Warning: Permanently added '[localhost]:23295' (ECDSA) to the list of known hosts. 2022/10/02 10:01:36 fuzzer started 2022/10/02 10:01:36 dialing manager at localhost:35095 syzkaller login: [ 44.489180] cgroup: Unknown subsys name 'net' [ 44.579246] cgroup: Unknown subsys name 'rlimit' 2022/10/02 10:01:50 syscalls: 2215 2022/10/02 10:01:50 code coverage: enabled 2022/10/02 10:01:50 comparison tracing: enabled 2022/10/02 10:01:50 extra coverage: enabled 2022/10/02 10:01:50 setuid sandbox: enabled 2022/10/02 10:01:50 namespace sandbox: enabled 2022/10/02 10:01:50 Android sandbox: enabled 2022/10/02 10:01:50 fault injection: enabled 2022/10/02 10:01:50 leak checking: enabled 2022/10/02 10:01:50 net packet injection: enabled 2022/10/02 10:01:50 net device setup: enabled 2022/10/02 10:01:50 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2022/10/02 10:01:50 devlink PCI setup: PCI device 0000:00:10.0 is not available 2022/10/02 10:01:50 USB emulation: enabled 2022/10/02 10:01:50 hci packet injection: enabled 2022/10/02 10:01:50 wifi device emulation: failed to parse kernel version (6.0.0-rc7-next-20220930) 2022/10/02 10:01:50 802.15.4 emulation: enabled 2022/10/02 10:01:51 fetching corpus: 50, signal 23892/25695 (executing program) 2022/10/02 10:01:51 fetching corpus: 100, signal 35447/38911 (executing program) 2022/10/02 10:01:51 fetching corpus: 150, signal 43156/48204 (executing program) 2022/10/02 10:01:51 fetching corpus: 200, signal 52572/59065 (executing program) 2022/10/02 10:01:51 fetching corpus: 250, signal 60478/68299 (executing program) 2022/10/02 10:01:51 fetching corpus: 300, signal 64963/74169 (executing program) 2022/10/02 10:01:52 fetching corpus: 350, signal 70553/80998 (executing program) 2022/10/02 10:01:52 fetching corpus: 400, signal 74790/86509 (executing program) 2022/10/02 10:01:52 fetching corpus: 450, signal 77567/90566 (executing program) 2022/10/02 10:01:52 fetching corpus: 500, signal 80756/94932 (executing program) 2022/10/02 10:01:52 fetching corpus: 550, signal 83672/99003 (executing program) 2022/10/02 10:01:52 fetching corpus: 600, signal 86664/103120 (executing program) 2022/10/02 10:01:52 fetching corpus: 650, signal 92549/109833 (executing program) 2022/10/02 10:01:52 fetching corpus: 700, signal 94651/113065 (executing program) 2022/10/02 10:01:52 fetching corpus: 750, signal 97085/116522 (executing program) 2022/10/02 10:01:53 fetching corpus: 800, signal 99893/120260 (executing program) 2022/10/02 10:01:53 fetching corpus: 850, signal 102284/123602 (executing program) 2022/10/02 10:01:53 fetching corpus: 900, signal 104992/127226 (executing program) 2022/10/02 10:01:53 fetching corpus: 950, signal 108544/131482 (executing program) 2022/10/02 10:01:53 fetching corpus: 1000, signal 110332/134173 (executing program) 2022/10/02 10:01:53 fetching corpus: 1050, signal 112981/137599 (executing program) 2022/10/02 10:01:53 fetching corpus: 1100, signal 114876/140311 (executing program) 2022/10/02 10:01:54 fetching corpus: 1150, signal 117038/143273 (executing program) 2022/10/02 10:01:54 fetching corpus: 1200, signal 119641/146552 (executing program) 2022/10/02 10:01:54 fetching corpus: 1250, signal 121302/149003 (executing program) 2022/10/02 10:01:54 fetching corpus: 1300, signal 122426/151079 (executing program) 2022/10/02 10:01:54 fetching corpus: 1350, signal 124159/153565 (executing program) 2022/10/02 10:01:54 fetching corpus: 1400, signal 125521/155780 (executing program) 2022/10/02 10:01:54 fetching corpus: 1450, signal 127112/158136 (executing program) 2022/10/02 10:01:54 fetching corpus: 1500, signal 128309/160171 (executing program) 2022/10/02 10:01:54 fetching corpus: 1550, signal 129825/162406 (executing program) 2022/10/02 10:01:55 fetching corpus: 1600, signal 131709/164874 (executing program) 2022/10/02 10:01:55 fetching corpus: 1650, signal 133196/167028 (executing program) 2022/10/02 10:01:55 fetching corpus: 1700, signal 136068/170239 (executing program) 2022/10/02 10:01:55 fetching corpus: 1750, signal 138675/173180 (executing program) 2022/10/02 10:01:55 fetching corpus: 1800, signal 139825/174982 (executing program) 2022/10/02 10:01:55 fetching corpus: 1850, signal 141062/176842 (executing program) 2022/10/02 10:01:55 fetching corpus: 1900, signal 142634/178942 (executing program) 2022/10/02 10:01:55 fetching corpus: 1950, signal 143515/180510 (executing program) 2022/10/02 10:01:55 fetching corpus: 2000, signal 144587/182238 (executing program) 2022/10/02 10:01:56 fetching corpus: 2050, signal 145995/184221 (executing program) 2022/10/02 10:01:56 fetching corpus: 2100, signal 147195/185944 (executing program) 2022/10/02 10:01:56 fetching corpus: 2150, signal 148876/188059 (executing program) 2022/10/02 10:01:56 fetching corpus: 2200, signal 149493/189400 (executing program) 2022/10/02 10:01:56 fetching corpus: 2250, signal 150354/190880 (executing program) 2022/10/02 10:01:56 fetching corpus: 2300, signal 151362/192471 (executing program) 2022/10/02 10:01:56 fetching corpus: 2350, signal 152737/194289 (executing program) 2022/10/02 10:01:56 fetching corpus: 2400, signal 154158/196121 (executing program) 2022/10/02 10:01:56 fetching corpus: 2450, signal 155098/197582 (executing program) 2022/10/02 10:01:57 fetching corpus: 2500, signal 155934/198963 (executing program) 2022/10/02 10:01:57 fetching corpus: 2550, signal 157404/200776 (executing program) 2022/10/02 10:01:57 fetching corpus: 2600, signal 158218/202143 (executing program) 2022/10/02 10:01:57 fetching corpus: 2650, signal 159187/203575 (executing program) 2022/10/02 10:01:57 fetching corpus: 2700, signal 159699/204682 (executing program) 2022/10/02 10:01:57 fetching corpus: 2750, signal 160899/206260 (executing program) 2022/10/02 10:01:57 fetching corpus: 2800, signal 161760/207572 (executing program) 2022/10/02 10:01:57 fetching corpus: 2850, signal 162230/208693 (executing program) 2022/10/02 10:01:57 fetching corpus: 2900, signal 163041/209971 (executing program) 2022/10/02 10:01:57 fetching corpus: 2950, signal 164148/211366 (executing program) 2022/10/02 10:01:58 fetching corpus: 3000, signal 164874/212598 (executing program) 2022/10/02 10:01:58 fetching corpus: 3050, signal 165564/213875 (executing program) 2022/10/02 10:01:58 fetching corpus: 3100, signal 166501/215152 (executing program) 2022/10/02 10:01:58 fetching corpus: 3150, signal 168017/216776 (executing program) 2022/10/02 10:01:58 fetching corpus: 3200, signal 169729/218395 (executing program) 2022/10/02 10:01:58 fetching corpus: 3250, signal 171206/219953 (executing program) 2022/10/02 10:01:58 fetching corpus: 3300, signal 171932/221052 (executing program) 2022/10/02 10:01:58 fetching corpus: 3350, signal 172471/222067 (executing program) 2022/10/02 10:01:59 fetching corpus: 3400, signal 172971/223060 (executing program) 2022/10/02 10:01:59 fetching corpus: 3450, signal 173659/224130 (executing program) 2022/10/02 10:01:59 fetching corpus: 3500, signal 174613/225326 (executing program) 2022/10/02 10:01:59 fetching corpus: 3550, signal 175360/226412 (executing program) 2022/10/02 10:01:59 fetching corpus: 3600, signal 175818/227356 (executing program) 2022/10/02 10:01:59 fetching corpus: 3650, signal 176767/228553 (executing program) 2022/10/02 10:01:59 fetching corpus: 3700, signal 177463/229603 (executing program) 2022/10/02 10:01:59 fetching corpus: 3750, signal 177959/230558 (executing program) 2022/10/02 10:02:00 fetching corpus: 3800, signal 178557/231546 (executing program) 2022/10/02 10:02:00 fetching corpus: 3850, signal 179181/232507 (executing program) 2022/10/02 10:02:00 fetching corpus: 3900, signal 180475/233748 (executing program) 2022/10/02 10:02:00 fetching corpus: 3950, signal 181137/234706 (executing program) 2022/10/02 10:02:00 fetching corpus: 4000, signal 182282/235839 (executing program) 2022/10/02 10:02:00 fetching corpus: 4050, signal 182947/236777 (executing program) 2022/10/02 10:02:00 fetching corpus: 4100, signal 183590/237735 (executing program) 2022/10/02 10:02:00 fetching corpus: 4150, signal 184204/238571 (executing program) 2022/10/02 10:02:00 fetching corpus: 4200, signal 184607/239357 (executing program) 2022/10/02 10:02:01 fetching corpus: 4250, signal 185199/240225 (executing program) 2022/10/02 10:02:01 fetching corpus: 4300, signal 186222/241257 (executing program) 2022/10/02 10:02:01 fetching corpus: 4350, signal 187471/242368 (executing program) 2022/10/02 10:02:01 fetching corpus: 4400, signal 188833/243485 (executing program) 2022/10/02 10:02:01 fetching corpus: 4450, signal 189620/244345 (executing program) 2022/10/02 10:02:01 fetching corpus: 4500, signal 190169/245121 (executing program) 2022/10/02 10:02:01 fetching corpus: 4550, signal 191364/246133 (executing program) 2022/10/02 10:02:02 fetching corpus: 4600, signal 191633/246790 (executing program) 2022/10/02 10:02:02 fetching corpus: 4650, signal 192361/247630 (executing program) 2022/10/02 10:02:02 fetching corpus: 4700, signal 192684/248352 (executing program) 2022/10/02 10:02:02 fetching corpus: 4750, signal 193205/249160 (executing program) 2022/10/02 10:02:02 fetching corpus: 4800, signal 193721/249936 (executing program) 2022/10/02 10:02:02 fetching corpus: 4850, signal 194476/250888 (executing program) 2022/10/02 10:02:02 fetching corpus: 4876, signal 194680/251530 (executing program) 2022/10/02 10:02:02 fetching corpus: 4876, signal 194680/252102 (executing program) 2022/10/02 10:02:02 fetching corpus: 4876, signal 194680/252700 (executing program) 2022/10/02 10:02:02 fetching corpus: 4876, signal 194680/253272 (executing program) 2022/10/02 10:02:02 fetching corpus: 4876, signal 194680/253865 (executing program) 2022/10/02 10:02:02 fetching corpus: 4876, signal 194680/254449 (executing program) 2022/10/02 10:02:02 fetching corpus: 4876, signal 194680/255006 (executing program) 2022/10/02 10:02:02 fetching corpus: 4876, signal 194680/255579 (executing program) 2022/10/02 10:02:02 fetching corpus: 4876, signal 194680/256166 (executing program) 2022/10/02 10:02:02 fetching corpus: 4876, signal 194680/256734 (executing program) 2022/10/02 10:02:02 fetching corpus: 4876, signal 194680/257303 (executing program) 2022/10/02 10:02:02 fetching corpus: 4876, signal 194680/257878 (executing program) 2022/10/02 10:02:02 fetching corpus: 4876, signal 194680/258478 (executing program) 2022/10/02 10:02:02 fetching corpus: 4876, signal 194680/259042 (executing program) 2022/10/02 10:02:02 fetching corpus: 4876, signal 194680/259569 (executing program) 2022/10/02 10:02:02 fetching corpus: 4876, signal 194680/260172 (executing program) 2022/10/02 10:02:02 fetching corpus: 4876, signal 194680/260743 (executing program) 2022/10/02 10:02:02 fetching corpus: 4876, signal 194680/261313 (executing program) 2022/10/02 10:02:02 fetching corpus: 4876, signal 194680/261880 (executing program) 2022/10/02 10:02:02 fetching corpus: 4876, signal 194680/262466 (executing program) 2022/10/02 10:02:02 fetching corpus: 4876, signal 194680/263028 (executing program) 2022/10/02 10:02:02 fetching corpus: 4876, signal 194680/263616 (executing program) 2022/10/02 10:02:02 fetching corpus: 4876, signal 194680/264177 (executing program) 2022/10/02 10:02:02 fetching corpus: 4876, signal 194680/264726 (executing program) 2022/10/02 10:02:02 fetching corpus: 4876, signal 194680/265298 (executing program) 2022/10/02 10:02:02 fetching corpus: 4876, signal 194680/265895 (executing program) 2022/10/02 10:02:02 fetching corpus: 4876, signal 194680/266495 (executing program) 2022/10/02 10:02:02 fetching corpus: 4876, signal 194680/267050 (executing program) 2022/10/02 10:02:03 fetching corpus: 4876, signal 194680/267619 (executing program) 2022/10/02 10:02:03 fetching corpus: 4876, signal 194680/268204 (executing program) 2022/10/02 10:02:03 fetching corpus: 4876, signal 194680/268784 (executing program) 2022/10/02 10:02:03 fetching corpus: 4876, signal 194680/269376 (executing program) 2022/10/02 10:02:03 fetching corpus: 4876, signal 194680/269951 (executing program) 2022/10/02 10:02:03 fetching corpus: 4876, signal 194680/270547 (executing program) 2022/10/02 10:02:03 fetching corpus: 4876, signal 194680/271119 (executing program) 2022/10/02 10:02:03 fetching corpus: 4876, signal 194680/271699 (executing program) 2022/10/02 10:02:03 fetching corpus: 4876, signal 194680/272256 (executing program) 2022/10/02 10:02:03 fetching corpus: 4876, signal 194680/272685 (executing program) 2022/10/02 10:02:03 fetching corpus: 4876, signal 194680/272685 (executing program) 2022/10/02 10:02:05 starting 8 fuzzer processes 10:02:05 executing program 0: r0 = accept4(0xffffffffffffffff, &(0x7f0000000000)=@alg, &(0x7f0000000080)=0x80, 0x800) ioctl$sock_netdev_private(r0, 0x89fe, &(0x7f00000000c0)="a6457e3f2fa4600be4eb9a8ac3b8b0659d5fdd25562d505e80c83ddbbd3ba8e393c19f2431ce43fdf686b179d659b49c95dcee862b768421d69868250b11ca1c342eba46f1f995e2335b68bed5e71a2ae466808c6f63c25a786702f563f2d6905c2a9f75a5a4a13812187f630550b5d98071f40a0ea0f3fd8c4c82799868459957d48cb818") ioctl$sock_FIOGETOWN(r0, 0x8903, &(0x7f0000000180)) r1 = socket$inet6_icmp(0xa, 0x2, 0x3a) ioctl$sock_inet_SIOCGIFNETMASK(r1, 0x891b, &(0x7f00000001c0)={'ip6_vti0\x00', {0x2, 0x0, @multicast2}}) r2 = openat2(0xffffffffffffffff, &(0x7f0000000200)='./file0\x00', &(0x7f0000000240)={0x440480, 0x4, 0x18}, 0x18) ioctl$BTRFS_IOC_RESIZE(r2, 0x50009403, &(0x7f0000000280)={{r1}, {@void, @actul_num={@val=0x2b, 0x1, 0x50}}}) r3 = accept4$unix(r2, &(0x7f00000002c0), &(0x7f0000000340)=0x6e, 0x80000) r4 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl$sock_FIOGETOWN(r4, 0x8903, &(0x7f0000000380)) ioctl$sock_SIOCGIFCONF(0xffffffffffffffff, 0x8912, &(0x7f0000000400)=@buf={0x1d, &(0x7f00000003c0)="415de9056699dd0a4135f3f7571abc5a92e0e40710e7a1493d669feffc"}) r5 = signalfd4(r3, &(0x7f0000000440)={[0x3f]}, 0x8, 0x80000) sendfile(r3, r5, &(0x7f0000000480)=0x5, 0x4) signalfd4(0xffffffffffffffff, &(0x7f00000004c0)={[0xfffffffffffffcf2]}, 0x8, 0x800) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000000500)) r6 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl$SIOCGSTAMPNS(r6, 0x8907, &(0x7f0000000580)) getsockopt$IP_SET_OP_GET_FNAME(r1, 0x1, 0x53, &(0x7f00000005c0)={0x8, 0x7, 0x0, 'syz2\x00'}, &(0x7f0000000600)=0x2c) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r2, 0xc018937b, &(0x7f0000000640)={{0x1, 0x1, 0x18, r1, {0x0, 0xee00}}, './file0\x00'}) setsockopt$inet6_icmp_ICMP_FILTER(r7, 0x1, 0x1, &(0x7f0000000680)={0x401}, 0x4) 10:02:05 executing program 1: r0 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) sendmsg$FOU_CMD_GET(r0, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000040)={0x54, 0x0, 0x100, 0x70bd2b, 0x25dfdbfb, {}, [@FOU_ATTR_IPPROTO={0x5, 0x3, 0x2b}, @FOU_ATTR_PEER_V4={0x8, 0x8, @local}, @FOU_ATTR_PEER_PORT={0x6, 0xa, 0x4e21}, @FOU_ATTR_REMCSUM_NOPARTIAL={0x4}, @FOU_ATTR_PEER_PORT={0x6, 0xa, 0x4e21}, @FOU_ATTR_LOCAL_V4={0x8, 0x6, @rand_addr=0x6}, @FOU_ATTR_PEER_V6={0x14, 0x9, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01'}]}, 0x54}}, 0x40005) r1 = openat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x80000, 0x60) fcntl$dupfd(r0, 0x406, r1) r2 = openat$cdrom(0xffffffffffffff9c, &(0x7f0000000180), 0x400000, 0x0) fallocate(r2, 0x1a, 0x200, 0xffffffffffffffc5) r3 = openat$cgroup_netprio_ifpriomap(r1, &(0x7f00000001c0), 0x2, 0x0) fallocate(r3, 0x6, 0x2, 0x8) lseek(r2, 0x401, 0x3) socket$inet6(0xa, 0x800, 0x5) sendmsg$NL802154_CMD_SET_ACKREQ_DEFAULT(0xffffffffffffffff, &(0x7f00000002c0)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000280)={&(0x7f0000000240)={0x1c, 0x0, 0x800, 0x70bd29, 0x25dfdbfe, {}, [@NL802154_ATTR_ACKREQ_DEFAULT={0x5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x8000}, 0x2) syz_io_uring_setup(0x6d03, &(0x7f0000000300)={0x0, 0x424, 0x20, 0x0, 0x327, 0x0, r1}, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000000380), &(0x7f00000003c0)=0x0) r5 = openat2(r3, &(0x7f0000000400)='./file0\x00', &(0x7f0000000440)={0x100, 0x54, 0x1}, 0x18) ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f0000000480)={'wlan1\x00'}) r6 = fsmount(r0, 0x0, 0xa) sendmsg$NFNL_MSG_ACCT_DEL(r6, &(0x7f0000000580)={&(0x7f00000004c0)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000540)={&(0x7f0000000500)={0x2c, 0x3, 0x7, 0x301, 0x0, 0x0, {0x7, 0x0, 0x8}, [@NFACCT_BYTES={0xc, 0x3, 0x1, 0x0, 0x9}, @NFACCT_BYTES={0xc, 0x3, 0x1, 0x0, 0x8}]}, 0x2c}, 0x1, 0x0, 0x0, 0x4}, 0x80) setsockopt$inet6_IPV6_PKTINFO(r1, 0x29, 0x32, &(0x7f00000005c0)={@empty}, 0x14) syz_io_uring_setup(0x34c6, &(0x7f0000000600)={0x0, 0xbab2, 0x8, 0x0, 0x14d}, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000680)=0x0, &(0x7f00000006c0)) clock_gettime(0x0, &(0x7f0000000700)={0x0, 0x0}) syz_io_uring_submit(r7, r4, &(0x7f0000000780)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, &(0x7f0000000740)={r8, r9+10000000}, 0x1, 0x1, 0x1}, 0x9) 10:02:05 executing program 2: r0 = add_key(&(0x7f0000000080)='blacklist\x00', &(0x7f00000000c0)={'syz', 0x2}, &(0x7f0000000100)="b776a7efe2125ccb56c6765d1bb38fc2dd620cc96653e3b5ea2d125c428c5d0c42fc22971cfe332baea490dd662efa72425553559071ec9c2852504d12831e958604666e9208dbe30627fe044e9218e9dfb7ac1db3dbbe8b2e4e6f0441df0cce0586494875281795ef97cc59610cb9c1789adca39a180c184087965f160a7de14aaa1bc7dd69346cd23569cf46aad8d309e45502fd62b672e421cd47be06765b3014c12451656efa3beab7c466280c90fdc8e4eb5febc8", 0xb7, 0xfffffffffffffffc) r1 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x1}, 0x0, 0x0, r0) add_key(&(0x7f00000001c0)='cifs.idmap\x00', &(0x7f0000000200)={'syz', 0x1}, &(0x7f0000000240)="ac661d33cba17739ba0fd9fd74ac7a7e82100f81139b8ae51022c05662f0d3a50f87e96f9a04fa723534259353a61cabb7e02f4b81d79ebcd5d94c9e65a26ddde851866d006a83e490b460d45fe8ebc3589295154066ee1028363b9d699cfa8e624dba6f1790fc1fbcd4625fde55dce3855697c8acd120fb905ad95034b1e38e72099cb392517341eedcfc7a2b9a943795783ab6e89d6d1c2e0fae1475697a7216f3d0e2b7e3ce2f03037e6041cfe4a71d918dbaeb14d7a7368947291b00f6c409", 0xc1, r1) r2 = add_key(&(0x7f0000000340)='logon\x00', &(0x7f0000000380)={'syz', 0x1}, &(0x7f00000003c0)="b260d9b24ae5cd1cb39b2071557da49518185a1325b827490af83c626f18824ef3e3f5c00fa297f3be9843ede369a334ceb5b4840cf29b56105839cdf847c8eb59fce0830af81194a5b407dbb5a3b0aef3d0c3898fb2b95b7d7d6bdd179ca5000ba22e4a886033a1212b50f37f320bf11693a399ac6de847ffd51514b755ebec8e54d8a59e59e35e40bae1c5d6a18b50441166", 0x93, r1) r3 = add_key$keyring(&(0x7f0000000500), &(0x7f0000000540)={'syz', 0x0}, 0x0, 0x0, r2) r4 = add_key$keyring(&(0x7f0000000480), &(0x7f00000004c0)={'syz', 0x1}, 0x0, 0x0, r3) add_key(&(0x7f0000000580)='user\x00', &(0x7f00000005c0)={'syz', 0x1}, &(0x7f0000000600)="6497661b1410cb02a9c624e61228f3f9a652a36a0dadf102eb3eb1130450fdde0b72bbdddcbd5d280121e33ffa6f2b3c4600a0f75ece18d2cc361d975242d11a78df9b7fac72e36031f639ba33ea4ff6c81ceecfc076a1a899d95fde00dcfe", 0x5f, r4) keyctl$read(0xb, 0x0, &(0x7f0000000680)=""/4096, 0x1000) r5 = add_key$fscrypt_provisioning(&(0x7f0000001680), &(0x7f00000016c0)={'syz', 0x3}, &(0x7f0000001700)={0x1, 0x0, @d}, 0x18, 0xfffffffffffffffb) keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r5, &(0x7f0000001740)='blacklist\x00', 0x0) r6 = request_key(&(0x7f0000001780)='ceph\x00', &(0x7f00000017c0)={'syz', 0x2}, &(0x7f0000001800)='\x00', 0xffffffffffffffff) add_key$keyring(&(0x7f0000001840), &(0x7f0000001880)={'syz', 0x0}, 0x0, 0x0, r0) r7 = add_key$keyring(&(0x7f0000001980), &(0x7f00000019c0)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffff9) r8 = request_key(&(0x7f00000018c0)='user\x00', &(0x7f0000001900)={'syz', 0x3}, &(0x7f0000001940)='user\x00', r7) r9 = add_key$keyring(&(0x7f0000001a80), &(0x7f0000001ac0)={'syz', 0x0}, 0x0, 0x0, r6) r10 = add_key$keyring(&(0x7f0000001a00), &(0x7f0000001a40)={'syz', 0x0}, 0x0, 0x0, r9) r11 = add_key$fscrypt_provisioning(&(0x7f0000001b00), &(0x7f0000001b40)={'syz', 0x1}, &(0x7f0000001b80)={0x0, 0x0, @b}, 0x48, 0x0) keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r11, &(0x7f0000001c00)='encrypted\x00', &(0x7f0000001c40)=@secondary) add_key(&(0x7f0000001c80)='logon\x00', &(0x7f0000001cc0)={'syz', 0x3}, &(0x7f0000001d00)="81100d55b585251df077a8afd5b6c0b1329f4681be3b5823d7ab02fd0888f2f91c8816c68f69f7b9a8597bb18c55d0068398017e18021478341aa8db57d86b20abe2", 0x42, r8) keyctl$restrict_keyring(0x1d, r10, &(0x7f0000001d80)='.dead\x00', &(0x7f0000001dc0)='builtin_and_secondary_trusted\x00') 10:02:05 executing program 3: pipe2(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) getsockname(r1, &(0x7f0000000040)=@pppol2tpv3={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @broadcast}}}, &(0x7f00000000c0)=0x80) ioctl$BTRFS_IOC_BALANCE_CTL(r2, 0x40049421, 0x1) ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r0, 0xc0189375, &(0x7f0000000400)={{0x1, 0x1, 0x18, r0}, './file0\x00'}) r4 = syz_genetlink_get_family_id$team(&(0x7f0000000480), r1) ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(r1, 0x89f0, &(0x7f0000000600)={'ip6gre0\x00', &(0x7f0000000580)={'ip6_vti0\x00', 0x0, 0x29, 0xfc, 0x1, 0xff, 0x20, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @rand_addr=' \x01\x00', 0x700, 0x8, 0x7fffffff, 0x5}}) sendmsg$TEAM_CMD_NOOP(r3, &(0x7f0000000980)={&(0x7f0000000440)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000940)={&(0x7f0000000640)={0x2f0, r4, 0x200, 0x70bd2b, 0x25dfdbff, {}, [{{0x8}, {0x44, 0x2, 0x0, 0x1, [{0x40, 0x1, @name={{0x24}, {0x5}, {0xf, 0x4, 'roundrobin\x00'}}}]}}, {{0x8, 0x1, r5}, {0x1b4, 0x2, 0x0, 0x1, [{0x40, 0x1, @lb_port_stats={{{0x24}, {0x5}, {0x8, 0x4, 0x7}}, {0x8}}}, {0x40, 0x1, @lb_hash_stats={{{0x24}, {0x5}, {0x8, 0x4, 0x6}}, {0x8}}}, {0x40, 0x1, @name={{0x24}, {0x5}, {0xf, 0x4, 'roundrobin\x00'}}}, {0x40, 0x1, @name={{0x24}, {0x5}, {0x10, 0x4, 'loadbalance\x00'}}}, {0x40, 0x1, @lb_hash_stats={{{0x24}, {0x5}, {0x8}}, {0x8}}}, {0x38, 0x1, @activeport={{0x24}, {0x5}, {0x8}}}, {0x38, 0x1, @notify_peers_count={{0x24}, {0x5}, {0x8, 0x4, 0x9}}}]}}, {{0x8}, {0x84, 0x2, 0x0, 0x1, [{0x40, 0x1, @lb_tx_hash_to_port_mapping={{{0x24}, {0x5}, {0x8}}, {0x8}}}, {0x40, 0x1, @name={{0x24}, {0x5}, {0xe, 0x4, 'broadcast\x00'}}}]}}, {{0x8}, {0x40, 0x2, 0x0, 0x1, [{0x3c, 0x1, @lb_tx_method={{0x24}, {0x5}, {0x9, 0x4, 'hash\x00'}}}]}}]}, 0x2f0}, 0x1, 0x0, 0x0, 0x20000041}, 0xc000) ioctl$BLKROTATIONAL(0xffffffffffffffff, 0x127e, &(0x7f00000009c0)) ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000a40)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_LEAVE_OCB(r0, &(0x7f0000000b00)={&(0x7f0000000a00)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000ac0)={&(0x7f0000000a80)={0x1c, 0x0, 0x400, 0x70bd26, 0x25dfdbfe, {{}, {@val={0x8, 0x3, r6}, @void}}}, 0x1c}, 0x1, 0x0, 0x0, 0x40041}, 0x40) socket$nl_sock_diag(0x10, 0x3, 0x4) ioctl$SIOCGSTAMPNS(r0, 0x8907, &(0x7f0000000b40)) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000bc0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_GET_WOWLAN(r2, &(0x7f0000000c80)={&(0x7f0000000b80)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000c40)={&(0x7f0000000c00)={0x1c, 0x0, 0x0, 0x70bd28, 0x25dfdbfb, {{}, {@void, @val={0x8, 0x3, r7}, @void}}, [""]}, 0x1c}, 0x1, 0x0, 0x0, 0x44000}, 0x8000) ioctl$AUTOFS_DEV_IOCTL_OPENMOUNT(r3, 0xc0189374, &(0x7f0000000cc0)={{0x1, 0x1, 0x18, r2, {0xdb8e}}, './file0\x00'}) ioctl$BLKIOOPT(r8, 0x1279, &(0x7f0000000d00)) sendmsg$TIPC_CMD_SET_LINK_TOL(r0, &(0x7f0000000e00)={&(0x7f0000000d40)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000dc0)={&(0x7f0000000d80)={0x30, 0x0, 0x800, 0x70bd26, 0x25dfdbfe, {{}, {}, {0x14, 0x18, {0x40, @bearer=@udp='udp:syz2\x00'}}}, ["", "", "", "", "", "", ""]}, 0x30}, 0x1, 0x0, 0x0, 0x880}, 0x80c0) r9 = signalfd4(r1, &(0x7f0000000e40)={[0x100000001]}, 0x8, 0x0) r10 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000ec0), r8) sendmsg$NL80211_CMD_CONNECT(r9, &(0x7f0000000f80)={&(0x7f0000000e80)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000f40)={&(0x7f0000000f00)={0x40, r10, 0x400, 0x70bd2b, 0x25dfdbff, {{}, {@void, @val={0xc, 0x99, {0xff, 0x37}}}}, [@NL80211_ATTR_HT_CAPABILITY_MASK={0x1e, 0x94, {0x10, 0x0, 0x1, 0x0, {0x7, 0x0, 0x0, 0x5, 0x0, 0x1, 0x0, 0x2}, 0x1, 0x6, 0x8}}]}, 0x40}, 0x1, 0x0, 0x0, 0xc000}, 0x0) 10:02:05 executing program 4: timer_gettime(0x0, &(0x7f0000000000)) timer_settime(0x0, 0x0, &(0x7f0000000040)={{0x0, 0x3938700}, {0x77359400}}, &(0x7f0000000080)) timer_gettime(0x0, &(0x7f00000000c0)) timer_delete(0x0) clock_gettime(0x0, &(0x7f0000000100)={0x0, 0x0}) timer_settime(0x0, 0x1, &(0x7f0000000140)={{0x0, 0x989680}, {r0, r1+10000000}}, &(0x7f0000000180)) ioctl$AUTOFS_DEV_IOCTL_OPENMOUNT(0xffffffffffffffff, 0xc0189374, &(0x7f00000001c0)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x7}}, './file0\x00'}) epoll_pwait2(r2, &(0x7f0000000200)=[{}, {}], 0x2, &(0x7f0000000240)={0x0, 0x989680}, &(0x7f0000000280)={[0x9]}, 0x8) timer_gettime(0x0, &(0x7f00000002c0)) syz_io_uring_setup(0x7048, &(0x7f0000000300)={0x0, 0x9558, 0x30, 0x1, 0x32f, 0x0, r2}, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000380), &(0x7f00000003c0)=0x0) r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r2, 0x9, 0x0, 0x0) syz_io_uring_submit(0x0, r3, &(0x7f0000000440)=@IORING_OP_READ=@pass_buffer={0x16, 0x3, 0x2000, @fd=r2, 0xffffffff, &(0x7f0000000400)=""/63, 0x3f, 0x11, 0x1, {0x0, r4}}, 0xfffeffff) timer_delete(0x0) truncate(&(0x7f0000000480)='./file0\x00', 0x9) ioctl$BTRFS_IOC_QUOTA_RESCAN_STATUS(r2, 0x8040942d, &(0x7f00000004c0)) write$binfmt_aout(r2, &(0x7f0000000500)={{0x10b, 0xfd, 0x5, 0x317, 0x23b, 0x0, 0x221, 0xe4}, "58cba7931bab4302645d68b272ec85c1a77fa696a9b7bbec835eb9b497aadcf6cf6b58fa17066f56a47113111b322d818f4cd8d02f5fb77eb7a275f1acb0b8853ed80caa73d0fb2c571114711080cd636ba6e4d06fd82bac72ea115768be3af477d7880f4882628520fec4646a669150dd7c331669da2c4dce31d48d63d66040685a709f446a7eecc2f27f35cb27a0b81b498358f5293dd7d82e1953e6550e1ea6e212897b6141cb3bc0b1be19168cb169ea1e281b1024990ee6f9082ffa3da0186f87f6cfffcf690ccccc", ['\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00']}, 0x9eb) rename(&(0x7f0000000f00)='./file0\x00', &(0x7f0000000f40)='./file0\x00') clock_gettime(0x0, &(0x7f0000001040)={0x0, 0x0}) pselect6(0x40, &(0x7f0000000f80)={0x2, 0x200, 0x5, 0x10000, 0x4, 0x6, 0xdaf, 0x6}, &(0x7f0000000fc0)={0x3, 0x0, 0x9, 0x7, 0xfd8f, 0x10001, 0x4, 0x7}, &(0x7f0000001000)={0x9, 0x7fff, 0x100, 0x2, 0xffffffff, 0x3, 0x2, 0x5}, &(0x7f0000001080)={r5, r6+10000000}, &(0x7f0000001100)={&(0x7f00000010c0)={[0x40]}, 0x8}) timer_settime(0x0, 0x0, &(0x7f0000001180)={{0x0, 0x989680}}, &(0x7f00000011c0)) 10:02:05 executing program 5: r0 = request_key(&(0x7f0000000000)='encrypted\x00', &(0x7f0000000040)={'syz', 0x3}, &(0x7f0000000080)='$/\x00', 0xfffffffffffffffd) r1 = add_key$keyring(&(0x7f00000000c0), &(0x7f0000000100)={'syz', 0x2}, 0x0, 0x0, r0) r2 = add_key$keyring(&(0x7f00000001c0), &(0x7f0000000200)={'syz', 0x1}, 0x0, 0x0, r1) add_key$keyring(&(0x7f0000000140), &(0x7f0000000180)={'syz', 0x1}, 0x0, 0x0, r2) r3 = add_key(&(0x7f0000000240)='user\x00', &(0x7f0000000280)={'syz', 0x0}, &(0x7f00000002c0)="1ceaa819b9549a94f35ee7d6aa5992ab9d0334aa2146af2bc1e63a0494b52cffd4704562e072c0c7ff9b17377fcaeeb8d60fae9429fc4bd69d296294675898607f7151a0d4693723a4017e623c794ab3a59a09e336d405e6c92416e836485dccb48b83eae1bc48d661eba79e9b9049cc0c077eb86abe3cff9ba29c506c2f26e97289d88085c9180df9546482c5f6a9e4de51957c6d0a917e624d24b93b5244e498d892931face2fd47812f4c45badf0f48b6972aecf6380d9642d7ab9d7c8c34fefc9fc5062060c7416f6519923c01b3038a71611c57797e9539b4238899947113f4a522aa8dc5d222e8b1cdfe5b69ff6ca4102039bd42fecbd7c7aaf98c021f0fa03daefa067a17cd4ec1056a025489b282fc94f193230fc3e14d9b0d050e0921e432d17be77b148f4b8846098597889fbe5f4833e146e212df38e35162134cb3308287aceeb538082cdb1174b5895106cf2860bac51852d98249fb2bac658048e2c9644d66023b2514ef7f4d8349db4e382b782429c81e53c68b3fe3b3b9956c016deada0617f2a3e836c08caece44d819c89a3c2bced555e3935ffeb7c9d459367fb1ea1b7a67d8b58d9f0fe0967deb38e2b565b98bf007edbe25490db55e9e7b5d982705766535896a05927232823bcc0ffc997f08bed2940478e2c83e62325c96887bfe6688a42413987a047b8aeb85084cc79afa431fb11dc26a8e3ea71701ed5677ac5bd58ed94c768bd723fad65b2b0c483ee1af003ee83fe306d50ffe1f64f25cf83f70183f7db9ce510ffe0886ee7842436ffe570588e9aee8f6baae8f94841badff4cc52de45ba9aab74915f7dbfc12b0cb48390f401b09c2e5a63baee9e1b454590bb1c059f455be5803847c8debabfd91c4225f18843479831d4b949b0bebe5f1c7b96bfd0a09d16c90a41b9597e726ddb41b057d9d18250f4db529ba9c04744f72d6d446d0d9486a6f6f6319b685ef01448cef9ec3e76dac4b096e22c372ae8feddbaf8b5ab692d9c1661c33c85764051107d2d9d635b85ba50b144d95c5b18d02123617c96f8bac1cb3c7d803920c7cc8d5c9de4febbfe914627d1928f9a99742c54efe637d4a9d865daf2bda4cafbaf1176585e9f3170b21f67520322da905221f65587a7be5b9d89a6f808049d576d4aacd63055262c223f3aea99805081591e708d3874518e7625ebfafcd415dabca238dd7dde7acc9c7e952a5d6028dc79896fa15aa1e5d4c98293743db75d8641decfe5b66fa63c77ae8b64e09d32711200faba6220acc0223dcaadccfed31c703a6f24f4f6c1c1e1fc126a341859c5fe5e0f616f153a276161ddd8a74621cc728f420d0727d3fc8b25239c8671c872b27597c6eec473048fb8435e746ed3acce3b367ee6f0d702846c2d3070ece6e56a9fa3e92668503fc33bfd3ae89c19487e3e6a6961580395f06523378c21e0d74557e6268ed2f813dd44c44327ee184999f2f8474477032a83b01bb4753e0c215f07a816b175b269947ee0671b9b23668d7b723de3a43ba48eb3430f8fc7fb05d1bf9bd65dd09ceecaea8fbfa7033ff4c344305cb3d1583c0ff644c15267a9c333aa46f0363b40ba69f22145fee14e33dc7d77e39f8b0f36d4ab78d299fd3b4487c5d69b72ab70962d001d72e914c432568269895550a0086b1b2702ff77ced7e8c318a4df9f9246533169c23b5f150e498f5211220b43948b1c406be3ec8bc2778e94d142530d5434c2fe0257364ae4b4e877101a266ca4e948f1f41d22bdf01864fb171f7417900cc61576aee35ac2271ae78dcab8c9550b25d7970b2fd10065db72c77705eeba8cf696be9fdb1205200441d26505bdbcc46436f08a42c7171754ebbde2ada4af40e5835839fb7e5d41cc25458a0d0b7cca55b3b9b376b3f387b0eceed4dc6efd6fbb30c338b08fc7933e4d80d519df3e24f2bc124f319cb41118341684888b3091dae902662d6358d4aa02959f77bc02c9d1443478c971a065c2d2ff9b5de69cb07ba380e73744989f349c06e0a8d7a2c557eaa70349962d40c70f920da6ef163e470623e705527b8a119086835a5c2eb4e86bc732543b9e97a930acc307d00d171e808e233162cd9137644b40f89f7502b037de9f89a75cf5bf92d940b6e69ee2b3e6cee2e04f3e3a8789e00de145f99c1f30499f08a94920368c56a304d02ab6e8fe7edd2cec539fb7e879ef4b0279efb0832d20585dc47ab7db2096d81a3d6507c2ab5f6def85425dd3c2aec9a0391b6e25f43520d0d8fcf5b55badea3cdeb8b7909c55dcbf2221f21a4e46e8726f5292f2cce52987d52f7964cc53cd2dac72e935e400578b36a7195f789d97b30ef0bd9f6e30724eb2608cc0c41b51e14081aa386fcf9c2fff1bd800c693c6f2655ff37b2348d23d26583b0ae9e78d87a28d551781aa334e59717113b37355d2ef1c8308588b90d88625c111d6c1d404c610e63e5aa88098081c0f9cd037c24eb4a89ff12a7b5e85fa8367d2e6f6b18ebc75102320f363bc0ddf5f38e839e0cf41aa09b6d636a1c827f1433c697f9027a92b05e17ba8b416f2d87247ae51e6996b470754e26b68ff63d224993accecaf374cddb2da536b4d12bce1d7e557038cf376670bdfde1d6e07fa4d64f346c669bd0f20e4d4e78fe307f3d4738014673f47f4804e9bcc36ed250da4c9815425930f55f9518298072eb7e9614bd9d21189f210b9e9c036c77ea29b92c742164246f3f48405c959aedf908e85c25ac116ceaba63563fbd6739fb7aff8c6e59302c4622080c6a3e3d899c06495bbd003b6bbbc95396756c346f76f71a587a84bfe9674ca05857e85fee9bd303866a14e7de6de97651ab7141a20fddaeeff282e1e6eff205c10d851cfe7252f2f7eb39fce5444046fb7266a89810cc4eef1468f19070d98a02d9deb992d424991d9cfb3cbceec9186cd23cfd442aeac092f0ab631e3b089c7857823de3680ab467fda235c61a1e774bc42640ac832d24fcb289c4d926fb76d25eec02d5b989f742d72d49cbff5dc4f7a83ed80d9133e703b1684f491e630f30f2bc8b88a7cdce61ea8dc569f72bfe91681eaf5dba97fb491e2a1ec4eff09d365393e265cc1006f65760bc67b52622a784afa3a87cc8643e170350de5775336d1b9d895a5c1b9ca470dce156226f5134dbbcd6badc949d9621fad21533ea5db2d67be5e8d9e78c12e253fff0d97225973b5e0c4a14a3a00fc72032fce6888dfc4ea4344194cd5dbb592ff2083cef2ab8f69ba9ef64f503a1956312770e1991bf16169a8e3027de8a274ac61f813809108b93ec41f43136b689b93c891efc2dfe165b467dc5eae38d956dcf4f69c508af1f0c6b9d8b9f87e2d669ba218e6c20a95afb62008a7821b37f5096b9f3c696e436c8088454cebcbed9d130c35eb0bcdbb1337f483a185861e8d0d2e5fd8fd85d56a84b81c6ca16610eb957b8ddc5062c379ed2818889b4799f8e62eefc55615a333569c2e470e7562bc3c65737a7346ff5fdaed327b9109c3f5e76455ea07a1d29de0b5baa366735b9b336114c81056a5e5b2fc23872a95a33421372363e88fab643f2d0129313003446786f3021b3822dd54b0653fd00c6bbd98c1db64adfcdbab6de30bb9459cc15895b382a45fc95f6332546f5ad51c1a1d0cfcd4062b0072c4b8510854b80580fe7332e6b219061f8ea818815f8b7a1cb7198aa73944dd87058fd565a74dad6107754bf426f8615353c0bddf07e97731bd34eff62d4689310029473cdd868351b70e106927ec970c3ef5bdda9edec58b9168d1f8d771c8e18ae77aa32fbab490d4cef0eee9a072fe0948bb48b7a311403438072d65510cb52784b55aeac856603646789e97328bf46350a234cdcb2be83748fc6b4fb9edcadce0a3f070ebdc2058ea795a86dd06cdab466b229789751c27e1d2e3c4a136d880eb9e95934bcc88552070263d374dc8d98a9bee019896b61f0ae2d9553c83831d07ec7cfb73c17c90cb8e492eab7fa6a43103b4b5738c9a8f6e07da87c7ad752cdee01db934472bc74e502b79d14878211335ff8115d62ac0ed80ca191b9cbbf0535962cb6077fc1fe6d7f3300919c7da5999223b82f3305027f91af6c277db1df2b6fd2f41f2cd72d4a5d19f3947ea9ab90c49aac638f7fe290623f9c8e5503b031500edfa47612f69fab1bba7533e95f2c3d95158840b6dc9b58d3f649273c4b311754125d087dbe650edef7ff6ac6b579d5cecf5f05b7991d5b5080585e884fba5ff2089a8c8fb438ed7670d750102d1745575f70a692d774a52480cb271526362d7d40daa60b1a37fbf343764b0c5a9041720dad5b56e8400458c52da811f75b8e2fc76fb42e2847e5d5cac2be35dfa4a581df547b75405116840d07e1d9769fba71b28df27ddf072cffaee6d933818f267484ed78b4cfe71c413f97cacb74e146f20b1291a9257e082d5413e6a10b0b88942c7cc3584d1b24c912ce4b525bd555267c8444bd613baad6ab011eb0d626211d24b5c0fca6fb8bbfcafbc0ca2ebc160f1b047277b210fb84cffd873f85384648c6806fe7aba012406992e58ce7b587b26fec99b80b9cddc85a0c7e6348282196eb8578dcccbec7e3468b106d5b2846ad36047b7698a0b0d919f01b4de32c644dde6154a21dd3c56593ffefff88d7494003a87df281e6633f2cb0abbca1dbc1a7af54dee98c8c0d50040fc9c357af3eeef874b1c0be712977808474de1c1ba76ae285f329bdeefce174a7708d401fabb33fa2590a1dd6f9845579e2954028c83309044f709a0d4377121b6ee7ec6be85b304d73cabcd14aefb61b25637433c25f7c7774815752135bf68c45b61fd3db40d04445cf1032ad0e810c398f629621ad5e462d3a9ddee427508354eb9ed701b461967234e2a9b229d3517dd1fe8db4276d7eb1814fbfb28d3d9bbd8c751c64fd4f45426d552ad313d1050f8b2679d940e2a3f29b379c4c4aefd7bd5d8eb7fb15b5185ca62729d7bb77c534bbfe1fc3f211c6845e06fbdf4d686ef4cc7f343b43f154734a41c9ef80dac7e94e2cc66c5fc9435f5a8edab9598953edf6edb92fd404b8d29d4f9a6b05506fd67f3d2c7e0e4efd2c4add1ac1a9d0df0dc3997c0daf056e15a762ab656cb8c4b79da485770b23e534317ec2fb7a4f7d8f08cb6da6090eaf106aa7950187ed5d27c9782dddf6098ca35b0bc0290f1d5f2d1dbe026389ce31a59cc93d27dd1eb5c2255ac555ba944bb9862126b7ba1662e6af2e1d08d43a50c30c42cade920d2ab7d57ac54b86a2da4b411bfeeaf2c19e1df2b34480c03afe27d6ff58ed06a0233dc998fdb09079129d908879f4e6e11d576b607b9f56c5266053d7e272f84c0d879383afd51fcb751503a1b3e8a1b637906377142fdff7833d376f0280ae4befae7904c57c01c4603b1feb54095812c053d004b378dc4b62fb6af66ba2136607b6351f0f4f1b5a7d959e5b167eb29060dc31a783dab413c974c5ea8ef3db9aec2cf1f0fdc9eb115910337b2810f86ca8c33f75eec67ab4a1d7b617e102272afb3931e38d14555eed999cf7b5e60696b7217e79b61cd66bba4c62cd3438aa94913d4a38666d450fc15a638ac51f9c848f4303440679945ced56d75c1aab0c34f8f826d8f75111d98ac15e1a8641f0ae7c11a34063207bd315a4071366eea10ee602912576a3fc37ae807f2913b4e493e6da5d9c743d80d4bfe2adc2368876f21bacba028229fe9cf261fd32bc09c37ba0f9266b856437b53eaaf7ac54dcbcf333098ef12b3c9c5da9048cf6218fbe4a08", 0x1000, r2) r4 = add_key(&(0x7f00000012c0)='.request_key_auth\x00', &(0x7f0000001300)={'syz', 0x3}, &(0x7f0000001340)="4b794addf45a7f3dfe330642b692ea236545ed1a250533b624bcc733d2f578c51cdb", 0x22, r2) r5 = request_key(&(0x7f00000014c0)='trusted\x00', &(0x7f0000001500)={'syz', 0x1}, &(0x7f0000001540)=']%,^\x00', r3) add_key(&(0x7f0000001380)='cifs.idmap\x00', &(0x7f00000013c0)={'syz', 0x3}, &(0x7f0000001400)="252c41ba3f84a452fc6aa8ebbf55f6ef06e24d8fbd13fb6591d03b8b7a17f127eb1361190d308ae83762bb37756c365eabf7c46ad397052a7c8fde0889a255d7c6461672b32569bd0eef32d8603c2ce888bb119d79911ed49a5794fb8ac401c4937e0160c1eaf469f31c0d2f4ed54689d11e5929087771afc73d760b003b04c09489ff722ddc4a4abc51f0d29a560b3522f12ed1cc8e4503d479f19fd8d9cadbd80a56634e60ffa4c8104f", 0xab, r5) add_key$keyring(&(0x7f0000001580), &(0x7f00000015c0)={'syz', 0x1}, 0x0, 0x0, r2) add_key$keyring(&(0x7f0000001600), &(0x7f0000001640)={'syz', 0x1}, 0x0, 0x0, r4) add_key$keyring(&(0x7f0000001680), &(0x7f00000016c0)={'syz', 0x1}, 0x0, 0x0, r0) r6 = add_key$keyring(&(0x7f0000001780), &(0x7f00000017c0)={'syz', 0x0}, 0x0, 0x0, 0xfffffffffffffff9) add_key$keyring(&(0x7f0000001700), &(0x7f0000001740)={'syz', 0x1}, 0x0, 0x0, r6) request_key(&(0x7f0000001800)='rxrpc\x00', &(0x7f0000001840)={'syz', 0x3}, &(0x7f0000001880)='%^^/\x00', 0xfffffffffffffffa) r7 = add_key$keyring(&(0x7f0000001940), &(0x7f0000001980)={'syz', 0x0}, 0x0, 0x0, r5) add_key$keyring(&(0x7f00000018c0), &(0x7f0000001900)={'syz', 0x3}, 0x0, 0x0, r7) r8 = request_key(&(0x7f00000019c0)='id_resolver\x00', &(0x7f0000001a00)={'syz', 0x2}, &(0x7f0000001a40)='trusted\x00', r7) keyctl$read(0xb, r8, &(0x7f0000001a80)=""/216, 0xd8) keyctl$read(0xb, r1, &(0x7f0000001b80)=""/244, 0xf4) add_key(&(0x7f0000001c80)='asymmetric\x00', &(0x7f0000001cc0)={'syz', 0x3}, &(0x7f0000001d00)="e51fe89e80237ca2d64f35c63e514836b69c7ebff6c3f6e551a8d45f4d5b87eb1fda22a4e67054bf40edf4c5e454d93ee4ffe80a9d3e863d2601ce0f348740d510dbed7561dd594f3b9b868bbf2266a11e7f862697d1ffa2d22a1c30ee10be1a2a0901fd94ffd6b6d70c32df1cb608932ce43854845da24b33766d23251c04a91699c8bb16bce56e895ec6cdfbc191598d93b49864a570902e1ee7d0ace3ddc292203db6a29998226f58f9ef2f2540661a4b6cc8bc37961abf2d1ca7177345c5b80cffc32fc71c9e25346d730cea0ced4f0de221ddf78c70d897d93dd6efed853487c6ce", 0xe4, r7) [ 73.112345] audit: type=1400 audit(1664704925.162:6): avc: denied { execmem } for pid=288 comm="syz-executor.1" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1 10:02:05 executing program 6: mount$9p_unix(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='./file0\x00', &(0x7f0000000080), 0x1000, &(0x7f00000000c0)={'trans=unix,', {[{@uname={'uname', 0x3d, '-$'}}, {@noextend}, {@version_9p2000}], [{@dont_hash}]}}) r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000140)='net/vlan/vlan0\x00') write$binfmt_elf32(r0, &(0x7f0000000180)={{0x7f, 0x45, 0x4c, 0x46, 0x3, 0x1, 0x12, 0x40, 0x1, 0x3, 0x6, 0x7, 0x38b, 0x38, 0x342, 0x7f, 0x5, 0x20, 0x2, 0xfff, 0x81, 0x5ae}, [{0x4, 0x9a6, 0xfffff639, 0x8, 0xffffffff, 0x22d9d2f1, 0x8, 0x800}, {0x3, 0x6847, 0x8, 0x5, 0x20, 0x101, 0x5, 0x4}], "663c93deb4d85350cc7d1bd9fe5ad5fb665fa7ea47c8707ebcf2e0f685e6b72edb73688fded8c8bd81eb88cd05daf66c64101f07d90b9960a778d8bc7698468c09d3a3243870224fbf1ddfe7a9293ad4e1b7d70fe0b74ea4683142f68c3b5eccb7215fa67cb34f234ff0b9e847fdb5637c48776170a12136f4dea84fe95f73ab2e95a11dc310905ddfc812e1b1b8675cd41fb0bc434612842717bf442808ff9f2a46a9cb53f9beaf6af0f4a3f6226e6ab3cd9b86f0e37332b2b543c71742a7ececa27446bf532b83d9db83b05128900abdc7da9ee7feae", ['\x00', '\x00']}, 0x34f) lsetxattr$trusted_overlay_opaque(&(0x7f0000000500)='./file0\x00', &(0x7f0000000540), &(0x7f0000000580), 0x2, 0x0) mount$9p_unix(&(0x7f00000005c0)='./file0\x00', &(0x7f0000000600)='./file0\x00', &(0x7f0000000640), 0x82000, &(0x7f0000000680)={'trans=unix,', {[{@debug}, {@access_user}, {@version_u}, {@noextend}, {@version_9p2000}, {@version_u}, {@loose}, {@aname={'aname', 0x3d, 'noextend'}}, {@access_user}], [{@seclabel}, {@subj_role}, {@rootcontext={'rootcontext', 0x3d, 'sysadm_u'}}, {@uid_eq={'uid', 0x3d, 0xee00}}, {@fscontext={'fscontext', 0x3d, 'staff_u'}}, {@uid_lt}, {@euid_gt={'euid>', 0xffffffffffffffff}}]}}) bind$unix(r0, &(0x7f00000007c0)=@abs={0x1, 0x0, 0xfffffffb}, 0x6e) r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000880)='net/vlan/config\x00') fsconfig$FSCONFIG_SET_FD(r1, 0x5, &(0x7f0000000840)='/]\x00', 0x0, r2) lsetxattr$security_capability(&(0x7f00000008c0)='./file0\x00', &(0x7f0000000900), &(0x7f0000000940)=@v2={0x2000000, [{0x8, 0x3}, {0x2}]}, 0x14, 0x1) creat(&(0x7f0000000980)='./file0\x00', 0x8) truncate(&(0x7f00000009c0)='./file0\x00', 0xc035) mount$9p_rdma(&(0x7f0000000a00), &(0x7f0000000a40)='./file0\x00', &(0x7f0000000a80), 0x104000, &(0x7f0000000ac0)={'trans=rdma,', {'port', 0x3d, 0x4e23}, 0x2c, {[{@timeout={'timeout', 0x3d, 0x2}}], [{@obj_role={'obj_role', 0x3d, '\''}}, {@smackfshat={'smackfshat', 0x3d, '$'}}, {@mask={'mask', 0x3d, 'MAY_WRITE'}}, {@seclabel}]}}) open_tree(r1, &(0x7f0000000b40)='./file0\x00', 0x1) connect$unix(r0, &(0x7f0000000b80)=@abs={0x0, 0x0, 0x4e23}, 0x6e) setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x30, &(0x7f0000000c00)={0x8, {{0xa, 0x4e24, 0x40, @private1={0xfc, 0x1, '\x00', 0x1}, 0x3}}, 0x1, 0x3, [{{0xa, 0x4e21, 0x8, @empty, 0x6}}, {{0xa, 0x4e20, 0x8, @empty, 0x7}}, {{0xa, 0x4e20, 0xfffffeff, @empty, 0x3}}]}, 0x210) lseek(r2, 0x5, 0x3) r3 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$VFAT_IOCTL_READDIR_SHORT(r3, 0x82307202, &(0x7f0000000e40)=[{0x0, 0x0, 0x100}, {0x0, 0x0, 0x100}]) acct(&(0x7f0000001080)='./file0\x00') 10:02:05 executing program 7: r0 = syz_genetlink_get_family_id$nbd(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$NBD_CMD_DISCONNECT(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x20, r0, 0x800, 0x70bd2a, 0x25dfdbfd, {}, [@NBD_ATTR_SIZE_BYTES={0xc, 0x2, 0xfd99}]}, 0x20}, 0x1, 0x0, 0x0, 0x20000020}, 0x4) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nbd(&(0x7f0000000180), 0xffffffffffffffff) sendmsg$NBD_CMD_CONNECT(r1, &(0x7f0000000240)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000200)={&(0x7f00000001c0)={0x20, r2, 0x100, 0x70bd2a, 0x25dfdbfd, {}, [@NBD_ATTR_BLOCK_SIZE_BYTES={0xc, 0x3, 0x3d2}]}, 0x20}, 0x1, 0x0, 0x0, 0xc8c4}, 0x4000008) sendmsg$NL802154_CMD_DEL_SEC_KEY(r1, &(0x7f0000000340)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000300)={&(0x7f00000002c0)={0x20, 0x0, 0x100, 0x70bd27, 0x25dfdbfd, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x100000001}]}, 0x20}, 0x1, 0x0, 0x0, 0x24000890}, 0xc000) r3 = syz_open_dev$vcsa(&(0x7f0000000380), 0x202, 0x200) sendmsg$NL80211_CMD_NEW_INTERFACE(r3, &(0x7f0000000480)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000440)={&(0x7f0000000400)={0x38, 0x0, 0x8, 0x70bd26, 0x25dfdbfd, {{}, {@val={0x8, 0x1, 0xd}, @void, @val={0xc, 0x99, {0x4, 0x44}}}}, [@NL80211_ATTR_SOCKET_OWNER={0x4}, @NL80211_ATTR_MESH_ID={0xa}]}, 0x38}, 0x1, 0x0, 0x0, 0x20014005}, 0x41810) r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NBD_CMD_CONNECT(r5, &(0x7f0000000580)={&(0x7f00000004c0)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000540)={&(0x7f0000000500)={0x38, r2, 0x20, 0x70bd27, 0x25dfdbfd, {}, [@NBD_ATTR_DEAD_CONN_TIMEOUT={0xc, 0x8, 0x7f}, @NBD_ATTR_SERVER_FLAGS={0xc, 0x5, 0xffd3f14142c2a286}, @NBD_ATTR_DEAD_CONN_TIMEOUT={0xc, 0x8, 0x6a4cd30c}]}, 0x38}, 0x1, 0x0, 0x0, 0x2000c001}, 0x4000000) r6 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL802154_CMD_SET_CCA_ED_LEVEL(r6, &(0x7f0000000680)={&(0x7f00000005c0)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000640)={&(0x7f0000000600)={0x30, 0x0, 0x200, 0x70bd2c, 0x25dfdbfd, {}, [@NL802154_ATTR_CCA_ED_LEVEL={0x8, 0xe, 0x2}, @NL802154_ATTR_CCA_ED_LEVEL={0x8, 0xe, 0xc}, @NL802154_ATTR_WPAN_DEV={0xc}]}, 0x30}, 0x1, 0x0, 0x0, 0x40000}, 0x40) r7 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000700), r5) sendmsg$NLBL_MGMT_C_REMOVEDEF(r1, &(0x7f00000007c0)={&(0x7f00000006c0)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000780)={&(0x7f0000000740)={0x1c, r7, 0x304, 0x70bd2b, 0x25dfdbfc, {}, [@NLBL_MGMT_A_FAMILY={0x6, 0xb, 0x26}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4000000}, 0x0) syz_genetlink_get_family_id$netlbl_calipso(&(0x7f0000000800), r4) ioctl$F2FS_IOC_MOVE_RANGE(r3, 0xc020f509, &(0x7f0000000840)={r3, 0x7fffffff, 0x100000000, 0x100}) r9 = syz_genetlink_get_family_id$nl80211(&(0x7f00000008c0), r3) sendmsg$NL80211_CMD_FRAME(r8, &(0x7f00000009c0)={&(0x7f0000000880)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000980)={&(0x7f0000000900)={0x60, r9, 0x0, 0x70bd26, 0x25dfdbfd, {{}, {@val={0x8}, @val={0xc, 0x99, {0x1, 0x5e}}}}, [@NL80211_ATTR_OFFCHANNEL_TX_OK={0x4}, @NL80211_ATTR_CSA_C_OFFSETS_TX={0xc, 0xcd, [0x7, 0x4bb1, 0x6, 0x3f]}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}, @NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0xf}, @NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0xd}, @NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x4}, @NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x4}]]}, 0x60}, 0x1, 0x0, 0x0, 0x40008a4}, 0x0) syz_genetlink_get_family_id$nl802154(&(0x7f0000000a00), 0xffffffffffffffff) [ 74.393647] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 74.395304] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 74.396657] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 74.398290] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 74.399699] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 74.401669] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 74.403287] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 74.404995] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 74.406856] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 74.411204] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 74.413344] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 74.415824] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 74.417187] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 74.418781] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 74.448703] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 74.449795] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 74.452179] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 74.454740] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 74.456616] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 74.458004] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 74.460289] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 74.462341] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 74.463759] Bluetooth: hci2: HCI_REQ-0x0c1a [ 74.465220] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 74.471072] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 74.472880] Bluetooth: hci0: HCI_REQ-0x0c1a [ 74.473868] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 74.474096] Bluetooth: hci1: HCI_REQ-0x0c1a [ 74.482099] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 74.483963] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 74.484657] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 74.488991] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 74.489128] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 74.491715] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 74.494634] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 74.498466] Bluetooth: hci4: HCI_REQ-0x0c1a [ 74.500279] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 74.505162] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 74.512129] Bluetooth: hci5: HCI_REQ-0x0c1a [ 74.526999] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 74.529496] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 74.532176] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 74.537627] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 74.540953] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 74.542501] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 74.544212] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 74.546918] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 74.549104] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 74.554660] Bluetooth: hci3: HCI_REQ-0x0c1a [ 74.556796] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 74.564087] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 74.567633] Bluetooth: hci7: HCI_REQ-0x0c1a [ 74.575195] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 74.577437] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 74.580787] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 74.594504] Bluetooth: hci6: HCI_REQ-0x0c1a [ 76.531718] Bluetooth: hci5: command 0x0409 tx timeout [ 76.532951] Bluetooth: hci2: command 0x0409 tx timeout [ 76.533881] Bluetooth: hci4: command 0x0409 tx timeout [ 76.534770] Bluetooth: hci1: command 0x0409 tx timeout [ 76.535657] Bluetooth: hci0: command 0x0409 tx timeout [ 76.595519] Bluetooth: hci3: command 0x0409 tx timeout [ 76.597160] Bluetooth: hci7: command 0x0409 tx timeout [ 76.659912] Bluetooth: hci6: command 0x0409 tx timeout [ 78.579731] Bluetooth: hci0: command 0x041b tx timeout [ 78.580804] Bluetooth: hci1: command 0x041b tx timeout [ 78.581660] Bluetooth: hci4: command 0x041b tx timeout [ 78.582464] Bluetooth: hci2: command 0x041b tx timeout [ 78.583252] Bluetooth: hci5: command 0x041b tx timeout [ 78.644619] Bluetooth: hci7: command 0x041b tx timeout [ 78.645530] Bluetooth: hci3: command 0x041b tx timeout [ 78.707760] Bluetooth: hci6: command 0x041b tx timeout [ 80.628553] Bluetooth: hci5: command 0x040f tx timeout [ 80.629017] Bluetooth: hci2: command 0x040f tx timeout [ 80.629797] Bluetooth: hci4: command 0x040f tx timeout [ 80.630188] Bluetooth: hci1: command 0x040f tx timeout [ 80.630920] Bluetooth: hci0: command 0x040f tx timeout [ 80.692499] Bluetooth: hci3: command 0x040f tx timeout [ 80.692963] Bluetooth: hci7: command 0x040f tx timeout [ 80.756441] Bluetooth: hci6: command 0x040f tx timeout [ 82.676923] Bluetooth: hci0: command 0x0419 tx timeout [ 82.677830] Bluetooth: hci1: command 0x0419 tx timeout [ 82.678254] Bluetooth: hci4: command 0x0419 tx timeout [ 82.678699] Bluetooth: hci2: command 0x0419 tx timeout [ 82.679126] Bluetooth: hci5: command 0x0419 tx timeout [ 82.740489] Bluetooth: hci7: command 0x0419 tx timeout [ 82.740966] Bluetooth: hci3: command 0x0419 tx timeout [ 82.803445] Bluetooth: hci6: command 0x0419 tx timeout 10:03:00 executing program 5: r0 = syz_open_procfs(0x0, &(0x7f0000000000)='net/softnet_stat\x00') perf_event_open(&(0x7f0000000080)={0x5, 0x80, 0x77, 0x0, 0x0, 0x5, 0x0, 0x1, 0x80c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000001, 0x2, @perf_bp={&(0x7f0000000040)}, 0x0, 0x0, 0xfffffffe, 0x9, 0x0, 0x0, 0x0, 0x0, 0x40}, 0x0, 0x0, 0xffffffffffffffff, 0xa) pread64(r0, &(0x7f0000000300)=""/102375, 0x18fe7, 0x0) [ 128.256448] audit: type=1400 audit(1664704980.306:7): avc: denied { open } for pid=3800 comm="syz-executor.5" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 [ 128.258024] audit: type=1400 audit(1664704980.306:8): avc: denied { kernel } for pid=3800 comm="syz-executor.5" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 10:03:00 executing program 5: r0 = syz_open_procfs(0x0, &(0x7f0000000000)='net/softnet_stat\x00') perf_event_open(&(0x7f0000000080)={0x5, 0x80, 0x77, 0x0, 0x0, 0x5, 0x0, 0x1, 0x80c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000001, 0x2, @perf_bp={&(0x7f0000000040)}, 0x0, 0x0, 0xfffffffe, 0x9, 0x0, 0x0, 0x0, 0x0, 0x40}, 0x0, 0x0, 0xffffffffffffffff, 0xa) pread64(r0, &(0x7f0000000300)=""/102375, 0x18fe7, 0x0) 10:03:00 executing program 5: r0 = syz_open_procfs(0x0, &(0x7f0000000000)='net/softnet_stat\x00') perf_event_open(&(0x7f0000000080)={0x5, 0x80, 0x77, 0x0, 0x0, 0x5, 0x0, 0x1, 0x80c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000001, 0x2, @perf_bp={&(0x7f0000000040)}, 0x0, 0x0, 0xfffffffe, 0x9, 0x0, 0x0, 0x0, 0x0, 0x40}, 0x0, 0x0, 0xffffffffffffffff, 0xa) pread64(r0, &(0x7f0000000300)=""/102375, 0x18fe7, 0x0) 10:03:00 executing program 5: r0 = syz_open_procfs(0x0, &(0x7f0000000000)='net/softnet_stat\x00') perf_event_open(&(0x7f0000000080)={0x5, 0x80, 0x77, 0x0, 0x0, 0x5, 0x0, 0x1, 0x80c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000001, 0x2, @perf_bp={&(0x7f0000000040)}, 0x0, 0x0, 0xfffffffe, 0x9, 0x0, 0x0, 0x0, 0x0, 0x40}, 0x0, 0x0, 0xffffffffffffffff, 0xa) pread64(r0, &(0x7f0000000300)=""/102375, 0x18fe7, 0x0) 10:03:00 executing program 5: syz_open_procfs(0x0, &(0x7f0000000000)='net/softnet_stat\x00') perf_event_open(&(0x7f0000000080)={0x5, 0x80, 0x77, 0x0, 0x0, 0x5, 0x0, 0x1, 0x80c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000001, 0x2, @perf_bp={&(0x7f0000000040)}, 0x0, 0x0, 0xfffffffe, 0x9, 0x0, 0x0, 0x0, 0x0, 0x40}, 0x0, 0x0, 0xffffffffffffffff, 0xa) 10:03:00 executing program 5: perf_event_open(&(0x7f0000000080)={0x5, 0x80, 0x77, 0x0, 0x0, 0x5, 0x0, 0x1, 0x80c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000001, 0x2, @perf_bp={&(0x7f0000000040)}, 0x0, 0x0, 0xfffffffe, 0x9, 0x0, 0x0, 0x0, 0x0, 0x40}, 0x0, 0x0, 0xffffffffffffffff, 0xa) 10:03:01 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0xa) 10:03:01 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0xa) [ 130.340283] Process accounting resumed 10:03:20 executing program 1: perf_event_open(&(0x7f0000000080)={0x0, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = perf_event_open$cgroup(&(0x7f00000000c0)={0x2, 0x80, 0x5c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_SET_FILTER(r0, 0x40082406, &(0x7f0000000080)='(]\\{^!)\x00') ioctl$PERF_EVENT_IOC_RESET(0xffffffffffffffff, 0x2403, 0x0) dup(0xffffffffffffffff) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(0xffffffffffffffff, 0xc08c5332, 0x0) ioctl$BTRFS_IOC_INO_LOOKUP_USER(0xffffffffffffffff, 0xd000943e, 0x0) fcntl$F_GET_FILE_RW_HINT(0xffffffffffffffff, 0x40d, &(0x7f0000000000)) 10:03:20 executing program 0: capset(&(0x7f0000000040)={0x20080522}, &(0x7f0000000580)) syz_open_dev$tty20(0xc, 0x4, 0x0) r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TIOCL_GETMOUSEREPORTING(r0, 0x541c, &(0x7f0000000000)) r1 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TCGETA(0xffffffffffffffff, 0x5405, &(0x7f0000000100)) ioctl$TIOCL_GETMOUSEREPORTING(r1, 0x541c, &(0x7f0000000000)) ioctl$TCGETA(r1, 0x5405, &(0x7f0000000080)) ioctl$TIOCSSOFTCAR(r0, 0x541a, &(0x7f00000000c0)=0x9) 10:03:20 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0xa) 10:03:20 executing program 2: r0 = add_key$keyring(&(0x7f0000000240), &(0x7f0000000140)={'syz', 0x0}, 0x0, 0x0, 0xfffffffffffffffd) r1 = add_key$keyring(&(0x7f0000000000), &(0x7f00000002c0)={'syz', 0x2}, 0x0, 0x0, r0) request_key(&(0x7f0000000100)='cifs.idmap\x00', &(0x7f0000000280)={'syz', 0x1}, &(0x7f0000000300)='[}\x00', r1) r2 = add_key$keyring(&(0x7f00000001c0), &(0x7f0000000200)={'syz', 0x1}, 0x0, 0x0, r1) r3 = add_key$keyring(&(0x7f0000000080), &(0x7f00000000c0)={'syz', 0x3}, 0x0, 0x0, r2) keyctl$search(0xa, r1, &(0x7f0000000400)='keyring\x00', &(0x7f0000000440)={'syz', 0x2}, r3) syz_emit_ethernet(0x46, &(0x7f00000000c0)=ANY=[@ANYRES16=r2, @ANYRESHEX=0x0, @ANYRES64=r3], 0x0) syz_emit_ethernet(0x112, &(0x7f0000000480)={@dev={'\xaa\xaa\xaa\xaa\xaa', 0x3e}, @multicast, @void, {@mpls_uc={0x8847, {[{0x3, 0x0, 0x1}], @llc={@llc={0xff, 0x2, "43d4", "86d832d7abc042e1b69712ad4b9bba9857dc3527c066ae1576749b7170619b2f20492a66c39f015e60321308f741135869fcca176d580fbc9c831ee868a5142645f0ea45ddb726bb8f9d6192b85cac9a0dfc3c9cec079934cff5d04cfde547b77a30534beec956995e87cedeac5e51d9aaef6602d6aa9231bab471f36a8ed395a32965b1a763a565dece21fbeec39d51be22e387a859e9f21601ed0ee1fca69ca64736455af66a6646cac1c4e5badc523ee7b7183bcd893e3e2ac2adfa764848388949ed25b6bee40884e8621610920960ddd0c69c6299c37281acbe3731e53b90090cd9ac743d118f9c7395b00272254ab97df844c894c4a1f21d28"}}}}}}, 0x0) recvfrom(0xffffffffffffffff, &(0x7f0000000000)=""/130, 0x82, 0x22, &(0x7f0000000180)=@ethernet={0x6, @random="50c1fc4b1c0a"}, 0x80) 10:03:20 executing program 6: mount$9p_unix(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='./file0\x00', &(0x7f0000000080), 0x1000, &(0x7f00000000c0)={'trans=unix,', {[{@uname={'uname', 0x3d, '-$'}}, {@noextend}, {@version_9p2000}], [{@dont_hash}]}}) r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000140)='net/vlan/vlan0\x00') write$binfmt_elf32(r0, &(0x7f0000000180)={{0x7f, 0x45, 0x4c, 0x46, 0x3, 0x1, 0x12, 0x40, 0x1, 0x3, 0x6, 0x7, 0x38b, 0x38, 0x342, 0x7f, 0x5, 0x20, 0x2, 0xfff, 0x81, 0x5ae}, [{0x4, 0x9a6, 0xfffff639, 0x8, 0xffffffff, 0x22d9d2f1, 0x8, 0x800}, {0x3, 0x6847, 0x8, 0x5, 0x20, 0x101, 0x5, 0x4}], "663c93deb4d85350cc7d1bd9fe5ad5fb665fa7ea47c8707ebcf2e0f685e6b72edb73688fded8c8bd81eb88cd05daf66c64101f07d90b9960a778d8bc7698468c09d3a3243870224fbf1ddfe7a9293ad4e1b7d70fe0b74ea4683142f68c3b5eccb7215fa67cb34f234ff0b9e847fdb5637c48776170a12136f4dea84fe95f73ab2e95a11dc310905ddfc812e1b1b8675cd41fb0bc434612842717bf442808ff9f2a46a9cb53f9beaf6af0f4a3f6226e6ab3cd9b86f0e37332b2b543c71742a7ececa27446bf532b83d9db83b05128900abdc7da9ee7feae", ['\x00', '\x00']}, 0x34f) lsetxattr$trusted_overlay_opaque(&(0x7f0000000500)='./file0\x00', &(0x7f0000000540), &(0x7f0000000580), 0x2, 0x0) mount$9p_unix(&(0x7f00000005c0)='./file0\x00', &(0x7f0000000600)='./file0\x00', &(0x7f0000000640), 0x82000, &(0x7f0000000680)={'trans=unix,', {[{@debug}, {@access_user}, {@version_u}, {@noextend}, {@version_9p2000}, {@version_u}, {@loose}, {@aname={'aname', 0x3d, 'noextend'}}, {@access_user}], [{@seclabel}, {@subj_role}, {@rootcontext={'rootcontext', 0x3d, 'sysadm_u'}}, {@uid_eq={'uid', 0x3d, 0xee00}}, {@fscontext={'fscontext', 0x3d, 'staff_u'}}, {@uid_lt}, {@euid_gt={'euid>', 0xffffffffffffffff}}]}}) bind$unix(r0, &(0x7f00000007c0)=@abs={0x1, 0x0, 0xfffffffb}, 0x6e) r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000880)='net/vlan/config\x00') fsconfig$FSCONFIG_SET_FD(r1, 0x5, &(0x7f0000000840)='/]\x00', 0x0, r2) lsetxattr$security_capability(&(0x7f00000008c0)='./file0\x00', &(0x7f0000000900), &(0x7f0000000940)=@v2={0x2000000, [{0x8, 0x3}, {0x2}]}, 0x14, 0x1) creat(&(0x7f0000000980)='./file0\x00', 0x8) truncate(&(0x7f00000009c0)='./file0\x00', 0xc035) mount$9p_rdma(&(0x7f0000000a00), &(0x7f0000000a40)='./file0\x00', &(0x7f0000000a80), 0x104000, &(0x7f0000000ac0)={'trans=rdma,', {'port', 0x3d, 0x4e23}, 0x2c, {[{@timeout={'timeout', 0x3d, 0x2}}], [{@obj_role={'obj_role', 0x3d, '\''}}, {@smackfshat={'smackfshat', 0x3d, '$'}}, {@mask={'mask', 0x3d, 'MAY_WRITE'}}, {@seclabel}]}}) open_tree(r1, &(0x7f0000000b40)='./file0\x00', 0x1) connect$unix(r0, &(0x7f0000000b80)=@abs={0x0, 0x0, 0x4e23}, 0x6e) setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x30, &(0x7f0000000c00)={0x8, {{0xa, 0x4e24, 0x40, @private1={0xfc, 0x1, '\x00', 0x1}, 0x3}}, 0x1, 0x3, [{{0xa, 0x4e21, 0x8, @empty, 0x6}}, {{0xa, 0x4e20, 0x8, @empty, 0x7}}, {{0xa, 0x4e20, 0xfffffeff, @empty, 0x3}}]}, 0x210) lseek(r2, 0x5, 0x3) r3 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$VFAT_IOCTL_READDIR_SHORT(r3, 0x82307202, &(0x7f0000000e40)=[{0x0, 0x0, 0x100}, {0x0, 0x0, 0x100}]) acct(&(0x7f0000001080)='./file0\x00') 10:03:20 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff}) r1 = socket$inet_tcp(0x2, 0x1, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x44214, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff}, 0x0, 0x1, 0xffffffffffffffff, 0x0) rt_sigprocmask(0x0, &(0x7f0000000000)={[0x1829]}, 0x0, 0x8) setsockopt$inet_tcp_TCP_CONGESTION(r1, 0x6, 0xd, &(0x7f0000000180)='htcp\x00', 0x5) sendmmsg(r1, &(0x7f0000006700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) rt_sigtimedwait(&(0x7f0000000100)={[0x59bd]}, 0x0, 0x0, 0x8) r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000140)='fdinfo/3\x00') pread64(r0, &(0x7f0000000040)=""/47, 0x2f, 0x7c23) read$hiddev(r2, &(0x7f0000000200)=""/114, 0x72) 10:03:20 executing program 4: setsockopt$IP_VS_SO_SET_DEL(0xffffffffffffffff, 0x0, 0x484, &(0x7f0000000140)={0x32, @multicast2, 0x4e21, 0x0, 'sh\x00', 0x23, 0x9, 0x40}, 0x2c) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x100000, 0x19, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000100000005000000000004000040000020000000e1f4655fe1f4655f0100ffff53ef010001000000e0f4655f000000000000000001000000000000000b0000008000000018000000c20500002b0200000000000000000000000000000000000073797a6b616c6c6572000000000000002f746d702f73797a2d696d61676567656e38373635383433343000"/192, 0xc0, 0x400}, {&(0x7f0000010100)="000000000000000000000000a4d0099b099d46eeb5a6d2ef5e9d5ded010040000c00000000000000e0f4655f00"/64, 0x40, 0x4e0}, {&(0x7f0000010200)="0100000000000500400000000000000000000000000000004700000000000000", 0x20, 0x560}, {&(0x7f0000010300)="02000000030000000400000015000f0003000400"/32, 0x20, 0x800}, {&(0x7f0000010400)="ff070000ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff0100ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff0000000000000000e0f4655fe0f4655fe0f4655f00"/4128, 0x1020, 0x1000}, {&(0x7f0000011500)="ed41000000080000e0f4655fe1f4655fe1f4655f00000000000004004000000000000800050000000af301000400000000000000000000000100000010000000", 0x40, 0x2080}, {&(0x7f0000011600)="8081000000601020e0f4655fe0f4655fe0f4655f00000000000001004000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000030000000", 0x60, 0x2300}, {&(0x7f0000011700)="c041000000400000e0f4655fe0f4655fe0f4655f00000000000002004000000000000800000000000af301000400000000000000000000000800000020000000", 0x40, 0x2500}, {&(0x7f0000011800)="ed41000000080000e1f4655fe1f4655fe1f4655f00000000000002004000000000000800030000000af301000400000000000000000000000100000050000000000000000000000000000000000000000000000000000000000000000000000000000000ba56a6e5000000000000000000000000000000000000000000000000ed8100001a040000e1f4655fe1f4655fe1f4655f00000000000001004000000000000800010000000af30100040000000000000000000000010000006000000000000000000000000000000000000000000000000000000000000000000000000000000078ce27cf000000000000000000000000000000000000000000000000ffa1000026000000e1f4655fe1f4655fe1f4655f00000000000001000000000000000000010000002f746d702f73797a2d696d61676567656e3837363538343334302f66696c65302f66696c653000000000000000000000000000000000000000000000ee3520d6000000000000000000000000000000000000000000000000ed8100000a000000e1f4655fe1f4655fe1f4655f00000000000001008000000000000800010000000af301000400000000000000000000000100000070000000000000000000000000000000000000000000000000000000000000000000000000000000070f9333800000000000000000000000000000000000000000000000ed81000028230000e1f4655fe1f4655fe1f4655f00000000000002004000000000000800010000000af301000400000000000000000000000500000090000000000000000000000000000000000000000000000000000000000000000000000000000000a9530bd8000000000000000000000000000000000000000000000000ed81000064000000e1f4655fe1f4655fe1f4655f00000000000001004000000000000800010000000af3010004000000000000000000000001000000a0000000000000000000000000000000000000000000000000000000000000000000000000000000a1aee7ad00"/768, 0x300, 0x2580}, {&(0x7f0000011b00)="020000000c0001022e000000020000000c0002022e2e00000b00000014000a026c6f73742b666f756e6400000c0000001000050266696c65300000000f0000001000050166696c6531000000100000001000050166696c6532000000100000001000050166696c6533000000110000009407090166696c652e636f6c64000000", 0x80, 0x8000}, {&(0x7f0000011c00)="0b0000000c0001022e00000002000000f40702022e2e00"/32, 0x20, 0x10000}, {&(0x7f0000011d00)='\x00\x00\x00\x00\x00\b\x00'/32, 0x20, 0x10800}, {&(0x7f0000011e00)='\x00\x00\x00\x00\x00\b\x00'/32, 0x20, 0x11000}, {&(0x7f0000011f00)='\x00\x00\x00\x00\x00\b\x00'/32, 0x20, 0x11800}, {&(0x7f0000012000)='\x00\x00\x00\x00\x00\b\x00'/32, 0x20, 0x12000}, {&(0x7f0000012100)='\x00\x00\x00\x00\x00\b\x00'/32, 0x20, 0x12800}, {&(0x7f0000012200)='\x00\x00\x00\x00\x00\b\x00'/32, 0x20, 0x13000}, {&(0x7f0000012300)='\x00\x00\x00\x00\x00\b\x00'/32, 0x20, 0x13800}, {&(0x7f0000012400)="504d4d00504d4dffe1f4655f00000000647679756b6f762d676c6170746f70320000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000006c6f6f7032390075782f746573742f73797a5f6d6f756e745f696d6167655f650500"/128, 0x80, 0x20000}, {&(0x7f0000012500)="0c0000000c0001022e000000020000000c0002022e2e00000d0000001000050166696c65300000000e000000d807050766696c653100"/64, 0x40, 0x28000}, {&(0x7f0000012600)='syzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkal\x00\x00\x00\x00\x00\x00', 0x420, 0x30000}, {&(0x7f0000012b00)='syzkallers\x00'/32, 0x20, 0x38000}, {&(0x7f0000012c00)="000002ea0100000001000000270f240c000000000000000000000000000000000601f8070000000006000000779b539778617474723100000601f00700000000060000007498539778617474723200"/96, 0x60, 0x40000}, {&(0x7f0000012d00)='\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00xattr2\x00\x00xattr1\x00\x00', 0x20, 0x407e0}, {&(0x7f0000012e00)='syzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallers\x00'/128, 0x80, 0x50000}], 0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="005aced703bcd8d01dd8196db3bc715d1217d317f7bca4aa40c3a4100402b883e05c53f9f81930f0d5c491edb90800000000000000cc9d94068479d7185e3fb82bb16403c14e3f5d0e487b867613124dcc7b441cdfeabf8e6796af8ddc7dfc08e62fe1b317f952c3be040d04aa0d8fdda809a7ac9ec6d0aee8ccb617f9dc888d13364b1d9ffd91fe"]) 10:03:20 executing program 7: openat$sndseq(0xffffffffffffff9c, &(0x7f0000000140), 0x149d82) r0 = openat2(0xffffffffffffffff, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)={0x400000, 0x4, 0x9}, 0x18) ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_CLIENT(r0, 0xc04c5349, &(0x7f0000000080)={0x6, 0x0, 0x8a2}) [ 148.623350] loop4: detected capacity change from 0 to 2048 [ 148.645211] ------------[ cut here ]------------ [ 148.645708] WARNING: CPU: 0 PID: 4008 at kernel/events/core.c:2233 event_filter_match+0x422/0x660 [ 148.646390] Modules linked in: [ 148.646632] CPU: 0 PID: 4008 Comm: syz-executor.2 Not tainted 6.0.0-rc7-next-20220930 #1 [ 148.647236] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 148.648078] RIP: 0010:event_filter_match+0x422/0x660 [ 148.648636] Code: 00 00 00 e9 7c fc ff ff e8 7b 33 f1 ff 65 8b 2d 00 9d ad 7e 31 ff 89 ee e8 1b 30 f1 ff 85 ed 0f 84 ef 00 00 00 e8 5e 33 f1 ff <0f> 0b eb 9f e8 d5 a1 23 00 e9 17 fc ff ff e8 4b 33 f1 ff 48 8d 7b [ 148.650797] RSP: 0018:ffff88806ce09c70 EFLAGS: 00010046 [ 148.651193] RAX: 0000000080010002 RBX: ffff8880407e9720 RCX: 0000000000000000 [ 148.651721] RDX: ffff88801df8d040 RSI: ffffffff8154d8d2 RDI: 0000000000000005 [ 148.652260] RBP: 0000000000000000 R08: 0000000000000005 R09: 0000000000000001 [ 148.652788] R10: 0000000000000000 R11: ffffffff865b401b R12: ffff8880407e9940 [ 148.653314] R13: 0000000000000000 R14: ffff8880407e97c8 R15: ffff8880407e9940 [ 148.653844] FS: 0000000000000000(0000) GS:ffff88806ce00000(0000) knlGS:0000000000000000 [ 148.654446] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 148.654885] CR2: 00007fdf52990ff8 CR3: 000000000f3fc000 CR4: 0000000000350ef0 [ 148.655426] Call Trace: [ 148.655623] [ 148.655795] merge_sched_in+0x107/0x1110 [ 148.656114] visit_groups_merge.constprop.0.isra.0+0x4fc/0xef0 [ 148.656562] ? merge_sched_in+0x1110/0x1110 [ 148.656889] ? lock_is_held_type+0xd7/0x130 [ 148.657217] ctx_sched_in+0x2e6/0x770 [ 148.657511] ? lock_acquire+0x1b2/0x530 [ 148.657816] ? visit_groups_merge.constprop.0.isra.0+0xef0/0xef0 [ 148.658274] ? lock_is_held_type+0xd7/0x130 [ 148.658606] perf_event_sched_in+0x75/0x80 [ 148.658930] ctx_resched+0x1ce/0x390 [ 148.659222] __perf_install_in_context+0x285/0x9c0 [ 148.659587] ? ctx_resched+0x390/0x390 [ 148.659889] remote_function+0x125/0x1b0 [ 148.660202] __flush_smp_call_function_queue+0x1df/0x5a0 [ 148.660604] ? perf_duration_warn+0x40/0x40 [ 148.660932] __sysvec_call_function_single+0x92/0x3a0 [ 148.661322] sysvec_call_function_single+0x89/0xc0 [ 148.661687] [ 148.661864] [ 148.662044] asm_sysvec_call_function_single+0x16/0x20 [ 148.662434] RIP: 0010:page_remove_rmap+0xfa/0x490 [ 148.662797] Code: ec 3a 0a 00 f0 83 45 30 ff 0f 98 c3 31 ff 89 de e8 db c4 d7 ff 84 db 0f 85 10 01 00 00 e8 5e c8 d7 ff 48 89 ef e8 36 5f 0c 00 <49> 8d 7d 20 48 b8 00 00 00 00 00 fc ff df 48 89 fa 48 c1 ea 03 80 [ 148.664098] RSP: 0018:ffff88804132f618 EFLAGS: 00000282 [ 148.664491] RAX: 0000000000000000 RBX: 0000000000000000 RCX: ffff88804132f5a0 [ 148.665014] RDX: 1ffff11003bf1b35 RSI: 0000000000000001 RDI: 0000000000000000 [ 148.665530] RBP: ffffea0000bf5e40 R08: 0000000000000000 R09: 0000000000000000 [ 148.666065] R10: 0000000000000001 R11: 0000000000000001 R12: 0000000000000000 [ 148.666589] R13: ffff8880182889c0 R14: 0000000000000000 R15: ffffea0000bf5e40 [ 148.667149] ? page_remove_rmap+0xfa/0x490 [ 148.667486] unmap_page_range+0x1c26/0x2a10 [ 148.667840] ? vm_normal_page+0x2e0/0x2e0 [ 148.668168] ? mas_find+0x209/0xdd0 [ 148.668448] ? uprobe_munmap+0x1c/0x560 [ 148.668767] unmap_single_vma+0x190/0x380 [ 148.669092] unmap_vmas+0x21e/0x370 [ 148.669388] ? unmap_mapping_range+0x280/0x280 [ 148.669749] ? find_held_lock+0x2c/0x110 [ 148.670081] ? lock_downgrade+0x6d0/0x6d0 [ 148.670429] exit_mmap+0x154/0x680 [ 148.670710] ? __ia32_sys_remap_file_pages+0x150/0x150 [ 148.671127] ? delayed_uprobe_remove+0x27/0x230 [ 148.671497] mmput+0xd1/0x390 [ 148.671760] do_exit+0xa2e/0x27f0 [ 148.672039] ? lock_release+0x3b2/0x750 [ 148.672345] ? get_signal+0x88b/0x22d0 [ 148.672659] ? mm_update_next_owner+0x7e0/0x7e0 [ 148.673018] ? lock_is_held_type+0xd7/0x130 [ 148.673354] do_group_exit+0xd0/0x2a0 [ 148.673655] get_signal+0x2195/0x22d0 [ 148.673951] ? wake_up_q+0x8b/0xf0 [ 148.674238] ? exit_signals+0x8b0/0x8b0 [ 148.674566] arch_do_signal_or_restart+0x89/0x1be0 [ 148.674951] ? do_futex+0x136/0x380 [ 148.675237] ? __ia32_compat_sys_get_robust_list+0x3b0/0x3b0 [ 148.675673] ? get_sigframe_size+0x10/0x10 [ 148.675999] ? __x64_sys_futex+0x1c6/0x4d0 [ 148.676327] ? __x64_sys_futex_time32+0x480/0x480 [ 148.676694] ? exit_to_user_mode_prepare+0x109/0x1a0 [ 148.677086] exit_to_user_mode_prepare+0x131/0x1a0 [ 148.677461] syscall_exit_to_user_mode+0x19/0x40 [ 148.677824] do_syscall_64+0x48/0x90 [ 148.678122] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 148.678516] RIP: 0033:0x7fd43a1c3b19 [ 148.678800] Code: Unable to access opcode bytes at 0x7fd43a1c3aef. [ 148.679262] RSP: 002b:00007fd4376f7218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 148.679834] RAX: fffffffffffffe00 RBX: 00007fd43a2d70e8 RCX: 00007fd43a1c3b19 [ 148.680370] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007fd43a2d70e8 [ 148.680913] RBP: 00007fd43a2d70e0 R08: 0000000000000000 R09: 0000000000000000 [ 148.681446] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fd43a2d70ec [ 148.681982] R13: 00007fffc805255f R14: 00007fd4376f7300 R15: 0000000000022000 [ 148.682550] [ 148.682727] irq event stamp: 288 [ 148.682982] hardirqs last enabled at (287): [] asm_sysvec_call_function_single+0x16/0x20 [ 148.683698] hardirqs last disabled at (288): [] sysvec_call_function_single+0xb/0xc0 [ 148.684397] softirqs last enabled at (278): [] __irq_exit_rcu+0x11b/0x180 [ 148.685035] softirqs last disabled at (219): [] __irq_exit_rcu+0x11b/0x180 [ 148.685667] ---[ end trace 0000000000000000 ]--- [ 148.686055] ------------[ cut here ]------------ [ 148.686406] WARNING: CPU: 0 PID: 4008 at kernel/events/core.c:2557 merge_sched_in+0xadb/0x1110 [ 148.687052] Modules linked in: [ 148.687300] CPU: 0 PID: 4008 Comm: syz-executor.2 Tainted: G W 6.0.0-rc7-next-20220930 #1 [ 148.688004] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 148.688832] RIP: 0010:merge_sched_in+0xadb/0x1110 [ 148.689203] Code: ff ff e8 08 0e ef ff 65 8b 05 8d 77 ab 7e 31 ff 89 c6 89 04 24 e8 a5 0a ef ff 8b 04 24 85 c0 0f 84 13 02 00 00 e8 e5 0d ef ff <0f> 0b e9 c4 fb ff ff e8 d9 0d ef ff 4c 89 e8 48 05 18 01 00 00 e9 [ 148.690569] RSP: 0018:ffff88806ce09cb0 EFLAGS: 00010046 [ 148.690972] RAX: 0000000080010002 RBX: ffff88806ce3d2c0 RCX: 0000000000000000 [ 148.691511] RDX: ffff88801df8d040 RSI: ffffffff8156fe4b RDI: 0000000000000005 [ 148.692048] RBP: ffff8880407e9720 R08: 0000000000000005 R09: 0000000000000001 [ 148.692578] R10: 0000000000000000 R11: ffffffff865b401b R12: ffff88806ce3d2c0 [ 148.693108] R13: ffff88806ce00000 R14: ffff8880407e97c8 R15: ffff8880407e9940 [ 148.693642] FS: 0000000000000000(0000) GS:ffff88806ce00000(0000) knlGS:0000000000000000 [ 148.694250] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 148.694685] CR2: 00007fdf52990ff8 CR3: 000000000f3fc000 CR4: 0000000000350ef0 [ 148.695215] Call Trace: [ 148.695413] [ 148.695594] visit_groups_merge.constprop.0.isra.0+0x4fc/0xef0 [ 148.696058] ? merge_sched_in+0x1110/0x1110 [ 148.696389] ? lock_is_held_type+0xd7/0x130 [ 148.696727] ctx_sched_in+0x2e6/0x770 [ 148.697030] ? lock_acquire+0x1b2/0x530 [ 148.697342] ? visit_groups_merge.constprop.0.isra.0+0xef0/0xef0 [ 148.697806] ? lock_is_held_type+0xd7/0x130 [ 148.698149] perf_event_sched_in+0x75/0x80 [ 148.698476] ctx_resched+0x1ce/0x390 [ 148.698771] __perf_install_in_context+0x285/0x9c0 [ 148.699147] ? ctx_resched+0x390/0x390 [ 148.699451] remote_function+0x125/0x1b0 [ 148.699764] __flush_smp_call_function_queue+0x1df/0x5a0 [ 148.700176] ? perf_duration_warn+0x40/0x40 [ 148.700513] __sysvec_call_function_single+0x92/0x3a0 [ 148.700912] sysvec_call_function_single+0x89/0xc0 [ 148.701286] [ 148.701459] [ 148.701637] asm_sysvec_call_function_single+0x16/0x20 [ 148.702044] RIP: 0010:page_remove_rmap+0xfa/0x490 [ 148.702417] Code: ec 3a 0a 00 f0 83 45 30 ff 0f 98 c3 31 ff 89 de e8 db c4 d7 ff 84 db 0f 85 10 01 00 00 e8 5e c8 d7 ff 48 89 ef e8 36 5f 0c 00 <49> 8d 7d 20 48 b8 00 00 00 00 00 fc ff df 48 89 fa 48 c1 ea 03 80 [ 148.703775] RSP: 0018:ffff88804132f618 EFLAGS: 00000282 [ 148.704175] RAX: 0000000000000000 RBX: 0000000000000000 RCX: ffff88804132f5a0 [ 148.704698] RDX: 1ffff11003bf1b35 RSI: 0000000000000001 RDI: 0000000000000000 [ 148.705232] RBP: ffffea0000bf5e40 R08: 0000000000000000 R09: 0000000000000000 [ 148.705760] R10: 0000000000000001 R11: 0000000000000001 R12: 0000000000000000 [ 148.706292] R13: ffff8880182889c0 R14: 0000000000000000 R15: ffffea0000bf5e40 [ 148.706839] ? page_remove_rmap+0xfa/0x490 [ 148.707164] unmap_page_range+0x1c26/0x2a10 [ 148.707517] ? vm_normal_page+0x2e0/0x2e0 [ 148.707839] ? mas_find+0x209/0xdd0 [ 148.708116] ? uprobe_munmap+0x1c/0x560 [ 148.708425] unmap_single_vma+0x190/0x380 [ 148.708753] unmap_vmas+0x21e/0x370 [ 148.709038] ? unmap_mapping_range+0x280/0x280 [ 148.709391] ? find_held_lock+0x2c/0x110 [ 148.709713] ? lock_downgrade+0x6d0/0x6d0 [ 148.710058] exit_mmap+0x154/0x680 [ 148.710337] ? __ia32_sys_remap_file_pages+0x150/0x150 [ 148.710754] ? delayed_uprobe_remove+0x27/0x230 [ 148.711121] mmput+0xd1/0x390 [ 148.711373] do_exit+0xa2e/0x27f0 [ 148.711653] ? lock_release+0x3b2/0x750 [ 148.711959] ? get_signal+0x88b/0x22d0 [ 148.712263] ? mm_update_next_owner+0x7e0/0x7e0 [ 148.712624] ? lock_is_held_type+0xd7/0x130 [ 148.712958] do_group_exit+0xd0/0x2a0 [ 148.713257] get_signal+0x2195/0x22d0 [ 148.713553] ? wake_up_q+0x8b/0xf0 [ 148.713837] ? exit_signals+0x8b0/0x8b0 [ 148.714161] arch_do_signal_or_restart+0x89/0x1be0 [ 148.714535] ? do_futex+0x136/0x380 [ 148.714817] ? __ia32_compat_sys_get_robust_list+0x3b0/0x3b0 [ 148.715254] ? get_sigframe_size+0x10/0x10 [ 148.715585] ? __x64_sys_futex+0x1c6/0x4d0 [ 148.715914] ? __x64_sys_futex_time32+0x480/0x480 [ 148.716283] ? exit_to_user_mode_prepare+0x109/0x1a0 [ 148.716675] exit_to_user_mode_prepare+0x131/0x1a0 [ 148.717049] syscall_exit_to_user_mode+0x19/0x40 [ 148.717413] do_syscall_64+0x48/0x90 [ 148.717703] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 148.718106] RIP: 0033:0x7fd43a1c3b19 [ 148.718400] Code: Unable to access opcode bytes at 0x7fd43a1c3aef. [ 148.718862] RSP: 002b:00007fd4376f7218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 148.719431] RAX: fffffffffffffe00 RBX: 00007fd43a2d70e8 RCX: 00007fd43a1c3b19 [ 148.719966] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007fd43a2d70e8 [ 148.720514] RBP: 00007fd43a2d70e0 R08: 0000000000000000 R09: 0000000000000000 [ 148.721055] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fd43a2d70ec [ 148.721591] R13: 00007fffc805255f R14: 00007fd4376f7300 R15: 0000000000022000 [ 148.722143] [ 148.722323] irq event stamp: 288 [ 148.722576] hardirqs last enabled at (287): [] asm_sysvec_call_function_single+0x16/0x20 [ 148.723289] hardirqs last disabled at (288): [] sysvec_call_function_single+0xb/0xc0 [ 148.723976] softirqs last enabled at (278): [] __irq_exit_rcu+0x11b/0x180 [ 148.724612] softirqs last disabled at (219): [] __irq_exit_rcu+0x11b/0x180 [ 148.725242] ---[ end trace 0000000000000000 ]--- [ 148.771999] audit: type=1400 audit(1664705000.822:9): avc: denied { write } for pid=3996 comm="syz-executor.1" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 [ 148.776100] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 148.777884] ext4 filesystem being mounted at /syzkaller-testdir654405800/syzkaller.QiDQfc/1/file0 supports timestamps until 2038 (0x7fffffff) 10:03:20 executing program 0: capset(&(0x7f0000000040)={0x20080522}, &(0x7f0000000580)) syz_open_dev$tty20(0xc, 0x4, 0x0) r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TIOCL_GETMOUSEREPORTING(r0, 0x541c, &(0x7f0000000000)) r1 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TCGETA(0xffffffffffffffff, 0x5405, &(0x7f0000000100)) ioctl$TIOCL_GETMOUSEREPORTING(r1, 0x541c, &(0x7f0000000000)) ioctl$TCGETA(r1, 0x5405, &(0x7f0000000080)) ioctl$TIOCSSOFTCAR(r0, 0x541a, &(0x7f00000000c0)=0x9) 10:03:20 executing program 7: r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$inet_udp_encap(r0, 0x11, 0x64, &(0x7f0000000000), 0x4) r1 = socket$inet_udplite(0x2, 0x2, 0x88) setsockopt$inet_udp_int(r1, 0x11, 0x0, 0x0, 0x0) pidfd_getfd(0xffffffffffffffff, r1, 0x0) r2 = socket$inet_udp(0x2, 0x2, 0x0) bind$inet(r2, &(0x7f0000000340)={0x2, 0x4e20, @empty}, 0x10) perf_event_open(&(0x7f00000002c0)={0x2, 0x80, 0x0, 0xa9, 0x1f, 0x1, 0x0, 0x2, 0x82000, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x2, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, @perf_bp={&(0x7f0000000100), 0xd}, 0x2200, 0x7fff, 0x1, 0x4, 0x0, 0x800, 0x2, 0x0, 0x688e, 0x0, 0x6}, 0x0, 0x4, 0xffffffffffffffff, 0x9) setsockopt$inet_udp_encap(r0, 0x11, 0x64, &(0x7f00000000c0)=0x3, 0x4) syz_emit_ethernet(0x2a, &(0x7f0000000140)={@multicast, @remote, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @empty}, {0x0, 0x4e20, 0x8}}}}}, 0x0) recvfrom(r0, &(0x7f0000000180)=""/177, 0xb1, 0x40, &(0x7f0000000240)=@vsock={0x28, 0x0, 0x2710, @hyper}, 0x80) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000080)={0x7}) [ 148.849332] Process accounting resumed 10:03:20 executing program 5: perf_event_open(&(0x7f0000000080)={0x0, 0x80, 0x77, 0x0, 0x0, 0x5, 0x0, 0x1, 0x80c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000001, 0x2, @perf_bp={&(0x7f0000000040)}, 0x0, 0x0, 0xfffffffe, 0x9, 0x0, 0x0, 0x0, 0x0, 0x40}, 0x0, 0x0, 0xffffffffffffffff, 0xa) 10:03:20 executing program 3: pipe2$9p(&(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r1, &(0x7f0000000040)={0xd, 0x65, 0xffff, 0x0, 0x1, '9P2000.L'}, 0x15) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$9p(r1, &(0x7f0000000340)="66360157c22f24862b9bbd518771d7c716dbed9ff044bb03912a2a125cb677fb27d74b7ba72238e8eab6851299e12542cd92cf5e82bcf4304df43ef7d765da46c274cf7fd2ce9f858a77d1da4f645db76597b8a6cedc4a69543a203a769ab7513ad8e2a18b04ba97828eea26d3f97b7c3037a71175ebb47ca60fed32763363b74fcaf01683dd83149f187a95104e8bee9063a4dd0f8b41a58095bf6446a31a8a4a389ac76637bd8cf7799e82eed4e3dea4e26a0d7062664fbf3fbb424b910266de1234a535af5ce6cd220706715be53c5a3d73f74f64b1f4154a4cad9ff318ecb1cf5af4f97edee174a6c627229851aa1e83c9813bee5d7cf92c950a3044e4", 0xff) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x200000, 0xc, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000900100000f000000000000000200000006000000000008000080000020000000e2f4655fe2f4655f0100ffff53ef010001000000e1f4655f000000000000000001000000000000000b0000000004000008000000d2c200001203", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000fc8e0b4946704d25a0f18393550c433b010040", 0x1f, 0x4e0}, {&(0x7f0000010200)="0000000000000000000000000000000000000000000000000000000020002000010000000000000000000000000000000000000004", 0x35, 0x540}, {&(0x7f0000010300)="0300000004", 0x5, 0x640}, {&(0x7f0000010400)="02000000030000000400000019000f000300040000000000000000000f002e69", 0x20, 0x1000}, {&(0x7f0000012600)="ed41000000100000e1f4655fe2f4655fe2f4655f000000000000040080", 0x1d, 0x4400}, {&(0x7f0000012800)="8081000000180000e1f4655fe1f4655fe1f4655f00000000000001008000000010000800000000000af301000400000000000000000000000200000030", 0x3d, 0x4800}, {&(0x7f0000012a00)="8081000000180000e1f4655fe1f4655fe1f4655f00000000000001008000000010000800000000000af301000400000000000000000000000200000040", 0x3d, 0x4c00}, {0x0}, {&(0x7f0000013900)="111fc0d901000000803a0900803a09000000000006", 0x15, 0x30000}, {0x0}, {&(0x7f0000013f00)="2719c0d901", 0x5, 0x40000}], 0x0, &(0x7f0000014a00)) 10:03:20 executing program 6: mount$9p_unix(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='./file0\x00', &(0x7f0000000080), 0x1000, &(0x7f00000000c0)={'trans=unix,', {[{@uname={'uname', 0x3d, '-$'}}, {@noextend}, {@version_9p2000}], [{@dont_hash}]}}) r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000140)='net/vlan/vlan0\x00') write$binfmt_elf32(r0, &(0x7f0000000180)={{0x7f, 0x45, 0x4c, 0x46, 0x3, 0x1, 0x12, 0x40, 0x1, 0x3, 0x6, 0x7, 0x38b, 0x38, 0x342, 0x7f, 0x5, 0x20, 0x2, 0xfff, 0x81, 0x5ae}, [{0x4, 0x9a6, 0xfffff639, 0x8, 0xffffffff, 0x22d9d2f1, 0x8, 0x800}, {0x3, 0x6847, 0x8, 0x5, 0x20, 0x101, 0x5, 0x4}], "663c93deb4d85350cc7d1bd9fe5ad5fb665fa7ea47c8707ebcf2e0f685e6b72edb73688fded8c8bd81eb88cd05daf66c64101f07d90b9960a778d8bc7698468c09d3a3243870224fbf1ddfe7a9293ad4e1b7d70fe0b74ea4683142f68c3b5eccb7215fa67cb34f234ff0b9e847fdb5637c48776170a12136f4dea84fe95f73ab2e95a11dc310905ddfc812e1b1b8675cd41fb0bc434612842717bf442808ff9f2a46a9cb53f9beaf6af0f4a3f6226e6ab3cd9b86f0e37332b2b543c71742a7ececa27446bf532b83d9db83b05128900abdc7da9ee7feae", ['\x00', '\x00']}, 0x34f) lsetxattr$trusted_overlay_opaque(&(0x7f0000000500)='./file0\x00', &(0x7f0000000540), &(0x7f0000000580), 0x2, 0x0) mount$9p_unix(&(0x7f00000005c0)='./file0\x00', &(0x7f0000000600)='./file0\x00', &(0x7f0000000640), 0x82000, &(0x7f0000000680)={'trans=unix,', {[{@debug}, {@access_user}, {@version_u}, {@noextend}, {@version_9p2000}, {@version_u}, {@loose}, {@aname={'aname', 0x3d, 'noextend'}}, {@access_user}], [{@seclabel}, {@subj_role}, {@rootcontext={'rootcontext', 0x3d, 'sysadm_u'}}, {@uid_eq={'uid', 0x3d, 0xee00}}, {@fscontext={'fscontext', 0x3d, 'staff_u'}}, {@uid_lt}, {@euid_gt={'euid>', 0xffffffffffffffff}}]}}) bind$unix(r0, &(0x7f00000007c0)=@abs={0x1, 0x0, 0xfffffffb}, 0x6e) r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000880)='net/vlan/config\x00') fsconfig$FSCONFIG_SET_FD(r1, 0x5, &(0x7f0000000840)='/]\x00', 0x0, r2) lsetxattr$security_capability(&(0x7f00000008c0)='./file0\x00', &(0x7f0000000900), &(0x7f0000000940)=@v2={0x2000000, [{0x8, 0x3}, {0x2}]}, 0x14, 0x1) creat(&(0x7f0000000980)='./file0\x00', 0x8) truncate(&(0x7f00000009c0)='./file0\x00', 0xc035) mount$9p_rdma(&(0x7f0000000a00), &(0x7f0000000a40)='./file0\x00', &(0x7f0000000a80), 0x104000, &(0x7f0000000ac0)={'trans=rdma,', {'port', 0x3d, 0x4e23}, 0x2c, {[{@timeout={'timeout', 0x3d, 0x2}}], [{@obj_role={'obj_role', 0x3d, '\''}}, {@smackfshat={'smackfshat', 0x3d, '$'}}, {@mask={'mask', 0x3d, 'MAY_WRITE'}}, {@seclabel}]}}) open_tree(r1, &(0x7f0000000b40)='./file0\x00', 0x1) connect$unix(r0, &(0x7f0000000b80)=@abs={0x0, 0x0, 0x4e23}, 0x6e) setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x30, &(0x7f0000000c00)={0x8, {{0xa, 0x4e24, 0x40, @private1={0xfc, 0x1, '\x00', 0x1}, 0x3}}, 0x1, 0x3, [{{0xa, 0x4e21, 0x8, @empty, 0x6}}, {{0xa, 0x4e20, 0x8, @empty, 0x7}}, {{0xa, 0x4e20, 0xfffffeff, @empty, 0x3}}]}, 0x210) lseek(r2, 0x5, 0x3) r3 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$VFAT_IOCTL_READDIR_SHORT(r3, 0x82307202, &(0x7f0000000e40)=[{0x0, 0x0, 0x100}, {0x0, 0x0, 0x100}]) acct(&(0x7f0000001080)='./file0\x00') [ 148.889720] EXT4-fs (loop4): unmounting filesystem. 10:03:20 executing program 4: setsockopt$IP_VS_SO_SET_DEL(0xffffffffffffffff, 0x0, 0x484, &(0x7f0000000140)={0x32, @multicast2, 0x4e21, 0x0, 'sh\x00', 0x23, 0x9, 0x40}, 0x2c) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x100000, 0x19, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000100000005000000000004000040000020000000e1f4655fe1f4655f0100ffff53ef010001000000e0f4655f000000000000000001000000000000000b0000008000000018000000c20500002b0200000000000000000000000000000000000073797a6b616c6c6572000000000000002f746d702f73797a2d696d61676567656e38373635383433343000"/192, 0xc0, 0x400}, {&(0x7f0000010100)="000000000000000000000000a4d0099b099d46eeb5a6d2ef5e9d5ded010040000c00000000000000e0f4655f00"/64, 0x40, 0x4e0}, {&(0x7f0000010200)="0100000000000500400000000000000000000000000000004700000000000000", 0x20, 0x560}, {&(0x7f0000010300)="02000000030000000400000015000f0003000400"/32, 0x20, 0x800}, {&(0x7f0000010400)="ff070000ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff0100ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff0000000000000000e0f4655fe0f4655fe0f4655f00"/4128, 0x1020, 0x1000}, {&(0x7f0000011500)="ed41000000080000e0f4655fe1f4655fe1f4655f00000000000004004000000000000800050000000af301000400000000000000000000000100000010000000", 0x40, 0x2080}, {&(0x7f0000011600)="8081000000601020e0f4655fe0f4655fe0f4655f00000000000001004000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000030000000", 0x60, 0x2300}, {&(0x7f0000011700)="c041000000400000e0f4655fe0f4655fe0f4655f00000000000002004000000000000800000000000af301000400000000000000000000000800000020000000", 0x40, 0x2500}, {&(0x7f0000011800)="ed41000000080000e1f4655fe1f4655fe1f4655f00000000000002004000000000000800030000000af301000400000000000000000000000100000050000000000000000000000000000000000000000000000000000000000000000000000000000000ba56a6e5000000000000000000000000000000000000000000000000ed8100001a040000e1f4655fe1f4655fe1f4655f00000000000001004000000000000800010000000af30100040000000000000000000000010000006000000000000000000000000000000000000000000000000000000000000000000000000000000078ce27cf000000000000000000000000000000000000000000000000ffa1000026000000e1f4655fe1f4655fe1f4655f00000000000001000000000000000000010000002f746d702f73797a2d696d61676567656e3837363538343334302f66696c65302f66696c653000000000000000000000000000000000000000000000ee3520d6000000000000000000000000000000000000000000000000ed8100000a000000e1f4655fe1f4655fe1f4655f00000000000001008000000000000800010000000af301000400000000000000000000000100000070000000000000000000000000000000000000000000000000000000000000000000000000000000070f9333800000000000000000000000000000000000000000000000ed81000028230000e1f4655fe1f4655fe1f4655f00000000000002004000000000000800010000000af301000400000000000000000000000500000090000000000000000000000000000000000000000000000000000000000000000000000000000000a9530bd8000000000000000000000000000000000000000000000000ed81000064000000e1f4655fe1f4655fe1f4655f00000000000001004000000000000800010000000af3010004000000000000000000000001000000a0000000000000000000000000000000000000000000000000000000000000000000000000000000a1aee7ad00"/768, 0x300, 0x2580}, {&(0x7f0000011b00)="020000000c0001022e000000020000000c0002022e2e00000b00000014000a026c6f73742b666f756e6400000c0000001000050266696c65300000000f0000001000050166696c6531000000100000001000050166696c6532000000100000001000050166696c6533000000110000009407090166696c652e636f6c64000000", 0x80, 0x8000}, {&(0x7f0000011c00)="0b0000000c0001022e00000002000000f40702022e2e00"/32, 0x20, 0x10000}, {&(0x7f0000011d00)='\x00\x00\x00\x00\x00\b\x00'/32, 0x20, 0x10800}, {&(0x7f0000011e00)='\x00\x00\x00\x00\x00\b\x00'/32, 0x20, 0x11000}, {&(0x7f0000011f00)='\x00\x00\x00\x00\x00\b\x00'/32, 0x20, 0x11800}, {&(0x7f0000012000)='\x00\x00\x00\x00\x00\b\x00'/32, 0x20, 0x12000}, {&(0x7f0000012100)='\x00\x00\x00\x00\x00\b\x00'/32, 0x20, 0x12800}, {&(0x7f0000012200)='\x00\x00\x00\x00\x00\b\x00'/32, 0x20, 0x13000}, {&(0x7f0000012300)='\x00\x00\x00\x00\x00\b\x00'/32, 0x20, 0x13800}, {&(0x7f0000012400)="504d4d00504d4dffe1f4655f00000000647679756b6f762d676c6170746f70320000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000006c6f6f7032390075782f746573742f73797a5f6d6f756e745f696d6167655f650500"/128, 0x80, 0x20000}, {&(0x7f0000012500)="0c0000000c0001022e000000020000000c0002022e2e00000d0000001000050166696c65300000000e000000d807050766696c653100"/64, 0x40, 0x28000}, {&(0x7f0000012600)='syzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkal\x00\x00\x00\x00\x00\x00', 0x420, 0x30000}, {&(0x7f0000012b00)='syzkallers\x00'/32, 0x20, 0x38000}, {&(0x7f0000012c00)="000002ea0100000001000000270f240c000000000000000000000000000000000601f8070000000006000000779b539778617474723100000601f00700000000060000007498539778617474723200"/96, 0x60, 0x40000}, {&(0x7f0000012d00)='\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00xattr2\x00\x00xattr1\x00\x00', 0x20, 0x407e0}, {&(0x7f0000012e00)='syzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallers\x00'/128, 0x80, 0x50000}], 0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="005aced703bcd8d01dd8196db3bc715d1217d317f7bca4aa40c3a4100402b883e05c53f9f81930f0d5c491edb90800000000000000cc9d94068479d7185e3fb82bb16403c14e3f5d0e487b867613124dcc7b441cdfeabf8e6796af8ddc7dfc08e62fe1b317f952c3be040d04aa0d8fdda809a7ac9ec6d0aee8ccb617f9dc888d13364b1d9ffd91fe"]) [ 148.960307] loop3: detected capacity change from 0 to 4096 [ 148.961193] loop4: detected capacity change from 0 to 2048 [ 148.974223] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 148.975287] ext4 filesystem being mounted at /syzkaller-testdir654405800/syzkaller.QiDQfc/2/file0 supports timestamps until 2038 (0x7fffffff) [ 149.000789] EXT4-fs (loop4): unmounting filesystem. [ 149.021749] Quota error (device loop3): v2_read_file_info: Free block number too big (0 >= 0). [ 149.027013] EXT4-fs warning (device loop3): ext4_enable_quotas:6948: Failed to enable quota tracking (type=1, err=-117). Please run e2fsck to fix. [ 149.042040] EXT4-fs (loop3): mount failed [ 149.066666] Process accounting resumed [ 149.068251] loop3: detected capacity change from 0 to 4096 [ 149.082994] Quota error (device loop3): v2_read_file_info: Free block number too big (0 >= 0). [ 149.083795] EXT4-fs warning (device loop3): ext4_enable_quotas:6948: Failed to enable quota tracking (type=1, err=-117). Please run e2fsck to fix. [ 149.086053] EXT4-fs (loop3): mount failed VM DIAGNOSIS: 10:03:21 Registers: info registers vcpu 0 RAX=0000000000000031 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff823bb0f1 RDI=ffffffff8765a9a0 RBP=ffffffff8765a960 RSP=ffff88806ce09590 R8 =0000000000000001 R9 =000000000000000a R10=0000000000000031 R11=0000000000000001 R12=0000000000000031 R13=ffffffff8765a960 R14=0000000000000010 R15=ffffffff823bb0e0 RIP=ffffffff823bb149 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 0000000000000000 00000000 00000000 GS =0000 ffff88806ce00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007fdf52990ff8 CR3=000000000f3fc000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 YMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM01=0000000000000000 0000000000000000 ffffffffffffffff ffffffffffffffff YMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM04=0000000000000000 0000000000000000 0000000000000000 00000000000000ff YMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM06=0000000000000000 0000000000000000 0000000000000000 000000524f525245 YMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM08=0000000000000000 0000000000000000 0000000000000000 00524f5252450040 YMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 RAX=0000000000015949 RBX=1ffff11008269f84 RCX=ffffc900007d1000 RDX=0000000000040000 RSI=ffffffff813bb183 RDI=0000000000000005 RBP=ffff88804134fcc8 RSP=ffff88804134fc00 R8 =0000000000000005 R9 =0000000000000000 R10=0000000000000001 R11=0000000000000001 R12=0000000000000001 R13=0000000000000000 R14=0000000000000000 R15=0000000000000200 RIP=ffffffff813bb185 RFL=00000216 [----AP-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 00007f1ad984a700 00000000 00000000 GS =0000 ffff88806cf00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=0000001b2e125000 CR3=00000000095ce000 CR4=00350ee0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 YMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM01=0000000000000000 0000000000000000 ffffffffffffffff ffffffffffffffff YMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM04=0000000000000000 0000000000000000 0000000000000000 00000000000000ff YMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM06=0000000000000000 0000000000000000 0000000000000000 000000524f525245 YMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM08=0000000000000000 0000000000000000 0000000000000000 00524f5252450040 YMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000