Debian GNU/Linux 11 syzkaller ttyS0 Warning: Permanently added '[localhost]:3628' (ECDSA) to the list of known hosts. 2022/09/24 23:09:22 fuzzer started 2022/09/24 23:09:23 dialing manager at localhost:38881 syzkaller login: [ 36.621627] cgroup: Unknown subsys name 'net' [ 36.717514] cgroup: Unknown subsys name 'rlimit' 2022/09/24 23:09:37 syscalls: 2215 2022/09/24 23:09:37 code coverage: enabled 2022/09/24 23:09:37 comparison tracing: enabled 2022/09/24 23:09:37 extra coverage: enabled 2022/09/24 23:09:37 setuid sandbox: enabled 2022/09/24 23:09:37 namespace sandbox: enabled 2022/09/24 23:09:37 Android sandbox: enabled 2022/09/24 23:09:37 fault injection: enabled 2022/09/24 23:09:37 leak checking: enabled 2022/09/24 23:09:37 net packet injection: enabled 2022/09/24 23:09:37 net device setup: enabled 2022/09/24 23:09:37 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2022/09/24 23:09:37 devlink PCI setup: PCI device 0000:00:10.0 is not available 2022/09/24 23:09:37 USB emulation: enabled 2022/09/24 23:09:37 hci packet injection: enabled 2022/09/24 23:09:37 wifi device emulation: failed to parse kernel version (6.0.0-rc6-next-20220923) 2022/09/24 23:09:37 802.15.4 emulation: enabled 2022/09/24 23:09:37 fetching corpus: 50, signal 24271/26073 (executing program) 2022/09/24 23:09:37 fetching corpus: 100, signal 37352/40763 (executing program) 2022/09/24 23:09:37 fetching corpus: 150, signal 44723/49647 (executing program) 2022/09/24 23:09:37 fetching corpus: 200, signal 50951/57269 (executing program) 2022/09/24 23:09:37 fetching corpus: 250, signal 55348/63109 (executing program) 2022/09/24 23:09:37 fetching corpus: 300, signal 63445/72373 (executing program) 2022/09/24 23:09:37 fetching corpus: 350, signal 68928/79042 (executing program) 2022/09/24 23:09:38 fetching corpus: 400, signal 72136/83493 (executing program) 2022/09/24 23:09:38 fetching corpus: 450, signal 74840/87379 (executing program) 2022/09/24 23:09:38 fetching corpus: 500, signal 76836/90631 (executing program) 2022/09/24 23:09:38 fetching corpus: 550, signal 79128/94126 (executing program) 2022/09/24 23:09:38 fetching corpus: 600, signal 84521/100351 (executing program) 2022/09/24 23:09:38 fetching corpus: 650, signal 87562/104404 (executing program) 2022/09/24 23:09:38 fetching corpus: 700, signal 90177/108041 (executing program) 2022/09/24 23:09:38 fetching corpus: 750, signal 93460/112197 (executing program) 2022/09/24 23:09:38 fetching corpus: 800, signal 99299/118566 (executing program) 2022/09/24 23:09:39 fetching corpus: 850, signal 100478/120788 (executing program) 2022/09/24 23:09:39 fetching corpus: 900, signal 102145/123457 (executing program) 2022/09/24 23:09:39 fetching corpus: 950, signal 104650/126784 (executing program) 2022/09/24 23:09:39 fetching corpus: 1000, signal 107925/130718 (executing program) 2022/09/24 23:09:39 fetching corpus: 1050, signal 110015/133572 (executing program) 2022/09/24 23:09:39 fetching corpus: 1100, signal 111004/135498 (executing program) 2022/09/24 23:09:39 fetching corpus: 1150, signal 112889/138153 (executing program) 2022/09/24 23:09:39 fetching corpus: 1200, signal 114050/140171 (executing program) 2022/09/24 23:09:40 fetching corpus: 1250, signal 116670/143344 (executing program) 2022/09/24 23:09:40 fetching corpus: 1300, signal 118757/146069 (executing program) 2022/09/24 23:09:40 fetching corpus: 1350, signal 120763/148704 (executing program) 2022/09/24 23:09:40 fetching corpus: 1400, signal 123051/151511 (executing program) 2022/09/24 23:09:40 fetching corpus: 1450, signal 125165/154155 (executing program) 2022/09/24 23:09:40 fetching corpus: 1500, signal 127000/156599 (executing program) 2022/09/24 23:09:40 fetching corpus: 1550, signal 128643/158852 (executing program) 2022/09/24 23:09:41 fetching corpus: 1600, signal 131407/161841 (executing program) 2022/09/24 23:09:41 fetching corpus: 1650, signal 132665/163699 (executing program) 2022/09/24 23:09:41 fetching corpus: 1700, signal 133732/165414 (executing program) 2022/09/24 23:09:41 fetching corpus: 1750, signal 135460/167563 (executing program) 2022/09/24 23:09:41 fetching corpus: 1800, signal 137246/169728 (executing program) 2022/09/24 23:09:41 fetching corpus: 1850, signal 138188/171303 (executing program) 2022/09/24 23:09:41 fetching corpus: 1900, signal 139853/173317 (executing program) 2022/09/24 23:09:41 fetching corpus: 1950, signal 141419/175315 (executing program) 2022/09/24 23:09:42 fetching corpus: 2000, signal 142395/176841 (executing program) 2022/09/24 23:09:42 fetching corpus: 2050, signal 144338/178992 (executing program) 2022/09/24 23:09:42 fetching corpus: 2100, signal 146255/181119 (executing program) 2022/09/24 23:09:42 fetching corpus: 2150, signal 147131/182514 (executing program) 2022/09/24 23:09:42 fetching corpus: 2200, signal 148733/184392 (executing program) 2022/09/24 23:09:42 fetching corpus: 2250, signal 149880/185913 (executing program) 2022/09/24 23:09:42 fetching corpus: 2300, signal 151206/187573 (executing program) 2022/09/24 23:09:43 fetching corpus: 2350, signal 152041/188915 (executing program) 2022/09/24 23:09:43 fetching corpus: 2400, signal 153000/190323 (executing program) 2022/09/24 23:09:43 fetching corpus: 2450, signal 154585/192059 (executing program) 2022/09/24 23:09:43 fetching corpus: 2500, signal 155223/193236 (executing program) 2022/09/24 23:09:43 fetching corpus: 2550, signal 156243/194699 (executing program) 2022/09/24 23:09:43 fetching corpus: 2600, signal 156782/195719 (executing program) 2022/09/24 23:09:43 fetching corpus: 2650, signal 157833/197093 (executing program) 2022/09/24 23:09:43 fetching corpus: 2700, signal 158503/198213 (executing program) 2022/09/24 23:09:44 fetching corpus: 2750, signal 159319/199422 (executing program) 2022/09/24 23:09:44 fetching corpus: 2800, signal 159972/200486 (executing program) 2022/09/24 23:09:44 fetching corpus: 2850, signal 160997/201766 (executing program) 2022/09/24 23:09:44 fetching corpus: 2900, signal 161702/202847 (executing program) 2022/09/24 23:09:44 fetching corpus: 2950, signal 162515/203986 (executing program) 2022/09/24 23:09:44 fetching corpus: 3000, signal 163730/205318 (executing program) 2022/09/24 23:09:44 fetching corpus: 3050, signal 164222/206245 (executing program) 2022/09/24 23:09:44 fetching corpus: 3100, signal 165159/207361 (executing program) 2022/09/24 23:09:44 fetching corpus: 3150, signal 166165/208548 (executing program) 2022/09/24 23:09:45 fetching corpus: 3200, signal 166859/209572 (executing program) 2022/09/24 23:09:45 fetching corpus: 3250, signal 167412/210518 (executing program) 2022/09/24 23:09:45 fetching corpus: 3300, signal 168115/211541 (executing program) 2022/09/24 23:09:45 fetching corpus: 3350, signal 169153/212672 (executing program) 2022/09/24 23:09:45 fetching corpus: 3400, signal 170002/213722 (executing program) 2022/09/24 23:09:45 fetching corpus: 3450, signal 170543/214599 (executing program) 2022/09/24 23:09:45 fetching corpus: 3500, signal 171418/215637 (executing program) 2022/09/24 23:09:45 fetching corpus: 3550, signal 172165/216529 (executing program) 2022/09/24 23:09:45 fetching corpus: 3600, signal 172658/217364 (executing program) 2022/09/24 23:09:46 fetching corpus: 3650, signal 173376/218293 (executing program) 2022/09/24 23:09:46 fetching corpus: 3700, signal 174218/219244 (executing program) 2022/09/24 23:09:46 fetching corpus: 3750, signal 174796/220115 (executing program) 2022/09/24 23:09:46 fetching corpus: 3800, signal 176034/221204 (executing program) 2022/09/24 23:09:46 fetching corpus: 3850, signal 177466/222352 (executing program) 2022/09/24 23:09:46 fetching corpus: 3900, signal 177781/223042 (executing program) 2022/09/24 23:09:46 fetching corpus: 3950, signal 178829/224001 (executing program) 2022/09/24 23:09:46 fetching corpus: 4000, signal 179221/224688 (executing program) 2022/09/24 23:09:46 fetching corpus: 4050, signal 180427/225697 (executing program) 2022/09/24 23:09:47 fetching corpus: 4100, signal 181051/226468 (executing program) 2022/09/24 23:09:47 fetching corpus: 4150, signal 181546/227181 (executing program) 2022/09/24 23:09:47 fetching corpus: 4200, signal 182405/228043 (executing program) 2022/09/24 23:09:47 fetching corpus: 4250, signal 183425/228942 (executing program) 2022/09/24 23:09:47 fetching corpus: 4300, signal 184374/229743 (executing program) 2022/09/24 23:09:47 fetching corpus: 4350, signal 184712/230348 (executing program) 2022/09/24 23:09:47 fetching corpus: 4400, signal 185503/231082 (executing program) 2022/09/24 23:09:47 fetching corpus: 4450, signal 186581/231909 (executing program) 2022/09/24 23:09:48 fetching corpus: 4500, signal 187571/232728 (executing program) 2022/09/24 23:09:48 fetching corpus: 4550, signal 188084/233366 (executing program) 2022/09/24 23:09:48 fetching corpus: 4600, signal 188778/234084 (executing program) 2022/09/24 23:09:48 fetching corpus: 4650, signal 189164/234701 (executing program) 2022/09/24 23:09:48 fetching corpus: 4700, signal 189829/235334 (executing program) 2022/09/24 23:09:48 fetching corpus: 4750, signal 191526/236240 (executing program) 2022/09/24 23:09:48 fetching corpus: 4800, signal 192511/236999 (executing program) 2022/09/24 23:09:49 fetching corpus: 4850, signal 193582/237667 (executing program) 2022/09/24 23:09:49 fetching corpus: 4900, signal 194407/238305 (executing program) 2022/09/24 23:09:49 fetching corpus: 4950, signal 194900/238923 (executing program) 2022/09/24 23:09:49 fetching corpus: 5000, signal 195458/239493 (executing program) 2022/09/24 23:09:49 fetching corpus: 5050, signal 195781/239988 (executing program) 2022/09/24 23:09:49 fetching corpus: 5100, signal 196471/240529 (executing program) 2022/09/24 23:09:49 fetching corpus: 5150, signal 196934/241052 (executing program) 2022/09/24 23:09:49 fetching corpus: 5200, signal 198179/241720 (executing program) 2022/09/24 23:09:49 fetching corpus: 5250, signal 198976/242247 (executing program) 2022/09/24 23:09:50 fetching corpus: 5300, signal 199234/242687 (executing program) 2022/09/24 23:09:50 fetching corpus: 5350, signal 199561/243153 (executing program) 2022/09/24 23:09:50 fetching corpus: 5400, signal 200467/243676 (executing program) 2022/09/24 23:09:50 fetching corpus: 5450, signal 200844/244172 (executing program) 2022/09/24 23:09:50 fetching corpus: 5500, signal 201831/244689 (executing program) 2022/09/24 23:09:50 fetching corpus: 5550, signal 202429/245133 (executing program) 2022/09/24 23:09:50 fetching corpus: 5600, signal 203087/245620 (executing program) 2022/09/24 23:09:50 fetching corpus: 5650, signal 203774/246072 (executing program) 2022/09/24 23:09:50 fetching corpus: 5700, signal 204554/246543 (executing program) 2022/09/24 23:09:51 fetching corpus: 5750, signal 204852/246941 (executing program) 2022/09/24 23:09:51 fetching corpus: 5800, signal 205519/247351 (executing program) 2022/09/24 23:09:51 fetching corpus: 5850, signal 206084/247735 (executing program) 2022/09/24 23:09:51 fetching corpus: 5900, signal 206832/248112 (executing program) 2022/09/24 23:09:51 fetching corpus: 5950, signal 207753/248501 (executing program) 2022/09/24 23:09:51 fetching corpus: 6000, signal 208376/248873 (executing program) 2022/09/24 23:09:51 fetching corpus: 6050, signal 208909/249197 (executing program) 2022/09/24 23:09:51 fetching corpus: 6100, signal 209242/249539 (executing program) 2022/09/24 23:09:51 fetching corpus: 6150, signal 210211/249903 (executing program) 2022/09/24 23:09:52 fetching corpus: 6200, signal 210636/249957 (executing program) 2022/09/24 23:09:52 fetching corpus: 6250, signal 211081/249961 (executing program) 2022/09/24 23:09:52 fetching corpus: 6300, signal 211677/249964 (executing program) 2022/09/24 23:09:52 fetching corpus: 6350, signal 212249/249966 (executing program) 2022/09/24 23:09:52 fetching corpus: 6400, signal 212939/249974 (executing program) 2022/09/24 23:09:52 fetching corpus: 6450, signal 213880/249976 (executing program) 2022/09/24 23:09:52 fetching corpus: 6500, signal 214548/249976 (executing program) 2022/09/24 23:09:52 fetching corpus: 6550, signal 215099/249976 (executing program) 2022/09/24 23:09:53 fetching corpus: 6567, signal 215231/249976 (executing program) 2022/09/24 23:09:53 fetching corpus: 6567, signal 215231/249976 (executing program) 2022/09/24 23:09:55 starting 8 fuzzer processes 23:09:55 executing program 0: r0 = gettid() ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000000)=0x0) kcmp$KCMP_EPOLL_TFD(r1, r0, 0x7, 0xffffffffffffffff, &(0x7f0000000040)) ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000080)={0x7, 0x5d, 0xffffff01, 0xfffffff7, 0x0, "5540329cfcaf7569411b15224bf8212f1d134e", 0x7, 0x2}) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f00000000c0)=0x0) r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100), 0x10000, 0x0) ioctl$KDSKBENT(r3, 0x4b47, &(0x7f0000000140)={0x9, 0x3, 0xb2}) preadv2(r3, &(0x7f0000000180), 0x0, 0x7, 0x200, 0x14) ioctl$TIOCMBIS(r3, 0x5416, &(0x7f00000001c0)=0x101) r4 = signalfd(r3, &(0x7f0000000200)={[0x40]}, 0x8) ioctl$TIOCVHANGUP(r4, 0x5437, 0x0) ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(r4, 0xc018937d, &(0x7f0000000240)={{0x1, 0x1, 0x18, r4, {0x3}}, './file0\x00'}) kcmp$KCMP_EPOLL_TFD(r1, r1, 0x7, r4, &(0x7f0000000280)={r5, r4, 0xb}) ioctl$TIOCSPGRP(r3, 0x5410, &(0x7f00000002c0)=r2) r6 = openat2(r4, &(0x7f0000000300)='./file0\x00', &(0x7f0000000340)={0x210000, 0x51, 0x1b}, 0x18) ioctl$KDMKTONE(r6, 0x4b30, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_POLICY(r5, 0x400c6615, &(0x7f0000000380)={0x0, @aes128}) gettid() ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r4, 0xc0189375, &(0x7f00000003c0)={{0x1, 0x1, 0x18, 0xffffffffffffffff}, './file1\x00'}) ioctl$TIOCL_PASTESEL(r7, 0x541c, &(0x7f0000000400)) 23:09:55 executing program 1: ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(0xffffffffffffffff, 0xc0189373, &(0x7f0000000000)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x8}}, './file0\x00'}) ioctl$FAT_IOCTL_GET_VOLUME_ID(r0, 0x80047213, &(0x7f0000000040)) ftruncate(r0, 0x4) r1 = socket$netlink(0x10, 0x3, 0x10) prctl$PR_SET_MM_EXE_FILE(0x23, 0xd, r1) getsockname$netlink(r1, &(0x7f0000000080), &(0x7f00000000c0)=0xc) syz_genetlink_get_family_id$ethtool(&(0x7f0000000100), r0) socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_open_procfs(0x0, &(0x7f0000000140)='net/fib_trie\x00') io_uring_register$IORING_REGISTER_PROBE(r2, 0x8, &(0x7f0000000180)={0x0, 0x0, 0x0, '\x00', [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}]}, 0x1a) r3 = syz_open_dev$vcsa(&(0x7f0000000280), 0xfff, 0x604000) ioctl$sock_SIOCSIFVLAN_SET_VLAN_EGRESS_PRIORITY_CMD(r3, 0x8983, &(0x7f00000002c0)={0x3, 'macvlan1\x00', {0x8}, 0x80}) openat$vcsu(0xffffffffffffff9c, &(0x7f0000000300), 0x2001, 0x0) preadv(0xffffffffffffffff, &(0x7f0000002400)=[{&(0x7f0000000340)=""/4096, 0x1000}, {&(0x7f0000001340)=""/4096, 0x1000}, {&(0x7f0000002340)=""/155, 0x9b}], 0x3, 0x3, 0x9) r4 = syz_genetlink_get_family_id$ethtool(&(0x7f0000002480), 0xffffffffffffffff) ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(r3, 0x89f2, &(0x7f0000002540)={'gre0\x00', &(0x7f00000024c0)={'syztnl0\x00', 0x0, 0x7, 0x8000, 0xf491, 0x8, {{0xa, 0x4, 0x1, 0x3, 0x28, 0x68, 0x0, 0x3, 0x2f, 0x0, @rand_addr=0x64010101, @broadcast, {[@timestamp={0x44, 0x14, 0x46, 0x0, 0x5, [0x0, 0x0, 0x3, 0x10000]}]}}}}}) sendmsg$ETHTOOL_MSG_FEATURES_SET(r3, &(0x7f00000029c0)={&(0x7f0000002440), 0xc, &(0x7f0000002980)={&(0x7f0000002580)={0x3e8, r4, 0x100, 0x70bd27, 0x25dfdbfb, {}, [@ETHTOOL_A_FEATURES_HEADER={0x6c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'gre0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'ip6tnl0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8}]}, @ETHTOOL_A_FEATURES_WANTED={0xc, 0x3, 0x0, 0x1, [@ETHTOOL_A_BITSET_SIZE={0x8, 0x2, 0x4a}]}, @ETHTOOL_A_FEATURES_WANTED={0x2a4, 0x3, 0x0, 0x1, [@ETHTOOL_A_BITSET_MASK={0x8e, 0x5, "534ee555f2dd3df745e15f63760a0451240f9a29464ad2c5ec536a5eaef0be5637109ff169d139d7c381d5be9cd33c5f19d3bb7aa8a16f715c2d4022e61c47c6e82a9635e8ef7c8701c2a2a8d01e5ca7685d3d2d1fa357a4bd75f346fdc9ce7f6010a135e2937c8cbf121fab8a436b4c6e5c11c77980b90f77894df8ad26040d2309728a6e8230633c34"}, @ETHTOOL_A_BITSET_BITS={0x1c, 0x3, 0x0, 0x1, [{0x14, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x8}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}]}, {0x4}]}, @ETHTOOL_A_BITSET_MASK={0x99, 0x5, "ca41e461151bc53adf98d3a71c5696338b891b57b5d8422a6333495d63fd83798f2bd016d8c9ca178f78257385006e0675ecc307362b3269f3ae49fd1060e1739433b737fc1c23a61d0c9bfbe321b230164004b8f0e612cf7d1a6641d8d78cb4d0237fa58815e612fbbe499165c5b789dc50950c2c0bfd5c6e3cf076535c3a2cac1876827646599f03311894c464f526b09e8c82c5"}, @ETHTOOL_A_BITSET_VALUE={0xbd, 0x4, "0ec046b0074a169b3090e6a75e7d5422b1ccb5e2c4774feff55f263eca807b2b2739cc501a1a6d60965fa31c407678d792302f5f64551fe8978b23a00056d5d6496ce5dd8435aec82019f4ffcff8005b51679e925d75f6f1924d673b2f2b5edefb5be7356ec99cf0c89a0fcc907529bb6f0d38acc894f0892d20993978b10235151cf742ffd1074bcaee698b62624278ffcddb6ffc9b51155c2ed412991f2ca534efd43acd7cb3a5ebdf0c656a554b4ce2df99999465bf324b"}, @ETHTOOL_A_BITSET_BITS={0x98, 0x3, 0x0, 0x1, [{0x44, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x2950}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0xf822}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_NAME={0x5, 0x2, '\x00'}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x400}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_NAME={0xc, 0x2, 'ethtool\x00'}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x101}]}, {0x10, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x4}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}]}, {0x40, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0xdc5}, @ETHTOOL_A_BITSET_BIT_NAME={0x11, 0x2, 'net/fib_trie\x00'}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x1}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x8}, @ETHTOOL_A_BITSET_BIT_NAME={0xc, 0x2, 'ethtool\x00'}]}]}]}, @ETHTOOL_A_FEATURES_HEADER={0x44, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'wg0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r5}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_macvtap\x00'}]}, @ETHTOOL_A_FEATURES_WANTED={0x74, 0x3, 0x0, 0x1, [@ETHTOOL_A_BITSET_VALUE={0x6d, 0x4, "d5ba656c65e8b218029ac789cc7bc400ced5c6557a287fd691ddfc37f48459cd1bedc3fd2879ccdca95c8441c81e1abf398c652c5da0cd4fc0de0fffd969e78cde9976185af96f1d7db3817b0df5de799aa22a9c779a785484f49ae33ba082dde4e29ec6290955bb36"}]}]}, 0x3e8}, 0x1, 0x0, 0x0, 0x90}, 0x4048981) r6 = io_uring_setup(0x70ed, &(0x7f0000002a00)={0x0, 0xd559, 0x0, 0x3, 0x2a0, 0x0, r3}) mmap$IORING_OFF_SQES(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x2000000, 0x110, r6, 0x10000000) read(r1, &(0x7f0000002a80)=""/140, 0x8c) 23:09:55 executing program 5: sendmsg$ETHTOOL_MSG_FEATURES_GET(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x2c, 0x0, 0x200, 0x70bd2b, 0x25dfdbff, {}, [@HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}]}, @HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}]}, 0x2c}, 0x1, 0x0, 0x0, 0x4010}, 0x4000) syz_genetlink_get_family_id$tipc(&(0x7f0000000100), 0xffffffffffffffff) r0 = socket$netlink(0x10, 0x3, 0x4) r1 = syz_open_procfs(0x0, &(0x7f0000000140)='net/xfrm_stat\x00') stat(&(0x7f0000001680)='./file0\x00', &(0x7f00000016c0)={0x0, 0x0, 0x0, 0x0, 0x0}) getresgid(&(0x7f0000001740), &(0x7f0000001780)=0x0, &(0x7f00000017c0)) statx(r1, &(0x7f0000001800)='./file0\x00', 0x6400, 0x2, &(0x7f0000001840)={0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f0000001940)=0x0) getresuid(&(0x7f0000001980)=0x0, &(0x7f00000019c0), &(0x7f0000001a00)) recvmsg$unix(r1, &(0x7f0000001d00)={&(0x7f0000001a40), 0x6e, &(0x7f0000001c80)=[{&(0x7f0000001ac0)=""/239, 0xef}, {&(0x7f0000001bc0)=""/188, 0xbc}], 0x2, &(0x7f0000001cc0)=[@cred={{0x1c, 0x1, 0x2, {0x0, 0x0, 0x0}}}], 0x20}, 0x40) sendmmsg$unix(r1, &(0x7f0000001f80)=[{{&(0x7f0000000180)=@abs={0x0, 0x0, 0x4e24}, 0x6e, &(0x7f0000000500)=[{&(0x7f0000000200)}, {&(0x7f0000000240)="3f56c927931415383e0f90f98ca7a4bc4fde79eb16156e65cca2011a69e581e4b52fb2eefc4e0e8643fd21c7d85d382e50742f4ef6a6e7bd21643f27195f258d903f341914488179c4780a7111051ca40b56e386c6a38837b597924d462dc7d89c21e0d0115bbab3b18fdb050af0d31f5fe7a46a1d3cadb5ac821cca72e1b944f2a6045cbd523329ccbec01cc0d909c78b2cd2375cef274ee849fa5c18", 0x9d}, {&(0x7f0000000300)="9bfe0f771835bf8c81991d18f4006b58f42099de88b661d259816138ae322ebc9a16ed21418ffd6965fb9e1c9ad2e06a3bd3127de89692a9739e2e42424d47df258a35bc9002f4c19e092aea5aaeb05a397a2e5a874d837e1f305898b47291a3806e1a93fb1d560b5008dc024e5ad5bb27b6ba83336cf4074abba5a1bda939a0b1b7a5f9a8481a2dbc7f03a203a81d178d4caf0b55b93709ca1048fae8304520a74cd4c65d8f4d932037ef9e142d9891b4a383887ffd73ea", 0xb8}, {&(0x7f00000003c0)="fd4e6f58ee852dd09f773bde8cccc9a824bdb52a4623142900f47cd40f44309fa4c07294cd9fa1d7428f6b4da3aca3cbf11a8099adebba9e5dccbaea3d68a8ca19f0b5e522d9011d99f8f763ad55ee942400c547cfe67cd33fe53bb09b88e242d7924495dc103454f7dbc98a4aa129e8ce62aad96c1a661676eda0db59f4a49be675eecfd935d9969ea5b74bd1a897059e828904c198487f15fcd2f519accc854b5df2d7d9b5ba039141b4cd94f589baf86990bb", 0xb4}, {&(0x7f0000000480)="460c736aa83cbbe30f7469", 0xb}, {&(0x7f00000004c0)="e94ad708aeb19ace73c796e898479248a491db8bfb2585b3235e21f945060281627ed621b9f70275a1447d8564a78bff057ba04cfbf73d7ca95c726a43abcad8", 0x40}], 0x6, &(0x7f0000001d40)=[@rights={{0x18, 0x1, 0x1, [r1, 0xffffffffffffffff]}}, @rights={{0x28, 0x1, 0x1, [r1, r0, r0, r1, r0, r1]}}, @cred={{0x1c, 0x1, 0x2, {0xffffffffffffffff, r2, r3}}}, @rights={{0x2c, 0x1, 0x1, [r0, r1, r0, r1, r0, 0xffffffffffffffff, r0]}}, @cred={{0x1c, 0x1, 0x2, {0x0, r4, 0xffffffffffffffff}}}, @rights={{0x1c, 0x1, 0x1, [r0, r1, r1]}}, @cred={{0x1c, 0x1, 0x2, {r5, r6, r7}}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0xee00, 0xffffffffffffffff}}}], 0x110, 0x20008084}}, {{&(0x7f0000001e80)=@file={0x0, './file0\x00'}, 0x6e, &(0x7f0000001f40)=[{&(0x7f0000001f00)="ce135d2a3270e7ba2756272c25e158df860dcd285560e0a84718493116964d5d360949a6f78adf12e9d1c1cc6fa853af", 0x30}], 0x1, 0x0, 0x0, 0x20004000}}], 0x2, 0x20000000) mknodat$loop(r1, &(0x7f0000002000)='./file0\x00', 0x1, 0x0) setsockopt$inet_pktinfo(r1, 0x0, 0x8, &(0x7f0000002040)={0x0, @private=0xa010101, @loopback}, 0xc) r8 = fcntl$dupfd(r1, 0x0, r0) recvmsg$unix(r8, &(0x7f0000003340)={&(0x7f0000002080)=@abs, 0x6e, &(0x7f0000003200)=[{&(0x7f0000002100)=""/4096, 0x1000}, {&(0x7f0000003100)=""/225, 0xe1}], 0x2, &(0x7f0000003240)=[@cred={{0x1c}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x2c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}], 0xf8}, 0x102) r10 = socket$inet_udp(0x2, 0x2, 0x0) getsockopt$IP_VS_SO_GET_SERVICES(r10, 0x0, 0x482, &(0x7f0000003380)=""/4096, &(0x7f0000004380)=0x1000) r11 = accept(r8, &(0x7f00000043c0)=@l2tp, &(0x7f0000004440)=0x80) r12 = syz_genetlink_get_family_id$devlink(&(0x7f00000044c0), r9) sendmsg$DEVLINK_CMD_SB_POOL_GET(r11, &(0x7f0000004680)={&(0x7f0000004480)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000004640)={&(0x7f0000004500)={0x128, r12, 0x20, 0x70bd2b, 0x25dfdbfe, {}, [{@pci={{0x8}, {0x11}}, {0x8, 0xb, 0x8}, {0x6, 0x11, 0x5}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8}, {0x6, 0x11, 0x1}}, {@pci={{0x8}, {0x11}}, {0x8, 0xb, 0x8}, {0x6, 0x11, 0x1ff}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0xb, 0x9}, {0x6, 0x11, 0x40}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0xb, 0x1000}, {0x6, 0x11, 0x2}}, {@pci={{0x8}, {0x11}}, {0x8, 0xb, 0x7}, {0x6, 0x11, 0x2}}]}, 0x128}, 0x1, 0x0, 0x0, 0x4810}, 0x10) 23:09:55 executing program 2: r0 = signalfd(0xffffffffffffffff, &(0x7f0000002100)={[0x6]}, 0x8) clone3(&(0x7f0000002140)={0x10000900, &(0x7f0000000000)=0xffffffffffffffff, &(0x7f0000000040), &(0x7f0000000080), {0x23}, &(0x7f00000000c0)=""/4096, 0x1000, &(0x7f00000010c0)=""/4096, &(0x7f00000020c0)=[0x0], 0x1, {r0}}, 0x58) r2 = socket$nl_audit(0x10, 0x3, 0x9) mount$9p_fd(0x0, &(0x7f00000021c0)='./file0\x00', &(0x7f0000002200), 0x3018000, &(0x7f0000002240)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@cache_mmap}], [{@obj_user={'obj_user', 0x3d, '\'$'}}, {@appraise_type}, {@hash}, {@context={'context', 0x3d, 'staff_u'}}, {@mask={'mask', 0x3d, 'MAY_WRITE'}}, {@hash}, {@fowner_eq={'fowner', 0x3d, 0xffffffffffffffff}}, {@smackfsroot={'smackfsroot', 0x3d, '*'}}]}}) ioctl$AUTOFS_DEV_IOCTL_OPENMOUNT(r0, 0xc0189374, &(0x7f0000002300)={{0x1, 0x1, 0x18, r2, {0x57c}}, './file0\x00'}) r4 = signalfd(r3, &(0x7f0000002340)={[0x3f]}, 0x8) getsockopt$inet6_IPV6_IPSEC_POLICY(r0, 0x29, 0x22, &(0x7f0000002380)={{{@in6=@private2, @in6=@private2}}, {{@in=@dev}, 0x0, @in=@local}}, &(0x7f0000002480)=0xe8) r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r3, 0x9, 0x0, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f00000024c0)=@IORING_OP_FADVISE={0x18, 0x1, 0x0, @fd_index=0x9, 0x6417, 0x0, 0xf30, 0x0, 0x0, {0x0, r5}}, 0x6) setsockopt$IP_VS_SO_SET_EDIT(r0, 0x0, 0x483, &(0x7f0000002500)={0x11, @local, 0x4e21, 0x0, 'none\x00', 0x13, 0x0, 0xc}, 0x2c) r6 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x810, r4, 0x0) r7 = mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x2000000, 0x13, r0, 0x10000000) syz_io_uring_submit(r6, r7, &(0x7f0000002540)=@IORING_OP_TIMEOUT_REMOVE={0xc, 0x4}, 0x25) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r1, 0x81f8943c, &(0x7f0000002580)={0x0}) ioctl$BTRFS_IOC_TREE_SEARCH(0xffffffffffffffff, 0xd0009411, &(0x7f0000002780)={{r8, 0x0, 0x80000001, 0x3, 0x9, 0x338c, 0x0, 0x9, 0x3ff, 0x80, 0x80000000, 0x3, 0x0, 0x1ff, 0x7fff}}) r9 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0) io_uring_register$IORING_UNREGISTER_PERSONALITY(r4, 0xa, 0x0, r9) r10 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) fsetxattr$security_selinux(r10, &(0x7f0000003780), &(0x7f00000037c0)='system_u:object_r:agp_device_t:s0\x00', 0x22, 0x3) fsconfig$FSCONFIG_SET_STRING(r3, 0x1, &(0x7f0000003800)='\x00', &(0x7f0000003840)='%{[(-:^^\x00', 0x0) 23:09:55 executing program 3: ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(0xffffffffffffffff, 0xc018937e, &(0x7f0000000000)={{0x1, 0x1, 0x18, 0xffffffffffffffff, @out_args}, './file0\x00'}) ioctl$IOC_PR_RELEASE(r0, 0x401070ca, &(0x7f0000000040)={0x3, 0x2, 0x1}) r1 = openat$nvram(0xffffffffffffff9c, &(0x7f0000000080), 0x800, 0x0) r2 = openat(r1, &(0x7f00000000c0)='./file0/file0\x00', 0x30002, 0x82) r3 = dup2(r0, r0) ioctl$IOC_PR_RESERVE(r3, 0x401070c9, &(0x7f0000000100)={0x9, 0x7, 0x1}) r4 = open(&(0x7f0000000140)='./file0/file0\x00', 0x8000, 0x10) pwritev(r4, &(0x7f00000003c0)=[{&(0x7f0000000180)="490ad9341a17e347217cb7a6abb9f82a43d0919387a6c3ec356e3613a66dec3778be70d74c648a8fbea73d68db21c6f2eb042f9d20efbdbe8bc6280a66aa2d2b3f8098a6f290a9d1d1f55699827d9eb388e21f981582a30769268cf8081971c5cb4a5e9992b9609abe4e638c7bda2d17679f7b75", 0x74}, {&(0x7f0000000200)="7c1c919804474f0a780abe0370fb7229d3d7b72d64ca2d4c077534dc3230e1aa3886baf0068153204448ba8771407b88d6", 0x31}, {&(0x7f0000000240)="0f7042c752070f131d275ad24d939208a0a0a0e26e3acd91597119b50caa10439faf5140987a93fc79f01f5defa04ebe801d80d147d3e54dd5e195cad2fd1aefdbbabd7156934146707705006038b95ac6a759aa44304240388fe7c03099af9527d3dfe3a371c1116f682398eb2839feb87b8c850248dfe7a6", 0x79}, {&(0x7f00000002c0)="780571d7ecf7c3e1e0722614a375bb496cbcd4f1f341fce18353fd9b0111c7deb45abf1e17141e069002a66e1d7f327ea4e4a04d879aad3ce117b8a93e2443a2550232914c7117a7c7ccc194b8dde938b747671d2735080fcd05aacf1e4c93acbf0daf03fe38b7e6e00a5537d02228c1d89891ea882dde8760b461b08e276302d124185251d71e7f4dc4472ad3d2a751c66ed1816188b59f556112310f8fdd0990ccd56f74b2a377dc3aacd187a5e5f8f21df5415928dfff036f9e1786ed181b403b08d7", 0xc4}], 0x4, 0x3, 0x100) setsockopt$SO_ATTACH_FILTER(r2, 0x1, 0x1a, &(0x7f0000000440)={0x6, &(0x7f0000000400)=[{0x7, 0x81, 0x5, 0x1}, {0x7ff, 0x3, 0xe3, 0xff}, {0x5, 0x3, 0x7f, 0x7fffffff}, {0x400, 0x80, 0x0, 0xdd01}, {0x1, 0xf9, 0x8, 0x8}, {0x3, 0x6, 0xff}]}, 0x10) r5 = signalfd4(r0, &(0x7f0000000480)={[0x3]}, 0x8, 0x81000) pwritev(r2, &(0x7f00000005c0)=[{&(0x7f00000004c0)="2961ccfa93ceee2b6d05cc911043d4fac511cb6b6cf8b0105b6a48e44a9822e1bd8d32410f15d25efc3bb6cd07f5dd87f7bbc05a252265d9b6c4bd1b819a3e1cccf9ceb8d0a94a5a0c8675e675384bd047679851a2fa2c0f5900bb2d6e5732b88da0176d0b9d121dcd01f3654e4160dc9961c82e3a21b0ad820abd579bb1efb6f1aa756a1fced9bf4032cc04a285003175bf5bc6c83a558ddb0240abb9baf6ca77a181b0d0c8f8cc07b9287febc6291b1e8e48baa5f67eac6ff131f82cf0797760d9352e0d111d37de1aa8370411ab4b42accd4ea2d91f54c186c695206099502946a96035499b253cfb9b3ec1459ae00e9c66d435cb507811f5297f", 0xfc}], 0x1, 0x3, 0x7) r6 = openat$vcsu(0xffffffffffffff9c, &(0x7f0000000600), 0x200000, 0x0) ioctl$SNDRV_SEQ_IOCTL_RUNNING_MODE(r6, 0xc0105303, &(0x7f0000000640)={0x1, 0x1, 0x5}) flistxattr(r1, &(0x7f0000000680)=""/114, 0x72) r7 = accept4(r2, &(0x7f0000000700)=@vsock={0x28, 0x0, 0x0, @hyper}, &(0x7f0000000780)=0x80, 0x180000) sendmsg$sock(r7, &(0x7f0000000900)={&(0x7f00000007c0)=@rc={0x1f, @any, 0x5}, 0x80, &(0x7f0000000880)=[{&(0x7f0000000840)="f5bba7516294d388ea0dd69bd7e8daf8ab696a75ba4d7ee6787f09f2b582068b34f1dddbdd1e74a683a049c66073706c776b58fa0f90255f25829a92478276", 0x3f}], 0x1, &(0x7f00000008c0)=[@txtime={{0x18, 0x1, 0x3d, 0x80}}, @mark={{0x14, 0x1, 0x24, 0xffff8000}}], 0x30}, 0x4000001) ioctl$LOOP_GET_STATUS(r5, 0x4c03, &(0x7f0000000940)) ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(r3, 0xc0189378, &(0x7f0000000a00)={{0x1, 0x1, 0x18, r2, {0xffffffffffffffff}}, './file0\x00'}) accept4$packet(r8, 0x0, &(0x7f0000000a40), 0x80000) syz_io_uring_setup(0x618f, &(0x7f0000000a80)={0x0, 0x386b, 0x8, 0x2, 0x3de, 0x0, r7}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000b00), &(0x7f0000000b40)) 23:09:55 executing program 4: prctl$PR_GET_CHILD_SUBREAPER(0x25) prctl$PR_GET_CHILD_SUBREAPER(0x25) prctl$PR_GET_CHILD_SUBREAPER(0x25) prctl$PR_GET_CHILD_SUBREAPER(0x25) prctl$PR_GET_CHILD_SUBREAPER(0x25) prctl$PR_GET_CHILD_SUBREAPER(0x25) prctl$PR_GET_CHILD_SUBREAPER(0x25) prctl$PR_GET_CHILD_SUBREAPER(0x25) prctl$PR_GET_CHILD_SUBREAPER(0x25) prctl$PR_GET_CHILD_SUBREAPER(0x25) prctl$PR_GET_CHILD_SUBREAPER(0x25) prctl$PR_GET_CHILD_SUBREAPER(0x25) prctl$PR_GET_CHILD_SUBREAPER(0x25) prctl$PR_GET_CHILD_SUBREAPER(0x25) prctl$PR_GET_CHILD_SUBREAPER(0x25) prctl$PR_GET_CHILD_SUBREAPER(0x25) prctl$PR_GET_CHILD_SUBREAPER(0x25) prctl$PR_GET_CHILD_SUBREAPER(0x25) prctl$PR_GET_CHILD_SUBREAPER(0x25) prctl$PR_GET_CHILD_SUBREAPER(0x25) 23:09:55 executing program 6: r0 = gettid() kcmp(r0, r0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff) r1 = fork() r2 = getpgid(r0) rt_tgsigqueueinfo(r1, r2, 0xf, &(0x7f0000000000)={0x2d, 0x9, 0x1}) rt_sigqueueinfo(r1, 0x9, &(0x7f0000000080)={0x28, 0xa67, 0x1}) ioctl$AUTOFS_DEV_IOCTL_VERSION(0xffffffffffffffff, 0xc0189371, &(0x7f0000000180)={{0x1, 0x1, 0x18, 0xffffffffffffffff}, './file0\x00'}) r4 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0xf9, 0x88, 0xff, 0x9, 0x0, 0x1, 0x0, 0x8, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x2, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x434, 0x4, @perf_config_ext={0x8, 0x3}, 0x10010, 0xff, 0x4, 0x6, 0x8, 0x10001, 0x9, 0x0, 0xfff, 0x0, 0x200}, r2, 0xc, r3, 0x8) rt_tgsigqueueinfo(0x0, r0, 0x2e, &(0x7f00000001c0)={0x14, 0x800, 0x200}) ioctl$sock_FIOGETOWN(r3, 0x8903, &(0x7f0000000240)=0x0) r6 = gettid() rt_tgsigqueueinfo(r5, r6, 0x30, &(0x7f0000000280)={0x27, 0x0, 0x43fe}) r7 = openat$cgroup_netprio_ifpriomap(0xffffffffffffffff, &(0x7f0000000300), 0x2, 0x0) fcntl$getown(r7, 0x9) r8 = syz_open_procfs(r1, &(0x7f0000000340)='net/unix\x00') ioctl$AUTOFS_DEV_IOCTL_CATATONIC(r8, 0xc0189379, &(0x7f0000000380)={{0x1, 0x1, 0x18, r7}, './file0\x00'}) ioctl$BINDER_SET_CONTEXT_MGR_EXT(r9, 0x4018620d, &(0x7f00000003c0)={0x73622a85, 0xa, 0x1}) ioctl$AUTOFS_DEV_IOCTL_PROTOVER(r3, 0xc0189372, &(0x7f0000000400)={{0x1, 0x1, 0x18, r3, {0x4}}, './file0\x00'}) openat$cgroup_int(r10, &(0x7f0000000440)='hugetlb.2MB.max_usage_in_bytes\x00', 0x2, 0x0) pread64(r4, &(0x7f0000000480)=""/27, 0x1b, 0x7) [ 69.357621] audit: type=1400 audit(1664060995.923:6): avc: denied { execmem } for pid=285 comm="syz-executor.0" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1 23:09:55 executing program 7: sendmsg$IEEE802154_ASSOCIATE_REQ(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x38, 0x0, 0x400, 0x70bd2d, 0x25dfdbfd, {}, [@IEEE802154_ATTR_PAGE={0x5, 0x1d, 0x4}, @IEEE802154_ATTR_COORD_SHORT_ADDR={0x6, 0x8, 0xffff}, @IEEE802154_ATTR_COORD_PAN_ID={0x6, 0xa, 0x3}, @IEEE802154_ATTR_COORD_HW_ADDR={0xc}]}, 0x38}, 0x1, 0x0, 0x0, 0x4}, 0x40000) sendmsg$NL80211_CMD_GET_MPP(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x38, 0x0, 0x100, 0x70bd25, 0x25dfdbfe, {{}, {@void, @val={0xc, 0x99, {0x0, 0x5f}}}}, [@NL80211_ATTR_MPATH_NEXT_HOP={0xa}, @NL80211_ATTR_MPATH_NEXT_HOP={0xa, 0x1a, @device_b}]}, 0x38}, 0x1, 0x0, 0x0, 0x20000002}, 0x40) sendmsg$DEVLINK_CMD_SB_TC_POOL_BIND_GET(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000240)={0x50, 0x0, 0x800, 0x70bd28, 0x25dfdbfd, {}, [{{@pci={{0x8}, {0x11}}, {0x8, 0x3, 0x3}}, {0x8, 0xb, 0x6}, {0x6, 0x16, 0x200}, {0x5}}]}, 0x50}, 0x1, 0x0, 0x0, 0x20000040}, 0x80) sendmsg$NL802154_CMD_SET_PAN_ID(0xffffffffffffffff, &(0x7f0000000400)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f00000003c0)={&(0x7f0000000380)={0x20, 0x0, 0x100, 0x70bd2a, 0x25dfdbfc, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x300000003}]}, 0x20}, 0x1, 0x0, 0x0, 0x24000040}, 0x8080) sendmsg$DEVLINK_CMD_TRAP_GROUP_SET(0xffffffffffffffff, &(0x7f0000000540)={&(0x7f0000000440)={0x10, 0x0, 0x0, 0xc}, 0xc, &(0x7f0000000500)={&(0x7f0000000480)={0x48, 0x0, 0x8, 0x70bd25, 0x25dfdbfd, {}, [{@pci={{0x8}, {0x11}}, {0xd}, {0x5}}]}, 0x48}, 0x1, 0x0, 0x0, 0x44010}, 0x44) r0 = syz_genetlink_get_family_id$tipc(&(0x7f00000005c0), 0xffffffffffffffff) sendmsg$TIPC_CMD_SET_NODE_ADDR(0xffffffffffffffff, &(0x7f0000000680)={&(0x7f0000000580)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000640)={&(0x7f0000000600)={0x24, r0, 0x200, 0x70bd29, 0x25dfdbff, {{}, {}, {0x8, 0x11, 0x3}}, ["", "", "", "", ""]}, 0x24}, 0x1, 0x0, 0x0, 0x24000000}, 0x804) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f00000006c0)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0xee01, 0xee01}}, './file0\x00'}) r2 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000740), 0xffffffffffffffff) sendmsg$MPTCP_PM_CMD_FLUSH_ADDRS(r1, &(0x7f0000000800)={&(0x7f0000000700)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f00000007c0)={&(0x7f0000000780)={0x1c, r2, 0x8, 0x70bd2d, 0x25dfdbfc, {}, [@MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x5}, 0x81) ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000880)={'wpan0\x00', 0x0}) ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f00000008c0)={'wpan0\x00', 0x0}) sendmsg$NL802154_CMD_SET_MAX_FRAME_RETRIES(0xffffffffffffffff, &(0x7f00000009c0)={&(0x7f0000000840)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000980)={&(0x7f0000000900)={0x58, 0x0, 0x400, 0x70bd2d, 0x25dfdbfb, {}, [@NL802154_ATTR_MAX_FRAME_RETRIES={0x5, 0xf, 0x3}, @NL802154_ATTR_MAX_FRAME_RETRIES={0x5, 0xf, 0x3}, @NL802154_ATTR_MAX_FRAME_RETRIES={0x5}, @NL802154_ATTR_IFINDEX={0x8}, @NL802154_ATTR_WPAN_DEV={0xc}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r3}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r4}, @NL802154_ATTR_IFINDEX={0x8}]}, 0x58}, 0x1, 0x0, 0x0, 0x4}, 0x48800) sendmsg$DEVLINK_CMD_SB_POOL_GET(r1, &(0x7f0000000c40)={&(0x7f0000000a00)={0x10, 0x0, 0x0, 0x2000020}, 0xc, &(0x7f0000000c00)={&(0x7f0000000a40)={0x188, 0x0, 0x800, 0x70bd2b, 0x25dfdbfb, {}, [{@pci={{0x8}, {0x11}}, {0x8, 0xb, 0x3}, {0x6, 0x11, 0x3f}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0xb, 0x3}, {0x6, 0x11, 0x9732}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0xb, 0x8}, {0x6, 0x11, 0x5}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0xb, 0x1}, {0x6, 0x11, 0x40}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0xb, 0x3}, {0x6, 0x11, 0x6}}, {@pci={{0x8}, {0x11}}, {0x8, 0xb, 0xae2}, {0x6, 0x11, 0x4}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0xb, 0x2}, {0x6, 0x11, 0x83}}, {@pci={{0x8}, {0x11}}, {0x8, 0xb, 0x9}, {0x6, 0x11, 0x1f}}]}, 0x188}, 0x1, 0x0, 0x0, 0x5}, 0x8000) sendmsg$NL80211_CMD_GET_REG(r1, &(0x7f0000000dc0)={&(0x7f0000000c80)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000d80)={&(0x7f0000000cc0)={0xa8, 0x0, 0x8, 0x70bd2c, 0x25dfdbfc, {}, [@NL80211_ATTR_REG_RULES={0x7c, 0x22, 0x0, 0x1, [{0x4}, {0xc, 0x0, 0x0, 0x1, [@NL80211_ATTR_DFS_CAC_TIME={0x8, 0x7, 0x1}]}, {0x1c, 0x0, 0x0, 0x1, [@NL80211_ATTR_REG_RULE_FLAGS={0x8, 0x1, 0x3}, @NL80211_ATTR_POWER_RULE_MAX_EIRP={0x8, 0x6, 0xe00}, @NL80211_ATTR_FREQ_RANGE_MAX_BW={0x8, 0x4, 0x4b}]}, {0xc, 0x0, 0x0, 0x1, [@NL80211_ATTR_FREQ_RANGE_END={0x8, 0x3, 0x10000}]}, {0x24, 0x0, 0x0, 0x1, [@NL80211_ATTR_REG_RULE_FLAGS={0x8, 0x1, 0x7ff}, @NL80211_ATTR_POWER_RULE_MAX_ANT_GAIN={0x8, 0x5, 0xff}, @NL80211_ATTR_REG_RULE_FLAGS={0x8, 0x1, 0xffff}, @NL80211_ATTR_POWER_RULE_MAX_ANT_GAIN={0x8, 0x5, 0x6}]}, {0x1c, 0x0, 0x0, 0x1, [@NL80211_ATTR_DFS_CAC_TIME={0x8, 0x7, 0x7}, @NL80211_ATTR_FREQ_RANGE_START={0x8, 0x2, 0xffffff81}, @NL80211_ATTR_FREQ_RANGE_END={0x8, 0x3, 0x23143e8e}]}]}, @NL80211_ATTR_WIPHY={0x8, 0x1, 0x79}, @NL80211_ATTR_DFS_REGION={0x5, 0x92, 0xb9}, @NL80211_ATTR_USER_REG_HINT_TYPE={0x8}]}, 0xa8}, 0x1, 0x0, 0x0, 0x40000}, 0xc004) sendmsg$NL80211_CMD_UPDATE_FT_IES(r1, &(0x7f0000000ec0)={&(0x7f0000000e00)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000e80)={&(0x7f0000000e40)={0x28, 0x0, 0x20, 0x70bd27, 0x25dfdbfb, {{}, {@void, @val={0xc, 0x99, {0x0, 0xd}}}}, [@NL80211_ATTR_MDID={0x6, 0xb1, 0x1000}]}, 0x28}, 0x1, 0x0, 0x0, 0xc5}, 0x20000811) r5 = dup3(r1, r1, 0x0) preadv(r5, &(0x7f0000000f40)=[{&(0x7f0000000f00)}], 0x1, 0x2, 0x5) sendmsg$IEEE802154_LLSEC_ADD_DEV(0xffffffffffffffff, &(0x7f0000001040)={&(0x7f0000000f80)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000001000)={&(0x7f0000000fc0)={0x2c, 0x0, 0x10, 0x70bd2c, 0x25dfdbfd, {}, [@IEEE802154_ATTR_LLSEC_FRAME_COUNTER={0x8, 0x2f, 0x4}, @IEEE802154_ATTR_SHORT_ADDR={0x6, 0x4, 0xaaa2}, @IEEE802154_ATTR_LLSEC_DEV_OVERRIDE={0x5, 0x36, 0x1}]}, 0x2c}, 0x1, 0x0, 0x0, 0x24000840}, 0x24000084) sendmsg$NL802154_CMD_GET_SEC_DEVKEY(0xffffffffffffffff, &(0x7f00000011c0)={&(0x7f0000001080)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000001180)={&(0x7f0000001100)={0x6c, 0x0, 0x400, 0x70bd2a, 0x25dfdbfc, {}, [@NL802154_ATTR_IFINDEX={0x8}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x2}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r4}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x300000003}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x300000003}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x300000000}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x100000001}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x2}]}, 0x6c}, 0x1, 0x0, 0x0, 0x20000000}, 0x4000011) [ 70.789016] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 70.790946] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 70.792150] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 70.793685] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 70.794974] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 70.796146] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 70.797321] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 70.799371] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 70.800544] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 70.801537] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 70.802542] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 70.803569] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 70.804731] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 70.805709] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 70.806952] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 70.808992] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 70.810610] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 70.811581] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 70.812604] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 70.813644] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 70.814914] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 70.816180] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 70.817535] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 70.818760] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 70.824237] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 70.825477] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 70.828298] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 70.829370] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 70.829640] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 70.830908] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 70.835324] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 70.836279] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 70.837233] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 70.838305] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 70.839673] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 70.839746] Bluetooth: hci7: HCI_REQ-0x0c1a [ 70.842119] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 70.842205] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 70.844688] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 70.845995] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 70.847257] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 70.853126] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 70.854441] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 70.855657] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 70.857055] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 70.861334] Bluetooth: hci3: HCI_REQ-0x0c1a [ 70.861426] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 70.863286] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 70.872981] Bluetooth: hci5: HCI_REQ-0x0c1a [ 70.879291] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 70.880590] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 70.883927] Bluetooth: hci6: HCI_REQ-0x0c1a [ 70.884665] Bluetooth: hci1: HCI_REQ-0x0c1a [ 70.887606] Bluetooth: hci0: HCI_REQ-0x0c1a [ 70.888428] Bluetooth: hci4: HCI_REQ-0x0c1a [ 70.906271] Bluetooth: hci2: HCI_REQ-0x0c1a [ 72.888281] Bluetooth: hci7: command 0x0409 tx timeout [ 72.889274] Bluetooth: hci5: command 0x0409 tx timeout [ 72.889765] Bluetooth: hci3: command 0x0409 tx timeout [ 72.951931] Bluetooth: hci1: command 0x0409 tx timeout [ 72.952592] Bluetooth: hci4: command 0x0409 tx timeout [ 72.953183] Bluetooth: hci2: command 0x0409 tx timeout [ 72.953669] Bluetooth: hci6: command 0x0409 tx timeout [ 72.954169] Bluetooth: hci0: command 0x0409 tx timeout [ 74.936021] Bluetooth: hci3: command 0x041b tx timeout [ 74.936811] Bluetooth: hci5: command 0x041b tx timeout [ 74.937607] Bluetooth: hci7: command 0x041b tx timeout [ 75.000352] Bluetooth: hci0: command 0x041b tx timeout [ 75.001723] Bluetooth: hci6: command 0x041b tx timeout [ 75.002488] Bluetooth: hci2: command 0x041b tx timeout [ 75.003240] Bluetooth: hci4: command 0x041b tx timeout [ 75.003969] Bluetooth: hci1: command 0x041b tx timeout [ 76.983971] Bluetooth: hci7: command 0x040f tx timeout [ 76.984443] Bluetooth: hci5: command 0x040f tx timeout [ 76.984873] Bluetooth: hci3: command 0x040f tx timeout [ 77.047906] Bluetooth: hci1: command 0x040f tx timeout [ 77.048318] Bluetooth: hci4: command 0x040f tx timeout [ 77.048707] Bluetooth: hci2: command 0x040f tx timeout [ 77.049146] Bluetooth: hci6: command 0x040f tx timeout [ 77.049542] Bluetooth: hci0: command 0x040f tx timeout [ 79.032896] Bluetooth: hci3: command 0x0419 tx timeout [ 79.033370] Bluetooth: hci5: command 0x0419 tx timeout [ 79.033819] Bluetooth: hci7: command 0x0419 tx timeout [ 79.095950] Bluetooth: hci0: command 0x0419 tx timeout [ 79.096380] Bluetooth: hci6: command 0x0419 tx timeout [ 79.096765] Bluetooth: hci2: command 0x0419 tx timeout [ 79.097195] Bluetooth: hci4: command 0x0419 tx timeout [ 79.097607] Bluetooth: hci1: command 0x0419 tx timeout [ 122.586372] audit: type=1400 audit(1664061049.151:7): avc: denied { open } for pid=3938 comm="syz-executor.6" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 [ 122.620192] audit: type=1400 audit(1664061049.186:8): avc: denied { relabelto } for pid=3947 comm="syz-executor.2" name="SCO" dev="sockfs" ino=13762 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:object_r:agp_device_t:s0 tclass=bluetooth_socket permissive=1 23:11:05 executing program 1: mkdir(&(0x7f0000003b80)='./file0\x00', 0x0) stat(&(0x7f0000000080)='./file0\x00', &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0}) setresuid(0x0, r0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') 23:11:05 executing program 0: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736642a3c400088001000440000004f801", 0x17}, {&(0x7f0000010500)="53595a4b414c4c45522020080000ec80325132510000ec80325100000000000041", 0x21, 0x2800}], 0x0, &(0x7f0000010f00)=ANY=[@ANYBLOB=' ']) utimensat(r0, &(0x7f0000000040)='./file0\x00', 0x0, 0x0) 23:11:05 executing program 7: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') r1 = openat(r0, &(0x7f0000000100)='./file1\x00', 0x141042, 0x22) pwritev(r1, &(0x7f0000000640)=[{&(0x7f00000002c0)="02", 0x1}], 0x1, 0x7fffffe, 0x0) truncate(&(0x7f0000000200)='./file1\x00', 0x80) r2 = getpgrp(0xffffffffffffffff) pwritev(r1, &(0x7f0000000300)=[{&(0x7f0000000240)="a3d1112c4b2c8aba23dadff12b83128aa9dbee236a29f81c20aa756479d285ae8146c09e1466e63445172acd519c740ec673939c6790a6e626c2b48535d3b2ca43d3f4", 0x43}], 0x1, 0x2, 0x7) capget(&(0x7f00000000c0)={0x19980330, r2}, &(0x7f0000000100)) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r1, 0xc018937b, &(0x7f0000000440)={{0x1, 0x1, 0x18, r1, {0xee00, 0xee01}}, './file1\x00'}) ioctl$EXT4_IOC_GET_ES_CACHE(r3, 0xc020662a, &(0x7f0000000480)={0x3782, 0x8, 0x1, 0x1, 0x5, [{0x7, 0x2, 0x9, '\x00', 0x804}, {0xfffffffffffffff8, 0x2, 0x6, '\x00', 0x388c}, {0x2, 0x3f22, 0x9, '\x00', 0x1908}, {0x81, 0xffffffffffff51cb, 0x1, '\x00', 0x800}, {0x49b2, 0x0, 0x7, '\x00', 0x2808}]}) r4 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x26e1, 0x0) ioctl$SG_GET_NUM_WAITING(r4, 0x227d, &(0x7f0000000100)) r5 = socket$inet6(0xa, 0x1, 0x0) openat(r1, &(0x7f0000000400)='./file0\x00', 0x30000, 0x100) getsockopt$SO_COOKIE(r5, 0x1, 0x47, &(0x7f0000000000), &(0x7f0000000040)=0x8) ioctl$sock_TIOCINQ(0xffffffffffffffff, 0x541b, &(0x7f00000003c0)) 23:11:05 executing program 6: r0 = gettid() kcmp(r0, r0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff) r1 = fork() r2 = getpgid(r0) rt_tgsigqueueinfo(r1, r2, 0xf, &(0x7f0000000000)={0x2d, 0x9, 0x1}) rt_sigqueueinfo(r1, 0x9, &(0x7f0000000080)={0x28, 0xa67, 0x1}) ioctl$AUTOFS_DEV_IOCTL_VERSION(0xffffffffffffffff, 0xc0189371, &(0x7f0000000180)={{0x1, 0x1, 0x18, 0xffffffffffffffff}, './file0\x00'}) r4 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0xf9, 0x88, 0xff, 0x9, 0x0, 0x1, 0x0, 0x8, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x2, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x434, 0x4, @perf_config_ext={0x8, 0x3}, 0x10010, 0xff, 0x4, 0x6, 0x8, 0x10001, 0x9, 0x0, 0xfff, 0x0, 0x200}, r2, 0xc, r3, 0x8) rt_tgsigqueueinfo(0x0, r0, 0x2e, &(0x7f00000001c0)={0x14, 0x800, 0x200}) ioctl$sock_FIOGETOWN(r3, 0x8903, &(0x7f0000000240)=0x0) r6 = gettid() rt_tgsigqueueinfo(r5, r6, 0x30, &(0x7f0000000280)={0x27, 0x0, 0x43fe}) r7 = openat$cgroup_netprio_ifpriomap(0xffffffffffffffff, &(0x7f0000000300), 0x2, 0x0) fcntl$getown(r7, 0x9) r8 = syz_open_procfs(r1, &(0x7f0000000340)='net/unix\x00') ioctl$AUTOFS_DEV_IOCTL_CATATONIC(r8, 0xc0189379, &(0x7f0000000380)={{0x1, 0x1, 0x18, r7}, './file0\x00'}) ioctl$BINDER_SET_CONTEXT_MGR_EXT(r9, 0x4018620d, &(0x7f00000003c0)={0x73622a85, 0xa, 0x1}) ioctl$AUTOFS_DEV_IOCTL_PROTOVER(r3, 0xc0189372, &(0x7f0000000400)={{0x1, 0x1, 0x18, r3, {0x4}}, './file0\x00'}) openat$cgroup_int(r10, &(0x7f0000000440)='hugetlb.2MB.max_usage_in_bytes\x00', 0x2, 0x0) pread64(r4, &(0x7f0000000480)=""/27, 0x1b, 0x7) 23:11:05 executing program 4: r0 = socket$netlink(0x10, 0x3, 0xf) sendmsg$IPSET_CMD_RENAME(r0, &(0x7f0000000300)={&(0x7f00000043c0)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000004440)={&(0x7f0000004400)={0x14, 0x5, 0x6, 0x5}, 0x14}, 0x1, 0x0, 0x0, 0x20004800}, 0x0) sendmsg$DEVLINK_CMD_PORT_SET(r0, &(0x7f0000000240)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x800}, 0xc, 0x0}, 0x40000) syz_io_uring_setup(0xaaf, &(0x7f0000000200), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000380)) ioctl$AUTOFS_DEV_IOCTL_READY(0xffffffffffffffff, 0xc0189376, &(0x7f00000035c0)={{0x1, 0x1, 0x18, r0, {0x9}}, './file0\x00'}) syz_init_net_socket$802154_raw(0x24, 0x3, 0x0) ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f0000000100)=0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r2, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r3 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000140)={0x0, 0x0, 0x0}, &(0x7f0000000040)=0xc) sendmmsg$inet6(0xffffffffffffffff, &(0x7f00000048c0)=[{{&(0x7f00000000c0)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c, 0x0}}], 0x1, 0x0) kcmp$KCMP_EPOLL_TFD(0x0, r2, 0x7, 0xffffffffffffffff, &(0x7f0000001b40)={r1, 0xffffffffffffffff, 0x6}) stat(&(0x7f0000000240)='./file0\x00', &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) setresuid(0x0, r7, 0x0) ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000180)=ANY=[@ANYRES32=r8, @ANYRES32=r3, @ANYRES32=r6, @ANYRESHEX=r5, @ANYRES64, @ANYRESOCT, @ANYRES64=r4, @ANYRES32, @ANYRESOCT]) r9 = openat$sr(0xffffffffffffff9c, &(0x7f00000001c0), 0x105802, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x1000004, 0x2811, r9, 0x0) close(r9) syz_io_uring_setup(0xaaf, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r9}, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000380)) sendmsg$netlink(0xffffffffffffffff, 0x0, 0x4801) [ 139.392152] loop0: detected capacity change from 0 to 40 [ 139.395210] FAT-fs (loop0): Unrecognized mount option " " or missing value [ 139.409233] loop7: detected capacity change from 0 to 40 23:11:05 executing program 2: r0 = signalfd(0xffffffffffffffff, &(0x7f0000002100)={[0x6]}, 0x8) clone3(&(0x7f0000002140)={0x10000900, &(0x7f0000000000)=0xffffffffffffffff, &(0x7f0000000040), &(0x7f0000000080), {0x23}, &(0x7f00000000c0)=""/4096, 0x1000, &(0x7f00000010c0)=""/4096, &(0x7f00000020c0)=[0x0], 0x1, {r0}}, 0x58) r2 = socket$nl_audit(0x10, 0x3, 0x9) mount$9p_fd(0x0, &(0x7f00000021c0)='./file0\x00', &(0x7f0000002200), 0x3018000, &(0x7f0000002240)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@cache_mmap}], [{@obj_user={'obj_user', 0x3d, '\'$'}}, {@appraise_type}, {@hash}, {@context={'context', 0x3d, 'staff_u'}}, {@mask={'mask', 0x3d, 'MAY_WRITE'}}, {@hash}, {@fowner_eq={'fowner', 0x3d, 0xffffffffffffffff}}, {@smackfsroot={'smackfsroot', 0x3d, '*'}}]}}) ioctl$AUTOFS_DEV_IOCTL_OPENMOUNT(r0, 0xc0189374, &(0x7f0000002300)={{0x1, 0x1, 0x18, r2, {0x57c}}, './file0\x00'}) r4 = signalfd(r3, &(0x7f0000002340)={[0x3f]}, 0x8) getsockopt$inet6_IPV6_IPSEC_POLICY(r0, 0x29, 0x22, &(0x7f0000002380)={{{@in6=@private2, @in6=@private2}}, {{@in=@dev}, 0x0, @in=@local}}, &(0x7f0000002480)=0xe8) r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r3, 0x9, 0x0, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f00000024c0)=@IORING_OP_FADVISE={0x18, 0x1, 0x0, @fd_index=0x9, 0x6417, 0x0, 0xf30, 0x0, 0x0, {0x0, r5}}, 0x6) setsockopt$IP_VS_SO_SET_EDIT(r0, 0x0, 0x483, &(0x7f0000002500)={0x11, @local, 0x4e21, 0x0, 'none\x00', 0x13, 0x0, 0xc}, 0x2c) r6 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x810, r4, 0x0) r7 = mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x2000000, 0x13, r0, 0x10000000) syz_io_uring_submit(r6, r7, &(0x7f0000002540)=@IORING_OP_TIMEOUT_REMOVE={0xc, 0x4}, 0x25) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r1, 0x81f8943c, &(0x7f0000002580)={0x0}) ioctl$BTRFS_IOC_TREE_SEARCH(0xffffffffffffffff, 0xd0009411, &(0x7f0000002780)={{r8, 0x0, 0x80000001, 0x3, 0x9, 0x338c, 0x0, 0x9, 0x3ff, 0x80, 0x80000000, 0x3, 0x0, 0x1ff, 0x7fff}}) r9 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0) io_uring_register$IORING_UNREGISTER_PERSONALITY(r4, 0xa, 0x0, r9) r10 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) fsetxattr$security_selinux(r10, &(0x7f0000003780), &(0x7f00000037c0)='system_u:object_r:agp_device_t:s0\x00', 0x22, 0x3) fsconfig$FSCONFIG_SET_STRING(r3, 0x1, &(0x7f0000003800)='\x00', &(0x7f0000003840)='%{[(-:^^\x00', 0x0) 23:11:05 executing program 3: r0 = gettid() kcmp(r0, r0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff) r1 = fork() r2 = getpgid(r0) rt_tgsigqueueinfo(r1, r2, 0xf, &(0x7f0000000000)={0x2d, 0x9, 0x1}) rt_sigqueueinfo(r1, 0x9, &(0x7f0000000080)={0x28, 0xa67, 0x1}) ioctl$AUTOFS_DEV_IOCTL_VERSION(0xffffffffffffffff, 0xc0189371, &(0x7f0000000180)={{0x1, 0x1, 0x18, 0xffffffffffffffff}, './file0\x00'}) r4 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0xf9, 0x88, 0xff, 0x9, 0x0, 0x1, 0x0, 0x8, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x2, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x434, 0x4, @perf_config_ext={0x8, 0x3}, 0x10010, 0xff, 0x4, 0x6, 0x8, 0x10001, 0x9, 0x0, 0xfff, 0x0, 0x200}, r2, 0xc, r3, 0x8) rt_tgsigqueueinfo(0x0, r0, 0x2e, &(0x7f00000001c0)={0x14, 0x800, 0x200}) ioctl$sock_FIOGETOWN(r3, 0x8903, &(0x7f0000000240)=0x0) r6 = gettid() rt_tgsigqueueinfo(r5, r6, 0x30, &(0x7f0000000280)={0x27, 0x0, 0x43fe}) r7 = openat$cgroup_netprio_ifpriomap(0xffffffffffffffff, &(0x7f0000000300), 0x2, 0x0) fcntl$getown(r7, 0x9) r8 = syz_open_procfs(r1, &(0x7f0000000340)='net/unix\x00') ioctl$AUTOFS_DEV_IOCTL_CATATONIC(r8, 0xc0189379, &(0x7f0000000380)={{0x1, 0x1, 0x18, r7}, './file0\x00'}) ioctl$BINDER_SET_CONTEXT_MGR_EXT(r9, 0x4018620d, &(0x7f00000003c0)={0x73622a85, 0xa, 0x1}) ioctl$AUTOFS_DEV_IOCTL_PROTOVER(r3, 0xc0189372, &(0x7f0000000400)={{0x1, 0x1, 0x18, r3, {0x4}}, './file0\x00'}) openat$cgroup_int(r10, &(0x7f0000000440)='hugetlb.2MB.max_usage_in_bytes\x00', 0x2, 0x0) pread64(r4, &(0x7f0000000480)=""/27, 0x1b, 0x7) 23:11:05 executing program 5: syz_usb_connect(0x1, 0x2d, &(0x7f00000000c0)=ANY=[@ANYBLOB="12010000d6b80e0004234206ce41de01030109021b00010000000009040000ef5aac0000090500000000000000"], 0x0) [ 139.429330] loop0: detected capacity change from 0 to 40 [ 139.431921] FAT-fs (loop0): Unrecognized mount option " " or missing value [ 139.434673] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 139.442315] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 139.467971] audit: type=1400 audit(1664061066.034:9): avc: denied { kernel } for pid=3984 comm="syz-executor.4" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 [ 139.483637] ------------[ cut here ]------------ [ 139.483670] [ 139.483675] ====================================================== [ 139.483682] WARNING: possible circular locking dependency detected [ 139.483688] 6.0.0-rc6-next-20220923 #1 Not tainted [ 139.483701] ------------------------------------------------------ [ 139.483707] syz-executor.4/3988 is trying to acquire lock: [ 139.483718] ffffffff853faaf8 ((console_sem).lock){....}-{2:2}, at: down_trylock+0xe/0x70 [ 139.483786] [ 139.483786] but task is already holding lock: [ 139.483792] ffff88804038fc20 (&ctx->lock){....}-{2:2}, at: __perf_event_task_sched_out+0x53b/0x18d0 [ 139.483852] [ 139.483852] which lock already depends on the new lock. [ 139.483852] [ 139.483858] [ 139.483858] the existing dependency chain (in reverse order) is: [ 139.483864] [ 139.483864] -> #3 (&ctx->lock){....}-{2:2}: [ 139.483890] _raw_spin_lock+0x2a/0x40 [ 139.483927] __perf_event_task_sched_out+0x53b/0x18d0 [ 139.483951] __schedule+0xedd/0x2470 [ 139.483977] schedule+0xda/0x1b0 [ 139.484002] exit_to_user_mode_prepare+0x114/0x1a0 [ 139.484024] syscall_exit_to_user_mode+0x19/0x40 [ 139.484048] do_syscall_64+0x48/0x90 [ 139.484080] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 139.484104] [ 139.484104] -> #2 (&rq->__lock){-.-.}-{2:2}: [ 139.484131] _raw_spin_lock_nested+0x30/0x40 [ 139.484166] raw_spin_rq_lock_nested+0x1e/0x30 23:11:06 executing program 2: r0 = signalfd(0xffffffffffffffff, &(0x7f0000002100)={[0x6]}, 0x8) clone3(&(0x7f0000002140)={0x10000900, &(0x7f0000000000)=0xffffffffffffffff, &(0x7f0000000040), &(0x7f0000000080), {0x23}, &(0x7f00000000c0)=""/4096, 0x1000, &(0x7f00000010c0)=""/4096, &(0x7f00000020c0)=[0x0], 0x1, {r0}}, 0x58) r2 = socket$nl_audit(0x10, 0x3, 0x9) mount$9p_fd(0x0, &(0x7f00000021c0)='./file0\x00', &(0x7f0000002200), 0x3018000, &(0x7f0000002240)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@cache_mmap}], [{@obj_user={'obj_user', 0x3d, '\'$'}}, {@appraise_type}, {@hash}, {@context={'context', 0x3d, 'staff_u'}}, {@mask={'mask', 0x3d, 'MAY_WRITE'}}, {@hash}, {@fowner_eq={'fowner', 0x3d, 0xffffffffffffffff}}, {@smackfsroot={'smackfsroot', 0x3d, '*'}}]}}) ioctl$AUTOFS_DEV_IOCTL_OPENMOUNT(r0, 0xc0189374, &(0x7f0000002300)={{0x1, 0x1, 0x18, r2, {0x57c}}, './file0\x00'}) r4 = signalfd(r3, &(0x7f0000002340)={[0x3f]}, 0x8) getsockopt$inet6_IPV6_IPSEC_POLICY(r0, 0x29, 0x22, &(0x7f0000002380)={{{@in6=@private2, @in6=@private2}}, {{@in=@dev}, 0x0, @in=@local}}, &(0x7f0000002480)=0xe8) r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r3, 0x9, 0x0, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f00000024c0)=@IORING_OP_FADVISE={0x18, 0x1, 0x0, @fd_index=0x9, 0x6417, 0x0, 0xf30, 0x0, 0x0, {0x0, r5}}, 0x6) setsockopt$IP_VS_SO_SET_EDIT(r0, 0x0, 0x483, &(0x7f0000002500)={0x11, @local, 0x4e21, 0x0, 'none\x00', 0x13, 0x0, 0xc}, 0x2c) r6 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x810, r4, 0x0) r7 = mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x2000000, 0x13, r0, 0x10000000) syz_io_uring_submit(r6, r7, &(0x7f0000002540)=@IORING_OP_TIMEOUT_REMOVE={0xc, 0x4}, 0x25) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r1, 0x81f8943c, &(0x7f0000002580)={0x0}) ioctl$BTRFS_IOC_TREE_SEARCH(0xffffffffffffffff, 0xd0009411, &(0x7f0000002780)={{r8, 0x0, 0x80000001, 0x3, 0x9, 0x338c, 0x0, 0x9, 0x3ff, 0x80, 0x80000000, 0x3, 0x0, 0x1ff, 0x7fff}}) r9 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0) io_uring_register$IORING_UNREGISTER_PERSONALITY(r4, 0xa, 0x0, r9) r10 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) fsetxattr$security_selinux(r10, &(0x7f0000003780), &(0x7f00000037c0)='system_u:object_r:agp_device_t:s0\x00', 0x22, 0x3) fsconfig$FSCONFIG_SET_STRING(r3, 0x1, &(0x7f0000003800)='\x00', &(0x7f0000003840)='%{[(-:^^\x00', 0x0) 23:11:06 executing program 0: socketpair(0x0, 0x0, 0x0, &(0x7f0000000240)) syz_mount_image$nfs(&(0x7f00000007c0), 0x0, 0x0, 0x0, &(0x7f0000000880), 0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="fc"]) [ 139.484191] task_fork_fair+0x63/0x4d0 [ 139.484223] sched_cgroup_fork+0x3d0/0x540 [ 139.484250] copy_process+0x4183/0x6e20 [ 139.484269] kernel_clone+0xe7/0x890 [ 139.484287] user_mode_thread+0xad/0xf0 [ 139.484307] rest_init+0x24/0x250 [ 139.484329] arch_call_rest_init+0xf/0x14 [ 139.484362] start_kernel+0x4c1/0x4e6 [ 139.484391] secondary_startup_64_no_verify+0xe0/0xeb [ 139.484418] [ 139.484418] -> #1 (&p->pi_lock){-.-.}-{2:2}: [ 139.484444] _raw_spin_lock_irqsave+0x39/0x60 [ 139.484480] try_to_wake_up+0xab/0x1930 [ 139.484506] up+0x75/0xb0 [ 139.484532] __up_console_sem+0x6e/0x80 [ 139.484561] console_unlock+0x46a/0x590 [ 139.484592] vprintk_emit+0x1bd/0x560 [ 139.484623] vprintk+0x84/0xa0 [ 139.484654] _printk+0xba/0xf1 [ 139.484674] kauditd_hold_skb.cold+0x3f/0x4e [ 139.484707] kauditd_send_queue+0x233/0x290 [ 139.484734] kauditd_thread+0x5da/0x9a0 [ 139.484761] kthread+0x2ed/0x3a0 [ 139.484788] ret_from_fork+0x22/0x30 [ 139.484812] [ 139.484812] -> #0 ((console_sem).lock){....}-{2:2}: [ 139.484839] __lock_acquire+0x2a02/0x5e70 [ 139.484871] lock_acquire+0x1a2/0x530 [ 139.484901] _raw_spin_lock_irqsave+0x39/0x60 [ 139.484937] down_trylock+0xe/0x70 [ 139.484966] __down_trylock_console_sem+0x3b/0xd0 [ 139.484997] vprintk_emit+0x16b/0x560 [ 139.485028] vprintk+0x84/0xa0 [ 139.485059] _printk+0xba/0xf1 [ 139.485078] report_bug.cold+0x72/0xab [ 139.485109] handle_bug+0x3c/0x70 [ 139.485140] exc_invalid_op+0x14/0x50 [ 139.485173] asm_exc_invalid_op+0x16/0x20 [ 139.485195] group_sched_out.part.0+0x2c7/0x460 [ 139.485216] ctx_sched_out+0x8f1/0xc10 [ 139.485236] __perf_event_task_sched_out+0x6d0/0x18d0 [ 139.485260] __schedule+0xedd/0x2470 [ 139.485286] schedule+0xda/0x1b0 [ 139.485311] exit_to_user_mode_prepare+0x114/0x1a0 [ 139.485332] syscall_exit_to_user_mode+0x19/0x40 [ 139.485355] do_syscall_64+0x48/0x90 [ 139.485387] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 139.485411] [ 139.485411] other info that might help us debug this: [ 139.485411] [ 139.485416] Chain exists of: [ 139.485416] (console_sem).lock --> &rq->__lock --> &ctx->lock [ 139.485416] [ 139.485445] Possible unsafe locking scenario: [ 139.485445] [ 139.485449] CPU0 CPU1 [ 139.485454] ---- ---- [ 139.485458] lock(&ctx->lock); [ 139.485469] lock(&rq->__lock); [ 139.485481] lock(&ctx->lock); [ 139.485493] lock((console_sem).lock); [ 139.485505] [ 139.485505] *** DEADLOCK *** [ 139.485505] [ 139.485508] 2 locks held by syz-executor.4/3988: [ 139.485521] #0: ffff88806ce37d18 (&rq->__lock){-.-.}-{2:2}, at: __schedule+0x1cf/0x2470 [ 139.485578] #1: ffff88804038fc20 (&ctx->lock){....}-{2:2}, at: __perf_event_task_sched_out+0x53b/0x18d0 [ 139.485633] [ 139.485633] stack backtrace: [ 139.485638] CPU: 0 PID: 3988 Comm: syz-executor.4 Not tainted 6.0.0-rc6-next-20220923 #1 [ 139.485662] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 139.485676] Call Trace: [ 139.485682] [ 139.485689] dump_stack_lvl+0x8b/0xb3 [ 139.485724] check_noncircular+0x263/0x2e0 [ 139.485757] ? format_decode+0x26c/0xb50 [ 139.485787] ? print_circular_bug+0x450/0x450 [ 139.485820] ? enable_ptr_key_workfn+0x20/0x20 [ 139.485853] ? format_decode+0x26c/0xb50 [ 139.485886] ? alloc_chain_hlocks+0x1ec/0x5a0 [ 139.485920] __lock_acquire+0x2a02/0x5e70 [ 139.485962] ? lockdep_hardirqs_on_prepare+0x410/0x410 [ 139.486006] lock_acquire+0x1a2/0x530 [ 139.486038] ? down_trylock+0xe/0x70 [ 139.486071] ? lock_release+0x750/0x750 [ 139.486111] ? vprintk+0x84/0xa0 [ 139.486145] _raw_spin_lock_irqsave+0x39/0x60 [ 139.486183] ? down_trylock+0xe/0x70 [ 139.486214] down_trylock+0xe/0x70 [ 139.486244] ? vprintk+0x84/0xa0 [ 139.486276] __down_trylock_console_sem+0x3b/0xd0 [ 139.486310] vprintk_emit+0x16b/0x560 [ 139.486347] vprintk+0x84/0xa0 [ 139.486405] _printk+0xba/0xf1 [ 139.486427] ? record_print_text.cold+0x16/0x16 [ 139.486458] ? report_bug.cold+0x66/0xab [ 139.486492] ? group_sched_out.part.0+0x2c7/0x460 [ 139.486515] report_bug.cold+0x72/0xab [ 139.486551] handle_bug+0x3c/0x70 [ 139.486584] exc_invalid_op+0x14/0x50 [ 139.486619] asm_exc_invalid_op+0x16/0x20 [ 139.486643] RIP: 0010:group_sched_out.part.0+0x2c7/0x460 [ 139.486669] Code: 5e 41 5f e9 5b bb ef ff e8 56 bb ef ff 65 8b 1d 1b 26 ac 7e 31 ff 89 de e8 f6 b7 ef ff 85 db 0f 84 8a 00 00 00 e8 39 bb ef ff <0f> 0b e9 a5 fe ff ff e8 2d bb ef ff 48 8d 7d 10 48 b8 00 00 00 00 [ 139.486691] RSP: 0018:ffff8880422b7c48 EFLAGS: 00010006 [ 139.486709] RAX: 0000000040000002 RBX: 0000000000000000 RCX: 0000000000000000 [ 139.486724] RDX: ffff8880422a8000 RSI: ffffffff81564fb7 RDI: 0000000000000005 [ 139.486739] RBP: ffff8880086685c8 R08: 0000000000000005 R09: 0000000000000001 [ 139.486753] R10: 0000000000000000 R11: ffffffff865b001b R12: ffff88804038fc00 [ 139.486768] R13: ffff88806ce3d140 R14: ffffffff8547d040 R15: 0000000000000002 [ 139.486790] ? group_sched_out.part.0+0x2c7/0x460 [ 139.486816] ? group_sched_out.part.0+0x2c7/0x460 [ 139.486842] ctx_sched_out+0x8f1/0xc10 [ 139.486867] __perf_event_task_sched_out+0x6d0/0x18d0 [ 139.486898] ? lock_is_held_type+0xd7/0x130 [ 139.486924] ? __perf_cgroup_move+0x160/0x160 [ 139.486948] ? set_next_entity+0x304/0x550 [ 139.486982] ? update_curr+0x267/0x740 [ 139.487018] ? lock_is_held_type+0xd7/0x130 [ 139.487044] __schedule+0xedd/0x2470 [ 139.487077] ? io_schedule_timeout+0x150/0x150 [ 139.487108] ? rcu_read_lock_sched_held+0x3e/0x80 [ 139.487147] schedule+0xda/0x1b0 [ 139.487175] exit_to_user_mode_prepare+0x114/0x1a0 [ 139.487199] syscall_exit_to_user_mode+0x19/0x40 [ 139.487225] do_syscall_64+0x48/0x90 [ 139.487259] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 139.487284] RIP: 0033:0x7f5c5649eb19 [ 139.487300] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 139.487321] RSP: 002b:00007f5c53a14218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 139.487342] RAX: 0000000000000001 RBX: 00007f5c565b1f68 RCX: 00007f5c5649eb19 [ 139.487357] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f5c565b1f6c [ 139.487371] RBP: 00007f5c565b1f60 R08: 000000000000000e R09: 0000000000000000 [ 139.487385] R10: 0000000000000005 R11: 0000000000000246 R12: 00007f5c565b1f6c [ 139.487400] R13: 00007fffebc8cd3f R14: 00007f5c53a14300 R15: 0000000000022000 [ 139.487425] [ 139.595213] WARNING: CPU: 0 PID: 3988 at kernel/events/core.c:2309 group_sched_out.part.0+0x2c7/0x460 [ 139.596550] Modules linked in: [ 139.597026] CPU: 0 PID: 3988 Comm: syz-executor.4 Not tainted 6.0.0-rc6-next-20220923 #1 [ 139.598178] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 139.599790] RIP: 0010:group_sched_out.part.0+0x2c7/0x460 [ 139.600571] Code: 5e 41 5f e9 5b bb ef ff e8 56 bb ef ff 65 8b 1d 1b 26 ac 7e 31 ff 89 de e8 f6 b7 ef ff 85 db 0f 84 8a 00 00 00 e8 39 bb ef ff <0f> 0b e9 a5 fe ff ff e8 2d bb ef ff 48 8d 7d 10 48 b8 00 00 00 00 [ 139.603188] RSP: 0018:ffff8880422b7c48 EFLAGS: 00010006 [ 139.603957] RAX: 0000000040000002 RBX: 0000000000000000 RCX: 0000000000000000 [ 139.604973] RDX: ffff8880422a8000 RSI: ffffffff81564fb7 RDI: 0000000000000005 [ 139.606011] RBP: ffff8880086685c8 R08: 0000000000000005 R09: 0000000000000001 [ 139.607037] R10: 0000000000000000 R11: ffffffff865b001b R12: ffff88804038fc00 [ 139.608058] R13: ffff88806ce3d140 R14: ffffffff8547d040 R15: 0000000000000002 [ 139.609086] FS: 00007f5c53a14700(0000) GS:ffff88806ce00000(0000) knlGS:0000000000000000 [ 139.610245] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 139.611101] CR2: 00007ffef79e9ff8 CR3: 00000000401de000 CR4: 0000000000350ef0 [ 139.612126] Call Trace: [ 139.612505] [ 139.612843] ctx_sched_out+0x8f1/0xc10 [ 139.613420] __perf_event_task_sched_out+0x6d0/0x18d0 [ 139.614184] ? lock_is_held_type+0xd7/0x130 [ 139.614826] ? __perf_cgroup_move+0x160/0x160 [ 139.615496] ? set_next_entity+0x304/0x550 [ 139.616129] ? update_curr+0x267/0x740 [ 139.616722] ? lock_is_held_type+0xd7/0x130 [ 139.617361] __schedule+0xedd/0x2470 [ 139.617927] ? io_schedule_timeout+0x150/0x150 [ 139.618618] ? rcu_read_lock_sched_held+0x3e/0x80 [ 139.619341] schedule+0xda/0x1b0 [ 139.619857] exit_to_user_mode_prepare+0x114/0x1a0 [ 139.620577] syscall_exit_to_user_mode+0x19/0x40 [ 139.621275] do_syscall_64+0x48/0x90 [ 139.621838] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 139.622615] RIP: 0033:0x7f5c5649eb19 [ 139.623159] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 139.625745] RSP: 002b:00007f5c53a14218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 139.626854] RAX: 0000000000000001 RBX: 00007f5c565b1f68 RCX: 00007f5c5649eb19 [ 139.627876] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f5c565b1f6c [ 139.628906] RBP: 00007f5c565b1f60 R08: 000000000000000e R09: 0000000000000000 [ 139.629934] R10: 0000000000000005 R11: 0000000000000246 R12: 00007f5c565b1f6c [ 139.630966] R13: 00007fffebc8cd3f R14: 00007f5c53a14300 R15: 0000000000022000 [ 139.632009] [ 139.632360] irq event stamp: 2318 [ 139.632861] hardirqs last enabled at (2317): [] exit_to_user_mode_prepare+0x109/0x1a0 [ 139.634203] hardirqs last disabled at (2318): [] __schedule+0x1225/0x2470 [ 139.635408] softirqs last enabled at (2218): [] __irq_exit_rcu+0x11b/0x180 [ 139.636638] softirqs last disabled at (2213): [] __irq_exit_rcu+0x11b/0x180 [ 139.637881] ---[ end trace 0000000000000000 ]--- [ 139.653755] capability: warning: `syz-executor.7' uses 32-bit capabilities (legacy support in use) [ 139.758841] hrtimer: interrupt took 17713 ns [ 140.046317] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 140.048077] misc raw-gadget: fail, usb_gadget_register_driver returned -16 VM DIAGNOSIS: 23:11:06 Registers: info registers vcpu 0 RAX=0000000000000075 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff822b17e1 RDI=ffffffff87645be0 RBP=ffffffff87645ba0 RSP=ffff8880422b7698 R8 =0000000000000001 R9 =000000000000000a R10=0000000000000075 R11=0000000000000001 R12=0000000000000075 R13=ffffffff87645ba0 R14=0000000000000010 R15=ffffffff822b17d0 RIP=ffffffff822b1839 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 00007f5c53a14700 00000000 00000000 GS =0000 ffff88806ce00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007ffef79e9ff8 CR3=00000000401de000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 YMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM01=0000000000000000 0000000000000000 00007f5c565857c0 00007f5c565857c8 YMM02=0000000000000000 0000000000000000 00007f5c565857e0 00007f5c565857c0 YMM03=0000000000000000 0000000000000000 00007f5c565857c8 00007f5c565857c0 YMM04=0000000000000000 0000000000000000 ffffffffffffffff ffffffff00000000 YMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM06=0000000000000000 0000000000000000 0000000000000000 000000524f525245 YMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM08=0000000000000000 0000000000000000 0000000000000000 00524f5252450040 YMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 RAX=0000000001679d80 RBX=000000c000554000 RCX=00000000005f6ef0 RDX=000000c00000c060 RSI=00000000008e08e0 RDI=000000c001cf5d80 RBP=000000c0003b8850 RSP=000000c0003b8820 R8 =0000000000ea8ac0 R9 =0000000000ea89c0 R10=0000000000000002 R11=0000000000000011 R12=00000000000000f1 R13=0000000000000000 R14=0000000000e5dacd R15=0000000000000000 RIP=00000000005f6ef7 RFL=00000282 [--S----] CPL=3 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0033 0000000000000000 ffffffff 00a0fb00 DPL=3 CS64 [-RA] SS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 000000c0002d5590 00000000 00000000 GS =0000 0000000000000000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007ff67e2c8ee8 CR3=000000001b1ae000 CR4=00350ee0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001fa0 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 YMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM01=0000000000000000 0000000000000000 246b2138e72274b1 fe80b71d3c45947f YMM02=0000000000000000 0000000000000000 a3e934e8f612ab75 8aa700d737f36fac YMM03=0000000000000000 0000000000000000 0b8968c9dca189a1 0edc3cb0c4cebc5e YMM04=0000000000000000 0000000000000000 b5594cbeed34b5cb 62de6c03892fdb42 YMM05=0000000000000000 0000000000000000 d8e34ef450d95274 7d40d1ecc7441c8b YMM06=0000000000000000 0000000000000000 90a15fa35a2809ca 08137dc21791a078 YMM07=0000000000000000 0000000000000000 1fbf9371652f708b fba79825e7a45415 YMM08=0000000000000000 0000000000000000 15274025cb2c4d0a d852fcb1f37c3d20 YMM09=0000000000000000 0000000000000000 e09fba5781982b71 8f957c910cadd888 YMM10=0000000000000000 0000000000000000 3e532b8ebdba1c87 0d7908bd744f6c65 YMM11=0000000000000000 0000000000000000 3d16b1a62fdd0060 fb785e689139e2b8 YMM12=0000000000000000 0000000000000000 0000000000000000 0000b149c57762a1 YMM13=0000000000000000 0000000000000000 333432383836376e 65676567616d692d YMM14=0000000000000000 0000000000000000 0000000000000000 0000000000003438 YMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000