Warning: Permanently added '[localhost]:47836' (ECDSA) to the list of known hosts. 2024/10/17 21:48:48 fuzzer started 2024/10/17 21:48:48 dialing manager at localhost:45639 syzkaller login: [ 62.156574] cgroup: Unknown subsys name 'net' [ 62.248878] cgroup: Unknown subsys name 'cpuset' [ 62.282715] cgroup: Unknown subsys name 'rlimit' 2024/10/17 21:49:06 syscalls: 2217 2024/10/17 21:49:06 code coverage: enabled 2024/10/17 21:49:06 comparison tracing: enabled 2024/10/17 21:49:06 extra coverage: enabled 2024/10/17 21:49:06 setuid sandbox: enabled 2024/10/17 21:49:06 namespace sandbox: enabled 2024/10/17 21:49:06 Android sandbox: enabled 2024/10/17 21:49:06 fault injection: enabled 2024/10/17 21:49:06 leak checking: enabled 2024/10/17 21:49:06 net packet injection: enabled 2024/10/17 21:49:06 net device setup: enabled 2024/10/17 21:49:06 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2024/10/17 21:49:06 devlink PCI setup: PCI device 0000:00:10.0 is not available 2024/10/17 21:49:06 USB emulation: enabled 2024/10/17 21:49:06 hci packet injection: enabled 2024/10/17 21:49:06 wifi device emulation: enabled 2024/10/17 21:49:06 802.15.4 emulation: enabled 2024/10/17 21:49:06 fetching corpus: 0, signal 0/2000 (executing program) 2024/10/17 21:49:06 fetching corpus: 50, signal 25772/28818 (executing program) 2024/10/17 21:49:06 fetching corpus: 100, signal 39785/43529 (executing program) 2024/10/17 21:49:07 fetching corpus: 150, signal 45370/49912 (executing program) 2024/10/17 21:49:07 fetching corpus: 200, signal 51463/56558 (executing program) 2024/10/17 21:49:07 fetching corpus: 250, signal 54761/60505 (executing program) 2024/10/17 21:49:07 fetching corpus: 300, signal 57359/63667 (executing program) 2024/10/17 21:49:07 fetching corpus: 350, signal 63233/69488 (executing program) 2024/10/17 21:49:07 fetching corpus: 400, signal 66971/73330 (executing program) 2024/10/17 21:49:07 fetching corpus: 450, signal 70083/76573 (executing program) 2024/10/17 21:49:08 fetching corpus: 500, signal 73722/80080 (executing program) 2024/10/17 21:49:08 fetching corpus: 550, signal 75766/82162 (executing program) 2024/10/17 21:49:08 fetching corpus: 600, signal 79788/85793 (executing program) 2024/10/17 21:49:08 fetching corpus: 650, signal 82654/88384 (executing program) 2024/10/17 21:49:08 fetching corpus: 700, signal 84997/90501 (executing program) 2024/10/17 21:49:08 fetching corpus: 750, signal 88156/93189 (executing program) 2024/10/17 21:49:08 fetching corpus: 800, signal 91160/95587 (executing program) 2024/10/17 21:49:09 fetching corpus: 850, signal 93734/97498 (executing program) 2024/10/17 21:49:09 fetching corpus: 900, signal 95074/98550 (executing program) 2024/10/17 21:49:09 fetching corpus: 950, signal 97025/99962 (executing program) 2024/10/17 21:49:09 fetching corpus: 1000, signal 98826/101165 (executing program) 2024/10/17 21:49:09 fetching corpus: 1050, signal 100850/102452 (executing program) 2024/10/17 21:49:09 fetching corpus: 1100, signal 101952/103144 (executing program) 2024/10/17 21:49:09 fetching corpus: 1145, signal 103977/104303 (executing program) 2024/10/17 21:49:09 fetching corpus: 1145, signal 103977/104329 (executing program) 2024/10/17 21:49:10 fetching corpus: 1145, signal 103977/104344 (executing program) 2024/10/17 21:49:10 fetching corpus: 1145, signal 103977/104359 (executing program) 2024/10/17 21:49:10 fetching corpus: 1145, signal 103977/104376 (executing program) 2024/10/17 21:49:10 fetching corpus: 1145, signal 103977/104393 (executing program) 2024/10/17 21:49:10 fetching corpus: 1145, signal 103977/104412 (executing program) 2024/10/17 21:49:10 fetching corpus: 1145, signal 103977/104426 (executing program) 2024/10/17 21:49:10 fetching corpus: 1145, signal 103977/104447 (executing program) 2024/10/17 21:49:10 fetching corpus: 1145, signal 103977/104463 (executing program) 2024/10/17 21:49:10 fetching corpus: 1145, signal 103977/104472 (executing program) 2024/10/17 21:49:10 fetching corpus: 1145, signal 103977/104487 (executing program) 2024/10/17 21:49:10 fetching corpus: 1145, signal 103977/104499 (executing program) 2024/10/17 21:49:10 fetching corpus: 1145, signal 103977/104511 (executing program) 2024/10/17 21:49:10 fetching corpus: 1145, signal 103977/104528 (executing program) 2024/10/17 21:49:10 fetching corpus: 1145, signal 103977/104543 (executing program) 2024/10/17 21:49:10 fetching corpus: 1145, signal 103977/104562 (executing program) 2024/10/17 21:49:10 fetching corpus: 1145, signal 103977/104577 (executing program) 2024/10/17 21:49:10 fetching corpus: 1145, signal 103977/104596 (executing program) 2024/10/17 21:49:10 fetching corpus: 1145, signal 103977/104608 (executing program) 2024/10/17 21:49:10 fetching corpus: 1145, signal 103977/104622 (executing program) 2024/10/17 21:49:10 fetching corpus: 1145, signal 103977/104634 (executing program) 2024/10/17 21:49:10 fetching corpus: 1145, signal 103977/104650 (executing program) 2024/10/17 21:49:10 fetching corpus: 1145, signal 103977/104663 (executing program) 2024/10/17 21:49:10 fetching corpus: 1145, signal 103977/104675 (executing program) 2024/10/17 21:49:10 fetching corpus: 1145, signal 103977/104691 (executing program) 2024/10/17 21:49:10 fetching corpus: 1145, signal 103977/104700 (executing program) 2024/10/17 21:49:10 fetching corpus: 1145, signal 103977/104715 (executing program) 2024/10/17 21:49:10 fetching corpus: 1145, signal 103977/104730 (executing program) 2024/10/17 21:49:10 fetching corpus: 1145, signal 103977/104734 (executing program) 2024/10/17 21:49:10 fetching corpus: 1145, signal 103977/104734 (executing program) 2024/10/17 21:49:12 starting 8 fuzzer processes 21:49:12 executing program 0: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) delete_module(0x0, 0x0) 21:49:13 executing program 1: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x7}, 0x400a}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = perf_event_open(&(0x7f0000000580)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000300)='net/ip_tables_matches\x00') pread64(r1, &(0x7f0000001400)=""/4110, 0xa3, 0x0) perf_event_open(0x0, 0xffffffffffffffff, 0x7, r1, 0x1) dup2(0xffffffffffffffff, 0xffffffffffffffff) write$vga_arbiter(0xffffffffffffffff, 0x0, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r2, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x0) r3 = syz_open_dev$tty20(0xc, 0x4, 0x1) ioctl$TIOCL_PASTESEL(r3, 0x541c, &(0x7f0000000000)=0x4) close_range(r3, r0, 0x0) setsockopt$SO_ATTACH_FILTER(r2, 0x1, 0x1a, 0x0, 0x0) 21:49:13 executing program 2: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000580)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = inotify_init() r1 = inotify_add_watch(r0, &(0x7f0000000300)='.\x00', 0x1630009ba) inotify_rm_watch(r0, r1) splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0) execve(&(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000000700)=[0x0, 0x0, 0x0, &(0x7f0000000600)=':\x00', 0x0, 0x0, &(0x7f00000006c0)='^:\x00']) 21:49:13 executing program 3: r0 = syz_open_dev$evdev(&(0x7f0000000040), 0x0, 0x0) r1 = dup(r0) ioctl$EVIOCGSND(r1, 0x40044581, 0x0) [ 85.647294] audit: type=1400 audit(1729201753.060:7): avc: denied { execmem } for pid=273 comm="syz-executor.1" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1 21:49:13 executing program 4: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(0x0, 0x0, 0x5, 0xffffffffffffffff, 0x8) perf_event_open(&(0x7f0000000580)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = perf_event_open(&(0x7f0000000280)={0x8, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xffffffff81000050}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) close(r0) write(0xffffffffffffffff, 0x0, 0x0) ptrace$setopts(0x4200, 0x0, 0x0, 0x0) r1 = openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioprio_get$pid(0x1, 0xffffffffffffffff) socket$inet6_udp(0xa, 0x2, 0x0) dup(0xffffffffffffffff) syz_init_net_socket$802154_raw(0x24, 0x3, 0x0) r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$SO_ATTACH_FILTER(r2, 0x1, 0x1a, &(0x7f0000000080)={0x0, 0x0}, 0x10) fcntl$F_SET_RW_HINT(r2, 0x40c, &(0x7f0000000180)=0x5) sendfile(0xffffffffffffffff, r1, 0x0, 0x10000027f) perf_event_open(0x0, 0x0, 0x6, r1, 0x0) 21:49:13 executing program 5: r0 = socket$inet6(0xa, 0x1, 0x0) setsockopt$inet6_int(r0, 0x29, 0x43, &(0x7f0000000000), 0x4) 21:49:13 executing program 6: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$BATADV_CMD_GET_ROUTING_ALGOS(r0, &(0x7f0000004280)={0x0, 0x0, &(0x7f0000004240)={&(0x7f0000004200)={0x14, 0x0, 0x0, 0x0, 0x25dfdbfe}, 0x14}}, 0x0) socketpair(0x1f, 0x0, 0x0, &(0x7f00000042c0)) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$ETHTOOL_MSG_EEE_GET(r1, &(0x7f0000004540)={&(0x7f0000004480), 0xc, &(0x7f0000004500)={&(0x7f00000044c0)={0x14}, 0x14}}, 0x4000040) mmap$IORING_OFF_CQ_RING(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x0, 0x810, 0xffffffffffffffff, 0x8000000) syz_io_uring_setup(0x48f7, &(0x7f0000004580), &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffc000/0x4000)=nil, 0x0, &(0x7f0000004640)) syz_io_uring_submit(0x0, 0x0, 0x0, 0x0) sendmsg$BATADV_CMD_GET_ROUTING_ALGOS(r1, &(0x7f00000047c0)={0x0, 0x0, &(0x7f0000004780)={&(0x7f0000004740)={0x14}, 0x14}}, 0x0) 21:49:13 executing program 7: mount_setattr(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x57) [ 87.068641] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 87.072728] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 87.075522] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 87.081711] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 87.085001] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 87.089610] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 87.137538] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 87.141758] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 87.143951] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 87.148475] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 87.151732] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 87.153817] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 87.170574] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 87.178411] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 87.186684] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 87.198434] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 87.212461] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 87.220673] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 87.222986] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 87.226808] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 87.229138] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 87.231799] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 87.235748] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 87.252669] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 87.262168] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 87.264937] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 87.266707] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 87.278170] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 87.285607] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 87.297735] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 87.305456] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 87.307894] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 87.311329] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 87.313288] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 87.315365] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 87.316885] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 87.319902] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 87.326567] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 87.328929] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 87.334410] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 87.337459] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 87.348654] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 87.354033] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 87.356943] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 87.365924] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 87.371606] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 87.403651] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 87.416480] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 89.154670] Bluetooth: hci0: command tx timeout [ 89.218350] Bluetooth: hci2: command tx timeout [ 89.345467] Bluetooth: hci1: command tx timeout [ 89.409364] Bluetooth: hci3: command tx timeout [ 89.474063] Bluetooth: hci7: command tx timeout [ 89.474105] Bluetooth: hci6: command tx timeout [ 89.474774] Bluetooth: hci4: command tx timeout [ 89.601319] Bluetooth: hci5: command tx timeout [ 91.201401] Bluetooth: hci0: command tx timeout [ 91.265311] Bluetooth: hci2: command tx timeout [ 91.393300] Bluetooth: hci1: command tx timeout [ 91.459259] Bluetooth: hci3: command tx timeout [ 91.521363] Bluetooth: hci6: command tx timeout [ 91.521799] Bluetooth: hci4: command tx timeout [ 91.522281] Bluetooth: hci7: command tx timeout [ 91.649341] Bluetooth: hci5: command tx timeout [ 93.249374] Bluetooth: hci0: command tx timeout [ 93.313352] Bluetooth: hci2: command tx timeout [ 93.441420] Bluetooth: hci1: command tx timeout [ 93.505349] Bluetooth: hci3: command tx timeout [ 93.569357] Bluetooth: hci7: command tx timeout [ 93.569904] Bluetooth: hci4: command tx timeout [ 93.570698] Bluetooth: hci6: command tx timeout [ 93.699349] Bluetooth: hci5: command tx timeout [ 95.347362] Bluetooth: hci0: command tx timeout [ 95.419867] Bluetooth: hci2: command tx timeout [ 95.515344] Bluetooth: hci1: command tx timeout [ 95.553539] Bluetooth: hci3: command tx timeout [ 95.617970] Bluetooth: hci6: command tx timeout [ 95.618867] Bluetooth: hci4: command tx timeout [ 95.619788] Bluetooth: hci7: command tx timeout [ 95.746467] Bluetooth: hci5: command tx timeout [ 150.554419] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 150.557879] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 150.561664] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 150.570863] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 150.573889] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 150.576625] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 150.615954] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 150.620748] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 150.626617] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 150.634109] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 150.637070] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 150.639436] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 150.748618] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 150.752419] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 150.757947] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 150.760445] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 150.761604] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 150.765107] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 150.771716] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 150.777550] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 150.782327] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 150.784075] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 150.785711] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 150.800557] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 150.804078] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 150.807910] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 150.808593] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 150.815531] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 150.818717] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 150.839751] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 150.853732] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 150.857045] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 150.860826] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 150.889774] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 150.897512] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 150.907984] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 150.915932] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 150.919315] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 150.921671] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 150.926140] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 150.940914] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 150.975182] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 150.984790] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 151.001716] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 151.003330] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 151.013775] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 151.055099] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 151.060486] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 152.641294] Bluetooth: hci0: command tx timeout [ 152.706308] Bluetooth: hci1: command tx timeout [ 152.834275] Bluetooth: hci4: command tx timeout [ 152.961506] Bluetooth: hci2: command tx timeout [ 152.961718] Bluetooth: hci5: command tx timeout [ 153.089306] Bluetooth: hci7: command tx timeout [ 153.153293] Bluetooth: hci3: command tx timeout [ 153.346463] Bluetooth: hci6: command tx timeout [ 154.689372] Bluetooth: hci0: command tx timeout [ 154.754252] Bluetooth: hci1: command tx timeout [ 154.882253] Bluetooth: hci4: command tx timeout [ 155.009310] Bluetooth: hci2: command tx timeout [ 155.009331] Bluetooth: hci5: command tx timeout [ 155.137368] Bluetooth: hci7: command tx timeout [ 155.201266] Bluetooth: hci3: command tx timeout [ 155.393298] Bluetooth: hci6: command tx timeout [ 156.737402] Bluetooth: hci0: command tx timeout [ 156.802281] Bluetooth: hci1: command tx timeout [ 156.930395] Bluetooth: hci4: command tx timeout [ 157.059276] Bluetooth: hci5: command tx timeout [ 157.059314] Bluetooth: hci2: command tx timeout [ 157.186839] Bluetooth: hci7: command tx timeout [ 157.249300] Bluetooth: hci3: command tx timeout [ 157.441359] Bluetooth: hci6: command tx timeout [ 158.785459] Bluetooth: hci0: command tx timeout [ 158.849763] Bluetooth: hci1: command tx timeout [ 158.977474] Bluetooth: hci4: command tx timeout [ 159.105371] Bluetooth: hci5: command tx timeout [ 159.108591] Bluetooth: hci2: command tx timeout [ 159.234281] Bluetooth: hci7: command tx timeout [ 159.298259] Bluetooth: hci3: command tx timeout [ 159.491223] Bluetooth: hci6: command tx timeout [ 208.594478] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 208.595225] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 208.838235] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 208.838920] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 212.054894] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 212.059900] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 212.064891] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 212.075622] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 212.082046] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 212.085498] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 212.143045] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 212.147905] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 212.152038] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 212.156427] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 212.159843] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 212.163918] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 212.166001] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 212.168671] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 212.171599] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 212.173782] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 212.175682] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 212.175968] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 212.188461] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 212.190810] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 212.194006] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 212.204705] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 212.209743] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 212.212023] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 212.241986] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 212.248683] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 212.252090] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 212.257150] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 212.261562] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 212.263750] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 212.331974] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 212.337999] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 212.340158] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 212.345352] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 212.348567] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 212.350504] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 212.448082] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 212.474843] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 212.492837] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 212.557457] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 212.570673] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 212.581882] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 212.583613] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 212.585621] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 212.595019] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 212.653431] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 212.667510] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 212.669791] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 214.146495] Bluetooth: hci0: command tx timeout [ 214.273294] Bluetooth: hci1: command tx timeout [ 214.337298] Bluetooth: hci2: command tx timeout [ 214.338430] Bluetooth: hci4: command tx timeout [ 214.338504] Bluetooth: hci3: command tx timeout [ 214.401268] Bluetooth: hci5: command tx timeout [ 214.721368] Bluetooth: hci7: command tx timeout [ 214.722635] Bluetooth: hci6: command tx timeout [ 216.194161] Bluetooth: hci0: command tx timeout [ 216.322357] Bluetooth: hci1: command tx timeout [ 216.387243] Bluetooth: hci3: command tx timeout [ 216.387309] Bluetooth: hci2: command tx timeout [ 216.387684] Bluetooth: hci4: command tx timeout [ 216.450275] Bluetooth: hci5: command tx timeout [ 216.769551] Bluetooth: hci6: command tx timeout [ 216.770057] Bluetooth: hci7: command tx timeout [ 218.241321] Bluetooth: hci0: command tx timeout [ 218.370287] Bluetooth: hci1: command tx timeout [ 218.433260] Bluetooth: hci2: command tx timeout [ 218.433699] Bluetooth: hci3: command tx timeout [ 218.434286] Bluetooth: hci4: command tx timeout [ 218.498228] Bluetooth: hci5: command tx timeout [ 218.817545] Bluetooth: hci7: command tx timeout [ 218.818016] Bluetooth: hci6: command tx timeout [ 220.290237] Bluetooth: hci0: command tx timeout [ 220.418270] Bluetooth: hci1: command tx timeout [ 220.481371] Bluetooth: hci2: command tx timeout [ 220.481808] Bluetooth: hci4: command tx timeout [ 220.482606] Bluetooth: hci3: command tx timeout [ 220.546234] Bluetooth: hci5: command tx timeout [ 220.866389] Bluetooth: hci6: command tx timeout [ 220.866842] Bluetooth: hci7: command tx timeout [ 270.440835] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 270.441541] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 270.862126] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 270.863547] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 274.257454] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 274.262563] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 274.265924] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 274.280426] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 274.283857] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 274.290632] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 274.330785] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 274.334634] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 274.336865] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 274.339472] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 274.342871] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 274.348729] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 274.350359] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 274.352078] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 274.353713] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 274.356875] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 274.359683] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 274.365877] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 274.367664] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 274.369102] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 274.384566] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 274.389730] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 274.399782] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 274.407663] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 274.410846] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 274.413467] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 274.418781] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 274.420566] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 274.421928] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 274.427504] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 274.432700] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 274.439281] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 274.441127] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 274.448420] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 274.450013] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 274.463628] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 274.478047] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 274.482546] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 274.489514] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 274.498010] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 274.500884] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 274.503796] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 274.526872] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 274.530609] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 274.532574] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 274.538846] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 274.543246] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 274.547442] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 276.353305] Bluetooth: hci0: command tx timeout [ 276.417233] Bluetooth: hci2: command tx timeout [ 276.481283] Bluetooth: hci3: command tx timeout [ 276.481942] Bluetooth: hci1: command tx timeout [ 276.546347] Bluetooth: hci5: command tx timeout [ 276.546951] Bluetooth: hci7: command tx timeout [ 276.609391] Bluetooth: hci6: command tx timeout [ 276.610045] Bluetooth: hci4: command tx timeout [ 278.401409] Bluetooth: hci0: command tx timeout [ 278.465246] Bluetooth: hci2: command tx timeout [ 278.529701] Bluetooth: hci1: command tx timeout [ 278.530207] Bluetooth: hci3: command tx timeout [ 278.593310] Bluetooth: hci7: command tx timeout [ 278.593801] Bluetooth: hci5: command tx timeout [ 278.657291] Bluetooth: hci4: command tx timeout [ 278.657773] Bluetooth: hci6: command tx timeout [ 280.449307] Bluetooth: hci0: command tx timeout [ 280.513362] Bluetooth: hci2: command tx timeout [ 280.577509] Bluetooth: hci3: command tx timeout [ 280.577958] Bluetooth: hci1: command tx timeout [ 280.643259] Bluetooth: hci5: command tx timeout [ 280.643718] Bluetooth: hci7: command tx timeout [ 280.705255] Bluetooth: hci6: command tx timeout [ 280.705695] Bluetooth: hci4: command tx timeout [ 282.499214] Bluetooth: hci0: command tx timeout [ 282.561262] Bluetooth: hci2: command tx timeout [ 282.625246] Bluetooth: hci1: command tx timeout [ 282.625689] Bluetooth: hci3: command tx timeout [ 282.689270] Bluetooth: hci7: command tx timeout [ 282.689712] Bluetooth: hci5: command tx timeout [ 282.753651] Bluetooth: hci4: command tx timeout [ 282.754112] Bluetooth: hci6: command tx timeout [ 329.689682] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 329.690391] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 330.065895] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 330.066625] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 330.412691] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 330.414179] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 330.729526] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 330.730319] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 330.902334] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 330.903009] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 21:53:18 executing program 3: r0 = syz_open_dev$evdev(&(0x7f0000000040), 0x0, 0x0) r1 = dup(r0) ioctl$EVIOCGSND(r1, 0x40044581, 0x0) [ 331.176251] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 331.176938] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 21:53:18 executing program 3: r0 = syz_open_dev$evdev(&(0x7f0000000040), 0x0, 0x0) r1 = dup(r0) ioctl$EVIOCGSND(r1, 0x40044581, 0x0) [ 331.413223] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 331.413880] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 21:53:18 executing program 3: r0 = syz_open_dev$evdev(&(0x7f0000000040), 0x0, 0x0) r1 = dup(r0) ioctl$EVIOCGSND(r1, 0x40044581, 0x0) 21:53:18 executing program 3: r0 = openat$ptp0(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) ioctl$PTP_EXTTS_REQUEST2(r0, 0x43403d0e, &(0x7f0000000000)) [ 331.644715] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 331.645415] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 21:53:19 executing program 3: r0 = openat$ptp0(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) ioctl$PTP_EXTTS_REQUEST2(r0, 0x43403d0e, &(0x7f0000000000)) 21:53:19 executing program 3: r0 = openat$ptp0(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) ioctl$PTP_EXTTS_REQUEST2(r0, 0x43403d0e, &(0x7f0000000000)) [ 332.100765] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 332.101492] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 21:53:19 executing program 3: r0 = openat$ptp0(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) ioctl$PTP_EXTTS_REQUEST2(r0, 0x43403d0e, &(0x7f0000000000)) [ 332.307854] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 332.308992] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 21:53:19 executing program 3: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0xc0c0583b, &(0x7f0000000500)=ANY=[@ANYBLOB="0000000000000100000000000000000000000000000040000000000000000000000000000000000000000000000000523288b38851b39500000000000000ff070000ff01000006000000000000000700000000000000cc90000000000000080000000000000000000000000000000000000000000c000000000000002e09fb000000ff0700000100000000000a000000000000000000c65678650000000007"]) r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0) ioctl$FAT_IOCTL_GET_VOLUME_ID(0xffffffffffffffff, 0x80047213, &(0x7f00000004c0)) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) openat$incfs(0xffffffffffffffff, &(0x7f0000000380)='.pending_reads\x00', 0x31b200, 0x44) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) fallocate(0xffffffffffffffff, 0x30, 0x0, 0x0) ioctl$TCSETS2(r0, 0x402c542b, &(0x7f0000000000)={0x0, 0x2, 0x1, 0x200, 0x8, "2658ab9387dad8e44b3f466bfc036c50f1708d", 0x5, 0x200}) ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x200000a, 0x1010, 0xffffffffffffffff, 0x29287000) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8083, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x1, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = epoll_create(0x4) r2 = signalfd4(0xffffffffffffffff, &(0x7f0000000200), 0x8, 0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000240)={0xa0002000}) flock(r1, 0x9) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) [ 332.443684] audit: type=1400 audit(1729201999.857:8): avc: denied { open } for pid=14451 comm="syz-executor.3" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 [ 332.450272] audit: type=1400 audit(1729201999.857:9): avc: denied { kernel } for pid=14451 comm="syz-executor.3" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 [ 332.469174] hrtimer: interrupt took 38282 ns [ 332.532184] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 332.532844] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 332.694415] audit: type=1400 audit(1729202000.107:10): avc: denied { block_suspend } for pid=14451 comm="syz-executor.3" capability=36 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=1 [ 335.570594] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 335.575056] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 335.578839] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 335.587844] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 335.590973] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 335.594404] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 335.701553] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 335.706707] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 335.709544] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 335.719694] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 335.723759] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 335.727427] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 335.832609] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 335.843909] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 335.848903] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 335.867751] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 335.875593] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 335.877851] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 336.025901] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 336.036770] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 336.039727] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 336.073349] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 336.084573] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 336.096739] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 337.665397] Bluetooth: hci2: command tx timeout [ 337.794667] Bluetooth: hci3: command tx timeout [ 337.921278] Bluetooth: hci4: command tx timeout [ 338.177284] Bluetooth: hci5: command tx timeout [ 339.713218] Bluetooth: hci2: command tx timeout [ 339.842236] Bluetooth: hci3: command tx timeout [ 339.969769] Bluetooth: hci4: command tx timeout [ 340.225395] Bluetooth: hci5: command tx timeout [ 341.761331] Bluetooth: hci2: command tx timeout [ 341.890229] Bluetooth: hci3: command tx timeout [ 342.019298] Bluetooth: hci4: command tx timeout [ 342.273395] Bluetooth: hci5: command tx timeout [ 343.811246] Bluetooth: hci2: command tx timeout [ 343.938890] Bluetooth: hci3: command tx timeout [ 344.066404] Bluetooth: hci4: command tx timeout [ 344.322516] Bluetooth: hci5: command tx timeout [ 366.210622] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 366.211634] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 366.319853] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 366.320583] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 366.799515] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 366.800699] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 367.074304] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 367.074964] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 367.191057] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 367.191772] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 367.305508] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 367.306361] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 368.104586] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 368.105273] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 368.187764] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 368.188470] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 369.162256] audit: type=1400 audit(1729202036.571:11): avc: denied { watch_reads } for pid=16293 comm="syz-executor.2" path="/syzkaller-testdir463085067/syzkaller.rwihIJ/0" dev="sda" ino=15976 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=dir permissive=1 [ 392.781062] watchdog: BUG: soft lockup - CPU#0 stuck for 22s! [syz-executor.2:16295] [ 392.781814] Modules linked in: [ 392.782115] irq event stamp: 2395511 [ 392.782445] hardirqs last enabled at (2395510): [] irqentry_exit+0x3b/0x90 [ 392.783215] hardirqs last disabled at (2395511): [] sysvec_apic_timer_interrupt+0xf/0x80 [ 392.785408] softirqs last enabled at (2364960): [] handle_softirqs+0x50c/0x770 [ 392.787555] softirqs last disabled at (2364963): [] irq_exit_rcu+0x94/0xc0 [ 392.789969] CPU: 0 UID: 0 PID: 16295 Comm: syz-executor.2 Not tainted 6.12.0-rc3-next-20241016 #1 [ 392.792019] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 392.793330] RIP: 0010:unwind_next_frame+0x491/0x2490 [ 392.793801] Code: 85 48 c7 c0 85 cc ac 85 eb 49 48 c7 c1 c0 cc ac 85 48 ba 00 00 00 00 00 fc ff df 48 8d 41 05 48 89 c6 48 c1 ee 03 0f b6 14 16 <48> 89 c6 83 e6 07 40 38 f2 7f 08 84 d2 0f 85 16 17 00 00 0f b6 51 [ 392.795342] RSP: 0018:ffff88806ce09778 EFLAGS: 00000213 [ 392.795818] RAX: ffffffff867c8e6f RBX: 0000000000000001 RCX: ffffffff867c8e6a [ 392.796435] RDX: 0000000000000000 RSI: 1ffffffff0cf91cd RDI: ffffffff86478844 [ 392.797053] RBP: ffff88806ce09840 R08: ffffffff867c8e6a R09: ffff88806ce09828 [ 392.797682] R10: 000000000003c001 R11: 00000000000121bf R12: ffff88806ce09848 [ 392.798294] R13: ffff88806ce09830 R14: ffff88806ce09829 R15: ffff88806ce097e8 [ 392.798906] FS: 00007f1fbd5fe700(0000) GS:ffff88806ce00000(0000) knlGS:0000000000000000 [ 392.799612] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 392.800124] CR2: 00007fb1358e0ff8 CR3: 000000003d674000 CR4: 0000000000350ef0 [ 392.800741] Call Trace: [ 392.800983] [ 392.801206] ? watchdog_timer_fn+0x3ee/0x510 [ 392.801644] ? __pfx_watchdog_timer_fn+0x10/0x10 [ 392.802099] ? __hrtimer_run_queues+0x57c/0xa70 [ 392.802556] ? __pfx___hrtimer_run_queues+0x10/0x10 [ 392.803021] ? ktime_get_update_offsets_now+0x260/0x3c0 [ 392.803546] ? hrtimer_interrupt+0x2f2/0x750 [ 392.803998] ? __sysvec_apic_timer_interrupt+0xc2/0x390 [ 392.804498] ? sysvec_apic_timer_interrupt+0x34/0x80 [ 392.804984] ? asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 392.805535] ? unwind_next_frame+0x491/0x2490 [ 392.805966] ? unwind_next_frame+0x2b7/0x2490 [ 392.806395] ? stack_trace_save+0x8f/0xc0 [ 392.806815] ? stack_trace_save+0x8f/0xc0 [ 392.807223] ? srso_return_thunk+0x5/0x5f [ 392.807631] ? kernel_text_address+0x11/0xc0 [ 392.808053] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 392.808570] arch_stack_walk+0x87/0xf0 [ 392.808973] ? stack_trace_save+0x8f/0xc0 [ 392.809401] stack_trace_save+0x8f/0xc0 [ 392.809799] ? __pfx_stack_trace_save+0x10/0x10 [ 392.810251] ? srso_return_thunk+0x5/0x5f [ 392.810681] kasan_save_stack+0x24/0x50 [ 392.811075] ? kasan_save_stack+0x24/0x50 [ 392.811486] ? __kasan_record_aux_stack+0x8c/0xa0 [ 392.811936] ? __call_rcu_common.constprop.0+0x6a/0xaa0 [ 392.812451] ? kmem_cache_free+0x2ae/0x470 [ 392.812860] ? skb_release_data+0x814/0x990 [ 392.813277] ? consume_skb+0xd0/0x160 [ 392.813653] ? mac80211_hwsim_tx_frame+0x1f6/0x2a0 [ 392.814110] ? mac80211_hwsim_beacon_tx+0x546/0x950 [ 392.814575] ? __iterate_interfaces+0x2cb/0x5d0 [ 392.815020] ? ieee80211_iterate_active_interfaces_atomic+0x71/0x1b0 [ 392.815606] ? mac80211_hwsim_beacon+0x105/0x200 [ 392.816069] ? __hrtimer_run_queues+0x1ab/0xa70 [ 392.816507] ? hrtimer_run_softirq+0x14c/0x310 [ 392.816937] ? handle_softirqs+0x1b1/0x770 [ 392.817348] ? irq_exit_rcu+0x94/0xc0 [ 392.817714] ? sysvec_apic_timer_interrupt+0x70/0x80 [ 392.818197] ? asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 392.818709] ? __orc_find+0xad/0xf0 [ 392.819063] ? unwind_next_frame+0x2b7/0x2490 [ 392.819488] ? arch_stack_walk+0x87/0xf0 [ 392.819889] ? stack_trace_save+0x8f/0xc0 [ 392.820307] ? srso_return_thunk+0x5/0x5f [ 392.820717] ? find_held_lock+0x2c/0x110 [ 392.821114] ? __virt_addr_valid+0x2e8/0x5d0 [ 392.821547] ? srso_return_thunk+0x5/0x5f [ 392.821956] ? lock_release+0x20f/0x6f0 [ 392.822364] ? __pfx_lock_release+0x10/0x10 [ 392.822786] ? trace_lock_acquire+0x137/0x1b0 [ 392.823226] ? srso_return_thunk+0x5/0x5f [ 392.823637] ? lock_acquire+0x32/0xc0 [ 392.824017] ? __virt_addr_valid+0x1c6/0x5d0 [ 392.824443] ? srso_return_thunk+0x5/0x5f [ 392.824850] ? __virt_addr_valid+0x100/0x5d0 [ 392.825276] ? __pfx_free_object_rcu+0x10/0x10 [ 392.825741] ? srso_return_thunk+0x5/0x5f [ 392.826156] __kasan_record_aux_stack+0x8c/0xa0 [ 392.826595] ? __pfx_free_object_rcu+0x10/0x10 [ 392.827043] __call_rcu_common.constprop.0+0x6a/0xaa0 [ 392.827536] ? srso_return_thunk+0x5/0x5f [ 392.827941] ? lockdep_hardirqs_on_prepare+0x12b/0x3f0 [ 392.828464] kmem_cache_free+0x2ae/0x470 [ 392.828862] ? srso_return_thunk+0x5/0x5f [ 392.829285] ? skb_release_data+0x814/0x990 [ 392.829709] skb_release_data+0x814/0x990 [ 392.830118] consume_skb+0xd0/0x160 [ 392.830485] mac80211_hwsim_tx_frame+0x1f6/0x2a0 [ 392.830935] mac80211_hwsim_beacon_tx+0x546/0x950 [ 392.831396] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 392.831876] ? srso_return_thunk+0x5/0x5f [ 392.832289] ? srso_return_thunk+0x5/0x5f [ 392.832713] __iterate_interfaces+0x2cb/0x5d0 [ 392.833142] ? __pfx_mac80211_hwsim_beacon_tx+0x10/0x10 [ 392.833644] ? __pfx_mac80211_hwsim_beacon_tx+0x10/0x10 [ 392.834135] ieee80211_iterate_active_interfaces_atomic+0x71/0x1b0 [ 392.834711] mac80211_hwsim_beacon+0x105/0x200 [ 392.835152] ? __pfx_mac80211_hwsim_beacon+0x10/0x10 [ 392.835640] __hrtimer_run_queues+0x1ab/0xa70 [ 392.836079] ? __pfx___hrtimer_run_queues+0x10/0x10 [ 392.836549] ? ktime_get_update_offsets_now+0x260/0x3c0 [ 392.837080] hrtimer_run_softirq+0x14c/0x310 [ 392.837519] handle_softirqs+0x1b1/0x770 [ 392.837914] irq_exit_rcu+0x94/0xc0 [ 392.838266] sysvec_apic_timer_interrupt+0x70/0x80 [ 392.838738] [ 392.838955] [ 392.839178] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 392.839672] RIP: 0010:__orc_find+0xad/0xf0 [ 392.840068] Code: 48 01 d8 48 39 c1 73 b0 4c 8d 63 fc 4c 39 e5 76 b3 4d 29 ee 49 c1 fe 02 4b 8d 04 76 48 8d 04 46 48 83 c4 10 5b 5d 41 5c 41 5d <41> 5e 41 5f e9 5a eb 6f 03 48 83 c4 10 31 c0 5b 5d 41 5c 41 5d 41 [ 392.841598] RSP: 0018:ffff88803ccbf780 EFLAGS: 00000286 [ 392.842076] RAX: ffffffff86833076 RBX: 0000000000000001 RCX: ffffffff818b4a5b [ 392.842687] RDX: 0000000000000000 RSI: ffffffff86833076 RDI: ffffffff864bf44c [ 392.843301] RBP: ffff88803ccbf860 R08: ffffffff86833076 R09: ffff88803ccbf848 [ 392.843915] R10: 000000000003c001 R11: 0000000000023cc1 R12: ffff88803ccbf868 [ 392.844528] R13: ffff88803ccbf850 R14: 0000000000000000 R15: dffffc0000000000 [ 392.845165] ? kasan_quarantine_reduce+0x19b/0x230 [ 392.845666] unwind_next_frame+0x2b7/0x2490 [ 392.846073] ? kasan_quarantine_reduce+0x19c/0x230 [ 392.846545] ? kasan_quarantine_reduce+0x19c/0x230 [ 392.847011] ? srso_return_thunk+0x5/0x5f [ 392.847440] ? kernel_text_address+0x11/0xc0 [ 392.847860] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 392.848381] arch_stack_walk+0x87/0xf0 [ 392.848787] ? kasan_quarantine_reduce+0x19c/0x230 [ 392.849282] stack_trace_save+0x8f/0xc0 [ 392.849679] ? __pfx_stack_trace_save+0x10/0x10 [ 392.850128] ? srso_return_thunk+0x5/0x5f [ 392.850557] kasan_save_stack+0x24/0x50 [ 392.850950] ? kasan_save_stack+0x24/0x50 [ 392.851364] ? __kasan_record_aux_stack+0x8c/0xa0 [ 392.851812] ? __call_rcu_common.constprop.0+0x6a/0xaa0 [ 392.852317] ? kfree+0x28e/0x480 [ 392.852656] ? __free_slab+0x100/0x120 [ 392.853034] ? qlist_free_all+0x50/0x160 [ 392.853445] ? kasan_quarantine_reduce+0x19c/0x230 [ 392.853918] ? __pfx___lock_acquire+0x10/0x10 [ 392.854382] ? srso_return_thunk+0x5/0x5f [ 392.854793] ? find_held_lock+0x2c/0x110 [ 392.855185] ? __virt_addr_valid+0x2e8/0x5d0 [ 392.855607] ? srso_return_thunk+0x5/0x5f [ 392.856013] ? lock_release+0x20f/0x6f0 [ 392.856416] ? __pfx_lock_release+0x10/0x10 [ 392.856840] ? trace_lock_acquire+0x137/0x1b0 [ 392.857287] ? srso_return_thunk+0x5/0x5f [ 392.857702] ? lock_acquire+0x32/0xc0 [ 392.858087] ? __virt_addr_valid+0x1c6/0x5d0 [ 392.858513] ? srso_return_thunk+0x5/0x5f [ 392.858919] ? __virt_addr_valid+0x100/0x5d0 [ 392.859341] ? __pfx_free_object_rcu+0x10/0x10 [ 392.859788] ? srso_return_thunk+0x5/0x5f [ 392.860205] __kasan_record_aux_stack+0x8c/0xa0 [ 392.860648] ? __pfx_free_object_rcu+0x10/0x10 [ 392.861097] __call_rcu_common.constprop.0+0x6a/0xaa0 [ 392.861602] ? srso_return_thunk+0x5/0x5f [ 392.862011] ? lockdep_hardirqs_on_prepare+0x262/0x3f0 [ 392.862523] kfree+0x28e/0x480 [ 392.862848] ? __free_slab+0x100/0x120 [ 392.863235] __free_slab+0x100/0x120 [ 392.863608] qlist_free_all+0x50/0x160 [ 392.864017] kasan_quarantine_reduce+0x19c/0x230 [ 392.864488] __kasan_slab_alloc+0x49/0x70 [ 392.864879] kmem_cache_alloc_noprof+0x13d/0x3d0 [ 392.865351] ? put_cpu_partial+0x106/0x1b0 [ 392.865770] ? srso_return_thunk+0x5/0x5f [ 392.866190] __alloc_object+0x2f/0x270 [ 392.866554] ? kasan_quarantine_reduce+0x1d3/0x230 [ 392.867041] __create_object+0x1d/0x80 [ 392.867421] kmem_cache_alloc_noprof+0x300/0x3d0 [ 392.867876] ? srso_return_thunk+0x5/0x5f [ 392.868294] ? fsnotify_grab_connector+0x134/0x280 [ 392.868767] ? srso_return_thunk+0x5/0x5f [ 392.869185] inotify_update_watch+0x439/0xad0 [ 392.869636] ? security_path_notify+0x27/0xa0 [ 392.870076] ? srso_return_thunk+0x5/0x5f [ 392.870498] __x64_sys_inotify_add_watch+0x2bf/0x350 [ 392.870962] ? __pfx___x64_sys_inotify_add_watch+0x10/0x10 [ 392.871492] do_syscall_64+0xbf/0x1d0 [ 392.871857] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 392.872350] RIP: 0033:0x7f1fc00a9b19 [ 392.872697] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 392.874217] RSP: 002b:00007f1fbd5fe188 EFLAGS: 00000246 ORIG_RAX: 00000000000000fe [ 392.874887] RAX: ffffffffffffffda RBX: 00007f1fc01bd020 RCX: 00007f1fc00a9b19 [ 392.875503] RDX: 00000001630009ba RSI: 0000000020000300 RDI: 0000000000000005 [ 392.876114] RBP: 00007f1fc0103f6d R08: 0000000000000000 R09: 0000000000000000 [ 392.876722] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 392.877346] R13: 00007ffcab55d3bf R14: 00007f1fbd5fe300 R15: 0000000000022000 [ 392.877994] [ 392.878228] Sending NMI from CPU 0 to CPUs 1: [ 392.878647] NMI backtrace for cpu 1 [ 392.878691] CPU: 1 UID: 0 PID: 147 Comm: kworker/u10:3 Not tainted 6.12.0-rc3-next-20241016 #1 [ 392.878777] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 392.878821] Workqueue: events_unbound cfg80211_wiphy_work [ 392.878897] RIP: 0010:ieee80211_sta_get_rates+0x345/0x5e0 [ 392.879015] Code: 80 38 00 0f 85 1b 02 00 00 49 8b 46 08 4b 8d 14 64 4c 8d 24 90 48 b8 00 00 00 00 00 fc ff df 4c 89 e2 48 c1 ea 03 0f b6 0c 02 <4c> 89 e2 83 e2 07 83 c2 03 38 ca 7c 08 84 c9 0f 85 f4 01 00 00 45 [ 392.879085] RSP: 0018:ffff8880162bf988 EFLAGS: 00000212 [ 392.879146] RAX: dffffc0000000000 RBX: 0000000000000004 RCX: 0000000000000000 [ 392.879194] RDX: 1ffff110031adb85 RSI: ffffffff845d1757 RDI: 0000000000000006 [ 392.879243] RBP: 0000000000000000 R08: 0000000000000001 R09: ffff888015914138 [ 392.879291] R10: 000000000000000c R11: 0000000000000116 R12: ffff888018d6dc28 [ 392.879339] R13: 000000000000000c R14: ffff888018d6b088 R15: 0000000000000014 [ 392.879389] FS: 0000000000000000(0000) GS:ffff88806cf00000(0000) knlGS:0000000000000000 [ 392.879456] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 392.879509] CR2: 0000563edd3984ec CR3: 0000000015f2e000 CR4: 0000000000350ef0 [ 392.879558] Call Trace: [ 392.879576] [ 392.879600] ? nmi_cpu_backtrace+0x179/0x260 [ 392.879711] ? nmi_cpu_backtrace_handler+0xc/0x20 [ 392.879831] ? nmi_handle+0x1a1/0x550 [ 392.879949] ? ieee80211_sta_get_rates+0x345/0x5e0 [ 392.880057] ? ieee80211_sta_get_rates+0x345/0x5e0 [ 392.880166] ? default_do_nmi+0x64/0x1c0 [ 392.880261] ? exc_nmi+0x188/0x1c0 [ 392.880350] ? end_repeat_nmi+0xf/0x53 [ 392.880478] ? ieee80211_sta_get_rates+0x317/0x5e0 [ 392.880587] ? ieee80211_sta_get_rates+0x345/0x5e0 [ 392.880698] ? ieee80211_sta_get_rates+0x345/0x5e0 [ 392.880811] ? ieee80211_sta_get_rates+0x345/0x5e0 [ 392.880922] [ 392.880943] [ 392.880983] ieee80211_ibss_rx_queued_mgmt+0x1092/0x2f90 [ 392.881089] ? __pfx_ieee80211_ibss_rx_queued_mgmt+0x10/0x10 [ 392.881173] ? srso_return_thunk+0x5/0x5f [ 392.881307] ? srso_return_thunk+0x5/0x5f [ 392.881426] ? find_held_lock+0x2c/0x110 [ 392.881519] ? kcov_remote_start+0x2bf/0x5b0 [ 392.881626] ? srso_return_thunk+0x5/0x5f [ 392.881744] ? lock_release+0x20f/0x6f0 [ 392.881874] ? srso_return_thunk+0x5/0x5f [ 392.881992] ? mark_held_locks+0x9e/0xe0 [ 392.882112] ? srso_return_thunk+0x5/0x5f [ 392.882230] ? lockdep_hardirqs_on_prepare+0x262/0x3f0 [ 392.882355] ? srso_return_thunk+0x5/0x5f [ 392.882485] ieee80211_iface_work+0xb5f/0xe40 [ 392.882569] ? remove_waiter+0xa90/0xf90 [ 392.882653] cfg80211_wiphy_work+0x38d/0x610 [ 392.882735] process_one_work+0x8ee/0x1a00 [ 392.882852] ? __pfx_process_one_work+0x10/0x10 [ 392.882945] ? srso_return_thunk+0x5/0x5f [ 392.883064] ? move_linked_works+0x172/0x270 [ 392.883188] ? srso_return_thunk+0x5/0x5f [ 392.883306] ? assign_work+0x196/0x240 [ 392.883402] worker_thread+0x674/0xe70 [ 392.883495] ? lockdep_hardirqs_on_prepare+0x262/0x3f0 [ 392.883630] ? srso_return_thunk+0x5/0x5f [ 392.883748] ? __pfx_worker_thread+0x10/0x10 [ 392.883846] kthread+0x2c2/0x3a0 [ 392.883957] ? srso_return_thunk+0x5/0x5f [ 392.884075] ? __pfx_kthread+0x10/0x10 [ 392.884194] ret_from_fork+0x48/0x80 [ 392.884294] ? __pfx_kthread+0x10/0x10 [ 392.884410] ret_from_fork_asm+0x1a/0x30 [ 392.884532] [ 396.741265] Bluetooth: hci6: command 0x0406 tx timeout [ 396.742329] Bluetooth: hci7: command 0x0406 tx timeout [ 396.743354] Bluetooth: hci0: command 0x0406 tx timeout [ 396.744307] Bluetooth: hci1: command 0x0406 tx timeout 21:54:24 executing program 0: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) delete_module(0x0, 0x0) 21:54:24 executing program 6: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$BATADV_CMD_GET_ROUTING_ALGOS(r0, &(0x7f0000004280)={0x0, 0x0, &(0x7f0000004240)={&(0x7f0000004200)={0x14, 0x0, 0x0, 0x0, 0x25dfdbfe}, 0x14}}, 0x0) socketpair(0x1f, 0x0, 0x0, &(0x7f00000042c0)) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$ETHTOOL_MSG_EEE_GET(r1, &(0x7f0000004540)={&(0x7f0000004480), 0xc, &(0x7f0000004500)={&(0x7f00000044c0)={0x14}, 0x14}}, 0x4000040) mmap$IORING_OFF_CQ_RING(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x0, 0x810, 0xffffffffffffffff, 0x8000000) syz_io_uring_setup(0x48f7, &(0x7f0000004580), &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffc000/0x4000)=nil, 0x0, &(0x7f0000004640)) syz_io_uring_submit(0x0, 0x0, 0x0, 0x0) sendmsg$BATADV_CMD_GET_ROUTING_ALGOS(r1, &(0x7f00000047c0)={0x0, 0x0, &(0x7f0000004780)={&(0x7f0000004740)={0x14}, 0x14}}, 0x0) 21:54:24 executing program 2: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000580)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = inotify_init() r1 = inotify_add_watch(r0, &(0x7f0000000300)='.\x00', 0x1630009ba) inotify_rm_watch(r0, r1) splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0) execve(&(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000000700)=[0x0, 0x0, 0x0, &(0x7f0000000600)=':\x00', 0x0, 0x0, &(0x7f00000006c0)='^:\x00']) 21:54:24 executing program 1: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x7}, 0x400a}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = perf_event_open(&(0x7f0000000580)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000300)='net/ip_tables_matches\x00') pread64(r1, &(0x7f0000001400)=""/4110, 0xa3, 0x0) perf_event_open(0x0, 0xffffffffffffffff, 0x7, r1, 0x1) dup2(0xffffffffffffffff, 0xffffffffffffffff) write$vga_arbiter(0xffffffffffffffff, 0x0, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r2, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x0) r3 = syz_open_dev$tty20(0xc, 0x4, 0x1) ioctl$TIOCL_PASTESEL(r3, 0x541c, &(0x7f0000000000)=0x4) close_range(r3, r0, 0x0) setsockopt$SO_ATTACH_FILTER(r2, 0x1, 0x1a, 0x0, 0x0) 21:54:24 executing program 3: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0xc0c0583b, &(0x7f0000000500)=ANY=[@ANYBLOB="0000000000000100000000000000000000000000000040000000000000000000000000000000000000000000000000523288b38851b39500000000000000ff070000ff01000006000000000000000700000000000000cc90000000000000080000000000000000000000000000000000000000000c000000000000002e09fb000000ff0700000100000000000a000000000000000000c65678650000000007"]) r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0) ioctl$FAT_IOCTL_GET_VOLUME_ID(0xffffffffffffffff, 0x80047213, &(0x7f00000004c0)) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) openat$incfs(0xffffffffffffffff, &(0x7f0000000380)='.pending_reads\x00', 0x31b200, 0x44) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) fallocate(0xffffffffffffffff, 0x30, 0x0, 0x0) ioctl$TCSETS2(r0, 0x402c542b, &(0x7f0000000000)={0x0, 0x2, 0x1, 0x200, 0x8, "2658ab9387dad8e44b3f466bfc036c50f1708d", 0x5, 0x200}) ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x200000a, 0x1010, 0xffffffffffffffff, 0x29287000) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8083, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x1, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = epoll_create(0x4) r2 = signalfd4(0xffffffffffffffff, &(0x7f0000000200), 0x8, 0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000240)={0xa0002000}) flock(r1, 0x9) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 21:54:24 executing program 5: r0 = socket$inet6(0xa, 0x1, 0x0) setsockopt$inet6_int(r0, 0x29, 0x43, &(0x7f0000000000), 0x4) 21:54:24 executing program 4: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(0x0, 0x0, 0x5, 0xffffffffffffffff, 0x8) perf_event_open(&(0x7f0000000580)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = perf_event_open(&(0x7f0000000280)={0x8, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xffffffff81000050}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) close(r0) write(0xffffffffffffffff, 0x0, 0x0) ptrace$setopts(0x4200, 0x0, 0x0, 0x0) r1 = openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioprio_get$pid(0x1, 0xffffffffffffffff) socket$inet6_udp(0xa, 0x2, 0x0) dup(0xffffffffffffffff) syz_init_net_socket$802154_raw(0x24, 0x3, 0x0) r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$SO_ATTACH_FILTER(r2, 0x1, 0x1a, &(0x7f0000000080)={0x0, 0x0}, 0x10) fcntl$F_SET_RW_HINT(r2, 0x40c, &(0x7f0000000180)=0x5) sendfile(0xffffffffffffffff, r1, 0x0, 0x10000027f) perf_event_open(0x0, 0x0, 0x6, r1, 0x0) 21:54:24 executing program 7: mount_setattr(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x57) 21:54:24 executing program 7: mount_setattr(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x57) 21:54:24 executing program 6: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$BATADV_CMD_GET_ROUTING_ALGOS(r0, &(0x7f0000004280)={0x0, 0x0, &(0x7f0000004240)={&(0x7f0000004200)={0x14, 0x0, 0x0, 0x0, 0x25dfdbfe}, 0x14}}, 0x0) socketpair(0x1f, 0x0, 0x0, &(0x7f00000042c0)) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$ETHTOOL_MSG_EEE_GET(r1, &(0x7f0000004540)={&(0x7f0000004480), 0xc, &(0x7f0000004500)={&(0x7f00000044c0)={0x14}, 0x14}}, 0x4000040) mmap$IORING_OFF_CQ_RING(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x0, 0x810, 0xffffffffffffffff, 0x8000000) syz_io_uring_setup(0x48f7, &(0x7f0000004580), &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffc000/0x4000)=nil, 0x0, &(0x7f0000004640)) syz_io_uring_submit(0x0, 0x0, 0x0, 0x0) sendmsg$BATADV_CMD_GET_ROUTING_ALGOS(r1, &(0x7f00000047c0)={0x0, 0x0, &(0x7f0000004780)={&(0x7f0000004740)={0x14}, 0x14}}, 0x0) 21:54:27 executing program 0: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) delete_module(0x0, 0x0) 21:54:27 executing program 3: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0xc0c0583b, &(0x7f0000000500)=ANY=[@ANYBLOB="0000000000000100000000000000000000000000000040000000000000000000000000000000000000000000000000523288b38851b39500000000000000ff070000ff01000006000000000000000700000000000000cc90000000000000080000000000000000000000000000000000000000000c000000000000002e09fb000000ff0700000100000000000a000000000000000000c65678650000000007"]) r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0) ioctl$FAT_IOCTL_GET_VOLUME_ID(0xffffffffffffffff, 0x80047213, &(0x7f00000004c0)) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) openat$incfs(0xffffffffffffffff, &(0x7f0000000380)='.pending_reads\x00', 0x31b200, 0x44) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) fallocate(0xffffffffffffffff, 0x30, 0x0, 0x0) ioctl$TCSETS2(r0, 0x402c542b, &(0x7f0000000000)={0x0, 0x2, 0x1, 0x200, 0x8, "2658ab9387dad8e44b3f466bfc036c50f1708d", 0x5, 0x200}) ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x200000a, 0x1010, 0xffffffffffffffff, 0x29287000) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8083, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x1, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = epoll_create(0x4) r2 = signalfd4(0xffffffffffffffff, &(0x7f0000000200), 0x8, 0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000240)={0xa0002000}) flock(r1, 0x9) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 21:54:27 executing program 4: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(0x0, 0x0, 0x5, 0xffffffffffffffff, 0x8) perf_event_open(&(0x7f0000000580)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = perf_event_open(&(0x7f0000000280)={0x8, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xffffffff81000050}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) close(r0) write(0xffffffffffffffff, 0x0, 0x0) ptrace$setopts(0x4200, 0x0, 0x0, 0x0) r1 = openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioprio_get$pid(0x1, 0xffffffffffffffff) socket$inet6_udp(0xa, 0x2, 0x0) dup(0xffffffffffffffff) syz_init_net_socket$802154_raw(0x24, 0x3, 0x0) r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$SO_ATTACH_FILTER(r2, 0x1, 0x1a, &(0x7f0000000080)={0x0, 0x0}, 0x10) fcntl$F_SET_RW_HINT(r2, 0x40c, &(0x7f0000000180)=0x5) sendfile(0xffffffffffffffff, r1, 0x0, 0x10000027f) perf_event_open(0x0, 0x0, 0x6, r1, 0x0) 21:54:27 executing program 6: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$BATADV_CMD_GET_ROUTING_ALGOS(r0, &(0x7f0000004280)={0x0, 0x0, &(0x7f0000004240)={&(0x7f0000004200)={0x14, 0x0, 0x0, 0x0, 0x25dfdbfe}, 0x14}}, 0x0) socketpair(0x1f, 0x0, 0x0, &(0x7f00000042c0)) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$ETHTOOL_MSG_EEE_GET(r1, &(0x7f0000004540)={&(0x7f0000004480), 0xc, &(0x7f0000004500)={&(0x7f00000044c0)={0x14}, 0x14}}, 0x4000040) mmap$IORING_OFF_CQ_RING(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x0, 0x810, 0xffffffffffffffff, 0x8000000) syz_io_uring_setup(0x48f7, &(0x7f0000004580), &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffc000/0x4000)=nil, 0x0, &(0x7f0000004640)) syz_io_uring_submit(0x0, 0x0, 0x0, 0x0) sendmsg$BATADV_CMD_GET_ROUTING_ALGOS(r1, &(0x7f00000047c0)={0x0, 0x0, &(0x7f0000004780)={&(0x7f0000004740)={0x14}, 0x14}}, 0x0) 21:54:27 executing program 7: mount_setattr(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x57) 21:54:27 executing program 2: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000580)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = inotify_init() r1 = inotify_add_watch(r0, &(0x7f0000000300)='.\x00', 0x1630009ba) inotify_rm_watch(r0, r1) splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0) execve(&(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000000700)=[0x0, 0x0, 0x0, &(0x7f0000000600)=':\x00', 0x0, 0x0, &(0x7f00000006c0)='^:\x00']) 21:54:27 executing program 1: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x7}, 0x400a}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = perf_event_open(&(0x7f0000000580)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000300)='net/ip_tables_matches\x00') pread64(r1, &(0x7f0000001400)=""/4110, 0xa3, 0x0) perf_event_open(0x0, 0xffffffffffffffff, 0x7, r1, 0x1) dup2(0xffffffffffffffff, 0xffffffffffffffff) write$vga_arbiter(0xffffffffffffffff, 0x0, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r2, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x0) r3 = syz_open_dev$tty20(0xc, 0x4, 0x1) ioctl$TIOCL_PASTESEL(r3, 0x541c, &(0x7f0000000000)=0x4) close_range(r3, r0, 0x0) setsockopt$SO_ATTACH_FILTER(r2, 0x1, 0x1a, 0x0, 0x0) 21:54:27 executing program 5: r0 = socket$inet6(0xa, 0x1, 0x0) setsockopt$inet6_int(r0, 0x29, 0x43, &(0x7f0000000000), 0x4) 21:54:27 executing program 0: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) delete_module(0x0, 0x0) 21:54:27 executing program 2: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000580)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = inotify_init() r1 = inotify_add_watch(r0, &(0x7f0000000300)='.\x00', 0x1630009ba) inotify_rm_watch(r0, r1) splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0) execve(&(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000000700)=[0x0, 0x0, 0x0, &(0x7f0000000600)=':\x00', 0x0, 0x0, &(0x7f00000006c0)='^:\x00']) 21:54:27 executing program 5: r0 = socket$inet6(0xa, 0x1, 0x0) setsockopt$inet6_int(r0, 0x29, 0x43, &(0x7f0000000000), 0x4) 21:54:27 executing program 6: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) delete_module(0x0, 0x0) 21:54:28 executing program 7: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000580)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = inotify_init() r1 = inotify_add_watch(r0, &(0x7f0000000300)='.\x00', 0x1630009ba) inotify_rm_watch(r0, r1) splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0) execve(&(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000000700)=[0x0, 0x0, 0x0, &(0x7f0000000600)=':\x00', 0x0, 0x0, &(0x7f00000006c0)='^:\x00']) 21:54:28 executing program 1: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x7}, 0x400a}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = perf_event_open(&(0x7f0000000580)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000300)='net/ip_tables_matches\x00') pread64(r1, &(0x7f0000001400)=""/4110, 0xa3, 0x0) perf_event_open(0x0, 0xffffffffffffffff, 0x7, r1, 0x1) dup2(0xffffffffffffffff, 0xffffffffffffffff) write$vga_arbiter(0xffffffffffffffff, 0x0, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r2, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x0) r3 = syz_open_dev$tty20(0xc, 0x4, 0x1) ioctl$TIOCL_PASTESEL(r3, 0x541c, &(0x7f0000000000)=0x4) close_range(r3, r0, 0x0) setsockopt$SO_ATTACH_FILTER(r2, 0x1, 0x1a, 0x0, 0x0) 21:54:28 executing program 6: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) delete_module(0x0, 0x0) 21:54:28 executing program 0: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000580)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = inotify_init() r1 = inotify_add_watch(r0, &(0x7f0000000300)='.\x00', 0x1630009ba) inotify_rm_watch(r0, r1) splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0) execve(&(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000000700)=[0x0, 0x0, 0x0, &(0x7f0000000600)=':\x00', 0x0, 0x0, &(0x7f00000006c0)='^:\x00']) 21:54:28 executing program 5: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x7}, 0x400a}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = perf_event_open(&(0x7f0000000580)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000300)='net/ip_tables_matches\x00') pread64(r1, &(0x7f0000001400)=""/4110, 0xa3, 0x0) perf_event_open(0x0, 0xffffffffffffffff, 0x7, r1, 0x1) dup2(0xffffffffffffffff, 0xffffffffffffffff) write$vga_arbiter(0xffffffffffffffff, 0x0, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r2, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x0) r3 = syz_open_dev$tty20(0xc, 0x4, 0x1) ioctl$TIOCL_PASTESEL(r3, 0x541c, &(0x7f0000000000)=0x4) close_range(r3, r0, 0x0) setsockopt$SO_ATTACH_FILTER(r2, 0x1, 0x1a, 0x0, 0x0) 21:54:28 executing program 2: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000580)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = inotify_init() r1 = inotify_add_watch(r0, &(0x7f0000000300)='.\x00', 0x1630009ba) inotify_rm_watch(r0, r1) splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0) execve(&(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000000700)=[0x0, 0x0, 0x0, &(0x7f0000000600)=':\x00', 0x0, 0x0, &(0x7f00000006c0)='^:\x00']) 21:54:28 executing program 4: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(0x0, 0x0, 0x5, 0xffffffffffffffff, 0x8) perf_event_open(&(0x7f0000000580)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = perf_event_open(&(0x7f0000000280)={0x8, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xffffffff81000050}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) close(r0) write(0xffffffffffffffff, 0x0, 0x0) ptrace$setopts(0x4200, 0x0, 0x0, 0x0) r1 = openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioprio_get$pid(0x1, 0xffffffffffffffff) socket$inet6_udp(0xa, 0x2, 0x0) dup(0xffffffffffffffff) syz_init_net_socket$802154_raw(0x24, 0x3, 0x0) r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$SO_ATTACH_FILTER(r2, 0x1, 0x1a, &(0x7f0000000080)={0x0, 0x0}, 0x10) fcntl$F_SET_RW_HINT(r2, 0x40c, &(0x7f0000000180)=0x5) sendfile(0xffffffffffffffff, r1, 0x0, 0x10000027f) perf_event_open(0x0, 0x0, 0x6, r1, 0x0) 21:54:28 executing program 7: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000580)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = inotify_init() r1 = inotify_add_watch(r0, &(0x7f0000000300)='.\x00', 0x1630009ba) inotify_rm_watch(r0, r1) splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0) execve(&(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000000700)=[0x0, 0x0, 0x0, &(0x7f0000000600)=':\x00', 0x0, 0x0, &(0x7f00000006c0)='^:\x00']) 21:54:28 executing program 3: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0xc0c0583b, &(0x7f0000000500)=ANY=[@ANYBLOB="0000000000000100000000000000000000000000000040000000000000000000000000000000000000000000000000523288b38851b39500000000000000ff070000ff01000006000000000000000700000000000000cc90000000000000080000000000000000000000000000000000000000000c000000000000002e09fb000000ff0700000100000000000a000000000000000000c65678650000000007"]) r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0) ioctl$FAT_IOCTL_GET_VOLUME_ID(0xffffffffffffffff, 0x80047213, &(0x7f00000004c0)) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) openat$incfs(0xffffffffffffffff, &(0x7f0000000380)='.pending_reads\x00', 0x31b200, 0x44) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) fallocate(0xffffffffffffffff, 0x30, 0x0, 0x0) ioctl$TCSETS2(r0, 0x402c542b, &(0x7f0000000000)={0x0, 0x2, 0x1, 0x200, 0x8, "2658ab9387dad8e44b3f466bfc036c50f1708d", 0x5, 0x200}) ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x200000a, 0x1010, 0xffffffffffffffff, 0x29287000) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8083, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x1, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = epoll_create(0x4) r2 = signalfd4(0xffffffffffffffff, &(0x7f0000000200), 0x8, 0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000240)={0xa0002000}) flock(r1, 0x9) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 21:54:28 executing program 6: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) delete_module(0x0, 0x0) 21:54:28 executing program 2: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000580)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = inotify_init() r1 = inotify_add_watch(r0, &(0x7f0000000300)='.\x00', 0x1630009ba) inotify_rm_watch(r0, r1) splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0) execve(&(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000000700)=[0x0, 0x0, 0x0, &(0x7f0000000600)=':\x00', 0x0, 0x0, &(0x7f00000006c0)='^:\x00']) 21:54:29 executing program 5: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x7}, 0x400a}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = perf_event_open(&(0x7f0000000580)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000300)='net/ip_tables_matches\x00') pread64(r1, &(0x7f0000001400)=""/4110, 0xa3, 0x0) perf_event_open(0x0, 0xffffffffffffffff, 0x7, r1, 0x1) dup2(0xffffffffffffffff, 0xffffffffffffffff) write$vga_arbiter(0xffffffffffffffff, 0x0, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r2, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x0) r3 = syz_open_dev$tty20(0xc, 0x4, 0x1) ioctl$TIOCL_PASTESEL(r3, 0x541c, &(0x7f0000000000)=0x4) close_range(r3, r0, 0x0) setsockopt$SO_ATTACH_FILTER(r2, 0x1, 0x1a, 0x0, 0x0) 21:54:29 executing program 6: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x7}, 0x400a}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = perf_event_open(&(0x7f0000000580)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000300)='net/ip_tables_matches\x00') pread64(r1, &(0x7f0000001400)=""/4110, 0xa3, 0x0) perf_event_open(0x0, 0xffffffffffffffff, 0x7, r1, 0x1) dup2(0xffffffffffffffff, 0xffffffffffffffff) write$vga_arbiter(0xffffffffffffffff, 0x0, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r2, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x0) r3 = syz_open_dev$tty20(0xc, 0x4, 0x1) ioctl$TIOCL_PASTESEL(r3, 0x541c, &(0x7f0000000000)=0x4) close_range(r3, r0, 0x0) setsockopt$SO_ATTACH_FILTER(r2, 0x1, 0x1a, 0x0, 0x0) 21:54:29 executing program 7: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000580)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = inotify_init() r1 = inotify_add_watch(r0, &(0x7f0000000300)='.\x00', 0x1630009ba) inotify_rm_watch(r0, r1) splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0) execve(&(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000000700)=[0x0, 0x0, 0x0, &(0x7f0000000600)=':\x00', 0x0, 0x0, &(0x7f00000006c0)='^:\x00']) 21:54:29 executing program 1: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x7}, 0x400a}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = perf_event_open(&(0x7f0000000580)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000300)='net/ip_tables_matches\x00') pread64(r1, &(0x7f0000001400)=""/4110, 0xa3, 0x0) perf_event_open(0x0, 0xffffffffffffffff, 0x7, r1, 0x1) dup2(0xffffffffffffffff, 0xffffffffffffffff) write$vga_arbiter(0xffffffffffffffff, 0x0, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r2, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x0) r3 = syz_open_dev$tty20(0xc, 0x4, 0x1) ioctl$TIOCL_PASTESEL(r3, 0x541c, &(0x7f0000000000)=0x4) close_range(r3, r0, 0x0) setsockopt$SO_ATTACH_FILTER(r2, 0x1, 0x1a, 0x0, 0x0) 21:54:29 executing program 0: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000580)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = inotify_init() r1 = inotify_add_watch(r0, &(0x7f0000000300)='.\x00', 0x1630009ba) inotify_rm_watch(r0, r1) splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0) execve(&(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000000700)=[0x0, 0x0, 0x0, &(0x7f0000000600)=':\x00', 0x0, 0x0, &(0x7f00000006c0)='^:\x00']) 21:54:29 executing program 3: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x7}, 0x400a}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = perf_event_open(&(0x7f0000000580)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000300)='net/ip_tables_matches\x00') pread64(r1, &(0x7f0000001400)=""/4110, 0xa3, 0x0) perf_event_open(0x0, 0xffffffffffffffff, 0x7, r1, 0x1) dup2(0xffffffffffffffff, 0xffffffffffffffff) write$vga_arbiter(0xffffffffffffffff, 0x0, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r2, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x0) r3 = syz_open_dev$tty20(0xc, 0x4, 0x1) ioctl$TIOCL_PASTESEL(r3, 0x541c, &(0x7f0000000000)=0x4) close_range(r3, r0, 0x0) setsockopt$SO_ATTACH_FILTER(r2, 0x1, 0x1a, 0x0, 0x0) 21:54:29 executing program 4: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(0x0, 0x0, 0x5, 0xffffffffffffffff, 0x8) perf_event_open(&(0x7f0000000580)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = perf_event_open(&(0x7f0000000280)={0x8, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xffffffff81000050}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) close(r0) write(0xffffffffffffffff, 0x0, 0x0) ptrace$setopts(0x4200, 0x0, 0x0, 0x0) r1 = openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioprio_get$pid(0x1, 0xffffffffffffffff) socket$inet6_udp(0xa, 0x2, 0x0) dup(0xffffffffffffffff) syz_init_net_socket$802154_raw(0x24, 0x3, 0x0) r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$SO_ATTACH_FILTER(r2, 0x1, 0x1a, &(0x7f0000000080)={0x0, 0x0}, 0x10) fcntl$F_SET_RW_HINT(r2, 0x40c, &(0x7f0000000180)=0x5) sendfile(0xffffffffffffffff, r1, 0x0, 0x10000027f) perf_event_open(0x0, 0x0, 0x6, r1, 0x0) 21:54:29 executing program 7: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(0x0, 0x0, 0x5, 0xffffffffffffffff, 0x8) perf_event_open(&(0x7f0000000580)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = perf_event_open(&(0x7f0000000280)={0x8, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xffffffff81000050}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) close(r0) write(0xffffffffffffffff, 0x0, 0x0) ptrace$setopts(0x4200, 0x0, 0x0, 0x0) r1 = openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioprio_get$pid(0x1, 0xffffffffffffffff) socket$inet6_udp(0xa, 0x2, 0x0) dup(0xffffffffffffffff) syz_init_net_socket$802154_raw(0x24, 0x3, 0x0) r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$SO_ATTACH_FILTER(r2, 0x1, 0x1a, &(0x7f0000000080)={0x0, 0x0}, 0x10) fcntl$F_SET_RW_HINT(r2, 0x40c, &(0x7f0000000180)=0x5) sendfile(0xffffffffffffffff, r1, 0x0, 0x10000027f) perf_event_open(0x0, 0x0, 0x6, r1, 0x0) 21:54:29 executing program 1: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x7}, 0x400a}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = perf_event_open(&(0x7f0000000580)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000300)='net/ip_tables_matches\x00') pread64(r1, &(0x7f0000001400)=""/4110, 0xa3, 0x0) perf_event_open(0x0, 0xffffffffffffffff, 0x7, r1, 0x1) dup2(0xffffffffffffffff, 0xffffffffffffffff) write$vga_arbiter(0xffffffffffffffff, 0x0, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r2, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x0) r3 = syz_open_dev$tty20(0xc, 0x4, 0x1) ioctl$TIOCL_PASTESEL(r3, 0x541c, &(0x7f0000000000)=0x4) close_range(r3, r0, 0x0) setsockopt$SO_ATTACH_FILTER(r2, 0x1, 0x1a, 0x0, 0x0) 21:54:29 executing program 6: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x7}, 0x400a}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = perf_event_open(&(0x7f0000000580)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000300)='net/ip_tables_matches\x00') pread64(r1, &(0x7f0000001400)=""/4110, 0xa3, 0x0) perf_event_open(0x0, 0xffffffffffffffff, 0x7, r1, 0x1) dup2(0xffffffffffffffff, 0xffffffffffffffff) write$vga_arbiter(0xffffffffffffffff, 0x0, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r2, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x0) r3 = syz_open_dev$tty20(0xc, 0x4, 0x1) ioctl$TIOCL_PASTESEL(r3, 0x541c, &(0x7f0000000000)=0x4) close_range(r3, r0, 0x0) setsockopt$SO_ATTACH_FILTER(r2, 0x1, 0x1a, 0x0, 0x0) VM DIAGNOSIS: 21:54:20 Registers: info registers vcpu 0 RAX=0000000000000061 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff8262d465 RDI=ffffffff886610c0 RBP=ffffffff88661080 RSP=ffff88806ce08fc0 R8 =0000000000000000 R9 =ffffed10016e6046 R10=0000000000000061 R11=7371726974666f73 R12=0000000000000061 R13=ffffffff88661080 R14=0000000000000010 R15=ffffffff8262d450 RIP=ffffffff8262d4bd RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 00007f1fbd5fe700 00000000 00000000 GS =0000 ffff88806ce00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007fb1358e0ff8 CR3=000000003d674000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=00000000000000000000000000000000 XMM01=ffffffffffffffffffffffffffffffff XMM02=00524f52524500400000000000000000 XMM03=00000000000000000000000000000000 XMM04=000000000000000000000000000000ff XMM05=00000000000000000000000000000000 XMM06=0000000000000000000000524f525245 XMM07=00000000000000000000000000000000 XMM08=000000000000000000524f5252450040 XMM09=00000000000000000000000000000000 XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000 info registers vcpu 1 RAX=00000000000ae5e1 RBX=0000000000000001 RCX=ffffffff848238d7 RDX=0000000000000000 RSI=0000000000000000 RDI=ffffffff812ad1ed RBP=dffffc0000000000 RSP=ffff8880096c7e68 R8 =0000000000000001 R9 =ffffed100d9e6c70 R10=ffff88806cf36383 R11=0000000000000000 R12=ffffffff863f2748 R13=1ffff110012d8fd2 R14=0000000000000000 R15=0000000000000000 RIP=ffffffff8482487e RFL=00000206 [-----P-] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 0000000000000000 00000000 00000000 GS =0000 ffff88806cf00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=0000563edd3984ec CR3=0000000015f2e000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001fa0 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=00000000000000000000000000000000 XMM01=00000000000000000000000000000000 XMM02=000000000000000041168fc000000000 XMM03=0000ff00000000000000000000000000 XMM04=732f6c61636f6c2f7273752f3d485441 XMM05=622f6c61636f6c2f7273752f3a6e6962 XMM06=73752f3a6e6962732f7273752f3a6e69 XMM07=6e69622f3a6e6962732f3a6e69622f72 XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000 XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000