Warning: Permanently added '[localhost]:4723' (ECDSA) to the list of known hosts. 2022/09/12 18:31:02 fuzzer started 2022/09/12 18:31:02 dialing manager at localhost:38027 syzkaller login: [ 42.566234] cgroup: Unknown subsys name 'net' [ 42.663252] cgroup: Unknown subsys name 'rlimit' 2022/09/12 18:31:16 syscalls: 2215 2022/09/12 18:31:16 code coverage: enabled 2022/09/12 18:31:16 comparison tracing: enabled 2022/09/12 18:31:16 extra coverage: enabled 2022/09/12 18:31:16 setuid sandbox: enabled 2022/09/12 18:31:16 namespace sandbox: enabled 2022/09/12 18:31:16 Android sandbox: enabled 2022/09/12 18:31:16 fault injection: enabled 2022/09/12 18:31:16 leak checking: enabled 2022/09/12 18:31:16 net packet injection: enabled 2022/09/12 18:31:16 net device setup: enabled 2022/09/12 18:31:16 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2022/09/12 18:31:16 devlink PCI setup: PCI device 0000:00:10.0 is not available 2022/09/12 18:31:16 USB emulation: enabled 2022/09/12 18:31:16 hci packet injection: enabled 2022/09/12 18:31:16 wifi device emulation: failed to parse kernel version (6.0.0-rc5-next-20220912) 2022/09/12 18:31:16 802.15.4 emulation: enabled 2022/09/12 18:31:16 fetching corpus: 0, signal 0/2000 (executing program) 2022/09/12 18:31:17 fetching corpus: 50, signal 36165/39628 (executing program) 2022/09/12 18:31:17 fetching corpus: 100, signal 51659/56543 (executing program) 2022/09/12 18:31:17 fetching corpus: 150, signal 63316/69472 (executing program) 2022/09/12 18:31:17 fetching corpus: 200, signal 70184/77625 (executing program) 2022/09/12 18:31:17 fetching corpus: 250, signal 76120/84755 (executing program) 2022/09/12 18:31:17 fetching corpus: 300, signal 81160/90972 (executing program) 2022/09/12 18:31:17 fetching corpus: 350, signal 85989/96876 (executing program) 2022/09/12 18:31:18 fetching corpus: 400, signal 90396/102346 (executing program) 2022/09/12 18:31:18 fetching corpus: 450, signal 98988/111687 (executing program) 2022/09/12 18:31:18 fetching corpus: 498, signal 102825/116480 (executing program) 2022/09/12 18:31:18 fetching corpus: 548, signal 107607/122114 (executing program) 2022/09/12 18:31:18 fetching corpus: 598, signal 110005/125520 (executing program) 2022/09/12 18:31:18 fetching corpus: 648, signal 112225/128701 (executing program) 2022/09/12 18:31:18 fetching corpus: 697, signal 115151/132438 (executing program) 2022/09/12 18:31:18 fetching corpus: 747, signal 117612/135750 (executing program) 2022/09/12 18:31:19 fetching corpus: 797, signal 120026/139031 (executing program) 2022/09/12 18:31:19 fetching corpus: 847, signal 122850/142659 (executing program) 2022/09/12 18:31:19 fetching corpus: 896, signal 125128/145688 (executing program) 2022/09/12 18:31:19 fetching corpus: 946, signal 127174/148512 (executing program) 2022/09/12 18:31:19 fetching corpus: 996, signal 128527/150757 (executing program) 2022/09/12 18:31:19 fetching corpus: 1046, signal 130272/153330 (executing program) 2022/09/12 18:31:19 fetching corpus: 1096, signal 131891/155734 (executing program) 2022/09/12 18:31:19 fetching corpus: 1146, signal 134607/159053 (executing program) 2022/09/12 18:31:19 fetching corpus: 1196, signal 136794/161860 (executing program) 2022/09/12 18:31:20 fetching corpus: 1246, signal 138760/164494 (executing program) 2022/09/12 18:31:20 fetching corpus: 1295, signal 140928/167286 (executing program) 2022/09/12 18:31:20 fetching corpus: 1345, signal 142213/169242 (executing program) 2022/09/12 18:31:20 fetching corpus: 1395, signal 144457/171979 (executing program) 2022/09/12 18:31:20 fetching corpus: 1445, signal 146683/174665 (executing program) 2022/09/12 18:31:20 fetching corpus: 1495, signal 149114/177482 (executing program) 2022/09/12 18:31:20 fetching corpus: 1545, signal 150670/179568 (executing program) 2022/09/12 18:31:21 fetching corpus: 1595, signal 152168/181585 (executing program) 2022/09/12 18:31:21 fetching corpus: 1645, signal 153990/183871 (executing program) 2022/09/12 18:31:21 fetching corpus: 1695, signal 155965/186225 (executing program) 2022/09/12 18:31:21 fetching corpus: 1745, signal 157247/188050 (executing program) 2022/09/12 18:31:21 fetching corpus: 1795, signal 158754/190010 (executing program) 2022/09/12 18:31:21 fetching corpus: 1845, signal 160719/192319 (executing program) 2022/09/12 18:31:21 fetching corpus: 1894, signal 161919/194032 (executing program) 2022/09/12 18:31:22 fetching corpus: 1943, signal 162934/195580 (executing program) 2022/09/12 18:31:22 fetching corpus: 1992, signal 164575/197530 (executing program) 2022/09/12 18:31:22 fetching corpus: 2040, signal 166130/199477 (executing program) 2022/09/12 18:31:22 fetching corpus: 2090, signal 167503/201225 (executing program) 2022/09/12 18:31:22 fetching corpus: 2140, signal 169353/203272 (executing program) 2022/09/12 18:31:22 fetching corpus: 2190, signal 170975/205098 (executing program) 2022/09/12 18:31:23 fetching corpus: 2240, signal 172619/206960 (executing program) 2022/09/12 18:31:23 fetching corpus: 2290, signal 174141/208699 (executing program) 2022/09/12 18:31:23 fetching corpus: 2340, signal 175426/210292 (executing program) 2022/09/12 18:31:23 fetching corpus: 2390, signal 176855/211952 (executing program) 2022/09/12 18:31:23 fetching corpus: 2440, signal 178007/213380 (executing program) 2022/09/12 18:31:23 fetching corpus: 2490, signal 179296/215001 (executing program) 2022/09/12 18:31:24 fetching corpus: 2540, signal 180036/216199 (executing program) 2022/09/12 18:31:24 fetching corpus: 2590, signal 180779/217365 (executing program) 2022/09/12 18:31:24 fetching corpus: 2640, signal 181736/218665 (executing program) 2022/09/12 18:31:24 fetching corpus: 2690, signal 182504/219800 (executing program) 2022/09/12 18:31:24 fetching corpus: 2740, signal 183197/220895 (executing program) 2022/09/12 18:31:24 fetching corpus: 2789, signal 184410/222273 (executing program) 2022/09/12 18:31:24 fetching corpus: 2839, signal 185411/223515 (executing program) 2022/09/12 18:31:24 fetching corpus: 2889, signal 186277/224691 (executing program) 2022/09/12 18:31:25 fetching corpus: 2939, signal 187525/226041 (executing program) 2022/09/12 18:31:25 fetching corpus: 2989, signal 188336/227193 (executing program) 2022/09/12 18:31:25 fetching corpus: 3039, signal 190034/228850 (executing program) 2022/09/12 18:31:25 fetching corpus: 3089, signal 190931/229978 (executing program) 2022/09/12 18:31:25 fetching corpus: 3139, signal 191995/231122 (executing program) 2022/09/12 18:31:25 fetching corpus: 3189, signal 192587/232039 (executing program) 2022/09/12 18:31:25 fetching corpus: 3239, signal 193691/233286 (executing program) 2022/09/12 18:31:25 fetching corpus: 3289, signal 194455/234283 (executing program) 2022/09/12 18:31:26 fetching corpus: 3339, signal 195166/235254 (executing program) 2022/09/12 18:31:26 fetching corpus: 3389, signal 196127/236369 (executing program) 2022/09/12 18:31:26 fetching corpus: 3439, signal 196761/237283 (executing program) 2022/09/12 18:31:26 fetching corpus: 3489, signal 197992/238470 (executing program) 2022/09/12 18:31:26 fetching corpus: 3539, signal 199295/239628 (executing program) 2022/09/12 18:31:26 fetching corpus: 3589, signal 200586/240815 (executing program) 2022/09/12 18:31:27 fetching corpus: 3639, signal 201438/241762 (executing program) 2022/09/12 18:31:27 fetching corpus: 3688, signal 203284/243171 (executing program) 2022/09/12 18:31:27 fetching corpus: 3738, signal 204097/244090 (executing program) 2022/09/12 18:31:27 fetching corpus: 3788, signal 205055/245057 (executing program) 2022/09/12 18:31:27 fetching corpus: 3838, signal 205924/245948 (executing program) 2022/09/12 18:31:27 fetching corpus: 3888, signal 206986/246938 (executing program) 2022/09/12 18:31:27 fetching corpus: 3938, signal 207581/247715 (executing program) 2022/09/12 18:31:27 fetching corpus: 3988, signal 208409/248547 (executing program) 2022/09/12 18:31:28 fetching corpus: 4038, signal 209218/249411 (executing program) 2022/09/12 18:31:28 fetching corpus: 4088, signal 210009/250185 (executing program) 2022/09/12 18:31:28 fetching corpus: 4138, signal 210937/251007 (executing program) 2022/09/12 18:31:28 fetching corpus: 4188, signal 211540/251709 (executing program) 2022/09/12 18:31:28 fetching corpus: 4238, signal 212210/252473 (executing program) 2022/09/12 18:31:28 fetching corpus: 4288, signal 212879/253231 (executing program) 2022/09/12 18:31:28 fetching corpus: 4338, signal 213817/254068 (executing program) 2022/09/12 18:31:29 fetching corpus: 4388, signal 214534/254745 (executing program) 2022/09/12 18:31:29 fetching corpus: 4438, signal 215197/255460 (executing program) 2022/09/12 18:31:29 fetching corpus: 4488, signal 215712/256079 (executing program) 2022/09/12 18:31:29 fetching corpus: 4538, signal 216179/256694 (executing program) 2022/09/12 18:31:29 fetching corpus: 4588, signal 216906/257402 (executing program) 2022/09/12 18:31:29 fetching corpus: 4638, signal 217843/258146 (executing program) 2022/09/12 18:31:29 fetching corpus: 4688, signal 218456/258796 (executing program) 2022/09/12 18:31:29 fetching corpus: 4738, signal 219366/259490 (executing program) 2022/09/12 18:31:30 fetching corpus: 4788, signal 220329/260213 (executing program) 2022/09/12 18:31:30 fetching corpus: 4838, signal 221208/260867 (executing program) 2022/09/12 18:31:30 fetching corpus: 4888, signal 221706/261391 (executing program) 2022/09/12 18:31:30 fetching corpus: 4937, signal 222261/261966 (executing program) 2022/09/12 18:31:30 fetching corpus: 4987, signal 223087/262561 (executing program) 2022/09/12 18:31:30 fetching corpus: 5037, signal 223797/263127 (executing program) 2022/09/12 18:31:30 fetching corpus: 5087, signal 224504/263679 (executing program) 2022/09/12 18:31:30 fetching corpus: 5137, signal 225108/264178 (executing program) 2022/09/12 18:31:31 fetching corpus: 5187, signal 225860/264730 (executing program) 2022/09/12 18:31:31 fetching corpus: 5237, signal 226329/265223 (executing program) 2022/09/12 18:31:31 fetching corpus: 5287, signal 226763/265692 (executing program) 2022/09/12 18:31:31 fetching corpus: 5337, signal 227359/266197 (executing program) 2022/09/12 18:31:31 fetching corpus: 5387, signal 227911/266682 (executing program) 2022/09/12 18:31:31 fetching corpus: 5437, signal 228343/267134 (executing program) 2022/09/12 18:31:31 fetching corpus: 5487, signal 228923/267608 (executing program) 2022/09/12 18:31:31 fetching corpus: 5537, signal 229521/268063 (executing program) 2022/09/12 18:31:32 fetching corpus: 5587, signal 230072/268502 (executing program) 2022/09/12 18:31:32 fetching corpus: 5637, signal 230671/268995 (executing program) 2022/09/12 18:31:32 fetching corpus: 5687, signal 231141/269426 (executing program) 2022/09/12 18:31:32 fetching corpus: 5737, signal 231578/269849 (executing program) 2022/09/12 18:31:32 fetching corpus: 5787, signal 232001/270273 (executing program) 2022/09/12 18:31:32 fetching corpus: 5837, signal 232740/270671 (executing program) 2022/09/12 18:31:32 fetching corpus: 5887, signal 233166/271086 (executing program) 2022/09/12 18:31:32 fetching corpus: 5937, signal 233769/271488 (executing program) 2022/09/12 18:31:33 fetching corpus: 5987, signal 234377/271867 (executing program) 2022/09/12 18:31:33 fetching corpus: 6037, signal 235029/272295 (executing program) 2022/09/12 18:31:33 fetching corpus: 6087, signal 235678/272683 (executing program) 2022/09/12 18:31:33 fetching corpus: 6137, signal 236380/273050 (executing program) 2022/09/12 18:31:33 fetching corpus: 6187, signal 237279/273410 (executing program) 2022/09/12 18:31:33 fetching corpus: 6237, signal 237640/273724 (executing program) 2022/09/12 18:31:34 fetching corpus: 6287, signal 238416/274079 (executing program) 2022/09/12 18:31:34 fetching corpus: 6337, signal 239007/274434 (executing program) 2022/09/12 18:31:34 fetching corpus: 6387, signal 239781/274758 (executing program) 2022/09/12 18:31:34 fetching corpus: 6437, signal 240211/275022 (executing program) 2022/09/12 18:31:34 fetching corpus: 6487, signal 240624/275304 (executing program) 2022/09/12 18:31:34 fetching corpus: 6537, signal 241240/275642 (executing program) 2022/09/12 18:31:34 fetching corpus: 6587, signal 241934/275907 (executing program) 2022/09/12 18:31:34 fetching corpus: 6637, signal 242374/276201 (executing program) 2022/09/12 18:31:35 fetching corpus: 6687, signal 242779/276485 (executing program) 2022/09/12 18:31:35 fetching corpus: 6737, signal 243295/276494 (executing program) 2022/09/12 18:31:35 fetching corpus: 6787, signal 243750/276514 (executing program) 2022/09/12 18:31:35 fetching corpus: 6837, signal 244194/276526 (executing program) 2022/09/12 18:31:35 fetching corpus: 6887, signal 244567/276527 (executing program) 2022/09/12 18:31:35 fetching corpus: 6937, signal 245205/276563 (executing program) 2022/09/12 18:31:35 fetching corpus: 6987, signal 245603/276572 (executing program) 2022/09/12 18:31:35 fetching corpus: 7037, signal 246159/276580 (executing program) 2022/09/12 18:31:35 fetching corpus: 7087, signal 246626/276626 (executing program) 2022/09/12 18:31:36 fetching corpus: 7137, signal 247024/276667 (executing program) 2022/09/12 18:31:36 fetching corpus: 7187, signal 247682/276673 (executing program) 2022/09/12 18:31:36 fetching corpus: 7237, signal 248197/276701 (executing program) 2022/09/12 18:31:36 fetching corpus: 7287, signal 248966/276771 (executing program) 2022/09/12 18:31:36 fetching corpus: 7337, signal 249438/276777 (executing program) 2022/09/12 18:31:36 fetching corpus: 7387, signal 249819/276780 (executing program) 2022/09/12 18:31:36 fetching corpus: 7437, signal 250159/276795 (executing program) 2022/09/12 18:31:37 fetching corpus: 7487, signal 250679/276864 (executing program) 2022/09/12 18:31:37 fetching corpus: 7537, signal 251147/276865 (executing program) 2022/09/12 18:31:37 fetching corpus: 7586, signal 251577/276873 (executing program) 2022/09/12 18:31:37 fetching corpus: 7636, signal 252234/276906 (executing program) 2022/09/12 18:31:37 fetching corpus: 7686, signal 252822/276907 (executing program) 2022/09/12 18:31:37 fetching corpus: 7735, signal 253180/276942 (executing program) 2022/09/12 18:31:37 fetching corpus: 7785, signal 253544/276952 (executing program) 2022/09/12 18:31:37 fetching corpus: 7835, signal 253884/276956 (executing program) 2022/09/12 18:31:38 fetching corpus: 7885, signal 254282/276974 (executing program) 2022/09/12 18:31:38 fetching corpus: 7935, signal 254853/276992 (executing program) 2022/09/12 18:31:38 fetching corpus: 7985, signal 255529/276995 (executing program) 2022/09/12 18:31:38 fetching corpus: 8035, signal 256024/276999 (executing program) 2022/09/12 18:31:38 fetching corpus: 8085, signal 256474/277055 (executing program) 2022/09/12 18:31:38 fetching corpus: 8135, signal 256854/277092 (executing program) 2022/09/12 18:31:38 fetching corpus: 8185, signal 257168/277094 (executing program) 2022/09/12 18:31:39 fetching corpus: 8235, signal 257634/277138 (executing program) 2022/09/12 18:31:39 fetching corpus: 8285, signal 258076/277141 (executing program) 2022/09/12 18:31:39 fetching corpus: 8335, signal 258346/277142 (executing program) 2022/09/12 18:31:39 fetching corpus: 8385, signal 258985/277181 (executing program) 2022/09/12 18:31:39 fetching corpus: 8435, signal 259595/277216 (executing program) 2022/09/12 18:31:39 fetching corpus: 8485, signal 260129/277234 (executing program) 2022/09/12 18:31:39 fetching corpus: 8535, signal 260558/277262 (executing program) 2022/09/12 18:31:40 fetching corpus: 8585, signal 261078/277276 (executing program) 2022/09/12 18:31:40 fetching corpus: 8635, signal 261469/277311 (executing program) 2022/09/12 18:31:40 fetching corpus: 8685, signal 261645/277331 (executing program) 2022/09/12 18:31:40 fetching corpus: 8735, signal 262133/277373 (executing program) 2022/09/12 18:31:40 fetching corpus: 8785, signal 262788/277374 (executing program) 2022/09/12 18:31:40 fetching corpus: 8835, signal 263379/277380 (executing program) 2022/09/12 18:31:40 fetching corpus: 8885, signal 263725/277399 (executing program) 2022/09/12 18:31:41 fetching corpus: 8935, signal 264193/277402 (executing program) 2022/09/12 18:31:41 fetching corpus: 8985, signal 264597/277414 (executing program) 2022/09/12 18:31:41 fetching corpus: 9035, signal 265083/277504 (executing program) 2022/09/12 18:31:41 fetching corpus: 9085, signal 265445/277515 (executing program) 2022/09/12 18:31:41 fetching corpus: 9135, signal 266279/277518 (executing program) 2022/09/12 18:31:41 fetching corpus: 9166, signal 266516/277525 (executing program) 2022/09/12 18:31:41 fetching corpus: 9166, signal 266516/277525 (executing program) 2022/09/12 18:31:43 starting 8 fuzzer processes 18:31:43 executing program 3: pipe2(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) r2 = epoll_create(0x7fc0000) close(r0) epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r1, &(0x7f0000001300)) 18:31:43 executing program 1: r0 = socket$packet(0x11, 0x3, 0x300) socket$packet(0x11, 0x2, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000040)={0x0, 0x8000}, 0x4) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = socket$nl_audit(0x10, 0x3, 0x9) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000340)={'sit0\x00', 0x0}) sendmsg$inet(r1, &(0x7f0000000780)={&(0x7f0000000000)={0x2, 0x0, @local}, 0x10, &(0x7f00000003c0)=[{&(0x7f0000000300)="6fb9", 0xffeb}], 0x1, &(0x7f0000000700)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {r3, @remote, @broadcast}}}], 0x20}, 0x0) 18:31:43 executing program 2: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$sock_int(r0, 0x1, 0x1b, &(0x7f00000000c0), 0x4) 18:31:43 executing program 0: syz_mount_image$tmpfs(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000380)={[{@size={'size', 0x3d, [0x74]}}, {@mode}]}) 18:31:43 executing program 5: mkdir(&(0x7f0000003b80)='./file0\x00', 0xcc142d1502f486bf) r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x4, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8001}, 0x0, 0xffffffffffffffff, r0, 0x0) r1 = syz_open_dev$tty20(0xc, 0x4, 0x0) ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f0000000100)=0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r2, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r3 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r3, 0xc0481273, &(0x7f0000000000)={'\x00', 0x0, 0x1, 0xd6c2}) ioctl$SCSI_IOCTL_DOORLOCK(r3, 0x5380) ioctl$BLKTRACETEARDOWN(r3, 0x1276, 0x0) ioctl$BLKTRACESETUP(r3, 0xc0481273, &(0x7f0000000340)={'\x00', 0x80, 0x3f, 0x7fffffff, 0x0, 0x2, r2}) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) vmsplice(r4, &(0x7f0000000100)=[{&(0x7f0000000140)="84", 0x20000141}], 0x1, 0x0) ioctl$sock_inet6_tcp_SIOCINQ(r4, 0x541b, &(0x7f0000000080)) perf_event_open(&(0x7f0000000000)={0x3, 0x80, 0x1f, 0x7f, 0xf4, 0x1, 0x0, 0x7, 0xa012, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x75c, 0x2, @perf_config_ext={0x200, 0x7}, 0x10000, 0x4, 0x1f, 0x1c, 0xffff, 0x7, 0x200, 0x0, 0xff, 0x0, 0x3f}, r2, 0xb, r4, 0x8) perf_event_open(0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0x1) ioctl$AUTOFS_DEV_IOCTL_PROTOVER(0xffffffffffffffff, 0xc0189372, &(0x7f0000000400)=ANY=[@ANYBLOB="014000000100e44b1e71800477c0d5f35de1000018000000aab8aebe132cfb322f7743fb518b91d3", @ANYRES32=r1, @ANYBLOB="010065301b00000000009c8171e485448f6ca606219c6185654472ef8b69a298877cf49f7fdc3148695a95a795560a6e9cc95853cc67ead84137b1e17712996d52dd67ac9255027a9cbc072d9c8ccfb65673a23f383261cb2ef644cdba8d9a07837ff58163db5b32"]) socket$packet(0x11, 0x3, 0x300) 18:31:43 executing program 4: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = memfd_create(&(0x7f0000000400)='B\xdb/\x89\x03l\xdeb\xcb\xb54\xed\xbeLY\xb5Z\xe1\x12S\xf5G\xcc\xf3\xe9\x02h\v\xca(\x96\xe1C\xdf\x1c\xea\x85C\xfb\x10\x13\xfa\x03\x16\xcd\x17\xa2\x80\xa1z\xb4r\x95\xc3@\x9d\xa6\xf1\x92#}g\xd3`\xf7\xcez\xcb\xb3\x1a\xbb\xc48e\x8e\xb1&\xd1\x8a\xe6!\x7f\x8d\xea,qx\xa28\xbf\"\xc7e\x06L\xb06\xeb<$\xd7\xba\xe5\x01\x03\x94r\xab\xd4J\x03s\xaf\xf6A\xbfV\xfa\x1ew\x8d\xbf\x99I\x97\xd8\xd2\xe8\x11\xc4\x04\x00\x84\xd5i\xee\xaf\xae[E\x1f\xdd\xd7#rT+\xb621p\xaf[\x99\" 1\xeb\xc7)\xd2\x1dh\xf2\xd5s\xfd?\fa>\x9f;\xe5r\xe5\xbd\xb0|=\x8eZcPY\xf8\xbd\x13\xaa\x8b\xdf\xbc\x93u\xd5\xb0r\xfb\xde\xe7\xd9k\xe2\xc6\x1b\xf2o@&>\xf2M\xe7\x8c\xeb\xee\xf5\x02~\x85\x14\xf3\xc6v\xf15PE\x8c\xca\x16$\xc2\x01#\xb563\rbq\xbf64\xfaW\x17\xdfa\xe6\xca\x86\xd7\xf8\x81X\x9bg4\xc1\xdam\xcf=Rq6\xb0\xd4D=I\x1a\x0e\xd0\xabz\xe2\x19\x0fM\xad\xdco\xa4\xb2\x8c?\xc1\x10\xf273\xd00\xb3_\xe8\x9a*\xfcL\xea;\xc0\x9a\xdbx!N;\xb5x\t\xa4E\xbe\x93r\x04\xf5\xf0\xf5\x7f\x9a)\xf5\x1b\"\xa1\xd8\x06>\xc9\xe2r\xe9\xbb\xfe\xc0\b\x81\x98\x1c\xe2\xe0?\x8f\xa1\xbel\aN\x83@\xb1\x03)4A\x83\xd6\xcf\xf6\xb5\x82\xb7\x9dA\b$\xa2x\x8a@\xfaj~\xef\x93\xb1/L\x01\xe2\xba|\xf0\x01)PP\xcdl\x06\xfc\x15;qZ\xb1u\xc9\xd0\xd16~JEGm\xe4\x1e@\x9dG\xe4@\xdf\xba\'\x8b\x1cD\xc7\xec\xd1@}tR\xd9P\xf4N\xe3\xd8x\xa0\x91\x17\xc2}\x13\b\xca\t(Z\xa3_\xa1\x90\x15T\xa4\xe7%\x98\xa7\xfb\x8bp/eq\x93\xbf\x1f =|\xf3\xb1\xfcR\xd8\nM,\xcb%@\'\x15\x88\xd8\xad\f\x91|\x95\x8fq+\x98\x81W\xba\x9f\xe0elOt\xbd\by\r\x87\x1c\xba\xbd\x8e+S>\xb8\xe29\x91h^x\xfb`\x00\xdd/\xa6\xb1\x16=\xa1bw\xc5I\xb1\x00'/549, 0x0) pwritev2(r0, 0x0, 0x0, 0x0, 0x0, 0x0) 18:31:43 executing program 6: execveat(0xffffffffffffffff, &(0x7f0000000200)='./file0\x00', 0xfffffffffffffffc, 0x0, 0x0) [ 83.487941] audit: type=1400 audit(1663007503.936:6): avc: denied { execmem } for pid=285 comm="syz-executor.1" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1 18:31:43 executing program 7: r0 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @loopback}, 0x1c) connect$inet6(r0, &(0x7f0000000600)={0xa, 0x0, 0x0, @empty}, 0x1c) [ 84.761264] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 84.762569] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 84.763498] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 84.765090] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 84.766121] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 84.766960] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 84.769800] Bluetooth: hci1: HCI_REQ-0x0c1a [ 84.776825] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 84.778191] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 84.779475] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 84.780382] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 84.781866] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 84.782706] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 84.783815] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 84.784767] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 84.787252] Bluetooth: hci0: HCI_REQ-0x0c1a [ 84.793122] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 84.795352] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 84.801439] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 84.804964] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 84.806794] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 84.808690] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 84.810561] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 84.817446] Bluetooth: hci2: HCI_REQ-0x0c1a [ 84.817619] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 84.829256] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 84.830698] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 84.833833] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 84.836203] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 84.836593] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 84.838228] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 84.840763] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 84.842645] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 84.844465] Bluetooth: hci3: HCI_REQ-0x0c1a [ 84.846568] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 84.851199] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 84.851970] Bluetooth: hci5: HCI_REQ-0x0c1a [ 84.852603] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 84.856001] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 84.858180] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 84.870789] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 84.871660] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 84.878226] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 84.878893] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 84.905788] Bluetooth: hci4: HCI_REQ-0x0c1a [ 84.906358] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 84.984017] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 84.990327] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 85.011117] Bluetooth: hci6: HCI_REQ-0x0c1a [ 86.773790] Bluetooth: hci1: command 0x0409 tx timeout [ 86.837183] Bluetooth: hci2: command 0x0409 tx timeout [ 86.837215] Bluetooth: hci7: Opcode 0x c03 failed: -110 [ 86.839003] Bluetooth: hci0: command 0x0409 tx timeout [ 86.901285] Bluetooth: hci5: command 0x0409 tx timeout [ 86.902341] Bluetooth: hci3: command 0x0409 tx timeout [ 86.965068] Bluetooth: hci4: command 0x0409 tx timeout [ 87.093172] Bluetooth: hci6: command 0x0409 tx timeout [ 88.821383] Bluetooth: hci1: command 0x041b tx timeout [ 88.885100] Bluetooth: hci0: command 0x041b tx timeout [ 88.886359] Bluetooth: hci2: command 0x041b tx timeout [ 88.949129] Bluetooth: hci3: command 0x041b tx timeout [ 88.949760] Bluetooth: hci5: command 0x041b tx timeout [ 89.013079] Bluetooth: hci4: command 0x041b tx timeout [ 89.141072] Bluetooth: hci6: command 0x041b tx timeout [ 90.869135] Bluetooth: hci1: command 0x040f tx timeout [ 90.933166] Bluetooth: hci2: command 0x040f tx timeout [ 90.933597] Bluetooth: hci0: command 0x040f tx timeout [ 90.997077] Bluetooth: hci5: command 0x040f tx timeout [ 90.997505] Bluetooth: hci3: command 0x040f tx timeout [ 91.061080] Bluetooth: hci4: command 0x040f tx timeout [ 91.189076] Bluetooth: hci6: command 0x040f tx timeout [ 92.533155] Bluetooth: hci7: Opcode 0x c03 failed: -110 [ 92.917120] Bluetooth: hci1: command 0x0419 tx timeout [ 92.981141] Bluetooth: hci0: command 0x0419 tx timeout [ 92.981608] Bluetooth: hci2: command 0x0419 tx timeout [ 93.045132] Bluetooth: hci3: command 0x0419 tx timeout [ 93.045613] Bluetooth: hci5: command 0x0419 tx timeout [ 93.109194] Bluetooth: hci4: command 0x0419 tx timeout [ 93.237080] Bluetooth: hci6: command 0x0419 tx timeout [ 97.846089] Bluetooth: hci7: Opcode 0x c03 failed: -110 [ 102.966085] Bluetooth: hci7: Opcode 0x c03 failed: -110 [ 105.750393] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 105.751805] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 105.752892] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 105.758158] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 105.761294] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 105.762938] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 105.769338] Bluetooth: hci7: HCI_REQ-0x0c1a [ 107.829211] Bluetooth: hci7: command 0x0409 tx timeout [ 109.877422] Bluetooth: hci7: command 0x041b tx timeout [ 111.925159] Bluetooth: hci7: command 0x040f tx timeout [ 113.973089] Bluetooth: hci7: command 0x0419 tx timeout 18:32:38 executing program 7: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) sendmmsg$inet(r0, &(0x7f0000001200)=[{{&(0x7f0000000040)={0x2, 0x0, @remote}, 0x10, &(0x7f0000000840)=[{&(0x7f00000005c0)="03ab", 0x2}], 0x1}}, {{&(0x7f00000008c0)={0x2, 0x0, @local}, 0x10, 0x0, 0x0, &(0x7f0000000000)=[@ip_tos_int={{0x14}}], 0x10}}], 0x2, 0x0) 18:32:38 executing program 7: socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000001d00)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_inet_SIOCSIFADDR(r0, 0x801c581f, 0x0) 18:32:38 executing program 7: syz_emit_ethernet(0x5a, &(0x7f0000000040)={@local, @remote, @void, {@ipv4={0x800, @tipc={{0x8, 0x4, 0x0, 0x0, 0x4c, 0x0, 0x0, 0x0, 0x6, 0x0, @rand_addr=0x64010101, @initdev={0xac, 0x1e, 0x0, 0x0}, {[@cipso={0x86, 0x9, 0x0, [{0x0, 0x3, '&'}]}]}}, @payload_mcast={{{{{{0x2c, 0x0, 0x0, 0x0, 0x0, 0xb}}}}}}}}}}, 0x0) 18:32:38 executing program 7: r0 = epoll_create1(0x0) r1 = getpid() fcntl$lock(r0, 0x24, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, r1}) 18:32:38 executing program 7: r0 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) poll(&(0x7f00000001c0)=[{r0}], 0x1, 0x0) 18:32:38 executing program 7: r0 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) poll(&(0x7f00000001c0)=[{r0}], 0x1, 0x0) 18:32:38 executing program 7: r0 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) poll(&(0x7f00000001c0)=[{r0}], 0x1, 0x0) 18:32:38 executing program 7: r0 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) poll(&(0x7f00000001c0)=[{r0}], 0x1, 0x0) [ 141.193587] syz-executor.1 (3813) used greatest stack depth: 24240 bytes left [ 147.538889] audit: type=1400 audit(1663007567.987:7): avc: denied { open } for pid=3975 comm="syz-executor.5" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 [ 147.543876] audit: type=1400 audit(1663007567.987:8): avc: denied { kernel } for pid=3975 comm="syz-executor.5" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 [ 147.558385] ------------[ cut here ]------------ [ 147.558417] [ 147.558421] ====================================================== [ 147.558427] WARNING: possible circular locking dependency detected [ 147.558434] 6.0.0-rc5-next-20220912 #1 Not tainted [ 147.558445] ------------------------------------------------------ [ 147.558451] syz-executor.5/3976 is trying to acquire lock: [ 147.558462] ffffffff853fa878 ((console_sem).lock){....}-{2:2}, at: down_trylock+0xe/0x70 [ 147.558522] [ 147.558522] but task is already holding lock: [ 147.558527] ffff888015ec8c20 (&ctx->lock){....}-{2:2}, at: __perf_event_task_sched_out+0x53b/0x18d0 [ 147.558576] [ 147.558576] which lock already depends on the new lock. [ 147.558576] [ 147.558581] [ 147.558581] the existing dependency chain (in reverse order) is: [ 147.558587] [ 147.558587] -> #3 (&ctx->lock){....}-{2:2}: [ 147.558617] _raw_spin_lock+0x2a/0x40 [ 147.558646] __perf_event_task_sched_out+0x53b/0x18d0 [ 147.558669] __schedule+0xedd/0x2470 [ 147.558687] schedule+0xda/0x1b0 [ 147.558703] futex_wait_queue+0xf5/0x1e0 [ 147.558724] futex_wait+0x28e/0x690 [ 147.558742] do_futex+0x2ff/0x380 [ 147.558758] __x64_sys_futex+0x1c6/0x4d0 [ 147.558776] do_syscall_64+0x3b/0x90 [ 147.558800] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 147.558831] [ 147.558831] -> #2 (&rq->__lock){-.-.}-{2:2}: [ 147.558857] _raw_spin_lock_nested+0x30/0x40 [ 147.558884] raw_spin_rq_lock_nested+0x1e/0x30 [ 147.558906] task_fork_fair+0x63/0x4d0 [ 147.558938] sched_cgroup_fork+0x3d0/0x540 [ 147.558964] copy_process+0x3f9e/0x6df0 [ 147.558982] kernel_clone+0xe7/0x890 [ 147.558999] user_mode_thread+0xad/0xf0 [ 147.559018] rest_init+0x24/0x250 [ 147.559048] arch_call_rest_init+0xf/0x14 [ 147.559085] start_kernel+0x4c1/0x4e6 [ 147.559116] secondary_startup_64_no_verify+0xe0/0xeb [ 147.559141] [ 147.559141] -> #1 (&p->pi_lock){-.-.}-{2:2}: [ 147.559166] _raw_spin_lock_irqsave+0x39/0x60 [ 147.559193] try_to_wake_up+0xab/0x1920 [ 147.559218] up+0x75/0xb0 [ 147.559239] __up_console_sem+0x6e/0x80 [ 147.559269] console_unlock+0x46a/0x590 [ 147.559299] vprintk_emit+0x1bd/0x560 [ 147.559330] vprintk+0x84/0xa0 [ 147.559360] _printk+0xba/0xf1 [ 147.559391] kauditd_hold_skb.cold+0x3f/0x4e [ 147.559417] kauditd_send_queue+0x233/0x290 [ 147.559444] kauditd_thread+0x5da/0x9a0 [ 147.559469] kthread+0x2ed/0x3a0 [ 147.559496] ret_from_fork+0x22/0x30 [ 147.559519] [ 147.559519] -> #0 ((console_sem).lock){....}-{2:2}: [ 147.559545] __lock_acquire+0x2a02/0x5e70 [ 147.559576] lock_acquire+0x1a2/0x530 [ 147.559606] _raw_spin_lock_irqsave+0x39/0x60 [ 147.559633] down_trylock+0xe/0x70 [ 147.559656] __down_trylock_console_sem+0x3b/0xd0 [ 147.559687] vprintk_emit+0x16b/0x560 [ 147.559717] vprintk+0x84/0xa0 [ 147.559748] _printk+0xba/0xf1 [ 147.559778] report_bug.cold+0x72/0xab [ 147.559800] handle_bug+0x3c/0x70 [ 147.559823] exc_invalid_op+0x14/0x50 [ 147.559847] asm_exc_invalid_op+0x16/0x20 [ 147.559877] group_sched_out.part.0+0x2c7/0x460 [ 147.559896] ctx_sched_out+0x8f1/0xc10 [ 147.559914] __perf_event_task_sched_out+0x6d0/0x18d0 [ 147.559937] __schedule+0xedd/0x2470 [ 147.559954] schedule+0xda/0x1b0 [ 147.559970] futex_wait_queue+0xf5/0x1e0 [ 147.559990] futex_wait+0x28e/0x690 [ 147.560010] do_futex+0x2ff/0x380 [ 147.560029] __x64_sys_futex+0x1c6/0x4d0 [ 147.560047] do_syscall_64+0x3b/0x90 [ 147.560070] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 147.560101] [ 147.560101] other info that might help us debug this: [ 147.560101] [ 147.560106] Chain exists of: [ 147.560106] (console_sem).lock --> &rq->__lock --> &ctx->lock [ 147.560106] [ 147.560133] Possible unsafe locking scenario: [ 147.560133] [ 147.560137] CPU0 CPU1 [ 147.560141] ---- ---- [ 147.560145] lock(&ctx->lock); [ 147.560155] lock(&rq->__lock); [ 147.560167] lock(&ctx->lock); [ 147.560178] lock((console_sem).lock); [ 147.560189] [ 147.560189] *** DEADLOCK *** [ 147.560189] [ 147.560192] 2 locks held by syz-executor.5/3976: [ 147.560205] #0: ffff88806cf37cd8 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0x1e/0x30 [ 147.560256] #1: ffff888015ec8c20 (&ctx->lock){....}-{2:2}, at: __perf_event_task_sched_out+0x53b/0x18d0 [ 147.560307] [ 147.560307] stack backtrace: [ 147.560312] CPU: 1 PID: 3976 Comm: syz-executor.5 Not tainted 6.0.0-rc5-next-20220912 #1 [ 147.560335] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 147.560348] Call Trace: [ 147.560354] [ 147.560361] dump_stack_lvl+0x8b/0xb3 [ 147.560387] check_noncircular+0x263/0x2e0 [ 147.560418] ? format_decode+0x26c/0xb50 [ 147.560444] ? print_circular_bug+0x450/0x450 [ 147.560476] ? enable_ptr_key_workfn+0x20/0x20 [ 147.560504] ? format_decode+0x26c/0xb50 [ 147.560532] ? alloc_chain_hlocks+0x1ec/0x5a0 [ 147.560565] __lock_acquire+0x2a02/0x5e70 [ 147.560606] ? lockdep_hardirqs_on_prepare+0x410/0x410 [ 147.560648] lock_acquire+0x1a2/0x530 [ 147.560703] ? down_trylock+0xe/0x70 [ 147.560731] ? rcu_read_unlock+0x40/0x40 [ 147.560770] ? vprintk+0x84/0xa0 [ 147.560804] _raw_spin_lock_irqsave+0x39/0x60 [ 147.560832] ? down_trylock+0xe/0x70 [ 147.560857] down_trylock+0xe/0x70 [ 147.560882] ? vprintk+0x84/0xa0 [ 147.560915] __down_trylock_console_sem+0x3b/0xd0 [ 147.560948] vprintk_emit+0x16b/0x560 [ 147.560984] vprintk+0x84/0xa0 [ 147.561017] _printk+0xba/0xf1 [ 147.561049] ? record_print_text.cold+0x16/0x16 [ 147.561090] ? report_bug.cold+0x66/0xab [ 147.561116] ? group_sched_out.part.0+0x2c7/0x460 [ 147.561137] report_bug.cold+0x72/0xab [ 147.561164] handle_bug+0x3c/0x70 [ 147.561189] exc_invalid_op+0x14/0x50 [ 147.561215] asm_exc_invalid_op+0x16/0x20 [ 147.561247] RIP: 0010:group_sched_out.part.0+0x2c7/0x460 [ 147.561271] Code: 5e 41 5f e9 3b b7 ef ff e8 36 b7 ef ff 65 8b 1d ab 15 ac 7e 31 ff 89 de e8 d6 b3 ef ff 85 db 0f 84 8a 00 00 00 e8 19 b7 ef ff <0f> 0b e9 a5 fe ff ff e8 0d b7 ef ff 48 8d 7d 10 48 b8 00 00 00 00 [ 147.561292] RSP: 0018:ffff88801f6af8f8 EFLAGS: 00010006 [ 147.561308] RAX: 0000000040000002 RBX: 0000000000000000 RCX: 0000000000000000 [ 147.561323] RDX: ffff88800d9d5040 RSI: ffffffff81566027 RDI: 0000000000000005 [ 147.561337] RBP: ffff888008660000 R08: 0000000000000005 R09: 0000000000000001 [ 147.561350] R10: 0000000000000000 R11: ffffffff865aa05b R12: ffff888015ec8c00 [ 147.561364] R13: ffff88806cf3d100 R14: ffffffff8547c660 R15: 0000000000000002 [ 147.561385] ? group_sched_out.part.0+0x2c7/0x460 [ 147.561409] ? group_sched_out.part.0+0x2c7/0x460 [ 147.561432] ctx_sched_out+0x8f1/0xc10 [ 147.561455] __perf_event_task_sched_out+0x6d0/0x18d0 [ 147.561484] ? load_balance+0x2750/0x2750 [ 147.561521] ? __perf_cgroup_move+0x160/0x160 [ 147.561543] ? lock_is_held_type+0xd7/0x130 [ 147.561578] ? lock_is_held_type+0xd7/0x130 [ 147.561612] __schedule+0xedd/0x2470 [ 147.561636] ? io_schedule_timeout+0x150/0x150 [ 147.561656] ? futex_wait_setup+0x166/0x230 [ 147.561682] schedule+0xda/0x1b0 [ 147.561702] futex_wait_queue+0xf5/0x1e0 [ 147.561724] futex_wait+0x28e/0x690 [ 147.561747] ? futex_wait_setup+0x230/0x230 [ 147.561771] ? wake_up_q+0x8b/0xf0 [ 147.561796] ? do_raw_spin_unlock+0x4f/0x220 [ 147.561832] ? futex_wake+0x158/0x490 [ 147.561861] ? fd_install+0x1f9/0x640 [ 147.561892] do_futex+0x2ff/0x380 [ 147.561912] ? __ia32_compat_sys_get_robust_list+0x3b0/0x3b0 [ 147.561942] __x64_sys_futex+0x1c6/0x4d0 [ 147.561968] ? __x64_sys_futex_time32+0x480/0x480 [ 147.561989] ? trace_rcu_dyntick+0x1a7/0x250 [ 147.562026] ? syscall_enter_from_user_mode+0x1d/0x50 [ 147.562060] ? syscall_enter_from_user_mode+0x1d/0x50 [ 147.562097] do_syscall_64+0x3b/0x90 [ 147.562123] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 147.562155] RIP: 0033:0x7f9a9cdb4b19 [ 147.562170] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 147.562191] RSP: 002b:00007f9a9a32a218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 147.562211] RAX: ffffffffffffffda RBX: 00007f9a9cec7f68 RCX: 00007f9a9cdb4b19 [ 147.562225] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f9a9cec7f68 [ 147.562239] RBP: 00007f9a9cec7f60 R08: 0000000000000000 R09: 0000000000000000 [ 147.562252] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f9a9cec7f6c [ 147.562266] R13: 00007ffdaa452c3f R14: 00007f9a9a32a300 R15: 0000000000022000 [ 147.562289] [ 147.671949] WARNING: CPU: 1 PID: 3976 at kernel/events/core.c:2309 group_sched_out.part.0+0x2c7/0x460 [ 147.671987] Modules linked in: [ 147.671997] CPU: 1 PID: 3976 Comm: syz-executor.5 Not tainted 6.0.0-rc5-next-20220912 #1 [ 147.672020] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 147.672035] RIP: 0010:group_sched_out.part.0+0x2c7/0x460 [ 147.672059] Code: 5e 41 5f e9 3b b7 ef ff e8 36 b7 ef ff 65 8b 1d ab 15 ac 7e 31 ff 89 de e8 d6 b3 ef ff 85 db 0f 84 8a 00 00 00 e8 19 b7 ef ff <0f> 0b e9 a5 fe ff ff e8 0d b7 ef ff 48 8d 7d 10 48 b8 00 00 00 00 [ 147.672080] RSP: 0018:ffff88801f6af8f8 EFLAGS: 00010006 [ 147.672098] RAX: 0000000040000002 RBX: 0000000000000000 RCX: 0000000000000000 [ 147.672112] RDX: ffff88800d9d5040 RSI: ffffffff81566027 RDI: 0000000000000005 [ 147.672127] RBP: ffff888008660000 R08: 0000000000000005 R09: 0000000000000001 [ 147.672143] R10: 0000000000000000 R11: ffffffff865aa05b R12: ffff888015ec8c00 [ 147.672159] R13: ffff88806cf3d100 R14: ffffffff8547c660 R15: 0000000000000002 [ 147.672179] FS: 00007f9a9a32a700(0000) GS:ffff88806cf00000(0000) knlGS:0000000000000000 [ 147.672202] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 147.672218] CR2: 000055a9fd5c0648 CR3: 000000000f22a000 CR4: 0000000000350ee0 [ 147.672233] Call Trace: [ 147.672239] [ 147.672249] ctx_sched_out+0x8f1/0xc10 [ 147.672274] __perf_event_task_sched_out+0x6d0/0x18d0 [ 147.672303] ? load_balance+0x2750/0x2750 [ 147.672341] ? __perf_cgroup_move+0x160/0x160 [ 147.672364] ? lock_is_held_type+0xd7/0x130 [ 147.672400] ? lock_is_held_type+0xd7/0x130 [ 147.672434] __schedule+0xedd/0x2470 [ 147.672459] ? io_schedule_timeout+0x150/0x150 [ 147.672480] ? futex_wait_setup+0x166/0x230 [ 147.672507] schedule+0xda/0x1b0 [ 147.672527] futex_wait_queue+0xf5/0x1e0 [ 147.672550] futex_wait+0x28e/0x690 [ 147.672574] ? futex_wait_setup+0x230/0x230 [ 147.672598] ? wake_up_q+0x8b/0xf0 [ 147.672624] ? do_raw_spin_unlock+0x4f/0x220 [ 147.672671] ? futex_wake+0x158/0x490 [ 147.672701] ? fd_install+0x1f9/0x640 [ 147.672731] do_futex+0x2ff/0x380 [ 147.672752] ? __ia32_compat_sys_get_robust_list+0x3b0/0x3b0 [ 147.672782] __x64_sys_futex+0x1c6/0x4d0 [ 147.672805] ? __x64_sys_futex_time32+0x480/0x480 [ 147.672827] ? trace_rcu_dyntick+0x1a7/0x250 [ 147.672864] ? syscall_enter_from_user_mode+0x1d/0x50 [ 147.672899] ? syscall_enter_from_user_mode+0x1d/0x50 [ 147.672937] do_syscall_64+0x3b/0x90 [ 147.672963] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 147.672996] RIP: 0033:0x7f9a9cdb4b19 [ 147.673012] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 147.673033] RSP: 002b:00007f9a9a32a218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 147.673054] RAX: ffffffffffffffda RBX: 00007f9a9cec7f68 RCX: 00007f9a9cdb4b19 [ 147.673070] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f9a9cec7f68 [ 147.673084] RBP: 00007f9a9cec7f60 R08: 0000000000000000 R09: 0000000000000000 [ 147.673098] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f9a9cec7f6c [ 147.673113] R13: 00007ffdaa452c3f R14: 00007f9a9a32a300 R15: 0000000000022000 [ 147.673137] [ 147.673144] irq event stamp: 860 [ 147.673151] hardirqs last enabled at (859): [] syscall_enter_from_user_mode+0x1d/0x50 [ 147.673191] hardirqs last disabled at (860): [] __schedule+0x1225/0x2470 [ 147.673217] softirqs last enabled at (848): [] __irq_exit_rcu+0x11b/0x180 [ 147.673255] softirqs last disabled at (839): [] __irq_exit_rcu+0x11b/0x180 [ 147.673292] ---[ end trace 0000000000000000 ]--- [ 147.675043] hrtimer: interrupt took 16811 ns 18:32:48 executing program 6: execveat(0xffffffffffffffff, &(0x7f0000000200)='./file0\x00', 0xfffffffffffffffc, 0x0, 0x0) 18:32:48 executing program 7: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$sock_int(r0, 0x1, 0x49, &(0x7f0000000180)=0x8000, 0x4) 18:32:48 executing program 2: syz_open_dev$loop(&(0x7f0000000140), 0x0, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x9}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x2, 0x0, 0x0, 0x0, 0x0, 0x2, 0x32261, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) ioctl$F2FS_IOC_GARBAGE_COLLECT_RANGE(0xffffffffffffffff, 0x4018f50b, &(0x7f0000000240)={0x0, 0x0, 0x3}) fcntl$F_SET_FILE_RW_HINT(r0, 0x40e, &(0x7f0000000040)=0x1) perf_event_open(&(0x7f0000001840)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000001800), 0xd}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x3) write(r1, &(0x7f0000000080)="01", 0x292e9) 18:32:48 executing program 4: syz_mount_image$ext4(0x0, &(0x7f00000000c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) stat(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0}) setresuid(0x0, r0, 0x0) setpriority(0x2, 0x0, 0x0) 18:32:48 executing program 0: r0 = socket$inet6(0xa, 0x1, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x23, &(0x7f00000002c0)={@mcast1}, 0x20) 18:32:48 executing program 5: mkdir(&(0x7f0000003b80)='./file0\x00', 0xcc142d1502f486bf) r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x4, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8001}, 0x0, 0xffffffffffffffff, r0, 0x0) r1 = syz_open_dev$tty20(0xc, 0x4, 0x0) ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f0000000100)=0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r2, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r3 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r3, 0xc0481273, &(0x7f0000000000)={'\x00', 0x0, 0x1, 0xd6c2}) ioctl$SCSI_IOCTL_DOORLOCK(r3, 0x5380) ioctl$BLKTRACETEARDOWN(r3, 0x1276, 0x0) ioctl$BLKTRACESETUP(r3, 0xc0481273, &(0x7f0000000340)={'\x00', 0x80, 0x3f, 0x7fffffff, 0x0, 0x2, r2}) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) vmsplice(r4, &(0x7f0000000100)=[{&(0x7f0000000140)="84", 0x20000141}], 0x1, 0x0) ioctl$sock_inet6_tcp_SIOCINQ(r4, 0x541b, &(0x7f0000000080)) perf_event_open(&(0x7f0000000000)={0x3, 0x80, 0x1f, 0x7f, 0xf4, 0x1, 0x0, 0x7, 0xa012, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x75c, 0x2, @perf_config_ext={0x200, 0x7}, 0x10000, 0x4, 0x1f, 0x1c, 0xffff, 0x7, 0x200, 0x0, 0xff, 0x0, 0x3f}, r2, 0xb, r4, 0x8) perf_event_open(0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0x1) ioctl$AUTOFS_DEV_IOCTL_PROTOVER(0xffffffffffffffff, 0xc0189372, &(0x7f0000000400)=ANY=[@ANYBLOB="014000000100e44b1e71800477c0d5f35de1000018000000aab8aebe132cfb322f7743fb518b91d3", @ANYRES32=r1, @ANYBLOB="010065301b00000000009c8171e485448f6ca606219c6185654472ef8b69a298877cf49f7fdc3148695a95a795560a6e9cc95853cc67ead84137b1e17712996d52dd67ac9255027a9cbc072d9c8ccfb65673a23f383261cb2ef644cdba8d9a07837ff58163db5b32"]) socket$packet(0x11, 0x3, 0x300) 18:32:48 executing program 3: syz_emit_ethernet(0xc6, &(0x7f0000001400)={@multicast, @local, @void, {@ipv6={0x86dd, @udp={0x0, 0x6, '#\x00\b', 0x90, 0x2c, 0x0, @empty, @local, {[@hopopts={0x3c, 0x2, '\x00', [@hao={0xc9, 0x10, @private0}]}], {0x0, 0x0, 0x70, 0x0, @opaque="44e67c344da1a96c6727cd71f70f90fcb3c3e3b5d6c767007a6b4a8651c9cea43dbd8e1d39904bfec58aa86508f352f1853fdc9f15eda9704cc4da83cdd4488493e4bd6828a86008c4f276ea626e8b87c49cae1fe574f054cc218682ce15559a1ddf0755abaf4c07"}}}}}}, 0x0) 18:32:48 executing program 1: r0 = socket$packet(0x11, 0x3, 0x300) socket$packet(0x11, 0x2, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000040)={0x0, 0x8000}, 0x4) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = socket$nl_audit(0x10, 0x3, 0x9) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000340)={'sit0\x00', 0x0}) sendmsg$inet(r1, &(0x7f0000000780)={&(0x7f0000000000)={0x2, 0x0, @local}, 0x10, &(0x7f00000003c0)=[{&(0x7f0000000300)="6fb9", 0xffeb}], 0x1, &(0x7f0000000700)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {r3, @remote, @broadcast}}}], 0x20}, 0x0) 18:32:49 executing program 6: execveat(0xffffffffffffffff, &(0x7f0000000200)='./file0\x00', 0xfffffffffffffffc, 0x0, 0x0) 18:32:49 executing program 0: mkdir(&(0x7f0000003b80)='./file0\x00', 0xcc142d1502f486bf) r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x4, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8001}, 0x0, 0xffffffffffffffff, r0, 0x0) r1 = syz_open_dev$tty20(0xc, 0x4, 0x0) ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f0000000100)=0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r2, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r3 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r3, 0xc0481273, &(0x7f0000000000)={'\x00', 0x0, 0x1, 0xd6c2}) ioctl$SCSI_IOCTL_DOORLOCK(r3, 0x5380) ioctl$BLKTRACETEARDOWN(r3, 0x1276, 0x0) ioctl$BLKTRACESETUP(r3, 0xc0481273, &(0x7f0000000340)={'\x00', 0x80, 0x3f, 0x7fffffff, 0x0, 0x2, r2}) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) vmsplice(r4, &(0x7f0000000100)=[{&(0x7f0000000140)="84", 0x20000141}], 0x1, 0x0) ioctl$sock_inet6_tcp_SIOCINQ(r4, 0x541b, &(0x7f0000000080)) perf_event_open(&(0x7f0000000000)={0x3, 0x80, 0x1f, 0x7f, 0xf4, 0x1, 0x0, 0x7, 0xa012, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x75c, 0x2, @perf_config_ext={0x200, 0x7}, 0x10000, 0x4, 0x1f, 0x1c, 0xffff, 0x7, 0x200, 0x0, 0xff, 0x0, 0x3f}, r2, 0xb, r4, 0x8) perf_event_open(0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0x1) ioctl$AUTOFS_DEV_IOCTL_PROTOVER(0xffffffffffffffff, 0xc0189372, &(0x7f0000000400)=ANY=[@ANYBLOB="014000000100e44b1e71800477c0d5f35de1000018000000aab8aebe132cfb322f7743fb518b91d3", @ANYRES32=r1, @ANYBLOB="010065301b00000000009c8171e485448f6ca606219c6185654472ef8b69a298877cf49f7fdc3148695a95a795560a6e9cc95853cc67ead84137b1e17712996d52dd67ac9255027a9cbc072d9c8ccfb65673a23f383261cb2ef644cdba8d9a07837ff58163db5b32"]) socket$packet(0x11, 0x3, 0x300) 18:32:49 executing program 3: syz_emit_ethernet(0xc6, &(0x7f0000001400)={@multicast, @local, @void, {@ipv6={0x86dd, @udp={0x0, 0x6, '#\x00\b', 0x90, 0x2c, 0x0, @empty, @local, {[@hopopts={0x3c, 0x2, '\x00', [@hao={0xc9, 0x10, @private0}]}], {0x0, 0x0, 0x70, 0x0, @opaque="44e67c344da1a96c6727cd71f70f90fcb3c3e3b5d6c767007a6b4a8651c9cea43dbd8e1d39904bfec58aa86508f352f1853fdc9f15eda9704cc4da83cdd4488493e4bd6828a86008c4f276ea626e8b87c49cae1fe574f054cc218682ce15559a1ddf0755abaf4c07"}}}}}}, 0x0) 18:32:49 executing program 4: r0 = socket(0x1f, 0x5, 0x7ff) ioctl$BTRFS_IOC_TREE_SEARCH(r0, 0xd0009411, &(0x7f0000000000)={{0x0, 0x81, 0x5, 0x8, 0xc80f, 0x9, 0x1, 0x6, 0x5, 0x0, 0x0, 0x66c5, 0x1, 0x0, 0x1ff}}) r1 = accept$packet(r0, 0x0, &(0x7f0000001000)) close_range(r1, 0xffffffffffffffff, 0x2) r2 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_TCP_REPAIR_QUEUE(r2, 0x6, 0x14, &(0x7f0000005600), 0x4) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000005640)={'wlan0\x00'}) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$sock_FIOGETOWN(r0, 0x8903, &(0x7f0000005880)) r3 = syz_open_procfs(0x0, &(0x7f00000058c0)='limits\x00') getsockopt$sock_linger(0xffffffffffffffff, 0x1, 0xd, &(0x7f0000005900), &(0x7f0000005940)=0x8) setsockopt$inet6_int(r3, 0x29, 0x0, &(0x7f0000005980)=0x42, 0x4) creat(0x0, 0x28) accept4(r2, 0x0, &(0x7f0000007b80), 0x0) 18:32:49 executing program 7: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$sock_int(r0, 0x1, 0x49, &(0x7f0000000180)=0x8000, 0x4) 18:32:49 executing program 2: syz_open_dev$loop(&(0x7f0000000140), 0x0, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x9}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x2, 0x0, 0x0, 0x0, 0x0, 0x2, 0x32261, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) ioctl$F2FS_IOC_GARBAGE_COLLECT_RANGE(0xffffffffffffffff, 0x4018f50b, &(0x7f0000000240)={0x0, 0x0, 0x3}) fcntl$F_SET_FILE_RW_HINT(r0, 0x40e, &(0x7f0000000040)=0x1) perf_event_open(&(0x7f0000001840)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000001800), 0xd}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x3) write(r1, &(0x7f0000000080)="01", 0x292e9) 18:32:49 executing program 1: r0 = socket$packet(0x11, 0x3, 0x300) socket$packet(0x11, 0x2, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000040)={0x0, 0x8000}, 0x4) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = socket$nl_audit(0x10, 0x3, 0x9) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000340)={'sit0\x00', 0x0}) sendmsg$inet(r1, &(0x7f0000000780)={&(0x7f0000000000)={0x2, 0x0, @local}, 0x10, &(0x7f00000003c0)=[{&(0x7f0000000300)="6fb9", 0xffeb}], 0x1, &(0x7f0000000700)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {r3, @remote, @broadcast}}}], 0x20}, 0x0) 18:32:49 executing program 5: mkdir(&(0x7f0000003b80)='./file0\x00', 0xcc142d1502f486bf) r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x4, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8001}, 0x0, 0xffffffffffffffff, r0, 0x0) r1 = syz_open_dev$tty20(0xc, 0x4, 0x0) ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f0000000100)=0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r2, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r3 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r3, 0xc0481273, &(0x7f0000000000)={'\x00', 0x0, 0x1, 0xd6c2}) ioctl$SCSI_IOCTL_DOORLOCK(r3, 0x5380) ioctl$BLKTRACETEARDOWN(r3, 0x1276, 0x0) ioctl$BLKTRACESETUP(r3, 0xc0481273, &(0x7f0000000340)={'\x00', 0x80, 0x3f, 0x7fffffff, 0x0, 0x2, r2}) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) vmsplice(r4, &(0x7f0000000100)=[{&(0x7f0000000140)="84", 0x20000141}], 0x1, 0x0) ioctl$sock_inet6_tcp_SIOCINQ(r4, 0x541b, &(0x7f0000000080)) perf_event_open(&(0x7f0000000000)={0x3, 0x80, 0x1f, 0x7f, 0xf4, 0x1, 0x0, 0x7, 0xa012, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x75c, 0x2, @perf_config_ext={0x200, 0x7}, 0x10000, 0x4, 0x1f, 0x1c, 0xffff, 0x7, 0x200, 0x0, 0xff, 0x0, 0x3f}, r2, 0xb, r4, 0x8) perf_event_open(0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0x1) ioctl$AUTOFS_DEV_IOCTL_PROTOVER(0xffffffffffffffff, 0xc0189372, &(0x7f0000000400)=ANY=[@ANYBLOB="014000000100e44b1e71800477c0d5f35de1000018000000aab8aebe132cfb322f7743fb518b91d3", @ANYRES32=r1, @ANYBLOB="010065301b00000000009c8171e485448f6ca606219c6185654472ef8b69a298877cf49f7fdc3148695a95a795560a6e9cc95853cc67ead84137b1e17712996d52dd67ac9255027a9cbc072d9c8ccfb65673a23f383261cb2ef644cdba8d9a07837ff58163db5b32"]) socket$packet(0x11, 0x3, 0x300) 18:32:49 executing program 6: execveat(0xffffffffffffffff, &(0x7f0000000200)='./file0\x00', 0xfffffffffffffffc, 0x0, 0x0) 18:32:49 executing program 3: syz_emit_ethernet(0xc6, &(0x7f0000001400)={@multicast, @local, @void, {@ipv6={0x86dd, @udp={0x0, 0x6, '#\x00\b', 0x90, 0x2c, 0x0, @empty, @local, {[@hopopts={0x3c, 0x2, '\x00', [@hao={0xc9, 0x10, @private0}]}], {0x0, 0x0, 0x70, 0x0, @opaque="44e67c344da1a96c6727cd71f70f90fcb3c3e3b5d6c767007a6b4a8651c9cea43dbd8e1d39904bfec58aa86508f352f1853fdc9f15eda9704cc4da83cdd4488493e4bd6828a86008c4f276ea626e8b87c49cae1fe574f054cc218682ce15559a1ddf0755abaf4c07"}}}}}}, 0x0) 18:32:49 executing program 7: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$sock_int(r0, 0x1, 0x49, &(0x7f0000000180)=0x8000, 0x4) 18:32:49 executing program 4: r0 = socket(0x1f, 0x5, 0x7ff) ioctl$BTRFS_IOC_TREE_SEARCH(r0, 0xd0009411, &(0x7f0000000000)={{0x0, 0x81, 0x5, 0x8, 0xc80f, 0x9, 0x1, 0x6, 0x5, 0x0, 0x0, 0x66c5, 0x1, 0x0, 0x1ff}}) r1 = accept$packet(r0, 0x0, &(0x7f0000001000)) close_range(r1, 0xffffffffffffffff, 0x2) r2 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_TCP_REPAIR_QUEUE(r2, 0x6, 0x14, &(0x7f0000005600), 0x4) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000005640)={'wlan0\x00'}) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$sock_FIOGETOWN(r0, 0x8903, &(0x7f0000005880)) r3 = syz_open_procfs(0x0, &(0x7f00000058c0)='limits\x00') getsockopt$sock_linger(0xffffffffffffffff, 0x1, 0xd, &(0x7f0000005900), &(0x7f0000005940)=0x8) setsockopt$inet6_int(r3, 0x29, 0x0, &(0x7f0000005980)=0x42, 0x4) creat(0x0, 0x28) accept4(r2, 0x0, &(0x7f0000007b80), 0x0) [ 149.140407] blktrace: Concurrent blktraces are not allowed on sg0 18:32:49 executing program 3: syz_emit_ethernet(0xc6, &(0x7f0000001400)={@multicast, @local, @void, {@ipv6={0x86dd, @udp={0x0, 0x6, '#\x00\b', 0x90, 0x2c, 0x0, @empty, @local, {[@hopopts={0x3c, 0x2, '\x00', [@hao={0xc9, 0x10, @private0}]}], {0x0, 0x0, 0x70, 0x0, @opaque="44e67c344da1a96c6727cd71f70f90fcb3c3e3b5d6c767007a6b4a8651c9cea43dbd8e1d39904bfec58aa86508f352f1853fdc9f15eda9704cc4da83cdd4488493e4bd6828a86008c4f276ea626e8b87c49cae1fe574f054cc218682ce15559a1ddf0755abaf4c07"}}}}}}, 0x0) 18:32:49 executing program 7: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$sock_int(r0, 0x1, 0x49, &(0x7f0000000180)=0x8000, 0x4) 18:32:50 executing program 2: syz_open_dev$loop(&(0x7f0000000140), 0x0, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x9}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x2, 0x0, 0x0, 0x0, 0x0, 0x2, 0x32261, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) ioctl$F2FS_IOC_GARBAGE_COLLECT_RANGE(0xffffffffffffffff, 0x4018f50b, &(0x7f0000000240)={0x0, 0x0, 0x3}) fcntl$F_SET_FILE_RW_HINT(r0, 0x40e, &(0x7f0000000040)=0x1) perf_event_open(&(0x7f0000001840)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000001800), 0xd}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x3) write(r1, &(0x7f0000000080)="01", 0x292e9) 18:32:50 executing program 7: r0 = socket(0x1f, 0x5, 0x7ff) ioctl$BTRFS_IOC_TREE_SEARCH(r0, 0xd0009411, &(0x7f0000000000)={{0x0, 0x81, 0x5, 0x8, 0xc80f, 0x9, 0x1, 0x6, 0x5, 0x0, 0x0, 0x66c5, 0x1, 0x0, 0x1ff}}) r1 = accept$packet(r0, 0x0, &(0x7f0000001000)) close_range(r1, 0xffffffffffffffff, 0x2) r2 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_TCP_REPAIR_QUEUE(r2, 0x6, 0x14, &(0x7f0000005600), 0x4) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000005640)={'wlan0\x00'}) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$sock_FIOGETOWN(r0, 0x8903, &(0x7f0000005880)) r3 = syz_open_procfs(0x0, &(0x7f00000058c0)='limits\x00') getsockopt$sock_linger(0xffffffffffffffff, 0x1, 0xd, &(0x7f0000005900), &(0x7f0000005940)=0x8) setsockopt$inet6_int(r3, 0x29, 0x0, &(0x7f0000005980)=0x42, 0x4) creat(0x0, 0x28) accept4(r2, 0x0, &(0x7f0000007b80), 0x0) 18:32:50 executing program 5: mkdir(&(0x7f0000003b80)='./file0\x00', 0xcc142d1502f486bf) r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x4, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8001}, 0x0, 0xffffffffffffffff, r0, 0x0) r1 = syz_open_dev$tty20(0xc, 0x4, 0x0) ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f0000000100)=0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r2, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r3 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r3, 0xc0481273, &(0x7f0000000000)={'\x00', 0x0, 0x1, 0xd6c2}) ioctl$SCSI_IOCTL_DOORLOCK(r3, 0x5380) ioctl$BLKTRACETEARDOWN(r3, 0x1276, 0x0) ioctl$BLKTRACESETUP(r3, 0xc0481273, &(0x7f0000000340)={'\x00', 0x80, 0x3f, 0x7fffffff, 0x0, 0x2, r2}) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) vmsplice(r4, &(0x7f0000000100)=[{&(0x7f0000000140)="84", 0x20000141}], 0x1, 0x0) ioctl$sock_inet6_tcp_SIOCINQ(r4, 0x541b, &(0x7f0000000080)) perf_event_open(&(0x7f0000000000)={0x3, 0x80, 0x1f, 0x7f, 0xf4, 0x1, 0x0, 0x7, 0xa012, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x75c, 0x2, @perf_config_ext={0x200, 0x7}, 0x10000, 0x4, 0x1f, 0x1c, 0xffff, 0x7, 0x200, 0x0, 0xff, 0x0, 0x3f}, r2, 0xb, r4, 0x8) perf_event_open(0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0x1) ioctl$AUTOFS_DEV_IOCTL_PROTOVER(0xffffffffffffffff, 0xc0189372, &(0x7f0000000400)=ANY=[@ANYBLOB="014000000100e44b1e71800477c0d5f35de1000018000000aab8aebe132cfb322f7743fb518b91d3", @ANYRES32=r1, @ANYBLOB="010065301b00000000009c8171e485448f6ca606219c6185654472ef8b69a298877cf49f7fdc3148695a95a795560a6e9cc95853cc67ead84137b1e17712996d52dd67ac9255027a9cbc072d9c8ccfb65673a23f383261cb2ef644cdba8d9a07837ff58163db5b32"]) socket$packet(0x11, 0x3, 0x300) 18:32:50 executing program 3: capset(&(0x7f0000000040)={0x20080522}, &(0x7f0000000580)) r0 = syz_open_dev$tty20(0xc, 0x4, 0x1) ioctl$TCGETA(r0, 0x5457, 0x0) 18:32:50 executing program 0: mkdir(&(0x7f0000003b80)='./file0\x00', 0xcc142d1502f486bf) r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x4, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8001}, 0x0, 0xffffffffffffffff, r0, 0x0) r1 = syz_open_dev$tty20(0xc, 0x4, 0x0) ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f0000000100)=0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r2, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r3 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r3, 0xc0481273, &(0x7f0000000000)={'\x00', 0x0, 0x1, 0xd6c2}) ioctl$SCSI_IOCTL_DOORLOCK(r3, 0x5380) ioctl$BLKTRACETEARDOWN(r3, 0x1276, 0x0) ioctl$BLKTRACESETUP(r3, 0xc0481273, &(0x7f0000000340)={'\x00', 0x80, 0x3f, 0x7fffffff, 0x0, 0x2, r2}) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) vmsplice(r4, &(0x7f0000000100)=[{&(0x7f0000000140)="84", 0x20000141}], 0x1, 0x0) ioctl$sock_inet6_tcp_SIOCINQ(r4, 0x541b, &(0x7f0000000080)) perf_event_open(&(0x7f0000000000)={0x3, 0x80, 0x1f, 0x7f, 0xf4, 0x1, 0x0, 0x7, 0xa012, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x75c, 0x2, @perf_config_ext={0x200, 0x7}, 0x10000, 0x4, 0x1f, 0x1c, 0xffff, 0x7, 0x200, 0x0, 0xff, 0x0, 0x3f}, r2, 0xb, r4, 0x8) perf_event_open(0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0x1) ioctl$AUTOFS_DEV_IOCTL_PROTOVER(0xffffffffffffffff, 0xc0189372, &(0x7f0000000400)=ANY=[@ANYBLOB="014000000100e44b1e71800477c0d5f35de1000018000000aab8aebe132cfb322f7743fb518b91d3", @ANYRES32=r1, @ANYBLOB="010065301b00000000009c8171e485448f6ca606219c6185654472ef8b69a298877cf49f7fdc3148695a95a795560a6e9cc95853cc67ead84137b1e17712996d52dd67ac9255027a9cbc072d9c8ccfb65673a23f383261cb2ef644cdba8d9a07837ff58163db5b32"]) socket$packet(0x11, 0x3, 0x300) 18:32:50 executing program 4: r0 = socket(0x1f, 0x5, 0x7ff) ioctl$BTRFS_IOC_TREE_SEARCH(r0, 0xd0009411, &(0x7f0000000000)={{0x0, 0x81, 0x5, 0x8, 0xc80f, 0x9, 0x1, 0x6, 0x5, 0x0, 0x0, 0x66c5, 0x1, 0x0, 0x1ff}}) r1 = accept$packet(r0, 0x0, &(0x7f0000001000)) close_range(r1, 0xffffffffffffffff, 0x2) r2 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_TCP_REPAIR_QUEUE(r2, 0x6, 0x14, &(0x7f0000005600), 0x4) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000005640)={'wlan0\x00'}) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$sock_FIOGETOWN(r0, 0x8903, &(0x7f0000005880)) r3 = syz_open_procfs(0x0, &(0x7f00000058c0)='limits\x00') getsockopt$sock_linger(0xffffffffffffffff, 0x1, 0xd, &(0x7f0000005900), &(0x7f0000005940)=0x8) setsockopt$inet6_int(r3, 0x29, 0x0, &(0x7f0000005980)=0x42, 0x4) creat(0x0, 0x28) accept4(r2, 0x0, &(0x7f0000007b80), 0x0) 18:32:50 executing program 1: r0 = socket$packet(0x11, 0x3, 0x300) socket$packet(0x11, 0x2, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000040)={0x0, 0x8000}, 0x4) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = socket$nl_audit(0x10, 0x3, 0x9) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000340)={'sit0\x00', 0x0}) sendmsg$inet(r1, &(0x7f0000000780)={&(0x7f0000000000)={0x2, 0x0, @local}, 0x10, &(0x7f00000003c0)=[{&(0x7f0000000300)="6fb9", 0xffeb}], 0x1, &(0x7f0000000700)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {r3, @remote, @broadcast}}}], 0x20}, 0x0) 18:32:50 executing program 3: syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_status={{0xf, 0x4}, {0x0, 0x0, 0x401}}}, 0x7) 18:32:50 executing program 4: r0 = socket(0x1f, 0x5, 0x7ff) ioctl$BTRFS_IOC_TREE_SEARCH(r0, 0xd0009411, &(0x7f0000000000)={{0x0, 0x81, 0x5, 0x8, 0xc80f, 0x9, 0x1, 0x6, 0x5, 0x0, 0x0, 0x66c5, 0x1, 0x0, 0x1ff}}) r1 = accept$packet(r0, 0x0, &(0x7f0000001000)) close_range(r1, 0xffffffffffffffff, 0x2) r2 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_TCP_REPAIR_QUEUE(r2, 0x6, 0x14, &(0x7f0000005600), 0x4) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000005640)={'wlan0\x00'}) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$sock_FIOGETOWN(r0, 0x8903, &(0x7f0000005880)) r3 = syz_open_procfs(0x0, &(0x7f00000058c0)='limits\x00') getsockopt$sock_linger(0xffffffffffffffff, 0x1, 0xd, &(0x7f0000005900), &(0x7f0000005940)=0x8) setsockopt$inet6_int(r3, 0x29, 0x0, &(0x7f0000005980)=0x42, 0x4) creat(0x0, 0x28) accept4(r2, 0x0, &(0x7f0000007b80), 0x0) 18:32:50 executing program 6: keyctl$KEYCTL_CAPABILITIES(0x1f, &(0x7f0000000180)=""/4076, 0xfec) r0 = syz_open_dev$tty20(0xc, 0x4, 0x1) ioctl$KDGETMODE(r0, 0x4b3b, &(0x7f00000000c0)) 18:32:50 executing program 7: r0 = socket(0x1f, 0x5, 0x7ff) ioctl$BTRFS_IOC_TREE_SEARCH(r0, 0xd0009411, &(0x7f0000000000)={{0x0, 0x81, 0x5, 0x8, 0xc80f, 0x9, 0x1, 0x6, 0x5, 0x0, 0x0, 0x66c5, 0x1, 0x0, 0x1ff}}) r1 = accept$packet(r0, 0x0, &(0x7f0000001000)) close_range(r1, 0xffffffffffffffff, 0x2) r2 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_TCP_REPAIR_QUEUE(r2, 0x6, 0x14, &(0x7f0000005600), 0x4) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000005640)={'wlan0\x00'}) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$sock_FIOGETOWN(r0, 0x8903, &(0x7f0000005880)) r3 = syz_open_procfs(0x0, &(0x7f00000058c0)='limits\x00') getsockopt$sock_linger(0xffffffffffffffff, 0x1, 0xd, &(0x7f0000005900), &(0x7f0000005940)=0x8) setsockopt$inet6_int(r3, 0x29, 0x0, &(0x7f0000005980)=0x42, 0x4) creat(0x0, 0x28) accept4(r2, 0x0, &(0x7f0000007b80), 0x0) 18:32:50 executing program 6: keyctl$KEYCTL_CAPABILITIES(0x1f, &(0x7f0000000180)=""/4076, 0xfec) r0 = syz_open_dev$tty20(0xc, 0x4, 0x1) ioctl$KDGETMODE(r0, 0x4b3b, &(0x7f00000000c0)) 18:32:50 executing program 3: syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_status={{0xf, 0x4}, {0x0, 0x0, 0x401}}}, 0x7) 18:32:50 executing program 6: keyctl$KEYCTL_CAPABILITIES(0x1f, &(0x7f0000000180)=""/4076, 0xfec) r0 = syz_open_dev$tty20(0xc, 0x4, 0x1) ioctl$KDGETMODE(r0, 0x4b3b, &(0x7f00000000c0)) 18:32:50 executing program 7: r0 = socket(0x1f, 0x5, 0x7ff) ioctl$BTRFS_IOC_TREE_SEARCH(r0, 0xd0009411, &(0x7f0000000000)={{0x0, 0x81, 0x5, 0x8, 0xc80f, 0x9, 0x1, 0x6, 0x5, 0x0, 0x0, 0x66c5, 0x1, 0x0, 0x1ff}}) r1 = accept$packet(r0, 0x0, &(0x7f0000001000)) close_range(r1, 0xffffffffffffffff, 0x2) r2 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_TCP_REPAIR_QUEUE(r2, 0x6, 0x14, &(0x7f0000005600), 0x4) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000005640)={'wlan0\x00'}) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$sock_FIOGETOWN(r0, 0x8903, &(0x7f0000005880)) r3 = syz_open_procfs(0x0, &(0x7f00000058c0)='limits\x00') getsockopt$sock_linger(0xffffffffffffffff, 0x1, 0xd, &(0x7f0000005900), &(0x7f0000005940)=0x8) setsockopt$inet6_int(r3, 0x29, 0x0, &(0x7f0000005980)=0x42, 0x4) creat(0x0, 0x28) accept4(r2, 0x0, &(0x7f0000007b80), 0x0) 18:32:50 executing program 0: mkdir(&(0x7f0000003b80)='./file0\x00', 0xcc142d1502f486bf) r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x4, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8001}, 0x0, 0xffffffffffffffff, r0, 0x0) r1 = syz_open_dev$tty20(0xc, 0x4, 0x0) ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f0000000100)=0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r2, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r3 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r3, 0xc0481273, &(0x7f0000000000)={'\x00', 0x0, 0x1, 0xd6c2}) ioctl$SCSI_IOCTL_DOORLOCK(r3, 0x5380) ioctl$BLKTRACETEARDOWN(r3, 0x1276, 0x0) ioctl$BLKTRACESETUP(r3, 0xc0481273, &(0x7f0000000340)={'\x00', 0x80, 0x3f, 0x7fffffff, 0x0, 0x2, r2}) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) vmsplice(r4, &(0x7f0000000100)=[{&(0x7f0000000140)="84", 0x20000141}], 0x1, 0x0) ioctl$sock_inet6_tcp_SIOCINQ(r4, 0x541b, &(0x7f0000000080)) perf_event_open(&(0x7f0000000000)={0x3, 0x80, 0x1f, 0x7f, 0xf4, 0x1, 0x0, 0x7, 0xa012, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x75c, 0x2, @perf_config_ext={0x200, 0x7}, 0x10000, 0x4, 0x1f, 0x1c, 0xffff, 0x7, 0x200, 0x0, 0xff, 0x0, 0x3f}, r2, 0xb, r4, 0x8) perf_event_open(0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0x1) ioctl$AUTOFS_DEV_IOCTL_PROTOVER(0xffffffffffffffff, 0xc0189372, &(0x7f0000000400)=ANY=[@ANYBLOB="014000000100e44b1e71800477c0d5f35de1000018000000aab8aebe132cfb322f7743fb518b91d3", @ANYRES32=r1, @ANYBLOB="010065301b00000000009c8171e485448f6ca606219c6185654472ef8b69a298877cf49f7fdc3148695a95a795560a6e9cc95853cc67ead84137b1e17712996d52dd67ac9255027a9cbc072d9c8ccfb65673a23f383261cb2ef644cdba8d9a07837ff58163db5b32"]) socket$packet(0x11, 0x3, 0x300) 18:32:50 executing program 2: syz_open_dev$loop(&(0x7f0000000140), 0x0, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x9}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x2, 0x0, 0x0, 0x0, 0x0, 0x2, 0x32261, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) ioctl$F2FS_IOC_GARBAGE_COLLECT_RANGE(0xffffffffffffffff, 0x4018f50b, &(0x7f0000000240)={0x0, 0x0, 0x3}) fcntl$F_SET_FILE_RW_HINT(r0, 0x40e, &(0x7f0000000040)=0x1) perf_event_open(&(0x7f0000001840)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000001800), 0xd}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x3) write(r1, &(0x7f0000000080)="01", 0x292e9) 18:32:50 executing program 6: keyctl$KEYCTL_CAPABILITIES(0x1f, &(0x7f0000000180)=""/4076, 0xfec) r0 = syz_open_dev$tty20(0xc, 0x4, 0x1) ioctl$KDGETMODE(r0, 0x4b3b, &(0x7f00000000c0)) 18:32:50 executing program 4: r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$sock_timeval(r0, 0x1, 0x49, &(0x7f0000000000)={0x77359400}, 0x10) 18:32:50 executing program 1: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000040)='devtmpfs\x00', 0x0, 0x0) syz_mount_image$tmpfs(&(0x7f00000000c0), &(0x7f0000000140)='./file0\x00', 0x0, 0x0, 0x0, 0x20, &(0x7f00000028c0)={[{@nr_inodes={'nr_inodes', 0x3d, [0x30]}}]}) 18:32:50 executing program 5: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000002c0)=@getspdinfo={0x14, 0x24, 0x1}, 0x14}}, 0x0) 18:32:50 executing program 3: syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_status={{0xf, 0x4}, {0x0, 0x0, 0x401}}}, 0x7) 18:32:50 executing program 5: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) accept4(r0, 0x0, 0x0, 0x80000) 18:32:50 executing program 1: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup3(r1, r0, 0x0) ioctl$sock_SIOCETHTOOL(r2, 0x8946, &(0x7f0000000080)={'syz_tun\x00', &(0x7f0000000000)=@ethtool_sset_info={0x41}}) 18:32:50 executing program 7: setitimer(0x2, 0x0, 0xfffffffffffffffd) [ 150.438765] syz-executor.7 calls setitimer() with new_value NULL pointer. Misfeature support will be removed 18:32:50 executing program 3: syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_status={{0xf, 0x4}, {0x0, 0x0, 0x401}}}, 0x7) 18:32:50 executing program 4: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x77, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x41, &(0x7f0000000080)=0x5b15, 0x4) sendmmsg$inet(r0, &(0x7f0000002a00)=[{{&(0x7f0000000000)={0x2, 0x4e21}, 0x10, 0x0}}], 0x1, 0x0) 18:32:50 executing program 5: r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) getsockopt$bt_BT_FLUSHABLE(r0, 0x112, 0xc, 0x0, &(0x7f0000000040)) 18:32:50 executing program 7: setitimer(0x2, 0x0, 0xfffffffffffffffd) 18:32:50 executing program 6: r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x80000001}, 0x0, 0x7ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$EXT4_IOC_CHECKPOINT(r0, 0x4004662b, &(0x7f0000000040)) r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='net/route\x00') pread64(r1, &(0x7f0000000080)=""/39, 0x27, 0x610) perf_event_open(&(0x7f00000001c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x41, 0x0) r3 = ioctl$LOOP_CTL_GET_FREE(r2, 0x4c82) syz_init_net_socket$802154_raw(0x24, 0x3, 0x0) ioctl$LOOP_CTL_REMOVE(r2, 0x4c81, r3) [ 150.510075] audit: type=1400 audit(1663007570.958:9): avc: denied { write } for pid=4104 comm="syz-executor.6" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 18:32:50 executing program 1: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup3(r1, r0, 0x0) ioctl$sock_SIOCETHTOOL(r2, 0x8946, &(0x7f0000000080)={'syz_tun\x00', &(0x7f0000000000)=@ethtool_sset_info={0x41}}) [ 154.037221] Bluetooth: hci0: Controller not accepting commands anymore: ncmd = 0 [ 154.038633] Bluetooth: hci0: Injecting HCI hardware error event [ 154.039813] Bluetooth: hci0: hardware error 0x00 [ 155.765114] Bluetooth: hci1: Opcode 0x c03 failed: -110 [ 156.085151] Bluetooth: hci0: Opcode 0x c03 failed: -110 VM DIAGNOSIS: 18:32:48 Registers: info registers vcpu 0 RAX=dffffc0000000000 RBX=0000000000000001 RCX=ffffffff8136e63f RDX=ffff7fffffffffff RSI=0000000000000008 RDI=ffffffff85b01f10 RBP=1ffffffff0b603e2 RSP=ffff88806ce09e08 R8 =0000000000000000 R9 =ffffffff85b01f17 R10=1ffffffff0b603e2 R11=0000000000000001 R12=ffff88806ce2a640 R13=ffff88806ce2a6c0 R14=dffffc0000000000 R15=0000000000000000 RIP=ffffffff81787e02 RFL=00000017 [----APC] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 00007f1b34a998c0 00000000 00000000 GS =0000 ffff88806ce00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=000055a9fd666030 CR3=000000001da36000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 YMM00=0000000000000000 0000000000000000 2525252525252525 2525252525252525 YMM01=0000000000000000 0000000000000000 00ff000000000000 000000ff00ff00ff YMM02=0000000000000000 0000000000000000 00ff000000000000 000000ff000000ff YMM03=0000000000000000 0000000000000000 696e656420737365 636341002f737973 YMM04=0000000000000000 0000000000000000 ffffffffffff0000 0000000000000000 YMM05=0000000000000000 0000000000000000 ffffffffffff0000 0000000000000000 YMM06=0000000000000000 0000000000000000 0000000000006561 6124242f6867632f YMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM08=0000000000000000 0000000000000000 2f003a7372657669 72642b0075256e00 YMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 RAX=000000000000002c RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff822b1e41 RDI=ffffffff8763fae0 RBP=ffffffff8763faa0 RSP=ffff88801f6af348 R8 =0000000000000001 R9 =000000000000000a R10=000000000000002c R11=0000000000000001 R12=000000000000002c R13=ffffffff8763faa0 R14=0000000000000010 R15=ffffffff822b1e30 RIP=ffffffff822b1e99 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 00007f9a9a32a700 00000000 00000000 GS =0000 ffff88806cf00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=000055a9fd5c0648 CR3=000000000f22a000 CR4=00350ee0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 YMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM01=0000000000000000 0000000000000000 00007f9a9ce9b7c0 00007f9a9ce9b7c8 YMM02=0000000000000000 0000000000000000 00007f9a9ce9b7e0 00007f9a9ce9b7c0 YMM03=0000000000000000 0000000000000000 00007f9a9ce9b7c8 00007f9a9ce9b7c0 YMM04=0000000000000000 0000000000000000 ffffffffffffffff ffffffff00000000 YMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM06=0000000000000000 0000000000000000 0000000000000000 000000524f525245 YMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM08=0000000000000000 0000000000000000 0000000000000000 00524f5252450040 YMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000