Debian GNU/Linux 11 syzkaller ttyS0 syzkaller login: [ 58.979311] sshd (230) used greatest stack depth: 24216 bytes left Warning: Permanently added '[localhost]:32790' (ECDSA) to the list of known hosts. 2025/01/19 15:59:23 fuzzer started 2025/01/19 15:59:24 dialing manager at localhost:44245 [ 61.633976] cgroup: Unknown subsys name 'net' [ 61.740325] cgroup: Unknown subsys name 'cpuset' [ 61.773221] cgroup: Unknown subsys name 'rlimit' [ 68.905852] kmemleak: 2 new suspected memory leaks (see /sys/kernel/debug/kmemleak) 2025/01/19 15:59:42 syscalls: 2217 2025/01/19 15:59:42 code coverage: enabled 2025/01/19 15:59:42 comparison tracing: enabled 2025/01/19 15:59:42 extra coverage: enabled 2025/01/19 15:59:42 setuid sandbox: enabled 2025/01/19 15:59:42 namespace sandbox: enabled 2025/01/19 15:59:42 Android sandbox: enabled 2025/01/19 15:59:42 fault injection: enabled 2025/01/19 15:59:42 leak checking: enabled 2025/01/19 15:59:42 net packet injection: enabled 2025/01/19 15:59:42 net device setup: enabled 2025/01/19 15:59:42 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2025/01/19 15:59:42 devlink PCI setup: PCI device 0000:00:10.0 is not available 2025/01/19 15:59:42 USB emulation: enabled 2025/01/19 15:59:42 hci packet injection: enabled 2025/01/19 15:59:42 wifi device emulation: enabled 2025/01/19 15:59:42 802.15.4 emulation: enabled 2025/01/19 15:59:42 fetching corpus: 50, signal 28547/30022 (executing program) 2025/01/19 15:59:43 fetching corpus: 100, signal 38399/40966 (executing program) 2025/01/19 15:59:43 fetching corpus: 150, signal 44014/47586 (executing program) 2025/01/19 15:59:43 fetching corpus: 200, signal 51004/55298 (executing program) 2025/01/19 15:59:43 fetching corpus: 250, signal 54258/59317 (executing program) 2025/01/19 15:59:43 fetching corpus: 300, signal 57755/63415 (executing program) 2025/01/19 15:59:43 fetching corpus: 350, signal 62216/68192 (executing program) 2025/01/19 15:59:44 fetching corpus: 400, signal 67474/73507 (executing program) 2025/01/19 15:59:44 fetching corpus: 450, signal 70359/76643 (executing program) 2025/01/19 15:59:44 fetching corpus: 500, signal 73453/79865 (executing program) 2025/01/19 15:59:44 fetching corpus: 550, signal 76249/82782 (executing program) 2025/01/19 15:59:44 fetching corpus: 600, signal 78567/85223 (executing program) 2025/01/19 15:59:44 fetching corpus: 650, signal 81088/87733 (executing program) 2025/01/19 15:59:44 fetching corpus: 700, signal 82444/89289 (executing program) 2025/01/19 15:59:45 fetching corpus: 750, signal 83695/90724 (executing program) 2025/01/19 15:59:45 fetching corpus: 800, signal 85106/92207 (executing program) 2025/01/19 15:59:45 fetching corpus: 850, signal 88337/94899 (executing program) 2025/01/19 15:59:45 fetching corpus: 900, signal 89602/96152 (executing program) 2025/01/19 15:59:45 fetching corpus: 950, signal 91822/97990 (executing program) 2025/01/19 15:59:45 fetching corpus: 1000, signal 93768/99547 (executing program) 2025/01/19 15:59:46 fetching corpus: 1050, signal 94739/100417 (executing program) 2025/01/19 15:59:46 fetching corpus: 1100, signal 96171/101537 (executing program) 2025/01/19 15:59:46 fetching corpus: 1150, signal 97339/102480 (executing program) 2025/01/19 15:59:46 fetching corpus: 1200, signal 99774/104095 (executing program) 2025/01/19 15:59:46 fetching corpus: 1250, signal 100774/104780 (executing program) 2025/01/19 15:59:46 fetching corpus: 1300, signal 102496/105803 (executing program) 2025/01/19 15:59:47 fetching corpus: 1350, signal 103878/106598 (executing program) 2025/01/19 15:59:47 fetching corpus: 1400, signal 105537/107488 (executing program) 2025/01/19 15:59:47 fetching corpus: 1402, signal 105616/107603 (executing program) 2025/01/19 15:59:47 fetching corpus: 1402, signal 105616/107665 (executing program) 2025/01/19 15:59:47 fetching corpus: 1402, signal 105616/107727 (executing program) 2025/01/19 15:59:47 fetching corpus: 1402, signal 105616/107785 (executing program) 2025/01/19 15:59:47 fetching corpus: 1402, signal 105616/107845 (executing program) 2025/01/19 15:59:47 fetching corpus: 1402, signal 105616/107900 (executing program) 2025/01/19 15:59:47 fetching corpus: 1402, signal 105616/107972 (executing program) 2025/01/19 15:59:47 fetching corpus: 1402, signal 105616/108044 (executing program) 2025/01/19 15:59:47 fetching corpus: 1402, signal 105616/108111 (executing program) 2025/01/19 15:59:47 fetching corpus: 1402, signal 105616/108177 (executing program) 2025/01/19 15:59:47 fetching corpus: 1402, signal 105616/108238 (executing program) 2025/01/19 15:59:47 fetching corpus: 1402, signal 105616/108305 (executing program) 2025/01/19 15:59:47 fetching corpus: 1402, signal 105616/108351 (executing program) 2025/01/19 15:59:47 fetching corpus: 1402, signal 105616/108407 (executing program) 2025/01/19 15:59:47 fetching corpus: 1402, signal 105616/108473 (executing program) 2025/01/19 15:59:47 fetching corpus: 1402, signal 105616/108539 (executing program) 2025/01/19 15:59:47 fetching corpus: 1402, signal 105616/108613 (executing program) 2025/01/19 15:59:47 fetching corpus: 1402, signal 105616/108683 (executing program) 2025/01/19 15:59:47 fetching corpus: 1402, signal 105616/108753 (executing program) 2025/01/19 15:59:47 fetching corpus: 1402, signal 105616/108816 (executing program) 2025/01/19 15:59:47 fetching corpus: 1402, signal 105616/108883 (executing program) 2025/01/19 15:59:47 fetching corpus: 1402, signal 105616/108956 (executing program) 2025/01/19 15:59:47 fetching corpus: 1402, signal 105616/109015 (executing program) 2025/01/19 15:59:47 fetching corpus: 1402, signal 105616/109104 (executing program) 2025/01/19 15:59:47 fetching corpus: 1402, signal 105616/109167 (executing program) 2025/01/19 15:59:47 fetching corpus: 1402, signal 105616/109233 (executing program) 2025/01/19 15:59:47 fetching corpus: 1402, signal 105616/109279 (executing program) 2025/01/19 15:59:47 fetching corpus: 1402, signal 105616/109279 (executing program) 2025/01/19 15:59:50 starting 8 fuzzer processes 15:59:50 executing program 0: r0 = dup(0xffffffffffffffff) sendmsg$TIPC_CMD_GET_MAX_PORTS(r0, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x41000002}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x1c, 0x0, 0x100, 0x70bd2b, 0x25dfdbfb, {}, ["", "", "", "", "", "", "", "", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x48051}, 0x40004) sendmsg$TIPC_CMD_GET_MEDIA_NAMES(r0, &(0x7f00000001c0)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x1c, 0x0, 0x1, 0x70bd29, 0x25dfdbfd, {}, ["", "", "", "", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x4048001}, 0x4090) ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(r0, 0xc018937d, &(0x7f0000000200)={{0x1, 0x1, 0x18, r0, {0x1}}, './file0\x00'}) r2 = syz_io_uring_complete(0x0) sendmsg$SMC_PNETID_GET(r2, &(0x7f0000000340)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000300)={&(0x7f0000000280)={0x48, 0x0, 0x10, 0x70bd26, 0x25dfdbfb, {}, [@SMC_PNETID_NAME={0x9, 0x1, 'syz0\x00'}, @SMC_PNETID_ETHNAME={0x14, 0x2, 'vcan0\x00'}, @SMC_PNETID_IBPORT={0x5, 0x4, 0x2}, @SMC_PNETID_IBNAME={0x9, 0x3, 'syz0\x00'}]}, 0x48}, 0x1, 0x0, 0x0, 0x40000}, 0x0) fdatasync(r2) ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(r1, 0xc018937d, &(0x7f0000000380)={{0x1, 0x1, 0x18, r2, {0xc8a9}}, './file0\x00'}) sendmsg$IPSET_CMD_LIST(r3, &(0x7f0000000480)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000440)={&(0x7f0000000400)={0x28, 0x7, 0x6, 0x401, 0x0, 0x0, {0x3, 0x0, 0x4}, [@IPSET_ATTR_FLAGS={0x8, 0x6, 0x1, 0x0, 0x3c}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}]}, 0x28}, 0x1, 0x0, 0x0, 0x24008000}, 0x24000004) r4 = socket$inet_tcp(0x2, 0x1, 0x0) tee(r4, r3, 0x9, 0x2) mount(&(0x7f00000004c0)=@nullb, &(0x7f0000000500)='./file0\x00', &(0x7f0000000540)='nfs4\x00', 0x82080, &(0x7f0000000580)='syz0\x00') ioctl$F2FS_IOC_WRITE_CHECKPOINT(r3, 0xf507, 0x0) r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000600), r3) sendmsg$NL80211_CMD_TDLS_CHANNEL_SWITCH(r0, &(0x7f0000000740)={&(0x7f00000005c0)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000700)={&(0x7f0000000640)={0x98, r5, 0x8, 0x70bd28, 0x25dfdbfc, {{}, {@void, @void}}, [@NL80211_ATTR_OPER_CLASS={0x5}, @NL80211_ATTR_MAC={0xa, 0x6, @broadcast}, @NL80211_ATTR_OPER_CLASS={0x5, 0xd6, 0xf8}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_OPER_CLASS={0x5, 0xd6, 0x5}, @NL80211_ATTR_OPER_CLASS={0x5, 0xd6, 0xee}, @NL80211_ATTR_MAC={0xa, 0x6, @broadcast}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ_OFFSET={0x8, 0x122, 0x192}, @NL80211_ATTR_WIPHY_CHANNEL_TYPE={0x8}, @NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0x8}, @NL80211_ATTR_WIPHY_CHANNEL_TYPE={0x8, 0x27, 0x1}, @NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0x7}, @NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0xffff153a}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x3a}, @NL80211_ATTR_CHANNEL_WIDTH={0x8, 0x9f, 0x3}]]}, 0x98}, 0x1, 0x0, 0x0, 0x20004000}, 0x40) r6 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000000780), 0x2c100, 0x0) sendmsg$ETHTOOL_MSG_FEATURES_GET(r6, &(0x7f00000008c0)={&(0x7f00000007c0)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000880)={&(0x7f0000000800)={0x68, 0x0, 0x1, 0x70bd29, 0x25dfdbfe, {}, [@HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'bridge0\x00'}]}, @HEADER={0x3c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'bridge0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'wlan1\x00'}]}]}, 0x68}, 0x1, 0x0, 0x0, 0x408c5}, 0x50) ioctl$AUTOFS_DEV_IOCTL_READY(r6, 0xc0189376, &(0x7f0000000900)={{0x1, 0x1, 0x18, r3, {0x8}}, './file0\x00'}) ioctl$FS_IOC_GET_ENCRYPTION_POLICY_EX(r7, 0xc0096616, &(0x7f0000000940)={0x2, [0x0, 0x0]}) ioctl$FICLONE(0xffffffffffffffff, 0x40049409, r7) 15:59:50 executing program 1: prctl$PR_SET_KEEPCAPS(0x8, 0x1) prctl$PR_SET_KEEPCAPS(0x8, 0x1) prctl$PR_SET_KEEPCAPS(0x8, 0x1) prctl$PR_SET_KEEPCAPS(0x8, 0x0) prctl$PR_SET_KEEPCAPS(0x8, 0x1) prctl$PR_SET_KEEPCAPS(0x8, 0x0) prctl$PR_SET_KEEPCAPS(0x8, 0x0) prctl$PR_SET_KEEPCAPS(0x8, 0x0) prctl$PR_SET_KEEPCAPS(0x8, 0x1) prctl$PR_SET_KEEPCAPS(0x8, 0x0) prctl$PR_SET_KEEPCAPS(0x8, 0x1) prctl$PR_SET_KEEPCAPS(0x8, 0x1) prctl$PR_SET_KEEPCAPS(0x8, 0x1) prctl$PR_SET_KEEPCAPS(0x8, 0x0) prctl$PR_SET_KEEPCAPS(0x8, 0x91) prctl$PR_SET_KEEPCAPS(0x8, 0x0) prctl$PR_SET_KEEPCAPS(0x8, 0x1) prctl$PR_SET_KEEPCAPS(0x8, 0x0) prctl$PR_SET_KEEPCAPS(0x8, 0x1) prctl$PR_SET_KEEPCAPS(0x8, 0x1) 15:59:50 executing program 2: clock_gettime(0x0, &(0x7f0000000000)={0x0, 0x0}) nanosleep(&(0x7f0000000040)={r0, r1+10000000}, &(0x7f0000000080)) clock_gettime(0x0, &(0x7f0000000100)={0x0, 0x0}) semtimedop(0xffffffffffffffff, &(0x7f00000000c0)=[{0x1, 0x5, 0x800}, {0x0, 0x8, 0x1000}, {0x1, 0x7, 0x800}], 0x3, &(0x7f0000000140)={r2, r3+60000000}) recvmmsg$unix(0xffffffffffffffff, &(0x7f0000001500)=[{{0x0, 0x0, &(0x7f0000001180)=[{&(0x7f0000000180)=""/4096, 0x1000}], 0x1, &(0x7f00000011c0)=[@rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x20, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0x68}}, {{&(0x7f0000001240), 0x6e, &(0x7f0000001440)=[{&(0x7f00000012c0)=""/214, 0xd6}, {&(0x7f00000013c0)=""/66, 0x42}], 0x2, &(0x7f0000001480)=[@cred={{0x1c}}, @rights={{0x34, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}], 0x70}}], 0x2, 0x40000041, &(0x7f0000001580)={0x0, 0x3938700}) recvmmsg$unix(r4, &(0x7f0000003cc0)=[{{&(0x7f00000015c0)=@abs, 0x6e, &(0x7f00000017c0)=[{&(0x7f0000001640)=""/154, 0x9a}, {&(0x7f0000001700)=""/137, 0x89}], 0x2, &(0x7f0000001800)=[@rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @cred={{0x1c}}], 0x50}}, {{&(0x7f0000001880), 0x6e, &(0x7f0000001b00)=[{&(0x7f0000001900)=""/174, 0xae}, {&(0x7f00000019c0)=""/230, 0xe6}, {&(0x7f0000001ac0)=""/17, 0x11}], 0x3, &(0x7f0000001b40)=[@rights={{0x2c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}], 0x90}}, {{0x0, 0x0, &(0x7f0000003c00)=[{&(0x7f0000001c00)=""/4096, 0x1000}, {&(0x7f0000002c00)=""/4096, 0x1000}], 0x2, &(0x7f0000003c40)=[@rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}], 0x68}}], 0x3, 0x40012002, 0x0) semtimedop(0x0, &(0x7f0000003d80)=[{0x0, 0xff, 0x1000}, {0x0, 0x8, 0x1000}, {0x1, 0x5}, {0x1, 0x8}, {0x1, 0x800, 0x1c00}, {0x4, 0xffe0, 0x400}, {0x1, 0xfff9, 0x1800}, {0x4, 0x1, 0x3000}, {0x2, 0x100, 0x1800}], 0x9, &(0x7f0000003dc0)={0x77359400}) r5 = semget(0x2, 0x0, 0x22) semtimedop(r5, &(0x7f0000003e00)=[{0x1, 0x85, 0x1800}, {0x2, 0x3, 0x800}, {0x3, 0x9, 0x1800}], 0x3, &(0x7f0000003e40)) r6 = semget(0x1, 0x4, 0x40) clock_gettime(0x0, &(0x7f0000003ec0)={0x0, 0x0}) semtimedop(r6, &(0x7f0000003e80)=[{0x2, 0x3}, {0x3, 0x7ff, 0x1800}, {0x3, 0xe959}], 0x3, &(0x7f0000003f00)={r7, r8+60000000}) semctl$IPC_RMID(r5, 0x0, 0x0) r9 = semget(0x3, 0x4, 0x400) semctl$IPC_RMID(r9, 0x0, 0x0) semctl$IPC_STAT(r6, 0x0, 0x2, &(0x7f0000003f40)=""/18) clock_gettime(0x0, &(0x7f0000003f80)) semtimedop(r9, &(0x7f0000003fc0)=[{0x1, 0x9, 0x1000}, {0x2, 0x7, 0x1800}, {0x3, 0x8}], 0x3, &(0x7f0000004000)={0x0, 0x3938700}) clock_getres(0x3, &(0x7f0000004040)) semtimedop(r6, &(0x7f0000004080)=[{0x0, 0x3, 0x1000}, {0x1, 0x81}, {0x0, 0x4}, {0x2, 0x3, 0x1800}, {0x0, 0x2, 0x800}], 0x5, &(0x7f00000040c0)={0x0, 0x3938700}) [ 87.868504] audit: type=1400 audit(1737302390.672:7): avc: denied { execmem } for pid=272 comm="syz-executor.1" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1 15:59:50 executing program 3: ioctl$TIOCMBIC(0xffffffffffffffff, 0x5417, &(0x7f0000000000)=0x4) ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000040)={{0x1, 0x1, 0x18, 0xffffffffffffffff}, './file0\x00'}) ioctl$KDGKBENT(r0, 0x4b46, &(0x7f0000000080)={0x3, 0x8, 0x8}) ioctl$INCFS_IOC_GET_FILLED_BLOCKS(r0, 0x80286722, &(0x7f0000000180)={&(0x7f00000000c0)=""/162, 0xa2, 0x4, 0x3f}) ioctl$PIO_FONTRESET(r0, 0x4b6d, 0x0) ioctl$F2FS_IOC_SET_PIN_FILE(r0, 0x4004f50d, &(0x7f00000001c0)) r1 = openat$full(0xffffffffffffff9c, &(0x7f0000000200), 0x202, 0x0) recvmsg$unix(r1, &(0x7f0000000480)={&(0x7f0000000240)=@abs, 0x6e, &(0x7f0000000340)=[{&(0x7f00000002c0)=""/123, 0x7b}], 0x1, &(0x7f0000000380)=[@rights={{0x20, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0xf0}, 0x0) ioctl$BTRFS_IOC_SNAP_CREATE(r4, 0x50009401, &(0x7f00000004c0)={{}, "89f53c8f82d479a0095fd1ce89fa65da118ae81fccf0dc8eb5cd4efd312e28d7cd54dc13c4a1d3d38094ff60fa50b42c629d6077657760ddc98140364ade5291c1d95a6f3622f7a07bd4dc17505ecaa9337bcf3ffeb044834f3075bcefa10b7c0a430745c8e5dabef7da9d7ff62cfc83844c81f317d1fc3ff11fc1277db13d9ab7bf706bb9fd99faab14d9ce24224f35218fb3db3ec81b634b6a45a81a72ca7f027d202e89bd9a93ed998c4fa12364d0390ea084819629d59a2a181c06ddc95ab319c0591f3dec712d6586775d62bffe18e67fed099e3462dc6e5d3e93665922c08574165396b95c17dfe6c7fcb96ad50dab2792423d288651b4f80e0af99c69cbb4c959829ac1195bec9e4a5d3cc7cd2f63979e0c8d607b152d03de1eeeb0ab5c3747f0b0b9130a2d50f103a355d059489fff19291c2e26f504d02465086b0c250aa1173a5b857cee3ecdd1fbc6de3db212388c1c991d845e808a61d2b78954101b37f8eddbe87a09bf345decc96909ad6819bcf0d307d5520dc57468ad8967671f37a6cfa095daab0688de7c0bbccf22a607c8ab2a23ae8b9c306776c88f9db0788bb32bb452430870b0c8898a102f8ef24d512e158a454b682746d05aa6bea0b66c978c4fbcb9eae24b8521b97180d4483129dde325ed898024e2dcff23289e03a000879d91d1221f4216e620ed173ec0e3a1bfff0edf88930276fcf2a96954d84ddee87e5bb26bd8c63975eae8353b9595c1c3f57cf6a86dd27dc751c7490f77e7e6c81da7105164103b742de5c010c60c00a09c25bee42416097f7ac713608270477d919253ec8bf242f8987e0bc96c0d627e0580eaf31b456fb1f0306833efa2ba61963a26e42f4f145b37919bdef83b04e8ca6a9e4857bc668b15a0365d897bdd5ec3a68869526dbfc41cd9eb05c7969d1e307d5e5cec3dd3bdce9d7da87d153deaa3cb9e8367b380c54072c3187fb889647037a2747d2c9f6994071a729638163609d38120e8e71e72cddd2a0a22a98469888eaed9ab0ac9375f53283f45b3ea2776ded101634e49052b3445b752dedec8a300dc3c67c85d88b19fef945fef6d5f5a93fb7814e3a49960c2e377f55dce751154f6dd83f4cd173e459c4ffceeb5ffb066aa5b2ee42fdf874fdf308e64f084fc7f837fafa2a4a2cd50a54684dd5f9759f83d9ecaec12c2e94fd5be8814b385a517e308e49afd3c95014abf93c58ffc401fdcd79165a3ac78bd60cbca8daf47c2114f54e70d6d020ce3edd226e8ebbdfbd498ee3a5b5fbb5c6fe8d65ca2a4fa8dea9c8c3a76d2c73029fff6a7dfd1f8a3ac6c9d2abd39999c0c4f90e10a32d70728291f0dc986374e9583df5078a5654cea4161a8db1969d39db4838b5228e93ede258ee55d50cbfb34444942c97924fe633ab5618a86d4f32e75ce460d5e154a25696d31cac51294c8e5bd42060a931ae6084dec3051e798e02de2e2b01d82e9a0de649f5ab3fe3f1f6399e48de91d32cb3ed92809158688be19e48126cb99249df02a8011c02f03afeee2d08eec8e15cea2a2c1c589c48fe48e662a269c5fa53881d0a141e8056b52a3ae0c66fd31e15782bcce1e0fe824cb3ddf555589847836c749a90f2df473c2ccd7b2b055ccefd363b46423819ae8cdf4b4de278987e3bab8bc0543dad9826fd06b47a420358ce1d6287f7c6f6b463bf36b03095dd7798d9f87e3996f29ca043f3e339c6bc8112d0c596e2124bec9e9747c1a54606fcfea33991d0f672e0909fb3dfe69b1ec90c64877fba5216ca5e73a0ce0dfe7a9a15cbf26f23447557171d7f3e484f802e0e9a9d121b290068458e16575cc6a7acabc5a86798c99e6eeb353c31af8e726566ac0c64bbecd80dc6a2a854368f672ace0a4eae3f14074d9b1fd5e976b4d4277f69f5379c916ec64486741c1af578f8ff20a096a1e4e3b647f79ed569885f6f2a1b196b345db49c74fca990bdbdc0f85d73506b09c364d2dc11a39ce0a5439eb2291f52dd9eeb44453f25b3ca335524c7252125708c54feb8e1379913ebee280205983a81805c429572e587ffa29c54c70e9bbc27cb8056c90fa863192059df6556431ed8645e7e72bd00acce2e42ed96181f467db2431a1b7bc9a6405115c4367d96df47dcac39df2df58e0a2633ed62d5382eece6c5195a4dde1ebb1d88a550dfae9e32bcee361c001b8fd165bff2a0a08b69aa7eade9b083731dd1b31b7650c1e036293f56d84a236df1642e226057cf9a5249b89c8b520b46c4ebc8cf4d5e79506746ac533a34f80446cf6819768e164d01d3edbabb54a06aa47cb437176973ff739bc05e61c92615b9e731a6f97d00550f167441b692ae8af26f4f90edac4b15d10c622be0c46a59c5f9aa379d7db4d1107ee08f2643336c3e929314b21ee1514d8e0cc553379f43d9f2e9e641b02f1fac5911d7116cd053abf7d2c0b1dcf2cb7d9d164ddd0a97050dcba167ed4bd9e0e401a7bb9aab30382bb21afd3013d15e518e9760cfe956b9bc1ed8df517fc23dfb0cf574d336d5d27fd00d8ef20ac55d2ff5e39b38c890fe0ea49895118f595dd82535599e8a1ff355569df6d2d366376d8bf65b3c80f8451853e8b00a198a53b12cac1fe767fe03448c82e72ed4df4f54b45082eafef2d944c35662e51950d883bbcbf37a47a4364c964f8628011b28583ad44600396af7c76b1460d2ed11eb983d3a2f49a70567c54869a71d95797510ebee8208593b02b171c67a6ef7eae944e503afc700aa53d08acdc1b70762ec6da1dda6d3acb74f77340b9c03e2cf88033261b31d4ac674bd624259006cc98a440a0dbe4c0e16611169b8cb2e352d6dd530f1f929eebe23e5a31f402a165b3cbe82fcfbf0c9c0f3f26f074fb46544f6cedde38619b120efdda80d00e167080ccf7b69381a561c5dd2127c6255f0967174fb863a64487104173f0e67fa67d278264c83b3cc4b8abcb173998b8cfaf2bcb52fcf0066a85aae957979bce687b0699b9dd8e5ff156d8c0d7ab0705a040d0e2c4b7979ed38dd1184624c0bb3c4b7ef1b409a021f8a633417b2564236c89c84c2c6d8cdf683bc78d97a868ab194cd4814c78402696d04f6cbe36ac9fedd3fdbbed98869d413900fee8a4103d8d858423fe1483de4cf04e1134894445fcd4474c05b5c98fb74176bcc3b6b22f587e23323c390d38c3360805bef193bc610c1d890c84bb440fa9908d060faa667694b0e6a376ce2bd8448742d8feabcbddef77bab9f12133f24360f969583c95ea5b69284dba336bdb9050ae2b78e4ec10076b455e1428aa4eab9c855a4e32e4f48cc141e8b496344fb4d8ecfb8a6fba3d458c679ddf81e5f0c73b66edc60c9af6e59543b4c809ef9cd6216cd7e58cb2cb8c5bb769102bc1cd4e7dd5c1b09b27b1f513d041fd6b2427e36ebb61cf75d8b1d129014409a388c2f7db88ab5a92915ad0ffa00c922155efec8d4dcc22a90a44bf88e74b0e77b7a677059835eda999ede1c84801f5c7368d6ece4c334ed362d29a0dc0dfbe4b28588f5517762decc457af5acafa4915cc2566bded6e09c4e1017738a606df2da7a819b25c8b58626d13f85d2c48f4a441d8bfd4a8a96db599e52529ff37de723e357e818feeb51a1b420cb652d8945e5cff673ad33a22197bc1e2dc9c4e69eb081842db26d25009ebb9a9acabe639f9e98bb5bcb320e7001537cb6915510846341f32f3331ef08c1120f11174976c9f8d81ff07615761c252ef45528221ec2aa401abd3fbeca7f3a2224c58526dfc91d123922b9ffc88d5fb30190c6389a4a4afac3724e1ac484f1c56d8548ec97f4567406dc3f2c143136240859c529dfd988bdb9ad6e4e467f111864a5941c5d96d680e7e38dd443cf249dabec48c0098939bc45e861471f30a0fae508bc2c97fdf43ce8bd0d03dda50584d1ffc873887297e08edf45595d7b5de2ed6f8851e4705c477f886719238f8504110b44ac5cf91e57bd8bdbd4cbaaa431f6a482814babcbe2f848fb61932fa17f08a59bb08a123159d7523fe89ec5272f9e41518d65ba1af3e20479917660c6af7d733b82fa27e09921c42c3c2cb4d77aae7b20d8b20331f78a774cb31c9bc6a0098abcb65b99f91d0e2f870ba94f7adae586da03d555805355159fe74d19404aa8e91b66796a6e07cc01886ed2e6cca87f15af5171fd9f4648424206b1c038c62e23ff16e4a64352f7bd4b0b9cedd0948d5c9501ba7ec3562fc06adca7119bd9de101c251f09b3ab68c54f98ddf63a43eed8f058a6bbdbb7e321ae8e3e7ccbbe1d852d0cb6c07a23ba9137b2bcf6caa294dc0081959dc196b953bc0773ee2f99db6bd449395feac3b7d90bb5f3cd1e6320959b5408c061f534925f10c1f1d7dde2d2a27e75fe2154e849c05e305f751c64b5553041e6e497c5b6391084dce53e9318a1bf703024ac8f17dd3f279d4206354037bacd3e356c867c4ec307865329cd3e7e9ecfe5f699dfa3763814ce4fe76b6ea845fc4159ff80bb53293d30fb9908af5bc09295d704710782c4f7ebc4eae563978f0607f32953973386dee44a395f106abfe5e53f82658b74210f82d247d7357d75d0dd8e63436dd2c127c21cd4f9a58ea3d454ceee035f8f255be143c09f6346fbee3c1bfcde12b508163db94bd4b5018aa2e1b69f3a213c7303203239335661b4f10d44810fe9cd5bf3e32ad30c59f5e05b2e5b8b341791f2769506843f6f8831e01fd0d2a735ad5f85285aba4f696594ed428ca7dda5d96e5162fcbce69eff3a7c6a3b1a01e54d9e0335e4571c2d28ddb2e9c773771b0f868be2cfc29e2b6a962fdc87a424f63100bebc91531179fc84b3eb95f2e862410a6dbbc849ce4fcfba3a8bd8eee2db151967b63d588d072f22683d9b3141c0a3f1fe545099da5a3cb17abd99c918faa8f925ce8b325e10e691a6e6a114ed7fc3603ba65ee8b47ff92cc317dcca09b23e90bcc622ebc293ebd90fd9fa8c82da797c00a29cf25bd3a963f954b814039346dc3e9c2beca9bad9b0565c33e7fe568197fee2d628617416837832280ee17c27fe334bf6506d326d565b34603c4e4af56a39c477a83f916ba05f2e747b4baee44914127ee4a45b84a73b93cb3997e6de8b45cf6c49933fc21c50b8fa6fc98c2417db2d210a32039ba60ae68df5bb4997fa94cde889332caece7b847070c723128374ab7c9b3e7274a3e61a903f7d30ac24cddd1fc1f8acddf55515e0ca853783030c3599ab1c60ce35b86be0b128b3394568dcd2920de23761095cc560f77ad138ded392f3a28c19bcf1af5a18d0f639c09677c4c07285dbb3dfec4327813c42daf69ed01c27231eb912b9b1ac7d8ffa535f0cad9e5a6ae9e81a69c98b47d5f3b6bcfc3ba5a1b7944c09d069291b86683eb7f37711504139dfc84985978f31ed507c491c3548dc33fc68b7c49d8a659d37711583cd95daa84e23d9a7b3aa110c2d3c4699715dce3530051e1c87dadac4402a67d30e47eb4772d35790a95c5cfee4b90f0b310ea4ba650e07582490f5ff37481d565450a3b89cb34f779ddf78958bedcfa0f4e3290d09ecd70fb498692599288b3fbbfab6a454c3b6ed47752a80314d28975f2b6e41bb47d1bdbe706ea5d475f8f2704a0bab3a9fe375e29676513c8b5d33febf26cffa5ac0c04c7bf7016d1b9ea6212f1d12499979438f1f11f6f88d37dae63a7f1a9faf65df3b99d246b096bed8ae5be6ed5944eb98a477829952099c553a95798d4215a59b1b4bfbd7f21b1d8615ffee691ef993998223b48f9dfd3325d53246d"}) fsetxattr$trusted_overlay_redirect(0xffffffffffffffff, &(0x7f00000014c0), &(0x7f0000001500)='./file0\x00', 0x8, 0x3) r7 = signalfd4(r2, &(0x7f0000001540)={[0xfffffffffffffffa]}, 0x8, 0x80800) ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(0xffffffffffffffff, 0xc018937e, &(0x7f0000001580)={{0x1, 0x1, 0x18, r7, @out_args}, './file0\x00'}) r8 = socket$nl_xfrm(0x10, 0x3, 0x6) ioctl$BTRFS_IOC_LOGICAL_INO_V2(r8, 0xc038943b, &(0x7f0000001600)={0x0, 0x40, '\x00', 0x1, &(0x7f00000015c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) openat$dir(0xffffffffffffff9c, &(0x7f0000001640)='./file0\x00', 0x4201, 0x22) ioctl$TIOCPKT(r6, 0x5420, &(0x7f0000001680)=0x9) pipe(&(0x7f00000016c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_ipv6_tunnel_SIOCCHG6RD(r5, 0x89fb, &(0x7f00000017c0)={'ip6_vti0\x00', &(0x7f0000001740)={'ip6gre0\x00', 0x0, 0x29, 0x4, 0xf9, 0x1f, 0x0, @dev={0xfe, 0x80, '\x00', 0x12}, @private0={0xfc, 0x0, '\x00', 0x1}, 0x20, 0x20, 0xe9b7, 0x9}}) sendmsg$ETHTOOL_MSG_CHANNELS_SET(r9, &(0x7f00000018c0)={&(0x7f0000001700)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000001880)={&(0x7f0000001800)={0x7c, 0x0, 0x4, 0x70bd25, 0x25dfdbfe, {}, [@ETHTOOL_A_CHANNELS_OTHER_COUNT={0x8, 0x8, 0xbfba}, @ETHTOOL_A_CHANNELS_TX_COUNT={0x8, 0x7, 0xb6}, @ETHTOOL_A_CHANNELS_HEADER={0x40, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r10}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'macvtap0\x00'}]}, @ETHTOOL_A_CHANNELS_TX_COUNT={0x8, 0x7, 0x9}, @ETHTOOL_A_CHANNELS_OTHER_COUNT={0x8}, @ETHTOOL_A_CHANNELS_TX_COUNT={0x8, 0x7, 0x10000}]}, 0x7c}, 0x1, 0x0, 0x0, 0x44081}, 0x200400c0) ioctl$sock_ipv6_tunnel_SIOCADDPRL(r3, 0x89f5, &(0x7f0000001980)={'ip6gre0\x00', &(0x7f0000001900)={'syztnl1\x00', r10, 0x29, 0x1, 0x3, 0x401, 0x4, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @remote, 0x10, 0x7f51, 0x1f}}) 15:59:50 executing program 4: ioctl$TUNGETFEATURES(0xffffffffffffffff, 0x800454cf, &(0x7f0000000000)) ioctl$AUTOFS_DEV_IOCTL_PROTOVER(0xffffffffffffffff, 0xc0189372, &(0x7f0000000040)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x228}}, './file0\x00'}) ioctl$FIOCLEX(r0, 0x5451) execve(&(0x7f0000000080)='./file0/file0\x00', &(0x7f0000000140)=[&(0x7f00000000c0)='+-@\'-\x00', &(0x7f0000000100)='\xcf.]#\x00'], &(0x7f0000000340)=[&(0x7f0000000180)='/\x00', &(0x7f00000001c0)='\x00', &(0x7f0000000200)=',}\x00', &(0x7f0000000240)='\x00', &(0x7f0000000280)='%\x00', &(0x7f00000002c0)='-):!@+\x00', &(0x7f0000000300)='\x9d!:-,\x00']) r1 = socket$inet_icmp(0x2, 0x2, 0x1) ioctl$EXT4_IOC_GET_ES_CACHE(r1, 0xc020662a, &(0x7f0000000380)={0x7fffffff, 0x5, 0x0, 0x1, 0x1, [{0x1, 0x5, 0x2, '\x00', 0x1886}]}) ioctl$sock_SIOCDELRT(r0, 0x890c, &(0x7f0000000440)={0x0, @sco={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, @isdn={0x22, 0x4, 0x1, 0xe4, 0xee}, @isdn={0x22, 0x7f, 0x3, 0x9, 0x20}, 0xffff, 0x0, 0x0, 0x0, 0x5, &(0x7f0000000400)='macvlan0\x00', 0xff, 0x0, 0x7}) setsockopt(r0, 0x4, 0x2, &(0x7f00000004c0)="f90ec2d02cdbffac907b3170b37dbeab107e795eaf33ee1c602c133f5d890c89f543c744c9da940055d860f7ec20ce77909b1ee177a193a8262d1d40b786e4f772e2443acf6e8a4fdfd767094234a27c5152aeeaa9b016af92e00dde4b706f3790a9b4bb6d997973ae0144b6aa2dc220551311580f37d2d89986e2a0fbb01924caa149060a7282d26b7a034553cecf39e0793ff36ea35b432749861106cf7789bd152daa03d229d539bc39fde00ef646c3aa51afb585b497790da66a83a45e265e25dadb1eb64801b77bc0855b726a743906fe58777de1ed87e10bf8939ec5e76a664e8771bbae4b68960a24ca", 0xed) ioctl$AUTOFS_DEV_IOCTL_PROTOVER(r0, 0xc0189372, &(0x7f00000005c0)={{0x1, 0x1, 0x18, r1, {0x6}}, './file0\x00'}) ioctl$BTRFS_IOC_WAIT_SYNC(r2, 0x40089416, 0x0) r3 = openat$sr(0xffffffffffffff9c, &(0x7f0000000600), 0x200, 0x0) ioctl$TUNGETFILTER(r3, 0x801054db, &(0x7f0000000640)=""/4096) clone3(&(0x7f00000017c0)={0x80a000, &(0x7f0000001640)=0xffffffffffffffff, &(0x7f0000001680), &(0x7f00000016c0), {0x3e}, &(0x7f0000001700)=""/10, 0xa, &(0x7f0000001740), &(0x7f0000001780)=[0x0], 0x1, {r2}}, 0x58) ioctl$LOOP_SET_FD(r2, 0x4c00, r4) r5 = syz_open_dev$tty20(0xc, 0x4, 0x0) ioctl$FS_IOC_SETFLAGS(r5, 0x40086602, &(0x7f0000001840)=0x8f319943fe966c0c) recvmsg(r2, &(0x7f0000001e00)={&(0x7f0000001880)=@in, 0x80, &(0x7f0000001c80)=[{&(0x7f0000001900)=""/65, 0x41}, {&(0x7f0000001980)=""/188, 0xbc}, {&(0x7f0000001a40)=""/50, 0x32}, {&(0x7f0000001a80)=""/223, 0xdf}, {&(0x7f0000001b80)=""/232, 0xe8}], 0x5, &(0x7f0000001d00)=""/227, 0xe3}, 0x2000) r6 = syz_genetlink_get_family_id$ethtool(&(0x7f0000001e80), r2) sendmsg$ETHTOOL_MSG_LINKINFO_SET(r3, &(0x7f0000001f40)={&(0x7f0000001e40)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000001f00)={&(0x7f0000001ec0)={0x2c, r6, 0x400, 0x70bd26, 0x25dfdbfb, {}, [@ETHTOOL_A_LINKINFO_PHYADDR={0x5, 0x3, 0x3}, @ETHTOOL_A_LINKINFO_PORT={0x5, 0x2, 0x1}, @ETHTOOL_A_LINKINFO_TP_MDIX_CTRL={0x5, 0x5, 0xe2}]}, 0x2c}, 0x1, 0x0, 0x0, 0x4000840}, 0x800) ioctl$FS_IOC_GETVERSION(0xffffffffffffffff, 0x80087601, &(0x7f0000001fc0)) 15:59:50 executing program 6: r0 = openat$tcp_congestion(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0) ioctl$BTRFS_IOC_SUBVOL_CREATE_V2(r0, 0x50009418, &(0x7f00000000c0)={{}, 0x0, 0x2, @inherit={0x58, &(0x7f0000000040)={0x0, 0x2, 0x3ff, 0x6, {0x18, 0x1, 0x4, 0x40, 0x1f}, [0x3ff, 0x1000]}}, @subvolid=0x1}) fsetxattr$security_evm(r0, &(0x7f00000010c0), &(0x7f0000001100)=@sha1={0x1, "38d0db390212d15fc4c8da31fd98d20d0f34fc56"}, 0x15, 0x1) write(0xffffffffffffffff, &(0x7f0000001140)="2adb818049c8e3a6393290d4c7238e76474e83b1310ed020f1a3d854f653d9f9b9ba3664f8dc9e473d0eb8420a77c7d5ed20a06995a02eebcb8fda0f3d8bc8f1fc5d8b498947d2e70e4d23b14bf71fcb866007cb6890be3a59c8e18fa704f8d6e2a38785aa66fed017e2bb7483934be71638b119389957243384d494519842513f856f75d02267df9b0efb1dd978b36c44af8894621b5b179b3e9caa5cab0ec0a6e1658f3856afdacdda1c27386939", 0xaf) fcntl$setlease(r0, 0x400, 0x2) ioctl$BTRFS_IOC_GET_FEATURES(r0, 0x80189439, &(0x7f0000001200)) write$P9_RXATTRWALK(0xffffffffffffffff, &(0x7f0000001240)={0xf, 0x1f, 0x2, 0x666}, 0xf) fsetxattr$trusted_overlay_origin(r0, &(0x7f0000001280), &(0x7f00000012c0), 0x2, 0x3) r1 = perf_event_open(&(0x7f0000001340)={0x3, 0x80, 0x7f, 0x20, 0x3f, 0x5, 0x0, 0x7, 0x20a2, 0xb, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x3, 0x0, @perf_bp={&(0x7f0000001300), 0x2}, 0x2, 0x401, 0x8, 0x8, 0x5, 0x2, 0x4, 0x0, 0x81, 0x0, 0x690b}, 0xffffffffffffffff, 0x4, 0xffffffffffffffff, 0xa) ioctl$F2FS_IOC_COMMIT_ATOMIC_WRITE(r1, 0xf502, 0x0) ioctl$AUTOFS_IOC_PROTOVER(r0, 0x80049363, &(0x7f00000013c0)) ioctl$BTRFS_IOC_SET_FEATURES(r0, 0x40309439, &(0x7f0000001400)={0x0, 0x1}) r2 = openat$cgroup_int(0xffffffffffffffff, &(0x7f0000001440)='memory.swap.max\x00', 0x2, 0x0) ioctl$F2FS_IOC_RESERVE_COMPRESS_BLOCKS(r2, 0x8008f513, &(0x7f0000001480)) r3 = dup2(r0, r0) sendmsg$SMC_PNETID_DEL(r3, &(0x7f0000001580)={&(0x7f00000014c0)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000001540)={&(0x7f0000001500)={0x28, 0x0, 0x400, 0x70bd2a, 0x25dfdbfe, {}, [@SMC_PNETID_ETHNAME={0x14, 0x2, 'bond0\x00'}]}, 0x28}, 0x1, 0x0, 0x0, 0x4008040}, 0x11) io_setup(0x8, &(0x7f00000015c0)=0x0) io_cancel(r4, &(0x7f00000016c0)={0x0, 0x0, 0x0, 0x1, 0x1db8, r1, &(0x7f0000001600)="8f798ff03aa0073af9f1edf4c6846222b7c88d8ed53820f9058bb5730dbbc1927d635f858f755c2aaa1fb42eb8b88516d2c9a87a897b6566d556c380fa5af2e75af613d3baa404cab5668f085314a6aa0c70c3ba778bf21031c61dd0c8259d9603fb04785e3debd8473e992a20b3652a0adaaebad947adb48793f28f08215db7a2ef4008eb9cc0814920e75fa5594c18d60d89d12211d21017596c6ac55a36397f5a76a1e77231", 0xa7, 0x1f, 0x0, 0x2}, &(0x7f0000001700)) openat(r3, &(0x7f0000001740)='./file0\x00', 0x14802, 0xe) ioctl$int_in(0xffffffffffffffff, 0x5452, &(0x7f00000017c0)=0x6) 15:59:50 executing program 7: fsetxattr$trusted_overlay_redirect(0xffffffffffffffff, &(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x8, 0x0) getpeername$unix(0xffffffffffffffff, &(0x7f0000000080)=@abs, &(0x7f0000000100)=0x6e) execve(&(0x7f0000000140)='./file0\x00', &(0x7f00000003c0)=[&(0x7f0000000180)='!\\--#\x00', &(0x7f00000001c0)='trusted.overlay.redirect\x00', &(0x7f0000000200)='trusted.overlay.redirect\x00', &(0x7f0000000240)='trusted.overlay.redirect\x00', &(0x7f0000000280)='trusted.overlay.redirect\x00', &(0x7f00000002c0)='trusted.overlay.redirect\x00', &(0x7f0000000300)='trusted.overlay.redirect\x00', &(0x7f0000000340)='+$\'\x00', &(0x7f0000000380)='trusted.overlay.redirect\x00'], &(0x7f0000000500)=[&(0x7f0000000440)='trusted.overlay.redirect\x00', &(0x7f0000000480)='\x00', &(0x7f00000004c0)='trusted.overlay.redirect\x00']) utimensat(0xffffffffffffff9c, &(0x7f0000000540)='./file0\x00', &(0x7f0000000580)={{0x0, 0xea60}}, 0x100) recvmsg$unix(0xffffffffffffffff, &(0x7f0000000940)={0x0, 0x0, &(0x7f0000000800)=[{&(0x7f0000000680)=""/40, 0x28}, {&(0x7f00000006c0)=""/29, 0x1d}, {&(0x7f0000000700)=""/199, 0xc7}], 0x3, &(0x7f0000000840)=[@cred={{0x1c, 0x1, 0x2, {0x0, 0x0}}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0x0}}}, @rights={{0x2c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0xc8}, 0x2060) statx(0xffffffffffffffff, &(0x7f0000000980)='./file0\x00', 0x1000, 0x20, &(0x7f00000009c0)={0x0, 0x0, 0x0, 0x0, 0x0}) mount$9p_xen(&(0x7f00000005c0), &(0x7f0000000600)='./file0\x00', &(0x7f0000000640), 0x200810, &(0x7f0000000ac0)={'trans=xen,', {[{@access_uid={'access', 0x3d, r0}}, {@cache_loose}, {@access_any}, {@msize={'msize', 0x3d, 0xd108}}, {@noextend}, {@fscache}, {@access_any}, {@cache_mmap}], [{@rootcontext={'rootcontext', 0x3d, 'staff_u'}}, {@permit_directio}, {@smackfsfloor={'smackfsfloor', 0x3d, '!\\--#\x00'}}, {@smackfsdef={'smackfsdef', 0x3d, '\x00'}}, {@pcr={'pcr', 0x3d, 0xe}}, {@smackfstransmute={'smackfstransmute', 0x3d, '\x00'}}, {@fowner_lt={'fowner<', r10}}, {@fsuuid={'fsuuid', 0x3d, {[0x30, 0x36, 0x31, 0x39, 0x31, 0x39, 0x6, 0x39], 0x2d, [0x39, 0x30, 0x32, 0x33], 0x2d, [0x64, 0x33, 0x63, 0x32], 0x2d, [0x31, 0x66, 0x63, 0x39], 0x2d, [0x64, 0x32, 0x36, 0x34, 0x65, 0x61, 0x36, 0x33]}}}, {@appraise}]}}) clock_gettime(0x0, &(0x7f0000000c40)={0x0, 0x0}) utimes(&(0x7f0000000c00)='./file0\x00', &(0x7f0000000c80)={{r11, r12/1000+10000}, {0x0, 0xea60}}) openat(r6, &(0x7f0000000cc0)='./file0\x00', 0x54e40, 0x120) fcntl$lock(r7, 0x25, &(0x7f0000000d00)={0x0, 0x4, 0x0, 0x8, r1}) r13 = syz_mount_image$tmpfs(&(0x7f0000000d40), &(0x7f0000000d80)='./file0\x00', 0x3, 0x7, &(0x7f0000001140)=[{&(0x7f0000000dc0)="ba088364cacdd7a25da00ed477900e1ee4", 0x11, 0x3}, {&(0x7f0000000e00)="9d92588a8197419de55fa0eb0ba6fc28612a204f0b6e73ecf2d7929b3af9d25c7d634e8009dc3b5be399de3aa50fd6f3c9998a7a82c5d112050f18b27c9860bea045f732243baaf698423f0a8b16974badc4bc8a1ad2058efe505a9b0804ba280cbf57fddc12d3ec19d4a1b148d36543643430f3fb5dce3c1cbe447a19818fa1ec5bec1aea56b72eceef70076d7bf74891b2ff99ca44bd8aa066839900d575cba8a4da2254e065cd41ff9f7957c4", 0xae, 0x1}, {&(0x7f0000000ec0)="5c8f0bbaf06d8a1cca7577210941c26475042daedf5476caecccb09a51f9d42c9e451e43789f45ef7a8960c4f151aec9f44b2ed25301912306a42d65cb9f2c0813f71f0cfeb6b210dc1cc1b6649e898556dd3983691c07b673b2a0aed7e948a8", 0x60, 0x200}, {&(0x7f0000000f40)="78a95ff9f9b93403b563db53297a5f2907d0fdaf423f96e8cd910b4cacd676642ba7a67ce4564b3eb291ea7ac58c08400941e3f004b7afab834b984abcd70f0564bae6ce79677b34dfaae19dc01af05f2b968f1e94c0f9c01cdd95d11050d1b4bdf645d6270457d545793cba53745f4c6397a3f845d3f1ecefd081a0", 0x7c, 0xfffffffffffffff8}, {&(0x7f0000000fc0)="8e5ded161d1f098d2c70caf6c9f7763e0c", 0x11, 0x6}, {&(0x7f0000001000)="0d1dd2b1061233968ea11efbd4c2c08e821b13", 0x13, 0x7}, {&(0x7f0000001040)="5c4eb352ef82f51d35707b9168cf5199718a1b7e56a97f24b4f72ce26c2a69e8b9af0d5c3472429d8e2eb140a41d828701eb6dd3b83c7b91646e9643e42b662426922d3b052bf37c0c5762147b534d23df6c360c4c805ac62a9ba570b16295c56149b8ecf5a5e8f8c063f89d9f81d5cb9079fa889a8eb176a44e068947b5505be6595d96b5eab0cf67c8efa7d33b7a854ff04968aa3836c77d0b2ec6e5061d85d6ee20d1817338fb13c3bba9fadd9f9e9d341bff76730bb55fa8a88690cf51a9c929e74b88546cd00dc00b03dc9b2a6a0e9ce38813c0ab5c5d85869865369ca92ff3a51b6f64293475851ed5b6cd3b", 0xef, 0x1}], 0x40000, &(0x7f0000001200)={[{@nr_blocks={'nr_blocks', 0x3d, [0x32, 0x34, 0x30, 0x59b2a50dfbb6b0fa, 0x31]}}, {@huge_always}, {@nr_inodes={'nr_inodes', 0x3d, [0x35, 0x30, 0x30, 0x67, 0x70, 0x35, 0x34, 0x65]}}, {@size={'size', 0x3d, [0x32, 0x32]}}]}) lsetxattr$trusted_overlay_redirect(&(0x7f0000001240)='./file0\x00', &(0x7f0000001280), &(0x7f00000012c0)='./file0\x00', 0x8, 0x0) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000001400)={0x0, 0x0, 0x0}, &(0x7f0000001440)=0xc) lstat(&(0x7f0000001480)='./file1\x00', &(0x7f00000014c0)={0x0, 0x0, 0x0, 0x0, 0x0}) lstat(&(0x7f0000001540)='\x00', &(0x7f0000001580)={0x0, 0x0, 0x0, 0x0, 0x0}) syz_mount_image$tmpfs(&(0x7f0000001300), &(0x7f0000001340)='./file0\x00', 0x93, 0x1, &(0x7f00000013c0)=[{&(0x7f0000001380)="5fbaad788a3ff6370cff64905e683eaedd", 0x11, 0x2}], 0x30cd005, &(0x7f0000001600)={[{@gid={'gid', 0x3d, r14}}], [{@uid_gt={'uid>', r15}}, {@permit_directio}, {@subj_user={'subj_user', 0x3d, 'smackfstransmute'}}, {@smackfsfloor={'smackfsfloor', 0x3d, '!\\--#\x00'}}, {@fowner_gt={'fowner>', r16}}, {@euid_lt={'euid<', r2}}, {@smackfsroot={'smackfsroot', 0x3d, 'trusted.overlay.redirect\x00'}}, {@permit_directio}]}) ioctl$AUTOFS_DEV_IOCTL_PROTOVER(r9, 0xc0189372, &(0x7f0000001700)={{0x1, 0x1, 0x18, r6, {0x3ff}}, './file0\x00'}) r18 = pidfd_getfd(r8, r13, 0x0) io_uring_register$IORING_REGISTER_FILES(r17, 0x2, &(0x7f0000001880)=[r4, 0xffffffffffffffff, r18, r5, r3, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff], 0x8) 15:59:50 executing program 5: fallocate(0xffffffffffffffff, 0x11, 0x100, 0x8) r0 = signalfd(0xffffffffffffffff, &(0x7f0000000000)={[0x377]}, 0x8) ioctl$F2FS_IOC_ABORT_VOLATILE_WRITE(r0, 0xf505, 0x0) ioctl$AUTOFS_DEV_IOCTL_OPENMOUNT(r0, 0xc0189374, &(0x7f0000000040)={{0x1, 0x1, 0x18, r0, {0x7}}, './file0\x00'}) ioctl$TIOCL_SETSEL(r1, 0x541c, &(0x7f0000000080)={0x2, {0x2, 0x3, 0x0, 0x7, 0x5, 0xf}}) r2 = socket$inet6_udp(0xa, 0x2, 0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f00000000c0)={0xc0002002}) getresuid(&(0x7f0000000140)=0x0, &(0x7f0000000180), &(0x7f00000001c0)) fchownat(r0, &(0x7f0000000100)='./file0\x00', r3, 0xffffffffffffffff, 0x1000) lsetxattr$security_ima(&(0x7f0000000200)='./file0\x00', &(0x7f0000000240), &(0x7f0000000280)=@sha1={0x1, "4dcf6e7ea2e4148811a37352afd546cc69c90a04"}, 0x15, 0x3) setxattr$incfs_metadata(&(0x7f00000002c0)='./file1\x00', &(0x7f0000000300), &(0x7f0000000340)="823af990c88386ebe63b6f8cc9e6363da73b061c8a0d8b19011d34fb5538142c5018efcecfbbc46a229cf8f9ea159a82408b0b52f55df6c029b91f9b059483c718ba77c770dcfca80576fc0d736c915ee19a33213e8e939289f4d05da67901d80c276f48bec4bea58ff84da91a5a8f0eddc1f05978b417c062cecb891706250eec8142714c39e34c2df2d6858228ed251b6c609bc43184debbd8c0eaa47f147503a785ee10f755c6fb207190113b12079ff985e90965e4e20db73499f1fe5eba94097ba21d1682d4", 0xc8, 0x2) write(r1, &(0x7f0000000440)="15c6426765c48359388c381efee67b4d1ee38345b6a6d3136143da1224b61a7f3179fa35551d44836b7df9406cdfd66b3c", 0x31) clock_gettime(0x0, &(0x7f0000005300)={0x0, 0x0}) recvmmsg$unix(r0, &(0x7f0000005140)=[{{&(0x7f0000000540), 0x6e, &(0x7f0000000a00)=[{&(0x7f00000005c0)=""/6, 0x6}, {&(0x7f0000000600)=""/189, 0xbd}, {&(0x7f00000006c0)=""/6, 0x6}, {&(0x7f0000000700)=""/158, 0x9e}, {&(0x7f00000007c0)=""/55, 0x37}, {&(0x7f0000000800)=""/253, 0xfd}, {&(0x7f0000000900)=""/158, 0x9e}, {&(0x7f00000009c0)}], 0x8, &(0x7f0000000a80)=[@cred={{0x1c}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0x0}}}, @cred={{0x1c}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @cred={{0x1c}}], 0xc0}}, {{&(0x7f0000000b40)=@abs, 0x6e, &(0x7f0000000d00)=[{&(0x7f0000000bc0)=""/11, 0xb}, {&(0x7f0000000c00)=""/115, 0x73}, {&(0x7f0000000c80)=""/97, 0x61}], 0x3}}, {{&(0x7f0000000d40)=@abs, 0x6e, &(0x7f0000002380)=[{&(0x7f0000000dc0)=""/229, 0xe5}, {&(0x7f0000000ec0)=""/215, 0xd7}, {&(0x7f0000000fc0)=""/142, 0x8e}, {&(0x7f0000001080)=""/195, 0xc3}, {&(0x7f0000001180)=""/215, 0xd7}, {&(0x7f0000001280)=""/84, 0x54}, {&(0x7f0000001300)=""/4096, 0x1000}, {&(0x7f0000002300)=""/5, 0x5}, {&(0x7f0000002340)=""/64, 0x40}], 0x9, &(0x7f0000002440)=[@rights={{0x2c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x34, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0x88}}, {{&(0x7f0000002500)=@abs, 0x6e, &(0x7f00000025c0)=[{&(0x7f0000002580)=""/60, 0x3c}], 0x1, &(0x7f0000002600)=[@rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0xb0}}, {{&(0x7f00000026c0), 0x6e, &(0x7f0000002c40)=[{&(0x7f0000002740)=""/108, 0x6c}, {&(0x7f00000027c0)=""/182, 0xb6}, {&(0x7f0000002880)=""/17, 0x11}, {&(0x7f00000028c0)}, {&(0x7f0000002900)=""/217, 0xd9}, {&(0x7f0000002a00)=""/103, 0x67}, {&(0x7f0000002a80)=""/138, 0x8a}, {&(0x7f0000002b40)=""/143, 0x8f}, {&(0x7f0000002c00)=""/54, 0x36}], 0x9, &(0x7f0000002d00)=[@rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0xd8}}, {{&(0x7f0000002e00)=@abs, 0x6e, &(0x7f0000003f00)=[{&(0x7f0000002e80)=""/4096, 0x1000}, {&(0x7f0000003e80)=""/67, 0x43}], 0x2, &(0x7f0000003f40)=[@cred={{0x1c}}, @cred={{0x1c}}], 0x40}}, {{&(0x7f0000003f80), 0x6e, &(0x7f0000005000)=[{&(0x7f0000004000)=""/4096, 0x1000}], 0x1, &(0x7f0000005040)=[@cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}], 0xe0}}], 0x7, 0x40010301, &(0x7f0000005340)={r4, r5+10000000}) mount$9p_virtio(&(0x7f0000000480), &(0x7f00000004c0)='./file1\x00', &(0x7f0000000500), 0x400, &(0x7f0000005380)={'trans=virtio,', {[{@afid={'afid', 0x3d, 0x2ecc}}, {@cache_none}, {@cachetag={'cachetag', 0x3d, '-1]{{-#(-'}}], [{@smackfstransmute={'smackfstransmute', 0x3d, 'security.ima\x00'}}, {@mask={'mask', 0x3d, '^MAY_APPEND'}}, {@measure}, {@uid_lt={'uid<', r6}}, {@seclabel}]}}) ioctl$AUTOFS_IOC_SETTIMEOUT(r8, 0x80049367, &(0x7f0000005440)=0x5) r10 = syz_open_dev$vcsu(&(0x7f0000005480), 0x7ff, 0x1018c0) ioctl$CDROM_NEXT_WRITABLE(r10, 0x5394, &(0x7f00000054c0)) epoll_ctl$EPOLL_CTL_ADD(r9, 0x1, 0xffffffffffffffff, &(0x7f0000005500)={0x80000002}) ioctl$sock_SIOCGSKNS(r7, 0x894c, &(0x7f0000005540)) [ 89.315034] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 89.316746] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 89.319428] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 89.324495] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 89.327279] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 89.328350] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 89.576440] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 89.583176] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 89.585578] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 89.588101] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 89.588946] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 89.590669] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 89.593052] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 89.598069] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 89.598618] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 89.599662] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 89.604332] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 89.610621] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 89.640957] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 89.649412] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 89.653591] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 89.675916] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 89.676505] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 89.679914] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 89.680960] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 89.691037] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 89.694072] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 89.695532] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 89.699316] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 89.703934] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 89.712859] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 89.725965] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 89.727514] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 89.734301] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 89.736349] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 89.740216] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 89.750183] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 89.751975] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 89.753217] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 89.757118] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 89.765305] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 89.768898] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 89.772196] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 89.774250] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 89.775495] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 89.790579] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 89.793357] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 89.818979] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 91.402524] Bluetooth: hci0: command tx timeout [ 91.659719] Bluetooth: hci2: command tx timeout [ 91.659781] Bluetooth: hci1: command tx timeout [ 91.784946] Bluetooth: hci3: command tx timeout [ 91.849972] Bluetooth: hci5: command tx timeout [ 91.850050] Bluetooth: hci6: command tx timeout [ 91.850732] Bluetooth: hci4: command tx timeout [ 91.913965] Bluetooth: hci7: command tx timeout [ 93.449862] Bluetooth: hci0: command tx timeout [ 93.704947] Bluetooth: hci1: command tx timeout [ 93.706820] Bluetooth: hci2: command tx timeout [ 93.834244] Bluetooth: hci3: command tx timeout [ 93.896970] Bluetooth: hci6: command tx timeout [ 93.899985] Bluetooth: hci5: command tx timeout [ 93.900097] Bluetooth: hci4: command tx timeout [ 93.961816] Bluetooth: hci7: command tx timeout [ 95.497825] Bluetooth: hci0: command tx timeout [ 95.753792] Bluetooth: hci2: command tx timeout [ 95.753891] Bluetooth: hci1: command tx timeout [ 95.881830] Bluetooth: hci3: command tx timeout [ 95.945067] Bluetooth: hci4: command tx timeout [ 95.945163] Bluetooth: hci5: command tx timeout [ 95.945249] Bluetooth: hci6: command tx timeout [ 96.010785] Bluetooth: hci7: command tx timeout [ 97.544888] Bluetooth: hci0: command tx timeout [ 97.802047] Bluetooth: hci1: command tx timeout [ 97.802943] Bluetooth: hci2: command tx timeout [ 97.930869] Bluetooth: hci3: command tx timeout [ 97.992916] Bluetooth: hci6: command tx timeout [ 97.993056] Bluetooth: hci5: command tx timeout [ 97.993107] Bluetooth: hci4: command tx timeout [ 98.057907] Bluetooth: hci7: command tx timeout [ 149.170694] syz-executor.2 (280) used greatest stack depth: 24080 bytes left [ 152.145216] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 152.147562] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 152.149399] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 152.153567] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 152.155780] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 152.158128] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 152.291195] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 152.294112] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 152.298878] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 152.307837] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 152.312913] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 152.317096] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 152.354271] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 152.357115] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 152.359986] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 152.365352] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 152.370244] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 152.374648] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 152.433166] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 152.442194] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 152.448366] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 152.458280] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 152.470613] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 152.472974] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 152.539376] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 152.556913] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 152.580564] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 152.607115] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 152.614175] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 152.617027] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 152.676329] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 152.702191] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 152.718878] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 152.719209] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 152.727922] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 152.728044] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 152.732967] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 152.739986] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 152.744034] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 152.745108] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 152.748304] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 152.753420] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 152.756397] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 152.758084] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 152.772099] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 152.773085] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 152.839123] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 152.844540] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 154.184884] Bluetooth: hci0: command tx timeout [ 154.376888] Bluetooth: hci1: command tx timeout [ 154.440835] Bluetooth: hci2: command tx timeout [ 154.505053] Bluetooth: hci3: command tx timeout [ 154.762991] Bluetooth: hci4: command tx timeout [ 154.825837] Bluetooth: hci5: command tx timeout [ 154.888930] Bluetooth: hci7: command tx timeout [ 154.889294] Bluetooth: hci6: command tx timeout [ 156.233891] Bluetooth: hci0: command tx timeout [ 156.424883] Bluetooth: hci1: command tx timeout [ 156.489032] Bluetooth: hci2: command tx timeout [ 156.553055] Bluetooth: hci3: command tx timeout [ 156.809560] Bluetooth: hci4: command tx timeout [ 156.872864] Bluetooth: hci5: command tx timeout [ 156.937161] Bluetooth: hci6: command tx timeout [ 156.937335] Bluetooth: hci7: command tx timeout [ 158.280901] Bluetooth: hci0: command tx timeout [ 158.473285] Bluetooth: hci1: command tx timeout [ 158.536898] Bluetooth: hci2: command tx timeout [ 158.601107] Bluetooth: hci3: command tx timeout [ 158.857968] Bluetooth: hci4: command tx timeout [ 158.920967] Bluetooth: hci5: command tx timeout [ 158.985024] Bluetooth: hci6: command tx timeout [ 158.985236] Bluetooth: hci7: command tx timeout [ 160.329811] Bluetooth: hci0: command tx timeout [ 160.520827] Bluetooth: hci1: command tx timeout [ 160.585025] Bluetooth: hci2: command tx timeout [ 160.649024] Bluetooth: hci3: command tx timeout [ 160.905337] Bluetooth: hci4: command tx timeout [ 160.969805] Bluetooth: hci5: command tx timeout [ 161.032883] Bluetooth: hci6: command tx timeout [ 161.032964] Bluetooth: hci7: command tx timeout [ 213.978236] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 213.982500] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 213.984306] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 213.990478] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 213.993119] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 213.996236] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 214.172545] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 214.174326] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 214.174807] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 214.178235] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 214.180154] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 214.180568] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 214.307259] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 214.309369] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 214.313076] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 214.329090] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 214.332863] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 214.337027] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 214.427055] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 214.438903] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 214.440793] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 214.450171] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 214.452556] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 214.455849] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 214.458994] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 214.461083] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 214.461481] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 214.481470] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 214.483292] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 214.483695] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 214.675952] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 214.686873] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 214.698845] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 214.731224] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 214.750252] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 214.751313] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 214.752847] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 214.759946] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 214.772027] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 214.772273] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 214.774951] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 214.782052] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 214.783690] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 214.789160] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 214.790240] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 214.791339] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 214.800486] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 214.801945] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 216.073877] Bluetooth: hci0: command tx timeout [ 216.201987] Bluetooth: hci1: command tx timeout [ 216.393889] Bluetooth: hci2: command tx timeout [ 216.520906] Bluetooth: hci4: command tx timeout [ 216.584866] Bluetooth: hci3: command tx timeout [ 216.841044] Bluetooth: hci7: command tx timeout [ 216.841403] Bluetooth: hci5: command tx timeout [ 216.904906] Bluetooth: hci6: command tx timeout [ 218.121863] Bluetooth: hci0: command tx timeout [ 218.248840] Bluetooth: hci1: command tx timeout [ 218.442583] Bluetooth: hci2: command tx timeout [ 218.568829] Bluetooth: hci4: command tx timeout [ 218.634009] Bluetooth: hci3: command tx timeout [ 218.889782] Bluetooth: hci5: command tx timeout [ 218.889889] Bluetooth: hci7: command tx timeout [ 218.952788] Bluetooth: hci6: command tx timeout [ 220.169786] Bluetooth: hci0: command tx timeout [ 220.297822] Bluetooth: hci1: command tx timeout [ 220.488835] Bluetooth: hci2: command tx timeout [ 220.616813] Bluetooth: hci4: command tx timeout [ 220.682263] Bluetooth: hci3: command tx timeout [ 220.936943] Bluetooth: hci7: command tx timeout [ 220.937156] Bluetooth: hci5: command tx timeout [ 221.000883] Bluetooth: hci6: command tx timeout [ 222.216790] Bluetooth: hci0: command tx timeout [ 222.345825] Bluetooth: hci1: command tx timeout [ 222.536781] Bluetooth: hci2: command tx timeout [ 222.664788] Bluetooth: hci4: command tx timeout [ 222.730034] Bluetooth: hci3: command tx timeout [ 222.984968] Bluetooth: hci7: command tx timeout [ 222.985141] Bluetooth: hci5: command tx timeout [ 223.048821] Bluetooth: hci6: command tx timeout [ 276.440688] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 276.447180] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 276.450533] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 276.457519] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 276.462788] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 276.465301] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 276.690964] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 276.697026] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 276.699629] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 276.704196] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 276.706664] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 276.710090] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 276.718789] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 276.728013] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 276.732140] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 276.740155] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 276.751481] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 276.775172] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 276.783132] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 276.786097] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 276.787925] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 276.796985] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 276.797955] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 276.801476] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 276.803206] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 276.808181] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 276.810695] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 276.812522] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 276.822202] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 276.825030] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 276.827077] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 276.827958] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 276.847183] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 276.874574] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 276.880105] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 276.884179] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 276.889347] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 276.904096] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 276.921149] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 276.925148] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 276.932035] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 276.933049] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 276.936542] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 276.938249] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 276.939369] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 276.944187] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 276.953923] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 276.962249] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 278.536876] Bluetooth: hci0: command tx timeout [ 278.729867] Bluetooth: hci1: command tx timeout [ 278.856810] Bluetooth: hci3: command tx timeout [ 278.920913] Bluetooth: hci6: command tx timeout [ 278.921530] Bluetooth: hci2: command tx timeout [ 279.048808] Bluetooth: hci4: command tx timeout [ 279.048895] Bluetooth: hci7: command tx timeout [ 279.049489] Bluetooth: hci5: command tx timeout [ 280.586756] Bluetooth: hci0: command tx timeout [ 280.778940] Bluetooth: hci1: command tx timeout [ 280.904784] Bluetooth: hci3: command tx timeout [ 280.969052] Bluetooth: hci6: command tx timeout [ 280.971838] Bluetooth: hci2: command tx timeout [ 281.096970] Bluetooth: hci7: command tx timeout [ 281.097341] Bluetooth: hci4: command tx timeout [ 281.098206] Bluetooth: hci5: command tx timeout [ 282.633940] Bluetooth: hci0: command tx timeout [ 282.824895] Bluetooth: hci1: command tx timeout [ 282.954536] Bluetooth: hci3: command tx timeout [ 283.017768] Bluetooth: hci2: command tx timeout [ 283.017868] Bluetooth: hci6: command tx timeout [ 283.144910] Bluetooth: hci7: command tx timeout [ 283.145107] Bluetooth: hci5: command tx timeout [ 283.145156] Bluetooth: hci4: command tx timeout [ 284.680978] Bluetooth: hci0: command tx timeout [ 284.873756] Bluetooth: hci1: command tx timeout [ 285.000797] Bluetooth: hci3: command tx timeout [ 285.066797] Bluetooth: hci6: command tx timeout [ 285.066912] Bluetooth: hci2: command tx timeout [ 285.192895] Bluetooth: hci4: command tx timeout [ 285.192985] Bluetooth: hci5: command tx timeout [ 285.193034] Bluetooth: hci7: command tx timeout [ 334.769148] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 334.769273] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 334.927214] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 334.927300] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 335.296382] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 335.296469] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 336.423674] [ 336.424180] ====================================================== [ 336.425440] WARNING: possible circular locking dependency detected [ 336.426739] 6.13.0-rc7-next-20250117 #1 Not tainted [ 336.428430] ------------------------------------------------------ [ 336.431500] kworker/u8:0/11 is trying to acquire lock: [ 336.435280] ffffffff8621b968 (rtnl_mutex){+.+.}-{4:4}, at: unregister_netdevice_many_notify+0x1612/0x1c80 [ 336.437700] [ 336.437700] but task is already holding lock: [ 336.439144] ffff88802bda0768 (&rdev->wiphy.mtx){+.+.}-{4:4}, at: ieee80211_remove_interfaces+0xf2/0x6b0 [ 336.441623] [ 336.441623] which lock already depends on the new lock. [ 336.441623] [ 336.443311] [ 336.443311] the existing dependency chain (in reverse order) is: [ 336.444857] [ 336.444857] -> #1 (&rdev->wiphy.mtx){+.+.}-{4:4}: [ 336.446301] __mutex_lock+0x13d/0xb50 [ 336.447311] wiphy_register+0x1b2e/0x25d0 [ 336.448427] ieee80211_register_hw+0x23a4/0x3d60 [ 336.449673] mac80211_hwsim_new_radio+0x2759/0x4d50 [ 336.450982] init_mac80211_hwsim+0x389/0x870 [ 336.452197] do_one_initcall+0xf9/0x640 [ 336.453273] kernel_init_freeable+0x53d/0x7a0 [ 336.454422] kernel_init+0x1e/0x2d0 [ 336.455357] ret_from_fork+0x48/0x80 [ 336.456310] ret_from_fork_asm+0x1a/0x30 [ 336.457182] [ 336.457182] -> #0 (rtnl_mutex){+.+.}-{4:4}: [ 336.458280] __lock_acquire+0x29fd/0x4580 [ 336.459142] lock_acquire+0x19b/0x520 [ 336.459977] __mutex_lock+0x13d/0xb50 [ 336.460787] unregister_netdevice_many_notify+0x1612/0x1c80 [ 336.462059] unregister_netdevice_queue+0x224/0x2e0 [ 336.463267] _cfg80211_unregister_wdev+0x57b/0x700 [ 336.464495] ieee80211_remove_interfaces+0x2f2/0x6b0 [ 336.465690] ieee80211_unregister_hw+0x55/0x3a0 [ 336.466814] hwsim_exit_net+0x3a0/0x730 [ 336.467842] ops_exit_list+0xb3/0x180 [ 336.468813] cleanup_net+0x546/0xad0 [ 336.469783] process_one_work+0x8ee/0x1a10 [ 336.470864] worker_thread+0x674/0xe70 [ 336.471885] kthread+0x3ab/0x720 [ 336.472798] ret_from_fork+0x48/0x80 [ 336.473720] ret_from_fork_asm+0x1a/0x30 [ 336.474767] [ 336.474767] other info that might help us debug this: [ 336.474767] [ 336.476422] Possible unsafe locking scenario: [ 336.476422] [ 336.477652] CPU0 CPU1 [ 336.478655] ---- ---- [ 336.479622] lock(&rdev->wiphy.mtx); [ 336.480503] lock(rtnl_mutex); [ 336.481735] lock(&rdev->wiphy.mtx); [ 336.483065] lock(rtnl_mutex); [ 336.483873] [ 336.483873] *** DEADLOCK *** [ 336.483873] [ 336.485114] 4 locks held by kworker/u8:0/11: [ 336.486055] #0: ffff888008fdb948 ((wq_completion)netns){+.+.}-{0:0}, at: process_one_work+0x12b6/0x1a10 [ 336.488249] #1: ffff8880095dfd30 (net_cleanup_work){+.+.}-{0:0}, at: process_one_work+0x861/0x1a10 [ 336.490352] #2: ffffffff8620f810 (pernet_ops_rwsem){++++}-{4:4}, at: cleanup_net+0xca/0xad0 [ 336.492343] #3: ffff88802bda0768 (&rdev->wiphy.mtx){+.+.}-{4:4}, at: ieee80211_remove_interfaces+0xf2/0x6b0 [ 336.494606] [ 336.494606] stack backtrace: [ 336.495556] CPU: 0 UID: 0 PID: 11 Comm: kworker/u8:0 Not tainted 6.13.0-rc7-next-20250117 #1 [ 336.497350] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 336.499020] Workqueue: netns cleanup_net [ 336.499957] Call Trace: [ 336.500512] [ 336.500998] dump_stack_lvl+0xca/0x120 [ 336.501891] print_circular_bug+0x47b/0x750 [ 336.502840] check_noncircular+0x2e9/0x3c0 [ 336.503767] ? lock_repin_lock+0x207/0x320 [ 336.504733] ? __pfx_check_noncircular+0x10/0x10 [ 336.505794] ? hlock_class+0x4e/0x130 [ 336.506649] ? mark_lock+0xac/0xed0 [ 336.507481] ? __pfx_lock_repin_lock+0x10/0x10 [ 336.508425] ? lockdep_lock+0xba/0x1b0 [ 336.509188] ? __pfx_lockdep_lock+0x10/0x10 [ 336.509995] __lock_acquire+0x29fd/0x4580 [ 336.510765] ? __pfx___lock_acquire+0x10/0x10 [ 336.511560] ? lock_release+0x20f/0x6f0 [ 336.512291] ? __pfx_lock_release+0x10/0x10 [ 336.513061] lock_acquire+0x19b/0x520 [ 336.513749] ? unregister_netdevice_many_notify+0x1612/0x1c80 [ 336.514763] ? __pfx_lock_acquire+0x10/0x10 [ 336.515528] ? srso_return_thunk+0x5/0x5f [ 336.516300] ? lock_release+0x20f/0x6f0 [ 336.517041] ? srso_return_thunk+0x5/0x5f [ 336.517835] ? lock_is_held_type+0x9e/0x120 [ 336.518655] ? srso_return_thunk+0x5/0x5f [ 336.519424] __mutex_lock+0x13d/0xb50 [ 336.520177] ? unregister_netdevice_many_notify+0x1612/0x1c80 [ 336.521242] ? unregister_netdevice_many_notify+0x1612/0x1c80 [ 336.522267] ? srso_return_thunk+0x5/0x5f [ 336.523064] ? synchronize_rcu_expedited+0x38a/0x420 [ 336.523987] ? __pfx___mutex_lock+0x10/0x10 [ 336.524802] ? __pfx_autoremove_wake_function+0x10/0x10 [ 336.525756] ? srso_return_thunk+0x5/0x5f [ 336.526515] ? kasan_quarantine_put+0x84/0x1e0 [ 336.527365] ? __pfx_wait_rcu_exp_gp+0x10/0x10 [ 336.528172] ? srso_return_thunk+0x5/0x5f [ 336.528943] unregister_netdevice_many_notify+0x1612/0x1c80 [ 336.529932] ? __virt_addr_valid+0x2e8/0x5d0 [ 336.530735] ? __pfx_lock_release+0x10/0x10 [ 336.531503] ? __pfx_unregister_netdevice_many_notify+0x10/0x10 [ 336.532564] ? find_held_lock+0x2c/0x110 [ 336.533317] ? srso_return_thunk+0x5/0x5f [ 336.534093] ? kernfs_remove_by_name_ns+0xc7/0x130 [ 336.534982] ? srso_return_thunk+0x5/0x5f [ 336.535749] ? lock_release+0x20f/0x6f0 [ 336.536469] ? __pfx_lock_release+0x10/0x10 [ 336.537241] ? srso_return_thunk+0x5/0x5f [ 336.538005] ? lockdep_hardirqs_on_prepare+0x262/0x3f0 [ 336.538918] ? srso_return_thunk+0x5/0x5f [ 336.539719] unregister_netdevice_queue+0x224/0x2e0 [ 336.540638] ? __pfx_unregister_netdevice_queue+0x10/0x10 [ 336.541620] ? up_write+0x195/0x520 [ 336.542322] _cfg80211_unregister_wdev+0x57b/0x700 [ 336.543206] ? srso_return_thunk+0x5/0x5f [ 336.544001] ieee80211_remove_interfaces+0x2f2/0x6b0 [ 336.544916] ? __pfx_ieee80211_remove_interfaces+0x10/0x10 [ 336.545909] ? srso_return_thunk+0x5/0x5f [ 336.546684] ? srso_return_thunk+0x5/0x5f [ 336.547462] ? synchronize_rcu+0x1ff/0x260 [ 336.548247] ieee80211_unregister_hw+0x55/0x3a0 [ 336.549092] hwsim_exit_net+0x3a0/0x730 [ 336.549807] ? __pfx_hwsim_exit_net+0x10/0x10 [ 336.550603] ? srso_return_thunk+0x5/0x5f [ 336.551414] ? netdev_run_todo+0x788/0x1040 [ 336.552264] ? __pfx_hwsim_exit_net+0x10/0x10 [ 336.553110] ops_exit_list+0xb3/0x180 [ 336.553828] cleanup_net+0x546/0xad0 [ 336.554548] ? __pfx_cleanup_net+0x10/0x10 [ 336.555341] process_one_work+0x8ee/0x1a10 [ 336.556205] ? __pfx_lock_acquire+0x10/0x10 [ 336.557030] ? __pfx_process_one_work+0x10/0x10 [ 336.557914] ? srso_return_thunk+0x5/0x5f [ 336.558740] ? move_linked_works+0x172/0x270 [ 336.559564] ? srso_return_thunk+0x5/0x5f [ 336.560398] ? assign_work+0x196/0x240 [ 336.561186] worker_thread+0x674/0xe70 [ 336.561951] ? lockdep_hardirqs_on_prepare+0x262/0x3f0 [ 336.562931] ? __pfx_worker_thread+0x10/0x10 [ 336.563804] kthread+0x3ab/0x720 [ 336.564509] ? __pfx_kthread+0x10/0x10 [ 336.565255] ? srso_return_thunk+0x5/0x5f [ 336.566053] ? finish_task_switch.isra.0+0x206/0x840 [ 336.566983] ? __pfx_kthread+0x10/0x10 [ 336.567754] ret_from_fork+0x48/0x80 [ 336.568462] ? __pfx_kthread+0x10/0x10 [ 336.569206] ret_from_fork_asm+0x1a/0x30 [ 336.569987] [ 338.130230] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 338.133281] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 338.134576] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 338.143243] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 338.146819] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 338.149162] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 338.388305] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 338.392144] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 338.394434] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 338.399440] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 338.402186] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 338.405070] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 338.514961] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 338.521970] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 338.526169] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 338.526568] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 338.529167] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 338.529971] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 338.535616] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 338.535974] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 338.540560] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 338.543908] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 338.545901] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 338.551652] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 338.553563] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 338.555108] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 338.558926] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 338.560453] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 338.562373] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 338.563940] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 338.567017] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 338.567305] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 338.567579] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 338.577211] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 338.578091] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 338.581151] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 338.588353] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 338.590355] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 338.593661] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 338.600831] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 338.606060] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 338.608406] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 338.609217] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 338.619973] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 338.626646] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 338.628587] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 338.630224] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 338.631636] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 340.168765] Bluetooth: hci0: command tx timeout [ 340.425862] Bluetooth: hci1: command tx timeout [ 340.616874] Bluetooth: hci2: command tx timeout [ 340.681208] Bluetooth: hci6: command tx timeout [ 340.681246] Bluetooth: hci3: command tx timeout [ 340.681335] Bluetooth: hci4: command tx timeout [ 340.681332] Bluetooth: hci5: command tx timeout [ 340.683876] Bluetooth: hci7: command tx timeout [ 342.216790] Bluetooth: hci0: command tx timeout [ 342.472769] Bluetooth: hci1: command tx timeout [ 342.665738] Bluetooth: hci2: command tx timeout [ 342.728875] Bluetooth: hci7: command tx timeout [ 342.729036] Bluetooth: hci3: command tx timeout [ 342.729092] Bluetooth: hci5: command tx timeout [ 342.729132] Bluetooth: hci4: command tx timeout [ 342.729170] Bluetooth: hci6: command tx timeout [ 344.265741] Bluetooth: hci0: command tx timeout [ 344.521786] Bluetooth: hci1: command tx timeout [ 344.714716] Bluetooth: hci2: command tx timeout [ 344.776790] Bluetooth: hci6: command tx timeout [ 344.776814] Bluetooth: hci4: command tx timeout [ 344.776870] Bluetooth: hci7: command tx timeout [ 344.776914] Bluetooth: hci5: command tx timeout [ 344.776951] Bluetooth: hci3: command tx timeout [ 346.312767] Bluetooth: hci0: command tx timeout VM DIAGNOSIS: 16:03:59 Registers: info registers vcpu 0 RAX=dffffc0000000060 RBX=00000000000003fd RCX=0000000000000000 RDX=00000000000003fd RSI=ffffffff8283cd30 RDI=ffffffff886930a0 RBP=ffffffff88693060 RSP=ffff8880095deb60 R8 =0000000000000000 R9 =fffffbfff0be1544 R10=00000000000fe503 R11=2f72656b726f776b R12=0000000000000823 R13=0000000000000020 R14=fffffbfff10d2666 R15=dffffc0000000000 RIP=ffffffff8283cd85 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 0000000000000000 00000000 00000000 GS =0000 ffff88806ce00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007f3612517418 CR3=000000001306c000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001fa0 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=00000000000000000000000000000000 XMM01=000000c0002b48a0000000c0002b4720 XMM02=000000c000056190000000c0002b4960 XMM03=000000c0002b4e70000000c0000563c0 XMM04=000000c0000f1ec0000000c0000f1e90 XMM05=000000c0000f1f20000000c0000f1ef0 XMM06=000000c00005b4a0000000c0000f1f50 XMM07=000000c000084b00000000c0000f1f80 XMM08=000000c0000a6060000000c0000a6030 XMM09=000000c0000a60c0000000c0000a6090 XMM10=000000c0000a6120000000c0000a60f0 XMM11=000000c0000a6180000000c0000a6150 XMM12=000000c0000a8b00000000c00005a4e0 XMM13=000000c00001c850000000c00001c910 XMM14=000000c00001c8f0000000c00001c860 XMM15=000000c00001c830000000c00001c8a0 info registers vcpu 1 RAX=ffff88806cf00000 RBX=0000000000000001 RCX=ffffffff84a8bb27 RDX=ffffed100d9e6c4b RSI=0000000000000004 RDI=ffffffff814b1b6a RBP=dffffc0000000000 RSP=ffff8880096a7e68 R8 =0000000000000000 R9 =ffffed100d9e6c4a R10=ffff88806cf36253 R11=ffff88800bec2d40 R12=ffffffff864021d0 R13=1ffff110012d4fd2 R14=0000000000000000 R15=0000000000000000 RIP=ffffffff84a8cace RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 0000000000000000 00000000 00000000 GS =0000 ffff88806cf00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=0000560053640460 CR3=000000000bc80000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=00000000000000000000000000000000 XMM01=de829cc3ef43c395fc42c35a4e1b85e5 XMM02=68a8aee3740b9fad00000000000fd7d8 XMM03=711fbe8126c5d34400000000001385c8 XMM04=c9473c60b0accb5c00000000000ae988 XMM05=ebfae20747c011c50000000000155b80 XMM06=9f165a4fe6c971ad00000000001386d0 XMM07=711fbe8126c5d34400000000001385c8 XMM08=68a8aee3740b9fad00000000000fd7d8 XMM09=00000000000000000000000000000000 XMM10=00000000000000000000200000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000