Warning: Permanently added '[localhost]:14429' (ECDSA) to the list of known hosts. 2022/09/28 22:04:51 fuzzer started 2022/09/28 22:04:51 dialing manager at localhost:35827 syzkaller login: [ 44.379338] cgroup: Unknown subsys name 'net' [ 44.463905] cgroup: Unknown subsys name 'rlimit' 2022/09/28 22:05:04 syscalls: 2215 2022/09/28 22:05:04 code coverage: enabled 2022/09/28 22:05:04 comparison tracing: enabled 2022/09/28 22:05:04 extra coverage: enabled 2022/09/28 22:05:04 setuid sandbox: enabled 2022/09/28 22:05:04 namespace sandbox: enabled 2022/09/28 22:05:04 Android sandbox: enabled 2022/09/28 22:05:04 fault injection: enabled 2022/09/28 22:05:04 leak checking: enabled 2022/09/28 22:05:04 net packet injection: enabled 2022/09/28 22:05:04 net device setup: enabled 2022/09/28 22:05:04 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2022/09/28 22:05:04 devlink PCI setup: PCI device 0000:00:10.0 is not available 2022/09/28 22:05:04 USB emulation: enabled 2022/09/28 22:05:04 hci packet injection: enabled 2022/09/28 22:05:04 wifi device emulation: failed to parse kernel version (6.0.0-rc7-next-20220927) 2022/09/28 22:05:04 802.15.4 emulation: enabled 2022/09/28 22:05:04 fetching corpus: 50, signal 32268/33995 (executing program) 2022/09/28 22:05:04 fetching corpus: 100, signal 42662/45915 (executing program) 2022/09/28 22:05:04 fetching corpus: 150, signal 49672/54416 (executing program) 2022/09/28 22:05:05 fetching corpus: 200, signal 57132/63173 (executing program) 2022/09/28 22:05:05 fetching corpus: 250, signal 60235/67638 (executing program) 2022/09/28 22:05:05 fetching corpus: 300, signal 65505/74132 (executing program) 2022/09/28 22:05:05 fetching corpus: 350, signal 68337/78214 (executing program) 2022/09/28 22:05:05 fetching corpus: 400, signal 71550/82612 (executing program) 2022/09/28 22:05:05 fetching corpus: 450, signal 75043/87253 (executing program) 2022/09/28 22:05:05 fetching corpus: 500, signal 77959/91222 (executing program) 2022/09/28 22:05:05 fetching corpus: 550, signal 81439/95725 (executing program) 2022/09/28 22:05:05 fetching corpus: 600, signal 83837/99158 (executing program) 2022/09/28 22:05:06 fetching corpus: 650, signal 87353/103496 (executing program) 2022/09/28 22:05:06 fetching corpus: 700, signal 90013/107060 (executing program) 2022/09/28 22:05:06 fetching corpus: 750, signal 92272/110247 (executing program) 2022/09/28 22:05:06 fetching corpus: 800, signal 94885/113687 (executing program) 2022/09/28 22:05:06 fetching corpus: 850, signal 98212/117673 (executing program) 2022/09/28 22:05:06 fetching corpus: 900, signal 100414/120683 (executing program) 2022/09/28 22:05:06 fetching corpus: 950, signal 103128/124096 (executing program) 2022/09/28 22:05:06 fetching corpus: 1000, signal 104573/126466 (executing program) 2022/09/28 22:05:06 fetching corpus: 1050, signal 105986/128728 (executing program) 2022/09/28 22:05:07 fetching corpus: 1100, signal 108371/131727 (executing program) 2022/09/28 22:05:07 fetching corpus: 1150, signal 110523/134462 (executing program) 2022/09/28 22:05:07 fetching corpus: 1200, signal 113521/137922 (executing program) 2022/09/28 22:05:07 fetching corpus: 1250, signal 115137/140204 (executing program) 2022/09/28 22:05:07 fetching corpus: 1300, signal 117264/142849 (executing program) 2022/09/28 22:05:07 fetching corpus: 1350, signal 118861/145126 (executing program) 2022/09/28 22:05:07 fetching corpus: 1400, signal 121227/147921 (executing program) 2022/09/28 22:05:07 fetching corpus: 1450, signal 121933/149380 (executing program) 2022/09/28 22:05:07 fetching corpus: 1500, signal 123693/151626 (executing program) 2022/09/28 22:05:08 fetching corpus: 1550, signal 125675/153981 (executing program) 2022/09/28 22:05:08 fetching corpus: 1600, signal 126883/155772 (executing program) 2022/09/28 22:05:08 fetching corpus: 1650, signal 127890/157425 (executing program) 2022/09/28 22:05:08 fetching corpus: 1700, signal 129299/159305 (executing program) 2022/09/28 22:05:08 fetching corpus: 1750, signal 131111/161470 (executing program) 2022/09/28 22:05:08 fetching corpus: 1800, signal 134445/164599 (executing program) 2022/09/28 22:05:08 fetching corpus: 1850, signal 136041/166483 (executing program) 2022/09/28 22:05:08 fetching corpus: 1900, signal 137389/168193 (executing program) 2022/09/28 22:05:08 fetching corpus: 1950, signal 138381/169665 (executing program) 2022/09/28 22:05:08 fetching corpus: 2000, signal 140392/171829 (executing program) 2022/09/28 22:05:09 fetching corpus: 2050, signal 141255/173165 (executing program) 2022/09/28 22:05:09 fetching corpus: 2100, signal 143354/175299 (executing program) 2022/09/28 22:05:09 fetching corpus: 2150, signal 144336/176635 (executing program) 2022/09/28 22:05:09 fetching corpus: 2200, signal 145380/178038 (executing program) 2022/09/28 22:05:09 fetching corpus: 2250, signal 146377/179391 (executing program) 2022/09/28 22:05:09 fetching corpus: 2300, signal 147718/180982 (executing program) 2022/09/28 22:05:09 fetching corpus: 2350, signal 148783/182339 (executing program) 2022/09/28 22:05:09 fetching corpus: 2400, signal 149929/183703 (executing program) 2022/09/28 22:05:10 fetching corpus: 2450, signal 151907/185630 (executing program) 2022/09/28 22:05:10 fetching corpus: 2500, signal 153428/187193 (executing program) 2022/09/28 22:05:10 fetching corpus: 2550, signal 154372/188376 (executing program) 2022/09/28 22:05:10 fetching corpus: 2600, signal 155039/189424 (executing program) 2022/09/28 22:05:10 fetching corpus: 2650, signal 156264/190738 (executing program) 2022/09/28 22:05:10 fetching corpus: 2700, signal 157733/192197 (executing program) 2022/09/28 22:05:10 fetching corpus: 2750, signal 158661/193300 (executing program) 2022/09/28 22:05:10 fetching corpus: 2800, signal 159763/194509 (executing program) 2022/09/28 22:05:10 fetching corpus: 2850, signal 160347/195445 (executing program) 2022/09/28 22:05:10 fetching corpus: 2900, signal 161712/196708 (executing program) 2022/09/28 22:05:11 fetching corpus: 2950, signal 162508/197715 (executing program) 2022/09/28 22:05:11 fetching corpus: 3000, signal 163935/199000 (executing program) 2022/09/28 22:05:11 fetching corpus: 3050, signal 164854/200017 (executing program) 2022/09/28 22:05:11 fetching corpus: 3100, signal 165899/201073 (executing program) 2022/09/28 22:05:11 fetching corpus: 3150, signal 167248/202324 (executing program) 2022/09/28 22:05:11 fetching corpus: 3200, signal 168077/203243 (executing program) 2022/09/28 22:05:11 fetching corpus: 3250, signal 168630/204055 (executing program) 2022/09/28 22:05:11 fetching corpus: 3300, signal 169124/204802 (executing program) 2022/09/28 22:05:11 fetching corpus: 3350, signal 170379/206019 (executing program) 2022/09/28 22:05:12 fetching corpus: 3400, signal 170948/206808 (executing program) 2022/09/28 22:05:12 fetching corpus: 3450, signal 171825/207686 (executing program) 2022/09/28 22:05:12 fetching corpus: 3500, signal 173232/208780 (executing program) 2022/09/28 22:05:12 fetching corpus: 3550, signal 174132/209617 (executing program) 2022/09/28 22:05:12 fetching corpus: 3600, signal 174987/210442 (executing program) 2022/09/28 22:05:12 fetching corpus: 3650, signal 176053/211276 (executing program) 2022/09/28 22:05:12 fetching corpus: 3700, signal 176681/211957 (executing program) 2022/09/28 22:05:12 fetching corpus: 3750, signal 177511/212715 (executing program) 2022/09/28 22:05:13 fetching corpus: 3800, signal 178149/213382 (executing program) 2022/09/28 22:05:13 fetching corpus: 3850, signal 179007/214165 (executing program) 2022/09/28 22:05:13 fetching corpus: 3900, signal 179459/214756 (executing program) 2022/09/28 22:05:13 fetching corpus: 3950, signal 180477/215566 (executing program) 2022/09/28 22:05:13 fetching corpus: 4000, signal 181306/216269 (executing program) 2022/09/28 22:05:13 fetching corpus: 4050, signal 181811/216848 (executing program) 2022/09/28 22:05:13 fetching corpus: 4100, signal 182127/217348 (executing program) 2022/09/28 22:05:13 fetching corpus: 4150, signal 182778/217972 (executing program) 2022/09/28 22:05:13 fetching corpus: 4200, signal 183545/218715 (executing program) 2022/09/28 22:05:14 fetching corpus: 4250, signal 184201/219324 (executing program) 2022/09/28 22:05:14 fetching corpus: 4300, signal 184929/219903 (executing program) 2022/09/28 22:05:14 fetching corpus: 4350, signal 186045/220604 (executing program) 2022/09/28 22:05:14 fetching corpus: 4400, signal 187242/221277 (executing program) 2022/09/28 22:05:14 fetching corpus: 4450, signal 188051/221907 (executing program) 2022/09/28 22:05:14 fetching corpus: 4500, signal 188727/222496 (executing program) 2022/09/28 22:05:14 fetching corpus: 4550, signal 189251/222976 (executing program) 2022/09/28 22:05:14 fetching corpus: 4600, signal 189825/223456 (executing program) 2022/09/28 22:05:15 fetching corpus: 4650, signal 190240/223909 (executing program) 2022/09/28 22:05:15 fetching corpus: 4700, signal 190800/224361 (executing program) 2022/09/28 22:05:15 fetching corpus: 4750, signal 191526/224929 (executing program) 2022/09/28 22:05:15 fetching corpus: 4800, signal 192338/225431 (executing program) 2022/09/28 22:05:15 fetching corpus: 4850, signal 192840/225872 (executing program) 2022/09/28 22:05:15 fetching corpus: 4900, signal 193744/226302 (executing program) 2022/09/28 22:05:15 fetching corpus: 4950, signal 194210/226701 (executing program) 2022/09/28 22:05:15 fetching corpus: 5000, signal 195106/227149 (executing program) 2022/09/28 22:05:15 fetching corpus: 5050, signal 196168/227578 (executing program) 2022/09/28 22:05:16 fetching corpus: 5100, signal 196627/227963 (executing program) 2022/09/28 22:05:16 fetching corpus: 5150, signal 197194/228327 (executing program) 2022/09/28 22:05:16 fetching corpus: 5200, signal 197730/228691 (executing program) 2022/09/28 22:05:16 fetching corpus: 5250, signal 198601/229083 (executing program) 2022/09/28 22:05:16 fetching corpus: 5300, signal 198951/229372 (executing program) 2022/09/28 22:05:16 fetching corpus: 5350, signal 199318/229735 (executing program) 2022/09/28 22:05:16 fetching corpus: 5400, signal 199885/230067 (executing program) 2022/09/28 22:05:16 fetching corpus: 5450, signal 200981/230385 (executing program) 2022/09/28 22:05:16 fetching corpus: 5500, signal 201650/230667 (executing program) 2022/09/28 22:05:16 fetching corpus: 5550, signal 202020/230936 (executing program) 2022/09/28 22:05:16 fetching corpus: 5600, signal 202775/231202 (executing program) 2022/09/28 22:05:17 fetching corpus: 5650, signal 203224/231474 (executing program) 2022/09/28 22:05:17 fetching corpus: 5700, signal 203519/231723 (executing program) 2022/09/28 22:05:17 fetching corpus: 5750, signal 204002/231830 (executing program) 2022/09/28 22:05:17 fetching corpus: 5800, signal 205341/231835 (executing program) 2022/09/28 22:05:17 fetching corpus: 5850, signal 205683/231839 (executing program) 2022/09/28 22:05:17 fetching corpus: 5900, signal 206158/231847 (executing program) 2022/09/28 22:05:17 fetching corpus: 5950, signal 206528/231859 (executing program) 2022/09/28 22:05:17 fetching corpus: 6000, signal 206881/231859 (executing program) 2022/09/28 22:05:17 fetching corpus: 6050, signal 207272/231864 (executing program) 2022/09/28 22:05:18 fetching corpus: 6100, signal 208604/231865 (executing program) 2022/09/28 22:05:18 fetching corpus: 6150, signal 208982/231869 (executing program) 2022/09/28 22:05:18 fetching corpus: 6200, signal 209696/231873 (executing program) 2022/09/28 22:05:18 fetching corpus: 6250, signal 210256/231873 (executing program) 2022/09/28 22:05:18 fetching corpus: 6300, signal 210732/231875 (executing program) 2022/09/28 22:05:18 fetching corpus: 6301, signal 210734/231875 (executing program) 2022/09/28 22:05:18 fetching corpus: 6301, signal 210734/231875 (executing program) 2022/09/28 22:05:20 starting 8 fuzzer processes 22:05:20 executing program 0: mmap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000003, 0x12, 0xffffffffffffffff, 0x7c4b6000) fcntl$F_GET_FILE_RW_HINT(0xffffffffffffffff, 0x40d, &(0x7f0000000000)) r0 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x1, 0x0) ioctl$EXT4_IOC_MOVE_EXT(0xffffffffffffffff, 0xc028660f, &(0x7f0000000080)={0x0, r0, 0x80, 0x1, 0x6, 0x1ff}) r1 = openat$dir(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0, 0xa0) renameat2(r1, &(0x7f0000000100)='./file0\x00', r0, &(0x7f0000000140)='./file0\x00', 0x0) ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(r0, 0xc018937d, &(0x7f0000000180)={{0x1, 0x1, 0x18, r0, {0x1}}, './file0\x00'}) ioctl$TIOCGSERIAL(r2, 0x541e, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)=""/240}) ioctl$AUTOFS_IOC_FAIL(r2, 0x9361, 0x3ff) ioctl$AUTOFS_DEV_IOCTL_VERSION(r0, 0xc0189371, &(0x7f0000000340)={{0x1, 0x1, 0x18, r2}, './file0\x00'}) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x2400, 0x9) fchdir(r1) r4 = openat$thread_pidfd(0xffffffffffffff9c, &(0x7f0000000380), 0x4602, 0x0) flistxattr(r4, &(0x7f00000003c0)=""/166, 0xa6) fsetxattr$trusted_overlay_origin(r3, &(0x7f0000000480), &(0x7f00000004c0), 0x2, 0x1) write$binfmt_aout(r4, &(0x7f0000000500)={{0x108, 0x1, 0x4, 0x3d8, 0x7a, 0x8, 0x175, 0x954}, "ed5c49a8e5392f5b070fcf92691b42c636ee87c1122d8ed79f60cf4a0cf298b30dedf685a60b2caaa73f15f2f7f0e24f993d391f1dcfd77c", ['\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00']}, 0x958) r5 = openat$zero(0xffffffffffffff9c, &(0x7f0000000e80), 0x200400, 0x0) ioctl$HIDIOCSFEATURE(r5, 0xc0404806, &(0x7f0000000ec0)="367a1186fa3707dfe1f59d439c0366b9e1ed02d762716a90d04b250c632f9d39e5af374378202c0b6d2d3770b66cf87a97ba0aa09ca932fc1eabb6e6b273a480a33b319d65586eb86ff3608a279f") shutdown(r2, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r1, 0x81f8943c, &(0x7f0000000f40)) 22:05:20 executing program 1: connect$802154_dgram(0xffffffffffffffff, &(0x7f0000000000)={0x24, @long}, 0x14) ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000040)={{0x1, 0x1, 0x18, 0xffffffffffffffff}, './file0\x00'}) getsockopt$inet_IP_IPSEC_POLICY(r0, 0x0, 0x10, &(0x7f0000000100)={{{@in6=@private2, @in=@local, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@mcast1}, 0x0, @in6=@private2}}, &(0x7f0000000200)=0xe8) lsetxattr$security_capability(&(0x7f0000000080)='./file1\x00', &(0x7f00000000c0), &(0x7f0000000240)=@v3={0x3000000, [{0x6}, {0x2, 0x9}], r1}, 0x18, 0x3) ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r0, 0xc0189375, &(0x7f0000000280)={{0x1, 0x1, 0x18, r0}, './file1\x00'}) connect$802154_dgram(r2, &(0x7f00000002c0)={0x24, @none={0x0, 0x1}}, 0x14) r3 = openat(0xffffffffffffff9c, &(0x7f0000000300)='./file1\x00', 0x0, 0x4) readv(0xffffffffffffffff, &(0x7f0000000480)=[{&(0x7f0000000340)}, {&(0x7f0000000380)=""/228, 0xe4}], 0x2) r4 = fcntl$dupfd(0xffffffffffffffff, 0x0, r3) ioctl$F2FS_IOC_MOVE_RANGE(r3, 0xc020f509, &(0x7f0000000500)={r4, 0x6, 0x20, 0x3}) syz_genetlink_get_family_id$ethtool(&(0x7f00000004c0), r5) getpeername(r4, &(0x7f0000000540)=@nl, &(0x7f00000005c0)=0x80) socket$inet6_udp(0xa, 0x2, 0x0) r6 = syz_open_dev$vcsu(&(0x7f0000000600), 0x8, 0x40200) r7 = openat(r6, &(0x7f0000000640)='./file1\x00', 0x200, 0x2) ioctl$AUTOFS_DEV_IOCTL_EXPIRE(r6, 0xc018937c, &(0x7f0000000680)={{0x1, 0x1, 0x18, r4}, './file2\x00'}) openat(r8, &(0x7f00000006c0)='./file0\x00', 0x418d02, 0x8) epoll_ctl$EPOLL_CTL_ADD(r5, 0x1, r7, &(0x7f0000000700)={0x2}) openat(0xffffffffffffff9c, &(0x7f0000000740)='./file2\x00', 0x400800, 0x80) sendfile(r7, r0, &(0x7f0000000780)=0x386, 0x0) 22:05:20 executing program 2: sendmsg$NFT_MSG_GETGEN(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x14, 0x10, 0xa, 0x101, 0x0, 0x0, {0x5, 0x0, 0x2}, ["", "", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x801}, 0x4000010) r0 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000140), 0xffffffffffffffff) sendmsg$IEEE802154_SCAN_REQ(0xffffffffffffffff, &(0x7f0000000240)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)={0x5c, r0, 0x400, 0x70bd29, 0x25dfdbfb, {}, [@IEEE802154_ATTR_PAGE={0x5, 0x1d, 0x10}, @IEEE802154_ATTR_DURATION={0x5, 0x15, 0x3f}, @IEEE802154_ATTR_DURATION={0x5, 0x15, 0x40}, @IEEE802154_ATTR_SCAN_TYPE={0x5, 0x13, 0x1}, @IEEE802154_ATTR_DURATION={0x5, 0x15, 0x6}, @IEEE802154_ATTR_PAGE={0x5, 0x1d, 0x12}, @IEEE802154_ATTR_PAGE={0x5, 0x1d, 0x18}, @IEEE802154_ATTR_PAGE={0x5, 0x1d, 0x18}, @IEEE802154_ATTR_PAGE={0x5, 0x1d, 0x11}]}, 0x5c}, 0x1, 0x0, 0x0, 0x400c0}, 0x4000880) syz_genetlink_get_family_id$nbd(&(0x7f0000000280), 0xffffffffffffffff) sendmsg$BATADV_CMD_GET_BLA_BACKBONE(0xffffffffffffffff, &(0x7f00000003c0)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000380)={&(0x7f0000000300)={0x5c, 0x0, 0x1, 0x70bd27, 0x25dfdbff, {}, [@BATADV_ATTR_FRAGMENTATION_ENABLED={0x5, 0x30, 0x1}, @BATADV_ATTR_BRIDGE_LOOP_AVOIDANCE_ENABLED={0x5}, @BATADV_ATTR_ELP_INTERVAL={0x8, 0x3a, 0x200}, @BATADV_ATTR_GW_BANDWIDTH_UP={0x8, 0x32, 0x5}, @BATADV_ATTR_GW_SEL_CLASS={0x8, 0x34, 0x5}, @BATADV_ATTR_HOP_PENALTY={0x5, 0x35, 0x3}, @BATADV_ATTR_GW_BANDWIDTH_DOWN={0x8, 0x31, 0x2284e0ae}, @BATADV_ATTR_AGGREGATED_OGMS_ENABLED={0x5, 0x29, 0x1}, @BATADV_ATTR_VLANID={0x6, 0x28, 0x4}]}, 0x5c}, 0x1, 0x0, 0x0, 0x800}, 0x20000000) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000440), 0xffffffffffffffff) sendmsg$IEEE802154_SCAN_REQ(r1, &(0x7f0000000500)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f00000004c0)={&(0x7f0000000480)={0x34, r2, 0x400, 0x70bd29, 0x25dfdbfe, {}, [@IEEE802154_ATTR_SCAN_TYPE={0x5, 0x13, 0x77}, @IEEE802154_ATTR_PAGE={0x5, 0x1d, 0x2}, @IEEE802154_ATTR_CHANNELS={0x8, 0x14, 0x1a}, @IEEE802154_ATTR_PAGE={0x5, 0x1d, 0x1a}]}, 0x34}, 0x1, 0x0, 0x0, 0x40080}, 0x4000000) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$IEEE802154_DISASSOCIATE_REQ(r3, &(0x7f0000000640)={&(0x7f0000000540), 0xc, &(0x7f0000000600)={&(0x7f0000000580)={0x64, r0, 0x10, 0x70bd2d, 0x8, {}, [@IEEE802154_ATTR_COORD_HW_ADDR={0xc, 0x9, {0xaaaaaaaaaaaa0102}}, @IEEE802154_ATTR_REASON={0x5, 0x12, 0xfc}, @IEEE802154_ATTR_COORD_HW_ADDR={0xc, 0x9, {0xaaaaaaaaaaaa0102}}, @IEEE802154_ATTR_COORD_HW_ADDR={0xc, 0x9, {0xaaaaaaaaaaaa0302}}, @IEEE802154_ATTR_COORD_SHORT_ADDR={0x6, 0x8, 0xaaa2}, @IEEE802154_ATTR_REASON={0x5, 0x12, 0x2d}, @IEEE802154_ATTR_REASON={0x5, 0x12, 0x40}, @IEEE802154_ATTR_COORD_HW_ADDR={0xc, 0x9, {0xaaaaaaaaaaaa0202}}]}, 0x64}, 0x1, 0x0, 0x0, 0x48000}, 0x0) r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$IEEE802154_ASSOCIATE_RESP(r4, &(0x7f0000000740)={&(0x7f0000000680)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000700)={&(0x7f00000006c0)={0x2c, r0, 0x4, 0x70bd2d, 0x25dfdbff, {}, [@IEEE802154_ATTR_COORD_HW_ADDR={0xc, 0x9, {0xaaaaaaaaaaaa0302}}, @IEEE802154_ATTR_COORD_HW_ADDR={0xc}]}, 0x2c}, 0x1, 0x0, 0x0, 0x24008010}, 0x20000040) sendmsg$NL802154_CMD_SET_BACKOFF_EXPONENT(r3, &(0x7f0000000840)={&(0x7f0000000780)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000800)={&(0x7f00000007c0)={0x20, 0x0, 0x2, 0x70bd2d, 0x25dfdbff, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x100000001}]}, 0x20}, 0x1, 0x0, 0x0, 0x810}, 0x840) r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_CIPSOV4_C_LISTALL(r5, &(0x7f0000000a00)={&(0x7f0000000880)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f00000009c0)={&(0x7f00000008c0)={0xe8, 0x0, 0x409, 0x70bd2c, 0x25dfdbff, {}, [@NLBL_CIPSOV4_A_DOI={0x8, 0x1, 0x1}, @NLBL_CIPSOV4_A_MLSLVLLST={0xcc, 0x8, 0x0, 0x1, [{0x54, 0x7, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x417a468b}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0x93}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x3ab5f8d1}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x3b8d228b}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x17a73a66}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0x86}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0x2b}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0xac}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0x58}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0x2e}]}, {0x24, 0x7, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x30e0f9b5}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x44ff6c65}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0x6}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x4579af8e}]}, {0x1c, 0x7, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0x97}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0x80}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0xc5}]}, {0x34, 0x7, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0x1a}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0x69}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0x3c}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0x7d}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x5becdbe0}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x2661dae4}]}]}]}, 0xe8}, 0x1, 0x0, 0x0, 0x4}, 0x4050) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000a80)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_START_AP(0xffffffffffffffff, &(0x7f0000000b80)={&(0x7f0000000a40)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000b40)={&(0x7f0000000ac0)={0x4c, 0x0, 0x8, 0x70bd2c, 0x25dfdbfc, {{}, {@val={0x8, 0x3, r6}, @void}}, [@NL80211_ATTR_P2P_OPPPS={0x5}, @NL80211_ATTR_SMPS_MODE={0x5, 0xd5, 0x2}, @NL80211_ATTR_SSID={0xa, 0x34, @default_ibss_ssid}, @NL80211_ATTR_PBSS={0x4}, @NL80211_ATTR_SSID={0xd, 0x34, @random="3f1774fa7a77d86331"}]}, 0x4c}, 0x1, 0x0, 0x0, 0x40008c0}, 0x804) r7 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000c00), r4) ioctl$sock_SIOCGIFINDEX_802154(r4, 0x8933, &(0x7f0000000c40)={'wpan4\x00', 0x0}) sendmsg$NL802154_CMD_DEL_SEC_KEY(r5, &(0x7f0000000d00)={&(0x7f0000000bc0)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000cc0)={&(0x7f0000000c80)={0x28, r7, 0x8, 0x70bd29, 0x25dfdbfb, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x2}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r8}]}, 0x28}, 0x1, 0x0, 0x0, 0x8045}, 0x40000) [ 73.360316] audit: type=1400 audit(1664402720.718:6): avc: denied { execmem } for pid=285 comm="syz-executor.0" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1 22:05:20 executing program 7: r0 = openat$vcsu(0xffffffffffffff9c, &(0x7f0000000000), 0x101081, 0x0) ioctl$TIOCGSOFTCAR(r0, 0x5419, &(0x7f0000000040)) ioctl$KDGKBMODE(r0, 0x4b44, &(0x7f0000000080)) ioctl$KDGETMODE(r0, 0x4b3b, &(0x7f00000000c0)) r1 = accept4$inet(r0, 0x0, &(0x7f0000000100), 0x0) tee(r1, r0, 0x3, 0x7) ioctl$KDSKBENT(r0, 0x4b47, &(0x7f0000000140)={0x0, 0x2, 0x401}) r2 = dup3(0xffffffffffffffff, r0, 0x80000) ioctl$TCFLSH(r2, 0x540b, 0x1) ioctl$TIOCGRS485(r0, 0x542e, &(0x7f0000000180)) r3 = syz_open_pts(0xffffffffffffffff, 0x800) ioctl$TCXONC(r3, 0x540a, 0x2) r4 = accept$unix(0xffffffffffffffff, 0x0, &(0x7f00000001c0)) ioctl$BTRFS_IOC_DEFAULT_SUBVOL(r4, 0x40089413, &(0x7f0000000200)=0x2) r5 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000240)='/sys/class/bsg', 0x100000, 0x0) ioctl$FAT_IOCTL_SET_ATTRIBUTES(r5, 0x40047211, &(0x7f0000000280)) getsockopt$inet_udp_int(r5, 0x11, 0xb, &(0x7f00000002c0), &(0x7f0000000300)=0x4) r6 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000340)='/proc/locks\x00', 0x0, 0x0) epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r6, &(0x7f0000000380)={0x80000000}) fgetxattr(r1, &(0x7f00000003c0)=@known='system.posix_acl_default\x00', &(0x7f0000000400)=""/196, 0xc4) 22:05:20 executing program 3: r0 = syz_genetlink_get_family_id$tipc(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$TIPC_CMD_GET_REMOTE_MNG(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x1c, r0, 0x20, 0x70bd2c, 0x25dfdbfe, {}, ["", "", "", "", "", "", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x4080}, 0x4) sendmsg$IPSET_CMD_DESTROY(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000180)={0x3c, 0x3, 0x6, 0x201, 0x0, 0x0, {0x5, 0x0, 0x2}, [@IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz2\x00'}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz2\x00'}, @IPSET_ATTR_PROTOCOL={0x5}]}, 0x3c}, 0x1, 0x0, 0x0, 0x4018045}, 0x4004000) r1 = fcntl$dupfd(0xffffffffffffffff, 0xcfc9223da452b3d6, 0xffffffffffffffff) sendmsg$WG_CMD_GET_DEVICE(r1, &(0x7f0000001040)={&(0x7f0000000740)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000001000)={&(0x7f0000000780)={0x850, 0x0, 0x800, 0x70bd28, 0x25dfdbfd, {}, [@WGDEVICE_A_PRIVATE_KEY={0x24, 0x3, @b}, @WGDEVICE_A_PEERS={0x818, 0x8, 0x0, 0x1, [{0x540, 0x0, 0x0, 0x1, [@WGPEER_A_ALLOWEDIPS={0x4a8, 0x9, 0x0, 0x1, [{0x7c, 0x0, 0x0, 0x1, [@ipv6={{0x6}, {0x14, 0x2, @empty}, {0x5, 0x3, 0x2}}, @ipv4={{0x6}, {0x8, 0x2, @loopback}, {0x5, 0x3, 0x1}}, @ipv4={{0x6}, {0x8, 0x2, @empty}, {0x5, 0x3, 0x1}}, @ipv6={{0x6}, {0x14, 0x2, @private2}, {0x5}}]}, {0x70, 0x0, 0x0, 0x1, [@ipv4={{0x6}, {0x8, 0x2, @rand_addr=0x64010101}, {0x5, 0x3, 0x1}}, @ipv6={{0x6}, {0x14, 0x2, @empty}, {0x5}}, @ipv4={{0x6}, {0x8, 0x2, @multicast2}, {0x5, 0x3, 0x1}}, @ipv4={{0x6}, {0x8, 0x2, @remote}, {0x5, 0x3, 0x2}}]}, {0xc4, 0x0, 0x0, 0x1, [@ipv6={{0x6}, {0x14, 0x2, @ipv4={'\x00', '\xff\xff', @rand_addr=0x64010101}}, {0x5, 0x3, 0x1}}, @ipv4={{0x6}, {0x8, 0x2, @rand_addr=0x64010100}, {0x5}}, @ipv6={{0x6}, {0x14, 0x2, @private0={0xfc, 0x0, '\x00', 0x1}}, {0x5, 0x3, 0x1}}, @ipv4={{0x6}, {0x8, 0x2, @multicast1}, {0x5, 0x3, 0x1}}, @ipv6={{0x6}, {0x14, 0x2, @dev={0xfe, 0x80, '\x00', 0x30}}, {0x5, 0x3, 0x3}}, @ipv6={{0x6}, {0x14, 0x2, @loopback}, {0x5, 0x3, 0x2}}]}, {0x64, 0x0, 0x0, 0x1, [@ipv4={{0x6}, {0x8, 0x2, @multicast2}, {0x5, 0x3, 0x2}}, @ipv4={{0x6}, {0x8, 0x2, @rand_addr=0x64010100}, {0x5}}, @ipv4={{0x6}, {0x8, 0x2, @local}, {0x5, 0x3, 0x3}}, @ipv4={{0x6}, {0x8, 0x2, @initdev={0xac, 0x1e, 0x0, 0x0}}, {0x5}}]}, {0x118, 0x0, 0x0, 0x1, [@ipv4={{0x6}, {0x8, 0x2, @rand_addr=0x64010102}, {0x5, 0x3, 0x1}}, @ipv6={{0x6}, {0x14, 0x2, @mcast2}, {0x5, 0x3, 0x1}}, @ipv4={{0x6}, {0x8, 0x2, @multicast2}, {0x5, 0x3, 0x1}}, @ipv4={{0x6}, {0x8, 0x2, @broadcast}, {0x5, 0x3, 0x1}}, @ipv6={{0x6}, {0x14, 0x2, @ipv4={'\x00', '\xff\xff', @multicast1}}, {0x5, 0x3, 0x2}}, @ipv4={{0x6}, {0x8, 0x2, @multicast2}, {0x5, 0x3, 0x3}}, @ipv4={{0x6}, {0x8, 0x2, @private=0xa010101}, {0x5, 0x3, 0x2}}, @ipv6={{0x6}, {0x14, 0x2, @local}, {0x5, 0x3, 0x1}}, @ipv4={{0x6}, {0x8, 0x2, @rand_addr=0x64010100}, {0x5}}, @ipv4={{0x6}, {0x8, 0x2, @broadcast}, {0x5}}]}, {0x70, 0x0, 0x0, 0x1, [@ipv4={{0x6}, {0x8, 0x2, @loopback}, {0x5}}, @ipv6={{0x6}, {0x14, 0x2, @empty}, {0x5, 0x3, 0x1}}, @ipv4={{0x6}, {0x8, 0x2, @loopback}, {0x5, 0x3, 0x3}}, @ipv4={{0x6}, {0x8, 0x2, @local}, {0x5, 0x3, 0x2}}]}, {0x1c, 0x0, 0x0, 0x1, [@ipv4={{0x6}, {0x8, 0x2, @remote}, {0x5, 0x3, 0x1}}]}, {0xac, 0x0, 0x0, 0x1, [@ipv4={{0x6}, {0x8, 0x2, @multicast1}, {0x5}}, @ipv4={{0x6}, {0x8, 0x2, @loopback}, {0x5}}, @ipv4={{0x6}, {0x8, 0x2, @multicast1}, {0x5, 0x3, 0x2}}, @ipv6={{0x6}, {0x14, 0x2, @private2}, {0x5, 0x3, 0x1}}, @ipv4={{0x6}, {0x8, 0x2, @private=0xa010101}, {0x5, 0x3, 0x1}}, @ipv6={{0x6}, {0x14, 0x2, @dev={0xfe, 0x80, '\x00', 0xb}}, {0x5, 0x3, 0x2}}]}, {0x40, 0x0, 0x0, 0x1, [@ipv4={{0x6}, {0x8, 0x2, @loopback}, {0x5, 0x3, 0x3}}, @ipv6={{0x6}, {0x14, 0x2, @private0}, {0x5, 0x3, 0x1}}]}]}, @WGPEER_A_PROTOCOL_VERSION={0x8}, @WGPEER_A_PROTOCOL_VERSION={0x8}, @WGPEER_A_PUBLIC_KEY={0x24, 0x1, @neg}, @WGPEER_A_ENDPOINT6={0x20, 0x4, {0xa, 0x4e23, 0xfffffff8, @remote, 0x40}}, @WGPEER_A_ENDPOINT4={0x14, 0x4, {0x2, 0x4e23, @local}}, @WGPEER_A_FLAGS={0x8, 0x3, 0x1}, @WGPEER_A_PRESHARED_KEY={0x24, 0x2, "364ee48e9f7f1cc4a8dffddc4ecc33fa269e72c6ff6050ed685ccac37a3cc8ab"}]}, {0xe8, 0x0, 0x0, 0x1, [@WGPEER_A_FLAGS={0x8, 0x3, 0x1}, @WGPEER_A_PERSISTENT_KEEPALIVE_INTERVAL={0x6, 0x5, 0x401}, @WGPEER_A_FLAGS={0x8, 0x3, 0x2}, @WGPEER_A_ENDPOINT4={0x14, 0x4, {0x2, 0x4e24, @empty}}, @WGPEER_A_ALLOWEDIPS={0xb0, 0x9, 0x0, 0x1, [{0xac, 0x0, 0x0, 0x1, [@ipv6={{0x6}, {0x14, 0x2, @mcast1}, {0x5}}, @ipv6={{0x6}, {0x14, 0x2, @mcast2}, {0x5, 0x3, 0x1}}, @ipv6={{0x6}, {0x14, 0x2, @private0={0xfc, 0x0, '\x00', 0x1}}, {0x5, 0x3, 0x2}}, @ipv4={{0x6}, {0x8, 0x2, @dev={0xac, 0x14, 0x14, 0x32}}, {0x5, 0x3, 0x2}}, @ipv6={{0x6}, {0x14, 0x2, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}, {0x5, 0x3, 0x1}}]}]}, @WGPEER_A_PROTOCOL_VERSION={0x8}]}, {0x1ec, 0x0, 0x0, 0x1, [@WGPEER_A_ALLOWEDIPS={0x1e0, 0x9, 0x0, 0x1, [{0xc4, 0x0, 0x0, 0x1, [@ipv4={{0x6}, {0x8, 0x2, @empty}, {0x5}}, @ipv6={{0x6}, {0x14, 0x2, @ipv4={'\x00', '\xff\xff', @multicast1}}, {0x5, 0x3, 0x1}}, @ipv6={{0x6}, {0x14, 0x2, @local}, {0x5, 0x3, 0x2}}, @ipv6={{0x6}, {0x14, 0x2, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}}, {0x5, 0x3, 0x1}}, @ipv4={{0x6}, {0x8, 0x2, @loopback}, {0x5}}, @ipv6={{0x6}, {0x14, 0x2, @private2={0xfc, 0x2, '\x00', 0x1}}, {0x5, 0x3, 0x2}}]}, {0x118, 0x0, 0x0, 0x1, [@ipv6={{0x6}, {0x14, 0x2, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01'}, {0x5, 0x3, 0x2}}, @ipv6={{0x6}, {0x14, 0x2, @dev={0xfe, 0x80, '\x00', 0x2f}}, {0x5, 0x3, 0x3}}, @ipv4={{0x6}, {0x8, 0x2, @remote}, {0x5, 0x3, 0x1}}, @ipv4={{0x6}, {0x8, 0x2, @initdev={0xac, 0x1e, 0x1, 0x0}}, {0x5, 0x3, 0x1}}, @ipv6={{0x6}, {0x14, 0x2, @dev={0xfe, 0x80, '\x00', 0x10}}, {0x5, 0x3, 0x1}}, @ipv6={{0x6}, {0x14, 0x2, @remote}, {0x5}}, @ipv4={{0x6}, {0x8, 0x2, @loopback}, {0x5, 0x3, 0x2}}, @ipv4={{0x6}, {0x8, 0x2, @private=0xa010102}, {0x5, 0x3, 0x1}}, @ipv6={{0x6}, {0x14, 0x2, @remote}, {0x5}}]}]}, @WGPEER_A_FLAGS={0x8, 0x3, 0x1}]}]}]}, 0x850}, 0x1, 0x0, 0x0, 0x40}, 0x4000004) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f00000010c0), r1) sendmsg$NL80211_CMD_SET_CHANNEL(r1, &(0x7f0000001180)={&(0x7f0000001080)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000001140)={&(0x7f0000001100)={0x38, r2, 0x20, 0x70bd2c, 0x25dfdbff, {{}, {@val={0x8}, @val={0xc, 0x99, {0x0, 0x69}}}}, [@NL80211_ATTR_WIPHY_FREQ={0x8, 0x26, @random=0x994}, @NL80211_ATTR_WIPHY_FREQ_OFFSET={0x8, 0x122, 0x381}]}, 0x38}, 0x1, 0x0, 0x0, 0x4000000}, 0x40) readv(r1, &(0x7f0000001280)=[{&(0x7f00000011c0)=""/146, 0x92}], 0x1) r3 = creat(&(0x7f00000012c0)='./file0\x00', 0x49) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000001340), r1) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000001380)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_VENDOR(r3, &(0x7f0000001540)={&(0x7f0000001300)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000001500)={&(0x7f00000013c0)={0x120, r4, 0x20, 0x70bd29, 0x25dfdbfb, {{}, {@void, @val={0x8, 0x3, r5}, @val={0xc, 0x99, {0x0, 0x30}}}}, [@NL80211_ATTR_VENDOR_ID={0x8, 0xc3, 0x401}, @NL80211_ATTR_VENDOR_DATA={0xd5, 0xc5, "f1b4f63db58668f2e91a60ffc16f9cd8cdbdc7e8e42464036bde3b710e9270dca9faf61e854af132b232a22e23e20061866abd476b32af973784c9fa4c5ac0056e9da0c7d4a74a5c8b61dcf581b2c75b706b2e5c9be676175c2155d7dddfd9494d88ce991f929a401aa9cc95307ab0029570225042d53bf49a41e01af05aa9fdaa5de037d47d8561eb765d015165c4075ac868c99b9a1cc7ad0f02acba786fb660352a2c2fec7197bca3d2d8092c16100669629c30c3e0e12365746462c1c447a43b32a53671766e5747009a22f5fdfefc"}, @NL80211_ATTR_VENDOR_ID={0x8, 0xc3, 0xff}, @NL80211_ATTR_VENDOR_ID={0x8, 0xc3, 0x6}, @NL80211_ATTR_VENDOR_ID={0x8}]}, 0x120}, 0x1, 0x0, 0x0, 0x4044890}, 0x0) ioctl$AUTOFS_DEV_IOCTL_FAIL(r1, 0xc0189377, &(0x7f0000001580)={{0x1, 0x1, 0x18, r1, {0x10001, 0x2}}, './file0\x00'}) epoll_ctl$EPOLL_CTL_ADD(r6, 0x1, r1, &(0x7f00000015c0)={0x80002000}) r7 = socket$nl_generic(0x10, 0x3, 0x10) r8 = syz_genetlink_get_family_id$nl80211(&(0x7f0000001640), r3) sendmsg$NL80211_CMD_VENDOR(r6, &(0x7f00000017c0)={&(0x7f0000001600)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000001780)={&(0x7f0000001680)={0xe8, r8, 0x100, 0x70bd2b, 0x25dfdbfd, {{}, {@val={0x8, 0x1, 0x61}, @void, @void}}, [@NL80211_ATTR_VENDOR_DATA={0xcc, 0xc5, "84e55be8b5776cf583a2ef31e25d68ed545c5a98981f8559a22e8c34c4928634f02532f2386080fb62d86de44db35177dfaaf524b53c2ea1c33672777888593bedb2e03a8521248319ea30b7070640e606463f8811423fb713363198bd7628bb39c92d5d3d3baf330df4ccaff1eb7c9ea3e34dd32855901e52ed64d6c6a12db7e272fbefd5341baa53b1ced92f17a738309978d948a85d8dd4ce026c7e88d700f95a5d9b78c7bd8e6d8184540a718fd7ce3fceda8eedbabed3d66156e5ca5fc4ebb1cefef7508aa1"}]}, 0xe8}, 0x1, 0x0, 0x0, 0x80}, 0x20000004) r9 = syz_genetlink_get_family_id$nl80211(&(0x7f0000001840), r1) sendmsg$NL80211_CMD_VENDOR(r7, &(0x7f0000001900)={&(0x7f0000001800)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f00000018c0)={&(0x7f0000001880)={0x28, r9, 0x1, 0x70bd2c, 0x25dfdbff, {{}, {@void, @val={0x8, 0x3, r5}, @val={0xc, 0x99, {0x1, 0x5d}}}}}, 0x28}, 0x1, 0x0, 0x0, 0x200040d0}, 0x4000800) sendmsg$TIPC_NL_BEARER_ADD(r6, &(0x7f0000001ec0)={&(0x7f0000001940)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000001e80)={&(0x7f0000001980)={0x4dc, 0x0, 0x400, 0x70bd26, 0x25dfdbfd, {}, [@TIPC_NLA_MEDIA={0x1c, 0x5, 0x0, 0x1, [@TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'udp\x00'}, @TIPC_NLA_MEDIA_NAME={0x7, 0x1, 'ib\x00'}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'udp\x00'}]}, @TIPC_NLA_PUBL={0x34, 0x3, 0x0, 0x1, [@TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x10baf102}, @TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0x3}, @TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x400}, @TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0x5}, @TIPC_NLA_PUBL_LOWER={0x8}, @TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0x40}]}, @TIPC_NLA_NODE={0x128, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "8f10c7a2d9b1094cf2da103ba6f48e1f1268e7bf37e6276cb36e3adb748ddc32a3f6b981"}}, @TIPC_NLA_NODE_KEY={0x44, 0x4, {'gcm(aes)\x00', 0x1c, "a0a9c85a1cdb1162fa2e5f677535e6009dba03c6793600397ca2f35c"}}, @TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_ID={0x7f, 0x3, "e2b3abf9112640920cd8289cd5922cb02adc3544e420400af8ffb0928950519c6b18aa681461c8459e07cd278a538c1bb55fadb9cd655245fd1649333117487298d54ec41ca7adc5f472e0fe2c153b5f5fd0a9769e10648dba8c84169b3a033a98b10d3e01286cac30553cbe506b6b620bf72fd69833c88a60c66e"}, @TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x2}, @TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x9e7c}]}, @TIPC_NLA_NET={0x50, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_ADDR={0x8, 0x2, 0x9e}, @TIPC_NLA_NET_NODEID={0xc}, @TIPC_NLA_NET_ADDR={0x8, 0x2, 0x7f}, @TIPC_NLA_NET_ID={0x8, 0x1, 0xbd7}, @TIPC_NLA_NET_ID={0x8, 0x1, 0x85e}, @TIPC_NLA_NET_ID={0x8, 0x1, 0x4}, @TIPC_NLA_NET_ID={0x8, 0x1, 0x5f0}, @TIPC_NLA_NET_ADDR={0x8, 0x2, 0x57d1}, @TIPC_NLA_NET_ID={0x8, 0x1, 0xec5}]}, @TIPC_NLA_NODE={0x1a8, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_ID={0x47, 0x3, "54b3a0298309528285c00462ab4d386148d377fde1c4d50611c3d331308faf113b416ee517479125bf36c1f49dba9fe2c216fcff5d34756be27e60b14284ac7614d9fe"}, @TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x7ff}, @TIPC_NLA_NODE_ID={0xb, 0x3, "d4ad376db9ec97"}, @TIPC_NLA_NODE_ID={0x45, 0x3, "9ab7d387df1096591d9691a50a1b7461faf9e5082c4cfac2e7c535dbc09c4f3c2e632f5bee164eae9c9e54b5ad4c4c97478918e7d27005f25a11ff0fda225c8208"}, @TIPC_NLA_NODE_ID={0xfc, 0x3, "38e14e853d919e8c7d6aa5ba583c401f1710c335e4a96d94ee1e2d7d86418f863f4960b5ea5133d057abece233c3e0e264bb36539e3c6e0eeffea98da4fa75313dc2f337a7fad59de6e030c25e0730aaccf29089be73796ef40d977b3a8f8301580ffe3fe90da99453362fc3dcd077977194eda7c3999275a415b60d52716ea108a9077c54b3efa37e146850ce86c110eb419a4723eecb190658f8fdfc9c17373ce4187f992de577094b81d7a87360f875ccba94a503300b57034b954866b9109555c229622d5a627c857ed71492d81046eba7e7e34275341fc90f5aae4eca54c7ea7219c1f675fcfcf5fcc882a1ec2c97e2ceb69c284622"}]}, @TIPC_NLA_MON={0x54, 0x9, 0x0, 0x1, [@TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x1}, @TIPC_NLA_MON_REF={0x8}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x80000001}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x7fff}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x80}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x1000}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x200}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x10000}, @TIPC_NLA_MON_REF={0x8, 0x2, 0xfffffff9}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x1}]}, @TIPC_NLA_MON={0x34, 0x9, 0x0, 0x1, [@TIPC_NLA_MON_REF={0x8, 0x2, 0x4}, @TIPC_NLA_MON_REF={0x8, 0x2, 0xcbc}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x7fff}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x2b53}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x100000}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x7fff}]}, @TIPC_NLA_NODE={0xd0, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x7}, @TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x6}, @TIPC_NLA_NODE_ID={0xb5, 0x3, "c6e37d35d01c40f33c92532a7a48760c3cbf215929f359f1dc6b9dbdf464ee5b24fecf7dad9b849ee258f636c60fb7e2c33536464a235c46a3eb11d6f4a7cb0119c443e9c55603f4d3505c0a6438ddfd1a80cf7c270456c1b67c8dbdcc2f85a6db8e1013e02393a4ec8b4a93a274fa73ff307d210a3bef3e96f09327f4114f5c6051f29355b9906eb75e946cbd12053fb207c388bf99112151f96d5eb3716902017acf877c62fdbe169016a53d99ca6441"}]}]}, 0x4dc}, 0x1, 0x0, 0x0, 0x44004}, 0x20000054) 22:05:20 executing program 4: r0 = openat$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000), 0x2, 0x0) prctl$PR_SET_MM_EXE_FILE(0x23, 0xd, r0) r1 = openat$cgroup_int(0xffffffffffffffff, &(0x7f0000000040)='hugetlb.2MB.limit_in_bytes\x00', 0x2, 0x0) r2 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) sendfile(r1, r2, &(0x7f0000000080)=0x800, 0x4) ioctl$AUTOFS_DEV_IOCTL_PROTOVER(0xffffffffffffffff, 0xc0189372, &(0x7f00000000c0)={{0x1, 0x1, 0x18, r0, {0x2}}, './file0\x00'}) r4 = openat$cgroup_ro(r3, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x0, 0x0) ioctl$EXT4_IOC_CHECKPOINT(r1, 0x4004662b, &(0x7f0000000140)=0x4) fsetxattr$security_ima(r3, &(0x7f0000000180), &(0x7f00000001c0)=@v1={0x2, "ba25df8cc16a"}, 0x7, 0x3) openat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x480000, 0x11e) r5 = mmap$IORING_OFF_SQES(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x8, 0x50, r3, 0x10000000) syz_io_uring_submit(0x0, r5, &(0x7f0000000600)=@IORING_OP_READV=@pass_iovec={0x1, 0x1, 0x0, @fd_index=0x4, 0x7, &(0x7f0000000580)=[{&(0x7f0000000240)=""/156, 0x9c}, {&(0x7f0000000300)=""/128, 0x80}, {&(0x7f0000000380)=""/251, 0xfb}, {&(0x7f0000000480)=""/20, 0x14}, {&(0x7f00000004c0)=""/187, 0xbb}], 0x5, 0x8, 0x1}, 0x10001) ioctl$BTRFS_IOC_QUOTA_CTL(r4, 0xc0109428, &(0x7f0000000640)={0x3, 0x3}) r6 = inotify_init() ioctl$BTRFS_IOC_BALANCE(r6, 0x5000940c, 0x0) r7 = syz_open_dev$vcsn(&(0x7f0000000680), 0x80, 0x2) ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f00000006c0)={'batadv0\x00'}) r8 = openat$dir(0xffffffffffffff9c, &(0x7f0000000700)='./file0\x00', 0x4080, 0x185) fcntl$getflags(r8, 0xb) ioctl$BTRFS_IOC_BALANCE_PROGRESS(r6, 0x84009422, &(0x7f0000000740)={0x0, 0x0, {0x0, @struct}, {0x0, @struct}, {0x0, @struct}}) 22:05:20 executing program 6: getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, &(0x7f0000000000)={{{@in=@initdev, @in6=@ipv4={""/10, ""/2, @multicast1}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@dev}, 0x0, @in=@loopback}}, &(0x7f0000000100)=0xe8) r1 = openat$vcsu(0xffffffffffffff9c, &(0x7f0000000140), 0x48400, 0x0) ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f00000001c0)={'team0\x00', 0x0}) sendmsg$DCCPDIAG_GETSOCK(r1, &(0x7f00000003c0)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000380)={&(0x7f0000000200)={0x15c, 0x13, 0x800, 0x70bd27, 0x25dfdbff, {0x6, 0x80, 0x0, 0x7, {0x4e23, 0x4e20, [0x6, 0x7, 0x0, 0x40], [0x0, 0x83a42331, 0x3e1f1f6, 0xeb], r2, [0x1, 0x9]}, 0x4}, [@INET_DIAG_REQ_BYTECODE={0xf9, 0x1, "5fe008d5e60724cdd91c32f953e5942bfb443455d5894f91595126cbbb7533ec3f470c8eacf2b4ea56170438487f3c130ad62e8e39fd925166a5c88fb91fdf41f303dae4410e1316666dcc52a520becbc94cecab4cfd6021197d9701f07c6804fc63ac2836750e08096f80fa684c2de32c7bf5657415d8d0b6d618373f77cb09d27b9ce236e7aa39200955d1ef502e45240c851873a9b85f9ec3e18825200b5f9d4de201be83e381ede09a9be8c90c2a350c804e4e95ae8b3b387f6425f5dfef2f469ffacb0b6588294801cb038429930279ec64f95db3eab82a64a7b7e0581ce88701195cbdd784b06f5bd27fbd9e58b3959cb2df"}, @INET_DIAG_REQ_BYTECODE={0x14, 0x1, "8c8c3a44619f332c405c331686885793"}]}, 0x15c}, 0x1, 0x0, 0x0, 0x4000000}, 0xc0) ioctl$sock_ipv6_tunnel_SIOCGET6RD(r1, 0x89f8, &(0x7f0000000480)={'ip6gre0\x00', &(0x7f0000000400)={'syztnl1\x00', r0, 0x2f, 0x7, 0x5, 0x219d, 0x8, @local, @empty, 0x8, 0x1, 0x73, 0x55f}}) ioctl$sock_SIOCDELRT(r1, 0x890c, &(0x7f0000000500)={0x0, @isdn={0x22, 0x6b, 0x4, 0x8, 0x1f}, @l2={0x1f, 0x0, @none, 0x1, 0x1}, @qipcrtr={0x2a, 0x4, 0xffff0000}, 0x1, 0x0, 0x0, 0x0, 0x4, &(0x7f00000004c0)='ip6gre0\x00', 0x2, 0x7f49, 0x9}) sendmsg$BATADV_CMD_GET_ORIGINATORS(0xffffffffffffffff, &(0x7f0000000640)={&(0x7f0000000580)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000600)={&(0x7f00000005c0)={0x34, 0x0, 0x1, 0x70bd2b, 0x25dfdbfe, {}, [@BATADV_ATTR_GW_SEL_CLASS={0x8, 0x34, 0x3ff}, @BATADV_ATTR_HOP_PENALTY={0x5, 0x35, 0x8}, @BATADV_ATTR_GW_BANDWIDTH_UP={0x8, 0x32, 0x1f}, @BATADV_ATTR_GW_MODE={0x5, 0x33, 0x1}]}, 0x34}, 0x1, 0x0, 0x0, 0x20000000}, 0x0) r3 = socket$inet_tcp(0x2, 0x1, 0x0) getsockopt$IP_SET_OP_GET_FNAME(r3, 0x1, 0x53, &(0x7f0000000740)={0x8, 0x7, 0x0, 'syz0\x00'}, &(0x7f0000000780)=0x2c) syz_open_dev$tty20(0xc, 0x4, 0x0) setsockopt$IP_VS_SO_SET_ADD(r3, 0x0, 0x482, &(0x7f00000007c0)={0x0, @broadcast, 0x4e22, 0x3, 'wrr\x00', 0x31, 0x8, 0x16}, 0x2c) sendmsg$MPTCP_PM_CMD_ADD_ADDR(r1, &(0x7f0000000900)={&(0x7f0000000800)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f00000008c0)={&(0x7f0000000840)={0x50, 0x0, 0x800, 0x70bd27, 0x25dfdbfc, {}, [@MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x3}, @MPTCP_PM_ATTR_ADDR={0x14, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ID={0x5, 0x2, 0x3}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x1}]}, @MPTCP_PM_ATTR_ADDR={0x20, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0xa}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @private0}]}]}, 0x50}}, 0x4) r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffb000/0x2000)=nil, 0x2000, 0x1000008, 0x100010, r1, 0x0) syz_io_uring_submit(r4, 0x0, &(0x7f0000000940)=@IORING_OP_MADVISE={0x19, 0x5, 0x0, 0x0, 0x0, &(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x9}, 0x7) r5 = dup(r3) prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000a40)={&(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffb000/0x4000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffb000/0x4000)=nil, &(0x7f0000800000/0x800000)=nil, &(0x7f0000c9f000/0x3000)=nil, &(0x7f0000fe8000/0x4000)=nil, &(0x7f0000e81000/0x2000)=nil, &(0x7f0000a78000/0x3000)=nil, &(0x7f0000bb3000/0x3000)=nil, &(0x7f0000000980)="fb9b8946cd12c1a5a7309c52cca43158baaf4b865bc7a1d53fe2622f84b2c17c1962b6d7168bb89eb7af6ac45c9322fb4de169206e3082930ebb579d8f16e67d1be6ed23f10006283a88c953020119551d31ac4d68500e4389fe74a51823d632894a46843027697b9c3f8c340120171f707909f187d5af4091a69de035d70fba26c8d8cae5bb2ac8a2a4acd805ce181cb40f8e", 0x93, r5}, 0x68) getsockopt$ARPT_SO_GET_INFO(r1, 0x0, 0x60, &(0x7f0000000ac0)={'filter\x00', 0x0, [0x572, 0x1, 0x100]}, &(0x7f0000000b40)=0x44) sendmsg$TIPC_CMD_SET_NETID(r1, &(0x7f0000000c40)={&(0x7f0000000b80)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000c00)={&(0x7f0000000bc0)={0x24, 0x0, 0x300, 0x70bd25, 0x25dfdbfc, {{}, {}, {0x8, 0x2, 0x3}}, ["", "", "", "", ""]}, 0x24}, 0x1, 0x0, 0x0, 0x840}, 0x4000) r6 = openat$sr(0xffffffffffffff9c, &(0x7f0000000c80), 0x200100, 0x0) getsockopt$inet_mreq(r6, 0x0, 0x23, &(0x7f0000000cc0)={@initdev, @private}, &(0x7f0000000d00)=0x8) 22:05:20 executing program 5: ioctl$BTRFS_IOC_SET_FEATURES(0xffffffffffffffff, 0x40309439, &(0x7f0000000000)={0x0, 0x3, 0x14}) ioctl$BTRFS_IOC_BALANCE(0xffffffffffffffff, 0x5000940c, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000004540)='uid_map\x00') syz_genetlink_get_family_id$ipvs(&(0x7f0000000040), r0) ioctl$AUTOFS_IOC_PROTOVER(r0, 0x80049363, &(0x7f0000004580)) r1 = socket$inet_tcp(0x2, 0x1, 0x0) fallocate(r1, 0x4, 0x7ff, 0x2) getsockopt$inet_tcp_buf(r1, 0x6, 0x3ed8009eb776682, &(0x7f00000045c0)=""/233, &(0x7f00000046c0)=0xe9) setsockopt$inet_tcp_TCP_CONGESTION(r1, 0x6, 0xd, &(0x7f0000004700)='dctcp\x00', 0x6) r2 = openat$null(0xffffffffffffff9c, &(0x7f0000004740), 0x0, 0x0) setsockopt$inet_tcp_int(r2, 0x6, 0x11, &(0x7f0000004780)=0x5, 0x4) ioctl$BTRFS_IOC_QUOTA_RESCAN_WAIT(r1, 0x942e, 0x0) r3 = openat$nvram(0xffffffffffffff9c, &(0x7f00000047c0), 0x458801, 0x0) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000004840), r2) sendmsg$NL80211_CMD_DEL_TX_TS(r3, &(0x7f0000004900)={&(0x7f0000004800)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f00000048c0)={&(0x7f0000004880)={0x40, r4, 0x800, 0x70bd2a, 0x25dfdbfe, {{}, {@val={0x8}, @val={0xc, 0x99, {0x7, 0x36}}}}, [@NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}]}, 0x40}, 0x1, 0x0, 0x0, 0x20000000}, 0x4004018) ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(r2, 0xc018937a, &(0x7f0000004ec0)={{0x1, 0x1, 0x18, r2, {0x4}}, './file0\x00'}) getsockopt$IP_SET_OP_GET_FNAME(r5, 0x1, 0x53, &(0x7f0000004f00)={0x8, 0x7, 0x0, 'syz2\x00'}, &(0x7f0000004f40)=0x2c) ioctl$TIOCGPGRP(r2, 0x540f, &(0x7f0000004f80)=0x0) syz_open_procfs(r6, &(0x7f0000004fc0)='coredump_filter\x00') accept$unix(0xffffffffffffffff, &(0x7f0000005040), &(0x7f00000050c0)=0x6e) [ 74.539219] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 74.541586] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 74.543582] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 74.547040] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 74.549338] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 74.552782] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 74.557385] Bluetooth: hci0: HCI_REQ-0x0c1a [ 74.619349] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 74.621569] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 74.623455] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 74.627829] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 74.633371] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 74.635246] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 74.641763] Bluetooth: hci1: HCI_REQ-0x0c1a [ 74.703795] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 74.704641] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 74.708629] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 74.708733] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 74.712377] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 74.712923] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 74.715326] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 74.717281] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 74.718432] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 74.719822] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 74.723344] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 74.725202] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 74.727389] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 74.727692] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 74.729988] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 74.731115] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 74.732783] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 74.737234] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 74.738114] Bluetooth: hci7: HCI_REQ-0x0c1a [ 74.739109] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 74.740049] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 74.742106] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 74.752869] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 74.758020] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 74.759300] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 74.764793] Bluetooth: hci2: HCI_REQ-0x0c1a [ 74.765276] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 74.771474] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 74.771613] Bluetooth: hci5: HCI_REQ-0x0c1a [ 74.779105] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 74.780651] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 74.782824] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 74.788785] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 74.790010] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 74.792252] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 74.793628] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 74.802618] Bluetooth: hci4: HCI_REQ-0x0c1a [ 74.810684] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 74.813289] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 74.815231] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 74.820674] Bluetooth: hci3: HCI_REQ-0x0c1a [ 74.824722] Bluetooth: hci6: HCI_REQ-0x0c1a [ 76.628830] Bluetooth: hci0: command 0x0409 tx timeout [ 76.693590] Bluetooth: hci1: command 0x0409 tx timeout [ 76.756722] Bluetooth: hci7: command 0x0409 tx timeout [ 76.820738] Bluetooth: hci2: command 0x0409 tx timeout [ 76.820769] Bluetooth: hci4: command 0x0409 tx timeout [ 76.821619] Bluetooth: hci5: command 0x0409 tx timeout [ 76.884810] Bluetooth: hci6: command 0x0409 tx timeout [ 76.884847] Bluetooth: hci3: command 0x0409 tx timeout [ 78.676621] Bluetooth: hci0: command 0x041b tx timeout [ 78.740593] Bluetooth: hci1: command 0x041b tx timeout [ 78.804608] Bluetooth: hci7: command 0x041b tx timeout [ 78.868603] Bluetooth: hci2: command 0x041b tx timeout [ 78.869647] Bluetooth: hci5: command 0x041b tx timeout [ 78.870070] Bluetooth: hci4: command 0x041b tx timeout [ 78.932592] Bluetooth: hci6: command 0x041b tx timeout [ 78.933595] Bluetooth: hci3: command 0x041b tx timeout [ 80.725613] Bluetooth: hci0: command 0x040f tx timeout [ 80.788595] Bluetooth: hci1: command 0x040f tx timeout [ 80.852663] Bluetooth: hci7: command 0x040f tx timeout [ 80.917682] Bluetooth: hci4: command 0x040f tx timeout [ 80.918148] Bluetooth: hci5: command 0x040f tx timeout [ 80.918633] Bluetooth: hci2: command 0x040f tx timeout [ 80.980641] Bluetooth: hci3: command 0x040f tx timeout [ 80.981110] Bluetooth: hci6: command 0x040f tx timeout [ 82.773565] Bluetooth: hci0: command 0x0419 tx timeout [ 82.836591] Bluetooth: hci1: command 0x0419 tx timeout [ 82.901576] Bluetooth: hci7: command 0x0419 tx timeout [ 82.965634] Bluetooth: hci2: command 0x0419 tx timeout [ 82.966106] Bluetooth: hci5: command 0x0419 tx timeout [ 82.966663] Bluetooth: hci4: command 0x0419 tx timeout [ 83.028576] Bluetooth: hci6: command 0x0419 tx timeout [ 83.029107] Bluetooth: hci3: command 0x0419 tx timeout 22:06:14 executing program 7: r0 = semget$private(0x0, 0x4000, 0x0) r1 = semget(0x2, 0x0, 0x40) r2 = semget(0x2, 0x0, 0x40) semtimedop(r2, 0x0, 0x0, &(0x7f00000000c0)={0x0, 0x989680}) semctl$SEM_INFO(r2, 0x0, 0x13, &(0x7f0000001140)=""/46) semctl$GETZCNT(r2, 0x2, 0xf, &(0x7f0000001000)=""/47) semtimedop(r1, 0x0, 0x0, &(0x7f00000000c0)={0x0, 0x989680}) semget$private(0x0, 0x2, 0x400) semctl$SEM_INFO(r1, 0x0, 0x13, &(0x7f0000001140)=""/46) semctl$IPC_RMID(r1, 0x0, 0x0) r3 = semget(0x2, 0x0, 0x40) semtimedop(r3, 0x0, 0x0, &(0x7f00000000c0)={0x0, 0x989680}) semctl$IPC_RMID(r0, 0x0, 0x0) semctl$SEM_INFO(r3, 0x0, 0x13, &(0x7f0000001140)=""/46) semctl$IPC_STAT(r3, 0x0, 0x2, &(0x7f0000000000)=""/4096) unshare(0x8000000) semget$private(0x0, 0x4000, 0x0) 22:06:14 executing program 7: r0 = getpid() pidfd_open(r0, 0x0) pidfd_open(r0, 0x0) r1 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x200, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fffffff, 0x0, @perf_bp={0x0, 0x7}, 0x0, 0x0, 0x0, 0x0, 0x8000000000000000, 0x0, 0x0, 0x0, 0x7ff}, r0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa) perf_event_open(&(0x7f0000000380)={0x2, 0x80, 0x4, 0x2, 0x8, 0x7f, 0x0, 0x3ff, 0x800, 0x4, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x6, 0x0, @perf_bp={&(0x7f0000000240), 0x6}, 0x1a02, 0x8, 0x0, 0x1, 0x1, 0x3, 0x2, 0x0, 0x5, 0x0, 0x8}, 0x0, 0xe, r1, 0x8) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x2002}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r2 = syz_io_uring_setup(0x0, 0xfffffffffffffffe, &(0x7f0000ffb000/0x2000)=nil, &(0x7f0000ffc000/0x4000)=nil, 0x0, 0x0) migrate_pages(r0, 0x400, &(0x7f0000000500)=0x2, &(0x7f0000000540)=0x1) syz_io_uring_setup(0x227d, &(0x7f0000000140)={0x0, 0x1240, 0x8, 0x2, 0xc1}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffb000/0x4000)=nil, &(0x7f0000000340), &(0x7f0000000200)) mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x1000000, 0x10010, r2, 0x10000000) setsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x43, &(0x7f0000000140)={{{@in=@initdev={0xac, 0x1e, 0x0, 0x0}, @in6=@dev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}}, {{}, 0x0, @in6=@mcast2}}, 0xe8) mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='hugetlbfs\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000400)={0x4, 0x80, 0x9d, 0x12, 0x81, 0x7, 0x0, 0xb839, 0x10000, 0xb, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x3, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0xffff, 0x2, @perf_bp={&(0x7f0000000000), 0xc}, 0x200, 0x606, 0x80000001, 0x4, 0x8, 0x2, 0x0, 0x0, 0x7ff, 0x0, 0x4}, r0, 0x7, r2, 0x0) r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x1, 0x0, 0x8, 0x80, 0x0, 0x80000001, 0x40c05, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x2, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x8, 0x1, @perf_bp={&(0x7f0000000300)}, 0xc100, 0x24, 0x8000, 0x0, 0x8, 0x20677a5e, 0x7, 0x0, 0xe69, 0x0, 0xdb}, r0, 0xb, 0xffffffffffffffff, 0x3) read(r3, &(0x7f00000005c0)=""/165, 0xa5) sendfile(r3, r3, 0x0, 0x100000) [ 127.562202] audit: type=1400 audit(1664402774.919:7): avc: denied { open } for pid=3788 comm="syz-executor.7" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 [ 127.564416] audit: type=1400 audit(1664402774.920:8): avc: denied { kernel } for pid=3788 comm="syz-executor.7" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 [ 127.597292] ------------[ cut here ]------------ [ 127.597312] [ 127.597314] ====================================================== [ 127.597318] WARNING: possible circular locking dependency detected [ 127.597322] 6.0.0-rc7-next-20220927 #1 Not tainted [ 127.597328] ------------------------------------------------------ [ 127.597332] syz-executor.7/3789 is trying to acquire lock: [ 127.597338] ffffffff853faab8 ((console_sem).lock){....}-{2:2}, at: down_trylock+0xe/0x70 [ 127.597381] [ 127.597381] but task is already holding lock: [ 127.597384] ffff88803f5ccc20 (&ctx->lock){....}-{2:2}, at: __perf_event_task_sched_out+0x53b/0x18d0 [ 127.597415] [ 127.597415] which lock already depends on the new lock. [ 127.597415] [ 127.597418] [ 127.597418] the existing dependency chain (in reverse order) is: [ 127.597421] [ 127.597421] -> #3 (&ctx->lock){....}-{2:2}: [ 127.597435] _raw_spin_lock+0x2a/0x40 [ 127.597448] __perf_event_task_sched_out+0x53b/0x18d0 [ 127.597461] __schedule+0xedd/0x2470 [ 127.597477] schedule+0xda/0x1b0 [ 127.597492] exit_to_user_mode_prepare+0x114/0x1a0 [ 127.597504] syscall_exit_to_user_mode+0x19/0x40 [ 127.597519] do_syscall_64+0x48/0x90 [ 127.597529] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 127.597544] [ 127.597544] -> #2 (&rq->__lock){-.-.}-{2:2}: [ 127.597557] _raw_spin_lock_nested+0x30/0x40 [ 127.597586] raw_spin_rq_lock_nested+0x1e/0x30 [ 127.597600] task_fork_fair+0x63/0x4d0 [ 127.597617] sched_cgroup_fork+0x3d0/0x540 [ 127.597631] copy_process+0x4183/0x6e20 [ 127.597642] kernel_clone+0xe7/0x890 [ 127.597652] user_mode_thread+0xad/0xf0 [ 127.597662] rest_init+0x24/0x250 [ 127.597675] arch_call_rest_init+0xf/0x14 [ 127.597690] start_kernel+0x4c6/0x4eb [ 127.597701] secondary_startup_64_no_verify+0xe0/0xeb [ 127.597716] [ 127.597716] -> #1 (&p->pi_lock){-.-.}-{2:2}: [ 127.597729] _raw_spin_lock_irqsave+0x39/0x60 [ 127.597741] try_to_wake_up+0xab/0x1930 [ 127.597755] up+0x75/0xb0 [ 127.597770] __up_console_sem+0x6e/0x80 [ 127.597786] console_unlock+0x46a/0x590 [ 127.597802] vprintk_emit+0x1bd/0x560 [ 127.597818] vprintk+0x84/0xa0 [ 127.597834] _printk+0xba/0xf1 [ 127.597847] regdb_fw_cb.cold+0x6c/0xa7 [ 127.597857] request_firmware_work_func+0x12e/0x240 [ 127.597871] process_one_work+0xa17/0x16a0 [ 127.597888] worker_thread+0x637/0x1260 [ 127.597905] kthread+0x2ed/0x3a0 [ 127.597919] ret_from_fork+0x22/0x30 [ 127.597931] [ 127.597931] -> #0 ((console_sem).lock){....}-{2:2}: [ 127.597944] __lock_acquire+0x2a02/0x5e70 [ 127.597962] lock_acquire+0x1a2/0x530 [ 127.597977] _raw_spin_lock_irqsave+0x39/0x60 [ 127.597989] down_trylock+0xe/0x70 [ 127.598006] __down_trylock_console_sem+0x3b/0xd0 [ 127.598021] vprintk_emit+0x16b/0x560 [ 127.598037] vprintk+0x84/0xa0 [ 127.598053] _printk+0xba/0xf1 [ 127.598065] report_bug.cold+0x72/0xab [ 127.598075] handle_bug+0x3c/0x70 [ 127.598085] exc_invalid_op+0x14/0x50 [ 127.598095] asm_exc_invalid_op+0x16/0x20 [ 127.598109] group_sched_out.part.0+0x2c7/0x460 [ 127.598120] ctx_sched_out+0x8f1/0xc10 [ 127.598130] __perf_event_task_sched_out+0x6d0/0x18d0 [ 127.598143] __schedule+0xedd/0x2470 [ 127.598158] schedule+0xda/0x1b0 [ 127.598173] exit_to_user_mode_prepare+0x114/0x1a0 [ 127.598183] syscall_exit_to_user_mode+0x19/0x40 [ 127.598197] do_syscall_64+0x48/0x90 [ 127.598208] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 127.598222] [ 127.598222] other info that might help us debug this: [ 127.598222] [ 127.598224] Chain exists of: [ 127.598224] (console_sem).lock --> &rq->__lock --> &ctx->lock [ 127.598224] [ 127.598239] Possible unsafe locking scenario: [ 127.598239] [ 127.598242] CPU0 CPU1 [ 127.598244] ---- ---- [ 127.598247] lock(&ctx->lock); [ 127.598252] lock(&rq->__lock); [ 127.598259] lock(&ctx->lock); [ 127.598265] lock((console_sem).lock); [ 127.598271] [ 127.598271] *** DEADLOCK *** [ 127.598271] [ 127.598273] 2 locks held by syz-executor.7/3789: [ 127.598280] #0: ffff88806ce37d18 (&rq->__lock){-.-.}-{2:2}, at: __schedule+0x1cf/0x2470 [ 127.598310] #1: ffff88803f5ccc20 (&ctx->lock){....}-{2:2}, at: __perf_event_task_sched_out+0x53b/0x18d0 [ 127.598338] [ 127.598338] stack backtrace: [ 127.598341] CPU: 0 PID: 3789 Comm: syz-executor.7 Not tainted 6.0.0-rc7-next-20220927 #1 [ 127.598354] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 127.598363] Call Trace: [ 127.598366] [ 127.598370] dump_stack_lvl+0x8b/0xb3 [ 127.598382] check_noncircular+0x263/0x2e0 [ 127.598398] ? format_decode+0x26c/0xb50 [ 127.598417] ? print_circular_bug+0x450/0x450 [ 127.598434] ? enable_ptr_key_workfn+0x20/0x20 [ 127.598451] ? __lockdep_reset_lock+0x180/0x180 [ 127.598468] ? format_decode+0x26c/0xb50 [ 127.598487] ? alloc_chain_hlocks+0x1ec/0x5a0 [ 127.598504] __lock_acquire+0x2a02/0x5e70 [ 127.598526] ? lockdep_hardirqs_on_prepare+0x410/0x410 [ 127.598549] lock_acquire+0x1a2/0x530 [ 127.598565] ? down_trylock+0xe/0x70 [ 127.598584] ? lock_release+0x750/0x750 [ 127.598603] ? find_held_lock+0x2c/0x110 [ 127.598619] ? vprintk+0x84/0xa0 [ 127.598637] _raw_spin_lock_irqsave+0x39/0x60 [ 127.598650] ? down_trylock+0xe/0x70 [ 127.598667] down_trylock+0xe/0x70 [ 127.598685] ? vprintk+0x84/0xa0 [ 127.598701] __down_trylock_console_sem+0x3b/0xd0 [ 127.598719] vprintk_emit+0x16b/0x560 [ 127.598737] vprintk+0x84/0xa0 [ 127.598755] _printk+0xba/0xf1 [ 127.598768] ? record_print_text.cold+0x16/0x16 [ 127.598783] ? hrtimer_try_to_cancel+0x163/0x2c0 [ 127.598798] ? lock_downgrade+0x6d0/0x6d0 [ 127.598815] ? report_bug.cold+0x66/0xab [ 127.598827] ? group_sched_out.part.0+0x2c7/0x460 [ 127.598839] report_bug.cold+0x72/0xab [ 127.598851] handle_bug+0x3c/0x70 [ 127.598862] exc_invalid_op+0x14/0x50 [ 127.598874] asm_exc_invalid_op+0x16/0x20 [ 127.598888] RIP: 0010:group_sched_out.part.0+0x2c7/0x460 [ 127.598902] Code: 5e 41 5f e9 ab a9 ef ff e8 a6 a9 ef ff 65 8b 1d 1b 0f ac 7e 31 ff 89 de e8 46 a6 ef ff 85 db 0f 84 8a 00 00 00 e8 89 a9 ef ff <0f> 0b e9 a5 fe ff ff e8 7d a9 ef ff 48 8d 7d 10 48 b8 00 00 00 00 [ 127.598913] RSP: 0018:ffff8880400cfc48 EFLAGS: 00010006 [ 127.598923] RAX: 0000000040000002 RBX: 0000000000000000 RCX: 0000000000000000 [ 127.598930] RDX: ffff88803fe20000 RSI: ffffffff815666b7 RDI: 0000000000000005 [ 127.598938] RBP: ffff888008660b90 R08: 0000000000000005 R09: 0000000000000001 [ 127.598945] R10: 0000000000000000 R11: 0000000000000001 R12: ffff88803f5ccc00 [ 127.598953] R13: ffff88806ce3d140 R14: ffffffff8547c8e0 R15: 0000000000000002 [ 127.598964] ? group_sched_out.part.0+0x2c7/0x460 [ 127.598978] ? group_sched_out.part.0+0x2c7/0x460 [ 127.598991] ctx_sched_out+0x8f1/0xc10 [ 127.599004] __perf_event_task_sched_out+0x6d0/0x18d0 [ 127.599020] ? lock_is_held_type+0xd7/0x130 [ 127.599036] ? __perf_cgroup_move+0x160/0x160 [ 127.599048] ? set_next_entity+0x304/0x550 [ 127.599065] ? update_curr+0x267/0x740 [ 127.599084] ? lock_is_held_type+0xd7/0x130 [ 127.599099] __schedule+0xedd/0x2470 [ 127.599118] ? io_schedule_timeout+0x150/0x150 [ 127.599136] ? __x64_sys_futex_time32+0x480/0x480 [ 127.599151] schedule+0xda/0x1b0 [ 127.599167] exit_to_user_mode_prepare+0x114/0x1a0 [ 127.599180] syscall_exit_to_user_mode+0x19/0x40 [ 127.599195] do_syscall_64+0x48/0x90 [ 127.599206] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 127.599221] RIP: 0033:0x7f2817c2cb19 [ 127.599229] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 127.599239] RSP: 002b:00007f28151a2218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 127.599250] RAX: 0000000000000001 RBX: 00007f2817d3ff68 RCX: 00007f2817c2cb19 [ 127.599258] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f2817d3ff6c [ 127.599265] RBP: 00007f2817d3ff60 R08: 000000000000000e R09: 0000000000000000 [ 127.599272] R10: 0000000000000005 R11: 0000000000000246 R12: 00007f2817d3ff6c [ 127.599280] R13: 00007ffec946836f R14: 00007f28151a2300 R15: 0000000000022000 [ 127.599293] [ 127.651738] WARNING: CPU: 0 PID: 3789 at kernel/events/core.c:2309 group_sched_out.part.0+0x2c7/0x460 [ 127.652343] Modules linked in: [ 127.652561] CPU: 0 PID: 3789 Comm: syz-executor.7 Not tainted 6.0.0-rc7-next-20220927 #1 [ 127.653086] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 127.653829] RIP: 0010:group_sched_out.part.0+0x2c7/0x460 [ 127.654186] Code: 5e 41 5f e9 ab a9 ef ff e8 a6 a9 ef ff 65 8b 1d 1b 0f ac 7e 31 ff 89 de e8 46 a6 ef ff 85 db 0f 84 8a 00 00 00 e8 89 a9 ef ff <0f> 0b e9 a5 fe ff ff e8 7d a9 ef ff 48 8d 7d 10 48 b8 00 00 00 00 [ 127.655361] RSP: 0018:ffff8880400cfc48 EFLAGS: 00010006 [ 127.655708] RAX: 0000000040000002 RBX: 0000000000000000 RCX: 0000000000000000 [ 127.656171] RDX: ffff88803fe20000 RSI: ffffffff815666b7 RDI: 0000000000000005 [ 127.656640] RBP: ffff888008660b90 R08: 0000000000000005 R09: 0000000000000001 [ 127.657107] R10: 0000000000000000 R11: 0000000000000001 R12: ffff88803f5ccc00 [ 127.657580] R13: ffff88806ce3d140 R14: ffffffff8547c8e0 R15: 0000000000000002 [ 127.658048] FS: 00007f28151a2700(0000) GS:ffff88806ce00000(0000) knlGS:0000000000000000 [ 127.658574] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 127.658955] CR2: 00007faba70e3310 CR3: 000000003ee04000 CR4: 0000000000350ef0 [ 127.659422] Call Trace: [ 127.659595] [ 127.659751] ctx_sched_out+0x8f1/0xc10 [ 127.660015] __perf_event_task_sched_out+0x6d0/0x18d0 [ 127.660364] ? lock_is_held_type+0xd7/0x130 [ 127.660657] ? __perf_cgroup_move+0x160/0x160 [ 127.660957] ? set_next_entity+0x304/0x550 [ 127.661244] ? update_curr+0x267/0x740 [ 127.661512] ? lock_is_held_type+0xd7/0x130 [ 127.661811] __schedule+0xedd/0x2470 [ 127.662070] ? io_schedule_timeout+0x150/0x150 [ 127.662384] ? __x64_sys_futex_time32+0x480/0x480 [ 127.662705] schedule+0xda/0x1b0 [ 127.662944] exit_to_user_mode_prepare+0x114/0x1a0 [ 127.663270] syscall_exit_to_user_mode+0x19/0x40 [ 127.663589] do_syscall_64+0x48/0x90 [ 127.663840] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 127.664186] RIP: 0033:0x7f2817c2cb19 [ 127.664433] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 127.665624] RSP: 002b:00007f28151a2218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 127.666122] RAX: 0000000000000001 RBX: 00007f2817d3ff68 RCX: 00007f2817c2cb19 [ 127.666592] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f2817d3ff6c [ 127.667060] RBP: 00007f2817d3ff60 R08: 000000000000000e R09: 0000000000000000 [ 127.667529] R10: 0000000000000005 R11: 0000000000000246 R12: 00007f2817d3ff6c [ 127.667995] R13: 00007ffec946836f R14: 00007f28151a2300 R15: 0000000000022000 [ 127.668470] [ 127.668630] irq event stamp: 1070 [ 127.668864] hardirqs last enabled at (1069): [] exit_to_user_mode_prepare+0x109/0x1a0 [ 127.669479] hardirqs last disabled at (1070): [] __schedule+0x1225/0x2470 [ 127.670039] softirqs last enabled at (478): [] __irq_exit_rcu+0x11b/0x180 [ 127.670600] softirqs last disabled at (469): [] __irq_exit_rcu+0x11b/0x180 [ 127.671155] ---[ end trace 0000000000000000 ]--- 22:06:15 executing program 7: r0 = getpid() pidfd_open(r0, 0x0) pidfd_open(r0, 0x0) r1 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x200, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fffffff, 0x0, @perf_bp={0x0, 0x7}, 0x0, 0x0, 0x0, 0x0, 0x8000000000000000, 0x0, 0x0, 0x0, 0x7ff}, r0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa) perf_event_open(&(0x7f0000000380)={0x2, 0x80, 0x4, 0x2, 0x8, 0x7f, 0x0, 0x3ff, 0x800, 0x4, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x6, 0x0, @perf_bp={&(0x7f0000000240), 0x6}, 0x1a02, 0x8, 0x0, 0x1, 0x1, 0x3, 0x2, 0x0, 0x5, 0x0, 0x8}, 0x0, 0xe, r1, 0x8) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x2002}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r2 = syz_io_uring_setup(0x0, 0xfffffffffffffffe, &(0x7f0000ffb000/0x2000)=nil, &(0x7f0000ffc000/0x4000)=nil, 0x0, 0x0) migrate_pages(r0, 0x400, &(0x7f0000000500)=0x2, &(0x7f0000000540)=0x1) syz_io_uring_setup(0x227d, &(0x7f0000000140)={0x0, 0x1240, 0x8, 0x2, 0xc1}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffb000/0x4000)=nil, &(0x7f0000000340), &(0x7f0000000200)) mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x1000000, 0x10010, r2, 0x10000000) setsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x43, &(0x7f0000000140)={{{@in=@initdev={0xac, 0x1e, 0x0, 0x0}, @in6=@dev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}}, {{}, 0x0, @in6=@mcast2}}, 0xe8) mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='hugetlbfs\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000400)={0x4, 0x80, 0x9d, 0x12, 0x81, 0x7, 0x0, 0xb839, 0x10000, 0xb, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x3, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0xffff, 0x2, @perf_bp={&(0x7f0000000000), 0xc}, 0x200, 0x606, 0x80000001, 0x4, 0x8, 0x2, 0x0, 0x0, 0x7ff, 0x0, 0x4}, r0, 0x7, r2, 0x0) r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x1, 0x0, 0x8, 0x80, 0x0, 0x80000001, 0x40c05, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x2, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x8, 0x1, @perf_bp={&(0x7f0000000300)}, 0xc100, 0x24, 0x8000, 0x0, 0x8, 0x20677a5e, 0x7, 0x0, 0xe69, 0x0, 0xdb}, r0, 0xb, 0xffffffffffffffff, 0x3) read(r3, &(0x7f00000005c0)=""/165, 0xa5) sendfile(r3, r3, 0x0, 0x100000) 22:06:15 executing program 7: r0 = getpid() pidfd_open(r0, 0x0) pidfd_open(r0, 0x0) r1 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x200, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fffffff, 0x0, @perf_bp={0x0, 0x7}, 0x0, 0x0, 0x0, 0x0, 0x8000000000000000, 0x0, 0x0, 0x0, 0x7ff}, r0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa) perf_event_open(&(0x7f0000000380)={0x2, 0x80, 0x4, 0x2, 0x8, 0x7f, 0x0, 0x3ff, 0x800, 0x4, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x6, 0x0, @perf_bp={&(0x7f0000000240), 0x6}, 0x1a02, 0x8, 0x0, 0x1, 0x1, 0x3, 0x2, 0x0, 0x5, 0x0, 0x8}, 0x0, 0xe, r1, 0x8) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x2002}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r2 = syz_io_uring_setup(0x0, 0xfffffffffffffffe, &(0x7f0000ffb000/0x2000)=nil, &(0x7f0000ffc000/0x4000)=nil, 0x0, 0x0) migrate_pages(r0, 0x400, &(0x7f0000000500)=0x2, &(0x7f0000000540)=0x1) syz_io_uring_setup(0x227d, &(0x7f0000000140)={0x0, 0x1240, 0x8, 0x2, 0xc1}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffb000/0x4000)=nil, &(0x7f0000000340), &(0x7f0000000200)) mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x1000000, 0x10010, r2, 0x10000000) setsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x43, &(0x7f0000000140)={{{@in=@initdev={0xac, 0x1e, 0x0, 0x0}, @in6=@dev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}}, {{}, 0x0, @in6=@mcast2}}, 0xe8) mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='hugetlbfs\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000400)={0x4, 0x80, 0x9d, 0x12, 0x81, 0x7, 0x0, 0xb839, 0x10000, 0xb, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x3, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0xffff, 0x2, @perf_bp={&(0x7f0000000000), 0xc}, 0x200, 0x606, 0x80000001, 0x4, 0x8, 0x2, 0x0, 0x0, 0x7ff, 0x0, 0x4}, r0, 0x7, r2, 0x0) r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x1, 0x0, 0x8, 0x80, 0x0, 0x80000001, 0x40c05, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x2, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x8, 0x1, @perf_bp={&(0x7f0000000300)}, 0xc100, 0x24, 0x8000, 0x0, 0x8, 0x20677a5e, 0x7, 0x0, 0xe69, 0x0, 0xdb}, r0, 0xb, 0xffffffffffffffff, 0x3) read(r3, &(0x7f00000005c0)=""/165, 0xa5) sendfile(r3, r3, 0x0, 0x100000) 22:06:15 executing program 7: r0 = getpid() pidfd_open(r0, 0x0) pidfd_open(r0, 0x0) r1 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x200, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fffffff, 0x0, @perf_bp={0x0, 0x7}, 0x0, 0x0, 0x0, 0x0, 0x8000000000000000, 0x0, 0x0, 0x0, 0x7ff}, r0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa) perf_event_open(&(0x7f0000000380)={0x2, 0x80, 0x4, 0x2, 0x8, 0x7f, 0x0, 0x3ff, 0x800, 0x4, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x6, 0x0, @perf_bp={&(0x7f0000000240), 0x6}, 0x1a02, 0x8, 0x0, 0x1, 0x1, 0x3, 0x2, 0x0, 0x5, 0x0, 0x8}, 0x0, 0xe, r1, 0x8) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x2002}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r2 = syz_io_uring_setup(0x0, 0xfffffffffffffffe, &(0x7f0000ffb000/0x2000)=nil, &(0x7f0000ffc000/0x4000)=nil, 0x0, 0x0) migrate_pages(r0, 0x400, &(0x7f0000000500)=0x2, &(0x7f0000000540)=0x1) syz_io_uring_setup(0x227d, &(0x7f0000000140)={0x0, 0x1240, 0x8, 0x2, 0xc1}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffb000/0x4000)=nil, &(0x7f0000000340), &(0x7f0000000200)) mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x1000000, 0x10010, r2, 0x10000000) setsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x43, &(0x7f0000000140)={{{@in=@initdev={0xac, 0x1e, 0x0, 0x0}, @in6=@dev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}}, {{}, 0x0, @in6=@mcast2}}, 0xe8) mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='hugetlbfs\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000400)={0x4, 0x80, 0x9d, 0x12, 0x81, 0x7, 0x0, 0xb839, 0x10000, 0xb, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x3, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0xffff, 0x2, @perf_bp={&(0x7f0000000000), 0xc}, 0x200, 0x606, 0x80000001, 0x4, 0x8, 0x2, 0x0, 0x0, 0x7ff, 0x0, 0x4}, r0, 0x7, r2, 0x0) r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x1, 0x0, 0x8, 0x80, 0x0, 0x80000001, 0x40c05, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x2, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x8, 0x1, @perf_bp={&(0x7f0000000300)}, 0xc100, 0x24, 0x8000, 0x0, 0x8, 0x20677a5e, 0x7, 0x0, 0xe69, 0x0, 0xdb}, r0, 0xb, 0xffffffffffffffff, 0x3) read(r3, &(0x7f00000005c0)=""/165, 0xa5) sendfile(r3, r3, 0x0, 0x100000) 22:06:15 executing program 7: r0 = getpid() pidfd_open(r0, 0x0) pidfd_open(r0, 0x0) r1 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x200, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fffffff, 0x0, @perf_bp={0x0, 0x7}, 0x0, 0x0, 0x0, 0x0, 0x8000000000000000, 0x0, 0x0, 0x0, 0x7ff}, r0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa) perf_event_open(&(0x7f0000000380)={0x2, 0x80, 0x4, 0x2, 0x8, 0x7f, 0x0, 0x3ff, 0x800, 0x4, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x6, 0x0, @perf_bp={&(0x7f0000000240), 0x6}, 0x1a02, 0x8, 0x0, 0x1, 0x1, 0x3, 0x2, 0x0, 0x5, 0x0, 0x8}, 0x0, 0xe, r1, 0x8) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x2002}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r2 = syz_io_uring_setup(0x0, 0xfffffffffffffffe, &(0x7f0000ffb000/0x2000)=nil, &(0x7f0000ffc000/0x4000)=nil, 0x0, 0x0) migrate_pages(r0, 0x400, &(0x7f0000000500)=0x2, &(0x7f0000000540)=0x1) syz_io_uring_setup(0x227d, &(0x7f0000000140)={0x0, 0x1240, 0x8, 0x2, 0xc1}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffb000/0x4000)=nil, &(0x7f0000000340), &(0x7f0000000200)) mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x1000000, 0x10010, r2, 0x10000000) setsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x43, &(0x7f0000000140)={{{@in=@initdev={0xac, 0x1e, 0x0, 0x0}, @in6=@dev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}}, {{}, 0x0, @in6=@mcast2}}, 0xe8) mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='hugetlbfs\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000400)={0x4, 0x80, 0x9d, 0x12, 0x81, 0x7, 0x0, 0xb839, 0x10000, 0xb, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x3, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0xffff, 0x2, @perf_bp={&(0x7f0000000000), 0xc}, 0x200, 0x606, 0x80000001, 0x4, 0x8, 0x2, 0x0, 0x0, 0x7ff, 0x0, 0x4}, r0, 0x7, r2, 0x0) r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x1, 0x0, 0x8, 0x80, 0x0, 0x80000001, 0x40c05, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x2, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x8, 0x1, @perf_bp={&(0x7f0000000300)}, 0xc100, 0x24, 0x8000, 0x0, 0x8, 0x20677a5e, 0x7, 0x0, 0xe69, 0x0, 0xdb}, r0, 0xb, 0xffffffffffffffff, 0x3) read(r3, &(0x7f00000005c0)=""/165, 0xa5) sendfile(r3, r3, 0x0, 0x100000) 22:06:15 executing program 2: r0 = getpid() pidfd_open(r0, 0x0) pidfd_open(r0, 0x0) r1 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x200, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fffffff, 0x0, @perf_bp={0x0, 0x7}, 0x0, 0x0, 0x0, 0x0, 0x8000000000000000, 0x0, 0x0, 0x0, 0x7ff}, r0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa) perf_event_open(&(0x7f0000000380)={0x2, 0x80, 0x4, 0x2, 0x8, 0x7f, 0x0, 0x3ff, 0x800, 0x4, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x6, 0x0, @perf_bp={&(0x7f0000000240), 0x6}, 0x1a02, 0x8, 0x0, 0x1, 0x1, 0x3, 0x2, 0x0, 0x5, 0x0, 0x8}, 0x0, 0xe, r1, 0x8) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x2002}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r2 = syz_io_uring_setup(0x0, 0xfffffffffffffffe, &(0x7f0000ffb000/0x2000)=nil, &(0x7f0000ffc000/0x4000)=nil, 0x0, 0x0) migrate_pages(r0, 0x400, &(0x7f0000000500)=0x2, &(0x7f0000000540)=0x1) syz_io_uring_setup(0x227d, &(0x7f0000000140)={0x0, 0x1240, 0x8, 0x2, 0xc1}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffb000/0x4000)=nil, &(0x7f0000000340), &(0x7f0000000200)) mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x1000000, 0x10010, r2, 0x10000000) setsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x43, &(0x7f0000000140)={{{@in=@initdev={0xac, 0x1e, 0x0, 0x0}, @in6=@dev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}}, {{}, 0x0, @in6=@mcast2}}, 0xe8) mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='hugetlbfs\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000400)={0x4, 0x80, 0x9d, 0x12, 0x81, 0x7, 0x0, 0xb839, 0x10000, 0xb, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x3, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0xffff, 0x2, @perf_bp={&(0x7f0000000000), 0xc}, 0x200, 0x606, 0x80000001, 0x4, 0x8, 0x2, 0x0, 0x0, 0x7ff, 0x0, 0x4}, r0, 0x7, r2, 0x0) r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x1, 0x0, 0x8, 0x80, 0x0, 0x80000001, 0x40c05, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x2, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x8, 0x1, @perf_bp={&(0x7f0000000300)}, 0xc100, 0x24, 0x8000, 0x0, 0x8, 0x20677a5e, 0x7, 0x0, 0xe69, 0x0, 0xdb}, r0, 0xb, 0xffffffffffffffff, 0x3) read(r3, &(0x7f00000005c0)=""/165, 0xa5) sendfile(r3, r3, 0x0, 0x100000) 22:06:15 executing program 7: r0 = getpid() pidfd_open(r0, 0x0) pidfd_open(r0, 0x0) r1 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x200, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fffffff, 0x0, @perf_bp={0x0, 0x7}, 0x0, 0x0, 0x0, 0x0, 0x8000000000000000, 0x0, 0x0, 0x0, 0x7ff}, r0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa) perf_event_open(&(0x7f0000000380)={0x2, 0x80, 0x4, 0x2, 0x8, 0x7f, 0x0, 0x3ff, 0x800, 0x4, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x6, 0x0, @perf_bp={&(0x7f0000000240), 0x6}, 0x1a02, 0x8, 0x0, 0x1, 0x1, 0x3, 0x2, 0x0, 0x5, 0x0, 0x8}, 0x0, 0xe, r1, 0x8) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x2002}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r2 = syz_io_uring_setup(0x0, 0xfffffffffffffffe, &(0x7f0000ffb000/0x2000)=nil, &(0x7f0000ffc000/0x4000)=nil, 0x0, 0x0) migrate_pages(r0, 0x400, &(0x7f0000000500)=0x2, &(0x7f0000000540)=0x1) syz_io_uring_setup(0x227d, &(0x7f0000000140)={0x0, 0x1240, 0x8, 0x2, 0xc1}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffb000/0x4000)=nil, &(0x7f0000000340), &(0x7f0000000200)) mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x1000000, 0x10010, r2, 0x10000000) setsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x43, &(0x7f0000000140)={{{@in=@initdev={0xac, 0x1e, 0x0, 0x0}, @in6=@dev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}}, {{}, 0x0, @in6=@mcast2}}, 0xe8) mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='hugetlbfs\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000400)={0x4, 0x80, 0x9d, 0x12, 0x81, 0x7, 0x0, 0xb839, 0x10000, 0xb, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x3, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0xffff, 0x2, @perf_bp={&(0x7f0000000000), 0xc}, 0x200, 0x606, 0x80000001, 0x4, 0x8, 0x2, 0x0, 0x0, 0x7ff, 0x0, 0x4}, r0, 0x7, r2, 0x0) r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x1, 0x0, 0x8, 0x80, 0x0, 0x80000001, 0x40c05, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x2, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x8, 0x1, @perf_bp={&(0x7f0000000300)}, 0xc100, 0x24, 0x8000, 0x0, 0x8, 0x20677a5e, 0x7, 0x0, 0xe69, 0x0, 0xdb}, r0, 0xb, 0xffffffffffffffff, 0x3) read(r3, &(0x7f00000005c0)=""/165, 0xa5) sendfile(r3, r3, 0x0, 0x100000) VM DIAGNOSIS: 22:06:15 Registers: info registers vcpu 0 RAX=0000000000000065 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff823ba0b1 RDI=ffffffff8765a980 RBP=ffffffff8765a940 RSP=ffff8880400cf690 R8 =0000000000000001 R9 =000000000000000a R10=0000000000000065 R11=0000000000000001 R12=0000000000000065 R13=ffffffff8765a940 R14=0000000000000010 R15=ffffffff823ba0a0 RIP=ffffffff823ba109 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 00007f28151a2700 00000000 00000000 GS =0000 ffff88806ce00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007faba70e3310 CR3=000000003ee04000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 YMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM01=0000000000000000 0000000000000000 00007f2817d137c0 00007f2817d137c8 YMM02=0000000000000000 0000000000000000 00007f2817d137e0 00007f2817d137c0 YMM03=0000000000000000 0000000000000000 00007f2817d137c8 00007f2817d137c0 YMM04=0000000000000000 0000000000000000 ffffffffffffffff ffffffff00000000 YMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM06=0000000000000000 0000000000000000 0000000000000000 000000524f525245 YMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM08=0000000000000000 0000000000000000 0000000000000000 00524f5252450040 YMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 RAX=dffffc0000000000 RBX=0000000000000065 RCX=0000000000000000 RDX=1ffffffff0ec5ba2 RSI=ffffffff81e4e20d RDI=ffffffff8762dd10 RBP=0000000000000001 RSP=ffff88801bf27970 R8 =0000000000000001 R9 =0000000000000000 R10=0000000000000001 R11=0000000000000001 R12=0000000000000070 R13=0000000000000007 R14=0000000000000005 R15=ffffffff8762d9e0 RIP=ffffffff81e4e249 RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 00007f4821ef3540 00000000 00000000 GS =0000 ffff88806cf00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007f48220de620 CR3=000000000d3b2000 CR4=00350ee0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 YMM00=0000000000000000 0000000000000000 ff00ffffffffffff 0000000000000000 YMM01=0000000000000000 0000000000000000 0100010001000000 ffffffffffffffff YMM02=0000000000000000 0000000000000000 0500050005000000 455441564952505f YMM03=0000000000000000 0000000000000000 0000000000000000 000000564952505f YMM04=0000000000000000 0000000000000000 0003000500050005 0005000000455441 YMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000