Warning: Permanently added '[localhost]:41023' (ECDSA) to the list of known hosts. 2022/10/01 14:15:11 fuzzer started 2022/10/01 14:15:11 dialing manager at localhost:35095 syzkaller login: [ 40.397324] cgroup: Unknown subsys name 'net' [ 40.533557] cgroup: Unknown subsys name 'rlimit' 2022/10/01 14:15:26 syscalls: 2215 2022/10/01 14:15:26 code coverage: enabled 2022/10/01 14:15:26 comparison tracing: enabled 2022/10/01 14:15:26 extra coverage: enabled 2022/10/01 14:15:26 setuid sandbox: enabled 2022/10/01 14:15:26 namespace sandbox: enabled 2022/10/01 14:15:26 Android sandbox: enabled 2022/10/01 14:15:26 fault injection: enabled 2022/10/01 14:15:26 leak checking: enabled 2022/10/01 14:15:26 net packet injection: enabled 2022/10/01 14:15:26 net device setup: enabled 2022/10/01 14:15:26 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2022/10/01 14:15:26 devlink PCI setup: PCI device 0000:00:10.0 is not available 2022/10/01 14:15:26 USB emulation: enabled 2022/10/01 14:15:26 hci packet injection: enabled 2022/10/01 14:15:26 wifi device emulation: failed to parse kernel version (6.0.0-rc7-next-20220930) 2022/10/01 14:15:26 802.15.4 emulation: enabled 2022/10/01 14:15:26 fetching corpus: 50, signal 21765/23589 (executing program) 2022/10/01 14:15:26 fetching corpus: 100, signal 37317/40674 (executing program) 2022/10/01 14:15:26 fetching corpus: 150, signal 46813/51556 (executing program) 2022/10/01 14:15:26 fetching corpus: 200, signal 51595/57761 (executing program) 2022/10/01 14:15:26 fetching corpus: 250, signal 58080/65530 (executing program) 2022/10/01 14:15:26 fetching corpus: 300, signal 63422/72102 (executing program) 2022/10/01 14:15:27 fetching corpus: 350, signal 67891/77733 (executing program) 2022/10/01 14:15:27 fetching corpus: 400, signal 69784/80953 (executing program) 2022/10/01 14:15:27 fetching corpus: 450, signal 74652/86860 (executing program) 2022/10/01 14:15:27 fetching corpus: 500, signal 79767/92908 (executing program) 2022/10/01 14:15:27 fetching corpus: 550, signal 83383/97528 (executing program) 2022/10/01 14:15:27 fetching corpus: 600, signal 86071/101235 (executing program) 2022/10/01 14:15:27 fetching corpus: 650, signal 88118/104325 (executing program) 2022/10/01 14:15:27 fetching corpus: 700, signal 90562/107767 (executing program) 2022/10/01 14:15:27 fetching corpus: 750, signal 93602/111654 (executing program) 2022/10/01 14:15:28 fetching corpus: 800, signal 95368/114381 (executing program) 2022/10/01 14:15:28 fetching corpus: 850, signal 97725/117595 (executing program) 2022/10/01 14:15:28 fetching corpus: 900, signal 99779/120490 (executing program) 2022/10/01 14:15:28 fetching corpus: 950, signal 102255/123719 (executing program) 2022/10/01 14:15:28 fetching corpus: 1000, signal 104213/126465 (executing program) 2022/10/01 14:15:28 fetching corpus: 1050, signal 105683/128847 (executing program) 2022/10/01 14:15:28 fetching corpus: 1100, signal 107948/131775 (executing program) 2022/10/01 14:15:28 fetching corpus: 1150, signal 109627/134151 (executing program) 2022/10/01 14:15:28 fetching corpus: 1200, signal 110952/136274 (executing program) 2022/10/01 14:15:29 fetching corpus: 1250, signal 112441/138468 (executing program) 2022/10/01 14:15:29 fetching corpus: 1300, signal 115326/141775 (executing program) 2022/10/01 14:15:29 fetching corpus: 1350, signal 118168/144944 (executing program) 2022/10/01 14:15:29 fetching corpus: 1400, signal 121257/148243 (executing program) 2022/10/01 14:15:29 fetching corpus: 1450, signal 123990/151252 (executing program) 2022/10/01 14:15:29 fetching corpus: 1500, signal 124787/152791 (executing program) 2022/10/01 14:15:29 fetching corpus: 1550, signal 125843/154493 (executing program) 2022/10/01 14:15:29 fetching corpus: 1600, signal 127011/156258 (executing program) 2022/10/01 14:15:29 fetching corpus: 1650, signal 128598/158325 (executing program) 2022/10/01 14:15:30 fetching corpus: 1700, signal 130959/160872 (executing program) 2022/10/01 14:15:30 fetching corpus: 1750, signal 131786/162320 (executing program) 2022/10/01 14:15:30 fetching corpus: 1800, signal 132926/163952 (executing program) 2022/10/01 14:15:30 fetching corpus: 1850, signal 134713/166058 (executing program) 2022/10/01 14:15:30 fetching corpus: 1900, signal 135583/167496 (executing program) 2022/10/01 14:15:30 fetching corpus: 1950, signal 136392/168860 (executing program) 2022/10/01 14:15:30 fetching corpus: 2000, signal 137379/170384 (executing program) 2022/10/01 14:15:30 fetching corpus: 2050, signal 139345/172488 (executing program) 2022/10/01 14:15:30 fetching corpus: 2100, signal 140774/174187 (executing program) 2022/10/01 14:15:31 fetching corpus: 2150, signal 142504/176092 (executing program) 2022/10/01 14:15:31 fetching corpus: 2200, signal 144627/178209 (executing program) 2022/10/01 14:15:31 fetching corpus: 2250, signal 145772/179675 (executing program) 2022/10/01 14:15:31 fetching corpus: 2300, signal 146704/181039 (executing program) 2022/10/01 14:15:31 fetching corpus: 2350, signal 147306/182177 (executing program) 2022/10/01 14:15:31 fetching corpus: 2400, signal 148157/183378 (executing program) 2022/10/01 14:15:31 fetching corpus: 2450, signal 149319/184790 (executing program) 2022/10/01 14:15:31 fetching corpus: 2500, signal 150460/186125 (executing program) 2022/10/01 14:15:31 fetching corpus: 2550, signal 153263/188453 (executing program) 2022/10/01 14:15:31 fetching corpus: 2600, signal 154473/189807 (executing program) 2022/10/01 14:15:32 fetching corpus: 2650, signal 155304/190964 (executing program) 2022/10/01 14:15:32 fetching corpus: 2700, signal 156675/192383 (executing program) 2022/10/01 14:15:32 fetching corpus: 2750, signal 157450/193515 (executing program) 2022/10/01 14:15:32 fetching corpus: 2800, signal 158470/194719 (executing program) 2022/10/01 14:15:32 fetching corpus: 2850, signal 158936/195607 (executing program) 2022/10/01 14:15:32 fetching corpus: 2900, signal 159604/196607 (executing program) 2022/10/01 14:15:32 fetching corpus: 2950, signal 160524/197793 (executing program) 2022/10/01 14:15:32 fetching corpus: 3000, signal 161324/198850 (executing program) 2022/10/01 14:15:32 fetching corpus: 3050, signal 162259/200000 (executing program) 2022/10/01 14:15:33 fetching corpus: 3100, signal 163030/201009 (executing program) 2022/10/01 14:15:33 fetching corpus: 3150, signal 163983/202051 (executing program) 2022/10/01 14:15:33 fetching corpus: 3200, signal 164864/203056 (executing program) 2022/10/01 14:15:33 fetching corpus: 3250, signal 165839/204046 (executing program) 2022/10/01 14:15:33 fetching corpus: 3300, signal 167104/205208 (executing program) 2022/10/01 14:15:33 fetching corpus: 3350, signal 167845/206103 (executing program) 2022/10/01 14:15:33 fetching corpus: 3400, signal 169100/207213 (executing program) 2022/10/01 14:15:33 fetching corpus: 3450, signal 170197/208181 (executing program) 2022/10/01 14:15:34 fetching corpus: 3500, signal 170943/209023 (executing program) 2022/10/01 14:15:34 fetching corpus: 3550, signal 172115/209998 (executing program) 2022/10/01 14:15:34 fetching corpus: 3600, signal 173048/210843 (executing program) 2022/10/01 14:15:34 fetching corpus: 3650, signal 174286/211840 (executing program) 2022/10/01 14:15:34 fetching corpus: 3700, signal 175468/212796 (executing program) 2022/10/01 14:15:34 fetching corpus: 3750, signal 176126/213559 (executing program) 2022/10/01 14:15:34 fetching corpus: 3800, signal 176971/214308 (executing program) 2022/10/01 14:15:34 fetching corpus: 3850, signal 177782/215071 (executing program) 2022/10/01 14:15:35 fetching corpus: 3900, signal 179108/215987 (executing program) 2022/10/01 14:15:35 fetching corpus: 3950, signal 179899/216693 (executing program) 2022/10/01 14:15:35 fetching corpus: 4000, signal 180984/217499 (executing program) 2022/10/01 14:15:35 fetching corpus: 4050, signal 181690/218158 (executing program) 2022/10/01 14:15:35 fetching corpus: 4100, signal 182644/218973 (executing program) 2022/10/01 14:15:35 fetching corpus: 4150, signal 183500/219642 (executing program) 2022/10/01 14:15:35 fetching corpus: 4200, signal 184262/220319 (executing program) 2022/10/01 14:15:35 fetching corpus: 4250, signal 185309/221042 (executing program) 2022/10/01 14:15:36 fetching corpus: 4300, signal 186032/221680 (executing program) 2022/10/01 14:15:36 fetching corpus: 4350, signal 186564/222239 (executing program) 2022/10/01 14:15:36 fetching corpus: 4400, signal 187488/222847 (executing program) 2022/10/01 14:15:36 fetching corpus: 4450, signal 188095/223388 (executing program) 2022/10/01 14:15:36 fetching corpus: 4500, signal 188742/223972 (executing program) 2022/10/01 14:15:36 fetching corpus: 4550, signal 189296/224476 (executing program) 2022/10/01 14:15:36 fetching corpus: 4600, signal 190033/225005 (executing program) 2022/10/01 14:15:36 fetching corpus: 4650, signal 190844/225538 (executing program) 2022/10/01 14:15:36 fetching corpus: 4700, signal 191382/226023 (executing program) 2022/10/01 14:15:37 fetching corpus: 4750, signal 192435/226602 (executing program) 2022/10/01 14:15:37 fetching corpus: 4800, signal 193854/227189 (executing program) 2022/10/01 14:15:37 fetching corpus: 4850, signal 194225/227608 (executing program) 2022/10/01 14:15:37 fetching corpus: 4871, signal 194680/228014 (executing program) 2022/10/01 14:15:37 fetching corpus: 4871, signal 194680/228363 (executing program) 2022/10/01 14:15:37 fetching corpus: 4871, signal 194680/228696 (executing program) 2022/10/01 14:15:37 fetching corpus: 4871, signal 194680/229067 (executing program) 2022/10/01 14:15:37 fetching corpus: 4871, signal 194680/229384 (executing program) 2022/10/01 14:15:37 fetching corpus: 4871, signal 194680/229734 (executing program) 2022/10/01 14:15:37 fetching corpus: 4871, signal 194680/230079 (executing program) 2022/10/01 14:15:37 fetching corpus: 4871, signal 194680/230425 (executing program) 2022/10/01 14:15:37 fetching corpus: 4871, signal 194680/230782 (executing program) 2022/10/01 14:15:37 fetching corpus: 4871, signal 194680/231141 (executing program) 2022/10/01 14:15:37 fetching corpus: 4871, signal 194680/231484 (executing program) 2022/10/01 14:15:37 fetching corpus: 4871, signal 194680/231845 (executing program) 2022/10/01 14:15:37 fetching corpus: 4871, signal 194680/232228 (executing program) 2022/10/01 14:15:37 fetching corpus: 4871, signal 194680/232573 (executing program) 2022/10/01 14:15:37 fetching corpus: 4871, signal 194680/232904 (executing program) 2022/10/01 14:15:37 fetching corpus: 4871, signal 194680/233240 (executing program) 2022/10/01 14:15:37 fetching corpus: 4871, signal 194680/233597 (executing program) 2022/10/01 14:15:37 fetching corpus: 4871, signal 194680/233927 (executing program) 2022/10/01 14:15:37 fetching corpus: 4871, signal 194680/233966 (executing program) 2022/10/01 14:15:37 fetching corpus: 4871, signal 194680/233966 (executing program) 2022/10/01 14:15:39 starting 8 fuzzer processes 14:15:39 executing program 0: sendmsg$IEEE802154_LLSEC_ADD_KEY(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x3c, 0x0, 0x800, 0x70bd2a, 0x25dfdbfe, {}, [@IEEE802154_ATTR_HW_ADDR={0xc, 0x5, {0xaaaaaaaaaaaa0002}}, @IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan3\x00'}, @IEEE802154_ATTR_PAN_ID={0x6}, @IEEE802154_ATTR_SHORT_ADDR={0x6}]}, 0x3c}, 0x1, 0x0, 0x0, 0x20004005}, 0x200048c4) r0 = openat$vcsu(0xffffffffffffff9c, &(0x7f00000001c0), 0x84000, 0x0) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f0000000440)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000400)={&(0x7f0000000280)={0x15c, r1, 0x4, 0x70bd2b, 0x25dfdbfd, {{}, {@val={0x8}, @void}}, [@fils_params=[@NL80211_ATTR_FILS_ERP_REALM={0x92, 0xfa, "d1834e892305fe90c76732c4b71feca31e35c237a343d113edc70a934ab491afe97f11aad445a269c976c443ba7bee2f9ff9035c1d6015ad24ace087a468003527323d2f6406ba3453ddd3855568a123f4782363ed499eaaa1ab80b732ea79387be442bebaf50d2db7e8bc0cf6d860009e99680dcfa8e7040cc5d97df8af7c0be08f81d95fe15f1406bd2177dfa8"}, @NL80211_ATTR_FILS_ERP_NEXT_SEQ_NUM={0x6, 0xfb, 0xfc01}, @NL80211_ATTR_FILS_ERP_REALM={0xa3, 0xfa, "74b8472b514d01a5c9705bc494ca9dc125cbe664b82b6ae4342f12b4f41c1a1fc33ff27e771a81c569a978cdae11f1bb57c37a4ba7f16988679124ed5921bf6eddfdbcbb7525e63c77c2fb30810a4a97b7dec7a37bbfe527097d38a52d8d77f6e4bce92c4eb84d32912891cb3d9fd750b7954b1d632c99ccbfe073f00fdea280f0eeb68ef808ca2c59fb54ee43a4e65f84b8d3e86fd48ef25fb2adfcd88d1e"}]]}, 0x15c}, 0x1, 0x0, 0x0, 0x1}, 0x4000014) sendmsg$TIPC_CMD_ENABLE_BEARER(r0, &(0x7f0000000540)={&(0x7f0000000480)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000500)={&(0x7f00000004c0)={0x34, 0x0, 0x100, 0x70bd25, 0x25dfdbfd, {{}, {}, {0x18, 0x17, {0x15, 0x10001, @l2={'eth', 0x3a, 'caif0\x00'}}}}, ["", "", ""]}, 0x34}, 0x1, 0x0, 0x0, 0x50}, 0x40) sendmsg$NFT_MSG_GETFLOWTABLE(r0, &(0x7f0000000680)={&(0x7f0000000580)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000640)={&(0x7f00000005c0)={0x54, 0x17, 0xa, 0x5, 0x0, 0x0, {0x2, 0x0, 0x1}, [@NFTA_FLOWTABLE_HOOK={0x1c, 0x3, 0x0, 0x1, [@NFTA_FLOWTABLE_HOOK_PRIORITY={0x8, 0x2, 0x1, 0x0, 0x7}, @NFTA_FLOWTABLE_HOOK_NUM={0x8}, @NFTA_FLOWTABLE_HOOK_NUM={0x8}]}, @NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_FLOWTABLE_NAME={0x9, 0x2, 'syz0\x00'}, @NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz0\x00'}]}, 0x54}, 0x1, 0x0, 0x0, 0x1}, 0x28040011) r2 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000700), r0) sendmsg$ETHTOOL_MSG_LINKMODES_SET(r0, &(0x7f00000007c0)={&(0x7f00000006c0)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000780)={&(0x7f0000000740)={0x24, r2, 0x100, 0x70bd2c, 0x25dfdbfb, {}, [@ETHTOOL_A_LINKMODES_DUPLEX={0x5, 0x6, 0xf7}, @ETHTOOL_A_LINKMODES_AUTONEG={0x5, 0x2, 0xff}]}, 0x24}, 0x1, 0x0, 0x0, 0x4004050}, 0x8000800) ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(r0, 0xc018937e, &(0x7f0000000800)={{0x1, 0x1, 0x18, r0, @out_args}, './file0\x00'}) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000880)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_VENDOR(r3, &(0x7f0000000940)={&(0x7f0000000840)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000900)={&(0x7f00000008c0)={0x40, r1, 0x8, 0x70bd26, 0x25dfdbff, {{}, {@void, @val={0x8, 0x3, r4}, @val={0xc, 0x99, {0x4, 0xa}}}}, [@NL80211_ATTR_VENDOR_ID={0x8, 0xc3, 0x8}, @NL80211_ATTR_VENDOR_ID={0x8}, @NL80211_ATTR_VENDOR_ID={0x8, 0xc3, 0x3}]}, 0x40}, 0x1, 0x0, 0x0, 0x800}, 0x4) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000009c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_VENDOR(r3, &(0x7f0000000a80)={&(0x7f0000000980)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000a40)={&(0x7f0000000a00)={0x30, r1, 0x100, 0x70bd2b, 0x25dfdbff, {{}, {@val={0x8, 0x1, 0x5e}, @val={0x8, 0x3, r5}, @val={0xc, 0x99, {0x9, 0x14}}}}}, 0x30}, 0x1, 0x0, 0x0, 0x8000}, 0x40000004) sendmsg$NL80211_CMD_GET_WOWLAN(r3, &(0x7f0000000b80)={&(0x7f0000000ac0)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000b40)={&(0x7f0000000b00)={0x14, r1, 0x1, 0x70bd2b, 0x25dfdbfd, {{}, {@void, @void, @void}}, ["", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x40}, 0x4008825) r6 = accept(r3, 0x0, &(0x7f0000000bc0)) r7 = syz_genetlink_get_family_id$devlink(&(0x7f0000000c40), r3) sendmsg$DEVLINK_CMD_PORT_GET(r6, &(0x7f0000000d00)={&(0x7f0000000c00)={0x10, 0x0, 0x0, 0x84024220}, 0xc, &(0x7f0000000cc0)={&(0x7f0000000c80)={0x3c, r7, 0x200, 0x70bd2a, 0x25dfdbfd, {}, [{{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x3, 0x1}}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x20000000}, 0x4040) r8 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000d80), r3) sendmsg$NL80211_CMD_UPDATE_FT_IES(r0, &(0x7f0000000e40)={&(0x7f0000000d40)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000e00)={&(0x7f0000000dc0)={0x38, r8, 0x300, 0x70bd27, 0x25dfdbfd, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_MDID={0x6, 0xb1, 0x8}, @NL80211_ATTR_IE={0x14, 0x2a, [@cf={0x4, 0x6, {0x7, 0x3, 0x401, 0x3f}}, @mesh_id={0x72, 0x6}]}]}, 0x38}}, 0x20000000) sendmsg$NLBL_UNLABEL_C_STATICLIST(0xffffffffffffffff, &(0x7f0000001040)={&(0x7f0000000e80)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000001000)={&(0x7f0000000f00)={0xc8, 0x0, 0x100, 0x70bd26, 0x25dfdbfd, {}, [@NLBL_UNLABEL_A_IPV4MASK={0x8, 0x5, @empty}, @NLBL_UNLABEL_A_SECCTX={0x26, 0x7, 'system_u:object_r:cpu_online_t:s0\x00'}, @NLBL_UNLABEL_A_SECCTX={0x26, 0x7, 'system_u:object_r:lost_found_t:s0\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x8, 0x5, @initdev={0xac, 0x1e, 0x0, 0x0}}, @NLBL_UNLABEL_A_IPV6ADDR={0x14, 0x2, @loopback}, @NLBL_UNLABEL_A_IPV6MASK={0x14, 0x3, @private2={0xfc, 0x2, '\x00', 0x1}}, @NLBL_UNLABEL_A_IPV6ADDR={0x14, 0x2, @dev={0xfe, 0x80, '\x00', 0x31}}, @NLBL_UNLABEL_A_ACPTFLG={0x5}, @NLBL_UNLABEL_A_IPV4MASK={0x8, 0x5, @initdev={0xac, 0x1e, 0x1, 0x0}}, @NLBL_UNLABEL_A_IPV4ADDR={0x8, 0x4, @local}]}, 0xc8}, 0x1, 0x0, 0x0, 0x8000}, 0x85) 14:15:39 executing program 4: ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(0xffffffffffffffff, 0xc0189378, &(0x7f0000000000)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0xffffffffffffffff}}, './file0\x00'}) write$binfmt_elf32(r1, &(0x7f0000000040)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x65, 0x1, 0xaf, 0x4, 0x2, 0x6, 0xffffffff, 0x224, 0x38, 0x32b, 0x7, 0x8000, 0x20, 0x2, 0x9, 0x3f, 0x7}, [{0x70000000, 0x900000, 0x200, 0x1, 0x4, 0x2, 0x3, 0x1659}], "8ceded43ee3c29f14e85ab9ac872750d30a19fc98613129034e040319fb8df7067f069bc19591c2501f3d2a0b491a36fa7027b792c99c29d1981f16d68f69f0532eaacf27a51e0ed9d554557ecca230a162dde17af251f8a53f7060d735c42509fa6dbbb87fd30f6517967a2890d9ea480f28937e31d8d882948a3a483eda1ffb89048d531b496fd3bfd70af8b01bf6833a468f004", ['\x00', '\x00']}, 0x2ed) r2 = signalfd4(r0, &(0x7f0000000340)={[0x2]}, 0x8, 0x80000) getsockopt$inet6_tcp_TCP_REPAIR_WINDOW(r2, 0x6, 0x1d, &(0x7f0000000380), &(0x7f00000003c0)=0x14) ioctl$BTRFS_IOC_BALANCE_V2(r1, 0xc4009420, &(0x7f0000000400)={0x6, 0x4, {0x5, @struct={0x7ff, 0x9}, 0x0, 0x5, 0x3, 0x6, 0x8, 0x8, 0x20, @struct={0x134, 0xe0ff}, 0x6, 0x7, [0x9e6, 0x10001, 0x7, 0x9, 0xaa]}, {0xffffffffffffffc0, @usage=0x179, 0x0, 0xfffffffffffffffd, 0xb1, 0x0, 0x5, 0x6, 0x2, @struct={0x81, 0x9}, 0xfbb, 0x3ff, [0x29, 0x6, 0x5, 0x9, 0x0, 0x800]}, {0x3, @usage=0x7, 0x0, 0x7e41, 0x3, 0x6b, 0x1, 0x9, 0x426, @struct={0x7, 0x10001}, 0x4, 0x81, [0x7, 0x81, 0x2, 0x7e, 0x2]}, {0x4, 0x100, 0x2}}) setsockopt$inet6_tcp_TCP_CONGESTION(r1, 0x6, 0xd, &(0x7f0000000800)='cubic\x00', 0x6) ioctl$AUTOFS_DEV_IOCTL_READY(0xffffffffffffffff, 0xc0189376, &(0x7f0000000840)={{0x1, 0x1, 0x18, r2, {0x7}}, './file1\x00'}) ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f0000000ac0)={0x9c, 0x0, &(0x7f0000000940)=[@transaction_sg={0x40486311, {0x0, 0x0, 0x0, 0x0, 0x21, 0x0, 0x0, 0x58, 0x18, &(0x7f0000000880)={@fda={0x66646185, 0x5, 0x1, 0x4}, @flat=@weak_binder={0x77622a85, 0x10a, 0x3}, @fda={0x66646185, 0x7, 0x2, 0x32}}, &(0x7f0000000900)={0x0, 0x20, 0x38}}, 0x40}, @acquire_done={0x40106309, 0x1}, @clear_death={0x400c630f, 0x1}, @acquire_done={0x40106309, 0x1}, @decrefs, @clear_death], 0x9e, 0x0, &(0x7f0000000a00)="e14744eee65bea486c6a53292df7fbf41019faf6627a0760d45416bd18b1549feff7e3c536516158a1232a1a59453df682f1414ddbc9211ff5b3190eb26d0ced40f810ecfe675505246334a7baff6a2d5506ebbf20dfb0eda4785d695c7668bca8d1287a3ec662cde983f75486c408538f9828f99df5f3fbddb51864886a0f013368f0470938e9c513959e8ab8f9cebf0d16cda37c8dd47f5f18b281fea7"}) getsockopt$inet_IP_XFRM_POLICY(r1, 0x0, 0x11, &(0x7f0000000bc0)={{{@in6=@mcast1, @in6=@dev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@mcast1}, 0x0, @in6=@remote}}, &(0x7f0000000cc0)=0xe8) mount$9p_unix(&(0x7f0000000b00)='./file0\x00', &(0x7f0000000b40)='./file1\x00', &(0x7f0000000b80), 0x80000, &(0x7f0000000d00)={'trans=unix,', {[], [{@smackfstransmute={'smackfstransmute', 0x3d, '.)/'}}, {@euid_eq={'euid', 0x3d, r5}}, {@uid_gt={'uid>', 0xee01}}, {@uid_eq}]}}) umount2(&(0x7f0000000d80)='./file0\x00', 0x4) r6 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000e00), r2) getsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x11, &(0x7f0000000e40)={{{@in6=@mcast1, @in=@loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{}, 0x0, @in=@multicast1}}, &(0x7f0000000f40)=0xe8) ioctl$ifreq_SIOCGIFINDEX_vcan(r2, 0x8933, &(0x7f0000000f80)={'vxcan1\x00', 0x0}) sendmsg$ETHTOOL_MSG_FEATURES_GET(r0, &(0x7f0000001140)={&(0x7f0000000dc0)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000001100)={&(0x7f0000000fc0)={0x110, r6, 0x1adca64b0ac994b8, 0x70bd28, 0x25dfdbfc, {}, [@HEADER={0x28, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'sit0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r7}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r4}]}, @HEADER={0x20, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'wlan1\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}, @HEADER={0x38, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r4}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'batadv_slave_0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}]}, @HEADER={0x20, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'macvlan1\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0xb6b04728ed26b4e2}]}, @HEADER={0x34, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_to_batadv\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'hsr0\x00'}]}, @HEADER={0x28, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_to_team\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r4}]}]}, 0x110}, 0x1, 0x0, 0x0, 0x20000080}, 0x40000) read(0xffffffffffffffff, &(0x7f0000001180)=""/35, 0x23) r9 = socket(0xb, 0x3, 0x329) setsockopt$packet_add_memb(r9, 0x107, 0x1, &(0x7f00000011c0)={r8, 0x1, 0x6, @local}, 0x10) mount$9p_unix(&(0x7f0000001200)='./file0\x00', &(0x7f0000001240)='./file1\x00', &(0x7f0000001280), 0x4400, &(0x7f00000012c0)={'trans=unix,', {[{@cache_fscache}, {@cache_loose}], [{@obj_type={'obj_type', 0x3d, '+/{.'}}, {@euid_gt={'euid>', r5}}]}}) perf_event_open(&(0x7f0000001340)={0x4, 0x80, 0x80, 0xf8, 0x0, 0x52, 0x0, 0x1, 0x1040, 0x8, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x3, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x10001, 0x1, @perf_config_ext={0x3, 0x7}, 0x4, 0x6, 0x20000000, 0x8, 0x0, 0x80000000, 0x1f, 0x0, 0x1, 0x0, 0x9}, 0x0, 0xe, r2, 0x9) 14:15:39 executing program 7: r0 = syz_open_dev$vcsa(&(0x7f0000000000), 0x401, 0x40) r1 = syz_genetlink_get_family_id$batadv(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$BATADV_CMD_GET_BLA_BACKBONE(r0, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x3c, r1, 0x200, 0x70bd25, 0x25dfdbfb, {}, [@BATADV_ATTR_DISTRIBUTED_ARP_TABLE_ENABLED={0x5}, @BATADV_ATTR_HOP_PENALTY={0x5, 0x35, 0x45}, @BATADV_ATTR_GW_BANDWIDTH_DOWN={0x8, 0x31, 0xf6c4}, @BATADV_ATTR_VLANID={0x6}, @BATADV_ATTR_ISOLATION_MASK={0x8, 0x2c, 0x3}]}, 0x3c}, 0x1, 0x0, 0x0, 0x40}, 0x24000001) r2 = accept4$unix(r0, 0x0, &(0x7f0000000200), 0x0) clock_gettime(0x0, &(0x7f0000004940)={0x0, 0x0}) recvmmsg$unix(r0, &(0x7f0000004800)=[{{&(0x7f0000000240), 0x6e, &(0x7f0000001480)=[{&(0x7f00000002c0)=""/184, 0xb8}, {&(0x7f0000000380)=""/114, 0x72}, {&(0x7f0000000400)=""/91, 0x5b}, {&(0x7f0000000480)=""/4096, 0x1000}], 0x4, &(0x7f00000014c0)=[@cred={{0x1c}}, @rights={{0x34, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x20, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}], 0xd8}}, {{&(0x7f00000015c0), 0x6e, &(0x7f0000001940)=[{&(0x7f0000001640)=""/250, 0xfa}, {&(0x7f0000001740)=""/77, 0x4d}, {&(0x7f00000017c0)=""/79, 0x4f}, {&(0x7f0000001840)=""/230, 0xe6}], 0x4, &(0x7f0000001980)=[@rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x20, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0x0}}}, @rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x34, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0x150}}, {{&(0x7f0000001b00)=@abs, 0x6e, &(0x7f0000001d00)=[{&(0x7f0000001b80)=""/65, 0x41}, {&(0x7f0000001c00)=""/9, 0x9}, {&(0x7f0000001c40)=""/137, 0x89}], 0x3, &(0x7f0000001d40)=[@rights={{0x38, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @cred={{0x1c}}], 0xa0}}, {{&(0x7f0000001e00)=@abs, 0x6e, &(0x7f0000003340)=[{&(0x7f0000001e80)}, {&(0x7f0000001ec0)=""/231, 0xe7}, {&(0x7f0000001fc0)=""/117, 0x75}, {&(0x7f0000002040)=""/230, 0xe6}, {&(0x7f0000002140)=""/221, 0xdd}, {&(0x7f0000002240)=""/4096, 0x1000}, {&(0x7f0000003240)=""/46, 0x2e}, {&(0x7f0000003280)=""/179, 0xb3}], 0x8, &(0x7f00000033c0)=[@rights={{0x38, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x2c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0x0, 0x0}}}, @cred={{0x1c}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0x0, 0x0}}}, @cred={{0x1c}}], 0x150}}, {{&(0x7f0000003540), 0x6e, &(0x7f0000004700)=[{&(0x7f00000035c0)=""/112, 0x70}, {&(0x7f0000003640)=""/142, 0x8e}, {&(0x7f0000003700)=""/4096, 0x1000}], 0x3, &(0x7f0000004740)=[@cred={{0x1c}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0x0}}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x2c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0x88}}], 0x5, 0x42, &(0x7f0000004980)={r3, r4+60000000}) mount$9p_fd(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f00000001c0), 0x1000002, &(0x7f00000049c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@msize={'msize', 0x3d, 0x3}}, {@access_client}, {@loose}, {@dfltgid={'dfltgid', 0x3d, r13}}, {@version_u}], [{@obj_role={'obj_role', 0x3d, 'batadv\x00'}}, {@measure}]}}) lsetxattr$trusted_overlay_origin(&(0x7f0000004a80)='./file0\x00', &(0x7f0000004ac0), &(0x7f0000004b00), 0x2, 0x0) mount$9p_xen(&(0x7f0000004b40), &(0x7f0000004b80)='./file0\x00', &(0x7f0000004bc0), 0x10000, &(0x7f0000004c00)={'trans=xen,', {[{@dfltgid={'dfltgid', 0x3d, r12}}], [{@euid_lt={'euid<', r15}}, {@seclabel}, {@subj_user={'subj_user', 0x3d, 'version=9p2000.u'}}, {@fowner_lt={'fowner<', r6}}]}}) ioctl$ifreq_SIOCGIFINDEX_wireguard(r9, 0x8933, &(0x7f0000004c80)={'wg2\x00', 0x0}) fsetxattr$security_selinux(r2, &(0x7f0000004cc0), &(0x7f0000004d00)='system_u:object_r:qemu_device_t:s0\x00', 0x23, 0x1) ioctl$VFAT_IOCTL_READDIR_BOTH(r8, 0x82307201, &(0x7f0000004d40)=[{0x0, 0x0, 0x100}, {0x0, 0x0, 0x100}]) r19 = pidfd_getfd(r8, r10, 0x0) syz_genetlink_get_family_id$SEG6(&(0x7f0000004f80), r19) sendmsg$SEG6_CMD_SETHMAC(r16, &(0x7f00000051c0)={&(0x7f0000005080)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000005180)={&(0x7f00000050c0)={0xa4, 0x0, 0x400, 0xffff, 0x25dfdbfb, {}, [@SEG6_ATTR_HMACKEYID={0x8, 0x3, 0x3db}, @SEG6_ATTR_SECRETLEN={0x5, 0x5, 0x3}, @SEG6_ATTR_DST={0x14, 0x1, @mcast1}, @SEG6_ATTR_SECRETLEN={0x5, 0x5, 0x5}, @SEG6_ATTR_SECRETLEN={0x5, 0x5, 0x4}, @SEG6_ATTR_SECRET={0x18, 0x4, [0x1, 0x68f, 0x6, 0x6, 0xfffff629]}, @SEG6_ATTR_DST={0x14, 0x1, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}, @SEG6_ATTR_HMACKEYID={0x8, 0x3, 0x101}, @SEG6_ATTR_DST={0x14, 0x1, @loopback}, @SEG6_ATTR_DST={0x14, 0x1, @private2}]}, 0xa4}, 0x1, 0x0, 0x0, 0x48000}, 0x40000) vmsplice(r5, &(0x7f00000052c0)=[{&(0x7f0000005200)="2302e0d8f04d1224b863e562ee45a566f182ab7d3cb7e165f8fe0a7a9476358c073ed544f6dd654e697fb36a609c35873565cea5ac7f9f9e2ebc6a043504177e37b31e2ffdeb68dc22d8136633f296edbbad51de5ded8f48d317a4ef40f4a490a52864c6d852e5b2858993cbcf9922f8f77c04a92a9fe34b7da1471e4809e347044411f958b94cfca411df9ce0258c5cd7d0f06deb4894cb2c3acc2233bbaf4f584af8c277f7568d5d37ca75ee6f4e7dde7eab6ea4e6d0b32ba8105f", 0xbc}], 0x1, 0xe) openat(r11, &(0x7f0000005300)='./file0\x00', 0x0, 0x1c6) clone3(&(0x7f00000055c0)={0x0, &(0x7f0000005400)=0xffffffffffffffff, &(0x7f0000005440), &(0x7f0000005480), {0x22}, &(0x7f00000054c0)=""/32, 0x20, &(0x7f0000005500)=""/80, &(0x7f0000005580)=[r14, 0xffffffffffffffff, 0xffffffffffffffff], 0x3, {r7}}, 0x58) ioctl$EXT4_IOC_CHECKPOINT(r20, 0x4004662b, &(0x7f0000005640)=0x4) sendmsg$ETHTOOL_MSG_LINKINFO_GET(r17, &(0x7f0000005b80)={&(0x7f0000005680)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000005b40)={&(0x7f0000005a00)={0x128, 0x0, 0x2, 0x70bd26, 0x25dfdbfc, {}, [@HEADER={0x64, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_to_batadv\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_vlan\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r18}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8}]}, @HEADER={0x24, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r18}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r18}]}, @HEADER={0x30, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r18}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'batadv0\x00'}]}, @HEADER={0x48, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'vcan0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'vlan1\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'tunl0\x00'}]}, @HEADER={0x14, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8}]}]}, 0x128}, 0x1, 0x0, 0x0, 0x80}, 0x20010004) 14:15:39 executing program 1: r0 = openat$vcsu(0xffffffffffffff9c, &(0x7f0000000000), 0x30202, 0x0) sendmsg$NFT_MSG_GETCHAIN(r0, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x24, 0x4, 0xa, 0x301, 0x0, 0x0, {0x7, 0x0, 0x8}, [@NFTA_CHAIN_FLAGS={0x8, 0xa, 0x1, 0x0, 0x1}, @NFTA_CHAIN_FLAGS={0x8}]}, 0x24}, 0x1, 0x0, 0x0, 0x20004005}, 0x4040000) r1 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000180), 0xffffffffffffffff) sendmsg$IEEE802154_START_REQ(0xffffffffffffffff, &(0x7f0000000240)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000200)={&(0x7f00000001c0)={0x34, r1, 0x20, 0x70bd2d, 0x25dfdbfe, {}, [@IEEE802154_ATTR_PAN_COORD={0x5}, @IEEE802154_ATTR_COORD_REALIGN={0x5, 0x1b, 0x8}, @IEEE802154_ATTR_BAT_EXT={0x5, 0x1a, 0x81}, @IEEE802154_ATTR_CHANNEL={0x5, 0x7, 0x12}]}, 0x34}, 0x1, 0x0, 0x0, 0x4000860}, 0x2000c000) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NBD_CMD_RECONFIGURE(r2, &(0x7f0000000340)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000300)={&(0x7f00000002c0)={0x38, 0x0, 0x800, 0x70bd2a, 0x25dfdbfc, {}, [@NBD_ATTR_BLOCK_SIZE_BYTES={0xc, 0x3, 0x3}, @NBD_ATTR_SERVER_FLAGS={0xc, 0x5, 0x28}, @NBD_ATTR_SIZE_BYTES={0xc, 0x2, 0x4000000000000}]}, 0x38}, 0x1, 0x0, 0x0, 0x4000051}, 0x40842) readv(r0, &(0x7f00000003c0)=[{&(0x7f0000000380)=""/48, 0x30}], 0x1) r3 = dup3(r0, r0, 0x0) sendmsg$NFNL_MSG_COMPAT_GET(r3, &(0x7f00000005c0)={&(0x7f00000004c0)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000580)={&(0x7f0000000500)={0x50, 0x0, 0xb, 0x201, 0x0, 0x0, {0x0, 0x0, 0x3}, [@NFTA_COMPAT_REV={0x8, 0x2, 0x1, 0x0, 0x2}, @NFTA_COMPAT_NAME={0x8, 0x1, '^!)\x00'}, @NFTA_COMPAT_REV={0x8, 0x2, 0x1, 0x0, 0x1}, @NFTA_COMPAT_TYPE={0x8, 0x3, 0x1, 0x0, 0x1}, @NFTA_COMPAT_NAME={0xb, 0x1, '(*@\\)[\x00'}, @NFTA_COMPAT_TYPE={0x8, 0x3, 0x1, 0x0, 0x1}, @NFTA_COMPAT_REV={0x8, 0x2, 0x1, 0x0, 0x3}]}, 0x50}, 0x1, 0x0, 0x0, 0x80}, 0x805) r4 = fsmount(r3, 0x0, 0x0) ioctl$BINDER_ENABLE_ONEWAY_SPAM_DETECTION(r4, 0x40046210, &(0x7f0000000600)=0x1) sendmsg$BATADV_CMD_GET_MCAST_FLAGS(r3, &(0x7f0000000700)={&(0x7f0000000640)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f00000006c0)={&(0x7f0000000680)={0x40, 0x0, 0x4, 0x70bd25, 0x25dfdbff, {}, [@BATADV_ATTR_ORIG_ADDRESS={0xa, 0x9, @link_local}, @BATADV_ATTR_GW_MODE={0x5}, @BATADV_ATTR_ISOLATION_MASK={0x8, 0x2c, 0x1}, @BATADV_ATTR_MULTICAST_FORCEFLOOD_ENABLED={0x5}, @BATADV_ATTR_AGGREGATED_OGMS_ENABLED={0x5, 0x29, 0x1}]}, 0x40}, 0x1, 0x0, 0x0, 0x40000}, 0x40800) fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0) r5 = syz_genetlink_get_family_id$devlink(&(0x7f0000000780), r3) sendmsg$DEVLINK_CMD_PORT_SET(r0, &(0x7f0000000940)={&(0x7f0000000740)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000900)={&(0x7f00000007c0)={0x124, r5, 0x20, 0x70bd2a, 0x25dfdbfe, {}, [{{@pci={{0x8}, {0x11}}, {0x8, 0x3, 0x3}}, {0x6}}, {{@pci={{0x8}, {0x11}}, {0x8, 0x3, 0x2}}, {0x6, 0x4, 0x1}}, {{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x3, 0x1}}, {0x6}}, {{@pci={{0x8}, {0x11}}, {0x8}}, {0x6, 0x4, 0x1}}, {{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x3, 0x3}}, {0x6, 0x4, 0x3}}, {{@pci={{0x8}, {0x11}}, {0x8, 0x3, 0x1}}, {0x6, 0x4, 0x3}}]}, 0x124}, 0x1, 0x0, 0x0, 0x4000}, 0x4000000) sendmsg$NL80211_CMD_GET_SURVEY(r3, &(0x7f0000000a40)={&(0x7f0000000980)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000a00)={&(0x7f00000009c0)={0x14, 0x0, 0x100, 0x70bd27, 0x25dfdbfb, {{}, {@void, @void}}, ["", "", "", "", "", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x5}, 0x4000) r6 = fsmount(r3, 0x1, 0x6) ioctl$BTRFS_IOC_SUBVOL_GETFLAGS(r6, 0x80089419, &(0x7f0000000a80)) r7 = syz_open_dev$vcsn(&(0x7f0000000ac0), 0x0, 0x8080) sendmsg$ETHTOOL_MSG_STRSET_GET(r7, &(0x7f0000000dc0)={&(0x7f0000000b00)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000d80)={&(0x7f0000000b40)={0x220, 0x0, 0x400, 0x70bd27, 0x25dfdbff, {}, [@ETHTOOL_A_STRSET_HEADER={0x3c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_macvtap\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8}]}, @ETHTOOL_A_STRSET_COUNTS_ONLY={0x4}, @ETHTOOL_A_STRSET_HEADER={0x4}, @ETHTOOL_A_STRSET_HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}]}, @ETHTOOL_A_STRSET_STRINGSETS={0x16c, 0x2, 0x0, 0x1, [{0x44, 0x1, 0x0, 0x1, [@ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x4}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x1}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x7}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0xb}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x2}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0xff46c50e52051db3}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x8}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x2}]}, {0x34, 0x1, 0x0, 0x1, [@ETHTOOL_A_STRINGSET_ID={0x8}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x3}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x1}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x3}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x6}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x6}]}, {0x4c, 0x1, 0x0, 0x1, [@ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x6}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x3}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x4}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x2}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x5}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x2}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x7}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x3}, @ETHTOOL_A_STRINGSET_ID={0x8}]}, {0x34, 0x1, 0x0, 0x1, [@ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x6}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x2}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x4}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x4}, @ETHTOOL_A_STRINGSET_ID={0x8}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x2}]}, {0x2c, 0x1, 0x0, 0x1, [@ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x1}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x2}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x6}, @ETHTOOL_A_STRINGSET_ID={0x8}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x1}]}, {0x14, 0x1, 0x0, 0x1, [@ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x5}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x1}]}, {0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_STRINGSET_ID={0x8}]}, {0x24, 0x1, 0x0, 0x1, [@ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x8}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x4}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x1}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x4}]}]}, @ETHTOOL_A_STRSET_HEADER={0x50, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'gretap0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_to_hsr\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'ipvlan1\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}]}, 0x220}, 0x1, 0x0, 0x0, 0x24000804}, 0x404c894) 14:15:39 executing program 3: r0 = socket(0x18, 0x5, 0x3) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r0) sendmsg$NL80211_CMD_UPDATE_OWE_INFO(r0, &(0x7f00000001c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000180)={&(0x7f0000000080)={0xfc, r1, 0x2, 0x70bd2d, 0x25dfdbfb, {{}, {@void, @void}}, [@NL80211_ATTR_IE={0xba, 0x2a, [@channel_switch={0x25, 0x3, {0x0, 0x1, 0x80}}, @rann={0x7e, 0x15, {{0x1, 0x1b}, 0x6, 0x1, @broadcast, 0x8, 0x7fffffff, 0x6}}, @tim={0x5, 0x92, {0x5, 0xfd, 0x2, "c8b2be6c0161d479c45520a3239d3398687533416fcc044294d605a764c7465d4898d1b8a7ca7c695151d2ca7c5446ae82b766a3aead36840212addb6f036f97f5b5f8e58817dd879dd12ed12a61101f156277d69a9b733429e460abebc1eff47fb4168106c33e87ad1e68e6e26dd6ad4bbd31b4e0db4034e2bd4c7ebdd72c57167c7790779ac57d733f8c8af74ffc"}}, @ext_channel_switch={0x3c, 0x4, {0x0, 0x5, 0x736c18a804649af, 0xc9}}]}, @NL80211_ATTR_IE={0x2a, 0x2a, [@sec_chan_ofs={0x3e, 0x1}, @ssid={0x0, 0x6, @default_ibss_ssid}, @erp={0x2a, 0x1, {0x0, 0x1, 0x1}}, @peer_mgmt={0x75, 0x16, {0x1, 0x9, @void, @val=0x33, @val="68de4fdbaeff09a887ef657f0f9742c0"}}]}]}, 0xfc}, 0x1, 0x0, 0x0, 0x40408e5}, 0x0) r2 = openat$zero(0xffffffffffffff9c, &(0x7f0000000200), 0x60200, 0x0) sendmsg$NL80211_CMD_SET_COALESCE(r2, &(0x7f0000000480)={&(0x7f0000000240), 0xc, &(0x7f0000000440)={&(0x7f0000000280)={0x188, r1, 0x1, 0x80000001, 0x25dfdbfb, {{}, {@void, @void}}, [@NL80211_ATTR_COALESCE_RULE_PKT_PATTERN={0x4}, @NL80211_ATTR_COALESCE_RULE_CONDITION={0x8, 0x2, 0x1}, @NL80211_ATTR_COALESCE_RULE_DELAY={0x8}, @NL80211_ATTR_COALESCE_RULE_DELAY={0x8, 0x1, 0x4}, @NL80211_ATTR_COALESCE_RULE_CONDITION={0x8}, @NL80211_ATTR_COALESCE_RULE_CONDITION={0x8}, @NL80211_ATTR_COALESCE_RULE_PKT_PATTERN={0x138, 0x3, 0x0, 0x1, [{0xcc, 0x0, 0x0, 0x1, @NL80211_PKTPAT_PATTERN={0xc5, 0x2, "1f6e6861be57f05cff6dab94532e2be8a2f4ce5ac86d0f7269722b5077943b629616910aa1d3698b542e1582dd459db8cd6494cdec7310dac0e7e6beb701a0841da5fa4523229b16d0c4f1762e694440303d259860b011a3e6cb0ad9a53f5d69959a367d7ea49a704bb325447ce123af4223a22896d6facac5c0633fd643ecf927c6a2121a23435395dd955bedc9589355b1d5369abf763f9928e6c1ae1af45bfe5013c767edfc0dac8ff41bd5c226352ec28b6deaece3fdbe8b6cfb6d7823972a"}}, {0xc, 0x0, 0x0, 0x1, @NL80211_PKTPAT_OFFSET={0x8, 0x3, 0x8000}}, {0x5c, 0x0, 0x0, 0x1, @NL80211_PKTPAT_MASK={0x55, 0x1, "98462258a8a531b4309f14a951d37dc1530ce68cdb4476c194e89c7e11250fd791ba7927ee73e99e0ab400608c512f484347c2b3ae1f205a50924e4092c2cf7606bf7644452fc76254cc039fb91cb8628f"}}]}, @NL80211_ATTR_COALESCE_RULE_CONDITION={0x8, 0x2, 0x1}, @NL80211_ATTR_COALESCE_RULE_DELAY={0x8, 0x1, 0x6}]}, 0x188}, 0x1, 0x0, 0x0, 0x890}, 0x8044) sendmsg$SMC_PNETID_DEL(r0, &(0x7f0000000580)={&(0x7f00000004c0)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000540)={&(0x7f0000000500)={0x28, 0x0, 0x102, 0x70bd26, 0x25dfdbff, {}, [@SMC_PNETID_ETHNAME={0x14, 0x2, 'veth1_to_hsr\x00'}]}, 0x28}, 0x1, 0x0, 0x0, 0x5000}, 0x48000) pipe2(&(0x7f00000005c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x80000) sendmsg$IPVS_CMD_DEL_SERVICE(r4, &(0x7f00000006c0)={&(0x7f0000000600)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000680)={&(0x7f0000000640)={0x2c, 0x0, 0x100, 0x70bd2d, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0xfff}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x5}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x5}]}, 0x2c}, 0x1, 0x0, 0x0, 0x4084}, 0x4044011) r5 = dup2(r4, r2) sendmsg$BATADV_CMD_GET_NEIGHBORS(r5, &(0x7f00000007c0)={&(0x7f0000000700)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000780)={&(0x7f0000000740)={0x2c, 0x0, 0x10, 0x70bd27, 0x25dfdbfd, {}, [@BATADV_ATTR_DISTRIBUTED_ARP_TABLE_ENABLED={0x5, 0x2f, 0x1}, @BATADV_ATTR_ORIG_INTERVAL={0x8, 0x39, 0x4436}, @BATADV_ATTR_GW_BANDWIDTH_DOWN={0x8, 0x31, 0xd6}]}, 0x2c}, 0x1, 0x0, 0x0, 0x4}, 0x4000) r6 = openat$cgroup_ro(r3, &(0x7f0000000800)='cpuacct.usage_percpu_user\x00', 0x0, 0x0) sendmsg$NL80211_CMD_CONTROL_PORT_FRAME(r6, &(0x7f0000000940)={&(0x7f0000000840)={0x10, 0x0, 0x0, 0x21}, 0xc, &(0x7f0000000900)={&(0x7f0000000880)={0x7c, r1, 0x8, 0x70bd2b, 0x25dfdbfb, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_FRAME={0x14, 0x33, @ctrl_frame=@rts={{}, {0x77}}}, @NL80211_ATTR_CONTROL_PORT_NO_ENCRYPT={0x4}, @NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_FRAME={0x38, 0x33, @mgmt_frame=@deauth={@wo_ht={{0x0, 0x0, 0xc, 0x0, 0x0, 0x0, 0x1}, {0x7}, @broadcast, @device_b, @random="c4eeaab9f506", {0x0, 0x9}}, 0x3b, @val={0x8c, 0x18, {0x2e8, "5b6f3a4e1e79", @long="a8287acc6a9d8ae68876a0f5a46bfa2e"}}}}, @NL80211_ATTR_CONTROL_PORT_NO_ENCRYPT={0x4}]}, 0x7c}, 0x1, 0x0, 0x0, 0x1}, 0x40) sendmsg$NL80211_CMD_ADD_TX_TS(r2, &(0x7f0000000a80)={&(0x7f0000000980)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000a40)={&(0x7f00000009c0)={0x5c, r1, 0x10, 0x70bd29, 0x25dfdbff, {{}, {@void, @val={0xc, 0x99, {0x8001, 0x6e}}}}, [@NL80211_ATTR_TSID={0x5, 0xd2, 0x1}, @NL80211_ATTR_TSID={0x5, 0xd2, 0x8}, @NL80211_ATTR_ADMITTED_TIME={0x6, 0xd4, 0x8}, @NL80211_ATTR_USER_PRIO={0x5, 0xd3, 0x7}, @NL80211_ATTR_ADMITTED_TIME={0x6, 0xd4, 0x8}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_TSID={0x5}]}, 0x5c}, 0x1, 0x0, 0x0, 0x20000080}, 0x0) sendmsg$IEEE802154_LLSEC_DEL_DEVKEY(0xffffffffffffffff, &(0x7f0000000bc0)={&(0x7f0000000ac0)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000b80)={&(0x7f0000000b00)={0x4c, 0x0, 0x10, 0x70bd2d, 0x25dfdbfc, {}, [@IEEE802154_ATTR_SHORT_ADDR={0x6, 0x4, 0xaaa3}, @IEEE802154_ATTR_LLSEC_KEY_SOURCE_EXTENDED={0xc, 0x2d, {0xaaaaaaaaaaaa0302}}, @IEEE802154_ATTR_PAN_ID={0x6, 0x6, 0x2}, @IEEE802154_ATTR_PAN_ID={0x6, 0x6, 0x2}, @IEEE802154_ATTR_LLSEC_KEY_MODE={0x5, 0x2b, 0x1}, @IEEE802154_ATTR_LLSEC_KEY_SOURCE_EXTENDED={0xc}]}, 0x4c}, 0x1, 0x0, 0x0, 0x40d7}, 0xc000) r7 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000000c00), 0x210840, 0x0) ioctl$sock_ipv6_tunnel_SIOCGETPRL(r6, 0x89f4, &(0x7f0000000d00)={'syztnl2\x00', &(0x7f0000000c80)={'syztnl2\x00', 0x0, 0x4, 0xa7, 0xa5, 0x7f5, 0x20, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', @private1, 0x40, 0x7800, 0x400, 0x1}}) sendmsg$FOU_CMD_DEL(r7, &(0x7f0000000dc0)={&(0x7f0000000c40)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000d80)={&(0x7f0000000d40)={0x3c, 0x0, 0x2, 0x70bd28, 0x25dfdbfe, {}, [@FOU_ATTR_PORT={0x6, 0x1, 0x4e21}, @FOU_ATTR_IFINDEX={0x8, 0xb, r8}, @FOU_ATTR_PORT={0x6, 0x1, 0x4e23}, @FOU_ATTR_IFINDEX={0x8}, @FOU_ATTR_PEER_V4={0x8, 0x8, @multicast2}]}, 0x3c}, 0x1, 0x0, 0x0, 0x20000850}, 0x48001) r9 = accept4(r3, &(0x7f0000000e00)=@qipcrtr, &(0x7f0000000e80)=0x80, 0xc0000) r10 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000f00), r4) sendmsg$NL80211_CMD_REQ_SET_REG(r9, &(0x7f0000000fc0)={&(0x7f0000000ec0)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000f80)={&(0x7f0000000f40)={0x1c, r10, 0x200, 0x70bd28, 0x25dfdbfb, {}, [@NL80211_ATTR_DFS_REGION={0x5}]}, 0x1c}, 0x1, 0x0, 0x0, 0xcc481}, 0x5000) 14:15:39 executing program 5: sendmsg$IPSET_CMD_ADD(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x34, 0x9, 0x6, 0x101, 0x0, 0x0, {0xa, 0x0, 0x3}, [@IPSET_ATTR_DATA={0x20, 0x7, 0x0, 0x1, [@IPSET_ATTR_TIMEOUT={0x8, 0x6, 0x1, 0x0, 0x7}, @IPSET_ATTR_CIDR={0x5, 0x3, 0x20}, @IPSET_ATTR_NAMEREF={0x9, 0x13, 'syz0\x00'}]}]}, 0x34}, 0x1, 0x0, 0x0, 0x4}, 0x40) r0 = syz_open_dev$vcsa(&(0x7f0000000100), 0x6, 0x420100) setsockopt$netlink_NETLINK_BROADCAST_ERROR(r0, 0x10e, 0x4, &(0x7f0000000140), 0x4) r1 = openat(r0, &(0x7f0000000180)='./file0\x00', 0x0, 0x40) ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(r0, 0xc018937a, &(0x7f00000001c0)={{0x1, 0x1, 0x18, r1, {0x2a00}}, './file0\x00'}) r3 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x272001, 0x22) getresuid(&(0x7f0000000240), &(0x7f0000000280)=0x0, &(0x7f00000002c0)) stat(&(0x7f0000000300)='./file0/file0\x00', &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r2, 0xc018937b, &(0x7f00000003c0)={{0x1, 0x1, 0x18, r3, {r4, r5}}, './file1\x00'}) r7 = openat$cgroup_pressure(r0, &(0x7f0000000400)='io.pressure\x00', 0x2, 0x0) close_range(r7, r3, 0x2) ioctl$FS_IOC_MEASURE_VERITY(r6, 0xc0046686, &(0x7f0000000440)={0x3, 0x47, "3189aeea937039dcab8b13faa485616812676d0663bcb14bafe8d841d1fb53504bcba2a6dffbd7901affd7161ce1dd1186ca7e1f6e154e1d387b7b9aa023a30a8f299375cb2ba8"}) r8 = syz_open_dev$mouse(&(0x7f00000004c0), 0x67, 0x80000) setsockopt$inet6_udp_encap(r8, 0x11, 0x64, &(0x7f0000000500)=0x1, 0x4) r9 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000580), r2) ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f00000005c0)={'team0\x00', 0x0}) ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(r1, 0x89f0, &(0x7f0000000680)={'ip6_vti0\x00', &(0x7f0000000600)={'ip6gre0\x00', 0x0, 0x29, 0x7, 0x3, 0x80000000, 0x13, @remote, @dev={0xfe, 0x80, '\x00', 0x5}, 0x7800, 0x0, 0x540970b, 0x7fff}}) ioctl$ifreq_SIOCGIFINDEX_wireguard(r3, 0x8933, &(0x7f00000006c0)={'wg2\x00', 0x0}) sendmsg$ETHTOOL_MSG_PAUSE_GET(r6, &(0x7f0000000800)={&(0x7f0000000540)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f00000007c0)={&(0x7f0000000700)={0xc0, r9, 0x1, 0x70bd26, 0x25dfdbfd, {}, [@HEADER={0x30, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'wg1\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}]}, @HEADER={0x7c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r10}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'syzkaller1\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'syz_tun\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r11}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_to_hsr\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r12}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_to_batadv\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}]}]}, 0xc0}, 0x1, 0x0, 0x0, 0x20000000}, 0x40019) ioctl$F2FS_IOC_GARBAGE_COLLECT_RANGE(0xffffffffffffffff, 0x4018f50b, &(0x7f0000000880)={0x0, 0x1, 0x1}) 14:15:39 executing program 2: ioctl$TUNGETVNETHDRSZ(0xffffffffffffffff, 0x800454d7, &(0x7f0000000000)) ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000040)={'veth0_to_bond\x00'}) ioctl$TUNSETTXFILTER(0xffffffffffffffff, 0x400454d1, &(0x7f0000000080)={0x0, 0x9, [@multicast, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x14}, @multicast, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xe}, @empty, @empty, @multicast, @local, @random="cd59d6f010e4"]}) ioctl$FIONCLEX(0xffffffffffffffff, 0x5450) ioctl$BTRFS_IOC_LOGICAL_INO_V2(0xffffffffffffffff, 0xc038943b, &(0x7f0000000100)={0x98, 0x8, '\x00', 0x0, &(0x7f00000000c0)=[0x0]}) ioctl$BTRFS_IOC_GET_DEV_STATS(0xffffffffffffffff, 0xc4089434, &(0x7f0000000140)={0x0, 0x6, 0x1, [0x401, 0x9, 0x7, 0xa0, 0xfffffffffffffffb], [0x110, 0x3, 0x9, 0x100000001, 0x5, 0xe1b, 0x8, 0x2, 0x20, 0x8, 0x0, 0xc00000000000000, 0x1, 0xfffffffffffffffc, 0x7ff, 0x3, 0x4, 0x1f, 0xa04, 0xffff, 0x1, 0x400, 0x1, 0x0, 0xede, 0x6, 0x1f, 0x4, 0x80000001, 0x6, 0xffffffffffff8001, 0x4, 0xff, 0x0, 0x7, 0x7ff, 0x3, 0x3ff, 0x7, 0x1f, 0x9, 0x2, 0x8, 0x10000, 0x8, 0x0, 0x7, 0x8000, 0x2, 0x80000001, 0x3, 0x1, 0x7, 0x2, 0x9, 0x7, 0x9, 0x6, 0x82, 0x7ff, 0x1000000, 0x400, 0x3ff, 0x1, 0x7, 0x7, 0x200, 0x9, 0x9, 0x1, 0xb9f, 0x6, 0x3ff, 0x9, 0x2, 0x38, 0xffff, 0x4, 0x10000, 0x5, 0x8276, 0x2, 0x9, 0x2, 0x2, 0x4, 0x10000, 0x9, 0x9, 0x5, 0xffff, 0x0, 0xdc, 0x80000001, 0x1ffc0000, 0x4, 0x0, 0x3, 0x3, 0x8, 0x1, 0x9, 0x5, 0x1000, 0xfff, 0x81, 0x100000001, 0x8, 0x0, 0x6, 0x100000001, 0x484, 0x3ff, 0x0, 0xb101, 0x8, 0x7, 0x0, 0x7, 0x7f, 0x5]}) ioctl$TUNSETOFFLOAD(0xffffffffffffffff, 0x400454d0, 0x1) sendmsg$NL80211_CMD_FLUSH_PMKSA(0xffffffffffffffff, &(0x7f0000000640)={&(0x7f0000000580)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000600)={&(0x7f00000005c0)={0x20, 0x0, 0x8, 0x70bd2c, 0x25dfdbfe, {{}, {@void, @val={0xc, 0x99, {0xfe, 0x7}}}}, ["", "", "", ""]}, 0x20}, 0x1, 0x0, 0x0, 0x800}, 0x800) r0 = openat$nvram(0xffffffffffffff9c, &(0x7f0000000680), 0x50801, 0x0) ioctl$SCSI_IOCTL_DOORLOCK(r0, 0x5380) r1 = syz_open_dev$ttys(0xc, 0x2, 0x0) r2 = dup3(r0, r1, 0x0) r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000700), r2) sendmsg$NL80211_CMD_TDLS_OPER(0xffffffffffffffff, &(0x7f00000007c0)={&(0x7f00000006c0)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000780)={&(0x7f0000000740)={0x30, r3, 0x8, 0x70bd2c, 0x25dfdbfd, {{}, {@val={0x8}, @val={0xc, 0x99, {0x10001, 0x65}}}}, [@NL80211_ATTR_TDLS_OPERATION={0x5, 0x8a, 0x1}]}, 0x30}, 0x1, 0x0, 0x0, 0x48001}, 0x10) getsockopt$inet_pktinfo(r0, 0x0, 0x8, &(0x7f0000000800)={0x0, @broadcast, @remote}, &(0x7f0000000840)=0xc) r4 = socket$inet6_icmp(0xa, 0x2, 0x3a) sendmmsg$inet6(r4, &(0x7f0000002ac0)=[{{&(0x7f0000002180)={0xa, 0x4e22, 0xa2, @dev={0xfe, 0x80, '\x00', 0x24}, 0x5}, 0x1c, &(0x7f00000024c0)=[{&(0x7f00000021c0)="e3e080f7b09f3b", 0x7}, {&(0x7f0000002200)="426488e09b5e9d3279e808fe953ea7aafe1cb9d14b36fe64dcece746dccb7ac82efa68974c87eaa8863b4f7f64bc7af2749a77fff1611cdb8ed153a1428dcd421a80082673d363da2831909920956dd332257c99218bff85d0b9a816e047a6e19a910a721372351d81f02a1a0c0785ed1207d9cb66a1fa3509b5b56255a3d20cfbb0fa5a5a796349470049d13251c7404bd04cc6b67c21dc09ce320cb2c79e14f4b2e52cc4b16ff1c8bb7c64e9f53fec0715f970eb0406ba9551bb48f6e2005afabb81f97d12471702505927cd819fd8a0a8b5b58e6a43dad158174efacb2478f606a61577e54b1585ecfba6b0233a07396785", 0xf3}, {&(0x7f0000002300)="0f08355df9ff1a7af8fe7abf2faa7237799522f2829f5e1f93f8648ac777a292f61b104202acc9417a420e6687ce0fa20224d13dd59adbd1e8bd470f68f10fc2da0e6d5785f094a3312fd8cc65bb6e", 0x4f}, {&(0x7f0000002380)="cb091d62632dc905eec1c8d495f16de70bd7758ea2632de8df3f7875615d38d0495bd353417391d1dfdac0c1bb152ab9018d758f64f47a0e1764879e7fc595bba7c38645eb9d553e520e41f797b4d0c1f5fefa473de6074fc559ddd72f82e574b34d7e3954966768bdd4136e8d550e57ad0ef3f3e553bf1cd941e0d95baa8f186064263e61baa432cd0abc4540f6febd072260f4fe", 0x95}, {&(0x7f0000002440)="c5db3b235d960de34af8c17a574b0b2e9800fbe3b103260606bdc22048e3c59b70d5235f94302de76825358c35413732937a05871e85e3bbb52bfdcc7d", 0x3d}, {&(0x7f0000002480)}], 0x6, &(0x7f0000002540)=[@dontfrag={{0x14, 0x29, 0x3e, 0x5}}, @hopopts_2292={{0x28, 0x29, 0x36, {0x0, 0x1, '\x00', [@ra={0x5, 0x2, 0x3}, @ra={0x5, 0x2, 0x9}, @pad1]}}}, @rthdrdstopts={{0xb8, 0x29, 0x37, {0x89, 0x13, '\x00', [@enc_lim={0x4, 0x1, 0x1f}, @ra={0x5, 0x2, 0x9}, @generic={0x2, 0x82, "f9e4c3522ede8d7ba958b37a210c6a77a263323223e6cf14d60acd490e2c059811c3ab60c215bc31a2b01ebc3bbfcc48720d48a5beb1f4510cda4bdee6eea98f6378009ca1238cfb65c9d3b9df70be5a34b4cafa8ff8f285971addabb93a7541f3fe622e08b62d5b635e80fb7701fac84626e0c2729048d728fffb6b40d124b20c47"}, @ra={0x5, 0x2, 0x709a}, @jumbo={0xc2, 0x4, 0x3}, @jumbo={0xc2, 0x4, 0x3}]}}}], 0xf8}}, {{&(0x7f0000002640)={0xa, 0x4e21, 0x1, @dev={0xfe, 0x80, '\x00', 0x2e}, 0x7600000}, 0x1c, &(0x7f0000002940)=[{&(0x7f0000002680)="1687cfccb169460f639bebc339236e2c6e369c32ed1573829a659ce50c0f52ca4e1d8734e57736769031d5057766fcfaadd234f0eaf550322196cd793e34db073c9b10401f795addd2d43c1018335af8f3d8c463901a2d6b1b3ce750d10f1b07784672859631ee44f6294e3328d1c09f4c478c1c938d672066ae84935392cb7e82067983cf343a81d023b32b097a41a17e7d0ebfbb0f4ad2c55d326c2caa5dc8f69dbecd31872fcaa537e19b", 0xac}, {&(0x7f0000002740)="397d0a939979eeb7545c9bfe521201aea5d212cc", 0x14}, {&(0x7f0000002780)="89023b0a7c741dbe668cf4757a5735ab508c0d1010885c535cb119377219ae24bffccb8f653544b89832794d161ff5eae9d17486f2256430b55909aa5e1dd4f3ebbb15a378a3fdb57707ffd5a4a90d9243a2baf3b34c276062d0e71369693ca95ab4799823a4076c0451e49e5a4d10219b930c9e141ffe38e05346b800ccf1e6d80236489cd436015524ea0137811643d9ef0e00bba4364ec090392a0a58dd95a14bf0fff79d7bcedc98b60c8335067e58db3f2a489de129b36e5a", 0xbb}, {&(0x7f0000002840)="574ec9b2d85affbec8a9aa2c8789be6e9322b8feb5abdeee87e6f22168674ef942b4f30d24f43cbfe8d603114217a92944d4eb61fdc81eb1afa673e1838b3699318bb163b51eb1bb83b4b2cd620ed2999f4ec8d2a7f9bc71c52a98b26bda6423e699235128ae339d83c11c2f6af8a73074e3d88af65b8858badcd375dd32878c61e8e94c007c3c2081c78f365481ab59e51a19cb7e8834c07a26b573733fa6c85b19d9bef89a8c8063eddc4304aeb34c32a1c01a59b9dee2f5fcff4a173e3a675fb2133b117eb5c69b03ac2349a6b8e1491fa66e222c385e5858", 0xda}], 0x4, &(0x7f0000002980)=[@rthdr={{0x58, 0x29, 0x39, {0x3a, 0x8, 0x0, 0x8, 0x0, [@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @mcast1, @local, @dev={0xfe, 0x80, '\x00', 0x27}]}}}, @dstopts_2292={{0x30, 0x29, 0x4, {0x89, 0x3, '\x00', [@enc_lim={0x4, 0x1, 0x5}, @pad1, @hao={0xc9, 0x10, @ipv4={'\x00', '\xff\xff', @broadcast}}]}}}, @hoplimit={{0x14, 0x29, 0x34, 0x4}}], 0xa0}}, {{&(0x7f0000002a40)={0xa, 0x4e21, 0x5, @remote, 0x55}, 0x1c, &(0x7f0000002a80)}}], 0x3, 0x2041) preadv(r0, &(0x7f0000002ec0)=[{&(0x7f0000002b80)=""/168, 0xa8}, {&(0x7f0000002c40)=""/153, 0x99}, {&(0x7f0000002d00)=""/17, 0x11}, {&(0x7f0000002d40)=""/4, 0x4}, {&(0x7f0000002d80)=""/51, 0x33}, {&(0x7f0000002dc0)=""/219, 0xdb}], 0x6, 0x4, 0x8) ioctl$BTRFS_IOC_QUOTA_CTL(r1, 0xc0109428, &(0x7f0000002f40)={0x1, 0x4}) ioctl$EXT4_IOC_MOVE_EXT(r0, 0xc028660f, &(0x7f0000002f80)={0x0, r0, 0x8, 0x9, 0x2, 0xffffffff}) 14:15:39 executing program 6: ioctl$IOC_PR_CLEAR(0xffffffffffffffff, 0x401070cd, &(0x7f0000000000)={0x5}) r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/diskstats\x00', 0x0, 0x0) ioctl$BLKGETSIZE(r0, 0x1260, &(0x7f0000000080)) recvmsg$unix(r0, &(0x7f0000001340)={&(0x7f00000000c0), 0x6e, &(0x7f0000001300)=[{&(0x7f0000000140)=""/200, 0xc8}, {&(0x7f0000000240)=""/39, 0x27}, {&(0x7f0000000280)=""/4096, 0x1000}, {&(0x7f0000001280)=""/121, 0x79}], 0x4}, 0x20) ioctl$BLKRAGET(r0, 0x1263, &(0x7f0000001380)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000013c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$BTRFS_IOC_RM_DEV(r0, 0x5000940b, &(0x7f0000001400)={{r1}, "842c0c331cc490e35aadc0c9a78205972f58f631c524eaf8d94f3b9d1d297dd073a31ac4fdfcb1a3c51a9c955eb571ecef4b89a42ee06efbef774d663e2d1186319d91722e7d68c0da0241f183d92fcbeb94b11fd652640a25df76025a45b28d4a81cc98c3e00f24eb8ca46e2a617577d6cdec88dcc8124d4b0615fd5106b494cb34eec9c7df3c8376111f6c582d4dbbe3b0d2672b3963e476cf5a8bfc8b062be50fab1ba8b6de8cccf108977131f7637deeb59617cb1f678c2f140c9e2e9791239d416e24048b5125f015b50fe8cbfb68ecece06d1c1cea7e9f178382fa5506ea75803d7e84577e1127ddb1e9ab0cfd5d18f6373946f1d4265591a1f4b2702583ccf68e16b80965ff43218fdd9d7a30128974b68ccf05e0653531292b57a63d3b78ede06f77d8c5ae705e30b6c8bdb767c87c5bf2617a38debb0a0b6cf67cc1b9808f0e92c05e9e075ad091d9f37b2e08c4c48d898e66cf0a155fd8404e18c4a3eddace23e5da1362cc95de90e17635f651755708126a25bbfa63a80d639f1fdd9371f6cb9e30e7444122f3cf7f1a9fd64f04e6b9e1de2097320a803c5c8d246e7e44eb15dcd1026f18205e4cfa8360fc5ba4c29df0f698ded70dd026897c4fec9a6e9d416cbf674ef8dfbfe88f00c3efef44846efbc16c77b03c2e03265256a31a17f1e416c499e474a507faadd6b4845ee88984a273cb161c4018583fc069ab86dbe01961118aa5d20f8b6a4a8d6c149be78e1682f9e05feb8ce7733cc1b4997e13060663a3ce5e06c3d4a559b15cbbd75cb6a7a99e2fbbdfea51a9b90c27f5e1d01bf7f38e6260222e9925592b3b2e2dd4c0aa18f5b39cf508716c445fff5a15f7e0511a71c07dcadf065b45e6481d991fa0f20dddb3639e69b2070db1e9d911167353bab630405890c15d7f508e6a66379fd63a9a1f5f92a76121e1054c3d67c1326322a1b923d8238e596c2779b91f9e1b3d7ae6f6e2e51b7ba4ff87cde1c9f467a2ac15e225834638319b00531cd8234a6654b90a6d64f630c59c24ccf7deb90c64ab7e387e971c945b50e235077581432b48fa3a693fffa19301d8bcc42f79903f632e3fbd1fb4b24950a33e58611cf3ac38c89ebabadeaeba01dbb00955090c92a2d31fd074a09bd03e382aa0865e8122224d226e768a46cefa5f9cd23b14da3aff28b0569890d3fcb6b66940eb190a61e9c8b5b8f1c4224c957faf0824bbea78b37df5f6bd85e60fe7747189cfcb84b056fad7f6aef40b5d018321c00a7a8f18cad38c24c1cf207bc5c519b1556c08d4cdf394eb4b63fcb8d9400a0efa74c95f35d8a2792f2381549c0f0e1102f44ac1c9f2abce82b163dc7130ca6793edc100178e49c277c3ac5c1a347e1f5620fc790dd2d1dc882b549bd0badde68dceeee9963bfe4c9057c5b0e03cfa1bfcc473ed42cb156a891758f0e97550b34b61971ffd4a6953899e4c9b1661d51868f2168135fc0d17caefda3bc69f8fd8c6fe5e606ba01797997ac73ebac4cba04eda7707540e4bcf0da2a3c22295db44b8784397e7bb3296137e84f3a5afe3fabac4997daeca3fcc97b1e813bd2062ef1ccc326c73736e87c77d2e6dd901934af0b3d26c7293dce082a4f822d09b0ef09cd5d2e7532558ddba8299640f5e3ef91cc12238b7fa8e6b0e1379d987ecbafb827164fb623054b619e58956e4156e38e3ba1ee255e8759881a190c5b49c692409e2466432896f76ae880ca9c3b94d648634e0cedecbf1e82c2acbb90d040e8f35ca74b62f3d12296d4a89d4ec5e25441d2da42984b59a90f4f279a6b62c7962dc2f27958ffbefee8d1770c418632e7051679e1206f32d4f6f04434b23e4439e0ccf94c3961821905e0220763c1abc68fb1164b219760e7b8dca40636286bca9595b3e22868c8de3eca2fef3a5579c51c6fba48c9221257295b51186cc617313744a04fcacee875e804afa39b7fb78c30c0f796a34122e286676372f488a0be853fc457440916451801d74375afa3c944f1df8f5357594cf67015193c3ac307a0df7fb2161675127fce20f2f90f12da6148cd34dc317e8467b3c311ed5931e93f3ce33d25f4ade321d67b0783a252539f08d939d5f0a801e6ab9e60e2de47a58df154caba26aefb3b74ca5917f27b664fc3d9e42aac4295e8d69036314f66d1fb9e78dda01262ec9b4754615b5c43e7b5627f0f1883aca72a0f1f3e2f5e3cac25e1367b6a050b6a4131b615d80a20499bf0949a29567f4a9bcb39ef13119004936eafafaed18c29ed3537a209f5da2b86dcd4980ee9cf716fa4592e868f50be8b25d1ba1d6fc75ae10e15128e7a279db058bcb3af8b906524e5b86c1d847d43ec16a6fe40a4ca9c8a32db4f2f4142a59c3cb0499838c6171f423df97cd353ff50d92b5dfb1670ba74decf4f642a7a6ea3fa674aaeca033e9d8e4f6cc4ff2e1497346f946c1319fb0c4a9a90a2069de0e46c63ba5663c2a60d7168a81144816c20ec275e6c3b8e73aa1031df66d6bdd9619014e03a530d6fdc630252c7e3a2238d560390173fe7b434316bfe779822f51d9d8c9e2c276beb06b443bfbb21fe9475e9d8c237af7b078fbad9bb69c434850f63ee245819238e2ceded56f618e31396334bf78dfa89161f345878b50575e1e77db137faf88a8b6914cfa304d19bf7fe89563d87bdd8b852d6b09ab4b96665d4f516f2195034be4b3532d750d2a4186aa9a4e6252194965556fd2c2db94afcf4f251c895a18c73792e3911679b0bd84b501ed8a26106f4e13f31785ee698705f0b21e4701d6daa15d5f72c157b6bb1b3544a2219973ffb433d31eaec8c7b5ed59ecb02d59ef5a0626fbd8f2942c52320b8c3a7b37ca8eab7e4b4ee47c51dd65e007b7aa5c57874f3bf297e1a29ee6eb8e1523af6bf657d2e0d65fb51eabe036c5a8aefd195c44f67f7435957b9716231f0caa292da0a9db171cbd7620d859d9d5f13aeb2dfb161b31e1bbc89b169b276643e984b07045ef2f736f549617f22d7702766a3d09061ecbf7a89c82bd77170504b515a5dd525c2cd862b0f58b9516a6d886eb1345502b76214dff8e1558c570b70710714ca85e0015b1ad1711c4018ff33ce3ca47c30519f46004dcdcdee6ba4a1f0aa11db79b8b0d0330741b692b52fe81dc271d266993a6db807bfa5239620b54f5447685ea83ae875a64d191c0a6017e9bdaa0c54d10b994f6f59c067657c9d1bb7a02b7fd33dbeecc06bf8615fd0f25be07993b82cf5ee31b1abb46ebf895e6681268ffd43c30e8d9884988259203c00f509edf30b7d6a3aea7fff4547cbeee702fb80c089f297f56fe5aa65ce95ab21066580180f2a29dd1be379a679c4ad8fda31535b71e4fd7293379adb528b4478fb5866e0c1f54a0ed8eb850c78eb004ea68b84c4a348bde221eb10f51efcfe6778c648dbda168d314d0dfd3f4b333fb01e3c4be4bd811d7e942d6664f0452fc89a2a92e763dd584133b484a28354f6c1c8b5ba9b64ba17fb05b3afa55c2cdc9cf924ad348e7853e514a339a51c1b5d6fdbab3a254d59d512717e157a18ad22de9f98f5a383eb0239485a5573c5af463d1b424061bbce27c708ba56c569c74522cd4413a4ae1c4f2677dc4443b16eb9a4cce77e74f75e6e3d185a1c0379d16dde73fec095c33aef240904364be69352459824f531303d5846c765dec4e402dec475f89be3304781c1482508cb2e924d6eadaf40380cc408619239c9c7b6e54f434542b6571aab53079c71a643bca4b64b2860d584ee37f0abf996fef166f3dae1d46adaecbbe69215aba35d42e5e99f814183540a5d95edef3ec29b8a8e6ed1e29fdf9dfef2c94d97300ddfecc92edd7acfae8995eeaad2a1b2b2d76c22bacb9aa25927975adf43d016ed252ff5977e36face4a7ff20493534dddf49412a48a0e9430adf1975229ce03d70a6c85892e29e36a1ee5a4eef5d3aa649a6e73097d82d18772a1f0f1de6584c6a8c26a0bc7ef4498cdcc558e5f56683e6ef963998c7c269f5e07af551675eccd7db2242f10c215dc4d78d0bbb09561121040abfe8d0fefa489d63cc98cb7a087cd3441712e9664a1787f20ef24422d4086689c20ee2de831676d2deaf5ba1d56987941155bd079d53ffa1a2928fb9c24f3ff73f8b5ab451653d0f25872db2be8ec36cd55eadddd652b54ef53ebf1fb46192bd8910aa5f6c1ab6324776309d2b879155f2beebc23f32b1fd3e04bd0dedad932781da7d8c3369f4b8b38b9bb9d47bf505732f96226271dcae008c165cb27d2341cf40ef6fd33aa14868f35e0613b0d4fc74264983ae0155b82a4c0cdeb7a3bfab1b551b844865182b30d3039983f172dc369db36489c22e75c18ecd419346bf4ef46a8b103e1cd5c44a973640991d38b14c109681750c49b51747787e40237965f56fdb05b1b8fc153e2e508efb695e5fff23b9852300635a454908571f75d370b8693ebea8846269b7005ac2e719447c755d5bb1556a65ecb9c181e04395a024abee3dfcf4a6b0335094d31ffd270ea92c63e5dd04a47941e4aaf3a40fabdc049ac1a60d679586bac61152427040137be15ffa8553709a8372ce905339c702ffa9e7f33feda4a45bb36e7e842751e95d72e58c039a8bb8d837bd4a3429c4926542214cdccf113c9b1722e7d09186ac81dbc85508a513e07aa746e74b2fcc58baea934f467d8df1824c04c00cbcb5705298f202166ce2c302d95bee2ec7f9b39d88f047d8f60237dc6afe903b14e64619c5d7d938f5e51cf60e80cb1320e35f63f9ecfad98b5426bed8b328b6efe7ecd2f8d70e11a7a0124b059c69f6d8a2518ef6d851d2fc4d2073772ca155c1ac9b742c365e874a8549ba4ead66dda9d7b07e153d1fc5a736e45b3d21204eb81eb8e315b7109ac0cb34bbef59eae5410132ce92fc62df26a10846d9b024fc21e3eff3168328f124ef8794ad0b34274bd6cad58ac33d7d9bc9437833ce7065bdc15c135567ee9093ed4546ee422841d4674828e8cd9ade69d79bdd60657008c2ed3067c4effe232f856032d9d7429c32244435928627c1225b4528f1d7e413d2c0224b79d5558f792e8b30860a11adb950dcf12d167f357f619a768d7414c3aabdff26cd1f12aa49d2b03869805a42b93728165ab546ad72962e84e96c86dfc4f4dfd3894270a8dbe10c500be592df59af920727145b5776bfcb431e0935ece74a7e872caa3cda942bc3e102456e359b81fa8fdeb7479ca41f49945184ed00fbe288fc8eabbe95d1f0ecfca3b6a060723184ad53f0bdc253bde172ea3fe7e64f9f6131f14b8185e08afc4e8fe2084471f453a85c5541d17687583f9507ce1b408f533f33e57592e801b6fc3ab4afb3fb5de507029263e337442096dbc1622568e311758ccdab9e83e2198087540a80b49ef1ca296bfc66b8b53f26432c1ab2dd459f25948c0b7a32bcdfb8f6822b1edad4c0cb326c1542331e8a3e9f058f39ffa3ad4fd7ba1919c1373ad234d7a83d873c22414719fbe1bb866ec85a5051ecc965b903deafbdecc05311d5cbd1b7b6ab1caec966d989ed35cc635955ccf14f95ca012bf92a2ac83939c1a49e0d37fde69be80677738232ddcc082de09281821be29ac067b8ef3c82c01557151d980de35b4581e988854ae9f7afc4b0cb6c8f475e037c84610265626508e70e5336c088a02e5709431e7ed301fd737a3037c9f00d687fdebbdc8c56c041a6ecfbe577f2f00d697c52aa1cc8cc5df31d5a0367d1b341fbbf132d23ae6cff10efc6a7a3269bb1a371eeadd1408b28"}) r2 = openat$sr(0xffffffffffffff9c, &(0x7f0000002400), 0x8300, 0x0) ioctl$FS_IOC_ENABLE_VERITY(r2, 0x40806685, &(0x7f0000002540)={0x1, 0x2, 0x1000, 0x75, &(0x7f0000002440)="35128666e7e8df37e8153321fda82f79657881c74664a148cb961d719882f15c159a38a4e06a2ab8a4e630463c2b661cb948a09ced84100d9a4b8a0671df48067b03adafe58977cd67279fbc68031cc0fcea636779ab9f72bb2f41795faa2ad4b04f19b2d0e2bae5c1b525891dcc058e0471ae3bd5", 0x43, 0x0, &(0x7f00000024c0)="f8f575ad6662d3b045ffc49cfc5c02c32fcec45931602cf648bba942abc63ed9652b90e0b978242ea927f044401e0a06275a01461eb3aa97e2ffb8e866d24bea9d4736"}) write$P9_RATTACH(r2, &(0x7f00000025c0)={0x14, 0x69, 0x1, {0x10, 0x4, 0x5}}, 0x14) syncfs(0xffffffffffffffff) r3 = open_tree(r2, &(0x7f0000002600)='./file0\x00', 0x9000) r4 = openat$incfs(r3, &(0x7f0000002640)='.pending_reads\x00', 0x0, 0x20) r5 = socket$nl_generic(0x10, 0x3, 0x10) clone3(&(0x7f0000002940)={0x40000200, &(0x7f00000026c0)=0xffffffffffffffff, &(0x7f0000002700), &(0x7f0000002740), {0x22}, &(0x7f0000002780)=""/220, 0xdc, &(0x7f0000002880)=""/66, &(0x7f0000002900)=[0x0], 0x1, {r2}}, 0x58) copy_file_range(r5, &(0x7f0000002680)=0x5, r6, &(0x7f00000029c0)=0x1, 0x1, 0x0) write$P9_RSYMLINK(r4, &(0x7f0000002a00)={0x14, 0x11, 0x1, {0x1, 0x0, 0x7}}, 0x14) ioctl$BLKBSZGET(r4, 0x80081270, &(0x7f0000002a40)) open_tree(r4, &(0x7f0000002a80)='./file0\x00', 0x88000) io_uring_setup(0x26a1, &(0x7f0000002ac0)={0x0, 0xcf15, 0x2, 0x3, 0x1ce, 0x0, r0}) [ 68.359683] audit: type=1400 audit(1664633739.998:6): avc: denied { execmem } for pid=286 comm="syz-executor.5" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1 [ 69.613690] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 69.615392] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 69.617886] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 69.619919] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 69.621379] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 69.622782] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 69.625004] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 69.627586] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 69.629652] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 69.631037] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 69.637137] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 69.647667] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 69.657172] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 69.658324] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 69.660634] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 69.661857] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 69.669644] Bluetooth: hci2: HCI_REQ-0x0c1a [ 69.669817] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 69.670868] Bluetooth: hci1: HCI_REQ-0x0c1a [ 69.673120] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 69.674566] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 69.692940] Bluetooth: hci3: HCI_REQ-0x0c1a [ 69.710724] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 69.713189] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 69.718031] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 69.718146] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 69.719813] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 69.722874] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 69.724350] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 69.729525] Bluetooth: hci0: HCI_REQ-0x0c1a [ 69.732854] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 69.740719] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 69.742223] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 69.744174] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 69.746242] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 69.747784] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 69.750029] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 69.753666] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 69.754212] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 69.756843] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 69.757434] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 69.759727] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 69.761436] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 69.761754] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 69.764847] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 69.767133] Bluetooth: hci6: HCI_REQ-0x0c1a [ 69.767243] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 69.771332] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 69.773006] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 69.773975] Bluetooth: hci5: HCI_REQ-0x0c1a [ 69.774222] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 69.779730] Bluetooth: hci4: HCI_REQ-0x0c1a [ 69.875717] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 69.877980] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 69.885713] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 69.889978] Bluetooth: hci7: HCI_REQ-0x0c1a [ 71.742116] Bluetooth: hci0: command 0x0409 tx timeout [ 71.742869] Bluetooth: hci1: command 0x0409 tx timeout [ 71.743440] Bluetooth: hci3: command 0x0409 tx timeout [ 71.744520] Bluetooth: hci2: command 0x0409 tx timeout [ 71.805601] Bluetooth: hci4: command 0x0409 tx timeout [ 71.806172] Bluetooth: hci5: command 0x0409 tx timeout [ 71.806680] Bluetooth: hci6: command 0x0409 tx timeout [ 71.933583] Bluetooth: hci7: command 0x0409 tx timeout [ 73.789570] Bluetooth: hci2: command 0x041b tx timeout [ 73.790032] Bluetooth: hci3: command 0x041b tx timeout [ 73.790437] Bluetooth: hci1: command 0x041b tx timeout [ 73.790915] Bluetooth: hci0: command 0x041b tx timeout [ 73.853671] Bluetooth: hci6: command 0x041b tx timeout [ 73.854074] Bluetooth: hci5: command 0x041b tx timeout [ 73.854538] Bluetooth: hci4: command 0x041b tx timeout [ 73.981523] Bluetooth: hci7: command 0x041b tx timeout [ 75.837635] Bluetooth: hci0: command 0x040f tx timeout [ 75.838235] Bluetooth: hci1: command 0x040f tx timeout [ 75.838823] Bluetooth: hci3: command 0x040f tx timeout [ 75.839242] Bluetooth: hci2: command 0x040f tx timeout [ 75.901579] Bluetooth: hci4: command 0x040f tx timeout [ 75.902008] Bluetooth: hci5: command 0x040f tx timeout [ 75.902401] Bluetooth: hci6: command 0x040f tx timeout [ 76.029564] Bluetooth: hci7: command 0x040f tx timeout [ 77.885556] Bluetooth: hci2: command 0x0419 tx timeout [ 77.886125] Bluetooth: hci3: command 0x0419 tx timeout [ 77.887044] Bluetooth: hci1: command 0x0419 tx timeout [ 77.887445] Bluetooth: hci0: command 0x0419 tx timeout [ 77.949627] Bluetooth: hci6: command 0x0419 tx timeout [ 77.950045] Bluetooth: hci5: command 0x0419 tx timeout [ 77.950444] Bluetooth: hci4: command 0x0419 tx timeout [ 78.077526] Bluetooth: hci7: command 0x0419 tx timeout 14:16:31 executing program 2: syz_open_dev$loop(&(0x7f0000000140), 0x0, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x9}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x2, 0x0, 0x0, 0x0, 0x0, 0x2, 0x30656, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040), 0x8}, 0x0, 0x0, 0x10}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x3521, &(0x7f0000000180)={0x0, 0xca28, 0x0, 0x2, 0xb3}, &(0x7f0000ff2000/0xc000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000000), &(0x7f0000000200)) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000001200)=ANY=[@ANYBLOB, @ANYRES32, @ANYRES32=0xee00, @ANYRES32, @ANYBLOB='n/file0\x00']) syz_io_uring_setup(0x443f, &(0x7f0000000200), &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000000100)=0x0, &(0x7f0000000040)=0x0) syz_io_uring_submit(r2, r3, &(0x7f0000000180)=@IORING_OP_READV=@pass_iovec={0x1, 0x5, 0x0, @fd, 0x0, 0x0, 0xfffffd03}, 0x0) syz_io_uring_setup(0x443f, &(0x7f0000000200), &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000000100)=0x0, &(0x7f0000000040)=0x0) syz_io_uring_submit(r4, r5, &(0x7f0000000180)=@IORING_OP_READV=@pass_iovec={0x1, 0x5, 0x0, @fd, 0x0, 0x0, 0xfffffd03}, 0x0) syz_io_uring_submit(r2, r5, &(0x7f0000000340)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd, 0x0, 0x0, 0x0, {0x2a2}}, 0x9) fcntl$dupfd(r0, 0x406, r1) getgid() perf_event_open(&(0x7f0000001840)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000001800), 0xd}, 0x22}, 0x0, 0x0, 0xffffffffffffffff, 0x3) r6 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0) getsockopt$bt_BT_SNDMTU(r6, 0x112, 0xc, 0x0, &(0x7f0000000040)) fsetxattr$trusted_overlay_redirect(r6, &(0x7f0000000240), &(0x7f0000000300)='./file1\x00', 0x8, 0x0) write(r1, &(0x7f0000000080)="01", 0x41030) [ 120.175208] audit: type=1400 audit(1664633791.814:7): avc: denied { open } for pid=3701 comm="syz-executor.2" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 [ 120.176783] audit: type=1400 audit(1664633791.814:8): avc: denied { kernel } for pid=3701 comm="syz-executor.2" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 [ 120.200239] ------------[ cut here ]------------ [ 120.200259] [ 120.200262] ====================================================== [ 120.200266] WARNING: possible circular locking dependency detected [ 120.200270] 6.0.0-rc7-next-20220930 #1 Not tainted [ 120.200276] ------------------------------------------------------ [ 120.200279] syz-executor.2/3702 is trying to acquire lock: [ 120.200285] ffffffff853faab8 ((console_sem).lock){....}-{2:2}, at: down_trylock+0xe/0x70 [ 120.200323] [ 120.200323] but task is already holding lock: [ 120.200326] ffff88800eb9c820 (&ctx->lock){....}-{2:2}, at: __perf_event_task_sched_out+0x53b/0x18d0 [ 120.200351] [ 120.200351] which lock already depends on the new lock. [ 120.200351] [ 120.200354] [ 120.200354] the existing dependency chain (in reverse order) is: [ 120.200357] [ 120.200357] -> #3 (&ctx->lock){....}-{2:2}: [ 120.200371] _raw_spin_lock+0x2a/0x40 [ 120.200382] __perf_event_task_sched_out+0x53b/0x18d0 [ 120.200393] __schedule+0xedd/0x2470 [ 120.200406] schedule+0xda/0x1b0 [ 120.200419] exit_to_user_mode_prepare+0x114/0x1a0 [ 120.200432] syscall_exit_to_user_mode+0x19/0x40 [ 120.200444] do_syscall_64+0x48/0x90 [ 120.200461] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 120.200476] [ 120.200476] -> #2 (&rq->__lock){-.-.}-{2:2}: [ 120.200492] _raw_spin_lock_nested+0x30/0x40 [ 120.200502] raw_spin_rq_lock_nested+0x1e/0x30 [ 120.200515] task_fork_fair+0x63/0x4d0 [ 120.200531] sched_cgroup_fork+0x3d0/0x540 [ 120.200544] copy_process+0x4183/0x6e20 [ 120.200555] kernel_clone+0xe7/0x890 [ 120.200564] user_mode_thread+0xad/0xf0 [ 120.200574] rest_init+0x24/0x250 [ 120.200585] arch_call_rest_init+0xf/0x14 [ 120.200602] start_kernel+0x4c6/0x4eb [ 120.200617] secondary_startup_64_no_verify+0xe0/0xeb [ 120.200632] [ 120.200632] -> #1 (&p->pi_lock){-.-.}-{2:2}: [ 120.200645] _raw_spin_lock_irqsave+0x39/0x60 [ 120.200656] try_to_wake_up+0xab/0x1930 [ 120.200668] up+0x75/0xb0 [ 120.200682] __up_console_sem+0x6e/0x80 [ 120.200697] console_unlock+0x46a/0x590 [ 120.200713] vprintk_emit+0x1bd/0x560 [ 120.200729] vprintk+0x84/0xa0 [ 120.200744] _printk+0xba/0xf1 [ 120.200756] kauditd_hold_skb.cold+0x3f/0x4e [ 120.200772] kauditd_send_queue+0x233/0x290 [ 120.200787] kauditd_thread+0x5f9/0x9c0 [ 120.200800] kthread+0x2ed/0x3a0 [ 120.200814] ret_from_fork+0x22/0x30 [ 120.200826] [ 120.200826] -> #0 ((console_sem).lock){....}-{2:2}: [ 120.200839] __lock_acquire+0x2a02/0x5e70 [ 120.200856] lock_acquire+0x1a2/0x530 [ 120.200872] _raw_spin_lock_irqsave+0x39/0x60 [ 120.200882] down_trylock+0xe/0x70 [ 120.200897] __down_trylock_console_sem+0x3b/0xd0 [ 120.200912] vprintk_emit+0x16b/0x560 [ 120.200928] vprintk+0x84/0xa0 [ 120.200944] _printk+0xba/0xf1 [ 120.200954] report_bug.cold+0x72/0xab [ 120.200970] handle_bug+0x3c/0x70 [ 120.200986] exc_invalid_op+0x14/0x50 [ 120.201002] asm_exc_invalid_op+0x16/0x20 [ 120.201014] group_sched_out.part.0+0x2c7/0x460 [ 120.201031] ctx_sched_out+0x8f1/0xc10 [ 120.201048] __perf_event_task_sched_out+0x6d0/0x18d0 [ 120.201058] __schedule+0xedd/0x2470 [ 120.201072] schedule+0xda/0x1b0 [ 120.201085] exit_to_user_mode_prepare+0x114/0x1a0 [ 120.201095] syscall_exit_to_user_mode+0x19/0x40 [ 120.201108] do_syscall_64+0x48/0x90 [ 120.201124] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 120.201136] [ 120.201136] other info that might help us debug this: [ 120.201136] [ 120.201139] Chain exists of: [ 120.201139] (console_sem).lock --> &rq->__lock --> &ctx->lock [ 120.201139] [ 120.201153] Possible unsafe locking scenario: [ 120.201153] [ 120.201156] CPU0 CPU1 [ 120.201158] ---- ---- [ 120.201160] lock(&ctx->lock); [ 120.201165] lock(&rq->__lock); [ 120.201171] lock(&ctx->lock); [ 120.201178] lock((console_sem).lock); [ 120.201183] [ 120.201183] *** DEADLOCK *** [ 120.201183] [ 120.201185] 2 locks held by syz-executor.2/3702: [ 120.201192] #0: ffff88806cf37e98 (&rq->__lock){-.-.}-{2:2}, at: __schedule+0x1cf/0x2470 [ 120.201220] #1: ffff88800eb9c820 (&ctx->lock){....}-{2:2}, at: __perf_event_task_sched_out+0x53b/0x18d0 [ 120.201246] [ 120.201246] stack backtrace: [ 120.201249] CPU: 1 PID: 3702 Comm: syz-executor.2 Not tainted 6.0.0-rc7-next-20220930 #1 [ 120.201261] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 120.201269] Call Trace: [ 120.201272] [ 120.201276] dump_stack_lvl+0x8b/0xb3 [ 120.201294] check_noncircular+0x263/0x2e0 [ 120.201311] ? format_decode+0x26c/0xb50 [ 120.201326] ? print_circular_bug+0x450/0x450 [ 120.201343] ? simple_strtoul+0x30/0x30 [ 120.201359] ? format_decode+0x26c/0xb50 [ 120.201376] ? alloc_chain_hlocks+0x1ec/0x5a0 [ 120.201393] __lock_acquire+0x2a02/0x5e70 [ 120.201415] ? lockdep_hardirqs_on_prepare+0x410/0x410 [ 120.201437] lock_acquire+0x1a2/0x530 [ 120.201453] ? down_trylock+0xe/0x70 [ 120.201470] ? lock_release+0x750/0x750 [ 120.201491] ? vprintk+0x84/0xa0 [ 120.201508] _raw_spin_lock_irqsave+0x39/0x60 [ 120.201519] ? down_trylock+0xe/0x70 [ 120.201535] down_trylock+0xe/0x70 [ 120.201551] ? vprintk+0x84/0xa0 [ 120.201567] __down_trylock_console_sem+0x3b/0xd0 [ 120.201584] vprintk_emit+0x16b/0x560 [ 120.201603] vprintk+0x84/0xa0 [ 120.201620] _printk+0xba/0xf1 [ 120.201631] ? record_print_text.cold+0x16/0x16 [ 120.201647] ? report_bug.cold+0x66/0xab [ 120.201665] ? group_sched_out.part.0+0x2c7/0x460 [ 120.201683] report_bug.cold+0x72/0xab [ 120.201701] handle_bug+0x3c/0x70 [ 120.201718] exc_invalid_op+0x14/0x50 [ 120.201736] asm_exc_invalid_op+0x16/0x20 [ 120.201749] RIP: 0010:group_sched_out.part.0+0x2c7/0x460 [ 120.201769] Code: 5e 41 5f e9 8b ae ef ff e8 86 ae ef ff 65 8b 1d 0b 18 ac 7e 31 ff 89 de e8 26 ab ef ff 85 db 0f 84 8a 00 00 00 e8 69 ae ef ff <0f> 0b e9 a5 fe ff ff e8 5d ae ef ff 48 8d 7d 10 48 b8 00 00 00 00 [ 120.201781] RSP: 0018:ffff8880207a7c48 EFLAGS: 00010006 [ 120.201790] RAX: 0000000040000002 RBX: 0000000000000000 RCX: 0000000000000000 [ 120.201797] RDX: ffff888018be8000 RSI: ffffffff81565dc7 RDI: 0000000000000005 [ 120.201804] RBP: ffff88803f918000 R08: 0000000000000005 R09: 0000000000000001 [ 120.201811] R10: 0000000000000000 R11: ffffffff865b405b R12: ffff88800eb9c800 [ 120.201819] R13: ffff88806cf3d2c0 R14: ffffffff8547d000 R15: 0000000000000002 [ 120.201830] ? group_sched_out.part.0+0x2c7/0x460 [ 120.201849] ? group_sched_out.part.0+0x2c7/0x460 [ 120.201869] ctx_sched_out+0x8f1/0xc10 [ 120.201888] __perf_event_task_sched_out+0x6d0/0x18d0 [ 120.201902] ? lock_is_held_type+0xd7/0x130 [ 120.201916] ? __perf_cgroup_move+0x160/0x160 [ 120.201926] ? set_next_entity+0x304/0x550 [ 120.201944] ? update_curr+0x267/0x740 [ 120.201962] ? lock_is_held_type+0xd7/0x130 [ 120.201976] __schedule+0xedd/0x2470 [ 120.201993] ? io_schedule_timeout+0x150/0x150 [ 120.202009] ? rcu_read_lock_sched_held+0x3e/0x80 [ 120.202029] schedule+0xda/0x1b0 [ 120.202044] exit_to_user_mode_prepare+0x114/0x1a0 [ 120.202056] syscall_exit_to_user_mode+0x19/0x40 [ 120.202070] do_syscall_64+0x48/0x90 [ 120.202087] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 120.202100] RIP: 0033:0x7f1b1f29cb19 [ 120.202108] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 120.202119] RSP: 002b:00007f1b1c812218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 120.202130] RAX: 0000000000000001 RBX: 00007f1b1f3aff68 RCX: 00007f1b1f29cb19 [ 120.202137] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f1b1f3aff6c [ 120.202144] RBP: 00007f1b1f3aff60 R08: 000000000000000e R09: 0000000000000000 [ 120.202151] R10: 0000000000000004 R11: 0000000000000246 R12: 00007f1b1f3aff6c [ 120.202158] R13: 00007ffee77fc0cf R14: 00007f1b1c812300 R15: 0000000000022000 [ 120.202171] [ 120.260420] WARNING: CPU: 1 PID: 3702 at kernel/events/core.c:2309 group_sched_out.part.0+0x2c7/0x460 [ 120.261138] Modules linked in: [ 120.261391] CPU: 1 PID: 3702 Comm: syz-executor.2 Not tainted 6.0.0-rc7-next-20220930 #1 [ 120.262004] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 120.262848] RIP: 0010:group_sched_out.part.0+0x2c7/0x460 [ 120.263280] Code: 5e 41 5f e9 8b ae ef ff e8 86 ae ef ff 65 8b 1d 0b 18 ac 7e 31 ff 89 de e8 26 ab ef ff 85 db 0f 84 8a 00 00 00 e8 69 ae ef ff <0f> 0b e9 a5 fe ff ff e8 5d ae ef ff 48 8d 7d 10 48 b8 00 00 00 00 [ 120.264652] RSP: 0018:ffff8880207a7c48 EFLAGS: 00010006 [ 120.265064] RAX: 0000000040000002 RBX: 0000000000000000 RCX: 0000000000000000 [ 120.265605] RDX: ffff888018be8000 RSI: ffffffff81565dc7 RDI: 0000000000000005 [ 120.266139] RBP: ffff88803f918000 R08: 0000000000000005 R09: 0000000000000001 [ 120.266685] R10: 0000000000000000 R11: ffffffff865b405b R12: ffff88800eb9c800 [ 120.267228] R13: ffff88806cf3d2c0 R14: ffffffff8547d000 R15: 0000000000000002 [ 120.267766] FS: 00007f1b1c812700(0000) GS:ffff88806cf00000(0000) knlGS:0000000000000000 [ 120.268388] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 120.268837] CR2: 00007fe1f9fdd710 CR3: 0000000040b8e000 CR4: 0000000000350ee0 [ 120.269378] Call Trace: [ 120.269576] [ 120.269751] ctx_sched_out+0x8f1/0xc10 [ 120.270057] __perf_event_task_sched_out+0x6d0/0x18d0 [ 120.270449] ? lock_is_held_type+0xd7/0x130 [ 120.270782] ? __perf_cgroup_move+0x160/0x160 [ 120.271120] ? set_next_entity+0x304/0x550 [ 120.271457] ? update_curr+0x267/0x740 [ 120.271767] ? lock_is_held_type+0xd7/0x130 [ 120.272103] __schedule+0xedd/0x2470 [ 120.272405] ? io_schedule_timeout+0x150/0x150 [ 120.272763] ? rcu_read_lock_sched_held+0x3e/0x80 [ 120.273141] schedule+0xda/0x1b0 [ 120.273413] exit_to_user_mode_prepare+0x114/0x1a0 [ 120.273798] syscall_exit_to_user_mode+0x19/0x40 [ 120.274158] do_syscall_64+0x48/0x90 [ 120.274453] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 120.274843] RIP: 0033:0x7f1b1f29cb19 [ 120.275137] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 120.276506] RSP: 002b:00007f1b1c812218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 120.277092] RAX: 0000000000000001 RBX: 00007f1b1f3aff68 RCX: 00007f1b1f29cb19 [ 120.277624] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f1b1f3aff6c [ 120.278162] RBP: 00007f1b1f3aff60 R08: 000000000000000e R09: 0000000000000000 [ 120.278704] R10: 0000000000000004 R11: 0000000000000246 R12: 00007f1b1f3aff6c [ 120.279252] R13: 00007ffee77fc0cf R14: 00007f1b1c812300 R15: 0000000000022000 [ 120.279785] [ 120.279970] irq event stamp: 776 [ 120.280235] hardirqs last enabled at (775): [] exit_to_user_mode_prepare+0x109/0x1a0 [ 120.280945] hardirqs last disabled at (776): [] __schedule+0x1225/0x2470 [ 120.281582] softirqs last enabled at (630): [] __irq_exit_rcu+0x11b/0x180 [ 120.282232] softirqs last disabled at (617): [] __irq_exit_rcu+0x11b/0x180 [ 120.282889] ---[ end trace 0000000000000000 ]--- 14:16:32 executing program 2: syz_open_dev$loop(&(0x7f0000000140), 0x0, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x9}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x2, 0x0, 0x0, 0x0, 0x0, 0x2, 0x30656, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040), 0x8}, 0x0, 0x0, 0x10}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x3521, &(0x7f0000000180)={0x0, 0xca28, 0x0, 0x2, 0xb3}, &(0x7f0000ff2000/0xc000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000000), &(0x7f0000000200)) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000001200)=ANY=[@ANYBLOB, @ANYRES32, @ANYRES32=0xee00, @ANYRES32, @ANYBLOB='n/file0\x00']) syz_io_uring_setup(0x443f, &(0x7f0000000200), &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000000100)=0x0, &(0x7f0000000040)=0x0) syz_io_uring_submit(r2, r3, &(0x7f0000000180)=@IORING_OP_READV=@pass_iovec={0x1, 0x5, 0x0, @fd, 0x0, 0x0, 0xfffffd03}, 0x0) syz_io_uring_setup(0x443f, &(0x7f0000000200), &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000000100)=0x0, &(0x7f0000000040)=0x0) syz_io_uring_submit(r4, r5, &(0x7f0000000180)=@IORING_OP_READV=@pass_iovec={0x1, 0x5, 0x0, @fd, 0x0, 0x0, 0xfffffd03}, 0x0) syz_io_uring_submit(r2, r5, &(0x7f0000000340)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd, 0x0, 0x0, 0x0, {0x2a2}}, 0x9) fcntl$dupfd(r0, 0x406, r1) getgid() perf_event_open(&(0x7f0000001840)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000001800), 0xd}, 0x22}, 0x0, 0x0, 0xffffffffffffffff, 0x3) r6 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0) getsockopt$bt_BT_SNDMTU(r6, 0x112, 0xc, 0x0, &(0x7f0000000040)) fsetxattr$trusted_overlay_redirect(r6, &(0x7f0000000240), &(0x7f0000000300)='./file1\x00', 0x8, 0x0) write(r1, &(0x7f0000000080)="01", 0x41030) 14:16:32 executing program 2: syz_open_dev$loop(&(0x7f0000000140), 0x0, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x9}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x2, 0x0, 0x0, 0x0, 0x0, 0x2, 0x30656, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040), 0x8}, 0x0, 0x0, 0x10}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x3521, &(0x7f0000000180)={0x0, 0xca28, 0x0, 0x2, 0xb3}, &(0x7f0000ff2000/0xc000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000000), &(0x7f0000000200)) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000001200)=ANY=[@ANYBLOB, @ANYRES32, @ANYRES32=0xee00, @ANYRES32, @ANYBLOB='n/file0\x00']) syz_io_uring_setup(0x443f, &(0x7f0000000200), &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000000100)=0x0, &(0x7f0000000040)=0x0) syz_io_uring_submit(r2, r3, &(0x7f0000000180)=@IORING_OP_READV=@pass_iovec={0x1, 0x5, 0x0, @fd, 0x0, 0x0, 0xfffffd03}, 0x0) syz_io_uring_setup(0x443f, &(0x7f0000000200), &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000000100)=0x0, &(0x7f0000000040)=0x0) syz_io_uring_submit(r4, r5, &(0x7f0000000180)=@IORING_OP_READV=@pass_iovec={0x1, 0x5, 0x0, @fd, 0x0, 0x0, 0xfffffd03}, 0x0) syz_io_uring_submit(r2, r5, &(0x7f0000000340)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd, 0x0, 0x0, 0x0, {0x2a2}}, 0x9) fcntl$dupfd(r0, 0x406, r1) getgid() perf_event_open(&(0x7f0000001840)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000001800), 0xd}, 0x22}, 0x0, 0x0, 0xffffffffffffffff, 0x3) r6 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0) getsockopt$bt_BT_SNDMTU(r6, 0x112, 0xc, 0x0, &(0x7f0000000040)) fsetxattr$trusted_overlay_redirect(r6, &(0x7f0000000240), &(0x7f0000000300)='./file1\x00', 0x8, 0x0) write(r1, &(0x7f0000000080)="01", 0x41030) 14:16:32 executing program 2: syz_open_dev$loop(&(0x7f0000000140), 0x0, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x9}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x2, 0x0, 0x0, 0x0, 0x0, 0x2, 0x30656, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040), 0x8}, 0x0, 0x0, 0x10}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x3521, &(0x7f0000000180)={0x0, 0xca28, 0x0, 0x2, 0xb3}, &(0x7f0000ff2000/0xc000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000000), &(0x7f0000000200)) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000001200)=ANY=[@ANYBLOB, @ANYRES32, @ANYRES32=0xee00, @ANYRES32, @ANYBLOB='n/file0\x00']) syz_io_uring_setup(0x443f, &(0x7f0000000200), &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000000100)=0x0, &(0x7f0000000040)=0x0) syz_io_uring_submit(r2, r3, &(0x7f0000000180)=@IORING_OP_READV=@pass_iovec={0x1, 0x5, 0x0, @fd, 0x0, 0x0, 0xfffffd03}, 0x0) syz_io_uring_setup(0x443f, &(0x7f0000000200), &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000000100)=0x0, &(0x7f0000000040)=0x0) syz_io_uring_submit(r4, r5, &(0x7f0000000180)=@IORING_OP_READV=@pass_iovec={0x1, 0x5, 0x0, @fd, 0x0, 0x0, 0xfffffd03}, 0x0) syz_io_uring_submit(r2, r5, &(0x7f0000000340)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd, 0x0, 0x0, 0x0, {0x2a2}}, 0x9) fcntl$dupfd(r0, 0x406, r1) getgid() perf_event_open(&(0x7f0000001840)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000001800), 0xd}, 0x22}, 0x0, 0x0, 0xffffffffffffffff, 0x3) r6 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0) getsockopt$bt_BT_SNDMTU(r6, 0x112, 0xc, 0x0, &(0x7f0000000040)) fsetxattr$trusted_overlay_redirect(r6, &(0x7f0000000240), &(0x7f0000000300)='./file1\x00', 0x8, 0x0) write(r1, &(0x7f0000000080)="01", 0x41030) 14:16:32 executing program 5: syz_open_dev$loop(&(0x7f0000000140), 0x0, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x9}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x2, 0x0, 0x0, 0x0, 0x0, 0x2, 0x30656, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040), 0x8}, 0x0, 0x0, 0x10}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x3521, &(0x7f0000000180)={0x0, 0xca28, 0x0, 0x2, 0xb3}, &(0x7f0000ff2000/0xc000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000000), &(0x7f0000000200)) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000001200)=ANY=[@ANYBLOB, @ANYRES32, @ANYRES32=0xee00, @ANYRES32, @ANYBLOB='n/file0\x00']) syz_io_uring_setup(0x443f, &(0x7f0000000200), &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000000100)=0x0, &(0x7f0000000040)=0x0) syz_io_uring_submit(r2, r3, &(0x7f0000000180)=@IORING_OP_READV=@pass_iovec={0x1, 0x5, 0x0, @fd, 0x0, 0x0, 0xfffffd03}, 0x0) syz_io_uring_setup(0x443f, &(0x7f0000000200), &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000000100)=0x0, &(0x7f0000000040)=0x0) syz_io_uring_submit(r4, r5, &(0x7f0000000180)=@IORING_OP_READV=@pass_iovec={0x1, 0x5, 0x0, @fd, 0x0, 0x0, 0xfffffd03}, 0x0) syz_io_uring_submit(r2, r5, &(0x7f0000000340)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd, 0x0, 0x0, 0x0, {0x2a2}}, 0x9) fcntl$dupfd(r0, 0x406, r1) getgid() perf_event_open(&(0x7f0000001840)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000001800), 0xd}, 0x22}, 0x0, 0x0, 0xffffffffffffffff, 0x3) r6 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0) getsockopt$bt_BT_SNDMTU(r6, 0x112, 0xc, 0x0, &(0x7f0000000040)) fsetxattr$trusted_overlay_redirect(r6, &(0x7f0000000240), &(0x7f0000000300)='./file1\x00', 0x8, 0x0) write(r1, &(0x7f0000000080)="01", 0x41030) 14:16:33 executing program 2: syz_open_dev$loop(&(0x7f0000000140), 0x0, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x9}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x2, 0x0, 0x0, 0x0, 0x0, 0x2, 0x30656, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040), 0x8}, 0x0, 0x0, 0x10}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x3521, &(0x7f0000000180)={0x0, 0xca28, 0x0, 0x2, 0xb3}, &(0x7f0000ff2000/0xc000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000000), &(0x7f0000000200)) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000001200)=ANY=[@ANYBLOB, @ANYRES32, @ANYRES32=0xee00, @ANYRES32, @ANYBLOB='n/file0\x00']) syz_io_uring_setup(0x443f, &(0x7f0000000200), &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000000100)=0x0, &(0x7f0000000040)=0x0) syz_io_uring_submit(r2, r3, &(0x7f0000000180)=@IORING_OP_READV=@pass_iovec={0x1, 0x5, 0x0, @fd, 0x0, 0x0, 0xfffffd03}, 0x0) syz_io_uring_setup(0x443f, &(0x7f0000000200), &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000000100)=0x0, &(0x7f0000000040)=0x0) syz_io_uring_submit(r4, r5, &(0x7f0000000180)=@IORING_OP_READV=@pass_iovec={0x1, 0x5, 0x0, @fd, 0x0, 0x0, 0xfffffd03}, 0x0) syz_io_uring_submit(r2, r5, &(0x7f0000000340)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd, 0x0, 0x0, 0x0, {0x2a2}}, 0x9) fcntl$dupfd(r0, 0x406, r1) getgid() perf_event_open(&(0x7f0000001840)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000001800), 0xd}, 0x22}, 0x0, 0x0, 0xffffffffffffffff, 0x3) r6 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0) getsockopt$bt_BT_SNDMTU(r6, 0x112, 0xc, 0x0, &(0x7f0000000040)) fsetxattr$trusted_overlay_redirect(r6, &(0x7f0000000240), &(0x7f0000000300)='./file1\x00', 0x8, 0x0) write(r1, &(0x7f0000000080)="01", 0x41030) VM DIAGNOSIS: 14:16:32 Registers: info registers vcpu 0 RAX=0000000000000001 RBX=ffff88803f86f988 RCX=0000000000000000 RDX=1ffff11007f0df3c RSI=ffff88803f86fe58 RDI=ffffffff817ce0cf RBP=ffff88803f86f9e0 RSP=ffff88803f86f970 R8 =ffffffff85ee81fc R9 =ffffffff85ee8200 R10=ffffed1007f0df3e R11=ffff88803f86f9c8 R12=ffff88803f86fa50 R13=0000000000000000 R14=ffff888010105040 R15=ffff88800843f280 RIP=ffffffff81119fa5 RFL=00000202 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 00007fc783bef540 00000000 00000000 GS =0000 ffff88806ce00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=000055a2eb1bd4c8 CR3=0000000040988000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 YMM00=0000000000000000 0000000000000000 00642e65626f7270 646f6d2f6374652f YMM01=0000000000000000 0000000000000000 00642e65626f7270 646f6d2f6374652f YMM02=0000000000000000 0000000000000000 0000000000000000 0000ffffffffffff YMM03=0000000000000000 0000000000000000 0000000000000000 0000ff00000000ff YMM04=0000000000000000 0000000000000000 2f2f2f2f2f2f2f2f 2f2f2f2f2f2f2f2f YMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM08=0000000000000000 0000000000000000 676f6c206d6f7473 7563000000000000 YMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 RAX=0000000000000033 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff823bb0f1 RDI=ffffffff8765a9a0 RBP=ffffffff8765a960 RSP=ffff8880207a7690 R8 =0000000000000001 R9 =000000000000000a R10=0000000000000033 R11=0000000000000001 R12=0000000000000033 R13=ffffffff8765a960 R14=0000000000000010 R15=ffffffff823bb0e0 RIP=ffffffff823bb149 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 00007f1b1c812700 00000000 00000000 GS =0000 ffff88806cf00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007fe1f9fdd710 CR3=0000000040b8e000 CR4=00350ee0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 YMM00=0000000000000000 0000000000000000 ffffffffffff0000 0000000000000000 YMM01=0000000000000000 0000000000000000 2323232323232323 2323232323232323 YMM02=0000000000000000 0000000000000000 ffffffffffffffff ffffffffffffffff YMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM04=0000000000000000 0000000000000000 ffffffffffff0000 0000000000000000 YMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM06=0000000000000000 0000000000000000 0000000000000000 000000524f525245 YMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM08=0000000000000000 0000000000000000 0000000000000000 00524f5252450040 YMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000