Debian GNU/Linux 11 syzkaller ttyS0 Warning: Permanently added '[localhost]:41401' (ECDSA) to the list of known hosts. 2022/09/30 19:57:23 fuzzer started 2022/09/30 19:57:23 dialing manager at localhost:40535 syzkaller login: [ 36.320893] cgroup: Unknown subsys name 'net' [ 36.420144] cgroup: Unknown subsys name 'rlimit' 2022/09/30 19:57:38 syscalls: 2215 2022/09/30 19:57:38 code coverage: enabled 2022/09/30 19:57:38 comparison tracing: enabled 2022/09/30 19:57:38 extra coverage: enabled 2022/09/30 19:57:38 setuid sandbox: enabled 2022/09/30 19:57:38 namespace sandbox: enabled 2022/09/30 19:57:38 Android sandbox: enabled 2022/09/30 19:57:38 fault injection: enabled 2022/09/30 19:57:38 leak checking: enabled 2022/09/30 19:57:38 net packet injection: enabled 2022/09/30 19:57:38 net device setup: enabled 2022/09/30 19:57:38 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2022/09/30 19:57:38 devlink PCI setup: PCI device 0000:00:10.0 is not available 2022/09/30 19:57:38 USB emulation: enabled 2022/09/30 19:57:38 hci packet injection: enabled 2022/09/30 19:57:38 wifi device emulation: failed to parse kernel version (6.0.0-rc7-next-20220929) 2022/09/30 19:57:38 802.15.4 emulation: enabled 2022/09/30 19:57:39 fetching corpus: 50, signal 30026/31782 (executing program) 2022/09/30 19:57:39 fetching corpus: 100, signal 42741/46031 (executing program) 2022/09/30 19:57:39 fetching corpus: 150, signal 52028/56698 (executing program) 2022/09/30 19:57:39 fetching corpus: 200, signal 58193/64269 (executing program) 2022/09/30 19:57:39 fetching corpus: 250, signal 63935/71262 (executing program) 2022/09/30 19:57:39 fetching corpus: 300, signal 69267/77825 (executing program) 2022/09/30 19:57:39 fetching corpus: 350, signal 72889/82651 (executing program) 2022/09/30 19:57:40 fetching corpus: 400, signal 76433/87357 (executing program) 2022/09/30 19:57:40 fetching corpus: 450, signal 81700/93593 (executing program) 2022/09/30 19:57:40 fetching corpus: 500, signal 85315/98216 (executing program) 2022/09/30 19:57:40 fetching corpus: 550, signal 87337/101411 (executing program) 2022/09/30 19:57:40 fetching corpus: 600, signal 91468/106421 (executing program) 2022/09/30 19:57:40 fetching corpus: 650, signal 94688/110556 (executing program) 2022/09/30 19:57:40 fetching corpus: 700, signal 96411/113365 (executing program) 2022/09/30 19:57:40 fetching corpus: 750, signal 98894/116796 (executing program) 2022/09/30 19:57:40 fetching corpus: 800, signal 101007/119815 (executing program) 2022/09/30 19:57:41 fetching corpus: 850, signal 103180/122859 (executing program) 2022/09/30 19:57:41 fetching corpus: 900, signal 105992/126418 (executing program) 2022/09/30 19:57:41 fetching corpus: 950, signal 107577/128875 (executing program) 2022/09/30 19:57:41 fetching corpus: 1000, signal 109354/131460 (executing program) 2022/09/30 19:57:41 fetching corpus: 1050, signal 111683/134539 (executing program) 2022/09/30 19:57:41 fetching corpus: 1100, signal 113945/137509 (executing program) 2022/09/30 19:57:41 fetching corpus: 1150, signal 115321/139652 (executing program) 2022/09/30 19:57:41 fetching corpus: 1200, signal 116694/141756 (executing program) 2022/09/30 19:57:42 fetching corpus: 1250, signal 118393/144176 (executing program) 2022/09/30 19:57:42 fetching corpus: 1300, signal 120087/146573 (executing program) 2022/09/30 19:57:42 fetching corpus: 1350, signal 121239/148533 (executing program) 2022/09/30 19:57:42 fetching corpus: 1400, signal 123016/150919 (executing program) 2022/09/30 19:57:42 fetching corpus: 1450, signal 124095/152717 (executing program) 2022/09/30 19:57:42 fetching corpus: 1500, signal 125404/154661 (executing program) 2022/09/30 19:57:42 fetching corpus: 1550, signal 127694/157362 (executing program) 2022/09/30 19:57:42 fetching corpus: 1600, signal 129404/159554 (executing program) 2022/09/30 19:57:42 fetching corpus: 1650, signal 130508/161331 (executing program) 2022/09/30 19:57:43 fetching corpus: 1700, signal 131847/163289 (executing program) 2022/09/30 19:57:43 fetching corpus: 1750, signal 132923/165017 (executing program) 2022/09/30 19:57:43 fetching corpus: 1800, signal 134642/167151 (executing program) 2022/09/30 19:57:43 fetching corpus: 1850, signal 135371/168582 (executing program) 2022/09/30 19:57:43 fetching corpus: 1900, signal 136947/170590 (executing program) 2022/09/30 19:57:43 fetching corpus: 1950, signal 138298/172418 (executing program) 2022/09/30 19:57:43 fetching corpus: 2000, signal 139166/173872 (executing program) 2022/09/30 19:57:43 fetching corpus: 2050, signal 140533/175584 (executing program) 2022/09/30 19:57:43 fetching corpus: 2100, signal 141411/177062 (executing program) 2022/09/30 19:57:44 fetching corpus: 2150, signal 142477/178622 (executing program) 2022/09/30 19:57:44 fetching corpus: 2200, signal 144060/180498 (executing program) 2022/09/30 19:57:44 fetching corpus: 2250, signal 145466/182236 (executing program) 2022/09/30 19:57:44 fetching corpus: 2300, signal 146989/183984 (executing program) 2022/09/30 19:57:44 fetching corpus: 2350, signal 147970/185388 (executing program) 2022/09/30 19:57:44 fetching corpus: 2400, signal 148979/186821 (executing program) 2022/09/30 19:57:44 fetching corpus: 2450, signal 149696/188028 (executing program) 2022/09/30 19:57:44 fetching corpus: 2500, signal 150405/189207 (executing program) 2022/09/30 19:57:44 fetching corpus: 2550, signal 151280/190468 (executing program) 2022/09/30 19:57:45 fetching corpus: 2600, signal 152399/191880 (executing program) 2022/09/30 19:57:45 fetching corpus: 2650, signal 153168/193090 (executing program) 2022/09/30 19:57:45 fetching corpus: 2700, signal 154432/194565 (executing program) 2022/09/30 19:57:45 fetching corpus: 2750, signal 156239/196277 (executing program) 2022/09/30 19:57:45 fetching corpus: 2800, signal 157111/197507 (executing program) 2022/09/30 19:57:45 fetching corpus: 2850, signal 158064/198740 (executing program) 2022/09/30 19:57:45 fetching corpus: 2900, signal 158864/199827 (executing program) 2022/09/30 19:57:45 fetching corpus: 2950, signal 159700/200957 (executing program) 2022/09/30 19:57:45 fetching corpus: 3000, signal 160872/202213 (executing program) 2022/09/30 19:57:46 fetching corpus: 3050, signal 161769/203350 (executing program) 2022/09/30 19:57:46 fetching corpus: 3100, signal 162218/204239 (executing program) 2022/09/30 19:57:46 fetching corpus: 3150, signal 162698/205146 (executing program) 2022/09/30 19:57:46 fetching corpus: 3200, signal 164533/206685 (executing program) 2022/09/30 19:57:46 fetching corpus: 3250, signal 165936/208221 (executing program) 2022/09/30 19:57:46 fetching corpus: 3300, signal 166572/209188 (executing program) 2022/09/30 19:57:46 fetching corpus: 3350, signal 166917/209994 (executing program) 2022/09/30 19:57:46 fetching corpus: 3400, signal 168140/211179 (executing program) 2022/09/30 19:57:47 fetching corpus: 3450, signal 169077/212182 (executing program) 2022/09/30 19:57:47 fetching corpus: 3500, signal 169736/213080 (executing program) 2022/09/30 19:57:47 fetching corpus: 3550, signal 170649/214076 (executing program) 2022/09/30 19:57:47 fetching corpus: 3600, signal 171369/214985 (executing program) 2022/09/30 19:57:47 fetching corpus: 3650, signal 172116/215888 (executing program) 2022/09/30 19:57:47 fetching corpus: 3700, signal 173048/216847 (executing program) 2022/09/30 19:57:47 fetching corpus: 3750, signal 173668/217688 (executing program) 2022/09/30 19:57:47 fetching corpus: 3800, signal 174381/218594 (executing program) 2022/09/30 19:57:47 fetching corpus: 3850, signal 175119/219449 (executing program) 2022/09/30 19:57:48 fetching corpus: 3900, signal 175856/220300 (executing program) 2022/09/30 19:57:48 fetching corpus: 3950, signal 176883/221484 (executing program) 2022/09/30 19:57:48 fetching corpus: 4000, signal 177383/222239 (executing program) 2022/09/30 19:57:48 fetching corpus: 4050, signal 178546/223371 (executing program) 2022/09/30 19:57:48 fetching corpus: 4100, signal 179759/224364 (executing program) 2022/09/30 19:57:48 fetching corpus: 4150, signal 180617/225193 (executing program) 2022/09/30 19:57:48 fetching corpus: 4200, signal 181441/225982 (executing program) 2022/09/30 19:57:48 fetching corpus: 4250, signal 182334/226751 (executing program) 2022/09/30 19:57:49 fetching corpus: 4300, signal 183462/227628 (executing program) 2022/09/30 19:57:49 fetching corpus: 4350, signal 184169/228341 (executing program) 2022/09/30 19:57:49 fetching corpus: 4400, signal 184902/229084 (executing program) 2022/09/30 19:57:49 fetching corpus: 4450, signal 185867/229856 (executing program) 2022/09/30 19:57:49 fetching corpus: 4500, signal 186262/230446 (executing program) 2022/09/30 19:57:49 fetching corpus: 4550, signal 186833/231122 (executing program) 2022/09/30 19:57:49 fetching corpus: 4600, signal 187166/231759 (executing program) 2022/09/30 19:57:49 fetching corpus: 4650, signal 188010/232460 (executing program) 2022/09/30 19:57:49 fetching corpus: 4700, signal 188578/233065 (executing program) 2022/09/30 19:57:50 fetching corpus: 4750, signal 189320/233681 (executing program) 2022/09/30 19:57:50 fetching corpus: 4800, signal 190012/234314 (executing program) 2022/09/30 19:57:50 fetching corpus: 4850, signal 190475/234853 (executing program) 2022/09/30 19:57:50 fetching corpus: 4874, signal 190746/235375 (executing program) 2022/09/30 19:57:50 fetching corpus: 4874, signal 190746/235836 (executing program) 2022/09/30 19:57:50 fetching corpus: 4874, signal 190746/236289 (executing program) 2022/09/30 19:57:50 fetching corpus: 4874, signal 190746/236749 (executing program) 2022/09/30 19:57:50 fetching corpus: 4874, signal 190746/237186 (executing program) 2022/09/30 19:57:50 fetching corpus: 4874, signal 190746/237682 (executing program) 2022/09/30 19:57:50 fetching corpus: 4874, signal 190746/238139 (executing program) 2022/09/30 19:57:50 fetching corpus: 4874, signal 190746/238617 (executing program) 2022/09/30 19:57:50 fetching corpus: 4874, signal 190746/239065 (executing program) 2022/09/30 19:57:50 fetching corpus: 4874, signal 190746/239518 (executing program) 2022/09/30 19:57:50 fetching corpus: 4874, signal 190746/239933 (executing program) 2022/09/30 19:57:50 fetching corpus: 4874, signal 190746/240386 (executing program) 2022/09/30 19:57:50 fetching corpus: 4874, signal 190746/240873 (executing program) 2022/09/30 19:57:50 fetching corpus: 4874, signal 190746/241357 (executing program) 2022/09/30 19:57:50 fetching corpus: 4874, signal 190746/241818 (executing program) 2022/09/30 19:57:50 fetching corpus: 4874, signal 190746/242259 (executing program) 2022/09/30 19:57:50 fetching corpus: 4874, signal 190746/242702 (executing program) 2022/09/30 19:57:50 fetching corpus: 4874, signal 190746/243141 (executing program) 2022/09/30 19:57:50 fetching corpus: 4874, signal 190746/243598 (executing program) 2022/09/30 19:57:50 fetching corpus: 4874, signal 190746/244046 (executing program) 2022/09/30 19:57:50 fetching corpus: 4874, signal 190746/244521 (executing program) 2022/09/30 19:57:50 fetching corpus: 4874, signal 190746/244978 (executing program) 2022/09/30 19:57:50 fetching corpus: 4874, signal 190746/245438 (executing program) 2022/09/30 19:57:50 fetching corpus: 4874, signal 190746/245892 (executing program) 2022/09/30 19:57:50 fetching corpus: 4874, signal 190746/245960 (executing program) 2022/09/30 19:57:50 fetching corpus: 4874, signal 190746/245960 (executing program) 2022/09/30 19:57:53 starting 8 fuzzer processes 19:57:53 executing program 0: r0 = shmget$private(0x0, 0x3000, 0x54000000, &(0x7f0000ffb000/0x3000)=nil) r1 = shmget$private(0x0, 0x4000, 0x2, &(0x7f0000ffc000/0x4000)=nil) shmat(r1, &(0x7f0000ffb000/0x3000)=nil, 0x5000) shmctl$IPC_RMID(r0, 0x0) madvise(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x65) r2 = shmget(0x1, 0x1000, 0x800, &(0x7f0000ffe000/0x1000)=nil) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000000)={{{@in6=@mcast2, @in=@empty, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@loopback}, 0x0, @in6=@private0}}, &(0x7f0000000100)=0xe8) r4 = fcntl$getown(0xffffffffffffffff, 0x9) r5 = clone3(&(0x7f00000002c0)={0x2003000, &(0x7f0000000140), &(0x7f0000000180), &(0x7f00000001c0), {0x1b}, &(0x7f0000000200), 0x0, &(0x7f0000000240)=""/54, &(0x7f0000000280)=[0x0, 0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff], 0x5}, 0x58) shmctl$IPC_SET(r2, 0x1, &(0x7f0000000340)={{0x0, 0x0, 0x0, r3, 0xffffffffffffffff, 0xa2, 0x400}, 0x7, 0x6, 0x1, 0x4, r4, r5, 0x3}) getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffffff, 0x29, 0x22, &(0x7f00000003c0)={{{@in6=@private1, @in=@local, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@initdev}, 0x0, @in=@initdev}}, &(0x7f00000004c0)=0xe8) setsockopt$packet_add_memb(0xffffffffffffffff, 0x107, 0x1, &(0x7f0000000500)={r6, 0x1, 0x6}, 0x10) mmap$perf(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0xd, 0x11, 0xffffffffffffffff, 0x400) r7 = shmget$private(0x0, 0x2000, 0x200, &(0x7f0000ffd000/0x2000)=nil) shmat(r7, &(0x7f0000001000/0xb000)=nil, 0x5000) shmget$private(0x0, 0x4000, 0x1000, &(0x7f000000b000/0x4000)=nil) shmget$private(0x0, 0x3000, 0x100, &(0x7f0000ffb000/0x3000)=nil) r8 = shmget$private(0x0, 0x2000, 0x400, &(0x7f0000ffe000/0x2000)=nil) shmat(r8, &(0x7f0000ffc000/0x2000)=nil, 0x3000) mlock(&(0x7f000000b000/0x4000)=nil, 0x4000) 19:57:53 executing program 1: sendmsg$AUDIT_GET(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x10, 0x3e8, 0x8, 0x70bd2d, 0x25dfdbfe, "", ["", "", "", "", ""]}, 0x10}, 0x1, 0x0, 0x0, 0x40000}, 0x40000) r0 = open(&(0x7f0000000100)='./file0\x00', 0x129101, 0x40) r1 = syz_genetlink_get_family_id$devlink(&(0x7f0000000180), 0xffffffffffffffff) sendmsg$DEVLINK_CMD_TRAP_GET(r0, &(0x7f0000000400)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f00000003c0)={&(0x7f00000001c0)={0x1e8, r1, 0x500, 0x70bd2b, 0x25dfdbfd, {}, [{@pci={{0x8}, {0x11}}, {0x1c}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x1c}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x1c}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x1c}}, {@pci={{0x8}, {0x11}}, {0x1c}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x1c}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x1c}}, {@pci={{0x8}, {0x11}}, {0x1c}}]}, 0x1e8}, 0x1, 0x0, 0x0, 0x8080}, 0x4000) sendmsg$NL80211_CMD_AUTHENTICATE(0xffffffffffffffff, &(0x7f0000000500)={&(0x7f0000000440)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f00000004c0)={&(0x7f0000000480)={0x3c, 0x0, 0x10, 0x70bd28, 0x25dfdbfe, {{}, {@void, @val={0xc, 0x99, {0x7fffffff, 0x74}}}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @chandef_params=[@NL80211_ATTR_CHANNEL_WIDTH={0x8, 0x9f, 0x3}], @NL80211_ATTR_AUTH_TYPE={0x8, 0x35, 0x7}]}, 0x3c}, 0x1, 0x0, 0x0, 0x24040004}, 0x4) sendmsg$TIPC_NL_NET_SET(r0, &(0x7f0000000780)={0xfffffffffffffffd, 0x0, &(0x7f0000000740)={&(0x7f0000000540)={0x1c8, 0x0, 0x10, 0x70bd2d, 0x25dfdbfb, {}, [@TIPC_NLA_NODE={0x58, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_KEY={0x4a, 0x4, {'gcm(aes)\x00', 0x22, "bc48e4f28a936227ea914b8db857ee713a52ec8ff554d0b04683b859b67dd40abf1b"}}, @TIPC_NLA_NODE_UP={0x4}]}, @TIPC_NLA_PUBL={0x54, 0x3, 0x0, 0x1, [@TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0x2}, @TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0x7}, @TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x10000}, @TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0x6}, @TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0x10001}, @TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0x2}, @TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x41eb}, @TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0x3}, @TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0xe}, @TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0xfffff001}]}, @TIPC_NLA_NODE={0x68, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_KEY={0x49, 0x4, {'gcm(aes)\x00', 0x21, "a67f74aee03b6ed35d0463ce7c3fc3897f08fb5b7a0c57dbd3f273c24b88c9aadf"}}, @TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x2}, @TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x2}]}, @TIPC_NLA_MON={0x14, 0x9, 0x0, 0x1, [@TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x8}]}, @TIPC_NLA_NET={0x28, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_NODEID={0xc, 0x3, 0x33}, @TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x3}, @TIPC_NLA_NET_NODEID={0xc, 0x3, 0x79e}]}, @TIPC_NLA_BEARER={0x64, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_PROP={0x2c, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x2000000}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x18}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x8}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0xffffff01}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x4}]}, @TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz0\x00'}, @TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz0\x00'}, @TIPC_NLA_BEARER_PROP={0x14, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x200}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x40}]}]}]}, 0x1c8}, 0x1, 0x0, 0x0, 0x40040040}, 0x8081) sendmsg$NL80211_CMD_STOP_AP(r0, &(0x7f0000000880)={&(0x7f00000007c0), 0xc, &(0x7f0000000840)={&(0x7f0000000800)={0x28, 0x0, 0x200, 0x70bd26, 0x25dfdbfd, {{}, {@val={0x8}, @val={0xc, 0x99, {0x101, 0x67}}}}}, 0x28}, 0x1, 0x0, 0x0, 0xe080}, 0x4) r2 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000900), r0) sendmsg$IPVS_CMD_GET_INFO(r0, &(0x7f0000000ac0)={&(0x7f00000008c0)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000a80)={&(0x7f0000000940)={0x124, r2, 0x400, 0x70bd2d, 0x25dfdbff, {}, [@IPVS_CMD_ATTR_SERVICE={0xc, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_SCHED_NAME={0x8, 0x6, 'sed\x00'}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x3}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x9}, @IPVS_CMD_ATTR_DAEMON={0x70, 0x3, 0x0, 0x1, [@IPVS_DAEMON_ATTR_MCAST_IFN={0x14, 0x2, 'geneve1\x00'}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x6, 0x4, 0x81}, @IPVS_DAEMON_ATTR_MCAST_PORT={0x6, 0x7, 0x4e23}, @IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @loopback}, @IPVS_DAEMON_ATTR_MCAST_GROUP={0x8, 0x5, @broadcast}, @IPVS_DAEMON_ATTR_MCAST_PORT={0x6, 0x7, 0x4e22}, @IPVS_DAEMON_ATTR_MCAST_IFN={0x14, 0x2, 'ip6gretap0\x00'}, @IPVS_DAEMON_ATTR_MCAST_GROUP={0x8, 0x5, @local}, @IPVS_DAEMON_ATTR_MCAST_GROUP={0x8, 0x5, @dev={0xac, 0x14, 0x14, 0x2e}}]}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x6}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x7}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x2}, @IPVS_CMD_ATTR_DEST={0xc, 0x2, 0x0, 0x1, [@IPVS_DEST_ATTR_TUN_PORT={0x6, 0xe, 0x4e20}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x800}, @IPVS_CMD_ATTR_DEST={0x58, 0x2, 0x0, 0x1, [@IPVS_DEST_ATTR_PORT={0x6, 0x2, 0x4e22}, @IPVS_DEST_ATTR_ADDR={0x14, 0x1, @ipv4=@multicast1}, @IPVS_DEST_ATTR_FWD_METHOD={0x8}, @IPVS_DEST_ATTR_TUN_TYPE={0x5}, @IPVS_DEST_ATTR_INACT_CONNS={0x8, 0x8, 0x300}, @IPVS_DEST_ATTR_TUN_TYPE={0x5}, @IPVS_DEST_ATTR_ACTIVE_CONNS={0x8, 0x7, 0x10001}, @IPVS_DEST_ATTR_TUN_FLAGS={0x6, 0xf, 0x400}, @IPVS_DEST_ATTR_ACTIVE_CONNS={0x8}]}]}, 0x124}, 0x1, 0x0, 0x0, 0x800}, 0x4000000) sendmsg$SMC_PNETID_DEL(0xffffffffffffffff, &(0x7f0000000bc0)={&(0x7f0000000b00)={0x10, 0x0, 0x0, 0x43080000}, 0xc, &(0x7f0000000b80)={&(0x7f0000000b40)={0x14, 0x0, 0x100, 0x70bd25, 0x25dfdbfe}, 0x14}, 0x1, 0x0, 0x0, 0x800}, 0x0) sendmsg$NL80211_CMD_DEL_PMKSA(r0, &(0x7f0000000d00)={&(0x7f0000000c00)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000cc0)={&(0x7f0000000c40)={0x78, 0x0, 0x8, 0x70bd29, 0x25dfdbfb, {{}, {@val={0x8}, @val={0xc, 0x99, {0x8}}}}, [@NL80211_ATTR_SSID={0x1f, 0x34, @random="6e86507cb8fa45216037fba6c9e4421ff3964092ec59162b49f31a"}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac=@broadcast}, @NL80211_ATTR_SSID={0xa, 0x34, @default_ibss_ssid}, @NL80211_ATTR_FILS_CACHE_ID={0x6, 0xfd, 0x84}, @NL80211_ATTR_FILS_CACHE_ID={0x6, 0xfd, 0xfff7}, @NL80211_ATTR_PMK_REAUTH_THRESHOLD={0x5, 0x120, 0xa}]}, 0x78}, 0x1, 0x0, 0x0, 0x4000000}, 0x20000000) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r0, 0x8933, &(0x7f0000000d40)={'batadv_slave_1\x00', 0x0}) ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(r0, 0x89f3, &(0x7f0000000ec0)={'ip_vti0\x00', &(0x7f0000000dc0)={'erspan0\x00', r3, 0x20, 0x8, 0x8, 0x5, {{0x32, 0x4, 0x3, 0x37, 0xc8, 0x68, 0x0, 0x1, 0x2f, 0x0, @remote, @initdev={0xac, 0x1e, 0x0, 0x0}, {[@cipso={0x86, 0x37, 0x3, [{0x9, 0xd, "5bcfb22865011338ffb364"}, {0x1, 0x5, "04b77d"}, {0x0, 0x5, "b411f7"}, {0x7, 0xc, "2bb278556d9c62ab4af1"}, {0x6, 0xe, "c94bc10a232537d158dce0c3"}]}, @ra={0x94, 0x4, 0x1}, @generic={0x94, 0x6, "2cc97c47"}, @ra={0x94, 0x4, 0x1}, @end, @timestamp={0x44, 0x28, 0xb9, 0x0, 0x3, [0x1ff, 0x52b2, 0x7d, 0x7fffffff, 0x6fa, 0x6, 0x4, 0x7, 0x8]}, @cipso={0x86, 0x38, 0x1, [{0x2, 0xd, "798d76ccd2b84be7bacef6"}, {0x6, 0x11, "ec6a43b07dae09e1d1abbd0fdbdab0"}, {0x7, 0x4, "9f25"}, {0x6, 0xa, "64b0fa9aa790c1bd"}, {0x7, 0x6, "92ab2ef7"}]}, @timestamp={0x44, 0xc, 0x2c, 0x0, 0x6, [0xef9, 0x9]}]}}}}}) ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000f00)={'vcan0\x00', 0x0}) ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r0, 0x89f2, &(0x7f0000000fc0)={'ip6tnl0\x00', &(0x7f0000000f40)={'syztnl1\x00', r3, 0x4, 0x0, 0x8, 0x9, 0x5, @private0={0xfc, 0x0, '\x00', 0x1}, @loopback, 0x8000, 0x40, 0x3, 0x5}}) r7 = accept(0xffffffffffffffff, &(0x7f0000001000)=@xdp={0x2c, 0x0, 0x0}, &(0x7f0000001080)=0x80) getsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f00000010c0)={{{@in=@empty, @in6=@dev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@multicast1}, 0x0, @in6=@empty}}, &(0x7f00000011c0)=0xe8) sendmsg$ETHTOOL_MSG_LINKSTATE_GET(0xffffffffffffffff, &(0x7f0000001400)={&(0x7f0000000d80)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f00000013c0)={&(0x7f0000001200)={0x198, 0x0, 0x0, 0x70bd2d, 0x25dfdbfe, {}, [@HEADER={0x38, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'ip_vti0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r3}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r4}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}]}, @HEADER={0x24, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r5}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r3}]}, @HEADER={0x60, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r3}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r6}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'wg2\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'tunl0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8}]}, @HEADER={0x14, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r3}]}, @HEADER={0x50, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'team0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'batadv_slave_0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r9}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_to_hsr\x00'}]}, @HEADER={0x64, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r3}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'bond_slave_0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'batadv0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_FLAGS={0x8}]}]}, 0x198}, 0x1, 0x0, 0x0, 0x4000}, 0x80) sendmsg$BATADV_CMD_TP_METER_CANCEL(r7, &(0x7f0000001500)={&(0x7f0000001440)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f00000014c0)={&(0x7f0000001480)={0x34, 0x0, 0x1, 0x70bd29, 0x25dfdbfd, {}, [@BATADV_ATTR_ELP_INTERVAL={0x8, 0x3a, 0xdb8a}, @BATADV_ATTR_MULTICAST_FANOUT={0x8, 0x3c, 0x4}, @BATADV_ATTR_ISOLATION_MASK={0x8, 0x2c, 0x8}, @BATADV_ATTR_MULTICAST_FANOUT={0x8, 0x3c, 0x4}]}, 0x34}, 0x1, 0x0, 0x0, 0x54}, 0x20008884) setsockopt$inet6_IPV6_RTHDRDSTOPTS(r0, 0x29, 0x37, &(0x7f0000001540)={0x2, 0x1c, '\x00', [@generic={0x7, 0xa9, "aa6ea3146ec916980a4f0a1128c7236020f16863c38b817cfa994ffd774a0606e765528cee1f1839347b6186ca94f7bdcdce6fa7ad5dc7ca19f1bbc3633551b0376444025af785515711f2f5e28c1b0cd60c35609b5cc558457741fe1041bc97817eec37d9facbe87cbc078b4d6f531f5bb07bf5d138982e2f499019be056086e74a094ad0bdc10c8ebce79692f482fd55368584860acebd51a8d4345f7ed271abf95ec5b90055a5fb"}, @ra={0x5, 0x2, 0x400}, @pad1, @jumbo={0xc2, 0x4, 0x8}, @calipso={0x7, 0x18, {0x2, 0x4, 0x40, 0x620, [0x2, 0x101]}}, @jumbo={0xc2, 0x4, 0xffffffff}, @padn={0x1, 0x8, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}]}, 0xf0) 19:57:53 executing program 2: setsockopt$inet_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000000)={@in6={{0xa, 0x4e23, 0x422, @local, 0x4}}, 0x0, 0x0, 0xa, 0x0, "605c94b74b2bb8f9da22908c28c515eae8013e65efeebdddf41ae04a7b73754a0a06486774199dfb385aefec22d5ed6e836ae0b7dee799844613fd67e34093c1ba1b19ef1c580ecf1bf56f811a5ecead"}, 0xd8) r0 = socket$unix(0x1, 0x1, 0x0) ioctl$sock_inet_SIOCSIFDSTADDR(r0, 0x8918, &(0x7f0000000100)={'virt_wifi0\x00', {0x2, 0x0, @empty}}) r1 = accept4$unix(r0, &(0x7f0000000140)=@abs, &(0x7f00000001c0)=0x6e, 0x80000) accept$unix(r1, &(0x7f0000000200), &(0x7f0000000280)=0x6e) fsetxattr$trusted_overlay_nlink(r1, &(0x7f00000002c0), &(0x7f0000000300)={'U+', 0x3}, 0x16, 0x2) r2 = openat(0xffffffffffffffff, &(0x7f0000000340)='./file0\x00', 0x40001, 0x14) fsync(r2) setxattr$trusted_overlay_nlink(&(0x7f0000000380)='./file0\x00', &(0x7f00000003c0), &(0x7f0000000400)={'U-', 0x3}, 0x16, 0x1) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) ftruncate(r3, 0x2) r4 = accept4$inet6(r3, 0x0, &(0x7f0000000440), 0x800) r5 = perf_event_open$cgroup(&(0x7f0000000480)={0x3, 0x80, 0xe7, 0x21, 0x80, 0x4, 0x0, 0x5, 0x11088, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x2, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x400, 0x1, @perf_config_ext={0x2}, 0x4, 0x0, 0x67, 0x9, 0xffff, 0x0, 0x9, 0x0, 0x80000001, 0x0, 0x3}, r2, 0xa, r2, 0x4) ioctl$BTRFS_IOC_ADD_DEV(r4, 0x5000940a, &(0x7f0000000500)={{r5}, "3751e163bfcdc67202341a2630a81af9c9ed45ce02c9090ac82319a36c8c208b6b64d8d82383f491fb901bacc97f81cf76bf5a5104eeeff79f74ad5f790fb30de7675bb571ee54434c17206847954cd430fb79183899c0b45e17767f93c18f7cccb586b839c1fac04b49ac377bb6676f79d97d699dcec3d610cd6c56cfee8c854e918f2247ee4d2d72e0a262cb48ef9fdff2337d1a18f9fe90645ccb0c21b628c70d062eb74c51c3d2115a7ab40da50487d9aad4eddd91bc68963fa8926fa092ccb1084277678815709cbd34a525b1ef913d5d0d0d7e7ba8126f60398cc6e6aee15c0edb48abd64cffa8153847f0c3565ddacc387965bf2d494b3714b0eba7ad26b30f33d5b6a33c1f150f00a68fdd88c314ed2e6e39bc4506d97f49c5e1d76b13f491e6b4b86ee082df3607637568b86b50dc46dfd3c317583fc7193d199299e653fd9ba51355e15d9b1165f2318987d2225565ebb3cf7ff4248a1f3d45f55da5723ce2c5aea997a2498b297e8ea1cc8f8eef22ac8b569bed3a36389e6ae2ac56549461524c06c36ad24b44aeeee9d20b1694fb0dab82866542a3f19ba21107d863691221b587f41c02290165196c5050b199ea684b3fc8c7ac6ecee939ea06c03b69b68f2aeb7754ff56b2478b3334f63cdf78a80e70695e6ab2cbb432d7e53eb8eb42b7e21f224531a26c561b3c2f8c9c67801c59fd04598c2c2d390d6bc51f125f871aa108f8d089f5c17111f86a0e603cce684a449952aebbc18f8cebfc395f79cb0accc06952a0cc0bbdfd6d594fa78a3ee9638959040d5feb3b9fedae973feee95bd44eaeeec6016bfcd8986c96f1a6646bed9b6c1791546f191c6ac0d8b4861432b126d1b40e4bbbc7573fbe4aea413eabceb871bbbbecf8b69f190c30686613a6a11c522c09e6ffb7203a596cb1a6994f4243a6381831c45362fcd13a66cc06e961eecf9e86abeb87e7774202527ca2abe16ae50c9381bcc3f5953806d66ad2ac620b8b1274e3ea8551a964e03da506855201fc45c15525a1d41082c6865f2666f53ce34901cd7e14a4d2b6d77136055ab0e0b087a1fdae8e0d43043d93ca1ecd6d1dd016b406e03bde12f39fc9e74d65ab5e708e0f31883111a4c41b17a3b436f05fb53610e261e7407b7d39966c86498575d3d9b3da59d2a3ac4fb65e82d3e9c0b089011a45a6dcfef64b896377674f1a0297fa26dab156a486bf1fa5247b1a0f29ba822692fbfef7a52dd4c5e2f44deef72cab3457119c9fc353b3dcd0f5f719af3b51f1c34f6e1e58855d0daf46e66ab87592f422241849ba20ad6a4d4baca423a0424a7e24f6dce9cff38fcbb7b9b8e1e2f429a6e8317c451cb53f34415055790c2e97bc004a64c124c7f5f9175d03fef9c648ac825468fe00b9759ef7538b166cce900504148aa61c995a816cd2e97ca225ecf2682025abab1a418458bbe2a4fdb2b0a363c7fb5e93b6d67e32690d36e57d8482ef1a26e4d22f088076785022b26fe5c1791365469a01fa904bc3a759be20e9db9793bf25ba3524d9236868a8ba047b1f31740ed339ec1ddf9f2de7c509152d487eb448c4155ee9eb91095713d221efe74cc34f0e941f5c748dc55fa97c683ee82187eaf4de8d4e90ecc10d5849cc7840140f0af912fa3d1aba598172b448b0ddfeef5ccdefc44bf70a1a3418a63b94601efdb1b5501153ceb93948113a3296b99841619cc1837aa4fe69e08a95f13fe46e3f713b9006f67ee01009c635c81b8f729f6471f28d2e089fb87a552a02ac4864a28fc16ab25f0fed3a97314f85ff555966105be08365616acec0b91a28d0d879509767adfd96e3303a25c7b090346c67585d33646a20a82a9575984859606e0841c38ac510d40f05c97a4d6874c50a634d24e80c216021f641ff8aa3bfed67ef3b6675fd2b6c2a34d448192f5c0229ae3eb71310ccb63bac0c4ab8dbbd1b0d845cc73b63df4537503d67c8a2e15377195e67142aabc310aa7d2515df8c4b9fcf6202682e75fad4da7237e131fda7d112b8bb59af717d11047a090a73cf8d57bafde5a756533cb346251dcc12cd1645b7c38370d5f536cee8c862039361c591b890e68e7186666ff1ed600c36ca4851800d02c4ee6cd7ec75f9c04417268c6afd91f7e9cfff3c74ee0970efe81f24d160ae5db06fd4ffaabc925e38739904244b354fdf4f704f1d1b23b0a3ad43ceb909f695b41ded32d83485b431f6484d34b7cb1982fb596337062d936e5f9106e2c3703fc3433aaecc6391dfe71bf879c91eedf4418167a2cdf3e0bda1b090b1568815e611903eb0c4e5167846cbdfff65f1a99c4bc9e64ae9a5b9432f3560400b27aa419a6b6c5fbbafa1601a3887a3cc8b7ea50215243b0fd351d7e335c868e3338e88bc9e534f1e3c431af2e6ad1dd846218bf546cc501c3eec40121fa1170b0b02c1fb05403ecdbc9e38efed02b5620906d117903269c3944871df6cd149e718a385c51cbf175231ff45aad9ae0a5d608a0615bf2c879145f76c748cc8048b5a595ee6ad1bf7468f2322172b7c7f43ce1263adc2c2a2b8e304a3986a0a539c65acd21063ca154d87fbae4694ed283cf87a3225ba136b12e83d4ce9fa11d7bfd31b3d0c0f2a6202f08083be710bd96a855332aa76a34a9c06fac32f6c1b4dd32f2f49d4c4e7c90d9cb499d8ca80682ba6207d940e2722e0fe0ade29d6ff4c66be4fdd00b5e98f757f1b528b8995ce484cea3506aa3f7c65852aeec88efd91061ab066b22376463250d3dc7ba22330581f990485e80a7d83f2855c4a4ee8d7cb16fd349cc1fc08fc2988a41bd03bae9b67d33e24da4b778f0b2466dad14079cec1711afcc354421441b95d516bb77019491b0bb33b1694f1c568e077a780801c161ce4b5863d3d8c0c4f01e0431a1fbe883f00b439e9ce3e6cadef34e541c23606518339a3f9918b81460736fa309b0c2d4b3b4497c939063ae708e410dd3ea849fb3f219292ffe00ca982640f867cd551cb050c0c4c9f510c60706bde95dd3a19e303a17e754e062e653236c9703f99087f0f99451304e4314c58471c983972223cd49a8141ff5665b23cd47124340432d8d2d85a182195a21289b11c907892b98cae7941580cdff665110ac008c7b0f40ef1e819c6443a130d748c0b5479b86d05aa95c499ce629a6bcb27294e4dc874b249fd830ce6adb66db8da7b1046d646a96da9903a0727316b3f9e61750d054d66732f21ff631666199c931ad39ba3a8d2d7a9068a34d134e05bc625c459c63da1112b81d75a7b784c6121815b252bc04a3b06f578b78adca49cdd379aa4cb3cd869136b0dbd26d3f32673074417b4afb2105804ae1c6a068091e1921a3b9e335011fe4d192445d7781d0f2c1411d62eafb1b22703932f742e789be75dd9ab4c7c90c564212e320ad1fd9d411c0da446db9072635a618be0df93ed3444d532ed54618faeec53e894b29b36e649e4071f70e4e103bc1b111625d1fbbdf6fafee5eb36241c8cf413dab9947d260edbf7e03ee3b5cfe3d4e0efade53e0d748020d8eb9ab9bce679cd6d7894a22776b50b1851b3fee7128165c808f8416f4a5993c17bb017e90d9f8c512033ce9cf37b27b5b41897a66732b3e942943fb64a2cba3dac58c0b3830e2756902aaaaffc8f6fc4713ed22789d384041d68325c30f78dfeff6e15516c08c3af437e6e1eb168653c57d42d67ad22fedf3044912b785e61cfba654c6f989fe1d3e7f83962133651ba1805983c8aa63094d95861294cd29a162f64eb9cf641ffdc64635ddda994e0fdcfb634bff6adb0781208f8cddd293bf0821f273b9d619b73e8c3a3ca73ec1f2e2c75f421adcd5f911716abbd621e35d2257df02da30e28728690af919a3013e1e88db49a6a9223780cf05eee66a8e476efd728c9d4c7052d47f401d747e6a25cad861cfabb3ddf80a94d06c75b7ae7e4ea2a0e1609a8247852ba15d1e8dc131f70f4f270f5ec95f1622bf4d663a37035a79c325deaa245c15dcfa094300299c0e7421c5982e6a89222b854f8fdc504220d6fc1df0e3789f1bdf7e343a3063d376ca9ff4f59933a2eeee1dfe32bb6b6ccaf86f52ccbc488187cc35e65c61c0633a7646bd6a469d4c22eae1dfebbda74f3cb43876f96061e7df5fadabd4f7793e45136596454811ea379429bf78174d0b866e321427c1c80a39f86103ce591d8ed01da23d55708681c05ca56bd0612206f3f2bc30d45f2a5d8af2643c0cf384de484d8a5f4c1d28257eb22780d6a467c9072aef1d6c99c9df576aa317afc0beebf06623b832a60a8e4c0342945ad7ad3f7be3c34094ea3d2911ce0334fab639a58c8cc2dcb321bbe494a4e780bcce6c1fe5594107e6509c64e86e05103b25a84ae185c6c1632cb91f2a69cdc141450db855aa1fe03d34f542127c5dfcaad09dd55d60c56d461740092eaff672e9d36c8b9e783920deee5e45a62bc7ed35f526c6ae5472d5d5e7eadcbadbb7aa8928059b38b6818efe5cbc064ecd85d198e2b9fe6319e6b11431a0b3ce628570ab4dc7692536788c56d17306121e7604c60e7b1288d944bcf647bfbb1e831b2889a466093534d49bc7539dc4f143f2d6af458cd3975d8674eb376867e30104f8f926a4f7c4970759b36c0afe7bb49ff21a14a434c47a76de8837915b0fd6e780ea337fb70df2e9dd8e5c6d490a863ff9d32cca8006db25de2d6ad35e9a8c89e956de036bfd5b8fad1d95a8d45daf9df123ce0c8aa8c0a2f7b108881d33fe4ceb7ac97d17386412641dd37f8d8e7a87424fbb7ac880b769bb941b2d0fe6e2d8d3a4595edc87fe4225f7c85ed534d00d14f0ab05538add9f388f984d746855793e276cf88130718a517ffa33f0b9a4d50aaab2c4041f5a8c19ad68d5de31c41d15adf924eac55f37e7a48cd0bc934c96bfa11f213e23b53b7e159a7461e4301cb8b0316b461af82c01693ed937775479778a5a17a08f7bf24ed2649fb0afe323de844694c997cfd47fd55d2f37c790bce9e06254fa1b2a2d5c91c54632829564181967203aa2f68e9e904041db4360dab5da07c25fd4b0304f5e14de2d95afe2106af533ce82b30c0a2d47c86e410eb886dcebac5ba977aadbba45cb1796753064959b8713a597ee0f917ad7df77d705fcbc39a57d7d5c1c550a2861cb90d10ee219ecfaf6ac4407fea5d1444ecdea17c389de0edb594adb0557a3bcf37a1c50b9e36ccaeaacdbe575991c0d25d26d75b463cfa7ea170742ed7e39196e6a8766264fb86b19be2f3ac95ea2aaf85a9fb0b7f64bce824b8acc7dfee495ff5c89bf80830d9abfb66ce61a6c73d02a9dbc1d52ade6f8199a8dce01f9541b84033f0ef29f9fe5406700fae09b9e6aee8e35c4ccb14e34f7d37e80e8a18600fd9a4d016827b7db8a3083b6842e14cb5851089a2a169479a903e7a384d65ffb505e5e89646a3000f784a95bf792fbd9df7188769165e7c8cb2c0937e74185bfab7f55f7a1ad71d370e2b0c15e37b53436cc26674a7949c04b9e1c76664732d5d7a66f57f0302bf0b3706739aaa177716c51d0cae21ee46cf1c1d2122569892fdecb47c37ea19d39fc26e8e7f89af0880aa3080d8487fff773bb5fc3968e113941141f58f07dd0e6e04e297b60c0edb6a7d8f1c9a5d1ca70ebd127eaded48ba281db23636511451846709db0c4364db9cadf59aeb03b8861158d45a575a2a9e8488006ea44bfa668388b24df4dfc3d54c528e839a9b553a4049ae32aa859717caca29b5b72b5e6290a571b6625757232a43a310ca27"}) chmod(&(0x7f0000001500)='./file0\x00', 0x1) lremovexattr(&(0x7f0000001540)='./file0\x00', &(0x7f0000001580)=@random={'os2.', ',-%\x00'}) ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f00000015c0)={r5, 0x6, 0xd5, 0x4e093ae8}) vmsplice(r6, &(0x7f0000001780)=[{&(0x7f0000001600)="00d63237df7c6dc304e70b1998473421cbb16a6890e1948811531f7f27bc573a0a697bf7f95070c43f135d742a2ffb4dddc4f7d21e760dd73cea06a5de8e373d1b4a23e66182e7fd37ca3100f13ad0b996f551165e0b1182a0c052a235e644c5a8e758922b95778e7d3e392ccb12d3fd92690b028ca707bf2f6fd43101061915b930877e33123d72013822cf6731df162cb3e81bfdfbab5f5cb5e0467807f4fde024d77059bbf5c8f1e8962106d5233d5a", 0xb1}, {&(0x7f00000016c0)="469c74c635341be846874851389551a0b719f2de9b19fb01208ac6c25866e3feecd147bb5c06f31639b75125f31e260df339aa1b3ca55a3a3b237a16e6783ccc7113acf776228590cf284df2be92a83456e67d43d8467afef9c9c7251943b77fed648df766a55152b42886af5a19166a1e96c77d1e57f6208ea006ecfa83983994f169f82d5571da01ddf08ecb51dd52cdd56c6d5157c123ddedb94453fec57729ce454e72df5ece05aa1c971ffa68", 0xaf}], 0x2, 0xa) ioctl$BINDER_GET_NODE_DEBUG_INFO(r2, 0xc018620b, &(0x7f00000017c0)) connect$inet6(r3, &(0x7f0000001800)={0xa, 0x4e20, 0x1, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', 0x6}, 0x1c) [ 66.114001] audit: type=1400 audit(1664567873.495:6): avc: denied { execmem } for pid=284 comm="syz-executor.1" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1 19:57:53 executing program 3: r0 = syz_genetlink_get_family_id$SEG6(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$SEG6_CMD_SET_TUNSRC(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x5c, r0, 0x400, 0x70bd25, 0x25dfdbfb, {}, [@SEG6_ATTR_SECRETLEN={0x5}, @SEG6_ATTR_DSTLEN={0x8, 0x2, 0x4}, @SEG6_ATTR_DST={0x14, 0x1, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}}, @SEG6_ATTR_HMACKEYID={0x8, 0x3, 0x6}, @SEG6_ATTR_DST={0x14, 0x1, @empty}, @SEG6_ATTR_HMACKEYID={0x8}]}, 0x5c}, 0x1, 0x0, 0x0, 0x8800}, 0x4044811) r1 = syz_genetlink_get_family_id$smc(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$SMC_PNETID_ADD(0xffffffffffffffff, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x7272e8386ca987c6}, 0xc, &(0x7f0000000240)={&(0x7f0000000200)={0x2c, r1, 0x1, 0x70bd28, 0x25dfdbfb, {}, [@SMC_PNETID_IBNAME={0x9, 0x3, 'syz0\x00'}, @SMC_PNETID_IBNAME={0x9, 0x3, 'syz0\x00'}]}, 0x2c}, 0x1, 0x0, 0x0, 0x8040000}, 0x200cc045) ioctl$BTRFS_IOC_SCRUB(0xffffffffffffffff, 0xc400941b, &(0x7f00000002c0)={0x0, 0x0, 0x10000}) sendmsg$TIPC_NL_NET_GET(0xffffffffffffffff, &(0x7f0000000bc0)={&(0x7f00000006c0)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000b80)={&(0x7f0000000700)={0x460, 0x0, 0x400, 0x70bd2a, 0x25dfdbfc, {}, [@TIPC_NLA_NET={0x2c, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_ADDR={0x8, 0x2, 0x7}, @TIPC_NLA_NET_ADDR={0x8, 0x2, 0x4}, @TIPC_NLA_NET_NODEID={0xc, 0x3, 0x3}, @TIPC_NLA_NET_NODEID={0xc, 0x3, 0x10001}]}, @TIPC_NLA_NODE={0x1ec, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x8e}, @TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x2}, @TIPC_NLA_NODE_ID={0xe4, 0x3, "a4462bb37746043a0a6134634331dfeec4a2d6f70e4232bbc6375ccaa4d277ecd1edbc9856194ac2750ae10d7f1ecf72df7aaacdf3cb174d6b2f2eebf75517dd6c8f1990674d0c277cc07df89e537be393f54310c333b6aa5f1e105b024606854fb28189e3c43e540c207abb5713c95aa22d1ba273714e89e799c4e74f404b94eaafb6759f6946ef97e7125b300ad78d979a7ca9d50970ef81ae7d208c97d616268720cbbf148e4413c61952bcaab2535552fe1767328096a68f806df08571bdcb0b9a43022d78c16d941fa6df6add3f407aff3e2593140de67b9e3646bd6cc0"}, @TIPC_NLA_NODE_ID={0x6f, 0x3, "14971fc02b9791905fa19d3be7957a9b2287b39b10e2bcc89476ff4f0edd6115b992e1ea1b2a811e507dea87071959d56949fdd51a891542c8887449b174e3a55a72b79b3aefa883eb3d27b542a54247628e7d1f3087a991c6acfb12bb6ab3249c679df687c5bfadee1ebe"}, @TIPC_NLA_NODE_KEY={0x3f, 0x4, {'gcm(aes)\x00', 0x17, "f07941119f19beaeae0166d051c4d99fb4cb88475c4d5f"}}, @TIPC_NLA_NODE_ADDR={0x8}, @TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_ID={0x34, 0x3, "292e67251b7daf1240e46d32c4655f08ab17e8133e8cc81f5658cc7ee0cac99671e3922e4b20ef75042844eac04a1330"}]}, @TIPC_NLA_LINK={0x98, 0x4, 0x0, 0x1, [@TIPC_NLA_LINK_NAME={0x13, 0x1, 'broadcast-link\x00'}, @TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz0\x00'}, @TIPC_NLA_LINK_PROP={0x34, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0xeb}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0xffffffff}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xd}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x3}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x3}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x401}]}, @TIPC_NLA_LINK_PROP={0x14, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0xa178}, @TIPC_NLA_PROP_MTU={0x8}]}, @TIPC_NLA_LINK_NAME={0x13, 0x1, 'broadcast-link\x00'}, @TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz1\x00'}, @TIPC_NLA_LINK_PROP={0xc, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1f}]}]}, @TIPC_NLA_PUBL={0x2c, 0x3, 0x0, 0x1, [@TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0x2}, @TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0x1}, @TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0x92}, @TIPC_NLA_PUBL_UPPER={0x8}, @TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x4}]}, @TIPC_NLA_BEARER={0x80, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x10000}, @TIPC_NLA_BEARER_UDP_OPTS={0x2c, 0x4, {{0x14, 0x1, @in={0x2, 0x4e20, @local}}, {0x14, 0x2, @in={0x2, 0x4e21, @empty}}}}, @TIPC_NLA_BEARER_UDP_OPTS={0x38, 0x4, {{0x14, 0x1, @in={0x2, 0x4e24, @broadcast}}, {0x20, 0x2, @in6={0xa, 0x4e24, 0x100, @private1={0xfc, 0x1, '\x00', 0x1}, 0x8}}}}, @TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz0\x00'}]}, @TIPC_NLA_PUBL={0x44, 0x3, 0x0, 0x1, [@TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0x83d6}, @TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0x6}, @TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x3ff}, @TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0x6}, @TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x8}, @TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x3404}, @TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0x3}, @TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x3ec}]}, @TIPC_NLA_LINK={0x90, 0x4, 0x0, 0x1, [@TIPC_NLA_LINK_PROP={0x24, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x13}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x8}, @TIPC_NLA_PROP_WIN={0x8}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x4}]}, @TIPC_NLA_LINK_PROP={0x14, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x15}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x155}]}, @TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz1\x00'}, @TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz1\x00'}, @TIPC_NLA_LINK_PROP={0x1c, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x3}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x800}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0xa19a}]}, @TIPC_NLA_LINK_PROP={0x14, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x7f9}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x9b}]}, @TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz0\x00'}]}, @TIPC_NLA_PUBL={0x1c, 0x3, 0x0, 0x1, [@TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0x8000}, @TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x8}, @TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0x5}]}]}, 0x460}, 0x1, 0x0, 0x0, 0x44000}, 0x40000) r2 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000c40), 0xffffffffffffffff) sendmsg$TIPC_NL_NET_GET(0xffffffffffffffff, &(0x7f0000000e40)={&(0x7f0000000c00)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000e00)={&(0x7f0000000c80)={0x16c, r2, 0x10, 0x3, 0x25dfdbfc, {}, [@TIPC_NLA_MON={0x1c, 0x9, 0x0, 0x1, [@TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x714}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x1}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0xad1}]}, @TIPC_NLA_PUBL={0x2c, 0x3, 0x0, 0x1, [@TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x1}, @TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x81}, @TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0x7eb8}, @TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0x6}, @TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0xfffffff8}]}, @TIPC_NLA_SOCK={0xa4, 0x2, 0x0, 0x1, [@TIPC_NLA_SOCK_CON={0x14, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_FLAG={0x8, 0x1, 0x9}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x36}]}, @TIPC_NLA_SOCK_REF={0x8, 0x2, 0x200}, @TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0x8d7c}, @TIPC_NLA_SOCK_CON={0x24, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_FLAG={0x8}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0xfa}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x9a9}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0xfffff92a}]}, @TIPC_NLA_SOCK_CON={0x2c, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_NODE={0x8, 0x2, 0x3}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x1}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x7fff}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x1}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x4d20}]}, @TIPC_NLA_SOCK_CON={0xc, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_FLAG={0x8, 0x1, 0x2}]}, @TIPC_NLA_SOCK_REF={0x8, 0x2, 0x3}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_CON={0x14, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_NODE={0x8, 0x2, 0xc2}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x1}]}]}, @TIPC_NLA_PUBL={0x54, 0x3, 0x0, 0x1, [@TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0x200}, @TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0x2c0d0000}, @TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0x5}, @TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0x1}, @TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0xfff}, @TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0x9}, @TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0x6}, @TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x72}, @TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0xfffffff8}, @TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x3}]}, @TIPC_NLA_NET={0x18, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_ADDR={0x8}, @TIPC_NLA_NET_NODEID={0xc, 0x3, 0x101}]}]}, 0x16c}, 0x1, 0x0, 0x0, 0x40001}, 0x1) r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000ec0), 0xffffffffffffffff) sendmsg$NL80211_CMD_REQ_SET_REG(0xffffffffffffffff, &(0x7f0000000f80)={&(0x7f0000000e80)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000f40)={&(0x7f0000000f00)={0x40, r3, 0x8, 0x70bd2d, 0x25dfdbfc, {}, [@NL80211_ATTR_SOCKET_OWNER={0x4}, @NL80211_ATTR_USER_REG_HINT_TYPE={0x8, 0x9a, 0x2}, @NL80211_ATTR_USER_REG_HINT_TYPE={0x8, 0x9a, 0x1}, @NL80211_ATTR_USER_REG_HINT_TYPE={0x8, 0x9a, 0x1}, @NL80211_ATTR_WIPHY={0x8, 0x1, 0x7e}, @NL80211_ATTR_DFS_REGION={0x5}]}, 0x40}}, 0x5cb26363ede68d89) r4 = openat$incfs(0xffffffffffffff9c, &(0x7f0000000fc0)='.pending_reads\x00', 0x2, 0x39) r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000001040), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000001080)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_DEAUTHENTICATE(r4, &(0x7f0000001480)={&(0x7f0000001000)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000001440)={&(0x7f00000010c0)={0x374, r5, 0x20, 0x70bd26, 0x25dfdbfd, {{}, {@val={0x8, 0x3, r6}, @void}}, [@NL80211_ATTR_LOCAL_STATE_CHANGE={0x4}, @NL80211_ATTR_REASON_CODE={0x6, 0x36, 0xf000}, @NL80211_ATTR_IE={0x27, 0x2a, [@mesh_chsw={0x76, 0x6, {0x8, 0x80, 0x31, 0xc61}}, @mesh_id={0x72, 0x6}, @chsw_timing={0x68, 0x4, {0x4, 0x2}}, @ssid={0x0, 0x3, @random='QWI'}, @ssid={0x0, 0x6, @default_ap_ssid}]}, @NL80211_ATTR_IE={0x173, 0x2a, [@random_vendor={0xdd, 0xe8, "647e79f3f9962c20ca1464273f6788bdd7d6a5d885798cb954aa3ee75700287e240b030879f1de1d149af2bd1d8b506d167496e6b5d7f2b17b1e1773ebc1e733d168411a2d1b3d9c6b5ab5f22921848d71b9e276ef5911f786e4825e02d557dbaa6d4c6163256327fc711a0f0376c812ccc16e4596f053fc54ff01ddf183fa176a7a86c9b92c49171c05dce09fa654bd2de9081780a7ec01bf1777ff50b39f912e6112ecd8607a650a12d911cc0f19bcd274c24ea834f71bd93684f6cad1c2111654e7707946226b07b1a5d97995242ce19b36db174d56443831c5c01ef05befec1b90aa6a6e07c3"}, @supported_rates={0x1, 0x2, [{0x6, 0x1}, {0x1, 0x1}]}, @supported_rates={0x1, 0x4, [{0x36, 0x1}, {0x12, 0x1}, {0x18}, {0xb}]}, @random_vendor={0xdd, 0x76, "e152b5d1a832863ece787d466f84703f101b480e3be14d43a93eb73a4f36ef878bd8aef943ee43eb4004674cf1e270a6c56986829810db49e040fe56ff2dc03a79a13eae0fb6355dc4db040f49db27eb9f4ab1caf1ab5f6e3c8c4469e3081f7511ea75a493f509c3f36de2b003a67dc3795ac50c6d3b"}, @erp={0x2a, 0x1, {0x0, 0x1, 0x1}}]}, @NL80211_ATTR_IE={0x1a7, 0x2a, [@ext_channel_switch={0x3c, 0x4, {0x0, 0x7f, 0x80, 0x3}}, @chsw_timing={0x68, 0x4, {0x9, 0x7}}, @fast_bss_trans={0x37, 0x105, {0x1, 0x6, "55c7bab9e205a8f8cfe8c86637225770", "bd25a360ed015cf9ee65c2f7c9d6d31b489ae030958020293a49b8f0c3b9cf6f", "c01ec5c263f690a0e32e372f44bde6a0af9123e48e8a634538b4eda1355b4fc2", [{0x1, 0x25, "90ef43bbc42062dcb57271aa6e0e6c399e9b4d351e41fb9600eb879524f047b46240ecfca9"}, {0x2, 0x23, "dacdaec1ff999920b6e6d6dc78ba798e23df26060fdfb481d0df0c893bba4400393c6f"}, {0x1, 0x23, "d1f13002e99055dd3d945baefcdd1ee3192ed30fb8368ebf4530486673f4f6a5855fe4"}, {0x1, 0xc, "8e38503c4818648df9e5d3b2"}, {0x3, 0x11, "313738a70b345f80456846ac6a23418e01"}, {0x4, 0x1f, "0e242317880db1a271c5348f4e1348d14fe02801dcafe5e857b49c0309436f"}]}}, @preq={0x82, 0x8e, @ext={{0x1, 0x0, 0x1}, 0xff, 0xd9, 0x4, @device_b, 0x7, @broadcast, 0x4, 0x0, 0xa, [{{}, @device_b, 0x3f}, {{0x0, 0x0, 0x1}, @device_b, 0x7fffffff}, {{0x1, 0x0, 0x1}, @device_b, 0x6}, {{0x1, 0x0, 0x1}, @broadcast, 0xffffffff}, {{0x0, 0x0, 0x1}, @device_a, 0x6}, {{0x1, 0x0, 0x1}, @broadcast}, {{0x1}, @device_b, 0xbdcb}, {{0x0, 0x0, 0x1}, @device_a, 0x7}, {{0x1}, @device_a, 0x1ff}, {{0x0, 0x0, 0x1}, @device_a, 0x40}]}}]}, @NL80211_ATTR_SSID={0x8, 0x34, @random="a6dccb9d"}]}, 0x374}}, 0x40000d0) sendmsg$NL80211_CMD_GET_MPATH(r4, &(0x7f00000015c0)={&(0x7f00000014c0)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000001580)={&(0x7f0000001500)={0x58, r3, 0x4, 0x70bd29, 0x25dfdbfe, {{}, {@val={0x8}, @val={0xc, 0x99, {0x8, 0x45}}}}, [@NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_MPATH_NEXT_HOP={0xa}, @NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_MAC={0xa}]}, 0x58}, 0x1, 0x0, 0x0, 0x4000}, 0x840) ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f0000001640)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_STOP_AP(r4, &(0x7f0000001700)={&(0x7f0000001600)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f00000016c0)={&(0x7f0000001680)={0x28, 0x0, 0x8, 0x70bd2d, 0x25dfdbfd, {{}, {@val={0x8, 0x3, r7}, @val={0xc, 0x99, {0x4caacbba, 0x64}}}}, [""]}, 0x28}, 0x1, 0x0, 0x0, 0x4080000}, 0x4004) ioctl$AUTOFS_DEV_IOCTL_EXPIRE(r4, 0xc018937c, &(0x7f0000001740)={{0x1, 0x1, 0x18, r4, {0x332d363616d8a1cd}}, './file0\x00'}) ioctl$sock_ipv6_tunnel_SIOCCHG6RD(r4, 0x89fb, &(0x7f0000001840)={'syztnl0\x00', &(0x7f00000017c0)={'syztnl2\x00', 0x0, 0x4, 0x88, 0x81, 0x7fffffff, 0x0, @private1, @mcast1, 0x1, 0x80, 0x80000001, 0x4}}) sendmsg$ETHTOOL_MSG_LINKINFO_GET(r8, &(0x7f0000001a00)={&(0x7f0000001780)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f00000019c0)={&(0x7f0000001880)={0x130, 0x0, 0x10, 0x70bd2c, 0x25dfdbfd, {}, [@HEADER={0x4c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'ip6_vti0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'ip_vti0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8}]}, @HEADER={0x40, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'ipvlan1\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r9}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}, @HEADER={0x20, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'tunl0\x00'}]}, @HEADER={0x14, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_FLAGS={0x8}]}, @HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'bridge_slave_0\x00'}]}, @HEADER={0x4}, @HEADER={0x2c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'gre0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'ip6_vti0\x00'}]}, @HEADER={0x14, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}]}]}, 0x130}, 0x1, 0x0, 0x0, 0x48000}, 0x8154) 19:57:53 executing program 6: prctl$PR_MCE_KILL(0x21, 0x0, 0x0) prctl$PR_MCE_KILL(0x21, 0x1, 0x2) prctl$PR_MCE_KILL(0x21, 0x0, 0x1) prctl$PR_MCE_KILL(0x21, 0x0, 0x1) prctl$PR_MCE_KILL(0x21, 0x0, 0x1) prctl$PR_MCE_KILL(0x21, 0x0, 0x1) prctl$PR_MCE_KILL(0x21, 0x1, 0x0) prctl$PR_MCE_KILL(0x21, 0x1, 0x1) prctl$PR_MCE_KILL(0x21, 0x1, 0x2) prctl$PR_MCE_KILL(0x21, 0x1, 0x1) prctl$PR_MCE_KILL(0x21, 0x0, 0x2) prctl$PR_MCE_KILL(0x21, 0x0, 0x2) prctl$PR_MCE_KILL(0x21, 0x1, 0x1) prctl$PR_MCE_KILL(0x21, 0x1, 0x3) prctl$PR_MCE_KILL(0x21, 0x1, 0x0) prctl$PR_MCE_KILL(0x21, 0x0, 0x1) prctl$PR_MCE_KILL(0x21, 0x1, 0x1) prctl$PR_MCE_KILL(0x21, 0x0, 0x2) prctl$PR_MCE_KILL(0x21, 0x1, 0x2) prctl$PR_MCE_KILL(0x21, 0x0, 0x0) 19:57:53 executing program 4: ioctl$RTC_EPOCH_READ(0xffffffffffffffff, 0x8008700d, &(0x7f0000000000)) ioctl$RTC_IRQP_READ(0xffffffffffffffff, 0x8008700b, &(0x7f0000000040)) ioctl$RTC_WIE_OFF(0xffffffffffffffff, 0x7010) ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, &(0x7f0000000300)={0x88, 0x0, &(0x7f0000000200)=[@acquire_done, @reply={0x40406301, {0x0, 0x0, 0x0, 0x0, 0x21, 0x0, 0x0, 0x78, 0x18, &(0x7f0000000140)={@ptr={0x70742a85, 0x1, &(0x7f0000000080)=""/36, 0x24, 0x0, 0x1d}, @ptr={0x70742a85, 0x1, &(0x7f00000000c0)=""/31, 0x1f, 0x2, 0x1}, @ptr={0x70742a85, 0x0, &(0x7f0000000100)=""/62, 0x3e, 0x2, 0x1b}}, &(0x7f00000001c0)={0x0, 0x28, 0x50}}}, @decrefs, @increfs_done, @increfs_done], 0x35, 0x0, &(0x7f00000002c0)="e764b6c704b0e49354a43d24622a4e37e8b2e07a819f6daefdfd655421924cbf8edfd93d9b69594aeb7ed97b9e39979b5aab72a49b"}) r0 = syz_open_dev$mouse(&(0x7f0000000340), 0x3, 0x80100) ioctl$int_in(r0, 0x5421, &(0x7f0000000380)=0x1b7) ioctl(r0, 0x2, &(0x7f00000003c0)="dbe7b6489bc002c61133d9d21ccd717f9326e6764b3a1ebaadd4ae5cc9ad92978090ebf0acfe3ff79fbec5cf51dd7654cb5a9c79ae81e7f0a3ca7cbcc0f7d64ffe806a67767b2d35d798fdc99b1d4faac679e87594e3dad546c2a1ce9ab31e35186f0dc2b5818312c069bd9eb20e88389b90444d2ac14081aa811ae2525b6aa239303f17a1213f9c8cf103f8ccf42666cb222d12781118b446824266cc63be545048bdf6f2f79c02d716d39cc29b4f547f5a25b5d3af43c8062020c254") fcntl$addseals(0xffffffffffffffff, 0x409, 0x1) r1 = inotify_init1(0x80000) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r0, 0xc0189373, &(0x7f0000000480)={{0x1, 0x1, 0x18, r1, {0x4}}, './file0\x00'}) r3 = openat$incfs(r0, &(0x7f00000004c0)='.pending_reads\x00', 0x400, 0x9c) read(r3, &(0x7f0000000500)=""/4, 0x4) sendmsg$MPTCP_PM_CMD_FLUSH_ADDRS(r0, &(0x7f0000000640)={&(0x7f0000000540)={0x10, 0x0, 0x0, 0x10101100}, 0xc, &(0x7f0000000600)={&(0x7f0000000580)={0x60, 0x0, 0x400, 0x70bd2a, 0x25dfdbfb, {}, [@MPTCP_PM_ATTR_ADDR={0x4}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x1}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x3}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x5}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x3}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x5}, @MPTCP_PM_ATTR_ADDR={0x20, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x3}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @ipv4={'\x00', '\xff\xff', @remote}}]}]}, 0x60}, 0x1, 0x0, 0x0, 0x10}, 0x4000801) sendfile(r2, r1, &(0x7f0000000680)=0x1000, 0x3f) ioctl$EXT4_IOC_CLEAR_ES_CACHE(0xffffffffffffffff, 0x6628) r4 = creat(&(0x7f00000006c0)='./file0\x00', 0x2) ioctl$F2FS_IOC_FLUSH_DEVICE(r4, 0x4008f50a, &(0x7f0000000700)={0xfffffff9}) perf_event_open(&(0x7f0000000780)={0x1, 0x80, 0x5, 0x9, 0x2b, 0x0, 0x0, 0x3f, 0x218, 0x2, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x3, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x4, 0x1, @perf_bp={&(0x7f0000000740)}, 0x480a1, 0x4, 0x9, 0x0, 0x8, 0x1aa, 0x5}, 0xffffffffffffffff, 0x3, 0xffffffffffffffff, 0x8) r5 = syz_open_dev$sg(&(0x7f0000000800), 0xfffffffffffffffa, 0x81) ioctl$EXT4_IOC_MIGRATE(r5, 0x6609) 19:57:53 executing program 5: write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000000)={0x15, 0x65, 0xffff, 0x4, 0x8, '9P2000.L'}, 0x15) write$P9_RXATTRWALK(0xffffffffffffffff, &(0x7f0000000040)={0xf, 0x1f, 0x1, 0x5}, 0xf) fsetxattr$trusted_overlay_origin(0xffffffffffffffff, &(0x7f0000000080), &(0x7f00000000c0), 0x2, 0x1) ioctl$F2FS_IOC_ABORT_VOLATILE_WRITE(0xffffffffffffffff, 0xf505, 0x0) r0 = accept4(0xffffffffffffffff, &(0x7f0000000100)=@pppoe={0x18, 0x0, {0x0, @broadcast}}, &(0x7f0000000180)=0x80, 0x800) flock(r0, 0xd) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r0, 0x81f8943c, &(0x7f00000001c0)={0x0, ""/256, 0x0, 0x0, 0x0, 0x0, ""/16, ""/16, ""/16, 0x0, 0x0}) ioctl$BTRFS_IOC_SET_RECEIVED_SUBVOL(r0, 0xc0c89425, &(0x7f00000003c0)={"8114d171039f2deea82a06b9d8b52624", r1, 0x0, {0xf9, 0xb4e}, {0x5, 0x5}, 0x67237886, [0xfe00000000000000, 0x100, 0x8, 0x29, 0x37, 0x6, 0x3f, 0x7, 0xff, 0x6, 0x4, 0x5, 0x9, 0x2, 0x8a25, 0x3ff]}) r2 = getpgid(0xffffffffffffffff) r3 = fsopen(&(0x7f00000004c0)='jfs\x00', 0x0) kcmp(r2, 0x0, 0x0, r0, r3) ioctl$CDROMCLOSETRAY(0xffffffffffffffff, 0x5319) ioctl$F2FS_IOC_RELEASE_VOLATILE_WRITE(r3, 0xf504, 0x0) ioctl$LOOP_GET_STATUS64(0xffffffffffffffff, 0x4c05, &(0x7f0000000500)) r4 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000600)='pids.current\x00', 0x0, 0x0) bind(r4, &(0x7f0000000640)=@x25, 0x80) ioctl$AUTOFS_DEV_IOCTL_CATATONIC(r4, 0xc0189379, &(0x7f00000006c0)={{0x1, 0x1, 0x18, r0}, './file0\x00'}) bind$bt_hci(r5, &(0x7f0000000700)={0x1f, 0x3, 0x3}, 0x6) ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(r4, 0xc018937e, &(0x7f0000000740)={{0x1, 0x1, 0x18, r0}, './file0\x00'}) ioctl$CDROM_SET_OPTIONS(r6, 0x5320, 0x0) 19:57:53 executing program 7: r0 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000000), 0x80000, 0x0) setsockopt$inet_udp_encap(r0, 0x11, 0x64, &(0x7f0000000040)=0x3, 0x4) ioctl$INCFS_IOC_PERMIT_FILL(r0, 0x40046721, &(0x7f0000000080)={r0}) r1 = socket$nl_sock_diag(0x10, 0x3, 0x4) ioctl$sock_SIOCOUTQNSD(r1, 0x894b, &(0x7f00000000c0)) r2 = accept4$packet(r0, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000140)=0x14, 0xcbf22491e384b21d) setsockopt(r2, 0xf2, 0xb5d, &(0x7f0000000180)="7e1717ad452d64ca4c3f48864e76f0e207f340ffc00e337fbff4e2beb9e445edb9a21a7f907490f1f74ad6f06175cf7ceb9e965063dabac83b5d684fa87ca6c8645e99fdb83c68d37171821ae89d0d90286602dead5132abb521d6f618d87fdad982bc7d67905b52c2a803b75899f0341880e2a12786cc5389624827ed3204bfb0fc95964cd0684e8e6fabbcc658be073368efccb39aed8febcbe092ab47661d21a4bc30b3a82b3ea1a3139675e19288dcfe2af7298551b5ef18ed3018ec625f99658feb488410616dad12e1ee2252a491b797960d2c350f6e920c626e7c9bbe13d9c114cf", 0xe5) r3 = dup(r0) ioctl$SG_GET_NUM_WAITING(r3, 0x227d, &(0x7f0000000280)) fcntl$dupfd(0xffffffffffffffff, 0x406, r0) r4 = openat$procfs(0xffffffffffffff9c, &(0x7f00000002c0)='/proc/schedstat\x00', 0x0, 0x0) ioctl$SG_IO(r4, 0x2285, &(0x7f0000000500)={0x0, 0xffffffffffffffff, 0x49, 0x26, @scatter={0x1, 0x0, &(0x7f0000000340)=[{&(0x7f0000000300)=""/24, 0x18}]}, &(0x7f0000000380)="4c71e9c5fa235d51b59423be32500d372b712d5c94b2f377e6834c98dc0a37fd76929c8935c9bc34dc9282dc01d21aefcfefb642a4651f7641e84d3f29ab4b3265e3be4bbd9d08826b", &(0x7f0000000400)=""/141, 0x6, 0x10, 0x3, &(0x7f00000004c0)}) ioctl$SG_GET_PACK_ID(r0, 0x227c, &(0x7f0000000580)) sendmsg$DEVLINK_CMD_TRAP_POLICER_SET(r0, &(0x7f0000000840)={&(0x7f00000005c0)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000800)={&(0x7f0000000600)={0x1fc, 0x0, 0x100, 0x70bd2a, 0x25dfdbfc, {}, [{@pci={{0x8}, {0x11}}, {0x8, 0x8e, 0x2}, {0xc, 0x8f, 0x4}, {0xc, 0x90, 0x3}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x8e, 0x3}, {0xc, 0x8f, 0x7ff}, {0xc, 0x90, 0x9}}, {@pci={{0x8}, {0x11}}, {0x8, 0x8e, 0x1}, {0xc}, {0xc, 0x90, 0x3ff}}, {@pci={{0x8}, {0x11}}, {0x8, 0x8e, 0x1}, {0xc, 0x8f, 0x9}, {0xc, 0x90, 0x1000}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x8e, 0x2}, {0xc, 0x8f, 0x687}, {0xc, 0x90, 0x200}}, {@pci={{0x8}, {0x11}}, {0x8, 0x8e, 0x3}, {0xc, 0x8f, 0x7}, {0xc, 0x90, 0x1d6}}, {@pci={{0x8}, {0x11}}, {0x8, 0x8e, 0x3}, {0xc, 0x8f, 0x101}, {0xc, 0x90, 0x2}}, {@pci={{0x8}, {0x11}}, {0x8}, {0xc, 0x8f, 0x200}, {0xc}}]}, 0x1fc}, 0x1, 0x0, 0x0, 0xc000}, 0x4000) ioctl$SG_GET_REQUEST_TABLE(0xffffffffffffffff, 0x2286, &(0x7f0000000880)) openat$vcsu(0xffffffffffffff9c, &(0x7f0000000a00), 0x200, 0x0) ioctl$SCSI_IOCTL_START_UNIT(r3, 0x5) r5 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000a80), r0) sendmsg$IPVS_CMD_NEW_DAEMON(0xffffffffffffffff, &(0x7f0000000b40)={&(0x7f0000000a40)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000b00)={&(0x7f0000000ac0)={0x40, r5, 0x200, 0x70bd29, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8}, @IPVS_CMD_ATTR_DAEMON={0x1c, 0x3, 0x0, 0x1, [@IPVS_DAEMON_ATTR_SYNC_ID={0x8, 0x3, 0x3}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x6, 0x4, 0x7}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x6, 0x4, 0xfff9}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x6}]}, 0x40}, 0x1, 0x0, 0x0, 0x4000}, 0x0) ioctl$SCSI_IOCTL_TEST_UNIT_READY(0xffffffffffffffff, 0x2) [ 67.385217] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 67.387916] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 67.390393] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 67.394566] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 67.397377] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 67.399503] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 67.411695] Bluetooth: hci0: HCI_REQ-0x0c1a [ 67.501693] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 67.504296] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 67.506223] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 67.509685] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 67.512284] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 67.513635] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 67.517180] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 67.520055] Bluetooth: hci1: HCI_REQ-0x0c1a [ 67.521104] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 67.534538] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 67.540313] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 67.577206] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 67.578967] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 67.597717] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 67.599381] Bluetooth: hci2: HCI_REQ-0x0c1a [ 67.601565] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 67.604821] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 67.608192] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 67.617599] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 67.618787] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 67.622198] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 67.627807] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 67.631647] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 67.632586] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 67.634938] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 67.641001] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 67.643554] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 67.644941] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 67.646815] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 67.646840] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 67.649668] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 67.651213] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 67.653943] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 67.653978] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 67.656588] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 67.658284] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 67.663209] Bluetooth: hci6: HCI_REQ-0x0c1a [ 67.681298] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 67.683256] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 67.684950] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 67.691241] Bluetooth: hci5: HCI_REQ-0x0c1a [ 67.692908] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 67.694399] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 67.697341] Bluetooth: hci7: HCI_REQ-0x0c1a [ 67.758814] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 67.760628] Bluetooth: hci3: HCI_REQ-0x0c1a [ 67.767605] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 67.789637] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 67.804219] Bluetooth: hci4: HCI_REQ-0x0c1a [ 69.465419] Bluetooth: hci0: command 0x0409 tx timeout [ 69.529380] Bluetooth: hci1: command 0x0409 tx timeout [ 69.657079] Bluetooth: hci2: command 0x0409 tx timeout [ 69.721095] Bluetooth: hci6: command 0x0409 tx timeout [ 69.722163] Bluetooth: hci7: command 0x0409 tx timeout [ 69.722195] Bluetooth: hci5: command 0x0409 tx timeout [ 69.786327] Bluetooth: hci3: command 0x0409 tx timeout [ 69.849208] Bluetooth: hci4: command 0x0409 tx timeout [ 71.513130] Bluetooth: hci0: command 0x041b tx timeout [ 71.577275] Bluetooth: hci1: command 0x041b tx timeout [ 71.705177] Bluetooth: hci2: command 0x041b tx timeout [ 71.769129] Bluetooth: hci7: command 0x041b tx timeout [ 71.770069] Bluetooth: hci6: command 0x041b tx timeout [ 71.770856] Bluetooth: hci5: command 0x041b tx timeout [ 71.833124] Bluetooth: hci3: command 0x041b tx timeout [ 71.897152] Bluetooth: hci4: command 0x041b tx timeout [ 73.562117] Bluetooth: hci0: command 0x040f tx timeout [ 73.625057] Bluetooth: hci1: command 0x040f tx timeout [ 73.754059] Bluetooth: hci2: command 0x040f tx timeout [ 73.817090] Bluetooth: hci5: command 0x040f tx timeout [ 73.817554] Bluetooth: hci6: command 0x040f tx timeout [ 73.817960] Bluetooth: hci7: command 0x040f tx timeout [ 73.881095] Bluetooth: hci3: command 0x040f tx timeout [ 73.945071] Bluetooth: hci4: command 0x040f tx timeout [ 75.610084] Bluetooth: hci0: command 0x0419 tx timeout [ 75.674075] Bluetooth: hci1: command 0x0419 tx timeout [ 75.802056] Bluetooth: hci2: command 0x0419 tx timeout [ 75.866123] Bluetooth: hci7: command 0x0419 tx timeout [ 75.866573] Bluetooth: hci6: command 0x0419 tx timeout [ 75.866985] Bluetooth: hci5: command 0x0419 tx timeout [ 75.930114] Bluetooth: hci3: command 0x0419 tx timeout [ 75.994128] Bluetooth: hci4: command 0x0419 tx timeout [ 119.684303] audit: type=1400 audit(1664567927.066:7): avc: denied { open } for pid=3862 comm="syz-executor.2" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 [ 120.946341] audit: type=1400 audit(1664567928.328:8): avc: denied { kernel } for pid=3952 comm="syz-executor.4" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 19:59:07 executing program 5: r0 = signalfd(0xffffffffffffffff, &(0x7f0000000680)={[0x6]}, 0x8) flistxattr(r0, &(0x7f0000000a00)=""/43, 0x2b) ioctl$SNAPSHOT_FREE(r0, 0x3305) r1 = openat$rtc(0xffffffffffffff9c, &(0x7f0000002440), 0x0, 0x0) ioctl$RTC_SET_TIME(r1, 0x4024700a, &(0x7f0000002480)={0x35, 0x0, 0x0, 0x15, 0x4, 0x7f}) 19:59:07 executing program 0: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x84758, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f0000000100)=0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r1, 0xc0481273, &(0x7f0000000000)={'\x00', 0x0, 0x1, 0xd6c2, 0x0, 0x0, r0}) r2 = signalfd(0xffffffffffffffff, &(0x7f0000000680), 0x8) flistxattr(r2, &(0x7f0000000a00)=""/43, 0x2b) perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x81, 0x81, 0x4c, 0x61, 0x0, 0x6, 0x82400, 0x8, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0xf770, 0x0, @perf_config_ext={0x100000001, 0x3}, 0x0, 0x856, 0x0, 0xc, 0x6, 0x9, 0x0, 0x0, 0x3e3, 0x0, 0x9}, r0, 0x4, r2, 0x8) r3 = socket$inet6_udp(0xa, 0x2, 0x0) dup(r3) socket$inet_udp(0x2, 0x2, 0x0) r4 = dup(r3) connect$inet6(r4, &(0x7f0000000200)={0xa, 0x4e22, 0x0, @ipv4={'\x00', '\xff\xff', @dev}}, 0x1c) sendmmsg$inet6(r4, &(0x7f0000000500)=[{{&(0x7f0000000280)={0xa, 0x4e22, 0x3, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x40}, 0x0, &(0x7f00000004c0)=[{&(0x7f00000002c0)="840ed7cb019cc4c626bd522b9b297ab0228f"}, {&(0x7f0000000440)="f117c9546fdf673e848c4c40aae7d578e6a70ca6261a43b646cf390b39b5b5f8e490cbc2954c666512f0df544eee3737d7dfed7d929427a7110deb7349410be3c1ce5c55ab6187bb39dc6908fd34b3b34203a5184310cdcb173d03bad191e46181"}, {&(0x7f0000000300)="9fb8735a86"}]}}], 0x63, 0x24048894) r5 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) ioctl$sock_inet_SIOCSIFFLAGS(r5, 0x8914, &(0x7f0000000140)={'bridge_slave_1\x00'}) socket$inet_udp(0x2, 0x2, 0x0) 19:59:07 executing program 4: ioctl$EXT4_IOC_GETSTATE(0xffffffffffffffff, 0x40046629, &(0x7f0000000140)) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x77, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) ioctl$AUTOFS_DEV_IOCTL_EXPIRE(r0, 0xc018937c, &(0x7f0000000180)={{0x1, 0x1, 0x18, r0, {0x1}}, './file1\x00'}) r1 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_int(r1, 0x6, 0x25, &(0x7f00000002c0), 0x4) r2 = accept$unix(r0, 0x0, &(0x7f0000000000)) ioctl$FICLONERANGE(r1, 0x4020940d, &(0x7f0000000040)={{r2}, 0x3ff, 0x0, 0x9}) fallocate(r0, 0x3, 0x0, 0x3) [ 140.258081] audit: type=1400 audit(1664567947.639:9): avc: denied { tracepoint } for pid=3968 comm="syz-executor.0" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 [ 140.286685] ------------[ cut here ]------------ [ 140.286733] [ 140.286739] ====================================================== [ 140.286745] WARNING: possible circular locking dependency detected [ 140.286752] 6.0.0-rc7-next-20220929 #1 Not tainted [ 140.286765] ------------------------------------------------------ [ 140.286771] syz-executor.0/3970 is trying to acquire lock: [ 140.286785] ffffffff853faab8 ((console_sem).lock){....}-{2:2}, at: down_trylock+0xe/0x70 [ 140.286854] [ 140.286854] but task is already holding lock: [ 140.286859] ffff8880090ff820 (&ctx->lock){....}-{2:2}, at: __perf_event_task_sched_out+0x53b/0x18d0 [ 140.286910] [ 140.286910] which lock already depends on the new lock. [ 140.286910] [ 140.286916] [ 140.286916] the existing dependency chain (in reverse order) is: [ 140.286922] [ 140.286922] -> #3 (&ctx->lock){....}-{2:2}: [ 140.286949] _raw_spin_lock+0x2a/0x40 [ 140.286970] __perf_event_task_sched_out+0x53b/0x18d0 [ 140.286992] __schedule+0xedd/0x2470 [ 140.287025] schedule+0xda/0x1b0 [ 140.287051] futex_wait_queue+0xf5/0x1e0 [ 140.287074] futex_wait+0x28e/0x690 [ 140.287094] do_futex+0x2ff/0x380 [ 140.287113] __x64_sys_futex+0x1c6/0x4d0 [ 140.287133] do_syscall_64+0x3b/0x90 [ 140.287166] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 140.287191] [ 140.287191] -> #2 (&rq->__lock){-.-.}-{2:2}: [ 140.287218] _raw_spin_lock_nested+0x30/0x40 [ 140.287239] raw_spin_rq_lock_nested+0x1e/0x30 [ 140.287264] task_fork_fair+0x63/0x4d0 [ 140.287296] sched_cgroup_fork+0x3d0/0x540 [ 140.287323] copy_process+0x4183/0x6e20 [ 140.287344] kernel_clone+0xe7/0x890 [ 140.287363] user_mode_thread+0xad/0xf0 [ 140.287383] rest_init+0x24/0x250 [ 140.287406] arch_call_rest_init+0xf/0x14 [ 140.287470] start_kernel+0x4c6/0x4eb [ 140.287508] secondary_startup_64_no_verify+0xe0/0xeb [ 140.287539] [ 140.287539] -> #1 (&p->pi_lock){-.-.}-{2:2}: [ 140.287566] _raw_spin_lock_irqsave+0x39/0x60 [ 140.287587] try_to_wake_up+0xab/0x1930 [ 140.287613] up+0x75/0xb0 [ 140.287641] __up_console_sem+0x6e/0x80 [ 140.287671] console_unlock+0x46a/0x590 [ 140.287702] do_con_write+0xc05/0x1d50 [ 140.287722] con_write+0x21/0x40 [ 140.287740] n_tty_write+0x4d4/0xfe0 [ 140.287763] file_tty_write.constprop.0+0x455/0x8a0 [ 140.287785] vfs_write+0x9c3/0xd90 [ 140.287816] ksys_write+0x127/0x250 [ 140.287847] do_syscall_64+0x3b/0x90 [ 140.287880] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 140.287905] [ 140.287905] -> #0 ((console_sem).lock){....}-{2:2}: [ 140.287932] __lock_acquire+0x2a02/0x5e70 [ 140.287964] lock_acquire+0x1a2/0x530 [ 140.287996] _raw_spin_lock_irqsave+0x39/0x60 [ 140.288017] down_trylock+0xe/0x70 [ 140.288046] __down_trylock_console_sem+0x3b/0xd0 [ 140.288078] vprintk_emit+0x16b/0x560 [ 140.288110] vprintk+0x84/0xa0 [ 140.288141] _printk+0xba/0xf1 [ 140.288163] report_bug.cold+0x72/0xab [ 140.288194] handle_bug+0x3c/0x70 [ 140.288227] exc_invalid_op+0x14/0x50 [ 140.288260] asm_exc_invalid_op+0x16/0x20 [ 140.288284] group_sched_out.part.0+0x2c7/0x460 [ 140.288319] ctx_sched_out+0x8f1/0xc10 [ 140.288352] __perf_event_task_sched_out+0x6d0/0x18d0 [ 140.288374] __schedule+0xedd/0x2470 [ 140.288400] schedule+0xda/0x1b0 [ 140.288427] futex_wait_queue+0xf5/0x1e0 [ 140.288448] futex_wait+0x28e/0x690 [ 140.288468] do_futex+0x2ff/0x380 [ 140.288487] __x64_sys_futex+0x1c6/0x4d0 [ 140.288507] do_syscall_64+0x3b/0x90 [ 140.288540] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 140.288565] [ 140.288565] other info that might help us debug this: [ 140.288565] [ 140.288570] Chain exists of: [ 140.288570] (console_sem).lock --> &rq->__lock --> &ctx->lock [ 140.288570] [ 140.288600] Possible unsafe locking scenario: [ 140.288600] [ 140.288604] CPU0 CPU1 [ 140.288608] ---- ---- [ 140.288613] lock(&ctx->lock); [ 140.288623] lock(&rq->__lock); [ 140.288636] lock(&ctx->lock); [ 140.288648] lock((console_sem).lock); [ 140.288660] [ 140.288660] *** DEADLOCK *** [ 140.288660] [ 140.288663] 2 locks held by syz-executor.0/3970: [ 140.288677] #0: ffff88806ce37e98 (&rq->__lock){-.-.}-{2:2}, at: __schedule+0x1cf/0x2470 [ 140.288735] #1: ffff8880090ff820 (&ctx->lock){....}-{2:2}, at: __perf_event_task_sched_out+0x53b/0x18d0 [ 140.288788] [ 140.288788] stack backtrace: [ 140.288793] CPU: 0 PID: 3970 Comm: syz-executor.0 Not tainted 6.0.0-rc7-next-20220929 #1 [ 140.288817] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 140.288832] Call Trace: [ 140.288838] [ 140.288845] dump_stack_lvl+0x8b/0xb3 [ 140.288881] check_noncircular+0x263/0x2e0 [ 140.288914] ? format_decode+0x26c/0xb50 [ 140.288945] ? print_circular_bug+0x450/0x450 [ 140.288980] ? queued_spin_lock_slowpath+0xcd/0xc80 [ 140.289007] ? format_decode+0x26c/0xb50 [ 140.289045] ? alloc_chain_hlocks+0x1ec/0x5a0 [ 140.289080] __lock_acquire+0x2a02/0x5e70 [ 140.289123] ? lockdep_hardirqs_on_prepare+0x410/0x410 [ 140.289167] lock_acquire+0x1a2/0x530 [ 140.289200] ? down_trylock+0xe/0x70 [ 140.289234] ? lock_release+0x750/0x750 [ 140.289275] ? vprintk+0x84/0xa0 [ 140.289311] _raw_spin_lock_irqsave+0x39/0x60 [ 140.289333] ? down_trylock+0xe/0x70 [ 140.289365] down_trylock+0xe/0x70 [ 140.289396] ? vprintk+0x84/0xa0 [ 140.289429] __down_trylock_console_sem+0x3b/0xd0 [ 140.289464] vprintk_emit+0x16b/0x560 [ 140.289502] vprintk+0x84/0xa0 [ 140.289536] _printk+0xba/0xf1 [ 140.289559] ? record_print_text.cold+0x16/0x16 [ 140.289590] ? report_bug.cold+0x66/0xab [ 140.289626] ? group_sched_out.part.0+0x2c7/0x460 [ 140.289662] report_bug.cold+0x72/0xab [ 140.289699] handle_bug+0x3c/0x70 [ 140.289734] exc_invalid_op+0x14/0x50 [ 140.289770] asm_exc_invalid_op+0x16/0x20 [ 140.289795] RIP: 0010:group_sched_out.part.0+0x2c7/0x460 [ 140.289834] Code: 5e 41 5f e9 8b ae ef ff e8 86 ae ef ff 65 8b 1d 6b 17 ac 7e 31 ff 89 de e8 26 ab ef ff 85 db 0f 84 8a 00 00 00 e8 69 ae ef ff <0f> 0b e9 a5 fe ff ff e8 5d ae ef ff 48 8d 7d 10 48 b8 00 00 00 00 [ 140.289856] RSP: 0018:ffff88803f2ef8f8 EFLAGS: 00010006 [ 140.289874] RAX: 0000000040000002 RBX: 0000000000000000 RCX: 0000000000000000 [ 140.289889] RDX: ffff88800ff49ac0 RSI: ffffffff81565e67 RDI: 0000000000000005 [ 140.289904] RBP: ffff888008660000 R08: 0000000000000005 R09: 0000000000000001 [ 140.289919] R10: 0000000000000000 R11: ffffffff865b401b R12: ffff8880090ff800 [ 140.289934] R13: ffff88806ce3d2c0 R14: ffffffff8547d040 R15: 0000000000000002 [ 140.289956] ? group_sched_out.part.0+0x2c7/0x460 [ 140.289996] ? group_sched_out.part.0+0x2c7/0x460 [ 140.290035] ctx_sched_out+0x8f1/0xc10 [ 140.290074] __perf_event_task_sched_out+0x6d0/0x18d0 [ 140.290102] ? lock_is_held_type+0xd7/0x130 [ 140.290130] ? __perf_cgroup_move+0x160/0x160 [ 140.290151] ? set_next_entity+0x304/0x550 [ 140.290190] ? lock_is_held_type+0xd7/0x130 [ 140.290218] __schedule+0xedd/0x2470 [ 140.290252] ? io_schedule_timeout+0x150/0x150 [ 140.290283] ? futex_wait_setup+0x166/0x230 [ 140.290312] schedule+0xda/0x1b0 [ 140.290342] futex_wait_queue+0xf5/0x1e0 [ 140.290367] futex_wait+0x28e/0x690 [ 140.290392] ? futex_wait_setup+0x230/0x230 [ 140.290419] ? wake_up_q+0x8b/0xf0 [ 140.290445] ? do_raw_spin_unlock+0x4f/0x220 [ 140.290483] ? futex_wake+0x158/0x490 [ 140.290516] ? fd_install+0x1f9/0x640 [ 140.290545] do_futex+0x2ff/0x380 [ 140.290568] ? __ia32_compat_sys_get_robust_list+0x3b0/0x3b0 [ 140.290600] __x64_sys_futex+0x1c6/0x4d0 [ 140.290626] ? __x64_sys_futex_time32+0x480/0x480 [ 140.290652] ? syscall_enter_from_user_mode+0x1d/0x50 [ 140.290680] ? syscall_enter_from_user_mode+0x1d/0x50 [ 140.290711] do_syscall_64+0x3b/0x90 [ 140.290746] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 140.290773] RIP: 0033:0x7f5f4e2c4b19 [ 140.290789] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 140.290810] RSP: 002b:00007f5f4b83a218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 140.290832] RAX: ffffffffffffffda RBX: 00007f5f4e3d7f68 RCX: 00007f5f4e2c4b19 [ 140.290847] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f5f4e3d7f68 [ 140.290862] RBP: 00007f5f4e3d7f60 R08: 0000000000000000 R09: 0000000000000000 [ 140.290876] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f5f4e3d7f6c [ 140.290891] R13: 00007ffc24e2fcbf R14: 00007f5f4b83a300 R15: 0000000000022000 [ 140.290916] [ 140.411105] WARNING: CPU: 0 PID: 3970 at kernel/events/core.c:2309 group_sched_out.part.0+0x2c7/0x460 [ 140.412469] Modules linked in: [ 140.412934] CPU: 0 PID: 3970 Comm: syz-executor.0 Not tainted 6.0.0-rc7-next-20220929 #1 [ 140.414091] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 140.415711] RIP: 0010:group_sched_out.part.0+0x2c7/0x460 [ 140.416513] Code: 5e 41 5f e9 8b ae ef ff e8 86 ae ef ff 65 8b 1d 6b 17 ac 7e 31 ff 89 de e8 26 ab ef ff 85 db 0f 84 8a 00 00 00 e8 69 ae ef ff <0f> 0b e9 a5 fe ff ff e8 5d ae ef ff 48 8d 7d 10 48 b8 00 00 00 00 [ 140.419091] RSP: 0018:ffff88803f2ef8f8 EFLAGS: 00010006 [ 140.419898] RAX: 0000000040000002 RBX: 0000000000000000 RCX: 0000000000000000 [ 140.420912] RDX: ffff88800ff49ac0 RSI: ffffffff81565e67 RDI: 0000000000000005 [ 140.421934] RBP: ffff888008660000 R08: 0000000000000005 R09: 0000000000000001 [ 140.422956] R10: 0000000000000000 R11: ffffffff865b401b R12: ffff8880090ff800 [ 140.423993] R13: ffff88806ce3d2c0 R14: ffffffff8547d040 R15: 0000000000000002 [ 140.425027] FS: 00007f5f4b83a700(0000) GS:ffff88806ce00000(0000) knlGS:0000000000000000 [ 140.426190] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 140.427024] CR2: 00007f25f4670004 CR3: 0000000009a1c000 CR4: 0000000000350ef0 [ 140.428082] Call Trace: [ 140.428467] [ 140.428806] ctx_sched_out+0x8f1/0xc10 [ 140.429398] __perf_event_task_sched_out+0x6d0/0x18d0 [ 140.430135] ? lock_is_held_type+0xd7/0x130 [ 140.430770] ? __perf_cgroup_move+0x160/0x160 [ 140.431412] ? set_next_entity+0x304/0x550 [ 140.432069] ? lock_is_held_type+0xd7/0x130 [ 140.432711] __schedule+0xedd/0x2470 [ 140.433273] ? io_schedule_timeout+0x150/0x150 [ 140.433951] ? futex_wait_setup+0x166/0x230 [ 140.434588] schedule+0xda/0x1b0 [ 140.435096] futex_wait_queue+0xf5/0x1e0 [ 140.435721] futex_wait+0x28e/0x690 [ 140.436271] ? futex_wait_setup+0x230/0x230 [ 140.436903] ? wake_up_q+0x8b/0xf0 [ 140.437435] ? do_raw_spin_unlock+0x4f/0x220 [ 140.438094] ? futex_wake+0x158/0x490 [ 140.438661] ? fd_install+0x1f9/0x640 [ 140.439226] do_futex+0x2ff/0x380 [ 140.439791] ? __ia32_compat_sys_get_robust_list+0x3b0/0x3b0 [ 140.440629] __x64_sys_futex+0x1c6/0x4d0 [ 140.441224] ? __x64_sys_futex_time32+0x480/0x480 [ 140.441932] ? syscall_enter_from_user_mode+0x1d/0x50 [ 140.442678] ? syscall_enter_from_user_mode+0x1d/0x50 [ 140.443415] do_syscall_64+0x3b/0x90 [ 140.444002] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 140.444762] RIP: 0033:0x7f5f4e2c4b19 [ 140.445301] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 140.447917] RSP: 002b:00007f5f4b83a218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 140.449015] RAX: ffffffffffffffda RBX: 00007f5f4e3d7f68 RCX: 00007f5f4e2c4b19 [ 140.450037] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f5f4e3d7f68 [ 140.451052] RBP: 00007f5f4e3d7f60 R08: 0000000000000000 R09: 0000000000000000 [ 140.452124] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f5f4e3d7f6c [ 140.453130] R13: 00007ffc24e2fcbf R14: 00007f5f4b83a300 R15: 0000000000022000 [ 140.454167] [ 140.454516] irq event stamp: 466 [ 140.455000] hardirqs last enabled at (465): [] syscall_enter_from_user_mode+0x1d/0x50 [ 140.456389] hardirqs last disabled at (466): [] __schedule+0x1225/0x2470 [ 140.457588] softirqs last enabled at (304): [] __irq_exit_rcu+0x11b/0x180 [ 140.458802] softirqs last disabled at (295): [] __irq_exit_rcu+0x11b/0x180 [ 140.460040] ---[ end trace 0000000000000000 ]--- 19:59:07 executing program 3: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x200000, 0xb, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736617e43c00088020000200000004f80000200040000000000000000000010000000000000002000000010006000000000000000000000000008000"/96, 0x60}, {&(0x7f0000010100)='RRaA\x00'/32, 0x20, 0x800}, {&(0x7f0000010200)="00000000727241610100000007000000000000000000000000000000000055aa", 0x20, 0x9e0}, {&(0x7f0000010300)="601c6d6b646f736617e43c00088020000200000004f80000200040000000000000000000010000000000000002000000010006000000000000000000000000008000"/96, 0x60, 0x3000}, {&(0x7f0000010400)="f8ffff0fffffff0fffffff0fffffff0fffffff0fffffff0fffffff0fffffff0f", 0x20, 0x10000}, {&(0x7f0000010500)="f8ffff0fffffff0fffffff0fffffff0fffffff0fffffff0fffffff0fffffff0f", 0x20, 0x10800}, {&(0x7f0000010600)="53595a4b414c4c45522020080000e780325132510000e780325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c453020202020202010001fe870325132510000e870325103000000000041660069006c00650031000f00100000ffffffffffffffffffff0000ffffffff46494c453120202020202020001fe870325132510000e870325105000a00000041660069006c00650032000f00140000ffffffffffffffffffff0000ffffffff46494c453220202020202020001fe870325132510000e870325106002823000041660069006c0065002e000f00d263006f006c0064000000ffff0000ffffffff46494c457e312020434f4c20001fe870325132510000e8703251070064000000", 0x120, 0x11000}, {&(0x7f0000010800)="2e2020202020202020202010001fe870325132510000e87032510300000000002e2e20202020202020202010001fe870325132510000e870325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c453020202020202020001fe870325132510000e870325104001a040000", 0x80, 0x51000}, {&(0x7f0000010900)='syzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkal\x00\x00\x00\x00\x00\x00', 0x420, 0x91000}, {&(0x7f0000010e00)='syzkallers\x00'/32, 0x20, 0xd1000}, {&(0x7f0000010f00)='syzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallers\x00'/128, 0x80, 0x151000}], 0x0, &(0x7f0000011000)) r1 = signalfd(0xffffffffffffffff, &(0x7f0000000680), 0x8) flistxattr(r1, &(0x7f0000000a00)=""/43, 0x2b) ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r1, 0xc0189375, &(0x7f0000000040)={{0x1, 0x1, 0x18, r0}, './file0\x00'}) r2 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_int(r2, 0x6, 0x25, &(0x7f00000002c0), 0x4) r3 = epoll_create(0x1) clock_gettime(0x0, &(0x7f00000000c0)={0x0, 0x0}) ppoll(&(0x7f0000000080)=[{r1}, {r2, 0x9408}, {r3, 0x224}], 0x3, &(0x7f0000000140)={r4, r5+60000000}, &(0x7f0000000180)={[0x9]}, 0x8) 19:59:07 executing program 2: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0xc042, 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)=0x40) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x2, 0x0) pwrite64(r1, &(0x7f00000000c0)='9', 0x1, 0x0) 19:59:07 executing program 6: munmap(&(0x7f0000ffc000/0x1000)=nil, 0x1000) mmap$IORING_OFF_CQ_RING(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x2000000, 0x4010, 0xffffffffffffffff, 0x8000000) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000640)={0x5, &(0x7f0000000600)=[{0x100, 0x20, 0x8, 0x5}, {0x20, 0x20, 0x7, 0x6}, {0x7, 0x6, 0x81, 0x8001}, {0x3, 0x34, 0xe5, 0xfffffffe}, {0xb8, 0x0, 0x1, 0x1000000}]}) fork() 19:59:07 executing program 1: r0 = io_uring_setup(0x50d1, &(0x7f0000000240)) r1 = eventfd(0x0) io_uring_register$IORING_REGISTER_EVENTFD(r0, 0x4, &(0x7f00000002c0)=r1, 0x1) r2 = perf_event_open$cgroup(&(0x7f00000000c0)={0x2, 0x80, 0x76, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_SET_FILTER(0xffffffffffffffff, 0x40082406, 0x0) ioctl$PERF_EVENT_IOC_ID(r2, 0x80082407, &(0x7f0000000000)) r3 = openat$zero(0xffffffffffffff9c, &(0x7f0000000040), 0x1, 0x0) r4 = perf_event_open$cgroup(&(0x7f00000000c0)={0x2, 0x80, 0x14, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_SET_FILTER(r4, 0x40082406, &(0x7f0000000000)=')\x00') r5 = perf_event_open$cgroup(&(0x7f00000000c0)={0x2, 0x80, 0x14, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_SET_FILTER(r5, 0x40082406, &(0x7f0000000000)=')\x00') ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r3, 0xc018937b, &(0x7f0000000080)={{0x1, 0x1, 0x18, r4, {0xffffffffffffffff, 0xee01}}, './file0\x00'}) r7 = signalfd(0xffffffffffffffff, &(0x7f0000000680), 0x8) flistxattr(r7, &(0x7f0000000a00)=""/43, 0x2b) io_uring_register$IORING_UNREGISTER_FILES(r7, 0x3, 0x0, 0x0) fcntl$dupfd(r0, 0x3329cbae916db66e, r6) mmap$perf(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x0, 0x12, r5, 0x10001) 19:59:07 executing program 7: perf_event_open(&(0x7f0000000080)={0x0, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x7}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f0000000100)=0x0) perf_event_open(&(0x7f0000000080)={0x5, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x2002, 0xa824}, r0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f0000000100)=0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0xfffffffffffffffe}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff}, r1, 0xfffffffffffffdff, 0xffffffffffffffff, 0x0) r2 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r2, 0xc0481273, &(0x7f0000000000)={'\x00', 0x0, 0x1, 0xd6c2, 0x0, 0x0, r1}) r3 = signalfd(0xffffffffffffffff, &(0x7f0000000680), 0x8) flistxattr(r3, &(0x7f0000000a00)=""/43, 0x2b) perf_event_open(&(0x7f0000000180)={0x3, 0x80, 0x0, 0x80, 0x6, 0x75, 0x0, 0x3, 0x800, 0x2, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x2, 0x4, @perf_bp={&(0x7f0000000000), 0x4}, 0x0, 0xce, 0x7fff, 0x8, 0x7, 0x6, 0x5, 0x0, 0x1, 0x0, 0x100}, r1, 0x0, r3, 0x3) syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000000540)={0x0, 0x0}) perf_event_open(&(0x7f00000004c0)={0x5, 0x80, 0x3, 0x42, 0x3f, 0x5d, 0x0, 0x9, 0x80000, 0x8, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x3, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x80000009, 0x4, @perf_config_ext={0x3, 0xfc0000000}, 0x12198, 0x1000, 0x0, 0x0, 0x8, 0x2, 0x9, 0x0, 0x9, 0x0, 0x5}, r4, 0x2, 0xffffffffffffffff, 0x3) mount$9p_fd(0x0, &(0x7f0000000240)='./file0\x00', &(0x7f0000000300), 0x242880, &(0x7f00000005c0)=ANY=[@ANYBLOB="7472616e7390a15ba47b28800000000000000000dc31655df04a2c38b41389c25277c75f06b768", @ANYRESHEX, @ANYBLOB="2c6a62267c2885e717862c6f9e4928", @ANYRESOCT, @ANYBLOB=',cache=fscache,version=9r2000.u,privport,nodevmap,loose,\x00osixacl,access=', @ANYRESDEC, @ANYBLOB=',access=any,cache=none,subj_role=,smackfsroot=,fsname=\\,smackfshat=,(^\\)\a^,hash,smackfsfloor=^#\",func=FIRMWARE_CHECK,\x00']) mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='xfs\x00', 0x40000, 0x0) lchown(&(0x7f0000000140)='./file0\x00', 0xee01, 0xee01) r5 = signalfd(0xffffffffffffffff, &(0x7f0000000680), 0x8) flistxattr(r5, &(0x7f0000000a00)=""/43, 0x2b) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000000340)) [ 140.477798] audit: type=1400 audit(1664567947.859:10): avc: denied { write } for pid=3971 comm="syz-executor.1" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 19:59:07 executing program 5: r0 = signalfd(0xffffffffffffffff, &(0x7f0000000680)={[0x6]}, 0x8) flistxattr(r0, &(0x7f0000000a00)=""/43, 0x2b) ioctl$SNAPSHOT_FREE(r0, 0x3305) r1 = openat$rtc(0xffffffffffffff9c, &(0x7f0000002440), 0x0, 0x0) ioctl$RTC_SET_TIME(r1, 0x4024700a, &(0x7f0000002480)={0x35, 0x0, 0x0, 0x15, 0x4, 0x7f}) [ 140.493278] loop3: detected capacity change from 0 to 5392 [ 140.499241] blktrace: Concurrent blktraces are not allowed on sg0 19:59:07 executing program 7: perf_event_open(&(0x7f0000000080)={0x0, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x7}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f0000000100)=0x0) perf_event_open(&(0x7f0000000080)={0x5, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x2002, 0xa824}, r0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f0000000100)=0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0xfffffffffffffffe}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff}, r1, 0xfffffffffffffdff, 0xffffffffffffffff, 0x0) r2 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r2, 0xc0481273, &(0x7f0000000000)={'\x00', 0x0, 0x1, 0xd6c2, 0x0, 0x0, r1}) r3 = signalfd(0xffffffffffffffff, &(0x7f0000000680), 0x8) flistxattr(r3, &(0x7f0000000a00)=""/43, 0x2b) perf_event_open(&(0x7f0000000180)={0x3, 0x80, 0x0, 0x80, 0x6, 0x75, 0x0, 0x3, 0x800, 0x2, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x2, 0x4, @perf_bp={&(0x7f0000000000), 0x4}, 0x0, 0xce, 0x7fff, 0x8, 0x7, 0x6, 0x5, 0x0, 0x1, 0x0, 0x100}, r1, 0x0, r3, 0x3) syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000000540)={0x0, 0x0}) perf_event_open(&(0x7f00000004c0)={0x5, 0x80, 0x3, 0x42, 0x3f, 0x5d, 0x0, 0x9, 0x80000, 0x8, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x3, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x80000009, 0x4, @perf_config_ext={0x3, 0xfc0000000}, 0x12198, 0x1000, 0x0, 0x0, 0x8, 0x2, 0x9, 0x0, 0x9, 0x0, 0x5}, r4, 0x2, 0xffffffffffffffff, 0x3) mount$9p_fd(0x0, &(0x7f0000000240)='./file0\x00', &(0x7f0000000300), 0x242880, &(0x7f00000005c0)=ANY=[@ANYBLOB="7472616e7390a15ba47b28800000000000000000dc31655df04a2c38b41389c25277c75f06b768", @ANYRESHEX, @ANYBLOB="2c6a62267c2885e717862c6f9e4928", @ANYRESOCT, @ANYBLOB=',cache=fscache,version=9r2000.u,privport,nodevmap,loose,\x00osixacl,access=', @ANYRESDEC, @ANYBLOB=',access=any,cache=none,subj_role=,smackfsroot=,fsname=\\,smackfshat=,(^\\)\a^,hash,smackfsfloor=^#\",func=FIRMWARE_CHECK,\x00']) mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='xfs\x00', 0x40000, 0x0) lchown(&(0x7f0000000140)='./file0\x00', 0xee01, 0xee01) r5 = signalfd(0xffffffffffffffff, &(0x7f0000000680), 0x8) flistxattr(r5, &(0x7f0000000a00)=""/43, 0x2b) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000000340)) [ 140.566868] blktrace: Concurrent blktraces are not allowed on sg0 [ 140.648571] blktrace: Concurrent blktraces are not allowed on sg0 [ 140.766214] blktrace: Concurrent blktraces are not allowed on sg0 VM DIAGNOSIS: 19:59:07 Registers: info registers vcpu 0 RAX=000000000000006f RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff823ba3c1 RDI=ffffffff8765a9c0 RBP=ffffffff8765a980 RSP=ffff88803f2ef340 R8 =0000000000000001 R9 =000000000000000a R10=000000000000006f R11=0000000000000001 R12=000000000000006f R13=ffffffff8765a980 R14=0000000000000010 R15=ffffffff823ba3b0 RIP=ffffffff823ba419 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 00007f5f4b83a700 00000000 00000000 GS =0000 ffff88806ce00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007f25f4670004 CR3=0000000009a1c000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 YMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM01=0000000000000000 0000000000000000 00007f5f4e3ab7c0 00007f5f4e3ab7c8 YMM02=0000000000000000 0000000000000000 00007f5f4e3ab7e0 00007f5f4e3ab7c0 YMM03=0000000000000000 0000000000000000 00007f5f4e3ab7c8 00007f5f4e3ab7c0 YMM04=0000000000000000 0000000000000000 ffffffffffffffff ffffffff00000000 YMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM06=0000000000000000 0000000000000000 0000000000000000 000000524f525245 YMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM08=0000000000000000 0000000000000000 0000000000000000 00524f5252450040 YMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 RAX=0000000000000000 RBX=ffff88806ce3f080 RCX=0000000000000000 RDX=ffff88800d2a0000 RSI=ffffffff813bbb47 RDI=0000000000000005 RBP=0000000000000000 RSP=ffff88803edcf958 R8 =0000000000000005 R9 =0000000000000000 R10=0000000000000001 R11=0000000000000001 R12=0000000000000003 R13=ffffed100d9c7e11 R14=ffff88806ce3f088 R15=0000000000000001 RIP=ffffffff813bbb49 RFL=00000293 [--S-A-C] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0000 0000000000000000 00000000 00000000 DS =0000 0000000000000000 00000000 00000000 FS =0000 00005555567b4400 00000000 00000000 GS =0000 ffff88806cf00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007f5f4e3ccedc CR3=0000000009a1c000 CR4=00350ee0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 YMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM01=0000000000000000 0000000000000000 00007f5f4e3ab7c0 00007f5f4e3ab7c8 YMM02=0000000000000000 0000000000000000 00007f5f4e3ab7e0 00007f5f4e3ab7c0 YMM03=0000000000000000 0000000000000000 00007f5f4e3ab7c8 00007f5f4e3ab7c0 YMM04=0000000000000000 0000000000000000 ffffffffffffffff ffffffff00000000 YMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM06=0000000000000000 0000000000000000 0000000000000000 000000524f525245 YMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM08=0000000000000000 0000000000000000 0000000000000000 00524f5252450040 YMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000