Warning: Permanently added '[localhost]:26430' (ECDSA) to the list of known hosts. 2022/09/23 22:14:05 fuzzer started 2022/09/23 22:14:05 dialing manager at localhost:38881 syzkaller login: [ 36.504071] cgroup: Unknown subsys name 'net' [ 36.606410] cgroup: Unknown subsys name 'rlimit' 2022/09/23 22:14:20 syscalls: 2215 2022/09/23 22:14:20 code coverage: enabled 2022/09/23 22:14:20 comparison tracing: enabled 2022/09/23 22:14:20 extra coverage: enabled 2022/09/23 22:14:20 setuid sandbox: enabled 2022/09/23 22:14:20 namespace sandbox: enabled 2022/09/23 22:14:20 Android sandbox: enabled 2022/09/23 22:14:20 fault injection: enabled 2022/09/23 22:14:20 leak checking: enabled 2022/09/23 22:14:20 net packet injection: enabled 2022/09/23 22:14:20 net device setup: enabled 2022/09/23 22:14:20 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2022/09/23 22:14:20 devlink PCI setup: PCI device 0000:00:10.0 is not available 2022/09/23 22:14:20 USB emulation: enabled 2022/09/23 22:14:20 hci packet injection: enabled 2022/09/23 22:14:20 wifi device emulation: failed to parse kernel version (6.0.0-rc6-next-20220923) 2022/09/23 22:14:20 802.15.4 emulation: enabled 2022/09/23 22:14:20 fetching corpus: 50, signal 24525/26326 (executing program) 2022/09/23 22:14:20 fetching corpus: 100, signal 33818/37246 (executing program) 2022/09/23 22:14:20 fetching corpus: 150, signal 43451/48303 (executing program) 2022/09/23 22:14:20 fetching corpus: 200, signal 52246/58397 (executing program) 2022/09/23 22:14:21 fetching corpus: 250, signal 57309/64794 (executing program) 2022/09/23 22:14:21 fetching corpus: 300, signal 63937/72572 (executing program) 2022/09/23 22:14:21 fetching corpus: 350, signal 68689/78474 (executing program) 2022/09/23 22:14:21 fetching corpus: 400, signal 70177/81248 (executing program) 2022/09/23 22:14:21 fetching corpus: 450, signal 74043/86229 (executing program) 2022/09/23 22:14:21 fetching corpus: 500, signal 77828/91032 (executing program) 2022/09/23 22:14:21 fetching corpus: 550, signal 80934/95136 (executing program) 2022/09/23 22:14:21 fetching corpus: 600, signal 83927/99140 (executing program) 2022/09/23 22:14:22 fetching corpus: 650, signal 88430/104379 (executing program) 2022/09/23 22:14:22 fetching corpus: 700, signal 90634/107548 (executing program) 2022/09/23 22:14:22 fetching corpus: 750, signal 93801/111539 (executing program) 2022/09/23 22:14:22 fetching corpus: 800, signal 96646/115261 (executing program) 2022/09/23 22:14:22 fetching corpus: 850, signal 100623/119851 (executing program) 2022/09/23 22:14:22 fetching corpus: 900, signal 103056/123009 (executing program) 2022/09/23 22:14:22 fetching corpus: 950, signal 107422/127782 (executing program) 2022/09/23 22:14:22 fetching corpus: 1000, signal 111315/132073 (executing program) 2022/09/23 22:14:23 fetching corpus: 1050, signal 117616/138289 (executing program) 2022/09/23 22:14:23 fetching corpus: 1100, signal 118988/140375 (executing program) 2022/09/23 22:14:23 fetching corpus: 1150, signal 120457/142502 (executing program) 2022/09/23 22:14:23 fetching corpus: 1200, signal 121794/144520 (executing program) 2022/09/23 22:14:23 fetching corpus: 1250, signal 125368/148235 (executing program) 2022/09/23 22:14:23 fetching corpus: 1300, signal 126813/150279 (executing program) 2022/09/23 22:14:23 fetching corpus: 1350, signal 127811/151912 (executing program) 2022/09/23 22:14:23 fetching corpus: 1400, signal 129602/154267 (executing program) 2022/09/23 22:14:24 fetching corpus: 1450, signal 130779/156014 (executing program) 2022/09/23 22:14:24 fetching corpus: 1500, signal 132444/158093 (executing program) 2022/09/23 22:14:24 fetching corpus: 1550, signal 133222/159508 (executing program) 2022/09/23 22:14:24 fetching corpus: 1600, signal 134846/161541 (executing program) 2022/09/23 22:14:24 fetching corpus: 1650, signal 135920/163140 (executing program) 2022/09/23 22:14:24 fetching corpus: 1700, signal 137481/165162 (executing program) 2022/09/23 22:14:24 fetching corpus: 1750, signal 139204/167174 (executing program) 2022/09/23 22:14:24 fetching corpus: 1800, signal 140371/168744 (executing program) 2022/09/23 22:14:24 fetching corpus: 1850, signal 141337/170173 (executing program) 2022/09/23 22:14:25 fetching corpus: 1900, signal 142366/171588 (executing program) 2022/09/23 22:14:25 fetching corpus: 1950, signal 144631/173860 (executing program) 2022/09/23 22:14:25 fetching corpus: 2000, signal 145456/175174 (executing program) 2022/09/23 22:14:25 fetching corpus: 2050, signal 146359/176479 (executing program) 2022/09/23 22:14:25 fetching corpus: 2100, signal 147721/178060 (executing program) 2022/09/23 22:14:25 fetching corpus: 2150, signal 148959/179579 (executing program) 2022/09/23 22:14:25 fetching corpus: 2200, signal 149823/180880 (executing program) 2022/09/23 22:14:25 fetching corpus: 2250, signal 151642/182644 (executing program) 2022/09/23 22:14:26 fetching corpus: 2300, signal 153328/184335 (executing program) 2022/09/23 22:14:26 fetching corpus: 2350, signal 154720/185848 (executing program) 2022/09/23 22:14:26 fetching corpus: 2400, signal 156650/187595 (executing program) 2022/09/23 22:14:26 fetching corpus: 2450, signal 157816/188942 (executing program) 2022/09/23 22:14:26 fetching corpus: 2500, signal 158445/189949 (executing program) 2022/09/23 22:14:26 fetching corpus: 2550, signal 159409/191131 (executing program) 2022/09/23 22:14:26 fetching corpus: 2600, signal 160248/192190 (executing program) 2022/09/23 22:14:26 fetching corpus: 2650, signal 160989/193255 (executing program) 2022/09/23 22:14:26 fetching corpus: 2700, signal 161626/194210 (executing program) 2022/09/23 22:14:27 fetching corpus: 2750, signal 162471/195264 (executing program) 2022/09/23 22:14:27 fetching corpus: 2800, signal 163504/196386 (executing program) 2022/09/23 22:14:27 fetching corpus: 2850, signal 164339/197446 (executing program) 2022/09/23 22:14:27 fetching corpus: 2900, signal 165075/198397 (executing program) 2022/09/23 22:14:27 fetching corpus: 2950, signal 165841/199334 (executing program) 2022/09/23 22:14:27 fetching corpus: 3000, signal 166695/200285 (executing program) 2022/09/23 22:14:27 fetching corpus: 3050, signal 167407/201161 (executing program) 2022/09/23 22:14:27 fetching corpus: 3100, signal 168393/202215 (executing program) 2022/09/23 22:14:27 fetching corpus: 3150, signal 169398/203239 (executing program) 2022/09/23 22:14:28 fetching corpus: 3200, signal 169954/204033 (executing program) 2022/09/23 22:14:28 fetching corpus: 3250, signal 170505/204809 (executing program) 2022/09/23 22:14:28 fetching corpus: 3300, signal 171568/205787 (executing program) 2022/09/23 22:14:28 fetching corpus: 3350, signal 172356/206665 (executing program) 2022/09/23 22:14:28 fetching corpus: 3400, signal 173081/207471 (executing program) 2022/09/23 22:14:28 fetching corpus: 3450, signal 173723/208198 (executing program) 2022/09/23 22:14:28 fetching corpus: 3500, signal 176685/209769 (executing program) 2022/09/23 22:14:28 fetching corpus: 3550, signal 177468/210523 (executing program) 2022/09/23 22:14:29 fetching corpus: 3600, signal 178807/211499 (executing program) 2022/09/23 22:14:29 fetching corpus: 3650, signal 179683/212302 (executing program) 2022/09/23 22:14:29 fetching corpus: 3700, signal 180466/213017 (executing program) 2022/09/23 22:14:29 fetching corpus: 3750, signal 181322/213765 (executing program) 2022/09/23 22:14:29 fetching corpus: 3800, signal 181991/214467 (executing program) 2022/09/23 22:14:29 fetching corpus: 3850, signal 183200/215286 (executing program) 2022/09/23 22:14:29 fetching corpus: 3900, signal 184666/216152 (executing program) 2022/09/23 22:14:30 fetching corpus: 3950, signal 185390/216789 (executing program) 2022/09/23 22:14:30 fetching corpus: 4000, signal 187095/217735 (executing program) 2022/09/23 22:14:30 fetching corpus: 4050, signal 188114/218411 (executing program) 2022/09/23 22:14:30 fetching corpus: 4100, signal 188563/218887 (executing program) 2022/09/23 22:14:30 fetching corpus: 4150, signal 189112/219386 (executing program) 2022/09/23 22:14:30 fetching corpus: 4200, signal 189866/219960 (executing program) 2022/09/23 22:14:30 fetching corpus: 4250, signal 191067/220598 (executing program) 2022/09/23 22:14:30 fetching corpus: 4300, signal 191677/221070 (executing program) 2022/09/23 22:14:31 fetching corpus: 4350, signal 192474/221596 (executing program) 2022/09/23 22:14:31 fetching corpus: 4400, signal 193412/222124 (executing program) 2022/09/23 22:14:31 fetching corpus: 4450, signal 193961/222595 (executing program) 2022/09/23 22:14:31 fetching corpus: 4500, signal 194765/223089 (executing program) 2022/09/23 22:14:31 fetching corpus: 4550, signal 195209/223537 (executing program) 2022/09/23 22:14:31 fetching corpus: 4600, signal 196296/224077 (executing program) 2022/09/23 22:14:31 fetching corpus: 4650, signal 197284/224625 (executing program) 2022/09/23 22:14:31 fetching corpus: 4700, signal 197714/224979 (executing program) 2022/09/23 22:14:32 fetching corpus: 4750, signal 198022/225317 (executing program) 2022/09/23 22:14:32 fetching corpus: 4800, signal 199040/225768 (executing program) 2022/09/23 22:14:32 fetching corpus: 4850, signal 199442/226122 (executing program) 2022/09/23 22:14:32 fetching corpus: 4900, signal 199907/226473 (executing program) 2022/09/23 22:14:32 fetching corpus: 4950, signal 200825/226853 (executing program) 2022/09/23 22:14:32 fetching corpus: 5000, signal 201878/227219 (executing program) 2022/09/23 22:14:32 fetching corpus: 5050, signal 202314/227523 (executing program) 2022/09/23 22:14:32 fetching corpus: 5100, signal 202815/227808 (executing program) 2022/09/23 22:14:33 fetching corpus: 5150, signal 203388/228112 (executing program) 2022/09/23 22:14:33 fetching corpus: 5200, signal 203875/228393 (executing program) 2022/09/23 22:14:33 fetching corpus: 5250, signal 204529/228673 (executing program) 2022/09/23 22:14:33 fetching corpus: 5300, signal 205126/229023 (executing program) 2022/09/23 22:14:33 fetching corpus: 5350, signal 206049/229292 (executing program) 2022/09/23 22:14:33 fetching corpus: 5400, signal 206578/229539 (executing program) 2022/09/23 22:14:33 fetching corpus: 5450, signal 207338/229782 (executing program) 2022/09/23 22:14:33 fetching corpus: 5500, signal 207933/230074 (executing program) 2022/09/23 22:14:34 fetching corpus: 5550, signal 208547/230295 (executing program) 2022/09/23 22:14:34 fetching corpus: 5600, signal 209343/230499 (executing program) 2022/09/23 22:14:34 fetching corpus: 5650, signal 209923/230730 (executing program) 2022/09/23 22:14:34 fetching corpus: 5700, signal 210409/230815 (executing program) 2022/09/23 22:14:34 fetching corpus: 5750, signal 211067/230815 (executing program) 2022/09/23 22:14:34 fetching corpus: 5800, signal 211516/230833 (executing program) 2022/09/23 22:14:34 fetching corpus: 5850, signal 212157/230845 (executing program) 2022/09/23 22:14:34 fetching corpus: 5900, signal 213150/230847 (executing program) 2022/09/23 22:14:34 fetching corpus: 5920, signal 213421/230856 (executing program) 2022/09/23 22:14:34 fetching corpus: 5920, signal 213421/230856 (executing program) 2022/09/23 22:14:37 starting 8 fuzzer processes 22:14:37 executing program 0: ioctl$CDROMSUBCHNL(0xffffffffffffffff, 0x530b, &(0x7f0000000000)={0x0, 0x1, 0xd, 0x3, 0x0, 0x7, @msf={0xf9, 0x81, 0x3f}, @lba=0x170}) ioctl$CDROMREADTOCENTRY(0xffffffffffffffff, 0x5306, &(0x7f0000000040)={0x4, 0xc, 0x6, 0x0, @lba=0x4, 0x81}) r0 = syz_open_dev$vcsa(&(0x7f0000000080), 0xc905089, 0x410000) ioctl$AUTOFS_DEV_IOCTL_FAIL(r0, 0xc0189377, &(0x7f00000000c0)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x3f, 0x3ff}}, './file0\x00'}) r2 = syz_open_dev$vcsa(&(0x7f0000000100), 0x2, 0x40101) ioctl$CDROM_GET_MCN(r2, 0x5311, &(0x7f0000000140)) getsockopt$inet6_IPV6_IPSEC_POLICY(r1, 0x29, 0x22, &(0x7f00000005c0)={{{@in=@initdev, @in6=@remote, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@initdev}, 0x0, @in6=@remote}}, &(0x7f00000006c0)=0xe8) fstat(r2, &(0x7f0000000700)={0x0, 0x0, 0x0, 0x0, 0x0}) r5 = syz_mount_image$vfat(&(0x7f0000000180), &(0x7f00000001c0)='./file0\x00', 0x25e, 0x4, &(0x7f0000000540)=[{&(0x7f0000000200)="e1dec46e7cb5c43da10e74c183f81465dfa60843e322356ffa3681462b4cecdf4a4e710fe8f7f8ffb3300c88146b19ed0c08c3b2b7f131f8d23931e1630cacc6da0d4bc2e5a322f90739c702159b8ad4ed199470a5b4ecea682dd50dbeb5c85094ffa5a23c3e342c17e8e22e2f5899ba1025af17038e7b1d91a9ed3f76d9a33e87d6c007ca285f", 0x87, 0x100000000}, {&(0x7f00000002c0)="3ed77499a0761b469b24d234b826992fbf3f67224f5ce8d2b3f3af6c32c92e1b02da6fcfa715949e36b595e4b759bdba4592d8659025d9de01c8019455be20bb80fe656170be71651fe268f85bddf18a736b71e0e4021d8977ae0668ccbe47df06f25f52e825ed83553bf11f5fe21bedfa735250a007d1a0d8d830f0d50d29c96bffd713fb45760f505d57ced06e0c7c4d036f0936eea2510ad4d5fccc47bdf293945860d2838c77521fc702a446a86539d49285dcd30e0edc5acbb410d79805c9a33e8c148101ab179b158cbe24ed4eb9cb707cd70e76", 0xd7, 0x80000000}, {&(0x7f00000003c0)="03f05db8977f0cb79ced2af13afda5d6ec6446055115fa748b021770c75e4015a7e4459f88cea3da802ffbcf0b10ab516dc0464bf25a9d16233dfa66de7d1cc805ee3ac40e4a9c0d530d5da5d6e007e84eeecd135610f3997189286f616de6b9b0f9beae8ddb629c55629035bcbe2395df09d20f35bbd29486b1513414c578ccb235f57d43c6401d0e40a7216b0ec8a843556eabe0f5fc1c823c405a84a05dd416652f84e88d9f9868e13d8119d1c62871e363135428a9d4fd660383506f3a3593ed29b3a17865305a4d375b08eb48d9e95c984447d21029b3d3cb8068e2b1", 0xdf, 0xffffffff}, {&(0x7f00000004c0)="8135cc2231e95e7ae48d12bb41d8bea3ba8b5d9885d38accf4c20e539f0c7d711268f31f11091cc22d74ff46b0907ebfe8a8763e5d54ebb1deaf17fef7820dccaebce37a7c73241a", 0x48, 0x9}], 0x800000, &(0x7f0000000780)={[{@rodir}], [{@uid_gt={'uid>', r3}}, {@fsmagic}, {@seclabel}, {@fowner_eq={'fowner', 0x3d, r4}}, {@obj_type={'obj_type', 0x3d, '/)(/\''}}, {@obj_user={'obj_user', 0x3d, '-'}}]}) ioctl$FS_IOC_GETVERSION(r1, 0x80087601, &(0x7f0000000800)) preadv2(r5, &(0x7f0000000b80)=[{&(0x7f0000000840)=""/173, 0xad}, {&(0x7f0000000900)=""/154, 0x9a}, {&(0x7f00000009c0)=""/130, 0x82}, {&(0x7f0000000a80)=""/22, 0x16}, {&(0x7f0000000ac0)=""/148, 0x94}], 0x5, 0x81, 0x9, 0x8) r6 = dup2(r5, r2) ioctl$BTRFS_IOC_TREE_SEARCH_V2(r0, 0xc0709411, &(0x7f0000000c00)={{0x0, 0x7fff, 0x3f, 0x7, 0x6, 0x7ff, 0xc9, 0x2, 0x2, 0x56, 0x9, 0x80000, 0x8000, 0x400, 0x4}, 0x40, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) r7 = openat$tun(0xffffffffffffff9c, &(0x7f0000000cc0), 0x200, 0x0) write(r7, &(0x7f0000000d00)="ea277a71f4521579eebe607fbcab4457df4728d4f03557e49e63da7e08fa76ba2cb338bd68f59487d0a1256328f60ff912a12027768aa345887c540356e69c46b98759cf8ffc891a5352d51089587bc8b49f41a2853b2d9e0323b39e95cd236824abb3bfc4877676fa2546de678e7639ec016e6483baf28278b950c77b26b50e05bcfa8782659afc0c9d249d589c0c5ec2", 0x91) ioctl$TUNGETVNETHDRSZ(r2, 0x800454d7, &(0x7f0000000dc0)) finit_module(r6, &(0x7f0000000e00)='\x00', 0x3) ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(r2, 0xc018937e, &(0x7f0000000e40)={{0x1, 0x1, 0x18, r7, @out_args}, './file0\x00'}) ioctl$TUNSETIFF(r8, 0x400454ca, &(0x7f0000000e80)={'macvlan1\x00'}) ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, &(0x7f0000000ec0)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x1}}, './file0\x00'}) 22:14:37 executing program 1: ioctl$AUTOFS_DEV_IOCTL_CATATONIC(0xffffffffffffffff, 0xc0189379, &(0x7f0000000000)={{0x1, 0x1, 0x18, 0xffffffffffffffff}, './file0\x00'}) ioctl$CDROM_GET_MCN(r0, 0x5311, &(0x7f0000000040)) ioctl$DVD_WRITE_STRUCT(r0, 0x5390, &(0x7f0000000080)=@bca={0x3, 0xbc, "c7b7dbccb2fc9e06b958467d002ce50137ba9ee02499d2f0722b4434a88dc77a162529a106a3f20124795f0038c156ecde056e1eeb3c4a3dcb645da99583b22e3dcc1d34e43783c6a3c2ce5743e2adbeeeccbffea2483f549be604b73831051c8a619e5f3c41dc91c9b398b11a9ed5834b2b8b202baaba69558a9324f32850d5cd93ce995d8c93a05aaa9062079e9aeb224197345d62390f087a26c8fd56c04a8157955d972103310fb38b162baa57bd64c21e89d6307fcd465845c2"}) r1 = openat$tcp_congestion(0xffffffffffffff9c, &(0x7f00000008c0), 0x1, 0x0) r2 = dup2(r0, r0) kcmp$KCMP_EPOLL_TFD(0xffffffffffffffff, 0x0, 0x7, r1, &(0x7f0000000900)={r2, r0, 0x8}) r3 = syz_open_dev$vcsa(&(0x7f0000000940), 0x7, 0x400080) ioctl$CDROMREADCOOKED(r3, 0x5315, &(0x7f0000000980)) r4 = openat2(r3, &(0x7f0000001400)='./file0\x00', &(0x7f0000001440)={0x0, 0xec, 0x11}, 0x18) r5 = openat(r0, &(0x7f0000001480)='./file0\x00', 0x200, 0x94) ioctl$CDROMREADMODE1(r5, 0x530d, &(0x7f00000014c0)={0x7f, 0x6, 0x1, 0x8, 0x8, 0x1}) mknod$loop(&(0x7f0000001f40)='./file0\x00', 0x80, 0x1) r6 = openat$vcs(0xffffffffffffff9c, &(0x7f0000001f80), 0x1, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(r6, 0x40106614, &(0x7f0000001fc0)) ioctl$DVD_WRITE_STRUCT(r3, 0x5390, &(0x7f0000002000)=@bca={0x3, 0xbc, "2a7476363949e82bf4cce92e3021e2a18032d613fc097ffc9d5fb372de70be7eb53074ead28a067c253858549413174890c5c145014fa3acd0470b07c957e0951893aff90b171c720d957739d235a8cae08805b1132145de054a89369714f1a99574b23ee362e1f26dd13be74399c0dec1aef4c0e6f3b44326330c2af46286f5f208c73c82418093126699a6e88143f91678b7ca55da6f78947ee34c42f8042ec437ad315f833ec86b782a994736417ea824839a1d40c825d0483c91"}) ioctl$BLKSECDISCARD(r4, 0x127d, &(0x7f0000002840)=0x1) ioctl$CDROMSTART(r6, 0x5308) write$binfmt_script(r1, &(0x7f0000002880)={'#! ', './file0', [{0x20, '\x00'}], 0xa, "fd948958a421ea29073b5543270bfddfeb298cd10086703b29ea1a044c77f9b89987099a859a825f17486395b6619fc959d348a85a6dbc108bedc3242c11dde0"}, 0x4d) r7 = syz_open_dev$tty20(0xc, 0x4, 0x1) ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r5, 0xc0189375, &(0x7f0000002900)={{0x1, 0x1, 0x18, r7}, './file0\x00'}) 22:14:37 executing program 3: r0 = socket(0x28, 0x3, 0x7fffffff) write$bt_hci(r0, &(0x7f0000000000)={0x1, @disconn_phy_link={{0x437, 0x2}, {0xc9, 0x3}}}, 0x6) ioctl$sock_SIOCSPGRP(r0, 0x8902, &(0x7f0000000040)=0xffffffffffffffff) ioctl$sock_FIOSETOWN(r0, 0x8901, &(0x7f0000000080)=0xffffffffffffffff) setsockopt$ARPT_SO_SET_ADD_COUNTERS(r0, 0x0, 0x61, &(0x7f00000000c0)={'filter\x00', 0x4}, 0x68) setsockopt$sock_linger(r0, 0x1, 0xd, &(0x7f0000000140)={0x1, 0x4}, 0x8) ioctl$HCIINQUIRY(r0, 0x800448f0, &(0x7f0000000180)={0x2, 0xff, "cef4bc", 0x4, 0x2}) ioctl$BTRFS_IOC_BALANCE_CTL(r0, 0x40049421, 0x3) r1 = syz_open_dev$vcsa(&(0x7f00000001c0), 0x7, 0x0) getsockopt$IPT_SO_GET_REVISION_MATCH(r1, 0x0, 0x42, &(0x7f0000000200)={'IDLETIMER\x00'}, &(0x7f0000000240)=0x1e) getsockopt$inet_IP_XFRM_POLICY(r1, 0x0, 0x11, &(0x7f0000000280)={{{@in6=@loopback, @in6=@ipv4={""/10, ""/2, @dev}}}, {{}, 0x0, @in=@local}}, &(0x7f0000000380)=0xe8) ioctl$BTRFS_IOC_GET_SUPPORTED_FEATURES(r1, 0x80489439, &(0x7f00000003c0)) ioctl$EXT4_IOC_PRECACHE_EXTENTS(r1, 0x6612) r2 = openat(r1, &(0x7f0000000440)='./file0\x00', 0x400201, 0x1) r3 = accept$inet6(r0, &(0x7f0000000480)={0xa, 0x0, 0x0, @empty}, &(0x7f00000004c0)=0x1c) close_range(r3, r0, 0x0) ioctl$INCFS_IOC_GET_FILLED_BLOCKS(r0, 0x80286722, &(0x7f00000005c0)={&(0x7f0000000500)=""/189, 0xbd, 0x4, 0x92b}) r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r2, 0x9, 0x0, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000640)=@IORING_OP_EPOLL_CTL=@mod={0x1d, 0x0, 0x0, r1, &(0x7f0000000600)={0x40000000}, r3, 0x3, 0x0, 0x0, {0x0, r4}}, 0x6206) getsockopt$IP_SET_OP_GET_FNAME(r1, 0x1, 0x53, &(0x7f0000000680)={0x8, 0x7, 0x0, 'syz1\x00'}, &(0x7f00000006c0)=0x2c) 22:14:37 executing program 2: ioctl$AUTOFS_DEV_IOCTL_VERSION(0xffffffffffffffff, 0xc0189371, &(0x7f0000000000)={{0x1, 0x1, 0x18, 0xffffffffffffffff}, './file0\x00'}) getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffffff, 0x29, 0x22, &(0x7f0000000040)={{{@in6=@private2, @in6=@empty, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@dev}, 0x0, @in6=@private2}}, &(0x7f0000000140)=0xe8) ioctl$sock_ipv6_tunnel_SIOCCHG6RD(r0, 0x89fb, &(0x7f0000000200)={'ip6tnl0\x00', &(0x7f0000000180)={'ip6gre0\x00', r1, 0x2f, 0x81, 0x0, 0x10001, 0x4c, @mcast1, @private0={0xfc, 0x0, '\x00', 0x1}, 0x80, 0x700, 0x5a, 0xa49}}) r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) sendmsg$inet6(r3, &(0x7f0000000600)={&(0x7f0000000240)={0xa, 0x4e23, 0x100, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, 0x5}, 0x1c, &(0x7f00000004c0)=[{&(0x7f0000000280)="24a31e8a9f2e412d225b760031a8738429e02dc6908d8c4cbb05a87512dd36427399daaca6137592e21016143cf08d701fc8dd0b1ac256ba1ec39eaab7ce53f6101552c30c3a5b3629ba718a6d7dded08802c3414ab4f4ae3ac13f752b11a74068612b28ba7b3dbf9e2f444242c11ce6d2a498be6fed5e40cccc4083e37acb41e5d76a374731b1fcb2cf556c5b07c7479519eee7aa64a9dfbfacbc0ddfed17988f41928837ad89c2a3a7528341823c4f6411dc85f7aec41d0a205eec200c282097eaf44a6a0227e2783a90148827a8286fec98913fc8ed2b62c0", 0xda}, {&(0x7f0000000380)="3145c86edd7405fd392cefe33130a9", 0xf}, {&(0x7f00000003c0)="46eb9e7b0bd837ada84e1eece7dab9f599774339133c168ac9e6ff6409e3b2ddefcc4bcaf5a1da50c1ab2141b3b2590f4f4d695574925a1d174a79eb5ebb9042c8e43e122ba296f4c52c72f7c13d59dcbc89a341e185c58cc7a08ea9e8b42cc8cf78addf0305f56a3ddbd7323b442b4db50b598173baae512e9cb1e736ad78898744653b37510196f397ce16ebf12b6c3f8968125880c20ed4b62e33b8eb16545437321d8df8976a9183d845e475c5c5ac4a6142b43f1e7f83f2f48ac7dfcc4c8b720ba2a3695ffdd6f8ea4216a4bc02620516379b7e4ac95b7aa7bdffc05194a3e81f7005d4f35321b89824bd17cf3de8df28190eac9e59c97b0647c131", 0xfe}], 0x3, &(0x7f0000000500)=[@dontfrag={{0x14, 0x29, 0x3e, 0x9be}}, @tclass={{0x14, 0x29, 0x43, 0xa738}}, @dstopts_2292={{0x58, 0x29, 0x4, {0x62, 0x7, '\x00', [@padn={0x1, 0x4, [0x0, 0x0, 0x0, 0x0]}, @ra={0x5, 0x2, 0x3e}, @calipso={0x7, 0x30, {0x1, 0xa, 0x72, 0x8000, [0x0, 0x8, 0xfffffffffffffffb, 0x3, 0xffffffff]}}]}}}, @hoplimit={{0x14, 0x29, 0x34, 0xfff}}, @tclass={{0x14, 0x29, 0x43, 0xc5}}, @tclass={{0x14, 0x29, 0x43, 0x6545}}], 0xd0}, 0x0) r4 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000680), 0xffffffffffffffff) ioctl$sock_ipv6_tunnel_SIOCCHGPRL(0xffffffffffffffff, 0x89f7, &(0x7f0000000740)={'syztnl0\x00', &(0x7f00000006c0)={'sit0\x00', r1, 0x2f, 0x80, 0x0, 0x7, 0x27, @mcast2, @private2, 0x80, 0x8000, 0x2, 0x7}}) sendmsg$MPTCP_PM_CMD_GET_LIMITS(r0, &(0x7f0000000880)={&(0x7f0000000640)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000840)={&(0x7f0000000780)={0x94, r4, 0x200, 0x70bd2c, 0x25dfdbfb, {}, [@MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x5}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x1}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x8}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x2}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x5}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x6}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x4}, @MPTCP_PM_ATTR_ADDR={0x38, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_IF_IDX={0x8, 0x7, r5}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @multicast1}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x0, 0x0}}}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x1}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x2}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x2}]}, 0x94}, 0x1, 0x0, 0x0, 0x4051}, 0x0) setsockopt$packet_add_memb(r0, 0x107, 0x1, &(0x7f00000008c0)={r5, 0x1, 0x6, @remote}, 0x10) pipe2(&(0x7f0000000900)={0xffffffffffffffff, 0xffffffffffffffff}, 0xfe03c4f940f3b09e) r8 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000980), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_CHANNELS_GET(r7, &(0x7f0000000a40)={&(0x7f0000000940)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000a00)={&(0x7f00000009c0)={0x2c, r8, 0x1, 0x70bd26, 0x25dfdbfb, {}, [@HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'team_slave_1\x00'}]}]}, 0x2c}, 0x1, 0x0, 0x0, 0x80}, 0x15) sendmsg$ETHTOOL_MSG_DEBUG_GET(r0, &(0x7f0000000c40)={&(0x7f0000000a80)={0x10, 0x0, 0x0, 0x20010040}, 0xc, &(0x7f0000000c00)={&(0x7f0000000ac0)={0x128, r8, 0x300, 0x70bd27, 0x25dfdbfb, {}, [@HEADER={0x5c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'vcan0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_vlan\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'bridge_slave_1\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'vlan1\x00'}]}, @HEADER={0x60, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_to_bond\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'ip6gre0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'lo\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}]}, @HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_macvtap\x00'}]}, @HEADER={0x40, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_vlan\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r2}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r2}]}]}, 0x128}, 0x1, 0x0, 0x0, 0x10}, 0x20000000) r9 = dup3(r3, r0, 0x80000) getsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x11, &(0x7f0000000cc0)={{{@in6=@empty, @in=@empty, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@loopback}, 0x0, @in6=@remote}}, &(0x7f0000000dc0)=0xe8) sendmsg$ETHTOOL_MSG_LINKINFO_GET(r9, &(0x7f0000001040)={&(0x7f0000000c80)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000001000)={&(0x7f0000000e00)={0x1f8, r8, 0x0, 0x70bd2a, 0x25dfdbfc, {}, [@HEADER={0x5c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'team_slave_1\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'virt_wifi0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'nr0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'batadv0\x00'}]}, @HEADER={0x70, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'bond_slave_1\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r1}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r5}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'geneve0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'vlan0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}]}, @HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r10}]}, @HEADER={0x28, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'ipvlan0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r1}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}]}, @HEADER={0x54, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_to_bond\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'geneve1\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'ip6_vti0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'vlan0\x00'}]}, @HEADER={0x20, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x6}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'ip_vti0\x00'}]}, @HEADER={0x4}, @HEADER={0x6c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r1}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'geneve1\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r2}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_vlan\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'macsec0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'ipvlan0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}]}]}, 0x1f8}, 0x1, 0x0, 0x0, 0x8c1}, 0x8000) ioctl$sock_ipv6_tunnel_SIOCGETPRL(r6, 0x89f4, &(0x7f0000001140)={'syztnl2\x00', &(0x7f00000010c0)={'ip6tnl0\x00', r1, 0x29, 0x1, 0x8, 0xe04, 0x20, @remote, @mcast2, 0x8, 0x20, 0x4, 0x1ff}}) sendmsg$ETHTOOL_MSG_FEATURES_SET(r7, &(0x7f0000001240)={&(0x7f0000001080)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000001200)={&(0x7f0000001180)={0x5c, r8, 0x100, 0x70bd2d, 0x25dfdbff, {}, [@ETHTOOL_A_FEATURES_WANTED={0x8, 0x3, 0x0, 0x1, [@ETHTOOL_A_BITSET_NOMASK={0x4}]}, @ETHTOOL_A_FEATURES_HEADER={0x40, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'vcan0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r10}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r11}]}]}, 0x5c}, 0x1, 0x0, 0x0, 0x5}, 0x20008000) ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r0, 0x89f1, &(0x7f0000001340)={'ip6_vti0\x00', &(0x7f00000012c0)={'syztnl0\x00', r2, 0x29, 0x0, 0x8, 0x100, 0x0, @mcast2, @private2={0xfc, 0x2, '\x00', 0x1}, 0x8700, 0x700, 0x7fff, 0x9}}) sendmsg$ETHTOOL_MSG_PRIVFLAGS_GET(r0, &(0x7f0000001500)={&(0x7f0000001280)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f00000014c0)={&(0x7f0000001440)={0x44, r8, 0x800, 0x70bd2a, 0x25dfdbfb, {}, [@HEADER={0x30, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r12}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'nr0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x4}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}]}, 0x44}, 0x1, 0x0, 0x0, 0x400d1}, 0x20044001) [ 67.982663] audit: type=1400 audit(1663971277.607:6): avc: denied { execmem } for pid=286 comm="syz-executor.0" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1 22:14:37 executing program 4: getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000000)={0x0}, &(0x7f0000000040)=0xc) fcntl$lock(0xffffffffffffffff, 0x24, &(0x7f0000000080)={0x1, 0x0, 0xfffffffffffffffe, 0x3ff, r0}) fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f00000003c0)={0x0, 0x0}) r2 = syz_open_procfs(r1, &(0x7f0000000400)='net/rt6_stats\x00') write$binfmt_aout(r2, &(0x7f0000000440)={{0xcc, 0x4, 0x28, 0xa8, 0x1dc, 0x100, 0x3d9, 0x3f}, "972a066eb3c114d7439d917f1369f6ce86b231f966ab330e2235867bbbb84a2cf2ad70f9d7f94620cc69f49035591079f083d5ffc05544d97a8c391e9b11787634dc3e0c2bc6ef1e59878a22c8496d253ecce6bcb308378d9fd7748b99a4342e88732dbe833261e2933a4bffc4f82676fce3a7ef6a2c2d1ce5e87f1e30447e4115e97b21d117d4059cc6db3bae1d321b1ea246962897c3a4297a9b69cdac1659ed0636e625cabff324e37f8dc91b65", ['\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00']}, 0xacf) ioctl$CDROMRESUME(r2, 0x5302) r3 = dup2(r2, r2) r4 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000f40), 0x80801, 0x0) r5 = dup2(r4, r2) r6 = inotify_init() ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(0xffffffffffffffff, 0xc018937e, &(0x7f0000000f80)={{0x1, 0x1, 0x18, r6, @in_args={0x4920974d57e9451e}}, './file0\x00'}) open_by_handle_at(r6, &(0x7f0000000fc0)=@FILEID_NILFS_WITHOUT_PARENT={0x20, 0x61, {0x0, 0x2, 0x7f, 0x4, 0x4}}, 0x220000) r8 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000001000)='/sys/module/yenta_socket', 0x8000, 0x20) ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r8, 0xc0189375, &(0x7f0000001040)={{0x1, 0x1, 0x18, r7}, './file0\x00'}) epoll_ctl$EPOLL_CTL_ADD(r9, 0x1, r9, &(0x7f0000001080)={0x2006}) ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(r8, 0xc018937a, &(0x7f00000010c0)={{0x1, 0x1, 0x18, r8, {0x7f}}, './file0\x00'}) sendfile(r9, r10, &(0x7f0000001100)=0x5, 0x5) inotify_add_watch(r5, &(0x7f0000001140)='./file0\x00', 0x80c) ioctl$RTC_EPOCH_SET(r3, 0x4008700e, 0x7fffffff) ioctl$BTRFS_IOC_SUBVOL_GETFLAGS(r4, 0x80089419, &(0x7f0000001180)) 22:14:37 executing program 5: move_pages(0x0, 0x4, &(0x7f0000000000)=[&(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffd000/0x2000)=nil], &(0x7f0000000040)=[0xfffff88b], &(0x7f0000000080)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x4) r0 = pkey_alloc(0x0, 0x3) pkey_mprotect(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, r0) r1 = shmget$private(0x0, 0x1000, 0x78000000, &(0x7f0000ffd000/0x1000)=nil) shmat(r1, &(0x7f0000ffc000/0x2000)=nil, 0x2000) r2 = pkey_alloc(0x0, 0x2) pkey_mprotect(&(0x7f0000ff9000/0x7000)=nil, 0x7000, 0x3000000, r2) r3 = shmget$private(0x0, 0x1000, 0x1, &(0x7f0000ffd000/0x1000)=nil) shmctl$IPC_STAT(r3, 0x2, &(0x7f00000000c0)=""/4096) pkey_mprotect(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x8, r0) r4 = shmget$private(0x0, 0x2000, 0x1000, &(0x7f0000ffc000/0x2000)=nil) pkey_free(r0) shmat(r4, &(0x7f0000ffa000/0x1000)=nil, 0x5000) mbind(&(0x7f0000ffb000/0x1000)=nil, 0x1000, 0x2, &(0x7f00000010c0)=0x5b3, 0x5, 0x3) pkey_alloc(0x0, 0xfa1d05958d2ea192) pkey_mprotect(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x8, 0xffffffffffffffff) r5 = pkey_alloc(0x0, 0x1) pkey_mprotect(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x6, r5) mbind(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x3, &(0x7f0000001100)=0x4003976, 0x7fff, 0x38fbf82c515b672b) ioctl$EVIOCSREP(0xffffffffffffffff, 0x40084503, &(0x7f0000001140)=[0x1, 0xffffffc1]) 22:14:37 executing program 6: sendmsg$NL80211_CMD_TDLS_CANCEL_CHANNEL_SWITCH(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000040)={0x74, 0x0, 0x34, 0x70bd28, 0x25dfdbfc, {{}, {@void, @val={0xc, 0x99, {0x0, 0x18}}}}, [@NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_MAC={0xa, 0x6, @broadcast}]}, 0x74}, 0x1, 0x0, 0x0, 0x8080}, 0x800) r0 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000180), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_CHANNELS_GET(0xffffffffffffffff, &(0x7f00000002c0)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000280)={&(0x7f00000001c0)={0x94, r0, 0x300, 0x70bd27, 0x25dfdbfe, {}, [@HEADER={0x4}, @HEADER={0x28, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'virt_wifi0\x00'}]}, @HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}, @HEADER={0x20, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_to_bond\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}, @HEADER={0x28, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'team_slave_0\x00'}]}]}, 0x94}, 0x1, 0x0, 0x0, 0x4000000}, 0xc4c1) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000300)={'bond_slave_0\x00', 0x0}) r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000340)='blkio.throttle.io_service_bytes\x00', 0x0, 0x0) sendmsg$DEVLINK_CMD_TRAP_GET(r2, &(0x7f0000000600)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f00000005c0)={&(0x7f00000003c0)={0x1dc, 0x0, 0x10, 0x70bd29, 0x25dfdbfb, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x1c}}, {@pci={{0x8}, {0x11}}, {0x1c}}, {@pci={{0x8}, {0x11}}, {0x1c}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x1c}}, {@pci={{0x8}, {0x11}}, {0x1c}}, {@pci={{0x8}, {0x11}}, {0x1c}}, {@pci={{0x8}, {0x11}}, {0x1c}}, {@pci={{0x8}, {0x11}}, {0x1c}}]}, 0x1dc}, 0x1, 0x0, 0x0, 0x40081}, 0x4) setsockopt$packet_add_memb(r2, 0x107, 0x1, &(0x7f0000000640)={r1, 0x1, 0x6}, 0x10) setsockopt$packet_add_memb(r2, 0x107, 0x1, &(0x7f0000000680)={r1, 0x1, 0x6, @broadcast}, 0x10) r3 = epoll_create(0x9) ioctl$EXT4_IOC_GROUP_ADD(r3, 0x40286608, &(0x7f00000006c0)={0x7, 0x9a35, 0x2, 0x3ff, 0x1ff, 0xfff7}) r4 = syz_io_uring_complete(0x0) ioctl$EVIOCSABS3F(r4, 0x401845ff, &(0x7f0000000700)={0x8, 0x2, 0x1, 0x80, 0x10000, 0x80}) r5 = accept4$inet(r4, &(0x7f0000000740)={0x2, 0x0, @empty}, &(0x7f0000000780)=0x10, 0x800) close_range(r4, r5, 0x0) r6 = openat$cgroup_ro(r4, &(0x7f00000007c0)='blkio.bfq.io_service_time\x00', 0x0, 0x0) ioctl$sock_ipv6_tunnel_SIOCCHG6RD(0xffffffffffffffff, 0x89fb, &(0x7f0000000880)={'syztnl2\x00', &(0x7f0000000800)={'ip6_vti0\x00', r1, 0x29, 0x10, 0x80, 0xfc, 0x2, @local, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x40, 0x8, 0x800, 0x1}}) setsockopt$inet_mreqn(r6, 0x0, 0x23, &(0x7f00000008c0)={@rand_addr=0x64010101, @remote, r7}, 0xc) r8 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000900), 0x800, 0x0) ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(r8, 0x89f3, &(0x7f0000000980)={'ip_vti0\x00', &(0x7f0000000940)={'ip_vti0\x00', r1, 0x7, 0x8000, 0x36e2, 0x8, {{0x7, 0x4, 0x2, 0x23, 0x1c, 0x64, 0x0, 0x1, 0x2f, 0x0, @loopback, @empty, {[@ra={0x94, 0x4}, @ra={0x94, 0x4}]}}}}}) setsockopt$packet_add_memb(0xffffffffffffffff, 0x107, 0x1, &(0x7f0000000a00)={r1, 0x1, 0x6}, 0x10) 22:14:37 executing program 7: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$NL80211_CMD_START_P2P_DEVICE(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x14, r0, 0x100, 0x70bd2c, 0x25dfdbfd, {{}, {@void, @void}}, ["", "", "", ""]}, 0x14}}, 0x0) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000180), 0xffffffffffffffff) sendmsg$NL80211_CMD_AUTHENTICATE(0xffffffffffffffff, &(0x7f0000000280)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x4c, r1, 0x10, 0x70bd2a, 0x25dfdbfe, {{}, {@val={0x8}, @val={0xc, 0x99, {0x9, 0x70}}}}, [@NL80211_ATTR_AUTH_TYPE={0x8, 0x35, 0x3}, @NL80211_ATTR_SSID={0x1a, 0x34, @random="2cb2d43cd9a0c859fafe2e8f36d94b4fda47c3d9b449"}]}, 0x4c}, 0x1, 0x0, 0x0, 0x50}, 0x4040000) r2 = openat$full(0xffffffffffffff9c, &(0x7f00000002c0), 0xa4200, 0x0) sendmsg$IPCTNL_MSG_CT_GET_CTRZERO(r2, &(0x7f0000000500)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f00000004c0)={&(0x7f0000000340)={0x160, 0x3, 0x1, 0x5, 0x0, 0x0, {0x7, 0x0, 0x9}, [@CTA_HELP={0x10, 0x5, 0x0, 0x1, {0xb, 0x1, 'amanda\x00'}}, @CTA_ID={0x8, 0xc, 0x1, 0x0, 0x2}, @CTA_TUPLE_ORIG={0xb8, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @dev={0xfe, 0x80, '\x00', 0x29}}, {0x14, 0x4, @private0={0xfc, 0x0, '\x00', 0x1}}}}, @CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x3}, @CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x1}, @CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @loopback}, {0x14, 0x4, @local}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x21}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x6}}, @CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @dev={0xfe, 0x80, '\x00', 0x1e}}, {0x14, 0x4, @private2}}}, @CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x2}]}, @CTA_SEQ_ADJ_ORIG={0x34, 0xf, 0x0, 0x1, [@CTA_SEQADJ_CORRECTION_POS={0x8, 0x1, 0x1, 0x0, 0x5}, @CTA_SEQADJ_CORRECTION_POS={0x8, 0x1, 0x1, 0x0, 0x8}, @CTA_SEQADJ_CORRECTION_POS={0x8}, @CTA_SEQADJ_OFFSET_AFTER={0x8, 0x3, 0x1, 0x0, 0xa2}, @CTA_SEQADJ_CORRECTION_POS={0x8, 0x1, 0x1, 0x0, 0x7}, @CTA_SEQADJ_OFFSET_BEFORE={0x8, 0x2, 0x1, 0x0, 0x5}]}, @CTA_TUPLE_ORIG={0x48, 0x1, 0x0, 0x1, [@CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x2}, @CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @dev={0xac, 0x14, 0x14, 0x2a}}, {0x8, 0x2, @local}}}, @CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x3}, @CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @empty}, {0x8, 0x2, @initdev={0xac, 0x1e, 0x1, 0x0}}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x6}}]}]}, 0x160}}, 0x80) ioctl$SNAPSHOT_CREATE_IMAGE(r2, 0x40043311, &(0x7f0000000540)) r3 = signalfd4(r2, &(0x7f0000000580)={[0x3]}, 0x8, 0x80000) fsetxattr$security_ima(r2, &(0x7f00000005c0), &(0x7f0000000600)=@v2={0x5, 0x2, 0x10, 0xfffffff8}, 0x9, 0x3) ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(r3, 0x89f3, &(0x7f0000001d00)={'sit0\x00', &(0x7f0000001c80)={'syztnl1\x00', 0x0, 0x29, 0x45, 0x43, 0x8000, 0x4, @ipv4={'\x00', '\xff\xff', @loopback}, @mcast1, 0x700, 0x7800, 0x8}}) getsockopt$inet6_mreq(0xffffffffffffffff, 0x29, 0x14, &(0x7f0000001d40)={@private2, 0x0}, &(0x7f0000001d80)=0x14) ioctl$sock_ipv6_tunnel_SIOCGET6RD(r2, 0x89f8, &(0x7f0000001e40)={'syztnl1\x00', &(0x7f0000001dc0)={'syztnl1\x00', 0x0, 0x29, 0x7f, 0x1, 0x6, 0x40, @mcast1, @private2={0xfc, 0x2, '\x00', 0x1}, 0x20, 0x10, 0x7c59d57a, 0x400}}) ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(r3, 0x89f3, &(0x7f0000001f00)={'syztnl2\x00', &(0x7f0000001e80)={'ip6gre0\x00', 0x0, 0x4, 0x9, 0x4, 0x2, 0xb, @empty, @private0={0xfc, 0x0, '\x00', 0x1}, 0x58, 0x80, 0x4, 0x20}}) sendmsg$ETHTOOL_MSG_LINKINFO_GET(r3, &(0x7f0000002140)={&(0x7f0000000640)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000002100)={&(0x7f0000001f40)={0x1ac, 0x0, 0x10, 0x70bd27, 0x25dfdbfe, {}, [@HEADER={0x6c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_to_team\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x4}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r4}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'virt_wifi0\x00'}]}, @HEADER={0x40, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'ip6gre0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_FLAGS={0x8}]}, @HEADER={0x50, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'gretap0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r5}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r6}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}]}, @HEADER={0x5c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r7}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_vlan\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'ipvlan1\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}]}, @HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'gretap0\x00'}]}, @HEADER={0x14, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}, @HEADER={0x14, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8}]}]}, 0x1ac}, 0x1, 0x0, 0x0, 0x24000000}, 0x40000) ioctl$AUTOFS_DEV_IOCTL_OPENMOUNT(r2, 0xc0189374, &(0x7f0000002180)={{0x1, 0x1, 0x18, r2, {0x4}}, './file0\x00'}) pipe(&(0x7f00000021c0)={0xffffffffffffffff}) r9 = socket(0xf, 0x5, 0xfffffffb) ioctl$BTRFS_IOC_SUBVOL_CREATE(r8, 0x5000940e, &(0x7f0000002200)={{r9}, "84944992475c9be8e47002d2c07dcc2a30ebeb03507db12f8e3c45753ee0c9314b0bff93664ad1dd15e8b990568bc52971685fd728e856978350e85df2cfa4caf2e5f9f078aeccee21bd5bd7c5263d763092ad711da2159ed37bb2d2b2de7e5645cda07770ede5ff41c6555265a9161a6b44a644def6a6c4e0e50a61aa1d697e75b94f06210a95a02ec1f2c4caa64b0fd71269363d132a04f824402573abc1cd13a45a4cade8dc526dc3c7394f4a51b84cf00a81fa8e3069d19f5f27329f40bb5e55d23d87818fec8f8d50310ca4e86c6979afc01490df8fc239f9794ed6981c7507c59a1e549268c6f615a581ec1ac82c2280a4d895edf565c0b317c3b4b5fb6fefedf5540184d60ebe0a98576032ead68e3b6a57f55f7b8cd3da644f0e53ec7c29249b990f2762a6a6430c333e635ca1f038e021db66b4b1da0f0d2f7840cb567a170a3d711d23e31b17e76bc57a0529589b5c5822fd62668248b934bc97c73b265c38b0834284284d845d9f460f57d7fc9e7a83cae58290a0fcb65d55c94414c6573620e525bf330c1f5fe9d533c5ead232621c58b27516663e3c1384676dd4e98d0f9b6cb8645fe27e7fc60daa60867bbcdb872d5b3e9e58adcf6e64b8ac4c2acab7afc387eb83feb3d7124ee812d9a8f3fd0f4443cbccf257f22a107531be10c3e756a6f1fc9276025b9ae462148d220ba272006ad1902acb49f46b4a6d028eef6a484df75c846a5fa7d91ea28b17b67f18d4a214cd54caed103de555b0d56b0c45189a23cfbae6d1d924f408862287342127fd8c7ca5f206cc255f9313313ae38ecfcd51a42ff85f387c058f0e5232a9f6fe94e5f5ceef9b1326028bfe9a72eae3b8f30be2d26954083701e6c8b32729acb562b2d0c06ec2c23e69775a62d79004c454a8fb6b4a305242227e3bac749d7f1e777da80f1b6a112e8ea025abe4c3aa10e946d432713d036351fa98ff825aabb1b00a8be012b4315e4464ef2e26f32dc96d2c9c05f4aa1378847e24f0f36ea9ad568867d08d5f5df47bcd5ecb29af1408a4e4718cbfb62299761f4d44274700fa80aae920d29c75075bb175b9e76eb98b4e53d89557631a944623975e0c0feaf879b6c8fbe49191461ada01e0eaf30699638ea35ba5fbf9b52551bf2a852c21d6f829e508b35f20afbd117d8ee7215276b9655273ba9788b93f28c035b2dfbc24bcc3b665e21023ec3100fffe3f27fef8826af3b3d888f37358ec618cd5dd42d8176e97b5adcda3178aed62f2d7c3c3bbddc45976047bf601a2c5194b9ab7b1e02a095ad67a5760cb83edd4b5c37edaf03c9b60c32603d5d7a893ca7e46401bcd0e4bad567a2b72c0fb1836bf5bba0b2ef33432d8657054776d9b3beccca176f8aef0bd3d01ab086842c893ea47298f8fd215bb74f0ed49332741b730fe8bcb6dba1afad8cafccaa601e3f436d137e26cb3e50acc9f516283b1bc38f175c2f5e6e68df1304326d17f4df270c129c3bfad7f6439c7afbba3df2f2db4aad3e7034adc2f5b95b397260a2a5610d0ed6d83c7c7f4bc5c0b0ffa0412d19ea099899353e08af67c3e048bf303ad2a4e251c28091c184821c589ea428ebc17b57d58fba00c50bfbda1e9c5d9c909c2cd991af6ddfce7297e8786f19820100fe926f9eac0485a6a4b7dd0a05594b5f7532e29867f31cf385336b2d3655b9240065eba7d6fd531694f5f3a29d862a72d3d682af80ed9f01e16aa836273a6c3cb5ee908706de1c4f5a09b28aebdeec8fe127cd165cba0aa5b086d54ed2ae77e750788c748070c7b25d7df021bd7d34ded9bf4a99cb5b38e4c6c16ce5f1ba19ae376907de893763ec51d81d0afa7e8a1ea5fe4a38b63138392e5db569f55fe71e2642fd2711535e735c7260db01fac8df9dd59e8efa82f4ebb1a4cd5319c2a789b3817ed680372b1158ef9811655b6888a850e5215e2a6b9204ddf5999d2179a0b375e0f15a1c0e4142cb256d0051d8f9d01a984f15f2fb0ab64b99b9eea2b883347f9baf0ee07e1f0dcdda836aeaa9d9ff70b796fa4269acd25e3058ae07d54eba932ea4e4243e8351a635a9e05665a90802e5db2ffdac9e542d752ad82c4c433031aab02107d70a6cbe44e9bec6108b6a321acc44e323a3bf91b91295083071399ca2eb190d4fa80d660ce1f7118bb33398563b885a26c3f4bdab4d9c46b9dcb34db0f77aa0061e5c797888e5a34d7593f319cabdcc8a8172a8dd6481d43238db6005b9b3a53d1c09391e3bfe11e915b2a8ebf61442bf15b25b46f40d76164bef7682555aac22a268617167b32801eae6d6ffa5a1be97d7eb5df5c05c711ee7900480439fb7098ea6374b1d9e6c4885c34fa1dbd9505f9acc4e85636ff32d13971e9accece8e8a455ffcdfa5c8413b5821b57c81b8e2c33efcecd7ac4880483e38819fcc502f1c170c2a6ff98e8da7a210c65bf46a5b8b09faa44e9d2cc27e0f0ed82afdbf509987862b9d2b768b8691cd1e1089fef8a6ee2d51d6e7bbfd71f1dc9c0c6d0ca89c86b8cabce7bd067a5b41c350aee2600c4db78834337b0358c292f302d28eb60bbc9e85038c3c6b99da345ed41d509a1e78904afafc351dff364347a1098da0bd49b3523c9436e542360a8865263be5aeda2ee87e0ea75f9398e3f1d6c66dbf51c83a28d04714254effb2a105da09390e963d5576311dcd63953fea578dd059ae9a00868f04ed68fb4d5da3d4674d7f027ec5ba1307d758a6ec8c076c33f37c3bc1d2d19876e38d2bae925ad954fe1c4aa592342d7cd041dd73700f1d80f46af851387e022d63d00bce4c8b968173094f69f766c341112999de001fdbfcb44f6fb7bc517453babc607fb992c98a2c6ffcfe4122c98756ffbfce8b870ffe90e0e883ccd6888591599c68fc550bb193a776c269be549c6411f1238e2c1193f1cb9527b111273a99d594d8f1efa602ac579b4d94f0338551009f9cf5e060e59bc141e95ddee5e65d3dd3a357ef0cf03cc8dbb665457c8d173ef8dc003939f6fa3665843afc07f0276293cc1e46aa5c69dafe9ca2ef0195b3b1f082dbc118afda6a1ed52ec5e4d065f427a3c6dc9634557971d928d6ceac4811f6b24eb83f0fbb1e3f960fa97af52568b4d17a4b68b05fe4d76176421270d7474b2217b8b083172843d0bca8b060fceef04ae36a69386a71e9ad319483ca3f524a0b1751c492f20bf3b2dea83faa059985cdd91edd7002adfb33a0138774858cf5d26966619819b7b55bfb20c792c99258e0830709c8e1531fe56fa382d105da97d5ea9c225ce0b0be83ecd8b8e3290cb401eae9207bef7dd58fcbffae54fc17e5a2b11bed665346df2278311caa11d8926cbb05695fdd41b06f3b33c6a1e3ce2fb040645d1898d84f9481212c3993919a3a9f51e81c5607841c0d6e2f83f37f2526c02019381274969d22a67c3e004c8c25e0b0df694af9e3ae2028c219ee652a6aea68e523d413c2242c656a05928a48003ab4df7af469f86e7e8eb72155b90098c35112d670b0ad1289468a26962546fec41c92b9bc25bf802633dacd2e60842f343bf83992180ce933c19871323b9fa8afecb91112f48ab96cf1af1603ac8511d54651d0ed3d6fcd0539896a01b03a882c42bb5fb4635d4790299d97d3a606c9f0a088fd32daa5576371d1e6a110a9e460811d96652f1ab5eab019c90cc2ebb521c6e5d4ca5e3591e13f5369105d979e347ba519d54f44204442b973a9d0a71df4ca04f940c6c47c45c3b958fa80372c064c15f0c00f9ab852d5bd914b84b52967b1e5d9e7eb2e352e35a8c958875817166723c590aec22b8e562bcd3ea0e9810541957a2b8be3408d060e2056c209825af75821ecb0c9286aa8f281448b66483a74aad9b15aee336a867ede84e9861edf6dad7bb06f4c4f028bdc3dd887a822bfddcc6d24dbfbed460a0340c255034b0bca6f4db304f235bf016ee08329edee60eefb7430528b9962e6e6d57fb77dff5d3df7b0b5c59fe51017aa61b14dd35240dcc5d288f83419f041899a86c3f0e93359d9f26f1c87d7ebe63b1038ec1cc135241310a259e2f85e295b1f629290c5d3fe37e882c692d5a568b4d8f5062f00059513bed18bab3f410cd4820502b12a24fd92e64d5fab3320c894be33915522c829a8f6a17e9287910ab8e79e0085a012872dd457bc7bfa35dd89a5e13d29093203cd760b6fd13b5cab003ca6d00da4876fa073bcdbfa1e7453a7f2ef867349e7b70ff1fa3b444b4996e28513dec6069a229001e03577fca29a09725ea90f473ff8a5c0f0470c6ff57ec9dd8a64ac88d29f47166607891b160823f2a6edbfeeb4f1ee446075281f9a2a07006bcb2a28a23f69f0de29c00a271a073c8f7f4f40506f13676062d8282c9a3d4087f84b976fd29682f747795a4ccb0eb7fa0bf325242c936c0b7b05bb9884586e4bd894ccadee3626042c124eea0d405ecbe7a3650b25ce2425f193980f2fd3b589308f5b43c0f5c8222ed33b68dfa4a8290ccba1cbadfbc5c0f3b70ea5f2ae36cfdd76b6a3e6bf0d25bb347c37abd3c5a989b5a666f85bf8338c4e5c3a88469a0278dc5e84d81da3c65090157d151ea90d4ded016e8c68e13a81583fe22daca17326b27995fda8cf0095f4962006282d09c8082db77ffc78ed0f6aa5314a6462f9b7c026ae63be356eb2729bc5214c087d73e6b2c9681a72a24948162125297ab4af7019e50d13daf42a9d92c78cac4b8bd113649d4c191b4acd5c2b90a6f98b25169e2eadfeebc4d7adb1dab408d716c72f1b0b753b3fba5df335bf65500bd10dfe56fff094794670feb0c5bd0665db9839c6f5bba963667890c67535d1e3bf1549e700a302d683eac5d7a4afb99085035d82cf3808927dc05648c47cf2792b6b19f5fefaa5a06ae248caa3f5e102e622ec9eacdab7f6626707b392a692ca35573a4f89a59de0debec661f3c5ee613ba13179e1f39797ee2e7190d122529824abbe7812ff0172b641e5b5790876ecdf33c9487aa23df3494e931c85a1d9edc62e8f681ab4e55353356809a082bbf045a023c1f3297bd9c9a43fedce46c55df3d88b186e216adcd74e9c67bc6ac918180027f857d0f5fe0e163875e729a912bf2a51d8ae872d4df950c1c9fec69a185735345dde2653bedb0be41ca7597de5627b74b7eeaabc52a6c2e70e4cc88843b2becced0af1ded8dabb991d4bf0c406d0a6c26168352599418f389aee8f3d0d733f648a3770b76a36e6c2ee033eedfa177e4ef5f2a2ce8b8ac539b1958f8baa74365f3f1a2a8d11abe6e70363274d504dbeb7b84c9b11ddfb8e79569ea0e7f0961dfaa05aae73c206d0525e702299a3eb6b308dbca2e960b91c02adf8b1c6fac130766043c0fac733aaf8f45b6bb6adbbbcaa7fec61624b1904820f5431759e9750e336cf1310dd87df83c54329c855f3be7c8145cc471ea01a35556be4646f6b40c68c87fa894b1658a7dc4ae9176b8b3fb2a18e5578c5ffa30acf96ee52d71c88327f902d83a63a09bb67fa492afc120ff65a0b41e4882c8e7d7fe2c9a58663d561268156c52ff4ef0afe3071f103f7612ee6d21804b9cc05592ce5d89c1092a2ba26feb44e40e40eeb642b9488c93289de9338355b7b41e4989ca20c1603c24699596a2de289e87dfbf916e59b5cb7728c5f2faea4d482aa97adc1698c29e88684ac73f5fe77558b55ef8c6f83a706e004fb435d84f7accca7f60d2ab21ea648ee00c6c53466201065c62aeb2af266db26755be96065a97c749be93c6d9cd0a85b565aa357c4b221b814b6"}) sendmsg$IPVS_CMD_ZERO(r9, &(0x7f0000003340)={&(0x7f0000003200)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000003300)={&(0x7f0000003240)={0x98, 0x0, 0x20, 0x70bd26, 0x25dfdbfe, {}, [@IPVS_CMD_ATTR_DEST={0xc, 0x2, 0x0, 0x1, [@IPVS_DEST_ATTR_WEIGHT={0x8, 0x4, 0xa9}]}, @IPVS_CMD_ATTR_DEST={0x64, 0x2, 0x0, 0x1, [@IPVS_DEST_ATTR_ADDR={0x14, 0x1, @ipv4=@multicast2}, @IPVS_DEST_ATTR_FWD_METHOD={0x8}, @IPVS_DEST_ATTR_PORT={0x6, 0x2, 0x4e21}, @IPVS_DEST_ATTR_ACTIVE_CONNS={0x8, 0x7, 0x69}, @IPVS_DEST_ATTR_TUN_TYPE={0x5}, @IPVS_DEST_ATTR_TUN_FLAGS={0x6, 0xf, 0x1000}, @IPVS_DEST_ATTR_ACTIVE_CONNS={0x8, 0x7, 0x1}, @IPVS_DEST_ATTR_TUN_FLAGS={0x6, 0xf, 0x8}, @IPVS_DEST_ATTR_ADDR={0x14, 0x1, @ipv6=@mcast1}]}, @IPVS_CMD_ATTR_DAEMON={0xc, 0x3, 0x0, 0x1, [@IPVS_DAEMON_ATTR_STATE={0x8}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x2}]}, 0x98}}, 0x0) ioctl$INCFS_IOC_READ_FILE_SIGNATURE(0xffffffffffffffff, 0x8010671f, &(0x7f0000003480)={&(0x7f00000033c0)=""/143, 0x8f}) [ 69.273547] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 69.283631] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 69.285200] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 69.288337] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 69.297706] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 69.299825] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 69.313311] Bluetooth: hci0: HCI_REQ-0x0c1a [ 69.340512] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 69.343392] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 69.344730] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 69.349052] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 69.351613] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 69.352808] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 69.364065] Bluetooth: hci1: HCI_REQ-0x0c1a [ 69.392196] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 69.393842] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 69.395229] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 69.398363] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 69.401464] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 69.402873] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 69.407303] Bluetooth: hci6: HCI_REQ-0x0c1a [ 69.433022] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 69.434885] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 69.436709] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 69.438646] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 69.440710] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 69.444129] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 69.449202] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 69.450188] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 69.450774] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 69.453230] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 69.453242] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 69.455733] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 69.457402] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 69.458553] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 69.459026] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 69.460831] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 69.461469] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 69.463020] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 69.467222] Bluetooth: hci5: HCI_REQ-0x0c1a [ 69.474278] Bluetooth: hci7: HCI_REQ-0x0c1a [ 69.479599] Bluetooth: hci3: HCI_REQ-0x0c1a [ 71.356001] Bluetooth: hci2: Opcode 0x c03 failed: -110 [ 71.357849] Bluetooth: hci0: command 0x0409 tx timeout [ 71.421005] Bluetooth: hci4: Opcode 0x c03 failed: -110 [ 71.421112] Bluetooth: hci6: command 0x0409 tx timeout [ 71.421909] Bluetooth: hci1: command 0x0409 tx timeout [ 71.484242] Bluetooth: hci7: command 0x0409 tx timeout [ 71.484876] Bluetooth: hci5: command 0x0409 tx timeout [ 71.548985] Bluetooth: hci3: command 0x0409 tx timeout [ 73.404025] Bluetooth: hci0: command 0x041b tx timeout [ 73.468157] Bluetooth: hci6: command 0x041b tx timeout [ 73.468791] Bluetooth: hci1: command 0x041b tx timeout [ 73.532053] Bluetooth: hci5: command 0x041b tx timeout [ 73.532681] Bluetooth: hci7: command 0x041b tx timeout [ 73.596048] Bluetooth: hci3: command 0x041b tx timeout [ 74.181150] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 74.182095] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 74.183847] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 74.186146] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 74.187610] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 74.190311] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 74.195318] Bluetooth: hci2: HCI_REQ-0x0c1a [ 74.502111] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 74.504676] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 74.508333] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 74.524091] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 74.526415] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 74.537566] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 74.557509] Bluetooth: hci4: HCI_REQ-0x0c1a [ 75.452983] Bluetooth: hci0: command 0x040f tx timeout [ 75.516029] Bluetooth: hci1: command 0x040f tx timeout [ 75.516492] Bluetooth: hci6: command 0x040f tx timeout [ 75.580990] Bluetooth: hci7: command 0x040f tx timeout [ 75.581430] Bluetooth: hci5: command 0x040f tx timeout [ 75.643981] Bluetooth: hci3: command 0x040f tx timeout [ 76.222045] Bluetooth: hci2: command 0x0409 tx timeout [ 76.604042] Bluetooth: hci4: command 0x0409 tx timeout [ 77.500074] Bluetooth: hci0: command 0x0419 tx timeout [ 77.564013] Bluetooth: hci6: command 0x0419 tx timeout [ 77.564689] Bluetooth: hci1: command 0x0419 tx timeout [ 77.628081] Bluetooth: hci5: command 0x0419 tx timeout [ 77.628764] Bluetooth: hci7: command 0x0419 tx timeout [ 77.691995] Bluetooth: hci3: command 0x0419 tx timeout [ 78.268165] Bluetooth: hci2: command 0x041b tx timeout [ 78.652979] Bluetooth: hci4: command 0x041b tx timeout [ 80.316013] Bluetooth: hci2: command 0x040f tx timeout [ 80.700977] Bluetooth: hci4: command 0x040f tx timeout [ 82.365088] Bluetooth: hci2: command 0x0419 tx timeout [ 82.749013] Bluetooth: hci4: command 0x0419 tx timeout [ 120.725137] loop0: detected capacity change from 0 to 264192 [ 120.736479] FAT-fs (loop0): Unrecognized mount option "uid>00000000000000000000" or missing value [ 120.765092] loop0: detected capacity change from 0 to 264192 [ 120.774340] FAT-fs (loop0): invalid media value (0x41) [ 120.774755] FAT-fs (loop0): Can't find a valid FAT filesystem 22:15:51 executing program 2: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) pwritev(r0, &(0x7f0000000000)=[{&(0x7f00000000c0)="c4", 0x1}], 0x1, 0x409e74, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) pwritev(r2, &(0x7f0000000080)=[{&(0x7f0000000140)='\x00', 0x1a}], 0x1, 0x7fffffc, 0x0) fstatfs(r1, &(0x7f0000000200)=""/57) sendfile(r1, r1, 0x0, 0x100000) mq_getsetattr(0xffffffffffffffff, &(0x7f0000000040)={0x3ff, 0x1f, 0x0, 0x200}, &(0x7f0000000180)) 22:15:51 executing program 0: r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x77, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$EXT4_IOC_SWAP_BOOT(0xffffffffffffffff, 0x6611) r1 = openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0x40b01, 0x0) ioctl$CDROMREADMODE1(r1, 0x40081271, &(0x7f0000000080)={0x0, 0x4}) setsockopt$sock_void(r1, 0x1, 0x1b, 0x0, 0x0) perf_event_open$cgroup(&(0x7f0000000140)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) pread64(r0, &(0x7f0000000040)=""/19, 0x13, 0x0) openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) 22:15:51 executing program 6: r0 = socket$inet6_udp(0xa, 0x2, 0x0) r1 = dup3(r0, r0, 0x0) sendmmsg$inet(r1, &(0x7f0000002600)=[{{&(0x7f0000000100)={0x2, 0x4e24, @loopback}, 0x10, 0x0, 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1c000000000000000000000007000000440c0503bc1414bb00000000000000006cdad1828d981f4079d5ae69c4ecef8c2da1b8d8e80580136c4a050244b2e4420600000000000000e3ebf29cbe8ad7cad66a0a0a72332706bf8ad374c1d282542ddf9935fc83a266e7a5afacdcd7908747ee5ffa93228f90a325ce4b2f9f72e884463b2d5107a4ba729a99a1356a847faf464628f26164f16cfcb37bc1ace4373bef1f6dab597b2fd4a46db0eab8a497ea559f90ad88fb0bc1ce93ea8a1d687d9e2d6d273321bf9d501b4190d8af"], 0x20}}], 0x1, 0x0) r2 = fsmount(r1, 0x1, 0x40) getsockopt$inet6_IPV6_IPSEC_POLICY(r2, 0x29, 0x22, &(0x7f0000000140)={{{@in6=@dev, @in6=@remote}}, {{@in=@remote}, 0x0, @in6=@local}}, &(0x7f0000000240)=0xe8) [ 141.479657] audit: type=1400 audit(1663971351.104:7): avc: denied { open } for pid=3973 comm="syz-executor.0" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 22:15:51 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) pwritev(r0, &(0x7f0000000140)=[{&(0x7f0000000000)='%', 0x1}], 0x1, 0x10000, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x7}, 0x15182, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r2, r1, 0x0, 0xfffffdef) openat$incfs(r2, &(0x7f0000000040)='.log\x00', 0x2000, 0x0) syz_open_procfs(0x0, &(0x7f0000000180)='fdinfo/4\x00') [ 141.491055] audit: type=1400 audit(1663971351.104:8): avc: denied { kernel } for pid=3973 comm="syz-executor.0" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 22:15:51 executing program 7: syz_mount_image$vfat(0x0, 0x0, 0x0, 0x1, &(0x7f0000000240)=[{&(0x7f0000000180)="e7", 0x1, 0x7fff}], 0x0, 0x0) openat(0xffffffffffffffff, &(0x7f0000000000)='./file0\x00', 0x0, 0x8) [ 141.497384] loop7: detected capacity change from 0 to 127 [ 141.516923] ------------[ cut here ]------------ [ 141.516947] [ 141.516951] ====================================================== [ 141.516955] WARNING: possible circular locking dependency detected [ 141.516959] 6.0.0-rc6-next-20220923 #1 Not tainted [ 141.516965] ------------------------------------------------------ [ 141.516969] syz-executor.0/3974 is trying to acquire lock: [ 141.516975] ffffffff853faaf8 ((console_sem).lock){....}-{2:2}, at: down_trylock+0xe/0x70 [ 141.517015] [ 141.517015] but task is already holding lock: [ 141.517018] ffff88803d9e5420 (&ctx->lock){....}-{2:2}, at: __perf_event_task_sched_out+0x53b/0x18d0 [ 141.517046] [ 141.517046] which lock already depends on the new lock. [ 141.517046] [ 141.517050] [ 141.517050] the existing dependency chain (in reverse order) is: [ 141.517053] [ 141.517053] -> #3 (&ctx->lock){....}-{2:2}: [ 141.517067] _raw_spin_lock+0x2a/0x40 [ 141.517086] __perf_event_task_sched_out+0x53b/0x18d0 [ 141.517098] __schedule+0xedd/0x2470 [ 141.517112] schedule+0xda/0x1b0 [ 141.517125] exit_to_user_mode_prepare+0x114/0x1a0 [ 141.517136] syscall_exit_to_user_mode+0x19/0x40 [ 141.517149] do_syscall_64+0x48/0x90 [ 141.517166] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 141.517178] [ 141.517178] -> #2 (&rq->__lock){-.-.}-{2:2}: [ 141.517191] _raw_spin_lock_nested+0x30/0x40 [ 141.517209] raw_spin_rq_lock_nested+0x1e/0x30 [ 141.517223] task_fork_fair+0x63/0x4d0 [ 141.517239] sched_cgroup_fork+0x3d0/0x540 [ 141.517253] copy_process+0x4183/0x6e20 [ 141.517263] kernel_clone+0xe7/0x890 [ 141.517273] user_mode_thread+0xad/0xf0 [ 141.517283] rest_init+0x24/0x250 [ 141.517294] arch_call_rest_init+0xf/0x14 [ 141.517312] start_kernel+0x4c1/0x4e6 [ 141.517327] secondary_startup_64_no_verify+0xe0/0xeb [ 141.517341] [ 141.517341] -> #1 (&p->pi_lock){-.-.}-{2:2}: [ 141.517355] _raw_spin_lock_irqsave+0x39/0x60 [ 141.517373] try_to_wake_up+0xab/0x1930 [ 141.517386] up+0x75/0xb0 [ 141.517399] __up_console_sem+0x6e/0x80 [ 141.517415] console_unlock+0x46a/0x590 [ 141.517430] vprintk_emit+0x1bd/0x560 [ 141.517446] vprintk+0x84/0xa0 [ 141.517461] _printk+0xba/0xf1 [ 141.517473] kauditd_hold_skb.cold+0x3f/0x4e [ 141.517490] kauditd_send_queue+0x233/0x290 [ 141.517504] kauditd_thread+0x5da/0x9a0 [ 141.517518] kthread+0x2ed/0x3a0 [ 141.517532] ret_from_fork+0x22/0x30 [ 141.517544] [ 141.517544] -> #0 ((console_sem).lock){....}-{2:2}: [ 141.517558] __lock_acquire+0x2a02/0x5e70 [ 141.517574] lock_acquire+0x1a2/0x530 [ 141.517590] _raw_spin_lock_irqsave+0x39/0x60 [ 141.517608] down_trylock+0xe/0x70 [ 141.517622] __down_trylock_console_sem+0x3b/0xd0 [ 141.517638] vprintk_emit+0x16b/0x560 [ 141.517653] vprintk+0x84/0xa0 [ 141.517669] _printk+0xba/0xf1 [ 141.517678] report_bug.cold+0x72/0xab [ 141.517694] handle_bug+0x3c/0x70 [ 141.517710] exc_invalid_op+0x14/0x50 [ 141.517726] asm_exc_invalid_op+0x16/0x20 [ 141.517737] group_sched_out.part.0+0x2c7/0x460 [ 141.517748] ctx_sched_out+0x8f1/0xc10 [ 141.517758] __perf_event_task_sched_out+0x6d0/0x18d0 [ 141.517770] __schedule+0xedd/0x2470 [ 141.517783] schedule+0xda/0x1b0 [ 141.517796] exit_to_user_mode_prepare+0x114/0x1a0 [ 141.517806] syscall_exit_to_user_mode+0x19/0x40 [ 141.517818] do_syscall_64+0x48/0x90 [ 141.517834] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 141.517846] [ 141.517846] other info that might help us debug this: [ 141.517846] [ 141.517849] Chain exists of: [ 141.517849] (console_sem).lock --> &rq->__lock --> &ctx->lock [ 141.517849] [ 141.517864] Possible unsafe locking scenario: [ 141.517864] [ 141.517866] CPU0 CPU1 [ 141.517868] ---- ---- [ 141.517871] lock(&ctx->lock); [ 141.517876] lock(&rq->__lock); [ 141.517883] lock(&ctx->lock); [ 141.517889] lock((console_sem).lock); [ 141.517895] [ 141.517895] *** DEADLOCK *** [ 141.517895] [ 141.517897] 2 locks held by syz-executor.0/3974: [ 141.517903] #0: ffff88806ce37d18 (&rq->__lock){-.-.}-{2:2}, at: __schedule+0x1cf/0x2470 [ 141.517932] #1: ffff88803d9e5420 (&ctx->lock){....}-{2:2}, at: __perf_event_task_sched_out+0x53b/0x18d0 [ 141.517959] [ 141.517959] stack backtrace: [ 141.517962] CPU: 0 PID: 3974 Comm: syz-executor.0 Not tainted 6.0.0-rc6-next-20220923 #1 [ 141.517974] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 141.517983] Call Trace: [ 141.517986] [ 141.517990] dump_stack_lvl+0x8b/0xb3 [ 141.518008] check_noncircular+0x263/0x2e0 [ 141.518024] ? format_decode+0x26c/0xb50 [ 141.518040] ? print_circular_bug+0x450/0x450 [ 141.518057] ? enable_ptr_key_workfn+0x20/0x20 [ 141.518074] ? format_decode+0x26c/0xb50 [ 141.518091] ? alloc_chain_hlocks+0x1ec/0x5a0 [ 141.518110] __lock_acquire+0x2a02/0x5e70 [ 141.518133] ? lockdep_hardirqs_on_prepare+0x410/0x410 [ 141.518150] ? __mutex_add_waiter+0x120/0x120 [ 141.518170] lock_acquire+0x1a2/0x530 [ 141.518186] ? down_trylock+0xe/0x70 [ 141.518203] ? lock_release+0x750/0x750 [ 141.518224] ? vprintk+0x84/0xa0 [ 141.518242] _raw_spin_lock_irqsave+0x39/0x60 [ 141.518261] ? down_trylock+0xe/0x70 [ 141.518277] down_trylock+0xe/0x70 [ 141.518292] ? vprintk+0x84/0xa0 [ 141.518308] __down_trylock_console_sem+0x3b/0xd0 [ 141.518325] vprintk_emit+0x16b/0x560 [ 141.518345] vprintk+0x84/0xa0 [ 141.518362] _printk+0xba/0xf1 [ 141.518373] ? record_print_text.cold+0x16/0x16 [ 141.518390] ? report_bug.cold+0x66/0xab [ 141.518407] ? group_sched_out.part.0+0x2c7/0x460 [ 141.518419] report_bug.cold+0x72/0xab [ 141.518438] handle_bug+0x3c/0x70 [ 141.518455] exc_invalid_op+0x14/0x50 [ 141.518472] asm_exc_invalid_op+0x16/0x20 [ 141.518485] RIP: 0010:group_sched_out.part.0+0x2c7/0x460 [ 141.518498] Code: 5e 41 5f e9 5b bb ef ff e8 56 bb ef ff 65 8b 1d 1b 26 ac 7e 31 ff 89 de e8 f6 b7 ef ff 85 db 0f 84 8a 00 00 00 e8 39 bb ef ff <0f> 0b e9 a5 fe ff ff e8 2d bb ef ff 48 8d 7d 10 48 b8 00 00 00 00 [ 141.518510] RSP: 0018:ffff888020277c48 EFLAGS: 00010006 [ 141.518519] RAX: 0000000040000002 RBX: 0000000000000000 RCX: 0000000000000000 [ 141.518526] RDX: ffff88801a439ac0 RSI: ffffffff81564fb7 RDI: 0000000000000005 [ 141.518534] RBP: ffff888008668000 R08: 0000000000000005 R09: 0000000000000001 [ 141.518541] R10: 0000000000000000 R11: ffffffff865b001b R12: ffff88803d9e5400 [ 141.518549] R13: ffff88806ce3d140 R14: ffffffff8547d040 R15: 0000000000000002 [ 141.518561] ? group_sched_out.part.0+0x2c7/0x460 [ 141.518574] ? group_sched_out.part.0+0x2c7/0x460 [ 141.518588] ctx_sched_out+0x8f1/0xc10 [ 141.518602] __perf_event_task_sched_out+0x6d0/0x18d0 [ 141.518618] ? lock_is_held_type+0xd7/0x130 [ 141.518632] ? __perf_cgroup_move+0x160/0x160 [ 141.518644] ? set_next_entity+0x304/0x550 [ 141.518661] ? update_curr+0x267/0x740 [ 141.518680] ? lock_is_held_type+0xd7/0x130 [ 141.518694] __schedule+0xedd/0x2470 [ 141.518711] ? io_schedule_timeout+0x150/0x150 [ 141.518728] ? __x64_sys_futex_time32+0x480/0x480 [ 141.518742] schedule+0xda/0x1b0 [ 141.518757] exit_to_user_mode_prepare+0x114/0x1a0 [ 141.518769] syscall_exit_to_user_mode+0x19/0x40 [ 141.518782] do_syscall_64+0x48/0x90 [ 141.518800] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 141.518812] RIP: 0033:0x7f950f2c2b19 [ 141.518820] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 141.518831] RSP: 002b:00007f950c838218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 141.518842] RAX: 0000000000000001 RBX: 00007f950f3d5f68 RCX: 00007f950f2c2b19 [ 141.518849] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f950f3d5f6c [ 141.518856] RBP: 00007f950f3d5f60 R08: 000000000000000e R09: 0000000000000000 [ 141.518864] R10: 0000000000000003 R11: 0000000000000246 R12: 00007f950f3d5f6c [ 141.518871] R13: 00007fff9dc8486f R14: 00007f950c838300 R15: 0000000000022000 [ 141.518885] [ 141.576359] WARNING: CPU: 0 PID: 3974 at kernel/events/core.c:2309 group_sched_out.part.0+0x2c7/0x460 [ 141.577050] Modules linked in: [ 141.577296] CPU: 0 PID: 3974 Comm: syz-executor.0 Not tainted 6.0.0-rc6-next-20220923 #1 [ 141.577891] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 141.578703] RIP: 0010:group_sched_out.part.0+0x2c7/0x460 [ 141.579119] Code: 5e 41 5f e9 5b bb ef ff e8 56 bb ef ff 65 8b 1d 1b 26 ac 7e 31 ff 89 de e8 f6 b7 ef ff 85 db 0f 84 8a 00 00 00 e8 39 bb ef ff <0f> 0b e9 a5 fe ff ff e8 2d bb ef ff 48 8d 7d 10 48 b8 00 00 00 00 [ 141.580463] RSP: 0018:ffff888020277c48 EFLAGS: 00010006 [ 141.580853] RAX: 0000000040000002 RBX: 0000000000000000 RCX: 0000000000000000 [ 141.581377] RDX: ffff88801a439ac0 RSI: ffffffff81564fb7 RDI: 0000000000000005 [ 141.581902] RBP: ffff888008668000 R08: 0000000000000005 R09: 0000000000000001 [ 141.582433] R10: 0000000000000000 R11: ffffffff865b001b R12: ffff88803d9e5400 [ 141.582968] R13: ffff88806ce3d140 R14: ffffffff8547d040 R15: 0000000000000002 [ 141.583503] FS: 00007f950c838700(0000) GS:ffff88806ce00000(0000) knlGS:0000000000000000 [ 141.584103] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 141.584536] CR2: 0000000020000000 CR3: 000000003e5de000 CR4: 0000000000350ef0 [ 141.585059] Call Trace: [ 141.585253] [ 141.585428] ctx_sched_out+0x8f1/0xc10 [ 141.585720] __perf_event_task_sched_out+0x6d0/0x18d0 [ 141.586115] ? lock_is_held_type+0xd7/0x130 [ 141.586443] ? __perf_cgroup_move+0x160/0x160 [ 141.586780] ? set_next_entity+0x304/0x550 [ 141.587117] ? update_curr+0x267/0x740 [ 141.587427] ? lock_is_held_type+0xd7/0x130 [ 141.587748] __schedule+0xedd/0x2470 [ 141.588037] ? io_schedule_timeout+0x150/0x150 [ 141.588385] ? __x64_sys_futex_time32+0x480/0x480 [ 141.588751] schedule+0xda/0x1b0 [ 141.589019] exit_to_user_mode_prepare+0x114/0x1a0 [ 141.589403] syscall_exit_to_user_mode+0x19/0x40 [ 141.589768] do_syscall_64+0x48/0x90 [ 141.590063] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 141.590451] RIP: 0033:0x7f950f2c2b19 [ 141.590735] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 141.592081] RSP: 002b:00007f950c838218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 141.592645] RAX: 0000000000000001 RBX: 00007f950f3d5f68 RCX: 00007f950f2c2b19 [ 141.593179] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f950f3d5f6c [ 141.593710] RBP: 00007f950f3d5f60 R08: 000000000000000e R09: 0000000000000000 [ 141.594230] R10: 0000000000000003 R11: 0000000000000246 R12: 00007f950f3d5f6c [ 141.594769] R13: 00007fff9dc8486f R14: 00007f950c838300 R15: 0000000000022000 [ 141.595315] [ 141.595495] irq event stamp: 640 [ 141.595744] hardirqs last enabled at (639): [] exit_to_user_mode_prepare+0x109/0x1a0 [ 141.596436] hardirqs last disabled at (640): [] __schedule+0x1225/0x2470 [ 141.597064] softirqs last enabled at (472): [] __irq_exit_rcu+0x11b/0x180 [ 141.597692] softirqs last disabled at (441): [] __irq_exit_rcu+0x11b/0x180 [ 141.598335] ---[ end trace 0000000000000000 ]--- [ 141.606192] loop7: detected capacity change from 0 to 127 [ 141.637070] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 141.640319] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 141.652420] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 141.655328] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 141.655939] hrtimer: interrupt took 22011 ns 22:15:51 executing program 4: r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040), 0xb}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xb) r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x26e1, 0x0) ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(0xffffffffffffffff, 0xc018937e, &(0x7f0000000100)=ANY=[@ANYBLOB="010000000100000018000000a2703a91266d6bfe75e88a78e1d15a03274398563d2b67fa2429a10c4d733c0995773289903edceb621fb9ca2876805fe0cad846ae5dbe4a2a308a1e84fddaeb6bbe674a9fb460f43a6a78d1be2ffab3614010b0fc8342a9a25920247e6216373a782c21cd574c370ef5e69326976c6f9755d66e29fec3", @ANYRES32=r0, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00./file0\x00']) tgkill(0x0, 0x0, 0x0) perf_event_open(&(0x7f0000000300)={0x3, 0x80, 0x1, 0xd5, 0x81, 0x6, 0x0, 0x2, 0x402, 0x8, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1d, 0x4, @perf_bp={&(0x7f0000000200), 0x4}, 0x10, 0x7, 0x80000001, 0x3, 0x4, 0x2, 0x2, 0x0, 0x4, 0x0, 0x568}, 0x0, 0x3, r0, 0xa) syncfs(r1) 22:15:51 executing program 3: syz_usb_connect(0x1, 0x2d, &(0x7f00000000c0)={{0x12, 0x1, 0x0, 0xd6, 0xb8, 0xe, 0x0, 0x2304, 0x242, 0x41ce, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x1b, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x5b, 0xac, 0x0, 0x0, [], [{}]}}]}}]}}, 0x0) syz_usb_connect$printer(0x3, 0x2d, &(0x7f0000000000)={{0x12, 0x1, 0x300, 0x0, 0x0, 0x0, 0x10, 0x525, 0xa4a8, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x1b, 0x1, 0x1, 0x40, 0x90, 0x16, [{{0x9, 0x4, 0x0, 0x2, 0x2, 0x7, 0x1, 0x2, 0x0, "", {{{0x9, 0x5, 0x1, 0x2, 0x10, 0x0, 0x1, 0x1}}}}}]}}]}}, &(0x7f0000000540)={0xa, &(0x7f0000000040)={0xa, 0x6, 0x340, 0xfc, 0x1, 0x1, 0x8, 0x3c}, 0x2b, &(0x7f0000000080)={0x5, 0xf, 0x2b, 0x2, [@ssp_cap={0x1c, 0x10, 0xa, 0x1f, 0x4, 0x800, 0xf000, 0xff, [0xff, 0xf, 0xff0000, 0x3f]}, @generic={0xa, 0x10, 0x3, "065da69a427c11"}]}, 0xa, [{0x4, &(0x7f0000000100)=@lang_id={0x4, 0x3, 0x81a}}, {0x4, &(0x7f0000000140)=@lang_id={0x4, 0x3, 0x427}}, {0x9, &(0x7f0000000180)=@string={0x9, 0x3, "64c5d055f8ef85"}}, {0xf1, &(0x7f00000001c0)=@string={0xf1, 0x3, "514035f31f29d8f42ae047b026284364059b0ad52a432297db8eae83e909788d4b94c2786927f494e3e2234afbfc83938cd216096c0c03bfb5906932dc799f965d61628a761e6370959e25514417cc33d03535abc54a0f23e1ae23c94a1ef59b05be79cfa3d8055fb3b7a80b2143eaf24f2675ebbbaedce4e126b860c00bf21d607e9336a66919df4f208667e1e56fb1af4b50be732cdb1b720765aa5781cbf42b1e40973820f6668a1e3a425677dc277dd3433b019f306a5fd8c10df76c374a87e7923d15dfeccbbf9dd842ce9b41b388080d5e359aa30c9fdd90123649df4532237ccc5133338f9d500c405de6fa"}}, {0xac, &(0x7f0000000600)=ANY=[@ANYBLOB="ac03d850c690f20f133abd6329d9ebc694b7aa7059eaf5d61791861ea912d1664a5bd646f0d191eb5c81658c59f5f7608df646a5ad570ed0b31003dbd16b2b0e0bfd7618cb5b5c7db30a520caa594805c26b18cd9b195b80a2bbac4ee0d227bd161fc7ac63a4dab9c66a6b61de30bb21c07b2c71a0a4e97247f5dab50aa40dc00f49c7f72af9ded70800fb5fcb7ea8016bdb3e2a3bb20a28e44551459253ea709ae41df955c72fbb666bd8adbe4e097b3298f631fe5343563fcf397871"]}, {0x4, &(0x7f0000000380)=@lang_id={0x4, 0x3, 0x44a}}, {0xa6, &(0x7f00000003c0)=@string={0xa6, 0x3, "74a96d21c406bb793e44d21b7d4f3638fda0e5caa69d4a897b377bc092342ecd0d3ad6e3a7d85b920588081d091e068592e4eb3568063f7f0556227f58879e2498362752c210e6f8613d28765f294c20b69d5e4da64c7d659d18d114b366c28720f3b537a4df61f9c71fbd0df179fe81ad894dccd3b8a18d218f092b955abe2c16c38566d074f0f60ab4ff4368122e16ccd710b79e1d4d7cf21f0bf5f3ce35b42975956b"}}, {0x4, &(0x7f0000000480)=@lang_id={0x4, 0x3, 0x80c}}, {0x4, &(0x7f00000004c0)=@lang_id={0x4, 0x3, 0x416}}, {0x4, &(0x7f0000000500)=@lang_id={0x4, 0x3, 0x421}}]}) 22:15:51 executing program 5: move_pages(0x0, 0x4, &(0x7f0000000000)=[&(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffd000/0x2000)=nil], &(0x7f0000000040)=[0xfffff88b], &(0x7f0000000080)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x4) r0 = pkey_alloc(0x0, 0x3) pkey_mprotect(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, r0) r1 = shmget$private(0x0, 0x1000, 0x78000000, &(0x7f0000ffd000/0x1000)=nil) shmat(r1, &(0x7f0000ffc000/0x2000)=nil, 0x2000) r2 = pkey_alloc(0x0, 0x2) pkey_mprotect(&(0x7f0000ff9000/0x7000)=nil, 0x7000, 0x3000000, r2) r3 = shmget$private(0x0, 0x1000, 0x1, &(0x7f0000ffd000/0x1000)=nil) shmctl$IPC_STAT(r3, 0x2, &(0x7f00000000c0)=""/4096) pkey_mprotect(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x8, r0) r4 = shmget$private(0x0, 0x2000, 0x1000, &(0x7f0000ffc000/0x2000)=nil) pkey_free(r0) shmat(r4, &(0x7f0000ffa000/0x1000)=nil, 0x5000) mbind(&(0x7f0000ffb000/0x1000)=nil, 0x1000, 0x2, &(0x7f00000010c0)=0x5b3, 0x5, 0x3) pkey_alloc(0x0, 0xfa1d05958d2ea192) pkey_mprotect(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x8, 0xffffffffffffffff) r5 = pkey_alloc(0x0, 0x1) pkey_mprotect(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x6, r5) mbind(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x3, &(0x7f0000001100)=0x4003976, 0x7fff, 0x38fbf82c515b672b) ioctl$EVIOCSREP(0xffffffffffffffff, 0x40084503, &(0x7f0000001140)=[0x1, 0xffffffc1]) 22:15:51 executing program 5: move_pages(0x0, 0x4, &(0x7f0000000000)=[&(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffd000/0x2000)=nil], &(0x7f0000000040)=[0xfffff88b], &(0x7f0000000080)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x4) r0 = pkey_alloc(0x0, 0x3) pkey_mprotect(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, r0) r1 = shmget$private(0x0, 0x1000, 0x78000000, &(0x7f0000ffd000/0x1000)=nil) shmat(r1, &(0x7f0000ffc000/0x2000)=nil, 0x2000) r2 = pkey_alloc(0x0, 0x2) pkey_mprotect(&(0x7f0000ff9000/0x7000)=nil, 0x7000, 0x3000000, r2) r3 = shmget$private(0x0, 0x1000, 0x1, &(0x7f0000ffd000/0x1000)=nil) shmctl$IPC_STAT(r3, 0x2, &(0x7f00000000c0)=""/4096) pkey_mprotect(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x8, r0) r4 = shmget$private(0x0, 0x2000, 0x1000, &(0x7f0000ffc000/0x2000)=nil) pkey_free(r0) shmat(r4, &(0x7f0000ffa000/0x1000)=nil, 0x5000) mbind(&(0x7f0000ffb000/0x1000)=nil, 0x1000, 0x2, &(0x7f00000010c0)=0x5b3, 0x5, 0x3) pkey_alloc(0x0, 0xfa1d05958d2ea192) pkey_mprotect(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x8, 0xffffffffffffffff) r5 = pkey_alloc(0x0, 0x1) pkey_mprotect(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x6, r5) mbind(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x3, &(0x7f0000001100)=0x4003976, 0x7fff, 0x38fbf82c515b672b) ioctl$EVIOCSREP(0xffffffffffffffff, 0x40084503, &(0x7f0000001140)=[0x1, 0xffffffc1]) 22:15:51 executing program 7: syz_mount_image$nfs4(0x0, &(0x7f0000000200)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) getpeername(0xffffffffffffffff, &(0x7f0000000000)=@alg, &(0x7f0000000080)=0x80) r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000480)='/sys/bus/i2c', 0x0, 0x0) mount$9p_fd(0x0, &(0x7f0000000400)='./file0\x00', &(0x7f0000000440), 0x0, &(0x7f00000005c0)={'trans=fd,', {'rfdno', 0x3d, r0}}) [ 141.826247] 9pnet_fd: Insufficient options for proto=fd 22:15:51 executing program 6: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x2080000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x1000, 0x3ff}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10005}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0xc042, 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)) ioctl$PTP_PIN_SETFUNC(r0, 0x40603d07, &(0x7f0000001240)={'\x00', 0x555, 0x0, 0x273}) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x2, 0x0) acct(&(0x7f0000001200)='./file1\x00') pwrite64(r1, &(0x7f00000000c0)='9', 0x1, 0x8040000) setsockopt$inet6_tcp_TCP_MD5SIG(r1, 0x6, 0xe, &(0x7f0000000540)={@in6={{0xa, 0x4e20, 0xffff, @mcast2, 0x4}}, 0x0, 0x0, 0x15, 0x0, "b25da62d685a38083e45ab1950001ca46105939b4b3d83bd945bed03b30b62897693132cb6e12788b1d58f9b2fff886055bea488ee0e2918a8c961a2684924dfa9841132b1916476e31d06d76d34a918"}, 0xd8) r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x4042, 0x0) sendfile(r1, r2, 0x0, 0xffff) r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) r4 = openat$sr(0xffffffffffffff9c, &(0x7f0000000100), 0x44b43, 0x0) preadv(0xffffffffffffffff, &(0x7f00000011c0)=[{&(0x7f0000000180)=""/4096, 0x1000}], 0x1, 0x7, 0x0) r5 = openat$incfs(r3, &(0x7f0000000340)='.pending_reads\x00', 0x101280, 0x108) ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(r0, 0xc0189378, &(0x7f00000012c0)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=0xffffffffffffffff, @ANYRES32=r5, @ANYBLOB="27929d15be0ba9b80d866ae26a26b71573e26a701c3677c51e367b342cee192f21c3114142d8b89c63e4558c25cd523e16c084cfac4f65ea0ae3fb7f87bfde391ac67b394e48b6ab734e3185bf89be7937310100a9f965"]) ioctl$F2FS_IOC_FLUSH_DEVICE(r6, 0x4008f50a, &(0x7f0000001180)={0x8, 0x4}) ioctl$SG_EMULATED_HOST(r4, 0x5390, &(0x7f0000002340)) syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000140)='./file1\x00', 0x3709, 0x3, &(0x7f0000000380)=[{&(0x7f0000000180)="1c2fe7f4768bbb4726372f7ae4f19dbebc055e338ef75483d768ff9661c6", 0x1e, 0x84a}, {&(0x7f00000001c0)="388cbf3d90953f6ab40ff6a75acbbf53880ed5b66aa541ae9a5f42fefb047436d6c2416285793361f23ace0e3666e47dac410a1047a20710ad0bc8781024d37ef2e3456ac7178fd2ea26d75d963423678b55bee32c0fc2696cb52f45a60b8e3635a982bbc6f643c54cfc4212fd717170f75e6fe08c5e2d007e43209704cc1e15c14da4db99a8a00e75", 0x89, 0x8}, {&(0x7f0000000300)="adbf3a6c6f8ced403e4d167f1835f0831b4a1878501e444d3fc569adb2d8dd01585c75b45e2624610b7f", 0x2a, 0xe9}], 0x200480c, &(0x7f0000000400)=ANY=[@ANYBLOB='rodir,nonumtail=0,iocharset=koi8-u,uid=', @ANYRESDEC=0x0, @ANYBLOB="2c66736319e9a497de8eaa06000000"]) utimensat(0xffffffffffffffff, &(0x7f0000000480)='./file1\x00', &(0x7f0000000500)={{0x77359400}}, 0x100) [ 142.226306] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 142.229790] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 142.438016] syz-executor.1 (4011) used greatest stack depth: 24408 bytes left [ 142.528594] loop6: detected capacity change from 0 to 27 [ 142.530581] FAT-fs (loop6): Unrecognized mount option "fsc餗ގª" or missing value [ 142.624900] loop6: detected capacity change from 0 to 27 [ 142.626464] FAT-fs (loop6): Unrecognized mount option "fsc餗ގª" or missing value [ 142.698520] Process accounting resumed VM DIAGNOSIS: 22:15:51 Registers: info registers vcpu 0 RAX=000000000000002f RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff822b17e1 RDI=ffffffff87645be0 RBP=ffffffff87645ba0 RSP=ffff888020277698 R8 =0000000000000001 R9 =000000000000000a R10=000000000000002f R11=0000000000000001 R12=000000000000002f R13=ffffffff87645ba0 R14=0000000000000010 R15=ffffffff822b17d0 RIP=ffffffff822b1839 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 00007f950c838700 00000000 00000000 GS =0000 ffff88806ce00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=0000000020000000 CR3=000000003e5de000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 YMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM01=0000000000000000 0000000000000000 00007f950f3a97c0 00007f950f3a97c8 YMM02=0000000000000000 0000000000000000 00007f950f3a97e0 00007f950f3a97c0 YMM03=0000000000000000 0000000000000000 00007f950f3a97c8 00007f950f3a97c0 YMM04=0000000000000000 0000000000000000 ffffffffffffffff ffffffff00000000 YMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM06=0000000000000000 0000000000000000 0000000000000000 000000524f525245 YMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM08=0000000000000000 0000000000000000 0000000000000000 00524f5252450040 YMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 RAX=0000000000005742 RBX=ffff88806ce3eee0 RCX=ffffc90001dce000 RDX=0000000000040000 RSI=ffffffff813bbc04 RDI=0000000000000005 RBP=0000000000000003 RSP=ffff8880183276c0 R8 =0000000000000005 R9 =0000000000000000 R10=0000000000000001 R11=0000000000000001 R12=ffffed100d9c7ddd R13=0000000000000001 R14=ffff88806ce3eee8 R15=dffffc0000000000 RIP=ffffffff81460b4c RFL=00000216 [----AP-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 00007f57cd9a2700 00000000 00000000 GS =0000 ffff88806cf00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=0000001b2db23000 CR3=000000003df3a000 CR4=00350ee0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 YMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM01=0000000000000000 0000000000000000 00007f57d05137c0 00007f57d05137c8 YMM02=0000000000000000 0000000000000000 00007f57d05137e0 00007f57d05137c0 YMM03=0000000000000000 0000000000000000 00007f57d05137c8 00007f57d05137c0 YMM04=0000000000000000 0000000000000000 ffffffffffffffff ffffffff00000000 YMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM06=0000000000000000 0000000000000000 0000000000000000 000000524f525245 YMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM08=0000000000000000 0000000000000000 0000000000000000 00524f5252450040 YMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000