Debian GNU/Linux 11 syzkaller ttyS0 Warning: Permanently added '[localhost]:36317' (ECDSA) to the list of known hosts. 2022/09/17 09:18:53 fuzzer started 2022/09/17 09:18:53 dialing manager at localhost:36051 syzkaller login: [ 36.218219] cgroup: Unknown subsys name 'net' [ 36.317819] cgroup: Unknown subsys name 'rlimit' 2022/09/17 09:19:07 syscalls: 2215 2022/09/17 09:19:07 code coverage: enabled 2022/09/17 09:19:07 comparison tracing: enabled 2022/09/17 09:19:07 extra coverage: enabled 2022/09/17 09:19:07 setuid sandbox: enabled 2022/09/17 09:19:07 namespace sandbox: enabled 2022/09/17 09:19:07 Android sandbox: enabled 2022/09/17 09:19:07 fault injection: enabled 2022/09/17 09:19:07 leak checking: enabled 2022/09/17 09:19:07 net packet injection: enabled 2022/09/17 09:19:07 net device setup: enabled 2022/09/17 09:19:07 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2022/09/17 09:19:07 devlink PCI setup: PCI device 0000:00:10.0 is not available 2022/09/17 09:19:07 USB emulation: enabled 2022/09/17 09:19:07 hci packet injection: enabled 2022/09/17 09:19:07 wifi device emulation: failed to parse kernel version (6.0.0-rc5-next-20220916) 2022/09/17 09:19:07 802.15.4 emulation: enabled 2022/09/17 09:19:07 fetching corpus: 50, signal 31190/32956 (executing program) 2022/09/17 09:19:07 fetching corpus: 100, signal 41804/45131 (executing program) 2022/09/17 09:19:07 fetching corpus: 150, signal 51350/56103 (executing program) 2022/09/17 09:19:07 fetching corpus: 200, signal 59556/65656 (executing program) 2022/09/17 09:19:08 fetching corpus: 250, signal 69413/76701 (executing program) 2022/09/17 09:19:08 fetching corpus: 300, signal 76940/85368 (executing program) 2022/09/17 09:19:08 fetching corpus: 350, signal 83095/92579 (executing program) 2022/09/17 09:19:08 fetching corpus: 400, signal 87128/97692 (executing program) 2022/09/17 09:19:08 fetching corpus: 450, signal 90205/101877 (executing program) 2022/09/17 09:19:08 fetching corpus: 500, signal 94185/106858 (executing program) 2022/09/17 09:19:08 fetching corpus: 550, signal 97864/111503 (executing program) 2022/09/17 09:19:09 fetching corpus: 600, signal 100537/115214 (executing program) 2022/09/17 09:19:09 fetching corpus: 650, signal 102458/118212 (executing program) 2022/09/17 09:19:09 fetching corpus: 700, signal 104688/121395 (executing program) 2022/09/17 09:19:09 fetching corpus: 750, signal 108211/125757 (executing program) 2022/09/17 09:19:09 fetching corpus: 800, signal 110802/129209 (executing program) 2022/09/17 09:19:09 fetching corpus: 850, signal 113557/132819 (executing program) 2022/09/17 09:19:09 fetching corpus: 900, signal 115474/135650 (executing program) 2022/09/17 09:19:09 fetching corpus: 950, signal 117228/138331 (executing program) 2022/09/17 09:19:10 fetching corpus: 1000, signal 119162/141115 (executing program) 2022/09/17 09:19:10 fetching corpus: 1050, signal 122251/144838 (executing program) 2022/09/17 09:19:10 fetching corpus: 1100, signal 123775/147179 (executing program) 2022/09/17 09:19:10 fetching corpus: 1150, signal 126645/150595 (executing program) 2022/09/17 09:19:10 fetching corpus: 1200, signal 129248/153831 (executing program) 2022/09/17 09:19:10 fetching corpus: 1250, signal 132790/157708 (executing program) 2022/09/17 09:19:10 fetching corpus: 1300, signal 135022/160482 (executing program) 2022/09/17 09:19:11 fetching corpus: 1350, signal 137922/163806 (executing program) 2022/09/17 09:19:11 fetching corpus: 1400, signal 139637/166092 (executing program) 2022/09/17 09:19:11 fetching corpus: 1450, signal 141404/168455 (executing program) 2022/09/17 09:19:11 fetching corpus: 1500, signal 143615/171034 (executing program) 2022/09/17 09:19:11 fetching corpus: 1550, signal 145591/173408 (executing program) 2022/09/17 09:19:11 fetching corpus: 1600, signal 146351/174914 (executing program) 2022/09/17 09:19:11 fetching corpus: 1650, signal 147192/176457 (executing program) 2022/09/17 09:19:11 fetching corpus: 1700, signal 148926/178669 (executing program) 2022/09/17 09:19:12 fetching corpus: 1750, signal 150029/180391 (executing program) 2022/09/17 09:19:12 fetching corpus: 1800, signal 151311/182207 (executing program) 2022/09/17 09:19:12 fetching corpus: 1850, signal 152587/183995 (executing program) 2022/09/17 09:19:12 fetching corpus: 1900, signal 154341/186060 (executing program) 2022/09/17 09:19:12 fetching corpus: 1950, signal 156304/188266 (executing program) 2022/09/17 09:19:12 fetching corpus: 2000, signal 157988/190243 (executing program) 2022/09/17 09:19:12 fetching corpus: 2050, signal 159549/192123 (executing program) 2022/09/17 09:19:12 fetching corpus: 2100, signal 161648/194297 (executing program) 2022/09/17 09:19:13 fetching corpus: 2150, signal 163081/196036 (executing program) 2022/09/17 09:19:13 fetching corpus: 2200, signal 164134/197586 (executing program) 2022/09/17 09:19:13 fetching corpus: 2250, signal 165848/199538 (executing program) 2022/09/17 09:19:13 fetching corpus: 2300, signal 167543/201460 (executing program) 2022/09/17 09:19:13 fetching corpus: 2350, signal 168756/203042 (executing program) 2022/09/17 09:19:13 fetching corpus: 2400, signal 170104/204682 (executing program) 2022/09/17 09:19:13 fetching corpus: 2450, signal 171227/206099 (executing program) 2022/09/17 09:19:14 fetching corpus: 2500, signal 172754/207713 (executing program) 2022/09/17 09:19:14 fetching corpus: 2550, signal 173918/209131 (executing program) 2022/09/17 09:19:14 fetching corpus: 2600, signal 175402/210669 (executing program) 2022/09/17 09:19:14 fetching corpus: 2650, signal 176143/211803 (executing program) 2022/09/17 09:19:14 fetching corpus: 2700, signal 177024/212998 (executing program) 2022/09/17 09:19:14 fetching corpus: 2750, signal 178196/214317 (executing program) 2022/09/17 09:19:14 fetching corpus: 2800, signal 179375/215653 (executing program) 2022/09/17 09:19:14 fetching corpus: 2850, signal 180134/216760 (executing program) 2022/09/17 09:19:15 fetching corpus: 2900, signal 181117/217953 (executing program) 2022/09/17 09:19:15 fetching corpus: 2950, signal 182056/219140 (executing program) 2022/09/17 09:19:15 fetching corpus: 3000, signal 182898/220247 (executing program) 2022/09/17 09:19:15 fetching corpus: 3050, signal 184501/221753 (executing program) 2022/09/17 09:19:15 fetching corpus: 3100, signal 185681/223040 (executing program) 2022/09/17 09:19:15 fetching corpus: 3150, signal 186476/224060 (executing program) 2022/09/17 09:19:15 fetching corpus: 3200, signal 187517/225241 (executing program) 2022/09/17 09:19:16 fetching corpus: 3250, signal 189011/226558 (executing program) 2022/09/17 09:19:16 fetching corpus: 3300, signal 190584/227961 (executing program) 2022/09/17 09:19:16 fetching corpus: 3350, signal 191253/228893 (executing program) 2022/09/17 09:19:16 fetching corpus: 3400, signal 192143/229884 (executing program) 2022/09/17 09:19:16 fetching corpus: 3450, signal 192893/230855 (executing program) 2022/09/17 09:19:16 fetching corpus: 3500, signal 193809/231854 (executing program) 2022/09/17 09:19:17 fetching corpus: 3550, signal 194982/232983 (executing program) 2022/09/17 09:19:17 fetching corpus: 3600, signal 195954/233963 (executing program) 2022/09/17 09:19:17 fetching corpus: 3650, signal 197379/235123 (executing program) 2022/09/17 09:19:17 fetching corpus: 3700, signal 198427/236096 (executing program) 2022/09/17 09:19:17 fetching corpus: 3750, signal 199186/236935 (executing program) 2022/09/17 09:19:17 fetching corpus: 3800, signal 199791/237698 (executing program) 2022/09/17 09:19:17 fetching corpus: 3850, signal 200480/238524 (executing program) 2022/09/17 09:19:18 fetching corpus: 3900, signal 201490/239482 (executing program) 2022/09/17 09:19:18 fetching corpus: 3950, signal 202193/240271 (executing program) 2022/09/17 09:19:18 fetching corpus: 4000, signal 203468/241226 (executing program) 2022/09/17 09:19:18 fetching corpus: 4050, signal 203878/241818 (executing program) 2022/09/17 09:19:18 fetching corpus: 4100, signal 204523/242534 (executing program) 2022/09/17 09:19:18 fetching corpus: 4150, signal 205081/243192 (executing program) 2022/09/17 09:19:18 fetching corpus: 4200, signal 205662/243853 (executing program) 2022/09/17 09:19:18 fetching corpus: 4250, signal 206485/244573 (executing program) 2022/09/17 09:19:19 fetching corpus: 4300, signal 207095/245310 (executing program) 2022/09/17 09:19:19 fetching corpus: 4350, signal 207843/246010 (executing program) 2022/09/17 09:19:19 fetching corpus: 4400, signal 208685/246751 (executing program) 2022/09/17 09:19:19 fetching corpus: 4450, signal 209038/247314 (executing program) 2022/09/17 09:19:19 fetching corpus: 4500, signal 209894/248031 (executing program) 2022/09/17 09:19:19 fetching corpus: 4550, signal 210311/248596 (executing program) 2022/09/17 09:19:19 fetching corpus: 4600, signal 210716/249134 (executing program) 2022/09/17 09:19:19 fetching corpus: 4650, signal 211811/249897 (executing program) 2022/09/17 09:19:19 fetching corpus: 4700, signal 212951/250686 (executing program) 2022/09/17 09:19:19 fetching corpus: 4750, signal 213350/251191 (executing program) 2022/09/17 09:19:20 fetching corpus: 4800, signal 213709/251721 (executing program) 2022/09/17 09:19:20 fetching corpus: 4850, signal 214543/252451 (executing program) 2022/09/17 09:19:20 fetching corpus: 4900, signal 215115/253028 (executing program) 2022/09/17 09:19:20 fetching corpus: 4950, signal 216012/253606 (executing program) 2022/09/17 09:19:20 fetching corpus: 5000, signal 216625/254123 (executing program) 2022/09/17 09:19:20 fetching corpus: 5050, signal 217114/254642 (executing program) 2022/09/17 09:19:20 fetching corpus: 5100, signal 217653/255158 (executing program) 2022/09/17 09:19:20 fetching corpus: 5150, signal 218223/255630 (executing program) 2022/09/17 09:19:21 fetching corpus: 5200, signal 218664/256120 (executing program) 2022/09/17 09:19:21 fetching corpus: 5250, signal 219539/256656 (executing program) 2022/09/17 09:19:21 fetching corpus: 5300, signal 219870/257078 (executing program) 2022/09/17 09:19:21 fetching corpus: 5350, signal 220865/257665 (executing program) 2022/09/17 09:19:21 fetching corpus: 5400, signal 221741/258117 (executing program) 2022/09/17 09:19:21 fetching corpus: 5450, signal 222436/258564 (executing program) 2022/09/17 09:19:21 fetching corpus: 5500, signal 223316/259118 (executing program) 2022/09/17 09:19:22 fetching corpus: 5550, signal 224062/259557 (executing program) 2022/09/17 09:19:22 fetching corpus: 5600, signal 224754/260001 (executing program) 2022/09/17 09:19:22 fetching corpus: 5650, signal 225363/260393 (executing program) 2022/09/17 09:19:22 fetching corpus: 5700, signal 225673/260737 (executing program) 2022/09/17 09:19:22 fetching corpus: 5750, signal 226924/261341 (executing program) 2022/09/17 09:19:22 fetching corpus: 5800, signal 227361/261678 (executing program) 2022/09/17 09:19:22 fetching corpus: 5850, signal 227774/262023 (executing program) 2022/09/17 09:19:22 fetching corpus: 5900, signal 228558/262403 (executing program) 2022/09/17 09:19:23 fetching corpus: 5950, signal 228977/262772 (executing program) 2022/09/17 09:19:23 fetching corpus: 6000, signal 229954/263289 (executing program) 2022/09/17 09:19:23 fetching corpus: 6050, signal 230562/263624 (executing program) 2022/09/17 09:19:23 fetching corpus: 6100, signal 231220/263909 (executing program) 2022/09/17 09:19:23 fetching corpus: 6150, signal 231735/264193 (executing program) 2022/09/17 09:19:23 fetching corpus: 6200, signal 232383/264470 (executing program) 2022/09/17 09:19:23 fetching corpus: 6250, signal 232968/264760 (executing program) 2022/09/17 09:19:23 fetching corpus: 6300, signal 233624/265041 (executing program) 2022/09/17 09:19:24 fetching corpus: 6350, signal 234103/265318 (executing program) 2022/09/17 09:19:24 fetching corpus: 6400, signal 234635/265662 (executing program) 2022/09/17 09:19:24 fetching corpus: 6450, signal 235236/265921 (executing program) 2022/09/17 09:19:24 fetching corpus: 6500, signal 236096/266144 (executing program) 2022/09/17 09:19:24 fetching corpus: 6550, signal 236495/266214 (executing program) 2022/09/17 09:19:24 fetching corpus: 6600, signal 237778/266237 (executing program) 2022/09/17 09:19:24 fetching corpus: 6650, signal 238308/266237 (executing program) 2022/09/17 09:19:24 fetching corpus: 6700, signal 238729/266251 (executing program) 2022/09/17 09:19:24 fetching corpus: 6750, signal 239182/266253 (executing program) 2022/09/17 09:19:25 fetching corpus: 6800, signal 239745/266322 (executing program) 2022/09/17 09:19:25 fetching corpus: 6850, signal 240306/266336 (executing program) 2022/09/17 09:19:25 fetching corpus: 6900, signal 240579/266336 (executing program) 2022/09/17 09:19:25 fetching corpus: 6950, signal 241015/266336 (executing program) 2022/09/17 09:19:25 fetching corpus: 7000, signal 241802/266384 (executing program) 2022/09/17 09:19:25 fetching corpus: 7050, signal 242246/266384 (executing program) 2022/09/17 09:19:25 fetching corpus: 7100, signal 242942/266426 (executing program) 2022/09/17 09:19:25 fetching corpus: 7150, signal 243525/266681 (executing program) 2022/09/17 09:19:26 fetching corpus: 7177, signal 243845/266681 (executing program) 2022/09/17 09:19:26 fetching corpus: 7177, signal 243845/266681 (executing program) 2022/09/17 09:19:28 starting 8 fuzzer processes 09:19:28 executing program 0: setsockopt$inet_int(0xffffffffffffffff, 0x0, 0x12, &(0x7f0000000000)=0x7fffffff, 0x4) ioctl$F2FS_IOC_DEFRAGMENT(0xffffffffffffffff, 0xc010f508, &(0x7f0000000040)={0x80000000, 0x2}) ioctl$HIDIOCGUSAGE(0xffffffffffffffff, 0xc018480b, &(0x7f0000000080)={0x2, 0x1, 0x6, 0x6, 0x9}) r0 = syz_open_dev$rtc(&(0x7f00000000c0), 0x7, 0x401) ioctl$EXT4_IOC_SWAP_BOOT(r0, 0x6611) r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000100)='blkio.bfq.sectors\x00', 0x0, 0x0) ioctl$HIDIOCGDEVINFO(r1, 0x801c4803, &(0x7f0000000140)=""/218) r2 = getpgrp(0xffffffffffffffff) r3 = getpgrp(0xffffffffffffffff) kcmp(r2, r3, 0x0, r1, r0) r4 = dup2(r1, r0) r5 = accept4$inet(r4, &(0x7f0000000380)={0x2, 0x0, @remote}, &(0x7f00000003c0)=0x10, 0x80800) ioctl$BTRFS_IOC_QGROUP_ASSIGN(r5, 0x40189429, &(0x7f0000000400)={0x0, 0xfff, 0x10e}) perf_event_open(&(0x7f0000000440)={0x0, 0x80, 0x3, 0x6, 0x4, 0x6, 0x0, 0x10001, 0x200, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x2, @perf_config_ext={0x800, 0x4}, 0x21, 0x2, 0x100, 0x8, 0x81, 0x1000, 0x3, 0x0, 0x3, 0x0, 0x1}, r2, 0xd, r1, 0x0) r6 = syz_open_procfs(r2, &(0x7f00000004c0)='fdinfo/4\x00') ioctl$HIDIOCSUSAGE(r6, 0x4018480c, &(0x7f0000000500)={0x1, 0xffffffff, 0x0, 0x9, 0x720, 0x7ff}) ioctl$F2FS_IOC_RELEASE_COMPRESS_BLOCKS(r6, 0x8008f512, &(0x7f0000000540)) r7 = open(&(0x7f0000000580)='./file0\x00', 0x20000, 0x48) ioctl$BTRFS_IOC_QGROUP_CREATE(r7, 0x4010942a, &(0x7f00000005c0)={0x1, 0x6}) ioctl$HIDIOCGDEVINFO(r4, 0x801c4803, &(0x7f0000000600)=""/143) 09:19:28 executing program 2: r0 = fsmount(0xffffffffffffffff, 0x0, 0x7b) ioctl$LOOP_SET_FD(r0, 0x4c00, 0xffffffffffffffff) ioctl$AUTOFS_DEV_IOCTL_FAIL(r0, 0xc0189377, &(0x7f0000000000)={{0x1, 0x1, 0x18, r0, {0x101, 0x10000}}, './file0\x00'}) pivot_root(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='./file0\x00') stat(&(0x7f00000003c0)='./file0\x00', &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) getsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000480)={{{@in6=@remote, @in6=@remote, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@empty}, 0x0, @in=@empty}}, &(0x7f0000000580)=0xe8) syz_mount_image$msdos(&(0x7f00000000c0), &(0x7f0000000100)='./file1\x00', 0x5, 0x3, &(0x7f0000000340)=[{&(0x7f0000000140)="eb7f5357ba763381a5c1ea640878a5fbc53047659f608bb4dab4603ebaed9fb87437b3a1d241c8ae23b1c9f7cf11d28b3878691556aa4fa1a0478b8d4c09ede7daf4b4148204844b2910a902edc0db9523d45935bf3d84b3ec5d6cdcc098119c4f5dcfbc3050f7bec2e4055df2be45a2266967e2cf1d73fa2a0c5f47be29a84707cb4c38e29b8f4213f9127e1ed2d953d27989db6d3ed62a339c80e4d72f2d54bca84f8793b2c082ef6146a80c999e2a87642f4711221a", 0xb7, 0x3}, {&(0x7f0000000200)="1749357fc3f8682fee0c0ec7cd6331ffa43f33e07863341ab7355d7564373812caee767441a1ccbbaf1da720f8c2abeb5393addab68965db80f8ebd822b0a32c8068204da873f026cfec34efd435bfc2e79119c73b94b4be676b4233f3bf5c021ff96c80c6917b48cbfa4159fbecdd653bc187ea7c1efc929a60bc47a976046ed06af7b994ed3096436974432c6eecc6fdd44dd315d2787b9df4ef3e2682d5b9a788ae9257f0345d915f0780b39acc4182e4ee33f0d874b91864775b9a7ef317dd8cd3", 0xc3, 0x80000001}, {&(0x7f0000000300)="846dccc32ab5378058d8199d7b8f1ba291c887", 0x13, 0x1}], 0x1a001, &(0x7f00000005c0)={[{@fat=@allow_utime={'allow_utime', 0x3d, 0x2}}, {@fat=@gid={'gid', 0x3d, r2}}], [{@uid_lt={'uid<', r3}}, {@seclabel}, {@uid_lt={'uid<', 0xffffffffffffffff}}, {@subj_user={'subj_user', 0x3d, '@.\xd2'}}, {@appraise_type}]}) setxattr$incfs_metadata(&(0x7f0000000680)='./file1/file0\x00', &(0x7f00000006c0), &(0x7f0000000700)="bc55b823d9f87a301a89f6a72d9f1dd5bc9980795edf6ca1a697f8c9c378d3e09696677c0020c1eb90bcf3a3a463782d45b65c29278728983cc32014cac36567b3136266f199fb53caa0859f01e06765271d0370b1d406241426d745512b074a48531e3d8759f7b7cc7e9aeaeeee4ef2e3a50f11f2", 0x75, 0x0) statx(r0, &(0x7f00000007c0)='./file1/file0\x00', 0x1000, 0x40, &(0x7f0000000800)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) chown(&(0x7f0000000780)='./file1\x00', r3, r4) ioctl$FITRIM(r0, 0xc0185879, &(0x7f0000000900)={0x6, 0x9, 0x1ff}) setsockopt$inet6_tcp_TCP_REPAIR(r1, 0x6, 0x13, &(0x7f0000000940), 0x4) ioctl$F2FS_IOC_MOVE_RANGE(r1, 0xc020f509, &(0x7f0000000980)={r1, 0x4, 0x3e, 0x2}) r5 = signalfd(r0, &(0x7f00000009c0)={[0x6]}, 0x8) ioctl$AUTOFS_DEV_IOCTL_FAIL(r5, 0xc0189377, &(0x7f0000000a00)={{0x1, 0x1, 0x18, r1, {0x40, 0xfb1}}, './file0\x00'}) r6 = openat(r1, &(0x7f0000000a40)='./file0\x00', 0x10000, 0x0) syz_mount_image$nfs4(&(0x7f0000000a80), &(0x7f0000000ac0)='./file1\x00', 0xffff, 0x2, &(0x7f0000000c40)=[{&(0x7f0000000b00)="24a386e21a18a419f9006679d04880ea442816b4c1a479eecc8f935a51cabbabf6f620edc04e89db554eecefa5a1a93ce4d60d685f18679cfe06bb897fbb4cb713ce9e94576fb5e06e2c700a524b9aae4cb98f02ff2003e0724b21f8272904bd70dcd9968800351690e82fb8f600e3db0938537c04b3de8cfe58c0389d63b78b392605334e19d894a62a2c4adfbde369acf49fc4971918dced129e855fc40345bdfb5a5ebbc3cafe5d4b290a172f1b5c915444fc790eb718e6ee71bff7bd81c23d67de700fab00e71ce8397d48edfc929519cc5d89ddb7a3e3d104f84304293c7618a359cc5d916eba7aa170be4ce61eb1c81ec79e0e6f1633", 0xf9, 0x9}, {&(0x7f0000000c00)="23849217cbde3b2f2cb2", 0xa, 0x4}], 0x20, &(0x7f0000000c80)={[{'gid'}, {'gid'}, {}], [{@fowner_gt={'fowner>', r3}}, {@dont_appraise}, {@dont_appraise}, {@obj_type={'obj_type', 0x3d, 'allow_utime'}}]}) execve(&(0x7f0000000d00)='./file1\x00', &(0x7f0000000e80)=[&(0x7f0000000d40)='seclabel', &(0x7f0000000d80)='/\']!\x00', &(0x7f0000000dc0)='\x00', &(0x7f0000000e00)='+\x00', &(0x7f0000000e40)='$$l#$\x00'], &(0x7f0000000f80)=[&(0x7f0000000ec0)='@,/%\x8d.$^([#\x00', &(0x7f0000000f00)='\'-&*\x00', &(0x7f0000000f40)='-,\'\\,\x00']) ioctl$LOOP_SET_DIRECT_IO(r6, 0x4c08, 0x9) mknodat$loop(r6, &(0x7f0000000fc0)='./file2\x00', 0x40, 0x0) 09:19:28 executing program 1: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$NL80211_CMD_JOIN_MESH(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x44, r0, 0x4, 0x70bd28, 0x25dfdbfc, {{}, {@val={0x8}, @val={0xc, 0x99, {0xffff0000, 0x6e}}}}, [@NL80211_ATTR_DTIM_PERIOD={0x8, 0xd, 0x8}, @NL80211_ATTR_MCAST_RATE={0x8, 0x6b, 0x6}, @NL80211_ATTR_MESH_ID={0xa}]}, 0x44}, 0x1, 0x0, 0x0, 0x400c1}, 0x4040) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f00000001c0)={{{@in6=@private2, @in6=@dev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@broadcast}}}, &(0x7f00000002c0)=0xe8) sendmsg$BATADV_CMD_GET_HARDIF(0xffffffffffffffff, &(0x7f0000000380)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000340)={&(0x7f0000000300)={0x34, 0x0, 0x300, 0x70bd2b, 0x25dfdbfc, {}, [@BATADV_ATTR_GW_SEL_CLASS={0x8, 0x34, 0x6}, @BATADV_ATTR_HARD_IFINDEX={0x8, 0x6, r1}, @BATADV_ATTR_MULTICAST_FANOUT={0x8}, @BATADV_ATTR_VLANID={0x6}]}, 0x34}, 0x1, 0x0, 0x0, 0x20004000}, 0xc080) r2 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000400), 0xffffffffffffffff) sendmsg$IPVS_CMD_FLUSH(0xffffffffffffffff, &(0x7f0000000500)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f00000004c0)={&(0x7f0000000440)={0x48, r2, 0x1, 0x70bd28, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x7fffffff}, @IPVS_CMD_ATTR_SERVICE={0x24, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_AF={0x6, 0x1, 0x2}, @IPVS_SVC_ATTR_PE_NAME={0x8}, @IPVS_SVC_ATTR_PE_NAME={0x8}, @IPVS_SVC_ATTR_PROTOCOL={0x6, 0x2, 0x6}]}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x800}]}, 0x48}, 0x1, 0x0, 0x0, 0x54}, 0xc001) r3 = syz_genetlink_get_family_id$batadv(&(0x7f0000000580), 0xffffffffffffffff) sendmsg$BATADV_CMD_GET_MCAST_FLAGS(0xffffffffffffffff, &(0x7f0000000640)={&(0x7f0000000540)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000600)={&(0x7f00000005c0)={0x2c, r3, 0x100, 0x70bd2b, 0x25dfdbfb, {}, [@BATADV_ATTR_ISOLATION_MARK={0x8, 0x2b, 0x401}, @BATADV_ATTR_AGGREGATED_OGMS_ENABLED={0x5, 0x29, 0x1}, @BATADV_ATTR_BONDING_ENABLED={0x5, 0x2d, 0x1}]}, 0x2c}}, 0x815) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f00000006c0)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_ABORT_SCAN(0xffffffffffffffff, &(0x7f0000000780)={&(0x7f0000000680)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000740)={&(0x7f0000000700)={0x28, r0, 0x2, 0x70bd2a, 0x25dfdbff, {{}, {@val={0x8, 0x3, r4}, @val={0xc, 0x99, {0x783, 0x5d}}}}, [""]}, 0x28}, 0x1, 0x0, 0x0, 0xc810}, 0x40008000) syz_genetlink_get_family_id$batadv(&(0x7f00000007c0), 0xffffffffffffffff) r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000840), 0xffffffffffffffff) sendmsg$NL80211_CMD_SET_STATION(0xffffffffffffffff, &(0x7f0000000900)={&(0x7f0000000800)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f00000008c0)={&(0x7f0000000880)={0x3c, r5, 0x10, 0x70bd2a, 0xbc, {{}, {@val={0x8, 0x3, r4}, @val={0xc, 0x99, {0x2, 0x65}}}}, [@NL80211_ATTR_STA_FLAGS2={0xc, 0x43, {0xfff, 0x6}}, @NL80211_ATTR_STA_AID={0x6, 0x10, 0x772}]}, 0x3c}}, 0x4040000) r6 = dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x80000) r7 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000980), 0xffffffffffffffff) sendmsg$IPVS_CMD_GET_CONFIG(r6, &(0x7f0000000a40)={&(0x7f0000000940)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000a00)={&(0x7f00000009c0)={0x30, r7, 0x200, 0x70bd2c, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x1}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x3}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x101}, @IPVS_CMD_ATTR_DAEMON={0x4}]}, 0x30}, 0x1, 0x0, 0x0, 0x14}, 0x4000) r8 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000ac0), r6) sendmsg$ETHTOOL_MSG_RINGS_SET(r6, &(0x7f0000000b80)={&(0x7f0000000a80)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000b40)={&(0x7f0000000b00)={0x30, r8, 0x4, 0x70bd25, 0x25dfdbfe, {}, [@ETHTOOL_A_RINGS_HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r1}]}, @ETHTOOL_A_RINGS_RX_MINI={0x8, 0x7, 0x1}, @ETHTOOL_A_RINGS_RX={0x8, 0x6, 0x7}]}, 0x30}, 0x1, 0x0, 0x0, 0x40480c0}, 0x81) syz_genetlink_get_family_id$tipc2(&(0x7f0000000bc0), r6) syz_genetlink_get_family_id$ethtool(&(0x7f0000000c00), r6) 09:19:28 executing program 5: ioctl$F2FS_IOC_GARBAGE_COLLECT_RANGE(0xffffffffffffffff, 0x4018f50b, &(0x7f0000000000)={0x1, 0x3, 0x6}) r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0x48000, 0x0) ioctl$BTRFS_IOC_QUOTA_CTL(r0, 0xc0109428, &(0x7f0000000080)={0x0, 0x3}) ioctl$BTRFS_IOC_GET_SUPPORTED_FEATURES(0xffffffffffffffff, 0x80489439, &(0x7f00000000c0)) r1 = openat$full(0xffffffffffffff9c, &(0x7f0000000140), 0x4400, 0x0) ioctl$SNAPSHOT_FREE(r1, 0x3305) r2 = syz_open_dev$rtc(&(0x7f0000000180), 0x8, 0x40) write(r2, &(0x7f00000001c0)="288a632c7d5e0390eab764175242bd10874e015a7df72989414bfb319c49bc03f880c2898a4d36010450a76442e72b4bdc9c306af5997749f55cca25ce7de546b6636d9d583b32735aba867e46", 0x4d) mremap(&(0x7f0000ff9000/0x4000)=nil, 0x4000, 0x3000, 0x4, &(0x7f0000ffb000/0x3000)=nil) ioctl$BTRFS_IOC_SEND(r1, 0x40489426, &(0x7f0000000280)={{r1}, 0x4, &(0x7f0000000240)=[0x6, 0x8, 0xffffffff, 0x9], 0x2, 0x2, [0xf711, 0x26b, 0x60f6, 0x7fff]}) ioctl$AUTOFS_IOC_SETTIMEOUT(r2, 0x80049367, &(0x7f0000000300)=0x4) syz_io_uring_setup(0x2973, &(0x7f0000000340)={0x0, 0xe5ca, 0x1, 0x2, 0x3cc, 0x0, r1}, &(0x7f0000ffb000/0x2000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f00000003c0), &(0x7f0000000400)=0x0) r4 = openat$cgroup_netprio_ifpriomap(r1, &(0x7f0000000440), 0x2, 0x0) fcntl$dupfd(r2, 0x0, r4) r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x2000000, 0x110, r1, 0x0) syz_io_uring_submit(r5, r3, &(0x7f0000000480)=@IORING_OP_POLL_ADD={0x6, 0x3, 0x0, @fd_index=0x3, 0x0, 0x0, 0x0, {0x80}, 0x1}, 0x1) r6 = socket$nl_sock_diag(0x10, 0x3, 0x4) ioctl$FS_IOC_SETFSLABEL(r6, 0x41009432, &(0x7f00000004c0)="72c886f03ec0bd66a925d360ae2f67e1429352b9b9bf0e4f5415e441d923d17a8fc17a8e5732a835c3e7bdc05cbe91b91df444c749519bdf83e88eb99dad54ae03657253f613babc8071cb82b3a257ea564d9cf143c6f2b48b848af747e634049e905213a9a0adbaafa4f5d0fe3060a8ff2f54d89cd4bb4957ae92ec1c58b7488ef07ca305dade6cf7b5de16d6d9c1aa8a620a03cd9534e5f35c9ad807292ad1c027030ab9fa209a31ae473f65bbd487169bdeff9849623d706be9bb591f1eb3a9679e59e8bee6e403b38b158e3dec7a1c7df07cbf3059c5c988b652e7e2dd008866e6bdc8bab73a2db1064b67d187c85985fe4467565d40e53472e036f005ed") r7 = fcntl$dupfd(r2, 0x0, r0) openat(r7, &(0x7f00000005c0)='./file0\x00', 0x418200, 0x6) 09:19:28 executing program 4: setxattr$trusted_overlay_nlink(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040), &(0x7f0000000080)={'U+', 0x3}, 0x16, 0x0) r0 = signalfd(0xffffffffffffffff, &(0x7f0000000100)={[0x3]}, 0x8) symlinkat(&(0x7f00000000c0)='./file1\x00', r0, &(0x7f0000000140)='./file0\x00') r1 = memfd_create(&(0x7f0000000180)='trusted.overlay.nlink\x00', 0x2) epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f00000001c0)) r2 = socket$inet_icmp(0x2, 0x2, 0x1) ioctl$AUTOFS_IOC_PROTOVER(r2, 0x80049363, &(0x7f0000000200)) fspick(r0, &(0x7f0000000240)='./file1\x00', 0x0) fcntl$addseals(r0, 0x409, 0x8) r3 = open(&(0x7f0000000280)='./file1/file0\x00', 0x84000, 0x4) r4 = openat(r0, &(0x7f00000002c0)='./file1/file0\x00', 0x1196c0, 0x104) close_range(r2, r4, 0x0) ioctl$SG_SET_DEBUG(r3, 0x227e, &(0x7f0000000300)=0x1) r5 = syz_mount_image$iso9660(&(0x7f0000000340), &(0x7f0000000380)='./file0\x00', 0x80000000800, 0x2, &(0x7f00000004c0)=[{&(0x7f00000003c0)="3a65dbe9714ebafdfff0eb9d0037bba7899db275aa95526e51c9c9f153e0f75073c58b279612dfdcd8528904c7a998008d2d651329d3130d8d391fe4fcd9e24c19860f0231", 0x45, 0x67f9}, {&(0x7f0000000440)="19cd5297ddf7966adaa17d345ef802a8492caba2680c14d0a53a32fceb1c598c8f249153fd644a568451cc5196a443694667c1c7365d631f38e85e60b492ff61e617fa5ec89271e25dc6e126449c1fce721cf29be999ceb8617f7dd47d244ab5b91be9f516b7bd240b7aa009", 0x6c, 0x7}], 0x20438a0, &(0x7f0000000500)={[{@mode={'mode', 0x3d, 0x81}}, {@nocompress}], [{@pcr={'pcr', 0x3d, 0x3f}}, {@smackfsroot={'smackfsroot', 0x3d, 'trusted.overlay.nlink\x00'}}, {@audit}, {@mask={'mask', 0x3d, 'MAY_READ'}}, {@dont_appraise}]}) ioctl$BTRFS_IOC_DEFAULT_SUBVOL(r4, 0x40089413, &(0x7f00000005c0)=0x1) r6 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000600), 0x1, 0x0) mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x2000003, 0x10, r6, 0x63d98000) fsetxattr$trusted_overlay_nlink(r5, &(0x7f0000000640), &(0x7f0000000680)={'U+', 0x10000}, 0x16, 0x0) getsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x20, &(0x7f0000000740)={@initdev, @rand_addr, 0x0}, &(0x7f0000000780)=0xc) recvfrom$packet(r6, &(0x7f00000006c0)=""/107, 0x6b, 0x40000000, &(0x7f00000007c0)={0x11, 0x7, r7, 0x1, 0x4, 0x6, @multicast}, 0x14) [ 71.033816] audit: type=1400 audit(1663406368.840:6): avc: denied { execmem } for pid=284 comm="syz-executor.0" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1 09:19:28 executing program 3: rt_sigsuspend(&(0x7f0000000000), 0x8) rt_sigtimedwait(&(0x7f0000000040)={[0x7ff]}, 0x0, &(0x7f0000000080), 0x8) clock_gettime(0x5, &(0x7f00000000c0)) r0 = signalfd(0xffffffffffffffff, &(0x7f0000000100)={[0xffff]}, 0x8) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r0, 0xc0189373, &(0x7f0000000140)={{0x1, 0x1, 0x18, r0, {0xa9}}, './file0\x00'}) sendmsg$NL80211_CMD_CRIT_PROTOCOL_START(r1, &(0x7f0000000240)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000200)={&(0x7f00000001c0)={0x2c, 0x0, 0x200, 0x70bd2b, 0x25dfdbfe, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_MAX_CRIT_PROT_DURATION={0x6, 0xb4, 0x917}, @NL80211_ATTR_CRIT_PROT_ID={0x6, 0xb3, 0x1}]}, 0x2c}, 0x1, 0x0, 0x0, 0x840}, 0x20000000) fcntl$getflags(r0, 0x1) ioctl$PERF_EVENT_IOC_MODIFY_ATTRIBUTES(r1, 0x4008240b, &(0x7f0000000280)={0x2, 0x80, 0x1, 0x1f, 0x8, 0x0, 0x0, 0x2, 0x0, 0xc, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x4, 0x4, @perf_config_ext={0x80000000, 0x8}, 0x2, 0xf7, 0xffffffff, 0x7, 0x1, 0x20, 0x88d, 0x0, 0x1f, 0x0, 0x9}) clock_gettime(0xd, &(0x7f0000000300)) pselect6(0x40, &(0x7f0000000340)={0xfffffffffffff801, 0x7fff, 0x2, 0x3f, 0x80000001, 0x6, 0x200, 0x8001}, &(0x7f0000000380)={0x1ff, 0x3, 0x1, 0x7f, 0xea57, 0x4bc3, 0xf9cb, 0x5f}, &(0x7f00000003c0)={0xfffffffc00000000, 0x3ff, 0x8000, 0x2, 0x80000000, 0x6, 0xd25a, 0x7}, &(0x7f0000000400)={0x0, 0x3938700}, &(0x7f0000000480)={&(0x7f0000000440)={[0xc73b]}, 0x8}) r2 = open(&(0x7f00000004c0)='./file0\x00', 0x80, 0x9) clock_gettime(0x0, &(0x7f0000000580)={0x0, 0x0}) epoll_pwait2(r2, &(0x7f0000000500)=[{}, {}, {}, {}, {}, {}], 0x6, &(0x7f00000005c0)={r3, r4+60000000}, &(0x7f0000000600)={[0x1]}, 0x8) r5 = mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x1000001, 0x40010, r0, 0x10000000) syz_io_uring_submit(0x0, r5, &(0x7f00000006c0)=@IORING_OP_OPENAT2={0x1c, 0x2, 0x0, 0xffffffffffffffff, &(0x7f0000000640)={0x10100, 0x12, 0x5}, &(0x7f0000000680)='./file1\x00', 0x18, 0x0, 0x12345}, 0x0) openat2$dir(0xffffffffffffff9c, &(0x7f0000000700)='./file0\x00', &(0x7f0000000740)={0x80600, 0x8}, 0x18) syz_io_uring_setup(0x4e11, &(0x7f0000000780)={0x0, 0xa7b1, 0x1, 0x0, 0x2d9, 0x0, r1}, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000000800), &(0x7f0000000840)) syz_io_uring_setup(0x16df, &(0x7f0000000880)={0x0, 0xf1b7, 0x2, 0x1, 0x3a4, 0x0, r0}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000000900), &(0x7f0000000940)) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000009c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_STOP_AP(r2, &(0x7f0000000a80)={&(0x7f0000000980)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000a40)={&(0x7f0000000a00)={0x1c, 0x0, 0x100, 0x70bd2b, 0x25dfdbff, {{}, {@val={0x8, 0x3, r6}, @void}}, [""]}, 0x1c}, 0x1, 0x0, 0x0, 0x50}, 0x800) 09:19:28 executing program 6: ioctl$LOOP_SET_FD(0xffffffffffffffff, 0x4c00, 0xffffffffffffffff) setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(0xffffffffffffffff, 0x6, 0x16, &(0x7f0000000000)=[@window={0x3, 0x1f, 0x25a8}, @timestamp, @window={0x3, 0x0, 0x5}, @timestamp, @sack_perm, @mss={0x2, 0x7}], 0x6) r0 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000040), 0x58100, 0x0) ioctl$sock_inet_tcp_SIOCOUTQNSD(r0, 0x894b, &(0x7f0000000080)) r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000100)={0x3, &(0x7f00000000c0)=[{0x5, 0x20, 0x5, 0x3}, {0x2, 0x0, 0x1, 0x8}, {0xffff, 0xcc, 0x1, 0x100}]}) fsetxattr$trusted_overlay_upper(r1, &(0x7f0000000140), &(0x7f0000000180)={0x0, 0xfb, 0xa4, 0x0, 0x7, "1c487e8e7b92848e321dde9f375a4b37", "4cf08941e599575da0c91c0bc5f1502b8ca6c4d3bbaafa36a17b1543cba8eda57f38a0ba84cbab6d22989ac580c352b0c16ce958acb0eff306b4c7df497c8bbce92ab13dd5ce0b585c3a1e24133a763a73db1cc7854979442f007681ecf3e8a2385aa7a06fa513de0212e3450974d050b45de76057b534704edf1067b630381a2653c548bd2acfa0acc6db779eaa4f"}, 0xa4, 0x1) inotify_init1(0x80800) ioctl$AUTOFS_DEV_IOCTL_EXPIRE(r1, 0xc018937c, &(0x7f0000000240)={{0x1, 0x1, 0x18, r0, {0x2}}, './file0\x00'}) ioctl$sock_inet_tcp_SIOCATMARK(r2, 0x8905, &(0x7f0000000280)) stat(&(0x7f00000002c0)='./file0\x00', &(0x7f0000000300)) r3 = accept4(r0, &(0x7f0000000380)=@pppol2tp={0x18, 0x1, {0x0, 0xffffffffffffffff}}, &(0x7f0000000400)=0x80, 0x80800) r5 = syz_genetlink_get_family_id$devlink(&(0x7f0000000480), r0) sendmsg$DEVLINK_CMD_SB_TC_POOL_BIND_SET(r4, &(0x7f00000006c0)={&(0x7f0000000440)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000680)={&(0x7f00000004c0)={0x194, r5, 0x400, 0x70bd29, 0x25dfdbfe, {}, [{{@pci={{0x8}, {0x11}}, {0x8, 0x3, 0x2}}, {0x8, 0xb, 0x8000}, {0x6, 0x16, 0x3}, {0x5, 0x12, 0x1}, {0x6, 0x11, 0x7}, {0x8, 0xb, 0x8}}, {{@pci={{0x8}, {0x11}}, {0x8}}, {0x8, 0xb, 0x2b8}, {0x6, 0x16, 0x20}, {0x5, 0x12, 0x1}, {0x6}, {0x8, 0xb, 0x5}}, {{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x3, 0x3}}, {0x8, 0xb, 0x8}, {0x6, 0x16, 0x4}, {0x5, 0x12, 0x1}, {0x6, 0x11, 0xc36}, {0x8, 0xb, 0x8}}, {{@pci={{0x8}, {0x11}}, {0x8, 0x3, 0x3}}, {0x8}, {0x6, 0x16, 0x5}, {0x5, 0x12, 0x1}, {0x6, 0x11, 0x2}, {0x8, 0xb, 0x1}}, {{@pci={{0x8}, {0x11}}, {0x8}}, {0x8, 0xb, 0xf2}, {0x6, 0x16, 0x8}, {0x5, 0x12, 0x1}, {0x6, 0x11, 0x1}, {0x8, 0xb, 0x4}}]}, 0x194}, 0x1, 0x0, 0x0, 0x20000000}, 0x50) sendmsg$NL80211_CMD_GET_MPP(r3, &(0x7f0000000800)={&(0x7f0000000700)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f00000007c0)={&(0x7f0000000740)={0x80, 0x0, 0x8, 0x70bd2d, 0x25dfdbfc, {{}, {@void, @void}}, [@NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_MPATH_NEXT_HOP={0xa, 0x1a, @device_b}, @NL80211_ATTR_MPATH_NEXT_HOP={0xa, 0x1a, @device_b}, @NL80211_ATTR_MAC={0xa, 0x6, @broadcast}, @NL80211_ATTR_MAC={0xa, 0x6, @broadcast}, @NL80211_ATTR_MAC={0xa, 0x6, @broadcast}, @NL80211_ATTR_MAC={0xa, 0x6, @broadcast}, @NL80211_ATTR_MAC={0xa, 0x6, @broadcast}, @NL80211_ATTR_MAC={0xa}]}, 0x80}, 0x1, 0x0, 0x0, 0x24002041}, 0x0) r6 = socket$nl_sock_diag(0x10, 0x3, 0x4) getpeername(r6, &(0x7f0000000840)=@tipc=@name, &(0x7f00000008c0)=0x80) sendmsg$TIPC_NL_MON_PEER_GET(r3, &(0x7f0000000b80)={&(0x7f0000000900)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000b40)={&(0x7f0000000940)={0x1fc, 0x0, 0x20, 0x70bd28, 0x25dfdbfb, {}, [@TIPC_NLA_MON={0x34, 0x9, 0x0, 0x1, [@TIPC_NLA_MON_REF={0x8, 0x2, 0x6}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x401}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x7fff}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x9}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x7}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0xfff}]}, @TIPC_NLA_PUBL={0x54, 0x3, 0x0, 0x1, [@TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x2}, @TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0x4}, @TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0x7ff}, @TIPC_NLA_PUBL_UPPER={0x8}, @TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0x8}, @TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0x200}, @TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0x7}, @TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0x10000}, @TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0x8}, @TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x9}]}, @TIPC_NLA_NET={0x5c, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_NODEID={0xc, 0x3, 0x7}, @TIPC_NLA_NET_NODEID={0xc, 0x3, 0xffffffffffffffff}, @TIPC_NLA_NET_ADDR={0x8, 0x2, 0x3}, @TIPC_NLA_NET_ADDR={0x8, 0x2, 0xffffffff}, @TIPC_NLA_NET_ID={0x8, 0x1, 0x8180}, @TIPC_NLA_NET_ADDR={0x8, 0x2, 0x3}, @TIPC_NLA_NET_ID={0x8, 0x1, 0x1}, @TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x668}, @TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x6}]}, @TIPC_NLA_MEDIA={0x28, 0x5, 0x0, 0x1, [@TIPC_NLA_MEDIA_PROP={0x1c, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x3}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x229}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x2}]}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'eth\x00'}]}, @TIPC_NLA_MON={0x4c, 0x9, 0x0, 0x1, [@TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0xfffffffe}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x401}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x3}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x2}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x3}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x17}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x4}, @TIPC_NLA_MON_REF={0x8, 0x2, 0xf20}, @TIPC_NLA_MON_REF={0x8, 0x2, 0xaf6}]}, @TIPC_NLA_SOCK={0x50, 0x2, 0x0, 0x1, [@TIPC_NLA_SOCK_REF={0x8, 0x2, 0x2cd}, @TIPC_NLA_SOCK_CON={0x44, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_FLAG={0x8, 0x1, 0xfff}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0xf2c}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x1}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x7ff}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x2}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x6}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x3ff}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x80000001}]}]}, @TIPC_NLA_NET={0x24, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_ADDR={0x8, 0x2, 0x8}, @TIPC_NLA_NET_NODEID_W1={0xc}, @TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x7}]}, @TIPC_NLA_MON={0x1c, 0x9, 0x0, 0x1, [@TIPC_NLA_MON_REF={0x8, 0x2, 0x7}, @TIPC_NLA_MON_REF={0x8, 0x2, 0xba}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x7}]}]}, 0x1fc}, 0x1, 0x0, 0x0, 0x4040040}, 0x80) ioctl$sock_inet_SIOCSIFNETMASK(r2, 0x891c, &(0x7f0000000bc0)={'tunl0\x00', {0x2, 0x0, @dev}}) llistxattr(&(0x7f0000000c00)='./file0\x00', &(0x7f0000000c40)=""/161, 0xa1) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000001180)={0x3}) 09:19:28 executing program 7: r0 = ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82) ioctl$FIDEDUPERANGE(0xffffffffffffffff, 0xc0189436, &(0x7f0000000000)={0xffffffff, 0x109, 0x1, 0x0, 0x0, [{{}, 0x7fff}]}) pipe(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$LOOP_CTL_REMOVE(r2, 0x4c81, r0) ioctl$LOOP_CTL_REMOVE(r2, 0x4c81, r0) r3 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/vmstat\x00', 0x0, 0x0) ioctl$EXT4_IOC_ALLOC_DA_BLKS(r3, 0x660c) r4 = syz_open_procfs(0xffffffffffffffff, &(0x7f00000000c0)='net/protocols\x00') ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r2, 0x81f8943c, &(0x7f0000000100)={0x0, ""/256, 0x0, 0x0, 0x0}) ioctl$BTRFS_IOC_BALANCE_PROGRESS(r1, 0x84009422, &(0x7f0000000300)={0x0, 0x0, {0x0, @struct, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @struct}}) ioctl$BTRFS_IOC_SUBVOL_CREATE_V2(r4, 0x50009418, &(0x7f0000000700)={{r2}, r5, 0x4, @unused=[0xfff, 0x7, 0x5, 0x8000], @devid=r6}) r7 = open_tree(r3, &(0x7f0000001700)='./file0\x00', 0x2) ioctl$LOOP_CTL_REMOVE(r7, 0x4c81, r0) getsockopt$IP_VS_SO_GET_SERVICES(r3, 0x0, 0x482, &(0x7f0000001740)=""/248, &(0x7f0000001840)=0xf8) r8 = accept4$inet6(r3, &(0x7f0000001880)={0xa, 0x0, 0x0, @mcast1}, &(0x7f00000018c0)=0x1c, 0x800) write$binfmt_aout(r8, &(0x7f0000001900)={{0xcc, 0x3, 0x0, 0xf3, 0x14a, 0x2, 0x37, 0x8}, "fc8978c6d40a2abf0a622929064cd0987dd32b663371be9b0eac1a61ad4fff61b20dcdc060d49f3f6c466f289965942264bca74691d2eee1b2bf30ce0a113faa906d49002edb5d325df52244f49d7cb6be11db13a617e7e0a035c640b38446d0236307fc45c90319603627158c", ['\x00']}, 0x18d) r9 = openat$pidfd(0xffffffffffffff9c, &(0x7f0000001ac0), 0x820000, 0x0) ioctl$LOOP_CHANGE_FD(0xffffffffffffffff, 0x4c06, r9) ioctl$sock_SIOCDELRT(r7, 0x890c, &(0x7f0000001b40)={0x0, @xdp={0x2c, 0x8, 0x0, 0x1f}, @nl, @tipc=@nameseq={0x1e, 0x1, 0x0, {0x41, 0x0, 0x4}}, 0x5, 0x0, 0x0, 0x0, 0xffff, &(0x7f0000001b00)='veth0\x00', 0x1ff, 0xffffffffffffee02, 0x1000}) setsockopt$inet6_opts(0xffffffffffffffff, 0x29, 0x3b, &(0x7f0000001c40)=@routing={0x87, 0x10, 0x0, 0x81, 0x0, [@private1, @dev={0xfe, 0x80, '\x00', 0x38}, @private2, @private0, @mcast1, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', @private2, @mcast2]}, 0x88) [ 72.274355] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 72.275904] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 72.277249] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 72.281721] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 72.283500] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 72.285845] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 72.291443] Bluetooth: hci0: HCI_REQ-0x0c1a [ 72.320129] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 72.321964] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 72.323274] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 72.326018] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 72.327909] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 72.329184] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 72.333541] Bluetooth: hci2: HCI_REQ-0x0c1a [ 72.393951] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 72.399538] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 72.401782] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 72.408822] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 72.411212] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 72.412635] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 72.416962] Bluetooth: hci3: HCI_REQ-0x0c1a [ 72.431068] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 72.436461] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 72.437769] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 72.454175] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 72.458087] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 72.459473] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 72.460712] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 72.464415] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 72.465786] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 72.467052] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 72.469491] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 72.473512] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 72.474628] Bluetooth: hci4: HCI_REQ-0x0c1a [ 72.475999] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 72.477839] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 72.479867] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 72.481288] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 72.486127] Bluetooth: hci5: HCI_REQ-0x0c1a [ 72.522707] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 72.536770] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 72.539113] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 72.550643] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 72.552280] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 72.555725] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 72.564811] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 72.567612] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 72.572156] Bluetooth: hci7: HCI_REQ-0x0c1a [ 72.578172] Bluetooth: hci6: HCI_REQ-0x0c1a [ 74.358758] Bluetooth: hci2: command 0x0409 tx timeout [ 74.359487] Bluetooth: hci1: Opcode 0x c03 failed: -110 [ 74.360510] Bluetooth: hci0: command 0x0409 tx timeout [ 74.423369] Bluetooth: hci3: command 0x0409 tx timeout [ 74.486386] Bluetooth: hci4: command 0x0409 tx timeout [ 74.550422] Bluetooth: hci5: command 0x0409 tx timeout [ 74.614408] Bluetooth: hci6: command 0x0409 tx timeout [ 74.614886] Bluetooth: hci7: command 0x0409 tx timeout [ 76.406420] Bluetooth: hci0: command 0x041b tx timeout [ 76.406951] Bluetooth: hci2: command 0x041b tx timeout [ 76.471370] Bluetooth: hci3: command 0x041b tx timeout [ 76.535354] Bluetooth: hci4: command 0x041b tx timeout [ 76.599422] Bluetooth: hci5: command 0x041b tx timeout [ 76.662408] Bluetooth: hci7: command 0x041b tx timeout [ 76.663039] Bluetooth: hci6: command 0x041b tx timeout [ 78.455385] Bluetooth: hci2: command 0x040f tx timeout [ 78.456222] Bluetooth: hci0: command 0x040f tx timeout [ 78.519425] Bluetooth: hci3: command 0x040f tx timeout [ 78.583413] Bluetooth: hci4: command 0x040f tx timeout [ 78.647463] Bluetooth: hci5: command 0x040f tx timeout [ 78.711380] Bluetooth: hci6: command 0x040f tx timeout [ 78.711863] Bluetooth: hci7: command 0x040f tx timeout [ 79.286400] Bluetooth: hci1: Opcode 0x c03 failed: -110 [ 80.503465] Bluetooth: hci0: command 0x0419 tx timeout [ 80.504728] Bluetooth: hci2: command 0x0419 tx timeout [ 80.567366] Bluetooth: hci3: command 0x0419 tx timeout [ 80.631486] Bluetooth: hci4: command 0x0419 tx timeout [ 80.694499] Bluetooth: hci5: command 0x0419 tx timeout [ 80.759422] Bluetooth: hci7: command 0x0419 tx timeout [ 80.760235] Bluetooth: hci6: command 0x0419 tx timeout [ 81.829728] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 81.838755] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 81.840117] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 81.843304] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 81.847244] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 81.850785] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 81.856398] Bluetooth: hci1: HCI_REQ-0x0c1a [ 83.895377] Bluetooth: hci1: command 0x0409 tx timeout [ 85.942423] Bluetooth: hci1: command 0x041b tx timeout [ 87.991796] Bluetooth: hci1: command 0x040f tx timeout [ 90.039420] Bluetooth: hci1: command 0x0419 tx timeout 09:20:20 executing program 7: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x17, &(0x7f0000000540)=[{&(0x7f0000010000)="2000000080000000060000006a0000000f000000000000000100000001000000004000000040000020000000d5f4655fd6f4655f0100ffff53ef010001000000d5f4655f000000000000000001000000000000000b0000000001000028020000028401001b0000000000000000000000000000000000000073797a6b616c6c6572000000000000002f746d702f73797a2d696d61676567656e37373731383437373000"/192, 0xc0, 0x400}, {&(0x7f0000010100)="0000000000000000000000002446d29025514b1c8845339908ad0491010000000c00000000000000d5f4655f00"/64, 0x40, 0x4e0}, {&(0x7f0000010200)="00000000000000000000000000000000000000000000000000000000200020000100000000000000000000000000000000000000000000002e00000000000000", 0x40, 0x540}, {&(0x7f0000010300)="0000000000000000000000000000000000000000010400"/32, 0x20, 0x640}, {&(0x7f0000010400)="0200000003000000040000006a000f000300040000000000000000000f00bc0f", 0x20, 0x800}, {&(0x7f0000010500)="ffff3f00000000000000000000000000ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff0100ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff0000000000000000d5f4655fd5f4655fd5f4655f00"/4128, 0x1020, 0x1000}, {&(0x7f0000011600)="ed41000000080000d5f4655fd5f4655fd5f4655f00000000000004000400000000000000050000000800"/64, 0x40, 0x2100}, {&(0x7f0000011700)="20000000500753ed500753ed00000000d5f4655f00"/32, 0x1b, 0x2180}, {&(0x7f0000011800)="c041000000380000d5f4655fd5f4655fd5f4655f00000000000002001c0000000000000000000000090000000a0000000b0000000c0000000d0000000e0000000f00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000d5f4655f000000000000000000000000000002ea00"/192, 0xc0, 0x29fd}, {&(0x7f0000011900)="ed4100003c000000d5f4655fd5f4655fd5f4655f0000000000000200000000000000001003000000020000000d0000001000050166696c65300000000e0000002800050766696c6531000000000000000000000000000000000000000000000000000000e978bfbe00000000000000000000000000000000000000000000000020000000500753ed500753ed500753edd5f4655f500753ed0000000000000000000002ea04070000000000000000000000000000646174610000000000000000", 0xc0, 0x2b00}, {&(0x7f0000011a00)="ed8100001a040000d5f4655fd5f4655fd5f4655f0000000000000100040000000000000001000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000fd4e152d00000000000000000000000000000000000000000000000020000000500753ed500753ed500753edd5f4655f500753ed0000000000000000", 0xa0, 0x2c00}, {&(0x7f0000011b00)="ffa1000026000000d5f4655fd5f4655fd5f4655f00000000000001000000000000000000010000002f746d702f73797a2d696d61676567656e3737373138343737302f66696c65302f66696c653000000000000000000000000000000000000000000000e528a92800000000000000000000000000000000000000000000000020000000500753ed500753ed500753edd5f4655f500753ed0000000000000000", 0xa0, 0x2d00}, {&(0x7f0000011c00)="ed8100000a000000d5f4655fd5f4655fd5f4655f000000000000010000000000000000100100000073797a6b616c6c657273000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000027bb2f1900000000000000000000000000000000000000000000000020000000500753ed500753ed500753edd5f4655f500753ed0000000000000000000002ea040700000000000000000000000000006461746106015400000000000600000000000000786174747231000006014c000000000006000000000000007861747472320000000000000000000078617474723200007861747472310000ed81000028230000d5f4655fd5f4655fd5f4655f00000000000002001400000000000000010000001100000012000000130000001400000015000000000000000000000000000000000000000000000000000000000000000000000000000000000000005a56e87200000000000000000000000000000000000000000000000020000000500753ed500753ed500753edd5f4655f500753ed0000000000000000", 0x1a0, 0x2e00}, {&(0x7f0000011e00)="ed81000064000000d5f4655fd5f4655fd5f4655f000000000000010000000000000000100100000073797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c71163c9a00000000000000000000000000000000000000000000000020000000500753ed500753ed500753edd5f4655f500753ed0000000000000000000002ea040734000000000028000000000000006461746100000000000000000000000000000000000000000000000000000000000000006c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273", 0x100, 0x3000}, {&(0x7f0000011f00)="020000000c0001022e000000020000000c0002022e2e00000b00000014000a026c6f73742b666f756e6400000c0000001000050266696c65300000000f0000001000050166696c6531000000100000001000050166696c6532000000100000001000050166696c6533000000110000009407090166696c652e636f6c64000000", 0x80, 0x4000}, {&(0x7f0000012000)="0b0000000c0001022e000000020000000c0002022e2e000000000000e8070000", 0x20, 0x4800}, {&(0x7f0000012100)='\x00\x00\x00\x00\x00\b\x00'/32, 0x20, 0x5000}, {&(0x7f0000012200)='\x00\x00\x00\x00\x00\b\x00'/32, 0x20, 0x5800}, {&(0x7f0000012300)='\x00\x00\x00\x00\x00\b\x00'/32, 0x20, 0x6000}, {&(0x7f0000012400)='\x00\x00\x00\x00\x00\b\x00'/32, 0x20, 0x6800}, {&(0x7f0000012500)='\x00\x00\x00\x00\x00\b\x00'/32, 0x20, 0x7000}, {&(0x7f0000012600)='\x00\x00\x00\x00\x00\b\x00'/32, 0x20, 0x7800}, {&(0x7f0000012700)='syzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkal\x00\x00\x00\x00\x00\x00', 0x420, 0x8000}, {&(0x7f0000000440)="08c01f515958db2306e0b91f2c1998dd00ba0902a35f6dc20e4c8c28b0db6e6c8b159871741630e782c75c7b23f5ae7ac4d97458aad72e1c25eee3ea8a73d5415e93350c1ae1e0647dc2ff0fa2ecccf21da92b7ce9726a27bde0c3d137a913100bcc13e430e2611991bb55413e822e7677c640d0cb72858049b017486ba06b9ef2e4a293b21d925fe2e9f656305d4ab5999288fa1e091503dcc1619c36ec6ef7aacd3d6a6b38a8d6e2f063e0c83d004d3a25ddd48e2dae27a48d01ca49788e5ac328db8110278bc87abf5a550c1f8be63955fd54abf0026466f8ecc17e1ce2e035a30da885d2f3e73e3a178c6a7a65837541eeb5a7", 0x0, 0x9}], 0x0, &(0x7f0000012c00)) [ 122.985251] loop7: detected capacity change from 0 to 512 [ 123.018484] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: none. [ 123.116498] EXT4-fs (loop7): unmounting filesystem. 09:20:20 executing program 7: mlock2(&(0x7f0000ff7000/0x4000)=nil, 0x4000, 0x0) shmat(0xffffffffffffffff, &(0x7f0000fed000/0x13000)=nil, 0x0) r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x6}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mmap$perf(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x10, 0xffffffffffffffff, 0x0) shmat(0x0, &(0x7f0000ff6000/0x1000)=nil, 0x0) ioctl$EXT4_IOC_CHECKPOINT(0xffffffffffffffff, 0x4004662b, &(0x7f0000000040)) shmat(0xffffffffffffffff, &(0x7f0000ff2000/0xe000)=nil, 0x5000) r1 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000240), 0x5}, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x41, 0x0) r3 = ioctl$LOOP_CTL_GET_FREE(r2, 0x4c82) perf_event_open(&(0x7f00000001c0)={0x1, 0x80, 0x20, 0x5, 0xdd, 0xda, 0x0, 0x1, 0x24, 0xd, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x3, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x2, 0x4, @perf_bp={&(0x7f0000000180), 0x1}, 0x40, 0x6, 0x9, 0x4, 0x8, 0x2, 0x120, 0x0, 0x401, 0x0, 0xd273}, 0x0, 0xe, r1, 0xc) mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x1000005, 0x40010, 0xffffffffffffffff, 0xf871a000) mmap(&(0x7f0000ffa000/0x1000)=nil, 0x1000, 0xa249147d822ad54f, 0x10, r0, 0xc897d000) perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x9, 0x0, 0x7, 0x11, 0x0, 0x7fff, 0x8000, 0x2, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x2, 0x2, @perf_config_ext={0x6, 0xfff}, 0x40, 0x10001, 0x20, 0x8, 0x73e, 0xffffffff, 0x9, 0x0, 0x9, 0x0, 0x3}, 0x0, 0x9, r0, 0x1) sendmsg$netlink(0xffffffffffffffff, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000340)=ANY=[@ANYBLOB="81e6e50900c238cf2b673b529340d0db76"], 0x1c}], 0x1}, 0x0) ioctl$BTRFS_IOC_DEFAULT_SUBVOL(0xffffffffffffffff, 0x40089413, &(0x7f0000000000)=0x2) ioctl$LOOP_CTL_REMOVE(r2, 0x4c81, r3) ioctl$SNAPSHOT_FREE(0xffffffffffffffff, 0x3305) [ 123.206249] audit: type=1400 audit(1663406421.012:7): avc: denied { open } for pid=3675 comm="syz-executor.7" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 [ 123.208007] audit: type=1400 audit(1663406421.012:8): avc: denied { kernel } for pid=3675 comm="syz-executor.7" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 [ 123.236811] ------------[ cut here ]------------ [ 123.236835] [ 123.236840] ====================================================== [ 123.236844] WARNING: possible circular locking dependency detected [ 123.236849] 6.0.0-rc5-next-20220916 #1 Not tainted [ 123.236855] ------------------------------------------------------ [ 123.236859] syz-executor.7/3677 is trying to acquire lock: [ 123.236865] ffffffff853fa878 ((console_sem).lock){....}-{2:2}, at: down_trylock+0xe/0x70 [ 123.236904] [ 123.236904] but task is already holding lock: [ 123.236907] ffff888009844020 (&ctx->lock){....}-{2:2}, at: __perf_event_task_sched_out+0x53b/0x18d0 [ 123.236935] [ 123.236935] which lock already depends on the new lock. [ 123.236935] [ 123.236938] [ 123.236938] the existing dependency chain (in reverse order) is: [ 123.236941] [ 123.236941] -> #3 (&ctx->lock){....}-{2:2}: [ 123.236955] _raw_spin_lock+0x2a/0x40 [ 123.236973] __perf_event_task_sched_out+0x53b/0x18d0 [ 123.236986] __schedule+0xedd/0x2470 [ 123.236997] schedule+0xda/0x1b0 [ 123.237007] futex_wait_queue+0xf5/0x1e0 [ 123.237019] futex_wait+0x28e/0x690 [ 123.237028] do_futex+0x2ff/0x380 [ 123.237038] __x64_sys_futex+0x1c6/0x4d0 [ 123.237047] do_syscall_64+0x3b/0x90 [ 123.237062] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 123.237080] [ 123.237080] -> #2 (&rq->__lock){-.-.}-{2:2}: [ 123.237094] _raw_spin_lock_nested+0x30/0x40 [ 123.237113] raw_spin_rq_lock_nested+0x1e/0x30 [ 123.237126] task_fork_fair+0x63/0x4d0 [ 123.237144] sched_cgroup_fork+0x3d0/0x540 [ 123.237158] copy_process+0x4183/0x6e20 [ 123.237169] kernel_clone+0xe7/0x890 [ 123.237178] user_mode_thread+0xad/0xf0 [ 123.237188] rest_init+0x24/0x250 [ 123.237206] arch_call_rest_init+0xf/0x14 [ 123.237218] start_kernel+0x4c1/0x4e6 [ 123.237228] secondary_startup_64_no_verify+0xe0/0xeb [ 123.237243] [ 123.237243] -> #1 (&p->pi_lock){-.-.}-{2:2}: [ 123.237256] _raw_spin_lock_irqsave+0x39/0x60 [ 123.237272] try_to_wake_up+0xab/0x1920 [ 123.237285] up+0x75/0xb0 [ 123.237297] __up_console_sem+0x6e/0x80 [ 123.237316] console_unlock+0x46a/0x590 [ 123.237332] vt_ioctl+0x2822/0x2ca0 [ 123.237345] tty_ioctl+0x7c4/0x1700 [ 123.237357] __x64_sys_ioctl+0x19a/0x210 [ 123.237373] do_syscall_64+0x3b/0x90 [ 123.237387] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 123.237404] [ 123.237404] -> #0 ((console_sem).lock){....}-{2:2}: [ 123.237418] __lock_acquire+0x2a02/0x5e70 [ 123.237435] lock_acquire+0x1a2/0x530 [ 123.237451] _raw_spin_lock_irqsave+0x39/0x60 [ 123.237467] down_trylock+0xe/0x70 [ 123.237479] __down_trylock_console_sem+0x3b/0xd0 [ 123.237496] vprintk_emit+0x16b/0x560 [ 123.237513] vprintk+0x84/0xa0 [ 123.237529] _printk+0xba/0xf1 [ 123.237548] report_bug.cold+0x72/0xab [ 123.237561] handle_bug+0x3c/0x70 [ 123.237575] exc_invalid_op+0x14/0x50 [ 123.237588] asm_exc_invalid_op+0x16/0x20 [ 123.237606] group_sched_out.part.0+0x2c7/0x460 [ 123.237616] ctx_sched_out+0x8f1/0xc10 [ 123.237626] __perf_event_task_sched_out+0x6d0/0x18d0 [ 123.237638] __schedule+0xedd/0x2470 [ 123.237648] schedule+0xda/0x1b0 [ 123.237658] futex_wait_queue+0xf5/0x1e0 [ 123.237668] futex_wait+0x28e/0x690 [ 123.237678] do_futex+0x2ff/0x380 [ 123.237686] __x64_sys_futex+0x1c6/0x4d0 [ 123.237696] do_syscall_64+0x3b/0x90 [ 123.237710] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 123.237727] [ 123.237727] other info that might help us debug this: [ 123.237727] [ 123.237730] Chain exists of: [ 123.237730] (console_sem).lock --> &rq->__lock --> &ctx->lock [ 123.237730] [ 123.237745] Possible unsafe locking scenario: [ 123.237745] [ 123.237747] CPU0 CPU1 [ 123.237750] ---- ---- [ 123.237752] lock(&ctx->lock); [ 123.237758] lock(&rq->__lock); [ 123.237764] lock(&ctx->lock); [ 123.237770] lock((console_sem).lock); [ 123.237776] [ 123.237776] *** DEADLOCK *** [ 123.237776] [ 123.237778] 2 locks held by syz-executor.7/3677: [ 123.237785] #0: ffff88806ce37cd8 (&rq->__lock){-.-.}-{2:2}, at: __schedule+0x1cf/0x2470 [ 123.237811] #1: ffff888009844020 (&ctx->lock){....}-{2:2}, at: __perf_event_task_sched_out+0x53b/0x18d0 [ 123.237838] [ 123.237838] stack backtrace: [ 123.237841] CPU: 0 PID: 3677 Comm: syz-executor.7 Not tainted 6.0.0-rc5-next-20220916 #1 [ 123.237854] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 123.237862] Call Trace: [ 123.237870] [ 123.237875] dump_stack_lvl+0x8b/0xb3 [ 123.237891] check_noncircular+0x263/0x2e0 [ 123.237908] ? format_decode+0x26c/0xb50 [ 123.237924] ? print_circular_bug+0x450/0x450 [ 123.237941] ? enable_ptr_key_workfn+0x20/0x20 [ 123.237957] ? format_decode+0x26c/0xb50 [ 123.237973] ? alloc_chain_hlocks+0x1ec/0x5a0 [ 123.237991] __lock_acquire+0x2a02/0x5e70 [ 123.238013] ? lockdep_hardirqs_on_prepare+0x410/0x410 [ 123.238036] lock_acquire+0x1a2/0x530 [ 123.238053] ? down_trylock+0xe/0x70 [ 123.238067] ? rcu_read_unlock+0x40/0x40 [ 123.238089] ? vprintk+0x84/0xa0 [ 123.238107] _raw_spin_lock_irqsave+0x39/0x60 [ 123.238123] ? down_trylock+0xe/0x70 [ 123.238137] down_trylock+0xe/0x70 [ 123.238150] ? vprintk+0x84/0xa0 [ 123.238168] __down_trylock_console_sem+0x3b/0xd0 [ 123.238185] vprintk_emit+0x16b/0x560 [ 123.238205] vprintk+0x84/0xa0 [ 123.238223] _printk+0xba/0xf1 [ 123.238241] ? record_print_text.cold+0x16/0x16 [ 123.238264] ? report_bug.cold+0x66/0xab [ 123.238279] ? group_sched_out.part.0+0x2c7/0x460 [ 123.238291] report_bug.cold+0x72/0xab [ 123.238306] handle_bug+0x3c/0x70 [ 123.238321] exc_invalid_op+0x14/0x50 [ 123.238336] asm_exc_invalid_op+0x16/0x20 [ 123.238354] RIP: 0010:group_sched_out.part.0+0x2c7/0x460 [ 123.238368] Code: 5e 41 5f e9 3b b7 ef ff e8 36 b7 ef ff 65 8b 1d ab 15 ac 7e 31 ff 89 de e8 d6 b3 ef ff 85 db 0f 84 8a 00 00 00 e8 19 b7 ef ff <0f> 0b e9 a5 fe ff ff e8 0d b7 ef ff 48 8d 7d 10 48 b8 00 00 00 00 [ 123.238379] RSP: 0018:ffff888041b278f8 EFLAGS: 00010006 [ 123.238388] RAX: 0000000040000002 RBX: 0000000000000000 RCX: 0000000000000000 [ 123.238396] RDX: ffff88800ffc3580 RSI: ffffffff81566027 RDI: 0000000000000005 [ 123.238404] RBP: ffff888008660000 R08: 0000000000000005 R09: 0000000000000001 [ 123.238411] R10: 0000000000000000 R11: ffffffff865ac01b R12: ffff888009844000 [ 123.238419] R13: ffff88806ce3d100 R14: ffffffff8547c660 R15: 0000000000000002 [ 123.238430] ? group_sched_out.part.0+0x2c7/0x460 [ 123.238443] ? group_sched_out.part.0+0x2c7/0x460 [ 123.238456] ctx_sched_out+0x8f1/0xc10 [ 123.238469] __perf_event_task_sched_out+0x6d0/0x18d0 [ 123.238484] ? lock_is_held_type+0xd7/0x130 [ 123.238504] ? __perf_cgroup_move+0x160/0x160 [ 123.238515] ? set_next_entity+0x304/0x550 [ 123.238536] ? lock_is_held_type+0xd7/0x130 [ 123.238555] __schedule+0xedd/0x2470 [ 123.238569] ? io_schedule_timeout+0x150/0x150 [ 123.238581] ? futex_wait_setup+0x166/0x230 [ 123.238595] schedule+0xda/0x1b0 [ 123.238607] futex_wait_queue+0xf5/0x1e0 [ 123.238619] futex_wait+0x28e/0x690 [ 123.238631] ? futex_wait_setup+0x230/0x230 [ 123.238644] ? wake_up_q+0x8b/0xf0 [ 123.238658] ? do_raw_spin_unlock+0x4f/0x220 [ 123.238678] ? futex_wake+0x158/0x490 [ 123.238694] ? fd_install+0x1f9/0x640 [ 123.238710] do_futex+0x2ff/0x380 [ 123.238721] ? __ia32_compat_sys_get_robust_list+0x3b0/0x3b0 [ 123.238737] __x64_sys_futex+0x1c6/0x4d0 [ 123.238749] ? __x64_sys_futex_time32+0x480/0x480 [ 123.238760] ? trace_rcu_dyntick+0x1a7/0x250 [ 123.238781] ? syscall_enter_from_user_mode+0x1d/0x50 [ 123.238801] ? syscall_enter_from_user_mode+0x1d/0x50 [ 123.238821] do_syscall_64+0x3b/0x90 [ 123.238836] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 123.238855] RIP: 0033:0x7fdddf723b19 [ 123.238863] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 123.238874] RSP: 002b:00007fdddcc99218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 123.238885] RAX: ffffffffffffffda RBX: 00007fdddf836f68 RCX: 00007fdddf723b19 [ 123.238893] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007fdddf836f68 [ 123.238900] RBP: 00007fdddf836f60 R08: 0000000000000000 R09: 0000000000000000 [ 123.238907] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fdddf836f6c [ 123.238914] R13: 00007ffcf2eef5af R14: 00007fdddcc99300 R15: 0000000000022000 [ 123.238927] [ 123.298255] WARNING: CPU: 0 PID: 3677 at kernel/events/core.c:2309 group_sched_out.part.0+0x2c7/0x460 [ 123.298956] Modules linked in: [ 123.299202] CPU: 0 PID: 3677 Comm: syz-executor.7 Not tainted 6.0.0-rc5-next-20220916 #1 [ 123.299809] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 123.300641] RIP: 0010:group_sched_out.part.0+0x2c7/0x460 [ 123.301055] Code: 5e 41 5f e9 3b b7 ef ff e8 36 b7 ef ff 65 8b 1d ab 15 ac 7e 31 ff 89 de e8 d6 b3 ef ff 85 db 0f 84 8a 00 00 00 e8 19 b7 ef ff <0f> 0b e9 a5 fe ff ff e8 0d b7 ef ff 48 8d 7d 10 48 b8 00 00 00 00 [ 123.302415] RSP: 0018:ffff888041b278f8 EFLAGS: 00010006 [ 123.302817] RAX: 0000000040000002 RBX: 0000000000000000 RCX: 0000000000000000 [ 123.303344] RDX: ffff88800ffc3580 RSI: ffffffff81566027 RDI: 0000000000000005 [ 123.303871] RBP: ffff888008660000 R08: 0000000000000005 R09: 0000000000000001 [ 123.304414] R10: 0000000000000000 R11: ffffffff865ac01b R12: ffff888009844000 [ 123.304943] R13: ffff88806ce3d100 R14: ffffffff8547c660 R15: 0000000000000002 [ 123.305483] FS: 00007fdddcc99700(0000) GS:ffff88806ce00000(0000) knlGS:0000000000000000 [ 123.306096] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 123.306528] CR2: 00007fc566ed3368 CR3: 000000001b234000 CR4: 0000000000350ef0 [ 123.307062] Call Trace: [ 123.307256] [ 123.307435] ctx_sched_out+0x8f1/0xc10 [ 123.307736] __perf_event_task_sched_out+0x6d0/0x18d0 [ 123.308136] ? lock_is_held_type+0xd7/0x130 [ 123.308477] ? __perf_cgroup_move+0x160/0x160 [ 123.308814] ? set_next_entity+0x304/0x550 [ 123.309145] ? lock_is_held_type+0xd7/0x130 [ 123.309475] __schedule+0xedd/0x2470 [ 123.309763] ? io_schedule_timeout+0x150/0x150 [ 123.310119] ? futex_wait_setup+0x166/0x230 [ 123.310451] schedule+0xda/0x1b0 [ 123.310717] futex_wait_queue+0xf5/0x1e0 [ 123.311024] futex_wait+0x28e/0x690 [ 123.311313] ? futex_wait_setup+0x230/0x230 [ 123.311640] ? wake_up_q+0x8b/0xf0 [ 123.311908] ? do_raw_spin_unlock+0x4f/0x220 [ 123.312264] ? futex_wake+0x158/0x490 [ 123.312564] ? fd_install+0x1f9/0x640 [ 123.312863] do_futex+0x2ff/0x380 [ 123.313127] ? __ia32_compat_sys_get_robust_list+0x3b0/0x3b0 [ 123.313562] __x64_sys_futex+0x1c6/0x4d0 [ 123.313881] ? __x64_sys_futex_time32+0x480/0x480 [ 123.314244] ? trace_rcu_dyntick+0x1a7/0x250 [ 123.314587] ? syscall_enter_from_user_mode+0x1d/0x50 [ 123.314981] ? syscall_enter_from_user_mode+0x1d/0x50 [ 123.315390] do_syscall_64+0x3b/0x90 [ 123.315677] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 123.316069] RIP: 0033:0x7fdddf723b19 [ 123.316352] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 123.317690] RSP: 002b:00007fdddcc99218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 123.318257] RAX: ffffffffffffffda RBX: 00007fdddf836f68 RCX: 00007fdddf723b19 [ 123.318797] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007fdddf836f68 [ 123.319336] RBP: 00007fdddf836f60 R08: 0000000000000000 R09: 0000000000000000 [ 123.319871] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fdddf836f6c [ 123.320413] R13: 00007ffcf2eef5af R14: 00007fdddcc99300 R15: 0000000000022000 [ 123.320953] [ 123.321136] irq event stamp: 1172 [ 123.321391] hardirqs last enabled at (1171): [] syscall_enter_from_user_mode+0x1d/0x50 [ 123.322126] hardirqs last disabled at (1172): [] __schedule+0x1225/0x2470 [ 123.322761] softirqs last enabled at (878): [] __irq_exit_rcu+0x11b/0x180 [ 123.323403] softirqs last disabled at (871): [] __irq_exit_rcu+0x11b/0x180 [ 123.324041] ---[ end trace 0000000000000000 ]--- 09:20:21 executing program 7: mlock2(&(0x7f0000ff7000/0x4000)=nil, 0x4000, 0x0) shmat(0xffffffffffffffff, &(0x7f0000fed000/0x13000)=nil, 0x0) r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x6}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mmap$perf(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x10, 0xffffffffffffffff, 0x0) shmat(0x0, &(0x7f0000ff6000/0x1000)=nil, 0x0) ioctl$EXT4_IOC_CHECKPOINT(0xffffffffffffffff, 0x4004662b, &(0x7f0000000040)) shmat(0xffffffffffffffff, &(0x7f0000ff2000/0xe000)=nil, 0x5000) r1 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000240), 0x5}, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x41, 0x0) r3 = ioctl$LOOP_CTL_GET_FREE(r2, 0x4c82) perf_event_open(&(0x7f00000001c0)={0x1, 0x80, 0x20, 0x5, 0xdd, 0xda, 0x0, 0x1, 0x24, 0xd, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x3, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x2, 0x4, @perf_bp={&(0x7f0000000180), 0x1}, 0x40, 0x6, 0x9, 0x4, 0x8, 0x2, 0x120, 0x0, 0x401, 0x0, 0xd273}, 0x0, 0xe, r1, 0xc) mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x1000005, 0x40010, 0xffffffffffffffff, 0xf871a000) mmap(&(0x7f0000ffa000/0x1000)=nil, 0x1000, 0xa249147d822ad54f, 0x10, r0, 0xc897d000) perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x9, 0x0, 0x7, 0x11, 0x0, 0x7fff, 0x8000, 0x2, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x2, 0x2, @perf_config_ext={0x6, 0xfff}, 0x40, 0x10001, 0x20, 0x8, 0x73e, 0xffffffff, 0x9, 0x0, 0x9, 0x0, 0x3}, 0x0, 0x9, r0, 0x1) sendmsg$netlink(0xffffffffffffffff, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000340)=ANY=[@ANYBLOB="81e6e50900c238cf2b673b529340d0db76"], 0x1c}], 0x1}, 0x0) ioctl$BTRFS_IOC_DEFAULT_SUBVOL(0xffffffffffffffff, 0x40089413, &(0x7f0000000000)=0x2) ioctl$LOOP_CTL_REMOVE(r2, 0x4c81, r3) ioctl$SNAPSHOT_FREE(0xffffffffffffffff, 0x3305) 09:20:21 executing program 7: mlock2(&(0x7f0000ff7000/0x4000)=nil, 0x4000, 0x0) shmat(0xffffffffffffffff, &(0x7f0000fed000/0x13000)=nil, 0x0) r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x6}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mmap$perf(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x10, 0xffffffffffffffff, 0x0) shmat(0x0, &(0x7f0000ff6000/0x1000)=nil, 0x0) ioctl$EXT4_IOC_CHECKPOINT(0xffffffffffffffff, 0x4004662b, &(0x7f0000000040)) shmat(0xffffffffffffffff, &(0x7f0000ff2000/0xe000)=nil, 0x5000) r1 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000240), 0x5}, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x41, 0x0) r3 = ioctl$LOOP_CTL_GET_FREE(r2, 0x4c82) perf_event_open(&(0x7f00000001c0)={0x1, 0x80, 0x20, 0x5, 0xdd, 0xda, 0x0, 0x1, 0x24, 0xd, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x3, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x2, 0x4, @perf_bp={&(0x7f0000000180), 0x1}, 0x40, 0x6, 0x9, 0x4, 0x8, 0x2, 0x120, 0x0, 0x401, 0x0, 0xd273}, 0x0, 0xe, r1, 0xc) mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x1000005, 0x40010, 0xffffffffffffffff, 0xf871a000) mmap(&(0x7f0000ffa000/0x1000)=nil, 0x1000, 0xa249147d822ad54f, 0x10, r0, 0xc897d000) perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x9, 0x0, 0x7, 0x11, 0x0, 0x7fff, 0x8000, 0x2, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x2, 0x2, @perf_config_ext={0x6, 0xfff}, 0x40, 0x10001, 0x20, 0x8, 0x73e, 0xffffffff, 0x9, 0x0, 0x9, 0x0, 0x3}, 0x0, 0x9, r0, 0x1) sendmsg$netlink(0xffffffffffffffff, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000340)=ANY=[@ANYBLOB="81e6e50900c238cf2b673b529340d0db76"], 0x1c}], 0x1}, 0x0) ioctl$BTRFS_IOC_DEFAULT_SUBVOL(0xffffffffffffffff, 0x40089413, &(0x7f0000000000)=0x2) ioctl$LOOP_CTL_REMOVE(r2, 0x4c81, r3) ioctl$SNAPSHOT_FREE(0xffffffffffffffff, 0x3305) 09:20:21 executing program 7: mlock2(&(0x7f0000ff7000/0x4000)=nil, 0x4000, 0x0) shmat(0xffffffffffffffff, &(0x7f0000fed000/0x13000)=nil, 0x0) r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x6}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mmap$perf(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x10, 0xffffffffffffffff, 0x0) shmat(0x0, &(0x7f0000ff6000/0x1000)=nil, 0x0) ioctl$EXT4_IOC_CHECKPOINT(0xffffffffffffffff, 0x4004662b, &(0x7f0000000040)) shmat(0xffffffffffffffff, &(0x7f0000ff2000/0xe000)=nil, 0x5000) r1 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000240), 0x5}, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x41, 0x0) r3 = ioctl$LOOP_CTL_GET_FREE(r2, 0x4c82) perf_event_open(&(0x7f00000001c0)={0x1, 0x80, 0x20, 0x5, 0xdd, 0xda, 0x0, 0x1, 0x24, 0xd, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x3, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x2, 0x4, @perf_bp={&(0x7f0000000180), 0x1}, 0x40, 0x6, 0x9, 0x4, 0x8, 0x2, 0x120, 0x0, 0x401, 0x0, 0xd273}, 0x0, 0xe, r1, 0xc) mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x1000005, 0x40010, 0xffffffffffffffff, 0xf871a000) mmap(&(0x7f0000ffa000/0x1000)=nil, 0x1000, 0xa249147d822ad54f, 0x10, r0, 0xc897d000) perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x9, 0x0, 0x7, 0x11, 0x0, 0x7fff, 0x8000, 0x2, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x2, 0x2, @perf_config_ext={0x6, 0xfff}, 0x40, 0x10001, 0x20, 0x8, 0x73e, 0xffffffff, 0x9, 0x0, 0x9, 0x0, 0x3}, 0x0, 0x9, r0, 0x1) sendmsg$netlink(0xffffffffffffffff, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000340)=ANY=[@ANYBLOB="81e6e50900c238cf2b673b529340d0db76"], 0x1c}], 0x1}, 0x0) ioctl$BTRFS_IOC_DEFAULT_SUBVOL(0xffffffffffffffff, 0x40089413, &(0x7f0000000000)=0x2) ioctl$LOOP_CTL_REMOVE(r2, 0x4c81, r3) ioctl$SNAPSHOT_FREE(0xffffffffffffffff, 0x3305) 09:20:21 executing program 7: mlock2(&(0x7f0000ff7000/0x4000)=nil, 0x4000, 0x0) shmat(0xffffffffffffffff, &(0x7f0000fed000/0x13000)=nil, 0x0) r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x6}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mmap$perf(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x10, 0xffffffffffffffff, 0x0) shmat(0x0, &(0x7f0000ff6000/0x1000)=nil, 0x0) ioctl$EXT4_IOC_CHECKPOINT(0xffffffffffffffff, 0x4004662b, &(0x7f0000000040)) shmat(0xffffffffffffffff, &(0x7f0000ff2000/0xe000)=nil, 0x5000) r1 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000240), 0x5}, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x41, 0x0) r3 = ioctl$LOOP_CTL_GET_FREE(r2, 0x4c82) perf_event_open(&(0x7f00000001c0)={0x1, 0x80, 0x20, 0x5, 0xdd, 0xda, 0x0, 0x1, 0x24, 0xd, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x3, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x2, 0x4, @perf_bp={&(0x7f0000000180), 0x1}, 0x40, 0x6, 0x9, 0x4, 0x8, 0x2, 0x120, 0x0, 0x401, 0x0, 0xd273}, 0x0, 0xe, r1, 0xc) mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x1000005, 0x40010, 0xffffffffffffffff, 0xf871a000) mmap(&(0x7f0000ffa000/0x1000)=nil, 0x1000, 0xa249147d822ad54f, 0x10, r0, 0xc897d000) perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x9, 0x0, 0x7, 0x11, 0x0, 0x7fff, 0x8000, 0x2, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x2, 0x2, @perf_config_ext={0x6, 0xfff}, 0x40, 0x10001, 0x20, 0x8, 0x73e, 0xffffffff, 0x9, 0x0, 0x9, 0x0, 0x3}, 0x0, 0x9, r0, 0x1) sendmsg$netlink(0xffffffffffffffff, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000340)=ANY=[@ANYBLOB="81e6e50900c238cf2b673b529340d0db76"], 0x1c}], 0x1}, 0x0) ioctl$BTRFS_IOC_DEFAULT_SUBVOL(0xffffffffffffffff, 0x40089413, &(0x7f0000000000)=0x2) ioctl$LOOP_CTL_REMOVE(r2, 0x4c81, r3) ioctl$SNAPSHOT_FREE(0xffffffffffffffff, 0x3305) 09:20:22 executing program 7: mlock2(&(0x7f0000ff7000/0x4000)=nil, 0x4000, 0x0) shmat(0xffffffffffffffff, &(0x7f0000fed000/0x13000)=nil, 0x0) r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x6}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mmap$perf(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x10, 0xffffffffffffffff, 0x0) shmat(0x0, &(0x7f0000ff6000/0x1000)=nil, 0x0) ioctl$EXT4_IOC_CHECKPOINT(0xffffffffffffffff, 0x4004662b, &(0x7f0000000040)) shmat(0xffffffffffffffff, &(0x7f0000ff2000/0xe000)=nil, 0x5000) r1 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000240), 0x5}, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x41, 0x0) r3 = ioctl$LOOP_CTL_GET_FREE(r2, 0x4c82) perf_event_open(&(0x7f00000001c0)={0x1, 0x80, 0x20, 0x5, 0xdd, 0xda, 0x0, 0x1, 0x24, 0xd, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x3, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x2, 0x4, @perf_bp={&(0x7f0000000180), 0x1}, 0x40, 0x6, 0x9, 0x4, 0x8, 0x2, 0x120, 0x0, 0x401, 0x0, 0xd273}, 0x0, 0xe, r1, 0xc) mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x1000005, 0x40010, 0xffffffffffffffff, 0xf871a000) mmap(&(0x7f0000ffa000/0x1000)=nil, 0x1000, 0xa249147d822ad54f, 0x10, r0, 0xc897d000) perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x9, 0x0, 0x7, 0x11, 0x0, 0x7fff, 0x8000, 0x2, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x2, 0x2, @perf_config_ext={0x6, 0xfff}, 0x40, 0x10001, 0x20, 0x8, 0x73e, 0xffffffff, 0x9, 0x0, 0x9, 0x0, 0x3}, 0x0, 0x9, r0, 0x1) sendmsg$netlink(0xffffffffffffffff, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000340)=ANY=[@ANYBLOB="81e6e50900c238cf2b673b529340d0db76"], 0x1c}], 0x1}, 0x0) ioctl$BTRFS_IOC_DEFAULT_SUBVOL(0xffffffffffffffff, 0x40089413, &(0x7f0000000000)=0x2) ioctl$LOOP_CTL_REMOVE(r2, 0x4c81, r3) ioctl$SNAPSHOT_FREE(0xffffffffffffffff, 0x3305) VM DIAGNOSIS: 09:20:21 Registers: info registers vcpu 0 RAX=000000000000005b RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff822b3251 RDI=ffffffff87641ba0 RBP=ffffffff87641b60 RSP=ffff888041b27348 R8 =0000000000000001 R9 =000000000000000a R10=000000000000005b R11=0000000000000001 R12=000000000000005b R13=ffffffff87641b60 R14=0000000000000010 R15=ffffffff822b3240 RIP=ffffffff822b32a9 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 00007fdddcc99700 00000000 00000000 GS =0000 ffff88806ce00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007fc566ed3368 CR3=000000001b234000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 YMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM01=0000000000000000 0000000000000000 00007fdddf80a7c0 00007fdddf80a7c8 YMM02=0000000000000000 0000000000000000 00007fdddf80a7e0 00007fdddf80a7c0 YMM03=0000000000000000 0000000000000000 00007fdddf80a7c8 00007fdddf80a7c0 YMM04=0000000000000000 0000000000000000 ffffffffffffffff ffffffff00000000 YMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM06=0000000000000000 0000000000000000 0000000000000000 000000524f525245 YMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM08=0000000000000000 0000000000000000 0000000000000000 00524f5252450040 YMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 RAX=dffffc0000000000 RBX=ffffffff8135b390 RCX=0000000000000000 RDX=1ffff11008363e85 RSI=ffffffff816c0790 RDI=ffff888041b1f428 RBP=ffff888041b1f4c0 RSP=ffff888041b1f3f0 R8 =ffffffff85ebfbb6 R9 =ffffffff85ebfbba R10=ffffed1008363e92 R11=ffff888041b1f468 R12=ffff888041b1f4f0 R13=0000000000000000 R14=ffff888041b1f428 R15=0000000000000dc0 RIP=ffffffff8111b2ee RFL=00000212 [----A--] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 0000000000000000 00000000 00000000 GS =0000 ffff88806cf00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007fa3413b21f0 CR3=000000001f4e6000 CR4=00350ee0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 YMM00=0000000000000000 0000000000000000 756e696c2d34365f 3638782f62696c2f YMM01=0000000000000000 0000000000000000 6461657268747062 696c2f756e672d78 YMM02=0000000000000000 0000000000000000 00302e6f732e6461 657268747062696c YMM03=0000000000000000 0000000000000000 2f756e672d78756e 696c2d34365f3638 YMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000