Warning: Permanently added '[localhost]:46384' (ECDSA) to the list of known hosts. 2022/10/01 12:22:56 fuzzer started 2022/10/01 12:22:57 dialing manager at localhost:35095 syzkaller login: [ 40.529416] cgroup: Unknown subsys name 'net' [ 40.630531] cgroup: Unknown subsys name 'rlimit' 2022/10/01 12:23:12 syscalls: 2215 2022/10/01 12:23:12 code coverage: enabled 2022/10/01 12:23:12 comparison tracing: enabled 2022/10/01 12:23:12 extra coverage: enabled 2022/10/01 12:23:12 setuid sandbox: enabled 2022/10/01 12:23:12 namespace sandbox: enabled 2022/10/01 12:23:12 Android sandbox: enabled 2022/10/01 12:23:12 fault injection: enabled 2022/10/01 12:23:12 leak checking: enabled 2022/10/01 12:23:12 net packet injection: enabled 2022/10/01 12:23:12 net device setup: enabled 2022/10/01 12:23:12 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2022/10/01 12:23:12 devlink PCI setup: PCI device 0000:00:10.0 is not available 2022/10/01 12:23:12 USB emulation: enabled 2022/10/01 12:23:12 hci packet injection: enabled 2022/10/01 12:23:12 wifi device emulation: failed to parse kernel version (6.0.0-rc7-next-20220930) 2022/10/01 12:23:12 802.15.4 emulation: enabled 2022/10/01 12:23:12 fetching corpus: 50, signal 30468/32210 (executing program) 2022/10/01 12:23:12 fetching corpus: 100, signal 38968/42273 (executing program) 2022/10/01 12:23:12 fetching corpus: 150, signal 43302/48155 (executing program) 2022/10/01 12:23:13 fetching corpus: 200, signal 50599/56821 (executing program) 2022/10/01 12:23:13 fetching corpus: 250, signal 55566/63158 (executing program) 2022/10/01 12:23:13 fetching corpus: 300, signal 59116/68015 (executing program) 2022/10/01 12:23:13 fetching corpus: 350, signal 66217/76179 (executing program) 2022/10/01 12:23:13 fetching corpus: 400, signal 71835/82797 (executing program) 2022/10/01 12:23:13 fetching corpus: 450, signal 76123/88085 (executing program) 2022/10/01 12:23:13 fetching corpus: 500, signal 82406/95181 (executing program) 2022/10/01 12:23:13 fetching corpus: 550, signal 86788/100395 (executing program) 2022/10/01 12:23:13 fetching corpus: 600, signal 88557/103224 (executing program) 2022/10/01 12:23:13 fetching corpus: 650, signal 90714/106366 (executing program) 2022/10/01 12:23:14 fetching corpus: 700, signal 92394/109036 (executing program) 2022/10/01 12:23:14 fetching corpus: 750, signal 96218/113643 (executing program) 2022/10/01 12:23:14 fetching corpus: 800, signal 98605/116807 (executing program) 2022/10/01 12:23:14 fetching corpus: 850, signal 100465/119543 (executing program) 2022/10/01 12:23:14 fetching corpus: 900, signal 102517/122420 (executing program) 2022/10/01 12:23:14 fetching corpus: 950, signal 105308/125796 (executing program) 2022/10/01 12:23:14 fetching corpus: 1000, signal 106823/128044 (executing program) 2022/10/01 12:23:14 fetching corpus: 1050, signal 108638/130525 (executing program) 2022/10/01 12:23:14 fetching corpus: 1100, signal 110289/132851 (executing program) 2022/10/01 12:23:15 fetching corpus: 1150, signal 113622/136539 (executing program) 2022/10/01 12:23:15 fetching corpus: 1200, signal 114792/138478 (executing program) 2022/10/01 12:23:15 fetching corpus: 1250, signal 117364/141500 (executing program) 2022/10/01 12:23:15 fetching corpus: 1300, signal 119888/144449 (executing program) 2022/10/01 12:23:15 fetching corpus: 1350, signal 121744/146853 (executing program) 2022/10/01 12:23:15 fetching corpus: 1400, signal 123012/148720 (executing program) 2022/10/01 12:23:15 fetching corpus: 1450, signal 123837/150335 (executing program) 2022/10/01 12:23:15 fetching corpus: 1500, signal 125238/152318 (executing program) 2022/10/01 12:23:15 fetching corpus: 1550, signal 126632/154281 (executing program) 2022/10/01 12:23:16 fetching corpus: 1600, signal 128417/156432 (executing program) 2022/10/01 12:23:16 fetching corpus: 1650, signal 132418/160149 (executing program) 2022/10/01 12:23:16 fetching corpus: 1700, signal 133708/161905 (executing program) 2022/10/01 12:23:16 fetching corpus: 1750, signal 134957/163584 (executing program) 2022/10/01 12:23:16 fetching corpus: 1800, signal 136793/165685 (executing program) 2022/10/01 12:23:16 fetching corpus: 1850, signal 137632/167050 (executing program) 2022/10/01 12:23:16 fetching corpus: 1900, signal 139028/168817 (executing program) 2022/10/01 12:23:17 fetching corpus: 1950, signal 139836/170126 (executing program) 2022/10/01 12:23:17 fetching corpus: 2000, signal 140858/171625 (executing program) 2022/10/01 12:23:17 fetching corpus: 2050, signal 141787/173049 (executing program) 2022/10/01 12:23:17 fetching corpus: 2100, signal 142752/174444 (executing program) 2022/10/01 12:23:17 fetching corpus: 2150, signal 143859/176001 (executing program) 2022/10/01 12:23:17 fetching corpus: 2200, signal 144874/177390 (executing program) 2022/10/01 12:23:17 fetching corpus: 2250, signal 146084/178838 (executing program) 2022/10/01 12:23:17 fetching corpus: 2300, signal 147192/180229 (executing program) 2022/10/01 12:23:18 fetching corpus: 2350, signal 148288/181584 (executing program) 2022/10/01 12:23:18 fetching corpus: 2400, signal 149865/183260 (executing program) 2022/10/01 12:23:18 fetching corpus: 2450, signal 151169/184689 (executing program) 2022/10/01 12:23:18 fetching corpus: 2500, signal 152226/185983 (executing program) 2022/10/01 12:23:18 fetching corpus: 2550, signal 153779/187480 (executing program) 2022/10/01 12:23:18 fetching corpus: 2600, signal 154677/188691 (executing program) 2022/10/01 12:23:18 fetching corpus: 2650, signal 156143/190133 (executing program) 2022/10/01 12:23:18 fetching corpus: 2700, signal 157509/191533 (executing program) 2022/10/01 12:23:18 fetching corpus: 2750, signal 158713/192769 (executing program) 2022/10/01 12:23:19 fetching corpus: 2800, signal 160215/194142 (executing program) 2022/10/01 12:23:19 fetching corpus: 2850, signal 161265/195299 (executing program) 2022/10/01 12:23:19 fetching corpus: 2900, signal 162009/196244 (executing program) 2022/10/01 12:23:19 fetching corpus: 2950, signal 163105/197310 (executing program) 2022/10/01 12:23:19 fetching corpus: 3000, signal 164477/198532 (executing program) 2022/10/01 12:23:19 fetching corpus: 3050, signal 166087/199866 (executing program) 2022/10/01 12:23:19 fetching corpus: 3100, signal 166645/200698 (executing program) 2022/10/01 12:23:19 fetching corpus: 3150, signal 167482/201645 (executing program) 2022/10/01 12:23:20 fetching corpus: 3200, signal 168670/202791 (executing program) 2022/10/01 12:23:20 fetching corpus: 3250, signal 169822/203829 (executing program) 2022/10/01 12:23:20 fetching corpus: 3300, signal 170761/204764 (executing program) 2022/10/01 12:23:20 fetching corpus: 3350, signal 172014/205805 (executing program) 2022/10/01 12:23:20 fetching corpus: 3400, signal 172859/206645 (executing program) 2022/10/01 12:23:20 fetching corpus: 3450, signal 173396/207391 (executing program) 2022/10/01 12:23:20 fetching corpus: 3500, signal 174460/208261 (executing program) 2022/10/01 12:23:20 fetching corpus: 3550, signal 175196/209060 (executing program) 2022/10/01 12:23:21 fetching corpus: 3600, signal 176085/209841 (executing program) 2022/10/01 12:23:21 fetching corpus: 3650, signal 176579/210488 (executing program) 2022/10/01 12:23:21 fetching corpus: 3700, signal 177543/211312 (executing program) 2022/10/01 12:23:21 fetching corpus: 3750, signal 178323/212020 (executing program) 2022/10/01 12:23:21 fetching corpus: 3800, signal 179083/212689 (executing program) 2022/10/01 12:23:21 fetching corpus: 3850, signal 180299/213569 (executing program) 2022/10/01 12:23:21 fetching corpus: 3900, signal 181845/214445 (executing program) 2022/10/01 12:23:22 fetching corpus: 3950, signal 182485/215070 (executing program) 2022/10/01 12:23:22 fetching corpus: 4000, signal 183192/215713 (executing program) 2022/10/01 12:23:22 fetching corpus: 4050, signal 183733/216259 (executing program) 2022/10/01 12:23:22 fetching corpus: 4100, signal 184347/216801 (executing program) 2022/10/01 12:23:22 fetching corpus: 4150, signal 184842/217327 (executing program) 2022/10/01 12:23:22 fetching corpus: 4200, signal 185906/218101 (executing program) 2022/10/01 12:23:22 fetching corpus: 4250, signal 186623/218666 (executing program) 2022/10/01 12:23:22 fetching corpus: 4300, signal 187639/219296 (executing program) 2022/10/01 12:23:22 fetching corpus: 4350, signal 188123/219818 (executing program) 2022/10/01 12:23:22 fetching corpus: 4400, signal 188681/220304 (executing program) 2022/10/01 12:23:23 fetching corpus: 4450, signal 189307/220790 (executing program) 2022/10/01 12:23:23 fetching corpus: 4500, signal 189997/221348 (executing program) 2022/10/01 12:23:23 fetching corpus: 4550, signal 190675/221819 (executing program) 2022/10/01 12:23:23 fetching corpus: 4600, signal 191332/222288 (executing program) 2022/10/01 12:23:23 fetching corpus: 4650, signal 191927/222729 (executing program) 2022/10/01 12:23:23 fetching corpus: 4700, signal 192772/223250 (executing program) 2022/10/01 12:23:23 fetching corpus: 4750, signal 193259/223661 (executing program) 2022/10/01 12:23:23 fetching corpus: 4800, signal 193799/224050 (executing program) 2022/10/01 12:23:23 fetching corpus: 4850, signal 194406/224449 (executing program) 2022/10/01 12:23:23 fetching corpus: 4870, signal 194679/224795 (executing program) 2022/10/01 12:23:23 fetching corpus: 4870, signal 194679/225148 (executing program) 2022/10/01 12:23:24 fetching corpus: 4870, signal 194679/225438 (executing program) 2022/10/01 12:23:24 fetching corpus: 4870, signal 194679/225737 (executing program) 2022/10/01 12:23:24 fetching corpus: 4870, signal 194679/226036 (executing program) 2022/10/01 12:23:24 fetching corpus: 4870, signal 194679/226341 (executing program) 2022/10/01 12:23:24 fetching corpus: 4870, signal 194679/226651 (executing program) 2022/10/01 12:23:24 fetching corpus: 4870, signal 194679/226981 (executing program) 2022/10/01 12:23:24 fetching corpus: 4870, signal 194679/227281 (executing program) 2022/10/01 12:23:24 fetching corpus: 4870, signal 194679/227581 (executing program) 2022/10/01 12:23:24 fetching corpus: 4870, signal 194679/227917 (executing program) 2022/10/01 12:23:24 fetching corpus: 4870, signal 194679/228238 (executing program) 2022/10/01 12:23:24 fetching corpus: 4870, signal 194679/228556 (executing program) 2022/10/01 12:23:24 fetching corpus: 4870, signal 194679/228842 (executing program) 2022/10/01 12:23:24 fetching corpus: 4870, signal 194679/229153 (executing program) 2022/10/01 12:23:24 fetching corpus: 4870, signal 194679/229411 (executing program) 2022/10/01 12:23:24 fetching corpus: 4870, signal 194679/229411 (executing program) 2022/10/01 12:23:27 starting 8 fuzzer processes 12:23:27 executing program 0: ioctl$AUTOFS_DEV_IOCTL_READY(0xffffffffffffffff, 0xc0189376, &(0x7f0000000000)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x40}}, './file0\x00'}) ioctl$FITHAW(r0, 0xc0045878) pipe2(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}, 0x800) ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(r0, 0xc0189378, &(0x7f0000000080)={{0x1, 0x1, 0x18, r0, {r2}}, './file0\x00'}) r4 = openat$tcp_mem(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/sys/net/ipv4/tcp_wmem\x00', 0x1, 0x0) ioctl$FS_IOC_READ_VERITY_METADATA(r4, 0xc0286687, &(0x7f0000000200)={0x1, 0xff, 0xfc, &(0x7f0000000100)=""/252}) openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x101202, 0x0) pwritev(r2, &(0x7f0000000480)=[{&(0x7f0000000280)="d63daa0de8edb6bce683e784e9333b75de0110e211a2b6c0e9c35d80149b834350f2a719e24438df11a1f67fc027770d543a97cfd61064e4f12fa137ca67cc04a36aac243ca3a782088d01a555afeef8391fef4e250aab240ab5fbfd63eabcd0f5615d824a063a7751bebedc3bd88ae3ea7d516e53f8852408d8907785c0f4ab3f0a6749ddc6f767a34dcc711caa897d8e2482955ef97a61c87ea68af7ff1bd03b167f0eacf0ab0b72f1", 0xaa}, {&(0x7f0000000340)="a23ad4197c8aced8604a0d9cbda10fcf52a74899057f99254f984ae720e4c11026a52b9c1b1178a449ea3ba1720b605a3465af7609597d9c3bc6ea7c5dbca372beec4072ccb8c6e689a8dcb69ce8dc11beaad0d239f806f58635da46fad8dd790d21dd9fe6ed76e5a1c4697f14de31a65f6487ffe1440841ca97cbdd595ef39a0070fe81e2c5dba8272f641a54195e296e391809bb1e77bdca58377c121664eb004a0af9ce26", 0xa6}, {&(0x7f0000000400)="0a780eb92e5979cda6f0daf2418ee2c82887bb2fb6c26a31cad80d212e57443c8f6fff06916d9f03d9fc32942e958366cb6f5febd6d5ecbb2f522c65a1525b749349a0003be02d1208438adb95690f", 0x4f}], 0x3, 0x9, 0xf03) r5 = openat$binderfs_ctrl(0xffffffffffffff9c, &(0x7f00000004c0)='./binderfs/binder-control\x00', 0x802, 0x0) fchmod(r5, 0x48) ioctl$BTRFS_IOC_SYNC(r1, 0x9408, 0x0) r6 = syz_open_dev$vcsa(&(0x7f0000000500), 0x8, 0x200) r7 = accept4(r2, 0x0, &(0x7f0000000540), 0x80000) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r1, 0x81f8943c, &(0x7f0000000580)={0x0, ""/256, 0x0, 0x0, 0x0}) ioctl$BTRFS_IOC_SNAP_DESTROY_V2(r6, 0x5000943f, &(0x7f0000000800)={{r7}, r8, 0x18, @inherit={0x58, &(0x7f0000000780)={0x1, 0x2, 0x1, 0x0, {0x14, 0xffffffff, 0xff, 0x2, 0xc6d}, [0xd59e, 0x3800000000000000]}}, @subvolid=0xfffffffffffffffa}) recvmsg$unix(r2, &(0x7f0000001d80)={&(0x7f0000001800), 0x6e, &(0x7f0000001c80)=[{&(0x7f0000001880)=""/16, 0x10}, {&(0x7f00000018c0)=""/28, 0x1c}, {&(0x7f0000001900)=""/246, 0xf6}, {&(0x7f0000001a00)=""/149, 0x95}, {&(0x7f0000001ac0)=""/46, 0x2e}, {&(0x7f0000001b00)=""/99, 0x63}, {&(0x7f0000001b80)=""/231, 0xe7}], 0x7, &(0x7f0000001d00)=[@rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0x78}, 0x40000060) ioctl$AUTOFS_DEV_IOCTL_VERSION(r3, 0xc0189371, &(0x7f0000001dc0)={{0x1, 0x1, 0x18, r3}, './file0\x00'}) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000001e00)={0xffffffffffffffff}) ioctl$AUTOFS_DEV_IOCTL_EXPIRE(r9, 0xc018937c, &(0x7f0000001e40)={{0x1, 0x1, 0x18, r10}, '.\x00'}) close(0xffffffffffffffff) 12:23:27 executing program 1: ioctl$sock_inet_SIOCDARP(0xffffffffffffffff, 0x8953, &(0x7f0000000000)={{0x2, 0x4e22, @multicast2}, {0x306, @local}, 0x20, {0x2, 0x4, @local}, 'vlan1\x00'}) r0 = openat2$dir(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)={0x240000, 0x1, 0x5}, 0x18) ioctl$BTRFS_IOC_RM_DEV_V2(0xffffffffffffffff, 0x5000943a, &(0x7f0000000180)={{r0}, 0x0, 0x12, @inherit={0x60, &(0x7f0000000100)={0x0, 0x3, 0x3, 0x8f26, {0x0, 0x1, 0xe9, 0x800, 0x8}, [0x4, 0x25806425, 0x7]}}, @devid}) r1 = signalfd(r0, &(0x7f0000001180)={[0x1]}, 0x8) ioctl$BTRFS_IOC_START_SYNC(r0, 0x80089418, &(0x7f00000011c0)=0x0) ioctl$BTRFS_IOC_SNAP_DESTROY_V2(r1, 0x5000943f, &(0x7f0000001200)={{r0}, r2, 0x18, @unused=[0x3ff, 0x7, 0x2, 0x100], @name="0ac8a98792d7e2b15b5a5fb6114acbdf227c708a1c8c272dd4f8f83430decc15e245b1687627438ff3704210eeade62c899f20efc6659650797a33dcf6a5388681c49a1bd31b5e23cbf0f6d0b2a656a5dd1e69a168abc5b0de4d83105fcc92d9a7fc48df7b40dfb9acb31c78e130b3eb5919c67c55802fd0f2730882c6a30f65d648f218a15acebf8bc69142c3763a6a2e3118768cbab3d3d8f1297927238b96a20e3a93e6d156793dec3d83dcb998f263c4814ac1cae9c8b8b7edf759e9002d4b2ba55ef102f07af5f6a6957900cb01db76a9e9b0a936ab13bff749b7cab57e25de2c89ab5e46a1fe7609ae67eb009b85b3d681a7e91a28da20a84e8a06c3e9ef7a9ecfcb5213451e35d70b42731730088ee6f924e36ebc415351e1121a824016f42840e5c888ec7295bf48d14f5cf425b0fb7e5c50b225164c8b5fc4d7cda77a6688eb7f8ef365afd92956036e57f64af86a1e136e0591c91792e2114647cdd89b856ac83422aca641ca1c656006335641e886d4dc7c4c84cff81472e42f16b32bea7b1d77eba9f1cc418e3f7d7b7c4f47c4fae54b6c34184eb29b1e99fb5c357c5652543df23f46121880fbe1d0528ca3ea88ca3b8c0aa9370a7e532b56714b5b66494e64fea87a2552cbfb720f31e7c29f3338bbda447c2ddc737b25501f49562af341cd5d9fe92694050d53b59e607f3ca88acec76a2b4ec193210e346041125634840f3616858d0b4e033501363a18d644daa8cdca5fd2110c1c1a388ced5e1f3a7a21fbdf536059f93b4a48d746abd04ad646b813fab80c69b1064db0bb38066557dad1d6ce5ef03371501bb28988dad1edc4cec23c7c7de606d94c61bff480fcf5f62060eb29cda32ddd266a4a4826a2f6ef62f6a59f75fafa3276e87907a95ead176c70bcc7e0e7c15811b9b6d41bb1e1b3c7642324a837337704fd41e9629816446e38240f1f6541743ed87a9e1dbffe19edd08cc922774d8eba784fd48265c8aaf438bdc6b0ebae0716b08a12d8bbca7d34f11b83a7196e0ad7e67adada418e077a660b0d709fe9b6907e5061ccb6aef5a03591139fbb2898e958ac9a132279e047045768d29e4cba009724c25d17fe6ed8eece7385643803634d61df77c846ca22c3c005688a0de81c13029648cfe3b1cc0f9f4aaa10c4f0c96eb572357ca91ce8b78a03677454b1a2d26491baae4f7102abf777ac7b3a343a0b2c2857a5230009edf81487bf5a1d0954efa5eea5e064b262b43c0ae0beb01d3d5e72890b6b7fdbd48b64e7464a57269c99758606af5f3c82bc4726a5be8f008c203ebf9a40d419763e4c7baca58a6e4ff5ab0876071bd5384fb6f130ac894217730009e6f320c6931257e588d853c210ba375b574245f67908b6da22d0de1ecadb758df633b52725bd5d11e796e986272d3ed4c08cfa3b92b4bea88e39e412c5faa7b320f3a034e647a9939b9cf9eb75fb9722dd5e06ebf13c61e626c9a32c4cf38a0cac7bfd175214203e81d648354b0f0112af83210f9ef19c79e3b05d0765692c8a899c4050b535334fb764798f29eef11abf4a708713064b9788828912e3e5bac53fbe8588883902c6afb03c6b7423036c324df1ca68c00920a4da92a9f7b30ee068c6db4405c20d36452a078763e92fbd5f512492d68c98cd984d9708e1d4a0dadde081360be1ac7b98f5da418a14fa0fad5e0e9755f2bb338285f2eb2d4376a8fd6c277cc1611d591e0ed2f38c609aa2ffd655166b338751e0ba4f3c3b186396086eaeb5b340e99e9c7ae297d49ef6276ea9fa1a4a4a6695445e9ae6c7108fd6ea04fb335fa1d423ea0377bd8d641866b13ae071c1b06a21e02a56723a4a7dfceb88533fa8b7ed4d952de053b65ecc46d62ab0ef32d6bc39ad8bad2eaf25e942a1b7fd871aac623b639941dc58c735e2387f3d76e1c9d5ef78504dd13cc4011494a09275de7cd8eae343832036a643d2c4ae967457fbbf66feb31489cc549bcbb3fd70b58a6e28942e8cf6a5ac8efbdec41992eae34f6c1efa36f4753dd61eac667b3adb1ddaf30c224af06a6c728f4e2a4fe32d2e838d27b5cc30e66eb26ca032ad68fc8f697a7b8d9f8f46dad3311b88621e8930fd6cfd18ce2c1052ffe9a50e7fb229a2cf1ace9b37e0ebd6b19e694568ab3172fa678e5c2c7b6eb7125e916743c2715897c5133acecdeadc731806de05da3383169304cf73458f308d6dfe59d20174831896f2fa34ec672c72a5d53f307fcc475f920f1d734baa2f2cecc2798c51d5ad90e7a3d09612d45bedfaaacf9cf2903cd854f17447ab07d6ff7a56d6d8b324be8b5c718b723bc3ccd3e7df739a8b83b24062ffb3876fcf14c1b2ef4ec1c5e988783a403d46e85f98ce674a4fd40c0ea726e80c458b935b0fd918847b04694820179f238274c61d642ff0def6d7024de168717c8fab5cd4502738cf0cafd86b6630493dd8f237a409721f9eed2478d1bd998a1e551f4986f9e9b39ae164a6244b3d34b2281f5690f981bc48f7321288b63a9db31c333fc1c0768b7c49c69eb7131e75ff83376d0582b2210bf076db186314ca47992dbafb2d531c167205819b95a070b113a267d2efca306dd5aee86ca70b6a77ac4971287f9009ad43eee6320d30fd2f8aff0a1f4826545b6b74a79c1f14252c026b7ddae5ebc4e5afcacf523210fc3ef4ec05396bef662c91b64a74d428ac3d9be2e4760d4ad0d267c6da343b9f8df72c93da262ee008891afeb1f8bf45b2e7cceb759785821008014c5c26ba09624ba58668ec2245bb5103b87b4b11f6061774cf4503e26543857e894ce1c9ba5255c012cb937a93fafc7da3233067269747f1ed7b04f9a53ed29b5eda0240e62eb8ab4cc5f514f4c878b3744f8a73b85b2fe81c959366172d22c4310e2f62aa47bffe0c9eac334fc4b5cc2cf3cd3aa0462bccb31ddcb8ee5254b958736a82de8f57e7297395ce5f6ea578918eb299019e88803fb2b9d1d9703eec87d88a3cc2d906af8c3447d91ef94e15ef20582d74bf5a5b066dc231a7b7bb9e2ee50033e52760fbcf555a4dfef1a2eb89fe5368c515cbb23a7c35c6d9eebffe922bcd8c6b1ba771874a11e9b31f1003e6932193cdaeab6b773e09531aa282166bd35e88a6e8827edebfd0857f2ddfa5f4dd98ff0ffad793518e3feb9d9c922ab7dc39d66e679289af9212d7c944b7200a0dfe212cb906dc2fe2e0552d8348be438caca8a266d58ed94c14d261ef8da7a76c812928f273443fa7d4ce2d79437c1dbc70a112dcdea3af3af9c257f624f9c77ff098d326d66a5ae0eed46b1fd165a4985afd83de1f1e0458274ed88c4079312a30040dfde57730af6d7f82f950091fb5daf0cdb3c6a7d6d0ac3b8d226771fe0f8ec5d976f639ef4ef4bd659a4315b4a63377a3744391c90bf07452b3a73279474915fe2dc18db5ca83ad6a1564a86d2493f4d977286d190c6c00f746c36ee7ffd3d8f7e3c8f0e3b0caa1f26163fee919a15290fc39aa7596862fa7750df6be07f373add3eaeefcb8a5bc4a64dcaa74460fa9fb4eefc4988bf92e52ca2d49742cb16183ab03746e26a05da89cac7dfa3e489dae24e59ab65510c05db79d466f3b4bf15a8a33c00371d196e369f1da03ce278b8c7498faac2bca198a7e7dfcf868ce66a82a50ade9b31c5e06dc74ae46a948aaea28e7e936ee5b82ce689d7488d4008195cbcf0c990952cc8dab289e53346b1632c5a8313c26c46147faadc559a929934bfd9ce33c6936c469b0e799802e72380c987402d89b8144821b666f0981e0d4bece41f6afa5c4dec6a76c00a5e4c927a55615ea004a99e31c0f8ef6361fbd959261f76820d2de457036334a46723c95b2fd9255242b89e89a4177531e41461611eb583f1838c72ee762133cdbbf3bd99b0dceba435606a3aeec4f65a8c8afd5bec6002940ce51d31d12c9c07441b91c7d2b1d8bbf7f10547db89f93111cd2164c598f5dd8c0a82a62dfcd091acec4f2d9dc08117fd4f750c3c30ee6b79cce37856407ea88ec1768b61da835d8313f3cce3ab30040fc8ae5a3bdfd7fbb45ca7564f10416cb164388061626e000357ca2e86a59a959addcb3bc1a52d00bd55e9409a50ae7d911f5f2db8b77ca82c94b3c6f2aa04c1d362b8dba8daaae1870c6455fe303cee2c670ed6354800a08647f64b2ddec454fd7f49d6b06209e2bd5e8d6258acd459a6dc91bdc6d19adab110f8b495909cd38cc0d6c68d8a7315ad437150ca83781a319e9ef82dd572cf951b8e98b547d214b09ad1ae18f948d8324d439065c9a8384c70470b91394bc8a3cbc884ce7341936adce4819e080b1c0471ab000451b013b892002b5e1b689acb26f6212850405f35ff050a070d68c100e4171c5c4cb05c9259041b5a06e832cc745c9857428a075821a6933e4661c618a93c3e8d1af2227e15a32824f3bf7bd04e379994a8bbb6cdbd6a13fa45c961b4c26d72c1b2b5c1b2a44c01daef5569e3260ea08a1a0b713a42b807059876f335030f466c0d78aff3994316a2f3cf057611ab06e46cc39bd3d493e5500c809df08e5152f82ea864fa1a4814894a573d296ec1a9ccdbc0a6c5ecf111689327357d5a55b88e63c46366f90771d4f72275fcc0d44ae80aa0f1d255d6b0ae84d61adda2677b8cc4b2cc710e874c14d903a714c4c79901b469bce1eaa20804709cbdb48d14fea434f54ec15f23f7f4c2bc723fcddccad929a3f2cc571bb442d34d5cbf2c9814e6ac51d3dbb8dd7b3b3adb14b4ce7dd7f937e0e5ccfc93f2d0505164bdc9c0490869e696ec756377bfda4da5e1aa710ee065c6ea13736d7ea21e24c14901a2fd228a7637b150639810dad7764df3e00b3352cab30127b08832b94acf36c6ae54f0f8c29a32a0de19d198e5fa0738dfe2e1ac018868a1f38ee67aef83622d77fa2735c974f01c64f547ce0c93e5cabcd80882c44342b55619c9b64b048302af5c0a7b5961b6251ab9c8e54b43ca211158529335a7c62fd4a05c7fe8b9825126c27b14f8dd58d13c1bf8af356c52d3fd954a5129b04bbad537ae1ebbb0f5a2371045e61e109983a878e99f4b5ddebd31ba8f3118820fa815a18267e859c5b12ea74e4133e5915b4f3999b592d2784dc54d6cb8c1026ead66e67484130d62086ee391a1703d660408252c2c190520864e9ebc4a0d5163c106f18fcae652278caa7560a0798f8c23aecb8a1ab8fff83f22db5d72d9bc26b65a6aa579abe85a65104c57e3af6d0c15331a8f1afc1743936ef5a77af02acbe9340c50336efe9343675d0de3ce8fae0bca188295f6cfc199b70c92d2ec97326a206f3b112fc156533d7e8abe5486e78eb720f91f103e3a91b3297605ec83a46e2c20423fd87056d9778d55db332941193677941b855edb2d680b2f4ea0ccb1ecb68c28893d35eab426e5c3f2b613da83df5e72055be52fc74c03ec068ce40d9a95011c00d4b8a82465c02e53948f7b1719ea98a4ede52a99fc06a1ff33163b681bfdce7fc06084dfb952022f753200e5e97bcf782b37d2299160980b6e5218181c0c95c8e9dd824574f2d3b198cea097c8fbc43c4d16100457739f04a335d697e7e19ec767682c90440987af56b564f43185a5709e50a6c83d197438d97c599018136ae08fb9e113dc676f9e11ec902f60f3e6ade950a9044257c2d4ddd1f30b8a7c36a7673fc17486e997190aade79602413a02877dc5365e7"}) setxattr$trusted_overlay_redirect(&(0x7f0000002200)='./file0\x00', 0xffffffffffffffff, &(0x7f0000002240)='./file0\x00', 0x8, 0x3) setxattr$security_evm(&(0x7f0000002280)='./file0\x00', &(0x7f00000022c0), &(0x7f0000002300)=@v1={0x2, "82cf2839ee78"}, 0x7, 0x0) recvmsg$unix(r1, &(0x7f00000025c0)={0x0, 0x0, &(0x7f0000002580)=[{&(0x7f0000002340)=""/120, 0x78}, {&(0x7f00000023c0)=""/137, 0x89}, {&(0x7f0000002480)=""/141, 0x8d}, {&(0x7f0000002540)}], 0x4}, 0x2040) r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$int_out(r3, 0x5462, &(0x7f0000002600)) mknodat(r1, &(0x7f0000002640)='./file0\x00', 0x2, 0x29) openat$dir(0xffffffffffffff9c, &(0x7f0000002680)='./file1\x00', 0x129f40, 0x180) r4 = openat(r1, &(0x7f00000026c0)='./file0\x00', 0x0, 0x40) sendmsg$AUDIT_MAKE_EQUIV(r4, &(0x7f00000027c0)={&(0x7f0000002700)={0x10, 0x0, 0x0, 0x2010}, 0xc, &(0x7f0000002780)={&(0x7f0000002740)={0x28, 0x3f7, 0x100, 0x70bd28, 0x25dfdbfd, {0x7, 0x7, './file1', './file1'}, [""]}, 0x28}, 0x1, 0x0, 0x0, 0x4840}, 0x40000) ioctl$sock_SIOCSIFVLAN_GET_VLAN_INGRESS_PRIORITY_CMD(r4, 0x8983, &(0x7f0000002800)) r5 = syz_io_uring_complete(0x0) r6 = syz_io_uring_setup(0x64a1, &(0x7f0000002840)={0x0, 0x1c52, 0x556057ff2fbd7446, 0x0, 0x9d, 0x0, r4}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f00000028c0), &(0x7f0000002900)) ioctl$AUTOFS_DEV_IOCTL_VERSION(r5, 0xc0189371, &(0x7f0000002940)={{0x1, 0x1, 0x18, r6}, './file0\x00'}) fcntl$addseals(0xffffffffffffffff, 0x409, 0x8) 12:23:27 executing program 2: syz_emit_vhci(&(0x7f0000000000)=@HCI_VENDOR_PKT, 0x2) syz_emit_vhci(&(0x7f0000000040)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2) syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_conn_complete={{0x3, 0xb}, {0x7, 0xc9, @none, 0x1, 0x40}}}, 0xe) syz_emit_vhci(&(0x7f00000000c0)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2) syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x3, 0x0, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_le_credits={{0x16, 0x6, 0x4}, {0xd13e, 0x7}}}}, 0x11) syz_emit_vhci(&(0x7f0000000140)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x1, 0x1, 0xa}, @l2cap_cid_le_signaling={{0x6}, @l2cap_ecred_reconf_rsp={{0x1a, 0x8, 0x2}, {0x8}}}}, 0xf) syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_remote_ext_features={{0x23, 0xd}, {0xc6, 0xc8, 0x3a, 0x2d, "42ffc0d7219f3f52"}}}, 0x10) syz_emit_vhci(&(0x7f00000001c0)=@HCI_EVENT_PKT={0x4, @hci_ev_io_capa_reply={{0x32, 0x9}, {@none, 0x80, 0x21, 0x6}}}, 0xc) syz_emit_vhci(&(0x7f0000000200)=@HCI_EVENT_PKT={0x4, @hci_ev_conn_complete={{0x3, 0xb}, {0x5, 0xc9, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x2, 0xf7}}}, 0xe) syz_emit_vhci(&(0x7f0000000240)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2) syz_emit_vhci(0xfffffffffffffffc, 0x0) syz_emit_vhci(&(0x7f0000000280)=@HCI_EVENT_PKT={0x4, @extended_inquiry_info={{0x2f, 0xff}, {0x1, [{@none, 0xff, 0xec, "064341", 0x401, 0x7, "b8306e225c397d8007d48c73a517a2f006f1c1c3bf05907f45643eee5859e66caf15c044fd9f5f5e27dad7f66b351881ff71b4de457b406f825a7f54f87725cec16b91177876a4c5dc709600e18a230d7591027459707308db032989724ec2340e52353e40da82c28cf7256ecfe3342b87ff86f156e9843de1bd65c53a24e005a3fad40e6045149d6044b2801ee1b017307e5c372ec56be2ef01ec4fd3f7c00047fa387805d158d012cca92b3005c4b4c59bdca1f62dca7b75bab6c1640f015374817a02922c6a3a4e09d7207a7b754c333b72dff7a16a64b21b248dbb6e0d64b487076c0d132a2ea6cd0c4b55c3b4bf"}]}}}, 0x102) syz_emit_vhci(&(0x7f00000003c0)=@HCI_VENDOR_PKT={0xff, 0x40}, 0x2) syz_emit_vhci(&(0x7f0000000400)=@HCI_VENDOR_PKT, 0x2) syz_emit_vhci(&(0x7f0000000440)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x9c}, "e8653386791f4e47499bd481bae9f69965a589aa190cba8fa5efacfc6f1c31d8f197147740411b749018af61d0bf6ed86d37b0301ece056732aeaae4eeadc52a0289216af5f14e75ca9142282bd5a4c93d7cbce6bbb4a28ed7005840d03f13f49df104f4f1dd08bde813817075816dd8a4f040b4e7781e33060da5a9d0866a8317a3fa38fb5174da5e35d4de3e6b18707217b5e381ab86345a4cd0f4"}, 0xa0) syz_emit_vhci(&(0x7f0000000500)=@HCI_EVENT_PKT={0x4, @hci_ev_stack_internal={{0xfd, 0xd1}, {0x7, "cf320c4ac5d7bfe460217da07c0ace1f305a5e341c3413f076517c62450a84e005386038edc32fbbe32631fea84079b6c4726bb757caad6372f3452cfbc19dd530f0b070ce847bd9fef642e9048c7c1370eeb815aaa57b2043fedffeffc3abc4cc473ef8072772eeeaea1f6a5bd0311362494f18ea4bf92e85f66876a9e6c8d5891e932db46b39e32119095c4adb6065d7c9d9c920577982065cf7b02cf0251247497b058d48be9d05b5d4963e81ae21bd9827cabfa932aa303ce2945ed7c1a564519605e8bf16a451e2f64bea60a1"}}}, 0xd4) syz_emit_vhci(&(0x7f0000000600)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x45}, "ce0f255936e6e9d2114b89e51852e1e9d7101b2007bdbd05f1d7ac78a41bdcaf7054a1d8f1f73d88a8b4bd43fdf95789097478498e22a7040d72e6cc8764b609cff160d4a7"}, 0x49) syz_emit_vhci(&(0x7f0000000680)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x1, 0x1, 0xa}, @l2cap_cid_le_signaling={{0x6}, @l2cap_cmd_rej_unk={{0x1, 0x20, 0x2}, {0x2d33}}}}, 0xf) syz_emit_vhci(&(0x7f00000006c0)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x3, 0x1, 0x16}, @l2cap_cid_le_signaling={{0x12}, @l2cap_ecred_reconf_req={{0x19, 0x5, 0xe}, {0x1, 0x8, [0x8, 0x4, 0x2, 0x36, 0x200]}}}}, 0x1b) syz_emit_vhci(&(0x7f0000000700)=@HCI_SCODATA_PKT={0x3, {0xc9, 0xfe}, "155312b2d7830e9a50ddf62ba757e31207f06c6ecd11097834322ae9ad8fd22ae2bb398f88ee8db18d54b5f4dd7bab675a856ae85a0f5dcff56b596da885a99fcc10d5c58dad6a92514b54fe937504f1ef95e9f76d8b2b7b1683e1b14782a13e75c97c7f4043273b4e1c81bc2f7793de7de472f87a1111553388963400d74e48e5192c2c3a5c8d9485148900f48d8311edf47b0e68692696e08f188fe35c4df43c5af910a5474cc6c5d4b3c75a183fc398e8f935c39c94bf89deeae877e4b8a394e6841928945945a5535fcc954f769a39af7a47205141cad8ca1af3bb598883f869ffcaa3537cd782724e46001af31691875367a7f985333d659f06c72f"}, 0x102) 12:23:27 executing program 4: ioctl$CDROMREADRAW(0xffffffffffffffff, 0x5314, &(0x7f0000000000)={0x8, 0x81, 0xd9, 0x9, 0x40}) ioctl$F2FS_IOC_GET_FEATURES(0xffffffffffffffff, 0x8004f50c, &(0x7f0000000a80)) ioctl$CDROMREADRAW(0xffffffffffffffff, 0x5314, &(0x7f0000000ac0)={0x3f, 0x0, 0x4, 0x1f, 0x2, 0x8}) ioctl$CDROM_LOCKDOOR(0xffffffffffffffff, 0x5329, 0x1) r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000001540), 0x20000, 0x0) ioctl$CDROMREADRAW(r0, 0x5314, &(0x7f0000001580)={0x70, 0x2, 0x40, 0x5, 0x5, 0x9}) openat$cdrom(0xffffffffffffff9c, &(0x7f0000002000), 0x100, 0x0) ioctl$CDROMREADRAW(r0, 0x5314, &(0x7f0000002040)={0x1, 0x7f, 0x4, 0x81, 0xb3, 0x92}) r1 = openat2(r0, &(0x7f0000002ac0)='./file0\x00', &(0x7f0000002b00)={0x0, 0x7, 0x8}, 0x18) ioctl$DVD_READ_STRUCT(r1, 0x5390, &(0x7f0000002b40)=@disckey={0x2, 0x0, "4e4b56b593a9c278f95494d545b13cb36555107ac8fd44028fa1d441a5b55469b0066e469b59819eaa378735b32eea2a7df5926c02e5beaf87361c2ba98ea678d6e040c89abd00c67dca2a6238e447eadaccdd34625f6e50773a220b5610ee7523c2b787fc586d451c7a948d43abe0c77d3c8b5708addce9db87d6f2e6d1a683c20aea840c67151a47a3264601b99aaa83649ef7797a0761eaa0ef52f8d60866cd32294d6fe3e27fbf59f7e1abd5a8cf4d950d1500704e8401991161e3c14b1d0cc9ef686b943988b5b759912966d113018c0bd79f1e30d2f8737e3d61d491e88f9fe9e1af04c43cf43375d5c235f4665cc54f790a59221497fc0a07428f760cfb92fdbaf1958f2637a6331b916cab925d6bc6158ea11eb29d42c3c370fa435c6683d783b850362077647382f0f5071783fe137dc9abeaa103225c5801b7836f3993f7e791332e6b0e8637c81e1f3e7c959377b58414c4de46e1b152a2b9079d90f4f749c00eb90081cdbbc1d5cedc428fcb7d0bf164ec838169ab042b46c888bc260a91c8171c3ed20f979db1074253a1296ab8ca5691e9eadd8db189141ecfd6e6d53a64886af8cfc713c70a8481dd0f6cb7c42546f9380438aa24ab8f16d88299ceb212114702f2d599f7c715115aff4b1be18dc2dc99af778329d3730e4e8c8b3310c9786813cfd3e9fd63521fd1aa98a19da6fadd666a82b59a44ab8789b56471271088e538a94aadcd962d1bbb2f9f0555179b158c9614afa581356904490a2c80c4e187bcfc8bb2f9875bc8fd22da4a762bacccd801ada71f738deca5fe58397c7af236a1ca91fb3a16b34da0750a72643f511374f5812e06312bd28cc7eb480b5e478dbd33dab6f704df6c6df2a16ec046041049a2560f61762a378d48fe121864730397bb099e5f321670467e4e920c7787c6a475ee3a412b587f1933e1f20575ca1d0eb3143fc695d1fff89bb31a389ad3d8e133f2d369d7f9f9a59fc7f3b41d928c16b299c6eed08c5694150ef0d75feefb228ac9c77fc96d98d464e9cf2748a3dd243cd6be85e36e1e92b22b82ad8bd1d952b4be25e1d36bb9ec03d3e51080897a9cc061646170ed7ad41ec37972975e0de7d2bbac908ee14b27841e0870e95024ca44f0a5d90c53486a9055e1cb9ff5b4802f7ac914ce1944589c0cbbf97befe8c00c7783695467f4496b4ed143d69d07ce9ed5983dca8dc0483373c563f9cf774b1b299cc072dcbd2ff88e00d6ad7cfa2a00f79d27f1473cd2f0ca2427107d2588ad16d8ff577d41ba8b5b7cdcc44f1406b91762a017b585aad976362340a6f3d52bacb7586169d414acab9677193aa863ef6567e2809d6e8fed92fddb4653d459afefb3a837b43b89711dd3e41809160d7f5d9df135981513ba1f9fb9ee7c2dcd31226678870bc139fdcfa2997ed98cc701ca87479a013df4788765e735f5caa919c8862f655549c958bb980b577ac17fd56b8610f186c6fd6eed758b83de6100bc6bb373a6a03c4a739fff9532c6e9d441c819784d1aa1d4f5c465ab430709845319772c67edeaeef03da962f359565243c211c814dcf1aaaddd75e2ccbcd5b1184ba22e6be548efe838c8dcff0f5c0e5fcace1ef5dce0073a240ec5b83439f6b6b3f12583ba455fad3a4150d3dc56273654354c8c44234012c5d8f6cefbf1df98b45278546456fbb44bda7674541ae95659b3e88333f69c00f5b6f5bea6f8dc3da55d6bc1ed0a61305c5244e0579c76afbe512ad26e428488833637571ca1d2171ebdcf08a5de93624c2c1640b521a2bc6b6492d00625f51bf0d418649be740dc41911d1999fad8a893c0ffba0ed6fe9bec315e295ffae8914b6fb59ee39074189b5a569d471adb0b5fc5d57a7f01ebc983eb7ce13e74a03343c7483810ea26aaff4efde66bac53ff7871f07d1d59be4279fb4b9821daedc2d64e29ec6df517b3a82381b68fb0106d274f0d41d9a4a86cc5dc3110b60dcc0ef0a9b22d23d9a0fe04a4da713d46715c1bf0adba6cb569717fc7bf3ec713e16b6834bd40bb9d629eb9bd8ab4818d8f8ee408af93d6c98fb430f21c0514ac896e79afd446ec9f3612f31925c54163ef2a00cc6371b9d1f8d3dacd4fb3fec0fb2b558363c106df498c88bda8a81429cde0045ffb866c225aea79bfd4858d4fb80999706cbd348a4c4f73c3c5fca51bd1a0b167ee520dffd7a6442311ba8728e76ba56f06528f6785ed4e94681365e96b06643088bfb5f10fd2b68d8feeb25bd5faab18b352a74c320e2ffc7388a2787270d6dd4621c5d7ecf13247e8fe245f25db655fa7e547c67386c9a961a1e2ea32a95ae2a5a4aeedca8239b914087c8c1ffee2b2d3eca2d960141f3882d14c00806c0d86dc7817f81b69187df1f512123c35c1c734b4c3f00882e8ac2fad28b6031e15cb2816960ee124b082d266a52b3b6c04c7d46c6987e2db575f5e014e0395c23756aee3a2fafe00e0110f02a6489d1439c68498abaf87acc500500af85d6d366da55640172d159ec1d54aedcb543c93b9fb2ef6774bba0f3cf21338db890403e30fe5c1d71de1a6025c47f8f2411cc757a726954be93c7d03b0e5ffc5e85943bee94f5def0517433e7967d755e972ef3c9c88a46187092e8f859534cd45bd2126c25968744a089e72c2cd7aad98936244ee41e10905b42e824f6081f9fc07b99b651ab5bc46625fb727d2c19bca7c7e1810808934220566dc90565c2357977fc3b82d52ed8ea3e4009c1ac145ed34c43356bfec633da21bb715645ca16612b4a7b244510e8133817e344550871678da6d3fb7960baec2894831386116b69862bc1108ae1012f4a7b7886f140f1a11856ce984d2bc43f903a5bb824c4917a5b904e780f04d14200674843e181ddac9"}) r2 = openat$cdrom(0xffffffffffffff9c, &(0x7f0000003380), 0x8000, 0x0) ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(r1, 0xc018937e, &(0x7f00000033c0)={{0x1, 0x1, 0x18, r2, @out_args}, './file0\x00'}) ioctl$CDROM_SET_OPTIONS(r3, 0x5320, 0x6) lsetxattr$security_ima(&(0x7f0000003400)='./file1\x00', &(0x7f0000003440), &(0x7f0000003480)=@v1={0x2, "93bb18df6644bd174a5364e4bfc014"}, 0x10, 0x1) ioctl$FS_IOC_FIEMAP(r1, 0xc020660b, &(0x7f00000034c0)={0x4, 0x1000000000, 0x0, 0x101, 0x3, [{0x1926bbf, 0x3, 0x4305, '\x00', 0x3106}, {0x7, 0x3, 0x6, '\x00', 0x1100}, {0xbbf, 0x2, 0xb4d6, '\x00', 0x2}]}) fcntl$getflags(r3, 0x408) openat$cdrom(0xffffffffffffff9c, &(0x7f00000035c0), 0x10a62, 0x0) flock(r3, 0x8) ioctl$CDROM_SET_OPTIONS(0xffffffffffffffff, 0x5320, 0x18) write$binfmt_elf64(r0, &(0x7f0000003600)={{0x7f, 0x45, 0x4c, 0x46, 0x7f, 0x0, 0x9, 0x3f, 0x8000, 0x3, 0x6, 0xff, 0x19, 0x40, 0x60, 0x3ff, 0x200, 0x38, 0x2, 0x6b72, 0x7, 0x689d}, [{0x4, 0xe1ee, 0x1c7, 0x7fffffff, 0x80, 0x4, 0x0, 0xfff}], "7f1ea7bf0f95adedd155cd1aa2f8e25b818a797db124c3210d85c480dedd2e0354d37ae1bf24fda171f1b738d8e43e9b1788883d0d8c99b95d0c85b5773442e2eb392b5526b0fafb9faa4a54ba75ca34c5d96df46327e5f352fc713af419c58aaac614d8153ef8f4b97c47fb661f59294d2be348e6ad898fc8e58f1983f9f01ee60b7f499ae0ba746a603d0094185934583bc462b3cc681c74df77b1fa8c6308a1d8aff4640756b37a360b0362ad3b303f3c4f23339fff175047b35e52ed0082eda2416dce076c28814ca4073ceabc48b464dba826c4fa338c9220cfd94c05", ['\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00']}, 0xb57) 12:23:27 executing program 3: r0 = fsmount(0xffffffffffffffff, 0x0, 0x1) sendmsg$IPCTNL_MSG_EXP_DELETE(r0, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000100)={&(0x7f0000000040)={0xa4, 0x2, 0x2, 0x201, 0x0, 0x0, {0x0, 0x0, 0xa}, [@CTA_EXPECT_HELP_NAME={0x9, 0x6, 'snmp\x00'}, @CTA_EXPECT_MASTER={0x68, 0x1, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x2f}}, @CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x4}, @CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @remote}, {0x14, 0x4, @mcast2}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x3a}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x6}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x84}}]}, @CTA_EXPECT_ZONE={0x6, 0x7, 0x1, 0x0, 0x2}, @CTA_EXPECT_FN={0x13, 0xb, 'callforwarding\x00'}]}, 0xa4}, 0x1, 0x0, 0x0, 0x48000}, 0x1) sendmsg$IPCTNL_MSG_EXP_GET(r0, &(0x7f0000000340)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000300)={&(0x7f00000001c0)={0x118, 0x1, 0x2, 0x101, 0x0, 0x0, {0x2, 0x0, 0x8}, [@CTA_EXPECT_HELP_NAME={0x9, 0x6, 'syz1\x00'}, @CTA_EXPECT_TUPLE={0xe4, 0x2, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x2e}}, @CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @dev={0xac, 0x14, 0x14, 0x1f}}, {0x8, 0x2, @broadcast}}}, @CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @mcast1}, {0x14, 0x4, @loopback}}}, @CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x2}, @CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @local}, {0x8, 0x2, @rand_addr=0x64010101}}}, @CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @private2={0xfc, 0x2, '\x00', 0x1}}, {0x14, 0x4, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x1}}, @CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @empty}, {0x14, 0x4, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}}}}, @CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @rand_addr=0x64010102}, {0x8, 0x2, @empty}}}]}, @CTA_EXPECT_HELP_NAME={0xb, 0x6, 'amanda\x00'}, @CTA_EXPECT_TIMEOUT={0x8, 0x4, 0x1, 0x0, 0x7}]}, 0x118}, 0x1, 0x0, 0x0, 0x40}, 0xc001) r1 = accept4(0xffffffffffffffff, &(0x7f0000000380)=@hci, &(0x7f0000000400)=0x80, 0x80400) sendmsg$IPSET_CMD_CREATE(r1, &(0x7f0000000500)={&(0x7f0000000440)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f00000004c0)={&(0x7f0000000480)={0x30, 0x2, 0x6, 0x201, 0x0, 0x0, {0x3, 0x0, 0x6}, [@IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_TYPENAME={0xc, 0x3, 'hash:ip\x00'}]}, 0x30}, 0x1, 0x0, 0x0, 0xd0}, 0x20000000) sendmsg$TIPC_NL_NODE_GET(0xffffffffffffffff, &(0x7f0000000700)={&(0x7f0000000540)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f00000006c0)={&(0x7f0000000580)={0x11c, 0x0, 0x200, 0x70bd2a, 0x25dfdbfc, {}, [@TIPC_NLA_BEARER={0xf8, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_UDP_OPTS={0x44, 0x4, {{0x20, 0x1, @in6={0xa, 0x4e21, 0xbba, @empty, 0x7ff}}, {0x20, 0x2, @in6={0xa, 0x4e22, 0x8, @private2={0xfc, 0x2, '\x00', 0x1}, 0x1}}}}, @TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x3}, @TIPC_NLA_BEARER_PROP={0x44, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0xfff}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0xda19}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x1}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x80000000}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x1}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1d}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xb}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x8}]}, @TIPC_NLA_BEARER_PROP={0x1c, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x8001}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x400}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x7}]}, @TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x2a}, @TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x200}, @TIPC_NLA_BEARER_UDP_OPTS={0x38, 0x4, {{0x14, 0x1, @in={0x2, 0x4e22, @local}}, {0x20, 0x2, @in6={0xa, 0x4e23, 0x6, @private2, 0x8}}}}]}, @TIPC_NLA_SOCK={0x10, 0x2, 0x0, 0x1, [@TIPC_NLA_SOCK_CON={0xc, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_FLAG={0x8, 0x1, 0x4}]}]}]}, 0x11c}, 0x1, 0x0, 0x0, 0x82}, 0x2000c844) r2 = dup(r1) ioctl$sock_proto_private(r2, 0x89ee, &(0x7f0000000740)="ba6fe4b477c1be3f94d98a35dd1214de40ec105cf48c385d6a4a278961a4a562d202e84ff1a6ef91131f7005a07349dafbca4a6be156ad9c8a4bd91ec7a8901cd6ab539f7797d3d971e00e8df66aee4bc02cc7b149a2eec625f6e5a3423a7d3bf9d757e04dbc3f3da9edcb8df47506") ioctl$CDROMSTOP(r2, 0x5307) r3 = openat$thread_pidfd(0xffffffffffffff9c, &(0x7f00000007c0), 0x0, 0x0) ioctl$FIGETBSZ(r3, 0x2, &(0x7f0000000800)) sendmsg$NL80211_CMD_TDLS_OPER(r0, &(0x7f0000000980)={&(0x7f0000000840)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000940)={&(0x7f0000000880)={0x84, 0x0, 0x100, 0x70bd2c, 0x25dfdbfc, {{}, {@void, @val={0xc, 0x99, {0x8, 0x1e}}}}, [@NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_MAC={0xa, 0x6, @broadcast}, @NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_MAC={0xa, 0x6, @broadcast}, @NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_TDLS_OPERATION={0x5}, @NL80211_ATTR_TDLS_OPERATION={0x5, 0x8a, 0x4}]}, 0x84}, 0x1, 0x0, 0x0, 0x840}, 0x8000) r4 = pidfd_getfd(r3, r1, 0x0) sendmsg$DEVLINK_CMD_TRAP_GROUP_SET(r4, &(0x7f0000000b80)={&(0x7f00000009c0)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000b40)={&(0x7f0000000a00)={0x120, 0x0, 0x400, 0x70bd2c, 0x25dfdbfc, {}, [{@pci={{0x8}, {0x11}}, {0xd}, {0x5, 0x83, 0x1}}, {@pci={{0x8}, {0x11}}, {0xd}, {0x5, 0x83, 0x1}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0xd}, {0x5}}, {@pci={{0x8}, {0x11}}, {0xd}, {0x5, 0x83, 0x1}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0xd}, {0x5}}]}, 0x120}, 0x1, 0x0, 0x0, 0x48011}, 0x0) ioctl$VFAT_IOCTL_READDIR_BOTH(r4, 0x82307201, &(0x7f0000000bc0)=[{0x0, 0x0, 0x100}, {0x0, 0x0, 0x100}]) r5 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000e00)=@IORING_OP_ASYNC_CANCEL={0xe, 0x2, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, {0x0, r5}}, 0x7) r6 = syz_open_dev$vcsu(&(0x7f0000000e40), 0x7, 0x10000) sendmsg$NFULNL_MSG_CONFIG(r6, &(0x7f0000000f40)={&(0x7f0000000e80)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000f00)={&(0x7f0000000ec0)={0x3c, 0x1, 0x4, 0x201, 0x0, 0x0, {0xd, 0x0, 0x1}, [@NFULA_CFG_TIMEOUT={0x8, 0x4, 0x1, 0x0, 0x3}, @NFULA_CFG_TIMEOUT={0x8, 0x4, 0x1, 0x0, 0x5}, @NFULA_CFG_TIMEOUT={0x8, 0x4, 0x1, 0x0, 0x6}, @NFULA_CFG_QTHRESH={0x8}, @NFULA_CFG_CMD={0x5, 0x1, 0x1}]}, 0x3c}, 0x1, 0x0, 0x0, 0x4000001}, 0x20060800) sendmsg$NL80211_CMD_START_NAN(r2, &(0x7f0000001080)={&(0x7f0000000f80)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000001040)={&(0x7f0000001000)={0x38, 0x0, 0x2, 0x70bd27, 0x25dfdbfb, {{}, {@void, @val={0xc, 0x99, {0x2, 0x6}}}}, [@NL80211_ATTR_BANDS={0x8, 0xef, 0x2}, @NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x8c}, @NL80211_ATTR_BANDS={0x8, 0xef, 0x1}]}, 0x38}, 0x1, 0x0, 0x0, 0x15}, 0x11) [ 70.259786] audit: type=1400 audit(1664627007.083:6): avc: denied { execmem } for pid=282 comm="syz-executor.0" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1 12:23:27 executing program 5: r0 = syz_open_procfs(0x0, &(0x7f0000000000)='net/udp\x00') sendmsg$NL80211_CMD_JOIN_IBSS(r0, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x2c, 0x0, 0x0, 0x70bd2c, 0x25dfdbff, {{}, {@val={0x8}, @val={0xc, 0x99, {0x5, 0x4c}}}}, [@NL80211_ATTR_CONTROL_PORT={0x4}]}, 0x2c}, 0x1, 0x0, 0x0, 0x8000}, 0x20000000) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_MGMT_C_LISTALL(r1, &(0x7f0000000200)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000180)={0x38, 0x0, 0x4, 0x70bd2a, 0x25dfdbfe, {}, [@NLBL_MGMT_A_IPV6MASK={0x14, 0x6, @local}, @NLBL_MGMT_A_FAMILY={0x6, 0xb, 0x2c}, @NLBL_MGMT_A_CV4DOI={0x8, 0x4, 0x3}]}, 0x38}, 0x1, 0x0, 0x0, 0x404c004}, 0x4048000) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000240), r2) sendmsg$NL80211_CMD_CHANGE_NAN_CONFIG(r0, &(0x7f0000000380)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000340)={&(0x7f00000002c0)={0x48, 0x0, 0x1, 0x70bd25, 0x25dfdbfb, {{}, {@val={0x8}, @val={0xc, 0x99, {0x5776, 0x16}}}}, [@NL80211_ATTR_BANDS={0x8, 0xef, 0x4}, @NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x3c}, @NL80211_ATTR_BANDS={0x8}, @NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x5c}]}, 0x48}}, 0x80) sendmsg$NLBL_UNLABEL_C_STATICREMOVE(r1, &(0x7f0000000540)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000500)={&(0x7f0000000400)={0xcc, r3, 0x10, 0x70bd2d, 0x25dfdbfc, {}, [@NLBL_UNLABEL_A_IPV4MASK={0x8, 0x5, @multicast1}, @NLBL_UNLABEL_A_IPV4ADDR={0x8, 0x4, @initdev={0xac, 0x1e, 0x0, 0x0}}, @NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'bridge_slave_1\x00'}, @NLBL_UNLABEL_A_IPV6MASK={0x14, 0x3, @mcast2}, @NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'ip6gre0\x00'}, @NLBL_UNLABEL_A_IPV6MASK={0x14, 0x3, @remote}, @NLBL_UNLABEL_A_IPV4MASK={0x8, 0x5, @empty}, @NLBL_UNLABEL_A_SECCTX={0x2a, 0x7, 'u:object_r:app_data_file:s0:c512,c768\x00'}, @NLBL_UNLABEL_A_ACPTFLG={0x5, 0x1, 0x1}, @NLBL_UNLABEL_A_SECCTX={0x1b, 0x7, '/usr/sbin/cups-browsed\x00'}]}, 0xcc}, 0x1, 0x0, 0x0, 0x80}, 0x4) r4 = syz_genetlink_get_family_id$batadv(&(0x7f00000005c0), r0) sendmsg$BATADV_CMD_GET_VLAN(r0, &(0x7f0000000680)={&(0x7f0000000580), 0xc, &(0x7f0000000640)={&(0x7f0000000600)={0x3c, r4, 0x200, 0x70bd25, 0x25dfdbfc, {}, [@BATADV_ATTR_HOP_PENALTY={0x5, 0x35, 0x20}, @BATADV_ATTR_FRAGMENTATION_ENABLED={0x5}, @BATADV_ATTR_GW_BANDWIDTH_DOWN={0x8, 0x31, 0x8000}, @BATADV_ATTR_VLANID={0x6, 0x28, 0x3}, @BATADV_ATTR_AGGREGATED_OGMS_ENABLED={0x5, 0x29, 0x1}]}, 0x3c}}, 0x4000000) r5 = creat(&(0x7f00000006c0)='./file0\x00', 0xe0) r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000740), r0) sendmsg$NL80211_CMD_NEW_INTERFACE(r5, &(0x7f0000000880)={&(0x7f0000000700)={0x10, 0x0, 0x0, 0x44000}, 0xc, &(0x7f0000000840)={&(0x7f0000000780)={0x88, r6, 0x20, 0x70bd25, 0x25dfdbfc, {{}, {@val={0x8, 0x1, 0x2b}, @val={0x8}, @val={0xc, 0x99, {0x5}}}}, [@NL80211_ATTR_SOCKET_OWNER={0x4}, @mon_options=[@NL80211_ATTR_MU_MIMO_GROUP_DATA={0x1c, 0xe7, "5d6f2a534edcf6266c14155ca5a7d4b57090e4d235a5a7af"}, @NL80211_ATTR_MNTR_FLAGS={0x2c, 0x17, 0x0, 0x1, [@NL80211_MNTR_FLAG_PLCPFAIL={0x4}, @NL80211_MNTR_FLAG_FCSFAIL={0x4}, @NL80211_MNTR_FLAG_ACTIVE={0x4}, @NL80211_MNTR_FLAG_CONTROL={0x4}, @NL80211_MNTR_FLAG_COOK_FRAMES={0x4}, @NL80211_MNTR_FLAG_COOK_FRAMES={0x4}, @NL80211_MNTR_FLAG_OTHER_BSS={0x4}, @NL80211_MNTR_FLAG_COOK_FRAMES={0x4}, @NL80211_MNTR_FLAG_ACTIVE={0x4}, @NL80211_MNTR_FLAG_FCSFAIL={0x4}]}], @NL80211_ATTR_SOCKET_OWNER={0x4}, @NL80211_ATTR_IFTYPE={0x8, 0x5, 0x4}]}, 0x88}, 0x1, 0x0, 0x0, 0x24008044}, 0x20004800) r7 = open(&(0x7f0000000980)='./file0\x00', 0x200300, 0x1c0) r8 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000a00), r0) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000a40)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_CHANGE_NAN_CONFIG(r7, &(0x7f0000000b40)={&(0x7f00000009c0)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000b00)={&(0x7f0000000a80)={0x44, r8, 0x100, 0x70bd28, 0x25dfdbff, {{}, {@val={0x8, 0x3, r9}, @void}}, [@NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x81}, @NL80211_ATTR_NAN_MASTER_PREF={0x5}, @NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x7}, @NL80211_ATTR_NAN_MASTER_PREF={0x5}, @NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x6}]}, 0x44}, 0x1, 0x0, 0x0, 0x81}, 0x840) pwritev(r5, &(0x7f0000000bc0)=[{&(0x7f0000000b80)="651a0e0f2f42dd89aab4d9f01c968e9e0a66", 0x12}], 0x1, 0xb19, 0x9) r10 = syz_open_dev$mouse(&(0x7f0000000c00), 0x9, 0x240b80) sendmsg$ETHTOOL_MSG_LINKINFO_GET(r10, &(0x7f0000001000)={&(0x7f0000000c40)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000fc0)={&(0x7f0000000dc0)={0x1ec, 0x0, 0x40, 0x70bd2a, 0x25dfdbfc, {}, [@HEADER={0x3c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'wlan0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'ipvlan0\x00'}]}, @HEADER={0x14, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}, @HEADER={0x20, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'syzkaller0\x00'}]}, @HEADER={0x4}, @HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}, @HEADER={0x34, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'geneve0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_to_bridge\x00'}]}, @HEADER={0x40, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x4}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'vxcan1\x00'}]}, @HEADER={0x90, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_to_hsr\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'ip6tnl0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_to_hsr\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_virt_wifi\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'rose0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}, @HEADER={0x34, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'vxcan1\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'xfrm0\x00'}]}, @HEADER={0x20, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'team_slave_1\x00'}]}]}, 0x1ec}, 0x1, 0x0, 0x0, 0x40084}, 0x41) 12:23:27 executing program 6: fsetxattr$trusted_overlay_redirect(0xffffffffffffffff, &(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x8, 0x4) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000280)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0xee00, 0xee01}}, './file1\x00'}) r2 = syz_mount_image$msdos(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x5, 0x2, &(0x7f0000000240)=[{&(0x7f0000000100)="3995f1f2d5ececcc2e706cc540b4ed92efb595f637b6c157bbe2ca168e6d4bf60822e90992dd2d1de37e903cb8469983131f6759ac285c5e98a65b16bbdf48734b3dd92be6758a47e4a05bfd2155308c1940304a15459fdb05ba21525f20148e89a9a1e2d59c36acd84c56b091b85fc01efad8438d92095c964181ef441ccbd83d201a3669b08300d78b30aeb73f", 0x8e, 0x3}, {&(0x7f00000001c0)="fabd0e9a77af863fdfc1d4f07f01c77ed85ee1b2f4be8068afa4464f6fd30e748bf8889c4f07266fd7ba5c440a3a925d749478a6a58ecc8be02673917eeeca69b70931b56c16b15738b488a6fda1b258c3366b9eaf19ce724198cb95c288daa76b9d4d696642", 0x66, 0x100}], 0x5c00, &(0x7f00000002c0)={[{@fat=@discard}, {@nodots}, {@dots}, {@dots}, {@dots}, {@fat=@errors_continue}], [{@fsuuid={'fsuuid', 0x3d, {[0x35, 0x61, 0x34, 0x36, 0x30, 0x66, 0x36, 0x63], 0x2d, [0x64, 0x65, 0x37, 0x33], 0x2d, [0x31, 0x33, 0x31, 0x64], 0x2d, [0x34, 0x37, 0x62, 0x31], 0x2d, [0x39, 0x32, 0x5a, 0x0, 0x35, 0x39, 0x33, 0x36]}}}, {@fscontext={'fscontext', 0x3d, 'unconfined_u'}}, {@euid_gt={'euid>', 0xffffffffffffffff}}, {@smackfstransmute={'smackfstransmute', 0x3d, 'trusted.overlay.redirect\x00'}}, {@audit}, {@fowner_lt={'fowner<', r1}}, {@mask={'mask', 0x3d, '^MAY_WRITE'}}, {@func={'func', 0x3d, 'FILE_CHECK'}}]}) r3 = syz_mount_image$nfs(&(0x7f00000003c0), &(0x7f0000000400)='./file0\x00', 0x8, 0x5, &(0x7f0000000840)=[{&(0x7f0000000440)="6b218347ad090568f8cfe906028998da7be1897b658674532a0f126afa1e2569c4116635923e29a44840d586af7b5bdbde5f0ca5e1e124ee5e028a76efa978a44c88af72c1c3cf6a0f2710d63100473556e08e9e4bcd6f972189eac35e7d05559dc0ac47efed9eb9a2f930e4139e6a19b2acb2c8270cb19b44d8017bf678d25cd374d2071457aac76ae9da8578e30d47c4faf6c60234ee4caa71355451", 0x9d, 0x5}, {&(0x7f0000000500)="d9e33a333f2358303d093ce91cfee015d46352e92bae1e1efe4a96c87b", 0x1d, 0x7fffffff}, {&(0x7f0000000540)="9d645c3ec09528a2cd147a7490fcb7c65a32b9655b41745e796e8a98ed1bc82f9fbc6339858af5ac7b8cced38c8e3eb88af8097832d34bc3286879532284a520ccc705f50b6edd4be257372c0acde6d02dcab9f74719422b86cfcbd45983c7b5079a0749264bd89bcbc2799c79bb01bdd54d2c550a2766be867f375fd0ee57150cbc2c5bc02afc853d3819bf6482c3d35d7c75e01a15a797795a340d554a3e8c26382dc4bfd55ef2713b18f6c597462ccb69c1790e611e0ae98a6a69ab1fdedc646ba411f47442e2feb190ea30709cfaf83e976bfa858f3a24a8ee5ca79ef56fd28baa17a1047d3eeb6043093780697631c49dca93048e56eb57d57dd23f", 0xfe, 0x2}, {&(0x7f0000000640)="56adf044e1d48fdc290970bb9ea88d744e40f79cde19be8d2403ef34dcbd68cb72630e253d41642ce9179bd5029d379aa4229835a1058d18c42216d23432d4d3fce37e68922d1e81da822e774f6649be8d27643dae45510f34f16cb146d049daee32f09725e4a30ff6192782009ea1fbb6fb8d2d7e34d07181c2f9efc34f51e88d8d2e196f6f8f9ef5fd10818a1814f92c4b7fccea411f285d51acd960060dbb96f73012dee0a8607f5951f72157532d83e6c4280379419a0ed81bb27be41d55ecc12bafca6c8f570921695353141db641fdf254c0745f544097add029", 0xdd, 0x7}, {&(0x7f0000000740)="6f765ef4c927e0323109af6c3fc52986db4ee2c2d979995a456308e345b0411e13648718161800556ca056f2b0ca7ff859387e574613e3f53481b5d5394936be9f12070b3895384486ddd853eacf1e2bfe207c986b0c70cc120bd921b6a203ae0904587643724134d07ec89c4f1b233d263c240ec5d91f93d38e26dfe630f479b823d64dc7fb4c9e6bac2c8b4e4cab5f22bed2bfd826b9e4e63a242cf0627619fc52c05eb03a4cf1f83c81253450b69692c291144316cad8877f2483d6782ed604174cec0e2d7e7792584e26fdc27e00ddb33a2b283561ec", 0xd8, 0x8}], 0x80800, &(0x7f00000008c0)={[{'{['}, {'/'}, {'euid>'}, {}, {'+\x80%'}, {'mask'}, {'trusted.overlay.redirect\x00'}, {'fscontext'}, {}, {'^MAY_WRITE'}], [{@uid_gt={'uid>', r1}}, {@context={'context', 0x3d, 'staff_u'}}, {@obj_user={'obj_user', 0x3d, '.\':i%'}}]}) ioctl$AUTOFS_DEV_IOCTL_OPENMOUNT(r0, 0xc0189374, &(0x7f0000000980)={{0x1, 0x1, 0x18, r2}, './file0\x00'}) renameat(r3, &(0x7f0000000940)='./file0\x00', r4, &(0x7f00000009c0)='./file1\x00') ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000a80)={'geneve0\x00', &(0x7f0000000a00)=@ethtool_gfeatures={0x3a, 0x4, [{}, {}, {}, {}]}}) truncate(&(0x7f0000000ac0)='./file0\x00', 0x5) recvmmsg(0xffffffffffffffff, &(0x7f0000001440)=[{{&(0x7f0000000b00)=@caif=@rfm, 0x80, &(0x7f0000000d40)=[{&(0x7f0000000b80)=""/31, 0x1f}, {&(0x7f0000000bc0)=""/96, 0x60}, {&(0x7f0000000c40)=""/182, 0xb6}, {&(0x7f0000000d00)=""/23, 0x17}], 0x4, &(0x7f0000000d80)=""/59, 0x3b}, 0x6c1601a}, {{&(0x7f0000000dc0)=@rc={0x1f, @none}, 0x80, &(0x7f0000001340)=[{&(0x7f0000000e40)=""/120, 0x78}, {&(0x7f0000000ec0)=""/93, 0x5d}, {&(0x7f0000000f40)=""/161, 0xa1}, {&(0x7f0000001000)=""/187, 0xbb}, {&(0x7f00000010c0)=""/251, 0xfb}, {&(0x7f00000011c0)=""/29, 0x1d}, {&(0x7f0000001200)=""/79, 0x4f}, {&(0x7f0000001280)=""/24, 0x18}, {&(0x7f00000012c0)=""/107, 0x6b}], 0x9, &(0x7f0000001400)=""/12, 0xc}, 0x319ebd67}], 0x2, 0x12120, &(0x7f00000014c0)={0x77359400}) clock_gettime(0x0, &(0x7f0000001540)={0x0, 0x0}) utimensat(r3, &(0x7f0000001500)='./file0/file0\x00', &(0x7f0000001580)={{}, {r5, r6/1000+60000}}, 0x100) lsetxattr(&(0x7f00000015c0)='./file1\x00', &(0x7f0000001600)=@random={'osx.', 'func'}, &(0x7f0000001640)='discard', 0x7, 0x0) syz_mount_image$nfs(&(0x7f0000001680), &(0x7f00000016c0)='./file0\x00', 0xffffffff7fffffff, 0x9, &(0x7f0000001cc0)=[{&(0x7f0000001700)="58b4dd4c02844d6f70b3234c6b905a39dfe06b215125b8c1e73a145d2b2d00653719d418c85f46d0801734d5c926e78aa5e898a886a11134616b40cca1824bdc550bf083cde1da9acd9d0abda3faae96cd51cb32769b3d839872c1e48ff12ba1be0b9fedb07473540910580ce9c838b93e900e5e60fb2bc93ff1363bbd569c6ce59981e89089fab6053426626e0d8870091d1f56c848400ec75b3e8a6c5237a11d7700aef7c3fbdcfeec695f992df0df84e8bf0944b60560a764b024e39f", 0xbe, 0x32}, {&(0x7f00000017c0)="4a7274678189044e7b61b7409b56fe349d9cafcd569611ad49", 0x19, 0x2}, {&(0x7f0000001800)="b4ad3a56edcd89815779aa8b0c484698283862177f7ac208973db979b763b23c7fae807bc3b26a79d77192e0068164704bdaee522a6b1c18fbd9d1dd07edff8e9791d680d00972d8e79074988437f684c680555fe79c0451550a7ecab1bb7ccc583ebb6088b481fa575921b323d91bfb3a909622d6efd95f4c68e0cbd437bb9e5a4209dcc3", 0x85, 0xfffffffffffffffe}, {&(0x7f00000018c0)="e02de06dd39ddb8c9eb3f9c0fda67f019f6b1db869bb2c9aae2b354969a0408290f94de9548411f78a298cf77961192138067dabeb6639ee96fbadbb27f31074ccdf2cb4425a0bb29ffa3301969d35d73fd97441c1aad9d003b07246e3b0edf5a4ac52741eea1356defbedef024b73170f52bbb6bb70781cdf2e29ccd3ed015287bb8da981bcb860a086d24509be16237fd560d6f9", 0x95, 0x100000001}, {&(0x7f0000001980)="3a57324377855ce0bdd4b10b0d5d5834c3255638c6fbec4021edbeb84cd46dea469d9ca87047c74a5353bbce29f25e59a61444d8afc25a2857f2192f2abde2b2b4fd76a8d2fdac04ab4b01ae40520c376db5a7268b6bedb4e28d664a133e2dd4011df9ef", 0x64, 0x22}, {&(0x7f0000001a00)="f5cef3e67bf526fe60850773a5b3863d9ea8954f06a3b1a07e24a988ce1cfa078a5459230e646a931b875f42b4f139c05949449390bc758a151dac4bc9e0c29c6bc7c6e1c0e9403435c49a66f57bd7b47191a4fc96d26ba3b332f8e697269f1d58e064997e7e9f6358a9454d8163676cf70d21a13b5f50608212fafbe46f16cf4644d39cf91683988b96ea1c528e90", 0x8f, 0x1}, {&(0x7f0000001ac0)="8536083ba99bf8606e9c9e179252b7814b8eeaf9c46246d900876e1598d01a248ad662aab997b8ff6b02cf513facf5aa215c1d821e3820dd3c26a29dea66ee5bdc00e72571a8d2b422c768765b6a18afb328807d27c75db57a85b2e5ec3dee19187265593fde4eaa7e45ed100bdbee1d88860e5d14277079ca1c1f6a66771d717aed7eb6e5ef0faa04db471d72460b826f09de3984323c50175161ac077dfd295fa423b1a935328e5186283a1419cb4b5bcfcc1efa7080f29e77bb39795cc1eec9ae07d3a02704a97598b11811a69c02ef240c6f5f9294c25c", 0xd9, 0x30}, {&(0x7f0000001bc0)="b7ddbb3cd7aaef5fe5592742da42ddfc4be94ce992e01cd1f73a544769d84238dbe6a29dbb4cc192fcf4639f07344dc6f8b2157a9ea9d2b5804f0588f763d4c0acd40c1a4142c7ef8aba88b0e06cdf4192d323d676e62838d5bc539134b037cbddda3a7fd8a6b0812f60b30de5c4bbb3f95d3b3363015347b5cdb1b39c5b273885613afb7969c3d7de", 0x89}, {&(0x7f0000001c80)="5fa57b2d9c07f752b3d756a977978dd04e59b0", 0x13, 0x64d}], 0x910030, &(0x7f0000001dc0)={[{'.!#*$\\'}, {}], [{@func={'func', 0x3d, 'MMAP_CHECK'}}, {@dont_measure}, {@uid_lt={'uid<', r1}}, {@fsname={'fsname', 0x3d, 'discard'}}, {@euid_lt={'euid<', r1}}, {@audit}, {@smackfsroot}, {@subj_user={'subj_user', 0x3d, '\xf8,%'}}, {@smackfsfloor}, {@uid_gt={'uid>', r1}}]}) getsockopt$inet6_mreq(r0, 0x29, 0x1d, &(0x7f0000001e80)={@private2}, &(0x7f0000001ec0)=0x14) accept$unix(r0, &(0x7f0000001f00), &(0x7f0000001f80)=0x6e) r7 = socket$nl_xfrm(0x10, 0x3, 0x6) pread64(r7, &(0x7f0000001fc0)=""/4096, 0x1000, 0xffffffff) syz_open_dev$rtc(&(0x7f0000002fc0), 0x7, 0x0) recvmmsg$unix(r4, &(0x7f0000003180)=[{{&(0x7f0000003000), 0x6e, &(0x7f0000003140)=[{&(0x7f0000003080)=""/175, 0xaf}], 0x1}}], 0x1, 0x140, &(0x7f00000031c0)) fcntl$notify(0xffffffffffffffff, 0x402, 0x30) 12:23:27 executing program 7: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = signalfd(0xffffffffffffffff, &(0x7f00000000c0)={[0x9]}, 0x8) ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f0000000100)={r1, 0x3}) r3 = signalfd(r1, &(0x7f0000000140)={[0xfffffffffffffc01]}, 0x8) read(r2, &(0x7f0000000180)=""/106, 0x6a) ppoll(&(0x7f0000000200)=[{r0, 0x80}, {r2, 0x480}], 0x2, &(0x7f0000000240)={0x77359400}, &(0x7f0000000280)={[0x7]}, 0x8) fgetxattr(r3, &(0x7f00000002c0)=@random={'user.', ',\x00'}, &(0x7f0000000300)=""/237, 0xed) ioctl$F2FS_IOC_MOVE_RANGE(r3, 0xc020f509, &(0x7f0000000400)={r1, 0x2, 0x0, 0x80000000}) r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000480), r3) sendmsg$NL80211_CMD_GET_PROTOCOL_FEATURES(r2, &(0x7f0000000540)={&(0x7f0000000440)={0x10, 0x0, 0x0, 0x61b33fbfb6f7b8b9}, 0xc, &(0x7f0000000500)={&(0x7f00000004c0)={0x14, r5, 0x801, 0x70bd27, 0x25dfdbff, {}, ["", "", "", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x40}, 0x82) r6 = syz_genetlink_get_family_id$devlink(&(0x7f00000005c0), r3) sendmsg$DEVLINK_CMD_PORT_SET(r1, &(0x7f0000000680)={&(0x7f0000000580)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000640)={&(0x7f0000000600)={0x14, r6, 0x0, 0x70bd2c, 0x25dfdbff}, 0x14}, 0x1, 0x0, 0x0, 0xc0418c4}, 0x4004000) r7 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000700), r4) sendmsg$MPTCP_PM_CMD_ADD_ADDR(r1, &(0x7f0000000800)={&(0x7f00000006c0), 0xc, &(0x7f00000007c0)={&(0x7f0000000740)={0x44, r7, 0x0, 0x70bd2d, 0x25dfdbfc, {}, [@MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x3}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x5}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x6}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x2}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x6}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x3}]}, 0x44}, 0x1, 0x0, 0x0, 0x40001}, 0x10) ioctl$AUTOFS_DEV_IOCTL_CATATONIC(r1, 0xc0189379, &(0x7f0000000840)={{0x1, 0x1, 0x18, r4}, './file0\x00'}) r9 = syz_genetlink_get_family_id$nl80211(&(0x7f00000008c0), r3) ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000900)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_AUTHENTICATE(r8, &(0x7f0000000a00)={&(0x7f0000000880)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f00000009c0)={&(0x7f0000000940)={0x74, r9, 0x400, 0x70bd2a, 0x25dfdbfc, {{}, {@val={0x8, 0x3, r10}, @val={0xc, 0x99, {0x7be, 0x2a}}}}, [@NL80211_ATTR_SSID={0x1c, 0x34, @random="9d1746b672e5567b82cd341ca7a7d645f927bb777162ca5c"}, @NL80211_ATTR_SSID={0xa, 0x34, @default_ibss_ssid}, @NL80211_ATTR_AUTH_TYPE={0x8, 0x35, 0x3}, @NL80211_ATTR_AUTH_TYPE={0x8}, @NL80211_ATTR_AUTH_TYPE={0x8, 0x35, 0x2}, @NL80211_ATTR_SSID={0xa, 0x34, @default_ibss_ssid}]}, 0x74}}, 0x90) syz_genetlink_get_family_id$nl80211(&(0x7f0000000a40), r1) ioctl$BTRFS_IOC_BALANCE_CTL(0xffffffffffffffff, 0x40049421, 0x2) [ 71.668897] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 71.670613] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 71.671908] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 71.673492] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 71.675484] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 71.677343] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 71.678837] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 71.679930] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 71.680906] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 71.681940] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 71.683335] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 71.684353] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 71.685323] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 71.686487] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 71.690508] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 71.691956] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 71.693118] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 71.697580] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 71.700102] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 71.700242] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 71.701590] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 71.703373] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 71.703777] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 71.705596] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 71.705710] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 71.706954] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 71.708820] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 71.710273] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 71.711680] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 71.711945] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 71.712981] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 71.715371] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 71.716802] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 71.716948] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 71.720966] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 71.724902] Bluetooth: hci3: HCI_REQ-0x0c1a [ 71.727872] Bluetooth: hci2: HCI_REQ-0x0c1a [ 71.728683] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 71.732285] Bluetooth: hci4: HCI_REQ-0x0c1a [ 71.733876] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 71.734855] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 71.736744] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 71.736826] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 71.740499] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 71.743758] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 71.743920] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 71.746115] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 71.747054] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 71.748441] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 71.749827] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 71.767291] Bluetooth: hci1: HCI_REQ-0x0c1a [ 71.767704] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 71.774126] Bluetooth: hci7: HCI_REQ-0x0c1a [ 71.779281] Bluetooth: hci5: HCI_REQ-0x0c1a [ 71.783104] Bluetooth: hci0: HCI_REQ-0x0c1a [ 71.783885] Bluetooth: hci6: HCI_REQ-0x0c1a [ 73.782511] Bluetooth: hci2: command 0x0409 tx timeout [ 73.783243] Bluetooth: hci1: command 0x0409 tx timeout [ 73.783317] Bluetooth: hci4: command 0x0409 tx timeout [ 73.783740] Bluetooth: hci3: command 0x0409 tx timeout [ 73.847542] Bluetooth: hci7: command 0x0409 tx timeout [ 73.848087] Bluetooth: hci6: command 0x0409 tx timeout [ 73.848588] Bluetooth: hci0: command 0x0409 tx timeout [ 73.849041] Bluetooth: hci5: command 0x0409 tx timeout [ 75.830280] Bluetooth: hci3: command 0x041b tx timeout [ 75.830770] Bluetooth: hci4: command 0x041b tx timeout [ 75.831220] Bluetooth: hci2: command 0x041b tx timeout [ 75.831628] Bluetooth: hci1: command 0x041b tx timeout [ 75.894208] Bluetooth: hci5: command 0x041b tx timeout [ 75.894640] Bluetooth: hci0: command 0x041b tx timeout [ 75.895051] Bluetooth: hci6: command 0x041b tx timeout [ 75.895500] Bluetooth: hci7: command 0x041b tx timeout [ 77.879208] Bluetooth: hci1: command 0x040f tx timeout [ 77.879718] Bluetooth: hci2: command 0x040f tx timeout [ 77.880099] Bluetooth: hci4: command 0x040f tx timeout [ 77.880543] Bluetooth: hci3: command 0x040f tx timeout [ 77.942249] Bluetooth: hci7: command 0x040f tx timeout [ 77.942753] Bluetooth: hci6: command 0x040f tx timeout [ 77.943206] Bluetooth: hci0: command 0x040f tx timeout [ 77.943630] Bluetooth: hci5: command 0x040f tx timeout [ 79.926264] Bluetooth: hci3: command 0x0419 tx timeout [ 79.927121] Bluetooth: hci4: command 0x0419 tx timeout [ 79.928014] Bluetooth: hci2: command 0x0419 tx timeout [ 79.928858] Bluetooth: hci1: command 0x0419 tx timeout [ 79.990284] Bluetooth: hci5: command 0x0419 tx timeout [ 79.991215] Bluetooth: hci0: command 0x0419 tx timeout [ 79.992016] Bluetooth: hci6: command 0x0419 tx timeout [ 79.992855] Bluetooth: hci7: command 0x0419 tx timeout 12:24:24 executing program 7: r0 = syz_open_dev$tty20(0xc, 0x4, 0x1) ioctl$VT_GETMODE(r0, 0x5601, 0x0) ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000000)={0x0, 0x2, 0x6, 0x4, 0x18, "8eae81d6defbd5f8"}) r1 = syz_open_dev$tty20(0xc, 0x4, 0x1) fchmod(r1, 0x0) ioctl$KDSETLED(r1, 0x4b32, 0x40) 12:24:24 executing program 7: r0 = syz_open_dev$tty20(0xc, 0x4, 0x1) ioctl$VT_GETMODE(r0, 0x5601, 0x0) ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000000)={0x0, 0x2, 0x6, 0x4, 0x18, "8eae81d6defbd5f8"}) r1 = syz_open_dev$tty20(0xc, 0x4, 0x1) fchmod(r1, 0x0) ioctl$KDSETLED(r1, 0x4b32, 0x40) 12:24:24 executing program 7: syz_mount_image$iso9660(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', 0xda1a, 0x3, &(0x7f0000003400)=[{&(0x7f00000000c0)="cb", 0x1}, {0x0}, {0x0}], 0x0, &(0x7f00000034c0)) openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0) syz_mount_image$nfs4(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x36, 0x3, &(0x7f0000000240)=[{&(0x7f0000000140)="fd", 0x1, 0x9}, {&(0x7f0000000180)="374edc56b5fa0bfa28cbb948273861acda7c99f92000eb", 0x17, 0x3}, {&(0x7f00000001c0)="9dde4ec4316678d86075b6217c0470f95680247b69218504c19769cf55c9a0d7035bf1f5d1ec91f1ced70f3beedc2e1812f10d965070b1eef3d5b10d54339a43cfa004f3fefb8b8334b64f0548", 0x4d, 0xa6d}], 0x101000, &(0x7f00000002c0)={[{'iso9660\x00'}, {'iso9660\x00'}, {'^'}, {'}):'}, {}, {':[\\[)]]'}, {'\'@:'}, {'iso9660\x00'}, {'iso9660\x00'}], [{@permit_directio}, {@euid_gt}, {@hash}, {@fowner_gt={'fowner>', 0xee01}}, {@obj_role={'obj_role', 0x3d, '-\'!'}}, {@fsmagic={'fsmagic', 0x3d, 0x65}}]}) recvmmsg(0xffffffffffffffff, &(0x7f0000002340)=[{{0x0, 0x0, &(0x7f0000000540)=[{&(0x7f0000000380)=""/183, 0xb7}, {&(0x7f0000000440)=""/120, 0x78}, {&(0x7f00000004c0)=""/41, 0x29}, {&(0x7f0000000500)=""/25, 0x19}], 0x4, &(0x7f0000000580)=""/153, 0x99}, 0x6}, {{0x0, 0x0, &(0x7f0000001a40)=[{&(0x7f0000000640)=""/215, 0xd7}, {&(0x7f0000000740)=""/103, 0x67}, {&(0x7f00000007c0)=""/4096, 0x1000}, {&(0x7f00000017c0)=""/71, 0x47}, {&(0x7f0000001840)=""/38, 0x26}, {&(0x7f0000001880)=""/200, 0xc8}, {&(0x7f0000001980)=""/87, 0x57}, {&(0x7f0000001a00)=""/63, 0x3f}], 0x8, &(0x7f0000001ac0)=""/2, 0x2}, 0x5}, {{&(0x7f0000001b00)=@nfc_llcp, 0x80, &(0x7f0000001c80)=[{&(0x7f0000001b80)=""/255, 0xff}], 0x1, &(0x7f0000001cc0)}, 0x4}, {{&(0x7f0000001d00)=@pppol2tpin6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @loopback}}}, 0x80, &(0x7f0000001e00)=[{&(0x7f0000001d80)=""/12, 0xc}, {&(0x7f0000001dc0)=""/25, 0x19}], 0x2, &(0x7f0000001e40)=""/93, 0x5d}, 0x7}, {{0x0, 0x0, &(0x7f00000022c0)=[{&(0x7f0000001ec0)=""/194, 0xc2}, {&(0x7f0000001fc0)=""/210, 0xd2}, {&(0x7f00000020c0)=""/156, 0x9c}, {&(0x7f0000002180)=""/16, 0x10}, {&(0x7f00000021c0)=""/119, 0x77}, {&(0x7f0000002240)=""/104, 0x68}], 0x6}, 0x10001}], 0x5, 0x40002000, &(0x7f0000002480)={0x0, 0x989680}) [ 127.803116] loop7: detected capacity change from 0 to 109 [ 127.842193] isofs_fill_super: bread failed, dev=loop7, iso_blknum=27, block=54 12:24:24 executing program 7: syz_emit_ethernet(0x7e, &(0x7f00000000c0)={@multicast, @multicast, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x70, 0x0, 0x0, 0x0, 0x1, 0x0, @remote, @remote}, @redirect={0x4, 0x0, 0x0, @empty, {0x8, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, @dev, @local, {[@rr={0x8}, @rr={0x7, 0xfffffffffffffd8e, 0x0, [@multicast2, @initdev={0xac, 0x1e, 0x0, 0x0}, @rand_addr, @multicast2]}, @rr={0x7, 0x27, 0x0, [@dev, @local, @private, @loopback, @empty, @remote, @empty, @loopback, @local]}]}}}}}}}, 0x0) syz_emit_ethernet(0xb9, &(0x7f0000000000)={@dev={'\xaa\xaa\xaa\xaa\xaa', 0x1a}, @broadcast, @val={@val={0x9100, 0x6, 0x1, 0x3}, {0x8100, 0x0, 0x1, 0x2}}, {@mpls_mc={0x8848, {[{0x4, 0x0, 0x1}, {0x2, 0x0, 0x1}, {0x40}], @llc={@llc={0x6, 0x1, 'Rw', "ab0190fe85fae114715b7535484ebe83d03459484468624e290efba6b5aaa615197c86991649e05cb830e0e138d19087e2545e2ff71741f440327c235d93029282666dc1a5154214004c74a0673f415dd5dc765ad7cba311d4575a872629e404a66f5bd536f404255b03561c670251e13f0b12396473dc62e01237392440de4faba2bdd883a29528627f00b6ae3860f64dbb60"}}}}}}, &(0x7f0000000140)={0x0, 0x2, [0x73d, 0x322, 0xf, 0xa7]}) syz_emit_ethernet(0x55, &(0x7f0000000180)={@remote, @remote, @void, {@llc={0x4, {@snap={0x1, 0x0, 't', "fe6665", 0x16, "2f1fe6d60f809159c649dd5772c5f2df22411f387832281092c4f9f21bb48d9ff0605e777de91e04baa6a6f2f3ef513e1925bc6658797d27adbed57777bca3"}}}}}, &(0x7f0000000200)={0x1, 0x4, [0xa4e, 0x706, 0x2be, 0x852]}) syz_emit_ethernet(0x69, &(0x7f0000000300)=ANY=[@ANYBLOB="aaaaaaaaaabbaaff030000aa0004f080f9218d9fd7e2b73aa2287d1bc15757233ad26e8a55847c0df64fdfba29c9ab39affd36e8b8167dad2156053307d82efa15d27c653fc439d385d56f2dadd027188d97ba27be63020031cc10a52ab789cfa49f954c054528f452"], &(0x7f0000000380)={0x0, 0x1, [0xd95, 0x15b, 0xd98, 0xb5e]}) syz_emit_ethernet(0x56, &(0x7f0000000240)={@empty, @random="42d4412bb3b9", @void, {@canfd={0xd, {{0x0, 0x1, 0x0, 0x1}, 0x2, 0x0, 0x0, 0x0, "8d4ffbad603d396bd6d3dbfe4c721f0cb478100585952e96bf034d1e06e50aa603c297fd246a05bdf91d8fbc8ec9b415af5bdad2e5a6467032f6a975150de39d"}}}}, &(0x7f00000002c0)={0x1, 0x2, [0x822, 0x18c, 0x572, 0x732]}) 12:24:24 executing program 5: r0 = add_key(&(0x7f0000000000)='.request_key_auth\x00', 0x0, 0x0, 0x0, 0x0) request_key(&(0x7f0000000100)='dns_resolver\x00', &(0x7f0000000080)={'syz', 0x0}, &(0x7f00000000c0)='.request_key_auth\x00', r0) add_key$keyring(&(0x7f0000000040), &(0x7f0000000140)={'syz', 0x1}, 0x0, 0x0, r0) 12:24:24 executing program 5: prlimit64(0xffffffffffffffff, 0x0, &(0x7f0000000000)={0x4, 0x7077}, &(0x7f0000000040)) r0 = fork() prlimit64(r0, 0x5, &(0x7f0000000080)={0x4, 0xff}, 0x0) getrlimit(0xc, &(0x7f00000000c0)) r1 = fork() prlimit64(r1, 0xe, &(0x7f00000001c0)={0x9, 0x6}, 0x0) sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x41) prlimit64(r0, 0x0, &(0x7f0000000140)={0x9, 0x400}, &(0x7f0000000180)) 12:24:24 executing program 7: syslog(0x3, 0x0, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x1010c2, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/timer_list\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x10000027f) socket$inet_udp(0x2, 0x2, 0x0) sendmsg$NL80211_CMD_REQ_SET_REG(0xffffffffffffffff, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000180)=ANY=[@ANYBLOB="1c000000", @ANYRES16, @ANYBLOB="ff05002179043f5918d8d6000000000000ffff"], 0x1c}}, 0x0) perf_event_open(&(0x7f0000000440)={0x5, 0x80, 0x1, 0x3, 0x0, 0x5, 0x0, 0x315, 0x20, 0x2, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x8d90, 0x1, @perf_bp={&(0x7f0000000200), 0x1}, 0x10, 0x9, 0x269387ea, 0x5, 0x1340, 0x7, 0x2c5}, 0xffffffffffffffff, 0xe, r0, 0x8) r2 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffb000/0x2000)=nil, 0x2000, 0x0, 0x110, 0xffffffffffffffff, 0x0) syz_io_uring_complete(r2) [ 128.135357] audit: type=1400 audit(1664627064.958:7): avc: denied { open } for pid=3903 comm="syz-executor.7" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 [ 128.136877] audit: type=1400 audit(1664627064.959:8): avc: denied { kernel } for pid=3903 comm="syz-executor.7" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 [ 128.160005] ------------[ cut here ]------------ [ 128.160024] [ 128.160027] ====================================================== [ 128.160031] WARNING: possible circular locking dependency detected [ 128.160035] 6.0.0-rc7-next-20220930 #1 Not tainted [ 128.160042] ------------------------------------------------------ [ 128.160046] syz-executor.7/3905 is trying to acquire lock: [ 128.160052] ffffffff853faab8 ((console_sem).lock){....}-{2:2}, at: down_trylock+0xe/0x70 [ 128.160094] [ 128.160094] but task is already holding lock: [ 128.160097] ffff88803fa8f420 (&ctx->lock){....}-{2:2}, at: __perf_event_task_sched_out+0x53b/0x18d0 [ 128.160124] [ 128.160124] which lock already depends on the new lock. [ 128.160124] [ 128.160128] [ 128.160128] the existing dependency chain (in reverse order) is: [ 128.160131] [ 128.160131] -> #3 (&ctx->lock){....}-{2:2}: [ 128.160145] _raw_spin_lock+0x2a/0x40 [ 128.160157] __perf_event_task_sched_out+0x53b/0x18d0 [ 128.160168] __schedule+0xedd/0x2470 [ 128.160182] schedule+0xda/0x1b0 [ 128.160196] exit_to_user_mode_prepare+0x114/0x1a0 [ 128.160209] syscall_exit_to_user_mode+0x19/0x40 [ 128.160222] do_syscall_64+0x48/0x90 [ 128.160240] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 128.160253] [ 128.160253] -> #2 (&rq->__lock){-.-.}-{2:2}: [ 128.160274] _raw_spin_lock_nested+0x30/0x40 [ 128.160284] raw_spin_rq_lock_nested+0x1e/0x30 [ 128.160298] task_fork_fair+0x63/0x4d0 [ 128.160314] sched_cgroup_fork+0x3d0/0x540 [ 128.160329] copy_process+0x4183/0x6e20 [ 128.160340] kernel_clone+0xe7/0x890 [ 128.160350] user_mode_thread+0xad/0xf0 [ 128.160360] rest_init+0x24/0x250 [ 128.160372] arch_call_rest_init+0xf/0x14 [ 128.160391] start_kernel+0x4c6/0x4eb [ 128.160406] secondary_startup_64_no_verify+0xe0/0xeb [ 128.160420] [ 128.160420] -> #1 (&p->pi_lock){-.-.}-{2:2}: [ 128.160434] _raw_spin_lock_irqsave+0x39/0x60 [ 128.160445] try_to_wake_up+0xab/0x1930 [ 128.160458] up+0x75/0xb0 [ 128.160472] __up_console_sem+0x6e/0x80 [ 128.160488] console_unlock+0x46a/0x590 [ 128.160504] do_con_write+0xc05/0x1d50 [ 128.160515] con_write+0x21/0x40 [ 128.160524] n_tty_write+0x4d4/0xfe0 [ 128.160536] file_tty_write.constprop.0+0x455/0x8a0 [ 128.160548] vfs_write+0x9c3/0xd90 [ 128.160565] ksys_write+0x127/0x250 [ 128.160580] do_syscall_64+0x3b/0x90 [ 128.160596] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 128.160609] [ 128.160609] -> #0 ((console_sem).lock){....}-{2:2}: [ 128.160622] __lock_acquire+0x2a02/0x5e70 [ 128.160639] lock_acquire+0x1a2/0x530 [ 128.160655] _raw_spin_lock_irqsave+0x39/0x60 [ 128.160666] down_trylock+0xe/0x70 [ 128.160681] __down_trylock_console_sem+0x3b/0xd0 [ 128.160697] vprintk_emit+0x16b/0x560 [ 128.160713] vprintk+0x84/0xa0 [ 128.160728] _printk+0xba/0xf1 [ 128.160740] report_bug.cold+0x72/0xab [ 128.160756] handle_bug+0x3c/0x70 [ 128.160772] exc_invalid_op+0x14/0x50 [ 128.160789] asm_exc_invalid_op+0x16/0x20 [ 128.160801] group_sched_out.part.0+0x2c7/0x460 [ 128.160819] ctx_sched_out+0x8f1/0xc10 [ 128.160836] __perf_event_task_sched_out+0x6d0/0x18d0 [ 128.160847] __schedule+0xedd/0x2470 [ 128.160860] schedule+0xda/0x1b0 [ 128.160873] exit_to_user_mode_prepare+0x114/0x1a0 [ 128.160884] syscall_exit_to_user_mode+0x19/0x40 [ 128.160896] do_syscall_64+0x48/0x90 [ 128.160913] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 128.160925] [ 128.160925] other info that might help us debug this: [ 128.160925] [ 128.160928] Chain exists of: [ 128.160928] (console_sem).lock --> &rq->__lock --> &ctx->lock [ 128.160928] [ 128.160943] Possible unsafe locking scenario: [ 128.160943] [ 128.160946] CPU0 CPU1 [ 128.160948] ---- ---- [ 128.160950] lock(&ctx->lock); [ 128.160956] lock(&rq->__lock); [ 128.160962] lock(&ctx->lock); [ 128.160968] lock((console_sem).lock); [ 128.160974] [ 128.160974] *** DEADLOCK *** [ 128.160974] [ 128.160976] 2 locks held by syz-executor.7/3905: [ 128.160983] #0: ffff88806cf37e98 (&rq->__lock){-.-.}-{2:2}, at: __schedule+0x1cf/0x2470 [ 128.161012] #1: ffff88803fa8f420 (&ctx->lock){....}-{2:2}, at: __perf_event_task_sched_out+0x53b/0x18d0 [ 128.161038] [ 128.161038] stack backtrace: [ 128.161041] CPU: 1 PID: 3905 Comm: syz-executor.7 Not tainted 6.0.0-rc7-next-20220930 #1 [ 128.161054] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 128.161062] Call Trace: [ 128.161065] [ 128.161069] dump_stack_lvl+0x8b/0xb3 [ 128.161087] check_noncircular+0x263/0x2e0 [ 128.161104] ? format_decode+0x26c/0xb50 [ 128.161120] ? print_circular_bug+0x450/0x450 [ 128.161137] ? simple_strtoul+0x30/0x30 [ 128.161153] ? format_decode+0x26c/0xb50 [ 128.161170] ? alloc_chain_hlocks+0x1ec/0x5a0 [ 128.161187] __lock_acquire+0x2a02/0x5e70 [ 128.161208] ? lockdep_hardirqs_on_prepare+0x410/0x410 [ 128.161231] lock_acquire+0x1a2/0x530 [ 128.161247] ? down_trylock+0xe/0x70 [ 128.161264] ? lock_release+0x750/0x750 [ 128.161284] ? vprintk+0x84/0xa0 [ 128.161302] _raw_spin_lock_irqsave+0x39/0x60 [ 128.161313] ? down_trylock+0xe/0x70 [ 128.161329] down_trylock+0xe/0x70 [ 128.161345] ? vprintk+0x84/0xa0 [ 128.161361] __down_trylock_console_sem+0x3b/0xd0 [ 128.161379] vprintk_emit+0x16b/0x560 [ 128.161397] vprintk+0x84/0xa0 [ 128.161414] _printk+0xba/0xf1 [ 128.161426] ? record_print_text.cold+0x16/0x16 [ 128.161441] ? report_bug.cold+0x66/0xab [ 128.161459] ? group_sched_out.part.0+0x2c7/0x460 [ 128.161477] report_bug.cold+0x72/0xab [ 128.161496] handle_bug+0x3c/0x70 [ 128.161513] exc_invalid_op+0x14/0x50 [ 128.161531] asm_exc_invalid_op+0x16/0x20 [ 128.161544] RIP: 0010:group_sched_out.part.0+0x2c7/0x460 [ 128.161564] Code: 5e 41 5f e9 8b ae ef ff e8 86 ae ef ff 65 8b 1d 0b 18 ac 7e 31 ff 89 de e8 26 ab ef ff 85 db 0f 84 8a 00 00 00 e8 69 ae ef ff <0f> 0b e9 a5 fe ff ff e8 5d ae ef ff 48 8d 7d 10 48 b8 00 00 00 00 [ 128.161576] RSP: 0018:ffff888040ddfc48 EFLAGS: 00010006 [ 128.161585] RAX: 0000000040000002 RBX: 0000000000000000 RCX: 0000000000000000 [ 128.161592] RDX: ffff88801abb0000 RSI: ffffffff81565dc7 RDI: 0000000000000005 [ 128.161600] RBP: ffff888040de0000 R08: 0000000000000005 R09: 0000000000000001 [ 128.161607] R10: 0000000000000000 R11: ffffffff865b405b R12: ffff88803fa8f400 [ 128.161615] R13: ffff88806cf3d2c0 R14: ffffffff8547d000 R15: 0000000000000002 [ 128.161626] ? group_sched_out.part.0+0x2c7/0x460 [ 128.161646] ? group_sched_out.part.0+0x2c7/0x460 [ 128.161665] ctx_sched_out+0x8f1/0xc10 [ 128.161685] __perf_event_task_sched_out+0x6d0/0x18d0 [ 128.161699] ? lock_is_held_type+0xd7/0x130 [ 128.161712] ? __perf_cgroup_move+0x160/0x160 [ 128.161723] ? set_next_entity+0x304/0x550 [ 128.161741] ? update_curr+0x267/0x740 [ 128.161759] ? lock_is_held_type+0xd7/0x130 [ 128.161773] __schedule+0xedd/0x2470 [ 128.161790] ? io_schedule_timeout+0x150/0x150 [ 128.161806] ? rcu_read_lock_sched_held+0x3e/0x80 [ 128.161827] schedule+0xda/0x1b0 [ 128.161841] exit_to_user_mode_prepare+0x114/0x1a0 [ 128.161854] syscall_exit_to_user_mode+0x19/0x40 [ 128.161867] do_syscall_64+0x48/0x90 [ 128.161885] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 128.161898] RIP: 0033:0x7fbbe9fa5b19 [ 128.161906] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 128.161917] RSP: 002b:00007fbbe751b218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 128.161927] RAX: 0000000000000001 RBX: 00007fbbea0b8f68 RCX: 00007fbbe9fa5b19 [ 128.161935] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007fbbea0b8f6c [ 128.161942] RBP: 00007fbbea0b8f60 R08: 000000000000000e R09: 0000000000000000 [ 128.161949] R10: 0000000000000003 R11: 0000000000000246 R12: 00007fbbea0b8f6c [ 128.161956] R13: 00007fff8816052f R14: 00007fbbe751b300 R15: 0000000000022000 [ 128.161969] [ 128.219689] WARNING: CPU: 1 PID: 3905 at kernel/events/core.c:2309 group_sched_out.part.0+0x2c7/0x460 [ 128.220400] Modules linked in: [ 128.220643] CPU: 1 PID: 3905 Comm: syz-executor.7 Not tainted 6.0.0-rc7-next-20220930 #1 [ 128.221247] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 128.222083] RIP: 0010:group_sched_out.part.0+0x2c7/0x460 [ 128.222501] Code: 5e 41 5f e9 8b ae ef ff e8 86 ae ef ff 65 8b 1d 0b 18 ac 7e 31 ff 89 de e8 26 ab ef ff 85 db 0f 84 8a 00 00 00 e8 69 ae ef ff <0f> 0b e9 a5 fe ff ff e8 5d ae ef ff 48 8d 7d 10 48 b8 00 00 00 00 [ 128.223842] RSP: 0018:ffff888040ddfc48 EFLAGS: 00010006 [ 128.224244] RAX: 0000000040000002 RBX: 0000000000000000 RCX: 0000000000000000 [ 128.224786] RDX: ffff88801abb0000 RSI: ffffffff81565dc7 RDI: 0000000000000005 [ 128.225319] RBP: ffff888040de0000 R08: 0000000000000005 R09: 0000000000000001 [ 128.225844] R10: 0000000000000000 R11: ffffffff865b405b R12: ffff88803fa8f400 [ 128.226377] R13: ffff88806cf3d2c0 R14: ffffffff8547d000 R15: 0000000000000002 [ 128.226911] FS: 00007fbbe751b700(0000) GS:ffff88806cf00000(0000) knlGS:0000000000000000 [ 128.227508] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 128.227947] CR2: 00007f2d858c6018 CR3: 0000000015a6e000 CR4: 0000000000350ee0 [ 128.228487] Call Trace: [ 128.228685] [ 128.228858] ctx_sched_out+0x8f1/0xc10 [ 128.229170] __perf_event_task_sched_out+0x6d0/0x18d0 [ 128.229572] ? lock_is_held_type+0xd7/0x130 [ 128.229899] ? __perf_cgroup_move+0x160/0x160 [ 128.230238] ? set_next_entity+0x304/0x550 [ 128.230566] ? update_curr+0x267/0x740 [ 128.230873] ? lock_is_held_type+0xd7/0x130 [ 128.231204] __schedule+0xedd/0x2470 [ 128.231504] ? io_schedule_timeout+0x150/0x150 [ 128.231860] ? rcu_read_lock_sched_held+0x3e/0x80 [ 128.232232] schedule+0xda/0x1b0 [ 128.232515] exit_to_user_mode_prepare+0x114/0x1a0 [ 128.232887] syscall_exit_to_user_mode+0x19/0x40 [ 128.233249] do_syscall_64+0x48/0x90 [ 128.233539] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 128.233929] RIP: 0033:0x7fbbe9fa5b19 [ 128.234209] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 128.235553] RSP: 002b:00007fbbe751b218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 128.236109] RAX: 0000000000000001 RBX: 00007fbbea0b8f68 RCX: 00007fbbe9fa5b19 [ 128.236654] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007fbbea0b8f6c [ 128.237180] RBP: 00007fbbea0b8f60 R08: 000000000000000e R09: 0000000000000000 [ 128.237715] R10: 0000000000000003 R11: 0000000000000246 R12: 00007fbbea0b8f6c [ 128.238246] R13: 00007fff8816052f R14: 00007fbbe751b300 R15: 0000000000022000 [ 128.238782] [ 128.238959] irq event stamp: 610 [ 128.239212] hardirqs last enabled at (609): [] exit_to_user_mode_prepare+0x109/0x1a0 [ 128.239911] hardirqs last disabled at (610): [] __schedule+0x1225/0x2470 [ 128.240540] softirqs last enabled at (468): [] __irq_exit_rcu+0x11b/0x180 [ 128.241174] softirqs last disabled at (459): [] __irq_exit_rcu+0x11b/0x180 [ 128.241802] ---[ end trace 0000000000000000 ]--- 12:24:25 executing program 5: ioctl$MON_IOCX_GETX(0xffffffffffffffff, 0x4018920a, &(0x7f0000000240)={&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @iso}, &(0x7f0000000200)=""/26, 0x1a}) r0 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x40440, 0x18c) ioctl$MON_IOCG_STATS(r0, 0x80089203, &(0x7f0000000380)) ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000000)={0xffffffffffffffff, 0x6, 0x9, 0x80}) r2 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000003c0), 0x80002, 0x0) fallocate(r2, 0x3, 0x81, 0x8) r3 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$IPVS_CMD_SET_INFO(r1, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x30, r3, 0x200, 0x70bd2d, 0x25dfdbff, {}, [@IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x1}, @IPVS_CMD_ATTR_DAEMON={0x14, 0x3, 0x0, 0x1, [@IPVS_DAEMON_ATTR_MCAST_PORT={0x6, 0x7, 0x4e21}, @IPVS_DAEMON_ATTR_MCAST_PORT={0x6, 0x7, 0x4e1e}]}]}, 0x30}, 0x1, 0x0, 0x0, 0xc4}, 0x800) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$NL80211_CMD_VENDOR(r4, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000340)={0x28, r5, 0x87d27e71721737b5, 0x0, 0x0, {{0x32}, {@void, @val={0x8}, @val={0xc, 0x117}}}}, 0x28}}, 0x0) sendmsg$NL80211_CMD_GET_INTERFACE(0xffffffffffffffff, &(0x7f0000000640)={&(0x7f0000000580)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000600)={&(0x7f00000005c0)={0x20, r5, 0x1, 0x70bd2c, 0x25dfdbff, {{}, {@void, @val={0xc, 0x99, {0x1ff, 0x76}}}}, ["", ""]}, 0x20}, 0x1, 0x0, 0x0, 0x4008081}, 0x500c1) r6 = openat$incfs(0xffffffffffffff9c, &(0x7f0000000400)='.log\x00', 0x40, 0x8) r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000480), r1) sendmsg$NL80211_CMD_UNEXPECTED_FRAME(r6, &(0x7f0000000540)={&(0x7f0000000440)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000500)={&(0x7f00000004c0)={0x1c, r7, 0x400, 0x70bd2a, 0x25dfdbfb, {{}, {@val={0x8}, @void}}, ["", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x40004}, 0x40000) r8 = io_uring_setup(0x4a3c, &(0x7f0000000280)={0x0, 0x5aa7, 0xb, 0x3, 0x3d4, 0x0, r0}) write(r8, &(0x7f0000000300)="e7ae2d64d99b929f1aa1198f477979750a15f28b23f9cfcd15a25fe00964e0dbbe0d72121dc4570b932fd95aa0b01a44037ea808b67b9f71b3166ec244f5fa221af63b3f79e546e2aff07fe546eb97cd5ddbf6596a", 0x55) openat$nvram(0xffffffffffffff9c, &(0x7f0000002c00), 0xc4341, 0x0) [ 129.038727] loop6: detected capacity change from 0 to 1 [ 129.055851] loop6: detected capacity change from 0 to 264192 [ 129.088024] loop6: detected capacity change from 0 to 1 [ 129.102443] loop6: detected capacity change from 0 to 264192 [ 129.113959] loop6: detected capacity change from 0 to 264192 [ 129.344330] Bluetooth: Wrong link type (-57) [ 129.354114] Bluetooth: Wrong link type (-57) VM DIAGNOSIS: 12:24:25 Registers: info registers vcpu 0 RAX=0000000000000000 RBX=ffffffff81359c40 RCX=ffffffff812a1cb8 RDX=0000000000000000 RSI=0000000000000000 RDI=ffffffff85b06ed0 RBP=ffff8880405af900 RSP=ffff8880405af868 R8 =0000000000000000 R9 =ffffffff85b06ed7 R10=0000000000000000 R11=0000000000000001 R12=ffff8880405af930 R13=0000000000000000 R14=ffff888019c73580 R15=0000000000000000 RIP=ffffffff810acdfe RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0000 0000000000000000 00000000 00000000 DS =0000 0000000000000000 00000000 00000000 FS =0000 0000000000000000 00000000 00000000 GS =0000 ffff88806ce00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007f3581cd0088 CR3=000000000f172000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 YMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM01=0000000000000000 0000000000000000 322e6f732e6c6462 696c2f756e672d78 YMM02=0000000000000000 0000000000000000 00322e6f732e6c64 62696c2f756e672d YMM03=0000000000000000 0000000000000000 78756e696c2d3436 5f3638782f62696c YMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 RAX=0000000000000020 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff823bb0f1 RDI=ffffffff8765a9a0 RBP=ffffffff8765a960 RSP=ffff888040ddf690 R8 =0000000000000001 R9 =000000000000000a R10=0000000000000020 R11=0000000000000001 R12=0000000000000020 R13=ffffffff8765a960 R14=0000000000000010 R15=ffffffff823bb0e0 RIP=ffffffff823bb149 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 00007fbbe751b700 00000000 00000000 GS =0000 ffff88806cf00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007f2d858c6018 CR3=0000000015a6e000 CR4=00350ee0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 YMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM01=0000000000000000 0000000000000000 00007fbbea08c7c0 00007fbbea08c7c8 YMM02=0000000000000000 0000000000000000 00007fbbea08c7e0 00007fbbea08c7c0 YMM03=0000000000000000 0000000000000000 00007fbbea08c7c8 00007fbbea08c7c0 YMM04=0000000000000000 0000000000000000 ffffffffffffffff ffffffff00000000 YMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM06=0000000000000000 0000000000000000 0000000000000000 000000524f525245 YMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM08=0000000000000000 0000000000000000 0000000000000000 00524f5252450040 YMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000