Warning: Permanently added '[localhost]:24387' (ECDSA) to the list of known hosts. 2022/10/02 18:56:24 fuzzer started 2022/10/02 18:56:25 dialing manager at localhost:35095 syzkaller login: [ 45.411700] cgroup: Unknown subsys name 'net' [ 45.520747] cgroup: Unknown subsys name 'rlimit' 2022/10/02 18:56:40 syscalls: 2215 2022/10/02 18:56:40 code coverage: enabled 2022/10/02 18:56:40 comparison tracing: enabled 2022/10/02 18:56:40 extra coverage: enabled 2022/10/02 18:56:40 setuid sandbox: enabled 2022/10/02 18:56:40 namespace sandbox: enabled 2022/10/02 18:56:40 Android sandbox: enabled 2022/10/02 18:56:40 fault injection: enabled 2022/10/02 18:56:40 leak checking: enabled 2022/10/02 18:56:40 net packet injection: enabled 2022/10/02 18:56:40 net device setup: enabled 2022/10/02 18:56:40 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2022/10/02 18:56:40 devlink PCI setup: PCI device 0000:00:10.0 is not available 2022/10/02 18:56:40 USB emulation: enabled 2022/10/02 18:56:40 hci packet injection: enabled 2022/10/02 18:56:40 wifi device emulation: failed to parse kernel version (6.0.0-rc7-next-20220930) 2022/10/02 18:56:40 802.15.4 emulation: enabled 2022/10/02 18:56:40 fetching corpus: 50, signal 23963/25794 (executing program) 2022/10/02 18:56:41 fetching corpus: 100, signal 36857/40325 (executing program) 2022/10/02 18:56:41 fetching corpus: 150, signal 42548/47645 (executing program) 2022/10/02 18:56:41 fetching corpus: 200, signal 49480/56098 (executing program) 2022/10/02 18:56:41 fetching corpus: 250, signal 55536/63552 (executing program) 2022/10/02 18:56:41 fetching corpus: 300, signal 58639/68151 (executing program) 2022/10/02 18:56:41 fetching corpus: 350, signal 62827/73668 (executing program) 2022/10/02 18:56:41 fetching corpus: 400, signal 67999/80083 (executing program) 2022/10/02 18:56:41 fetching corpus: 450, signal 70308/83790 (executing program) 2022/10/02 18:56:41 fetching corpus: 500, signal 72710/87498 (executing program) 2022/10/02 18:56:42 fetching corpus: 550, signal 76206/92225 (executing program) 2022/10/02 18:56:42 fetching corpus: 600, signal 80112/97327 (executing program) 2022/10/02 18:56:42 fetching corpus: 650, signal 84144/102419 (executing program) 2022/10/02 18:56:42 fetching corpus: 700, signal 86940/106325 (executing program) 2022/10/02 18:56:42 fetching corpus: 750, signal 91571/111871 (executing program) 2022/10/02 18:56:42 fetching corpus: 800, signal 93872/115244 (executing program) 2022/10/02 18:56:42 fetching corpus: 850, signal 96156/118588 (executing program) 2022/10/02 18:56:42 fetching corpus: 900, signal 97973/121470 (executing program) 2022/10/02 18:56:42 fetching corpus: 950, signal 100007/124523 (executing program) 2022/10/02 18:56:43 fetching corpus: 1000, signal 101559/127190 (executing program) 2022/10/02 18:56:43 fetching corpus: 1050, signal 104925/131351 (executing program) 2022/10/02 18:56:43 fetching corpus: 1100, signal 108045/135226 (executing program) 2022/10/02 18:56:43 fetching corpus: 1150, signal 111315/139182 (executing program) 2022/10/02 18:56:43 fetching corpus: 1200, signal 114040/142698 (executing program) 2022/10/02 18:56:43 fetching corpus: 1250, signal 115475/145092 (executing program) 2022/10/02 18:56:43 fetching corpus: 1300, signal 118895/149073 (executing program) 2022/10/02 18:56:43 fetching corpus: 1350, signal 119589/150800 (executing program) 2022/10/02 18:56:44 fetching corpus: 1400, signal 121761/153753 (executing program) 2022/10/02 18:56:44 fetching corpus: 1450, signal 122730/155721 (executing program) 2022/10/02 18:56:44 fetching corpus: 1500, signal 124117/157975 (executing program) 2022/10/02 18:56:44 fetching corpus: 1550, signal 125056/159870 (executing program) 2022/10/02 18:56:44 fetching corpus: 1600, signal 126325/162015 (executing program) 2022/10/02 18:56:44 fetching corpus: 1650, signal 127778/164272 (executing program) 2022/10/02 18:56:44 fetching corpus: 1700, signal 128964/166271 (executing program) 2022/10/02 18:56:44 fetching corpus: 1750, signal 130498/168528 (executing program) 2022/10/02 18:56:44 fetching corpus: 1800, signal 131988/170746 (executing program) 2022/10/02 18:56:45 fetching corpus: 1850, signal 133385/172796 (executing program) 2022/10/02 18:56:45 fetching corpus: 1900, signal 135194/175219 (executing program) 2022/10/02 18:56:45 fetching corpus: 1950, signal 136398/177147 (executing program) 2022/10/02 18:56:45 fetching corpus: 2000, signal 138414/179651 (executing program) 2022/10/02 18:56:45 fetching corpus: 2050, signal 139861/181655 (executing program) 2022/10/02 18:56:45 fetching corpus: 2100, signal 141342/183717 (executing program) 2022/10/02 18:56:45 fetching corpus: 2150, signal 142827/185743 (executing program) 2022/10/02 18:56:45 fetching corpus: 2200, signal 144367/187796 (executing program) 2022/10/02 18:56:46 fetching corpus: 2250, signal 144960/189192 (executing program) 2022/10/02 18:56:46 fetching corpus: 2300, signal 146625/191346 (executing program) 2022/10/02 18:56:46 fetching corpus: 2350, signal 148229/193416 (executing program) 2022/10/02 18:56:46 fetching corpus: 2400, signal 149272/195070 (executing program) 2022/10/02 18:56:46 fetching corpus: 2450, signal 150442/196804 (executing program) 2022/10/02 18:56:46 fetching corpus: 2500, signal 152009/198807 (executing program) 2022/10/02 18:56:46 fetching corpus: 2550, signal 153244/200615 (executing program) 2022/10/02 18:56:46 fetching corpus: 2600, signal 154692/202450 (executing program) 2022/10/02 18:56:47 fetching corpus: 2650, signal 155442/203832 (executing program) 2022/10/02 18:56:47 fetching corpus: 2700, signal 156755/205613 (executing program) 2022/10/02 18:56:47 fetching corpus: 2750, signal 158006/207279 (executing program) 2022/10/02 18:56:47 fetching corpus: 2800, signal 158864/208713 (executing program) 2022/10/02 18:56:47 fetching corpus: 2850, signal 159969/210253 (executing program) 2022/10/02 18:56:47 fetching corpus: 2900, signal 161359/211937 (executing program) 2022/10/02 18:56:47 fetching corpus: 2950, signal 162317/213370 (executing program) 2022/10/02 18:56:47 fetching corpus: 3000, signal 162969/214626 (executing program) 2022/10/02 18:56:48 fetching corpus: 3050, signal 163910/216032 (executing program) 2022/10/02 18:56:48 fetching corpus: 3100, signal 164868/217436 (executing program) 2022/10/02 18:56:48 fetching corpus: 3150, signal 165778/218832 (executing program) 2022/10/02 18:56:48 fetching corpus: 3200, signal 166422/220043 (executing program) 2022/10/02 18:56:48 fetching corpus: 3250, signal 167447/221457 (executing program) 2022/10/02 18:56:48 fetching corpus: 3300, signal 168410/222823 (executing program) 2022/10/02 18:56:48 fetching corpus: 3350, signal 169362/224156 (executing program) 2022/10/02 18:56:49 fetching corpus: 3400, signal 170567/225643 (executing program) 2022/10/02 18:56:49 fetching corpus: 3450, signal 172313/227342 (executing program) 2022/10/02 18:56:49 fetching corpus: 3500, signal 173063/228552 (executing program) 2022/10/02 18:56:49 fetching corpus: 3550, signal 173791/229710 (executing program) 2022/10/02 18:56:49 fetching corpus: 3600, signal 174446/230859 (executing program) 2022/10/02 18:56:49 fetching corpus: 3650, signal 175064/231924 (executing program) 2022/10/02 18:56:49 fetching corpus: 3700, signal 175588/232951 (executing program) 2022/10/02 18:56:49 fetching corpus: 3750, signal 176732/234340 (executing program) 2022/10/02 18:56:49 fetching corpus: 3800, signal 177426/235444 (executing program) 2022/10/02 18:56:50 fetching corpus: 3850, signal 178561/236758 (executing program) 2022/10/02 18:56:50 fetching corpus: 3900, signal 178968/237700 (executing program) 2022/10/02 18:56:50 fetching corpus: 3950, signal 179484/238659 (executing program) 2022/10/02 18:56:50 fetching corpus: 4000, signal 180209/239700 (executing program) 2022/10/02 18:56:50 fetching corpus: 4050, signal 181047/240798 (executing program) 2022/10/02 18:56:50 fetching corpus: 4100, signal 181944/241972 (executing program) 2022/10/02 18:56:50 fetching corpus: 4150, signal 182561/242960 (executing program) 2022/10/02 18:56:50 fetching corpus: 4200, signal 183205/243943 (executing program) 2022/10/02 18:56:50 fetching corpus: 4250, signal 184067/245008 (executing program) 2022/10/02 18:56:51 fetching corpus: 4300, signal 184596/245915 (executing program) 2022/10/02 18:56:51 fetching corpus: 4350, signal 185156/246817 (executing program) 2022/10/02 18:56:51 fetching corpus: 4400, signal 185676/247703 (executing program) 2022/10/02 18:56:51 fetching corpus: 4450, signal 186523/248704 (executing program) 2022/10/02 18:56:51 fetching corpus: 4500, signal 187153/249618 (executing program) 2022/10/02 18:56:51 fetching corpus: 4550, signal 187424/250404 (executing program) 2022/10/02 18:56:51 fetching corpus: 4600, signal 187851/251244 (executing program) 2022/10/02 18:56:51 fetching corpus: 4650, signal 188910/252259 (executing program) 2022/10/02 18:56:51 fetching corpus: 4700, signal 189411/253078 (executing program) 2022/10/02 18:56:51 fetching corpus: 4750, signal 189851/253953 (executing program) 2022/10/02 18:56:52 fetching corpus: 4800, signal 190355/254803 (executing program) 2022/10/02 18:56:52 fetching corpus: 4850, signal 191230/255735 (executing program) 2022/10/02 18:56:52 fetching corpus: 4900, signal 192355/256744 (executing program) 2022/10/02 18:56:52 fetching corpus: 4950, signal 193794/257825 (executing program) 2022/10/02 18:56:52 fetching corpus: 4997, signal 194783/258771 (executing program) 2022/10/02 18:56:52 fetching corpus: 4997, signal 194783/259419 (executing program) 2022/10/02 18:56:52 fetching corpus: 4997, signal 194783/260057 (executing program) 2022/10/02 18:56:52 fetching corpus: 4997, signal 194783/260684 (executing program) 2022/10/02 18:56:52 fetching corpus: 4997, signal 194783/261350 (executing program) 2022/10/02 18:56:52 fetching corpus: 4997, signal 194783/261985 (executing program) 2022/10/02 18:56:52 fetching corpus: 4997, signal 194783/262617 (executing program) 2022/10/02 18:56:52 fetching corpus: 4997, signal 194783/263212 (executing program) 2022/10/02 18:56:52 fetching corpus: 4997, signal 194783/263866 (executing program) 2022/10/02 18:56:52 fetching corpus: 4997, signal 194783/264494 (executing program) 2022/10/02 18:56:52 fetching corpus: 4997, signal 194783/265162 (executing program) 2022/10/02 18:56:52 fetching corpus: 4997, signal 194783/265796 (executing program) 2022/10/02 18:56:52 fetching corpus: 4997, signal 194783/266402 (executing program) 2022/10/02 18:56:52 fetching corpus: 4997, signal 194783/267065 (executing program) 2022/10/02 18:56:52 fetching corpus: 4997, signal 194783/267678 (executing program) 2022/10/02 18:56:52 fetching corpus: 4997, signal 194783/268318 (executing program) 2022/10/02 18:56:52 fetching corpus: 4997, signal 194783/268941 (executing program) 2022/10/02 18:56:52 fetching corpus: 4997, signal 194783/269599 (executing program) 2022/10/02 18:56:52 fetching corpus: 4997, signal 194783/270204 (executing program) 2022/10/02 18:56:52 fetching corpus: 4997, signal 194783/270794 (executing program) 2022/10/02 18:56:52 fetching corpus: 4997, signal 194783/271445 (executing program) 2022/10/02 18:56:52 fetching corpus: 4997, signal 194783/272067 (executing program) 2022/10/02 18:56:52 fetching corpus: 4997, signal 194783/272699 (executing program) 2022/10/02 18:56:52 fetching corpus: 4997, signal 194783/273325 (executing program) 2022/10/02 18:56:52 fetching corpus: 4997, signal 194783/273994 (executing program) 2022/10/02 18:56:52 fetching corpus: 4997, signal 194783/274648 (executing program) 2022/10/02 18:56:52 fetching corpus: 4997, signal 194783/275292 (executing program) 2022/10/02 18:56:52 fetching corpus: 4997, signal 194783/275923 (executing program) 2022/10/02 18:56:52 fetching corpus: 4997, signal 194783/276572 (executing program) 2022/10/02 18:56:52 fetching corpus: 4997, signal 194783/277206 (executing program) 2022/10/02 18:56:52 fetching corpus: 4997, signal 194783/277835 (executing program) 2022/10/02 18:56:52 fetching corpus: 4997, signal 194783/278465 (executing program) 2022/10/02 18:56:53 fetching corpus: 4997, signal 194783/279100 (executing program) 2022/10/02 18:56:53 fetching corpus: 4997, signal 194783/279753 (executing program) 2022/10/02 18:56:53 fetching corpus: 4997, signal 194783/280385 (executing program) 2022/10/02 18:56:53 fetching corpus: 4997, signal 194783/281020 (executing program) 2022/10/02 18:56:53 fetching corpus: 4997, signal 194783/281654 (executing program) 2022/10/02 18:56:53 fetching corpus: 4997, signal 194783/282251 (executing program) 2022/10/02 18:56:53 fetching corpus: 4997, signal 194783/282921 (executing program) 2022/10/02 18:56:53 fetching corpus: 4997, signal 194783/283568 (executing program) 2022/10/02 18:56:53 fetching corpus: 4997, signal 194783/284243 (executing program) 2022/10/02 18:56:53 fetching corpus: 4997, signal 194783/284782 (executing program) 2022/10/02 18:56:53 fetching corpus: 4997, signal 194783/284782 (executing program) 2022/10/02 18:56:55 starting 8 fuzzer processes 18:56:55 executing program 0: ioctl$sock_inet6_tcp_SIOCOUTQNSD(0xffffffffffffffff, 0x894b, &(0x7f0000000000)) r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) ioctl$FS_IOC_MEASURE_VERITY(r0, 0xc0046686, &(0x7f0000000040)={0x0, 0x98, "bcb12261e0b35badca5410f71976c6b896fd9ef94787f3e07c3e2785fbff433d65a55539374e8c560077f94ab9a7f7281235b57fbdd43f7404a3ed1aa07e8bbb2f4897dc517df004b10b8d8229b0585d1672f33c62405150e6a2168e1405a335c7d008f8e1144d2a3c2c34abe523a71b3ed250f2cd611ce9ff97401c2e1a1d93c25adb02e74ccb273bec3f3e238a7beb4f444356a7999090"}) ioctl$F2FS_IOC_PRECACHE_EXTENTS(r0, 0xf50f, 0x0) recvmmsg$unix(0xffffffffffffffff, &(0x7f0000004ac0)=[{{&(0x7f0000000100)=@abs, 0x6e, &(0x7f0000000280)=[{&(0x7f0000000180)=""/235, 0xeb}], 0x1, &(0x7f00000002c0)=[@cred={{0x1c, 0x1, 0x2, {0x0}}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}], 0xd8}}, {{&(0x7f00000003c0)=@abs, 0x6e, &(0x7f0000000480)=[{&(0x7f0000000440)=""/40, 0x28}], 0x1, &(0x7f00000004c0)=[@rights={{0x20, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x2c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x20, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0x90}}, {{0x0, 0x0, &(0x7f00000009c0)=[{&(0x7f0000000580)=""/109, 0x6d}, {&(0x7f0000000600)=""/51, 0x33}, {&(0x7f0000000640)=""/7, 0x7}, {&(0x7f0000000680)=""/134, 0x86}, {&(0x7f0000000740)=""/163, 0xa3}, {&(0x7f0000000800)=""/198, 0xc6}, {&(0x7f0000000900)=""/192, 0xc0}], 0x7, &(0x7f0000000a40)=[@rights={{0x34, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x20, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0x90}}, {{&(0x7f0000000b00)=@abs, 0x6e, &(0x7f0000001e40)=[{&(0x7f0000000b80)=""/27, 0x1b}, {&(0x7f0000000bc0)=""/34, 0x22}, {&(0x7f0000000c00)=""/4096, 0x1000}, {&(0x7f0000001c00)=""/139, 0x8b}, {&(0x7f0000001cc0)=""/61, 0x3d}, {&(0x7f0000001d00)=""/31, 0x1f}, {&(0x7f0000001d40)=""/223, 0xdf}], 0x7, &(0x7f0000001ec0)=[@cred={{0x1c}}, @rights={{0x2c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0x50}}, {{&(0x7f0000001f40)=@abs, 0x6e, &(0x7f00000035c0)=[{&(0x7f0000001fc0)=""/136, 0x88}, {&(0x7f0000002080)=""/113, 0x71}, {&(0x7f0000002100)=""/56, 0x38}, {&(0x7f0000002140)=""/151, 0x97}, {&(0x7f0000002200)=""/213, 0xd5}, {&(0x7f0000002300)=""/246, 0xf6}, {&(0x7f0000002400)=""/6, 0x6}, {&(0x7f0000002440)=""/149, 0x95}, {&(0x7f0000002500)=""/4096, 0x1000}, {&(0x7f0000003500)=""/168, 0xa8}], 0xa, &(0x7f0000003680)=[@rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x20, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0x78}}, {{0x0, 0x0, &(0x7f0000004a00)=[{&(0x7f0000003700)=""/108, 0x6c}, {&(0x7f0000003780)=""/209, 0xd1}, {&(0x7f0000003880)=""/167, 0xa7}, {&(0x7f0000003940)=""/4096, 0x1000}, {&(0x7f0000004940)=""/173, 0xad}], 0x5, &(0x7f0000004a80)=[@rights={{0x20, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0x20}}], 0x6, 0x10100, &(0x7f0000004c40)={0x77359400}) fcntl$setown(r0, 0x8, r1) ioctl$SIOCGSTAMP(r4, 0x8906, &(0x7f0000004c80)) setsockopt(r3, 0x0, 0x8, &(0x7f0000004cc0)="48790c2c6189bdef0f0ab9cf4653dbadbc785e943942f6e004dc675b2d8e2d1a19b06896f85d7bc852f981114788cc2b3d31edc81aeeb9966f825a7d9c49f35990", 0x41) r5 = creat(&(0x7f0000004d40)='./file0\x00', 0x80) bind$inet6(r5, &(0x7f0000004d80)={0xa, 0x4e22, 0x8, @dev={0xfe, 0x80, '\x00', 0x3a}, 0x2}, 0x1c) r6 = openat$bsg(0xffffffffffffff9c, &(0x7f0000004dc0), 0x680080, 0x0) ioctl$SIOCGSTAMPNS(r6, 0x8907, &(0x7f0000004e00)) r7 = openat2(0xffffffffffffff9c, &(0x7f0000004e40)='./file0\x00', &(0x7f0000004e80)={0x193000, 0x5}, 0x18) openat(r7, &(0x7f0000004ec0)='./file0\x00', 0x32aa80, 0x100) bind$bt_sco(r2, &(0x7f0000004f00)={0x1f, @none}, 0x8) r8 = openat$hpet(0xffffffffffffff9c, &(0x7f0000004f40), 0x404980, 0x0) setsockopt$bt_BT_VOICE(r8, 0x112, 0xb, &(0x7f0000004f80)=0x66, 0x2) r9 = socket$inet6_udp(0xa, 0x2, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r9, 0x8933, &(0x7f0000004fc0)) ioctl$TIOCSIG(0xffffffffffffffff, 0x40045436, 0x3b) 18:56:55 executing program 1: ioctl$sock_FIOSETOWN(0xffffffffffffffff, 0x8901, &(0x7f0000000000)) getsockopt$SO_TIMESTAMP(0xffffffffffffffff, 0x1, 0x3f, &(0x7f0000000040), &(0x7f0000000080)=0x4) r0 = accept(0xffffffffffffffff, &(0x7f00000000c0)=@ieee802154={0x24, @long}, &(0x7f0000000140)=0x80) recvmmsg(r0, &(0x7f00000039c0)=[{{0x0, 0x0, &(0x7f0000000240)=[{&(0x7f0000000180)=""/135, 0x87}], 0x1}, 0x7f}, {{&(0x7f0000000280)=@in6={0xa, 0x0, 0x0, @private1}, 0x80, &(0x7f0000000300), 0x0, &(0x7f0000000340)=""/19, 0x13}, 0x6}, {{&(0x7f0000000380)=@x25={0x9, @remote}, 0x80, &(0x7f0000000900)=[{&(0x7f0000000400)=""/146, 0x92}, {&(0x7f00000004c0)=""/189, 0xbd}, {&(0x7f0000000580)=""/161, 0xa1}, {&(0x7f0000000640)=""/122, 0x7a}, {&(0x7f00000006c0)=""/79, 0x4f}, {&(0x7f0000000740)=""/211, 0xd3}, {&(0x7f0000000840)=""/178, 0xb2}], 0x7, &(0x7f0000000980)=""/107, 0x6b}, 0x3ff}, {{&(0x7f0000000a00)=@caif, 0x80, &(0x7f0000000d00)=[{&(0x7f0000000a80)=""/97, 0x61}, {&(0x7f0000000b00)=""/122, 0x7a}, {&(0x7f0000000b80)=""/56, 0x38}, {&(0x7f0000000bc0)=""/227, 0xe3}, {&(0x7f0000000cc0)=""/64, 0x40}], 0x5, &(0x7f0000000d80)=""/77, 0x4d}, 0x9000}, {{&(0x7f0000000e00)=@ieee802154={0x24, @short}, 0x80, &(0x7f0000002140)=[{&(0x7f0000000e80)=""/4096, 0x1000}, {&(0x7f0000001e80)=""/70, 0x46}, {&(0x7f0000001f00)=""/141, 0x8d}, {&(0x7f0000001fc0)=""/40, 0x28}, {&(0x7f0000002000)=""/9, 0x9}, {&(0x7f0000002040)=""/180, 0xb4}, {&(0x7f0000002100)=""/33, 0x21}], 0x7, &(0x7f00000021c0)=""/50, 0x32}, 0x3}, {{&(0x7f0000002200)=@in, 0x80, &(0x7f00000034c0)=[{&(0x7f0000002280)=""/40, 0x28}, {&(0x7f00000022c0)=""/182, 0xb6}, {&(0x7f0000002380)=""/105, 0x69}, {&(0x7f0000002400)=""/4096, 0x1000}, {&(0x7f0000003400)=""/145, 0x91}], 0x5}, 0x9}, {{&(0x7f0000003540)=@pppol2tpv3in6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @mcast2}}}, 0x80, &(0x7f00000036c0)=[{&(0x7f00000035c0)=""/234, 0xea}], 0x1, &(0x7f0000003700)=""/55, 0x37}, 0x9}, {{&(0x7f0000003740)=@l2tp={0x2, 0x0, @remote}, 0x80, &(0x7f0000003980)=[{&(0x7f00000037c0)=""/84, 0x54}, {&(0x7f0000003840)=""/94, 0x5e}, {&(0x7f00000038c0)=""/97, 0x61}, {&(0x7f0000003940)=""/17, 0x11}], 0x4}, 0x3}], 0x8, 0x40002041, 0x0) ioctl$RTC_RD_TIME(0xffffffffffffffff, 0x80247009, &(0x7f0000003bc0)) setsockopt$inet_pktinfo(r0, 0x0, 0x8, &(0x7f0000003c00)={0x0, @loopback, @broadcast}, 0xc) r2 = socket$inet6_icmp(0xa, 0x2, 0x3a) getsockopt$sock_linger(r2, 0x1, 0xd, &(0x7f0000003c40), &(0x7f0000003c80)=0x8) ioctl$RTC_IRQP_SET(0xffffffffffffffff, 0x4008700c, 0x1300) r3 = openat$vcsu(0xffffffffffffff9c, &(0x7f0000003cc0), 0x20000, 0x0) setsockopt$inet_MCAST_MSFILTER(r3, 0x0, 0x30, &(0x7f0000003d00)={0x3ff, {{0x2, 0xff, @rand_addr=0x64010100}}, 0x1, 0x3, [{{0x2, 0x4e22, @empty}}, {{0x2, 0x4e22, @multicast1}}, {{0x2, 0x4e21, @multicast1}}]}, 0x210) r4 = openat$nvram(0xffffffffffffff9c, &(0x7f0000003f40), 0x10800, 0x0) ioctl$VT_DISALLOCATE(r4, 0x5608) r5 = perf_event_open$cgroup(&(0x7f0000003f80)={0x5, 0x80, 0x20, 0x4, 0x1f, 0x9, 0x0, 0xc2f, 0x10000, 0x8, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x2, 0x6, @perf_config_ext={0x63, 0x100}, 0x8, 0x7fffffff, 0x1, 0x9, 0x6, 0x2, 0x20, 0x0, 0x0, 0x0, 0x100000001}, r3, 0xb, r3, 0x9) lseek(r5, 0x5, 0x2) ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(r3, 0xc018937e, &(0x7f0000004000)={{0x1, 0x1, 0x18, r1, @out_args}, './file0\x00'}) ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(0xffffffffffffffff, 0xc0189375, &(0x7f0000004040)={{0x1, 0x1, 0x18, r6}, './file0\x00'}) ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(r7, 0xc018937a, &(0x7f0000004080)={{0x1, 0x1, 0x18, r0, {0x400}}, './file0\x00'}) r8 = syz_io_uring_complete(0x0) ioctl$VFAT_IOCTL_READDIR_BOTH(r8, 0x82307201, &(0x7f00000040c0)=[{0x0, 0x0, 0x100}, {0x0, 0x0, 0x100}]) 18:56:55 executing program 2: lstat(&(0x7f0000000380)='./file0\x00', &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) statx(0xffffffffffffffff, &(0x7f0000001600)='./file0\x00', 0x1000, 0x8, &(0x7f0000001640)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r4 = syz_mount_image$tmpfs(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x2, 0x4, &(0x7f0000000300)=[{&(0x7f0000000080)="68ffacb507185991900ca0df60a89c808c2be3e0e22fbbf1585d4ea3e2f8322b3d2331423c1f4fb30255973a63de4e3ec56376e11eb14096b9e7beb5a36727cb27ab8227aa1ece60f665624a908b1bc596df1e6a4fa9f4ab7eec673c66cd8e55e2e39c7556a032b4b0af0cdd256d306c20c2e878165ef2313969365947b5679d850c6ee39dcecd5ef27556e2b5567efa03dcd0ebd15f1b8fd91a4c388617617aa81d0f7e0bb0f2e1f2ff7a68f74ffd6c6d831e6a", 0xb4, 0x2dba}, {&(0x7f0000000140)="131ac449e4879b541a5bc12a0db99a2052d3a2b9e0bac18f6e8ea2cd0ba287cf127b57feb0a16e2040cabc8ddfd6e54e146f063bba02a57abeff33fc52188bc9c07e6b0b3f3457edb9216b5c026b44c0d7abbe68a6463b36c6e9f9c8f07bab0074ae30c1915e1ead9a536b284ce0", 0x6e, 0x5}, {&(0x7f00000001c0)="17f406fbd5afd6d5d3c537b533409e9ac14553f21e9db180f7922eb238e89a9690e206d0e547677da1", 0x29, 0x7f}, {&(0x7f0000000200)="2dfa247073f5d45d994a696f9259edd3b183b25e0b74e46f59d5cee8225b0b00968a7c97bf4e58d040d9df137685e88c1645291990234df035bcb8504e4bde95b40dbe821dbd63076b96d8e431561a12971786bd37a633b5dbab0cd179aa24d1c8325f9fc2e811c7c850a7c4669d7a61830192c13b349616aab06d9501b0c68856c299290f4060178f1635efd186bd43caf1c8bcec914565dd656d74e18d99087770a7531703844de87cdb3ab686cb6fa685dc840d58b1970ab9821c54184aaaa57d5ec42e4f9a5398aa2d20e55c4790ea0a3cbbd5524688c85cfa7166758153db1f9de15a57fe2627", 0xe9, 0x1}], 0x250400, &(0x7f0000001740)={[{@nr_inodes={'nr_inodes', 0x3d, [0x70, 0x39, 0x38]}}, {@gid={'gid', 0x3d, r1}}, {@mpol={'mpol', 0x3d, {'prefer', '=relative', @val={0x3a, [0x39, 0x3a, 0x2d, 0x35, 0x35, 0x36, 0x38, 0x32, 0x2f, 0x16]}}}}, {@huge_within_size}, {@nr_blocks={'nr_blocks', 0x3d, [0x30, 0x33, 0x78, 0x36, 0x3]}}, {@huge_advise}, {@gid={'gid', 0x3d, r3}}], [{@appraise}, {@euid_gt}, {@audit}]}) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000001840)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {r0, r3}}, './file0\x00'}) mount_setattr(r4, &(0x7f0000001800)='./file0\x00', 0x800, &(0x7f0000001880)={0x100084, 0x4, 0x180000, {r5}}, 0x20) statx(r4, &(0x7f00000018c0)='./file0\x00', 0x77e2cfddde20bb73, 0x400, &(0x7f0000001900)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r8 = geteuid() getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000001ac0)={0x0, 0x0}, &(0x7f0000001b00)=0xc) getsockopt$inet_IP_IPSEC_POLICY(r5, 0x0, 0x10, &(0x7f0000001b40)={{{@in=@local, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@ipv4={""/10, ""/2, @initdev}}, 0x0, @in6=@remote}}, &(0x7f0000001c40)=0xe8) setxattr$system_posix_acl(&(0x7f0000001a00)='./file0\x00', &(0x7f0000001a40)='system.posix_acl_access\x00', &(0x7f0000001c80)={{}, {0x1, 0x4}, [{0x2, 0x5, r0}, {0x2, 0x5, r6}, {0x2, 0x1, r0}, {0x2, 0x2, r8}, {0x2, 0x3, r9}, {0x2, 0x2, r10}, {0x2, 0x3, r2}, {0x2, 0x5, r6}, {0x2, 0x2, r6}], {0x4, 0x7}, [{0x8, 0x1, r1}, {0x8, 0x4, r7}, {0x8, 0x3, r7}, {0x8, 0x2, r3}, {0x8, 0x0, r7}, {0x8, 0x6, 0xffffffffffffffff}], {}, {0x20, 0x7}}, 0x9c, 0x0) fstat(r5, &(0x7f0000001f40)={0x0, 0x0, 0x0, 0x0, 0x0}) syz_mount_image$ext4(&(0x7f0000001d40)='ext2\x00', &(0x7f0000001d80)='./file0\x00', 0x4, 0x2, &(0x7f0000001f00)=[{&(0x7f0000001dc0)="fc71aea01d6faa2de15e1c97056672", 0xf, 0x1ff}, {&(0x7f0000001e00)="a4af607998c0c4c3f2799eb5df70afea3ef0524bdb96963d22e260e2978beb1466f613e442a0ae35a921cd84e5fffaa17c1521fe6d66f1fc95d4b120320cb90cafa7b6823bf38fcc7a5b1ed20b16088cff4ddfff9f83720a9a1b9735adb2279b412e7af16f7030e9e679022ccdc4637355e6042e43d72a7211572fd1fe44d39f8b64d5d308cd1e4b56f4b595e7a1f53ed9939099a497ad5a81167f54b725399ec4bc3ebe58e4ad76e39b5beb4b153957bbe1dddd34752ab57d044a96f79d66f9e9ce4fe44980f83f4b392a0847cbb7009fff0d9a5419046054f6bfcddfadbd4a39a530bd6044945369f7aa9bec22bb84ddb9fab5cc5e6c1eee4fb5", 0xfb, 0x71ea}], 0x800000, &(0x7f0000001fc0)={[{@nombcache}, {@commit={'commit', 0x3d, 0x7}}, {@sysvgroups}, {@noblock_validity}], [{@fowner_lt={'fowner<', r11}}, {@fsname={'fsname', 0x3d, 'tmpfs\x00'}}, {@defcontext={'defcontext', 0x3d, 'staff_u'}}, {@subj_user}, {@dont_hash}]}) openat(0xffffffffffffffff, &(0x7f0000002080)='./file0\x00', 0x2000, 0x1) stat(&(0x7f00000020c0)='./file0\x00', &(0x7f0000002100)) stat(&(0x7f00000021c0)='./file1\x00', &(0x7f0000002200)={0x0, 0x0, 0x0, 0x0, 0x0}) chown(&(0x7f0000002180)='./file0\x00', r12, r3) mount(&(0x7f0000002280)=@md0, &(0x7f00000022c0)='./file1\x00', &(0x7f0000002300)='ufs\x00', 0x20040, &(0x7f0000002340)='nombcache') mount(&(0x7f0000002380)=@filename='./file1/file0\x00', &(0x7f00000023c0)='./file0\x00', &(0x7f0000002400)='ocfs2\x00', 0x4000, &(0x7f0000002440)='$T@#:{&+$$+{^\x00') ioctl$F2FS_IOC_MOVE_RANGE(r4, 0xc020f509, &(0x7f0000002480)={r4, 0xfffffffffffffffd, 0x4, 0x100000001}) unlinkat(r13, &(0x7f00000024c0)='./file0\x00', 0x0) 18:56:55 executing program 3: setsockopt$inet6_MRT6_DEL_MFC_PROXY(0xffffffffffffffff, 0x29, 0xd3, &(0x7f0000000000)={{0xa, 0x4e20, 0x4, @loopback, 0x3ff}, {0xa, 0x4e21, 0x2, @private1={0xfc, 0x1, '\x00', 0x1}, 0x54}, 0x1, [0xe73b, 0x6, 0x9, 0x401, 0x21f0, 0x7, 0x1, 0x401]}, 0x5c) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) getsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000080), &(0x7f00000000c0)=0x4) getsockopt$inet6_tcp_int(r0, 0x6, 0x24, &(0x7f0000000100), &(0x7f0000000140)=0x4) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r1, &(0x7f0000000180)={0xa, 0x4e20, 0x1000, @dev={0xfe, 0x80, '\x00', 0x1b}, 0xf}, 0x1c) connect$inet6(r0, &(0x7f00000001c0)={0xa, 0x4e23, 0xa698, @mcast2, 0x40}, 0x1c) bind$inet6(r0, &(0x7f0000000200)={0xa, 0x4e21, 0x1, @private2, 0x7}, 0x1c) r2 = accept4$inet6(r0, &(0x7f0000000240)={0xa, 0x0, 0x0, @mcast1}, &(0x7f0000000280)=0x1c, 0x0) setsockopt$inet6_tcp_TCP_MD5SIG(r2, 0x6, 0xe, &(0x7f00000002c0)={@in={{0x2, 0x4e20, @broadcast}}, 0x0, 0x0, 0x20, 0x0, "06b54b5ef66e6a2697690512a4d37fae9043c038a1e63b549eb4509d3a9f4459a6bccf8bde76a81d092d0ec3b9cb4bb8b032476d21f9ffebdccc19ce72b719dee5a1540ea4bf9c705522afac5996c4e3"}, 0xd8) ioctl$sock_SIOCGIFCONF(r1, 0x8912, &(0x7f0000000400)=@req={0x28, &(0x7f00000003c0)={'netdevsim0\x00', @ifru_addrs=@qipcrtr}}) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r3, &(0x7f0000000440)={0xa, 0x4e22, 0x744, @mcast1, 0x85}, 0x1c) getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, &(0x7f00000009c0)={{{@in=@loopback, @in=@multicast1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@mcast1}, 0x0, @in6=@local}}, &(0x7f0000000ac0)=0xe8) sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000000f40)=[{{&(0x7f0000000480)={0xa, 0x4e20, 0x7fffffff, @empty, 0x20}, 0x1c, &(0x7f0000000700)=[{&(0x7f00000004c0)="587c07ebfaa7afa873fa7adc4007fbb26bae34a3a3443f52bb5e9da0916f872eadfc6dcdcc01243434f07fe60df6c124d7c414e58a121bea92e76ec17824e2c1880560c0f085bb4c1549687a6258d36e5dac5e57f6bb3d803eb56ced55b506aceadd36f8d5e262f2547ffd393cf2aa94162f665cca5b5e0783610c34306cd4efd00fb1eb57668fd4aeb7226b586920c260232c12846af2fcd51c0e2390770a8d8a5ace0b505f42747a1288cc200f98491a3625cf17f5d38fea32f2d93f68b157be03a65e038cb973263c68d808bdb303e13ac5ce2c9e18d385eda207e64894cba5db96602fafb86e5a", 0xe9}, {&(0x7f00000005c0)="68a2ad5cbcf555cc9ce96ed4a9267bc165a5de5340893ee3c33bb69c467d981e379cd2c9b887569d95bbc4fa514a03d003107d23f7561795517be030af750dcf379dc11384ea01e4425617ede79d21801b2245", 0x53}, {&(0x7f0000000640)="56f0c1a834f70a0566b2956eb240f93c4ad4310492dd7de37c8dab365ab12014f762a5ec8e7b3e", 0x27}, {&(0x7f0000000680)="bb542b15508e0400acd5505ef3f1ef6d72ca04475bf5e20238ba81c7ade5b78b7beb672e06af91b6c2f631fa5e7a45314b640220ffdb2ad5eff6a7e54d7e0d925c655e287799cae1ecfb581ac15c2018ac9d164d95782c", 0x57}], 0x4}}, {{&(0x7f0000000740)={0xa, 0x4e24, 0x5, @remote, 0x1cc}, 0x1c, &(0x7f0000000800)=[{&(0x7f0000000780)="193b774aa845e248a66d539ff9c71212fc8f5f1b8c848728415a6c47884fb1ca9a15680c3f91845580118648ea47a4346b8570ba230145416f72aef02cb04d2fff4815e93d1dae79b1efb233a3d731d2a5b39afe4dc8219f1988c7d5a002c6e2683e1c9b52a686ef3f42d8f7dd", 0x6d}], 0x1, &(0x7f0000000840)=[@tclass={{0x14, 0x29, 0x43, 0xfd}}], 0x18}}, {{0x0, 0x0, &(0x7f0000000900)=[{&(0x7f0000000880)="0abd0027457ce0ac05d8f7c0bc95a6e9c55f54b79ba6e43e49dadc8968c64382d912bd5bd001d10a854e72d7fc6333eedc0c70da6d1553a513ae1ba62fb05eacef346770813b7e434744c7f5a88a1ed260cd5e3320902c77", 0x58}], 0x1, &(0x7f0000000b00)=[@hoplimit_2292={{0x14, 0x29, 0x8, 0x8f}}, @dstopts={{0x30, 0x29, 0x37, {0x87, 0x2, '\x00', [@pad1, @hao={0xc9, 0x10, @private0}]}}}, @hopopts={{0x40, 0x29, 0x36, {0xc, 0x4, '\x00', [@padn={0x1, 0x2, [0x0, 0x0]}, @enc_lim={0x4, 0x1, 0xff}, @padn={0x1, 0x4, [0x0, 0x0, 0x0, 0x0]}, @ra={0x5, 0x2, 0x1}, @hao={0xc9, 0x10, @mcast2}, @pad1]}}}, @pktinfo={{0x24, 0x29, 0x32, {@mcast1, r4}}}, @hoplimit={{0x14}}, @hopopts_2292={{0x78, 0x29, 0x36, {0x2, 0xb, '\x00', [@generic={0x4c, 0x11, "2a2d493ead1a773062f40dea12fe2ce72d"}, @calipso={0x7, 0x20, {0x5, 0x6, 0x40, 0x8001, [0x100000000, 0x7f, 0x0]}}, @hao={0xc9, 0x10, @mcast2}, @hao={0xc9, 0x10, @local}]}}}, @rthdr={{0x38, 0x29, 0x39, {0x2e, 0x4, 0x1, 0x0, 0x0, [@loopback, @dev={0xfe, 0x80, '\x00', 0x14}]}}}, @rthdrdstopts={{0x98, 0x29, 0x37, {0x3b, 0xf, '\x00', [@generic={0x5, 0x13, "a19d2719bff12270f2f31ea816a90362609c15"}, @pad1, @padn={0x1, 0x7, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}, @pad1, @calipso={0x7, 0x18, {0x2, 0x4, 0x1d, 0x3, [0xdbce, 0x1]}}, @calipso={0x7, 0x28, {0x3, 0x8, 0x40, 0x883d, [0x5, 0x7, 0x80000000, 0xb215]}}, @hao={0xc9, 0x10, @empty}]}}}, @hoplimit_2292={{0x14, 0x29, 0x8, 0xfff}}], 0x228}}, {{&(0x7f0000000d40)={0xa, 0x4e21, 0x80000000, @ipv4={'\x00', '\xff\xff', @empty}, 0x1ff}, 0x1c, &(0x7f0000000e00)=[{&(0x7f0000000d80)="64b827a2fe8052261bb26ad3ef977831269a3c87ae722cb89feed72cc73b98f20db4b437d995d2c77a044e75768f73a00bb1bed438310e105baf5792f0efd7f4d0d81f60c9b3c5e42892311711671cf4", 0x50}], 0x1, &(0x7f0000000e40)=[@rthdrdstopts={{0x20, 0x29, 0x37, {0x32, 0x0, '\x00', [@jumbo={0xc2, 0x4, 0x6}]}}}], 0x20}}, {{&(0x7f0000000e80)={0xa, 0x4e24, 0x80000000, @private0={0xfc, 0x0, '\x00', 0x1}, 0x1}, 0x1c, &(0x7f0000000f00)=[{&(0x7f0000000ec0)}], 0x1}}], 0x5, 0x4048000) ioctl$SIOCGSTAMPNS(r1, 0x8907, &(0x7f0000001080)) setsockopt$inet6_tcp_TCP_MD5SIG(r1, 0x6, 0xe, &(0x7f00000010c0)={@in={{0x2, 0x4e21, @private=0xa010101}}, 0x0, 0x0, 0x5, 0x0, "5377858f3c16ecaafdfccc136056840e0e9c84dd0b9f898f4cea17bb23356c69524914a29906d42c82d3de659b0b33e84e68d2cc2bad8b8a52b08d865a36f5560ffa1532f830adcf21f1a85a6b35a816"}, 0xd8) sendfile(r0, r3, &(0x7f00000011c0)=0x94, 0x7) ioctl$F2FS_IOC_MOVE_RANGE(r2, 0xc020f509, &(0x7f0000001200)={0xffffffffffffffff, 0xfffffffffffffff9, 0x9f4, 0xfffffffffffffffa}) ioctl$BTRFS_IOC_SCRUB_CANCEL(0xffffffffffffffff, 0x941c, 0x0) 18:56:55 executing program 4: pwritev(0xffffffffffffffff, &(0x7f0000000340)=[{&(0x7f0000000000)="6159f0ec7b40ca00561f5ae68c8e4961b25c918db6a5635d47d129113089531d3443936aa7b72db964b6a7f56c00e41db9e0364e6892b94b84636dc4897751d15f5fd41696c194ba0d5ba2b9aa54737d0e09b0b3c62c3885cf74496b49a94f51a9db76e709ddd32a200f6c8b0bd91267f0e102d91e3f9dbb8e2336c863fb4c15327bc1481fabf28ba2b8cba07d21563201a13ecb168a7b8d8924d22bafd2a59ff54c5b881108e51d6dc8b70eb628bb89d32f7f40bf42d88d476dc27d6d9a6d041ee3eaa47c7647250104ff95c64177fcd20b80cafc7a0ac1a6beb7d8ea8eb0", 0xdf}, {&(0x7f0000000100)="a7c57d108ecbe96bdd74b7517babad47c9948c0d977d85da9bf70295e5e87889c924c193c3282c0b1ad367a2d0276eb58bc77bcf16a24b5e95e88680e2eb929ddbdff2e51ada9efe6e9696757a2c6578f52322e4c605d2145c21191c2dff23d8e816993d95d7dbc0d8d0592e9a8ec382926484ec27db8198bb74af64713c47acba5c21e7dcd06a53ef5745d479e19f1680337fb1e87613788d3e3c263cd37a06ba010de897fdb251d48494b8b65dbf9e2868dd781de5d72c7a6d1056dc39ed454a52dd5b4b283cf76d02c337a23585", 0xcf}, {&(0x7f0000000200)="25a11bc6ec86c4a00a376fa5af871031c1038f12d5c8646f62485314bd58f48b909af1135e2da1c07a0bc3977a09fafd206119b8a4402c89e918ee5837327d7e116d9c11154b4672fd248df6467e53c55d12f0f9cf750a1aaf0f778560f54a23fdb40b4acb67f8f5f080e0b5f915c9b66ee72e1bfb4e0cd4c438c6a0f7599c9a5bdc9e66d96d9e1c6920f10cf7d43b8254f59cf6f80451c6e13d686541508e44026a287131b0cb0aae900dfbe7b46f0da44eec7efadc7f4803f9c52498d83a7002854524a2936520e099f2ad25328027eaac6a4d2cbb6dfa3f2144f5b3b0552393c7341b611f155efce58916bc94b5bf2a72322b40", 0xf5}, {&(0x7f0000000300)}], 0x4, 0x3ff, 0x8) r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000380)='/proc/bus/input/devices\x00', 0x0, 0x0) syz_io_uring_setup(0x7b03, &(0x7f00000003c0)={0x0, 0x6aa, 0x8, 0x2, 0x90}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000000440), &(0x7f0000000480)=0x0) syz_io_uring_submit(0x0, r1, &(0x7f00000014c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x0, 0x4007, @fd=r0, 0x400, &(0x7f00000004c0)=""/4096, 0x1000, 0x14, 0x1}, 0x280e) r2 = syz_io_uring_setup(0x135b, &(0x7f0000001500)={0x0, 0xcc49, 0x20, 0x1, 0x1bd, 0x0, r0}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000001580), &(0x7f00000015c0)) r3 = syz_open_pts(r2, 0x40) fsetxattr$trusted_overlay_upper(r3, &(0x7f0000001600), &(0x7f0000001640)={0x0, 0xfb, 0x88, 0x3, 0x8, "6c2167cd9cc7ef60289e0fdc39f06f8c", "4d994ef939ab524db3c3fbef958933c01c97fdfa1af95ce74a6e8cdda88b25f52862912fe3e6bb6fdfb564984ef6b6f0196641b36e17085d717009902480210c1e24b8e67e8b5567fdbf4697de75be0a2b0a830bb36cd3c42b9a4b792f13ffc33e60d088e02fa2bd77919d6d64350a5e5de836"}, 0x88, 0x2) ioctl$AUTOFS_DEV_IOCTL_FAIL(0xffffffffffffffff, 0xc0189377, &(0x7f00000017c0)={{0x1, 0x1, 0x18, r0, {0xbc69, 0x7ff}}, './file0\x00'}) r5 = perf_event_open(&(0x7f0000001740)={0x1, 0x80, 0x7, 0x8d, 0x36, 0x7f, 0x0, 0x1, 0x10000, 0x2, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x3, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x7cef, 0x2, @perf_bp={&(0x7f0000001700), 0x3}, 0x120, 0x1, 0x24, 0x6, 0x6, 0xc6, 0xc2, 0x0, 0x3}, 0xffffffffffffffff, 0xa, r4, 0x0) bind$inet6(r5, &(0x7f0000001800)={0xa, 0x4e24, 0x80000001, @empty, 0x8}, 0x1c) r6 = socket$packet(0x11, 0x3, 0x300) fsetxattr$trusted_overlay_redirect(r6, &(0x7f0000001840), &(0x7f0000001880)='./file0\x00', 0x8, 0x3) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r4, 0xc0189373, &(0x7f00000018c0)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x8cf}}, './file0\x00'}) io_uring_register$IORING_UNREGISTER_EVENTFD(0xffffffffffffffff, 0x5, 0x0, 0x0) socket$packet(0x11, 0x2, 0x300) recvmmsg$unix(r0, &(0x7f0000002140)=[{{0x0, 0x0, &(0x7f0000001a00)=[{&(0x7f0000001900)=""/197, 0xc5}], 0x1, &(0x7f0000001a40)=[@cred={{0x1c}}, @rights={{0x10}}, @cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}], 0xd0}}, {{&(0x7f0000001b40)=@abs, 0x6e, &(0x7f0000001c40)=[{&(0x7f0000001bc0)=""/113, 0x71}], 0x1, &(0x7f0000001c80)=[@cred={{0x1c}}], 0x20}}, {{&(0x7f0000001cc0)=@abs, 0x6e, &(0x7f0000001d80)=[{&(0x7f0000001d40)=""/30, 0x1e}], 0x1, &(0x7f0000001dc0)=[@rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}], 0x68}}, {{0x0, 0x0, &(0x7f0000002040)=[{&(0x7f0000001e40)=""/173, 0xad}, {&(0x7f0000001f00)=""/168, 0xa8}, {&(0x7f0000001fc0)=""/72, 0x48}], 0x3, &(0x7f0000002080)=[@cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0x88}}], 0x4, 0x20, &(0x7f0000002240)={0x77359400}) setsockopt$packet_drop_memb(r8, 0x107, 0x2, &(0x7f0000002280)={0x0, 0x1, 0x6, @remote}, 0x10) getsockopt$bt_sco_SCO_OPTIONS(r7, 0x11, 0x1, &(0x7f00000022c0)=""/57, &(0x7f0000002300)=0x39) setsockopt$inet6_tcp_TCP_MD5SIG(r7, 0x6, 0xe, &(0x7f0000002340)={@in6={{0xa, 0x4e24, 0x20, @ipv4={'\x00', '\xff\xff', @broadcast}, 0x9}}, 0x0, 0x0, 0x15, 0x0, "615311182b4fb72f0073dc27fdb1a57067a496c7f6b7dcbcf01bccfdc8e298fffd00f86c4e6e1913919555fa4165065b02ad7c4c6254eae9697fd27138fa9ba0b29b9e4d998c5eb68d7d526ba7bef769"}, 0xd8) io_uring_enter(r9, 0x11f0, 0x2f06, 0x2, &(0x7f0000002440)={[0x8]}, 0x8) [ 75.592571] audit: type=1400 audit(1664737015.483:6): avc: denied { execmem } for pid=286 comm="syz-executor.0" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1 18:56:55 executing program 5: r0 = open_tree(0xffffffffffffffff, &(0x7f0000000000)='./file0\x00', 0x1100) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) r2 = syz_open_dev$vcsn(&(0x7f00000000c0), 0x4, 0x0) r3 = fcntl$getown(0xffffffffffffffff, 0x9) sendmsg$NL80211_CMD_SET_WIPHY_NETNS(r0, &(0x7f00000001c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)={0x64, r1, 0x400, 0x70bd25, 0x25dfdbfb, {{}, {@val={0x8, 0x1, 0x36}, @void, @val={0xc, 0x99, {0x3, 0x57}}}}, [@NL80211_ATTR_NETNS_FD={0x8, 0xdb, r2}, @NL80211_ATTR_IFINDEX={0x8}, @NL80211_ATTR_WIPHY={0x8, 0x1, 0x6b}, @NL80211_ATTR_WDEV={0xc, 0x99, {0x62c, 0x75}}, @NL80211_ATTR_PID={0x8, 0x52, r3}, @NL80211_ATTR_WIPHY={0x8, 0x1, 0x19}, @NL80211_ATTR_NETNS_FD={0x8}]}, 0x64}}, 0x4000000) ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(0xffffffffffffffff, 0xc0189375, &(0x7f0000000200)={{0x1, 0x1, 0x18, r2}, './file0\x00'}) ioctl$FS_IOC_SETFSLABEL(r4, 0x41009432, &(0x7f0000000240)="f29996014b74712bbc6e7e64883ba2a41822ab5992e9524f9e9ae3442b81cd7f2128bc44104d14f23c1cd956955ae152192b48f7ba05a407f3312977d3b59801dafc570741e5829f8305184771e56713e78cab099112684b786a2ad0418498b26c28ff29f3a2e9110556415e4c4e63d88c5e9bb5846fad60615d91ae3286ced4c80892f4575d5ede7893ba1ea65bdc8f615a17d61356b0e1b1c0ba416eaf5b525580879f6da4bea9bbd3908a30984c11f651656350b75ff2fe04fd9952900c6f87b141fecb0b37faea238fd113a47b3da7d3ca475f247aa9811733024fe6b0fe65bb7ae4a7844d6116436a47b13ad6b1575c11bde6863ad7e483d28c34d37dbb") write(r0, &(0x7f0000000340)="479577e66e4aa31081b081a682bdad8e055757e111129c49b15fdef5f3b7197681f30104059a47457d9dc13f93ab31d0d1810eb9ca79c7650334fb6e0c66b22eb20c2f55b478c4cfe92e9ded8d9dd8b82f109338da2eda1a40dc717782b6aa688ce908e98e2d0f53e7b3695ca1eb07fe2b8be548c41eb6c278fb117b52409842d592b886d53fa4b817528a015620bbc1cf6d53ad284da8fc960ad032c929aee4d603092781335b7af5ad7f32402bd1a045d6d1c45d1fb2415c7ee018ed5c48c6d4dbf74b6d69c39acd9456e9316cb82d5c8c49d1aafa02e81b209a405c55e0566b055c5b8600993d0f9e8defbb51", 0xee) getsockname$packet(r4, &(0x7f0000000480)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @remote}, &(0x7f00000004c0)=0x14) sendmsg$ETHTOOL_MSG_PAUSE_GET(r4, &(0x7f0000000640)={&(0x7f0000000440)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000600)={&(0x7f0000000500)={0xcc, 0x0, 0x400, 0x70bd27, 0x25dfdbfc, {}, [@HEADER={0x44, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}, @HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}, @HEADER={0x68, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'batadv_slave_1\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'ipvlan1\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'lo\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r5}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}]}, 0xcc}, 0x1, 0x0, 0x0, 0x8000}, 0x0) r6 = openat$sr(0xffffffffffffff9c, &(0x7f0000000680), 0x0, 0x0) r7 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000700), r2) sendmsg$IPVS_CMD_SET_CONFIG(r6, &(0x7f0000000840)={&(0x7f00000006c0)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000800)={&(0x7f0000000740)={0x84, r7, 0x0, 0x70bd2d, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_DEST={0x70, 0x2, 0x0, 0x1, [@IPVS_DEST_ATTR_ACTIVE_CONNS={0x8, 0x7, 0x3}, @IPVS_DEST_ATTR_ADDR={0x14, 0x1, @ipv6=@empty}, @IPVS_DEST_ATTR_PORT={0x6, 0x2, 0x4e21}, @IPVS_DEST_ATTR_INACT_CONNS={0x8, 0x8, 0xade}, @IPVS_DEST_ATTR_ADDR={0x14, 0x1, @ipv4=@multicast1}, @IPVS_DEST_ATTR_TUN_PORT={0x6, 0xe, 0x4e21}, @IPVS_DEST_ATTR_ADDR={0x14, 0x1, @ipv4=@broadcast}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x6, 0xb, 0x2}, @IPVS_DEST_ATTR_ACTIVE_CONNS={0x8, 0x7, 0x9}]}]}, 0x84}, 0x1, 0x0, 0x0, 0x8000}, 0x800) ioctl$TUNSETVNETBE(r0, 0x400454de, &(0x7f0000000880)=0x1) getsockopt$EBT_SO_GET_INIT_INFO(r2, 0x0, 0x82, &(0x7f00000008c0)={'broute\x00', 0x0, 0x0, 0x0, [0x100, 0xffffffffffffffff, 0x100000000000, 0x8, 0x7, 0x8]}, &(0x7f0000000940)=0x78) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r2, 0x81f8943c, &(0x7f0000000980)) ioctl$TUNSETVNETBE(r2, 0x400454de, &(0x7f0000000b80)) ioctl$FIONCLEX(r4, 0x5450) ioctl$BTRFS_IOC_SCRUB_PROGRESS(r6, 0xc400941d, &(0x7f0000000bc0)={0x0, 0x81, 0x4, 0x1}) ioctl$BTRFS_IOC_SCRUB(r2, 0xc400941b, &(0x7f0000000fc0)={r8, 0x7, 0x8}) 18:56:55 executing program 7: ioctl$SNAPSHOT_AVAIL_SWAP_SIZE(0xffffffffffffffff, 0x80083313, &(0x7f0000000000)) r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0x10002, 0x0) ioctl$SNAPSHOT_FREE_SWAP_PAGES(r0, 0x3309) r1 = syz_mount_image$ext4(&(0x7f0000000140)='ext3\x00', &(0x7f0000000180)='./file0\x00', 0x0, 0x4, &(0x7f0000000540)=[{&(0x7f00000001c0)="e1170f6fb8cbd05b69e5a439b91fca5ac2a70b9b85455b9f5760e4a6bb39b086b6c7149a12fa6fcd0462453fee7ce7ba3f94cca3f2aac03be1a2563d2b8f2f5e84b3ad0a9ac8456dcf0a7b44239706195e84faede77a92de0409f628a797d660dd53c0f93a62fd57cb5e7a065d4f09f2df59a574e568c96f1fede6adbf2fe91217213c5bd3524334e93fd9c743292e69de2de4b63127ccbd0337a6c28ee6cf6ec2f41c6ff96f3214b79127e7af6576dfb6", 0xb1, 0xffffffffffffff80}, {&(0x7f0000000280)="8e064864d32cdab1c4e293fb5a9a97c4eedb5308210128def9a46a1ef3d67074963895b036b89ee7adf576396fd9253904e4923b6cb2dbe6c86397de4b7fadf03de4334242d1355bcaf54a63ca85a695dfc132f5a36da863daafd48c7da82172bdf48f9c50e2c715ca6fd2baa6b610fb6ccfa46b5c8187464cfccfb148abc35f4df774cfd5397f20d43ad732790aeff2d5446830d7771e65ca4234141e4cef8fbdd64726670a3adbeda85c862a89a620da7fb7cfd7a630e0", 0xb8, 0x4}, {&(0x7f0000000340)="c7524bb08b881f47c3ef969ef1cc4fd908d6395a55a2ce994f95062ef1684fc156fa9d55fd5629c993079563a0df7b85ec149d023084fa9cbc8bd63b06eb4273ba2ea7537cf9652751ace314c66a09e1f171facb580ecaf080cd87b6ae236dba09fe862f86f93e38559092d0b520960c78dc024c3fffc854c15b50c3cd319423ff960b07d02e55c9eb321b77df51d74e3ae18503736d91e9c71af104d76f08251b646497d9c956175728031841f212bcf78e40992329637c1daa717385f9d2680cddf3b5b74eec2a306acee437a1a9194f", 0xd1, 0x7f}, {&(0x7f0000000440)="5d9a30624d16afb8a8a01a11ef868e1e9613907e04f02948dda1a1e80e15d5613203fbde8a6d4cdb13303e869fbbcbf2303424e8270711b6cf326acb1debeab59956dad36fa516336568b9d9557ba3e95d4b9cc072ca057a91a36e5bdb23b67a822742a4e971ae93ab73630ed8bb96f6eed392d14abd7a187db0465c530b9b3615ad83e557f08eb1a1e4de6f2f074b5420cbea976347824d28b499652623ee87b75e8eb9583dce06c3d1bb02f3e4c4baca82d785c2bc0baffb81e686c00d6b4c26977e9fc78fdd4029ead79f4842ada9aeed5f7206cc14f7b86cb9daf23410fb92220c186286523023f0cfdbc74b2a1221abe35e1f0b6df06f2e216929", 0xfd, 0xfffffffffffffffd}], 0x103c440, &(0x7f00000005c0)={[{@barrier_val={'barrier', 0x3d, 0xfff}}, {@jqfmt_vfsv0}], [{@fsuuid={'fsuuid', 0x3d, {[0x0, 0x36, 0x66, 0x5f, 0x65, 0x63, 0x54, 0x35], 0x2d, [0x32, 0x38, 0x65, 0x62], 0x2d, [0x62, 0x66, 0x64, 0x33], 0x2d, [0x39, 0x36, 0x37, 0x30], 0x2d, [0x36, 0x63, 0x33, 0x31, 0x62, 0x61, 0x65, 0x31]}}}, {@euid_lt={'euid<', 0xee00}}]}) close_range(r0, r1, 0x2) r2 = fcntl$dupfd(r0, 0x406, r1) r3 = openat(r2, &(0x7f0000000640)='./file0\x00', 0x60840, 0x180) ioctl$BTRFS_IOC_SET_RECEIVED_SUBVOL(r0, 0xc0c89425, &(0x7f0000000680)={"e1831ae21f306cdc24475a08c4679a9f", 0x0, 0x0, {0x6, 0x2}, {0x2, 0x1000}, 0x80, [0xffffffff7fffffff, 0x6, 0x1, 0xfffffffffffffffe, 0x3, 0x1, 0x4, 0xfbf, 0x2, 0x3, 0x3, 0x2, 0x8, 0xff, 0x3f, 0x80]}) ioctl$BTRFS_IOC_SET_RECEIVED_SUBVOL(r1, 0xc0c89425, &(0x7f0000000780)={"77821fa179f83f5c763315050e0be2fe", r4, 0x0, {0x4d, 0x1}, {0x1000, 0x81}, 0x3, [0x2, 0x1000, 0x0, 0x9, 0x18c, 0x400, 0x6, 0x1, 0xff, 0x1, 0x65f, 0x200, 0x8000, 0x3f800000000, 0xfffffffffffffff9, 0xde7f]}) fcntl$notify(r0, 0x402, 0x10) r5 = openat$cgroup_procs(r3, &(0x7f0000000880)='cgroup.threads\x00', 0x2, 0x0) ioctl$F2FS_IOC_ABORT_VOLATILE_WRITE(r5, 0xf505, 0x0) sendfile(r0, r2, &(0x7f00000008c0)=0xb4, 0xfff) r6 = socket$inet(0x2, 0xa, 0x5) pidfd_getfd(r2, r6, 0x0) ioctl$SNAPSHOT_AVAIL_SWAP_SIZE(r3, 0x80083313, &(0x7f0000000900)) name_to_handle_at(r2, &(0x7f0000000940)='./file0\x00', &(0x7f0000000980)=@ceph_nfs_snapfh={0x1c, 0x4e, {0x4e, 0x4, 0xab6b, 0x6}}, &(0x7f00000009c0), 0x0) r7 = dup(r1) ioctl$sock_inet_SIOCDARP(r7, 0x8953, &(0x7f0000000a00)={{0x2, 0x4e23, @private=0xa010101}, {0x306}, 0x0, {0x2, 0x4e23, @multicast1}, 'ipvlan0\x00'}) ioctl$F2FS_IOC_GARBAGE_COLLECT_RANGE(0xffffffffffffffff, 0x4018f50b, &(0x7f0000000a80)={0x0, 0x9, 0x3ff}) 18:56:55 executing program 6: r0 = open$dir(&(0x7f0000000000)='./file0\x00', 0x400200, 0x40) preadv(r0, &(0x7f0000001140)=[{&(0x7f0000000040)=""/4096, 0x1000}, {&(0x7f0000001040)=""/157, 0x9d}, {&(0x7f0000001100)=""/61, 0x3d}], 0x3, 0x9, 0x100) preadv2(r0, &(0x7f00000026c0)=[{&(0x7f0000001180)=""/173, 0xad}, {&(0x7f0000001240)=""/4096, 0x1000}, {&(0x7f0000002240)=""/245, 0xf5}, {&(0x7f0000002340)=""/79, 0x4f}, {&(0x7f00000023c0)=""/3, 0x3}, {&(0x7f0000002400)=""/6, 0x6}, {&(0x7f0000002440)=""/241, 0xf1}, {&(0x7f0000002540)=""/142, 0x8e}, {&(0x7f0000002600)=""/138, 0x8a}], 0x9, 0x8, 0x7dd02cc2, 0x8) perf_event_open(&(0x7f00000027c0)={0x2, 0x80, 0x7, 0x40, 0x3, 0x2, 0x0, 0x1, 0x200, 0x8, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x3, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x2, 0x2, @perf_bp={&(0x7f0000002780), 0x1}, 0x2484, 0xfffffffffffffffb, 0x1, 0x4, 0x2, 0x2, 0x8, 0x0, 0x2, 0x0, 0x3}, 0x0, 0x3, 0xffffffffffffffff, 0x8) r1 = dup3(0xffffffffffffffff, r0, 0x0) r2 = signalfd(r0, &(0x7f00000028c0)={[0x7]}, 0x8) r3 = perf_event_open(&(0x7f0000002840)={0x4, 0x80, 0x9, 0x7f, 0xb5, 0x0, 0x0, 0x2, 0x40000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x3ff, 0x2, @perf_config_ext={0x7, 0x9}, 0x8000, 0x6, 0x1, 0x2, 0x401, 0xffffffc0, 0xff, 0x0, 0xcd53, 0x0, 0x9b}, 0x0, 0x3, r2, 0x0) r4 = openat$zero(0xffffffffffffff9c, &(0x7f0000002900), 0xf08c1, 0x0) r5 = syz_open_pts(r1, 0x10180) fsconfig$FSCONFIG_SET_FD(r4, 0x5, &(0x7f0000002940)='[\x00', 0x0, r5) syz_io_uring_setup(0x7adc, &(0x7f0000002980)={0x0, 0xac13, 0x0, 0x0, 0x2f8, 0x0, r2}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x2000)=nil, &(0x7f0000002a00), &(0x7f0000002a40)=0x0) syz_io_uring_submit(0x0, r6, &(0x7f0000002a80)=@IORING_OP_FADVISE={0x18, 0x4, 0x0, @fd_index=0x1, 0xc8, 0x0, 0xffff, 0x2, 0x1}, 0x167) mmap(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x1, 0x10, r3, 0xdeae5000) ioctl$PIO_UNISCRNMAP(r1, 0x4b6a, &(0x7f0000002ac0)="0b6a05d0dea63ebeac16bb77ec6818cebdea3d5184ceda6d99c99379c947ce81090cb56ca76c29d18a45a9d2a6f3f01a2231ae6ae4ff2586a930abc3b4e812b8fee4acbd03973401e347") r7 = open(&(0x7f0000002b40)='./file0\x00', 0xc3, 0x180) ioctl$SNAPSHOT_UNFREEZE(r7, 0x3302) write$binfmt_aout(0xffffffffffffffff, &(0x7f0000002b80)={{0x108, 0x1, 0x3, 0x32d, 0xdc, 0x4, 0x3a7, 0x7fff}, "4108b254f109133e66c1378c7d49d31628215bf9fc5dce940d3a7017d1e67332c27dee8457d4a4b995a604d939773212f7131b4fede3460f5f0a863db122e8d39a6bd4628ed9b7e43137677520be526e05f86123044164c8fb6d2db1aa670845c910e044d5335ab2835ecca51e89208b488d7c201824abec6056014ae0502a2e150ad7813a786de2ddad8378fbe98b1419c0a6f677d2853fda147195d4665e8fc73cc19a462af27405e9ea9bbe664d8e2f788d3420323ebf8ba8b022b97ef17025ce924d209978d953d456f829", ['\x00', '\x00', '\x00', '\x00']}, 0x4ed) r8 = openat$incfs(r2, &(0x7f0000003080)='.pending_reads\x00', 0x800, 0x0) waitid$P_PIDFD(0x3, r8, 0x0, 0x2, 0x0) sendmsg$TIPC_NL_BEARER_ADD(r4, &(0x7f0000003240)={&(0x7f00000030c0)={0x10, 0x0, 0x0, 0x50cb6b48cdbcd2e4}, 0xc, &(0x7f0000003200)={&(0x7f0000003140)={0x90, 0x0, 0x20, 0x70bd29, 0x25dfdbfb, {}, [@TIPC_NLA_NET={0x34, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_NODEID={0xc, 0x3, 0x11}, @TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0xaf3}, @TIPC_NLA_NET_NODEID={0xc, 0x3, 0x3ff}, @TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x760}]}, @TIPC_NLA_NET={0x20, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_NODEID={0xc, 0x3, 0x5}, @TIPC_NLA_NET_ID={0x8, 0x1, 0x3}, @TIPC_NLA_NET_ID={0x8, 0x1, 0x8}]}, @TIPC_NLA_SOCK={0x14, 0x2, 0x0, 0x1, [@TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0x2}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}]}, @TIPC_NLA_PUBL={0x14, 0x3, 0x0, 0x1, [@TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0x9}, @TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x5a346d0e}]}]}, 0x90}, 0x1, 0x0, 0x0, 0x20000000}, 0x480c0) [ 76.927797] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 76.931149] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 76.932677] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 76.945769] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 76.950206] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 76.951641] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 76.957435] Bluetooth: hci0: HCI_REQ-0x0c1a [ 76.978878] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 76.980715] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 76.983793] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 76.987606] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 76.998519] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 77.005313] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 77.015424] Bluetooth: hci1: HCI_REQ-0x0c1a [ 77.051902] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 77.063680] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 77.070507] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 77.073014] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 77.074536] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 77.075878] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 77.078543] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 77.080969] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 77.082192] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 77.084275] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 77.087228] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 77.088342] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 77.090202] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 77.092191] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 77.093557] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 77.097817] Bluetooth: hci4: HCI_REQ-0x0c1a [ 77.097830] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 77.103480] Bluetooth: hci2: HCI_REQ-0x0c1a [ 77.118503] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 77.135901] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 77.147755] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 77.147800] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 77.151370] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 77.152460] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 77.155027] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 77.160995] Bluetooth: hci3: HCI_REQ-0x0c1a [ 77.170467] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 77.173408] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 77.174603] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 77.177423] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 77.179562] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 77.180410] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 77.181674] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 77.186013] Bluetooth: hci7: HCI_REQ-0x0c1a [ 77.212496] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 77.213274] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 77.214352] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 77.214475] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 77.216386] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 77.219079] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 77.221220] Bluetooth: hci6: HCI_REQ-0x0c1a [ 77.247011] Bluetooth: hci5: HCI_REQ-0x0c1a [ 79.016554] Bluetooth: hci0: command 0x0409 tx timeout [ 79.081954] Bluetooth: hci1: command 0x0409 tx timeout [ 79.144097] Bluetooth: hci2: command 0x0409 tx timeout [ 79.144168] Bluetooth: hci4: command 0x0409 tx timeout [ 79.208040] Bluetooth: hci3: command 0x0409 tx timeout [ 79.209026] Bluetooth: hci7: command 0x0409 tx timeout [ 79.272031] Bluetooth: hci5: command 0x0409 tx timeout [ 79.272089] Bluetooth: hci6: command 0x0409 tx timeout [ 81.064105] Bluetooth: hci0: command 0x041b tx timeout [ 81.127996] Bluetooth: hci1: command 0x041b tx timeout [ 81.192023] Bluetooth: hci4: command 0x041b tx timeout [ 81.192767] Bluetooth: hci2: command 0x041b tx timeout [ 81.256132] Bluetooth: hci7: command 0x041b tx timeout [ 81.256865] Bluetooth: hci3: command 0x041b tx timeout [ 81.320177] Bluetooth: hci5: command 0x041b tx timeout [ 81.320998] Bluetooth: hci6: command 0x041b tx timeout [ 83.112034] Bluetooth: hci0: command 0x040f tx timeout [ 83.176039] Bluetooth: hci1: command 0x040f tx timeout [ 83.240047] Bluetooth: hci2: command 0x040f tx timeout [ 83.240796] Bluetooth: hci4: command 0x040f tx timeout [ 83.304012] Bluetooth: hci3: command 0x040f tx timeout [ 83.304737] Bluetooth: hci7: command 0x040f tx timeout [ 83.368012] Bluetooth: hci6: command 0x040f tx timeout [ 83.368746] Bluetooth: hci5: command 0x040f tx timeout [ 85.160037] Bluetooth: hci0: command 0x0419 tx timeout [ 85.224044] Bluetooth: hci1: command 0x0419 tx timeout [ 85.289001] Bluetooth: hci4: command 0x0419 tx timeout [ 85.289565] Bluetooth: hci2: command 0x0419 tx timeout [ 85.351993] Bluetooth: hci7: command 0x0419 tx timeout [ 85.352526] Bluetooth: hci3: command 0x0419 tx timeout [ 85.415993] Bluetooth: hci5: command 0x0419 tx timeout [ 85.416511] Bluetooth: hci6: command 0x0419 tx timeout 18:57:48 executing program 5: r0 = socket$inet6(0xa, 0x1, 0x0) setsockopt$inet6_IPV6_DSTOPTS(r0, 0x29, 0x3b, &(0x7f0000000080), 0x8) setsockopt$inet6_IPV6_HOPOPTS(r0, 0x29, 0x3b, &(0x7f00000000c0)={0x11, 0x0, '\x00', [@generic={0x1, 0x0, "f467e68725c2bb2196352392677adb0d60b41e29a35b8c717d0363c4ac280f78c5c77185ef0ede04c993e220ddd3e61380a55da55fd3f5237d29701479f0996cc7477b2bcc1644d044b8f8a59975b7a38afbdcb9cea1d35ba472027b00cd86c975ea282d40eabc"}, @hao={0xc9, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}]}, 0x25) 18:57:49 executing program 5: r0 = syz_genetlink_get_family_id$tipc2(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$TIPC_NL_PUBL_GET(0xffffffffffffffff, &(0x7f00000003c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000380)={&(0x7f0000000100)={0x270, r0, 0x0, 0x70bd2a, 0x25dfdbfd, {}, [@TIPC_NLA_SOCK={0x64, 0x2, 0x0, 0x1, [@TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0x80000000}, @TIPC_NLA_SOCK_CON={0x54, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_FLAG={0x8, 0x1, 0x4}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x1}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x4}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x7}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x5}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x7f}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0xfffffff7}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x1ba}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x1}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x6}]}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}]}, @TIPC_NLA_MON={0x14, 0x9, 0x0, 0x1, [@TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x8000}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x5}]}, @TIPC_NLA_LINK={0x24, 0x4, 0x0, 0x1, [@TIPC_NLA_LINK_NAME={0x13, 0x1, 'broadcast-link\x00'}, @TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz1\x00'}]}, @TIPC_NLA_NET={0x20, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_ID={0x8, 0x1, 0x7f}, @TIPC_NLA_NET_NODEID={0xc, 0x3, 0x3}, @TIPC_NLA_NET_ID={0x8, 0x1, 0x37}]}, @TIPC_NLA_MEDIA={0x38, 0x5, 0x0, 0x1, [@TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'udp\x00'}, @TIPC_NLA_MEDIA_NAME={0x7, 0x1, 'ib\x00'}, @TIPC_NLA_MEDIA_NAME={0x7, 0x1, 'ib\x00'}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'udp\x00'}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'udp\x00'}, @TIPC_NLA_MEDIA_PROP={0xc, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x97c8}]}]}, @TIPC_NLA_LINK={0x44, 0x4, 0x0, 0x1, [@TIPC_NLA_LINK_PROP={0x3c, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x7}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x1}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x16}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x9}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x8001}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x63}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1}]}, @TIPC_NLA_LINK_PROP={0x4}]}, @TIPC_NLA_LINK={0xe4, 0x4, 0x0, 0x1, [@TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz1\x00'}, @TIPC_NLA_LINK_PROP={0x4c, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x16}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0xfffff801}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x3}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x7}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x7ff}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x9}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xc}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x81}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x4}]}, @TIPC_NLA_LINK_PROP={0x4c, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x2}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x11}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x3}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x1}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x8}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x2}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xb}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x400}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x8}]}, @TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz1\x00'}, @TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz0\x00'}, @TIPC_NLA_LINK_PROP={0x24, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x6}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x7}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x7d}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x3}]}]}, @TIPC_NLA_LINK={0x40, 0x4, 0x0, 0x1, [@TIPC_NLA_LINK_PROP={0x3c, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x2}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x7}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x8}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x5021}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x2}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x5}]}]}]}, 0x270}, 0x1, 0x0, 0x0, 0xc050}, 0x4000) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$NL80211_CMD_REQ_SET_REG(r1, &(0x7f0000000000)={0x0, 0xffffffffffffff21, &(0x7f00000004c0)={&(0x7f0000000700)={0x1c, r2, 0x1, 0x0, 0x0, {}, [@NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'bb\x00'}]}, 0x1c}}, 0x0) 18:57:49 executing program 5: r0 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) setsockopt$sock_int(r0, 0x1, 0x2b, &(0x7f00000000c0), 0x4) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), 0xffffffffffffffff) r1 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r1, &(0x7f0000000380)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000600)=ANY=[@ANYBLOB="0401000010000100000000000000000000000000000000000000000000000000e000000100000000000000000000000000000000000000000200000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="00000000000000000000000000000000000000003c000000fe88000000000000000000000000000100000000000000000000000000000000000000000000000900000000000000000095daef31c76488764f02ae00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0000001e29934a8bfca15b14000e00ac1e000100"], 0x104}}, 0x0) r2 = signalfd4(0xffffffffffffffff, &(0x7f0000000340), 0x8, 0x0) signalfd4(r2, &(0x7f00000007c0)={[0xa62]}, 0x8, 0x80000) r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$NL80211_CMD_GET_REG(r2, &(0x7f0000000180)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x28, r3, 0x100, 0x70bd2b, 0x25dfdbff, {}, [@NL80211_ATTR_DFS_REGION={0x5, 0x92, 0x20}, @NL80211_ATTR_SOCKET_OWNER={0x4}, @NL80211_ATTR_DFS_REGION={0x5, 0x92, 0x15}]}, 0x28}, 0x1, 0x0, 0x0, 0x24000000}, 0x4008001) [ 129.840541] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.5'. [ 129.879321] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.5'. 18:57:49 executing program 5: ioctl$EXT4_IOC_GET_ES_CACHE(0xffffffffffffffff, 0xc020662a, &(0x7f0000000180)=ANY=[@ANYBLOB="00000000000000000900000000000000040022aab5a5c19ccc100000fdffffff020000000000000001000000000000000700000016f82b1ab6ebaadd00000000000000000000000000000000000000000000000000000000000000000000000001000000000000000010000000000000010000000000000000000000000000000000000000000000800400"/152]) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x3, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0xb220}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) fallocate(r0, 0x0, 0x0, 0x87ffffc) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) r2 = getpid() r3 = gettid() rt_tgsigqueueinfo(r2, r3, 0x0, &(0x7f0000000000)={0x0, 0x0, 0x6}) get_robust_list(r2, &(0x7f00000005c0)=&(0x7f0000000580)={&(0x7f0000000540)={&(0x7f0000000340)}}, &(0x7f0000000600)=0x18) perf_event_open(0x0, r3, 0xb, 0xffffffffffffffff, 0xb) sendmsg$IPCTNL_MSG_CT_DELETE(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000800)=ANY=[@ANYBLOB="1c0000000201010200000000000000000202000008001a40000000003a3e542a333d5d2fbfc41c2a1ec3ab6a9d700e3025fd0ef2a7ea99265fe27afa1d8992a2eeb358651aa5eb43f4597d7ddd01b42729df2d75bc250c06f8c1f337bc65e07d69c151693119623da895c3b72c235a3ca657b3dea436c7a69b5abf6acdf362faf13bdf6c0f3df0e42eb88c4e693781c65d1dbe3bdfa6a83624b18491ede1b480a93226bea675b25784ae28ae2373dcb1c4968fe6f4e5cd108e42ef8bdf364b697e91b2b546a2b528299929bfa256c876a1e410ae03a24c7036417c7f109e706a95eb45c766c690c7445eab1cbd071ba55685b10fcea5041b2f74f98fe84ff60c04881ef4e919915f9d26715356d806edfcccb3b3cb9cf1a6f8bd691c5b3b7aab7aae72381cf5933050c263afce0ed800000080000000004fa8eea1826f56b44ea4eb8c96e456aca1c195d4034f6f1e0cfa70ef4ff1dcf3edaa9c95262b44faba986dd564795b15b0f693ca9e1222bc21f86d59c86da7146630563aaa24e26153551c9ca6df8a06ca4aa2632c58eb579c0f7b7b8b96bd424ec892151010d9a365d4634163b9802a96601143534919f5dfdc26dd0ba83300000000"], 0x1c}}, 0x0) openat$sr(0xffffffffffffff9c, &(0x7f0000000140), 0xd40, 0x0) r4 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$VT_WAITACTIVE(r4, 0x5607) [ 130.041807] audit: type=1400 audit(1664737069.933:7): avc: denied { open } for pid=3738 comm="syz-executor.5" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 [ 130.046359] audit: type=1400 audit(1664737069.933:8): avc: denied { kernel } for pid=3738 comm="syz-executor.5" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 [ 130.055631] ------------[ cut here ]------------ [ 130.055655] [ 130.055659] ====================================================== [ 130.055662] WARNING: possible circular locking dependency detected [ 130.055667] 6.0.0-rc7-next-20220930 #1 Not tainted [ 130.055673] ------------------------------------------------------ [ 130.055677] syz-executor.5/3739 is trying to acquire lock: [ 130.055683] ffffffff853faab8 ((console_sem).lock){....}-{2:2}, at: down_trylock+0xe/0x70 [ 130.055725] [ 130.055725] but task is already holding lock: [ 130.055728] ffff88800dab4c20 (&ctx->lock){....}-{2:2}, at: __perf_event_task_sched_out+0x53b/0x18d0 [ 130.055755] [ 130.055755] which lock already depends on the new lock. [ 130.055755] [ 130.055758] [ 130.055758] the existing dependency chain (in reverse order) is: [ 130.055762] [ 130.055762] -> #3 (&ctx->lock){....}-{2:2}: [ 130.055775] _raw_spin_lock+0x2a/0x40 [ 130.055787] __perf_event_task_sched_out+0x53b/0x18d0 [ 130.055798] __schedule+0xedd/0x2470 [ 130.055812] schedule+0xda/0x1b0 [ 130.055825] exit_to_user_mode_prepare+0x114/0x1a0 [ 130.055838] syscall_exit_to_user_mode+0x19/0x40 [ 130.055851] do_syscall_64+0x48/0x90 [ 130.055869] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 130.055881] [ 130.055881] -> #2 (&rq->__lock){-.-.}-{2:2}: [ 130.055895] _raw_spin_lock_nested+0x30/0x40 [ 130.055905] raw_spin_rq_lock_nested+0x1e/0x30 [ 130.055922] task_fork_fair+0x63/0x4d0 [ 130.055938] sched_cgroup_fork+0x3d0/0x540 [ 130.055952] copy_process+0x4183/0x6e20 [ 130.055963] kernel_clone+0xe7/0x890 [ 130.055973] user_mode_thread+0xad/0xf0 [ 130.055983] rest_init+0x24/0x250 [ 130.055995] arch_call_rest_init+0xf/0x14 [ 130.056012] start_kernel+0x4c6/0x4eb [ 130.056027] secondary_startup_64_no_verify+0xe0/0xeb [ 130.056041] [ 130.056041] -> #1 (&p->pi_lock){-.-.}-{2:2}: [ 130.056055] _raw_spin_lock_irqsave+0x39/0x60 [ 130.056066] try_to_wake_up+0xab/0x1930 [ 130.056078] up+0x75/0xb0 [ 130.056092] __up_console_sem+0x6e/0x80 [ 130.056109] console_unlock+0x46a/0x590 [ 130.056125] vprintk_emit+0x1bd/0x560 [ 130.056140] vprintk+0x84/0xa0 [ 130.056156] _printk+0xba/0xf1 [ 130.056168] kauditd_hold_skb.cold+0x3f/0x4e [ 130.056185] kauditd_send_queue+0x233/0x290 [ 130.056200] kauditd_thread+0x5f9/0x9c0 [ 130.056214] kthread+0x2ed/0x3a0 [ 130.056228] ret_from_fork+0x22/0x30 [ 130.056240] [ 130.056240] -> #0 ((console_sem).lock){....}-{2:2}: [ 130.056253] __lock_acquire+0x2a02/0x5e70 [ 130.056270] lock_acquire+0x1a2/0x530 [ 130.056286] _raw_spin_lock_irqsave+0x39/0x60 [ 130.056297] down_trylock+0xe/0x70 [ 130.056311] __down_trylock_console_sem+0x3b/0xd0 [ 130.056327] vprintk_emit+0x16b/0x560 [ 130.056343] vprintk+0x84/0xa0 [ 130.056358] _printk+0xba/0xf1 [ 130.056369] report_bug.cold+0x72/0xab [ 130.056384] handle_bug+0x3c/0x70 [ 130.056401] exc_invalid_op+0x14/0x50 [ 130.056417] asm_exc_invalid_op+0x16/0x20 [ 130.056429] group_sched_out.part.0+0x2c7/0x460 [ 130.056447] ctx_sched_out+0x8f1/0xc10 [ 130.056464] __perf_event_task_sched_out+0x6d0/0x18d0 [ 130.056475] __schedule+0xedd/0x2470 [ 130.056488] schedule+0xda/0x1b0 [ 130.056501] exit_to_user_mode_prepare+0x114/0x1a0 [ 130.056512] syscall_exit_to_user_mode+0x19/0x40 [ 130.056524] do_syscall_64+0x48/0x90 [ 130.056540] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 130.056553] [ 130.056553] other info that might help us debug this: [ 130.056553] [ 130.056555] Chain exists of: [ 130.056555] (console_sem).lock --> &rq->__lock --> &ctx->lock [ 130.056555] [ 130.056570] Possible unsafe locking scenario: [ 130.056570] [ 130.056573] CPU0 CPU1 [ 130.056575] ---- ---- [ 130.056577] lock(&ctx->lock); [ 130.056583] lock(&rq->__lock); [ 130.056589] lock(&ctx->lock); [ 130.056595] lock((console_sem).lock); [ 130.056601] [ 130.056601] *** DEADLOCK *** [ 130.056601] [ 130.056603] 2 locks held by syz-executor.5/3739: [ 130.056610] #0: ffff88806ce37e98 (&rq->__lock){-.-.}-{2:2}, at: __schedule+0x1cf/0x2470 [ 130.056639] #1: ffff88800dab4c20 (&ctx->lock){....}-{2:2}, at: __perf_event_task_sched_out+0x53b/0x18d0 [ 130.056665] [ 130.056665] stack backtrace: [ 130.056668] CPU: 0 PID: 3739 Comm: syz-executor.5 Not tainted 6.0.0-rc7-next-20220930 #1 [ 130.056680] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 130.056689] Call Trace: [ 130.056692] [ 130.056697] dump_stack_lvl+0x8b/0xb3 [ 130.056715] check_noncircular+0x263/0x2e0 [ 130.056731] ? format_decode+0x26c/0xb50 [ 130.056747] ? print_circular_bug+0x450/0x450 [ 130.056764] ? simple_strtoul+0x30/0x30 [ 130.056780] ? format_decode+0x26c/0xb50 [ 130.056797] ? alloc_chain_hlocks+0x1ec/0x5a0 [ 130.056814] __lock_acquire+0x2a02/0x5e70 [ 130.056836] ? lockdep_hardirqs_on_prepare+0x410/0x410 [ 130.056858] lock_acquire+0x1a2/0x530 [ 130.056874] ? down_trylock+0xe/0x70 [ 130.056891] ? lock_release+0x750/0x750 [ 130.056912] ? vprintk+0x84/0xa0 [ 130.056929] _raw_spin_lock_irqsave+0x39/0x60 [ 130.056940] ? down_trylock+0xe/0x70 [ 130.056956] down_trylock+0xe/0x70 [ 130.056972] ? vprintk+0x84/0xa0 [ 130.056988] __down_trylock_console_sem+0x3b/0xd0 [ 130.057006] vprintk_emit+0x16b/0x560 [ 130.057024] vprintk+0x84/0xa0 [ 130.057041] _printk+0xba/0xf1 [ 130.057053] ? record_print_text.cold+0x16/0x16 [ 130.057069] ? report_bug.cold+0x66/0xab [ 130.057086] ? group_sched_out.part.0+0x2c7/0x460 [ 130.057104] report_bug.cold+0x72/0xab [ 130.057123] handle_bug+0x3c/0x70 [ 130.057143] exc_invalid_op+0x14/0x50 [ 130.057163] asm_exc_invalid_op+0x16/0x20 [ 130.057176] RIP: 0010:group_sched_out.part.0+0x2c7/0x460 [ 130.057196] Code: 5e 41 5f e9 8b ae ef ff e8 86 ae ef ff 65 8b 1d 0b 18 ac 7e 31 ff 89 de e8 26 ab ef ff 85 db 0f 84 8a 00 00 00 e8 69 ae ef ff <0f> 0b e9 a5 fe ff ff e8 5d ae ef ff 48 8d 7d 10 48 b8 00 00 00 00 [ 130.057207] RSP: 0018:ffff88800d607c48 EFLAGS: 00010006 [ 130.057216] RAX: 0000000040000002 RBX: 0000000000000000 RCX: 0000000000000000 [ 130.057224] RDX: ffff88803e491ac0 RSI: ffffffff81565dc7 RDI: 0000000000000005 [ 130.057232] RBP: ffff8880086605c8 R08: 0000000000000005 R09: 0000000000000001 [ 130.057239] R10: 0000000000000000 R11: ffffffff865b401b R12: ffff88800dab4c00 [ 130.057247] R13: ffff88806ce3d2c0 R14: ffffffff8547d000 R15: 0000000000000002 [ 130.057257] ? group_sched_out.part.0+0x2c7/0x460 [ 130.057277] ? group_sched_out.part.0+0x2c7/0x460 [ 130.057297] ctx_sched_out+0x8f1/0xc10 [ 130.057316] __perf_event_task_sched_out+0x6d0/0x18d0 [ 130.057330] ? lock_is_held_type+0xd7/0x130 [ 130.057344] ? __perf_cgroup_move+0x160/0x160 [ 130.057355] ? set_next_entity+0x304/0x550 [ 130.057372] ? update_curr+0x267/0x740 [ 130.057391] ? lock_is_held_type+0xd7/0x130 [ 130.057405] __schedule+0xedd/0x2470 [ 130.057421] ? io_schedule_timeout+0x150/0x150 [ 130.057438] ? rcu_read_lock_sched_held+0x3e/0x80 [ 130.057459] schedule+0xda/0x1b0 [ 130.057474] exit_to_user_mode_prepare+0x114/0x1a0 [ 130.057486] syscall_exit_to_user_mode+0x19/0x40 [ 130.057499] do_syscall_64+0x48/0x90 [ 130.057517] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 130.057530] RIP: 0033:0x7fa3c8d81b19 [ 130.057538] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 130.057549] RSP: 002b:00007fa3c62f7218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 130.057559] RAX: 0000000000000001 RBX: 00007fa3c8e94f68 RCX: 00007fa3c8d81b19 [ 130.057566] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007fa3c8e94f6c [ 130.057574] RBP: 00007fa3c8e94f60 R08: 000000000000000e R09: 0000000000000000 [ 130.057581] R10: 0000000000000003 R11: 0000000000000246 R12: 00007fa3c8e94f6c [ 130.057588] R13: 00007ffd1ed7943f R14: 00007fa3c62f7300 R15: 0000000000022000 [ 130.057600] [ 130.113553] WARNING: CPU: 0 PID: 3739 at kernel/events/core.c:2309 group_sched_out.part.0+0x2c7/0x460 [ 130.114234] Modules linked in: [ 130.114484] CPU: 0 PID: 3739 Comm: syz-executor.5 Not tainted 6.0.0-rc7-next-20220930 #1 [ 130.115075] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 130.115904] RIP: 0010:group_sched_out.part.0+0x2c7/0x460 [ 130.116313] Code: 5e 41 5f e9 8b ae ef ff e8 86 ae ef ff 65 8b 1d 0b 18 ac 7e 31 ff 89 de e8 26 ab ef ff 85 db 0f 84 8a 00 00 00 e8 69 ae ef ff <0f> 0b e9 a5 fe ff ff e8 5d ae ef ff 48 8d 7d 10 48 b8 00 00 00 00 [ 130.117657] RSP: 0018:ffff88800d607c48 EFLAGS: 00010006 [ 130.118048] RAX: 0000000040000002 RBX: 0000000000000000 RCX: 0000000000000000 [ 130.118584] RDX: ffff88803e491ac0 RSI: ffffffff81565dc7 RDI: 0000000000000005 [ 130.119103] RBP: ffff8880086605c8 R08: 0000000000000005 R09: 0000000000000001 [ 130.119628] R10: 0000000000000000 R11: ffffffff865b401b R12: ffff88800dab4c00 [ 130.120163] R13: ffff88806ce3d2c0 R14: ffffffff8547d000 R15: 0000000000000002 [ 130.120688] FS: 00007fa3c62f7700(0000) GS:ffff88806ce00000(0000) knlGS:0000000000000000 [ 130.121281] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 130.121712] CR2: 00007faf3f695260 CR3: 000000003f56c000 CR4: 0000000000350ef0 [ 130.122233] Call Trace: [ 130.122427] [ 130.122604] ctx_sched_out+0x8f1/0xc10 [ 130.122901] __perf_event_task_sched_out+0x6d0/0x18d0 [ 130.123288] ? lock_is_held_type+0xd7/0x130 [ 130.123616] ? __perf_cgroup_move+0x160/0x160 [ 130.123955] ? set_next_entity+0x304/0x550 [ 130.124277] ? update_curr+0x267/0x740 [ 130.124578] ? lock_is_held_type+0xd7/0x130 [ 130.124907] __schedule+0xedd/0x2470 [ 130.125193] ? io_schedule_timeout+0x150/0x150 [ 130.125546] ? rcu_read_lock_sched_held+0x3e/0x80 [ 130.125913] schedule+0xda/0x1b0 [ 130.126181] exit_to_user_mode_prepare+0x114/0x1a0 [ 130.126561] syscall_exit_to_user_mode+0x19/0x40 [ 130.126917] do_syscall_64+0x48/0x90 [ 130.127202] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 130.127590] RIP: 0033:0x7fa3c8d81b19 [ 130.127872] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 130.129195] RSP: 002b:00007fa3c62f7218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 130.129757] RAX: 0000000000000001 RBX: 00007fa3c8e94f68 RCX: 00007fa3c8d81b19 [ 130.130276] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007fa3c8e94f6c [ 130.130816] RBP: 00007fa3c8e94f60 R08: 000000000000000e R09: 0000000000000000 [ 130.131334] R10: 0000000000000003 R11: 0000000000000246 R12: 00007fa3c8e94f6c [ 130.131864] R13: 00007ffd1ed7943f R14: 00007fa3c62f7300 R15: 0000000000022000 [ 130.132403] [ 130.132582] irq event stamp: 802 [ 130.132832] hardirqs last enabled at (801): [] exit_to_user_mode_prepare+0x109/0x1a0 [ 130.133514] hardirqs last disabled at (802): [] __schedule+0x1225/0x2470 [ 130.134118] softirqs last enabled at (502): [] __irq_exit_rcu+0x11b/0x180 [ 130.134753] softirqs last disabled at (319): [] __irq_exit_rcu+0x11b/0x180 [ 130.135383] ---[ end trace 0000000000000000 ]--- 18:57:50 executing program 5: ioctl$SCSI_IOCTL_DOORUNLOCK(0xffffffffffffffff, 0x5381) r0 = socket$netlink(0x10, 0x3, 0x0) bind$netlink(r0, &(0x7f0000000280)={0x10, 0x0, 0x25dfdbfb, 0x400000}, 0xc) r1 = socket$netlink(0x10, 0x3, 0x0) bind$netlink(r1, &(0x7f0000000280)={0x10, 0x0, 0x25dfdbfb}, 0xc) 18:57:50 executing program 5: ioctl$AUTOFS_DEV_IOCTL_OPENMOUNT(0xffffffffffffffff, 0xc0189374, &(0x7f0000000000)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0xcb}}, './file0\x00'}) sendmsg$BATADV_CMD_GET_TRANSTABLE_LOCAL(r0, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x34, 0x0, 0x200, 0x70bd26, 0x25dfdbfe, {}, [@BATADV_ATTR_MESH_IFINDEX={0x8}, @BATADV_ATTR_TPMETER_TEST_TIME={0x8, 0xb, 0x101}, @BATADV_ATTR_NETWORK_CODING_ENABLED={0x5, 0x38, 0x1}, @BATADV_ATTR_BRIDGE_LOOP_AVOIDANCE_ENABLED={0x5}]}, 0x34}, 0x1, 0x0, 0x0, 0x480c0}, 0x40084) pipe2(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}, 0x4800) r2 = signalfd4(0xffffffffffffffff, &(0x7f0000000340), 0x8, 0x0) signalfd4(r2, &(0x7f00000007c0)={[0xa62]}, 0x8, 0x80000) ioctl$AUTOFS_DEV_IOCTL_OPENMOUNT(r2, 0xc0189374, &(0x7f00000005c0)=ANY=[@ANYBLOB="0100000001000000180000000600ce2abe7dff9f57274b43f1353697b34407715cdeb34fc91d21b36b05ab8e6849a60addf84907fea1d83f32ea8c047c2c9fcf81c09ab68e7ca44455c5a39613d2f427d25cd959487cd7dfcb465ea1cdf12da351f482ba4d373a590a168a483df324dfcbd87f059fd023fe84b20e4fbfedb5a8fac5f42be332abe17c09562ec2956f74f4434131b4a6c07e3b1d629a89eea1554c9b375e9a2c11af9824f75d8d023a024b68bee4a8c73318c168fe2427b4eff26aab7cb35e5ce0fef0ad17", @ANYRES32=r1, @ANYBLOB="0100ee2da88e0fd124a200000200800000"]) syz_genetlink_get_family_id$mptcp(&(0x7f0000000140), r2) 18:57:50 executing program 5: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) syz_io_uring_setup(0x46ad, &(0x7f0000000180)={0x0, 0x0, 0x20, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffb000/0x2000)=nil, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000240)) syz_io_uring_setup(0xeaf, &(0x7f0000000140), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000000100)=0x0, &(0x7f0000000080)=0x0) r4 = socket$inet_udp(0x2, 0x2, 0x0) syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r4, 0x8001, &(0x7f00000008c0)=[{0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}], 0x9}, 0x0) r5 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/sunrpc', 0x8900, 0x14f) syz_io_uring_submit(r1, r3, &(0x7f0000000300)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r5, 0x0, &(0x7f00000002c0)={&(0x7f0000000080)=@hci, 0x80, &(0x7f0000000280)=[{&(0x7f0000000100)=""/114, 0x72}], 0x1}, 0x0, 0x3101, 0x1, {0x3}}, 0x81) 18:57:50 executing program 5: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{0x0, 0x0, 0x1e0}, {&(0x7f00000000c0)="f8fffffff0ff0564532eb260000000000000", 0x12, 0x8}], 0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="f853007c4b01000000c2e74259e363bba2268c933a03d763b410d0e22dbe3c8d8a2d154ecf1a2b24ff06e6dd98e2491b89170ef3021d6f79fad827602d49940800e664cc9577fec08b"]) bind$unix(0xffffffffffffffff, &(0x7f0000000140)=@abs={0x1, 0x0, 0x4e24}, 0x6e) [ 130.901061] loop5: detected capacity change from 0 to 1 [ 130.902858] FAT-fs (loop5): Unrecognized mount option "øS" or missing value [ 130.917580] loop5: detected capacity change from 0 to 1 [ 130.918549] FAT-fs (loop5): Unrecognized mount option "øS" or missing value [ 132.142497] loop7: detected capacity change from 0 to 16383 [ 132.144124] ======================================================= [ 132.144124] WARNING: The mand mount option has been deprecated and [ 132.144124] and is ignored by this kernel. Remove the mand [ 132.144124] option from the mount to silence this warning. [ 132.144124] ======================================================= [ 132.154674] syz-executor.7 uses obsolete (PF_INET,SOCK_PACKET) [ 132.158588] loop7: detected capacity change from 0 to 16383 [ 132.825813] loop2: detected capacity change from 0 to 45 [ 132.833129] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 132.841553] loop2: detected capacity change from 0 to 113 [ 132.842652] ext2: Unknown parameter 'fowner<00000000000000000000' [ 132.851684] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 132.895969] loop2: detected capacity change from 0 to 45 [ 132.900764] loop2: detected capacity change from 0 to 113 [ 132.901510] ext2: Unknown parameter 'fowner<00000000000000000000' VM DIAGNOSIS: 18:57:50 Registers: info registers vcpu 0 RAX=0000000000000064 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff823bb0f1 RDI=ffffffff8765a9a0 RBP=ffffffff8765a960 RSP=ffff88800d607690 R8 =0000000000000001 R9 =000000000000000a R10=0000000000000064 R11=0000000000000001 R12=0000000000000064 R13=ffffffff8765a960 R14=0000000000000010 R15=ffffffff823bb0e0 RIP=ffffffff823bb149 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 00007fa3c62f7700 00000000 00000000 GS =0000 ffff88806ce00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007faf3f695260 CR3=000000003f56c000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 YMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM01=0000000000000000 0000000000000000 00007fa3c8e687c0 00007fa3c8e687c8 YMM02=0000000000000000 0000000000000000 00007fa3c8e687e0 00007fa3c8e687c0 YMM03=0000000000000000 0000000000000000 00007fa3c8e687c8 00007fa3c8e687c0 YMM04=0000000000000000 0000000000000000 0000000000000009 0000000000000000 YMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000480 YMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM07=0000000000000000 0000000000000000 0000000000000001 0000000000001000 YMM08=0000000000000000 0000000000000000 0000000000000001 0000000000000000 YMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 RAX=0000000000000000 RBX=0000000000000255 RCX=ffffffff8169ec0b RDX=ffff88803e47d040 RSI=0000000000000000 RDI=0000000000000001 RBP=ffff888009742750 RSP=ffff88801ddb7e68 R8 =0000000000000001 R9 =0000000000000000 R10=0000000000000000 R11=0000000000000001 R12=0000000000000000 R13=00007fd476347000 R14=0000000000000040 R15=ffff888009742770 RIP=ffffffff814607cc RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0000 0000000000000000 00000000 00000000 DS =0000 0000000000000000 00000000 00000000 FS =0000 00007fd475e7a540 00000000 00000000 GS =0000 ffff88806cf00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007fd476347000 CR3=000000003e41e000 CR4=00350ee0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 YMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM01=0000000000000000 0000000000000000 ffff00ffffffffff ffffffffffff00ff YMM02=0000000000000000 0000000000000000 4c4700362e322e32 5f4342494c470035 YMM03=0000000000000000 0000000000000000 0000000000000000 0000000000470035 YMM04=0000000000000000 0000000000000000 4342494c4700362e 322e325f4342494c YMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000