Warning: Permanently added '[localhost]:18206' (ECDSA) to the list of known hosts. 2022/10/02 12:34:51 fuzzer started 2022/10/02 12:34:52 dialing manager at localhost:35095 syzkaller login: [ 35.787538] cgroup: Unknown subsys name 'net' [ 35.897293] cgroup: Unknown subsys name 'rlimit' 2022/10/02 12:35:07 syscalls: 2215 2022/10/02 12:35:07 code coverage: enabled 2022/10/02 12:35:07 comparison tracing: enabled 2022/10/02 12:35:07 extra coverage: enabled 2022/10/02 12:35:07 setuid sandbox: enabled 2022/10/02 12:35:07 namespace sandbox: enabled 2022/10/02 12:35:07 Android sandbox: enabled 2022/10/02 12:35:07 fault injection: enabled 2022/10/02 12:35:07 leak checking: enabled 2022/10/02 12:35:07 net packet injection: enabled 2022/10/02 12:35:07 net device setup: enabled 2022/10/02 12:35:07 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2022/10/02 12:35:07 devlink PCI setup: PCI device 0000:00:10.0 is not available 2022/10/02 12:35:07 USB emulation: enabled 2022/10/02 12:35:07 hci packet injection: enabled 2022/10/02 12:35:07 wifi device emulation: failed to parse kernel version (6.0.0-rc7-next-20220930) 2022/10/02 12:35:07 802.15.4 emulation: enabled 2022/10/02 12:35:07 fetching corpus: 50, signal 21216/23044 (executing program) 2022/10/02 12:35:07 fetching corpus: 100, signal 37909/41397 (executing program) 2022/10/02 12:35:07 fetching corpus: 150, signal 49124/54084 (executing program) 2022/10/02 12:35:07 fetching corpus: 200, signal 52245/58745 (executing program) 2022/10/02 12:35:07 fetching corpus: 250, signal 59036/66927 (executing program) 2022/10/02 12:35:07 fetching corpus: 300, signal 61925/71240 (executing program) 2022/10/02 12:35:07 fetching corpus: 350, signal 65670/76348 (executing program) 2022/10/02 12:35:08 fetching corpus: 400, signal 70350/82260 (executing program) 2022/10/02 12:35:08 fetching corpus: 450, signal 72888/86114 (executing program) 2022/10/02 12:35:08 fetching corpus: 500, signal 77365/91741 (executing program) 2022/10/02 12:35:08 fetching corpus: 550, signal 79845/95451 (executing program) 2022/10/02 12:35:08 fetching corpus: 600, signal 86701/103158 (executing program) 2022/10/02 12:35:08 fetching corpus: 650, signal 91436/108858 (executing program) 2022/10/02 12:35:08 fetching corpus: 700, signal 94838/113303 (executing program) 2022/10/02 12:35:08 fetching corpus: 750, signal 98584/117945 (executing program) 2022/10/02 12:35:09 fetching corpus: 800, signal 100870/121251 (executing program) 2022/10/02 12:35:09 fetching corpus: 850, signal 103550/124889 (executing program) 2022/10/02 12:35:09 fetching corpus: 900, signal 105581/127873 (executing program) 2022/10/02 12:35:09 fetching corpus: 950, signal 107454/130716 (executing program) 2022/10/02 12:35:09 fetching corpus: 1000, signal 109718/133897 (executing program) 2022/10/02 12:35:09 fetching corpus: 1050, signal 112174/137171 (executing program) 2022/10/02 12:35:09 fetching corpus: 1100, signal 114249/140101 (executing program) 2022/10/02 12:35:09 fetching corpus: 1150, signal 115097/141965 (executing program) 2022/10/02 12:35:09 fetching corpus: 1200, signal 116596/144321 (executing program) 2022/10/02 12:35:10 fetching corpus: 1250, signal 118537/147073 (executing program) 2022/10/02 12:35:10 fetching corpus: 1300, signal 120705/150003 (executing program) 2022/10/02 12:35:10 fetching corpus: 1350, signal 122145/152302 (executing program) 2022/10/02 12:35:10 fetching corpus: 1400, signal 123402/154447 (executing program) 2022/10/02 12:35:10 fetching corpus: 1450, signal 124932/156770 (executing program) 2022/10/02 12:35:10 fetching corpus: 1500, signal 127106/159599 (executing program) 2022/10/02 12:35:10 fetching corpus: 1550, signal 128442/161723 (executing program) 2022/10/02 12:35:10 fetching corpus: 1600, signal 129612/163696 (executing program) 2022/10/02 12:35:10 fetching corpus: 1650, signal 131073/165883 (executing program) 2022/10/02 12:35:11 fetching corpus: 1700, signal 132209/167829 (executing program) 2022/10/02 12:35:11 fetching corpus: 1750, signal 133502/169855 (executing program) 2022/10/02 12:35:11 fetching corpus: 1800, signal 134136/171419 (executing program) 2022/10/02 12:35:11 fetching corpus: 1850, signal 135774/173659 (executing program) 2022/10/02 12:35:11 fetching corpus: 1900, signal 136510/175213 (executing program) 2022/10/02 12:35:11 fetching corpus: 1950, signal 137501/176959 (executing program) 2022/10/02 12:35:11 fetching corpus: 2000, signal 138463/178661 (executing program) 2022/10/02 12:35:11 fetching corpus: 2050, signal 140207/180917 (executing program) 2022/10/02 12:35:11 fetching corpus: 2100, signal 142177/183270 (executing program) 2022/10/02 12:35:12 fetching corpus: 2150, signal 144605/185959 (executing program) 2022/10/02 12:35:12 fetching corpus: 2200, signal 147088/188634 (executing program) 2022/10/02 12:35:12 fetching corpus: 2250, signal 147772/190018 (executing program) 2022/10/02 12:35:12 fetching corpus: 2300, signal 148523/191425 (executing program) 2022/10/02 12:35:12 fetching corpus: 2350, signal 149159/192789 (executing program) 2022/10/02 12:35:12 fetching corpus: 2400, signal 150077/194290 (executing program) 2022/10/02 12:35:12 fetching corpus: 2450, signal 151639/196221 (executing program) 2022/10/02 12:35:12 fetching corpus: 2500, signal 152492/197612 (executing program) 2022/10/02 12:35:13 fetching corpus: 2550, signal 153107/198871 (executing program) 2022/10/02 12:35:13 fetching corpus: 2600, signal 154649/200712 (executing program) 2022/10/02 12:35:13 fetching corpus: 2650, signal 155402/202054 (executing program) 2022/10/02 12:35:13 fetching corpus: 2700, signal 155999/203289 (executing program) 2022/10/02 12:35:13 fetching corpus: 2750, signal 156816/204650 (executing program) 2022/10/02 12:35:13 fetching corpus: 2800, signal 157724/206053 (executing program) 2022/10/02 12:35:13 fetching corpus: 2850, signal 159481/207952 (executing program) 2022/10/02 12:35:13 fetching corpus: 2900, signal 160291/209322 (executing program) 2022/10/02 12:35:14 fetching corpus: 2950, signal 161664/210902 (executing program) 2022/10/02 12:35:14 fetching corpus: 3000, signal 162425/212192 (executing program) 2022/10/02 12:35:14 fetching corpus: 3050, signal 163244/213509 (executing program) 2022/10/02 12:35:14 fetching corpus: 3100, signal 163923/214654 (executing program) 2022/10/02 12:35:14 fetching corpus: 3150, signal 164437/215778 (executing program) 2022/10/02 12:35:14 fetching corpus: 3200, signal 165135/216958 (executing program) 2022/10/02 12:35:14 fetching corpus: 3250, signal 166391/218458 (executing program) 2022/10/02 12:35:15 fetching corpus: 3300, signal 167785/220044 (executing program) 2022/10/02 12:35:15 fetching corpus: 3350, signal 169504/221684 (executing program) 2022/10/02 12:35:15 fetching corpus: 3400, signal 170502/222981 (executing program) 2022/10/02 12:35:15 fetching corpus: 3450, signal 171112/224108 (executing program) 2022/10/02 12:35:15 fetching corpus: 3500, signal 172592/225545 (executing program) 2022/10/02 12:35:15 fetching corpus: 3550, signal 172960/226507 (executing program) 2022/10/02 12:35:15 fetching corpus: 3600, signal 173759/227619 (executing program) 2022/10/02 12:35:15 fetching corpus: 3650, signal 174113/228539 (executing program) 2022/10/02 12:35:15 fetching corpus: 3700, signal 174768/229610 (executing program) 2022/10/02 12:35:15 fetching corpus: 3750, signal 175464/230812 (executing program) 2022/10/02 12:35:15 fetching corpus: 3800, signal 176344/232068 (executing program) 2022/10/02 12:35:16 fetching corpus: 3850, signal 176889/233048 (executing program) 2022/10/02 12:35:16 fetching corpus: 3900, signal 177427/234023 (executing program) 2022/10/02 12:35:16 fetching corpus: 3950, signal 178287/235078 (executing program) 2022/10/02 12:35:16 fetching corpus: 4000, signal 179237/236165 (executing program) 2022/10/02 12:35:16 fetching corpus: 4050, signal 179957/237182 (executing program) 2022/10/02 12:35:16 fetching corpus: 4100, signal 180859/238333 (executing program) 2022/10/02 12:35:16 fetching corpus: 4150, signal 181897/239434 (executing program) 2022/10/02 12:35:16 fetching corpus: 4200, signal 182868/240497 (executing program) 2022/10/02 12:35:17 fetching corpus: 4250, signal 183678/241486 (executing program) 2022/10/02 12:35:17 fetching corpus: 4300, signal 184221/242338 (executing program) 2022/10/02 12:35:17 fetching corpus: 4350, signal 185144/243369 (executing program) 2022/10/02 12:35:17 fetching corpus: 4400, signal 185988/244379 (executing program) 2022/10/02 12:35:17 fetching corpus: 4450, signal 187011/245414 (executing program) 2022/10/02 12:35:17 fetching corpus: 4500, signal 188310/246500 (executing program) 2022/10/02 12:35:17 fetching corpus: 4550, signal 188797/247300 (executing program) 2022/10/02 12:35:17 fetching corpus: 4600, signal 189364/248198 (executing program) 2022/10/02 12:35:18 fetching corpus: 4650, signal 190068/249073 (executing program) 2022/10/02 12:35:18 fetching corpus: 4700, signal 190945/249957 (executing program) 2022/10/02 12:35:18 fetching corpus: 4750, signal 192022/250964 (executing program) 2022/10/02 12:35:18 fetching corpus: 4800, signal 192613/251777 (executing program) 2022/10/02 12:35:18 fetching corpus: 4850, signal 193210/252591 (executing program) 2022/10/02 12:35:18 fetching corpus: 4900, signal 194028/253470 (executing program) 2022/10/02 12:35:18 fetching corpus: 4938, signal 194722/254308 (executing program) 2022/10/02 12:35:18 fetching corpus: 4938, signal 194722/254923 (executing program) 2022/10/02 12:35:18 fetching corpus: 4938, signal 194722/255521 (executing program) 2022/10/02 12:35:18 fetching corpus: 4938, signal 194722/256074 (executing program) 2022/10/02 12:35:18 fetching corpus: 4938, signal 194722/256692 (executing program) 2022/10/02 12:35:18 fetching corpus: 4938, signal 194722/257305 (executing program) 2022/10/02 12:35:18 fetching corpus: 4938, signal 194722/257911 (executing program) 2022/10/02 12:35:18 fetching corpus: 4938, signal 194722/258512 (executing program) 2022/10/02 12:35:18 fetching corpus: 4938, signal 194722/259128 (executing program) 2022/10/02 12:35:18 fetching corpus: 4938, signal 194722/259739 (executing program) 2022/10/02 12:35:18 fetching corpus: 4938, signal 194722/260297 (executing program) 2022/10/02 12:35:18 fetching corpus: 4938, signal 194722/260897 (executing program) 2022/10/02 12:35:18 fetching corpus: 4938, signal 194722/261473 (executing program) 2022/10/02 12:35:18 fetching corpus: 4938, signal 194722/262050 (executing program) 2022/10/02 12:35:18 fetching corpus: 4938, signal 194722/262635 (executing program) 2022/10/02 12:35:18 fetching corpus: 4938, signal 194722/263240 (executing program) 2022/10/02 12:35:18 fetching corpus: 4938, signal 194722/263848 (executing program) 2022/10/02 12:35:18 fetching corpus: 4938, signal 194722/264444 (executing program) 2022/10/02 12:35:18 fetching corpus: 4938, signal 194722/265045 (executing program) 2022/10/02 12:35:18 fetching corpus: 4938, signal 194722/265610 (executing program) 2022/10/02 12:35:19 fetching corpus: 4938, signal 194722/266220 (executing program) 2022/10/02 12:35:19 fetching corpus: 4938, signal 194722/266827 (executing program) 2022/10/02 12:35:19 fetching corpus: 4938, signal 194722/267435 (executing program) 2022/10/02 12:35:19 fetching corpus: 4938, signal 194722/268060 (executing program) 2022/10/02 12:35:19 fetching corpus: 4938, signal 194722/268636 (executing program) 2022/10/02 12:35:19 fetching corpus: 4938, signal 194722/269271 (executing program) 2022/10/02 12:35:19 fetching corpus: 4938, signal 194722/269891 (executing program) 2022/10/02 12:35:19 fetching corpus: 4938, signal 194722/270489 (executing program) 2022/10/02 12:35:19 fetching corpus: 4938, signal 194722/271084 (executing program) 2022/10/02 12:35:19 fetching corpus: 4938, signal 194722/271670 (executing program) 2022/10/02 12:35:19 fetching corpus: 4938, signal 194722/272225 (executing program) 2022/10/02 12:35:19 fetching corpus: 4938, signal 194722/272824 (executing program) 2022/10/02 12:35:19 fetching corpus: 4938, signal 194722/273412 (executing program) 2022/10/02 12:35:19 fetching corpus: 4938, signal 194722/274051 (executing program) 2022/10/02 12:35:19 fetching corpus: 4938, signal 194722/274703 (executing program) 2022/10/02 12:35:19 fetching corpus: 4938, signal 194722/275332 (executing program) 2022/10/02 12:35:19 fetching corpus: 4938, signal 194722/275936 (executing program) 2022/10/02 12:35:19 fetching corpus: 4938, signal 194722/276510 (executing program) 2022/10/02 12:35:19 fetching corpus: 4938, signal 194722/277016 (executing program) 2022/10/02 12:35:19 fetching corpus: 4938, signal 194722/277016 (executing program) 2022/10/02 12:35:22 starting 8 fuzzer processes 12:35:22 executing program 0: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$NL80211_CMD_DEAUTHENTICATE(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x70, r0, 0x10, 0x70bd27, 0x25dfdbfc, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_MAC={0xa, 0x6, @random="e3b369643365"}, @NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x40}, @NL80211_ATTR_IE={0x8, 0x2a, [@perr={0x84, 0x2, {0xd2}}]}, @NL80211_ATTR_SSID={0x1c, 0x34, @random="f6146e92d94ce71f4e97e6c0d6ad68521baea7d581ac53eb"}, @NL80211_ATTR_LOCAL_STATE_CHANGE={0x4}, @NL80211_ATTR_SSID={0xa, 0x34, @default_ibss_ssid}, @NL80211_ATTR_SSID={0x8, 0x34, @random="ce24322d"}, @NL80211_ATTR_LOCAL_STATE_CHANGE={0x4}]}, 0x70}, 0x1, 0x0, 0x0, 0x20000810}, 0x15) ioctl$INCFS_IOC_PERMIT_FILL(0xffffffffffffffff, 0x40046721, &(0x7f0000000180)) ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000300)={'gretap0\x00', &(0x7f0000000280)={'tunl0\x00', 0x0, 0x700, 0x7, 0x6, 0x9, {{0x9, 0x4, 0x1, 0x3d, 0x24, 0x64, 0x0, 0x9, 0x2b, 0x0, @local, @dev={0xac, 0x14, 0x14, 0x18}, {[@noop, @noop, @ssrr={0x89, 0x7, 0x93, [@loopback]}, @ra={0x94, 0x4}]}}}}}) sendmsg$TEAM_CMD_OPTIONS_GET(0xffffffffffffffff, &(0x7f0000000800)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f00000007c0)={&(0x7f0000000340)={0x45c, 0x0, 0x2, 0x70bd2c, 0x25dfdbfe, {}, [{{0x8}, {0x3c, 0x2, 0x0, 0x1, [{0x38, 0x1, @mcast_rejoin_count={{0x24}, {0x5}, {0x8, 0x4, 0x7fff}}}]}}, {{0x8}, {0x230, 0x2, 0x0, 0x1, [{0x40, 0x1, @priority={{{0x24}, {0x5}, {0x8, 0x4, 0x3ff}}, {0x8}}}, {0x40, 0x1, @lb_hash_stats={{{0x24}, {0x5}, {0x8, 0x4, 0x6}}, {0x8}}}, {0x38, 0x1, @notify_peers_interval={{0x24}, {0x5}, {0x8, 0x4, 0x4}}}, {0x38, 0x1, @mcast_rejoin_count={{0x24}, {0x5}, {0x8, 0x4, 0x3}}}, {0x40, 0x1, @lb_tx_hash_to_port_mapping={{{0x24}, {0x5}, {0x8}}, {0x8}}}, {0x40, 0x1, @lb_port_stats={{{0x24}, {0x5}, {0x8, 0x4, 0x10000}}, {0x8}}}, {0x40, 0x1, @lb_hash_stats={{{0x24}, {0x5}, {0x8, 0x4, 0x8}}, {0x8, 0x7, 0x8}}}, {0x3c, 0x1, @name={{0x24}, {0x5}, {0xb, 0x4, 'random\x00'}}}, {0x40, 0x1, @name={{0x24}, {0x5}, {0xf, 0x4, 'roundrobin\x00'}}}]}}, {{0x8}, {0x104, 0x2, 0x0, 0x1, [{0x40, 0x1, @lb_port_stats={{{0x24}, {0x5}, {0x8, 0x4, 0x2}}, {0x8}}}, {0x40, 0x1, @lb_tx_hash_to_port_mapping={{{0x24}, {0x5}, {0x8, 0x4, r1}}, {0x8}}}, {0x40, 0x1, @lb_tx_hash_to_port_mapping={{{0x24}, {0x5}, {0x8}}, {0x8}}}, {0x40, 0x1, @priority={{{0x24}, {0x5}, {0x8, 0x4, 0x10000}}, {0x8}}}]}}, {{0x8}, {0xb8, 0x2, 0x0, 0x1, [{0x3c, 0x1, @lb_tx_method={{0x24}, {0x5}, {0x9, 0x4, 'hash\x00'}}}, {0x40, 0x1, @queue_id={{{0x24}, {0x5}, {0x8, 0x4, 0x6}}, {0x8}}}, {0x38, 0x1, @notify_peers_interval={{0x24}, {0x5}, {0x8, 0x4, 0x101}}}]}}]}, 0x45c}, 0x1, 0x0, 0x0, 0x8011}, 0x800) getpeername$packet(0xffffffffffffffff, &(0x7f0000000840)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000880)=0x14) r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000900), 0xffffffffffffffff) sendmsg$NL80211_CMD_UPDATE_FT_IES(0xffffffffffffffff, &(0x7f0000000d00)={&(0x7f00000008c0)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000cc0)={&(0x7f0000000940)={0x348, r3, 0x200, 0x70bd26, 0x25dfdbff, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_IE={0x149, 0x2a, [@measure_req={0x26, 0xd4, {0x5, 0x3, 0x1, "5b3c741c7b1fd4a26a5da21f93b2c68bbfed39ca6b12054ede2c6ca3e69c985b99da65367771bad5c3dac3eb50f00ea15c085bcad1a4ac028790af3ab62845202cc93cfadcc1da2e16949fc1039f8085466e817c188b6c04fe16f3fc9831b666dd29f380ba65a775fad030a98cde727e19d930119ea07c8ef1ddb63a8cb6f4c2b710985f0bde71454194183915854cd548d5009f6261f2f70fca85a008e53fc955e35457e3a97011330b1f9d7f9656ef229986b86227b5112d157473e5bfba4a2dcc56bd49574d10c6fdca64c60a0199fa"}}, @preq={0x82, 0x6d, @ext={{}, 0x81, 0x2, 0x2, @broadcast, 0x0, @device_a, 0x10001, 0x7fff, 0x7, [{{0x1, 0x0, 0x1}, @device_b, 0x1}, {{0x0, 0x0, 0x1}, @device_b, 0x7}, {{0x1, 0x0, 0x1}, @broadcast, 0x1}, {{}, @broadcast}, {{}, @broadcast, 0x9}, {{0x0, 0x0, 0x1}, @broadcast, 0x8}, {{0x1, 0x0, 0x1}, @device_b, 0xffff7fff}]}}]}, @NL80211_ATTR_IE={0x112, 0x2a, [@tim={0x5, 0x95, {0x1, 0xcb, 0x58, "0a036ed04c52ff47a1f01fff7405242c65e2153927d14584a563beeaaac3034e901f69cc4b67446b855f304e7c24eb232d6734fcfe8b01a78177fec62100e2f7e3523ceea7f335d41dd518f8e88872a756299318f0eb492ed54f0516dc227b49baf95b02ecbc4bb562969e0afa98ff88513f781f791d3cdd903d86e1e80439c3756e7292f52011b73f2572c7b9ec8fcfed17"}}, @ext_channel_switch={0x3c, 0x4, {0x1, 0x0, 0x4, 0xa2}}, @random_vendor={0xdd, 0x40, "f31aff9dd5c73548919e6bd3bf742a581e87f14a67be6f9d11d5eb7448ec66e37d0377ddb1514c395853b7e8cfcba7bc95ca882660509439419f21d10eb550fa"}, @dsss={0x3, 0x1, 0x80}, @measure_req={0x26, 0x10, {0x62, 0x9, 0x5, "c136ebc981cc070d51d2996dc8"}}, @mic={0x8c, 0x18, {0x8c6, "47f08dae6e77", @long="20bdd37f39ab483ec9801d9c97fed0cb"}}]}, @NL80211_ATTR_IE={0x78, 0x2a, [@cf={0x4, 0x6, {0x40, 0x6, 0x8, 0x1}}, @cf={0x4, 0x6, {0x0, 0x64, 0x400, 0x8}}, @prep={0x83, 0x1f, @not_ext={{}, 0x38, 0x2, @device_a, 0x80, "", 0x5, 0x736, @device_b, 0x401}}, @mic={0x8c, 0x18, {0x70b, "09c727e848a9", @long="9c941fc8f83b744173fc9768398a181a"}}, @peer_mgmt={0x75, 0x8, {0x0, 0x300, @val=0x1, @val=0x3c, @void}}, @ht={0x2d, 0x1a, {0x300, 0x0, 0x0, 0x0, {0x1000000000000, 0x2c5, 0x0, 0x3, 0x0, 0x1}, 0x400, 0xb7c, 0x5}}, @dsss={0x3, 0x1, 0x9d}]}, @NL80211_ATTR_IE={0x41, 0x2a, [@peer_mgmt={0x75, 0x14, {0x0, 0x401, @void, @void, @val="0fbec5fe37aa203703e156674c8473c3"}}, @dsss={0x3, 0x1, 0x3}, @cf={0x4, 0x6, {0x2, 0x1, 0x6, 0x9}}, @gcr_ga={0xbd, 0x6}, @ssid={0x0, 0x6, @default_ibss_ssid}, @ibss={0x6, 0x2}, @cf={0x4, 0x6, {0x20, 0x0, 0xc2dd, 0xece}}]}, @NL80211_ATTR_MDID={0x6, 0xb1, 0xffc1}, @NL80211_ATTR_MDID={0x6, 0xb1, 0x5ab}]}, 0x348}, 0x1, 0x0, 0x0, 0x84}, 0xd036549dc7cd228d) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = socket(0x2c, 0x1, 0x101) sendmsg$MPTCP_PM_CMD_ADD_ADDR(r5, &(0x7f0000000e40)={&(0x7f0000000d40)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000e00)={&(0x7f0000000d80)={0x54, 0x0, 0x400, 0x70bd2d, 0x25dfdbff, {}, [@MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x1}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x7}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x4}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x5}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x8}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x6}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x4}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x4}]}, 0x54}, 0x1, 0x0, 0x0, 0x4800}, 0x2004c091) setsockopt$inet6_mreq(r5, 0x29, 0x15, &(0x7f0000000e80)={@dev={0xfe, 0x80, '\x00', 0x1e}, r1}, 0x14) setsockopt$packet_fanout(r5, 0x107, 0x12, &(0x7f0000000ec0)={0x0, 0x4}, 0x4) ioctl$ifreq_SIOCGIFINDEX_team(r5, 0x8933, &(0x7f0000000f00)={'team0\x00', 0x0}) accept$packet(r5, &(0x7f0000000f80)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @multicast}, &(0x7f0000000fc0)=0x14) getsockname$packet(r5, &(0x7f0000001000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @multicast}, &(0x7f0000001040)=0x14) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000001080)={'geneve0\x00', 0x0}) ioctl$sock_ipv6_tunnel_SIOCCHGPRL(0xffffffffffffffff, 0x89f7, &(0x7f0000001140)={'ip6gre0\x00', &(0x7f00000010c0)={'syztnl1\x00', r1, 0x2f, 0x3, 0x4, 0x5, 0xd, @mcast1, @loopback, 0x80, 0x7, 0x7ff, 0x2}}) ioctl$ifreq_SIOCGIFINDEX_wireguard(r5, 0x8933, &(0x7f0000001180)={'wg2\x00', 0x0}) sendmsg$ETHTOOL_MSG_PRIVFLAGS_GET(r4, &(0x7f0000001500)={&(0x7f0000000f40)={0x10, 0x0, 0x0, 0x100010}, 0xc, &(0x7f00000014c0)={&(0x7f0000001340)={0x160, 0x0, 0x800, 0x70bd28, 0x25dfdbfc, {}, [@HEADER={0x48, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r2}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r7}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'batadv0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r6}]}, @HEADER={0x34, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'wlan0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r6}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_to_hsr\x00'}]}, @HEADER={0x24, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r6}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r1}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}]}, @HEADER={0x4c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'wg2\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r1}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r9}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'syzkaller0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r1}]}, @HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r2}]}, @HEADER={0x2c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r10}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r11}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r1}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r6}]}, @HEADER={0x28, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_to_bridge\x00'}]}]}, 0x160}, 0x1, 0x0, 0x0, 0x4000000}, 0x4) 12:35:22 executing program 1: r0 = openat$incfs(0xffffffffffffff9c, &(0x7f0000000000)='.pending_reads\x00', 0x240000, 0x110) ioctl$int_in(r0, 0x5421, &(0x7f0000000040)=0x2) ioctl$HIDIOCINITREPORT(0xffffffffffffffff, 0x4805, 0x0) r1 = syz_open_dev$ptys(0xc, 0x3, 0x1) ioctl$BTRFS_IOC_DEFRAG(r1, 0x50009402, 0x0) ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(r0, 0xc018937a, &(0x7f0000000080)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x4}}, './file0\x00'}) ioctl$HIDIOCGPHYS(r2, 0x80404812, &(0x7f00000000c0)) ioctl$BTRFS_IOC_SUBVOL_SETFLAGS(r2, 0x4008941a, &(0x7f0000000100)) ioctl$VT_OPENQRY(r1, 0x5600, &(0x7f0000000140)) ioctl$AUTOFS_DEV_IOCTL_PROTOVER(r2, 0xc0189372, &(0x7f0000000180)={{0x1, 0x1, 0x18, r2, {0x8}}, './file0\x00'}) syz_io_uring_setup(0x808, &(0x7f00000001c0)={0x0, 0xf964, 0x0, 0x1, 0x29, 0x0, r2}, &(0x7f0000ffb000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000240)=0x0, &(0x7f0000000280)=0x0) ioctl$TIOCSLCKTRMIOS(r3, 0x5457, &(0x7f00000002c0)) ioctl$FS_IOC_ENABLE_VERITY(r0, 0x40806685, &(0x7f0000000380)={0x1, 0x0, 0x1000, 0x36, &(0x7f0000000300)="34cf343eb7c9827b72bfd8162dd79f26d650aa05892caef2cdcda195ff97350034aeca631d9d30d3d16ed1aefdc84fb4a0130c59eae8", 0x0, 0x0, &(0x7f0000000340)}) syz_io_uring_submit(r4, r5, &(0x7f00000004c0)=@IORING_OP_SEND={0x1a, 0x5, 0x0, r0, 0x0, &(0x7f0000000400)="fd2fa648012c79309f490b89cf37fb21f10b7ba3b520069e6e8395fead7cf4d69695a153f117ffb55af16f58ae0dd7b4c0d1244a345a8a7a2ca690633160feee8300688594df191c8f773e797c78fcf3969382667a12655fa9bc549fba49fd3022031b1cc42f933d7ee29fbae525ec168c481d478272742baf4b4c61df9eebba82ed9b", 0x83, 0x22000800, 0x1}, 0xff) pipe(&(0x7f00000005c0)={0xffffffffffffffff, 0xffffffffffffffff}) perf_event_open(&(0x7f0000000540)={0x2, 0x80, 0x0, 0x1, 0x8, 0x9, 0x0, 0x40, 0x8, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x2, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x5, 0x0, @perf_bp={&(0x7f0000000500), 0x6}, 0x40, 0x8, 0x9, 0x9, 0x1, 0x1, 0x6, 0x0, 0x3, 0x0, 0x6d5}, 0xffffffffffffffff, 0x5, r6, 0xb) r7 = fcntl$dupfd(r3, 0x0, r3) r8 = dup3(r1, r0, 0x0) fcntl$dupfd(r7, 0x406, r8) writev(0xffffffffffffffff, &(0x7f0000000740)=[{&(0x7f0000000600)="9728c1d2905e2298439727b99e591f03995f83fa3c562ad12b8381353f7dce2e881cebb8bd8506eae833ca2b3559a05a14bdecaeaeab8964e2a1c2e6b06b59a5a3", 0x41}, {&(0x7f0000000680)="178adf8b74515c8ca7e5033f875ca78dfd2a3ce7c939a7eca94a171f8439a550c88b6308047f85bfe197bc5181d4891cd0023b40a113ab5891d7b3e654edc21e9bc591c914eb5d517d1cc619bf4b30f6a779a5505eada1cb18360c99a8ffdfaaf677c97285112e043a64e64f0987aecd23a3b8741bf46d8f", 0x78}, {&(0x7f0000000700)="e8549b4efb73a5d6ba4eca2bff0aea4269deab3b54cd51b2265b8fe50c7095adef3662b441564426d78721", 0x2b}], 0x3) 12:35:22 executing program 2: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x200000, 0x0) sendmsg$DEVLINK_CMD_SB_POOL_GET(r0, &(0x7f0000000280)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000240)={&(0x7f0000000080)={0x1ac, 0x0, 0x61c, 0x70bd2a, 0x25dfdbff, {}, [{@pci={{0x8}, {0x11}}, {0x8, 0xb, 0x9}, {0x6, 0x11, 0x7f}}, {@pci={{0x8}, {0x11}}, {0x8, 0xb, 0x3}, {0x6, 0x11, 0x4}}, {@pci={{0x8}, {0x11}}, {0x8, 0xb, 0x3ff}, {0x6, 0x11, 0xff}}, {@pci={{0x8}, {0x11}}, {0x8, 0xb, 0x1}, {0x6, 0x11, 0x5}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0xb, 0xf1a8}, {0x6, 0x11, 0x8}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8}, {0x6, 0x11, 0x4}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0xb, 0x4}, {0x6, 0x11, 0xf8b6}}, {@pci={{0x8}, {0x11}}, {0x8, 0xb, 0x3}, {0x6, 0x11, 0x5}}, {@pci={{0x8}, {0x11}}, {0x8, 0xb, 0x7}, {0x6, 0x11, 0xed}}]}, 0x1ac}, 0x1, 0x0, 0x0, 0x40000}, 0x8000) ioctl$BTRFS_IOC_QGROUP_CREATE(r0, 0x4010942a, &(0x7f00000002c0)={0x1, 0x7f}) r1 = socket(0x1e, 0x6, 0x2) r2 = dup3(r0, r1, 0x80000) setsockopt$inet6_IPV6_PKTINFO(r1, 0x29, 0x32, &(0x7f0000000300)={@private1={0xfc, 0x1, '\x00', 0x1}}, 0x14) r3 = openat$cgroup_subtree(r2, &(0x7f0000000340), 0x2, 0x0) r4 = syz_open_dev$hiddev(&(0x7f0000000380), 0x5, 0x8000) sendfile(r3, r4, &(0x7f00000003c0)=0x7fffffff, 0xffffffffffff4121) fsetxattr$trusted_overlay_origin(r0, &(0x7f0000000400), &(0x7f0000000440), 0x2, 0x1) setsockopt$bt_l2cap_L2CAP_OPTIONS(r2, 0x6, 0x1, &(0x7f0000000480)={0x2, 0x8, 0x4, 0x3f, 0x3, 0xf8, 0x8}, 0xc) r5 = socket$inet6_udp(0xa, 0x2, 0x0) ioctl$sock_SIOCDELRT(r5, 0x890c, &(0x7f0000000500)={0x0, @in={0x2, 0x4e22, @rand_addr=0x64010102}, @rc={0x1f, @any, 0x7f}, @rc={0x1f, @any, 0x1}, 0x40, 0x0, 0x0, 0x0, 0x101, &(0x7f00000004c0)='vxcan1\x00', 0x6, 0x32, 0x7}) ioctl$AUTOFS_DEV_IOCTL_VERSION(0xffffffffffffffff, 0xc0189371, &(0x7f0000000580)={{0x1, 0x1, 0x18, r0}, './file0\x00'}) sendmsg$NL80211_CMD_CANCEL_REMAIN_ON_CHANNEL(r6, &(0x7f00000006c0)={&(0x7f00000005c0)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000680)={&(0x7f0000000600)={0x4c, 0x0, 0x400, 0x70bd2d, 0x25dfdbff, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_COOKIE={0xc, 0x58, 0x73}, @NL80211_ATTR_COOKIE={0xc, 0x58, 0x2e}, @NL80211_ATTR_COOKIE={0xc, 0x58, 0x36}, @NL80211_ATTR_COOKIE={0xc, 0x58, 0x4}]}, 0x4c}}, 0x20000000) ioctl$EXT4_IOC_CHECKPOINT(r3, 0x4004662b, &(0x7f0000000700)=0x4) r7 = fsopen(&(0x7f0000000740)='omfs\x00', 0x1) ioctl$FIBMAP(r7, 0x1, &(0x7f0000000780)=0x9) ioctl$AUTOFS_DEV_IOCTL_EXPIRE(r2, 0xc018937c, &(0x7f00000007c0)={{0x1, 0x1, 0x18, r0, {0x1}}, './file0\x00'}) ioctl$FS_IOC_FSGETXATTR(r6, 0x801c581f, &(0x7f0000000800)={0xfff, 0x4, 0xc8c, 0x4, 0xff}) 12:35:22 executing program 3: pwritev(0xffffffffffffffff, &(0x7f0000000140)=[{}, {&(0x7f0000000040)="6d5a1796a81d41546029f32d39a29484b1dc2434cb0b3011bdefa01b904651147b6f7c34fd8d456802e96e7d01ce1d057de76950598a13984d6daedc81a9e8fb760e4b9f892ab97b537ac69148cae70132f3e392af9d0ef5735b65239a1acbcf0bfa8d0e42281102871abe635f96f1bd850e167f28fb33e5de1ffc11f6e8d11c612d06334805173f04502fc2629164d113832eef0e279e5a1043a47834215e90a5ffff5bff99f8aec42ebfe2132a18f7e792a8c09645060a7f0a2be5e0d72412bededeaa834cf6cd3140264130168925413ebf8a4af85273c9cc07", 0xdb}], 0x2, 0x2e6c800, 0x7) r0 = dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_genetlink_get_family_id$tipc2(&(0x7f0000000180), r0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000280)={0xffffffffffffffff}) ioctl$sock_SIOCETHTOOL(r1, 0x8946, &(0x7f0000000300)={'vlan0\x00', &(0x7f00000002c0)=@ethtool_pauseparam={0x13, 0x5, 0xd8, 0x48000}}) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000340)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_ipv6_tunnel_SIOCCHG6RD(0xffffffffffffffff, 0x89fb, &(0x7f0000000400)={'syztnl0\x00', &(0x7f0000000380)={'sit0\x00', 0x0, 0x2f, 0x81, 0x0, 0x2, 0x40, @remote, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, 0x7, 0x7, 0x4, 0x4}}) ioctl$AUTOFS_DEV_IOCTL_READY(r0, 0xc0189376, &(0x7f0000000440)={{0x1, 0x1, 0x18, r2}, './file0\x00'}) bind$unix(r4, &(0x7f0000000480)=@file={0x0, './file0\x00'}, 0x6e) lsetxattr(&(0x7f0000000500)='./file0\x00', &(0x7f0000000540)=@known='user.incfs.metadata\x00', &(0x7f0000000580)='sit0\x00', 0x5, 0x1) readahead(r0, 0x3, 0x1) umount2(&(0x7f00000005c0)='./file0\x00', 0x6) sendmmsg$unix(r1, &(0x7f0000000600), 0x0, 0x4) stat(&(0x7f0000000640)='./file0\x00', &(0x7f0000000680)) r5 = socket$inet(0x2, 0x1, 0x2) getsockopt$inet_pktinfo(r5, 0x0, 0x8, &(0x7f0000000700)={0x0, @rand_addr, @multicast2}, &(0x7f0000000740)=0xc) getsockopt$inet_int(r0, 0x0, 0xc, &(0x7f0000000780), &(0x7f00000007c0)=0x4) stat(&(0x7f0000000d00)='./file0\x00', &(0x7f0000000d40)={0x0, 0x0, 0x0, 0x0, 0x0}) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000dc0)={{{@in6=@remote, @in6=@ipv4={'\x00', '\xff\xff', @multicast2}, 0x4e20, 0x7c1, 0x4e20, 0x0, 0xa, 0x20, 0xa0, 0x5e, r3, r6}, {0x2, 0xffff, 0x5, 0xf74, 0x9, 0x6, 0xff, 0x8000}, {0xffffffffffffffff, 0x5, 0x1ff, 0x7fffffff}, 0xff, 0x6e6bbb, 0x1, 0x1, 0x3}, {{@in6=@loopback, 0x4d4, 0x6c}, 0xa, @in6=@ipv4={'\x00', '\xff\xff', @local}, 0x3502, 0x1, 0x1, 0x1, 0x4, 0x0, 0x3}}, 0xe8) write$P9_RLERROR(0xffffffffffffffff, &(0x7f0000000f00)={0xf, 0x7, 0x1, {0x6, '\xd2]%!+]'}}, 0xf) 12:35:22 executing program 4: sendmsg$TIPC_CMD_SET_NODE_ADDR(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x24, 0x0, 0x200, 0x70bd2a, 0x25dfdbfd, {{}, {}, {0x8, 0x11, 0x10001}}, ["", "", "", ""]}, 0x24}, 0x1, 0x0, 0x0, 0x20000000}, 0x0) ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000100)={0xffffffffffffffff, 0x5, 0xfffffffffffffff8, 0x7ff}) sendmsg$IPVS_CMD_DEL_DAEMON(r0, &(0x7f0000000240)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)={0x58, 0x0, 0x903, 0x70bd2b, 0x25dfdbff, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP={0x8}, @IPVS_CMD_ATTR_DAEMON={0x3c, 0x3, 0x0, 0x1, [@IPVS_DAEMON_ATTR_MCAST_GROUP={0x8, 0x5, @private=0xa010101}, @IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @dev={0xfe, 0x80, '\x00', 0x39}}, @IPVS_DAEMON_ATTR_STATE={0x8, 0x1, 0x5}, @IPVS_DAEMON_ATTR_MCAST_IFN={0x14, 0x2, 'wg1\x00'}]}]}, 0x58}, 0x1, 0x0, 0x0, 0x803}, 0x8801) r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000280)='/sys/kernel/sunrpc', 0x414200, 0x80) ioctl$BLKIOOPT(r1, 0x1279, &(0x7f00000002c0)) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000340)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_DEL_TX_TS(r0, &(0x7f0000000480)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000440)={&(0x7f0000000380)={0x88, 0x0, 0x8, 0x70bd2a, 0x25dfdbfb, {{}, {@val={0x8, 0x3, r2}, @val={0xc, 0x99, {0x800, 0x44}}}}, [@NL80211_ATTR_TSID={0x5, 0xd2, 0xb}, @NL80211_ATTR_MAC={0xa, 0x6, @broadcast}, @NL80211_ATTR_TSID={0x5, 0xd2, 0x3}, @NL80211_ATTR_MAC={0xa, 0x6, @broadcast}, @NL80211_ATTR_MAC={0xa, 0x6, @broadcast}, @NL80211_ATTR_TSID={0x5, 0xd2, 0x9}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_MAC={0xa, 0x6, @broadcast}]}, 0x88}, 0x1, 0x0, 0x0, 0x890}, 0x24000) r3 = socket(0xa, 0x800, 0x4) ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f00000004c0)={r3, 0x3, 0x8, 0x1}) r5 = signalfd(r1, &(0x7f0000000500)={[0x10000]}, 0x8) ioctl$BLKTRACESTART(r5, 0x1274, 0x0) ioctl$BLKRRPART(r0, 0x125f, 0x0) r6 = openat$tcp_mem(0xffffffffffffff9c, &(0x7f0000000540)='/proc/sys/net/ipv4/tcp_rmem\x00', 0x1, 0x0) close(r6) sendmsg$DEVLINK_CMD_SB_OCC_MAX_CLEAR(r4, &(0x7f0000000740)={&(0x7f0000000580), 0xc, &(0x7f0000000700)={&(0x7f00000005c0)={0x11c, 0x0, 0x400, 0x70bd2b, 0x25dfdbfd, {}, [{@pci={{0x8}, {0x11}}, {0x8}}, {@pci={{0x8}, {0x11}}, {0x8, 0xb, 0x5}}, {@pci={{0x8}, {0x11}}, {0x8, 0xb, 0x4}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0xb, 0xdc52}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0xb, 0x1}}, {@pci={{0x8}, {0x11}}, {0x8, 0xb, 0x401000}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0xb, 0xfffffbff}}]}, 0x11c}, 0x1, 0x0, 0x0, 0x20020894}, 0x20000800) write$tcp_mem(r0, &(0x7f0000000780)={0x1000, 0x20, 0x39, 0x20, 0x1}, 0x48) ioctl$BLKRAGET(r5, 0x1263, &(0x7f0000000800)) fcntl$addseals(r3, 0x409, 0x0) sendmsg$NL80211_CMD_SET_PMK(r5, &(0x7f0000000900)={&(0x7f0000000840)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f00000008c0)={&(0x7f0000000880)={0x34, 0x0, 0x200, 0x70bd27, 0x25dfdbfe, {{}, {@void, @val={0xc, 0x99, {0x5, 0x4a}}}}, [@NL80211_ATTR_PMK={0x14, 0xfe, "6a6cf7274d9881061714020eb2bdfb61"}]}, 0x34}, 0x1, 0x0, 0x0, 0x8000}, 0x40040) ioctl$BLKBSZGET(r0, 0x80081270, &(0x7f0000000940)) 12:35:22 executing program 5: ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, &(0x7f0000000500)={0x11c, 0x0, &(0x7f0000000300)=[@transaction={0x40406300, {0x2, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x58, 0x18, &(0x7f0000000000)={@fda={0x66646185, 0x1, 0x1, 0x1}, @flat=@weak_handle={0x77682a85, 0xa, 0x1}, @fda={0x66646185, 0x7, 0x1, 0x3b}}, &(0x7f0000000080)={0x0, 0x20, 0x38}}}, @transaction_sg={0x40486311, {0x2, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x58, 0x18, &(0x7f0000000100)={@flat=@weak_handle, @ptr={0x70742a85, 0x0, &(0x7f00000000c0)=""/14, 0xe, 0x2, 0x3a}, @fd}, &(0x7f0000000180)={0x0, 0x18, 0x40}}}, @transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x60, 0x18, &(0x7f0000000240)={@ptr={0x70742a85, 0x0, &(0x7f00000001c0)=""/84, 0x54, 0x0, 0x3a}, @fd, @fda={0x66646185, 0x5, 0x0, 0x2a}}, &(0x7f00000002c0)={0x0, 0x28, 0x40}}}, @clear_death={0x400c630f, 0x1}, @increfs_done={0x40106308, 0x1}, @increfs_done={0x40106308, 0x2}, @clear_death={0x400c630f, 0x1}], 0xb2, 0x0, &(0x7f0000000440)="c44474a3330138daae117851fac5f256d4293b7bfd563c16a0bf98004cddb45cf6c754bf7de808dda7bd3162edcb8e303beada72ed46f5ff994298bca10657be7b506eb6b3a7829e2b4d3408e578cc4356afd934b71293d77be814df587afa2c529ab1dcd73d3aef8456fc4af57f20a2dc693aadc0cbf3b6e8071b56195c99a8e87780899632b242d2d7912300a36753ac31c1b9ad543f84baaf1178198185f751de6ef13109f5c08a65aeef86620fbef3e3"}) ioctl$sock_SIOCSIFBR(0xffffffffffffffff, 0x8941, &(0x7f0000000540)=@generic={0x3, 0xffff, 0x80}) ioctl$AUTOFS_DEV_IOCTL_READY(0xffffffffffffffff, 0xc0189376, &(0x7f0000000580)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x10000}}, './file0\x00'}) stat(&(0x7f00000005c0)='./file0\x00', &(0x7f0000000600)) ioctl$FITHAW(r0, 0xc0045878) renameat(r0, &(0x7f0000000680)='./file0\x00', r0, &(0x7f00000006c0)='./file0\x00') r1 = openat$sr(0xffffffffffffff9c, &(0x7f0000000700), 0x284500, 0x0) r2 = openat2(r0, &(0x7f0000000740)='./file0\x00', &(0x7f0000000780)={0x8000, 0x1c1, 0x14}, 0x18) r3 = accept4$bt_l2cap(0xffffffffffffffff, 0x0, &(0x7f00000007c0), 0x80000) r4 = syz_open_procfs$userns(0xffffffffffffffff, &(0x7f0000000800)) r5 = openat$incfs(r0, &(0x7f0000000840)='.log\x00', 0x2000, 0x100) r6 = openat$ptp0(0xffffffffffffff9c, &(0x7f0000000880), 0x84441, 0x0) io_uring_register$IORING_REGISTER_FILES_UPDATE(r2, 0x6, &(0x7f0000000900)={0x6, 0x0, &(0x7f00000008c0)=[r0, r3, r4, r5, r0, r1, 0xffffffffffffffff, r1, r6]}, 0x9) mmap(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x1000004, 0x810, r0, 0xd7fc4000) ioctl$PTP_PIN_GETFUNC(r1, 0xc0603d06, &(0x7f0000000940)={'\x00', 0x5, 0x2, 0x8}) fspick(r0, &(0x7f00000009c0)='./file0\x00', 0x1) setns(r5, 0x10000000) ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(0xffffffffffffffff, 0xc018937d, &(0x7f0000000a80)={{0x1, 0x1, 0x18, r3, {0x1}}, './file0\x00'}) fsconfig$FSCONFIG_SET_PATH(r5, 0x3, &(0x7f0000000a00)='/dev/ptp0\x00', &(0x7f0000000a40)='./file0\x00', r7) connect(0xffffffffffffffff, &(0x7f0000000ac0)=@nl=@proc={0x10, 0x0, 0x25dfdbff, 0x2000000}, 0x80) 12:35:22 executing program 6: ioctl$KDGETMODE(0xffffffffffffffff, 0x4b3b, &(0x7f0000000000)) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000040)) r0 = open(&(0x7f0000000080)='./file0\x00', 0x1a5103, 0x0) ioctl$TIOCGSOFTCAR(r0, 0x5419, &(0x7f00000000c0)) ioctl$FICLONE(r0, 0x40049409, r0) ioctl$VT_SETMODE(r0, 0x5602, &(0x7f0000000100)={0x98, 0x80, 0x80, 0x1, 0x800}) ioctl$TIOCMBIS(r0, 0x5416, &(0x7f0000000140)=0x4) r1 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000180), 0x4102, 0x0) preadv(r1, &(0x7f0000000580)=[{&(0x7f00000001c0)=""/245, 0xf5}, {&(0x7f00000002c0)=""/182, 0xb6}, {&(0x7f0000000380)=""/79, 0x4f}, {&(0x7f0000000400)=""/95, 0x5f}, {&(0x7f0000000480)=""/217, 0xd9}], 0x5, 0x9, 0x0) r2 = getpid() r3 = perf_event_open(&(0x7f0000000600)={0x2, 0x80, 0xf2, 0x3f, 0x4, 0x1, 0x0, 0x8, 0x44000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x3, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, @perf_config_ext={0x6, 0x8001}, 0x10010, 0xfffffffffffff063, 0x2, 0x5, 0xec5, 0x2, 0x1, 0x0, 0xffff, 0x0, 0x3}, r2, 0x0, r0, 0x2) r4 = syz_open_dev$vcsa(&(0x7f0000000680), 0x4000000000000, 0x40000) ioctl$TIOCL_GETMOUSEREPORTING(r4, 0x541c, &(0x7f00000006c0)) ioctl$TIOCL_GETSHIFTSTATE(0xffffffffffffffff, 0x541c, &(0x7f0000000700)={0x6, 0xfa}) ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000740)={r4, 0xe240, 0x8, 0xfffe}) ioctl$KIOCSOUND(r5, 0x4b2f, 0x2) ioctl$BTRFS_IOC_GET_FEATURES(r3, 0x80189439, &(0x7f0000000780)) r6 = syz_open_dev$hidraw(&(0x7f0000000800), 0xffffffff, 0x4440) copy_file_range(r3, &(0x7f00000007c0)=0x1, r6, &(0x7f0000000840)=0x4, 0x1, 0x0) sendmsg$DEVLINK_CMD_SB_OCC_MAX_CLEAR(r5, &(0x7f0000000980)={&(0x7f0000000880)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000940)={&(0x7f00000008c0)={0x64, 0x0, 0x1, 0x70bd2b, 0x25dfdbfb, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0xb, 0xf8}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0xb, 0x236}}]}, 0x64}, 0x1, 0x0, 0x0, 0x1}, 0x200040c0) [ 65.852539] audit: type=1400 audit(1664714122.315:6): avc: denied { execmem } for pid=285 comm="syz-executor.1" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1 12:35:22 executing program 7: ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, &(0x7f0000000000)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x8}}, './file0\x00'}) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$NL80211_CMD_SET_MESH_CONFIG(r0, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x1c, r1, 0x400, 0x70bd2a, 0x25dfdbff, {{}, {@void, @void}}, [@NL80211_ATTR_IFINDEX={0x8}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4000000}, 0x20000000) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f00000001c0), r0) sendmsg$NL80211_CMD_FRAME_WAIT_CANCEL(r0, &(0x7f0000000300)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x8a60fc3f1ce0971b}, 0xc, &(0x7f00000002c0)={&(0x7f0000000200)={0xa0, r2, 0x0, 0x70bd2a, 0x25dfdbff, {{}, {@val={0x8}, @val={0xc, 0x99, {0x75, 0xf}}}}, [@NL80211_ATTR_COOKIE={0xc, 0x58, 0x6b}, @NL80211_ATTR_COOKIE={0xc, 0x58, 0x9}, @NL80211_ATTR_COOKIE={0xc, 0x58, 0x48}, @NL80211_ATTR_COOKIE={0xc, 0x58, 0xa}, @NL80211_ATTR_COOKIE={0xc, 0x58, 0x2e}, @NL80211_ATTR_COOKIE={0xc, 0x58, 0x7c}, @NL80211_ATTR_COOKIE={0xc, 0x58, 0x47}, @NL80211_ATTR_COOKIE={0xc, 0x58, 0x41}, @NL80211_ATTR_COOKIE={0xc, 0x58, 0x46}, @NL80211_ATTR_COOKIE={0xc, 0x58, 0x2}]}, 0xa0}, 0x1, 0x0, 0x0, 0x80}, 0x10) r3 = accept$packet(r0, &(0x7f0000000340)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000380)=0x14) epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r3, &(0x7f00000003c0)={0xa}) sendmsg$NL80211_CMD_ABORT_SCAN(r0, &(0x7f00000004c0)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000480)={&(0x7f0000000440)={0x28, r1, 0x1, 0x70bd2b, 0x25dfdbfc, {{}, {@val={0x8}, @val={0xc, 0x99, {0x80, 0x16}}}}, [""]}, 0x28}, 0x1, 0x0, 0x0, 0x840}, 0x24000000) sendmsg$NL80211_CMD_LEAVE_IBSS(r0, &(0x7f00000005c0)={&(0x7f0000000500)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000580)={&(0x7f0000000540)={0x28, r1, 0x1, 0x70bd27, 0x25dfdbfe, {{}, {@val={0x8}, @val={0xc, 0x99, {0x9, 0x30}}}}}, 0x28}, 0x1, 0x0, 0x0, 0x2a000004}, 0x4040000) r4 = syz_open_procfs(0x0, &(0x7f0000000640)='limits\x00') syz_genetlink_get_family_id$nl80211(&(0x7f0000000600), r4) writev(r0, &(0x7f0000001680)=[{&(0x7f0000000680)="948c5eb0963689e077fd2d749fa48f1270f6fd134c5e5951470e1fb35b2c50719d5a53a429c40922b21659cedd5ce1db918861488d18e060d076c3ac7e5bffc3a63b016b4aa3e380d62edf92ffd2f6a0e8a84aa6e17fc9878e30fc4f81e8887ea09cb8b87d131f5fecbd304fba75f8a8629d24887411829d37bc21e9d47d799673bbc12e7295f2cd7f65ac08242528b02e4db7d947334468ba83c405c0e6010b2d75e32d8d39f7f45cccafb0530357cf58249803386e6a6747390530d64a595e4c357f8875b789f16aa702870a09ac39fd60b012a3ca4a56777dccfff1d223fd02e1746db332d54a4abfef6f519f36015fefa69c4fb1c0b32e3e58c3e0fbf3d2ceb2746801bc4906560756ad83da636de15173eac7974658251f0e18e0ce19f641b04a00b961fdc66456d702493d57ef0f02c327cbec979c408371fc5701db2f672d3d1e0be8d737b30c7c6e498d9d2fbb27406d8abb04f7dd31cac4946e1c03ab217a6cb00f2d3e33db6fdb2ff76bf2bb8cfd1dc1eb09200f0f538fbb867f1cb110586053e2f17c3a13203a2845a3b242cd491f5b3a3bd7a9117fb961840fb9e27c9d8fc294878fd656930c7f6a09e4207ac705a2758fc41367bd5bf7e9a472b65430789083c1fb2a397889ea78aca6f40c31bf02791d47d961c8df89f568711d68b7190d7926eacf62b4b3138dd150915dae6ea6ba8da81cfa8d1325dfe1a766f794eaa2c5bfa8c3ac93bfdb8d54dc36c5266df46a283b899fa7a6e9d179800af370a4d1219943b5167b490263badbb1376cb3f413a13353daebdf3c6b1d764f2f602996e4330a65798766a2d6ab180798bf615c2771e2f92bfc47b4a52032bb19d8d6a4149b7bf40aa6696823818cf9a835c6ca0a61754d528fca088068084c0f3026e2cb0ebc3769dd30eb9d6110a41259e6783443c2f2fec09e9527084aed443893c33fbb120589a37f8c5824f8622c237e0e8b1b16c0d3a614f507e8aa80d8324518c2d47b8244b777d0f0910610dadca58a1221f9b74b224c06640f1f62b63ba354f4479dad866aec04b1a596bfd442fe4c51e1e06d9467749a1498fec5758b3ca89eaee975ccabe1167cae3acbfffbcc590d2c07e2c8dd690a34eca011b54d9c257e5b93e38b27b2b0950a76e0bb05146f1b7711c182156d1c2660bdbd25a51fe6c95eebf2434a3d7e736c7c65f6ccafda56976249bd3d676295a97acb7c01c01da52dc7ea4fd88021181301832e04a06eeb6cc19a022286378219c23c44a8ee28c8d0c5cb2554d907606f780a1036fc127a674e3fa8653432c6cdc83ee23164ce506bf6ce6e6d092b3357c3722db1c34fc7369843cf4d37eda85bd01adc98d48e3cca4ff12fafd60b60faa4377df6f43121e2e48ad6d372fd500c4316683b30877c8e5c0dd7864a91a91651edabd597dd90ccf0ae2d3fcb70146b87135c640493d4e1b83700a0e7dea4f8b8788d7b2db23763c2513228a3cabbef648efb778b501b0857405a51c7e2b6dbe1ad4374501642c634f5ab6bb0a8180728df98d4138d95064773753528faee76f21b6b944cda74717ae68057701c601ad274fae06e759aff5a0edd7d18f5b672df3ff1e9f62a46e1b76792f6c1519a991ef5f3d3d5c2082e22d7164c24e9f25dcbf9a9f89d02c9fb24a0b704914425d7bfa76a39cce14684ccc8c60f070bdedfd461fe438d8c3f326521cbb522af4c6513dd4a0456d8ea432ba2e939b65a6f34557950a363deefb118a181fab756746846b368a4d8bf3fdd194d6706bf105f61b155704eb365ca3e805acd751b729af40495263e99d799a2d27951accb24950dcdb436db728faeeaa18bde1595efc64f7990abd393f087b3e60608aaf8935cc1ff3f6ba0029e7114c0a263a7582cf1d63d97e9e6c9445de073ba5f986f624dafc6fd219721656f7673dcdbead03d93ec3c68a6a83deb885de64792616eeccb9ae5d270c63a7ca1a2e123eb47874de15783948d8e0f7586d9c5438e44a6575c117adafb0742f13919f0a4ed83694b4aaf1af19fc9df6660b5ee68ebf48204b1a23db5741a142378a9ce8a052e719db458aa5163be6033ba071db4fa4bd73ac24ee842e2eb724245acdd2ec470703874317199213ecb2bafb57d3df65a0218c6ed7256e965b752268e1dc2b39c3986dd28a09386d51d03d0c00defc8d6a14eca5d663147e98d600e32e6a1c7899a737f6527aa4c0a6aaf5afedcd03ab421f6e96b86f7879f05b5d36b3dbcda7ba849a09fd8687a9c287e2ccd219728ae39024342c4e86c81c459114d8ea1fa2b0884cdd5c32361262af54627ad747dc3c874354b65cae3d45a754e4aae196f352c29db3029e149fc165684f9e33c75b3293e28c205c709dda4523bbacf71ae3fecbf5e84f112ae0e95d8f7818d65da167e57c23ccb8685eba353d8db9b6ebf5b11e31e84173796e38faf23d3b7ab071e23270f93989c3b59e9a615716eafabbc9d72d3e143dc15b7ad7a716784f47be95a63963f2b1a91bf419527d3553441889f27ef8595dd90b646fed7f356e3d1baa71766b1899ed614615d3636e2d8a4ea85edb3dd3bb1359ec278a339d5d0db7de409a8d4de774db0e9596072a05dcaf20b965e2f1eee9b5f5f4593edb9a5c39a8b07ab51f548b62e01f3bdad27ee0d4421d3f647d8ea2705585dfce3c7e04dc54f9d919b89f9fed4b6d9dfe7b38c8a13b28fc3aedc119e77c4e1283451b6c368c889ebdb6f95824c9b886a449b46e4cedf1a146659eeadd2220232ae752e091ea13a6f248113aad074054e6b5d694faa531144fea5712ec3d62cb0be222dd02e47dc7e045688fed15f315104f7a3f28f6b047f9328252b4ace6f80dab4fdf45214f9844dbb3ee358a8e794610c7278e435a413b030cae47025a24a153c4029c48d50ca2c3b09f7a4d9bea7a57d5c1142575c701002ec5d37471b6454eadd247c24483b9c1f1d9ca8e0072581689a414cb5583b196e00b619dc980fddaf96b7cc0ad183d186075453b285d3b0af6c41fc20682f4be47c1ed332d2b4ca9cefc5ae93eb315d781fd4b5666690e2858e69e739cf02b845d603688310d7bbb7ed41ac099bfa4aa563b0a32c974d65f12c316cb16828c343ea31abcbc8558cdcc4f51dd0225dd84fc670712b334fc04f705a11a26f103247e339d4c6ba2dfcdfdb2c181f895ca9c98845883825765ed89262fc57230ca7e6a0841427e32a34416d561ccd94c7845a3103cf9c092a4f4b633ce112727e75606a4d7931a06821c7e688f63cf7e1de37b6b687c3fd7ee684fb9c3aa7acd5e163d1ec8754fc925f51857a356a66ef08ad3d4646dd5d8cd303969ac2eef8297f7835d54923516eaa76e3849baf4b98663400bff8ae036c6512f11f56f4f95618ae17be9a518a792a948127e913861ab9e9bb907f31690897a341da4a9c46c86d0eaebd962d0aa065b3600c4ef1e1a4e1309387ecc2e382771982df4c4267cb193841c30fe9bf84060ab4c6bd735cba1e0cfa19339e88757d7be90816f1c66a35c376ccc8cf281617a09d35aaaf330a9a2c46b7efada5a1e0896aeedfa8e23739ba67ff0a696059c8159cfa2b8542ff7b3d69ec1f9d9228c67b253b3636e2fb2172070326d1ceb8a07e5481dd1c819700880a3ac17e7f0bc68a1791dc0880f6864f66798cb374bca1145429e31625b02b6961a24bb9a50189024414e53ae9fa182ed88815b55d3741d0f8e8aebb7246e5be5c8e7e30b7b37b1ceec8b940c3fcc9311871e49af919a8a63cb5aca7be269121a5bc9759f92ff786a5c47f4583971ca547f2d89a95bdf375c7bdff93d7e3e88aab579e9d538c08fff4acc1a62cfb12e2e7ac6385d2c1320ed04fea1ec53852208d947595bd7034734cb0e625a3a89e9a2ace4b055253126d41989c012324e355972b332f5f0b9ca60a856f79b2ec507030af3a00856159cdca16f77ba32cdd9c6b0a2ca1b6c64af54708ab94ae0642666e14b8e7f21e058b70430b5994bb4ae8e2792f59218f0810d866234d2cb4dfe3c2df007cab7ceba1b730b065652abf0f95eeb1b12ad394337750810722cd97ccee76c92fe4da43f75960e17a016e544932a8241edfad83a40cdafa2139e8a74f0bd5bf1e99d87a61a5e504b121a1337fe8a035e119df9da442765d587ca08a630d2d1094eb58817c01db2ee6358c445aec8dd0352768c18a0f89acf7bd575b1d60f47af00cfd02ec83905b0d3f923013a1df5b67f137d4242d2744e474dee669df27e6ff0fe704b59b35c46c3f5c925a2ba9ffb40eeaf653478b34e2ca903291132d593dcfc4befcb25876501d931de3f81d711e83fc7adcad17585e46bc651e607bf3ec26bdd1febb047c084ecc123d80a2b2405d6f9aee948735d2c3c97ec1b5ab485770392fa64682155657c6e0259ab28da61d8c05558f96d8929c9ee5260e9f58120bf3e9312da2d6c4069e0a00b80e135b58ab5568329097c47523e05b4c587af3d77f2bd825eaf67cb83971b28acd543f29606391f381ed85a7a8f199f97453a99ebaf4f2ce268d8209a80aec0559e7b596755bc591e71518e04dbb1de301422e6d6939b972be451f3ea215b7acde2531a3881af1b53cd01f0909c44984867a55819add10dadace020a06ff8c257681df2f066eaa791a7a48045c02d94d03449572015fbd11461f0cc5b21bdee8b1cbadcad8c3b3a874ffa24c307504905ba243dfb60a4b2b98351e9799dcf2b3d511b05c5a311dafa2291fb1ed663d0bcba705936fdddb87308858f6a61e15ede8daa7620ce03a2bb5fbc743a83710d4d5b212087759cf6b87127bbf7a3b51313b410fd856e83039d93684ca4905791471f6067a5d36c6ac3ee92b7fc00bc3d47cb19c82e090033e49382330971d33918b4900bb14021bc1a3e652af67b78788ab267e7c32ed6b424f2eb04fa074f862cf88cc90d96cb425726117863496edc6072022dbf00e46946ddf7f07e6f2208c6cfcbf0a1deabfd7b9edf1c03d88ace9b96893341f3e1f8737324ba3946a0dba350b6c37b0836f85a800afd448b6ee661d396cfe338b6e47be3edc6321d07cd363a1d8abcdc5474304813f347c4417e3ebc3947bb4da38726f7caafc7e02bb1a99d520986010cc52740e697c434792e70b80b5ef8ac32467bb1352e9293831434726aa6c20099292a106195a608b302d46f3360e835407e6c4e5593725989bcc252767cda955a335b6e28450dd87851bc7b25376154cca4de111adf4fd81c16f1dd322d6b286d68553a090ea11bcb7e61e32678cc06a92b29a3683f1948dc626e1bd327166641b0e1813354e5aa12d06762be077e5429f44bc37d73a6790e34541fbf8a206c834318aea97b978987dede1ab261f6dafdd41c43f959ab2d782213d63064d29110c4614ba3cf3ad807066a2eba1e2937514569ac1e0fd8f6699efa94ca7d637edfe2d8ddd7d7f78d87c5af8944460c5be7a8313238b48f9c5c89d5d40442e58c4b412417286b1fc0b28329b780527070b89e6cdbc12c57e1c95952ba0f2b74e47d56b86c8d905050721e30ff4f08330d4b1079243524ad0641b8bd08ad3ec19ce809f1ce27df214174c71ded683c2fec705455fd59372b71a9351c2cc46c353f1d3fad63a085413126fa94ac5352fb6edb18c811be3382222918d99313bdee690d519c415f5fe2ce5bf0168f0968859969ef4449dde7e54d3b59efc7da63daeaceede2ee8b697462b655ff7dd7ed8320a077d69ae1b2fd6ac2a0837e1673b218971802817eefc5139602e48bbe0393b94535b74c409dd67a5e3", 0x1000}], 0x1) ioctl$PERF_EVENT_IOC_DISABLE(r4, 0x2401, 0x2) r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000001700), r0) sendmsg$NL80211_CMD_FRAME(r0, &(0x7f00000017c0)={&(0x7f00000016c0)={0x10, 0x0, 0x0, 0x4000800}, 0xc, &(0x7f0000001780)={&(0x7f0000001740)={0x2c, r5, 0x400, 0x70bd27, 0x25dfdbff, {{}, {@val={0x8}, @val={0xc, 0x99, {0x4, 0x2a}}}}, [@NL80211_ATTR_OFFCHANNEL_TX_OK={0x4}]}, 0x2c}, 0x1, 0x0, 0x0, 0x4008804}, 0x10) ioctl$FITRIM(r0, 0xc0185879, &(0x7f0000001800)={0x2, 0xab1, 0x3f}) ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(r4, 0xc0189378, &(0x7f0000001840)={{0x1, 0x1, 0x18, r0, {r3}}, './file0\x00'}) r7 = syz_genetlink_get_family_id$nl80211(&(0x7f00000018c0), r0) sendmsg$NL80211_CMD_REGISTER_FRAME(r6, &(0x7f0000001980)={&(0x7f0000001880)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000001940)={&(0x7f0000001900)={0x34, r7, 0x910, 0x70bd26, 0x25dfdbfe, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0xf, 0x5b, "b6ac09838a186041eb7b2c"}, @NL80211_ATTR_FRAME_TYPE={0x6, 0x65, 0x81}]}, 0x34}, 0x1, 0x0, 0x0, 0x4840}, 0xc0) ioctl$BTRFS_IOC_INO_LOOKUP(0xffffffffffffffff, 0xd0009412, &(0x7f0000001a00)={0x0, 0x1}) [ 67.235262] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 67.237476] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 67.239595] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 67.241752] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 67.244547] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 67.246999] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 67.247963] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 67.248270] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 67.257125] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 67.260677] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 67.261882] Bluetooth: hci2: HCI_REQ-0x0c1a [ 67.268682] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 67.272093] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 67.273323] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 67.275655] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 67.278622] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 67.278974] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 67.282925] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 67.284529] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 67.286823] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 67.293306] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 67.294673] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 67.295836] Bluetooth: hci0: HCI_REQ-0x0c1a [ 67.300908] Bluetooth: hci3: HCI_REQ-0x0c1a [ 67.301836] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 67.304045] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 67.307329] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 67.311898] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 67.321386] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 67.328709] Bluetooth: hci4: HCI_REQ-0x0c1a [ 67.341657] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 67.359067] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 67.362103] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 67.364069] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 67.370705] Bluetooth: hci1: HCI_REQ-0x0c1a [ 67.377345] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 67.379440] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 67.380993] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 67.383636] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 67.385632] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 67.387110] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 67.391354] Bluetooth: hci7: HCI_REQ-0x0c1a [ 67.392235] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 67.393145] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 67.393501] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 67.402465] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 67.404379] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 67.405664] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 67.407054] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 67.409700] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 67.411569] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 67.412857] Bluetooth: hci6: HCI_REQ-0x0c1a [ 67.416979] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 67.438517] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 67.441326] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 67.452487] Bluetooth: hci5: HCI_REQ-0x0c1a [ 69.299193] Bluetooth: hci2: command 0x0409 tx timeout [ 69.362934] Bluetooth: hci4: command 0x0409 tx timeout [ 69.363874] Bluetooth: hci3: command 0x0409 tx timeout [ 69.364630] Bluetooth: hci0: command 0x0409 tx timeout [ 69.426834] Bluetooth: hci6: command 0x0409 tx timeout [ 69.428018] Bluetooth: hci7: command 0x0409 tx timeout [ 69.429588] Bluetooth: hci1: command 0x0409 tx timeout [ 69.490978] Bluetooth: hci5: command 0x0409 tx timeout [ 71.347075] Bluetooth: hci2: command 0x041b tx timeout [ 71.410910] Bluetooth: hci0: command 0x041b tx timeout [ 71.411768] Bluetooth: hci3: command 0x041b tx timeout [ 71.412525] Bluetooth: hci4: command 0x041b tx timeout [ 71.474908] Bluetooth: hci1: command 0x041b tx timeout [ 71.475691] Bluetooth: hci7: command 0x041b tx timeout [ 71.477014] Bluetooth: hci6: command 0x041b tx timeout [ 71.538814] Bluetooth: hci5: command 0x041b tx timeout [ 73.394799] Bluetooth: hci2: command 0x040f tx timeout [ 73.458868] Bluetooth: hci4: command 0x040f tx timeout [ 73.459628] Bluetooth: hci3: command 0x040f tx timeout [ 73.460503] Bluetooth: hci0: command 0x040f tx timeout [ 73.523015] Bluetooth: hci6: command 0x040f tx timeout [ 73.523836] Bluetooth: hci7: command 0x040f tx timeout [ 73.524544] Bluetooth: hci1: command 0x040f tx timeout [ 73.586837] Bluetooth: hci5: command 0x040f tx timeout [ 75.442833] Bluetooth: hci2: command 0x0419 tx timeout [ 75.506926] Bluetooth: hci0: command 0x0419 tx timeout [ 75.507785] Bluetooth: hci3: command 0x0419 tx timeout [ 75.508522] Bluetooth: hci4: command 0x0419 tx timeout [ 75.570912] Bluetooth: hci1: command 0x0419 tx timeout [ 75.571683] Bluetooth: hci7: command 0x0419 tx timeout [ 75.572470] Bluetooth: hci6: command 0x0419 tx timeout [ 75.634866] Bluetooth: hci5: command 0x0419 tx timeout 12:36:15 executing program 7: connect$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x4e21, 0x0, @dev={0xfe, 0x80, '\x00', 0x16}, 0x9}, 0x1c) r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x4e23, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x2}, 0x1c) r1 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f00000000c0)={0x0, 0x1}, 0x4) r2 = socket$packet(0x11, 0x2, 0x300) setsockopt$packet_fanout(r2, 0x107, 0x12, &(0x7f00000000c0), 0x4) mount$9p_fd(0x0, 0x0, &(0x7f0000000040), 0x160140, &(0x7f0000000300)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX, @ANYRES32=r2, @ANYRES32=r1, @ANYBLOB="008e000000000000ef182f011300000000000100000000000000d9ba2df1c5be4187aa1820c9b7f065e115641e59b22c3d6c59e2acae2f1056ede64780cbdedb206e7b9653667a3e382ff04cbcd76b8c8597d92d479ff7764e172294fa71c1e62c44994f3948b145b8c09dcf68a0f9962120d86278fd300987f51966e001f7936074de084ebab074041e7602f7f3fe967fa9a03bb58ed69f8c43c1f1424774f36ba32e6264b941acb96cf7ff1e38c2d60b1f8c068f5ffdca4000173766ad63a60ae7af8604c628fbb6ff48d5d76be08b3714844a4ee349a5f133a856f499868f109297aa786df3d747fa32018ccd5260dba682cc00ba40a54db76ed96683c0b316607c25"]) syz_open_procfs(0xffffffffffffffff, &(0x7f0000002480)='fd/3\x00') open(0x0, 0x40, 0x5e) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendmsg$netlink(0xffffffffffffffff, &(0x7f000000c340)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000140)={0x24, 0x66, 0xe21, 0x0, 0x0, "", [@generic="8e274d9475aab6f2cc4ee871c650108390"]}, 0x24}], 0x1}, 0x0) setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, &(0x7f0000000180)={0x4, 0x7}, 0x4) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) [ 119.422395] audit: type=1400 audit(1664714175.885:7): avc: denied { open } for pid=3845 comm="syz-executor.7" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 [ 119.423958] audit: type=1400 audit(1664714175.885:8): avc: denied { kernel } for pid=3845 comm="syz-executor.7" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 [ 119.433159] ------------[ cut here ]------------ [ 119.433178] [ 119.433181] ====================================================== [ 119.433184] WARNING: possible circular locking dependency detected [ 119.433189] 6.0.0-rc7-next-20220930 #1 Not tainted [ 119.433195] ------------------------------------------------------ [ 119.433198] syz-executor.7/3847 is trying to acquire lock: [ 119.433204] ffffffff853faab8 ((console_sem).lock){....}-{2:2}, at: down_trylock+0xe/0x70 [ 119.433243] [ 119.433243] but task is already holding lock: [ 119.433247] ffff88803f7e9020 (&ctx->lock){....}-{2:2}, at: __perf_event_task_sched_out+0x53b/0x18d0 [ 119.433273] [ 119.433273] which lock already depends on the new lock. [ 119.433273] [ 119.433276] [ 119.433276] the existing dependency chain (in reverse order) is: [ 119.433279] [ 119.433279] -> #3 (&ctx->lock){....}-{2:2}: [ 119.433293] _raw_spin_lock+0x2a/0x40 [ 119.433304] __perf_event_task_sched_out+0x53b/0x18d0 [ 119.433315] __schedule+0xedd/0x2470 [ 119.433329] schedule+0xda/0x1b0 [ 119.433342] exit_to_user_mode_prepare+0x114/0x1a0 [ 119.433355] syscall_exit_to_user_mode+0x19/0x40 [ 119.433368] do_syscall_64+0x48/0x90 [ 119.433385] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 119.433398] [ 119.433398] -> #2 (&rq->__lock){-.-.}-{2:2}: [ 119.433411] _raw_spin_lock_nested+0x30/0x40 [ 119.433421] raw_spin_rq_lock_nested+0x1e/0x30 [ 119.433437] task_fork_fair+0x63/0x4d0 [ 119.433454] sched_cgroup_fork+0x3d0/0x540 [ 119.433468] copy_process+0x4183/0x6e20 [ 119.433478] kernel_clone+0xe7/0x890 [ 119.433488] user_mode_thread+0xad/0xf0 [ 119.433498] rest_init+0x24/0x250 [ 119.433509] arch_call_rest_init+0xf/0x14 [ 119.433527] start_kernel+0x4c6/0x4eb [ 119.433542] secondary_startup_64_no_verify+0xe0/0xeb [ 119.433556] [ 119.433556] -> #1 (&p->pi_lock){-.-.}-{2:2}: [ 119.433569] _raw_spin_lock_irqsave+0x39/0x60 [ 119.433580] try_to_wake_up+0xab/0x1930 [ 119.433593] up+0x75/0xb0 [ 119.433607] __up_console_sem+0x6e/0x80 [ 119.433622] console_unlock+0x46a/0x590 [ 119.433638] vt_ioctl+0x2822/0x2ca0 [ 119.433650] tty_ioctl+0x785/0x16b0 [ 119.433661] __x64_sys_ioctl+0x19a/0x210 [ 119.433674] do_syscall_64+0x3b/0x90 [ 119.433691] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 119.433703] [ 119.433703] -> #0 ((console_sem).lock){....}-{2:2}: [ 119.433716] __lock_acquire+0x2a02/0x5e70 [ 119.433733] lock_acquire+0x1a2/0x530 [ 119.433749] _raw_spin_lock_irqsave+0x39/0x60 [ 119.433759] down_trylock+0xe/0x70 [ 119.433774] __down_trylock_console_sem+0x3b/0xd0 [ 119.433790] vprintk_emit+0x16b/0x560 [ 119.433805] vprintk+0x84/0xa0 [ 119.433821] _printk+0xba/0xf1 [ 119.433833] report_bug.cold+0x72/0xab [ 119.433848] handle_bug+0x3c/0x70 [ 119.433865] exc_invalid_op+0x14/0x50 [ 119.433881] asm_exc_invalid_op+0x16/0x20 [ 119.433893] group_sched_out.part.0+0x2c7/0x460 [ 119.433911] ctx_sched_out+0x8f1/0xc10 [ 119.433927] __perf_event_task_sched_out+0x6d0/0x18d0 [ 119.433938] __schedule+0xedd/0x2470 [ 119.433952] schedule+0xda/0x1b0 [ 119.433965] exit_to_user_mode_prepare+0x114/0x1a0 [ 119.433975] syscall_exit_to_user_mode+0x19/0x40 [ 119.433987] do_syscall_64+0x48/0x90 [ 119.434004] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 119.434016] [ 119.434016] other info that might help us debug this: [ 119.434016] [ 119.434018] Chain exists of: [ 119.434018] (console_sem).lock --> &rq->__lock --> &ctx->lock [ 119.434018] [ 119.434033] Possible unsafe locking scenario: [ 119.434033] [ 119.434036] CPU0 CPU1 [ 119.434038] ---- ---- [ 119.434040] lock(&ctx->lock); [ 119.434046] lock(&rq->__lock); [ 119.434053] lock(&ctx->lock); [ 119.434059] lock((console_sem).lock); [ 119.434064] [ 119.434064] *** DEADLOCK *** [ 119.434064] [ 119.434066] 2 locks held by syz-executor.7/3847: [ 119.434073] #0: ffff88806cf37e98 (&rq->__lock){-.-.}-{2:2}, at: __schedule+0x1cf/0x2470 [ 119.434102] #1: ffff88803f7e9020 (&ctx->lock){....}-{2:2}, at: __perf_event_task_sched_out+0x53b/0x18d0 [ 119.434128] [ 119.434128] stack backtrace: [ 119.434130] CPU: 1 PID: 3847 Comm: syz-executor.7 Not tainted 6.0.0-rc7-next-20220930 #1 [ 119.434143] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 119.434151] Call Trace: [ 119.434154] [ 119.434158] dump_stack_lvl+0x8b/0xb3 [ 119.434176] check_noncircular+0x263/0x2e0 [ 119.434192] ? format_decode+0x26c/0xb50 [ 119.434208] ? print_circular_bug+0x450/0x450 [ 119.434225] ? simple_strtoul+0x30/0x30 [ 119.434239] ? __lockdep_reset_lock+0x180/0x180 [ 119.434262] ? format_decode+0x26c/0xb50 [ 119.434279] ? alloc_chain_hlocks+0x1ec/0x5a0 [ 119.434296] __lock_acquire+0x2a02/0x5e70 [ 119.434317] ? lockdep_hardirqs_on_prepare+0x410/0x410 [ 119.434340] lock_acquire+0x1a2/0x530 [ 119.434356] ? down_trylock+0xe/0x70 [ 119.434373] ? lock_release+0x750/0x750 [ 119.434389] ? lockdep_hardirqs_on_prepare+0x410/0x410 [ 119.434410] ? vprintk+0x84/0xa0 [ 119.434428] _raw_spin_lock_irqsave+0x39/0x60 [ 119.434439] ? down_trylock+0xe/0x70 [ 119.434455] down_trylock+0xe/0x70 [ 119.434470] ? vprintk+0x84/0xa0 [ 119.434487] __down_trylock_console_sem+0x3b/0xd0 [ 119.434504] vprintk_emit+0x16b/0x560 [ 119.434521] ? lock_downgrade+0x6d0/0x6d0 [ 119.434539] vprintk+0x84/0xa0 [ 119.434556] _printk+0xba/0xf1 [ 119.434567] ? record_print_text.cold+0x16/0x16 [ 119.434581] ? hrtimer_try_to_cancel+0x163/0x2c0 [ 119.434595] ? lock_downgrade+0x6d0/0x6d0 [ 119.434612] ? report_bug.cold+0x66/0xab [ 119.434630] ? group_sched_out.part.0+0x2c7/0x460 [ 119.434648] report_bug.cold+0x72/0xab [ 119.434666] handle_bug+0x3c/0x70 [ 119.434684] exc_invalid_op+0x14/0x50 [ 119.434702] asm_exc_invalid_op+0x16/0x20 [ 119.434714] RIP: 0010:group_sched_out.part.0+0x2c7/0x460 [ 119.434734] Code: 5e 41 5f e9 8b ae ef ff e8 86 ae ef ff 65 8b 1d 0b 18 ac 7e 31 ff 89 de e8 26 ab ef ff 85 db 0f 84 8a 00 00 00 e8 69 ae ef ff <0f> 0b e9 a5 fe ff ff e8 5d ae ef ff 48 8d 7d 10 48 b8 00 00 00 00 [ 119.434745] RSP: 0018:ffff888040257c48 EFLAGS: 00010006 [ 119.434754] RAX: 0000000040000002 RBX: 0000000000000000 RCX: 0000000000000000 [ 119.434762] RDX: ffff888040248000 RSI: ffffffff81565dc7 RDI: 0000000000000005 [ 119.434769] RBP: ffff88803f8d0000 R08: 0000000000000005 R09: 0000000000000001 [ 119.434777] R10: 0000000000000000 R11: 0000000000000001 R12: ffff88803f7e9000 [ 119.434784] R13: ffff88806cf3d2c0 R14: ffffffff8547c960 R15: 0000000000000002 [ 119.434795] ? group_sched_out.part.0+0x2c7/0x460 [ 119.434815] ? group_sched_out.part.0+0x2c7/0x460 [ 119.434834] ctx_sched_out+0x8f1/0xc10 [ 119.434853] __perf_event_task_sched_out+0x6d0/0x18d0 [ 119.434867] ? lock_is_held_type+0xd7/0x130 [ 119.434881] ? __perf_cgroup_move+0x160/0x160 [ 119.434891] ? set_next_entity+0x304/0x550 [ 119.434909] ? update_curr+0x267/0x740 [ 119.434927] ? lock_is_held_type+0xd7/0x130 [ 119.434941] __schedule+0xedd/0x2470 [ 119.434958] ? io_schedule_timeout+0x150/0x150 [ 119.434974] ? __x64_sys_futex_time32+0x480/0x480 [ 119.434988] schedule+0xda/0x1b0 [ 119.435003] exit_to_user_mode_prepare+0x114/0x1a0 [ 119.435015] syscall_exit_to_user_mode+0x19/0x40 [ 119.435029] do_syscall_64+0x48/0x90 [ 119.435046] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 119.435059] RIP: 0033:0x7f2e30a1cb19 [ 119.435067] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 119.435078] RSP: 002b:00007f2e2df92218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 119.435089] RAX: 0000000000000001 RBX: 00007f2e30b2ff68 RCX: 00007f2e30a1cb19 [ 119.435096] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f2e30b2ff6c [ 119.435103] RBP: 00007f2e30b2ff60 R08: 000000000000000e R09: 0000000000000000 [ 119.435110] R10: 0000000000000006 R11: 0000000000000246 R12: 00007f2e30b2ff6c [ 119.435117] R13: 00007ffdf8dc393f R14: 00007f2e2df92300 R15: 0000000000022000 [ 119.435130] [ 119.492322] WARNING: CPU: 1 PID: 3847 at kernel/events/core.c:2309 group_sched_out.part.0+0x2c7/0x460 [ 119.493024] Modules linked in: [ 119.493280] CPU: 1 PID: 3847 Comm: syz-executor.7 Not tainted 6.0.0-rc7-next-20220930 #1 [ 119.493914] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 119.494748] RIP: 0010:group_sched_out.part.0+0x2c7/0x460 [ 119.495157] Code: 5e 41 5f e9 8b ae ef ff e8 86 ae ef ff 65 8b 1d 0b 18 ac 7e 31 ff 89 de e8 26 ab ef ff 85 db 0f 84 8a 00 00 00 e8 69 ae ef ff <0f> 0b e9 a5 fe ff ff e8 5d ae ef ff 48 8d 7d 10 48 b8 00 00 00 00 [ 119.496488] RSP: 0018:ffff888040257c48 EFLAGS: 00010006 [ 119.496881] RAX: 0000000040000002 RBX: 0000000000000000 RCX: 0000000000000000 [ 119.497416] RDX: ffff888040248000 RSI: ffffffff81565dc7 RDI: 0000000000000005 [ 119.497949] RBP: ffff88803f8d0000 R08: 0000000000000005 R09: 0000000000000001 [ 119.498489] R10: 0000000000000000 R11: 0000000000000001 R12: ffff88803f7e9000 [ 119.499014] R13: ffff88806cf3d2c0 R14: ffffffff8547c960 R15: 0000000000000002 [ 119.499537] FS: 00007f2e2df92700(0000) GS:ffff88806cf00000(0000) knlGS:0000000000000000 [ 119.500132] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 119.500561] CR2: 000056062f57d080 CR3: 000000001b3ae000 CR4: 0000000000350ee0 [ 119.501085] Call Trace: [ 119.501278] [ 119.501452] ctx_sched_out+0x8f1/0xc10 [ 119.501756] __perf_event_task_sched_out+0x6d0/0x18d0 [ 119.502169] ? lock_is_held_type+0xd7/0x130 [ 119.502525] ? __perf_cgroup_move+0x160/0x160 [ 119.502881] ? set_next_entity+0x304/0x550 [ 119.503230] ? update_curr+0x267/0x740 [ 119.503552] ? lock_is_held_type+0xd7/0x130 [ 119.503891] __schedule+0xedd/0x2470 [ 119.504180] ? io_schedule_timeout+0x150/0x150 [ 119.504530] ? __x64_sys_futex_time32+0x480/0x480 [ 119.504891] schedule+0xda/0x1b0 [ 119.505157] exit_to_user_mode_prepare+0x114/0x1a0 [ 119.505524] syscall_exit_to_user_mode+0x19/0x40 [ 119.505882] do_syscall_64+0x48/0x90 [ 119.506166] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 119.506561] RIP: 0033:0x7f2e30a1cb19 [ 119.506837] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 119.508165] RSP: 002b:00007f2e2df92218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 119.508731] RAX: 0000000000000001 RBX: 00007f2e30b2ff68 RCX: 00007f2e30a1cb19 [ 119.509261] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f2e30b2ff6c [ 119.509790] RBP: 00007f2e30b2ff60 R08: 000000000000000e R09: 0000000000000000 [ 119.510319] R10: 0000000000000006 R11: 0000000000000246 R12: 00007f2e30b2ff6c [ 119.510848] R13: 00007ffdf8dc393f R14: 00007f2e2df92300 R15: 0000000000022000 [ 119.511381] [ 119.511557] irq event stamp: 1388 [ 119.511819] hardirqs last enabled at (1387): [] exit_to_user_mode_prepare+0x109/0x1a0 [ 119.512564] hardirqs last disabled at (1388): [] __schedule+0x1225/0x2470 [ 119.513226] softirqs last enabled at (814): [] __irq_exit_rcu+0x11b/0x180 [ 119.513888] softirqs last disabled at (751): [] __irq_exit_rcu+0x11b/0x180 [ 119.514515] ---[ end trace 0000000000000000 ]--- 12:36:15 executing program 2: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext={0x0, 0xa202}, 0x2780, 0xfa2d, 0x0, 0x6, 0x0, 0x0, 0x1}, 0x0, 0x2, 0xffffffffffffffff, 0x0) write$selinux_attr(0xffffffffffffffff, &(0x7f0000000000)='/usr/sbin/cups-browsed\x00', 0x17) poll(0x0, 0x0, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) r1 = openat$sr(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(0xffffffffffffffff, 0x40086602, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000000)={'rose0\x00'}) sendmsg$IPCTNL_MSG_EXP_GET(r1, 0x0, 0x180) close_range(r0, 0xffffffffffffffff, 0x0) 12:36:16 executing program 2: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext={0x0, 0xa202}, 0x2780, 0xfa2d, 0x0, 0x6, 0x0, 0x0, 0x1}, 0x0, 0x2, 0xffffffffffffffff, 0x0) write$selinux_attr(0xffffffffffffffff, &(0x7f0000000000)='/usr/sbin/cups-browsed\x00', 0x17) poll(0x0, 0x0, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) r1 = openat$sr(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(0xffffffffffffffff, 0x40086602, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000000)={'rose0\x00'}) sendmsg$IPCTNL_MSG_EXP_GET(r1, 0x0, 0x180) close_range(r0, 0xffffffffffffffff, 0x0) 12:36:16 executing program 2: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext={0x0, 0xa202}, 0x2780, 0xfa2d, 0x0, 0x6, 0x0, 0x0, 0x1}, 0x0, 0x2, 0xffffffffffffffff, 0x0) write$selinux_attr(0xffffffffffffffff, &(0x7f0000000000)='/usr/sbin/cups-browsed\x00', 0x17) poll(0x0, 0x0, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) r1 = openat$sr(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(0xffffffffffffffff, 0x40086602, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000000)={'rose0\x00'}) sendmsg$IPCTNL_MSG_EXP_GET(r1, 0x0, 0x180) close_range(r0, 0xffffffffffffffff, 0x0) 12:36:16 executing program 2: r0 = perf_event_open$cgroup(&(0x7f00000000c0)={0x2, 0x80, 0xc0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_SET_FILTER(r0, 0x40082406, &(0x7f0000000080)='(\x00') r1 = getpid() ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(0xffffffffffffffff, 0xc018937e, &(0x7f0000000040)={{0x1, 0x1, 0x18, r0}, './file0\x00'}) perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xff, 0x20, 0xe1, 0x7f, 0x0, 0x1, 0x401, 0x3, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x3a, 0x0, @perf_bp, 0x1206, 0x4, 0x200, 0x9, 0xcc01, 0x8, 0xec5d, 0x0, 0x6, 0x0, 0x3b47d495}, r1, 0xb, r2, 0x1) [ 119.971867] audit: type=1400 audit(1664714176.434:9): avc: denied { write } for pid=3895 comm="syz-executor.2" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 12:36:16 executing program 2: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r0 = creat(&(0x7f0000000040)='./file0\x00', 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) r2 = creat(&(0x7f0000000040)='./file0\x00', 0x0) pwrite64(r1, &(0x7f0000000080)="ee35", 0x2, 0xfff) pwrite64(r2, &(0x7f0000000140)="c0", 0x1, 0x0) ioctl$EXT4_IOC_ALLOC_DA_BLKS(r0, 0x660c) ioctl$BTRFS_IOC_SCRUB(r0, 0xc400941b, &(0x7f0000000440)={0x0, 0x0, 0xfb37, 0x1}) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) sendmmsg$inet6(r3, &(0x7f0000000bc0)=[{{&(0x7f0000000400)={0xa, 0x4e20, 0x0, @loopback, 0x3f5c}, 0x1c, 0x0, 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="1400000000000000290000000b000000000000030000000018000000000097e0738ba172b60000290000000400000000000000000000001800000000000000290000003700"/79], 0x48}}], 0x1, 0x0) ioctl$EXT4_IOC_MOVE_EXT(r3, 0xc028660f, &(0x7f0000000000)={0x0, r0, 0x200000000003}) r4 = syz_open_dev$vcsa(&(0x7f0000000200), 0x53, 0x100) sendmsg$BATADV_CMD_TP_METER_CANCEL(r4, &(0x7f0000000300)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f00000002c0)={&(0x7f0000000280)={0x40, 0x0, 0x108, 0x70bd26, 0x25dfdbfc, {}, [@BATADV_ATTR_BRIDGE_LOOP_AVOIDANCE_ENABLED={0x5, 0x2e, 0x1}, @BATADV_ATTR_ORIG_ADDRESS={0xa, 0x9, @multicast}, @BATADV_ATTR_NETWORK_CODING_ENABLED={0x5, 0x38, 0x1}, @BATADV_ATTR_GW_MODE={0x5}, @BATADV_ATTR_GW_BANDWIDTH_UP={0x8}]}, 0x40}, 0x1, 0x0, 0x0, 0x4004}, 0x0) 12:36:16 executing program 6: ioctl$KDGETMODE(0xffffffffffffffff, 0x4b3b, &(0x7f0000000000)) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000040)) r0 = open(&(0x7f0000000080)='./file0\x00', 0x1a5103, 0x0) ioctl$TIOCGSOFTCAR(r0, 0x5419, &(0x7f00000000c0)) ioctl$FICLONE(r0, 0x40049409, r0) ioctl$VT_SETMODE(r0, 0x5602, &(0x7f0000000100)={0x98, 0x80, 0x80, 0x1, 0x800}) ioctl$TIOCMBIS(r0, 0x5416, &(0x7f0000000140)=0x4) r1 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000180), 0x4102, 0x0) preadv(r1, &(0x7f0000000580)=[{&(0x7f00000001c0)=""/245, 0xf5}, {&(0x7f00000002c0)=""/182, 0xb6}, {&(0x7f0000000380)=""/79, 0x4f}, {&(0x7f0000000400)=""/95, 0x5f}, {&(0x7f0000000480)=""/217, 0xd9}], 0x5, 0x9, 0x0) r2 = getpid() r3 = perf_event_open(&(0x7f0000000600)={0x2, 0x80, 0xf2, 0x3f, 0x4, 0x1, 0x0, 0x8, 0x44000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x3, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, @perf_config_ext={0x6, 0x8001}, 0x10010, 0xfffffffffffff063, 0x2, 0x5, 0xec5, 0x2, 0x1, 0x0, 0xffff, 0x0, 0x3}, r2, 0x0, r0, 0x2) r4 = syz_open_dev$vcsa(&(0x7f0000000680), 0x4000000000000, 0x40000) ioctl$TIOCL_GETMOUSEREPORTING(r4, 0x541c, &(0x7f00000006c0)) ioctl$TIOCL_GETSHIFTSTATE(0xffffffffffffffff, 0x541c, &(0x7f0000000700)={0x6, 0xfa}) ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000740)={r4, 0xe240, 0x8, 0xfffe}) ioctl$KIOCSOUND(r5, 0x4b2f, 0x2) ioctl$BTRFS_IOC_GET_FEATURES(r3, 0x80189439, &(0x7f0000000780)) r6 = syz_open_dev$hidraw(&(0x7f0000000800), 0xffffffff, 0x4440) copy_file_range(r3, &(0x7f00000007c0)=0x1, r6, &(0x7f0000000840)=0x4, 0x1, 0x0) sendmsg$DEVLINK_CMD_SB_OCC_MAX_CLEAR(r5, &(0x7f0000000980)={&(0x7f0000000880)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000940)={&(0x7f00000008c0)={0x64, 0x0, 0x1, 0x70bd2b, 0x25dfdbfb, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0xb, 0xf8}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0xb, 0x236}}]}, 0x64}, 0x1, 0x0, 0x0, 0x1}, 0x200040c0) 12:36:16 executing program 6: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0xa) sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x73) pipe2(&(0x7f0000000040)={0xffffffffffffffff}, 0x106000) perf_event_open(&(0x7f00000001c0)={0x4, 0x80, 0x5, 0x45, 0x9, 0xbc, 0x0, 0xc0ed, 0x410, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x8, 0x4, @perf_config_ext={0x1f, 0x1}, 0x2a40, 0x0, 0x7, 0x6, 0x80000000, 0xfffffffb, 0x101, 0x0, 0xdd13, 0x0, 0x55}, 0xffffffffffffffff, 0x9, r1, 0x3) syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) read(0xffffffffffffffff, 0x0, 0x0) r2 = fcntl$getown(r0, 0x9) getpriority(0x2, r2) openat$hpet(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) VM DIAGNOSIS: 12:36:16 Registers: info registers vcpu 0 RAX=fffff940000daf8e RBX=fffff940000daf8f RCX=ffffffff8167b83b RDX=0000000000000001 RSI=0000000000000004 RDI=ffffea00006d7c74 RBP=fffff940000daf8e RSP=ffff888040237aa0 R8 =0000000000000000 R9 =ffffea00006d7c77 R10=fffff940000daf8e R11=0000000000000001 R12=ffffea00006d7c74 R13=0000000000000000 R14=0000000000002017 R15=ffffea00006d7c40 RIP=ffffffff81787699 RFL=00000283 [--S---C] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 0000000000000000 00000000 00000000 GS =0000 ffff88806ce00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007ff309dcd028 CR3=00000000400f6000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 YMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM01=0000000000000000 0000000000000000 ffffffffffffffff ffffffffffffffff YMM02=0000000000000000 0000000000000000 00524f5252450040 0000000000000000 YMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM04=0000000000000000 0000000000000000 0000000000000000 00000000000000ff YMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM06=0000000000000000 0000000000000000 0000000000000000 000000524f525245 YMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM08=0000000000000000 0000000000000000 0000000000000000 00524f5252450040 YMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 RAX=0000000000000031 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff823bb0f1 RDI=ffffffff8765a9a0 RBP=ffffffff8765a960 RSP=ffff888040257690 R8 =0000000000000001 R9 =000000000000000a R10=0000000000000031 R11=0000000000000001 R12=0000000000000031 R13=ffffffff8765a960 R14=0000000000000010 R15=ffffffff823bb0e0 RIP=ffffffff823bb149 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 00007f2e2df92700 00000000 00000000 GS =0000 ffff88806cf00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=000056062f57d080 CR3=000000001b3ae000 CR4=00350ee0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 YMM00=0000000000000000 0000000000000000 0000000000000000 00000000000000ff YMM01=0000000000000000 0000000000000000 2525252525252525 2525252525252525 YMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM04=0000000000000000 0000000000000000 0000000000000000 00000000000000ff YMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM06=0000000000000000 0000000000000000 0000000000000000 000000524f525245 YMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM08=0000000000000000 0000000000000000 0000000000000000 00524f5252450040 YMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000