Warning: Permanently added '[localhost]:14498' (ECDSA) to the list of known hosts. 2022/10/02 19:49:22 fuzzer started 2022/10/02 19:49:22 dialing manager at localhost:35095 syzkaller login: [ 43.462372] cgroup: Unknown subsys name 'net' [ 43.535834] cgroup: Unknown subsys name 'rlimit' 2022/10/02 19:49:36 syscalls: 2215 2022/10/02 19:49:36 code coverage: enabled 2022/10/02 19:49:36 comparison tracing: enabled 2022/10/02 19:49:36 extra coverage: enabled 2022/10/02 19:49:36 setuid sandbox: enabled 2022/10/02 19:49:36 namespace sandbox: enabled 2022/10/02 19:49:36 Android sandbox: enabled 2022/10/02 19:49:36 fault injection: enabled 2022/10/02 19:49:36 leak checking: enabled 2022/10/02 19:49:36 net packet injection: enabled 2022/10/02 19:49:36 net device setup: enabled 2022/10/02 19:49:36 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2022/10/02 19:49:36 devlink PCI setup: PCI device 0000:00:10.0 is not available 2022/10/02 19:49:36 USB emulation: enabled 2022/10/02 19:49:36 hci packet injection: enabled 2022/10/02 19:49:36 wifi device emulation: failed to parse kernel version (6.0.0-rc7-next-20220930) 2022/10/02 19:49:36 802.15.4 emulation: enabled 2022/10/02 19:49:36 fetching corpus: 50, signal 24494/26338 (executing program) 2022/10/02 19:49:36 fetching corpus: 100, signal 32247/35786 (executing program) 2022/10/02 19:49:36 fetching corpus: 150, signal 39174/44341 (executing program) 2022/10/02 19:49:36 fetching corpus: 200, signal 49383/56000 (executing program) 2022/10/02 19:49:36 fetching corpus: 250, signal 56316/64370 (executing program) 2022/10/02 19:49:36 fetching corpus: 300, signal 60625/70112 (executing program) 2022/10/02 19:49:37 fetching corpus: 350, signal 64482/75371 (executing program) 2022/10/02 19:49:37 fetching corpus: 400, signal 68365/80614 (executing program) 2022/10/02 19:49:37 fetching corpus: 450, signal 72777/86288 (executing program) 2022/10/02 19:49:37 fetching corpus: 500, signal 74726/89613 (executing program) 2022/10/02 19:49:37 fetching corpus: 550, signal 78130/94206 (executing program) 2022/10/02 19:49:37 fetching corpus: 600, signal 80854/98134 (executing program) 2022/10/02 19:49:37 fetching corpus: 650, signal 83857/102266 (executing program) 2022/10/02 19:49:37 fetching corpus: 700, signal 86726/106246 (executing program) 2022/10/02 19:49:37 fetching corpus: 750, signal 88362/109095 (executing program) 2022/10/02 19:49:38 fetching corpus: 800, signal 91314/113135 (executing program) 2022/10/02 19:49:38 fetching corpus: 850, signal 93694/116568 (executing program) 2022/10/02 19:49:38 fetching corpus: 900, signal 95533/119504 (executing program) 2022/10/02 19:49:38 fetching corpus: 950, signal 97526/122611 (executing program) 2022/10/02 19:49:38 fetching corpus: 1000, signal 100301/126358 (executing program) 2022/10/02 19:49:38 fetching corpus: 1050, signal 103377/130293 (executing program) 2022/10/02 19:49:38 fetching corpus: 1100, signal 107228/134781 (executing program) 2022/10/02 19:49:38 fetching corpus: 1150, signal 111350/139445 (executing program) 2022/10/02 19:49:39 fetching corpus: 1200, signal 113181/142184 (executing program) 2022/10/02 19:49:39 fetching corpus: 1250, signal 114370/144389 (executing program) 2022/10/02 19:49:39 fetching corpus: 1300, signal 115602/146591 (executing program) 2022/10/02 19:49:39 fetching corpus: 1350, signal 116991/148896 (executing program) 2022/10/02 19:49:39 fetching corpus: 1400, signal 119657/152233 (executing program) 2022/10/02 19:49:39 fetching corpus: 1450, signal 121211/154652 (executing program) 2022/10/02 19:49:39 fetching corpus: 1500, signal 122310/156669 (executing program) 2022/10/02 19:49:39 fetching corpus: 1550, signal 123918/159104 (executing program) 2022/10/02 19:49:40 fetching corpus: 1600, signal 125657/161609 (executing program) 2022/10/02 19:49:40 fetching corpus: 1650, signal 126418/163290 (executing program) 2022/10/02 19:49:40 fetching corpus: 1700, signal 127531/165238 (executing program) 2022/10/02 19:49:40 fetching corpus: 1750, signal 128591/167150 (executing program) 2022/10/02 19:49:40 fetching corpus: 1800, signal 131189/170153 (executing program) 2022/10/02 19:49:40 fetching corpus: 1850, signal 132388/172103 (executing program) 2022/10/02 19:49:40 fetching corpus: 1900, signal 135425/175330 (executing program) 2022/10/02 19:49:40 fetching corpus: 1950, signal 136371/177049 (executing program) 2022/10/02 19:49:40 fetching corpus: 2000, signal 137575/178946 (executing program) 2022/10/02 19:49:41 fetching corpus: 2050, signal 138610/180662 (executing program) 2022/10/02 19:49:41 fetching corpus: 2100, signal 139132/182096 (executing program) 2022/10/02 19:49:41 fetching corpus: 2150, signal 140290/183915 (executing program) 2022/10/02 19:49:41 fetching corpus: 2200, signal 141414/185728 (executing program) 2022/10/02 19:49:41 fetching corpus: 2250, signal 142779/187712 (executing program) 2022/10/02 19:49:41 fetching corpus: 2300, signal 145847/190804 (executing program) 2022/10/02 19:49:41 fetching corpus: 2350, signal 147089/192609 (executing program) 2022/10/02 19:49:41 fetching corpus: 2400, signal 148103/194258 (executing program) 2022/10/02 19:49:42 fetching corpus: 2450, signal 149764/196340 (executing program) 2022/10/02 19:49:42 fetching corpus: 2500, signal 150632/197861 (executing program) 2022/10/02 19:49:42 fetching corpus: 2550, signal 151729/199605 (executing program) 2022/10/02 19:49:42 fetching corpus: 2600, signal 152247/200944 (executing program) 2022/10/02 19:49:42 fetching corpus: 2650, signal 152952/202347 (executing program) 2022/10/02 19:49:42 fetching corpus: 2700, signal 153940/203977 (executing program) 2022/10/02 19:49:42 fetching corpus: 2750, signal 154691/205397 (executing program) 2022/10/02 19:49:42 fetching corpus: 2800, signal 155675/206991 (executing program) 2022/10/02 19:49:42 fetching corpus: 2850, signal 156364/208298 (executing program) 2022/10/02 19:49:43 fetching corpus: 2900, signal 157453/209848 (executing program) 2022/10/02 19:49:43 fetching corpus: 2950, signal 158375/211284 (executing program) 2022/10/02 19:49:43 fetching corpus: 3000, signal 159258/212649 (executing program) 2022/10/02 19:49:43 fetching corpus: 3050, signal 160727/214400 (executing program) 2022/10/02 19:49:43 fetching corpus: 3100, signal 161812/215854 (executing program) 2022/10/02 19:49:43 fetching corpus: 3150, signal 162999/217359 (executing program) 2022/10/02 19:49:43 fetching corpus: 3200, signal 163932/218719 (executing program) 2022/10/02 19:49:44 fetching corpus: 3250, signal 165147/220222 (executing program) 2022/10/02 19:49:44 fetching corpus: 3300, signal 165661/221372 (executing program) 2022/10/02 19:49:44 fetching corpus: 3350, signal 166936/222893 (executing program) 2022/10/02 19:49:44 fetching corpus: 3400, signal 168045/224322 (executing program) 2022/10/02 19:49:44 fetching corpus: 3450, signal 169355/225838 (executing program) 2022/10/02 19:49:44 fetching corpus: 3500, signal 170587/227294 (executing program) 2022/10/02 19:49:44 fetching corpus: 3550, signal 171539/228585 (executing program) 2022/10/02 19:49:44 fetching corpus: 3600, signal 172054/229631 (executing program) 2022/10/02 19:49:44 fetching corpus: 3650, signal 172989/230822 (executing program) 2022/10/02 19:49:45 fetching corpus: 3700, signal 174389/232326 (executing program) 2022/10/02 19:49:45 fetching corpus: 3750, signal 175669/233722 (executing program) 2022/10/02 19:49:45 fetching corpus: 3800, signal 176299/234836 (executing program) 2022/10/02 19:49:45 fetching corpus: 3850, signal 176991/235957 (executing program) 2022/10/02 19:49:45 fetching corpus: 3900, signal 177962/237212 (executing program) 2022/10/02 19:49:45 fetching corpus: 3950, signal 178910/238388 (executing program) 2022/10/02 19:49:45 fetching corpus: 4000, signal 179671/239475 (executing program) 2022/10/02 19:49:46 fetching corpus: 4050, signal 180693/240694 (executing program) 2022/10/02 19:49:46 fetching corpus: 4100, signal 181480/241801 (executing program) 2022/10/02 19:49:46 fetching corpus: 4150, signal 182012/242752 (executing program) 2022/10/02 19:49:46 fetching corpus: 4200, signal 183016/243900 (executing program) 2022/10/02 19:49:46 fetching corpus: 4250, signal 183664/244902 (executing program) 2022/10/02 19:49:46 fetching corpus: 4300, signal 184322/245865 (executing program) 2022/10/02 19:49:46 fetching corpus: 4350, signal 184907/246793 (executing program) 2022/10/02 19:49:46 fetching corpus: 4400, signal 185654/247814 (executing program) 2022/10/02 19:49:47 fetching corpus: 4450, signal 186576/248862 (executing program) 2022/10/02 19:49:47 fetching corpus: 4500, signal 187130/249774 (executing program) 2022/10/02 19:49:47 fetching corpus: 4550, signal 188270/250947 (executing program) 2022/10/02 19:49:47 fetching corpus: 4600, signal 189752/252168 (executing program) 2022/10/02 19:49:47 fetching corpus: 4650, signal 190167/252979 (executing program) 2022/10/02 19:49:47 fetching corpus: 4700, signal 190781/253874 (executing program) 2022/10/02 19:49:47 fetching corpus: 4750, signal 191265/254743 (executing program) 2022/10/02 19:49:47 fetching corpus: 4800, signal 191875/255600 (executing program) 2022/10/02 19:49:48 fetching corpus: 4850, signal 192512/256476 (executing program) 2022/10/02 19:49:48 fetching corpus: 4900, signal 193117/257292 (executing program) 2022/10/02 19:49:48 fetching corpus: 4950, signal 194067/258378 (executing program) 2022/10/02 19:49:48 fetching corpus: 4997, signal 194783/259237 (executing program) 2022/10/02 19:49:48 fetching corpus: 4997, signal 194783/259868 (executing program) 2022/10/02 19:49:48 fetching corpus: 4997, signal 194783/260501 (executing program) 2022/10/02 19:49:48 fetching corpus: 4997, signal 194783/261150 (executing program) 2022/10/02 19:49:48 fetching corpus: 4997, signal 194783/261798 (executing program) 2022/10/02 19:49:48 fetching corpus: 4997, signal 194783/262449 (executing program) 2022/10/02 19:49:48 fetching corpus: 4997, signal 194783/263082 (executing program) 2022/10/02 19:49:48 fetching corpus: 4997, signal 194783/263731 (executing program) 2022/10/02 19:49:48 fetching corpus: 4997, signal 194783/264385 (executing program) 2022/10/02 19:49:48 fetching corpus: 4997, signal 194783/265031 (executing program) 2022/10/02 19:49:48 fetching corpus: 4997, signal 194783/265668 (executing program) 2022/10/02 19:49:48 fetching corpus: 4997, signal 194783/266325 (executing program) 2022/10/02 19:49:48 fetching corpus: 4997, signal 194783/266963 (executing program) 2022/10/02 19:49:48 fetching corpus: 4997, signal 194783/267632 (executing program) 2022/10/02 19:49:48 fetching corpus: 4997, signal 194783/268302 (executing program) 2022/10/02 19:49:48 fetching corpus: 4997, signal 194783/268915 (executing program) 2022/10/02 19:49:48 fetching corpus: 4997, signal 194783/269555 (executing program) 2022/10/02 19:49:48 fetching corpus: 4997, signal 194783/270209 (executing program) 2022/10/02 19:49:48 fetching corpus: 4997, signal 194783/270835 (executing program) 2022/10/02 19:49:48 fetching corpus: 4997, signal 194783/271459 (executing program) 2022/10/02 19:49:48 fetching corpus: 4997, signal 194783/272098 (executing program) 2022/10/02 19:49:48 fetching corpus: 4997, signal 194783/272765 (executing program) 2022/10/02 19:49:48 fetching corpus: 4997, signal 194783/273407 (executing program) 2022/10/02 19:49:48 fetching corpus: 4997, signal 194783/274066 (executing program) 2022/10/02 19:49:48 fetching corpus: 4997, signal 194783/274702 (executing program) 2022/10/02 19:49:48 fetching corpus: 4997, signal 194783/275370 (executing program) 2022/10/02 19:49:48 fetching corpus: 4997, signal 194783/275995 (executing program) 2022/10/02 19:49:48 fetching corpus: 4997, signal 194783/276675 (executing program) 2022/10/02 19:49:48 fetching corpus: 4997, signal 194783/277317 (executing program) 2022/10/02 19:49:48 fetching corpus: 4997, signal 194783/277959 (executing program) 2022/10/02 19:49:48 fetching corpus: 4997, signal 194783/278619 (executing program) 2022/10/02 19:49:48 fetching corpus: 4997, signal 194783/279250 (executing program) 2022/10/02 19:49:48 fetching corpus: 4997, signal 194783/279902 (executing program) 2022/10/02 19:49:48 fetching corpus: 4997, signal 194783/280533 (executing program) 2022/10/02 19:49:48 fetching corpus: 4997, signal 194783/281186 (executing program) 2022/10/02 19:49:48 fetching corpus: 4997, signal 194783/281836 (executing program) 2022/10/02 19:49:48 fetching corpus: 4997, signal 194783/282462 (executing program) 2022/10/02 19:49:48 fetching corpus: 4997, signal 194783/283107 (executing program) 2022/10/02 19:49:48 fetching corpus: 4997, signal 194783/283778 (executing program) 2022/10/02 19:49:48 fetching corpus: 4997, signal 194783/284406 (executing program) 2022/10/02 19:49:48 fetching corpus: 4997, signal 194783/285043 (executing program) 2022/10/02 19:49:48 fetching corpus: 4997, signal 194783/285672 (executing program) 2022/10/02 19:49:48 fetching corpus: 4997, signal 194783/285924 (executing program) 2022/10/02 19:49:48 fetching corpus: 4997, signal 194783/285924 (executing program) 2022/10/02 19:49:50 starting 8 fuzzer processes 19:49:50 executing program 0: r0 = openat$nvram(0xffffffffffffff9c, &(0x7f0000000000), 0x2140, 0x0) name_to_handle_at(r0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080)=@raw={0x4c, 0xfe, {"99f5a5bec07a83a22c0bb6f2c9e418a8004faa5fdcc6955b6741b489e924ecc7bbdac491eaba37a3ea5fd97f4bb63080e153fc26fcd014955a06537a1cce4fc29c96b05bce02f905a5d1b213"}}, &(0x7f0000000100), 0x0) fstatfs(r0, &(0x7f0000000140)=""/170) r1 = signalfd(r0, &(0x7f0000000200)={[0x40]}, 0x8) sendmsg$NFT_BATCH(r1, &(0x7f0000000b80)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000b40)={&(0x7f0000000280)={{0x14}, [@NFT_MSG_DELSETELEM={0x7e0, 0xe, 0xa, 0x3, 0x0, 0x0, {0x7, 0x0, 0x3}, [@NFTA_SET_ELEM_LIST_ELEMENTS={0x7c4, 0x3, 0x0, 0x1, [{0x4f4, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_FLAGS={0x8}, @NFTA_SET_ELEM_KEY={0x1b0, 0x1, 0x0, 0x1, [@NFTA_DATA_VERDICT={0x34, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz1\x00'}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffb}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xffffffffffffffff}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffb}]}, @NFTA_DATA_VALUE={0x6f, 0x1, "8523cc8b588e66d6c3f4d29f3371ae87d8ae1f8972df2dd906b5b6a30011a3233ce0502ed1b2d1432c7c9e4708320cd97a73f19994c4f871bc5c5adfc65424ac10603834a921c83881fba5e0db7c90b7176e52fc124e1afb0eb33829564bbb3d9d827eea9ef496870153a4"}, @NFTA_DATA_VERDICT={0x54, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffc}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffc}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffc}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz0\x00'}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz1\x00'}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffe}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz1\x00'}]}, @NFTA_DATA_VALUE={0xb3, 0x1, "63a04c3b14f43f7be6cc6d84957fb7f961fee7fc3ded7b7e8062e9ed1701ac79aee346eeb801b8f45376a21f6002d1046010a5713973892b4deb327f21160f4c9ecee66bb52251185c5621b1a73c7443b0bd91e4fb54e7ec71c326b32a19d7e9875949386e2600a0631f81b48bebe0edf806dabd793551dc1dde47b140524bfac3b0b79e987411db44574bf0b67ef561526552abe666aa01c09eec95a392c587b9c543a0ccc057a818b0894a0411a2"}]}, @NFTA_SET_ELEM_OBJREF={0x9, 0x9, 'syz0\x00'}, @NFTA_SET_ELEM_DATA={0x31c, 0x2, 0x0, 0x1, [@NFTA_DATA_VERDICT={0x6c, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz1\x00'}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz1\x00'}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffd}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xffffffffffffffff}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz1\x00'}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffe}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffb}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz0\x00'}]}, @NFTA_DATA_VALUE={0x27, 0x1, "01b74c64cdc77aec1de0a9b776c063ec8a7128dcaf194077b627bc396917d2e0499e2c"}, @NFTA_DATA_VERDICT={0x24, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffc}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffc}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xffffffffffffffff}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0x3}]}, @NFTA_DATA_VALUE={0x4d, 0x1, "91fd591da2ec95e5880ef4c806ae31a620b1525b0610dc2a9e44ec16e727b17b169ab064e12f5a6fbad1a69726c635ecf01e4758b794252393e1dd9a7f08ed3a2bf252b5412006cb10"}, @NFTA_DATA_VALUE={0x17, 0x1, "1e5c1c0cea0c52e42333703ef021c705747d08"}, @NFTA_DATA_VERDICT={0x14, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xffffffffffffffff}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffe}]}, @NFTA_DATA_VALUE={0xba, 0x1, "4425de966dc4e94bfbd6f3875a5cc32602250165c186d7b8e7bcbe17e054d303a5b02bfd8ba66fbcf4e9e64cb119e1b467ab0b1ad7672f0b19d22378cbc128bfa3ac6d13c22b9e2ccd93a28e7a72a133399ed2d56e813c03402b176377d4ce1a3c6fffd9da8aa6525df2ef6301b602980743ae237022f44670cfa4a2fc84235dffb8fa9e4879f9970a1d6b164772fb0bc9b228df8a67a00b5cbf042fa140644c19b82c128bbc0bead76a5aa85aec50c7ad3612d4bad7"}, @NFTA_DATA_VALUE={0x85, 0x1, "7ab59285d7f44b9ef7bcd74e0a290c778e37626a069a999a78a5557a110df24843b425cadc01b4fe7b57c614af988c60cd1224fc2d2b121d6e12e294a1989469f4ae7251cf7a337b8616b54671ed642fe9a2c999480aad975cb164b60c537e0b38e3a7c738a403d68f8c46ad4db7fdbff38c5be4a7ad686ee81509eb02401e9535"}, @NFTA_DATA_VALUE={0x2b, 0x1, "0d47d5d0180672efc3a989939241e03a6aa8e97b64bf1cb85530d83c453af87f7d3096b1e25305"}, @NFTA_DATA_VALUE={0x74, 0x1, "9201d24ffddc41f3b62bb96a501f96ac507d031110fa931d231fe8e519b2ace09768cfcd7f92172655d9ebe7bea52bfdb82664f5088a7cde86f90ea9dfe5e57db2c15be485224c8508ae2af79697e415c76e06e78dec5319253638c42142359385143edc9b51d9793ba00e958683ff68"}]}, @NFTA_SET_ELEM_OBJREF={0x9, 0x9, 'syz2\x00'}, @NFTA_SET_ELEM_EXPR={0x4}]}, {0x2cc, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_KEY_END={0x8, 0xa, 0x0, 0x1, [@NFTA_DATA_VERDICT={0x4}]}, @NFTA_SET_ELEM_TIMEOUT={0xc, 0x4, 0x1, 0x0, 0x1}, @NFTA_SET_ELEM_EXPIRATION={0xc, 0x5, 0x1, 0x0, 0x7}, @NFTA_SET_ELEM_KEY={0x2a4, 0x1, 0x0, 0x1, [@NFTA_DATA_VERDICT={0xc, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xffffffffffffffff}]}, @NFTA_DATA_VERDICT={0x10, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz2\x00'}]}, @NFTA_DATA_VALUE={0xb5, 0x1, "7c77d4c88f3d1980df29068e5d91a5c832ae673afc016cc3b1e44190a427dd8117d084e0588a0aeb17a8e0147b75bda5f79f40d8b81f77a82e9135773bb2a412b2f4ff3e6b3b5e4103074f989e121defaebb642420bdff5ef56c9936dd9c786b8331d3fd575c98db793f06adf04698b4a64272508c047c92f91ebfe4b9f86866595fd9659b8bfcd376458ebd0a9e5d867dadff22ecb29a366e2c75aa77f7122cad992fec59759277098233c4e8cad93449"}, @NFTA_DATA_VALUE={0xb7, 0x1, "865594e8e497a6b65507828ec91a4117cb21ecd75d1c8f1dd9d2f17be4c41ea00987a41693119eb16232823b5781d537d2dac4b2e6a2d54835dddd5620e6a55bac1b4527d62073ee47ac40939625e3f6a1af0ae2ad7dfa39ba66a141b0ca443b94d8a53eb527e9f173da57aa94650f1fdad69478e3283891d12f8a22545b8c059001ccee5202dfa4a648c13888e266b7d359934741cab9bddcf659bb37e36f12edce4ab59c4f9cd2107c099f0bd2892be773ff"}, @NFTA_DATA_VERDICT={0x48, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz0\x00'}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xffffffffffffffff}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffe}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffd}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffc}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz2\x00'}]}, @NFTA_DATA_VALUE={0x95, 0x1, "24be019712af1f2cd53161624b4345806a5d87a2729d9f56e3d1aff3e7f625379d1c4d33196dbb3ebd828d75fb337f47ef7f3620569eca5e572a38fcbeb76e2ea52003252bd3291e423c9548fa179802c588bdc5be2eded81dda9a69771371dc352481f6fef4bf62762e0875caaba8adce669d416db0666d9bb58cc6e930ad333e4710d3c0934c81be2f3023e784a26df7"}, @NFTA_DATA_VALUE={0x31, 0x1, "a1a9e360dda3787c7b1110ea7369cdc354c9bb5582cfd84d82e40b6f6b3cf5045032416a3a54ca224b75fcf0f2"}]}, @NFTA_SET_ELEM_EXPR={0x4}]}]}, @NFTA_SET_ELEM_LIST_SET_ID={0x8, 0x4, 0x1, 0x0, 0x3}]}, @NFT_MSG_NEWRULE={0x44, 0x6, 0xa, 0x101, 0x0, 0x0, {0x7, 0x0, 0x1}, [@NFTA_RULE_COMPAT={0x14, 0x5, 0x0, 0x1, [@NFTA_RULE_COMPAT_PROTO_IPV6={0x8, 0x1, 0x1, 0x0, 0x2b}, @NFTA_RULE_COMPAT_FLAGS={0x8, 0x2, 0x1, 0x0, 0x2}]}, @NFTA_RULE_POSITION={0xc, 0x6, 0x1, 0x0, 0x2}, @NFTA_RULE_ID={0x8, 0x9, 0x1, 0x0, 0x2}, @NFTA_RULE_ID={0x8, 0x9, 0x1, 0x0, 0x3}]}, @NFT_MSG_DELCHAIN={0x54, 0x5, 0xa, 0x201, 0x0, 0x0, {0x2, 0x0, 0x8}, [@NFTA_CHAIN_COUNTERS={0x40, 0x8, 0x0, 0x1, [@NFTA_COUNTER_BYTES={0xc, 0x1, 0x1, 0x0, 0x100000001}, @NFTA_COUNTER_BYTES={0xc, 0x1, 0x1, 0x0, 0x2}, @NFTA_COUNTER_PACKETS={0xc, 0x2, 0x1, 0x0, 0x6}, @NFTA_COUNTER_BYTES={0xc, 0x1, 0x1, 0x0, 0x800}, @NFTA_COUNTER_PACKETS={0xc}]}]}], {0x14}}, 0x8a0}, 0x1, 0x0, 0x0, 0xc1}, 0x810) syz_io_uring_setup(0x37ac, &(0x7f0000000bc0)={0x0, 0xeb95, 0x1, 0x2, 0x367}, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000000c40)=0x0, &(0x7f0000000c80)) r3 = mmap$IORING_OFF_SQES(&(0x7f0000ff2000/0xe000)=nil, 0xe000, 0x2000000, 0x4010, r0, 0x10000000) r4 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0) syz_io_uring_submit(r2, r3, &(0x7f0000000cc0)=@IORING_OP_READ_FIXED={0x4, 0x84dc5691b7a263bc, 0x0, @fd=r4, 0x1, 0x9, 0x8, 0x1e, 0x0, {0x3}}, 0x2) pread64(r4, &(0x7f0000000d00)=""/92, 0x5c, 0xa6) r5 = openat$sr(0xffffffffffffff9c, &(0x7f0000000d80), 0x400, 0x0) write$P9_RREADLINK(r5, &(0x7f0000000dc0)={0x10, 0x17, 0x1, {0x7, './file0'}}, 0x10) sendfile(r0, r5, &(0x7f0000000e00)=0x5, 0x1) r6 = openat$cgroup_procs(r5, &(0x7f0000000e40)='tasks\x00', 0x2, 0x0) fcntl$setpipe(r6, 0x407, 0x5) setxattr$trusted_overlay_upper(&(0x7f0000000e80)='./file1\x00', &(0x7f0000000ec0), &(0x7f0000000f00)={0x0, 0xfb, 0x2a, 0x1, 0x8, "804476a164432506885df8a264ad35b5", "2694ba9255047c6ba2f6699ab6b88c7a3f25a1ac00"}, 0x2a, 0x0) r7 = getgid() ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r5, 0xc018937b, &(0x7f0000000f40)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0xee00, r7}}, './file1\x00'}) ioctl$EVIOCGKEYCODE_V2(r0, 0x80284504, &(0x7f0000000f80)=""/52) ioctl$EVIOCGKEY(0xffffffffffffffff, 0x80404518, &(0x7f0000001000)=""/237) 19:49:50 executing program 1: r0 = socket$inet_udp(0x2, 0x2, 0x0) kcmp$KCMP_EPOLL_TFD(0x0, 0x0, 0x7, 0xffffffffffffffff, &(0x7f0000000000)={0xffffffffffffffff, r0, 0xffff}) setsockopt$inet_mreq(r0, 0x0, 0x20, &(0x7f0000000040)={@multicast1, @dev={0xac, 0x14, 0x14, 0x3b}}, 0x8) ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, &(0x7f0000000080)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x2}}, './file0\x00'}) setsockopt$inet_udp_encap(r1, 0x11, 0x64, &(0x7f00000000c0)=0x4, 0x4) fcntl$F_SET_RW_HINT(r0, 0x40c, &(0x7f0000000100)=0x7) bind$inet(r1, &(0x7f0000000140)={0x2, 0x4e21, @broadcast}, 0x10) ioctl$TIOCVHANGUP(r1, 0x5437, 0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r1, &(0x7f0000000180)={0x4}) bind$inet(r1, &(0x7f00000001c0)={0x2, 0x4e22, @rand_addr=0x64010101}, 0x10) ioctl$TIOCSTI(r1, 0x5412, &(0x7f0000000200)) setsockopt$inet_udp_encap(r1, 0x11, 0x64, &(0x7f0000000240)=0x3, 0x4) ioctl$sock_inet_tcp_SIOCOUTQ(r1, 0x5411, &(0x7f0000000280)) ioctl$sock_ipv6_tunnel_SIOCADDPRL(r1, 0x89f5, &(0x7f0000000500)={'syztnl2\x00', &(0x7f0000000480)={'ip6_vti0\x00', 0x0, 0x2f, 0x0, 0xd4, 0xffffffff, 0x40, @mcast2, @mcast2, 0x8000, 0x10, 0x7ff, 0x5}}) ioctl$sock_ipv6_tunnel_SIOCDELPRL(r1, 0x89f6, &(0x7f00000005c0)={'syztnl0\x00', &(0x7f0000000540)={'ip6_vti0\x00', r2, 0x4, 0x6b, 0xe9, 0x0, 0x20, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', @private1={0xfc, 0x1, '\x00', 0x1}, 0x8000, 0x40, 0x400, 0x5}}) ioctl$TCFLSH(r1, 0x540b, 0x1) getsockopt$IP_SET_OP_VERSION(0xffffffffffffffff, 0x1, 0x53, &(0x7f0000000600), &(0x7f0000000640)=0x8) ioctl$PIO_UNISCRNMAP(r1, 0x4b6a, &(0x7f0000000680)="51db127be884771952eb20f07f25b4d4589db802017e504bd03d8151b46ea4621a8e8e0d69ec7eaec34c3da2e8d0b4bd6709fbd7e90ae4c0b54aee2213079b078b5504a361609f8493227eacf63645ae75cc469b4661e11028e51ce8a4382668898d5d07f46bc816b60aeb2087dd5ee145c24925e96aadbe69c65396b4da499158df38f3282dcc75180754905639ba1816d5e3a9b538753e69fed81a3c51f5d14a7a87eb5c8bb8210b374767c8") r3 = dup3(r1, r1, 0x80000) ioctl$TIOCSTI(r3, 0x5412, &(0x7f0000000740)=0x1) 19:49:50 executing program 2: unlinkat(0xffffffffffffffff, &(0x7f0000000000)='./file0\x00', 0x200) r0 = getuid() r1 = syz_mount_image$iso9660(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', 0x1, 0x2, &(0x7f00000001c0)=[{&(0x7f00000000c0)="e0b5c4865a965bbe02dcff2e7509c558e0b7353b690ce5dff08b7c0424bb0bc90f5761cb38f05c3e0fb6bb7d45939f5845ce55ec4c0b6eff4fff0827ef93cc862d2970ac0b8dbb5963272883cb9ef4cae019a3ceae13400332e75b6acb5a1de4e32dc5ce85894ccbc495b714300f0420f7fd31ffe52d4989f48ecec1e09f14048c6f3cb6a3fa87837f518be4efa8", 0x8e, 0x6}, {&(0x7f0000000180)="41afd1a48b1dc7180677c4305dd5ee9e8dccdb264d6b26549f25ab22fd2ff64c62d5d26b9f4b431e065a18be8bb169dba26fcda27b201708f8ae6e4b0f85ef", 0x3f, 0x8}], 0x200000, &(0x7f0000000200)={[{@check_relaxed}, {@sbsector}, {@unhide}], [{@defcontext={'defcontext', 0x3d, 'staff_u'}}, {@smackfstransmute={'smackfstransmute', 0x3d, 'k'}}, {@mask={'mask', 0x3d, 'MAY_APPEND'}}, {@smackfshat={'smackfshat', 0x3d, ',.)/'}}, {@fowner_lt={'fowner<', r0}}, {@seclabel}, {@uid_lt}, {@appraise}]}) setsockopt$EBT_SO_SET_ENTRIES(0xffffffffffffffff, 0x0, 0x80, &(0x7f0000000a40)=@filter={'filter\x00', 0xe, 0x5, 0x73e, [0x0, 0x20000300, 0x200004f6, 0x2000073a], 0x0, &(0x7f00000002c0), &(0x7f0000000300)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe, 0x1, [{0x11, 0x27, 0x170, 'veth1_to_bridge\x00', 'caif0\x00', 'sit0\x00', 'veth1_virt_wifi\x00', @local, [0xff, 0x0, 0x0, 0xff, 0xff, 0x5a120b129b0634fe], @dev={'\xaa\xaa\xaa\xaa\xaa', 0x28}, [0xff, 0xff, 0xff, 0xff], 0x196, 0x196, 0x1c6, [@comment={{'comment\x00', 0x0, 0x100}}], [], @common=@CONNSECMARK={'CONNSECMARK\x00', 0x8, {{0x2}}}}]}, {0x0, '\x00', 0x1, 0xfffffffffffffffc, 0x2, [{0x11, 0x8, 0x88e5, 'bridge_slave_1\x00', 'veth1_to_hsr\x00', 'syzkaller0\x00', 'vlan0\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}, [0x0, 0xff, 0x0, 0xff, 0x0, 0xff], @multicast, [0xff, 0x0, 0xff, 0x0, 0xff, 0x101], 0xe6, 0xe6, 0x116, [@cluster={{'cluster\x00', 0x0, 0x10}, {{0x2, 0xffff, 0x7}}}, @connbytes={{'connbytes\x00', 0x0, 0x18}, {{[{0x8}, {0x10001}], 0x2, 0x1}}}], [], @common=@CONNSECMARK={'CONNSECMARK\x00', 0x8, {{0x2}}}}, {0x5, 0x33, 0x8035, 'ip_vti0\x00', 'bridge_slave_0\x00', 'veth1_to_bridge\x00', 'syz_tun\x00', @random="725f07164568", [0xff, 0x0, 0xff], @empty, [0x0, 0x0, 0x0, 0x0, 0xff, 0xff], 0xb6, 0xb6, 0xfe, [@ip={{'ip\x00', 0x0, 0x20}, {{@local, @private=0xa010102, 0xffffffff, 0xffffff00, 0x2, 0x33, 0x2, 0x9, 0x4e23, 0x4e23, 0x4e20, 0x4e21}}}], [], @common=@ERROR={'ERROR\x00', 0x20, {"c3d8b1c3b301acb28efaa532e5a84fd2c187e9a07a8438b53772bae8d83d"}}}]}, {0x0, '\x00', 0x3, 0xfffffffffffffffc, 0x2, [{0x5, 0x0, 0x8035, 'vlan0\x00', 'ip6tnl0\x00', 'veth0\x00', 'ipvlan0\x00', @dev={'\xaa\xaa\xaa\xaa\xaa', 0xc}, [0x0, 0x0, 0x0, 0x0, 0xff, 0xff], @random="6a56acdf3fd5", [0x0, 0xff, 0x0, 0x0, 0xff, 0xff], 0x11e, 0x11e, 0x14e, [@ip6={{'ip6\x00', 0x0, 0x50}, {{@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @empty, [0xff000000, 0xff, 0xff000000, 0xffffffff], [0xff000000, 0xffffffff, 0x0, 0xff000000], 0x0, 0x5c, 0x0, 0x2c, 0x4e23, 0x4e21, 0x4e24, 0x4e23}}}, @realm={{'realm\x00', 0x0, 0x10}, {{0x7, 0x4}}}], [], @common=@NFQUEUE0={'NFQUEUE\x00', 0x8, {{0x8}}}}, {0x11, 0x1c, 0xd, 'vlan0\x00', 'geneve0\x00', 'gre0\x00', 'batadv_slave_1\x00', @multicast, [0xff, 0xff, 0xff, 0xff, 0xff, 0xff], @dev={'\xaa\xaa\xaa\xaa\xaa', 0x40}, [0x0, 0x0, 0x0, 0x0, 0xff, 0xff], 0xee, 0x14e, 0x186, [@connlabel={{'connlabel\x00', 0x0, 0x8}, {{0x8, 0x6}}}, @ipvs={{'ipvs\x00', 0x0, 0x28}, {{@ipv6=@private1={0xfc, 0x1, '\x00', 0x1}, [0xffffffff, 0xffffffff, 0xff, 0xffffffff], 0x4e23, 0x3a, 0x7, 0x4e20, 0x8, 0x1}}}], [@common=@STANDARD={'\x00', 0x8, {0xfffffffffffffffb}}, @common=@STANDARD={'\x00', 0x8, {0xfffffffffffffffd}}], @common=@mark={'mark\x00', 0x10, {{0xffffffe0, 0xffffffffffffffff}}}}]}]}, 0x7b6) statx(r1, &(0x7f0000000dc0)='./file0\x00', 0x100, 0x2, &(0x7f0000000e00)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) syz_mount_image$iso9660(&(0x7f0000000ac0), &(0x7f0000000b00)='./file0\x00', 0x0, 0x3, &(0x7f0000000d40)=[{&(0x7f0000000b40)="1c1a4ec72436303f44a2ae94a49730a1413f69add2f918cdcbbe097f5536684e1b1827e62b31573aba92be679d333eb6f6a1241bef8c053adb8726c0db27639ac6c5814c5989236113a6572329d0a06081138758a7c38d4c146a9d02", 0x5c, 0x8000}, {&(0x7f0000000bc0)="6a9a9e4897fecb4c76a2a343c9a239ad2dc96f9e3634aecf0ee4219c33e3379098fdaff921cf6d2c0d475bccfd0c2b44275897fc3eb1c1be6a9d331bfd4761fdebe66ed172e0125052d5a19418de1e6496641139c26c8ebfa340ec47689c102200b2c58a", 0x64, 0x1}, {&(0x7f0000000c40)="270a92722d0d5de0ef77697f9e7dc2fd6fd0df6addb88f8272ae5e183683e6f3f0a21c8ea70c935d576a20bf51b8a756c7e4d59a0c8e9f0f743c9613607b6a08d1825ff64e1f4a835c08457e61c7c030b53eb32f07753a76452c51d2136a730e79848e25ad2b7b3da26dfd665116255c000cc4b36063f37da2d13d1144df35030b8f5720a2b8cc5a1af024e59f99280a0efa0aa9d2a23165e585679ee71b30bb2b2ff7d598f12351df38227c8111f78ce69b9cee34bab6afc56978bf600730834e01e9d7f007da28822716e315c579d4f800399fc10ec061dceb9126869c7a7f435f6bf227294dba93ecfba3b346e410492892263e8462d9befef100ee", 0xfd, 0x14}], 0xa00080, &(0x7f0000000f00)={[{}, {@nojoliet}, {@session={'session', 0x3d, 0x5e}}, {@iocharset={'iocharset', 0x3d, 'macroman'}}], [{@euid_lt={'euid<', r2}}, {@fowner_eq={'fowner', 0x3d, r0}}, {@uid_gt={'uid>', r0}}, {@rootcontext={'rootcontext', 0x3d, 'user_u'}}, {@dont_measure}, {@smackfsdef={'smackfsdef', 0x3d, '{\x00}+\\,![['}}, {@dont_measure}, {@pcr={'pcr', 0x3d, 0x13}}]}) rename(&(0x7f0000001000)='./file0\x00', &(0x7f0000001040)='./file0\x00') r4 = syz_mount_image$iso9660(&(0x7f0000001080), &(0x7f00000010c0)='./file0\x00', 0x400, 0x7, &(0x7f0000002540)=[{&(0x7f0000001100)="d3f711fcc984c97ccf3a694a78a7dda2ea6ffc23ee04bdd5506a4bd353162206f02bdee39da0bfb0c0c8ee2d0bb68b7b39f59136ec2954e7c4a1f749cf4e42611368edced94a40b4b526fbe78059e1624e5ad5cc79ed1e031d1a41ec9ac9d05cc1c7965291b8471956ea27daeb613f5308f40010f2adc10fd2ca267042fca0f6cda87e4e90492663fc4c1577d5ec4ee045ab6e2518bf50aef034a767d6e6086f7a3c85b4695b84c528d6fbecd92f27aa07ecf4d017bda0e8c189ec3c25917cf6c0c126ede86dd91000bf2995ff2136415ef48881c8384d96e97555c18860b5711fd910739091cda0495ce0feee28bb108ba6c6b6a8cca39e35cf627625eca1871a546bd600d190b5de350dd47c50a49ca156541a4248e6903d00f0a8fda7af52dc60b52975c11827485ee4d06278c44e812dce4be004f1d6d51cc8fbf2bf17ee6eb7986273fe6e331cc7ad86a1eff0fb2e6e83def3bfead9dcc035f5f22a2b8394b3405a3418d43933d84670e46f61c18013a6cf740e395911e2d0c277da95fa0ab7ba6989b10dc840561827591aeca8d0f62ba565745fecdcd14516b174ad5da1a78859b63e45ec286f7706d3c80e31bd35d072af0c0fcba9381f237f006eab0de1aaf2c117ab4872fee7b14c8261767bed8302e73e21ca597a88ea9fb80d4ab2445b86140c8b4e225303dacd0df48426616159a702e402061d57f2c103ca95ca9951f597ee4d3f430a58e3d11cf99d23fc769ce25b4e51b668a2bbddb051b935acb50dca5c6f5e762ea9e580b63806f1a1922ec092248117a5307de366700dbdceb6db9dc7926a71686d1a90eb3a5be609215693ad719b706ee507dd1d46c3f3406a4d63bc3cba13460bad9dcfcc16f391d72f5ff2ed25a47fab9986077551ed5ef6446f34befa22000fdc790255cfef9beda793dd99d26a379fe8759c7cff11bdc404f0a5281412d8b9c57092d7fcb876730146d54262076a5b12d0a325cff95487622af72665b6d1130b84be5476a00df19c9f82277e12986e29aded792f1ffa3c134c0ea11e166ff25dd6ee9853f5216a734564bb7b83cabadac0d57d6fc1ab16cbb42cc80cd9020a3122e8aed182be6968b337d70fc830467d754d12b95f4aea5f09bb6b4e10dffea2dc13f1afaebe2d7e4517f258d3ccef3246352857df021422c08d326ddef8a31fa59f77fbb483845fa84066c83ad4df9206317254b051e02227236350d17d43625782b9e81a475bad96494d79ba04ee09554c21a976a8ba4df0771a3683884f0e124a55f77fbba9d748610a9417eafb019b90f1c48687fe61a50111b59a17be40d86697aa6e959cb8c4da7f04d548cdabef9b156caff8d0a81a1b0f753a4dda3f813165a5e2a023fb706450374887938ae51ab95e2d5a777b4ead4b67d42bc0c744999649254a9fa288abfa7def5b85a3d2844b39fa7d7a21b28a51e4eafbd18da2ce073ba4911ec5d8c3f87145f92689329094bbb22cb12b805e80490db0e29300d6c48ea7e24dd19d2b85c5c999ca9d5bea5da4f40944418bd16515abd7a6bd3f3aba4eb9415bbc25a590398b36ea64227034429505791c4df680aad292b8b0afffcf965027eec27d75751ab973392012a83cef94d055250905a8c4a764e96ebf8d53124b09d67be014f931dbb4053274825812c53597469fdacc7cfd84048bedd5ecd8cda8de910f179d81247f1f9b5e1f2a8aebd8e3ff750094934be0f56b7abcb208fd87272f9a0741b3f4e6e66146f7835203d9e4932f2f5e723858630d8d3ae9a9fa1b010b59e780b59e73133664c099a707ea4f9048b0c00d55a821f535aa8103af6e7fc1f6f4ec594e450da130c79e018f2bf448bdfe29ae425904aa48870734c9a4c951aea7dc93e27cda90817906e388e4f699e03e4a9c34bbf6a08bf33d53c55e7d89a6464ce8e066b16792bca97bfacf0c10e8edb2693c96670d4cd042b701ff6d2c53250548da190f2dfec1b92ee13b86f87ee9c486fab71616340358eaadc24e9b3cfc5e7c91979630a4e8e532145f2b97081382d72a7ed3abd1ec7e0d964a95408705a20651dd170bbd5f299d2aadca05b572676eff67e1761e180744d246867949c37a4f9739e94bb89c6629b1b8d417a7b43dc43b43f4f9ac9bef030eacb02cf43ac4755d335afe9e7fff7031f87ca70d6a9d1acd5db4ec9cfb6a073ca3a2136ac7b59555235311914a1630fc801699dd056a26a629858ed3956d81a1b22765ad0d367135d6e4e9c502e5358f402018fff90fb1bea2431e2a17c32b2e28867f45dbbc39f7ba5ec825d72d38d03f7f3014f82b36e3b1f354369af74e0d1895e5d3e15ff76262209a9ee18bf4e4b32aee8bd46e12f9bcad0f04c35060112e0d242303ae8d1fc455710191a74cf4f104d96ca2110a543854d56a5e379e73701b513c994c0e0e15e3f51c062e14121066e33607af7598098dc60a8cf67ac41870477a2a8c21e23988f31f5a079b15276c8f7ff18821b381a7a9d80bafb1328833b42ba0e619794176697b05aeb539a6f35006c0b6c2fa62be47d38b57cc180f8a8bbeaaecc19aedf9120bc68656e01fa21814ff5a00764b8ececd445314b823b0b1a11eb85f0d8d8bcb8656e8705b854657940b806ec999e47124aeabe050914c79ff7fafae24d2d9a8dec3bfcb167eb8ce2f05e812e219af9373a6dadda6500176250052797cf152241bd49b877a016152e3fd90a251670d6921a5155599ae04d8956867518ed34d2e890aa7d84408c8ed626d9fe2481664e0653fe56dab727bab20b88bf270069fe79214da316e8080043eee0388a4762230c65ebe3013803dba083b508a8ea7368c88c3bad7b54a10ee303fb186d9f950bcf77845b45e64c2a98bdd6e19b949b14c91be3dc4105e1f3cc7ae7810974ced4855fa1245ffcee67b55a9c6079f116d7ca7fd28827ae3143ffe2519eb297b63172a120b589d6699ecdb8e4ff23a5f96476a336d04cc8c3b5765dee3f4a201863767755af61d0cb13a915981dea2239782f1231fddd8cd3859e39c9a7d0bd8be75a349cbfc6eb8912396e59b3e36362a41de89d7d65dbdeade7b9027f8a3017f26ba89563c3aa1660e601a6fc6793550d26b07dba495b9c604d2a41926f3d2f177464d35d500cb870ec81fa7979ca7df8ab89377b5ac2ba38fa34bef6fa3635ad6818a63e74a036554e59ee666ebc510c0115153a2e33e6ec98f774e49473bb73a50d824cc06c26e34f2deccd04a2e6b514e9fc539a6623e2e4b9de7c2510e1f1cabc85db1342caf5bd614bc86267b41094f840e255566b11c82051e5f112dd778089d78ec9aea2b8f6a8b47fb25b16f837131ae217f09f618de63b00373e1086f521ae4a08d004166f84cf85c35196a023d162a939c115cb7fb481b7c41616b6b0d49ef37ec6359f604d05e346a04eac93c2aa0ac1c11d1a622f1e6118ac504f785319d8ffa0d6e8bfd34ef34862ecd057ca2f9b1c180f9fb1ae089385f5da6748017e72c35e233c58381533ef9cd7ad03a06184b53b899b714b13289b04c3a523192701d06aea1c890f5c56b60f68776aa1c11dde9ab564951764037cdf82e316627a6ec50e8160431f6c8dd1d946a4145f7b168d4cfb0d1a292c115e7af0fd090330c70ac210d5ee7d68f57c8f1f5b23185facb31b430ee4ad99d61fc48ac07670db521a59320ba58d290ad0748b9603cc3752e36abd95cce1b1220f4756e67fbb7e60c8541b281f54c7c6a4d242e9a2d8fdef5feac3c0815715d8fa82261c0fd4f5b2961838cb161c250ba8dafdd126935cb6a1b01a3581c1dbc87afce1b15dc48823d13b5fdac3472e32071200c6f2bf336691c3565d46ae02891360d66357ad69916bd72bb8a549bbf2c5cf7e098989ff4c0f96e3b17621dfe5e17b8421e1a06028704e5db309caff068c0db8e18db0969cddbf08c1d59b7ee686cdf1c42ff01594b7e4fb9b664c03cba6c1dca9a3841cb3ca617ece9a94b1dbcb00e0bb18e7accb1335bdd79f1492a5dbdc63ac76307e9b99c4fb1b1aad64533bb23c7773c946d44cf9609168c303f88260d08bd59bab09860145caf31a61cd7e8bf830938608f7cf1a5e0cb3b9bec5d4e5fc7bc07c1f18c6ec370fe1fdd0fce786c41d9638a411321ae08131dd1f8830bea2bb0450b74b190139f0eb7802161e76527e5b0e221665546900de36318e1391f518d468b69014709cddb0fe57556017a905e891093c36a5d9c5d20623c5eaba110a34ba56a3628192ab6d37017008dc863eee188d7e12353643fe7c151696202827f48bab31e98d58bfe2182c17a2dc4d2144a799963db4a7b895248ec75963ae599e5f9b21acc774ad397edf99b1813924bb11f6d011ed9dd6f6afc8a17892adf46b7a7c6206acd12f12a23d3dbaaf7186b5ad425ef683e1841a76f41a529439972934e7156ef25df5a8ccd670c80553f6fe400a7018077198ea6f983396c5300c801e9c8634ba177825efcb1d30d5d3057f014319dae7c2157d5af35d8c06d1e725f5e5672c8529d52ecba33f5cbb7f293befa2d1a45b1cdf7e1472d28aaa1c564a9251058112ea35e29f6830d56a7864d442d97ee43f98bc3288c4fc27b3015bdee6805926fa766b1ce7df2e4810c620df3a7cecbb9b4cb8b78242aa5b06adacc23acf2f3e2c6ab815da34801377e175fc7cbf7c6d39682c07104a2329a3a34fe0780e2b599401ee56a7ada2282fc6f60707e0f708d87029f6f56195692f8ab2aeba6e067705af03f8d695aa1cfcc49f94db92ecb0546fdafa11a8c93b63810f374c3a201dff45b71f996d7ae8545859974ec99f0a5a9db431bc988d42a4af077b0b03d4e186d60c2dac4b6334878048f42cd9bfcbf291a69cb885a6e994725945fd9cdceed5f2dcb2d1ae2f0fb88e55b07cca22508d1682a822b425a02d4754c4d6f938d2fa160fe9efd1f16e72dabfec438a201fef1fadefa1654d26d1d648e0e35b906b2b4f8aaa0375bc72fbd0a78482f7b274178ba8383c701fdcfacbda71868585fde58c2820c9a86120bd7508aae4512473a72d48fe576858121890c5eea31cd3ecfa07292a5e75ba4ad2a98be0e9b434d13359e3f48a6d985c493a0ba05dab43789b73dd6108757a71ef5e68db2c38703bad59ad800dfd3bda3524b92b300d7c6a091451e316395ba58894c5a6c0d277d4b5b7eaeb9e50b6de86bde6a9226076568f07d73311464a0e7bc96a1971db25c27f5dccbbe64db3f5e27bebc3609ed05c9d11b458c9f630465b2b37f6885c9350c05a1d53b6fc00b3395fb78a97822924be82cf5f8ea38c3b041435a4cf4701304483007f822378b6ae8f5ace78d9ceea3767359daabea61309d7554a240d36883d40bcd5ad50f1c354e2f69d69fa14379decaa63db7bcccb5c13f7ca246829e10ab50a4ca39c330b4d03bf9b0bf9e2476ddd1fe856983db29a7d7518b812010385b649a1ef5a9d7d4c2e88726142db3f479e76dbd3a8b5a9126a09362d4a56dec5543b6fa3a2c0711f9c20a39a5b66aca6656f77b49e10a3cbbb1135dabc7ab5d2351b623d39630f48d8753da4fc3c1be6940e82894088e6a58cb4ee9a29694ed6a90edc94b6bf79893e78148778422b718356a341905ab0ba8210c7564d4f34cc780bd601933193d76a628430a86a82a68779a6b121d4651b92f6f654369c83c272c47be80be620da0b9f30a8a428980640a0accae567f036f78387a83895b17bddf3fe1351984a95531d52e700ec0c8b0a039e83cc50ba41aaa363579c4aa14e2084dd28011bea02a0d8deb35d3b1", 0x1000, 0x1a}, {&(0x7f0000002100)="5fcf003153c09d1671bbcb15da3bf0f98d35e6864488d2c5300504d27abcd994df3b31b6a23b6e2baefc6a34be385a074fceb8fcbb3384c6afd74f51804d37df628371504cecf0dd9ff53b6d00cb029448199b452ae9964bd0b5f79d7f", 0x5d, 0x1}, {&(0x7f0000002180)="1e9dd6f65ca9888f0219cc210b13d1299dda204b2a41a07421f28aed7f219a44d07b3ff751f1364a08d6a9fe573bd50c4d2b758491e6b220f5d38ca389d012366b88d103a9163180768006b13024c1966da9d1b9b99a5d5c2320a61fa3425111bde66a7f5d30c96fa8edb5a7c22bae416889532d33036cdf45397e365dd49a5af8a61bc66986dba8a948f9a1a09353af580b109240d700370a43c100e4845a825b49d8fa7078a211d975ba93520cb78dce4163138aca9676ff3b6b8e6fe2d8275aad0ba7d0fe60dae296f228c44811d058e5b44df5553a21f08aed1b47cb70ff7e59432f1753a28914b001081b5b34", 0xef, 0x100000001}, {&(0x7f0000002280)="f1dcf4aa6c99a41d653b22f1b06bd4ec47564d05431472a91cd19150dec966c31a5cabf3c19f75a5ce0bc6758fe13bdba1280383af8a5a3ffb3a46a54e496d802b131264af6a9980d4f88998d6480986b625c7192addab62fa2c463a44923fc58805eb5e7d7f0d642d01963c49a764a8c71ab93a06258ac996e09d83b4c865e27453f95dc8cea013165bd51aaef06485125f77f5dc8517a5e0a1d0833d04f1edc5ef9ab3", 0xa4, 0x2}, {&(0x7f0000002340)="37be889681f66d5161b9d88fe4c5e5ca3d047b4450685879290c8b863a17295921f3c9abcb8f83e5c0c0441148351a75bc470ae69da0ed3b0dd2fa7e8b9502fa96564327bb33af2b", 0x48, 0xf3}, {&(0x7f00000023c0)="da07f58bdabf0e61d71b8d87f08c87d4897ab355dfe2d682e05220e9a5380053f7b43d4fa921eb2c4074ca15e58bfd404d48fd24fb7563fac17a9b30d952d2754ddf32bb29d908650720daa72bec18e59b89b66e4b2da75b7d4bafc36a6a44594ecee588fefa805465c0ccc9ffd023a2e4cd2141de5527f6714fa8ab3e4d4dc17dea1b859a5108385ba06a5b44d5d8ef74eb126db91e5150999ddbed3f8bdf6601601159589e0200c5efbc822db1a57a9a6e8468", 0xb4, 0x3}, {&(0x7f0000002480)="6640e9da02d21ce4b9a19c8cf5a40ae94dcb2f64276dcdeaec3e1d003b54bacceec36a578c255fa9f0050eba42955a9e09ee51e0df4222b28fe5998edba026aad797a5953b6e577a32fef5af109d835613eeab2b092d7c19cf009453606e8fa95bc8549f119e1ff1b2914b704665b8797a96b1dfd151588e1fe59c49af74524523fb99d8f295876aedafe991aac6317a1a891d82eac9ef68476c2ae223c13b50ca188ebac7", 0xa5}], 0x8000, &(0x7f0000002600)={[{@iocharset={'iocharset', 0x3d, 'cp775'}}], [{@obj_user={'obj_user', 0x3d, '++!+,^@@%.[,@%#'}}]}) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(r4, 0x40106614, &(0x7f0000002640)) recvmsg$unix(0xffffffffffffffff, &(0x7f0000002d80)={0x0, 0x0, &(0x7f0000002bc0)=[{&(0x7f00000026c0)=""/210, 0xd2}, {&(0x7f00000027c0)=""/37, 0x25}, {&(0x7f0000002800)=""/54, 0x36}, {&(0x7f0000002840)=""/212, 0xd4}, {&(0x7f0000002940)=""/146, 0x92}, {&(0x7f0000002a00)}, {&(0x7f0000002a40)=""/105, 0x69}, {&(0x7f0000002ac0)=""/240, 0xf0}], 0x8, &(0x7f0000002c40)=[@rights={{0x10}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0x0, 0x0}}}, @rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0x0, 0x0}}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0x0, 0x0}}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0x0, 0x0}}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0x0, 0x0}}}], 0x118}, 0x80000000) fchownat(r4, &(0x7f0000002680)='./file0\x00', r9, r3, 0x100) ioctl$FS_IOC_REMOVE_ENCRYPTION_KEY_ALL_USERS(r11, 0xc0406619, &(0x7f0000002dc0)={@id={0x2, 0x0, @b}}) r15 = openat2(r6, &(0x7f0000002e40)='./file0\x00', &(0x7f0000002e80)={0x800, 0x1a9, 0x10}, 0x18) mount_setattr(r6, &(0x7f0000002e00)='./file0\x00', 0x8800, &(0x7f0000002ec0)={0x8, 0x8, 0x40000, {r15}}, 0x20) mount$9p_fd(0x0, &(0x7f0000002f00)='./file0/file0\x00', &(0x7f0000002f40), 0x40c0b, &(0x7f0000002f80)={'trans=fd,', {'rfdno', 0x3d, r7}, 0x2c, {'wfdno', 0x3d, r6}, 0x2c, {[{@cache_fscache}], [{@pcr={'pcr', 0x3d, 0x3d}}]}}) r16 = syz_mount_image$tmpfs(&(0x7f0000003000), &(0x7f0000003040)='./file0/file0/file0\x00', 0x7, 0x2, &(0x7f00000031c0)=[{&(0x7f0000003080)="1b1262954f9b6ef28f3420b698a20dc5bb5ffedd933233848a185606592804023f697d92881466e5e30e6e2aff8666", 0x2f, 0x9}, {&(0x7f00000030c0)="85842f2d304f396f8c689c7e44214a24f09000fdabd2e1af70a8be790d2b45fb73d27a344b5ce057fd6e5e0c9f28b5121ab9e48d2bdcae9af2843af18ff0b8a18b2980ee0076ebb0498ec8dac99cfd4a4254ca7480bb319f86b0ee41934cec9e3ed691c6f8762bfed90a8e7cd75adbfb48e9aa8c95f6b1016333eafd59fa682870e08fa2bf2dd231ac372257019779ed937e57e8e84e8b66f5b4571f7542ac4b3bdd4ca0eb4c7344ff251ce01978dac6182967779a0b75f32cde979bf7423c1c22b481f515771ee794", 0xc9, 0x3ff}], 0xc02, &(0x7f0000003200)={[{@gid={'gid', 0x3d, r13}}], [{@rootcontext={'rootcontext', 0x3d, 'staff_u'}}]}) unlinkat(r16, &(0x7f0000003240)='./file0\x00', 0x0) getgroups(0xa, &(0x7f00000032c0)=[r14, r10, r3, r5, r12, r13, r13, r13, r10, r5]) fchownat(r8, &(0x7f0000003280)='./file0/file0\x00', 0xffffffffffffffff, r17, 0x400) openat(r6, &(0x7f0000003300)='./file0/file0/file0\x00', 0x4000, 0xb) 19:49:50 executing program 3: ioctl$VT_GETMODE(0xffffffffffffffff, 0x5601, &(0x7f0000000000)) r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x400, 0x0) ioctl$FS_IOC_SETVERSION(r0, 0x40087602, &(0x7f0000000080)=0x100000001) ioctl$FIGETBSZ(r0, 0x2, &(0x7f00000000c0)) fsetxattr$trusted_overlay_origin(r0, &(0x7f0000000100), &(0x7f0000000140), 0x2, 0x3) ioctl$KDSETLED(0xffffffffffffffff, 0x4b32, 0xffffffffffffffff) ioctl$BTRFS_IOC_BALANCE(r0, 0x5000940c, 0x0) r1 = creat(&(0x7f0000000180)='./file0\x00', 0x1) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, 0x0) flistxattr(r0, &(0x7f00000001c0)=""/248, 0xf8) r2 = syz_open_pts(r1, 0x200800) ioctl$TIOCGSOFTCAR(r2, 0x5419, &(0x7f00000002c0)) setsockopt$bt_BT_SECURITY(r1, 0x112, 0x4, &(0x7f0000000300)={0x0, 0x33}, 0x2) ioctl$FS_IOC_GET_ENCRYPTION_POLICY(r1, 0x400c6615, &(0x7f0000000340)) r3 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000380), 0x2000, 0x0) ioctl$LOOP_CTL_REMOVE(r3, 0x4c81, 0xc) r4 = openat$zero(0xffffffffffffff9c, &(0x7f00000003c0), 0x80, 0x0) ioctl$EXT4_IOC_SWAP_BOOT(r4, 0x6611) r5 = ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82) ioctl$LOOP_CTL_REMOVE(r3, 0x4c81, r5) 19:49:50 executing program 4: ioctl$BTRFS_IOC_INO_LOOKUP(0xffffffffffffffff, 0xd0009412, &(0x7f0000000000)={0x0, 0x1}) ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000001000)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x2}}, '\x00'}) r1 = syz_open_dev$mouse(&(0x7f0000001040), 0x800, 0x4c42) ioctl$int_out(r1, 0x5460, &(0x7f0000001080)) r2 = openat$incfs(r1, &(0x7f00000010c0)='.log\x00', 0x101000, 0x5) sendmsg$IPSET_CMD_DESTROY(r2, &(0x7f0000001200)={&(0x7f0000001100)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f00000011c0)={&(0x7f0000001140)={0x70, 0x3, 0x6, 0x301, 0x0, 0x0, {0x7, 0x0, 0x5}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz2\x00'}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}]}, 0x70}, 0x1, 0x0, 0x0, 0x4008000}, 0x20008081) r3 = accept$inet(r2, 0x0, &(0x7f0000001240)) ioctl$sock_inet_SIOCGIFPFLAGS(r3, 0x8935, &(0x7f0000001280)={'veth0_to_bridge\x00'}) r4 = socket$inet_tcp(0x2, 0x1, 0x0) getsockopt$inet_opts(r4, 0x0, 0x2, &(0x7f00000012c0)=""/39, &(0x7f0000001300)=0x27) fstat(r1, &(0x7f0000001400)={0x0, 0x0, 0x0, 0x0, 0x0}) mount$9p_unix(&(0x7f0000001340)='./file0\x00', &(0x7f0000001380)='./file0\x00', &(0x7f00000013c0), 0x800, &(0x7f0000001480)={'trans=unix,', {[{@debug={'debug', 0x3d, 0x99}}, {@nodevmap}, {@aname={'aname', 0x3d, 'G(\'^'}}], [{@measure}, {@uid_gt={'uid>', r5}}, {@func={'func', 0x3d, 'KEXEC_KERNEL_CHECK'}}]}}) r6 = dup2(r0, r0) fcntl$dupfd(r1, 0x406, r6) r7 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000001500), 0x0, 0x0) openat(r7, &(0x7f0000001540)='./file0\x00', 0x3c00, 0x1) pipe(&(0x7f0000001580)={0xffffffffffffffff, 0xffffffffffffffff}) r9 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000015c0), 0x8281, 0x0) ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(r8, 0xc0189378, &(0x7f0000001600)={{0x1, 0x1, 0x18, r9, {r2}}, './file0\x00'}) vmsplice(r0, &(0x7f0000001a00)=[{&(0x7f0000001640)="f7ac0a2e0fbcac3a440acf159ac184ca1fa23e7bfb88df699c445d336b2fb98cc47ca69e65ddd68b2105cf0dd3193ceaed2ecc1c4dabda44dc589bcfe65d90818e21dec619bfa5f74f50046ade8d6626a484cc64cdbc631f2865b95ed09053c065f548497390c9481ff6e6199e316fff7b68a8fb8f35dcf360908c10299fee4f448a1084c0c9a9d0519d212fe85da7fa168d9dffbbb141ffb3b25d31a3ce", 0x9e}, {&(0x7f0000001700)="6fb74fa53fdf98ac42de7c1eea9081d1f4246c4ca27b0ed467dfa87f16a968170359769f6c", 0x25}, {&(0x7f0000001740)}, {&(0x7f0000001780)="39bbdcbc", 0x4}, {&(0x7f00000017c0)="ecdbe320b66c850acf43f1f531c1123d4c3565c26c930d5f5f09b8d502964fccb61cf18fbaac73a8b5a74a66f57b960dc4ff516832d09e2911538e9bd252b9f7ae7f338b0fa3425d5685c20ce4a10bd50c3e4e82b131e565140f014a614af37af91857998501934bf43f8022dc9d2e89fdcbfcfd30fd369aeaffe0d12e8492fc4de67c2c60d476b0aed862b154fa44bb3513a5cfe07dbffc0aed55ee0d653923b73face2a92632135f9540273d20985c4c027a315de238d75eac29cfe30ef9db03e8727f884237a39d400c108fb416ec2526", 0xd2}, {&(0x7f00000018c0)="d0514aef5190e096ab454e6cbf5d611184675986a753dad8e19bdcd60896a6865533a042449e6ef0ea9f56183869ba33fee467e2d26bb74e4012cd0a6cd33785f061818c03f3265d9a846a279875f42ecc8b", 0x52}, {&(0x7f0000001940)="b1c01e545396467c782e9eb8492130f1aeefc3f49875f74d1d3159f36e8467e5e13bd6427e6d07b5b94cd250cbd4a2535cd1f809bafd8582e285a8fb2beaad11bc3de46e114af12a890bebc0c6ffac7187ad95ce0e8265dcd85cacec753e71c8217fc8da8ec10c0992b7706ba48b4a705c2dd1f738c0b7bdf20f6b24daf26839a6e1b38a0bd78994153803aff540e679d22a146bedb5a9f8ddbe0eb57e08bebc3dab5e04ecc0f4c28d6acfd847a2812aa633b514817bb9e18a7dacb789", 0xbd}], 0x7, 0x0) 19:49:50 executing program 5: prctl$PR_GET_TID_ADDRESS(0x28, &(0x7f0000000000)) prctl$PR_GET_TID_ADDRESS(0x28, &(0x7f0000000040)) prctl$PR_GET_TID_ADDRESS(0x28, &(0x7f0000000080)) prctl$PR_GET_TID_ADDRESS(0x28, &(0x7f00000000c0)) prctl$PR_GET_TID_ADDRESS(0x28, &(0x7f0000000100)) prctl$PR_GET_TID_ADDRESS(0x28, &(0x7f0000000140)) prctl$PR_GET_TID_ADDRESS(0x28, &(0x7f0000000180)) prctl$PR_GET_TID_ADDRESS(0x28, &(0x7f00000001c0)) prctl$PR_GET_TID_ADDRESS(0x28, &(0x7f0000000200)) prctl$PR_GET_TID_ADDRESS(0x28, &(0x7f0000000240)) prctl$PR_GET_TID_ADDRESS(0x28, &(0x7f0000000280)) prctl$PR_GET_TID_ADDRESS(0x28, &(0x7f00000002c0)) prctl$PR_GET_TID_ADDRESS(0x28, &(0x7f0000000300)) prctl$PR_GET_TID_ADDRESS(0x28, &(0x7f0000000340)) prctl$PR_GET_TID_ADDRESS(0x28, &(0x7f0000000380)) prctl$PR_GET_TID_ADDRESS(0x28, &(0x7f00000003c0)) prctl$PR_GET_TID_ADDRESS(0x28, &(0x7f0000000400)) prctl$PR_GET_TID_ADDRESS(0x28, &(0x7f0000000440)) prctl$PR_GET_TID_ADDRESS(0x28, &(0x7f0000000480)) prctl$PR_GET_TID_ADDRESS(0x28, &(0x7f00000004c0)) 19:49:50 executing program 6: sendmsg$IPCTNL_MSG_TIMEOUT_NEW(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x2c, 0x0, 0x8, 0x301, 0x0, 0x0, {0x1}, [@CTA_TIMEOUT_L4PROTO={0x5, 0x3, 0x3a}, @CTA_TIMEOUT_L4PROTO={0x5, 0x3, 0x1}, @CTA_TIMEOUT_L3PROTO={0x6, 0x2, 0x1, 0x0, 0x88f7}]}, 0x2c}, 0x1, 0x0, 0x0, 0x40004}, 0x40040) sendmsg$IPVS_CMD_GET_DAEMON(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x24, 0x0, 0x100, 0x70bd26, 0x25dfdbfe, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x1}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x10000}]}, 0x24}, 0x1, 0x0, 0x0, 0x4}, 0x20000002) r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000240), 0xffffffffffffffff) sendmsg$NL802154_CMD_NEW_INTERFACE(r0, &(0x7f0000000300)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000280)={0x20, r1, 0x10, 0x70bd2a, 0x25dfdbfc, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x3}]}, 0x20}, 0x1, 0x0, 0x0, 0x4094}, 0x400c1) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_CALIPSO_C_LISTALL(r2, &(0x7f0000000440)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000400)={&(0x7f0000000380)={0x64, 0x0, 0x100, 0x70bd25, 0x25dfdbfb, {}, [@NLBL_CALIPSO_A_DOI={0x8}, @NLBL_CALIPSO_A_DOI={0x8, 0x1, 0x2}, @NLBL_CALIPSO_A_MTYPE={0x8}, @NLBL_CALIPSO_A_MTYPE={0x8}, @NLBL_CALIPSO_A_MTYPE={0x8}, @NLBL_CALIPSO_A_MTYPE={0x8}, @NLBL_CALIPSO_A_MTYPE={0x8}, @NLBL_CALIPSO_A_DOI={0x8, 0x1, 0x2}, @NLBL_CALIPSO_A_DOI={0x8}, @NLBL_CALIPSO_A_MTYPE={0x8}]}, 0x64}, 0x1, 0x0, 0x0, 0x80c0}, 0x0) r3 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f00000004c0), r0) sendmsg$NLBL_UNLABEL_C_STATICLISTDEF(r0, &(0x7f0000000600)={&(0x7f0000000480)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f00000005c0)={&(0x7f0000000500)={0xa8, r3, 0x200, 0x70bd2d, 0x25dfdbfb, {}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'bond0\x00'}, @NLBL_UNLABEL_A_IPV6ADDR={0x14, 0x2, @remote}, @NLBL_UNLABEL_A_IPV4ADDR={0x8, 0x4, @initdev={0xac, 0x1e, 0x1, 0x0}}, @NLBL_UNLABEL_A_IPV4MASK={0x8, 0x5, @dev={0xac, 0x14, 0x14, 0x3c}}, @NLBL_UNLABEL_A_ACPTFLG={0x5}, @NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'bridge0\x00'}, @NLBL_UNLABEL_A_SECCTX={0x2a, 0x7, 'system_u:object_r:ldconfig_cache_t:s0\x00'}, @NLBL_UNLABEL_A_IPV6ADDR={0x14, 0x2, @loopback}]}, 0xa8}, 0x1, 0x0, 0x0, 0x800}, 0x5) r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_UNLABEL_C_STATICLISTDEF(r4, &(0x7f00000007c0)={&(0x7f0000000640)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000780)={&(0x7f0000000680)={0xd8, r3, 0x0, 0x70bd2d, 0x25dfdbfb, {}, [@NLBL_UNLABEL_A_ACPTFLG={0x5}, @NLBL_UNLABEL_A_SECCTX={0x25, 0x7, 'system_u:object_r:init_exec_t:s0\x00'}, @NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'macvtap0\x00'}, @NLBL_UNLABEL_A_IPV6MASK={0x14, 0x3, @private2}, @NLBL_UNLABEL_A_IPV6ADDR={0x14, 0x2, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}, @NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'ipvlan1\x00'}, @NLBL_UNLABEL_A_IPV6ADDR={0x14, 0x2, @local}, @NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'veth0_vlan\x00'}, @NLBL_UNLABEL_A_ACPTFLG={0x5, 0x1, 0x1}, @NLBL_UNLABEL_A_IPV6MASK={0x14, 0x3, @private1={0xfc, 0x1, '\x00', 0x1}}]}, 0xd8}, 0x1, 0x0, 0x0, 0x8000}, 0x800) ioctl$sock_SIOCADDRT(0xffffffffffffffff, 0x890b, &(0x7f0000000880)={0x0, @tipc=@id={0x1e, 0x3, 0x1, {0x4e20, 0x4}}, @rc={0x1f, @none}, @xdp={0x2c, 0x1, 0x0, 0x37}, 0x6, 0x0, 0x0, 0x0, 0x7, &(0x7f0000000840)='veth0_to_bond\x00', 0x10001, 0x3, 0xb1}) ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000980)={'ip6_vti0\x00', &(0x7f0000000900)={'sit0\x00', 0x0, 0x2f, 0x1, 0x1f, 0x7, 0x6a, @empty, @empty, 0x40, 0x1, 0x0, 0x7fffffff}}) ioctl$sock_ipv6_tunnel_SIOCDELPRL(0xffffffffffffffff, 0x89f6, &(0x7f0000000a40)={'ip6gre0\x00', &(0x7f00000009c0)={'ip6_vti0\x00', 0x0, 0xff400c4f0cf5a177, 0x7, 0x81, 0x200, 0x9, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, @dev={0xfe, 0x80, '\x00', 0x19}, 0x8000, 0x8000, 0x7ff, 0xcd0}}) sendmsg$ETHTOOL_MSG_LINKINFO_GET(0xffffffffffffffff, &(0x7f0000000b80)={&(0x7f0000000800)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000b40)={&(0x7f0000000a80)={0xa0, 0x0, 0x100, 0x70bd2d, 0x25dfdbfd, {}, [@HEADER={0x64, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r5}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r6}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'syzkaller0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x7}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r7}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'ip6_vti0\x00'}]}, @HEADER={0x28, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'vxcan1\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}]}]}, 0xa0}, 0x1, 0x0, 0x0, 0x40000}, 0x4000080) r8 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL802154_CMD_GET_SEC_LEVEL(r8, &(0x7f0000000c80)={&(0x7f0000000bc0)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000c40)={&(0x7f0000000c00)={0x2c, r1, 0x100, 0x70bd2d, 0x25dfdbfc, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x3}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x3}]}, 0x2c}, 0x1, 0x0, 0x0, 0x4000811}, 0x2000) r9 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r10 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000d00), r2) sendmsg$NL802154_CMD_SET_TX_POWER(r9, &(0x7f0000000e40)={&(0x7f0000000cc0)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000e00)={&(0x7f0000000d80)={0x6c, r10, 0x8, 0x70bd2c, 0x25dfdbfc, {}, [@NL802154_ATTR_TX_POWER={0x8, 0xb, 0x1}, @NL802154_ATTR_TX_POWER={0x8, 0xb, 0x2}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x200000002}, @NL802154_ATTR_TX_POWER={0x8, 0xb, 0x9}, @NL802154_ATTR_IFINDEX={0x8}, @NL802154_ATTR_WPAN_PHY={0x8, 0x1, 0x3}, @NL802154_ATTR_TX_POWER={0x8}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x200000002}, @NL802154_ATTR_TX_POWER={0x8, 0xb, 0xaaf9}, @NL802154_ATTR_IFINDEX={0x8}]}, 0x6c}, 0x1, 0x0, 0x0, 0x8000}, 0x40000801) [ 71.423965] audit: type=1400 audit(1664740190.898:6): avc: denied { execmem } for pid=286 comm="syz-executor.0" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1 19:49:50 executing program 7: r0 = openat$full(0xffffffffffffff9c, &(0x7f0000000000), 0x201, 0x0) ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000040)=0x97) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl$INCFS_IOC_CREATE_FILE(r1, 0xc058671e, &(0x7f0000000440)={{}, {0x6}, 0xc0, 0x0, 0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)="6f9b626da09cba2ed0a122ec34a44efdd96996b386ee1fca94aa17fa2f3f3e83c5b60a41c7cce5abee1ef2071d27b21a0c51d6abad602aedc6ebc9288a1e8e55ffa6f2a9906112540afe54dede84f4615ad071b2df3a958583b010e435f322be3e7f7e3f4560de4af5624b556fd49799134f912688acdf85b6827156712f9e4f2e7bc8add3aabb82d5174a7445a41ce4e5c17184a0265b63d017660d8bbb2e33a630435d9eea4e779256b8812a3092afbb6bd82a78b3f57c46e786a8dd2b265a471c32468fcddf911dfd0f2f309b5cc6857471bbc3f9be1c0a370782421b430566f57f6a3e27a04c04d1a2e641b5579ef786148af39e8e1e0a4d900cde38870112958f8965e2179b3618bdd9a7c8f95455abd369e7ffcc0f75ae342d8d4eee7ce089f316781e6f240d35eab625ee68a308de101c4f35e74018678774e0abc244518ec9b27538325c9553af067c85cef610006a33c6786ed51ed5c5e6c9fe326eac7b533ae2ac6ec08943a0781715be86ee8ae8fd1d20a0da6eb885c4441c334fcb857ccaa7e9e05a364e5143365391b059bae56bc44f1f166a5c4afdc307f7c90b2bc7e61a84e2d519", 0x1a9, 0x0, &(0x7f00000002c0)={0x2, 0x113, {0x1, 0xc, 0x47, "a8285abc94ba1cca792a923bf97cddc8c5c1e38efe99c4a670ab46b16c9cebeac8e47c8d4f939e3df180708e1aa15f05865fde96595e4f11140d301610ab56ebb13aa030c8b44e", 0xbf, "17eaab9899cf3e531839f1ffe07bd39c97c2b825092549dad9372e84be371891664b11fb1eb7caeb0c875448f3c49fe61224b6aa47a5ad4625a5f54ef64137f758366213da5791a382840c59fb8fcc98d7b9c069f17640662fc3227c88d96672ebfb5e7a5ae73e92736e0bd080a63e7741c2f98a18fb0cd7422fda290177026aa03ecfb75699833cf8ccb0ca03cc8ef961c0a3ebf63640a1a1312a2ad1d7a746ff77db61c4a990574c6376ccd7a32915bf3b2981b76952997cdea620b00965"}, 0x29, "46dd1df15db2c727679f1c7204112dc480010f9016f01757e76c3bdd1e7a29e202b7e10beb1a669192"}, 0x148}) ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(r0, 0xc018937d, &(0x7f00000004c0)={{0x1, 0x1, 0x18, r1}, './file0\x00'}) r3 = syz_genetlink_get_family_id$tipc(&(0x7f0000000540), r0) sendmsg$TIPC_CMD_SET_LINK_TOL(r2, &(0x7f0000000640)={&(0x7f0000000500)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000600)={&(0x7f0000000580)={0x68, r3, 0x308, 0x70bd27, 0x25dfdbfb, {{}, {}, {0x4c, 0x18, {0x7f, @media='eth\x00'}}}, ["", "", ""]}, 0x68}, 0x1, 0x0, 0x0, 0x40}, 0x40000c0) r4 = socket$inet_udplite(0x2, 0x2, 0x88) r5 = pidfd_getfd(r0, r4, 0x0) sendmsg$802154_raw(r5, &(0x7f0000000800)={&(0x7f0000000680)={0x24, @short={0x2, 0x1, 0xfffe}}, 0x14, &(0x7f00000007c0)={&(0x7f00000006c0)="96cb59a7f998268538555664be20faa2624d141ce5b143e5f680d5a04fad3b87ce6b54a6625d2d6cfaf505f36130bbb991c28029ee3aacc2ffdaa50527b42615cdedb7c0538e7093a925a25ef3dc774b3db02585c0bc4c73cab389c51e42e0e27693218e551b3854c87a25380a72bb45d44bfc569e572280d09f38b9be2a0091708eddfe039f8ada82d1a5e95b4686882576b12cf937e2a50ba8b29191b8f30e4c8cba414b699bcc6d00d5ad3ccf372d51e29a6f5b9aa041d6872eb01d0b5d6b9c1df421a99e1825dc0704a61228d9fe4542f759986baf025cf344d7", 0xdc}, 0x1, 0x0, 0x0, 0x44000}, 0x24004080) r6 = openat$sr(0xffffffffffffff9c, &(0x7f0000000840), 0x80a02, 0x0) setsockopt$inet_udp_encap(r6, 0x11, 0x64, &(0x7f0000000880), 0x4) sendmsg$802154_raw(0xffffffffffffffff, &(0x7f0000000a00)={&(0x7f00000008c0)={0x24, @none={0x0, 0x2}}, 0x14, &(0x7f00000009c0)={&(0x7f0000000900)="b0403f92c5eea1b6928dd02e3cc3a058f653804d486f4d2c00cd50a995792303c1d3301e23c1fe58fdc7e1c2cb91db33e8f559b58d5fb3440960f0888c4b45d48a5775bb54828284a7be4b5f2cc37e543f5687fdb303129137c2c82e4281373f0cc8ba70277c9a0d4e35feaf0c051004c9afc3dbb9f84daf8c16cd9efe49106a8baac222a8a90a6634f8f61f69e4c4ae70b8b6b827ea9dbee432d37b710ef57dcc3d61e7a3502463809cb1d76abe42a0f8c3d7e5f125f6f3de811271", 0xbc}}, 0x50) r7 = perf_event_open(&(0x7f0000000a80)={0x1, 0x80, 0x3, 0xeb, 0x80, 0x2a, 0x0, 0xffffffffffffff35, 0x28888, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x3, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x6, 0x1, @perf_bp={&(0x7f0000000a40), 0x7}, 0x4080, 0x4, 0x9, 0x5, 0xb00, 0x7, 0x0, 0x0, 0x3ff, 0x0, 0x7a8}, 0x0, 0x1, r6, 0xa) vmsplice(r1, &(0x7f0000000c00)=[{&(0x7f0000000b00)="78308ca808d18f01928a5a43fb4a062d38e8f48cc92c4d54a85ac73eba1fa82ef307e9bd6c119993e37aa87d5c6c2ef2b4c7da800027079995a2630b467cfe0842e4153013319596474fa6d1541efbd3972b00dd30ff05493f5ec59a62d631469d1b680c1d86850ec75cd4227ad5d612ec955ca6762d87fef6ab846813acd431ec5c70f6240882420ee83f2eac5772490ac30abdd816b929d78372a8789363d4e319eea9428200cef4d8a90cb89c612fc72f67d8e0802af3c2b5496da2ca36f53487e5a307499a7537389d09d164872073de404f7d81d8d51c8cab5d7c940b5c", 0xe0}], 0x1, 0x2) ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(r2, 0xc0189378, &(0x7f0000000c40)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {r7}}, './file0\x00'}) ioctl$EXT4_IOC_CHECKPOINT(r8, 0x4004662b, &(0x7f0000000c80)=0x3) r9 = perf_event_open(&(0x7f0000000d00)={0x3, 0x80, 0x8, 0xd, 0x20, 0x4, 0x0, 0x20, 0x20400, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1000, 0x0, @perf_bp={&(0x7f0000000cc0), 0x3}, 0x18606, 0x400, 0x7f, 0x9, 0x2, 0x1, 0x1, 0x0, 0xfffffff7, 0x0, 0x3}, 0xffffffffffffffff, 0x5, 0xffffffffffffffff, 0xa) ioctl$AUTOFS_IOC_ASKUMOUNT(r9, 0x80049370, &(0x7f0000000d80)) bind$inet(0xffffffffffffffff, &(0x7f0000000dc0)={0x2, 0x4e24, @multicast2}, 0x10) [ 72.622581] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 72.625185] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 72.627061] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 72.630009] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 72.632657] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 72.643120] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 72.652402] Bluetooth: hci0: HCI_REQ-0x0c1a [ 72.677150] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 72.678850] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 72.681121] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 72.684679] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 72.686787] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 72.688764] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 72.694400] Bluetooth: hci2: HCI_REQ-0x0c1a [ 72.700140] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 72.702031] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 72.703564] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 72.759857] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 72.761616] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 72.766517] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 72.767663] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 72.769839] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 72.771171] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 72.772715] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 72.773968] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 72.775622] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 72.779880] Bluetooth: hci1: HCI_REQ-0x0c1a [ 72.786547] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 72.790838] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 72.792008] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 72.793325] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 72.795710] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 72.796977] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 72.798747] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 72.800731] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 72.801958] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 72.806888] Bluetooth: hci7: HCI_REQ-0x0c1a [ 72.814190] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 72.815879] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 72.817271] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 72.819600] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 72.821099] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 72.825266] Bluetooth: hci4: HCI_REQ-0x0c1a [ 72.829112] Bluetooth: hci6: HCI_REQ-0x0c1a [ 72.847408] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 72.850991] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 72.853510] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 72.855066] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 72.860631] Bluetooth: hci5: HCI_REQ-0x0c1a [ 74.705205] Bluetooth: hci2: command 0x0409 tx timeout [ 74.705222] Bluetooth: hci0: command 0x0409 tx timeout [ 74.768370] Bluetooth: hci3: Opcode 0x c03 failed: -110 [ 74.832570] Bluetooth: hci7: command 0x0409 tx timeout [ 74.832600] Bluetooth: hci1: command 0x0409 tx timeout [ 74.896396] Bluetooth: hci5: command 0x0409 tx timeout [ 74.896420] Bluetooth: hci4: command 0x0409 tx timeout [ 74.897649] Bluetooth: hci6: command 0x0409 tx timeout [ 76.752344] Bluetooth: hci2: command 0x041b tx timeout [ 76.754961] Bluetooth: hci0: command 0x041b tx timeout [ 76.880370] Bluetooth: hci1: command 0x041b tx timeout [ 76.880734] Bluetooth: hci7: command 0x041b tx timeout [ 76.944347] Bluetooth: hci4: command 0x041b tx timeout [ 76.944823] Bluetooth: hci5: command 0x041b tx timeout [ 76.945600] Bluetooth: hci6: command 0x041b tx timeout [ 77.717631] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 77.718671] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 77.719539] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 77.721623] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 77.722808] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 77.723659] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 77.726115] Bluetooth: hci3: HCI_REQ-0x0c1a [ 78.800420] Bluetooth: hci0: command 0x040f tx timeout [ 78.800911] Bluetooth: hci2: command 0x040f tx timeout [ 78.928602] Bluetooth: hci1: command 0x040f tx timeout [ 78.929071] Bluetooth: hci7: command 0x040f tx timeout [ 78.992447] Bluetooth: hci6: command 0x040f tx timeout [ 78.992907] Bluetooth: hci5: command 0x040f tx timeout [ 78.993348] Bluetooth: hci4: command 0x040f tx timeout [ 79.760441] Bluetooth: hci3: command 0x0409 tx timeout [ 80.848353] Bluetooth: hci2: command 0x0419 tx timeout [ 80.848835] Bluetooth: hci0: command 0x0419 tx timeout [ 80.976590] Bluetooth: hci7: command 0x0419 tx timeout [ 80.977042] Bluetooth: hci1: command 0x0419 tx timeout [ 81.040347] Bluetooth: hci4: command 0x0419 tx timeout [ 81.040818] Bluetooth: hci5: command 0x0419 tx timeout [ 81.041212] Bluetooth: hci6: command 0x0419 tx timeout [ 81.808356] Bluetooth: hci3: command 0x041b tx timeout [ 83.856333] Bluetooth: hci3: command 0x040f tx timeout [ 85.904376] Bluetooth: hci3: command 0x0419 tx timeout 19:50:43 executing program 5: syz_mount_image$iso9660(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) r0 = openat$dir(0xffffffffffffff9c, &(0x7f00000006c0)='./file0\x00', 0x0, 0x0) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x0, 0x1) r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000680)='cpuacct.usage_percpu_user\x00', 0x0, 0x0) openat(r1, &(0x7f0000000700)='./file1\x00', 0x381000, 0x0) stat(&(0x7f0000000240)='./file0\x00', &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0}) setresuid(0x0, r2, 0x0) getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, &(0x7f00000004c0)={{{@in6=@ipv4={""/10, ""/2, @multicast2}, @in=@loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@private2}, 0x0, @in=@initdev}}, &(0x7f00000005c0)=0xe8) syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x781, 0x3, &(0x7f0000000440)=[{&(0x7f00000001c0)="e7ed7d314b979cb08e92ae71a99ee2225211ebb91527cac33e9a837db9d791f29a0aeb65c5411de0bb29a196e9d38caf015182ae6f108053a8502f9732c7e9eeceb150c30f65293892befe8d51aa849507ec4d5f10884f8475fd504e8b5672b50317174f008706e510419ffb3adb26a9594a02977aa30966c4eb0b069d16539396cdaba91281a33350569c70f92679de88c2633170fb6611a4337b00fd083218656d67c6d9c5f91c181288a173a47660e8a29b2f3879cdcbfa7945198f6cc14f9bc0bd36dbf1dc", 0xc7, 0x2}, {&(0x7f00000002c0)="b4608b494e752ef0d13fc7bfd640dff849ffe057299fcae60694dd5306bd3dc571f251662bdac735a40b79b66065f8f7a706e977d6db2966d177908350611b106abc3a8ac4ff33562e66ad61d382cf6ff53cabc86e33d81e6bc9c39951bfa4", 0x5f, 0x2}, {&(0x7f0000000340)="d2bc8953fc88607e00a51cff0513dd67ff7075c5d567b5c5be343004112ab4619b688f6c7a3b789639f66d337086f9ad517291e62e61c89018cb79104dca6f910b3088397314a6541fc96cf2c912e3b103b70fb6205529ea000553969e4b2740a60347e9a0be7a7925311bc29508aff6681a2b0ef8ee6d41f3ec1b99f16ff01abe66b4b6a112e3e9198607c6cc2adfac208136132918d4e3e8553dffe2d45aec4495ce93cfd04536752f387b0c1283b95719b7b0b766e743e910f9603cda173eecd6e6a536cc4148734f4644cd4b26c157290f32eb3451bbdee158fa1f35137da2d61e95c68da15aa4da766256ce35f1bb", 0xf1, 0x5}], 0x2000, &(0x7f0000000600)={[{@numtail}], [{@euid_lt={'euid<', r2}}, {@euid_eq={'euid', 0x3d, r3}}, {@smackfshat={'smackfshat', 0x3d, '&'}}, {@smackfsdef={'smackfsdef', 0x3d, '.[!'}}]}) renameat2(r0, &(0x7f0000000080)='./file0\x00', r0, &(0x7f0000000180)='./file1\x00', 0x5) openat(r0, &(0x7f0000000140)='./file0\x00', 0x0, 0x0) 19:50:43 executing program 5: syz_io_uring_setup(0x1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100), &(0x7f0000000140)) r0 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0) r1 = openat$incfs(0xffffffffffffffff, &(0x7f0000000180)='.pending_reads\x00', 0x48000, 0x100) r2 = socket$packet(0x11, 0x3, 0x300) r3 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000480)=ANY=[@ANYRES16=r0, @ANYRES32=0x0, @ANYRES32=0xee00, @ANYBLOB="ff0100000000000004000000000000010000000032000000ffffffff00000000000000000000000000000000000000000000000000002c00000000020000000000000000002000000000000000000000000000000000da0000f5ff000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000480002007863962b15ef7eaa956c000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001c0017000000000000000000000000000000000000000000000000000000000000000000debc3f38dd1ca2aaef108e651d000000005eeac0e8ec56711ffac325818722985065bfd1e7ad5d448aecde99601de1e587eb0e76d193ad38"], 0x154}}, 0x0) r4 = perf_event_open$cgroup(&(0x7f00000012c0)={0x4, 0x80, 0x1, 0xf9, 0xcc, 0x86, 0x0, 0x100, 0x41500, 0x2, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x3, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x6, 0x0, @perf_config_ext={0x80, 0x9}, 0x40002, 0x8, 0x4, 0x1, 0x0, 0x8, 0x3ff, 0x0, 0xce9d, 0x0, 0x5}, r1, 0xb, 0xffffffffffffffff, 0xc) sendfile(r1, r4, &(0x7f0000001340), 0x2) r5 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x1010c2, 0x0) r6 = openat$procfs(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/meminfo\x00', 0x0, 0x0) sendfile(r5, r6, 0x0, 0x100000101) r7 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0) io_uring_register$IORING_UNREGISTER_PERSONALITY(r6, 0xa, 0x0, r7) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, 0x0) io_uring_register$IORING_REGISTER_FILES(r6, 0x2, &(0x7f00000001c0), 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000200)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, @perf_bp={&(0x7f0000000040), 0x2}, 0x0, 0x0, 0x40}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff) socket$inet_udp(0x2, 0x2, 0x0) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f00000002c0)='./cgroup/syz0\x00', 0x1ff) [ 124.298108] audit: type=1400 audit(1664740243.772:7): avc: denied { open } for pid=3574 comm="syz-executor.5" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 [ 124.327057] audit: type=1400 audit(1664740243.801:8): avc: denied { kernel } for pid=3574 comm="syz-executor.5" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 [ 124.336138] ------------[ cut here ]------------ [ 124.336161] [ 124.336165] ====================================================== [ 124.336169] WARNING: possible circular locking dependency detected [ 124.336173] 6.0.0-rc7-next-20220930 #1 Not tainted [ 124.336179] ------------------------------------------------------ [ 124.336183] syz-executor.5/3575 is trying to acquire lock: [ 124.336189] ffffffff853faab8 ((console_sem).lock){....}-{2:2}, at: down_trylock+0xe/0x70 [ 124.336229] [ 124.336229] but task is already holding lock: [ 124.336232] ffff88801daa4820 (&ctx->lock){....}-{2:2}, at: __perf_event_task_sched_out+0x53b/0x18d0 [ 124.336259] [ 124.336259] which lock already depends on the new lock. [ 124.336259] [ 124.336262] [ 124.336262] the existing dependency chain (in reverse order) is: [ 124.336265] [ 124.336265] -> #3 (&ctx->lock){....}-{2:2}: [ 124.336281] _raw_spin_lock+0x2a/0x40 [ 124.336296] __perf_event_task_sched_out+0x53b/0x18d0 [ 124.336307] __schedule+0xedd/0x2470 [ 124.336321] schedule+0xda/0x1b0 [ 124.336335] exit_to_user_mode_prepare+0x114/0x1a0 [ 124.336347] syscall_exit_to_user_mode+0x19/0x40 [ 124.336360] do_syscall_64+0x48/0x90 [ 124.336378] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 124.336391] [ 124.336391] -> #2 (&rq->__lock){-.-.}-{2:2}: [ 124.336404] _raw_spin_lock_nested+0x30/0x40 [ 124.336415] raw_spin_rq_lock_nested+0x1e/0x30 [ 124.336429] task_fork_fair+0x63/0x4d0 [ 124.336445] sched_cgroup_fork+0x3d0/0x540 [ 124.336459] copy_process+0x4183/0x6e20 [ 124.336470] kernel_clone+0xe7/0x890 [ 124.336480] user_mode_thread+0xad/0xf0 [ 124.336490] rest_init+0x24/0x250 [ 124.336502] arch_call_rest_init+0xf/0x14 [ 124.336520] start_kernel+0x4c6/0x4eb [ 124.336535] secondary_startup_64_no_verify+0xe0/0xeb [ 124.336549] [ 124.336549] -> #1 (&p->pi_lock){-.-.}-{2:2}: [ 124.336562] _raw_spin_lock_irqsave+0x39/0x60 [ 124.336573] try_to_wake_up+0xab/0x1930 [ 124.336586] up+0x75/0xb0 [ 124.336600] __up_console_sem+0x6e/0x80 [ 124.336616] console_unlock+0x46a/0x590 [ 124.336632] con_install+0x14e/0x5d0 [ 124.336650] tty_init_dev.part.0+0xa0/0x5e0 [ 124.336663] tty_open+0xba3/0x1350 [ 124.336673] chrdev_open+0x268/0x6e0 [ 124.336686] do_dentry_open+0x6ca/0x12b0 [ 124.336698] path_openat+0x187f/0x27b0 [ 124.336708] do_filp_open+0x1b6/0x410 [ 124.336718] do_sys_openat2+0x171/0x4c0 [ 124.336732] __x64_sys_openat+0x13f/0x1f0 [ 124.336745] do_syscall_64+0x3b/0x90 [ 124.336761] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 124.336774] [ 124.336774] -> #0 ((console_sem).lock){....}-{2:2}: [ 124.336787] __lock_acquire+0x2a02/0x5e70 [ 124.336804] lock_acquire+0x1a2/0x530 [ 124.336820] _raw_spin_lock_irqsave+0x39/0x60 [ 124.336830] down_trylock+0xe/0x70 [ 124.336845] __down_trylock_console_sem+0x3b/0xd0 [ 124.336861] vprintk_emit+0x16b/0x560 [ 124.336876] vprintk+0x84/0xa0 [ 124.336892] _printk+0xba/0xf1 [ 124.336904] report_bug.cold+0x72/0xab [ 124.336920] handle_bug+0x3c/0x70 [ 124.336936] exc_invalid_op+0x14/0x50 [ 124.336952] asm_exc_invalid_op+0x16/0x20 [ 124.336965] group_sched_out.part.0+0x2c7/0x460 [ 124.336983] ctx_sched_out+0x8f1/0xc10 [ 124.336999] __perf_event_task_sched_out+0x6d0/0x18d0 [ 124.337010] __schedule+0xedd/0x2470 [ 124.337023] schedule+0xda/0x1b0 [ 124.337036] exit_to_user_mode_prepare+0x114/0x1a0 [ 124.337047] syscall_exit_to_user_mode+0x19/0x40 [ 124.337059] do_syscall_64+0x48/0x90 [ 124.337075] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 124.337088] [ 124.337088] other info that might help us debug this: [ 124.337088] [ 124.337090] Chain exists of: [ 124.337090] (console_sem).lock --> &rq->__lock --> &ctx->lock [ 124.337090] [ 124.337105] Possible unsafe locking scenario: [ 124.337105] [ 124.337107] CPU0 CPU1 [ 124.337109] ---- ---- [ 124.337112] lock(&ctx->lock); [ 124.337117] lock(&rq->__lock); [ 124.337124] lock(&ctx->lock); [ 124.337130] lock((console_sem).lock); [ 124.337135] [ 124.337135] *** DEADLOCK *** [ 124.337135] [ 124.337138] 2 locks held by syz-executor.5/3575: [ 124.337144] #0: ffff88806cf37e98 (&rq->__lock){-.-.}-{2:2}, at: __schedule+0x1cf/0x2470 [ 124.337173] #1: ffff88801daa4820 (&ctx->lock){....}-{2:2}, at: __perf_event_task_sched_out+0x53b/0x18d0 [ 124.337199] [ 124.337199] stack backtrace: [ 124.337202] CPU: 1 PID: 3575 Comm: syz-executor.5 Not tainted 6.0.0-rc7-next-20220930 #1 [ 124.337214] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 124.337222] Call Trace: [ 124.337226] [ 124.337230] dump_stack_lvl+0x8b/0xb3 [ 124.337248] check_noncircular+0x263/0x2e0 [ 124.337265] ? format_decode+0x26c/0xb50 [ 124.337281] ? print_circular_bug+0x450/0x450 [ 124.337298] ? simple_strtoul+0x30/0x30 [ 124.337312] ? __lockdep_reset_lock+0x180/0x180 [ 124.337329] ? format_decode+0x26c/0xb50 [ 124.337346] ? alloc_chain_hlocks+0x1ec/0x5a0 [ 124.337369] __lock_acquire+0x2a02/0x5e70 [ 124.337391] ? lockdep_hardirqs_on_prepare+0x410/0x410 [ 124.337413] lock_acquire+0x1a2/0x530 [ 124.337429] ? down_trylock+0xe/0x70 [ 124.337447] ? lock_release+0x750/0x750 [ 124.337463] ? lockdep_hardirqs_on_prepare+0x410/0x410 [ 124.337484] ? vprintk+0x84/0xa0 [ 124.337502] _raw_spin_lock_irqsave+0x39/0x60 [ 124.337513] ? down_trylock+0xe/0x70 [ 124.337529] down_trylock+0xe/0x70 [ 124.337544] ? vprintk+0x84/0xa0 [ 124.337561] __down_trylock_console_sem+0x3b/0xd0 [ 124.337578] vprintk_emit+0x16b/0x560 [ 124.337595] ? lock_downgrade+0x6d0/0x6d0 [ 124.337613] vprintk+0x84/0xa0 [ 124.337630] _printk+0xba/0xf1 [ 124.337641] ? record_print_text.cold+0x16/0x16 [ 124.337655] ? hrtimer_try_to_cancel+0x163/0x2c0 [ 124.337669] ? lock_downgrade+0x6d0/0x6d0 [ 124.337687] ? report_bug.cold+0x66/0xab [ 124.337705] ? group_sched_out.part.0+0x2c7/0x460 [ 124.337723] report_bug.cold+0x72/0xab [ 124.337741] handle_bug+0x3c/0x70 [ 124.337758] exc_invalid_op+0x14/0x50 [ 124.337776] asm_exc_invalid_op+0x16/0x20 [ 124.337789] RIP: 0010:group_sched_out.part.0+0x2c7/0x460 [ 124.337809] Code: 5e 41 5f e9 8b ae ef ff e8 86 ae ef ff 65 8b 1d 0b 18 ac 7e 31 ff 89 de e8 26 ab ef ff 85 db 0f 84 8a 00 00 00 e8 69 ae ef ff <0f> 0b e9 a5 fe ff ff e8 5d ae ef ff 48 8d 7d 10 48 b8 00 00 00 00 [ 124.337821] RSP: 0018:ffff88803ff07c48 EFLAGS: 00010006 [ 124.337829] RAX: 0000000040000002 RBX: 0000000000000000 RCX: 0000000000000000 [ 124.337837] RDX: ffff88803fe08000 RSI: ffffffff81565dc7 RDI: 0000000000000005 [ 124.337845] RBP: ffff88801fa10000 R08: 0000000000000005 R09: 0000000000000001 [ 124.337852] R10: 0000000000000000 R11: 0000000000000001 R12: ffff88801daa4800 [ 124.337859] R13: ffff88806cf3d2c0 R14: ffffffff8547c960 R15: 0000000000000002 [ 124.337870] ? group_sched_out.part.0+0x2c7/0x460 [ 124.337890] ? group_sched_out.part.0+0x2c7/0x460 [ 124.337909] ctx_sched_out+0x8f1/0xc10 [ 124.337929] __perf_event_task_sched_out+0x6d0/0x18d0 [ 124.337943] ? lock_is_held_type+0xd7/0x130 [ 124.337956] ? __perf_cgroup_move+0x160/0x160 [ 124.337967] ? set_next_entity+0x304/0x550 [ 124.337984] ? update_curr+0x267/0x740 [ 124.338002] ? lock_is_held_type+0xd7/0x130 [ 124.338016] __schedule+0xedd/0x2470 [ 124.338033] ? io_schedule_timeout+0x150/0x150 [ 124.338049] ? __x64_sys_futex_time32+0x480/0x480 [ 124.338064] schedule+0xda/0x1b0 [ 124.338079] exit_to_user_mode_prepare+0x114/0x1a0 [ 124.338091] syscall_exit_to_user_mode+0x19/0x40 [ 124.338104] do_syscall_64+0x48/0x90 [ 124.338122] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 124.338135] RIP: 0033:0x7f6ebd934b19 [ 124.338143] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 124.338154] RSP: 002b:00007f6ebaeaa218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 124.338164] RAX: 0000000000000001 RBX: 00007f6ebda47f68 RCX: 00007f6ebd934b19 [ 124.338172] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f6ebda47f6c [ 124.338179] RBP: 00007f6ebda47f60 R08: 000000000000000e R09: 0000000000000000 [ 124.338186] R10: 0000000000000008 R11: 0000000000000246 R12: 00007f6ebda47f6c [ 124.338193] R13: 00007ffeef53059f R14: 00007f6ebaeaa300 R15: 0000000000022000 [ 124.338206] [ 124.396915] WARNING: CPU: 1 PID: 3575 at kernel/events/core.c:2309 group_sched_out.part.0+0x2c7/0x460 [ 124.397617] Modules linked in: [ 124.397862] CPU: 1 PID: 3575 Comm: syz-executor.5 Not tainted 6.0.0-rc7-next-20220930 #1 [ 124.398445] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 124.399271] RIP: 0010:group_sched_out.part.0+0x2c7/0x460 [ 124.399680] Code: 5e 41 5f e9 8b ae ef ff e8 86 ae ef ff 65 8b 1d 0b 18 ac 7e 31 ff 89 de e8 26 ab ef ff 85 db 0f 84 8a 00 00 00 e8 69 ae ef ff <0f> 0b e9 a5 fe ff ff e8 5d ae ef ff 48 8d 7d 10 48 b8 00 00 00 00 [ 124.401029] RSP: 0018:ffff88803ff07c48 EFLAGS: 00010006 [ 124.401436] RAX: 0000000040000002 RBX: 0000000000000000 RCX: 0000000000000000 [ 124.401961] RDX: ffff88803fe08000 RSI: ffffffff81565dc7 RDI: 0000000000000005 [ 124.402493] RBP: ffff88801fa10000 R08: 0000000000000005 R09: 0000000000000001 [ 124.403022] R10: 0000000000000000 R11: 0000000000000001 R12: ffff88801daa4800 [ 124.403548] R13: ffff88806cf3d2c0 R14: ffffffff8547c960 R15: 0000000000000002 [ 124.404065] FS: 00007f6ebaeaa700(0000) GS:ffff88806cf00000(0000) knlGS:0000000000000000 [ 124.404653] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 124.405087] CR2: 00007f84224ef6f4 CR3: 0000000035b68000 CR4: 0000000000350ee0 [ 124.405623] Call Trace: [ 124.405820] [ 124.405991] ctx_sched_out+0x8f1/0xc10 [ 124.406289] __perf_event_task_sched_out+0x6d0/0x18d0 [ 124.406680] ? lock_is_held_type+0xd7/0x130 [ 124.407007] ? __perf_cgroup_move+0x160/0x160 [ 124.407351] ? set_next_entity+0x304/0x550 [ 124.407671] ? update_curr+0x267/0x740 [ 124.407967] ? lock_is_held_type+0xd7/0x130 [ 124.408294] __schedule+0xedd/0x2470 [ 124.408583] ? io_schedule_timeout+0x150/0x150 [ 124.408936] ? __x64_sys_futex_time32+0x480/0x480 [ 124.409301] schedule+0xda/0x1b0 [ 124.409572] exit_to_user_mode_prepare+0x114/0x1a0 [ 124.409936] syscall_exit_to_user_mode+0x19/0x40 [ 124.410295] do_syscall_64+0x48/0x90 [ 124.410578] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 124.410959] RIP: 0033:0x7f6ebd934b19 [ 124.411244] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 124.412576] RSP: 002b:00007f6ebaeaa218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 124.413134] RAX: 0000000000000001 RBX: 00007f6ebda47f68 RCX: 00007f6ebd934b19 [ 124.413674] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f6ebda47f6c [ 124.414209] RBP: 00007f6ebda47f60 R08: 000000000000000e R09: 0000000000000000 [ 124.414743] R10: 0000000000000008 R11: 0000000000000246 R12: 00007f6ebda47f6c [ 124.415277] R13: 00007ffeef53059f R14: 00007f6ebaeaa300 R15: 0000000000022000 [ 124.415802] [ 124.415979] irq event stamp: 3606 [ 124.416228] hardirqs last enabled at (3605): [] exit_to_user_mode_prepare+0x109/0x1a0 [ 124.416922] hardirqs last disabled at (3606): [] __schedule+0x1225/0x2470 [ 124.417554] softirqs last enabled at (3476): [] __irq_exit_rcu+0x11b/0x180 [ 124.418184] softirqs last disabled at (3467): [] __irq_exit_rcu+0x11b/0x180 [ 124.418824] ---[ end trace 0000000000000000 ]--- 19:50:44 executing program 5: syz_io_uring_setup(0x1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100), &(0x7f0000000140)) r0 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0) r1 = openat$incfs(0xffffffffffffffff, &(0x7f0000000180)='.pending_reads\x00', 0x48000, 0x100) r2 = socket$packet(0x11, 0x3, 0x300) r3 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000480)=ANY=[@ANYRES16=r0, @ANYRES32=0x0, @ANYRES32=0xee00, @ANYBLOB="ff0100000000000004000000000000010000000032000000ffffffff00000000000000000000000000000000000000000000000000002c00000000020000000000000000002000000000000000000000000000000000da0000f5ff000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000480002007863962b15ef7eaa956c000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001c0017000000000000000000000000000000000000000000000000000000000000000000debc3f38dd1ca2aaef108e651d000000005eeac0e8ec56711ffac325818722985065bfd1e7ad5d448aecde99601de1e587eb0e76d193ad38"], 0x154}}, 0x0) r4 = perf_event_open$cgroup(&(0x7f00000012c0)={0x4, 0x80, 0x1, 0xf9, 0xcc, 0x86, 0x0, 0x100, 0x41500, 0x2, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x3, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x6, 0x0, @perf_config_ext={0x80, 0x9}, 0x40002, 0x8, 0x4, 0x1, 0x0, 0x8, 0x3ff, 0x0, 0xce9d, 0x0, 0x5}, r1, 0xb, 0xffffffffffffffff, 0xc) sendfile(r1, r4, &(0x7f0000001340), 0x2) r5 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x1010c2, 0x0) r6 = openat$procfs(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/meminfo\x00', 0x0, 0x0) sendfile(r5, r6, 0x0, 0x100000101) r7 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0) io_uring_register$IORING_UNREGISTER_PERSONALITY(r6, 0xa, 0x0, r7) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, 0x0) io_uring_register$IORING_REGISTER_FILES(r6, 0x2, &(0x7f00000001c0), 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000200)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, @perf_bp={&(0x7f0000000040), 0x2}, 0x0, 0x0, 0x40}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff) socket$inet_udp(0x2, 0x2, 0x0) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f00000002c0)='./cgroup/syz0\x00', 0x1ff) 19:50:44 executing program 5: syz_io_uring_setup(0x1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100), &(0x7f0000000140)) r0 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0) r1 = openat$incfs(0xffffffffffffffff, &(0x7f0000000180)='.pending_reads\x00', 0x48000, 0x100) r2 = socket$packet(0x11, 0x3, 0x300) r3 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000480)=ANY=[@ANYRES16=r0, @ANYRES32=0x0, @ANYRES32=0xee00, @ANYBLOB="ff0100000000000004000000000000010000000032000000ffffffff00000000000000000000000000000000000000000000000000002c00000000020000000000000000002000000000000000000000000000000000da0000f5ff000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000480002007863962b15ef7eaa956c000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001c0017000000000000000000000000000000000000000000000000000000000000000000debc3f38dd1ca2aaef108e651d000000005eeac0e8ec56711ffac325818722985065bfd1e7ad5d448aecde99601de1e587eb0e76d193ad38"], 0x154}}, 0x0) r4 = perf_event_open$cgroup(&(0x7f00000012c0)={0x4, 0x80, 0x1, 0xf9, 0xcc, 0x86, 0x0, 0x100, 0x41500, 0x2, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x3, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x6, 0x0, @perf_config_ext={0x80, 0x9}, 0x40002, 0x8, 0x4, 0x1, 0x0, 0x8, 0x3ff, 0x0, 0xce9d, 0x0, 0x5}, r1, 0xb, 0xffffffffffffffff, 0xc) sendfile(r1, r4, &(0x7f0000001340), 0x2) r5 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x1010c2, 0x0) r6 = openat$procfs(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/meminfo\x00', 0x0, 0x0) sendfile(r5, r6, 0x0, 0x100000101) r7 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0) io_uring_register$IORING_UNREGISTER_PERSONALITY(r6, 0xa, 0x0, r7) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, 0x0) io_uring_register$IORING_REGISTER_FILES(r6, 0x2, &(0x7f00000001c0), 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000200)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, @perf_bp={&(0x7f0000000040), 0x2}, 0x0, 0x0, 0x40}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff) socket$inet_udp(0x2, 0x2, 0x0) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f00000002c0)='./cgroup/syz0\x00', 0x1ff) 19:50:44 executing program 5: syz_io_uring_setup(0x1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100), &(0x7f0000000140)) r0 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0) r1 = openat$incfs(0xffffffffffffffff, &(0x7f0000000180)='.pending_reads\x00', 0x48000, 0x100) r2 = socket$packet(0x11, 0x3, 0x300) r3 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000480)=ANY=[@ANYRES16=r0, @ANYRES32=0x0, @ANYRES32=0xee00, @ANYBLOB="ff0100000000000004000000000000010000000032000000ffffffff00000000000000000000000000000000000000000000000000002c00000000020000000000000000002000000000000000000000000000000000da0000f5ff000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000480002007863962b15ef7eaa956c000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001c0017000000000000000000000000000000000000000000000000000000000000000000debc3f38dd1ca2aaef108e651d000000005eeac0e8ec56711ffac325818722985065bfd1e7ad5d448aecde99601de1e587eb0e76d193ad38"], 0x154}}, 0x0) r4 = perf_event_open$cgroup(&(0x7f00000012c0)={0x4, 0x80, 0x1, 0xf9, 0xcc, 0x86, 0x0, 0x100, 0x41500, 0x2, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x3, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x6, 0x0, @perf_config_ext={0x80, 0x9}, 0x40002, 0x8, 0x4, 0x1, 0x0, 0x8, 0x3ff, 0x0, 0xce9d, 0x0, 0x5}, r1, 0xb, 0xffffffffffffffff, 0xc) sendfile(r1, r4, &(0x7f0000001340), 0x2) r5 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x1010c2, 0x0) r6 = openat$procfs(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/meminfo\x00', 0x0, 0x0) sendfile(r5, r6, 0x0, 0x100000101) r7 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0) io_uring_register$IORING_UNREGISTER_PERSONALITY(r6, 0xa, 0x0, r7) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, 0x0) io_uring_register$IORING_REGISTER_FILES(r6, 0x2, &(0x7f00000001c0), 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000200)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, @perf_bp={&(0x7f0000000040), 0x2}, 0x0, 0x0, 0x40}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff) socket$inet_udp(0x2, 0x2, 0x0) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f00000002c0)='./cgroup/syz0\x00', 0x1ff) 19:50:44 executing program 1: syz_io_uring_setup(0x1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100), &(0x7f0000000140)) r0 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0) r1 = openat$incfs(0xffffffffffffffff, &(0x7f0000000180)='.pending_reads\x00', 0x48000, 0x100) r2 = socket$packet(0x11, 0x3, 0x300) r3 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000480)=ANY=[@ANYRES16=r0, @ANYRES32=0x0, @ANYRES32=0xee00, @ANYBLOB="ff0100000000000004000000000000010000000032000000ffffffff00000000000000000000000000000000000000000000000000002c00000000020000000000000000002000000000000000000000000000000000da0000f5ff000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000480002007863962b15ef7eaa956c000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001c0017000000000000000000000000000000000000000000000000000000000000000000debc3f38dd1ca2aaef108e651d000000005eeac0e8ec56711ffac325818722985065bfd1e7ad5d448aecde99601de1e587eb0e76d193ad38"], 0x154}}, 0x0) r4 = perf_event_open$cgroup(&(0x7f00000012c0)={0x4, 0x80, 0x1, 0xf9, 0xcc, 0x86, 0x0, 0x100, 0x41500, 0x2, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x3, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x6, 0x0, @perf_config_ext={0x80, 0x9}, 0x40002, 0x8, 0x4, 0x1, 0x0, 0x8, 0x3ff, 0x0, 0xce9d, 0x0, 0x5}, r1, 0xb, 0xffffffffffffffff, 0xc) sendfile(r1, r4, &(0x7f0000001340), 0x2) r5 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x1010c2, 0x0) r6 = openat$procfs(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/meminfo\x00', 0x0, 0x0) sendfile(r5, r6, 0x0, 0x100000101) r7 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0) io_uring_register$IORING_UNREGISTER_PERSONALITY(r6, 0xa, 0x0, r7) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, 0x0) io_uring_register$IORING_REGISTER_FILES(r6, 0x2, &(0x7f00000001c0), 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000200)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, @perf_bp={&(0x7f0000000040), 0x2}, 0x0, 0x0, 0x40}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff) socket$inet_udp(0x2, 0x2, 0x0) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f00000002c0)='./cgroup/syz0\x00', 0x1ff) 19:50:44 executing program 5: syz_io_uring_setup(0x1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100), &(0x7f0000000140)) r0 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0) r1 = openat$incfs(0xffffffffffffffff, &(0x7f0000000180)='.pending_reads\x00', 0x48000, 0x100) r2 = socket$packet(0x11, 0x3, 0x300) r3 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000480)=ANY=[@ANYRES16=r0, @ANYRES32=0x0, @ANYRES32=0xee00, @ANYBLOB="ff0100000000000004000000000000010000000032000000ffffffff00000000000000000000000000000000000000000000000000002c00000000020000000000000000002000000000000000000000000000000000da0000f5ff000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000480002007863962b15ef7eaa956c000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001c0017000000000000000000000000000000000000000000000000000000000000000000debc3f38dd1ca2aaef108e651d000000005eeac0e8ec56711ffac325818722985065bfd1e7ad5d448aecde99601de1e587eb0e76d193ad38"], 0x154}}, 0x0) r4 = perf_event_open$cgroup(&(0x7f00000012c0)={0x4, 0x80, 0x1, 0xf9, 0xcc, 0x86, 0x0, 0x100, 0x41500, 0x2, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x3, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x6, 0x0, @perf_config_ext={0x80, 0x9}, 0x40002, 0x8, 0x4, 0x1, 0x0, 0x8, 0x3ff, 0x0, 0xce9d, 0x0, 0x5}, r1, 0xb, 0xffffffffffffffff, 0xc) sendfile(r1, r4, &(0x7f0000001340), 0x2) r5 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x1010c2, 0x0) r6 = openat$procfs(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/meminfo\x00', 0x0, 0x0) sendfile(r5, r6, 0x0, 0x100000101) r7 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0) io_uring_register$IORING_UNREGISTER_PERSONALITY(r6, 0xa, 0x0, r7) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, 0x0) io_uring_register$IORING_REGISTER_FILES(r6, 0x2, &(0x7f00000001c0), 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000200)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, @perf_bp={&(0x7f0000000040), 0x2}, 0x0, 0x0, 0x40}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff) socket$inet_udp(0x2, 0x2, 0x0) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f00000002c0)='./cgroup/syz0\x00', 0x1ff) 19:50:44 executing program 5: r0 = syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') r1 = openat(r0, &(0x7f0000000100)='./file0\x00', 0x301042, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x11, 0xffffffffffffffff, 0xa015000) r2 = perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) r3 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x26e1, 0x0) ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r3, 0xc0189375, &(0x7f0000000340)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32, @ANYBLOB="00005a1b0ddf00005e4d57d9cf66696cd3bf20acdd0135c2819119f0753cad33b2c5de32578f9d044d7c4e230cf879a5dc38b6d1bd7b7fd587b41b49596f8f992bdd23725839b4363201217ca300d90e9a047efde45252788986be9130f2ea5c00d83206037a3288ac852d82c464207c5baae4f57b7c84f58daf1a6b3b28ef221d28391b4b3a2695a660"]) fsconfig$FSCONFIG_SET_FD(r3, 0x5, &(0x7f0000000000)=']{\x00', 0x0, r1) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x11, r2, 0xa015000) ioctl$EXT4_IOC_MOVE_EXT(0xffffffffffffffff, 0xc028660f, 0x0) r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) r5 = io_uring_setup(0x454c, &(0x7f0000000240)) io_uring_register$IORING_REGISTER_FILES_UPDATE(r5, 0x11, 0x0, 0x0) write$binfmt_aout(r4, &(0x7f0000001180)=ANY=[], 0x220) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80, 0x0, @perf_bp={&(0x7f0000000300), 0xc}, 0x15182, 0x6, 0x0, 0x0, 0x0, 0x64f2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/mdstat\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x801, 0x1}, 0x8000, 0x5, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0xfffffffffffffffe}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) pwritev2(0xffffffffffffffff, &(0x7f0000000140)=[{&(0x7f00000000c0)="05ff232ef592436bf2d97aa1", 0xe}, {&(0x7f0000000100)="9f", 0x1}, {&(0x7f00000002c0)='^', 0x1}], 0x3, 0x0, 0x0, 0x0) ioctl$FAT_IOCTL_GET_ATTRIBUTES(0xffffffffffffffff, 0x80047210, &(0x7f00000001c0)) sendfile(r4, r1, 0x0, 0xfffffdef) [ 125.372652] loop5: detected capacity change from 0 to 40 [ 129.568122] SELinux: security_context_str_to_sid (staff_u) failed with errno=-22 [ 129.584377] loop2: detected capacity change from 0 to 128 [ 129.584945] SELinux: security_context_str_to_sid (user_u) failed with errno=-22 [ 129.588197] loop2: detected capacity change from 0 to 264192 VM DIAGNOSIS: 19:50:44 Registers: info registers vcpu 0 RAX=0000000000000001 RBX=80000000051b9005 RCX=ffffffff81690fb8 RDX=ffffed10037cb359 RSI=0000000000000008 RDI=ffff88801be59ac0 RBP=ffff88803fc444f0 RSP=ffff88801b9af908 R8 =0000000000000000 R9 =ffff88801be59ac7 R10=ffffed10037cb358 R11=0000000000000001 R12=ffff88801b9afcf8 R13=80000000051b9025 R14=dffffc0000000000 R15=00007fb6d0ca1000 RIP=ffffffff8178776a RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 0000000000000000 00000000 00000000 GS =0000 ffff88806ce00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007fb6d0c646f4 CR3=000000000f5dc000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 YMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM01=0000000000000000 0000000000000000 00007fb6d0c73470 00007fb6d0c72f20 YMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM03=0000000000000000 0000000000000000 756e20796d6d7564 20736e6f6974706f YMM04=0000000000000000 0000000000000000 2f2f2f2f2f2f2f2f 2f2f2f2f2f2f2f2f YMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM08=0000000000000000 0000000000000000 73253d656d616e6c 6165722073253d73 YMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 RAX=000000000000006b RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff823bb0f1 RDI=ffffffff8765a9a0 RBP=ffffffff8765a960 RSP=ffff88803ff07690 R8 =0000000000000001 R9 =000000000000000a R10=000000000000006b R11=0000000000000001 R12=000000000000006b R13=ffffffff8765a960 R14=0000000000000010 R15=ffffffff823bb0e0 RIP=ffffffff823bb149 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 00007f6ebaeaa700 00000000 00000000 GS =0000 ffff88806cf00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007f84224ef6f4 CR3=0000000035b68000 CR4=00350ee0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 YMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM01=0000000000000000 0000000000000000 00007f6ebda1b7c0 00007f6ebda1b7c8 YMM02=0000000000000000 0000000000000000 00007f6ebda1b7e0 00007f6ebda1b7c0 YMM03=0000000000000000 0000000000000000 00007f6ebda1b7c8 00007f6ebda1b7c0 YMM04=0000000000000000 0000000000000000 ffffffffffffffff ffffffff00000000 YMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM06=0000000000000000 0000000000000000 0000000000000000 000000524f525245 YMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM08=0000000000000000 0000000000000000 0000000000000000 00524f5252450040 YMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000