Warning: Permanently added '[localhost]:56051' (ECDSA) to the list of known hosts. 2022/09/17 00:21:31 fuzzer started 2022/09/17 00:21:32 dialing manager at localhost:36051 syzkaller login: [ 38.856347] cgroup: Unknown subsys name 'net' [ 38.947591] cgroup: Unknown subsys name 'rlimit' 2022/09/17 00:21:46 syscalls: 2215 2022/09/17 00:21:46 code coverage: enabled 2022/09/17 00:21:46 comparison tracing: enabled 2022/09/17 00:21:46 extra coverage: enabled 2022/09/17 00:21:46 setuid sandbox: enabled 2022/09/17 00:21:46 namespace sandbox: enabled 2022/09/17 00:21:46 Android sandbox: enabled 2022/09/17 00:21:46 fault injection: enabled 2022/09/17 00:21:46 leak checking: enabled 2022/09/17 00:21:46 net packet injection: enabled 2022/09/17 00:21:46 net device setup: enabled 2022/09/17 00:21:46 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2022/09/17 00:21:46 devlink PCI setup: PCI device 0000:00:10.0 is not available 2022/09/17 00:21:46 USB emulation: enabled 2022/09/17 00:21:46 hci packet injection: enabled 2022/09/17 00:21:46 wifi device emulation: failed to parse kernel version (6.0.0-rc5-next-20220916) 2022/09/17 00:21:46 802.15.4 emulation: enabled 2022/09/17 00:21:46 fetching corpus: 50, signal 26876/28665 (executing program) 2022/09/17 00:21:46 fetching corpus: 100, signal 41443/44787 (executing program) 2022/09/17 00:21:46 fetching corpus: 150, signal 53974/58691 (executing program) 2022/09/17 00:21:47 fetching corpus: 200, signal 62239/68284 (executing program) 2022/09/17 00:21:47 fetching corpus: 250, signal 68984/76308 (executing program) 2022/09/17 00:21:47 fetching corpus: 300, signal 74597/83118 (executing program) 2022/09/17 00:21:47 fetching corpus: 350, signal 80224/89870 (executing program) 2022/09/17 00:21:47 fetching corpus: 400, signal 85000/95718 (executing program) 2022/09/17 00:21:47 fetching corpus: 450, signal 88783/100575 (executing program) 2022/09/17 00:21:47 fetching corpus: 500, signal 93542/106280 (executing program) 2022/09/17 00:21:47 fetching corpus: 550, signal 97489/111238 (executing program) 2022/09/17 00:21:48 fetching corpus: 600, signal 99926/114669 (executing program) 2022/09/17 00:21:48 fetching corpus: 650, signal 102482/118213 (executing program) 2022/09/17 00:21:48 fetching corpus: 700, signal 105479/122109 (executing program) 2022/09/17 00:21:48 fetching corpus: 750, signal 107793/125351 (executing program) 2022/09/17 00:21:48 fetching corpus: 800, signal 112026/130297 (executing program) 2022/09/17 00:21:48 fetching corpus: 850, signal 114845/133848 (executing program) 2022/09/17 00:21:48 fetching corpus: 900, signal 118071/137738 (executing program) 2022/09/17 00:21:48 fetching corpus: 950, signal 119564/140116 (executing program) 2022/09/17 00:21:49 fetching corpus: 1000, signal 121840/143139 (executing program) 2022/09/17 00:21:49 fetching corpus: 1050, signal 123713/145770 (executing program) 2022/09/17 00:21:49 fetching corpus: 1100, signal 125787/148516 (executing program) 2022/09/17 00:21:49 fetching corpus: 1150, signal 127837/151232 (executing program) 2022/09/17 00:21:49 fetching corpus: 1200, signal 129428/153514 (executing program) 2022/09/17 00:21:49 fetching corpus: 1250, signal 131089/155873 (executing program) 2022/09/17 00:21:49 fetching corpus: 1300, signal 133216/158546 (executing program) 2022/09/17 00:21:49 fetching corpus: 1350, signal 134455/160485 (executing program) 2022/09/17 00:21:50 fetching corpus: 1400, signal 136429/162997 (executing program) 2022/09/17 00:21:50 fetching corpus: 1450, signal 137843/165050 (executing program) 2022/09/17 00:21:50 fetching corpus: 1500, signal 139880/167556 (executing program) 2022/09/17 00:21:50 fetching corpus: 1550, signal 141919/170032 (executing program) 2022/09/17 00:21:50 fetching corpus: 1600, signal 143385/171989 (executing program) 2022/09/17 00:21:50 fetching corpus: 1650, signal 144725/173861 (executing program) 2022/09/17 00:21:50 fetching corpus: 1700, signal 146878/176336 (executing program) 2022/09/17 00:21:51 fetching corpus: 1750, signal 149255/178911 (executing program) 2022/09/17 00:21:51 fetching corpus: 1800, signal 151498/181336 (executing program) 2022/09/17 00:21:51 fetching corpus: 1850, signal 153731/183710 (executing program) 2022/09/17 00:21:51 fetching corpus: 1900, signal 155745/185903 (executing program) 2022/09/17 00:21:51 fetching corpus: 1950, signal 157222/187735 (executing program) 2022/09/17 00:21:51 fetching corpus: 2000, signal 158958/189763 (executing program) 2022/09/17 00:21:52 fetching corpus: 2050, signal 160239/191443 (executing program) 2022/09/17 00:21:52 fetching corpus: 2100, signal 162896/193934 (executing program) 2022/09/17 00:21:52 fetching corpus: 2150, signal 163978/195403 (executing program) 2022/09/17 00:21:52 fetching corpus: 2200, signal 165342/197046 (executing program) 2022/09/17 00:21:52 fetching corpus: 2250, signal 166513/198503 (executing program) 2022/09/17 00:21:52 fetching corpus: 2300, signal 167799/200017 (executing program) 2022/09/17 00:21:52 fetching corpus: 2350, signal 169071/201517 (executing program) 2022/09/17 00:21:53 fetching corpus: 2400, signal 169713/202615 (executing program) 2022/09/17 00:21:53 fetching corpus: 2450, signal 171403/204440 (executing program) 2022/09/17 00:21:53 fetching corpus: 2500, signal 172362/205718 (executing program) 2022/09/17 00:21:53 fetching corpus: 2550, signal 173443/207055 (executing program) 2022/09/17 00:21:53 fetching corpus: 2600, signal 175492/208937 (executing program) 2022/09/17 00:21:53 fetching corpus: 2650, signal 176802/210362 (executing program) 2022/09/17 00:21:53 fetching corpus: 2700, signal 178394/211907 (executing program) 2022/09/17 00:21:54 fetching corpus: 2750, signal 179067/212903 (executing program) 2022/09/17 00:21:54 fetching corpus: 2800, signal 180664/214458 (executing program) 2022/09/17 00:21:54 fetching corpus: 2850, signal 181725/215613 (executing program) 2022/09/17 00:21:54 fetching corpus: 2900, signal 182954/216822 (executing program) 2022/09/17 00:21:54 fetching corpus: 2950, signal 184164/218062 (executing program) 2022/09/17 00:21:54 fetching corpus: 3000, signal 185226/219233 (executing program) 2022/09/17 00:21:54 fetching corpus: 3050, signal 185831/220082 (executing program) 2022/09/17 00:21:55 fetching corpus: 3100, signal 187014/221242 (executing program) 2022/09/17 00:21:55 fetching corpus: 3150, signal 188651/222775 (executing program) 2022/09/17 00:21:55 fetching corpus: 3200, signal 189462/223736 (executing program) 2022/09/17 00:21:55 fetching corpus: 3250, signal 190273/224723 (executing program) 2022/09/17 00:21:55 fetching corpus: 3300, signal 191337/225793 (executing program) 2022/09/17 00:21:55 fetching corpus: 3350, signal 192245/226728 (executing program) 2022/09/17 00:21:55 fetching corpus: 3400, signal 192837/227511 (executing program) 2022/09/17 00:21:56 fetching corpus: 3450, signal 193797/228522 (executing program) 2022/09/17 00:21:56 fetching corpus: 3500, signal 194355/229259 (executing program) 2022/09/17 00:21:56 fetching corpus: 3550, signal 195408/230277 (executing program) 2022/09/17 00:21:56 fetching corpus: 3600, signal 196294/231181 (executing program) 2022/09/17 00:21:56 fetching corpus: 3650, signal 197504/232205 (executing program) 2022/09/17 00:21:56 fetching corpus: 3700, signal 198459/233094 (executing program) 2022/09/17 00:21:56 fetching corpus: 3750, signal 198952/233773 (executing program) 2022/09/17 00:21:56 fetching corpus: 3800, signal 199786/234558 (executing program) 2022/09/17 00:21:57 fetching corpus: 3850, signal 200797/235402 (executing program) 2022/09/17 00:21:57 fetching corpus: 3900, signal 202165/236456 (executing program) 2022/09/17 00:21:57 fetching corpus: 3950, signal 203220/237347 (executing program) 2022/09/17 00:21:57 fetching corpus: 4000, signal 204077/238071 (executing program) 2022/09/17 00:21:57 fetching corpus: 4050, signal 204866/238813 (executing program) 2022/09/17 00:21:57 fetching corpus: 4100, signal 206102/239701 (executing program) 2022/09/17 00:21:57 fetching corpus: 4150, signal 206638/240312 (executing program) 2022/09/17 00:21:57 fetching corpus: 4200, signal 207472/240996 (executing program) 2022/09/17 00:21:58 fetching corpus: 4250, signal 208636/241803 (executing program) 2022/09/17 00:21:58 fetching corpus: 4300, signal 209563/242490 (executing program) 2022/09/17 00:21:58 fetching corpus: 4350, signal 210278/243076 (executing program) 2022/09/17 00:21:58 fetching corpus: 4400, signal 210664/243579 (executing program) 2022/09/17 00:21:58 fetching corpus: 4450, signal 211396/244164 (executing program) 2022/09/17 00:21:58 fetching corpus: 4500, signal 212784/244881 (executing program) 2022/09/17 00:21:58 fetching corpus: 4550, signal 213768/245487 (executing program) 2022/09/17 00:21:58 fetching corpus: 4600, signal 215125/246350 (executing program) 2022/09/17 00:21:59 fetching corpus: 4650, signal 215859/246887 (executing program) 2022/09/17 00:21:59 fetching corpus: 4700, signal 216618/247453 (executing program) 2022/09/17 00:21:59 fetching corpus: 4750, signal 217011/247878 (executing program) 2022/09/17 00:21:59 fetching corpus: 4800, signal 217657/248361 (executing program) 2022/09/17 00:21:59 fetching corpus: 4850, signal 218220/248817 (executing program) 2022/09/17 00:21:59 fetching corpus: 4900, signal 218594/249281 (executing program) 2022/09/17 00:21:59 fetching corpus: 4950, signal 219092/249762 (executing program) 2022/09/17 00:21:59 fetching corpus: 5000, signal 219668/250205 (executing program) 2022/09/17 00:22:00 fetching corpus: 5050, signal 220661/250774 (executing program) 2022/09/17 00:22:00 fetching corpus: 5100, signal 221148/251158 (executing program) 2022/09/17 00:22:00 fetching corpus: 5150, signal 221707/251575 (executing program) 2022/09/17 00:22:00 fetching corpus: 5200, signal 222366/251966 (executing program) 2022/09/17 00:22:00 fetching corpus: 5250, signal 223185/252426 (executing program) 2022/09/17 00:22:00 fetching corpus: 5300, signal 223650/252751 (executing program) 2022/09/17 00:22:00 fetching corpus: 5350, signal 224245/253099 (executing program) 2022/09/17 00:22:01 fetching corpus: 5400, signal 224876/253491 (executing program) 2022/09/17 00:22:01 fetching corpus: 5450, signal 226161/253915 (executing program) 2022/09/17 00:22:01 fetching corpus: 5500, signal 226750/254259 (executing program) 2022/09/17 00:22:01 fetching corpus: 5550, signal 227268/254583 (executing program) 2022/09/17 00:22:01 fetching corpus: 5600, signal 227783/254891 (executing program) 2022/09/17 00:22:01 fetching corpus: 5650, signal 228438/255246 (executing program) 2022/09/17 00:22:01 fetching corpus: 5700, signal 228940/255544 (executing program) 2022/09/17 00:22:02 fetching corpus: 5750, signal 229861/255833 (executing program) 2022/09/17 00:22:02 fetching corpus: 5800, signal 230328/256111 (executing program) 2022/09/17 00:22:02 fetching corpus: 5850, signal 230696/256338 (executing program) 2022/09/17 00:22:02 fetching corpus: 5900, signal 231260/256573 (executing program) 2022/09/17 00:22:02 fetching corpus: 5950, signal 231583/256791 (executing program) 2022/09/17 00:22:02 fetching corpus: 6000, signal 232394/257074 (executing program) 2022/09/17 00:22:02 fetching corpus: 6050, signal 232975/257445 (executing program) 2022/09/17 00:22:02 fetching corpus: 6100, signal 233517/257691 (executing program) 2022/09/17 00:22:03 fetching corpus: 6150, signal 234495/257899 (executing program) 2022/09/17 00:22:03 fetching corpus: 6200, signal 235098/258112 (executing program) 2022/09/17 00:22:03 fetching corpus: 6250, signal 235584/258317 (executing program) 2022/09/17 00:22:03 fetching corpus: 6300, signal 236124/258504 (executing program) 2022/09/17 00:22:03 fetching corpus: 6350, signal 236811/258541 (executing program) 2022/09/17 00:22:03 fetching corpus: 6400, signal 237315/258541 (executing program) 2022/09/17 00:22:03 fetching corpus: 6450, signal 237961/258541 (executing program) 2022/09/17 00:22:04 fetching corpus: 6500, signal 238570/258576 (executing program) 2022/09/17 00:22:04 fetching corpus: 6550, signal 239128/258619 (executing program) 2022/09/17 00:22:04 fetching corpus: 6600, signal 239749/258619 (executing program) 2022/09/17 00:22:04 fetching corpus: 6650, signal 240548/258629 (executing program) 2022/09/17 00:22:04 fetching corpus: 6700, signal 240918/258631 (executing program) 2022/09/17 00:22:04 fetching corpus: 6750, signal 241513/258645 (executing program) 2022/09/17 00:22:04 fetching corpus: 6800, signal 242108/258646 (executing program) 2022/09/17 00:22:05 fetching corpus: 6850, signal 242644/258646 (executing program) 2022/09/17 00:22:05 fetching corpus: 6883, signal 243246/258647 (executing program) 2022/09/17 00:22:05 fetching corpus: 6883, signal 243246/258647 (executing program) 2022/09/17 00:22:07 starting 8 fuzzer processes 00:22:07 executing program 1: getsockopt$IPT_SO_GET_INFO(0xffffffffffffffff, 0x0, 0x40, &(0x7f0000000000)={'mangle\x00', 0x0, [0x3, 0x1, 0x9, 0xfffffffc, 0xffffffff]}, &(0x7f0000000080)=0x54) getsockopt$ARPT_SO_GET_INFO(0xffffffffffffffff, 0x0, 0x60, &(0x7f00000000c0)={'filter\x00', 0x0, [0x80000000, 0x0, 0xfffffff9]}, &(0x7f0000000140)=0x44) ioctl$sock_inet_SIOCGIFNETMASK(0xffffffffffffffff, 0x891b, &(0x7f0000000180)={'veth0_macvtap\x00', {0x2, 0x0, @dev}}) setsockopt$IP_VS_SO_SET_FLUSH(0xffffffffffffffff, 0x0, 0x485, 0x0, 0x0) r0 = socket(0xe, 0x800, 0x2) setsockopt$inet_mreqsrc(r0, 0x0, 0x27, &(0x7f00000001c0)={@private=0xa010100, @remote, @private=0xa010101}, 0xc) setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000200)=0x5, 0x4) ioctl$AUTOFS_DEV_IOCTL_CATATONIC(0xffffffffffffffff, 0xc0189379, &(0x7f0000000240)={{0x1, 0x1, 0x18, r0}, './file0\x00'}) ioctl$sock_inet_SIOCGARP(r1, 0x8954, &(0x7f0000000280)={{0x2, 0x4e24, @local}, {0x306, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x3a}}, 0x16, {0x2, 0x4e22, @local}, 'ip6gretap0\x00'}) setsockopt$inet_mreq(r0, 0x0, 0x23, &(0x7f0000000300)={@empty, @local}, 0x8) getsockopt$IP_VS_SO_GET_SERVICES(r1, 0x0, 0x482, &(0x7f0000000340)=""/36, &(0x7f0000000380)=0x24) r2 = syz_mount_image$vfat(&(0x7f00000003c0), &(0x7f0000000400)='./file0\x00', 0x736, 0x5, &(0x7f0000000700)=[{&(0x7f0000000440)="6454691dbaa525fec1e1b58a3b3525d51f6f318d42704ba70a2de9998596117e4169320d2dcbac46d6df8be3e13347f01c87fb3a32bdc0348ca7f4d582aed8e0843cd9fbfed98e09c7b6e878e12eeb7caf2e4f47d82a", 0x56, 0x8}, {&(0x7f00000004c0)="0aa2d4a46c70f41be264a43dfd864439ea2e18", 0x13}, {&(0x7f0000000500), 0x0, 0x7ff}, {&(0x7f0000000540)="77e3395a88cf2776a8931fd69e8b611b346fdd657ecdf727e080d878b7105f99996d62313905b1834ea6dc1e921ec440418f330552993a761db6ec4085805cd7d96b948920d0eb6b0214b0782a1c95b16718833a835a0040e6c9184f928c7878d527f85bf695b26c4c9a97ed02704c7d6cdf7999b9818a2a761b0c8c0627f032de1311acf4ad253ad7258c39ae31eb", 0x8f, 0x3}, {&(0x7f0000000600)="076f1bfbde1b3432e1020af7d64562f1ec51cf07f3f67a17333990e08d4169d92d509f0c92c163242fba0a41826acc28ff51bd03e8d216f38f55c6068a87e9700b6f3b4774ef4e6de3edcafb531e211c8568f7d96f032818db8e957fd9616767327b410a561cc5360ea6ed1eefc9aac3cc80a1f97e24bae732b95a770a2d2941e2f0d502ca69d123f138899b2265a64d2781c8eee80a932f300a6d2e3fdeef314fb1fc61f793514c678a9fc3e0f4891608d4134238e20f320489f7ccdfb00cf204a76c59af1d506b43ad917ce51705aa0d0a3a133b741c561822eeda8326ddbb64446ef1a7b754d936b83077583887e8bb342ce396f060f0fb23d72477", 0xfd, 0xfff}], 0x8000, &(0x7f0000000780)={[{@utf8no}, {@utf8}, {@fat=@showexec}, {@shortname_win95}, {@numtail}, {@shortname_winnt}, {@shortname_win95}, {@rodir}, {@shortname_win95}], [{@func={'func', 0x3d, 'POLICY_CHECK'}}, {@obj_role}, {@fsmagic}, {@seclabel}, {@audit}, {@uid_lt={'uid<', 0xee00}}, {@fscontext={'fscontext', 0x3d, 'staff_u'}}]}) fcntl$setflags(r2, 0x2, 0x0) r3 = syz_open_dev$vcsn(&(0x7f0000000880), 0x8, 0x80440) setsockopt$IPT_SO_SET_ADD_COUNTERS(r3, 0x0, 0x41, &(0x7f00000008c0)={'mangle\x00', 0x3, [{}, {}, {}]}, 0x58) ioctl$AUTOFS_DEV_IOCTL_FAIL(r1, 0xc0189377, &(0x7f0000000a00)={{0x1, 0x1, 0x18, r1, {0x10001, 0xfffffffd}}, './file0\x00'}) sendmsg$MPTCP_PM_CMD_DEL_ADDR(r4, &(0x7f0000000b00)={&(0x7f0000000a40)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000ac0)={&(0x7f0000000a80)={0x2c, 0x0, 0x10, 0x70bd29, 0x25dfdbfe, {}, [@MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x6}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x4}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x5}]}, 0x2c}, 0x1, 0x0, 0x0, 0x20000904}, 0x8084) ioctl$sock_SIOCSIFVLAN_SET_VLAN_FLAG_CMD(0xffffffffffffffff, 0x8983, &(0x7f0000000b40)={0x7, 'nr0\x00', {0x7fffffff}, 0x1}) fcntl$F_SET_RW_HINT(r3, 0x40c, &(0x7f0000000b80)=0x5) ioctl$sock_proto_private(r3, 0x89e6, &(0x7f0000000bc0)="d9db8da7f152ec5977f65d72364d76b0bc6f1be0aa1dafd1f51836dbce6585e57212791ff138e1889b32ba65b5b8458745e3d7a3f2c36ec992dae40de1cbb67dcd72722a2eae952417eef743347f8ac82f0c06e307774df93341eb877abe93978ad6ed0ccd7328fd8509f6e05a644e15ed8e505c80c7316cb153244b86bcb55c1168e5f563e78ebc80bb5b79122785f11badc9197baa6a9cbbf705171510198da724dc13f0c49a55") 00:22:07 executing program 0: fsconfig$FSCONFIG_SET_FD(0xffffffffffffffff, 0x5, &(0x7f0000000000)=')-\x00', 0x0, 0xffffffffffffffff) r0 = syz_open_pts(0xffffffffffffffff, 0x80501) sendfile(0xffffffffffffffff, r0, &(0x7f0000000040)=0x19, 0x5) close(r0) ioctl$BLKDISCARD(0xffffffffffffffff, 0x1277, &(0x7f0000000080)=0x400) ioctl$BTRFS_IOC_DEV_INFO(r0, 0xd000941e, &(0x7f00000000c0)={0x0, "10d00eff8d3b77be9e4f9dc02f27c266"}) r1 = perf_event_open(&(0x7f00000010c0)={0x2, 0x80, 0x3, 0x3, 0x9, 0x5, 0x0, 0x3f77, 0x1000, 0x2, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x3, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x2, 0x4, @perf_config_ext, 0x40, 0xffffffff, 0x2ad, 0x1, 0x7, 0xdce, 0x9a07, 0x0, 0x7, 0x0, 0x1}, 0x0, 0x0, 0xffffffffffffffff, 0xa) ioctl$CDROMREADALL(0xffffffffffffffff, 0x5318, &(0x7f0000001140)) r2 = memfd_secret(0x0) ioctl$FIGETBSZ(r2, 0x2, &(0x7f0000001bc0)) ioctl$FS_IOC_GET_ENCRYPTION_POLICY_EX(r2, 0xc0096616, &(0x7f0000001c00)={0x2, [0x0, 0x0]}) ioctl$EXT4_IOC_MIGRATE(r0, 0x6609) fcntl$setlease(r0, 0x400, 0x1) recvmsg$unix(r2, &(0x7f0000001ec0)={0x0, 0x0, &(0x7f0000001e00)=[{&(0x7f0000001c40)=""/204, 0xcc}, {&(0x7f0000001d40)=""/132, 0x84}], 0x2, &(0x7f0000001e40)=[@rights={{0x38, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x20, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0x78}, 0x40000203) io_uring_register$IORING_REGISTER_FILES_UPDATE(0xffffffffffffffff, 0x6, &(0x7f0000001f40)={0x5, 0x0, &(0x7f0000001f00)=[r5, r1, r2, r0]}, 0x4) ioctl$CDROM_DISC_STATUS(0xffffffffffffffff, 0x5327) write$binfmt_aout(r5, &(0x7f0000001f80)={{0x10b, 0x4, 0xf7, 0x370, 0x1cc, 0x7, 0x264, 0x70c4b03f}, "67fda01ef2eb739c9675959790c9b74a8c8ddbfc47c77a3399b0f4992d33226b42f9ff8507bbac00b46058735108e83bf8bfb73eff025c017e98fbb5cce0d9d5895c43007f104b516a7281100b3ebc55e6600915ed559af3a2d6b14acbdb128cfe16d00b8edff36f13e11798ed3c94bd9c897170fe03ba4e14afab67df916daab9e7850879bf5c4047eb8a434c64ae56da886e14d6c4a1b1523bacd47e5db165939b4d17b0a5b00a7eef80a3c7464a6db27f3c99f65b46a20a0a5ea6453865", ['\x00', '\x00']}, 0x2df) ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(r4, 0x89f0, &(0x7f0000002300)={'ip_vti0\x00', &(0x7f0000002280)={'gretap0\x00', 0x0, 0x7800, 0x7810, 0x9, 0x4, {{0x14, 0x4, 0x3, 0x2, 0x50, 0x66, 0x0, 0x80, 0x4, 0x0, @multicast1, @local, {[@rr={0x7, 0x2b, 0x84, [@rand_addr=0x64010100, @dev={0xac, 0x14, 0x14, 0x18}, @dev={0xac, 0x14, 0x14, 0x3c}, @multicast1, @broadcast, @broadcast, @loopback, @empty, @broadcast, @broadcast]}, @generic={0x44, 0xd, "57a95c129bf3401ca9d770"}, @noop]}}}}}) r7 = syz_genetlink_get_family_id$ethtool(&(0x7f0000002380), r3) sendmsg$ETHTOOL_MSG_CHANNELS_GET(0xffffffffffffffff, &(0x7f0000002840)={&(0x7f0000002340)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000002800)={&(0x7f0000002600)={0x1d8, r7, 0x800, 0x70bd26, 0x25dfdbfc, {}, [@HEADER={0x68, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'rose0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_to_team\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r6}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_virt_wifi\x00'}]}, @HEADER={0x14, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r6}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}]}, @HEADER={0x28, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_virt_wifi\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r6}]}, @HEADER={0x34, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'bridge0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_to_hsr\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x5}]}, @HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}]}, @HEADER={0x34, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'syzkaller1\x00'}]}, @HEADER={0x24, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_FLAGS={0x8}]}, @HEADER={0x48, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r6}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x6}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r6}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r6}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'bond_slave_1\x00'}]}, @HEADER={0x40, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_macvtap\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r6}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}]}]}, 0x1d8}, 0x1, 0x0, 0x0, 0x4000}, 0x4040004) 00:22:07 executing program 3: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000040)={0x2, &(0x7f0000000000)=[{0x1000, 0x97, 0x1, 0x3}, {0x9, 0x74, 0x9, 0x2}]}) r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f00000000c0)={0x6, &(0x7f0000000080)=[{0xef, 0x40, 0x36, 0xe19}, {0x6, 0xff, 0x20, 0x1}, {0xe0b9, 0x1f, 0x3f, 0xffffffff}, {0x80, 0x3c, 0x3, 0x7c18}, {0x8, 0xff, 0x40, 0x24000000}, {0x1, 0x3f, 0x80, 0x7ff}]}) lseek(r1, 0x3, 0x3) r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000140)={0x2, &(0x7f0000000100)=[{0x5, 0x1, 0xac, 0x1}, {0x4, 0x6, 0x3, 0x1}]}) preadv2(0xffffffffffffffff, &(0x7f0000000340)=[{&(0x7f0000000180)=""/177, 0xb1}, {&(0x7f0000000240)=""/53, 0x35}, {&(0x7f0000000280)=""/162, 0xa2}], 0x3, 0x7, 0x467, 0x4) ioctl$SNDRV_SEQ_IOCTL_QUERY_NEXT_CLIENT(0xffffffffffffffff, 0xc0bc5351, &(0x7f0000000380)={0xce7, 0x0, 'client0\x00', 0x2, "ab7e8f149f6f3437", "aa7968f1e9e339c0d9ce31cf01f29d2f0f62b173b0a3891060203438d0600853", 0x8, 0x2}) ioctl$F2FS_IOC_COMMIT_ATOMIC_WRITE(r1, 0xf502, 0x0) ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(0xffffffffffffffff, 0xc0189378, &(0x7f0000000440)={{0x1, 0x1, 0x18, r1, {r2}}, './file0\x00'}) ioctl$SNDRV_SEQ_IOCTL_QUERY_NEXT_PORT(r4, 0xc0a85352, &(0x7f0000000480)={{0x4, 0xc1}, 'port1\x00', 0x30, 0x0, 0x9, 0x2, 0x2, 0x0, 0x4, 0x0, 0x4, 0xff}) open_by_handle_at(r4, &(0x7f0000000540)=@orangefs={0x14, 0x1, {"f01b6d9afee0c10911599a6d131f5a1a", 0x7}}, 0x614a03) ioctl$F2FS_IOC_MOVE_RANGE(r3, 0xc020f509, &(0x7f0000000580)={r3, 0x6, 0x80000000, 0x5}) ioctl$SNDRV_SEQ_IOCTL_DELETE_QUEUE(r5, 0x408c5333, &(0x7f00000005c0)={0x1, 0x1, 0x0, 'queue1\x00', 0x4}) r6 = open_tree(r4, &(0x7f0000000680)='./file0\x00', 0x1000) ioctl$SNDRV_SEQ_IOCTL_PVERSION(r6, 0x80045300, &(0x7f00000006c0)) getsockopt$IP6T_SO_GET_REVISION_MATCH(r3, 0x29, 0x44, &(0x7f0000000700)={'ipvs\x00'}, &(0x7f0000000740)=0x1e) epoll_ctl$EPOLL_CTL_ADD(r4, 0x1, 0xffffffffffffffff, &(0x7f0000000780)={0x70000000}) dup(r0) write$binfmt_elf64(r3, &(0x7f00000007c0)={{0x7f, 0x45, 0x4c, 0x46, 0x8, 0x5, 0xff, 0x6, 0x2500, 0x3, 0x3, 0x88e7, 0x310, 0x40, 0x3bd, 0x8000, 0x1, 0x38, 0x1, 0xef, 0x7, 0x7cc}, [{0x5, 0x8a0, 0x5, 0x1c9, 0xff, 0x7, 0x100000001, 0x2}], "a00d54f843fa5cea6dc1797f17836d78ffa1ae9975de13655ebeb8197c5b1e576c7adcf05c72ff0881bff9bf254a280783a101ca424b5544f69f29c224cff55ad2fcafb9fa1e4671a3d7f927fb1daaec8cbf7199ae045c5ffe046712252f98e972f1aaefcbb1a836aedfe6818b66e03a4c86dcd767a8e7", ['\x00', '\x00']}, 0x2ef) write(r6, &(0x7f0000000ac0)="18db087670ba7dbce281d427c2595541f094575f7c2a32db8d83e55bd7cba9ac402774bacceb93b32e8bcb08733ecf0055a2e085b09e914adec17f2e03017b78a221278ac5c87736d6fba4619b593ccd2a5e1c7e8764a657b0e5d34eb73f9a67a570110c3a4372b9ef3407824ebd9e1dbf3b9c0e189de056add0812c29bab245414f21ad66746bfe283e7acf287fcd078037648b97d4855be6ac079edb12fe8170a38737add372dd133423e28e", 0xad) ioctl$SNDRV_SEQ_IOCTL_DELETE_PORT(0xffffffffffffffff, 0x40a85321, &(0x7f0000000bc0)={{0x6, 0x25}, 'port1\x00', 0x10c, 0x40020, 0x80000000, 0x9, 0xffffffea, 0x3ff, 0x4, 0x0, 0x7, 0x5}) 00:22:07 executing program 2: sendmsg$NLBL_MGMT_C_REMOVE(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f00000000c0)={&(0x7f0000000040)={0x48, 0x0, 0x200, 0x70bd25, 0x25dfdbfd, {}, [@NLBL_MGMT_A_IPV4MASK={0x8, 0x8, @multicast1}, @NLBL_MGMT_A_IPV4ADDR={0x8, 0x7, @initdev={0xac, 0x1e, 0x0, 0x0}}, @NLBL_MGMT_A_CV4DOI={0x8, 0x4, 0xffffffffffffffff}, @NLBL_MGMT_A_IPV4MASK={0x8, 0x8, @multicast2}, @NLBL_MGMT_A_IPV6MASK={0x14, 0x6, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}}]}, 0x48}, 0x1, 0x0, 0x0, 0x4850}, 0x810) r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000140), 0x10280, 0x0) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000240)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000200)={&(0x7f00000001c0)={0x14, 0x0, 0x1, 0x301, 0x0, 0x0, {0x2, 0x0, 0x3}}, 0x14}, 0x1, 0x0, 0x0, 0x20008841}, 0x200480d0) fcntl$lock(r0, 0x24, &(0x7f0000000280)={0x1, 0x1, 0x8, 0x6, 0xffffffffffffffff}) r1 = fsmount(r0, 0x1, 0x8c) r2 = syz_genetlink_get_family_id$batadv(&(0x7f00000003c0), r0) sendmsg$BATADV_CMD_GET_TRANSTABLE_LOCAL(r1, &(0x7f0000000480)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000440)={&(0x7f0000000400)={0x2c, r2, 0x2, 0x70bd2b, 0x25dfdbff, {}, [@BATADV_ATTR_GW_BANDWIDTH_UP={0x8, 0x32, 0x80000001}, @BATADV_ATTR_HARD_IFINDEX={0x8}, @BATADV_ATTR_THROUGHPUT_OVERRIDE={0x8, 0x3b, 0x1200}]}, 0x2c}, 0x1, 0x0, 0x0, 0xcc566b52513c0102}, 0xc0c4) r3 = dup2(0xffffffffffffffff, r1) ioctl$SCSI_IOCTL_GET_BUS_NUMBER(r3, 0x5386, &(0x7f00000004c0)) r4 = openat(r0, &(0x7f0000000500)='./file0\x00', 0x58440, 0x2) ioctl$KDSETMODE(r4, 0x4b3a, 0x1) r5 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000540)='/sys/class/rfkill', 0x121200, 0x4) sendmsg$IPCTNL_MSG_TIMEOUT_GET(r5, &(0x7f0000000640)={&(0x7f0000000580)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000600)={&(0x7f00000005c0)={0x2c, 0x1, 0x8, 0x5, 0x0, 0x0, {0x0, 0x0, 0x1}, [@CTA_TIMEOUT_L3PROTO={0x6, 0x2, 0x1, 0x0, 0xfbfb}, @CTA_TIMEOUT_L4PROTO={0x5, 0x3, 0x1}, @CTA_TIMEOUT_L4PROTO={0x5, 0x3, 0x11}]}, 0x2c}, 0x1, 0x0, 0x0, 0x4010}, 0x80) read$ptp(0xffffffffffffffff, &(0x7f0000000680)=""/212, 0xd4) sendmsg$nl_netfilter(r3, &(0x7f0000000880)={&(0x7f0000000780)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000840)={&(0x7f00000007c0)={0x4c, 0xd, 0xa, 0x101, 0x70bd2c, 0x25dfdbff, {0x2}, [@generic="d36341587835b0999e081fb5a3ddaaa92d68e32d3564bfff3cc168404b5e3d2dc5f50fb1c9d7c1620b9628a04732a7ac58ea7338df"]}, 0x4c}, 0x1, 0x0, 0x0, 0x24000045}, 0x4040000) r6 = dup(0xffffffffffffffff) r7 = clone3(&(0x7f0000000b00)={0x204800, &(0x7f00000008c0), &(0x7f0000000900)=0x0, &(0x7f0000000940), {0x32}, &(0x7f0000000980)=""/108, 0x6c, &(0x7f0000000a00)=""/136, &(0x7f0000000ac0)=[0xffffffffffffffff, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x0], 0x9, {r3}}, 0x58) ioctl$BINDER_GET_FROZEN_INFO(r6, 0xc00c620f, &(0x7f0000000b80)={r8}) r9 = syz_open_procfs(r7, &(0x7f0000000bc0)='net/anycast6\x00') open_tree(r9, &(0x7f0000000c00)='./file0\x00', 0x800) 00:22:07 executing program 4: r0 = openat$vcsa(0xffffffffffffff9c, &(0x7f00000000c0), 0x90501, 0x0) fstat(r0, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x0}) sendmsg$sock(r0, &(0x7f00000004c0)={&(0x7f0000000180)=@generic={0x21, "1cb8ad1263c8a5259ac6aef2b3b485d712a3a5b6c0004091913819b5bdac00abab5feb22a4c8c37ae91a001a5c905acca7f36bcde908214cc23c9a75202e2caa437f21228f0c9aa6d7a91d9ddadafffb1661a94f1f6ff63274399f72035b0d74fbe6cf125bcde08aa6afbab739d203df2038585f42c99175e9c87f35b874"}, 0x80, &(0x7f00000003c0)=[{&(0x7f0000000200)="eadc2480f15aa0044cd9032c6601a5a98944b2d524279952bcffc6a6cbf4d7958664c1c8f6d56af47d83e7cb57921b011f463d8e3c1830b511aa9b0919151dd6a0d0fca28f5aef9466e000b2d8c34076d09882ccce0b18524f1f71d2ac70f68a71d00dfee67d1907baa30fdb9ecbf4a21949c9beeb53a58417cdb261a54a81698802001bbdfc38da258e76fd1d018de0ae22b83ea5cfd503e6b0574b14222365169b36e1ae4138dc9f618b3a76caba6f47eb611e5dde51e591a33f5b5e8d06fd2852cf3cfdcabf61f564317701fb1b6712bd4fc97408ed497b0c8129cf55d116ea43", 0xe2}, {&(0x7f0000000300)="d219480b64323c56c2fe95f900572c76761fcd8c6d229f0313d004a90b93c45bd8dad01fe2d42365fd704ab8b8f16e78ebfb3498738166228825a1c81cf0918f728a9f89876746cb3377891696a5e8e6eca575307b03ee11c315bb395b259a36974115e2e3d33eae99", 0x69}, {&(0x7f0000000380)}], 0x3, &(0x7f0000000400)=[@mark={{0x14}}, @txtime={{0x18, 0x1, 0x3d, 0xffff}}, @timestamping={{0x14, 0x1, 0x25, 0x4}}, @txtime={{0x18, 0x1, 0x3d, 0x5766}}, @mark={{0x14, 0x1, 0x24, 0x3}}, @txtime={{0x18, 0x1, 0x3d, 0x3f}}, @mark={{0x14, 0x1, 0x24, 0x7}}], 0xa8}, 0x4080040) r2 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000001900)='/sys/module/drm_display_helper', 0x2002, 0x0) ioctl$sock_SIOCOUTQNSD(r2, 0x894b, &(0x7f0000001940)) fstat(r2, &(0x7f0000001980)) r3 = accept$inet(r0, &(0x7f0000001a00)={0x2, 0x0, @initdev}, &(0x7f0000001a40)=0x10) ioctl$sock_SIOCBRDELBR(r3, 0x89a1, &(0x7f0000001a80)='hsr0\x00') r4 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$BTRFS_IOC_QUOTA_RESCAN_STATUS(r4, 0x8040942d, &(0x7f0000001ac0)) r5 = socket$nl_xfrm(0x10, 0x3, 0x6) dup(r5) openat$ptp0(0xffffffffffffff9c, &(0x7f0000001b00), 0x202000, 0x0) r6 = signalfd4(r5, &(0x7f0000001b40)={[0x8]}, 0x8, 0x80800) r7 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000001b80)='freezer.self_freezing\x00', 0x0, 0x0) sendmsg$nl_xfrm(r7, &(0x7f0000001ec0)={&(0x7f0000001bc0)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000001e80)={&(0x7f0000001c00)=@newpolicy={0x270, 0x13, 0x10, 0x70bd29, 0x25dfdbfc, {{@in6=@private2={0xfc, 0x2, '\x00', 0x1}, @in=@remote, 0x4e22, 0x4, 0x4e21, 0x0, 0x2, 0x20, 0x20, 0x32, 0x0, 0xee00}, {0x0, 0x80000000, 0x9, 0x9081, 0xb04, 0x401, 0x800, 0x5}, {0x2c4, 0x100000000, 0x9, 0x9}, 0x401, 0x0, 0x1, 0xe8bc6fb6e4f8cf54, 0x1, 0x3}, [@srcaddr={0x14, 0xd, @in6=@private2={0xfc, 0x2, '\x00', 0x1}}, @mark={0xc, 0x15, {0x35075a, 0x10001}}, @extra_flags={0x8, 0x18, 0xfffffffd}, @sec_ctx={0xac, 0x8, {0xa8, 0x8, 0x1, 0x18, 0xa0, "326b84a5919d42d24d9b1cb96abb7cf51f111e60d521eb9f4148fc8a3c10eda6ae6332cad2a281f6df4ec58091c848735dcf3559a37981f42e93341ce093a6462184b47d164aeb6bcb41122ffb4e23d013661281e0cd6959f153b23cc8daef685aad2fc979314eaddfd1c35f22a14afa49637bec7cbc7c938d4dfa3151068d7d5df9787e09dabc2b1e0727bf5828c7b6558536a57d7270956c3336243a8c78d6"}}, @sa={0xe4, 0x6, {{@in=@local, @in=@remote, 0xd57f, 0x200, 0x4e22, 0x5, 0xa, 0x0, 0x0, 0x16, 0x0, r1}, {@in=@multicast1, 0x4d4, 0xff}, @in=@remote, {0xfffffffffffff801, 0x47486f29, 0xffffffff, 0xb7d, 0x2, 0x1b3e, 0x9, 0x3}, {0x3fe0000, 0x8, 0x4, 0x100000000}, {0x5, 0x401, 0xa131}, 0x70bd25, 0x34ff, 0xa, 0x1, 0x5, 0x84}}]}, 0x270}, 0x1, 0x0, 0x0, 0x10008001}, 0x40004) r8 = syz_open_dev$tty1(0xc, 0x4, 0x3) ioctl$FS_IOC_READ_VERITY_METADATA(r8, 0xc0286687, &(0x7f0000002000)={0x3, 0x9, 0xf5, &(0x7f0000001f00)=""/245}) fsetxattr$trusted_overlay_nlink(r6, &(0x7f0000002040), &(0x7f0000002080)={'U+', 0xffffffffffffff45}, 0x16, 0x1) setsockopt$inet6_IPV6_ADDRFORM(r6, 0x29, 0x1, &(0x7f00000020c0), 0x4) [ 74.480750] audit: type=1400 audit(1663374127.935:6): avc: denied { execmem } for pid=282 comm="syz-executor.1" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1 00:22:07 executing program 5: r0 = syz_open_pts(0xffffffffffffffff, 0x40802) r1 = syz_open_dev$tty1(0xc, 0x4, 0x3) ioctl$TCSETSF2(r1, 0x402c542d, &(0x7f0000000000)={0x79, 0x4, 0x1000, 0xdc7, 0xff, "943c430a85b5f5d23ffddb54a25f1354724d85", 0x7, 0x401}) ioctl$TCGETA(r0, 0x5405, &(0x7f0000000040)) ioctl$BTRFS_IOC_DEFRAG(0xffffffffffffffff, 0x50009402, 0x0) bind$802154_dgram(0xffffffffffffffff, &(0x7f0000000080)={0x24, @short={0x2, 0x0, 0xffff}}, 0x14) r2 = creat(&(0x7f00000000c0)='./file0\x00', 0xeb) ioctl$BTRFS_IOC_GET_FEATURES(r2, 0x80189439, &(0x7f0000000100)) r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000140)='./cgroup.cpu/syz0\x00', 0x200002, 0x0) finit_module(r3, &(0x7f0000000180)='}\x00', 0x2) writev(r1, &(0x7f00000004c0)=[{&(0x7f00000001c0)="c30be3afa3410d63d781375b0d1c18cd505e6491738ee8c44e9da5a3d921047427db26ad26d78158e934f4bed764004d1bb0aa5b0ea30a03b3459b424a4774224ccb429c9e0d25fa7cf13b461b", 0x4d}, {&(0x7f0000000240)="7387e9239d27b18bc57775fc5367788e854519e4413373d7795aa2fd9c25ca7a7d5f3c11f8d355cc600bc72e3eaea3e9914961c8d4140d869ec2ea03d4d63ec0ba7bd6c6b0d862b7a2d5ac01901e5a92bcd62d5579447fff638a4d3f0fe70ff99696502c4643757646f70434db8c10a0ac40a21055fe9e96073739db33d2343c647797a3bb23b020626f62cf32889acd0f0f3696152a9c7f1cd057aab0a0bfd299c46c056d6fcd7a8ab406da4f6c717618912b2e401aacc2b23b0a5961bf310064320742cb4b4ac430e813254e0e98665f6a1a10860497c42260809cf60f73e1477b44a673", 0xe5}, {&(0x7f0000000340)="16739961d6c9d45b2a9372ff914b50a5bc341580a72c24a444ce1814f416fdbdfced535587b6534951e81d34d074", 0x2e}, {&(0x7f0000000380)="0d64531786ccb66e4982bf706167715a82c527e7dff42197c614aaac3aa8468565f777bd7a32dca029372fa397eabcb5009a1d08249c4dd4efc2fec3f6bce1d463fae75e32412f64132e03896a6aceeb77", 0x51}, {&(0x7f0000000400)="3f0d3934b26f579b8fe1e93c618d3630ed07ad5dbad4df546084538cd97637b787759350b8e9e528b718e06226aa10c1ab6aeba01ececc4677e530375b5d68effaccda8078ed901e4666e532ccb0ffe0445688520a9974ce6a38bdb2211d6a743241820fa28f85011690b36f4fdff773e331b975633da98590278df5f631bd11950bdbb5d09397dd660710f7a62f7938f2a7b97ee1b6d0ea553d11b0ff77c7de857ae8af277ebb5601", 0xa9}], 0x5) r4 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000540), 0x254900, 0x0) bind$802154_dgram(r4, &(0x7f0000000580)={0x24, @long={0x3, 0x3, {0xaaaaaaaaaaaa0102}}}, 0x14) flistxattr(r1, &(0x7f00000005c0)=""/49, 0x31) recvmmsg$unix(r2, &(0x7f00000020c0)=[{{&(0x7f0000000600), 0x6e, &(0x7f0000001c40)=[{&(0x7f0000000680)=""/190, 0xbe}, {&(0x7f0000000740)=""/38, 0x26}, {&(0x7f0000000780)=""/129, 0x81}, {&(0x7f0000000840)=""/96, 0x60}, {&(0x7f00000008c0)=""/214, 0xd6}, {&(0x7f00000009c0)=""/117, 0x75}, {&(0x7f0000000a40)=""/4096, 0x1000}, {&(0x7f0000001a40)=""/65, 0x41}, {&(0x7f0000001ac0)=""/142, 0x8e}, {&(0x7f0000001b80)=""/156, 0x9c}], 0xa}}, {{&(0x7f0000001d00), 0x6e, &(0x7f0000001f80)=[{&(0x7f0000001d80)=""/241, 0xf1}, {&(0x7f0000001e80)=""/245, 0xf5}], 0x2, &(0x7f0000001fc0)=[@cred={{0x1c}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x2c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x20, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0xf0}}], 0x2, 0x10103, 0x0) ioctl$CDROMPLAYTRKIND(r5, 0x5304, &(0x7f0000002140)={0x6, 0x7, 0x8, 0x1}) r6 = socket$netlink(0x10, 0x3, 0xa) ioctl$sock_TIOCINQ(r6, 0x541b, &(0x7f0000002180)) r7 = openat$null(0xffffffffffffff9c, &(0x7f00000021c0), 0x408000, 0x0) ioctl$PIO_CMAP(r7, 0x4b71, &(0x7f0000002200)={0x1, 0xffffffff, 0x7ff, 0x6, 0xfffffffffffffff8, 0x844f}) 00:22:07 executing program 7: ioctl$VT_WAITACTIVE(0xffffffffffffffff, 0x5607) r0 = openat2(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)={0x80, 0x20, 0x4}, 0x18) ioctl$KDFONTOP_SET(r0, 0x4b72, &(0x7f0000000480)={0x0, 0x1, 0x7, 0x19, 0x6a, &(0x7f0000000080)="16f44f8121bbce86aa5330e7666164eac8ca50276953ee1814f0ff3b4776efabd792a65f4483aa2a4d723f9197587d634c814b3e0d6d514d937604dcbea0b55fa7d8b823055cfe2ed0219f68d0b9dd6f5a752c3d8d6546848e38ef632ac0f7b802732f661c08dd27056f1cab1d5253e9e99f2f38f8f3e16a128a9df225a23f6626fb526d968ad56dc60637f8a5202ae56e8398229a7f616568b6273e8d5c2ff6c072e5fa04acbcf78efc36fcd220bb23e94f17d560b8d185371fa81168b8e31bbf0adaefeb332fe6162afe767d304e747e3309dd8569cfb101ba8dc9f695a4a324c418dda9d2fe39d6ed1299e8863108a005a9a47e023d8c98b0be815384f39f14c63f9c5ea11b9d187e80539c5705c94e44408127aaa1041701bc0c711f5c120e029d876de08642931dec642a73d984c47d17041ea7b025013373a0daa18d3f172ac0665fdf5899183920bb8755de1f51f8bb56401a1ec3609a3e99e87151e2980456617df4c566b2d94dd7bfd17cea716728afe47042e014d443a053c8261c9214bcbdce49775e412bcd78661f518ea2b550d3024e99824987a7cfd2ad83347da840e1b9fee0d95ef07f5cd711cdd3c498f3923db96d3d75deb1305b8f2759ad16eb9bd508f1508676bac8cc6e70438613d294b1134800e4b8305c9c707c472c866099fbc7bacab7ba1652c6f5216dc58468d17c35de36334f79d13b4732f914847a591ced079480d311ce68f775911bf8f42547d6e6bb081f341cbb5795a9af486dd664ec13568ebf1dd288c957e35bcfadea0a0d3b1de92140ce82d4ae55dcf0b5e6b72eeea2b1a94233d121db1e1d9556dcf7f895017deaf84fe1c6bbf413a079dc110fa1c9169081a5fb4d5b1aade82bc0b56c0cda56b115944daf7c537c17c76c338e9b90535466dbf8d02b739ede53c92a20970bd445078c181b7ef9675ad8552f017c6aa3e9ef7788b01cdea9aae5cd46ff836e114e54aa1ccfc9d047f4ff109b1be073ad9189cf83af7810f9dd4ee38eb67204da2368df6b0cd4963fd980681f86810f071bb1d67cc655eacbc5a8fb195d2d2380def9a3aef5ebe2e0aa7f6d7e392c6c32694c4bf2f66b1c482c5ada12ed733eb428e47a874b12359cf5e7df5977bcfce50695b24c09cb14ddb926f33f349d14101b8914682c6c7ca874ad57bd0846110bfbba2955b3dd4f5b859434e9f5ba87526f2a95b7c5c1f0e55c32b47d1396ae80fd3d95a7e6900a395321a187b214b8cad29df2c55760691c4a7099a03caf9ff743164007273341d0941ce513e4b39cc3c6f4407c860f439d5f44b2a983baaf45f5018fe1f63bd0f222b018704ec4dc04e282d8e8da92b5e2000c63c10b6635485e25137c99b93b386fa4e380defcf548f132dd97aacc0a25b59a1c2d0614b42fa89bcefebd9a774c8fac83b7b909cb96aeea848400fbd3"}) lsetxattr$trusted_overlay_origin(&(0x7f00000004c0)='./file0\x00', &(0x7f0000000500), &(0x7f0000000540), 0x2, 0x1) r1 = open(&(0x7f0000000580)='./file0\x00', 0x404a40, 0x20) ioctl$TIOCGRS485(r1, 0x542e, &(0x7f00000005c0)) r2 = socket$inet_icmp(0x2, 0x2, 0x1) connect(r2, &(0x7f0000000600)=@pppol2tpin6={0x18, 0x1, {0x0, r0, 0x0, 0x1, 0x4, 0x2, {0xa, 0x4e21, 0x2, @private0, 0x2}}}, 0x80) r3 = openat$tcp_mem(0xffffffffffffff9c, &(0x7f0000000680)='/proc/sys/net/ipv4/tcp_wmem\x00', 0x1, 0x0) ioctl$F2FS_IOC_DEFRAGMENT(r3, 0xc010f508, &(0x7f00000006c0)={0x80000000000, 0x6}) r4 = openat$sr(0xffffffffffffff9c, &(0x7f0000000700), 0x4000, 0x0) ioctl$TIOCSPTLCK(r4, 0x40045431, &(0x7f0000000740)) ioctl$BTRFS_IOC_RM_DEV_V2(r3, 0x5000943a, &(0x7f0000000780)={{r0}, 0x0, 0x2, @unused=[0x1, 0x2, 0x6, 0x1], @subvolid=0x9}) getsockname$packet(r1, &(0x7f0000001840)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @remote}, &(0x7f0000001880)=0x14) sendto(0xffffffffffffffff, &(0x7f0000001780)="c31d6be9787ec53dc412e9fa3735b4ea7db702d224e5dc843323acb485267334a1dea47d78d8ec617c6848da68aa589f7e4c11a47ae3d9d9075e2433d4b31e57532a49f5801856e65507181c1d4f5cbdbe8fce73c9d7a92074b07fbc66ece0f978b31cbd42396c7fe81e7f33c8ca1c45f46c7adc807ec463b90871e3add0beeddba3f51e2daff09f95303e633fdfc5df9f63f3d2d0b8dbf1485fb3a563676602b8516ef8799a6aba2ab01abe01", 0xad, 0x40, &(0x7f00000018c0)=@can={0x1d, r5}, 0x80) r6 = epoll_create1(0x0) r7 = syz_open_dev$vcsa(&(0x7f0000001940), 0x8000, 0x315000) io_uring_register$IORING_REGISTER_FILES_UPDATE(r0, 0x6, &(0x7f00000019c0)={0x0, 0x0, &(0x7f0000001980)=[r1, r6, r7, r2, r4, r0]}, 0x6) ioctl$TIOCSBRK(r1, 0x5427) ioctl$BTRFS_IOC_SET_FEATURES(r4, 0x40309439, &(0x7f0000001a00)={0x0, 0x5}) 00:22:07 executing program 6: mmap$IORING_OFF_SQ_RING(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x8, 0x11, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x15c7, &(0x7f0000000000)={0x0, 0xd88, 0x6, 0x0, 0x204}, &(0x7f0000ffb000/0x4000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000000080)=0x0, &(0x7f00000000c0)=0x0) r3 = syz_io_uring_setup(0x77bb, &(0x7f0000000100)={0x0, 0x12fa, 0x2, 0x0, 0xd0, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000000180)=0x0, &(0x7f00000001c0)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000200)=@IORING_OP_FALLOCATE={0x11, 0x1, 0x0, @fd=r3, 0x140000000000000, 0x0, 0x3}, 0x10001) r6 = mmap$IORING_OFF_SQES(&(0x7f0000ffb000/0x2000)=nil, 0x2000, 0x0, 0x10, r0, 0x10000000) syz_io_uring_submit(0x0, r6, &(0x7f0000000280)=@IORING_OP_FILES_UPDATE={0x14, 0x2, 0x0, 0x0, 0x1, &(0x7f0000000240)=[r3], 0x1}, 0x4) syz_io_uring_submit(r4, r5, &(0x7f00000002c0)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x4004, @fd_index=0x6, 0x3, 0x0, 0x0, 0x11}, 0x6) r7 = syz_io_uring_setup(0x506f, &(0x7f0000000300)={0x0, 0x9eb8, 0x8, 0x1, 0x24a}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000380), &(0x7f00000003c0)) r8 = gettid() fcntl$setown(r3, 0x8, r8) futimesat(0xffffffffffffff9c, &(0x7f0000000400)='./file0\x00', &(0x7f0000000440)={{0x77359400}}) r9 = socket$inet6(0xa, 0x2, 0x4) ioctl$F2FS_IOC_RELEASE_VOLATILE_WRITE(r9, 0xf504, 0x0) r10 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000480), 0x929e45c4212d43) syz_io_uring_submit(r4, r5, &(0x7f00000004c0)=@IORING_OP_SPLICE={0x1e, 0x1, 0x0, @fd_index=0x3, 0x0, {0x0, r7}, 0x0, 0xa, 0x0, {0x0, 0x0, r10}}, 0x101) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000500)=0x0) rt_sigqueueinfo(r11, 0xa, &(0x7f0000000540)={0x31, 0x1f, 0x8}) ioctl$PIO_CMAP(0xffffffffffffffff, 0x4b71, &(0x7f00000005c0)={0x0, 0xe1a7, 0x3, 0x20, 0x1e465a4a, 0x9}) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(0xffffffffffffffff, 0xc08c5332, &(0x7f0000000600)={0x7, 0x5, 0x1, 'queue1\x00', 0x8}) syz_io_uring_submit(r1, 0x0, &(0x7f00000006c0)=@IORING_OP_MADVISE={0x19, 0x3, 0x0, 0x0, 0x0, &(0x7f0000ffc000/0x3000)=nil, 0x3000, 0xc, 0x1}, 0xd57) [ 75.792759] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 75.796251] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 75.797851] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 75.802467] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 75.804174] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 75.813475] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 75.818380] Bluetooth: hci0: HCI_REQ-0x0c1a [ 75.857833] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 75.859743] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 75.862019] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 75.865867] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 75.868591] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 75.874874] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 75.877849] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 75.880446] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 75.881909] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 75.884507] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 75.888699] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 75.889885] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 75.893282] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 75.896409] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 75.901741] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 75.903890] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 75.921706] Bluetooth: hci1: HCI_REQ-0x0c1a [ 75.922889] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 75.924879] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 75.929697] Bluetooth: hci3: HCI_REQ-0x0c1a [ 75.945755] Bluetooth: hci2: HCI_REQ-0x0c1a [ 75.978949] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 75.988664] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 75.990732] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 75.991974] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 75.994580] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 75.996336] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 75.998379] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 75.999662] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 76.005425] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 76.006554] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 76.008022] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 76.009665] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 76.011410] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 76.013024] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 76.014479] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 76.020309] Bluetooth: hci7: HCI_REQ-0x0c1a [ 76.025243] Bluetooth: hci6: HCI_REQ-0x0c1a [ 76.052383] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 76.059383] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 76.064329] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 76.071763] Bluetooth: hci5: HCI_REQ-0x0c1a [ 77.874682] Bluetooth: hci0: command 0x0409 tx timeout [ 77.938233] Bluetooth: hci1: command 0x0409 tx timeout [ 77.938723] Bluetooth: hci4: Opcode 0x c03 failed: -110 [ 78.002142] Bluetooth: hci3: command 0x0409 tx timeout [ 78.002143] Bluetooth: hci2: command 0x0409 tx timeout [ 78.067148] Bluetooth: hci6: command 0x0409 tx timeout [ 78.067588] Bluetooth: hci7: command 0x0409 tx timeout [ 78.130278] Bluetooth: hci5: command 0x0409 tx timeout [ 79.922215] Bluetooth: hci0: command 0x041b tx timeout [ 79.986225] Bluetooth: hci1: command 0x041b tx timeout [ 80.050210] Bluetooth: hci2: command 0x041b tx timeout [ 80.050736] Bluetooth: hci3: command 0x041b tx timeout [ 80.114186] Bluetooth: hci7: command 0x041b tx timeout [ 80.114666] Bluetooth: hci6: command 0x041b tx timeout [ 80.178192] Bluetooth: hci5: command 0x041b tx timeout [ 80.868601] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 80.871084] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 80.873965] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 80.879310] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 80.884307] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 80.887014] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 80.893550] Bluetooth: hci4: HCI_REQ-0x0c1a [ 81.970191] Bluetooth: hci0: command 0x040f tx timeout [ 82.034151] Bluetooth: hci1: command 0x040f tx timeout [ 82.098384] Bluetooth: hci3: command 0x040f tx timeout [ 82.098820] Bluetooth: hci2: command 0x040f tx timeout [ 82.162213] Bluetooth: hci6: command 0x040f tx timeout [ 82.162665] Bluetooth: hci7: command 0x040f tx timeout [ 82.226228] Bluetooth: hci5: command 0x040f tx timeout [ 82.930179] Bluetooth: hci4: command 0x0409 tx timeout [ 84.019167] Bluetooth: hci0: command 0x0419 tx timeout [ 84.083197] Bluetooth: hci1: command 0x0419 tx timeout [ 84.147220] Bluetooth: hci2: command 0x0419 tx timeout [ 84.147754] Bluetooth: hci3: command 0x0419 tx timeout [ 84.211264] Bluetooth: hci7: command 0x0419 tx timeout [ 84.211757] Bluetooth: hci6: command 0x0419 tx timeout [ 84.275205] Bluetooth: hci5: command 0x0419 tx timeout [ 84.978566] Bluetooth: hci4: command 0x041b tx timeout [ 87.027206] Bluetooth: hci4: command 0x040f tx timeout [ 89.074194] Bluetooth: hci4: command 0x0419 tx timeout 00:23:03 executing program 2: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext={0xb6b4, 0x2}, 0x12354}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1) r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000380), 0x9}, 0x1304, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) fallocate(r1, 0x0, 0x0, 0x87ffffc) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x1010c2, 0x0) r3 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/timer_list\x00', 0x0, 0x0) sendfile(r2, r3, 0x0, 0x10000027f) openat(r2, &(0x7f0000000400)='./file1\x00', 0x6000, 0x3a) r4 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000000140), 0x220000, 0x0) openat(r4, &(0x7f00000003c0)='./file1\x00', 0x402, 0x1bb) pwritev(r1, &(0x7f0000000000)=[{&(0x7f0000001340)="e4eb8e5355feefc9b3c48a57cf1602a197c4b0087f7e5812368dc3bab70e0418263fc620b190aa02558bcfb0e65cb7786074964845b33e3618af6ae487cb258242e1e8731eec366954e0c20a64f07e48", 0x50}], 0x1, 0x8d, 0x7bf6) pwritev2(r0, &(0x7f0000000300)=[{&(0x7f0000000180)="3c05886344f6c1676463474261a3cd71268afe038e7d96f46fea5246194a21c0bca49aab4882c5e4b508f5caf019902800cc407c31ecca2126ec616e9ef51561c11fb6d5ad0dc0c03998e37daae333db1252ad0d6b210c26dc017bcd9eb7b3773f1ab930713c646093f3efac450fcd793d65bfca217cf1d1be3971f4b8bee2b4fd3876a9b065f04ff62603f3cffe0e3ead48226b756653faf696165c00c54890e8d4590f8c08e761926d1a367f7adaff0cd7a0a804aae86072e3866492eabdfbbf60d4a310dfda9cb5f679ca00946a01dd39236d72f2aa56bb3d9d47c042843926cfff2164e5df0e048b3a8d", 0xec}], 0x1, 0x6, 0x2, 0x0) pipe2(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}, 0x4800) ioctl$AUTOFS_IOC_READY(r0, 0x9360, 0xb9) r6 = signalfd4(0xffffffffffffffff, &(0x7f0000000340), 0x8, 0x0) signalfd4(r6, &(0x7f00000007c0)={[0xa62]}, 0x8, 0x80000) r7 = signalfd4(0xffffffffffffffff, &(0x7f0000000340), 0x8, 0x0) perf_event_open(&(0x7f0000000440)={0x2, 0x80, 0x1, 0x1, 0x5, 0x20, 0x0, 0x1, 0x62000, 0x8, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x9, 0x2, @perf_config_ext={0x100000000, 0x401}, 0x800, 0xffffffffffff20aa, 0x9, 0x8, 0x6, 0x9, 0x8, 0x0, 0x6, 0x0, 0x232}, 0x0, 0xf, 0xffffffffffffffff, 0x2) signalfd4(r7, &(0x7f00000007c0)={[0xa62]}, 0x8, 0x80000) ioctl$AUTOFS_DEV_IOCTL_OPENMOUNT(r6, 0xc0189374, &(0x7f00000005c0)=ANY=[@ANYBLOB="0100000001000000180000000600ce2abe7dff9f57274b43f1353697b34407715cdeb34fc91d21b36b05ab8e6849a60addf84907fea1d83f32ea8c047c2c9fcf81c09ab68e7ca44455c5a39613d2f427d25cd959487cd7dfcb465ea1cdf12da351f482ba4d373a590a168a483df324dfcbd87f059fd023fe84b20e4fbfedb5a8fac5f42be332abe17c09562ec2956f74f4434131b4a6c07e3b1d629a89eea1554c9b375e9a2c11af9824f75d8d023a024b68bee4a8c73318c168fe2427b4eff26aab7cb35e5ce0fef0ad17", @ANYRES32=r5, @ANYBLOB="0100ee2da88e0fd124a200000200800000"]) [ 130.571359] audit: type=1400 audit(1663374184.025:7): avc: denied { open } for pid=3864 comm="syz-executor.2" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 [ 130.572776] audit: type=1400 audit(1663374184.026:8): avc: denied { kernel } for pid=3864 comm="syz-executor.2" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 [ 130.604360] ------------[ cut here ]------------ [ 130.604383] [ 130.604387] ====================================================== [ 130.604390] WARNING: possible circular locking dependency detected [ 130.604394] 6.0.0-rc5-next-20220916 #1 Not tainted [ 130.604402] ------------------------------------------------------ [ 130.604405] syz-executor.2/3865 is trying to acquire lock: [ 130.604413] ffffffff853fa878 ((console_sem).lock){....}-{2:2}, at: down_trylock+0xe/0x70 [ 130.604452] [ 130.604452] but task is already holding lock: [ 130.604455] ffff88800e3d9820 (&ctx->lock){....}-{2:2}, at: __perf_event_task_sched_out+0x53b/0x18d0 [ 130.604483] [ 130.604483] which lock already depends on the new lock. [ 130.604483] [ 130.604486] [ 130.604486] the existing dependency chain (in reverse order) is: [ 130.604489] [ 130.604489] -> #3 (&ctx->lock){....}-{2:2}: [ 130.604503] _raw_spin_lock+0x2a/0x40 [ 130.604520] __perf_event_task_sched_out+0x53b/0x18d0 [ 130.604532] __schedule+0xedd/0x2470 [ 130.604543] schedule+0xda/0x1b0 [ 130.604553] exit_to_user_mode_prepare+0x114/0x1a0 [ 130.604572] syscall_exit_to_user_mode+0x19/0x40 [ 130.604590] do_syscall_64+0x48/0x90 [ 130.604604] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 130.604622] [ 130.604622] -> #2 (&rq->__lock){-.-.}-{2:2}: [ 130.604635] _raw_spin_lock_nested+0x30/0x40 [ 130.604650] raw_spin_rq_lock_nested+0x1e/0x30 [ 130.604663] task_fork_fair+0x63/0x4d0 [ 130.604680] sched_cgroup_fork+0x3d0/0x540 [ 130.604693] copy_process+0x4183/0x6e20 [ 130.604704] kernel_clone+0xe7/0x890 [ 130.604713] user_mode_thread+0xad/0xf0 [ 130.604723] rest_init+0x24/0x250 [ 130.604739] arch_call_rest_init+0xf/0x14 [ 130.604751] start_kernel+0x4c1/0x4e6 [ 130.604761] secondary_startup_64_no_verify+0xe0/0xeb [ 130.604775] [ 130.604775] -> #1 (&p->pi_lock){-.-.}-{2:2}: [ 130.604788] _raw_spin_lock_irqsave+0x39/0x60 [ 130.604803] try_to_wake_up+0xab/0x1920 [ 130.604816] up+0x75/0xb0 [ 130.604827] __up_console_sem+0x6e/0x80 [ 130.604843] console_unlock+0x46a/0x590 [ 130.604858] vt_ioctl+0x2822/0x2ca0 [ 130.604871] tty_ioctl+0x7c4/0x1700 [ 130.604883] __x64_sys_ioctl+0x19a/0x210 [ 130.604898] do_syscall_64+0x3b/0x90 [ 130.604911] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 130.604928] [ 130.604928] -> #0 ((console_sem).lock){....}-{2:2}: [ 130.604942] __lock_acquire+0x2a02/0x5e70 [ 130.604957] lock_acquire+0x1a2/0x530 [ 130.604973] _raw_spin_lock_irqsave+0x39/0x60 [ 130.604988] down_trylock+0xe/0x70 [ 130.605000] __down_trylock_console_sem+0x3b/0xd0 [ 130.605015] vprintk_emit+0x16b/0x560 [ 130.605031] vprintk+0x84/0xa0 [ 130.605047] _printk+0xba/0xf1 [ 130.605064] report_bug.cold+0x72/0xab [ 130.605077] handle_bug+0x3c/0x70 [ 130.605090] exc_invalid_op+0x14/0x50 [ 130.605103] asm_exc_invalid_op+0x16/0x20 [ 130.605119] group_sched_out.part.0+0x2c7/0x460 [ 130.605129] ctx_sched_out+0x8f1/0xc10 [ 130.605139] __perf_event_task_sched_out+0x6d0/0x18d0 [ 130.605151] __schedule+0xedd/0x2470 [ 130.605161] schedule+0xda/0x1b0 [ 130.605171] exit_to_user_mode_prepare+0x114/0x1a0 [ 130.605189] syscall_exit_to_user_mode+0x19/0x40 [ 130.605206] do_syscall_64+0x48/0x90 [ 130.605219] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 130.605235] [ 130.605235] other info that might help us debug this: [ 130.605235] [ 130.605238] Chain exists of: [ 130.605238] (console_sem).lock --> &rq->__lock --> &ctx->lock [ 130.605238] [ 130.605253] Possible unsafe locking scenario: [ 130.605253] [ 130.605256] CPU0 CPU1 [ 130.605258] ---- ---- [ 130.605260] lock(&ctx->lock); [ 130.605266] lock(&rq->__lock); [ 130.605272] lock(&ctx->lock); [ 130.605278] lock((console_sem).lock); [ 130.605284] [ 130.605284] *** DEADLOCK *** [ 130.605284] [ 130.605286] 2 locks held by syz-executor.2/3865: [ 130.605293] #0: ffff88806cf37cd8 (&rq->__lock){-.-.}-{2:2}, at: __schedule+0x1cf/0x2470 [ 130.605318] #1: ffff88800e3d9820 (&ctx->lock){....}-{2:2}, at: __perf_event_task_sched_out+0x53b/0x18d0 [ 130.605346] [ 130.605346] stack backtrace: [ 130.605349] CPU: 1 PID: 3865 Comm: syz-executor.2 Not tainted 6.0.0-rc5-next-20220916 #1 [ 130.605361] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 130.605369] Call Trace: [ 130.605372] [ 130.605377] dump_stack_lvl+0x8b/0xb3 [ 130.605392] check_noncircular+0x263/0x2e0 [ 130.605408] ? format_decode+0x26c/0xb50 [ 130.605423] ? print_circular_bug+0x450/0x450 [ 130.605440] ? enable_ptr_key_workfn+0x20/0x20 [ 130.605455] ? format_decode+0x26c/0xb50 [ 130.605470] ? alloc_chain_hlocks+0x1ec/0x5a0 [ 130.605488] __lock_acquire+0x2a02/0x5e70 [ 130.605509] ? lockdep_hardirqs_on_prepare+0x410/0x410 [ 130.605531] lock_acquire+0x1a2/0x530 [ 130.605547] ? down_trylock+0xe/0x70 [ 130.605561] ? rcu_read_unlock+0x40/0x40 [ 130.605585] ? vprintk+0x84/0xa0 [ 130.605603] _raw_spin_lock_irqsave+0x39/0x60 [ 130.605619] ? down_trylock+0xe/0x70 [ 130.605632] down_trylock+0xe/0x70 [ 130.605645] ? vprintk+0x84/0xa0 [ 130.605661] __down_trylock_console_sem+0x3b/0xd0 [ 130.605678] vprintk_emit+0x16b/0x560 [ 130.605697] vprintk+0x84/0xa0 [ 130.605714] _printk+0xba/0xf1 [ 130.605731] ? record_print_text.cold+0x16/0x16 [ 130.605753] ? report_bug.cold+0x66/0xab [ 130.605767] ? group_sched_out.part.0+0x2c7/0x460 [ 130.605779] report_bug.cold+0x72/0xab [ 130.605794] handle_bug+0x3c/0x70 [ 130.605808] exc_invalid_op+0x14/0x50 [ 130.605822] asm_exc_invalid_op+0x16/0x20 [ 130.605839] RIP: 0010:group_sched_out.part.0+0x2c7/0x460 [ 130.605853] Code: 5e 41 5f e9 3b b7 ef ff e8 36 b7 ef ff 65 8b 1d ab 15 ac 7e 31 ff 89 de e8 d6 b3 ef ff 85 db 0f 84 8a 00 00 00 e8 19 b7 ef ff <0f> 0b e9 a5 fe ff ff e8 0d b7 ef ff 48 8d 7d 10 48 b8 00 00 00 00 [ 130.605864] RSP: 0018:ffff8880416d7c48 EFLAGS: 00010006 [ 130.605873] RAX: 0000000040000002 RBX: 0000000000000000 RCX: 0000000000000000 [ 130.605880] RDX: ffff888018a01ac0 RSI: ffffffff81566027 RDI: 0000000000000005 [ 130.605888] RBP: ffff888041880000 R08: 0000000000000005 R09: 0000000000000001 [ 130.605896] R10: 0000000000000000 R11: ffffffff865ac05b R12: ffff88800e3d9800 [ 130.605904] R13: ffff88806cf3d100 R14: ffffffff8547c660 R15: 0000000000000002 [ 130.605915] ? group_sched_out.part.0+0x2c7/0x460 [ 130.605928] ? group_sched_out.part.0+0x2c7/0x460 [ 130.605940] ctx_sched_out+0x8f1/0xc10 [ 130.605953] __perf_event_task_sched_out+0x6d0/0x18d0 [ 130.605968] ? lock_is_held_type+0xd7/0x130 [ 130.605987] ? __perf_cgroup_move+0x160/0x160 [ 130.605998] ? set_next_entity+0x304/0x550 [ 130.606016] ? update_curr+0x267/0x740 [ 130.606034] ? lock_is_held_type+0xd7/0x130 [ 130.606052] __schedule+0xedd/0x2470 [ 130.606065] ? io_schedule_timeout+0x150/0x150 [ 130.606079] ? rcu_read_lock_sched_held+0x3e/0x80 [ 130.606099] schedule+0xda/0x1b0 [ 130.606110] exit_to_user_mode_prepare+0x114/0x1a0 [ 130.606130] syscall_exit_to_user_mode+0x19/0x40 [ 130.606148] do_syscall_64+0x48/0x90 [ 130.606162] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 130.606180] RIP: 0033:0x7f0d48dc5b19 [ 130.606189] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 130.606199] RSP: 002b:00007f0d4633b218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 130.606210] RAX: 0000000000000001 RBX: 00007f0d48ed8f68 RCX: 00007f0d48dc5b19 [ 130.606218] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f0d48ed8f6c [ 130.606225] RBP: 00007f0d48ed8f60 R08: 000000000000000e R09: 0000000000000000 [ 130.606232] R10: 0000000000000003 R11: 0000000000000246 R12: 00007f0d48ed8f6c [ 130.606240] R13: 00007fffe798da7f R14: 00007f0d4633b300 R15: 0000000000022000 [ 130.606252] [ 130.659376] WARNING: CPU: 1 PID: 3865 at kernel/events/core.c:2309 group_sched_out.part.0+0x2c7/0x460 [ 130.660062] Modules linked in: [ 130.660304] CPU: 1 PID: 3865 Comm: syz-executor.2 Not tainted 6.0.0-rc5-next-20220916 #1 [ 130.660905] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 130.661730] RIP: 0010:group_sched_out.part.0+0x2c7/0x460 [ 130.662139] Code: 5e 41 5f e9 3b b7 ef ff e8 36 b7 ef ff 65 8b 1d ab 15 ac 7e 31 ff 89 de e8 d6 b3 ef ff 85 db 0f 84 8a 00 00 00 e8 19 b7 ef ff <0f> 0b e9 a5 fe ff ff e8 0d b7 ef ff 48 8d 7d 10 48 b8 00 00 00 00 [ 130.663507] RSP: 0018:ffff8880416d7c48 EFLAGS: 00010006 [ 130.663898] RAX: 0000000040000002 RBX: 0000000000000000 RCX: 0000000000000000 [ 130.664432] RDX: ffff888018a01ac0 RSI: ffffffff81566027 RDI: 0000000000000005 [ 130.664965] RBP: ffff888041880000 R08: 0000000000000005 R09: 0000000000000001 [ 130.665495] R10: 0000000000000000 R11: ffffffff865ac05b R12: ffff88800e3d9800 [ 130.666040] R13: ffff88806cf3d100 R14: ffffffff8547c660 R15: 0000000000000002 [ 130.666578] FS: 00007f0d4633b700(0000) GS:ffff88806cf00000(0000) knlGS:0000000000000000 [ 130.667180] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 130.667610] CR2: 00007fb7360201f0 CR3: 000000001d93c000 CR4: 0000000000350ee0 [ 130.668136] Call Trace: [ 130.668336] [ 130.668514] ctx_sched_out+0x8f1/0xc10 [ 130.668808] __perf_event_task_sched_out+0x6d0/0x18d0 [ 130.669197] ? lock_is_held_type+0xd7/0x130 [ 130.669534] ? __perf_cgroup_move+0x160/0x160 [ 130.669872] ? set_next_entity+0x304/0x550 [ 130.670203] ? update_curr+0x267/0x740 [ 130.670503] ? lock_is_held_type+0xd7/0x130 [ 130.670837] __schedule+0xedd/0x2470 [ 130.671123] ? io_schedule_timeout+0x150/0x150 [ 130.671471] ? rcu_read_lock_sched_held+0x3e/0x80 [ 130.671842] schedule+0xda/0x1b0 [ 130.672099] exit_to_user_mode_prepare+0x114/0x1a0 [ 130.672475] syscall_exit_to_user_mode+0x19/0x40 [ 130.672842] do_syscall_64+0x48/0x90 [ 130.673130] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 130.673517] RIP: 0033:0x7f0d48dc5b19 [ 130.673796] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 130.675148] RSP: 002b:00007f0d4633b218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 130.675713] RAX: 0000000000000001 RBX: 00007f0d48ed8f68 RCX: 00007f0d48dc5b19 [ 130.676243] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f0d48ed8f6c [ 130.676771] RBP: 00007f0d48ed8f60 R08: 000000000000000e R09: 0000000000000000 [ 130.677301] R10: 0000000000000003 R11: 0000000000000246 R12: 00007f0d48ed8f6c [ 130.677826] R13: 00007fffe798da7f R14: 00007f0d4633b300 R15: 0000000000022000 [ 130.678352] [ 130.678531] irq event stamp: 884 [ 130.678779] hardirqs last enabled at (883): [] exit_to_user_mode_prepare+0x109/0x1a0 [ 130.679483] hardirqs last disabled at (884): [] __schedule+0x1225/0x2470 [ 130.680084] softirqs last enabled at (678): [] __irq_exit_rcu+0x11b/0x180 [ 130.680714] softirqs last disabled at (473): [] __irq_exit_rcu+0x11b/0x180 [ 130.681349] ---[ end trace 0000000000000000 ]--- [ 130.756828] audit: type=1400 audit(1663374184.211:9): avc: denied { write } for pid=3864 comm="syz-executor.2" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 00:23:04 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0xc042, 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x101342, 0x0) write$binfmt_aout(r1, &(0x7f0000000c40)=ANY=[], 0x820) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) ioctl$FS_IOC_FIEMAP(r2, 0xc020660b, &(0x7f00000003c0)={0x0, 0x3ff, 0x0, 0x0, 0xa, [{0x400, 0x0, 0x10001, '\x00', 0x8}, {0x8aa, 0x7, 0x4, '\x00', 0x1}, {0x1, 0xfffffffffffffff9, 0x0, '\x00', 0x210d}, {0x0, 0x200, 0x7, '\x00', 0x1}, {0x9, 0x5, 0x1, '\x00', 0x248a}, {0x3, 0x4, 0xff, '\x00', 0x800}, {0x40, 0x80000000, 0x81, '\x00', 0x1000}, {0x1, 0x1ef880e5, 0x7}, {0x9, 0x4, 0x8, '\x00', 0xe08}, {0x3f, 0xca, 0x4, '\x00', 0x4}]}) 00:23:04 executing program 3: getsockopt$IPT_SO_GET_INFO(0xffffffffffffffff, 0x0, 0x40, &(0x7f0000000400)={'mangle\x00', 0x0, [0x3, 0x7ffffffc, 0x7, 0x1295, 0x3]}, &(0x7f00000004c0)=0x54) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0xbbf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x200000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x101}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x1010c2, 0x0) r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/timer_list\x00', 0x0, 0x0) sendfile(r1, r2, 0x0, 0x10000027f) ioctl$AUTOFS_DEV_IOCTL_CATATONIC(r2, 0xc0189379, &(0x7f0000000380)=ANY=[@ANYBLOB="00000000000000000000c9d2a3b772696a7ed4030000d53117436291439e4ac0fd020085589a95e1ff008913ab1565b8d336dd541560c0c61ef7805e33807249b5b389cef583a091100bb2a90c1fc314d71d21b8b742763c95935646914c83ddf10b6489f839", @ANYRES32=r0, @ANYRES64=r2]) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x1200}, 0x0, 0xffffffffffffffff, r0, 0x0) r3 = openat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x44142, 0x0) fallocate(r3, 0x0, 0x0, 0x87ffffc) signalfd(r3, &(0x7f0000000100)={[0x8]}, 0x8) r4 = openat$ptp0(0xffffffffffffff9c, 0x0, 0x800, 0x0) readv(r4, &(0x7f0000000300)=[{&(0x7f0000000140)=""/147, 0x93}, {&(0x7f0000000200)=""/116, 0x74}], 0x2) r5 = syz_open_dev$tty20(0xc, 0x4, 0x1) io_setup(0x20, &(0x7f0000000000)=0x0) r7 = openat$sr(0xffffffffffffff9c, &(0x7f0000000140), 0xd40, 0x0) io_submit(r6, 0x1, &(0x7f0000000080)=[&(0x7f0000000040)={0x0, 0x0, 0x8, 0x0, 0x0, r7, 0x0, 0x7ffffffff000}]) fcntl$dupfd(r5, 0x0, 0xffffffffffffffff) perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x1f, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext={0x1, 0x6}, 0x0, 0x0, 0x41, 0x0, 0x2, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa) read$hiddev(0xffffffffffffffff, &(0x7f0000000040)=""/169, 0x200000e9) 00:23:04 executing program 2: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext={0xb6b4, 0x2}, 0x12354}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1) r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000380), 0x9}, 0x1304, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) fallocate(r1, 0x0, 0x0, 0x87ffffc) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x1010c2, 0x0) r3 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/timer_list\x00', 0x0, 0x0) sendfile(r2, r3, 0x0, 0x10000027f) openat(r2, &(0x7f0000000400)='./file1\x00', 0x6000, 0x3a) r4 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000000140), 0x220000, 0x0) openat(r4, &(0x7f00000003c0)='./file1\x00', 0x402, 0x1bb) pwritev(r1, &(0x7f0000000000)=[{&(0x7f0000001340)="e4eb8e5355feefc9b3c48a57cf1602a197c4b0087f7e5812368dc3bab70e0418263fc620b190aa02558bcfb0e65cb7786074964845b33e3618af6ae487cb258242e1e8731eec366954e0c20a64f07e48", 0x50}], 0x1, 0x8d, 0x7bf6) pwritev2(r0, &(0x7f0000000300)=[{&(0x7f0000000180)="3c05886344f6c1676463474261a3cd71268afe038e7d96f46fea5246194a21c0bca49aab4882c5e4b508f5caf019902800cc407c31ecca2126ec616e9ef51561c11fb6d5ad0dc0c03998e37daae333db1252ad0d6b210c26dc017bcd9eb7b3773f1ab930713c646093f3efac450fcd793d65bfca217cf1d1be3971f4b8bee2b4fd3876a9b065f04ff62603f3cffe0e3ead48226b756653faf696165c00c54890e8d4590f8c08e761926d1a367f7adaff0cd7a0a804aae86072e3866492eabdfbbf60d4a310dfda9cb5f679ca00946a01dd39236d72f2aa56bb3d9d47c042843926cfff2164e5df0e048b3a8d", 0xec}], 0x1, 0x6, 0x2, 0x0) pipe2(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}, 0x4800) ioctl$AUTOFS_IOC_READY(r0, 0x9360, 0xb9) r6 = signalfd4(0xffffffffffffffff, &(0x7f0000000340), 0x8, 0x0) signalfd4(r6, &(0x7f00000007c0)={[0xa62]}, 0x8, 0x80000) r7 = signalfd4(0xffffffffffffffff, &(0x7f0000000340), 0x8, 0x0) perf_event_open(&(0x7f0000000440)={0x2, 0x80, 0x1, 0x1, 0x5, 0x20, 0x0, 0x1, 0x62000, 0x8, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x9, 0x2, @perf_config_ext={0x100000000, 0x401}, 0x800, 0xffffffffffff20aa, 0x9, 0x8, 0x6, 0x9, 0x8, 0x0, 0x6, 0x0, 0x232}, 0x0, 0xf, 0xffffffffffffffff, 0x2) signalfd4(r7, &(0x7f00000007c0)={[0xa62]}, 0x8, 0x80000) ioctl$AUTOFS_DEV_IOCTL_OPENMOUNT(r6, 0xc0189374, &(0x7f00000005c0)=ANY=[@ANYBLOB="0100000001000000180000000600ce2abe7dff9f57274b43f1353697b34407715cdeb34fc91d21b36b05ab8e6849a60addf84907fea1d83f32ea8c047c2c9fcf81c09ab68e7ca44455c5a39613d2f427d25cd959487cd7dfcb465ea1cdf12da351f482ba4d373a590a168a483df324dfcbd87f059fd023fe84b20e4fbfedb5a8fac5f42be332abe17c09562ec2956f74f4434131b4a6c07e3b1d629a89eea1554c9b375e9a2c11af9824f75d8d023a024b68bee4a8c73318c168fe2427b4eff26aab7cb35e5ce0fef0ad17", @ANYRES32=r5, @ANYBLOB="0100ee2da88e0fd124a200000200800000"]) 00:23:04 executing program 6: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext={0xb6b4, 0x2}, 0x12354}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1) r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000380), 0x9}, 0x1304, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) fallocate(r1, 0x0, 0x0, 0x87ffffc) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x1010c2, 0x0) r3 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/timer_list\x00', 0x0, 0x0) sendfile(r2, r3, 0x0, 0x10000027f) openat(r2, &(0x7f0000000400)='./file1\x00', 0x6000, 0x3a) r4 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000000140), 0x220000, 0x0) openat(r4, &(0x7f00000003c0)='./file1\x00', 0x402, 0x1bb) pwritev(r1, &(0x7f0000000000)=[{&(0x7f0000001340)="e4eb8e5355feefc9b3c48a57cf1602a197c4b0087f7e5812368dc3bab70e0418263fc620b190aa02558bcfb0e65cb7786074964845b33e3618af6ae487cb258242e1e8731eec366954e0c20a64f07e48", 0x50}], 0x1, 0x8d, 0x7bf6) pwritev2(r0, &(0x7f0000000300)=[{&(0x7f0000000180)="3c05886344f6c1676463474261a3cd71268afe038e7d96f46fea5246194a21c0bca49aab4882c5e4b508f5caf019902800cc407c31ecca2126ec616e9ef51561c11fb6d5ad0dc0c03998e37daae333db1252ad0d6b210c26dc017bcd9eb7b3773f1ab930713c646093f3efac450fcd793d65bfca217cf1d1be3971f4b8bee2b4fd3876a9b065f04ff62603f3cffe0e3ead48226b756653faf696165c00c54890e8d4590f8c08e761926d1a367f7adaff0cd7a0a804aae86072e3866492eabdfbbf60d4a310dfda9cb5f679ca00946a01dd39236d72f2aa56bb3d9d47c042843926cfff2164e5df0e048b3a8d", 0xec}], 0x1, 0x6, 0x2, 0x0) pipe2(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}, 0x4800) ioctl$AUTOFS_IOC_READY(r0, 0x9360, 0xb9) r6 = signalfd4(0xffffffffffffffff, &(0x7f0000000340), 0x8, 0x0) signalfd4(r6, &(0x7f00000007c0)={[0xa62]}, 0x8, 0x80000) r7 = signalfd4(0xffffffffffffffff, &(0x7f0000000340), 0x8, 0x0) perf_event_open(&(0x7f0000000440)={0x2, 0x80, 0x1, 0x1, 0x5, 0x20, 0x0, 0x1, 0x62000, 0x8, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x9, 0x2, @perf_config_ext={0x100000000, 0x401}, 0x800, 0xffffffffffff20aa, 0x9, 0x8, 0x6, 0x9, 0x8, 0x0, 0x6, 0x0, 0x232}, 0x0, 0xf, 0xffffffffffffffff, 0x2) signalfd4(r7, &(0x7f00000007c0)={[0xa62]}, 0x8, 0x80000) ioctl$AUTOFS_DEV_IOCTL_OPENMOUNT(r6, 0xc0189374, &(0x7f00000005c0)=ANY=[@ANYBLOB="0100000001000000180000000600ce2abe7dff9f57274b43f1353697b34407715cdeb34fc91d21b36b05ab8e6849a60addf84907fea1d83f32ea8c047c2c9fcf81c09ab68e7ca44455c5a39613d2f427d25cd959487cd7dfcb465ea1cdf12da351f482ba4d373a590a168a483df324dfcbd87f059fd023fe84b20e4fbfedb5a8fac5f42be332abe17c09562ec2956f74f4434131b4a6c07e3b1d629a89eea1554c9b375e9a2c11af9824f75d8d023a024b68bee4a8c73318c168fe2427b4eff26aab7cb35e5ce0fef0ad17", @ANYRES32=r5, @ANYBLOB="0100ee2da88e0fd124a200000200800000"]) 00:23:04 executing program 2: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext={0xb6b4, 0x2}, 0x12354}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1) r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000380), 0x9}, 0x1304, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) fallocate(r1, 0x0, 0x0, 0x87ffffc) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x1010c2, 0x0) r3 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/timer_list\x00', 0x0, 0x0) sendfile(r2, r3, 0x0, 0x10000027f) openat(r2, &(0x7f0000000400)='./file1\x00', 0x6000, 0x3a) r4 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000000140), 0x220000, 0x0) openat(r4, &(0x7f00000003c0)='./file1\x00', 0x402, 0x1bb) pwritev(r1, &(0x7f0000000000)=[{&(0x7f0000001340)="e4eb8e5355feefc9b3c48a57cf1602a197c4b0087f7e5812368dc3bab70e0418263fc620b190aa02558bcfb0e65cb7786074964845b33e3618af6ae487cb258242e1e8731eec366954e0c20a64f07e48", 0x50}], 0x1, 0x8d, 0x7bf6) pwritev2(r0, &(0x7f0000000300)=[{&(0x7f0000000180)="3c05886344f6c1676463474261a3cd71268afe038e7d96f46fea5246194a21c0bca49aab4882c5e4b508f5caf019902800cc407c31ecca2126ec616e9ef51561c11fb6d5ad0dc0c03998e37daae333db1252ad0d6b210c26dc017bcd9eb7b3773f1ab930713c646093f3efac450fcd793d65bfca217cf1d1be3971f4b8bee2b4fd3876a9b065f04ff62603f3cffe0e3ead48226b756653faf696165c00c54890e8d4590f8c08e761926d1a367f7adaff0cd7a0a804aae86072e3866492eabdfbbf60d4a310dfda9cb5f679ca00946a01dd39236d72f2aa56bb3d9d47c042843926cfff2164e5df0e048b3a8d", 0xec}], 0x1, 0x6, 0x2, 0x0) pipe2(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}, 0x4800) ioctl$AUTOFS_IOC_READY(r0, 0x9360, 0xb9) r6 = signalfd4(0xffffffffffffffff, &(0x7f0000000340), 0x8, 0x0) signalfd4(r6, &(0x7f00000007c0)={[0xa62]}, 0x8, 0x80000) r7 = signalfd4(0xffffffffffffffff, &(0x7f0000000340), 0x8, 0x0) perf_event_open(&(0x7f0000000440)={0x2, 0x80, 0x1, 0x1, 0x5, 0x20, 0x0, 0x1, 0x62000, 0x8, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x9, 0x2, @perf_config_ext={0x100000000, 0x401}, 0x800, 0xffffffffffff20aa, 0x9, 0x8, 0x6, 0x9, 0x8, 0x0, 0x6, 0x0, 0x232}, 0x0, 0xf, 0xffffffffffffffff, 0x2) signalfd4(r7, &(0x7f00000007c0)={[0xa62]}, 0x8, 0x80000) ioctl$AUTOFS_DEV_IOCTL_OPENMOUNT(r6, 0xc0189374, &(0x7f00000005c0)=ANY=[@ANYBLOB="0100000001000000180000000600ce2abe7dff9f57274b43f1353697b34407715cdeb34fc91d21b36b05ab8e6849a60addf84907fea1d83f32ea8c047c2c9fcf81c09ab68e7ca44455c5a39613d2f427d25cd959487cd7dfcb465ea1cdf12da351f482ba4d373a590a168a483df324dfcbd87f059fd023fe84b20e4fbfedb5a8fac5f42be332abe17c09562ec2956f74f4434131b4a6c07e3b1d629a89eea1554c9b375e9a2c11af9824f75d8d023a024b68bee4a8c73318c168fe2427b4eff26aab7cb35e5ce0fef0ad17", @ANYRES32=r5, @ANYBLOB="0100ee2da88e0fd124a200000200800000"]) [ 131.039046] syz-executor.3 (3889) used greatest stack depth: 24152 bytes left 00:23:04 executing program 3: getsockopt$IPT_SO_GET_INFO(0xffffffffffffffff, 0x0, 0x40, &(0x7f0000000400)={'mangle\x00', 0x0, [0x3, 0x7ffffffc, 0x7, 0x1295, 0x3]}, &(0x7f00000004c0)=0x54) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0xbbf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x200000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x101}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x1010c2, 0x0) r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/timer_list\x00', 0x0, 0x0) sendfile(r1, r2, 0x0, 0x10000027f) ioctl$AUTOFS_DEV_IOCTL_CATATONIC(r2, 0xc0189379, &(0x7f0000000380)=ANY=[@ANYBLOB="00000000000000000000c9d2a3b772696a7ed4030000d53117436291439e4ac0fd020085589a95e1ff008913ab1565b8d336dd541560c0c61ef7805e33807249b5b389cef583a091100bb2a90c1fc314d71d21b8b742763c95935646914c83ddf10b6489f839", @ANYRES32=r0, @ANYRES64=r2]) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x1200}, 0x0, 0xffffffffffffffff, r0, 0x0) r3 = openat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x44142, 0x0) fallocate(r3, 0x0, 0x0, 0x87ffffc) signalfd(r3, &(0x7f0000000100)={[0x8]}, 0x8) r4 = openat$ptp0(0xffffffffffffff9c, 0x0, 0x800, 0x0) readv(r4, &(0x7f0000000300)=[{&(0x7f0000000140)=""/147, 0x93}, {&(0x7f0000000200)=""/116, 0x74}], 0x2) r5 = syz_open_dev$tty20(0xc, 0x4, 0x1) io_setup(0x20, &(0x7f0000000000)=0x0) r7 = openat$sr(0xffffffffffffff9c, &(0x7f0000000140), 0xd40, 0x0) io_submit(r6, 0x1, &(0x7f0000000080)=[&(0x7f0000000040)={0x0, 0x0, 0x8, 0x0, 0x0, r7, 0x0, 0x7ffffffff000}]) fcntl$dupfd(r5, 0x0, 0xffffffffffffffff) perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x1f, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext={0x1, 0x6}, 0x0, 0x0, 0x41, 0x0, 0x2, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa) read$hiddev(0xffffffffffffffff, &(0x7f0000000040)=""/169, 0x200000e9) 00:23:04 executing program 6: getsockopt$IPT_SO_GET_INFO(0xffffffffffffffff, 0x0, 0x40, &(0x7f0000000400)={'mangle\x00', 0x0, [0x3, 0x7ffffffc, 0x7, 0x1295, 0x3]}, &(0x7f00000004c0)=0x54) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0xbbf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x200000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x101}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x1010c2, 0x0) r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/timer_list\x00', 0x0, 0x0) sendfile(r1, r2, 0x0, 0x10000027f) ioctl$AUTOFS_DEV_IOCTL_CATATONIC(r2, 0xc0189379, &(0x7f0000000380)=ANY=[@ANYBLOB="00000000000000000000c9d2a3b772696a7ed4030000d53117436291439e4ac0fd020085589a95e1ff008913ab1565b8d336dd541560c0c61ef7805e33807249b5b389cef583a091100bb2a90c1fc314d71d21b8b742763c95935646914c83ddf10b6489f839", @ANYRES32=r0, @ANYRES64=r2]) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x1200}, 0x0, 0xffffffffffffffff, r0, 0x0) r3 = openat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x44142, 0x0) fallocate(r3, 0x0, 0x0, 0x87ffffc) signalfd(r3, &(0x7f0000000100)={[0x8]}, 0x8) r4 = openat$ptp0(0xffffffffffffff9c, 0x0, 0x800, 0x0) readv(r4, &(0x7f0000000300)=[{&(0x7f0000000140)=""/147, 0x93}, {&(0x7f0000000200)=""/116, 0x74}], 0x2) r5 = syz_open_dev$tty20(0xc, 0x4, 0x1) io_setup(0x20, &(0x7f0000000000)=0x0) r7 = openat$sr(0xffffffffffffff9c, &(0x7f0000000140), 0xd40, 0x0) io_submit(r6, 0x1, &(0x7f0000000080)=[&(0x7f0000000040)={0x0, 0x0, 0x8, 0x0, 0x0, r7, 0x0, 0x7ffffffff000}]) fcntl$dupfd(r5, 0x0, 0xffffffffffffffff) perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x1f, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext={0x1, 0x6}, 0x0, 0x0, 0x41, 0x0, 0x2, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa) read$hiddev(0xffffffffffffffff, &(0x7f0000000040)=""/169, 0x200000e9) [ 132.482168] loop1: detected capacity change from 0 to 15 [ 132.484220] SELinux: security_context_str_to_sid (staff_u) failed with errno=-22 [ 132.648153] loop1: detected capacity change from 0 to 15 [ 132.649034] SELinux: security_context_str_to_sid (staff_u) failed with errno=-22 VM DIAGNOSIS: 00:23:04 Registers: info registers vcpu 0 RAX=0000000000000000 RBX=0000000000000001 RCX=0000000000000000 RDX=0000000000000000 RSI=ffffffff81468fe7 RDI=ffff8880174db974 RBP=0000000000000001 RSP=ffff8880180d7868 R8 =0000000000000001 R9 =0000000000000000 R10=0000000000000001 R11=0000000000000001 R12=0000000000000000 R13=0000000000000000 R14=ffffffff8544d3a8 R15=0000000000092cc0 RIP=ffffffff81461740 RFL=00000293 [--S-A-C] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 00007f878ca858c0 00000000 00000000 GS =0000 ffff88806ce00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=000055bc33c1a458 CR3=000000000e2ce000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 YMM00=0000000000000000 0000000000000000 000000000000002f 002f2e2e2f002e2e YMM01=0000000000000000 0000000000000000 0000000000000000 696c61766e49002f YMM02=0000000000000000 0000000000000000 ffffffffffffff0f 0e0d0c0b0a090807 YMM03=0000000000000000 0000000000000000 32706f6f6c2f6b63 6f6c622f6c617574 YMM04=0000000000000000 0000000000000000 2f2f2f2f2f2f2f2f 2f2f2f2f2f2f2f2f YMM05=0000000000000000 0000000000000000 000055bc33c55530 000055bc33c223a0 YMM06=0000000000000000 0000000000000000 000055bc33c17030 0000000300000002 YMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM08=0000000000000000 0000000000000000 2f63697361622f63 72732f2e2e000d0a YMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM10=0000000000000000 0000000000000000 0000000000002000 0000000000000000 YMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 RAX=000000000000003e RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff822b3251 RDI=ffffffff87641ba0 RBP=ffffffff87641b60 RSP=ffff8880416d7698 R8 =0000000000000001 R9 =000000000000000a R10=000000000000003e R11=0000000000000001 R12=000000000000003e R13=ffffffff87641b60 R14=0000000000000010 R15=ffffffff822b3240 RIP=ffffffff822b32a9 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 00007f0d4633b700 00000000 00000000 GS =0000 ffff88806cf00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007fb7360201f0 CR3=000000001d93c000 CR4=00350ee0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 YMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM01=0000000000000000 0000000000000000 00007f0d48eac7c0 00007f0d48eac7c8 YMM02=0000000000000000 0000000000000000 00007f0d48eac7e0 00007f0d48eac7c0 YMM03=0000000000000000 0000000000000000 00007f0d48eac7c8 00007f0d48eac7c0 YMM04=0000000000000000 0000000000000000 ffffffffffffffff ffffffff00000000 YMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM06=0000000000000000 0000000000000000 0000000000000000 000000524f525245 YMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM08=0000000000000000 0000000000000000 0000000000000000 00524f5252450040 YMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000