Warning: Permanently added '[localhost]:5586' (ECDSA) to the list of known hosts. 2022/10/04 19:49:07 fuzzer started 2022/10/04 19:49:08 dialing manager at localhost:46847 syzkaller login: [ 38.616133] cgroup: Unknown subsys name 'net' [ 38.696241] cgroup: Unknown subsys name 'rlimit' 2022/10/04 19:49:22 syscalls: 2215 2022/10/04 19:49:22 code coverage: enabled 2022/10/04 19:49:22 comparison tracing: enabled 2022/10/04 19:49:22 extra coverage: enabled 2022/10/04 19:49:22 setuid sandbox: enabled 2022/10/04 19:49:22 namespace sandbox: enabled 2022/10/04 19:49:22 Android sandbox: enabled 2022/10/04 19:49:22 fault injection: enabled 2022/10/04 19:49:22 leak checking: enabled 2022/10/04 19:49:22 net packet injection: enabled 2022/10/04 19:49:22 net device setup: enabled 2022/10/04 19:49:22 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2022/10/04 19:49:22 devlink PCI setup: PCI device 0000:00:10.0 is not available 2022/10/04 19:49:22 USB emulation: enabled 2022/10/04 19:49:22 hci packet injection: enabled 2022/10/04 19:49:22 wifi device emulation: failed to parse kernel version (6.0.0-next-20221004) 2022/10/04 19:49:22 802.15.4 emulation: enabled 2022/10/04 19:49:22 fetching corpus: 50, signal 23940/25694 (executing program) 2022/10/04 19:49:22 fetching corpus: 100, signal 31870/35194 (executing program) 2022/10/04 19:49:22 fetching corpus: 150, signal 40725/45421 (executing program) 2022/10/04 19:49:22 fetching corpus: 200, signal 47465/53469 (executing program) 2022/10/04 19:49:23 fetching corpus: 250, signal 52317/59599 (executing program) 2022/10/04 19:49:23 fetching corpus: 300, signal 58903/67230 (executing program) 2022/10/04 19:49:23 fetching corpus: 350, signal 62916/72313 (executing program) 2022/10/04 19:49:23 fetching corpus: 400, signal 67572/78010 (executing program) 2022/10/04 19:49:23 fetching corpus: 450, signal 70888/82372 (executing program) 2022/10/04 19:49:23 fetching corpus: 500, signal 75907/88151 (executing program) 2022/10/04 19:49:23 fetching corpus: 550, signal 77971/91226 (executing program) 2022/10/04 19:49:23 fetching corpus: 600, signal 80545/94714 (executing program) 2022/10/04 19:49:23 fetching corpus: 650, signal 83205/98202 (executing program) 2022/10/04 19:49:24 fetching corpus: 700, signal 88770/104147 (executing program) 2022/10/04 19:49:24 fetching corpus: 750, signal 90383/106579 (executing program) 2022/10/04 19:49:24 fetching corpus: 800, signal 91959/109003 (executing program) 2022/10/04 19:49:24 fetching corpus: 850, signal 95657/113213 (executing program) 2022/10/04 19:49:24 fetching corpus: 900, signal 97520/115782 (executing program) 2022/10/04 19:49:24 fetching corpus: 950, signal 99079/118057 (executing program) 2022/10/04 19:49:24 fetching corpus: 1000, signal 100245/119986 (executing program) 2022/10/04 19:49:24 fetching corpus: 1050, signal 103889/123867 (executing program) 2022/10/04 19:49:24 fetching corpus: 1100, signal 105778/126261 (executing program) 2022/10/04 19:49:25 fetching corpus: 1150, signal 107598/128623 (executing program) 2022/10/04 19:49:25 fetching corpus: 1200, signal 109000/130613 (executing program) 2022/10/04 19:49:25 fetching corpus: 1250, signal 111958/133720 (executing program) 2022/10/04 19:49:25 fetching corpus: 1300, signal 114145/136202 (executing program) 2022/10/04 19:49:25 fetching corpus: 1350, signal 115628/138095 (executing program) 2022/10/04 19:49:25 fetching corpus: 1400, signal 117739/140443 (executing program) 2022/10/04 19:49:25 fetching corpus: 1450, signal 119116/142180 (executing program) 2022/10/04 19:49:25 fetching corpus: 1500, signal 120586/143987 (executing program) 2022/10/04 19:49:25 fetching corpus: 1550, signal 123366/146660 (executing program) 2022/10/04 19:49:26 fetching corpus: 1600, signal 124376/148116 (executing program) 2022/10/04 19:49:26 fetching corpus: 1650, signal 125144/149363 (executing program) 2022/10/04 19:49:26 fetching corpus: 1700, signal 127655/151773 (executing program) 2022/10/04 19:49:26 fetching corpus: 1750, signal 128990/153346 (executing program) 2022/10/04 19:49:26 fetching corpus: 1800, signal 130051/154699 (executing program) 2022/10/04 19:49:26 fetching corpus: 1850, signal 131253/156149 (executing program) 2022/10/04 19:49:26 fetching corpus: 1900, signal 132354/157472 (executing program) 2022/10/04 19:49:26 fetching corpus: 1950, signal 133420/158793 (executing program) 2022/10/04 19:49:27 fetching corpus: 2000, signal 134412/160019 (executing program) 2022/10/04 19:49:27 fetching corpus: 2050, signal 135602/161391 (executing program) 2022/10/04 19:49:27 fetching corpus: 2100, signal 137072/162880 (executing program) 2022/10/04 19:49:27 fetching corpus: 2150, signal 137976/164038 (executing program) 2022/10/04 19:49:27 fetching corpus: 2200, signal 139543/165495 (executing program) 2022/10/04 19:49:27 fetching corpus: 2250, signal 140627/166633 (executing program) 2022/10/04 19:49:27 fetching corpus: 2300, signal 143269/168757 (executing program) 2022/10/04 19:49:27 fetching corpus: 2350, signal 144445/169945 (executing program) 2022/10/04 19:49:27 fetching corpus: 2400, signal 145189/170834 (executing program) 2022/10/04 19:49:28 fetching corpus: 2450, signal 146432/171963 (executing program) 2022/10/04 19:49:28 fetching corpus: 2500, signal 147537/173049 (executing program) 2022/10/04 19:49:28 fetching corpus: 2550, signal 149693/174577 (executing program) 2022/10/04 19:49:28 fetching corpus: 2600, signal 150941/175710 (executing program) 2022/10/04 19:49:28 fetching corpus: 2650, signal 151732/176557 (executing program) 2022/10/04 19:49:28 fetching corpus: 2700, signal 152784/177489 (executing program) 2022/10/04 19:49:28 fetching corpus: 2750, signal 153861/178418 (executing program) 2022/10/04 19:49:28 fetching corpus: 2800, signal 155020/179615 (executing program) 2022/10/04 19:49:28 fetching corpus: 2850, signal 156497/180668 (executing program) 2022/10/04 19:49:29 fetching corpus: 2900, signal 157061/181331 (executing program) 2022/10/04 19:49:29 fetching corpus: 2950, signal 158212/182225 (executing program) 2022/10/04 19:49:29 fetching corpus: 3000, signal 159286/183065 (executing program) 2022/10/04 19:49:29 fetching corpus: 3050, signal 160515/183900 (executing program) 2022/10/04 19:49:29 fetching corpus: 3100, signal 161042/184468 (executing program) 2022/10/04 19:49:29 fetching corpus: 3150, signal 162862/185507 (executing program) 2022/10/04 19:49:29 fetching corpus: 3200, signal 163630/186152 (executing program) 2022/10/04 19:49:29 fetching corpus: 3250, signal 165168/187011 (executing program) 2022/10/04 19:49:29 fetching corpus: 3300, signal 166175/187685 (executing program) 2022/10/04 19:49:29 fetching corpus: 3350, signal 166737/188163 (executing program) 2022/10/04 19:49:29 fetching corpus: 3400, signal 167295/188622 (executing program) 2022/10/04 19:49:30 fetching corpus: 3450, signal 167622/189031 (executing program) 2022/10/04 19:49:30 fetching corpus: 3500, signal 168746/189630 (executing program) 2022/10/04 19:49:30 fetching corpus: 3550, signal 169312/190081 (executing program) 2022/10/04 19:49:30 fetching corpus: 3600, signal 169956/190527 (executing program) 2022/10/04 19:49:30 fetching corpus: 3650, signal 171021/191087 (executing program) 2022/10/04 19:49:30 fetching corpus: 3700, signal 171839/191557 (executing program) 2022/10/04 19:49:30 fetching corpus: 3750, signal 172912/192098 (executing program) 2022/10/04 19:49:30 fetching corpus: 3800, signal 173649/192536 (executing program) 2022/10/04 19:49:30 fetching corpus: 3850, signal 174134/192922 (executing program) 2022/10/04 19:49:31 fetching corpus: 3900, signal 174735/193307 (executing program) 2022/10/04 19:49:31 fetching corpus: 3950, signal 175073/193643 (executing program) 2022/10/04 19:49:31 fetching corpus: 4000, signal 175623/193946 (executing program) 2022/10/04 19:49:31 fetching corpus: 4050, signal 176369/194304 (executing program) 2022/10/04 19:49:31 fetching corpus: 4100, signal 176694/194580 (executing program) 2022/10/04 19:49:31 fetching corpus: 4150, signal 177576/194973 (executing program) 2022/10/04 19:49:31 fetching corpus: 4200, signal 178356/195283 (executing program) 2022/10/04 19:49:31 fetching corpus: 4250, signal 178978/195553 (executing program) 2022/10/04 19:49:31 fetching corpus: 4300, signal 179940/195862 (executing program) 2022/10/04 19:49:32 fetching corpus: 4350, signal 180377/196088 (executing program) 2022/10/04 19:49:32 fetching corpus: 4400, signal 180885/196298 (executing program) 2022/10/04 19:49:32 fetching corpus: 4450, signal 181440/196515 (executing program) 2022/10/04 19:49:32 fetching corpus: 4500, signal 182496/196782 (executing program) 2022/10/04 19:49:32 fetching corpus: 4550, signal 183100/196977 (executing program) 2022/10/04 19:49:32 fetching corpus: 4600, signal 183725/197152 (executing program) 2022/10/04 19:49:32 fetching corpus: 4650, signal 184416/197339 (executing program) 2022/10/04 19:49:32 fetching corpus: 4700, signal 184843/197518 (executing program) 2022/10/04 19:49:33 fetching corpus: 4750, signal 185833/197684 (executing program) 2022/10/04 19:49:33 fetching corpus: 4800, signal 186239/197834 (executing program) 2022/10/04 19:49:33 fetching corpus: 4850, signal 186889/197969 (executing program) 2022/10/04 19:49:33 fetching corpus: 4875, signal 187056/198034 (executing program) 2022/10/04 19:49:33 fetching corpus: 4875, signal 187056/198034 (executing program) 2022/10/04 19:49:35 starting 8 fuzzer processes 19:49:35 executing program 0: ioctl$VT_DISALLOCATE(0xffffffffffffffff, 0x5608) r0 = perf_event_open(&(0x7f0000000000)={0x5, 0x80, 0x97, 0xfb, 0x7f, 0x80, 0x0, 0xa7c8, 0x80040, 0x4, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x3, 0x1, @perf_config_ext={0x101, 0x7}, 0x104, 0x0, 0x8, 0x0, 0x3, 0x3, 0x4, 0x0, 0x3, 0x0, 0xb1}, 0xffffffffffffffff, 0x10, 0xffffffffffffffff, 0x2) ioctl$F2FS_IOC_GET_PIN_FILE(r0, 0x8004f50e, &(0x7f0000000080)) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(0xffffffffffffffff, 0xc0189373, &(0x7f00000000c0)={{0x1, 0x1, 0x18, r0, {0x101a}}, './file0\x00'}) fsetxattr$trusted_overlay_origin(r1, &(0x7f0000000100), &(0x7f0000000140), 0x2, 0x1) r2 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$BTRFS_IOC_GET_DEV_STATS(r1, 0xc4089434, &(0x7f0000000180)={0x0, 0x6, 0x1, [0x7, 0xeb, 0x6, 0x0, 0x4], [0x0, 0xca, 0x10000, 0xfffffffffffffff7, 0x0, 0x0, 0x798a, 0x3, 0x91e00, 0x2800000000, 0x8, 0x3584, 0xfffffffffffffff8, 0x3, 0xae, 0x2, 0x2bd2, 0x6, 0x27, 0x7, 0x7f, 0x2, 0x1, 0xfffffffffffffff8, 0x5, 0x7f, 0x400, 0x3, 0x9, 0xff, 0x8, 0x0, 0xffffffff, 0x3, 0x0, 0x1f, 0x5, 0xe2, 0x0, 0x8000, 0x7fff, 0x4, 0x0, 0x7f, 0x0, 0x80000001, 0x7fff, 0x7, 0x1, 0x1fffffffc000, 0x4, 0x1, 0x8000, 0x0, 0xe4, 0x7, 0x3de, 0x5, 0x8, 0x3f, 0x884, 0x2, 0x4, 0x0, 0x8, 0xe9d6, 0x0, 0x7, 0x9, 0x6, 0xf9, 0x8000, 0x7, 0x80000000, 0x2, 0x1, 0x7fff, 0x34, 0x9f2, 0x3, 0x3, 0x1f, 0x4, 0x10001, 0x6, 0x33, 0x93, 0xffffffffffffffff, 0x3, 0xffffffffffff8a7f, 0x1, 0x6, 0xff, 0x0, 0x396, 0x8, 0x0, 0x4, 0x0, 0x79c2, 0x7fff, 0x6, 0x3, 0x100000001, 0x0, 0x1, 0x6, 0xffff, 0x9, 0x2, 0xfd, 0x0, 0x2, 0x9, 0x101, 0x20, 0x0, 0x0, 0x3, 0x9, 0x8001]}) ioctl$BTRFS_IOC_SNAP_CREATE_V2(r2, 0x50009417, &(0x7f00000005c0)={{r0}, 0x0, 0x12, @unused=[0x4b, 0x9, 0xffffffff, 0x6], @devid=r3}) ioctl$TIOCGSID(r1, 0x5429, &(0x7f0000001780)=0x0) clone3(&(0x7f0000001800)={0x202019400, &(0x7f00000015c0), &(0x7f0000001600), &(0x7f0000001640), {0x4}, &(0x7f0000001680)=""/126, 0x7e, &(0x7f0000001700)=""/95, &(0x7f00000017c0)=[r4], 0x1, {r1}}, 0x58) r5 = syz_open_dev$rtc(&(0x7f0000001880), 0x7, 0x4000) ioctl$BTRFS_IOC_SCRUB(r1, 0xc400941b, &(0x7f00000018c0)={0x0, 0x534, 0x100000000, 0x1}) ioctl$BTRFS_IOC_SCRUB(r5, 0xc400941b, &(0x7f0000001cc0)={r6, 0xfffffffffffffff9, 0x3, 0x1}) recvmsg(r1, &(0x7f0000002600)={&(0x7f00000020c0)=@pppol2tpv3in6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @private0}}}, 0x80, &(0x7f00000024c0)=[{&(0x7f0000002140)=""/154, 0x9a}, {&(0x7f0000002200)=""/189, 0xbd}, {&(0x7f00000022c0)=""/135, 0x87}, {&(0x7f0000002380)=""/82, 0x52}, {&(0x7f0000002400)=""/91, 0x5b}, {&(0x7f0000002480)}], 0x6, &(0x7f0000002540)=""/135, 0x87}, 0x12001) setsockopt$inet6_mreq(r7, 0x29, 0x1c, &(0x7f0000002640)={@loopback}, 0x14) ioctl$sock_SIOCSIFVLAN_GET_VLAN_REALDEV_NAME_CMD(r7, 0x8983, &(0x7f0000002680)={0x8, 'geneve1\x00', {'veth0_to_batadv\x00'}, 0x6}) lsetxattr$trusted_overlay_origin(&(0x7f00000026c0)='./file0\x00', &(0x7f0000002700), &(0x7f0000002740), 0x2, 0x3) lsetxattr$security_ima(&(0x7f0000002780)='./file0\x00', &(0x7f00000027c0), &(0x7f0000002800)=@md5={0x1, "9f7ae298ee3c9da0bb35ebc9609e998f"}, 0x11, 0x1) sendmsg$NL80211_CMD_DEL_PMKSA(r1, &(0x7f0000002980)={&(0x7f0000002840)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000002940)={&(0x7f0000002880)={0xa8, 0x0, 0x400, 0x70bd2a, 0x25dfdbfc, {{}, {@void, @void}}, [@NL80211_ATTR_FILS_CACHE_ID={0x6, 0xfd, 0x1000}, @NL80211_ATTR_FILS_CACHE_ID={0x6, 0xfd, 0x8}, @NL80211_ATTR_FILS_CACHE_ID={0x6, 0xfd, 0x800}, @NL80211_ATTR_PMK={0x14, 0xfe, "89b4256b4cd1724f2cd06c05ecec0b08"}, @NL80211_ATTR_PMK_LIFETIME={0x8, 0x11f, 0x3}, @NL80211_ATTR_PMKID={0x14, 0x55, "b63871f892c8db1821057d99108d158f"}, @NL80211_ATTR_SSID={0x23, 0x34, @random="13f17704e37bb9e672a551bc74d353e18e6c8fee5206f52d339f9ae0902794"}, @NL80211_ATTR_PMKID={0x14, 0x55, "2d144f74036fcabbf67cab51bf8b4ea3"}, @NL80211_ATTR_MAC={0xa, 0x6, @random="5131293544d3"}, @NL80211_ATTR_PMK_REAUTH_THRESHOLD={0x5, 0x120, 0x4d}]}, 0xa8}, 0x1, 0x0, 0x0, 0x4080}, 0x20008005) setsockopt$inet_tcp_TCP_FASTOPEN_KEY(0xffffffffffffffff, 0x6, 0x21, &(0x7f0000002a40)="02e15dd96d0048f78a73f7fc73bac966", 0x10) 19:49:35 executing program 1: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$sock_inet_SIOCGIFBRDADDR(r0, 0x8919, &(0x7f0000000000)={'xfrm0\x00'}) ioctl$INCFS_IOC_CREATE_FILE(r0, 0xc058671e, &(0x7f0000001440)={{}, {0xbc}, 0x24, 0x0, 0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)="4289607aad340f14819971b9a8ecc770b5caa4d11b1f632367bda582e31f86d616c03fcab5a1fd30e49b89cef3dc9b3855fae6cba516eab7b35adbf89aa20a92e1c63c0b9e2a546e1621a9cf4042403b4905080f4e4cb0f5b9081bb91052e8defe57d4df69b2a1f0abc53a8932ccbc4d800638ebe79df6b55d18a129382576a5d7e34964c0b1a0a4ee7cd2dad6f966871b1d445cfc3e0ee89f3f90bf2d587a914ed5e5e5465dabbc0444f420637c6af94b429d7428875989bd4870dbada079a20d0813cec8bee0dd5c3271dd6e5fd6106e190e4832e4a54e59d8ad66131d883769361314b75b354f9080084175cb1d7e08be25c4eb67ab161241f425742aab382dc30d792529eb09dfdbff4e336a8309909f189e774cfc6dd56c7118aa6aca56671cbf0656034b8479219119485d831a48019044166f16e4d5ebbf3bba03acd047d5e09a088b846598e0d5907fdf924c9271d051c1eae5d138c8b87756976922ff42feb83401311016a7af5c790512d17dab3cb49708c10416b8b414ed1a15e7482810dab4c51c7ecd4b3ae27e2051fb3187129e268c353a17c77c488bb36872307b0ef9ac724e357bc1537da04ae5e1e46abf3d9f7366fe7e3e27834228badd9b4d1ee9c16d88", 0x1c7, 0x0, &(0x7f00000002c0)={0x2, 0x151, {0x0, 0xc, 0xc7, "59cabca42b6f721cdef574f1f62c957c2d16f19329baf7c4ef9bd6be8956b9537b2386df28f563338fad1061764894fc0325ec59df1a7c7d6e5b645568404b3d0b7a1847d5c2960672f59832437dfeb90f45513c3c43cdbb6ef47b0a35bbdf96990a441ec5b3ac14adca07dfbedc7a23a2d6c26698d090ab03e9e5d6d31febed7765ed2fa6c6827fb57a7d0899404c158dd5d5f2eb7e85d0fe666baa8160641d071eeca31419d7982598cdbb2a937cffdc2992bd75f1559538a59fa086a8f189536be12ff4b5f0", 0x7d, "d0d8a843d58589b233c26e92b0c87bfa4b5cc096bd8bcbefb277398b5d455c67083d977a64cf8829e339b84928f0416311c4b8c8594ffe763be3d3380586b823e51734d81ffcc46d31ad0509ec2112c1cd7147cccd25fc04493336ef26f905ad8edb677db7ae33e4c9f86cc46f530ff093f10481d9c5fff64f6789ce08"}, 0x1000, "062ba4d53116e0c4e018822c169d8176e3cf270910b2ddd5c97e5f5f856f277309c8cd287049d867cd034157327c0fe2633e4a0f2034a897a2aa94e82a83373cc1152adafb484a9625a528faa9ccef6d8895567c57cdaad01f1d74ed9063cb823dd4d2dcc22ccb2e746f3baca96a1d221c9eba5fd572f0ff19242a22018b616b790d915edb41ab9e599b40c2cafd41750415b1ad39c3b418d544a493c0539aad4c33141538ec55f4eeeef576f1c05e776d7dafedf4f469e259a78e756de130b1457aca78cdb67464e6bf64f4adedcba337f031521757404dc09fb8c0a32f79564dd894ee8f57818e6e34c4422f9c98483b29502ee41e019415c934b8aa64e2b90d6ed21987c40280dc919c867390752ad499da8aac7fdd3a8e9cbcae9b88ba5f6c58c01e36a52f0aebbb12881a7c34170fdf86577f2a9c548b54e26a4d96b09e90739fc158b430acbd8f047402a700a597266b931b478655113eedfdbd3fd2626321c899fa5586ba15715ab1305e1e3a77b8df0898a1c26439b88d005f567ecbed237d783b4f9692d6dc8ac3f3923664555fe3647ec62e230346cae6884d7cf6ef811e4aee85d942edab378f1245249914b7dd95769c0a5d13da920990c95884103a39d98070f3460bec640467c3766956e41a5020be3fc7cfc8ef58aa9d8c48740f9975279de0f280830e4b716caa73a2aa992aac1b237040e66e509f75f9005079c0cb93b4a62b784f827ee09aa545cbd2269a73d7c379bbc065d58cfa489910ebceb2aaa8444b6b3ca1c59bbd9b7c2cde9f8cec5ca233531ff102af1381e1a6ea47040e2e5e811d84c0a7d9a0a5a0318278219a1db326fb2419d37ca47c07d13bfb9da9fb0b666d936a039b3eb6b5318b2ad84cd72a503974d0df2158d1270245e14f51700990677a0fc07c6f38e10937339eace4e7393d6bc4b5472bcef87a803adfadc85d54c82b4174b377bb048b45fe76179855f95f6198c8f3dec8626ee6949fc141ca7ecc4e873b74aeec7522ca990e4c70700d6a350e6690c82ff076e743f592cc5c9962108ab955eb12915e25bdd238dcb5b6372416ce9f0c19f7a6b6bfd117020f115f355d5f10fdec667eff66b4c0fd9600d207c4ef5f114bebbf954af450e83ca9381fb412c3579d7f8a413ee60aeaf504ea24fd45f51413e854c1cd2ee46dea11681861219e485bbc0af6192b220fc2734a523c6a0bbb5ab30f039bffe59d9e90b897aa8c63f2cf51a1abc6a71d87369a032a42068b569e220ef2a9617e7ce1160c4bfdea5b556fe107899c607aeec594e449e45c572c0dc855a9f98b52dc90a4c841dfc75c48d0651ee6145527341e6e92b629feb485d91e2653dff8cc9e536b6aba12c92611183f1a4dee2c4184a503375a4fe792f279d998a042d55ee20347e9f5f902f9c72d84505a4cc2bcc0f060df2df61207d1e102137d70ab58111ea2616eb42914c3a52eae844c356d215f23ecf13fed296882fca1b7d8e725b443a2ec370c2bb2d57aa2d0dae66bb290b00b7227785eb04f9f128f23b66584eadd7588f8706eb1a088b692edec794908de2af8d66800979848ab36cbc2ace0c93a3bc3cdd01d04b1012585369e0fd6a81659501d6d3786ac8ce03d6f5e705061d2a1d7a5efddc326d2ca01ad7e95bd20af3535fd4dadfedc3716cb4e8eaa8ed870e318a4f1bdfdfdcd3f4acdca93a906038cc9e1155c6bd94fa2a11a83be50329b8b02fdb9c53d6b3b0ba9512c2bcff7ee8ce03a993322f8391b84fc9d409c4a140d7e471bcc56cad48311cc3eeeba461c40b2aeaa402dc7c0a7058a3afa8a1915b98b21a2a98ac2d66d4711f38844ae0b7e04fa37a707dc25131442230d7637a02c72732db39c15dda5c73bc6245796c1add8fb9d9cf4e1c6f18913cf79380f29131cfce1cd49c3e1fe374df6ef423aa1149a9ec60f7acb972f6c52be037b59193d60553678fe84fec7ab9c7f82a977c90d4287bc302e4f9cc1bbd02aeff712524e790430308e242c16217b56685b4566bdc6d4eae5f2d60f268ccedc6303a731184d971febf55999420de57ab1b9514cbb35540efc7957b0dd43e6ccb0304796bc24746e784f3b2af04e67c2a04586cd9eb54503451bdb8d49fd53b2aaa7b10dfad7dd25f48992d941a5205c172f62def85762a472f86393292c0a5891cb4aeae48292750788fe2dde8e19df612ea988a86fb520562f63e0fcc12609bf269819753817c45db91f1c4061036e64911c3bd786c15bbfa615ee7645091025075bddaba3d1fd97642166164cd6d58b3a286f0941130fe89f2bc6f47ba8f94e0160dd03834ec8dad320f946b3b8882b25db7d062e9f4360e180819f7f8483a436ed19b5444eb36f06a9f16c9ba23cdd7fa71ec476f162e1802e36bc39d8e0da5338bbeeb536439c857a8ca2147848266be1d229efb597b7843e05cf0dcf925b7af48d0f88067112ae7a7d3613e1f5a35947a1e6da91abf425db1b675facd812021828a543a522c66beea68ef77ce96fcb57e743f8258b23d0c1a8a59034caebf09f45f69c4820a16fc6a2def6f79e0298cfd6b4c697eee1e1d7a0cef811d73094c9348ba5287a5dc26a6f8a4ded52d9b71524f9b0d14be656f23ba03cfe440bafa52ab91fa18db18a7a98004384f8cb6b239b8f594e112a5e24c96ba086d060a54fe1fb2ae3bc99ab75980d056f303dfc0cdee1febaf5cfb7f8330e89d7c6fe63c607ef7a5b53df75bf2548db46a8db3bf89af1b0e2eba751cc9b7b806a1b74eca8bb3ac158beaca5612c6e092fc72214f54d568d7c46bd671caaf9f4d37cc480851e337f262e963b8205b16c8d523cd24302cf974536a0624b3b39073dd0edb6ab961aeb0ac2391951f13de2b615345868d5ef7a2e8a159c7b15325dd3dfec17fd7034da1810807d6a03b58b0be5843d3d5a7a4baa459af820a3e5c4c3a7cf492e8bfb2835103e1c0bc7ee36bab21db76268ead0a86d96394fb46cdd0098fa8ac40ffcd7d5c5d5783034e0c19916736e8d9e811cc31486151da4c50a9b16c31656081e22cf5599288c03578480e8fe092df751b04a3aecfc8b725a340f2e57d5158117f9c218aeefd3399511f73c581b9e9e8db1d51af9f564366b52eb6bb03618a33dc2ae7950c9b8e2e75256f6559d5cb2fc4dd0415ed76b55a816037ec983f2f8d1a4555619dd61635eb27cfea29ffd8b4cd2c3861017bc228535ef318929ebf9461e4ab43c4a54b8d7db431b4f95d5700c0c4eec42684f0d2b15c391686d13568b25bdca0f90291d29aba5f94bcdea2760ea72cf94be833910851d666079ca4ce280bcbdf4157557b7c7ba670116eb15668cd32a35193773279b0fcdb435e007ac90f36ed984dfdeabe9c67063527108082162f9969621d5c4158c850712b3843aca3d64834db7fb9bbca89dae93ed0acfb510b03670c95bfc695bb07cc83eb89c7a2aa8fc566c16c04887e8e56cfa0f31e844a96fa12a7476945603ebfe4658bd2f3f86a4748e6479f04ab7d6d3d2a8fd8cd3d8d8749223836e22b79ca57f57dcdf0a69ecd470795b1747407ad562d3f78c9a240e12116fec35797b6268a6ed06a825a2fccf3d05fdcbddcb6d81c4dcaa290af10608e5d03842f7b807f850103265cbfb91a494be175bdde6a65dba6ae3086b7a322c3a2312fc286979d0eb1da68619090a17c434a59dd75a38a47b9ae327b75d203f51af5ef597a71eadac0501704e0d43860b7555ddb043251c0bcf81da1b080b5499123b7ec9b28760c2a6e32032e3770099d660d0fa11c3446d2ecfe50fd75da4f19dc05f6477e7dd1fe83204c54ecd4238b791b71b7868de31298945e8c1e14c0ad8f4c1e08273aa7cf6e707ae19229fd60b3610aac971799cc7748043c69bc218536e15070ecd2ddbf0cacde16d016477e9a8035621c0c99cd007271af7667846cbad6a469f16905779cdbaa54913e14ba681e472d2970106349fdbc21f976006a957e9368d028525029f58a25ababeebcc228e384d5563aa4c5e02a629d2fcf93dd51ad9a76998568c0e385f8558938f99d58efbca08775c38ef690d2920c73a496995cf6183249dc2b92ddcf3a774f7288aa210e73df31db9114f5d91769394378b196e18b0397397f53ea42b983572c2bde07814807187229155efc7a1fb3aaa5c7e365a8b8e904faf8ca203ecd3fba8657bc6658ed2f28574062efb6805b55f53a084d0ae48e6ddb97cb3c245c02bb6c1bb3144d4e5b384184a0144b043759b20c295b1dc25fdd792b1e4c71353beb41017b2b6a1ba37aba6db7e18ddcabf745304b4d3eaff82394a32d0164dd28f071335532b0b119f8862116314eb3e55c23ad8e75ed0dd59c364de62679325c47f9aa1a00d61d42e238e72317acf4de26f3b4445d5f2d4bb872c696b93fd437555541c5b547ccb6b4d19a95d6d9769037ccf4f0a5d32af6562e0150c09f85ecc381447603de2470148ebc31fe2fc8c452f6a825b18e08d034f1edd4aee350b51ac9268ff15766ba3579f60b9d657d35884bfe549f2e56b8e2ea9aa5ff9de652fe04834d86fff0728747766e9c3433e825a9dfd23e5123ad8f4f6c3147281737a0b3d03e3a9ecba1767b7d484bf17dfd266348a6db9a5978b96a54a2d7945491ad66b1bd459f54953cdbca289426c04f17e13758f9a93c0a26aaf6c2a4b5b1582512b6e7d1db21b290c7e32f3b16358ab83c8f3b7c7d688088790102b85b4c14a8bd2e5a159d76da5cd44a8a5fd2aac793395a1b06e3a3dc5f8f070df32df47378a729166069e8ea5c2af4660d20c440e23c09abc72e4d3453807bef2714ee31085604121a15f39e3043ea335a469fe0723214ad562c2084aa0a08e1edaa1e85967bea3cfb07c8bd96252c5061deb2f4827c76c1069adccf7b290fee5116ae76c2e13baaf526941a37e98b6d37fc119af997518955c939dc9e2a2535a90373a660cfcade560d830f4ea4353548b0516ab0525ac1b94e360510ca55cff1df489a29047ac9fee2b2db91deb9411cf747ff47654a2765fe7869902595fa5751567ac56f9dadb1d6c86451770de6792501175d5f1af3e2b6598f8e38831f539728e0e6d3efa388bac890d20d19255dcc9295c6a4e68977d7ed544377f2970b851e8618a4a4857512871e86cd36e89bdfd9ebb8a8e2764500621c8eff57f5daea49b4c215814c6c784845ca74a6bd3ddafa4a54b5d489ff27eb8fc48e3a00bc8ca2d7ea1c5c2583737f02bd812d108ed27835794ac0478c185371206cbbd59036161849c4423c08c34191a115bed6b7d7b6e633b7e1d18e201cfa48494a4bfccdd8d51c3e1d65578a494e5b5a6c136561d7d6ad08f57c5c5eddc8012c78e42899657c33e6e24c192ff86b7f16d5f3357f14d0d6176919f845aba5b63c74b8ef034a45f3caa2d11756710fa10684222e9b397c14a541dc0ed58457a3bda8550e906cb1cb2d8d5592be67dffb0b70df00c1845f543f8acb3dd22381fb26afe0b9b25e300c78623c18cc7d2a201d9086bdcbd436774ffd9e2ea12cadb97d8febae4d380efe6f90c44176c2f2e4622e831c0064f1e141510db9c508c0bedb776f0879ef9307831ffa1765f248641f0889e35754361134275309274fde91c48f204e8355e0dca26120b17502afac24c2b8f6548708444360095a5607a5121cf4e5eba608cf3c47d9fbe771be5d3e227c94828cae5b1720eb7391880ee348543c49bd73f77e429745e084150c73ed2d8cdac2db8de7e8aaa7e8d6e5ef73847ef53709e3f5e7b211c26e409c6fe38f4199aca4f09e43ed555"}, 0x115d}) ioctl$BTRFS_IOC_QGROUP_LIMIT(r0, 0x8030942b, &(0x7f00000014c0)={0x18000000, {0xb, 0x2, 0x8, 0x7f, 0x800}}) ioctl$AUTOFS_DEV_IOCTL_CATATONIC(0xffffffffffffffff, 0xc0189379, &(0x7f0000001500)={{0x1, 0x1, 0x18, 0xffffffffffffffff}, './file0\x00'}) ioctl$sock_SIOCETHTOOL(r1, 0x8946, &(0x7f0000001580)={'syzkaller0\x00', &(0x7f0000001540)=@ethtool_cmd={0xa, 0xfbb, 0x20, 0x4, 0x94, 0x5, 0xe7, 0x5, 0x7, 0x4, 0xc3b, 0x7, 0x40, 0x4, 0x4, 0x4, [0x4]}}) ioctl$AUTOFS_DEV_IOCTL_READY(r1, 0xc0189376, &(0x7f00000015c0)={{0x1, 0x1, 0x18, r0, {0x8}}, './file1\x00'}) getsockopt$bt_l2cap_L2CAP_LM(r2, 0x6, 0x3, &(0x7f0000001600), &(0x7f0000001640)=0x4) recvmmsg$unix(r2, &(0x7f0000002800)=[{{0x0, 0x0, &(0x7f0000002780)=[{&(0x7f0000001680)=""/146, 0x92}, {&(0x7f0000001740)=""/4096, 0x1000}, {&(0x7f0000002740)=""/53, 0x35}], 0x3, &(0x7f00000027c0)=[@cred={{0x1c}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}], 0x38}}], 0x1, 0x2020, 0x0) ioctl$BTRFS_IOC_SYNC(r4, 0x9408, 0x0) r5 = accept$unix(r3, &(0x7f0000002840), &(0x7f00000028c0)=0x6e) pwritev(r5, &(0x7f0000002d00)=[{&(0x7f0000002900)="99f93e3508e5d86a82cd98d966a8dd5aa71fabaab82d39f8e6995e9b19f0d78eeb3316bcfe6a749e5ff64cd1b8a6adc3f03f66208669c24328f804410f1c32a31c4ccf8f1cf498673f1c56d66c02247a5605827b72eab90d713d3e8368321805b4ee7e0fc84f94eb94bcd2c52997d612fb2eb6ee631d28ae15cac469233be94458b409c22cbec0461016db8ba8789eb1c3eaa2a15544f3eea6350ed53cfe32864bcd85", 0xa3}, {&(0x7f00000029c0)="23e0f441bb45b6838177d6e2a836a2cf41675e3dd8736ae0831ea9a7ed349918a535a9d9137d2bca078e7e0950ae93f161b6591d4021680756b75dc9ec65f9626df2c80f3a5b34e721696033a338036fb872261a351f97197d1481b1c243116b3cd99ad8e29415327800671799fdad24cbac4da996e102318d8ecdb6d7e5c2391c6e7e295dfa735968bcb75f911ffe4f32b37038c4f8ff70852b4e9abef48fe560fb8b184c75df4e7aaec43972b398e2f2d15b59b7212676e66350ab450c20851bacabd60011de8c4cbdc4ab27fba8e69cc3a923ebe21b2948a7", 0xda}, {&(0x7f0000002ac0)="202bef55b2542382ef4eb9f6bf81494ca3a1379b16525892a90bc392f8072de7254a68", 0x23}, {&(0x7f0000002b00)="07b48c568068cce89ba77c8df632062d6a814c50abccd7586c19e0e05134531dd655fa17b9f5407bb8f689bcc076521229e66638dcc66c0d5ed1cdcfdf95bdbcc47d811087dd2463b963b4befebfd7b053e1ea5dbbd80a0552be074a3c87d36168c40e5497ad0ff1daae8a5d3a285e76277b0ea27438505174332a3add3cf864d0dc29f4597b1406031dc555cce5e3b6d57510bdceef744ce44bb1ad77b200bc006995068ead00eefc06c9b7165e6990c1731d61ebf214a8026e7b99714d749ff4331dca03d18e83fc56fe3a597d014509721a02b51a37f1db6825661d85fbbaf5f5a389c8ed38e6ba7b", 0xea}, {&(0x7f0000002c00)="337eaa5964910c815c130b51d868983a9eda33a92effac303ee9fe89a8590f03761605288b1dbf6f861cba67ab6fcc22e1c7c2ff30aae327bdc8060f5b7dfe08004a1ee23f793501fe4ef5847b22487c068769eeb58edfd68e8956af002611c2ce3bf2cb99ba7f430d28f1e9f8e88fe2dfb4186c99986edf32aeecae8861d68ba3e6103adc2eefd8b657b7df0f48a30370d1378aa5a6d9a902b759a223c61b9c949616a4f145304b11d8ddf3691728c3beaef3f031aaf8df3750a7f01d4f2166ead81af12001af84a22fb2b0401734f4f0f9417255894fdaec5a2b41ff1c9f641d9a1e36d5354f58929e445ae1", 0xed}], 0x5, 0xfffffffc, 0x3f) readlinkat(r4, &(0x7f0000002d80)='./file0\x00', &(0x7f0000002dc0)=""/59, 0x3b) fchmodat(r3, &(0x7f0000002e00)='./file1\x00', 0x1) poll(&(0x7f0000002e40)=[{r0, 0x2022}], 0x1, 0x3) r6 = dup2(r4, r4) ioctl$sock_SIOCADDRT(r6, 0x890b, &(0x7f0000002ec0)={0x0, @hci={0x1f, 0x0, 0x5}, @nfc={0x27, 0x0, 0x2, 0x1}, @hci={0x1f, 0x1, 0x1}, 0x1f, 0x0, 0x0, 0x0, 0x3, &(0x7f0000002e80)='bond_slave_0\x00', 0xffff, 0x45}) ioctl$F2FS_IOC_GET_PIN_FILE(r4, 0x8004f50e, &(0x7f0000002f40)) ioctl$F2FS_IOC_RESIZE_FS(r3, 0x4008f510, &(0x7f0000002f80)=0x1) pidfd_getfd(0xffffffffffffffff, r4, 0x0) 19:49:35 executing program 2: ioctl$sock_inet_SIOCRTMSG(0xffffffffffffffff, 0x890d, &(0x7f0000000040)={0x0, {0x2, 0x4e21, @multicast2}, {0x2, 0x4e20, @loopback}, {0x2, 0x4e23, @multicast1}, 0x218, 0x0, 0x0, 0x0, 0x3, &(0x7f0000000000)='batadv_slave_0\x00', 0x0, 0x101, 0x8}) getsockname$inet(0xffffffffffffffff, &(0x7f00000000c0)={0x2, 0x0, @broadcast}, &(0x7f0000000100)=0x10) r0 = dup(0xffffffffffffffff) getsockopt$inet_mreqn(r0, 0x0, 0x20, &(0x7f0000000140)={@local, @multicast2, 0x0}, &(0x7f0000000180)=0xc) ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r0, 0x89f2, &(0x7f0000000300)={'ip6gre0\x00', &(0x7f0000000280)={'syztnl2\x00', r1, 0x4, 0x5f, 0x2, 0x80, 0x4, @mcast1, @private1, 0x700, 0x8, 0x400, 0x2}}) setsockopt$packet_add_memb(0xffffffffffffffff, 0x107, 0x1, &(0x7f0000000340)={r2, 0x1, 0x6, @random="a06149ff9beb"}, 0x10) r3 = dup3(0xffffffffffffffff, r0, 0x0) sendfile(r0, r3, &(0x7f0000000380)=0x3f, 0x9) ioctl$sock_inet_tcp_SIOCINQ(r3, 0x541b, &(0x7f00000003c0)) r4 = syz_open_dev$mouse(&(0x7f0000003c80), 0x4, 0xc2800) ioctl$AUTOFS_IOC_EXPIRE_MULTI(r4, 0x40049366, &(0x7f0000003cc0)=0x5) getsockopt$inet_mreqn(r0, 0x0, 0x24, &(0x7f0000003d00)={@dev, @loopback}, &(0x7f0000003d40)=0xc) ioctl$F2FS_IOC_GARBAGE_COLLECT_RANGE(r0, 0x4018f50b, &(0x7f0000003d80)={0x0, 0xf94, 0x40d}) ioctl$int_out(r4, 0x2, &(0x7f0000003dc0)) getsockopt$IP_VS_SO_GET_INFO(r3, 0x0, 0x481, &(0x7f0000003e00), &(0x7f0000003e40)=0xc) r5 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000003e80), 0x200100, 0x0) ioctl$BTRFS_IOC_DEV_REPLACE(r5, 0xca289435, &(0x7f0000003ec0)={0x0, 0x2, @status={[0x4, 0x40, 0x4, 0x7, 0x0, 0xffffffffffffcb97]}, [0x3, 0x7fffffff, 0x2, 0x5, 0xfb, 0x866, 0xadc1, 0x5, 0x4, 0x3, 0x100000000, 0x7, 0x9, 0xff, 0x75, 0x300000000000, 0x1, 0x4fd, 0x8001, 0x100000000, 0x68f7, 0x8, 0x6, 0x7, 0x8000, 0x7, 0x3d0, 0xff, 0x7, 0xffffffffffffff31, 0x7fff, 0xfffffffffffffffb, 0x20, 0x8, 0x5, 0x5c, 0x2, 0xa3f3, 0x1, 0x8000, 0x5d, 0x0, 0xffffffffffffff81, 0x2, 0x4, 0x0, 0x81, 0xf87b, 0xfff, 0xff, 0x40, 0x8, 0xaf, 0x6, 0x3, 0x4, 0x5, 0x604c5810, 0x1f, 0x7, 0x0, 0x9, 0x7]}) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r3, 0x81f8943c, &(0x7f0000004900)) ioctl$KDGKBTYPE(r5, 0x4b33, &(0x7f0000004b00)) ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(0xffffffffffffffff, 0xc018937e, &(0x7f0000004bc0)={{0x1, 0x1, 0x18, 0xffffffffffffffff, @out_args}, './file0\x00'}) 19:49:35 executing program 3: clone3(&(0x7f0000001180)={0x0, &(0x7f0000000000), &(0x7f0000000040)=0x0, &(0x7f0000000080), {0x35}, &(0x7f00000000c0)=""/4096, 0x1000, &(0x7f00000010c0)=""/66, &(0x7f0000001140)=[0xffffffffffffffff, 0xffffffffffffffff], 0x2}, 0x58) fcntl$setown(0xffffffffffffffff, 0x8, r0) r1 = socket$packet(0x11, 0x3, 0x300) ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(0xffffffffffffffff, 0xc018937d, &(0x7f0000001200)={{0x1, 0x1, 0x18, r1, {0x4}}, './file0\x00'}) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000001240)={0x2, 0x2000}, 0x4) ioctl$BTRFS_IOC_DEV_REPLACE(r2, 0xca289435, &(0x7f0000001280)={0x0, 0x80000001, @status={[0x20d9, 0x9, 0x5, 0x0, 0x7, 0x3]}, [0x6, 0x3, 0x8, 0x7fffffff, 0x40, 0xa052, 0x100010000000, 0x1c000000000, 0x0, 0x0, 0xfffffffffffffffa, 0x9, 0x8000, 0x8c1d, 0x566d, 0x5, 0x3, 0x4, 0x10000, 0x7fffffff, 0x101, 0x9, 0x1, 0x8, 0xffffffffffff9741, 0xe46, 0x1, 0x4ddd, 0x5, 0x7f, 0xffff, 0xfffffffffffffff8, 0x8, 0x2, 0xf52, 0x8, 0x3, 0xffffffff, 0x14, 0xfffffffffffffffa, 0x8, 0x4, 0xffffffffffffc78d, 0x81, 0x2, 0x8, 0x1, 0x2, 0xfff, 0x7, 0x1, 0x8db, 0xe4, 0x2, 0x6, 0x81, 0x8, 0x1, 0x2, 0x89, 0x80000001, 0xc6d4, 0x1, 0x2]}) ioctl$AUTOFS_IOC_EXPIRE(r2, 0x810c9365, &(0x7f0000001cc0)={{0x5, 0x4}, 0x100, './file0\x00'}) clone3(&(0x7f0000002080)={0x304000000, &(0x7f0000001e00), &(0x7f0000001e40), &(0x7f0000001e80), {0x36}, &(0x7f0000001ec0)=""/75, 0x4b, &(0x7f0000001f40)=""/243, &(0x7f0000002040)=[r0, r0], 0x2}, 0x58) fallocate(0xffffffffffffffff, 0xe, 0x7, 0x2) syz_io_uring_submit(0x0, 0x0, &(0x7f0000002140)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x4, 0x0, 0x800, 0x1, &(0x7f0000002100)="4b69be88190cb07b63affd6a3cb34daf2ab756dc2ab2", 0x8f}, 0xcfe) r3 = accept$inet6(r2, &(0x7f0000002180), &(0x7f00000021c0)=0x1c) ioctl$F2FS_IOC_DEFRAGMENT(r3, 0xc010f508, &(0x7f0000002200)={0x40, 0x7fff}) r4 = openat$ptp0(0xffffffffffffff9c, &(0x7f0000002240), 0x2000, 0x0) r5 = fcntl$dupfd(r3, 0x0, r4) io_uring_register$IORING_UNREGISTER_EVENTFD(r5, 0x5, 0x0, 0x0) setsockopt$inet6_opts(r2, 0x29, 0x3b, &(0x7f0000002280)=@hopopts={0x89, 0x1b, '\x00', [@enc_lim={0x4, 0x1, 0x3}, @generic={0xff, 0xa9, "00d15c0e6ef01d57c61ee344288b143e6c0331c6344a79c1482384e0b06773ef6c2c6259b3743ab000f4db0ce593ef59cf585b2620c0f6a1fd2cc9a9b3196103f61b8b3f703236eb23e68d4598cc99849b324b2044e61884b6d8e749a3e16d30b6de2c6aa21463f27a2277201bd370c385d1c634e8b3a702b3aacfce23557e74fa272ac61bc215129d091a6ed612a24e8f157658fc48247f285e21dc89a109b18ca8bfcef5c2536aa6"}, @enc_lim={0x4, 0x1, 0x81}, @jumbo={0xc2, 0x4, 0x1}, @hao={0xc9, 0x10, @ipv4={'\x00', '\xff\xff', @broadcast}}, @hao={0xc9, 0x10, @empty}]}, 0xe8) ioctl$BTRFS_IOC_DEV_REPLACE(r3, 0xca289435, &(0x7f0000002380)={0x3, 0x1, @status={[0x1, 0x7, 0x4, 0x9, 0x4, 0x8]}, [0x9, 0x4, 0x8001, 0x5, 0xff, 0x2, 0x2, 0x9, 0x2, 0xfffffffffffffc93, 0x80000001, 0x4, 0x37b, 0xfffffffffffffffb, 0x0, 0xdd9, 0x812, 0xd25b, 0x6, 0x8, 0x1, 0x400000000000, 0x9, 0x10000, 0x100000000, 0x2, 0x3, 0x8, 0x5c3aa170, 0x1, 0x3, 0x7, 0x20, 0xa601, 0x7ff, 0xff, 0xfff, 0x5, 0x1, 0x7fffffff, 0xefa, 0x3a, 0x6, 0x401, 0x9, 0x80000000, 0x3, 0x6, 0x8, 0x8, 0x5, 0x101, 0x1, 0x0, 0xfa, 0x6, 0x8, 0x2, 0xc8de, 0x0, 0xfffffffffffffff9, 0xff, 0x4, 0x5]}) perf_event_open(&(0x7f0000002dc0)={0x0, 0x80, 0xb, 0x26, 0xff, 0x3f, 0x0, 0x7, 0x2040, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, @perf_config_ext={0xfff, 0x80}, 0x42000, 0x4, 0xffff, 0x8, 0x10001, 0x8, 0x200, 0x0, 0x8000, 0x0, 0xffff}, 0x0, 0x4, r2, 0x2) setsockopt$packet_add_memb(r5, 0x107, 0x1, &(0x7f0000002e40)={0x0, 0x1, 0x6, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x2c}}, 0x10) openat$cgroup_subtree(r2, &(0x7f0000002e80), 0x2, 0x0) 19:49:35 executing program 4: ioctl$FS_IOC_REMOVE_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0406618, &(0x7f0000000000)={@id={0x2, 0x0, @b}}) fcntl$setsig(0xffffffffffffffff, 0xa, 0x23) ioctl$FS_IOC_REMOVE_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0406618, &(0x7f0000000040)={@desc={0x1, 0x0, @desc3}}) ioctl$BTRFS_IOC_RM_DEV_V2(0xffffffffffffffff, 0x5000943a, &(0x7f0000000100)={{}, 0x0, 0x8, @inherit={0x50, &(0x7f0000000080)={0x1, 0x1, 0x6c, 0xffffffffffffffc0, {0x0, 0x401, 0x80, 0x5, 0xff}, [0x1ff]}}, @subvolid=0x2}) r0 = openat$nvram(0xffffffffffffff9c, &(0x7f0000001100), 0x101000, 0x0) ioctl$BTRFS_IOC_BALANCE_V2(0xffffffffffffffff, 0xc4009420, &(0x7f0000001140)={0x1c, 0xf, {0x400, @struct={0x7}, 0x0, 0x4, 0x8, 0x8, 0x4, 0x3, 0x570, @struct={0x8001, 0x2}, 0x3, 0x0, [0x1, 0x80000001, 0xef7, 0xe6, 0x0, 0x3]}, {0x1ff, @usage=0xfffffffffffffffd, 0x0, 0x1, 0x6, 0x649300000000, 0x1, 0xffff, 0x51, @usage=0x1, 0x1, 0x4, [0x960c, 0x1f, 0x9, 0x7, 0x7fff, 0x80]}, {0x100000001, @usage=0x5, 0x0, 0x7, 0x9, 0x6, 0x8001, 0x2, 0x80, @usage=0x3, 0x900d, 0x101, [0x5, 0x4, 0x9, 0x7fffffff, 0x3, 0x7ff]}, {0x7d505249, 0x3f, 0x9}}) ioctl$BTRFS_IOC_SNAP_DESTROY_V2(0xffffffffffffffff, 0x5000943f, &(0x7f0000001540)={{r0}, 0x0, 0x5, @unused=[0x80000000, 0x2, 0x9, 0x4965f404], @devid=r1}) r2 = fcntl$dupfd(0xffffffffffffffff, 0x0, r0) ioctl$CDROMSEEK(r2, 0x5316, &(0x7f0000002540)={0x8, 0x4, 0x5, 0x1d, 0x1, 0x9}) r3 = openat$cgroup_type(r2, &(0x7f0000002580), 0x2, 0x0) ioctl$BTRFS_IOC_QGROUP_ASSIGN(r3, 0x40189429, &(0x7f00000025c0)={0x0, 0x8, 0x3}) openat$cgroup_netprio_ifpriomap(r2, &(0x7f0000002600), 0x2, 0x0) ioctl$EXT4_IOC_GROUP_EXTEND(r0, 0x40086607, &(0x7f0000002640)=0x3) pipe(&(0x7f0000002680)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$FS_IOC_REMOVE_ENCRYPTION_KEY_ALL_USERS(r5, 0xc0406619, &(0x7f00000026c0)={@desc={0x1, 0x0, @desc1}}) fallocate(r0, 0x8, 0x5, 0x0) ioctl$BTRFS_IOC_TREE_SEARCH_V2(r4, 0xc0709411, &(0x7f0000002700)={{0x0, 0x6, 0xffffffffffffff8e, 0xa7, 0x8064586, 0x984e, 0x0, 0x6, 0x4, 0x696f, 0x3f, 0x8, 0x10001, 0x9, 0x8}, 0x20, [0x0, 0x0, 0x0, 0x0]}) creat(&(0x7f00000027c0)='./file0\x00', 0x44) r6 = open_tree(r2, &(0x7f0000002800)='./file0\x00', 0x1) ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r5, 0xc0189375, &(0x7f0000002840)={{0x1, 0x1, 0x18, r6}, './file0\x00'}) [ 65.893263] audit: type=1400 audit(1664912975.683:6): avc: denied { execmem } for pid=283 comm="syz-executor.0" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1 19:49:35 executing program 5: ioctl$FITHAW(0xffffffffffffffff, 0xc0045878) ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000000)={{0x1, 0x1, 0x18, 0xffffffffffffffff}, './file0\x00'}) stat(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) getsockopt$inet6_IPV6_IPSEC_POLICY(r0, 0x29, 0x22, &(0x7f00000001c0)={{{@in6=@loopback, @in6=@ipv4={""/10, ""/2, @initdev}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@loopback}, 0x0, @in=@loopback}}, &(0x7f00000002c0)=0xe8) getresgid(&(0x7f0000000300), &(0x7f0000000340), &(0x7f0000000380)=0x0) mount$9p_unix(&(0x7f0000000100)='./file0\x00', &(0x7f0000000140)='./file0/file0\x00', &(0x7f0000000180), 0x0, &(0x7f00000003c0)={'trans=unix,', {[{@version_9p2000}, {@dfltuid={'dfltuid', 0x3d, r3}}, {@dfltgid={'dfltgid', 0x3d, r4}}, {@version_9p2000}], [{@measure}, {@rootcontext={'rootcontext', 0x3d, 'system_u'}}, {@permit_directio}, {@dont_appraise}, {@pcr={'pcr', 0x3d, 0x37}}, {@fowner_lt={'fowner<', r1}}, {@permit_directio}, {@obj_type={'obj_type', 0x3d, '-.$\''}}]}}) mount$9p_unix(&(0x7f00000004c0)='./file0/file0\x00', &(0x7f0000000500)='./file0/../file0\x00', &(0x7f0000000540), 0x400, &(0x7f0000000580)={'trans=unix,', {[{@posixacl}, {@afid={'afid', 0x3d, 0x9}}, {@dfltuid={'dfltuid', 0x3d, r1}}, {@loose}, {@nodevmap}], [{@seclabel}, {@subj_type={'subj_type', 0x3d, 'permit_directio'}}, {@fowner_gt={'fowner>', 0xee01}}, {@fsmagic={'fsmagic', 0x3d, 0x6}}, {@dont_measure}]}}) lchown(&(0x7f0000000640)='./file0/file0\x00', r1, 0xee00) r5 = getegid() lsetxattr$system_posix_acl(&(0x7f0000000680)='./file0\x00', &(0x7f00000006c0)='system.posix_acl_default\x00', &(0x7f0000000700)={{}, {0x1, 0x2}, [{0x2, 0x2, r1}, {0x2, 0x2, r1}, {0x2, 0x3, r3}, {0x2, 0x0, r1}, {0x2, 0x4, r3}, {0x2, 0x0, 0xee00}], {}, [{0x8, 0x0, r4}, {0x8, 0x3, r2}, {0x8, 0x4, r4}, {0x8, 0x6, r2}, {0x8, 0x0, r5}], {0x10, 0x6}}, 0x7c, 0x1) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f00000007c0)={0x0, 0x0}, &(0x7f0000000800)=0xc) lchown(&(0x7f0000000780)='./file0/../file0\x00', r6, r2) mount$9p_unix(&(0x7f0000000840)='./file1\x00', &(0x7f0000000880)='./file0/file0\x00', &(0x7f00000008c0), 0x8000, &(0x7f0000000900)={'trans=unix,', {[{@cache_mmap}, {@cache_none}, {@version_u}, {@version_9p2000}], [{@fowner_eq={'fowner', 0x3d, r1}}, {@smackfsfloor={'smackfsfloor', 0x3d, 'loose'}}, {@obj_type={'obj_type', 0x3d, '()'}}, {@context={'context', 0x3d, 'staff_u'}}, {@obj_type}]}}) umount2(&(0x7f00000009c0)='./file0/file0\x00', 0x3) recvmmsg$unix(r0, &(0x7f0000007a40)=[{{&(0x7f0000000b40), 0x6e, &(0x7f00000011c0)=[{&(0x7f0000000bc0)=""/142, 0x8e}, {&(0x7f0000000c80)}, {&(0x7f0000000cc0)=""/64, 0x40}, {&(0x7f0000000d00)=""/142, 0x8e}, {&(0x7f0000000dc0)=""/82, 0x52}, {&(0x7f0000000e40)=""/252, 0xfc}, {&(0x7f0000000f40)=""/232, 0xe8}, {&(0x7f0000001040)=""/250, 0xfa}, {&(0x7f0000001140)=""/75, 0x4b}], 0x9, &(0x7f0000001280)=[@rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0x28}}, {{&(0x7f00000012c0), 0x6e, &(0x7f0000002700)=[{&(0x7f0000001340)=""/67, 0x43}, {&(0x7f00000013c0)=""/4096, 0x1000}, {&(0x7f00000023c0)=""/192, 0xc0}, {&(0x7f0000002480)=""/183, 0xb7}, {&(0x7f0000002540)=""/210, 0xd2}, {&(0x7f0000002640)=""/63, 0x3f}, {&(0x7f0000002680)=""/68, 0x44}], 0x7, &(0x7f0000002780)=[@cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}], 0x60}}, {{&(0x7f0000002800)=@abs, 0x6e, &(0x7f0000003c00)=[{&(0x7f0000002880)=""/205, 0xcd}, {&(0x7f0000002980)=""/44, 0x2c}, {&(0x7f00000029c0)=""/144, 0x90}, {&(0x7f0000002a80)=""/84, 0x54}, {&(0x7f0000002b00)=""/4096, 0x1000}, {&(0x7f0000003b00)=""/70, 0x46}, {&(0x7f0000003b80)=""/97, 0x61}], 0x7, &(0x7f0000003c80)=[@rights={{0x20, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x20, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}], 0x60}}, {{0x0, 0x0, &(0x7f0000004180)=[{&(0x7f0000003d00)=""/193, 0xc1}, {&(0x7f0000003e00)=""/143, 0x8f}, {&(0x7f0000003ec0)=""/236, 0xec}, {&(0x7f0000003fc0)=""/203, 0xcb}, {&(0x7f00000040c0)=""/29, 0x1d}, {&(0x7f0000004100)=""/99, 0x63}], 0x6, &(0x7f0000004200)=[@cred={{0x1c}}, @rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}], 0x70}}, {{&(0x7f0000004280)=@abs, 0x6e, &(0x7f0000004600)=[{&(0x7f0000004300)=""/85, 0x55}, {&(0x7f0000004380)=""/183, 0xb7}, {&(0x7f0000004440)=""/169, 0xa9}, {&(0x7f0000004500)=""/224, 0xe0}], 0x4, &(0x7f0000004640)=[@rights={{0x2c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0xa0}}, {{&(0x7f0000004700)=@abs, 0x6e, &(0x7f0000005780)=[{&(0x7f0000004780)=""/4096, 0x1000}], 0x1, &(0x7f00000057c0)=[@rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x20, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0x68}}, {{&(0x7f0000005840), 0x6e, &(0x7f00000058c0), 0x0, &(0x7f0000005900)=[@cred={{0x1c}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0x48}}, {{&(0x7f0000005980), 0x6e, &(0x7f0000005e40)=[{&(0x7f0000005a00)=""/41, 0x29}, {&(0x7f0000005a40)=""/228, 0xe4}, {&(0x7f0000005b40)=""/18, 0x12}, {&(0x7f0000005b80)=""/188, 0xbc}, {&(0x7f0000005c40)=""/19, 0x13}, {&(0x7f0000005c80)=""/77, 0x4d}, {&(0x7f0000005d00)=""/189, 0xbd}, {&(0x7f0000005dc0)=""/110, 0x6e}], 0x8, &(0x7f0000005ec0)=[@cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}], 0x98}}, {{0x0, 0x0, &(0x7f0000007640)=[{&(0x7f0000005f80)=""/230, 0xe6}, {&(0x7f0000006080)=""/4096, 0x1000}, {&(0x7f0000007080)=""/155, 0x9b}, {&(0x7f0000007140)=""/217, 0xd9}, {&(0x7f0000007240)=""/216, 0xd8}, {&(0x7f0000007340)=""/237, 0xed}, {&(0x7f0000007440)=""/196, 0xc4}, {&(0x7f0000007540)=""/194, 0xc2}], 0x8}}, {{&(0x7f00000076c0)=@abs, 0x6e, &(0x7f0000007980)=[{&(0x7f0000007740)=""/60, 0x3c}, {0xfffffffffffffffd}, {&(0x7f0000007780)=""/55, 0x37}, {&(0x7f00000077c0)=""/20, 0x14}, {&(0x7f0000007800)=""/104, 0x68}, {&(0x7f0000007880)=""/229, 0xe5}], 0x6, &(0x7f0000007a00)=[@cred={{0x1c, 0x1, 0x2, {0x0, 0x0}}}], 0x20}}], 0xa, 0x101, &(0x7f0000007cc0)) statx(r0, &(0x7f0000007d00)='./file0/file0\x00', 0x400, 0x80, &(0x7f0000007d40)={0x0, 0x0, 0x0, 0x0, 0x0}) mount$9p_xen(&(0x7f0000000a00), &(0x7f0000000a40)='./file1\x00', &(0x7f0000000a80), 0xc, &(0x7f0000007e40)={'trans=xen,', {[{@version_9p2000}, {@uname={'uname', 0x3d, '%('}}], [{@subj_type={'subj_type', 0x3d, 'permit_directio'}}, {@fowner_eq={'fowner', 0x3d, r9}}, {@obj_user}, {@fowner_eq={'fowner', 0x3d, r10}}, {@func={'func', 0x3d, 'PATH_CHECK'}}, {@euid_lt={'euid<', r6}}, {@euid_eq={'euid', 0x3d, r1}}]}}) mount(&(0x7f0000007f40)=@sg0, &(0x7f0000007f80)='./file0\x00', &(0x7f0000007fc0)='rootfs\x00', 0x4010, &(0x7f0000008000)='-&!&^:]\x00') ioctl$AUTOFS_DEV_IOCTL_PROTOVER(r7, 0xc0189372, &(0x7f0000008040)={{0x1, 0x1, 0x18, r8, {0x5678}}, './file2\x00'}) ioctl$sock_inet_tcp_SIOCOUTQ(r11, 0x5411, &(0x7f0000008080)) 19:49:35 executing program 7: prctl$PR_CAPBSET_READ(0x17, 0x15) prctl$PR_CAPBSET_READ(0x17, 0x7) prctl$PR_CAPBSET_READ(0x17, 0x7) prctl$PR_CAPBSET_READ(0x17, 0x10) prctl$PR_CAPBSET_READ(0x17, 0x5) prctl$PR_CAPBSET_READ(0x17, 0x19) prctl$PR_CAPBSET_READ(0x17, 0x23) prctl$PR_CAPBSET_READ(0x17, 0x26) prctl$PR_CAPBSET_READ(0x17, 0x3) prctl$PR_CAPBSET_READ(0x17, 0x9) prctl$PR_CAPBSET_READ(0x17, 0x1d) prctl$PR_CAPBSET_READ(0x17, 0x14) prctl$PR_CAPBSET_READ(0x17, 0x12) prctl$PR_CAPBSET_READ(0x17, 0x12) prctl$PR_CAPBSET_READ(0x17, 0x17) prctl$PR_CAPBSET_READ(0x17, 0xb) prctl$PR_CAPBSET_READ(0x17, 0x1d) prctl$PR_CAPBSET_READ(0x17, 0x1a) prctl$PR_CAPBSET_READ(0x17, 0xc) prctl$PR_CAPBSET_READ(0x17, 0x1e) 19:49:35 executing program 6: mkdirat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs2\x00', 0x1ff) mkdirat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs2\x00', 0x1ff) mkdirat$binderfs(0xffffffffffffff9c, &(0x7f0000000080)='./binderfs\x00', 0x1ff) mkdirat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs\x00', 0x1ff) mkdirat$binderfs(0xffffffffffffff9c, &(0x7f0000000100)='./binderfs\x00', 0x1ff) mkdirat$binderfs(0xffffffffffffff9c, &(0x7f0000000140)='./binderfs\x00', 0x1ff) mkdirat$binderfs(0xffffffffffffff9c, &(0x7f0000000180)='./binderfs\x00', 0x1ff) mkdirat$binderfs(0xffffffffffffff9c, &(0x7f00000001c0)='./binderfs\x00', 0x1ff) mkdirat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs\x00', 0x1ff) mkdirat$binderfs(0xffffffffffffff9c, &(0x7f0000000240)='./binderfs2\x00', 0x1ff) mkdirat$binderfs(0xffffffffffffff9c, &(0x7f0000000280)='./binderfs2\x00', 0x1ff) mkdirat$binderfs(0xffffffffffffff9c, &(0x7f00000002c0)='./binderfs\x00', 0x1ff) mkdirat$binderfs(0xffffffffffffff9c, &(0x7f0000000300)='./binderfs2\x00', 0x1ff) mkdirat$binderfs(0xffffffffffffff9c, &(0x7f0000000340)='./binderfs2\x00', 0x1ff) syz_usb_connect$cdc_ncm(0x4, 0x95, &(0x7f0000000380)={{0x12, 0x1, 0x310, 0x2, 0x0, 0x0, 0x8, 0x525, 0xa4a1, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x83, 0x2, 0x1, 0x40, 0x20, 0x2, {{0x9, 0x4, 0x0, 0x0, 0x1, 0x2, 0xd, 0x0, 0x0, {{0x5}, {0x5, 0x24, 0x0, 0x1000}, {0xd, 0x24, 0xf, 0x1, 0xff, 0x34a8, 0xff, 0x5}, {0x6, 0x24, 0x1a, 0x401, 0x20}, [@country_functional={0xa, 0x24, 0x7, 0xb7, 0x81, [0xe5, 0xff]}, @mbim={0xc, 0x24, 0x1b, 0x4, 0x4, 0x3f, 0x6, 0x5, 0x6}, @country_functional={0xc, 0x24, 0x7, 0x1, 0x3, [0x8000, 0x0, 0x9]}, @call_mgmt={0x5, 0x24, 0x1, 0x1, 0xd6}]}, {{0x9, 0x5, 0x81, 0x3, 0x40, 0x3, 0x3f, 0x12}}}, {}, {0x9, 0x4, 0x1, 0x1, 0x2, 0x2, 0xd, 0x0, 0x0, "", {{{0x9, 0x5, 0x82, 0x2, 0x208, 0x5, 0x1, 0x7}}, {{0x9, 0x5, 0x3, 0x2, 0x200, 0x4, 0x9}}}}}}}]}}, &(0x7f0000000600)={0xa, &(0x7f0000000440)={0xa, 0x6, 0x200, 0x9, 0xff, 0xec, 0x20}, 0x5, &(0x7f0000000480)={0x5, 0xf, 0x5}, 0x2, [{0xf6, &(0x7f00000004c0)=@string={0xf6, 0x3, "a44b957df1b69d726e2bf08bfdb63dae4afeb74949169871d43b6cfff7e275d982e8d8d86836a5dfc3dbe5d435686741b877448ddbd8060309c4291d6db94d85a4a9b0981d96bec876d11d74e2b7b0d3e1b173fbd02f9514260049739d8c730d024da4ba742cb3a86e616f2074a627539b59fb92f39ecf7221f2013f5e2532c9f7f94fd4d2c73150e7ebc54c7bea1ae6a7383fce42a6a281cce6a6f3e643364d49b333046424fb4e3c1d55a71cd5e7d8db828168ad5baeb5fde074c9ca0bd7ca9d09c7819d321ca18a5ec5f5cee8aa26b97e15d45ecd1398937fd79c33efad859dbfb79734472f7e25273549c7614dd61498f4e6"}}, {0x4, &(0x7f00000005c0)=@lang_id={0x4, 0x3, 0x1407}}]}) mkdirat$binderfs(0xffffffffffffff9c, &(0x7f0000000640)='./binderfs\x00', 0x1ff) mkdirat$binderfs(0xffffffffffffff9c, &(0x7f0000000680)='./binderfs2\x00', 0x1ff) mkdirat$binderfs(0xffffffffffffff9c, &(0x7f00000006c0)='./binderfs2\x00', 0x1ff) mkdirat$binderfs(0xffffffffffffff9c, &(0x7f0000000700)='./binderfs2\x00', 0x1ff) mkdirat$binderfs(0xffffffffffffff9c, &(0x7f0000000740)='./binderfs2\x00', 0x1ff) [ 67.088184] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 67.090990] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 67.093566] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 67.097046] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 67.099135] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 67.101067] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 67.105714] Bluetooth: hci0: HCI_REQ-0x0c1a [ 67.142188] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 67.144902] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 67.147376] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 67.150560] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 67.153277] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 67.154533] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 67.169552] Bluetooth: hci1: HCI_REQ-0x0c1a [ 67.222166] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 67.232747] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 67.234227] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 67.236834] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 67.238376] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 67.239802] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 67.241342] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 67.243049] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 67.246149] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 67.247388] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 67.249395] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 67.251024] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 67.253188] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 67.256035] Bluetooth: hci7: HCI_REQ-0x0c1a [ 67.266906] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 67.268281] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 67.270135] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 67.271382] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 67.273006] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 67.276749] Bluetooth: hci6: HCI_REQ-0x0c1a [ 67.280101] Bluetooth: hci3: HCI_REQ-0x0c1a [ 67.281470] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 67.298683] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 67.301289] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 67.304320] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 67.312810] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 67.314048] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 67.316808] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 67.339931] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 67.344313] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 67.345318] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 67.361005] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 67.364390] Bluetooth: hci2: HCI_REQ-0x0c1a [ 67.367064] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 67.395504] Bluetooth: hci5: HCI_REQ-0x0c1a [ 69.171006] Bluetooth: hci0: command 0x0409 tx timeout [ 69.235016] Bluetooth: hci4: Opcode 0x c03 failed: -110 [ 69.237156] Bluetooth: hci1: command 0x0409 tx timeout [ 69.298776] Bluetooth: hci3: command 0x0409 tx timeout [ 69.299758] Bluetooth: hci6: command 0x0409 tx timeout [ 69.300628] Bluetooth: hci7: command 0x0409 tx timeout [ 69.426702] Bluetooth: hci5: command 0x0409 tx timeout [ 69.428177] Bluetooth: hci2: command 0x0409 tx timeout [ 71.219368] Bluetooth: hci0: command 0x041b tx timeout [ 71.283686] Bluetooth: hci1: command 0x041b tx timeout [ 71.346698] Bluetooth: hci7: command 0x041b tx timeout [ 71.347093] Bluetooth: hci6: command 0x041b tx timeout [ 71.347456] Bluetooth: hci3: command 0x041b tx timeout [ 71.474690] Bluetooth: hci2: command 0x041b tx timeout [ 71.475111] Bluetooth: hci5: command 0x041b tx timeout [ 73.267724] Bluetooth: hci0: command 0x040f tx timeout [ 73.330740] Bluetooth: hci1: command 0x040f tx timeout [ 73.394799] Bluetooth: hci3: command 0x040f tx timeout [ 73.394894] Bluetooth: hci6: command 0x040f tx timeout [ 73.395659] Bluetooth: hci7: command 0x040f tx timeout [ 73.522835] Bluetooth: hci5: command 0x040f tx timeout [ 73.522924] Bluetooth: hci2: command 0x040f tx timeout [ 74.354652] Bluetooth: hci4: Opcode 0x c03 failed: -110 [ 75.314668] Bluetooth: hci0: command 0x0419 tx timeout [ 75.378712] Bluetooth: hci1: command 0x0419 tx timeout [ 75.442678] Bluetooth: hci6: command 0x0419 tx timeout [ 75.442701] Bluetooth: hci7: command 0x0419 tx timeout [ 75.442738] Bluetooth: hci3: command 0x0419 tx timeout [ 75.570948] Bluetooth: hci5: command 0x0419 tx timeout [ 75.571689] Bluetooth: hci2: command 0x0419 tx timeout [ 78.898635] Bluetooth: hci4: Opcode 0x c03 failed: -110 [ 81.400335] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 81.402337] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 81.404805] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 81.407853] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 81.409384] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 81.410942] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 81.418261] Bluetooth: hci4: HCI_REQ-0x0c1a [ 83.442712] Bluetooth: hci4: command 0x0409 tx timeout [ 85.490660] Bluetooth: hci4: command 0x041b tx timeout [ 87.539670] Bluetooth: hci4: command 0x040f tx timeout [ 89.587689] Bluetooth: hci4: command 0x0419 tx timeout 19:50:32 executing program 2: syz_mount_image$vfat(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) r0 = syz_open_dev$tty20(0xc, 0x4, 0x1) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0x0, 0xfffd, 0x0, 0x8}) ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000080)) write(r0, &(0x7f0000000000)="58eca2371f240992157b2c5db411d43f24e9d0434502a379e34d6fa142664a0d9daa0a6672009eb4692a1e56594f1a6d08d2376e486826dee0c6308882fad9fa8fbd2131dcbe6863caab70d3efe7dbd6ddddda43e7e89a19ffad3969d898276100ea4a97fa1eb375ff41e4cd2fb645c48b396584b11cda591dad85392c586385d2f49a1bc96daf648085400a4385f93726ea3df00ecaaf7b3fe2def85a450cd75eca8563ca7be8786723ae6b865898d11f8e6f4754e5b77ede95cd6ebde79ae922ed077c9b4cd1702e572a963b6eaafc1bb07d80bc125629455623578d1f60233f5cf85a3ebd6ad9e5b318074868cdb69c9721b5082849aa2c53", 0xfa) stat(&(0x7f0000000240)='./file0\x00', &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0}) setresuid(0x0, r1, 0x0) open_by_handle_at(0xffffffffffffffff, 0x0, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) bind$netlink(r2, 0x0, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$ethtool(&(0x7f0000000140), r3) setsockopt$netlink_NETLINK_CAP_ACK(r3, 0x10e, 0xa, &(0x7f0000000180)=0x5, 0x4) syz_genetlink_get_family_id$fou(&(0x7f0000000480), r3) dup2(r2, r3) 19:50:32 executing program 4: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x2}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getpgid(0xffffffffffffffff) r0 = socket$inet6_udp(0xa, 0x2, 0x0) r1 = gettid() r2 = gettid() kcmp(r1, r2, 0x0, r0, r0) r3 = syz_open_procfs(0x0, &(0x7f00000003c0)='uid_map\x00') read(r3, &(0x7f0000000400)=""/146, 0x92) perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x80, 0x9, 0x0, 0x6, 0x0, 0xe86c, 0x200, 0xb, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x2, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x2, @perf_config_ext={0x4, 0x10000}, 0x10080, 0x0, 0x3, 0x5, 0x8, 0xffff, 0x9, 0x0, 0x3f, 0x0, 0x3ff}, r2, 0x9, r3, 0x2) setitimer(0x0, 0x0, 0x0) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) [ 122.901114] audit: type=1400 audit(1664913032.691:7): avc: denied { open } for pid=3719 comm="syz-executor.4" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 [ 122.904015] audit: type=1400 audit(1664913032.691:8): avc: denied { kernel } for pid=3719 comm="syz-executor.4" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 [ 122.920521] ------------[ cut here ]------------ [ 122.920555] [ 122.920561] ====================================================== [ 122.920571] WARNING: possible circular locking dependency detected [ 122.920578] 6.0.0-next-20221004 #1 Not tainted [ 122.920589] ------------------------------------------------------ [ 122.920594] syz-executor.4/3720 is trying to acquire lock: [ 122.920606] ffffffff853faaf8 ((console_sem).lock){....}-{2:2}, at: down_trylock+0xe/0x70 [ 122.920671] [ 122.920671] but task is already holding lock: [ 122.920676] ffff88800d3cc420 (&ctx->lock){....}-{2:2}, at: __perf_event_task_sched_out+0x53b/0x18d0 [ 122.920722] [ 122.920722] which lock already depends on the new lock. [ 122.920722] [ 122.920727] [ 122.920727] the existing dependency chain (in reverse order) is: [ 122.920733] [ 122.920733] -> #3 (&ctx->lock){....}-{2:2}: [ 122.920757] _raw_spin_lock+0x2a/0x40 [ 122.920778] __perf_event_task_sched_out+0x53b/0x18d0 [ 122.920799] __schedule+0xedd/0x2470 [ 122.920826] schedule+0xda/0x1b0 [ 122.920851] futex_wait_queue+0xf5/0x1e0 [ 122.920872] futex_wait+0x28e/0x690 [ 122.920891] do_futex+0x2ff/0x380 [ 122.920908] __x64_sys_futex+0x1c6/0x4d0 [ 122.920926] do_syscall_64+0x3b/0x90 [ 122.920958] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 122.920983] [ 122.920983] -> #2 (&rq->__lock){-.-.}-{2:2}: [ 122.921007] _raw_spin_lock_nested+0x30/0x40 [ 122.921028] raw_spin_rq_lock_nested+0x1e/0x30 [ 122.921051] task_fork_fair+0x63/0x4d0 [ 122.921081] sched_cgroup_fork+0x3d0/0x540 [ 122.921106] copy_process+0x4183/0x6e20 [ 122.921125] kernel_clone+0xe7/0x890 [ 122.921142] user_mode_thread+0xad/0xf0 [ 122.921161] rest_init+0x24/0x250 [ 122.921184] arch_call_rest_init+0xf/0x14 [ 122.921216] start_kernel+0x4c6/0x4eb [ 122.921272] secondary_startup_64_no_verify+0xe0/0xeb [ 122.921296] [ 122.921296] -> #1 (&p->pi_lock){-.-.}-{2:2}: [ 122.921321] _raw_spin_lock_irqsave+0x39/0x60 [ 122.921342] try_to_wake_up+0xab/0x1930 [ 122.921366] up+0x75/0xb0 [ 122.921393] __up_console_sem+0x6e/0x80 [ 122.921421] console_unlock+0x46a/0x590 [ 122.921450] do_con_write+0xc05/0x1d50 [ 122.921469] con_write+0x21/0x40 [ 122.921486] n_tty_write+0x4d4/0xfe0 [ 122.921508] file_tty_write.constprop.0+0x455/0x8a0 [ 122.921530] vfs_write+0x9c3/0xd90 [ 122.921559] ksys_write+0x127/0x250 [ 122.921587] do_syscall_64+0x3b/0x90 [ 122.921619] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 122.921643] [ 122.921643] -> #0 ((console_sem).lock){....}-{2:2}: [ 122.921668] __lock_acquire+0x2a02/0x5e70 [ 122.921698] lock_acquire+0x1a2/0x530 [ 122.921727] _raw_spin_lock_irqsave+0x39/0x60 [ 122.921747] down_trylock+0xe/0x70 [ 122.921775] __down_trylock_console_sem+0x3b/0xd0 [ 122.921805] vprintk_emit+0x16b/0x560 [ 122.921835] vprintk+0x84/0xa0 [ 122.921864] _printk+0xba/0xf1 [ 122.921885] report_bug.cold+0x72/0xab [ 122.921915] handle_bug+0x3c/0x70 [ 122.921931] exc_invalid_op+0x14/0x50 [ 122.921949] asm_exc_invalid_op+0x16/0x20 [ 122.921971] group_sched_out.part.0+0x2c7/0x460 [ 122.922004] ctx_sched_out+0x8f1/0xc10 [ 122.922034] __perf_event_task_sched_out+0x6d0/0x18d0 [ 122.922054] __schedule+0xedd/0x2470 [ 122.922080] schedule+0xda/0x1b0 [ 122.922106] futex_wait_queue+0xf5/0x1e0 [ 122.922126] futex_wait+0x28e/0x690 [ 122.922144] do_futex+0x2ff/0x380 [ 122.922162] __x64_sys_futex+0x1c6/0x4d0 [ 122.922180] do_syscall_64+0x3b/0x90 [ 122.922212] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 122.922236] [ 122.922236] other info that might help us debug this: [ 122.922236] [ 122.922240] Chain exists of: [ 122.922240] (console_sem).lock --> &rq->__lock --> &ctx->lock [ 122.922240] [ 122.922267] Possible unsafe locking scenario: [ 122.922267] [ 122.922271] CPU0 CPU1 [ 122.922275] ---- ---- [ 122.922279] lock(&ctx->lock); [ 122.922289] lock(&rq->__lock); [ 122.922300] lock(&ctx->lock); [ 122.922311] lock((console_sem).lock); [ 122.922322] [ 122.922322] *** DEADLOCK *** [ 122.922322] [ 122.922325] 2 locks held by syz-executor.4/3720: [ 122.922337] #0: ffff88806ce37e98 (&rq->__lock){-.-.}-{2:2}, at: __schedule+0x1cf/0x2470 [ 122.922392] #1: ffff88800d3cc420 (&ctx->lock){....}-{2:2}, at: __perf_event_task_sched_out+0x53b/0x18d0 [ 122.922441] [ 122.922441] stack backtrace: [ 122.922445] CPU: 0 PID: 3720 Comm: syz-executor.4 Not tainted 6.0.0-next-20221004 #1 [ 122.922468] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 122.922482] Call Trace: [ 122.922488] [ 122.922495] dump_stack_lvl+0x8b/0xb3 [ 122.922530] check_noncircular+0x263/0x2e0 [ 122.922561] ? format_decode+0x26c/0xb50 [ 122.922591] ? print_circular_bug+0x450/0x450 [ 122.922622] ? simple_strtoul+0x30/0x30 [ 122.922652] ? format_decode+0x26c/0xb50 [ 122.922685] ? alloc_chain_hlocks+0x1ec/0x5a0 [ 122.922717] __lock_acquire+0x2a02/0x5e70 [ 122.922757] ? lockdep_hardirqs_on_prepare+0x410/0x410 [ 122.922798] lock_acquire+0x1a2/0x530 [ 122.922829] ? down_trylock+0xe/0x70 [ 122.922862] ? lock_release+0x750/0x750 [ 122.922900] ? vprintk+0x84/0xa0 [ 122.922933] _raw_spin_lock_irqsave+0x39/0x60 [ 122.922954] ? down_trylock+0xe/0x70 [ 122.922985] down_trylock+0xe/0x70 [ 122.923015] ? vprintk+0x84/0xa0 [ 122.923046] __down_trylock_console_sem+0x3b/0xd0 [ 122.923079] vprintk_emit+0x16b/0x560 [ 122.923113] vprintk+0x84/0xa0 [ 122.923145] _printk+0xba/0xf1 [ 122.923168] ? record_print_text.cold+0x16/0x16 [ 122.923201] ? report_bug.cold+0x66/0xab [ 122.923236] ? group_sched_out.part.0+0x2c7/0x460 [ 122.923270] report_bug.cold+0x72/0xab [ 122.923306] handle_bug+0x3c/0x70 [ 122.923324] exc_invalid_op+0x14/0x50 [ 122.923344] asm_exc_invalid_op+0x16/0x20 [ 122.923368] RIP: 0010:group_sched_out.part.0+0x2c7/0x460 [ 122.923406] Code: 5e 41 5f e9 8b ae ef ff e8 86 ae ef ff 65 8b 1d 2b 08 ac 7e 31 ff 89 de e8 26 ab ef ff 85 db 0f 84 8a 00 00 00 e8 69 ae ef ff <0f> 0b e9 a5 fe ff ff e8 5d ae ef ff 48 8d 7d 10 48 b8 00 00 00 00 [ 122.923426] RSP: 0018:ffff8880403a78f8 EFLAGS: 00010006 [ 122.923443] RAX: 0000000040000002 RBX: 0000000000000000 RCX: 0000000000000000 [ 122.923457] RDX: ffff88801b3e5040 RSI: ffffffff81566da7 RDI: 0000000000000005 [ 122.923471] RBP: ffff888008660000 R08: 0000000000000005 R09: 0000000000000001 [ 122.923485] R10: 0000000000000000 R11: ffffffff865b601b R12: ffff88800d3cc400 [ 122.923499] R13: ffff88806ce3d2c0 R14: ffffffff8547d040 R15: 0000000000000002 [ 122.923519] ? group_sched_out.part.0+0x2c7/0x460 [ 122.923556] ? group_sched_out.part.0+0x2c7/0x460 [ 122.923593] ctx_sched_out+0x8f1/0xc10 [ 122.923629] __perf_event_task_sched_out+0x6d0/0x18d0 [ 122.923655] ? lock_is_held_type+0xd7/0x130 [ 122.923682] ? __perf_cgroup_move+0x160/0x160 [ 122.923701] ? set_next_entity+0x304/0x550 [ 122.923738] ? lock_is_held_type+0xd7/0x130 [ 122.923765] __schedule+0xedd/0x2470 [ 122.923797] ? io_schedule_timeout+0x150/0x150 [ 122.923827] ? futex_wait_setup+0x166/0x230 [ 122.923854] schedule+0xda/0x1b0 [ 122.923882] futex_wait_queue+0xf5/0x1e0 [ 122.923905] futex_wait+0x28e/0x690 [ 122.923929] ? futex_wait_setup+0x230/0x230 [ 122.923953] ? wake_up_q+0x8b/0xf0 [ 122.923978] ? do_raw_spin_unlock+0x4f/0x220 [ 122.924013] ? futex_wake+0x158/0x490 [ 122.924043] ? fd_install+0x1f9/0x640 [ 122.924070] do_futex+0x2ff/0x380 [ 122.924091] ? __ia32_compat_sys_get_robust_list+0x3b0/0x3b0 [ 122.924121] __x64_sys_futex+0x1c6/0x4d0 [ 122.924145] ? __x64_sys_futex_time32+0x480/0x480 [ 122.924169] ? syscall_enter_from_user_mode+0x1d/0x50 [ 122.924196] ? syscall_enter_from_user_mode+0x1d/0x50 [ 122.924225] do_syscall_64+0x3b/0x90 [ 122.924259] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 122.924285] RIP: 0033:0x7fdf065f5b19 [ 122.924300] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 122.924320] RSP: 002b:00007fdf03b6b218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 122.924340] RAX: ffffffffffffffda RBX: 00007fdf06708f68 RCX: 00007fdf065f5b19 [ 122.924354] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007fdf06708f68 [ 122.924368] RBP: 00007fdf06708f60 R08: 0000000000000000 R09: 0000000000000000 [ 122.924381] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fdf06708f6c [ 122.924394] R13: 00007ffe5e5ed18f R14: 00007fdf03b6b300 R15: 0000000000022000 [ 122.924418] [ 123.033499] WARNING: CPU: 0 PID: 3720 at kernel/events/core.c:2309 group_sched_out.part.0+0x2c7/0x460 [ 123.034770] Modules linked in: [ 123.035211] CPU: 0 PID: 3720 Comm: syz-executor.4 Not tainted 6.0.0-next-20221004 #1 [ 123.036264] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 123.037800] RIP: 0010:group_sched_out.part.0+0x2c7/0x460 [ 123.038546] Code: 5e 41 5f e9 8b ae ef ff e8 86 ae ef ff 65 8b 1d 2b 08 ac 7e 31 ff 89 de e8 26 ab ef ff 85 db 0f 84 8a 00 00 00 e8 69 ae ef ff <0f> 0b e9 a5 fe ff ff e8 5d ae ef ff 48 8d 7d 10 48 b8 00 00 00 00 [ 123.040981] RSP: 0018:ffff8880403a78f8 EFLAGS: 00010006 [ 123.041709] RAX: 0000000040000002 RBX: 0000000000000000 RCX: 0000000000000000 [ 123.042666] RDX: ffff88801b3e5040 RSI: ffffffff81566da7 RDI: 0000000000000005 [ 123.043628] RBP: ffff888008660000 R08: 0000000000000005 R09: 0000000000000001 [ 123.044597] R10: 0000000000000000 R11: ffffffff865b601b R12: ffff88800d3cc400 [ 123.045570] R13: ffff88806ce3d2c0 R14: ffffffff8547d040 R15: 0000000000000002 [ 123.046534] FS: 00007fdf03b6b700(0000) GS:ffff88806ce00000(0000) knlGS:0000000000000000 [ 123.047615] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 123.048402] CR2: 00007fc88ffce4a1 CR3: 000000001db42000 CR4: 0000000000350ef0 [ 123.049376] Call Trace: [ 123.049734] [ 123.050051] ctx_sched_out+0x8f1/0xc10 [ 123.050615] __perf_event_task_sched_out+0x6d0/0x18d0 [ 123.051326] ? lock_is_held_type+0xd7/0x130 [ 123.051921] ? __perf_cgroup_move+0x160/0x160 [ 123.052531] ? set_next_entity+0x304/0x550 [ 123.053123] ? lock_is_held_type+0xd7/0x130 [ 123.053728] __schedule+0xedd/0x2470 [ 123.054264] ? io_schedule_timeout+0x150/0x150 [ 123.054898] ? futex_wait_setup+0x166/0x230 [ 123.055501] schedule+0xda/0x1b0 [ 123.055978] futex_wait_queue+0xf5/0x1e0 [ 123.056539] futex_wait+0x28e/0x690 [ 123.057046] ? futex_wait_setup+0x230/0x230 [ 123.057656] ? wake_up_q+0x8b/0xf0 [ 123.058155] ? do_raw_spin_unlock+0x4f/0x220 [ 123.058786] ? futex_wake+0x158/0x490 [ 123.059327] ? fd_install+0x1f9/0x640 [ 123.059860] do_futex+0x2ff/0x380 [ 123.060345] ? __ia32_compat_sys_get_robust_list+0x3b0/0x3b0 [ 123.061141] __x64_sys_futex+0x1c6/0x4d0 [ 123.061707] ? __x64_sys_futex_time32+0x480/0x480 [ 123.062380] ? syscall_enter_from_user_mode+0x1d/0x50 [ 123.063085] ? syscall_enter_from_user_mode+0x1d/0x50 [ 123.063792] do_syscall_64+0x3b/0x90 [ 123.064318] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 123.065016] RIP: 0033:0x7fdf065f5b19 [ 123.065535] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 123.067948] RSP: 002b:00007fdf03b6b218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 123.068971] RAX: ffffffffffffffda RBX: 00007fdf06708f68 RCX: 00007fdf065f5b19 [ 123.069952] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007fdf06708f68 [ 123.070912] RBP: 00007fdf06708f60 R08: 0000000000000000 R09: 0000000000000000 [ 123.071870] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fdf06708f6c [ 123.072822] R13: 00007ffe5e5ed18f R14: 00007fdf03b6b300 R15: 0000000000022000 [ 123.073799] [ 123.074124] irq event stamp: 612 [ 123.074581] hardirqs last enabled at (611): [] syscall_enter_from_user_mode+0x1d/0x50 [ 123.075848] hardirqs last disabled at (612): [] __schedule+0x1225/0x2470 [ 123.076960] softirqs last enabled at (42): [] __irq_exit_rcu+0x11b/0x180 [ 123.078117] softirqs last disabled at (37): [] __irq_exit_rcu+0x11b/0x180 [ 123.079244] ---[ end trace 0000000000000000 ]--- [ 123.741489] syz-executor.4 calls setitimer() with new_value NULL pointer. Misfeature support will be removed 19:50:33 executing program 2: syz_mount_image$vfat(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) r0 = syz_open_dev$tty20(0xc, 0x4, 0x1) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0x0, 0xfffd, 0x0, 0x8}) ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000080)) write(r0, &(0x7f0000000000)="58eca2371f240992157b2c5db411d43f24e9d0434502a379e34d6fa142664a0d9daa0a6672009eb4692a1e56594f1a6d08d2376e486826dee0c6308882fad9fa8fbd2131dcbe6863caab70d3efe7dbd6ddddda43e7e89a19ffad3969d898276100ea4a97fa1eb375ff41e4cd2fb645c48b396584b11cda591dad85392c586385d2f49a1bc96daf648085400a4385f93726ea3df00ecaaf7b3fe2def85a450cd75eca8563ca7be8786723ae6b865898d11f8e6f4754e5b77ede95cd6ebde79ae922ed077c9b4cd1702e572a963b6eaafc1bb07d80bc125629455623578d1f60233f5cf85a3ebd6ad9e5b318074868cdb69c9721b5082849aa2c53", 0xfa) stat(&(0x7f0000000240)='./file0\x00', &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0}) setresuid(0x0, r1, 0x0) open_by_handle_at(0xffffffffffffffff, 0x0, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) bind$netlink(r2, 0x0, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$ethtool(&(0x7f0000000140), r3) setsockopt$netlink_NETLINK_CAP_ACK(r3, 0x10e, 0xa, &(0x7f0000000180)=0x5, 0x4) syz_genetlink_get_family_id$fou(&(0x7f0000000480), r3) dup2(r2, r3) 19:50:33 executing program 7: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x2, 0x0) pwrite64(r1, &(0x7f00000000c0)='9', 0x1, 0x8040000) r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x4042, 0x0) openat(r1, &(0x7f0000000080)='./file1\x00', 0xa0800, 0x20) r3 = socket$nl_generic(0x10, 0x3, 0x10) setsockopt$netlink_NETLINK_CAP_ACK(r3, 0x10e, 0xa, &(0x7f0000000180)=0x5, 0x4) syz_genetlink_get_family_id$fou(&(0x7f0000000480), r3) fcntl$F_SET_FILE_RW_HINT(r3, 0x40e, &(0x7f0000000000)) sendfile(r1, r2, 0x0, 0xffff) fallocate(r2, 0x3, 0xff7f, 0x4000) r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x2, 0x0) r5 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x4042, 0x0) sendfile(r4, r5, 0x0, 0xffff) 19:50:33 executing program 4: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x2}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getpgid(0xffffffffffffffff) r0 = socket$inet6_udp(0xa, 0x2, 0x0) r1 = gettid() r2 = gettid() kcmp(r1, r2, 0x0, r0, r0) r3 = syz_open_procfs(0x0, &(0x7f00000003c0)='uid_map\x00') read(r3, &(0x7f0000000400)=""/146, 0x92) perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x80, 0x9, 0x0, 0x6, 0x0, 0xe86c, 0x200, 0xb, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x2, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x2, @perf_config_ext={0x4, 0x10000}, 0x10080, 0x0, 0x3, 0x5, 0x8, 0xffff, 0x9, 0x0, 0x3f, 0x0, 0x3ff}, r2, 0x9, r3, 0x2) setitimer(0x0, 0x0, 0x0) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) 19:50:33 executing program 4: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x2}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getpgid(0xffffffffffffffff) r0 = socket$inet6_udp(0xa, 0x2, 0x0) r1 = gettid() r2 = gettid() kcmp(r1, r2, 0x0, r0, r0) r3 = syz_open_procfs(0x0, &(0x7f00000003c0)='uid_map\x00') read(r3, &(0x7f0000000400)=""/146, 0x92) perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x80, 0x9, 0x0, 0x6, 0x0, 0xe86c, 0x200, 0xb, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x2, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x2, @perf_config_ext={0x4, 0x10000}, 0x10080, 0x0, 0x3, 0x5, 0x8, 0xffff, 0x9, 0x0, 0x3f, 0x0, 0x3ff}, r2, 0x9, r3, 0x2) setitimer(0x0, 0x0, 0x0) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) 19:50:33 executing program 7: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x8000000000, 0xffffffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) getpid() ioctl$BLKTRACETEARDOWN(0xffffffffffffffff, 0x1276, 0x0) ioctl$sock_SIOCGPGRP(0xffffffffffffffff, 0x8904, &(0x7f0000000300)) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000340)) r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), 0xffffffffffffffff) sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000500)=ANY=[@ANYBLOB="00010000", @ANYRES16=r0, @ANYBLOB="010000000000000000003b00000008000300", @ANYRES32, @ANYBLOB="e200330080800000080211000001080211000000505050505050"], 0x100}}, 0x0) clone3(&(0x7f0000000440)={0x80202800, &(0x7f0000000000), &(0x7f0000000040), &(0x7f0000000500), {0x3f}, &(0x7f0000000540)=""/79, 0x4f, &(0x7f0000004c80)=""/102400, &(0x7f0000000100)}, 0x58) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$inet6_MCAST_MSFILTER(r1, 0x29, 0x30, 0x0, 0x0) fcntl$notify(0xffffffffffffffff, 0x402, 0x2) openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000100), 0x88000, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x2}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x7) 19:50:34 executing program 4: openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) recvmsg$unix(0xffffffffffffffff, &(0x7f00000005c0)={&(0x7f0000000140)=@abs, 0x6e, &(0x7f0000000480)=[{&(0x7f0000000040)=""/32, 0x20}, {&(0x7f00000001c0)=""/27, 0x1b}, {&(0x7f0000000200)=""/7, 0x7}, {&(0x7f0000000300)=""/127, 0x7f}, {&(0x7f0000000240)=""/34, 0x22}, {&(0x7f0000000380)=""/197, 0xc5}], 0x6, &(0x7f0000000a80)=ANY=[@ANYBLOB="14000000000000000100000001000000", @ANYRES32, @ANYBLOB="000000001c000000000000000100000002000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="0000000030000000000000000100000001000000e830a43a63a5978ba4307a5814262620a8d8d35988dad9b18c39c13c3ec05112db4cd6faac01fbf21ad43af0004384bdce5e2842dd94f469fe8282a6f9156a34cdddb45814d97ab77d1033c39691d212bda17620473fde6ba67468aba74d9a6ea010b76d17fa69b8f5794a42763fbe357b575569d18e0148846b60b5bd068db79e6f4ec068b3aa05c1", @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYBLOB="18000000000000000100000001000000", @ANYRES32, @ANYRES32, @ANYBLOB="1c000000000000000100000002000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00 '], 0xa0}, 0x12001) syz_open_procfs(r0, &(0x7f0000000600)='attr/fscreate\x00') syz_mount_image$vfat(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) setxattr$trusted_overlay_opaque(&(0x7f0000000540)='./file0\x00', &(0x7f0000000700), &(0x7f0000000800), 0x2, 0x0) ptrace$setopts(0xffffffffffffffff, 0x0, 0x0, 0x0) r1 = open(&(0x7f0000000000)='./file0\x00', 0x535081, 0x0) r2 = epoll_create(0x7fffffff) ioctl$VFAT_IOCTL_READDIR_BOTH(0xffffffffffffffff, 0x82307201, &(0x7f0000000840)=[{0x0, 0x0, 0x100}, {0x0, 0x0, 0x100}]) r3 = openat$random(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r3, &(0x7f0000000040)) r4 = syz_open_dev$rtc(&(0x7f0000000740), 0xffffffffffffffff, 0x0) ioctl$RTC_ALM_SET(r4, 0x40247007, &(0x7f0000000000)) epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r4, &(0x7f0000000040)={0x8}) ioctl$RNDADDTOENTCNT(0xffffffffffffffff, 0x40045201, &(0x7f0000000780)=0xfff3) fsetxattr$security_capability(r4, &(0x7f0000000640), &(0x7f0000000500)=@v2={0x2000000, [{0x0, 0x100}, {0x9, 0x4}]}, 0x14, 0x2) r5 = inotify_init1(0x0) dup2(r5, r1) VM DIAGNOSIS: 19:50:33 Registers: info registers vcpu 0 RAX=dffffc0000000005 RBX=00000000000003f9 RCX=0000000000000000 RDX=00000000000003f9 RSI=ffffffff823bd4ac RDI=ffffffff8765c9a0 RBP=ffffffff8765c960 RSP=ffff8880403a7348 R8 =0000000000000001 R9 =ffff8880403a72d3 R10=ffffed1008074e5a R11=0000000000000001 R12=000000000000005c R13=ffffffff8765c960 R14=ffffffff8765c9b0 R15=ffffffff8765cc10 RIP=ffffffff823bd501 RFL=00000006 [-----P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 00007fdf03b6b700 00000000 00000000 GS =0000 ffff88806ce00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007fc88ffce4a1 CR3=000000001db42000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 YMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM01=0000000000000000 0000000000000000 00007fdf066dc7c0 00007fdf066dc7c8 YMM02=0000000000000000 0000000000000000 00007fdf066dc7e0 00007fdf066dc7c0 YMM03=0000000000000000 0000000000000000 00007fdf066dc7c8 00007fdf066dc7c0 YMM04=0000000000000000 0000000000000000 ffffffffffffffff ffffffff00000000 YMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM06=0000000000000000 0000000000000000 0000000000000000 000000524f525245 YMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM08=0000000000000000 0000000000000000 0000000000000000 00524f5252450040 YMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 RAX=0000000000000001 RBX=ffff88806ce3f080 RCX=0000000000000000 RDX=ffff88801b3e1ac0 RSI=0000000000000001 RDI=0000000000000000 RBP=0000000000000000 RSP=ffff88804037f950 R8 =0000000000000005 R9 =0000000000000000 R10=0000000000000001 R11=0000000000000001 R12=0000000000000003 R13=ffffed100d9c7e11 R14=ffff88806ce3f088 R15=0000000000000001 RIP=ffffffff814618c0 RFL=00000202 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0000 0000000000000000 00000000 00000000 DS =0000 0000000000000000 00000000 00000000 FS =0000 0000555555a43400 00000000 00000000 GS =0000 ffff88806cf00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007fdf06701ddc CR3=000000001db42000 CR4=00350ee0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 YMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM01=0000000000000000 0000000000000000 00007fdf066dc7c0 00007fdf066dc7c8 YMM02=0000000000000000 0000000000000000 00007fdf066dc7e0 00007fdf066dc7c0 YMM03=0000000000000000 0000000000000000 00007fdf066dc7c8 00007fdf066dc7c0 YMM04=0000000000000000 0000000000000000 ffffffffffffffff ffffffff00000000 YMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM06=0000000000000000 0000000000000000 0000000000000000 000000524f525245 YMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM08=0000000000000000 0000000000000000 0000000000000000 00524f5252450040 YMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000