Warning: Permanently added '[localhost]:6332' (ECDSA) to the list of known hosts. 2022/10/03 03:29:31 fuzzer started 2022/10/03 03:29:31 dialing manager at localhost:35095 syzkaller login: [ 44.116166] cgroup: Unknown subsys name 'net' [ 44.224789] cgroup: Unknown subsys name 'rlimit' 2022/10/03 03:29:45 syscalls: 2215 2022/10/03 03:29:45 code coverage: enabled 2022/10/03 03:29:45 comparison tracing: enabled 2022/10/03 03:29:45 extra coverage: enabled 2022/10/03 03:29:45 setuid sandbox: enabled 2022/10/03 03:29:45 namespace sandbox: enabled 2022/10/03 03:29:45 Android sandbox: enabled 2022/10/03 03:29:45 fault injection: enabled 2022/10/03 03:29:45 leak checking: enabled 2022/10/03 03:29:45 net packet injection: enabled 2022/10/03 03:29:45 net device setup: enabled 2022/10/03 03:29:45 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2022/10/03 03:29:45 devlink PCI setup: PCI device 0000:00:10.0 is not available 2022/10/03 03:29:45 USB emulation: enabled 2022/10/03 03:29:45 hci packet injection: enabled 2022/10/03 03:29:45 wifi device emulation: failed to parse kernel version (6.0.0-rc7-next-20220930) 2022/10/03 03:29:45 802.15.4 emulation: enabled 2022/10/03 03:29:45 fetching corpus: 50, signal 23329/25194 (executing program) 2022/10/03 03:29:45 fetching corpus: 100, signal 32771/36335 (executing program) 2022/10/03 03:29:45 fetching corpus: 150, signal 41285/46458 (executing program) 2022/10/03 03:29:45 fetching corpus: 200, signal 47261/53978 (executing program) 2022/10/03 03:29:45 fetching corpus: 250, signal 52223/60439 (executing program) 2022/10/03 03:29:45 fetching corpus: 300, signal 57435/67084 (executing program) 2022/10/03 03:29:45 fetching corpus: 350, signal 61844/72874 (executing program) 2022/10/03 03:29:45 fetching corpus: 400, signal 66845/79192 (executing program) 2022/10/03 03:29:46 fetching corpus: 450, signal 73234/86746 (executing program) 2022/10/03 03:29:46 fetching corpus: 500, signal 78278/92984 (executing program) 2022/10/03 03:29:46 fetching corpus: 550, signal 82339/98207 (executing program) 2022/10/03 03:29:46 fetching corpus: 600, signal 86059/103013 (executing program) 2022/10/03 03:29:46 fetching corpus: 650, signal 88929/107065 (executing program) 2022/10/03 03:29:46 fetching corpus: 700, signal 90239/109672 (executing program) 2022/10/03 03:29:46 fetching corpus: 750, signal 92895/113448 (executing program) 2022/10/03 03:29:46 fetching corpus: 800, signal 95744/117371 (executing program) 2022/10/03 03:29:46 fetching corpus: 850, signal 98024/120735 (executing program) 2022/10/03 03:29:47 fetching corpus: 900, signal 103189/126586 (executing program) 2022/10/03 03:29:47 fetching corpus: 950, signal 105288/129743 (executing program) 2022/10/03 03:29:47 fetching corpus: 1000, signal 106874/132387 (executing program) 2022/10/03 03:29:47 fetching corpus: 1050, signal 108963/135475 (executing program) 2022/10/03 03:29:47 fetching corpus: 1100, signal 111507/138954 (executing program) 2022/10/03 03:29:47 fetching corpus: 1150, signal 115223/143341 (executing program) 2022/10/03 03:29:47 fetching corpus: 1200, signal 116444/145517 (executing program) 2022/10/03 03:29:48 fetching corpus: 1250, signal 118170/148111 (executing program) 2022/10/03 03:29:48 fetching corpus: 1300, signal 120461/151215 (executing program) 2022/10/03 03:29:48 fetching corpus: 1350, signal 122419/154058 (executing program) 2022/10/03 03:29:48 fetching corpus: 1400, signal 124199/156713 (executing program) 2022/10/03 03:29:48 fetching corpus: 1450, signal 126341/159593 (executing program) 2022/10/03 03:29:48 fetching corpus: 1500, signal 127902/161973 (executing program) 2022/10/03 03:29:48 fetching corpus: 1550, signal 128832/163861 (executing program) 2022/10/03 03:29:48 fetching corpus: 1600, signal 130531/166301 (executing program) 2022/10/03 03:29:49 fetching corpus: 1650, signal 131633/168299 (executing program) 2022/10/03 03:29:49 fetching corpus: 1700, signal 132530/170087 (executing program) 2022/10/03 03:29:49 fetching corpus: 1750, signal 134247/172498 (executing program) 2022/10/03 03:29:49 fetching corpus: 1800, signal 135509/174559 (executing program) 2022/10/03 03:29:49 fetching corpus: 1850, signal 137286/176944 (executing program) 2022/10/03 03:29:49 fetching corpus: 1900, signal 138681/179088 (executing program) 2022/10/03 03:29:49 fetching corpus: 1950, signal 141258/181993 (executing program) 2022/10/03 03:29:50 fetching corpus: 2000, signal 143788/184906 (executing program) 2022/10/03 03:29:50 fetching corpus: 2050, signal 144771/186627 (executing program) 2022/10/03 03:29:50 fetching corpus: 2100, signal 145824/188405 (executing program) 2022/10/03 03:29:50 fetching corpus: 2150, signal 146828/190183 (executing program) 2022/10/03 03:29:50 fetching corpus: 2200, signal 148079/192006 (executing program) 2022/10/03 03:29:50 fetching corpus: 2250, signal 148887/193557 (executing program) 2022/10/03 03:29:50 fetching corpus: 2300, signal 149916/195283 (executing program) 2022/10/03 03:29:50 fetching corpus: 2350, signal 151502/197416 (executing program) 2022/10/03 03:29:50 fetching corpus: 2400, signal 152726/199184 (executing program) 2022/10/03 03:29:51 fetching corpus: 2450, signal 153651/200763 (executing program) 2022/10/03 03:29:51 fetching corpus: 2500, signal 154332/202157 (executing program) 2022/10/03 03:29:51 fetching corpus: 2550, signal 155164/203634 (executing program) 2022/10/03 03:29:51 fetching corpus: 2600, signal 156502/205404 (executing program) 2022/10/03 03:29:51 fetching corpus: 2650, signal 157702/207187 (executing program) 2022/10/03 03:29:51 fetching corpus: 2700, signal 158462/208614 (executing program) 2022/10/03 03:29:51 fetching corpus: 2750, signal 159340/210091 (executing program) 2022/10/03 03:29:51 fetching corpus: 2800, signal 160415/211710 (executing program) 2022/10/03 03:29:51 fetching corpus: 2850, signal 161543/213386 (executing program) 2022/10/03 03:29:52 fetching corpus: 2900, signal 162384/214838 (executing program) 2022/10/03 03:29:52 fetching corpus: 2950, signal 163121/216108 (executing program) 2022/10/03 03:29:52 fetching corpus: 3000, signal 164215/217619 (executing program) 2022/10/03 03:29:52 fetching corpus: 3050, signal 164769/218825 (executing program) 2022/10/03 03:29:52 fetching corpus: 3100, signal 165584/220192 (executing program) 2022/10/03 03:29:52 fetching corpus: 3150, signal 165960/221272 (executing program) 2022/10/03 03:29:52 fetching corpus: 3200, signal 167439/222963 (executing program) 2022/10/03 03:29:52 fetching corpus: 3250, signal 167851/224037 (executing program) 2022/10/03 03:29:53 fetching corpus: 3300, signal 168429/225235 (executing program) 2022/10/03 03:29:53 fetching corpus: 3350, signal 169176/226563 (executing program) 2022/10/03 03:29:53 fetching corpus: 3400, signal 169967/227843 (executing program) 2022/10/03 03:29:53 fetching corpus: 3450, signal 171368/229419 (executing program) 2022/10/03 03:29:53 fetching corpus: 3500, signal 173220/231199 (executing program) 2022/10/03 03:29:53 fetching corpus: 3550, signal 174538/232723 (executing program) 2022/10/03 03:29:53 fetching corpus: 3600, signal 175227/233874 (executing program) 2022/10/03 03:29:53 fetching corpus: 3650, signal 175792/234949 (executing program) 2022/10/03 03:29:53 fetching corpus: 3700, signal 176135/235974 (executing program) 2022/10/03 03:29:54 fetching corpus: 3750, signal 176738/237046 (executing program) 2022/10/03 03:29:54 fetching corpus: 3800, signal 177675/238319 (executing program) 2022/10/03 03:29:54 fetching corpus: 3850, signal 178361/239417 (executing program) 2022/10/03 03:29:54 fetching corpus: 3900, signal 178786/240409 (executing program) 2022/10/03 03:29:54 fetching corpus: 3950, signal 179617/241601 (executing program) 2022/10/03 03:29:54 fetching corpus: 4000, signal 180260/242675 (executing program) 2022/10/03 03:29:54 fetching corpus: 4050, signal 180718/243633 (executing program) 2022/10/03 03:29:54 fetching corpus: 4100, signal 181228/244619 (executing program) 2022/10/03 03:29:54 fetching corpus: 4150, signal 181821/245655 (executing program) 2022/10/03 03:29:55 fetching corpus: 4200, signal 183116/246963 (executing program) 2022/10/03 03:29:55 fetching corpus: 4250, signal 183681/247941 (executing program) 2022/10/03 03:29:55 fetching corpus: 4300, signal 184920/249193 (executing program) 2022/10/03 03:29:55 fetching corpus: 4350, signal 185460/250189 (executing program) 2022/10/03 03:29:55 fetching corpus: 4400, signal 185988/251188 (executing program) 2022/10/03 03:29:55 fetching corpus: 4450, signal 186640/252173 (executing program) 2022/10/03 03:29:55 fetching corpus: 4500, signal 186975/253024 (executing program) 2022/10/03 03:29:55 fetching corpus: 4550, signal 187602/254029 (executing program) 2022/10/03 03:29:55 fetching corpus: 4600, signal 188294/255020 (executing program) 2022/10/03 03:29:56 fetching corpus: 4650, signal 188997/255978 (executing program) 2022/10/03 03:29:56 fetching corpus: 4700, signal 190973/257423 (executing program) 2022/10/03 03:29:56 fetching corpus: 4750, signal 191819/258418 (executing program) 2022/10/03 03:29:56 fetching corpus: 4800, signal 192378/259335 (executing program) 2022/10/03 03:29:56 fetching corpus: 4850, signal 193311/260346 (executing program) 2022/10/03 03:29:56 fetching corpus: 4900, signal 193829/261243 (executing program) 2022/10/03 03:29:56 fetching corpus: 4950, signal 194411/262124 (executing program) 2022/10/03 03:29:57 fetching corpus: 4997, signal 194783/262945 (executing program) 2022/10/03 03:29:57 fetching corpus: 4997, signal 194783/263635 (executing program) 2022/10/03 03:29:57 fetching corpus: 4997, signal 194783/264311 (executing program) 2022/10/03 03:29:57 fetching corpus: 4997, signal 194783/265031 (executing program) 2022/10/03 03:29:57 fetching corpus: 4997, signal 194783/265704 (executing program) 2022/10/03 03:29:57 fetching corpus: 4997, signal 194783/266377 (executing program) 2022/10/03 03:29:57 fetching corpus: 4997, signal 194783/267056 (executing program) 2022/10/03 03:29:57 fetching corpus: 4997, signal 194783/267738 (executing program) 2022/10/03 03:29:57 fetching corpus: 4997, signal 194783/268421 (executing program) 2022/10/03 03:29:57 fetching corpus: 4997, signal 194783/269077 (executing program) 2022/10/03 03:29:57 fetching corpus: 4997, signal 194783/269754 (executing program) 2022/10/03 03:29:57 fetching corpus: 4997, signal 194783/270402 (executing program) 2022/10/03 03:29:57 fetching corpus: 4997, signal 194783/271030 (executing program) 2022/10/03 03:29:57 fetching corpus: 4997, signal 194783/271693 (executing program) 2022/10/03 03:29:57 fetching corpus: 4997, signal 194783/272339 (executing program) 2022/10/03 03:29:57 fetching corpus: 4997, signal 194783/273009 (executing program) 2022/10/03 03:29:57 fetching corpus: 4997, signal 194783/273676 (executing program) 2022/10/03 03:29:57 fetching corpus: 4997, signal 194783/274371 (executing program) 2022/10/03 03:29:57 fetching corpus: 4997, signal 194783/275083 (executing program) 2022/10/03 03:29:57 fetching corpus: 4997, signal 194783/275737 (executing program) 2022/10/03 03:29:57 fetching corpus: 4997, signal 194783/276449 (executing program) 2022/10/03 03:29:57 fetching corpus: 4997, signal 194783/277130 (executing program) 2022/10/03 03:29:57 fetching corpus: 4997, signal 194783/277837 (executing program) 2022/10/03 03:29:57 fetching corpus: 4997, signal 194783/278517 (executing program) 2022/10/03 03:29:57 fetching corpus: 4997, signal 194783/279206 (executing program) 2022/10/03 03:29:57 fetching corpus: 4997, signal 194783/279885 (executing program) 2022/10/03 03:29:57 fetching corpus: 4997, signal 194783/280543 (executing program) 2022/10/03 03:29:57 fetching corpus: 4997, signal 194783/281202 (executing program) 2022/10/03 03:29:57 fetching corpus: 4997, signal 194783/281937 (executing program) 2022/10/03 03:29:57 fetching corpus: 4997, signal 194783/282566 (executing program) 2022/10/03 03:29:57 fetching corpus: 4997, signal 194783/283269 (executing program) 2022/10/03 03:29:57 fetching corpus: 4997, signal 194783/283966 (executing program) 2022/10/03 03:29:57 fetching corpus: 4997, signal 194783/284664 (executing program) 2022/10/03 03:29:57 fetching corpus: 4997, signal 194783/285332 (executing program) 2022/10/03 03:29:57 fetching corpus: 4997, signal 194783/286008 (executing program) 2022/10/03 03:29:57 fetching corpus: 4997, signal 194783/286708 (executing program) 2022/10/03 03:29:57 fetching corpus: 4997, signal 194783/287350 (executing program) 2022/10/03 03:29:57 fetching corpus: 4997, signal 194783/287998 (executing program) 2022/10/03 03:29:57 fetching corpus: 4997, signal 194783/288677 (executing program) 2022/10/03 03:29:57 fetching corpus: 4997, signal 194783/289353 (executing program) 2022/10/03 03:29:57 fetching corpus: 4997, signal 194783/290045 (executing program) 2022/10/03 03:29:57 fetching corpus: 4997, signal 194783/290749 (executing program) 2022/10/03 03:29:57 fetching corpus: 4997, signal 194783/291436 (executing program) 2022/10/03 03:29:57 fetching corpus: 4997, signal 194783/292056 (executing program) 2022/10/03 03:29:57 fetching corpus: 4997, signal 194783/292713 (executing program) 2022/10/03 03:29:57 fetching corpus: 4997, signal 194783/293369 (executing program) 2022/10/03 03:29:57 fetching corpus: 4997, signal 194783/293495 (executing program) 2022/10/03 03:29:57 fetching corpus: 4997, signal 194783/293495 (executing program) 2022/10/03 03:29:59 starting 8 fuzzer processes 03:29:59 executing program 1: r0 = openat$vcsu(0xffffffffffffff9c, &(0x7f0000000000), 0xa200, 0x0) sendmsg$BATADV_CMD_GET_GATEWAYS(r0, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x24, 0x0, 0x4, 0x70bd28, 0x25dfdbfc, {}, [@BATADV_ATTR_VLANID={0x6}, @BATADV_ATTR_VLANID={0x6, 0x28, 0x2}]}, 0x24}, 0x1, 0x0, 0x0, 0x40000}, 0x40010) readv(r0, &(0x7f0000000180)=[{&(0x7f0000000140)=""/34, 0x22}], 0x1) sendmsg$TIPC_CMD_DISABLE_BEARER(0xffffffffffffffff, &(0x7f0000000280)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000240)={&(0x7f0000000200)={0x30, 0x0, 0x400, 0x70bd28, 0x25dfdbfb, {{}, {}, {0x14, 0x13, @l2={'ib', 0x3a, 'syzkaller1\x00'}}}, ["", "", ""]}, 0x30}, 0x1, 0x0, 0x0, 0x40001}, 0x800) ioctl$AUTOFS_DEV_IOCTL_FAIL(r0, 0xc0189377, &(0x7f00000002c0)={{0x1, 0x1, 0x18, r0, {0x9, 0x3350}}, './file0\x00'}) sendmsg$NL80211_CMD_REGISTER_BEACONS(r1, &(0x7f00000003c0)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000380)={&(0x7f0000000340)={0x1c, 0x0, 0x200, 0x70bd26, 0x25dfdbfb, {{}, {@val={0x8}, @void, @void}}, ["", ""]}, 0x1c}}, 0x0) pipe(&(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = creat(&(0x7f0000000440)='./file0\x00', 0x134) r4 = syz_genetlink_get_family_id$batadv(&(0x7f00000004c0), r0) sendmsg$BATADV_CMD_GET_TRANSTABLE_GLOBAL(r3, &(0x7f0000000580)={&(0x7f0000000480)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000540)={&(0x7f0000000500)={0x40, r4, 0x16ee0a3ecec18c65, 0x70bd29, 0x25dfdbfd, {}, [@BATADV_ATTR_ORIG_ADDRESS={0xa, 0x9, @broadcast}, @BATADV_ATTR_GW_SEL_CLASS={0x8, 0x34, 0x5}, @BATADV_ATTR_MULTICAST_FANOUT={0x8, 0x3c, 0x3}, @BATADV_ATTR_MESH_IFINDEX={0x8}, @BATADV_ATTR_TPMETER_TEST_TIME={0x8, 0xb, 0x8}]}, 0x40}, 0x1, 0x0, 0x0, 0x90}, 0x0) r5 = openat$full(0xffffffffffffff9c, &(0x7f00000005c0), 0x10001, 0x0) r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000640), r0) sendmsg$NL80211_CMD_SET_MPATH(r5, &(0x7f0000000700)={&(0x7f0000000600)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f00000006c0)={&(0x7f0000000680)={0x2c, r6, 0x300, 0x70bd2c, 0x25dfdbfb, {{}, {@void, @val={0xc, 0x99, {0x1, 0x74}}}}, [@NL80211_ATTR_MAC={0xa, 0x6, @device_b}]}, 0x2c}}, 0x8040) sendmsg$MPTCP_PM_CMD_GET_LIMITS(r3, &(0x7f0000000800)={&(0x7f0000000740)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f00000007c0)={&(0x7f0000000780)={0x2c, 0x0, 0x2, 0x70bd2b, 0x25dfdbfc, {}, [@MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x6}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x3}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8}]}, 0x2c}, 0x1, 0x0, 0x0, 0x4851}, 0xc0) r7 = accept4$unix(0xffffffffffffffff, 0x0, &(0x7f0000000840), 0x80400) write$binfmt_elf64(r7, &(0x7f0000000880)={{0x7f, 0x45, 0x4c, 0x46, 0xff, 0x80, 0x2, 0x3, 0x81, 0x3, 0x3e, 0x912, 0xa4, 0x40, 0x1d, 0x8, 0x4, 0x38, 0x2, 0x7, 0x1000, 0x7ff}, [{0x1, 0x80000001, 0x4, 0x4, 0x8, 0x9, 0x0, 0x6}, {0x60000000, 0x99d5, 0x20, 0x7, 0x8001, 0xfff, 0xfcdf, 0x7}], "1917f73a8a4bf3152b3bdb5a9e1be32f6e73236e270ba4b8d14bd7302fc83412cc0ea36dba30bb1276dc5b59626de81a895facff87345be0a7340e5df03cdfabf2d6bff2c7c2b7f8d69d5794621579a61cdf4fc6713c507828d1b0620345e253ec634eb212a1c3788924d44c631400a8c5609b5beb4e99770d60b18fb5ea0ea503f29268d2"}, 0x135) ioctl$CDROM_DISC_STATUS(r2, 0x5327) ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r1, 0xc0189375, &(0x7f0000000a00)={{0x1, 0x1, 0x18, r5}, './file1\x00'}) syz_genetlink_get_family_id$batadv(&(0x7f00000009c0), r8) sendmsg$NL80211_CMD_STOP_NAN(r1, &(0x7f0000000b40)={&(0x7f0000000a40)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000b00)={&(0x7f0000000ac0)={0x1c, 0x0, 0x400, 0x70bd2d, 0x25dfdbff, {{}, {@val={0x8}, @void}}, ["", "", "", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x801}, 0x1) 03:29:59 executing program 5: r0 = shmget$private(0x0, 0x1000, 0x0, &(0x7f0000ffc000/0x1000)=nil) r1 = shmget$private(0x0, 0x1000, 0x100, &(0x7f0000ffc000/0x1000)=nil) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000000)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0xee01, 0xffffffffffffffff}}, './file0\x00'}) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000040)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0xee00, 0xffffffffffffffff}}, './file0\x00'}) r6 = getpgrp(0x0) shmctl$IPC_SET(r1, 0x1, &(0x7f0000000080)={{0x3, 0x0, r3, 0xee00, r5, 0x1, 0x332}, 0x0, 0x1, 0x2, 0x700000000, r6, 0x0, 0x7}) r7 = perf_event_open(&(0x7f0000000140)={0x4, 0x80, 0x1f, 0x3, 0x2, 0x1, 0x0, 0xffffffffde70e48b, 0x11030, 0xe, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0xea, 0x0, @perf_bp={&(0x7f0000000100), 0x3}, 0x41020, 0x1c, 0x9, 0x5, 0x3, 0x5, 0x4, 0x0, 0x81, 0x0, 0xff}, r6, 0x0, r2, 0x2) write(r7, &(0x7f00000001c0)="853e", 0x2) timerfd_settime(r2, 0x0, &(0x7f0000000200)={{0x0, 0x989680}}, &(0x7f0000000240)) shmat(r0, &(0x7f0000ffb000/0x2000)=nil, 0x3000) r8 = openat$thread_pidfd(0xffffffffffffff9c, &(0x7f0000000280), 0x131000, 0x0) fcntl$dupfd(r4, 0x0, r8) shmctl$SHM_LOCK(r1, 0xb) r9 = syz_open_dev$char_usb(0xc, 0xb4, 0x9) prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f00000003c0)={&(0x7f0000ffa000/0x3000)=nil, &(0x7f0000fee000/0x12000)=nil, &(0x7f0000ffb000/0x2000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ff4000/0x2000)=nil, &(0x7f0000ff6000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ff7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000fed000/0x4000)=nil, &(0x7f00000002c0)="1c7ebf402a99dcefaf753e0d917bc0e513f83227d51ace566a3396de593b34f1c867a52be26dcf596337045c266d8ca8fd12d3b4558e4cea695506fa29e00feed224bc089e3c8919e04d44de31b74083dc8c88d6bd5c7d537e17ff2b773d25bc1845c1bdbd00792e56159b4ba85cddad9b85c1afac5c6c5965019fa81ca878c1da52f1b2bbc5d7b9d07432291ade32111abfa0179444bf52f0fe8f298785385da67a63bf750ab83d782fa9e96f2ba4a6a3dd48c05019d493582077e4e04d6aa6d4b5879c0aa90babd7b1826391f4a60390970e63851bcf7d7cad552b047cf636a54beed370abe8f895ae6dfd8f", 0xed, r9}, 0x68) r10 = openat$zero(0xffffffffffffff9c, &(0x7f0000000440), 0x424082, 0x0) accept$unix(r10, &(0x7f0000000480), &(0x7f0000000500)=0x6e) r11 = accept4$inet(0xffffffffffffffff, 0x0, &(0x7f0000000540), 0x80800) getpeername(r11, &(0x7f0000000580)=@ethernet={0x0, @link_local}, &(0x7f0000000600)=0x80) bind$inet(r10, &(0x7f0000000640)={0x2, 0x4e22, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) 03:29:59 executing program 0: ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x2400, 0xffffffff) ioctl$PERF_EVENT_IOC_QUERY_BPF(0xffffffffffffffff, 0xc008240a, &(0x7f0000000000)={0x6, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) ioctl(0xffffffffffffffff, 0x200, &(0x7f0000000040)="02b1351369f469c6287428f1721306e7c3446ac943f9f3836c1708dbd93f834d365abaaf95fc5347022bc55782b55098e6abf5a72dd1fb7b708164a74e78292c1e895a") r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0xa0, 0x0) ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(0xffffffffffffffff, 0xc0189375, &(0x7f0000000100)={{0x1, 0x1, 0x18, r0}, './file0\x00'}) ioctl$BTRFS_IOC_QGROUP_LIMIT(r0, 0x8030942b, &(0x7f0000000140)={0xffff, {0x2c, 0xe2d2, 0xcf4, 0x2810000000000000, 0xba70}}) fsetxattr(r0, &(0x7f0000000180)=@random={'trusted.', '([\x00'}, &(0x7f00000001c0)='-[]#\'\x00', 0x6, 0x2) ioctl$TCSETSF2(r1, 0x402c542d, &(0x7f0000000200)={0x7fffffff, 0x2, 0x4, 0x4, 0xff, "35238b1030640418a1698fd22ecf94df4195f5", 0x800, 0xc000000}) ioctl$AUTOFS_DEV_IOCTL_EXPIRE(r1, 0xc018937c, &(0x7f0000000240)={{0x1, 0x1, 0x18, r1, {0xfc66db925c0a5e8d}}, './file0\x00'}) ioctl$TIOCL_SETVESABLANK(r2, 0x541c, &(0x7f0000000280)) r3 = openat$incfs(0xffffffffffffffff, &(0x7f00000002c0)='.log\x00', 0x22040, 0x2) ioctl$KDSETMODE(r3, 0x4b3a, 0x0) fcntl$setstatus(r1, 0x4, 0x800) perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x5, 0x1, 0x69, 0x20, 0x0, 0xde43, 0x8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x98, 0x1, @perf_bp={&(0x7f0000000300), 0xa}, 0x18, 0x7, 0x7, 0x9, 0x171, 0x14, 0x9, 0x0, 0x1}, 0x0, 0x6, r1, 0xb) ioctl$LOOP_CHANGE_FD(0xffffffffffffffff, 0x4c06, r0) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r2, 0xc018937b, &(0x7f00000003c0)={{0x1, 0x1, 0x18, r3, {0xee00, 0xffffffffffffffff}}, './file0\x00'}) ioctl$GIO_SCRNMAP(r4, 0x4b40, &(0x7f0000000400)=""/64) r5 = getpgid(0x0) r6 = perf_event_open$cgroup(&(0x7f0000001ac0)={0x2, 0x80, 0x3, 0x7, 0x2, 0x5, 0x0, 0x6, 0x1400c, 0x2, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x2, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x5, 0x0, @perf_config_ext={0x401, 0xb04}, 0x400, 0x1, 0x101, 0x0, 0x1f, 0x5, 0x8694, 0x0, 0x9, 0x0, 0x78}, r4, 0xffffffffffffffff, r1, 0x6) perf_event_open(&(0x7f0000000440)={0x1, 0x80, 0x7f, 0x9, 0x6, 0x0, 0x0, 0x6, 0x84022, 0xfd70aba866d17b17, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x2, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0xfffffffe, 0x1, @perf_config_ext={0x7, 0x4}, 0x4000, 0x0, 0x0, 0x6, 0xfff, 0x0, 0x0, 0x0, 0x3ac4, 0x0, 0x7}, r5, 0x8, r6, 0x2) 03:29:59 executing program 2: ioctl$TIOCL_SETSEL(0xffffffffffffffff, 0x541c, &(0x7f0000000000)={0x2, {0x2, 0x6, 0x1f, 0x401, 0x1, 0xf}}) r0 = syz_open_dev$vcsa(&(0x7f0000000040), 0x0, 0x600) ioctl$TIOCL_SETSEL(r0, 0x541c, &(0x7f0000000080)={0x2, {0x2, 0x8001, 0xdd0c, 0x1, 0x401, 0xf}}) ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(r0, 0xc018937e, &(0x7f00000000c0)={{0x1, 0x1, 0x18, r0, @out_args}, './file0\x00'}) ioctl$TCSETSW2(r1, 0x402c542c, &(0x7f0000000100)={0x3e, 0x5, 0x0, 0x80000000, 0xc2, "629feb8e6650b576c12c6279e82220ea512c9c", 0x7ff, 0x200}) ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r0, 0xc0189375, &(0x7f0000000140)={{0x1, 0x1, 0x18, r0}, './file1\x00'}) ioctl$TIOCSRS485(r2, 0x542f, &(0x7f0000000180)={0x8, 0x5, 0xc4b}) openat$selinux_attr(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/self/attr/current\x00', 0x2, 0x0) r3 = openat(r0, &(0x7f0000000200)='./file1\x00', 0x0, 0x84) r4 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000240)='/proc/locks\x00', 0x0, 0x0) ioctl$KDGETMODE(r4, 0x4b3b, 0x0) r5 = timerfd_create(0x9, 0x80000) ioctl$FS_IOC_FIEMAP(r5, 0xc020660b, &(0x7f0000000280)={0x3ff, 0x0, 0x0, 0x88, 0x5, [{0x0, 0xffffffff, 0x6}, {0x2, 0x10000, 0x81}, {0x3f, 0x9, 0x100000000, '\x00', 0x8}, {0x2, 0x7, 0x5, '\x00', 0x1800}, {0x4, 0x7fff, 0x4, '\x00', 0x380e}]}) r6 = socket$nl_route(0x10, 0x3, 0x0) r7 = socket$packet(0x11, 0x2, 0x300) r8 = openat(r0, &(0x7f00000003c0)='./file0\x00', 0x8080, 0xa0) ioctl$FIDEDUPERANGE(r0, 0xc0189436, &(0x7f0000000400)={0xfffffffffffffff7, 0x6, 0x6, 0x0, 0x0, [{{}, 0xce09}, {{r6}, 0x3}, {{r3}, 0x8}, {{r7}, 0x7}, {{r4}, 0x3ff}, {{r8}, 0x9000000000}]}) r9 = fsmount(r8, 0x0, 0x104) sendmsg$nl_generic(r9, &(0x7f0000000f80)={&(0x7f0000000500)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000f40)={&(0x7f0000000540)={0x9e4, 0x2a, 0x100, 0x70bd2d, 0x25dfdbfb, {0x20}, [@generic="085a155eb268ccd519df13ff9e3829d791878ed5e8cf327735027eab6f5be69a20471d5368dbed173052930436c7536d5c17a2da36d4b50c9748da175ef7990b41a0d26e2f7d724c236a889aca087984c63f02ea013365def02c88f8f3bca87e286c82e6112f7354d57f72f03ca34961f088e31f914ccf34ec97fc6493d1a0dde30d04ba82f3196e5eb73e6f6b0f90602bc4792827affac6f2c4feccc581bcebd94f3a746f9c300103a833c5dc480070bd4af6b355d9d9de05c5fcfa2d5fec90c9b5f04e1c3ad23d28a3487bf382d13516d55a55f3ea25e2c2dba7", @nested={0x2ab, 0x29, 0x0, 0x1, [@generic="5a7ab3933aa8732580b37f5dfe7effd101469bb81fb46adf26f9e8f8f3b8423b4b968b205bf3dbe11622f099d9bc46718239e156f87fd49eb5cbea9cfa882ff8229faef7dd26ff13ecd989bc1a789b831ce026f25555cf8e7389bc5a03b71e7b2805517d3e9dd2812b28d41a0f627d7067491a418f648121fd8eb7301279937a1bbc9bbf947c301b0e77e0d3a910a26bb123366a8d111ba1febc8b7434906589fb9edbeaa4baa94f0638d24646e4a3c2e52a5baa532f092c5c55896dfaafb1220fbb4bffd9a6be84a13cbfb9c3b8e0caed0edef83bb596b60f7c948ec1b3eb4b35aa5832f7472169dece36ad548c5afadb54d553df3545b5f784", @generic="ce4f8390d92967ad62a320f85be42a2ef0662a26d7a77d0da481b95df43d0fca6e8eb91a2f346fa4ddd5b041d4b80f2bbb1da7c929efac85ea950211b74eeab0e59e908dfe2b3bfb2c6f1e21a4c8c5e64c9bc84f64d3683d98257523179142f986c5e06dc4813ba45d65375b4d525437cbbccc6af6ae3faba478dadb41878683dc37974f7a49b97ab93c13a98b649fff44f1c97d9a680a1a7b1650622bcb49af9727d2bd44286d32e07e78b9a197c248", @generic="d2d6b639e13ec6eaf0d8a702c4b930c72c6ec526b3ccb4cf6c5f3f8ba0608ea24e98b33ebb8225e6f02423d0e9370db64a60ff1a9b8416863ff39c25da91e7d8e2310eec0398240477e389b8a06dfbb8b219c341627096707970add656ab9542488fa6eee96a4d7c6f33d053c65ff269d35a9d83c50e153e0354a792e9a34d937e172a62ce916e9f663123d549fef8454a12a4e32e5620acd76b0c42d4d6c8616b351b057eb40c777d00cf542b7247f64302f80d10b1bea529a27490c0f958c626097da1ef0f3d8c304446460c7a060863f6170a3286858efccbda6043ca4dbad130d142384f57f2de94285e282e3d14692b914631198e032aebe8e5c2", @generic]}, @generic="6ff1", @nested={0x289, 0x11, 0x0, 0x1, [@generic="f4d6b3bff113c4f3b6644229981047b0548b35eeb15e238f510534daaa5fea5748baeb9d335ed1f7cce08ba2bfd981ca8c2cb7251442cb67d1b6401be376be1cb3a6ade72b3d4a2ad09d432fe0e30dc416706c", @generic="03dda88608cda5fd938e8095a7efefb82eed940ca729df78b152d8385bc525bb98e26945d4ef823ed74a21a9effb4c6e9ddf7761a4f8d39920658419730b17318613bd10235a593b959cc96821d504d3612bfe45919d6dcdea7f06b1926a1b9a66b23eff4eb373f65b78227ec5bf7e61e95471022921d03253a29df4c78896464bb68b45e15bdbb9fc6ccc6ea86d7997a7590eabc3f78c793c93cfde578fb11abb2ee16c872a8808341fdbdb2839ca3f54c932663633d0bbb163fe984f8e9b339a4b77939c", @typed={0xc, 0x27, 0x0, 0x0, @u64=0x6}, @generic="f571c3d13c005f2a1ba763085e600301eefd6caa30deb6da8dafbb523deeb92cf8fdf26c98d804e44cee8ace0a5c4fa83478e3253c0952058f7e0815ab1c3db0d14903ba8ee013dbffd6cb195d743f77cced5c4ee1041857bdbdfb2dacd2b44dc34eb9cdf4722ff8567fe45c5cabed5c61c7f5b0e48588de5d6968a666a2e8e2848534b69e4437a3b5f25d37fa70c76a6d4514c7d06e6f42f89be24ce2328a21bd47b3ec6526b084be9d6ffb6e6be2d636d1f315746002538d8a620e43c710d502eb817a20ea7966", @typed={0x8, 0x58, 0x0, 0x0, @uid=0xee01}, @generic="86d60fea18b56a0f859bd6ac6d3e96c7d3bb96851ede8b660efa8e41e057aba9e59b397a66ba272c6522ebbdd30a6684d50e268b52d466ec4710ddf17e4b12443a7fb1ffdb9c3254b174061620173f130c21cfb1b15eab9df89bb030b4671ba3fffdbfadd1d69b2ce25694b2e3bf0a0694f98c35a1eeedb10ba8df626dd837f60a03f8a5826324cf7f2873fd17102390d0"]}, @generic="bd5ac8f3c3143d40b9b173d13492a3aa896586e372364b63357662192d24a557732437c199871673221a43a6a1d9ec8b06", @nested={0x279, 0x1a, 0x0, 0x1, [@generic="c38ffc1f4268cf088c475b4f45ff2ca5e615109eaebc677e5cac9e6b0d567ff34ca56540161e6087240e77fb37eab8971e07cd4a3d8e3844ac0aa954d5aa97165363f79dffce3d70e96a70af5e0db424d61c9940709cbc10a816b10ae2e7df51ce8574ceafb45f83a318a5ed7d1a04ef221a297c641c06544764165bda38a6db861ee4db3c49f1d3f0760bb91e3f4c9146e96f2e4d0a2d7a74a42a0c87f66a135fef71ec8aaf3b03d3fc06bd5e72a14d17cdb20ce7c1cddc38e40770a3d56119fe5c2fe3c63a05c95088cef3d6937afd150948", @typed={0x14, 0x55, 0x0, 0x0, @ipv6=@loopback}, @generic="e38ff91d53881307c066d4bc04b93272fb02dbf6fc56eaee", @generic="83de04e3c30fa66a1da3836dcc22fc342b2169cb190fe17c9f13bc65ed0f50002985b584437f7944145e4f60e032d321ab9bb7960197c277108f28f292548bc2075828d917a2af971fc0c26569515c413ad0479b110166986e3a1f471f3b64c5d26db77764a7fb4fb364cde5aa01338502d259b8c90af5c069eeeef4edbd268a7ad2587d6d090441b26e98da1d7400738fa3b66122f491487bdfb8a7ac0d90d8fccab3a04178b10fa4b5d75f10dea472411d967981db2ebf9516c0d9e122910f33d98e9428aaa38a33d31217b896064c3f07b6ca73634604dd7a18d671577fa4353f17f5b1ba790729e9148ce7acd728cd0cc7d8", @typed={0x8, 0x48, 0x0, 0x0, @fd=r8}, @generic="5e70b42ef261ede6ad2258a7ad840b370dbe7b4034536e361e9d2d5cdec3940cd2f5badfcc6ed8bf43e2a3d40e1b0b27f1b0907793c6c3fa5ff7c7020edccec3304a8e83b1423538f565af935f7b85551280", @typed={0x8, 0x8b, 0x0, 0x0, @ipv4=@multicast2}, @typed={0x1c, 0x2d, 0x0, 0x0, @str='/proc/self/attr/current\x00'}, @typed={0x4, 0x2f}]}, @nested={0xf8, 0x64, 0x0, 0x1, [@generic="114212f15f4bb8469379f71aa3837249ab0ba5f61a58bff45f85ecc822185b6b9e8c20a1d03a82e94eccb45ded111ac08c5193ec1bed4f8be21e19b9d87ecea0ab1322fba9bda40ec091881a772d13703ff31b8ed4af4e9f8ff5b16b8fe22b76bff1c7850165e0078334a45db9b7f334ce92e16cb74af13745aebbfb5623caf268a910c18377e73a1f3d9166d7685e89838471a60ab4effd48c34491bc21610db2182b72e80ce7cfa06647c9ba982fb6b57d9a8326fe9a200e03198b9a8629ce1bfc803580d7d09e2746e56e9f4ad52d7843b377238a2cc03024e8ad96baa404b42de4d9ade679ade3e324dcb376f36faae9a7fb"]}, @generic="0692a1ac5837bb24bb8b2095e08131a349e3a651f7ac"]}, 0x9e4}}, 0x40000) open(&(0x7f0000000fc0)='./file0\x00', 0x80000, 0x6) 03:29:59 executing program 3: r0 = syz_open_dev$hiddev(&(0x7f0000000000), 0x3, 0x3a101) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000000040)={0x0, ""/256, 0x0, 0x0, 0x0, 0x0, ""/16, ""/16, ""/16, 0x0, 0x0, 0x0, 0x0}) ioctl$BTRFS_IOC_SNAP_CREATE_V2(0xffffffffffffffff, 0x50009417, &(0x7f00000002c0)={{r0}, r1, 0x2, @inherit={0x80, &(0x7f0000000240)={0x0, 0x7, 0x8, 0x80000000, {0x21, 0x8, 0x8000, 0x410b, 0x4}, [0x5, 0x7b978219, 0x20, 0x5, 0x1, 0x100000000, 0x401]}}, @subvolid=0x9}) ioctl$BTRFS_IOC_WAIT_SYNC(r0, 0x40089416, &(0x7f00000012c0)=r2) r3 = syz_open_dev$ptys(0xc, 0x3, 0x0) ioctl$AUTOFS_IOC_SETTIMEOUT(r3, 0x80049367, &(0x7f0000001300)=0x5) r4 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r5 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000001340), 0x20000) io_uring_register$IORING_REGISTER_FILES(0xffffffffffffffff, 0x2, &(0x7f0000001380)=[r0, r4, 0xffffffffffffffff, r5, r3, r3], 0x6) ioctl$GIO_UNIMAP(r3, 0x4b66, &(0x7f0000001400)={0x2, &(0x7f00000013c0)=[{}, {}]}) ioctl$AUTOFS_DEV_IOCTL_OPENMOUNT(0xffffffffffffffff, 0xc0189374, &(0x7f0000001440)={{0x1, 0x1, 0x18, r3, {0x9}}, './file0\x00'}) ioctl$TIOCCONS(r6, 0x541d) fcntl$setsig(r6, 0xa, 0xa) ioctl$AUTOFS_DEV_IOCTL_EXPIRE(r6, 0xc018937c, &(0x7f0000001480)={{0x1, 0x1, 0x18, r0, {0x1}}, './file0\x00'}) write$bt_hci(r7, &(0x7f00000014c0)={0x1, @le_remove_cig={{0x2065, 0x1}}}, 0x5) ioctl$SNDRV_TIMER_IOCTL_SELECT(r5, 0x40345410, &(0x7f0000001500)={{0x0, 0x0, 0x2, 0x1, 0x8}}) ioctl$AUTOFS_DEV_IOCTL_CATATONIC(r7, 0xc0189379, &(0x7f0000001540)={{0x1, 0x1, 0x18, r6}, './file0\x00'}) ioctl$SNDRV_TIMER_IOCTL_STATUS64(r8, 0x80605414, &(0x7f0000001580)) ioctl$AUTOFS_DEV_IOCTL_CATATONIC(0xffffffffffffffff, 0xc0189379, &(0x7f0000001600)={{0x1, 0x1, 0x18, r6}, './file0\x00'}) ioctl$HIDIOCSUSAGES(r0, 0x501c4814, &(0x7f0000001640)={{0x1, 0x1, 0x3f, 0x9, 0xffffffe0, 0x9}, 0x299, [0x8, 0x0, 0x1, 0x5, 0x1, 0x10000, 0x1, 0x800, 0x859, 0x17edde40, 0x401, 0x7f, 0x7fff, 0x0, 0x933, 0x0, 0x8, 0x2, 0x80000000, 0x80000001, 0xcd, 0x1d91c5ea, 0x7, 0x4, 0x8, 0xffff, 0x800, 0xfffffff8, 0x6, 0x4d73039d, 0x100, 0xffff, 0x0, 0x1, 0xfc8, 0x7, 0x2, 0x6, 0x1, 0x80000000, 0x10001, 0x3ff, 0x7, 0x6, 0xf0000000, 0x3, 0x1, 0x50, 0xe0000000, 0x7, 0x6, 0x1000, 0x1, 0x100, 0x7, 0x5, 0x80000000, 0x200, 0x2, 0x10001, 0x800, 0x2, 0x94a, 0x3c67, 0x3, 0xff, 0x111e, 0xd2, 0x3, 0x2, 0x6, 0x8, 0x1, 0xfd6b, 0xffff, 0x8, 0xe111, 0x401, 0x1e96, 0x0, 0x80, 0x10000, 0x9, 0x7, 0x4, 0x8, 0x9, 0xfffff801, 0x5, 0x11, 0x8, 0x3f, 0x9, 0x0, 0x4, 0x3, 0x8001, 0x40000000, 0x200, 0x1, 0x4, 0x1, 0x7fff, 0x4, 0x3, 0x5, 0x3, 0x7, 0x2, 0xb6, 0x0, 0x58cc, 0x5, 0x7fffffff, 0x4, 0x0, 0x4, 0x0, 0x1, 0x20, 0x8, 0x7, 0x5, 0x5c, 0x8, 0xffff, 0x8, 0xabc, 0x31b4, 0x7, 0x61, 0x401, 0xffffffff, 0x7, 0xffb9, 0x1, 0xfffffff9, 0x7, 0x0, 0x80000000, 0x17e5, 0x1c0b, 0x6, 0x2, 0x0, 0x9, 0x3ff, 0x3, 0x8, 0x36e402c5, 0x101, 0x2, 0x3, 0x7, 0x3ff, 0xa, 0x10001, 0x4617, 0x4, 0x37d5487c, 0x6, 0x4, 0x1000, 0xc17, 0x200, 0x771, 0x3f, 0x7, 0x7005, 0x1000, 0x1, 0x4, 0x81000000, 0x0, 0xb3, 0x7, 0xe8f, 0x91000, 0x1, 0x5, 0x3, 0x7, 0x2, 0x7, 0x61a468d, 0x8, 0x9, 0x3000000, 0x7, 0x8000, 0x3, 0x39, 0x3, 0x9, 0x80000000, 0x6, 0x4, 0xa6d, 0x1, 0x3, 0x4, 0x5, 0x8, 0x80, 0x80000001, 0x2, 0x6, 0x7, 0x6, 0x4, 0x6, 0x9, 0x80000000, 0x7f, 0x0, 0x2, 0x7, 0xc53, 0x81, 0x8, 0x6, 0x80000000, 0x10001, 0x8, 0xa7e, 0x5, 0x9, 0x7fffffff, 0x9, 0x6, 0xf2a, 0xf, 0x490, 0xffffffff, 0xad4, 0x9, 0x5, 0xbd6, 0x0, 0x4, 0x7fffffff, 0x0, 0x7, 0x9, 0x4, 0x1, 0xfff, 0x6, 0x0, 0x2, 0x0, 0xd9, 0x6, 0x3, 0x4, 0x9, 0x7207dfaf, 0x3, 0x9c2, 0xd4f, 0x5, 0x4, 0x9, 0x1, 0x7, 0x200, 0xffffffff, 0x5, 0x1ff, 0x80000000, 0x64e, 0x495cc149, 0xfffff801, 0x7fff, 0x5, 0x400, 0x0, 0xffff, 0x5, 0x350, 0x9, 0x0, 0x81, 0x4, 0x2, 0x8, 0x1, 0x7, 0xdcc, 0x3f, 0xffffffff, 0x400, 0x4, 0x9, 0xfffff98e, 0x3, 0x80000001, 0x9, 0x80000001, 0x2, 0x6, 0x2c7, 0x0, 0xf6, 0x2, 0x8, 0x1, 0x5, 0x3f, 0x3, 0x2, 0x4, 0x80000001, 0x17af0d62, 0x7, 0x401, 0x7, 0xd35, 0xff, 0x79bbb27b, 0x6, 0xffffffff, 0x7, 0x7, 0x101, 0x7, 0x2, 0x2, 0x1f, 0x6, 0x0, 0x5, 0x80, 0xfffffffd, 0x6, 0x0, 0x80000000, 0x14000, 0xfffffbff, 0x9, 0x80000000, 0xff, 0x7fffffff, 0x1, 0x0, 0x1fffe0, 0x2d51, 0x2, 0x3, 0x1, 0x4, 0x5, 0xe96e, 0x4, 0x6, 0x9, 0x8, 0xfff, 0x9, 0x5, 0x1, 0x22e, 0xfffffffa, 0x6bf0, 0x58, 0x6, 0x4, 0x800, 0x10000, 0xcc1e, 0x537a, 0x3, 0x101, 0x6, 0x401, 0x5, 0xa598, 0x8001, 0x81, 0x5, 0x0, 0x0, 0xb, 0x5, 0x6, 0x2, 0x7, 0x4, 0x2, 0x5, 0x7fff, 0x35e, 0x7, 0xdc08, 0x400, 0x0, 0x9, 0x7, 0x1, 0x3, 0x400, 0x2, 0xffff63be, 0x9, 0x1ff, 0x1ba, 0x1, 0x7, 0x0, 0x722, 0x1ff, 0x8dda, 0x800, 0x9, 0xfffffffc, 0x13a, 0x10001, 0x1, 0x3f, 0x81, 0x3, 0x8, 0x0, 0x2, 0x3, 0x0, 0x2, 0x3, 0x3, 0x2c, 0x0, 0x6, 0x400, 0x8001, 0x2, 0x8, 0x7, 0x400, 0x100, 0x4, 0x91, 0x6, 0x4a22, 0x4, 0x1, 0x30, 0xb3e5, 0x9, 0x0, 0xfff, 0x8001, 0x9, 0x10000, 0x19, 0x9, 0xfffff760, 0xff, 0x200, 0x20, 0xfffffffa, 0x400, 0x5, 0x800, 0xffff, 0xffffffff, 0xfffffff8, 0x0, 0x33, 0x400, 0x3, 0xffffffff, 0x7, 0xaad, 0x3, 0x9, 0x4, 0x0, 0xff, 0x6, 0x1d, 0x380, 0x8, 0xfff, 0x401, 0x2, 0x3, 0x1, 0x5, 0xc494, 0x5, 0x400, 0x4, 0x2, 0x4, 0x42f, 0x3, 0x6, 0x3, 0x8001, 0xa7a0, 0x9, 0xe7b, 0x8000, 0x8, 0xa, 0x0, 0x9, 0x2, 0xbfe, 0x5, 0xff, 0x1, 0x22, 0x4, 0x0, 0x4, 0x1f, 0x4, 0x7fffffff, 0x8, 0xfffffffc, 0x2, 0x4, 0xff, 0x80000000, 0x0, 0x7, 0x0, 0x1, 0x81, 0x2, 0x9, 0x80000000, 0x400, 0x10001, 0x69, 0x1, 0x80000001, 0x80, 0x4, 0x401, 0x6, 0xfffff000, 0xc5, 0xc68, 0x20, 0x7, 0xee10, 0x1, 0x2, 0x80000000, 0x6, 0xae8, 0x9a, 0x272, 0xfff, 0xffffff01, 0x0, 0x7, 0xd3, 0x5, 0x3f, 0x9, 0x0, 0xf8, 0x80000000, 0x8000, 0x4, 0x7, 0x1, 0x101, 0x6, 0x4, 0x80, 0x2, 0x8, 0x200, 0x1f, 0x3ff, 0x7, 0xfffffffa, 0x2, 0x7, 0x5, 0xb903, 0x9, 0x20, 0x4, 0x8, 0x7ff, 0x8, 0x1a6b, 0x2, 0xfffffff8, 0xde0, 0x8, 0x2, 0x2, 0x5, 0x7fff, 0x7, 0x9, 0x7, 0x3, 0x5, 0x5, 0x8073, 0x3, 0x400, 0x66, 0x80000001, 0x81, 0x8efd, 0x7, 0x291, 0x1, 0x3, 0xffffffff, 0x8, 0xdced0000, 0x7, 0x7ff, 0x3, 0x7, 0x9, 0x3, 0x1, 0x4, 0x53ea, 0x200, 0x200, 0x0, 0xa1, 0x1, 0xd, 0x9, 0x4, 0x7, 0x400, 0x1, 0xffffcf6b, 0x8, 0x5f, 0x1, 0x80, 0xffffffff, 0x3, 0xbd, 0x3, 0xe878, 0x7, 0xffffffff, 0x8, 0x3, 0xa94b, 0x67, 0x2, 0xfde1, 0x9, 0x3, 0xff, 0x3, 0x800, 0x8b78, 0x0, 0x0, 0xdee, 0x2, 0xfff, 0x20, 0x2, 0x9a, 0xffff, 0x3, 0x7, 0x7, 0x5, 0xff, 0x7fff, 0xfffffffe, 0x3, 0xffffffff, 0x0, 0x7ff, 0x1f, 0x0, 0x3935d4ae, 0x645, 0x0, 0x39b, 0x9, 0x1, 0x1000, 0x0, 0x6, 0x7fff, 0x2, 0x3, 0x1, 0x0, 0x80, 0xffffffff, 0x2, 0x101, 0x8, 0x1, 0x67, 0x2, 0x542, 0x10000, 0x0, 0xff, 0xd8, 0x40, 0x5, 0xfcc, 0x4d, 0x5, 0xa0ce, 0x3, 0x2, 0x6, 0x4, 0x8, 0x4, 0x1, 0x46c, 0x9, 0x400, 0x7, 0x6, 0x2, 0x80000000, 0x7, 0x338, 0x2, 0xffffff81, 0x7f, 0xa, 0x20, 0x1, 0x4, 0x2, 0x8, 0x1, 0x4, 0x9, 0x800, 0x4abf6daf, 0x800, 0xa1e, 0x5, 0x8, 0x0, 0x10000, 0x2, 0x3, 0x2, 0x1000, 0x8, 0xff, 0x7, 0x1a6b, 0x8, 0x3, 0xe14, 0x80, 0x1ff, 0x2, 0x3, 0x4, 0xfffffffb, 0x8000, 0x2, 0x8001, 0x7, 0x1, 0x7, 0x80000001, 0x1f, 0xeed9, 0x6, 0xe3d0, 0x4, 0x5, 0x4, 0xaa1, 0x6, 0x1, 0xff, 0x8, 0x0, 0x0, 0x8, 0x7, 0x7, 0x6, 0x1, 0x7379, 0x5, 0x6, 0x7fffffff, 0x1000, 0x3, 0x1f, 0x5, 0xfff, 0x7, 0xc64, 0x401, 0xfffffffe, 0x400000, 0x5, 0x5, 0x6, 0x6, 0x8, 0x400, 0x983f, 0x0, 0x3, 0x5, 0x3, 0x2, 0x5, 0x100, 0x9, 0x7fff, 0x3, 0x6, 0x6, 0x1, 0x47388ee0, 0x1f, 0x0, 0x4, 0x5682, 0x1, 0x9, 0x1ff, 0x2, 0x10001, 0x100, 0x4, 0x10001, 0x9f90, 0x800, 0x8, 0x5, 0xfd, 0x2, 0x2b, 0x5, 0x3ff, 0x5, 0x5, 0x3f, 0x1, 0x4, 0xb4ee, 0x1, 0x800, 0x8, 0x3, 0x7, 0x6, 0x7, 0x7, 0x60c, 0x1, 0x3ff, 0xffff8001, 0x8000, 0x0, 0x9, 0x7f, 0x2, 0x7b, 0xc643, 0x7ff, 0xffffc000, 0xff, 0xffffff80, 0x767, 0xbead, 0xfffffffd, 0x4, 0x3f, 0x3ff, 0x8000, 0x26, 0x101, 0x8, 0x5, 0x100, 0x8000, 0x0, 0xffff, 0x1f4, 0x20, 0x0, 0x1, 0x3, 0x4, 0x200, 0x2, 0x2833, 0x2, 0x3, 0x4, 0x0, 0x4, 0x81, 0x4, 0xe94d, 0x2, 0x6, 0x7fff, 0x0, 0x101, 0x0, 0x100, 0x6, 0x7fffffff, 0x7, 0x3, 0x1f, 0x8, 0x1c7d, 0x11e0000, 0x6, 0x3f, 0x5, 0x8, 0x3ff, 0x81, 0x8, 0x6, 0x7, 0x10000, 0x9, 0x5, 0xfffffff8, 0x0, 0x3, 0x10001, 0x0, 0x9, 0x4, 0x7, 0x6, 0x6, 0x0, 0x1ff, 0x757, 0x22, 0x7, 0x1, 0x100, 0xb8a1, 0x4d, 0x40, 0x2f0, 0x7, 0x2, 0x8001, 0x1ff, 0x8, 0x1e, 0x2, 0x0, 0x4, 0x9, 0x1, 0x7, 0x6, 0x3, 0x3, 0xb04, 0x0, 0x0, 0x3, 0x6300, 0x7, 0x5, 0x7, 0x9, 0x401, 0x1, 0x3, 0x6, 0x2, 0x7, 0x4fa5, 0x1, 0x9, 0x8, 0x8, 0x5, 0xf0d, 0x9, 0x2, 0xb80, 0x9, 0x6, 0x7ff, 0x5, 0xb5, 0x3, 0x6, 0x1000, 0x0, 0x8483, 0xffff0001, 0x9, 0x3, 0x443, 0x1, 0x80000000, 0x7f, 0x6, 0x8965, 0x8, 0x1]}) 03:30:00 executing program 7: ioctl$SNDRV_SEQ_IOCTL_DELETE_PORT(0xffffffffffffffff, 0x40a85321, &(0x7f0000000000)={{0x9, 0x7}, 'port1\x00', 0x80, 0xc, 0x10, 0x2, 0x6, 0x6, 0x10000, 0x0, 0x0, 0xc3}) r0 = openat$procfs(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/zoneinfo\x00', 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_PROTOVER(0xffffffffffffffff, 0xc0189372, &(0x7f0000000100)={{0x1, 0x1, 0x18, r0, {0x7}}, './file0\x00'}) ioctl$F2FS_IOC_GET_PIN_FILE(r0, 0x8004f50e, &(0x7f0000000140)) ioctl$SNDRV_SEQ_IOCTL_QUERY_NEXT_PORT(r1, 0xc0a85352, &(0x7f0000000180)={{0x3f, 0xa3}, 'port0\x00', 0x80, 0x0, 0x4, 0x87, 0x3, 0x62, 0x4, 0x0, 0x3, 0x1}) ioctl$TIOCSERGETLSR(r0, 0x5459, &(0x7f0000000240)) prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000300)={&(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffb000/0x4000)=nil, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffb000/0x2000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffb000/0x2000)=nil, &(0x7f0000000280)="7d5526c882fe847d7fad48a021f87aa68714e12374a26b3df2c2cae4bc8bea6ceb6468a48acea334a6199db2063d4e088f68fc7fea86dc98236180422930137bab", 0x41, r1}, 0x68) ioctl$TIOCEXCL(r1, 0x540c) ioctl$KDSETKEYCODE(r1, 0x4b4d, &(0x7f0000000380)={0x7, 0x9}) ioctl$VT_RESIZEX(r0, 0x560a, &(0x7f00000003c0)={0x2, 0xffff, 0x6, 0x1ff, 0x9, 0xfff}) ioctl$INCFS_IOC_READ_FILE_SIGNATURE(r1, 0x8010671f, &(0x7f00000004c0)={&(0x7f0000000400)=""/158, 0x9e}) ioctl$AUTOFS_DEV_IOCTL_READY(r1, 0xc0189376, &(0x7f0000000500)={{0x1, 0x1, 0x18, r1, {0x5}}, './file0\x00'}) ioctl$VT_GETMODE(r2, 0x5601, &(0x7f0000000540)) ioctl$SNDRV_SEQ_IOCTL_QUERY_NEXT_PORT(r1, 0xc0a85352, &(0x7f0000000580)={{0x7f, 0x9}, 'port1\x00', 0x3, 0x6, 0x72, 0x2, 0x1, 0x5, 0x7, 0x0, 0x2, 0x3f}) utime(&(0x7f0000000640)='./file0\x00', &(0x7f0000000680)={0x4, 0x6}) sendmsg$IPCTNL_MSG_CT_GET_UNCONFIRMED(r2, &(0x7f0000000780)={&(0x7f00000006c0)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000740)={&(0x7f0000000700)={0x14, 0x7, 0x1, 0x101, 0x0, 0x0, {0x0, 0x0, 0x2}}, 0x14}, 0x1, 0x0, 0x0, 0x42092a023665f551}, 0x20000014) openat$dir(0xffffffffffffff9c, &(0x7f00000007c0)='./file0/file0\x00', 0x1000, 0x150) ioctl$F2FS_IOC_RESERVE_COMPRESS_BLOCKS(r2, 0x8008f513, &(0x7f0000000800)) ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(r1, 0x89f0, &(0x7f00000008c0)={'syztnl2\x00', &(0x7f0000000840)={'syztnl0\x00', 0x0, 0x29, 0x3, 0x0, 0x875, 0x22, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, 0x8, 0x1, 0x7ff, 0x81}}) setsockopt$inet6_mreq(r0, 0x29, 0x1b, &(0x7f0000000900)={@private1, r3}, 0x14) 03:30:00 executing program 6: r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x402000, 0x0) ioctl$EXT4_IOC_MOVE_EXT(0xffffffffffffffff, 0xc028660f, &(0x7f0000000040)={0x0, r0, 0x100, 0x0, 0x80000001, 0x2}) r1 = timerfd_create(0x0, 0x0) r2 = openat$zero(0xffffffffffffff9c, &(0x7f0000000080), 0x10983, 0x0) sendfile(r1, r2, &(0x7f00000000c0)=0x8, 0x7fff) timerfd_gettime(r1, &(0x7f0000000100)) r3 = socket$unix(0x1, 0x1, 0x0) ioctl$FITHAW(r3, 0xc0045878) r4 = openat(r2, &(0x7f0000000140)='./file0\x00', 0x519000, 0x0) ioctl$AUTOFS_DEV_IOCTL_READY(r2, 0xc0189376, &(0x7f0000000180)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x200}}, './file0\x00'}) ioctl$TIOCMSET(r5, 0x5418, &(0x7f00000001c0)=0x7) ioctl$AUTOFS_DEV_IOCTL_FAIL(r4, 0xc0189377, &(0x7f0000000200)={{0x1, 0x1, 0x18, r2, {0x3, 0x8}}, './file0\x00'}) timerfd_settime(r6, 0x1, &(0x7f0000000240)={{0x77359400}, {0x0, 0x3938700}}, &(0x7f0000000280)) timerfd_gettime(r5, &(0x7f00000002c0)) ioctl$EVIOCGLED(r2, 0x80404519, &(0x7f0000000300)=""/4096) timerfd_settime(r1, 0x0, &(0x7f0000001300)={{0x0, 0x3938700}}, &(0x7f0000001340)) timerfd_settime(r1, 0x0, &(0x7f0000001380), &(0x7f00000013c0)) clock_gettime(0x0, &(0x7f0000001400)={0x0, 0x0}) timerfd_settime(r4, 0x0, &(0x7f0000001440)={{r7, r8+10000000}}, &(0x7f0000001480)) timerfd_settime(r6, 0x0, &(0x7f0000001500)={{0x77359400}}, &(0x7f0000001540)) 03:30:00 executing program 4: fcntl$getown(0xffffffffffffffff, 0x9) ioctl$TIOCL_UNBLANKSCREEN(0xffffffffffffffff, 0x541c, &(0x7f0000000000)) fallocate(0xffffffffffffffff, 0x21, 0x8001, 0x9) fsetxattr$security_selinux(0xffffffffffffffff, &(0x7f0000000040), &(0x7f0000000080)='system_u:object_r:removable_device_t:s0\x00', 0x28, 0x2) ioctl$AUTOFS_DEV_IOCTL_FAIL(0xffffffffffffffff, 0xc0189377, &(0x7f00000000c0)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x6, 0x101}}, './file0\x00'}) ioctl$TIOCMSET(r0, 0x5418, &(0x7f0000000100)=0x4) getsockopt$IP_VS_SO_GET_DESTS(r0, 0x0, 0x484, &(0x7f0000000140)=""/39, &(0x7f0000000180)=0x27) r1 = syz_open_dev$ptys(0xc, 0x3, 0x1) ioctl$TIOCSISO7816(r1, 0xc0285443, &(0x7f00000001c0)={0x5, 0x2, 0x156, 0x0, 0x1000}) ioctl$AUTOFS_IOC_EXPIRE(r0, 0x810c9365, &(0x7f0000000200)={{0x100, 0x5}, 0x100, './file0\x00'}) ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r0, 0xc0189375, &(0x7f0000000340)={{0x1, 0x1, 0x18, r1}, './file0\x00'}) r3 = openat$tcp_mem(0xffffffffffffff9c, &(0x7f0000000440)='/proc/sys/net/ipv4/tcp_wmem\x00', 0x1, 0x0) ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(r0, 0xc0189378, &(0x7f0000000480)={{0x1, 0x1, 0x18, r2, {r3}}, './file0\x00'}) ioctl$FITRIM(r2, 0xc0185879, &(0x7f00000004c0)={0x1, 0x100000000, 0x3}) ioctl$VT_WAITACTIVE(r5, 0x5607) ioctl$AUTOFS_IOC_EXPIRE(r0, 0x810c9365, &(0x7f0000000500)={{0x3, 0x1}, 0x100, './file0\x00'}) ioctl$FS_IOC_GET_ENCRYPTION_POLICY(r4, 0x400c6615, &(0x7f0000000640)={0x0, @aes256, 0x0, @desc2}) pipe(&(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$SNAPSHOT_PREF_IMAGE_SIZE(r6, 0x3312, 0x0) dup(r3) [ 72.367998] audit: type=1400 audit(1664767800.022:6): avc: denied { execmem } for pid=288 comm="syz-executor.7" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1 [ 73.615634] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 73.617609] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 73.619410] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 73.622809] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 73.633581] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 73.635398] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 73.641644] Bluetooth: hci0: HCI_REQ-0x0c1a [ 73.719813] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 73.721464] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 73.723594] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 73.725993] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 73.727415] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 73.728988] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 73.729749] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 73.730400] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 73.732152] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 73.732748] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 73.733568] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 73.735028] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 73.735866] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 73.737028] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 73.740958] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 73.742853] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 73.744228] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 73.745012] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 73.746598] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 73.746745] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 73.747724] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 73.750214] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 73.751482] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 73.752664] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 73.753512] Bluetooth: hci6: HCI_REQ-0x0c1a [ 73.754676] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 73.754770] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 73.759630] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 73.762216] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 73.765485] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 73.771688] Bluetooth: hci1: HCI_REQ-0x0c1a [ 73.771816] Bluetooth: hci4: HCI_REQ-0x0c1a [ 73.773513] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 73.775590] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 73.778821] Bluetooth: hci2: HCI_REQ-0x0c1a [ 73.783111] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 73.790558] Bluetooth: hci5: HCI_REQ-0x0c1a [ 73.815586] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 73.817429] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 73.818928] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 73.821646] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 73.830100] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 73.830581] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 73.831927] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 73.832277] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 73.835100] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 73.836622] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 73.844411] Bluetooth: hci7: HCI_REQ-0x0c1a [ 73.849438] Bluetooth: hci3: HCI_REQ-0x0c1a [ 75.698952] Bluetooth: hci0: command 0x0409 tx timeout [ 75.762551] Bluetooth: hci6: command 0x0409 tx timeout [ 75.826471] Bluetooth: hci5: command 0x0409 tx timeout [ 75.827500] Bluetooth: hci2: command 0x0409 tx timeout [ 75.828416] Bluetooth: hci4: command 0x0409 tx timeout [ 75.829266] Bluetooth: hci1: command 0x0409 tx timeout [ 75.890428] Bluetooth: hci3: command 0x0409 tx timeout [ 75.891941] Bluetooth: hci7: command 0x0409 tx timeout [ 77.746363] Bluetooth: hci0: command 0x041b tx timeout [ 77.810434] Bluetooth: hci6: command 0x041b tx timeout [ 77.874414] Bluetooth: hci1: command 0x041b tx timeout [ 77.874898] Bluetooth: hci4: command 0x041b tx timeout [ 77.875294] Bluetooth: hci2: command 0x041b tx timeout [ 77.875747] Bluetooth: hci5: command 0x041b tx timeout [ 77.938429] Bluetooth: hci7: command 0x041b tx timeout [ 77.938890] Bluetooth: hci3: command 0x041b tx timeout [ 79.794503] Bluetooth: hci0: command 0x040f tx timeout [ 79.858383] Bluetooth: hci6: command 0x040f tx timeout [ 79.922418] Bluetooth: hci5: command 0x040f tx timeout [ 79.922889] Bluetooth: hci2: command 0x040f tx timeout [ 79.923386] Bluetooth: hci4: command 0x040f tx timeout [ 79.923793] Bluetooth: hci1: command 0x040f tx timeout [ 79.986378] Bluetooth: hci3: command 0x040f tx timeout [ 79.986846] Bluetooth: hci7: command 0x040f tx timeout [ 81.842406] Bluetooth: hci0: command 0x0419 tx timeout [ 81.906866] Bluetooth: hci6: command 0x0419 tx timeout [ 81.970554] Bluetooth: hci1: command 0x0419 tx timeout [ 81.971011] Bluetooth: hci4: command 0x0419 tx timeout [ 81.971445] Bluetooth: hci2: command 0x0419 tx timeout [ 81.971843] Bluetooth: hci5: command 0x0419 tx timeout [ 82.034363] Bluetooth: hci7: command 0x0419 tx timeout [ 82.034797] Bluetooth: hci3: command 0x0419 tx timeout [ 135.682893] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 135.688777] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 135.691752] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 135.697746] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 135.700653] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 135.703870] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 135.711091] Bluetooth: hci0: HCI_REQ-0x0c1a [ 135.952825] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 135.955070] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 135.956808] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 135.958271] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 135.959496] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 135.960820] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 135.965679] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 135.967075] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 135.968842] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 135.970588] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 135.971635] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 135.973061] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 135.977518] Bluetooth: hci2: HCI_REQ-0x0c1a [ 135.982163] Bluetooth: hci3: HCI_REQ-0x0c1a [ 136.058087] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 136.065565] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 136.070527] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 136.075930] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 136.080517] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 136.081918] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 136.090440] Bluetooth: hci1: HCI_REQ-0x0c1a [ 136.132080] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 136.145607] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 136.149569] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 136.162607] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 136.192680] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 136.199616] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 136.211421] Bluetooth: hci7: HCI_REQ-0x0c1a [ 137.778470] Bluetooth: hci0: command 0x0409 tx timeout [ 138.034513] Bluetooth: hci2: command 0x0409 tx timeout [ 138.035392] Bluetooth: hci4: Opcode 0x c03 failed: -110 [ 138.098682] Bluetooth: hci5: Opcode 0x c03 failed: -110 [ 138.099423] Bluetooth: hci6: Opcode 0x c03 failed: -110 [ 138.100118] Bluetooth: hci3: command 0x0409 tx timeout [ 138.163479] Bluetooth: hci1: command 0x0409 tx timeout [ 138.226426] Bluetooth: hci7: command 0x0409 tx timeout [ 139.827467] Bluetooth: hci0: command 0x041b tx timeout [ 140.082559] Bluetooth: hci2: command 0x041b tx timeout [ 140.146385] Bluetooth: hci3: command 0x041b tx timeout [ 140.210391] Bluetooth: hci1: command 0x041b tx timeout [ 140.274429] Bluetooth: hci7: command 0x041b tx timeout [ 140.697729] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 140.699096] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 140.704476] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 140.710928] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 140.712669] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 140.713595] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 140.718127] Bluetooth: hci4: HCI_REQ-0x0c1a [ 140.869758] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 140.872424] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 140.876939] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 140.883673] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 140.887286] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 140.888034] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 140.900941] Bluetooth: hci5: HCI_REQ-0x0c1a [ 141.874396] Bluetooth: hci0: command 0x040f tx timeout [ 142.130383] Bluetooth: hci2: command 0x040f tx timeout [ 142.195363] Bluetooth: hci3: command 0x040f tx timeout [ 142.259369] Bluetooth: hci1: command 0x040f tx timeout [ 142.322354] Bluetooth: hci7: command 0x040f tx timeout [ 142.770383] Bluetooth: hci4: command 0x0409 tx timeout [ 142.962406] Bluetooth: hci5: command 0x0409 tx timeout [ 143.090874] Bluetooth: hci6: Opcode 0x c03 failed: -110 [ 143.922387] Bluetooth: hci0: command 0x0419 tx timeout [ 144.179396] Bluetooth: hci2: command 0x0419 tx timeout [ 144.243355] Bluetooth: hci3: command 0x0419 tx timeout [ 144.306355] Bluetooth: hci1: command 0x0419 tx timeout [ 144.370368] Bluetooth: hci7: command 0x0419 tx timeout [ 144.819410] Bluetooth: hci4: command 0x041b tx timeout [ 145.010706] Bluetooth: hci5: command 0x041b tx timeout [ 145.637867] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 145.645595] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 145.650169] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 145.658810] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 145.663198] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 145.664506] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 145.672604] Bluetooth: hci6: HCI_REQ-0x0c1a [ 146.867409] Bluetooth: hci4: command 0x040f tx timeout [ 147.058346] Bluetooth: hci5: command 0x040f tx timeout [ 147.698626] Bluetooth: hci6: command 0x0409 tx timeout [ 148.915346] Bluetooth: hci4: command 0x0419 tx timeout [ 149.107355] Bluetooth: hci5: command 0x0419 tx timeout [ 149.747396] Bluetooth: hci6: command 0x041b tx timeout [ 151.795345] Bluetooth: hci6: command 0x040f tx timeout [ 153.843461] Bluetooth: hci6: command 0x0419 tx timeout 03:31:54 executing program 6: r0 = socket$unix(0x1, 0x5, 0x0) ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(0xffffffffffffffff, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18, r0}, '\x00'}) connect$unix(r1, &(0x7f00000001c0)=@file={0x0, './file0\x00'}, 0x6e) io_setup(0x7, &(0x7f0000000000)=0x0) openat(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x480001, 0x41) io_submit(r2, 0x1, &(0x7f0000001740)=[&(0x7f0000000240)={0x0, 0x0, 0x0, 0x8, 0x0, r0, 0x0}]) openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x2800, 0x0) 03:31:54 executing program 6: ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(0xffffffffffffffff, 0xc0189373, &(0x7f0000000000)={{0x1, 0x1, 0x18, 0xffffffffffffffff}, './file0\x00'}) syz_genetlink_get_family_id$ethtool(&(0x7f0000000940), r0) 03:31:54 executing program 6: r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = inotify_init() pwritev(r1, 0x0, 0x0, 0x0, 0x0) fcntl$setown(r1, 0x8, 0xffffffffffffffff) fcntl$getownex(r0, 0x10, &(0x7f0000000000)) 03:31:54 executing program 6: r0 = syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) read(r0, &(0x7f0000000380)=""/94, 0x5e) syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000400)='./file0\x00', 0x7f, 0x1, &(0x7f0000001440)=[{&(0x7f0000000440)="c933df6dd0ef77883361e82feb8710b924d53582e6c33c05a0feb7879f1dc6f819cc7151f2075259a1bb0dc788866c8e59580954400b5873f30e48947fd724a4cf9fff2719b4951b96d2bd4c121271f827ea59440d36c354cdc8e31c6435cc5c47341d2ad1046399cfebd00d6ee543960fb57ccd930bc667eeabccfc3f2f9efa1e17253e69ea3d859c4d6148ce49b6b588af2b65ac2f795037753e95cbf1bb9d5fa6254e6c5f3590c2d1da0149a5bdece226f2776353bb8de5fe419281971657bef76a16cee37792641cdff838dda0628431c58b8f9819e954e039bb18358c57fa5102ded96a125471c828a513fea5a0b5a18f612869f0b444539359e5520381f62e0a3b7f2909b03fb36eff453de9eb086271f668c0ce4adf54fd352d3006f169dd31ab84a35bc46b2665b0c6267025a2c29fb699867681ff2c29a46065e1d9ea7cb425f0ce5c1c09409c2ec36b1cd775b19b5617265893781e4010bfcf6bd3be907f805ece325349ab48212ef50e00fbe5509d198c7ae4f4d8e458dfefa7e8e77081d14087453ab0e6dcf61817b2a7e7efbb952de1615f8508a07b5dbc639b33f0023e1e8433d69ef0898a6bca7d2eb386729376bc5e18b5d728b2d028bf43adc266f858b56d52510abb99ecedc86a726be3ef9bcd89fc45184a8a78c260de8b7486da503995842fdb80c0a020ef487455e8469962c32187a0fb3593fc64f4ef010262a0f27657d155c99c4f2ff12493b35a8b7c924246d98ca0f1971993ede66a42ff623f516f150bea8c06bfeb295db1ddd34c1cf129649f96d42e33945e00edacd09887e44049f9d02fd1baef936415fd8c9a8f5d10cfa0aae7413f30e50b541e6b468faf8bf5604d2c97d0898fa9f31366439ad3d2510033e73ef4ee27cc6d3743a46ce51ca0019f6cdf4b7e0040f1c4c1dc99fa3849f87b5bce3dbb8146e616d549c3fdf8314354b38dceb58b868d351074e2d9009f820deebf3726c563d1b04398d9562d0486e5979713becef9298ff9031e1d5cfe1e07fbc98ae7e78198aa4cdad852264aa66018d42f78e88db6da3209c98acdf96e714bb15bbd4eee9aa455a5cff286f362a144da51e8471ae17866b55b805b5512e74b346587b01cfdc9286ff325a662b985d8ce377b181fabf6d1987b29a5504fc602c19216e67b608fb73e5e7162f18c44a9d2d3d349008f4ed439883b2994dd52b581d53ce5c26e517db5a4409dc43da0f0252a2b38487c4b872c14d98ee0f2967b5c9ec1f26dda9f97099e5f3ff9b6b1fa0daf1990e96c23d0c91aeee548caa5ffd2c025697cf517b59039b50479e5273fc6eb153133e13d2efba156751671531482f9a2731b050d93dea73522ace7a33be3cd3822abb46fcacf12be4a06e8dec4873efca63f7afbd0814959cd42da1420137b32cfd73d2dd82d3c37d82eeb22bed538caacd990f5f8b73ca028bd83f8dd162e8a71d5612e1a1103e8a75d1c14716c9a95960980dad11c23add16611acd438fcd0fa1bffed64f6f8f06abead44fd9b2f15078da685460b2e005981d00f6723b1da8a3c63a6291a0280f902ecc2d8a537c8c34a03f2efc7b0e00c7e5d79a1e572facf991cf9cd0ff7ea1929652f3709b91811a38b7cadc67e84ef9aca7f9c3a48c71fa44baeebb4fac8c3de8f8ae02da20d197e953cbb57ad5b38de18f977bac154897e7a81b145ed4a84a423cd687ff7d12085524d83bdaa2d4bd6649debe40c884b672e6b512eb2798623e0cee230d2f5058fe2f71337b52e5e4ba555be10053e3c97043cd7697b81a2c6be35e35dcffd79b6ee12779b2a34691b829eaf8d8ac3503a0fa06adb903d3faacb71b8143cf4ee4285a4c6f46731ec2d42b3ab852b698ec0997adef03a7facef6e0d765f20e45192c64cc83d481e3b111fc5182d1417a3bd67d98f1095fbf9c7f21cc0c3e0ffc925e0b84cf80d88735ba4319d298e7ee2a5c369a74a470c361f66a9ae066c2216cd624568c0349d4dd3af3dfd6e85d138bd995c1429ef23d53e61cd412e502e42803302ec4a265cba4f23385db401eb0ea9cc6a764493d7ef1530ce7a4cf7a716f7cff73655858a0ec24414f293aa30199dd0d97a9897390e3e6ce0fa89a6fff62606c675f08df1733dd5dadc914a63de71b3b3c02e269a7628f1a5277f356ebb31afb9cc111f7ffa88eefdfcce7300315bf31c0d18f1a04bda6f9621a830fedf5648a37e1110b3ea274e0755864d5f9fa2b15074d8b2b138d50c063be982d1a809bb69fb274907c286048e20f291efbb8fbf9e790475204c2633de9b51f8c1f133b26090ccb0bdb87dc0cf32ef4d52d42a53fbca50e0b4e5906f169d37be2588637f9586caf8197247cc3ae2aad7673e16bac73b61b19f5cfa17add92d848c5ede43df68422948a5a64dc8f0f209db6aa6265c1deeca1f5fa711fbde947cc536119bbc312625a0554d8fd2b3ec46c64033f19c062e409fb473f17c1eacacbcd3a4197ea0f81d86d3d9be091b4251c5a341d4f17a6fb850cf02c8b6087e9f64e173ad6f0b6e895e798f226860e8d3beed35b360ffba5ba4241e55567cf39f938584a977dab8463d76b0785b7b2d317c650ec299d1308b97d7caf53037287b52ef829ac588290611fddd2acb174028be69ac4593d377a8ecce80bce7ebeff00ba5a9a13739a439de3ccfc5e36b261449fb00d31d3b2109f06883ee78e46fe43b945ace19ef3282cde228431b9cc8a14de521dd5d85c04aa408e0544399028f29f904628204837fecb17bc02fdaed45274ac6b7d3effd3e230f97c20e8cd1f2d2004b5f73552a763e7b03d8ae256c135f6af97b430679325bc0bcf63dd8200f5d94a3785a5d3bcc8e7263b1efeaa37ee47a6c012ea78f1bf2c435a7ff376c719446d644c13ca1cc72a0f23b256a096aad0daede23b39e467973a95d9cb55790eab6bc2deab684446966693348ea2724b930565d231071f1557ce39073e4212c28a26bd437895e21fed5aca5d2c2818b5ac3a2355bf4aec37d3aee83514a4cafe4f0186612a4f2f7a374bc7eb8b65fef216699c6af4f2a4584b9ac66e68c9b24f39f43a3522e4cd5f317b68b44ff31cf83de46ab43f2a2e4baa2ef2f7e051e9a4956a18ad984cfc80c2b0d6f75352bf24ab8b9a2dc877aa4cc12e4595c80d2ae365afd26489f9fbbf6a0d067f5fed923c7fd534629c336df5cceeb1a76e6e4919bc2ea8f010eff92a5a28df6d8e8b0874d734f6ab3bb0edb288989108b1c6f30dcc2be4b6a71d0d8c09811fe98f14147db3a6d3361af06c12b19b1ee19bae7cfa0bfa96a104ad83f9cc6027b1189fc1ed01da7593418f724f9dd58e551f496e3f75e4ad4fd1b2ef7c52e3aecabb635e7cf6a775d4fa642aef1019d62ad5062e66cce711141ca7e0d3c0c5c57e33a1e0b9c1aa37965ccff971bc2c913fbac55f275a50f11a1679668bc353207e214be17890161dd7582b9e4acbe0de7c26c7b84be06790c336cf8b4e198ccbb46bf2ddd04f69c355e512dbc968de7f45b64263698f459f0db81c058e19cd8c8c583951baa372e1a626aa890237a8e494b65e215b822cc6d365c4603c2841206b63f873277bca04715c258a39b86f7d090db77d98051d5d16f373bfa8ca44ab9eb7861967aa37a913a68aff4e8585b208a69e413482699e0898b26453c2ff2601486ce463a9a3aec71897d34ff58bd4054319859b2749502b76fe485965c8f48d0f4727a5e635f797c8d3720bcfbd539241727c92da6af3899f073b44ee43cc3cdb7ba10f41bac95c5df10f780e66af90d3bca09c159478e30ea1169fe85f512fd22d00e23cb0332221259ebe49fc6a5ec0340e6baf5d69967d3a4b8b95863dfaa44f7d548603bd400e22f76eed01b1e05926e12ce1c5cafd95148d130520ba0aaba53489c32ba084006c645118e03be5461a789bbeedb8048ae409ca7da05d2487d3466f4ffcd0f5fd84000a6b1b3910bd5d9d189194779cce48a65cfa8f56c06bccdc1913af4b159e9dc070d71fea63abe2798f177c9c330da23a694b8bf511e648dab109c6dc3a4bf6b821328496847f818690824293cfb701c22d78c4f952804b8e6cc01df49bdc64b0d0f206d1a6540244f3d1cafcaea4d65f8b9cef96d2b655f03049ada10e8a0b29ece00d2567eb4865bcf9d85bce09e1eacbe83627b83095a9b2669b37ba6270e0a47566b46079306c76d6ea0014e500a1f1a1e8c715c22ea105132522640a98295b956bb11300c2a64a3ba727c9e7eef6c824b28ff58249e0b2c7196c27bd9e86494fa65064c00acc9eeac435b70d76e827a4495e5d21279318b1dcb50030292ec5bb4c1c83ec402f26c6d0b017b588d2298726cfa5039b3ddc7264ea6cbfaa021f2b69d50d12cf266b5ea2bcf331a42bda4e539c429cfdad2cf20922b2dd96a472122010bb6017946cddd09a31feac32d07262f00a7ce2a9026a96c3efe5314b8a9ce5ddf719fde3938a2d34e80f8c1d7b159d95893c7d69ff2b7adea329a414e5015ee83d70f79a8299e7a639c0ee5eecdc061e6dd4cfbc0f5098af6465dd21e047bc4b7ac1c630c0fbc6b6beb8bada567d79f3c3b790e642bcce71d8e8570c61af058b18983eb17b7006aeb16b35ed179f61a88c8eb1c1e7f504f375cae767052ed45353a222e5f6574ffc6ac8d43e6e9890c63291d0fd095f1df666ecac3522240e981e813f9332761b63224a8ba4c45bf946b0c369a4a53a8420ce4aace7bf2b491728cbf4c81fa23d528f713ccd173fe56480b25748f9870f36bd6f95f544ca7a48d25d15995c0aba1dada6d75122227f54a89ea686e459bec697b60ea69debbb73bd6809fb4a96e23392389b9e3609f3b639c3f606f742c542d385d00ce48b0ff1416bb5fc817bc7adec45541d50610660de765ba8a4496611e230791f9171728a8dff5b604e51f468566637fa9aa5411ecbb6402300eee0529313698bcc5d4f2047c60c94b81da97d26af47d2a94145d8316e986f0b19210528cc8512dd14c4c983d4f46ebbc040d2fd57b5b35f4b568c83f94be54c918f0a6eeba978b3d55d014f730e57c3e35f22db679eadd71aeb246a3d3234a657987f6dca63d73a200d0c478379a3d04c525e08bd31751c71bb3e9972acb78f391e55102df7760cbd905a349b7ee623bdccc6443447cda98e18d76a09e03e4b28bfba4dd6c5ad0c6e3ef340e8bddd4dc519d67c1088283dc4bb50875895e67daf814ee33c4aaac9afeef0c908ea5165a9ffc87477b1ba4b4817429e3f08d2fe8a9e8a8b72f9d62f8081c1c0f61ab88674e398109e634991f4618d0770a86dcad515e44d97b1b28780734838b9a9e3bd2e23d8621f20e4a159f2c85cb53ffbc032ec4c96dab42ce3f839735939091b08e2cf5ad6071b71fee33322ae538103cf547fa538da89960b0b86c14e4a2a1cd113584db319b60fe63dd910b8d05951049255281b2273f04cdc95f3cc98feadb4ad0659ea93a77b769bd8999b09456198e54fd818f0244693e0c51ee0cc58a30edf35792de46c661ead83d2fc0588883541a423b2e06979e1a8263768a9ad22a4569be1f4c97b89f8f5b4ffc6aa8d6307d1e5e8112908475376dbe42c7c10a598baf200b0100951eaaf046fb32041d3e874e0bd281a6cf674c580f99fb3d864ddb8a84c2152d41bf89ed52a60777cff12453b7b5e1f34f1354d782ee5017be2f4ad08a82ce925e7cc7b46bd0c2ec091267270f76e322c156fa14b343402b1b16787d0d891fae8149dfa5907f9a4e1ad546f04b19b5f26bcf3616db111f9b3cf55c3b", 0x1000, 0xa93}], 0x112000, &(0x7f0000001480)={[{@usrjquota}, {@mblk_io_submit}, {@mblk_io_submit}, {@grpjquota}, {@noquota}, {@usrjquota}, {@nouid32}, {@orlov}, {@auto_da_alloc}], [{@seclabel}, {@dont_appraise}, {@func={'func', 0x3d, 'BPRM_CHECK'}}]}) stat(&(0x7f0000000240)='./file0\x00', &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0}) setresuid(0x0, r1, 0x0) syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000040)='./file0\x00', 0x80, 0x1, &(0x7f0000000080)=[{&(0x7f0000000140)="4447936f2ea68a6e9799dd5a6d5c235c1b9c8d51c3964d8de52eec45b3d0e1fb57f00da3fe5c886e5273bd5862c668942619c0fb8ff4de7f3d1191d8349f9d1b80efbb75815a08f887d181c2a45161cb5573f4397448f830291cd78209edd1a46fef787621006b521a14ee19e47d685312b9d8045c4db9144cd5ff8c731627cb6d274ffee3241457d7cede1a86c1df4005e1511a97c325bd58596c31541aadec8584fea585b2b32eab7f8a833e28f05414c4aafd6a4687a087e507babc1c5a9743bb88590f322f320dede8664f4f4b60d23eca", 0xd3, 0x9}], 0x800000, &(0x7f0000000300)={[{@nodiscard}, {@noacl}, {@discard}, {@nogrpid}, {@errors_remount}, {@grpid}], [{@obj_role={'obj_role', 0x3d, 'keyring\x00'}}, {@smackfsfloor={'smackfsfloor', 0x3d, '\xcb)['}}, {@pcr={'pcr', 0x3d, 0x26}}]}) r2 = add_key$keyring(&(0x7f0000000240), &(0x7f0000000280)={'syz', 0x0}, 0x0, 0x0, 0xfffffffffffffffd) mount(&(0x7f0000001540)=@sr0, &(0x7f0000001580)='./file0\x00', &(0x7f00000015c0)='v7\x00', 0x20000, &(0x7f0000001600)='/&#,\'\x00') keyctl$chown(0x4, r2, r1, 0xee00) [ 187.315394] INFO: task rcu_gp:3 blocked for more than 143 seconds. [ 187.316004] Not tainted 6.0.0-rc7-next-20220930 #1 [ 187.316452] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 187.317054] task:rcu_gp state:I stack:30328 pid:3 ppid:2 flags:0x00004000 [ 187.317712] Call Trace: [ 187.317909] [ 187.318087] __schedule+0x893/0x2470 [ 187.318525] ? io_schedule_timeout+0x150/0x150 [ 187.319343] ? do_raw_spin_lock+0x121/0x260 [ 187.319672] ? rwlock_bug.part.0+0x90/0x90 [ 187.320399] schedule+0xda/0x1b0 [ 187.320680] rescuer_thread+0x851/0xdb0 [ 187.320992] ? _raw_spin_unlock_irqrestore+0x28/0x60 [ 187.321393] ? _raw_spin_unlock_irqrestore+0x28/0x60 [ 187.321781] ? lockdep_hardirqs_on+0x79/0x100 [ 187.322136] ? worker_thread+0x1260/0x1260 [ 187.322492] kthread+0x2ed/0x3a0 [ 187.322762] ? kthread_complete_and_exit+0x40/0x40 [ 187.323158] ret_from_fork+0x22/0x30 [ 187.323480] [ 187.323655] INFO: task rcu_par_gp:4 blocked for more than 143 seconds. [ 187.324129] Not tainted 6.0.0-rc7-next-20220930 #1 [ 187.324536] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 187.325109] task:rcu_par_gp state:I stack:30944 pid:4 ppid:2 flags:0x00004000 [ 187.325755] Call Trace: [ 187.325960] [ 187.326141] __schedule+0x893/0x2470 [ 187.326460] ? io_schedule_timeout+0x150/0x150 [ 187.326812] ? do_raw_spin_lock+0x121/0x260 [ 187.327151] ? rwlock_bug.part.0+0x90/0x90 [ 187.327508] schedule+0xda/0x1b0 [ 187.327783] rescuer_thread+0x851/0xdb0 [ 187.328105] ? _raw_spin_unlock_irqrestore+0x28/0x60 [ 187.328524] ? _raw_spin_unlock_irqrestore+0x28/0x60 [ 187.328916] ? lockdep_hardirqs_on+0x79/0x100 [ 187.329276] ? worker_thread+0x1260/0x1260 [ 187.329613] kthread+0x2ed/0x3a0 [ 187.329887] ? kthread_complete_and_exit+0x40/0x40 [ 187.330265] ret_from_fork+0x22/0x30 [ 187.330586] [ 187.330772] INFO: task slub_flushwq:5 blocked for more than 143 seconds. [ 187.331276] Not tainted 6.0.0-rc7-next-20220930 #1 [ 187.331697] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 187.332290] task:slub_flushwq state:I stack:30944 pid:5 ppid:2 flags:0x00004000 [ 187.332966] Call Trace: [ 187.333174] [ 187.333372] __schedule+0x893/0x2470 [ 187.333675] ? io_schedule_timeout+0x150/0x150 [ 187.334038] ? do_raw_spin_lock+0x121/0x260 [ 187.334392] ? rwlock_bug.part.0+0x90/0x90 [ 187.334735] schedule+0xda/0x1b0 [ 187.335014] rescuer_thread+0x851/0xdb0 [ 187.335347] ? _raw_spin_unlock_irqrestore+0x28/0x60 [ 187.335742] ? _raw_spin_unlock_irqrestore+0x28/0x60 [ 187.336134] ? lockdep_hardirqs_on+0x79/0x100 [ 187.336505] ? worker_thread+0x1260/0x1260 [ 187.336860] kthread+0x2ed/0x3a0 [ 187.337134] ? kthread_complete_and_exit+0x40/0x40 [ 187.337536] ret_from_fork+0x22/0x30 [ 187.337850] [ 187.338034] INFO: task netns:6 blocked for more than 143 seconds. [ 187.338514] Not tainted 6.0.0-rc7-next-20220930 #1 [ 187.338922] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 187.339512] task:netns state:I stack:30944 pid:6 ppid:2 flags:0x00004000 [ 187.340153] Call Trace: [ 187.340370] [ 187.340564] __schedule+0x893/0x2470 [ 187.340873] ? io_schedule_timeout+0x150/0x150 [ 187.341232] ? do_raw_spin_lock+0x121/0x260 [ 187.341592] ? rwlock_bug.part.0+0x90/0x90 [ 187.341932] schedule+0xda/0x1b0 [ 187.342203] rescuer_thread+0x851/0xdb0 [ 187.342540] ? _raw_spin_unlock_irqrestore+0x28/0x60 [ 187.342935] ? _raw_spin_unlock_irqrestore+0x28/0x60 [ 187.343346] ? lockdep_hardirqs_on+0x79/0x100 [ 187.343716] ? worker_thread+0x1260/0x1260 [ 187.344056] kthread+0x2ed/0x3a0 [ 187.344345] ? kthread_complete_and_exit+0x40/0x40 [ 187.344737] ret_from_fork+0x22/0x30 [ 187.345049] [ 187.345233] INFO: task kworker/0:0H:8 blocked for more than 143 seconds. [ 187.345755] Not tainted 6.0.0-rc7-next-20220930 #1 [ 187.346168] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 187.346775] task:kworker/0:0H state:I stack:28952 pid:8 ppid:2 flags:0x00004000 [ 187.347426] Workqueue: 0x0 (kblockd) [ 187.347731] Call Trace: [ 187.347938] [ 187.348124] __schedule+0x893/0x2470 [ 187.348446] ? io_schedule_timeout+0x150/0x150 [ 187.348830] schedule+0xda/0x1b0 [ 187.349110] worker_thread+0x15f/0x1260 [ 187.349457] ? process_one_work+0x16a0/0x16a0 [ 187.349823] kthread+0x2ed/0x3a0 [ 187.350093] ? kthread_complete_and_exit+0x40/0x40 [ 187.350500] ret_from_fork+0x22/0x30 [ 187.350811] [ 187.351001] INFO: task mm_percpu_wq:10 blocked for more than 143 seconds. [ 187.351532] Not tainted 6.0.0-rc7-next-20220930 #1 [ 187.351939] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 187.352542] task:mm_percpu_wq state:I stack:30944 pid:10 ppid:2 flags:0x00004000 [ 187.353179] Call Trace: [ 187.353399] [ 187.353584] __schedule+0x893/0x2470 [ 187.353885] ? io_schedule_timeout+0x150/0x150 [ 187.354246] ? do_raw_spin_lock+0x121/0x260 [ 187.354603] ? rwlock_bug.part.0+0x90/0x90 [ 187.354939] schedule+0xda/0x1b0 [ 187.355215] rescuer_thread+0x851/0xdb0 [ 187.355550] ? _raw_spin_unlock_irqrestore+0x28/0x60 [ 187.355939] ? _raw_spin_unlock_irqrestore+0x28/0x60 [ 187.356344] ? lockdep_hardirqs_on+0x79/0x100 [ 187.356724] ? worker_thread+0x1260/0x1260 [ 187.357066] kthread+0x2ed/0x3a0 [ 187.357358] ? kthread_complete_and_exit+0x40/0x40 [ 187.357749] ret_from_fork+0x22/0x30 [ 187.358056] [ 187.358251] INFO: task rcu_tasks_kthre:11 blocked for more than 143 seconds. [ 187.358814] Not tainted 6.0.0-rc7-next-20220930 #1 [ 187.359229] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 187.359827] task:rcu_tasks_kthre state:I stack:29272 pid:11 ppid:2 flags:0x00004000 [ 187.360497] Call Trace: [ 187.360705] [ 187.360889] __schedule+0x893/0x2470 [ 187.361192] ? io_schedule_timeout+0x150/0x150 [ 187.361568] ? mark_held_locks+0x9e/0xe0 [ 187.361895] ? _raw_spin_unlock_irqrestore+0x28/0x60 [ 187.362290] schedule+0xda/0x1b0 [ 187.362578] rcu_tasks_one_gp+0x3db/0xc10 [ 187.362928] rcu_tasks_kthread+0x80/0xa0 [ 187.363244] ? rcu_tasks_postscan+0x10/0x10 [ 187.363607] kthread+0x2ed/0x3a0 [ 187.363886] ? kthread_complete_and_exit+0x40/0x40 [ 187.364278] ret_from_fork+0x22/0x30 [ 187.364616] [ 187.364807] INFO: task kworker/1:0H:21 blocked for more than 143 seconds. [ 187.365341] Not tainted 6.0.0-rc7-next-20220930 #1 [ 187.365750] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 187.366347] task:kworker/1:0H state:I stack:29760 pid:21 ppid:2 flags:0x00004000 [ 187.367001] Workqueue: 0x0 (events_highpri) [ 187.367362] Call Trace: [ 187.367570] [ 187.367754] __schedule+0x893/0x2470 [ 187.368061] ? io_schedule_timeout+0x150/0x150 [ 187.368445] schedule+0xda/0x1b0 [ 187.368696] worker_thread+0x15f/0x1260 [ 187.368989] ? process_one_work+0x16a0/0x16a0 [ 187.369320] kthread+0x2ed/0x3a0 [ 187.369561] ? kthread_complete_and_exit+0x40/0x40 [ 187.369904] ret_from_fork+0x22/0x30 [ 187.370182] [ 187.370362] INFO: task inet_frag_wq:23 blocked for more than 143 seconds. [ 187.370816] Not tainted 6.0.0-rc7-next-20220930 #1 [ 187.371175] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 187.371700] task:inet_frag_wq state:I stack:30704 pid:23 ppid:2 flags:0x00004000 [ 187.372259] Call Trace: [ 187.372453] [ 187.372623] __schedule+0x893/0x2470 [ 187.372895] ? io_schedule_timeout+0x150/0x150 [ 187.373215] ? do_raw_spin_lock+0x121/0x260 [ 187.373531] ? rwlock_bug.part.0+0x90/0x90 [ 187.373832] schedule+0xda/0x1b0 [ 187.374077] rescuer_thread+0x851/0xdb0 [ 187.374374] ? _raw_spin_unlock_irqrestore+0x28/0x60 [ 187.374720] ? _raw_spin_unlock_irqrestore+0x28/0x60 [ 187.375066] ? lockdep_hardirqs_on+0x79/0x100 [ 187.375396] ? worker_thread+0x1260/0x1260 [ 187.375693] kthread+0x2ed/0x3a0 [ 187.375932] ? kthread_complete_and_exit+0x40/0x40 [ 187.376274] ret_from_fork+0x22/0x30 [ 187.376581] [ 187.376754] INFO: task kblockd:31 blocked for more than 143 seconds. [ 187.377176] Not tainted 6.0.0-rc7-next-20220930 #1 [ 187.377549] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 187.378062] task:kblockd state:I stack:30176 pid:31 ppid:2 flags:0x00004000 [ 187.378630] Call Trace: [ 187.378808] [ 187.378973] __schedule+0x893/0x2470 [ 187.379247] ? io_schedule_timeout+0x150/0x150 [ 187.379575] ? do_raw_spin_lock+0x121/0x260 [ 187.379877] ? rwlock_bug.part.0+0x90/0x90 [ 187.380176] schedule+0xda/0x1b0 [ 187.380433] rescuer_thread+0x851/0xdb0 [ 187.380719] ? _raw_spin_unlock_irqrestore+0x28/0x60 [ 187.381063] ? _raw_spin_unlock_irqrestore+0x28/0x60 [ 187.381425] ? lockdep_hardirqs_on+0x79/0x100 [ 187.381746] ? worker_thread+0x1260/0x1260 [ 187.382042] kthread+0x2ed/0x3a0 [ 187.382282] ? kthread_complete_and_exit+0x40/0x40 [ 187.382636] ret_from_fork+0x22/0x30 [ 187.382914] [ 187.383127] [ 187.383127] Showing all locks held in the system: [ 187.383559] 2 locks held by kworker/u4:0/9: [ 187.383847] #0: ffff888007c61138 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_one_work+0x915/0x16a0 [ 187.384580] #1: ffff88800861fdb0 ((work_completion)(&sub_info->work)){+.+.}-{0:0}, at: process_one_work+0x949/0x16a0 [ 187.385319] 1 lock held by rcu_tasks_kthre/11: [ 187.385624] #0: ffffffff85406850 (rcu_tasks.tasks_gp_mutex){+.+.}-{3:3}, at: rcu_tasks_one_gp+0x26/0xc10 [ 187.386316] 1 lock held by khungtaskd/25: [ 187.386629] #0: ffffffff85407320 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x53/0x260 [ 187.387337] 2 locks held by kworker/u4:1/26: [ 187.387632] #0: ffff888007c61138 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_one_work+0x915/0x16a0 [ 187.388347] #1: ffff888009037db0 ((work_completion)(&sub_info->work)){+.+.}-{0:0}, at: process_one_work+0x949/0x16a0 [ 187.389080] 2 locks held by kworker/u4:2/33: [ 187.389389] #0: ffff888007c61138 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_one_work+0x915/0x16a0 [ 187.390085] #1: ffff8880092d7db0 ((work_completion)(&sub_info->work)){+.+.}-{0:0}, at: process_one_work+0x949/0x16a0 [ 187.390824] 1 lock held by kmemleak/55: [ 187.391093] 1 lock held by in:imklog/188: [ 187.391388] 2 locks held by kworker/u4:4/330: [ 187.391692] #0: ffff888007c61138 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_one_work+0x915/0x16a0 [ 187.392404] #1: ffff888018a1fdb0 ((work_completion)(&sub_info->work)){+.+.}-{0:0}, at: process_one_work+0x949/0x16a0 [ 187.393143] 2 locks held by kworker/u4:6/335: [ 187.393460] #0: ffff888007c61138 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_one_work+0x915/0x16a0 [ 187.394161] #1: ffff88803f867db0 ((work_completion)(&sub_info->work)){+.+.}-{0:0}, at: process_one_work+0x949/0x16a0 [ 187.394902] 2 locks held by kworker/u4:7/338: [ 187.395208] #0: ffff888007c61138 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_one_work+0x915/0x16a0 [ 187.395925] #1: ffff888017dd7db0 ((work_completion)(&sub_info->work)){+.+.}-{0:0}, at: process_one_work+0x949/0x16a0 [ 187.396679] 2 locks held by kworker/u4:11/734: [ 187.396989] #0: ffff888007c61138 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_one_work+0x915/0x16a0 [ 187.397699] #1: ffff88801d7c7db0 ((work_completion)(&sub_info->work)){+.+.}-{0:0}, at: process_one_work+0x949/0x16a0 [ 187.398445] 3 locks held by syz-executor.6/3799: [ 187.398765] 1 lock held by modprobe/7051: [ 187.399039] 1 lock held by modprobe/7054: [ 187.399331] 2 locks held by modprobe/7055: [ 187.399614] 1 lock held by modprobe/7056: [ 187.399888] [ 187.400012] ============================================= [ 187.400012] [ 187.448241] loop6: detected capacity change from 0 to 13 03:31:55 executing program 6: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file1\x00', 0x3fff7f, 0x0, 0x0, 0x1000000, 0x0) mount(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000040)='ramfs\x00', 0x0, 0x0) mount$9p_fd(0x0, &(0x7f0000000140)='./file1\x00', 0x0, 0x8021, 0x0) chmod(&(0x7f0000001a00)='./file1\x00', 0x0) 03:31:55 executing program 6: syslog(0x3, 0x0, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x101}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x1010c2, 0x0) r1 = io_uring_setup(0x43c7, &(0x7f0000000380)) io_uring_register$IORING_REGISTER_EVENTFD(r1, 0x4, &(0x7f0000000400), 0x1) syslog(0x4, 0x0, 0x0) syz_io_uring_setup(0x13df, &(0x7f0000000100)={0x0, 0x28b1, 0x0, 0x2, 0x312, 0x0, r1}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f00000001c0)=0x0, &(0x7f0000000240)=0x0) r4 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/timer_list\x00', 0x0, 0x0) sendfile(r0, r4, 0x0, 0x10000027f) syz_io_uring_submit(r2, r3, &(0x7f0000000340)=@IORING_OP_STATX={0x15, 0x5, 0x0, 0xffffffffffffffff, &(0x7f0000000540), &(0x7f0000000300)='./file1\x00', 0x7ff, 0x0, 0x1}, 0x0) sendmsg$NL80211_CMD_REQ_SET_REG(0xffffffffffffffff, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000640)=ANY=[@ANYBLOB="bd0ad4ec5f86bb4235470d749ab7e814d3aa300ed33d7965f17ccd3dd5e1bc8643ca09ed1a6d402807dd1b46e4e2f380361fe8d9eb859aa89bc7598e8c1babae3d42660b5b2f2ca3f3baf0e6a873e891faf8eb35b9305723332e7d27dc4761ebaf4ccaa6f493c2cb8670e997d4d20a8d4b8615a90cbb22068c10d31c6cdb559c882d9d6cc00023d2e391ad3c5c86cbbc5ed51df4fb6b58d06303d9b24ed93e5d607a4b8484fad316927e", @ANYRES16, @ANYBLOB="ff05002179043f5918d8d6000000000000ffff"], 0x1c}}, 0x0) perf_event_open(&(0x7f0000000440)={0x5, 0x80, 0x1, 0x3, 0x0, 0x5, 0x0, 0x311, 0x20, 0x2, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x8d90, 0x4, @perf_config_ext={0x7, 0x6}, 0x10, 0x9, 0x269387ea, 0x5, 0x1340, 0x5, 0x2c5}, 0xffffffffffffffff, 0xe, 0xffffffffffffffff, 0x8) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffb000/0x2000)=nil, 0x2000, 0x0, 0x110, 0xffffffffffffffff, 0x0) [ 187.714169] audit: type=1400 audit(1664767915.368:7): avc: denied { open } for pid=7083 comm="syz-executor.6" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 [ 187.715679] audit: type=1400 audit(1664767915.369:8): avc: denied { kernel } for pid=7083 comm="syz-executor.6" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 [ 187.724244] ------------[ cut here ]------------ [ 187.724264] [ 187.724267] ====================================================== [ 187.724270] WARNING: possible circular locking dependency detected [ 187.724274] 6.0.0-rc7-next-20220930 #1 Not tainted [ 187.724281] ------------------------------------------------------ [ 187.724284] syz-executor.6/7084 is trying to acquire lock: [ 187.724290] ffffffff853faab8 ((console_sem).lock){....}-{2:2}, at: down_trylock+0xe/0x70 [ 187.724334] [ 187.724334] but task is already holding lock: [ 187.724337] ffff88803921b020 (&ctx->lock){....}-{2:2}, at: __perf_event_task_sched_out+0x53b/0x18d0 [ 187.724363] [ 187.724363] which lock already depends on the new lock. [ 187.724363] [ 187.724366] [ 187.724366] the existing dependency chain (in reverse order) is: [ 187.724370] [ 187.724370] -> #3 (&ctx->lock){....}-{2:2}: [ 187.724383] _raw_spin_lock+0x2a/0x40 [ 187.724395] __perf_event_task_sched_out+0x53b/0x18d0 [ 187.724406] __schedule+0xedd/0x2470 [ 187.724420] schedule+0xda/0x1b0 [ 187.724435] futex_wait_queue+0xf5/0x1e0 [ 187.724448] futex_wait+0x28e/0x690 [ 187.724458] do_futex+0x2ff/0x380 [ 187.724467] __x64_sys_futex+0x1c6/0x4d0 [ 187.724477] do_syscall_64+0x3b/0x90 [ 187.724495] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 187.724508] [ 187.724508] -> #2 (&rq->__lock){-.-.}-{2:2}: [ 187.724526] _raw_spin_lock_nested+0x30/0x40 [ 187.724537] raw_spin_rq_lock_nested+0x1e/0x30 [ 187.724550] task_fork_fair+0x63/0x4d0 [ 187.724567] sched_cgroup_fork+0x3d0/0x540 [ 187.724581] copy_process+0x4183/0x6e20 [ 187.724592] kernel_clone+0xe7/0x890 [ 187.724601] user_mode_thread+0xad/0xf0 [ 187.724611] rest_init+0x24/0x250 [ 187.724623] arch_call_rest_init+0xf/0x14 [ 187.724640] start_kernel+0x4c6/0x4eb [ 187.724656] secondary_startup_64_no_verify+0xe0/0xeb [ 187.724669] [ 187.724669] -> #1 (&p->pi_lock){-.-.}-{2:2}: [ 187.724683] _raw_spin_lock_irqsave+0x39/0x60 [ 187.724694] try_to_wake_up+0xab/0x1930 [ 187.724706] up+0x75/0xb0 [ 187.724720] __up_console_sem+0x6e/0x80 [ 187.724736] console_unlock+0x46a/0x590 [ 187.724752] vt_ioctl+0x2822/0x2ca0 [ 187.724764] tty_ioctl+0x785/0x16b0 [ 187.724775] __x64_sys_ioctl+0x19a/0x210 [ 187.724788] do_syscall_64+0x3b/0x90 [ 187.724805] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 187.724817] [ 187.724817] -> #0 ((console_sem).lock){....}-{2:2}: [ 187.724831] __lock_acquire+0x2a02/0x5e70 [ 187.724848] lock_acquire+0x1a2/0x530 [ 187.724863] _raw_spin_lock_irqsave+0x39/0x60 [ 187.724874] down_trylock+0xe/0x70 [ 187.724888] __down_trylock_console_sem+0x3b/0xd0 [ 187.724904] vprintk_emit+0x16b/0x560 [ 187.724920] vprintk+0x84/0xa0 [ 187.724936] _printk+0xba/0xf1 [ 187.724947] report_bug.cold+0x72/0xab [ 187.724963] handle_bug+0x3c/0x70 [ 187.724979] exc_invalid_op+0x14/0x50 [ 187.724996] asm_exc_invalid_op+0x16/0x20 [ 187.725008] group_sched_out.part.0+0x2c7/0x460 [ 187.725025] ctx_sched_out+0x8f1/0xc10 [ 187.725042] __perf_event_task_sched_out+0x6d0/0x18d0 [ 187.725052] __schedule+0xedd/0x2470 [ 187.725066] schedule+0xda/0x1b0 [ 187.725079] futex_wait_queue+0xf5/0x1e0 [ 187.725089] futex_wait+0x28e/0x690 [ 187.725099] do_futex+0x2ff/0x380 [ 187.725108] __x64_sys_futex+0x1c6/0x4d0 [ 187.725118] do_syscall_64+0x3b/0x90 [ 187.725135] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 187.725147] [ 187.725147] other info that might help us debug this: [ 187.725147] [ 187.725150] Chain exists of: [ 187.725150] (console_sem).lock --> &rq->__lock --> &ctx->lock [ 187.725150] [ 187.725165] Possible unsafe locking scenario: [ 187.725165] [ 187.725167] CPU0 CPU1 [ 187.725169] ---- ---- [ 187.725172] lock(&ctx->lock); [ 187.725177] lock(&rq->__lock); [ 187.725184] lock(&ctx->lock); [ 187.725190] lock((console_sem).lock); [ 187.725195] [ 187.725195] *** DEADLOCK *** [ 187.725195] [ 187.725197] 2 locks held by syz-executor.6/7084: [ 187.725204] #0: ffff88806ce37e98 (&rq->__lock){-.-.}-{2:2}, at: __schedule+0x1cf/0x2470 [ 187.725233] #1: ffff88803921b020 (&ctx->lock){....}-{2:2}, at: __perf_event_task_sched_out+0x53b/0x18d0 [ 187.725259] [ 187.725259] stack backtrace: [ 187.725262] CPU: 0 PID: 7084 Comm: syz-executor.6 Not tainted 6.0.0-rc7-next-20220930 #1 [ 187.725274] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 187.725282] Call Trace: [ 187.725286] [ 187.725290] dump_stack_lvl+0x8b/0xb3 [ 187.725308] check_noncircular+0x263/0x2e0 [ 187.725324] ? format_decode+0x26c/0xb50 [ 187.725340] ? print_circular_bug+0x450/0x450 [ 187.725357] ? simple_strtoul+0x30/0x30 [ 187.725373] ? format_decode+0x26c/0xb50 [ 187.725390] ? alloc_chain_hlocks+0x1ec/0x5a0 [ 187.725407] __lock_acquire+0x2a02/0x5e70 [ 187.725429] ? lockdep_hardirqs_on_prepare+0x410/0x410 [ 187.725451] lock_acquire+0x1a2/0x530 [ 187.725467] ? down_trylock+0xe/0x70 [ 187.725484] ? lock_release+0x750/0x750 [ 187.725504] ? vprintk+0x84/0xa0 [ 187.725522] _raw_spin_lock_irqsave+0x39/0x60 [ 187.725533] ? down_trylock+0xe/0x70 [ 187.725549] down_trylock+0xe/0x70 [ 187.725565] ? vprintk+0x84/0xa0 [ 187.725581] __down_trylock_console_sem+0x3b/0xd0 [ 187.725598] vprintk_emit+0x16b/0x560 [ 187.725617] vprintk+0x84/0xa0 [ 187.725634] _printk+0xba/0xf1 [ 187.725645] ? record_print_text.cold+0x16/0x16 [ 187.725661] ? report_bug.cold+0x66/0xab [ 187.725679] ? group_sched_out.part.0+0x2c7/0x460 [ 187.725697] report_bug.cold+0x72/0xab [ 187.725716] handle_bug+0x3c/0x70 [ 187.725733] exc_invalid_op+0x14/0x50 [ 187.725751] asm_exc_invalid_op+0x16/0x20 [ 187.725763] RIP: 0010:group_sched_out.part.0+0x2c7/0x460 [ 187.725784] Code: 5e 41 5f e9 8b ae ef ff e8 86 ae ef ff 65 8b 1d 0b 18 ac 7e 31 ff 89 de e8 26 ab ef ff 85 db 0f 84 8a 00 00 00 e8 69 ae ef ff <0f> 0b e9 a5 fe ff ff e8 5d ae ef ff 48 8d 7d 10 48 b8 00 00 00 00 [ 187.725795] RSP: 0018:ffff88802fa478f8 EFLAGS: 00010006 [ 187.725804] RAX: 0000000040000002 RBX: 0000000000000000 RCX: 0000000000000000 [ 187.725812] RDX: ffff88803c1f1ac0 RSI: ffffffff81565dc7 RDI: 0000000000000005 [ 187.725819] RBP: ffff8880086605c8 R08: 0000000000000005 R09: 0000000000000001 [ 187.725827] R10: 0000000000000000 R11: ffffffff865b401b R12: ffff88803921b000 [ 187.725834] R13: ffff88806ce3d2c0 R14: ffffffff8547d000 R15: 0000000000000002 [ 187.725845] ? group_sched_out.part.0+0x2c7/0x460 [ 187.725865] ? group_sched_out.part.0+0x2c7/0x460 [ 187.725884] ctx_sched_out+0x8f1/0xc10 [ 187.725904] __perf_event_task_sched_out+0x6d0/0x18d0 [ 187.725918] ? lock_is_held_type+0xd7/0x130 [ 187.725932] ? __perf_cgroup_move+0x160/0x160 [ 187.725942] ? set_next_entity+0x304/0x550 [ 187.725962] ? lock_is_held_type+0xd7/0x130 [ 187.725976] __schedule+0xedd/0x2470 [ 187.725993] ? io_schedule_timeout+0x150/0x150 [ 187.726008] ? futex_wait_setup+0x166/0x230 [ 187.726023] schedule+0xda/0x1b0 [ 187.726037] futex_wait_queue+0xf5/0x1e0 [ 187.726050] futex_wait+0x28e/0x690 [ 187.726062] ? futex_wait_setup+0x230/0x230 [ 187.726075] ? wake_up_q+0x8b/0xf0 [ 187.726088] ? do_raw_spin_unlock+0x4f/0x220 [ 187.726107] ? futex_wake+0x158/0x490 [ 187.726124] ? fd_install+0x1f9/0x640 [ 187.726139] do_futex+0x2ff/0x380 [ 187.726150] ? __ia32_compat_sys_get_robust_list+0x3b0/0x3b0 [ 187.726166] __x64_sys_futex+0x1c6/0x4d0 [ 187.726179] ? __x64_sys_futex_time32+0x480/0x480 [ 187.726192] ? syscall_enter_from_user_mode+0x1d/0x50 [ 187.726206] ? syscall_enter_from_user_mode+0x1d/0x50 [ 187.726221] do_syscall_64+0x3b/0x90 [ 187.726239] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 187.726252] RIP: 0033:0x7f1f2286bb19 [ 187.726260] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 187.726271] RSP: 002b:00007f1f1fde1218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 187.726281] RAX: ffffffffffffffda RBX: 00007f1f2297ef68 RCX: 00007f1f2286bb19 [ 187.726289] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f1f2297ef68 [ 187.726296] RBP: 00007f1f2297ef60 R08: 0000000000000000 R09: 0000000000000000 [ 187.726303] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f1f2297ef6c [ 187.726310] R13: 00007ffdf3e0b5ff R14: 00007f1f1fde1300 R15: 0000000000022000 [ 187.726322] [ 187.784602] WARNING: CPU: 0 PID: 7084 at kernel/events/core.c:2309 group_sched_out.part.0+0x2c7/0x460 [ 187.785287] Modules linked in: [ 187.785530] CPU: 0 PID: 7084 Comm: syz-executor.6 Not tainted 6.0.0-rc7-next-20220930 #1 [ 187.786118] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 187.786936] RIP: 0010:group_sched_out.part.0+0x2c7/0x460 [ 187.787340] Code: 5e 41 5f e9 8b ae ef ff e8 86 ae ef ff 65 8b 1d 0b 18 ac 7e 31 ff 89 de e8 26 ab ef ff 85 db 0f 84 8a 00 00 00 e8 69 ae ef ff <0f> 0b e9 a5 fe ff ff e8 5d ae ef ff 48 8d 7d 10 48 b8 00 00 00 00 [ 187.788674] RSP: 0018:ffff88802fa478f8 EFLAGS: 00010006 [ 187.789062] RAX: 0000000040000002 RBX: 0000000000000000 RCX: 0000000000000000 [ 187.789585] RDX: ffff88803c1f1ac0 RSI: ffffffff81565dc7 RDI: 0000000000000005 [ 187.790109] RBP: ffff8880086605c8 R08: 0000000000000005 R09: 0000000000000001 [ 187.790635] R10: 0000000000000000 R11: ffffffff865b401b R12: ffff88803921b000 [ 187.791161] R13: ffff88806ce3d2c0 R14: ffffffff8547d000 R15: 0000000000000002 [ 187.791686] FS: 00007f1f1fde1700(0000) GS:ffff88806ce00000(0000) knlGS:0000000000000000 [ 187.792268] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 187.792707] CR2: 00007f1ce798b710 CR3: 0000000034036000 CR4: 0000000000350ef0 [ 187.793230] Call Trace: [ 187.793424] [ 187.793598] ctx_sched_out+0x8f1/0xc10 [ 187.793908] __perf_event_task_sched_out+0x6d0/0x18d0 [ 187.794284] ? lock_is_held_type+0xd7/0x130 [ 187.794608] ? __perf_cgroup_move+0x160/0x160 [ 187.794942] ? set_next_entity+0x304/0x550 [ 187.795265] ? lock_is_held_type+0xd7/0x130 [ 187.795589] __schedule+0xedd/0x2470 [ 187.795875] ? io_schedule_timeout+0x150/0x150 [ 187.796220] ? futex_wait_setup+0x166/0x230 [ 187.796558] schedule+0xda/0x1b0 [ 187.796822] futex_wait_queue+0xf5/0x1e0 [ 187.797122] futex_wait+0x28e/0x690 [ 187.797396] ? futex_wait_setup+0x230/0x230 [ 187.797714] ? wake_up_q+0x8b/0xf0 [ 187.797983] ? do_raw_spin_unlock+0x4f/0x220 [ 187.798321] ? futex_wake+0x158/0x490 [ 187.798607] ? fd_install+0x1f9/0x640 [ 187.798896] do_futex+0x2ff/0x380 [ 187.799168] ? __ia32_compat_sys_get_robust_list+0x3b0/0x3b0 [ 187.799593] __x64_sys_futex+0x1c6/0x4d0 [ 187.799905] ? __x64_sys_futex_time32+0x480/0x480 [ 187.800263] ? syscall_enter_from_user_mode+0x1d/0x50 [ 187.800664] ? syscall_enter_from_user_mode+0x1d/0x50 [ 187.801045] do_syscall_64+0x3b/0x90 [ 187.801328] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 187.801707] RIP: 0033:0x7f1f2286bb19 [ 187.801980] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 187.803275] RSP: 002b:00007f1f1fde1218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 187.803812] RAX: ffffffffffffffda RBX: 00007f1f2297ef68 RCX: 00007f1f2286bb19 [ 187.804323] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f1f2297ef68 [ 187.804852] RBP: 00007f1f2297ef60 R08: 0000000000000000 R09: 0000000000000000 [ 187.805362] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f1f2297ef6c [ 187.805876] R13: 00007ffdf3e0b5ff R14: 00007f1f1fde1300 R15: 0000000000022000 [ 187.806397] [ 187.806570] irq event stamp: 588 [ 187.806819] hardirqs last enabled at (587): [] syscall_enter_from_user_mode+0x1d/0x50 [ 187.807518] hardirqs last disabled at (588): [] __schedule+0x1225/0x2470 [ 187.808126] softirqs last enabled at (0): [] copy_process+0x1e15/0x6e20 [ 187.808736] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 187.809201] ---[ end trace 0000000000000000 ]--- 03:31:55 executing program 6: syslog(0x3, 0x0, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x101}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x1010c2, 0x0) r1 = io_uring_setup(0x43c7, &(0x7f0000000380)) io_uring_register$IORING_REGISTER_EVENTFD(r1, 0x4, &(0x7f0000000400), 0x1) syslog(0x4, 0x0, 0x0) syz_io_uring_setup(0x13df, &(0x7f0000000100)={0x0, 0x28b1, 0x0, 0x2, 0x312, 0x0, r1}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f00000001c0)=0x0, &(0x7f0000000240)=0x0) r4 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/timer_list\x00', 0x0, 0x0) sendfile(r0, r4, 0x0, 0x10000027f) syz_io_uring_submit(r2, r3, &(0x7f0000000340)=@IORING_OP_STATX={0x15, 0x5, 0x0, 0xffffffffffffffff, &(0x7f0000000540), &(0x7f0000000300)='./file1\x00', 0x7ff, 0x0, 0x1}, 0x0) sendmsg$NL80211_CMD_REQ_SET_REG(0xffffffffffffffff, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000640)=ANY=[@ANYBLOB="bd0ad4ec5f86bb4235470d749ab7e814d3aa300ed33d7965f17ccd3dd5e1bc8643ca09ed1a6d402807dd1b46e4e2f380361fe8d9eb859aa89bc7598e8c1babae3d42660b5b2f2ca3f3baf0e6a873e891faf8eb35b9305723332e7d27dc4761ebaf4ccaa6f493c2cb8670e997d4d20a8d4b8615a90cbb22068c10d31c6cdb559c882d9d6cc00023d2e391ad3c5c86cbbc5ed51df4fb6b58d06303d9b24ed93e5d607a4b8484fad316927e", @ANYRES16, @ANYBLOB="ff05002179043f5918d8d6000000000000ffff"], 0x1c}}, 0x0) perf_event_open(&(0x7f0000000440)={0x5, 0x80, 0x1, 0x3, 0x0, 0x5, 0x0, 0x311, 0x20, 0x2, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x8d90, 0x4, @perf_config_ext={0x7, 0x6}, 0x10, 0x9, 0x269387ea, 0x5, 0x1340, 0x5, 0x2c5}, 0xffffffffffffffff, 0xe, 0xffffffffffffffff, 0x8) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffb000/0x2000)=nil, 0x2000, 0x0, 0x110, 0xffffffffffffffff, 0x0) [ 188.477315] hrtimer: interrupt took 17032 ns 03:31:56 executing program 6: r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x80}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0xa) sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x73) r1 = syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) read(0xffffffffffffffff, 0x0, 0x0) fchdir(r1) r2 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) r3 = dup(r2) ioctl$FS_IOC_SETFSLABEL(r0, 0x41009432, &(0x7f0000000300)="e9b1e648579387153b5642037ef0017acc06fb85a7b90de120f87f9640b492069d00c1d42fe8725db0f1b0611b876d17ebe93d806279bb709fd1b75082ce9e3032009b6b4db881e3a7bf55880a8e8294ff59be30d2239fb078fac5e78b4c8db5de06ab32ce70c6ba1ce49ba55bfa0c6169f6cdd56dd3e75e2bcaf412b7dedb77b4ac053efafebd65be50054f94c7d472ea4cc1e1f2107204db571a8f8b96c39ac80f207a2bdcfb2c590886814d1b83f4971e3c4fb976dc3ab996e9844066c7072207fd5e43e6fd5d842ad91bab3275591c7779fe3996d41d9e2091ed3adf384c5e7140fb1e419441aac7177cf600ffda9c51b13062fe836a5e1828b496664711") r4 = inotify_init() pwritev(r4, 0x0, 0x0, 0x0, 0x0) ioctl$FICLONERANGE(r3, 0x4020940d, &(0x7f0000000040)={{r4}, 0x0, 0xfffffffffffffff8, 0x4}) tee(r2, r1, 0x1, 0x1) [ 188.989648] audit: type=1400 audit(1664767916.644:9): avc: denied { write } for pid=7180 comm="syz-executor.6" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 VM DIAGNOSIS: 03:31:55 Registers: info registers vcpu 0 RAX=dffffc0000000000 RBX=0000000000000001 RCX=0000000000000000 RDX=0000000000007875 RSI=0000000000007875 RDI=ffffffff86291210 RBP=ffff8880185379e0 RSP=ffff888018537908 R8 =ffffffff852c46c0 R9 =ffffffff85edfdd6 R10=ffffed10030a6f3e R11=000000000003603d R12=ffff8880185379c9 R13=ffff8880185379e8 R14=ffff888018537988 R15=ffffffff817875f4 RIP=ffffffff8111a385 RFL=00000216 [----AP-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 00007f76c0a398c0 00000000 00000000 GS =0000 ffff88806ce00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007f9b399da120 CR3=000000000df48000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 YMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM01=0000000000000000 0000000000000000 1c5cbf3f8bff3787 d64ea2726ad96e88 YMM02=0000000000000000 0000000000000000 6b1e99b806172e3b 00000000000aea28 YMM03=0000000000000000 0000000000000000 80f09f19808d26a3 00000000000aec68 YMM04=0000000000000000 0000000000000000 e5499efea294df1f 000000000013fb20 YMM05=0000000000000000 0000000000000000 d3fdd5f48436fbd7 00000000000aead0 YMM06=0000000000000000 0000000000000000 bdff87b533854d5f 00000000000ae988 YMM07=0000000000000000 0000000000000000 a1fcdcf819d7e1e5 00000000000ae728 YMM08=0000000000000000 0000000000000000 44495f474f4c5359 530069253d595449 YMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM10=0000000000000000 0000000000000000 0000000000000000 0020200000200000 YMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 RAX=0000000000000070 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff823bb0f1 RDI=ffffffff8765a9a0 RBP=ffffffff8765a960 RSP=ffff88800902f898 R8 =0000000000000001 R9 =000000000000000a R10=0000000000000070 R11=0000000000000001 R12=0000000000000070 R13=ffffffff8765a960 R14=0000000000000010 R15=ffffffff823bb0e0 RIP=ffffffff823bb149 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 0000000000000000 00000000 00000000 GS =0000 ffff88806cf00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007f1f238b83a4 CR3=000000000ddea000 CR4=00350ee0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 YMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM01=0000000000000000 0000000000000000 ffffffffffffffff ffffffffffffffff YMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM04=0000000000000000 0000000000000000 0000000000000000 00000000000000ff YMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM06=0000000000000000 0000000000000000 0000000000000000 000000524f525245 YMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM08=0000000000000000 0000000000000000 0000000000000000 00524f5252450040 YMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000