Warning: Permanently added '[localhost]:29812' (ECDSA) to the list of known hosts. 2022/10/01 09:55:00 fuzzer started 2022/10/01 09:55:01 dialing manager at localhost:35095 syzkaller login: [ 41.215378] cgroup: Unknown subsys name 'net' [ 41.294194] cgroup: Unknown subsys name 'rlimit' 2022/10/01 09:55:17 syscalls: 2215 2022/10/01 09:55:17 code coverage: enabled 2022/10/01 09:55:17 comparison tracing: enabled 2022/10/01 09:55:17 extra coverage: enabled 2022/10/01 09:55:17 setuid sandbox: enabled 2022/10/01 09:55:17 namespace sandbox: enabled 2022/10/01 09:55:17 Android sandbox: enabled 2022/10/01 09:55:17 fault injection: enabled 2022/10/01 09:55:17 leak checking: enabled 2022/10/01 09:55:17 net packet injection: enabled 2022/10/01 09:55:17 net device setup: enabled 2022/10/01 09:55:17 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2022/10/01 09:55:17 devlink PCI setup: PCI device 0000:00:10.0 is not available 2022/10/01 09:55:17 USB emulation: enabled 2022/10/01 09:55:17 hci packet injection: enabled 2022/10/01 09:55:17 wifi device emulation: failed to parse kernel version (6.0.0-rc7-next-20220930) 2022/10/01 09:55:17 802.15.4 emulation: enabled 2022/10/01 09:55:17 fetching corpus: 50, signal 25828/27599 (executing program) 2022/10/01 09:55:17 fetching corpus: 100, signal 38353/41666 (executing program) 2022/10/01 09:55:17 fetching corpus: 150, signal 44111/48928 (executing program) 2022/10/01 09:55:17 fetching corpus: 200, signal 49007/55241 (executing program) 2022/10/01 09:55:17 fetching corpus: 250, signal 54601/62110 (executing program) 2022/10/01 09:55:17 fetching corpus: 300, signal 61723/70329 (executing program) 2022/10/01 09:55:17 fetching corpus: 350, signal 67659/77351 (executing program) 2022/10/01 09:55:18 fetching corpus: 400, signal 71006/81830 (executing program) 2022/10/01 09:55:18 fetching corpus: 450, signal 74543/86439 (executing program) 2022/10/01 09:55:18 fetching corpus: 500, signal 78942/91842 (executing program) 2022/10/01 09:55:18 fetching corpus: 550, signal 80901/94935 (executing program) 2022/10/01 09:55:18 fetching corpus: 600, signal 83032/98125 (executing program) 2022/10/01 09:55:18 fetching corpus: 650, signal 85694/101757 (executing program) 2022/10/01 09:55:18 fetching corpus: 700, signal 88562/105467 (executing program) 2022/10/01 09:55:18 fetching corpus: 750, signal 92207/109768 (executing program) 2022/10/01 09:55:19 fetching corpus: 800, signal 93653/112156 (executing program) 2022/10/01 09:55:19 fetching corpus: 850, signal 95337/114694 (executing program) 2022/10/01 09:55:19 fetching corpus: 900, signal 98569/118544 (executing program) 2022/10/01 09:55:19 fetching corpus: 950, signal 100569/121323 (executing program) 2022/10/01 09:55:19 fetching corpus: 1000, signal 102325/123918 (executing program) 2022/10/01 09:55:19 fetching corpus: 1050, signal 105180/127301 (executing program) 2022/10/01 09:55:19 fetching corpus: 1100, signal 108284/130869 (executing program) 2022/10/01 09:55:19 fetching corpus: 1150, signal 110314/133441 (executing program) 2022/10/01 09:55:19 fetching corpus: 1200, signal 114790/137946 (executing program) 2022/10/01 09:55:20 fetching corpus: 1250, signal 117553/141046 (executing program) 2022/10/01 09:55:20 fetching corpus: 1300, signal 118392/142616 (executing program) 2022/10/01 09:55:20 fetching corpus: 1350, signal 119910/144706 (executing program) 2022/10/01 09:55:20 fetching corpus: 1400, signal 121106/146531 (executing program) 2022/10/01 09:55:20 fetching corpus: 1450, signal 123442/149195 (executing program) 2022/10/01 09:55:20 fetching corpus: 1500, signal 125103/151306 (executing program) 2022/10/01 09:55:20 fetching corpus: 1550, signal 126097/152908 (executing program) 2022/10/01 09:55:20 fetching corpus: 1600, signal 127560/154831 (executing program) 2022/10/01 09:55:20 fetching corpus: 1650, signal 129283/156886 (executing program) 2022/10/01 09:55:21 fetching corpus: 1700, signal 130104/158274 (executing program) 2022/10/01 09:55:21 fetching corpus: 1750, signal 131028/159750 (executing program) 2022/10/01 09:55:21 fetching corpus: 1800, signal 132273/161381 (executing program) 2022/10/01 09:55:21 fetching corpus: 1850, signal 134651/163800 (executing program) 2022/10/01 09:55:21 fetching corpus: 1900, signal 135561/165227 (executing program) 2022/10/01 09:55:21 fetching corpus: 1950, signal 138581/167964 (executing program) 2022/10/01 09:55:21 fetching corpus: 2000, signal 139576/169358 (executing program) 2022/10/01 09:55:21 fetching corpus: 2050, signal 140845/170921 (executing program) 2022/10/01 09:55:21 fetching corpus: 2100, signal 141623/172186 (executing program) 2022/10/01 09:55:22 fetching corpus: 2150, signal 142360/173361 (executing program) 2022/10/01 09:55:22 fetching corpus: 2200, signal 143308/174658 (executing program) 2022/10/01 09:55:22 fetching corpus: 2250, signal 144960/176365 (executing program) 2022/10/01 09:55:22 fetching corpus: 2300, signal 146030/177677 (executing program) 2022/10/01 09:55:22 fetching corpus: 2350, signal 148894/180018 (executing program) 2022/10/01 09:55:22 fetching corpus: 2400, signal 150142/181410 (executing program) 2022/10/01 09:55:22 fetching corpus: 2450, signal 151018/182584 (executing program) 2022/10/01 09:55:23 fetching corpus: 2500, signal 152982/184294 (executing program) 2022/10/01 09:55:23 fetching corpus: 2550, signal 153362/185138 (executing program) 2022/10/01 09:55:23 fetching corpus: 2600, signal 154614/186451 (executing program) 2022/10/01 09:55:23 fetching corpus: 2650, signal 155155/187369 (executing program) 2022/10/01 09:55:23 fetching corpus: 2700, signal 156079/188464 (executing program) 2022/10/01 09:55:23 fetching corpus: 2750, signal 156878/189625 (executing program) 2022/10/01 09:55:23 fetching corpus: 2800, signal 157898/190773 (executing program) 2022/10/01 09:55:23 fetching corpus: 2850, signal 158679/191767 (executing program) 2022/10/01 09:55:24 fetching corpus: 2900, signal 159323/192655 (executing program) 2022/10/01 09:55:24 fetching corpus: 2950, signal 160350/193730 (executing program) 2022/10/01 09:55:24 fetching corpus: 3000, signal 161452/194783 (executing program) 2022/10/01 09:55:24 fetching corpus: 3050, signal 162515/195872 (executing program) 2022/10/01 09:55:24 fetching corpus: 3100, signal 163604/196944 (executing program) 2022/10/01 09:55:24 fetching corpus: 3150, signal 164811/197995 (executing program) 2022/10/01 09:55:24 fetching corpus: 3200, signal 165940/198989 (executing program) 2022/10/01 09:55:24 fetching corpus: 3250, signal 167161/200008 (executing program) 2022/10/01 09:55:24 fetching corpus: 3300, signal 167753/200785 (executing program) 2022/10/01 09:55:25 fetching corpus: 3350, signal 168939/201768 (executing program) 2022/10/01 09:55:25 fetching corpus: 3400, signal 170003/202620 (executing program) 2022/10/01 09:55:25 fetching corpus: 3450, signal 171120/203470 (executing program) 2022/10/01 09:55:25 fetching corpus: 3500, signal 172622/204511 (executing program) 2022/10/01 09:55:25 fetching corpus: 3550, signal 173506/205297 (executing program) 2022/10/01 09:55:25 fetching corpus: 3600, signal 174189/206013 (executing program) 2022/10/01 09:55:25 fetching corpus: 3650, signal 174977/206711 (executing program) 2022/10/01 09:55:25 fetching corpus: 3700, signal 176368/207594 (executing program) 2022/10/01 09:55:26 fetching corpus: 3750, signal 177630/208444 (executing program) 2022/10/01 09:55:26 fetching corpus: 3800, signal 178250/209026 (executing program) 2022/10/01 09:55:26 fetching corpus: 3850, signal 178936/209640 (executing program) 2022/10/01 09:55:26 fetching corpus: 3900, signal 179893/210368 (executing program) 2022/10/01 09:55:26 fetching corpus: 3950, signal 180941/211081 (executing program) 2022/10/01 09:55:26 fetching corpus: 4000, signal 181657/211659 (executing program) 2022/10/01 09:55:26 fetching corpus: 4050, signal 182739/212300 (executing program) 2022/10/01 09:55:26 fetching corpus: 4100, signal 183591/212889 (executing program) 2022/10/01 09:55:27 fetching corpus: 4150, signal 184005/213338 (executing program) 2022/10/01 09:55:27 fetching corpus: 4200, signal 184889/213853 (executing program) 2022/10/01 09:55:27 fetching corpus: 4250, signal 185673/214392 (executing program) 2022/10/01 09:55:27 fetching corpus: 4300, signal 186340/214874 (executing program) 2022/10/01 09:55:27 fetching corpus: 4350, signal 186856/215276 (executing program) 2022/10/01 09:55:27 fetching corpus: 4400, signal 187824/215829 (executing program) 2022/10/01 09:55:27 fetching corpus: 4450, signal 188418/216227 (executing program) 2022/10/01 09:55:27 fetching corpus: 4500, signal 189402/216745 (executing program) 2022/10/01 09:55:27 fetching corpus: 4550, signal 190074/217186 (executing program) 2022/10/01 09:55:28 fetching corpus: 4600, signal 191606/217737 (executing program) 2022/10/01 09:55:28 fetching corpus: 4650, signal 192221/218120 (executing program) 2022/10/01 09:55:28 fetching corpus: 4700, signal 192709/218478 (executing program) 2022/10/01 09:55:28 fetching corpus: 4750, signal 193284/218834 (executing program) 2022/10/01 09:55:28 fetching corpus: 4800, signal 193755/219155 (executing program) 2022/10/01 09:55:28 fetching corpus: 4850, signal 194227/219499 (executing program) 2022/10/01 09:55:28 fetching corpus: 4870, signal 194679/219801 (executing program) 2022/10/01 09:55:28 fetching corpus: 4870, signal 194679/220051 (executing program) 2022/10/01 09:55:28 fetching corpus: 4870, signal 194679/220288 (executing program) 2022/10/01 09:55:28 fetching corpus: 4870, signal 194679/220538 (executing program) 2022/10/01 09:55:28 fetching corpus: 4870, signal 194679/220812 (executing program) 2022/10/01 09:55:28 fetching corpus: 4870, signal 194679/221085 (executing program) 2022/10/01 09:55:28 fetching corpus: 4870, signal 194679/221343 (executing program) 2022/10/01 09:55:28 fetching corpus: 4870, signal 194679/221620 (executing program) 2022/10/01 09:55:28 fetching corpus: 4870, signal 194679/221893 (executing program) 2022/10/01 09:55:28 fetching corpus: 4870, signal 194679/222144 (executing program) 2022/10/01 09:55:28 fetching corpus: 4870, signal 194679/222412 (executing program) 2022/10/01 09:55:28 fetching corpus: 4870, signal 194679/222651 (executing program) 2022/10/01 09:55:28 fetching corpus: 4870, signal 194679/222771 (executing program) 2022/10/01 09:55:28 fetching corpus: 4870, signal 194679/222771 (executing program) 2022/10/01 09:55:31 starting 8 fuzzer processes 09:55:31 executing program 0: fcntl$setown(0xffffffffffffffff, 0x8, 0x0) ioctl$EVIOCSABS20(0xffffffffffffffff, 0x401845e0, &(0x7f0000000000)={0x7fff, 0x6, 0x9, 0x8, 0x1000, 0xfffffffd}) fsetxattr$security_selinux(0xffffffffffffffff, &(0x7f0000000040), &(0x7f0000000080)='system_u:object_r:chfn_exec_t:s0\x00', 0x21, 0x3) r0 = syz_io_uring_complete(0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, &(0x7f00000000c0)={0x0, 0x0}) fcntl$F_GET_RW_HINT(r0, 0x40b, &(0x7f0000000140)) write$binfmt_elf32(r0, &(0x7f0000000180)={{0x7f, 0x45, 0x4c, 0x46, 0x4, 0x3, 0x0, 0x3f, 0x7ff, 0x3, 0x3e, 0x2, 0x298, 0x38, 0x204, 0x9, 0x2, 0x20, 0x2, 0x9, 0x1000, 0x20}, [{0x5, 0x4, 0x4, 0x3ff, 0xf47, 0x5, 0x2, 0x6}, {0x70000000, 0x3, 0xffffffff, 0x80000000, 0x6, 0x9, 0x4, 0xe135}], "c37472beb6c4d782a45c9939a3aa98a8d88c", ['\x00', '\x00', '\x00']}, 0x38a) r2 = perf_event_open(&(0x7f0000000580)={0x5, 0x80, 0x5f, 0x81, 0x2, 0x1f, 0x0, 0x80, 0xc012, 0x8, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x2, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000540), 0x1}, 0xc32, 0x227, 0x3cdc, 0x7, 0xffffffff, 0x6, 0x3, 0x0, 0x6, 0x0, 0xfffffffffffffffc}, r1, 0xb, r0, 0x2) r3 = socket$packet(0x11, 0x2, 0x300) fadvise64(r2, 0x400, 0x716, 0x1) r4 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000600), 0x40a000, 0x0) r5 = syz_open_dev$sg(&(0x7f0000000640), 0x7, 0x0) ioctl$AUTOFS_DEV_IOCTL_VERSION(r4, 0xc0189371, &(0x7f0000000680)={{0x1, 0x1, 0x18, r5}, './file0\x00'}) ioctl$BTRFS_IOC_QGROUP_LIMIT(r3, 0x8030942b, &(0x7f00000006c0)={0x356, {0x38, 0x1, 0x5, 0x6, 0x3}}) fremovexattr(r5, &(0x7f0000000700)=@random={'osx.', '/dev/hpet\x00'}) ioctl$AUTOFS_IOC_CATATONIC(r4, 0x9362, 0x0) fallocate(r2, 0x1, 0xffffffffffff0001, 0x100) ioctl$VFAT_IOCTL_READDIR_BOTH(r6, 0x82307201, &(0x7f0000000740)=[{0x0, 0x0, 0x100}, {0x0, 0x0, 0x100}]) recvmsg$unix(r6, &(0x7f0000000e80)={&(0x7f0000000980), 0x6e, &(0x7f0000000d80)=[{&(0x7f0000000a00)=""/215, 0xd7}, {&(0x7f0000000b00)=""/66, 0x42}, {&(0x7f0000000b80)=""/15, 0xf}, {&(0x7f0000000bc0)=""/149, 0x95}, {&(0x7f0000000c80)=""/212, 0xd4}], 0x5, &(0x7f0000000e00)=[@cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0x60}, 0x2000) ioctl$EVIOCGSND(r7, 0x8040451a, &(0x7f0000000ec0)=""/4096) 09:55:31 executing program 3: ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_START_SCHED_SCAN(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000000), 0xc, &(0x7f0000000140)={&(0x7f0000000080)={0x90, 0x0, 0x1, 0x70bd28, 0x25dfdbfc, {{}, {@val={0x8, 0x3, r0}, @val={0xc, 0x99, {0xffffff80, 0x80}}}}, [@NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_SCHED_SCAN_MATCH={0x4c, 0x84, 0x0, 0x1, [@NL80211_SCHED_SCAN_MATCH_ATTR_SSID={0x1c, 0x1, @random="4ad294af52587be815409b8b2c82c0b0d1e82025b593b227"}, @NL80211_SCHED_SCAN_MATCH_ATTR_SSID={0x24, 0x1, @random="ff4f94dd120c767536f9a4f6719fb90c1482fcdbc68af21cf0c8d761654e10ab"}, @NL80211_SCHED_SCAN_MATCH_ATTR_RSSI={0x8, 0x2, 0x2}]}, @NL80211_ATTR_TX_NO_CCK_RATE={0x4}, @NL80211_ATTR_MEASUREMENT_DURATION_MANDATORY={0x4}, @NL80211_ATTR_SCHED_SCAN_INTERVAL={0x8, 0x77, 0xa8000000}]}, 0x90}, 0x1, 0x0, 0x0, 0x4040}, 0x8000) r1 = open_tree(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x8400) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000200)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_TRIGGER_SCAN(r1, &(0x7f0000000340)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000300)={&(0x7f0000000280)={0x60, 0x0, 0x200, 0x70bd27, 0x25dfdbfe, {{}, {@val={0x8, 0x3, r2}, @val={0xc, 0x99, {0x101, 0x4a}}}}, [@NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_MEASUREMENT_DURATION={0x6, 0xeb, 0xffff}, @NL80211_ATTR_SCHED_SCAN_MATCH={0x1c, 0x84, 0x0, 0x1, [@NL80211_SCHED_SCAN_MATCH_ATTR_SSID={0xa, 0x1, @default_ap_ssid}, @NL80211_SCHED_SCAN_MATCH_ATTR_SSID={0xa, 0x1, @default_ap_ssid}]}, @NL80211_ATTR_SCHED_SCAN_RELATIVE_RSSI={0x5, 0xf6, 0x45}]}, 0x60}, 0x1, 0x0, 0x0, 0x10044084}, 0x80) clock_gettime(0x0, &(0x7f00000003c0)={0x0, 0x0}) utimensat(r1, &(0x7f0000000380)='./file0\x00', &(0x7f0000000400)={{r3, r4/1000+60000}, {0x77359400}}, 0x100) r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000480), r1) sendmsg$NL80211_CMD_JOIN_IBSS(r1, &(0x7f0000000580)={&(0x7f0000000440)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000540)={&(0x7f00000004c0)={0x5c, r5, 0x2, 0x70bd29, 0x25dfdbfd, {{}, {@void, @val={0xc, 0x99, {0x2, 0x66}}}}, [@NL80211_ATTR_FREQ_FIXED={0x4}, @NL80211_ATTR_MESH_CONFIG={0x34, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_FORWARDING={0x5, 0x13, 0x1}, @NL80211_MESHCONF_SYNC_OFFSET_MAX_NEIGHBOR={0x8, 0x15, 0x6}, @NL80211_MESHCONF_HWMP_NET_DIAM_TRVS_TIME={0x6, 0xd, 0x8}, @NL80211_MESHCONF_HWMP_MAX_PREQ_RETRIES={0x5, 0x8, 0x20}, @NL80211_MESHCONF_MAX_PEER_LINKS={0x6, 0x4, 0xd}, @NL80211_MESHCONF_HWMP_ACTIVE_PATH_TIMEOUT={0x8, 0xb, 0x7}]}, @NL80211_ATTR_PRIVACY={0x4}]}, 0x5c}}, 0x40080) r6 = perf_event_open(&(0x7f00000005c0)={0x3, 0x80, 0x3f, 0x5, 0x7, 0xab, 0x0, 0x2, 0x10440, 0x8, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x3, 0x2, @perf_config_ext={0x8, 0xfd}, 0x801, 0x0, 0xffffff85, 0x1, 0x8, 0xb58, 0x8000, 0x0, 0x0, 0x0, 0x5}, 0xffffffffffffffff, 0x6, r1, 0x6) recvmmsg$unix(r1, &(0x7f0000000c00)=[{{&(0x7f0000000640)=@abs, 0x6e, &(0x7f0000000700)=[{&(0x7f00000006c0)=""/6, 0x6}], 0x1}}, {{0x0, 0x0, &(0x7f0000000880)=[{&(0x7f0000000740)=""/200, 0xc8}, {&(0x7f0000000840)=""/43, 0x2b}], 0x2, &(0x7f00000008c0)=[@rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0x20}}, {{&(0x7f0000000900)=@abs, 0x6e, &(0x7f0000000b40)=[{&(0x7f0000000980)=""/196, 0xc4}, {&(0x7f0000000a80)=""/182, 0xb6}], 0x2, &(0x7f0000000b80)=[@cred={{0x1c}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @cred={{0x1c}}], 0x58}}], 0x3, 0x1, 0x0) fsetxattr$trusted_overlay_redirect(r7, &(0x7f0000000cc0), &(0x7f0000000d00)='./file0\x00', 0x8, 0x1) newfstatat(0xffffffffffffff9c, &(0x7f0000000e00)='./file0\x00', &(0x7f0000000e40)={0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) mount$9p_virtio(&(0x7f0000000d40), &(0x7f0000000d80)='./file0\x00', &(0x7f0000000dc0), 0x30403, &(0x7f0000000ec0)={'trans=virtio,', {[{@access_any}, {@aname={'aname', 0x3d, ')J'}}, {@msize={'msize', 0x3d, 0x40}}, {@nodevmap}, {@noextend}, {@msize={'msize', 0x3d, 0x4}}, {@fscache}, {@access_client}, {@version_9p2000}], [{@audit}, {@fowner_gt={'fowner>', r8}}, {@dont_measure}, {@dont_measure}, {@audit}]}}) ioctl$BTRFS_IOC_GET_FEATURES(r1, 0x80189439, &(0x7f0000000fc0)) ioctl$AUTOFS_DEV_IOCTL_FAIL(r7, 0xc0189377, &(0x7f0000001000)={{0x1, 0x1, 0x18, r6, {0xdb, 0x8}}, './file0\x00'}) r9 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r10 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000001080), 0xffffffffffffffff) sendmsg$IEEE802154_LLSEC_ADD_KEY(r9, &(0x7f0000001140)={&(0x7f0000001040)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000001100)={&(0x7f00000010c0)={0x28, r10, 0x1, 0x70bd2b, 0x25dfdbfb, {}, [@IEEE802154_ATTR_LLSEC_KEY_BYTES={0x14, 0x30, "9a637aba8109618515e09861321383ba"}]}, 0x28}, 0x1, 0x0, 0x0, 0x1}, 0x1) sendmsg$NL80211_CMD_CONNECT(r1, &(0x7f0000001280)={&(0x7f0000001180)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000001240)={&(0x7f0000001200)={0x38, 0x0, 0x1, 0x70bd27, 0x25dfdbfc, {{}, {@void, @val={0xc, 0x99, {0x7ff, 0xc}}}}, [@NL80211_ATTR_WANT_1X_4WAY_HS={0x4}, @NL80211_ATTR_DISABLE_HT={0x4}, @NL80211_ATTR_BG_SCAN_PERIOD={0x6, 0x98, 0x56a}, @NL80211_ATTR_USE_MFP={0x8, 0x42, 0x1}]}, 0x38}, 0x1, 0x0, 0x0, 0x1}, 0x10) 09:55:31 executing program 1: getrusage(0x1, &(0x7f0000000000)) getrusage(0xffffffffffffffff, &(0x7f00000000c0)) r0 = getpgid(0xffffffffffffffff) waitid(0x1, r0, &(0x7f0000000180), 0x1, &(0x7f0000000200)) getrusage(0x1, &(0x7f00000002c0)) ptrace$getsig(0x4202, r0, 0xfffffffffffffff7, &(0x7f0000000380)) r1 = open(&(0x7f0000000400)='./file0\x00', 0x80000, 0x156) waitid$P_PIDFD(0x3, r1, &(0x7f0000000440), 0x80000000, &(0x7f00000004c0)) getrusage(0xffffffffffffffff, &(0x7f0000000580)) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000640), 0x0, 0x0) waitid$P_PIDFD(0x3, r2, &(0x7f0000000680), 0x8, &(0x7f0000000700)) fcntl$getownex(r1, 0x10, &(0x7f00000007c0)={0x0, 0x0}) waitid(0x2, r3, &(0x7f0000000800), 0x8, &(0x7f0000000880)) waitid(0x0, r3, &(0x7f0000000940), 0x1, &(0x7f00000009c0)) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000a80)={0x7, 0x1a66548c, 0x1, 'queue0\x00', 0x3}) waitid(0x2, r0, &(0x7f0000000b40), 0x1000000, &(0x7f0000000bc0)) waitid(0x2, r3, &(0x7f0000000c80), 0x1000000, &(0x7f0000000d00)) getrusage(0x0, &(0x7f0000000dc0)) getrusage(0x1, &(0x7f0000000e80)) getrusage(0x1, &(0x7f0000000f40)) 09:55:31 executing program 2: ioctl$GIO_CMAP(0xffffffffffffffff, 0x4b70, &(0x7f0000000000)) r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000040), 0x40080, 0x0) ioctl$TIOCGPTLCK(r0, 0x80045439, &(0x7f0000000080)) r1 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x8, 0x2000) ioctl$AUTOFS_IOC_PROTOSUBVER(r1, 0x80049367, &(0x7f0000000100)) ioctl$MON_IOCQ_RING_SIZE(r0, 0x9205) ioctl$KDFONTOP_COPY(r0, 0x4b72, &(0x7f0000000540)={0x3, 0x0, 0x18, 0x17, 0x149, &(0x7f0000000140)}) sendmsg$IPCTNL_MSG_CT_DELETE(r0, &(0x7f0000000640)={&(0x7f0000000580)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000600)={&(0x7f00000005c0)={0x2c, 0x2, 0x1, 0x301, 0x0, 0x0, {0xc, 0x0, 0x1}, [@CTA_TUPLE_MASTER={0x18, 0xe, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @initdev={0xac, 0x1e, 0x0, 0x0}}, {0x8, 0x2, @broadcast}}}]}]}, 0x2c}}, 0x20000001) ioctl$AUTOFS_DEV_IOCTL_READY(r0, 0xc0189376, &(0x7f0000000680)={{0x1, 0x1, 0x18, r1, {0x4}}, './file0\x00'}) ioctl$MON_IOCQ_URB_LEN(r2, 0x9201) ioctl$AUTOFS_DEV_IOCTL_EXPIRE(r0, 0xc018937c, &(0x7f00000006c0)={{0x1, 0x1, 0x18, r2}, './file0\x00'}) ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(r2, 0xc0189378, &(0x7f0000000700)={{0x1, 0x1, 0x18, r1}, './file0\x00'}) r5 = syz_io_uring_setup(0x4b36, &(0x7f0000000740)={0x0, 0x5a30, 0x4, 0x2, 0x2b7, 0x0, r4}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f00000007c0)=0x0, &(0x7f0000000800)) ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(r0, 0xc018937e, &(0x7f0000000840)={{0x1, 0x1, 0x18, r5, @out_args}, './file0\x00'}) r7 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r7, 0x1, r3, &(0x7f0000000880)={0xc}) r8 = mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x100000f, 0x10, r2, 0x10000000) r9 = io_uring_register$IORING_REGISTER_PERSONALITY(r4, 0x9, 0x0, 0x0) syz_io_uring_submit(r6, r8, &(0x7f00000008c0)=@IORING_OP_MADVISE={0x19, 0x0, 0x0, 0x0, 0x0, &(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x9, 0x1, {0x0, r9}}, 0x2) ioctl$BTRFS_IOC_SEND(0xffffffffffffffff, 0x40489426, &(0x7f0000000c40)={{}, 0x6, &(0x7f0000000c00)=[0x5, 0x8, 0x0, 0x40, 0xfffffffffffffc01, 0x7], 0x7, 0x2, [0x3ff, 0xfffffffffffffffc, 0x1, 0x776a]}) 09:55:31 executing program 4: keyctl$session_to_parent(0x12) keyctl$session_to_parent(0x12) keyctl$session_to_parent(0x12) keyctl$session_to_parent(0x12) keyctl$session_to_parent(0x12) keyctl$session_to_parent(0x12) keyctl$session_to_parent(0x12) keyctl$session_to_parent(0x12) keyctl$session_to_parent(0x12) keyctl$session_to_parent(0x12) keyctl$session_to_parent(0x12) keyctl$session_to_parent(0x12) keyctl$session_to_parent(0x12) keyctl$session_to_parent(0x12) keyctl$session_to_parent(0x12) keyctl$session_to_parent(0x12) keyctl$session_to_parent(0x12) keyctl$session_to_parent(0x12) keyctl$session_to_parent(0x12) keyctl$session_to_parent(0x12) [ 71.764097] audit: type=1400 audit(1664618131.918:6): avc: denied { execmem } for pid=284 comm="syz-executor.0" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1 09:55:31 executing program 5: ioctl$INCFS_IOC_FILL_BLOCKS(0xffffffffffffffff, 0x80106720, &(0x7f0000000480)={0x7, &(0x7f0000000380)=[{0x5, 0x4c, &(0x7f0000000000)="8a52cbfa264273a3710f4129d480276c49add43239e518b9c79766d6201753ccf8c20d6a53fb346c461a01ff0d80281d00e85560f3be77c109e990e91559c711252a649ef50abed936ba6a13", 0x0, 0x1}, {0x4, 0x2c, &(0x7f0000000080)="805b8b5770887e7d8d7afe7c49ccd5512d2e07a500484cc8141fd61a12cd17334a8a76d4ef554112f49913e7", 0x0, 0x1ed2c8b3b03a44f2}, {0x4, 0x42, &(0x7f00000000c0)="14d2af30907444665b9508eee37244de83528fec351846e2d9a17d13522a9a3a7bcaf3988110cf866806f507742c7c02af3b35b9e9345ef74fa86c1008b490e7ddd4"}, {0x10000, 0xb3, &(0x7f0000000140)="31de82e26abf01d4608f5f67836689990370c800257d5291b1214a803262f19dd6c6b34fadb91144377e62a13afc7f46edeb2bc33e9738ab40c94c86dbfc89f4740ab2395cde4f39228a42dc2ddb241b9f8ecde52b41044b7f7730ba5ead9c43af3e3d308bca80565c03a3e042df3cd88086da3a8b189daab2a318df2f3cdcad5d70d9408b7bc9b145ba78750aca65f2e885e69f42c70d2e58b4eab531f9c72e0a7c8c8bdf83af2c05bfce062a87f99b66206d", 0x1, 0x1}, {0x6, 0x13, &(0x7f0000000200)="29c2eb3305a043cff6753b9381ced72725a349"}, {0x80, 0x1b, &(0x7f0000000240)="71aa119526da88914fd9705017659e801c5c2f94b4fc9e0383c671"}, {0xc6e, 0xee, &(0x7f0000000280)="af9e5478156030b55edc34fdaa733a8469dbda560408462c9860b97977c02ace131ed6d94240195ed1a28bc0b42756c4cacba4a7513f99abc7a3e9b011e2fdb4602e7ca5e760afc79f99e91748c78355a00d4c79812783d70d7e8ba98c461a20b2603ce92a160aa927fdca23b683aee8c1afafbab284e75886d651c548f5a445c446fa58de48c1735324cc713e37ab0ce984f4206be40e16ae14de73a9bad1189a66a2e5a694d4566a5ec411e9602f56d0346f35aeed6217a746776a376e3c014394844e43a38d1ec15d7174b8dc4ea3285554abee0f72b4057f9c7041991366eb7cac022f0bc6ec2489bfee705e", 0x1, 0x1}]}) splice(0xffffffffffffffff, &(0x7f00000004c0)=0x9, 0xffffffffffffffff, &(0x7f0000000500)=0x8, 0x4, 0x6) r0 = syz_open_procfs$namespace(0x0, &(0x7f0000000540)='ns/uts\x00') fcntl$lock(r0, 0x24, &(0x7f0000000580)={0x0, 0x3, 0x86, 0x6, 0xffffffffffffffff}) r1 = memfd_secret(0x80000) ioctl$NS_GET_OWNER_UID(r1, 0xb704, &(0x7f00000005c0)) setsockopt$WPAN_WANTACK(r1, 0x0, 0x0, &(0x7f0000000600)=0x1, 0x4) ioctl$RTC_ALM_SET(r1, 0x40247007, &(0x7f0000000640)={0x21, 0x34, 0x3, 0x1, 0xa, 0xffffffff, 0x6, 0x13f}) ioctl$BTRFS_IOC_SNAP_DESTROY_V2(r1, 0x5000943f, &(0x7f0000000700)={{r0}, 0x0, 0x1c, @inherit={0x50, &(0x7f0000000680)={0x0, 0x1, 0xe46, 0x9, {0x36, 0x3, 0x7, 0x74f, 0x9b1f}, [0x0]}}, @subvolid=0x100}) r2 = semget$private(0x0, 0x0, 0x94) semctl$SETALL(r2, 0x0, 0x11, &(0x7f0000001700)=[0x7f, 0xff7f, 0x1, 0x2]) getsockopt$IP_VS_SO_GET_INFO(r1, 0x0, 0x481, &(0x7f0000001740), &(0x7f0000001780)=0xc) recvmmsg$unix(r1, &(0x7f00000038c0)=[{{&(0x7f00000017c0), 0x6e, &(0x7f00000019c0)=[{&(0x7f0000001840)=""/179, 0xb3}, {&(0x7f0000001900)=""/138, 0x8a}], 0x2, &(0x7f0000001a00)=[@cred={{0x1c}}], 0x20}}, {{&(0x7f0000001a40)=@abs, 0x6e, &(0x7f0000002d40)=[{&(0x7f0000001ac0)=""/219, 0xdb}, {&(0x7f0000001bc0)=""/208, 0xd0}, {&(0x7f0000001cc0)=""/55, 0x37}, {&(0x7f0000001d00)=""/62, 0x3e}, {&(0x7f0000001d40)=""/4096, 0x1000}], 0x5, &(0x7f0000002dc0)=[@rights={{0x20, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x2c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x20, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0x108}}, {{&(0x7f0000002f00), 0x6e, &(0x7f0000003580)=[{&(0x7f0000002f80)=""/101, 0x65}, {&(0x7f0000003000)=""/63, 0x3f}, {&(0x7f0000003040)=""/10, 0xa}, {&(0x7f0000003080)=""/142, 0x8e}, {&(0x7f0000003140)=""/48, 0x30}, {&(0x7f0000003180)=""/203, 0xcb}, {&(0x7f0000003280)=""/163, 0xa3}, {&(0x7f0000003340)=""/87, 0x57}, {&(0x7f00000033c0)=""/230, 0xe6}, {&(0x7f00000034c0)=""/154, 0x9a}], 0xa}}, {{&(0x7f0000003640)=@abs, 0x6e, &(0x7f0000003800)=[{&(0x7f00000036c0)=""/93, 0x5d}, {&(0x7f0000003740)=""/113, 0x71}, {&(0x7f00000037c0)=""/17, 0x11}], 0x3, &(0x7f0000003840)=[@cred={{0x1c}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0x0}}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0x58}}], 0x4, 0x2, &(0x7f00000039c0)={0x77359400}) setns(r3, 0x20000000) lstat(&(0x7f0000003a00)='./file0\x00', &(0x7f0000003a40)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) fchown(r3, r6, r7) ioctl$sock_SIOCSIFVLAN_SET_VLAN_FLAG_CMD(r4, 0x8983, &(0x7f0000003ac0)={0x7, 'ipvlan1\x00', {0x401}, 0xd7}) r8 = openat$zero(0xffffffffffffff9c, &(0x7f0000003b00), 0x800c0, 0x0) write$binfmt_elf32(r8, &(0x7f0000003b40)={{0x7f, 0x45, 0x4c, 0x46, 0x9, 0xf7, 0x3f, 0x4f, 0x7f, 0x2, 0x3, 0x0, 0x165, 0x38, 0x8a, 0xfff, 0x6, 0x20, 0x1, 0x55bf, 0x8, 0xf2ee}, [{0x7, 0x10000, 0x1, 0x1, 0x3, 0xffff, 0x1000, 0xfff}], "894429270e76af4a47fa97071102eee87c390ecd197bf01443364db100b6c0ad29f00ae21d7d89ae8bd2fbb3e20d8c12529895be275426b8d0d26955338fce9bfb139b228f96ad8517b3261d6bbc0b3e004abf917f07b40cbb644d7a7eae093e47ba1ade09e901c201b55eadc78422895e89ce949ff4e586a91564ca23554de02aba96d5937c040e1ad76db03cc060ecb412d6d23f37630e4a06f0d4900f3224d0d99a6fb717b8d3219b01af59", ['\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00']}, 0x805) setsockopt$sock_void(r5, 0x1, 0x0, 0x0, 0x0) 09:55:31 executing program 6: ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'batadv_slave_1\x00', 0x0}) setsockopt$packet_buf(0xffffffffffffffff, 0x107, 0x2, &(0x7f0000000040)="424838b24aa7b36274a4437de42bcc3832fc65119512b33613644d9c85d92cbe5d183a274a5997d6e0b0440aa8c799514c27d9ae0e91a31dcf57bf6fc70fe52eebbeabf95b917bb2ab488bbd45a06af73475baee8c48f25adc5955a0aa558876c68e8da36939ba5ba34270b2dfc9726746b0f4eacce4e2466742e16ac3e9e595d1e3f39669bbca850fe23a1c59f16a658d2b1db495f6", 0x96) syncfs(0xffffffffffffffff) r1 = fsmount(0xffffffffffffffff, 0x0, 0x78) sendmsg$BATADV_CMD_TP_METER(r1, &(0x7f0000000200)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000140)={0x54, 0x0, 0x20, 0x70bd26, 0x25dfdbfe, {}, [@BATADV_ATTR_AP_ISOLATION_ENABLED={0x5}, @BATADV_ATTR_THROUGHPUT_OVERRIDE={0x8, 0x3b, 0x81}, @BATADV_ATTR_MULTICAST_FORCEFLOOD_ENABLED={0x5}, @BATADV_ATTR_AP_ISOLATION_ENABLED={0x5}, @BATADV_ATTR_GW_SEL_CLASS={0x8, 0x34, 0x8}, @BATADV_ATTR_ORIG_INTERVAL={0x8, 0x39, 0x100}, @BATADV_ATTR_ISOLATION_MARK={0x8, 0x2b, 0x7ff}, @BATADV_ATTR_BONDING_ENABLED={0x5}]}, 0x54}, 0x1, 0x0, 0x0, 0x800}, 0x40000) r2 = accept$inet(0xffffffffffffffff, 0x0, &(0x7f0000000240)) ioctl$sock_SIOCGIFVLAN_GET_VLAN_INGRESS_PRIORITY_CMD(r2, 0x8982, &(0x7f0000000280)) r3 = accept$inet(r1, 0x0, &(0x7f0000003440)) getsockopt$IPT_SO_GET_ENTRIES(r3, 0x0, 0x41, &(0x7f0000003480)={'security\x00', 0x1000, "f9bf846ea4f72bb284ee1225a8c887d08549e5f320e9d3f90445796b7cf513db1ec59715703354aee392250bebc114fa3e7dbe669406ea70256c658aa7eaa04c58184bb7ea744c4e89f5431f31ea57d67255813db2311fa4ab054cbdd05298fbaf013f77f7ccaa5665cc3ace69a03405cf5259d5ea77f1572befedcadd774621477d025b99f56e5c339b8934e319ff81ea1c265ceab491082d635ed249e235863bea782010d047d26719ec74c5b5aab66fdf7aeb03fdcc380ebce0828ea5405727090e9c2393ad230008da3917a784c0e1e8e6137d317139ba46ab2ecad46796d34d2e5eca626c9c848e4821e727286cad3abeb8ca5773603bce59e404c5283eae3640218f558f2713f3866cde1cbb28227ecf66a9c1511d1cea7c3d425c5d7e4f78886f1dee41ebfb938c20f809010726e385e86ee16133fd70b6d5e9c90077a9932306d38ff933d661c004e02658cc6fec106c586238892511044168e03b8d4b328213ce209ddf90bc33d51b8c72772d3a0b4c3b74561f6b15909055d2d676332d5a7851df77341c21ae2295119c5c046cd77076760054f4fabcbd7c625afdf3a67d6f49d8569b0ce11a390e8ec0315a67f8da5e70be258d327dd75e496524bba039fb0443aa1c063290442f8edd4e52c39b71cee75cb26aebb341edf1df3e729a8e1dc059929c648f2a7ccd3d5c1bfb8f106220c39dc72be019d78144fe3107e7fab1db3accddf496835016cb49157ef39b6507a37069168e5f35950c82f162ec7042924211a193d5fa6118913e50d054ed4a3164ea596d8eed0fde2bfce0229c3d2b7b06aac946318092324395f05088400fd111bd57e85f4c46564d7d518cf35bb5648415bc773736ac0af0b0c0d73025a2fca119a1240928afcb2f68903cc54f7b7f8f2339b191217c5169cc15f4f193ee7e3b4f9da181ab550c355ef5745024c2e5c3c48a49371aeda7d338cd5374e430a0697d02a0599fea8ba78a703399deefa608c723f1c700e678934e347615752472f69ad50bf3fc6ebc75af24cc551e35663c438f4ef420975bec73c95a99f779d25262bfffc361745f02c4980673b02133689505e01854df8c2cfa6e1182d3feafa873da9ad51911f55723701f8c90bff8b5c67072f0c777dd19cd64d94800ed73037bcce83f04c5357f27129dfeb3b8ad9e016fe7b6afd5360698a91ae0550782ef66e598a01584575b82442791a9d0646138d14a6fcc2a6211759fd05b590476b5a131a6f4747909676eff385fa042913e8c1534b02920b9cc368f74c2adbe5de1c221aa68670a4652e175a818f7667e786f26fe62868b7b6502cde185bc7d251d4ce99b4e7983cde36184ffd688b3513e490ebed42eba77fe1eb7aa3fe51a64fd273338825756b84f098162d18dc703ea2ab6f7ba16918058d1b491a4c695ab6791378a0ab19cf9b6ea6670d808405129ed6ea11afc700320341effff4e0e92f18d23375eefb228f150b60e4a7dd74159c4790c2a19499fd3a67634bafe5ea65568315c2632b468bc573ffe6866c147059fe05b13bbd102929b22a2ae61d37b4a652c50008d30193537a091149231424ecd5b7c1bf02c50a1700038c3f6b173d5ca4e5faaa46137e403d88c409eeb4688563507a1558d0a48b83f5426aad1a77c97faa322c0084cb5ac592cb2ed29c407aa09522afb994ddc4331fde927c9773bcf58864aa8dcd9f9b68fc13c3a20013ad9c420d1fa83737ea338b5257985546ae06e17e784fae9e08f5b7dfaba65a98737d9c459fea9c08564fe73f5c00c025387cc37a20f23c7de4d4604b566ab586ff1db6fa5f8597032833edb5509a8aacf2c8ec8400588188d9068b7deeef41759147eea384468457726c7cb846ff0cedc2fd06d0899d6be4ff772cb52ef659beae5b7267cbe8ea1db85b2d8f5e13913a9c59fa3bd871bd4c72aa29652cf943c11504644a4e01a5c14a34922641242d9b5296730952ce6847311908dc883ef673a453d3f2621817b0449dc218d2e12efc2543e740b668b0d315a553e07de5770a8ec7eb053f7f70ee55ec73982ba6f182bed42aa68af52f4d0216ac2a7b98c2aaf0c1ac753740bee4f9987ea1b41b0d6a26b80b8954b04ebe27ddc9855680bc3e180151f41073dc6206f041d2ab818466ca8e1422c6445fba1fa0c166a5b3f84727a862ebe2e8b88c9ac2fcbc0328bc8a5588d29e828c63cd2b6831563085ae7f4ddeb62f6fa7d8636453ba79cf853f23f8d4d00418efdb74ff98999594b72dbf892268a839a192e9003891792e89bcd2c2170c1d819b7448c42f58be0363362011866b9a02e8a3b08e52aa1e4606286c93487a53457080cadcab2939f3c549b9d2e36924adeccba2aea454b8b262944d06ba16472db8a3dd3444744884e76188ea2b05230dd691da854fd039fda59a2d6d53c7f3e83112d4685efdbccb3fdbee586695d9b95fff365d0592eb8592c61f5fe6bc56cb5abf0f12826c8890688382dd873220e22554ca321d20242270f885adc2437e04953f273799cb60a537d1ff176fb0b3dc5b2223ed2f8f53e34d37a54ca00d0d79a07843f586e6b05e133c5a26a795f246c9c44e00b6ba88fe85dc5c762f5d2e6f1e45d1691c2356201a2db291852a7ffeb4e821b4e6c7e5a654ec663c5cac899a661f87cd7083e7e3d410abf079115b9328aeac8cb1e4b9489e0028e8fe0a7bf284617cb719d0990d978bb9a471fc0ea9d9d7f3374953602900a30ca6e9c3f2b209d1bb29db5983bf1c1142a87921e22007c66c3851c3d26c1611fdd2e466ed94bb130484aea4fd334166bf21c19e16058e025d18fa754ee0e8db2e74cb7fe8a81197305f65e21b1a7c166a7333e92e6ee30b039ce49b3f69bf54a8d6c4c7f88992f87a7f95fd9e19a97b874d98c772fd75738513ab21e71796ca80c332063ba90ba8243a995a0afca5e83876e925345e289571ec64389adb6b7d63123220eaa28587fc2bca3c1119aab3f45dc8236d923b704cd1aafecee7a480f830a5b7e0b45e6ef7d2864d7da99eac040e9f388f7242e2ba4aca2c8710906e6634c307a3e806f5ca14ce08254ef71d5e079f2d7a23cae7d5d07183a02e3cbb749e748604ee754ed78bc0eee81756b03c3f0f81fd9444f2d1e3bb44881d6beed369a486a38da4509a8b910fd735924633844e8e69c6386ba1672ecceb035bae0a07ac24e3868648def8322469142aa2be11ddf01dd563c435d4b41ea47dbec91d24997b06d712c04f48013d2026cb384ed3dbe7c5cf2b6d8dba4fcffb43b3c6d8db159cbfa40049dbe41167fd26e38522e7691bbf8ba8420539cd74efadb2c5482f233fe09f1d27b7f458ecc9035efe5aea5453030ff74fca194bfe6e82023061b691362802d162a7d69d1b9406b9a39857f169844bd6725c2761ea30bae133e8b40bacb23fea96d841218a8aaa5cfa950ddab54e6dbc44f670df56f6ab1b43837d64cd9c88699c50f1f3c7a3ca4bef4d09b8e474c9d6a703be53a6854cf3bcec98db992c63b3ccc05277a3286c2e17df5c7b0029cc2c50ed4c704a587545cb3f319eba70ee37b522bb37c7ca728f15428bf3bacebd6e8970285b925d79c7274997d5d0a227b72eee113e47cdb08ef16186467bab1ead7ef8911bd3994648c90b233ab97c80e23fe22c6f4d033cba62f8aa792b923da65d52d6595048e5f21209fe5751c3d112d8916b1be88f5bb42d387c0841aed39a20b49c9f98567867f7c51fb24ceca60871bf6006da0807fd898dfa8e04339d866686530884233ad14a76da5e2d028ff3faace5716cd6e6a319aad1e94ffadad56c834c89bc55e627c01cc73eb557d3f5a860c0bce060a16f1fa14b90d25fd808a67dfbe0c2bf584b442ff2b199a8d338de799a0bc15013e8f7bb7bd16b0b6f467e178a7f0eb3c8ca844ca2541ee830b1e665ab4495894f8293c2de5f08de3bd61d85944ed7e6073e03a3c70208a9340c3615410743a9b429f3565919d364f71a99129965b65539af625b161ce9f95f6f380a89a0f3193b8c7c5d49a1948fb4fc839710f94a405edab46aa4cf5cb21886855594fac2746388a023e7ee7527279558ad5589b0564e24c151d1f71f28b193d968b5d9cfbf11b0a6cb90f7881c0803862c0f30021dbbdec65493874db833e7624a97bb05ab16bff431dfe61db8aac1f9347a6a511a99abeb38de11d9df17f28d50dc2952cfa4d472aa611a41c55f23cfb1accf1b6272d1d0d63281b8d5313ab08d0b0784d968fbd39c115c35e57f4584f5db743c8c3147d1bbc72883aaf6062ecf4904f9a900c35f921757a28ca475b86734f24b40a4831611379bfb9147d8270f896bf29231e67b0d5cbb86c27feb0ff468f78c90ad61169c31f2363728b3eaeb8a3c8e1273418ebed61646b625a05c847ad409685ef6bbadec042272b76a2f4eded8b3ccdf742d306e5f8e1a20a206adb127583c3b9ad24809b8809cde467379db9d5770e53f9647985da23dc6308c7a74996305f7eabbd9f65a6408fe47f5b29b4c333ed82ec770cdcf197b6e914a38a3f7f3eb9d28b9e29921a9eecb8363644052f9bccec6e457412fb0ad7938b719f0647fdb279c99826cbdf6e7cdc0e32fc886d7136ffc6fcb6446b5565ba7c103859f3abfaab362bdfa4e6ec5d979f27a67485b132f5af2a39517235e7052997b49055aefc0d0d016c0dcbf86824cd689141552ecbfc42451a209fbc399ee4612f05c1b4aed76166dbef65459fb4e5499f03a479079a52c926dad0da58d96db655a88f056ecf78e2112e50e77781c05f7c9006d48faf2c98a0cf4e25e48c4ffb38db6cebafad317f4426708c21656b747a4f4d10c663ef13b61dd1d77b767591cdf81e28110479abc648256f1acfe3b162b67a29e827448058b8ada28f581ef16abd59c92198c997c302a8131f1e3f6df33666c67644d5c91c10e48d1842420b8edf0b937e18018b65e6048723152a17cf3b023918bce683a89e4da0efb53fce25fcaa492e23650f352a20ef94dcdf258be8b3a416f9ee5429407f71997d2ae6cd4c852f4bf1a93d0c56ee63b50fdb375a49bc50fb4437b413102a20eaa420e83482f87c5ce809a66e36adf2d0e5a7b512a75258446c11237c9f4dbd39f8044301e2cb688e85b50e3bae157f3bbbc56147a5422011a4c99a588b561a2ed20734aea144111dc0103f115f8862a366fd4892f7058f0a175d074bfc92978ad164b103f21957e7d7ccb332da814463b9252e3596da455c2aef660d2ab487ca1f972a5fa24d001954e122419ae0d919314c0bdff5fa27c0646ccf7dbce34a1d40891a8068b9298024695564a51ab2728079dfc4635719e7777d7b113f09e0ea2bddd260656b61b8c37a86e84ededd846f106883e82f97cb1b9a72ec26c1d7d9a87f69640b266d77a29818e644df6b29d0b36eecfde7521bba361d4f0860c6f740817b3ea1466ecac5dc5e80f27fa7fdf8d61c70a1f42e7c22e5bfebda8c13ad4cf5df0e06524d037b97f0c7628cab54d920abb88693fd5d3eb0ee60ade4fc8565527af29d533f2d1fa635a82484be3ffc3a997504d0100d5f062a5fb01bc20187c82c4d54abb3676b7e39f6b042324c701b04b5a86c20f139a0f28d02b5d91dd1707ad6c49b4815d50c00955d122b088b7e14bb6576ddaf45ec82f18fc0c566682d85e74be1aad5f1e3b0f5ed4805b088b4036acd797f8d6f371f73367c9629e81146d8e38c681e602244c336ae23b0cedd3f88db8f5489fc44d23f96f16e35a2617a26dcb1513095b35e75943ae1f61916739fcbd2"}, &(0x7f00000044c0)=0x1024) ioctl$ifreq_SIOCGIFINDEX_wireguard(r3, 0x8933, &(0x7f0000004540)={'wg1\x00', 0x0}) sendmsg$MPTCP_PM_CMD_ADD_ADDR(r1, &(0x7f0000004680)={&(0x7f0000004500)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000004640)={&(0x7f0000004580)={0xc0, 0x0, 0x800, 0x70bd25, 0x25dfdbfd, {}, [@MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x5}, @MPTCP_PM_ATTR_ADDR={0x3c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_IF_IDX={0x8, 0x7, r4}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x7}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @loopback}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x7}, @MPTCP_PM_ADDR_ATTR_PORT={0x6, 0x5, 0x4e23}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x3}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0xa}]}, @MPTCP_PM_ATTR_ADDR={0x1c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ID={0x5, 0x2, 0x3f}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0xd}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x5}]}, @MPTCP_PM_ATTR_ADDR={0x14, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @initdev={0xac, 0x1e, 0x0, 0x0}}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8, 0x7, r0}]}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x5}, @MPTCP_PM_ATTR_SUBFLOWS={0x8}, @MPTCP_PM_ATTR_ADDR={0x14, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0xa}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x1}]}, @MPTCP_PM_ATTR_ADDR={0x14, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_PORT={0x6, 0x5, 0x4e23}, @MPTCP_PM_ADDR_ATTR_PORT={0x6, 0x5, 0x4e21}]}]}, 0xc0}, 0x1, 0x0, 0x0, 0x20000800}, 0x4) r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000004700), r1) sendmsg$NL80211_CMD_GET_WOWLAN(r1, &(0x7f00000047c0)={&(0x7f00000046c0)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000004780)={&(0x7f0000004740)={0x1c, r5, 0x100, 0x70bd29, 0x25dfdbff, {{}, {@val={0x8, 0x1, 0x2a}, @void, @void}}, [""]}, 0x1c}, 0x1, 0x0, 0x0, 0x10}, 0x80) fcntl$F_SET_FILE_RW_HINT(r3, 0x40e, &(0x7f0000004800)=0x3) getsockopt$inet_pktinfo(r3, 0x0, 0x8, &(0x7f0000004840)={0x0, @empty, @broadcast}, &(0x7f0000004880)=0xc) sendmsg$NL80211_CMD_GET_SCAN(r1, &(0x7f0000004980)={&(0x7f00000048c0)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000004940)={&(0x7f0000004900)={0x1c, r5, 0x4, 0x1, 0x25dfdbfd, {{}, {@val={0x8}, @void}}, ["", "", "", "", "", "", "", "", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x20050000}, 0x80) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r1, 0xc018937b, &(0x7f00000049c0)={{0x1, 0x1, 0x18, r1, {0xee01, 0xee00}}, './file0\x00'}) sendmsg$DEVLINK_CMD_TRAP_GROUP_GET(r6, &(0x7f0000004c40)={&(0x7f0000004a00)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000004c00)={&(0x7f0000004a40)={0x184, 0x0, 0x300, 0x70bd2c, 0x25dfdbfc, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0xd}}, {@pci={{0x8}, {0x11}}, {0xd}}, {@pci={{0x8}, {0x11}}, {0xd}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0xd}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0xd}}, {@pci={{0x8}, {0x11}}, {0xd}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0xd}}, {@pci={{0x8}, {0x11}}, {0xd}}]}, 0x184}, 0x1, 0x0, 0x0, 0x80}, 0x80) ioctl$sock_TIOCOUTQ(r2, 0x5411, &(0x7f0000004c80)) timerfd_settime(0xffffffffffffffff, 0x0, &(0x7f0000004cc0)={{0x77359400}, {0x77359400}}, &(0x7f0000004d00)) 09:55:31 executing program 7: setsockopt$inet_tcp_TCP_FASTOPEN_KEY(0xffffffffffffffff, 0x6, 0x21, &(0x7f0000000000)="22545afaed7269c3782232492ad8e506", 0x10) setsockopt$inet_msfilter(0xffffffffffffffff, 0x0, 0x29, &(0x7f0000000040)={@rand_addr=0x64010101, @broadcast, 0x0, 0x6, [@dev={0xac, 0x14, 0x14, 0xf}, @initdev={0xac, 0x1e, 0x1, 0x0}, @empty, @private=0xa010102, @rand_addr=0x64010100, @private=0xa010102]}, 0x28) r0 = syz_open_dev$char_usb(0xc, 0xb4, 0x3ff) ftruncate(r0, 0x9) getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(0xffffffffffffffff, 0x6, 0x23, &(0x7f0000001140)={&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x0, 0x0, &(0x7f0000000080)=""/4096, 0x1000, 0x0, &(0x7f0000001080)=""/151, 0x97}, &(0x7f0000001180)=0x40) r1 = openat$vcs(0xffffffffffffff9c, &(0x7f00000011c0), 0x80000, 0x0) ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f00000012c0)={0x4, 0x0, &(0x7f0000001200)=[@enter_looper], 0x70, 0x0, &(0x7f0000001240)="effbe0755978aba6ac8ca2fdd5cfd38db17525bb5e4974a8cd9dcab7ca5d5392d35c36a5e4119e487a22f14bfd340cccb95d188c1366d9fb54ea2b75f5953b9b39100c18fac2acd6be8f0c2918d29d022621335d5ea391295cbd78c0652532ac14fe692122db42435502e5bae2395a84"}) setsockopt$inet_tcp_TCP_MD5SIG(r1, 0x6, 0xe, &(0x7f0000001300)={@in6={{0xa, 0x4e21, 0x5, @private1={0xfc, 0x1, '\x00', 0x1}, 0xc5f}}, 0x0, 0x0, 0x4b, 0x0, "c96087bae827ca822df27dd9acbfd71d5524d459d75d830c90592b5be587eff3f8c3d8854c2d7ed111f16ee89a298490105345a4d0b71a11e56d4814381a28b442cfc13e91f74b05bff71a4b0c1d13d7"}, 0xd8) sendmsg$NFQNL_MSG_CONFIG(r1, &(0x7f0000001500)={&(0x7f0000001400)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f00000014c0)={&(0x7f0000001440)={0x54, 0x2, 0x3, 0x101, 0x0, 0x0, {0x0, 0x0, 0xa}, [@NFQA_CFG_FLAGS={0x8}, @NFQA_CFG_PARAMS={0x9, 0x2, {0x101}}, @NFQA_CFG_PARAMS={0x9, 0x2, {0x4, 0x1}}, @NFQA_CFG_FLAGS={0x8}, @NFQA_CFG_MASK={0x8, 0x4, 0x1, 0x0, 0x6}, @NFQA_CFG_MASK={0x8, 0x4, 0x1, 0x0, 0xd}, @NFQA_CFG_FLAGS={0x8, 0x5, 0x1, 0x0, 0x1}]}, 0x54}, 0x1, 0x0, 0x0, 0x8880}, 0x0) pipe2(&(0x7f0000001540)={0xffffffffffffffff}, 0x0) setsockopt$inet_tcp_TLS_RX(r2, 0x6, 0x2, &(0x7f0000001580)=@gcm_256={{0x304}, "5322678ace5302f5", "b0fcf04e06796dbbeda2758c4f515c9d62a782684c1987c718c052eb77f1804e", "770c0f20", "6ceb5c5b04edfcb2"}, 0x38) setsockopt$SO_TIMESTAMPING(r1, 0x1, 0x41, &(0x7f00000015c0)=0x2002, 0x4) r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000001600)='./binderfs2/binder0\x00', 0x2, 0x0) r4 = fsopen(&(0x7f0000001640)='pvfs2\x00', 0x0) ioctl$F2FS_IOC_MOVE_RANGE(r3, 0xc020f509, &(0x7f0000001680)={r4, 0x3, 0x3, 0x81}) r5 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000016c0)='/sys/kernel/debug', 0x4000, 0x18) getpeername(r5, &(0x7f0000001700)=@rxrpc=@in4={0x21, 0x0, 0x2, 0x10, {0x2, 0x0, @dev}}, &(0x7f0000001780)=0x80) r6 = syz_open_dev$tty1(0xc, 0x4, 0x4) finit_module(r6, &(0x7f00000017c0)='[\x00', 0x3) bind$bt_l2cap(0xffffffffffffffff, &(0x7f0000001800)={0x1f, 0x6b50, @none, 0x1, 0x2}, 0xe) [ 73.175512] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 73.177038] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 73.178393] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 73.182841] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 73.184484] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 73.185566] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 73.186649] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 73.187835] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 73.189136] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 73.190224] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 73.191287] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 73.192711] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 73.221168] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 73.225564] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 73.226911] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 73.227976] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 73.229622] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 73.230848] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 73.232641] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 73.235872] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 73.237982] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 73.239456] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 73.240535] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 73.241608] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 73.242778] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 73.244514] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 73.245923] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 73.247010] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 73.248113] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 73.249194] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 73.255049] Bluetooth: hci3: HCI_REQ-0x0c1a [ 73.256381] Bluetooth: hci2: HCI_REQ-0x0c1a [ 73.256997] Bluetooth: hci0: HCI_REQ-0x0c1a [ 73.267154] Bluetooth: hci1: HCI_REQ-0x0c1a [ 73.268006] Bluetooth: hci4: HCI_REQ-0x0c1a [ 73.289371] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 73.293587] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 73.295235] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 73.298479] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 73.300498] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 73.302004] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 73.308059] Bluetooth: hci7: HCI_REQ-0x0c1a [ 73.318271] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 73.320664] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 73.322037] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 73.323481] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 73.340553] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 73.344858] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 73.350209] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 73.362895] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 73.363573] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 73.369084] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 73.372522] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 73.377492] Bluetooth: hci6: HCI_REQ-0x0c1a [ 73.378784] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 73.392436] Bluetooth: hci5: HCI_REQ-0x0c1a [ 75.288720] Bluetooth: hci0: command 0x0409 tx timeout [ 75.288769] Bluetooth: hci1: command 0x0409 tx timeout [ 75.289633] Bluetooth: hci2: command 0x0409 tx timeout [ 75.290165] Bluetooth: hci3: command 0x0409 tx timeout [ 75.290275] Bluetooth: hci4: command 0x0409 tx timeout [ 75.352633] Bluetooth: hci7: command 0x0409 tx timeout [ 75.416370] Bluetooth: hci5: command 0x0409 tx timeout [ 75.417428] Bluetooth: hci6: command 0x0409 tx timeout [ 77.336353] Bluetooth: hci3: command 0x041b tx timeout [ 77.336769] Bluetooth: hci2: command 0x041b tx timeout [ 77.337145] Bluetooth: hci1: command 0x041b tx timeout [ 77.337840] Bluetooth: hci0: command 0x041b tx timeout [ 77.338267] Bluetooth: hci4: command 0x041b tx timeout [ 77.400407] Bluetooth: hci7: command 0x041b tx timeout [ 77.464362] Bluetooth: hci6: command 0x041b tx timeout [ 77.464777] Bluetooth: hci5: command 0x041b tx timeout [ 79.385382] Bluetooth: hci4: command 0x040f tx timeout [ 79.385843] Bluetooth: hci0: command 0x040f tx timeout [ 79.386230] Bluetooth: hci1: command 0x040f tx timeout [ 79.386663] Bluetooth: hci2: command 0x040f tx timeout [ 79.387065] Bluetooth: hci3: command 0x040f tx timeout [ 79.449376] Bluetooth: hci7: command 0x040f tx timeout [ 79.513373] Bluetooth: hci5: command 0x040f tx timeout [ 79.513800] Bluetooth: hci6: command 0x040f tx timeout [ 81.432641] Bluetooth: hci3: command 0x0419 tx timeout [ 81.433087] Bluetooth: hci2: command 0x0419 tx timeout [ 81.433486] Bluetooth: hci1: command 0x0419 tx timeout [ 81.433850] Bluetooth: hci0: command 0x0419 tx timeout [ 81.434211] Bluetooth: hci4: command 0x0419 tx timeout [ 81.497476] Bluetooth: hci7: command 0x0419 tx timeout [ 81.560392] Bluetooth: hci6: command 0x0419 tx timeout [ 81.560773] Bluetooth: hci5: command 0x0419 tx timeout 09:56:26 executing program 7: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000001480)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = openat$pidfd(0xffffffffffffff9c, &(0x7f0000001bc0), 0x0, 0x0) sendmmsg$unix(r1, &(0x7f0000006b40)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000002ec0)=[@rights={{0x14, 0x1, 0x1, [r2]}}], 0x18}}], 0x1, 0x0) r3 = dup2(r0, r0) bind$unix(r3, &(0x7f0000000000)=@file={0x0, './file0\x00'}, 0x6e) 09:56:26 executing program 7: stat(&(0x7f0000000240)='./file0\x00', &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0}) setresuid(0x0, r0, 0x0) syz_mount_image$tmpfs(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x49000, &(0x7f0000000140)={[{@huge_within_size}, {@uid={'uid', 0x3d, r0}}, {@size={'size', 0x3d, [0x3c97672bcbfd9608, 0x70, 0x36]}}, {@nr_inodes={'nr_inodes', 0x3d, [0x32, 0x65, 0x0, 0x25, 0x36, 0x0]}}]}) openat2$dir(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)={0x0, 0x0, 0x1}, 0x18) 09:56:26 executing program 7: ioctl$sock_ipv6_tunnel_SIOCCHG6RD(0xffffffffffffffff, 0x89fb, &(0x7f0000000140)={'ip6gre0\x00', &(0x7f0000000080)={'ip6tnl0\x00', 0x0, 0x4, 0xb7, 0x8, 0x1ff, 0x8, @mcast2, @empty, 0x80, 0x80, 0x80000001, 0x1}}) stat(&(0x7f0000000240)='./file0\x00', &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0}) setresuid(0x0, r1, 0x0) sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000180)={&(0x7f00000004c0)=@getae={0x1a4, 0x1f, 0x20, 0x70bd2b, 0x25dfdbfd, {{@in6=@remote, 0x4d2, 0x2, 0xff}, @in=@private=0xa010102, 0x7, 0x3503}, [@algo_aead={0x92, 0x12, {{'rfc4106-gcm-aesni\x00'}, 0x230, 0x100, "c9699fccc5197fd157397b30a3f6ad79070b48b6856c2bed75668714fc086869cd0e28b07f327e09681a8ba33271b26b0c3aa1d59d7cc27baf66420b0880bd801fa3296f2960"}}, @XFRMA_SET_MARK_MASK={0x8, 0x1e, 0x800}, @policy_type={0xa, 0x10, {0x1}}, @policy={0xac, 0x7, {{@in=@remote, @in=@loopback, 0x4e20, 0xbc, 0x4e23, 0x0, 0x2, 0x20, 0x20, 0x33, r0, r1}, {0x7, 0x3, 0xfffffffffffffffc, 0x4, 0x53ae, 0x8001, 0x9, 0x4}, {0x8, 0x2, 0x100, 0xa4}, 0x7, 0x6e6bb5, 0x1, 0x0, 0x2, 0x3}}, @replay_val={0x10, 0xa, {0x70bd2d, 0x70bd29, 0x4}}]}, 0x1a4}, 0x1, 0x0, 0x0, 0x4000}, 0x1) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x80000, 0x1d, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000900100000f000000000000000000000004000000000002000020000020000000d1f4655fd1f4655f0100ffff53ef010001000000d1f4655f000000000000000001000000000000000b0000000001000018000000c28500002b0200000000000000000000000000000000000073797a6b616c6c6572000000000000002f746d702f73797a2d696d61676567656e37313332313635343500"/192, 0xc0, 0x400}, {&(0x7f0000010100)="000000000000000000000000f2a953140c764271ad9be301789147cf010040000c00000000000000d1f4655f00"/64, 0x40, 0x4e0}, {&(0x7f0000010200)="00000000000000000000000000000000000000000000000000000000200020000100000000000500400000000000000000000000000000003100000000000000", 0x40, 0x540}, {&(0x7f0000010300)="03000000040000000500000019000f0003000400"/32, 0x20, 0x800}, {&(0x7f0000010400)="7f000000ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff0100ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff0000000000000000d1f4655fd1f4655fd1f4655f00"/2080, 0x820, 0xc00}, {&(0x7f0000010d00)="ed41000000040000d1f4655fd1f4655fd1f4655f00000000000004002000000000000800050000000af301000400000000000000000000000100000010000000", 0x40, 0x1500}, {&(0x7f0000010e00)="20000000e85575eae85575ea00000000d1f4655f00"/32, 0x20, 0x1580}, {&(0x7f0000010f00)="8081000000300404d1f4655fd1f4655fd1f4655f00000000000001002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000030000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000d1f4655f00"/160, 0xa0, 0x1a00}, {&(0x7f0000011000)="c0410000002c0000d1f4655fd1f4655fd1f4655f00000000000002002000000000000800000000000af301000400000000000000000000000b00000020000000", 0x40, 0x1e00}, {&(0x7f0000011100)="20000000000000000000000000000000d1f4655f000000000000000000000000000002ea00"/64, 0x40, 0x1e80}, {&(0x7f0000011200)="ed4100003c000000d1f4655fd1f4655fd1f4655f0000000000000200000000000000001003000000020000000d0000001000050166696c65300000000e0000002800050766696c6531000000000000000000000000000000000000000000000000000000d908479700000000000000000000000000000000000000000000000020000000e85575eae85575eae85575ead1f4655fe85575ea0000000000000000000002ea04070000000000000000000000000000646174610000000000000000", 0xc0, 0x1f00}, {&(0x7f0000011300)="ed8100001a040000d1f4655fd1f4655fd1f4655f00000000000001002000000000000800010000000af30100040000000000000000000000020000005000000000000000000000000000000000000000000000000000000000000000000000000000000090dc20e700000000000000000000000000000000000000000000000020000000e85575eae85575eae85575ead1f4655fe85575ea0000000000000000", 0xa0, 0x2000}, {&(0x7f0000011400)="ffa1000026000000d1f4655fd1f4655fd1f4655f00000000000001000000000000000000010000002f746d702f73797a2d696d61676567656e3731333231363534352f66696c65302f66696c65300000000000000000000000000000000000000000000009d0860300000000000000000000000000000000000000000000000020000000e85575eae85575eae85575ead1f4655fe85575ea0000000000000000", 0xa0, 0x2100}, {&(0x7f0000011500)="ed8100000a000000d1f4655fd1f4655fd1f4655f000000000000010000000000000000100100000073797a6b616c6c6572730000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000224d02d700000000000000000000000000000000000000000000000020000000e85575eae85575eae85575ead1f4655fe85575ea0000000000000000000002ea040700000000000000000000000000006461746106015400000000000600000000000000786174747231000006014c000000000006000000000000007861747472320000000000000000000078617474723200007861747472310000ed81000028230000d1f4655fd1f4655fd1f4655f00000000000002002000000000000800010000000af3010004000000000000000000000009000000600000000000000000000000000000000000000000000000000000000000000000000000000000004076a5e500000000000000000000000000000000000000000000000020000000e85575eae85575eae85575ead1f4655fe85575ea0000000000000000", 0x1a0, 0x2200}, {&(0x7f0000011700)="ed81000064000000d1f4655fd1f4655fd1f4655f000000000000010000000000000000100100000073797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616cf3954fe900000000000000000000000000000000000000000000000020000000e85575eae85575eae85575ead1f4655fe85575ea0000000000000000000002ea040734000000000028000000000000006461746100000000000000000000000000000000000000000000000000000000000000006c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273", 0x100, 0x2400}, {&(0x7f0000011800)="020000000c0001022e000000020000000c0002022e2e00000b00000014000a026c6f73742b666f756e6400000c0000001000050266696c65300000000f0000001000050166696c6531000000100000001000050166696c6532000000100000001000050166696c6533000000110000009403090166696c652e636f6c64000000", 0x80, 0x4000}, {&(0x7f0000011900)="0b0000000c0001022e000000020000000c0002022e2e000000000000e8030000", 0x20, 0x8000}, {&(0x7f0000011a00)="00000000000400"/32, 0x20, 0x8400}, {&(0x7f0000011b00)="00000000000400"/32, 0x20, 0x8800}, {&(0x7f0000011c00)="00000000000400"/32, 0x20, 0x8c00}, {&(0x7f0000011d00)="00000000000400"/32, 0x20, 0x9000}, {&(0x7f0000011e00)="00000000000400"/32, 0x20, 0x9400}, {&(0x7f0000011f00)="00000000000400"/32, 0x20, 0x9800}, {&(0x7f0000012000)="00000000000400"/32, 0x20, 0x9c00}, {&(0x7f0000012100)="00000000000400"/32, 0x20, 0xa000}, {&(0x7f0000012200)="00000000000400"/32, 0x20, 0xa400}, {&(0x7f0000012300)="00000000000400"/32, 0x20, 0xa800}, {&(0x7f0000012400)="504d4d00504d4dffd1f4655f00000000647679756b6f762d676c6170746f70320000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000006c6f6f7033310075782f746573742f73797a5f6d6f756e745f696d6167655f650500"/128, 0x80, 0x10000}, {&(0x7f0000012500)='syzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkal\x00\x00\x00\x00\x00\x00', 0x420, 0x14000}], 0x0, &(0x7f0000012a00)) [ 126.643815] loop7: detected capacity change from 0 to 1024 09:56:26 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x80000, 0x2e, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f000000000000000000000004000000000002000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d6f4655f000000000000000001000000000000000b0000000001000008000000d2420000120300000000000000000000000000000000000073797a6b616c6c6572000000000000002f746d702f73797a2d696d61676567656e31333638353234303200"/192, 0xc0, 0x400}, {&(0x7f0000010100)="0000000000000000000000008395006fb905454792d9f392427055b7010040000c00000000000000d6f4655f00"/64, 0x40, 0x4e0}, {&(0x7f0000010200)="00000000000000000000000000000000000000000000000000000000200020000100000000000000000000000000000000000000040000003700000000000000", 0x40, 0x540}, {&(0x7f0000010300)="030000000400"/32, 0x20, 0x640}, {&(0x7f0000010400)="03000000040000000500000016000f000300040000000000000000000f00698c", 0x20, 0x800}, {&(0x7f0000010500)="ff030000ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff0100ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff0000000000000000d6f4655fd6f4655fd6f4655f00"/2080, 0x820, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d6f4655fd7f4655fd7f4655f00000000000004002000000000000800050000000af301000400000000000000000000000100000010000000", 0x40, 0x1500}, {&(0x7f0000010f00)="2000000098a2e27a98a2e27a00000000d6f4655f00"/32, 0x20, 0x1580}, {&(0x7f0000011000)="8081000000180000d6f4655fd6f4655fd6f4655f00000000000001002000000010000800000000000af3020004000000000000000000000002000000300000000200000004000000320000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000d6f4655f00"/160, 0xa0, 0x1600}, {&(0x7f0000011100)="8081000000180000d6f4655fd6f4655fd6f4655f00000000000001002000000010000800000000000af3020004000000000000000000000002000000400000000200000004000000420000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000d6f4655f00"/160, 0xa0, 0x1700}, {&(0x7f0000011200)="c041000000300000d6f4655fd6f4655fd6f4655f00000000000002002000000000000800000000000af301000400000000000000000000000c00000020000000", 0x40, 0x1e00}, {&(0x7f0000011300)="20000000000000000000000000000000d6f4655f00"/32, 0x20, 0x1e80}, {&(0x7f0000011400)="ed41000000040000d7f4655fd7f4655fd7f4655f00000000000002002000000000000800030000000af3010004000000000000000000000001000000500000000000000000000000000000000000000000000000000000000000000000000000000000005bbc60cd0000000000000000000000000000000000000000000000002000000098a2e27a98a2e27a98a2e27ad7f4655f98a2e27a0000000000000000", 0xa0, 0x1f00}, {&(0x7f0000011500)="ed8100001a040000d7f4655fd7f4655fd7f4655f00000000000001002000000000000800010000000af301000400000000000000000000000200000060000000000000000000000000000000000000000000000000000000000000000000000000000000491c1dd40000000000000000000000000000000000000000000000002000000098a2e27a98a2e27a98a2e27ad7f4655f98a2e27a0000000000000000", 0xa0, 0x2000}, {&(0x7f0000011600)="ffa1000026000000d7f4655fd7f4655fd7f4655f00000000000001000000000000000000010000002f746d702f73797a2d696d61676567656e3133363835323430322f66696c65302f66696c6530000000000000000000000000000000000000000000008a6df6170000000000000000000000000000000000000000000000002000000098a2e27a98a2e27a98a2e27ad7f4655f98a2e27a0000000000000000", 0xa0, 0x2100}, {&(0x7f0000011700)="ed8100000a000000d7f4655fd7f4655fd7f4655f00000000000001002000000000000800010000000af301000400000000000000000000000100000070000000000000000000000000000000000000000000000000000000000000000000000000000000b53044900000000000000000000000000000000000000000000000002000000098a2e27a98a2e27a98a2e27ad7f4655f98a2e27a0000000000000000000002ea06015400000000000600000000000000786174747231000006014c0000000000060000000000000078617474723200000000000000000000000000000000000000000000000000000000000078617474723200007861747472310000ed81000028230000d7f4655fd7f4655fd7f4655f00000000000002002000000000000800010000000af30100040000000000000000000000090000008000000000000000000000000000000000000000000000000000000000000000000000000000000059a976290000000000000000000000000000000000000000000000002000000098a2e27a98a2e27a98a2e27ad7f4655f98a2e27a0000000000000000", 0x1a0, 0x2200}, {&(0x7f0000011900)="ed81000064000000d7f4655fd7f4655fd7f4655f00000000000001002000000000000800010000000af3010004000000000000000000000001000000900000000000000000000000000000000000000000000000000000000000000000000000000000002248c6120000000000000000000000000000000000000000000000002000000098a2e27a98a2e27a98a2e27ad7f4655f98a2e27a0000000000000000", 0xa0, 0x2400}, {&(0x7f0000011a00)="020000000c0001022e000000020000000c0002022e2e00000b00000014000a026c6f73742b666f756e6400000c0000001000050266696c65300000000f0000001000050166696c6531000000100000001000050166696c6532000000100000001000050166696c6533000000110000009403090166696c652e636f6c64000000", 0x80, 0x4000}, {&(0x7f0000011b00)="0b0000000c0001022e00000002000000f40302022e2e00"/32, 0x20, 0x8000}, {&(0x7f0000011c00)="00000000000400"/32, 0x20, 0x8400}, {&(0x7f0000011d00)="00000000000400"/32, 0x20, 0x8800}, {&(0x7f0000011e00)="00000000000400"/32, 0x20, 0x8c00}, {&(0x7f0000011f00)="00000000000400"/32, 0x20, 0x9000}, {&(0x7f0000012000)="00000000000400"/32, 0x20, 0x9400}, {&(0x7f0000012100)="00000000000400"/32, 0x20, 0x9800}, {&(0x7f0000012200)="00000000000400"/32, 0x20, 0x9c00}, {&(0x7f0000012300)="00000000000400"/32, 0x20, 0xa000}, {&(0x7f0000012400)="00000000000400"/32, 0x20, 0xa400}, {&(0x7f0000012500)="00000000000400"/32, 0x20, 0xa800}, {&(0x7f0000012600)="00000000000400"/32, 0x20, 0xac00}, {&(0x7f0000012700)="111fc0d901000000803a0900803a090000000000060000000000000005000000", 0x20, 0xc000}, {&(0x7f0000012800)="0200"/32, 0x20, 0xc400}, {&(0x7f0000012900)="0300"/32, 0x20, 0xc800}, {&(0x7f0000012a00)="0400"/32, 0x20, 0xcc00}, {&(0x7f0000012b00)="0500"/32, 0x20, 0xd000}, {&(0x7f0000012c00)="0000000000000000010000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000c00100"/96, 0x60, 0xd400}, {&(0x7f0000012d00)="2719c0d901000000803a0900803a090000000000060000000000000005000000", 0x20, 0x10000}, {&(0x7f0000012e00)="0200"/32, 0x20, 0x10400}, {&(0x7f0000012f00)="0300"/32, 0x20, 0x10800}, {&(0x7f0000013000)="0400"/32, 0x20, 0x10c00}, {&(0x7f0000013100)="0500"/32, 0x20, 0x11000}, {&(0x7f0000013200)="0000000000000000010000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000c00100"/96, 0x60, 0x11400}, {&(0x7f0000013300)="0c0000000c0001022e000000020000000c0002022e2e00000d0000001000050166696c65300000000e000000d803050766696c653100"/64, 0x40, 0x14000}, {&(0x7f0000013400)='syzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkal\x00\x00\x00\x00\x00\x00', 0x420, 0x18000}, {&(0x7f0000013900)='syzkallers\x00'/32, 0x20, 0x1c000}, {&(0x7f0000013a00)='syzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallers\x00'/128, 0x80, 0x24000}], 0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="00248e8482683c8d0c5cc8fae2a3b72af643d04bd6ad1ba13e9f309bd44b03732e42c9d9536fee1faf58f196b0ede69638"]) [ 126.725460] loop6: detected capacity change from 0 to 1024 [ 126.729900] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: none. [ 126.825440] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: writeback. 09:56:27 executing program 7: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000240)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000", 0x15}, {0x0}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000000)='./file0\x00') openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x11, 0xffffffffffffffff, 0xa015000) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x1, 0x40}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = fsopen(&(0x7f0000000040)='rpc_pipefs\x00', 0x0) syz_emit_ethernet(0x32, &(0x7f0000000040)={@local, @random="7700c24d06a7", @void, {@ipv4={0x800, @dccp={{0x5, 0x4, 0x0, 0x0, 0x24, 0x0, 0x0, 0x0, 0x21, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @multicast1=0xe000f000}, {{0x0, 0x0, 0x4, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, "b50bbe", 0x0, "1b2813"}}}}}}, 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x6, 0x0, 0x0, 0x0) fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0) [ 126.888877] EXT4-fs (loop7): unmounting filesystem. 09:56:27 executing program 6: r0 = syz_io_uring_setup(0x1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100)=0x0, &(0x7f0000000140)=0x0) syz_memcpy_off$IO_URING_METADATA_FLAGS(r1, 0x114, &(0x7f0000000180)=0x1, 0x0, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffff9c, &(0x7f0000000200)={0x42}, &(0x7f0000000240)='./file1\x00', 0x18, 0x0, 0x12345}, 0x0) io_uring_enter(r0, 0x1, 0x1, 0x1, 0x0, 0x0) syz_io_uring_setup(0x1f6b, &(0x7f0000000000)={0x0, 0xdebc, 0x0, 0x3, 0x213}, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000280), &(0x7f00000002c0)) r3 = syz_io_uring_complete(r1) close(r3) [ 126.936921] EXT4-fs (loop6): unmounting filesystem. [ 127.030709] audit: type=1400 audit(1664618187.185:7): avc: denied { open } for pid=3899 comm="syz-executor.0" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 [ 127.074982] FAT-fs (loop7): bogus number of reserved sectors [ 127.076047] FAT-fs (loop7): Can't find a valid FAT filesystem [ 127.120188] audit: type=1400 audit(1664618187.274:8): avc: denied { kernel } for pid=3900 comm="syz-executor.7" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 [ 127.144526] ------------[ cut here ]------------ [ 127.144559] [ 127.144564] ====================================================== [ 127.144570] WARNING: possible circular locking dependency detected [ 127.144577] 6.0.0-rc7-next-20220930 #1 Not tainted [ 127.144588] ------------------------------------------------------ [ 127.144594] syz-executor.7/3903 is trying to acquire lock: [ 127.144605] ffffffff853faab8 ((console_sem).lock){....}-{2:2}, at: down_trylock+0xe/0x70 [ 127.144669] [ 127.144669] but task is already holding lock: [ 127.144674] ffff88803f562820 (&ctx->lock){....}-{2:2}, at: __perf_event_task_sched_out+0x53b/0x18d0 [ 127.144721] [ 127.144721] which lock already depends on the new lock. [ 127.144721] [ 127.144726] [ 127.144726] the existing dependency chain (in reverse order) is: [ 127.144732] [ 127.144732] -> #3 (&ctx->lock){....}-{2:2}: [ 127.144756] _raw_spin_lock+0x2a/0x40 [ 127.144777] __perf_event_task_sched_out+0x53b/0x18d0 [ 127.144797] __schedule+0xedd/0x2470 [ 127.144822] schedule+0xda/0x1b0 [ 127.144846] exit_to_user_mode_prepare+0x114/0x1a0 [ 127.144868] syscall_exit_to_user_mode+0x19/0x40 [ 127.144891] do_syscall_64+0x48/0x90 [ 127.144921] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 127.144944] [ 127.144944] -> #2 (&rq->__lock){-.-.}-{2:2}: [ 127.144969] _raw_spin_lock_nested+0x30/0x40 [ 127.144988] raw_spin_rq_lock_nested+0x1e/0x30 [ 127.145011] task_fork_fair+0x63/0x4d0 [ 127.145041] sched_cgroup_fork+0x3d0/0x540 [ 127.145066] copy_process+0x4183/0x6e20 [ 127.145085] kernel_clone+0xe7/0x890 [ 127.145102] user_mode_thread+0xad/0xf0 [ 127.145121] rest_init+0x24/0x250 [ 127.145142] arch_call_rest_init+0xf/0x14 [ 127.145172] start_kernel+0x4c6/0x4eb [ 127.145200] secondary_startup_64_no_verify+0xe0/0xeb [ 127.145224] [ 127.145224] -> #1 (&p->pi_lock){-.-.}-{2:2}: [ 127.145249] _raw_spin_lock_irqsave+0x39/0x60 [ 127.145269] try_to_wake_up+0xab/0x1930 [ 127.145293] up+0x75/0xb0 [ 127.145318] __up_console_sem+0x6e/0x80 [ 127.145346] console_unlock+0x46a/0x590 [ 127.145375] con_install+0x14e/0x5d0 [ 127.145406] tty_init_dev.part.0+0xa0/0x5e0 [ 127.145427] tty_open+0xba3/0x1350 [ 127.145446] chrdev_open+0x268/0x6e0 [ 127.145467] do_dentry_open+0x6ca/0x12b0 [ 127.145488] path_openat+0x187f/0x27b0 [ 127.145506] do_filp_open+0x1b6/0x410 [ 127.145524] do_sys_openat2+0x171/0x4c0 [ 127.145548] __x64_sys_openat+0x13f/0x1f0 [ 127.145572] do_syscall_64+0x3b/0x90 [ 127.145603] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 127.145626] [ 127.145626] -> #0 ((console_sem).lock){....}-{2:2}: [ 127.145651] __lock_acquire+0x2a02/0x5e70 [ 127.145681] lock_acquire+0x1a2/0x530 [ 127.145710] _raw_spin_lock_irqsave+0x39/0x60 [ 127.145729] down_trylock+0xe/0x70 [ 127.145756] __down_trylock_console_sem+0x3b/0xd0 [ 127.145786] vprintk_emit+0x16b/0x560 [ 127.145815] vprintk+0x84/0xa0 [ 127.145844] _printk+0xba/0xf1 [ 127.145863] report_bug.cold+0x72/0xab [ 127.145893] handle_bug+0x3c/0x70 [ 127.145923] exc_invalid_op+0x14/0x50 [ 127.145953] asm_exc_invalid_op+0x16/0x20 [ 127.145975] group_sched_out.part.0+0x2c7/0x460 [ 127.146007] ctx_sched_out+0x8f1/0xc10 [ 127.146037] __perf_event_task_sched_out+0x6d0/0x18d0 [ 127.146057] __schedule+0xedd/0x2470 [ 127.146082] schedule+0xda/0x1b0 [ 127.146106] exit_to_user_mode_prepare+0x114/0x1a0 [ 127.146126] syscall_exit_to_user_mode+0x19/0x40 [ 127.146149] do_syscall_64+0x48/0x90 [ 127.146179] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 127.146202] [ 127.146202] other info that might help us debug this: [ 127.146202] [ 127.146207] Chain exists of: [ 127.146207] (console_sem).lock --> &rq->__lock --> &ctx->lock [ 127.146207] [ 127.146233] Possible unsafe locking scenario: [ 127.146233] [ 127.146238] CPU0 CPU1 [ 127.146242] ---- ---- [ 127.146246] lock(&ctx->lock); [ 127.146256] lock(&rq->__lock); [ 127.146267] lock(&ctx->lock); [ 127.146278] lock((console_sem).lock); [ 127.146289] [ 127.146289] *** DEADLOCK *** [ 127.146289] [ 127.146292] 2 locks held by syz-executor.7/3903: [ 127.146304] #0: ffff88806ce37e98 (&rq->__lock){-.-.}-{2:2}, at: __schedule+0x1cf/0x2470 [ 127.146358] #1: ffff88803f562820 (&ctx->lock){....}-{2:2}, at: __perf_event_task_sched_out+0x53b/0x18d0 [ 127.146406] [ 127.146406] stack backtrace: [ 127.146411] CPU: 0 PID: 3903 Comm: syz-executor.7 Not tainted 6.0.0-rc7-next-20220930 #1 [ 127.146433] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 127.146447] Call Trace: [ 127.146452] [ 127.146459] dump_stack_lvl+0x8b/0xb3 [ 127.146492] check_noncircular+0x263/0x2e0 [ 127.146523] ? format_decode+0x26c/0xb50 [ 127.146551] ? print_circular_bug+0x450/0x450 [ 127.146583] ? simple_strtoul+0x30/0x30 [ 127.146612] ? format_decode+0x26c/0xb50 [ 127.146644] ? alloc_chain_hlocks+0x1ec/0x5a0 [ 127.146677] __lock_acquire+0x2a02/0x5e70 [ 127.146717] ? lockdep_hardirqs_on_prepare+0x410/0x410 [ 127.146758] lock_acquire+0x1a2/0x530 [ 127.146789] ? down_trylock+0xe/0x70 [ 127.146820] ? lock_release+0x750/0x750 [ 127.146858] ? vprintk+0x84/0xa0 [ 127.146891] _raw_spin_lock_irqsave+0x39/0x60 [ 127.146912] ? down_trylock+0xe/0x70 [ 127.146941] down_trylock+0xe/0x70 [ 127.146970] ? vprintk+0x84/0xa0 [ 127.147001] __down_trylock_console_sem+0x3b/0xd0 [ 127.147033] vprintk_emit+0x16b/0x560 [ 127.147068] vprintk+0x84/0xa0 [ 127.147100] _printk+0xba/0xf1 [ 127.147121] ? record_print_text.cold+0x16/0x16 [ 127.147150] ? report_bug.cold+0x66/0xab [ 127.147183] ? group_sched_out.part.0+0x2c7/0x460 [ 127.147217] report_bug.cold+0x72/0xab [ 127.147252] handle_bug+0x3c/0x70 [ 127.147283] exc_invalid_op+0x14/0x50 [ 127.147317] asm_exc_invalid_op+0x16/0x20 [ 127.147340] RIP: 0010:group_sched_out.part.0+0x2c7/0x460 [ 127.147377] Code: 5e 41 5f e9 8b ae ef ff e8 86 ae ef ff 65 8b 1d 0b 18 ac 7e 31 ff 89 de e8 26 ab ef ff 85 db 0f 84 8a 00 00 00 e8 69 ae ef ff <0f> 0b e9 a5 fe ff ff e8 5d ae ef ff 48 8d 7d 10 48 b8 00 00 00 00 [ 127.147397] RSP: 0018:ffff88803fe77c48 EFLAGS: 00010006 [ 127.147414] RAX: 0000000040000002 RBX: 0000000000000000 RCX: 0000000000000000 [ 127.147427] RDX: ffff88803fdeb580 RSI: ffffffff81565dc7 RDI: 0000000000000005 [ 127.147441] RBP: ffff888008660000 R08: 0000000000000005 R09: 0000000000000001 [ 127.147455] R10: 0000000000000000 R11: ffffffff865b401b R12: ffff88803f562800 [ 127.147468] R13: ffff88806ce3d2c0 R14: ffffffff8547d000 R15: 0000000000000002 [ 127.147489] ? group_sched_out.part.0+0x2c7/0x460 [ 127.147525] ? group_sched_out.part.0+0x2c7/0x460 [ 127.147562] ctx_sched_out+0x8f1/0xc10 [ 127.147598] __perf_event_task_sched_out+0x6d0/0x18d0 [ 127.147624] ? lock_is_held_type+0xd7/0x130 [ 127.147650] ? __perf_cgroup_move+0x160/0x160 [ 127.147669] ? set_next_entity+0x304/0x550 [ 127.147701] ? update_curr+0x267/0x740 [ 127.147735] ? lock_is_held_type+0xd7/0x130 [ 127.147761] __schedule+0xedd/0x2470 [ 127.147793] ? io_schedule_timeout+0x150/0x150 [ 127.147823] ? rcu_read_lock_sched_held+0x3e/0x80 [ 127.147860] schedule+0xda/0x1b0 [ 127.147911] exit_to_user_mode_prepare+0x114/0x1a0 [ 127.147934] syscall_exit_to_user_mode+0x19/0x40 [ 127.147959] do_syscall_64+0x48/0x90 [ 127.147992] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 127.148016] RIP: 0033:0x7fd002fe5b19 [ 127.148031] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 127.148051] RSP: 002b:00007fd00055b218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 127.148071] RAX: 0000000000000001 RBX: 00007fd0030f8f68 RCX: 00007fd002fe5b19 [ 127.148084] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007fd0030f8f6c [ 127.148098] RBP: 00007fd0030f8f60 R08: 000000000000000e R09: 0000000000000000 [ 127.148111] R10: 0000000000000004 R11: 0000000000000246 R12: 00007fd0030f8f6c [ 127.148124] R13: 00007ffc9c3b27cf R14: 00007fd00055b300 R15: 0000000000022000 [ 127.148148] [ 127.251318] WARNING: CPU: 0 PID: 3903 at kernel/events/core.c:2309 group_sched_out.part.0+0x2c7/0x460 [ 127.252536] Modules linked in: [ 127.252968] CPU: 0 PID: 3903 Comm: syz-executor.7 Not tainted 6.0.0-rc7-next-20220930 #1 [ 127.254060] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 127.255569] RIP: 0010:group_sched_out.part.0+0x2c7/0x460 [ 127.256338] Code: 5e 41 5f e9 8b ae ef ff e8 86 ae ef ff 65 8b 1d 0b 18 ac 7e 31 ff 89 de e8 26 ab ef ff 85 db 0f 84 8a 00 00 00 e8 69 ae ef ff <0f> 0b e9 a5 fe ff ff e8 5d ae ef ff 48 8d 7d 10 48 b8 00 00 00 00 [ 127.258721] RSP: 0018:ffff88803fe77c48 EFLAGS: 00010006 [ 127.259424] RAX: 0000000040000002 RBX: 0000000000000000 RCX: 0000000000000000 [ 127.260359] RDX: ffff88803fdeb580 RSI: ffffffff81565dc7 RDI: 0000000000000005 [ 127.261281] RBP: ffff888008660000 R08: 0000000000000005 R09: 0000000000000001 [ 127.262193] R10: 0000000000000000 R11: ffffffff865b401b R12: ffff88803f562800 [ 127.263162] R13: ffff88806ce3d2c0 R14: ffffffff8547d000 R15: 0000000000000002 [ 127.264130] FS: 00007fd00055b700(0000) GS:ffff88806ce00000(0000) knlGS:0000000000000000 [ 127.265183] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 127.265944] CR2: 0000561cf0d644c8 CR3: 0000000015de8000 CR4: 0000000000350ef0 [ 127.266882] Call Trace: [ 127.267224] [ 127.267535] ctx_sched_out+0x8f1/0xc10 [ 127.268077] __perf_event_task_sched_out+0x6d0/0x18d0 [ 127.268764] ? lock_is_held_type+0xd7/0x130 [ 127.269344] ? __perf_cgroup_move+0x160/0x160 [ 127.269949] ? set_next_entity+0x304/0x550 [ 127.270521] ? update_curr+0x267/0x740 [ 127.271057] ? lock_is_held_type+0xd7/0x130 [ 127.271630] __schedule+0xedd/0x2470 [ 127.272153] ? io_schedule_timeout+0x150/0x150 [ 127.272766] ? rcu_read_lock_sched_held+0x3e/0x80 [ 127.273438] schedule+0xda/0x1b0 [ 127.273917] exit_to_user_mode_prepare+0x114/0x1a0 [ 127.274592] syscall_exit_to_user_mode+0x19/0x40 [ 127.275244] do_syscall_64+0x48/0x90 [ 127.275775] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 127.276504] RIP: 0033:0x7fd002fe5b19 [ 127.277019] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 127.279382] RSP: 002b:00007fd00055b218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 127.280418] RAX: 0000000000000001 RBX: 00007fd0030f8f68 RCX: 00007fd002fe5b19 [ 127.281359] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007fd0030f8f6c [ 127.282287] RBP: 00007fd0030f8f60 R08: 000000000000000e R09: 0000000000000000 [ 127.283211] R10: 0000000000000004 R11: 0000000000000246 R12: 00007fd0030f8f6c [ 127.284163] R13: 00007ffc9c3b27cf R14: 00007fd00055b300 R15: 0000000000022000 [ 127.285104] [ 127.285420] irq event stamp: 2892 [ 127.285879] hardirqs last enabled at (2891): [] exit_to_user_mode_prepare+0x109/0x1a0 [ 127.287131] hardirqs last disabled at (2892): [] __schedule+0x1225/0x2470 [ 127.288271] softirqs last enabled at (2754): [] __irq_exit_rcu+0x11b/0x180 [ 127.289421] softirqs last disabled at (2745): [] __irq_exit_rcu+0x11b/0x180 [ 127.290538] ---[ end trace 0000000000000000 ]--- [ 127.844709] FAT-fs (loop7): bogus number of reserved sectors [ 127.845209] FAT-fs (loop7): Can't find a valid FAT filesystem VM DIAGNOSIS: 09:56:27 Registers: info registers vcpu 0 RAX=0000000000000061 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff823bb0f1 RDI=ffffffff8765a9a0 RBP=ffffffff8765a960 RSP=ffff88803fe77690 R8 =0000000000000001 R9 =000000000000000a R10=0000000000000061 R11=0000000000000001 R12=0000000000000061 R13=ffffffff8765a960 R14=0000000000000010 R15=ffffffff823bb0e0 RIP=ffffffff823bb149 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 00007fd00055b700 00000000 00000000 GS =0000 ffff88806ce00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=0000561cf0d644c8 CR3=0000000015de8000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 YMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM01=0000000000000000 0000000000000000 ffffffffffffffff ffffffffffffffff YMM02=0000000000000000 0000000000000000 ffffffffffffffff ffffffffffffffff YMM03=0000000000000000 0000000000000000 ffffffffffffffff ffffffffffffffff YMM04=0000000000000000 0000000000000000 ffffffffffffffff ffffffffffffffff YMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM06=0000000000000000 0000000000000000 0000000000000000 000000524f525245 YMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM08=0000000000000000 0000000000000000 0000000000000000 00524f5252450040 YMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 RAX=0000000000000001 RBX=0000000000000001 RCX=ffffffff815ac8db RDX=dffffc0000000000 RSI=0000000000000001 RDI=0000000000000000 RBP=ffffffff848ccd80 RSP=ffff888019ff7800 R8 =0000000000000001 R9 =0000000000000000 R10=0000000000000001 R11=0000000000000001 R12=4000000000000002 R13=4000000000000000 R14=0000000000048e7c R15=0000000000000200 RIP=ffffffff814608e4 RFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 0000000000000000 00000000 00000000 GS =0000 ffff88806cf00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007fcfc6b586f4 CR3=0000000038e2e000 CR4=00350ee0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 YMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM01=0000000000000000 0000000000000000 ffffffffffffffff ffffffffffffffff YMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM04=0000000000000000 0000000000000000 0000000000000000 00000000000000ff YMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM06=0000000000000000 0000000000000000 0000000000000000 000000524f525245 YMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM08=0000000000000000 0000000000000000 0000000000000000 00524f5252450040 YMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000