Warning: Permanently added '[localhost]:57805' (ECDSA) to the list of known hosts. 2022/09/28 22:33:17 fuzzer started 2022/09/28 22:33:17 dialing manager at localhost:35827 syzkaller login: [ 41.115420] cgroup: Unknown subsys name 'net' [ 41.228143] cgroup: Unknown subsys name 'rlimit' 2022/09/28 22:33:33 syscalls: 2215 2022/09/28 22:33:33 code coverage: enabled 2022/09/28 22:33:33 comparison tracing: enabled 2022/09/28 22:33:33 extra coverage: enabled 2022/09/28 22:33:33 setuid sandbox: enabled 2022/09/28 22:33:33 namespace sandbox: enabled 2022/09/28 22:33:33 Android sandbox: enabled 2022/09/28 22:33:33 fault injection: enabled 2022/09/28 22:33:33 leak checking: enabled 2022/09/28 22:33:33 net packet injection: enabled 2022/09/28 22:33:33 net device setup: enabled 2022/09/28 22:33:33 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2022/09/28 22:33:33 devlink PCI setup: PCI device 0000:00:10.0 is not available 2022/09/28 22:33:33 USB emulation: enabled 2022/09/28 22:33:33 hci packet injection: enabled 2022/09/28 22:33:33 wifi device emulation: failed to parse kernel version (6.0.0-rc7-next-20220927) 2022/09/28 22:33:33 802.15.4 emulation: enabled 2022/09/28 22:33:33 fetching corpus: 50, signal 24011/25829 (executing program) 2022/09/28 22:33:33 fetching corpus: 100, signal 32003/35463 (executing program) 2022/09/28 22:33:34 fetching corpus: 150, signal 38943/43965 (executing program) 2022/09/28 22:33:34 fetching corpus: 200, signal 46017/52451 (executing program) 2022/09/28 22:33:34 fetching corpus: 250, signal 56091/63737 (executing program) 2022/09/28 22:33:34 fetching corpus: 300, signal 62203/71055 (executing program) 2022/09/28 22:33:34 fetching corpus: 350, signal 70675/80453 (executing program) 2022/09/28 22:33:34 fetching corpus: 400, signal 74447/85354 (executing program) 2022/09/28 22:33:34 fetching corpus: 450, signal 77465/89505 (executing program) 2022/09/28 22:33:34 fetching corpus: 500, signal 84075/96806 (executing program) 2022/09/28 22:33:35 fetching corpus: 550, signal 86953/100677 (executing program) 2022/09/28 22:33:35 fetching corpus: 600, signal 89689/104356 (executing program) 2022/09/28 22:33:35 fetching corpus: 650, signal 93882/109305 (executing program) 2022/09/28 22:33:35 fetching corpus: 700, signal 95476/111827 (executing program) 2022/09/28 22:33:35 fetching corpus: 750, signal 98725/115842 (executing program) 2022/09/28 22:33:35 fetching corpus: 800, signal 100460/118474 (executing program) 2022/09/28 22:33:35 fetching corpus: 850, signal 102056/120972 (executing program) 2022/09/28 22:33:35 fetching corpus: 900, signal 103510/123304 (executing program) 2022/09/28 22:33:35 fetching corpus: 950, signal 105440/126063 (executing program) 2022/09/28 22:33:35 fetching corpus: 1000, signal 107165/128593 (executing program) 2022/09/28 22:33:36 fetching corpus: 1050, signal 109030/131179 (executing program) 2022/09/28 22:33:36 fetching corpus: 1100, signal 110837/133710 (executing program) 2022/09/28 22:33:36 fetching corpus: 1150, signal 112466/136033 (executing program) 2022/09/28 22:33:36 fetching corpus: 1200, signal 114157/138399 (executing program) 2022/09/28 22:33:36 fetching corpus: 1250, signal 116030/140874 (executing program) 2022/09/28 22:33:36 fetching corpus: 1300, signal 118054/143445 (executing program) 2022/09/28 22:33:36 fetching corpus: 1350, signal 120790/146568 (executing program) 2022/09/28 22:33:36 fetching corpus: 1400, signal 121669/148196 (executing program) 2022/09/28 22:33:36 fetching corpus: 1450, signal 123799/150778 (executing program) 2022/09/28 22:33:37 fetching corpus: 1500, signal 124759/152399 (executing program) 2022/09/28 22:33:37 fetching corpus: 1550, signal 125765/154042 (executing program) 2022/09/28 22:33:37 fetching corpus: 1600, signal 127042/155867 (executing program) 2022/09/28 22:33:37 fetching corpus: 1650, signal 128936/158098 (executing program) 2022/09/28 22:33:37 fetching corpus: 1700, signal 130873/160412 (executing program) 2022/09/28 22:33:37 fetching corpus: 1750, signal 132390/162322 (executing program) 2022/09/28 22:33:37 fetching corpus: 1800, signal 133914/164254 (executing program) 2022/09/28 22:33:37 fetching corpus: 1850, signal 135809/166376 (executing program) 2022/09/28 22:33:37 fetching corpus: 1900, signal 136662/167788 (executing program) 2022/09/28 22:33:38 fetching corpus: 1950, signal 137807/169405 (executing program) 2022/09/28 22:33:38 fetching corpus: 2000, signal 139459/171297 (executing program) 2022/09/28 22:33:38 fetching corpus: 2050, signal 140445/172720 (executing program) 2022/09/28 22:33:38 fetching corpus: 2100, signal 141267/174044 (executing program) 2022/09/28 22:33:38 fetching corpus: 2150, signal 142377/175523 (executing program) 2022/09/28 22:33:38 fetching corpus: 2200, signal 143446/176947 (executing program) 2022/09/28 22:33:38 fetching corpus: 2250, signal 145031/178634 (executing program) 2022/09/28 22:33:38 fetching corpus: 2300, signal 148036/181136 (executing program) 2022/09/28 22:33:38 fetching corpus: 2350, signal 149358/182649 (executing program) 2022/09/28 22:33:39 fetching corpus: 2400, signal 150459/183930 (executing program) 2022/09/28 22:33:39 fetching corpus: 2450, signal 151410/185254 (executing program) 2022/09/28 22:33:39 fetching corpus: 2500, signal 153211/186965 (executing program) 2022/09/28 22:33:39 fetching corpus: 2550, signal 154175/188162 (executing program) 2022/09/28 22:33:39 fetching corpus: 2600, signal 155855/189724 (executing program) 2022/09/28 22:33:39 fetching corpus: 2650, signal 156677/190834 (executing program) 2022/09/28 22:33:39 fetching corpus: 2700, signal 157541/191904 (executing program) 2022/09/28 22:33:39 fetching corpus: 2750, signal 158351/192981 (executing program) 2022/09/28 22:33:40 fetching corpus: 2800, signal 159610/194261 (executing program) 2022/09/28 22:33:40 fetching corpus: 2850, signal 160379/195269 (executing program) 2022/09/28 22:33:40 fetching corpus: 2900, signal 161471/196422 (executing program) 2022/09/28 22:33:40 fetching corpus: 2950, signal 162961/197873 (executing program) 2022/09/28 22:33:40 fetching corpus: 3000, signal 164231/199074 (executing program) 2022/09/28 22:33:40 fetching corpus: 3050, signal 164995/200005 (executing program) 2022/09/28 22:33:40 fetching corpus: 3100, signal 165672/200882 (executing program) 2022/09/28 22:33:40 fetching corpus: 3150, signal 166840/202084 (executing program) 2022/09/28 22:33:40 fetching corpus: 3200, signal 168049/203227 (executing program) 2022/09/28 22:33:40 fetching corpus: 3250, signal 168893/204143 (executing program) 2022/09/28 22:33:41 fetching corpus: 3300, signal 169962/205171 (executing program) 2022/09/28 22:33:41 fetching corpus: 3350, signal 170365/205855 (executing program) 2022/09/28 22:33:41 fetching corpus: 3400, signal 171591/206912 (executing program) 2022/09/28 22:33:41 fetching corpus: 3450, signal 172124/207636 (executing program) 2022/09/28 22:33:41 fetching corpus: 3500, signal 173407/208636 (executing program) 2022/09/28 22:33:41 fetching corpus: 3550, signal 174223/209477 (executing program) 2022/09/28 22:33:41 fetching corpus: 3600, signal 175123/210304 (executing program) 2022/09/28 22:33:41 fetching corpus: 3650, signal 176021/211204 (executing program) 2022/09/28 22:33:42 fetching corpus: 3700, signal 176966/212005 (executing program) 2022/09/28 22:33:42 fetching corpus: 3750, signal 177479/212671 (executing program) 2022/09/28 22:33:42 fetching corpus: 3800, signal 177926/213341 (executing program) 2022/09/28 22:33:42 fetching corpus: 3850, signal 178691/214068 (executing program) 2022/09/28 22:33:42 fetching corpus: 3900, signal 179549/214981 (executing program) 2022/09/28 22:33:42 fetching corpus: 3950, signal 180227/215674 (executing program) 2022/09/28 22:33:42 fetching corpus: 4000, signal 181085/216416 (executing program) 2022/09/28 22:33:42 fetching corpus: 4050, signal 182033/217151 (executing program) 2022/09/28 22:33:43 fetching corpus: 4100, signal 183124/217898 (executing program) 2022/09/28 22:33:43 fetching corpus: 4150, signal 184003/218570 (executing program) 2022/09/28 22:33:43 fetching corpus: 4200, signal 184581/219157 (executing program) 2022/09/28 22:33:43 fetching corpus: 4250, signal 185318/219761 (executing program) 2022/09/28 22:33:43 fetching corpus: 4300, signal 185908/220297 (executing program) 2022/09/28 22:33:43 fetching corpus: 4350, signal 186421/220844 (executing program) 2022/09/28 22:33:43 fetching corpus: 4400, signal 187036/221362 (executing program) 2022/09/28 22:33:43 fetching corpus: 4450, signal 187567/221877 (executing program) 2022/09/28 22:33:44 fetching corpus: 4500, signal 188701/222516 (executing program) 2022/09/28 22:33:44 fetching corpus: 4550, signal 189222/223004 (executing program) 2022/09/28 22:33:44 fetching corpus: 4600, signal 189549/223439 (executing program) 2022/09/28 22:33:44 fetching corpus: 4650, signal 190095/223874 (executing program) 2022/09/28 22:33:44 fetching corpus: 4700, signal 190730/224501 (executing program) 2022/09/28 22:33:44 fetching corpus: 4750, signal 191245/224924 (executing program) 2022/09/28 22:33:44 fetching corpus: 4800, signal 191906/225390 (executing program) 2022/09/28 22:33:44 fetching corpus: 4850, signal 192458/225851 (executing program) 2022/09/28 22:33:45 fetching corpus: 4900, signal 193804/226373 (executing program) 2022/09/28 22:33:45 fetching corpus: 4950, signal 194616/226870 (executing program) 2022/09/28 22:33:45 fetching corpus: 5000, signal 195325/227335 (executing program) 2022/09/28 22:33:45 fetching corpus: 5050, signal 195958/227718 (executing program) 2022/09/28 22:33:45 fetching corpus: 5100, signal 196332/228069 (executing program) 2022/09/28 22:33:45 fetching corpus: 5150, signal 196791/228425 (executing program) 2022/09/28 22:33:45 fetching corpus: 5200, signal 197206/228770 (executing program) 2022/09/28 22:33:45 fetching corpus: 5250, signal 197774/229144 (executing program) 2022/09/28 22:33:45 fetching corpus: 5300, signal 198662/229595 (executing program) 2022/09/28 22:33:46 fetching corpus: 5350, signal 199238/229945 (executing program) 2022/09/28 22:33:46 fetching corpus: 5400, signal 199647/230287 (executing program) 2022/09/28 22:33:46 fetching corpus: 5450, signal 200421/230624 (executing program) 2022/09/28 22:33:46 fetching corpus: 5500, signal 200907/230902 (executing program) 2022/09/28 22:33:46 fetching corpus: 5550, signal 201723/231216 (executing program) 2022/09/28 22:33:46 fetching corpus: 5600, signal 202487/231481 (executing program) 2022/09/28 22:33:46 fetching corpus: 5650, signal 202871/231755 (executing program) 2022/09/28 22:33:46 fetching corpus: 5700, signal 203435/232002 (executing program) 2022/09/28 22:33:47 fetching corpus: 5750, signal 204018/232177 (executing program) 2022/09/28 22:33:47 fetching corpus: 5800, signal 204682/232181 (executing program) 2022/09/28 22:33:47 fetching corpus: 5850, signal 205020/232181 (executing program) 2022/09/28 22:33:47 fetching corpus: 5900, signal 205477/232187 (executing program) 2022/09/28 22:33:47 fetching corpus: 5950, signal 205884/232196 (executing program) 2022/09/28 22:33:47 fetching corpus: 6000, signal 206415/232201 (executing program) 2022/09/28 22:33:47 fetching corpus: 6050, signal 206921/232201 (executing program) 2022/09/28 22:33:47 fetching corpus: 6100, signal 207349/232230 (executing program) 2022/09/28 22:33:47 fetching corpus: 6150, signal 208019/232234 (executing program) 2022/09/28 22:33:47 fetching corpus: 6200, signal 208422/232235 (executing program) 2022/09/28 22:33:47 fetching corpus: 6250, signal 208697/232236 (executing program) 2022/09/28 22:33:48 fetching corpus: 6300, signal 209129/232239 (executing program) 2022/09/28 22:33:48 fetching corpus: 6350, signal 210427/232244 (executing program) 2022/09/28 22:33:48 fetching corpus: 6400, signal 210712/232248 (executing program) 2022/09/28 22:33:48 fetching corpus: 6402, signal 210749/232248 (executing program) 2022/09/28 22:33:48 fetching corpus: 6402, signal 210749/232248 (executing program) 2022/09/28 22:33:51 starting 8 fuzzer processes 22:33:51 executing program 0: ppoll(&(0x7f0000000000)=[{0xffffffffffffffff, 0x10601}, {0xffffffffffffffff, 0x404}, {0xffffffffffffffff, 0x141}], 0x3, &(0x7f0000000040)={0x0, 0x3938700}, &(0x7f0000000080)={[0x4]}, 0x8) r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/module/netconsole', 0x301000, 0xd) pwritev(r0, &(0x7f0000000180)=[{&(0x7f0000000100)="d76873e20c33c796963f1285aec6bf1c94093b02b3de44c18c686ead5774cefc85921c9ce8be33ca1fe78f59f71175647decaf0df9228a580441f91c74a9a4095ab03f73aa41841edafa1808092c3a638676569e0f990969", 0x58}], 0x1, 0xffffff71, 0xffffffff) mq_getsetattr(r0, &(0x7f00000001c0)={0x2, 0x400000000, 0xd56a, 0xbe0}, &(0x7f0000000200)) r1 = inotify_init() r2 = ioctl$TIOCGPTPEER(r0, 0x5441, 0xc97) r3 = socket$nl_audit(0x10, 0x3, 0x9) r4 = openat$thread_pidfd(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) r5 = socket$inet_udp(0x2, 0x2, 0x0) r6 = syz_open_dev$vcsu(&(0x7f0000000340), 0x7, 0x101000) ppoll(&(0x7f0000000380)=[{r1, 0x2008}, {r2, 0x80}, {}, {r0, 0x5421}, {r0, 0x14300}, {r3, 0x1110}, {r4, 0x10c1}, {r5, 0x1}, {r6, 0x22a0}], 0x9, &(0x7f0000000400)={0x0, 0x3938700}, &(0x7f0000000440)={[0x9]}, 0x8) openat$thread_pidfd(0xffffffffffffff9c, &(0x7f0000000480), 0x20100, 0x0) openat$thread_pidfd(0xffffffffffffff9c, &(0x7f00000004c0), 0x701102, 0x0) close(r6) inotify_add_watch(r1, &(0x7f0000000500)='./file0\x00', 0x10000000) setsockopt$inet6_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f0000000540)=0xffffffffffffffff, 0x4) pipe2$9p(&(0x7f0000000580)={0xffffffffffffffff, 0xffffffffffffffff}, 0x2800) read(r7, &(0x7f00000005c0)=""/157, 0x9d) ioctl$AUTOFS_IOC_PROTOSUBVER(0xffffffffffffffff, 0x80049367, &(0x7f0000000680)) setsockopt$inet6_tcp_TCP_FASTOPEN_KEY(0xffffffffffffffff, 0x6, 0x21, &(0x7f0000000700)="df0823f5b17b8029266b0debcb357c63", 0x10) 22:33:51 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x8000, 0x28) ioctl$AUTOFS_DEV_IOCTL_FAIL(0xffffffffffffffff, 0xc0189377, &(0x7f0000000040)={{0x1, 0x1, 0x18, r0, {0x2, 0xfffffffc}}, './file0\x00'}) ioctl$BTRFS_IOC_SPACE_INFO(r1, 0xc0109414, &(0x7f0000000080)={0xc3b, 0xffff, ['\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00']}) ioctl$BTRFS_IOC_QGROUP_LIMIT(r1, 0x8030942b, &(0x7f0000012640)={0x5, {0x0, 0xff, 0xffff, 0x80000001, 0x3}}) r2 = openat(r0, &(0x7f0000012680)='./file0\x00', 0x0, 0x50) r3 = syz_mount_image$ext4(&(0x7f00000126c0)='ext3\x00', &(0x7f0000012700)='./file0\x00', 0x3, 0x1, &(0x7f0000012840)=[{&(0x7f0000012740)="411ded63cf7750647ab6adbd9974c0ffe116b98f568fd545feccac6be5713c55005fb22e6d184e0b2291ca4844875fc8a551a0c43cbc295e30137def5337ae05def03ddb78e9d7f3fe20e2c2596060b98ef6883a2c40682d14704f02a91bb2af18f917c53791d6e3cecccff2d9b1a0228b5a55da828e680680a6578a4ff6edc9ed18e176cd760e8436e6c14dec19c55cf9a1c70ff02814967000720ef41b02ef8b59e345b15b4af3be8a83b23737c0a0ae8e707104633ec98fdcbfec3675037a38158944bf686c7792e7c9", 0xcb, 0xa7b}], 0x4002, &(0x7f0000012880)={[{@nodelalloc}, {@nojournal_checksum}, {@bh}], [{@euid_lt={'euid<', 0xee01}}, {@audit}, {@smackfsdef={'smackfsdef', 0x3d, '+@'}}, {@fsname={'fsname', 0x3d, '\x00'}}, {@fowner_gt={'fowner>', 0xee00}}, {@fowner_eq={'fowner', 0x3d, 0xee00}}]}) getsockopt$inet_mreqn(r0, 0x0, 0x24, &(0x7f0000012940)={@multicast2, @loopback}, &(0x7f0000012980)=0xc) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) r5 = dup2(r3, r4) finit_module(r4, &(0x7f00000129c0)='\x00', 0x2) ioctl$BLKRESETZONE(r0, 0x40101283, &(0x7f0000012a00)={0x10000, 0x2}) mount(&(0x7f0000012a40)=@nbd={'/dev/nbd', 0x0}, &(0x7f0000012a80)='./file0\x00', &(0x7f0000012ac0)='ufs\x00', 0x8020, &(0x7f0000012b00)='bh') ioctl$BTRFS_IOC_TREE_SEARCH_V2(r0, 0xc0709411, &(0x7f0000012b40)={{0x0, 0xb638, 0x40, 0x7, 0xf2, 0x30, 0x2, 0x47, 0x35, 0x8, 0x430c53a1, 0x10001, 0x8001, 0x10001, 0x100}, 0x18, [0x0, 0x0, 0x0]}) write$P9_RREADLINK(r5, &(0x7f0000012c00)={0x10, 0x17, 0x1, {0x7, './file0'}}, 0x10) ioctl$EXT4_IOC_GROUP_ADD(r4, 0x40286608, &(0x7f0000012c40)={0x5, 0x200, 0x1, 0x2, 0x32, 0x53}) perf_event_open(&(0x7f0000012cc0)={0x1, 0x80, 0x20, 0x3, 0x66, 0x2, 0x0, 0x1, 0x44104, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x80000001, 0x2, @perf_bp={&(0x7f0000012c80), 0x4}, 0x2e14, 0x4, 0xfffffffb, 0xd, 0x5, 0x2, 0x7fff, 0x0, 0x3}, 0x0, 0x4, r2, 0x3) ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r5, 0x89f1, &(0x7f0000012dc0)={'syztnl0\x00', &(0x7f0000012d40)={'syztnl2\x00', 0x0, 0x4, 0x1f, 0x2, 0x895d, 0x1, @private0, @private2, 0x20, 0x40, 0x7fffffff, 0x1}}) r6 = openat$procfs(0xffffffffffffff9c, &(0x7f0000012e00)='/proc/stat\x00', 0x0, 0x0) sendfile(r6, r5, &(0x7f0000012e40), 0x9) chmod(&(0x7f0000012e80)='./file0\x00', 0x4) [ 74.456864] audit: type=1400 audit(1664404431.272:6): avc: denied { execmem } for pid=286 comm="syz-executor.0" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1 22:33:51 executing program 2: ioctl$BLKTRACETEARDOWN(0xffffffffffffffff, 0x1276, 0x0) r0 = syz_open_dev$vcsu(&(0x7f0000000000), 0x1, 0x4000) ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0) ioctl$SG_GET_TIMEOUT(r0, 0x2202, 0x0) ioctl$BTRFS_IOC_SYNC(r0, 0x9408, 0x0) ioctl$SG_IO(r0, 0x2285, &(0x7f0000002500)={0x53, 0xffffffffffffffff, 0x1000, 0x3f, @scatter={0x6, 0x0, &(0x7f0000001380)=[{&(0x7f0000000040)=""/4096, 0x1000}, {&(0x7f0000001040)=""/173, 0xad}, {&(0x7f0000001100)=""/44, 0x2c}, {&(0x7f0000001140)=""/158, 0x9e}, {&(0x7f0000001200)=""/215, 0xd7}, {&(0x7f0000001300)=""/107, 0x6b}]}, &(0x7f0000001400)="0036cde1358cbc89e6e9ca564d06b6907fa92c7ee5bff782593b4e261e761a74e531b9747978db44595d2492799419906e07b338cbf6048a5e638907d8f42dfe44450d975ad314ce3dd2b222826c81c97d3f0030b9e776179905ed497d511752454f49b6fe3ac67f968199ab4017910911ef7eff695e7f3c8d91d487b044aae67ef5e58a885057aa2690eab963405b973e3830de432ff5f92cfc79a9e7deb4bade6391feb983b285502a14e887508058cc2b2360a1e412119ae9f07aff01dbe52ec7cd9b90d1401c2d0496c45278d4d9701410fa1ee57a5236153216572600dfb93881aa0087716f7f55b4196d582b3c78e4250db063f5a27502703708d23262cbf65bba74173bab2a543ba9df52d18ba564eb9a6f64d8edb3a7c887a08a10882d6b5d4bde230bfcf195685bce546e6c67683c2734e23a66e09e6e8510f72a380c3cb059530d60ffc0ea6339e1bcd3e3b6239485d08c04f7a3fdab843044e996fc185068d5fd83c44e46665bc8a25c5cdea10775a9897a61779c98c61a4b974e03150206b668db39a49171735182c6f4bf86de1413c9d2fe21d15a9f2109b92c735119dde9a4e54f7327f6fcfdaeb07d9b65bef51c8cf28925cba624ad426606de777fe8d3cd8083ee68ab1255489a26a00d743bdc7c6534aa1e1b0ce70ab4db28f02340f26de6596bc9aba5f05c0929673011cea52ce8f2493a6aac1e624fc16910fe34491e84a5175f0cacec4c4a12040113eb32213ab14c0a26c76d94b4fe8ad64aa27e51b5f31d7378e75a2a24fd7a3534f5185256de9e4d87ea655e3b81ee5aaeb02a3042b0dbb153bc5ea7d2d7a12068beb0f143e5d64cdacf64cc98d31a8404c9118c15ebe16e54f98be6d5693f28973528cc80dc009d6d85d1e317428d981681ee84ced4bf9c2f115a33db0555b74ecefcbaf23a9d2d9949677e800a3acc1d38e8289710d0d4f3dc0ba3d3366c7481d2c460bb7f546070744d1501f5cce51bbc30e20c890abf76e73b3f4b78f55d77e94652090d15c3ef5b57ff2e191c8698fd8c34268cc595d87e4d43a1f21359cf666fe8661355e5729283a517e78cf92ecb5158b2391c5e22f1fc9fba1bec8c70a0195b301f8e07d90caec73179d9d19da3bd723d68b5e2ce783f416e24139bd06887f9a4ec095089cf0d5b0ade36fcdf347c89c2d5345366f543919bb36614685e1320d3b7b34ce85b8f900a9ecefcdbdcd6eb9d6d3912f5b92135573d38051f742eea7ac892a9f6f4839b6f02d59c74765933c9717268f83cd93f4f7eaacabf4a6329eaae722d213f09856ce7420611a1dc5dbab22500667a053b61362ece51eec4ec1f3b0e7b582421f53acf4fbcdc56d047240ac5bbbb3916aa71e097d45bc445aa448326a3859033d28e4f8df8642d51218cad9f863741dd1df4ed9ffb9aacc65f32485d1f34fa88067015442c36b90a5537da3a4be170413422b24c4aee4b5844e1d704c382d03363a599936c75446d99df1f883a1a2f5448eed2864d0d791f22a7e887d0efb682f41d961537dcc3d66e520fb5b4f57a2b1685710e48ca8561657b0b0f9eff8557925205c36449b17d98c5ea16bff9d5a8daa30ea0e1e80dfe119de9775fd9624ed534e21382a89dc5e3de983b0b90511fa899ea3809928cc8af1267bef9535d9b14c13ed9587aea7ba6d9c65fc6ea80e7dc5d0d08abc5c1931f4290feffd0cb469d0f7bba3298637bdad701aa6275e40bf65e79f8e7f20423502424a733408d1d2decff78ad554948147e032055b4dfc40ed8e306dbc660e8445c29db38cf9fc05e282eb9bd3382d45e70021c51fc409d5b3cdc89c5fffb19c6d48c3babc02f854329ef9867071e2d64cdec967aabbd0f7fdb9bf60a55bb9677a7f4e27896712f83610a591f4b9aad46af6d7e5f4f3cfa24e731f0e49d4bab3d81a7f52747791f42fd126b3d131cdd139e98693190fc2411ae3f913405620dadb754f2f0cca79cda537ce03d85a6803c7953cc46d819a4bcfa477ee4ea309669d0e7e8c5da9ead2986cfe6173d0e168a8446ba24ef96ef36c8275241b78e0a4e5d8c1348227a10f17a2b0ae4889bad308d7ba3f4b8f2019edb4781daa6c64df5a36aaba056f97f7af933166c5d4c38edc1978da06f19cd6cac97ca37f8b97233c2f1304195be6531f61aea177ca2bda2f6812942b3d4da219456fd0babf86ff4997e7e75751d35d72b8c99661ccf423dd09a47f7e5d6daf723c1c4f42b4dc972e8f48f1b0bde909ecf68935a37a7dd2225477a1ab9748f23710105f4cb11f9e08e0c8db259d7436a392b5d269ea8a0e217bcf3d79889ad42f54a5d59886b61bfeba25ceb01c35fc9ab41ab077873fcedcd408e0d2021f08baddacaeeb7a5c828250124bbfd5a0dc1530f7e5aa7c09ee879859cdd3f06b4329b9517b19c9f73929693e5baaa4628413b8b8c9bf33426cf39734c0c1dca54b3001a0df2f186ac4a1905db7c5707c83681efc92a776caa2b8dde753cf276a11864313ca8f926fb4b548091e0fe0a2e8fab85f04421735f4cfa22b71bc17d9bc23effc6afd910c20033f580fa0efa72ea9d4f89956f26d347f543e0f3598014945123738b6b401f676278cd87850204c7f79b6f1a3d74614875084a44fbcfed6981d6445abb1feb394b00804ab979d2b8512abe3977a0706ae2aa5e89f3f7338046c2f15c21b76f756f5368b3071dccd7328eb16478b6d02fab811c07a911433b64a14b00c20feaa3e1afb8247f4fa4529506f9158865eb7895a36173f8f87ff5f243f41ca653fd20906eade4575e48b24406d22bce7ab2112affc575b6ce58d780cdc092fd01e2de232b6419b3baa5a830e058939871c3269de64cb395fbc3c27d00d3b45a0ed57a1376a350da9f9f28e84a497ab70fb080920fa58077ed40f6b7fdc7a7d22cc1bdd90d6ada95d26e16ee48e34e4a86414f7cd6e939ec10984d321f292f5cbd1b76b1a0e437edd8fb0ec76890d0d7a32de1fef0183ca1536fb05fc1d367d4b0a82439a64adf036000e3846beec0fc79c1e1ba7543331e949b670f4f366932e6940ae8611fd4a728ce5e0ce0290e2c64f53f0fb64a4d8ae114f098f682ddb14228b9233b9d27e63aaf13a4f8fc83a79f310feb5cca71980e7216539bfac527824579852256ba4b3b62b820506a92c5473615dd8346456d04a13efca1605a962f399db487ebc639169803192cd43805f9eeaf1eb238843aa4455282face10386199e828c1a1490ea3bd16d1fc5b7b75f9f74f00b053e3568ed13bbd00fce61a2aa2471477c94fc6a02e7c824499badcf9fbfa30261988a5e9866e30fc3bd5d4f7d05a5457524140b4461a3cfc49a19b07e9a95527dcd6ad8ef15f4004108af7d3ee82618fd01746d0e21a354f05f5db34fca246f1c10c5c9e233fe34a1bc7d1be79f4d73b70522d907e39b698e4a690062e8a4ec9557855bcbc2082806b944e4bcc58b8dc3ed04f8ea90b8b0710bf52138a9dc26d7f99f7d3a431e9e852b8a393d97d106ba683ea6bc6c44112d5726697ec2823e3ac49b27fbca97b12ad8c4a34bca56845364d623adbd3ccae06d910665ee51fd18f94d77d51fda5642c9747ef9dd05fd6d6b7d3dff6db587c10577523d92e8c89359a418d98b05ac51902cf721987bead94aa429f4116418f2bca61cc3ccc46d9ed801e1e77af4a42d696bcbfd71f26953fcd434a92b74f898fd346981e6e41a00ae83c0376c41b10b0a4af7181fc1ff877b7764db6daaa8a7fc89aa85380910710480487c79a17fcf7d8219cf1d5afb1cc57decbb41288c798654d120ef5cbc1745c62c6deb058e0c74163ac7cdf2b3200425150cb8488135143377b2ccb48d019e023be3f08cc5f6fe570fa37c4440c4d82faf8b6289dd7a94f31647593f3539ec51785d2d513777c0859faa1d58943b8537281ddc889a420d9f13f74cc5bb392c02f772a73ca4f8cb81b391f8220bdf875cf8690f6f5a1e8d43779ff882c29486fc646f54a77534238d9bb9c5e51e24481d6a445b901c458df490588f60b04f301afe3dd3db8a1eac1f99a6af054319f2696b62290db1f7bdc90aa6ef6d15f1a7a71899c14b11e99c735e0804630e2ea198bfa1a48c0768c259da6c181ad73dccd45488874daa67099f23cef67f85b56d6e8330449deb1b7d3d21d9722fbc93a7141653ae50ec39c6d5d1e6d624d1d02b411a8e01aaca28163484c55d1070809add043af0b89999e481726fe8e5b18e860b005d97458d2544a196c9c7eb60618aa211d379a73b89e7a0dab594ccf63a6cb5696bf896ef81d0c0e8785f09edfbc0d102fa16048f5386e25bd972ca89a83e14fd882b67bdb0fdfcba5d7e1ef9f56f04873b879de485a8b6810f70ff4d3ad32da8d0b375c4dc5a8cfc5e3c042fd2cf600924ec0cbae51a21406aaf13b4152563c8ab7aaecbe7afb28587f8ac1e3c677a4e8b3c7f508b6c3cc2e7acecda817ee5a6765f591c2750feb0f0f0ccf667d2ca623aa740eda785b98b62e802f411e1e6c875ec9040671d1662f093541e5db74f55fe24e8cb5487492aa3cbeb73b977ebbd31c8a6e9d97e3057b8dae0358053fb8886cfc2b5d4631d4ca4975ca7ebf7ffa871d5995086138f06ba78f966b60ece7779ff0714fab76e70a424c2f825df775d630bf610c1dec8c1ba1240d43c0089134471769353a81b88b66b0229e210d5ddbb429739a3970ea5289dffdc17aa6a08ee14f15eac07fd9036a1bee3d2251e8ff9b555087978cf0dda4ea639298c4b8ad631faed8561ea3719a6d03fa509f77de5bd864eb8842e289d206a4ce0281cd66fe81f97976963448da9f47ba5895fe34dea969ddddee3dcbb7a7f71518dd3450b2dd48d4fa4eca876d60ef13e753d0ebdcab3966bac26021ad39852243cd014ac4166beec86b6cd1205d67e00c722b17f0be6d0791d81e01a00e1dd1b5080758e8cea80865cdc386c1bd91ed719139d2d02d72b783e3d8964bf6e9a64c05c782fcf80006a25475dfd29febec42491fecc17ea229237d937e2c3e166af39e5db0bb3e83fd797a0af97eee4210f8d1b0724ff3baeb9882cd0e5c6db92c4cf2510ce63dc211e25096e8e1e4f8e5212aac790339226934d9ec7681202107e7446f20990f0def01a5374a29734e095eef5b7736d118cce565a52861394cc00761ce183ea4cd9c5aad0079b67ba028b05259501c7a5c0958423c0b2aca3f9eaba109b6adbcf1c36945fe34daab7ba547f36b40870e2a0e7dca14ae48b05d1b0ae8e51faca85a8b09cec90b12e97bd7797f58b8f5b1d4e6eaf0c3eb5be1412e57b05bdedee5c724ca5d0799cf6db635bf10706d4d79911e1750dcd29391230e1917b5e447de08eb121b9a06167b3707c4b98c264c00ff71d709837e151485c76137a8023a4d33ea9db627d03de379ade8af71793a2adc1be07ff697a78146484fb05a1c6e7a51001c6d4c178427ec78ab477a6f667c46244ad2bb3e78775059d209a24c6a7588cddf1be32ec3b1a27fff5d1a9fe0fa1b2bdb8ec1d96f37b70f11ef23a28f9f06524d9df00cd984d86ecd643c8242b13e070d44008959b33d1ace50e03aa031641d883145a627180762ef94a0a50bfe44894f5922a31f3e3d146900a0ce5f35e7812d203caf1c4caaaeba81c640f71193e2cdeb579b11b6b77e5846e5573aef2a4b7c1e399e8ba29c9ac356e4398847c3a4120728be41c782ce13f460224a964e8b6de2d84a3382a50b61ea0392908145c2ad723c483f9b9e7bd5c603513db7efc7dd43daa3dc7cf4913a8d4e98c1a854c4", &(0x7f0000002400)=""/183, 0x1, 0x4, 0x0, &(0x7f00000024c0)}) ioctl$SG_SET_FORCE_PACK_ID(r0, 0x227b, &(0x7f0000002580)) r1 = fcntl$dupfd(r0, 0x406, r0) r2 = fork() ioctl$BLKTRACESETUP(r1, 0xc0481273, &(0x7f00000025c0)={'\x00', 0x0, 0x7, 0x7, 0x80, 0x2, r2}) r3 = openat$nvram(0xffffffffffffff9c, &(0x7f0000002640), 0x20000, 0x0) process_vm_writev(r2, &(0x7f00000028c0)=[{&(0x7f0000002680)=""/37, 0x25}, {&(0x7f00000026c0)}, {&(0x7f0000002700)=""/5, 0x5}, {&(0x7f0000002740)=""/87, 0x57}, {&(0x7f00000027c0)=""/225, 0xe1}], 0x5, &(0x7f0000003a00)=[{&(0x7f0000002940)=""/69, 0x45}, {&(0x7f00000029c0)=""/4096, 0x1000}, {&(0x7f00000039c0)}], 0x3, 0x0) r4 = syz_open_dev$vcsu(&(0x7f0000003a40), 0x0, 0x80000) r5 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000003a80), 0xe0042, 0x0) sendfile(r5, r0, 0x0, 0x0) openat(r4, &(0x7f0000003ac0)='./file0\x00', 0x1abe01, 0x41) fstatfs(r3, &(0x7f0000003b00)=""/12) ioctl$BTRFS_IOC_SET_FEATURES(r0, 0x40309439, &(0x7f0000003b40)={0x5, 0x0, 0x12}) ioctl$sock_FIOGETOWN(r4, 0x8903, &(0x7f0000003b80)=0x0) process_vm_writev(r6, &(0x7f0000003f80)=[{&(0x7f0000003bc0)=""/207, 0xcf}, {&(0x7f0000003cc0)=""/202, 0xca}, {&(0x7f0000003dc0)=""/204, 0xcc}, {&(0x7f0000003ec0)=""/127, 0x7f}, {&(0x7f0000003f40)=""/20, 0x14}], 0x5, &(0x7f0000004040)=[{&(0x7f0000004000)=""/10, 0xa}], 0x1, 0x0) 22:33:51 executing program 3: sendmsg$NL80211_CMD_SET_MAC_ACL(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000000), 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x1c, 0x0, 0x200, 0x70bd2c, 0x25dfdbfb, {{}, {@void, @void}}, [@NL80211_ATTR_ACL_POLICY={0x8, 0xa5, 0x1}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4000000}, 0x1) sendmsg$NL80211_CMD_SET_QOS_MAP(0xffffffffffffffff, &(0x7f00000002c0)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000280)={&(0x7f0000000140)={0x104, 0x0, 0x200, 0x70bd29, 0x25dfdbff, {{}, {@void, @void}}, [@NL80211_ATTR_QOS_MAP={0x1e, 0xc7, {[{0x9, 0x2}, {0x20, 0x3}, {0x2, 0x7}, {0x2, 0x6}, {0x9, 0x2}, {0x9, 0x1}, {0x3, 0x2}, {0x6, 0x5}, {0x4, 0x7}], "1c5342f81c132448"}}, @NL80211_ATTR_QOS_MAP={0x26, 0xc7, {[{0x40, 0x1}, {0x4, 0x4}, {0x2, 0x3}, {0x7, 0x1}, {0xc4, 0x3}, {0x8, 0x1}, {0x0, 0x5}, {0x1, 0x4}, {0x2, 0x6}, {0x3}, {0x0, 0x3}, {0x0, 0x4}, {0x20, 0x1}], "3014d1241a257ad9"}}, @NL80211_ATTR_QOS_MAP={0x22, 0xc7, {[{0x20, 0x4}, {0x7, 0x1}, {0x0, 0x2}, {0x1}, {0xc0, 0x5}, {0x7, 0x2}, {0x70, 0x2}, {0x94, 0x7}, {0x4, 0x3}, {0x81, 0x5}, {0x0, 0x7}], "d3cc73e4abe168ef"}}, @NL80211_ATTR_QOS_MAP={0x10, 0xc7, {[{0xc0, 0x2}, {0x5, 0x7}], "d21fc09471bb7a27"}}, @NL80211_ATTR_QOS_MAP={0x1e, 0xc7, {[{0x9, 0x2}, {0x80, 0x4}, {0x6, 0x7}, {0x1, 0x1}, {0xe4, 0x7}, {0x3, 0x7}, {0x1, 0x6}, {0x0, 0x7}, {0x1f, 0x7}], "17cbee4ff34f5258"}}, @NL80211_ATTR_QOS_MAP={0x1a, 0xc7, {[{0x3, 0x3}, {0x9, 0x3}, {0x6, 0x2}, {}, {0x81, 0x3}, {0x7f, 0x4}, {0x6, 0x1}], "7a620615c58ff8d0"}}, @NL80211_ATTR_QOS_MAP={0x1a, 0xc7, {[{0x1, 0x2}, {0x5, 0x5}, {0x2}, {0xa, 0x4}, {0x3, 0x4}, {0x6, 0x3}, {0x1, 0x3}], "1c07b1a39147c293"}}, @NL80211_ATTR_QOS_MAP={0x1c, 0xc7, {[{0x6, 0x6}, {0x81}, {0x80, 0x3}, {0x64}, {0x3f, 0x6}, {0xfa, 0x7}, {0x5}, {0x0, 0x2}], "cd879dd31f8a6b2f"}}]}, 0x104}, 0x1, 0x0, 0x0, 0x4000000}, 0x0) sendmsg$IPVS_CMD_NEW_DAEMON(0xffffffffffffffff, &(0x7f0000000440)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000400)={&(0x7f0000000340)={0x90, 0x0, 0x300, 0x70bd2d, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x5}, @IPVS_CMD_ATTR_SERVICE={0x54, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_AF={0x6, 0x1, 0x2}, @IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x20, 0x5}}, @IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x10, 0x8}}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0xb}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0xa}, @IPVS_SVC_ATTR_PROTOCOL={0x6, 0x2, 0x16}, @IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x38, 0xb}}, @IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x21, 0x4}}]}, @IPVS_CMD_ATTR_SERVICE={0x20, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@loopback}, @IPVS_SVC_ATTR_PROTOCOL={0x6, 0x2, 0x2b}]}]}, 0x90}, 0x1, 0x0, 0x0, 0x10000081}, 0x4) sendmsg$NL80211_CMD_GET_SURVEY(0xffffffffffffffff, &(0x7f0000000540)={&(0x7f0000000480)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000500)={&(0x7f00000004c0)={0x14, 0x0, 0x10, 0x70bd2b, 0x25dfdbfb, {{}, {@void, @void}}, ["", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x10}, 0x40000000) sendmsg$ETHTOOL_MSG_RINGS_SET(0xffffffffffffffff, &(0x7f0000000640)={&(0x7f0000000580), 0xc, &(0x7f0000000600)={&(0x7f00000005c0)={0x1c, 0x0, 0x200, 0x70bd2c, 0x25dfdbfc, {}, [@ETHTOOL_A_RINGS_RX_JUMBO={0x8, 0x8, 0x3}]}, 0x1c}, 0x1, 0x0, 0x0, 0x1}, 0x4100) sendmsg$DEVLINK_CMD_PORT_GET(0xffffffffffffffff, &(0x7f0000000880)={&(0x7f0000000680), 0xc, &(0x7f0000000840)={&(0x7f00000006c0)={0x150, 0x0, 0x200, 0x70bd26, 0x25dfdbfc, {}, [{{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8}}}, {{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x3, 0x2}}}, {{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x3, 0x5}}}, {{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8}}}, {{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x3, 0x3}}}, {{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x3, 0x3}}}, {{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x3, 0x3}}}, {{@pci={{0x8}, {0x11}}, {0x8, 0x3, 0x1}}}]}, 0x150}, 0x1, 0x0, 0x0, 0x4}, 0x40000) r0 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000900), 0xffffffffffffffff) ioctl$sock_ipv6_tunnel_SIOCADD6RD(0xffffffffffffffff, 0x89f9, &(0x7f00000009c0)={'ip6_vti0\x00', &(0x7f0000000940)={'syztnl0\x00', 0x0, 0x2f, 0x4, 0x7f, 0x45, 0x0, @ipv4={'\x00', '\xff\xff', @multicast1}, @ipv4={'\x00', '\xff\xff', @remote}, 0x40, 0x7, 0x9, 0x8}}) sendmsg$ETHTOOL_MSG_EEE_GET(0xffffffffffffffff, &(0x7f0000000c00)={&(0x7f00000008c0)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000bc0)={&(0x7f0000000a00)={0x1b0, r0, 0x800, 0x70bd2c, 0x25dfdbfc, {}, [@HEADER={0x30, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r1}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'wg1\x00'}]}, @HEADER={0x44, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'wlan1\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'batadv0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}]}, @HEADER={0x68, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'team_slave_1\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'sit0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}, @HEADER={0x74, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'wg0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_to_team\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_vlan\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_to_batadv\x00'}]}, @HEADER={0x4c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}]}, 0x1b0}, 0x1, 0x0, 0x0, 0x40000}, 0x0) ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f0000000d00)={'ip6_vti0\x00', &(0x7f0000000c80)={'ip6_vti0\x00', r1, 0x2f, 0xe1, 0x1, 0x385, 0x56, @mcast1, @rand_addr=' \x01\x00', 0x80, 0x80, 0x3268, 0x7fff}}) ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, &(0x7f0000000d40)={'vxcan1\x00', 0x0}) ioctl$sock_ipv6_tunnel_SIOCCHG6RD(0xffffffffffffffff, 0x89fb, &(0x7f0000000e00)={'syztnl1\x00', &(0x7f0000000d80)={'ip6_vti0\x00', r1, 0x2f, 0x81, 0xf8, 0x5, 0x47, @mcast2, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x10, 0x8, 0xf249, 0x9}}) getsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x23, &(0x7f0000000e40)={@initdev, @multicast1, 0x0}, &(0x7f0000000e80)=0xc) sendmsg$ETHTOOL_MSG_DEBUG_GET(0xffffffffffffffff, &(0x7f0000001000)={&(0x7f0000000c40)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000fc0)={&(0x7f0000000ec0)={0x100, r0, 0x10, 0x70bd2d, 0x25dfdbff, {}, [@HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x7}]}, @HEADER={0x58, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r2}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'syz_tun\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r1}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r3}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r4}]}, @HEADER={0x88, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'rose0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'ipvlan1\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r5}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r1}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r1}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'bridge0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'vcan0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'ip6gretap0\x00'}]}]}, 0x100}, 0x1, 0x0, 0x0, 0x80}, 0x4) ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(0xffffffffffffffff, 0xc018937e, &(0x7f0000001040)={{0x1, 0x1, 0x18, 0xffffffffffffffff, @in_args={0x1}}, './file0\x00'}) sendmsg$MPTCP_PM_CMD_GET_ADDR(r6, &(0x7f0000001180)={&(0x7f0000001080)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000001140)={&(0x7f00000010c0)={0x50, 0x0, 0x0, 0x70bd2d, 0x25dfdbfc, {}, [@MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x8}, @MPTCP_PM_ATTR_ADDR={0x1c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0xa}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @loopback}, @MPTCP_PM_ADDR_ATTR_PORT={0x6, 0x5, 0x4e24}]}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x8}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x6}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x5}]}, 0x50}, 0x1, 0x0, 0x0, 0x4000080}, 0x4000090) sendmsg$BATADV_CMD_TP_METER(r6, &(0x7f00000012c0)={&(0x7f00000011c0)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000001280)={&(0x7f0000001200)={0x44, 0x0, 0x10, 0x70bd2a, 0x25dfdbfd, {}, [@BATADV_ATTR_ELP_INTERVAL={0x8, 0x3a, 0x2}, @BATADV_ATTR_ISOLATION_MASK={0x8, 0x2c, 0x3}, @BATADV_ATTR_DISTRIBUTED_ARP_TABLE_ENABLED={0x5, 0x2f, 0x1}, @BATADV_ATTR_AP_ISOLATION_ENABLED={0x5, 0x2a, 0x1}, @BATADV_ATTR_FRAGMENTATION_ENABLED={0x5}, @BATADV_ATTR_NETWORK_CODING_ENABLED={0x5}]}, 0x44}, 0x1, 0x0, 0x0, 0x804}, 0x4000040) ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(r6, 0xc018937d, &(0x7f0000001300)={{0x1, 0x1, 0x18, r6, {0xffffffaa}}, './file0\x00'}) ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, &(0x7f0000001380)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_CRIT_PROTOCOL_STOP(r7, &(0x7f0000001440)={&(0x7f0000001340)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000001400)={&(0x7f00000013c0)={0x1c, 0x0, 0x100, 0x1, 0x25dfdbff, {{}, {@val={0x8, 0x3, r8}, @void}}, [""]}, 0x1c}, 0x1, 0x0, 0x0, 0x4008841}, 0x4000000) 22:33:51 executing program 5: ioctl$TCFLSH(0xffffffffffffffff, 0x540b, 0x0) fcntl$setown(0xffffffffffffffff, 0x8, 0x0) r0 = dup(0xffffffffffffffff) ioctl$TIOCSWINSZ(r0, 0x5414, &(0x7f0000000000)={0x7, 0x3, 0xaf4f, 0x3}) ioctl$TIOCNXCL(r0, 0x540d) ioctl$VT_RESIZE(r0, 0x5609, &(0x7f0000000040)={0x5, 0x8}) readv(r0, &(0x7f0000000440)=[{&(0x7f0000000080)=""/207, 0xcf}, {&(0x7f0000000180)=""/188, 0xbc}, {&(0x7f0000000240)=""/184, 0xb8}, {&(0x7f0000000300)=""/138, 0x8a}, {&(0x7f00000003c0)=""/108, 0x6c}], 0x5) ioctl$FICLONE(r0, 0x40049409, r0) signalfd4(r0, &(0x7f00000004c0)={[0x3d]}, 0x8, 0x80800) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000500)='/proc/zoneinfo\x00', 0x0, 0x0) ioctl$BTRFS_IOC_GET_SUPPORTED_FEATURES(r1, 0x80489439, &(0x7f0000000540)) r2 = syz_open_dev$hiddev(&(0x7f00000005c0), 0x401, 0x22082) io_uring_register$IORING_REGISTER_FILES(r0, 0x2, &(0x7f0000000600)=[r2, r0, r0, r1], 0x4) ioctl$KDFONTOP_SET_DEF(r1, 0x4b72, &(0x7f0000000a40)={0x2, 0x1, 0x1e, 0x8, 0x1a9, &(0x7f0000000640)="6aa0a4171b5d67f56d2f533d30ee03de4c5962e057b89c4032215ad0f895d1c5f4d6b380d87d067bc7c9f50f6fa3688df62e70deb1f84c7782f43d458b6ab34cde14600760ebd4012830ab6402576222b906aff27a7382628a989a09094642f78815de2f31fccd2bf0e2af06d600eb2962f795b18dbe2c7e1c0d541f2a3c529451837b60ae6127280fecb89b60f037d072cdb2f306a870ef046a1b6124b663d4e2869a39cf0d32c3a5eb9d74b8c950e12d87d1e0ecc243da9a05e011800bac814b54e4cc3091f0165f984a4930de164c2fce078376e2348e6801c0f43c9e2b5c83e2567dc298b4f1b40dc98964ebf3824d7c2e836425e91bfe9d40e4c6f3117e3582fec8acc9796edb8f8446d995682dd6e0af879d475b928edfe90ca621d523089dcca5f3b29d842a11989af2be8036a0074148b25a9ca71146360ef98cd07b8931a0167152473afc9bb4abad027570412237210200f51113b2043fdda5c85564612cb4c1e2b2d81c1400a51338ef119b9f811931479e2c0e29cdcac9c847363e0242cbeca89f0ad57545e4907d1eb7262a78c7c34a180e48376c8906cc2c8be057c3556ee35c5b6cc47ccd9379f2312d573dfbad07d745033d27a3e78885399def6689029c4c80e406d34bc20c8b5e9c3bf86c803c56331ab4eaa9cdf4e090f2aafec51442361192b6d9ba0c013539c31473cd04897af4658558563a5b0e6085c53487f739e1b3ebe35d7181019e338c735829bca3b84c2a0c8e66af4a1d81c2d63f7b6133c937a9a433bcb13921592b2b0da2c1dcbd13fa715c9137cbed174d6b777354cb2815c3f4da5b0d93038146ad2379e0991a4720a672ae6f081edf11e53a537e6af5634066f0352ee08315aec642846c5e22e5f976e5f93be5fee4e74e1f5a9638c266f504383d6d32563d65afe1f3c3392021fe13bbd14e44cafdcb8632d9b2974c403ff49c6ee068eee5918f4a3dc9f145e7f307cd8513d5717b470b876ff87a33c828b343fda3d2b1e73132a1f4472f1b698d3826fd8814a1dde1179ca7cea765651fd24f4a9905c4535ea49d046e84323a7cae17fe7070d518c05e4e43da364d1fdf03fa101f8b3c3ce857a520493a147bb8ccf5de7d2d83e988713f89bbacba18e57556bf45c5964c4fc959b55d95c231396a99705bdd95a43c81a8cf3a75cd7120c4fbc17d2a4d3b947ceedb983ee726b203d8a04f1f1239044476d0435907f6d7a4ec4b43d835f5c0c06dd89bd9fc84422973975603048cb27b6b35360ae24cf79111d7b8bc1b9fec2996d2b433dfd3ad2c1232c93eade06f05c552450a731dbcb3be69d4c4b40b1f03a734d9a8a85ff344337913a9be5346be440b207cc962fcf4ade1be02e60c1ac824b8b697a741f1f57e0cc6ea09f0ea73fe8d9ce739f0dfd31cb77ba7cbc7075ade5ff1e6b6ae9d8b5c5517c590a5"}) r3 = accept$inet(r0, &(0x7f0000000a80)={0x2, 0x0, @broadcast}, &(0x7f0000000ac0)=0x10) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r1, 0x81f8943c, &(0x7f0000000b00)={0x0, ""/256, 0x0, 0x0, 0x0, 0x0, ""/16, ""/16, ""/16, 0x0, 0x0, 0x0, 0x0}) ioctl$BTRFS_IOC_WAIT_SYNC(r3, 0x40089416, &(0x7f0000000d00)=r4) ioctl$VFAT_IOCTL_READDIR_SHORT(0xffffffffffffffff, 0x82307202, &(0x7f0000000d40)=[{0x0, 0x0, 0x100}, {0x0, 0x0, 0x100}]) r5 = openat$cgroup_ro(r1, &(0x7f0000000f80)='blkio.bfq.io_serviced_recursive\x00', 0x0, 0x0) sync_file_range(r5, 0x8, 0xbac, 0x5) 22:33:51 executing program 4: sendmsg$NL80211_CMD_NEW_INTERFACE(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000040)={0x7c, 0x0, 0x400, 0x70bd26, 0x1, {{}, {@val={0x8, 0x1, 0x71}, @void, @void}}, [@NL80211_ATTR_IFNAME={0x14, 0x4, 'batadv_slave_0\x00'}, @NL80211_ATTR_MESH_ID={0xa}, @NL80211_ATTR_IFTYPE={0x8, 0x5, 0xa}, @NL80211_ATTR_IFNAME={0x14, 0x4, 'veth0_to_team\x00'}, @NL80211_ATTR_IFTYPE={0x8, 0x5, 0x7}, @NL80211_ATTR_4ADDR={0x5}, @NL80211_ATTR_IFNAME={0x14, 0x4, 'gre0\x00'}]}, 0x7c}, 0x1, 0x0, 0x0, 0x20000054}, 0x40) r0 = syz_genetlink_get_family_id$team(&(0x7f0000000180), 0xffffffffffffffff) sendmsg$TEAM_CMD_NOOP(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f00000002c0)={&(0x7f00000001c0)={0xd4, r0, 0x300, 0x81, 0x25dfdbfc, {}, [{{0x8}, {0xb8, 0x2, 0x0, 0x1, [{0x44, 0x1, @bpf_hash_func={{0x24}, {0x5}, {0x14, 0x4, [{0xfff, 0x6, 0x1f, 0x5}, {0x7, 0xa1, 0xb7, 0x9}]}}}, {0x38, 0x1, @lb_stats_refresh_interval={{0x24}, {0x5}, {0x8, 0x4, 0x8}}}, {0x38, 0x1, @notify_peers_count={{0x24}, {0x5}, {0x8, 0x4, 0x9}}}]}}]}, 0xd4}, 0x1, 0x0, 0x0, 0x801}, 0x200408d4) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000380)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_MULTICAST_TO_UNICAST(0xffffffffffffffff, &(0x7f0000000440)={&(0x7f0000000340), 0xc, &(0x7f0000000400)={&(0x7f00000003c0)={0x20, 0x0, 0x800, 0x70bd2b, 0x25dfdbff, {{}, {@val={0x8, 0x3, r1}, @void}}, [@NL80211_ATTR_MULTICAST_TO_UNICAST_ENABLED={0x4}]}, 0x20}, 0x1, 0x0, 0x0, 0x4000}, 0x40010) sendmsg$ETHTOOL_MSG_LINKMODES_SET(0xffffffffffffffff, &(0x7f0000000540)={&(0x7f0000000480)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000500)={&(0x7f00000004c0)={0x1c, 0x0, 0x4, 0x70bd29, 0x25dfdbfc, {}, [@ETHTOOL_A_LINKMODES_AUTONEG={0x5, 0x2, 0x27}]}, 0x1c}, 0x1, 0x0, 0x0, 0x20000041}, 0x4050) r2 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000580), 0x20000, 0x0) sendmsg$NL80211_CMD_DEAUTHENTICATE(r2, &(0x7f0000000680)={&(0x7f00000005c0)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000640)={&(0x7f0000000600)={0x2c, 0x0, 0x2, 0x70bd25, 0x25dfdbfc, {{}, {@void, @val={0xc, 0x99, {0x5, 0x78}}}}, [@NL80211_ATTR_MAC={0xa}]}, 0x2c}, 0x1, 0x0, 0x0, 0x41}, 0x40000c1) r3 = openat$bsg(0xffffffffffffff9c, &(0x7f00000006c0), 0x200000, 0x0) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000740), r2) ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000780)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_DISASSOCIATE(r3, &(0x7f0000000840)={&(0x7f0000000700)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000800)={&(0x7f00000007c0)={0x40, r4, 0xc00, 0x70bd2a, 0x25dfdbfb, {{}, {@val={0x8, 0x3, r5}, @val={0xc, 0x99, {0xfffffffd, 0x67}}}}, [@NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_MAC={0xa, 0x6, @random="ef129d1ede67"}]}, 0x40}, 0x1, 0x0, 0x0, 0x4000}, 0x1) ioctl$sock_ipv6_tunnel_SIOCADD6RD(r3, 0x89f9, &(0x7f0000000940)={'syztnl1\x00', &(0x7f00000008c0)={'syztnl1\x00', 0x0, 0x4, 0x18, 0x6, 0x991a, 0x52, @local, @empty, 0x700, 0x8040, 0x0, 0x10000}}) ioctl$sock_ipv6_tunnel_SIOCDELPRL(r2, 0x89f6, &(0x7f0000000a80)={'syztnl0\x00', &(0x7f0000000a00)={'syztnl1\x00', 0x0, 0x29, 0x8, 0x1, 0x8, 0x40, @ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x0, 0x0}}, @mcast1, 0x40, 0x80, 0x7, 0x80000000}}) sendmsg$ETHTOOL_MSG_DEBUG_GET(r2, &(0x7f0000000c40)={&(0x7f0000000880)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000c00)={&(0x7f0000000ac0)={0x128, 0x0, 0x4, 0x70bd25, 0x25dfdbfc, {}, [@HEADER={0x34, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'macvlan1\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'ip6gretap0\x00'}]}, @HEADER={0x78, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_to_batadv\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'vxcan1\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_to_team\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_to_bond\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_to_team\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r6}]}, @HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}]}, @HEADER={0x14, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}]}, @HEADER={0x48, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'ip6tnl0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r7}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'lo\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_to_bridge\x00'}]}]}, 0x128}, 0x1, 0x0, 0x0, 0x20004080}, 0x4008084) r8 = syz_open_dev$vcsu(&(0x7f0000000c80), 0x75d, 0x200000) sendmsg$IPVS_CMD_GET_DAEMON(r8, &(0x7f0000000d80)={&(0x7f0000000cc0)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000d40)={&(0x7f0000000d00)={0x38, 0x0, 0xb02, 0x70bd29, 0x25dfdbfb, {}, [@IPVS_CMD_ATTR_DAEMON={0x24, 0x3, 0x0, 0x1, [@IPVS_DAEMON_ATTR_MCAST_TTL={0x5, 0x8, 0x5}, @IPVS_DAEMON_ATTR_MCAST_PORT={0x6, 0x7, 0x4e24}, @IPVS_DAEMON_ATTR_SYNC_ID={0x8, 0x3, 0x3}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x5}]}]}, 0x38}, 0x1, 0x0, 0x0, 0x20000000}, 0x80) sendmsg$ETHTOOL_MSG_LINKINFO_SET(r3, &(0x7f0000000e80)={&(0x7f0000000dc0)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000e40)={&(0x7f0000000e00)={0x1c, 0x0, 0x202, 0x70bd25, 0x25dfdbfb, {}, [@ETHTOOL_A_LINKINFO_TP_MDIX_CTRL={0x5, 0x5, 0x1f}]}, 0x1c}, 0x1, 0x0, 0x0, 0x20008080}, 0x0) ioctl$AUTOFS_DEV_IOCTL_VERSION(r2, 0xc0189371, &(0x7f0000000ec0)={{0x1, 0x1, 0x18, r2}, './file0\x00'}) sendmsg$IPVS_CMD_GET_SERVICE(r9, &(0x7f0000000fc0)={&(0x7f0000000f00)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000f80)={&(0x7f0000000f40)={0x34, 0x0, 0x200, 0x70bd27, 0x25dfdbfb, {}, [@IPVS_CMD_ATTR_SERVICE={0x1c, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_NETMASK={0x8, 0x9, 0x7d}, @IPVS_SVC_ATTR_PORT={0x6, 0x4, 0x4e22}, @IPVS_SVC_ATTR_PROTOCOL={0x6, 0x2, 0x73}]}, @IPVS_CMD_ATTR_DAEMON={0x4}]}, 0x34}, 0x1, 0x0, 0x0, 0x8040}, 0x4000) 22:33:51 executing program 6: ioctl$SNDRV_TIMER_IOCTL_PVERSION(0xffffffffffffffff, 0x80045400, &(0x7f0000000000)) ioctl$SNDRV_TIMER_IOCTL_CONTINUE(0xffffffffffffffff, 0x54a2) ioctl$BTRFS_IOC_SEND(0xffffffffffffffff, 0x40489426, &(0x7f0000000080)={{}, 0x4, &(0x7f0000000040)=[0x9, 0x7fff, 0xbf9c, 0x2], 0x0, 0x2, [0xffff, 0xffffffffffffff01, 0x3f, 0xcb1]}) r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000100)='./binderfs2/binder0\x00', 0x400, 0x0) tee(0xffffffffffffffff, r0, 0x0, 0x8) ioctl(r0, 0xfffffffc, &(0x7f0000000140)="8eb06fb51da0a5542c7a0a6385f7d2ba5599adc8f37420b8a3fda13c3a8fcffcc6a7476a7015e1") r1 = syz_genetlink_get_family_id$batadv(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$BATADV_CMD_GET_MESH(0xffffffffffffffff, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000240)={&(0x7f0000000200)={0x24, r1, 0x300, 0x70bd27, 0x25dfdbfc, {}, [@BATADV_ATTR_MULTICAST_FORCEFLOOD_ENABLED={0x5}, @BATADV_ATTR_AGGREGATED_OGMS_ENABLED={0x5}]}, 0x24}, 0x1, 0x0, 0x0, 0x40000}, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000340)=@IORING_OP_CONNECT={0x10, 0x3, 0x0, 0xffffffffffffffff, 0x80, &(0x7f00000002c0)=@phonet={0x23, 0x9, 0x8, 0x1f}}, 0x8) ioctl$FS_IOC_GETVERSION(r0, 0x80087601, &(0x7f0000000380)) r2 = syz_open_dev$vcsu(&(0x7f00000003c0), 0x1, 0x218000) sendmsg$NL80211_CMD_SET_WIPHY(r2, &(0x7f0000000540)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000500)={&(0x7f0000000440)={0x9c, 0x0, 0x106, 0x70bd2a, 0x25dfdbfc, {}, [@NL80211_ATTR_WIPHY_FRAG_THRESHOLD={0x8, 0x3f, 0x8e14}, @NL80211_ATTR_WIPHY_TXQ_PARAMS={0x34, 0x25, 0x0, 0x1, [@NL80211_TXQ_ATTR_AIFS={0x5, 0x5, 0x80}, @NL80211_TXQ_ATTR_TXOP={0x6, 0x2, 0x9}, @NL80211_TXQ_ATTR_CWMIN={0x6, 0x3, 0xa6}, @NL80211_TXQ_ATTR_AIFS={0x5, 0x5, 0x80}, @NL80211_TXQ_ATTR_AIFS={0x5, 0x5, 0x8}, @NL80211_TXQ_ATTR_CWMAX={0x6, 0x4, 0x5f23}]}, @NL80211_ATTR_WIPHY_ANTENNA_RX={0x8, 0x6a, 0x10000}, @NL80211_ATTR_WIPHY_COVERAGE_CLASS={0x5, 0x59, 0x40}, @NL80211_ATTR_TXQ_MEMORY_LIMIT={0x8, 0x10b, 0x1}, @NL80211_ATTR_WIPHY_NAME={0x14, 0x2, 'ip6tnl0\x00'}, @NL80211_ATTR_TXQ_LIMIT={0x8, 0x10a, 0x4}, @NL80211_ATTR_WIPHY_ANTENNA_RX={0x8, 0x6a, 0xe4a}, @NL80211_ATTR_WIPHY_FRAG_THRESHOLD={0x8, 0x3f, 0xfffffff9}, @NL80211_ATTR_WIPHY_ANTENNA_RX={0x8, 0x6a, 0x28e3}]}, 0x9c}}, 0x44000) ioctl$BTRFS_IOC_DEFRAG_RANGE(0xffffffffffffffff, 0x40309410, &(0x7f0000000580)={0x78, 0x7, 0x3, 0x7, 0x0, [0x7, 0x3ff, 0x385, 0x52a]}) r3 = openat$cgroup_ro(r2, &(0x7f00000005c0)='cpuacct.usage_percpu\x00', 0x0, 0x0) io_uring_register$IORING_REGISTER_EVENTFD_ASYNC(r2, 0x7, &(0x7f0000000600)=r3, 0x1) r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_UNLABEL_C_STATICREMOVE(r4, &(0x7f0000000780)={&(0x7f0000000640)={0x10, 0x0, 0x0, 0xa000}, 0xc, &(0x7f0000000740)={&(0x7f0000000680)={0x84, 0x0, 0x10, 0x70bd29, 0x25dfdbfe, {}, [@NLBL_UNLABEL_A_IPV4MASK={0x8, 0x5, @local}, @NLBL_UNLABEL_A_ACPTFLG={0x5, 0x1, 0x1}, @NLBL_UNLABEL_A_IPV4ADDR={0x8, 0x4, @multicast1}, @NLBL_UNLABEL_A_IPV6MASK={0x14, 0x3, @local}, @NLBL_UNLABEL_A_ACPTFLG={0x5}, @NLBL_UNLABEL_A_IPV6MASK={0x14, 0x3, @empty}, @NLBL_UNLABEL_A_SECCTX={0x26, 0x7, 'system_u:object_r:dhcpd_exec_t:s0\x00'}]}, 0x84}, 0x1, 0x0, 0x0, 0x20000000}, 0x4) r5 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000800), r4) sendmsg$IEEE802154_LLSEC_SETPARAMS(r4, &(0x7f00000008c0)={&(0x7f00000007c0)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000880)={&(0x7f0000000840)={0x30, r5, 0x1, 0x70bd2d, 0x25dfdbfd, {}, [@IEEE802154_ATTR_LLSEC_KEY_SOURCE_EXTENDED={0xc, 0x2d, {0xaaaaaaaaaaaa0002}}, @IEEE802154_ATTR_PAN_ID={0x6}, @IEEE802154_ATTR_LLSEC_SECLEVEL={0x5, 0x2a, 0x6}]}, 0x30}, 0x1, 0x0, 0x0, 0x2000c0d0}, 0x4004000) ioctl$FICLONERANGE(r0, 0x4020940d, &(0x7f0000000900)={{r3}, 0x53, 0x5}) 22:33:51 executing program 7: r0 = pidfd_open(0xffffffffffffffff, 0x0) r1 = fcntl$getown(r0, 0x9) r2 = syz_io_uring_setup(0x5889, &(0x7f0000000000)={0x0, 0xa9d3, 0x4, 0x3, 0x39f}, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffb000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) ioctl$TIOCGICOUNT(0xffffffffffffffff, 0x545d, 0x0) ioctl$KDSIGACCEPT(0xffffffffffffffff, 0x4b4e, 0x8) r3 = openat$zero(0xffffffffffffff9c, &(0x7f0000000100), 0x200, 0x0) io_uring_register$IORING_REGISTER_FILES_UPDATE(r2, 0x6, &(0x7f0000000180)={0x6, 0x0, &(0x7f0000000140)=[r0, r3, r0, r0]}, 0x4) ioctl$sock_SIOCGPGRP(r3, 0x8904, &(0x7f0000000400)=0x0) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000440)=0x0) fcntl$getownex(r2, 0x10, &(0x7f0000000480)={0x0, 0x0}) ioctl$AUTOFS_DEV_IOCTL_OPENMOUNT(r3, 0xc0189374, &(0x7f0000000500)={{0x1, 0x1, 0x18, r0, {0x40aff5cd}}, './file0\x00'}) r8 = clone3(&(0x7f0000000540)={0x320a85200, &(0x7f00000001c0), &(0x7f0000000200)=0x0, &(0x7f0000000240)=0x0, {0x38}, &(0x7f0000000280)=""/155, 0x9b, &(0x7f0000000340)=""/179, &(0x7f00000004c0)=[r1, 0xffffffffffffffff, r4, r1, r5, r6], 0x6, {r7}}, 0x58) clone3(&(0x7f0000001a80)={0x100000000, &(0x7f0000000880)=0xffffffffffffffff, &(0x7f00000008c0)=0x0, &(0x7f0000000900), {0x1a}, &(0x7f0000000940)=""/4096, 0x1000, &(0x7f0000001940)=""/214, &(0x7f0000001a40)=[r1, r8, r10, r1, 0xffffffffffffffff, r10], 0x6}, 0x58) r13 = gettid() ioctl$TIOCGPGRP(r7, 0x540f, &(0x7f0000001b00)=0x0) r15 = openat$vcsu(0xffffffffffffff9c, &(0x7f0000001b80), 0x50880, 0x0) clone3(&(0x7f0000001bc0)={0x8b0a29473e092ecf, &(0x7f00000005c0), &(0x7f0000000600), &(0x7f0000000640), {0x80}, &(0x7f0000000680)=""/207, 0xcf, &(0x7f0000000780)=""/194, &(0x7f0000001b40)=[r12, r9, r13, r8, r8, r9, 0xffffffffffffffff, r1, r1, r14], 0xa, {r15}}, 0x58) setsockopt$bt_BT_SNDMTU(r7, 0x112, 0xc, &(0x7f0000001c40)=0xfff9, 0x2) ioctl$EVIOCGKEYCODE_V2(r11, 0x80284504, &(0x7f0000001c80)=""/150) ioctl$PIO_FONTX(0xffffffffffffffff, 0x4b6c, &(0x7f0000002140)={0x144, 0x4, &(0x7f0000001d40)="10cd7116ed1737398930319df3c14ccb64be31bd7bd82ce5420001640e87dad3033672b60b0fee2c200d015b62806e8f0779c653e8f1d2c4fbcd8a62f38e15e64f73eca60996a0b31a3b4b035153b38565ff5f3f9a596b4364e24ee8df1688ce7c2899691fc620f8097d2f556ec2e7cd69e051469f43b1d36dee400cd076c03ab405329db4243a582cac34b83fa5b96b7461746455d63ff7e024258ec4709f0d4b5e9a8ebf6e8df02c421b6da840cdbeaf86fc2ba7531b9a0034ab90cbd928f2d73f365c89cdc66789c7cd186fa3f07d6b025c649352c81452d7177c4a44feea3831c3cc99150e1018dc381082fd9b4c37a89abe49b5606049d552464c8774149f1ab2c959f17e98892c8989bd1b55ed2a33c76a4e3fc124487406d1ceaf8ff11003241e69b8f086e21b9e709748445d6231d7c960f8a9082b2107c62cb4124d2f7dcd0c4b63aa5ea22b0706c0fc765a374e1394c2dcf913b0056b0ade6ea3363458d7a6357db8b499543d01c5d823d3aeca71de31ee1e7bba5d09e328a3826922276628aabf0b0bcb7df2916b332ca7e86e4352464efa0591f54cd90e040383412e5fdcdfcc123d45ca6589fc091886b8c4a37e8d114dc8603145f4844303c7ac8b772dd9e3f43faeed1a7b867d2ce0d5e42a9eaa67df072a388c49db936d0b9f3f91bc189fc9437b17e4ebdbbcaa68be61073ec0f5b9a22b8d037e3f95cae0eec6cb2f16f87ac0d1bdcc6ef98388e6aa136c67107552dc95e7a426c816db3214662a8bf56ac09d5d7ce726d4376987be90c99dfbe3510527b1773e23b8bab13df94768cb432ba7fccf9737e15ed4bd306a58944d480f07334e3b6f93741b8727a86401acf9168244e2a35ecb2a3907f56615537f6262fbb59ab94b89a0ab260921817ced201b3e89bcb96b6496328ae3e97a4e197c8306d856dfe51f811a7c1bd5144ce8e7011440dcf89e2cc28a6983a06df9354a0f761f93b345a084d795af522dc244ae0956459086b4b76b106da8fdd117708ab7622deef9ebf146b8e0e60781dec2e4bf0bb45ff0cbee94fee26c14a3e6935796a968a0a5a95c7ac9f5c659f0c7ac4de5e5e446faabbe0d547967ebf1728331937af57d4e984822765f26e16ff534d7dcdca462ff14c9b993473570cbbedebd7f137474f9326bd321a2b8825c63b309f36ae160c2fa3bbf05f25ad7b7911e2ba3747c4f15e3be557273d8e334b185cce09834bcd7f98ae86146baef13b2406d1d5ff74ab3710e5b1c4a0b19847e0c6fe94516530b5094cdfd0e58e1ebe1759728475f9082e52077e36108b0f5c6b2c3da2632e05d9fe196db51ca2e69d628e2fab21aabe7d60ccff9bec15a46a377eeffa9cb5c95781dc357865f20315fb1632ac4b44f74ae573ad533950e257bd77c9582df2080651f1deea04e295ac72cbde950000138ffd0f11840"}) [ 75.714982] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 75.716730] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 75.720026] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 75.723959] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 75.726936] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 75.728445] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 75.734501] Bluetooth: hci0: HCI_REQ-0x0c1a [ 75.834385] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 75.837059] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 75.838665] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 75.841874] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 75.845298] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 75.846805] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 75.850015] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 75.852359] Bluetooth: hci1: HCI_REQ-0x0c1a [ 75.907223] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 75.909720] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 75.911309] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 75.913385] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 75.916053] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 75.918437] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 75.920074] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 75.921292] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 75.925761] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 75.926657] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 75.929095] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 75.931570] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 75.933303] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 75.934682] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 75.937355] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 75.942991] Bluetooth: hci4: HCI_REQ-0x0c1a [ 75.947929] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 75.952670] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 75.954480] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 75.957222] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 75.958420] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 75.959588] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 75.965675] Bluetooth: hci2: HCI_REQ-0x0c1a [ 75.974573] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 75.980011] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 75.982011] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 75.984577] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 75.986251] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 75.993872] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 75.994892] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 76.001901] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 76.003858] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 76.005172] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 76.007841] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 76.011876] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 76.020093] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 76.022724] Bluetooth: hci3: HCI_REQ-0x0c1a [ 76.024271] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 76.030068] Bluetooth: hci6: HCI_REQ-0x0c1a [ 76.039887] Bluetooth: hci7: HCI_REQ-0x0c1a [ 76.069875] Bluetooth: hci5: HCI_REQ-0x0c1a [ 77.797961] Bluetooth: hci0: command 0x0409 tx timeout [ 77.861769] Bluetooth: hci1: command 0x0409 tx timeout [ 77.989770] Bluetooth: hci2: command 0x0409 tx timeout [ 77.990424] Bluetooth: hci4: command 0x0409 tx timeout [ 78.054148] Bluetooth: hci7: command 0x0409 tx timeout [ 78.054795] Bluetooth: hci6: command 0x0409 tx timeout [ 78.055324] Bluetooth: hci3: command 0x0409 tx timeout [ 78.117739] Bluetooth: hci5: command 0x0409 tx timeout [ 79.845647] Bluetooth: hci0: command 0x041b tx timeout [ 79.909662] Bluetooth: hci1: command 0x041b tx timeout [ 80.037694] Bluetooth: hci4: command 0x041b tx timeout [ 80.038112] Bluetooth: hci2: command 0x041b tx timeout [ 80.101783] Bluetooth: hci3: command 0x041b tx timeout [ 80.102184] Bluetooth: hci6: command 0x041b tx timeout [ 80.102590] Bluetooth: hci7: command 0x041b tx timeout [ 80.165651] Bluetooth: hci5: command 0x041b tx timeout [ 81.893647] Bluetooth: hci0: command 0x040f tx timeout [ 81.957657] Bluetooth: hci1: command 0x040f tx timeout [ 82.085713] Bluetooth: hci2: command 0x040f tx timeout [ 82.086177] Bluetooth: hci4: command 0x040f tx timeout [ 82.149747] Bluetooth: hci7: command 0x040f tx timeout [ 82.150188] Bluetooth: hci6: command 0x040f tx timeout [ 82.150637] Bluetooth: hci3: command 0x040f tx timeout [ 82.213736] Bluetooth: hci5: command 0x040f tx timeout [ 83.941650] Bluetooth: hci0: command 0x0419 tx timeout [ 84.005648] Bluetooth: hci1: command 0x0419 tx timeout [ 84.133673] Bluetooth: hci4: command 0x0419 tx timeout [ 84.134111] Bluetooth: hci2: command 0x0419 tx timeout [ 84.197680] Bluetooth: hci3: command 0x0419 tx timeout [ 84.198114] Bluetooth: hci6: command 0x0419 tx timeout [ 84.198530] Bluetooth: hci7: command 0x0419 tx timeout [ 84.261706] Bluetooth: hci5: command 0x0419 tx timeout 22:34:43 executing program 5: r0 = syz_mount_image$vfat(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000000)='./file0\x00') r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x11, 0xffffffffffffffff, 0xa015000) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000140), 0x4}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000002480)='fd/3\x00') mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000140), 0x0, &(0x7f0000000000)={'trans=fd,', {'rfdno', 0x3d, r2}}) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, 0xffffffffffffffff, &(0x7f0000000240)={0xc0000008}) fsconfig$FSCONFIG_SET_FD(0xffffffffffffffff, 0x5, &(0x7f0000000180)=']{\x00', 0x0, r1) acct(&(0x7f00000001c0)='./file1\x00') r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r3, &(0x7f0000001180)=ANY=[], 0x220) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x1, 0x1, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000480), 0x7}, 0x0, 0x0, 0xfffffffd, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/mdstat\x00', 0x0, 0x0) ioctl$AUTOFS_IOC_EXPIRE(0xffffffffffffffff, 0x810c9365, &(0x7f0000000340)={{0x101, 0x7}, 0x100, './file1\x00'}) fsetxattr$trusted_overlay_redirect(r0, &(0x7f0000000300), &(0x7f00000004c0)='./file1\x00', 0x8, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = fsopen(&(0x7f0000000040)='rpc_pipefs\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r4, 0x6, 0x0, 0x0, 0x0) fsmount(r4, 0x0, 0x0) [ 126.335000] loop5: detected capacity change from 0 to 40 [ 126.345861] audit: type=1400 audit(1664404483.161:7): avc: denied { open } for pid=3770 comm="syz-executor.5" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 [ 126.347355] audit: type=1400 audit(1664404483.162:8): avc: denied { kernel } for pid=3770 comm="syz-executor.5" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 [ 126.369150] ------------[ cut here ]------------ [ 126.369168] [ 126.369171] ====================================================== [ 126.369175] WARNING: possible circular locking dependency detected [ 126.369179] 6.0.0-rc7-next-20220927 #1 Not tainted [ 126.369185] ------------------------------------------------------ [ 126.369189] syz-executor.5/3771 is trying to acquire lock: [ 126.369195] ffffffff853faab8 ((console_sem).lock){....}-{2:2}, at: down_trylock+0xe/0x70 [ 126.369238] [ 126.369238] but task is already holding lock: [ 126.369241] ffff88800ec9ec20 (&ctx->lock){....}-{2:2}, at: __perf_event_task_sched_out+0x53b/0x18d0 [ 126.369270] [ 126.369270] which lock already depends on the new lock. [ 126.369270] [ 126.369273] [ 126.369273] the existing dependency chain (in reverse order) is: [ 126.369277] [ 126.369277] -> #3 (&ctx->lock){....}-{2:2}: [ 126.369291] _raw_spin_lock+0x2a/0x40 [ 126.369304] __perf_event_task_sched_out+0x53b/0x18d0 [ 126.369316] __schedule+0xedd/0x2470 [ 126.369332] schedule+0xda/0x1b0 [ 126.369347] exit_to_user_mode_prepare+0x114/0x1a0 [ 126.369360] syscall_exit_to_user_mode+0x19/0x40 [ 126.369374] do_syscall_64+0x48/0x90 [ 126.369385] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 126.369399] [ 126.369399] -> #2 (&rq->__lock){-.-.}-{2:2}: [ 126.369413] _raw_spin_lock_nested+0x30/0x40 [ 126.369425] raw_spin_rq_lock_nested+0x1e/0x30 [ 126.369439] task_fork_fair+0x63/0x4d0 [ 126.369456] sched_cgroup_fork+0x3d0/0x540 [ 126.369470] copy_process+0x4183/0x6e20 [ 126.369481] kernel_clone+0xe7/0x890 [ 126.369491] user_mode_thread+0xad/0xf0 [ 126.369501] rest_init+0x24/0x250 [ 126.369514] arch_call_rest_init+0xf/0x14 [ 126.369529] start_kernel+0x4c6/0x4eb [ 126.369540] secondary_startup_64_no_verify+0xe0/0xeb [ 126.369555] [ 126.369555] -> #1 (&p->pi_lock){-.-.}-{2:2}: [ 126.369568] _raw_spin_lock_irqsave+0x39/0x60 [ 126.369581] try_to_wake_up+0xab/0x1930 [ 126.369597] up+0x75/0xb0 [ 126.369612] __up_console_sem+0x6e/0x80 [ 126.369628] console_unlock+0x46a/0x590 [ 126.369644] do_con_write+0xc05/0x1d50 [ 126.369657] con_write+0x21/0x40 [ 126.369667] n_tty_write+0x4d4/0xfe0 [ 126.369681] file_tty_write.constprop.0+0x455/0x8a0 [ 126.369695] vfs_write+0x9c3/0xd90 [ 126.369714] ksys_write+0x127/0x250 [ 126.369723] do_syscall_64+0x3b/0x90 [ 126.369733] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 126.369747] [ 126.369747] -> #0 ((console_sem).lock){....}-{2:2}: [ 126.369761] __lock_acquire+0x2a02/0x5e70 [ 126.369778] lock_acquire+0x1a2/0x530 [ 126.369793] _raw_spin_lock_irqsave+0x39/0x60 [ 126.369806] down_trylock+0xe/0x70 [ 126.369822] __down_trylock_console_sem+0x3b/0xd0 [ 126.369838] vprintk_emit+0x16b/0x560 [ 126.369854] vprintk+0x84/0xa0 [ 126.369870] _printk+0xba/0xf1 [ 126.369883] report_bug.cold+0x72/0xab [ 126.369893] handle_bug+0x3c/0x70 [ 126.369903] exc_invalid_op+0x14/0x50 [ 126.369913] asm_exc_invalid_op+0x16/0x20 [ 126.369926] group_sched_out.part.0+0x2c7/0x460 [ 126.369938] ctx_sched_out+0x8f1/0xc10 [ 126.369948] __perf_event_task_sched_out+0x6d0/0x18d0 [ 126.369961] __schedule+0xedd/0x2470 [ 126.369976] schedule+0xda/0x1b0 [ 126.369990] exit_to_user_mode_prepare+0x114/0x1a0 [ 126.370001] syscall_exit_to_user_mode+0x19/0x40 [ 126.370015] do_syscall_64+0x48/0x90 [ 126.370025] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 126.370039] [ 126.370039] other info that might help us debug this: [ 126.370039] [ 126.370042] Chain exists of: [ 126.370042] (console_sem).lock --> &rq->__lock --> &ctx->lock [ 126.370042] [ 126.370057] Possible unsafe locking scenario: [ 126.370057] [ 126.370059] CPU0 CPU1 [ 126.370061] ---- ---- [ 126.370064] lock(&ctx->lock); [ 126.370070] lock(&rq->__lock); [ 126.370076] lock(&ctx->lock); [ 126.370082] lock((console_sem).lock); [ 126.370088] [ 126.370088] *** DEADLOCK *** [ 126.370088] [ 126.370090] 2 locks held by syz-executor.5/3771: [ 126.370097] #0: ffff88806cf37d18 (&rq->__lock){-.-.}-{2:2}, at: __schedule+0x1cf/0x2470 [ 126.370128] #1: ffff88800ec9ec20 (&ctx->lock){....}-{2:2}, at: __perf_event_task_sched_out+0x53b/0x18d0 [ 126.370155] [ 126.370155] stack backtrace: [ 126.370158] CPU: 1 PID: 3771 Comm: syz-executor.5 Not tainted 6.0.0-rc7-next-20220927 #1 [ 126.370171] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 126.370179] Call Trace: [ 126.370183] [ 126.370187] dump_stack_lvl+0x8b/0xb3 [ 126.370198] check_noncircular+0x263/0x2e0 [ 126.370215] ? format_decode+0x26c/0xb50 [ 126.370234] ? print_circular_bug+0x450/0x450 [ 126.370250] ? enable_ptr_key_workfn+0x20/0x20 [ 126.370269] ? format_decode+0x26c/0xb50 [ 126.370288] ? alloc_chain_hlocks+0x1ec/0x5a0 [ 126.370305] __lock_acquire+0x2a02/0x5e70 [ 126.370327] ? lockdep_hardirqs_on_prepare+0x410/0x410 [ 126.370349] lock_acquire+0x1a2/0x530 [ 126.370366] ? down_trylock+0xe/0x70 [ 126.370384] ? lock_release+0x750/0x750 [ 126.370405] ? vprintk+0x84/0xa0 [ 126.370423] _raw_spin_lock_irqsave+0x39/0x60 [ 126.370435] ? down_trylock+0xe/0x70 [ 126.370453] down_trylock+0xe/0x70 [ 126.370470] ? vprintk+0x84/0xa0 [ 126.370487] __down_trylock_console_sem+0x3b/0xd0 [ 126.370504] vprintk_emit+0x16b/0x560 [ 126.370523] vprintk+0x84/0xa0 [ 126.370540] _printk+0xba/0xf1 [ 126.370553] ? record_print_text.cold+0x16/0x16 [ 126.370570] ? report_bug.cold+0x66/0xab [ 126.370582] ? group_sched_out.part.0+0x2c7/0x460 [ 126.370594] report_bug.cold+0x72/0xab [ 126.370606] handle_bug+0x3c/0x70 [ 126.370617] exc_invalid_op+0x14/0x50 [ 126.370629] asm_exc_invalid_op+0x16/0x20 [ 126.370643] RIP: 0010:group_sched_out.part.0+0x2c7/0x460 [ 126.370657] Code: 5e 41 5f e9 ab a9 ef ff e8 a6 a9 ef ff 65 8b 1d 1b 0f ac 7e 31 ff 89 de e8 46 a6 ef ff 85 db 0f 84 8a 00 00 00 e8 89 a9 ef ff <0f> 0b e9 a5 fe ff ff e8 7d a9 ef ff 48 8d 7d 10 48 b8 00 00 00 00 [ 126.370668] RSP: 0018:ffff88801c2f7c48 EFLAGS: 00010006 [ 126.370678] RAX: 0000000040000002 RBX: 0000000000000000 RCX: 0000000000000000 [ 126.370686] RDX: ffff888017f85040 RSI: ffffffff815666b7 RDI: 0000000000000005 [ 126.370694] RBP: ffff88800a3e0000 R08: 0000000000000005 R09: 0000000000000001 [ 126.370701] R10: 0000000000000000 R11: ffffffff865b405b R12: ffff88800ec9ec00 [ 126.370709] R13: ffff88806cf3d140 R14: ffffffff8547cf80 R15: 0000000000000002 [ 126.370720] ? group_sched_out.part.0+0x2c7/0x460 [ 126.370734] ? group_sched_out.part.0+0x2c7/0x460 [ 126.370747] ctx_sched_out+0x8f1/0xc10 [ 126.370760] __perf_event_task_sched_out+0x6d0/0x18d0 [ 126.370776] ? lock_is_held_type+0xd7/0x130 [ 126.370791] ? __perf_cgroup_move+0x160/0x160 [ 126.370804] ? set_next_entity+0x304/0x550 [ 126.370821] ? update_curr+0x267/0x740 [ 126.370839] ? lock_is_held_type+0xd7/0x130 [ 126.370855] __schedule+0xedd/0x2470 [ 126.370874] ? io_schedule_timeout+0x150/0x150 [ 126.370892] ? rcu_read_lock_sched_held+0x3e/0x80 [ 126.370912] schedule+0xda/0x1b0 [ 126.370929] exit_to_user_mode_prepare+0x114/0x1a0 [ 126.370941] syscall_exit_to_user_mode+0x19/0x40 [ 126.370956] do_syscall_64+0x48/0x90 [ 126.370967] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 126.370982] RIP: 0033:0x7f94f77e1b19 [ 126.370990] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 126.371001] RSP: 002b:00007f94f4d57218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 126.371012] RAX: 0000000000000001 RBX: 00007f94f78f4f68 RCX: 00007f94f77e1b19 [ 126.371019] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f94f78f4f6c [ 126.371027] RBP: 00007f94f78f4f60 R08: 000000000000000e R09: 0000000000000000 [ 126.371034] R10: 0000000000000006 R11: 0000000000000246 R12: 00007f94f78f4f6c [ 126.371041] R13: 00007ffc4fa6f63f R14: 00007f94f4d57300 R15: 0000000000022000 [ 126.371054] [ 126.428407] WARNING: CPU: 1 PID: 3771 at kernel/events/core.c:2309 group_sched_out.part.0+0x2c7/0x460 [ 126.429100] Modules linked in: [ 126.429347] CPU: 1 PID: 3771 Comm: syz-executor.5 Not tainted 6.0.0-rc7-next-20220927 #1 [ 126.429937] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 126.430773] RIP: 0010:group_sched_out.part.0+0x2c7/0x460 [ 126.431185] Code: 5e 41 5f e9 ab a9 ef ff e8 a6 a9 ef ff 65 8b 1d 1b 0f ac 7e 31 ff 89 de e8 46 a6 ef ff 85 db 0f 84 8a 00 00 00 e8 89 a9 ef ff <0f> 0b e9 a5 fe ff ff e8 7d a9 ef ff 48 8d 7d 10 48 b8 00 00 00 00 [ 126.432543] RSP: 0018:ffff88801c2f7c48 EFLAGS: 00010006 [ 126.432940] RAX: 0000000040000002 RBX: 0000000000000000 RCX: 0000000000000000 [ 126.433471] RDX: ffff888017f85040 RSI: ffffffff815666b7 RDI: 0000000000000005 [ 126.434013] RBP: ffff88800a3e0000 R08: 0000000000000005 R09: 0000000000000001 [ 126.434547] R10: 0000000000000000 R11: ffffffff865b405b R12: ffff88800ec9ec00 [ 126.435080] R13: ffff88806cf3d140 R14: ffffffff8547cf80 R15: 0000000000000002 [ 126.435613] FS: 00007f94f4d57700(0000) GS:ffff88806cf00000(0000) knlGS:0000000000000000 [ 126.436221] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 126.436654] CR2: 0000563dbe5a6080 CR3: 0000000015ec0000 CR4: 0000000000350ee0 [ 126.437189] Call Trace: [ 126.437389] [ 126.437569] ctx_sched_out+0x8f1/0xc10 [ 126.437868] __perf_event_task_sched_out+0x6d0/0x18d0 [ 126.438271] ? lock_is_held_type+0xd7/0x130 [ 126.438600] ? __perf_cgroup_move+0x160/0x160 [ 126.438948] ? set_next_entity+0x304/0x550 [ 126.439277] ? update_curr+0x267/0x740 [ 126.439580] ? lock_is_held_type+0xd7/0x130 [ 126.439907] __schedule+0xedd/0x2470 [ 126.440220] ? io_schedule_timeout+0x150/0x150 [ 126.440574] ? rcu_read_lock_sched_held+0x3e/0x80 [ 126.440945] schedule+0xda/0x1b0 [ 126.441216] exit_to_user_mode_prepare+0x114/0x1a0 [ 126.441583] syscall_exit_to_user_mode+0x19/0x40 [ 126.441941] do_syscall_64+0x48/0x90 [ 126.442225] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 126.442614] RIP: 0033:0x7f94f77e1b19 [ 126.442894] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 126.444245] RSP: 002b:00007f94f4d57218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 126.444815] RAX: 0000000000000001 RBX: 00007f94f78f4f68 RCX: 00007f94f77e1b19 [ 126.445351] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f94f78f4f6c [ 126.445879] RBP: 00007f94f78f4f60 R08: 000000000000000e R09: 0000000000000000 [ 126.446415] R10: 0000000000000006 R11: 0000000000000246 R12: 00007f94f78f4f6c [ 126.446941] R13: 00007ffc4fa6f63f R14: 00007f94f4d57300 R15: 0000000000022000 [ 126.447484] [ 126.447664] irq event stamp: 1748 [ 126.447921] hardirqs last enabled at (1747): [] exit_to_user_mode_prepare+0x109/0x1a0 [ 126.448631] hardirqs last disabled at (1748): [] __schedule+0x1225/0x2470 [ 126.449254] softirqs last enabled at (1502): [] __irq_exit_rcu+0x11b/0x180 [ 126.449901] softirqs last disabled at (1453): [] __irq_exit_rcu+0x11b/0x180 [ 126.450552] ---[ end trace 0000000000000000 ]--- [ 126.851072] loop5: detected capacity change from 0 to 40 [ 126.854063] 9pnet_fd: Insufficient options for proto=fd [ 126.854784] Process accounting resumed [ 126.919920] Process accounting resumed 22:34:43 executing program 5: r0 = syz_mount_image$vfat(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000000)='./file0\x00') r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x11, 0xffffffffffffffff, 0xa015000) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000140), 0x4}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000002480)='fd/3\x00') mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000140), 0x0, &(0x7f0000000000)={'trans=fd,', {'rfdno', 0x3d, r2}}) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, 0xffffffffffffffff, &(0x7f0000000240)={0xc0000008}) fsconfig$FSCONFIG_SET_FD(0xffffffffffffffff, 0x5, &(0x7f0000000180)=']{\x00', 0x0, r1) acct(&(0x7f00000001c0)='./file1\x00') r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r3, &(0x7f0000001180)=ANY=[], 0x220) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x1, 0x1, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000480), 0x7}, 0x0, 0x0, 0xfffffffd, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/mdstat\x00', 0x0, 0x0) ioctl$AUTOFS_IOC_EXPIRE(0xffffffffffffffff, 0x810c9365, &(0x7f0000000340)={{0x101, 0x7}, 0x100, './file1\x00'}) fsetxattr$trusted_overlay_redirect(r0, &(0x7f0000000300), &(0x7f00000004c0)='./file1\x00', 0x8, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = fsopen(&(0x7f0000000040)='rpc_pipefs\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r4, 0x6, 0x0, 0x0, 0x0) fsmount(r4, 0x0, 0x0) [ 126.964964] loop5: detected capacity change from 0 to 40 [ 127.099879] Process accounting resumed 22:34:43 executing program 5: r0 = syz_mount_image$vfat(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000000)='./file0\x00') r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x11, 0xffffffffffffffff, 0xa015000) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000140), 0x4}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000002480)='fd/3\x00') mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000140), 0x0, &(0x7f0000000000)={'trans=fd,', {'rfdno', 0x3d, r2}}) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, 0xffffffffffffffff, &(0x7f0000000240)={0xc0000008}) fsconfig$FSCONFIG_SET_FD(0xffffffffffffffff, 0x5, &(0x7f0000000180)=']{\x00', 0x0, r1) acct(&(0x7f00000001c0)='./file1\x00') r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r3, &(0x7f0000001180)=ANY=[], 0x220) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x1, 0x1, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000480), 0x7}, 0x0, 0x0, 0xfffffffd, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/mdstat\x00', 0x0, 0x0) ioctl$AUTOFS_IOC_EXPIRE(0xffffffffffffffff, 0x810c9365, &(0x7f0000000340)={{0x101, 0x7}, 0x100, './file1\x00'}) fsetxattr$trusted_overlay_redirect(r0, &(0x7f0000000300), &(0x7f00000004c0)='./file1\x00', 0x8, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = fsopen(&(0x7f0000000040)='rpc_pipefs\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r4, 0x6, 0x0, 0x0, 0x0) fsmount(r4, 0x0, 0x0) [ 127.160969] loop5: detected capacity change from 0 to 40 [ 127.328234] Process accounting resumed 22:34:44 executing program 5: r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x16}]}, 0x10) syz_emit_ethernet(0x66, &(0x7f00000001c0)={@local, @multicast, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "2ddc20", 0x30, 0x3a, 0x0, @ipv4={'\x00', '\xff\xff', @broadcast}, @local, {[], @pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "f2e2a6", 0x0, 0x0, 0x0, @local, @remote}}}}}}}, 0x0) r1 = syz_open_dev$vcsn(&(0x7f0000000080), 0xfff, 0x800) connect$inet6(r1, &(0x7f00000000c0)={0xa, 0x4e21, 0x800, @empty, 0x1000}, 0x1c) 22:34:44 executing program 5: openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) r0 = syz_io_uring_setup(0x7969, &(0x7f0000001dc0)={0x0, 0xfc32, 0x2, 0x3, 0x109}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffb000/0x2000)=nil, &(0x7f0000000000), &(0x7f0000000240)) syz_io_uring_submit(0x0, 0x0, 0x0, 0x8c) ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, 0x0) r1 = openat(0xffffffffffffff9c, 0x0, 0x26e1, 0x0) ioctl$FITRIM(0xffffffffffffffff, 0xc0185879, 0x0) r2 = getpgid(0xffffffffffffffff) perf_event_open(&(0x7f0000000380)={0x5, 0x80, 0xff, 0x0, 0x0, 0xda, 0x0, 0x6, 0x2020, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4, 0x0, @perf_bp={&(0x7f00000017c0), 0xd}, 0x11c07, 0xc03, 0x7f, 0x6, 0x0, 0x8, 0x80, 0x0, 0x0, 0x0, 0x8001}, r2, 0x6, r1, 0x8) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x52, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mount$9p_fd(0x0, &(0x7f0000001cc0)='./file1\x00', &(0x7f0000001d00), 0x20a000, &(0x7f0000001d40)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r1, @ANYBLOB=',wfdno=', @ANYRESHEX=r0, @ANYBLOB=',noextend,noextend,fowner<', @ANYRESDEC=0xee00, @ANYBLOB="fa3dd3a683f38e81e9dee90df66d5275be2c783b4d"]) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) syz_mount_image$vfat(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) process_vm_readv(r2, &(0x7f00000014c0)=[{&(0x7f0000001200)=""/79, 0x4f}, {&(0x7f0000001180)=""/30, 0x1e}, {&(0x7f0000001280)=""/241, 0xf1}, {&(0x7f0000001380)=""/126, 0x7e}, {&(0x7f0000001400)=""/189, 0xbd}], 0x5, &(0x7f0000001780)=[{&(0x7f0000001540)=""/153, 0x99}, {&(0x7f0000001600)=""/249, 0xf9}, {&(0x7f0000001700)=""/114, 0x72}], 0x3, 0x0) preadv(0xffffffffffffffff, &(0x7f0000001140)=[{&(0x7f0000000140)=""/4096, 0x1000}], 0x1, 0x0, 0x0) r3 = getpgid(r2) process_vm_writev(r3, &(0x7f00000011c0)=[{&(0x7f0000001800)=""/140, 0x8c}, {&(0x7f00000018c0)=""/117, 0x75}], 0x2, &(0x7f0000001c80)=[{&(0x7f0000001940)=""/207, 0xcf}, {&(0x7f0000001a40)=""/241, 0xf1}, {&(0x7f0000001b40)=""/161, 0xa1}, {&(0x7f0000001c00)=""/124, 0x7c}], 0x4, 0x0) ptrace$setopts(0x4206, 0x0, 0x0, 0x0) open(&(0x7f0000000000)='./file0\x00', 0x531081, 0x0) inotify_init1(0x0) 22:34:44 executing program 5: r0 = syz_io_uring_setup(0xfa7, &(0x7f0000000080)={0x0, 0x4, 0x0, 0x2}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000100)=0x0, &(0x7f0000000000)=0x0) r3 = socket$inet_tcp(0x2, 0x1, 0x0) syz_io_uring_setup(0x2175, &(0x7f0000000680)={0x0, 0x1df2, 0x4, 0x102, 0x285}, &(0x7f0000ffb000/0x4000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000000380), &(0x7f00000003c0)=0x0) r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r3, 0x9, 0x0, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000500)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, r3, &(0x7f0000000400)=0x80, &(0x7f00000005c0)=@isdn, 0x0, 0x80800, 0x1, {0x0, r5}}, 0x3) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0xfffffdef) r6 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000004c0)='./cgroup/syz1\x00', 0x200002, 0x0) r7 = syz_open_dev$tty20(0xc, 0x4, 0x1) io_uring_register$IORING_REGISTER_FILES(0xffffffffffffffff, 0x2, &(0x7f0000000800)=[r6, r7], 0x2) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x2, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0xf21b1691b57c75e5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r8 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) fallocate(r8, 0x0, 0x0, 0x87ffffc) getsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x1b, &(0x7f0000000540), &(0x7f0000000580)=0x4) getsockopt$IP_SET_OP_GET_FNAME(0xffffffffffffffff, 0x1, 0x53, &(0x7f0000000640)={0x8, 0x7, 0x0, 'syz2\x00'}, &(0x7f0000000480)=0x10) syz_io_uring_submit(r1, r4, &(0x7f0000000180)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x2, 0x0, r3, 0x0, &(0x7f0000000700)="612caea8c124b59964cd964a10c2e54202651c98b05f8f58a2e0653ea1b915a073f0e168e4f93e35298503fba6a128d840d806c4390464c200f3572838af7aa506a6e865865e31f1009a534d12387ad05cfc2aecfe9773651eadcb3adac6ebc2047930af51c39af56d0c399f9d1a3ad6b20ee77c5af1e179ff7f40c78faec754ad3c9168f5f9b131af23e91dbf6c9a83adcb35be3b776a0b5be00f10c9df1c4e6005489852eec715211a911ed9158b0471317eb91c23d527a239c8d2cacd1d7dab88f9b74819d511013edc60f8314fded323df", 0xd3, 0x2}, 0x101) syz_io_uring_submit(r1, r2, &(0x7f0000000040)=@IORING_OP_CONNECT={0x10, 0x2, 0x0, r3, 0x80, &(0x7f0000000280)=@l2tp={0x2, 0x0, @loopback}}, 0x0) io_uring_enter(r0, 0x100001, 0x0, 0x0, 0x0, 0x0) syz_io_uring_setup(0x7d65, &(0x7f00000001c0)={0x0, 0xf798, 0x4, 0x1, 0x60, 0x0, r0}, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000140), &(0x7f0000000240)) 22:34:44 executing program 7: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000540)={0x1, &(0x7f00000004c0)=[{0x9}]}) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000040)={0x8, &(0x7f0000000000)=[{0x3, 0xff, 0x3f, 0x8001}, {0x100, 0x6, 0x6, 0x4}, {0x3, 0xff, 0x2, 0xfffffff7}, {0x8, 0x0, 0x8, 0x3}, {0x800, 0x9, 0x1f, 0x40}, {0x8c, 0x3f, 0xc0, 0xfb72}, {0x8, 0x3, 0x2}, {0x400, 0x1f, 0x4, 0x9}]}) r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f00000000c0)={0x7, &(0x7f0000000080)=[{0xc67, 0xff, 0x1f, 0x1}, {0x7, 0x9, 0x3, 0x10000}, {0x0, 0x49, 0x0, 0x6}, {0xff, 0x20, 0x8, 0x4}, {0x4, 0x2, 0x6, 0x4}, {0x3ff, 0x0, 0x6, 0x3}, {0x1, 0x7, 0x2, 0x9e93913}]}) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, &(0x7f0000000100)) 22:34:44 executing program 5: r0 = syz_io_uring_setup(0xfa7, &(0x7f0000000080)={0x0, 0x4, 0x0, 0x2}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000100)=0x0, &(0x7f0000000000)=0x0) r3 = socket$inet_tcp(0x2, 0x1, 0x0) syz_io_uring_setup(0x2175, &(0x7f0000000680)={0x0, 0x1df2, 0x4, 0x102, 0x285}, &(0x7f0000ffb000/0x4000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000000380), &(0x7f00000003c0)=0x0) r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r3, 0x9, 0x0, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000500)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, r3, &(0x7f0000000400)=0x80, &(0x7f00000005c0)=@isdn, 0x0, 0x80800, 0x1, {0x0, r5}}, 0x3) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0xfffffdef) r6 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000004c0)='./cgroup/syz1\x00', 0x200002, 0x0) r7 = syz_open_dev$tty20(0xc, 0x4, 0x1) io_uring_register$IORING_REGISTER_FILES(0xffffffffffffffff, 0x2, &(0x7f0000000800)=[r6, r7], 0x2) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x2, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0xf21b1691b57c75e5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r8 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) fallocate(r8, 0x0, 0x0, 0x87ffffc) getsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x1b, &(0x7f0000000540), &(0x7f0000000580)=0x4) getsockopt$IP_SET_OP_GET_FNAME(0xffffffffffffffff, 0x1, 0x53, &(0x7f0000000640)={0x8, 0x7, 0x0, 'syz2\x00'}, &(0x7f0000000480)=0x10) syz_io_uring_submit(r1, r4, &(0x7f0000000180)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x2, 0x0, r3, 0x0, &(0x7f0000000700)="612caea8c124b59964cd964a10c2e54202651c98b05f8f58a2e0653ea1b915a073f0e168e4f93e35298503fba6a128d840d806c4390464c200f3572838af7aa506a6e865865e31f1009a534d12387ad05cfc2aecfe9773651eadcb3adac6ebc2047930af51c39af56d0c399f9d1a3ad6b20ee77c5af1e179ff7f40c78faec754ad3c9168f5f9b131af23e91dbf6c9a83adcb35be3b776a0b5be00f10c9df1c4e6005489852eec715211a911ed9158b0471317eb91c23d527a239c8d2cacd1d7dab88f9b74819d511013edc60f8314fded323df", 0xd3, 0x2}, 0x101) syz_io_uring_submit(r1, r2, &(0x7f0000000040)=@IORING_OP_CONNECT={0x10, 0x2, 0x0, r3, 0x80, &(0x7f0000000280)=@l2tp={0x2, 0x0, @loopback}}, 0x0) io_uring_enter(r0, 0x100001, 0x0, 0x0, 0x0, 0x0) syz_io_uring_setup(0x7d65, &(0x7f00000001c0)={0x0, 0xf798, 0x4, 0x1, 0x60, 0x0, r0}, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000140), &(0x7f0000000240)) [ 128.404230] loop1: detected capacity change from 0 to 10 [ 128.405201] EXT4-fs: Ignoring removed bh option [ 128.405569] ext3: Unknown parameter 'euid<00000000000000060929' [ 128.422312] loop1: detected capacity change from 0 to 10 [ 128.424222] EXT4-fs: Ignoring removed bh option [ 128.424620] ext3: Unknown parameter 'euid<00000000000000060929' VM DIAGNOSIS: 22:34:43 Registers: info registers vcpu 0 RAX=ffffc90000660000 RBX=ffff88800a440b40 RCX=1ffff11001488201 RDX=1ffff110014881ae RSI=0000000000000004 RDI=ffff88801f1b7aa8 RBP=1ffff11003e36f76 RSP=ffff88801f1b7b38 R8 =0000000000000001 R9 =ffff88801f1b7aab R10=ffffed1003e36f55 R11=0000000000000001 R12=ffff88800a440d58 R13=0000000000000000 R14=ffff88800a440000 R15=ffff88800a440b40 RIP=ffffffff82d9e8de RFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 0000000000000000 00000000 00000000 GS =0000 ffff88806ce00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007fd9e2452000 CR3=0000000041048000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 YMM00=0000000000000000 0000000000000000 00ff000000000000 00000000000000ff YMM01=0000000000000000 0000000000000000 ff00ffffffffffff ffffffffffffff00 YMM02=0000000000000000 0000000000000000 4f0063305f315f31 5f4c53534e45504f YMM03=0000000000000000 0000000000000000 000000000000314e 5341006c756f7472 YMM04=0000000000000000 0000000000000000 65675f454c424154 5f474e495254535f YMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 RAX=0000000000000020 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff823ba0b1 RDI=ffffffff8765a980 RBP=ffffffff8765a940 RSP=ffff88801c2f7690 R8 =0000000000000001 R9 =000000000000000a R10=0000000000000020 R11=0000000000000001 R12=0000000000000020 R13=ffffffff8765a940 R14=0000000000000010 R15=ffffffff823ba0a0 RIP=ffffffff823ba109 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 00007f94f4d57700 00000000 00000000 GS =0000 ffff88806cf00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=0000563dbe5a6080 CR3=0000000015ec0000 CR4=00350ee0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 YMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM01=0000000000000000 0000000000000000 ffffffffffffffff ffffffffffffffff YMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM04=0000000000000000 0000000000000000 0000000000000000 00000000000000ff YMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM06=0000000000000000 0000000000000000 0000000000000000 000000524f525245 YMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM08=0000000000000000 0000000000000000 0000000000000000 00524f5252450040 YMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000