Warning: Permanently added '[localhost]:19411' (ECDSA) to the list of known hosts. 2022/10/05 20:41:45 fuzzer started 2022/10/05 20:41:45 dialing manager at localhost:37193 syzkaller login: [ 38.984762] cgroup: Unknown subsys name 'net' [ 39.095856] cgroup: Unknown subsys name 'rlimit' 2022/10/05 20:42:02 syscalls: 2215 2022/10/05 20:42:02 code coverage: enabled 2022/10/05 20:42:02 comparison tracing: enabled 2022/10/05 20:42:02 extra coverage: enabled 2022/10/05 20:42:02 setuid sandbox: enabled 2022/10/05 20:42:02 namespace sandbox: enabled 2022/10/05 20:42:02 Android sandbox: enabled 2022/10/05 20:42:02 fault injection: enabled 2022/10/05 20:42:02 leak checking: enabled 2022/10/05 20:42:02 net packet injection: enabled 2022/10/05 20:42:02 net device setup: enabled 2022/10/05 20:42:02 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2022/10/05 20:42:02 devlink PCI setup: PCI device 0000:00:10.0 is not available 2022/10/05 20:42:02 USB emulation: enabled 2022/10/05 20:42:02 hci packet injection: enabled 2022/10/05 20:42:02 wifi device emulation: failed to parse kernel version (6.0.0-next-20221005) 2022/10/05 20:42:02 802.15.4 emulation: enabled 2022/10/05 20:42:02 fetching corpus: 50, signal 19457/21268 (executing program) 2022/10/05 20:42:02 fetching corpus: 100, signal 31164/34530 (executing program) 2022/10/05 20:42:02 fetching corpus: 150, signal 38491/43330 (executing program) 2022/10/05 20:42:02 fetching corpus: 200, signal 42266/48580 (executing program) 2022/10/05 20:42:02 fetching corpus: 250, signal 47794/55398 (executing program) 2022/10/05 20:42:03 fetching corpus: 300, signal 56153/64806 (executing program) 2022/10/05 20:42:03 fetching corpus: 350, signal 59553/69420 (executing program) 2022/10/05 20:42:03 fetching corpus: 400, signal 63581/74545 (executing program) 2022/10/05 20:42:03 fetching corpus: 450, signal 67282/79328 (executing program) 2022/10/05 20:42:03 fetching corpus: 500, signal 71359/84314 (executing program) 2022/10/05 20:42:03 fetching corpus: 550, signal 74574/88451 (executing program) 2022/10/05 20:42:03 fetching corpus: 600, signal 78550/93244 (executing program) 2022/10/05 20:42:03 fetching corpus: 650, signal 81812/97313 (executing program) 2022/10/05 20:42:03 fetching corpus: 700, signal 83131/99645 (executing program) 2022/10/05 20:42:03 fetching corpus: 750, signal 85273/102626 (executing program) 2022/10/05 20:42:03 fetching corpus: 800, signal 86104/104422 (executing program) 2022/10/05 20:42:04 fetching corpus: 850, signal 87924/107091 (executing program) 2022/10/05 20:42:04 fetching corpus: 900, signal 90682/110464 (executing program) 2022/10/05 20:42:04 fetching corpus: 950, signal 93376/113765 (executing program) 2022/10/05 20:42:04 fetching corpus: 1000, signal 95556/116631 (executing program) 2022/10/05 20:42:04 fetching corpus: 1050, signal 96569/118492 (executing program) 2022/10/05 20:42:04 fetching corpus: 1100, signal 100512/122665 (executing program) 2022/10/05 20:42:04 fetching corpus: 1150, signal 102555/125281 (executing program) 2022/10/05 20:42:04 fetching corpus: 1200, signal 103763/127186 (executing program) 2022/10/05 20:42:04 fetching corpus: 1250, signal 105497/129447 (executing program) 2022/10/05 20:42:04 fetching corpus: 1300, signal 107261/131681 (executing program) 2022/10/05 20:42:05 fetching corpus: 1350, signal 109179/133994 (executing program) 2022/10/05 20:42:05 fetching corpus: 1400, signal 110166/135618 (executing program) 2022/10/05 20:42:05 fetching corpus: 1450, signal 111156/137237 (executing program) 2022/10/05 20:42:05 fetching corpus: 1500, signal 112626/139182 (executing program) 2022/10/05 20:42:05 fetching corpus: 1550, signal 114202/141173 (executing program) 2022/10/05 20:42:05 fetching corpus: 1600, signal 117187/144053 (executing program) 2022/10/05 20:42:05 fetching corpus: 1650, signal 118540/145822 (executing program) 2022/10/05 20:42:05 fetching corpus: 1700, signal 119584/147301 (executing program) 2022/10/05 20:42:05 fetching corpus: 1750, signal 120962/149004 (executing program) 2022/10/05 20:42:05 fetching corpus: 1800, signal 121787/150337 (executing program) 2022/10/05 20:42:06 fetching corpus: 1850, signal 123910/152498 (executing program) 2022/10/05 20:42:06 fetching corpus: 1900, signal 125613/154258 (executing program) 2022/10/05 20:42:06 fetching corpus: 1950, signal 126459/155548 (executing program) 2022/10/05 20:42:06 fetching corpus: 2000, signal 127502/156908 (executing program) 2022/10/05 20:42:06 fetching corpus: 2050, signal 129396/158762 (executing program) 2022/10/05 20:42:06 fetching corpus: 2100, signal 130200/159988 (executing program) 2022/10/05 20:42:06 fetching corpus: 2150, signal 131005/161165 (executing program) 2022/10/05 20:42:06 fetching corpus: 2200, signal 133819/163456 (executing program) 2022/10/05 20:42:06 fetching corpus: 2250, signal 134987/164799 (executing program) 2022/10/05 20:42:06 fetching corpus: 2300, signal 136078/166086 (executing program) 2022/10/05 20:42:07 fetching corpus: 2350, signal 137581/167499 (executing program) 2022/10/05 20:42:07 fetching corpus: 2400, signal 139114/168938 (executing program) 2022/10/05 20:42:07 fetching corpus: 2450, signal 141588/170828 (executing program) 2022/10/05 20:42:07 fetching corpus: 2500, signal 142523/171873 (executing program) 2022/10/05 20:42:07 fetching corpus: 2550, signal 143709/173096 (executing program) 2022/10/05 20:42:07 fetching corpus: 2600, signal 144433/174054 (executing program) 2022/10/05 20:42:07 fetching corpus: 2650, signal 144985/174848 (executing program) 2022/10/05 20:42:07 fetching corpus: 2700, signal 146063/175923 (executing program) 2022/10/05 20:42:07 fetching corpus: 2750, signal 146939/176889 (executing program) 2022/10/05 20:42:07 fetching corpus: 2800, signal 148449/178107 (executing program) 2022/10/05 20:42:08 fetching corpus: 2850, signal 148996/178851 (executing program) 2022/10/05 20:42:08 fetching corpus: 2900, signal 149625/179624 (executing program) 2022/10/05 20:42:08 fetching corpus: 2950, signal 150307/180424 (executing program) 2022/10/05 20:42:08 fetching corpus: 3000, signal 151407/181381 (executing program) 2022/10/05 20:42:08 fetching corpus: 3050, signal 152273/182191 (executing program) 2022/10/05 20:42:08 fetching corpus: 3100, signal 153504/183211 (executing program) 2022/10/05 20:42:08 fetching corpus: 3150, signal 154897/184200 (executing program) 2022/10/05 20:42:08 fetching corpus: 3200, signal 155443/184886 (executing program) 2022/10/05 20:42:08 fetching corpus: 3250, signal 156905/185844 (executing program) 2022/10/05 20:42:09 fetching corpus: 3300, signal 157665/186569 (executing program) 2022/10/05 20:42:09 fetching corpus: 3350, signal 158411/187350 (executing program) 2022/10/05 20:42:09 fetching corpus: 3400, signal 158967/187953 (executing program) 2022/10/05 20:42:09 fetching corpus: 3450, signal 159960/188656 (executing program) 2022/10/05 20:42:09 fetching corpus: 3500, signal 160839/189362 (executing program) 2022/10/05 20:42:09 fetching corpus: 3550, signal 161306/189949 (executing program) 2022/10/05 20:42:09 fetching corpus: 3600, signal 162704/190743 (executing program) 2022/10/05 20:42:09 fetching corpus: 3650, signal 164005/191493 (executing program) 2022/10/05 20:42:09 fetching corpus: 3700, signal 164775/192100 (executing program) 2022/10/05 20:42:10 fetching corpus: 3750, signal 165961/192744 (executing program) 2022/10/05 20:42:10 fetching corpus: 3800, signal 167389/193424 (executing program) 2022/10/05 20:42:10 fetching corpus: 3850, signal 168512/194022 (executing program) 2022/10/05 20:42:10 fetching corpus: 3900, signal 168880/194483 (executing program) 2022/10/05 20:42:10 fetching corpus: 3950, signal 169627/194990 (executing program) 2022/10/05 20:42:10 fetching corpus: 4000, signal 170236/195423 (executing program) 2022/10/05 20:42:10 fetching corpus: 4050, signal 171080/195966 (executing program) 2022/10/05 20:42:10 fetching corpus: 4100, signal 171549/196396 (executing program) 2022/10/05 20:42:10 fetching corpus: 4150, signal 172274/196812 (executing program) 2022/10/05 20:42:10 fetching corpus: 4200, signal 172815/197196 (executing program) 2022/10/05 20:42:11 fetching corpus: 4250, signal 174029/197690 (executing program) 2022/10/05 20:42:11 fetching corpus: 4300, signal 174767/198073 (executing program) 2022/10/05 20:42:11 fetching corpus: 4350, signal 175328/198404 (executing program) 2022/10/05 20:42:11 fetching corpus: 4400, signal 175555/198700 (executing program) 2022/10/05 20:42:11 fetching corpus: 4450, signal 176544/199068 (executing program) 2022/10/05 20:42:11 fetching corpus: 4500, signal 177055/199385 (executing program) 2022/10/05 20:42:11 fetching corpus: 4550, signal 177553/199679 (executing program) 2022/10/05 20:42:11 fetching corpus: 4600, signal 177840/199947 (executing program) 2022/10/05 20:42:11 fetching corpus: 4650, signal 178643/200260 (executing program) 2022/10/05 20:42:12 fetching corpus: 4700, signal 179431/200593 (executing program) 2022/10/05 20:42:12 fetching corpus: 4750, signal 179738/200823 (executing program) 2022/10/05 20:42:12 fetching corpus: 4800, signal 180280/201085 (executing program) 2022/10/05 20:42:12 fetching corpus: 4850, signal 181534/201358 (executing program) 2022/10/05 20:42:12 fetching corpus: 4900, signal 182771/201591 (executing program) 2022/10/05 20:42:12 fetching corpus: 4950, signal 183402/201797 (executing program) 2022/10/05 20:42:12 fetching corpus: 5000, signal 184252/202001 (executing program) 2022/10/05 20:42:12 fetching corpus: 5050, signal 184763/202057 (executing program) 2022/10/05 20:42:12 fetching corpus: 5100, signal 186003/202058 (executing program) 2022/10/05 20:42:12 fetching corpus: 5150, signal 186526/202065 (executing program) 2022/10/05 20:42:13 fetching corpus: 5156, signal 186540/202065 (executing program) 2022/10/05 20:42:13 fetching corpus: 5156, signal 186540/202065 (executing program) 2022/10/05 20:42:15 starting 8 fuzzer processes 20:42:15 executing program 0: msgctl$IPC_RMID(0xffffffffffffffff, 0x0) r0 = msgget$private(0x0, 0x15d) msgctl$IPC_SET(r0, 0x1, &(0x7f0000000000)={{0x0, 0xee00, 0xee01, 0xffffffffffffffff, 0x0, 0x10, 0x978c}, 0x0, 0x0, 0x1, 0xffff, 0x67, 0x4b, 0x6, 0x81, 0xfff7, 0xc65c}) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000080)={0x0, 0x0, 0x0}, &(0x7f00000000c0)=0xc) msgctl$IPC_SET(r0, 0x1, &(0x7f0000000100)={{0x3, 0xffffffffffffffff, r3, 0xee01, 0xee01, 0x100, 0x2}, 0x0, 0x0, 0x5, 0x1, 0x8, 0xfffffffffffffb98, 0x1, 0x7, 0x81, 0x800}) msgctl$MSG_INFO(r0, 0xc, &(0x7f0000000180)=""/73) msgctl$IPC_RMID(r0, 0x0) msgctl$IPC_RMID(r0, 0x0) r4 = msgget$private(0x0, 0x8) msgctl$MSG_INFO(r4, 0xc, &(0x7f0000000200)=""/201) msgctl$IPC_INFO(r0, 0x3, &(0x7f0000000300)=""/156) ioctl$AUTOFS_IOC_PROTOVER(0xffffffffffffffff, 0x80049363, &(0x7f00000003c0)) msgrcv(r0, &(0x7f0000000400)={0x0, ""/4}, 0xc, 0x3, 0x0) msgctl$IPC_INFO(r0, 0x3, &(0x7f0000000440)=""/22) msgctl$MSG_INFO(r4, 0xc, &(0x7f0000000480)=""/194) syz_genetlink_get_family_id$gtp(&(0x7f0000000580), 0xffffffffffffffff) r5 = msgget$private(0x0, 0x0) msgctl$IPC_INFO(r5, 0x3, 0xfffffffffffffffe) msgctl$IPC_RMID(r5, 0x0) msgctl$IPC_SET(r4, 0x1, &(0x7f00000005c0)={{0x2, r2, r3, r2, 0xee00, 0x94, 0x5}, 0x0, 0x0, 0x7, 0x7fff, 0x3, 0x2, 0x8, 0x1, 0x0, 0xd093, 0x0, r1}) 20:42:15 executing program 1: r0 = socket$nl_sock_diag(0x10, 0x3, 0x4) ioctl$AUTOFS_IOC_READY(r0, 0x9360, 0x4) io_uring_enter(0xffffffffffffffff, 0x28ef, 0xf24b, 0x1, &(0x7f0000000000)={[0x20]}, 0x8) r1 = syz_open_dev$tty20(0xc, 0x4, 0x0) ioctl$KDDISABIO(r1, 0x4b37) copy_file_range(0xffffffffffffffff, &(0x7f0000000040)=0x9, r1, &(0x7f0000000080)=0x4, 0x20, 0x0) ioctl$GIO_FONT(r1, 0x4b60, &(0x7f00000000c0)=""/254) ioctl$TCSETSF(r1, 0x5404, &(0x7f00000001c0)={0x80, 0x1, 0xeb4, 0x101, 0x12, "9753bc23c1b2e790d4139c74a89e9a3605a6b4"}) ioctl$KDGKBTYPE(r1, 0x4b33, &(0x7f0000000200)) r2 = ioctl$TIOCGPTPEER(r1, 0x5441, 0x5) ioctl$TIOCL_PASTESEL(r2, 0x541c, &(0x7f0000000240)) ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000280)={0x6, 0x6, 0x9, 0x0, 0x2, "8e1c116afa564bba46f5fa53aadd45795d556a", 0x3, 0x5}) ioctl$BTRFS_IOC_SET_RECEIVED_SUBVOL(r0, 0xc0c89425, &(0x7f00000002c0)={"32eae0ac9cd27186c3ee190502220f41", 0x0, 0x0, {0x20, 0x84}, {0x10000, 0x5}, 0x77, [0x5, 0x4, 0x40, 0x200, 0x1f, 0x3ff, 0x8, 0x6, 0x3, 0x7fff, 0x6, 0xf209, 0x0, 0x64b, 0x8, 0x81]}) ioctl$BTRFS_IOC_SET_RECEIVED_SUBVOL(r2, 0xc0c89425, &(0x7f00000003c0)={"d14b1df32cf3da7aea5d670a703f3f09", r3, 0x0, {0x1f, 0x8}, {0x8, 0xffffffc0}, 0x7ff, [0x4, 0xf8, 0x100000001, 0x3, 0x8, 0x6c6f, 0x1, 0x8, 0x1ff, 0x7, 0x2, 0xba, 0x0, 0x410a, 0x9, 0x1]}) r4 = openat$vcsu(0xffffffffffffff9c, &(0x7f00000004c0), 0x101000, 0x0) ioctl$sock_inet_SIOCGIFNETMASK(r4, 0x891b, &(0x7f0000000500)={'veth0_macvtap\x00', {0x2, 0x0, @local}}) ioctl$TIOCGRS485(r1, 0x542e, &(0x7f0000000540)) sync_file_range(r2, 0x1ff, 0xe1, 0x7) socket$netlink(0x10, 0x3, 0xa) ioctl$KDENABIO(0xffffffffffffffff, 0x4b36) 20:42:15 executing program 2: r0 = accept4$unix(0xffffffffffffffff, &(0x7f0000000000)=@abs, &(0x7f0000000080)=0x6e, 0x80000) flock(r0, 0x0) ioctl$SNDRV_SEQ_IOCTL_GET_CLIENT_POOL(0xffffffffffffffff, 0xc058534b, &(0x7f00000000c0)={0x1, 0xfffffbff, 0x5, 0x7, 0xffff, 0xbf}) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(0xffffffffffffffff, 0xc0a85320, &(0x7f0000000140)={{0x2, 0xe0}, 'port1\x00', 0x20, 0x191014, 0x4, 0x1, 0x7, 0x4, 0x2, 0x0, 0x0, 0xf8}) fsync(r0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r0, 0x81f8943c, &(0x7f0000000200)) fstat(r0, &(0x7f0000000400)) r1 = openat$incfs(0xffffffffffffffff, &(0x7f0000000480)='.pending_reads\x00', 0x12000, 0x91) ioctl$INCFS_IOC_PERMIT_FILL(r1, 0x40046721, &(0x7f00000004c0)={r0}) r2 = socket$inet6(0xa, 0xa, 0x3f) getsockname$inet6(r2, &(0x7f0000000500)={0xa, 0x0, 0x0, @mcast1}, &(0x7f0000000540)=0x1c) ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_INFO(r1, 0xc08c5335, &(0x7f0000000580)={0xfffffffe, 0x85, 0x0, 'queue1\x00', 0x1f}) r3 = socket$inet6(0xa, 0x5, 0x6) getsockname(r0, &(0x7f0000000640)=@in={0x2, 0x0, @private}, &(0x7f00000006c0)=0x80) ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_INFO(r1, 0xc08c5334, &(0x7f0000000700)={0x8, 0x0, 0x0, 'queue1\x00', 0x26}) accept$unix(r0, &(0x7f00000007c0)=@abs, &(0x7f0000000840)=0x6e) ioctl$INCFS_IOC_PERMIT_FILL(r1, 0x40046721, &(0x7f0000000880)={r3}) ioctl$TUNGETFILTER(r1, 0x801054db, &(0x7f00000008c0)=""/16) accept$unix(r0, &(0x7f0000000900)=@abs, &(0x7f0000000980)=0x6e) setsockopt$inet6_MRT6_DEL_MFC(r1, 0x29, 0xcd, &(0x7f00000009c0)={{0xa, 0x4e24, 0x7549, @private0={0xfc, 0x0, '\x00', 0x1}, 0x1}, {0xa, 0x4e22, 0x4, @loopback, 0x9}, 0x4, [0x2, 0xe7d, 0x7fff, 0x8, 0x1, 0x7fffffff, 0x2, 0x2]}, 0x5c) [ 66.196509] audit: type=1400 audit(1665002535.849:6): avc: denied { execmem } for pid=283 comm="syz-executor.0" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1 20:42:15 executing program 3: r0 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$NL802154_CMD_NEW_INTERFACE(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x40, r0, 0x100, 0x70bd28, 0x25dfdbfe, {}, [@NL802154_ATTR_WPAN_PHY={0x8, 0x1, 0x3}, @NL802154_ATTR_WPAN_PHY={0x8, 0x1, 0x2}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x100000001}, @NL802154_ATTR_WPAN_PHY={0x8, 0x1, 0x2}, @NL802154_ATTR_IFINDEX={0x8}]}, 0x40}, 0x1, 0x0, 0x0, 0x40090}, 0x24040050) r1 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000180), 0xffffffffffffffff) sendmsg$IEEE802154_LLSEC_GETPARAMS(0xffffffffffffffff, &(0x7f0000000280)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x4c, r1, 0x2, 0x70bd28, 0x25dfdbfb, {}, [@IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan0\x00'}, @IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan4\x00'}, @IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan1\x00'}, @IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan1\x00'}, @IEEE802154_ATTR_DEV_INDEX={0x8}]}, 0x4c}}, 0x4) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$ieee802154(&(0x7f00000002c0), r2) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r2, 0x8933, &(0x7f0000000340)={'wpan3\x00', 0x0}) sendmsg$NL802154_CMD_SET_PAN_ID(r3, &(0x7f0000000440)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000400)={&(0x7f0000000380)={0x64, 0x0, 0x200, 0x70bd25, 0x25dfdbfe, {}, [@NL802154_ATTR_PAN_ID={0x6}, @NL802154_ATTR_PAN_ID={0x6, 0x9, 0x2}, @NL802154_ATTR_IFINDEX={0x8}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x3}, @NL802154_ATTR_IFINDEX={0x8}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r4}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x100000002}, @NL802154_ATTR_PAN_ID={0x6, 0x9, 0x2}, @NL802154_ATTR_PAN_ID={0x6, 0x9, 0x1}]}, 0x64}, 0x1, 0x0, 0x0, 0x40010}, 0x801) r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl802154(&(0x7f0000000480), r5) r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000540)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_TDLS_MGMT(0xffffffffffffffff, &(0x7f0000000840)={&(0x7f00000004c0)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000800)={&(0x7f0000000580)={0x270, r6, 0x100, 0x70bd28, 0x25dfdbfb, {{}, {@val={0x8, 0x3, r7}, @val={0xc, 0x99, {0x10000, 0x3f}}}}, [@NL80211_ATTR_IE={0x23d, 0x2a, [@random_vendor={0xdd, 0xbc, "e7f16e03699207eac2260381b0175e5784894d87fa8282bf492b75ca91b680f8106bb965cf6e5bde159508801da624726e00a83259db01cc1d22e9eafe0db48bd10eea361cbf2b47054cbda9039d783c845f480096fc455347f5935d22e9ab103503bed9b22998219ea6922a5cf9511cf7bc0ed924c2bd764c1026c8be2f46447b2dcc4b66705c41bd9317ea025eb4aae17899bc2832fd850d6f4193d5db41afaf07b3198d48299a8559d480a0728f6fb8e374c1f269f34a1f04ea58"}, @measure_req={0x26, 0xd4, {0xe0, 0x1, 0x6, "664019882b4dcd257f15cde9d7edb9eaacdc5f5976aee23c6ced75c5a0f788c704e00466bc8224b353c3dd1b76c79d7d53fcb826d43ee58bd238ac38207293f61bdf4e882195f6f2af88fcacb5ed36a71ba7c81c689e5add5d0dae256b90f05cbc54a1e355992f4e94f1214962ef13a58b2d827b6d9d33b63e6e3c80d96e54732f0f6db59e9a51dba7aa0cae578e84f378d88f01f504f77f5a39eac51281018e1cda11b889876ea332c8e64ef51a37c217ccf5abb304b9f00f8c96382729228d7ff76752ab93fc4c0d8e0309c751092eb6"}}, @preq={0x82, 0x67, @not_ext={{0x1, 0x1}, 0x0, 0x4, 0x8, @broadcast, 0xfffffff8, "", 0x4a1, 0x200, 0x7, [{{}, @broadcast, 0x3}, {{}, @device_b, 0x2}, {{0x1}, @broadcast, 0xfffffffa}, {{}, @device_b, 0x3ff}, {{0x0, 0x0, 0x1}, @device_b, 0x3}, {{0x1, 0x0, 0x1}, @device_a, 0x4}, {{0x1}, @device_b, 0x8001}]}}, @ssid={0x0, 0x19, @random="fc9d09ed9f609804af3b854e708f5230bce4e57e801700dbb9"}, @prep={0x83, 0x1f, @not_ext={{}, 0x0, 0xf8, @device_b, 0x1, "", 0x6, 0x13, @device_b, 0x5}}]}, @NL80211_ATTR_STATUS_CODE={0x6, 0x48, 0x6b}]}, 0x270}, 0x1, 0x0, 0x0, 0x10}, 0x4081) syz_genetlink_get_family_id$netlbl_cipso(&(0x7f0000000880), r2) r8 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r3) sendmsg$IEEE802154_LLSEC_GETPARAMS(r3, &(0x7f0000000a00)={&(0x7f00000008c0)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f00000009c0)={&(0x7f0000000940)={0x7c, r8, 0x400, 0x70bd29, 0x25dfdbff, {}, [@IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan1\x00'}, @IEEE802154_ATTR_DEV_INDEX={0x8, 0x2, r4}, @IEEE802154_ATTR_DEV_INDEX={0x8, 0x2, r4}, @IEEE802154_ATTR_DEV_INDEX={0x8, 0x2, r4}, @IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan3\x00'}, @IEEE802154_ATTR_DEV_INDEX={0x8, 0x2, r4}, @IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan3\x00'}, @IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan4\x00'}, @IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan0\x00'}, @IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan1\x00'}]}, 0x7c}, 0x1, 0x0, 0x0, 0x20064454}, 0x20000004) sendmsg$IEEE802154_LLSEC_ADD_SECLEVEL(0xffffffffffffffff, &(0x7f0000000b00)={&(0x7f0000000a40)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000ac0)={&(0x7f0000000a80)={0x40, r8, 0x2, 0x70bd27, 0x25dfdbfd, {}, [@IEEE802154_ATTR_LLSEC_SECLEVELS={0x5, 0x35, 0xc8}, @IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan4\x00'}, @IEEE802154_ATTR_LLSEC_CMD_FRAME_ID={0x5, 0x34, 0x1}, @IEEE802154_ATTR_LLSEC_FRAME_TYPE={0x5, 0x33, 0x3}, @IEEE802154_ATTR_LLSEC_FRAME_TYPE={0x5, 0x33, 0xfb}]}, 0x40}, 0x1, 0x0, 0x0, 0x80}, 0x8000) r9 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$IEEE802154_LIST_PHY(r9, &(0x7f0000000c00)={&(0x7f0000000b40)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000bc0)={&(0x7f0000000b80)={0x14, r8, 0x20, 0x70bd2c, 0x25dfdbfd, {}, ["", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x20000840}, 0x48044) 20:42:15 executing program 5: add_key$fscrypt_provisioning(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x2}, &(0x7f0000000080)={0x2, 0x0, @a}, 0x48, 0xfffffffffffffffd) r0 = request_key(&(0x7f0000000100)='syzkaller\x00', &(0x7f0000000140)={'syz', 0x3}, &(0x7f0000000180)='\x92!\x00', 0xfffffffffffffffb) r1 = add_key$keyring(&(0x7f00000001c0), &(0x7f0000000200)={'syz', 0x0}, 0x0, 0x0, 0xfffffffffffffffb) r2 = request_key(&(0x7f0000000240)='encrypted\x00', &(0x7f0000000280)={'syz', 0x0}, &(0x7f00000002c0)='}\xbd-/,)-\'\x00', r0) add_key$fscrypt_provisioning(&(0x7f0000000300), &(0x7f0000000340)={'syz', 0x2}, &(0x7f0000000380)={0xe383baf338bfb52b, 0x0, @a}, 0x48, r2) add_key$user(&(0x7f0000000400), &(0x7f0000000440)={'syz', 0x3}, &(0x7f0000000480)="7e5f3561bba0bbb243ce3aa78c0c87e62257a24c6863f016a77e5c59138527bbd1db0a678cecb6b0dc056956a65f8e0d43b870936d5365f0d8b092e0224967c3db7c6bf45662bc9c808214734f50e6a047afb7f1c2bca07c18e8a405e91bc8ba6ace9ace413e27d987555f2efc46f073e245629f1a8427e9ea0355f73295044608c8a2ffe4ed431a419599f712d5b8f5ef8c4faf2b5810bc3898ea96c93ef1da", 0xa0, 0xffffffffffffffff) r3 = request_key(&(0x7f0000000540)='pkcs7_test\x00', &(0x7f0000000580)={'syz', 0x3}, &(0x7f00000005c0)='\x00', r1) add_key(&(0x7f0000000600)='cifs.spnego\x00', &(0x7f0000000640)={'syz', 0x2}, 0x0, 0x0, r1) add_key$fscrypt_provisioning(&(0x7f0000000680), &(0x7f00000006c0)={'syz', 0x2}, &(0x7f0000000700)={0x1, 0x0, @c}, 0x29, r1) keyctl$read(0xb, r1, &(0x7f0000000740)=""/44, 0x2c) r4 = add_key$user(&(0x7f0000000780), &(0x7f00000007c0)={'syz', 0x2}, &(0x7f0000000800)="5843915a0780fd4e4fe7fd0595641ed64aa07b9a786d27db65fae3c4933c0f40667a87896c306b7c38f8ed495b66e6d30ae8cb1fd11d718fcd98d5139132cf17dc7905b282953cae04c55f0ea3932aea7be0a57c1ea7d21feff7f72bf8470b0adb7c9dc8e14c6121da050a4fc373c266d1a62a18baa0ece568008658fb7c818693f574018dc4631a6bc1aea453bde85700efa28429513fbb13", 0x99, r2) r5 = add_key$fscrypt_v1(&(0x7f00000008c0), &(0x7f0000000900)={'fscrypt:', @desc3}, &(0x7f0000000940)={0x0, "c9f476ffbfa4f3ef40121f424d7f19676c772687a16e98b1fdac2e5eda8d5a43398715cbe0435d676b58db2a65f5aa2026fbdc6a9ff85155102760c4aeee5c67", 0x31}, 0x48, r1) keyctl$KEYCTL_PKEY_SIGN(0x1b, &(0x7f00000009c0)={r3, 0xbf, 0xe7}, &(0x7f0000000a00)={'enc=', 'oaep', ' hash=', {'sha1-asm\x00'}}, &(0x7f0000000a80)="15de53c77bde0bade0cdbbaca10578261f15442e452f06d7775e94c924d372cc7ea98a23cec61b8038434706b86e5bae051a6f895d27e5184a313499759165cdcf9f71d7bd97d8735e64f72689c80af1718191f204fb674db43700921e7f998f7557605903acc58dbf6b0389d96da8c12761f110db2656e74da87414b4710d23d2626263086e3c43d27a6ae36bc2a978046614e62a3cbcf1c853170a748923d7f01f6b5c4fe7f5c3118dd07832e034594cd439bbb733a03bbcdb9345fb3b0a", &(0x7f0000000b40)=""/231) keyctl$invalidate(0x15, 0x0) keyctl$invalidate(0x15, r4) add_key$keyring(&(0x7f0000000c40), &(0x7f0000000c80)={'syz', 0x2}, 0x0, 0x0, r2) request_key(&(0x7f0000000cc0)='ceph\x00', &(0x7f0000000d00)={'syz', 0x3}, &(0x7f0000000d40)='(\'$\\\\:-\x00', 0xfffffffffffffffc) r6 = add_key$fscrypt_provisioning(&(0x7f0000000d80), &(0x7f0000000dc0)={'syz', 0x1}, &(0x7f0000000e00)={0x2, 0x0, @a}, 0x48, 0xfffffffffffffff9) r7 = add_key$fscrypt_v1(&(0x7f0000000e80), &(0x7f0000000ec0)={'fscrypt:', @auto=[0x34, 0x31, 0x32, 0x65, 0x37, 0x37, 0x33, 0x64, 0x63, 0x65, 0x39, 0x35, 0x38, 0xc, 0x66, 0x64]}, &(0x7f0000000f00)={0x0, "061165960b82c7d7e4e50e22071ec6e5a48209e2376395327ae5e742f6540fa79270880987a8fa3fd0a61d616ee6fbea2963801b02e96777662b64928cf3d931", 0x24}, 0x48, r2) keyctl$KEYCTL_MOVE(0x1e, r6, r7, r5, 0x0) 20:42:15 executing program 4: r0 = openat$pidfd(0xffffffffffffff9c, &(0x7f0000000000), 0x80000, 0x0) r1 = syz_mount_image$vfat(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', 0xfffffffffffffffa, 0x1, &(0x7f0000000180)=[{&(0x7f00000000c0)="5435e94db975de8d2e0bc31157a08dbb96068a33f48072babdfaeda4e5eabb604e972799a3072e88b6aa5e0225c2fe7dcba2e6971d006ab3d8ad13394c54f2d8615fceff122c996e437de74dd9e017b23fa6fbed4d8cf0aae4b6297b6b40ab02b5b3427fc1bacfea269f29a3c7d36c1f3cede62b0b2faf00ae4a6c1dfda03aba73d851cb294ad37a968506f6c0562a2044f7e03e905f055319a03746bd3cd7b3f7645f035e7a6f8eac9ce4ccbc69a66eba3d3bcabd", 0xb5, 0x8}], 0x1000000, &(0x7f00000001c0)={[{@uni_xlateno}], [{@fsuuid={'fsuuid', 0x3d, {[0x36, 0x64, 0x31, 0x30, 0x66, 0x61, 0x64, 0x31], 0x2d, [0x36, 0x64, 0x31, 0x39], 0x2d, [0x36, 0x36, 0x35, 0x36], 0x2d, [0x37, 0x38, 0x32, 0x32], 0x2d, [0x31, 0x36, 0x35, 0x37, 0x35, 0x62, 0x30, 0x66]}}}, {@obj_role}, {@fsuuid={'fsuuid', 0x3d, {[0x38, 0x62, 0x66, 0x36, 0x65, 0x65, 0x62, 0x31], 0x2d, [0x35, 0x38, 0x33, 0x62], 0x2d, [0x38, 0x66, 0x30], 0x2d, [0x63, 0x35, 0x33, 0x35], 0x2d, [0x32, 0x63, 0x61, 0x35, 0x62, 0x64, 0x60, 0x31]}}}, {@fsuuid={'fsuuid', 0x3d, {[0x34, 0x35, 0x66, 0x32, 0x25, 0x66, 0x61, 0x62], 0x2d, [0x5, 0x36, 0x37, 0x33], 0x2d, [0xc, 0x34, 0x39, 0x33], 0x2d, [0x35, 0x33, 0x66, 0x30], 0x2d, [0x64, 0x38, 0x37, 0x66, 0x37, 0x32, 0x30, 0x64]}}}, {@appraise}, {@smackfshat={'smackfshat', 0x3d, '}!'}}]}) close_range(r0, r1, 0x2) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000340)={0x0, 0x0, 0x0}, &(0x7f0000000380)=0xc) r4 = syz_mount_image$tmpfs(&(0x7f0000000280), &(0x7f00000002c0)='./file0\x00', 0x9, 0x0, &(0x7f0000000300), 0x2000000, &(0x7f00000003c0)={[{@nr_inodes={'nr_inodes', 0x3d, [0x78, 0x37, 0x49, 0x67]}}, {@mpol={'mpol', 0x3d, {'interleave', '=relative'}}}, {@mode={'mode', 0x3d, 0xfffffffffffffe00}}, {@gid={'gid', 0x3d, r3}}, {@huge_within_size}], [{@fscontext={'fscontext', 0x3d, 'sysadm_u'}}, {@obj_type={'obj_type', 0x3d, 'appraise'}}, {@subj_type={'subj_type', 0x3d, 'appraise'}}]}) symlinkat(&(0x7f0000000480)='./file0\x00', r4, &(0x7f00000004c0)='./file0\x00') statx(r4, &(0x7f0000000500)='./file0\x00', 0x400, 0x100, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x0, 0x0}) r6 = syz_open_dev$vcsu(&(0x7f0000000640), 0xe8cb, 0x42402) fspick(r6, &(0x7f0000000680)='./file0\x00', 0x0) r7 = openat(0xffffffffffffffff, &(0x7f00000006c0)='./file0\x00', 0x101000, 0x8) ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000700)={r0, 0x100000000, 0x5, 0x81}) pidfd_send_signal(r8, 0x6, &(0x7f0000000740)={0x26, 0x1, 0xb12}, 0x0) fallocate(r0, 0x4, 0x400, 0xd42) r9 = openat$cgroup_ro(r7, &(0x7f00000007c0)='blkio.bfq.sectors\x00', 0x0, 0x0) mknodat(r9, &(0x7f0000000800)='./file0\x00', 0x2, 0x1000) openat(r9, &(0x7f0000000840)='./file0\x00', 0x200000, 0x4) ioctl$FS_IOC_RESVSP(r8, 0x40305828, &(0x7f0000000880)={0x0, 0x1, 0x9, 0xfffffffffffffffe}) ioctl$AUTOFS_IOC_PROTOVER(r4, 0x80049363, &(0x7f00000008c0)) r10 = syz_mount_image$ext4(&(0x7f0000000900)='ext2\x00', &(0x7f0000000940)='./file0\x00', 0x1, 0x2, &(0x7f0000000a40)=[{&(0x7f0000000980)="4cd40f5e5ef5f43ce8e47e9175e5b1f1644b1d7d6a6b0f4d5a5ed941696d1238bc56ca64aa5ce7710a13c6109132bf67132a0bba9114c1db2fe43f764d0399eeb176bc04b136ad3da8e8c9ce90261d24e05aeb8474646ec6834e87252fa15a5866bc5ab757a3cd268c53bf17fae5fde1c6f06e480b900e74", 0x78, 0x2}, {&(0x7f0000000a00)="5028dccc2290fd917e0f2562", 0xc, 0x17}], 0x120802, &(0x7f0000000a80)={[{@resuid={'resuid', 0x3d, r5}}, {}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x8}}, {@commit={'commit', 0x3d, 0x7}}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x6}}], [{@smackfsfloor}, {@fscontext={'fscontext', 0x3d, 'staff_u'}}, {@obj_role={'obj_role', 0x3d, 'smackfshat'}}, {@uid_gt={'uid>', r5}}, {@dont_appraise}, {@fsmagic={'fsmagic', 0x3d, 0x80}}, {@mask={'mask', 0x3d, 'MAY_READ'}}, {@smackfsfloor={'smackfsfloor', 0x3d, 'k'}}, {@obj_role={'obj_role', 0x3d, ',[)'}}, {@uid_gt={'uid>', r2}}]}) openat(r10, &(0x7f0000000c00)='./file1\x00', 0x278000, 0x0) 20:42:15 executing program 6: ioctl$KDFONTOP_COPY(0xffffffffffffffff, 0x4b72, &(0x7f0000000400)={0x3, 0x1, 0x0, 0x10, 0x18b}) r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000440), 0x620400, 0x0) ioctl$TCSETSW(r0, 0x5403, &(0x7f0000000480)={0xd6e, 0x1, 0x40e, 0xfffffff8, 0xc, "2ca86772ff07bfe6ad9286e62b2809f000e480"}) setsockopt$bt_BT_VOICE(r0, 0x112, 0xb, &(0x7f00000004c0)=0x63, 0x2) ioctl$KDFONTOP_COPY(0xffffffffffffffff, 0x4b72, &(0x7f0000000900)={0x3, 0x1, 0x2, 0x1d, 0x11a, &(0x7f0000000500)}) r1 = socket$inet_icmp(0x2, 0x2, 0x1) ioctl$sock_SIOCSIFVLAN_SET_VLAN_EGRESS_PRIORITY_CMD(r1, 0x8983, &(0x7f0000000940)={0x3, 'ip6_vti0\x00', {0x6}, 0xff}) fcntl$F_SET_FILE_RW_HINT(0xffffffffffffffff, 0x40e, &(0x7f0000000980)=0x2) ioctl$TCSETA(r0, 0x5406, &(0x7f00000009c0)={0x401, 0x1f, 0xfff8, 0x1f, 0xe, "b288de3027444864"}) ioctl$AUTOFS_IOC_SETTIMEOUT(r0, 0x80049367, &(0x7f0000000a00)=0x2800000000) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, &(0x7f0000000a40)={0x0}) r3 = openat(r0, &(0x7f0000000ac0)='./file0\x00', 0x10000, 0x48) ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r0, 0x40182103, &(0x7f0000000b00)={r2, 0x0, r3, 0x7}) fcntl$setownex(r0, 0xf, &(0x7f0000000b40)={0x1, 0xffffffffffffffff}) fsetxattr$trusted_overlay_opaque(r1, &(0x7f0000000b80), &(0x7f0000000bc0), 0x2, 0x2) fallocate(r3, 0x2a, 0x5, 0x5) ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r3, 0x40182103, &(0x7f0000000c00)={r2, 0x0, r1, 0x6, 0x80000}) r4 = syz_genetlink_get_family_id$devlink(&(0x7f0000000c80), r0) sendmsg$DEVLINK_CMD_RATE_NEW(r3, &(0x7f0000000dc0)={&(0x7f0000000c40)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000d80)={&(0x7f0000000cc0)={0xb4, r4, 0x100, 0x70bd2d, 0x25dfdbfc, {}, [@DEVLINK_ATTR_PORT_INDEX={0x8, 0x3, 0x3}, @DEVLINK_ATTR_RATE_TX_SHARE={0xc, 0xa6, 0x17a9}, @DEVLINK_ATTR_RATE_TX_MAX={0xc, 0xa7, 0x5}, @handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, @DEVLINK_ATTR_RATE_PARENT_NODE_NAME={0x3b, 0xa9, @random="40814e87bec6bce833b88a54220558a090bd033bd1e1623df7eb2efb736438ae84649af2a2c7df10f12c78b6237e47fc48ced847e910b5"}, @handle=@pci={{0x8}, {0x11}}, @DEVLINK_ATTR_PORT_INDEX={0x8}]}, 0xb4}, 0x1, 0x0, 0x0, 0x20048000}, 0x40000) openat(0xffffffffffffffff, &(0x7f0000000e40)='./file0\x00', 0x2000, 0x0) 20:42:15 executing program 7: fsetxattr$trusted_overlay_nlink(0xffffffffffffffff, &(0x7f0000000000), &(0x7f0000000040)={'U+', 0x2}, 0x16, 0x1) r0 = openat$urandom(0xffffffffffffff9c, &(0x7f0000000080), 0x2040, 0x0) ioctl$F2FS_IOC_GARBAGE_COLLECT_RANGE(r0, 0x4018f50b, &(0x7f00000000c0)={0x0, 0x0, 0x6}) setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, &(0x7f0000000100)={0x2, 0x1000}, 0x4) ioctl$FICLONERANGE(r0, 0x4020940d, &(0x7f0000000140)={{r0}, 0x36342d9b, 0x1000}) ioctl$RNDGETENTCNT(r0, 0x80045200, &(0x7f0000000180)) r1 = inotify_init() ioctl$NS_GET_OWNER_UID(0xffffffffffffffff, 0xb704, &(0x7f0000000680)=0x0) sendmsg$unix(0xffffffffffffffff, &(0x7f0000000700)={&(0x7f00000001c0)=@file={0x1, './file0\x00'}, 0x6e, &(0x7f0000000600)=[{&(0x7f0000000240)="3cd06ce6f7e35e22a0ec3d30298af17cd7b47cdd4d07d9f6cfd060f96f3a0d81a3c663afff48aaaed8b878d21ebc5678e4588284bc62", 0x36}, {&(0x7f0000000280)="0a3a3f6cce6a9c2a16181bac58ba381bb3b1515b9fedde99", 0x18}, {&(0x7f00000002c0)="fd7cc9e7cc71a6d202f23c490da482591eff97417e2c650e8fb369c2e32489350e8b291467f205", 0x27}, {&(0x7f0000000300)="060973f0249309b34ab3956b", 0xc}, {&(0x7f0000000340)="ecd4323389cea5c4776014453ce6f71b3a6a098183528191fb59d035d1c27eaf6bba8a17d5df66dda160083f27ce3209d15111c71f804d4cdf4fef282cc91648b2e69f4e8ea57ab488536c5c3301775659f3155ac15e1199efdce72d37ce71adfde09c763039c57496cb3f801c10bd08ff898e9657c5b4f05497448781bff51b23bdea70a0ab0ff73e73e03217ce57473d8bd60f3fd27ea0c88e865c1205adcee2b7d506fa99ba16df0c881c4edffd3eb808a924a5833f94ec9a48fa08ff9327c5a787cd693c0aa5738291", 0xcb}, {&(0x7f0000000440)="35ac703bebf612f3417e57275c80b18c15163f36837efa4a2c7340049814039d58b4206aa19bc81049dec18fb844df14a038ae", 0x33}, {&(0x7f0000000480)="eaebff2e2e5b0022bd7e55691640981f2c1b1586846dc9396dec8799aa43dbae769992e427f2236593ad044730812dca2b9cf551f4b62248ae70d79b9412727ffea9fb4310d4ad2a0fef7052abce6448c13ee5265cfd70a92e20b7d053bf9ef407f087458bf5f0ff91522afd418d31897bfd1fc2d308cf288bdf2203fa18b601", 0x80}, {&(0x7f0000000500)="b395c7827c2497528a337e3afa1a69dc1d30d97f54574f87d847ef23acc9a41e2f2c82b0345fd6c687113e9d114588a74b119ec95aa9d7d6c43b74993531afcefbff3937a70ac3e3e7e6fce3573a4f34ee0396237ec4d15cbf9eec12a072f04148584df62ce0abfb5024c1d949e1a949751eefdd518cd6bb140b994ff91e4dccac2dcaa7c27e1e806ea34b7c6698059757e86677b4d40fdaf457f4da1c3f5418914f6c3a3bdf3fef7ad6f4508030cfb8927c68704fcba23db7b0f265525460ab807b081e144e4e5ce3a19e8663a391b2af8ec46a19f5f3ba5c27dd01ed1666025d877142ad8f253bf23b5c4122468882839f5c", 0xf3}], 0x8, &(0x7f00000006c0)=[@rights={{0x20, 0x1, 0x1, [r1, r0, r0, r0]}}, @cred={{0x1c, 0x1, 0x2, {0xffffffffffffffff, r2, 0xffffffffffffffff}}}], 0x40, 0x40090}, 0x40) close(r1) r3 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000740), 0x105000, 0x0) r4 = syz_genetlink_get_family_id$batadv(&(0x7f00000007c0), r3) sendmsg$BATADV_CMD_GET_MCAST_FLAGS(r3, &(0x7f00000008c0)={&(0x7f0000000780)={0x10, 0x0, 0x0, 0x40024}, 0xc, &(0x7f0000000880)={&(0x7f0000000800)={0x54, r4, 0x10, 0x70bd27, 0x25dfdbff, {}, [@BATADV_ATTR_ISOLATION_MASK={0x8, 0x2c, 0xbc26}, @BATADV_ATTR_AP_ISOLATION_ENABLED={0x5, 0x2a, 0x1}, @BATADV_ATTR_DISTRIBUTED_ARP_TABLE_ENABLED={0x5, 0x2f, 0x1}, @BATADV_ATTR_DISTRIBUTED_ARP_TABLE_ENABLED={0x5}, @BATADV_ATTR_HOP_PENALTY={0x5, 0x35, 0x3c}, @BATADV_ATTR_GW_BANDWIDTH_DOWN={0x8, 0x31, 0xffff}, @BATADV_ATTR_GW_BANDWIDTH_UP={0x8, 0x32, 0xffff8000}, @BATADV_ATTR_NETWORK_CODING_ENABLED={0x5}]}, 0x54}}, 0x40000) r5 = dup2(r3, r3) inotify_add_watch(r5, &(0x7f0000000900)='./file0\x00', 0x10000200) fcntl$setstatus(r0, 0x4, 0x2000) r6 = openat$selinux_attr(0xffffffffffffff9c, &(0x7f0000000940)='/proc/thread-self/attr/keycreate\x00', 0x2, 0x0) fsetxattr$trusted_overlay_redirect(r6, &(0x7f0000000980), &(0x7f00000009c0)='./file0\x00', 0x8, 0x2) r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000a40), 0xffffffffffffffff) sendmsg$NL80211_CMD_SET_NOACK_MAP(r3, &(0x7f0000000b40)={&(0x7f0000000a00)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000b00)={&(0x7f0000000a80)={0x54, r7, 0x400, 0x70bd27, 0x25dfdbff, {{}, {@void, @void}}, [@NL80211_ATTR_NOACK_MAP={0x6, 0x95, 0x1}, @NL80211_ATTR_NOACK_MAP={0x6, 0x95, 0x9}, @NL80211_ATTR_NOACK_MAP={0x6, 0x95, 0x1}, @NL80211_ATTR_NOACK_MAP={0x6, 0x95, 0x400}, @NL80211_ATTR_NOACK_MAP={0x6, 0x95, 0x100}, @NL80211_ATTR_NOACK_MAP={0x6, 0x95, 0x5}, @NL80211_ATTR_NOACK_MAP={0x6, 0x95, 0x40}, @NL80211_ATTR_NOACK_MAP={0x6, 0x95, 0x1}]}, 0x54}, 0x1, 0x0, 0x0, 0x2000e061}, 0x20008004) [ 67.503604] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 67.505250] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 67.507013] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 67.509943] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 67.511829] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 67.513418] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 67.517895] Bluetooth: hci0: HCI_REQ-0x0c1a [ 67.549437] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 67.557923] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 67.560497] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 67.564429] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 67.565892] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 67.568664] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 67.573682] Bluetooth: hci1: HCI_REQ-0x0c1a [ 67.601780] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 67.604659] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 67.656357] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 67.658444] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 67.660949] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 67.664809] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 67.665985] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 67.666213] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 67.668614] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 67.669764] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 67.672007] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 67.672752] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 67.673099] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 67.675735] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 67.678230] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 67.683836] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 67.684977] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 67.686098] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 67.687689] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 67.689561] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 67.689637] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 67.691406] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 67.692453] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 67.694641] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 67.696556] Bluetooth: hci3: HCI_REQ-0x0c1a [ 67.702353] Bluetooth: hci5: HCI_REQ-0x0c1a [ 67.702533] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 67.704199] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 67.705649] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 67.706833] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 67.708004] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 67.709229] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 67.711994] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 67.713650] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 67.714554] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 67.715871] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 67.717407] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 67.721527] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 67.731105] Bluetooth: hci7: HCI_REQ-0x0c1a [ 67.731735] Bluetooth: hci4: HCI_REQ-0x0c1a [ 67.734897] Bluetooth: hci6: HCI_REQ-0x0c1a [ 67.757780] Bluetooth: hci2: HCI_REQ-0x0c1a [ 69.529407] Bluetooth: hci0: command 0x0409 tx timeout [ 69.593285] Bluetooth: hci1: command 0x0409 tx timeout [ 69.784611] Bluetooth: hci7: command 0x0409 tx timeout [ 69.785556] Bluetooth: hci4: command 0x0409 tx timeout [ 69.786443] Bluetooth: hci6: command 0x0409 tx timeout [ 69.787462] Bluetooth: hci5: command 0x0409 tx timeout [ 69.788623] Bluetooth: hci3: command 0x0409 tx timeout [ 69.848159] Bluetooth: hci2: command 0x0409 tx timeout [ 71.576283] Bluetooth: hci0: command 0x041b tx timeout [ 71.640155] Bluetooth: hci1: command 0x041b tx timeout [ 71.832289] Bluetooth: hci3: command 0x041b tx timeout [ 71.833005] Bluetooth: hci5: command 0x041b tx timeout [ 71.833718] Bluetooth: hci6: command 0x041b tx timeout [ 71.834444] Bluetooth: hci4: command 0x041b tx timeout [ 71.835142] Bluetooth: hci7: command 0x041b tx timeout [ 71.896222] Bluetooth: hci2: command 0x041b tx timeout [ 73.624140] Bluetooth: hci0: command 0x040f tx timeout [ 73.688376] Bluetooth: hci1: command 0x040f tx timeout [ 73.880156] Bluetooth: hci7: command 0x040f tx timeout [ 73.880605] Bluetooth: hci4: command 0x040f tx timeout [ 73.880961] Bluetooth: hci6: command 0x040f tx timeout [ 73.881362] Bluetooth: hci5: command 0x040f tx timeout [ 73.881733] Bluetooth: hci3: command 0x040f tx timeout [ 73.944099] Bluetooth: hci2: command 0x040f tx timeout [ 75.672132] Bluetooth: hci0: command 0x0419 tx timeout [ 75.736458] Bluetooth: hci1: command 0x0419 tx timeout [ 75.928246] Bluetooth: hci3: command 0x0419 tx timeout [ 75.929011] Bluetooth: hci5: command 0x0419 tx timeout [ 75.930278] Bluetooth: hci6: command 0x0419 tx timeout [ 75.930967] Bluetooth: hci4: command 0x0419 tx timeout [ 75.931710] Bluetooth: hci7: command 0x0419 tx timeout [ 75.999125] Bluetooth: hci2: command 0x0419 tx timeout 20:43:09 executing program 5: r0 = perf_event_open(&(0x7f0000000280)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x60806, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x800}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) r2 = fcntl$dupfd(r0, 0x0, r1) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x13, r2, 0x0) r3 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x280000) ioctl$AUTOFS_DEV_IOCTL_READY(r1, 0xc0189376, &(0x7f0000000040)={{0x1, 0x1, 0x18, r0, {0x3}}, './file1\x00'}) tee(r3, r4, 0x4, 0x1) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x4001813, r2, 0x0) close(r0) [ 119.464763] audit: type=1400 audit(1665002589.117:7): avc: denied { open } for pid=3910 comm="syz-executor.5" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 20:43:09 executing program 5: r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x76, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = socket$inet_tcp(0x2, 0x1, 0x0) sendmmsg(r1, &(0x7f0000006700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) sendfile(r1, r0, &(0x7f0000000240)=0x101, 0x7fff) r2 = syz_open_dev$vcsn(&(0x7f0000000180), 0xd5, 0x420100) r3 = syz_open_dev$hiddev(&(0x7f00000001c0), 0x0, 0x800000) ioctl$F2FS_IOC_GARBAGE_COLLECT(r3, 0x4004f506, &(0x7f0000000200)=0x1) perf_event_open(&(0x7f0000000100)={0x4, 0x80, 0x6e, 0x16, 0x0, 0x2, 0x0, 0x1ff, 0x4, 0x8, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x2, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0xdb8, 0x2, @perf_config_ext={0x20, 0x7c0}, 0x5090, 0x10, 0x3d5, 0x0, 0xff, 0xc4b6, 0x4, 0x0, 0xffffff50, 0x0, 0x8000}, 0x0, 0xb, r2, 0x10) r4 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x26e1, 0x0) ioctl$FITRIM(r4, 0x80086601, &(0x7f0000000000)) [ 119.612695] audit: type=1400 audit(1665002589.265:8): avc: denied { kernel } for pid=3920 comm="syz-executor.5" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 [ 119.627717] ------------[ cut here ]------------ [ 119.627747] [ 119.627751] ====================================================== [ 119.627755] WARNING: possible circular locking dependency detected [ 119.627760] 6.0.0-next-20221005 #1 Not tainted [ 119.627768] ------------------------------------------------------ [ 119.627772] syz-executor.5/3923 is trying to acquire lock: [ 119.627781] ffffffff853faaf8 ((console_sem).lock){....}-{2:2}, at: down_trylock+0xe/0x70 [ 119.627834] [ 119.627834] but task is already holding lock: [ 119.627838] ffff88800de34020 (&ctx->lock){....}-{2:2}, at: __perf_event_task_sched_out+0x53b/0x18d0 [ 119.627879] [ 119.627879] which lock already depends on the new lock. [ 119.627879] [ 119.627883] [ 119.627883] the existing dependency chain (in reverse order) is: [ 119.627887] [ 119.627887] -> #3 (&ctx->lock){....}-{2:2}: [ 119.627905] _raw_spin_lock+0x2a/0x40 [ 119.627921] __perf_event_task_sched_out+0x53b/0x18d0 [ 119.627936] __schedule+0xedd/0x2470 [ 119.627956] schedule+0xda/0x1b0 [ 119.627975] exit_to_user_mode_prepare+0x114/0x1a0 [ 119.627991] syscall_exit_to_user_mode+0x19/0x40 [ 119.628009] do_syscall_64+0x48/0x90 [ 119.628022] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 119.628040] [ 119.628040] -> #2 (&rq->__lock){-.-.}-{2:2}: [ 119.628058] _raw_spin_lock_nested+0x30/0x40 [ 119.628074] raw_spin_rq_lock_nested+0x1e/0x30 [ 119.628091] task_fork_fair+0x63/0x4d0 [ 119.628113] sched_cgroup_fork+0x3d0/0x540 [ 119.628132] copy_process+0x4183/0x6e20 [ 119.628146] kernel_clone+0xe7/0x890 [ 119.628159] user_mode_thread+0xad/0xf0 [ 119.628173] rest_init+0x24/0x250 [ 119.628190] arch_call_rest_init+0xf/0x14 [ 119.628215] start_kernel+0x4c6/0x4eb [ 119.628239] secondary_startup_64_no_verify+0xe0/0xeb [ 119.628257] [ 119.628257] -> #1 (&p->pi_lock){-.-.}-{2:2}: [ 119.628275] _raw_spin_lock_irqsave+0x39/0x60 [ 119.628291] try_to_wake_up+0xab/0x1930 [ 119.628309] up+0x75/0xb0 [ 119.628329] __up_console_sem+0x6e/0x80 [ 119.628350] console_unlock+0x46a/0x590 [ 119.628372] do_con_write+0xc05/0x1d50 [ 119.628386] con_write+0x21/0x40 [ 119.628399] n_tty_write+0x4d4/0xfe0 [ 119.628416] file_tty_write.constprop.0+0x455/0x8a0 [ 119.628432] vfs_write+0x9c3/0xd90 [ 119.628453] ksys_write+0x127/0x250 [ 119.628475] do_syscall_64+0x3b/0x90 [ 119.628487] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 119.628505] [ 119.628505] -> #0 ((console_sem).lock){....}-{2:2}: [ 119.628524] __lock_acquire+0x2a02/0x5e70 [ 119.628546] lock_acquire+0x1a2/0x530 [ 119.628568] _raw_spin_lock_irqsave+0x39/0x60 [ 119.628583] down_trylock+0xe/0x70 [ 119.628605] __down_trylock_console_sem+0x3b/0xd0 [ 119.628627] vprintk_emit+0x16b/0x560 [ 119.628649] vprintk+0x84/0xa0 [ 119.628671] _printk+0xba/0xf1 [ 119.628687] report_bug.cold+0x72/0xab [ 119.628710] handle_bug+0x3c/0x70 [ 119.628725] exc_invalid_op+0x14/0x50 [ 119.628740] asm_exc_invalid_op+0x16/0x20 [ 119.628757] group_sched_out.part.0+0x2c7/0x460 [ 119.628782] ctx_sched_out+0x8f1/0xc10 [ 119.628804] __perf_event_task_sched_out+0x6d0/0x18d0 [ 119.628819] __schedule+0xedd/0x2470 [ 119.628839] schedule+0xda/0x1b0 [ 119.628858] exit_to_user_mode_prepare+0x114/0x1a0 [ 119.628873] syscall_exit_to_user_mode+0x19/0x40 [ 119.628891] do_syscall_64+0x48/0x90 [ 119.628904] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 119.628922] [ 119.628922] other info that might help us debug this: [ 119.628922] [ 119.628925] Chain exists of: [ 119.628925] (console_sem).lock --> &rq->__lock --> &ctx->lock [ 119.628925] [ 119.628945] Possible unsafe locking scenario: [ 119.628945] [ 119.628948] CPU0 CPU1 [ 119.628951] ---- ---- [ 119.628954] lock(&ctx->lock); [ 119.628961] lock(&rq->__lock); [ 119.628969] lock(&ctx->lock); [ 119.628977] lock((console_sem).lock); [ 119.628985] [ 119.628985] *** DEADLOCK *** [ 119.628985] [ 119.628987] 2 locks held by syz-executor.5/3923: [ 119.628996] #0: ffff88806ce37e98 (&rq->__lock){-.-.}-{2:2}, at: __schedule+0x1cf/0x2470 [ 119.629037] #1: ffff88800de34020 (&ctx->lock){....}-{2:2}, at: __perf_event_task_sched_out+0x53b/0x18d0 [ 119.629073] [ 119.629073] stack backtrace: [ 119.629077] CPU: 0 PID: 3923 Comm: syz-executor.5 Not tainted 6.0.0-next-20221005 #1 [ 119.629093] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 119.629102] Call Trace: [ 119.629106] [ 119.629112] dump_stack_lvl+0x8b/0xb3 [ 119.629138] check_noncircular+0x263/0x2e0 [ 119.629161] ? format_decode+0x26c/0xb50 [ 119.629184] ? print_circular_bug+0x450/0x450 [ 119.629208] ? simple_strtoul+0x30/0x30 [ 119.629231] ? perf_trace_lock+0x308/0x560 [ 119.629250] ? format_decode+0x26c/0xb50 [ 119.629276] ? alloc_chain_hlocks+0x1ec/0x5a0 [ 119.629301] __lock_acquire+0x2a02/0x5e70 [ 119.629334] ? lockdep_hardirqs_on_prepare+0x410/0x410 [ 119.629367] lock_acquire+0x1a2/0x530 [ 119.629390] ? down_trylock+0xe/0x70 [ 119.629416] ? lock_release+0x750/0x750 [ 119.629446] ? vprintk+0x84/0xa0 [ 119.629472] _raw_spin_lock_irqsave+0x39/0x60 [ 119.629488] ? down_trylock+0xe/0x70 [ 119.629512] down_trylock+0xe/0x70 [ 119.629536] ? vprintk+0x84/0xa0 [ 119.629559] __down_trylock_console_sem+0x3b/0xd0 [ 119.629584] vprintk_emit+0x16b/0x560 [ 119.629611] vprintk+0x84/0xa0 [ 119.629635] _printk+0xba/0xf1 [ 119.629652] ? record_print_text.cold+0x16/0x16 [ 119.629677] ? report_bug.cold+0x66/0xab [ 119.629704] ? group_sched_out.part.0+0x2c7/0x460 [ 119.629729] report_bug.cold+0x72/0xab [ 119.629757] handle_bug+0x3c/0x70 [ 119.629771] exc_invalid_op+0x14/0x50 [ 119.629786] asm_exc_invalid_op+0x16/0x20 [ 119.629805] RIP: 0010:group_sched_out.part.0+0x2c7/0x460 [ 119.629833] Code: 5e 41 5f e9 8b ae ef ff e8 86 ae ef ff 65 8b 1d 2b 08 ac 7e 31 ff 89 de e8 26 ab ef ff 85 db 0f 84 8a 00 00 00 e8 69 ae ef ff <0f> 0b e9 a5 fe ff ff e8 5d ae ef ff 48 8d 7d 10 48 b8 00 00 00 00 [ 119.629848] RSP: 0018:ffff8880210b7c48 EFLAGS: 00010006 [ 119.629860] RAX: 0000000040000002 RBX: 0000000000000000 RCX: 0000000000000000 [ 119.629870] RDX: ffff888017d45040 RSI: ffffffff81566da7 RDI: 0000000000000005 [ 119.629881] RBP: ffff8880086605c8 R08: 0000000000000005 R09: 0000000000000001 [ 119.629894] R10: 0000000000000000 R11: ffffffff865b601b R12: ffff88800de34000 [ 119.629909] R13: ffff88806ce3d2c0 R14: ffffffff8547d040 R15: 0000000000000002 [ 119.629931] ? group_sched_out.part.0+0x2c7/0x460 [ 119.629962] ? group_sched_out.part.0+0x2c7/0x460 [ 119.629993] ctx_sched_out+0x8f1/0xc10 [ 119.630025] __perf_event_task_sched_out+0x6d0/0x18d0 [ 119.630045] ? lock_is_held_type+0xd7/0x130 [ 119.630066] ? __perf_cgroup_move+0x160/0x160 [ 119.630080] ? set_next_entity+0x304/0x550 [ 119.630104] ? update_curr+0x267/0x740 [ 119.630130] ? lock_is_held_type+0xd7/0x130 [ 119.630151] __schedule+0xedd/0x2470 [ 119.630176] ? io_schedule_timeout+0x150/0x150 [ 119.630200] ? __x64_sys_futex_time32+0x480/0x480 [ 119.630220] schedule+0xda/0x1b0 [ 119.630242] exit_to_user_mode_prepare+0x114/0x1a0 [ 119.630259] syscall_exit_to_user_mode+0x19/0x40 [ 119.630279] do_syscall_64+0x48/0x90 [ 119.630294] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 119.630313] RIP: 0033:0x7f83e6793b19 [ 119.630324] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 119.630338] RSP: 002b:00007f83e3d09218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 119.630353] RAX: 0000000000000001 RBX: 00007f83e68a6f68 RCX: 00007f83e6793b19 [ 119.630363] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f83e68a6f6c [ 119.630373] RBP: 00007f83e68a6f60 R08: 000000000000000e R09: 0000000000000000 [ 119.630383] R10: 0000000000000003 R11: 0000000000000246 R12: 00007f83e68a6f6c [ 119.630392] R13: 00007ffe005dc0ff R14: 00007f83e3d09300 R15: 0000000000022000 [ 119.630412] [ 119.700575] WARNING: CPU: 0 PID: 3923 at kernel/events/core.c:2309 group_sched_out.part.0+0x2c7/0x460 [ 119.701381] Modules linked in: [ 119.701664] CPU: 0 PID: 3923 Comm: syz-executor.5 Not tainted 6.0.0-next-20221005 #1 [ 119.702320] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 119.703013] RIP: 0010:group_sched_out.part.0+0x2c7/0x460 [ 119.703485] Code: 5e 41 5f e9 8b ae ef ff e8 86 ae ef ff 65 8b 1d 2b 08 ac 7e 31 ff 89 de e8 26 ab ef ff 85 db 0f 84 8a 00 00 00 e8 69 ae ef ff <0f> 0b e9 a5 fe ff ff e8 5d ae ef ff 48 8d 7d 10 48 b8 00 00 00 00 [ 119.705021] RSP: 0018:ffff8880210b7c48 EFLAGS: 00010006 [ 119.705474] RAX: 0000000040000002 RBX: 0000000000000000 RCX: 0000000000000000 [ 119.706075] RDX: ffff888017d45040 RSI: ffffffff81566da7 RDI: 0000000000000005 [ 119.706682] RBP: ffff8880086605c8 R08: 0000000000000005 R09: 0000000000000001 [ 119.707286] R10: 0000000000000000 R11: ffffffff865b601b R12: ffff88800de34000 [ 119.707892] R13: ffff88806ce3d2c0 R14: ffffffff8547d040 R15: 0000000000000002 [ 119.708516] FS: 00007f83e3d09700(0000) GS:ffff88806ce00000(0000) knlGS:0000000000000000 [ 119.709203] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 119.709706] CR2: 00007f4454165170 CR3: 000000002103e000 CR4: 0000000000350ef0 [ 119.710317] Call Trace: [ 119.710543] [ 119.710749] ctx_sched_out+0x8f1/0xc10 [ 119.711098] __perf_event_task_sched_out+0x6d0/0x18d0 [ 119.711550] ? lock_is_held_type+0xd7/0x130 [ 119.711943] ? __perf_cgroup_move+0x160/0x160 [ 119.712344] ? set_next_entity+0x304/0x550 [ 119.712721] ? update_curr+0x267/0x740 [ 119.713076] ? lock_is_held_type+0xd7/0x130 [ 119.713456] __schedule+0xedd/0x2470 [ 119.713794] ? io_schedule_timeout+0x150/0x150 [ 119.714203] ? __x64_sys_futex_time32+0x480/0x480 [ 119.714623] schedule+0xda/0x1b0 [ 119.714935] exit_to_user_mode_prepare+0x114/0x1a0 [ 119.715353] syscall_exit_to_user_mode+0x19/0x40 [ 119.715762] do_syscall_64+0x48/0x90 [ 119.716092] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 119.716530] RIP: 0033:0x7f83e6793b19 [ 119.716845] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 119.718345] RSP: 002b:00007f83e3d09218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 119.718986] RAX: 0000000000000001 RBX: 00007f83e68a6f68 RCX: 00007f83e6793b19 [ 119.719588] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f83e68a6f6c [ 119.720196] RBP: 00007f83e68a6f60 R08: 000000000000000e R09: 0000000000000000 [ 119.720798] R10: 0000000000000003 R11: 0000000000000246 R12: 00007f83e68a6f6c [ 119.721399] R13: 00007ffe005dc0ff R14: 00007f83e3d09300 R15: 0000000000022000 [ 119.722004] [ 119.722208] irq event stamp: 434 [ 119.722496] hardirqs last enabled at (433): [] exit_to_user_mode_prepare+0x109/0x1a0 [ 119.723286] hardirqs last disabled at (434): [] __schedule+0x1225/0x2470 [ 119.724010] softirqs last enabled at (176): [] __irq_exit_rcu+0x11b/0x180 [ 119.724732] softirqs last disabled at (167): [] __irq_exit_rcu+0x11b/0x180 [ 119.725446] ---[ end trace 0000000000000000 ]--- [ 119.860173] audit: type=1400 audit(1665002589.512:9): avc: denied { setattr } for pid=3930 comm="syz-executor.7" name="keycreate" dev="proc" ino=14504 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=file permissive=1 [ 120.305101] loop4: detected capacity change from 0 to 264192 [ 120.306326] FAT-fs (loop4): Unrecognized mount option "fsuuid=6d10fad1-6d19-6656-7822-16575b0f" or missing value [ 120.313902] I/O error, dev loop4, sector 264064 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 120.318454] SELinux: security_context_str_to_sid (sysadm_u) failed with errno=-22 [ 120.329401] loop4: detected capacity change from 0 to 264192 [ 120.330112] FAT-fs (loop4): Unrecognized mount option "fsuuid=6d10fad1-6d19-6656-7822-16575b0f" or missing value VM DIAGNOSIS: 20:43:09 Registers: info registers vcpu 0 RAX=0000000000000020 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff823bda91 RDI=ffffffff8765c9a0 RBP=ffffffff8765c960 RSP=ffff8880210b7690 R8 =0000000000000001 R9 =000000000000000a R10=0000000000000020 R11=0000000000000001 R12=0000000000000020 R13=ffffffff8765c960 R14=0000000000000010 R15=ffffffff823bda80 RIP=ffffffff823bdae9 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 00007f83e3d09700 00000000 00000000 GS =0000 ffff88806ce00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007f4454165170 CR3=000000002103e000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=00000000000000000000000000000000 XMM01=00007f83e687a7c000007f83e687a7c8 XMM02=00007f83e687a7e000007f83e687a7c0 XMM03=00007f83e687a7c800007f83e687a7c0 XMM04=ffffffffffffffffffffffff00000000 XMM05=00000000000000000000000000000000 XMM06=0000000000000000000000524f525245 XMM07=00000000000000000000000000000000 XMM08=000000000000000000524f5252450040 XMM09=00000000000000000000000000000000 XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000 info registers vcpu 1 RAX=ffffffff816c631c RBX=ffffffff8135ac40 RCX=0000000000000000 RDX=1ffff110040f6eb0 RSI=ffffffff816c631c RDI=ffff8880207b75f0 RBP=ffff8880207b75c0 RSP=ffff8880207b7520 R8 =ffffffff85ed1b04 R9 =ffffffff85ed1b08 R10=ffffed10040f6eb2 R11=ffff8880207b7568 R12=ffff8880207b75f0 R13=0000000000000000 R14=ffff888017693580 R15=0000000000000000 RIP=ffffffff8135ac40 RFL=00000282 [--S----] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 0000000000000000 00000000 00000000 GS =0000 ffff88806cf00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007fd4d40fd310 CR3=000000003ed06000 CR4=00350ee0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=00000000000000000000000000000000 XMM01=6461657268747062696c2f756e672d78 XMM02=00302e6f732e6461657268747062696c XMM03=2f756e672d78756e696c2d34365f3638 XMM04=00000000000000000000000000000000 XMM05=00000000000000000000000000000000 XMM06=00000000000000000000000000000000 XMM07=00000000000000000000000000000000 XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000 XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000