Warning: Permanently added '[localhost]:17953' (ECDSA) to the list of known hosts. 2022/10/03 07:08:21 fuzzer started 2022/10/03 07:08:22 dialing manager at localhost:35095 syzkaller login: [ 41.006318] cgroup: Unknown subsys name 'net' [ 41.093948] cgroup: Unknown subsys name 'rlimit' 2022/10/03 07:08:35 syscalls: 2215 2022/10/03 07:08:35 code coverage: enabled 2022/10/03 07:08:35 comparison tracing: enabled 2022/10/03 07:08:35 extra coverage: enabled 2022/10/03 07:08:35 setuid sandbox: enabled 2022/10/03 07:08:35 namespace sandbox: enabled 2022/10/03 07:08:35 Android sandbox: enabled 2022/10/03 07:08:35 fault injection: enabled 2022/10/03 07:08:35 leak checking: enabled 2022/10/03 07:08:35 net packet injection: enabled 2022/10/03 07:08:35 net device setup: enabled 2022/10/03 07:08:35 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2022/10/03 07:08:35 devlink PCI setup: PCI device 0000:00:10.0 is not available 2022/10/03 07:08:35 USB emulation: enabled 2022/10/03 07:08:35 hci packet injection: enabled 2022/10/03 07:08:35 wifi device emulation: failed to parse kernel version (6.0.0-rc7-next-20220930) 2022/10/03 07:08:35 802.15.4 emulation: enabled 2022/10/03 07:08:35 fetching corpus: 50, signal 34498/36259 (executing program) 2022/10/03 07:08:36 fetching corpus: 100, signal 46596/49948 (executing program) 2022/10/03 07:08:36 fetching corpus: 150, signal 53662/58542 (executing program) 2022/10/03 07:08:36 fetching corpus: 200, signal 59154/65531 (executing program) 2022/10/03 07:08:36 fetching corpus: 250, signal 63905/71713 (executing program) 2022/10/03 07:08:36 fetching corpus: 300, signal 66212/75498 (executing program) 2022/10/03 07:08:36 fetching corpus: 350, signal 70290/80916 (executing program) 2022/10/03 07:08:36 fetching corpus: 400, signal 74473/86432 (executing program) 2022/10/03 07:08:36 fetching corpus: 450, signal 79570/92712 (executing program) 2022/10/03 07:08:36 fetching corpus: 500, signal 83959/98282 (executing program) 2022/10/03 07:08:37 fetching corpus: 550, signal 87450/102962 (executing program) 2022/10/03 07:08:37 fetching corpus: 600, signal 89661/106387 (executing program) 2022/10/03 07:08:37 fetching corpus: 650, signal 92236/110133 (executing program) 2022/10/03 07:08:37 fetching corpus: 700, signal 95331/114346 (executing program) 2022/10/03 07:08:37 fetching corpus: 750, signal 99996/119962 (executing program) 2022/10/03 07:08:37 fetching corpus: 800, signal 101668/122807 (executing program) 2022/10/03 07:08:37 fetching corpus: 850, signal 103770/125991 (executing program) 2022/10/03 07:08:38 fetching corpus: 900, signal 106307/129518 (executing program) 2022/10/03 07:08:38 fetching corpus: 950, signal 108730/132949 (executing program) 2022/10/03 07:08:38 fetching corpus: 1000, signal 110881/136120 (executing program) 2022/10/03 07:08:38 fetching corpus: 1050, signal 113762/139836 (executing program) 2022/10/03 07:08:38 fetching corpus: 1100, signal 115541/142566 (executing program) 2022/10/03 07:08:38 fetching corpus: 1150, signal 116734/144827 (executing program) 2022/10/03 07:08:38 fetching corpus: 1200, signal 118937/147881 (executing program) 2022/10/03 07:08:39 fetching corpus: 1250, signal 120334/150265 (executing program) 2022/10/03 07:08:39 fetching corpus: 1300, signal 121924/152795 (executing program) 2022/10/03 07:08:39 fetching corpus: 1350, signal 123457/155214 (executing program) 2022/10/03 07:08:39 fetching corpus: 1400, signal 124892/157523 (executing program) 2022/10/03 07:08:39 fetching corpus: 1450, signal 127082/160426 (executing program) 2022/10/03 07:08:39 fetching corpus: 1500, signal 128640/162795 (executing program) 2022/10/03 07:08:39 fetching corpus: 1550, signal 131550/166285 (executing program) 2022/10/03 07:08:39 fetching corpus: 1600, signal 134378/169621 (executing program) 2022/10/03 07:08:40 fetching corpus: 1650, signal 135524/171609 (executing program) 2022/10/03 07:08:40 fetching corpus: 1700, signal 136650/173533 (executing program) 2022/10/03 07:08:40 fetching corpus: 1750, signal 137766/175466 (executing program) 2022/10/03 07:08:40 fetching corpus: 1800, signal 139098/177504 (executing program) 2022/10/03 07:08:40 fetching corpus: 1850, signal 140024/179269 (executing program) 2022/10/03 07:08:40 fetching corpus: 1900, signal 141301/181297 (executing program) 2022/10/03 07:08:40 fetching corpus: 1950, signal 142973/183654 (executing program) 2022/10/03 07:08:40 fetching corpus: 2000, signal 144962/186118 (executing program) 2022/10/03 07:08:40 fetching corpus: 2050, signal 145514/187539 (executing program) 2022/10/03 07:08:41 fetching corpus: 2100, signal 146269/189104 (executing program) 2022/10/03 07:08:41 fetching corpus: 2150, signal 147191/190796 (executing program) 2022/10/03 07:08:41 fetching corpus: 2200, signal 148599/192801 (executing program) 2022/10/03 07:08:41 fetching corpus: 2250, signal 149987/194830 (executing program) 2022/10/03 07:08:41 fetching corpus: 2300, signal 150810/196413 (executing program) 2022/10/03 07:08:41 fetching corpus: 2350, signal 151816/198064 (executing program) 2022/10/03 07:08:41 fetching corpus: 2400, signal 152891/199771 (executing program) 2022/10/03 07:08:41 fetching corpus: 2450, signal 154101/201537 (executing program) 2022/10/03 07:08:41 fetching corpus: 2500, signal 155005/203080 (executing program) 2022/10/03 07:08:42 fetching corpus: 2550, signal 155847/204611 (executing program) 2022/10/03 07:08:42 fetching corpus: 2600, signal 156979/206338 (executing program) 2022/10/03 07:08:42 fetching corpus: 2650, signal 157633/207681 (executing program) 2022/10/03 07:08:42 fetching corpus: 2700, signal 158566/209233 (executing program) 2022/10/03 07:08:42 fetching corpus: 2750, signal 159038/210429 (executing program) 2022/10/03 07:08:42 fetching corpus: 2800, signal 160576/212312 (executing program) 2022/10/03 07:08:42 fetching corpus: 2850, signal 161120/213550 (executing program) 2022/10/03 07:08:42 fetching corpus: 2900, signal 161848/214919 (executing program) 2022/10/03 07:08:42 fetching corpus: 2950, signal 162599/216328 (executing program) 2022/10/03 07:08:43 fetching corpus: 3000, signal 163453/217745 (executing program) 2022/10/03 07:08:43 fetching corpus: 3050, signal 165104/219609 (executing program) 2022/10/03 07:08:43 fetching corpus: 3100, signal 166995/221579 (executing program) 2022/10/03 07:08:43 fetching corpus: 3150, signal 168542/223336 (executing program) 2022/10/03 07:08:43 fetching corpus: 3200, signal 169248/224599 (executing program) 2022/10/03 07:08:43 fetching corpus: 3250, signal 169843/225784 (executing program) 2022/10/03 07:08:43 fetching corpus: 3300, signal 170237/226847 (executing program) 2022/10/03 07:08:43 fetching corpus: 3350, signal 170888/228054 (executing program) 2022/10/03 07:08:44 fetching corpus: 3400, signal 171857/229472 (executing program) 2022/10/03 07:08:44 fetching corpus: 3450, signal 172617/230714 (executing program) 2022/10/03 07:08:44 fetching corpus: 3500, signal 173111/231818 (executing program) 2022/10/03 07:08:44 fetching corpus: 3550, signal 174053/233198 (executing program) 2022/10/03 07:08:44 fetching corpus: 3600, signal 174773/234456 (executing program) 2022/10/03 07:08:45 fetching corpus: 3650, signal 175304/235534 (executing program) 2022/10/03 07:08:45 fetching corpus: 3700, signal 175840/236651 (executing program) 2022/10/03 07:08:45 fetching corpus: 3750, signal 176513/237801 (executing program) 2022/10/03 07:08:45 fetching corpus: 3800, signal 177835/239248 (executing program) 2022/10/03 07:08:45 fetching corpus: 3850, signal 178335/240251 (executing program) 2022/10/03 07:08:45 fetching corpus: 3900, signal 179706/241678 (executing program) 2022/10/03 07:08:45 fetching corpus: 3950, signal 180267/242686 (executing program) 2022/10/03 07:08:45 fetching corpus: 4000, signal 180858/243732 (executing program) 2022/10/03 07:08:45 fetching corpus: 4050, signal 181587/244857 (executing program) 2022/10/03 07:08:46 fetching corpus: 4100, signal 181929/245816 (executing program) 2022/10/03 07:08:46 fetching corpus: 4150, signal 182626/246876 (executing program) 2022/10/03 07:08:46 fetching corpus: 4200, signal 183343/247941 (executing program) 2022/10/03 07:08:46 fetching corpus: 4250, signal 184069/249014 (executing program) 2022/10/03 07:08:46 fetching corpus: 4300, signal 186173/250725 (executing program) 2022/10/03 07:08:46 fetching corpus: 4350, signal 187073/251876 (executing program) 2022/10/03 07:08:46 fetching corpus: 4400, signal 187722/252901 (executing program) 2022/10/03 07:08:47 fetching corpus: 4450, signal 188676/254033 (executing program) 2022/10/03 07:08:47 fetching corpus: 4500, signal 189220/254990 (executing program) 2022/10/03 07:08:47 fetching corpus: 4550, signal 189814/255930 (executing program) 2022/10/03 07:08:47 fetching corpus: 4600, signal 190206/256820 (executing program) 2022/10/03 07:08:47 fetching corpus: 4650, signal 190599/257723 (executing program) 2022/10/03 07:08:47 fetching corpus: 4700, signal 191049/258684 (executing program) 2022/10/03 07:08:47 fetching corpus: 4750, signal 191614/259664 (executing program) 2022/10/03 07:08:47 fetching corpus: 4800, signal 192424/260755 (executing program) 2022/10/03 07:08:47 fetching corpus: 4850, signal 192790/261590 (executing program) 2022/10/03 07:08:47 fetching corpus: 4900, signal 193256/262482 (executing program) 2022/10/03 07:08:48 fetching corpus: 4950, signal 194164/263539 (executing program) 2022/10/03 07:08:48 fetching corpus: 4998, signal 194783/264427 (executing program) 2022/10/03 07:08:48 fetching corpus: 4998, signal 194783/265114 (executing program) 2022/10/03 07:08:48 fetching corpus: 4998, signal 194783/265823 (executing program) 2022/10/03 07:08:48 fetching corpus: 4998, signal 194783/266532 (executing program) 2022/10/03 07:08:48 fetching corpus: 4998, signal 194783/267229 (executing program) 2022/10/03 07:08:48 fetching corpus: 4998, signal 194783/267920 (executing program) 2022/10/03 07:08:48 fetching corpus: 4998, signal 194783/268612 (executing program) 2022/10/03 07:08:48 fetching corpus: 4998, signal 194783/269316 (executing program) 2022/10/03 07:08:48 fetching corpus: 4998, signal 194783/270010 (executing program) 2022/10/03 07:08:48 fetching corpus: 4998, signal 194783/270725 (executing program) 2022/10/03 07:08:48 fetching corpus: 4998, signal 194783/271439 (executing program) 2022/10/03 07:08:48 fetching corpus: 4998, signal 194783/272144 (executing program) 2022/10/03 07:08:48 fetching corpus: 4998, signal 194783/272876 (executing program) 2022/10/03 07:08:48 fetching corpus: 4998, signal 194783/273573 (executing program) 2022/10/03 07:08:48 fetching corpus: 4998, signal 194783/274274 (executing program) 2022/10/03 07:08:48 fetching corpus: 4998, signal 194783/274951 (executing program) 2022/10/03 07:08:48 fetching corpus: 4998, signal 194783/275631 (executing program) 2022/10/03 07:08:48 fetching corpus: 4998, signal 194783/276361 (executing program) 2022/10/03 07:08:48 fetching corpus: 4998, signal 194783/277074 (executing program) 2022/10/03 07:08:48 fetching corpus: 4998, signal 194783/277740 (executing program) 2022/10/03 07:08:48 fetching corpus: 4998, signal 194783/278435 (executing program) 2022/10/03 07:08:48 fetching corpus: 4998, signal 194783/279122 (executing program) 2022/10/03 07:08:48 fetching corpus: 4998, signal 194783/279778 (executing program) 2022/10/03 07:08:48 fetching corpus: 4998, signal 194783/280459 (executing program) 2022/10/03 07:08:48 fetching corpus: 4998, signal 194783/281150 (executing program) 2022/10/03 07:08:48 fetching corpus: 4998, signal 194783/281846 (executing program) 2022/10/03 07:08:48 fetching corpus: 4998, signal 194783/282523 (executing program) 2022/10/03 07:08:48 fetching corpus: 4998, signal 194783/283221 (executing program) 2022/10/03 07:08:48 fetching corpus: 4998, signal 194783/283895 (executing program) 2022/10/03 07:08:48 fetching corpus: 4998, signal 194783/284608 (executing program) 2022/10/03 07:08:48 fetching corpus: 4998, signal 194783/285341 (executing program) 2022/10/03 07:08:48 fetching corpus: 4998, signal 194783/286043 (executing program) 2022/10/03 07:08:48 fetching corpus: 4998, signal 194783/286731 (executing program) 2022/10/03 07:08:48 fetching corpus: 4998, signal 194783/287432 (executing program) 2022/10/03 07:08:48 fetching corpus: 4998, signal 194783/288139 (executing program) 2022/10/03 07:08:48 fetching corpus: 4998, signal 194783/288856 (executing program) 2022/10/03 07:08:48 fetching corpus: 4998, signal 194783/289539 (executing program) 2022/10/03 07:08:48 fetching corpus: 4998, signal 194783/290228 (executing program) 2022/10/03 07:08:48 fetching corpus: 4998, signal 194783/290911 (executing program) 2022/10/03 07:08:48 fetching corpus: 4998, signal 194783/291588 (executing program) 2022/10/03 07:08:48 fetching corpus: 4998, signal 194783/292310 (executing program) 2022/10/03 07:08:48 fetching corpus: 4998, signal 194783/292987 (executing program) 2022/10/03 07:08:48 fetching corpus: 4998, signal 194783/293706 (executing program) 2022/10/03 07:08:48 fetching corpus: 4998, signal 194783/294397 (executing program) 2022/10/03 07:08:48 fetching corpus: 4998, signal 194783/295126 (executing program) 2022/10/03 07:08:48 fetching corpus: 4998, signal 194783/295827 (executing program) 2022/10/03 07:08:48 fetching corpus: 4998, signal 194783/296545 (executing program) 2022/10/03 07:08:48 fetching corpus: 4998, signal 194783/297251 (executing program) 2022/10/03 07:08:48 fetching corpus: 4998, signal 194783/297322 (executing program) 2022/10/03 07:08:48 fetching corpus: 4998, signal 194783/297322 (executing program) 2022/10/03 07:08:51 starting 8 fuzzer processes 07:08:51 executing program 0: r0 = creat(&(0x7f0000000000)='./file0\x00', 0x159) setsockopt$inet6_icmp_ICMP_FILTER(r0, 0x1, 0x1, &(0x7f0000000040)={0xf8000000}, 0x4) ioctl$sock_ipv6_tunnel_SIOCGETPRL(r0, 0x89f4, &(0x7f0000000100)={'sit0\x00', &(0x7f0000000080)={'ip6_vti0\x00', 0x0, 0x4, 0x20, 0x40, 0x3f, 0x44, @empty, @mcast1, 0x7, 0x8000, 0xfffff801, 0x1ff}}) ioctl$BTRFS_IOC_SCRUB_PROGRESS(0xffffffffffffffff, 0xc400941d, &(0x7f0000000140)={0x0, 0x400, 0x2, 0x1}) ioctl$sock_ipv6_tunnel_SIOCGET6RD(r0, 0x89f8, &(0x7f00000005c0)={'ip6_vti0\x00', &(0x7f0000000540)={'syztnl1\x00', 0x0, 0x2f, 0xcd, 0x4, 0x80000001, 0x9, @ipv4={'\x00', '\xff\xff', @broadcast}, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x8, 0x700, 0x8, 0x5}}) ioctl$BTRFS_IOC_SCRUB_PROGRESS(r0, 0xc400941d, &(0x7f0000000600)={r2, 0x100000001, 0x10001}) sendmsg$NL80211_CMD_GET_MPP(0xffffffffffffffff, &(0x7f0000000ac0)={&(0x7f0000000a00)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000a80)={&(0x7f0000000a40)={0x2c, 0x0, 0x200, 0x70bd26, 0x25dfdbfc, {{}, {@void, @val={0xc, 0x99, {0xe15, 0xd}}}}, [@NL80211_ATTR_MPATH_NEXT_HOP={0xa, 0x1a, @device_b}]}, 0x2c}, 0x1, 0x0, 0x0, 0x4000000}, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$BTRFS_IOC_GET_DEV_STATS(r4, 0xc4089434, &(0x7f0000000b00)={r2, 0x7ff, 0x0, [0x7, 0x3, 0x80000000, 0x9, 0xef], [0x0, 0x4cad, 0xaf8, 0x0, 0x20f, 0x7, 0x4, 0xfffffffffffffffe, 0xcb72, 0x100000001, 0x5, 0x100000001, 0x0, 0xa9f, 0xe6, 0x7, 0x8, 0x1cb6, 0x200, 0x5, 0x7, 0x0, 0x6a50, 0x1, 0x0, 0x80, 0x4, 0x100000001, 0x401, 0x3, 0x4, 0x6, 0x4, 0x0, 0x81, 0x7ff, 0x401, 0xfffffffffffffff8, 0x1, 0x8, 0x1, 0x0, 0x9, 0x100, 0x9, 0xb55, 0x5, 0x2, 0x8, 0x7, 0x200, 0x1, 0x6, 0xff, 0x8, 0x8, 0x1, 0x10000, 0x200, 0xd544, 0x0, 0x0, 0x1, 0x347c, 0x40, 0x80000001, 0x8, 0x7, 0x10000, 0x2, 0xb75e082, 0x6d3c602a, 0xfffffffffffffffc, 0x1e, 0x5, 0x2, 0x6, 0x9, 0x6, 0x9, 0x2, 0xa1, 0x7fffffff, 0x3f, 0xffffffff, 0x4, 0xffffffffffff7fff, 0x3, 0x80, 0x8, 0x400, 0x9, 0x81, 0x9, 0x5, 0x6, 0x9, 0x7, 0x6, 0x8, 0x100000000, 0x3, 0x20, 0x9, 0x100000000, 0x3, 0xffff, 0x1000, 0x8, 0x80000001, 0x9, 0x7, 0x7fffffff, 0x2, 0x200, 0x7, 0x213566da, 0x1, 0x800, 0x4, 0x6211]}) r6 = syz_open_dev$ttys(0xc, 0x2, 0x0) ioctl$BTRFS_IOC_SCRUB_PROGRESS(r6, 0xc400941d, &(0x7f0000000f40)={r5, 0x100000000, 0x6}) getsockopt$IP_VS_SO_GET_SERVICE(r0, 0x0, 0x483, &(0x7f0000001340), &(0x7f00000013c0)=0x68) r7 = openat$cgroup_ro(r0, &(0x7f0000001400)='cpu.stat\x00', 0x0, 0x0) sendmsg$IPVS_CMD_SET_CONFIG(r7, &(0x7f00000015c0)={&(0x7f0000001440)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000001580)={&(0x7f0000001480)={0xe0, 0x0, 0x20, 0x70bd2d, 0x25dfdbff, {}, [@IPVS_CMD_ATTR_SERVICE={0x28, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_FWMARK={0x8, 0x5, 0x3}, @IPVS_SVC_ATTR_PROTOCOL={0x6, 0x2, 0x43}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv6=@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}]}, @IPVS_CMD_ATTR_DAEMON={0x4}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x7}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x6}, @IPVS_CMD_ATTR_DEST={0x24, 0x2, 0x0, 0x1, [@IPVS_DEST_ATTR_WEIGHT={0x8, 0x4, 0x20}, @IPVS_DEST_ATTR_PORT={0x6, 0x2, 0x4e24}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x6, 0xb, 0x2}, @IPVS_DEST_ATTR_TUN_PORT={0x6, 0xe, 0x4e24}]}, @IPVS_CMD_ATTR_DEST={0x30, 0x2, 0x0, 0x1, [@IPVS_DEST_ATTR_INACT_CONNS={0x8, 0x8, 0x6}, @IPVS_DEST_ATTR_PORT={0x6, 0x2, 0x4e24}, @IPVS_DEST_ATTR_U_THRESH={0x8}, @IPVS_DEST_ATTR_ADDR={0x14, 0x1, @ipv4=@multicast2}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x7}, @IPVS_CMD_ATTR_SERVICE={0x34, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_NETMASK={0x8, 0x9, 0x3d}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv6=@private1}, @IPVS_SVC_ATTR_SCHED_NAME={0x7, 0x6, 'fo\x00'}, @IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x2, 0x8}}]}]}, 0xe0}, 0x1, 0x0, 0x0, 0x40084}, 0x80) ioctl$sock_ipv6_tunnel_SIOCGETPRL(0xffffffffffffffff, 0x89f4, &(0x7f00000016c0)={'syztnl2\x00', &(0x7f0000001640)={'ip6_vti0\x00', r1, 0x29, 0x1, 0x4b, 0x1, 0x0, @loopback, @loopback, 0x7, 0x10, 0x5}}) recvmmsg(r4, &(0x7f00000048c0)=[{{&(0x7f0000001700)=@qipcrtr, 0x80, &(0x7f0000001840)=[{&(0x7f0000001780)=""/143, 0x8f}], 0x1, &(0x7f0000001880)=""/95, 0x5f}, 0x80}, {{&(0x7f0000001900)=@alg, 0x80, &(0x7f0000001d40)=[{&(0x7f0000001980)=""/106, 0x6a}, {&(0x7f0000001a00)=""/90, 0x5a}, {&(0x7f0000001a80)=""/69, 0x45}, {&(0x7f0000001b00)=""/43, 0x2b}, {&(0x7f0000001b40)=""/206, 0xce}, {&(0x7f0000001c40)=""/100, 0x64}, {&(0x7f0000001cc0)=""/101, 0x65}], 0x7, &(0x7f0000001dc0)=""/227, 0xe3}, 0x81}, {{&(0x7f0000001ec0)=@xdp={0x2c, 0x0, 0x0}, 0x80, &(0x7f0000002040)=[{&(0x7f0000001f40)=""/227, 0xe3}], 0x1, &(0x7f0000002080)=""/4096, 0x1000}, 0xfffff2f1}, {{&(0x7f0000003080)=@x25, 0x80, &(0x7f0000003280)=[{&(0x7f0000003100)=""/94, 0x5e}, {&(0x7f0000003180)=""/155, 0x9b}, {&(0x7f0000003240)=""/50, 0x32}], 0x3, &(0x7f00000032c0)=""/137, 0x89}, 0xfff}, {{&(0x7f0000003380)=@pppol2tpv3={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @remote}}}, 0x80, &(0x7f0000003500)=[{&(0x7f0000003400)=""/208, 0xd0}], 0x1, &(0x7f0000003540)=""/173, 0xad}, 0xfff}, {{&(0x7f0000003600)=@nfc, 0x80, &(0x7f0000004800)=[{&(0x7f0000003680)=""/166, 0xa6}, {&(0x7f0000003740)=""/4096, 0x1000}, {&(0x7f0000004740)=""/166, 0xa6}], 0x3, &(0x7f0000004840)=""/90, 0x5a}}], 0x6, 0x0, &(0x7f0000004a40)) ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r7, 0x89f2, &(0x7f0000004b00)={'sit0\x00', &(0x7f0000004a80)={'syztnl0\x00', r1, 0x29, 0x1, 0x0, 0x1, 0x24, @rand_addr=' \x01\x00', @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x8, 0x8000, 0x7f, 0x10001}}) ioctl$sock_SIOCADDRT(r0, 0x890b, &(0x7f0000004b80)={0x0, @can={0x1d, r1}, @llc={0x1a, 0x204, 0x8c, 0x1, 0x3, 0xc0}, @can={0x1d, r3}, 0x4, 0x0, 0x0, 0x0, 0x2, &(0x7f0000004b40)='macvlan0\x00', 0x3, 0x7, 0xa00}) ioctl$sock_ipv6_tunnel_SIOCCHG6RD(r0, 0x89fb, &(0x7f0000004c80)={'syztnl2\x00', &(0x7f0000004c00)={'ip6gre0\x00', r1, 0x29, 0x20, 0x81, 0x3, 0x20, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @mcast1, 0x1, 0xb53c5ce11d163a44, 0x0, 0x1f}}) sendmsg$TEAM_CMD_PORT_LIST_GET(r4, &(0x7f00000056c0)={&(0x7f0000001600), 0xc, &(0x7f0000005680)={&(0x7f0000004f40)={0x708, 0x0, 0x100, 0x70bd25, 0x25dfdbfc, {}, [{{0x8, 0x1, r8}, {0x25c, 0x2, 0x0, 0x1, [{0x3c, 0x1, @user_linkup={{{0x24}, {0x5}, {0x4}}, {0x8, 0x6, r1}}}, {0x3c, 0x1, @lb_tx_method={{0x24}, {0x5}, {0x9, 0x4, 'hash\x00'}}}, {0x38, 0x1, @mcast_rejoin_interval={{0x24}, {0x5}, {0x8, 0x4, 0x5}}}, {0x38, 0x1, @mcast_rejoin_interval={{0x24}, {0x5}, {0x8, 0x4, 0x10001}}}, {0x38, 0x1, @mcast_rejoin_interval={{0x24}, {0x5}, {0x8, 0x4, 0x1ff}}}, {0x40, 0x1, @lb_hash_stats={{{0x24}, {0x5}, {0x8, 0x4, 0x3}}, {0x8}}}, {0x3c, 0x1, @user_linkup_enabled={{{0x24}, {0x5}, {0x4}}, {0x8, 0x6, r9}}}, {0x40, 0x1, @name={{0x24}, {0x5}, {0x10, 0x4, 'loadbalance\x00'}}}, {0x3c, 0x1, @enabled={{{0x24}, {0x5}, {0x4}}, {0x8, 0x6, r10}}}, {0x40, 0x1, @lb_port_stats={{{0x24}, {0x5}, {0x8, 0x4, 0x7fff}}, {0x8, 0x6, r11}}}]}}, {{0x8, 0x1, r1}, {0x108, 0x2, 0x0, 0x1, [{0x40, 0x1, @priority={{{0x24}, {0x5}, {0x8, 0x4, 0x200}}, {0x8, 0x6, r3}}}, {0x4c, 0x1, @lb_tx_method={{0x24}, {0x5}, {0x19, 0x4, 'hash_to_port_mapping\x00'}}}, {0x40, 0x1, @lb_port_stats={{{0x24}, {0x5}, {0x8, 0x4, 0x2}}, {0x8, 0x6, r12}}}, {0x38, 0x1, @mcast_rejoin_interval={{0x24}, {0x5}, {0x8, 0x4, 0x6}}}]}}, {{0x8, 0x1, r1}, {0x188, 0x2, 0x0, 0x1, [{0x4c, 0x1, @bpf_hash_func={{0x24}, {0x5}, {0x1c, 0x4, [{0x2, 0x9, 0x9, 0x84}, {0x20, 0x1, 0x40, 0x2}, {0x7, 0x1, 0x4, 0x4}]}}}, {0x38, 0x1, @activeport={{0x24}, {0x5}, {0x8}}}, {0x38, 0x1, @notify_peers_interval={{0x24}, {0x5}, {0x8, 0x4, 0x2}}}, {0x40, 0x1, @queue_id={{{0x24}, {0x5}, {0x8, 0x4, 0x3}}, {0x8, 0x6, r3}}}, {0x4c, 0x1, @bpf_hash_func={{0x24}, {0x5}, {0x1c, 0x4, [{0x401, 0x3, 0x7f, 0x2}, {0x8, 0x1, 0x6, 0x9}, {0xffff, 0x3, 0x9, 0x1}]}}}, {0x3c, 0x1, @user_linkup_enabled={{{0x24}, {0x5}, {0x4}}, {0x8}}}]}}, {{0x8, 0x1, r1}, {0x44, 0x2, 0x0, 0x1, [{0x40, 0x1, @lb_tx_hash_to_port_mapping={{{0x24}, {0x5}, {0x8, 0x4, r3}}, {0x8}}}]}}, {{0x8}, {0x19c, 0x2, 0x0, 0x1, [{0x38, 0x1, @lb_stats_refresh_interval={{0x24}, {0x5}, {0x8, 0x4, 0x6}}}, {0x38, 0x1, @notify_peers_interval={{0x24}, {0x5}, {0x8, 0x4, 0x5}}}, {0x40, 0x1, @name={{0x24}, {0x5}, {0xe, 0x4, 'broadcast\x00'}}}, {0x40, 0x1, @lb_port_stats={{{0x24}, {0x5}, {0x8, 0x4, 0x1}}, {0x8, 0x6, r1}}}, {0x38, 0x1, @mcast_rejoin_interval={{0x24}, {0x5}, {0x8, 0x4, 0x7}}}, {0x38, 0x1, @activeport={{0x24}, {0x5}, {0x8, 0x4, r1}}}, {0x38, 0x1, @lb_stats_refresh_interval={{0x24}, {0x5}, {0x8, 0x4, 0x3}}}]}}]}, 0x708}, 0x1, 0x0, 0x0, 0x20004800}, 0x20000000) 07:08:51 executing program 1: r0 = openat2(0xffffffffffffffff, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)={0x80000, 0x14, 0x1f}, 0x18) ioctl$PIO_UNISCRNMAP(r0, 0x4b6a, &(0x7f0000000080)="c7b0dfa2eca25113d396138e4b34b0115f390f130204218e7148a3b8b2f20c93378625af215b4045129bd20672878902344dae0422343b9c766c26a9cf3ef4ebef5e8228f7ec071ccb50a899ecb451c5766c4c3f1f54b1527f7485de105b8df141393e602fac294dec73b9cc2635f0096d859b79197511a1774bffef94386a30055884984b32ff06e6a5557805a78cf089ab79c5adce751bd71b259aeda1f111ff1c8d17522c080cc8a8c7e0e0c8de65409ffc3d8525243205b64d1ccb1379e126500158e0bf39ba40d32fd02a72a47a83427620e5bf6be3e967d95970e163933719ad4ac2a78ee2b4ba5960d2a308597c2d22581b4f27a8e2609d12") ioctl$KDFONTOP_GET(0xffffffffffffffff, 0x4b72, &(0x7f0000000580)={0x1, 0x0, 0x1a, 0xe, 0x12a, &(0x7f0000000180)}) r1 = syz_open_dev$ptys(0xc, 0x3, 0x1) ioctl$TIOCSIG(r1, 0x40045436, 0x8) write(r0, &(0x7f00000005c0)='H', 0x1) r2 = accept4(r0, &(0x7f0000000600)=@isdn, &(0x7f0000000680)=0x80, 0x80800) syncfs(r2) r3 = openat$bsg(0xffffffffffffff9c, &(0x7f00000006c0), 0x440a00, 0x0) sendmsg$SEG6_CMD_SET_TUNSRC(r3, &(0x7f00000007c0)={&(0x7f0000000700)={0x10, 0x0, 0x0, 0x42000d4}, 0xc, &(0x7f0000000780)={&(0x7f0000000740)={0x1c, 0x0, 0x105, 0x70bd25, 0x25dfdbff, {}, [@SEG6_ATTR_HMACKEYID={0x8, 0x3, 0xfffffffe}]}, 0x1c}}, 0x20000000) symlink(&(0x7f0000000800)='./file0\x00', &(0x7f0000000840)='./file0\x00') ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r1, 0x81f8943c, &(0x7f0000000880)) sendmsg$NL80211_CMD_DEL_NAN_FUNCTION(r2, &(0x7f0000000b80)={&(0x7f0000000a80)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000b40)={&(0x7f0000000ac0)={0x74, 0x0, 0x200, 0x70bd2d, 0x25dfdbfb, {{}, {@void, @val={0xc, 0x99, {0x2, 0x7c}}}}, [@NL80211_ATTR_COOKIE={0xc, 0x58, 0x34}, @NL80211_ATTR_COOKIE={0xc, 0x58, 0x72}, @NL80211_ATTR_COOKIE={0xc, 0x58, 0x3e}, @NL80211_ATTR_COOKIE={0xc, 0x58, 0x8}, @NL80211_ATTR_COOKIE={0xc, 0x58, 0x68}, @NL80211_ATTR_COOKIE={0xc, 0x58, 0x23}, @NL80211_ATTR_COOKIE={0xc, 0x58, 0x72}]}, 0x74}, 0x1, 0x0, 0x0, 0x20040001}, 0x80) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r2, 0x81f8943c, &(0x7f0000000bc0)) sendmsg$ETHTOOL_MSG_LINKINFO_GET(r3, &(0x7f0000000ec0)={&(0x7f0000000dc0), 0xc, &(0x7f0000000e80)={&(0x7f0000000e00)={0x44, 0x0, 0x10, 0x70bd27, 0x25dfdbfd, {}, [@HEADER={0x30, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'team_slave_0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}]}, 0x44}, 0x1, 0x0, 0x0, 0x20000000}, 0x4000040) perf_event_open(&(0x7f0000000f00)={0x3, 0x80, 0x7f, 0x6c, 0x1, 0x9, 0x0, 0x3, 0x2, 0xa, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x7fff, 0x1, @perf_config_ext={0xfffffffffffffeff, 0x4}, 0x40002, 0x953, 0x1, 0x6, 0x4, 0x9, 0x3, 0x0, 0x4, 0x0, 0x2}, 0xffffffffffffffff, 0x1, r0, 0x2) ioctl$FS_IOC_READ_VERITY_METADATA(r1, 0xc0286687, &(0x7f0000001080)={0x1, 0x1, 0xce, &(0x7f0000000f80)=""/206}) r4 = syz_genetlink_get_family_id$tipc(&(0x7f0000001100), r3) sendmsg$TIPC_CMD_DISABLE_BEARER(r3, &(0x7f00000011c0)={&(0x7f00000010c0)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000001180)={&(0x7f0000001140)={0x2c, r4, 0x400, 0x70bd28, 0x25dfdbfe, {{}, {}, {0x10, 0x13, @l2={'eth', 0x3a, 'macsec0\x00'}}}, ["", "", ""]}, 0x2c}, 0x1, 0x0, 0x0, 0x4}, 0x40000) ioctl$TIOCGWINSZ(0xffffffffffffffff, 0x5413, &(0x7f0000001240)) 07:08:51 executing program 2: prctl$PR_TASK_PERF_EVENTS_ENABLE(0x20) prctl$PR_TASK_PERF_EVENTS_ENABLE(0x20) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000000000)={0x0, 0x0}) r1 = syz_open_procfs$userns(r0, &(0x7f0000000080)) ioctl$BTRFS_IOC_DEV_REPLACE(r1, 0xca289435, &(0x7f00000000c0)={0x3, 0x7f, @status={[0x10001, 0xfffffffffffffffe, 0x8, 0x1, 0x5, 0x3]}, [0x7f, 0x400, 0x80000000, 0x1f, 0x5, 0x0, 0xff00000000000000, 0x8, 0x0, 0x2f1d, 0x6, 0x7, 0xfffffffffffff982, 0x9, 0xc90, 0xfffffffffffffffe, 0x1, 0x10001, 0x1f, 0x3, 0xda, 0x9, 0x7, 0x5, 0x6, 0xeb2, 0x1, 0x5, 0xffffffffffffe512, 0x5, 0x0, 0x5, 0xf843, 0x80, 0x1, 0x0, 0x81, 0x2, 0x4, 0x3, 0x9, 0x2, 0x0, 0x68b, 0xb69, 0x80000001, 0xffffffffffffa919, 0x2, 0xffff, 0x7, 0x7, 0x4, 0x3, 0x49, 0x5c6, 0x5, 0x9, 0x2, 0x4, 0x7, 0x20, 0x2, 0x3, 0x5]}) r2 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000b00), 0x10000, 0x0) r3 = fork() fcntl$setownex(r2, 0xf, &(0x7f0000000b40)={0x0, r3}) r4 = syz_open_dev$vcsn(&(0x7f0000000b80), 0x3, 0x101040) setsockopt$inet6_tcp_int(r4, 0x6, 0xa, &(0x7f0000000bc0)=0x3, 0x4) r5 = openat$sr(0xffffffffffffff9c, &(0x7f0000000c00), 0x10800, 0x0) r6 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) ioctl$AUTOFS_DEV_IOCTL_READY(r5, 0xc0189376, &(0x7f0000000c40)={{0x1, 0x1, 0x18, r6, {0x6}}, './file0\x00'}) fcntl$F_SET_RW_HINT(r1, 0x40c, &(0x7f0000000c80)) ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(r4, 0xc0189378, &(0x7f0000000cc0)={{0x1, 0x1, 0x18, r6, {r5}}, './file0\x00'}) setns(r8, 0x8000000) prctl$PR_TASK_PERF_EVENTS_ENABLE(0x20) fstat(r6, &(0x7f0000000d00)) pidfd_getfd(r7, 0xffffffffffffffff, 0x0) fchmod(0xffffffffffffffff, 0x41) [ 70.406155] audit: type=1400 audit(1664780931.757:6): avc: denied { execmem } for pid=284 comm="syz-executor.1" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1 07:08:51 executing program 3: fsetxattr$trusted_overlay_redirect(0xffffffffffffffff, &(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x8, 0x2) r0 = socket$inet(0x2, 0x1, 0x100) fcntl$getflags(r0, 0xb) truncate(&(0x7f0000000080)='./file0\x00', 0x4) sendmsg$ETHTOOL_MSG_PRIVFLAGS_SET(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)={0x74, 0x0, 0x800, 0x70bd25, 0x25dfdbfe, {}, [@ETHTOOL_A_PRIVFLAGS_HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}, @ETHTOOL_A_PRIVFLAGS_HEADER={0x20, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'batadv_slave_0\x00'}]}, @ETHTOOL_A_PRIVFLAGS_HEADER={0x34, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'batadv_slave_1\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'batadv0\x00'}]}]}, 0x74}, 0x1, 0x0, 0x0, 0x20004000}, 0x4000000) setxattr$incfs_metadata(&(0x7f0000000200)='./file0\x00', &(0x7f0000000240), &(0x7f0000000280)="985c86291f07d0e561aad836b203fc78454fc29abd1b8183b44f0875adaa6b698a9a12ea3a07c103f79b5852871e8291403f280771dccd6259e1a63b40fe5cf0a252b83e2e20b5116d9b62662c9fc98e83f1cdb596634d2d44fd8c129c57a4becc3064ae6309b9b6ed71857af2d2f01a8013cce9416658d57763d161cc3ef2371f4b3e9dc380eb61253aed797e249b1128a46ce6db599ce04e64a16cb8a8532fbae77a21ae1005ca7827258613dac6c0be5701a328ef4034a4343f6ebdcff5772eb3c31e1271497ca99287cbc7da5cf4c1c5", 0xd2, 0x0) setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000380)=[@window={0x3, 0x9c, 0x1}, @mss={0x2, 0x7}, @window={0x3, 0x5, 0x40}, @mss={0x2, 0x1000}, @mss={0x2, 0x8}, @mss={0x2, 0x3}, @timestamp, @window={0x3, 0x4, 0x400}, @window={0x3, 0x40, 0x81}, @timestamp], 0xa) sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000480)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000440)={0xfffffffffffffffe}, 0x1, 0x0, 0x0, 0x4000}, 0x0) ioctl$F2FS_IOC_GET_FEATURES(r0, 0x8004f50c, &(0x7f00000004c0)) r1 = openat$incfs(0xffffffffffffffff, &(0x7f0000000500)='.log\x00', 0x0, 0x42) setsockopt$inet_mtu(r1, 0x0, 0xa, &(0x7f0000000540)=0x8de2f53cfbadfaea, 0x4) fsetxattr$security_selinux(r0, &(0x7f0000000580), &(0x7f00000005c0)='system_u:object_r:vmware_device_t:s0\x00', 0x25, 0x3) write$P9_RLERRORu(r1, &(0x7f0000000600)={0x12, 0x7, 0x1, {{0x5, '#.[+&'}, 0x7}}, 0x12) r2 = syz_open_dev$vcsa(&(0x7f0000000640), 0x3, 0x8002) sendmsg$DEVLINK_CMD_SB_TC_POOL_BIND_GET(r2, &(0x7f0000000800)={&(0x7f0000000680), 0xc, &(0x7f00000007c0)={&(0x7f00000006c0)={0xd0, 0x0, 0x800, 0x70bd25, 0x25dfdbfb, {}, [{{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x3, 0x1}}, {0x8, 0xb, 0x1}, {0x6, 0x16, 0x1}, {0x5, 0x12, 0x1}}, {{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x3, 0x3}}, {0x8, 0xb, 0x101}, {0x6, 0x16, 0x61}, {0x5}}, {{@pci={{0x8}, {0x11}}, {0x8}}, {0x8, 0xb, 0x7fff}, {0x6, 0x16, 0x6e5}, {0x5}}]}, 0xd0}, 0x1, 0x0, 0x0, 0x4000804}, 0x2400c000) r3 = creat(&(0x7f0000000840)='./file0\x00', 0x8) ioctl$VFAT_IOCTL_READDIR_BOTH(r3, 0x82307201, &(0x7f0000000880)=[{0x0, 0x0, 0x100}, {0x0, 0x0, 0x100}]) r4 = openat$random(0xffffffffffffff9c, &(0x7f0000000ac0), 0x1000, 0x0) ioctl$F2FS_IOC_START_ATOMIC_WRITE(r4, 0xf501, 0x0) ioctl(r4, 0x1fb, &(0x7f0000000b00)="17c62d4b6d96252b7ceee3844fba05978305a2a1e0cf662481ea1a7ebe195103ae2f") 07:08:51 executing program 4: getsockopt$bt_BT_DEFER_SETUP(0xffffffffffffffff, 0x112, 0x7, &(0x7f0000000000), &(0x7f0000000040)=0x4) bind$bt_l2cap(0xffffffffffffffff, &(0x7f0000000080)={0x1f, 0xe21, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}, 0x2, 0x1}, 0xe) getsockopt$sock_linger(0xffffffffffffffff, 0x1, 0xd, &(0x7f00000000c0), &(0x7f0000000100)=0x8) r0 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000140), 0x40000, 0x0) ioctl$sock_inet_udp_SIOCOUTQ(r0, 0x5411, &(0x7f0000000180)) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), r0) sendmsg$NL80211_CMD_GET_WOWLAN(r0, &(0x7f00000002c0)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000280)={&(0x7f0000000240)={0x24, r1, 0x400, 0x70bd2b, 0x25dfdbff, {{}, {@val={0x8, 0x1, 0xa}, @val={0x8}, @void}}, ["", "", "", "", "", ""]}, 0x24}, 0x1, 0x0, 0x0, 0x40880}, 0x28040011) fsetxattr$trusted_overlay_redirect(0xffffffffffffffff, &(0x7f0000000300), &(0x7f0000000340)='./file0\x00', 0x8, 0x2) r2 = openat2(r0, &(0x7f0000000380)='./file0\x00', &(0x7f00000003c0)={0x40000, 0x4, 0x1e}, 0x18) r3 = open_tree(r0, &(0x7f0000000440)='./file0\x00', 0x88801) linkat(r2, &(0x7f0000000400)='./file0\x00', r3, &(0x7f0000000480)='./file0\x00', 0x0) getresuid(&(0x7f0000000700), &(0x7f0000000740), &(0x7f0000000780)=0x0) syz_mount_image$tmpfs(&(0x7f00000004c0), &(0x7f0000000500)='./file0\x00', 0x1ff, 0x3, &(0x7f0000000680)=[{&(0x7f0000000540)="17a15fa2c98c12bda8ef6bceb4a0a5cc3f530738a3cd88912ba7e201ad4e44ab9d32075ba6004cbdcf63473857605efb7d46d03bbf9269492290b89d2f000154826c67e1dfb9410c8a45d2baf817f4bedda98cdef09bdc972dc6bf63b2682259", 0x60}, {&(0x7f00000005c0)="d422482b5f35bd531f4ce326737f9d305d031e87a74b775b490faf371cf8d50a6f3b4fee97cb13ecf0821b5d795f494c499796f62f503c17cd6d2b0d4210f1364f509bda", 0x44, 0x3}, {&(0x7f0000000640)="daa4cc75e82496ffb94e1318f297aae07d08fc77ff809140e5390dd787297542d71144f6245cbd3885b1becd24d87b57cdc0c4c5d4603e1a", 0x38, 0x40000000000000}], 0x3010000, &(0x7f00000007c0)={[{@huge_never}, {@nr_inodes={'nr_inodes', 0x3d, [0x2d, 0x36, 0x30, 0x34, 0x31, 0x2d, 0x17]}}, {@uid={'uid', 0x3d, r4}}, {@size={'size', 0x3d, [0x67, 0x30, 0x67, 0x74, 0x35, 0x6d, 0x3f]}}, {@huge_never}, {@huge_never}], [{@pcr={'pcr', 0x3d, 0x31}}, {@euid_lt}, {@measure}, {@uid_lt={'uid<', 0xee00}}]}) statx(r3, &(0x7f0000000880)='./file0\x00', 0x6000, 0x800, &(0x7f00000008c0)) sendmsg$NL80211_CMD_GET_PROTOCOL_FEATURES(r0, &(0x7f0000000a80)={&(0x7f00000009c0)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000a40)={&(0x7f0000000a00)={0x14, r1, 0x0, 0x70bd29, 0x25dfdbfc, {}, ["", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x400c894}, 0x8010) recvmmsg(r2, &(0x7f00000067c0)=[{{&(0x7f0000000b40)=@in={0x2, 0x0, @local}, 0x80, &(0x7f0000002340)=[{&(0x7f0000000bc0)=""/93, 0x5d}, {&(0x7f0000000c40)=""/4096, 0x1000}, {&(0x7f0000001c40)=""/252, 0xfc}, {&(0x7f0000001d40)=""/249, 0xf9}, {&(0x7f0000001e40)=""/216, 0xd8}, {&(0x7f0000001f40)=""/170, 0xaa}, {&(0x7f0000002000)=""/167, 0xa7}, {&(0x7f00000020c0)=""/195, 0xc3}, {&(0x7f00000021c0)=""/222, 0xde}, {&(0x7f00000022c0)=""/76, 0x4c}], 0xa, &(0x7f0000002400)=""/140, 0x8c}, 0x7ff}, {{&(0x7f00000024c0)=@pppoe={0x18, 0x0, {0x0, @broadcast}}, 0x80, &(0x7f0000002600)=[{&(0x7f0000002540)=""/37, 0x25}, {&(0x7f0000002580)=""/75, 0x4b}], 0x2}, 0x5}, {{0x0, 0x0, &(0x7f00000039c0)=[{&(0x7f0000002640)=""/245, 0xf5}, {&(0x7f0000002740)=""/4096, 0x1000}, {&(0x7f0000003740)=""/236, 0xec}, {&(0x7f0000003840)=""/168, 0xa8}, {&(0x7f0000003900)=""/163, 0xa3}], 0x5}, 0x4}, {{0x0, 0x0, &(0x7f0000004f00)=[{&(0x7f0000003a40)=""/79, 0x4f}, {&(0x7f0000003ac0)=""/49, 0x31}, {&(0x7f0000003b00)=""/4096, 0x1000}, {&(0x7f0000004b00)=""/42, 0x2a}, {&(0x7f0000004b40)=""/208, 0xd0}, {&(0x7f0000004c40)=""/136, 0x88}, {&(0x7f0000004d00)=""/117, 0x75}, {&(0x7f0000004d80)=""/87, 0x57}, {&(0x7f0000004e00)=""/111, 0x6f}, {&(0x7f0000004e80)=""/127, 0x7f}], 0xa, &(0x7f0000004fc0)=""/93, 0x5d}, 0x1}, {{&(0x7f0000005040)=@vsock, 0x80, &(0x7f00000050c0), 0x0, &(0x7f0000005100)=""/4096, 0x1000}, 0x641}, {{&(0x7f0000006100)=@pppol2tpv3in6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @private0}}}, 0x80, &(0x7f0000006240)=[{&(0x7f0000006180)=""/184, 0xb8}], 0x1, &(0x7f0000006280)=""/56, 0x38}, 0x4}, {{&(0x7f00000062c0)=@tipc=@name, 0x80, &(0x7f0000006740)=[{&(0x7f0000006340)=""/242, 0xf2}, {&(0x7f0000006440)=""/220, 0xdc}, {&(0x7f0000006540)=""/73, 0x49}, {&(0x7f00000065c0)=""/118, 0x76}, {&(0x7f0000006640)=""/254, 0xfe}], 0x5}, 0xfd}], 0x7, 0x80, &(0x7f0000006980)) mount$9p_fd(0x0, &(0x7f0000000ac0)='./file0\x00', &(0x7f0000000b00), 0x800000, &(0x7f00000069c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r5}, 0x2c, {[{@msize={'msize', 0x3d, 0x5}}], [{@seclabel}]}}) r6 = dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x80000) sendmsg$IPCTNL_MSG_CT_DELETE(r6, &(0x7f0000006b40)={&(0x7f0000006a40)={0x10, 0x0, 0x0, 0x20020000}, 0xc, &(0x7f0000006b00)={&(0x7f0000006a80)={0x68, 0x2, 0x1, 0x3, 0x0, 0x0, {0x0, 0x0, 0x2}, [@CTA_ZONE={0x6}, @CTA_PROTOINFO={0x10, 0x4, 0x0, 0x1, @CTA_PROTOINFO_DCCP={0xc, 0x2, 0x0, 0x1, [@CTA_PROTOINFO_DCCP_STATE={0x5, 0x1, 0xa9}]}}, @CTA_HELP={0xc, 0x5, 0x0, 0x1, {0x8, 0x1, 'RAS\x00'}}, @CTA_TUPLE_REPLY={0x30, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @ipv4={'\x00', '\xff\xff', @broadcast}}, {0x14, 0x4, @empty}}}]}]}, 0x68}, 0x1, 0x0, 0x0, 0x20000004}, 0x810) inotify_add_watch(r0, &(0x7f0000006b80)='./file0\x00', 0x12000208) 07:08:51 executing program 5: r0 = syz_open_dev$vcsn(&(0x7f0000000000), 0x8, 0x800) ioctl$PTP_PEROUT_REQUEST(r0, 0x40383d03, &(0x7f0000000040)={{0x72, 0x2}, {0x7, 0x3}, 0x8}) r1 = pidfd_getfd(r0, r0, 0x0) ioctl$sock_inet6_SIOCDELRT(r1, 0x890c, &(0x7f0000000080)={@dev={0xfe, 0x80, '\x00', 0x3f}, @mcast2, @private2={0xfc, 0x2, '\x00', 0x1}, 0x9d8, 0x977, 0xa76, 0x500, 0x65d, 0x80000}) setsockopt$inet6_IPV6_PKTINFO(r0, 0x29, 0x32, &(0x7f0000000100)={@private1={0xfc, 0x1, '\x00', 0x1}}, 0x14) write$binfmt_aout(r1, &(0x7f0000000140)={{0x10b, 0x20, 0x1, 0xd3, 0xd4, 0x6, 0x2c4, 0xe06}, "8bb46c025992e245", ['\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00']}, 0x928) ioctl$FS_IOC_SETFSLABEL(0xffffffffffffffff, 0x41009432, &(0x7f0000000a80)="92d8ee7c30922f912b24289468305c28c44efdf8b9f7c287ca9a6e2c2a4fcfbd257fd690a1fcc70ce80960e74824c6f6cf5a2009d110243511fdaa8e9d2c58271838a706350097cf96f7c0975156f067ce9f5b8fb31b89eab68dcdcf2238961df9b87ddc4735844c294eb6398137b33a7872641306f25707a75145ebdc98bdb0516f047939f73e6d6b3f2213947005c5d870b3cbd8f81ad083a0e3de35eae95e27f8451b1ae00d17185ecb00eaaa264c6399f2610b1f016f42afd1956de5fd0a5179344e3aeea52dc9af64d1a3d0955257d2bf4079935d5effecb709e604db8dbb8cfc079f9597275950d6d2b6d5db590adfc026c1f4d59fab772be567da094c") ioctl$sock_SIOCGPGRP(r1, 0x8904, &(0x7f0000000b80)=0x0) fcntl$setown(r1, 0x8, r2) ioctl$sock_SIOCGIFVLAN_SET_VLAN_NAME_TYPE_CMD(r0, 0x8982, &(0x7f0000000bc0)={0x6, 'bridge_slave_1\x00', {0x3}, 0x5}) setsockopt$inet6_MRT6_DEL_MFC(r0, 0x29, 0xcd, &(0x7f0000000c00)={{0xa, 0x4e21, 0x101, @empty}, {0xa, 0x4e23, 0x1b9, @remote, 0x94}, 0x1, [0xffff, 0x9, 0x5, 0x2, 0xa1, 0xffffffc1, 0x1ff, 0x2]}, 0x5c) socket$inet_udp(0x2, 0x2, 0x0) ioctl$F2FS_IOC_MOVE_RANGE(r1, 0xc020f509, &(0x7f0000000c80)={r1, 0x100, 0x7, 0xffffffffffff0001}) ioctl$sock_ipv6_tunnel_SIOCCHG6RD(r3, 0x89fb, &(0x7f0000000d40)={'syztnl1\x00', &(0x7f0000000cc0)={'ip6tnl0\x00', 0x0, 0x4, 0x1, 0x5, 0x7, 0x10, @private1={0xfc, 0x1, '\x00', 0x1}, @remote, 0x40, 0x700, 0x6e2}}) ioctl$PERF_EVENT_IOC_REFRESH(r3, 0x2402, 0xc21) openat(r3, &(0x7f0000000d80)='./file0\x00', 0x123080, 0x50) ioctl$BLKGETSIZE(r1, 0x1260, &(0x7f0000000dc0)) ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(r1, 0xc018937a, &(0x7f0000000e00)={{0x1, 0x1, 0x18, r1, {0xfff}}, './file0\x00'}) r5 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000f00)='/proc/partitions\x00', 0x0, 0x0) io_submit(0x0, 0x1, &(0x7f0000000f80)=[&(0x7f0000000f40)={0x0, 0x0, 0x0, 0x8, 0x7f, r4, &(0x7f0000000e40)="924b8b9797b14d9d88b85669de53521e1d3f49e41a0021a7d739026e1176fd66614072f736f29e0e80af108924e37c2bfe03d7fb892e134bb7abc1caf96af3bc66444fd460103911b364b913d8abdffbf43877c6a945cebb19a366beac2d3026222254ae600ff14d5a24ce56bd568565b18ffe222be27e278b2548d40e44b0b05aea68f6f7b1", 0x86, 0x7471, 0x0, 0x0, r5}]) 07:08:51 executing program 6: ioctl$AUTOFS_IOC_PROTOVER(0xffffffffffffffff, 0x80049363, &(0x7f0000000000)) syz_genetlink_get_family_id$mptcp(&(0x7f0000000040), 0xffffffffffffffff) r0 = syz_genetlink_get_family_id$fou(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$FOU_CMD_GET(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)={0x68, r0, 0x4, 0x70bd26, 0x25dfdbfd, {}, [@FOU_ATTR_PORT={0x6, 0x1, 0x4e22}, @FOU_ATTR_IFINDEX={0x8}, @FOU_ATTR_LOCAL_V6={0x14, 0x7, @remote}, @FOU_ATTR_IPPROTO={0x5, 0x3, 0x3a}, @FOU_ATTR_PEER_V6={0x14, 0x9, @mcast2}, @FOU_ATTR_LOCAL_V6={0x14, 0x7, @dev={0xfe, 0x80, '\x00', 0x23}}]}, 0x68}, 0x1, 0x0, 0x0, 0x4000000}, 0x810) recvmmsg$unix(0xffffffffffffffff, &(0x7f0000002580)=[{{&(0x7f0000000200), 0x6e, &(0x7f0000000640)=[{&(0x7f0000000280)=""/160, 0xa0}, {&(0x7f0000000340)=""/60, 0x3c}, {&(0x7f0000000380)=""/77, 0x4d}, {&(0x7f0000000400)=""/27, 0x1b}, {&(0x7f0000000440)=""/183, 0xb7}, {&(0x7f0000000500)=""/120, 0x78}, {&(0x7f0000000580)=""/171, 0xab}], 0x7, &(0x7f00000006c0)=[@cred={{0x1c}}, @rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0x50}}, {{&(0x7f0000000740), 0x6e, &(0x7f00000009c0)=[{&(0x7f00000007c0)=""/127, 0x7f}, {&(0x7f0000000840)=""/161, 0xa1}, {&(0x7f0000000900)=""/145, 0x91}], 0x3, &(0x7f0000000a00)=[@cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x2c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0x148}}, {{&(0x7f0000000b80)=@abs, 0x6e, &(0x7f0000002100)=[{&(0x7f0000000c00)=""/132, 0x84}, {&(0x7f0000000cc0)=""/113, 0x71}, {&(0x7f0000000d40)=""/252, 0xfc}, {&(0x7f0000000e40)=""/164, 0xa4}, {&(0x7f0000000f00)=""/9, 0x9}, {&(0x7f0000000f40)=""/163, 0xa3}, {&(0x7f0000001000)=""/67, 0x43}, {&(0x7f0000001080)=""/4096, 0x1000}, {&(0x7f0000002080)=""/92, 0x5c}], 0x9, &(0x7f00000021c0)=[@rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0x20}}, {{&(0x7f0000002200)=@abs, 0x6e, &(0x7f0000002380)=[{&(0x7f0000002280)=""/193, 0xc1}], 0x1, &(0x7f00000023c0)=[@rights={{0x2c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}], 0xd0}}, {{&(0x7f00000024c0)=@abs, 0x6e, &(0x7f0000002540)}}], 0x5, 0x3, &(0x7f00000026c0)) r9 = syz_genetlink_get_family_id$nl80211(&(0x7f0000002740), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000002780)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_DEL_KEY(r8, &(0x7f0000002840)={&(0x7f0000002700)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000002800)={&(0x7f00000027c0)={0x2c, r9, 0x4, 0x70bd26, 0x25dfdbfc, {{}, {@val={0x8, 0x3, r10}, @val={0xc, 0x99, {0x2, 0x2}}}}, [@NL80211_ATTR_KEY_SEQ={0x4}]}, 0x2c}, 0x1, 0x0, 0x0, 0x4044040}, 0x1) r11 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$IPVS_CMD_SET_SERVICE(r11, &(0x7f0000002a00)={&(0x7f0000002880)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f00000029c0)={&(0x7f00000028c0)={0xf0, 0x0, 0x4, 0x70bd25, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x3}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x7fff}, @IPVS_CMD_ATTR_DAEMON={0x48, 0x3, 0x0, 0x1, [@IPVS_DAEMON_ATTR_MCAST_TTL={0x5, 0x8, 0x38}, @IPVS_DAEMON_ATTR_SYNC_ID={0x8, 0x3, 0x4}, @IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @mcast2}, @IPVS_DAEMON_ATTR_MCAST_PORT={0x6, 0x7, 0x4e20}, @IPVS_DAEMON_ATTR_SYNC_ID={0x8, 0x3, 0x3}, @IPVS_DAEMON_ATTR_SYNC_ID={0x8}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x5, 0x8, 0xff}]}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x7}, @IPVS_CMD_ATTR_SERVICE={0x30, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x13, 0x20}}, @IPVS_SVC_ATTR_PROTOCOL={0x6}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0x2}, @IPVS_SVC_ATTR_PORT={0x6, 0x4, 0x4e22}, @IPVS_SVC_ATTR_FWMARK={0x8, 0x5, 0x4}]}, @IPVS_CMD_ATTR_SERVICE={0x4c, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_PORT={0x6, 0x4, 0x4e22}, @IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x34, 0x2}}, @IPVS_SVC_ATTR_FWMARK={0x8, 0x5, 0x6a}, @IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0xc, 0x20}}, @IPVS_SVC_ATTR_PROTOCOL={0x6, 0x2, 0x89}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x4}, @IPVS_SVC_ATTR_PORT={0x6, 0x4, 0x4e20}, @IPVS_SVC_ATTR_PORT={0x6, 0x4, 0x4e24}]}]}, 0xf0}, 0x1, 0x0, 0x0, 0x800}, 0x48800) ioctl$sock_SIOCGIFINDEX_80211(r8, 0x8933, &(0x7f0000002a80)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_DEL_NAN_FUNCTION(0xffffffffffffffff, &(0x7f0000002b80)={&(0x7f0000002a40)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000002b40)={&(0x7f0000002ac0)={0x58, 0x0, 0x400, 0x70bd25, 0x25dfdbfc, {{}, {@val={0x8, 0x3, r12}, @val={0xc, 0x99, {0xfffffffb, 0x70}}}}, [@NL80211_ATTR_COOKIE={0xc, 0x58, 0x4c}, @NL80211_ATTR_COOKIE={0xc, 0x58, 0x50}, @NL80211_ATTR_COOKIE={0xc, 0x58, 0x24}, @NL80211_ATTR_COOKIE={0xc, 0x58, 0x78}]}, 0x58}, 0x1, 0x0, 0x0, 0x800}, 0x4000840) sendmsg$NL80211_CMD_RELOAD_REGDB(r1, &(0x7f0000002c80)={&(0x7f0000002bc0)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000002c40)={&(0x7f0000002c00)={0x14, 0x0, 0x200, 0x70bd2b, 0x25dfdbfd, {}, ["", "", "", "", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x40000}, 0x4) ioctl$AUTOFS_DEV_IOCTL_PROTOVER(r6, 0xc0189372, &(0x7f0000002cc0)={{0x1, 0x1, 0x18, r2, {0xfffffffc}}, './file0\x00'}) ioctl$CDROMRESET(r13, 0x5312) fcntl$dupfd(r5, 0x406, r4) ioctl$FS_IOC_FSSETXATTR(r3, 0x401c5820, &(0x7f0000002d00)={0x1, 0xdc76, 0x0, 0x8, 0xa9}) r14 = dup(r7) sendmsg$NL80211_CMD_DEAUTHENTICATE(r14, &(0x7f0000003000)={&(0x7f0000002d40)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000002fc0)={&(0x7f0000002d80)={0x214, r9, 0x100, 0x70bd29, 0x25dfdbff, {{}, {@void, @void}}, [@NL80211_ATTR_MAC={0xa, 0x6, @random="cd1675d33e34"}, @NL80211_ATTR_IE={0x1b1, 0x2a, [@link_id={0x65, 0x12, {@initial, @device_b, @device_b}}, @perr={0x84, 0xa2, {0x40, 0xa, [@not_ext={{}, @device_b, 0x1ff, "", 0x23}, @not_ext={{}, @device_a, 0x2ac, "", 0x4d}, @not_ext={{}, @device_b, 0x2b, "", 0x30}, @not_ext={{}, @broadcast, 0xfffffff7, "", 0x1c}, @ext={{}, @device_a, 0x8, @device_a, 0x1b}, @ext={{}, @device_a, 0x21, @broadcast, 0x3c}, @ext={{}, @device_a, 0x6, @device_a, 0x1b}, @ext={{}, @device_b, 0x1, @device_a, 0x3b}, @not_ext={{}, @broadcast, 0x10000, "", 0x1d}, @ext={{}, @device_b, 0x0, @device_b, 0x7}]}}, @rann={0x7e, 0x15, {{0x0, 0x5c}, 0x1, 0x40, @device_a, 0xb4e, 0xfffffff9, 0x6}}, @chsw_timing={0x68, 0x4, {0x1, 0x6}}, @fast_bss_trans={0x37, 0xd6, {0x4, 0x7, "4496d2dd3326a60b04efef7610639ce1", "585df63e750cfa7acedfd9efcff503d576a1d1be6290136b94f0caee53cfef50", "bb30c40d5ca77c76483e5326b084d0debdff5ac6b2d4af8a6f9c97521974f8d7", [{0x1, 0x3, "5bc8b6"}, {0x3, 0x22, "c1d1fbb47e6ca048295699fc040f7fa1e0281fc9a5d028fdf99f491215e2f2b13faf"}, {0x4, 0x1b, "2e2224078e5b99d1dd3f7884cd6e3ea3edaf745463e4dc5653b7e3"}, {0x1, 0x19, "f6ac82589a10b2c9e9c3c798cc6b80215f76ce0c11bd394f67"}, {0x1, 0x5, "daf7bf09e3"}, {0x4, 0x11, "2f399ac455f3efc50179c31a494d7d3eb2"}, {0x3, 0x7, "16661ac335cb9c"}]}}]}, @NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x40}, @NL80211_ATTR_SSID={0xa, 0x34, @default_ibss_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @random="e78719902d2c"}, @NL80211_ATTR_IE={0x17, 0x2a, [@supported_rates={0x1, 0x7, [{0x9, 0x1}, {0x1f47f3d126d2d1ca}, {0x5, 0x1}, {0x36, 0x1}, {0x36}, {0x6c, 0x1}, {0x6c, 0x1}]}, @dsss={0x3, 0x1, 0x74}, @supported_rates={0x1, 0x5, [{0x2}, {0x4, 0x1}, {}, {0x48, 0x1}, {0x1b}]}]}, @NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x4}]}, 0x214}, 0x1, 0x0, 0x0, 0x800}, 0x4) sendmsg$SMC_PNETID_GET(0xffffffffffffffff, &(0x7f0000003100)={&(0x7f0000003040)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f00000030c0)={&(0x7f0000003080)={0x20, 0x0, 0x400, 0x70bd29, 0x25dfdbff, {}, [@SMC_PNETID_IBNAME={0x9, 0x3, 'syz1\x00'}]}, 0x20}, 0x1, 0x0, 0x0, 0x80}, 0x40000) 07:08:51 executing program 7: ioctl$BTRFS_IOC_RESIZE(0xffffffffffffffff, 0x50009403, &(0x7f0000000000)={{}, {@val, @actul_num={@void, 0x1, 0x70}}}) ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000040)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x4}}, './file0\x00'}) r1 = socket$inet(0x2, 0x80000, 0x2) ioctl$BTRFS_IOC_SNAP_CREATE_V2(r0, 0x50009417, &(0x7f0000000080)={{r1}, 0x0, 0x2, @unused=[0x1, 0x7, 0x5], @devid}) fdatasync(r1) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000001080)=0x2000000) r2 = openat(r0, &(0x7f00000010c0)='./file0\x00', 0x101040, 0x48) ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r2, 0xc0189375, &(0x7f0000001100)={{0x1, 0x1, 0x18, r0}, './file0\x00'}) ioctl$TIOCGDEV(r0, 0x80045432, &(0x7f0000001140)) ioctl$BTRFS_IOC_SNAP_CREATE_V2(r2, 0x50009417, &(0x7f0000001180)={{r1}, 0x0, 0x12, @unused=[0x8, 0x8, 0x3, 0x5], @devid}) signalfd4(r0, &(0x7f0000002180)={[0x7818]}, 0x8, 0x80000) sendmsg$DEVLINK_CMD_SB_POOL_SET(r3, &(0x7f0000002340)={&(0x7f00000021c0)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000002300)={&(0x7f0000002200)={0xd0, 0x0, 0x4, 0x70bd2b, 0x25dfdbfe, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0xb, 0x5}, {0x6, 0x11, 0x8}, {0x8, 0x13, 0x8}, {0x5, 0x14, 0x1}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0xb, 0x10001}, {0x6, 0x11, 0x8}, {0x8, 0x13, 0x7f}, {0x5}}, {@pci={{0x8}, {0x11}}, {0x8, 0xb, 0x2}, {0x6, 0x11, 0x101}, {0x8, 0x13, 0x3}, {0x5}}]}, 0xd0}, 0x1, 0x0, 0x0, 0x4000}, 0x85) r4 = socket$nl_xfrm(0x10, 0x3, 0x6) fcntl$setstatus(r4, 0x4, 0x2800) ioctl$IOC_PR_PREEMPT_ABORT(r0, 0x401870cc, &(0x7f0000002440)={0x0, 0x3, 0x3ff, 0x8}) pwrite64(r2, &(0x7f0000002480)="e893f43fbb7f6b62e1b6eeda9031716bd266ad71a2c6968adf9e0d1342a5631ade61c55c61b151536ee2439237cdce2e820894e0f4753a5d35953977c30ab0eb3eec5e18e3e5ca9248504bd4e8aaa62547e377a558d1c864acf5516dccc51253855e736d6c911949582f40ac0ba0816098928bb6b223dea6da92a0fd14f3028c4c76fb70925b6b3382660013b78b9f51e4d8589dd8094247b921446554a40d1520ad1961fd4fbf94487100cdd7c1e8061e3cde21adf793a29281b386824253e0171bad0f46c6aa9221c23d3d205e1f50ad1fbb4ca67ce14b4efb4e2456a9d93dfd41ea9d385d4b", 0xe7, 0xee) ioctl$BTRFS_IOC_DEV_INFO(r1, 0xd000941e, &(0x7f0000002580)={0x0, "1160f17540f2b53ed3fa2c8878e44b5d"}) r5 = syz_open_dev$mouse(&(0x7f0000003580), 0x9, 0x8800) ioctl$TIOCSSOFTCAR(r5, 0x541a, &(0x7f00000035c0)=0x80000001) setsockopt$inet6_IPV6_PKTINFO(r0, 0x29, 0x32, &(0x7f0000003600)={@private2}, 0x14) [ 71.805022] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 71.806718] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 71.809209] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 71.810824] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 71.812944] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 71.814417] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 71.815526] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 71.820035] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 71.830837] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 71.842725] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 71.844108] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 71.851419] Bluetooth: hci0: HCI_REQ-0x0c1a [ 71.887633] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 71.888789] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 71.914118] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 71.915363] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 71.915504] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 71.921136] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 71.921551] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 71.926519] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 71.927875] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 71.933294] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 71.934719] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 71.939390] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 71.940535] Bluetooth: hci2: HCI_REQ-0x0c1a [ 71.942113] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 71.957770] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 71.959103] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 71.960771] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 71.960897] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 71.962480] Bluetooth: hci1: HCI_REQ-0x0c1a [ 71.964052] Bluetooth: hci4: HCI_REQ-0x0c1a [ 71.964863] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 71.964898] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 71.966270] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 71.966435] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 71.968928] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 71.979821] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 71.981635] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 71.983482] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 71.989958] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 71.991486] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 71.992880] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 71.994302] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 71.996571] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 71.997997] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 71.999699] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 72.001118] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 72.002770] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 72.004469] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 72.005746] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 72.016724] Bluetooth: hci5: HCI_REQ-0x0c1a [ 72.018534] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 72.022583] Bluetooth: hci6: HCI_REQ-0x0c1a [ 72.034465] Bluetooth: hci3: HCI_REQ-0x0c1a [ 72.071472] Bluetooth: hci7: HCI_REQ-0x0c1a [ 73.871730] Bluetooth: hci0: command 0x0409 tx timeout [ 73.998345] Bluetooth: hci1: command 0x0409 tx timeout [ 73.999024] Bluetooth: hci4: command 0x0409 tx timeout [ 73.999522] Bluetooth: hci2: command 0x0409 tx timeout [ 74.062551] Bluetooth: hci5: command 0x0409 tx timeout [ 74.063236] Bluetooth: hci6: command 0x0409 tx timeout [ 74.063712] Bluetooth: hci3: command 0x0409 tx timeout [ 74.127255] Bluetooth: hci7: command 0x0409 tx timeout [ 75.919692] Bluetooth: hci0: command 0x041b tx timeout [ 76.046241] Bluetooth: hci2: command 0x041b tx timeout [ 76.046713] Bluetooth: hci4: command 0x041b tx timeout [ 76.047169] Bluetooth: hci1: command 0x041b tx timeout [ 76.110296] Bluetooth: hci3: command 0x041b tx timeout [ 76.110762] Bluetooth: hci6: command 0x041b tx timeout [ 76.111199] Bluetooth: hci5: command 0x041b tx timeout [ 76.175240] Bluetooth: hci7: command 0x041b tx timeout [ 77.966237] Bluetooth: hci0: command 0x040f tx timeout [ 78.094242] Bluetooth: hci1: command 0x040f tx timeout [ 78.094734] Bluetooth: hci4: command 0x040f tx timeout [ 78.095140] Bluetooth: hci2: command 0x040f tx timeout [ 78.158266] Bluetooth: hci5: command 0x040f tx timeout [ 78.158730] Bluetooth: hci6: command 0x040f tx timeout [ 78.159118] Bluetooth: hci3: command 0x040f tx timeout [ 78.223346] Bluetooth: hci7: command 0x040f tx timeout [ 80.014232] Bluetooth: hci0: command 0x0419 tx timeout [ 80.142424] Bluetooth: hci2: command 0x0419 tx timeout [ 80.142899] Bluetooth: hci4: command 0x0419 tx timeout [ 80.143747] Bluetooth: hci1: command 0x0419 tx timeout [ 80.206331] Bluetooth: hci3: command 0x0419 tx timeout [ 80.206820] Bluetooth: hci6: command 0x0419 tx timeout [ 80.207626] Bluetooth: hci5: command 0x0419 tx timeout [ 80.271233] Bluetooth: hci7: command 0x0419 tx timeout [ 124.570613] audit: type=1400 audit(1664780985.922:7): avc: denied { open } for pid=3801 comm="syz-executor.1" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 07:09:46 executing program 1: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x77, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x0, &(0x7f0000000080)={0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000000100)=0x0, &(0x7f0000000000)=0x0) syz_io_uring_submit(r0, r1, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffff9c, 0x0, 0x0}, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x44142, 0x0) fallocate(r2, 0x0, 0x0, 0x87ffffc) creat(0x0, 0x6a) openat(0xffffffffffffffff, 0x0, 0x2, 0x28) [ 124.812481] audit: type=1400 audit(1664780986.164:8): avc: denied { kernel } for pid=3821 comm="syz-executor.1" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 [ 124.840289] ------------[ cut here ]------------ [ 124.840314] [ 124.840318] ====================================================== [ 124.840322] WARNING: possible circular locking dependency detected [ 124.840326] 6.0.0-rc7-next-20220930 #1 Not tainted [ 124.840333] ------------------------------------------------------ [ 124.840337] syz-executor.1/3822 is trying to acquire lock: [ 124.840343] ffffffff853faab8 ((console_sem).lock){....}-{2:2}, at: down_trylock+0xe/0x70 [ 124.840385] [ 124.840385] but task is already holding lock: [ 124.840388] ffff888018655420 (&ctx->lock){....}-{2:2}, at: __perf_event_task_sched_out+0x53b/0x18d0 [ 124.840415] [ 124.840415] which lock already depends on the new lock. [ 124.840415] [ 124.840418] [ 124.840418] the existing dependency chain (in reverse order) is: [ 124.840422] [ 124.840422] -> #3 (&ctx->lock){....}-{2:2}: [ 124.840436] _raw_spin_lock+0x2a/0x40 [ 124.840447] __perf_event_task_sched_out+0x53b/0x18d0 [ 124.840458] __schedule+0xedd/0x2470 [ 124.840472] schedule+0xda/0x1b0 [ 124.840485] exit_to_user_mode_prepare+0x114/0x1a0 [ 124.840498] syscall_exit_to_user_mode+0x19/0x40 [ 124.840511] do_syscall_64+0x48/0x90 [ 124.840529] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 124.840542] [ 124.840542] -> #2 (&rq->__lock){-.-.}-{2:2}: [ 124.840555] _raw_spin_lock_nested+0x30/0x40 [ 124.840566] raw_spin_rq_lock_nested+0x1e/0x30 [ 124.840579] task_fork_fair+0x63/0x4d0 [ 124.840596] sched_cgroup_fork+0x3d0/0x540 [ 124.840610] copy_process+0x4183/0x6e20 [ 124.840621] kernel_clone+0xe7/0x890 [ 124.840630] user_mode_thread+0xad/0xf0 [ 124.840640] rest_init+0x24/0x250 [ 124.840652] arch_call_rest_init+0xf/0x14 [ 124.840670] start_kernel+0x4c6/0x4eb [ 124.840685] secondary_startup_64_no_verify+0xe0/0xeb [ 124.840699] [ 124.840699] -> #1 (&p->pi_lock){-.-.}-{2:2}: [ 124.840712] _raw_spin_lock_irqsave+0x39/0x60 [ 124.840723] try_to_wake_up+0xab/0x1930 [ 124.840736] up+0x75/0xb0 [ 124.840749] __up_console_sem+0x6e/0x80 [ 124.840766] console_unlock+0x46a/0x590 [ 124.840782] do_con_write+0xc05/0x1d50 [ 124.840793] con_write+0x21/0x40 [ 124.840802] n_tty_write+0x4d4/0xfe0 [ 124.840814] file_tty_write.constprop.0+0x455/0x8a0 [ 124.840826] vfs_write+0x9c3/0xd90 [ 124.840843] ksys_write+0x127/0x250 [ 124.840858] do_syscall_64+0x3b/0x90 [ 124.840874] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 124.840887] [ 124.840887] -> #0 ((console_sem).lock){....}-{2:2}: [ 124.840900] __lock_acquire+0x2a02/0x5e70 [ 124.840917] lock_acquire+0x1a2/0x530 [ 124.840933] _raw_spin_lock_irqsave+0x39/0x60 [ 124.840943] down_trylock+0xe/0x70 [ 124.840958] __down_trylock_console_sem+0x3b/0xd0 [ 124.840974] vprintk_emit+0x16b/0x560 [ 124.840990] vprintk+0x84/0xa0 [ 124.841005] _printk+0xba/0xf1 [ 124.841017] report_bug.cold+0x72/0xab [ 124.841033] handle_bug+0x3c/0x70 [ 124.841049] exc_invalid_op+0x14/0x50 [ 124.841066] asm_exc_invalid_op+0x16/0x20 [ 124.841078] group_sched_out.part.0+0x2c7/0x460 [ 124.841096] ctx_sched_out+0x8f1/0xc10 [ 124.841112] __perf_event_task_sched_out+0x6d0/0x18d0 [ 124.841123] __schedule+0xedd/0x2470 [ 124.841137] schedule+0xda/0x1b0 [ 124.841150] exit_to_user_mode_prepare+0x114/0x1a0 [ 124.841160] syscall_exit_to_user_mode+0x19/0x40 [ 124.841172] do_syscall_64+0x48/0x90 [ 124.841189] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 124.841203] [ 124.841203] other info that might help us debug this: [ 124.841203] [ 124.841207] Chain exists of: [ 124.841207] (console_sem).lock --> &rq->__lock --> &ctx->lock [ 124.841207] [ 124.841224] Possible unsafe locking scenario: [ 124.841224] [ 124.841226] CPU0 CPU1 [ 124.841229] ---- ---- [ 124.841231] lock(&ctx->lock); [ 124.841237] lock(&rq->__lock); [ 124.841243] lock(&ctx->lock); [ 124.841249] lock((console_sem).lock); [ 124.841255] [ 124.841255] *** DEADLOCK *** [ 124.841255] [ 124.841257] 2 locks held by syz-executor.1/3822: [ 124.841263] #0: ffff88806ce37e98 (&rq->__lock){-.-.}-{2:2}, at: __schedule+0x1cf/0x2470 [ 124.841292] #1: ffff888018655420 (&ctx->lock){....}-{2:2}, at: __perf_event_task_sched_out+0x53b/0x18d0 [ 124.841318] [ 124.841318] stack backtrace: [ 124.841322] CPU: 0 PID: 3822 Comm: syz-executor.1 Not tainted 6.0.0-rc7-next-20220930 #1 [ 124.841334] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 124.841342] Call Trace: [ 124.841346] [ 124.841350] dump_stack_lvl+0x8b/0xb3 [ 124.841369] check_noncircular+0x263/0x2e0 [ 124.841385] ? format_decode+0x26c/0xb50 [ 124.841401] ? print_circular_bug+0x450/0x450 [ 124.841418] ? simple_strtoul+0x30/0x30 [ 124.841435] ? format_decode+0x26c/0xb50 [ 124.841453] ? alloc_chain_hlocks+0x1ec/0x5a0 [ 124.841471] __lock_acquire+0x2a02/0x5e70 [ 124.841494] ? lockdep_hardirqs_on_prepare+0x410/0x410 [ 124.841512] ? __mutex_add_waiter+0x120/0x120 [ 124.841531] lock_acquire+0x1a2/0x530 [ 124.841548] ? down_trylock+0xe/0x70 [ 124.841565] ? lock_release+0x750/0x750 [ 124.841587] ? vprintk+0x84/0xa0 [ 124.841605] _raw_spin_lock_irqsave+0x39/0x60 [ 124.841616] ? down_trylock+0xe/0x70 [ 124.841632] down_trylock+0xe/0x70 [ 124.841648] ? vprintk+0x84/0xa0 [ 124.841665] __down_trylock_console_sem+0x3b/0xd0 [ 124.841682] vprintk_emit+0x16b/0x560 [ 124.841702] vprintk+0x84/0xa0 [ 124.841719] _printk+0xba/0xf1 [ 124.841730] ? record_print_text.cold+0x16/0x16 [ 124.841747] ? report_bug.cold+0x66/0xab [ 124.841766] ? group_sched_out.part.0+0x2c7/0x460 [ 124.841784] report_bug.cold+0x72/0xab [ 124.841803] handle_bug+0x3c/0x70 [ 124.841820] exc_invalid_op+0x14/0x50 [ 124.841839] asm_exc_invalid_op+0x16/0x20 [ 124.841851] RIP: 0010:group_sched_out.part.0+0x2c7/0x460 [ 124.841872] Code: 5e 41 5f e9 8b ae ef ff e8 86 ae ef ff 65 8b 1d 0b 18 ac 7e 31 ff 89 de e8 26 ab ef ff 85 db 0f 84 8a 00 00 00 e8 69 ae ef ff <0f> 0b e9 a5 fe ff ff e8 5d ae ef ff 48 8d 7d 10 48 b8 00 00 00 00 [ 124.841884] RSP: 0018:ffff88801b65fc48 EFLAGS: 00010006 [ 124.841893] RAX: 0000000040000002 RBX: 0000000000000000 RCX: 0000000000000000 [ 124.841901] RDX: ffff888015fdb580 RSI: ffffffff81565dc7 RDI: 0000000000000005 [ 124.841909] RBP: ffff888008660b90 R08: 0000000000000005 R09: 0000000000000001 [ 124.841916] R10: 0000000000000000 R11: ffffffff865b401b R12: ffff888018655400 [ 124.841924] R13: ffff88806ce3d2c0 R14: ffffffff8547d000 R15: 0000000000000002 [ 124.841936] ? group_sched_out.part.0+0x2c7/0x460 [ 124.841956] ? group_sched_out.part.0+0x2c7/0x460 [ 124.841977] ctx_sched_out+0x8f1/0xc10 [ 124.841997] __perf_event_task_sched_out+0x6d0/0x18d0 [ 124.842012] ? lock_is_held_type+0xd7/0x130 [ 124.842026] ? __perf_cgroup_move+0x160/0x160 [ 124.842037] ? set_next_entity+0x304/0x550 [ 124.842054] ? update_curr+0x267/0x740 [ 124.842073] ? lock_is_held_type+0xd7/0x130 [ 124.842088] __schedule+0xedd/0x2470 [ 124.842106] ? io_schedule_timeout+0x150/0x150 [ 124.842123] ? __x64_sys_futex_time32+0x480/0x480 [ 124.842141] schedule+0xda/0x1b0 [ 124.842158] exit_to_user_mode_prepare+0x114/0x1a0 [ 124.842171] syscall_exit_to_user_mode+0x19/0x40 [ 124.842185] do_syscall_64+0x48/0x90 [ 124.842203] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 124.842216] RIP: 0033:0x7f5054ac1b19 [ 124.842224] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 124.842235] RSP: 002b:00007f5052037218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 124.842246] RAX: 0000000000000001 RBX: 00007f5054bd4f68 RCX: 00007f5054ac1b19 [ 124.842253] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f5054bd4f6c [ 124.842260] RBP: 00007f5054bd4f60 R08: 000000000000000e R09: 0000000000000000 [ 124.842267] R10: 0000000000000003 R11: 0000000000000246 R12: 00007f5054bd4f6c [ 124.842275] R13: 00007fff3f751edf R14: 00007f5052037300 R15: 0000000000022000 [ 124.842289] [ 124.899470] WARNING: CPU: 0 PID: 3822 at kernel/events/core.c:2309 group_sched_out.part.0+0x2c7/0x460 [ 124.900163] Modules linked in: [ 124.900406] CPU: 0 PID: 3822 Comm: syz-executor.1 Not tainted 6.0.0-rc7-next-20220930 #1 [ 124.901002] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 124.901837] RIP: 0010:group_sched_out.part.0+0x2c7/0x460 [ 124.902249] Code: 5e 41 5f e9 8b ae ef ff e8 86 ae ef ff 65 8b 1d 0b 18 ac 7e 31 ff 89 de e8 26 ab ef ff 85 db 0f 84 8a 00 00 00 e8 69 ae ef ff <0f> 0b e9 a5 fe ff ff e8 5d ae ef ff 48 8d 7d 10 48 b8 00 00 00 00 [ 124.903598] RSP: 0018:ffff88801b65fc48 EFLAGS: 00010006 [ 124.903996] RAX: 0000000040000002 RBX: 0000000000000000 RCX: 0000000000000000 [ 124.904521] RDX: ffff888015fdb580 RSI: ffffffff81565dc7 RDI: 0000000000000005 [ 124.905050] RBP: ffff888008660b90 R08: 0000000000000005 R09: 0000000000000001 [ 124.905569] R10: 0000000000000000 R11: ffffffff865b401b R12: ffff888018655400 [ 124.906097] R13: ffff88806ce3d2c0 R14: ffffffff8547d000 R15: 0000000000000002 [ 124.906631] FS: 00007f5052037700(0000) GS:ffff88806ce00000(0000) knlGS:0000000000000000 [ 124.907229] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 124.907660] CR2: 00007f0b71200000 CR3: 000000001ef98000 CR4: 0000000000350ef0 [ 124.908191] Call Trace: [ 124.908386] [ 124.908563] ctx_sched_out+0x8f1/0xc10 [ 124.908876] __perf_event_task_sched_out+0x6d0/0x18d0 [ 124.909265] ? lock_is_held_type+0xd7/0x130 [ 124.909586] ? __perf_cgroup_move+0x160/0x160 [ 124.909920] ? set_next_entity+0x304/0x550 [ 124.910246] ? update_curr+0x267/0x740 [ 124.910561] ? lock_is_held_type+0xd7/0x130 [ 124.910893] __schedule+0xedd/0x2470 [ 124.911183] ? io_schedule_timeout+0x150/0x150 [ 124.911536] ? __x64_sys_futex_time32+0x480/0x480 [ 124.911898] schedule+0xda/0x1b0 [ 124.912161] exit_to_user_mode_prepare+0x114/0x1a0 [ 124.912533] syscall_exit_to_user_mode+0x19/0x40 [ 124.912898] do_syscall_64+0x48/0x90 [ 124.913186] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 124.913578] RIP: 0033:0x7f5054ac1b19 [ 124.913857] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 124.915210] RSP: 002b:00007f5052037218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 124.915771] RAX: 0000000000000001 RBX: 00007f5054bd4f68 RCX: 00007f5054ac1b19 [ 124.916296] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f5054bd4f6c [ 124.916831] RBP: 00007f5054bd4f60 R08: 000000000000000e R09: 0000000000000000 [ 124.917354] R10: 0000000000000003 R11: 0000000000000246 R12: 00007f5054bd4f6c [ 124.917880] R13: 00007fff3f751edf R14: 00007f5052037300 R15: 0000000000022000 [ 124.918424] [ 124.918601] irq event stamp: 766 [ 124.918851] hardirqs last enabled at (765): [] exit_to_user_mode_prepare+0x109/0x1a0 [ 124.919546] hardirqs last disabled at (766): [] __schedule+0x1225/0x2470 [ 124.920157] softirqs last enabled at (474): [] __irq_exit_rcu+0x11b/0x180 [ 124.920793] softirqs last disabled at (173): [] __irq_exit_rcu+0x11b/0x180 [ 124.921424] ---[ end trace 0000000000000000 ]--- [ 125.040605] loop4: detected capacity change from 0 to 262144 [ 125.041792] tmpfs: Bad value for 'nr_inodes' [ 125.065034] loop4: detected capacity change from 0 to 262144 [ 125.065749] tmpfs: Bad value for 'nr_inodes' 07:09:46 executing program 4: shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffe000/0x2000)=nil) r0 = shmget$private(0x0, 0x3000, 0x78000000, &(0x7f0000ffd000/0x3000)=nil) shmat(0x0, &(0x7f0000ffb000/0x4000)=nil, 0x0) shmat(r0, &(0x7f0000ffa000/0x4000)=nil, 0x4000) shmat(r0, &(0x7f0000ff9000/0x1000)=nil, 0x4000) madvise(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x17) madvise(&(0x7f0000ffa000/0x2000)=nil, 0x2000, 0x9) r1 = pkey_alloc(0x0, 0x0) pkey_mprotect(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x2000004, r1) mlock2(&(0x7f0000ff9000/0x4000)=nil, 0x4000, 0x1) 07:09:46 executing program 4: r0 = syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) close_range(0xffffffffffffffff, r0, 0x0) r1 = inotify_init1(0x0) r2 = inotify_add_watch(r1, &(0x7f0000006440)='./file0\x00', 0x5400000a) inotify_rm_watch(r1, r2) 07:09:46 executing program 1: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x77, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x0, &(0x7f0000000080)={0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000000100)=0x0, &(0x7f0000000000)=0x0) syz_io_uring_submit(r0, r1, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffff9c, 0x0, 0x0}, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x44142, 0x0) fallocate(r2, 0x0, 0x0, 0x87ffffc) creat(0x0, 0x6a) openat(0xffffffffffffffff, 0x0, 0x2, 0x28) 07:09:46 executing program 4: r0 = syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) close_range(0xffffffffffffffff, r0, 0x0) r1 = inotify_init1(0x0) r2 = inotify_add_watch(r1, &(0x7f0000006440)='./file0\x00', 0x5400000a) inotify_rm_watch(r1, r2) 07:09:46 executing program 1: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x77, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x0, &(0x7f0000000080)={0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000000100)=0x0, &(0x7f0000000000)=0x0) syz_io_uring_submit(r0, r1, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffff9c, 0x0, 0x0}, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x44142, 0x0) fallocate(r2, 0x0, 0x0, 0x87ffffc) creat(0x0, 0x6a) openat(0xffffffffffffffff, 0x0, 0x2, 0x28) 07:09:46 executing program 4: r0 = syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) close_range(0xffffffffffffffff, r0, 0x0) r1 = inotify_init1(0x0) r2 = inotify_add_watch(r1, &(0x7f0000006440)='./file0\x00', 0x5400000a) inotify_rm_watch(r1, r2) 07:09:46 executing program 4: r0 = syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) close_range(0xffffffffffffffff, r0, 0x0) r1 = inotify_init1(0x0) r2 = inotify_add_watch(r1, &(0x7f0000006440)='./file0\x00', 0x5400000a) inotify_rm_watch(r1, r2) VM DIAGNOSIS: 07:09:46 Registers: info registers vcpu 0 RAX=0000000000000074 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff823bb0f1 RDI=ffffffff8765a9a0 RBP=ffffffff8765a960 RSP=ffff88801b65f690 R8 =0000000000000001 R9 =000000000000000a R10=0000000000000074 R11=0000000000000001 R12=0000000000000074 R13=ffffffff8765a960 R14=0000000000000010 R15=ffffffff823bb0e0 RIP=ffffffff823bb149 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 00007f5052037700 00000000 00000000 GS =0000 ffff88806ce00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007f0b71200000 CR3=000000001ef98000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 YMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM01=0000000000000000 0000000000000000 00007f5054ba87c0 00007f5054ba87c8 YMM02=0000000000000000 0000000000000000 00007f5054ba87e0 00007f5054ba87c0 YMM03=0000000000000000 0000000000000000 00007f5054ba87c8 00007f5054ba87c0 YMM04=0000000000000000 0000000000000000 ffffffffffffffff ffffffff00000000 YMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM06=0000000000000000 0000000000000000 0000000000000000 000000524f525245 YMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM08=0000000000000000 0000000000000000 0000000000000000 00524f5252450040 YMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 RAX=0000000000000000 RBX=0000000000000001 RCX=1ffff11003b5fe86 RDX=0000000000000001 RSI=ffff88801daffbe0 RDI=ffff88801daff440 RBP=ffff88801daff430 RSP=ffff88801daff358 R8 =ffffffff85ec4f64 R9 =ffffffff85ec4f68 R10=ffffed1003b5fe88 R11=ffff88801daff418 R12=ffff88801daff419 R13=ffff88801daff438 R14=ffff88801daff3d8 R15=ffffffff85ec4f69 RIP=ffffffff8111ac79 RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 0000000000000000 00000000 00000000 GS =0000 ffff88806cf00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=000055c1bc9ef080 CR3=000000001d980000 CR4=00350ee0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 YMM00=0000000000000000 0000000000000000 00642e65626f7270 646f6d2f6374652f YMM01=0000000000000000 0000000000000000 00642e65626f7270 646f6d2f6374652f YMM02=0000000000000000 0000000000000000 0000000000000000 0000ffffffffffff YMM03=0000000000000000 0000000000000000 0000000000000000 0000ff00000000ff YMM04=0000000000000000 0000000000000000 2f2f2f2f2f2f2f2f 2f2f2f2f2f2f2f2f YMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM08=0000000000000000 0000000000000000 676f6c206d6f7473 7563000000000000 YMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000