Debian GNU/Linux 11 syzkaller ttyS0 Warning: Permanently added '[localhost]:24724' (ECDSA) to the list of known hosts. 2022/10/04 11:37:29 fuzzer started 2022/10/04 11:37:29 dialing manager at localhost:35095 syzkaller login: [ 39.311368] cgroup: Unknown subsys name 'net' [ 39.400058] cgroup: Unknown subsys name 'rlimit' 2022/10/04 11:37:43 syscalls: 2215 2022/10/04 11:37:43 code coverage: enabled 2022/10/04 11:37:43 comparison tracing: enabled 2022/10/04 11:37:43 extra coverage: enabled 2022/10/04 11:37:43 setuid sandbox: enabled 2022/10/04 11:37:43 namespace sandbox: enabled 2022/10/04 11:37:43 Android sandbox: enabled 2022/10/04 11:37:43 fault injection: enabled 2022/10/04 11:37:43 leak checking: enabled 2022/10/04 11:37:43 net packet injection: enabled 2022/10/04 11:37:43 net device setup: enabled 2022/10/04 11:37:43 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2022/10/04 11:37:43 devlink PCI setup: PCI device 0000:00:10.0 is not available 2022/10/04 11:37:43 USB emulation: enabled 2022/10/04 11:37:43 hci packet injection: enabled 2022/10/04 11:37:43 wifi device emulation: failed to parse kernel version (6.0.0-rc7-next-20220930) 2022/10/04 11:37:43 802.15.4 emulation: enabled 2022/10/04 11:37:43 fetching corpus: 50, signal 31935/33738 (executing program) 2022/10/04 11:37:44 fetching corpus: 100, signal 44976/48435 (executing program) 2022/10/04 11:37:44 fetching corpus: 150, signal 53216/58242 (executing program) 2022/10/04 11:37:44 fetching corpus: 200, signal 60881/67358 (executing program) 2022/10/04 11:37:44 fetching corpus: 250, signal 63814/71822 (executing program) 2022/10/04 11:37:44 fetching corpus: 300, signal 66128/75643 (executing program) 2022/10/04 11:37:44 fetching corpus: 350, signal 68250/79280 (executing program) 2022/10/04 11:37:44 fetching corpus: 400, signal 72188/84607 (executing program) 2022/10/04 11:37:44 fetching corpus: 450, signal 77768/91423 (executing program) 2022/10/04 11:37:44 fetching corpus: 500, signal 84217/99026 (executing program) 2022/10/04 11:37:45 fetching corpus: 550, signal 86454/102562 (executing program) 2022/10/04 11:37:45 fetching corpus: 600, signal 90867/108125 (executing program) 2022/10/04 11:37:45 fetching corpus: 650, signal 95679/114036 (executing program) 2022/10/04 11:37:45 fetching corpus: 700, signal 100351/119721 (executing program) 2022/10/04 11:37:45 fetching corpus: 750, signal 102526/123072 (executing program) 2022/10/04 11:37:45 fetching corpus: 800, signal 104743/126448 (executing program) 2022/10/04 11:37:45 fetching corpus: 850, signal 106593/129456 (executing program) 2022/10/04 11:37:45 fetching corpus: 900, signal 107946/131994 (executing program) 2022/10/04 11:37:45 fetching corpus: 950, signal 110328/135420 (executing program) 2022/10/04 11:37:45 fetching corpus: 1000, signal 112355/138515 (executing program) 2022/10/04 11:37:46 fetching corpus: 1050, signal 113808/141080 (executing program) 2022/10/04 11:37:46 fetching corpus: 1100, signal 115580/143864 (executing program) 2022/10/04 11:37:46 fetching corpus: 1150, signal 117498/146845 (executing program) 2022/10/04 11:37:46 fetching corpus: 1200, signal 119439/149732 (executing program) 2022/10/04 11:37:46 fetching corpus: 1250, signal 121711/152883 (executing program) 2022/10/04 11:37:46 fetching corpus: 1300, signal 124468/156481 (executing program) 2022/10/04 11:37:46 fetching corpus: 1350, signal 125456/158527 (executing program) 2022/10/04 11:37:46 fetching corpus: 1400, signal 126895/160861 (executing program) 2022/10/04 11:37:46 fetching corpus: 1450, signal 128415/163282 (executing program) 2022/10/04 11:37:47 fetching corpus: 1500, signal 129764/165598 (executing program) 2022/10/04 11:37:47 fetching corpus: 1550, signal 131185/167893 (executing program) 2022/10/04 11:37:47 fetching corpus: 1600, signal 133294/170749 (executing program) 2022/10/04 11:37:47 fetching corpus: 1650, signal 134506/172859 (executing program) 2022/10/04 11:37:47 fetching corpus: 1700, signal 135309/174715 (executing program) 2022/10/04 11:37:47 fetching corpus: 1750, signal 137622/177741 (executing program) 2022/10/04 11:37:47 fetching corpus: 1800, signal 138874/179839 (executing program) 2022/10/04 11:37:47 fetching corpus: 1850, signal 139991/181844 (executing program) 2022/10/04 11:37:47 fetching corpus: 1900, signal 141307/183965 (executing program) 2022/10/04 11:37:47 fetching corpus: 1950, signal 142683/186139 (executing program) 2022/10/04 11:37:48 fetching corpus: 2000, signal 144055/188300 (executing program) 2022/10/04 11:37:48 fetching corpus: 2050, signal 145071/190125 (executing program) 2022/10/04 11:37:48 fetching corpus: 2100, signal 146102/191989 (executing program) 2022/10/04 11:37:48 fetching corpus: 2150, signal 147083/193778 (executing program) 2022/10/04 11:37:48 fetching corpus: 2200, signal 148270/195686 (executing program) 2022/10/04 11:37:48 fetching corpus: 2250, signal 149989/198008 (executing program) 2022/10/04 11:37:48 fetching corpus: 2300, signal 150425/199374 (executing program) 2022/10/04 11:37:48 fetching corpus: 2350, signal 151612/201306 (executing program) 2022/10/04 11:37:48 fetching corpus: 2400, signal 153284/203544 (executing program) 2022/10/04 11:37:48 fetching corpus: 2450, signal 154538/205537 (executing program) 2022/10/04 11:37:49 fetching corpus: 2500, signal 155366/207187 (executing program) 2022/10/04 11:37:49 fetching corpus: 2550, signal 156644/209099 (executing program) 2022/10/04 11:37:49 fetching corpus: 2600, signal 157940/210975 (executing program) 2022/10/04 11:37:49 fetching corpus: 2650, signal 158419/212301 (executing program) 2022/10/04 11:37:49 fetching corpus: 2700, signal 159272/213903 (executing program) 2022/10/04 11:37:49 fetching corpus: 2750, signal 160413/215688 (executing program) 2022/10/04 11:37:49 fetching corpus: 2800, signal 161302/217275 (executing program) 2022/10/04 11:37:49 fetching corpus: 2850, signal 162252/218861 (executing program) 2022/10/04 11:37:49 fetching corpus: 2900, signal 163751/220843 (executing program) 2022/10/04 11:37:49 fetching corpus: 2950, signal 165515/222885 (executing program) 2022/10/04 11:37:50 fetching corpus: 3000, signal 166678/224548 (executing program) 2022/10/04 11:37:50 fetching corpus: 3050, signal 167593/226134 (executing program) 2022/10/04 11:37:50 fetching corpus: 3100, signal 168386/227594 (executing program) 2022/10/04 11:37:50 fetching corpus: 3150, signal 169071/228953 (executing program) 2022/10/04 11:37:50 fetching corpus: 3200, signal 169377/230063 (executing program) 2022/10/04 11:37:50 fetching corpus: 3250, signal 169826/231294 (executing program) 2022/10/04 11:37:50 fetching corpus: 3300, signal 170493/232593 (executing program) 2022/10/04 11:37:50 fetching corpus: 3350, signal 170984/233778 (executing program) 2022/10/04 11:37:50 fetching corpus: 3400, signal 171875/235257 (executing program) 2022/10/04 11:37:50 fetching corpus: 3450, signal 172387/236505 (executing program) 2022/10/04 11:37:50 fetching corpus: 3500, signal 173241/237905 (executing program) 2022/10/04 11:37:51 fetching corpus: 3550, signal 173808/239121 (executing program) 2022/10/04 11:37:51 fetching corpus: 3600, signal 174426/240377 (executing program) 2022/10/04 11:37:51 fetching corpus: 3650, signal 175355/241811 (executing program) 2022/10/04 11:37:51 fetching corpus: 3700, signal 175995/243062 (executing program) 2022/10/04 11:37:51 fetching corpus: 3750, signal 176574/244268 (executing program) 2022/10/04 11:37:51 fetching corpus: 3800, signal 177030/245428 (executing program) 2022/10/04 11:37:51 fetching corpus: 3850, signal 177521/246591 (executing program) 2022/10/04 11:37:51 fetching corpus: 3900, signal 178099/247792 (executing program) 2022/10/04 11:37:51 fetching corpus: 3950, signal 178631/248929 (executing program) 2022/10/04 11:37:51 fetching corpus: 4000, signal 179150/250100 (executing program) 2022/10/04 11:37:52 fetching corpus: 4050, signal 179829/251357 (executing program) 2022/10/04 11:37:52 fetching corpus: 4100, signal 180524/252552 (executing program) 2022/10/04 11:37:52 fetching corpus: 4150, signal 181119/253733 (executing program) 2022/10/04 11:37:52 fetching corpus: 4200, signal 181613/254867 (executing program) 2022/10/04 11:37:52 fetching corpus: 4250, signal 182313/256094 (executing program) 2022/10/04 11:37:52 fetching corpus: 4300, signal 183086/257340 (executing program) 2022/10/04 11:37:52 fetching corpus: 4350, signal 183876/258551 (executing program) 2022/10/04 11:37:52 fetching corpus: 4400, signal 184537/259705 (executing program) 2022/10/04 11:37:52 fetching corpus: 4450, signal 185350/260900 (executing program) 2022/10/04 11:37:53 fetching corpus: 4500, signal 185986/262020 (executing program) 2022/10/04 11:37:53 fetching corpus: 4550, signal 187244/263416 (executing program) 2022/10/04 11:37:53 fetching corpus: 4600, signal 187823/264530 (executing program) 2022/10/04 11:37:53 fetching corpus: 4650, signal 188569/265657 (executing program) 2022/10/04 11:37:53 fetching corpus: 4700, signal 189804/267005 (executing program) 2022/10/04 11:37:53 fetching corpus: 4750, signal 190627/268143 (executing program) 2022/10/04 11:37:53 fetching corpus: 4800, signal 191440/269298 (executing program) 2022/10/04 11:37:53 fetching corpus: 4850, signal 192306/270475 (executing program) 2022/10/04 11:37:53 fetching corpus: 4900, signal 192968/271548 (executing program) 2022/10/04 11:37:54 fetching corpus: 4950, signal 193873/272680 (executing program) 2022/10/04 11:37:54 fetching corpus: 5000, signal 194549/273702 (executing program) 2022/10/04 11:37:54 fetching corpus: 5015, signal 194826/274615 (executing program) 2022/10/04 11:37:54 fetching corpus: 5015, signal 194826/275398 (executing program) 2022/10/04 11:37:54 fetching corpus: 5015, signal 194826/276164 (executing program) 2022/10/04 11:37:54 fetching corpus: 5015, signal 194826/276953 (executing program) 2022/10/04 11:37:54 fetching corpus: 5015, signal 194826/277745 (executing program) 2022/10/04 11:37:54 fetching corpus: 5015, signal 194826/278564 (executing program) 2022/10/04 11:37:54 fetching corpus: 5015, signal 194826/279342 (executing program) 2022/10/04 11:37:54 fetching corpus: 5015, signal 194826/280116 (executing program) 2022/10/04 11:37:54 fetching corpus: 5015, signal 194826/280906 (executing program) 2022/10/04 11:37:54 fetching corpus: 5015, signal 194826/281662 (executing program) 2022/10/04 11:37:54 fetching corpus: 5015, signal 194826/282448 (executing program) 2022/10/04 11:37:54 fetching corpus: 5015, signal 194826/283263 (executing program) 2022/10/04 11:37:54 fetching corpus: 5015, signal 194826/284033 (executing program) 2022/10/04 11:37:54 fetching corpus: 5015, signal 194826/284815 (executing program) 2022/10/04 11:37:54 fetching corpus: 5015, signal 194826/285592 (executing program) 2022/10/04 11:37:54 fetching corpus: 5015, signal 194826/286397 (executing program) 2022/10/04 11:37:54 fetching corpus: 5015, signal 194826/287143 (executing program) 2022/10/04 11:37:54 fetching corpus: 5015, signal 194826/287953 (executing program) 2022/10/04 11:37:54 fetching corpus: 5015, signal 194826/288709 (executing program) 2022/10/04 11:37:54 fetching corpus: 5015, signal 194826/289494 (executing program) 2022/10/04 11:37:54 fetching corpus: 5015, signal 194826/290266 (executing program) 2022/10/04 11:37:54 fetching corpus: 5015, signal 194826/291042 (executing program) 2022/10/04 11:37:54 fetching corpus: 5015, signal 194826/291825 (executing program) 2022/10/04 11:37:54 fetching corpus: 5015, signal 194826/292593 (executing program) 2022/10/04 11:37:54 fetching corpus: 5015, signal 194826/293352 (executing program) 2022/10/04 11:37:54 fetching corpus: 5015, signal 194826/294117 (executing program) 2022/10/04 11:37:54 fetching corpus: 5015, signal 194826/294901 (executing program) 2022/10/04 11:37:54 fetching corpus: 5015, signal 194826/295694 (executing program) 2022/10/04 11:37:54 fetching corpus: 5015, signal 194826/296457 (executing program) 2022/10/04 11:37:54 fetching corpus: 5015, signal 194826/297255 (executing program) 2022/10/04 11:37:54 fetching corpus: 5015, signal 194826/298008 (executing program) 2022/10/04 11:37:54 fetching corpus: 5015, signal 194826/298809 (executing program) 2022/10/04 11:37:54 fetching corpus: 5015, signal 194826/299583 (executing program) 2022/10/04 11:37:54 fetching corpus: 5015, signal 194826/300318 (executing program) 2022/10/04 11:37:54 fetching corpus: 5015, signal 194826/301093 (executing program) 2022/10/04 11:37:54 fetching corpus: 5015, signal 194826/301872 (executing program) 2022/10/04 11:37:54 fetching corpus: 5015, signal 194826/302600 (executing program) 2022/10/04 11:37:54 fetching corpus: 5015, signal 194826/303413 (executing program) 2022/10/04 11:37:54 fetching corpus: 5015, signal 194826/304179 (executing program) 2022/10/04 11:37:54 fetching corpus: 5015, signal 194826/304974 (executing program) 2022/10/04 11:37:54 fetching corpus: 5015, signal 194826/305772 (executing program) 2022/10/04 11:37:54 fetching corpus: 5015, signal 194826/306572 (executing program) 2022/10/04 11:37:54 fetching corpus: 5015, signal 194826/307335 (executing program) 2022/10/04 11:37:54 fetching corpus: 5015, signal 194826/308096 (executing program) 2022/10/04 11:37:54 fetching corpus: 5015, signal 194826/308895 (executing program) 2022/10/04 11:37:54 fetching corpus: 5015, signal 194826/309695 (executing program) 2022/10/04 11:37:54 fetching corpus: 5015, signal 194826/310481 (executing program) 2022/10/04 11:37:54 fetching corpus: 5015, signal 194826/311272 (executing program) 2022/10/04 11:37:54 fetching corpus: 5015, signal 194826/312079 (executing program) 2022/10/04 11:37:54 fetching corpus: 5015, signal 194826/312896 (executing program) 2022/10/04 11:37:54 fetching corpus: 5015, signal 194826/313702 (executing program) 2022/10/04 11:37:54 fetching corpus: 5015, signal 194826/314456 (executing program) 2022/10/04 11:37:54 fetching corpus: 5015, signal 194826/315269 (executing program) 2022/10/04 11:37:54 fetching corpus: 5015, signal 194826/316094 (executing program) 2022/10/04 11:37:54 fetching corpus: 5015, signal 194826/316914 (executing program) 2022/10/04 11:37:54 fetching corpus: 5015, signal 194826/317694 (executing program) 2022/10/04 11:37:54 fetching corpus: 5015, signal 194826/318467 (executing program) 2022/10/04 11:37:54 fetching corpus: 5015, signal 194826/319252 (executing program) 2022/10/04 11:37:54 fetching corpus: 5015, signal 194826/319439 (executing program) 2022/10/04 11:37:54 fetching corpus: 5015, signal 194826/319439 (executing program) 2022/10/04 11:37:57 starting 8 fuzzer processes 11:37:57 executing program 7: prctl$PR_SET_UNALIGN(0x6, 0x3) prctl$PR_SET_UNALIGN(0x6, 0x1) prctl$PR_SET_UNALIGN(0x6, 0x0) prctl$PR_SET_UNALIGN(0x6, 0x1) prctl$PR_SET_UNALIGN(0x6, 0x1) prctl$PR_SET_UNALIGN(0x6, 0x0) prctl$PR_SET_UNALIGN(0x6, 0x2) prctl$PR_SET_UNALIGN(0x6, 0x1) prctl$PR_SET_UNALIGN(0x6, 0x3) prctl$PR_SET_UNALIGN(0x6, 0x0) prctl$PR_SET_UNALIGN(0x6, 0x3) prctl$PR_SET_UNALIGN(0x6, 0x1) prctl$PR_SET_UNALIGN(0x6, 0x2) prctl$PR_SET_UNALIGN(0x6, 0x3) prctl$PR_SET_UNALIGN(0x6, 0x1) prctl$PR_SET_UNALIGN(0x6, 0x2) prctl$PR_SET_UNALIGN(0x6, 0x2) prctl$PR_SET_UNALIGN(0x6, 0x1) prctl$PR_SET_UNALIGN(0x6, 0x2) prctl$PR_SET_UNALIGN(0x6, 0x0) 11:37:57 executing program 3: getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, &(0x7f0000000040)={{{@in6=@initdev, @in6=@private0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@private1}, 0x0, @in=@empty}}, &(0x7f0000000140)=0xe8) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000180)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x0, 0xffffffffffffffff}}, './file0\x00'}) newfstatat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000200)={0x0, 0x0, 0x0, 0x0, 0x0}, 0x4000) r4 = geteuid() r5 = getgid() fsetxattr$system_posix_acl(0xffffffffffffffff, &(0x7f0000000000)='system.posix_acl_default\x00', &(0x7f0000000280)={{}, {0x1, 0x6}, [{0x2, 0x4, 0xee00}, {0x2, 0x4, r0}, {0x2, 0x2, r2}, {0x2, 0x2}, {0x2, 0x5, r3}, {0x2, 0x2, r4}], {0x4, 0x5}, [{0x8, 0x2, r5}, {0x8, 0x1, 0xee01}, {0x8, 0x6, 0xee01}, {0x8, 0x9, 0xee00}, {0x8, 0x2, 0xee01}], {0x10, 0x1}, {0x20, 0x2}}, 0x7c, 0x0) r6 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000300), 0x4080, 0x0) getsockopt$EBT_SO_GET_ENTRIES(r6, 0x0, 0x81, &(0x7f0000000400)={'broute\x00', 0x0, 0x4, 0x65, [0x200, 0x20, 0x0, 0x4, 0x3, 0x7], 0x1, &(0x7f0000000340)=[{}], &(0x7f0000000380)=""/101}, &(0x7f0000000480)=0x78) ioctl$BTRFS_IOC_FS_INFO(r1, 0x8400941f, &(0x7f00000004c0)) ioctl$sock_inet_SIOCSARP(r1, 0x8955, &(0x7f00000008c0)={{0x2, 0x4e24, @loopback}, {0x6}, 0x10, {0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x28}}, 'hsr0\x00'}) r7 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000940), 0xa4002, 0x0) ioctl$TUNSETOWNER(r1, 0x400454cc, r4) lstat(&(0x7f0000000980)='./file0\x00', &(0x7f00000009c0)={0x0, 0x0, 0x0, 0x0, 0x0}) r9 = getegid() ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r1, 0xc018937b, &(0x7f0000000a40)={{0x1, 0x1, 0x18, r1, {r8, r9}}, './file0\x00'}) r11 = syz_open_dev$vcsa(&(0x7f0000000a80), 0xb0e, 0x40000) fstat(r10, &(0x7f0000000ac0)={0x0, 0x0, 0x0, 0x0, 0x0}) newfstatat(0xffffffffffffff9c, &(0x7f0000000b40)='./file0\x00', &(0x7f0000000b80)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x100) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r11, 0xc018937b, &(0x7f0000000c00)={{0x1, 0x1, 0x18, r7, {r12, r13}}, './file0\x00'}) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r14, 0xc018937b, &(0x7f0000001f80)={{0x1, 0x1, 0x18, r14, {r2}}, './file0\x00'}) 11:37:57 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x42000, 0x15) epoll_pwait(r0, &(0x7f0000000040)=[{}], 0x1, 0x4, &(0x7f0000000080)={[0x9]}, 0x8) io_setup(0x80000001, &(0x7f00000000c0)=0x0) io_pgetevents(r1, 0x100000000, 0x4, &(0x7f0000000100)=[{}, {}, {}, {}], &(0x7f0000000180), &(0x7f0000000200)={&(0x7f00000001c0)={[0x7]}, 0x8}) io_setup(0x2b, &(0x7f0000000240)=0x0) io_pgetevents(r2, 0x52, 0x5, &(0x7f0000000280)=[{}, {}, {}, {}, {}], &(0x7f0000000340)={0x0, 0x3938700}, &(0x7f00000003c0)={&(0x7f0000000380)={[0x1]}, 0x8}) io_setup(0x400, &(0x7f0000000400)=0x0) clock_gettime(0x0, &(0x7f0000000500)={0x0, 0x0}) io_pgetevents(r3, 0x8001, 0x6, &(0x7f0000000440)=[{}, {}, {}, {}, {}, {}], &(0x7f0000000540)={r4, r5+60000000}, &(0x7f00000005c0)={&(0x7f0000000580)={[0x1]}, 0x8}) clock_gettime(0x2, &(0x7f0000000600)) r6 = openat$full(0xffffffffffffff9c, &(0x7f0000000740), 0x4800, 0x0) r7 = accept4$unix(r0, &(0x7f00000019c0), &(0x7f0000001a40)=0x6e, 0x80000) ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(0xffffffffffffffff, 0xc018937e, &(0x7f0000001ac0)={{0x1, 0x1, 0x18, 0xffffffffffffffff, @out_args}, './file0\x00'}) ioctl$AUTOFS_DEV_IOCTL_PROTOVER(r0, 0xc0189372, &(0x7f0000001c00)={{0x1, 0x1, 0x18, r0, {0x6}}, './file0\x00'}) io_submit(r1, 0x6, &(0x7f0000001c80)=[&(0x7f0000000780)={0x0, 0x0, 0x0, 0x6, 0x4, r0, &(0x7f0000000640)="c7846f1bcc9512c563324e3bcf9921f8d597827e816b9fec2198749d6e95c972948e173beb3c06973e8f699c272a64e910a9ff75eb98a7d2ae9967e83b8cbf5e706652b549d176576e88fad14a82bc619a0fed8df666b2d6685190530b8e9e2e416d173a655a6d70fa135853c37e4cd7b49f232d8a8a4dbfc847ec731bb15b176da4e4a0ed89729b8fb3ef601f5cc18fe7ec1fd92b9a7f72df5fe59e31a3664a180a8da4b0f893a87227a5f4d8c8e26306400a74c71be4ced3323c80b0fcfeb8c129ef6ffd662454c14b", 0xca, 0x1, 0x0, 0x2, r6}, &(0x7f00000017c0)={0x0, 0x0, 0x0, 0x5, 0x42, r0, &(0x7f00000007c0)="b53093769e79994779587755c1bb13032e8dbcd2e29b07118a1f6d9245f07fe131fa22fcba5b20d0a1f95f2f06cd676af86c05bda9a0187420d640f614bd77d5c4772344e28c1713b4cb22bcf2e019cf28236eb3e8071b7f894b688e6083ee5f99fa2c50ec0729cfa5a83206bff11ff26c8c07c959f37bf99d1f3f1aa96d2c2312091b57da846dc18e33d904cd8e52f8f939803d8814514b493843869a8258559d073002da60cbde2c9c81b32f2ee27ae3b3ce905e99ddd98de982db96dd74a3d08b8695349f55f817cc7d2d50e9ba861249d47a37d3bc0d8be284fa8b3bc0132f12c9d16fc4c786d25ee2dcdf779917003cf9b568c894666b9a5f96e3954a2a0a6c502682f519685d9460baea2a3dfa27e8da547626a2cc0c461dcdaff992bd0648fc8edc70794385990dab72e7fba9403d2a35f976b4902c7fdb8299a8624e97eecdc3915dd56f1a9cb8ee144652bb769d8d8d66866a1ef99896ea4061fce5653ae9d1e63642ea19aa443e25e2026fcb39e64ee961a498656e1bc794d72d0a2f72244558c38fa32301094fc4a8e217bcb9dcc9f0416ca84e4e924a6a20439bc97091efc583e69bce0599dd96870f4ebc50de98546bb3d66dcacbc321466948d45123c8a4b7eca058dac1377bb90aff2d1e4b4edc211270aa73e3ead13489a70f85e5642d2734db694c726be7aa14ecadaf84a8315463f92938a9fae66c1c490f93e46cdd0ebc6c2f4dfe66d6ee0a1146ee3b2358be75ca655b4d22e3da9a3b604b3d9ca03b97d81b8b7f5b82c1126f12c744bc1568f8ef6f76e68da647bab2e8480571dd2ed46ec8525c4bfa24ec467b9564f3ec4006b66dd533e67da91b07ec0a142c06ffcde47770ee57a554652a73220ccb6ded48cd0a863c892fa5c4346aed36a1a909324691c59e2195fc4126773430cde67137af7a63f81d0d3b7ea68fdffebe5607552174700a842a84ef6bbe372379f6e0026fe73794f96185e7a948e8a1cba07e3b587e9fd18ab54039d5d5db1b7dbb20b089c097f46aa4a7dd1d09497525d349e2a1a48377b179232d83e190c26d787f737e13add30ced4000b2f3deb25f09fc338f96abecd829c9e6fffcde234205bae84a56b12994434b91da9dcc8370c3adb78d97e2899d0b9d60ac8434c575705d4823bb9f860b9643d44282dc98b480dceecb4e5153c6053f5fbaeee2fe6d3a72953f0928e940e0444ff6b2cbbce6e806a9634bce8f1d11bba443f0c75f8a52a8ccda2b943e9e5038116b7370b1e93ce731ce671831ae702b4e0571952230175e9a5fc56d4737c9f74ad81444f7c12bbce0524b32520d645ff7f5431c6c6545c1264eb90a5a4be5266a54a6a7090ab039cb1b1a2b75b9dc64f5b3e22f378b2c4517a1c79a676561e34b6847f92173404bc3d38bcae6b81386bf99d7e51365663ff231ef36cde2d1bcbff6f3738088f05f1a4283ad8b6a94fd8ebc02d27707cbbcd3a05a616e0d1f9212bb511fa7c8f9f15a402418e8a44e4d4bbff8e81b5f91d51e61017bcd5ad2954570316999f29da439b26f2d0b6eb5aa2f82f10784c908e4d61804f84c3a3221896f4ed34edb7cf7dfc48d078ec02eea5695e4eeef14a55ed00ebf98f072f7abf7048e2d63ffc6ea81e765abefc05f63a72332b82cc65134d6a1444ea6d8f62add374d7606005eeccd63b122b8425bb53dc56e7838e30231724d277e19d0b68067e4ff5748726513a59dbfa861ff9f4a51dd76b27376f8f906d6a257b4a55fa1985fa018d0e0955f8ba96665bbfc61a309c29c77c608e578fa3d3783e7f4f4912d4e78d5a4696cbb6066a1fabaf866c0287e2e17ed7669f3ce027917a6ecef7ca6d7a5a49d1786061552402beb244d5867e7976c9d63e8aa7b1bd819838d4c2b6a55096d0deea97477c2e5782c477eff192701f4d7117110234d5f4339f9aeb65d2361a4668dc63c736cc3f0d176031920854d7216539564413676b69bd20bc0c5f461675eb2c25cec68f14835fc0f58577b3954a3d45c0e0d3c87ecb6860334a52900cb6cada240ff25f29714ab1855e5cc194be44173f32bd68b9b629987abacf0912a5e20e9ab95bd1bb69c2a8c5ac358ac5ee29a1b31edd032fd46b238b0b6c54d279cb05d29c76eeed40525d0aea60af4c348e83f2fbe5016ae9c84f3ac7c1d069439f2c4c5ca45708a904c54ec87716be43be92a930a1a70fb45a01fd014cf2637219db0350ee92eefd18351e52f8906dc2fca5c9da7dceca7914d0798c1afe0b9e0ddaeac7e06e5bfd296130cc4413a1cd2742e9ba566f9b35bfe033ef50c9a817cc7718c53a6faebadcef63d735ff5d8ab314a99dccecd31fdf00816d572a5f43a0f45f0a5664e5f5be91f5780bddc7cc7ef88e1bdede3bea3089255c989e5d247407995c17c69925a6c3133b79730849575917958031e3fd147cca2c4349f6826613852b8b9de1a5b9183dd4090de813f047fbab955560c2894d5835f5185105ea8849d18527c22bea615dfd4e87d7aedede534ca0bbc94adfc4faee5f380fbc3a7d40c927072cff1f83a3071ea963e783c233713f1c48a5b47cdbbd187c9b357a0fcd030cac3d2fbe5eb71ae8b819aae1997b70bb140e3953024e944cfa1d7bdc429e7460e41a7a3f2f1105b5d27a7c1c556a8e9b58acdb3c728415b3d17df853f2f8f024661b3abc1be2cbd242488f8e5bb408fccbea1d89d4a9d14180392f031385feb1cf9b9564b4970fd6cdf435822bac10b7d7fd2eca8158aac892aea6b7064ffa4a26610052208ab7cca7dbce4b9519ce321bfa38c09228e56193c97125bb105e51bf4efb5d560ed2812a6b5bcbcc57a882e6f79ec665248d2a1f83d3302606b23aa9e8c0938ed2dfe98a629e4bbb791d99f3f32a8c1dbbb09d4b4ea27902ee55abda3d040c552357aff3f653d369b00e31e0bd56878a3e6200315f55f62e8b9f52fa761b4e7a290137de5ab4d73d1e9a162c809843395a136fcb21d4a0c435e25fa85450865dfcaf33992eabffcf3e8385dbdde2c969e6d2e62f26199868a20ee5a401b1a07b3b0b2c62253c9b0d23aaa7342a653cb92d3fbe35b4625a81ac929bdbc9024298279261af5325d4ccfdf3cd8c48a075de40b20de25bf2106ce38c8f13c526800b4dacce7a5fd5e990c09669d56c10e0961fdb8174bfa845545a443dd0c6d72824696ee4cf1e7c95df58dd3b24df1e0beec355fce07e0c501ad6be0d78dcb630cbed206ae1ebf2dbce31e59076941949b8db6b6e46bed695d51780e4332999ed9f492533a59495fb90987e879fc74170c6817691a6766c6768953bac1386667eb56e376ff8455f9df1ca10e4b3bd0f58a6a02e2998d4453d210ea3c1d8486af9a13698ab476a00b2f400d6ae18f32425813c4be7435569294098658ab2caed666c71058c4a16a9dbdbd9e12b3e49b63e7c385377b7979f3c58002046d453e8b3e3c405f7d7e095fbd5f267b69a051c14812c749c7f2b3f7863415ee7d7f677df86e3f684786e68577afb8ed52bef01991410f17e4c62b3c8e290e50c7500183cc361e21dd9f43df3f95d571017ee40abc1f5aaff1dfe21901bde1aacd6ba43d2a2ee9a23e115f037fc3b8e960a97a7379976a5b30988a2f91bb87c1c0176f649c470a8034a04fa6baf9349acee7bfa2c1684bab8fd16ca510beeea3dd69b24a78f990290fcf23228cf01282293a25cdb93428856e3cb8575a4a404cacd74508e2b7699a88c271ff0b64e9897b4f2d488a551c3e3e9e9d313a159bca0db1cff8948d8ec4fdd9728d2d95eca5638194267a4ce8136eb900cc8677b3cdba1499820578d6021d27c7edc4af2265cd76c97221e0733c129bc916a21b842001afa9b7a0130601dcb2b2b0eb6e6d72ab5cabfe1c659ca15ba9206d10989e132e6ed8f7cd41f3d53a378fdb0fc8d382926ea4cd15a032027d23c5ecfa09be932d92a20d8d364675a4243c2ee8e1f9b96e58720121354ec8c7fe3265d2b78baa25b2127a27536352012ef6233c9a212517822579c59a0021cc2e25a5ec5e3d11a63b5942e85756979d769ac99a9e92a1f1ce497036ae595e30f09525cff7d1e910f49e318b8b3ad6a42d6a743a78a447b6ee6ce096996e4d06752ccf5084722dbc15ee073d1da8569787fe563bc1fe14c782c8db61abf7a82b63a0e816814faddec9e8807c5dc3e798c3b3dfe92885fe088a0a23ed075a7090617b9afdaeeb3fea532663858b6a27b2b2a7f956b08665b034f101ca65d17b36324447b971c6189f593312c52dbe6042c547dd2aaeaa52f7c9d1c0ba52796f4fb32b555c12cd40c7d1f9e30955ffb0808782824b208427347f54eb20557f0d67581bc263fecf7739d6d56a70619e964eae83aa158ba5dd6816cca4bb366b48182c6b854c4beae8751905f2b0e4bcddc1100e643ac1d03f8f8b4616624306477780909c867c495f0c950c749e2050977090f414e888e132938b6817c8f6e76b6f2e5dfb2fc23a655e26530928a11aa2ee551ce7c9841e40157bb8af6f88c93828042d0f152a64db7d79cd41d5f1d507774f862dd9280479e80397a1b4a4e33224501a0d2a297432d64d93eddb57a2e333016086fee738678f179cb1b9a2c9a8c650e4e10ef27a93177f2d868e5929ce55a9bf72dca5172a99337fad5fad402c1a4392cd55dd7b6466914cd7389155969617a1f0047e779ab791431bc37c92114b499d259ed04086d6dd36f4fe27565cc019080631d0707ad3e5d4f2d00c02f9406f1b9342b39ed34c410d99e6af0ca580a8077a4d20cd7d561ae61a93e2e63a0086fc086ef954fdd13299d44ca8b8ab6cb3af787d7f35b8b77f972da9ede91896a2f6c7cc733206e4a6058f6b2c48e89966529a9651e752e784a019a328c2e6d013fa08460696c57c6ebea107c52067aec3cdc8aea7cb56aac7e904ef2e4f06f70d745525ab12156e8635222def7b87608fc45486cf702b21422e2a8649a5a95960d0b10a7015f57c7d1fd9ce62f96130c5a61fa30c074216e05b8e3285015531f592d6f42c53f5f482b3fc0b2295d9efcd237bf5dadc83ee71b43adf9302e5f811b19e9ff0be62eeddf5c9a62da444c4f242f4d52435f0bac8de015ad0a28c8e0560c178f8e910d406f79a1f8e6d45bf874d4641ec06969d1d01c8ec5f1e5c59abfe648d1b60954e50fdf070939266c183084828f321887d251dba29ccb62003887612764df76f8f8dea078e488438c6194c0b5372519b1db14ac0c6d675611405eb9ee5813a5d6bec7750fd600583f7df7835c916452651c38520e40d0d98e73e5f5444f806d8ebb63c882440c6bf96ec215dde06dda6a0d69efe18145aebb6be8af417c034cf52754b57cba0eb93fe7547993629b12a71342d8e62989a21655dd4bb4908e785bbe321307f078c79a5b7226bfff8a63bf98b2468a1ee54ba2909da4ea56a0db2d1825e8f91827636e65898b085d7584e7a8a8eae6c70d56b94a8d450e750b84d70e74e6c5a839ef7364e773d679022834354b4564860bb88895154a224bd506d28eaf4395941f6b573fa9c03e304b61726926cc06d02a4deb05fa9a7186979f865b31a1ce17f28763a0c8fa8e3e7c8ca546480ba149141c4a7e2ad8ebff1469ddc2a4a3070d37cf60a1c8039bfb3fe917752060a33e39a060af3e7e72f1e141658ea97d2c89db87a4b96b7ddd47ab0be5782e3e5760d585c628cb3eed1110dc24ca566092b60fdf45108582045fe121b53f28eef7f8e87bca7f97d8d9fccee2d982fd5345483ff49e433258263155e914da5e7105ecf0d8486", 0x1000, 0x92e}, &(0x7f0000001880)={0x0, 0x0, 0x0, 0x1, 0x5b3, r0, &(0x7f0000001800)="d9d0edc8256c6aba861705f750bf79de39aa55accc4a7d00413fdedc24d3cc5c26eec725983bf4a167a5f51b5b12ee124769d1f2537ecb4e5a33c043b574ed840cb77b9acd08a0ccf79cd14cff9f4981d7014bf429ef7bc588e3bb", 0x5b, 0xff, 0x0, 0x0, r0}, &(0x7f0000001980)={0x0, 0x0, 0x0, 0x2, 0x4, r0, &(0x7f00000018c0)="7ebdbc02c2a92d2acbe9404c418a722efa451f76af98066022ac2a7396662ce0a0c212f93da73ea2805c7e07ca428c4f85127e9b202f47a3e5f23ff01e4fba42621be78844876a7b6aed4947892e0c50258fa371a877ec4ef5b8aeeb602dc666b1072c72d4e1752152e5e8a441577886c4ca2945dd5140ccd2c53f09f928c6f5ab87376405f7117f43734eb24efcf5887fd57e881034246410f67fa2295ff1", 0x9f, 0x1f}, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x6, 0x3ff, r7, &(0x7f0000001a80)="0fb00ff88b7c4306f3d83598c34f3bf085a3470005096052a0964d", 0x1b, 0x4, 0x0, 0x0, r8}, &(0x7f0000001c40)={0x0, 0x0, 0x0, 0x9, 0x7, r0, &(0x7f0000001b40)="8954bec7d6ff5c96cc2e797666f1a011d3d10ed57570ea8c1c7282075e65b8fb4b2a88f01857fadc667d3f215ce42b2944cc2b6fa41aa881f230259648fd5bb804545169582763a65934cbf52774346d39da3331d7060d807223c36bf10dba005d6edf2e7c49f5f56c6b89875a26ded5c1f4995f5bc495045b9896584b367225b7ae507bb60e2582e350129119884abaa9136e2345ec801328c55102f6b9e021bc7a93e2db2d55caae17da1d9f296252c897908fa36bd15c6a0b2b5f43f01eda", 0xc0, 0xa33, 0x0, 0x2, r9}]) clock_gettime(0x0, &(0x7f0000001d00)={0x0, 0x0}) semtimedop(0x0, &(0x7f0000001cc0)=[{0x5, 0x3f, 0x1800}, {0x4, 0x8000, 0x1800}, {0x0, 0x7, 0x1000}, {0x0, 0x80, 0x1000}, {0x3, 0x2b, 0x400}, {0x1, 0x200, 0x800}, {0x2, 0x2, 0x1800}], 0x7, &(0x7f0000001d40)={r10, r11+60000000}) sendmsg$unix(r9, &(0x7f0000002000)={&(0x7f0000001d80)=@abs={0x1, 0x0, 0x4e20}, 0x6e, &(0x7f0000001fc0)=[{&(0x7f0000001e00)="3babbb6a9f878c4bf55ae0b15404e5e8419dbd1a304981093d9fa2180109c30c889085646acb33ce", 0x28}, {&(0x7f0000001e40)="ed2feb6c4b2a3bc4aa7778be855033572b80946cdda9d30177e01299d7bda9ce427ec5ffb4dfb50148e9010c36f7198e8e555689578c0c7f7193b3833ebd0c104282f4a20d5c4cca1adf1f259d2c33daea62917da68fb5a41a0d42fb38b9a48484d9932f6be934fe9f9ab071c7d24c24796cd6f16abbcb59bdd24fd82eed58", 0x7f}, {&(0x7f0000001ec0)="c6bf580246699a9a598002f9f4756281333e450f6f86c1ad59fde7d9a60e921c41edb78a28cd1d7108a089c9dc8e0be31fa3cc7c21f8b83b69137bb95ea59d76ef4aad279ce97bd38b8637799e4ccef94840186ea2ec77212119ea58aa133c714093593c64700c6d95416d6db1d5749330313ab3efb59738d072e45b063633a8a4759568f29bb0c4aebc51a9fd7abf324c11a6fb8948e3958ac6ac9061c149ae653e0a51b49c6af0df181288ea330aa4a388c05f54a20ffa6ea4", 0xba}, {&(0x7f0000001f80)}], 0x4, 0x0, 0x0, 0x24040080}, 0x8000) pselect6(0x40, &(0x7f0000002040)={0x2, 0x100000000, 0x2, 0x7, 0x5, 0x8, 0x7f14}, &(0x7f0000002080)={0x1, 0x6, 0xff, 0x8, 0x7, 0x800, 0x7fff, 0x1b69}, &(0x7f00000020c0)={0x1000, 0x0, 0xfff, 0x8, 0x8000, 0x5c8, 0x2, 0x20}, &(0x7f0000002100), &(0x7f0000002180)={&(0x7f0000002140)={[0x7]}, 0x8}) clock_gettime(0x0, &(0x7f00000021c0)) 11:37:57 executing program 1: setsockopt$bt_BT_SNDMTU(0xffffffffffffffff, 0x112, 0xc, &(0x7f0000000000)=0x1f, 0x2) r0 = epoll_create1(0x80000) lseek(r0, 0x1000, 0x4) r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000080)={0x4, &(0x7f0000000040)=[{0x1, 0x0, 0x1, 0x4}, {0x8001, 0x3, 0x0, 0x7}, {0x8, 0x0, 0x80, 0x3}, {0x5, 0x3f, 0xb3, 0x2}]}) ioctl$F2FS_IOC_RESERVE_COMPRESS_BLOCKS(r2, 0x8008f513, &(0x7f00000000c0)) ioctl$sock_SIOCSIFBR(r1, 0x8941, &(0x7f0000000140)=@add_del={0x2, &(0x7f0000000100)='syz_tun\x00'}) ioctl$AUTOFS_DEV_IOCTL_READY(0xffffffffffffffff, 0xc0189376, &(0x7f0000000180)={{0x1, 0x1, 0x18, r2, {0x9}}, './file0\x00'}) r4 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_CHANNELS_GET(r3, &(0x7f00000002c0)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x76dd7ba29c05c3e7}, 0xc, &(0x7f0000000280)={&(0x7f0000000240)={0x2c, r4, 0x800, 0x70bd28, 0x25dfdbfd, {}, [@HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'team0\x00'}]}]}, 0x2c}, 0x1, 0x0, 0x0, 0x1010}, 0x810) ioctl$SECCOMP_IOCTL_NOTIF_ID_VALID(r2, 0x40082102, &(0x7f0000000300)) r5 = epoll_create1(0x0) ioctl$FS_IOC_GETFSMAP(r2, 0xc0c0583b, &(0x7f0000000340)={0x0, 0x0, 0x3, 0x0, '\x00', [{0x1, 0x1d4, 0x1f, 0x2, 0xedbd, 0x3}, {0xff, 0x0, 0x7, 0x8, 0x80, 0xff}], ['\x00', '\x00', '\x00']}) sendmsg$NBD_CMD_CONNECT(0xffffffffffffffff, &(0x7f0000000580)={&(0x7f00000004c0)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000540)={&(0x7f0000000500)={0x2c, 0x0, 0x1, 0x70bd28, 0x25dfdbfc, {}, [@NBD_ATTR_CLIENT_FLAGS={0xc}, @NBD_ATTR_CLIENT_FLAGS={0xc, 0x6, 0x2}]}, 0x2c}, 0x1, 0x0, 0x0, 0x4000000}, 0x4000000) r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000600), r3) sendmsg$NL80211_CMD_PROBE_CLIENT(r3, &(0x7f0000000700)={&(0x7f00000005c0)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f00000006c0)={&(0x7f0000000640)={0x74, r6, 0x300, 0x70bd25, 0x25dfdbfe, {{}, {@void, @val={0xc, 0x99, {0x8, 0x42}}}}, [@NL80211_ATTR_MAC={0xa, 0x6, @broadcast}, @NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_MAC={0xa, 0x6, @broadcast}, @NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_MAC={0xa, 0x6, @broadcast}]}, 0x74}}, 0x4048804) r7 = pidfd_getfd(r3, r5, 0x0) ioctl$HCIINQUIRY(r7, 0x800448f0, &(0x7f0000000740)={0x4, 0x40, "710300", 0x3f, 0x81}) close(r2) sendmsg$DEVLINK_CMD_SB_TC_POOL_BIND_GET(0xffffffffffffffff, &(0x7f0000000a00)={&(0x7f00000007c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f00000009c0)={&(0x7f0000000800)={0x1bc, 0x0, 0x200, 0x70bd25, 0x25dfdbfe, {}, [{{@pci={{0x8}, {0x11}}, {0x8, 0x3, 0x2}}, {0x8, 0xb, 0x15ac}, {0x6, 0x16, 0x3}, {0x5, 0x12, 0x1}}, {{@pci={{0x8}, {0x11}}, {0x8, 0x3, 0x1}}, {0x8}, {0x6, 0x16, 0xfff}, {0x5}}, {{@pci={{0x8}, {0x11}}, {0x8, 0x3, 0x1}}, {0x8, 0xb, 0x4f}, {0x6, 0x16, 0x1ff}, {0x5}}, {{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x3, 0x2}}, {0x8, 0xb, 0x3}, {0x6, 0x16, 0xe381}, {0x5}}, {{@pci={{0x8}, {0x11}}, {0x8, 0x3, 0x2}}, {0x8, 0xb, 0xc5}, {0x6, 0x16, 0x4}, {0x5, 0x12, 0x1}}, {{@pci={{0x8}, {0x11}}, {0x8, 0x3, 0x2}}, {0x8, 0xb, 0x401}, {0x6, 0x16, 0x8}, {0x5}}, {{@pci={{0x8}, {0x11}}, {0x8, 0x3, 0x3}}, {0x8, 0xb, 0x3}, {0x6, 0x16, 0x9b}, {0x5, 0x12, 0x1}}]}, 0x1bc}, 0x1, 0x0, 0x0, 0xc000}, 0x24000000) 11:37:57 executing program 4: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) recvmsg(r0, &(0x7f0000001500)={&(0x7f0000000000)=@can={0x1d, 0x0}, 0x80, &(0x7f0000001440)=[{&(0x7f0000000080)=""/25, 0x19}, {&(0x7f00000000c0)=""/20, 0x14}, {&(0x7f0000000100)=""/157, 0x9d}, {&(0x7f00000001c0)=""/4096, 0x1000}, {&(0x7f00000011c0)=""/252, 0xfc}, {&(0x7f00000012c0)=""/160, 0xa0}, {&(0x7f0000001380)=""/76, 0x4c}, {&(0x7f0000001400)=""/4, 0x4}], 0x8, &(0x7f00000014c0)=""/35, 0x23}, 0x2000) ioctl$FS_IOC_SETVERSION(r0, 0x40087602, &(0x7f0000001540)=0x4) r2 = openat$vcsu(0xffffffffffffff9c, &(0x7f0000001580), 0x0, 0x0) sendmsg$nl_xfrm(r2, &(0x7f0000001680)={&(0x7f00000015c0), 0xc, &(0x7f0000001640)={&(0x7f0000001600)=@newspdinfo={0x24, 0x24, 0x400, 0x70bd27, 0x25dfdbfe, 0x1, [@XFRMA_SPD_IPV6_HTHRESH={0x6}, @XFRMA_SPD_IPV6_HTHRESH={0x6}]}, 0x24}, 0x1, 0x0, 0x0, 0xd0}, 0x1) ioctl$AUTOFS_DEV_IOCTL_FAIL(0xffffffffffffffff, 0xc0189377, &(0x7f00000016c0)={{0x1, 0x1, 0x18, r0, {0x3, 0x53bd761f}}, './file0\x00'}) fcntl$notify(r3, 0x402, 0x4) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000001740)={'batadv0\x00', 0x0}) r5 = accept$packet(r2, &(0x7f0000001780)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @multicast}, &(0x7f00000017c0)=0x14) ioctl$sock_ipv6_tunnel_SIOCDEL6RD(r2, 0x89fa, &(0x7f0000001880)={'ip6tnl0\x00', &(0x7f0000001800)={'syztnl1\x00', r1, 0x4, 0x20, 0x3, 0x29, 0x0, @remote, @dev={0xfe, 0x80, '\x00', 0x28}, 0x7800, 0x7800, 0x1ff}}) sendmsg$ETHTOOL_MSG_RINGS_GET(r3, &(0x7f0000001a40)={&(0x7f0000001700)={0x10, 0x0, 0x0, 0x20800}, 0xc, &(0x7f0000001a00)={&(0x7f00000018c0)={0x10c, 0x0, 0x4, 0x70bd26, 0x25dfdbfb, {}, [@HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r4}]}, @HEADER={0x28, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r1}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'hsr0\x00'}]}, @HEADER={0x1c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r1}]}, @HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r1}]}, @HEADER={0x20, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r6}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_virt_wifi\x00'}]}, @HEADER={0x7c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r1}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r1}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r1}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r7}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'bond_slave_1\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'gre0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'syzkaller0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'dummy0\x00'}]}]}, 0x10c}, 0x1, 0x0, 0x0, 0x20040044}, 0x20000000) ioctl$FITRIM(r2, 0xc0185879, &(0x7f0000001a80)={0x4, 0x8, 0xe46}) r8 = creat(&(0x7f0000001ac0)='./file0\x00', 0x6b) lseek(r8, 0x800, 0x0) ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(r8, 0xc018937e, &(0x7f0000001b00)={{0x1, 0x1, 0x18, r5, @out_args}, './file0\x00'}) getsockname(r3, &(0x7f0000001b80)=@can={0x1d, 0x0}, &(0x7f0000001c00)=0x80) accept$packet(r2, &(0x7f0000001c40)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000001c80)=0x14) sendmsg$ETHTOOL_MSG_PAUSE_GET(r9, &(0x7f0000001e40)={&(0x7f0000001b40), 0xc, &(0x7f0000001e00)={&(0x7f0000001cc0)={0x11c, 0x0, 0x1, 0x70bd2c, 0x25dfdbff, {}, [@HEADER={0x2c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'wg0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'ip6gre0\x00'}]}, @HEADER={0x5c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'ipvlan0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_virt_wifi\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r6}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r10}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r6}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r11}]}, @HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}, @HEADER={0x50, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'wg1\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'batadv_slave_0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}]}, @HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}]}, @HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'syzkaller1\x00'}]}]}, 0x11c}, 0x1, 0x0, 0x0, 0x4}, 0x44000094) ioctl$AUTOFS_DEV_IOCTL_READY(r3, 0xc0189376, &(0x7f0000001e80)={{0x1, 0x1, 0x18, r3, {0x4}}, './file0\x00'}) ioctl$sock_netdev_private(r12, 0x89f0, &(0x7f0000001ec0)="e02d59e11985bbdc0a25a5201a305cb69fdf8bfc0eae75f221355d3c153c80b48c74e2cc70979418fb0a68f5fc4d34ffb0c1fa97ae58c56fbaf8d6e81816d1fa56f3b28612799a51bb571ca549c1317479d4453ab29b7b4fafef6a7a0c792b698ac7d70a1c905be647f760c8245445b4782afc924368b8fc7c98137f7630e90ec16238e1eab4ae248c0fc2daf680b30236d944b0445c3d62372e6684c63ce834177dc0858a29e8d055b78fc4e83ad73579f867433244206bbafff2c9e516951f518e7f754d22d227d08532a95639c3f46dca7e979b") 11:37:57 executing program 2: r0 = syz_io_uring_setup(0x24bb, &(0x7f0000000000)={0x0, 0x74ee, 0x1, 0x1, 0x214}, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000000080)=0x0, &(0x7f00000000c0)) io_uring_register$IORING_UNREGISTER_PERSONALITY(0xffffffffffffffff, 0xa, 0x0, 0x0) r2 = syz_io_uring_setup(0x12b1, &(0x7f0000000100)={0x0, 0xaa6b, 0x8, 0x2, 0x1e9}, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000180), &(0x7f00000001c0)=0x0) r4 = syz_io_uring_setup(0x25b, &(0x7f0000000200)={0x0, 0x78a3, 0x2, 0x3, 0x3d5, 0x0, r0}, &(0x7f0000c00000/0x400000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000280)=0x0, &(0x7f00000002c0)) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000300)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0xee00, 0xffffffffffffffff}}, './file0\x00'}) syz_io_uring_submit(r5, r3, &(0x7f0000001900)=@IORING_OP_RECVMSG={0xa, 0x2, 0x0, r6, 0x0, &(0x7f00000018c0)={&(0x7f0000000340)=@l2={0x1f, 0x0, @none}, 0x80, &(0x7f00000017c0)=[{&(0x7f00000003c0)=""/106, 0x6a}, {&(0x7f0000000440)}, {&(0x7f0000000480)=""/204, 0xcc}, {&(0x7f0000000580)=""/233, 0xe9}, {&(0x7f0000000680)=""/4096, 0x1000}, {&(0x7f0000001680)=""/55, 0x37}, {&(0x7f00000016c0)=""/244, 0xf4}], 0x7, &(0x7f0000001840)=""/99, 0x63}, 0x0, 0x2000, 0x1, {0x1}}, 0xe77) r7 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000001940)='/sys/module/blk_cgroup', 0x501881, 0x20) io_uring_register$IORING_REGISTER_BUFFERS(r4, 0x0, &(0x7f0000002bc0)=[{&(0x7f0000001980)=""/162, 0xa2}, {&(0x7f0000001a40)=""/43, 0x2b}, {&(0x7f0000001a80)=""/101, 0x65}, {&(0x7f0000001b00)=""/164, 0xa4}, {&(0x7f0000001bc0)=""/4096, 0x1000}], 0x5) r8 = openat$zero(0xffffffffffffff9c, &(0x7f0000002c40), 0x12d880, 0x0) ioctl$AUTOFS_DEV_IOCTL_CATATONIC(r7, 0xc0189379, &(0x7f0000002c80)={{0x1, 0x1, 0x18, r0}, './file0\x00'}) io_uring_register$IORING_REGISTER_FILES(r8, 0x2, &(0x7f0000002cc0)=[r9, r7, r6], 0x3) syz_io_uring_setup(0x6fc, &(0x7f0000002d00)={0x0, 0xa32d, 0x0, 0x1, 0x12, 0x0, r4}, &(0x7f0000da1000/0x3000)=nil, &(0x7f0000ebd000/0x2000)=nil, &(0x7f0000002d80), &(0x7f0000002dc0)=0x0) r11 = io_uring_register$IORING_REGISTER_PERSONALITY(r6, 0x9, 0x0, 0x0) syz_io_uring_submit(r1, r10, &(0x7f0000002e00)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x2, 0x0, @fd=r2, 0xb22, 0x0, 0x5, 0x0, 0x1, {0x0, r11}}, 0x8) accept4(r7, &(0x7f0000002e40)=@un=@abs, &(0x7f0000002ec0)=0x80, 0x80800) recvmsg(0xffffffffffffffff, &(0x7f0000002fc0)={&(0x7f0000002f00)=@in6={0xa, 0x0, 0x0, @loopback}, 0x80, &(0x7f0000002f80)}, 0x0) io_uring_register$IORING_UNREGISTER_PERSONALITY(r7, 0xa, 0x0, 0x0) io_uring_register$IORING_REGISTER_PERSONALITY(r7, 0x9, 0x0, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000e06000/0x2000)=nil, 0x2000, 0x5, 0x2010, r7, 0x0) faccessat(r9, &(0x7f0000003000)='./file0\x00', 0x1) 11:37:57 executing program 5: shmctl$SHM_LOCK(0x0, 0xb) shmctl$IPC_STAT(0xffffffffffffffff, 0x2, &(0x7f0000000000)=""/102) shmat(0x0, &(0x7f0000ffe000/0x1000)=nil, 0x2000) shmctl$IPC_RMID(0xffffffffffffffff, 0x0) r0 = shmget$private(0x0, 0x2000, 0x10, &(0x7f0000ffe000/0x2000)=nil) r1 = shmget(0x2, 0x2000, 0x54000000, &(0x7f0000ffe000/0x2000)=nil) shmctl$IPC_STAT(r1, 0x2, &(0x7f0000000080)=""/50) shmat(r1, &(0x7f0000ffa000/0x4000)=nil, 0x1000) shmat(r0, &(0x7f0000ffd000/0x2000)=nil, 0x5000) shmctl$SHM_UNLOCK(r1, 0xc) shmat(r0, &(0x7f0000ffb000/0x1000)=nil, 0x2000) shmctl$IPC_RMID(r1, 0x0) r2 = shmget$private(0x0, 0x4000, 0x54000000, &(0x7f0000ffa000/0x4000)=nil) ioctl$NS_GET_OWNER_UID(0xffffffffffffffff, 0xb704, &(0x7f00000000c0)=0x0) getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000100)={{{@in=@empty, @in6=@mcast1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6}, 0x0, @in=@initdev}}, &(0x7f0000000200)=0xe8) r5 = fcntl$getown(0xffffffffffffffff, 0x9) shmctl$IPC_SET(r2, 0x1, &(0x7f0000000240)={{0x3, r3, 0x0, r4, 0x0, 0x110, 0x6}, 0x2, 0x400, 0x1f, 0x0, 0x0, r5, 0x3}) shmat(r1, &(0x7f0000ffc000/0x3000)=nil, 0x0) mbind(&(0x7f0000ffb000/0x2000)=nil, 0x2000, 0x4000, &(0x7f00000002c0)=0x6, 0x1, 0x4) shmctl$IPC_STAT(r2, 0x2, &(0x7f0000000300)=""/181) [ 66.899713] audit: type=1400 audit(1664883477.365:6): avc: denied { execmem } for pid=286 comm="syz-executor.0" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1 11:37:57 executing program 6: r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='net/ip_vs\x00') ioctl$EVIOCSABS0(r0, 0x401845c0, &(0x7f0000000040)={0x7f, 0x4, 0x8, 0xf5, 0x3, 0x3}) getpeername$packet(r0, &(0x7f0000000140)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @remote}, &(0x7f0000000180)=0x14) sendmsg$BATADV_CMD_GET_MESH(0xffffffffffffffff, &(0x7f0000000280)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x4c, 0x0, 0x10, 0x70bd2d, 0x25dfdbfc, {}, [@BATADV_ATTR_MULTICAST_FORCEFLOOD_ENABLED={0x5}, @BATADV_ATTR_DISTRIBUTED_ARP_TABLE_ENABLED={0x5, 0x2f, 0x1}, @BATADV_ATTR_ISOLATION_MASK={0x8, 0x2c, 0x2}, @BATADV_ATTR_VLANID={0x6, 0x28, 0x2}, @BATADV_ATTR_AGGREGATED_OGMS_ENABLED={0x5}, @BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r1}, @BATADV_ATTR_ELP_INTERVAL={0x8, 0x3a, 0x2}]}, 0x4c}, 0x1, 0x0, 0x0, 0xd4}, 0x8004) r2 = openat$snapshot(0xffffffffffffff9c, &(0x7f00000002c0), 0x800, 0x0) ioctl$F2FS_IOC_GET_PIN_FILE(r2, 0x8004f50e, &(0x7f0000000300)) io_uring_register$IORING_UNREGISTER_BUFFERS(r0, 0x1, 0x0, 0x0) socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}) fsconfig$FSCONFIG_SET_FD(r0, 0x5, &(0x7f0000000340)='/dev/snapshot\x00', 0x0, r3) connect(r0, &(0x7f00000003c0)=@l2tp6={0xa, 0x0, 0x2, @mcast2, 0xfff}, 0x80) write$binfmt_aout(r2, &(0x7f0000000440)={{0x108, 0xff, 0x5, 0x1a1, 0x112, 0x7, 0x1c3, 0x100}, "2c1a9acfada2ebc257f33f954a97fc39851dec95b8418fa802b1210085d4ff851cd3dac2876b785328efba90d8effdb6e8c2c1889e4f3e7a71a5fe2171d7cbe9d6eb3e13a5240851a3571d5f3323536f4bc866070ba5b92f44c34db8a74fe082be0f201377064c346bca652a1e3fcf722406b97bf01493665d", ['\x00', '\x00', '\x00', '\x00']}, 0x499) ioctl$PIO_FONT(r0, 0x4b61, &(0x7f0000000900)="0690d5b24e3aefbddc4ceffd98ba89841a7b7e4f4ad8d55486488e7cbc11c75bf73692f051cc95690c0f1092b2af2c61890722d2ed71ede41014f08a2212e273136704cb3e9e612947d81bff2b8189618ccd1d2bd01a9ee7862e96bf142ffa658ed521f69f40be8d39b418c0898b11f8e0f4481158d98aca17c734c3541d75245827300d6fe39345ec50a6c0aec59ca85e4da09e0a1428129bcd58a03b60ed8304a2e01ff22401c2007105990d43f84e70ad34a4b0011dc5c0f1656e884f3f94b089f29edfe6720d612bb7dd25dc79346ad868f68668d6c0800b62b555e47b02cdb784d8ee7037160e4c00b54c459b57bd848f39") ioctl$AUTOFS_IOC_SETTIMEOUT(r0, 0x80049367, &(0x7f0000000a00)=0x2) sendmsg$IPSET_CMD_TEST(0xffffffffffffffff, &(0x7f0000000bc0)={&(0x7f0000000a40)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000b80)={&(0x7f0000000a80)={0xf8, 0xb, 0x6, 0x301, 0x0, 0x0, {0x5, 0x0, 0x3}, [@IPSET_ATTR_ADT={0x10, 0x8, 0x0, 0x1, [{0xc, 0x7, 0x0, 0x1, @IPSET_ATTR_SKBQUEUE={0x6}}]}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_LINENO={0x8, 0x9, 0x1, 0x0, 0x101}, @IPSET_ATTR_ADT={0x8c, 0x8, 0x0, 0x1, [{0x10, 0x7, 0x0, 0x1, @IPSET_ATTR_IP2={0xc, 0x14, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @rand_addr=0x64010101}}}, {0x1c, 0x7, 0x0, 0x1, @IPSET_ATTR_IP_TO={0x18, 0x2, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV6={0x14, 0x2, 0x1, 0x0, @empty}}}, {0xc, 0x7, 0x0, 0x1, @IPSET_ATTR_SKBQUEUE={0x6, 0x1d, 0x1, 0x0, 0x2c56}}, {0xc, 0x7, 0x0, 0x1, @IPSET_ATTR_TIMEOUT={0x8, 0x6, 0x1, 0x0, 0x8000}}, {0xc, 0x7, 0x0, 0x1, @IPSET_ATTR_TIMEOUT={0x8, 0x6, 0x1, 0x0, 0xb9c4}}, {0x10, 0x7, 0x0, 0x1, @IPSET_ATTR_IP2={0xc, 0x14, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @dev={0xac, 0x14, 0x14, 0x2e}}}}, {0xc, 0x7, 0x0, 0x1, @IPSET_ATTR_PROTO={0x5, 0x7, 0x92}}, {0x10, 0x7, 0x0, 0x1, @IPSET_ATTR_BYTES={0xc}}, {0xc, 0x7, 0x0, 0x1, @IPSET_ATTR_PORT_TO={0x6, 0x5, 0x1, 0x0, 0x4e23}}]}, @IPSET_ATTR_ADT={0x38, 0x8, 0x0, 0x1, [{0xc, 0x7, 0x0, 0x1, @IPSET_ATTR_SKBPRIO={0x8, 0x1c, 0x1, 0x0, 0x1449}}, {0xc, 0x7, 0x0, 0x1, @IPSET_ATTR_SKBQUEUE={0x6, 0x1d, 0x1, 0x0, 0x4d}}, {0xc, 0x7, 0x0, 0x1, @IPSET_ATTR_COMMENT={0x5, 0x1a, '\x00'}}, {0x10, 0x7, 0x0, 0x1, @IPSET_ATTR_IP_TO={0xc, 0x2, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @dev={0xac, 0x14, 0x14, 0x2d}}}}]}]}, 0xf8}, 0x1, 0x0, 0x0, 0x40000}, 0x4000000) ioctl$TIOCGSID(r0, 0x5429, &(0x7f0000000c00)=0x0) r6 = openat$cgroup_int(r0, &(0x7f0000000c40)='hugetlb.1GB.limit_in_bytes\x00', 0x2, 0x0) kcmp(r5, 0xffffffffffffffff, 0x4, r6, r0) ioctl$AUTOFS_DEV_IOCTL_READY(r0, 0xc0189376, &(0x7f0000000c80)={{0x1, 0x1, 0x18, r0, {0x1}}, './file0\x00'}) ioctl$AUTOFS_IOC_SETTIMEOUT(r7, 0x80049367, &(0x7f0000000cc0)=0x7) mount$9p_fd(0x0, &(0x7f0000000d00)='./file0\x00', &(0x7f0000000d40), 0x40020, &(0x7f0000000d80)={'trans=fd,', {}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[{@cache_mmap}, {@version_9p2000}, {@posixacl}], [{@defcontext={'defcontext', 0x3d, 'staff_u'}}]}}) [ 68.173642] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 68.175535] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 68.177484] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 68.179396] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 68.181071] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 68.182345] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 68.186191] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 68.187380] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 68.189218] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 68.191001] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 68.192248] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 68.197316] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 68.222421] Bluetooth: hci0: HCI_REQ-0x0c1a [ 68.258667] Bluetooth: hci1: HCI_REQ-0x0c1a [ 68.269185] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 68.272387] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 68.274469] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 68.278393] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 68.280969] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 68.283847] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 68.288833] Bluetooth: hci3: HCI_REQ-0x0c1a [ 68.289045] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 68.291374] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 68.293874] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 68.295295] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 68.304081] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 68.305636] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 68.306795] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 68.311034] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 68.312058] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 68.312174] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 68.314663] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 68.315967] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 68.316875] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 68.319054] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 68.319174] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 68.321244] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 68.321337] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 68.322395] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 68.328358] Bluetooth: hci4: HCI_REQ-0x0c1a [ 68.334030] Bluetooth: hci2: HCI_REQ-0x0c1a [ 68.345157] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 68.353883] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 68.356923] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 68.358439] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 68.360020] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 68.364672] Bluetooth: hci6: HCI_REQ-0x0c1a [ 68.383102] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 68.384917] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 68.391949] Bluetooth: hci7: HCI_REQ-0x0c1a [ 68.423956] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 68.429656] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 68.435839] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 68.450289] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 68.460685] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 68.566786] Bluetooth: hci5: HCI_REQ-0x0c1a [ 70.312975] Bluetooth: hci3: command 0x0409 tx timeout [ 70.313701] Bluetooth: hci1: command 0x0409 tx timeout [ 70.314202] Bluetooth: hci0: command 0x0409 tx timeout [ 70.377051] Bluetooth: hci6: command 0x0409 tx timeout [ 70.377664] Bluetooth: hci2: command 0x0409 tx timeout [ 70.378154] Bluetooth: hci4: command 0x0409 tx timeout [ 70.440652] Bluetooth: hci7: command 0x0409 tx timeout [ 70.632652] Bluetooth: hci5: command 0x0409 tx timeout [ 72.360654] Bluetooth: hci0: command 0x041b tx timeout [ 72.361114] Bluetooth: hci1: command 0x041b tx timeout [ 72.361510] Bluetooth: hci3: command 0x041b tx timeout [ 72.424626] Bluetooth: hci4: command 0x041b tx timeout [ 72.425065] Bluetooth: hci2: command 0x041b tx timeout [ 72.425450] Bluetooth: hci6: command 0x041b tx timeout [ 72.488596] Bluetooth: hci7: command 0x041b tx timeout [ 72.680589] Bluetooth: hci5: command 0x041b tx timeout [ 74.408613] Bluetooth: hci3: command 0x040f tx timeout [ 74.409079] Bluetooth: hci1: command 0x040f tx timeout [ 74.409474] Bluetooth: hci0: command 0x040f tx timeout [ 74.472659] Bluetooth: hci6: command 0x040f tx timeout [ 74.473120] Bluetooth: hci2: command 0x040f tx timeout [ 74.473520] Bluetooth: hci4: command 0x040f tx timeout [ 74.536677] Bluetooth: hci7: command 0x040f tx timeout [ 74.728686] Bluetooth: hci5: command 0x040f tx timeout [ 76.456616] Bluetooth: hci0: command 0x0419 tx timeout [ 76.457085] Bluetooth: hci1: command 0x0419 tx timeout [ 76.457498] Bluetooth: hci3: command 0x0419 tx timeout [ 76.520683] Bluetooth: hci4: command 0x0419 tx timeout [ 76.521137] Bluetooth: hci2: command 0x0419 tx timeout [ 76.521932] Bluetooth: hci6: command 0x0419 tx timeout [ 76.584700] Bluetooth: hci7: command 0x0419 tx timeout [ 76.776636] Bluetooth: hci5: command 0x0419 tx timeout 11:38:53 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) r2 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000100), 0x0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f00000001c0)={0x5, 0x7, 0x1, 'queue0\x00', 0x7fff}) ioctl$SNDRV_SEQ_IOCTL_GET_CLIENT_POOL(r2, 0x40505331, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x6}) creat(&(0x7f0000000040)='./file1\x00', 0x8) pwritev(r1, &(0x7f0000000080)=[{&(0x7f0000000140)='\x00', 0x1a}], 0x1, 0x7fffffc, 0x0) openat(r0, &(0x7f0000000000)='./file1\x00', 0x40000, 0x40) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0xf0417, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x5, 0x7}, 0x0, 0x0, 0x0, 0x9}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa) [ 123.369256] audit: type=1400 audit(1664883533.835:7): avc: denied { open } for pid=3790 comm="syz-executor.6" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 11:38:53 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) pwritev(r1, &(0x7f0000000080)=[{&(0x7f0000000140)='\x00', 0x1a}], 0x1, 0x7fffffc, 0x0) perf_event_open(&(0x7f0000000280)={0x3, 0x80, 0x0, 0x0, 0xa2, 0x0, 0x0, 0x20000000000002, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext={0xfffffffffffffffe}, 0x0, 0xfffffffffffffff9, 0x2, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r0, 0x0, 0x100000) r2 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000180), 0x2000, 0x0) syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), r2) r3 = fcntl$dupfd(0xffffffffffffffff, 0x406, 0xffffffffffffffff) setsockopt$inet6_IPV6_PKTINFO(0xffffffffffffffff, 0x29, 0x1b, &(0x7f0000000000)={@mcast1}, 0x14) getsockname$packet(r2, &(0x7f00000001c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000200)=0x14) ioctl$sock_ipv6_tunnel_SIOCCHG6RD(r1, 0x89fb, &(0x7f0000000240)={'ip6gre0\x00', &(0x7f0000000300)={'syztnl2\x00', 0x0, 0x4, 0xfe, 0x40, 0x5, 0x32, @ipv4={'\x00', '\xff\xff', @rand_addr=0x64010102}, @initdev={0xfe, 0x88, '\x00', 0x2, 0x0}, 0x1, 0x7800, 0x10001}}) socket$inet6_udp(0xa, 0x2, 0x0) socket$nl_audit(0x10, 0x3, 0x9) setsockopt$inet6_IPV6_PKTINFO(0xffffffffffffffff, 0x29, 0x1b, &(0x7f0000000000)={@dev={0xfe, 0x80, '\x00', 0xfd}}, 0x14) open_by_handle_at(0xffffffffffffffff, &(0x7f0000000600)=ANY=[], 0x0) getsockopt$inet_IP_XFRM_POLICY(r3, 0x0, 0x11, &(0x7f0000000480)={{{@in=@local, @in=@loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{}, 0x0, @in=@empty}}, &(0x7f0000000600)=0xe8) ioctl$sock_ipv6_tunnel_SIOCCHG6RD(0xffffffffffffffff, 0x89fb, &(0x7f00000003c0)={'sit0\x00', &(0x7f0000000580)={'syztnl2\x00', r4, 0x4, 0x3f, 0x0, 0x8000, 0x60, @loopback, @private0={0xfc, 0x0, '\x00', 0x1}, 0x80, 0x80, 0xf5, 0x100}}) r5 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x2080000001}, 0x0, 0x7ff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000400)={0x3, 0x80, 0x6, 0x5, 0x1, 0x3f, 0x0, 0x3ff, 0x50000, 0x4, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x2, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x3b, 0x1, @perf_config_ext={0x1, 0x7fff}, 0xa8, 0x1, 0x20, 0x0, 0x0, 0x7fffffff, 0x9, 0x0, 0x4, 0x0, 0xdeb}, 0x0, 0xd, r5, 0x3) [ 123.605152] audit: type=1400 audit(1664883534.071:8): avc: denied { kernel } for pid=3802 comm="syz-executor.6" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 [ 123.633864] ------------[ cut here ]------------ [ 123.633899] [ 123.633905] ====================================================== [ 123.633909] WARNING: possible circular locking dependency detected [ 123.633914] 6.0.0-rc7-next-20220930 #1 Not tainted [ 123.633924] ------------------------------------------------------ [ 123.633928] syz-executor.6/3803 is trying to acquire lock: [ 123.633939] ffffffff853faab8 ((console_sem).lock){....}-{2:2}, at: down_trylock+0xe/0x70 [ 123.633994] [ 123.633994] but task is already holding lock: [ 123.633997] ffff88800e804820 (&ctx->lock){....}-{2:2}, at: __perf_event_task_sched_out+0x53b/0x18d0 [ 123.634033] [ 123.634033] which lock already depends on the new lock. [ 123.634033] [ 123.634036] [ 123.634036] the existing dependency chain (in reverse order) is: [ 123.634041] [ 123.634041] -> #3 (&ctx->lock){....}-{2:2}: [ 123.634059] _raw_spin_lock+0x2a/0x40 [ 123.634073] __perf_event_task_sched_out+0x53b/0x18d0 [ 123.634088] __schedule+0xedd/0x2470 [ 123.634105] schedule+0xda/0x1b0 [ 123.634121] exit_to_user_mode_prepare+0x114/0x1a0 [ 123.634136] syscall_exit_to_user_mode+0x19/0x40 [ 123.634153] do_syscall_64+0x48/0x90 [ 123.634175] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 123.634191] [ 123.634191] -> #2 (&rq->__lock){-.-.}-{2:2}: [ 123.634209] _raw_spin_lock_nested+0x30/0x40 [ 123.634222] raw_spin_rq_lock_nested+0x1e/0x30 [ 123.634239] task_fork_fair+0x63/0x4d0 [ 123.634261] sched_cgroup_fork+0x3d0/0x540 [ 123.634280] copy_process+0x4183/0x6e20 [ 123.634294] kernel_clone+0xe7/0x890 [ 123.634306] user_mode_thread+0xad/0xf0 [ 123.634318] rest_init+0x24/0x250 [ 123.634333] arch_call_rest_init+0xf/0x14 [ 123.634357] start_kernel+0x4c6/0x4eb [ 123.634377] secondary_startup_64_no_verify+0xe0/0xeb [ 123.634393] [ 123.634393] -> #1 (&p->pi_lock){-.-.}-{2:2}: [ 123.634409] _raw_spin_lock_irqsave+0x39/0x60 [ 123.634421] try_to_wake_up+0xab/0x1930 [ 123.634435] up+0x75/0xb0 [ 123.634451] __up_console_sem+0x6e/0x80 [ 123.634469] console_unlock+0x46a/0x590 [ 123.634487] vprintk_emit+0x1bd/0x560 [ 123.634505] vprintk+0x84/0xa0 [ 123.634523] _printk+0xba/0xf1 [ 123.634536] regdb_fw_cb.cold+0x6c/0xa7 [ 123.634555] request_firmware_work_func+0x12e/0x240 [ 123.634578] process_one_work+0xa17/0x16a0 [ 123.634598] worker_thread+0x637/0x1260 [ 123.634618] kthread+0x2ed/0x3a0 [ 123.634635] ret_from_fork+0x22/0x30 [ 123.634650] [ 123.634650] -> #0 ((console_sem).lock){....}-{2:2}: [ 123.634666] __lock_acquire+0x2a02/0x5e70 [ 123.634686] lock_acquire+0x1a2/0x530 [ 123.634705] _raw_spin_lock_irqsave+0x39/0x60 [ 123.634717] down_trylock+0xe/0x70 [ 123.634734] __down_trylock_console_sem+0x3b/0xd0 [ 123.634752] vprintk_emit+0x16b/0x560 [ 123.634770] vprintk+0x84/0xa0 [ 123.634787] _printk+0xba/0xf1 [ 123.634799] report_bug.cold+0x72/0xab [ 123.634817] handle_bug+0x3c/0x70 [ 123.634836] exc_invalid_op+0x14/0x50 [ 123.634855] asm_exc_invalid_op+0x16/0x20 [ 123.634868] group_sched_out.part.0+0x2c7/0x460 [ 123.634889] ctx_sched_out+0x8f1/0xc10 [ 123.634907] __perf_event_task_sched_out+0x6d0/0x18d0 [ 123.634920] __schedule+0xedd/0x2470 [ 123.634935] schedule+0xda/0x1b0 [ 123.634952] exit_to_user_mode_prepare+0x114/0x1a0 [ 123.634966] syscall_exit_to_user_mode+0x19/0x40 [ 123.634982] do_syscall_64+0x48/0x90 [ 123.635004] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 123.635019] [ 123.635019] other info that might help us debug this: [ 123.635019] [ 123.635022] Chain exists of: [ 123.635022] (console_sem).lock --> &rq->__lock --> &ctx->lock [ 123.635022] [ 123.635040] Possible unsafe locking scenario: [ 123.635040] [ 123.635042] CPU0 CPU1 [ 123.635045] ---- ---- [ 123.635048] lock(&ctx->lock); [ 123.635055] lock(&rq->__lock); [ 123.635063] lock(&ctx->lock); [ 123.635070] lock((console_sem).lock); [ 123.635077] [ 123.635077] *** DEADLOCK *** [ 123.635077] [ 123.635079] 2 locks held by syz-executor.6/3803: [ 123.635088] #0: ffff88806ce37e98 (&rq->__lock){-.-.}-{2:2}, at: __schedule+0x1cf/0x2470 [ 123.635123] #1: ffff88800e804820 (&ctx->lock){....}-{2:2}, at: __perf_event_task_sched_out+0x53b/0x18d0 [ 123.635154] [ 123.635154] stack backtrace: [ 123.635158] CPU: 0 PID: 3803 Comm: syz-executor.6 Not tainted 6.0.0-rc7-next-20220930 #1 [ 123.635172] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 123.635182] Call Trace: [ 123.635186] [ 123.635191] dump_stack_lvl+0x8b/0xb3 [ 123.635213] check_noncircular+0x263/0x2e0 [ 123.635233] ? format_decode+0x26c/0xb50 [ 123.635251] ? print_circular_bug+0x450/0x450 [ 123.635271] ? simple_strtoul+0x30/0x30 [ 123.635289] ? format_decode+0x26c/0xb50 [ 123.635309] ? alloc_chain_hlocks+0x1ec/0x5a0 [ 123.635329] __lock_acquire+0x2a02/0x5e70 [ 123.635354] ? lockdep_hardirqs_on_prepare+0x410/0x410 [ 123.635381] lock_acquire+0x1a2/0x530 [ 123.635400] ? down_trylock+0xe/0x70 [ 123.635420] ? lock_release+0x750/0x750 [ 123.635445] ? vprintk+0x84/0xa0 [ 123.635466] _raw_spin_lock_irqsave+0x39/0x60 [ 123.635480] ? down_trylock+0xe/0x70 [ 123.635498] down_trylock+0xe/0x70 [ 123.635516] ? vprintk+0x84/0xa0 [ 123.635536] __down_trylock_console_sem+0x3b/0xd0 [ 123.635557] vprintk_emit+0x16b/0x560 [ 123.635579] vprintk+0x84/0xa0 [ 123.635599] _printk+0xba/0xf1 [ 123.635612] ? record_print_text.cold+0x16/0x16 [ 123.635631] ? report_bug.cold+0x66/0xab [ 123.635652] ? group_sched_out.part.0+0x2c7/0x460 [ 123.635673] report_bug.cold+0x72/0xab [ 123.635693] handle_bug+0x3c/0x70 [ 123.635712] exc_invalid_op+0x14/0x50 [ 123.635732] asm_exc_invalid_op+0x16/0x20 [ 123.635746] RIP: 0010:group_sched_out.part.0+0x2c7/0x460 [ 123.635769] Code: 5e 41 5f e9 8b ae ef ff e8 86 ae ef ff 65 8b 1d 0b 18 ac 7e 31 ff 89 de e8 26 ab ef ff 85 db 0f 84 8a 00 00 00 e8 69 ae ef ff <0f> 0b e9 a5 fe ff ff e8 5d ae ef ff 48 8d 7d 10 48 b8 00 00 00 00 [ 123.635781] RSP: 0018:ffff88800d20fc48 EFLAGS: 00010006 [ 123.635791] RAX: 0000000040000002 RBX: 0000000000000000 RCX: 0000000000000000 [ 123.635799] RDX: ffff88801a5c1ac0 RSI: ffffffff81565dc7 RDI: 0000000000000005 [ 123.635807] RBP: ffff8880086605c8 R08: 0000000000000005 R09: 0000000000000001 [ 123.635815] R10: 0000000000000000 R11: ffffffff865b401b R12: ffff88800e804800 [ 123.635824] R13: ffff88806ce3d2c0 R14: ffffffff8547d000 R15: 0000000000000002 [ 123.635836] ? group_sched_out.part.0+0x2c7/0x460 [ 123.635859] ? group_sched_out.part.0+0x2c7/0x460 [ 123.635883] ctx_sched_out+0x8f1/0xc10 [ 123.635906] __perf_event_task_sched_out+0x6d0/0x18d0 [ 123.635923] ? lock_is_held_type+0xd7/0x130 [ 123.635939] ? __perf_cgroup_move+0x160/0x160 [ 123.635951] ? set_next_entity+0x304/0x550 [ 123.635972] ? update_curr+0x267/0x740 [ 123.635994] ? lock_is_held_type+0xd7/0x130 [ 123.636010] __schedule+0xedd/0x2470 [ 123.636030] ? io_schedule_timeout+0x150/0x150 [ 123.636049] ? rcu_read_lock_sched_held+0x3e/0x80 [ 123.636072] schedule+0xda/0x1b0 [ 123.636089] exit_to_user_mode_prepare+0x114/0x1a0 [ 123.636104] syscall_exit_to_user_mode+0x19/0x40 [ 123.636119] do_syscall_64+0x48/0x90 [ 123.636139] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 123.636154] RIP: 0033:0x7faf2cf9fb19 [ 123.636164] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 123.636176] RSP: 002b:00007faf2a515218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 123.636188] RAX: 0000000000000001 RBX: 00007faf2d0b2f68 RCX: 00007faf2cf9fb19 [ 123.636197] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007faf2d0b2f6c [ 123.636205] RBP: 00007faf2d0b2f60 R08: 000000000000000e R09: 0000000000000000 [ 123.636213] R10: 0000000000000005 R11: 0000000000000246 R12: 00007faf2d0b2f6c [ 123.636221] R13: 00007ffe9039721f R14: 00007faf2a515300 R15: 0000000000022000 [ 123.636235] [ 123.702925] WARNING: CPU: 0 PID: 3803 at kernel/events/core.c:2309 group_sched_out.part.0+0x2c7/0x460 [ 123.703749] Modules linked in: [ 123.704039] CPU: 0 PID: 3803 Comm: syz-executor.6 Not tainted 6.0.0-rc7-next-20220930 #1 [ 123.704716] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 123.705677] RIP: 0010:group_sched_out.part.0+0x2c7/0x460 [ 123.706150] Code: 5e 41 5f e9 8b ae ef ff e8 86 ae ef ff 65 8b 1d 0b 18 ac 7e 31 ff 89 de e8 26 ab ef ff 85 db 0f 84 8a 00 00 00 e8 69 ae ef ff <0f> 0b e9 a5 fe ff ff e8 5d ae ef ff 48 8d 7d 10 48 b8 00 00 00 00 [ 123.707614] RSP: 0018:ffff88800d20fc48 EFLAGS: 00010006 [ 123.708100] RAX: 0000000040000002 RBX: 0000000000000000 RCX: 0000000000000000 [ 123.708741] RDX: ffff88801a5c1ac0 RSI: ffffffff81565dc7 RDI: 0000000000000005 [ 123.709344] RBP: ffff8880086605c8 R08: 0000000000000005 R09: 0000000000000001 [ 123.709910] R10: 0000000000000000 R11: ffffffff865b401b R12: ffff88800e804800 [ 123.710554] R13: ffff88806ce3d2c0 R14: ffffffff8547d000 R15: 0000000000000002 [ 123.711246] FS: 00007faf2a515700(0000) GS:ffff88806ce00000(0000) knlGS:0000000000000000 [ 123.712026] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 123.712623] CR2: 00007f124268c8e0 CR3: 000000004020e000 CR4: 0000000000350ef0 [ 123.713258] Call Trace: [ 123.713482] [ 123.713694] ctx_sched_out+0x8f1/0xc10 [ 123.714078] __perf_event_task_sched_out+0x6d0/0x18d0 [ 123.714556] ? lock_is_held_type+0xd7/0x130 [ 123.714950] ? __perf_cgroup_move+0x160/0x160 [ 123.715364] ? set_next_entity+0x304/0x550 [ 123.715739] ? update_curr+0x267/0x740 [ 123.716125] ? lock_is_held_type+0xd7/0x130 [ 123.716577] __schedule+0xedd/0x2470 [ 123.716971] ? io_schedule_timeout+0x150/0x150 [ 123.717448] ? rcu_read_lock_sched_held+0x3e/0x80 [ 123.717907] schedule+0xda/0x1b0 [ 123.718245] exit_to_user_mode_prepare+0x114/0x1a0 [ 123.718681] syscall_exit_to_user_mode+0x19/0x40 [ 123.719073] do_syscall_64+0x48/0x90 [ 123.719403] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 123.719842] RIP: 0033:0x7faf2cf9fb19 [ 123.720177] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 123.721735] RSP: 002b:00007faf2a515218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 123.722352] RAX: 0000000000000001 RBX: 00007faf2d0b2f68 RCX: 00007faf2cf9fb19 [ 123.722919] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007faf2d0b2f6c [ 123.723483] RBP: 00007faf2d0b2f60 R08: 000000000000000e R09: 0000000000000000 [ 123.724176] R10: 0000000000000005 R11: 0000000000000246 R12: 00007faf2d0b2f6c [ 123.724834] R13: 00007ffe9039721f R14: 00007faf2a515300 R15: 0000000000022000 [ 123.725448] [ 123.725648] irq event stamp: 826 [ 123.725923] hardirqs last enabled at (825): [] exit_to_user_mode_prepare+0x109/0x1a0 [ 123.726727] hardirqs last disabled at (826): [] __schedule+0x1225/0x2470 [ 123.727445] softirqs last enabled at (370): [] __irq_exit_rcu+0x11b/0x180 [ 123.728219] softirqs last disabled at (243): [] __irq_exit_rcu+0x11b/0x180 [ 123.728938] ---[ end trace 0000000000000000 ]--- 11:38:54 executing program 6: perf_event_open(&(0x7f00000000c0)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={0x0, 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f00000000c0)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={0x0, 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f00000000c0)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={0x0, 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000002940)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={0x0, 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) open_by_handle_at(r0, &(0x7f0000000140)=ANY=[@ANYBLOB='\a'], 0x0) perf_event_open(&(0x7f0000000000)={0x3, 0x80, 0x0, 0x40, 0x6, 0xc4, 0x0, 0xfffffffffffffffb, 0x100, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x3, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x957, 0x4, @perf_config_ext={0x0, 0x1000}, 0x200, 0x0, 0x9, 0x5, 0x8, 0x2, 0x5, 0x0, 0x0, 0x0, 0x8}, 0xffffffffffffffff, 0x2, r0, 0xa) perf_event_open(&(0x7f00000000c0)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 11:38:54 executing program 6: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) syz_io_uring_setup(0x333f, &(0x7f00000001c0)={0x0, 0x9c89, 0x20, 0x1, 0x3d6}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000140)) r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x40a}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fsetxattr$security_selinux(r0, &(0x7f0000000240), &(0x7f0000000300)='system_u:object_r:tmpreaper_exec_t:s0\x00', 0x26, 0x1) sync() ioperm(0x0, 0x800, 0x4) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) open_by_handle_at(r1, &(0x7f0000000140)=ANY=[@ANYBLOB='\a'], 0x0) perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7, 0x4, 0x7f, 0x3f, 0x0, 0x5, 0x0, 0x8, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0xeda, 0x0, @perf_config_ext={0x0, 0x93fc}, 0x48188, 0x4, 0x4, 0x6, 0x7, 0xd80a, 0x4c09, 0x0, 0xfffff801, 0x0, 0x4}, 0xffffffffffffffff, 0xe, r1, 0xa) syz_genetlink_get_family_id$nl80211(&(0x7f0000000180), 0xffffffffffffffff) openat$null(0xffffffffffffff9c, &(0x7f00000003c0), 0x40000, 0x0) [ 124.498551] hrtimer: interrupt took 16872 ns 11:38:55 executing program 5: r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1}, 0x0, 0x5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = syz_open_dev$tty1(0xc, 0x4, 0x1) r3 = getpid() rt_tgsigqueueinfo(r3, r3, 0x34, &(0x7f0000000280)={0x10, 0x3, 0x2}) perf_event_open(&(0x7f0000000200)={0x3, 0x80, 0x4, 0xaa, 0x8, 0x0, 0x0, 0x4, 0x48101, 0x6, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x2, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x7fff, 0x2, @perf_bp={&(0x7f0000000000), 0xc}, 0x9621, 0x946, 0x9, 0x1, 0x8, 0x800, 0x4, 0x0, 0x1, 0x0, 0x3}, r3, 0x3, r1, 0x6) prctl$PR_SET_MM_EXE_FILE(0x23, 0xd, r2) ioctl$FS_IOC_GETFSLABEL(r0, 0x81009431, &(0x7f0000000100)) sync() [ 124.910689] audit: type=1400 audit(1664883535.376:9): avc: denied { write } for pid=3876 comm="syz-executor.5" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 11:38:55 executing program 5: r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1}, 0x0, 0x5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = syz_open_dev$tty1(0xc, 0x4, 0x1) r3 = getpid() rt_tgsigqueueinfo(r3, r3, 0x34, &(0x7f0000000280)={0x10, 0x3, 0x2}) perf_event_open(&(0x7f0000000200)={0x3, 0x80, 0x4, 0xaa, 0x8, 0x0, 0x0, 0x4, 0x48101, 0x6, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x2, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x7fff, 0x2, @perf_bp={&(0x7f0000000000), 0xc}, 0x9621, 0x946, 0x9, 0x1, 0x8, 0x800, 0x4, 0x0, 0x1, 0x0, 0x3}, r3, 0x3, r1, 0x6) prctl$PR_SET_MM_EXE_FILE(0x23, 0xd, r2) ioctl$FS_IOC_GETFSLABEL(r0, 0x81009431, &(0x7f0000000100)) sync() 11:38:55 executing program 5: r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1}, 0x0, 0x5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = syz_open_dev$tty1(0xc, 0x4, 0x1) r3 = getpid() rt_tgsigqueueinfo(r3, r3, 0x34, &(0x7f0000000280)={0x10, 0x3, 0x2}) perf_event_open(&(0x7f0000000200)={0x3, 0x80, 0x4, 0xaa, 0x8, 0x0, 0x0, 0x4, 0x48101, 0x6, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x2, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x7fff, 0x2, @perf_bp={&(0x7f0000000000), 0xc}, 0x9621, 0x946, 0x9, 0x1, 0x8, 0x800, 0x4, 0x0, 0x1, 0x0, 0x3}, r3, 0x3, r1, 0x6) prctl$PR_SET_MM_EXE_FILE(0x23, 0xd, r2) ioctl$FS_IOC_GETFSLABEL(r0, 0x81009431, &(0x7f0000000100)) sync() 11:38:56 executing program 5: r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1}, 0x0, 0x5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = syz_open_dev$tty1(0xc, 0x4, 0x1) r3 = getpid() rt_tgsigqueueinfo(r3, r3, 0x34, &(0x7f0000000280)={0x10, 0x3, 0x2}) perf_event_open(&(0x7f0000000200)={0x3, 0x80, 0x4, 0xaa, 0x8, 0x0, 0x0, 0x4, 0x48101, 0x6, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x2, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x7fff, 0x2, @perf_bp={&(0x7f0000000000), 0xc}, 0x9621, 0x946, 0x9, 0x1, 0x8, 0x800, 0x4, 0x0, 0x1, 0x0, 0x3}, r3, 0x3, r1, 0x6) prctl$PR_SET_MM_EXE_FILE(0x23, 0xd, r2) ioctl$FS_IOC_GETFSLABEL(r0, 0x81009431, &(0x7f0000000100)) sync() VM DIAGNOSIS: 11:38:54 Registers: info registers vcpu 0 RAX=0000000000000020 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff823bb0f1 RDI=ffffffff8765a9a0 RBP=ffffffff8765a960 RSP=ffff88800d20f690 R8 =0000000000000001 R9 =000000000000000a R10=0000000000000020 R11=0000000000000001 R12=0000000000000020 R13=ffffffff8765a960 R14=0000000000000010 R15=ffffffff823bb0e0 RIP=ffffffff823bb149 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 00007faf2a515700 00000000 00000000 GS =0000 ffff88806ce00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007f124268c8e0 CR3=000000004020e000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 YMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM01=0000000000000000 0000000000000000 00007faf2d0867c0 00007faf2d0867c8 YMM02=0000000000000000 0000000000000000 00007faf2d0867e0 00007faf2d0867c0 YMM03=0000000000000000 0000000000000000 00007faf2d0867c8 00007faf2d0867c0 YMM04=0000000000000000 0000000000000000 ffffffffffffffff ffffffff00000000 YMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM06=0000000000000000 0000000000000000 0000000000000000 000000524f525245 YMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM08=0000000000000000 0000000000000000 0000000000000000 00524f5252450040 YMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 RAX=dffffc0000000000 RBX=ffffffff81359c40 RCX=0000000000000000 RDX=1ffff11001c64eef RSI=ffffffff816bf8c0 RDI=ffff88800e3277e8 RBP=ffff88800e3277b8 RSP=ffff88800e327718 R8 =ffffffff85ec4f22 R9 =ffffffff85ec4f26 R10=ffffed1001c64ef1 R11=ffff88800e327760 R12=ffff88800e3277e8 R13=0000000000000000 R14=ffff88801d723580 R15=ffff888007c75000 RIP=ffffffff81359c4a RFL=00000286 [--S--P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 0000000000000000 00000000 00000000 GS =0000 ffff88806cf00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007fffe7de4020 CR3=0000000040864000 CR4=00350ee0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 YMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM04=0000000000000000 0000000000000000 000000ff00000000 0000000000000000 YMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000