Warning: Permanently added '[localhost]:24241' (ECDSA) to the list of known hosts. 2022/10/06 18:08:56 fuzzer started 2022/10/06 18:08:57 dialing manager at localhost:37161 syzkaller login: [ 43.790135] cgroup: Unknown subsys name 'net' [ 43.884387] cgroup: Unknown subsys name 'rlimit' 2022/10/06 18:09:10 syscalls: 2215 2022/10/06 18:09:10 code coverage: enabled 2022/10/06 18:09:10 comparison tracing: enabled 2022/10/06 18:09:10 extra coverage: enabled 2022/10/06 18:09:10 setuid sandbox: enabled 2022/10/06 18:09:10 namespace sandbox: enabled 2022/10/06 18:09:10 Android sandbox: enabled 2022/10/06 18:09:10 fault injection: enabled 2022/10/06 18:09:10 leak checking: enabled 2022/10/06 18:09:10 net packet injection: enabled 2022/10/06 18:09:10 net device setup: enabled 2022/10/06 18:09:10 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2022/10/06 18:09:10 devlink PCI setup: PCI device 0000:00:10.0 is not available 2022/10/06 18:09:10 USB emulation: enabled 2022/10/06 18:09:10 hci packet injection: enabled 2022/10/06 18:09:10 wifi device emulation: failed to parse kernel version (6.0.0-next-20221006) 2022/10/06 18:09:10 802.15.4 emulation: enabled 2022/10/06 18:09:10 fetching corpus: 50, signal 28471/30196 (executing program) 2022/10/06 18:09:10 fetching corpus: 100, signal 37430/40683 (executing program) 2022/10/06 18:09:10 fetching corpus: 150, signal 43228/47873 (executing program) 2022/10/06 18:09:11 fetching corpus: 200, signal 47231/53253 (executing program) 2022/10/06 18:09:11 fetching corpus: 250, signal 55747/62871 (executing program) 2022/10/06 18:09:11 fetching corpus: 300, signal 60180/68437 (executing program) 2022/10/06 18:09:11 fetching corpus: 350, signal 65160/74438 (executing program) 2022/10/06 18:09:11 fetching corpus: 400, signal 68074/78417 (executing program) 2022/10/06 18:09:11 fetching corpus: 450, signal 69796/81263 (executing program) 2022/10/06 18:09:11 fetching corpus: 500, signal 72768/85227 (executing program) 2022/10/06 18:09:11 fetching corpus: 550, signal 75456/88806 (executing program) 2022/10/06 18:09:11 fetching corpus: 600, signal 78037/92312 (executing program) 2022/10/06 18:09:11 fetching corpus: 650, signal 81079/96110 (executing program) 2022/10/06 18:09:12 fetching corpus: 700, signal 84106/99867 (executing program) 2022/10/06 18:09:12 fetching corpus: 750, signal 85447/102136 (executing program) 2022/10/06 18:09:12 fetching corpus: 800, signal 86711/104314 (executing program) 2022/10/06 18:09:12 fetching corpus: 850, signal 89442/107654 (executing program) 2022/10/06 18:09:12 fetching corpus: 900, signal 92379/111090 (executing program) 2022/10/06 18:09:12 fetching corpus: 950, signal 94409/113711 (executing program) 2022/10/06 18:09:12 fetching corpus: 1000, signal 95388/115490 (executing program) 2022/10/06 18:09:12 fetching corpus: 1050, signal 96396/117315 (executing program) 2022/10/06 18:09:12 fetching corpus: 1100, signal 98113/119612 (executing program) 2022/10/06 18:09:13 fetching corpus: 1150, signal 101081/122859 (executing program) 2022/10/06 18:09:13 fetching corpus: 1200, signal 103983/125995 (executing program) 2022/10/06 18:09:13 fetching corpus: 1250, signal 105854/128308 (executing program) 2022/10/06 18:09:13 fetching corpus: 1300, signal 107408/130401 (executing program) 2022/10/06 18:09:13 fetching corpus: 1350, signal 108459/132113 (executing program) 2022/10/06 18:09:13 fetching corpus: 1400, signal 109701/133867 (executing program) 2022/10/06 18:09:13 fetching corpus: 1450, signal 111372/135843 (executing program) 2022/10/06 18:09:13 fetching corpus: 1500, signal 114167/138650 (executing program) 2022/10/06 18:09:13 fetching corpus: 1550, signal 116660/141094 (executing program) 2022/10/06 18:09:13 fetching corpus: 1600, signal 117656/142563 (executing program) 2022/10/06 18:09:13 fetching corpus: 1650, signal 120617/145341 (executing program) 2022/10/06 18:09:14 fetching corpus: 1700, signal 122873/147584 (executing program) 2022/10/06 18:09:14 fetching corpus: 1750, signal 123606/148772 (executing program) 2022/10/06 18:09:14 fetching corpus: 1800, signal 126963/151531 (executing program) 2022/10/06 18:09:14 fetching corpus: 1850, signal 128600/153183 (executing program) 2022/10/06 18:09:14 fetching corpus: 1900, signal 129674/154522 (executing program) 2022/10/06 18:09:14 fetching corpus: 1950, signal 131178/156065 (executing program) 2022/10/06 18:09:14 fetching corpus: 2000, signal 131669/156970 (executing program) 2022/10/06 18:09:14 fetching corpus: 2050, signal 132707/158169 (executing program) 2022/10/06 18:09:14 fetching corpus: 2100, signal 134040/159532 (executing program) 2022/10/06 18:09:15 fetching corpus: 2150, signal 135106/160721 (executing program) 2022/10/06 18:09:15 fetching corpus: 2200, signal 135785/161680 (executing program) 2022/10/06 18:09:15 fetching corpus: 2250, signal 136818/162844 (executing program) 2022/10/06 18:09:15 fetching corpus: 2300, signal 137448/163776 (executing program) 2022/10/06 18:09:15 fetching corpus: 2350, signal 139047/165209 (executing program) 2022/10/06 18:09:15 fetching corpus: 2400, signal 139800/166166 (executing program) 2022/10/06 18:09:15 fetching corpus: 2450, signal 141440/167546 (executing program) 2022/10/06 18:09:15 fetching corpus: 2500, signal 142427/168532 (executing program) 2022/10/06 18:09:15 fetching corpus: 2550, signal 143700/169661 (executing program) 2022/10/06 18:09:16 fetching corpus: 2600, signal 144258/170465 (executing program) 2022/10/06 18:09:16 fetching corpus: 2650, signal 145276/171379 (executing program) 2022/10/06 18:09:16 fetching corpus: 2700, signal 147025/172630 (executing program) 2022/10/06 18:09:16 fetching corpus: 2750, signal 147802/173444 (executing program) 2022/10/06 18:09:16 fetching corpus: 2800, signal 148430/174203 (executing program) 2022/10/06 18:09:16 fetching corpus: 2850, signal 149290/175055 (executing program) 2022/10/06 18:09:16 fetching corpus: 2900, signal 150250/175837 (executing program) 2022/10/06 18:09:16 fetching corpus: 2950, signal 152539/177107 (executing program) 2022/10/06 18:09:16 fetching corpus: 3000, signal 153235/177763 (executing program) 2022/10/06 18:09:16 fetching corpus: 3050, signal 154444/178629 (executing program) 2022/10/06 18:09:17 fetching corpus: 3100, signal 154970/179175 (executing program) 2022/10/06 18:09:17 fetching corpus: 3150, signal 155989/179900 (executing program) 2022/10/06 18:09:17 fetching corpus: 3200, signal 156417/180421 (executing program) 2022/10/06 18:09:17 fetching corpus: 3250, signal 157248/181060 (executing program) 2022/10/06 18:09:17 fetching corpus: 3300, signal 158463/181751 (executing program) 2022/10/06 18:09:17 fetching corpus: 3350, signal 159155/182285 (executing program) 2022/10/06 18:09:17 fetching corpus: 3400, signal 159731/182779 (executing program) 2022/10/06 18:09:17 fetching corpus: 3450, signal 160228/183262 (executing program) 2022/10/06 18:09:17 fetching corpus: 3500, signal 160892/183759 (executing program) 2022/10/06 18:09:17 fetching corpus: 3550, signal 161402/184284 (executing program) 2022/10/06 18:09:18 fetching corpus: 3600, signal 162618/184901 (executing program) 2022/10/06 18:09:18 fetching corpus: 3650, signal 163235/185367 (executing program) 2022/10/06 18:09:18 fetching corpus: 3700, signal 163774/185782 (executing program) 2022/10/06 18:09:18 fetching corpus: 3750, signal 164419/186200 (executing program) 2022/10/06 18:09:18 fetching corpus: 3800, signal 164824/186594 (executing program) 2022/10/06 18:09:18 fetching corpus: 3850, signal 165877/187094 (executing program) 2022/10/06 18:09:18 fetching corpus: 3900, signal 166181/187404 (executing program) 2022/10/06 18:09:18 fetching corpus: 3950, signal 166989/187822 (executing program) 2022/10/06 18:09:18 fetching corpus: 4000, signal 167538/188144 (executing program) 2022/10/06 18:09:18 fetching corpus: 4050, signal 168178/188498 (executing program) 2022/10/06 18:09:19 fetching corpus: 4100, signal 168890/188854 (executing program) 2022/10/06 18:09:19 fetching corpus: 4150, signal 169470/189211 (executing program) 2022/10/06 18:09:19 fetching corpus: 4200, signal 169797/189521 (executing program) 2022/10/06 18:09:19 fetching corpus: 4250, signal 170817/189888 (executing program) 2022/10/06 18:09:19 fetching corpus: 4300, signal 171520/190198 (executing program) 2022/10/06 18:09:19 fetching corpus: 4350, signal 171913/190450 (executing program) 2022/10/06 18:09:19 fetching corpus: 4400, signal 172286/190671 (executing program) 2022/10/06 18:09:19 fetching corpus: 4450, signal 172753/190958 (executing program) 2022/10/06 18:09:19 fetching corpus: 4500, signal 173491/191214 (executing program) 2022/10/06 18:09:19 fetching corpus: 4550, signal 174009/191422 (executing program) 2022/10/06 18:09:20 fetching corpus: 4600, signal 174519/191658 (executing program) 2022/10/06 18:09:20 fetching corpus: 4650, signal 174859/191835 (executing program) 2022/10/06 18:09:20 fetching corpus: 4700, signal 175372/192020 (executing program) 2022/10/06 18:09:20 fetching corpus: 4750, signal 175733/192192 (executing program) 2022/10/06 18:09:20 fetching corpus: 4800, signal 176245/192232 (executing program) 2022/10/06 18:09:20 fetching corpus: 4850, signal 176770/192232 (executing program) 2022/10/06 18:09:20 fetching corpus: 4900, signal 177252/192232 (executing program) 2022/10/06 18:09:20 fetching corpus: 4950, signal 177697/192233 (executing program) 2022/10/06 18:09:20 fetching corpus: 5000, signal 178127/192233 (executing program) 2022/10/06 18:09:20 fetching corpus: 5050, signal 179172/192233 (executing program) 2022/10/06 18:09:21 fetching corpus: 5100, signal 180027/192237 (executing program) 2022/10/06 18:09:21 fetching corpus: 5150, signal 180362/192237 (executing program) 2022/10/06 18:09:21 fetching corpus: 5200, signal 180874/192239 (executing program) 2022/10/06 18:09:21 fetching corpus: 5250, signal 181376/192239 (executing program) 2022/10/06 18:09:21 fetching corpus: 5300, signal 181951/192239 (executing program) 2022/10/06 18:09:21 fetching corpus: 5300, signal 181951/192239 (executing program) 2022/10/06 18:09:24 starting 8 fuzzer processes 18:09:24 executing program 0: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$NL80211_CMD_DEL_STATION(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x30, r0, 0x100, 0x70bd25, 0x25dfdbff, {{}, {@val={0x8}, @val={0xc, 0x99, {0x2, 0x18}}}}, [@NL80211_ATTR_STA_SUPPORTED_CHANNELS={0x6, 0xbd, [0x1]}]}, 0x30}}, 0x0) sendmsg$NL80211_CMD_VENDOR(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f00000001c0)={&(0x7f0000000180)={0x24, r0, 0x2, 0x70bd2b, 0x25dfdbfc, {{}, {@void, @val={0x8}, @void}}, [@NL80211_ATTR_VENDOR_ID={0x8}]}, 0x24}, 0x1, 0x0, 0x0, 0x81}, 0x20008801) sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000280)={0x30, r0, 0x8, 0x70bd2b, 0x25dfdbff, {{}, {@val={0x8}, @val={0xc, 0x99, {0x200, 0x4e}}}}, [@NL80211_ATTR_OFFCHANNEL_TX_OK={0x4}, @NL80211_ATTR_TX_NO_CCK_RATE={0x4}]}, 0x30}, 0x1, 0x0, 0x0, 0x24000000}, 0x4004004) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f00000003c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_JOIN_MESH(0xffffffffffffffff, &(0x7f00000004c0)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000480)={&(0x7f0000000400)={0x6c, r1, 0x200, 0x70bd29, 0x25dfdbfe, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_ID={0xa}, @NL80211_ATTR_CONTROL_PORT_OVER_NL80211={0x4}, @NL80211_ATTR_CONTROL_PORT_OVER_NL80211={0x4}, @NL80211_ATTR_MCAST_RATE={0x8, 0x6b, 0x4}, @NL80211_ATTR_MESH_ID={0xa}, @NL80211_ATTR_BSS_BASIC_RATES={0x10, 0x24, [{0x24, 0x1}, {0x4}, {0x36, 0x1}, {0x12}, {0x48, 0x1}, {0x18}, {0x6}, {0x16}, {0xb, 0x1}, {0x4, 0x1}, {0x4b90c5add5400f3c}, {0x16}]}, @NL80211_ATTR_CONTROL_PORT_OVER_NL80211={0x4}, @NL80211_ATTR_BEACON_INTERVAL={0x8}, @NL80211_ATTR_MESH_ID={0xa}]}, 0x6c}, 0x1, 0x0, 0x0, 0x20000005}, 0x2000e041) sendmsg$NL80211_CMD_JOIN_MESH(0xffffffffffffffff, &(0x7f0000000600)={&(0x7f0000000500)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f00000005c0)={&(0x7f0000000540)={0x74, 0x0, 0x300, 0x70bd27, 0x25dfdbff, {{}, {@val={0x8, 0x3, r2}, @val={0xc, 0x99, {0x800, 0xf}}}}, [@NL80211_ATTR_MESH_CONFIG={0xc, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_AUTO_OPEN_PLINKS={0x5, 0x7, 0x40}]}, @NL80211_ATTR_CONTROL_PORT_OVER_NL80211={0x4}, @NL80211_ATTR_BSS_BASIC_RATES={0x1f, 0x24, [{0x6c}, {0x6c}, {0x3}, {0x36, 0x1}, {0x2}, {0x16, 0x1}, {0x5, 0x1}, {0x6c, 0x1}, {0x6}, {0x36, 0x1}, {0x0, 0x1}, {0x60, 0x1}, {0x4, 0x1}, {0x12, 0x1}, {0x1, 0x1}, {0x5, 0x1}, {0x9, 0x1}, {}, {0xb}, {0x63, 0x1}, {0x5}, {0x30}, {0x0, 0x1}, {0x3, 0x1}, {0x6}, {0x1a, 0x1}, {0x2e}]}, @NL80211_ATTR_SOCKET_OWNER={0x4}, @chandef_params=[@NL80211_ATTR_WIPHY_CHANNEL_TYPE={0x8, 0x27, 0x1}, @NL80211_ATTR_WIPHY_FREQ={0x8}, @NL80211_ATTR_WIPHY_FREQ_OFFSET={0x8, 0x122, 0xa6}]]}, 0x74}, 0x1, 0x0, 0x0, 0x8000}, 0x8000) ioctl$AUTOFS_DEV_IOCTL_CATATONIC(0xffffffffffffffff, 0xc0189379, &(0x7f0000000640)={{0x1, 0x1, 0x18, 0xffffffffffffffff}, './file0\x00'}) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f00000006c0), 0xffffffffffffffff) sendmsg$NL80211_CMD_CONNECT(r3, &(0x7f0000000780)={&(0x7f0000000680)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000740)={&(0x7f0000000700)={0x28, r4, 0x0, 0x70bd26, 0x25dfdbfc, {{}, {@void, @val={0xc, 0x99, {0x8, 0x4b}}}}, [@NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x4}]}, 0x28}, 0x1, 0x0, 0x0, 0x8806}, 0x20000000) sendmsg$IPVS_CMD_GET_SERVICE(r3, &(0x7f0000000880)={&(0x7f00000007c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000840)={&(0x7f0000000800)={0x28, 0x0, 0x300, 0x70bd2b, 0x25dfdbfd, {}, [@IPVS_CMD_ATTR_DEST={0x14, 0x2, 0x0, 0x1, [@IPVS_DEST_ATTR_ACTIVE_CONNS={0x8, 0x7, 0x7}, @IPVS_DEST_ATTR_INACT_CONNS={0x8}]}]}, 0x28}, 0x1, 0x0, 0x0, 0x400c9}, 0x24000800) sendmsg$TIPC_CMD_GET_MEDIA_NAMES(r3, &(0x7f0000000980)={&(0x7f00000008c0)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000940)={&(0x7f0000000900)={0x1c, 0x0, 0x400, 0x70bd2c, 0x25dfdbfd, {}, [""]}, 0x1c}, 0x1, 0x0, 0x0, 0x4000080}, 0x4000000) sendmsg$IPSET_CMD_TYPE(r3, &(0x7f0000000a80)={&(0x7f00000009c0)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000a40)={&(0x7f0000000a00)={0x2c, 0xd, 0x6, 0x5, 0x0, 0x0, {0x1, 0x0, 0x3}, [@IPSET_ATTR_FAMILY={0x5}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xc}, @IPSET_ATTR_PROTOCOL={0x5}]}, 0x2c}, 0x1, 0x0, 0x0, 0x20008000}, 0x1) r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000b00), r3) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000b40)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_STOP_P2P_DEVICE(r3, &(0x7f0000000c00)={&(0x7f0000000ac0)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000bc0)={&(0x7f0000000b80)={0x28, r5, 0x300, 0x70bd27, 0x25dfdbfd, {{}, {@val={0x8, 0x3, r6}, @val={0xc, 0x99, {0x6, 0x26}}}}, ["", "", "", "", ""]}, 0x28}, 0x1, 0x0, 0x0, 0x200080c4}, 0x8d5) ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(r3, 0xc018937a, &(0x7f0000000c40)={{0x1, 0x1, 0x18, r3, {0x4}}, './file1\x00'}) r8 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000c80), r3) sendmsg$NL80211_CMD_FRAME(r7, &(0x7f0000000d40)={0xffffffffffffffff, 0x0, &(0x7f0000000d00)={&(0x7f0000000cc0)={0x2c, r8, 0x800, 0x70bd27, 0x25dfdbfe, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_DONT_WAIT_FOR_ACK={0x4}, @NL80211_ATTR_DONT_WAIT_FOR_ACK={0x4}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ_OFFSET={0x8, 0x122, 0x315}]]}, 0x2c}, 0x1, 0x0, 0x0, 0x10}, 0x24000004) 18:09:24 executing program 3: ioctl$SNDRV_SEQ_IOCTL_QUERY_NEXT_PORT(0xffffffffffffffff, 0xc0a85352, &(0x7f0000000000)={{0xf2, 0x9c}, 'port0\x00', 0xeb, 0x100020, 0x1, 0x1fe00000, 0x4ba2986f, 0x3, 0x5, 0x0, 0x6, 0x1}) ioctl$F2FS_IOC_FLUSH_DEVICE(0xffffffffffffffff, 0x4008f50a, &(0x7f00000000c0)={0x5, 0x8}) r0 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) sendfile(0xffffffffffffffff, r0, &(0x7f0000000100), 0x3) r1 = syz_open_dev$loop(&(0x7f0000000140), 0x200, 0x0) fadvise64(r1, 0x0, 0xff74, 0x5) r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/cgroups\x00', 0x0, 0x0) sendfile(r0, r2, &(0x7f00000001c0)=0x2, 0x8) copy_file_range(r2, 0x0, r0, 0x0, 0x8, 0x0) ioctl$LOOP_CLR_FD(r2, 0x4c01) r3 = socket$inet6_icmp(0xa, 0x2, 0x3a) ioctl$BTRFS_IOC_ADD_DEV(r1, 0x5000940a, &(0x7f0000000200)={{r3}, "9aa9ca6fbc63226bdde8182c3cf9fba894a59f64b03de93388d1235a867168f53631de5aa981ab846224fd74ee309d8cecb4d8866b6d08abc0b25e4cc81c129d0873b823ea42b5b0e429a3987ba40acf97085fbc0a44b0b8fd4a7ac1ccb2679068405ca27759da3178a193f99fb59bfe9cea350bf0f1b22674dab1366bd6588af343c8936b5739f119fdbd1a1439a1ec9c9fa7eb70e399a0c6251d3e0b89cb5afafb27f37e6f6a7f10f5b9bd27985c7d7ad6cb9de8cf56e14729cf812b28d7911eb72e6b6584364a79c3506efc5389ec012127a5bd96f553128aab20cfa301d785cf29ff09a92000bc409a79516b3a4c182656a81787710147a4cf75cdbe9522255bc18786bdb3726b49b90224a79e5d39a60ab14c5cb653fcf887fa161bfe2274a03de18faa080130848cfd6636981e7d5755527b126489b35a3576c15422e2802cdbeca712fc89fe8000bf0d97b640274ac443f9260251bbff5537d6a6392515f611042d25f86a3d8455cbbbcdd123421fba4d6fdc9ce58a5a81e4a480bd7891c06ceaf06991b25a41c6c84bfe87fd2fb08d9418ca3fb5e424b4e28257b90479da2e1e947284517224e7994617f8788da2e403142375600fdd46aca912b334ae90015372138431685598cf01259efa58b6c795461b45d5c04c941c5ece3c7e712548fec207cbc7f3a638bf7bf737f69961bc9b13c42222bd39055970bf21081524d4786287432d0cfe07179a2196a6e7e5315615d44f07c147b657da7627b9e18ba3d78422adcb43b42642c494982e7cef1aa5390a3c18af0668289efe32a337eaf800e93912dabac515bed5c9664dc4b0205f7bf1276d275b7b3140c9b650e9f2ba81a61c92df3ad32c9230d14ececbb55ac1411658803c61dfdc3d24c20855217a63cf1a61fe0988cf7014420ca92c6a46d758f9145164b98e8fe45e9b9070e7d377d7ce7b24df88bd2f878c27500cd8963963452b819cede5b34bada860b9e9445c5cef54ed02a2d7e5614511501ee39bf145253af90b198c03a559af913e214932ed7f0d5fd27e66a856ffbbd91e1810b9e25ba892ed11e44348475232f2c1553a0b7e43321876f72cf1cd3c9bdfe1c1bd48b8698a57dc7f333f71b2b45d155097da4b1ec9ca11b6b2aa636228db0830616e7a76c056efd4f6e5c66b1dfda6ef234e590af9584a7fb993d94b4ac98e920f885b3a597f8a3be27d6bec8ba88537a61d2e6493b6e15da0d8de26f0f6f4a407de5d708fd7c2ce42ae2ff4c36f0896ea6c49188905c85e4512d6424060aa74f57534a414583efe91c437248dd60756eeea558212d165799b269b9ec3db352acd9eda20362334bf93d5c1b13c471edcc45e5baf6805f2b9a1801cd1ea807337b339f8d4df4883877b661fbda2108bce8c5bd6d7943bd2e1d7012d57df41ccb662fd2d35f2848661e8000f0435b34c36a52b66ad1bb6d4aa2b5b41bfe0d4d7c46a5d80df53105e23a13fa401eb2be03434d0cde9d1e0efab8058dd6b0b6b25ab96b22020df155e2e1581e7e1d34e2307f268394269678eae50ee1dbd057fb94202e7717bc7325da3f079b4e1606f9e07f597cb88465787a1d5041312d370d9dc4d7a6c3526db6d393817ff98087b9acb28298c29b343fe0492d6465d71b389aecff4a862c88f6df0fd4345797a2a58ab5d2e870e5fda6dfdd35a2a84e93df666d1e012c2aa6e4d96b964ddeb88b595b7d1ea31ba5a0a50c6f065248f7cf2a2e01edbb7dcebcae4cef7c54325260bfad607ce9af7dd6718f49bbe73c9e90c576226856f283c4ec961c6369dbdc7c615438d317851157a41b6e8742760100d4a859aea56e749089c88f5d803a278ca19332059b16ee1f6e74485e650f520cec7d27a590ac6f5ea6cf251da086faa2cb4589815c080f35d7b0784143dc000ec5edce94e11cb2f7b4bd1f6974050afc6d5f44d812ba3943e298a95bdb650c041315b4fad0056e023d7bae046b7c870e8c170b79999350037921fe49b79287311acfb39a39f4c80a218f5ea5842635b17a2acfd29ffa1ba120f2784d68e904309bd6733b968e18ee915507b3f46b62c6e759d830045a5788bcced6f988bcee27d599c962e5ac0921dd892741f59e8fe85888c4c68f440e1b4292ae1cd088385d17ff04c3b72af501c65a9b8d3e2009ff163464c7b0782faa1c7658761d56098fdf0e2e26851ae75493ad58ca92664a72fea0ee3f59abfed3bc23d0812aaed22eb02cc6c192e91b6657d63aaa4a3f306ab9d532d51309f02c7cc44f47e31e7b176e21755c64bb2047abe6307941972744c2303074ffb2c820425762d37562125868a4051cd607fb3f261caca39bea17ca176652c1c97d136cfce5813beb2c23395945723d7ba784a5f66a7a1cb7d4d7696189e6473e509b40e5169e3081547e3145aa5946ea4c7d418b6ffa038b8efffe110b2ffff42af39158aeb548f511a27064bc318f0366b80e5c404046f31944a7c4882c622580e0491216b69bb7dca9b87345880f5cabcd04fa4266d264683aedd7cdd1ed44ad189bd1a3904e257cb3e965735265e3eb1f0473881ca654d5e162eb5c2cd1322acb9c5102b3ab039a356490f09ea9bd28689d10ab9034c37d0f81dc2099b07110bf8ce5919211d6e8c005d0dc3d99d796cedcc29937a913cf9aec6ba7049cd17602c4630a7d82ff4297fbed1bdee5d3745341e8c1b4f30dacfeb3ebaab99033b41759b37e6b01b2fde704373f0bf36e38dbba2c21f321b2e5defe8ed2c6de457add6c666eabcde8c7d39d57302ed753f1584ffe047002358c40eb808a727c0113905fda34bbc56897830313d5f60ff5522d210cf6b320b57c202e877025cb22537a31305a89f7e98a4a5f6778226656fd8b01c860cc3ac1fd8e23e343182809785cfdf7629fdfcb6898c6c45b09687b5d8bb9f0e95784a99843ab433db366b04b73dbc35a71955332fdb6fca4bf127d4b4c99258854b94993729dfd65c72dedbb33ab2fceb860bcfbda2780d0e440db661285d7811ec031e0d7d64a45a3fe120730eb531b1f450f2d4f79ea99dd89a7c8caa671bbc51fe939c596accb5b2881d2481f65b942ef91dfdbaed0b27c5c894f2a7f2fee18b540e358a0d97a141efd5e55588e6b69d6403dfd4d2ff43f2b8965c27942a6e7ed55000ca5cd97a51e9a1c119a9760d7f57447e4b98f85a75873fc52b67c86e857bf7051aa797697cf8d08bf1a068e22ae5ce8a57973f9bda172a709609baa6741dcc0f3bbe95dcf50b6e23e701856914d9f302ed3ce3c89f27476b9e85df1662b5ebb66b9d1f44afd836eeee458a6224ca64c08b85784ccc6dd7859d02c03a174ae97dac24f2906d4935d846ebfdc140c85e34bf5d3857513c9bab03dfd96912cc8f7e9a1f552ce28edf401e42977cf444cf5da4d59acab97d9310bb4636fb1642af0802ac6176b0fb463652ba92566d8aa1eae66873b750840ea6f68cb05ee166ca161a7cf6a72fd6d38cc1000c1ffff9e00f9398d1703eba5cc3b27e1b6148d95eb1a68e4248100a18c3a2583b029d73ffd0be9b19c7d8892ed6dfa5c5c53e592630bd0644925db0c9b460624e7989b45a68498e9756a05f858c2eb4c09bfe5842be7245c3ac7f32c50136fdf47785009a05e4aec082513521f323c749868d6d9d02baf6e30a88b1604c6942d19b6deb2e1ce8a9fd7f4305fb09febeb0bd6e7c8c67a80388d4fef1a47a98a2aa60b8afef8f7424a618f6dc22e6f5ccf7c16d5fa14172f38ebad7e8c26a8b7908d666c9561beadfcfecb397679bdf2cd810c78dc90a12d7b1d036be35d0cdf0ee50514a718a78cdf7529e85b010c8aa40deea06c1cbc9bcc5e6952c384959f377366ab0236c8f288b3bb5e637fcea3912f8221e075e7337f310525e2e6a78e32f10b23aae56504f2b1be38d97c32abd148c00310f583b8b51cc50f6aeafcd3b3af3bf5c56e11ec92e095af2a370a75e44d9cd98eae475e02fd9467545db14146a5d00023716907289b664158eec95606c724dd6016562bd29126bf3f63a9d99d5c9ddd2ece99ab2505892c7778bb331b0561765f048c37f1279781490edaa67a1dba23d06e4fee79e62ec29623b8453491f7e84be2b4e09009c24650009e87b350c9a61628e7d56bb2ee11e5461f06a906b8b5280c2b909247fc4ea8655e06a8ffdda2b4d54908a247d3d0d43d2d28e2a059b3bc81eaf6a5e649cd35df6fbc56c81a7493a80280113172230d83b28335c8a03f92fbd8be4546dca9426563f81b5073df27cab330d02ac8ee56fe9b1aedf45526142b102b1c6dc172ac3e97ebd148116a21bf5c1af42a2515f9da53c7d9a1b598973715e14705edf2e7f6471b37d44d3aea77d7c47516e94a339f7593076b2375eb4dda5d3bb99c17dd93044d16309e54ca6bf007c85029c9acad5df625e13230302a9f0de44ae095c7cd8ee01ab390a71cd39d65bd5b3d9fea0bea16a029f33e5fb792ac2941e94b12a993878cacf1f188aa3da0f8c52d1455823d13101c27938631c84616144e0416bbda3c106fd56b96f686bb6896885c0f485139127fd796793f657185f226fe188dc757defe2b58aca3c4255835441beba53c2f387d9e1488aad74b7bceb00e59b64b53109c3535a15199d5bd00805312f058218917c9406fc8e83e5de386bc3b53dd9a0ff308fc4ecba7efa046462c73a8b94be9bfe88d86de5b18695d8ce8aa8f698b3b404cc7df6029ae9502544162a699e84aca063da0c1bb56f58a3cdc20db1da884028ece5b5042dd1ef9e27584003ee595d643bf5a5e24b5249d5f84a4a98101a561e6f7ae420731fe79fa0adcd243633db78d2f556431a06341c291ed9b5d30bc802a26bfb8cecb379f934229ebffaa5eb18a5207ded610421f846c87ff5bca6fbdf946622feced5baf40c57cd1fee54171e62470233e77e30017c15ad9eecb46cc93a804c92def67a4b4cd11c0c2fbe9c6d6774b6194643f2a7b941c7a2cef8ff213b43d707042fe69d0a54478bcf459d9515d41dcf23c2db95f28b87106f12156ca8e25b8d18a7621b46af9588cb04a59a6b57e29b24dd5fa038bfbe355100404347c25996e7c59db808a7c6d12af53eb8fefb3a82e6ef561aba6a6c6aeb538be993df854029b71ce6883dabbf60b9ce938a2f96b7b6f3ae06c8ea42bec102db740656ea66918df59a3495f08616aa35b0a8e2eb4335e37dc7cd20113ed7b478ae267972d38a6c74c8bf621532e549be00615649a15fa74d3a760d53e3915daed0644ce07e69e606be93109d5f571bba1ee3970f12dd1384c450882fbc219a8e228f2f80d88ebd3109ff1cd44e09ee54a0ae36fa775572140efc766b5585fa8ebc86f2179028d295c4ed126498d4d0ba79599e5f5c686573c6df7511eb4cd542f34f853c8886ad2a6055e7119ba297108fd43cd8b3a577cad1fdce8b0a05bae65b24369424f1a831a05ff2138028d8d9218bd170cd4ea3b09e9ea30b7b0334b892121415d8deb7f75c4cea70ef827dd01ff0906e092507f088aa3e7a855f5fe95e5776e915b1bb5810ce0375d67d5d00634d743b9ced2765c425dd8c883acaaf022d9fe5862c8509c1ddf889afc28455db8933952843e20f428bcd14f0ba2672abe5165b76734e467493b711413ceec1eac50a2e2bd1b3bcff09dda8ae7aae392a98c8b78232c5b225711dac66effc126017e6739bdec3da5b27d9d2a75ad2f1f60baac2e62bce6b48319a3665fa701233dd04df79944acbdb8c6d07203fcfb04fdf7b9c2e3123597f1dad94003f"}) ioctl$SG_GET_PACK_ID(r2, 0x227c, &(0x7f0000001200)) ioctl$FIOCLEX(0xffffffffffffffff, 0x5451) ioctl$LOOP_SET_STATUS(r1, 0x4c02, &(0x7f0000001240)={0x0, {}, 0x0, {}, 0xbff, 0x5, 0x9, 0x9, "c1a0cace662fe3399aba4deae8d3fbe00198ea79024b1d86b08823373740c6468905fa55b639120ef2115c90d08c38c7d6bda04825a70b22618bdf6e6becaeb6", "aefd6821cb7583a0c32c496275034e6de9bb0f73bee060c9987f378d74a989b9", [0x9, 0x9]}) ioctl$AUTOFS_DEV_IOCTL_CATATONIC(r3, 0xc0189379, &(0x7f0000001300)={{0x1, 0x1, 0x18, 0xffffffffffffffff}, './file0\x00'}) ioctl$TUNSETGROUP(r4, 0x400454ce, 0xffffffffffffffff) readv(0xffffffffffffffff, &(0x7f0000001500)=[{&(0x7f0000001340)=""/171, 0xab}, {&(0x7f0000001400)=""/138, 0x8a}, {&(0x7f00000014c0)}], 0x3) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(0xffffffffffffffff, 0xc0189373, &(0x7f0000001540)={{0x1, 0x1, 0x18, r2, {0xe22b}}, './file0\x00'}) socket$inet_udp(0x2, 0x2, 0x0) 18:09:24 executing program 1: r0 = openat$vcsu(0xffffffffffffff9c, &(0x7f0000000000), 0x400100, 0x0) ioctl$VT_DISALLOCATE(r0, 0x5608) readv(r0, &(0x7f0000001200)=[{&(0x7f0000000040)=""/142, 0x8e}, {&(0x7f0000000100)=""/180, 0xb4}, {&(0x7f00000001c0)=""/4096, 0x1000}, {&(0x7f00000011c0)=""/42, 0x2a}], 0x4) openat(r0, &(0x7f0000001240)='./file0\x00', 0x0, 0x80) ioctl$F2FS_IOC_WRITE_CHECKPOINT(r0, 0xf507, 0x0) r1 = epoll_create(0xfffffffd) write$binfmt_aout(r1, &(0x7f0000001280)={{0x107, 0x9, 0x7f, 0x1a9, 0x280, 0x2, 0x19b, 0xdb}, "2a72b954804e65cd467e299d74879c11c2f0ea59646f7202a62c279bb5580f84a4a1277d7eff9d6c6e6b4cc592d5791e05ea0b0be3bd08fd14f7b8ea5280e18fead0cc30e2655b9ca67821a03b6631fd2654dfcef116eb75b83d3468d30d264b2a72fc9ff7c6c8d326d7951f36b810537756ca97e1b0677f3f1611376362a29f4cc83c7521b6fba67a1f180e8a568799edd6635c99c44bc066c3c4bea92cd29a4b19b8aa3aae409bd9be1398df007a", ['\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00']}, 0x8cf) r2 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r0, &(0x7f0000001b80)={0xd0000017}) epoll_create1(0x80000) write$P9_RREADLINK(r0, &(0x7f0000001bc0)={0x10, 0x17, 0x1, {0x7, './file0'}}, 0x10) mount(&(0x7f0000001c00)=@md0, &(0x7f0000001c40)='./file0/../file0\x00', &(0x7f0000001c80)='afs\x00', 0x50, &(0x7f0000001cc0)='\x00') process_vm_readv(0xffffffffffffffff, &(0x7f0000001f80)=[{&(0x7f0000001d00)=""/222, 0xde}, {&(0x7f0000001e00)=""/46, 0x2e}, {&(0x7f0000001e40)=""/255, 0xff}, {&(0x7f0000001f40)=""/57, 0x39}], 0x4, &(0x7f0000002000)=[{&(0x7f0000001fc0)=""/28, 0x1c}], 0x1, 0x0) newfstatat(0xffffffffffffff9c, &(0x7f0000002080)='./file0\x00', &(0x7f00000020c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x100) lchown(&(0x7f0000002040)='./file0\x00', 0x0, r3) r4 = openat(0xffffffffffffffff, &(0x7f0000002140)='./file0/../file0\x00', 0x101000, 0x11f) r5 = socket$nl_netfilter(0x10, 0x3, 0xc) epoll_ctl$EPOLL_CTL_MOD(r4, 0x3, r5, &(0x7f0000002180)={0x80002018}) openat$vcs(0xffffffffffffff9c, &(0x7f00000021c0), 0x202000, 0x0) accept$unix(0xffffffffffffffff, &(0x7f0000002200)=@abs, &(0x7f0000002280)=0x6e) 18:09:24 executing program 2: sched_setattr(0xffffffffffffffff, &(0x7f0000000000)={0x38, 0x3, 0x10, 0x9, 0x8001, 0x3, 0x8, 0x3, 0xb0, 0x81}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x38, 0x6, 0x12, 0x10001, 0x8001, 0x1f, 0x9, 0x6, 0x8a, 0x5}, 0x0) ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000080)=0x0) sched_setattr(r0, &(0x7f00000000c0)={0x38, 0x2, 0x4, 0x8a9c, 0x2, 0x8000000000000000, 0x9, 0x5, 0xfffffffb, 0x6}, 0x0) ioctl$TCSBRKP(0xffffffffffffffff, 0x5425, 0x0) fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f0000000100)={0x0, 0x0}) sched_setattr(r1, &(0x7f0000000140)={0x38, 0x3, 0xe, 0x1000, 0x9, 0x7f, 0xe3a, 0xe82, 0x8, 0x2}, 0x0) sched_setattr(r1, &(0x7f0000000180)={0x38, 0x0, 0x30000004, 0x0, 0x0, 0x100, 0x0, 0x4, 0x5, 0x7}, 0x0) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f00000001c0)={0x0, 0x0}, &(0x7f0000000200)=0xc) sched_setattr(r2, &(0x7f0000000240)={0x38, 0x2, 0x45, 0x8, 0x5, 0xcd81, 0x9, 0x100, 0x91, 0x8}, 0x0) r4 = syz_open_pts(0xffffffffffffffff, 0x800) getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, &(0x7f0000000280)={0x0, @loopback, @dev}, &(0x7f00000002c0)=0xc) ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f00000003c0)={'erspan0\x00', &(0x7f0000000300)={'syztnl2\x00', r5, 0x7, 0x10, 0xe3, 0x200, {{0x1b, 0x4, 0x0, 0x4, 0x6c, 0x65, 0x0, 0x8, 0x2f, 0x0, @local, @local, {[@timestamp_prespec={0x44, 0x3c, 0xaa, 0x3, 0x9, [{@multicast2, 0x200}, {@initdev={0xac, 0x1e, 0x0, 0x0}, 0x49}, {@multicast2, 0x6}, {@rand_addr=0x64010102, 0x9}, {@multicast2, 0xd5}, {@dev={0xac, 0x14, 0x14, 0x2a}, 0x1}, {@multicast1, 0x6}]}, @rr={0x7, 0x1b, 0xf, [@initdev={0xac, 0x1e, 0x1, 0x0}, @remote, @remote, @remote, @initdev={0xac, 0x1e, 0x0, 0x0}, @loopback]}, @noop]}}}}}) sched_setattr(r1, &(0x7f0000000400)={0x38, 0x0, 0x10000000, 0x1, 0x3, 0x5, 0x1, 0x0, 0x7, 0xdc31}, 0x0) ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f0000000500)={'ip6tnl0\x00', &(0x7f0000000480)={'ip6gre0\x00', r5, 0x2d, 0x4, 0x4, 0x3ff, 0x60, @mcast1, @mcast1, 0x80, 0x40, 0x2, 0x3}}) stat(&(0x7f0000000540)='./file0\x00', &(0x7f0000000580)={0x0, 0x0, 0x0, 0x0, 0x0}) sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000880)={&(0x7f0000000440)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000840)={&(0x7f0000000600)=@migrate={0x218, 0x21, 0x8, 0x70bd29, 0x25dfdbfc, {{@in6=@local, @in6=@loopback, 0x4e24, 0xf6, 0x4e21, 0x100, 0xa, 0x120, 0x0, 0x29, r5, r3}, 0x6e6bb1}, [@XFRMA_SET_MARK_MASK={0x8, 0x1e, 0x4}, @mark={0xc, 0x15, {0x35075d, 0x7ff}}, @etimer_thresh={0x8}, @lastused={0xc}, @replay_val={0x10, 0xa, {0x70bd2a, 0x70bd2c, 0x7}}, @offload={0xc, 0x1c, {r5, 0x1}}, @policy={0xac, 0x7, {{@in6=@initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, @in6=@dev={0xfe, 0x80, '\x00', 0x1a}, 0x4e21, 0x7fff, 0x4e21, 0x9, 0xa, 0x20, 0x80, 0xf, r6, 0xee01}, {0x7, 0x3, 0x4, 0x100000000, 0x1b9d, 0x9, 0x631, 0x1ff}, {0x81, 0x7, 0x5, 0xfc}, 0x1, 0x0, 0x0, 0x1, 0x3, 0x3}}, @replay_esn_val={0x24, 0x17, {0x2, 0x70bd2b, 0x70bd28, 0x70bd2d, 0x70bd29, 0x9, [0x5, 0x2]}}, @policy={0xac, 0x7, {{@in6=@remote, @in6=@private2, 0x4e21, 0x6a, 0x4e20, 0x28, 0xa, 0xa0, 0x80, 0x2b, r7, r8}, {0x9, 0x400, 0x96b1, 0xcc8, 0xffff, 0x8001, 0x1, 0x80000001}, {0x3, 0x68ab, 0x7f4f, 0x81}, 0x4, 0x0, 0x1, 0x0, 0x1, 0x1}}, @proto={0x5, 0x19, 0x2b}]}, 0x218}, 0x1, 0x0, 0x0, 0x20000000}, 0x80) sched_setattr(r1, &(0x7f00000008c0)={0x38, 0x5, 0x0, 0x1, 0x1b, 0x2, 0x3, 0x4, 0xfffffffc, 0x10}, 0x0) ioctl$TIOCMSET(r4, 0x5418, &(0x7f0000000900)) sched_setattr(r2, &(0x7f0000000940)={0x38, 0x5, 0xc, 0x7f, 0x6805, 0x80a, 0x8001, 0x20, 0x3, 0xe6}, 0x0) 18:09:24 executing program 4: ioctl$GIO_SCRNMAP(0xffffffffffffffff, 0x4b40, &(0x7f0000000000)=""/234) r0 = clone3(&(0x7f0000000400)={0x4200000, &(0x7f0000000100)=0xffffffffffffffff, &(0x7f0000000140), &(0x7f0000000180), {0xf}, &(0x7f00000001c0)=""/196, 0xc4, &(0x7f00000002c0)=""/198, &(0x7f00000003c0)=[0xffffffffffffffff, 0x0, 0xffffffffffffffff], 0x3}, 0x58) ioctl$TIOCSPGRP(0xffffffffffffffff, 0x5410, &(0x7f0000000480)=r0) ioctl$AUTOFS_DEV_IOCTL_OPENMOUNT(0xffffffffffffffff, 0xc0189374, &(0x7f00000004c0)={{0x1, 0x1, 0x18, r1, {0x1669}}, './file0\x00'}) r3 = openat$cgroup_ro(r2, &(0x7f0000000500)='blkio.throttle.io_service_bytes\x00', 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_READY(r3, 0xc0189376, &(0x7f0000000540)={{0x1, 0x1, 0x18, r3, {0x46d}}, './file1\x00'}) r5 = accept4$unix(r4, 0x0, &(0x7f0000000580), 0x0) signalfd(r5, &(0x7f00000005c0)={[0x6]}, 0x8) r6 = syz_open_dev$mouse(&(0x7f0000000600), 0x0, 0x40102) sendmsg$IPSET_CMD_SAVE(r6, &(0x7f0000000700)={&(0x7f0000000640)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f00000006c0)={&(0x7f0000000680)={0x2c, 0x8, 0x6, 0x0, 0x0, 0x0, {0x1, 0x0, 0x1}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz2\x00'}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz2\x00'}]}, 0x2c}, 0x1, 0x0, 0x0, 0xb}, 0x4008000) recvmmsg$unix(r6, &(0x7f0000003880)=[{{&(0x7f00000007c0)=@abs, 0x6e, &(0x7f0000000b40)=[{&(0x7f0000000840)=""/110, 0x6e}, {&(0x7f00000008c0)=""/30, 0x1e}, {&(0x7f0000000900)=""/178, 0xb2}, {&(0x7f00000009c0)=""/85, 0x55}, {&(0x7f0000000a40)=""/127, 0x7f}, {&(0x7f0000000ac0)=""/89, 0x59}], 0x6, &(0x7f0000000bc0)=[@rights={{0x20, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}], 0xb0}}, {{&(0x7f0000000c80), 0x6e, &(0x7f0000000e00)=[{&(0x7f0000000d00)=""/83, 0x53}, {&(0x7f0000000d80)=""/73, 0x49}], 0x2, &(0x7f0000000e40)=[@cred={{0x1c}}, @rights={{0x2c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x20, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0xb0}}, {{0x0, 0x0, &(0x7f0000001540)=[{&(0x7f0000000f00)=""/156, 0x9c}, {&(0x7f0000000fc0)=""/80, 0x50}, {&(0x7f0000001040)=""/147, 0x93}, {&(0x7f0000001100)=""/240, 0xf0}, {&(0x7f0000001200)=""/86, 0x56}, {&(0x7f0000001280)=""/178, 0xb2}, {&(0x7f0000001340)=""/112, 0x70}, {&(0x7f00000013c0)=""/249, 0xf9}, {&(0x7f00000014c0)=""/119, 0x77}], 0x9, &(0x7f0000001600)=[@cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}], 0x80}}, {{&(0x7f0000001680)=@abs, 0x6e, &(0x7f0000001840)=[{&(0x7f0000001700)=""/217, 0xd9}, {&(0x7f0000001800)=""/44, 0x2c}], 0x2, &(0x7f0000001880)=[@cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}], 0x60}}, {{&(0x7f0000001900)=@abs, 0x6e, &(0x7f0000001d40)=[{&(0x7f0000001980)=""/17, 0x11}, {&(0x7f00000019c0)=""/152, 0x98}, {&(0x7f0000001a80)=""/221, 0xdd}, {&(0x7f0000001b80)=""/202, 0xca}, {&(0x7f0000001c80)=""/184, 0xb8}], 0x5, &(0x7f0000001dc0)=[@rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x34, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}], 0x140}}, {{0x0, 0x0, &(0x7f0000002000)=[{&(0x7f0000001f00)=""/28, 0x1c}, {&(0x7f0000001f40)=""/93, 0x5d}, {&(0x7f0000001fc0)=""/44, 0x2c}], 0x3, &(0x7f0000002040)=[@cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c, 0x1, 0x2, {0x0}}}], 0x60}}, {{0x0, 0x0, &(0x7f0000002500)=[{&(0x7f00000020c0)=""/31, 0x1f}, {&(0x7f0000002100)=""/128, 0x80}, {&(0x7f0000002180)=""/166, 0xa6}, {&(0x7f0000002240)=""/178, 0xb2}, {&(0x7f0000002300)=""/224, 0xe0}, {&(0x7f0000002400)=""/209, 0xd1}], 0x6, &(0x7f0000002580)=[@rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x2c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0x98}}, {{&(0x7f0000002640)=@abs, 0x6e, &(0x7f0000003780)=[{&(0x7f00000026c0)=""/183, 0xb7}, {&(0x7f0000002780)=""/4096, 0x1000}], 0x2, &(0x7f00000037c0)=[@rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}], 0xa0}}], 0x8, 0x2100, &(0x7f0000003a80)) perf_event_open(&(0x7f0000000740)={0x4, 0x80, 0x0, 0x81, 0x40, 0x5, 0x0, 0xd2e, 0x20608, 0x3, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x4, 0x4, @perf_config_ext={0xe000, 0x6}, 0x81, 0x6, 0x0, 0x8, 0xa3cf, 0x1, 0x5, 0x0, 0x20, 0x0, 0xbb36}, r10, 0xf, r2, 0xb) ioctl$AUTOFS_DEV_IOCTL_EXPIRE(r9, 0xc018937c, &(0x7f0000003ac0)={{0x1, 0x1, 0x18, r8, {0x2}}, './file0\x00'}) r12 = epoll_create1(0x80000) ioctl$BTRFS_IOC_QGROUP_ASSIGN(r12, 0x40189429, &(0x7f0000003b00)={0x0, 0x6, 0xffffffffffffffbf}) pipe(&(0x7f0000003b40)={0xffffffffffffffff}) ioctl$TIOCGPTPEER(r13, 0x5441, 0xd592000000000) syz_mount_image$ext4(&(0x7f0000003b80)='ext3\x00', &(0x7f0000003bc0)='./file1\x00', 0x4, 0x4, &(0x7f0000003ec0)=[{&(0x7f0000003c00)="01e7f477661b6342f1b0d1b8a21814252813134a2747dfdc668fd61876e8af14b9db0698e516c0be44dc1601b3d6528639fd0555668c7a3f217d01760b52ca9858ca93648717d77d9e96c7cb341f6b5f845e5ec9b228c22b2b5460706b1cb77be1bef11e35a652973fbf052902e42f8ce28567fea9d996fc519f1ca9c3a78dfc90143fd83ccc147875cc013577edda6deb1370763a165390e9a719e8d669c6c3c61842d0fcd8c212ca86655e0b7142e68edf71e04ad02172c8a8655ae12a21e3e71ba4d3d4b93622b11845c7d7d7ec53337f3284c6a301753ec410c3e0b451ce405a32", 0xe3, 0x10001}, {&(0x7f0000003d00)="f0859f77484c1b4a29c2011176cba7eda12e254c1a4496b99714cf3693971c5c85911bf9824c9daa15b55bad4ccd0a890de36b233b72f4a50bfcc2deb83839", 0x3f, 0x3}, {&(0x7f0000003d40)="88bae80aba54fb52cdb70a0a868d38b4c475319185e53f983f196cb7d5a2c964470f91f8020e5794dff3c5921e2fb2f844681935f2aa293c7873087c2994451588e7ebee6356f47ae426dfafd7a6a3dd867ae9ae5c", 0x55, 0x100}, {&(0x7f0000003dc0)="87414114c6d03b0973898d9fb1e90d347c6c602e1d6f6c05919788ca37a879de6b7854570f7ca8acf23e8a8afa8e59fa30c2e75ae02b06e16052e699a41f89a87ded15f1b54b639289f322ddd8c5ccc24335f10129a293f93a1a70b068822d511d4c21d6c603c80562030554de48a1e1b293cc34695aa4f474cd2991912684ef64207936687c3e293c36c385b2accf7eb1cec18af400d5330d1e8e105d444076c10582a4ecbfd517c9fd6b44ee5da1be21d174695ccf075a8dac26dc9470718bbb9d32b9c510efc39cd1982c508d9bd68abedcad2bf53bf3be294c820bd9b74742c5426caff812583aff", 0xea, 0x736a}], 0x20, &(0x7f0000003f40)={[{@nombcache}, {@grpjquota_path={'grpjquota', 0x3d, './file0'}}, {@journal_async_commit}, {@data_ordered}, {@bsdgroups}, {@nobh}, {}], [{@measure}, {@fsname}, {@permit_directio}, {@smackfsdef={'smackfsdef', 0x3d, 'blkio.throttle.io_service_bytes\x00'}}, {@measure}, {@obj_user={'obj_user', 0x3d, 'blkio.throttle.io_service_bytes\x00'}}, {@rootcontext={'rootcontext', 0x3d, 'sysadm_u'}}, {@subj_role}, {@smackfshat={'smackfshat', 0x3d, ')#$\'-'}}]}) ioctl$TIOCGSID(r7, 0x5429, &(0x7f0000004100)=0x0) perf_event_open(&(0x7f0000004080)={0x1, 0x80, 0x6, 0x40, 0x7, 0x40, 0x0, 0xff, 0x2, 0x8, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x64, 0x4, @perf_config_ext={0x7, 0x1}, 0x910, 0x6, 0x7f, 0x0, 0x1, 0x2, 0xab, 0x0, 0x60, 0x0, 0x44db4d52}, r14, 0x3, r11, 0x9) 18:09:24 executing program 5: r0 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$TIPC_NL_NET_SET(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000080)={0xb4, r0, 0x100, 0x70bd29, 0x25dfdbff, {}, [@TIPC_NLA_PUBL={0xc, 0x3, 0x0, 0x1, [@TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0x1}]}, @TIPC_NLA_BEARER={0x94, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x3f}, @TIPC_NLA_BEARER_PROP={0x44, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x80}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x2}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x6}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1b}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x4}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xd}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1b}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x8000}]}, @TIPC_NLA_BEARER_UDP_OPTS={0x44, 0x4, {{0x20, 0x1, @in6={0xa, 0x4e24, 0x2, @empty, 0xd09}}, {0x20, 0x2, @in6={0xa, 0x4e22, 0x1, @private0={0xfc, 0x0, '\x00', 0x1}, 0x1f}}}}]}]}, 0xb4}, 0x1, 0x0, 0x0, 0x80}, 0x0) sendmsg$TIPC_NL_KEY_SET(0xffffffffffffffff, &(0x7f00000005c0)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000580)={&(0x7f0000000200)={0x378, r0, 0x300, 0x70bd29, 0x25dfdbfe, {}, [@TIPC_NLA_SOCK={0x78, 0x2, 0x0, 0x1, [@TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_REF={0x8, 0x2, 0x6}, @TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0x3}, @TIPC_NLA_SOCK_CON={0x54, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_NODE={0x8, 0x2, 0x2}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x400}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x5}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x3}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x9}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x7ff}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x9}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x3}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x7fff}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x2481}]}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}]}, @TIPC_NLA_MEDIA={0x38, 0x5, 0x0, 0x1, [@TIPC_NLA_MEDIA_NAME={0x7, 0x1, 'ib\x00'}, @TIPC_NLA_MEDIA_PROP={0x2c, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x9}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0xa38}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x4}, @TIPC_NLA_PROP_MTU={0x8}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x6}]}]}, @TIPC_NLA_NET={0x30, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_ID={0x8, 0x1, 0x1}, @TIPC_NLA_NET_ADDR={0x8, 0x2, 0x10001}, @TIPC_NLA_NET_ID={0x8, 0x1, 0x6000000}, @TIPC_NLA_NET_ID={0x8, 0x1, 0x1}, @TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x2814}]}, @TIPC_NLA_MEDIA={0x3c, 0x5, 0x0, 0x1, [@TIPC_NLA_MEDIA_PROP={0x14, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x8}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x4}]}, @TIPC_NLA_MEDIA_PROP={0x24, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x10000}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1a}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x8}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xd}]}]}, @TIPC_NLA_NET={0x64, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_ADDR={0x8, 0x2, 0x3}, @TIPC_NLA_NET_ADDR={0x8, 0x2, 0x7}, @TIPC_NLA_NET_ID={0x8, 0x1, 0x9}, @TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x7ff}, @TIPC_NLA_NET_NODEID={0xc, 0x3, 0x7}, @TIPC_NLA_NET_NODEID={0xc}, @TIPC_NLA_NET_ID={0x8, 0x1, 0x80000001}, @TIPC_NLA_NET_NODEID={0xc, 0x3, 0x2}, @TIPC_NLA_NET_ADDR={0x8, 0x2, 0x6}, @TIPC_NLA_NET_ID={0x8, 0x1, 0x5}]}, @TIPC_NLA_MON={0x24, 0x9, 0x0, 0x1, [@TIPC_NLA_MON_REF={0x8, 0x2, 0x5}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x1000}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x872}]}, @TIPC_NLA_MEDIA={0x9c, 0x5, 0x0, 0x1, [@TIPC_NLA_MEDIA_PROP={0x34, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x101}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x10000}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x80000001}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x20}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0xffff}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x1}]}, @TIPC_NLA_MEDIA_PROP={0xc, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0xffff8001}]}, @TIPC_NLA_MEDIA_NAME={0x7, 0x1, 'ib\x00'}, @TIPC_NLA_MEDIA_PROP={0x3c, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x4}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x7}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x5}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x1}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x10000}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0xffff}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x8}]}, @TIPC_NLA_MEDIA_PROP={0x14, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x400}, @TIPC_NLA_PROP_TOL={0x8}]}]}, @TIPC_NLA_SOCK={0x74, 0x2, 0x0, 0x1, [@TIPC_NLA_SOCK_CON={0x14, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_FLAG={0x8, 0x1, 0x401}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x6}]}, @TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0x6}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_CON={0xc, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_NODE={0x8, 0x2, 0x5}]}, @TIPC_NLA_SOCK_REF={0x8, 0x2, 0x9}, @TIPC_NLA_SOCK_CON={0x24, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_NODE={0x8, 0x2, 0xc6}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x2}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0xfffffff7}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x52f58c6f}]}, @TIPC_NLA_SOCK_REF={0x8, 0x2, 0x81}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_REF={0x8, 0x2, 0x2}]}, @TIPC_NLA_SOCK={0xb0, 0x2, 0x0, 0x1, [@TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0xd4}, @TIPC_NLA_SOCK_CON={0x34, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_NODE={0x8, 0x2, 0x10000}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x2a0c}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x9}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0xc68}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x93f9ba2}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0xfffffe01}]}, @TIPC_NLA_SOCK_CON={0x4c, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_FLAG={0x8, 0x1, 0x5}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x7}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x3}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0xff}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0xfffffff9}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x1}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0xfffffffe}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x10001}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x35b}]}, @TIPC_NLA_SOCK_CON={0x1c, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_NODE={0x8, 0x2, 0x10001}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x1}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x40}]}]}]}, 0x378}, 0x1, 0x0, 0x0, 0x4004080}, 0x2000000) r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000600)='/sys/module/scsi_mod', 0x800, 0x1d5) sendmsg$ETHTOOL_MSG_FEATURES_GET(r1, &(0x7f0000000780)={&(0x7f0000000640)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000740)={&(0x7f0000000680)={0xbc, 0x0, 0x8, 0x70bd28, 0x25dfdbfd, {}, [@HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_to_hsr\x00'}]}, @HEADER={0x50, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_to_hsr\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'bridge_slave_1\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1\x00'}]}, @HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'syzkaller0\x00'}]}, @HEADER={0x28, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'ip6_vti0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x6}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}]}]}, 0xbc}, 0x1, 0x0, 0x0, 0x24048040}, 0x1) r2 = openat$cgroup_int(r1, &(0x7f00000007c0)='cgroup.max.descendants\x00', 0x2, 0x0) lseek(r2, 0x7ff, 0x0) r3 = syz_genetlink_get_family_id$nl802154(0xfffffffffffffffc, 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_MAX_CSMA_BACKOFFS(0xffffffffffffffff, &(0x7f00000008c0)={&(0x7f0000000800)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000880)={&(0x7f0000000840)={0x14, r3, 0x100, 0x70bd29, 0x25dfdbfb}, 0x14}, 0x1, 0x0, 0x0, 0x891}, 0x4004) r4 = dup(r1) sendmsg$IPCTNL_MSG_CT_GET(r4, &(0x7f0000000bc0)={&(0x7f0000000900)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000b80)={&(0x7f0000000940)={0x21c, 0x1, 0x1, 0x101, 0x0, 0x0, {0x0, 0x0, 0xa}, [@CTA_SYNPROXY={0x1c, 0x18, 0x0, 0x1, [@CTA_SYNPROXY_ITS={0x8, 0x2, 0x1, 0x0, 0x8}, @CTA_SYNPROXY_ISN={0x8, 0x1, 0x1, 0x0, 0x40}, @CTA_SYNPROXY_ITS={0x8, 0x2, 0x1, 0x0, 0x6}]}, @CTA_ZONE={0x6, 0x12, 0x1, 0x0, 0x1}, @CTA_HELP={0x10, 0x5, 0x0, 0x1, {0xa, 0x1, 'Q.931\x00'}}, @CTA_NAT_SRC={0x68, 0x6, 0x0, 0x1, [@CTA_NAT_V4_MAXIP={0x8, 0x2, @dev={0xac, 0x14, 0x14, 0x2c}}, @CTA_NAT_V4_MAXIP={0x8, 0x2, @empty}, @CTA_NAT_V6_MAXIP={0x14, 0x5, @dev={0xfe, 0x80, '\x00', 0xd}}, @CTA_NAT_V4_MAXIP={0x8, 0x2, @private=0xa010102}, @CTA_NAT_PROTO={0x14, 0x3, 0x0, 0x1, [@CTA_PROTONAT_PORT_MAX={0x6, 0x2, 0x4e23}, @CTA_PROTONAT_PORT_MAX={0x6, 0x2, 0x4e23}]}, @CTA_NAT_V4_MAXIP={0x8, 0x2, @initdev={0xac, 0x1e, 0x0, 0x0}}, @CTA_NAT_V6_MINIP={0x14, 0x4, @mcast2}, @CTA_NAT_V4_MAXIP={0x8, 0x2, @remote}]}, @CTA_NAT_DST={0x54, 0xd, 0x0, 0x1, [@CTA_NAT_V6_MAXIP={0x14, 0x5, @ipv4={'\x00', '\xff\xff', @rand_addr=0x64010102}}, @CTA_NAT_V6_MAXIP={0x14, 0x5, @local}, @CTA_NAT_PROTO={0xc, 0x3, 0x0, 0x1, [@CTA_PROTONAT_PORT_MIN={0x6, 0x1, 0x4e23}]}, @CTA_NAT_V4_MINIP={0x8, 0x1, @initdev={0xac, 0x1e, 0x1, 0x0}}, @CTA_NAT_V6_MINIP={0x14, 0x4, @rand_addr=' \x01\x00'}]}, @CTA_TUPLE_REPLY={0xb8, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}}, {0x14, 0x4, @private2}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x1}}, @CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x3}, @CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @remote}, {0x14, 0x4, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}}}, @CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x3}, @CTA_TUPLE_ZONE={0x6}, @CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @mcast1}, {0x14, 0x4, @ipv4={'\x00', '\xff\xff', @local}}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x1}}]}, @CTA_PROTOINFO={0x58, 0x4, 0x0, 0x1, @CTA_PROTOINFO_TCP={0x54, 0x1, 0x0, 0x1, [@CTA_PROTOINFO_TCP_WSCALE_REPLY={0x5, 0x3, 0x8}, @CTA_PROTOINFO_TCP_FLAGS_ORIGINAL={0x6, 0x4, {0x0, 0xab}}, @CTA_PROTOINFO_TCP_WSCALE_REPLY={0x5, 0x3, 0x4}, @CTA_PROTOINFO_TCP_WSCALE_REPLY={0x5}, @CTA_PROTOINFO_TCP_STATE={0x5, 0x1, 0xfa}, @CTA_PROTOINFO_TCP_STATE={0x5, 0x1, 0xcc}, @CTA_PROTOINFO_TCP_WSCALE_ORIGINAL={0x5, 0x2, 0x80}, @CTA_PROTOINFO_TCP_FLAGS_REPLY={0x6, 0x5, {0x3f}}, @CTA_PROTOINFO_TCP_WSCALE_REPLY={0x5, 0x3, 0x1}, @CTA_PROTOINFO_TCP_FLAGS_ORIGINAL={0x6, 0x4, {0xc0, 0x1}}]}}, @CTA_STATUS={0x8}]}, 0x21c}, 0x1, 0x0, 0x0, 0x40040}, 0x4) r5 = syz_genetlink_get_family_id$batadv(&(0x7f0000000c40), r4) sendmsg$BATADV_CMD_GET_NEIGHBORS(r4, &(0x7f0000000d00)={&(0x7f0000000c00)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000cc0)={&(0x7f0000000c80)={0x3c, r5, 0x100, 0x70bd27, 0x25dfdbff, {}, [@BATADV_ATTR_ORIG_ADDRESS={0xa, 0x9, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x1}}, @BATADV_ATTR_ORIG_ADDRESS={0xa, 0x9, @random="c405f10c8a5e"}, @BATADV_ATTR_HARD_IFINDEX={0x8}, @BATADV_ATTR_HARD_IFINDEX={0x8}]}, 0x3c}, 0x1, 0x0, 0x0, 0x20008800}, 0x4) r6 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r4, 0xc0189375, &(0x7f0000000d40)={{0x1, 0x1, 0x18, r1}, './file0\x00'}) sendmsg$IPVS_CMD_ZERO(r7, &(0x7f0000000ec0)={&(0x7f0000000d80)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000e80)={&(0x7f0000000dc0)={0x8c, 0x0, 0x200, 0x70bd2d, 0x25dfdbff, {}, [@IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x80000001}, @IPVS_CMD_ATTR_SERVICE={0xc, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_NETMASK={0x8, 0x9, 0x43}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x8}, @IPVS_CMD_ATTR_SERVICE={0x54, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_PE_NAME={0x8}, @IPVS_SVC_ATTR_PE_NAME={0x8}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0xa}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0xa}, @IPVS_SVC_ATTR_FWMARK={0x8, 0x5, 0x3}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x8001}, @IPVS_SVC_ATTR_PROTOCOL={0x6, 0x2, 0x33}, @IPVS_SVC_ATTR_PE_NAME={0x8}, @IPVS_SVC_ATTR_FWMARK={0x8, 0x5, 0x2}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0x2}]}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8}]}, 0x8c}, 0x1, 0x0, 0x0, 0x2000c004}, 0xc0) r8 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r9 = syz_genetlink_get_family_id$netlbl_cipso(&(0x7f0000000f40), r6) sendmsg$NLBL_CIPSOV4_C_ADD(r8, &(0x7f0000001000)={&(0x7f0000000f00)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000fc0)={&(0x7f0000000f80)={0x24, r9, 0x20, 0x70bd2c, 0x25dfdbfe, {}, [@NLBL_CIPSOV4_A_DOI={0x8, 0x1, 0xffffffffffffffff}, @NLBL_CIPSOV4_A_DOI={0x8}]}, 0x24}, 0x1, 0x0, 0x0, 0x800}, 0x0) sendmsg$NL80211_CMD_JOIN_OCB(r4, &(0x7f0000001100)={&(0x7f0000001040)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f00000010c0)={&(0x7f0000001080)={0x38, 0x0, 0x400, 0x70bd27, 0x25dfdbfd, {{}, {@void, @val={0xc, 0x99, {0x3, 0x31}}}}, [@NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x1d}, @NL80211_ATTR_WIPHY_FREQ={0x8}, @NL80211_ATTR_WIPHY_FREQ={0x8, 0x26, @random=0x9a3}]}, 0x38}, 0x1, 0x0, 0x0, 0xb90834ef64bd8503}, 0x810) 18:09:24 executing program 6: setsockopt$inet6_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000000)={@in6={{0xa, 0x4e23, 0xbc2, @mcast1, 0x8000}}, 0x0, 0x0, 0x18, 0x0, "1f22ba04a0dcd65e041c1e00d45a71e87e11968d7af91e03b7f041a3166a7cca24fc7d83367c89213fd296fe8ce47de95d2ed75cfc8da633ed1f730b173cf24530e0bf1c4a2c9253f2b26670710efa2a"}, 0xd8) r0 = openat(0xffffffffffffffff, &(0x7f0000000100)='./file0\x00', 0x202100, 0x20) r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$BTRFS_IOC_WAIT_SYNC(r1, 0x40089416, 0x0) ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(r0, 0xc018937e, &(0x7f0000000140)={{0x1, 0x1, 0x18, r0, @out_args}, './file0\x00'}) sendmsg$BATADV_CMD_GET_GATEWAYS(r2, &(0x7f0000000240)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000200)={&(0x7f00000001c0)={0x24, 0x0, 0x1, 0x70bd2c, 0x25dfdbff, {}, [@BATADV_ATTR_GW_MODE={0x5, 0x33, 0x2}, @BATADV_ATTR_MULTICAST_FANOUT={0x8}]}, 0x24}, 0x1, 0x0, 0x0, 0xd}, 0x10) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000280)=[@window={0x3, 0x3, 0x7}, @mss={0x2, 0xb2e}], 0x2) r3 = openat$nvram(0xffffffffffffff9c, &(0x7f00000002c0), 0x80040, 0x0) ioctl$F2FS_IOC_COMMIT_ATOMIC_WRITE(r3, 0xf502, 0x0) ioctl$FS_IOC_FSSETXATTR(r1, 0x401c5820, &(0x7f0000000300)={0x0, 0x3f, 0x1, 0x7, 0x9}) r4 = accept(r2, &(0x7f0000001840)=@nfc, &(0x7f00000018c0)=0x80) ioctl$sock_bt_hci(r4, 0x400448de, &(0x7f0000001900)="9a26c91cfd5106395a432f657571057d7b3ad2b6c9ecb2d25498b12753a2213b522a26897f2bf952c8677f376a0a") bind$bt_hci(r0, &(0x7f0000001940)={0x1f, 0x1, 0x4}, 0x6) ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(r2, 0xc018937d, &(0x7f0000001980)={{0x1, 0x1, 0x18, 0xffffffffffffffff}, './file0\x00'}) ioctl$sock_bt_hci(r5, 0x400448dd, &(0x7f00000019c0)="6ea798b3686f0d6edb4a7c6c9d920fb3704e68bdf38bae4d753fe8a2d8913e0ad38541e1cde6613ab8942327d742a8a6d94b5f5cb5268c28b58eea8d83667ea81292a7f96cfb9047ef301b47a0d5fd50ef6df391e0e352e1da03cb3541a2c4ca96955d9dff3625df68606cd69dcd26fc64d83b6dda629c1f0c3c5ef55bb96fb8297018cd3af9457915aab22f0462ac30ce1ea6f27631336d64c7fd29ee0935dc8f682d10dccf091ad2d53a6f971086c68d20277f77d1b09046e7224d84bd91c0b886b4449c7c071e4fa0271b892f5126575b") bind$bt_hci(0xffffffffffffffff, &(0x7f0000001ac0)={0x1f, 0x2, 0x2}, 0x6) r6 = memfd_secret(0x0) ioctl$F2FS_IOC_MOVE_RANGE(r1, 0xc020f509, &(0x7f0000001b00)={r6, 0x75, 0xffff, 0xfffffffffffff001}) ioctl$BTRFS_IOC_QUOTA_RESCAN_WAIT(r6, 0x942e, 0x0) dup2(0xffffffffffffffff, 0xffffffffffffffff) 18:09:24 executing program 7: r0 = mmap$binder(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x1, 0x11, 0xffffffffffffffff, 0x7ff) r1 = mmap$binder(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x1, 0x11, 0xffffffffffffffff, 0x7) ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, &(0x7f0000000100)={0x48, 0x0, &(0x7f0000000000)=[@free_buffer={0x40086303, r0}, @free_buffer={0x40086303, r1}, @release={0x40046306, 0x2}, @enter_looper, @acquire={0x40046305, 0x2}, @exit_looper, @register_looper, @acquire_done={0x40106309, 0x1}], 0x6a, 0x0, &(0x7f0000000080)="348b202f8aea4dcb553c864cd91c3ad04786b8e4b22365a3000c0fc90c84604f45405894691a1c761c512ef1b77b22087aa4b45f6716ff48c54771317cffdf859ca04e82024738b0c59ed96e49e5979fe3bd4e6e6b65ac3938731ffecd74e94f33eeca32b1f5e06ea5d0"}) prctl$PR_SET_MM(0x23, 0x1, &(0x7f0000ffc000/0x4000)=nil) move_pages(0xffffffffffffffff, 0x1, &(0x7f0000000140)=[&(0x7f0000ffd000/0x1000)=nil], &(0x7f0000000180), &(0x7f00000001c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x2) r2 = shmget(0x1, 0x2000, 0x1000, &(0x7f0000ffa000/0x2000)=nil) shmat(r2, &(0x7f0000ffc000/0x4000)=nil, 0x0) mbind(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0xc002, &(0x7f0000000200)=0x4, 0xfaab, 0x4) move_pages(0x0, 0x6, &(0x7f0000000240)=[&(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffb000/0x4000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffd000/0x2000)=nil], &(0x7f0000000280)=[0xa19, 0x67, 0x9], &(0x7f00000002c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x4) shmat(r2, &(0x7f0000ff8000/0x6000)=nil, 0x0) shmat(r2, &(0x7f0000ff8000/0x3000)=nil, 0x3800) ioctl$TIOCSISO7816(0xffffffffffffffff, 0xc0285443, &(0x7f0000000300)={0x1, 0x100, 0x6, 0x6, 0xeb0e}) r3 = syz_io_uring_setup(0x70e0, &(0x7f0000000340)={0x0, 0x5d5e, 0x4, 0x3, 0x3bc}, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000ff6000/0x3000)=nil, &(0x7f00000003c0), &(0x7f0000000400)) shmat(r2, &(0x7f0000ffe000/0x2000)=nil, 0x7000) mremap(&(0x7f0000ff7000/0x1000)=nil, 0x1000, 0x3000, 0x4, &(0x7f0000ff9000/0x3000)=nil) ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(0xffffffffffffffff, 0xc0189375, &(0x7f0000000440)={{0x1, 0x1, 0x18, r3}, './file0\x00'}) syz_io_uring_setup(0x7d19, &(0x7f0000000480)={0x0, 0x7e00, 0x0, 0x1, 0x173, 0x0, r4}, &(0x7f0000ff8000/0x2000)=nil, &(0x7f0000fea000/0xf000)=nil, &(0x7f0000000500), &(0x7f0000000540)) r5 = fcntl$getown(r3, 0x9) move_pages(r5, 0x8, &(0x7f0000000580)=[&(0x7f0000ff8000/0x2000)=nil, &(0x7f0000fe9000/0x2000)=nil, &(0x7f0000fee000/0x3000)=nil, &(0x7f0000fef000/0x8000)=nil, &(0x7f0000ff6000/0x2000)=nil, &(0x7f0000fec000/0x4000)=nil, &(0x7f0000ff7000/0x4000)=nil, &(0x7f0000ffa000/0x4000)=nil], &(0x7f00000005c0)=[0xa8000000, 0x6], &(0x7f0000000600)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6) madvise(&(0x7f0000fed000/0x3000)=nil, 0x3000, 0xf) [ 70.912982] audit: type=1400 audit(1665079764.427:6): avc: denied { execmem } for pid=287 comm="syz-executor.3" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1 [ 72.318542] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 72.320693] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 72.326526] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 72.328451] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 72.330598] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 72.331092] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 72.331958] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 72.334995] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 72.336382] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 72.336706] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 72.342168] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 72.345638] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 72.347623] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 72.347836] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 72.349722] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 72.351645] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 72.351735] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 72.356110] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 72.359450] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 72.360708] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 72.364501] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 72.365809] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 72.368028] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 72.369566] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 72.374417] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 72.379395] Bluetooth: hci5: HCI_REQ-0x0c1a [ 72.379396] Bluetooth: hci1: HCI_REQ-0x0c1a [ 72.387761] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 72.389107] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 72.390584] Bluetooth: hci6: HCI_REQ-0x0c1a [ 72.404180] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 72.408992] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 72.410764] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 72.412795] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 72.414603] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 72.415737] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 72.415843] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 72.418278] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 72.419465] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 72.419604] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 72.426025] Bluetooth: hci4: HCI_REQ-0x0c1a [ 72.430522] Bluetooth: hci3: HCI_REQ-0x0c1a [ 72.431612] Bluetooth: hci2: HCI_REQ-0x0c1a [ 72.451965] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 72.453369] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 72.457327] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 72.459413] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 72.460777] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 72.465994] Bluetooth: hci0: HCI_REQ-0x0c1a [ 72.521023] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 72.531154] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 72.532927] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 72.536783] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 72.538349] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 72.539627] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 72.544048] Bluetooth: hci7: HCI_REQ-0x0c1a [ 74.426293] Bluetooth: hci5: command 0x0409 tx timeout [ 74.427023] Bluetooth: hci6: command 0x0409 tx timeout [ 74.427519] Bluetooth: hci1: command 0x0409 tx timeout [ 74.490242] Bluetooth: hci3: command 0x0409 tx timeout [ 74.490746] Bluetooth: hci2: command 0x0409 tx timeout [ 74.491210] Bluetooth: hci4: command 0x0409 tx timeout [ 74.553960] Bluetooth: hci7: command 0x0409 tx timeout [ 74.554599] Bluetooth: hci0: command 0x0409 tx timeout [ 76.474979] Bluetooth: hci1: command 0x041b tx timeout [ 76.475390] Bluetooth: hci6: command 0x041b tx timeout [ 76.475754] Bluetooth: hci5: command 0x041b tx timeout [ 76.538944] Bluetooth: hci4: command 0x041b tx timeout [ 76.539331] Bluetooth: hci2: command 0x041b tx timeout [ 76.539664] Bluetooth: hci3: command 0x041b tx timeout [ 76.602969] Bluetooth: hci0: command 0x041b tx timeout [ 76.603353] Bluetooth: hci7: command 0x041b tx timeout [ 78.521946] Bluetooth: hci5: command 0x040f tx timeout [ 78.522354] Bluetooth: hci6: command 0x040f tx timeout [ 78.522727] Bluetooth: hci1: command 0x040f tx timeout [ 78.585951] Bluetooth: hci3: command 0x040f tx timeout [ 78.586325] Bluetooth: hci2: command 0x040f tx timeout [ 78.586675] Bluetooth: hci4: command 0x040f tx timeout [ 78.650030] Bluetooth: hci7: command 0x040f tx timeout [ 78.650797] Bluetooth: hci0: command 0x040f tx timeout [ 80.569999] Bluetooth: hci1: command 0x0419 tx timeout [ 80.570740] Bluetooth: hci6: command 0x0419 tx timeout [ 80.571732] Bluetooth: hci5: command 0x0419 tx timeout [ 80.634982] Bluetooth: hci4: command 0x0419 tx timeout [ 80.635744] Bluetooth: hci2: command 0x0419 tx timeout [ 80.636550] Bluetooth: hci3: command 0x0419 tx timeout [ 80.698008] Bluetooth: hci0: command 0x0419 tx timeout [ 80.698753] Bluetooth: hci7: command 0x0419 tx timeout [ 132.161708] syz-executor.2 (300) used greatest stack depth: 24776 bytes left [ 134.607931] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 134.609775] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 134.613555] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 134.615222] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 134.621128] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 134.622747] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 134.629390] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 134.630350] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 134.632652] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 134.633968] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 134.636192] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 134.639640] Bluetooth: hci1: HCI_REQ-0x0c1a [ 134.640156] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 134.657942] Bluetooth: hci0: HCI_REQ-0x0c1a [ 134.689274] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 134.691303] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 134.692985] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 134.693631] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 134.695824] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 134.696583] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 134.703664] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 134.704672] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 134.707157] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 134.709016] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 134.709556] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 134.711225] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 134.711828] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 134.713415] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 134.716009] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 134.719331] Bluetooth: hci3: HCI_REQ-0x0c1a [ 134.722648] Bluetooth: hci4: HCI_REQ-0x0c1a [ 134.729459] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 134.733056] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 134.736574] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 134.742907] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 134.743667] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 134.746700] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 134.747501] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 134.750092] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 134.754703] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 134.758304] Bluetooth: hci5: HCI_REQ-0x0c1a [ 134.769920] Bluetooth: hci2: HCI_REQ-0x0c1a [ 136.698211] Bluetooth: hci0: command 0x0409 tx timeout [ 136.699168] Bluetooth: hci1: command 0x0409 tx timeout [ 136.761949] Bluetooth: hci4: command 0x0409 tx timeout [ 136.826002] Bluetooth: hci2: command 0x0409 tx timeout [ 136.827071] Bluetooth: hci5: command 0x0409 tx timeout [ 136.890005] Bluetooth: hci7: Opcode 0x c03 failed: -110 [ 136.890764] Bluetooth: hci6: Opcode 0x c03 failed: -110 [ 136.891573] Bluetooth: hci3: command 0x0409 tx timeout [ 138.746199] Bluetooth: hci1: command 0x041b tx timeout [ 138.746223] Bluetooth: hci0: command 0x041b tx timeout [ 138.811048] Bluetooth: hci4: command 0x041b tx timeout [ 138.874023] Bluetooth: hci5: command 0x041b tx timeout [ 138.874734] Bluetooth: hci2: command 0x041b tx timeout [ 138.938401] Bluetooth: hci3: command 0x041b tx timeout [ 140.794001] Bluetooth: hci0: command 0x040f tx timeout [ 140.794057] Bluetooth: hci1: command 0x040f tx timeout [ 140.858066] Bluetooth: hci4: command 0x040f tx timeout [ 140.921970] Bluetooth: hci2: command 0x040f tx timeout [ 140.921992] Bluetooth: hci5: command 0x040f tx timeout [ 140.985956] Bluetooth: hci3: command 0x040f tx timeout [ 141.689983] Bluetooth: hci6: Opcode 0x c03 failed: -110 [ 141.946052] Bluetooth: hci7: Opcode 0x c03 failed: -110 [ 142.841926] Bluetooth: hci1: command 0x0419 tx timeout [ 142.842375] Bluetooth: hci0: command 0x0419 tx timeout [ 142.906943] Bluetooth: hci4: command 0x0419 tx timeout [ 142.969957] Bluetooth: hci2: command 0x0419 tx timeout [ 142.970354] Bluetooth: hci5: command 0x0419 tx timeout [ 143.033954] Bluetooth: hci3: command 0x0419 tx timeout [ 144.212300] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 144.214357] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 144.218289] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 144.229158] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 144.230593] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 144.231445] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 144.234495] Bluetooth: hci6: HCI_REQ-0x0c1a [ 144.518230] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 144.520395] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 144.537551] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 144.550393] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 144.556145] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 144.560031] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 144.568994] Bluetooth: hci7: HCI_REQ-0x0c1a [ 146.298009] Bluetooth: hci6: command 0x0409 tx timeout [ 146.618041] Bluetooth: hci7: command 0x0409 tx timeout [ 148.347007] Bluetooth: hci6: command 0x041b tx timeout [ 148.667552] Bluetooth: hci7: command 0x041b tx timeout [ 150.394057] Bluetooth: hci6: command 0x040f tx timeout [ 150.714954] Bluetooth: hci7: command 0x040f tx timeout [ 152.443011] Bluetooth: hci6: command 0x0419 tx timeout [ 152.762960] Bluetooth: hci7: command 0x0419 tx timeout [ 189.140646] audit: type=1400 audit(1665079882.655:7): avc: denied { open } for pid=7085 comm="syz-executor.4" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 [ 189.171928] loop4: detected capacity change from 0 to 256 [ 189.241987] loop4: detected capacity change from 0 to 256 18:11:22 executing program 4: r0 = pkey_alloc(0x0, 0x2) pkey_mprotect(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x3000018, r0) r1 = io_uring_setup(0x710, &(0x7f0000000040)={0x0, 0x0, 0x1, 0x2, 0x20e}) mmap$IORING_OFF_SQES(&(0x7f0000ff9000/0x7000)=nil, 0x7000, 0x0, 0x10050, r1, 0x10000000) pkey_mprotect(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x1000004, 0xffffffffffffffff) r2 = creat(&(0x7f0000000000)='./file0\x00', 0x191) r3 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x9c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000b00), 0x4}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = getpid() r5 = perf_event_open(&(0x7f0000000a80)={0x2, 0x80, 0x0, 0x8, 0x6, 0x4, 0x0, 0x7fffffff, 0x80400, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x3, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x401, 0x2, @perf_bp={&(0x7f0000000100), 0x1}, 0x4003, 0xb7, 0x6, 0x3, 0xb06, 0xfffffffd, 0xfffe, 0x0, 0x45, 0x0, 0x3a4de804}, r4, 0xd, r3, 0x9) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000300)=ANY=[@ANYBLOB="01000024917ede0018000000", @ANYRES32=r5, @ANYRES32=0xee01, @ANYRES32=0xee01, @ANYBLOB="2e2f66696c6530008425db2c4533299109c57672c2db0005f27575807af71535e79d5517102a8640232a272019654a55cca9b9a33b9d813ea9ed21a56d4824589906b4ab2c824f2a6d5c4f20c70d0a4296a1b436a87d29ea101258be5845c588749110bbb129c24ccb2d3a09b6195dc93c7eb4af0e1296a8e6a85e6f94a5c000b8b06c5bd42816ec520b8fe8c02dcc5598038982483531b88254c2bdc724f7cd0e8705791225ded0ea3e2b2b9e0041cec7f3886ece9bbc1c50413798a4ee36902a6113f3d2cec73c36823d72c71de6451749cd140aa5b36ef8093b8f11dccc033e1c43119cf9fc478f02704bc92d40ca30185227b64de8bf51abea8e47689f27c5788c914ec20a6aca85ed6b3d7fd54648a18d55908eed43665e1da9e94ec2bb38716e8bb58e79104c773f5479404ad2ce106b8e972871f2e532c1f8101d0e717c8c6d05dfeabe125571eab8e5f879acb932cb28ed0706608738b1ca66551ceecffc75068ab5381d3aa8e97c5e317c928faffc9c89dfd3ba7497d86226c148d186009b5f826fec412461e1c5874117a76a39cf657fc3530a7a4cf50864edd0ae670815b03f3d841f2d8fb4af5116d320392c1bde6080d50f4d20919fda297626cfb4d7a3cab06fc7b8f7f6a977"]) r7 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0) perf_event_open(&(0x7f0000000140)={0x3, 0x80, 0x1, 0x20, 0x5, 0x4, 0x0, 0x8b, 0x80400, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x33, 0x4, @perf_config_ext={0x7, 0xc1}, 0x10000, 0x4, 0x5, 0x1, 0x1, 0x6, 0xffaa, 0x0, 0x1, 0x0, 0x2}, 0x0, 0xe, r3, 0x0) io_uring_register$IORING_UNREGISTER_PERSONALITY(r6, 0xa, 0x0, r7) r8 = pkey_alloc(0x0, 0x3) pkey_free(r8) pkey_mprotect(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x1000003, r8) io_uring_register$IORING_UNREGISTER_PERSONALITY(r2, 0xa, 0x0, r7) prctl$PR_SET_MM(0x23, 0x7, &(0x7f0000ffb000/0x4000)=nil) msync(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x0) [ 189.509401] audit: type=1400 audit(1665079883.023:8): avc: denied { kernel } for pid=7122 comm="syz-executor.4" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 [ 189.521644] ------------[ cut here ]------------ [ 189.521662] [ 189.521665] ====================================================== [ 189.521668] WARNING: possible circular locking dependency detected [ 189.521672] 6.0.0-next-20221006 #1 Not tainted [ 189.521679] ------------------------------------------------------ [ 189.521682] syz-executor.4/7123 is trying to acquire lock: [ 189.521688] ffffffff853fac98 ((console_sem).lock){....}-{2:2}, at: down_trylock+0xe/0x70 [ 189.521734] [ 189.521734] but task is already holding lock: [ 189.521737] ffff88800eb79420 (&ctx->lock){....}-{2:2}, at: __perf_event_task_sched_out+0x53b/0x18d0 [ 189.521763] [ 189.521763] which lock already depends on the new lock. [ 189.521763] [ 189.521766] [ 189.521766] the existing dependency chain (in reverse order) is: [ 189.521769] [ 189.521769] -> #3 (&ctx->lock){....}-{2:2}: [ 189.521783] _raw_spin_lock+0x2a/0x40 [ 189.521795] __perf_event_task_sched_out+0x53b/0x18d0 [ 189.521806] __schedule+0xedd/0x2470 [ 189.521821] schedule+0xda/0x1b0 [ 189.521835] futex_wait_queue+0xf5/0x1e0 [ 189.521847] futex_wait+0x28e/0x690 [ 189.521860] do_futex+0x2ff/0x380 [ 189.521869] __x64_sys_futex+0x1c6/0x4d0 [ 189.521879] do_syscall_64+0x3b/0x90 [ 189.521889] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 189.521906] [ 189.521906] -> #2 (&rq->__lock){-.-.}-{2:2}: [ 189.521919] _raw_spin_lock_nested+0x30/0x40 [ 189.521931] raw_spin_rq_lock_nested+0x1e/0x30 [ 189.521944] task_fork_fair+0x63/0x4d0 [ 189.521960] sched_cgroup_fork+0x3d0/0x540 [ 189.521974] copy_process+0x4183/0x6e20 [ 189.521985] kernel_clone+0xe7/0x890 [ 189.521994] user_mode_thread+0xad/0xf0 [ 189.522004] rest_init+0x24/0x250 [ 189.522017] arch_call_rest_init+0xf/0x14 [ 189.522029] start_kernel+0x4c6/0x4eb [ 189.522038] secondary_startup_64_no_verify+0xe0/0xeb [ 189.522052] [ 189.522052] -> #1 (&p->pi_lock){-.-.}-{2:2}: [ 189.522066] _raw_spin_lock_irqsave+0x39/0x60 [ 189.522078] try_to_wake_up+0xab/0x1930 [ 189.522091] up+0x75/0xb0 [ 189.522106] __up_console_sem+0x6e/0x80 [ 189.522121] console_unlock+0x46a/0x590 [ 189.522137] vt_ioctl+0x2822/0x2ca0 [ 189.522150] tty_ioctl+0x785/0x16b0 [ 189.522161] __x64_sys_ioctl+0x19a/0x210 [ 189.522174] do_syscall_64+0x3b/0x90 [ 189.522184] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 189.522198] [ 189.522198] -> #0 ((console_sem).lock){....}-{2:2}: [ 189.522211] __lock_acquire+0x2a02/0x5e70 [ 189.522228] lock_acquire+0x1a2/0x530 [ 189.522243] _raw_spin_lock_irqsave+0x39/0x60 [ 189.522255] down_trylock+0xe/0x70 [ 189.522271] __down_trylock_console_sem+0x3b/0xd0 [ 189.522287] vprintk_emit+0x16b/0x560 [ 189.522303] vprintk+0x84/0xa0 [ 189.522319] _printk+0xba/0xf1 [ 189.522331] report_bug.cold+0x72/0xab [ 189.522340] handle_bug+0x3c/0x70 [ 189.522349] exc_invalid_op+0x14/0x50 [ 189.522359] asm_exc_invalid_op+0x16/0x20 [ 189.522372] group_sched_out.part.0+0x2c7/0x460 [ 189.522390] ctx_sched_out+0x8f1/0xc10 [ 189.522406] __perf_event_task_sched_out+0x6d0/0x18d0 [ 189.522417] __schedule+0xedd/0x2470 [ 189.522432] schedule+0xda/0x1b0 [ 189.522447] futex_wait_queue+0xf5/0x1e0 [ 189.522457] futex_wait+0x28e/0x690 [ 189.522467] do_futex+0x2ff/0x380 [ 189.522477] __x64_sys_futex+0x1c6/0x4d0 [ 189.522487] do_syscall_64+0x3b/0x90 [ 189.522496] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 189.522510] [ 189.522510] other info that might help us debug this: [ 189.522510] [ 189.522512] Chain exists of: [ 189.522512] (console_sem).lock --> &rq->__lock --> &ctx->lock [ 189.522512] [ 189.522527] Possible unsafe locking scenario: [ 189.522527] [ 189.522529] CPU0 CPU1 [ 189.522531] ---- ---- [ 189.522533] lock(&ctx->lock); [ 189.522539] lock(&rq->__lock); [ 189.522545] lock(&ctx->lock); [ 189.522551] lock((console_sem).lock); [ 189.522557] [ 189.522557] *** DEADLOCK *** [ 189.522557] [ 189.522558] 2 locks held by syz-executor.4/7123: [ 189.522565] #0: ffff88806cf37e98 (&rq->__lock){-.-.}-{2:2}, at: __schedule+0x1cf/0x2470 [ 189.522595] #1: ffff88800eb79420 (&ctx->lock){....}-{2:2}, at: __perf_event_task_sched_out+0x53b/0x18d0 [ 189.522621] [ 189.522621] stack backtrace: [ 189.522624] CPU: 1 PID: 7123 Comm: syz-executor.4 Not tainted 6.0.0-next-20221006 #1 [ 189.522636] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 189.522643] Call Trace: [ 189.522646] [ 189.522650] dump_stack_lvl+0x8b/0xb3 [ 189.522662] check_noncircular+0x263/0x2e0 [ 189.522678] ? format_decode+0x26c/0xb50 [ 189.522695] ? print_circular_bug+0x450/0x450 [ 189.522712] ? simple_strtoul+0x30/0x30 [ 189.522729] ? format_decode+0x26c/0xb50 [ 189.522747] ? alloc_chain_hlocks+0x1ec/0x5a0 [ 189.522764] __lock_acquire+0x2a02/0x5e70 [ 189.522786] ? lockdep_hardirqs_on_prepare+0x410/0x410 [ 189.522808] lock_acquire+0x1a2/0x530 [ 189.522824] ? down_trylock+0xe/0x70 [ 189.522842] ? lock_release+0x750/0x750 [ 189.522863] ? vprintk+0x84/0xa0 [ 189.522880] _raw_spin_lock_irqsave+0x39/0x60 [ 189.522893] ? down_trylock+0xe/0x70 [ 189.522910] down_trylock+0xe/0x70 [ 189.522927] ? vprintk+0x84/0xa0 [ 189.522944] __down_trylock_console_sem+0x3b/0xd0 [ 189.522961] vprintk_emit+0x16b/0x560 [ 189.522980] vprintk+0x84/0xa0 [ 189.522997] _printk+0xba/0xf1 [ 189.523009] ? record_print_text.cold+0x16/0x16 [ 189.523026] ? report_bug.cold+0x66/0xab [ 189.523037] ? group_sched_out.part.0+0x2c7/0x460 [ 189.523055] report_bug.cold+0x72/0xab [ 189.523067] handle_bug+0x3c/0x70 [ 189.523078] exc_invalid_op+0x14/0x50 [ 189.523089] asm_exc_invalid_op+0x16/0x20 [ 189.523103] RIP: 0010:group_sched_out.part.0+0x2c7/0x460 [ 189.523123] Code: 5e 41 5f e9 5b a5 ef ff e8 56 a5 ef ff 65 8b 1d 1b fe ab 7e 31 ff 89 de e8 f6 a1 ef ff 85 db 0f 84 8a 00 00 00 e8 39 a5 ef ff <0f> 0b e9 a5 fe ff ff e8 2d a5 ef ff 48 8d 7d 10 48 b8 00 00 00 00 [ 189.523135] RSP: 0018:ffff8880408e78f8 EFLAGS: 00010006 [ 189.523144] RAX: 0000000040000002 RBX: 0000000000000000 RCX: 0000000000000000 [ 189.523151] RDX: ffff888021168000 RSI: ffffffff815677b7 RDI: 0000000000000005 [ 189.523159] RBP: ffff888033040000 R08: 0000000000000005 R09: 0000000000000001 [ 189.523166] R10: 0000000000000000 R11: ffffffff865b605b R12: ffff88800eb79400 [ 189.523173] R13: ffff88806cf3d2c0 R14: ffffffff8547d200 R15: 0000000000000002 [ 189.523184] ? group_sched_out.part.0+0x2c7/0x460 [ 189.523204] ? group_sched_out.part.0+0x2c7/0x460 [ 189.523223] ctx_sched_out+0x8f1/0xc10 [ 189.523243] __perf_event_task_sched_out+0x6d0/0x18d0 [ 189.523257] ? lock_is_held_type+0xd7/0x130 [ 189.523272] ? __perf_cgroup_move+0x160/0x160 [ 189.523282] ? set_next_entity+0x304/0x550 [ 189.523302] ? lock_is_held_type+0xd7/0x130 [ 189.523317] __schedule+0xedd/0x2470 [ 189.523335] ? io_schedule_timeout+0x150/0x150 [ 189.523352] ? futex_wait_setup+0x166/0x230 [ 189.523366] schedule+0xda/0x1b0 [ 189.523382] futex_wait_queue+0xf5/0x1e0 [ 189.523395] futex_wait+0x28e/0x690 [ 189.523407] ? futex_wait_setup+0x230/0x230 [ 189.523420] ? wake_up_q+0x8b/0xf0 [ 189.523434] ? do_raw_spin_unlock+0x4f/0x220 [ 189.523452] ? futex_wake+0x158/0x490 [ 189.523469] ? fd_install+0x1f9/0x640 [ 189.523484] do_futex+0x2ff/0x380 [ 189.523495] ? __ia32_compat_sys_get_robust_list+0x3b0/0x3b0 [ 189.523511] __x64_sys_futex+0x1c6/0x4d0 [ 189.523524] ? __x64_sys_futex_time32+0x480/0x480 [ 189.523536] ? lock_is_held_type+0xd7/0x130 [ 189.523551] ? rcu_read_lock_sched_held+0x3e/0x80 [ 189.523571] do_syscall_64+0x3b/0x90 [ 189.523582] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 189.523596] RIP: 0033:0x7f35eeaa2b19 [ 189.523604] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 189.523615] RSP: 002b:00007f35ec018218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 189.523625] RAX: ffffffffffffffda RBX: 00007f35eebb5f68 RCX: 00007f35eeaa2b19 [ 189.523633] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f35eebb5f68 [ 189.523640] RBP: 00007f35eebb5f60 R08: 0000000000000000 R09: 0000000000000000 [ 189.523647] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f35eebb5f6c [ 189.523654] R13: 00007ffe509b48bf R14: 00007f35ec018300 R15: 0000000000022000 [ 189.523667] [ 189.582546] WARNING: CPU: 1 PID: 7123 at kernel/events/core.c:2309 group_sched_out.part.0+0x2c7/0x460 [ 189.583197] Modules linked in: [ 189.583427] CPU: 1 PID: 7123 Comm: syz-executor.4 Not tainted 6.0.0-next-20221006 #1 [ 189.583963] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 189.584527] RIP: 0010:group_sched_out.part.0+0x2c7/0x460 [ 189.584908] Code: 5e 41 5f e9 5b a5 ef ff e8 56 a5 ef ff 65 8b 1d 1b fe ab 7e 31 ff 89 de e8 f6 a1 ef ff 85 db 0f 84 8a 00 00 00 e8 39 a5 ef ff <0f> 0b e9 a5 fe ff ff e8 2d a5 ef ff 48 8d 7d 10 48 b8 00 00 00 00 [ 189.586172] RSP: 0018:ffff8880408e78f8 EFLAGS: 00010006 [ 189.586545] RAX: 0000000040000002 RBX: 0000000000000000 RCX: 0000000000000000 [ 189.587037] RDX: ffff888021168000 RSI: ffffffff815677b7 RDI: 0000000000000005 [ 189.587525] RBP: ffff888033040000 R08: 0000000000000005 R09: 0000000000000001 [ 189.588013] R10: 0000000000000000 R11: ffffffff865b605b R12: ffff88800eb79400 [ 189.588508] R13: ffff88806cf3d2c0 R14: ffffffff8547d200 R15: 0000000000000002 [ 189.588999] FS: 00007f35ec018700(0000) GS:ffff88806cf00000(0000) knlGS:0000000000000000 [ 189.589563] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 189.589991] CR2: 00007f961f9fc8e0 CR3: 000000003fc96000 CR4: 0000000000350ee0 [ 189.590488] Call Trace: [ 189.590666] [ 189.590834] ctx_sched_out+0x8f1/0xc10 [ 189.591114] __perf_event_task_sched_out+0x6d0/0x18d0 [ 189.591480] ? lock_is_held_type+0xd7/0x130 [ 189.591789] ? __perf_cgroup_move+0x160/0x160 [ 189.592105] ? set_next_entity+0x304/0x550 [ 189.592414] ? lock_is_held_type+0xd7/0x130 [ 189.592722] __schedule+0xedd/0x2470 [ 189.592990] ? io_schedule_timeout+0x150/0x150 [ 189.593320] ? futex_wait_setup+0x166/0x230 [ 189.593630] schedule+0xda/0x1b0 [ 189.593880] futex_wait_queue+0xf5/0x1e0 [ 189.594167] futex_wait+0x28e/0x690 [ 189.594426] ? futex_wait_setup+0x230/0x230 [ 189.594723] ? wake_up_q+0x8b/0xf0 [ 189.594982] ? do_raw_spin_unlock+0x4f/0x220 [ 189.595298] ? futex_wake+0x158/0x490 [ 189.595577] ? fd_install+0x1f9/0x640 [ 189.595850] do_futex+0x2ff/0x380 [ 189.596104] ? __ia32_compat_sys_get_robust_list+0x3b0/0x3b0 [ 189.596507] __x64_sys_futex+0x1c6/0x4d0 [ 189.596796] ? __x64_sys_futex_time32+0x480/0x480 [ 189.597137] ? lock_is_held_type+0xd7/0x130 [ 189.597442] ? rcu_read_lock_sched_held+0x3e/0x80 [ 189.597795] do_syscall_64+0x3b/0x90 [ 189.598063] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 189.598424] RIP: 0033:0x7f35eeaa2b19 [ 189.598692] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 189.599943] RSP: 002b:00007f35ec018218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 189.600475] RAX: ffffffffffffffda RBX: 00007f35eebb5f68 RCX: 00007f35eeaa2b19 [ 189.600972] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f35eebb5f68 [ 189.601468] RBP: 00007f35eebb5f60 R08: 0000000000000000 R09: 0000000000000000 [ 189.601975] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f35eebb5f6c [ 189.602468] R13: 00007ffe509b48bf R14: 00007f35ec018300 R15: 0000000000022000 [ 189.602964] [ 189.603131] irq event stamp: 2648 [ 189.603374] hardirqs last enabled at (2647): [] syscall_enter_from_user_mode+0x1d/0x50 [ 189.604037] hardirqs last disabled at (2648): [] __schedule+0x1225/0x2470 [ 189.604621] softirqs last enabled at (1800): [] __irq_exit_rcu+0x11b/0x180 [ 189.605221] softirqs last disabled at (1783): [] __irq_exit_rcu+0x11b/0x180 [ 189.605834] ---[ end trace 0000000000000000 ]--- 18:11:23 executing program 7: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$NL80211_CMD_NEW_MPATH(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x2c, r0, 0x300, 0x70bd2b, 0x25dfdbfc, {{}, {@void, @val={0xc, 0x99, {0xfffffff8, 0x32}}}}, [@NL80211_ATTR_MAC={0xa, 0x6, @device_b}]}, 0x2c}, 0x1, 0x0, 0x0, 0x40800}, 0x4080) 18:11:23 executing program 4: ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(0xffffffffffffffff, 0x40182103, &(0x7f0000000500)={0x0, 0x1, 0xffffffffffffffff, 0x6}) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1}, 0x40, 0x5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) pwritev(r1, &(0x7f0000000640)=[{&(0x7f00000002c0)="19", 0x1}], 0x1, 0x8000000, 0x0) r2 = openat$sr(0xffffffffffffff9c, &(0x7f0000000100), 0x44b43, 0x0) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x2, 0x50, 0xffffffffffffffff, 0x2cd32000) openat$sr(0xffffffffffffff9c, &(0x7f0000000040), 0x422201, 0x0) r3 = perf_event_open(&(0x7f0000000140)={0x4, 0x80, 0x7, 0x0, 0x1, 0x20, 0x0, 0x80, 0x80, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0xffff, 0x4, @perf_config_ext={0x3ff, 0x6}, 0x10000, 0x1, 0x1, 0x1, 0x8, 0x5, 0xff, 0x0, 0xffffb2ab, 0x0, 0xd01}, 0x0, 0xe, 0xffffffffffffffff, 0x3) r4 = socket$inet_udp(0x2, 0x2, 0x0) sendfile(r3, r4, &(0x7f00000001c0)=0x6e8, 0x2) getsockopt$inet_int(r4, 0x0, 0xc, 0x0, &(0x7f0000003580)) r5 = dup3(r1, r1, 0x50b4104af6c52905) sendfile(r5, r0, 0x0, 0x6) mq_timedreceive(r2, &(0x7f00000003c0)=""/27, 0x1b, 0xffff, &(0x7f0000000400)={0x0, 0x989680}) socket$unix(0x1, 0x1, 0x0) io_setup(0x95, &(0x7f0000000000)) 18:11:23 executing program 7: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000380)={0xffffffffffffffff, 0x8, 0x1, 0x400}) ioctl$PERF_EVENT_IOC_ID(r0, 0x80082407, &(0x7f00000003c0)) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x2, 0x0, 0x0, 0x0, 0x0, 0x2, 0x32261, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x5}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) r2 = fork() process_vm_readv(r2, &(0x7f0000000bc0)=[{&(0x7f0000000a00)=""/105, 0x69}, {&(0x7f0000000a80)=""/13, 0xd}, {&(0x7f0000000ac0)=""/221, 0xdd}], 0x3, &(0x7f0000000d40)=[{&(0x7f0000000c00)=""/9, 0x9}, {&(0x7f0000000c40)=""/98, 0x62}, {&(0x7f0000000cc0)=""/109, 0x6d}], 0x3, 0x0) perf_event_open(&(0x7f0000001840)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000001800), 0xd}, 0x0, 0x0, 0x0, 0x0, 0x5}, r2, 0xffffffffffffffff, 0xffffffffffffffff, 0x3) write(r1, &(0x7f0000000080)="01", 0x292e9) 18:11:23 executing program 4: ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(0xffffffffffffffff, 0x40182103, &(0x7f0000000500)={0x0, 0x1, 0xffffffffffffffff, 0x6}) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1}, 0x40, 0x5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) pwritev(r1, &(0x7f0000000640)=[{&(0x7f00000002c0)="19", 0x1}], 0x1, 0x8000000, 0x0) r2 = openat$sr(0xffffffffffffff9c, &(0x7f0000000100), 0x44b43, 0x0) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x2, 0x50, 0xffffffffffffffff, 0x2cd32000) openat$sr(0xffffffffffffff9c, &(0x7f0000000040), 0x422201, 0x0) r3 = perf_event_open(&(0x7f0000000140)={0x4, 0x80, 0x7, 0x0, 0x1, 0x20, 0x0, 0x80, 0x80, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0xffff, 0x4, @perf_config_ext={0x3ff, 0x6}, 0x10000, 0x1, 0x1, 0x1, 0x8, 0x5, 0xff, 0x0, 0xffffb2ab, 0x0, 0xd01}, 0x0, 0xe, 0xffffffffffffffff, 0x3) r4 = socket$inet_udp(0x2, 0x2, 0x0) sendfile(r3, r4, &(0x7f00000001c0)=0x6e8, 0x2) getsockopt$inet_int(r4, 0x0, 0xc, 0x0, &(0x7f0000003580)) r5 = dup3(r1, r1, 0x50b4104af6c52905) sendfile(r5, r0, 0x0, 0x6) mq_timedreceive(r2, &(0x7f00000003c0)=""/27, 0x1b, 0xffff, &(0x7f0000000400)={0x0, 0x989680}) socket$unix(0x1, 0x1, 0x0) io_setup(0x95, &(0x7f0000000000)) 18:11:23 executing program 7: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000380)={0xffffffffffffffff, 0x8, 0x1, 0x400}) ioctl$PERF_EVENT_IOC_ID(r0, 0x80082407, &(0x7f00000003c0)) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x2, 0x0, 0x0, 0x0, 0x0, 0x2, 0x32261, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x5}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) r2 = fork() process_vm_readv(r2, &(0x7f0000000bc0)=[{&(0x7f0000000a00)=""/105, 0x69}, {&(0x7f0000000a80)=""/13, 0xd}, {&(0x7f0000000ac0)=""/221, 0xdd}], 0x3, &(0x7f0000000d40)=[{&(0x7f0000000c00)=""/9, 0x9}, {&(0x7f0000000c40)=""/98, 0x62}, {&(0x7f0000000cc0)=""/109, 0x6d}], 0x3, 0x0) perf_event_open(&(0x7f0000001840)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000001800), 0xd}, 0x0, 0x0, 0x0, 0x0, 0x5}, r2, 0xffffffffffffffff, 0xffffffffffffffff, 0x3) write(r1, &(0x7f0000000080)="01", 0x292e9) VM DIAGNOSIS: 18:11:23 Registers: info registers vcpu 0 RAX=0000000000000000 RBX=ffff888018b875a8 RCX=0000000000000004 RDX=0000000000000000 RSI=0000000000000000 RDI=ffff888018b87560 RBP=ffff888015f65040 RSP=ffff888018b874b8 R8 =0000000000000001 R9 =ffff888018b87510 R10=ffffed1003170eaf R11=0000000000000001 R12=0000000000000000 R13=ffff888018b87538 R14=ffff888015f65040 R15=ffff888018b87510 RIP=ffffffff84154284 RFL=00000212 [----A--] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 00007fa60b6438c0 00000000 00000000 GS =0000 ffff88806ce00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007fd86e5f84a1 CR3=000000000fa9e000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=00000000000000000000000000000000 XMM01=ffffffffffffffffffffffffffffffff XMM02=00000000000000000000000000000000 XMM03=00000000000000000000000000000000 XMM04=000000000000000000000000000000ff XMM05=00000000000000000000000000000000 XMM06=0000000000000000000000524f525245 XMM07=00000000000000000000000000000000 XMM08=000000000000000000524f5252450040 XMM09=00000000000000000000000000000000 XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000 info registers vcpu 1 RAX=0000000000000066 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff823c0801 RDI=ffffffff8765c9e0 RBP=ffffffff8765c9a0 RSP=ffff8880408e7340 R8 =0000000000000001 R9 =000000000000000a R10=0000000000000066 R11=0000000000000001 R12=0000000000000066 R13=ffffffff8765c9a0 R14=0000000000000010 R15=ffffffff823c07f0 RIP=ffffffff823c0859 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 00007f35ec018700 00000000 00000000 GS =0000 ffff88806cf00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007f961f9fc8e0 CR3=000000003fc96000 CR4=00350ee0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=00000000000000000000000000000000 XMM01=00007f35eeb897c000007f35eeb897c8 XMM02=00007f35eeb897e000007f35eeb897c0 XMM03=00007f35eeb897c800007f35eeb897c0 XMM04=ffffffffffffffffffffffff00000000 XMM05=00000000000000000000000000000000 XMM06=0000000000000000000000524f525245 XMM07=00000000000000000000000000000000 XMM08=000000000000000000524f5252450040 XMM09=00000000000000000000000000000000 XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000