Warning: Permanently added '[localhost]:62125' (ECDSA) to the list of known hosts. 2022/09/23 12:29:20 fuzzer started 2022/09/23 12:29:20 dialing manager at localhost:38881 syzkaller login: [ 35.518021] cgroup: Unknown subsys name 'net' [ 35.623527] cgroup: Unknown subsys name 'rlimit' 2022/09/23 12:29:35 syscalls: 2215 2022/09/23 12:29:35 code coverage: enabled 2022/09/23 12:29:35 comparison tracing: enabled 2022/09/23 12:29:35 extra coverage: enabled 2022/09/23 12:29:35 setuid sandbox: enabled 2022/09/23 12:29:35 namespace sandbox: enabled 2022/09/23 12:29:35 Android sandbox: enabled 2022/09/23 12:29:35 fault injection: enabled 2022/09/23 12:29:35 leak checking: enabled 2022/09/23 12:29:35 net packet injection: enabled 2022/09/23 12:29:35 net device setup: enabled 2022/09/23 12:29:35 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2022/09/23 12:29:35 devlink PCI setup: PCI device 0000:00:10.0 is not available 2022/09/23 12:29:35 USB emulation: enabled 2022/09/23 12:29:35 hci packet injection: enabled 2022/09/23 12:29:35 wifi device emulation: failed to parse kernel version (6.0.0-rc6-next-20220923) 2022/09/23 12:29:35 802.15.4 emulation: enabled 2022/09/23 12:29:35 fetching corpus: 0, signal 0/2000 (executing program) 2022/09/23 12:29:35 fetching corpus: 48, signal 25710/29063 (executing program) 2022/09/23 12:29:35 fetching corpus: 98, signal 36843/41501 (executing program) 2022/09/23 12:29:35 fetching corpus: 147, signal 48588/54258 (executing program) 2022/09/23 12:29:35 fetching corpus: 197, signal 52888/59688 (executing program) 2022/09/23 12:29:36 fetching corpus: 247, signal 58753/66440 (executing program) 2022/09/23 12:29:36 fetching corpus: 297, signal 62253/70941 (executing program) 2022/09/23 12:29:36 fetching corpus: 347, signal 65983/75565 (executing program) 2022/09/23 12:29:36 fetching corpus: 397, signal 69296/79732 (executing program) 2022/09/23 12:29:36 fetching corpus: 447, signal 73329/84486 (executing program) 2022/09/23 12:29:36 fetching corpus: 497, signal 77577/89293 (executing program) 2022/09/23 12:29:36 fetching corpus: 547, signal 81784/94054 (executing program) 2022/09/23 12:29:36 fetching corpus: 597, signal 83881/96834 (executing program) 2022/09/23 12:29:36 fetching corpus: 647, signal 86584/100154 (executing program) 2022/09/23 12:29:37 fetching corpus: 697, signal 90727/104616 (executing program) 2022/09/23 12:29:37 fetching corpus: 747, signal 92919/107328 (executing program) 2022/09/23 12:29:37 fetching corpus: 797, signal 96179/110865 (executing program) 2022/09/23 12:29:37 fetching corpus: 847, signal 99351/114256 (executing program) 2022/09/23 12:29:37 fetching corpus: 897, signal 102177/117247 (executing program) 2022/09/23 12:29:37 fetching corpus: 947, signal 104741/120012 (executing program) 2022/09/23 12:29:37 fetching corpus: 997, signal 106314/121985 (executing program) 2022/09/23 12:29:37 fetching corpus: 1047, signal 108820/124614 (executing program) 2022/09/23 12:29:38 fetching corpus: 1097, signal 111783/127511 (executing program) 2022/09/23 12:29:38 fetching corpus: 1147, signal 114094/129966 (executing program) 2022/09/23 12:29:38 fetching corpus: 1197, signal 115649/131670 (executing program) 2022/09/23 12:29:38 fetching corpus: 1247, signal 117859/133788 (executing program) 2022/09/23 12:29:38 fetching corpus: 1297, signal 121208/136612 (executing program) 2022/09/23 12:29:38 fetching corpus: 1347, signal 122483/138015 (executing program) 2022/09/23 12:29:38 fetching corpus: 1396, signal 123581/139328 (executing program) 2022/09/23 12:29:39 fetching corpus: 1446, signal 124729/140672 (executing program) 2022/09/23 12:29:39 fetching corpus: 1496, signal 126422/142241 (executing program) 2022/09/23 12:29:39 fetching corpus: 1545, signal 127887/143624 (executing program) 2022/09/23 12:29:39 fetching corpus: 1595, signal 128931/144778 (executing program) 2022/09/23 12:29:39 fetching corpus: 1645, signal 130466/146152 (executing program) 2022/09/23 12:29:39 fetching corpus: 1695, signal 131729/147355 (executing program) 2022/09/23 12:29:39 fetching corpus: 1745, signal 132352/148180 (executing program) 2022/09/23 12:29:39 fetching corpus: 1795, signal 133227/149110 (executing program) 2022/09/23 12:29:40 fetching corpus: 1845, signal 134620/150281 (executing program) 2022/09/23 12:29:40 fetching corpus: 1895, signal 135664/151244 (executing program) 2022/09/23 12:29:40 fetching corpus: 1945, signal 136840/152247 (executing program) 2022/09/23 12:29:40 fetching corpus: 1995, signal 138240/153363 (executing program) 2022/09/23 12:29:40 fetching corpus: 2045, signal 139307/154292 (executing program) 2022/09/23 12:29:40 fetching corpus: 2095, signal 140830/155415 (executing program) 2022/09/23 12:29:40 fetching corpus: 2145, signal 142036/156340 (executing program) 2022/09/23 12:29:40 fetching corpus: 2195, signal 143582/157429 (executing program) 2022/09/23 12:29:40 fetching corpus: 2245, signal 144525/158166 (executing program) 2022/09/23 12:29:41 fetching corpus: 2295, signal 145658/158948 (executing program) 2022/09/23 12:29:41 fetching corpus: 2345, signal 146750/159735 (executing program) 2022/09/23 12:29:41 fetching corpus: 2395, signal 147682/160492 (executing program) 2022/09/23 12:29:41 fetching corpus: 2445, signal 148369/161024 (executing program) 2022/09/23 12:29:41 fetching corpus: 2495, signal 149139/161548 (executing program) 2022/09/23 12:29:41 fetching corpus: 2545, signal 149936/162112 (executing program) 2022/09/23 12:29:41 fetching corpus: 2595, signal 150699/162640 (executing program) 2022/09/23 12:29:41 fetching corpus: 2645, signal 151654/163213 (executing program) 2022/09/23 12:29:42 fetching corpus: 2695, signal 153640/164160 (executing program) 2022/09/23 12:29:42 fetching corpus: 2745, signal 154720/164825 (executing program) 2022/09/23 12:29:42 fetching corpus: 2795, signal 155082/165098 (executing program) 2022/09/23 12:29:42 fetching corpus: 2845, signal 156052/165557 (executing program) 2022/09/23 12:29:42 fetching corpus: 2895, signal 157301/166089 (executing program) 2022/09/23 12:29:42 fetching corpus: 2945, signal 158730/166628 (executing program) 2022/09/23 12:29:42 fetching corpus: 2995, signal 159393/166910 (executing program) 2022/09/23 12:29:42 fetching corpus: 3045, signal 160319/167308 (executing program) 2022/09/23 12:29:43 fetching corpus: 3095, signal 161331/167641 (executing program) 2022/09/23 12:29:43 fetching corpus: 3145, signal 161919/167910 (executing program) 2022/09/23 12:29:43 fetching corpus: 3195, signal 162621/168143 (executing program) 2022/09/23 12:29:43 fetching corpus: 3245, signal 163570/168411 (executing program) 2022/09/23 12:29:43 fetching corpus: 3285, signal 165198/168811 (executing program) 2022/09/23 12:29:43 fetching corpus: 3285, signal 165198/168855 (executing program) 2022/09/23 12:29:43 fetching corpus: 3285, signal 165198/168920 (executing program) 2022/09/23 12:29:43 fetching corpus: 3285, signal 165198/168973 (executing program) 2022/09/23 12:29:43 fetching corpus: 3285, signal 165198/169033 (executing program) 2022/09/23 12:29:43 fetching corpus: 3285, signal 165198/169096 (executing program) 2022/09/23 12:29:43 fetching corpus: 3285, signal 165198/169138 (executing program) 2022/09/23 12:29:43 fetching corpus: 3285, signal 165198/169190 (executing program) 2022/09/23 12:29:43 fetching corpus: 3285, signal 165198/169237 (executing program) 2022/09/23 12:29:43 fetching corpus: 3285, signal 165198/169288 (executing program) 2022/09/23 12:29:43 fetching corpus: 3285, signal 165198/169342 (executing program) 2022/09/23 12:29:43 fetching corpus: 3285, signal 165198/169394 (executing program) 2022/09/23 12:29:43 fetching corpus: 3285, signal 165198/169443 (executing program) 2022/09/23 12:29:43 fetching corpus: 3285, signal 165198/169510 (executing program) 2022/09/23 12:29:43 fetching corpus: 3285, signal 165198/169560 (executing program) 2022/09/23 12:29:43 fetching corpus: 3285, signal 165198/169616 (executing program) 2022/09/23 12:29:43 fetching corpus: 3285, signal 165198/169659 (executing program) 2022/09/23 12:29:43 fetching corpus: 3285, signal 165198/169659 (executing program) 2022/09/23 12:29:46 starting 8 fuzzer processes 12:29:46 executing program 0: syz_genetlink_get_family_id$smc(&(0x7f00000009c0), 0xffffffffffffffff) syz_open_procfs$namespace(0x0, &(0x7f0000009340)='ns/pid_for_children\x00') 12:29:46 executing program 3: rt_sigprocmask(0x0, &(0x7f0000000000)={[0x6]}, 0x0, 0x8) 12:29:46 executing program 1: mlock2(&(0x7f0000ff7000/0x4000)=nil, 0x4000, 0x0) shmat(0xffffffffffffffff, &(0x7f0000fed000/0x13000)=nil, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x80000001}, 0x0, 0x802, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x3) ioctl$EXT4_IOC_CHECKPOINT(0xffffffffffffffff, 0x4004662b, &(0x7f0000000040)) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x2000000000000000}, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat2(0xffffffffffffffff, &(0x7f0000000240)='./file0\x00', &(0x7f0000000300)={0x200, 0x21, 0x1b}, 0x18) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, 0xb) r0 = ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82) ioctl$BTRFS_IOC_DEFAULT_SUBVOL(0xffffffffffffffff, 0x40089413, &(0x7f0000000180)=0x1) ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, r0) ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, r0) openat$snapshot(0xffffffffffffff9c, &(0x7f0000000440), 0x20001, 0x0) mremap(&(0x7f0000ff7000/0x2000)=nil, 0x2000, 0x2000, 0x7, &(0x7f0000ffe000/0x2000)=nil) 12:29:46 executing program 2: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='mqueue\x00', 0x0, 0x0) syz_mount_image$tmpfs(0x0, &(0x7f0000000140)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) rename(&(0x7f0000000080)='./file1\x00', &(0x7f0000000180)='./file0\x00') 12:29:46 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$IEEE802154_LLSEC_DEL_DEV(r0, &(0x7f0000000ac0)={&(0x7f0000000980)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000a80)={&(0x7f0000000a00)={0x14}, 0x14}}, 0x0) 12:29:46 executing program 6: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000480), r0) sendmsg$IEEE802154_LLSEC_GETPARAMS(r0, &(0x7f0000000580)={&(0x7f0000000440), 0xc, &(0x7f0000000540)={&(0x7f00000004c0)={0x28, r1, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_DEV_INDEX={0x8}, @IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan0\x00'}]}, 0x28}}, 0x0) 12:29:46 executing program 5: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_MCAST_JOIN_GROUP(r0, 0x0, 0x32, 0x0, 0x0) 12:29:46 executing program 7: r0 = syz_open_dev$usbmon(&(0x7f0000000100), 0x0, 0x0) ioctl$MON_IOCX_GETX(r0, 0x4018920a, 0x0) [ 61.379588] audit: type=1400 audit(1663936186.409:6): avc: denied { execmem } for pid=289 comm="syz-executor.3" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1 [ 62.540788] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 62.547606] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 62.550130] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 62.554907] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 62.557012] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 62.558919] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 62.564399] Bluetooth: hci0: HCI_REQ-0x0c1a [ 62.595213] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 62.597007] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 62.598344] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 62.600861] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 62.602705] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 62.604070] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 62.605665] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 62.610566] Bluetooth: hci2: HCI_REQ-0x0c1a [ 62.610570] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 62.618680] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 62.622873] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 62.626103] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 62.629042] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 62.643409] Bluetooth: hci1: HCI_REQ-0x0c1a [ 62.695003] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 62.697104] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 62.698421] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 62.700331] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 62.703377] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 62.705476] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 62.706839] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 62.707883] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 62.724650] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 62.727714] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 62.731413] Bluetooth: hci5: HCI_REQ-0x0c1a [ 62.744935] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 62.750041] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 62.751023] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 62.758552] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 62.760272] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 62.762554] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 62.763504] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 62.764464] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 62.771145] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 62.776224] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 62.779260] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 62.780377] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 62.782683] Bluetooth: hci7: HCI_REQ-0x0c1a [ 62.795454] Bluetooth: hci6: HCI_REQ-0x0c1a [ 62.796258] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 62.813905] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 62.820391] Bluetooth: hci3: HCI_REQ-0x0c1a [ 64.630946] Bluetooth: hci2: command 0x0409 tx timeout [ 64.631708] Bluetooth: hci0: command 0x0409 tx timeout [ 64.693340] Bluetooth: hci4: Opcode 0x c03 failed: -110 [ 64.694577] Bluetooth: hci1: command 0x0409 tx timeout [ 64.757476] Bluetooth: hci5: command 0x0409 tx timeout [ 64.821367] Bluetooth: hci6: command 0x0409 tx timeout [ 64.822089] Bluetooth: hci7: command 0x0409 tx timeout [ 64.885357] Bluetooth: hci3: command 0x0409 tx timeout [ 66.678399] Bluetooth: hci0: command 0x041b tx timeout [ 66.678858] Bluetooth: hci2: command 0x041b tx timeout [ 66.741469] Bluetooth: hci1: command 0x041b tx timeout [ 66.806379] Bluetooth: hci5: command 0x041b tx timeout [ 66.869426] Bluetooth: hci7: command 0x041b tx timeout [ 66.869830] Bluetooth: hci6: command 0x041b tx timeout [ 66.934852] Bluetooth: hci3: command 0x041b tx timeout [ 67.534201] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 67.553810] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 67.556784] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 67.564495] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 67.566915] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 67.567797] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 67.573396] Bluetooth: hci4: HCI_REQ-0x0c1a [ 68.725363] Bluetooth: hci2: command 0x040f tx timeout [ 68.725827] Bluetooth: hci0: command 0x040f tx timeout [ 68.790335] Bluetooth: hci1: command 0x040f tx timeout [ 68.853381] Bluetooth: hci5: command 0x040f tx timeout [ 68.917338] Bluetooth: hci6: command 0x040f tx timeout [ 68.917742] Bluetooth: hci7: command 0x040f tx timeout [ 68.982391] Bluetooth: hci3: command 0x040f tx timeout [ 69.622356] Bluetooth: hci4: command 0x0409 tx timeout [ 70.773350] Bluetooth: hci0: command 0x0419 tx timeout [ 70.773842] Bluetooth: hci2: command 0x0419 tx timeout [ 70.838641] Bluetooth: hci1: command 0x0419 tx timeout [ 70.901385] Bluetooth: hci5: command 0x0419 tx timeout [ 70.966336] Bluetooth: hci7: command 0x0419 tx timeout [ 70.966746] Bluetooth: hci6: command 0x0419 tx timeout [ 71.029320] Bluetooth: hci3: command 0x0419 tx timeout [ 71.670425] Bluetooth: hci4: command 0x041b tx timeout [ 73.718400] Bluetooth: hci4: command 0x040f tx timeout [ 75.765333] Bluetooth: hci4: command 0x0419 tx timeout 12:30:41 executing program 4: syz_mount_image$msdos(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) stat(&(0x7f0000000580)='./file0\x00', &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x0}) setresuid(0x0, r0, 0x0) r1 = openat$random(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$RNDADDENTROPY(r1, 0x40085203, 0x0) 12:30:41 executing program 4: syz_mount_image$msdos(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) stat(&(0x7f0000000580)='./file0\x00', &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x0}) setresuid(0x0, r0, 0x0) r1 = openat$random(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$RNDADDENTROPY(r1, 0x40085203, 0x0) 12:30:41 executing program 4: syz_mount_image$msdos(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) stat(&(0x7f0000000580)='./file0\x00', &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x0}) setresuid(0x0, r0, 0x0) r1 = openat$random(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$RNDADDENTROPY(r1, 0x40085203, 0x0) 12:30:41 executing program 4: syz_mount_image$msdos(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) stat(&(0x7f0000000580)='./file0\x00', &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x0}) setresuid(0x0, r0, 0x0) r1 = openat$random(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$RNDADDENTROPY(r1, 0x40085203, 0x0) 12:30:41 executing program 4: syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) stat(&(0x7f0000000240)='./file0\x00', &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0}) setresuid(0x0, r0, 0x0) lchown(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) 12:30:42 executing program 2: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='mqueue\x00', 0x0, 0x0) syz_mount_image$tmpfs(0x0, &(0x7f0000000140)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) rename(&(0x7f0000000080)='./file1\x00', &(0x7f0000000180)='./file0\x00') 12:30:42 executing program 4: syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) stat(&(0x7f0000000240)='./file0\x00', &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0}) setresuid(0x0, r0, 0x0) lchown(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) 12:30:42 executing program 4: syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) stat(&(0x7f0000000240)='./file0\x00', &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0}) setresuid(0x0, r0, 0x0) lchown(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) [ 119.362508] audit: type=1400 audit(1663936244.391:7): avc: denied { open } for pid=3896 comm="syz-executor.1" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 [ 119.364318] audit: type=1400 audit(1663936244.392:8): avc: denied { kernel } for pid=3896 comm="syz-executor.1" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 [ 119.383835] ------------[ cut here ]------------ [ 119.383856] [ 119.383859] ====================================================== [ 119.383862] WARNING: possible circular locking dependency detected [ 119.383867] 6.0.0-rc6-next-20220923 #1 Not tainted [ 119.383873] ------------------------------------------------------ [ 119.383877] syz-executor.1/3897 is trying to acquire lock: [ 119.383883] ffffffff853faaf8 ((console_sem).lock){....}-{2:2}, at: down_trylock+0xe/0x70 [ 119.383923] [ 119.383923] but task is already holding lock: [ 119.383926] ffff88800ef7b020 (&ctx->lock){....}-{2:2}, at: __perf_event_task_sched_out+0x53b/0x18d0 [ 119.383956] [ 119.383956] which lock already depends on the new lock. [ 119.383956] [ 119.383959] [ 119.383959] the existing dependency chain (in reverse order) is: [ 119.383963] [ 119.383963] -> #3 (&ctx->lock){....}-{2:2}: [ 119.383977] _raw_spin_lock+0x2a/0x40 [ 119.383995] __perf_event_task_sched_out+0x53b/0x18d0 [ 119.384008] __schedule+0xedd/0x2470 [ 119.384022] schedule+0xda/0x1b0 [ 119.384034] exit_to_user_mode_prepare+0x114/0x1a0 [ 119.384046] syscall_exit_to_user_mode+0x19/0x40 [ 119.384059] do_syscall_64+0x48/0x90 [ 119.384075] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 119.384088] [ 119.384088] -> #2 (&rq->__lock){-.-.}-{2:2}: [ 119.384101] _raw_spin_lock_nested+0x30/0x40 [ 119.384119] raw_spin_rq_lock_nested+0x1e/0x30 [ 119.384132] task_fork_fair+0x63/0x4d0 [ 119.384149] sched_cgroup_fork+0x3d0/0x540 [ 119.384163] copy_process+0x4183/0x6e20 [ 119.384174] kernel_clone+0xe7/0x890 [ 119.384183] user_mode_thread+0xad/0xf0 [ 119.384193] rest_init+0x24/0x250 [ 119.384204] arch_call_rest_init+0xf/0x14 [ 119.384222] start_kernel+0x4c1/0x4e6 [ 119.384237] secondary_startup_64_no_verify+0xe0/0xeb [ 119.384251] [ 119.384251] -> #1 (&p->pi_lock){-.-.}-{2:2}: [ 119.384264] _raw_spin_lock_irqsave+0x39/0x60 [ 119.384285] try_to_wake_up+0xab/0x1930 [ 119.384298] up+0x75/0xb0 [ 119.384312] __up_console_sem+0x6e/0x80 [ 119.384328] console_unlock+0x46a/0x590 [ 119.384343] do_con_write+0xc05/0x1d50 [ 119.384355] con_write+0x21/0x40 [ 119.384366] n_tty_write+0x4d4/0xfe0 [ 119.384379] file_tty_write.constprop.0+0x49c/0x8f0 [ 119.384392] vfs_write+0x9c3/0xd90 [ 119.384410] ksys_write+0x127/0x250 [ 119.384427] do_syscall_64+0x3b/0x90 [ 119.384443] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 119.384455] [ 119.384455] -> #0 ((console_sem).lock){....}-{2:2}: [ 119.384468] __lock_acquire+0x2a02/0x5e70 [ 119.384485] lock_acquire+0x1a2/0x530 [ 119.384501] _raw_spin_lock_irqsave+0x39/0x60 [ 119.384519] down_trylock+0xe/0x70 [ 119.384533] __down_trylock_console_sem+0x3b/0xd0 [ 119.384548] vprintk_emit+0x16b/0x560 [ 119.384564] vprintk+0x84/0xa0 [ 119.384580] _printk+0xba/0xf1 [ 119.384591] report_bug.cold+0x72/0xab [ 119.384607] handle_bug+0x3c/0x70 [ 119.384623] exc_invalid_op+0x14/0x50 [ 119.384639] asm_exc_invalid_op+0x16/0x20 [ 119.384650] group_sched_out.part.0+0x2c7/0x460 [ 119.384661] ctx_sched_out+0x8f1/0xc10 [ 119.384671] __perf_event_task_sched_out+0x6d0/0x18d0 [ 119.384683] __schedule+0xedd/0x2470 [ 119.384696] schedule+0xda/0x1b0 [ 119.384709] exit_to_user_mode_prepare+0x114/0x1a0 [ 119.384719] syscall_exit_to_user_mode+0x19/0x40 [ 119.384731] do_syscall_64+0x48/0x90 [ 119.384747] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 119.384759] [ 119.384759] other info that might help us debug this: [ 119.384759] [ 119.384762] Chain exists of: [ 119.384762] (console_sem).lock --> &rq->__lock --> &ctx->lock [ 119.384762] [ 119.384776] Possible unsafe locking scenario: [ 119.384776] [ 119.384779] CPU0 CPU1 [ 119.384782] ---- ---- [ 119.384784] lock(&ctx->lock); [ 119.384789] lock(&rq->__lock); [ 119.384796] lock(&ctx->lock); [ 119.384802] lock((console_sem).lock); [ 119.384808] [ 119.384808] *** DEADLOCK *** [ 119.384808] [ 119.384810] 2 locks held by syz-executor.1/3897: [ 119.384817] #0: ffff88806cf37d18 (&rq->__lock){-.-.}-{2:2}, at: __schedule+0x1cf/0x2470 [ 119.384845] #1: ffff88800ef7b020 (&ctx->lock){....}-{2:2}, at: __perf_event_task_sched_out+0x53b/0x18d0 [ 119.384872] [ 119.384872] stack backtrace: [ 119.384875] CPU: 1 PID: 3897 Comm: syz-executor.1 Not tainted 6.0.0-rc6-next-20220923 #1 [ 119.384888] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 119.384896] Call Trace: [ 119.384899] [ 119.384903] dump_stack_lvl+0x8b/0xb3 [ 119.384921] check_noncircular+0x263/0x2e0 [ 119.384937] ? format_decode+0x26c/0xb50 [ 119.384954] ? print_circular_bug+0x450/0x450 [ 119.384970] ? enable_ptr_key_workfn+0x20/0x20 [ 119.384986] ? format_decode+0x26c/0xb50 [ 119.385003] ? alloc_chain_hlocks+0x1ec/0x5a0 [ 119.385020] __lock_acquire+0x2a02/0x5e70 [ 119.385041] ? lockdep_hardirqs_on_prepare+0x410/0x410 [ 119.385063] lock_acquire+0x1a2/0x530 [ 119.385080] ? down_trylock+0xe/0x70 [ 119.385096] ? lock_release+0x750/0x750 [ 119.385116] ? vprintk+0x84/0xa0 [ 119.385133] _raw_spin_lock_irqsave+0x39/0x60 [ 119.385152] ? down_trylock+0xe/0x70 [ 119.385167] down_trylock+0xe/0x70 [ 119.385182] ? vprintk+0x84/0xa0 [ 119.385199] __down_trylock_console_sem+0x3b/0xd0 [ 119.385216] vprintk_emit+0x16b/0x560 [ 119.385234] vprintk+0x84/0xa0 [ 119.385251] _printk+0xba/0xf1 [ 119.385262] ? record_print_text.cold+0x16/0x16 [ 119.385277] ? report_bug.cold+0x66/0xab [ 119.385295] ? group_sched_out.part.0+0x2c7/0x460 [ 119.385306] report_bug.cold+0x72/0xab [ 119.385324] handle_bug+0x3c/0x70 [ 119.385341] exc_invalid_op+0x14/0x50 [ 119.385358] asm_exc_invalid_op+0x16/0x20 [ 119.385370] RIP: 0010:group_sched_out.part.0+0x2c7/0x460 [ 119.385384] Code: 5e 41 5f e9 5b bb ef ff e8 56 bb ef ff 65 8b 1d 1b 26 ac 7e 31 ff 89 de e8 f6 b7 ef ff 85 db 0f 84 8a 00 00 00 e8 39 bb ef ff <0f> 0b e9 a5 fe ff ff e8 2d bb ef ff 48 8d 7d 10 48 b8 00 00 00 00 [ 119.385395] RSP: 0018:ffff88803fc5fc48 EFLAGS: 00010006 [ 119.385404] RAX: 0000000040000002 RBX: 0000000000000000 RCX: 0000000000000000 [ 119.385412] RDX: ffff888017601ac0 RSI: ffffffff81564fb7 RDI: 0000000000000005 [ 119.385420] RBP: ffff8880175c0000 R08: 0000000000000005 R09: 0000000000000001 [ 119.385428] R10: 0000000000000000 R11: ffffffff865b005b R12: ffff88800ef7b000 [ 119.385436] R13: ffff88806cf3d140 R14: ffffffff8547d040 R15: 0000000000000002 [ 119.385446] ? group_sched_out.part.0+0x2c7/0x460 [ 119.385460] ? group_sched_out.part.0+0x2c7/0x460 [ 119.385473] ctx_sched_out+0x8f1/0xc10 [ 119.385485] __perf_event_task_sched_out+0x6d0/0x18d0 [ 119.385501] ? lock_is_held_type+0xd7/0x130 [ 119.385514] ? __perf_cgroup_move+0x160/0x160 [ 119.385526] ? set_next_entity+0x304/0x550 [ 119.385543] ? update_curr+0x267/0x740 [ 119.385561] ? lock_is_held_type+0xd7/0x130 [ 119.385575] __schedule+0xedd/0x2470 [ 119.385591] ? io_schedule_timeout+0x150/0x150 [ 119.385607] ? rcu_read_lock_sched_held+0x3e/0x80 [ 119.385627] schedule+0xda/0x1b0 [ 119.385641] exit_to_user_mode_prepare+0x114/0x1a0 [ 119.385653] syscall_exit_to_user_mode+0x19/0x40 [ 119.385666] do_syscall_64+0x48/0x90 [ 119.385683] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 119.385696] RIP: 0033:0x7fa9a7ad7b19 [ 119.385704] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 119.385715] RSP: 002b:00007fa9a504d218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 119.385726] RAX: 0000000000000001 RBX: 00007fa9a7beaf68 RCX: 00007fa9a7ad7b19 [ 119.385733] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007fa9a7beaf6c [ 119.385740] RBP: 00007fa9a7beaf60 R08: 000000000000000e R09: 0000000000000000 [ 119.385748] R10: 0000000000000003 R11: 0000000000000246 R12: 00007fa9a7beaf6c [ 119.385755] R13: 00007ffe8471cf5f R14: 00007fa9a504d300 R15: 0000000000022000 [ 119.385767] [ 119.442815] WARNING: CPU: 1 PID: 3897 at kernel/events/core.c:2309 group_sched_out.part.0+0x2c7/0x460 [ 119.443507] Modules linked in: [ 119.443756] CPU: 1 PID: 3897 Comm: syz-executor.1 Not tainted 6.0.0-rc6-next-20220923 #1 [ 119.444355] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 119.445187] RIP: 0010:group_sched_out.part.0+0x2c7/0x460 [ 119.445591] Code: 5e 41 5f e9 5b bb ef ff e8 56 bb ef ff 65 8b 1d 1b 26 ac 7e 31 ff 89 de e8 f6 b7 ef ff 85 db 0f 84 8a 00 00 00 e8 39 bb ef ff <0f> 0b e9 a5 fe ff ff e8 2d bb ef ff 48 8d 7d 10 48 b8 00 00 00 00 [ 119.446938] RSP: 0018:ffff88803fc5fc48 EFLAGS: 00010006 [ 119.447338] RAX: 0000000040000002 RBX: 0000000000000000 RCX: 0000000000000000 [ 119.447862] RDX: ffff888017601ac0 RSI: ffffffff81564fb7 RDI: 0000000000000005 [ 119.448377] RBP: ffff8880175c0000 R08: 0000000000000005 R09: 0000000000000001 [ 119.448910] R10: 0000000000000000 R11: ffffffff865b005b R12: ffff88800ef7b000 [ 119.449452] R13: ffff88806cf3d140 R14: ffffffff8547d040 R15: 0000000000000002 [ 119.449992] FS: 00007fa9a504d700(0000) GS:ffff88806cf00000(0000) knlGS:0000000000000000 [ 119.450600] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 119.451035] CR2: 00007f6c7fbe9820 CR3: 000000001d272000 CR4: 0000000000350ee0 [ 119.451572] Call Trace: [ 119.451772] [ 119.451948] ctx_sched_out+0x8f1/0xc10 [ 119.452257] __perf_event_task_sched_out+0x6d0/0x18d0 [ 119.452661] ? lock_is_held_type+0xd7/0x130 [ 119.452998] ? __perf_cgroup_move+0x160/0x160 [ 119.453340] ? set_next_entity+0x304/0x550 [ 119.453664] ? update_curr+0x267/0x740 [ 119.453976] ? lock_is_held_type+0xd7/0x130 [ 119.454308] __schedule+0xedd/0x2470 [ 119.454599] ? io_schedule_timeout+0x150/0x150 [ 119.454952] ? rcu_read_lock_sched_held+0x3e/0x80 [ 119.455325] schedule+0xda/0x1b0 [ 119.455593] exit_to_user_mode_prepare+0x114/0x1a0 [ 119.455969] syscall_exit_to_user_mode+0x19/0x40 [ 119.456333] do_syscall_64+0x48/0x90 [ 119.456625] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 119.457013] RIP: 0033:0x7fa9a7ad7b19 [ 119.457300] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 119.458669] RSP: 002b:00007fa9a504d218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 119.459237] RAX: 0000000000000001 RBX: 00007fa9a7beaf68 RCX: 00007fa9a7ad7b19 [ 119.459772] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007fa9a7beaf6c [ 119.460295] RBP: 00007fa9a7beaf60 R08: 000000000000000e R09: 0000000000000000 [ 119.460829] R10: 0000000000000003 R11: 0000000000000246 R12: 00007fa9a7beaf6c [ 119.461368] R13: 00007ffe8471cf5f R14: 00007fa9a504d300 R15: 0000000000022000 [ 119.461907] [ 119.462087] irq event stamp: 1038 [ 119.462342] hardirqs last enabled at (1037): [] exit_to_user_mode_prepare+0x109/0x1a0 [ 119.463052] hardirqs last disabled at (1038): [] __schedule+0x1225/0x2470 [ 119.463679] softirqs last enabled at (780): [] __irq_exit_rcu+0x11b/0x180 [ 119.464319] softirqs last disabled at (771): [] __irq_exit_rcu+0x11b/0x180 [ 119.464972] ---[ end trace 0000000000000000 ]--- [ 119.514443] random: crng reseeded on system resumption [ 119.558352] random: crng reseeded on system resumption 12:30:46 executing program 0: mlock2(&(0x7f0000ff7000/0x4000)=nil, 0x4000, 0x0) shmat(0xffffffffffffffff, &(0x7f0000fed000/0x13000)=nil, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x80000001}, 0x0, 0x802, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x3) ioctl$EXT4_IOC_CHECKPOINT(0xffffffffffffffff, 0x4004662b, &(0x7f0000000040)) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x2000000000000000}, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat2(0xffffffffffffffff, &(0x7f0000000240)='./file0\x00', &(0x7f0000000300)={0x200, 0x21, 0x1b}, 0x18) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, 0xb) r0 = ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82) ioctl$BTRFS_IOC_DEFAULT_SUBVOL(0xffffffffffffffff, 0x40089413, &(0x7f0000000180)=0x1) ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, r0) ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, r0) openat$snapshot(0xffffffffffffff9c, &(0x7f0000000440), 0x20001, 0x0) mremap(&(0x7f0000ff7000/0x2000)=nil, 0x2000, 0x2000, 0x7, &(0x7f0000ffe000/0x2000)=nil) 12:30:46 executing program 7: r0 = syz_open_dev$usbmon(&(0x7f0000000100), 0x0, 0x0) ioctl$MON_IOCX_GETX(r0, 0x4018920a, 0x0) 12:30:46 executing program 5: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_MCAST_JOIN_GROUP(r0, 0x0, 0x32, 0x0, 0x0) 12:30:46 executing program 2: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='mqueue\x00', 0x0, 0x0) syz_mount_image$tmpfs(0x0, &(0x7f0000000140)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) rename(&(0x7f0000000080)='./file1\x00', &(0x7f0000000180)='./file0\x00') 12:30:46 executing program 4: syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) stat(&(0x7f0000000240)='./file0\x00', &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0}) setresuid(0x0, r0, 0x0) lchown(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) 12:30:46 executing program 6: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='mqueue\x00', 0x0, 0x0) syz_mount_image$tmpfs(0x0, &(0x7f0000000140)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) rename(&(0x7f0000000080)='./file1\x00', &(0x7f0000000180)='./file0\x00') 12:30:46 executing program 3: rt_sigprocmask(0x0, &(0x7f0000000000)={[0x6]}, 0x0, 0x8) 12:30:46 executing program 1: mlock2(&(0x7f0000ff7000/0x4000)=nil, 0x4000, 0x0) shmat(0xffffffffffffffff, &(0x7f0000fed000/0x13000)=nil, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x80000001}, 0x0, 0x802, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x3) ioctl$EXT4_IOC_CHECKPOINT(0xffffffffffffffff, 0x4004662b, &(0x7f0000000040)) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x2000000000000000}, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat2(0xffffffffffffffff, &(0x7f0000000240)='./file0\x00', &(0x7f0000000300)={0x200, 0x21, 0x1b}, 0x18) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, 0xb) r0 = ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82) ioctl$BTRFS_IOC_DEFAULT_SUBVOL(0xffffffffffffffff, 0x40089413, &(0x7f0000000180)=0x1) ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, r0) ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, r0) openat$snapshot(0xffffffffffffff9c, &(0x7f0000000440), 0x20001, 0x0) mremap(&(0x7f0000ff7000/0x2000)=nil, 0x2000, 0x2000, 0x7, &(0x7f0000ffe000/0x2000)=nil) [ 121.581001] random: crng reseeded on system resumption 12:30:46 executing program 3: rt_sigprocmask(0x0, &(0x7f0000000000)={[0x6]}, 0x0, 0x8) 12:30:46 executing program 5: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_MCAST_JOIN_GROUP(r0, 0x0, 0x32, 0x0, 0x0) 12:30:46 executing program 7: r0 = syz_open_dev$usbmon(&(0x7f0000000100), 0x0, 0x0) ioctl$MON_IOCX_GETX(r0, 0x4018920a, 0x0) 12:30:46 executing program 2: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='mqueue\x00', 0x0, 0x0) syz_mount_image$tmpfs(0x0, &(0x7f0000000140)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) rename(&(0x7f0000000080)='./file1\x00', &(0x7f0000000180)='./file0\x00') 12:30:46 executing program 4: futex(0x0, 0x80, 0x0, &(0x7f00000001c0), 0x0, 0x0) 12:30:46 executing program 1: mlock2(&(0x7f0000ff7000/0x4000)=nil, 0x4000, 0x0) shmat(0xffffffffffffffff, &(0x7f0000fed000/0x13000)=nil, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x80000001}, 0x0, 0x802, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x3) ioctl$EXT4_IOC_CHECKPOINT(0xffffffffffffffff, 0x4004662b, &(0x7f0000000040)) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x2000000000000000}, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat2(0xffffffffffffffff, &(0x7f0000000240)='./file0\x00', &(0x7f0000000300)={0x200, 0x21, 0x1b}, 0x18) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, 0xb) r0 = ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82) ioctl$BTRFS_IOC_DEFAULT_SUBVOL(0xffffffffffffffff, 0x40089413, &(0x7f0000000180)=0x1) ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, r0) ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, r0) openat$snapshot(0xffffffffffffff9c, &(0x7f0000000440), 0x20001, 0x0) mremap(&(0x7f0000ff7000/0x2000)=nil, 0x2000, 0x2000, 0x7, &(0x7f0000ffe000/0x2000)=nil) 12:30:46 executing program 6: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='mqueue\x00', 0x0, 0x0) syz_mount_image$tmpfs(0x0, &(0x7f0000000140)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) rename(&(0x7f0000000080)='./file1\x00', &(0x7f0000000180)='./file0\x00') [ 121.707107] random: crng reseeded on system resumption 12:30:46 executing program 0: mlock2(&(0x7f0000ff7000/0x4000)=nil, 0x4000, 0x0) shmat(0xffffffffffffffff, &(0x7f0000fed000/0x13000)=nil, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x80000001}, 0x0, 0x802, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x3) ioctl$EXT4_IOC_CHECKPOINT(0xffffffffffffffff, 0x4004662b, &(0x7f0000000040)) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x2000000000000000}, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat2(0xffffffffffffffff, &(0x7f0000000240)='./file0\x00', &(0x7f0000000300)={0x200, 0x21, 0x1b}, 0x18) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, 0xb) r0 = ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82) ioctl$BTRFS_IOC_DEFAULT_SUBVOL(0xffffffffffffffff, 0x40089413, &(0x7f0000000180)=0x1) ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, r0) ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, r0) openat$snapshot(0xffffffffffffff9c, &(0x7f0000000440), 0x20001, 0x0) mremap(&(0x7f0000ff7000/0x2000)=nil, 0x2000, 0x2000, 0x7, &(0x7f0000ffe000/0x2000)=nil) 12:30:46 executing program 5: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_MCAST_JOIN_GROUP(r0, 0x0, 0x32, 0x0, 0x0) 12:30:46 executing program 3: rt_sigprocmask(0x0, &(0x7f0000000000)={[0x6]}, 0x0, 0x8) 12:30:46 executing program 6: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='mqueue\x00', 0x0, 0x0) syz_mount_image$tmpfs(0x0, &(0x7f0000000140)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) rename(&(0x7f0000000080)='./file1\x00', &(0x7f0000000180)='./file0\x00') 12:30:46 executing program 7: r0 = syz_open_dev$usbmon(&(0x7f0000000100), 0x0, 0x0) ioctl$MON_IOCX_GETX(r0, 0x4018920a, 0x0) 12:30:46 executing program 1: mlock2(&(0x7f0000ff7000/0x4000)=nil, 0x4000, 0x0) shmat(0xffffffffffffffff, &(0x7f0000fed000/0x13000)=nil, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x80000001}, 0x0, 0x802, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x3) ioctl$EXT4_IOC_CHECKPOINT(0xffffffffffffffff, 0x4004662b, &(0x7f0000000040)) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x2000000000000000}, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat2(0xffffffffffffffff, &(0x7f0000000240)='./file0\x00', &(0x7f0000000300)={0x200, 0x21, 0x1b}, 0x18) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, 0xb) r0 = ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82) ioctl$BTRFS_IOC_DEFAULT_SUBVOL(0xffffffffffffffff, 0x40089413, &(0x7f0000000180)=0x1) ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, r0) ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, r0) openat$snapshot(0xffffffffffffff9c, &(0x7f0000000440), 0x20001, 0x0) mremap(&(0x7f0000ff7000/0x2000)=nil, 0x2000, 0x2000, 0x7, &(0x7f0000ffe000/0x2000)=nil) 12:30:46 executing program 4: futex(0x0, 0x80, 0x0, &(0x7f00000001c0), 0x0, 0x0) 12:30:46 executing program 2: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x23, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000290000000f000000000000000200000002000000008000000080000020000000d9f4655fd9f4655f0100ffff53ef010001000000d8f4655f000000000000000001000000000000000b000000800000000800000052470000620100000000000000000000000000000000000073797a6b616c6c6572000000000000002f746d702f73797a2d696d61676567656e31313530373134353800"/192, 0xc0, 0x400}, {&(0x7f0000010100)="000000000000000000000000708595ab15e94b9c8803908244a41818010000000c00000000000000d8f4655f00"/64, 0x40, 0x4e0}, {&(0x7f0000010200)="0100000000000500080000000000000000000000040000006e00000000000000", 0x20, 0x560}, {&(0x7f0000010300)="030000000400"/32, 0x20, 0x640}, {&(0x7f0000010400)="02000000120000002200000029000f0003000400"/32, 0x20, 0x1000}, {&(0x7f0000010500)="ff3f0c00fc010000ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff020000000c0001022e000000020000000c0002022e2e00000b00000014000a026c6f73742b666f756e6400000c0000001000050266696c65300000000f0000001000050166696c6531000000100000001000050166696c6532000000100000001000050166696c653300000011000000940f090166696c652e636f6c64000000", 0x1080, 0x2000}, {&(0x7f0000011600)="0b0000000c0001022e00000002000000f40f02022e2e00"/32, 0x20, 0x4000}, {&(0x7f0000011700)="00000000001000"/32, 0x20, 0x5000}, {&(0x7f0000011800)="00000000001000"/32, 0x20, 0x6000}, {&(0x7f0000011900)="00000000001000"/32, 0x20, 0x7000}, {&(0x7f0000011a00)="504d4d00504d4dffd9f4655f00000000647679756b6f762d676c6170746f70320000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000006c6f6f7033310075782f746573742f73797a5f6d6f756e745f696d6167655f650500"/128, 0x80, 0x8000}, {&(0x7f0000011b00)="111fc0d901000000803a0900803a090000000000060000000000000005000000", 0x20, 0x9000}, {&(0x7f0000011c00)="0200"/32, 0x20, 0x9400}, {&(0x7f0000011d00)="0300"/32, 0x20, 0x9800}, {&(0x7f0000011e00)="0400"/32, 0x20, 0x9c00}, {&(0x7f0000011f00)="0500"/32, 0x20, 0xa000}, {&(0x7f0000012000)="0000000000000000010000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000d000"/96, 0x60, 0xa400}, {&(0x7f0000012100)="2719c0d901000000803a0900803a090000000000060000000000000005000000", 0x20, 0xb000}, {&(0x7f0000012200)="0200"/32, 0x20, 0xb400}, {&(0x7f0000012300)="0300"/32, 0x20, 0xb800}, {&(0x7f0000012400)="0400"/32, 0x20, 0xbc00}, {&(0x7f0000012500)="0500"/32, 0x20, 0xc000}, {&(0x7f0000012600)="0000000000000000010000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000d000"/96, 0x60, 0xc400}, {&(0x7f0000012700)="0c0000000c0001022e000000020000000c0002022e2e00000d0000001000050166696c65300000000e000000d80f050766696c653100"/64, 0x40, 0xd000}, {&(0x7f0000012800)="ffff0100ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff000002ea0100000001000000270f240c000000000000000000000000000000000601f80f0000000006000000779b539778617474723100000601f00f00000000060000007498539778617474723200"/4192, 0x1060, 0x12000}, {&(0x7f0000013900)='\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00xattr2\x00\x00xattr1\x00\x00', 0x20, 0x13fe0}, {&(0x7f0000013a00)="0000000000000000d8f4655fd8f4655fd8f4655f00"/32, 0x20, 0x22000}, {&(0x7f0000013b00)="ed41000000100000d8f4655fd9f4655fd9f4655f00000000000004000800000000000800050000000af301000400000000000000000000000100000003000000", 0x40, 0x22080}, {&(0x7f0000013c00)="8081000000180000d8f4655fd8f4655fd8f4655f00000000000001001000000010000800000000000af301000400000000000000000000000200000009000000", 0x40, 0x22100}, {&(0x7f0000013d00)="8081000000180000d8f4655fd8f4655fd8f4655f00000000000001001000000010000800000000000af30100040000000000000000000000020000000b000000", 0x40, 0x22180}, {&(0x7f0000013e00)="c041000000400000d8f4655fd8f4655fd8f4655f00000000000002002000000000000800000000000af301000400000000000000000000000400000004000000", 0x40, 0x22500}, {&(0x7f0000013f00)="ed41000000100000d9f4655fd9f4655fd9f4655f00000000000002000800000000000800030000000af30100040000000000000000000000010000000d000000000000000000000000000000000000000000000000000000000000000000000000000000bb23913c000000000000000000000000000000000000000000000000ed8100001a040000d9f4655fd9f4655fd9f4655f00000000000001000800000000000800010000000af301000400000000000000000000000100000023000000000000000000000000000000000000000000000000000000000000000000000000000000595fe5e3000000000000000000000000000000000000000000000000ffa1000026000000d9f4655fd9f4655fd9f4655f00000000000001000000000000000000010000002f746d702f73797a2d696d61676567656e3131353037313435382f66696c65302f66696c6530000000000000000000000000000000000000000000003ca5aef1000000000000000000000000000000000000000000000000ed8100000a000000d9f4655fd9f4655fd9f4655f00000000000001001000000000000800010000000af3010004000000000000000000000001000000240000000000000000000000000000000000000000000000000000000000000000000000000000007198d9cb130000000000000000000000000000000000000000000000ed81000028230000d9f4655fd9f4655fd9f4655f00000000000002001800000000000800010000000af3010004000000000000000000000003000000250000000200000001000000270000000200000001800000270000000000000000000000000000008aff1ea9000000000000000000000000000000000000000000000000ed81000064000000d9f4655fd9f4655fd9f4655f00000000000001000800000000000800010000000af301000400000000000000000000000100000028000000000000000000000000000000000000000000000000000000000000000000000000000000867d7a1900"/768, 0x300, 0x22580}, {&(0x7f0000014200)='syzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkal\x00\x00\x00\x00\x00\x00', 0x420, 0x23000}, {&(0x7f0000014700)='syzkallers\x00'/32, 0x20, 0x24000}, {&(0x7f0000014800)='syzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallers\x00'/128, 0x80, 0x28000}], 0x0, &(0x7f0000014900)) [ 121.787136] loop2: detected capacity change from 0 to 640 [ 121.801592] random: crng reseeded on system resumption 12:30:46 executing program 7: capset(0xffffffffffffffff, 0x0) 12:30:46 executing program 3: io_setup(0x2, &(0x7f0000000400)) [ 121.841532] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 121.842915] ext4 filesystem being mounted at /syzkaller-testdir851367671/syzkaller.bwP5wZ/4/file0 supports timestamps until 2038 (0x7fffffff) [ 121.875799] EXT4-fs (loop2): unmounting filesystem. [ 121.898472] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 121.899196] misc raw-gadget: fail, usb_gadget_register_driver returned -16 12:30:46 executing program 7: capset(0xffffffffffffffff, 0x0) 12:30:46 executing program 4: futex(0x0, 0x80, 0x0, &(0x7f00000001c0), 0x0, 0x0) 12:30:46 executing program 6: prctl$PR_SET_DUMPABLE(0x35, 0x2) 12:30:46 executing program 0: mlock2(&(0x7f0000ff7000/0x4000)=nil, 0x4000, 0x0) shmat(0xffffffffffffffff, &(0x7f0000fed000/0x13000)=nil, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x80000001}, 0x0, 0x802, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x3) ioctl$EXT4_IOC_CHECKPOINT(0xffffffffffffffff, 0x4004662b, &(0x7f0000000040)) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x2000000000000000}, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat2(0xffffffffffffffff, &(0x7f0000000240)='./file0\x00', &(0x7f0000000300)={0x200, 0x21, 0x1b}, 0x18) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, 0xb) r0 = ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82) ioctl$BTRFS_IOC_DEFAULT_SUBVOL(0xffffffffffffffff, 0x40089413, &(0x7f0000000180)=0x1) ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, r0) ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, r0) openat$snapshot(0xffffffffffffff9c, &(0x7f0000000440), 0x20001, 0x0) mremap(&(0x7f0000ff7000/0x2000)=nil, 0x2000, 0x2000, 0x7, &(0x7f0000ffe000/0x2000)=nil) 12:30:46 executing program 2: syz_usb_connect_ath9k(0x3, 0x5a, &(0x7f0000000d00)={{0x12, 0x1, 0x200, 0xff, 0xff, 0xff, 0x40, 0xcf3, 0x9271, 0x108, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x48}}]}}, 0x0) 12:30:46 executing program 3: io_uring_setup(0x6725, &(0x7f0000000940)) 12:30:46 executing program 1: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0xc, &(0x7f0000001640), 0x4) 12:30:46 executing program 5: write$selinux_attr(0xffffffffffffffff, &(0x7f0000000000)='/usr/sbin/cups-browsed\x00', 0x17) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000000)={'wlan1\x00'}) readv(r0, &(0x7f0000000180)=[{&(0x7f0000000140)=""/45, 0x2d}], 0x1) [ 121.926517] random: crng reseeded on system resumption 12:30:46 executing program 7: capset(0xffffffffffffffff, 0x0) 12:30:46 executing program 3: syz_emit_ethernet(0x0, 0x0, 0x0) syz_emit_ethernet(0x0, 0x0, 0x0) 12:30:46 executing program 4: futex(0x0, 0x80, 0x0, &(0x7f00000001c0), 0x0, 0x0) 12:30:46 executing program 6: prctl$PR_SET_DUMPABLE(0x35, 0x2) 12:30:46 executing program 1: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0xc, &(0x7f0000001640), 0x4) 12:30:47 executing program 3: syz_emit_ethernet(0x0, 0x0, 0x0) syz_emit_ethernet(0x0, 0x0, 0x0) 12:30:47 executing program 6: prctl$PR_SET_DUMPABLE(0x35, 0x2) 12:30:47 executing program 1: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0xc, &(0x7f0000001640), 0x4) 12:30:47 executing program 7: capset(0xffffffffffffffff, 0x0) 12:30:47 executing program 3: syz_emit_ethernet(0x0, 0x0, 0x0) syz_emit_ethernet(0x0, 0x0, 0x0) 12:30:47 executing program 0: r0 = syz_open_dev$loop(&(0x7f00000004c0), 0x0, 0x0) ioctl$BLKGETSIZE(r0, 0x1260, &(0x7f0000000500)) 12:30:47 executing program 4: socketpair(0x0, 0x80000, 0x0, &(0x7f0000001240)) [ 122.406204] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 122.407097] misc raw-gadget: fail, usb_gadget_register_driver returned -16 12:30:47 executing program 6: prctl$PR_SET_DUMPABLE(0x35, 0x2) 12:30:47 executing program 0: r0 = syz_open_dev$loop(&(0x7f00000004c0), 0x0, 0x0) ioctl$BLKGETSIZE(r0, 0x1260, &(0x7f0000000500)) 12:30:47 executing program 7: r0 = socket$netlink(0x10, 0x3, 0x10) sendmsg$NFT_BATCH(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000440)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x3}}, [], {0x14}}, 0x28}}, 0x0) 12:30:47 executing program 5: write$selinux_attr(0xffffffffffffffff, &(0x7f0000000000)='/usr/sbin/cups-browsed\x00', 0x17) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000000)={'wlan1\x00'}) readv(r0, &(0x7f0000000180)=[{&(0x7f0000000140)=""/45, 0x2d}], 0x1) 12:30:47 executing program 3: syz_emit_ethernet(0x0, 0x0, 0x0) syz_emit_ethernet(0x0, 0x0, 0x0) 12:30:47 executing program 1: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0xc, &(0x7f0000001640), 0x4) 12:30:47 executing program 4: getitimer(0x1, &(0x7f0000000000)) 12:30:47 executing program 2: prctl$PR_GET_NAME(0x10, &(0x7f0000000280)=""/115) 12:30:47 executing program 0: r0 = syz_open_dev$loop(&(0x7f00000004c0), 0x0, 0x0) ioctl$BLKGETSIZE(r0, 0x1260, &(0x7f0000000500)) 12:30:47 executing program 7: r0 = socket$netlink(0x10, 0x3, 0x10) sendmsg$NFT_BATCH(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000440)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x3}}, [], {0x14}}, 0x28}}, 0x0) 12:30:47 executing program 6: pipe2(&(0x7f00000013c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) fgetxattr(r0, &(0x7f0000002b80)=@known='security.selinux\x00', 0x0, 0x0) 12:30:47 executing program 0: r0 = syz_open_dev$loop(&(0x7f00000004c0), 0x0, 0x0) ioctl$BLKGETSIZE(r0, 0x1260, &(0x7f0000000500)) 12:30:47 executing program 6: pipe2(&(0x7f00000013c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) fgetxattr(r0, &(0x7f0000002b80)=@known='security.selinux\x00', 0x0, 0x0) 12:30:47 executing program 4: syz_open_dev$loop(0x0, 0x0, 0x0) mknodat$loop(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0, 0x0) 12:30:47 executing program 7: r0 = socket$netlink(0x10, 0x3, 0x10) sendmsg$NFT_BATCH(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000440)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x3}}, [], {0x14}}, 0x28}}, 0x0) 12:30:48 executing program 2: prctl$PR_GET_NAME(0x10, &(0x7f0000000280)=""/115) 12:30:48 executing program 3: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$KDFONTOP_COPY(r0, 0x4b72, &(0x7f0000003900)={0x3, 0x0, 0x0, 0x0, 0x0, 0x0}) 12:30:48 executing program 1: r0 = socket$inet6(0xa, 0x1, 0x0) connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x1}, 0x1c) r1 = fcntl$dupfd(r0, 0x0, r0) r2 = socket$inet6(0xa, 0x1, 0x0) r3 = fcntl$dupfd(r2, 0x0, r2) bind$inet6(r3, &(0x7f00000000c0)={0xa, 0x7e, 0x0, @empty}, 0x1c) bind$inet6(r1, &(0x7f00000000c0)={0xa, 0x7e, 0x0, @empty}, 0x1c) 12:30:48 executing program 6: pipe2(&(0x7f00000013c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) fgetxattr(r0, &(0x7f0000002b80)=@known='security.selinux\x00', 0x0, 0x0) 12:30:48 executing program 5: write$selinux_attr(0xffffffffffffffff, &(0x7f0000000000)='/usr/sbin/cups-browsed\x00', 0x17) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000000)={'wlan1\x00'}) readv(r0, &(0x7f0000000180)=[{&(0x7f0000000140)=""/45, 0x2d}], 0x1) 12:30:48 executing program 0: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000340)=@newpolicy={0xfc, 0x13, 0x631, 0x0, 0x0, {{@in=@empty, @in=@loopback, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0xee00}}, [@tmpl={0x44, 0x5, [{{@in=@private}, 0x0, @in=@dev}]}]}, 0xfc}}, 0x0) 12:30:48 executing program 3: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$KDFONTOP_COPY(r0, 0x4b72, &(0x7f0000003900)={0x3, 0x0, 0x0, 0x0, 0x0, 0x0}) 12:30:48 executing program 1: r0 = socket$inet6(0xa, 0x1, 0x0) connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x1}, 0x1c) r1 = fcntl$dupfd(r0, 0x0, r0) r2 = socket$inet6(0xa, 0x1, 0x0) r3 = fcntl$dupfd(r2, 0x0, r2) bind$inet6(r3, &(0x7f00000000c0)={0xa, 0x7e, 0x0, @empty}, 0x1c) bind$inet6(r1, &(0x7f00000000c0)={0xa, 0x7e, 0x0, @empty}, 0x1c) 12:30:48 executing program 2: prctl$PR_GET_NAME(0x10, &(0x7f0000000280)=""/115) 12:30:48 executing program 4: r0 = socket$inet6(0xa, 0x1, 0x0) connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x1}, 0x1c) r1 = fcntl$dupfd(r0, 0x0, r0) r2 = socket$inet6(0xa, 0x1, 0x0) r3 = fcntl$dupfd(r2, 0x0, r2) bind$inet6(r3, &(0x7f00000000c0)={0xa, 0x7e, 0x0, @empty}, 0x1c) bind$inet6(r1, &(0x7f00000000c0)={0xa, 0x7e, 0x0, @empty}, 0x1c) 12:30:48 executing program 7: r0 = socket$netlink(0x10, 0x3, 0x10) sendmsg$NFT_BATCH(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000440)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x3}}, [], {0x14}}, 0x28}}, 0x0) 12:30:48 executing program 6: pipe2(&(0x7f00000013c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) fgetxattr(r0, &(0x7f0000002b80)=@known='security.selinux\x00', 0x0, 0x0) 12:30:49 executing program 2: prctl$PR_GET_NAME(0x10, &(0x7f0000000280)=""/115) 12:30:49 executing program 3: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$KDFONTOP_COPY(r0, 0x4b72, &(0x7f0000003900)={0x3, 0x0, 0x0, 0x0, 0x0, 0x0}) 12:30:49 executing program 1: r0 = socket$inet6(0xa, 0x1, 0x0) connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x1}, 0x1c) r1 = fcntl$dupfd(r0, 0x0, r0) r2 = socket$inet6(0xa, 0x1, 0x0) r3 = fcntl$dupfd(r2, 0x0, r2) bind$inet6(r3, &(0x7f00000000c0)={0xa, 0x7e, 0x0, @empty}, 0x1c) bind$inet6(r1, &(0x7f00000000c0)={0xa, 0x7e, 0x0, @empty}, 0x1c) 12:30:49 executing program 5: write$selinux_attr(0xffffffffffffffff, &(0x7f0000000000)='/usr/sbin/cups-browsed\x00', 0x17) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000000)={'wlan1\x00'}) readv(r0, &(0x7f0000000180)=[{&(0x7f0000000140)=""/45, 0x2d}], 0x1) 12:30:49 executing program 7: prctl$PR_GET_ENDIAN(0x13, 0x0) fsmount(0xffffffffffffffff, 0x0, 0x48) openat$autofs(0xffffffffffffff9c, &(0x7f0000000180), 0x100, 0x0) getpeername(0xffffffffffffffff, 0x0, &(0x7f0000003680)) seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0) 12:30:49 executing program 1: r0 = socket$inet6(0xa, 0x1, 0x0) connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x1}, 0x1c) r1 = fcntl$dupfd(r0, 0x0, r0) r2 = socket$inet6(0xa, 0x1, 0x0) r3 = fcntl$dupfd(r2, 0x0, r2) bind$inet6(r3, &(0x7f00000000c0)={0xa, 0x7e, 0x0, @empty}, 0x1c) bind$inet6(r1, &(0x7f00000000c0)={0xa, 0x7e, 0x0, @empty}, 0x1c) 12:30:49 executing program 3: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$KDFONTOP_COPY(r0, 0x4b72, &(0x7f0000003900)={0x3, 0x0, 0x0, 0x0, 0x0, 0x0}) 12:30:49 executing program 2: mbind(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x4002, &(0x7f0000000000)=0xcd5, 0x9, 0x0) get_mempolicy(0x0, 0x0, 0x0, &(0x7f0000ffb000/0x2000)=nil, 0x2) 12:30:49 executing program 0: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000340)=@newpolicy={0xfc, 0x13, 0x631, 0x0, 0x0, {{@in=@empty, @in=@loopback, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0xee00}}, [@tmpl={0x44, 0x5, [{{@in=@private}, 0x0, @in=@dev}]}]}, 0xfc}}, 0x0) 12:30:49 executing program 4: r0 = socket$inet6(0xa, 0x1, 0x0) connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x1}, 0x1c) r1 = fcntl$dupfd(r0, 0x0, r0) r2 = socket$inet6(0xa, 0x1, 0x0) r3 = fcntl$dupfd(r2, 0x0, r2) bind$inet6(r3, &(0x7f00000000c0)={0xa, 0x7e, 0x0, @empty}, 0x1c) bind$inet6(r1, &(0x7f00000000c0)={0xa, 0x7e, 0x0, @empty}, 0x1c) 12:30:49 executing program 6: r0 = msgget$private(0x0, 0x0) msgctl$IPC_SET(r0, 0x1, &(0x7f0000000080)={{0x3, 0x0, 0xee01}}) msgsnd(r0, &(0x7f0000000100)={0x3}, 0x8, 0x0) msgctl$IPC_RMID(r0, 0x0) [ 124.877468] audit: type=1326 audit(1663936249.906:9): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=4142 comm="syz-executor.7" exe="/syz-executor.7" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f877d9b6b19 code=0x0 12:30:49 executing program 1: r0 = openat$autofs(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0) r1 = socket$packet(0x11, 0x2, 0x300) ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r0, 0xc0189375, &(0x7f0000000000)={{0x1, 0x1, 0x18, r1}, './file0\x00'}) [ 125.713592] audit: type=1326 audit(1663936250.743:10): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=4142 comm="syz-executor.7" exe="/syz-executor.7" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f877d9b6b19 code=0x0 12:30:50 executing program 0: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000340)=@newpolicy={0xfc, 0x13, 0x631, 0x0, 0x0, {{@in=@empty, @in=@loopback, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0xee00}}, [@tmpl={0x44, 0x5, [{{@in=@private}, 0x0, @in=@dev}]}]}, 0xfc}}, 0x0) 12:30:50 executing program 2: mbind(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x4002, &(0x7f0000000000)=0xcd5, 0x9, 0x0) get_mempolicy(0x0, 0x0, 0x0, &(0x7f0000ffb000/0x2000)=nil, 0x2) 12:30:50 executing program 4: r0 = socket$inet6(0xa, 0x1, 0x0) connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x1}, 0x1c) r1 = fcntl$dupfd(r0, 0x0, r0) r2 = socket$inet6(0xa, 0x1, 0x0) r3 = fcntl$dupfd(r2, 0x0, r2) bind$inet6(r3, &(0x7f00000000c0)={0xa, 0x7e, 0x0, @empty}, 0x1c) bind$inet6(r1, &(0x7f00000000c0)={0xa, 0x7e, 0x0, @empty}, 0x1c) 12:30:50 executing program 3: munmap(&(0x7f0000000000/0x2000)=nil, 0x2000) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_TCP_FASTOPEN_KEY(r0, 0x6, 0x21, &(0x7f0000000000)="e65acea2ec742de264970a5968d4eef0", 0x10) 12:30:50 executing program 1: r0 = openat$autofs(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0) r1 = socket$packet(0x11, 0x2, 0x300) ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r0, 0xc0189375, &(0x7f0000000000)={{0x1, 0x1, 0x18, r1}, './file0\x00'}) 12:30:50 executing program 7: prctl$PR_GET_ENDIAN(0x13, 0x0) fsmount(0xffffffffffffffff, 0x0, 0x48) openat$autofs(0xffffffffffffff9c, &(0x7f0000000180), 0x100, 0x0) getpeername(0xffffffffffffffff, 0x0, &(0x7f0000003680)) seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0) 12:30:50 executing program 6: r0 = msgget$private(0x0, 0x0) msgctl$IPC_SET(r0, 0x1, &(0x7f0000000080)={{0x3, 0x0, 0xee01}}) msgsnd(r0, &(0x7f0000000100)={0x3}, 0x8, 0x0) msgctl$IPC_RMID(r0, 0x0) 12:30:50 executing program 5: r0 = msgget$private(0x0, 0x0) msgctl$IPC_SET(r0, 0x1, &(0x7f0000000080)={{0x3, 0x0, 0xee01}}) msgsnd(r0, &(0x7f0000000100)={0x3}, 0x8, 0x0) msgctl$IPC_RMID(r0, 0x0) [ 125.860449] audit: type=1326 audit(1663936250.889:11): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=4164 comm="syz-executor.7" exe="/syz-executor.7" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f877d9b6b19 code=0x0 12:30:50 executing program 2: mbind(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x4002, &(0x7f0000000000)=0xcd5, 0x9, 0x0) get_mempolicy(0x0, 0x0, 0x0, &(0x7f0000ffb000/0x2000)=nil, 0x2) 12:30:50 executing program 1: r0 = openat$autofs(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0) r1 = socket$packet(0x11, 0x2, 0x300) ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r0, 0xc0189375, &(0x7f0000000000)={{0x1, 0x1, 0x18, r1}, './file0\x00'}) 12:30:50 executing program 0: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000340)=@newpolicy={0xfc, 0x13, 0x631, 0x0, 0x0, {{@in=@empty, @in=@loopback, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0xee00}}, [@tmpl={0x44, 0x5, [{{@in=@private}, 0x0, @in=@dev}]}]}, 0xfc}}, 0x0) 12:30:50 executing program 3: munmap(&(0x7f0000000000/0x2000)=nil, 0x2000) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_TCP_FASTOPEN_KEY(r0, 0x6, 0x21, &(0x7f0000000000)="e65acea2ec742de264970a5968d4eef0", 0x10) 12:30:50 executing program 4: r0 = msgget$private(0x0, 0x0) msgctl$IPC_SET(r0, 0x1, &(0x7f0000000080)={{0x3, 0x0, 0xee01}}) msgsnd(r0, &(0x7f0000000100)={0x3}, 0x8, 0x0) msgctl$IPC_RMID(r0, 0x0) 12:30:51 executing program 5: r0 = msgget$private(0x0, 0x0) msgctl$IPC_SET(r0, 0x1, &(0x7f0000000080)={{0x3, 0x0, 0xee01}}) msgsnd(r0, &(0x7f0000000100)={0x3}, 0x8, 0x0) msgctl$IPC_RMID(r0, 0x0) 12:30:51 executing program 6: r0 = msgget$private(0x0, 0x0) msgctl$IPC_SET(r0, 0x1, &(0x7f0000000080)={{0x3, 0x0, 0xee01}}) msgsnd(r0, &(0x7f0000000100)={0x3}, 0x8, 0x0) msgctl$IPC_RMID(r0, 0x0) 12:30:51 executing program 1: r0 = openat$autofs(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0) r1 = socket$packet(0x11, 0x2, 0x300) ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r0, 0xc0189375, &(0x7f0000000000)={{0x1, 0x1, 0x18, r1}, './file0\x00'}) 12:30:51 executing program 3: munmap(&(0x7f0000000000/0x2000)=nil, 0x2000) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_TCP_FASTOPEN_KEY(r0, 0x6, 0x21, &(0x7f0000000000)="e65acea2ec742de264970a5968d4eef0", 0x10) 12:30:51 executing program 2: mbind(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x4002, &(0x7f0000000000)=0xcd5, 0x9, 0x0) get_mempolicy(0x0, 0x0, 0x0, &(0x7f0000ffb000/0x2000)=nil, 0x2) 12:30:51 executing program 0: mbind(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x4002, &(0x7f0000000000)=0xcd5, 0x9, 0x0) get_mempolicy(0x0, 0x0, 0x0, &(0x7f0000ffb000/0x2000)=nil, 0x2) 12:30:51 executing program 4: r0 = msgget$private(0x0, 0x0) msgctl$IPC_SET(r0, 0x1, &(0x7f0000000080)={{0x3, 0x0, 0xee01}}) msgsnd(r0, &(0x7f0000000100)={0x3}, 0x8, 0x0) msgctl$IPC_RMID(r0, 0x0) 12:30:51 executing program 3: munmap(&(0x7f0000000000/0x2000)=nil, 0x2000) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_TCP_FASTOPEN_KEY(r0, 0x6, 0x21, &(0x7f0000000000)="e65acea2ec742de264970a5968d4eef0", 0x10) 12:30:51 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) openat$pidfd(0xffffffffffffff9c, &(0x7f0000002980), 0x0, 0x0) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000002a00)={0x2, &(0x7f00000029c0)=[{}, {0xff}]}) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000002a40), 0x0) r1 = syz_open_dev$vcsu(&(0x7f0000005340), 0x401, 0x4000) statx(0xffffffffffffff9c, &(0x7f0000005380)='./file0\x00', 0x2000, 0x0, 0x0) r2 = clone3(&(0x7f0000005b80)={0xc001100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, &(0x7f0000005b40)=[0xffffffffffffffff], 0x1}, 0x58) sendmsg$netlink(r0, &(0x7f0000005d00)={&(0x7f0000000000), 0xc, &(0x7f0000002c40)=[{&(0x7f0000000040)={0x10, 0x0, 0x0, 0x0, 0x0, "", [@generic]}, 0x10}], 0x1, &(0x7f0000005c00)=[@cred={{0x1c, 0x1, 0x2, {0x0, 0xee00, 0xffffffffffffffff}}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0xee00, 0xffffffffffffffff}}}, @rights={{0x18, 0x1, 0x1, [r1, 0xffffffffffffffff]}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0xee00}}}, @cred={{0x1c}}, @cred={{0x1c, 0x1, 0x2, {r2, 0xffffffffffffffff, 0xee01}}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0x0, 0xee01}}}], 0xd8, 0x24004080}, 0x20004000) syz_genetlink_get_family_id$nl80211(&(0x7f0000005d80), 0xffffffffffffffff) 12:30:51 executing program 6: r0 = msgget$private(0x0, 0x0) msgctl$IPC_SET(r0, 0x1, &(0x7f0000000080)={{0x3, 0x0, 0xee01}}) msgsnd(r0, &(0x7f0000000100)={0x3}, 0x8, 0x0) msgctl$IPC_RMID(r0, 0x0) 12:30:51 executing program 2: request_key(&(0x7f0000000080)='id_resolver\x00', &(0x7f00000000c0)={'syz', 0x0}, &(0x7f0000000100)='syz', 0x0) 12:30:51 executing program 5: r0 = msgget$private(0x0, 0x0) msgctl$IPC_SET(r0, 0x1, &(0x7f0000000080)={{0x3, 0x0, 0xee01}}) msgsnd(r0, &(0x7f0000000100)={0x3}, 0x8, 0x0) msgctl$IPC_RMID(r0, 0x0) 12:30:51 executing program 7: prctl$PR_GET_ENDIAN(0x13, 0x0) fsmount(0xffffffffffffffff, 0x0, 0x48) openat$autofs(0xffffffffffffff9c, &(0x7f0000000180), 0x100, 0x0) getpeername(0xffffffffffffffff, 0x0, &(0x7f0000003680)) seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0) 12:30:51 executing program 0: mbind(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x4002, &(0x7f0000000000)=0xcd5, 0x9, 0x0) get_mempolicy(0x0, 0x0, 0x0, &(0x7f0000ffb000/0x2000)=nil, 0x2) 12:30:51 executing program 3: r0 = socket$inet6(0xa, 0x1, 0x0) setsockopt$inet6_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f00000001c0)=0x1, 0x4) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c) setsockopt$inet6_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f0000000000)=0xffffffffffffffff, 0x4) setsockopt$inet6_opts(r0, 0x29, 0x37, 0x0, 0x0) sendmmsg$inet6(r0, &(0x7f0000002fc0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) [ 126.802381] audit: type=1326 audit(1663936251.831:12): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=4219 comm="syz-executor.7" exe="/syz-executor.7" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f877d9b6b19 code=0x0 12:30:51 executing program 2: r0 = syz_open_procfs(0x0, &(0x7f0000000f00)='mountinfo\x00') read$hiddev(r0, &(0x7f0000000040)=""/169, 0x200000e9) 12:30:51 executing program 0: mbind(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x4002, &(0x7f0000000000)=0xcd5, 0x9, 0x0) get_mempolicy(0x0, 0x0, 0x0, &(0x7f0000ffb000/0x2000)=nil, 0x2) 12:30:51 executing program 4: r0 = msgget$private(0x0, 0x0) msgctl$IPC_SET(r0, 0x1, &(0x7f0000000080)={{0x3, 0x0, 0xee01}}) msgsnd(r0, &(0x7f0000000100)={0x3}, 0x8, 0x0) msgctl$IPC_RMID(r0, 0x0) 12:30:51 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) openat$pidfd(0xffffffffffffff9c, &(0x7f0000002980), 0x0, 0x0) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000002a00)={0x2, &(0x7f00000029c0)=[{}, {0xff}]}) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000002a40), 0x0) r1 = syz_open_dev$vcsu(&(0x7f0000005340), 0x401, 0x4000) statx(0xffffffffffffff9c, &(0x7f0000005380)='./file0\x00', 0x2000, 0x0, 0x0) r2 = clone3(&(0x7f0000005b80)={0xc001100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, &(0x7f0000005b40)=[0xffffffffffffffff], 0x1}, 0x58) sendmsg$netlink(r0, &(0x7f0000005d00)={&(0x7f0000000000), 0xc, &(0x7f0000002c40)=[{&(0x7f0000000040)={0x10, 0x0, 0x0, 0x0, 0x0, "", [@generic]}, 0x10}], 0x1, &(0x7f0000005c00)=[@cred={{0x1c, 0x1, 0x2, {0x0, 0xee00, 0xffffffffffffffff}}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0xee00, 0xffffffffffffffff}}}, @rights={{0x18, 0x1, 0x1, [r1, 0xffffffffffffffff]}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0xee00}}}, @cred={{0x1c}}, @cred={{0x1c, 0x1, 0x2, {r2, 0xffffffffffffffff, 0xee01}}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0x0, 0xee01}}}], 0xd8, 0x24004080}, 0x20004000) syz_genetlink_get_family_id$nl80211(&(0x7f0000005d80), 0xffffffffffffffff) 12:30:51 executing program 6: r0 = socket$netlink(0x10, 0x3, 0x0) openat$pidfd(0xffffffffffffff9c, &(0x7f0000002980), 0x0, 0x0) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000002a00)={0x2, &(0x7f00000029c0)=[{}, {0xff}]}) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000002a40), 0x0) r1 = syz_open_dev$vcsu(&(0x7f0000005340), 0x401, 0x4000) statx(0xffffffffffffff9c, &(0x7f0000005380)='./file0\x00', 0x2000, 0x0, 0x0) r2 = clone3(&(0x7f0000005b80)={0xc001100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, &(0x7f0000005b40)=[0xffffffffffffffff], 0x1}, 0x58) sendmsg$netlink(r0, &(0x7f0000005d00)={&(0x7f0000000000), 0xc, &(0x7f0000002c40)=[{&(0x7f0000000040)={0x10, 0x0, 0x0, 0x0, 0x0, "", [@generic]}, 0x10}], 0x1, &(0x7f0000005c00)=[@cred={{0x1c, 0x1, 0x2, {0x0, 0xee00, 0xffffffffffffffff}}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0xee00, 0xffffffffffffffff}}}, @rights={{0x18, 0x1, 0x1, [r1, 0xffffffffffffffff]}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0xee00}}}, @cred={{0x1c}}, @cred={{0x1c, 0x1, 0x2, {r2, 0xffffffffffffffff, 0xee01}}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0x0, 0xee01}}}], 0xd8, 0x24004080}, 0x20004000) syz_genetlink_get_family_id$nl80211(&(0x7f0000005d80), 0xffffffffffffffff) 12:30:51 executing program 3: r0 = socket$inet6(0xa, 0x1, 0x0) setsockopt$inet6_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f00000001c0)=0x1, 0x4) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c) setsockopt$inet6_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f0000000000)=0xffffffffffffffff, 0x4) setsockopt$inet6_opts(r0, 0x29, 0x37, 0x0, 0x0) sendmmsg$inet6(r0, &(0x7f0000002fc0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) 12:30:51 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) uname(&(0x7f0000000000)=""/59) 12:30:52 executing program 2: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f0000000200)='./file1\x00', &(0x7f0000000240)='ramfs\x00', 0x11, 0x0) umount2(&(0x7f0000017540)='./file1\x00', 0x0) 12:30:52 executing program 0: creat(&(0x7f0000000040)='./file0\x00', 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={0xffffffffffffffff}) sendmmsg$unix(r0, &(0x7f00000006c0)=[{{0x0, 0x0, 0x0}}, {{&(0x7f0000000000)=@file={0x1, './file0\x00'}, 0x6e, 0x0}}], 0x2, 0x0) 12:30:52 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) openat$pidfd(0xffffffffffffff9c, &(0x7f0000002980), 0x0, 0x0) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000002a00)={0x2, &(0x7f00000029c0)=[{}, {0xff}]}) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000002a40), 0x0) r1 = syz_open_dev$vcsu(&(0x7f0000005340), 0x401, 0x4000) statx(0xffffffffffffff9c, &(0x7f0000005380)='./file0\x00', 0x2000, 0x0, 0x0) r2 = clone3(&(0x7f0000005b80)={0xc001100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, &(0x7f0000005b40)=[0xffffffffffffffff], 0x1}, 0x58) sendmsg$netlink(r0, &(0x7f0000005d00)={&(0x7f0000000000), 0xc, &(0x7f0000002c40)=[{&(0x7f0000000040)={0x10, 0x0, 0x0, 0x0, 0x0, "", [@generic]}, 0x10}], 0x1, &(0x7f0000005c00)=[@cred={{0x1c, 0x1, 0x2, {0x0, 0xee00, 0xffffffffffffffff}}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0xee00, 0xffffffffffffffff}}}, @rights={{0x18, 0x1, 0x1, [r1, 0xffffffffffffffff]}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0xee00}}}, @cred={{0x1c}}, @cred={{0x1c, 0x1, 0x2, {r2, 0xffffffffffffffff, 0xee01}}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0x0, 0xee01}}}], 0xd8, 0x24004080}, 0x20004000) syz_genetlink_get_family_id$nl80211(&(0x7f0000005d80), 0xffffffffffffffff) 12:30:52 executing program 6: r0 = socket$netlink(0x10, 0x3, 0x0) openat$pidfd(0xffffffffffffff9c, &(0x7f0000002980), 0x0, 0x0) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000002a00)={0x2, &(0x7f00000029c0)=[{}, {0xff}]}) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000002a40), 0x0) r1 = syz_open_dev$vcsu(&(0x7f0000005340), 0x401, 0x4000) statx(0xffffffffffffff9c, &(0x7f0000005380)='./file0\x00', 0x2000, 0x0, 0x0) r2 = clone3(&(0x7f0000005b80)={0xc001100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, &(0x7f0000005b40)=[0xffffffffffffffff], 0x1}, 0x58) sendmsg$netlink(r0, &(0x7f0000005d00)={&(0x7f0000000000), 0xc, &(0x7f0000002c40)=[{&(0x7f0000000040)={0x10, 0x0, 0x0, 0x0, 0x0, "", [@generic]}, 0x10}], 0x1, &(0x7f0000005c00)=[@cred={{0x1c, 0x1, 0x2, {0x0, 0xee00, 0xffffffffffffffff}}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0xee00, 0xffffffffffffffff}}}, @rights={{0x18, 0x1, 0x1, [r1, 0xffffffffffffffff]}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0xee00}}}, @cred={{0x1c}}, @cred={{0x1c, 0x1, 0x2, {r2, 0xffffffffffffffff, 0xee01}}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0x0, 0xee01}}}], 0xd8, 0x24004080}, 0x20004000) syz_genetlink_get_family_id$nl80211(&(0x7f0000005d80), 0xffffffffffffffff) 12:30:52 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) uname(&(0x7f0000000000)=""/59) 12:30:52 executing program 3: r0 = socket$inet6(0xa, 0x1, 0x0) setsockopt$inet6_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f00000001c0)=0x1, 0x4) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c) setsockopt$inet6_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f0000000000)=0xffffffffffffffff, 0x4) setsockopt$inet6_opts(r0, 0x29, 0x37, 0x0, 0x0) sendmmsg$inet6(r0, &(0x7f0000002fc0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) 12:30:52 executing program 7: prctl$PR_GET_ENDIAN(0x13, 0x0) fsmount(0xffffffffffffffff, 0x0, 0x48) openat$autofs(0xffffffffffffff9c, &(0x7f0000000180), 0x100, 0x0) getpeername(0xffffffffffffffff, 0x0, &(0x7f0000003680)) seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0) 12:30:52 executing program 4: mq_notify(0xffffffffffffffff, 0xfffffffffffffffc) [ 127.743065] audit: type=1326 audit(1663936252.769:13): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=4256 comm="syz-executor.7" exe="/syz-executor.7" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f877d9b6b19 code=0x0 12:30:52 executing program 4: mq_notify(0xffffffffffffffff, 0xfffffffffffffffc) 12:30:52 executing program 3: r0 = socket$inet6(0xa, 0x1, 0x0) setsockopt$inet6_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f00000001c0)=0x1, 0x4) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c) setsockopt$inet6_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f0000000000)=0xffffffffffffffff, 0x4) setsockopt$inet6_opts(r0, 0x29, 0x37, 0x0, 0x0) sendmmsg$inet6(r0, &(0x7f0000002fc0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) 12:30:52 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) uname(&(0x7f0000000000)=""/59) 12:30:52 executing program 6: r0 = socket$netlink(0x10, 0x3, 0x0) openat$pidfd(0xffffffffffffff9c, &(0x7f0000002980), 0x0, 0x0) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000002a00)={0x2, &(0x7f00000029c0)=[{}, {0xff}]}) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000002a40), 0x0) r1 = syz_open_dev$vcsu(&(0x7f0000005340), 0x401, 0x4000) statx(0xffffffffffffff9c, &(0x7f0000005380)='./file0\x00', 0x2000, 0x0, 0x0) r2 = clone3(&(0x7f0000005b80)={0xc001100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, &(0x7f0000005b40)=[0xffffffffffffffff], 0x1}, 0x58) sendmsg$netlink(r0, &(0x7f0000005d00)={&(0x7f0000000000), 0xc, &(0x7f0000002c40)=[{&(0x7f0000000040)={0x10, 0x0, 0x0, 0x0, 0x0, "", [@generic]}, 0x10}], 0x1, &(0x7f0000005c00)=[@cred={{0x1c, 0x1, 0x2, {0x0, 0xee00, 0xffffffffffffffff}}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0xee00, 0xffffffffffffffff}}}, @rights={{0x18, 0x1, 0x1, [r1, 0xffffffffffffffff]}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0xee00}}}, @cred={{0x1c}}, @cred={{0x1c, 0x1, 0x2, {r2, 0xffffffffffffffff, 0xee01}}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0x0, 0xee01}}}], 0xd8, 0x24004080}, 0x20004000) syz_genetlink_get_family_id$nl80211(&(0x7f0000005d80), 0xffffffffffffffff) 12:30:52 executing program 2: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f0000000200)='./file1\x00', &(0x7f0000000240)='ramfs\x00', 0x11, 0x0) umount2(&(0x7f0000017540)='./file1\x00', 0x0) 12:30:52 executing program 0: creat(&(0x7f0000000040)='./file0\x00', 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={0xffffffffffffffff}) sendmmsg$unix(r0, &(0x7f00000006c0)=[{{0x0, 0x0, 0x0}}, {{&(0x7f0000000000)=@file={0x1, './file0\x00'}, 0x6e, 0x0}}], 0x2, 0x0) 12:30:52 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) openat$pidfd(0xffffffffffffff9c, &(0x7f0000002980), 0x0, 0x0) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000002a00)={0x2, &(0x7f00000029c0)=[{}, {0xff}]}) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000002a40), 0x0) r1 = syz_open_dev$vcsu(&(0x7f0000005340), 0x401, 0x4000) statx(0xffffffffffffff9c, &(0x7f0000005380)='./file0\x00', 0x2000, 0x0, 0x0) r2 = clone3(&(0x7f0000005b80)={0xc001100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, &(0x7f0000005b40)=[0xffffffffffffffff], 0x1}, 0x58) sendmsg$netlink(r0, &(0x7f0000005d00)={&(0x7f0000000000), 0xc, &(0x7f0000002c40)=[{&(0x7f0000000040)={0x10, 0x0, 0x0, 0x0, 0x0, "", [@generic]}, 0x10}], 0x1, &(0x7f0000005c00)=[@cred={{0x1c, 0x1, 0x2, {0x0, 0xee00, 0xffffffffffffffff}}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0xee00, 0xffffffffffffffff}}}, @rights={{0x18, 0x1, 0x1, [r1, 0xffffffffffffffff]}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0xee00}}}, @cred={{0x1c}}, @cred={{0x1c, 0x1, 0x2, {r2, 0xffffffffffffffff, 0xee01}}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0x0, 0xee01}}}], 0xd8, 0x24004080}, 0x20004000) syz_genetlink_get_family_id$nl80211(&(0x7f0000005d80), 0xffffffffffffffff) 12:30:52 executing program 4: mq_notify(0xffffffffffffffff, 0xfffffffffffffffc) 12:30:52 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) uname(&(0x7f0000000000)=""/59) 12:30:53 executing program 2: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f0000000200)='./file1\x00', &(0x7f0000000240)='ramfs\x00', 0x11, 0x0) umount2(&(0x7f0000017540)='./file1\x00', 0x0) 12:30:53 executing program 0: creat(&(0x7f0000000040)='./file0\x00', 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={0xffffffffffffffff}) sendmmsg$unix(r0, &(0x7f00000006c0)=[{{0x0, 0x0, 0x0}}, {{&(0x7f0000000000)=@file={0x1, './file0\x00'}, 0x6e, 0x0}}], 0x2, 0x0) 12:30:53 executing program 4: mq_notify(0xffffffffffffffff, 0xfffffffffffffffc) 12:30:53 executing program 6: r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0x47f, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x9, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x29}}}}]}}]}}, 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) syz_usb_control_io$hid(r0, &(0x7f0000000040)={0x24, 0x0, 0x0, 0x0, &(0x7f00000001c0)={0x0, 0x22, 0x371, {0x9}}}, &(0x7f0000000080)={0xffffffffffffffeb, 0x0, 0x0, 0x0, 0x0, 0x0}) syz_open_dev$hiddev(&(0x7f00000000c0), 0x0, 0x0) 12:30:53 executing program 5: r0 = getpid() r1 = getpid() kcmp(r0, r1, 0x5, 0xffffffffffffffff, 0xffffffffffffffff) 12:30:53 executing program 1: execveat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', &(0x7f0000000080)=[0x0], &(0x7f00000000c0)=[0x0], 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff) close(r0) execveat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', &(0x7f0000000180)=[0x0], &(0x7f00000001c0)=[0x0], 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0) write(r1, &(0x7f0000000240)="01010101", 0x4) close(r1) execveat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', &(0x7f00000002c0)=[0x0], &(0x7f0000000300)=[0x0], 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000340)='./file0\x00', 0x42, 0x0) close(r2) execveat(0xffffffffffffff9c, &(0x7f0000000380)='./file1\x00', &(0x7f00000003c0)=[0x0], &(0x7f0000000400)=[0x0], 0x0) fchmodat(0xffffffffffffff9c, &(0x7f0000000440)='./file0\x00', 0x1ff) execveat(0xffffffffffffff9c, &(0x7f0000000480)='./file1\x00', &(0x7f00000004c0)=[0x0], &(0x7f0000000500)=[0x0], 0x0) [ 128.626089] process 'syz-executor.1' launched './file1' with NULL argv: empty string added [ 128.631550] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 128.638631] misc raw-gadget: fail, usb_gadget_register_driver returned -16 12:30:53 executing program 7: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x26e1, 0x0) ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000080)={0x17e}) ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000000)={0x80, 0x8}) 12:30:53 executing program 5: r0 = getpid() r1 = getpid() kcmp(r0, r1, 0x5, 0xffffffffffffffff, 0xffffffffffffffff) 12:30:53 executing program 2: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f0000000200)='./file1\x00', &(0x7f0000000240)='ramfs\x00', 0x11, 0x0) umount2(&(0x7f0000017540)='./file1\x00', 0x0) 12:30:53 executing program 3: r0 = syz_mount_image$tmpfs(&(0x7f00000000c0), &(0x7f0000000140)='./file1\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000005e00)=ANY=[]) umount2(&(0x7f0000005dc0)='./file1\x00', 0x2) mount_setattr(r0, &(0x7f0000000040)='.\x00', 0x0, &(0x7f0000000080)={0x0, 0x0, 0x100000}, 0x20) 12:30:53 executing program 0: creat(&(0x7f0000000040)='./file0\x00', 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={0xffffffffffffffff}) sendmmsg$unix(r0, &(0x7f00000006c0)=[{{0x0, 0x0, 0x0}}, {{&(0x7f0000000000)=@file={0x1, './file0\x00'}, 0x6e, 0x0}}], 0x2, 0x0) 12:30:53 executing program 4: r0 = socket$inet6(0xa, 0x1, 0x0) setsockopt$inet6_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f00000001c0)=0x1, 0x4) connect$inet6(r0, &(0x7f00000000c0)={0xa, 0x0, 0x0, @empty}, 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0xc, &(0x7f0000000000)=[@timestamp, @window, @sack_perm, @sack_perm], 0x4) 12:30:53 executing program 1: execveat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', &(0x7f0000000080)=[0x0], &(0x7f00000000c0)=[0x0], 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff) close(r0) execveat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', &(0x7f0000000180)=[0x0], &(0x7f00000001c0)=[0x0], 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0) write(r1, &(0x7f0000000240)="01010101", 0x4) close(r1) execveat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', &(0x7f00000002c0)=[0x0], &(0x7f0000000300)=[0x0], 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000340)='./file0\x00', 0x42, 0x0) close(r2) execveat(0xffffffffffffff9c, &(0x7f0000000380)='./file1\x00', &(0x7f00000003c0)=[0x0], &(0x7f0000000400)=[0x0], 0x0) fchmodat(0xffffffffffffff9c, &(0x7f0000000440)='./file0\x00', 0x1ff) execveat(0xffffffffffffff9c, &(0x7f0000000480)='./file1\x00', &(0x7f00000004c0)=[0x0], &(0x7f0000000500)=[0x0], 0x0) 12:30:53 executing program 7: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x26e1, 0x0) ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000080)={0x17e}) ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000000)={0x80, 0x8}) 12:30:53 executing program 5: r0 = getpid() r1 = getpid() kcmp(r0, r1, 0x5, 0xffffffffffffffff, 0xffffffffffffffff) 12:30:53 executing program 3: r0 = syz_mount_image$tmpfs(&(0x7f00000000c0), &(0x7f0000000140)='./file1\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000005e00)=ANY=[]) umount2(&(0x7f0000005dc0)='./file1\x00', 0x2) mount_setattr(r0, &(0x7f0000000040)='.\x00', 0x0, &(0x7f0000000080)={0x0, 0x0, 0x100000}, 0x20) 12:30:53 executing program 4: r0 = socket$inet6(0xa, 0x1, 0x0) setsockopt$inet6_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f00000001c0)=0x1, 0x4) connect$inet6(r0, &(0x7f00000000c0)={0xa, 0x0, 0x0, @empty}, 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0xc, &(0x7f0000000000)=[@timestamp, @window, @sack_perm, @sack_perm], 0x4) [ 129.148686] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 129.150944] misc raw-gadget: fail, usb_gadget_register_driver returned -16 12:30:54 executing program 4: r0 = socket$inet6(0xa, 0x1, 0x0) setsockopt$inet6_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f00000001c0)=0x1, 0x4) connect$inet6(r0, &(0x7f00000000c0)={0xa, 0x0, 0x0, @empty}, 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0xc, &(0x7f0000000000)=[@timestamp, @window, @sack_perm, @sack_perm], 0x4) 12:30:54 executing program 0: r0 = socket$inet6(0xa, 0x1, 0x0) setsockopt$inet6_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f00000001c0)=0x1, 0x4) connect$inet6(r0, &(0x7f00000000c0)={0xa, 0x0, 0x0, @empty}, 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0xc, &(0x7f0000000000)=[@timestamp, @window, @sack_perm, @sack_perm], 0x4) 12:30:54 executing program 1: execveat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', &(0x7f0000000080)=[0x0], &(0x7f00000000c0)=[0x0], 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff) close(r0) execveat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', &(0x7f0000000180)=[0x0], &(0x7f00000001c0)=[0x0], 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0) write(r1, &(0x7f0000000240)="01010101", 0x4) close(r1) execveat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', &(0x7f00000002c0)=[0x0], &(0x7f0000000300)=[0x0], 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000340)='./file0\x00', 0x42, 0x0) close(r2) execveat(0xffffffffffffff9c, &(0x7f0000000380)='./file1\x00', &(0x7f00000003c0)=[0x0], &(0x7f0000000400)=[0x0], 0x0) fchmodat(0xffffffffffffff9c, &(0x7f0000000440)='./file0\x00', 0x1ff) execveat(0xffffffffffffff9c, &(0x7f0000000480)='./file1\x00', &(0x7f00000004c0)=[0x0], &(0x7f0000000500)=[0x0], 0x0) 12:30:54 executing program 3: r0 = syz_mount_image$tmpfs(&(0x7f00000000c0), &(0x7f0000000140)='./file1\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000005e00)=ANY=[]) umount2(&(0x7f0000005dc0)='./file1\x00', 0x2) mount_setattr(r0, &(0x7f0000000040)='.\x00', 0x0, &(0x7f0000000080)={0x0, 0x0, 0x100000}, 0x20) 12:30:54 executing program 5: r0 = getpid() r1 = getpid() kcmp(r0, r1, 0x5, 0xffffffffffffffff, 0xffffffffffffffff) 12:30:54 executing program 6: r0 = syz_mount_image$tmpfs(&(0x7f00000000c0), &(0x7f0000000140)='./file1\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000005e00)=ANY=[]) umount2(&(0x7f0000005dc0)='./file1\x00', 0x2) mount_setattr(r0, &(0x7f0000000040)='.\x00', 0x0, &(0x7f0000000080)={0x0, 0x0, 0x100000}, 0x20) 12:30:54 executing program 7: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x26e1, 0x0) ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000080)={0x17e}) ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000000)={0x80, 0x8}) 12:30:54 executing program 2: r0 = syz_mount_image$tmpfs(&(0x7f00000000c0), &(0x7f0000000140)='./file1\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000005e00)=ANY=[]) umount2(&(0x7f0000005dc0)='./file1\x00', 0x2) mount_setattr(r0, &(0x7f0000000040)='.\x00', 0x0, &(0x7f0000000080)={0x0, 0x0, 0x100000}, 0x20) 12:30:54 executing program 0: r0 = socket$inet6(0xa, 0x1, 0x0) setsockopt$inet6_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f00000001c0)=0x1, 0x4) connect$inet6(r0, &(0x7f00000000c0)={0xa, 0x0, 0x0, @empty}, 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0xc, &(0x7f0000000000)=[@timestamp, @window, @sack_perm, @sack_perm], 0x4) 12:30:54 executing program 4: r0 = socket$inet6(0xa, 0x1, 0x0) setsockopt$inet6_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f00000001c0)=0x1, 0x4) connect$inet6(r0, &(0x7f00000000c0)={0xa, 0x0, 0x0, @empty}, 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0xc, &(0x7f0000000000)=[@timestamp, @window, @sack_perm, @sack_perm], 0x4) 12:30:54 executing program 3: r0 = syz_mount_image$tmpfs(&(0x7f00000000c0), &(0x7f0000000140)='./file1\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000005e00)=ANY=[]) umount2(&(0x7f0000005dc0)='./file1\x00', 0x2) mount_setattr(r0, &(0x7f0000000040)='.\x00', 0x0, &(0x7f0000000080)={0x0, 0x0, 0x100000}, 0x20) 12:30:54 executing program 7: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x26e1, 0x0) ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000080)={0x17e}) ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000000)={0x80, 0x8}) 12:30:54 executing program 6: r0 = syz_mount_image$tmpfs(&(0x7f00000000c0), &(0x7f0000000140)='./file1\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000005e00)=ANY=[]) umount2(&(0x7f0000005dc0)='./file1\x00', 0x2) mount_setattr(r0, &(0x7f0000000040)='.\x00', 0x0, &(0x7f0000000080)={0x0, 0x0, 0x100000}, 0x20) 12:30:54 executing program 5: timer_create(0x2, 0x0, &(0x7f0000000140)) 12:30:54 executing program 1: execveat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', &(0x7f0000000080)=[0x0], &(0x7f00000000c0)=[0x0], 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff) close(r0) execveat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', &(0x7f0000000180)=[0x0], &(0x7f00000001c0)=[0x0], 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0) write(r1, &(0x7f0000000240)="01010101", 0x4) close(r1) execveat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', &(0x7f00000002c0)=[0x0], &(0x7f0000000300)=[0x0], 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000340)='./file0\x00', 0x42, 0x0) close(r2) execveat(0xffffffffffffff9c, &(0x7f0000000380)='./file1\x00', &(0x7f00000003c0)=[0x0], &(0x7f0000000400)=[0x0], 0x0) fchmodat(0xffffffffffffff9c, &(0x7f0000000440)='./file0\x00', 0x1ff) execveat(0xffffffffffffff9c, &(0x7f0000000480)='./file1\x00', &(0x7f00000004c0)=[0x0], &(0x7f0000000500)=[0x0], 0x0) VM DIAGNOSIS: 12:30:44 Registers: info registers vcpu 0 RAX=0000000000000000 RBX=0000000000120011 RCX=dead000000120012 RDX=ffff888015ca6360 RSI=ffffea0000572980 RDI=0000000048800000 RBP=ffffea0000572980 RSP=ffff88803feaf850 R8 =0000000000000001 R9 =dead000080120011 R10=ffffea0000572980 R11=0000000000000001 R12=0000000000000000 R13=ffff888007c4f780 R14=ffff888015ca6360 R15=ffff888015ca6360 RIP=ffffffff81781757 RFL=00000282 [--S----] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 00007fc7de60a8c0 00000000 00000000 GS =0000 ffff88806ce00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007fdd01f7d3f0 CR3=000000000befc000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 YMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM01=0000000000000000 0000000000000000 ffffffffffffff00 ffffffffffff0000 YMM02=0000000000000000 0000000000000000 ffffff0f0e0d0c0b 0a09080706050403 YMM03=0000000000000000 0000000000000000 696e656420737365 636341002f737973 YMM04=0000000000000000 0000000000000000 323d44455a494c41 4954494e495f4345 YMM05=0000000000000000 0000000000000000 3d5145534b534944 006b7369643d4550 YMM06=0000000000000000 0000000000000000 3d454d414e564544 00303d444955555f YMM07=0000000000000000 0000000000000000 5953425553003170 6f6f6c2f6b636f6c YMM08=0000000000000000 0000000000000000 49006d756e203c20 69000a313a56000a YMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 RAX=0000000000000063 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff822b17e1 RDI=ffffffff87645be0 RBP=ffffffff87645ba0 RSP=ffff88803fc5f698 R8 =0000000000000001 R9 =000000000000000a R10=0000000000000063 R11=0000000000000001 R12=0000000000000063 R13=ffffffff87645ba0 R14=0000000000000010 R15=ffffffff822b17d0 RIP=ffffffff822b1839 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 00007fa9a504d700 00000000 00000000 GS =0000 ffff88806cf00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007f6c7fbe9820 CR3=000000001d272000 CR4=00350ee0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 YMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM01=0000000000000000 0000000000000000 00007fa9a7bbe7c0 00007fa9a7bbe7c8 YMM02=0000000000000000 0000000000000000 00007fa9a7bbe7e0 00007fa9a7bbe7c0 YMM03=0000000000000000 0000000000000000 00007fa9a7bbe7c8 00007fa9a7bbe7c0 YMM04=0000000000000000 0000000000000000 ffffffffffffffff ffffffff00000000 YMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM06=0000000000000000 0000000000000000 0000000000000000 000000524f525245 YMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM08=0000000000000000 0000000000000000 0000000000000000 00524f5252450040 YMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000