Warning: Permanently added '[localhost]:13509' (ECDSA) to the list of known hosts. 2022/10/02 04:39:11 fuzzer started 2022/10/02 04:39:12 dialing manager at localhost:35095 syzkaller login: [ 44.067418] cgroup: Unknown subsys name 'net' [ 44.173533] cgroup: Unknown subsys name 'rlimit' 2022/10/02 04:39:27 syscalls: 2215 2022/10/02 04:39:27 code coverage: enabled 2022/10/02 04:39:27 comparison tracing: enabled 2022/10/02 04:39:27 extra coverage: enabled 2022/10/02 04:39:27 setuid sandbox: enabled 2022/10/02 04:39:27 namespace sandbox: enabled 2022/10/02 04:39:27 Android sandbox: enabled 2022/10/02 04:39:27 fault injection: enabled 2022/10/02 04:39:27 leak checking: enabled 2022/10/02 04:39:27 net packet injection: enabled 2022/10/02 04:39:27 net device setup: enabled 2022/10/02 04:39:27 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2022/10/02 04:39:27 devlink PCI setup: PCI device 0000:00:10.0 is not available 2022/10/02 04:39:27 USB emulation: enabled 2022/10/02 04:39:27 hci packet injection: enabled 2022/10/02 04:39:27 wifi device emulation: failed to parse kernel version (6.0.0-rc7-next-20220930) 2022/10/02 04:39:27 802.15.4 emulation: enabled 2022/10/02 04:39:27 fetching corpus: 50, signal 23994/25795 (executing program) 2022/10/02 04:39:28 fetching corpus: 100, signal 38596/42007 (executing program) 2022/10/02 04:39:28 fetching corpus: 150, signal 42802/47865 (executing program) 2022/10/02 04:39:28 fetching corpus: 200, signal 47956/54575 (executing program) 2022/10/02 04:39:28 fetching corpus: 250, signal 53083/61158 (executing program) 2022/10/02 04:39:28 fetching corpus: 300, signal 57322/66834 (executing program) 2022/10/02 04:39:28 fetching corpus: 350, signal 61736/72638 (executing program) 2022/10/02 04:39:28 fetching corpus: 400, signal 65802/77981 (executing program) 2022/10/02 04:39:28 fetching corpus: 450, signal 69962/83334 (executing program) 2022/10/02 04:39:28 fetching corpus: 500, signal 73118/87684 (executing program) 2022/10/02 04:39:29 fetching corpus: 550, signal 78868/94408 (executing program) 2022/10/02 04:39:29 fetching corpus: 600, signal 83935/100429 (executing program) 2022/10/02 04:39:29 fetching corpus: 650, signal 86527/104110 (executing program) 2022/10/02 04:39:29 fetching corpus: 700, signal 90202/108721 (executing program) 2022/10/02 04:39:29 fetching corpus: 750, signal 93414/112911 (executing program) 2022/10/02 04:39:29 fetching corpus: 800, signal 95722/116219 (executing program) 2022/10/02 04:39:29 fetching corpus: 850, signal 97983/119476 (executing program) 2022/10/02 04:39:29 fetching corpus: 900, signal 100559/122987 (executing program) 2022/10/02 04:39:30 fetching corpus: 950, signal 101996/125420 (executing program) 2022/10/02 04:39:30 fetching corpus: 1000, signal 107642/131469 (executing program) 2022/10/02 04:39:30 fetching corpus: 1050, signal 109221/133989 (executing program) 2022/10/02 04:39:30 fetching corpus: 1100, signal 110738/136403 (executing program) 2022/10/02 04:39:30 fetching corpus: 1150, signal 112935/139424 (executing program) 2022/10/02 04:39:30 fetching corpus: 1200, signal 115021/142238 (executing program) 2022/10/02 04:39:30 fetching corpus: 1250, signal 116771/144853 (executing program) 2022/10/02 04:39:30 fetching corpus: 1300, signal 120094/148637 (executing program) 2022/10/02 04:39:31 fetching corpus: 1350, signal 121389/150776 (executing program) 2022/10/02 04:39:31 fetching corpus: 1400, signal 124009/153957 (executing program) 2022/10/02 04:39:31 fetching corpus: 1450, signal 125581/156242 (executing program) 2022/10/02 04:39:31 fetching corpus: 1500, signal 127368/158683 (executing program) 2022/10/02 04:39:31 fetching corpus: 1550, signal 128960/160946 (executing program) 2022/10/02 04:39:31 fetching corpus: 1600, signal 130963/163475 (executing program) 2022/10/02 04:39:31 fetching corpus: 1650, signal 131935/165199 (executing program) 2022/10/02 04:39:31 fetching corpus: 1700, signal 133593/167420 (executing program) 2022/10/02 04:39:32 fetching corpus: 1750, signal 134657/169237 (executing program) 2022/10/02 04:39:32 fetching corpus: 1800, signal 136034/171208 (executing program) 2022/10/02 04:39:32 fetching corpus: 1850, signal 137082/172950 (executing program) 2022/10/02 04:39:32 fetching corpus: 1900, signal 138476/174909 (executing program) 2022/10/02 04:39:32 fetching corpus: 1950, signal 139976/176884 (executing program) 2022/10/02 04:39:32 fetching corpus: 2000, signal 141362/178772 (executing program) 2022/10/02 04:39:32 fetching corpus: 2050, signal 143885/181454 (executing program) 2022/10/02 04:39:32 fetching corpus: 2100, signal 146259/184052 (executing program) 2022/10/02 04:39:33 fetching corpus: 2150, signal 147221/185660 (executing program) 2022/10/02 04:39:33 fetching corpus: 2200, signal 148686/187540 (executing program) 2022/10/02 04:39:33 fetching corpus: 2250, signal 149677/189129 (executing program) 2022/10/02 04:39:33 fetching corpus: 2300, signal 150474/190518 (executing program) 2022/10/02 04:39:33 fetching corpus: 2350, signal 151429/192025 (executing program) 2022/10/02 04:39:33 fetching corpus: 2400, signal 152694/193753 (executing program) 2022/10/02 04:39:33 fetching corpus: 2450, signal 153849/195352 (executing program) 2022/10/02 04:39:33 fetching corpus: 2500, signal 155397/197152 (executing program) 2022/10/02 04:39:33 fetching corpus: 2550, signal 155970/198313 (executing program) 2022/10/02 04:39:33 fetching corpus: 2600, signal 156797/199650 (executing program) 2022/10/02 04:39:34 fetching corpus: 2650, signal 157715/200990 (executing program) 2022/10/02 04:39:34 fetching corpus: 2700, signal 159146/202672 (executing program) 2022/10/02 04:39:34 fetching corpus: 2750, signal 160155/204038 (executing program) 2022/10/02 04:39:34 fetching corpus: 2800, signal 161038/205311 (executing program) 2022/10/02 04:39:34 fetching corpus: 2850, signal 161878/206578 (executing program) 2022/10/02 04:39:34 fetching corpus: 2900, signal 163248/208081 (executing program) 2022/10/02 04:39:34 fetching corpus: 2950, signal 164044/209269 (executing program) 2022/10/02 04:39:34 fetching corpus: 3000, signal 164865/210435 (executing program) 2022/10/02 04:39:34 fetching corpus: 3050, signal 165379/211470 (executing program) 2022/10/02 04:39:35 fetching corpus: 3100, signal 166447/212774 (executing program) 2022/10/02 04:39:35 fetching corpus: 3150, signal 167286/213946 (executing program) 2022/10/02 04:39:35 fetching corpus: 3200, signal 167697/214913 (executing program) 2022/10/02 04:39:35 fetching corpus: 3250, signal 168739/216162 (executing program) 2022/10/02 04:39:35 fetching corpus: 3300, signal 169619/217310 (executing program) 2022/10/02 04:39:35 fetching corpus: 3350, signal 170193/218323 (executing program) 2022/10/02 04:39:35 fetching corpus: 3400, signal 170855/219435 (executing program) 2022/10/02 04:39:35 fetching corpus: 3450, signal 171708/220565 (executing program) 2022/10/02 04:39:35 fetching corpus: 3500, signal 173003/221899 (executing program) 2022/10/02 04:39:36 fetching corpus: 3550, signal 174914/223484 (executing program) 2022/10/02 04:39:36 fetching corpus: 3600, signal 176047/224665 (executing program) 2022/10/02 04:39:36 fetching corpus: 3650, signal 176745/225686 (executing program) 2022/10/02 04:39:36 fetching corpus: 3700, signal 177304/226647 (executing program) 2022/10/02 04:39:36 fetching corpus: 3750, signal 177755/227483 (executing program) 2022/10/02 04:39:36 fetching corpus: 3800, signal 178379/228422 (executing program) 2022/10/02 04:39:36 fetching corpus: 3850, signal 179345/229455 (executing program) 2022/10/02 04:39:37 fetching corpus: 3900, signal 179961/230378 (executing program) 2022/10/02 04:39:37 fetching corpus: 3950, signal 180381/231190 (executing program) 2022/10/02 04:39:37 fetching corpus: 4000, signal 181193/232164 (executing program) 2022/10/02 04:39:37 fetching corpus: 4050, signal 181811/233092 (executing program) 2022/10/02 04:39:37 fetching corpus: 4100, signal 182252/233926 (executing program) 2022/10/02 04:39:37 fetching corpus: 4150, signal 182828/234776 (executing program) 2022/10/02 04:39:37 fetching corpus: 4200, signal 183397/235610 (executing program) 2022/10/02 04:39:37 fetching corpus: 4250, signal 184708/236693 (executing program) 2022/10/02 04:39:37 fetching corpus: 4300, signal 185297/237477 (executing program) 2022/10/02 04:39:38 fetching corpus: 4350, signal 186419/238475 (executing program) 2022/10/02 04:39:38 fetching corpus: 4400, signal 187055/239252 (executing program) 2022/10/02 04:39:38 fetching corpus: 4450, signal 187675/240081 (executing program) 2022/10/02 04:39:38 fetching corpus: 4500, signal 188197/240867 (executing program) 2022/10/02 04:39:38 fetching corpus: 4550, signal 188601/241583 (executing program) 2022/10/02 04:39:38 fetching corpus: 4600, signal 189147/242361 (executing program) 2022/10/02 04:39:38 fetching corpus: 4650, signal 190165/243259 (executing program) 2022/10/02 04:39:38 fetching corpus: 4700, signal 191352/244239 (executing program) 2022/10/02 04:39:39 fetching corpus: 4750, signal 192688/245186 (executing program) 2022/10/02 04:39:39 fetching corpus: 4800, signal 193414/245913 (executing program) 2022/10/02 04:39:39 fetching corpus: 4850, signal 194031/246628 (executing program) 2022/10/02 04:39:39 fetching corpus: 4874, signal 194680/247333 (executing program) 2022/10/02 04:39:39 fetching corpus: 4874, signal 194680/247863 (executing program) 2022/10/02 04:39:39 fetching corpus: 4874, signal 194680/248416 (executing program) 2022/10/02 04:39:39 fetching corpus: 4874, signal 194680/248993 (executing program) 2022/10/02 04:39:39 fetching corpus: 4874, signal 194680/249537 (executing program) 2022/10/02 04:39:39 fetching corpus: 4874, signal 194680/250054 (executing program) 2022/10/02 04:39:39 fetching corpus: 4874, signal 194680/250589 (executing program) 2022/10/02 04:39:39 fetching corpus: 4874, signal 194680/251156 (executing program) 2022/10/02 04:39:39 fetching corpus: 4874, signal 194680/251690 (executing program) 2022/10/02 04:39:39 fetching corpus: 4874, signal 194680/252225 (executing program) 2022/10/02 04:39:39 fetching corpus: 4874, signal 194680/252767 (executing program) 2022/10/02 04:39:39 fetching corpus: 4874, signal 194680/253301 (executing program) 2022/10/02 04:39:39 fetching corpus: 4874, signal 194680/253864 (executing program) 2022/10/02 04:39:39 fetching corpus: 4874, signal 194680/254393 (executing program) 2022/10/02 04:39:39 fetching corpus: 4874, signal 194680/254933 (executing program) 2022/10/02 04:39:39 fetching corpus: 4874, signal 194680/255479 (executing program) 2022/10/02 04:39:39 fetching corpus: 4874, signal 194680/256007 (executing program) 2022/10/02 04:39:39 fetching corpus: 4874, signal 194680/256530 (executing program) 2022/10/02 04:39:39 fetching corpus: 4874, signal 194680/257045 (executing program) 2022/10/02 04:39:39 fetching corpus: 4874, signal 194680/257622 (executing program) 2022/10/02 04:39:39 fetching corpus: 4874, signal 194680/258184 (executing program) 2022/10/02 04:39:39 fetching corpus: 4874, signal 194680/258733 (executing program) 2022/10/02 04:39:39 fetching corpus: 4874, signal 194680/259295 (executing program) 2022/10/02 04:39:39 fetching corpus: 4874, signal 194680/259856 (executing program) 2022/10/02 04:39:39 fetching corpus: 4874, signal 194680/260368 (executing program) 2022/10/02 04:39:39 fetching corpus: 4874, signal 194680/260886 (executing program) 2022/10/02 04:39:39 fetching corpus: 4874, signal 194680/261411 (executing program) 2022/10/02 04:39:39 fetching corpus: 4874, signal 194680/261939 (executing program) 2022/10/02 04:39:39 fetching corpus: 4874, signal 194680/262463 (executing program) 2022/10/02 04:39:39 fetching corpus: 4874, signal 194680/262980 (executing program) 2022/10/02 04:39:39 fetching corpus: 4874, signal 194680/263495 (executing program) 2022/10/02 04:39:39 fetching corpus: 4874, signal 194680/264016 (executing program) 2022/10/02 04:39:39 fetching corpus: 4874, signal 194680/264540 (executing program) 2022/10/02 04:39:39 fetching corpus: 4874, signal 194680/264983 (executing program) 2022/10/02 04:39:39 fetching corpus: 4874, signal 194680/264983 (executing program) 2022/10/02 04:39:42 starting 8 fuzzer processes 04:39:42 executing program 0: r0 = dup2(0xffffffffffffffff, 0xffffffffffffffff) mknodat(r0, &(0x7f0000000000)='./file0\x00', 0x8000, 0x1400) getxattr(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)=@random={'security.', ':{(\xb1{]\x00'}, &(0x7f00000000c0)=""/4096, 0x1000) write$binfmt_script(r0, &(0x7f00000010c0)={'#! ', './file0', [{0x20, 'security.'}, {0x20, '&%.)$'}], 0xa, "e19fd8b9e0dc7f7d02531f9c1ab2"}, 0x29) statx(r0, &(0x7f0000001100)='./file0\x00', 0x880, 0x7ff, &(0x7f0000001140)={0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$AUTOFS_DEV_IOCTL_CATATONIC(0xffffffffffffffff, 0xc0189379, &(0x7f0000001240)={{0x1, 0x1, 0x18, r0}, './file0\x00'}) renameat2(r2, &(0x7f0000001280)='./file0\x00', r0, &(0x7f00000012c0)='./file0/file0\x00', 0x5) syz_mount_image$vfat(&(0x7f0000001300), &(0x7f0000001340)='./file0\x00', 0x8001, 0x2, &(0x7f0000001500)=[{&(0x7f0000001380)="8eba0fe93c124dfa01038698dc4ef2c7eca208ca0b11d4c88127e64e3a185ae45c8b79d6d192738670a65b2150dbc639392571eeddafb8cb0ecca61cd7112487e0a1a4e2873c6829af32ce5676a9c2469a52a9a130b8eb83f8b2dd2f9d88ad8641daa3878b0b6055cfb49fe0584ba5157c3f3ef7acee48ceded3c7f1ccc11bc21bf82dfc0a93a3", 0x87, 0x3}, {&(0x7f0000001440)="4cc02ecc3c28aea03184d0dcd44e5087f35383780a4ebc28cff4f714116f6c2201ddc3bfcf86ba195aa896e6c90393fcd4bc1291a7c03b1c6cd521609e388ac1669d42e1b1243ca1b54dc0336e3f71ec0418a19cb7cf0e4314c852be917b9de4d02ef73965d3b813dc7f94f12651bc030d5929cea21bf61f52e8c1d6445ea299addce0a8356af1233798e5ac075e67ca7cfc3b82de5062f7fcd9d37539c9c9c3", 0xa0, 0x7}], 0x810, &(0x7f0000001540)={[{@nonumtail}, {@shortname_mixed}], [{@smackfsroot={'smackfsroot', 0x3d, '\''}}]}) statx(0xffffffffffffff9c, &(0x7f0000001580)='./file0\x00', 0x800, 0x2, &(0x7f00000015c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) mount_setattr(0xffffffffffffff9c, &(0x7f00000016c0)='./file0\x00', 0x800, &(0x7f0000001700)={0x1000fb, 0x70, 0x220000, {r2}}, 0x20) r5 = openat2$dir(0xffffffffffffff9c, &(0x7f0000001740)='./file1\x00', &(0x7f0000001780)={0x2a0403, 0x0, 0x1d}, 0x18) mknodat(r5, &(0x7f00000017c0)='./file0\x00', 0x87cf8ad0d0d58285, 0x7fffffff) write$binfmt_script(r5, &(0x7f0000001800)={'#! ', './file0', [{}, {0x20, '@:'}, {0x20, 'shortname=mixed'}], 0xa, "fcc66145f766f2d1a33d9d8d575e59b6cb6b3f5c1256090a41c229767067c551a49206ab2fa659445673724303be74d94f5549626e5709a15fd8528b5f57c316dd23534330f4b1e7ac4f46d832f7e2c745e95e04becdd6f5fdcd1a93a441d7503f8409ecea5f16731d76e541cce42cfb536aa78f9072e96ffcb6f2690e66784483e463222387031bd12431b68a6e37b22028c3bd19530fed985e35b290af5c33f3cf0da43620ff758374f70727e5feb47f3c67d9a5a9adb52522a44e4d459adaa48177f4271895cdb5467e6437ea5da3953ea15895f976191e77b881f7ba7d85bd87006eb4c5c6e54ce46d01623b"}, 0x10d) pipe(&(0x7f0000001940)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$F2FS_IOC_RESERVE_COMPRESS_BLOCKS(r6, 0x8008f513, &(0x7f0000001980)) write$binfmt_script(r7, &(0x7f00000019c0)={'#! ', './file1', [{0x20, '&%.)$'}], 0xa, "e6d845bb02576bf18fc2360209f79a92de59096378bef7ef552da6fa5538bb2e7e63dfc3319a3390167e0ac4d142111364b7860b557c0554ed3a199065906e7518ec2f0bf348e9679927609c59c25402a26e98c0f3ce2626e8830be09e750b5feff1512c8aeddfafa74e85e925e1f5c37f6de11aa05a65c51d2d52adb01cf1b912e589d3231d287269203e41cdfdcc3b427759cb25fccc29d35f03d8ff68a0f5de0875855a57"}, 0xb7) ioctl$FS_IOC_GETVERSION(r2, 0x80087601, &(0x7f0000001a80)) getsockopt$inet6_IPV6_IPSEC_POLICY(r0, 0x29, 0x22, &(0x7f0000001b40)={{{@in6=@remote, @in6=@private2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{}, 0x0, @in=@dev}}, &(0x7f0000001c40)=0xe8) getsockopt$inet6_IPV6_IPSEC_POLICY(r7, 0x29, 0x22, &(0x7f0000001c80)={{{@in6=@dev, @in=@broadcast, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@loopback}}}, &(0x7f0000001d80)=0xe8) setxattr$system_posix_acl(&(0x7f0000001ac0)='./file0\x00', &(0x7f0000001b00)='system.posix_acl_default\x00', &(0x7f0000001dc0)={{}, {0x1, 0x1}, [{0x2, 0x1, r8}, {0x2, 0x5, r3}, {0x2, 0x2, r9}, {0x2, 0x7}, {0x2, 0x4, r1}], {0x4, 0x4}, [{0x8, 0x2}, {0x8, 0x0, 0xee01}, {0x8, 0x4, r4}, {0x8, 0x5, r4}, {0x8, 0x5}], {0x10, 0x6}, {0x20, 0x2}}, 0x74, 0x1) 04:39:42 executing program 1: sendmsg$NL80211_CMD_SET_BSS(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000040)={0x54, 0x0, 0x10, 0x70bd2b, 0x25dfdbfb, {{}, {@void, @void}}, [@NL80211_ATTR_BSS_SHORT_PREAMBLE={0x5, 0x1d, 0x34}, @NL80211_ATTR_P2P_OPPPS={0x5}, @NL80211_ATTR_BSS_SHORT_SLOT_TIME={0x5, 0x1e, 0x7}, @NL80211_ATTR_BSS_CTS_PROT={0x5}, @NL80211_ATTR_AP_ISOLATE={0x5, 0x60, 0x4}, @NL80211_ATTR_BSS_SHORT_PREAMBLE={0x5, 0x1d, 0x1f}, @NL80211_ATTR_BSS_SHORT_SLOT_TIME={0x5, 0x1e, 0x4}, @NL80211_ATTR_BSS_CTS_PROT={0x5, 0x1c, 0x8}]}, 0x54}, 0x1, 0x0, 0x0, 0x44}, 0x10) sendmsg$NL80211_CMD_GET_MPP(0xffffffffffffffff, &(0x7f0000000240)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)={0x44, 0x0, 0x300, 0x70bd26, 0x25dfdbfc, {{}, {@void, @void}}, [@NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_MPATH_NEXT_HOP={0xa}, @NL80211_ATTR_MAC={0xa}]}, 0x44}, 0x1, 0x0, 0x0, 0x4000000}, 0x80d4) sendmsg$FOU_CMD_GET(0xffffffffffffffff, &(0x7f0000000340)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000300)={&(0x7f00000002c0)={0x2c, 0x0, 0x800, 0x70bd28, 0x25dfdbfe, {}, [@FOU_ATTR_IPPROTO={0x5, 0x3, 0x8}, @FOU_ATTR_TYPE={0x5, 0x4, 0x3}, @FOU_ATTR_TYPE={0x5, 0x4, 0x1}]}, 0x2c}, 0x1, 0x0, 0x0, 0x80}, 0x20000010) sendmsg$GTP_CMD_DELPDP(0xffffffffffffffff, &(0x7f0000000440)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000400)={&(0x7f00000003c0)={0x1c, 0x0, 0x200, 0x70bd28, 0x25dfdbff, {}, [@GTPA_PEER_ADDRESS={0x8, 0x4, @multicast1}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4004001}, 0x48000) r0 = socket(0x1f, 0x800, 0x20) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f00000004c0), 0xffffffffffffffff) sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f0000000600)={&(0x7f0000000480), 0xc, &(0x7f00000005c0)={&(0x7f0000000500)={0x9c, r1, 0x800, 0x70bd2c, 0x25dfdbff, {{}, {@val={0x8}, @val={0xc, 0x99, {0x827, 0x30}}}}, [@NL80211_ATTR_BSS_BASIC_RATES={0x1d, 0x24, [{0x0, 0x1}, {0x6, 0x1}, {0x1b}, {0x6c, 0x1}, {0x67}, {0xc}, {0x6c, 0x1}, {0x4}, {0x4}, {0x36, 0x1}, {0xb}, {0x4, 0x1}, {0xc}, {0x60}, {0x1b}, {0x1}, {0xc}, {0x30, 0x1}, {0x24, 0x1}, {0x36, 0x1}, {0x4}, {0x6c}, {0x24}, {0x16, 0x1}, {0x1}]}, @NL80211_ATTR_BSS_BASIC_RATES={0xc, 0x24, [{0x1}, {0x2}, {0xc, 0x1}, {0x0, 0x1}, {0x6}, {0x9, 0x1}, {0x18}, {0x2, 0x1}]}, @NL80211_ATTR_MESH_CONFIG={0x2c, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_TTL={0x5, 0x6, 0x3f}, @NL80211_MESHCONF_GATE_ANNOUNCEMENTS={0x5}, @NL80211_MESHCONF_SYNC_OFFSET_MAX_NEIGHBOR={0x8, 0x15, 0xdd}, @NL80211_MESHCONF_PATH_REFRESH_TIME={0x8, 0x9, 0x300000}, @NL80211_MESHCONF_SYNC_OFFSET_MAX_NEIGHBOR={0x8, 0x15, 0xef}]}, @NL80211_ATTR_HANDLE_DFS={0x4}, @NL80211_ATTR_DTIM_PERIOD={0x8, 0xd, 0x1}, @NL80211_ATTR_MESH_SETUP={0x10, 0x70, [@NL80211_MESH_SETUP_ENABLE_VENDOR_PATH_SEL={0x5, 0x1, 0xfd}, @NL80211_MESH_SETUP_USERSPACE_MPM={0x4}]}]}, 0x9c}}, 0x8000) sendmsg$NL80211_CMD_ADD_TX_TS(r0, &(0x7f0000000740)={&(0x7f0000000640)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000700)={&(0x7f0000000680)={0x70, r1, 0x200, 0x70bd25, 0x25dfdbfd, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_USER_PRIO={0x5, 0xd3, 0x1}, @NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_TSID={0x5, 0xd2, 0x6}, @NL80211_ATTR_TSID={0x5, 0xd2, 0xd}, @NL80211_ATTR_ADMITTED_TIME={0x6, 0xd4, 0x9}, @NL80211_ATTR_MAC={0xa, 0x6, @broadcast}, @NL80211_ATTR_TSID={0x5, 0xd2, 0xf}, @NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_ADMITTED_TIME={0x6, 0xd4, 0x40}]}, 0x70}, 0x1, 0x0, 0x0, 0x10}, 0x0) ioctl$sock_SIOCDELRT(r0, 0x890c, &(0x7f00000007c0)={0x0, @can={0x1d, 0x0}, @vsock, @tipc=@name={0x1e, 0x2, 0x3, {{0x0, 0x2}, 0x4}}, 0x5, 0x0, 0x0, 0x0, 0x1, &(0x7f0000000780)='ip6gretap0\x00', 0x0, 0x2, 0xf766}) r3 = syz_genetlink_get_family_id$batadv(&(0x7f0000000880), r0) sendmsg$BATADV_CMD_GET_HARDIF(r0, &(0x7f0000000980)={&(0x7f0000000840)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000940)={&(0x7f00000008c0)={0x68, r3, 0x4, 0x70bd26, 0x25dfdbff, {}, [@BATADV_ATTR_DISTRIBUTED_ARP_TABLE_ENABLED={0x5}, @BATADV_ATTR_ISOLATION_MASK={0x8, 0x2c, 0x9}, @BATADV_ATTR_VLANID={0x6, 0x28, 0x2}, @BATADV_ATTR_GW_SEL_CLASS={0x8, 0x34, 0xfffffff7}, @BATADV_ATTR_ELP_INTERVAL={0x8, 0x3a, 0x5}, @BATADV_ATTR_GW_MODE={0x5}, @BATADV_ATTR_GW_BANDWIDTH_UP={0x8}, @BATADV_ATTR_ORIG_ADDRESS={0xa}, @BATADV_ATTR_TPMETER_TEST_TIME={0x8, 0xb, 0x8}, @BATADV_ATTR_NETWORK_CODING_ENABLED={0x5, 0x38, 0x1}]}, 0x68}, 0x1, 0x0, 0x0, 0x20000005}, 0x90) r4 = dup3(r0, r0, 0x80000) sendmsg$NFNL_MSG_CTHELPER_GET(r4, &(0x7f0000000ac0)={&(0x7f00000009c0)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000a80)={&(0x7f0000000a00)={0x50, 0x1, 0x9, 0x401, 0x0, 0x0, {0x1, 0x0, 0x6}, [@NFCTH_QUEUE_NUM={0x8, 0x3, 0x1, 0x0, 0xffffffff}, @NFCTH_PRIV_DATA_LEN={0x8, 0x5, 0x1, 0x0, 0x15}, @NFCTH_NAME={0x9, 0x1, 'syz1\x00'}, @NFCTH_TUPLE={0x20, 0x2, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @empty}, {0x8, 0x2, @multicast1}}}, @CTA_TUPLE_ZONE={0x6}]}]}, 0x50}, 0x1, 0x0, 0x0, 0x10}, 0x810) sendmsg$ETHTOOL_MSG_LINKINFO_SET(0xffffffffffffffff, &(0x7f0000000bc0)={&(0x7f0000000b00)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000b80)={&(0x7f0000000b40)={0x24, 0x0, 0x100, 0x70bd28, 0x42b0, {}, [@ETHTOOL_A_LINKINFO_TP_MDIX_CTRL={0x5, 0x5, 0x8}, @ETHTOOL_A_LINKINFO_PHYADDR={0x5, 0x3, 0x3}]}, 0x24}, 0x1, 0x0, 0x0, 0x4000000}, 0xc004) r5 = accept4(r0, &(0x7f0000000c00)=@pppol2tpv3={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @multicast1}}}, &(0x7f0000000c80)=0x80, 0x800) ioctl$sock_inet_SIOCGIFBRDADDR(r5, 0x8919, &(0x7f0000000cc0)={'ip6tnl0\x00', {0x2, 0x0, @local}}) setsockopt$inet_msfilter(r0, 0x0, 0x29, &(0x7f0000000d00)={@loopback, @multicast2, 0x1, 0x7, [@multicast2, @multicast1, @broadcast, @initdev={0xac, 0x1e, 0x1, 0x0}, @remote, @empty, @private=0xa010100]}, 0x2c) r6 = syz_genetlink_get_family_id$devlink(&(0x7f0000000d80), r4) sendmsg$DEVLINK_CMD_SB_PORT_POOL_GET(0xffffffffffffffff, &(0x7f0000000fc0)={&(0x7f0000000d40)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000f80)={&(0x7f0000000dc0)={0x18c, r6, 0x8, 0x70bd2c, 0x25dfdbfc, {}, [{{@pci={{0x8}, {0x11}}, {0x8, 0x3, 0x1}}, {0x8, 0xb, 0xda8}, {0x6, 0x11, 0x5}}, {{@pci={{0x8}, {0x11}}, {0x8, 0x3, 0x1}}, {0x8, 0xb, 0xcd}, {0x6, 0x11, 0x6}}, {{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8}}, {0x8}, {0x6, 0x11, 0x3}}, {{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x3, 0x3}}, {0x8, 0xb, 0x2}, {0x6, 0x11, 0xfff8}}, {{@pci={{0x8}, {0x11}}, {0x8, 0x3, 0x1}}, {0x8}, {0x6, 0x11, 0x48c6}}, {{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8}}, {0x8, 0xb, 0x4}, {0x6, 0x11, 0x8}}, {{@pci={{0x8}, {0x11}}, {0x8, 0x3, 0x1}}, {0x8, 0xb, 0x205}, {0x6, 0x11, 0x2}}]}, 0x18c}}, 0x0) sendmsg$ETHTOOL_MSG_STRSET_GET(0xffffffffffffffff, &(0x7f0000001300)={&(0x7f0000001000)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f00000012c0)={&(0x7f0000001180)={0x120, 0x0, 0x1, 0x70bd2b, 0x25dfdbfd, {}, [@ETHTOOL_A_STRSET_HEADER={0x44, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_to_bond\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r2}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_vlan\x00'}]}, @ETHTOOL_A_STRSET_STRINGSETS={0x8, 0x2, 0x0, 0x1, [{0x4}]}, @ETHTOOL_A_STRSET_STRINGSETS={0x64, 0x2, 0x0, 0x1, [{0x54, 0x1, 0x0, 0x1, [@ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x3}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0xa40fd4d6221cc0f}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x4}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x6}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x8}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x1}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x5}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x4}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x6}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x7}]}, {0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x8}]}]}, @ETHTOOL_A_STRSET_HEADER={0x4}, @ETHTOOL_A_STRSET_HEADER={0x58, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_to_hsr\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r2}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'ip6gretap0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_macvtap\x00'}]}]}, 0x120}, 0x1, 0x0, 0x0, 0x4000}, 0x40815) 04:39:42 executing program 2: unshare(0x2000000) unshare(0x800) unshare(0x800) unshare(0x18000000) unshare(0x24000000) unshare(0x8000000) unshare(0x16021c00) unshare(0x10100) unshare(0xc000180) unshare(0x20000000) unshare(0x8000080) unshare(0x68010880) unshare(0x100) unshare(0x80) unshare(0x20000300) unshare(0x200) unshare(0x1000000) unshare(0x20040000) unshare(0x40000000) unshare(0x40010000) 04:39:42 executing program 3: rt_sigreturn() rt_sigreturn() rt_sigreturn() rt_sigreturn() rt_sigreturn() rt_sigreturn() rt_sigreturn() rt_sigreturn() rt_sigreturn() rt_sigreturn() rt_sigreturn() rt_sigreturn() rt_sigreturn() rt_sigreturn() rt_sigreturn() rt_sigreturn() rt_sigreturn() rt_sigreturn() rt_sigreturn() rt_sigreturn() 04:39:42 executing program 4: ioctl$BTRFS_IOC_DEFAULT_SUBVOL(0xffffffffffffffff, 0x40089413, &(0x7f0000000000)=0x86) fremovexattr(0xffffffffffffffff, &(0x7f0000000040)=@known='user.syz\x00') ioctl$AUTOFS_IOC_READY(0xffffffffffffffff, 0x9360, 0x2) ioctl$BTRFS_IOC_SCRUB_PROGRESS(0xffffffffffffffff, 0xc400941d, &(0x7f0000000080)={0x0, 0xf1, 0x4, 0x1}) socketpair(0x21, 0x5, 0x3, &(0x7f0000000480)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$FITRIM(r2, 0xc0185879, &(0x7f00000004c0)={0x3ff, 0x5, 0xfff}) r3 = openat$null(0xffffffffffffff9c, &(0x7f0000000500), 0x6103, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(r3, 0x8914, &(0x7f0000000540)={'veth0\x00'}) write$binfmt_elf32(r2, &(0x7f0000000580)={{0x7f, 0x45, 0x4c, 0x46, 0xfc, 0x3, 0x5, 0x20, 0x7, 0x2, 0x3e, 0xbd, 0x90, 0x38, 0x2ca, 0x3, 0x8, 0x20, 0x2, 0x1, 0x1f, 0x2}, [{0x7, 0xfffffffb, 0x3, 0xe4, 0x5, 0x101, 0x7ff, 0x3f}, {0x5, 0x0, 0x10001, 0x0, 0x8, 0x1ff, 0xf96, 0x200}], "87edc9aaab5ea4261a898d407558c2f7a7d388da7fa64f3c8f6343d23f09ce36cdbd9ed8dd0a95ebaa", ['\x00', '\x00']}, 0x2a1) ioctl$MON_IOCH_MFLUSH(0xffffffffffffffff, 0x9208, 0x2) r4 = openat2$dir(0xffffffffffffff9c, &(0x7f0000000840)='./file0\x00', &(0x7f0000000880)={0x420000, 0x123, 0x2}, 0x18) ioctl$FITRIM(r4, 0xc0185879, &(0x7f00000008c0)={0x8, 0x100000001, 0x5}) ioctl$BTRFS_IOC_SUBVOL_CREATE_V2(0xffffffffffffffff, 0x50009418, &(0x7f0000000980)={{r1}, 0x0, 0x6, @inherit={0x60, &(0x7f0000000900)={0x0, 0x3, 0xffffffff, 0x0, {0x0, 0x5, 0xffff, 0x1, 0x200}, [0x4, 0x0, 0x9]}}, @devid=r0}) setsockopt$sock_int(r1, 0x1, 0x9, &(0x7f0000001980)=0x1, 0x4) ioctl$BTRFS_IOC_BALANCE_CTL(r2, 0x40049421, 0x1) r5 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000001a40)={0xa, &(0x7f00000019c0)=[{0x5, 0x81, 0x20, 0xb6}, {0x4, 0x5, 0x5, 0x8001}, {0x0, 0x5, 0x3f, 0x3}, {0x5, 0x8, 0x0, 0xe8}, {0x4, 0x8, 0x9, 0x7f}, {0xaed, 0x7, 0xfb}, {0x7f, 0x52, 0x5, 0x100}, {0x4, 0x3, 0x2, 0x7fff}, {0x4ed8, 0x8, 0x9, 0x12}, {0x1ff, 0x8, 0x20, 0x9}]}) fcntl$getown(r5, 0x9) r6 = openat$tcp_congestion(0xffffffffffffff9c, &(0x7f0000001a80), 0x1, 0x0) ioctl$BTRFS_IOC_SCRUB(r1, 0xc400941b, &(0x7f0000001ac0)={r0, 0x9, 0x9, 0x1}) ioctl$BTRFS_IOC_BALANCE_V2(r6, 0xc4009420, &(0x7f0000001ec0)={0x18, 0x1, {0x345, @struct={0x80000000, 0xba6}, r0, 0x6, 0x1, 0x8, 0x1f, 0x1, 0x3, @struct={0x2, 0x2477}, 0xc29c, 0x200, [0x50, 0x9, 0x0, 0x4d0c, 0x8, 0x20]}, {0x7, @struct={0x1}, 0x0, 0x80, 0x1, 0x3, 0x800, 0x1, 0x14, @usage=0x4, 0xfffffff9, 0x2, [0x10001, 0x1, 0x8, 0x0, 0x1]}, {0x6, @usage=0xfffffffffffffff8, r7, 0x8000, 0x80000001, 0x2, 0x3, 0x1, 0x28, @usage=0x100000001, 0x80000000, 0xeb2, [0x2, 0x61, 0x10000, 0x8, 0x800]}, {0x0, 0x2, 0x7}}) [ 73.796886] audit: type=1400 audit(1664685582.233:6): avc: denied { execmem } for pid=286 comm="syz-executor.0" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1 04:39:42 executing program 5: waitid(0x1, 0xffffffffffffffff, &(0x7f0000000000), 0x2, &(0x7f0000000080)) waitid$P_PIDFD(0x3, 0xffffffffffffffff, 0x0, 0x40000000, &(0x7f0000000140)) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000200)=0x0) ptrace$getsig(0x4202, r0, 0x7f85, &(0x7f0000000240)) r1 = gettid() ptrace$getsig(0x4202, r1, 0x3ff, &(0x7f00000002c0)) rt_sigqueueinfo(r1, 0x12, &(0x7f0000000340)={0x40, 0x4, 0x8001}) r2 = syz_open_dev$tty1(0xc, 0x4, 0x2) ioctl$KDGETMODE(r2, 0x4b3b, &(0x7f00000003c0)) setsockopt$sock_timeval(0xffffffffffffffff, 0x1, 0x14, &(0x7f0000000400)={0x0, 0xea60}, 0x10) ioctl$sock_SIOCGPGRP(0xffffffffffffffff, 0x8904, &(0x7f0000000440)=0x0) r4 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000480)='./binderfs2/custom0\x00', 0x800, 0x0) fsync(r4) ioctl$TIOCSSOFTCAR(r2, 0x541a, &(0x7f00000004c0)) ioctl$TCGETA(r2, 0x5405, &(0x7f0000000500)) r5 = socket$packet(0x11, 0x0, 0x300) sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001780)={&(0x7f0000000540)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000001740)={&(0x7f0000000580)={0x11bc, 0x8, 0x9, 0x3, 0x70bd2c, 0x25dfdbfc, {0x5, 0x0, 0x8}, [@generic="0ca86ea29fae75a86df358778805f67061cc8e0a72236abf746f3f3f769493ef60c56de57d07f372cd697e8c7ea155a1b3008a8cbc49b4512687ab89e985aedf0ed2edcd1d3124607eea27b248e528bd5161559d410d989cf36b81a7ff5c140814ec59903afb3ac269192e594ccde913c8005d64e8cd998c24fbc24409e43e39fe13de1f5a72b866b88009088e8fe232721d99bcdadfc4337b149646b38fff39e41102ab706eccfbb05be003d2f26c2b9ff1ce7f249608c5eb287ed0c703feba2cbcfb4c3f29adefd2c5ab2b0e6946b3ef1e3364ce947374c207b9a361aa02187465deab9fc56cc650a64b79dc56aedacd913757f79060b57ce62f49d600bca4842ec73091da49b5138d1f5538c3442b948a0693f060f6b33407c6a38c98cc451521c8ddf37f8c07830a5b757eedfd0e210136d8d1c4f60959dc1ab22e97c056f0438b00a58aff4f2dfe85324a875bfa5de21b27dc631622b8fe17cdaa6d50fa209c169dd72a4d05c071bdf1e0d1fa77a130121388452fe4c177560975cc4bc07ff083e123099e9735c48e60130a72b22018d6cf10e19a9479b5ae1c6724fe50401ab544af9be14f4903879ee620d5c6174354e521f5a18278c67238b29a205a0a0aeb243f5cc6c3377c76921b00b7a900db1fb66b7b20d1e7a674b1f19dd21dc649efd015d1eff2ce6c043038f522f3bfe77dc83933cf49220843fcfe07079b99ee37fcebcb0bfe87f8870251c7bac7e7fa248a27f573c9a26ee91c751136218fc5448147b751c105f65ca57a0eb6ee3ac253855652cdc13b6b881d699990146e3f81590780d37fa99caa1899c7e484028b53ae836d7aa476874b0958f56f68a2cc84bbd6520b841511769fd3a1ddb1c6aea789c041eac17500b1338574c15b3d0e15901a7bb8fd4e3f03d4abca6dfec1097d402ad85ac51ee04e78e6c2e981840de6f4003442197ea067f60190e24fb296b8f6524838d4bbcaaa87fafb28e9b370d38ee15cb80a9ca720be069bade95b676ed3f2d8e8eabffac17f775a39b6bcdefa792923e2d952f0af0241d4cf443b6006c9afda056b0764b3b8bf372f0705c293ed36052e80a5030c16ef6a33a78c686d5c93f391f72706c94f065081e684e34763b3d5e4458e4d99f785bcc42640c3291315ba2c13c8be9abe4f7c272a53196df24bc2181e6786e5647317745ea6a59679ea68365065d8e58119566b69b3cabbe589cc238d3195dc84cc9c2104f2a95f751bcc05408cdcb40337a0e7f3d38f8b9b084c486dcbd0752f218382e35c73e6e754118511d969f2316b6c205e424c0923ca292888c3a412990041bc4763a035c3581757fb18966e1264518b02ecc8338f209f4ef94678bb8b58f473ca1ac5835cd410407981f2b0958a515b2cd9de4892dd91701eaf4e5ad589e90c59cf93ae0a5bc4b75b8e000c17273f25105ff0a5b56590294e6f8e029ad894fe464a59a7b4e2d788a746173bbeb10fc43eb1778dacb859b7c8739d98e54fbef981c2a399b2dfd4a7ccec02ff8b9458da8b6f30933fe405adfa7fcdefd2b37270e612d0e1a6261b0c3a26ab82e36c7ab30e4cdda28244f567bd48eddb3648d41d5364d754e3dafc96c5fb1bb2529502beb1c9372aa72c6c8d0a36e8812e11ee8e21b52615e2edd60d83d954eedfc9b298f022decdee6727902ead84818bf950f123e995fa8d9045ce9f0f0ead6b8e70aa5e14e75b0b15639b6c0c8e3542b3410351b09451f3d00b61c3f9f7ac41001a50b1d82f559ed78c0e8fb985c65c5ff84f1d36571f736b38568efefdc64098726a9067b688ae3f9edd36fcf6f70ea7098fd7a617e6f8fe9e65e4191916fd96017eb1b71de789109ae2244e67d5415a5ef81fa5204b7f85a14476c2351d0f3f8974b660bc1dc3d6c1adf9bc9b044160639d15eb75f94319ea70b45f3386ae09e27975a8a5be18ac559cb13d33c2714d9f223f76ba393675d5ed8ec4123ce186cabba236ab3b08b8bf4225139512380e5a28fe74f24a4062587f56c9d1a6d1ab3918e23b231961a505f4750abfb861f73d103e96b857b7569d78f60692059be165b9a4eda57a835ab3d20035ec927a07b0749d08745d76d81ba32749c1926de39a34d6e13c2f594019792d946f27cec583fdac25bf16aaaf5c9ee7f8abb732c87f569169407ae99c93c019331196c78254bacd309c79e0c59699f6cd6b085b60320b7c9fdaa606974d97ab5dd5a56ff209cb98773b79bb9a51146417fffc6093b58bd2feeeb32910f5bff3c41d0ba6f84be3444a0ec779878e1d3cfac9b22b818573fc05902b5fd44339df4362cd5e430829c3ce505aa0f035fde2c979f1738112ddd3b70367f28f2d9e602c5cf78ca0804b7d46d05d1bdc608c2e281320a790e9e5982f08322e451053ff24b8a35a441b202ab21dca407db1401b218ca324dcaa4b5d1c393a9badbd5bc1e4e2c94d6fffb81e7c42895580f079ce1be73e287cc5613dd4321b8ae36525da0fcbf0a45b71bceafdf61e1c2f4e9d5381824ef1805d731f8af2ad7ed2408a4b6b7937b182baa2402763cd0b2e6b33cf27e07c25372cb3ceb58ca78f446003a58403adbb9d6484bb10f1cd7712f91190a30a17a58942bba3c7ccda5148a8e1ceeadd5c5c59e3d2c12a1d621e616684bef08b5da31963db4afad2bd061765c41932f1d85a34105d1a14eb882afd392752f9595f635fc1b9e1e1b6da6b3bd35a4b4a9fbb4bd17a3283f40383ec93d3a36196496b36151436ac39639333dc8a5948c92c54800a2dfed00d294c4b18b6c4b232aa67ad3dbd90c9d07036779519637e4ee3fef0c4feeac217566fb0719a4c1fd321c450172aa2efc9b74b4214c2168d632e1f4d83a5c4d6301e737ee262bcefabb69c9bdd7453f70d1758c32224c4a7123ae4452e919c0ad8e2a9041c4a3791de701418163c5f90e6a1e728bf016b68bcba5a84d5acc9bb4212027faae8884d6717709155d13b65f73f4a0e918b27a500cad8dc2886efe063de778aaee68fd979a11025dcb0743c02a407feb2217fb7cf8752dff8d3310ce674b3829db15b92853a4d398c408dfcf4bbf2207794e585289fc8516c2b59301c5b7274bd5037714b46ff4e015d4d3072a72c93e252c7687ea2f06481f95980ba01dd1bc1fac654127c58d5067e2a04613988218e51960814ff09aab566815f192b1127ac92fc2cf740567f03a2d2a1c67e48ffdd10fb797ccaad64d163a7e8bf27d228a2a0f13ea183d5b036683ef3df624db98e3661e0a84f11e1b6fd9f0615d757d575623fe534b55fc0ef7aeeb844127e57c1780b1b73a8be8418cf5adbd36ff7681939cf8750fae3d74937e99dee5e9ce5e5d0c2981857bbcc0211bb395c165c7a5d2fdea9274fbb593a9ca57ad2115d49ca3832fb52b15392df7ff09ca0cfaf366ae5f1a7984cac8a0baba2e6998e03f7e3a057e09533f6ea9d10fb9deec233041a8825888f3f45519427cf21fdf6adba1c9e1e214fa7a25931d41f774ed4c68ef96610b7f3dc4609c85d4353537708f4808614f945ebd68de663993ff0ea63855bb6a490627462686b6e476316f4964dfa06de46cbb38c28f93526c7a4496bdbd3817292c3e800c379070fe14b535bafb2fce9ba6bf604dfdd35394c1c2bae666f53e9948a0ffc4e9e47c670774b4eedeed8e18ec832a624bfda3c060eb4c3eff10e98de3c38f8d6aebabe24931eb10c2b2fc633b56f47667d0e0d1abc61dd7f48a1bf6d4eb5f298405609c950b4d97e9e21d6f0e30b94eaead7a77d5c7c15799302ca106c67c969cf3e0fd63e88f76e38d54dad62f3d08236d566e5f99b0daddf6bedbef705c44bbcd976f3dd39d0c58f412d2653671c6ed88308320074805ba1ac7798c35fcc7f09a610211b56d378b0791ee03f46bc3eddf96a29c706faa5a5dc189934932463cd73608dfae30bda1a403bcc2f2bc5cf94c49f64bf8868549d32782a8dcb018d854666986ed1dc4d2e9ae9f134b34d81bcd288cae3296e1da97950fc37c4cb0a5e083a9a85a54c3db8065cfd9493b9b2b520a7e09b8872fb80ea05d9ce1fb2a9c6927b038557b3a100ed8714a8ea9cc93a56a27d4c664653ad1c6d68b78a207dcebb02ec7d091a6cb6aa8268bc6096a996e05d1fa1a8894fe1de060ba643cc8465d98feb90dad3d7f19f1d3eb82aece2382a19e24635f010a7075c9da846ca1ab9207255439581f37ea1030615b2d2c75d7812d30a39b32ef46eea55750fc0570b7dfeda435dbd4b93d3a7ca4917f1acfef942b1f1cb8d3d5da121b62cecd1c8e97fe003b8cbfdde46fdbdaecc2a7dc274c9114e502ee8266340c9ca0c747d5af763e59c5a6c4385f2bb54c7d130243362a4bdb46c345fd6b43f52dccd7abd15df0025db42eb1defa4be7396e70e51b26df8472a85e92ba7f35c96be72f7fc2421fc84bdd431d56d025e30d08c5a47abdfec59204cf0328722727f4afca9ae15d14a38eed1a715f95096d6d85ebb6afeb307081e182b6f89bf9f3e0d77b9ae35f15c50d46af0967827c26ccf3d4d678c5ea2df9e9f54cac5e68a7d5a76b1019a9cf74ead01f7411b406e3a110defac4828c73b2eb62115ca953e0f52bb084b131d66416287e4b7524fcb5fce6109faab2eb2fb5a5759d6514d5ee414321380c1ea0ed08039e93ac513ab4f83a9fd6e089d5064d99fc679dd4a34bbb5b391763a9beabdee8721f3786791661c3228e355dd0095e611dbc7e5316a5317269eaf2dd973c6d90b3fad0f50d21f91238ab99b0f492aede23d91c3ccbd57a7290c711f26cd85420e91c445e82f29c5e938c790e9c06143463d86729f7a89bd9c8ee8cdf24585c8f2293e61210b64b3fe492b6be759151b173fc5bf72a0930e9c2ac5c806eda28dc3656828901b9dd3a1316b6456983ceb5cddeb16622c9b3beeeff72d1edaa565f553f5cbb26d9e2645127a3bf13f759a13474bee37add6f19c2e6d7b042ab4b838d08dcb7417a6ccb351b2e1f37a85e30b1133993155d605112d8e5f84bd9e8c352b31c8f06b9c9c3e1ef5b9eb04f116b529fae2cc6f49f8c9741728290fa6a86f21b9f77f4e3bd1688658d3b2adbec7273b4fe7e652e6dc2cf280eed3dcdad943ce275bb8d9349d2f184bad271c24b7a5987d0bb171884c7ef552a31bef4de2b8e01bd8c0896b24d2a7cee6e9371cd571f6b72786b1f9363a6692bff4cf5dbcb089c2782ef3415aedc1c14a71b0faf1fc51fff2a074e8312ebb5f0a6b0d355706352f697de5377b1ceedc33c14e182877ef0d5c8526da0fca9d558c61da55111d324bed7593fd2896359bd61a77fbf15528da173d31b89bcff4274c86292d464229409b850e8634ad062c21830c49cce3a85a4d6ab3241e866287a33e434ff0d3a1895a5c9e24145378b9ec01645c3ee000f017526dc6124d40b992b139b2f20ef7453a50078157e876bc40ef643e5cca84eb4e358fa1f6dab399763af41045abdf8e9eb2452147e5269daea1ce3732331a1f75b99ced66b0afd936bcf79d5da0df5d90b601f53249ecfdeff380c8eca832bd650d7c3e1fb548e169d1a625a3f6646e1fb8edce2b5f1ebb70bf89b56e97776ef3e2820b68f99def9bbd378a0531aa604fc5bf060bbce7566e5495fa189498f9fb26d58d60878e0e0200469126b93b35f58baeebc347912e3f4dc21e9b4ea3a5ea68fe519ab67e028e1b9f3fed1a9489fc22a1e5b6e5fa600fa69b45458607e9b33c181c235e73cf330e269a0d314cd0ea680786c54ff2c6dd3c7b2faccebfb8ec87f8d913044aa6d8c7a7c951", @typed={0x8, 0x44, 0x0, 0x0, @fd=r5}, @typed={0x8, 0x24, 0x0, 0x0, @fd=r2}, @typed={0xc, 0x96, 0x0, 0x0, @u64=0x80000001}, @nested={0x14b, 0x82, 0x0, 0x1, [@typed={0x14, 0x1, 0x0, 0x0, @ipv6=@remote}, @typed={0xaa, 0x1a, 0x0, 0x0, @binary="611526ff9a28370d61293db3484da6a50e1b93178f6d4cdf464c54719fc9fa1edf0c8e4c9963f83cbfd227cd171f3a81444a16b7e2ee2f9dafb512c14d0c84000e8a715da178b3f8b070b98491fa5f085674f73a1c1c021c7063bba784e52629d950220eaa7ece25101cd4ddaa593f5b77c9743e15913c3e1a8729710ad314714405cb1cdbf24c7ab5716799739439113ba69081264e11fc3ea9551143165063a47e27b7928c"}, @generic="85206f489f20c14fc2981f796dec09d53d8c63004d1402d4ff6c16ee7af56a8a6e5ca724b17675ccb570001e88a4bb138bfae2b6cf30d3d040b0aabde139d45e189d9eab2f618786c87e3a6d4d7b367da668876c3e381afeed9f1c4accd413318157e13662a2058b3df6f3bcf9b05fcc543e275a3f84558828d5192c6de4ff", @typed={0x8, 0x6e, 0x0, 0x0, @ipv4=@initdev={0xac, 0x1e, 0x1, 0x0}}]}, @generic="8f0ffa3f6b13b7805671fefd7ef1258e20e5b6157d36c3b1afa7e9c0459d5fc013668a8f1ca975b04444e5490facc31816469404fe56e91252dc4a1386acc91b"]}, 0x11bc}, 0x1, 0x0, 0x0, 0x84}, 0x0) clone3(&(0x7f00000019c0)={0x18200, &(0x7f00000017c0), &(0x7f0000001800), &(0x7f0000001840), {0xd}, &(0x7f0000001880)=""/132, 0x84, &(0x7f0000001940)=""/44, &(0x7f0000001980)=[r0, r3], 0x2}, 0x58) ioctl$PIO_FONTRESET(r2, 0x4b6d, 0x0) dup(0xffffffffffffffff) 04:39:42 executing program 6: r0 = io_uring_setup(0x515f, &(0x7f0000000000)={0x0, 0x980f, 0x2, 0x0, 0x396}) ioctl$BTRFS_IOC_SUBVOL_CREATE_V2(0xffffffffffffffff, 0x50009418, &(0x7f0000000100)={{r0}, 0x0, 0x4, @inherit={0x58, &(0x7f0000000080)={0x0, 0x2, 0x9, 0x10001, {0x1, 0x9, 0x8, 0x81, 0x49}, [0x8, 0x637]}}, @name="0590e9e58b8907b4278ce21f02bccbcab65783563d3f9352084530c4520dd4f84afddbe0984387bbac14777b86f08d97c31e8b06bd11b2067a215d66169483e6be934eede916f119db3aa7ac2995b0bd38bdec07a1d4f457c05b1f063c2220d5ce671363bfcdb6483eb8cebad39cd7ab7929c3348197343d4f46db981fc5d2bd0e7c4e6bc8bb416c5aa51e4297d5a788b3883a8733ef897590b9a795607e9d5f1e888717dc3c79688bd54903d287ccf2bde47ca85b959ef8aa6aa16b411de1e42564d880fe61c7a90574c16d9d72207768f7a92c2b1b20f8422933c189ed2e1291231d6e79666b5a45a40744e56105049f7bb061598bde5d75aea06804c8d06dcf0d7070f39ff56b837c02c6580d094bd3d3b14ae0664f742f26b7a7318ad32422d950348ffc2d31bae4b8ce116cae079684f2a4951961d1db940a6de2e2589e0aa72e6d96475f9e11c715fc6fe13f640f7472e05eb5d6cc38f3f3e05e098566edbc0446b016604a5cf84fb9ffe1b513fe8e275b280a62fb87f37745b7a10b7adbcaf6af57d21e08c6be45070d91a8cf57bc5a96329cbab36001ec799a4b2765105a54586d6ba8f895b31298a30989016e7f7c318acb4a73c793994119604ca39b6ba891596db92a23a402fd7f963b7e4e257e031d1ddc53d66df940606864131a4450467476f43597c81763f2d49004b582b58392d691566bb25fc8f482443d3a98d3754d12c8019f6a6fb2bd24ff31ca6904e698c20ef8b3b3fb33cdcce5dcb78f007e33e67c45724c51ec31e1a46bbca6293c3c9f4be4e0dc2a7e3d84aca5b2d090062b15b20bc5e50f76fe8b26d49fb360f5c4a490986fd126979e953b44f4f95afd696669fd591a12f69c2ad33cbd711341864369688f8dbca2c6d4da0010da6fbf9fafc60e0ffe6ffd354439cf9966d1b4c00ad8982924245c9b90776663a5aa44ac24b695ee08ae150f4b095f22fc62f52d61c26853b4ba4ebac4de586882e23cfe4013882b954d6cdef00cc6cc5ea02a298eab0971fe3c21c3525349fb9d9147bf5e8936f8f4af901507f0179b55cc8436feec84ef3f5d78e29033af8d3d9992c00c3f1c2bb5b6314fc0750121b6412e0bec0b726c41d5b1d09f082495a2e90247606c146c742098a6ee434ed360bc2c9953dfbf6ea50ddad960f3368fd914a2a2a7fa9089e72110e043894b206332e991097228ba664d133fcef8f5e110235495ba0f141572987fa5a8e00e17a6433a64b9da982411c24480704ef6150ea6a23db475234c485cce0e75dc7085027f05d90180a1a31a6c52df8de24476c7d467fc20a9ea603e20943edaf587dbd58608f982f1ee88e2e80c1e95b1f71c2643120c8dac1f61a36dba3070d7dde790de0b46613b9b7ca3da050ee96be791c30ef8fc479671c7b6064ab26b21aa055633c3e37912ea37e46e4adc3d6d0172f0ad39efdef7813801d701816b91a12e0a6e245d0b8006afc4f7cf929c64116dca489a9bc4162e166e3f54470b1e574a13a6072024b3428165b580000a015e9224a631a38e887688860800ae6a64a9b8455da77934fe6543e8b015932480c3e4f3d97ffc590a12922a190b373fffc35ee5f6bc17a3b2c2c710a5664b8b85979e18257621e1fe4ce575fdf42525dc0a9c3e4ae2428998560076c79a52ba1a8e411608aa1a8b0d4686b2906add056182f8d7bc980b8cb818bb87d6bf29791fea8035d2ef6f63804b089bd88536f2d16f682f68c95676f53cad1e46348e0b71e7b756507dbb0c704b9aeca00f4948b9044d6278ce02d5e0bf95ec13a1db2ad18550af9bdfe8990f01f3e5fa7d95e59d8ffed4e6db9bb2474b36f35092c660c4fa2311466d647193ac9cfd31d5bf9f63306f0df5712947cd882d529002a79b5519f4db5a6666aa5bac3731f6cb88f1229db35fa8dc2f8f1277b6e6ffea90e219f2e652d71db4b951291af91a00d60826a2792522e46c08cc775367dbe9aa4064956548e83e1c84b71f37e7a94b548ed958f75a45bec900a06df2f350d754185b6be3b1e1ed8a3c19213e2186a8dddb063af273009ab38db3c8add4c6d038d6fb42921b2c51521aa1ce8a54067c670a883791c37037a94afba55ccbe059f685e9e67e0ed2a57dcc9a41850aec54a96a7bf7ea375b297f3cae1365063e7f9d2b8c2fcc21c974eeabc040feb680517cd0b1ac5bd6b89562da8798e3dbf2181247ddb9b641e7f26848d2a8efa3ad81039d3eab8a021d8ccea00c104f76033fbf2b86f4f47e06f2b9c0b8953f339d436dc8465a6f279f3edf78949291a57bd208f5f2948d619898bb27114b798ee78156218448fc5576352934c001ee12c8ad9c3a1a936cc2c0bea98336e2e592bc22f5c897aea90c500862d0c63984ec68a95656ed6c7d9e8be94d527728f4fbf3fe42b9c213b041595a2288a25d0aee361acd5d9eeb2eccf3fcf4be9f45f2c6e0fe0f38995a2889d744f505dd69de30ba5107eca12650b6399218a896e11b5abf057ed2908525c9f0152f16229ab84da43f0fc3f9bd0df2e176b48c8334c6f6701c85fead840788bad501a7c47cc8d575aaca9cbb32e22ec627f8e2259033bc61290be3b745e91e0b3d695d8480c635d73b8c7485f602da7fd8993eeba6fcef864c88782fd4566c4c08c8997f4e8152d5786e3e4e960a0a0787d7ee7a87788b2210b8a585f168733c344b0272473ec921ade21b1ba75a43c2daa6bce05cff20e7884c006b89a16133e905760b6435769463be4ae28c890472b6b3bd7dfe6a7bb8f19b78f3a0cb267bbb795fca2d0ef3e684e15baba865885f0e1473b1bd5624ee0d23f3ff181050b05f05c035f3accdb08b3f73ceffa311c7f4c8ac241450877c0ee0e045998096750392b81589d46b32141eda3e743706b67b51493860bb3ff5811a16feec310d8d9404685430098cc7a9f3814140a034da0df0a2754fd0ce51dcb452d44cf553656f71f487825b141657aff4c93554bbc4890a039f0a8ab38a81a6076b6f2d5d03ff15485251ad3b6f237714a8fbf620e03bb488da7e0401a3524920eba96dc39f69625e865e636ba43558955f3b335066a47c1eab61ebeb4a244b20c6a6aa77d0917ab3cd2fd30260a6b3d3f45f08a853eca9bd0b4a97d2ba012c04a551b32842522f47500ea3e54ec0e68d0c810164be36e28aab43bcf6743da565a3a8fddbbd8842d474a0cf1ed18b473d876cdad00f59e23ca31b8569f0a554d621770cf31a2ac48fe5a901b931d265cd4cc3380b80c2550ae10984c86a74cee0edefb59161d903f4a6424ef259c2dfb9012db8240a8153a3ad47f6e98ad7e28ddb6ac97878cf12cd0b547f8b2058c9557925022fe57d1808d5a3dd1b19952a3f7aeefe45d0f3a02c9e58572ff299449fc579620ed4b88b987c18481e57f4222599af84b1f6e2e27805a25379ab6eef0452ced733eb984c87efba1ac495af180fdb485a3f8ecf02019f7297c327d699d116c880294f69cf665ac91f594ee81fe3a84bcc54b11b86290c8d9c6d4a28407a9bb05cbab01941a9cfc99ac6f606666c7f75f53e980a3954d2e90ddda45658c10dfdebc0b66444233074c0b6a71e8bb2c729ce0eba14d0eda0d8921accaef03663ab7b7fa9cde8418d5024baaacc4b596e18e9b3c7f9221f37f0fd6a4c4bcf7a895377149f754cb4b1fc663cff7cb6ded2117d68840f4289975a15a674c94ab08d7e7b916c407c37e25cdcfc9a00390feff9bc783278352d92a90e0f30386f69b3b1f5b5c0223cd88c5a974db00db0438cf686f0a3d820e0c886a50fc74b7664663ae35fbfe68558c7d570a45660c1c35047213ca35d8cd30a4bce311c44a3e24530041ec898d3a20b2a252144cede05414326842864b122b707048e7dc6fdc7df9e6cad9065a461a8108e40bf94482b230873fb231278c80733353efb4f9cc6a8b2c65ce21429e4b6bdd55801f0771e67b775bb51311711530476205d5af17f12cfd122fb64d2dc3838ab4c1bf8b3968816d4bdd1d91539503036727a915a58da707ca8eaa984cd63f3e672a8f1b07322872f359ce249c155801b38c747b93d4bade28dc2674be5a41cc4054cc9a06c27997196bb31cf62e0e3160eceffce86d227053c3a8782173716727883fe195c586843568ec316e31adb4cf1108fc7b170441a9071f67cce27be7030e6a9d851ce2fb25c2fd2b391ac476090fd20b53ae9537606b9bb666276e766e8c646831ed14375d51269c471fa625917bb896ea37ea452fa3cb4fd2e3aff255c83a0ec96776450628f73dea903fc8a3aaeae989afafb3b5e93709a678222f8caee135e780e02f1542be515c8574e81fd2f9ac18de7e8e0c525219871db725ec5087c3e99cbde23823e818ede69d4a5f6745c734e46e4d184d71282e403eaf62c79e1fdd9cdd0ae15b224fe57b670d08bc900b3be710e47e699e1067a351537c25652fa806619bb9da19355ebbe373690b43cff0318a3181b63a4735cb2049dc0da19583c9ebbdbcc365ca7ba073481bec45378a3b0d07ce3cbdb78c7df81174c6dc66e99c3eead9f9fb47f13293c65e4f9315a65d04ac11f9cab0995ed8943fb91362fa534a5cba87eefe8f80c85f6972135af36cfc6f936f74f4151cc92b009256bccfa9a0494f6d35d95c5b5df0feda8f90452d05bc40f4814cba67f74a1e09a7072e9e21b37debc2043a4b25153140e92f6a3a91320baecff8721f27c6fc5cb0ea003d10e6c092ad6435078e000db8b05441e38378bb4e7e2e237eef815648abc889757bae0f5964fdb8a183829f17c16a7a68c942c9129db09b5158cc9d27b401f1a75e6c99917b0f3597eac35941c48d20d4f373cb70273708d236a83528967d3871aec61eaf479dec38ce8771852357133ad1b63c676ba290aadeda729af75c79b2adf0519c5159ccd48fab9df942703ba47a67b6f06eb9a2430ed42b1ae9a9e81ff41e07d506b0eea79049712fa60bc01cd3ae106300006200f7efe7a953b92089f131d88fa0e325c2c1883c098ec1d3c3eb59506ec4f2bbd84250ff597804ad38283b7f3e1fba578ede0059e0150aa5b3c5822f19a2282ba8b193a1a5b91b0c7e71ee83323b17182844b942a4e39b21ea72408a9be27057e509e3d837c779cbb8288991b27c68be6337933c413225782929319746531b75dad10021805da8eb6a87de858773fa460039689f86d3dce070256acefbbaf22ceccdc713e115be29deb73ba7a389151d962c960f8aefdb6196beb7038fd775ee1ae8315f0fa500e3f035c3016eb7412e07b7e78702a623339a972c59ffacb8fd2e27fbc10328ea76ad303441c035bd7585c677ef7eead9eb625185d4421c4c8c0ef17c5722c529d5bbda8071762d7ba0d55913cc2cd0ede42d81cf6e86372d611dd4465f0860786e12aeb5435ba6c6355fae90a0926f1e61a1d43a2539feb91930231db97d530f6df000801a0e0821a8e4081b05b4f0ac8808ee155e08265033d143454b9961a334c233b1adc0653ecba5e5f8be57c81ca6d164698e130f26c0b5ad459ce34850c399dc971d594a9d56aaf012411aafb7e37cac937d557ff6196dd725b54070d40a0156f60d6c6feff9aafccb8fd4356791ad57727a15c1bc840d2772deab536940dd34ce10788d8017619d8759107a2f69ad32fed5af2f429276d4451f4b0497da820720bdd4fed250d7f1814d959049bf7a210ba469073e8fbc2df"}) ioctl$F2FS_IOC_RESERVE_COMPRESS_BLOCKS(r0, 0x8008f513, &(0x7f0000001100)) r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000001140), 0x2, 0x0) r2 = openat$cgroup(0xffffffffffffffff, &(0x7f0000001180)='syz0\x00', 0x200002, 0x0) io_uring_register$IORING_REGISTER_FILES_UPDATE(r1, 0x6, &(0x7f0000001200)={0xfffeffff, 0x0, &(0x7f00000011c0)=[r0, r0, r0, r2, r0, r0, r0, r0]}, 0x8) recvmsg$unix(r1, &(0x7f0000001580)={&(0x7f0000001240)=@abs, 0x6e, &(0x7f00000014c0)=[{&(0x7f00000012c0)=""/226, 0xe2}, {&(0x7f00000013c0)=""/161, 0xa1}, {&(0x7f0000001480)=""/41, 0x29}], 0x3, &(0x7f0000001500)=[@rights={{0x10}}, @cred={{0x1c}}, @cred={{0x1c, 0x1, 0x2, {0x0}}}, @cred={{0x1c}}], 0x70}, 0x40000000) r4 = syz_open_procfs(r3, &(0x7f00000015c0)='attr/fscreate\x00') ioctl$sock_SIOCGSKNS(r4, 0x894c, &(0x7f0000001600)=0x7fff) r5 = openat$bsg(0xffffffffffffff9c, &(0x7f0000001c40), 0x8802, 0x0) syz_genetlink_get_family_id$batadv(&(0x7f0000001640), r5) getsockopt$bt_sco_SCO_CONNINFO(r4, 0x11, 0x2, &(0x7f0000001c80)=""/184, &(0x7f0000001d40)=0xb8) fsetxattr$security_selinux(r2, &(0x7f0000001d80), &(0x7f0000001dc0)='system_u:object_r:devicekit_exec_t:s0\x00', 0x26, 0x2) r6 = signalfd4(r4, &(0x7f0000001e00)={[0x7]}, 0x8, 0x80000) fsconfig$FSCONFIG_SET_FD(r6, 0x5, &(0x7f0000001e40)='@\x00', 0x0, r2) ioctl$CDROM_LAST_WRITTEN(r5, 0x5395, &(0x7f0000001e80)) ioctl$AUTOFS_DEV_IOCTL_VERSION(0xffffffffffffffff, 0xc0189371, &(0x7f0000001ec0)={{0x1, 0x1, 0x18, 0xffffffffffffffff}, './file0\x00'}) ioctl$SIOCGSTAMP(r7, 0x8906, &(0x7f0000001f00)) r8 = getpid() syz_open_procfs(r8, &(0x7f0000001f40)='fdinfo\x00') 04:39:42 executing program 7: r0 = memfd_secret(0x80000) sendmsg$NFULNL_MSG_CONFIG(r0, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x2c, 0x1, 0x4, 0x101, 0x0, 0x0, {0x5, 0x0, 0x7}, [@NFULA_CFG_TIMEOUT={0x8, 0x4, 0x1, 0x0, 0x9}, @NFULA_CFG_FLAGS={0x6, 0x6, 0x1, 0x0, 0x6}, @NFULA_CFG_QTHRESH={0x8, 0x5, 0x1, 0x0, 0x4}]}, 0x2c}, 0x1, 0x0, 0x0, 0x44810}, 0x0) r1 = dup3(r0, r0, 0x80000) name_to_handle_at(r1, &(0x7f0000000100)='./file0\x00', &(0x7f0000000140)=@reiserfs_5={0x14, 0x5, {0x1, 0x1ff, 0x8000, 0x20, 0x7}}, &(0x7f0000000180), 0x1000) ioctl$CDROMSTOP(r0, 0x5307) sendmsg$IPVS_CMD_SET_CONFIG(r1, &(0x7f0000000300)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000200)={0x8c, 0x0, 0x2923783ac1d032ee, 0x70bd29, 0x25dfdbfb, {}, [@IPVS_CMD_ATTR_DEST={0x58, 0x2, 0x0, 0x1, [@IPVS_DEST_ATTR_ADDR={0x14, 0x1, @ipv4=@empty}, @IPVS_DEST_ATTR_L_THRESH={0x8, 0x6, 0xfffffc01}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x6, 0xb, 0x2}, @IPVS_DEST_ATTR_TUN_FLAGS={0x6, 0xf, 0x586}, @IPVS_DEST_ATTR_PORT={0x6, 0x2, 0x4e21}, @IPVS_DEST_ATTR_TUN_TYPE={0x5}, @IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x80}, @IPVS_DEST_ATTR_TUN_TYPE={0x5, 0xd, 0x1}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x6, 0xb, 0x2}]}, @IPVS_CMD_ATTR_SERVICE={0x20, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_PORT={0x6, 0x4, 0x4e22}, @IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x0, 0x11}}, @IPVS_SVC_ATTR_SCHED_NAME={0x8, 0x6, 'sed\x00'}]}]}, 0x8c}, 0x1, 0x0, 0x0, 0x40014}, 0x44) r2 = dup(0xffffffffffffffff) sendmsg$NFULNL_MSG_CONFIG(r2, &(0x7f0000000400)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f00000003c0)={&(0x7f0000000380)={0x14, 0x1, 0x4, 0x101, 0x0, 0x0, {0x3, 0x0, 0x6}}, 0x14}, 0x1, 0x0, 0x0, 0x80}, 0x8004040) ioctl$FIONCLEX(r0, 0x5450) r3 = accept(r1, &(0x7f0000000440)=@in6={0xa, 0x0, 0x0, @local}, &(0x7f00000004c0)=0x80) sendmsg$IPCTNL_MSG_CT_GET_CTRZERO(r3, &(0x7f00000005c0)={&(0x7f0000000500)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000580)={&(0x7f0000000540)={0x38, 0x3, 0x1, 0x301, 0x0, 0x0, {0x1, 0x0, 0x9}, [@CTA_TUPLE_REPLY={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x11}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x1}}, @CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x4}]}]}, 0x38}, 0x1, 0x0, 0x0, 0x80000}, 0x4000011) sendmsg$IPSET_CMD_CREATE(r1, &(0x7f00000006c0)={&(0x7f0000000600)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000680)={&(0x7f0000000640)={0x1c, 0x2, 0x6, 0x201, 0x0, 0x0, {0x0, 0x0, 0x9}, [@IPSET_ATTR_FAMILY={0x5, 0x5, 0x5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x1}, 0x10) r4 = dup(r1) ioctl$sock_ipv6_tunnel_SIOCADD6RD(0xffffffffffffffff, 0x89f9, &(0x7f00000007c0)={'ip6gre0\x00', &(0x7f0000000740)={'syztnl2\x00', 0x0, 0x0, 0x7, 0x74, 0xffff8001, 0x0, @rand_addr=' \x01\x00', @remote, 0x7800, 0x40, 0x9, 0x9}}) sendmsg$ETHTOOL_MSG_RINGS_SET(r3, &(0x7f0000000880)={&(0x7f0000000700)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000840)={&(0x7f0000000800)={0x30, 0x0, 0xb07, 0x70bd29, 0x25dfdbff, {}, [@ETHTOOL_A_RINGS_TX={0x8, 0x9, 0xfff}, @ETHTOOL_A_RINGS_HEADER={0x14, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r5}]}]}, 0x30}, 0x1, 0x0, 0x0, 0x40020}, 0x4000c000) shutdown(0xffffffffffffffff, 0x1) r6 = pidfd_open(0x0, 0x0) fchown(r6, 0xee00, 0x0) sendmsg$SEG6_CMD_DUMPHMAC(r4, &(0x7f0000000980)={&(0x7f00000008c0)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000940)={&(0x7f0000000900)={0x18, 0x0, 0x4, 0x70bd29, 0x25dfdbfd, {}, [@SEG6_ATTR_SECRET={0x4}]}, 0x18}, 0x1, 0x0, 0x0, 0x1}, 0x4000040) bind$bt_hci(r0, &(0x7f00000009c0)={0x1f, 0x4, 0x1}, 0x6) [ 75.124445] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 75.126337] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 75.128239] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 75.129404] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 75.132861] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 75.134357] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 75.142311] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 75.143388] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 75.150330] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 75.151388] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 75.170425] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 75.171704] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 75.172959] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 75.175396] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 75.177325] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 75.182963] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 75.184122] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 75.185991] Bluetooth: hci0: HCI_REQ-0x0c1a [ 75.190161] Bluetooth: hci1: HCI_REQ-0x0c1a [ 75.210468] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 75.212094] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 75.212149] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 75.231682] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 75.234670] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 75.236304] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 75.237803] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 75.240813] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 75.242266] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 75.243402] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 75.244489] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 75.245647] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 75.248362] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 75.249857] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 75.251799] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 75.253247] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 75.255779] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 75.257094] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 75.258494] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 75.260531] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 75.264728] Bluetooth: hci3: HCI_REQ-0x0c1a [ 75.266944] Bluetooth: hci2: HCI_REQ-0x0c1a [ 75.268479] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 75.277544] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 75.280381] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 75.284085] Bluetooth: hci4: HCI_REQ-0x0c1a [ 75.284529] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 75.285887] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 75.292480] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 75.293605] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 75.295246] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 75.297184] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 75.300797] Bluetooth: hci7: HCI_REQ-0x0c1a [ 75.300802] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 75.305258] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 75.311706] Bluetooth: hci6: HCI_REQ-0x0c1a [ 75.320422] Bluetooth: hci5: HCI_REQ-0x0c1a [ 77.200425] Bluetooth: hci1: command 0x0409 tx timeout [ 77.263132] Bluetooth: hci0: command 0x0409 tx timeout [ 77.327106] Bluetooth: hci5: command 0x0409 tx timeout [ 77.327207] Bluetooth: hci2: command 0x0409 tx timeout [ 77.327697] Bluetooth: hci3: command 0x0409 tx timeout [ 77.328926] Bluetooth: hci6: command 0x0409 tx timeout [ 77.329396] Bluetooth: hci7: command 0x0409 tx timeout [ 77.330440] Bluetooth: hci4: command 0x0409 tx timeout [ 79.247117] Bluetooth: hci1: command 0x041b tx timeout [ 79.312175] Bluetooth: hci0: command 0x041b tx timeout [ 79.375158] Bluetooth: hci7: command 0x041b tx timeout [ 79.375182] Bluetooth: hci4: command 0x041b tx timeout [ 79.375211] Bluetooth: hci6: command 0x041b tx timeout [ 79.375747] Bluetooth: hci5: command 0x041b tx timeout [ 79.376272] Bluetooth: hci3: command 0x041b tx timeout [ 79.376745] Bluetooth: hci2: command 0x041b tx timeout [ 81.295153] Bluetooth: hci1: command 0x040f tx timeout [ 81.359262] Bluetooth: hci0: command 0x040f tx timeout [ 81.423208] Bluetooth: hci3: command 0x040f tx timeout [ 81.423974] Bluetooth: hci2: command 0x040f tx timeout [ 81.424944] Bluetooth: hci5: command 0x040f tx timeout [ 81.425743] Bluetooth: hci6: command 0x040f tx timeout [ 81.426498] Bluetooth: hci7: command 0x040f tx timeout [ 81.427287] Bluetooth: hci4: command 0x040f tx timeout [ 83.344103] Bluetooth: hci1: command 0x0419 tx timeout [ 83.408119] Bluetooth: hci0: command 0x0419 tx timeout [ 83.472121] Bluetooth: hci4: command 0x0419 tx timeout [ 83.472568] Bluetooth: hci7: command 0x0419 tx timeout [ 83.472983] Bluetooth: hci6: command 0x0419 tx timeout [ 83.473409] Bluetooth: hci5: command 0x0419 tx timeout [ 83.473819] Bluetooth: hci2: command 0x0419 tx timeout [ 83.474227] Bluetooth: hci3: command 0x0419 tx timeout 04:40:40 executing program 1: mlock2(&(0x7f0000ff7000/0x4000)=nil, 0x4000, 0x0) shmat(0x0, &(0x7f0000ffd000/0x2000)=nil, 0x6000) r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x2080000001}, 0x0, 0x7ff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x3) mmap$perf(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x10, 0xffffffffffffffff, 0x4) ioctl$EXT4_IOC_CHECKPOINT(0xffffffffffffffff, 0x4004662b, &(0x7f0000000040)) r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='net/route\x00') shmat(0x0, &(0x7f0000ffa000/0x1000)=nil, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x2000000000000000}, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) finit_module(r0, &(0x7f0000000140)='/dev/loop-control\x00', 0x3) r2 = accept$packet(r1, &(0x7f0000000400)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @local}, &(0x7f0000000440)=0x14) io_uring_register$IORING_REGISTER_FILES_UPDATE(0xffffffffffffffff, 0x6, &(0x7f00000004c0)={0x2, 0x0, &(0x7f0000000480)=[r2]}, 0x1) r3 = perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0xe0, 0x80, 0x8, 0x1f, 0x0, 0x81, 0x10800, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x2, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0xffffffff, 0x4, @perf_bp={&(0x7f0000000200)}, 0x1000, 0x81, 0x901, 0x8, 0x80, 0x20, 0x84d4, 0x0, 0x1000, 0x0, 0x5}, 0x0, 0xc, 0xffffffffffffffff, 0x3) ioctl$SG_SET_RESERVED_SIZE(r1, 0x2275, &(0x7f00000001c0)=0x3690dc48) r4 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x41, 0x0) r5 = openat2(0xffffffffffffffff, &(0x7f0000000300)='./file1\x00', &(0x7f0000000100)={0x4200, 0x40, 0x19}, 0x3a) ioctl$LOOP_CTL_ADD(r5, 0x4c80, 0xb) ioctl$BTRFS_IOC_DEFAULT_SUBVOL(r3, 0x40089413, &(0x7f0000000240)=0x20) r6 = ioctl$LOOP_CTL_GET_FREE(r4, 0x4c82) ioctl$LOOP_CTL_REMOVE(r4, 0x4c81, r6) copy_file_range(0xffffffffffffffff, 0x0, r4, &(0x7f0000000180)=0x3e, 0xffffffffffffffff, 0x0) [ 132.374908] audit: type=1400 audit(1664685640.811:7): avc: denied { open } for pid=3850 comm="syz-executor.1" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 [ 132.376654] audit: type=1400 audit(1664685640.811:8): avc: denied { kernel } for pid=3850 comm="syz-executor.1" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 [ 132.399825] ------------[ cut here ]------------ [ 132.399846] [ 132.399848] ====================================================== [ 132.399852] WARNING: possible circular locking dependency detected [ 132.399857] 6.0.0-rc7-next-20220930 #1 Not tainted [ 132.399863] ------------------------------------------------------ [ 132.399866] syz-executor.1/3851 is trying to acquire lock: [ 132.399872] ffffffff853faab8 ((console_sem).lock){....}-{2:2}, at: down_trylock+0xe/0x70 [ 132.399912] [ 132.399912] but task is already holding lock: [ 132.399915] ffff88800f367020 (&ctx->lock){....}-{2:2}, at: __perf_event_task_sched_out+0x53b/0x18d0 [ 132.399942] [ 132.399942] which lock already depends on the new lock. [ 132.399942] [ 132.399945] [ 132.399945] the existing dependency chain (in reverse order) is: [ 132.399948] [ 132.399948] -> #3 (&ctx->lock){....}-{2:2}: [ 132.399962] _raw_spin_lock+0x2a/0x40 [ 132.399973] __perf_event_task_sched_out+0x53b/0x18d0 [ 132.399985] __schedule+0xedd/0x2470 [ 132.400001] schedule+0xda/0x1b0 [ 132.400014] exit_to_user_mode_prepare+0x114/0x1a0 [ 132.400027] syscall_exit_to_user_mode+0x19/0x40 [ 132.400040] do_syscall_64+0x48/0x90 [ 132.400057] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 132.400070] [ 132.400070] -> #2 (&rq->__lock){-.-.}-{2:2}: [ 132.400083] _raw_spin_lock_nested+0x30/0x40 [ 132.400093] raw_spin_rq_lock_nested+0x1e/0x30 [ 132.400107] task_fork_fair+0x63/0x4d0 [ 132.400124] sched_cgroup_fork+0x3d0/0x540 [ 132.400138] copy_process+0x4183/0x6e20 [ 132.400149] kernel_clone+0xe7/0x890 [ 132.400158] user_mode_thread+0xad/0xf0 [ 132.400168] rest_init+0x24/0x250 [ 132.400180] arch_call_rest_init+0xf/0x14 [ 132.400198] start_kernel+0x4c6/0x4eb [ 132.400213] secondary_startup_64_no_verify+0xe0/0xeb [ 132.400227] [ 132.400227] -> #1 (&p->pi_lock){-.-.}-{2:2}: [ 132.400240] _raw_spin_lock_irqsave+0x39/0x60 [ 132.400251] try_to_wake_up+0xab/0x1930 [ 132.400264] up+0x75/0xb0 [ 132.400277] __up_console_sem+0x6e/0x80 [ 132.400294] console_unlock+0x46a/0x590 [ 132.400309] vprintk_emit+0x1bd/0x560 [ 132.400325] vprintk+0x84/0xa0 [ 132.400341] _printk+0xba/0xf1 [ 132.400353] regdb_fw_cb.cold+0x6c/0xa7 [ 132.400369] request_firmware_work_func+0x12e/0x240 [ 132.400389] process_one_work+0xa17/0x16a0 [ 132.400407] worker_thread+0x637/0x1260 [ 132.400423] kthread+0x2ed/0x3a0 [ 132.400437] ret_from_fork+0x22/0x30 [ 132.400449] [ 132.400449] -> #0 ((console_sem).lock){....}-{2:2}: [ 132.400462] __lock_acquire+0x2a02/0x5e70 [ 132.400479] lock_acquire+0x1a2/0x530 [ 132.400495] _raw_spin_lock_irqsave+0x39/0x60 [ 132.400505] down_trylock+0xe/0x70 [ 132.400520] __down_trylock_console_sem+0x3b/0xd0 [ 132.400536] vprintk_emit+0x16b/0x560 [ 132.400551] vprintk+0x84/0xa0 [ 132.400567] _printk+0xba/0xf1 [ 132.400577] report_bug.cold+0x72/0xab [ 132.400593] handle_bug+0x3c/0x70 [ 132.400609] exc_invalid_op+0x14/0x50 [ 132.400625] asm_exc_invalid_op+0x16/0x20 [ 132.400638] group_sched_out.part.0+0x2c7/0x460 [ 132.400655] ctx_sched_out+0x8f1/0xc10 [ 132.400672] __perf_event_task_sched_out+0x6d0/0x18d0 [ 132.400683] __schedule+0xedd/0x2470 [ 132.400696] schedule+0xda/0x1b0 [ 132.400709] exit_to_user_mode_prepare+0x114/0x1a0 [ 132.400719] syscall_exit_to_user_mode+0x19/0x40 [ 132.400732] do_syscall_64+0x48/0x90 [ 132.400748] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 132.400760] [ 132.400760] other info that might help us debug this: [ 132.400760] [ 132.400763] Chain exists of: [ 132.400763] (console_sem).lock --> &rq->__lock --> &ctx->lock [ 132.400763] [ 132.400778] Possible unsafe locking scenario: [ 132.400778] [ 132.400780] CPU0 CPU1 [ 132.400783] ---- ---- [ 132.400785] lock(&ctx->lock); [ 132.400790] lock(&rq->__lock); [ 132.400797] lock(&ctx->lock); [ 132.400803] lock((console_sem).lock); [ 132.400809] [ 132.400809] *** DEADLOCK *** [ 132.400809] [ 132.400810] 2 locks held by syz-executor.1/3851: [ 132.400817] #0: ffff88806cf37e98 (&rq->__lock){-.-.}-{2:2}, at: __schedule+0x1cf/0x2470 [ 132.400846] #1: ffff88800f367020 (&ctx->lock){....}-{2:2}, at: __perf_event_task_sched_out+0x53b/0x18d0 [ 132.400872] [ 132.400872] stack backtrace: [ 132.400875] CPU: 1 PID: 3851 Comm: syz-executor.1 Not tainted 6.0.0-rc7-next-20220930 #1 [ 132.400887] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 132.400895] Call Trace: [ 132.400899] [ 132.400903] dump_stack_lvl+0x8b/0xb3 [ 132.400921] check_noncircular+0x263/0x2e0 [ 132.400937] ? format_decode+0x26c/0xb50 [ 132.400953] ? print_circular_bug+0x450/0x450 [ 132.400970] ? simple_strtoul+0x30/0x30 [ 132.400986] ? format_decode+0x26c/0xb50 [ 132.401003] ? alloc_chain_hlocks+0x1ec/0x5a0 [ 132.401020] __lock_acquire+0x2a02/0x5e70 [ 132.401042] ? lockdep_hardirqs_on_prepare+0x410/0x410 [ 132.401064] lock_acquire+0x1a2/0x530 [ 132.401080] ? down_trylock+0xe/0x70 [ 132.401097] ? lock_release+0x750/0x750 [ 132.401117] ? vprintk+0x84/0xa0 [ 132.401135] _raw_spin_lock_irqsave+0x39/0x60 [ 132.401146] ? down_trylock+0xe/0x70 [ 132.401162] down_trylock+0xe/0x70 [ 132.401177] ? vprintk+0x84/0xa0 [ 132.401194] __down_trylock_console_sem+0x3b/0xd0 [ 132.401211] vprintk_emit+0x16b/0x560 [ 132.401230] vprintk+0x84/0xa0 [ 132.401247] _printk+0xba/0xf1 [ 132.401258] ? record_print_text.cold+0x16/0x16 [ 132.401274] ? report_bug.cold+0x66/0xab [ 132.401291] ? group_sched_out.part.0+0x2c7/0x460 [ 132.401309] report_bug.cold+0x72/0xab [ 132.401328] handle_bug+0x3c/0x70 [ 132.401345] exc_invalid_op+0x14/0x50 [ 132.401363] asm_exc_invalid_op+0x16/0x20 [ 132.401375] RIP: 0010:group_sched_out.part.0+0x2c7/0x460 [ 132.401396] Code: 5e 41 5f e9 8b ae ef ff e8 86 ae ef ff 65 8b 1d 0b 18 ac 7e 31 ff 89 de e8 26 ab ef ff 85 db 0f 84 8a 00 00 00 e8 69 ae ef ff <0f> 0b e9 a5 fe ff ff e8 5d ae ef ff 48 8d 7d 10 48 b8 00 00 00 00 [ 132.401407] RSP: 0018:ffff888018bd7c48 EFLAGS: 00010006 [ 132.401417] RAX: 0000000040000002 RBX: 0000000000000000 RCX: 0000000000000000 [ 132.401424] RDX: ffff88801f6bb580 RSI: ffffffff81565dc7 RDI: 0000000000000005 [ 132.401432] RBP: ffff88801da78000 R08: 0000000000000005 R09: 0000000000000001 [ 132.401439] R10: 0000000000000000 R11: ffffffff865b405b R12: ffff88800f367000 [ 132.401447] R13: ffff88806cf3d2c0 R14: ffffffff8547d000 R15: 0000000000000002 [ 132.401458] ? group_sched_out.part.0+0x2c7/0x460 [ 132.401478] ? group_sched_out.part.0+0x2c7/0x460 [ 132.401497] ctx_sched_out+0x8f1/0xc10 [ 132.401516] __perf_event_task_sched_out+0x6d0/0x18d0 [ 132.401530] ? lock_is_held_type+0xd7/0x130 [ 132.401544] ? __perf_cgroup_move+0x160/0x160 [ 132.401554] ? set_next_entity+0x304/0x550 [ 132.401572] ? update_curr+0x267/0x740 [ 132.401590] ? lock_is_held_type+0xd7/0x130 [ 132.401604] __schedule+0xedd/0x2470 [ 132.401621] ? io_schedule_timeout+0x150/0x150 [ 132.401638] ? rcu_read_lock_sched_held+0x3e/0x80 [ 132.401658] schedule+0xda/0x1b0 [ 132.401673] exit_to_user_mode_prepare+0x114/0x1a0 [ 132.401685] syscall_exit_to_user_mode+0x19/0x40 [ 132.401698] do_syscall_64+0x48/0x90 [ 132.401716] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 132.401729] RIP: 0033:0x7f7d0d8a0b19 [ 132.401737] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 132.401748] RSP: 002b:00007f7d0ae16218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 132.401758] RAX: 0000000000000001 RBX: 00007f7d0d9b3f68 RCX: 00007f7d0d8a0b19 [ 132.401766] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f7d0d9b3f6c [ 132.401773] RBP: 00007f7d0d9b3f60 R08: 000000000000000e R09: 0000000000000000 [ 132.401780] R10: 0000000000000003 R11: 0000000000000246 R12: 00007f7d0d9b3f6c [ 132.401787] R13: 00007ffe8530466f R14: 00007f7d0ae16300 R15: 0000000000022000 [ 132.401799] [ 132.459878] WARNING: CPU: 1 PID: 3851 at kernel/events/core.c:2309 group_sched_out.part.0+0x2c7/0x460 [ 132.460579] Modules linked in: [ 132.460829] CPU: 1 PID: 3851 Comm: syz-executor.1 Not tainted 6.0.0-rc7-next-20220930 #1 [ 132.461433] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 132.462272] RIP: 0010:group_sched_out.part.0+0x2c7/0x460 [ 132.462681] Code: 5e 41 5f e9 8b ae ef ff e8 86 ae ef ff 65 8b 1d 0b 18 ac 7e 31 ff 89 de e8 26 ab ef ff 85 db 0f 84 8a 00 00 00 e8 69 ae ef ff <0f> 0b e9 a5 fe ff ff e8 5d ae ef ff 48 8d 7d 10 48 b8 00 00 00 00 [ 132.464040] RSP: 0018:ffff888018bd7c48 EFLAGS: 00010006 [ 132.464445] RAX: 0000000040000002 RBX: 0000000000000000 RCX: 0000000000000000 [ 132.464983] RDX: ffff88801f6bb580 RSI: ffffffff81565dc7 RDI: 0000000000000005 [ 132.465523] RBP: ffff88801da78000 R08: 0000000000000005 R09: 0000000000000001 [ 132.466048] R10: 0000000000000000 R11: ffffffff865b405b R12: ffff88800f367000 [ 132.466579] R13: ffff88806cf3d2c0 R14: ffffffff8547d000 R15: 0000000000000002 [ 132.467118] FS: 00007f7d0ae16700(0000) GS:ffff88806cf00000(0000) knlGS:0000000000000000 [ 132.467713] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 132.468161] CR2: 00007f19a3990260 CR3: 000000001bc4e000 CR4: 0000000000350ee0 [ 132.468686] Call Trace: [ 132.468885] [ 132.469065] ctx_sched_out+0x8f1/0xc10 [ 132.469372] __perf_event_task_sched_out+0x6d0/0x18d0 [ 132.469778] ? lock_is_held_type+0xd7/0x130 [ 132.470113] ? __perf_cgroup_move+0x160/0x160 [ 132.470456] ? set_next_entity+0x304/0x550 [ 132.470789] ? update_curr+0x267/0x740 [ 132.471093] ? lock_is_held_type+0xd7/0x130 [ 132.471435] __schedule+0xedd/0x2470 [ 132.471726] ? io_schedule_timeout+0x150/0x150 [ 132.472098] ? rcu_read_lock_sched_held+0x3e/0x80 [ 132.472485] schedule+0xda/0x1b0 [ 132.472755] exit_to_user_mode_prepare+0x114/0x1a0 [ 132.473120] syscall_exit_to_user_mode+0x19/0x40 [ 132.473485] do_syscall_64+0x48/0x90 [ 132.473773] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 132.474159] RIP: 0033:0x7f7d0d8a0b19 [ 132.474438] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 132.475805] RSP: 002b:00007f7d0ae16218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 132.476372] RAX: 0000000000000001 RBX: 00007f7d0d9b3f68 RCX: 00007f7d0d8a0b19 [ 132.476887] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f7d0d9b3f6c [ 132.477409] RBP: 00007f7d0d9b3f60 R08: 000000000000000e R09: 0000000000000000 [ 132.477916] R10: 0000000000000003 R11: 0000000000000246 R12: 00007f7d0d9b3f6c [ 132.478432] R13: 00007ffe8530466f R14: 00007f7d0ae16300 R15: 0000000000022000 [ 132.479033] [ 132.479222] irq event stamp: 1030 [ 132.479472] hardirqs last enabled at (1029): [] exit_to_user_mode_prepare+0x109/0x1a0 [ 132.480174] hardirqs last disabled at (1030): [] __schedule+0x1225/0x2470 [ 132.480834] softirqs last enabled at (774): [] __irq_exit_rcu+0x11b/0x180 [ 132.481548] softirqs last disabled at (765): [] __irq_exit_rcu+0x11b/0x180 [ 132.482389] ---[ end trace 0000000000000000 ]--- 04:40:41 executing program 1: mlock2(&(0x7f0000ff7000/0x4000)=nil, 0x4000, 0x0) shmat(0x0, &(0x7f0000ffd000/0x2000)=nil, 0x6000) r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x2080000001}, 0x0, 0x7ff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x3) mmap$perf(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x10, 0xffffffffffffffff, 0x4) ioctl$EXT4_IOC_CHECKPOINT(0xffffffffffffffff, 0x4004662b, &(0x7f0000000040)) r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='net/route\x00') shmat(0x0, &(0x7f0000ffa000/0x1000)=nil, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x2000000000000000}, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) finit_module(r0, &(0x7f0000000140)='/dev/loop-control\x00', 0x3) r2 = accept$packet(r1, &(0x7f0000000400)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @local}, &(0x7f0000000440)=0x14) io_uring_register$IORING_REGISTER_FILES_UPDATE(0xffffffffffffffff, 0x6, &(0x7f00000004c0)={0x2, 0x0, &(0x7f0000000480)=[r2]}, 0x1) r3 = perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0xe0, 0x80, 0x8, 0x1f, 0x0, 0x81, 0x10800, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x2, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0xffffffff, 0x4, @perf_bp={&(0x7f0000000200)}, 0x1000, 0x81, 0x901, 0x8, 0x80, 0x20, 0x84d4, 0x0, 0x1000, 0x0, 0x5}, 0x0, 0xc, 0xffffffffffffffff, 0x3) ioctl$SG_SET_RESERVED_SIZE(r1, 0x2275, &(0x7f00000001c0)=0x3690dc48) r4 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x41, 0x0) r5 = openat2(0xffffffffffffffff, &(0x7f0000000300)='./file1\x00', &(0x7f0000000100)={0x4200, 0x40, 0x19}, 0x3a) ioctl$LOOP_CTL_ADD(r5, 0x4c80, 0xb) ioctl$BTRFS_IOC_DEFAULT_SUBVOL(r3, 0x40089413, &(0x7f0000000240)=0x20) r6 = ioctl$LOOP_CTL_GET_FREE(r4, 0x4c82) ioctl$LOOP_CTL_REMOVE(r4, 0x4c81, r6) copy_file_range(0xffffffffffffffff, 0x0, r4, &(0x7f0000000180)=0x3e, 0xffffffffffffffff, 0x0) 04:40:41 executing program 1: mlock2(&(0x7f0000ff7000/0x4000)=nil, 0x4000, 0x0) shmat(0x0, &(0x7f0000ffd000/0x2000)=nil, 0x6000) r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x2080000001}, 0x0, 0x7ff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x3) mmap$perf(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x10, 0xffffffffffffffff, 0x4) ioctl$EXT4_IOC_CHECKPOINT(0xffffffffffffffff, 0x4004662b, &(0x7f0000000040)) r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='net/route\x00') shmat(0x0, &(0x7f0000ffa000/0x1000)=nil, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x2000000000000000}, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) finit_module(r0, &(0x7f0000000140)='/dev/loop-control\x00', 0x3) r2 = accept$packet(r1, &(0x7f0000000400)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @local}, &(0x7f0000000440)=0x14) io_uring_register$IORING_REGISTER_FILES_UPDATE(0xffffffffffffffff, 0x6, &(0x7f00000004c0)={0x2, 0x0, &(0x7f0000000480)=[r2]}, 0x1) r3 = perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0xe0, 0x80, 0x8, 0x1f, 0x0, 0x81, 0x10800, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x2, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0xffffffff, 0x4, @perf_bp={&(0x7f0000000200)}, 0x1000, 0x81, 0x901, 0x8, 0x80, 0x20, 0x84d4, 0x0, 0x1000, 0x0, 0x5}, 0x0, 0xc, 0xffffffffffffffff, 0x3) ioctl$SG_SET_RESERVED_SIZE(r1, 0x2275, &(0x7f00000001c0)=0x3690dc48) r4 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x41, 0x0) r5 = openat2(0xffffffffffffffff, &(0x7f0000000300)='./file1\x00', &(0x7f0000000100)={0x4200, 0x40, 0x19}, 0x3a) ioctl$LOOP_CTL_ADD(r5, 0x4c80, 0xb) ioctl$BTRFS_IOC_DEFAULT_SUBVOL(r3, 0x40089413, &(0x7f0000000240)=0x20) r6 = ioctl$LOOP_CTL_GET_FREE(r4, 0x4c82) ioctl$LOOP_CTL_REMOVE(r4, 0x4c81, r6) copy_file_range(0xffffffffffffffff, 0x0, r4, &(0x7f0000000180)=0x3e, 0xffffffffffffffff, 0x0) 04:40:41 executing program 1: mlock2(&(0x7f0000ff7000/0x4000)=nil, 0x4000, 0x0) shmat(0x0, &(0x7f0000ffd000/0x2000)=nil, 0x6000) r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x2080000001}, 0x0, 0x7ff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x3) mmap$perf(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x10, 0xffffffffffffffff, 0x4) ioctl$EXT4_IOC_CHECKPOINT(0xffffffffffffffff, 0x4004662b, &(0x7f0000000040)) r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='net/route\x00') shmat(0x0, &(0x7f0000ffa000/0x1000)=nil, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x2000000000000000}, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) finit_module(r0, &(0x7f0000000140)='/dev/loop-control\x00', 0x3) r2 = accept$packet(r1, &(0x7f0000000400)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @local}, &(0x7f0000000440)=0x14) io_uring_register$IORING_REGISTER_FILES_UPDATE(0xffffffffffffffff, 0x6, &(0x7f00000004c0)={0x2, 0x0, &(0x7f0000000480)=[r2]}, 0x1) r3 = perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0xe0, 0x80, 0x8, 0x1f, 0x0, 0x81, 0x10800, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x2, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0xffffffff, 0x4, @perf_bp={&(0x7f0000000200)}, 0x1000, 0x81, 0x901, 0x8, 0x80, 0x20, 0x84d4, 0x0, 0x1000, 0x0, 0x5}, 0x0, 0xc, 0xffffffffffffffff, 0x3) ioctl$SG_SET_RESERVED_SIZE(r1, 0x2275, &(0x7f00000001c0)=0x3690dc48) r4 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x41, 0x0) r5 = openat2(0xffffffffffffffff, &(0x7f0000000300)='./file1\x00', &(0x7f0000000100)={0x4200, 0x40, 0x19}, 0x3a) ioctl$LOOP_CTL_ADD(r5, 0x4c80, 0xb) ioctl$BTRFS_IOC_DEFAULT_SUBVOL(r3, 0x40089413, &(0x7f0000000240)=0x20) r6 = ioctl$LOOP_CTL_GET_FREE(r4, 0x4c82) ioctl$LOOP_CTL_REMOVE(r4, 0x4c81, r6) copy_file_range(0xffffffffffffffff, 0x0, r4, &(0x7f0000000180)=0x3e, 0xffffffffffffffff, 0x0) 04:40:41 executing program 2: prlimit64(0x0, 0x8, &(0x7f0000000040), 0x0) mlock2(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0) clone3(&(0x7f0000001600)={0x80000000, &(0x7f0000001400), &(0x7f0000001440), &(0x7f0000001480)=0x0, {0x25}, &(0x7f00000014c0)=""/106, 0x6a, &(0x7f0000001540)=""/89, &(0x7f00000015c0)=[0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0], 0xa}, 0x58) clone3(&(0x7f0000001880)={0x400, &(0x7f0000001680)=0xffffffffffffffff, &(0x7f00000016c0)=0x0, &(0x7f0000001700), {0x3f}, &(0x7f0000001740)=""/57, 0x39, &(0x7f0000001780)=""/189, &(0x7f0000001840)=[0x0, 0x0, 0x0], 0x3}, 0x58) r3 = socket$inet6_udp(0xa, 0x2, 0x0) ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(r3, 0x89f3, &(0x7f00000000c0)={'sit0\x00', &(0x7f0000000040)={'ip6tnl0\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @private0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}}) fcntl$getownex(r3, 0x10, &(0x7f00000019c0)={0x0, 0x0}) fcntl$getownex(r1, 0x10, &(0x7f0000001a00)={0x0, 0x0}) r6 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) ioctl$FS_IOC_SETFLAGS(0xffffffffffffffff, 0x40086602, &(0x7f00000000c0)=0x10) copy_file_range(r6, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0) clone3(&(0x7f0000001a80)={0x200010000, &(0x7f00000000c0), &(0x7f0000000100), &(0x7f0000000140), {0x34}, &(0x7f0000000180)=""/113, 0x71, &(0x7f0000000200)=""/88, &(0x7f0000001a40)=[r4, r5], 0x2, {r6}}, 0x58) ioctl$SG_GET_REQUEST_TABLE(0xffffffffffffffff, 0x2286, &(0x7f00000031c0)) r7 = openat$pidfd(0xffffffffffffff9c, &(0x7f0000001b00), 0x40000, 0x0) pidfd_send_signal(r7, 0x39, &(0x7f0000001b40)={0x2f, 0x200, 0x400}, 0x0) r8 = fork() ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000001bc0)) r9 = fork() clone3(&(0x7f0000001940)={0x6002200, &(0x7f0000000280), &(0x7f00000002c0), &(0x7f0000000300), {0x33}, &(0x7f0000000340)=""/4096, 0x1000, &(0x7f0000001340)=""/189, &(0x7f0000001900)=[r0, 0xffffffffffffffff, r2, 0x0, r8, 0x0, r9], 0x7}, 0x58) prlimit64(r8, 0xf, &(0x7f0000000000)={0xb2, 0xe5d}, &(0x7f0000001dc0)) 04:40:41 executing program 1: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x40a08, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) setsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) syz_io_uring_complete(0x0) r0 = syz_open_dev$tty20(0xc, 0x4, 0x0) ioctl$TCSETSF2(r0, 0x402c542d, &(0x7f0000000040)={0x0, 0x88b, 0x0, 0x0, 0x0, "425bb45816f822e6b8208f9a07eeec557d2e8f"}) openat$hpet(0xffffffffffffff9c, 0x0, 0x0, 0x0) writev(r0, &(0x7f0000000000)=[{&(0x7f0000001140)="11975a43dcd3ad912051513fc9654ddeea5893b8cfbba61a2ce44acba1e61e63a4ccb378062a1a3ffaadec89146928b7395f20536bfc376d6debfabdf501ee", 0x3f}], 0x1) r1 = socket(0x11, 0x2, 0x0) ioctl$BTRFS_IOC_QGROUP_CREATE(r0, 0x4010942a, &(0x7f0000000140)={0x1}) bind$packet(r1, &(0x7f0000005280)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @remote}, 0x14) r2 = socket$netlink(0x10, 0x3, 0x0) syz_genetlink_get_family_id$ethtool(&(0x7f0000000080), 0xffffffffffffffff) r3 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_PAUSE_GET(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000300)=ANY=[@ANYBLOB='H\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="01030005295b77e4052cd791eca45600000000000000150000000c00018008000300000000002800018014000200626f6e645f736c6176655f3000000000080003000000000008000100", @ANYRES32=0x0, @ANYBLOB="09f9dc8fa58b8e8d344b0fecf974b24329f2db179e0b346e2cbd147dcf14b6f68f84b4d2698b57f46ce6ef3d84ad2bfdfb8d082e7f28b2a5be750e5613e88738e48d250453795f067ae0677eb51ba0a3462f648aa7845a69be46184ded4b2d20000453e89e3f7c92e7b32c7b626578f7f8420c6a984a11007489dd632cabe32a601f310bdd7a2c5fb28778c0d2b3e450d4eddafc876b9a566454000000000100000071d634fe630ccb174dcf2582a5e27ec93e695727f222c38bbcde31b98ea1acc1a0ace9dd73f9621a3a7f86b401bb8bc20c594343f179b91f3c47dfa857fcb1160972a5f8b489a5a563e158299b82add486a8cffdd09c427882af330a5966cefa20189c1f336d94f0cfb134afa6f3d3e86286bd17d1d659dbadce0bde7903d438c48e2db9b097dfe493042360676f71b204bd2cd85c53f82ca25958c8af0000"], 0x48}}, 0x0) 04:40:41 executing program 7: openat$nvram(0xffffffffffffff9c, &(0x7f0000000000), 0x143803, 0x0) r0 = socket$inet6_udp(0xa, 0x2, 0x0) ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(r0, 0x89f3, &(0x7f00000000c0)={'sit0\x00', &(0x7f0000000040)={'ip6tnl0\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @private0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}}) ioctl$BTRFS_IOC_LOGICAL_INO(r0, 0xc0389424, &(0x7f00000000c0)={0x5d8f, 0x8, '\x00', 0x1, &(0x7f0000000080)=[0x0]}) syz_open_procfs(0x0, &(0x7f0000000040)='net/nf_conntrack\x00') [ 133.282309] netlink: 28 bytes leftover after parsing attributes in process `syz-executor.1'. 04:40:41 executing program 7: setsockopt$SO_TIMESTAMPING(0xffffffffffffffff, 0x1, 0x25, &(0x7f0000000000)=0x4000, 0x4) syz_open_procfs$namespace(0x0, &(0x7f0000000040)='ns/cgroup\x00') r0 = openat$nvram(0xffffffffffffff9c, &(0x7f0000000080), 0x24ba00, 0x0) clock_gettime(0x0, &(0x7f0000002540)={0x0, 0x0}) recvmmsg(r0, &(0x7f00000022c0)=[{{&(0x7f00000000c0)=@in6={0xa, 0x0, 0x0, @local}, 0x80, &(0x7f00000001c0)=[{&(0x7f0000000140)=""/63, 0x3f}, {&(0x7f0000000180)=""/15, 0xf}], 0x2, &(0x7f0000000200)=""/139, 0x8b}, 0x8000}, {{0x0, 0x0, &(0x7f0000000440)=[{&(0x7f00000002c0)=""/208, 0xd0}, {&(0x7f00000003c0)=""/109, 0x6d}], 0x2, &(0x7f0000000480)=""/244, 0xf4}, 0xff800000}, {{&(0x7f0000000580)=@pppol2tpv3in6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @loopback}}}, 0x80, &(0x7f0000000a80)=[{&(0x7f0000000600)=""/120, 0x78}, {&(0x7f0000000680)=""/129, 0x81}, {&(0x7f0000000740)=""/249, 0xf9}, {&(0x7f0000000840)=""/172, 0xac}, {&(0x7f0000000900)=""/75, 0x4b}, {&(0x7f0000000980)=""/201, 0xc9}], 0x6, &(0x7f0000000b00)=""/169, 0xa9}, 0x2}, {{&(0x7f0000000bc0)=@vsock, 0x80, &(0x7f0000000d00)=[{&(0x7f0000000c40)=""/181, 0xb5}], 0x1, &(0x7f0000000d40)=""/77, 0x4d}, 0x10001}, {{&(0x7f0000000dc0)=@caif, 0x80, &(0x7f0000000e80)=[{&(0x7f0000000e40)=""/16, 0x10}], 0x1, &(0x7f0000000ec0)=""/219, 0xdb}, 0x7}, {{&(0x7f0000000fc0)=@isdn, 0x80, &(0x7f0000001640)=[{&(0x7f0000001040)=""/44, 0x2c}, {&(0x7f0000001080)=""/192, 0xc0}, {&(0x7f0000001140)=""/167, 0xa7}, {&(0x7f0000001200)=""/236, 0xec}, {&(0x7f0000001300)=""/86, 0x56}, {&(0x7f0000001380)=""/69, 0x45}, {&(0x7f0000001400)=""/91, 0x5b}, {&(0x7f0000001480)=""/242, 0xf2}, {&(0x7f0000001580)=""/157, 0x9d}], 0x9, &(0x7f0000001700)=""/59, 0x3b}, 0x5}, {{0x0, 0x0, &(0x7f0000001940)=[{&(0x7f0000001740)=""/14, 0xe}, {&(0x7f0000001780)=""/137, 0x89}, {&(0x7f0000001840)=""/246, 0xf6}], 0x3, &(0x7f0000001980)=""/17, 0x11}, 0x5}, {{0x0, 0x0, &(0x7f0000001d40)=[{&(0x7f00000019c0)=""/204, 0xcc}, {&(0x7f0000001ac0)=""/71, 0x47}, {&(0x7f0000001b40)=""/76, 0x4c}, {&(0x7f0000001bc0)=""/28, 0x1c}, {&(0x7f0000001c00)=""/176, 0xb0}, {&(0x7f0000001cc0)=""/66, 0x42}], 0x6, &(0x7f0000001dc0)=""/237, 0xed}, 0x6325b9db}, {{&(0x7f0000001ec0)=@rxrpc=@in4={0x21, 0x0, 0x2, 0x10}, 0x80, &(0x7f0000002080)=[{&(0x7f0000001f40)=""/126, 0x7e}, {&(0x7f0000001fc0)=""/93, 0x5d}, {&(0x7f0000002040)=""/45, 0x2d}], 0x3, &(0x7f00000020c0)=""/165, 0xa5}, 0x8}, {{&(0x7f0000002180)=@nl=@proc, 0x80, &(0x7f0000002240)=[{&(0x7f0000002200)=""/42, 0x2a}], 0x1, &(0x7f0000002280)=""/63, 0x3f}, 0x2}], 0xa, 0x40000000, &(0x7f0000002580)={r1, r2+60000000}) [ 133.358509] netlink: 28 bytes leftover after parsing attributes in process `syz-executor.1'. [ 138.127074] Bluetooth: hci0: Opcode 0x c03 failed: -110 [ 142.351056] Bluetooth: hci0: Opcode 0x c03 failed: -110 VM DIAGNOSIS: 04:40:41 Registers: info registers vcpu 0 RAX=ffffea0001b3ab00 RBX=8000000000000025 RCX=0000000000000000 RDX=ffff88801bdbd040 RSI=ffffffff816903b2 RDI=0000000000000006 RBP=ffff888010361ee0 RSP=ffff88801f5d7910 R8 =0000000000000006 R9 =000000000006ceac R10=000000000007ffdf R11=0000000000000001 R12=ffff88801f5d7cf8 R13=800000006ceac025 R14=dffffc0000000000 R15=0000000000000001 RIP=ffffffff81691d44 RFL=00000286 [--S--P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 0000000000000000 00000000 00000000 GS =0000 ffff88806ce00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007f4b4889f6f4 CR3=000000003f0a6000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 YMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM01=0000000000000000 0000000000000000 00007f4b488ae470 00007f4b488adf20 YMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM03=0000000000000000 0000000000000000 756e20796d6d7564 20736e6f6974706f YMM04=0000000000000000 0000000000000000 2f2f2f2f2f2f2f2f 2f2f2f2f2f2f2f2f YMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM08=0000000000000000 0000000000000000 73253d656d616e6c 6165722073253d73 YMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 RAX=000000000000002e RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff823bb0f1 RDI=ffffffff8765a9a0 RBP=ffffffff8765a960 RSP=ffff888018bd7690 R8 =0000000000000001 R9 =000000000000000a R10=000000000000002e R11=0000000000000001 R12=000000000000002e R13=ffffffff8765a960 R14=0000000000000010 R15=ffffffff823bb0e0 RIP=ffffffff823bb149 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 00007f7d0ae16700 00000000 00000000 GS =0000 ffff88806cf00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007f19a3990260 CR3=000000001bc4e000 CR4=00350ee0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 YMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM01=0000000000000000 0000000000000000 00007f7d0d9877c0 00007f7d0d9877c8 YMM02=0000000000000000 0000000000000000 00007f7d0d9877e0 00007f7d0d9877c0 YMM03=0000000000000000 0000000000000000 00007f7d0d9877c8 00007f7d0d9877c0 YMM04=0000000000000000 0000000000000000 ffffffffffffffff ffffffff00000000 YMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM06=0000000000000000 0000000000000000 0000000000000000 000000524f525245 YMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM08=0000000000000000 0000000000000000 0000000000000000 00524f5252450040 YMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000