Warning: Permanently added '[localhost]:62389' (ECDSA) to the list of known hosts. 2024/11/15 23:54:16 fuzzer started 2024/11/15 23:54:16 dialing manager at localhost:39771 syzkaller login: [ 75.224546] cgroup: Unknown subsys name 'net' [ 75.332983] cgroup: Unknown subsys name 'cpuset' [ 75.368233] cgroup: Unknown subsys name 'rlimit' 2024/11/15 23:54:34 syscalls: 2217 2024/11/15 23:54:34 code coverage: enabled 2024/11/15 23:54:34 comparison tracing: enabled 2024/11/15 23:54:34 extra coverage: enabled 2024/11/15 23:54:34 setuid sandbox: enabled 2024/11/15 23:54:34 namespace sandbox: enabled 2024/11/15 23:54:34 Android sandbox: enabled 2024/11/15 23:54:34 fault injection: enabled 2024/11/15 23:54:34 leak checking: enabled 2024/11/15 23:54:34 net packet injection: enabled 2024/11/15 23:54:34 net device setup: enabled 2024/11/15 23:54:34 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2024/11/15 23:54:34 devlink PCI setup: PCI device 0000:00:10.0 is not available 2024/11/15 23:54:34 USB emulation: enabled 2024/11/15 23:54:34 hci packet injection: enabled 2024/11/15 23:54:34 wifi device emulation: enabled 2024/11/15 23:54:34 802.15.4 emulation: enabled 2024/11/15 23:54:34 fetching corpus: 50, signal 21610/23383 (executing program) 2024/11/15 23:54:34 fetching corpus: 100, signal 31111/34485 (executing program) 2024/11/15 23:54:34 fetching corpus: 150, signal 37704/42591 (executing program) 2024/11/15 23:54:34 fetching corpus: 200, signal 42873/49198 (executing program) 2024/11/15 23:54:34 fetching corpus: 250, signal 46356/54144 (executing program) 2024/11/15 23:54:34 fetching corpus: 300, signal 52565/61520 (executing program) 2024/11/15 23:54:34 fetching corpus: 350, signal 56982/67122 (executing program) 2024/11/15 23:54:34 fetching corpus: 400, signal 60629/71949 (executing program) 2024/11/15 23:54:34 fetching corpus: 450, signal 63414/75913 (executing program) 2024/11/15 23:54:34 fetching corpus: 500, signal 67432/80944 (executing program) 2024/11/15 23:54:35 fetching corpus: 550, signal 70937/85413 (executing program) 2024/11/15 23:54:35 fetching corpus: 600, signal 74004/89454 (executing program) 2024/11/15 23:54:35 fetching corpus: 650, signal 75849/92304 (executing program) 2024/11/15 23:54:35 fetching corpus: 700, signal 78082/95498 (executing program) 2024/11/15 23:54:35 fetching corpus: 750, signal 80137/98470 (executing program) 2024/11/15 23:54:35 fetching corpus: 800, signal 84303/103203 (executing program) 2024/11/15 23:54:35 fetching corpus: 850, signal 87082/106688 (executing program) 2024/11/15 23:54:35 fetching corpus: 900, signal 89630/109945 (executing program) 2024/11/15 23:54:35 fetching corpus: 950, signal 92380/113312 (executing program) 2024/11/15 23:54:35 fetching corpus: 1000, signal 94331/116040 (executing program) 2024/11/15 23:54:35 fetching corpus: 1050, signal 95863/118381 (executing program) 2024/11/15 23:54:36 fetching corpus: 1100, signal 97600/120809 (executing program) 2024/11/15 23:54:36 fetching corpus: 1150, signal 99570/123362 (executing program) 2024/11/15 23:54:36 fetching corpus: 1200, signal 101350/125769 (executing program) 2024/11/15 23:54:36 fetching corpus: 1250, signal 102141/127392 (executing program) 2024/11/15 23:54:36 fetching corpus: 1300, signal 103899/129767 (executing program) 2024/11/15 23:54:36 fetching corpus: 1350, signal 105202/131720 (executing program) 2024/11/15 23:54:36 fetching corpus: 1400, signal 106488/133691 (executing program) 2024/11/15 23:54:36 fetching corpus: 1450, signal 107283/135230 (executing program) 2024/11/15 23:54:36 fetching corpus: 1500, signal 108501/137068 (executing program) 2024/11/15 23:54:36 fetching corpus: 1550, signal 109597/138762 (executing program) 2024/11/15 23:54:36 fetching corpus: 1600, signal 110863/140564 (executing program) 2024/11/15 23:54:36 fetching corpus: 1650, signal 111855/142139 (executing program) 2024/11/15 23:54:37 fetching corpus: 1700, signal 114273/144688 (executing program) 2024/11/15 23:54:37 fetching corpus: 1750, signal 115050/146085 (executing program) 2024/11/15 23:54:37 fetching corpus: 1800, signal 115975/147606 (executing program) 2024/11/15 23:54:37 fetching corpus: 1850, signal 117011/149130 (executing program) 2024/11/15 23:54:37 fetching corpus: 1900, signal 118355/150834 (executing program) 2024/11/15 23:54:37 fetching corpus: 1950, signal 119508/152375 (executing program) 2024/11/15 23:54:37 fetching corpus: 2000, signal 120772/153998 (executing program) 2024/11/15 23:54:37 fetching corpus: 2050, signal 121416/155194 (executing program) 2024/11/15 23:54:37 fetching corpus: 2100, signal 122223/156467 (executing program) 2024/11/15 23:54:37 fetching corpus: 2150, signal 123195/157851 (executing program) 2024/11/15 23:54:38 fetching corpus: 2200, signal 123932/159074 (executing program) 2024/11/15 23:54:38 fetching corpus: 2250, signal 124778/160360 (executing program) 2024/11/15 23:54:38 fetching corpus: 2300, signal 125615/161607 (executing program) 2024/11/15 23:54:38 fetching corpus: 2350, signal 126275/162736 (executing program) 2024/11/15 23:54:38 fetching corpus: 2400, signal 127119/163970 (executing program) 2024/11/15 23:54:38 fetching corpus: 2450, signal 128195/165254 (executing program) 2024/11/15 23:54:38 fetching corpus: 2500, signal 129282/166549 (executing program) 2024/11/15 23:54:38 fetching corpus: 2550, signal 129669/167488 (executing program) 2024/11/15 23:54:38 fetching corpus: 2600, signal 130673/168733 (executing program) 2024/11/15 23:54:39 fetching corpus: 2650, signal 131400/169796 (executing program) 2024/11/15 23:54:39 fetching corpus: 2700, signal 132190/170862 (executing program) 2024/11/15 23:54:39 fetching corpus: 2750, signal 133150/172061 (executing program) 2024/11/15 23:54:39 fetching corpus: 2800, signal 134000/173180 (executing program) 2024/11/15 23:54:39 fetching corpus: 2850, signal 134482/174146 (executing program) 2024/11/15 23:54:39 fetching corpus: 2900, signal 135223/175156 (executing program) 2024/11/15 23:54:39 fetching corpus: 2950, signal 136008/176161 (executing program) 2024/11/15 23:54:39 fetching corpus: 3000, signal 136527/177064 (executing program) 2024/11/15 23:54:40 fetching corpus: 3050, signal 137313/178082 (executing program) 2024/11/15 23:54:40 fetching corpus: 3100, signal 137849/178916 (executing program) 2024/11/15 23:54:40 fetching corpus: 3150, signal 138566/179851 (executing program) 2024/11/15 23:54:40 fetching corpus: 3200, signal 139166/180776 (executing program) 2024/11/15 23:54:40 fetching corpus: 3250, signal 139620/181580 (executing program) 2024/11/15 23:54:40 fetching corpus: 3300, signal 140133/182388 (executing program) 2024/11/15 23:54:40 fetching corpus: 3350, signal 140623/183224 (executing program) 2024/11/15 23:54:40 fetching corpus: 3400, signal 141181/184029 (executing program) 2024/11/15 23:54:41 fetching corpus: 3450, signal 141598/184797 (executing program) 2024/11/15 23:54:41 fetching corpus: 3500, signal 142139/185602 (executing program) 2024/11/15 23:54:41 fetching corpus: 3550, signal 142884/186466 (executing program) 2024/11/15 23:54:41 fetching corpus: 3600, signal 143535/187293 (executing program) 2024/11/15 23:54:41 fetching corpus: 3650, signal 144244/188093 (executing program) 2024/11/15 23:54:41 fetching corpus: 3700, signal 144812/188862 (executing program) 2024/11/15 23:54:41 fetching corpus: 3750, signal 145264/189596 (executing program) 2024/11/15 23:54:41 fetching corpus: 3800, signal 145731/190302 (executing program) 2024/11/15 23:54:41 fetching corpus: 3850, signal 146410/191038 (executing program) 2024/11/15 23:54:42 fetching corpus: 3900, signal 146992/191734 (executing program) 2024/11/15 23:54:42 fetching corpus: 3950, signal 147525/192426 (executing program) 2024/11/15 23:54:42 fetching corpus: 4000, signal 148009/193101 (executing program) 2024/11/15 23:54:42 fetching corpus: 4050, signal 148496/193735 (executing program) 2024/11/15 23:54:42 fetching corpus: 4100, signal 148896/194358 (executing program) 2024/11/15 23:54:42 fetching corpus: 4150, signal 149417/195006 (executing program) 2024/11/15 23:54:42 fetching corpus: 4200, signal 149921/195686 (executing program) 2024/11/15 23:54:42 fetching corpus: 4250, signal 150395/196286 (executing program) 2024/11/15 23:54:42 fetching corpus: 4300, signal 150768/196886 (executing program) 2024/11/15 23:54:42 fetching corpus: 4350, signal 151056/197430 (executing program) 2024/11/15 23:54:43 fetching corpus: 4400, signal 151727/198055 (executing program) 2024/11/15 23:54:43 fetching corpus: 4450, signal 152105/198600 (executing program) 2024/11/15 23:54:43 fetching corpus: 4500, signal 152538/199196 (executing program) 2024/11/15 23:54:43 fetching corpus: 4550, signal 152850/199752 (executing program) 2024/11/15 23:54:43 fetching corpus: 4600, signal 153153/200295 (executing program) 2024/11/15 23:54:43 fetching corpus: 4650, signal 153644/200827 (executing program) 2024/11/15 23:54:43 fetching corpus: 4700, signal 153944/201355 (executing program) 2024/11/15 23:54:43 fetching corpus: 4750, signal 154257/201861 (executing program) 2024/11/15 23:54:43 fetching corpus: 4800, signal 154854/202400 (executing program) 2024/11/15 23:54:43 fetching corpus: 4850, signal 155253/202910 (executing program) 2024/11/15 23:54:44 fetching corpus: 4900, signal 155906/203407 (executing program) 2024/11/15 23:54:44 fetching corpus: 4950, signal 156364/203886 (executing program) 2024/11/15 23:54:44 fetching corpus: 5000, signal 156763/204352 (executing program) 2024/11/15 23:54:44 fetching corpus: 5050, signal 157127/204845 (executing program) 2024/11/15 23:54:44 fetching corpus: 5100, signal 157412/205317 (executing program) 2024/11/15 23:54:44 fetching corpus: 5150, signal 157741/205703 (executing program) 2024/11/15 23:54:44 fetching corpus: 5200, signal 157979/205703 (executing program) 2024/11/15 23:54:44 fetching corpus: 5250, signal 158583/205703 (executing program) 2024/11/15 23:54:44 fetching corpus: 5300, signal 159000/205703 (executing program) 2024/11/15 23:54:44 fetching corpus: 5350, signal 159288/205703 (executing program) 2024/11/15 23:54:45 fetching corpus: 5400, signal 159591/205703 (executing program) 2024/11/15 23:54:45 fetching corpus: 5450, signal 159922/205703 (executing program) 2024/11/15 23:54:45 fetching corpus: 5500, signal 160397/205703 (executing program) 2024/11/15 23:54:45 fetching corpus: 5550, signal 160754/205703 (executing program) 2024/11/15 23:54:45 fetching corpus: 5600, signal 161694/205703 (executing program) 2024/11/15 23:54:45 fetching corpus: 5650, signal 161995/205703 (executing program) 2024/11/15 23:54:45 fetching corpus: 5700, signal 162619/205703 (executing program) 2024/11/15 23:54:45 fetching corpus: 5750, signal 162829/205703 (executing program) 2024/11/15 23:54:45 fetching corpus: 5800, signal 163220/205703 (executing program) 2024/11/15 23:54:45 fetching corpus: 5850, signal 163476/205703 (executing program) 2024/11/15 23:54:45 fetching corpus: 5900, signal 163773/205703 (executing program) 2024/11/15 23:54:45 fetching corpus: 5950, signal 164306/205703 (executing program) 2024/11/15 23:54:46 fetching corpus: 6000, signal 164590/205703 (executing program) 2024/11/15 23:54:46 fetching corpus: 6050, signal 164857/205703 (executing program) 2024/11/15 23:54:46 fetching corpus: 6100, signal 165450/205703 (executing program) 2024/11/15 23:54:46 fetching corpus: 6150, signal 165725/205703 (executing program) 2024/11/15 23:54:46 fetching corpus: 6200, signal 166233/205703 (executing program) 2024/11/15 23:54:46 fetching corpus: 6250, signal 167566/205703 (executing program) 2024/11/15 23:54:46 fetching corpus: 6300, signal 167798/205703 (executing program) 2024/11/15 23:54:46 fetching corpus: 6350, signal 168129/205703 (executing program) 2024/11/15 23:54:46 fetching corpus: 6400, signal 168390/205703 (executing program) 2024/11/15 23:54:47 fetching corpus: 6450, signal 168733/205703 (executing program) 2024/11/15 23:54:47 fetching corpus: 6500, signal 169012/205703 (executing program) 2024/11/15 23:54:47 fetching corpus: 6550, signal 169335/205703 (executing program) 2024/11/15 23:54:47 fetching corpus: 6600, signal 169684/205703 (executing program) 2024/11/15 23:54:47 fetching corpus: 6650, signal 170117/205703 (executing program) 2024/11/15 23:54:47 fetching corpus: 6700, signal 170402/205703 (executing program) 2024/11/15 23:54:47 fetching corpus: 6750, signal 170779/205703 (executing program) 2024/11/15 23:54:47 fetching corpus: 6800, signal 171042/205703 (executing program) 2024/11/15 23:54:47 fetching corpus: 6850, signal 171326/205703 (executing program) 2024/11/15 23:54:48 fetching corpus: 6900, signal 171592/205703 (executing program) 2024/11/15 23:54:48 fetching corpus: 6950, signal 171840/205703 (executing program) 2024/11/15 23:54:48 fetching corpus: 7000, signal 172489/205703 (executing program) 2024/11/15 23:54:48 fetching corpus: 7050, signal 172754/205703 (executing program) 2024/11/15 23:54:48 fetching corpus: 7100, signal 173091/205703 (executing program) 2024/11/15 23:54:48 fetching corpus: 7150, signal 173381/205703 (executing program) 2024/11/15 23:54:48 fetching corpus: 7200, signal 173618/205703 (executing program) 2024/11/15 23:54:48 fetching corpus: 7250, signal 173864/205703 (executing program) 2024/11/15 23:54:48 fetching corpus: 7300, signal 174112/205703 (executing program) 2024/11/15 23:54:48 fetching corpus: 7350, signal 174477/205703 (executing program) 2024/11/15 23:54:48 fetching corpus: 7400, signal 174712/205703 (executing program) 2024/11/15 23:54:48 fetching corpus: 7450, signal 174923/205703 (executing program) 2024/11/15 23:54:48 fetching corpus: 7500, signal 175121/205703 (executing program) 2024/11/15 23:54:49 fetching corpus: 7550, signal 175690/205703 (executing program) 2024/11/15 23:54:49 fetching corpus: 7600, signal 175873/205703 (executing program) 2024/11/15 23:54:49 fetching corpus: 7650, signal 176477/205703 (executing program) 2024/11/15 23:54:49 fetching corpus: 7700, signal 176820/205703 (executing program) 2024/11/15 23:54:49 fetching corpus: 7750, signal 177038/205703 (executing program) 2024/11/15 23:54:49 fetching corpus: 7800, signal 177286/205703 (executing program) 2024/11/15 23:54:49 fetching corpus: 7850, signal 177651/205703 (executing program) 2024/11/15 23:54:49 fetching corpus: 7900, signal 177869/205703 (executing program) 2024/11/15 23:54:49 fetching corpus: 7950, signal 178039/205703 (executing program) 2024/11/15 23:54:49 fetching corpus: 8000, signal 178457/205703 (executing program) 2024/11/15 23:54:50 fetching corpus: 8050, signal 178764/205703 (executing program) 2024/11/15 23:54:50 fetching corpus: 8100, signal 179069/205703 (executing program) 2024/11/15 23:54:50 fetching corpus: 8150, signal 179239/205703 (executing program) 2024/11/15 23:54:50 fetching corpus: 8200, signal 179446/205703 (executing program) 2024/11/15 23:54:50 fetching corpus: 8250, signal 179699/205703 (executing program) 2024/11/15 23:54:50 fetching corpus: 8300, signal 179883/205703 (executing program) 2024/11/15 23:54:50 fetching corpus: 8350, signal 180204/205703 (executing program) 2024/11/15 23:54:50 fetching corpus: 8400, signal 180394/205703 (executing program) 2024/11/15 23:54:50 fetching corpus: 8450, signal 180589/205703 (executing program) 2024/11/15 23:54:50 fetching corpus: 8500, signal 180773/205703 (executing program) 2024/11/15 23:54:51 fetching corpus: 8550, signal 181933/205703 (executing program) 2024/11/15 23:54:51 fetching corpus: 8600, signal 182197/205703 (executing program) 2024/11/15 23:54:51 fetching corpus: 8650, signal 182454/205703 (executing program) 2024/11/15 23:54:51 fetching corpus: 8700, signal 182681/205703 (executing program) 2024/11/15 23:54:51 fetching corpus: 8750, signal 182877/205703 (executing program) 2024/11/15 23:54:51 fetching corpus: 8800, signal 183126/205703 (executing program) 2024/11/15 23:54:51 fetching corpus: 8850, signal 183346/205703 (executing program) 2024/11/15 23:54:51 fetching corpus: 8900, signal 183697/205703 (executing program) 2024/11/15 23:54:51 fetching corpus: 8950, signal 183881/205703 (executing program) 2024/11/15 23:54:51 fetching corpus: 9000, signal 184162/205703 (executing program) 2024/11/15 23:54:51 fetching corpus: 9050, signal 184410/205703 (executing program) 2024/11/15 23:54:52 fetching corpus: 9100, signal 184619/205703 (executing program) 2024/11/15 23:54:52 fetching corpus: 9150, signal 184854/205703 (executing program) 2024/11/15 23:54:52 fetching corpus: 9200, signal 185018/205703 (executing program) 2024/11/15 23:54:52 fetching corpus: 9250, signal 185148/205703 (executing program) 2024/11/15 23:54:52 fetching corpus: 9300, signal 185484/205703 (executing program) 2024/11/15 23:54:52 fetching corpus: 9350, signal 185730/205703 (executing program) 2024/11/15 23:54:52 fetching corpus: 9400, signal 185948/205703 (executing program) 2024/11/15 23:54:52 fetching corpus: 9450, signal 186214/205703 (executing program) 2024/11/15 23:54:52 fetching corpus: 9500, signal 186501/205703 (executing program) 2024/11/15 23:54:52 fetching corpus: 9550, signal 186615/205703 (executing program) 2024/11/15 23:54:52 fetching corpus: 9600, signal 186829/205703 (executing program) 2024/11/15 23:54:52 fetching corpus: 9650, signal 187073/205703 (executing program) 2024/11/15 23:54:53 fetching corpus: 9700, signal 187299/205703 (executing program) 2024/11/15 23:54:53 fetching corpus: 9750, signal 187717/205703 (executing program) 2024/11/15 23:54:53 fetching corpus: 9800, signal 187894/205703 (executing program) 2024/11/15 23:54:53 fetching corpus: 9850, signal 188075/205703 (executing program) 2024/11/15 23:54:53 fetching corpus: 9900, signal 188230/205703 (executing program) 2024/11/15 23:54:53 fetching corpus: 9950, signal 188440/205703 (executing program) 2024/11/15 23:54:53 fetching corpus: 10000, signal 188631/205703 (executing program) 2024/11/15 23:54:53 fetching corpus: 10050, signal 188832/205703 (executing program) 2024/11/15 23:54:53 fetching corpus: 10100, signal 188976/205703 (executing program) 2024/11/15 23:54:53 fetching corpus: 10150, signal 189118/205703 (executing program) 2024/11/15 23:54:53 fetching corpus: 10200, signal 189263/205703 (executing program) 2024/11/15 23:54:53 fetching corpus: 10250, signal 189590/205703 (executing program) 2024/11/15 23:54:54 fetching corpus: 10300, signal 189809/205703 (executing program) 2024/11/15 23:54:54 fetching corpus: 10350, signal 189957/205703 (executing program) 2024/11/15 23:54:54 fetching corpus: 10400, signal 190184/205703 (executing program) 2024/11/15 23:54:54 fetching corpus: 10450, signal 190414/205703 (executing program) 2024/11/15 23:54:54 fetching corpus: 10500, signal 190614/205703 (executing program) 2024/11/15 23:54:54 fetching corpus: 10550, signal 190797/205703 (executing program) 2024/11/15 23:54:54 fetching corpus: 10600, signal 190996/205703 (executing program) 2024/11/15 23:54:54 fetching corpus: 10650, signal 191223/205703 (executing program) 2024/11/15 23:54:54 fetching corpus: 10700, signal 191451/205703 (executing program) 2024/11/15 23:54:54 fetching corpus: 10750, signal 191616/205703 (executing program) 2024/11/15 23:54:54 fetching corpus: 10750, signal 191616/205703 (executing program) 2024/11/15 23:54:58 starting 8 fuzzer processes 23:54:58 executing program 1: r0 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000040)=@IORING_OP_FILES_UPDATE={0x14, 0x0, 0x0, 0x0, 0x4, &(0x7f0000000000)=[0xffffffffffffffff, 0xffffffffffffffff], 0x2, 0x0, 0x0, {0x0, r0}}, 0x4) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000000080)={0x0, ""/256, 0x0, 0x0, 0x0, 0x0, ""/16, ""/16, ""/16, 0x0, 0x0}) clone3(&(0x7f00000004c0)={0x0, &(0x7f0000000280)=0xffffffffffffffff, &(0x7f00000002c0), &(0x7f0000000300), {0x14}, &(0x7f0000000340)=""/32, 0x20, &(0x7f0000000380)=""/238, &(0x7f0000000480)=[0x0], 0x1}, 0x58) r4 = openat$sr(0xffffffffffffff9c, &(0x7f0000000540), 0x1b1800, 0x0) ioctl$BTRFS_IOC_TREE_SEARCH(r4, 0xd0009411, &(0x7f0000000580)={{r1, 0x101, 0x5, 0x2, 0x5, 0x8a, 0x8c, 0x4, 0xec6, 0x6, 0x100, 0x7, 0x20, 0x5513a03f, 0x10000}}) fsetxattr(r4, &(0x7f0000001580)=@random={'system.', '\x00'}, &(0x7f00000015c0)='-:\x8b($-&#\x11\\\x00', 0xb, 0x7) r5 = syz_open_dev$mouse(&(0x7f0000001600), 0x2, 0x100) r6 = io_uring_register$IORING_REGISTER_PERSONALITY(r5, 0x9, 0x0, 0x0) setsockopt$packet_fanout_data(r5, 0x107, 0x16, &(0x7f0000001680)={0x4, &(0x7f0000001640)=[{0x7, 0xc4, 0xff, 0x7}, {0x5, 0x4, 0x0, 0x6}, {0x0, 0x7f, 0x3, 0x400}, {0x3, 0x63, 0x9, 0x7f}]}, 0x10) r7 = openat$null(0xffffffffffffff9c, &(0x7f00000016c0), 0x4000, 0x0) io_uring_register$IORING_UNREGISTER_PERSONALITY(r7, 0xa, 0x0, r6) r8 = io_uring_setup(0x2843, &(0x7f0000001700)={0x0, 0xd5a1, 0x20, 0x3, 0x9d, 0x0, r7}) r9 = syz_io_uring_setup(0x69d0, &(0x7f0000001780)={0x0, 0x6a83, 0x10, 0x0, 0x1d3, 0x0, r8}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000001800), &(0x7f0000001840)=0x0) read(r5, &(0x7f0000001880)=""/199, 0xc7) io_uring_register$IORING_UNREGISTER_PERSONALITY(r8, 0xa, 0x0, r6) r11 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x100010, r9, 0x8000000) syz_io_uring_submit(r11, r10, &(0x7f0000001980)=@IORING_OP_POLL_ADD={0x6, 0x1, 0x0, @fd=r3, 0x0, 0x0, 0x0, {0x4000}, 0x0, {0x0, r0}}, 0x6) ioctl$EXT4_IOC_GROUP_EXTEND(r8, 0x40086607, &(0x7f00000019c0)=0x6776) ioctl$BTRFS_IOC_SET_RECEIVED_SUBVOL(r7, 0xc0c89425, &(0x7f0000001c00)={"f32a8abaf732c5162dbb86fe9248ff25", r2, 0x0, {0x533353af, 0x8}, {0x87, 0x5}, 0x5, [0x4, 0x5, 0x1, 0x1, 0x7, 0x1, 0x6, 0x5, 0x6, 0x3ff, 0x9, 0x2, 0x1, 0x7fff, 0xed3b, 0x20]}) 23:54:58 executing program 0: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$NL80211_CMD_VENDOR(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000140)={&(0x7f0000000080)={0x94, r0, 0x20, 0x70bd27, 0x25dfdbfc, {{}, {@void, @val={0x8}, @val={0xc, 0x99, {0xadd9, 0x40}}}}, [@NL80211_ATTR_VENDOR_SUBCMD={0x8, 0xc4, 0x800}, @NL80211_ATTR_VENDOR_SUBCMD={0x8, 0xc4, 0x8}, @NL80211_ATTR_VENDOR_SUBCMD={0x8, 0xc4, 0x10000}, @NL80211_ATTR_VENDOR_DATA={0x43, 0xc5, "a7b26874f1d36eb5e42214ee623914cb12bc26608919e94b644fb405334f72d39b1a1696c24a2318298cdf4fedad2eca1d5ead9a791f2b7f34810add99205b"}, @NL80211_ATTR_VENDOR_SUBCMD={0x8, 0xc4, 0x1}, @NL80211_ATTR_VENDOR_ID={0x8, 0xc3, 0x2}]}, 0x94}, 0x1, 0x0, 0x0, 0x84}, 0x4000) ioctl$sock_SIOCSIFVLAN_GET_VLAN_INGRESS_PRIORITY_CMD(0xffffffffffffffff, 0x8983, &(0x7f00000001c0)) ioctl$sock_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f0000000240)={0x0, @ax25={0x3, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, 0x8}, @tipc=@name={0x1e, 0x2, 0x1, {{0x40, 0x4}}}, @vsock={0x28, 0x0, 0xffffffff}, 0x0, 0x0, 0x0, 0x0, 0x7f, &(0x7f0000000200)='batadv_slave_1\x00', 0xe7, 0x2}) ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000580)=0x0) r2 = getpgrp(0x0) ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f00000005c0)=0x0) clock_gettime(0x0, &(0x7f0000001b00)={0x0, 0x0}) recvmmsg$unix(0xffffffffffffffff, &(0x7f0000001ac0)=[{{&(0x7f0000000640), 0x6e, &(0x7f0000001940)=[{&(0x7f00000006c0)=""/212, 0xd4}, {&(0x7f00000007c0)=""/4096, 0x1000}, {&(0x7f00000017c0)=""/79, 0x4f}, {&(0x7f0000001840)=""/160, 0xa0}, {&(0x7f0000001900)=""/9, 0x9}], 0x5, &(0x7f00000019c0)=[@rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x10}}, @cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}], 0xf8}}], 0x1, 0x12040, &(0x7f0000001b40)={r4, r5+60000000}) clone3(&(0x7f0000001b80)={0x14000000, &(0x7f00000002c0), &(0x7f0000000300)=0x0, &(0x7f0000000340)=0x0, {0x35}, &(0x7f0000000380)=""/193, 0xc1, &(0x7f0000000480)=""/204, &(0x7f0000000600)=[r1, 0x0, r2, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, r3], 0x7, {r8}}, 0x58) capget(&(0x7f0000001c00)={0x20071026, r2}, &(0x7f0000001c40)={0x8, 0x2, 0x7de, 0x401, 0x3f, 0x786}) sendmsg$NL80211_CMD_VENDOR(r6, &(0x7f0000001d40)={&(0x7f0000001c80)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000001d00)={&(0x7f0000001cc0)={0x34, r0, 0x1, 0x70bd2a, 0x2, {{}, {@val={0x8, 0x1, 0x50}, @val={0x8}, @void}}, [@NL80211_ATTR_VENDOR_SUBCMD={0x8, 0xc4, 0x40}, @NL80211_ATTR_VENDOR_ID={0x8, 0xc3, 0x6}]}, 0x34}, 0x1, 0x0, 0x0, 0x44}, 0x20000040) getsockopt$sock_cred(r9, 0x1, 0x11, &(0x7f0000001d80), &(0x7f0000001dc0)=0xc) rt_sigqueueinfo(r11, 0x20, &(0x7f0000001e00)={0x15, 0x13, 0x1}) r12 = syz_open_procfs$userns(r10, &(0x7f0000001e80)) r13 = openat$cdrom(0xffffffffffffff9c, &(0x7f0000001ec0), 0x800, 0x0) fcntl$F_GET_FILE_RW_HINT(r13, 0x40d, &(0x7f0000001f00)) r14 = syz_genetlink_get_family_id$nl80211(&(0x7f0000001f80), r8) sendmsg$NL80211_CMD_VENDOR(r7, &(0x7f0000002080)={&(0x7f0000001f40)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000002040)={&(0x7f0000001fc0)={0x70, r14, 0x4, 0x70bd2c, 0x25dfdbfe, {{}, {@void, @void, @val={0xc, 0x99, {0x3, 0x30}}}}, [@NL80211_ATTR_VENDOR_ID={0x8, 0xc3, 0x8}, @NL80211_ATTR_VENDOR_DATA={0x40, 0xc5, "89356312fc324e2de4ff038366381ad51cd6548bf30bdd55fe098ed22ecc8ba6d4329946db97b218b94c8c65dc153cbe0ab1ca0f1d0a237e6201c79b"}, @NL80211_ATTR_VENDOR_ID={0x8, 0xc3, 0xffffff2f}]}, 0x70}, 0x1, 0x0, 0x0, 0x800}, 0x20000004) mount_setattr(r8, &(0x7f00000020c0)='./file0\x00', 0x9800, &(0x7f0000002100)={0x100084, 0x4, 0x160000, {r12}}, 0x20) 23:54:58 executing program 2: mknodat$loop(0xffffffffffffffff, &(0x7f0000000000)='./file0\x00', 0x6000, 0x0) name_to_handle_at(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080)=@reiserfs_2={0x8, 0x2, {0xa25b, 0x3}}, &(0x7f00000000c0), 0x1000) fsetxattr$trusted_overlay_redirect(0xffffffffffffffff, &(0x7f0000000100), &(0x7f0000000140)='./file0\x00', 0x8, 0x3) getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, &(0x7f0000000200)={{{@in6=@dev, @in6=@private0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@multicast1}, 0x0, @in=@local}}, &(0x7f0000000300)=0xe8) r1 = getegid() r2 = getegid() fstat(0xffffffffffffffff, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) setxattr$system_posix_acl(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='system.posix_acl_default\x00', &(0x7f0000000440)={{}, {0x1, 0x5}, [{0x2, 0x2}, {0x2, 0x97dbc53228710724, r0}], {0x4, 0x7}, [{0x8, 0x2, 0xee01}, {0x8, 0x4, r1}, {0x8, 0x6, r2}, {0x8, 0x1, 0xffffffffffffffff}, {0x8, 0x0, r4}], {0x10, 0x4}, {0x20, 0x1}}, 0x5c, 0x3) r5 = syz_mount_image$vfat(&(0x7f00000004c0), &(0x7f0000000500)='./file0\x00', 0x7, 0x8, &(0x7f0000001980)=[{&(0x7f0000000540)="57f303df891d0acdb1f0ca316cfaf958a3ea7057f56f1884ba1f3bd29bbfadb882e10e5cadcd5845d4780ed918a324ab909e352a429ff43a1d0c8d61d4d77331518b7dcc6d4db59868fbfcdf3eadc4aa46882f5b044401bad5be3b579270542648b8f23c03f4dc35eb25238cb61cd482d124d50f6e1d162f53ebce5d635420791c228882f70e9bc493c8fde02c0d5a447ff90d87c0d72e72f9f2f2ec92a5bffb43b82b40ba4c2c59e6a3b59b7a57cd5bb0", 0xb1, 0x3}, {&(0x7f0000000600)="dd147f8f703b5daa1fad6cec505917f41b5509e2bd6f8c9e0cd4a006e22c150bbbdd16e37132bde56dff9bd26f0ab098c25346a6ae9e92498cf89cb687d3e71dd46e3f95c6c579ab18b700273f6c0a09ca5318892cae0ba03c95f00fedaefd29ded615f683e66317090a1f591ba5ef8e4900ceebc3c4b5af573cddf962bae041d14c7772bb18eab3affd7687fe4faf3f98edebf21f5313458e692a5315f397bfa6", 0xa1, 0x9}, {&(0x7f00000006c0)="affaf1948e9a35231ea3a786186a6f330a141b6bc3e94de0fbc84a9e3541d764c7e6a71917b53e0bc8b881ca3eb3c8", 0x2f, 0xffffffffabb55032}, {&(0x7f0000000700)="b0249cde25e0d5399b9e6e4d767706ffdaf80c162b4d7f5a416d7819c5fb5e87264a429f814b19075a0914e40bda25672e00ad494c27ed61a7fa35b9b182f8c113fe751973f6233b4f6eaa9dd0e7d2e005ea6ef55f07daa2a4546778ad52f3383f52ac0c0649a12359b9d37792ef5eb606b04a5a1ac16ff43eabf26c0f97dfd765ada66e922712eaf631647a9204c38b66fe77ed2a6ca13e686e445dc348ed983a538273ff18536b99efcf8df2f969355d9f3da1bcf354beb138e5f3f5e4f91a9e56f1046b399249b47120c149b071781bf3c64b781a1f51e603a61fef425a754345c623f2141871c9381c2e225909a2624259ed6803fc11eab90cef5c17561956a1b1e5196d5429c2ea4e18c428593c055de94624ae0f313ddf9f292234b35e924a4d335fe440bb5d3549ad05eb1feb3d431ec471a5202876771f4338f7a982ca832027666faf6f58b595f94c7a80d9ee2158ba986c04abfb279c1c96c3dabf72aaa9693917331a5df180c05f50078fb3962008bcd5b29f719f7a7555a76eee27420ef479c82d5b4598c2e78865a1c294d53a457b66c818cc22476f36701aa6fc99bc5c5b2a0874ae721fdc20178f9346d8e6cc00f7b409f36cd7ec616139fefc2219e9b973f47bfd1d43efbd48fd82464c619141002aa136626e4a9f1fc568fc0257dd55833a796d8cf23569f011453907fb757a2ef212d383195d006ed17c5d7b2c0c9c657a840f3a694b8849034938a9b4f7748398a73fb6810ebf0bd75309f83219f51ea0a3bfd814c247c5dc3977fdba803d74ffac7e46822aa9cd35bd207f1a838b584c3a402bb62b0cf07973c17e4b02fdc3c44c08d812c157a94030fd8aff7e9a6da69f49697413949dc3b4b77ec1d4b7b8717487d60a46bcbdd72ed9f536a253d5dd0da98583854f7a0e9ceed58c5a1c662ad5567a51746a8026b5c00aeead3b9fa2188776bf1757085020906b8e1b6435cdadc815eacc2e134fcee6f3e4ec16a11a0dc3c7e36adcbf173faf467d33aa29683227f08a53879d1f632fecbbf3b953eb20d39bdd014e63ab2c6773f0824af7c2a2e8b1eab67e56884b99bc7bfa8ecd998b02a2110c5669a32e1c9a1ce800f1242bbdf52d5e2f8163a19f2aae203107cc4c195f77cbbe3183f247d044ab34157087a766f70405a13b1f7f3d20ac9556e5c9e49b75a583b36f98ff796d8387886a37f44d1b12436209cf157364647051ec873657f0d6e9b1e6458de7d1242daa9fe47ee993964747fb55ff04b120b8f874cfa9d1830f31dba81572f8b9a84774fe5384c9c9bb7df9fdd91f0efcf2cacbd6838aeb749eeeea5914d619c4861a3f4a9d3f249356da31c8c3ca3ad5c733974f2a9e49d64a1c36a3036507fba1c2c9408cac3d3c39114aae3e81bd3bf6fcd785adcbe9d712b8285fb4386932375a826cb8431a0b13716909a8c623cf4bac536b7014078d0ace0deacf247f887bf242d68df8d98f726d8f68a0513584d55cf46d214800e4eba62d03a9ee00bbf0205ca903af88a917eb84997ff59ead992f6e8fdd139a9b61f516e674277bb29ada8768b94cfef87513552fcc142c860ae8010d7a715d99a35b46ab4278ca6ad9e808f92c3db866b0e1c004ef3ec001c642cd4d5ebc92acda5b24817252b985ef95b8a4f3152cfb2ddd6799c9948c7c450194ae3f7f3af4d5abf66dbe576a11fab68f18de5b9cadcc472f1b579ed6985ef4c1de9407b33727f39de57f418b0f8c80a50bd700a98f9207f4657df89ba94f779fd6ea1130c38cb320e79c130d18575d26acdb281d5d4192dedd20be26176dd6fc9af32f0232621cc2899a13543f33807a003486ffd3bc1e1edcd1c3096b9f1c0d509954dc446b3284cf18e6ce692effc4279412d3536b89c5903396aaf475440c7d7c9e8c8af77a96b000f2e521f891f211778efd511ab77d628030a275406874136b5b5d0a4fdfb7834b67301486fb0d2dca6f9fbbc924bee84b6d27ea9ce0b555138bb58424e165b34bbf826c35dcb354f5c4b497b27c974300b073661a457a81898e8bd17fe04c009942020f03cd6bcba38d9a4d3737b5c58231bbcf814ba3164e364c73967d2e74a93e70fac50993a55d7e9a497f6feff3e484f3acc785f474b5a884b8c16eb009d775b143f1c375f35bb3daeb4185b1f906ab1000e22333a937c69dbb4c2cecf3b43a83ad32ad2199da18c2580d93e48553d4e81c72cad0a49e7d5c4af0f2c12141d9bfab2e695d99fdd7911555b6e1c351d521c465068472f37ee9e50b94e879c89dc8e14ef7b0c4c097aaa0fc60833e7624c230ce4cfc62267e1c081f27a24d87ffb91d67833f020b45ebd078df4857d581eb06707b682e76ca548a62f62868d74b28170bf989b8049b34cc6fa87ae4a8ea6d1c9ca46b91688f60158cc9630c6b7c620e41a2ae33ce878601e5d40f1814c5c90cf805dbe63d00263da87ee3f83e4c9c95b78a45cf54079cfc5557821eb36a40373d9356f261ef2a75a5a3f062469e0ae3418029e88ae2a3b19629077a9e64f1f6458572b57296a8b09737f26f5071bd0ab7723b1205d47369037b4743928bd2e2a2f38bb5a18d4fea4cab7964c7dfe3759d18d6a7a5470cef51e4573e19dc820e22ce3f48ab2d9b1dc9759d7dd75eed79228cb35f9b10db2b78ea720938efb436b84b92a4f3c2c90cbdbeea1e52cb63f5b0484c31e92652d8263e037310916b593a75d4d956e7895603fcae603ea3ea1a0535a2fd41491ec01327865bff813f9e5c1776065791262c4705597bd78d0c66ae8eb6e22065e07acd0a2be33d0df1a376b6b51a8f2c92d5e19d585b8045d950070533a555dcbcf06267662e65663639756ddf585a098bc1ddba0bcede36d67513f1e84cb61687dcf13de7f112b9042429bc02b37616b42392e229a1bda074f5c4b15115420ce3dfe84dfd74a10c403f565a898a4851480ae732f0f182028698eb3698e8333bd7cf593b9e5ee9bb8cabfa918d8c4f2900ce5d02ee2eb3cb2073d198c19bfb8619dca27a6ea328e75fd09c5635eb2638cc285764dd2643bb9ce7e3d9e56cbcb61bd6a0a2443df23ae8d6c081ecebae457042cbe760454ccf3c99c2980ed2b1e7fdde0ce4c0ff366068502089a8957b2a2e2a54fca14ff9c7638e950ddc369d0131228dcb44d09f99bddab2aaf1dc613c6d00a27057b3e3f62b5927b6b8c15f7afd0ab529f52ddd6c4b4acb7034a970aa671ee68ad03d7a8e7e4132ff25e3f48fd6fa69589fb3b94c53731a7f8250db172c13a55549526d75c746c6d8f0d13afd179af8a1fb3e6686ac6cfb9f978e15694a8c5dcb453cc03da1f8c99b2add92e54e9e626950a35bc239c42c4228fad85eb17d724a9ee5fcf39ecd2b247a176ef3db96f7657c8c92a5c265f9444e3431a336b11394eabf15e6f11642d8683bc09aa2cfa39fa870b2169d3fdb6f8f86fa0ca067811a070b1dd5b085ee96289233bb34c22722257a21cfde5e6702e0ba004c05c654a962975e23d98bdcd4e943a55756a714c706d93eaefe1bda27b1cff9670eefe077e9969c038e6e22ffdcda02b315943fa5e368444e5065cefb8f0ea8e8d10107638a34d1c786517f6d6e75f28e6a7b456de6cfbfb92cda58a8067d751abb1d00c3d47641c5b20101d062a2b6bc91f91dd13886605f183efc7cf27ffecdd3f83750fd7b8440d6b4722e45ec6bd159acf3c4faaba2f7771765a9f485e71ea62b586d372eda32384db5148edf105f3aa2ba5a3bb09e0118c78a2ed7f02d22176d7921063a2d069b87174b5a914114831efe11098bcb55254870cb62b18c08a4890193912b7238af89757458c2c2d1dbfaa32078f0c6a980ab167b2278bc348992c41551d9454243b0f7299ddc401928a740c34d8b7ebdf476e112bf0f7c727fad0cf2ed4a95da95e1f4bf936e85143eaf9124b5dbd184d94eef0fea8a2072f5e07b9fea303880e812feddcd40f6a6c7dee6c763c0943a18a7db2703e9a021b8bf78e7bce0972248c1e734dea47fa73d49e944947410fe9f65acf2acc3df24bd336975851b7d8bb83ff5b43d51fafbd788222d7edae7d08ba125a6d8b596d2ef4037c40274392038a9168b8de914bd181084f820f07a2da552cc386469f63c72e0f804ada9256648de9f7a0012ed45bc0f0f74606dc0da739727aeda6ffa8ba0e1ea444dcac96d4eeee39ba9f596daa606f35237ecedacfcdbcb9e6e3021734f4e44410575e46577acd09093916c97cb80f741a2e47f08a83df4455dce7f76ca3c3c2b82627170d4374e494d7fa91e41224db562a061331a705183468d7b267cc0c99830d2b18109c8e517a21d4554351d02a0190c0016df5015de97cd8dfb6c1c88485fc1e46ec5f57bc46ba840f6c8cd867ec0fa8e953e22e99904d80b8e961dc0d2da30779f6dc26488cdaf76f4b8fcd94dddc96acdf1863b84c3e63accfddfecac6150a26e210a0f931cca44014e35ad1e93c12e65fa91511c090204d0db19d3596f61b52c2ea7232edb1b26883690b2318b0e083ea5445a92fafee0c03ef4600df0e4ae978fe5c56c9a4541543894a5e4efefc14084b497d82090133d06ff732a80111f26f9b2ef597d7f905c160aa87ff2a476fc2d01dba781c1b3830544a1fd7bd0eb1a8fbf894ed69fe30394c94d46b64eb896b84503b1fbda874ea743b6dee0d5d810bc8fe5a946085f562020e14189f77c322d204408905e52cfe6fa32547a5f4f44c6d679b2bad7e7b5a3addfd6d3de7fd8e4a6073ad4e71bc0a4d5bf74c955d5237733e27c078aed4a3d284275aeacb451ee5cd14e12ed226cd5339bc47e164a52e0ef6408c5ba8c01abe3a74f6df68abb15fd32127cbdecfdc0c61c6afe2ae47727e1c630c088a94119c45d68cd7f605592da99d0f1ba3fe3bc9f05374c0899c07e9af898e3f5f9b8496022dee8d8b43938b48c9e22311831957058a7592910f9ea9b3f24c1344d2b4d8bf7941bfb3ec479c6ea54c374bc033c0e0e5628170bbedbcc7bdbba6e06709315b9026b3caa5eb1b66d63bed12b83e47f0d9b1080bb07859ce0aca692b42e559b96eecbce81d5eb872d53d9687cafa56462e6b76d5cf4defdb1d799fcf61d4fde3cd538f967f781bb1bd7813a4eb2f2e0d86238444e531032f055b97e055de3f28a22142a88ef94c8b7280a83b0690a06c073485f2dbd19d374736c58415789d8d4b5d17f2d29a2f5cefcd652b6f91d332b0611516450b090c29dbbbdb4b5ca4745dd648dbf2399107bcb09cc163f5eda963898441ece17f662677f68aff8df95ede300b7d58b47b91fbc7e1ec1f697350d832f8b46d6444848a96866326667428fec69888e0a8b3bb74927c505294421e467f6d1286d6b9cf4c56fe9fcf293ef3f99643056b103355f76d99a2f4465f322aae619d33a44772308a9002564188963fc8ad1c140bb1c75003db9cfbb2ec9c516ffeaf47a87dbe0abd369c492b94ee4548b2e6989f5baa432994d80fb61f1dcb8a52414f6b70a09f277643de37b40268fb0f1db079813e4eb3041cdada099d16af7ed3b447f7971fe316adad18aeb484a6ac5915add5ddb05d2be272851bc2c4f1420c3f4001ca789d3bd0859a6fd09ffe4912a49f7b8ca9684d67d598a8abb0e333ab037567c8d8355f6165468a14f44e44d950c2ae9447554a2d4842c7b5a6cfa4b09b57babc2e5760a206cda3e857b79b9465cd4765ac5675563f32d84ac8e164effb6ec516c78d1d0071eeda289b1e65627ba48056de680afccb99298268ca2fef1d44cfccd426bd35278a587d10b839b52", 0x1000, 0x7f}, {&(0x7f0000001700)="d47031bd259acaabdbfb4136358be41c46265de1113eaf6e40712fa31f8f6c01a1c8a40c6c97ed445671955fa19fbd13111bf347f45083c6ac256ec8c3a2e7216288db36106cf860a479bf8a7de570224836889c3878c226ccaccd4b66ad197f35edd2ffb7c7b970578e357402c8db77068d9165487b1845af1cf428c3226ffb3a7f5f424433e53a7ce70e84148a33604b14acd039bc2945ff0da498060660215a291498a4120aafe09f5db1cd96f95e5c01302beb2775acaa49", 0xba, 0x40}, {&(0x7f00000017c0)="96cdde0af7ec961415821b0a2e3b7261111bd67299c7671c7545e81066f884da22f505243eb0aa6ced4f30a8ac4e807c2743788a388d6bb84b612ccaeaadb20b0096c97296", 0x45, 0x40}, {&(0x7f0000001840)="645d9b46b4a556e7934469fc3ab4293d2b8d53b339ac1b0b35379f8c1c8200f0e062093dc348f07ab5e76ffad1e4230734c6da60c88ac83ecf2d17c8e90600abc6846607d1acb37d1979fd434da09eeb0e4d88872df34902ac58a0b42a40d3cd19415e2d2151af2afcc1cec182c43d68e24537895d71cf50b90e6b8c0106eb3b600f0f341f3b7e4e60d33ec6e137d4fa1c7fa4bd7401a9bf700cd603e0d7ea0ca3737f5e356de80cbca42f6ff5be4b1a8950444cae1b75c952d27b564086aa3baa042928f72701b0b72c99ec007495b8f681944bcc0dc81555ea726c5b3d780748c9bf6f8b124f28f520c08f24b5d427a9ec76724d2e05e44f512e5681", 0xfd, 0x101}, {&(0x7f0000001940)="460daffbe2d3105f551eaaf373ea456b92a7530b16390358a1ccc7dc74aadaf3f420781cb7", 0x25, 0x4}], 0x240000, &(0x7f0000001a40)={[{@iocharset={'iocharset', 0x3d, 'cp775'}}, {@shortname_mixed}, {@shortname_winnt}, {@shortname_lower}, {@utf8}, {@shortname_winnt}, {@iocharset={'iocharset', 0x3d, 'cp775'}}, {@uni_xlate}], [{@fsuuid={'fsuuid', 0x3d, {[0x30, 0x0, 0x30, 0x39, 0x30, 0x63, 0x66, 0x63], 0x2d, [0x65, 0x37, 0x32, 0x35], 0x2d, [0x38, 0x34, 0x64, 0x33], 0x2d, [0x63, 0x65, 0x36, 0x33], 0x2d, [0x62, 0x62, 0x66, 0x33, 0x36, 0x30, 0x63, 0x39]}}}]}) r6 = getegid() setsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000001b00)={0xffffffffffffffff, r3, r6}, 0xc) getdents64(r5, &(0x7f0000001b40)=""/161, 0xa1) renameat2(r5, &(0x7f0000001c00)='./file0\x00', r5, &(0x7f0000001c40)='./file0\x00', 0x4) ioctl$FS_IOC_GET_ENCRYPTION_NONCE(r5, 0x8010661b, &(0x7f0000001c80)) truncate(&(0x7f0000001cc0)='./file1\x00', 0x7) r7 = syz_mount_image$ext4(&(0x7f0000001d00)='ext3\x00', &(0x7f0000001d40)='./file1\x00', 0x101, 0x2, &(0x7f0000001f00)=[{&(0x7f0000001d80)="8d656be8f7052495153db07c92672500a594597f0d37f73cb6d9d512e84a29b015d2c1d30094a13fce78ca5fa628631af3284de83c52a612529ca3997251a76af2d1dc94b2211cc2fd7b64713d0be05d082f573353a39d091f368b0213d561ee22d549bb1375ce2ff87c9ef127e0fcf9700b2d9ec4d5ef8e580b40e610c99d79ae2e709dc4f02c27193dd14c98c7d1c13811f22abc88d5a81fe478f6313443", 0x9f, 0x5ee7}, {&(0x7f0000001e40)="2168988b8104bcfd02235bf35cdc2909852f521ed17de290f1d150b78a3b149c3fa33e6247af94b615e315d49d9b259c2186b95dc32b21083ecae204fae4ae97f1f28bc685c909bcb17f7273f791491407db5725f487e53636ad3cc2719aef66585d8c1f4299bf4ef58f9dcb2ccd818caffeaa974b7551d4eada19b1602a6a3b94b3382f58d9acf8a6d23356b24c3241630fca39d0b72609615041de1e6eeec6477e8d67722086aa2135", 0xaa, 0x4}], 0x2000000, &(0x7f0000001f40)={[{@nombcache}, {@grpjquota}, {@init_itable_val={'init_itable', 0x3d, 0x5}}, {@journal_async_commit}, {@norecovery}, {}], [{@mask={'mask', 0x3d, '^MAY_EXEC'}}]}) symlinkat(&(0x7f0000001fc0)='./file0\x00', r7, &(0x7f0000002000)='./file0\x00') llistxattr(&(0x7f0000002040)='./file1\x00', &(0x7f0000002080)=""/69, 0x45) ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000002100)={r5, 0x3f, 0x9, 0x5}) ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(r8, 0x89f0, &(0x7f0000002340)={'gre0\x00', &(0x7f0000002280)={'tunl0\x00', 0x0, 0x700, 0x10, 0x766f, 0xa9, {{0x27, 0x4, 0x2, 0x1b, 0x9c, 0x64, 0x0, 0x0, 0x29, 0x0, @local, @rand_addr=0x64010101, {[@generic={0x86, 0xc, "2df42daf1ecc36dacac5"}, @cipso={0x86, 0x62, 0x2, [{0x0, 0x10, "46a32371a88af4313ca0843fe5d2"}, {0x0, 0x12, "978f058a4d61f6878dcc5d6a8aef8c45"}, {0x7, 0x11, "1da0deac3b493522c2dc23d96f1999"}, {0x1, 0x11, "f34c341a4cb163d5e469149c340ccb"}, {0x7, 0x8, "d834f0bf87c8"}, {0x6, 0xa, "73b590a850e90fbc"}, {0x5, 0x3, "eb"}, {0x2, 0x3, "da"}]}, @ra={0x94, 0x4, 0x1}, @timestamp_prespec={0x44, 0x14, 0xa6, 0x3, 0x9, [{@multicast2, 0x9b3c}, {@broadcast, 0x8}]}]}}}}}) 23:54:58 executing program 4: fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) sendmsg$DEVLINK_CMD_RATE_SET(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x30, 0x0, 0x400, 0x70bd2b, 0x25dfdbff, {}, [@handle=@pci={{0x8}, {0x11}}]}, 0x30}, 0x1, 0x0, 0x0, 0x800}, 0x4000000) ioctl$SNDRV_TIMER_IOCTL_GSTATUS(0xffffffffffffffff, 0xc0505405, &(0x7f0000000100)={{0x3, 0x3, 0x8, 0x3}, 0xffffffffffff9017, 0x20, 0x45}) ioctl$SNDRV_TIMER_IOCTL_PAUSE(0xffffffffffffffff, 0x54a3) r0 = syz_open_dev$hiddev(&(0x7f0000000180), 0x5, 0x440) ioctl$AUTOFS_IOC_EXPIRE(r0, 0x810c9365, &(0x7f00000001c0)={{0x7fff, 0xffffff81}, 0x100, './file0\x00'}) r1 = signalfd4(r0, &(0x7f0000000300)={[0x1]}, 0x8, 0x0) ioctl$HIDIOCGVERSION(r1, 0x80044801, &(0x7f0000000340)) r2 = syz_open_dev$mouse(&(0x7f0000000380), 0x9, 0x40882) fcntl$setown(r2, 0x8, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f00000003c0)={0x0, 0x3, 0xffffffff, 0x372}) sendmsg$NLBL_CALIPSO_C_ADD(0xffffffffffffffff, &(0x7f0000000500)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f00000004c0)={&(0x7f0000000440)={0x4c, 0x0, 0x400, 0x70bd26, 0x25dfdbff, {}, [@NLBL_CALIPSO_A_MTYPE={0x8}, @NLBL_CALIPSO_A_DOI={0x8, 0x1, 0x1}, @NLBL_CALIPSO_A_DOI={0x8, 0x1, 0x1}, @NLBL_CALIPSO_A_DOI={0x8, 0x1, 0x3}, @NLBL_CALIPSO_A_MTYPE={0x8}, @NLBL_CALIPSO_A_DOI={0x8, 0x1, 0x2}, @NLBL_CALIPSO_A_DOI={0x8, 0x1, 0x2}]}, 0x4c}, 0x1, 0x0, 0x0, 0x8040}, 0x0) getsockopt$inet_IP_XFRM_POLICY(r1, 0x0, 0x11, &(0x7f0000000680)={{{@in=@multicast1, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@empty}, 0x0, @in6=@mcast1}}, &(0x7f0000000780)=0xe8) r4 = syz_mount_image$tmpfs(&(0x7f0000000540), &(0x7f0000000580)='./file0\x00', 0x400, 0x1, &(0x7f0000000640)=[{&(0x7f00000005c0)="826c1556e6dd12280b10c5ad1a102cfa52ffa325a595a1c56a45871fbfc2cbdb6d6d502fb97aab29bccef37ec0b00a0ac80935e98cd373da266d0cf5d21c4355b1c8fefb44788d5e7d66a6c73dbf70dc196bfc861f7b18b232983a1f2f3889f7eceee5195491ac6959eb7ca46254b6db0986", 0x72, 0x8}], 0x42020, &(0x7f00000007c0)={[{@huge_always}, {@huge_within_size}, {}, {@size={'size', 0x3d, [0x36, 0x2d]}}, {@gid}, {@huge_never}, {@mode={'mode', 0x3d, 0x2}}, {@nr_inodes={'nr_inodes', 0x3d, [0x38, 0x37, 0x2d, 0x37, 0x70, 0x74]}}, {@size={'size', 0x3d, [0x32, 0x25, 0x38, 0x31, 0x67]}}, {@mode={'mode', 0x3d, 0xffff}}], [{@fowner_lt={'fowner<', r3}}]}) r5 = signalfd(r1, &(0x7f00000008c0)={[0x200]}, 0x8) ioctl$FS_IOC_FSSETXATTR(r5, 0x401c5820, &(0x7f0000000900)={0x7, 0x1, 0x7fffffff, 0x5, 0x1}) ioctl$AUTOFS_DEV_IOCTL_FAIL(0xffffffffffffffff, 0xc0189377, &(0x7f0000000940)={{0x1, 0x1, 0x18, r4, {0x5, 0x40}}, './file0\x00'}) ioctl$HIDIOCGPHYS(r6, 0x80404812, &(0x7f0000000980)) sendmsg$NFT_MSG_GETSET(r5, &(0x7f0000000c80)={&(0x7f00000009c0)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000c40)={&(0x7f0000000a00)={0x208, 0xa, 0xa, 0x401, 0x0, 0x0, {0x0, 0x0, 0x1}, [@NFTA_SET_FLAGS={0x8}, @NFTA_SET_POLICY={0x8, 0x8, 0x1, 0x0, 0x1}, @NFTA_SET_POLICY={0x8, 0x8, 0x1, 0x0, 0x1}, @NFTA_SET_DESC={0x1c8, 0x9, 0x0, 0x1, [@NFTA_SET_DESC_SIZE={0x8, 0x1, 0x1, 0x0, 0x8001}, @NFTA_SET_DESC_SIZE={0x8, 0x1, 0x1, 0x0, 0x6}, @NFTA_SET_DESC_SIZE={0x8, 0x1, 0x1, 0x0, 0x1}, @NFTA_SET_DESC_CONCAT={0xb4, 0x2, 0x0, 0x1, [{0x54, 0x1, 0x0, 0x1, [@NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x400}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0xffffff81}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x2}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x4}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x8}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0xfffffff8}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x4}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x6}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x3}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x7}]}, {0x2c, 0x1, 0x0, 0x1, [@NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0xe772}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x8000}, @NFTA_SET_FIELD_LEN={0x8}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x7fffffff}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x8}]}, {0x24, 0x1, 0x0, 0x1, [@NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x3}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x1}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0xb1}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x1}]}, {0xc, 0x1, 0x0, 0x1, [@NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x5}]}]}, @NFTA_SET_DESC_CONCAT={0xe8, 0x2, 0x0, 0x1, [{0x1c, 0x1, 0x0, 0x1, [@NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x3a0}, @NFTA_SET_FIELD_LEN={0x8}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x7ff}]}, {0x1c, 0x1, 0x0, 0x1, [@NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x400}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x7ff}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x6}]}, {0x3c, 0x1, 0x0, 0x1, [@NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x1}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x8}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x4}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0xa1}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x9}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x6}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x7}]}, {0x2c, 0x1, 0x0, 0x1, [@NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x800}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x3}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0xb4b8}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x45}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x2}]}, {0x44, 0x1, 0x0, 0x1, [@NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x2}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x6}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x5}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x9}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x4}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x7}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x7}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x5}]}]}, @NFTA_SET_DESC_SIZE={0x8}, @NFTA_SET_DESC_SIZE={0x8, 0x1, 0x1, 0x0, 0x3}]}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_FLAGS={0x8, 0x3, 0x1, 0x0, 0x3f}]}, 0x208}, 0x1, 0x0, 0x0, 0x4040040}, 0x1) openat$procfs(0xffffffffffffff9c, &(0x7f0000000cc0)='/proc/mdstat\x00', 0x0, 0x0) 23:54:58 executing program 3: fadvise64(0xffffffffffffffff, 0x6, 0x216f6253, 0x5) r0 = perf_event_open(&(0x7f0000000000)={0x5, 0x80, 0x0, 0x1f, 0x80, 0x81, 0x0, 0x6, 0x88, 0x7, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x3, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, @perf_config_ext={0x2, 0x1fda}, 0x31c8, 0x2, 0x80000001, 0x7, 0x0, 0x4, 0x0, 0x0, 0x6, 0x0, 0x401}, 0x0, 0x5, 0xffffffffffffffff, 0x1) r1 = perf_event_open(&(0x7f00000000c0)={0x0, 0x80, 0xee, 0x0, 0xff, 0x1, 0x0, 0x4a, 0x0, 0x16, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x7, 0x4, @perf_bp={&(0x7f0000000080), 0x2}, 0x7520, 0x5, 0x7, 0x4, 0xffffffffffffffe0, 0x3f, 0x1, 0x0, 0x0, 0x0, 0x68e}, 0xffffffffffffffff, 0xe, r0, 0xa) perf_event_open(&(0x7f0000000140)={0x1, 0x80, 0x3, 0x5, 0xd1, 0x6, 0x0, 0x488688d1, 0x10000, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x54b, 0x2, @perf_config_ext={0x100, 0x2}, 0x4, 0xffff, 0x6, 0x7, 0x2, 0x5, 0x7, 0x0, 0x400000}, 0x0, 0xe, 0xffffffffffffffff, 0x9) r2 = fcntl$getown(r1, 0x9) r3 = perf_event_open(&(0x7f0000000200)={0x1, 0x80, 0x9, 0x5, 0x93, 0x81, 0x0, 0xb112, 0x40000, 0x2, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x3, 0x0, @perf_bp={&(0x7f00000001c0), 0x1}, 0x2000, 0x5, 0xa7, 0x5, 0x42, 0x7, 0x40, 0x0, 0x8, 0x0, 0x5c26}, r2, 0x9, 0xffffffffffffffff, 0x8) r4 = openat$cgroup(0xffffffffffffffff, &(0x7f0000000280)='syz1\x00', 0x200002, 0x0) fchdir(r4) r5 = perf_event_open(&(0x7f0000000300)={0x2, 0x80, 0x2, 0x8, 0x80, 0xe3, 0x0, 0x0, 0x92, 0x8, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x2, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0xffffff7f, 0x4, @perf_bp={&(0x7f00000002c0), 0x1}, 0x8, 0x51, 0x2, 0x8, 0x3f8b, 0x6, 0x9, 0x0, 0x5, 0x0, 0x15695b3e}, r2, 0x9, 0xffffffffffffffff, 0x9) r6 = ioctl$TIOCGPTPEER(0xffffffffffffffff, 0x5441, 0x6) r7 = fcntl$dupfd(r6, 0x0, r4) ioctl$TIOCVHANGUP(r6, 0x5437, 0x0) r8 = openat(r7, &(0x7f0000000380)='./file0\x00', 0x11c7afb929befd44, 0x784c638e80285edf) ioctl$KDGKBMODE(r7, 0x4b44, &(0x7f00000003c0)) r9 = accept4(r8, &(0x7f0000000400)=@nfc, &(0x7f0000000480)=0x80, 0x40000) ioctl$sock_SIOCGIFINDEX_80211(r8, 0x8933, &(0x7f0000000500)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_SET_BSS(r9, &(0x7f0000000600)={&(0x7f00000004c0)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f00000005c0)={&(0x7f0000000540)={0x54, 0x0, 0x400, 0x70bd2b, 0x25dfdbfd, {{}, {@val={0x8, 0x3, r10}, @void}}, [@NL80211_ATTR_BSS_SHORT_SLOT_TIME={0x5, 0x1e, 0x5}, @NL80211_ATTR_P2P_CTWINDOW={0x5, 0xa2, 0xb0}, @NL80211_ATTR_BSS_HT_OPMODE={0x6, 0x6d, 0x4}, @NL80211_ATTR_BSS_SHORT_PREAMBLE={0x5, 0x1d, 0x3}, @NL80211_ATTR_AP_ISOLATE={0x5, 0x60, 0x4}, @NL80211_ATTR_P2P_CTWINDOW={0x5, 0xa2, 0x3f}, @NL80211_ATTR_BSS_SHORT_SLOT_TIME={0x5, 0x1e, 0x3}]}, 0x54}, 0x1, 0x0, 0x0, 0x40804}, 0x24008850) ioctl$VFAT_IOCTL_READDIR_BOTH(r5, 0x82307201, &(0x7f0000000640)=[{0x0, 0x0, 0x100}, {0x0, 0x0, 0x100}]) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r3, 0x81f8943c, &(0x7f0000000880)) pread64(r6, &(0x7f0000000a80)=""/203, 0xcb, 0x3) [ 116.577171] audit: type=1400 audit(1731714898.336:7): avc: denied { execmem } for pid=271 comm="syz-executor.1" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1 23:54:58 executing program 5: sendmsg$NLBL_UNLABEL_C_LIST(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x14, 0x0, 0x1, 0x70bd2a, 0x25dfdbfc}, 0x14}, 0x1, 0x0, 0x0, 0x2000}, 0x40094) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(0xffffffffffffffff, 0xc0189373, &(0x7f0000000100)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x3c}}, './file0\x00'}) sendmsg$NL80211_CMD_DEL_PMKSA(r0, &(0x7f0000000200)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f00000001c0)={&(0x7f0000000180)={0x3c, 0x0, 0x1, 0x70bd2a, 0x25dfdbfc, {{}, {@void, @void}}, [@NL80211_ATTR_MAC={0xa, 0x6, @random="6c7d0965ed6f"}, @NL80211_ATTR_PMK_REAUTH_THRESHOLD={0x5, 0x120, 0x2b}, @NL80211_ATTR_PMK={0x14, 0xfe, "572dd858fb9a399f5be230279978ad03"}]}, 0x3c}, 0x1, 0x0, 0x0, 0x20000001}, 0x0) ioctl$EXT4_IOC_GETSTATE(r0, 0x40046629, &(0x7f0000000240)) r1 = openat$tcp_mem(0xffffffffffffff9c, &(0x7f0000000280)='/proc/sys/net/ipv4/tcp_wmem\x00', 0x1, 0x0) open_by_handle_at(r1, &(0x7f00000002c0)=@FILEID_BTRFS_WITH_PARENT={0x28, 0x4e, {0x3, 0x1, 0x6, 0xff, 0xb7e2, 0x2}}, 0x210000) r2 = openat$tcp_mem(0xffffffffffffff9c, &(0x7f0000000300)='/proc/sys/net/ipv4/tcp_wmem\x00', 0x1, 0x0) fcntl$setflags(r2, 0x2, 0x0) r3 = openat$zero(0xffffffffffffff9c, &(0x7f0000000340), 0x200800, 0x0) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), r0) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000400)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_PROBE_MESH_LINK(r3, &(0x7f0000000640)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000600)={&(0x7f0000000440)={0x1b0, r4, 0x2, 0x70bd26, 0x25dfdbff, {{}, {@val={0x8, 0x3, r5}, @val={0xc, 0x99, {0x5, 0x13}}}}, [@NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_FRAME={0x4f, 0x33, @mgmt_frame=@action_no_ack={@with_ht={{{0x0, 0x0, 0xe, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1}, {0x7f}, @broadcast, @device_b, @random="2172a1b0c79f", {0x8, 0xfd0}}, @ver_80211n={0x0, 0x80, 0x3, 0x3, 0x0, 0x1, 0x0, 0x0, 0x1}}, @sp_mp_confirm={0xf, 0x2, {0x52, @default, {0x1, 0x3, [{0x12}, {0x48}, {0x3, 0x1}]}, @val={0x72, 0x6}, @val={0x2d, 0x1a, {0x8b08, 0x2, 0x7, 0x0, {0x1, 0x1f3a, 0x0, 0x9, 0x0, 0x1}, 0x300, 0x7fff, 0x1}}}}}}, @NL80211_ATTR_FRAME={0xe, 0x33, @ctrl_frame=@cts={{}, {0x5a}, @device_b}}, @NL80211_ATTR_MAC={0xa, 0x6, @broadcast}, @NL80211_ATTR_FRAME={0xd2, 0x33, @data_frame={@no_qos=@type11={{0x0, 0x2, 0x7, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1}, {0x4}, @device_a, @device_a, @device_a, {0x3, 0xff}, @broadcast}, @a_msdu=[{@device_a, @device_b, 0xa1, "572a1d2ac88726a467af3d1bcf9700da91775277f394520f2e291b72f239a100f868385c382c203523157b6137e31eca714676c38cd879640fda65531d063934dae858f71bf73df8e1f1b781166a192b2e5d5ea38c0ed6c44b9f394e488bd4a869cb14f6f43d3dd41d062d3bbfea4ec8e6b4429a1969b7adf03d3e59983db1410b23b66570fcad006855f683912b2b36b8314201bde51784eadb1d75fd83685372"}]}}, @NL80211_ATTR_FRAME={0x22, 0x33, @mgmt_frame=@disassoc={@with_ht={{{0x0, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1}, {0x6}, @device_a, @device_b, @from_mac=@device_b, {0x4, 0x4}}, @ver_80211n={0x0, 0x2, 0x0, 0x2, 0x0, 0x2, 0x1, 0x0, 0x0, 0x1}}, 0x0, @void}}]}, 0x1b0}}, 0x20044041) recvmsg(r3, &(0x7f0000000a80)={&(0x7f0000000680)=@pppol2tp={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @broadcast}}}, 0x80, &(0x7f00000009c0)=[{&(0x7f0000000700)=""/124, 0x7c}, {&(0x7f0000000780)=""/33, 0x21}, {&(0x7f00000007c0)=""/216, 0xd8}, {&(0x7f00000008c0)=""/66, 0x42}, {&(0x7f0000000940)=""/76, 0x4c}], 0x5, &(0x7f0000000a40)}, 0x40000000) sendmsg$NL80211_CMD_SET_CQM(r6, &(0x7f0000000cc0)={&(0x7f0000000ac0)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000c80)={&(0x7f0000000b00)={0x170, r4, 0x100, 0x70bd27, 0x25dfdbfd, {{}, {@void, @void}}, [@NL80211_ATTR_CQM={0x34, 0x5e, 0x0, 0x1, [@NL80211_ATTR_CQM_TXE_INTVL={0x8, 0x7, 0x6d3}, @NL80211_ATTR_CQM_RSSI_HYST={0x8, 0x2, 0x6}, @NL80211_ATTR_CQM_RSSI_THRESHOLD_EVENT={0x8, 0x3, 0x5}, @NL80211_ATTR_CQM_RSSI_THRESHOLD_EVENT={0x8, 0x3, 0x2}, @NL80211_ATTR_CQM_RSSI_HYST={0x8, 0x2, 0xa1e}, @NL80211_ATTR_CQM_TXE_INTVL={0x8, 0x7, 0x6e8}]}, @NL80211_ATTR_CQM={0xc, 0x5e, 0x0, 0x1, [@NL80211_ATTR_CQM_RSSI_LEVEL={0x8, 0x9, 0x3f}]}, @NL80211_ATTR_CQM={0x54, 0x5e, 0x0, 0x1, [@NL80211_ATTR_CQM_RSSI_THOLD={0x20, 0x1, [0x9, 0x8, 0x2, 0x5, 0x2, 0x3f, 0x100]}, @NL80211_ATTR_CQM_RSSI_HYST={0x8, 0x2, 0x9}, @NL80211_ATTR_CQM_TXE_RATE={0x8, 0x5, 0x58}, @NL80211_ATTR_CQM_TXE_RATE={0x8, 0x5, 0x15}, @NL80211_ATTR_CQM_TXE_RATE={0x8, 0x5, 0x54}, @NL80211_ATTR_CQM_TXE_INTVL={0x8, 0x7, 0xdc}, @NL80211_ATTR_CQM_TXE_RATE={0x8, 0x5, 0x33}]}, @NL80211_ATTR_CQM={0x18, 0x5e, 0x0, 0x1, [@NL80211_ATTR_CQM_RSSI_THOLD={0xc, 0x1, [0x8, 0xbb5]}, @NL80211_ATTR_CQM_TXE_PKTS={0x8, 0x6, 0x6}]}, @NL80211_ATTR_CQM={0xc, 0x5e, 0x0, 0x1, [@NL80211_ATTR_CQM_RSSI_HYST={0x8, 0x2, 0x6}]}, @NL80211_ATTR_CQM={0x2c, 0x5e, 0x0, 0x1, [@NL80211_ATTR_CQM_TXE_INTVL={0x8, 0x7, 0x6bd}, @NL80211_ATTR_CQM_TXE_PKTS={0x8, 0x6, 0xacb5}, @NL80211_ATTR_CQM_TXE_PKTS={0x8, 0x6, 0x8}, @NL80211_ATTR_CQM_RSSI_HYST={0x8, 0x2, 0x200}, @NL80211_ATTR_CQM_RSSI_HYST={0x8, 0x2, 0x3ff}]}, @NL80211_ATTR_CQM={0x14, 0x5e, 0x0, 0x1, [@NL80211_ATTR_CQM_RSSI_HYST={0x8, 0x2, 0x80000000}, @NL80211_ATTR_CQM_RSSI_THRESHOLD_EVENT={0x8, 0x3, 0x7}]}, @NL80211_ATTR_CQM={0x64, 0x5e, 0x0, 0x1, [@NL80211_ATTR_CQM_RSSI_THRESHOLD_EVENT={0x8}, @NL80211_ATTR_CQM_RSSI_HYST={0x8, 0x2, 0x9}, @NL80211_ATTR_CQM_TXE_INTVL={0x8, 0x7, 0x4ce}, @NL80211_ATTR_CQM_RSSI_HYST={0x8, 0x2, 0x2}, @NL80211_ATTR_CQM_RSSI_THOLD={0xc, 0x1, [0x6, 0x8]}, @NL80211_ATTR_CQM_RSSI_LEVEL={0x8, 0x9, 0x81}, @NL80211_ATTR_CQM_RSSI_HYST={0x8, 0x2, 0x3}, @NL80211_ATTR_CQM_RSSI_THOLD={0x14, 0x1, [0xb38b, 0x0, 0x3, 0x1000]}, @NL80211_ATTR_CQM_TXE_PKTS={0x8}, @NL80211_ATTR_CQM_RSSI_HYST={0x8, 0x2, 0x22}]}]}, 0x170}, 0x1, 0x0, 0x0, 0x1}, 0x4000) fcntl$setstatus(r6, 0x4, 0x40000) sendmsg$TIPC_CMD_SET_LINK_TOL(r6, &(0x7f0000000dc0)={&(0x7f0000000d00)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000d80)={&(0x7f0000000d40)={0x34, 0x0, 0x2, 0x70bd2b, 0x25dfdbff, {{}, {}, {0x18, 0x18, {0x5, @bearer=@l2={'ib', 0x3a, 'bond_slave_1\x00'}}}}, [""]}, 0x34}}, 0x840) ioctl$SG_GET_SG_TABLESIZE(r3, 0x227f, &(0x7f0000000e00)) connect(r6, &(0x7f0000000e40)=@generic={0x10, "0a8f0d08f4d23b38bb07fd8275d58299cddef8fcb3a5a5831e321fab4081f1cb8a6e2f9a9c75acfacc9d8f9ea37a38f3785834f4cf4f6f8b54f53c9b0eb23d38ff8952c50be34272b30658dda7149fbea0bc5ebb6aad9d357d961fbdc19345c74a9cbbbc357b426e3faccdbeaa975c92adf073eadff9a1300a5de0472bf5"}, 0x80) statx(r3, &(0x7f0000000ec0)='./file0\x00', 0x2000, 0x200, &(0x7f0000000f00)) sendmsg$NL80211_CMD_TRIGGER_SCAN(0xffffffffffffffff, &(0x7f00000011c0)={&(0x7f0000001040)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000001180)={&(0x7f00000010c0)={0xa0, 0x0, 0x200, 0x70bd26, 0x25dfdbfc, {{}, {@void, @val={0xc, 0x99, {0x0, 0x16}}}}, [@NL80211_ATTR_SCAN_SSIDS={0x1c, 0x2d, 0x0, 0x1, [{0xa, 0x0, @default_ap_ssid}, {0xa, 0x0, @default_ap_ssid}]}, @NL80211_ATTR_SCAN_SSIDS={0x4}, @NL80211_ATTR_SCHED_SCAN_RSSI_ADJUST={0x6, 0xf7, {0x2, 0x1f}}, @NL80211_ATTR_SCHED_SCAN_MULTI={0x4}, @NL80211_ATTR_SCAN_SSIDS={0x28, 0x2d, 0x0, 0x1, [{0xa, 0x0, @default_ap_ssid}, {0xa, 0x0, @default_ibss_ssid}, {0xa, 0x0, @default_ap_ssid}]}, @NL80211_ATTR_SCAN_SSIDS={0x2c, 0x2d, 0x0, 0x1, [{0xa, 0x0, @default_ap_ssid}, {0xe, 0x0, @random="5a5120ba1cbe13cf11ae"}, {0xb, 0x0, @random="f2edee196416ca"}]}]}, 0xa0}, 0x1, 0x0, 0x0, 0x24040851}, 0x4) 23:54:58 executing program 6: r0 = syz_usb_connect_ath9k(0x3, 0x5a, &(0x7f0000000000)={{0x12, 0x1, 0x200, 0xff, 0xff, 0xff, 0x40, 0xcf3, 0x9271, 0x108, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x48}}]}}, 0x0) syz_usb_connect_ath9k(0x3, 0x5a, &(0x7f0000000080)={{0x12, 0x1, 0x200, 0xff, 0xff, 0xff, 0x40, 0xcf3, 0x9271, 0x108, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x48}}]}}, 0x0) syz_usb_connect_ath9k(0x3, 0x5a, &(0x7f0000000100)={{0x12, 0x1, 0x200, 0xff, 0xff, 0xff, 0x40, 0xcf3, 0x9271, 0x108, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x48}}]}}, 0x0) syz_usb_ep_write$ath9k_ep2(r0, 0x83, 0x10, &(0x7f0000000180)=@ready={0x0, 0x0, 0x8, "33b069f5", {0x1, 0x0, 0x3, 0x1, 0x5}}) syz_usb_connect_ath9k(0x3, 0x5a, &(0x7f00000001c0)={{0x12, 0x1, 0x200, 0xff, 0xff, 0xff, 0x40, 0xcf3, 0x9271, 0x108, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x48}}]}}, 0x0) r1 = syz_usb_connect_ath9k(0x3, 0x5a, &(0x7f0000000240)={{0x12, 0x1, 0x200, 0xff, 0xff, 0xff, 0x40, 0xcf3, 0x9271, 0x108, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x48}}]}}, 0x0) socket$nl_generic(0x10, 0x3, 0x10) syz_usb_ep_write$ath9k_ep2(r0, 0x83, 0x10, &(0x7f00000002c0)=@ready={0x0, 0x0, 0x8, "1257c238", {0x1, 0xffff, 0x3, 0x0, 0x1}}) r2 = syz_usb_connect_ath9k(0x3, 0x5a, &(0x7f0000000300)={{0x12, 0x1, 0x200, 0xff, 0xff, 0xff, 0x40, 0xcf3, 0x9271, 0x108, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x48}}]}}, 0x0) syz_usb_connect_ath9k(0x3, 0x5a, &(0x7f0000000380)={{0x12, 0x1, 0x200, 0xff, 0xff, 0xff, 0x40, 0xcf3, 0x9271, 0x108, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x48}}]}}, 0x0) syz_usb_ep_write$ath9k_ep2(r1, 0x83, 0x12, &(0x7f0000000400)=@conn_svc_rsp={0x0, 0x0, 0xa, "f8faab6b", {0x3, 0x105, 0x0, 0x1, 0x7, 0x5, 0x7f}}) syz_usb_connect_ath9k(0x3, 0x5a, &(0x7f0000000440)={{0x12, 0x1, 0x200, 0xff, 0xff, 0xff, 0x40, 0xcf3, 0x9271, 0x108, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x48}}]}}, 0x0) syz_usb_connect_ath9k(0x3, 0x5a, &(0x7f00000004c0)={{0x12, 0x1, 0x200, 0xff, 0xff, 0xff, 0x40, 0xcf3, 0x9271, 0x108, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x48}}]}}, 0x0) syz_usb_ep_write$ath9k_ep2(r1, 0x83, 0x12, &(0x7f0000000540)=@conn_svc_rsp={0x0, 0x0, 0xa, "7aa814ad", {0x3, 0x103, 0x0, 0x20, 0x9, 0x4, 0x5}}) syz_usb_ep_write$ath9k_ep2(r2, 0x83, 0x12, &(0x7f0000000580)=@conn_svc_rsp={0x0, 0x0, 0xa, "c24b3212", {0x3, 0x104, 0x0, 0x0, 0xfffc, 0x7f, 0x7}}) syz_usb_connect_ath9k(0x3, 0x5a, &(0x7f00000005c0)={{0x12, 0x1, 0x200, 0xff, 0xff, 0xff, 0x40, 0xcf3, 0x9271, 0x108, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x48}}]}}, 0x0) syz_usb_connect_ath9k(0x3, 0x5a, &(0x7f0000000640)={{0x12, 0x1, 0x200, 0xff, 0xff, 0xff, 0x40, 0xcf3, 0x9271, 0x108, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x48}}]}}, 0x0) r3 = syz_usb_connect_ath9k(0x3, 0x5a, &(0x7f00000006c0)={{0x12, 0x1, 0x200, 0xff, 0xff, 0xff, 0x40, 0xcf3, 0x9271, 0x108, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x48}}]}}, 0x0) syz_usb_ep_write$ath9k_ep2(r3, 0x83, 0x10, &(0x7f0000000740)=@ready={0x0, 0x0, 0x8, "bfc9a500", {0x1, 0x9, 0x8001, 0x9, 0x1f}}) syz_usb_connect_ath9k(0x3, 0x5a, &(0x7f0000000780)={{0x12, 0x1, 0x200, 0xff, 0xff, 0xff, 0x40, 0xcf3, 0x9271, 0x108, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x48}}]}}, 0x0) 23:54:58 executing program 7: sendmsg$NFQNL_MSG_VERDICT(0xffffffffffffffff, &(0x7f0000000480)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000440)={&(0x7f0000000040)={0x3fc, 0x1, 0x3, 0x101, 0x0, 0x0, {0x2, 0x0, 0x5}, [@NFQA_CT={0x1d4, 0xb, 0x0, 0x1, [@CTA_TUPLE_ORIG={0xc8, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @private=0xa010101}, {0x8, 0x2, @private=0xa010101}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x11}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x2f}}, @CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @empty}, {0x14, 0x4, @ipv4={'\x00', '\xff\xff', @multicast2}}}}, @CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @ipv4={'\x00', '\xff\xff', @rand_addr=0x64010101}}, {0x14, 0x4, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01'}}}, @CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @dev={0xac, 0x14, 0x14, 0xf}}, {0x8, 0x2, @local}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x2f}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x21}}, @CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @empty}, {0x8, 0x2, @private=0xa010102}}}]}, @CTA_SEQ_ADJ_REPLY={0x44, 0x10, 0x0, 0x1, [@CTA_SEQADJ_CORRECTION_POS={0x8, 0x1, 0x1, 0x0, 0x8}, @CTA_SEQADJ_CORRECTION_POS={0x8, 0x1, 0x1, 0x0, 0x9}, @CTA_SEQADJ_OFFSET_AFTER={0x8, 0x3, 0x1, 0x0, 0x2}, @CTA_SEQADJ_OFFSET_BEFORE={0x8, 0x2, 0x1, 0x0, 0x100}, @CTA_SEQADJ_OFFSET_AFTER={0x8, 0x3, 0x1, 0x0, 0x7}, @CTA_SEQADJ_OFFSET_AFTER={0x8, 0x3, 0x1, 0x0, 0x9}, @CTA_SEQADJ_CORRECTION_POS={0x8}, @CTA_SEQADJ_OFFSET_BEFORE={0x8, 0x2, 0x1, 0x0, 0xa3}]}, @CTA_SEQ_ADJ_ORIG={0xc, 0xf, 0x0, 0x1, [@CTA_SEQADJ_CORRECTION_POS={0x8, 0x1, 0x1, 0x0, 0x1ff}]}, @CTA_MARK_MASK={0x8, 0x15, 0x1, 0x0, 0x3}, @CTA_ID={0x8, 0xc, 0x1, 0x0, 0x1}, @CTA_SYNPROXY={0x14, 0x18, 0x0, 0x1, [@CTA_SYNPROXY_TSOFF={0x8, 0x3, 0x1, 0x0, 0x10001}, @CTA_SYNPROXY_ISN={0x8, 0x1, 0x1, 0x0, 0x1}]}, @CTA_NAT_DST={0x40, 0xd, 0x0, 0x1, [@CTA_NAT_V6_MINIP={0x14, 0x4, @private1}, @CTA_NAT_V6_MINIP={0x14, 0x4, @dev={0xfe, 0x80, '\x00', 0x11}}, @CTA_NAT_V6_MAXIP={0x14, 0x5, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}}]}, @CTA_TUPLE_REPLY={0x4c, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @loopback}, {0x8, 0x2, @broadcast}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x21}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x88}}, @CTA_TUPLE_ZONE={0x6}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0xe}}, @CTA_TUPLE_ZONE={0x6}]}, @CTA_STATUS={0x8, 0x3, 0x1, 0x0, 0x4}]}, @NFQA_CT={0xc4, 0xb, 0x0, 0x1, [@CTA_LABELS={0x2c, 0x16, 0x1, 0x0, [0x7, 0x9, 0x9, 0x1ed, 0x7ff, 0x96, 0x1, 0x10001, 0x101, 0x39]}, @CTA_SEQ_ADJ_ORIG={0x1c, 0xf, 0x0, 0x1, [@CTA_SEQADJ_OFFSET_AFTER={0x8, 0x3, 0x1, 0x0, 0x8001}, @CTA_SEQADJ_OFFSET_AFTER={0x8, 0x3, 0x1, 0x0, 0x7}, @CTA_SEQADJ_OFFSET_BEFORE={0x8, 0x2, 0x1, 0x0, 0x38000000}]}, @CTA_ZONE={0x6, 0x12, 0x1, 0x0, 0x3}, @CTA_LABELS_MASK={0x14, 0x17, [0x20, 0xb8, 0xfffffffa, 0x6]}, @CTA_SEQ_ADJ_ORIG={0x14, 0xf, 0x0, 0x1, [@CTA_SEQADJ_OFFSET_AFTER={0x8, 0x3, 0x1, 0x0, 0x4}, @CTA_SEQADJ_CORRECTION_POS={0x8, 0x1, 0x1, 0x0, 0x2}]}, @CTA_TIMEOUT={0x8, 0x7, 0x1, 0x0, 0x7}, @CTA_LABELS={0x8, 0x16, 0x1, 0x0, [0x2409]}, @CTA_SEQ_ADJ_ORIG={0x1c, 0xf, 0x0, 0x1, [@CTA_SEQADJ_OFFSET_BEFORE={0x8, 0x2, 0x1, 0x0, 0x1}, @CTA_SEQADJ_CORRECTION_POS={0x8, 0x1, 0x1, 0x0, 0xafd}, @CTA_SEQADJ_OFFSET_AFTER={0x8, 0x3, 0x1, 0x0, 0xff}]}, @CTA_SYNPROXY={0x1c, 0x18, 0x0, 0x1, [@CTA_SYNPROXY_ISN={0x8, 0x1, 0x1, 0x0, 0x6}, @CTA_SYNPROXY_TSOFF={0x8, 0x3, 0x1, 0x0, 0x3f}, @CTA_SYNPROXY_ITS={0x8, 0x2, 0x1, 0x0, 0xbb5}]}]}, @NFQA_VLAN={0x1c, 0x13, 0x0, 0x1, [@NFQA_VLAN_PROTO={0x6, 0x1, 0x1, 0x0, 0x8100}, @NFQA_VLAN_TCI={0x6, 0x2, 0x1, 0x0, 0x1}, @NFQA_VLAN_PROTO={0x6, 0x1, 0x1, 0x0, 0x8100}]}, @NFQA_VLAN={0x24, 0x13, 0x0, 0x1, [@NFQA_VLAN_PROTO={0x6, 0x1, 0x1, 0x0, 0x8100}, @NFQA_VLAN_TCI={0x6, 0x2, 0x1, 0x0, 0x2}, @NFQA_VLAN_PROTO={0x6, 0x1, 0x1, 0x0, 0x8100}, @NFQA_VLAN_PROTO={0x6, 0x1, 0x1, 0x0, 0x88a8}]}, @NFQA_CT={0x20, 0xb, 0x0, 0x1, [@CTA_LABELS={0x14, 0x16, 0x1, 0x0, [0x10001, 0xffffff80, 0x3, 0x9]}, @CTA_TIMEOUT={0x8, 0x7, 0x1, 0x0, 0x82}]}, @NFQA_MARK={0x8, 0x3, 0x1, 0x0, 0x8000}, @NFQA_CT={0xe8, 0xb, 0x0, 0x1, [@CTA_HELP={0x10, 0x5, 0x0, 0x1, {0xa, 0x1, 'H.245\x00'}}, @CTA_TUPLE_ORIG={0x5c, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @remote}, {0x14, 0x4, @loopback}}}, @CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @mcast1}, {0x14, 0x4, @private2={0xfc, 0x2, '\x00', 0x1}}}}]}, @CTA_SEQ_ADJ_REPLY={0x34, 0x10, 0x0, 0x1, [@CTA_SEQADJ_OFFSET_BEFORE={0x8, 0x2, 0x1, 0x0, 0x7f}, @CTA_SEQADJ_OFFSET_AFTER={0x8, 0x3, 0x1, 0x0, 0xffffebe0}, @CTA_SEQADJ_OFFSET_AFTER={0x8, 0x3, 0x1, 0x0, 0x7}, @CTA_SEQADJ_OFFSET_BEFORE={0x8, 0x2, 0x1, 0x0, 0xfffffffe}, @CTA_SEQADJ_OFFSET_AFTER={0x8, 0x3, 0x1, 0x0, 0x7fffffff}, @CTA_SEQADJ_CORRECTION_POS={0x8, 0x1, 0x1, 0x0, 0x2}]}, @CTA_SEQ_ADJ_ORIG={0x44, 0xf, 0x0, 0x1, [@CTA_SEQADJ_OFFSET_BEFORE={0x8, 0x2, 0x1, 0x0, 0x5}, @CTA_SEQADJ_CORRECTION_POS={0x8, 0x1, 0x1, 0x0, 0x81}, @CTA_SEQADJ_OFFSET_AFTER={0x8, 0x3, 0x1, 0x0, 0xff}, @CTA_SEQADJ_OFFSET_BEFORE={0x8, 0x2, 0x1, 0x0, 0x7}, @CTA_SEQADJ_OFFSET_AFTER={0x8}, @CTA_SEQADJ_CORRECTION_POS={0x8, 0x1, 0x1, 0x0, 0xf8}, @CTA_SEQADJ_OFFSET_AFTER={0x8, 0x3, 0x1, 0x0, 0x1000}, @CTA_SEQADJ_OFFSET_AFTER={0x8, 0x3, 0x1, 0x0, 0xfffffffa}]}]}]}, 0x3fc}, 0x1, 0x0, 0x0, 0xa800}, 0x48086) r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) sendmsg$NL80211_CMD_CRIT_PROTOCOL_STOP(0xffffffffffffffff, &(0x7f00000005c0)={&(0x7f00000004c0)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000580)={&(0x7f0000000540)={0x1c, r0, 0x100, 0x70bd25, 0x25dfdbfd, {{}, {@val={0x8}, @void}}, ["", "", "", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x8010}, 0x4004000) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000640), 0xffffffffffffffff) sendmsg$IEEE802154_ASSOCIATE_RESP(r1, &(0x7f0000000700)={&(0x7f0000000600)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f00000006c0)={&(0x7f0000000680)={0x24, r2, 0x100, 0x70bd2d, 0x25dfdbfd, {}, [@IEEE802154_ATTR_STATUS={0x5, 0x3, 0x3f}, @IEEE802154_ATTR_STATUS={0x5, 0x3, 0x9}]}, 0x24}, 0x1, 0x0, 0x0, 0x40000}, 0x20000081) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$IEEE802154_LLSEC_DEL_DEVKEY(r3, &(0x7f0000000840)={&(0x7f0000000740)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000800)={&(0x7f0000000780)={0x50, 0x0, 0x2, 0x70bd25, 0x25dfdbfc, {}, [@IEEE802154_ATTR_LLSEC_KEY_SOURCE_EXTENDED={0xc, 0x2d, {0xaaaaaaaaaaaa0002}}, @IEEE802154_ATTR_PAN_ID={0x6, 0x6, 0x3}, @IEEE802154_ATTR_LLSEC_KEY_ID={0x5, 0x2e, 0x8e}, @IEEE802154_ATTR_LLSEC_KEY_MODE={0x5, 0x2b, 0x2}, @IEEE802154_ATTR_PAN_ID={0x6}, @IEEE802154_ATTR_LLSEC_KEY_MODE={0x5, 0x2b, 0x2}, @IEEE802154_ATTR_SHORT_ADDR={0x6, 0x4, 0xaaa3}]}, 0x50}, 0x1, 0x0, 0x0, 0x8001}, 0x40) r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r3, 0x8933, &(0x7f00000008c0)={'wpan3\x00', 0x0}) sendmsg$IEEE802154_LLSEC_DEL_DEVKEY(r4, &(0x7f0000000980)={&(0x7f0000000880)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000940)={&(0x7f0000000900)={0x38, r2, 0x10, 0x70bd2c, 0x25dfdbff, {}, [@IEEE802154_ATTR_DEV_INDEX={0x8}, @IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan4\x00'}, @IEEE802154_ATTR_SHORT_ADDR={0x6, 0x4, 0xaaa0}, @IEEE802154_ATTR_DEV_INDEX={0x8, 0x2, r5}]}, 0x38}, 0x1, 0x0, 0x0, 0x40}, 0x0) r6 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r7 = syz_genetlink_get_family_id$netlbl_cipso(&(0x7f0000000a00), r4) sendmsg$NLBL_CIPSOV4_C_ADD(r6, &(0x7f0000000c00)={&(0x7f00000009c0)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000bc0)={&(0x7f0000000a40)={0x144, r7, 0x2, 0x70bd28, 0x25dfdbfc, {}, [@NLBL_CIPSOV4_A_MLSCATLST={0x54, 0xc, 0x0, 0x1, [{0x14, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0xe7ce}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x6d38164c}]}, {0x3c, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0xab2f4b8}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x3c2d9a48}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x6424ab0f}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x7ead0901}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x478b84b4}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x12343668}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x14a28cc8}]}]}, @NLBL_CIPSOV4_A_TAGLST={0x1c, 0x4, 0x0, 0x1, [{0x5, 0x3, 0x6}, {0x5, 0x3, 0x1}, {0x5}]}, @NLBL_CIPSOV4_A_TAGLST={0x2c, 0x4, 0x0, 0x1, [{0x5, 0x3, 0x5}, {0x5, 0x3, 0x7}, {0x5, 0x3, 0x6}, {0x5, 0x3, 0x2}, {0x5, 0x3, 0x2}]}, @NLBL_CIPSOV4_A_MLSCATLST={0x68, 0xc, 0x0, 0x1, [{0x2c, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x4099e966}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0xbb36}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x690be1eb}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0xcaa2}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x63a9}]}, {0x1c, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x2e943e25}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x1dc7a5b}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0xf41d}]}, {0x1c, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x115c}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x7d75}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x4162c80f}]}]}, @NLBL_CIPSOV4_A_TAGLST={0x24, 0x4, 0x0, 0x1, [{0x5, 0x3, 0x7}, {0x5, 0x3, 0x5}, {0x5}, {0x5, 0x3, 0x6}]}, @NLBL_CIPSOV4_A_MTYPE={0x8, 0x2, 0x2}]}, 0x144}, 0x1, 0x0, 0x0, 0x4}, 0xd0) r8 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_CIPSOV4_C_LISTALL(r8, &(0x7f0000000cc0)={0x0, 0x0, &(0x7f0000000c80)={&(0x7f0000000c40)={0x38, r7, 0x400, 0x70bd28, 0x25dfdbff, {}, [@NLBL_CIPSOV4_A_TAGLST={0x14, 0x4, 0x0, 0x1, [{0x5, 0x3, 0x2}, {0x5, 0x3, 0x7}]}, @NLBL_CIPSOV4_A_DOI={0x8, 0x1, 0x2}, @NLBL_CIPSOV4_A_DOI={0x8, 0x1, 0x3}]}, 0x38}, 0x1, 0x0, 0x0, 0x40800}, 0x800) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$IEEE802154_LLSEC_DEL_DEVKEY(r6, &(0x7f0000000dc0)={&(0x7f0000000d00)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000d80)={&(0x7f0000000d40)={0x1c, r2, 0x2, 0x70bd25, 0x25dfdbfb, {}, [@IEEE802154_ATTR_LLSEC_KEY_MODE={0x5, 0x2b, 0x1}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4}, 0x804) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_CIPSOV4_C_ADD(r4, &(0x7f0000001300)={&(0x7f0000000e00)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f00000012c0)={&(0x7f0000000e40)={0x470, r7, 0x10, 0x70bd29, 0x25dfdbfe, {}, [@NLBL_CIPSOV4_A_TAGLST={0x3c, 0x4, 0x0, 0x1, [{0x5, 0x3, 0x6}, {0x5, 0x3, 0x6}, {0x5, 0x3, 0x7}, {0x5, 0x3, 0x1}, {0x5, 0x3, 0x5}, {0x5, 0x3, 0x5}, {0x5, 0x3, 0x5}]}, @NLBL_CIPSOV4_A_DOI={0x8, 0x1, 0xffffffffffffffff}, @NLBL_CIPSOV4_A_MLSLVLLST={0xfc, 0x8, 0x0, 0x1, [{0x3c, 0x7, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x53a9f002}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x64e75e1f}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0xdb}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0xd6}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x10bdf766}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0x4f}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x2f073e74}]}, {0x2c, 0x7, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0x17}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0x9b}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x6d72fd80}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x35779ebb}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x3979e969}]}, {0x34, 0x7, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0x95}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x6b94d5e4}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x5747935b}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x3231631d}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0x41}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x6d9a416b}]}, {0x1c, 0x7, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x5c947780}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0x1a}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0x15}]}, {0x24, 0x7, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x598c813b}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x4d4dfec0}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0x8d}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0xa9}]}, {0x1c, 0x7, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0x4a}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x3612fca8}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0x6a}]}]}, @NLBL_CIPSOV4_A_TAGLST={0x24, 0x4, 0x0, 0x1, [{0x5, 0x3, 0x1}, {0x5, 0x3, 0x2}, {0x5, 0x3, 0x2}, {0x5, 0x3, 0x1}]}, @NLBL_CIPSOV4_A_MLSLVLLST={0x160, 0x8, 0x0, 0x1, [{0x34, 0x7, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0x11}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0x30}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x6cd447d3}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0xa5}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x4f8b28ff}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0x21}]}, {0x34, 0x7, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x45f18bba}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x4eceb12d}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0x6f}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x5105ff73}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0x6b}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x7155154}]}, {0x3c, 0x7, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x4674e701}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0xb8}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x2b1964ec}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x18ab5759}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x62b1903c}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0xa5}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0x66}]}, {0x24, 0x7, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0x37}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0xe2}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x56f40925}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0xd0}]}, {0x2c, 0x7, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x573e2f8a}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0x78}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x4add27a6}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x2d9ddc7f}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8}]}, {0x14, 0x7, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0x8}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0x3e}]}, {0x54, 0x7, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0x26}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x4c6d81ed}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x7d130cf2}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x13a21b86}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x2890b8eb}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0xa5}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0x8d}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0x6}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x2f70383e}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0x51}]}]}, @NLBL_CIPSOV4_A_MTYPE={0x8, 0x2, 0x3}, @NLBL_CIPSOV4_A_MLSLVLLST={0x14c, 0x8, 0x0, 0x1, [{0x14, 0x7, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0x99}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0xa362ece}]}, {0x44, 0x7, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0xf}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x4a33feac}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0x68}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x74d59ddf}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0x85}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x14f10e8d}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x494dbfac}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0x9a}]}, {0x4c, 0x7, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0x7f}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x4b5c0b6e}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x3ed03366}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0x26}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0x89}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0x78}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x3af258f}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0xf8}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x445ffbec}]}, {0x3c, 0x7, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x5fa0e6aa}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x6c0aea8c}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x7e038217}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0xb}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0xcf}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x51362107}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0x86}]}, {0x34, 0x7, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x417050b}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0x5a}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x4d71185b}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0x90}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0x7e}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x772e90d1}]}, {0x34, 0x7, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x505f6ed1}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0xab09fac}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0xc2}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0x84}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x49918fd6}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x7bb2d216}]}]}, @NLBL_CIPSOV4_A_DOI={0x8, 0x1, 0x3}, @NLBL_CIPSOV4_A_DOI={0x8}, @NLBL_CIPSOV4_A_TAGLST={0x34, 0x4, 0x0, 0x1, [{0x5}, {0x5, 0x3, 0x2}, {0x5, 0x3, 0x2}, {0x5}, {0x5, 0x3, 0x1}, {0x5, 0x3, 0x1}]}]}, 0x470}, 0x1, 0x0, 0x0, 0x96c181547817bd17}, 0x4000010) [ 118.089708] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 118.093559] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 118.096068] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 118.106782] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 118.111035] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 118.113573] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 118.165982] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 118.167740] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 118.176486] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 118.178409] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 118.180739] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 118.183136] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 118.188968] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 118.195664] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 118.197735] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 118.199309] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 118.201178] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 118.203096] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 118.209245] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 118.212461] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 118.212795] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 118.216373] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 118.231187] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 118.232023] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 118.242174] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 118.246293] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 118.252564] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 118.255104] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 118.260033] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 118.262158] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 118.268028] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 118.272218] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 118.272343] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 118.280489] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 118.282059] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 118.282144] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 118.292302] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 118.294468] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 118.303374] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 118.305331] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 118.310340] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 118.314908] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 118.318234] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 118.325530] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 118.338528] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 118.342069] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 118.367276] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 118.370302] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 120.175959] Bluetooth: hci0: command tx timeout [ 120.238103] Bluetooth: hci6: command tx timeout [ 120.301907] Bluetooth: hci2: command tx timeout [ 120.367115] Bluetooth: hci3: command tx timeout [ 120.367692] Bluetooth: hci4: command tx timeout [ 120.431370] Bluetooth: hci5: command tx timeout [ 120.432127] Bluetooth: hci1: command tx timeout [ 120.494965] Bluetooth: hci7: command tx timeout [ 122.223021] Bluetooth: hci0: command tx timeout [ 122.285941] Bluetooth: hci6: command tx timeout [ 122.351422] Bluetooth: hci2: command tx timeout [ 122.415959] Bluetooth: hci4: command tx timeout [ 122.416461] Bluetooth: hci3: command tx timeout [ 122.478971] Bluetooth: hci1: command tx timeout [ 122.479462] Bluetooth: hci5: command tx timeout [ 122.542844] Bluetooth: hci7: command tx timeout [ 124.272841] Bluetooth: hci0: command tx timeout [ 124.335065] Bluetooth: hci6: command tx timeout [ 124.399004] Bluetooth: hci2: command tx timeout [ 124.462888] Bluetooth: hci3: command tx timeout [ 124.463365] Bluetooth: hci4: command tx timeout [ 124.527270] Bluetooth: hci1: command tx timeout [ 124.527753] Bluetooth: hci5: command tx timeout [ 124.590929] Bluetooth: hci7: command tx timeout [ 126.318894] Bluetooth: hci0: command tx timeout [ 126.382906] Bluetooth: hci6: command tx timeout [ 126.446963] Bluetooth: hci2: command tx timeout [ 126.510883] Bluetooth: hci4: command tx timeout [ 126.511335] Bluetooth: hci3: command tx timeout [ 126.574901] Bluetooth: hci5: command tx timeout [ 126.575367] Bluetooth: hci1: command tx timeout [ 126.638881] Bluetooth: hci7: command tx timeout [ 173.991014] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 173.991744] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 174.321626] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 174.322441] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 174.940359] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 174.941079] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 175.330561] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 175.331275] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 175.488445] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 175.489168] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 175.562028] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 175.562691] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 175.731850] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 175.732522] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 23:55:57 executing program 1: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000000)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') membarrier(0x40, 0x0) membarrier(0x20, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) getpid() process_vm_writev(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) r0 = gettid() rt_sigqueueinfo(r0, 0x0, &(0x7f0000000080)={0x0, 0x0, 0xfffffffa}) perf_event_open(&(0x7f00000001c0)={0x1, 0x80, 0x3, 0x1, 0x80, 0x8, 0x0, 0x3, 0x20000, 0x2, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x2, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x2, 0x1, @perf_config_ext={0x337, 0x5}, 0x2000, 0x8001, 0x1800, 0x5, 0x20, 0x6, 0x8, 0x0, 0x0, 0x0, 0x5}, r0, 0x1, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000580)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) rename(&(0x7f0000000040)='./file1\x00', &(0x7f0000000180)='./file0\x00') write(r1, &(0x7f0000000080)="01", 0x292e9) [ 175.875487] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 175.876417] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 175.917462] loop1: detected capacity change from 0 to 40 [ 175.956489] audit: type=1400 audit(1731714957.715:8): avc: denied { open } for pid=3890 comm="syz-executor.1" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 [ 175.960439] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 175.961162] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 175.963975] audit: type=1400 audit(1731714957.715:9): avc: denied { kernel } for pid=3890 comm="syz-executor.1" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 [ 175.973214] hrtimer: interrupt took 38594 ns [ 175.989112] loop2: detected capacity change from 0 to 264192 [ 175.998313] loop2: detected capacity change from 0 to 94 [ 176.002158] ext3: Unknown parameter 'mask' [ 176.009620] loop2: detected capacity change from 0 to 264192 [ 176.015869] loop2: detected capacity change from 0 to 94 [ 176.016784] ext3: Unknown parameter 'mask' [ 176.080878] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 176.081892] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 23:55:57 executing program 2: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x100000, 0x19, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000100000005000000000004000040000020000000e1f4655fe1f4655f0100ffff53ef010001000000e0f4655f000000000000000001000000000000000b0000008000000018000000c20500002b0200000000000000000000000000000000000073797a6b616c6c6572000000000000002f746d702f73797a2d696d61676567656e38373635383433343000"/192, 0xc0, 0x400}, {&(0x7f0000010100)="000000000000000000000000a4d0099b099d46eeb5a6d2ef5e9d5ded010040000c00000000000000e0f4655f00"/64, 0x40, 0x4e0}, {&(0x7f0000010200)="0100000000000500400000000000000000000000000000004700000000000000", 0x20, 0x560}, {&(0x7f0000010300)="02000000030000000400000015000f0003000400"/32, 0x20, 0x800}, {&(0x7f0000010400)="ff070000ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff0100ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff0000000000000000e0f4655fe0f4655fe0f4655f00"/4128, 0x1020, 0x1000}, {&(0x7f0000011500)="ed41000000080000e0f4655fe1f4655fe1f4655f00000000000004004000000000000800050000000af301000400000000000000000000000100000010000000", 0x40, 0x2080}, {&(0x7f0000011600)="8081000000601020e0f4655fe0f4655fe0f4655f00000000000001004000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000030000000", 0x60, 0x2300}, {&(0x7f0000011700)="c041000000400000e0f4655fe0f4655fe0f4655f00000000000002004000000000000800000000000af301000400000000000000000000000800000020000000", 0x40, 0x2500}, {&(0x7f0000011800)="ed41000000080000e1f4655fe1f4655fe1f4655f00000000000002004000000000000800030000000af301000400000000000000000000000100000050000000000000000000000000000000000000000000000000000000000000000000000000000000ba56a6e5000000000000000000000000000000000000000000000000ed8100001a040000e1f4655fe1f4655fe1f4655f00000000000001004000000000000800010000000af30100040000000000000000000000010000006000000000000000000000000000000000000000000000000000000000000000000000000000000078ce27cf000000000000000000000000000000000000000000000000ffa1000026000000e1f4655fe1f4655fe1f4655f00000000000001000000000000000000010000002f746d702f73797a2d696d61676567656e3837363538343334302f66696c65302f66696c653000000000000000000000000000000000000000000000ee3520d6000000000000000000000000000000000000000000000000ed8100000a000000e1f4655fe1f4655fe1f4655f00000000000001008000000000000800010000000af301000400000000000000000000000100000070000000000000000000000000000000000000000000000000000000000000000000000000000000070f9333800000000000000000000000000000000000000000000000ed81000028230000e1f4655fe1f4655fe1f4655f00000000000002004000000000000800010000000af301000400000000000000000000000500000090000000000000000000000000000000000000000000000000000000000000000000000000000000a9530bd8000000000000000000000000000000000000000000000000ed81000064000000e1f4655fe1f4655fe1f4655f00000000000001004000000000000800010000000af3010004000000000000000000000001000000a0000000000000000000000000000000000000000000000000000000000000000000000000000000a1aee7ad00"/768, 0x300, 0x2580}, {&(0x7f0000011b00)="020000000c0001022e000000020000000c0002022e2e00000b00000014000a026c6f73742b666f756e6400000c0000001000050266696c65300000000f0000001000050166696c6531000000100000001000050166696c6532000000100000001000050166696c6533000000110000009407090166696c652e636f6c64000000", 0x80, 0x8000}, {&(0x7f0000011c00)="0b0000000c0001022e00000002000000f40702022e2e00"/32, 0x20, 0x10000}, {&(0x7f0000011d00)='\x00\x00\x00\x00\x00\b\x00'/32, 0x20, 0x10800}, {&(0x7f0000011e00)='\x00\x00\x00\x00\x00\b\x00'/32, 0x20, 0x11000}, {&(0x7f0000011f00)='\x00\x00\x00\x00\x00\b\x00'/32, 0x20, 0x11800}, {&(0x7f0000012000)='\x00\x00\x00\x00\x00\b\x00'/32, 0x20, 0x12000}, {&(0x7f0000012100)='\x00\x00\x00\x00\x00\b\x00'/32, 0x20, 0x12800}, {&(0x7f0000012200)='\x00\x00\x00\x00\x00\b\x00'/32, 0x20, 0x13000}, {&(0x7f0000012300)='\x00\x00\x00\x00\x00\b\x00'/32, 0x20, 0x13800}, {&(0x7f0000012400)="504d4d00504d4dffe1f4655f00000000647679756b6f762d676c6170746f70320000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000006c6f6f7032390075782f746573742f73797a5f6d6f756e745f696d6167655f650500"/128, 0x80, 0x20000}, {&(0x7f0000012500)="0c0000000c0001022e000000020000000c0002022e2e00000d0000001000050166696c65300000000e000000d807050766696c653100"/64, 0x40, 0x28000}, {&(0x7f0000012600)='syzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkal\x00\x00\x00\x00\x00\x00', 0x420, 0x30000}, {&(0x7f0000012b00)='syzkallers\x00'/32, 0x20, 0x38000}, {&(0x7f0000012c00)="000002ea0100000001000000270f240c000000000000000000000000000000000601f8070000000006000000779b539778617474723100000601f00700000000060000007498539778617474723200"/96, 0x60, 0x40000}, {&(0x7f0000012d00)='\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00xattr2\x00\x00xattr1\x00\x00', 0x20, 0x407e0}, {&(0x7f0000012e00)='syzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallers\x00'/128, 0x80, 0x50000}], 0x0, &(0x7f0000012f00)) stat(&(0x7f0000000240)='./file0\x00', &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0}) setresuid(r0, 0xffffffffffffffff, 0x0) syz_mount_image$ext4(&(0x7f0000000040)='ext3\x00', &(0x7f0000000080)='./file1\x00', 0xa584, 0x6, &(0x7f0000000700)=[{&(0x7f0000000480)="b80e144b7a0e680ede2db6e29701f9d4867c4a5968e33d57c187a0abb4782809025be57d5acf51196117208b9b1665b96bac8d0a47e093faef79ba4e18d0baa9526582b64b45a20a73f4f994df85ebff3886b7d8ad951e01fea1ed23478c0b94eadf3f5affd05c781574b5a85e23bc56a382467cc890ff0b6694f1a1dcb38d746df334380fb23bcf27b4db17b23640897a09b34072158c78a328b4f6c2cb682603e5aa25364951bb0731346b8d688d586dc1ab638cc640855119fd1b644d95260b610117742ccada0902fcf1a2ea141786ab4a93d059f96e597cee5a8499cdc0b68419e54c1b30975c302a1e9295", 0xee, 0x9}, {&(0x7f00000000c0)="7700d04027474eae821b077cf2c6b1667131abc526307437e3f2c59f44893365402003e14399a0081ccf27d83c", 0x2d, 0x4}, {&(0x7f0000000140)="10d2552979e1", 0x6, 0xfa}, {&(0x7f0000000180)="d152e5c8aa5ecc989f6428c929bed462977874032849e46553dcb7957ae8215f05", 0x21, 0x9}, {&(0x7f0000000580)="176aab945d9eff9da3b336b77f96727a42095f6813e793c8bfddaeb0be8b0366c0652b604da9c9c38ad85ecd0aa7ba248cc06b12da788a4aa9e5bf7e0e159ca9593361871639fe202d1de533624fa80cd5996e061033ceeb9ec13af5dbc983dffb8d08ce16b5ccca3963ace281fa4843ac3fad53be62ec9de526d560bb839fb5ccef8d838c4d46a274c89fbe5a7d37d552b925b17f5d051cefbc64f7c686b69c9cc9b02dce3212feb4dcd7f6ff6b2bc3cb3d43049fd47a9601e3b1ff33b7649f3b8246", 0xc3, 0xf49}, {&(0x7f0000000680)="74f6c1610ce8e9d67e75c833192b2f34f5a4cd3cabef7e5ab3b6f561686aa9e44f885a7b9d3c37e844f229d770d6be211701f2799e57c5fe89c64f16e8474d3cfed2890d71d28fd2b45f863e4f68afe08898cd60c0642eb92d49aae84a78c515", 0x60, 0x7a2bc514}], 0x200001, &(0x7f00000007c0)={[{@delalloc}, {@noquota}], [{@appraise}, {@appraise_type}, {@uid_eq={'uid', 0x3d, r0}}, {@appraise_type}]}) [ 176.124777] loop2: detected capacity change from 0 to 2048 [ 176.169696] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 176.170656] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 176.174366] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 176.179403] ext4 filesystem being mounted at /syzkaller-testdir823858651/syzkaller.P0Di6W/1/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 176.275140] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. 23:55:58 executing program 2: syz_mount_image$ext4(0x0, &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) r2 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000000140), 0x400, 0x0) pread64(0xffffffffffffffff, 0x0, 0x0, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000100), 0x200000, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {}, 0x2c, {[{@loose}, {@version_L}, {@posixacl}, {@aname}, {@privport}], [{@fowner_eq={'fowner', 0x3d, 0xee01}}, {@hash}, {@smackfsdef={'smackfsdef', 0x3d, '%.'}}]}}) write$P9_RREADDIR(r1, &(0x7f0000000240)={0xb, 0x29, 0xffff}, 0x2c) mount$9p_fd(0x0, &(0x7f0000000c00)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB="2c776604006f3d5b3e3b3c6934fd1944c5d7837a9b4a9da01aae5b8411ff8f0dc7b815ef328f5b1057925f1ebbbe31dce3382ae5ca066aadfd2de16a46f4efe6e5b6fc967f4dea08ad2a081a002d00991fd4ba851dd9c5f3f4a4b8d6504e71eb4bdf49d4cd692b20ef8f1c19515d6c32613bddc9", @ANYRESHEX=r1]) [ 176.379119] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 176.379842] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 176.509001] 9pnet_fd: Insufficient options for proto=fd [ 176.512244] 9pnet_fd: Insufficient options for proto=fd [ 176.516772] 9pnet_fd: Insufficient options for proto=fd [ 176.519707] 9pnet_fd: Insufficient options for proto=fd 23:55:58 executing program 2: r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000040)={0x0}, &(0x7f0000000180)=0xc) r2 = syz_open_procfs(0x0, &(0x7f0000000040)='attr/fscreate\x00') pread64(r2, 0x0, 0x0, 0x0) recvmsg$unix(r2, &(0x7f0000001640)={&(0x7f0000000380), 0x6e, &(0x7f00000014c0)=[{&(0x7f0000000400)=""/4096, 0x1000}, {&(0x7f0000001400)=""/66, 0x42}, {&(0x7f0000001480)=""/18, 0x12}], 0x3, &(0x7f0000001500)=[@cred={{0x1c, 0x1, 0x2, {0x0}}}, @cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x2c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x20, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}], 0x130}, 0x2000) perf_event_open(&(0x7f0000000300)={0x0, 0x80, 0x81, 0x80, 0x3f, 0x4, 0x0, 0x9, 0xcc302, 0x2, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x86, 0x2, @perf_bp={&(0x7f00000002c0), 0x2}, 0x2, 0x3, 0x5, 0x8, 0x3, 0x101, 0x8, 0x0, 0xfffffffc, 0x0, 0x18}, r3, 0x3, r0, 0xe) perf_event_open(&(0x7f0000000100)={0x4, 0x80, 0x3d, 0x0, 0x60, 0x3, 0x0, 0x7, 0x20, 0x6, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x2, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x5, @perf_bp={&(0x7f0000000000), 0x4}, 0x11080, 0x1f, 0x7, 0x2, 0x7, 0xf7d, 0x1d4f, 0x0, 0xfffffc00, 0x0, 0x3}, r1, 0xa, r2, 0x0) r4 = fcntl$dupfd(r0, 0x0, r0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x13, r4, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x13, r4, 0x0) syz_io_uring_setup(0x49d9, &(0x7f00000001c0)={0x0, 0x3dbf, 0x1, 0x2, 0x2ba}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000240), &(0x7f0000000280)) [ 176.633528] audit: type=1400 audit(1731714958.384:10): avc: denied { read } for pid=3910 comm="syz-executor.2" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 [ 176.950948] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 176.951620] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 23:55:58 executing program 2: syz_mount_image$ext4(0x0, &(0x7f00000000c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) inotify_init() mount(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000240)='configfs\x00', 0x0, 0x0) syz_open_dev$tty20(0xc, 0x4, 0x1) r0 = syz_open_dev$tty20(0xc, 0x4, 0x1) openat$bsg(0xffffffffffffff9c, &(0x7f0000008280), 0x87da75e5504c12dc, 0x0) syz_io_uring_setup(0x4be8, 0x0, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000008340), &(0x7f0000008380)) syz_open_dev$tty20(0xc, 0x4, 0x1) ioctl$TIOCL_PASTESEL(0xffffffffffffffff, 0x5414, &(0x7f0000000000)) ioctl$AUTOFS_IOC_CATATONIC(r0, 0x9362, 0x0) getpid() lchown(&(0x7f0000000100)='./file0\x00', 0x0, 0x0) [ 177.298970] syz-executor.1: attempt to access beyond end of device [ 177.298970] loop1: rw=2049, sector=124, nr_sectors = 4 limit=40 [ 177.299179] Buffer I/O error on dev loop1, logical block 31, lost async page write [ 184.945568] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 184.948084] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 184.949900] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 184.954112] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 184.964047] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 184.970194] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 191.499353] Bluetooth: hci1: command tx timeout [ 191.740093] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 191.746016] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 191.750911] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 191.810107] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 191.811491] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 191.812451] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 193.518687] Bluetooth: hci1: command tx timeout [ 194.982524] Bluetooth: hci2: command tx timeout [ 195.565919] Bluetooth: hci1: command tx timeout [ 197.042068] Bluetooth: hci2: command tx timeout [ 197.613935] Bluetooth: hci1: command tx timeout [ 199.085949] Bluetooth: hci2: command tx timeout [ 201.042045] watchdog: BUG: soft lockup - CPU#0 stuck for 23s! [syz-executor.1:3896] [ 201.042728] Modules linked in: [ 201.043028] irq event stamp: 2512785 [ 201.043360] hardirqs last enabled at (2512784): [] irqentry_exit+0x3b/0x90 [ 201.044116] hardirqs last disabled at (2512785): [] sysvec_apic_timer_interrupt+0xf/0x80 [ 201.045449] softirqs last enabled at (2508100): [] handle_softirqs+0x50c/0x770 [ 201.047380] softirqs last disabled at (2508107): [] __irq_exit_rcu+0xc4/0x100 [ 201.049106] CPU: 0 UID: 0 PID: 3896 Comm: syz-executor.1 Not tainted 6.12.0-rc7-next-20241115 #1 [ 201.051259] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 201.053272] RIP: 0010:unwind_next_frame+0x1b0/0x2490 [ 201.053732] Code: 42 ff 39 c6 0f 83 bb 16 00 00 48 b8 00 00 00 00 00 fc ff df 89 f2 48 8d 3c 95 0c c6 c2 86 49 89 f8 49 c1 e8 03 45 0f b6 04 00 <48> 89 f8 83 e0 07 83 c0 03 44 38 c0 7c 32 45 84 c0 74 2d 48 89 54 [ 201.055187] RSP: 0018:ffff88806ce09738 EFLAGS: 00000212 [ 201.055661] RAX: dffffc0000000000 RBX: 0000000000000002 RCX: ffffffff818f15f5 [ 201.056255] RDX: 0000000000008f15 RSI: 0000000000008f15 RDI: ffffffff86c50260 [ 201.056852] RBP: ffff88806ce09800 R08: 0000000000000000 R09: ffff88806ce097e8 [ 201.057445] R10: 000000000003c001 R11: 0000000000012349 R12: ffff88806ce09808 [ 201.058037] R13: ffff88806ce097f0 R14: ffff88806ce097e9 R15: ffff88806ce097a8 [ 201.058639] FS: 00007f504904a700(0000) GS:ffff88806ce00000(0000) knlGS:0000000000000000 [ 201.059322] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 201.059822] CR2: 00007fdaa529a004 CR3: 0000000016314000 CR4: 0000000000350ef0 [ 201.060419] Call Trace: [ 201.060653] [ 201.060859] ? watchdog_timer_fn+0x3ee/0x510 [ 201.061282] ? __pfx_watchdog_timer_fn+0x10/0x10 [ 201.061728] ? __hrtimer_run_queues+0x57c/0xa70 [ 201.062176] ? __pfx___hrtimer_run_queues+0x10/0x10 [ 201.062632] ? ktime_get_update_offsets_now+0x260/0x3c0 [ 201.063121] ? hrtimer_interrupt+0x369/0x830 [ 201.063565] ? __sysvec_apic_timer_interrupt+0xc2/0x330 [ 201.064041] ? sysvec_apic_timer_interrupt+0x34/0x80 [ 201.064495] ? asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 201.064990] ? set_track_prepare+0x35/0x70 [ 201.065390] ? unwind_next_frame+0x1b0/0x2490 [ 201.065801] ? unwind_next_frame+0xa75/0x2490 [ 201.066214] ? set_track_prepare+0x36/0x70 [ 201.066609] ? set_track_prepare+0x36/0x70 [ 201.067003] ? srso_return_thunk+0x5/0x5f [ 201.067396] ? kernel_text_address+0x11/0xc0 [ 201.067812] ? qlist_free_all+0x50/0x160 [ 201.068188] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 201.068671] arch_stack_walk+0x87/0xf0 [ 201.069060] ? set_track_prepare+0x36/0x70 [ 201.069461] stack_trace_save+0x8f/0xc0 [ 201.069826] ? __pfx_stack_trace_save+0x10/0x10 [ 201.070254] ? srso_return_thunk+0x5/0x5f [ 201.070637] ? hlock_class+0x4e/0x130 [ 201.071002] ? srso_return_thunk+0x5/0x5f [ 201.071389] ? __lock_acquire+0x17ec/0x4430 [ 201.071775] ? srso_return_thunk+0x5/0x5f [ 201.072162] ? kasan_save_track+0x14/0x30 [ 201.072554] set_track_prepare+0x36/0x70 [ 201.072941] ? srso_return_thunk+0x5/0x5f [ 201.073327] ? trace_kmem_cache_alloc+0x24/0xb0 [ 201.073762] ? srso_return_thunk+0x5/0x5f [ 201.074147] ? read_word_at_a_time+0xe/0x20 [ 201.074555] ? srso_return_thunk+0x5/0x5f [ 201.074941] ? sized_strscpy+0xa6/0x2b0 [ 201.075332] ? srso_return_thunk+0x5/0x5f [ 201.075727] __alloc_object+0xf4/0x270 [ 201.076101] __create_object+0x1d/0x80 [ 201.076479] kmem_cache_alloc_node_noprof+0x311/0x3e0 [ 201.076937] ? find_held_lock+0x2c/0x110 [ 201.077316] ? __alloc_skb+0x2ad/0x370 [ 201.077695] __alloc_skb+0x2ad/0x370 [ 201.078052] ? __pfx___alloc_skb+0x10/0x10 [ 201.078443] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 201.078882] ? srso_return_thunk+0x5/0x5f [ 201.079266] ? do_raw_spin_lock+0x124/0x270 [ 201.079702] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 201.080141] skb_copy+0x1d5/0x3b0 [ 201.080476] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 201.080938] mac80211_hwsim_tx_frame_no_nl.isra.0+0xafb/0x1320 [ 201.081481] ? __pfx_lock_release+0x10/0x10 [ 201.081865] ? srso_return_thunk+0x5/0x5f [ 201.082252] ? __pfx_mac80211_hwsim_tx_frame_no_nl.isra.0+0x10/0x10 [ 201.082812] ? srso_return_thunk+0x5/0x5f [ 201.083207] ? srso_untrain_ret+0x2/0x2 [ 201.083598] ? srso_return_thunk+0x5/0x5f [ 201.083983] ? srso_return_thunk+0x5/0x5f [ 201.084369] ? srso_return_thunk+0x5/0x5f [ 201.084752] ? mac80211_hwsim_monitor_rx+0x1be/0x820 [ 201.085209] mac80211_hwsim_tx_frame+0x1ee/0x2a0 [ 201.085650] mac80211_hwsim_beacon_tx+0x546/0x950 [ 201.086098] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 201.086534] ? srso_return_thunk+0x5/0x5f [ 201.086924] __iterate_interfaces+0x2e0/0x650 [ 201.087366] ? __pfx_mac80211_hwsim_beacon_tx+0x10/0x10 [ 201.087848] ? __pfx_mac80211_hwsim_beacon_tx+0x10/0x10 [ 201.088330] ieee80211_iterate_active_interfaces_atomic+0x71/0x1b0 [ 201.088901] mac80211_hwsim_beacon+0x105/0x200 [ 201.089310] ? __pfx_mac80211_hwsim_beacon+0x10/0x10 [ 201.089757] __hrtimer_run_queues+0x1ab/0xa70 [ 201.090189] ? __pfx___hrtimer_run_queues+0x10/0x10 [ 201.090645] ? ktime_get_update_offsets_now+0x260/0x3c0 [ 201.091133] hrtimer_run_softirq+0x14c/0x310 [ 201.091568] handle_softirqs+0x1b1/0x770 [ 201.091948] __irq_exit_rcu+0xc4/0x100 [ 201.092306] irq_exit_rcu+0x9/0x20 [ 201.092638] sysvec_apic_timer_interrupt+0x70/0x80 [ 201.093080] [ 201.093287] [ 201.093500] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 201.093969] RIP: 0010:put_cpu_partial+0x10a/0x1b0 [ 201.094396] Code: 24 28 75 5b 49 c7 44 24 28 00 00 00 00 4c 89 e7 48 8d 35 00 00 00 00 e8 14 9a ab ff 4d 85 ed 74 06 e8 8a 62 d5 ff fb 4d 85 f6 <74> 1c 5b 4c 89 f6 48 89 ef 5d 41 5c 41 5d 41 5e e9 c1 fa ff ff 44 [ 201.095864] RSP: 0018:ffff88803fba7d80 EFLAGS: 00000246 [ 201.096328] RAX: 0000000000264549 RBX: ffffea000056ca00 RCX: 1ffffffff0fdfecf [ 201.096922] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffffff81849d96 [ 201.097516] RBP: ffff888008c41dc0 R08: 0000000000000001 R09: fffffbfff0fdddf1 [ 201.098110] R10: ffffffff87eeef8f R11: 00000000000007e0 R12: ffff88806ce3f5e0 [ 201.098706] R13: 0000000000000200 R14: 0000000000000000 R15: ffff888015b2c800 [ 201.099326] ? put_cpu_partial+0x106/0x1b0 [ 201.099718] qlist_free_all+0x50/0x160 [ 201.100094] kasan_quarantine_reduce+0x19f/0x240 [ 201.100532] __kasan_slab_alloc+0x49/0x70 [ 201.100926] kmem_cache_alloc_noprof+0x13d/0x3d0 [ 201.101349] ? srso_return_thunk+0x5/0x5f [ 201.101734] ? lockdep_hardirqs_on_prepare+0x262/0x3f0 [ 201.102204] getname_flags.part.0+0x48/0x550 [ 201.102624] getname_flags+0x95/0xe0 [ 201.102971] __x64_sys_rename+0x58/0xa0 [ 201.103352] do_syscall_64+0xbf/0x1d0 [ 201.103721] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 201.104177] RIP: 0033:0x7f504baf5b19 [ 201.104513] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 201.105977] RSP: 002b:00007f504904a188 EFLAGS: 00000246 ORIG_RAX: 0000000000000052 [ 201.106619] RAX: ffffffffffffffda RBX: 00007f504bc09020 RCX: 00007f504baf5b19 [ 201.107212] RDX: 0000000000000000 RSI: 0000000020000180 RDI: 0000000020000040 [ 201.107814] RBP: 00007f504bb4ff6d R08: 0000000000000000 R09: 0000000000000000 [ 201.108414] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 201.109007] R13: 00007ffde9d72d2f R14: 00007f504904a300 R15: 0000000000022000 [ 201.109625] [ 201.109843] Sending NMI from CPU 0 to CPUs 1: [ 201.110258] NMI backtrace for cpu 1 [ 201.110292] CPU: 1 UID: 0 PID: 26 Comm: kworker/u9:0 Not tainted 6.12.0-rc7-next-20241115 #1 [ 201.110376] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 201.110418] Workqueue: events_unbound cfg80211_wiphy_work [ 201.110511] RIP: 0010:queued_spin_lock_slowpath+0x242/0xb60 [ 201.110607] Code: 02 48 89 e8 83 e0 07 83 c0 01 38 d0 7c 08 84 d2 0f 85 85 08 00 00 b8 01 00 00 00 66 89 45 00 e9 bf fe ff ff 89 44 24 38 f3 90 5b fe ff ff 48 b8 00 00 00 00 00 fc ff df 48 89 fa 48 c1 ea 03 [ 201.110676] RSP: 0018:ffff88806cf099f8 EFLAGS: 00000202 [ 201.110730] RAX: 0000000000000001 RBX: 0000000000000001 RCX: ffffffff8486d2bf [ 201.110778] RDX: fffffbfff0c1b869 RSI: 0000000000000004 RDI: ffffffff860dc340 [ 201.110834] RBP: ffffffff860dc340 R08: 0000000000000000 R09: fffffbfff0c1b868 [ 201.110883] R10: ffffffff860dc343 R11: 5050505001000011 R12: 1ffff1100d9e1340 [ 201.110934] R13: 0000000000000003 R14: fffffbfff0c1b868 R15: ffff88806cf09a30 [ 201.110985] FS: 0000000000000000(0000) GS:ffff88806cf00000(0000) knlGS:0000000000000000 [ 201.111052] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 201.111104] CR2: 00007f3a8474d008 CR3: 000000003117c000 CR4: 0000000000350ef0 [ 201.111153] Call Trace: [ 201.111171] [ 201.111194] ? nmi_cpu_backtrace+0x179/0x260 [ 201.111276] ? nmi_cpu_backtrace_handler+0xc/0x20 [ 201.111406] ? nmi_handle+0x1a1/0x550 [ 201.111524] ? queued_spin_lock_slowpath+0x242/0xb60 [ 201.111613] ? queued_spin_lock_slowpath+0x242/0xb60 [ 201.111701] ? default_do_nmi+0x64/0x1c0 [ 201.111822] ? exc_nmi+0x188/0x1c0 [ 201.111937] ? end_repeat_nmi+0xf/0x53 [ 201.112037] ? queued_spin_lock_slowpath+0xaf/0xb60 [ 201.112127] ? queued_spin_lock_slowpath+0x242/0xb60 [ 201.112218] ? queued_spin_lock_slowpath+0x242/0xb60 [ 201.112311] ? queued_spin_lock_slowpath+0x242/0xb60 [ 201.112401] [ 201.112422] [ 201.112446] ? __pfx_queued_spin_lock_slowpath+0x10/0x10 [ 201.112537] ? srso_return_thunk+0x5/0x5f [ 201.112650] do_raw_spin_lock+0x1de/0x270 [ 201.112738] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 201.112827] ? lock_acquire+0x32/0xc0 [ 201.112893] ? mac80211_hwsim_tx_frame_no_nl.isra.0+0x6d1/0x1320 [ 201.113011] mac80211_hwsim_tx_frame_no_nl.isra.0+0x6d1/0x1320 [ 201.113116] ? __mac80211_hwsim_beacon_tx.part.0+0x1e6/0x5c0 [ 201.113226] ? __pfx_lock_release+0x10/0x10 [ 201.113294] ? srso_return_thunk+0x5/0x5f [ 201.113390] ? __pfx_mac80211_hwsim_tx_frame_no_nl.isra.0+0x10/0x10 [ 201.113497] ? srso_return_thunk+0x5/0x5f [ 201.113589] ? mark_held_locks+0x9e/0xe0 [ 201.113654] ? srso_return_thunk+0x5/0x5f [ 201.113757] ? srso_return_thunk+0x5/0x5f [ 201.113850] ? srso_return_thunk+0x5/0x5f [ 201.113945] ? srso_return_thunk+0x5/0x5f [ 201.114040] ? mac80211_hwsim_monitor_rx+0x1be/0x820 [ 201.114130] mac80211_hwsim_tx_frame+0x1ee/0x2a0 [ 201.114233] mac80211_hwsim_beacon_tx+0x546/0x950 [ 201.114338] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 201.114412] ? srso_return_thunk+0x5/0x5f [ 201.114512] __iterate_interfaces+0x2e0/0x650 [ 201.114630] ? __pfx_mac80211_hwsim_beacon_tx+0x10/0x10 [ 201.114735] ? __pfx_mac80211_hwsim_beacon_tx+0x10/0x10 [ 201.114835] ieee80211_iterate_active_interfaces_atomic+0x71/0x1b0 [ 201.114971] mac80211_hwsim_beacon+0x105/0x200 [ 201.115041] ? __pfx_mac80211_hwsim_beacon+0x10/0x10 [ 201.115117] __hrtimer_run_queues+0x1ab/0xa70 [ 201.115238] ? __pfx___hrtimer_run_queues+0x10/0x10 [ 201.115351] ? ktime_get_update_offsets_now+0x260/0x3c0 [ 201.115457] hrtimer_run_softirq+0x14c/0x310 [ 201.115568] handle_softirqs+0x1b1/0x770 [ 201.115648] ? cfg80211_inform_single_bss_data+0x898/0x1c50 [ 201.115740] do_softirq+0x48/0x80 [ 201.115811] [ 201.115832] [ 201.115854] __local_bh_enable_ip+0xf1/0x110 [ 201.115933] cfg80211_inform_single_bss_data+0x898/0x1c50 [ 201.116026] ? __pfx_ieee80211_inform_bss+0x10/0x10 [ 201.116137] ? __pfx_cfg80211_inform_single_bss_data+0x10/0x10 [ 201.116227] ? ret_from_fork_asm+0x1a/0x30 [ 201.116359] ? srso_return_thunk+0x5/0x5f [ 201.116452] ? stack_trace_save+0x8f/0xc0 [ 201.116531] ? srso_return_thunk+0x5/0x5f [ 201.116623] ? stack_depot_save_flags+0x2c/0x900 [ 201.116736] cfg80211_inform_bss_data+0x20f/0x3510 [ 201.116822] ? srso_return_thunk+0x5/0x5f [ 201.116916] ? srso_return_thunk+0x5/0x5f [ 201.117012] ? __kmalloc_noprof+0x1f7/0x4b0 [ 201.117084] ? ieee802_11_parse_elems_full+0xec/0x15a0 [ 201.117186] ? ieee80211_iface_work+0xb5f/0xe40 [ 201.117287] ? cfg80211_wiphy_work+0x38d/0x610 [ 201.117382] ? __pfx_mark_lock+0x10/0x10 [ 201.117447] ? srso_return_thunk+0x5/0x5f [ 201.117540] ? hlock_class+0x4e/0x130 [ 201.117635] ? srso_return_thunk+0x5/0x5f [ 201.117727] ? mark_lock+0xac/0x1370 [ 201.117789] ? ret_from_fork_asm+0x1a/0x30 [ 201.117890] ? __pfx_cfg80211_inform_bss_data+0x10/0x10 [ 201.117974] ? __pfx_mark_lock+0x10/0x10 [ 201.118043] ? srso_return_thunk+0x5/0x5f [ 201.118135] ? cfg80211_defragment_element+0x24e/0x300 [ 201.118262] ? srso_return_thunk+0x5/0x5f [ 201.118360] ? srso_return_thunk+0x5/0x5f [ 201.118453] ? hlock_class+0x4e/0x130 [ 201.118548] ? srso_return_thunk+0x5/0x5f [ 201.118640] ? __lock_acquire+0xccf/0x4430 [ 201.118742] ? srso_return_thunk+0x5/0x5f [ 201.118844] ? srso_return_thunk+0x5/0x5f [ 201.118936] ? find_held_lock+0x2c/0x110 [ 201.119033] ? ieee80211_bss_info_update+0x2b4/0xa90 [ 201.119134] ? srso_return_thunk+0x5/0x5f [ 201.119227] ? lock_release+0x20f/0x6f0 [ 201.119314] cfg80211_inform_bss_frame_data+0x250/0x690 [ 201.119417] ieee80211_bss_info_update+0x2f6/0xa90 [ 201.119523] ? __pfx_ieee80211_bss_info_update+0x10/0x10 [ 201.119627] ? lock_release+0x161/0x6f0 [ 201.119705] ? ieee80211_sta_get_rates+0x476/0x5e0 [ 201.119789] ? srso_return_thunk+0x5/0x5f [ 201.119890] ieee80211_ibss_rx_queued_mgmt+0x18ba/0x2f90 [ 201.120015] ? __pfx_ieee80211_ibss_rx_queued_mgmt+0x10/0x10 [ 201.120122] ? srso_return_thunk+0x5/0x5f [ 201.120216] ? srso_return_thunk+0x5/0x5f [ 201.120308] ? find_held_lock+0x2c/0x110 [ 201.120406] ? kcov_remote_start+0x2bf/0x5b0 [ 201.120478] ? srso_return_thunk+0x5/0x5f [ 201.120570] ? lock_release+0x20f/0x6f0 [ 201.120651] ? srso_return_thunk+0x5/0x5f [ 201.120744] ? mark_held_locks+0x9e/0xe0 [ 201.120815] ? srso_return_thunk+0x5/0x5f [ 201.120908] ? lockdep_hardirqs_on_prepare+0x262/0x3f0 [ 201.120986] ? srso_return_thunk+0x5/0x5f [ 201.121092] ieee80211_iface_work+0xb5f/0xe40 [ 201.121198] ? rwsem_down_read_slowpath+0x240/0xa90 [ 201.121309] cfg80211_wiphy_work+0x38d/0x610 [ 201.121411] process_one_work+0x8ee/0x1a00 [ 201.121531] ? __pfx_process_one_work+0x10/0x10 [ 201.121629] ? srso_return_thunk+0x5/0x5f [ 201.121722] ? move_linked_works+0x172/0x270 [ 201.121849] ? srso_return_thunk+0x5/0x5f [ 201.121941] ? assign_work+0x196/0x240 [ 201.122042] worker_thread+0x674/0xe70 [ 201.122140] ? lockdep_hardirqs_on_prepare+0x262/0x3f0 [ 201.122229] ? __pfx_worker_thread+0x10/0x10 [ 201.122331] kthread+0x2c2/0x3a0 [ 201.122394] ? srso_return_thunk+0x5/0x5f [ 201.122486] ? __pfx_kthread+0x10/0x10 [ 201.122557] ret_from_fork+0x48/0x80 [ 201.122657] ? __pfx_kthread+0x10/0x10 [ 201.122725] ret_from_fork_asm+0x1a/0x30 [ 201.122845] [ 201.242964] Bluetooth: hci2: command tx timeout 23:56:23 executing program 1: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000580)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ptrace(0x10, 0x0) ptrace$getsig(0x4202, 0x0, 0x7ff, 0x0) perf_event_open(&(0x7f0000000400)={0x0, 0x80, 0x6, 0x0, 0x9, 0x2, 0x0, 0x0, 0x2020, 0x2, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x2, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x2f77, 0x4, @perf_config_ext={0x8, 0x5a0}, 0x0, 0x0, 0xf72, 0x6, 0x4, 0x80, 0x2, 0x0, 0x5, 0x0, 0x473}, 0x0, 0x5, 0xffffffffffffffff, 0x8) r0 = getpid() pidfd_open(r0, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$NL80211_CMD_VENDOR(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000440)={0x2c, r2, 0x3ab, 0x0, 0x0, {{}, {@val={0x8}, @val={0x8}, @void}}, [@NL80211_ATTR_VENDOR_ID={0x8}]}, 0x2c}}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x200000a, 0x8010, 0xffffffffffffffff, 0x0) io_submit(0x0, 0x1, &(0x7f0000002040)=[&(0x7f0000001d80)={0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x2}]) perf_event_open(&(0x7f0000000480)={0x2, 0x80, 0x3f, 0x0, 0x0, 0x0, 0x0, 0x9, 0x10115, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x81, 0x0, @perf_bp={&(0x7f0000000040)}, 0x44, 0x7, 0x1, 0x8, 0x0, 0x3f, 0x3, 0x0, 0x8, 0x0, 0x101}, r0, 0x9, 0xffffffffffffffff, 0xa) ptrace$getsig(0x4202, 0x0, 0x2, &(0x7f0000000300)) perf_event_open(&(0x7f00000001c0)={0x3, 0x80, 0x0, 0x80, 0x46, 0xa1, 0x0, 0x2, 0x18, 0x5, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x2, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x4, 0x0, @perf_bp={&(0x7f0000000000), 0x4}, 0x20, 0x6, 0x0, 0x6, 0xe0, 0x5, 0x1ff, 0x0, 0x4080, 0x0, 0xa1}, 0x0, 0x4, 0xffffffffffffffff, 0x8) 23:56:23 executing program 2: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4842, 0x0) bind$unix(0xffffffffffffffff, 0x0, 0x0) truncate(0x0, 0x0) socketpair$unix(0x1, 0x0, 0x0, 0x0) ioctl$EXT4_IOC_MOVE_EXT(r0, 0x40305839, &(0x7f0000000200)={0x0, 0xffffffffffffffff, 0x6a5d, 0x800000c}) r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0xc4042, 0x0) write(r1, &(0x7f0000000200)='E', 0x140000) write$binfmt_misc(r1, &(0x7f0000000080)={'syz1', "0441309aa8669d8d812136b2fd54e1870dd747ea0c0ec0cfa3d123658dc589bdbd691a5967eab8eb33d7a6ebbb2c01feff9bab1a8eca8036b36b9ea077b70c650170ad068bb20b2444cd6f70de08c95e7c1096253481fb4c"}, 0x5c) 23:56:23 executing program 2: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4842, 0x0) bind$unix(0xffffffffffffffff, 0x0, 0x0) truncate(0x0, 0x0) socketpair$unix(0x1, 0x0, 0x0, 0x0) ioctl$EXT4_IOC_MOVE_EXT(r0, 0x40305839, &(0x7f0000000200)={0x0, 0xffffffffffffffff, 0x6a5d, 0x800000c}) r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0xc4042, 0x0) write(r1, &(0x7f0000000200)='E', 0x140000) write$binfmt_misc(r1, &(0x7f0000000080)={'syz1', "0441309aa8669d8d812136b2fd54e1870dd747ea0c0ec0cfa3d123658dc589bdbd691a5967eab8eb33d7a6ebbb2c01feff9bab1a8eca8036b36b9ea077b70c650170ad068bb20b2444cd6f70de08c95e7c1096253481fb4c"}, 0x5c) [ 204.283587] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 204.288240] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 204.292320] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 204.301597] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 204.303391] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 204.304741] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 204.993507] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 204.998190] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 205.004115] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 205.017159] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 205.024649] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 205.028507] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 205.266671] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 205.273752] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 205.291254] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 205.294060] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 205.295533] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 205.296317] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 205.298387] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 205.308369] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 205.310154] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 205.329948] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 205.331317] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 205.332242] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 206.383095] Bluetooth: hci4: command tx timeout [ 207.086921] Bluetooth: hci5: command tx timeout [ 207.343877] Bluetooth: hci7: command tx timeout [ 207.344635] Bluetooth: hci6: command tx timeout [ 208.430850] Bluetooth: hci4: command tx timeout [ 209.134912] Bluetooth: hci5: command tx timeout [ 209.390019] Bluetooth: hci6: command tx timeout [ 209.390475] Bluetooth: hci7: command tx timeout [ 210.478852] Bluetooth: hci4: command tx timeout VM DIAGNOSIS: 23:56:23 Registers: info registers vcpu 0 RAX=000000000000005b RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff82648af5 RDI=ffffffff8867b720 RBP=ffffffff8867b6e0 RSP=ffff88806ce08f18 R8 =0000000000000000 R9 =ffffed10015d6046 R10=000000000000005b R11=552030203a555043 R12=000000000000005b R13=ffffffff8867b6e0 R14=0000000000000010 R15=ffffffff82648ae0 RIP=ffffffff82648b4d RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 00007f504904a700 00000000 00000000 GS =0000 ffff88806ce00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007fdaa529a004 CR3=0000000016314000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=00000000000000000000000000000000 XMM01=00007f504bbdc7c000007f504bbdc7c8 XMM02=00007f504bbdc7e000007f504bbdc7c0 XMM03=00007f504bbdc7c800007f504bbdc7c0 XMM04=ffffffffffffffffffffffff00000000 XMM05=00000000000000000000000000000000 XMM06=0000000000000000000000524f525245 XMM07=00000000000000000000000000000000 XMM08=000000000000000000524f5252450040 XMM09=00000000000000000000000000000000 XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000 info registers vcpu 1 RAX=0000000000000000 RBX=0000000000000001 RCX=ffffffff8486d2bf RDX=fffffbfff0c1b869 RSI=0000000000000004 RDI=ffffffff860dc340 RBP=ffffffff860dc340 RSP=ffff88806cf099f8 R8 =0000000000000000 R9 =fffffbfff0c1b868 R10=ffffffff860dc343 R11=5050505001000011 R12=1ffff1100d9e1340 R13=0000000000000003 R14=fffffbfff0c1b868 R15=ffff88806cf09a30 RIP=ffffffff8486d2c3 RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 0000000000000000 00000000 00000000 GS =0000 ffff88806cf00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007f3a8474d008 CR3=000000003117c000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=00000000000000000000000000000000 XMM01=00000000000000000000000000000000 XMM02=00000000000000000000000000000000 XMM03=00000000000000000000000000000000 XMM04=ff00000000000000000000ff00000000 XMM05=00000000000000000000000000000000 XMM06=00000000000000000000000000000000 XMM07=00000000000000000000000000000000 XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000 XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000