Warning: Permanently added '[localhost]:44351' (ECDSA) to the list of known hosts. 2022/10/06 11:04:25 fuzzer started 2022/10/06 11:04:25 dialing manager at localhost:37161 syzkaller login: [ 37.176812] cgroup: Unknown subsys name 'net' [ 37.291419] cgroup: Unknown subsys name 'rlimit' 2022/10/06 11:04:40 syscalls: 2215 2022/10/06 11:04:40 code coverage: enabled 2022/10/06 11:04:40 comparison tracing: enabled 2022/10/06 11:04:40 extra coverage: enabled 2022/10/06 11:04:40 setuid sandbox: enabled 2022/10/06 11:04:40 namespace sandbox: enabled 2022/10/06 11:04:40 Android sandbox: enabled 2022/10/06 11:04:40 fault injection: enabled 2022/10/06 11:04:40 leak checking: enabled 2022/10/06 11:04:40 net packet injection: enabled 2022/10/06 11:04:40 net device setup: enabled 2022/10/06 11:04:40 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2022/10/06 11:04:40 devlink PCI setup: PCI device 0000:00:10.0 is not available 2022/10/06 11:04:40 USB emulation: enabled 2022/10/06 11:04:40 hci packet injection: enabled 2022/10/06 11:04:40 wifi device emulation: failed to parse kernel version (6.0.0-next-20221006) 2022/10/06 11:04:40 802.15.4 emulation: enabled 2022/10/06 11:04:40 fetching corpus: 0, signal 0/2000 (executing program) 2022/10/06 11:04:40 fetching corpus: 50, signal 28292/31177 (executing program) 2022/10/06 11:04:40 fetching corpus: 100, signal 40755/44298 (executing program) 2022/10/06 11:04:40 fetching corpus: 150, signal 46138/50507 (executing program) 2022/10/06 11:04:40 fetching corpus: 200, signal 51784/56698 (executing program) 2022/10/06 11:04:40 fetching corpus: 250, signal 54498/60113 (executing program) 2022/10/06 11:04:41 fetching corpus: 300, signal 58822/64773 (executing program) 2022/10/06 11:04:41 fetching corpus: 350, signal 61343/67759 (executing program) 2022/10/06 11:04:41 fetching corpus: 400, signal 63663/70499 (executing program) 2022/10/06 11:04:41 fetching corpus: 450, signal 67057/74000 (executing program) 2022/10/06 11:04:41 fetching corpus: 500, signal 70445/77394 (executing program) 2022/10/06 11:04:41 fetching corpus: 550, signal 73540/80453 (executing program) 2022/10/06 11:04:41 fetching corpus: 600, signal 76386/83181 (executing program) 2022/10/06 11:04:42 fetching corpus: 650, signal 78193/84980 (executing program) 2022/10/06 11:04:42 fetching corpus: 700, signal 80034/86788 (executing program) 2022/10/06 11:04:42 fetching corpus: 750, signal 82282/88834 (executing program) 2022/10/06 11:04:42 fetching corpus: 800, signal 84174/90474 (executing program) 2022/10/06 11:04:42 fetching corpus: 850, signal 88153/93418 (executing program) 2022/10/06 11:04:42 fetching corpus: 900, signal 89681/94690 (executing program) 2022/10/06 11:04:42 fetching corpus: 950, signal 91239/95952 (executing program) 2022/10/06 11:04:42 fetching corpus: 1000, signal 93133/97296 (executing program) 2022/10/06 11:04:43 fetching corpus: 1050, signal 94784/98389 (executing program) 2022/10/06 11:04:43 fetching corpus: 1100, signal 96170/99380 (executing program) 2022/10/06 11:04:43 fetching corpus: 1150, signal 97741/100359 (executing program) 2022/10/06 11:04:43 fetching corpus: 1200, signal 99318/101288 (executing program) 2022/10/06 11:04:43 fetching corpus: 1250, signal 100369/101897 (executing program) 2022/10/06 11:04:43 fetching corpus: 1300, signal 101813/102642 (executing program) 2022/10/06 11:04:43 fetching corpus: 1304, signal 101899/102720 (executing program) 2022/10/06 11:04:43 fetching corpus: 1304, signal 101899/102742 (executing program) 2022/10/06 11:04:43 fetching corpus: 1304, signal 101899/102761 (executing program) 2022/10/06 11:04:43 fetching corpus: 1304, signal 101899/102797 (executing program) 2022/10/06 11:04:43 fetching corpus: 1304, signal 101899/102831 (executing program) 2022/10/06 11:04:43 fetching corpus: 1304, signal 101899/102859 (executing program) 2022/10/06 11:04:43 fetching corpus: 1304, signal 101899/102893 (executing program) 2022/10/06 11:04:43 fetching corpus: 1304, signal 101899/102920 (executing program) 2022/10/06 11:04:43 fetching corpus: 1304, signal 101899/102942 (executing program) 2022/10/06 11:04:43 fetching corpus: 1304, signal 101899/102973 (executing program) 2022/10/06 11:04:43 fetching corpus: 1304, signal 101899/103005 (executing program) 2022/10/06 11:04:43 fetching corpus: 1304, signal 101899/103038 (executing program) 2022/10/06 11:04:43 fetching corpus: 1304, signal 101899/103067 (executing program) 2022/10/06 11:04:43 fetching corpus: 1304, signal 101899/103101 (executing program) 2022/10/06 11:04:43 fetching corpus: 1304, signal 101899/103131 (executing program) 2022/10/06 11:04:43 fetching corpus: 1304, signal 101899/103157 (executing program) 2022/10/06 11:04:43 fetching corpus: 1304, signal 101899/103191 (executing program) 2022/10/06 11:04:43 fetching corpus: 1304, signal 101899/103232 (executing program) 2022/10/06 11:04:43 fetching corpus: 1304, signal 101899/103255 (executing program) 2022/10/06 11:04:43 fetching corpus: 1304, signal 101899/103281 (executing program) 2022/10/06 11:04:43 fetching corpus: 1304, signal 101899/103301 (executing program) 2022/10/06 11:04:43 fetching corpus: 1304, signal 101899/103328 (executing program) 2022/10/06 11:04:43 fetching corpus: 1304, signal 101899/103363 (executing program) 2022/10/06 11:04:43 fetching corpus: 1304, signal 101899/103386 (executing program) 2022/10/06 11:04:43 fetching corpus: 1304, signal 101899/103389 (executing program) 2022/10/06 11:04:43 fetching corpus: 1304, signal 101899/103389 (executing program) 2022/10/06 11:04:46 starting 8 fuzzer processes 11:04:46 executing program 0: flistxattr(0xffffffffffffffff, 0x0, 0x0) 11:04:46 executing program 2: waitid$P_PIDFD(0x3, 0xffffffffffffffff, 0x0, 0x4, 0x0) r0 = getpgrp(0x0) waitid(0x2, r0, &(0x7f0000000080), 0x0, 0x0) connect$bt_sco(0xffffffffffffffff, &(0x7f0000000100), 0x8) syz_open_procfs$namespace(0x0, &(0x7f0000001640)='ns/ipc\x00') socket$inet6_tcp(0xa, 0x1, 0x0) fork() mlockall(0x5) 11:04:46 executing program 1: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) getsockopt$inet6_tcp_int(r0, 0x6, 0x1b, &(0x7f0000000580), &(0x7f00000005c0)=0x4) [ 57.604726] audit: type=1400 audit(1665054286.402:6): avc: denied { execmem } for pid=283 comm="syz-executor.1" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1 11:04:46 executing program 4: r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x6, 0x10, r0, 0x0) 11:04:46 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) pwritev(r0, &(0x7f0000000080)=[{&(0x7f0000000040)="aa", 0x1}], 0x1, 0x7fffffe, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r1, &(0x7f0000000000)={0x2, 0x0, @empty}, 0x10) sendfile(r1, r0, 0x0, 0xffffffff000) 11:04:46 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x4042, 0x0) fallocate(r0, 0x3, 0x0, 0x4000) 11:04:46 executing program 6: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$netlink(r0, &(0x7f0000001480)={0x0, 0x0, &(0x7f0000001440)=[{&(0x7f0000000000)={0x2c, 0x10, 0x1, 0x0, 0x0, "", [@typed={0xc, 0x0, 0x0, 0x0, @u64=0x2}, @typed={0x4, 0x0, 0x0, 0x0, @binary}, @typed={0xc, 0x1a, 0x0, 0x0, @u64}]}, 0x2c}], 0x1}, 0x0) 11:04:46 executing program 7: r0 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) setsockopt$SO_TIMESTAMP(r0, 0x1, 0x3f, &(0x7f0000000000)=0xfffffff7, 0x4) [ 58.788151] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 58.790680] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 58.792073] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 58.802847] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 58.805735] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 58.808263] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 58.817863] Bluetooth: hci0: HCI_REQ-0x0c1a [ 58.854416] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 58.856712] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 58.864852] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 58.870315] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 58.873889] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 58.879370] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 58.884620] Bluetooth: hci1: HCI_REQ-0x0c1a [ 58.904604] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 58.906298] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 58.907840] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 58.911333] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 58.913399] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 58.915193] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 58.922728] Bluetooth: hci3: HCI_REQ-0x0c1a [ 58.933746] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 58.936084] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 58.937910] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 58.941012] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 58.942700] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 58.944108] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 58.952758] Bluetooth: hci2: HCI_REQ-0x0c1a [ 59.008860] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 59.010289] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 59.019394] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 59.020664] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 59.026845] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 59.028125] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 59.034643] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 59.035698] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 59.037391] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 59.044419] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 59.046198] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 59.048043] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 59.050430] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 59.055476] Bluetooth: hci6: HCI_REQ-0x0c1a [ 59.078495] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 59.079950] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 59.087783] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 59.090349] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 59.091654] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 59.094486] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 59.100634] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 59.105372] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 59.110714] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 59.115324] Bluetooth: hci4: HCI_REQ-0x0c1a [ 59.116609] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 59.122368] Bluetooth: hci5: HCI_REQ-0x0c1a [ 59.128159] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 59.134227] Bluetooth: hci7: HCI_REQ-0x0c1a [ 60.874297] Bluetooth: hci0: command 0x0409 tx timeout [ 60.937703] Bluetooth: hci3: command 0x0409 tx timeout [ 60.938777] Bluetooth: hci1: command 0x0409 tx timeout [ 61.001719] Bluetooth: hci2: command 0x0409 tx timeout [ 61.065713] Bluetooth: hci6: command 0x0409 tx timeout [ 61.129718] Bluetooth: hci4: command 0x0409 tx timeout [ 61.193649] Bluetooth: hci5: command 0x0409 tx timeout [ 61.194403] Bluetooth: hci7: command 0x0409 tx timeout [ 62.921627] Bluetooth: hci0: command 0x041b tx timeout [ 62.985657] Bluetooth: hci1: command 0x041b tx timeout [ 62.986359] Bluetooth: hci3: command 0x041b tx timeout [ 63.049605] Bluetooth: hci2: command 0x041b tx timeout [ 63.113771] Bluetooth: hci6: command 0x041b tx timeout [ 63.177703] Bluetooth: hci4: command 0x041b tx timeout [ 63.241673] Bluetooth: hci7: command 0x041b tx timeout [ 63.242353] Bluetooth: hci5: command 0x041b tx timeout [ 64.970585] Bluetooth: hci0: command 0x040f tx timeout [ 65.033624] Bluetooth: hci3: command 0x040f tx timeout [ 65.034008] Bluetooth: hci1: command 0x040f tx timeout [ 65.097584] Bluetooth: hci2: command 0x040f tx timeout [ 65.162579] Bluetooth: hci6: command 0x040f tx timeout [ 65.226584] Bluetooth: hci4: command 0x040f tx timeout [ 65.290583] Bluetooth: hci5: command 0x040f tx timeout [ 65.290951] Bluetooth: hci7: command 0x040f tx timeout [ 67.018616] Bluetooth: hci0: command 0x0419 tx timeout [ 67.082644] Bluetooth: hci1: command 0x0419 tx timeout [ 67.083109] Bluetooth: hci3: command 0x0419 tx timeout [ 67.145588] Bluetooth: hci2: command 0x0419 tx timeout [ 67.209610] Bluetooth: hci6: command 0x0419 tx timeout [ 67.273637] Bluetooth: hci4: command 0x0419 tx timeout [ 67.337591] Bluetooth: hci7: command 0x0419 tx timeout [ 67.338012] Bluetooth: hci5: command 0x0419 tx timeout 11:05:45 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) pwritev(r0, &(0x7f0000000080)=[{&(0x7f0000000040)="aa", 0x1}], 0x1, 0x7fffffe, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r1, &(0x7f0000000000)={0x2, 0x0, @empty}, 0x10) sendfile(r1, r0, 0x0, 0xffffffff000) 11:05:45 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) pwritev(r0, &(0x7f0000000080)=[{&(0x7f0000000040)="aa", 0x1}], 0x1, 0x7fffffe, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r1, &(0x7f0000000000)={0x2, 0x0, @empty}, 0x10) sendfile(r1, r0, 0x0, 0xffffffff000) 11:05:46 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) pwritev(r0, &(0x7f0000000080)=[{&(0x7f0000000040)="aa", 0x1}], 0x1, 0x7fffffe, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r1, &(0x7f0000000000)={0x2, 0x0, @empty}, 0x10) sendfile(r1, r0, 0x0, 0xffffffff000) 11:05:46 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) pwritev(r0, &(0x7f0000000080)=[{&(0x7f0000000040)="aa", 0x1}], 0x1, 0x7fffffe, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r1, &(0x7f0000000000)={0x2, 0x0, @empty}, 0x10) sendfile(r1, r0, 0x0, 0xffffffff000) 11:05:46 executing program 2: waitid$P_PIDFD(0x3, 0xffffffffffffffff, 0x0, 0x4, 0x0) r0 = getpgrp(0x0) waitid(0x2, r0, &(0x7f0000000080), 0x0, 0x0) connect$bt_sco(0xffffffffffffffff, &(0x7f0000000100), 0x8) syz_open_procfs$namespace(0x0, &(0x7f0000001640)='ns/ipc\x00') socket$inet6_tcp(0xa, 0x1, 0x0) fork() mlockall(0x5) 11:05:46 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) pwritev(r0, &(0x7f0000000080)=[{&(0x7f0000000040)="aa", 0x1}], 0x1, 0x7fffffe, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r1, &(0x7f0000000000)={0x2, 0x0, @empty}, 0x10) sendfile(r1, r0, 0x0, 0xffffffff000) 11:05:46 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) pwritev(r0, &(0x7f0000000080)=[{&(0x7f0000000040)="aa", 0x1}], 0x1, 0x7fffffe, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r1, &(0x7f0000000000)={0x2, 0x0, @empty}, 0x10) sendfile(r1, r0, 0x0, 0xffffffff000) 11:05:46 executing program 2: waitid$P_PIDFD(0x3, 0xffffffffffffffff, 0x0, 0x4, 0x0) r0 = getpgrp(0x0) waitid(0x2, r0, &(0x7f0000000080), 0x0, 0x0) connect$bt_sco(0xffffffffffffffff, &(0x7f0000000100), 0x8) syz_open_procfs$namespace(0x0, &(0x7f0000001640)='ns/ipc\x00') socket$inet6_tcp(0xa, 0x1, 0x0) fork() mlockall(0x5) [ 120.540008] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 120.542090] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 120.543729] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 120.547149] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 120.548968] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 120.550335] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 120.556148] Bluetooth: hci1: HCI_REQ-0x0c1a [ 120.682390] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 120.686583] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 120.688407] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 120.693762] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 120.695332] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 120.698114] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 120.704119] Bluetooth: hci6: HCI_REQ-0x0c1a [ 120.730663] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 120.733989] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 120.738885] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 120.746786] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 120.751987] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 120.755186] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 120.767933] Bluetooth: hci5: HCI_REQ-0x0c1a [ 122.505613] Bluetooth: hci0: Opcode 0x c03 failed: -110 [ 122.569613] Bluetooth: hci1: command 0x0409 tx timeout [ 122.633836] Bluetooth: hci2: Opcode 0x c03 failed: -110 [ 122.634024] Bluetooth: hci4: Opcode 0x c03 failed: -110 [ 122.761643] Bluetooth: hci6: command 0x0409 tx timeout [ 122.825715] Bluetooth: hci5: command 0x0409 tx timeout [ 124.618631] Bluetooth: hci1: command 0x041b tx timeout [ 124.748985] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 124.750884] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 124.751626] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 124.753187] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 124.754305] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 124.754991] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 124.758332] Bluetooth: hci0: HCI_REQ-0x0c1a [ 124.810677] Bluetooth: hci6: command 0x041b tx timeout [ 124.873578] Bluetooth: hci5: command 0x041b tx timeout [ 125.070923] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 125.072194] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 125.077121] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 125.083799] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 125.094264] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 125.094988] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 125.114459] Bluetooth: hci4: HCI_REQ-0x0c1a [ 126.665659] Bluetooth: hci1: command 0x040f tx timeout [ 126.793720] Bluetooth: hci0: command 0x0409 tx timeout [ 126.857819] Bluetooth: hci6: command 0x040f tx timeout [ 126.921593] Bluetooth: hci5: command 0x040f tx timeout [ 127.050044] Bluetooth: hci2: Opcode 0x c03 failed: -110 [ 127.177616] Bluetooth: hci4: command 0x0409 tx timeout [ 128.713657] Bluetooth: hci1: command 0x0419 tx timeout [ 128.843036] Bluetooth: hci0: command 0x041b tx timeout [ 128.905618] Bluetooth: hci6: command 0x0419 tx timeout [ 128.969609] Bluetooth: hci5: command 0x0419 tx timeout [ 129.225702] Bluetooth: hci4: command 0x041b tx timeout [ 130.889659] Bluetooth: hci0: command 0x040f tx timeout [ 131.273587] Bluetooth: hci4: command 0x040f tx timeout [ 131.593584] Bluetooth: hci2: Opcode 0x c03 failed: -110 [ 132.937751] Bluetooth: hci0: command 0x0419 tx timeout [ 133.322227] Bluetooth: hci4: command 0x0419 tx timeout [ 135.945579] Bluetooth: hci2: Opcode 0x c03 failed: -110 [ 138.397599] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 138.400977] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 138.406400] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 138.416649] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 138.417634] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 138.419043] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 138.425582] Bluetooth: hci2: HCI_REQ-0x0c1a [ 140.490643] Bluetooth: hci2: command 0x0409 tx timeout [ 142.538679] Bluetooth: hci2: command 0x041b tx timeout [ 144.585582] Bluetooth: hci2: command 0x040f tx timeout [ 146.634607] Bluetooth: hci2: command 0x0419 tx timeout 11:06:37 executing program 0: flistxattr(0xffffffffffffffff, 0x0, 0x0) 11:06:37 executing program 1: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) getsockopt$inet6_tcp_int(r0, 0x6, 0x1b, &(0x7f0000000580), &(0x7f00000005c0)=0x4) 11:06:37 executing program 4: r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x6, 0x10, r0, 0x0) 11:06:37 executing program 7: r0 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) setsockopt$SO_TIMESTAMP(r0, 0x1, 0x3f, &(0x7f0000000000)=0xfffffff7, 0x4) 11:06:37 executing program 6: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$netlink(r0, &(0x7f0000001480)={0x0, 0x0, &(0x7f0000001440)=[{&(0x7f0000000000)={0x2c, 0x10, 0x1, 0x0, 0x0, "", [@typed={0xc, 0x0, 0x0, 0x0, @u64=0x2}, @typed={0x4, 0x0, 0x0, 0x0, @binary}, @typed={0xc, 0x1a, 0x0, 0x0, @u64}]}, 0x2c}], 0x1}, 0x0) 11:06:37 executing program 3: waitid$P_PIDFD(0x3, 0xffffffffffffffff, 0x0, 0x4, 0x0) r0 = getpgrp(0x0) waitid(0x2, r0, &(0x7f0000000080), 0x0, 0x0) connect$bt_sco(0xffffffffffffffff, &(0x7f0000000100), 0x8) syz_open_procfs$namespace(0x0, &(0x7f0000001640)='ns/ipc\x00') socket$inet6_tcp(0xa, 0x1, 0x0) fork() mlockall(0x5) 11:06:37 executing program 2: waitid$P_PIDFD(0x3, 0xffffffffffffffff, 0x0, 0x4, 0x0) r0 = getpgrp(0x0) waitid(0x2, r0, &(0x7f0000000080), 0x0, 0x0) connect$bt_sco(0xffffffffffffffff, &(0x7f0000000100), 0x8) syz_open_procfs$namespace(0x0, &(0x7f0000001640)='ns/ipc\x00') socket$inet6_tcp(0xa, 0x1, 0x0) fork() mlockall(0x5) 11:06:37 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x4042, 0x0) fallocate(r0, 0x3, 0x0, 0x4000) 11:06:37 executing program 6: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$netlink(r0, &(0x7f0000001480)={0x0, 0x0, &(0x7f0000001440)=[{&(0x7f0000000000)={0x2c, 0x10, 0x1, 0x0, 0x0, "", [@typed={0xc, 0x0, 0x0, 0x0, @u64=0x2}, @typed={0x4, 0x0, 0x0, 0x0, @binary}, @typed={0xc, 0x1a, 0x0, 0x0, @u64}]}, 0x2c}], 0x1}, 0x0) 11:06:37 executing program 4: r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x6, 0x10, r0, 0x0) 11:06:37 executing program 0: flistxattr(0xffffffffffffffff, 0x0, 0x0) 11:06:37 executing program 1: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) getsockopt$inet6_tcp_int(r0, 0x6, 0x1b, &(0x7f0000000580), &(0x7f00000005c0)=0x4) 11:06:37 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x4042, 0x0) fallocate(r0, 0x3, 0x0, 0x4000) 11:06:37 executing program 4: r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x6, 0x10, r0, 0x0) 11:06:37 executing program 6: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$netlink(r0, &(0x7f0000001480)={0x0, 0x0, &(0x7f0000001440)=[{&(0x7f0000000000)={0x2c, 0x10, 0x1, 0x0, 0x0, "", [@typed={0xc, 0x0, 0x0, 0x0, @u64=0x2}, @typed={0x4, 0x0, 0x0, 0x0, @binary}, @typed={0xc, 0x1a, 0x0, 0x0, @u64}]}, 0x2c}], 0x1}, 0x0) 11:06:37 executing program 7: r0 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) setsockopt$SO_TIMESTAMP(r0, 0x1, 0x3f, &(0x7f0000000000)=0xfffffff7, 0x4) 11:06:37 executing program 3: waitid$P_PIDFD(0x3, 0xffffffffffffffff, 0x0, 0x4, 0x0) r0 = getpgrp(0x0) waitid(0x2, r0, &(0x7f0000000080), 0x0, 0x0) connect$bt_sco(0xffffffffffffffff, &(0x7f0000000100), 0x8) syz_open_procfs$namespace(0x0, &(0x7f0000001640)='ns/ipc\x00') socket$inet6_tcp(0xa, 0x1, 0x0) fork() mlockall(0x5) 11:06:37 executing program 2: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x4042, 0x0) fallocate(r0, 0x3, 0x0, 0x4000) 11:06:37 executing program 0: flistxattr(0xffffffffffffffff, 0x0, 0x0) 11:06:37 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x4042, 0x0) fallocate(r0, 0x3, 0x0, 0x4000) 11:06:37 executing program 4: r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x6, 0x10, r0, 0x0) 11:06:37 executing program 1: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) getsockopt$inet6_tcp_int(r0, 0x6, 0x1b, &(0x7f0000000580), &(0x7f00000005c0)=0x4) 11:06:37 executing program 7: r0 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) setsockopt$SO_TIMESTAMP(r0, 0x1, 0x3f, &(0x7f0000000000)=0xfffffff7, 0x4) 11:06:37 executing program 6: waitid$P_PIDFD(0x3, 0xffffffffffffffff, 0x0, 0x4, 0x0) r0 = getpgrp(0x0) waitid(0x2, r0, &(0x7f0000000080), 0x0, 0x0) connect$bt_sco(0xffffffffffffffff, &(0x7f0000000100), 0x8) syz_open_procfs$namespace(0x0, &(0x7f0000001640)='ns/ipc\x00') socket$inet6_tcp(0xa, 0x1, 0x0) fork() mlockall(0x5) 11:06:37 executing program 2: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x4042, 0x0) fallocate(r0, 0x3, 0x0, 0x4000) 11:06:38 executing program 4: r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x6, 0x10, r0, 0x0) 11:06:38 executing program 0: waitid$P_PIDFD(0x3, 0xffffffffffffffff, 0x0, 0x4, 0x0) r0 = getpgrp(0x0) waitid(0x2, r0, &(0x7f0000000080), 0x0, 0x0) connect$bt_sco(0xffffffffffffffff, &(0x7f0000000100), 0x8) syz_open_procfs$namespace(0x0, &(0x7f0000001640)='ns/ipc\x00') socket$inet6_tcp(0xa, 0x1, 0x0) fork() mlockall(0x5) 11:06:38 executing program 7: r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_PKTINFO(r0, 0x29, 0x32, 0x0, 0x0) 11:06:38 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) pwritev(r0, &(0x7f0000000080)=[{&(0x7f0000000040)="aa", 0x1}], 0x1, 0x7fffffe, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r1, &(0x7f0000000000)={0x2, 0x0, @empty}, 0x10) sendfile(r1, r0, 0x0, 0xffffffff000) 11:06:38 executing program 1: r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) ioctl$sock_SIOCGIFCONF(r0, 0x8912, &(0x7f0000002740)=@buf) 11:06:38 executing program 2: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x4042, 0x0) fallocate(r0, 0x3, 0x0, 0x4000) 11:06:38 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) pwritev(r0, &(0x7f0000000080)=[{&(0x7f0000000040)="aa", 0x1}], 0x1, 0x7fffffe, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r1, &(0x7f0000000000)={0x2, 0x0, @empty}, 0x10) sendfile(r1, r0, 0x0, 0xffffffff000) 11:06:38 executing program 4: r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x6, 0x10, r0, 0x0) 11:06:38 executing program 3: waitid$P_PIDFD(0x3, 0xffffffffffffffff, 0x0, 0x4, 0x0) r0 = getpgrp(0x0) waitid(0x2, r0, &(0x7f0000000080), 0x0, 0x0) connect$bt_sco(0xffffffffffffffff, &(0x7f0000000100), 0x8) syz_open_procfs$namespace(0x0, &(0x7f0000001640)='ns/ipc\x00') socket$inet6_tcp(0xa, 0x1, 0x0) fork() mlockall(0x5) 11:06:38 executing program 7: r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_PKTINFO(r0, 0x29, 0x32, 0x0, 0x0) 11:06:38 executing program 6: waitid$P_PIDFD(0x3, 0xffffffffffffffff, 0x0, 0x4, 0x0) r0 = getpgrp(0x0) waitid(0x2, r0, &(0x7f0000000080), 0x0, 0x0) connect$bt_sco(0xffffffffffffffff, &(0x7f0000000100), 0x8) syz_open_procfs$namespace(0x0, &(0x7f0000001640)='ns/ipc\x00') socket$inet6_tcp(0xa, 0x1, 0x0) fork() mlockall(0x5) 11:06:38 executing program 1: r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) ioctl$sock_SIOCGIFCONF(r0, 0x8912, &(0x7f0000002740)=@buf) 11:06:38 executing program 0: waitid$P_PIDFD(0x3, 0xffffffffffffffff, 0x0, 0x4, 0x0) r0 = getpgrp(0x0) waitid(0x2, r0, &(0x7f0000000080), 0x0, 0x0) connect$bt_sco(0xffffffffffffffff, &(0x7f0000000100), 0x8) syz_open_procfs$namespace(0x0, &(0x7f0000001640)='ns/ipc\x00') socket$inet6_tcp(0xa, 0x1, 0x0) fork() mlockall(0x5) 11:06:38 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) getsockname$netlink(r0, &(0x7f0000000240), &(0x7f0000000280)=0xc) 11:06:38 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) getsockname$netlink(r0, &(0x7f0000000240), &(0x7f0000000280)=0xc) 11:06:38 executing program 1: r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) ioctl$sock_SIOCGIFCONF(r0, 0x8912, &(0x7f0000002740)=@buf) 11:06:38 executing program 7: r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_PKTINFO(r0, 0x29, 0x32, 0x0, 0x0) 11:06:38 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) pwritev(r0, &(0x7f0000000080)=[{&(0x7f0000000040)="aa", 0x1}], 0x1, 0x7fffffe, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r1, &(0x7f0000000000)={0x2, 0x0, @empty}, 0x10) sendfile(r1, r0, 0x0, 0xffffffff000) 11:06:38 executing program 4: r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) getsockopt$bt_sco_SCO_CONNINFO(r0, 0x11, 0x2, 0x0, &(0x7f0000000180)) 11:06:38 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) getsockname$netlink(r0, &(0x7f0000000240), &(0x7f0000000280)=0xc) 11:06:38 executing program 7: r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_PKTINFO(r0, 0x29, 0x32, 0x0, 0x0) 11:06:38 executing program 1: r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) ioctl$sock_SIOCGIFCONF(r0, 0x8912, &(0x7f0000002740)=@buf) 11:06:38 executing program 6: waitid$P_PIDFD(0x3, 0xffffffffffffffff, 0x0, 0x4, 0x0) r0 = getpgrp(0x0) waitid(0x2, r0, &(0x7f0000000080), 0x0, 0x0) connect$bt_sco(0xffffffffffffffff, &(0x7f0000000100), 0x8) syz_open_procfs$namespace(0x0, &(0x7f0000001640)='ns/ipc\x00') socket$inet6_tcp(0xa, 0x1, 0x0) fork() mlockall(0x5) 11:06:39 executing program 1: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x10000, 0x8, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366cd155d00080101000240002000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010100)="f8ffff00f0ffffffff07800009a000ffffff00"/32, 0x20, 0x800}, {&(0x7f0000010200)="f8ffff00f0ffffffff07800009a000ffffff00"/32, 0x20, 0x1000}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e880325132510000e880325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100011e970325132510000e970325103000000000041660069006c00650031000f00100000ffffffffffffffffffff0000ffffffff46494c4531202020202020200011e970325132510000e970325105000a00000041660069006c00650032000f00140000ffffffffffffffffffff0000ffffffff46494c4532202020202020200011e970325132510000e970325106002823000041660069006c0065002e000f00d263006f006c0064000000ffff0000ffffffff46494c457e312020434f4c200011e970325132510000e97032510b0064000000", 0x120, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100011e970325132510000e97032510300000000002e2e202020202020202020100011e970325132510000e970325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020200011e970325132510000e970325104001a040000", 0x80, 0x2800}, {&(0x7f0000010600)='syzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkal\x00\x00\x00\x00\x00\x00', 0x420, 0x3000}, {&(0x7f0000010b00)='syzkallers\x00'/32, 0x20, 0x3800}, {&(0x7f0000010c00)='syzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallers\x00'/128, 0x80, 0x6800}], 0x0, &(0x7f0000010d00)) 11:06:39 executing program 7: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000000600)) syz_usb_connect$cdc_ncm(0x0, 0x7a, &(0x7f0000001cc0)={{0x12, 0x1, 0x0, 0x2, 0x0, 0x0, 0x0, 0x525, 0xa4a1, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x68, 0x2, 0x1, 0x0, 0x0, 0x0, {{0x9, 0x4, 0x0, 0x0, 0x1, 0x2, 0xd, 0x0, 0x0, {{0x5}, {0x5, 0x24, 0x0, 0x3ff}, {0xd, 0x24, 0xf, 0x1, 0x0, 0x0, 0x1}, {0x6, 0x24, 0x1a, 0x3, 0xc}, [@dmm={0x7}, @call_mgmt={0x5, 0x24, 0x1, 0x3}]}, {{0x9, 0x5, 0x81, 0x3, 0x200, 0x0, 0x3e, 0x6}}}, {}, {0x9, 0x4, 0x1, 0x1, 0x2, 0x2, 0xd, 0x0, 0x0, "", {{{0x9, 0x5, 0x82, 0x2, 0x8, 0x1f, 0x1e}}, {{0x9, 0x5, 0x3, 0x2, 0x40, 0x0, 0x1}}}}}}}]}}, &(0x7f00000021c0)={0xa, &(0x7f0000001d80)={0xa, 0x6, 0x250, 0x3c}, 0x0, 0x0, 0x5, [{0x0, 0x0}, {0x2, &(0x7f0000001f80)=@string={0x2}}, {0x0, 0x0}, {0x2, &(0x7f0000002000)=@string={0x2}}, {0x0, 0x0}]}) 11:06:39 executing program 5: syz_open_procfs(0xffffffffffffffff, &(0x7f0000000e40)='fdinfo/4\x00') 11:06:39 executing program 4: r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) getsockopt$bt_sco_SCO_CONNINFO(r0, 0x11, 0x2, 0x0, &(0x7f0000000180)) 11:06:39 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) getsockname$netlink(r0, &(0x7f0000000240), &(0x7f0000000280)=0xc) 11:06:39 executing program 0: waitid$P_PIDFD(0x3, 0xffffffffffffffff, 0x0, 0x4, 0x0) r0 = getpgrp(0x0) waitid(0x2, r0, &(0x7f0000000080), 0x0, 0x0) connect$bt_sco(0xffffffffffffffff, &(0x7f0000000100), 0x8) syz_open_procfs$namespace(0x0, &(0x7f0000001640)='ns/ipc\x00') socket$inet6_tcp(0xa, 0x1, 0x0) fork() mlockall(0x5) [ 170.264119] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 170.278177] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 170.280982] loop1: detected capacity change from 0 to 128 11:06:39 executing program 5: syz_open_procfs(0xffffffffffffffff, &(0x7f0000000e40)='fdinfo/4\x00') 11:06:39 executing program 6: syz_mount_image$nfs4(&(0x7f00000001c0), &(0x7f0000000200)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000380)={[{}]}) 11:06:39 executing program 0: modify_ldt$write(0x1, &(0x7f0000000280)={0x0, 0x1000, 0x2000, 0x1}, 0x10) 11:06:39 executing program 4: r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) getsockopt$bt_sco_SCO_CONNINFO(r0, 0x11, 0x2, 0x0, &(0x7f0000000180)) 11:06:39 executing program 6: r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$inet_MCAST_MSFILTER(r0, 0x0, 0x30, &(0x7f0000000680)={0x0, {{0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}}}, 0x90) 11:06:39 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) ioctl$sock_SIOCADDRT(r0, 0x8911, &(0x7f0000000180)={0x0, @isdn, @ethernet, @l2={0x1f, 0x0, @none}}) 11:06:39 executing program 3: r0 = fsopen(&(0x7f0000000040)='ext4\x00', 0x0) r1 = fsopen(&(0x7f00000000c0)='cgroup2\x00', 0x0) fsconfig$FSCONFIG_SET_FD(r0, 0x5, &(0x7f0000000080)='\x00', 0x0, r1) 11:06:39 executing program 7: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000000600)) syz_usb_connect$cdc_ncm(0x0, 0x7a, &(0x7f0000001cc0)={{0x12, 0x1, 0x0, 0x2, 0x0, 0x0, 0x0, 0x525, 0xa4a1, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x68, 0x2, 0x1, 0x0, 0x0, 0x0, {{0x9, 0x4, 0x0, 0x0, 0x1, 0x2, 0xd, 0x0, 0x0, {{0x5}, {0x5, 0x24, 0x0, 0x3ff}, {0xd, 0x24, 0xf, 0x1, 0x0, 0x0, 0x1}, {0x6, 0x24, 0x1a, 0x3, 0xc}, [@dmm={0x7}, @call_mgmt={0x5, 0x24, 0x1, 0x3}]}, {{0x9, 0x5, 0x81, 0x3, 0x200, 0x0, 0x3e, 0x6}}}, {}, {0x9, 0x4, 0x1, 0x1, 0x2, 0x2, 0xd, 0x0, 0x0, "", {{{0x9, 0x5, 0x82, 0x2, 0x8, 0x1f, 0x1e}}, {{0x9, 0x5, 0x3, 0x2, 0x40, 0x0, 0x1}}}}}}}]}}, &(0x7f00000021c0)={0xa, &(0x7f0000001d80)={0xa, 0x6, 0x250, 0x3c}, 0x0, 0x0, 0x5, [{0x0, 0x0}, {0x2, &(0x7f0000001f80)=@string={0x2}}, {0x0, 0x0}, {0x2, &(0x7f0000002000)=@string={0x2}}, {0x0, 0x0}]}) 11:06:39 executing program 5: syz_open_procfs(0xffffffffffffffff, &(0x7f0000000e40)='fdinfo/4\x00') 11:06:39 executing program 1: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x10000, 0x8, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366cd155d00080101000240002000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010100)="f8ffff00f0ffffffff07800009a000ffffff00"/32, 0x20, 0x800}, {&(0x7f0000010200)="f8ffff00f0ffffffff07800009a000ffffff00"/32, 0x20, 0x1000}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e880325132510000e880325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100011e970325132510000e970325103000000000041660069006c00650031000f00100000ffffffffffffffffffff0000ffffffff46494c4531202020202020200011e970325132510000e970325105000a00000041660069006c00650032000f00140000ffffffffffffffffffff0000ffffffff46494c4532202020202020200011e970325132510000e970325106002823000041660069006c0065002e000f00d263006f006c0064000000ffff0000ffffffff46494c457e312020434f4c200011e970325132510000e97032510b0064000000", 0x120, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100011e970325132510000e97032510300000000002e2e202020202020202020100011e970325132510000e970325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020200011e970325132510000e970325104001a040000", 0x80, 0x2800}, {&(0x7f0000010600)='syzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkal\x00\x00\x00\x00\x00\x00', 0x420, 0x3000}, {&(0x7f0000010b00)='syzkallers\x00'/32, 0x20, 0x3800}, {&(0x7f0000010c00)='syzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallers\x00'/128, 0x80, 0x6800}], 0x0, &(0x7f0000010d00)) [ 170.883790] loop1: detected capacity change from 0 to 128 [ 170.921975] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 170.930021] misc raw-gadget: fail, usb_gadget_register_driver returned -16 11:06:39 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) ioctl$sock_SIOCADDRT(r0, 0x8911, &(0x7f0000000180)={0x0, @isdn, @ethernet, @l2={0x1f, 0x0, @none}}) 11:06:39 executing program 0: r0 = perf_event_open$cgroup(&(0x7f00000000c0)={0x2, 0x80, 0x48, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) syz_open_procfs(0x0, 0x0) close(r0) 11:06:39 executing program 6: r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$inet_MCAST_MSFILTER(r0, 0x0, 0x30, &(0x7f0000000680)={0x0, {{0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}}}, 0x90) 11:06:39 executing program 4: r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) getsockopt$bt_sco_SCO_CONNINFO(r0, 0x11, 0x2, 0x0, &(0x7f0000000180)) 11:06:39 executing program 5: syz_open_procfs(0xffffffffffffffff, &(0x7f0000000e40)='fdinfo/4\x00') 11:06:39 executing program 3: r0 = fsopen(&(0x7f0000000040)='ext4\x00', 0x0) r1 = fsopen(&(0x7f00000000c0)='cgroup2\x00', 0x0) fsconfig$FSCONFIG_SET_FD(r0, 0x5, &(0x7f0000000080)='\x00', 0x0, r1) 11:06:39 executing program 1: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x10000, 0x8, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366cd155d00080101000240002000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010100)="f8ffff00f0ffffffff07800009a000ffffff00"/32, 0x20, 0x800}, {&(0x7f0000010200)="f8ffff00f0ffffffff07800009a000ffffff00"/32, 0x20, 0x1000}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e880325132510000e880325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100011e970325132510000e970325103000000000041660069006c00650031000f00100000ffffffffffffffffffff0000ffffffff46494c4531202020202020200011e970325132510000e970325105000a00000041660069006c00650032000f00140000ffffffffffffffffffff0000ffffffff46494c4532202020202020200011e970325132510000e970325106002823000041660069006c0065002e000f00d263006f006c0064000000ffff0000ffffffff46494c457e312020434f4c200011e970325132510000e97032510b0064000000", 0x120, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100011e970325132510000e97032510300000000002e2e202020202020202020100011e970325132510000e970325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020200011e970325132510000e970325104001a040000", 0x80, 0x2800}, {&(0x7f0000010600)='syzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkal\x00\x00\x00\x00\x00\x00', 0x420, 0x3000}, {&(0x7f0000010b00)='syzkallers\x00'/32, 0x20, 0x3800}, {&(0x7f0000010c00)='syzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallers\x00'/128, 0x80, 0x6800}], 0x0, &(0x7f0000010d00)) [ 171.021317] audit: type=1400 audit(1665054399.819:7): avc: denied { open } for pid=6802 comm="syz-executor.0" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 [ 171.023328] audit: type=1400 audit(1665054399.819:8): avc: denied { kernel } for pid=6802 comm="syz-executor.0" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 [ 171.102393] loop1: detected capacity change from 0 to 128 11:06:40 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) ioctl$sock_SIOCADDRT(r0, 0x8911, &(0x7f0000000180)={0x0, @isdn, @ethernet, @l2={0x1f, 0x0, @none}}) 11:06:40 executing program 6: r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$inet_MCAST_MSFILTER(r0, 0x0, 0x30, &(0x7f0000000680)={0x0, {{0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}}}, 0x90) 11:06:40 executing program 3: r0 = fsopen(&(0x7f0000000040)='ext4\x00', 0x0) r1 = fsopen(&(0x7f00000000c0)='cgroup2\x00', 0x0) fsconfig$FSCONFIG_SET_FD(r0, 0x5, &(0x7f0000000080)='\x00', 0x0, r1) 11:06:40 executing program 4: r0 = add_key(&(0x7f0000000000)='user\x00', &(0x7f0000000040)={'syz', 0x1}, &(0x7f0000000080)="cc", 0x1, 0xfffffffffffffffc) keyctl$revoke(0x3, r0) add_key(&(0x7f0000001880)='user\x00', &(0x7f00000018c0)={'syz', 0x0}, &(0x7f0000001900)="e7", 0x1, 0xfffffffffffffffe) add_key(&(0x7f00000019c0)='blacklist\x00', 0x0, 0x0, 0x0, r0) 11:06:40 executing program 0: r0 = perf_event_open$cgroup(&(0x7f00000000c0)={0x2, 0x80, 0x48, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) syz_open_procfs(0x0, 0x0) close(r0) 11:06:40 executing program 5: r0 = perf_event_open$cgroup(&(0x7f00000000c0)={0x2, 0x80, 0x48, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) syz_open_procfs(0x0, 0x0) close(r0) 11:06:40 executing program 7: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000000600)) syz_usb_connect$cdc_ncm(0x0, 0x7a, &(0x7f0000001cc0)={{0x12, 0x1, 0x0, 0x2, 0x0, 0x0, 0x0, 0x525, 0xa4a1, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x68, 0x2, 0x1, 0x0, 0x0, 0x0, {{0x9, 0x4, 0x0, 0x0, 0x1, 0x2, 0xd, 0x0, 0x0, {{0x5}, {0x5, 0x24, 0x0, 0x3ff}, {0xd, 0x24, 0xf, 0x1, 0x0, 0x0, 0x1}, {0x6, 0x24, 0x1a, 0x3, 0xc}, [@dmm={0x7}, @call_mgmt={0x5, 0x24, 0x1, 0x3}]}, {{0x9, 0x5, 0x81, 0x3, 0x200, 0x0, 0x3e, 0x6}}}, {}, {0x9, 0x4, 0x1, 0x1, 0x2, 0x2, 0xd, 0x0, 0x0, "", {{{0x9, 0x5, 0x82, 0x2, 0x8, 0x1f, 0x1e}}, {{0x9, 0x5, 0x3, 0x2, 0x40, 0x0, 0x1}}}}}}}]}}, &(0x7f00000021c0)={0xa, &(0x7f0000001d80)={0xa, 0x6, 0x250, 0x3c}, 0x0, 0x0, 0x5, [{0x0, 0x0}, {0x2, &(0x7f0000001f80)=@string={0x2}}, {0x0, 0x0}, {0x2, &(0x7f0000002000)=@string={0x2}}, {0x0, 0x0}]}) 11:06:40 executing program 1: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x10000, 0x8, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366cd155d00080101000240002000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010100)="f8ffff00f0ffffffff07800009a000ffffff00"/32, 0x20, 0x800}, {&(0x7f0000010200)="f8ffff00f0ffffffff07800009a000ffffff00"/32, 0x20, 0x1000}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e880325132510000e880325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100011e970325132510000e970325103000000000041660069006c00650031000f00100000ffffffffffffffffffff0000ffffffff46494c4531202020202020200011e970325132510000e970325105000a00000041660069006c00650032000f00140000ffffffffffffffffffff0000ffffffff46494c4532202020202020200011e970325132510000e970325106002823000041660069006c0065002e000f00d263006f006c0064000000ffff0000ffffffff46494c457e312020434f4c200011e970325132510000e97032510b0064000000", 0x120, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100011e970325132510000e97032510300000000002e2e202020202020202020100011e970325132510000e970325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020200011e970325132510000e970325104001a040000", 0x80, 0x2800}, {&(0x7f0000010600)='syzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkal\x00\x00\x00\x00\x00\x00', 0x420, 0x3000}, {&(0x7f0000010b00)='syzkallers\x00'/32, 0x20, 0x3800}, {&(0x7f0000010c00)='syzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallers\x00'/128, 0x80, 0x6800}], 0x0, &(0x7f0000010d00)) [ 171.496397] ------------[ cut here ]------------ [ 171.497194] WARNING: CPU: 0 PID: 3931 at kernel/events/core.c:2233 event_filter_match+0x422/0x660 [ 171.498220] Modules linked in: [ 171.498609] CPU: 0 PID: 3931 Comm: syz-executor.4 Not tainted 6.0.0-next-20221006 #1 [ 171.499514] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 171.504469] RIP: 0010:event_filter_match+0x422/0x660 [ 171.505074] Code: 00 00 00 e9 7c fc ff ff e8 4b 2a f1 ff 65 8b 2d 10 83 ad 7e 31 ff 89 ee e8 eb 26 f1 ff 85 ed 0f 84 ef 00 00 00 e8 2e 2a f1 ff <0f> 0b eb 9f e8 25 9f 23 00 e9 17 fc ff ff e8 1b 2a f1 ff 48 8d 7b [ 171.507128] RSP: 0018:ffff88806ce09c70 EFLAGS: 00010046 [ 171.507754] RAX: 0000000080010003 RBX: ffff88803f5d0000 RCX: 0000000000000000 [ 171.508567] RDX: ffff88800f949ac0 RSI: ffffffff8154f2c2 RDI: 0000000000000005 [ 171.509390] RBP: 0000000000000000 R08: 0000000000000005 R09: 0000000000000001 [ 171.510220] R10: 0000000000000000 R11: ffffffff865b601b R12: ffff88803f5d0220 [ 171.511054] R13: 0000000000000000 R14: ffff88803f5d00a8 R15: ffff88803f5d0220 [ 171.511895] FS: 0000555556583400(0000) GS:ffff88806ce00000(0000) knlGS:0000000000000000 [ 171.512823] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 171.513502] CR2: 00007ffd97493d28 CR3: 000000003d4b2000 CR4: 0000000000350ef0 [ 171.514316] Call Trace: [ 171.514632] [ 171.514907] merge_sched_in+0x107/0x1110 [ 171.515410] visit_groups_merge.constprop.0.isra.0+0x4fc/0xef0 [ 171.516141] ? merge_sched_in+0x1110/0x1110 [ 171.516663] ? lock_is_held_type+0xd7/0x130 [ 171.517196] ctx_sched_in+0x2e6/0x770 [ 171.517655] ? lock_acquire+0x1b2/0x530 [ 171.518138] ? visit_groups_merge.constprop.0.isra.0+0xef0/0xef0 [ 171.518856] ? lock_is_held_type+0xd7/0x130 [ 171.519390] perf_event_sched_in+0x75/0x80 [ 171.519895] ctx_resched+0x1ce/0x390 [ 171.520354] __perf_install_in_context+0x285/0x9c0 [ 171.520936] ? ctx_resched+0x390/0x390 [ 171.521403] remote_function+0x125/0x1b0 [ 171.521888] __flush_smp_call_function_queue+0x1df/0x5a0 [ 171.522530] ? perf_duration_warn+0x40/0x40 [ 171.523051] __sysvec_call_function_single+0x92/0x3a0 [ 171.523681] sysvec_call_function_single+0x89/0xc0 [ 171.524261] [ 171.524532] [ 171.524812] asm_sysvec_call_function_single+0x16/0x20 [ 171.525438] RIP: 0010:__sanitizer_cov_trace_pc+0xd/0x70 [ 171.526060] Code: a8 01 00 00 e8 b4 ff ff ff 31 c0 e9 5d 1e 1a 03 66 66 2e 0f 1f 84 00 00 00 00 00 66 90 65 8b 05 89 51 bc 7e 89 c1 48 8b 34 24 <81> e1 00 01 00 00 65 48 8b 14 25 c0 6e 02 00 a9 00 01 ff 00 74 0e [ 171.528133] RSP: 0018:ffff88802b5ef738 EFLAGS: 00000246 [ 171.528760] RAX: 0000000080000002 RBX: 800000002d4c2007 RCX: 0000000080000002 [ 171.529580] RDX: ffff88800f949ac0 RSI: ffffffff816a44a7 RDI: 0000000000000007 [ 171.530397] RBP: ffff888030b9fb50 R08: 0000000000000007 R09: 0000000000000000 [ 171.531240] R10: 0000000000000000 R11: 0000000000000001 R12: 0000000000000018 [ 171.532075] R13: dffffc0000000000 R14: ffffea0000b53080 R15: 0000000000000000 [ 171.532919] ? copy_page_range+0x1117/0x4270 [ 171.533469] copy_page_range+0x1117/0x4270 [ 171.534044] ? vm_iomap_memory+0x190/0x190 [ 171.534554] ? mas_empty_area_rev+0x12d0/0x12d0 [ 171.535131] ? up_write+0x1ac/0x520 [ 171.535587] dup_mmap+0xa4a/0xfc0 [ 171.536034] ? replace_mm_exe_file+0x4b0/0x4b0 [ 171.536584] ? do_raw_spin_unlock+0x4f/0x220 [ 171.537127] ? lockdep_init_map_type+0x21a/0x7e0 [ 171.537708] ? __init_rwsem+0x129/0x1b0 [ 171.538202] dup_mm+0x91/0x380 [ 171.538603] copy_process+0x6ac6/0x6e20 [ 171.539075] ? lock_is_held_type+0xd7/0x130 [ 171.539638] ? __cleanup_sighand+0xb0/0xb0 [ 171.540152] ? _raw_spin_unlock+0x24/0x40 [ 171.540649] ? do_wp_page+0x1a1/0x2050 [ 171.541135] kernel_clone+0xe7/0x890 [ 171.541583] ? create_io_thread+0xf0/0xf0 [ 171.542085] ? lock_is_held_type+0xd7/0x130 [ 171.542609] ? lock_is_held_type+0xd7/0x130 [ 171.543128] ? find_held_lock+0x2c/0x110 [ 171.543633] ? lock_release+0x3b2/0x750 [ 171.544123] __do_sys_clone+0xba/0x100 [ 171.544585] ? __do_sys_vfork+0xc0/0xc0 [ 171.545090] ? syscall_enter_from_user_mode+0x1d/0x50 [ 171.545718] ? syscall_enter_from_user_mode+0x1d/0x50 [ 171.546336] do_syscall_64+0x3b/0x90 [ 171.546792] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 171.547407] RIP: 0033:0x7f1e27b7e10b [ 171.547866] Code: ed 0f 85 60 01 00 00 64 4c 8b 0c 25 10 00 00 00 45 31 c0 4d 8d 91 d0 02 00 00 31 d2 31 f6 bf 11 00 20 01 b8 38 00 00 00 0f 05 <48> 3d 00 f0 ff ff 0f 87 89 00 00 00 41 89 c5 85 c0 0f 85 90 00 00 [ 171.549969] RSP: 002b:00007ffd0bf36080 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 171.550848] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f1e27b7e10b [ 171.551684] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011 [ 171.552506] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000555556583400 [ 171.553337] R10: 00005555565836d0 R11: 0000000000000246 R12: 0000000000000001 [ 171.554166] R13: 0000000000000001 R14: 0000000000000001 R15: 00007ffd0bf36160 [ 171.555027] [ 171.555312] irq event stamp: 172198 [ 171.555749] hardirqs last enabled at (172197): [] mod_objcg_state+0x3ab/0x9e0 [ 171.556772] hardirqs last disabled at (172198): [] sysvec_call_function_single+0xb/0xc0 [ 171.557873] softirqs last enabled at (172090): [] __irq_exit_rcu+0x11b/0x180 [ 171.558890] softirqs last disabled at (172083): [] __irq_exit_rcu+0x11b/0x180 [ 171.559930] ---[ end trace 0000000000000000 ]--- [ 171.560525] ------------[ cut here ]------------ [ 171.561062] WARNING: CPU: 0 PID: 3931 at kernel/events/core.c:2557 merge_sched_in+0xadb/0x1110 [ 171.562073] Modules linked in: [ 171.562472] CPU: 0 PID: 3931 Comm: syz-executor.4 Tainted: G W 6.0.0-next-20221006 #1 [ 171.563544] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 171.564507] RIP: 0010:merge_sched_in+0xadb/0x1110 [ 171.565088] Code: ff ff e8 d8 04 ef ff 65 8b 05 9d 5d ab 7e 31 ff 89 c6 89 04 24 e8 75 01 ef ff 8b 04 24 85 c0 0f 84 13 02 00 00 e8 b5 04 ef ff <0f> 0b e9 c4 fb ff ff e8 a9 04 ef ff 4c 89 e8 48 05 18 01 00 00 e9 [ 171.567196] RSP: 0018:ffff88806ce09cb0 EFLAGS: 00010046 [ 171.567814] RAX: 0000000080010003 RBX: ffff88806ce3d2c0 RCX: 0000000000000000 [ 171.568625] RDX: ffff88800f949ac0 RSI: ffffffff8157183b RDI: 0000000000000005 [ 171.569453] RBP: ffff88803f5d0000 R08: 0000000000000005 R09: 0000000000000001 [ 171.570285] R10: 0000000000000000 R11: ffffffff865b601b R12: ffff88806ce3d2c0 [ 171.571116] R13: ffff88806ce00000 R14: ffff88803f5d00a8 R15: ffff88803f5d0220 [ 171.571979] FS: 0000555556583400(0000) GS:ffff88806ce00000(0000) knlGS:0000000000000000 [ 171.572916] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 171.573599] CR2: 00007ffd97493d28 CR3: 000000003d4b2000 CR4: 0000000000350ef0 [ 171.574425] Call Trace: [ 171.574732] [ 171.575015] visit_groups_merge.constprop.0.isra.0+0x4fc/0xef0 [ 171.575737] ? merge_sched_in+0x1110/0x1110 [ 171.576261] ? lock_is_held_type+0xd7/0x130 [ 171.576788] ctx_sched_in+0x2e6/0x770 [ 171.577246] ? lock_acquire+0x1b2/0x530 [ 171.577730] ? visit_groups_merge.constprop.0.isra.0+0xef0/0xef0 [ 171.578449] ? lock_is_held_type+0xd7/0x130 [ 171.578986] perf_event_sched_in+0x75/0x80 [ 171.579505] ctx_resched+0x1ce/0x390 [ 171.579957] __perf_install_in_context+0x285/0x9c0 [ 171.580542] ? ctx_resched+0x390/0x390 [ 171.581016] remote_function+0x125/0x1b0 [ 171.581512] __flush_smp_call_function_queue+0x1df/0x5a0 [ 171.582153] ? perf_duration_warn+0x40/0x40 [ 171.582686] __sysvec_call_function_single+0x92/0x3a0 [ 171.583314] sysvec_call_function_single+0x89/0xc0 [ 171.583922] [ 171.584207] [ 171.584490] asm_sysvec_call_function_single+0x16/0x20 [ 171.585123] RIP: 0010:__sanitizer_cov_trace_pc+0xd/0x70 [ 171.585769] Code: a8 01 00 00 e8 b4 ff ff ff 31 c0 e9 5d 1e 1a 03 66 66 2e 0f 1f 84 00 00 00 00 00 66 90 65 8b 05 89 51 bc 7e 89 c1 48 8b 34 24 <81> e1 00 01 00 00 65 48 8b 14 25 c0 6e 02 00 a9 00 01 ff 00 74 0e [ 171.587921] RSP: 0018:ffff88802b5ef738 EFLAGS: 00000246 [ 171.588552] RAX: 0000000080000002 RBX: 800000002d4c2007 RCX: 0000000080000002 [ 171.589395] RDX: ffff88800f949ac0 RSI: ffffffff816a44a7 RDI: 0000000000000007 [ 171.590214] RBP: ffff888030b9fb50 R08: 0000000000000007 R09: 0000000000000000 [ 171.591028] R10: 0000000000000000 R11: 0000000000000001 R12: 0000000000000018 [ 171.591801] R13: dffffc0000000000 R14: ffffea0000b53080 R15: 0000000000000000 [ 171.592580] ? copy_page_range+0x1117/0x4270 [ 171.593088] copy_page_range+0x1117/0x4270 [ 171.593623] ? vm_iomap_memory+0x190/0x190 [ 171.594102] ? mas_empty_area_rev+0x12d0/0x12d0 [ 171.594634] ? up_write+0x1ac/0x520 [ 171.595057] dup_mmap+0xa4a/0xfc0 [ 171.595471] ? replace_mm_exe_file+0x4b0/0x4b0 [ 171.595984] ? do_raw_spin_unlock+0x4f/0x220 [ 171.596501] ? lockdep_init_map_type+0x21a/0x7e0 [ 171.597047] ? __init_rwsem+0x129/0x1b0 [ 171.597502] dup_mm+0x91/0x380 [ 171.597873] copy_process+0x6ac6/0x6e20 [ 171.598318] ? lock_is_held_type+0xd7/0x130 [ 171.598824] ? __cleanup_sighand+0xb0/0xb0 [ 171.599301] ? _raw_spin_unlock+0x24/0x40 [ 171.599779] ? do_wp_page+0x1a1/0x2050 [ 171.600233] kernel_clone+0xe7/0x890 [ 171.600656] ? create_io_thread+0xf0/0xf0 [ 171.601114] ? lock_is_held_type+0xd7/0x130 [ 171.601601] ? lock_is_held_type+0xd7/0x130 [ 171.602079] ? find_held_lock+0x2c/0x110 [ 171.602541] ? lock_release+0x3b2/0x750 [ 171.602999] __do_sys_clone+0xba/0x100 [ 171.603447] ? __do_sys_vfork+0xc0/0xc0 [ 171.603917] ? syscall_enter_from_user_mode+0x1d/0x50 [ 171.604485] ? syscall_enter_from_user_mode+0x1d/0x50 [ 171.605066] do_syscall_64+0x3b/0x90 [ 171.605489] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 171.606058] RIP: 0033:0x7f1e27b7e10b [ 171.606474] Code: ed 0f 85 60 01 00 00 64 4c 8b 0c 25 10 00 00 00 45 31 c0 4d 8d 91 d0 02 00 00 31 d2 31 f6 bf 11 00 20 01 b8 38 00 00 00 0f 05 <48> 3d 00 f0 ff ff 0f 87 89 00 00 00 41 89 c5 85 c0 0f 85 90 00 00 [ 171.608406] RSP: 002b:00007ffd0bf36080 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 171.609220] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f1e27b7e10b [ 171.609993] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011 [ 171.610761] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000555556583400 [ 171.611545] R10: 00005555565836d0 R11: 0000000000000246 R12: 0000000000000001 [ 171.612309] R13: 0000000000000001 R14: 0000000000000001 R15: 00007ffd0bf36160 [ 171.613106] [ 171.613374] irq event stamp: 172198 [ 171.613770] hardirqs last enabled at (172197): [] mod_objcg_state+0x3ab/0x9e0 [ 171.614723] hardirqs last disabled at (172198): [] sysvec_call_function_single+0xb/0xc0 [ 171.615749] softirqs last enabled at (172090): [] __irq_exit_rcu+0x11b/0x180 [ 171.616683] softirqs last disabled at (172083): [] __irq_exit_rcu+0x11b/0x180 [ 171.617620] ---[ end trace 0000000000000000 ]--- [ 171.636325] ------------[ cut here ]------------ [ 171.636875] WARNING: CPU: 0 PID: 4086 at kernel/events/core.c:2309 group_sched_out.part.0+0x2c7/0x460 [ 171.637947] Modules linked in: [ 171.638332] CPU: 0 PID: 4086 Comm: syz-executor.7 Tainted: G W 6.0.0-next-20221006 #1 [ 171.639374] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 171.640317] RIP: 0010:group_sched_out.part.0+0x2c7/0x460 [ 171.640963] Code: 5e 41 5f e9 5b a5 ef ff e8 56 a5 ef ff 65 8b 1d 1b fe ab 7e 31 ff 89 de e8 f6 a1 ef ff 85 db 0f 84 8a 00 00 00 e8 39 a5 ef ff <0f> 0b e9 a5 fe ff ff e8 2d a5 ef ff 48 8d 7d 10 48 b8 00 00 00 00 [ 171.643037] RSP: 0018:ffff88806ce09e48 EFLAGS: 00010046 [ 171.643679] RAX: 0000000080010001 RBX: 0000000000000000 RCX: 0000000000000000 [ 171.644503] RDX: ffff888018349ac0 RSI: ffffffff815677b7 RDI: 0000000000000005 [ 171.645326] RBP: ffff88803f5d0000 R08: 0000000000000005 R09: 0000000000000001 [ 171.646155] R10: 0000000000000000 R11: ffffffff865b601b R12: ffff88806ce3d2c0 [ 171.646983] R13: ffff88806ce3d2c0 R14: ffffffff8547d360 R15: 0000000000000002 [ 171.647809] FS: 00005555556af400(0000) GS:ffff88806ce00000(0000) knlGS:0000000000000000 [ 171.648734] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 171.649408] CR2: 00007f9edc2421a0 CR3: 000000001ac66000 CR4: 0000000000350ef0 [ 171.650233] Call Trace: [ 171.650543] [ 171.650813] ctx_sched_out+0x8f1/0xc10 [ 171.651307] ctx_resched+0x2f3/0x390 [ 171.651765] __perf_install_in_context+0x285/0x9c0 [ 171.652345] ? ctx_resched+0x390/0x390 [ 171.652801] remote_function+0x125/0x1b0 [ 171.653294] __flush_smp_call_function_queue+0x1df/0x5a0 [ 171.653920] ? perf_duration_warn+0x40/0x40 [ 171.654434] __sysvec_call_function_single+0x92/0x3a0 [ 171.655037] sysvec_call_function_single+0x89/0xc0 [ 171.655622] [ 171.655890] [ 171.656160] asm_sysvec_call_function_single+0x16/0x20 [ 171.656769] RIP: 0010:__sanitizer_cov_trace_const_cmp1+0x0/0x20 [ 171.657460] Code: 1f 84 00 00 00 00 00 0f 1f 00 48 8b 0c 24 48 89 f2 48 89 fe bf 06 00 00 00 e9 fc fe ff ff 66 66 2e 0f 1f 84 00 00 00 00 00 90 <48> 8b 0c 24 40 0f b6 d6 40 0f b6 f7 bf 01 00 00 00 e9 da fe ff ff [ 171.659504] RSP: 0018:ffff88803c2c77d8 EFLAGS: 00000246 [ 171.660124] RAX: 0000000000000001 RBX: 0000000000000001 RCX: 1ffffffff0a1e714 [ 171.660932] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000 [ 171.661752] RBP: 0000000000000001 R08: 0000000000000001 R09: 0000000000000000 [ 171.662555] R10: 0000000000000001 R11: 0000000000000001 R12: 0000000000000000 [ 171.663356] R13: 0000000000000000 R14: ffffffff8544dd08 R15: 0000000000000000 [ 171.664210] __is_insn_slot_addr+0x11a/0x250 [ 171.664741] kernel_text_address+0x57/0xb0 [ 171.665237] __kernel_text_address+0x9/0x40 [ 171.665749] unwind_get_return_address+0x55/0xa0 [ 171.666305] ? write_profile+0x3a0/0x3a0 [ 171.666797] arch_stack_walk+0x99/0xf0 [ 171.667294] stack_trace_save+0x8c/0xc0 [ 171.667775] ? filter_irq_stacks+0x90/0x90 [ 171.668280] ? lock_release+0x3b2/0x750 [ 171.668747] ? get_partial_node.part.0+0x1ed/0x3c0 [ 171.669323] kasan_save_stack+0x1e/0x40 [ 171.669802] ? kasan_save_stack+0x1e/0x40 [ 171.670298] ? kasan_set_track+0x21/0x30 [ 171.670781] ? __kasan_slab_alloc+0x58/0x70 [ 171.671288] ? kmem_cache_alloc+0x1a9/0x3e0 [ 171.671819] ? __create_object+0x3d/0xc10 [ 171.672295] ? kmem_cache_alloc+0x235/0x3e0 [ 171.672805] ? security_file_alloc+0x34/0x170 [ 171.673330] ? __alloc_file+0xb6/0x240 [ 171.673797] ? alloc_empty_file+0x6d/0x170 [ 171.674292] ? alloc_file+0x59/0x800 [ 171.674743] ? alloc_file_pseudo+0x16a/0x250 [ 171.675289] ? sock_alloc_file+0x4f/0x1a0 [ 171.675789] ? __sys_socket+0x1a8/0x250 [ 171.676247] ? __x64_sys_socket+0x6f/0xb0 [ 171.676727] ? do_syscall_64+0x3b/0x90 [ 171.677178] ? entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 171.677796] ? lock_release+0x3b2/0x750 [ 171.678265] ? ___slab_alloc+0x847/0x1080 [ 171.678756] ? lock_downgrade+0x6d0/0x6d0 [ 171.679264] ? ___slab_alloc+0x86e/0x1080 [ 171.679757] ? ___slab_alloc+0x86e/0x1080 [ 171.680247] ? lockdep_hardirqs_on+0x79/0x100 [ 171.680774] ? ___slab_alloc+0x86e/0x1080 [ 171.681258] ? __create_object+0x3d/0xc10 [ 171.681749] ? lock_release+0x3b2/0x750 [ 171.682240] kasan_set_track+0x21/0x30 [ 171.682696] __kasan_slab_alloc+0x58/0x70 [ 171.683191] kmem_cache_alloc+0x1a9/0x3e0 [ 171.683699] __create_object+0x3d/0xc10 [ 171.684160] ? kasan_set_track+0x21/0x30 [ 171.684654] kmem_cache_alloc+0x235/0x3e0 [ 171.685147] security_file_alloc+0x34/0x170 [ 171.685656] __alloc_file+0xb6/0x240 [ 171.686106] alloc_empty_file+0x6d/0x170 [ 171.686590] alloc_file+0x59/0x800 [ 171.687029] alloc_file_pseudo+0x16a/0x250 [ 171.687543] ? alloc_file+0x800/0x800 [ 171.688003] ? alloc_fd+0x2d8/0x6e0 [ 171.688451] sock_alloc_file+0x4f/0x1a0 [ 171.688935] __sys_socket+0x1a8/0x250 [ 171.689386] ? __sys_socket_file+0x1f0/0x1f0 [ 171.689906] ? syscall_enter_from_user_mode+0x1d/0x50 [ 171.690522] __x64_sys_socket+0x6f/0xb0 [ 171.690989] ? syscall_enter_from_user_mode+0x1d/0x50 [ 171.691592] do_syscall_64+0x3b/0x90 [ 171.692027] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 171.692624] RIP: 0033:0x7fc62e7a2197 [ 171.693056] Code: f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 b8 29 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 171.695101] RSP: 002b:00007ffd97494eb8 EFLAGS: 00000206 ORIG_RAX: 0000000000000029 [ 171.695977] RAX: ffffffffffffffda RBX: 00007ffd974955f0 RCX: 00007fc62e7a2197 [ 171.696787] RDX: 0000000000000006 RSI: 0000000000000001 RDI: 0000000000000002 [ 171.697590] RBP: 0000000000000003 R08: 0000000000000000 R09: 00007ffd97495400 [ 171.698390] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000032 [ 171.699193] R13: 0000000000000000 R14: 0000000000000002 R15: 00007ffd97495630 [ 171.700045] [ 171.700325] irq event stamp: 196646 [ 171.700750] hardirqs last enabled at (196645): [] ___slab_alloc+0x86e/0x1080 [ 171.701731] hardirqs last disabled at (196646): [] sysvec_call_function_single+0xb/0xc0 [ 171.702795] softirqs last enabled at (196514): [] tcp_close+0x38/0xc0 [ 171.703726] softirqs last disabled at (196512): [] release_sock+0x1b/0x1b0 [ 171.704697] ---[ end trace 0000000000000000 ]--- [ 171.714088] loop1: detected capacity change from 0 to 128 11:06:40 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) ioctl$sock_SIOCADDRT(r0, 0x8911, &(0x7f0000000180)={0x0, @isdn, @ethernet, @l2={0x1f, 0x0, @none}}) 11:06:40 executing program 6: r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$inet_MCAST_MSFILTER(r0, 0x0, 0x30, &(0x7f0000000680)={0x0, {{0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}}}, 0x90) 11:06:40 executing program 3: r0 = fsopen(&(0x7f0000000040)='ext4\x00', 0x0) r1 = fsopen(&(0x7f00000000c0)='cgroup2\x00', 0x0) fsconfig$FSCONFIG_SET_FD(r0, 0x5, &(0x7f0000000080)='\x00', 0x0, r1) 11:06:40 executing program 2: r0 = perf_event_open$cgroup(&(0x7f00000000c0)={0x2, 0x80, 0x48, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) syz_open_procfs(0x0, 0x0) close(r0) [ 171.823931] ------------[ cut here ]------------ [ 171.824486] WARNING: CPU: 0 PID: 6836 at kernel/events/core.c:2047 perf_group_detach+0x99e/0x12f0 [ 171.825476] Modules linked in: [ 171.825847] CPU: 0 PID: 6836 Comm: syz-executor.6 Tainted: G W 6.0.0-next-20221006 #1 [ 171.826840] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 171.827754] RIP: 0010:perf_group_detach+0x99e/0x12f0 [ 171.828317] Code: 85 d5 f8 ff ff e8 82 45 ee ff 65 44 8b 25 46 9e aa 7e 31 ff 44 89 e6 e8 20 42 ee ff 45 85 e4 0f 84 0a 05 00 00 e8 62 45 ee ff <0f> 0b e9 a9 f8 ff ff e8 56 45 ee ff 65 8b 1d 1b 9e aa 7e 31 ff 89 [ 171.830272] RSP: 0018:ffff88806ce09e60 EFLAGS: 00010046 [ 171.830899] RAX: 0000000080010002 RBX: ffff88803f5d0b90 RCX: 0000000000000000 [ 171.831685] RDX: ffff88801800d040 RSI: ffffffff8157d78e RDI: 0000000000000005 [ 171.832461] RBP: ffff88803f5d0b90 R08: 0000000000000005 R09: 0000000000000001 [ 171.833232] R10: 0000000000000000 R11: ffffffff865b601b R12: 0000000000000000 [ 171.834011] R13: ffff88803f5d0c20 R14: ffff88806ce3d2c0 R15: ffff88803f5d0b90 [ 171.834792] FS: 0000000000000000(0000) GS:ffff88806ce00000(0000) knlGS:0000000000000000 [ 171.835687] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 171.836314] CR2: 0000555555a00c98 CR3: 000000003d2fc000 CR4: 0000000000350ef0 [ 171.837086] Call Trace: [ 171.837378] [ 171.837634] ? perf_event_idx_default+0x10/0x10 [ 171.838166] ? event_sched_out+0x71c/0xcd0 [ 171.838656] __perf_remove_from_context+0x71e/0xb20 [ 171.839219] event_function+0x297/0x3d0 [ 171.839677] ? perf_output_sample_regs+0x150/0x150 [ 171.840241] remote_function+0x125/0x1b0 [ 171.840714] __flush_smp_call_function_queue+0x1df/0x5a0 [ 171.841321] ? perf_duration_warn+0x40/0x40 [ 171.841834] __sysvec_call_function_single+0x92/0x3a0 [ 171.842428] sysvec_call_function_single+0x89/0xc0 [ 171.842986] [ 171.843258] [ 171.843524] asm_sysvec_call_function_single+0x16/0x20 [ 171.844120] RIP: 0010:lock_acquire+0x1f5/0x530 [ 171.844658] Code: 24 08 00 74 01 fb 48 b8 00 00 00 00 00 fc ff df 48 01 c3 48 c7 03 00 00 00 00 48 c7 43 08 00 00 00 00 48 8b 84 24 a8 00 00 00 <65> 48 2b 04 25 28 00 00 00 0f 85 bb 02 00 00 48 81 c4 b0 00 00 00 [ 171.846649] RSP: 0018:ffff88803dff74d0 EFLAGS: 00000286 [ 171.847261] RAX: 8b9bfc62a297a200 RBX: ffffed1007bfee9c RCX: 0000000036b7dc38 [ 171.848079] RDX: 1ffff11003001b36 RSI: 0000000000000001 RDI: 0000000000000000 [ 171.848880] RBP: 0000000000000000 R08: 0000000000000000 R09: ffffffff86cd57c7 [ 171.849686] R10: fffffbfff0d9aaf8 R11: 0000000000000001 R12: 0000000000000002 [ 171.850488] R13: 0000000000000000 R14: ffffffff85407520 R15: 0000000000000000 [ 171.851341] ? lock_release+0x750/0x750 [ 171.851813] ? lock_is_held_type+0xd7/0x130 [ 171.852300] ? find_held_lock+0x2c/0x110 [ 171.852796] ? lock_release+0x3b2/0x750 [ 171.853262] ? unlock_page_memcg+0xbe/0x230 [ 171.853766] ? lock_downgrade+0x6d0/0x6d0 [ 171.854262] folio_memcg_lock+0x3a/0x4a0 [ 171.854723] ? mem_cgroup_get_oom_group+0x340/0x340 [ 171.855297] ? __pte_alloc_kernel+0x1c0/0x1c0 [ 171.855847] page_remove_rmap+0x1e/0x490 [ 171.856346] unmap_page_range+0x1c26/0x2a10 [ 171.856887] ? vm_normal_page+0x2e0/0x2e0 [ 171.857366] ? mas_find+0x209/0xdd0 [ 171.857782] ? uprobe_munmap+0x1c/0x560 [ 171.858248] unmap_single_vma+0x190/0x380 [ 171.858752] unmap_vmas+0x21e/0x370 [ 171.859188] ? unmap_mapping_range+0x280/0x280 [ 171.859754] ? find_held_lock+0x2c/0x110 [ 171.860245] ? lock_downgrade+0x6d0/0x6d0 [ 171.860750] exit_mmap+0x154/0x680 [ 171.861176] ? __ia32_sys_remap_file_pages+0x150/0x150 [ 171.861826] ? delayed_uprobe_remove+0x27/0x230 [ 171.862374] mmput+0xd1/0x390 [ 171.862775] do_exit+0xa2e/0x27f0 [ 171.863182] ? lock_release+0x3b2/0x750 [ 171.863642] ? get_signal+0x88b/0x22d0 [ 171.864118] ? mm_update_next_owner+0x7e0/0x7e0 [ 171.864651] ? lock_is_held_type+0xd7/0x130 [ 171.865159] do_group_exit+0xd0/0x2a0 [ 171.865627] get_signal+0x2195/0x22d0 [ 171.866073] ? wake_up_q+0x8b/0xf0 [ 171.866504] ? exit_signals+0x8b0/0x8b0 [ 171.866990] arch_do_signal_or_restart+0x89/0x1be0 [ 171.867569] ? do_futex+0x136/0x380 [ 171.867991] ? __ia32_compat_sys_get_robust_list+0x3b0/0x3b0 [ 171.868648] ? get_sigframe_size+0x10/0x10 [ 171.869140] ? __x64_sys_futex+0x1c6/0x4d0 [ 171.869612] ? __x64_sys_futex_time32+0x480/0x480 [ 171.870143] ? exit_to_user_mode_prepare+0x109/0x1a0 [ 171.870732] exit_to_user_mode_prepare+0x131/0x1a0 [ 171.871277] syscall_exit_to_user_mode+0x19/0x40 [ 171.871814] do_syscall_64+0x48/0x90 [ 171.872259] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 171.872847] RIP: 0033:0x7efdbb536b19 [ 171.873267] Code: Unable to access opcode bytes at 0x7efdbb536aef. [ 171.873940] RSP: 002b:00007efdb8aac218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 171.874792] RAX: fffffffffffffe00 RBX: 00007efdbb649f68 RCX: 00007efdbb536b19 [ 171.875586] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007efdbb649f68 [ 171.876371] RBP: 00007efdbb649f60 R08: 0000000000000000 R09: 0000000000000000 [ 171.877143] R10: 0000000000000000 R11: 0000000000000246 R12: 00007efdbb649f6c [ 171.877923] R13: 00007ffdf6c6df8f R14: 00007efdb8aac300 R15: 0000000000022000 [ 171.878728] [ 171.878999] irq event stamp: 472 [ 171.879371] hardirqs last enabled at (471): [] _raw_spin_unlock_irqrestore+0x28/0x60 [ 171.880396] hardirqs last disabled at (472): [] sysvec_call_function_single+0xb/0xc0 [ 171.881414] softirqs last enabled at (466): [] __irq_exit_rcu+0x11b/0x180 [ 171.882350] softirqs last disabled at (461): [] __irq_exit_rcu+0x11b/0x180 [ 171.883280] ---[ end trace 0000000000000000 ]--- [ 171.883859] ------------[ cut here ]------------ [ 171.884386] WARNING: CPU: 0 PID: 6836 at kernel/events/core.c:2183 perf_group_detach+0x9c7/0x12f0 [ 171.885355] Modules linked in: [ 171.885731] CPU: 0 PID: 6836 Comm: syz-executor.6 Tainted: G W 6.0.0-next-20221006 #1 [ 171.886722] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 171.887657] RIP: 0010:perf_group_detach+0x9c7/0x12f0 [ 171.888225] Code: ff 0f 0b e9 a9 f8 ff ff e8 56 45 ee ff 65 8b 1d 1b 9e aa 7e 31 ff 89 de e8 f6 41 ee ff 85 db 0f 84 86 04 00 00 e8 39 45 ee ff <0f> 0b e9 0e fa ff ff e8 2d 45 ee ff 48 8b 7c 24 20 48 81 c7 f8 00 [ 171.890173] RSP: 0018:ffff88806ce09e60 EFLAGS: 00010046 [ 171.890777] RAX: 0000000080010002 RBX: 0000000000000000 RCX: 0000000000000000 [ 171.891559] RDX: ffff88801800d040 RSI: ffffffff8157d7b7 RDI: 0000000000000005 [ 171.892330] RBP: ffff88803f5d0b90 R08: 0000000000000005 R09: 0000000000000001 [ 171.893110] R10: 0000000000000000 R11: ffffffff865b601b R12: ffff88803f5d0b90 [ 171.893909] R13: ffff88803f5d0b90 R14: ffff88806ce3d2c0 R15: ffff88803f5d0b90 [ 171.894673] FS: 0000000000000000(0000) GS:ffff88806ce00000(0000) knlGS:0000000000000000 [ 171.895548] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 171.896197] CR2: 0000555555a00c98 CR3: 000000003d2fc000 CR4: 0000000000350ef0 [ 171.896981] Call Trace: [ 171.897267] [ 171.897511] ? perf_event_idx_default+0x10/0x10 [ 171.898045] ? event_sched_out+0x71c/0xcd0 [ 171.898532] __perf_remove_from_context+0x71e/0xb20 [ 171.899109] event_function+0x297/0x3d0 [ 171.899573] ? perf_output_sample_regs+0x150/0x150 [ 171.900123] remote_function+0x125/0x1b0 [ 171.900579] __flush_smp_call_function_queue+0x1df/0x5a0 [ 171.901181] ? perf_duration_warn+0x40/0x40 [ 171.901685] __sysvec_call_function_single+0x92/0x3a0 [ 171.902273] sysvec_call_function_single+0x89/0xc0 [ 171.902826] [ 171.903100] [ 171.903358] asm_sysvec_call_function_single+0x16/0x20 [ 171.903966] RIP: 0010:lock_acquire+0x1f5/0x530 [ 171.904488] Code: 24 08 00 74 01 fb 48 b8 00 00 00 00 00 fc ff df 48 01 c3 48 c7 03 00 00 00 00 48 c7 43 08 00 00 00 00 48 8b 84 24 a8 00 00 00 <65> 48 2b 04 25 28 00 00 00 0f 85 bb 02 00 00 48 81 c4 b0 00 00 00 [ 171.906394] RSP: 0018:ffff88803dff74d0 EFLAGS: 00000286 [ 171.906973] RAX: 8b9bfc62a297a200 RBX: ffffed1007bfee9c RCX: 0000000036b7dc38 [ 171.907744] RDX: 1ffff11003001b36 RSI: 0000000000000001 RDI: 0000000000000000 [ 171.908537] RBP: 0000000000000000 R08: 0000000000000000 R09: ffffffff86cd57c7 [ 171.909331] R10: fffffbfff0d9aaf8 R11: 0000000000000001 R12: 0000000000000002 [ 171.910118] R13: 0000000000000000 R14: ffffffff85407520 R15: 0000000000000000 [ 171.910925] ? lock_release+0x750/0x750 [ 171.911370] ? lock_is_held_type+0xd7/0x130 [ 171.911865] ? find_held_lock+0x2c/0x110 [ 171.912342] ? lock_release+0x3b2/0x750 [ 171.912800] ? unlock_page_memcg+0xbe/0x230 [ 171.913275] ? lock_downgrade+0x6d0/0x6d0 [ 171.913745] folio_memcg_lock+0x3a/0x4a0 [ 171.914208] ? mem_cgroup_get_oom_group+0x340/0x340 [ 171.914766] ? __pte_alloc_kernel+0x1c0/0x1c0 [ 171.915312] page_remove_rmap+0x1e/0x490 [ 171.915802] unmap_page_range+0x1c26/0x2a10 [ 171.916310] ? vm_normal_page+0x2e0/0x2e0 [ 171.916766] ? mas_find+0x209/0xdd0 [ 171.917170] ? uprobe_munmap+0x1c/0x560 [ 171.917614] unmap_single_vma+0x190/0x380 [ 171.918073] unmap_vmas+0x21e/0x370 [ 171.918481] ? unmap_mapping_range+0x280/0x280 [ 171.918992] ? find_held_lock+0x2c/0x110 [ 171.919460] ? lock_downgrade+0x6d0/0x6d0 [ 171.919951] exit_mmap+0x154/0x680 [ 171.920349] ? __ia32_sys_remap_file_pages+0x150/0x150 [ 171.920945] ? delayed_uprobe_remove+0x27/0x230 [ 171.921456] mmput+0xd1/0x390 [ 171.921819] do_exit+0xa2e/0x27f0 [ 171.922216] ? lock_release+0x3b2/0x750 [ 171.922649] ? get_signal+0x88b/0x22d0 [ 171.923080] ? mm_update_next_owner+0x7e0/0x7e0 [ 171.923598] ? lock_is_held_type+0xd7/0x130 [ 171.924075] do_group_exit+0xd0/0x2a0 [ 171.924498] get_signal+0x2195/0x22d0 [ 171.924909] ? wake_up_q+0x8b/0xf0 [ 171.925322] ? exit_signals+0x8b0/0x8b0 [ 171.925782] arch_do_signal_or_restart+0x89/0x1be0 [ 171.926329] ? do_futex+0x136/0x380 [ 171.926733] ? __ia32_compat_sys_get_robust_list+0x3b0/0x3b0 [ 171.927379] ? get_sigframe_size+0x10/0x10 [ 171.927876] ? __x64_sys_futex+0x1c6/0x4d0 [ 171.928331] ? __x64_sys_futex_time32+0x480/0x480 [ 171.928850] ? exit_to_user_mode_prepare+0x109/0x1a0 [ 171.929411] exit_to_user_mode_prepare+0x131/0x1a0 [ 171.929957] syscall_exit_to_user_mode+0x19/0x40 [ 171.930480] do_syscall_64+0x48/0x90 [ 171.930889] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 171.931469] RIP: 0033:0x7efdbb536b19 [ 171.931891] Code: Unable to access opcode bytes at 0x7efdbb536aef. [ 171.932554] RSP: 002b:00007efdb8aac218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 171.933366] RAX: fffffffffffffe00 RBX: 00007efdbb649f68 RCX: 00007efdbb536b19 [ 171.934128] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007efdbb649f68 [ 171.934867] RBP: 00007efdbb649f60 R08: 0000000000000000 R09: 0000000000000000 [ 171.935607] R10: 0000000000000000 R11: 0000000000000246 R12: 00007efdbb649f6c [ 171.936349] R13: 00007ffdf6c6df8f R14: 00007efdb8aac300 R15: 0000000000022000 [ 171.937117] [ 171.937377] irq event stamp: 472 [ 171.937735] hardirqs last enabled at (471): [] _raw_spin_unlock_irqrestore+0x28/0x60 [ 171.938710] hardirqs last disabled at (472): [] sysvec_call_function_single+0xb/0xc0 [ 171.939705] softirqs last enabled at (466): [] __irq_exit_rcu+0x11b/0x180 [ 171.940636] softirqs last disabled at (461): [] __irq_exit_rcu+0x11b/0x180 [ 171.941561] ---[ end trace 0000000000000000 ]--- [ 171.942128] ------------[ cut here ]------------ [ 171.942637] WARNING: CPU: 0 PID: 6836 at kernel/events/core.c:655 perf_event_update_sibling_time+0xd5/0x4d0 [ 171.943722] Modules linked in: [ 171.944081] CPU: 0 PID: 6836 Comm: syz-executor.6 Tainted: G W 6.0.0-next-20221006 #1 [ 171.945066] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 171.945952] RIP: 0010:perf_event_update_sibling_time+0xd5/0x4d0 [ 171.946608] Code: 5e 41 5f e9 dd e6 f0 ff e8 d8 e6 f0 ff 65 8b 1d 9d 3f ad 7e 31 ff 89 de e8 78 e3 f0 ff 85 db 0f 84 d3 02 00 00 e8 bb e6 f0 ff <0f> 0b eb 97 e8 b2 e6 f0 ff 48 8d 7d 10 48 b8 00 00 00 00 00 fc ff [ 171.948563] RSP: 0018:ffff88806ce09e58 EFLAGS: 00010046 [ 171.949144] RAX: 0000000080010002 RBX: 0000000000000000 RCX: 0000000000000000 [ 171.949902] RDX: ffff88801800d040 RSI: ffffffff81553635 RDI: 0000000000000005 [ 171.950664] RBP: ffff88803f5d0b90 R08: 0000000000000005 R09: 0000000000000001 [ 171.951427] R10: 0000000000000000 R11: ffffffff865b601b R12: 0000000000000000 [ 171.952174] R13: ffff88803f5d0c38 R14: ffff88803f5d05f8 R15: 0000000000000001 [ 171.952911] FS: 0000000000000000(0000) GS:ffff88806ce00000(0000) knlGS:0000000000000000 [ 171.953734] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 171.954349] CR2: 0000555555a00c98 CR3: 000000003d2fc000 CR4: 0000000000350ef0 [ 171.955085] Call Trace: [ 171.955361] [ 171.955609] ? lock_is_held_type+0xd7/0x130 [ 171.956065] ? perf_event_update_time+0x285/0x380 [ 171.956580] list_del_event+0x524/0x860 [ 171.957006] __perf_remove_from_context+0xd2/0xb20 [ 171.957510] event_function+0x297/0x3d0 [ 171.957945] ? perf_output_sample_regs+0x150/0x150 [ 171.958458] remote_function+0x125/0x1b0 [ 171.958890] __flush_smp_call_function_queue+0x1df/0x5a0 [ 171.959437] ? perf_duration_warn+0x40/0x40 [ 171.959913] __sysvec_call_function_single+0x92/0x3a0 [ 171.960472] sysvec_call_function_single+0x89/0xc0 [ 171.960998] [ 171.961247] [ 171.961495] asm_sysvec_call_function_single+0x16/0x20 [ 171.962048] RIP: 0010:lock_acquire+0x1f5/0x530 [ 171.962559] Code: 24 08 00 74 01 fb 48 b8 00 00 00 00 00 fc ff df 48 01 c3 48 c7 03 00 00 00 00 48 c7 43 08 00 00 00 00 48 8b 84 24 a8 00 00 00 <65> 48 2b 04 25 28 00 00 00 0f 85 bb 02 00 00 48 81 c4 b0 00 00 00 [ 171.964463] RSP: 0018:ffff88803dff74d0 EFLAGS: 00000286 [ 171.965035] RAX: 8b9bfc62a297a200 RBX: ffffed1007bfee9c RCX: 0000000036b7dc38 [ 171.965789] RDX: 1ffff11003001b36 RSI: 0000000000000001 RDI: 0000000000000000 [ 171.966550] RBP: 0000000000000000 R08: 0000000000000000 R09: ffffffff86cd57c7 [ 171.967309] R10: fffffbfff0d9aaf8 R11: 0000000000000001 R12: 0000000000000002 [ 171.968077] R13: 0000000000000000 R14: ffffffff85407520 R15: 0000000000000000 [ 171.968854] ? lock_release+0x750/0x750 [ 171.969285] ? lock_is_held_type+0xd7/0x130 [ 171.969745] ? find_held_lock+0x2c/0x110 [ 171.970188] ? lock_release+0x3b2/0x750 [ 171.970617] ? unlock_page_memcg+0xbe/0x230 [ 171.971076] ? lock_downgrade+0x6d0/0x6d0 [ 171.971537] folio_memcg_lock+0x3a/0x4a0 [ 171.971970] ? mem_cgroup_get_oom_group+0x340/0x340 [ 171.972499] ? __pte_alloc_kernel+0x1c0/0x1c0 [ 171.972996] page_remove_rmap+0x1e/0x490 [ 171.973437] unmap_page_range+0x1c26/0x2a10 [ 171.973936] ? vm_normal_page+0x2e0/0x2e0 [ 171.974387] ? mas_find+0x209/0xdd0 [ 171.974780] ? uprobe_munmap+0x1c/0x560 [ 171.975212] unmap_single_vma+0x190/0x380 [ 171.975680] unmap_vmas+0x21e/0x370 [ 171.976085] ? unmap_mapping_range+0x280/0x280 [ 171.976575] ? find_held_lock+0x2c/0x110 [ 171.977019] ? lock_downgrade+0x6d0/0x6d0 [ 171.977489] exit_mmap+0x154/0x680 [ 171.977881] ? __ia32_sys_remap_file_pages+0x150/0x150 [ 171.978453] ? delayed_uprobe_remove+0x27/0x230 [ 171.978956] mmput+0xd1/0x390 [ 171.979303] do_exit+0xa2e/0x27f0 [ 171.979697] ? lock_release+0x3b2/0x750 [ 171.980127] ? get_signal+0x88b/0x22d0 [ 171.980541] ? mm_update_next_owner+0x7e0/0x7e0 [ 171.981043] ? lock_is_held_type+0xd7/0x130 [ 171.981501] do_group_exit+0xd0/0x2a0 [ 171.981913] get_signal+0x2195/0x22d0 [ 171.982325] ? wake_up_q+0x8b/0xf0 [ 171.982719] ? exit_signals+0x8b0/0x8b0 [ 171.983164] arch_do_signal_or_restart+0x89/0x1be0 [ 171.983689] ? do_futex+0x136/0x380 [ 171.984076] ? __ia32_compat_sys_get_robust_list+0x3b0/0x3b0 [ 171.984671] ? get_sigframe_size+0x10/0x10 [ 171.985123] ? __x64_sys_futex+0x1c6/0x4d0 [ 171.985571] ? __x64_sys_futex_time32+0x480/0x480 [ 171.986076] ? exit_to_user_mode_prepare+0x109/0x1a0 [ 171.986611] exit_to_user_mode_prepare+0x131/0x1a0 [ 171.987122] syscall_exit_to_user_mode+0x19/0x40 [ 171.987632] do_syscall_64+0x48/0x90 [ 171.988024] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 171.988559] RIP: 0033:0x7efdbb536b19 [ 171.988945] Code: Unable to access opcode bytes at 0x7efdbb536aef. [ 171.989577] RSP: 002b:00007efdb8aac218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 171.990348] RAX: fffffffffffffe00 RBX: 00007efdbb649f68 RCX: 00007efdbb536b19 [ 171.991070] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007efdbb649f68 [ 171.991804] RBP: 00007efdbb649f60 R08: 0000000000000000 R09: 0000000000000000 [ 171.992532] R10: 0000000000000000 R11: 0000000000000246 R12: 00007efdbb649f6c [ 171.993252] R13: 00007ffdf6c6df8f R14: 00007efdb8aac300 R15: 0000000000022000 [ 171.993997] [ 171.994250] irq event stamp: 472 [ 171.994600] hardirqs last enabled at (471): [] _raw_spin_unlock_irqrestore+0x28/0x60 [ 171.995566] hardirqs last disabled at (472): [] sysvec_call_function_single+0xb/0xc0 [ 171.996503] softirqs last enabled at (466): [] __irq_exit_rcu+0x11b/0x180 [ 171.997374] softirqs last disabled at (461): [] __irq_exit_rcu+0x11b/0x180 [ 171.998234] ---[ end trace 0000000000000000 ]--- 11:06:40 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000740), r0) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$IEEE802154_ASSOCIATE_REQ(r2, &(0x7f0000001480)={&(0x7f0000001380), 0xc, &(0x7f0000001440)={&(0x7f00000013c0)={0x1c, r1, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_CHANNEL={0x5}]}, 0x1c}}, 0x0) 11:06:40 executing program 5: r0 = perf_event_open$cgroup(&(0x7f00000000c0)={0x2, 0x80, 0x48, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) syz_open_procfs(0x0, 0x0) close(r0) [ 172.083434] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 172.085134] misc raw-gadget: fail, usb_gadget_register_driver returned -16 11:06:40 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000740), r0) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$IEEE802154_ASSOCIATE_REQ(r2, &(0x7f0000001480)={&(0x7f0000001380), 0xc, &(0x7f0000001440)={&(0x7f00000013c0)={0x1c, r1, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_CHANNEL={0x5}]}, 0x1c}}, 0x0) 11:06:40 executing program 0: r0 = perf_event_open$cgroup(&(0x7f00000000c0)={0x2, 0x80, 0x48, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) syz_open_procfs(0x0, 0x0) close(r0) 11:06:40 executing program 5: r0 = perf_event_open$cgroup(&(0x7f00000000c0)={0x2, 0x80, 0x48, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) syz_open_procfs(0x0, 0x0) close(r0) 11:06:40 executing program 0: r0 = perf_event_open$cgroup(&(0x7f00000000c0)={0x2, 0x80, 0x48, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) syz_open_procfs(0x0, 0x0) close(r0) 11:06:41 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000740), r0) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$IEEE802154_ASSOCIATE_REQ(r2, &(0x7f0000001480)={&(0x7f0000001380), 0xc, &(0x7f0000001440)={&(0x7f00000013c0)={0x1c, r1, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_CHANNEL={0x5}]}, 0x1c}}, 0x0) 11:06:41 executing program 4: r0 = add_key(&(0x7f0000000000)='user\x00', &(0x7f0000000040)={'syz', 0x1}, &(0x7f0000000080)="cc", 0x1, 0xfffffffffffffffc) keyctl$revoke(0x3, r0) add_key(&(0x7f0000001880)='user\x00', &(0x7f00000018c0)={'syz', 0x0}, &(0x7f0000001900)="e7", 0x1, 0xfffffffffffffffe) add_key(&(0x7f00000019c0)='blacklist\x00', 0x0, 0x0, 0x0, r0) 11:06:41 executing program 1: r0 = add_key(&(0x7f0000000000)='user\x00', &(0x7f0000000040)={'syz', 0x1}, &(0x7f0000000080)="cc", 0x1, 0xfffffffffffffffc) keyctl$revoke(0x3, r0) add_key(&(0x7f0000001880)='user\x00', &(0x7f00000018c0)={'syz', 0x0}, &(0x7f0000001900)="e7", 0x1, 0xfffffffffffffffe) add_key(&(0x7f00000019c0)='blacklist\x00', 0x0, 0x0, 0x0, r0) 11:06:41 executing program 2: r0 = perf_event_open$cgroup(&(0x7f00000000c0)={0x2, 0x80, 0x48, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) syz_open_procfs(0x0, 0x0) close(r0) 11:06:41 executing program 4: r0 = add_key(&(0x7f0000000000)='user\x00', &(0x7f0000000040)={'syz', 0x1}, &(0x7f0000000080)="cc", 0x1, 0xfffffffffffffffc) keyctl$revoke(0x3, r0) add_key(&(0x7f0000001880)='user\x00', &(0x7f00000018c0)={'syz', 0x0}, &(0x7f0000001900)="e7", 0x1, 0xfffffffffffffffe) add_key(&(0x7f00000019c0)='blacklist\x00', 0x0, 0x0, 0x0, r0) 11:06:41 executing program 5: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000740), r0) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$IEEE802154_ASSOCIATE_REQ(r2, &(0x7f0000001480)={&(0x7f0000001380), 0xc, &(0x7f0000001440)={&(0x7f00000013c0)={0x1c, r1, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_CHANNEL={0x5}]}, 0x1c}}, 0x0) 11:06:41 executing program 1: r0 = add_key(&(0x7f0000000000)='user\x00', &(0x7f0000000040)={'syz', 0x1}, &(0x7f0000000080)="cc", 0x1, 0xfffffffffffffffc) keyctl$revoke(0x3, r0) add_key(&(0x7f0000001880)='user\x00', &(0x7f00000018c0)={'syz', 0x0}, &(0x7f0000001900)="e7", 0x1, 0xfffffffffffffffe) add_key(&(0x7f00000019c0)='blacklist\x00', 0x0, 0x0, 0x0, r0) 11:06:41 executing program 2: r0 = perf_event_open$cgroup(&(0x7f00000000c0)={0x2, 0x80, 0x48, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) syz_open_procfs(0x0, 0x0) close(r0) 11:06:41 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000740), r0) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$IEEE802154_ASSOCIATE_REQ(r2, &(0x7f0000001480)={&(0x7f0000001380), 0xc, &(0x7f0000001440)={&(0x7f00000013c0)={0x1c, r1, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_CHANNEL={0x5}]}, 0x1c}}, 0x0) 11:06:41 executing program 0: mount$9p_fd(0x0, 0x0, 0x0, 0x0, &(0x7f0000000140)) 11:06:41 executing program 7: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000000600)) syz_usb_connect$cdc_ncm(0x0, 0x7a, &(0x7f0000001cc0)={{0x12, 0x1, 0x0, 0x2, 0x0, 0x0, 0x0, 0x525, 0xa4a1, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x68, 0x2, 0x1, 0x0, 0x0, 0x0, {{0x9, 0x4, 0x0, 0x0, 0x1, 0x2, 0xd, 0x0, 0x0, {{0x5}, {0x5, 0x24, 0x0, 0x3ff}, {0xd, 0x24, 0xf, 0x1, 0x0, 0x0, 0x1}, {0x6, 0x24, 0x1a, 0x3, 0xc}, [@dmm={0x7}, @call_mgmt={0x5, 0x24, 0x1, 0x3}]}, {{0x9, 0x5, 0x81, 0x3, 0x200, 0x0, 0x3e, 0x6}}}, {}, {0x9, 0x4, 0x1, 0x1, 0x2, 0x2, 0xd, 0x0, 0x0, "", {{{0x9, 0x5, 0x82, 0x2, 0x8, 0x1f, 0x1e}}, {{0x9, 0x5, 0x3, 0x2, 0x40, 0x0, 0x1}}}}}}}]}}, &(0x7f00000021c0)={0xa, &(0x7f0000001d80)={0xa, 0x6, 0x250, 0x3c}, 0x0, 0x0, 0x5, [{0x0, 0x0}, {0x2, &(0x7f0000001f80)=@string={0x2}}, {0x0, 0x0}, {0x2, &(0x7f0000002000)=@string={0x2}}, {0x0, 0x0}]}) 11:06:41 executing program 6: futex(&(0x7f000000a900), 0x85, 0x0, 0x0, 0x0, 0x0) [ 172.687971] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 172.691937] misc raw-gadget: fail, usb_gadget_register_driver returned -16 11:06:41 executing program 6: futex(&(0x7f000000a900), 0x85, 0x0, 0x0, 0x0, 0x0) 11:06:41 executing program 5: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000740), r0) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$IEEE802154_ASSOCIATE_REQ(r2, &(0x7f0000001480)={&(0x7f0000001380), 0xc, &(0x7f0000001440)={&(0x7f00000013c0)={0x1c, r1, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_CHANNEL={0x5}]}, 0x1c}}, 0x0) 11:06:42 executing program 1: r0 = add_key(&(0x7f0000000000)='user\x00', &(0x7f0000000040)={'syz', 0x1}, &(0x7f0000000080)="cc", 0x1, 0xfffffffffffffffc) keyctl$revoke(0x3, r0) add_key(&(0x7f0000001880)='user\x00', &(0x7f00000018c0)={'syz', 0x0}, &(0x7f0000001900)="e7", 0x1, 0xfffffffffffffffe) add_key(&(0x7f00000019c0)='blacklist\x00', 0x0, 0x0, 0x0, r0) 11:06:42 executing program 0: r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) getgroups(0x2, &(0x7f0000000840)=[0x0, 0xee01]) fchown(r0, 0xffffffffffffffff, r1) 11:06:42 executing program 4: r0 = add_key(&(0x7f0000000000)='user\x00', &(0x7f0000000040)={'syz', 0x1}, &(0x7f0000000080)="cc", 0x1, 0xfffffffffffffffc) keyctl$revoke(0x3, r0) add_key(&(0x7f0000001880)='user\x00', &(0x7f00000018c0)={'syz', 0x0}, &(0x7f0000001900)="e7", 0x1, 0xfffffffffffffffe) add_key(&(0x7f00000019c0)='blacklist\x00', 0x0, 0x0, 0x0, r0) 11:06:42 executing program 3: creat(&(0x7f0000001a00)='./file0\x00', 0x0) stat(&(0x7f0000000540)='./file0\x00', &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x0}) setresuid(0x0, r0, 0x0) setresuid(0xffffffffffffffff, 0x0, 0x0) 11:06:42 executing program 2: r0 = openat$ptp0(0xffffffffffffff9c, &(0x7f0000001800), 0x0, 0x0) ioctl$PTP_SYS_OFFSET_EXTENDED(r0, 0xc4c03d09, 0x0) 11:06:42 executing program 6: futex(&(0x7f000000a900), 0x85, 0x0, 0x0, 0x0, 0x0) 11:06:42 executing program 5: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000740), r0) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$IEEE802154_ASSOCIATE_REQ(r2, &(0x7f0000001480)={&(0x7f0000001380), 0xc, &(0x7f0000001440)={&(0x7f00000013c0)={0x1c, r1, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_CHANNEL={0x5}]}, 0x1c}}, 0x0) 11:06:42 executing program 6: futex(&(0x7f000000a900), 0x85, 0x0, 0x0, 0x0, 0x0) 11:06:42 executing program 3: creat(&(0x7f0000001a00)='./file0\x00', 0x0) stat(&(0x7f0000000540)='./file0\x00', &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x0}) setresuid(0x0, r0, 0x0) setresuid(0xffffffffffffffff, 0x0, 0x0) 11:06:42 executing program 0: r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) getgroups(0x2, &(0x7f0000000840)=[0x0, 0xee01]) fchown(r0, 0xffffffffffffffff, r1) 11:06:42 executing program 2: r0 = openat$ptp0(0xffffffffffffff9c, &(0x7f0000001800), 0x0, 0x0) ioctl$PTP_SYS_OFFSET_EXTENDED(r0, 0xc4c03d09, 0x0) 11:06:42 executing program 3: creat(&(0x7f0000001a00)='./file0\x00', 0x0) stat(&(0x7f0000000540)='./file0\x00', &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x0}) setresuid(0x0, r0, 0x0) setresuid(0xffffffffffffffff, 0x0, 0x0) 11:06:42 executing program 2: r0 = openat$ptp0(0xffffffffffffff9c, &(0x7f0000001800), 0x0, 0x0) ioctl$PTP_SYS_OFFSET_EXTENDED(r0, 0xc4c03d09, 0x0) 11:06:42 executing program 0: r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) getgroups(0x2, &(0x7f0000000840)=[0x0, 0xee01]) fchown(r0, 0xffffffffffffffff, r1) 11:06:42 executing program 7: openat2(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)={0x101040, 0x0, 0xd}, 0x18) 11:06:42 executing program 1: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x2, 0x0, 0x0, 0x0, 0x0, 0x2, 0x32261, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) r2 = fcntl$dupfd(r0, 0x0, r1) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x13, r2, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) write(r1, &(0x7f0000000080)="01", 0x41030) 11:06:42 executing program 2: r0 = openat$ptp0(0xffffffffffffff9c, &(0x7f0000001800), 0x0, 0x0) ioctl$PTP_SYS_OFFSET_EXTENDED(r0, 0xc4c03d09, 0x0) 11:06:42 executing program 4: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$NL80211_CMD_START_AP(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000640)={0x5c, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8}, @void}}, [@beacon=[@NL80211_ATTR_BEACON_HEAD={0x3e, 0xe, {@with_ht={{{0x0, 0x2}, {}, @device_b, @device_b, @from_mac=@broadcast}}, 0x0, @default, 0x0, @val={0x0, 0x6, @default_ibss_ssid}, @val, @void, @void, @void, @val={0x5, 0x3}, @void, @val={0x2a, 0x1}, @void, @void, @void, @void, @void}}]]}, 0x5c}}, 0x0) 11:06:42 executing program 3: creat(&(0x7f0000001a00)='./file0\x00', 0x0) stat(&(0x7f0000000540)='./file0\x00', &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x0}) setresuid(0x0, r0, 0x0) setresuid(0xffffffffffffffff, 0x0, 0x0) [ 173.488959] audit: type=1400 audit(1665054402.286:9): avc: denied { read } for pid=6925 comm="syz-executor.1" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 11:06:42 executing program 5: r0 = socket$inet(0x2, 0x3, 0x9) setsockopt$inet_group_source_req(r0, 0x0, 0x2c, &(0x7f0000000280)={0x0, {}, {{0x2, 0x0, @private}}}, 0x108) 11:06:42 executing program 6: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl$sock_inet_SIOCGARP(r0, 0x8954, 0x0) 11:06:42 executing program 0: r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) getgroups(0x2, &(0x7f0000000840)=[0x0, 0xee01]) fchown(r0, 0xffffffffffffffff, r1) 11:06:42 executing program 4: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$NL80211_CMD_START_AP(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000640)={0x5c, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8}, @void}}, [@beacon=[@NL80211_ATTR_BEACON_HEAD={0x3e, 0xe, {@with_ht={{{0x0, 0x2}, {}, @device_b, @device_b, @from_mac=@broadcast}}, 0x0, @default, 0x0, @val={0x0, 0x6, @default_ibss_ssid}, @val, @void, @void, @void, @val={0x5, 0x3}, @void, @val={0x2a, 0x1}, @void, @void, @void, @void, @void}}]]}, 0x5c}}, 0x0) 11:06:42 executing program 6: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl$sock_inet_SIOCGARP(r0, 0x8954, 0x0) 11:06:42 executing program 5: r0 = socket$inet(0x2, 0x3, 0x9) setsockopt$inet_group_source_req(r0, 0x0, 0x2c, &(0x7f0000000280)={0x0, {}, {{0x2, 0x0, @private}}}, 0x108) 11:06:42 executing program 7: openat2(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)={0x101040, 0x0, 0xd}, 0x18) 11:06:42 executing program 3: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) sendmmsg$inet(r0, &(0x7f0000003380)=[{{&(0x7f00000036c0)={0x2, 0x0, @multicast2=0xe0000001}, 0x10, &(0x7f0000004c80)=[{&(0x7f0000003700)='@f', 0x2}], 0x1, &(0x7f0000004dc0)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @loopback, @local}}}], 0x20}}, {{&(0x7f0000000000)={0x2, 0x0, @local}, 0xf, 0x0, 0x0, &(0x7f0000000200)=[@ip_retopts={{0x10}}, @ip_retopts={{0x14, 0x0, 0x7, {[@ssrr={0x89, 0x3}]}}}], 0x28}}], 0x2, 0x0) 11:06:42 executing program 2: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000001b80)={0x6b082d00, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, &(0x7f0000001b40)=[0x0], 0x1}, 0x58) 11:06:42 executing program 0: r0 = socket$nl_audit(0x10, 0x3, 0x9) sendmsg$AUDIT_TTY_SET(r0, &(0x7f00000017c0)={&(0x7f0000001700), 0xc, &(0x7f0000001780)={0x0}}, 0x5) 11:06:42 executing program 6: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl$sock_inet_SIOCGARP(r0, 0x8954, 0x0) 11:06:42 executing program 7: openat2(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)={0x101040, 0x0, 0xd}, 0x18) 11:06:42 executing program 1: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x2, 0x0, 0x0, 0x0, 0x0, 0x2, 0x32261, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) r2 = fcntl$dupfd(r0, 0x0, r1) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x13, r2, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) write(r1, &(0x7f0000000080)="01", 0x41030) 11:06:42 executing program 3: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) sendmmsg$inet(r0, &(0x7f0000003380)=[{{&(0x7f00000036c0)={0x2, 0x0, @multicast2=0xe0000001}, 0x10, &(0x7f0000004c80)=[{&(0x7f0000003700)='@f', 0x2}], 0x1, &(0x7f0000004dc0)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @loopback, @local}}}], 0x20}}, {{&(0x7f0000000000)={0x2, 0x0, @local}, 0xf, 0x0, 0x0, &(0x7f0000000200)=[@ip_retopts={{0x10}}, @ip_retopts={{0x14, 0x0, 0x7, {[@ssrr={0x89, 0x3}]}}}], 0x28}}], 0x2, 0x0) 11:06:42 executing program 6: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl$sock_inet_SIOCGARP(r0, 0x8954, 0x0) 11:06:42 executing program 4: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$NL80211_CMD_START_AP(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000640)={0x5c, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8}, @void}}, [@beacon=[@NL80211_ATTR_BEACON_HEAD={0x3e, 0xe, {@with_ht={{{0x0, 0x2}, {}, @device_b, @device_b, @from_mac=@broadcast}}, 0x0, @default, 0x0, @val={0x0, 0x6, @default_ibss_ssid}, @val, @void, @void, @void, @val={0x5, 0x3}, @void, @val={0x2a, 0x1}, @void, @void, @void, @void, @void}}]]}, 0x5c}}, 0x0) 11:06:42 executing program 5: r0 = socket$inet(0x2, 0x3, 0x9) setsockopt$inet_group_source_req(r0, 0x0, 0x2c, &(0x7f0000000280)={0x0, {}, {{0x2, 0x0, @private}}}, 0x108) 11:06:42 executing program 3: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) sendmmsg$inet(r0, &(0x7f0000003380)=[{{&(0x7f00000036c0)={0x2, 0x0, @multicast2=0xe0000001}, 0x10, &(0x7f0000004c80)=[{&(0x7f0000003700)='@f', 0x2}], 0x1, &(0x7f0000004dc0)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @loopback, @local}}}], 0x20}}, {{&(0x7f0000000000)={0x2, 0x0, @local}, 0xf, 0x0, 0x0, &(0x7f0000000200)=[@ip_retopts={{0x10}}, @ip_retopts={{0x14, 0x0, 0x7, {[@ssrr={0x89, 0x3}]}}}], 0x28}}], 0x2, 0x0) 11:06:42 executing program 0: r0 = socket$nl_audit(0x10, 0x3, 0x9) sendmsg$AUDIT_TTY_SET(r0, &(0x7f00000017c0)={&(0x7f0000001700), 0xc, &(0x7f0000001780)={0x0}}, 0x5) 11:06:42 executing program 6: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x2, 0x0, 0x0, 0x0, 0x0, 0x2, 0x32261, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) r2 = fcntl$dupfd(r0, 0x0, r1) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x13, r2, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) write(r1, &(0x7f0000000080)="01", 0x41030) 11:06:42 executing program 2: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000001b80)={0x6b082d00, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, &(0x7f0000001b40)=[0x0], 0x1}, 0x58) 11:06:42 executing program 7: openat2(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)={0x101040, 0x0, 0xd}, 0x18) 11:06:42 executing program 4: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$NL80211_CMD_START_AP(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000640)={0x5c, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8}, @void}}, [@beacon=[@NL80211_ATTR_BEACON_HEAD={0x3e, 0xe, {@with_ht={{{0x0, 0x2}, {}, @device_b, @device_b, @from_mac=@broadcast}}, 0x0, @default, 0x0, @val={0x0, 0x6, @default_ibss_ssid}, @val, @void, @void, @void, @val={0x5, 0x3}, @void, @val={0x2a, 0x1}, @void, @void, @void, @void, @void}}]]}, 0x5c}}, 0x0) 11:06:42 executing program 1: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x2, 0x0, 0x0, 0x0, 0x0, 0x2, 0x32261, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) r2 = fcntl$dupfd(r0, 0x0, r1) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x13, r2, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) write(r1, &(0x7f0000000080)="01", 0x41030) 11:06:42 executing program 0: r0 = socket$nl_audit(0x10, 0x3, 0x9) sendmsg$AUDIT_TTY_SET(r0, &(0x7f00000017c0)={&(0x7f0000001700), 0xc, &(0x7f0000001780)={0x0}}, 0x5) 11:06:43 executing program 0: r0 = socket$nl_audit(0x10, 0x3, 0x9) sendmsg$AUDIT_TTY_SET(r0, &(0x7f00000017c0)={&(0x7f0000001700), 0xc, &(0x7f0000001780)={0x0}}, 0x5) 11:06:43 executing program 7: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x2, 0x0, 0x0, 0x0, 0x0, 0x2, 0x32261, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) r2 = fcntl$dupfd(r0, 0x0, r1) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x13, r2, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) write(r1, &(0x7f0000000080)="01", 0x41030) 11:06:43 executing program 6: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x2, 0x0, 0x0, 0x0, 0x0, 0x2, 0x32261, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) r2 = fcntl$dupfd(r0, 0x0, r1) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x13, r2, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) write(r1, &(0x7f0000000080)="01", 0x41030) 11:06:43 executing program 3: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) sendmmsg$inet(r0, &(0x7f0000003380)=[{{&(0x7f00000036c0)={0x2, 0x0, @multicast2=0xe0000001}, 0x10, &(0x7f0000004c80)=[{&(0x7f0000003700)='@f', 0x2}], 0x1, &(0x7f0000004dc0)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @loopback, @local}}}], 0x20}}, {{&(0x7f0000000000)={0x2, 0x0, @local}, 0xf, 0x0, 0x0, &(0x7f0000000200)=[@ip_retopts={{0x10}}, @ip_retopts={{0x14, 0x0, 0x7, {[@ssrr={0x89, 0x3}]}}}], 0x28}}], 0x2, 0x0) 11:06:43 executing program 5: r0 = socket$inet(0x2, 0x3, 0x9) setsockopt$inet_group_source_req(r0, 0x0, 0x2c, &(0x7f0000000280)={0x0, {}, {{0x2, 0x0, @private}}}, 0x108) 11:06:43 executing program 2: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000001b80)={0x6b082d00, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, &(0x7f0000001b40)=[0x0], 0x1}, 0x58) 11:06:43 executing program 1: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x2, 0x0, 0x0, 0x0, 0x0, 0x2, 0x32261, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) r2 = fcntl$dupfd(r0, 0x0, r1) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x13, r2, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) write(r1, &(0x7f0000000080)="01", 0x41030) 11:06:43 executing program 4: keyctl$search(0x2, 0x0, 0x0, &(0x7f00000001c0)={'syz', 0x3}, 0x0) 11:06:43 executing program 4: keyctl$search(0x2, 0x0, 0x0, &(0x7f00000001c0)={'syz', 0x3}, 0x0) 11:06:43 executing program 5: setgroups(0x0, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000002780)={0xffffffffffffffff, 0xffffffffffffffff}) getsockopt$sock_buf(r0, 0x1, 0x3b, 0x0, &(0x7f0000000100)) 11:06:43 executing program 3: perf_event_open$cgroup(&(0x7f0000003180)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x4) 11:06:43 executing program 4: keyctl$search(0x2, 0x0, 0x0, &(0x7f00000001c0)={'syz', 0x3}, 0x0) 11:06:43 executing program 0: keyctl$KEYCTL_PKEY_QUERY(0x18, 0x0, 0x0, 0x0, 0x0) 11:06:43 executing program 5: setgroups(0x0, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000002780)={0xffffffffffffffff, 0xffffffffffffffff}) getsockopt$sock_buf(r0, 0x1, 0x3b, 0x0, &(0x7f0000000100)) 11:06:43 executing program 6: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x2, 0x0, 0x0, 0x0, 0x0, 0x2, 0x32261, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) r2 = fcntl$dupfd(r0, 0x0, r1) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x13, r2, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) write(r1, &(0x7f0000000080)="01", 0x41030) 11:06:43 executing program 3: perf_event_open$cgroup(&(0x7f0000003180)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x4) 11:06:43 executing program 4: keyctl$search(0x2, 0x0, 0x0, &(0x7f00000001c0)={'syz', 0x3}, 0x0) 11:06:43 executing program 7: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x2, 0x0, 0x0, 0x0, 0x0, 0x2, 0x32261, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) r2 = fcntl$dupfd(r0, 0x0, r1) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x13, r2, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) write(r1, &(0x7f0000000080)="01", 0x41030) 11:06:43 executing program 3: perf_event_open$cgroup(&(0x7f0000003180)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x4) 11:06:43 executing program 2: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000001b80)={0x6b082d00, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, &(0x7f0000001b40)=[0x0], 0x1}, 0x58) 11:06:43 executing program 0: keyctl$KEYCTL_PKEY_QUERY(0x18, 0x0, 0x0, 0x0, 0x0) 11:06:43 executing program 3: perf_event_open$cgroup(&(0x7f0000003180)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x4) 11:06:43 executing program 5: setgroups(0x0, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000002780)={0xffffffffffffffff, 0xffffffffffffffff}) getsockopt$sock_buf(r0, 0x1, 0x3b, 0x0, &(0x7f0000000100)) 11:06:43 executing program 0: keyctl$KEYCTL_PKEY_QUERY(0x18, 0x0, 0x0, 0x0, 0x0) 11:06:43 executing program 7: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x2, 0x0, 0x0, 0x0, 0x0, 0x2, 0x32261, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) r2 = fcntl$dupfd(r0, 0x0, r1) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x13, r2, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) write(r1, &(0x7f0000000080)="01", 0x41030) 11:06:43 executing program 4: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x9d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000) 11:06:43 executing program 1: syz_mount_image$vfat(0x0, 0x0, 0x0, 0x3, &(0x7f0000007d40)=[{&(0x7f0000007b40)="96", 0x1}, {&(0x7f0000007c00)="fe", 0x1}, {&(0x7f0000007c40)="9c", 0x1}], 0x0, 0x0) 11:06:43 executing program 3: r0 = socket$inet_tcp(0x2, 0x1, 0x0) getsockopt$SO_TIMESTAMP(r0, 0x1, 0x23, &(0x7f0000000040), &(0x7f0000000080)=0x4) 11:06:44 executing program 0: keyctl$KEYCTL_PKEY_QUERY(0x18, 0x0, 0x0, 0x0, 0x0) 11:06:44 executing program 1: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$KDFONTOP_COPY(r0, 0x4b2f, 0x0) 11:06:44 executing program 4: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x9d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000) 11:06:44 executing program 5: setgroups(0x0, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000002780)={0xffffffffffffffff, 0xffffffffffffffff}) getsockopt$sock_buf(r0, 0x1, 0x3b, 0x0, &(0x7f0000000100)) 11:06:44 executing program 3: r0 = socket$inet_tcp(0x2, 0x1, 0x0) getsockopt$SO_TIMESTAMP(r0, 0x1, 0x23, &(0x7f0000000040), &(0x7f0000000080)=0x4) 11:06:44 executing program 2: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x9d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000) 11:06:44 executing program 4: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x9d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000) 11:06:44 executing program 0: r0 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) connect$802154_dgram(r0, &(0x7f0000000000), 0x14) 11:06:44 executing program 1: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$KDFONTOP_COPY(r0, 0x4b2f, 0x0) 11:06:44 executing program 2: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x9d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000) 11:06:44 executing program 6: r0 = memfd_create(&(0x7f0000000100)='/d#>\xbb\xb3~\x89\xa4O{\xc3\xad *Zn\xad\x11\xf2u\xe3\xf5\xbd\x1d\xa5\xeb\xee\xeee\xf4\xaf\xf0\x81\xea|f\x1c\xe0\xc1\xd1\x19cr\xa1\x01\xc3g\x10#\xa1\xfa\xb2\xe7\xa4+\x9e\xd7\xa2\x04y\xc1\xcf-V\xc0\x18Ls\xe2I\x19:\xe7\xc6F\x96xM\x1a\x00\x00\x00\x9c*\x03\x1f\x94\x9a\xf1\xcb\xc9\xf1\x16I\x85\xc8x\xe0\xc7\xc7z\xfa\t\x85\t\xfc\xcc\v\xce\x1b\xa2\x1b\xb4+\xe7\xb4M\xf4\xa4\xef\x0eW\x7f\x13\xa9>\xcf;+-\xf1gT\xd0\xcc\xff#\x1b\xbc\xe2\x06\xdf\xc2\xcb \x149n\xf24x\xe4\x9b\xab\xf7E\x1c\xb2,\xec[|\xcc\x85{\xb3\x98\x139\xc4F\x9fE\xa7*\xa2\xc8\xa9H\xed\x9b@\x8bH\xe5\xb5\xa7\xae\x11\xa7N\x00\x00\x04\x00\x00\x00\x00\x00\x00', 0x4) mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x0, 0x401a012, r0, 0x0) 11:06:44 executing program 4: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x9d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000) 11:06:44 executing program 3: r0 = socket$inet_tcp(0x2, 0x1, 0x0) getsockopt$SO_TIMESTAMP(r0, 0x1, 0x23, &(0x7f0000000040), &(0x7f0000000080)=0x4) 11:06:44 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000080)=0xfbffffff) 11:06:44 executing program 3: r0 = socket$inet_tcp(0x2, 0x1, 0x0) getsockopt$SO_TIMESTAMP(r0, 0x1, 0x23, &(0x7f0000000040), &(0x7f0000000080)=0x4) 11:06:44 executing program 0: r0 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) connect$802154_dgram(r0, &(0x7f0000000000), 0x14) 11:06:44 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000080)=0xfbffffff) 11:06:44 executing program 6: r0 = memfd_create(&(0x7f0000000100)='/d#>\xbb\xb3~\x89\xa4O{\xc3\xad *Zn\xad\x11\xf2u\xe3\xf5\xbd\x1d\xa5\xeb\xee\xeee\xf4\xaf\xf0\x81\xea|f\x1c\xe0\xc1\xd1\x19cr\xa1\x01\xc3g\x10#\xa1\xfa\xb2\xe7\xa4+\x9e\xd7\xa2\x04y\xc1\xcf-V\xc0\x18Ls\xe2I\x19:\xe7\xc6F\x96xM\x1a\x00\x00\x00\x9c*\x03\x1f\x94\x9a\xf1\xcb\xc9\xf1\x16I\x85\xc8x\xe0\xc7\xc7z\xfa\t\x85\t\xfc\xcc\v\xce\x1b\xa2\x1b\xb4+\xe7\xb4M\xf4\xa4\xef\x0eW\x7f\x13\xa9>\xcf;+-\xf1gT\xd0\xcc\xff#\x1b\xbc\xe2\x06\xdf\xc2\xcb \x149n\xf24x\xe4\x9b\xab\xf7E\x1c\xb2,\xec[|\xcc\x85{\xb3\x98\x139\xc4F\x9fE\xa7*\xa2\xc8\xa9H\xed\x9b@\x8bH\xe5\xb5\xa7\xae\x11\xa7N\x00\x00\x04\x00\x00\x00\x00\x00\x00', 0x4) mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x0, 0x401a012, r0, 0x0) 11:06:44 executing program 1: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$KDFONTOP_COPY(r0, 0x4b2f, 0x0) 11:06:44 executing program 7: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$KDFONTOP_COPY(r0, 0x4b2f, 0x0) 11:06:44 executing program 2: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x9d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000) 11:06:44 executing program 0: r0 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) connect$802154_dgram(r0, &(0x7f0000000000), 0x14) 11:06:44 executing program 3: syz_io_uring_setup(0x0, 0x0, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000fff000/0x1000)=nil, 0x0, 0x0) syz_genetlink_get_family_id$mptcp(&(0x7f0000000e80), 0xffffffffffffffff) 11:06:44 executing program 4: futex(&(0x7f00000007c0), 0x6, 0x0, &(0x7f0000000800)={0x0, 0x989680}, 0x0, 0x0) 11:06:44 executing program 6: r0 = memfd_create(&(0x7f0000000100)='/d#>\xbb\xb3~\x89\xa4O{\xc3\xad *Zn\xad\x11\xf2u\xe3\xf5\xbd\x1d\xa5\xeb\xee\xeee\xf4\xaf\xf0\x81\xea|f\x1c\xe0\xc1\xd1\x19cr\xa1\x01\xc3g\x10#\xa1\xfa\xb2\xe7\xa4+\x9e\xd7\xa2\x04y\xc1\xcf-V\xc0\x18Ls\xe2I\x19:\xe7\xc6F\x96xM\x1a\x00\x00\x00\x9c*\x03\x1f\x94\x9a\xf1\xcb\xc9\xf1\x16I\x85\xc8x\xe0\xc7\xc7z\xfa\t\x85\t\xfc\xcc\v\xce\x1b\xa2\x1b\xb4+\xe7\xb4M\xf4\xa4\xef\x0eW\x7f\x13\xa9>\xcf;+-\xf1gT\xd0\xcc\xff#\x1b\xbc\xe2\x06\xdf\xc2\xcb \x149n\xf24x\xe4\x9b\xab\xf7E\x1c\xb2,\xec[|\xcc\x85{\xb3\x98\x139\xc4F\x9fE\xa7*\xa2\xc8\xa9H\xed\x9b@\x8bH\xe5\xb5\xa7\xae\x11\xa7N\x00\x00\x04\x00\x00\x00\x00\x00\x00', 0x4) mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x0, 0x401a012, r0, 0x0) 11:06:44 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000080)=0xfbffffff) 11:06:44 executing program 7: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$KDFONTOP_COPY(r0, 0x4b2f, 0x0) 11:06:44 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) sendto$inet(r0, &(0x7f0000000840)='Y}', 0x2, 0x0, &(0x7f00000008c0)={0x2, 0x4e23, @loopback}, 0x10) 11:06:44 executing program 4: futex(&(0x7f00000007c0), 0x6, 0x0, &(0x7f0000000800)={0x0, 0x989680}, 0x0, 0x0) 11:06:44 executing program 1: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$KDFONTOP_COPY(r0, 0x4b2f, 0x0) 11:06:44 executing program 3: r0 = syz_open_dev$tty20(0xc, 0x4, 0x0) ioctl$KDDISABIO(r0, 0x4b37) 11:06:44 executing program 0: r0 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) connect$802154_dgram(r0, &(0x7f0000000000), 0x14) 11:06:44 executing program 4: futex(&(0x7f00000007c0), 0x6, 0x0, &(0x7f0000000800)={0x0, 0x989680}, 0x0, 0x0) 11:06:44 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) sendto$inet(r0, &(0x7f0000000840)='Y}', 0x2, 0x0, &(0x7f00000008c0)={0x2, 0x4e23, @loopback}, 0x10) 11:06:44 executing program 6: r0 = memfd_create(&(0x7f0000000100)='/d#>\xbb\xb3~\x89\xa4O{\xc3\xad *Zn\xad\x11\xf2u\xe3\xf5\xbd\x1d\xa5\xeb\xee\xeee\xf4\xaf\xf0\x81\xea|f\x1c\xe0\xc1\xd1\x19cr\xa1\x01\xc3g\x10#\xa1\xfa\xb2\xe7\xa4+\x9e\xd7\xa2\x04y\xc1\xcf-V\xc0\x18Ls\xe2I\x19:\xe7\xc6F\x96xM\x1a\x00\x00\x00\x9c*\x03\x1f\x94\x9a\xf1\xcb\xc9\xf1\x16I\x85\xc8x\xe0\xc7\xc7z\xfa\t\x85\t\xfc\xcc\v\xce\x1b\xa2\x1b\xb4+\xe7\xb4M\xf4\xa4\xef\x0eW\x7f\x13\xa9>\xcf;+-\xf1gT\xd0\xcc\xff#\x1b\xbc\xe2\x06\xdf\xc2\xcb \x149n\xf24x\xe4\x9b\xab\xf7E\x1c\xb2,\xec[|\xcc\x85{\xb3\x98\x139\xc4F\x9fE\xa7*\xa2\xc8\xa9H\xed\x9b@\x8bH\xe5\xb5\xa7\xae\x11\xa7N\x00\x00\x04\x00\x00\x00\x00\x00\x00', 0x4) mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x0, 0x401a012, r0, 0x0) 11:06:44 executing program 3: r0 = syz_open_dev$tty20(0xc, 0x4, 0x0) ioctl$KDDISABIO(r0, 0x4b37) 11:06:44 executing program 7: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$KDFONTOP_COPY(r0, 0x4b2f, 0x0) 11:06:44 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000080)=0xfbffffff) 11:06:44 executing program 1: r0 = syz_io_uring_setup(0x525c, &(0x7f0000000200), &(0x7f0000000000/0x3000)=nil, &(0x7f0000000000/0x2000)=nil, &(0x7f0000000040), &(0x7f0000000380)) io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x14, 0x0, 0x0) 11:06:45 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) sendto$inet(r0, &(0x7f0000000840)='Y}', 0x2, 0x0, &(0x7f00000008c0)={0x2, 0x4e23, @loopback}, 0x10) 11:06:45 executing program 7: prctl$PR_SET_PDEATHSIG(0x17, 0x41) 11:06:45 executing program 4: futex(&(0x7f00000007c0), 0x6, 0x0, &(0x7f0000000800)={0x0, 0x989680}, 0x0, 0x0) 11:06:45 executing program 0: syz_emit_ethernet(0x4e, &(0x7f0000000100)={@broadcast, @local, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "2ddc20", 0x18, 0x3a, 0xff, @local, @local, {[], @ndisc_ra={0x86, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [{0x3, 0x1, "bab165646f81"}]}}}}}}, 0x0) 11:06:45 executing program 3: r0 = syz_open_dev$tty20(0xc, 0x4, 0x0) ioctl$KDDISABIO(r0, 0x4b37) 11:06:45 executing program 5: r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='map_files\x00') r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='map_files\x00') renameat(r0, &(0x7f0000000080)='./file0\x00', r1, &(0x7f00000000c0)='./file0\x00') 11:06:45 executing program 6: r0 = socket$inet6(0xa, 0x1, 0x0) ioctl$sock_inet6_SIOCDIFADDR(r0, 0x8936, &(0x7f0000000140)={@ipv4={'\x00', '\xff\xff', @multicast2}}) 11:06:45 executing program 1: r0 = syz_io_uring_setup(0x525c, &(0x7f0000000200), &(0x7f0000000000/0x3000)=nil, &(0x7f0000000000/0x2000)=nil, &(0x7f0000000040), &(0x7f0000000380)) io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x14, 0x0, 0x0) 11:06:45 executing program 6: r0 = socket$inet6(0xa, 0x1, 0x0) ioctl$sock_inet6_SIOCDIFADDR(r0, 0x8936, &(0x7f0000000140)={@ipv4={'\x00', '\xff\xff', @multicast2}}) 11:06:45 executing program 4: r0 = syz_io_uring_setup(0x525c, &(0x7f0000000200), &(0x7f0000000000/0x3000)=nil, &(0x7f0000000000/0x2000)=nil, &(0x7f0000000040), &(0x7f0000000380)) io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x14, 0x0, 0x0) 11:06:45 executing program 3: r0 = syz_open_dev$tty20(0xc, 0x4, 0x0) ioctl$KDDISABIO(r0, 0x4b37) 11:06:45 executing program 7: prctl$PR_SET_PDEATHSIG(0x17, 0x41) 11:06:45 executing program 0: syz_emit_ethernet(0x4e, &(0x7f0000000100)={@broadcast, @local, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "2ddc20", 0x18, 0x3a, 0xff, @local, @local, {[], @ndisc_ra={0x86, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [{0x3, 0x1, "bab165646f81"}]}}}}}}, 0x0) 11:06:45 executing program 5: r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='map_files\x00') r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='map_files\x00') renameat(r0, &(0x7f0000000080)='./file0\x00', r1, &(0x7f00000000c0)='./file0\x00') 11:06:45 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) sendto$inet(r0, &(0x7f0000000840)='Y}', 0x2, 0x0, &(0x7f00000008c0)={0x2, 0x4e23, @loopback}, 0x10) 11:06:45 executing program 4: r0 = syz_io_uring_setup(0x525c, &(0x7f0000000200), &(0x7f0000000000/0x3000)=nil, &(0x7f0000000000/0x2000)=nil, &(0x7f0000000040), &(0x7f0000000380)) io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x14, 0x0, 0x0) 11:06:45 executing program 6: r0 = socket$inet6(0xa, 0x1, 0x0) ioctl$sock_inet6_SIOCDIFADDR(r0, 0x8936, &(0x7f0000000140)={@ipv4={'\x00', '\xff\xff', @multicast2}}) 11:06:45 executing program 1: r0 = syz_io_uring_setup(0x525c, &(0x7f0000000200), &(0x7f0000000000/0x3000)=nil, &(0x7f0000000000/0x2000)=nil, &(0x7f0000000040), &(0x7f0000000380)) io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x14, 0x0, 0x0) 11:06:45 executing program 0: syz_emit_ethernet(0x4e, &(0x7f0000000100)={@broadcast, @local, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "2ddc20", 0x18, 0x3a, 0xff, @local, @local, {[], @ndisc_ra={0x86, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [{0x3, 0x1, "bab165646f81"}]}}}}}}, 0x0) 11:06:45 executing program 6: r0 = socket$inet6(0xa, 0x1, 0x0) ioctl$sock_inet6_SIOCDIFADDR(r0, 0x8936, &(0x7f0000000140)={@ipv4={'\x00', '\xff\xff', @multicast2}}) 11:06:45 executing program 7: prctl$PR_SET_PDEATHSIG(0x17, 0x41) 11:06:45 executing program 2: r0 = syz_mount_image$tmpfs(&(0x7f00000001c0), &(0x7f0000000200)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)) mknodat$loop(r0, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) openat(r0, &(0x7f0000000080)='./file0\x00', 0x402, 0x0) mount$9p_unix(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x121823, 0x0) 11:06:45 executing program 5: r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='map_files\x00') r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='map_files\x00') renameat(r0, &(0x7f0000000080)='./file0\x00', r1, &(0x7f00000000c0)='./file0\x00') 11:06:45 executing program 1: r0 = syz_io_uring_setup(0x525c, &(0x7f0000000200), &(0x7f0000000000/0x3000)=nil, &(0x7f0000000000/0x2000)=nil, &(0x7f0000000040), &(0x7f0000000380)) io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x14, 0x0, 0x0) 11:06:45 executing program 4: r0 = syz_io_uring_setup(0x525c, &(0x7f0000000200), &(0x7f0000000000/0x3000)=nil, &(0x7f0000000000/0x2000)=nil, &(0x7f0000000040), &(0x7f0000000380)) io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x14, 0x0, 0x0) 11:06:45 executing program 3: r0 = syz_io_uring_setup(0x1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100)=0x0, &(0x7f0000000140)=0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffff9c, &(0x7f0000000240)={0x3314c1}, &(0x7f0000000280)='./file0\x00', 0x18}, 0x0) io_uring_enter(r0, 0x1, 0x0, 0x0, 0x0, 0x0) 11:06:45 executing program 0: syz_emit_ethernet(0x4e, &(0x7f0000000100)={@broadcast, @local, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "2ddc20", 0x18, 0x3a, 0xff, @local, @local, {[], @ndisc_ra={0x86, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [{0x3, 0x1, "bab165646f81"}]}}}}}}, 0x0) 11:06:45 executing program 6: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl$sock_inet_SIOCGARP(r0, 0x8954, &(0x7f0000000000)={{0x2, 0x0, @dev}, {}, 0x64, {0x2, 0x0, @empty}, 'veth0_to_team\x00'}) 11:06:45 executing program 7: prctl$PR_SET_PDEATHSIG(0x17, 0x41) 11:06:45 executing program 2: r0 = syz_mount_image$tmpfs(&(0x7f00000001c0), &(0x7f0000000200)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)) mknodat$loop(r0, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) openat(r0, &(0x7f0000000080)='./file0\x00', 0x402, 0x0) mount$9p_unix(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x121823, 0x0) 11:06:45 executing program 5: r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='map_files\x00') r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='map_files\x00') renameat(r0, &(0x7f0000000080)='./file0\x00', r1, &(0x7f00000000c0)='./file0\x00') 11:06:45 executing program 3: r0 = syz_io_uring_setup(0x1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100)=0x0, &(0x7f0000000140)=0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffff9c, &(0x7f0000000240)={0x3314c1}, &(0x7f0000000280)='./file0\x00', 0x18}, 0x0) io_uring_enter(r0, 0x1, 0x0, 0x0, 0x0, 0x0) 11:06:45 executing program 2: r0 = syz_mount_image$tmpfs(&(0x7f00000001c0), &(0x7f0000000200)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)) mknodat$loop(r0, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) openat(r0, &(0x7f0000000080)='./file0\x00', 0x402, 0x0) mount$9p_unix(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x121823, 0x0) 11:06:45 executing program 7: r0 = syz_mount_image$tmpfs(&(0x7f00000001c0), &(0x7f0000000200)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)) mknodat$loop(r0, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) openat(r0, &(0x7f0000000080)='./file0\x00', 0x402, 0x0) mount$9p_unix(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x121823, 0x0) 11:06:45 executing program 1: pipe2(&(0x7f0000000a80)={0xffffffffffffffff}, 0x0) mq_open(&(0x7f0000000000)='#(:#)\x00', 0x0, 0x0, 0x0) close_range(r0, 0xffffffffffffffff, 0x0) 11:06:45 executing program 4: syz_mount_image$iso9660(&(0x7f0000000280), 0x0, 0x0, 0x1, &(0x7f0000000500)=[{&(0x7f0000000300)='C', 0x1}], 0x0, &(0x7f0000000580)) 11:06:45 executing program 6: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl$sock_inet_SIOCGARP(r0, 0x8954, &(0x7f0000000000)={{0x2, 0x0, @dev}, {}, 0x64, {0x2, 0x0, @empty}, 'veth0_to_team\x00'}) 11:06:45 executing program 5: r0 = openat$tcp_mem(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/net/ipv4/tcp_wmem\x00', 0x1, 0x0) fchmod(r0, 0x0) 11:06:45 executing program 6: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl$sock_inet_SIOCGARP(r0, 0x8954, &(0x7f0000000000)={{0x2, 0x0, @dev}, {}, 0x64, {0x2, 0x0, @empty}, 'veth0_to_team\x00'}) 11:06:45 executing program 7: r0 = syz_mount_image$tmpfs(&(0x7f00000001c0), &(0x7f0000000200)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)) mknodat$loop(r0, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) openat(r0, &(0x7f0000000080)='./file0\x00', 0x402, 0x0) mount$9p_unix(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x121823, 0x0) 11:06:45 executing program 1: pipe2(&(0x7f0000000a80)={0xffffffffffffffff}, 0x0) mq_open(&(0x7f0000000000)='#(:#)\x00', 0x0, 0x0, 0x0) close_range(r0, 0xffffffffffffffff, 0x0) 11:06:45 executing program 4: pipe2(&(0x7f0000000a80)={0xffffffffffffffff}, 0x0) mq_open(&(0x7f0000000000)='#(:#)\x00', 0x0, 0x0, 0x0) close_range(r0, 0xffffffffffffffff, 0x0) 11:06:45 executing program 3: r0 = syz_io_uring_setup(0x1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100)=0x0, &(0x7f0000000140)=0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffff9c, &(0x7f0000000240)={0x3314c1}, &(0x7f0000000280)='./file0\x00', 0x18}, 0x0) io_uring_enter(r0, 0x1, 0x0, 0x0, 0x0, 0x0) 11:06:45 executing program 2: r0 = syz_mount_image$tmpfs(&(0x7f00000001c0), &(0x7f0000000200)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)) mknodat$loop(r0, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) openat(r0, &(0x7f0000000080)='./file0\x00', 0x402, 0x0) mount$9p_unix(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x121823, 0x0) 11:06:46 executing program 6: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl$sock_inet_SIOCGARP(r0, 0x8954, &(0x7f0000000000)={{0x2, 0x0, @dev}, {}, 0x64, {0x2, 0x0, @empty}, 'veth0_to_team\x00'}) 11:06:46 executing program 0: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x77, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff}) bind$unix(r0, &(0x7f0000000100)=@file={0x1, './file0\x00'}, 0x6e) connect$unix(r0, &(0x7f0000000080)=@file={0x1, './file0\x00'}, 0x6e) 11:06:46 executing program 5: r0 = openat$tcp_mem(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/net/ipv4/tcp_wmem\x00', 0x1, 0x0) fchmod(r0, 0x0) 11:06:46 executing program 7: r0 = syz_mount_image$tmpfs(&(0x7f00000001c0), &(0x7f0000000200)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)) mknodat$loop(r0, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) openat(r0, &(0x7f0000000080)='./file0\x00', 0x402, 0x0) mount$9p_unix(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x121823, 0x0) 11:06:46 executing program 1: pipe2(&(0x7f0000000a80)={0xffffffffffffffff}, 0x0) mq_open(&(0x7f0000000000)='#(:#)\x00', 0x0, 0x0, 0x0) close_range(r0, 0xffffffffffffffff, 0x0) 11:06:46 executing program 4: pipe2(&(0x7f0000000a80)={0xffffffffffffffff}, 0x0) mq_open(&(0x7f0000000000)='#(:#)\x00', 0x0, 0x0, 0x0) close_range(r0, 0xffffffffffffffff, 0x0) 11:06:46 executing program 3: r0 = syz_io_uring_setup(0x1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100)=0x0, &(0x7f0000000140)=0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffff9c, &(0x7f0000000240)={0x3314c1}, &(0x7f0000000280)='./file0\x00', 0x18}, 0x0) io_uring_enter(r0, 0x1, 0x0, 0x0, 0x0, 0x0) 11:06:46 executing program 2: r0 = pkey_alloc(0x0, 0x3) pkey_alloc(0x0, 0x3) pkey_free(r0) pkey_alloc(0x0, 0x1) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f00000007c0), 0x2}, 0xcc80}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_register$IORING_UNREGISTER_BUFFERS(0xffffffffffffffff, 0x1, 0x1000000, 0x0) r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000002480)='fd/3\x00') r2 = syz_io_uring_setup(0x0, 0x0, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000000100), &(0x7f0000000340)) getpid() pidfd_open(0x0, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={&(0x7f0000000040), 0xb}, 0x0, 0x20, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_io_uring_setup(0x75c8, &(0x7f0000000200)={0x0, 0x1000c2c0, 0x2, 0x0, 0x36}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000000380), &(0x7f0000000140)) r3 = openat$sr(0xffffffffffffff9c, &(0x7f00000001c0), 0x105802, 0x0) openat(r1, &(0x7f00000003c0)='./file0\x00', 0x40000, 0x80) close(r3) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r2, 0x5ebd, 0xc6d4, 0x2, &(0x7f0000000000)={[0x1]}, 0x8) fsmount(0xffffffffffffffff, 0x1, 0x80) 11:06:46 executing program 0: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x77, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff}) bind$unix(r0, &(0x7f0000000100)=@file={0x1, './file0\x00'}, 0x6e) connect$unix(r0, &(0x7f0000000080)=@file={0x1, './file0\x00'}, 0x6e) 11:06:46 executing program 5: r0 = openat$tcp_mem(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/net/ipv4/tcp_wmem\x00', 0x1, 0x0) fchmod(r0, 0x0) 11:06:46 executing program 6: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x77, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff}) bind$unix(r0, &(0x7f0000000100)=@file={0x1, './file0\x00'}, 0x6e) connect$unix(r0, &(0x7f0000000080)=@file={0x1, './file0\x00'}, 0x6e) 11:06:46 executing program 4: pipe2(&(0x7f0000000a80)={0xffffffffffffffff}, 0x0) mq_open(&(0x7f0000000000)='#(:#)\x00', 0x0, 0x0, 0x0) close_range(r0, 0xffffffffffffffff, 0x0) 11:06:46 executing program 1: pipe2(&(0x7f0000000a80)={0xffffffffffffffff}, 0x0) mq_open(&(0x7f0000000000)='#(:#)\x00', 0x0, 0x0, 0x0) close_range(r0, 0xffffffffffffffff, 0x0) [ 177.637543] hrtimer: interrupt took 35196 ns 11:06:46 executing program 5: r0 = openat$tcp_mem(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/net/ipv4/tcp_wmem\x00', 0x1, 0x0) fchmod(r0, 0x0) 11:06:46 executing program 0: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x77, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff}) bind$unix(r0, &(0x7f0000000100)=@file={0x1, './file0\x00'}, 0x6e) connect$unix(r0, &(0x7f0000000080)=@file={0x1, './file0\x00'}, 0x6e) 11:06:46 executing program 6: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x77, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff}) bind$unix(r0, &(0x7f0000000100)=@file={0x1, './file0\x00'}, 0x6e) connect$unix(r0, &(0x7f0000000080)=@file={0x1, './file0\x00'}, 0x6e) 11:06:46 executing program 1: syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) rt_sigreturn() rt_sigreturn() 11:06:46 executing program 7: syz_open_dev$usbmon(&(0x7f0000000000), 0x0, 0x0) 11:06:46 executing program 3: r0 = syz_open_dev$tty20(0xc, 0x4, 0x1) r1 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) fcntl$notify(r1, 0x402, 0x2) dup3(r0, r1, 0x0) 11:06:46 executing program 4: sysfs$2(0x2, 0x0, 0xffffffffffffffff) 11:06:46 executing program 6: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x77, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff}) bind$unix(r0, &(0x7f0000000100)=@file={0x1, './file0\x00'}, 0x6e) connect$unix(r0, &(0x7f0000000080)=@file={0x1, './file0\x00'}, 0x6e) 11:06:46 executing program 0: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x77, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff}) bind$unix(r0, &(0x7f0000000100)=@file={0x1, './file0\x00'}, 0x6e) connect$unix(r0, &(0x7f0000000080)=@file={0x1, './file0\x00'}, 0x6e) 11:06:46 executing program 5: syz_genetlink_get_family_id$nl802154(0x0, 0xffffffffffffffff) setresuid(0x0, 0x0, 0xee01) 11:06:46 executing program 1: syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) rt_sigreturn() rt_sigreturn() 11:06:46 executing program 4: sysfs$2(0x2, 0x0, 0xffffffffffffffff) 11:06:46 executing program 7: syz_open_dev$usbmon(&(0x7f0000000000), 0x0, 0x0) 11:06:46 executing program 3: r0 = syz_open_dev$tty20(0xc, 0x4, 0x1) r1 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) fcntl$notify(r1, 0x402, 0x2) dup3(r0, r1, 0x0) 11:06:46 executing program 2: r0 = pkey_alloc(0x0, 0x3) pkey_alloc(0x0, 0x3) pkey_free(r0) pkey_alloc(0x0, 0x1) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f00000007c0), 0x2}, 0xcc80}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_register$IORING_UNREGISTER_BUFFERS(0xffffffffffffffff, 0x1, 0x1000000, 0x0) r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000002480)='fd/3\x00') r2 = syz_io_uring_setup(0x0, 0x0, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000000100), &(0x7f0000000340)) getpid() pidfd_open(0x0, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={&(0x7f0000000040), 0xb}, 0x0, 0x20, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_io_uring_setup(0x75c8, &(0x7f0000000200)={0x0, 0x1000c2c0, 0x2, 0x0, 0x36}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000000380), &(0x7f0000000140)) r3 = openat$sr(0xffffffffffffff9c, &(0x7f00000001c0), 0x105802, 0x0) openat(r1, &(0x7f00000003c0)='./file0\x00', 0x40000, 0x80) close(r3) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r2, 0x5ebd, 0xc6d4, 0x2, &(0x7f0000000000)={[0x1]}, 0x8) fsmount(0xffffffffffffffff, 0x1, 0x80) 11:06:47 executing program 7: syz_open_dev$usbmon(&(0x7f0000000000), 0x0, 0x0) 11:06:47 executing program 1: syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) rt_sigreturn() rt_sigreturn() 11:06:47 executing program 4: sysfs$2(0x2, 0x0, 0xffffffffffffffff) 11:06:47 executing program 5: syz_genetlink_get_family_id$nl802154(0x0, 0xffffffffffffffff) setresuid(0x0, 0x0, 0xee01) 11:06:47 executing program 3: r0 = syz_open_dev$tty20(0xc, 0x4, 0x1) r1 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) fcntl$notify(r1, 0x402, 0x2) dup3(r0, r1, 0x0) 11:06:47 executing program 6: r0 = pkey_alloc(0x0, 0x3) pkey_alloc(0x0, 0x3) pkey_free(r0) pkey_alloc(0x0, 0x1) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f00000007c0), 0x2}, 0xcc80}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_register$IORING_UNREGISTER_BUFFERS(0xffffffffffffffff, 0x1, 0x1000000, 0x0) r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000002480)='fd/3\x00') r2 = syz_io_uring_setup(0x0, 0x0, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000000100), &(0x7f0000000340)) getpid() pidfd_open(0x0, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={&(0x7f0000000040), 0xb}, 0x0, 0x20, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_io_uring_setup(0x75c8, &(0x7f0000000200)={0x0, 0x1000c2c0, 0x2, 0x0, 0x36}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000000380), &(0x7f0000000140)) r3 = openat$sr(0xffffffffffffff9c, &(0x7f00000001c0), 0x105802, 0x0) openat(r1, &(0x7f00000003c0)='./file0\x00', 0x40000, 0x80) close(r3) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r2, 0x5ebd, 0xc6d4, 0x2, &(0x7f0000000000)={[0x1]}, 0x8) fsmount(0xffffffffffffffff, 0x1, 0x80) 11:06:47 executing program 0: r0 = pkey_alloc(0x0, 0x3) pkey_alloc(0x0, 0x3) pkey_free(r0) pkey_alloc(0x0, 0x1) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f00000007c0), 0x2}, 0xcc80}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_register$IORING_UNREGISTER_BUFFERS(0xffffffffffffffff, 0x1, 0x1000000, 0x0) r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000002480)='fd/3\x00') r2 = syz_io_uring_setup(0x0, 0x0, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000000100), &(0x7f0000000340)) getpid() pidfd_open(0x0, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={&(0x7f0000000040), 0xb}, 0x0, 0x20, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_io_uring_setup(0x75c8, &(0x7f0000000200)={0x0, 0x1000c2c0, 0x2, 0x0, 0x36}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000000380), &(0x7f0000000140)) r3 = openat$sr(0xffffffffffffff9c, &(0x7f00000001c0), 0x105802, 0x0) openat(r1, &(0x7f00000003c0)='./file0\x00', 0x40000, 0x80) close(r3) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r2, 0x5ebd, 0xc6d4, 0x2, &(0x7f0000000000)={[0x1]}, 0x8) fsmount(0xffffffffffffffff, 0x1, 0x80) 11:06:47 executing program 7: syz_open_dev$usbmon(&(0x7f0000000000), 0x0, 0x0) 11:06:47 executing program 1: syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) rt_sigreturn() rt_sigreturn() [ 179.005580] ------------[ cut here ]------------ [ 179.005615] [ 179.005620] ====================================================== [ 179.005624] WARNING: possible circular locking dependency detected [ 179.005629] 6.0.0-next-20221006 #1 Tainted: G W [ 179.005637] ------------------------------------------------------ [ 179.005640] syz-executor.2/7273 is trying to acquire lock: [ 179.005648] ffffffff853fac98 ((console_sem).lock){-.-.}-{2:2}, at: down_trylock+0xe/0x70 [ 179.005694] [ 179.005694] but task is already holding lock: [ 179.005697] ffff88800eaa2820 (&ctx->lock){-...}-{2:2}, at: perf_event_task_tick+0x1ce/0x1050 [ 179.005733] [ 179.005733] which lock already depends on the new lock. [ 179.005733] [ 179.005736] [ 179.005736] the existing dependency chain (in reverse order) is: [ 179.005740] [ 179.005740] -> #3 (&ctx->lock){-...}-{2:2}: [ 179.005755] _raw_spin_lock+0x2a/0x40 [ 179.005769] __perf_event_task_sched_out+0x53b/0x18d0 [ 179.005781] __schedule+0xedd/0x2470 [ 179.005797] schedule+0xda/0x1b0 [ 179.005813] futex_wait_queue+0xf5/0x1e0 [ 179.005826] futex_wait+0x28e/0x690 [ 179.005837] do_futex+0x2ff/0x380 [ 179.005847] __x64_sys_futex+0x1c6/0x4d0 [ 179.005858] do_syscall_64+0x3b/0x90 [ 179.005869] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 179.005884] [ 179.005884] -> #2 (&rq->__lock){-.-.}-{2:2}: [ 179.005899] _raw_spin_lock_nested+0x30/0x40 [ 179.005912] raw_spin_rq_lock_nested+0x1e/0x30 [ 179.005926] task_fork_fair+0x63/0x4d0 [ 179.005944] sched_cgroup_fork+0x3d0/0x540 [ 179.005959] copy_process+0x4183/0x6e20 [ 179.005971] kernel_clone+0xe7/0x890 [ 179.005981] user_mode_thread+0xad/0xf0 [ 179.005992] rest_init+0x24/0x250 [ 179.006006] arch_call_rest_init+0xf/0x14 [ 179.006019] start_kernel+0x4c6/0x4eb [ 179.006030] secondary_startup_64_no_verify+0xe0/0xeb [ 179.006045] [ 179.006045] -> #1 (&p->pi_lock){-.-.}-{2:2}: [ 179.006060] _raw_spin_lock_irqsave+0x39/0x60 [ 179.006073] try_to_wake_up+0xab/0x1930 [ 179.006087] up+0x75/0xb0 [ 179.006103] __up_console_sem+0x6e/0x80 [ 179.006120] console_unlock+0x46a/0x590 [ 179.006137] vprintk_emit+0x1bd/0x560 [ 179.006154] vprintk+0x84/0xa0 [ 179.006171] _printk+0xba/0xf1 [ 179.006185] regdb_fw_cb.cold+0x6c/0xa7 [ 179.006208] request_firmware_work_func+0x12e/0x240 [ 179.006223] process_one_work+0xa17/0x16a0 [ 179.006242] worker_thread+0x637/0x1260 [ 179.006259] kthread+0x2ed/0x3a0 [ 179.006274] ret_from_fork+0x22/0x30 [ 179.006287] [ 179.006287] -> #0 ((console_sem).lock){-.-.}-{2:2}: [ 179.006302] __lock_acquire+0x2a02/0x5e70 [ 179.006321] lock_acquire+0x1a2/0x530 [ 179.006338] _raw_spin_lock_irqsave+0x39/0x60 [ 179.006350] down_trylock+0xe/0x70 [ 179.006368] __down_trylock_console_sem+0x3b/0xd0 [ 179.006385] vprintk_emit+0x16b/0x560 [ 179.006401] vprintk+0x84/0xa0 [ 179.006418] _printk+0xba/0xf1 [ 179.006430] report_bug.cold+0x72/0xab [ 179.006440] handle_bug+0x3c/0x70 [ 179.006450] exc_invalid_op+0x14/0x50 [ 179.006461] asm_exc_invalid_op+0x16/0x20 [ 179.006475] perf_event_task_tick+0xbeb/0x1050 [ 179.006494] scheduler_tick+0x17e/0x350 [ 179.006508] update_process_times+0x138/0x190 [ 179.006522] tick_sched_handle+0x9b/0x180 [ 179.006539] tick_sched_timer+0xf2/0x120 [ 179.006556] __hrtimer_run_queues+0x184/0xb50 [ 179.006569] hrtimer_interrupt+0x315/0x770 [ 179.006582] __sysvec_apic_timer_interrupt+0x144/0x500 [ 179.006594] sysvec_apic_timer_interrupt+0x89/0xc0 [ 179.006609] asm_sysvec_apic_timer_interrupt+0x16/0x20 [ 179.006624] __sanitizer_cov_trace_const_cmp4+0x4/0x20 [ 179.006639] __hrtimer_init+0xd4/0x270 [ 179.006651] init_dl_inactive_task_timer+0x1a/0x50 [ 179.006667] __sched_fork.constprop.0+0x216/0x4d0 [ 179.006679] sched_fork+0x13/0x740 [ 179.006693] copy_process+0x1f3f/0x6e20 [ 179.006703] create_io_thread+0xab/0xf0 [ 179.006714] io_sq_offload_create+0xc82/0xdb4 [ 179.006730] io_uring_setup.cold+0x15b7/0x1b1d [ 179.006743] do_syscall_64+0x3b/0x90 [ 179.006754] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 179.006769] [ 179.006769] other info that might help us debug this: [ 179.006769] [ 179.006772] Chain exists of: [ 179.006772] (console_sem).lock --> &rq->__lock --> &ctx->lock [ 179.006772] [ 179.006788] Possible unsafe locking scenario: [ 179.006788] [ 179.006791] CPU0 CPU1 [ 179.006793] ---- ---- [ 179.006796] lock(&ctx->lock); [ 179.006802] lock(&rq->__lock); [ 179.006809] lock(&ctx->lock); [ 179.006815] lock((console_sem).lock); [ 179.006822] [ 179.006822] *** DEADLOCK *** [ 179.006822] [ 179.006824] 1 lock held by syz-executor.2/7273: [ 179.006831] #0: ffff88800eaa2820 (&ctx->lock){-...}-{2:2}, at: perf_event_task_tick+0x1ce/0x1050 [ 179.006867] [ 179.006867] stack backtrace: [ 179.006870] CPU: 1 PID: 7273 Comm: syz-executor.2 Tainted: G W 6.0.0-next-20221006 #1 [ 179.006885] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 179.006892] Call Trace: [ 179.006896] [ 179.006901] dump_stack_lvl+0x8b/0xb3 [ 179.006914] check_noncircular+0x263/0x2e0 [ 179.006931] ? format_decode+0x26c/0xb50 [ 179.006950] ? print_circular_bug+0x450/0x450 [ 179.006968] ? simple_strtoul+0x30/0x30 [ 179.006985] ? kernel_text_address+0x57/0xb0 [ 179.006999] ? __kernel_text_address+0x9/0x40 [ 179.007013] ? format_decode+0x26c/0xb50 [ 179.007032] ? alloc_chain_hlocks+0x1ec/0x5a0 [ 179.007051] __lock_acquire+0x2a02/0x5e70 [ 179.007074] ? lockdep_hardirqs_on_prepare+0x410/0x410 [ 179.007098] lock_acquire+0x1a2/0x530 [ 179.007116] ? down_trylock+0xe/0x70 [ 179.007135] ? lock_release+0x750/0x750 [ 179.007155] ? lock_chain_count+0x20/0x20 [ 179.007174] ? vprintk+0x84/0xa0 [ 179.007193] _raw_spin_lock_irqsave+0x39/0x60 [ 179.007207] ? down_trylock+0xe/0x70 [ 179.007225] down_trylock+0xe/0x70 [ 179.007243] ? vprintk+0x84/0xa0 [ 179.007261] __down_trylock_console_sem+0x3b/0xd0 [ 179.007279] vprintk_emit+0x16b/0x560 [ 179.007299] vprintk+0x84/0xa0 [ 179.007318] _printk+0xba/0xf1 [ 179.007331] ? record_print_text.cold+0x16/0x16 [ 179.007349] ? report_bug.cold+0x66/0xab [ 179.007362] ? perf_event_task_tick+0xbeb/0x1050 [ 179.007381] report_bug.cold+0x72/0xab [ 179.007394] handle_bug+0x3c/0x70 [ 179.007406] exc_invalid_op+0x14/0x50 [ 179.007418] asm_exc_invalid_op+0x16/0x20 [ 179.007433] RIP: 0010:perf_event_task_tick+0xbeb/0x1050 [ 179.007456] Code: e9 34 fd ff ff e8 d5 29 ef ff 65 44 8b 35 99 82 ab 7e 31 ff 44 89 f6 e8 73 26 ef ff 45 85 f6 0f 84 04 01 00 00 e8 b5 29 ef ff <0f> 0b e9 60 fa ff ff e8 a9 29 ef ff 65 8b 1d 6e 82 ab 7e 31 ff 89 [ 179.007469] RSP: 0018:ffff88806cf09d08 EFLAGS: 00010046 [ 179.007479] RAX: 0000000000010001 RBX: ffff8880086656b8 RCX: 0000000000000000 [ 179.007487] RDX: ffff88803da23580 RSI: ffffffff8156f33b RDI: 0000000000000005 [ 179.007496] RBP: ffff88800eaa2908 R08: 0000000000000005 R09: 0000000000000001 [ 179.007504] R10: 0000000000000000 R11: 0000000000000001 R12: ffff888008665750 [ 179.007511] R13: 0000000000000000 R14: 0000000000000000 R15: dffffc0000000000 [ 179.007523] ? perf_event_task_tick+0xbeb/0x1050 [ 179.007562] ? perf_event_task_tick+0xbeb/0x1050 [ 179.007585] scheduler_tick+0x17e/0x350 [ 179.007603] update_process_times+0x138/0x190 [ 179.007616] ? tick_sched_do_timer+0x174/0x470 [ 179.007635] tick_sched_handle+0x9b/0x180 [ 179.007653] tick_sched_timer+0xf2/0x120 [ 179.007672] __hrtimer_run_queues+0x184/0xb50 [ 179.007685] ? tick_sched_do_timer+0x470/0x470 [ 179.007707] ? hrtimer_sleeper_start_expires+0x80/0x80 [ 179.007722] ? ktime_get_update_offsets_now+0x256/0x360 [ 179.007741] hrtimer_interrupt+0x315/0x770 [ 179.007760] __sysvec_apic_timer_interrupt+0x144/0x500 [ 179.007774] sysvec_apic_timer_interrupt+0x89/0xc0 [ 179.007789] [ 179.007792] [ 179.007796] asm_sysvec_apic_timer_interrupt+0x16/0x20 [ 179.007813] RIP: 0010:__sanitizer_cov_trace_const_cmp4+0x4/0x20 [ 179.007828] Code: 84 00 00 00 00 00 48 8b 0c 24 0f b7 d6 0f b7 f7 bf 03 00 00 00 e9 bc fe ff ff 66 66 2e 0f 1f 84 00 00 00 00 00 90 48 8b 0c 24 <89> f2 89 fe bf 05 00 00 00 e9 9e fe ff ff 66 66 2e 0f 1f 84 00 00 [ 179.007840] RSP: 0018:ffff88803e847a68 EFLAGS: 00000246 [ 179.007849] RAX: 0000000000000007 RBX: ffff88803f670248 RCX: ffffffff8136b124 [ 179.007858] RDX: 0000000000040000 RSI: 0000000000000000 RDI: 0000000000000008 [ 179.007865] RBP: 0000000000000000 R08: 0000000000000005 R09: 000000000000000f [ 179.007873] R10: 0000000000000001 R11: 0000000000000001 R12: 0000000000000009 [ 179.007880] R13: 0000000000000001 R14: ffff88806cf2a640 R15: 0000000000000000 [ 179.007891] ? __hrtimer_init+0xd4/0x270 [ 179.007906] __hrtimer_init+0xd4/0x270 [ 179.007921] init_dl_inactive_task_timer+0x1a/0x50 [ 179.007938] __sched_fork.constprop.0+0x216/0x4d0 [ 179.007951] sched_fork+0x13/0x740 [ 179.007967] copy_process+0x1f3f/0x6e20 [ 179.007979] ? lock_is_held_type+0xd7/0x130 [ 179.007999] ? __cleanup_sighand+0xb0/0xb0 [ 179.008010] ? lock_release+0x3b2/0x750 [ 179.008028] ? io_sq_offload_create+0x9d3/0xdb4 [ 179.008048] ? io_sqd_handle_event+0x330/0x330 [ 179.008062] create_io_thread+0xab/0xf0 [ 179.008074] ? copy_init_mm+0x20/0x20 [ 179.008088] ? io_sqd_handle_event+0x330/0x330 [ 179.008104] io_sq_offload_create+0xc82/0xdb4 [ 179.008122] io_uring_setup.cold+0x15b7/0x1b1d [ 179.008138] ? io_cqring_overflow_flush+0x150/0x150 [ 179.008163] do_syscall_64+0x3b/0x90 [ 179.008175] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 179.008191] RIP: 0033:0x7f412a636b19 [ 179.008200] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 179.008212] RSP: 002b:00007f4127bac108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 179.008223] RAX: ffffffffffffffda RBX: 00007f412a749f60 RCX: 00007f412a636b19 [ 179.008232] RDX: 0000000020ffb000 RSI: 0000000020000200 RDI: 00000000000075c8 [ 179.008240] RBP: 0000000020000200 R08: 0000000020000140 R09: 0000000020000140 [ 179.008248] R10: 0000000020000380 R11: 0000000000000202 R12: 0000000020000140 [ 179.008255] R13: 0000000020ffb000 R14: 0000000020000380 R15: 0000000020ffc000 [ 179.008269] [ 179.084106] WARNING: CPU: 1 PID: 7273 at kernel/events/core.c:2233 perf_event_task_tick+0xbeb/0x1050 [ 179.084826] Modules linked in: [ 179.085083] CPU: 1 PID: 7273 Comm: syz-executor.2 Tainted: G W 6.0.0-next-20221006 #1 [ 179.085775] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 179.086408] RIP: 0010:perf_event_task_tick+0xbeb/0x1050 [ 179.086825] Code: e9 34 fd ff ff e8 d5 29 ef ff 65 44 8b 35 99 82 ab 7e 31 ff 44 89 f6 e8 73 26 ef ff 45 85 f6 0f 84 04 01 00 00 e8 b5 29 ef ff <0f> 0b e9 60 fa ff ff e8 a9 29 ef ff 65 8b 1d 6e 82 ab 7e 31 ff 89 [ 179.088208] RSP: 0018:ffff88806cf09d08 EFLAGS: 00010046 [ 179.088612] RAX: 0000000000010001 RBX: ffff8880086656b8 RCX: 0000000000000000 [ 179.089154] RDX: ffff88803da23580 RSI: ffffffff8156f33b RDI: 0000000000000005 [ 179.089697] RBP: ffff88800eaa2908 R08: 0000000000000005 R09: 0000000000000001 [ 179.090241] R10: 0000000000000000 R11: 0000000000000001 R12: ffff888008665750 [ 179.090780] R13: 0000000000000000 R14: 0000000000000000 R15: dffffc0000000000 [ 179.091324] FS: 00007f4127bac700(0000) GS:ffff88806cf00000(0000) knlGS:0000000000000000 [ 179.091942] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 179.092380] CR2: 0000001b30e2b000 CR3: 0000000008d24000 CR4: 0000000000350ee0 [ 179.092922] Call Trace: [ 179.093125] [ 179.093304] scheduler_tick+0x17e/0x350 [ 179.093618] update_process_times+0x138/0x190 [ 179.093967] ? tick_sched_do_timer+0x174/0x470 [ 179.094330] tick_sched_handle+0x9b/0x180 [ 179.094659] tick_sched_timer+0xf2/0x120 [ 179.094980] __hrtimer_run_queues+0x184/0xb50 [ 179.095325] ? tick_sched_do_timer+0x470/0x470 [ 179.095693] ? hrtimer_sleeper_start_expires+0x80/0x80 [ 179.096106] ? ktime_get_update_offsets_now+0x256/0x360 [ 179.096527] hrtimer_interrupt+0x315/0x770 [ 179.096868] __sysvec_apic_timer_interrupt+0x144/0x500 [ 179.097275] sysvec_apic_timer_interrupt+0x89/0xc0 [ 179.097663] [ 179.097843] [ 179.098024] asm_sysvec_apic_timer_interrupt+0x16/0x20 [ 179.098438] RIP: 0010:__sanitizer_cov_trace_const_cmp4+0x4/0x20 [ 179.098917] Code: 84 00 00 00 00 00 48 8b 0c 24 0f b7 d6 0f b7 f7 bf 03 00 00 00 e9 bc fe ff ff 66 66 2e 0f 1f 84 00 00 00 00 00 90 48 8b 0c 24 <89> f2 89 fe bf 05 00 00 00 e9 9e fe ff ff 66 66 2e 0f 1f 84 00 00 [ 179.100324] RSP: 0018:ffff88803e847a68 EFLAGS: 00000246 [ 179.100746] RAX: 0000000000000007 RBX: ffff88803f670248 RCX: ffffffff8136b124 [ 179.101296] RDX: 0000000000040000 RSI: 0000000000000000 RDI: 0000000000000008 [ 179.101852] RBP: 0000000000000000 R08: 0000000000000005 R09: 000000000000000f [ 179.102400] R10: 0000000000000001 R11: 0000000000000001 R12: 0000000000000009 [ 179.102941] R13: 0000000000000001 R14: ffff88806cf2a640 R15: 0000000000000000 [ 179.103482] ? __hrtimer_init+0xd4/0x270 [ 179.103803] __hrtimer_init+0xd4/0x270 [ 179.104103] init_dl_inactive_task_timer+0x1a/0x50 [ 179.104485] __sched_fork.constprop.0+0x216/0x4d0 [ 179.104854] sched_fork+0x13/0x740 [ 179.105129] copy_process+0x1f3f/0x6e20 [ 179.105438] ? lock_is_held_type+0xd7/0x130 [ 179.105778] ? __cleanup_sighand+0xb0/0xb0 [ 179.106098] ? lock_release+0x3b2/0x750 [ 179.106410] ? io_sq_offload_create+0x9d3/0xdb4 [ 179.106771] ? io_sqd_handle_event+0x330/0x330 [ 179.107124] create_io_thread+0xab/0xf0 [ 179.107423] ? copy_init_mm+0x20/0x20 [ 179.107719] ? io_sqd_handle_event+0x330/0x330 [ 179.108070] io_sq_offload_create+0xc82/0xdb4 [ 179.108418] io_uring_setup.cold+0x15b7/0x1b1d [ 179.108774] ? io_cqring_overflow_flush+0x150/0x150 [ 179.109178] do_syscall_64+0x3b/0x90 [ 179.109472] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 179.109876] RIP: 0033:0x7f412a636b19 [ 179.110168] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 179.111560] RSP: 002b:00007f4127bac108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 179.112132] RAX: ffffffffffffffda RBX: 00007f412a749f60 RCX: 00007f412a636b19 [ 179.112668] RDX: 0000000020ffb000 RSI: 0000000020000200 RDI: 00000000000075c8 [ 179.113208] RBP: 0000000020000200 R08: 0000000020000140 R09: 0000000020000140 [ 179.113744] R10: 0000000020000380 R11: 0000000000000202 R12: 0000000020000140 [ 179.114272] R13: 0000000020ffb000 R14: 0000000020000380 R15: 0000000020ffc000 [ 179.114826] [ 179.115011] irq event stamp: 23840 [ 179.115286] hardirqs last enabled at (23839): [] asm_sysvec_apic_timer_interrupt+0x16/0x20 [ 179.116042] hardirqs last disabled at (23840): [] sysvec_apic_timer_interrupt+0xb/0xc0 [ 179.116758] softirqs last enabled at (22738): [] __irq_exit_rcu+0x11b/0x180 [ 179.117427] softirqs last disabled at (22685): [] __irq_exit_rcu+0x11b/0x180 [ 179.118087] ---[ end trace 0000000000000000 ]--- 11:06:48 executing program 4: sysfs$2(0x2, 0x0, 0xffffffffffffffff) 11:06:48 executing program 5: syz_genetlink_get_family_id$nl802154(0x0, 0xffffffffffffffff) setresuid(0x0, 0x0, 0xee01) 11:06:48 executing program 3: r0 = syz_open_dev$tty20(0xc, 0x4, 0x1) r1 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) fcntl$notify(r1, 0x402, 0x2) dup3(r0, r1, 0x0) 11:06:48 executing program 1: r0 = pkey_alloc(0x0, 0x3) pkey_alloc(0x0, 0x3) pkey_free(r0) pkey_alloc(0x0, 0x1) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f00000007c0), 0x2}, 0xcc80}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_register$IORING_UNREGISTER_BUFFERS(0xffffffffffffffff, 0x1, 0x1000000, 0x0) r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000002480)='fd/3\x00') r2 = syz_io_uring_setup(0x0, 0x0, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000000100), &(0x7f0000000340)) getpid() pidfd_open(0x0, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={&(0x7f0000000040), 0xb}, 0x0, 0x20, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_io_uring_setup(0x75c8, &(0x7f0000000200)={0x0, 0x1000c2c0, 0x2, 0x0, 0x36}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000000380), &(0x7f0000000140)) r3 = openat$sr(0xffffffffffffff9c, &(0x7f00000001c0), 0x105802, 0x0) openat(r1, &(0x7f00000003c0)='./file0\x00', 0x40000, 0x80) close(r3) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r2, 0x5ebd, 0xc6d4, 0x2, &(0x7f0000000000)={[0x1]}, 0x8) fsmount(0xffffffffffffffff, 0x1, 0x80) 11:06:48 executing program 7: r0 = pkey_alloc(0x0, 0x3) pkey_alloc(0x0, 0x3) pkey_free(r0) pkey_alloc(0x0, 0x1) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f00000007c0), 0x2}, 0xcc80}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_register$IORING_UNREGISTER_BUFFERS(0xffffffffffffffff, 0x1, 0x1000000, 0x0) r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000002480)='fd/3\x00') r2 = syz_io_uring_setup(0x0, 0x0, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000000100), &(0x7f0000000340)) getpid() pidfd_open(0x0, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={&(0x7f0000000040), 0xb}, 0x0, 0x20, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_io_uring_setup(0x75c8, &(0x7f0000000200)={0x0, 0x1000c2c0, 0x2, 0x0, 0x36}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000000380), &(0x7f0000000140)) r3 = openat$sr(0xffffffffffffff9c, &(0x7f00000001c0), 0x105802, 0x0) openat(r1, &(0x7f00000003c0)='./file0\x00', 0x40000, 0x80) close(r3) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r2, 0x5ebd, 0xc6d4, 0x2, &(0x7f0000000000)={[0x1]}, 0x8) fsmount(0xffffffffffffffff, 0x1, 0x80) 11:06:48 executing program 0: r0 = pkey_alloc(0x0, 0x3) pkey_alloc(0x0, 0x3) pkey_free(r0) pkey_alloc(0x0, 0x1) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f00000007c0), 0x2}, 0xcc80}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_register$IORING_UNREGISTER_BUFFERS(0xffffffffffffffff, 0x1, 0x1000000, 0x0) r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000002480)='fd/3\x00') r2 = syz_io_uring_setup(0x0, 0x0, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000000100), &(0x7f0000000340)) getpid() pidfd_open(0x0, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={&(0x7f0000000040), 0xb}, 0x0, 0x20, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_io_uring_setup(0x75c8, &(0x7f0000000200)={0x0, 0x1000c2c0, 0x2, 0x0, 0x36}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000000380), &(0x7f0000000140)) r3 = openat$sr(0xffffffffffffff9c, &(0x7f00000001c0), 0x105802, 0x0) openat(r1, &(0x7f00000003c0)='./file0\x00', 0x40000, 0x80) close(r3) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r2, 0x5ebd, 0xc6d4, 0x2, &(0x7f0000000000)={[0x1]}, 0x8) fsmount(0xffffffffffffffff, 0x1, 0x80) 11:06:48 executing program 6: r0 = pkey_alloc(0x0, 0x3) pkey_alloc(0x0, 0x3) pkey_free(r0) pkey_alloc(0x0, 0x1) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f00000007c0), 0x2}, 0xcc80}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_register$IORING_UNREGISTER_BUFFERS(0xffffffffffffffff, 0x1, 0x1000000, 0x0) r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000002480)='fd/3\x00') r2 = syz_io_uring_setup(0x0, 0x0, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000000100), &(0x7f0000000340)) getpid() pidfd_open(0x0, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={&(0x7f0000000040), 0xb}, 0x0, 0x20, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_io_uring_setup(0x75c8, &(0x7f0000000200)={0x0, 0x1000c2c0, 0x2, 0x0, 0x36}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000000380), &(0x7f0000000140)) r3 = openat$sr(0xffffffffffffff9c, &(0x7f00000001c0), 0x105802, 0x0) openat(r1, &(0x7f00000003c0)='./file0\x00', 0x40000, 0x80) close(r3) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r2, 0x5ebd, 0xc6d4, 0x2, &(0x7f0000000000)={[0x1]}, 0x8) fsmount(0xffffffffffffffff, 0x1, 0x80) 11:06:48 executing program 2: r0 = pkey_alloc(0x0, 0x3) pkey_alloc(0x0, 0x3) pkey_free(r0) pkey_alloc(0x0, 0x1) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f00000007c0), 0x2}, 0xcc80}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_register$IORING_UNREGISTER_BUFFERS(0xffffffffffffffff, 0x1, 0x1000000, 0x0) r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000002480)='fd/3\x00') r2 = syz_io_uring_setup(0x0, 0x0, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000000100), &(0x7f0000000340)) getpid() pidfd_open(0x0, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={&(0x7f0000000040), 0xb}, 0x0, 0x20, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_io_uring_setup(0x75c8, &(0x7f0000000200)={0x0, 0x1000c2c0, 0x2, 0x0, 0x36}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000000380), &(0x7f0000000140)) r3 = openat$sr(0xffffffffffffff9c, &(0x7f00000001c0), 0x105802, 0x0) openat(r1, &(0x7f00000003c0)='./file0\x00', 0x40000, 0x80) close(r3) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r2, 0x5ebd, 0xc6d4, 0x2, &(0x7f0000000000)={[0x1]}, 0x8) fsmount(0xffffffffffffffff, 0x1, 0x80) 11:06:48 executing program 5: syz_genetlink_get_family_id$nl802154(0x0, 0xffffffffffffffff) setresuid(0x0, 0x0, 0xee01) 11:06:48 executing program 4: r0 = pkey_alloc(0x0, 0x3) pkey_alloc(0x0, 0x3) pkey_free(r0) pkey_alloc(0x0, 0x1) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f00000007c0), 0x2}, 0xcc80}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_register$IORING_UNREGISTER_BUFFERS(0xffffffffffffffff, 0x1, 0x1000000, 0x0) r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000002480)='fd/3\x00') r2 = syz_io_uring_setup(0x0, 0x0, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000000100), &(0x7f0000000340)) getpid() pidfd_open(0x0, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={&(0x7f0000000040), 0xb}, 0x0, 0x20, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_io_uring_setup(0x75c8, &(0x7f0000000200)={0x0, 0x1000c2c0, 0x2, 0x0, 0x36}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000000380), &(0x7f0000000140)) r3 = openat$sr(0xffffffffffffff9c, &(0x7f00000001c0), 0x105802, 0x0) openat(r1, &(0x7f00000003c0)='./file0\x00', 0x40000, 0x80) close(r3) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r2, 0x5ebd, 0xc6d4, 0x2, &(0x7f0000000000)={[0x1]}, 0x8) fsmount(0xffffffffffffffff, 0x1, 0x80) 11:06:48 executing program 1: r0 = pkey_alloc(0x0, 0x3) pkey_alloc(0x0, 0x3) pkey_free(r0) pkey_alloc(0x0, 0x1) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f00000007c0), 0x2}, 0xcc80}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_register$IORING_UNREGISTER_BUFFERS(0xffffffffffffffff, 0x1, 0x1000000, 0x0) r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000002480)='fd/3\x00') r2 = syz_io_uring_setup(0x0, 0x0, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000000100), &(0x7f0000000340)) getpid() pidfd_open(0x0, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={&(0x7f0000000040), 0xb}, 0x0, 0x20, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_io_uring_setup(0x75c8, &(0x7f0000000200)={0x0, 0x1000c2c0, 0x2, 0x0, 0x36}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000000380), &(0x7f0000000140)) r3 = openat$sr(0xffffffffffffff9c, &(0x7f00000001c0), 0x105802, 0x0) openat(r1, &(0x7f00000003c0)='./file0\x00', 0x40000, 0x80) close(r3) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r2, 0x5ebd, 0xc6d4, 0x2, &(0x7f0000000000)={[0x1]}, 0x8) fsmount(0xffffffffffffffff, 0x1, 0x80) 11:06:48 executing program 2: r0 = pkey_alloc(0x0, 0x3) pkey_alloc(0x0, 0x3) pkey_free(r0) pkey_alloc(0x0, 0x1) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f00000007c0), 0x2}, 0xcc80}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_register$IORING_UNREGISTER_BUFFERS(0xffffffffffffffff, 0x1, 0x1000000, 0x0) r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000002480)='fd/3\x00') r2 = syz_io_uring_setup(0x0, 0x0, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000000100), &(0x7f0000000340)) getpid() pidfd_open(0x0, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={&(0x7f0000000040), 0xb}, 0x0, 0x20, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_io_uring_setup(0x75c8, &(0x7f0000000200)={0x0, 0x1000c2c0, 0x2, 0x0, 0x36}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000000380), &(0x7f0000000140)) r3 = openat$sr(0xffffffffffffff9c, &(0x7f00000001c0), 0x105802, 0x0) openat(r1, &(0x7f00000003c0)='./file0\x00', 0x40000, 0x80) close(r3) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r2, 0x5ebd, 0xc6d4, 0x2, &(0x7f0000000000)={[0x1]}, 0x8) fsmount(0xffffffffffffffff, 0x1, 0x80) 11:06:48 executing program 3: r0 = pkey_alloc(0x0, 0x3) pkey_alloc(0x0, 0x3) pkey_free(r0) pkey_alloc(0x0, 0x1) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f00000007c0), 0x2}, 0xcc80}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_register$IORING_UNREGISTER_BUFFERS(0xffffffffffffffff, 0x1, 0x1000000, 0x0) r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000002480)='fd/3\x00') r2 = syz_io_uring_setup(0x0, 0x0, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000000100), &(0x7f0000000340)) getpid() pidfd_open(0x0, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={&(0x7f0000000040), 0xb}, 0x0, 0x20, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_io_uring_setup(0x75c8, &(0x7f0000000200)={0x0, 0x1000c2c0, 0x2, 0x0, 0x36}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000000380), &(0x7f0000000140)) r3 = openat$sr(0xffffffffffffff9c, &(0x7f00000001c0), 0x105802, 0x0) openat(r1, &(0x7f00000003c0)='./file0\x00', 0x40000, 0x80) close(r3) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r2, 0x5ebd, 0xc6d4, 0x2, &(0x7f0000000000)={[0x1]}, 0x8) fsmount(0xffffffffffffffff, 0x1, 0x80) 11:06:48 executing program 6: r0 = pkey_alloc(0x0, 0x3) pkey_alloc(0x0, 0x3) pkey_free(r0) pkey_alloc(0x0, 0x1) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f00000007c0), 0x2}, 0xcc80}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_register$IORING_UNREGISTER_BUFFERS(0xffffffffffffffff, 0x1, 0x1000000, 0x0) r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000002480)='fd/3\x00') r2 = syz_io_uring_setup(0x0, 0x0, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000000100), &(0x7f0000000340)) getpid() pidfd_open(0x0, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={&(0x7f0000000040), 0xb}, 0x0, 0x20, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_io_uring_setup(0x75c8, &(0x7f0000000200)={0x0, 0x1000c2c0, 0x2, 0x0, 0x36}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000000380), &(0x7f0000000140)) r3 = openat$sr(0xffffffffffffff9c, &(0x7f00000001c0), 0x105802, 0x0) openat(r1, &(0x7f00000003c0)='./file0\x00', 0x40000, 0x80) close(r3) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r2, 0x5ebd, 0xc6d4, 0x2, &(0x7f0000000000)={[0x1]}, 0x8) fsmount(0xffffffffffffffff, 0x1, 0x80) 11:06:48 executing program 5: r0 = pkey_alloc(0x0, 0x3) pkey_alloc(0x0, 0x3) pkey_free(r0) pkey_alloc(0x0, 0x1) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f00000007c0), 0x2}, 0xcc80}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_register$IORING_UNREGISTER_BUFFERS(0xffffffffffffffff, 0x1, 0x1000000, 0x0) r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000002480)='fd/3\x00') r2 = syz_io_uring_setup(0x0, 0x0, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000000100), &(0x7f0000000340)) getpid() pidfd_open(0x0, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={&(0x7f0000000040), 0xb}, 0x0, 0x20, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_io_uring_setup(0x75c8, &(0x7f0000000200)={0x0, 0x1000c2c0, 0x2, 0x0, 0x36}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000000380), &(0x7f0000000140)) r3 = openat$sr(0xffffffffffffff9c, &(0x7f00000001c0), 0x105802, 0x0) openat(r1, &(0x7f00000003c0)='./file0\x00', 0x40000, 0x80) close(r3) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r2, 0x5ebd, 0xc6d4, 0x2, &(0x7f0000000000)={[0x1]}, 0x8) fsmount(0xffffffffffffffff, 0x1, 0x80) 11:06:48 executing program 7: r0 = pkey_alloc(0x0, 0x3) pkey_alloc(0x0, 0x3) pkey_free(r0) pkey_alloc(0x0, 0x1) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f00000007c0), 0x2}, 0xcc80}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_register$IORING_UNREGISTER_BUFFERS(0xffffffffffffffff, 0x1, 0x1000000, 0x0) r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000002480)='fd/3\x00') r2 = syz_io_uring_setup(0x0, 0x0, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000000100), &(0x7f0000000340)) getpid() pidfd_open(0x0, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={&(0x7f0000000040), 0xb}, 0x0, 0x20, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_io_uring_setup(0x75c8, &(0x7f0000000200)={0x0, 0x1000c2c0, 0x2, 0x0, 0x36}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000000380), &(0x7f0000000140)) r3 = openat$sr(0xffffffffffffff9c, &(0x7f00000001c0), 0x105802, 0x0) openat(r1, &(0x7f00000003c0)='./file0\x00', 0x40000, 0x80) close(r3) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r2, 0x5ebd, 0xc6d4, 0x2, &(0x7f0000000000)={[0x1]}, 0x8) fsmount(0xffffffffffffffff, 0x1, 0x80) 11:06:48 executing program 0: r0 = pkey_alloc(0x0, 0x3) pkey_alloc(0x0, 0x3) pkey_free(r0) pkey_alloc(0x0, 0x1) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f00000007c0), 0x2}, 0xcc80}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_register$IORING_UNREGISTER_BUFFERS(0xffffffffffffffff, 0x1, 0x1000000, 0x0) r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000002480)='fd/3\x00') r2 = syz_io_uring_setup(0x0, 0x0, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000000100), &(0x7f0000000340)) getpid() pidfd_open(0x0, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={&(0x7f0000000040), 0xb}, 0x0, 0x20, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_io_uring_setup(0x75c8, &(0x7f0000000200)={0x0, 0x1000c2c0, 0x2, 0x0, 0x36}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000000380), &(0x7f0000000140)) r3 = openat$sr(0xffffffffffffff9c, &(0x7f00000001c0), 0x105802, 0x0) openat(r1, &(0x7f00000003c0)='./file0\x00', 0x40000, 0x80) close(r3) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r2, 0x5ebd, 0xc6d4, 0x2, &(0x7f0000000000)={[0x1]}, 0x8) fsmount(0xffffffffffffffff, 0x1, 0x80) 11:06:48 executing program 4: r0 = pkey_alloc(0x0, 0x3) pkey_alloc(0x0, 0x3) pkey_free(r0) pkey_alloc(0x0, 0x1) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f00000007c0), 0x2}, 0xcc80}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_register$IORING_UNREGISTER_BUFFERS(0xffffffffffffffff, 0x1, 0x1000000, 0x0) r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000002480)='fd/3\x00') r2 = syz_io_uring_setup(0x0, 0x0, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000000100), &(0x7f0000000340)) getpid() pidfd_open(0x0, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={&(0x7f0000000040), 0xb}, 0x0, 0x20, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_io_uring_setup(0x75c8, &(0x7f0000000200)={0x0, 0x1000c2c0, 0x2, 0x0, 0x36}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000000380), &(0x7f0000000140)) r3 = openat$sr(0xffffffffffffff9c, &(0x7f00000001c0), 0x105802, 0x0) openat(r1, &(0x7f00000003c0)='./file0\x00', 0x40000, 0x80) close(r3) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r2, 0x5ebd, 0xc6d4, 0x2, &(0x7f0000000000)={[0x1]}, 0x8) fsmount(0xffffffffffffffff, 0x1, 0x80) 11:06:48 executing program 2: r0 = pkey_alloc(0x0, 0x3) pkey_alloc(0x0, 0x3) pkey_free(r0) pkey_alloc(0x0, 0x1) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f00000007c0), 0x2}, 0xcc80}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_register$IORING_UNREGISTER_BUFFERS(0xffffffffffffffff, 0x1, 0x1000000, 0x0) r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000002480)='fd/3\x00') r2 = syz_io_uring_setup(0x0, 0x0, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000000100), &(0x7f0000000340)) getpid() pidfd_open(0x0, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={&(0x7f0000000040), 0xb}, 0x0, 0x20, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_io_uring_setup(0x75c8, &(0x7f0000000200)={0x0, 0x1000c2c0, 0x2, 0x0, 0x36}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000000380), &(0x7f0000000140)) r3 = openat$sr(0xffffffffffffff9c, &(0x7f00000001c0), 0x105802, 0x0) openat(r1, &(0x7f00000003c0)='./file0\x00', 0x40000, 0x80) close(r3) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r2, 0x5ebd, 0xc6d4, 0x2, &(0x7f0000000000)={[0x1]}, 0x8) fsmount(0xffffffffffffffff, 0x1, 0x80) 11:06:48 executing program 6: r0 = pkey_alloc(0x0, 0x3) pkey_alloc(0x0, 0x3) pkey_free(r0) pkey_alloc(0x0, 0x1) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f00000007c0), 0x2}, 0xcc80}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_register$IORING_UNREGISTER_BUFFERS(0xffffffffffffffff, 0x1, 0x1000000, 0x0) r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000002480)='fd/3\x00') r2 = syz_io_uring_setup(0x0, 0x0, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000000100), &(0x7f0000000340)) getpid() pidfd_open(0x0, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={&(0x7f0000000040), 0xb}, 0x0, 0x20, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_io_uring_setup(0x75c8, &(0x7f0000000200)={0x0, 0x1000c2c0, 0x2, 0x0, 0x36}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000000380), &(0x7f0000000140)) r3 = openat$sr(0xffffffffffffff9c, &(0x7f00000001c0), 0x105802, 0x0) openat(r1, &(0x7f00000003c0)='./file0\x00', 0x40000, 0x80) close(r3) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r2, 0x5ebd, 0xc6d4, 0x2, &(0x7f0000000000)={[0x1]}, 0x8) fsmount(0xffffffffffffffff, 0x1, 0x80) 11:06:48 executing program 7: r0 = pkey_alloc(0x0, 0x3) pkey_alloc(0x0, 0x3) pkey_free(r0) pkey_alloc(0x0, 0x1) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f00000007c0), 0x2}, 0xcc80}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_register$IORING_UNREGISTER_BUFFERS(0xffffffffffffffff, 0x1, 0x1000000, 0x0) r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000002480)='fd/3\x00') r2 = syz_io_uring_setup(0x0, 0x0, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000000100), &(0x7f0000000340)) getpid() pidfd_open(0x0, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={&(0x7f0000000040), 0xb}, 0x0, 0x20, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_io_uring_setup(0x75c8, &(0x7f0000000200)={0x0, 0x1000c2c0, 0x2, 0x0, 0x36}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000000380), &(0x7f0000000140)) r3 = openat$sr(0xffffffffffffff9c, &(0x7f00000001c0), 0x105802, 0x0) openat(r1, &(0x7f00000003c0)='./file0\x00', 0x40000, 0x80) close(r3) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r2, 0x5ebd, 0xc6d4, 0x2, &(0x7f0000000000)={[0x1]}, 0x8) fsmount(0xffffffffffffffff, 0x1, 0x80) 11:06:48 executing program 3: r0 = pkey_alloc(0x0, 0x3) pkey_alloc(0x0, 0x3) pkey_free(r0) pkey_alloc(0x0, 0x1) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f00000007c0), 0x2}, 0xcc80}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_register$IORING_UNREGISTER_BUFFERS(0xffffffffffffffff, 0x1, 0x1000000, 0x0) r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000002480)='fd/3\x00') r2 = syz_io_uring_setup(0x0, 0x0, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000000100), &(0x7f0000000340)) getpid() pidfd_open(0x0, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={&(0x7f0000000040), 0xb}, 0x0, 0x20, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_io_uring_setup(0x75c8, &(0x7f0000000200)={0x0, 0x1000c2c0, 0x2, 0x0, 0x36}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000000380), &(0x7f0000000140)) r3 = openat$sr(0xffffffffffffff9c, &(0x7f00000001c0), 0x105802, 0x0) openat(r1, &(0x7f00000003c0)='./file0\x00', 0x40000, 0x80) close(r3) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r2, 0x5ebd, 0xc6d4, 0x2, &(0x7f0000000000)={[0x1]}, 0x8) fsmount(0xffffffffffffffff, 0x1, 0x80) 11:06:48 executing program 5: r0 = pkey_alloc(0x0, 0x3) pkey_alloc(0x0, 0x3) pkey_free(r0) pkey_alloc(0x0, 0x1) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f00000007c0), 0x2}, 0xcc80}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_register$IORING_UNREGISTER_BUFFERS(0xffffffffffffffff, 0x1, 0x1000000, 0x0) r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000002480)='fd/3\x00') r2 = syz_io_uring_setup(0x0, 0x0, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000000100), &(0x7f0000000340)) getpid() pidfd_open(0x0, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={&(0x7f0000000040), 0xb}, 0x0, 0x20, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_io_uring_setup(0x75c8, &(0x7f0000000200)={0x0, 0x1000c2c0, 0x2, 0x0, 0x36}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000000380), &(0x7f0000000140)) r3 = openat$sr(0xffffffffffffff9c, &(0x7f00000001c0), 0x105802, 0x0) openat(r1, &(0x7f00000003c0)='./file0\x00', 0x40000, 0x80) close(r3) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r2, 0x5ebd, 0xc6d4, 0x2, &(0x7f0000000000)={[0x1]}, 0x8) fsmount(0xffffffffffffffff, 0x1, 0x80) 11:06:48 executing program 1: r0 = pkey_alloc(0x0, 0x3) pkey_alloc(0x0, 0x3) pkey_free(r0) pkey_alloc(0x0, 0x1) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f00000007c0), 0x2}, 0xcc80}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_register$IORING_UNREGISTER_BUFFERS(0xffffffffffffffff, 0x1, 0x1000000, 0x0) r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000002480)='fd/3\x00') r2 = syz_io_uring_setup(0x0, 0x0, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000000100), &(0x7f0000000340)) getpid() pidfd_open(0x0, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={&(0x7f0000000040), 0xb}, 0x0, 0x20, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_io_uring_setup(0x75c8, &(0x7f0000000200)={0x0, 0x1000c2c0, 0x2, 0x0, 0x36}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000000380), &(0x7f0000000140)) r3 = openat$sr(0xffffffffffffff9c, &(0x7f00000001c0), 0x105802, 0x0) openat(r1, &(0x7f00000003c0)='./file0\x00', 0x40000, 0x80) close(r3) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r2, 0x5ebd, 0xc6d4, 0x2, &(0x7f0000000000)={[0x1]}, 0x8) fsmount(0xffffffffffffffff, 0x1, 0x80) 11:06:48 executing program 0: r0 = pkey_alloc(0x0, 0x3) pkey_alloc(0x0, 0x3) pkey_free(r0) pkey_alloc(0x0, 0x1) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f00000007c0), 0x2}, 0xcc80}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_register$IORING_UNREGISTER_BUFFERS(0xffffffffffffffff, 0x1, 0x1000000, 0x0) r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000002480)='fd/3\x00') r2 = syz_io_uring_setup(0x0, 0x0, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000000100), &(0x7f0000000340)) getpid() pidfd_open(0x0, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={&(0x7f0000000040), 0xb}, 0x0, 0x20, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_io_uring_setup(0x75c8, &(0x7f0000000200)={0x0, 0x1000c2c0, 0x2, 0x0, 0x36}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000000380), &(0x7f0000000140)) r3 = openat$sr(0xffffffffffffff9c, &(0x7f00000001c0), 0x105802, 0x0) openat(r1, &(0x7f00000003c0)='./file0\x00', 0x40000, 0x80) close(r3) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r2, 0x5ebd, 0xc6d4, 0x2, &(0x7f0000000000)={[0x1]}, 0x8) fsmount(0xffffffffffffffff, 0x1, 0x80) 11:06:49 executing program 0: r0 = pkey_alloc(0x0, 0x3) pkey_alloc(0x0, 0x3) pkey_free(r0) pkey_alloc(0x0, 0x1) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f00000007c0), 0x2}, 0xcc80}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_register$IORING_UNREGISTER_BUFFERS(0xffffffffffffffff, 0x1, 0x1000000, 0x0) r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000002480)='fd/3\x00') r2 = syz_io_uring_setup(0x0, 0x0, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000000100), &(0x7f0000000340)) getpid() pidfd_open(0x0, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={&(0x7f0000000040), 0xb}, 0x0, 0x20, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_io_uring_setup(0x75c8, &(0x7f0000000200)={0x0, 0x1000c2c0, 0x2, 0x0, 0x36}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000000380), &(0x7f0000000140)) r3 = openat$sr(0xffffffffffffff9c, &(0x7f00000001c0), 0x105802, 0x0) openat(r1, &(0x7f00000003c0)='./file0\x00', 0x40000, 0x80) close(r3) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r2, 0x5ebd, 0xc6d4, 0x2, &(0x7f0000000000)={[0x1]}, 0x8) fsmount(0xffffffffffffffff, 0x1, 0x80) 11:06:49 executing program 4: r0 = pkey_alloc(0x0, 0x3) pkey_alloc(0x0, 0x3) pkey_free(r0) pkey_alloc(0x0, 0x1) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f00000007c0), 0x2}, 0xcc80}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_register$IORING_UNREGISTER_BUFFERS(0xffffffffffffffff, 0x1, 0x1000000, 0x0) r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000002480)='fd/3\x00') r2 = syz_io_uring_setup(0x0, 0x0, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000000100), &(0x7f0000000340)) getpid() pidfd_open(0x0, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={&(0x7f0000000040), 0xb}, 0x0, 0x20, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_io_uring_setup(0x75c8, &(0x7f0000000200)={0x0, 0x1000c2c0, 0x2, 0x0, 0x36}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000000380), &(0x7f0000000140)) r3 = openat$sr(0xffffffffffffff9c, &(0x7f00000001c0), 0x105802, 0x0) openat(r1, &(0x7f00000003c0)='./file0\x00', 0x40000, 0x80) close(r3) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r2, 0x5ebd, 0xc6d4, 0x2, &(0x7f0000000000)={[0x1]}, 0x8) fsmount(0xffffffffffffffff, 0x1, 0x80) 11:06:49 executing program 5: r0 = pkey_alloc(0x0, 0x3) pkey_alloc(0x0, 0x3) pkey_free(r0) pkey_alloc(0x0, 0x1) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f00000007c0), 0x2}, 0xcc80}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_register$IORING_UNREGISTER_BUFFERS(0xffffffffffffffff, 0x1, 0x1000000, 0x0) r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000002480)='fd/3\x00') r2 = syz_io_uring_setup(0x0, 0x0, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000000100), &(0x7f0000000340)) getpid() pidfd_open(0x0, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={&(0x7f0000000040), 0xb}, 0x0, 0x20, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_io_uring_setup(0x75c8, &(0x7f0000000200)={0x0, 0x1000c2c0, 0x2, 0x0, 0x36}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000000380), &(0x7f0000000140)) r3 = openat$sr(0xffffffffffffff9c, &(0x7f00000001c0), 0x105802, 0x0) openat(r1, &(0x7f00000003c0)='./file0\x00', 0x40000, 0x80) close(r3) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r2, 0x5ebd, 0xc6d4, 0x2, &(0x7f0000000000)={[0x1]}, 0x8) fsmount(0xffffffffffffffff, 0x1, 0x80) 11:06:49 executing program 6: r0 = pkey_alloc(0x0, 0x3) pkey_alloc(0x0, 0x3) pkey_free(r0) pkey_alloc(0x0, 0x1) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f00000007c0), 0x2}, 0xcc80}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_register$IORING_UNREGISTER_BUFFERS(0xffffffffffffffff, 0x1, 0x1000000, 0x0) r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000002480)='fd/3\x00') r2 = syz_io_uring_setup(0x0, 0x0, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000000100), &(0x7f0000000340)) getpid() pidfd_open(0x0, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={&(0x7f0000000040), 0xb}, 0x0, 0x20, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_io_uring_setup(0x75c8, &(0x7f0000000200)={0x0, 0x1000c2c0, 0x2, 0x0, 0x36}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000000380), &(0x7f0000000140)) r3 = openat$sr(0xffffffffffffff9c, &(0x7f00000001c0), 0x105802, 0x0) openat(r1, &(0x7f00000003c0)='./file0\x00', 0x40000, 0x80) close(r3) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r2, 0x5ebd, 0xc6d4, 0x2, &(0x7f0000000000)={[0x1]}, 0x8) fsmount(0xffffffffffffffff, 0x1, 0x80) 11:06:49 executing program 2: r0 = pkey_alloc(0x0, 0x3) pkey_alloc(0x0, 0x3) pkey_free(r0) pkey_alloc(0x0, 0x1) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f00000007c0), 0x2}, 0xcc80}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_register$IORING_UNREGISTER_BUFFERS(0xffffffffffffffff, 0x1, 0x1000000, 0x0) r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000002480)='fd/3\x00') r2 = syz_io_uring_setup(0x0, 0x0, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000000100), &(0x7f0000000340)) getpid() pidfd_open(0x0, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={&(0x7f0000000040), 0xb}, 0x0, 0x20, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_io_uring_setup(0x75c8, &(0x7f0000000200)={0x0, 0x1000c2c0, 0x2, 0x0, 0x36}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000000380), &(0x7f0000000140)) r3 = openat$sr(0xffffffffffffff9c, &(0x7f00000001c0), 0x105802, 0x0) openat(r1, &(0x7f00000003c0)='./file0\x00', 0x40000, 0x80) close(r3) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r2, 0x5ebd, 0xc6d4, 0x2, &(0x7f0000000000)={[0x1]}, 0x8) fsmount(0xffffffffffffffff, 0x1, 0x80) 11:06:49 executing program 3: r0 = pkey_alloc(0x0, 0x3) pkey_alloc(0x0, 0x3) pkey_free(r0) pkey_alloc(0x0, 0x1) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f00000007c0), 0x2}, 0xcc80}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_register$IORING_UNREGISTER_BUFFERS(0xffffffffffffffff, 0x1, 0x1000000, 0x0) r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000002480)='fd/3\x00') r2 = syz_io_uring_setup(0x0, 0x0, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000000100), &(0x7f0000000340)) getpid() pidfd_open(0x0, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={&(0x7f0000000040), 0xb}, 0x0, 0x20, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_io_uring_setup(0x75c8, &(0x7f0000000200)={0x0, 0x1000c2c0, 0x2, 0x0, 0x36}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000000380), &(0x7f0000000140)) r3 = openat$sr(0xffffffffffffff9c, &(0x7f00000001c0), 0x105802, 0x0) openat(r1, &(0x7f00000003c0)='./file0\x00', 0x40000, 0x80) close(r3) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r2, 0x5ebd, 0xc6d4, 0x2, &(0x7f0000000000)={[0x1]}, 0x8) fsmount(0xffffffffffffffff, 0x1, 0x80) 11:06:49 executing program 7: r0 = pkey_alloc(0x0, 0x3) pkey_alloc(0x0, 0x3) pkey_free(r0) pkey_alloc(0x0, 0x1) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f00000007c0), 0x2}, 0xcc80}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_register$IORING_UNREGISTER_BUFFERS(0xffffffffffffffff, 0x1, 0x1000000, 0x0) r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000002480)='fd/3\x00') r2 = syz_io_uring_setup(0x0, 0x0, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000000100), &(0x7f0000000340)) getpid() pidfd_open(0x0, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={&(0x7f0000000040), 0xb}, 0x0, 0x20, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_io_uring_setup(0x75c8, &(0x7f0000000200)={0x0, 0x1000c2c0, 0x2, 0x0, 0x36}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000000380), &(0x7f0000000140)) r3 = openat$sr(0xffffffffffffff9c, &(0x7f00000001c0), 0x105802, 0x0) openat(r1, &(0x7f00000003c0)='./file0\x00', 0x40000, 0x80) close(r3) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r2, 0x5ebd, 0xc6d4, 0x2, &(0x7f0000000000)={[0x1]}, 0x8) fsmount(0xffffffffffffffff, 0x1, 0x80) 11:06:49 executing program 1: r0 = syz_open_dev$tty20(0xc, 0x4, 0x1) r1 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) fcntl$notify(r1, 0x402, 0x2) dup3(r0, r1, 0x0) 11:06:49 executing program 0: r0 = pkey_alloc(0x0, 0x3) pkey_alloc(0x0, 0x3) pkey_free(r0) pkey_alloc(0x0, 0x1) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f00000007c0), 0x2}, 0xcc80}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_register$IORING_UNREGISTER_BUFFERS(0xffffffffffffffff, 0x1, 0x1000000, 0x0) r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000002480)='fd/3\x00') r2 = syz_io_uring_setup(0x0, 0x0, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000000100), &(0x7f0000000340)) getpid() pidfd_open(0x0, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={&(0x7f0000000040), 0xb}, 0x0, 0x20, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_io_uring_setup(0x75c8, &(0x7f0000000200)={0x0, 0x1000c2c0, 0x2, 0x0, 0x36}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000000380), &(0x7f0000000140)) r3 = openat$sr(0xffffffffffffff9c, &(0x7f00000001c0), 0x105802, 0x0) openat(r1, &(0x7f00000003c0)='./file0\x00', 0x40000, 0x80) close(r3) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r2, 0x5ebd, 0xc6d4, 0x2, &(0x7f0000000000)={[0x1]}, 0x8) fsmount(0xffffffffffffffff, 0x1, 0x80) 11:06:49 executing program 2: r0 = pkey_alloc(0x0, 0x3) pkey_alloc(0x0, 0x3) pkey_free(r0) pkey_alloc(0x0, 0x1) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f00000007c0), 0x2}, 0xcc80}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_register$IORING_UNREGISTER_BUFFERS(0xffffffffffffffff, 0x1, 0x1000000, 0x0) r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000002480)='fd/3\x00') r2 = syz_io_uring_setup(0x0, 0x0, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000000100), &(0x7f0000000340)) getpid() pidfd_open(0x0, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={&(0x7f0000000040), 0xb}, 0x0, 0x20, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_io_uring_setup(0x75c8, &(0x7f0000000200)={0x0, 0x1000c2c0, 0x2, 0x0, 0x36}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000000380), &(0x7f0000000140)) r3 = openat$sr(0xffffffffffffff9c, &(0x7f00000001c0), 0x105802, 0x0) openat(r1, &(0x7f00000003c0)='./file0\x00', 0x40000, 0x80) close(r3) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r2, 0x5ebd, 0xc6d4, 0x2, &(0x7f0000000000)={[0x1]}, 0x8) fsmount(0xffffffffffffffff, 0x1, 0x80) 11:06:49 executing program 6: r0 = pkey_alloc(0x0, 0x3) pkey_alloc(0x0, 0x3) pkey_free(r0) pkey_alloc(0x0, 0x1) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f00000007c0), 0x2}, 0xcc80}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_register$IORING_UNREGISTER_BUFFERS(0xffffffffffffffff, 0x1, 0x1000000, 0x0) r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000002480)='fd/3\x00') r2 = syz_io_uring_setup(0x0, 0x0, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000000100), &(0x7f0000000340)) getpid() pidfd_open(0x0, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={&(0x7f0000000040), 0xb}, 0x0, 0x20, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_io_uring_setup(0x75c8, &(0x7f0000000200)={0x0, 0x1000c2c0, 0x2, 0x0, 0x36}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000000380), &(0x7f0000000140)) r3 = openat$sr(0xffffffffffffff9c, &(0x7f00000001c0), 0x105802, 0x0) openat(r1, &(0x7f00000003c0)='./file0\x00', 0x40000, 0x80) close(r3) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r2, 0x5ebd, 0xc6d4, 0x2, &(0x7f0000000000)={[0x1]}, 0x8) fsmount(0xffffffffffffffff, 0x1, 0x80) 11:06:49 executing program 5: r0 = pkey_alloc(0x0, 0x3) pkey_alloc(0x0, 0x3) pkey_free(r0) pkey_alloc(0x0, 0x1) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f00000007c0), 0x2}, 0xcc80}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_register$IORING_UNREGISTER_BUFFERS(0xffffffffffffffff, 0x1, 0x1000000, 0x0) r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000002480)='fd/3\x00') r2 = syz_io_uring_setup(0x0, 0x0, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000000100), &(0x7f0000000340)) getpid() pidfd_open(0x0, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={&(0x7f0000000040), 0xb}, 0x0, 0x20, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_io_uring_setup(0x75c8, &(0x7f0000000200)={0x0, 0x1000c2c0, 0x2, 0x0, 0x36}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000000380), &(0x7f0000000140)) r3 = openat$sr(0xffffffffffffff9c, &(0x7f00000001c0), 0x105802, 0x0) openat(r1, &(0x7f00000003c0)='./file0\x00', 0x40000, 0x80) close(r3) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r2, 0x5ebd, 0xc6d4, 0x2, &(0x7f0000000000)={[0x1]}, 0x8) fsmount(0xffffffffffffffff, 0x1, 0x80) 11:06:49 executing program 4: epoll_ctl$EPOLL_CTL_MOD(0xffffffffffffffff, 0x3, 0xffffffffffffffff, 0x0) 11:06:49 executing program 3: syz_emit_ethernet(0x8b, &(0x7f0000000000)={@multicast, @local, @void, {@ipv6={0x86dd, @udp={0x0, 0x6, '#\x00\b', 0x55, 0x2c, 0x0, @private1, @local, {[@routing={0x88}], {0x0, 0x0, 0x4c, 0x0, @opaque="bd4c908e01433afa20804a2b340fe4e5cd7642eb2d27348ad808ec06894b4ed2afe8397426f0f14f6f85c5dad0f91a6982d532fc743ee341184631719122187ed5e08cf13a"}}}}}}, 0x0) 11:06:49 executing program 7: r0 = pkey_alloc(0x0, 0x3) pkey_alloc(0x0, 0x3) pkey_free(r0) pkey_alloc(0x0, 0x1) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f00000007c0), 0x2}, 0xcc80}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_register$IORING_UNREGISTER_BUFFERS(0xffffffffffffffff, 0x1, 0x1000000, 0x0) r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000002480)='fd/3\x00') r2 = syz_io_uring_setup(0x0, 0x0, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000000100), &(0x7f0000000340)) getpid() pidfd_open(0x0, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={&(0x7f0000000040), 0xb}, 0x0, 0x20, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_io_uring_setup(0x75c8, &(0x7f0000000200)={0x0, 0x1000c2c0, 0x2, 0x0, 0x36}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000000380), &(0x7f0000000140)) r3 = openat$sr(0xffffffffffffff9c, &(0x7f00000001c0), 0x105802, 0x0) openat(r1, &(0x7f00000003c0)='./file0\x00', 0x40000, 0x80) close(r3) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r2, 0x5ebd, 0xc6d4, 0x2, &(0x7f0000000000)={[0x1]}, 0x8) fsmount(0xffffffffffffffff, 0x1, 0x80) 11:06:49 executing program 3: syz_emit_ethernet(0x8b, &(0x7f0000000000)={@multicast, @local, @void, {@ipv6={0x86dd, @udp={0x0, 0x6, '#\x00\b', 0x55, 0x2c, 0x0, @private1, @local, {[@routing={0x88}], {0x0, 0x0, 0x4c, 0x0, @opaque="bd4c908e01433afa20804a2b340fe4e5cd7642eb2d27348ad808ec06894b4ed2afe8397426f0f14f6f85c5dad0f91a6982d532fc743ee341184631719122187ed5e08cf13a"}}}}}}, 0x0) 11:06:49 executing program 4: epoll_ctl$EPOLL_CTL_MOD(0xffffffffffffffff, 0x3, 0xffffffffffffffff, 0x0) 11:06:49 executing program 1: r0 = syz_open_dev$tty20(0xc, 0x4, 0x1) r1 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) fcntl$notify(r1, 0x402, 0x2) dup3(r0, r1, 0x0) 11:06:49 executing program 3: syz_emit_ethernet(0x8b, &(0x7f0000000000)={@multicast, @local, @void, {@ipv6={0x86dd, @udp={0x0, 0x6, '#\x00\b', 0x55, 0x2c, 0x0, @private1, @local, {[@routing={0x88}], {0x0, 0x0, 0x4c, 0x0, @opaque="bd4c908e01433afa20804a2b340fe4e5cd7642eb2d27348ad808ec06894b4ed2afe8397426f0f14f6f85c5dad0f91a6982d532fc743ee341184631719122187ed5e08cf13a"}}}}}}, 0x0) 11:06:49 executing program 0: syz_open_dev$evdev(&(0x7f0000001740), 0x0, 0x0) 11:06:49 executing program 5: r0 = pkey_alloc(0x0, 0x3) pkey_alloc(0x0, 0x3) pkey_free(r0) pkey_alloc(0x0, 0x1) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f00000007c0), 0x2}, 0xcc80}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_register$IORING_UNREGISTER_BUFFERS(0xffffffffffffffff, 0x1, 0x1000000, 0x0) r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000002480)='fd/3\x00') r2 = syz_io_uring_setup(0x0, 0x0, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000000100), &(0x7f0000000340)) getpid() pidfd_open(0x0, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={&(0x7f0000000040), 0xb}, 0x0, 0x20, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_io_uring_setup(0x75c8, &(0x7f0000000200)={0x0, 0x1000c2c0, 0x2, 0x0, 0x36}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000000380), &(0x7f0000000140)) r3 = openat$sr(0xffffffffffffff9c, &(0x7f00000001c0), 0x105802, 0x0) openat(r1, &(0x7f00000003c0)='./file0\x00', 0x40000, 0x80) close(r3) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r2, 0x5ebd, 0xc6d4, 0x2, &(0x7f0000000000)={[0x1]}, 0x8) fsmount(0xffffffffffffffff, 0x1, 0x80) 11:06:49 executing program 1: r0 = syz_open_dev$tty20(0xc, 0x4, 0x1) r1 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) fcntl$notify(r1, 0x402, 0x2) dup3(r0, r1, 0x0) 11:06:49 executing program 4: epoll_ctl$EPOLL_CTL_MOD(0xffffffffffffffff, 0x3, 0xffffffffffffffff, 0x0) 11:06:49 executing program 3: syz_emit_ethernet(0x8b, &(0x7f0000000000)={@multicast, @local, @void, {@ipv6={0x86dd, @udp={0x0, 0x6, '#\x00\b', 0x55, 0x2c, 0x0, @private1, @local, {[@routing={0x88}], {0x0, 0x0, 0x4c, 0x0, @opaque="bd4c908e01433afa20804a2b340fe4e5cd7642eb2d27348ad808ec06894b4ed2afe8397426f0f14f6f85c5dad0f91a6982d532fc743ee341184631719122187ed5e08cf13a"}}}}}}, 0x0) 11:06:49 executing program 2: syz_emit_ethernet(0x46, &(0x7f0000000100)={@local, @local, @void, {@ipv4={0x800, @udp={{0xc, 0x4, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x11, 0x0, @private=0xa010101, @remote, {[@timestamp_addr={0x44, 0x1c, 0xf, 0x1, 0x0, [{@local}, {@private}, {@private}]}]}}, {0x0, 0x0, 0x8}}}}}, 0x0) 11:06:49 executing program 1: sendmsg$GTP_CMD_GETPDP(0xffffffffffffffff, 0x0, 0x0) getgid() socket$inet_icmp(0x2, 0x2, 0x1) syz_io_uring_setup(0x4744, &(0x7f0000000900), &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000980), &(0x7f00000009c0)) 11:06:49 executing program 6: r0 = socket$inet6_udp(0xa, 0x2, 0x0) ioctl$sock_ipv6_tunnel_SIOCADD6RD(r0, 0x89b1, &(0x7f0000000540)={'syztnl1\x00', 0x0}) 11:06:49 executing program 7: r0 = pkey_alloc(0x0, 0x3) pkey_alloc(0x0, 0x3) pkey_free(r0) pkey_alloc(0x0, 0x1) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f00000007c0), 0x2}, 0xcc80}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_register$IORING_UNREGISTER_BUFFERS(0xffffffffffffffff, 0x1, 0x1000000, 0x0) r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000002480)='fd/3\x00') r2 = syz_io_uring_setup(0x0, 0x0, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000000100), &(0x7f0000000340)) getpid() pidfd_open(0x0, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={&(0x7f0000000040), 0xb}, 0x0, 0x20, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_io_uring_setup(0x75c8, &(0x7f0000000200)={0x0, 0x1000c2c0, 0x2, 0x0, 0x36}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000000380), &(0x7f0000000140)) r3 = openat$sr(0xffffffffffffff9c, &(0x7f00000001c0), 0x105802, 0x0) openat(r1, &(0x7f00000003c0)='./file0\x00', 0x40000, 0x80) close(r3) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r2, 0x5ebd, 0xc6d4, 0x2, &(0x7f0000000000)={[0x1]}, 0x8) fsmount(0xffffffffffffffff, 0x1, 0x80) 11:06:49 executing program 0: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) getsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000540)={@mcast2, 0x0, 0x2}, &(0x7f0000000580)=0x20) 11:06:49 executing program 4: epoll_ctl$EPOLL_CTL_MOD(0xffffffffffffffff, 0x3, 0xffffffffffffffff, 0x0) 11:06:49 executing program 5: r0 = pkey_alloc(0x0, 0x3) pkey_alloc(0x0, 0x3) pkey_free(r0) pkey_alloc(0x0, 0x1) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f00000007c0), 0x2}, 0xcc80}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_register$IORING_UNREGISTER_BUFFERS(0xffffffffffffffff, 0x1, 0x1000000, 0x0) r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000002480)='fd/3\x00') r2 = syz_io_uring_setup(0x0, 0x0, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000000100), &(0x7f0000000340)) getpid() pidfd_open(0x0, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={&(0x7f0000000040), 0xb}, 0x0, 0x20, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_io_uring_setup(0x75c8, &(0x7f0000000200)={0x0, 0x1000c2c0, 0x2, 0x0, 0x36}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000000380), &(0x7f0000000140)) r3 = openat$sr(0xffffffffffffff9c, &(0x7f00000001c0), 0x105802, 0x0) openat(r1, &(0x7f00000003c0)='./file0\x00', 0x40000, 0x80) close(r3) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r2, 0x5ebd, 0xc6d4, 0x2, &(0x7f0000000000)={[0x1]}, 0x8) fsmount(0xffffffffffffffff, 0x1, 0x80) 11:06:49 executing program 1: sendmsg$GTP_CMD_GETPDP(0xffffffffffffffff, 0x0, 0x0) getgid() socket$inet_icmp(0x2, 0x2, 0x1) syz_io_uring_setup(0x4744, &(0x7f0000000900), &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000980), &(0x7f00000009c0)) 11:06:49 executing program 2: syz_emit_ethernet(0x46, &(0x7f0000000100)={@local, @local, @void, {@ipv4={0x800, @udp={{0xc, 0x4, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x11, 0x0, @private=0xa010101, @remote, {[@timestamp_addr={0x44, 0x1c, 0xf, 0x1, 0x0, [{@local}, {@private}, {@private}]}]}}, {0x0, 0x0, 0x8}}}}}, 0x0) 11:06:49 executing program 0: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) getsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000540)={@mcast2, 0x0, 0x2}, &(0x7f0000000580)=0x20) 11:06:49 executing program 1: sendmsg$GTP_CMD_GETPDP(0xffffffffffffffff, 0x0, 0x0) getgid() socket$inet_icmp(0x2, 0x2, 0x1) syz_io_uring_setup(0x4744, &(0x7f0000000900), &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000980), &(0x7f00000009c0)) 11:06:49 executing program 3: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f0000000240)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 11:06:50 executing program 2: syz_emit_ethernet(0x46, &(0x7f0000000100)={@local, @local, @void, {@ipv4={0x800, @udp={{0xc, 0x4, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x11, 0x0, @private=0xa010101, @remote, {[@timestamp_addr={0x44, 0x1c, 0xf, 0x1, 0x0, [{@local}, {@private}, {@private}]}]}}, {0x0, 0x0, 0x8}}}}}, 0x0) 11:06:50 executing program 0: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) getsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000540)={@mcast2, 0x0, 0x2}, &(0x7f0000000580)=0x20) 11:06:50 executing program 1: sendmsg$GTP_CMD_GETPDP(0xffffffffffffffff, 0x0, 0x0) getgid() socket$inet_icmp(0x2, 0x2, 0x1) syz_io_uring_setup(0x4744, &(0x7f0000000900), &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000980), &(0x7f00000009c0)) 11:06:50 executing program 3: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f0000000240)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 11:06:50 executing program 7: ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0) r0 = socket$inet6(0xa, 0x3, 0xff) connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @empty}, 0x1c) sendmmsg(r0, &(0x7f0000000c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x810) syz_open_dev$tty1(0xc, 0x4, 0x1) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) 11:06:50 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL802154_CMD_SET_WPAN_PHY_NETNS(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000d40)={0x0, 0xfeff}}, 0x0) 11:06:50 executing program 6: r0 = socket$inet6_udp(0xa, 0x2, 0x0) ioctl$sock_ipv6_tunnel_SIOCADD6RD(r0, 0x89b1, &(0x7f0000000540)={'syztnl1\x00', 0x0}) 11:06:50 executing program 5: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f0000000240)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 11:06:50 executing program 2: syz_emit_ethernet(0x46, &(0x7f0000000100)={@local, @local, @void, {@ipv4={0x800, @udp={{0xc, 0x4, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x11, 0x0, @private=0xa010101, @remote, {[@timestamp_addr={0x44, 0x1c, 0xf, 0x1, 0x0, [{@local}, {@private}, {@private}]}]}}, {0x0, 0x0, 0x8}}}}}, 0x0) 11:06:50 executing program 7: ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0) r0 = socket$inet6(0xa, 0x3, 0xff) connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @empty}, 0x1c) sendmmsg(r0, &(0x7f0000000c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x810) syz_open_dev$tty1(0xc, 0x4, 0x1) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) 11:06:50 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL802154_CMD_SET_WPAN_PHY_NETNS(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000d40)={0x0, 0xfeff}}, 0x0) VM DIAGNOSIS: 11:06:40 Registers: info registers vcpu 0 RAX=0000000000000034 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff823c0801 RDI=ffffffff8765c9e0 RBP=ffffffff8765c9a0 RSP=ffff88806ce09638 R8 =0000000000000001 R9 =000000000000000a R10=0000000000000034 R11=0000000000000001 R12=0000000000000034 R13=ffffffff8765c9a0 R14=0000000000000010 R15=ffffffff823c07f0 RIP=ffffffff823c0859 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 0000555556583400 00000000 00000000 GS =0000 ffff88806ce00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007ffd97493d28 CR3=000000003d4b2000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=00000000000000000000000000000000 XMM01=ffffffffffffffffffffffffffffffff XMM02=00000000000000000000000000000000 XMM03=00000000000000000000000000000000 XMM04=000000000000000000000000000000ff XMM05=00000000000000000000000000000000 XMM06=0000000000000000000000524f525245 XMM07=00000000000000000000000000000000 XMM08=000000000000000000524f5252450040 XMM09=00000000000000000000000000000000 XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000 info registers vcpu 1 RAX=000000000002263b RBX=1ffff11007c30f84 RCX=ffffc90008212000 RDX=0000000000040000 RSI=ffffffff813bc263 RDI=0000000000000005 RBP=ffff88803e187cc8 RSP=ffff88803e187bf8 R8 =0000000000000005 R9 =0000000000000000 R10=0000000000000001 R11=0000000000000001 R12=0000000000000001 R13=0000000000000000 R14=0000000000000000 R15=0000000000000200 RIP=ffffffff81461d4c RFL=00000216 [----AP-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 00007f9452be1700 00000000 00000000 GS =0000 ffff88806cf00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007f945577f018 CR3=0000000018a58000 CR4=00350ee0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=00000000000000000000000000000000 XMM01=00007f94557527c000007f94557527c8 XMM02=00007f94557527e000007f94557527c0 XMM03=00007f94557527c800007f94557527c0 XMM04=ffffffffffffffffffffffff00000000 XMM05=00000000000000000000000000000000 XMM06=0000000000000000000000524f525245 XMM07=00000000000000000000000000000000 XMM08=000000000000000000524f5252450040 XMM09=00000000000000000000000000000000 XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000