./file0\x00', 0x14) ioctl$sock_SIOCSIFVLAN_SET_VLAN_NAME_TYPE_CMD(r0, 0x8983, &(0x7f0000000080)={0x6, 'veth1_to_bridge\x00', {0x6}, 0x81}) r1 = openat(r0, &(0x7f00000000c0)='./file0\x00', 0x212080, 0x120) ioctl$FS_IOC_SET_ENCRYPTION_POLICY(r0, 0x800c6613, &(0x7f0000000100)=@v2={0x2, @aes256, 0x0, '\x00', @b}) r2 = creat(&(0x7f0000000140)='./file1\x00', 0xd) ioctl$AUTOFS_DEV_IOCTL_EXPIRE(r0, 0xc018937c, &(0x7f0000000180)={{0x1, 0x1, 0x18, r2}, './file0\x00'}) fcntl$notify(r2, 0x402, 0x1) r4 = syz_mount_image$tmpfs(&(0x7f00000001c0), &(0x7f0000000200)='./file0\x00', 0x6, 0x5, &(0x7f0000000500)=[{&(0x7f0000000240)="1092bb9c2c97b847a80d1cbcc505f212f129545038fdc6b90d3ace40214b3df17f49945b3496f9abdbeaf396134377351836e6ecd17103de93797562495f3d15448404fca9b6c59db8a93ca1e9637120fb7e6b6f79c1fb71e4403b927018f5cf4bf156c87dfedb7948bdf04c3813687e8f7dbed30bc6304bef4eceab7165e5dbf231583dc0d4d5bb33774f9f811cd63755a848c0ed1933db62218eea522a64f2c59cf41d5a1da97935b6e075776b3571e39f1d9d67", 0xb5, 0x400}, {&(0x7f0000000300)="8f7047eea169054f6acd2ecd71ec6816fe576a74b3892ab77ca411ef7f85c8a23d8e0eb49560f99b11b33a7bb7268d2d4f82f1844036cb654bc19737ff1d99299a23e02052ab57b2a8f68168dcde9fe37b1dca42421c621d8af40c93281d99ae2e24d823ea0abaf1ce2b49c320d489548b617a0d55", 0x75, 0x100}, {&(0x7f0000000380)="6a527c9b44a863dd414d294a5ee5b84aeb7af62c1368324a3bc989e634377b8a8555c452f584c2e36cb600ad631a4483c3b02e2d5231d9dd1c49c60cb51106ae8713253b5bb83b85f8862af51e36f7abeceadeff2025e2955b38ad44c68658ed8ba3cc05af4c9ada7a59e197fcd462e0987df2f48ecd15612cacb982cce0ced57c2399a68359561fe2b9b222fe25c49b732593d8ab6dc1ab3e91e8090879eeac4b7d54ebc8046bc0db80146a32df00393a640d9b153de767c9cf76bd", 0xbc, 0x80000001}, {&(0x7f0000000440)="7092446e162aaf44019668375d0280388d3d6da55212c25dd50906e5646c5965965e8d3a9fdd60365010780739debe012e4acabe09fc15e2a6b72a45e1abb60d2c5affe068e8476c3fc9fedcd9a6162c0897715f40cecc83edbe00709f3006bece055fe1f31032f351f441907867", 0x6e, 0x80000000}, {&(0x7f00000004c0)="e8315b66ce00a2ae77e68d0e7316", 0xe, 0x1}], 0x204000, &(0x7f0000000580)={[{@uid={'uid', 0x3d, 0xffffffffffffffff}}, {@mpol={'mpol', 0x3d, {'interleave', '', @void}}}, {@nr_blocks={'nr_blocks', 0x3d, [0x67, 0x78, 0x71, 0x36]}}, {@huge_advise}, {@huge_advise}, {@uid={'uid', 0x3d, 0xffffffffffffffff}}, {@huge_always}], [{@smackfstransmute={'smackfstransmute', 0x3d, 'veth1_to_bridge\x00'}}, {@smackfstransmute={'smackfstransmute', 0x3d, 'veth1_to_bridge\x00'}}, {@rootcontext={'rootcontext', 0x3d, 'sysadm_u'}}, {@smackfstransmute={'smackfstransmute', 0x3d, '\x00'}}, {@euid_lt}, {@dont_hash}]}) fcntl$setflags(r4, 0x2, 0x0) umount2(&(0x7f00000006c0)='./file2\x00', 0xa) r5 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000700), 0x4100, 0x0) move_mount(r5, &(0x7f0000000740)='./file1\x00', 0xffffffffffffffff, &(0x7f0000000780)='./file0\x00', 0x0) getsockopt$IPT_SO_GET_REVISION_TARGET(r3, 0x0, 0x43, &(0x7f00000007c0)={'IDLETIMER\x00'}, &(0x7f0000000800)=0x1e) preadv(r2, &(0x7f0000000b40)=[{&(0x7f0000000840)=""/69, 0x45}, {&(0x7f00000008c0)=""/99, 0x63}, {&(0x7f0000000940)=""/77, 0x4d}, {&(0x7f00000009c0)=""/101, 0x65}, {&(0x7f0000000a40)=""/127, 0x7f}, {&(0x7f0000000ac0)=""/93, 0x5d}], 0x6, 0x1, 0x3) syz_mount_image$nfs(&(0x7f0000000bc0), &(0x7f0000000c00)='./file0\x00', 0x80, 0x1, &(0x7f0000000cc0)=[{&(0x7f0000000c40)="e71dc51c6e8eefbe9c40d9665490ebaf5eb9d20805e4ba59621dbbccd55710ea2700ec8265126b6d9b8de5d41fe55a2046c3a326de84bb0256148bb66f5d55d5060a9d6a8eac96164eba4c45fe28ca9c242ee11cbb298326bb9f6fbec2b2db2514db13456bb41a0d20fde05f", 0x6c}], 0x804020, &(0x7f0000000d00)={[{'\x00'}, {}, {'IDLETIMER\x00'}, {}, {'\\'}], [{@fsname={'fsname', 0x3d, 'sysadm_u'}}, {@dont_appraise}, {@rootcontext={'rootcontext', 0x3d, 'system_u'}}, {@defcontext={'defcontext', 0x3d, 'system_u'}}, {@fsuuid={'fsuuid', 0x3d, {[0x36, 0x66, 0x62, 0x66, 0x63, 0x61, 0x39, 0x36], 0x2d, [0x61, 0x66, 0x61, 0x61], 0x2d, [0x30, 0x37, 0x61, 0x63], 0x2d, [0x39, 0xab, 0x37, 0x63], 0x2d, [0x34, 0x31, 0x32, 0x35, 0x65, 0x64, 0x30, 0x35]}}}, {@fscontext={'fscontext', 0x3d, 'sysadm_u'}}, {@defcontext={'defcontext', 0x3d, 'sysadm_u'}}]}) r6 = openat$incfs(r1, &(0x7f0000000dc0)='.pending_reads\x00', 0x90d33d4035c12d31, 0x10) fallocate(r6, 0x28, 0x9, 0x7) openat(r3, &(0x7f0000000e00)='./file2\x00', 0xe546982f0eef677, 0x58) mount$cgroup2(0x0, &(0x7f0000000e40)='./file2\x00', &(0x7f0000000e80), 0xa06040, &(0x7f0000003400)={[{@memory_recursiveprot}], [{@obj_type={'obj_type', 0x3d, '^}$}x'}}, {@fowner_eq}, {@obj_user={'obj_user', 0x3d, '\x91*\xe5\x10\xa4Xr:\x83\x9a\x9f\xadp\x158\xac'}}, {@fsuuid={'fsuuid', 0x3d, {[0x32, 0x39, 0x33, 0x64, 0x62, 0x0, 0x65, 0x39], 0x2d, [0x61, 0x52, 0x61, 0x62], 0x2d, [0x33, 0x61, 0x61, 0x37], 0x2d, [0x30, 0x32, 0x31, 0x33], 0x2d, [0x34, 0x63, 0x64, 0x35, 0x62, 0x0, 0x62, 0x38]}}}, {@smackfshat={'smackfshat', 0x3d, 'nr_blocks'}}, {@smackfstransmute={'smackfstransmute', 0x3d, 'huge=always'}}, {@uid_gt}, {@dont_hash}, {@subj_user={'subj_user', 0x3d, '\x91*\xe5\x10\xa4Xr:\x83\x9a\x9f\xadp\x158\xac'}}]}) 16:28:56 executing program 6: sendmsg$IPSET_CMD_GET_BYINDEX(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000040)={0x54, 0xf, 0x6, 0x401, 0x0, 0x0, {0x2}, [@IPSET_ATTR_INDEX={0x6, 0xb, 0x3}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_INDEX={0x6, 0xb, 0x1}, @IPSET_ATTR_INDEX={0x6, 0xb, 0xffffffffffffffff}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_INDEX={0x6, 0xb, 0xffffffffffffffff}, @IPSET_ATTR_INDEX={0x6, 0xb, 0x1}]}, 0x54}, 0x1, 0x0, 0x0, 0x30040811}, 0x24008000) r0 = dup2(0xffffffffffffffff, 0xffffffffffffffff) sendmsg$NL80211_CMD_STOP_AP(r0, &(0x7f0000000200)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000180)={0x20, 0x0, 0x10, 0x70bd29, 0x25dfdbfc, {{}, {@void, @val={0xc, 0x99, {0x7, 0xf}}}}, ["", "", "", ""]}, 0x20}, 0x1, 0x0, 0x0, 0xc001}, 0x0) ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(r0, 0x89f0, &(0x7f0000000300)={'sit0\x00', &(0x7f0000000280)={'syztnl2\x00', 0x0, 0x4, 0x5, 0x5, 0xbbc, 0x10, @private0={0xfc, 0x0, '\x00', 0x1}, @private0={0xfc, 0x0, '\x00', 0x1}, 0xa0, 0x80, 0xffff, 0xfff}}) recvmsg(r0, &(0x7f0000001540)={&(0x7f0000000340)=@ll={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, 0x80, &(0x7f00000014c0)=[{&(0x7f00000003c0)=""/105, 0x69}, {&(0x7f0000000440)=""/4096, 0x1000}, {&(0x7f0000001440)=""/113, 0x71}], 0x3, &(0x7f0000001500)=""/45, 0x2d}, 0x2100) ioctl$sock_ipv6_tunnel_SIOCGET6RD(r0, 0x89f8, &(0x7f0000001600)={'syztnl0\x00', &(0x7f0000001580)={'ip6gre0\x00', 0x0, 0x29, 0xd9, 0xdf, 0x40, 0x4f, @remote, @remote, 0x7800, 0x20, 0x25, 0x1}}) ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(r0, 0x89f3, &(0x7f00000016c0)={'syztnl2\x00', &(0x7f0000001640)={'syztnl2\x00', 0x0, 0x29, 0x1f, 0x1, 0x9, 0x0, @mcast1, @local, 0x40, 0x1, 0x6, 0x1000}}) getsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x24, &(0x7f0000001700)={@initdev, @private, 0x0}, &(0x7f0000001740)=0xc) sendmsg$ETHTOOL_MSG_DEBUG_GET(r0, &(0x7f00000019c0)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000001980)={&(0x7f0000001780)={0x1dc, 0x0, 0x200, 0x70bd2d, 0x25dfdbff, {}, [@HEADER={0x28, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'ipvlan0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x4}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}]}, @HEADER={0x54, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r1}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'wg1\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r2}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_to_hsr\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}, @HEADER={0x38, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_vlan\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r3}]}, @HEADER={0x40, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'sit0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_macvtap\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'syzkaller1\x00'}]}, @HEADER={0x40, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_virt_wifi\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}]}, @HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8}]}, @HEADER={0x74, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'caif0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'vxcan1\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_to_hsr\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_to_bridge\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}, @HEADER={0x14, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r4}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r5}]}]}, 0x1dc}, 0x1, 0x0, 0x0, 0x24816}, 0x20008001) getsockopt$inet_mreqn(r0, 0x0, 0x4, &(0x7f0000001a00)={@loopback, @empty}, &(0x7f0000001a40)=0xc) r6 = syz_io_uring_complete(0x0) r7 = openat(r6, &(0x7f0000001a80)='./file0\x00', 0x311100, 0x80) pipe2(&(0x7f0000001ac0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x184000) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r7, 0xc0189373, &(0x7f0000001b00)={{0x1, 0x1, 0x18, r9, {0x1}}, './file0\x00'}) r11 = syz_genetlink_get_family_id$ethtool(&(0x7f0000001b80), r8) sendmsg$ETHTOOL_MSG_PAUSE_SET(r10, &(0x7f0000001c80)={&(0x7f0000001b40)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000001c40)={&(0x7f0000001bc0)={0x50, r11, 0x8, 0x70bd26, 0x25dfdbfb, {}, [@ETHTOOL_A_PAUSE_HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r1}]}, @ETHTOOL_A_PAUSE_TX={0x5}, @ETHTOOL_A_PAUSE_AUTONEG={0x5, 0x2, 0x1}, @ETHTOOL_A_PAUSE_RX={0x5, 0x3, 0x1}, @ETHTOOL_A_PAUSE_TX={0x5}, @ETHTOOL_A_PAUSE_AUTONEG={0x5}, @ETHTOOL_A_PAUSE_AUTONEG={0x5, 0x2, 0x1}]}, 0x50}}, 0x0) r12 = fcntl$dupfd(r10, 0x406, r6) ioctl$SIOCGSTAMPNS(r12, 0x8907, &(0x7f0000001cc0)) sendmsg$ETHTOOL_MSG_PRIVFLAGS_SET(r7, &(0x7f0000001dc0)={&(0x7f0000001d00)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000001d80)={&(0x7f0000001d40)={0x2c, r11, 0x10, 0x70bd2a, 0x25dfdbfd, {}, [@ETHTOOL_A_PRIVFLAGS_FLAGS={0x18, 0x2, 0x0, 0x1, [@ETHTOOL_A_BITSET_NOMASK={0x4}, @ETHTOOL_A_BITSET_VALUE={0xd, 0x4, "cce34848aab83d3853"}]}]}, 0x2c}}, 0x20000044) ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(r9, 0x89f0, &(0x7f0000001e80)={'syztnl0\x00', &(0x7f0000001e00)={'syztnl0\x00', 0x0, 0x80, 0x7800, 0xbef, 0x5, {{0xf, 0x4, 0x0, 0x9, 0x3c, 0xa4f6, 0x0, 0x25, 0x29, 0x0, @rand_addr=0x64010101, @remote, {[@ssrr={0x89, 0x1b, 0x74, [@initdev={0xac, 0x1e, 0x1, 0x0}, @initdev={0xac, 0x1e, 0x0, 0x0}, @local, @private=0xa010101, @multicast2, @dev={0xac, 0x14, 0x14, 0x33}]}, @ra={0x94, 0x4}, @generic={0x89, 0x8, "8a36354618b7"}, @noop]}}}}}) 16:28:56 executing program 7: prctl$PR_GET_THP_DISABLE(0x2a) prctl$PR_GET_THP_DISABLE(0x2a) prctl$PR_GET_THP_DISABLE(0x2a) prctl$PR_GET_THP_DISABLE(0x2a) prctl$PR_GET_THP_DISABLE(0x2a) prctl$PR_GET_THP_DISABLE(0x2a) prctl$PR_GET_THP_DISABLE(0x2a) prctl$PR_GET_THP_DISABLE(0x2a) prctl$PR_GET_THP_DISABLE(0x2a) prctl$PR_GET_THP_DISABLE(0x2a) prctl$PR_GET_THP_DISABLE(0x2a) prctl$PR_GET_THP_DISABLE(0x2a) prctl$PR_GET_THP_DISABLE(0x2a) prctl$PR_GET_THP_DISABLE(0x2a) prctl$PR_GET_THP_DISABLE(0x2a) prctl$PR_GET_THP_DISABLE(0x2a) prctl$PR_GET_THP_DISABLE(0x2a) prctl$PR_GET_THP_DISABLE(0x2a) prctl$PR_GET_THP_DISABLE(0x2a) prctl$PR_GET_THP_DISABLE(0x2a) [ 72.353637] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 72.357261] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 72.358601] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 72.361722] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 72.377357] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 72.379193] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 72.383843] Bluetooth: hci0: HCI_REQ-0x0c1a [ 72.414827] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 72.416489] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 72.419501] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 72.441396] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 72.443023] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 72.444242] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 72.448232] Bluetooth: hci2: HCI_REQ-0x0c1a [ 72.477913] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 72.482895] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 72.484896] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 72.491173] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 72.493873] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 72.495371] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 72.500931] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 72.502901] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 72.504053] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 72.504340] Bluetooth: hci1: HCI_REQ-0x0c1a [ 72.509474] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 72.511170] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 72.512344] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 72.515938] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 72.527995] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 72.529914] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 72.531955] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 72.533280] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 72.536405] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 72.538315] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 72.539846] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 72.544815] Bluetooth: hci6: HCI_REQ-0x0c1a [ 72.565894] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 72.569585] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 72.574952] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 72.576077] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 72.577133] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 72.578458] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 72.580601] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 72.587004] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 72.588037] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 72.596995] Bluetooth: hci5: HCI_REQ-0x0c1a [ 72.597856] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 72.598947] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 72.599940] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 72.606274] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 72.615969] Bluetooth: hci3: HCI_REQ-0x0c1a [ 72.617324] Bluetooth: hci4: HCI_REQ-0x0c1a [ 72.632389] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 72.636293] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 72.638162] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 72.644455] Bluetooth: hci7: HCI_REQ-0x0c1a [ 74.444027] Bluetooth: hci0: command 0x0409 tx timeout [ 74.507753] Bluetooth: hci2: command 0x0409 tx timeout [ 74.570814] Bluetooth: hci6: command 0x0409 tx timeout [ 74.571539] Bluetooth: hci1: command 0x0409 tx timeout [ 74.634860] Bluetooth: hci5: command 0x0409 tx timeout [ 74.635901] Bluetooth: hci4: command 0x0409 tx timeout [ 74.636518] Bluetooth: hci3: command 0x0409 tx timeout [ 74.699784] Bluetooth: hci7: command 0x0409 tx timeout [ 76.491253] Bluetooth: hci0: command 0x041b tx timeout [ 76.554766] Bluetooth: hci2: command 0x041b tx timeout [ 76.618821] Bluetooth: hci1: command 0x041b tx timeout [ 76.619608] Bluetooth: hci6: command 0x041b tx timeout [ 76.682992] Bluetooth: hci3: command 0x041b tx timeout [ 76.683997] Bluetooth: hci4: command 0x041b tx timeout [ 76.684942] Bluetooth: hci5: command 0x041b tx timeout [ 76.747248] Bluetooth: hci7: command 0x041b tx timeout [ 78.538829] Bluetooth: hci0: command 0x040f tx timeout [ 78.602767] Bluetooth: hci2: command 0x040f tx timeout [ 78.666766] Bluetooth: hci6: command 0x040f tx timeout [ 78.667535] Bluetooth: hci1: command 0x040f tx timeout [ 78.730921] Bluetooth: hci5: command 0x040f tx timeout [ 78.731751] Bluetooth: hci4: command 0x040f tx timeout [ 78.732455] Bluetooth: hci3: command 0x040f tx timeout [ 78.794785] Bluetooth: hci7: command 0x040f tx timeout [ 80.586715] Bluetooth: hci0: command 0x0419 tx timeout [ 80.650765] Bluetooth: hci2: command 0x0419 tx timeout [ 80.714732] Bluetooth: hci1: command 0x0419 tx timeout [ 80.715179] Bluetooth: hci6: command 0x0419 tx timeout [ 80.778808] Bluetooth: hci3: command 0x0419 tx timeout [ 80.779270] Bluetooth: hci4: command 0x0419 tx timeout [ 80.779697] Bluetooth: hci5: command 0x0419 tx timeout [ 80.843771] Bluetooth: hci7: command 0x0419 tx timeout 16:29:53 executing program 7: r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0) ioctl$BLKZEROOUT(r0, 0x6801, 0x0) dup3(r0, r0, 0x80000) r1 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0) ioctl$BLKZEROOUT(r1, 0x6801, 0x0) ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(r0, 0xc018937d, 0x0) r2 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0) ioctl$BLKZEROOUT(r2, 0x6801, 0x0) ioctl$BLKGETSIZE64(r2, 0x80081272, &(0x7f0000000080)) ioctl$TIOCGPTLCK(r1, 0x80045439, &(0x7f0000000040)) openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/bus/input/devices\x00', 0x0, 0x0) r3 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0) ioctl$SNDRV_SEQ_IOCTL_GET_SUBSCRIPTION(0xffffffffffffffff, 0xc0505350, &(0x7f0000000100)={{0x3}, {0xe9, 0x9}, 0x9, 0x2, 0x8}) r4 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0) ioctl$BLKZEROOUT(r4, 0x6801, 0x0) ioctl$AUTOFS_DEV_IOCTL_VERSION(r4, 0xc0189371, &(0x7f0000000180)={{0x1, 0x1, 0x18, r4}, './file0\x00'}) openat$hpet(0xffffffffffffff9c, &(0x7f00000001c0), 0x14000, 0x0) openat$hpet(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0) ioctl$BLKZEROOUT(r0, 0x6801, 0x0) ioctl$TIOCSLCKTRMIOS(r3, 0x5457, &(0x7f00000000c0)) 16:29:53 executing program 7: r0 = perf_event_open(&(0x7f0000000080)={0x2, 0xc8, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100), 0x7}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x2000, 0x1, 0x0, 0x0, 0x101}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x1010c2, 0x0) r3 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/timer_list\x00', 0x0, 0x0) r4 = perf_event_open(&(0x7f00000001c0)={0x0, 0x80, 0x5f, 0x4, 0x40, 0x7, 0x0, 0x910e, 0x509, 0xe, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0xdb5d, 0x0, @perf_config_ext={0x7ff, 0x80000}, 0x18884, 0x4, 0x87, 0x6, 0x10e94a, 0x401, 0x8, 0x0, 0x5, 0x0, 0x400}, 0x0, 0x1, r1, 0xb) fcntl$getown(0xffffffffffffffff, 0x9) sendfile(r2, r3, 0x0, 0x10000027f) openat$zero(0xffffffffffffff9c, &(0x7f0000000140), 0x8000, 0x0) r5 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_REQ_SET_REG(r5, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000300)=ANY=[@ANYBLOB="192b5cdd999327972a770dd2e6f2c20a14c192ae68960be63a5fe0ed4ac2ed7167a26484eaa59c693d367d6cd041834d508f4382a823eb9d057a76d24539c5f40d0f7ec33dcd67ffca430f755a1f9a74bff50ea87e574ca6aa50ac44c34a606cd34ac7af1c00c673bacca55ac3d100"/121, @ANYRES16, @ANYBLOB], 0x1c}}, 0x0) perf_event_open(&(0x7f0000000040)={0x0, 0x80, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, @perf_config_ext={0x20000000, 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f0000000180)={'wlan0\x00'}) preadv(r4, &(0x7f0000000240), 0x0, 0x3ff, 0x89) r6 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0) ioctl$BLKZEROOUT(r6, 0x6801, 0x0) ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(r3, 0x89f0, &(0x7f00000003c0)={'syztnl0\x00', &(0x7f0000000380)={'gre0\x00', 0x0, 0x8, 0x8, 0x3, 0xe4, {{0x5, 0x4, 0x0, 0x2d, 0x14, 0x64, 0x0, 0x5, 0x29, 0x0, @private=0xa010101, @dev={0xac, 0x14, 0x14, 0x25}}}}}) sendmsg$ETHTOOL_MSG_TSINFO_GET(r6, &(0x7f0000000540)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000480)={&(0x7f0000000400)={0x48, 0x0, 0x4, 0x70bd2d, 0x25dfdbff, {}, [@HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}, @HEADER={0x14, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r7}]}, @HEADER={0x14, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}]}, 0x48}, 0x1, 0x0, 0x0, 0x48091}, 0x8030) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r0, 0x81f8943c, &(0x7f00000005c0)) [ 128.947368] audit: type=1400 audit(1664641793.981:7): avc: denied { open } for pid=3835 comm="syz-executor.7" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 [ 128.951972] audit: type=1400 audit(1664641793.981:8): avc: denied { kernel } for pid=3835 comm="syz-executor.7" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 [ 128.962792] ------------[ cut here ]------------ [ 128.962818] [ 128.962822] ====================================================== [ 128.962827] WARNING: possible circular locking dependency detected [ 128.962832] 6.0.0-rc7-next-20220930 #1 Not tainted [ 128.962840] ------------------------------------------------------ [ 128.962844] syz-executor.7/3836 is trying to acquire lock: [ 128.962852] ffffffff853faab8 ((console_sem).lock){....}-{2:2}, at: down_trylock+0xe/0x70 [ 128.962898] [ 128.962898] but task is already holding lock: [ 128.962902] ffff88800ea47420 (&ctx->lock){....}-{2:2}, at: __perf_event_task_sched_out+0x53b/0x18d0 [ 128.962934] [ 128.962934] which lock already depends on the new lock. [ 128.962934] [ 128.962938] [ 128.962938] the existing dependency chain (in reverse order) is: [ 128.962942] [ 128.962942] -> #3 (&ctx->lock){....}-{2:2}: [ 128.962958] _raw_spin_lock+0x2a/0x40 [ 128.962972] __perf_event_task_sched_out+0x53b/0x18d0 [ 128.962986] __schedule+0xedd/0x2470 [ 128.963003] schedule+0xda/0x1b0 [ 128.963019] exit_to_user_mode_prepare+0x114/0x1a0 [ 128.963034] syscall_exit_to_user_mode+0x19/0x40 [ 128.963050] do_syscall_64+0x48/0x90 [ 128.963071] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 128.963086] [ 128.963086] -> #2 (&rq->__lock){-.-.}-{2:2}: [ 128.963103] _raw_spin_lock_nested+0x30/0x40 [ 128.963115] raw_spin_rq_lock_nested+0x1e/0x30 [ 128.963131] task_fork_fair+0x63/0x4d0 [ 128.963151] sched_cgroup_fork+0x3d0/0x540 [ 128.963169] copy_process+0x4183/0x6e20 [ 128.963182] kernel_clone+0xe7/0x890 [ 128.963193] user_mode_thread+0xad/0xf0 [ 128.963206] rest_init+0x24/0x250 [ 128.963220] arch_call_rest_init+0xf/0x14 [ 128.963241] start_kernel+0x4c6/0x4eb [ 128.963260] secondary_startup_64_no_verify+0xe0/0xeb [ 128.963277] [ 128.963277] -> #1 (&p->pi_lock){-.-.}-{2:2}: [ 128.963293] _raw_spin_lock_irqsave+0x39/0x60 [ 128.963307] try_to_wake_up+0xab/0x1930 [ 128.963323] up+0x75/0xb0 [ 128.963339] __up_console_sem+0x6e/0x80 [ 128.963359] console_unlock+0x46a/0x590 [ 128.963378] vt_ioctl+0x2822/0x2ca0 [ 128.963393] tty_ioctl+0x785/0x16b0 [ 128.963406] __x64_sys_ioctl+0x19a/0x210 [ 128.963422] do_syscall_64+0x3b/0x90 [ 128.963443] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 128.963458] [ 128.963458] -> #0 ((console_sem).lock){....}-{2:2}: [ 128.963474] __lock_acquire+0x2a02/0x5e70 [ 128.963495] lock_acquire+0x1a2/0x530 [ 128.963514] _raw_spin_lock_irqsave+0x39/0x60 [ 128.963527] down_trylock+0xe/0x70 [ 128.963545] __down_trylock_console_sem+0x3b/0xd0 [ 128.963564] vprintk_emit+0x16b/0x560 [ 128.963584] vprintk+0x84/0xa0 [ 128.963603] _printk+0xba/0xf1 [ 128.963617] report_bug.cold+0x72/0xab [ 128.963637] handle_bug+0x3c/0x70 [ 128.963657] exc_invalid_op+0x14/0x50 [ 128.963677] asm_exc_invalid_op+0x16/0x20 [ 128.963692] group_sched_out.part.0+0x2c7/0x460 [ 128.963714] ctx_sched_out+0x8f1/0xc10 [ 128.963734] __perf_event_task_sched_out+0x6d0/0x18d0 [ 128.963748] __schedule+0xedd/0x2470 [ 128.963764] schedule+0xda/0x1b0 [ 128.963780] exit_to_user_mode_prepare+0x114/0x1a0 [ 128.963793] syscall_exit_to_user_mode+0x19/0x40 [ 128.963816] do_syscall_64+0x48/0x90 [ 128.963837] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 128.963852] [ 128.963852] other info that might help us debug this: [ 128.963852] [ 128.963855] Chain exists of: [ 128.963855] (console_sem).lock --> &rq->__lock --> &ctx->lock [ 128.963855] [ 128.963873] Possible unsafe locking scenario: [ 128.963873] [ 128.963876] CPU0 CPU1 [ 128.963879] ---- ---- [ 128.963882] lock(&ctx->lock); [ 128.963889] lock(&rq->__lock); [ 128.963896] lock(&ctx->lock); [ 128.963904] lock((console_sem).lock); [ 128.963911] [ 128.963911] *** DEADLOCK *** [ 128.963911] [ 128.963913] 2 locks held by syz-executor.7/3836: [ 128.963922] #0: ffff88806ce37e98 (&rq->__lock){-.-.}-{2:2}, at: __schedule+0x1cf/0x2470 [ 128.963957] #1: ffff88800ea47420 (&ctx->lock){....}-{2:2}, at: __perf_event_task_sched_out+0x53b/0x18d0 [ 128.963989] [ 128.963989] stack backtrace: [ 128.963993] CPU: 0 PID: 3836 Comm: syz-executor.7 Not tainted 6.0.0-rc7-next-20220930 #1 [ 128.964008] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 128.964018] Call Trace: [ 128.964022] [ 128.964027] dump_stack_lvl+0x8b/0xb3 [ 128.964049] check_noncircular+0x263/0x2e0 [ 128.964069] ? format_decode+0x26c/0xb50 [ 128.964089] ? print_circular_bug+0x450/0x450 [ 128.964109] ? simple_strtoul+0x30/0x30 [ 128.964129] ? format_decode+0x26c/0xb50 [ 128.964150] ? alloc_chain_hlocks+0x1ec/0x5a0 [ 128.964171] __lock_acquire+0x2a02/0x5e70 [ 128.964197] ? lockdep_hardirqs_on_prepare+0x410/0x410 [ 128.964225] lock_acquire+0x1a2/0x530 [ 128.964245] ? down_trylock+0xe/0x70 [ 128.964266] ? lock_release+0x750/0x750 [ 128.964291] ? vprintk+0x84/0xa0 [ 128.964312] _raw_spin_lock_irqsave+0x39/0x60 [ 128.964326] ? down_trylock+0xe/0x70 [ 128.964346] down_trylock+0xe/0x70 [ 128.964365] ? vprintk+0x84/0xa0 [ 128.964385] __down_trylock_console_sem+0x3b/0xd0 [ 128.964406] vprintk_emit+0x16b/0x560 [ 128.964429] vprintk+0x84/0xa0 [ 128.964450] _printk+0xba/0xf1 [ 128.964464] ? record_print_text.cold+0x16/0x16 [ 128.964483] ? report_bug.cold+0x66/0xab [ 128.964505] ? group_sched_out.part.0+0x2c7/0x460 [ 128.964527] report_bug.cold+0x72/0xab [ 128.964550] handle_bug+0x3c/0x70 [ 128.964571] exc_invalid_op+0x14/0x50 [ 128.964593] asm_exc_invalid_op+0x16/0x20 [ 128.964609] RIP: 0010:group_sched_out.part.0+0x2c7/0x460 [ 128.964633] Code: 5e 41 5f e9 8b ae ef ff e8 86 ae ef ff 65 8b 1d 0b 18 ac 7e 31 ff 89 de e8 26 ab ef ff 85 db 0f 84 8a 00 00 00 e8 69 ae ef ff <0f> 0b e9 a5 fe ff ff e8 5d ae ef ff 48 8d 7d 10 48 b8 00 00 00 00 [ 128.964646] RSP: 0018:ffff888018837c48 EFLAGS: 00010006 [ 128.964658] RAX: 0000000040000002 RBX: 0000000000000000 RCX: 0000000000000000 [ 128.964667] RDX: ffff88800ff98000 RSI: ffffffff81565dc7 RDI: 0000000000000005 [ 128.964676] RBP: ffff8880086605c8 R08: 0000000000000005 R09: 0000000000000001 [ 128.964685] R10: 0000000000000000 R11: ffffffff865b401b R12: ffff88800ea47400 [ 128.964694] R13: ffff88806ce3d2c0 R14: ffffffff8547d160 R15: 0000000000000002 [ 128.964708] ? group_sched_out.part.0+0x2c7/0x460 [ 128.964732] ? group_sched_out.part.0+0x2c7/0x460 [ 128.964756] ctx_sched_out+0x8f1/0xc10 [ 128.964780] __perf_event_task_sched_out+0x6d0/0x18d0 [ 128.964797] ? lock_is_held_type+0xd7/0x130 [ 128.964814] ? __perf_cgroup_move+0x160/0x160 [ 128.964827] ? set_next_entity+0x304/0x550 [ 128.964848] ? update_curr+0x267/0x740 [ 128.964871] ? lock_is_held_type+0xd7/0x130 [ 128.964888] __schedule+0xedd/0x2470 [ 128.964909] ? io_schedule_timeout+0x150/0x150 [ 128.964929] ? rcu_read_lock_sched_held+0x3e/0x80 [ 128.964954] schedule+0xda/0x1b0 [ 128.964972] exit_to_user_mode_prepare+0x114/0x1a0 [ 128.964987] syscall_exit_to_user_mode+0x19/0x40 [ 128.965003] do_syscall_64+0x48/0x90 [ 128.965025] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 128.965041] RIP: 0033:0x7fdf85f7fb19 [ 128.965051] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 128.965064] RSP: 002b:00007fdf834f5218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 128.965077] RAX: 0000000000000001 RBX: 00007fdf86092f68 RCX: 00007fdf85f7fb19 [ 128.965086] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007fdf86092f6c [ 128.965095] RBP: 00007fdf86092f60 R08: 000000000000000e R09: 0000000000000000 [ 128.965103] R10: 0000000000000003 R11: 0000000000000246 R12: 00007fdf86092f6c [ 128.965112] R13: 00007ffffe38e88f R14: 00007fdf834f5300 R15: 0000000000022000 [ 128.965127] [ 129.030091] WARNING: CPU: 0 PID: 3836 at kernel/events/core.c:2309 group_sched_out.part.0+0x2c7/0x460 [ 129.030882] Modules linked in: [ 129.031159] CPU: 0 PID: 3836 Comm: syz-executor.7 Not tainted 6.0.0-rc7-next-20220930 #1 [ 129.031844] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 129.032781] RIP: 0010:group_sched_out.part.0+0x2c7/0x460 [ 129.033242] Code: 5e 41 5f e9 8b ae ef ff e8 86 ae ef ff 65 8b 1d 0b 18 ac 7e 31 ff 89 de e8 26 ab ef ff 85 db 0f 84 8a 00 00 00 e8 69 ae ef ff <0f> 0b e9 a5 fe ff ff e8 5d ae ef ff 48 8d 7d 10 48 b8 00 00 00 00 [ 129.034761] RSP: 0018:ffff888018837c48 EFLAGS: 00010006 [ 129.035211] RAX: 0000000040000002 RBX: 0000000000000000 RCX: 0000000000000000 [ 129.035818] RDX: ffff88800ff98000 RSI: ffffffff81565dc7 RDI: 0000000000000005 [ 129.036426] RBP: ffff8880086605c8 R08: 0000000000000005 R09: 0000000000000001 [ 129.037024] R10: 0000000000000000 R11: ffffffff865b401b R12: ffff88800ea47400 [ 129.037622] R13: ffff88806ce3d2c0 R14: ffffffff8547d160 R15: 0000000000000002 [ 129.038218] FS: 00007fdf834f5700(0000) GS:ffff88806ce00000(0000) knlGS:0000000000000000 [ 129.038894] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 129.039392] CR2: 00007fdd6f5633f0 CR3: 00000000409b2000 CR4: 0000000000350ef0 [ 129.040006] Call Trace: [ 129.040227] [ 129.040424] ctx_sched_out+0x8f1/0xc10 [ 129.040769] __perf_event_task_sched_out+0x6d0/0x18d0 [ 129.041212] ? lock_is_held_type+0xd7/0x130 [ 129.041584] ? __perf_cgroup_move+0x160/0x160 [ 129.041967] ? set_next_entity+0x304/0x550 [ 129.042339] ? update_curr+0x267/0x740 [ 129.042680] ? lock_is_held_type+0xd7/0x130 [ 129.043053] __schedule+0xedd/0x2470 [ 129.043378] ? io_schedule_timeout+0x150/0x150 [ 129.043775] ? rcu_read_lock_sched_held+0x3e/0x80 [ 129.044202] schedule+0xda/0x1b0 [ 129.044497] exit_to_user_mode_prepare+0x114/0x1a0 [ 129.044913] syscall_exit_to_user_mode+0x19/0x40 [ 129.045311] do_syscall_64+0x48/0x90 [ 129.045636] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 129.046075] RIP: 0033:0x7fdf85f7fb19 [ 129.046393] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 129.047903] RSP: 002b:00007fdf834f5218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 129.048538] RAX: 0000000000000001 RBX: 00007fdf86092f68 RCX: 00007fdf85f7fb19 [ 129.049126] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007fdf86092f6c [ 129.049720] RBP: 00007fdf86092f60 R08: 000000000000000e R09: 0000000000000000 [ 129.050310] R10: 0000000000000003 R11: 0000000000000246 R12: 00007fdf86092f6c [ 129.050903] R13: 00007ffffe38e88f R14: 00007fdf834f5300 R15: 0000000000022000 [ 129.051498] [ 129.051700] irq event stamp: 622 [ 129.051992] hardirqs last enabled at (621): [] exit_to_user_mode_prepare+0x109/0x1a0 [ 129.052773] hardirqs last disabled at (622): [] __schedule+0x1225/0x2470 [ 129.053458] softirqs last enabled at (442): [] __irq_exit_rcu+0x11b/0x180 [ 129.054166] softirqs last disabled at (437): [] __irq_exit_rcu+0x11b/0x180 [ 129.054878] ---[ end trace 0000000000000000 ]--- [ 129.058074] loop0: detected capacity change from 0 to 264192 [ 129.116563] loop0: detected capacity change from 0 to 264192 [ 129.476817] audit: type=1400 audit(1664641794.510:9): avc: denied { write } for pid=3835 comm="syz-executor.7" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 [ 130.429289] loop3: detected capacity change from 0 to 256 [ 130.438866] FAT-fs (loop3): Unrecognized mount option "euid=18446744073709551615" or missing value [ 130.483037] loop3: detected capacity change from 0 to 256 [ 130.486133] FAT-fs (loop3): Unrecognized mount option "euid=18446744073709551615" or missing value [ 130.808007] loop5: detected capacity change from 0 to 264192 [ 130.809037] tmpfs: Bad value for 'uid' [ 130.831221] loop5: detected capacity change from 0 to 264192 [ 130.832288] tmpfs: Bad value for 'uid' [ 130.838911] I/O error, dev loop5, sector 264064 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 VM DIAGNOSIS: 16:29:54 Registers: info registers vcpu 0 RAX=0000000000000029 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff823bb0f1 RDI=ffffffff8765a9a0 RBP=ffffffff8765a960 RSP=ffff888018837690 R8 =0000000000000001 R9 =000000000000000a R10=0000000000000029 R11=0000000000000001 R12=0000000000000029 R13=ffffffff8765a960 R14=0000000000000010 R15=ffffffff823bb0e0 RIP=ffffffff823bb149 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 00007fdf834f5700 00000000 00000000 GS =0000 ffff88806ce00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007fdd6f5633f0 CR3=00000000409b2000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 YMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM01=0000000000000000 0000000000000000 00007fdf860667c0 00007fdf860667c8 YMM02=0000000000000000 0000000000000000 00007fdf860667e0 00007fdf860667c0 YMM03=0000000000000000 0000000000000000 00007fdf860667c8 00007fdf860667c0 YMM04=0000000000000000 0000000000000000 ffffffffffffffff ffffffff00000000 YMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM06=0000000000000000 0000000000000000 0000000000000000 000000524f525245 YMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM08=0000000000000000 0000000000000000 0000000000000000 00524f5252450040 YMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 RAX=ffff888017ed0001 RBX=ffff888017ecf530 RCX=0000000000000001 RDX=ffff888017ecfe01 RSI=ffff888017ecfef0 RDI=ffff888017ecf540 RBP=ffff888017ecfef0 RSP=ffff888017ecf478 R8 =ffffffff85ed182e R9 =ffffffff85ed1832 R10=ffffed1002fd9eb3 R11=ffff888017ecf570 R12=0000000000000008 R13=ffff888017ec8000 R14=ffff888017ecf530 R15=0000000000000003 RIP=ffffffff8111a0c9 RFL=00000202 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 00007f56024fc540 00000000 00000000 GS =0000 ffff88806cf00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007f56026e7620 CR3=000000001beee000 CR4=00350ee0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 YMM00=0000000000000000 0000000000000000 ff00ff00ff00ff00 ff00ff00ffffff00 YMM01=0000000000000000 0000000000000000 0100010001000100 01000100010100ff YMM02=0000000000000000 0000000000000000 61305f315f315f4c 53534e45504f0030 YMM03=0000000000000000 0000000000000000 0000000000000000 00000000004f0030 YMM04=0000000000000000 0000000000000000 504f0061305f315f 315f4c53534e4550 YMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000