syzkaller login: [ 42.902259] sshd (243) used greatest stack depth: 24792 bytes left Warning: Permanently added '[localhost]:43994' (ECDSA) to the list of known hosts. 2022/10/01 14:57:46 fuzzer started 2022/10/01 14:57:46 dialing manager at localhost:35095 [ 45.139788] cgroup: Unknown subsys name 'net' [ 45.271247] cgroup: Unknown subsys name 'rlimit' 2022/10/01 14:58:00 syscalls: 2215 2022/10/01 14:58:00 code coverage: enabled 2022/10/01 14:58:00 comparison tracing: enabled 2022/10/01 14:58:00 extra coverage: enabled 2022/10/01 14:58:00 setuid sandbox: enabled 2022/10/01 14:58:00 namespace sandbox: enabled 2022/10/01 14:58:00 Android sandbox: enabled 2022/10/01 14:58:00 fault injection: enabled 2022/10/01 14:58:00 leak checking: enabled 2022/10/01 14:58:00 net packet injection: enabled 2022/10/01 14:58:00 net device setup: enabled 2022/10/01 14:58:00 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2022/10/01 14:58:00 devlink PCI setup: PCI device 0000:00:10.0 is not available 2022/10/01 14:58:00 USB emulation: enabled 2022/10/01 14:58:00 hci packet injection: enabled 2022/10/01 14:58:00 wifi device emulation: failed to parse kernel version (6.0.0-rc7-next-20220930) 2022/10/01 14:58:00 802.15.4 emulation: enabled 2022/10/01 14:58:00 fetching corpus: 50, signal 22162/23945 (executing program) 2022/10/01 14:58:00 fetching corpus: 100, signal 30453/33914 (executing program) 2022/10/01 14:58:01 fetching corpus: 150, signal 39647/44609 (executing program) 2022/10/01 14:58:01 fetching corpus: 200, signal 49283/55602 (executing program) 2022/10/01 14:58:01 fetching corpus: 250, signal 59415/66875 (executing program) 2022/10/01 14:58:01 fetching corpus: 300, signal 65130/73816 (executing program) 2022/10/01 14:58:01 fetching corpus: 350, signal 69160/79048 (executing program) 2022/10/01 14:58:01 fetching corpus: 400, signal 73452/84439 (executing program) 2022/10/01 14:58:01 fetching corpus: 450, signal 77267/89369 (executing program) 2022/10/01 14:58:01 fetching corpus: 500, signal 82950/95922 (executing program) 2022/10/01 14:58:02 fetching corpus: 550, signal 84725/98822 (executing program) 2022/10/01 14:58:02 fetching corpus: 600, signal 88769/103777 (executing program) 2022/10/01 14:58:02 fetching corpus: 650, signal 91828/107747 (executing program) 2022/10/01 14:58:02 fetching corpus: 700, signal 94481/111250 (executing program) 2022/10/01 14:58:02 fetching corpus: 750, signal 97818/115339 (executing program) 2022/10/01 14:58:02 fetching corpus: 800, signal 100923/119205 (executing program) 2022/10/01 14:58:02 fetching corpus: 850, signal 102484/121699 (executing program) 2022/10/01 14:58:02 fetching corpus: 900, signal 105227/125173 (executing program) 2022/10/01 14:58:03 fetching corpus: 950, signal 106918/127676 (executing program) 2022/10/01 14:58:03 fetching corpus: 1000, signal 108639/130176 (executing program) 2022/10/01 14:58:03 fetching corpus: 1050, signal 110850/133068 (executing program) 2022/10/01 14:58:03 fetching corpus: 1100, signal 112777/135680 (executing program) 2022/10/01 14:58:03 fetching corpus: 1150, signal 115191/138678 (executing program) 2022/10/01 14:58:03 fetching corpus: 1200, signal 116979/141125 (executing program) 2022/10/01 14:58:03 fetching corpus: 1250, signal 120258/144738 (executing program) 2022/10/01 14:58:04 fetching corpus: 1300, signal 123407/148178 (executing program) 2022/10/01 14:58:04 fetching corpus: 1350, signal 125219/150572 (executing program) 2022/10/01 14:58:04 fetching corpus: 1400, signal 126497/152509 (executing program) 2022/10/01 14:58:04 fetching corpus: 1450, signal 128024/154580 (executing program) 2022/10/01 14:58:04 fetching corpus: 1500, signal 129551/156662 (executing program) 2022/10/01 14:58:04 fetching corpus: 1550, signal 131050/158644 (executing program) 2022/10/01 14:58:04 fetching corpus: 1600, signal 132227/160373 (executing program) 2022/10/01 14:58:04 fetching corpus: 1650, signal 134148/162694 (executing program) 2022/10/01 14:58:04 fetching corpus: 1700, signal 136478/165135 (executing program) 2022/10/01 14:58:04 fetching corpus: 1750, signal 137196/166459 (executing program) 2022/10/01 14:58:05 fetching corpus: 1800, signal 138027/167858 (executing program) 2022/10/01 14:58:05 fetching corpus: 1850, signal 138993/169350 (executing program) 2022/10/01 14:58:05 fetching corpus: 1900, signal 140598/171219 (executing program) 2022/10/01 14:58:05 fetching corpus: 1950, signal 142301/173247 (executing program) 2022/10/01 14:58:05 fetching corpus: 2000, signal 143414/174779 (executing program) 2022/10/01 14:58:05 fetching corpus: 2050, signal 144444/176253 (executing program) 2022/10/01 14:58:05 fetching corpus: 2100, signal 145908/177996 (executing program) 2022/10/01 14:58:05 fetching corpus: 2150, signal 146949/179420 (executing program) 2022/10/01 14:58:05 fetching corpus: 2200, signal 147971/180770 (executing program) 2022/10/01 14:58:06 fetching corpus: 2250, signal 148807/182001 (executing program) 2022/10/01 14:58:06 fetching corpus: 2300, signal 150112/183560 (executing program) 2022/10/01 14:58:06 fetching corpus: 2350, signal 151251/184954 (executing program) 2022/10/01 14:58:06 fetching corpus: 2400, signal 151801/185989 (executing program) 2022/10/01 14:58:06 fetching corpus: 2450, signal 152599/187186 (executing program) 2022/10/01 14:58:06 fetching corpus: 2500, signal 153933/188619 (executing program) 2022/10/01 14:58:06 fetching corpus: 2550, signal 154762/189751 (executing program) 2022/10/01 14:58:06 fetching corpus: 2600, signal 155520/190887 (executing program) 2022/10/01 14:58:06 fetching corpus: 2650, signal 156987/192365 (executing program) 2022/10/01 14:58:07 fetching corpus: 2700, signal 158916/194115 (executing program) 2022/10/01 14:58:07 fetching corpus: 2750, signal 159917/195312 (executing program) 2022/10/01 14:58:07 fetching corpus: 2800, signal 162162/197108 (executing program) 2022/10/01 14:58:07 fetching corpus: 2850, signal 163298/198332 (executing program) 2022/10/01 14:58:07 fetching corpus: 2900, signal 163845/199221 (executing program) 2022/10/01 14:58:07 fetching corpus: 2950, signal 164432/200113 (executing program) 2022/10/01 14:58:07 fetching corpus: 3000, signal 165100/201034 (executing program) 2022/10/01 14:58:07 fetching corpus: 3050, signal 166232/202210 (executing program) 2022/10/01 14:58:08 fetching corpus: 3100, signal 166999/203124 (executing program) 2022/10/01 14:58:08 fetching corpus: 3150, signal 167538/203970 (executing program) 2022/10/01 14:58:08 fetching corpus: 3200, signal 168352/204896 (executing program) 2022/10/01 14:58:08 fetching corpus: 3250, signal 169459/206004 (executing program) 2022/10/01 14:58:08 fetching corpus: 3300, signal 169968/206795 (executing program) 2022/10/01 14:58:08 fetching corpus: 3350, signal 170643/207608 (executing program) 2022/10/01 14:58:08 fetching corpus: 3400, signal 171330/208491 (executing program) 2022/10/01 14:58:08 fetching corpus: 3450, signal 172834/209625 (executing program) 2022/10/01 14:58:08 fetching corpus: 3500, signal 173482/210419 (executing program) 2022/10/01 14:58:09 fetching corpus: 3550, signal 174776/211455 (executing program) 2022/10/01 14:58:09 fetching corpus: 3600, signal 175431/212182 (executing program) 2022/10/01 14:58:09 fetching corpus: 3650, signal 176091/212949 (executing program) 2022/10/01 14:58:09 fetching corpus: 3700, signal 176730/213733 (executing program) 2022/10/01 14:58:09 fetching corpus: 3750, signal 177207/214399 (executing program) 2022/10/01 14:58:09 fetching corpus: 3800, signal 177846/215095 (executing program) 2022/10/01 14:58:09 fetching corpus: 3850, signal 178841/215925 (executing program) 2022/10/01 14:58:10 fetching corpus: 3900, signal 180070/216837 (executing program) 2022/10/01 14:58:10 fetching corpus: 3950, signal 181878/217961 (executing program) 2022/10/01 14:58:10 fetching corpus: 4000, signal 182724/218661 (executing program) 2022/10/01 14:58:10 fetching corpus: 4050, signal 183322/219340 (executing program) 2022/10/01 14:58:10 fetching corpus: 4100, signal 184493/220130 (executing program) 2022/10/01 14:58:10 fetching corpus: 4150, signal 184850/220685 (executing program) 2022/10/01 14:58:10 fetching corpus: 4200, signal 185617/221329 (executing program) 2022/10/01 14:58:10 fetching corpus: 4250, signal 185957/221847 (executing program) 2022/10/01 14:58:11 fetching corpus: 4300, signal 186386/222391 (executing program) 2022/10/01 14:58:11 fetching corpus: 4350, signal 187004/223103 (executing program) 2022/10/01 14:58:11 fetching corpus: 4400, signal 187749/223803 (executing program) 2022/10/01 14:58:11 fetching corpus: 4450, signal 188331/224353 (executing program) 2022/10/01 14:58:11 fetching corpus: 4500, signal 188780/224863 (executing program) 2022/10/01 14:58:11 fetching corpus: 4550, signal 189599/225414 (executing program) 2022/10/01 14:58:11 fetching corpus: 4600, signal 190490/226041 (executing program) 2022/10/01 14:58:11 fetching corpus: 4650, signal 191157/226566 (executing program) 2022/10/01 14:58:12 fetching corpus: 4700, signal 191962/227196 (executing program) 2022/10/01 14:58:12 fetching corpus: 4750, signal 192775/227719 (executing program) 2022/10/01 14:58:12 fetching corpus: 4800, signal 193657/228249 (executing program) 2022/10/01 14:58:12 fetching corpus: 4850, signal 194510/228782 (executing program) 2022/10/01 14:58:12 fetching corpus: 4871, signal 194680/229182 (executing program) 2022/10/01 14:58:12 fetching corpus: 4871, signal 194680/229528 (executing program) 2022/10/01 14:58:12 fetching corpus: 4871, signal 194680/229879 (executing program) 2022/10/01 14:58:12 fetching corpus: 4871, signal 194680/230207 (executing program) 2022/10/01 14:58:12 fetching corpus: 4871, signal 194680/230586 (executing program) 2022/10/01 14:58:12 fetching corpus: 4871, signal 194680/230906 (executing program) 2022/10/01 14:58:12 fetching corpus: 4871, signal 194680/231264 (executing program) 2022/10/01 14:58:12 fetching corpus: 4871, signal 194680/231629 (executing program) 2022/10/01 14:58:12 fetching corpus: 4871, signal 194680/231966 (executing program) 2022/10/01 14:58:12 fetching corpus: 4871, signal 194680/232331 (executing program) 2022/10/01 14:58:12 fetching corpus: 4871, signal 194680/232694 (executing program) 2022/10/01 14:58:12 fetching corpus: 4871, signal 194680/233024 (executing program) 2022/10/01 14:58:12 fetching corpus: 4871, signal 194680/233392 (executing program) 2022/10/01 14:58:12 fetching corpus: 4871, signal 194680/233760 (executing program) 2022/10/01 14:58:12 fetching corpus: 4871, signal 194680/234127 (executing program) 2022/10/01 14:58:12 fetching corpus: 4871, signal 194680/234458 (executing program) 2022/10/01 14:58:12 fetching corpus: 4871, signal 194680/234808 (executing program) 2022/10/01 14:58:12 fetching corpus: 4871, signal 194680/235183 (executing program) 2022/10/01 14:58:12 fetching corpus: 4871, signal 194680/235512 (executing program) 2022/10/01 14:58:12 fetching corpus: 4871, signal 194680/235512 (executing program) 2022/10/01 14:58:15 starting 8 fuzzer processes 14:58:15 executing program 0: r0 = open_tree(0xffffffffffffffff, &(0x7f0000000000)='./file0\x00', 0x90000) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/asound/seq/timer\x00', 0x0, 0x0) renameat(r0, &(0x7f0000000040)='./file0\x00', r1, &(0x7f00000000c0)='./file0\x00') perf_event_open(&(0x7f0000000140)={0x0, 0x80, 0x8, 0x2, 0x3f, 0x5, 0x0, 0xbd, 0x0, 0x8, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x2, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x6, 0x2, @perf_bp={&(0x7f0000000100), 0x2ced239dca9d765b}, 0x1, 0x4, 0x10001, 0x5, 0x9, 0x8, 0x1, 0x0, 0x3, 0x0, 0xfffffffffffffffa}, 0xffffffffffffffff, 0x2, r0, 0x9) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000680)=@IORING_OP_WRITEV={0x2, 0x4, 0x0, @fd=r1, 0x398, &(0x7f0000000600)=[{&(0x7f00000001c0)="6b07523c6680aa99b5220b643eb878c7b2b1bf42297f1d5622dbfd455af933b78f0e5563f7ef906e3596dede749f28a0ad98da469d1fcebcf7d99c92494f6e48671bf51d974b9a1f51f51a258792f45bf6b4d80ea3cbb184a52e6eff15c0b0d476526f8d27d613735d328e65efe8beab84407a96e693f902c622bc9bde1c3648b1df4cf868f0b3ea61e2c389348a60b8415a807aa7a8c4924fa6826890d508cc9ed789cd5e925a43e7870b23b248a192fcb88c313be52ba490e75d5d336128effce1964a34e011992ab96983f8d3f8eef85d748eb5398f8a7f180c964aef83", 0xdf}, {&(0x7f00000002c0)="a7120a1281d6e7e6bb2879e0b26be95844bfe6818b58038191b7d39fe4f9405662883bd8cbf6735aa4adddd35a07b83e651a6fa02aaf8a8be68427c92dc3ea46288f3de272ec9d8e781b9f0205280c4ac45bafe61f867cd400e02194a604a2d76c6c1f0967164331d2fb3869fa4fb2fd68808e24e90adb774979cf9b445cb6d626cb0867a419276812fdf2dc0d16526a48c7", 0x92}, {&(0x7f0000000380)="9ac4ebd3a1d20af5347f6e7648afc957f6f0097a081beb58e94d857a85f50c5407e0e1413bfc2a30a1dfe8e049036d8d19e74847d58e0671f0c7191fa39b0ce12f37a0335fe4bbdabf2b90bcc5", 0x4d}, {&(0x7f0000000400)="edffadca594d146ec64c46e77fc1b10e59323199d74c96772b0f", 0x1a}, {&(0x7f0000000440)="10df7cc6e1c2c53b9e1a3927536adf2217a13f28883ee5d79ec54290827093c02b98354ce3652b8a808f2424940040f6f4664e909d992352e2d3c824e60da558aeab9b2f1eb69767797d901f4484c0c82f0f", 0x52}, {&(0x7f00000004c0)="653e53e0054a1c392cc26ee05c24011c05e37549b1de93a4821b11d8cc7f41abd19ce9a4634965560539ce0038bd9f2de6dc88324763f70e7619504a26bec6f524ae6df626949c25a7ce3fb677088330a2c94740fbaaa2cd59b513687d854ecf8d9bc3578a33bf0442a312d1902ca6fcfb06c8cef1862656b7f78314b5f2334756485d953fdbe84337a7477aae7f3e61c5052347a3675fffa626a3597e8be110bb49a975835c1fa5993f5070749c703cf5bbce62ac4fb8868fe8c0fad572cb6d632a5611a7e6d7ffdd373eb5", 0xcc}, {&(0x7f00000005c0)="af9462971f3f573e490fa2cfa6573dc63441c25eeba87f20052a4b74d605ff7949061c1c26dbc1", 0x27}], 0x7, 0x5, 0x0, {0x1}}, 0x7f) r2 = signalfd4(r1, &(0x7f00000006c0)={[0x2]}, 0x8, 0x800) ioctl$FS_IOC_SETFSLABEL(r2, 0x41009432, &(0x7f0000000700)="e8482a146b03525f0b4d3e36055633bd125c556e404d70fc4fa0e6e9027e25d6fd84583182eadbe6004d7a3ac6d41dcf94c87fa288d32d51d9e6bc6dc23137ba9b071d4674d664124e3cfd7d83ffebb9cf199b59533a3aa2552d528bfe8ee0c74943293467d82d3cd7e6cd76eed66cb0757ceb8ac36495ce6da9a5201f345dc47b7c517d31b8f8924e2fa067d9ec2e88ee5a14b539b95d8398aef11f81d34a96a01cc7e3f34652fafe83cf05d42758c0443c74fe9a0f725a6ecb67edaa0d26e55e31abe3de68b39d07d12e9aadac3b0e0417dd0d67ecfd90240cb9910fad6c1ad96e4e195f2c7d7623f4a4083f184125b8998daf373d4738533e1f29fdfebc39") pread64(r1, &(0x7f0000000800)=""/35, 0x23, 0x4) r3 = memfd_create(&(0x7f0000000840)='&\'([\x00', 0x6) ioctl$AUTOFS_IOC_EXPIRE_MULTI(r3, 0x40049366, &(0x7f0000000880)=0x2) r4 = syz_mount_image$tmpfs(&(0x7f00000008c0), &(0x7f0000000900)='./file0\x00', 0x8, 0x5, &(0x7f0000000c40)=[{&(0x7f0000000940)="3776b72fecf63cc369f55ac8eefacfa71ec70a5cb316cece25aa80c53e4ac74961ce3f7ad421cbb505e84a79e6", 0x2d, 0xffff}, {&(0x7f0000000980)="8a5754f1fe4409864e1beec98e72eb4833f0c58a6b78775846ffa97fb8a4e698ebeea121bb35b05c12cff9386bdbe59966fb82cad501e2cd063beab959fe29f6a82ea5e3a254f7bda81093ce7a1464a63d1a82c2559b2766b1401502558d60165ba881adda727b08647893e46724e9f1cfc41e51428902b0b17e6bd5b46d0346d7e5", 0x82, 0xffffffff80000001}, {&(0x7f0000000a40)="5958696b9ed404bcb27e67a9dcc83c0f46a5adaba4a70c8b26a1324da5d2e13932303d69c9d9e64b6a3f674f4bf5b4c4ee8e07b951474f90725bc747f3bbfa47d963abdbec36426390ae8f1996492ca2785beb0b9fabee513e84dd59fd210629154892b86d018b3806d5337f973746b06e2564d69ff08c036da2ab68de588fd4255ade0656a826e8ba7ee6925a7b6dc7af4bdfae796bab619189bfec2eaa11f8bcb5226a98d6a7713b578f03974c724f66be67e42746c2cb0efe3649a63478c19f277418cc15", 0xc6, 0x3bdb}, {&(0x7f0000000b40)="1f3484db9adffd3fa618581faad36431f6f43a038a306f08ee27b5c2c1fb2b9259436ac41a5abf6d0a6df6f7037869588472d86d2fa6b3ba60eb7460807d5592c0451378c4b963ee5e6146128f6543e074405b58e0b510a304af9a39a2630646ebc14c1635f3c0bab859c67bc86bd8b8929647d1926d0829", 0x78}, {&(0x7f0000000bc0)="85f98ca8daa96f76c41c6e317ae4cf50f487a500d9f4b648583e47583e7e04857ae74691edd35c9717c869f5a0ebf15f393bcebcba793b641df7de52347a120878f6f02aa4f7453728549a72bf", 0x4d, 0xd91b}], 0x2280814, &(0x7f0000000cc0)={[{@huge_advise}, {@huge_always}, {@size={'size', 0x3d, [0x30, 0x34, 0x30]}}], [{@uid_eq={'uid', 0x3d, 0xffffffffffffffff}}, {@euid_eq={'euid', 0x3d, 0xee00}}, {@uid_eq}, {@smackfshat={'smackfshat', 0x3d, '\x00'}}, {@fsuuid={'fsuuid', 0x3d, {[0x37, 0x39, 0x38, 0x35, 0x34, 0x37, 0x35, 0x30], 0x2d, [0x31, 0x0, 0x62, 0x38], 0x2d, [0x35, 0x39, 0x65, 0x65], 0x2d, [0x38, 0x31, 0x39, 0x65], 0x2d, [0x36, 0x64, 0x36, 0x38, 0x64, 0x38, 0x30, 0x30]}}}, {@dont_hash}]}) setsockopt$inet6_tcp_TCP_MD5SIG(r1, 0x6, 0xe, &(0x7f0000000d80)={@in={{0x2, 0x4e24, @private=0xa010102}}, 0x0, 0x0, 0x1a, 0x0, "b836b6b7510f6ad41fc6d67e17b4ea54afdfee41f51f040909aec0e43fd20e2fc1ec6c24d1dc60e75bd5e5b76d30bceb346a80e3a7e0c760359f8a06da80b09a768763e72739f2c4f687fd69f9398d93"}, 0xd8) openat(r0, &(0x7f0000000e80)='./file0\x00', 0x101480, 0x195) r5 = open_tree(0xffffffffffffff9c, &(0x7f0000000ec0)='./file0\x00', 0x80800) sendfile(r2, r5, &(0x7f0000000f00)=0x80, 0x6) ioctl$TCSETS2(r2, 0x402c542b, &(0x7f0000000f40)={0xffffffff, 0x7fffffff, 0x4, 0x1, 0x3f, "0ef818236e9ba2ab6bf4f43fb6b35f0ebd50f5", 0x7ff, 0x7fffffff}) ioctl$FS_IOC_RESVSP(r5, 0x40305828, &(0x7f0000000f80)={0x0, 0x3, 0x1bef, 0x8}) sendmsg$IPVS_CMD_SET_DEST(r2, &(0x7f0000001100)={&(0x7f0000000fc0)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f00000010c0)={&(0x7f0000001000)={0x9c, 0x0, 0x10, 0x70bd2b, 0x25dfdbfd, {}, [@IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0xefd2}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x1c}, @IPVS_CMD_ATTR_DEST={0x3c, 0x2, 0x0, 0x1, [@IPVS_DEST_ATTR_TUN_TYPE={0x5}, @IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x5}, @IPVS_DEST_ATTR_L_THRESH={0x8}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x6, 0xb, 0x2}, @IPVS_DEST_ATTR_FWD_METHOD={0x8, 0x3, 0x3}, @IPVS_DEST_ATTR_L_THRESH={0x8, 0x6, 0x8}, @IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x5}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x4}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x3}, @IPVS_CMD_ATTR_DEST={0x24, 0x2, 0x0, 0x1, [@IPVS_DEST_ATTR_ACTIVE_CONNS={0x8, 0x7, 0x7}, @IPVS_DEST_ATTR_L_THRESH={0x8, 0x6, 0x36}, @IPVS_DEST_ATTR_PORT={0x6, 0x2, 0x4e21}, @IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x200}]}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x9}]}, 0x9c}, 0x1, 0x0, 0x0, 0x50}, 0x44840) write(r4, &(0x7f0000001140)="e541cb8fb8771fd39a59b11afb7dd875fda5e7962b8b766f31d87645406a4569f9006c1acb1616d30065b8", 0x2b) close(r0) 14:58:15 executing program 1: r0 = syz_io_uring_complete(0x0) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$NL80211_CMD_STOP_AP(r0, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x20, r1, 0x200, 0x70bd2b, 0x25dfdbfc, {{}, {@void, @val={0xc, 0x99, {0xff, 0x31}}}}, ["", "", "", "", ""]}, 0x20}, 0x1, 0x0, 0x0, 0x2004c001}, 0x4044001) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000140), 0x109000, 0x0) sendmsg$NL80211_CMD_SET_MESH_CONFIG(r2, &(0x7f0000000300)={&(0x7f0000000180), 0xc, &(0x7f00000002c0)={&(0x7f00000001c0)={0xcc, r1, 0x4, 0x70bd29, 0x25dfdbfc, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_WIPHY={0x8, 0x1, 0x38}, @NL80211_ATTR_IFINDEX={0x8}, @NL80211_ATTR_WIPHY={0x8, 0x1, 0x56}, @NL80211_ATTR_IFINDEX={0x8}, @NL80211_ATTR_WDEV={0xc, 0x99, {0xff, 0x6c}}, @NL80211_ATTR_MESH_CONFIG={0x2c, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_TTL={0x5, 0x6, 0x7c}, @NL80211_MESHCONF_AWAKE_WINDOW={0x6, 0x1b, 0xc07}, @NL80211_MESHCONF_HT_OPMODE={0x6, 0x16, 0x14}, @NL80211_MESHCONF_HWMP_ROOT_INTERVAL={0x6, 0x18, 0x3}, @NL80211_MESHCONF_AWAKE_WINDOW={0x6}]}, @NL80211_ATTR_MESH_CONFIG={0x4c, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_CONFIRM_TIMEOUT={0x6, 0x2, 0x38}, @NL80211_MESHCONF_POWER_MODE={0x8, 0x1a, 0x2}, @NL80211_MESHCONF_AUTO_OPEN_PLINKS={0x5, 0x7, 0x20}, @NL80211_MESHCONF_HOLDING_TIMEOUT={0x6, 0x3, 0x4a}, @NL80211_MESHCONF_HWMP_ROOT_INTERVAL={0x6, 0x18, 0x306}, @NL80211_MESHCONF_PATH_REFRESH_TIME={0x8, 0x9, 0x3}, @NL80211_MESHCONF_HWMP_PERR_MIN_INTERVAL={0x6, 0x12, 0x9}, @NL80211_MESHCONF_HT_OPMODE={0x6, 0x16, 0x10}, @NL80211_MESHCONF_CONFIRM_TIMEOUT={0x6, 0x2, 0xb1}]}, @NL80211_ATTR_WDEV={0xc, 0x99, {0x2, 0x4}}]}, 0xcc}, 0x1, 0x0, 0x0, 0x4080}, 0x8000) syz_genetlink_get_family_id$nl80211(&(0x7f0000000340), r2) sendmsg$BATADV_CMD_GET_ORIGINATORS(r2, &(0x7f0000000480)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000440)={&(0x7f00000003c0)={0x44, 0x0, 0x400, 0x70bd28, 0x25dfdbfd, {}, [@BATADV_ATTR_GW_BANDWIDTH_UP={0x8, 0x32, 0x3}, @BATADV_ATTR_BRIDGE_LOOP_AVOIDANCE_ENABLED={0x5}, @BATADV_ATTR_AP_ISOLATION_ENABLED={0x5}, @BATADV_ATTR_NETWORK_CODING_ENABLED={0x5}, @BATADV_ATTR_VLANID={0x6, 0x28, 0x2}, @BATADV_ATTR_MESH_IFINDEX={0x8}]}, 0x44}}, 0x4081) r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) sendmsg$NL80211_CMD_ASSOCIATE(r0, &(0x7f00000005c0)={&(0x7f00000004c0)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000580)={&(0x7f0000000540)={0x40, r3, 0x4, 0x70bd2b, 0x25dfdbfe, {{}, {@void, @val={0xc, 0x99, {0x5, 0x69}}}}, [@NL80211_ATTR_SSID={0x20, 0x34, @random="e7dd0e409ec1cc329aa54c828fef96ddfe0ab0e013acecacb68a3ffe"}]}, 0x40}, 0x1, 0x0, 0x0, 0x40000}, 0x1) ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000640)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_TRIGGER_SCAN(r0, &(0x7f0000000700)={&(0x7f0000000600)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f00000006c0)={&(0x7f0000000680)={0x3c, r3, 0x200, 0x70bd2d, 0x25dfdbfb, {{}, {@val={0x8, 0x3, r4}, @val={0xc, 0x99, {0x7f, 0x50}}}}, [@NL80211_ATTR_SCHED_SCAN_RELATIVE_RSSI={0x5, 0xf6, 0x1f}, @NL80211_ATTR_SCAN_FLAGS={0x8, 0x9e, 0x1210}, @NL80211_ATTR_TX_NO_CCK_RATE={0x4}]}, 0x3c}, 0x1, 0x0, 0x0, 0x24044000}, 0x4000000) r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000780), 0xffffffffffffffff) sendmsg$NL80211_CMD_START_AP(r0, &(0x7f0000000980)={&(0x7f0000000740), 0xc, &(0x7f0000000940)={&(0x7f00000007c0)={0x158, r5, 0x20, 0x70bd2b, 0x25dfdbfd, {{}, {@void, @val={0xc, 0x99, {0x3, 0x4e}}}}, [@chandef_params=[@NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x28}, @NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0xa}], @NL80211_ATTR_TX_RATES={0x120, 0x5a, 0x0, 0x1, [@NL80211_BAND_60GHZ={0xc0, 0x2, 0x0, 0x1, [@NL80211_TXRATE_LEGACY={0xc, 0x1, [0x6c, 0x2, 0x4, 0x5, 0x5, 0xc, 0x36, 0x30]}, @NL80211_TXRATE_GI={0x5, 0x4, 0x1}, @NL80211_TXRATE_LEGACY={0x17, 0x1, [0x6, 0x16, 0x7, 0x1b, 0x60, 0x30, 0xb, 0x5, 0x5f, 0x0, 0x1b, 0x2, 0x4, 0x60, 0xb, 0x16, 0x6c, 0x6, 0x30]}, @NL80211_TXRATE_HT={0x3d, 0x2, [{0x7}, {0x1, 0x5}, {0x0, 0x7}, {0x4, 0x1}, {0x1, 0x6}, {0x1, 0x5}, {0x5}, {0x5, 0x1}, {0x0, 0x9}, {0x2}, {0x4, 0x8}, {0x1}, {0x7, 0x6}, {0x1}, {0x3, 0x9}, {0x2, 0x7}, {0x4, 0x3}, {0x5, 0x8}, {0x3, 0x4}, {0x1, 0x8}, {0x0, 0xa}, {0x0, 0x6}, {0x0, 0x7}, {0x2, 0x7}, {0x1, 0x1}, {0x3, 0x4}, {0x6, 0xa}, {0x4, 0x1}, {0x0, 0x6}, {0x0, 0x1}, {0x1, 0x9}, {0x5, 0x3}, {0x6, 0x6}, {0x4}, {0x4, 0x2}, {0x0, 0x8}, {0x4, 0x1}, {0x4, 0x7}, {0x5, 0xa}, {0x7}, {0x5, 0xa}, {0x3, 0x7}, {0x0, 0x9}, {0x4, 0x7}, {0x4, 0x6}, {0x7, 0x3}, {0x0, 0x5}, {0x2, 0x9}, {0x0, 0x7}, {0x2, 0x1}, {0x4, 0x9}, {0x7, 0x4}, {0x0, 0x7}, {0x3, 0x8}, {0x3, 0x8}, {0x3, 0x8}, {0x4, 0x3}]}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0xfff7, 0x80, 0x2, 0x81, 0x10, 0x7, 0x401, 0x3]}}, @NL80211_TXRATE_LEGACY={0x16, 0x1, [0x1b, 0x16, 0x18, 0x5, 0x1b, 0x30, 0x27, 0x48, 0x60, 0x30, 0x2d, 0xb, 0x48, 0x6c, 0x24, 0x6c, 0x0, 0x2]}, @NL80211_TXRATE_HT={0x22, 0x2, [{0x1, 0x8}, {0x2, 0x2}, {0x0, 0x3}, {0x4, 0x5}, {0x6, 0x8}, {0x5, 0x8}, {0x4, 0x7}, {0x3, 0xa}, {0x1}, {0x7, 0x9}, {0x7, 0x1}, {0x7, 0x6}, {0x3, 0x2}, {0x4, 0x7}, {0x2, 0x3}, {0x0, 0x8}, {0x7, 0x4}, {0x0, 0x5}, {0x5, 0x9}, {0x3, 0x6}, {0x4, 0xa}, {0x6, 0x7}, {0x0, 0x1}, {0x1, 0xa}, {0x6, 0x9}, {0x6, 0x7}, {0x7, 0x4}, {0x3, 0x7}, {0x6, 0x1}, {0x7, 0x8}]}]}, @NL80211_BAND_2GHZ={0x5c, 0x0, 0x0, 0x1, [@NL80211_TXRATE_LEGACY={0xf, 0x1, [0x5, 0xa5, 0x18, 0x6, 0x18, 0x6, 0xc, 0x6, 0x6c, 0x12, 0x4]}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x6, 0x4, 0x1, 0x1ff, 0x1, 0x3, 0x1ff, 0xc93]}}, @NL80211_TXRATE_HT={0x1d, 0x2, [{0x5, 0x5}, {0x0, 0x6}, {0x0, 0x2}, {}, {0x0, 0x2}, {0x6, 0xa}, {0x7, 0xa}, {0x2, 0x3}, {0x5, 0x8}, {0x7, 0x5}, {0x0, 0x7}, {0x1, 0x3}, {0x1, 0xa}, {0x2, 0x7}, {0x3, 0x8}, {0x1, 0x9}, {0x1, 0x8}, {0x3, 0x4}, {0x1, 0x2}, {0x1, 0x3}, {0x2, 0x2}, {0x2, 0x8}, {0x5, 0x1}, {0x7, 0x8}, {0x0, 0x8}]}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0xffff, 0x7fff, 0x7, 0x100, 0x3, 0x0, 0x1f]}}]}]}, @NL80211_ATTR_SMPS_MODE={0x5}]}, 0x158}, 0x1, 0x0, 0x0, 0x80}, 0x0) r6 = syz_genetlink_get_family_id$devlink(&(0x7f0000000a00), r2) sendmsg$DEVLINK_CMD_RATE_SET(r2, &(0x7f0000000b00)={&(0x7f00000009c0)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000ac0)={&(0x7f0000000a40)={0x5c, r6, 0x200, 0x70bd2b, 0x25dfdbfd, {}, [@handle=@pci={{0x8}, {0x11}}, @DEVLINK_ATTR_RATE_TX_SHARE={0xc, 0xa6, 0x1d4}, @handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}]}, 0x5c}, 0x1, 0x0, 0x0, 0x20018880}, 0x20000000) r7 = fsmount(r2, 0x1, 0x1) r8 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000c40), r0) sendmsg$TIPC_NL_LINK_SET(r7, &(0x7f0000000e40)={&(0x7f0000000c00)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000e00)={&(0x7f0000000c80)={0x148, r8, 0x100, 0x70bd2c, 0x25dfdbfd, {}, [@TIPC_NLA_LINK={0x90, 0x4, 0x0, 0x1, [@TIPC_NLA_LINK_PROP={0x54, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x908}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x6}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x3}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x101}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0xb7}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x3}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x12}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x8}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0xfd18}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x2}]}, @TIPC_NLA_LINK_PROP={0x1c, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x80000000}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x1}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x6}]}, @TIPC_NLA_LINK_PROP={0x1c, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x5}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x1000}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x2}]}]}, @TIPC_NLA_LINK={0xa4, 0x4, 0x0, 0x1, [@TIPC_NLA_LINK_PROP={0x34, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x1}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x3f}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x13}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x14}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0xc11}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x7}]}, @TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz0\x00'}, @TIPC_NLA_LINK_PROP={0x4c, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x8}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x7f}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x1000}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0xbf}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1b}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x4}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1f}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x1}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x6}]}, @TIPC_NLA_LINK_NAME={0x13, 0x1, 'broadcast-link\x00'}]}]}, 0x148}, 0x1, 0x0, 0x0, 0x8000}, 0x80) fsconfig$FSCONFIG_SET_STRING(r2, 0x1, &(0x7f0000000e80)='%]!\'-\x00', &(0x7f0000000ec0)='\x00', 0x0) sendmsg$NL80211_CMD_FRAME(r2, &(0x7f0000001000)={&(0x7f0000000f00)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000fc0)={&(0x7f0000000f80)={0x24, r5, 0x800, 0x70bd2d, 0x25dfdbfe, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_TX_NO_CCK_RATE={0x4}, @NL80211_ATTR_DONT_WAIT_FOR_ACK={0x4}]}, 0x24}, 0x1, 0x0, 0x0, 0x5}, 0x20000004) 14:58:15 executing program 2: ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, &(0x7f00000000c0)={'syztnl0\x00', &(0x7f0000000000)={'erspan0\x00', 0x0, 0x7876, 0x8, 0x1, 0x800000, {{0x25, 0x4, 0x2, 0x12, 0x94, 0x67, 0x0, 0x0, 0x2f, 0x0, @empty, @loopback, {[@generic={0x82, 0xe, "2ac9708fd9e22c9ae9310697"}, @generic={0x82, 0xe, "5326f00c7a0bdd7052548f0c"}, @cipso={0x86, 0x9, 0x2, [{0x6, 0x3, "c7"}]}, @cipso={0x86, 0x28, 0x3, [{0x5, 0x5, "b1df68"}, {0x4, 0x10, "ce8073de7327d1c8978f3901c272"}, {0x6, 0x3, "fd"}, {0x5, 0xa, "a2e5f8463d0bc1ff"}]}, @lsrr={0x83, 0x1b, 0xd8, [@remote, @broadcast, @dev={0xac, 0x14, 0x14, 0x41}, @multicast2, @rand_addr=0x64010100, @multicast1]}, @noop, @timestamp={0x44, 0x8, 0x92, 0x0, 0x1, [0x8]}, @ra={0x94, 0x4}, @ssrr={0x89, 0x7, 0xa2, [@private=0xa010102]}, @ra={0x94, 0x4, 0x1}]}}}}}) ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(0xffffffffffffffff, 0xc0189378, &(0x7f0000000100)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0xffffffffffffffff}}, './file0\x00'}) ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(r2, 0x89f0, &(0x7f00000001c0)={'syztnl2\x00', &(0x7f0000000140)={'gre0\x00', r0, 0x8, 0x20, 0x2, 0x6fd27afe, {{0x10, 0x4, 0x0, 0x8, 0x40, 0x64, 0x0, 0x81, 0x2f, 0x0, @dev={0xac, 0x14, 0x14, 0x10}, @remote, {[@lsrr={0x83, 0x2b, 0xad, [@empty, @initdev={0xac, 0x1e, 0x1, 0x0}, @private=0xa010100, @rand_addr=0x64010100, @empty, @empty, @dev={0xac, 0x14, 0x14, 0x1d}, @initdev={0xac, 0x1e, 0x1, 0x0}, @multicast2, @private=0xa010101]}]}}}}}) pivot_root(&(0x7f0000000200)='./file0\x00', &(0x7f0000000240)='./file1\x00') newfstatat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r1, 0xc018937b, &(0x7f0000000400)={{0x1, 0x1, 0x18, r1, {r3, r4}}, './file0\x00'}) ioctl$NS_GET_OWNER_UID(r1, 0xb704, &(0x7f0000000440)=0x0) mount$9p_fd(0x0, &(0x7f0000000340)='./file1\x00', &(0x7f0000000380), 0x120000, &(0x7f0000000480)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@access_uid={'access', 0x3d, r3}}, {@access_user}, {@noextend}, {@access_user}, {@noextend}, {@noextend}, {@fscache}], [{@smackfsfloor={'smackfsfloor', 0x3d, 'syztnl0\x00'}}, {@smackfsroot={'smackfsroot', 0x3d, 'syztnl2\x00'}}, {@fowner_eq={'fowner', 0x3d, r5}}, {@fowner_lt={'fowner<', r7}}, {@context={'context', 0x3d, 'system_u'}}]}}) mount$9p_tcp(&(0x7f00000005c0), &(0x7f0000000600)='./file1\x00', &(0x7f0000000640), 0x840, &(0x7f0000000680)={'trans=tcp,', {'port', 0x3d, 0x4e22}, 0x2c, {[{@privport}, {@debug={'debug', 0x3d, 0x29e}}, {@aname={'aname', 0x3d, 'wfdno'}}, {@aname={'aname', 0x3d, 'fowner'}}, {@msize={'msize', 0x3d, 0x40}}, {@loose}, {@msize={'msize', 0x3d, 0xc1}}, {@cache_fscache}], [{@subj_user}, {@fsmagic={'fsmagic', 0x3d, 0x8}}, {@fowner_eq={'fowner', 0x3d, r5}}]}}) lstat(&(0x7f0000000780)='./file2\x00', &(0x7f00000007c0)={0x0, 0x0, 0x0, 0x0, 0x0}) getgroups(0x2, &(0x7f0000000840)=[r4, r4]) r10 = getpgrp(0x0) shmctl$IPC_SET(0x0, 0x1, &(0x7f0000000880)={{0x3, r8, r6, r7, r9, 0x80, 0x3}, 0xffff, 0xc855a8c, 0x6, 0x40, r10, 0xffffffffffffffff, 0x2f}) stat(&(0x7f0000000900)='./file0\x00', &(0x7f0000000940)) ioctl$F2FS_IOC_COMMIT_ATOMIC_WRITE(r2, 0xf502, 0x0) lsetxattr$trusted_overlay_origin(&(0x7f00000009c0)='./file0\x00', &(0x7f0000000a00), &(0x7f0000000a40), 0x2, 0x1) shmat(0xffffffffffffffff, &(0x7f0000ffe000/0x1000)=nil, 0x7000) shmctl$IPC_RMID(0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_INO_LOOKUP(r1, 0xd0009412, &(0x7f0000000a80)) waitid(0x2, r10, &(0x7f0000001a80), 0x1, &(0x7f0000001b00)) 14:58:15 executing program 3: prctl$PR_SET_MM_MAP_SIZE(0x23, 0xf, &(0x7f0000000000)) prctl$PR_SET_MM_MAP_SIZE(0x23, 0xf, &(0x7f0000000040)) prctl$PR_SET_MM_MAP_SIZE(0x23, 0xf, &(0x7f0000000080)) prctl$PR_SET_MM_MAP_SIZE(0x23, 0xf, &(0x7f00000000c0)) prctl$PR_SET_MM_MAP_SIZE(0x23, 0xf, &(0x7f0000000100)) prctl$PR_SET_MM_MAP_SIZE(0x23, 0xf, &(0x7f0000000140)) prctl$PR_SET_MM_MAP_SIZE(0x23, 0xf, &(0x7f0000000180)) prctl$PR_SET_MM_MAP_SIZE(0x23, 0xf, &(0x7f00000001c0)) prctl$PR_SET_MM_MAP_SIZE(0x23, 0xf, &(0x7f0000000200)) prctl$PR_SET_MM_MAP_SIZE(0x23, 0xf, &(0x7f0000000240)) prctl$PR_SET_MM_MAP_SIZE(0x23, 0xf, &(0x7f0000000280)) prctl$PR_SET_MM_MAP_SIZE(0x23, 0xf, &(0x7f00000002c0)) prctl$PR_SET_MM_MAP_SIZE(0x23, 0xf, &(0x7f0000000300)) prctl$PR_SET_MM_MAP_SIZE(0x23, 0xf, &(0x7f0000000340)) prctl$PR_SET_MM_MAP_SIZE(0x23, 0xf, &(0x7f0000000380)) prctl$PR_SET_MM_MAP_SIZE(0x23, 0xf, &(0x7f00000003c0)) prctl$PR_SET_MM_MAP_SIZE(0x23, 0xf, &(0x7f0000000400)) prctl$PR_SET_MM_MAP_SIZE(0x23, 0xf, &(0x7f0000000440)) prctl$PR_SET_MM_MAP_SIZE(0x23, 0xf, &(0x7f0000000480)) prctl$PR_SET_MM_MAP_SIZE(0x23, 0xf, &(0x7f00000004c0)) 14:58:15 executing program 5: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='./file0\x00', 0x187b40, 0x4) r1 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0x84241, 0x0) ioctl$F2FS_IOC_GET_PIN_FILE(r1, 0x8004f50e, &(0x7f0000000080)) r2 = syz_open_dev$vcsa(&(0x7f00000000c0), 0x8, 0x101000) ioctl$BTRFS_IOC_INO_PATHS(r2, 0xc0389423, &(0x7f0000000140)={0x80000001, 0x18, [0x7f, 0x800, 0x0, 0x4], &(0x7f0000000100)=[0x0, 0x0, 0x0]}) ioctl$SNAPSHOT_UNFREEZE(r1, 0x3302) r3 = syz_open_dev$vcsa(&(0x7f0000000180), 0xfffffffffffffffa, 0x20600) ioctl$HIDIOCSREPORT(r3, 0x400c4808, &(0x7f00000001c0)={0x3, 0x2}) write(r0, &(0x7f0000000200)="50a6d923d3f2c687b34b13b7b31a161031da2542e9b15ab9d4999b69443436ab68bef662e08f25", 0x27) ioctl$FIGETBSZ(r3, 0x2, &(0x7f0000000240)) r4 = syz_open_dev$vcsa(&(0x7f0000000280), 0x80000001, 0x100) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f00000002c0)={'netpci0\x00'}) ioctl$HIDIOCGFLAG(r3, 0x8004480e, &(0x7f0000000300)) r5 = openat$cgroup_pressure(0xffffffffffffffff, &(0x7f0000000340)='memory.pressure\x00', 0x2, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r4, 0x81f8943c, &(0x7f0000000380)={0x0, ""/256, 0x0, 0x0, 0x0}) ioctl$BTRFS_IOC_SNAP_CREATE_V2(r0, 0x50009417, &(0x7f0000000580)={{r5}, r6, 0x12, @unused=[0x8, 0x1, 0x6, 0x8], @name="8c02de3684bcbe38db1e4705ef38bde9e0f7d692638feff00e0457c6c84d167efa8762acad50c03867daa2f202eceb0c028ffd26032b147ded7ecf33afa57a0d001555d1be30d7d4bc243650cddac45e4a4456ff00d4755b7e3005e1dfa6912f12f7676bfd15dbc3969ea932c4ef6602cda2507e964be0ed700e58b6bbbd3ae6fc9f5394f94142d465233635545dc5430c425ae4a006d0c181d0fada32797aa5b9841c392cdcf5ed52943cab32d4263157cdc5ab6e9172ad0beb8316908824fe1f1371396c6712b0137c79d95aa968f8b1ec749c1922242a3bf2c0cc82aaa2149dd67a600a487f78ae5d27f27d398be59b36b80b8b8d125ccb43f7c856ab664d2433e021ccd7fa9760c585b97c96a92a598258fdbc4994e49b6622ff83663dc9ce10fc155ea76af55dacaff8e4cd3dbbbde4e65b44b25410396900c4143faae10dc2a3aa775a40c4d07867eaec78efcb6528e9b0b7a08354239a242e08442341375ecc752325272effac5ccad091236851f64c233f560591e9cdac30e52c1ac18fd22bf557626d4b0409f3bab3e8cc29df5e04d1d74b95836dbb1d350b1a185100e289ebf51f64ebd73739f20e64978af71ef335a04e1391f386d20f32cd43b0df9f588dd3be374cd1dedd499e44d337b6d22e87499e4238f2fd2dd3922f420361f620ab4881e11b8d1b82e5fbc519b8734b17ec387094cf252b663a64aef4e56909c8f7aecf97f3083566aa72975055e30eb43dd6862182aec2bcfc1c29f44c154635d8ef70fd3c28a3a4fa53b069287dd58a5c8d8422769d3061352f8564d26784c9ef04debc2b015ad4278b3c5ef0778a9bf63d4efc3d35a3ccaaa73ada7ccd435e6e6c76d85e736aa01467c52d03390df130041316363256722418e6101df0b4a3fa74008f6d6c8cc0ae1dd1391c508df82f216be05ac9d43ca2602ef6cd3e3530c302ae1f51a7a30bea0fcf78639657e28abf6b7be31bdd1818989f94a9815e8af14a7b12aa2f9cb897fe98cf1052301deed9b3aca85b2a959907d82ad0d6096727c98b72a75b2932823158724f46bcdac1b1194362eb87f5b45e766bd23c908543c82e5ee76361d6990f8be04bb22eb43689207ca3de8c4cf73296967069554721a5e83634ff289b17a58421a6398ae34efb149b392fe86f27a4f5c507fff73695a50cfdd1d4c422de6eba6b0008208f547c163b876ef8222ad2f189822358ac68ce37e65c03ba5d4941516533ff25411ab7015a74c5956a247aa58ffb1436234fd86f0973e2e14e57f155a2cd02d70fe7adc810c9d76c51d4edc7b246dff43770896230b0d330be291b4ff95bf528e5e863860343ecccd2142f3211b0c263cc06afe6997a8f77a8e8aabc08e6a0ce82c9484f0dfc78dccd9ec418595fe27e25755146ffb1b14ee44881d3010a2fdbdb3e725e0ee062795e3d9c4aa97232cfa7d0e016041b9924790419f50063f130c52691dcbf526d36710967523bc0ea0abc87f4c16d4e82bcd5eb3b06ce4c4397dd91c0e72029312dfb2e46e887839d59352bd0dc2f2854b1cd6bedbeae395216e36e063adb22fc3bff878d629fd409d0173d24140a43bdd4a295c223476d90d89682efefb9941fbfb67a72359e7a7a34fe308bb53e82186a90bdd4e4cd0dd19f92b0d4fbe6a6a344167edc56270a51cbc613c669f31123ab94dc104bb72ad17beb74be859f6554a0db6663f6ccc79f5496525e3ce476ae8de03ada5c364bbdb393d119c51dcbd1019cc0cebad9f89a43c8f6c9d7bc7988388aea70fd35aaecdbad47e032a1c885eef1447677a1403f5f9eddec92b0b6846e646d0d15ad40c91459673c5cf91ff9b13c12a4ad9f82c17b210fa1a386efee26cd6fa136638ef008f9953ba169c8781755ddc466d6a456aabfa71c338f7c5364af2d87b837cd3f771ae744143f1aaf4a652ce15890eac9d759ac9c64213f84d3d40e126dad5202be07a15ea1b7e8cf0acbd42c5993b0c3d8f93c6a2524b9bdbbd75cff93dcd7055d82fa4426ee6d6b879134b399ebcd05073437bcd1ccba6bc622853847562f2ae120422a01f1610a46d666cd9acedb827de3b9aba4e1a220b2e91cb8c829cbece06f4e53b9b0aa0c18b15bdf69574b81e1036c402239ffad20598e167187dbcfa92b76bedaa093e6d90d77b22244159f244c37a911e275f944170d946fd3966924470163f0d59d82578293a01fc570a3961a094dd5d78897a199e7ceac933f514345695fae9ffecbbcc59188fb96450d167d4adc3a521a175c5fd6b1c670057f31e931062b13f2f6b1a14c77312b6a9de648fbfd492fd83f294e7e22e2bb821a8ffdeb885cb68e75f5dc3c614e2e985dbe46fc62ccef39a5a5f607dbfaa6d648a069b9238b4f56e6b8ea1e44861679313a8853d7744e431e39f27ff261d33ee3e9763b7198f4c9f56a4dafe8d81b5f00421f44563445af36acdc998914075fb319ffd2a865390162d72c5b525643a3ffeb11fa04913cc8159cd68540ad7629ea1491d76726c9dd44c49e35e43d7bd9a795bdf2dfb1ecc43f7ab61ec36a4c15908a980abd49773715d5ab7a03603772eb0077a63d4867832a63915cefd66a8324366834ce6ba1a88a346268a1a8a42d83193a0e411c28283756a7358fbea68321bb5d5e7c7e03d80908a1d64d5207b0651d0fd5c4b7e298605a1fae612571f57ef74d8458f669298a7c3bf22cc1647dfd3c9f9f8f0f4ca5b542657e72c4dd1ea15654819dcb946750fa82ba6db19ffc81074886ecb308a2ba96e671d67b5455f14c22cd68168ffd8d8465d4d7834c9d153d95139f92d7799dca79601d962b1e1e07e37ee50e1d15ba028108f21dc5ca37ad556af8cd1ef6bc3a332bee2f2e480182e55520f3ffa750a6d1891f2c7a7b311f4b4ea934e034a36649d77d3b6da5bbc7d8e8f3d113f60a16e083b89145cf92734344af9fec97e9fef163432d2c23535a4fca5feef3739bdbbe70c64721ec6427a3a857076a4fc8e3c278d9298474d7af8ff8e9e2b00e0244ce5a57d3d345a76df2076f5ff3fc1c2015354521e971d5ad1f72c6995465efe3edbfcd2795148c99009b5a2f7f00ca24630a9fbf01b5c142a6ff4e2f0e17627bd4ee79090aea351ea131bcefe6acc4b0d03381deb71f2e6a394eb200a5ff535be25da302e5f23c39481f1698efce27dc0388b69306672c12281e6f56214d6f7906dbaf4b2f88dd6403454ad447c2bbb00a5c0399f30e6ba16679f6472305afa65877b205a85f8389d6bcc96f361de04325c4ebf36a5d65a75abde79efdd69ff11632af999a6de7da0b2e1d39804aa3e6af6a98bff0f8e99146ecaae9a04e6e155944ba86d12b0f6454545c9bb708107261ff1d3d700c00f6ff0acf20e5af136719a6b554032b0a95a16faad6a6ef88b86391c4a4e864cf4078b050e69708d1c89b19967c94d4714c535dbb2d1c7fc88040dd9638abb94bf4cdcf06fbd809352c8c05b244ed84cffb51e81b7658456e09b063ac1f8c2ca5927d1eb0bfc7efb466861e86888e1c3d3e40fd05949806597309448214f764e98abea0157fc1794b62cf2f491b1004a4cbb2b82dbbfcd78fd4f879a08c6ad0df31e6a111df3c98bd3e6b770ea2967515b328532cffeadd9c95172ff3075a99aca5573ed3596dc4a24617fd4838907f9afabafa50bf179ba1195234c8dab7b975cb59f03d3b4e3a4d24efa2875d8a28a53efc3eb9c9e05c89a2414873e8cfd2adf5ba75475c4207aee1fb812b97b9a12c4b45a83fb05588165d3e96e122fabef2e27e9540bdcdb105693c1b230a737bd81285284f3c7e8007c32cde46c2a0e72ec117b24baea1b85b87f00624b82410e1ee9c24d7714aa0edf7a4662f37b8c5335ff33bcacb845a8a3c630836806433999899ec7ea3bce410ca9ccc406ff963c95cb0069759fa88ea4732d76c182983fdea2518d095808b9daf6d6eef4bd0d2474aca00e73bd35e5264c37182aa779fef8163a290f88b01488d71ec56c6c1c5df4f01da54d2fe3e387ef3bb31d8f997d3f4c56dd7c22794a0a5cece904e9fbc92c3182950720c8614a7f40180f763941d7911a3c584fd0aea5781f23b7b6bf5c90cb8f286dccf8f03e119f34d1c48535b84b284e47d79224ad4a6e77495f51e4886092c473d86f4792c8fed307c90e299fe119bcec1087097b5d3d5db14035c0d1efe2f11ef8bed966008e66517edb04c8315734d02b6b12abd860e4494c42406e1f96b45bc205d08069d59ba3262c25ad4cf9e1170bb0d13edce28ac1fe434741248e9d315ac8eadabe33249d4436bb01cb96b34b4d9c2082a24c80f17d27478cbb92c13a89eb5b829b41fb2dccfa0cd9932e6763f81426703c76f910fd61c326c9f136258e84067cfacf875e5e2fe03204d066fedd958b142c376cf293de3219195dbed983b72f76fd517e9a1524488447b46e54d499c5b0c21948debc743c6031a2283011dba4856cf9095d1f081a8f160e5f170ba6b251b100cfaa8b6f4f8b3c385dd51421c6861d2ee2004149018038159ec5ed8270ecb6158c8e73506adf3ef4ed61dfb559487575a33653ca99b095db8f8f14c148fd7a87ccf34e99ba506f95ccf8f0a6593263eb2a6fd36f0704c8a391c9a4436bb469d7f7cb5f155a4d86a0f5bdf21c0764f08f132209abc46f93a98265296b352d98a2af4eabb722dc7cf051ad56c344af93149813327b46314f0909e5e498bac5c8fe3566ba103ffc1d4fcb1fb9a0b7eca0bfef0f64270b5cc591eb71f3df80a039bec676f48ac5bb327e5606975c39fe41a2f8ef8ad3bcd46aa65706e24d92264dec462ba739a8f53446382b9ab9c001e7ea33f058ab6c429a6ab1b0e036648ba4225565796d0d1aaccb5b7f0aff3e918d642e5f33f89e8bd209a4805e6e2c1372f633dc0c1a753312dd2ccf8e5edcf02cde24f2c7c537fbf96b5d3d427e6ad167a92d69e5a06b654fce395c7814ff6a9cbf69817874520578bdeda49b2543a3a0eb3479b1b7f777979d176a28fbe634a34cdfc0d978b54b57439d0644fb9764925e306357da7db45284b87b13f2c145bbfef42e29a08f6423b1c08d08797f1d10775de46572e955d80354dbebc51924ab64a16b92efcd8cf5fe66d6c08adf94cf3b81dd42bb782feb62c3364aeeaa4ee35e5c0abdaf8c9151f5b993a2c7eeec4ad2946606d25068673be0e0e23dc02d68391a1325a4133c139bba203fb129fc78e10b31521bd23643d0904034e6a35f5b2b70a38569af11fb13ba291486036ad8ea56c23d6601b7d980e328378dd52964f1904900449ebcf78121f159440faf0975bcd176f425799e119b7f08f703c7ca61064c62003f81639ed544f32a66a07b6c59e4f0b80f8e3dd68301c661bb60c292eb85c2b3482f8d3652f4fca9d8ac5a2fcb43213457e43034a56ccb9e440cda4584943de19b139fe213dd4c6cf04bdd78e232b7e3f0ff09f0aac13361bbe3083ae731437c87a1f969cd091f577972fca3200080fd2d542debbc58e2d7ffd013e25d9b89171b0bc96dc7eca1801c32e182acf7c1d07c0981b3a31056f7777200d2e5d6d14d13af617111c579ad03892badafc43355a0307beebb63d0f7addaac67e07f686d7897c82f52841fb596dd1e2192653e5b14e180412a51855e74450dc1d9e195ea4a7c6e3087c575d9a41305bb2d3782a939d3032facccab2955f7894d66058ce346cfd45fd28ba57d8"}) connect$inet6(r2, &(0x7f0000001580)={0xa, 0x4e21, 0x1, @remote, 0x100}, 0x1c) ioctl$SNAPSHOT_S2RAM(r2, 0x330b) r7 = syz_open_dev$char_usb(0xc, 0xb4, 0x1) ioctl$BTRFS_IOC_FS_INFO(r7, 0x8400941f, &(0x7f00000015c0)) 14:58:15 executing program 4: sendmsg$NL80211_CMD_NEW_KEY(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x30, 0x0, 0x100, 0x70bd29, 0x25dfdbfe, {{}, {@void, @void}}, [@NL80211_ATTR_KEY={0x14, 0x50, 0x0, 0x1, [@NL80211_KEY_SEQ={0x5, 0x4, "18"}, @NL80211_KEY_SEQ={0x5, 0x4, "ab"}]}, @NL80211_ATTR_KEY_CIPHER={0x8, 0x9, 0xfac01}]}, 0x30}, 0x1, 0x0, 0x0, 0x20008040}, 0x0) sendmsg$NL80211_CMD_DISCONNECT(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000140)={0x5c, 0x0, 0x4, 0x70bd2c, 0x25dfdbff, {{}, {@void, @void}}, [@NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x37}, @NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x19}, @NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x19}, @NL80211_ATTR_REASON_CODE={0x6, 0x36, 0xa}, @NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x36}, @NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x3f}, @NL80211_ATTR_REASON_CODE={0x6, 0x36, 0xa}, @NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x24}, @NL80211_ATTR_REASON_CODE={0x6, 0x36, 0xd}]}, 0x5c}, 0x1, 0x0, 0x0, 0x4000010}, 0x4) sendmsg$NL80211_CMD_JOIN_MESH(0xffffffffffffffff, &(0x7f0000000440)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000400)={&(0x7f0000000280)={0x17c, 0x0, 0x8, 0x70bd2a, 0x25dfdbff, {{}, {@void, @void}}, [@NL80211_ATTR_TX_RATES={0x108, 0x5a, 0x0, 0x1, [@NL80211_BAND_6GHZ={0xa4, 0x3, 0x0, 0x1, [@NL80211_TXRATE_VHT={0x14, 0x3, {[0x9, 0x6, 0xcacf, 0x6, 0x9, 0x3, 0x3, 0xa0]}}, @NL80211_TXRATE_HT={0x4f, 0x2, [{0x0, 0xa}, {0x4, 0x4}, {0x1, 0x2}, {0x2, 0x6}, {0x1, 0x8}, {0x0, 0x9}, {0x3, 0x9}, {0x5, 0x9}, {0x7, 0x6}, {0x0, 0x8}, {0x7, 0x7}, {0x5, 0x3}, {}, {0x6, 0x5}, {0x3, 0x5}, {0x3, 0x3}, {0x5, 0x2}, {0x5, 0x7}, {0x7, 0x7}, {0x0, 0x2}, {0x2}, {0x6, 0xa}, {0x1, 0x9}, {0x0, 0x7}, {0x5, 0x4}, {0x5, 0x8}, {0x1, 0x4}, {0x5, 0x3}, {0x0, 0x7}, {0x3, 0x5}, {0x0, 0xa}, {0x0, 0x7}, {0x6, 0xa}, {0x2, 0x8}, {0x1, 0x5}, {0x5, 0x4}, {0x0, 0x6}, {0x1, 0x2}, {0x0, 0x6}, {0x7, 0x9}, {0x4, 0x3}, {0x0, 0x5}, {0x4, 0x9}, {0x0, 0xa}, {0x3, 0x4}, {0x2, 0x9}, {0x0, 0x2}, {0x7, 0x5}, {0x1, 0x2}, {}, {0x0, 0x7}, {0x6, 0x7}, {0x1, 0x4}, {0x5, 0x1}, {0x6, 0x1}, {0x0, 0x1}, {0x5, 0x2}, {0x1}, {0x0, 0x3}, {0x7, 0x5}, {0x0, 0x2}, {0x2, 0x6}, {0x2, 0x4}, {0x1, 0x7}, {0x0, 0x1}, {0x2, 0x9}, {0x4, 0x3}, {0x7, 0x4}, {0x2, 0x2}, {0x4, 0x3}, {0x7, 0x6}, {0x5, 0x4}, {0x0, 0x7}, {0x1, 0x3}, {0x1}]}, @NL80211_TXRATE_LEGACY={0x20, 0x1, [0x16, 0x24, 0x1, 0x9, 0x4, 0x36, 0x9, 0x24, 0x6c, 0x6, 0x24, 0x18, 0x6c, 0x6, 0x30, 0x1, 0x2, 0xb, 0x9, 0x4, 0x9, 0x36, 0x1, 0x21, 0x16, 0xc, 0x24, 0x16]}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x3f, 0x2, 0x9, 0x3, 0x800, 0x1f, 0xff80, 0x4]}}, @NL80211_TXRATE_GI={0x5, 0x4, 0x2}]}, @NL80211_BAND_2GHZ={0x38, 0x0, 0x0, 0x1, [@NL80211_TXRATE_LEGACY={0x1e, 0x1, [0x2, 0x2, 0x36, 0x48, 0x60, 0xb, 0x36, 0x24, 0x48, 0x24, 0x72, 0x12, 0x48, 0x4, 0x1b, 0x9, 0x30, 0x2, 0x5, 0x3, 0x6c, 0x1, 0x30, 0x2, 0xc, 0x18]}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x5, 0x173, 0x8e, 0x6, 0x5, 0x8, 0x200, 0x1]}}]}, @NL80211_BAND_60GHZ={0x28, 0x2, 0x0, 0x1, [@NL80211_TXRATE_HT={0x12, 0x2, [{0x1, 0x3}, {0x1}, {0x4, 0x9}, {0x4, 0x1}, {0x4, 0x1}, {0x6, 0x4}, {0x0, 0x9}, {0x5, 0x4}, {0x2, 0x1}, {0x4, 0x3}, {0x1}, {0x4, 0x8}, {0x1, 0x4}, {0x7, 0x9}]}, @NL80211_TXRATE_HT={0xe, 0x2, [{0x0, 0x2}, {0x4, 0x9}, {0x0, 0x1}, {0x5, 0x9}, {0x5, 0xa}, {0x5}, {0x1, 0x2}, {0x0, 0x8}, {0x2, 0x6}, {0x4, 0x3}]}]}]}, @NL80211_ATTR_MESH_ID={0xa}, @NL80211_ATTR_DTIM_PERIOD={0x8, 0xd, 0xfffffe00}, @NL80211_ATTR_SOCKET_OWNER={0x4}, @chandef_params=[@NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x6}, @NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x874f}, @NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0xaa5}, @NL80211_ATTR_WIPHY_FREQ={0x8, 0x26, @random=0x980}, @NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0x8}, @NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0x6}, @NL80211_ATTR_CHANNEL_WIDTH={0x8, 0x9f, 0x3}], @NL80211_ATTR_DTIM_PERIOD={0x8, 0xd, 0x7}, @NL80211_ATTR_BEACON_INTERVAL={0x8}]}, 0x17c}, 0x1, 0x0, 0x0, 0x24040055}, 0x0) sendmsg$NL80211_CMD_DEL_PMK(0xffffffffffffffff, &(0x7f0000000580)={&(0x7f0000000480)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000540)={&(0x7f00000004c0)={0x50, 0x0, 0x100, 0x70bd2a, 0x25dfdbfb, {{}, {@void, @val={0xc, 0x99, {0xa41d, 0x58}}}}, [@NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_MAC={0xa, 0x6, @broadcast}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}]}, 0x50}, 0x1, 0x0, 0x0, 0x40}, 0x48080) sendmsg$BATADV_CMD_GET_MESH(0xffffffffffffffff, &(0x7f0000000680)={&(0x7f00000005c0)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000640)={&(0x7f0000000600)={0x2c, 0x0, 0x1, 0x70bd2b, 0x25dfdbfe, {}, [@BATADV_ATTR_ORIG_INTERVAL={0x8, 0x39, 0xfffffffd}, @BATADV_ATTR_VLANID={0x6, 0x28, 0x3}, @BATADV_ATTR_AGGREGATED_OGMS_ENABLED={0x5, 0x29, 0x1}]}, 0x2c}, 0x1, 0x0, 0x0, 0x80}, 0x8081) ioctl$AUTOFS_DEV_IOCTL_VERSION(0xffffffffffffffff, 0xc0189371, &(0x7f00000006c0)={{0x1, 0x1, 0x18, 0xffffffffffffffff}, './file0\x00'}) sendmsg$NFT_MSG_GETSET(r0, &(0x7f0000000800)={&(0x7f0000000700)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f00000007c0)={&(0x7f0000000740)={0x44, 0xa, 0xa, 0x101, 0x0, 0x0, {0x7, 0x0, 0x5}, [@NFTA_SET_FLAGS={0x8}, @NFTA_SET_OBJ_TYPE={0x8, 0xf, 0x1, 0x0, 0x5}, @NFTA_SET_ID={0x8, 0xa, 0x1, 0x0, 0x2}, @NFTA_SET_NAME={0x9, 0x2, 'syz0\x00'}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}]}, 0x44}, 0x1, 0x0, 0x0, 0x800}, 0x200080c0) sendmsg$NL80211_CMD_SET_QOS_MAP(r0, &(0x7f0000000a00)={&(0x7f0000000840)={0x10, 0x0, 0x0, 0x80111004}, 0xc, &(0x7f00000009c0)={&(0x7f0000000880)={0x114, 0x0, 0x20, 0x70bd29, 0x25dfdbff, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_QOS_MAP={0x36, 0xc7, {[{0x2}, {0xff, 0x5}, {0xff, 0x6}, {0x0, 0x5}, {0x2, 0x7}, {0x3, 0x5}, {0xe, 0x1}, {0xc0, 0x7}, {0xa3, 0x5}, {0x6, 0x6}, {0x72, 0x4}, {0x9, 0x5}, {0x1f, 0x5}, {0x0, 0x6}, {0x9, 0x4}, {0x16}, {0x4, 0x5}, {0xc3, 0x4}, {0xa8, 0x6}, {0x7, 0x3}, {0x7}], "0d21f8276f71b447"}}, @NL80211_ATTR_QOS_MAP={0x12, 0xc7, {[{0x58, 0x7}, {0x6, 0x2}, {0x9, 0x3}], "9e7f066102ee0082"}}, @NL80211_ATTR_QOS_MAP={0x22, 0xc7, {[{0x9, 0x2}, {0x98, 0x3}, {0x9, 0x1}, {0x1b}, {0x2, 0x7}, {0x68, 0x7}, {0x1, 0x6}, {0x0, 0x4}, {0x4, 0x2}, {0x6, 0x5}, {0x1, 0x1}], "2388544469df742b"}}, @NL80211_ATTR_QOS_MAP={0x1e, 0xc7, {[{0x80, 0x4}, {0x80, 0x9}, {0x8, 0x4}, {0x8, 0x1}, {0x8, 0x4}, {0x2, 0x4}, {0x5, 0x2}, {0x7f, 0x4}, {0x12, 0x4}], "b8ee20f44ead65f4"}}, @NL80211_ATTR_QOS_MAP={0x1a, 0xc7, {[{0x9, 0x5}, {0x1}, {0x7, 0x7}, {0x40, 0x7}, {0x1, 0x7}, {0x1, 0x7}, {0x4, 0x3}], "da6df6ee68f39197"}}, @NL80211_ATTR_QOS_MAP={0x1e, 0xc7, {[{0x8, 0x4}, {0x1f, 0x6}, {0x9, 0x3}, {0x77, 0x2}, {0xf9, 0x1}, {0x1, 0x6}, {0xa7, 0x5}, {0x9, 0x4}, {0x5, 0x5}], "3d15b53a1f8e782d"}}, @NL80211_ATTR_QOS_MAP={0x2a, 0xc7, {[{0x1, 0x2}, {0xcf}, {0x41, 0x3}, {0x81, 0x3}, {0x7, 0x1}, {0x2}, {0x9e, 0x2}, {0x3, 0x4}, {0x2, 0x3}, {0x1, 0x4}, {0x3f, 0x2}, {0x0, 0x4}, {0x40, 0x6}, {0x2e, 0x7}, {0xb, 0x5}], "92662097e31426ca"}}]}, 0x114}, 0x1, 0x0, 0x0, 0x8814}, 0x4000080) sendmsg$IPVS_CMD_FLUSH(r0, &(0x7f0000000b80)={&(0x7f0000000a40)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000b40)={&(0x7f0000000a80)={0x88, 0x0, 0x8, 0x70bd2c, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x97e}, @IPVS_CMD_ATTR_DEST={0x2c, 0x2, 0x0, 0x1, [@IPVS_DEST_ATTR_PERSIST_CONNS={0x8}, @IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0xffff}, @IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x10001}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x6, 0xb, 0x8}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x6, 0xb, 0xa}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x1}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0xc34e}, @IPVS_CMD_ATTR_DEST={0x14, 0x2, 0x0, 0x1, [@IPVS_DEST_ATTR_TUN_FLAGS={0x6}, @IPVS_DEST_ATTR_L_THRESH={0x8, 0x6, 0xa9}]}, @IPVS_CMD_ATTR_DAEMON={0xc, 0x3, 0x0, 0x1, [@IPVS_DAEMON_ATTR_MCAST_TTL={0x5, 0x8, 0xff}]}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x1}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0xd24}]}, 0x88}, 0x1, 0x0, 0x0, 0x80}, 0x80) r1 = openat$sr(0xffffffffffffff9c, &(0x7f0000000bc0), 0x40001, 0x0) r2 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000c40), r0) sendmsg$ETHTOOL_MSG_WOL_GET(r1, &(0x7f0000000d00)={&(0x7f0000000c00)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000cc0)={&(0x7f0000000c80)={0x34, r2, 0x200, 0x70bd26, 0x25dfdbfe, {}, [@HEADER={0x20, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'team0\x00'}]}]}, 0x34}}, 0x10) r3 = openat2(r0, &(0x7f0000000d40)='./file0\x00', &(0x7f0000000d80)={0x0, 0x150, 0x1}, 0x18) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r3, 0x81f8943c, &(0x7f0000000dc0)) r4 = syz_genetlink_get_family_id$smc(&(0x7f0000001000), r0) sendmsg$SMC_PNETID_ADD(r3, &(0x7f0000001100)={&(0x7f0000000fc0)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f00000010c0)={&(0x7f0000001040)={0x80, r4, 0x20cd7f0d3ff7686e, 0x70bd2d, 0x25dfdbfc, {}, [@SMC_PNETID_ETHNAME={0x14, 0x2, 'geneve1\x00'}, @SMC_PNETID_IBNAME={0x9, 0x3, 'syz2\x00'}, @SMC_PNETID_ETHNAME={0x14, 0x2, 'veth0_to_batadv\x00'}, @SMC_PNETID_NAME={0x9, 0x1, 'syz2\x00'}, @SMC_PNETID_IBNAME={0x9, 0x3, 'syz2\x00'}, @SMC_PNETID_NAME={0x9, 0x1, 'syz0\x00'}, @SMC_PNETID_ETHNAME={0x14, 0x2, 'team0\x00'}]}, 0x80}, 0x1, 0x0, 0x0, 0x5}, 0x4000800) ioctl$AUTOFS_DEV_IOCTL_VERSION(r1, 0xc0189371, &(0x7f0000001140)={{0x1, 0x1, 0x18, r0}, './file0\x00'}) r6 = syz_genetlink_get_family_id$nl80211(&(0x7f00000011c0), r3) sendmsg$NL80211_CMD_NOTIFY_RADAR(r5, &(0x7f00000012c0)={&(0x7f0000001180)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000001280)={&(0x7f0000001200)={0x50, r6, 0x400, 0x70bd2a, 0x25dfdbff, {{}, {@val={0x8}, @val={0xc, 0x99, {0x456, 0x68}}}}, [@NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0x6}, @NL80211_ATTR_CHANNEL_WIDTH={0x8, 0x9f, 0x4}, @NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0xd}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x19}, @NL80211_ATTR_WIPHY_CHANNEL_TYPE={0x8, 0x27, 0x3}]}, 0x50}}, 0x4c080) sendmsg$ETHTOOL_MSG_WOL_SET(0xffffffffffffffff, &(0x7f0000001940)={&(0x7f0000001340)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000001900)={&(0x7f00000013c0)={0x524, 0x0, 0x8, 0x70bd25, 0x25dfdbfc, {}, [@ETHTOOL_A_WOL_MODES={0x394, 0x2, 0x0, 0x1, [@ETHTOOL_A_BITSET_VALUE={0x21, 0x4, "620d8dbc7efc9ec22fc942e382caecd1710093344682b96a80d2154bec"}, @ETHTOOL_A_BITSET_BITS={0x98, 0x3, 0x0, 0x1, [{0x1c, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_NAME={0xa, 0x2, '&[].!\x00'}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}]}, {0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x80000001}]}, {0x2c, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0xe9}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x80000000}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_NAME={0x6, 0x2, '#\x00'}, @ETHTOOL_A_BITSET_BIT_NAME={0x6, 0x2, '\'\x00'}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}]}, {0x24, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_NAME={0x14, 0x2, '\'t&]}&^)$\\\'-\\]+\x00'}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x1}]}, {0x1c, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_NAME={0x8, 0x2, '#.%\x00'}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x5}, @ETHTOOL_A_BITSET_BIT_NAME={0x8, 0x2, '^{!\x00'}]}]}, @ETHTOOL_A_BITSET_MASK={0xb1, 0x5, "cd1373f41dab0126ab37ded259b8a894845add141f3a4d2985099907519fca5bfb0423590cc0b94fbaabe86701c2858689d851bd52d34394026219ec443d96656837916c6c88961c07024154c75690b9c63c67e28174523a4e3f9448e9fe4d1192edc90f9e5857813bdbdf480c21a4a207ed9a9223b0f43d671029e6ac18d3ec89b2b7f114fe5ca35f2b1a8fa32c969a8899169341cbb952dd23c52ea2697e4f2eb2b1b92ac6f53d4fb29c8511"}, @ETHTOOL_A_BITSET_BITS={0x120, 0x3, 0x0, 0x1, [{0x58, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_NAME={0x9, 0x2, 'syz0\x00'}, @ETHTOOL_A_BITSET_BIT_NAME={0xa, 0x2, '!#o(^\x00'}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x98}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_NAME={0x7, 0x2, ']{\x00'}, @ETHTOOL_A_BITSET_BIT_NAME={0x7, 0x2, '@[\x00'}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x4}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x7ff}, @ETHTOOL_A_BITSET_BIT_NAME={0xa, 0x2, '\x03\x03\x03\x03\x03\x03'}]}, {0x10, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x99}]}, {0x48, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_NAME={0x5, 0x2, '\x00'}, @ETHTOOL_A_BITSET_BIT_NAME={0x11, 0x2, 'D!!^\\\'@}}#[$\x00'}, @ETHTOOL_A_BITSET_BIT_NAME={0x9, 0x2, 'syz2\x00'}, @ETHTOOL_A_BITSET_BIT_NAME={0xa, 0x2, '\x03\x03\x03\x03\x03\x03'}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x7}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x2}]}, {0x4c, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x7}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x4}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x1}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x3}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x6}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_NAME={0xa, 0x2, '$&^)*\x00'}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x6}]}, {0x10, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_NAME={0xc, 0x2, 'geneve1\x00'}]}, {0x10, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_NAME={0xc, 0x2, 'geneve1\x00'}]}]}, @ETHTOOL_A_BITSET_VALUE={0x76, 0x4, "c3198bd6eb16f334549f97f20b3a62e3ff65e49330633da4f6ee946a18282b26f79b9ff282729c2c793046b30fd1f039bd584bb66b06a5b08bfb0e77403e0f21f51ff1881fa3935588c0ab907b8e1b146020710872042d5afb90dd73b972f24d27b454173795db51dc30c2fc11de5c26e5ce"}, @ETHTOOL_A_BITSET_BITS={0x7c, 0x3, 0x0, 0x1, [{0x48, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_NAME={0x9, 0x2, 'syz0\x00'}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x4}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x200}, @ETHTOOL_A_BITSET_BIT_NAME={0x6, 0x2, '@\x00'}, @ETHTOOL_A_BITSET_BIT_NAME={0xf, 0x2, ',-/&[\xea#![+\x00'}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x1}]}, {0x30, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_NAME={0x9, 0x2, '\\%@%\x00'}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x3}, @ETHTOOL_A_BITSET_BIT_NAME={0x9, 0x2, '\xc6:/{\x00'}]}]}, @ETHTOOL_A_BITSET_SIZE={0x8, 0x2, 0x5}, @ETHTOOL_A_BITSET_NOMASK={0x4}]}, @ETHTOOL_A_WOL_SOPASS={0xc1, 0x3, "d9dc9ac5b13a05fa37088b8b8f1e4da722c495640f1dda161543f8fab980cbc111c4e4e09aeddb5ff30981ad4dd84d9d5b07da6e0018ead1a8b1f7dc50d6574dc6079fece5cfdcd45cb1b490a2a399599c8bc1d20352746ddeb8e9bb65eb40e01f0b26948be0175f132b9e8431dbee42894353322af3231c8cbaba17335659cdeb358691eddc006a57c1bdb14701e77d6fa31a37b825ab1382e13892597f44f1c30a5f67ce50cba021fbfa7caac764e573d956a1f12b37da6223db2096"}, @ETHTOOL_A_WOL_MODES={0xb8, 0x2, 0x0, 0x1, [@ETHTOOL_A_BITSET_VALUE={0xae, 0x4, "944cf4ca84bff498d3ff36152845c5b2574691df9e906d3825a6c788dee585cbd3eda89927ac35c704a0304c5f390beee3aee94f9d861b8e172cba76de83c3926058e05450369b212f86acfc32c958a92a7a6071714c4c321c5bcf2d3d1e628fba7b4cda2fcecee5d0730015b05cd6ecd44fbf5e58ee14deb015f294499c4486294311c94451ea5ec37283c7f64d52fbb7c01592b4fd6bfca8484ae59799391342619662fda971da097e"}, @ETHTOOL_A_BITSET_NOMASK={0x4}]}]}, 0x524}, 0x1, 0x0, 0x0, 0x9c0}, 0x44000) 14:58:15 executing program 6: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0x200080, 0x0) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$NL80211_CMD_SET_MAC_ACL(r0, &(0x7f0000000180)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000140)={&(0x7f00000000c0)={0x44, r1, 0xa00, 0x70bd2d, 0x25dfdbfd, {{}, {@void, @void}}, [@NL80211_ATTR_ACL_POLICY={0x8, 0xa5, 0x1}, @NL80211_ATTR_MAC_ADDRS={0x10, 0xa6, 0x0, 0x1, [{0xa, 0x6, @device_b}]}, @NL80211_ATTR_ACL_POLICY={0x8}, @NL80211_ATTR_ACL_POLICY={0x8, 0xa5, 0x1}, @NL80211_ATTR_ACL_POLICY={0x8, 0xa5, 0x1}]}, 0x44}, 0x1, 0x0, 0x0, 0x20000880}, 0x8001) r2 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) setsockopt$bt_BT_VOICE(r2, 0x112, 0xb, &(0x7f00000001c0), 0x2) r3 = ioctl$TUNGETDEVNETNS(r0, 0x54e3, 0x0) mount$9p_fd(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000240), 0x800, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r3}, 0x2c, {[{@fscache}, {@aname={'aname', 0x3d, 'nl80211\x00'}}, {@version_u}, {@posixacl}], [{@permit_directio}, {@euid_lt={'euid<', 0xee00}}, {@fscontext={'fscontext', 0x3d, 'root'}}, {@fowner_lt={'fowner<', 0xee00}}, {@hash}, {@smackfsdef={'smackfsdef', 0x3d, '{]/'}}]}}) r4 = getpgrp(0x0) perf_event_open(&(0x7f00000003c0)={0x2, 0x80, 0xfc, 0x89, 0x8, 0x6, 0x0, 0x400000000, 0x600, 0x8, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x2, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4, 0x0, @perf_bp={&(0x7f0000000380), 0x9}, 0x10000, 0x1, 0x2, 0x1, 0x3, 0x800, 0x3, 0x0, 0x6, 0x0, 0x8}, r4, 0x3, r0, 0x9) ioctl$AUTOFS_DEV_IOCTL_PROTOVER(r0, 0xc0189372, &(0x7f0000000440)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x8000}}, './file0\x00'}) r6 = syz_genetlink_get_family_id$nl80211(&(0x7f00000004c0), r0) sendmsg$NL80211_CMD_ASSOCIATE(r5, &(0x7f00000005c0)={&(0x7f0000000480)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000580)={&(0x7f0000000500)={0x68, r6, 0x0, 0x70bd2a, 0x25dfdbfb, {{}, {@val={0x8}, @val={0xc, 0x99, {0x2b, 0x27}}}}, [@NL80211_ATTR_HT_CAPABILITY_MASK={0x1e, 0x94, {0x800, 0x0, 0x2, 0x0, {0x9, 0x3, 0x0, 0x1f, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x6, 0xf56}}, @NL80211_ATTR_VHT_CAPABILITY={0x10, 0x9d, {0x100000, {0x6, 0x100, 0x6, 0x8000}}}, @NL80211_ATTR_FILS_KEK={0xf, 0xf2, "3a44b46863cb712ea3bd29"}]}, 0x68}, 0x1, 0x0, 0x0, 0x4040040}, 0x44) sendmsg$NL80211_CMD_SET_POWER_SAVE(r0, &(0x7f0000000700)={&(0x7f0000000600)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f00000006c0)={&(0x7f0000000640)={0x44, r6, 0x400, 0x70bd2d, 0x25dfdbfd, {{}, {@void, @void}}, [@NL80211_ATTR_PS_STATE={0x8, 0x5d, 0x1}, @NL80211_ATTR_PS_STATE={0x8}, @NL80211_ATTR_PS_STATE={0x8, 0x5d, 0x1}, @NL80211_ATTR_PS_STATE={0x8, 0x5d, 0x1}, @NL80211_ATTR_PS_STATE={0x8, 0x5d, 0x1}, @NL80211_ATTR_PS_STATE={0x8, 0x5d, 0x1}]}, 0x44}, 0x1, 0x0, 0x0, 0x44000}, 0x4000) sendmsg$IPCTNL_MSG_CT_GET_STATS(r5, &(0x7f0000000800)={&(0x7f0000000740)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f00000007c0)={&(0x7f0000000780)={0x14, 0x5, 0x1, 0x401, 0x0, 0x0, {0xb, 0x0, 0x7}, ["", "", "", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x4}, 0x80) r7 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000840), 0x204000, 0x0) r8 = openat$pidfd(0xffffffffffffff9c, &(0x7f0000000880), 0x432080, 0x0) epoll_ctl$EPOLL_CTL_ADD(r7, 0x1, r8, &(0x7f00000008c0)={0xf}) ioctl$BTRFS_IOC_TREE_SEARCH_V2(r0, 0xc0709411, &(0x7f0000000900)={{0x0, 0x9, 0xff, 0x4d, 0x3, 0x2a94, 0x6, 0x1, 0x1, 0xb5b9, 0x0, 0x6, 0x5, 0xfffffffffffff800, 0xf774}, 0x40, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) r9 = dup2(r5, r3) sendmsg$ETHTOOL_MSG_WOL_GET(r9, &(0x7f0000000ac0)={&(0x7f00000009c0)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000a80)={&(0x7f0000000a40)={0x3c, 0x0, 0x10, 0x70bd2b, 0x25dfdbfb, {}, [@HEADER={0x28, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_macvtap\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8}]}]}, 0x3c}, 0x1, 0x0, 0x0, 0x2080}, 0x24008844) 14:58:15 executing program 7: sysfs$3(0x3) sysfs$3(0x3) sysfs$3(0x3) sysfs$3(0x3) sysfs$3(0x3) sysfs$3(0x3) sysfs$3(0x3) sysfs$3(0x3) sysfs$3(0x3) sysfs$3(0x3) sysfs$3(0x3) sysfs$3(0x3) sysfs$3(0x3) sysfs$3(0x3) sysfs$3(0x3) sysfs$3(0x3) sysfs$3(0x3) sysfs$3(0x3) sysfs$3(0x3) sysfs$3(0x3) [ 73.840824] audit: type=1400 audit(1664636295.535:6): avc: denied { execmem } for pid=287 comm="syz-executor.1" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1 [ 75.190110] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 75.191782] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 75.193203] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 75.194947] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 75.196624] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 75.199080] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 75.202321] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 75.203732] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 75.204950] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 75.206101] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 75.207240] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 75.208400] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 75.209813] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 75.212148] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 75.215014] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 75.216166] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 75.217441] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 75.218528] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 75.220043] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 75.221361] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 75.228640] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 75.230089] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 75.231351] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 75.231500] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 75.234367] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 75.235673] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 75.235834] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 75.237198] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 75.239013] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 75.240576] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 75.241913] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 75.242819] Bluetooth: hci6: HCI_REQ-0x0c1a [ 75.243711] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 75.243947] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 75.245980] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 75.250173] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 75.253743] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 75.259391] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 75.261294] Bluetooth: hci3: HCI_REQ-0x0c1a [ 75.263784] Bluetooth: hci2: HCI_REQ-0x0c1a [ 75.265914] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 75.270711] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 75.271960] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 75.273305] Bluetooth: hci1: HCI_REQ-0x0c1a [ 75.284334] Bluetooth: hci4: HCI_REQ-0x0c1a [ 75.285383] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 75.296347] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 75.307406] Bluetooth: hci5: HCI_REQ-0x0c1a [ 75.308828] Bluetooth: hci0: HCI_REQ-0x0c1a [ 75.324265] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 75.326264] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 75.328220] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 75.331790] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 75.334089] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 75.335600] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 75.340340] Bluetooth: hci7: HCI_REQ-0x0c1a [ 77.300628] Bluetooth: hci4: command 0x0409 tx timeout [ 77.301020] Bluetooth: hci2: command 0x0409 tx timeout [ 77.301694] Bluetooth: hci3: command 0x0409 tx timeout [ 77.302056] Bluetooth: hci6: command 0x0409 tx timeout [ 77.302740] Bluetooth: hci1: command 0x0409 tx timeout [ 77.364863] Bluetooth: hci7: command 0x0409 tx timeout [ 77.364901] Bluetooth: hci0: command 0x0409 tx timeout [ 77.365575] Bluetooth: hci5: command 0x0409 tx timeout [ 79.352178] Bluetooth: hci6: command 0x041b tx timeout [ 79.352281] Bluetooth: hci3: command 0x041b tx timeout [ 79.352902] Bluetooth: hci2: command 0x041b tx timeout [ 79.353320] Bluetooth: hci4: command 0x041b tx timeout [ 79.353364] Bluetooth: hci1: command 0x041b tx timeout [ 79.412203] Bluetooth: hci0: command 0x041b tx timeout [ 79.412238] Bluetooth: hci5: command 0x041b tx timeout [ 79.412644] Bluetooth: hci7: command 0x041b tx timeout [ 81.396957] Bluetooth: hci1: command 0x040f tx timeout [ 81.398215] Bluetooth: hci4: command 0x040f tx timeout [ 81.398911] Bluetooth: hci3: command 0x040f tx timeout [ 81.399659] Bluetooth: hci6: command 0x040f tx timeout [ 81.400395] Bluetooth: hci2: command 0x040f tx timeout [ 81.460306] Bluetooth: hci7: command 0x040f tx timeout [ 81.461435] Bluetooth: hci5: command 0x040f tx timeout [ 81.462203] Bluetooth: hci0: command 0x040f tx timeout [ 83.444867] Bluetooth: hci2: command 0x0419 tx timeout [ 83.445444] Bluetooth: hci6: command 0x0419 tx timeout [ 83.445837] Bluetooth: hci3: command 0x0419 tx timeout [ 83.446272] Bluetooth: hci4: command 0x0419 tx timeout [ 83.446630] Bluetooth: hci1: command 0x0419 tx timeout [ 83.508198] Bluetooth: hci0: command 0x0419 tx timeout [ 83.508638] Bluetooth: hci5: command 0x0419 tx timeout [ 83.509029] Bluetooth: hci7: command 0x0419 tx timeout 14:59:13 executing program 1: ustat(0x8000000000201, &(0x7f0000000000)) ustat(0x7fffffff, &(0x7f0000000340)) ustat(0x5, &(0x7f0000000300)) r0 = open(0x0, 0x0, 0x22) ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r0, 0x40182103, &(0x7f0000000500)={0x0, 0x2, 0xffffffffffffffff, 0x6}) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f00000003c0), 0xc}, 0x0, 0x0, 0x0, 0x0, 0x4000000000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1}, 0x40, 0x5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x41, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) ustat(0xc3, &(0x7f0000000400)) ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, r2) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff) close(0xffffffffffffffff) write$binfmt_script(r3, &(0x7f00000004c0)=ANY=[@ANYBLOB='\t'], 0xb) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000380), 0x2, 0x0) close(r3) ioctl$LOOP_CTL_REMOVE(r3, 0x4c81, r2) ioctl$AUTOFS_IOC_EXPIRE(0xffffffffffffffff, 0x810c9365, &(0x7f0000000140)={{0x7, 0x3}, 0x100, './file1\x00'}) [ 131.537084] audit: type=1400 audit(1664636353.231:7): avc: denied { open } for pid=3883 comm="syz-executor.1" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 [ 131.538632] audit: type=1400 audit(1664636353.231:8): avc: denied { kernel } for pid=3883 comm="syz-executor.1" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 [ 131.563001] ------------[ cut here ]------------ [ 131.563022] [ 131.563026] ====================================================== [ 131.563029] WARNING: possible circular locking dependency detected [ 131.563033] 6.0.0-rc7-next-20220930 #1 Not tainted [ 131.563040] ------------------------------------------------------ [ 131.563043] syz-executor.1/3885 is trying to acquire lock: [ 131.563049] ffffffff853faab8 ((console_sem).lock){....}-{2:2}, at: down_trylock+0xe/0x70 [ 131.563088] [ 131.563088] but task is already holding lock: [ 131.563091] ffff88803fade020 (&ctx->lock){....}-{2:2}, at: __perf_event_task_sched_out+0x53b/0x18d0 [ 131.563119] [ 131.563119] which lock already depends on the new lock. [ 131.563119] [ 131.563122] [ 131.563122] the existing dependency chain (in reverse order) is: [ 131.563125] [ 131.563125] -> #3 (&ctx->lock){....}-{2:2}: [ 131.563138] _raw_spin_lock+0x2a/0x40 [ 131.563149] __perf_event_task_sched_out+0x53b/0x18d0 [ 131.563160] __schedule+0xedd/0x2470 [ 131.563173] preempt_schedule_common+0x45/0xc0 [ 131.563188] __cond_resched+0x17/0x30 [ 131.563202] __mutex_lock+0xa3/0x14d0 [ 131.563216] __do_sys_perf_event_open+0x1eec/0x32c0 [ 131.563228] do_syscall_64+0x3b/0x90 [ 131.563244] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 131.563257] [ 131.563257] -> #2 (&rq->__lock){-.-.}-{2:2}: [ 131.563270] _raw_spin_lock_nested+0x30/0x40 [ 131.563281] raw_spin_rq_lock_nested+0x1e/0x30 [ 131.563294] task_fork_fair+0x63/0x4d0 [ 131.563310] sched_cgroup_fork+0x3d0/0x540 [ 131.563324] copy_process+0x4183/0x6e20 [ 131.563334] kernel_clone+0xe7/0x890 [ 131.563343] user_mode_thread+0xad/0xf0 [ 131.563353] rest_init+0x24/0x250 [ 131.563365] arch_call_rest_init+0xf/0x14 [ 131.563381] start_kernel+0x4c6/0x4eb [ 131.563396] secondary_startup_64_no_verify+0xe0/0xeb [ 131.563410] [ 131.563410] -> #1 (&p->pi_lock){-.-.}-{2:2}: [ 131.563424] _raw_spin_lock_irqsave+0x39/0x60 [ 131.563434] try_to_wake_up+0xab/0x1930 [ 131.563447] up+0x75/0xb0 [ 131.563461] __up_console_sem+0x6e/0x80 [ 131.563477] console_unlock+0x46a/0x590 [ 131.563492] vt_ioctl+0x2822/0x2ca0 [ 131.563504] tty_ioctl+0x785/0x16b0 [ 131.563514] __x64_sys_ioctl+0x19a/0x210 [ 131.563527] do_syscall_64+0x3b/0x90 [ 131.563543] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 131.563556] [ 131.563556] -> #0 ((console_sem).lock){....}-{2:2}: [ 131.563569] __lock_acquire+0x2a02/0x5e70 [ 131.563586] lock_acquire+0x1a2/0x530 [ 131.563601] _raw_spin_lock_irqsave+0x39/0x60 [ 131.563611] down_trylock+0xe/0x70 [ 131.563626] __down_trylock_console_sem+0x3b/0xd0 [ 131.563642] vprintk_emit+0x16b/0x560 [ 131.563658] vprintk+0x84/0xa0 [ 131.563673] _printk+0xba/0xf1 [ 131.563684] report_bug.cold+0x72/0xab [ 131.563700] handle_bug+0x3c/0x70 [ 131.563716] exc_invalid_op+0x14/0x50 [ 131.563733] asm_exc_invalid_op+0x16/0x20 [ 131.563744] group_sched_out.part.0+0x2c7/0x460 [ 131.563762] ctx_sched_out+0x8f1/0xc10 [ 131.563778] __perf_event_task_sched_out+0x6d0/0x18d0 [ 131.563789] __schedule+0xedd/0x2470 [ 131.563802] preempt_schedule_common+0x45/0xc0 [ 131.563817] __cond_resched+0x17/0x30 [ 131.563830] __mutex_lock+0xa3/0x14d0 [ 131.563845] __do_sys_perf_event_open+0x1eec/0x32c0 [ 131.563856] do_syscall_64+0x3b/0x90 [ 131.563872] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 131.563885] [ 131.563885] other info that might help us debug this: [ 131.563885] [ 131.563887] Chain exists of: [ 131.563887] (console_sem).lock --> &rq->__lock --> &ctx->lock [ 131.563887] [ 131.563902] Possible unsafe locking scenario: [ 131.563902] [ 131.563904] CPU0 CPU1 [ 131.563906] ---- ---- [ 131.563908] lock(&ctx->lock); [ 131.563914] lock(&rq->__lock); [ 131.563920] lock(&ctx->lock); [ 131.563926] lock((console_sem).lock); [ 131.563932] [ 131.563932] *** DEADLOCK *** [ 131.563932] [ 131.563934] 2 locks held by syz-executor.1/3885: [ 131.563940] #0: ffff88806ce37e98 (&rq->__lock){-.-.}-{2:2}, at: __schedule+0x1cf/0x2470 [ 131.563969] #1: ffff88803fade020 (&ctx->lock){....}-{2:2}, at: __perf_event_task_sched_out+0x53b/0x18d0 [ 131.563995] [ 131.563995] stack backtrace: [ 131.563998] CPU: 0 PID: 3885 Comm: syz-executor.1 Not tainted 6.0.0-rc7-next-20220930 #1 [ 131.564010] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 131.564017] Call Trace: [ 131.564021] [ 131.564025] dump_stack_lvl+0x8b/0xb3 [ 131.564043] check_noncircular+0x263/0x2e0 [ 131.564059] ? format_decode+0x26c/0xb50 [ 131.564075] ? print_circular_bug+0x450/0x450 [ 131.564092] ? simple_strtoul+0x30/0x30 [ 131.564106] ? __lockdep_reset_lock+0x180/0x180 [ 131.564123] ? format_decode+0x26c/0xb50 [ 131.564143] ? alloc_chain_hlocks+0x1ec/0x5a0 [ 131.564161] __lock_acquire+0x2a02/0x5e70 [ 131.564182] ? lockdep_hardirqs_on_prepare+0x410/0x410 [ 131.564204] lock_acquire+0x1a2/0x530 [ 131.564221] ? down_trylock+0xe/0x70 [ 131.564237] ? lock_release+0x750/0x750 [ 131.564254] ? lockdep_hardirqs_on_prepare+0x410/0x410 [ 131.564275] ? vprintk+0x84/0xa0 [ 131.564292] _raw_spin_lock_irqsave+0x39/0x60 [ 131.564304] ? down_trylock+0xe/0x70 [ 131.564319] down_trylock+0xe/0x70 [ 131.564335] ? vprintk+0x84/0xa0 [ 131.564352] __down_trylock_console_sem+0x3b/0xd0 [ 131.564369] vprintk_emit+0x16b/0x560 [ 131.564385] ? lock_downgrade+0x6d0/0x6d0 [ 131.564403] vprintk+0x84/0xa0 [ 131.564420] _printk+0xba/0xf1 [ 131.564432] ? record_print_text.cold+0x16/0x16 [ 131.564445] ? hrtimer_try_to_cancel+0x163/0x2c0 [ 131.564460] ? lock_downgrade+0x6d0/0x6d0 [ 131.564477] ? report_bug.cold+0x66/0xab [ 131.564495] ? group_sched_out.part.0+0x2c7/0x460 [ 131.564513] report_bug.cold+0x72/0xab [ 131.564532] handle_bug+0x3c/0x70 [ 131.564549] exc_invalid_op+0x14/0x50 [ 131.564567] asm_exc_invalid_op+0x16/0x20 [ 131.564579] RIP: 0010:group_sched_out.part.0+0x2c7/0x460 [ 131.564599] Code: 5e 41 5f e9 8b ae ef ff e8 86 ae ef ff 65 8b 1d 0b 18 ac 7e 31 ff 89 de e8 26 ab ef ff 85 db 0f 84 8a 00 00 00 e8 69 ae ef ff <0f> 0b e9 a5 fe ff ff e8 5d ae ef ff 48 8d 7d 10 48 b8 00 00 00 00 [ 131.564611] RSP: 0018:ffff88803fef7978 EFLAGS: 00010006 [ 131.564620] RAX: 0000000040000002 RBX: 0000000000000000 RCX: 0000000000000000 [ 131.564627] RDX: ffff88801a1e5040 RSI: ffffffff81565dc7 RDI: 0000000000000005 [ 131.564635] RBP: ffff888008660b90 R08: 0000000000000005 R09: 0000000000000001 [ 131.564642] R10: 0000000000000000 R11: 0000000000000001 R12: ffff88803fade000 [ 131.564649] R13: ffff88806ce3d2c0 R14: ffffffff8547c960 R15: 0000000000000002 [ 131.564659] ? group_sched_out.part.0+0x2c7/0x460 [ 131.564679] ? group_sched_out.part.0+0x2c7/0x460 [ 131.564699] ctx_sched_out+0x8f1/0xc10 [ 131.564718] __perf_event_task_sched_out+0x6d0/0x18d0 [ 131.564732] ? lock_is_held_type+0xd7/0x130 [ 131.564746] ? __perf_cgroup_move+0x160/0x160 [ 131.564756] ? set_next_entity+0x304/0x550 [ 131.564773] ? update_curr+0x267/0x740 [ 131.564791] ? lock_is_held_type+0xd7/0x130 [ 131.564805] __schedule+0xedd/0x2470 [ 131.564822] ? io_schedule_timeout+0x150/0x150 [ 131.564837] ? find_held_lock+0x2c/0x110 [ 131.564853] ? lock_is_held_type+0xd7/0x130 [ 131.564866] ? __cond_resched+0x17/0x30 [ 131.564881] preempt_schedule_common+0x45/0xc0 [ 131.564897] __cond_resched+0x17/0x30 [ 131.564912] __mutex_lock+0xa3/0x14d0 [ 131.564928] ? lock_is_held_type+0xd7/0x130 [ 131.564941] ? __do_sys_perf_event_open+0x1eec/0x32c0 [ 131.564954] ? mutex_lock_io_nested+0x1310/0x1310 [ 131.564970] ? lock_release+0x3b2/0x750 [ 131.564987] ? __up_read+0x192/0x730 [ 131.565002] ? up_write+0x520/0x520 [ 131.565019] __do_sys_perf_event_open+0x1eec/0x32c0 [ 131.565034] ? perf_compat_ioctl+0x130/0x130 [ 131.565045] ? xfd_validate_state+0x59/0x180 [ 131.565068] ? syscall_enter_from_user_mode+0x1d/0x50 [ 131.565082] ? syscall_enter_from_user_mode+0x1d/0x50 [ 131.565097] do_syscall_64+0x3b/0x90 [ 131.565114] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 131.565127] RIP: 0033:0x7f5d0e349b19 [ 131.565136] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 131.565146] RSP: 002b:00007f5d0b8bf188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a [ 131.565157] RAX: ffffffffffffffda RBX: 00007f5d0e45cf60 RCX: 00007f5d0e349b19 [ 131.565164] RDX: ffffffffffffffff RSI: 0000000000000000 RDI: 0000000020000280 [ 131.565172] RBP: 00007f5d0e3a3f6d R08: 0000000000000000 R09: 0000000000000000 [ 131.565179] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000000 [ 131.565186] R13: 00007fff6c6e29df R14: 00007f5d0b8bf300 R15: 0000000000022000 [ 131.565198] [ 131.625789] WARNING: CPU: 0 PID: 3885 at kernel/events/core.c:2309 group_sched_out.part.0+0x2c7/0x460 [ 131.626471] Modules linked in: [ 131.626718] CPU: 0 PID: 3885 Comm: syz-executor.1 Not tainted 6.0.0-rc7-next-20220930 #1 [ 131.627318] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 131.628145] RIP: 0010:group_sched_out.part.0+0x2c7/0x460 [ 131.628558] Code: 5e 41 5f e9 8b ae ef ff e8 86 ae ef ff 65 8b 1d 0b 18 ac 7e 31 ff 89 de e8 26 ab ef ff 85 db 0f 84 8a 00 00 00 e8 69 ae ef ff <0f> 0b e9 a5 fe ff ff e8 5d ae ef ff 48 8d 7d 10 48 b8 00 00 00 00 [ 131.629887] RSP: 0018:ffff88803fef7978 EFLAGS: 00010006 [ 131.630287] RAX: 0000000040000002 RBX: 0000000000000000 RCX: 0000000000000000 [ 131.630832] RDX: ffff88801a1e5040 RSI: ffffffff81565dc7 RDI: 0000000000000005 [ 131.631357] RBP: ffff888008660b90 R08: 0000000000000005 R09: 0000000000000001 [ 131.631887] R10: 0000000000000000 R11: 0000000000000001 R12: ffff88803fade000 [ 131.632421] R13: ffff88806ce3d2c0 R14: ffffffff8547c960 R15: 0000000000000002 [ 131.632957] FS: 00007f5d0b8bf700(0000) GS:ffff88806ce00000(0000) knlGS:0000000000000000 [ 131.633553] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 131.633987] CR2: 00007fdc9aac9310 CR3: 000000001b8d8000 CR4: 0000000000350ef0 [ 131.634512] Call Trace: [ 131.634714] [ 131.634897] ctx_sched_out+0x8f1/0xc10 [ 131.635201] __perf_event_task_sched_out+0x6d0/0x18d0 [ 131.635588] ? lock_is_held_type+0xd7/0x130 [ 131.635913] ? __perf_cgroup_move+0x160/0x160 [ 131.636251] ? set_next_entity+0x304/0x550 [ 131.636576] ? update_curr+0x267/0x740 [ 131.636879] ? lock_is_held_type+0xd7/0x130 [ 131.637203] __schedule+0xedd/0x2470 [ 131.637493] ? io_schedule_timeout+0x150/0x150 [ 131.637846] ? find_held_lock+0x2c/0x110 [ 131.638159] ? lock_is_held_type+0xd7/0x130 [ 131.638487] ? __cond_resched+0x17/0x30 [ 131.638799] preempt_schedule_common+0x45/0xc0 [ 131.639150] __cond_resched+0x17/0x30 [ 131.639439] __mutex_lock+0xa3/0x14d0 [ 131.639732] ? lock_is_held_type+0xd7/0x130 [ 131.640059] ? __do_sys_perf_event_open+0x1eec/0x32c0 [ 131.640449] ? mutex_lock_io_nested+0x1310/0x1310 [ 131.640815] ? lock_release+0x3b2/0x750 [ 131.641131] ? __up_read+0x192/0x730 [ 131.641423] ? up_write+0x520/0x520 [ 131.641709] __do_sys_perf_event_open+0x1eec/0x32c0 [ 131.642094] ? perf_compat_ioctl+0x130/0x130 [ 131.642428] ? xfd_validate_state+0x59/0x180 [ 131.642778] ? syscall_enter_from_user_mode+0x1d/0x50 [ 131.643167] ? syscall_enter_from_user_mode+0x1d/0x50 [ 131.643556] do_syscall_64+0x3b/0x90 [ 131.643850] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 131.644241] RIP: 0033:0x7f5d0e349b19 [ 131.644519] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 131.645877] RSP: 002b:00007f5d0b8bf188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a [ 131.646444] RAX: ffffffffffffffda RBX: 00007f5d0e45cf60 RCX: 00007f5d0e349b19 [ 131.646984] RDX: ffffffffffffffff RSI: 0000000000000000 RDI: 0000000020000280 [ 131.647513] RBP: 00007f5d0e3a3f6d R08: 0000000000000000 R09: 0000000000000000 [ 131.648037] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000000 [ 131.648575] R13: 00007fff6c6e29df R14: 00007f5d0b8bf300 R15: 0000000000022000 [ 131.649110] [ 131.649289] irq event stamp: 1070 [ 131.649546] hardirqs last enabled at (1069): [] asm_sysvec_apic_timer_interrupt+0x16/0x20 [ 131.650267] hardirqs last disabled at (1070): [] __schedule+0x1225/0x2470 [ 131.650893] softirqs last enabled at (914): [] __irq_exit_rcu+0x11b/0x180 [ 131.651525] softirqs last disabled at (879): [] __irq_exit_rcu+0x11b/0x180 [ 131.652159] ---[ end trace 0000000000000000 ]--- 14:59:13 executing program 4: r0 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8919, &(0x7f0000000000)={'lo\x00'}) r1 = socket$inet_udp(0x2, 0x2, 0x0) socket$inet_tcp(0x2, 0x1, 0x0) r2 = socket$packet(0x11, 0x3, 0x300) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000040)={'syz_tun\x00', 0x0}) setsockopt$packet_add_memb(r2, 0x107, 0x1, &(0x7f0000000080)={r3, 0x1, 0x6, @broadcast}, 0x10) setsockopt$packet_add_memb(r2, 0x107, 0x1, &(0x7f0000000140)={r3, 0x1, 0x6, @link_local}, 0x10) setsockopt$packet_add_memb(r2, 0x107, 0x1, &(0x7f0000000000)={r3, 0xf, 0x4, @broadcast}, 0x10) ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r1, 0x89f1, &(0x7f0000000100)={'syztnl0\x00', &(0x7f0000000080)={'erspan0\x00', r3, 0x0, 0x1, 0xff, 0xff, {{0xa, 0x4, 0x1, 0x1, 0x28, 0x68, 0x0, 0x80, 0x4, 0x0, @remote, @initdev={0xac, 0x1e, 0x0, 0x0}, {[@rr={0x7, 0x13, 0x1d, [@multicast1, @rand_addr=0x64010100, @multicast2, @broadcast]}]}}}}}) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8918, &(0x7f0000000040)={'geneve1\x00'}) [ 131.691088] device syz_tun entered promiscuous mode 14:59:13 executing program 7: r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000040)={'syz_tun\x00', &(0x7f0000000080)=@ethtool_test={0x1a, 0x61a01214, 0x6, 0x9, [0xbdd, 0x8, 0xfffffffffffff655, 0x20, 0x7c52f15f, 0x5, 0x39a, 0x1, 0x7fff]}}) 14:59:13 executing program 7: r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000040)={'syz_tun\x00', &(0x7f0000000080)=@ethtool_test={0x1a, 0x61a01214, 0x6, 0x9, [0xbdd, 0x8, 0xfffffffffffff655, 0x20, 0x7c52f15f, 0x5, 0x39a, 0x1, 0x7fff]}}) 14:59:13 executing program 7: r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000040)={'syz_tun\x00', &(0x7f0000000080)=@ethtool_test={0x1a, 0x61a01214, 0x6, 0x9, [0xbdd, 0x8, 0xfffffffffffff655, 0x20, 0x7c52f15f, 0x5, 0x39a, 0x1, 0x7fff]}}) [ 131.877545] device syz_tun left promiscuous mode [ 131.882262] device syz_tun entered promiscuous mode [ 131.933688] device syz_tun left promiscuous mode 14:59:13 executing program 7: r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000040)={'syz_tun\x00', &(0x7f0000000080)=@ethtool_test={0x1a, 0x61a01214, 0x6, 0x9, [0xbdd, 0x8, 0xfffffffffffff655, 0x20, 0x7c52f15f, 0x5, 0x39a, 0x1, 0x7fff]}}) 14:59:13 executing program 4: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}, 0x45534}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = socket$inet6_udp(0xa, 0x2, 0x0) r2 = dup(r1) r3 = accept4$inet6(r1, 0x0, &(0x7f0000000380), 0x80400) connect$inet6(r3, &(0x7f00000003c0)={0xa, 0x4e21, 0x3, @remote, 0x81}, 0x1c) connect$inet6(r2, &(0x7f00000000c0)={0xa, 0x0, 0x0, @mcast2, 0x2}, 0x1c) vmsplice(r0, &(0x7f0000000040)=[{&(0x7f0000000100)="047aaa7b8edc7c225166ab148bfe9b97028709f17c3490d35b4a636b3c61bd0fa309a6e04a3a12b0c58d2fff35f31d8f5e69170ff4363a0af4243597605794e18714af", 0x43}], 0x1, 0x8) r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) open_by_handle_at(r4, &(0x7f0000000140)=@ceph_nfs_confh={0x10, 0x2, {0x28}}, 0x600) socketpair(0x28, 0x80000, 0x8, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$inet6(r5, &(0x7f0000001ec0)=[{{&(0x7f0000000180)={0xa, 0x4e22, 0x3, @private0={0xfc, 0x0, '\x00', 0x1}, 0x639879d8}, 0x1c, &(0x7f0000001b00)=[{&(0x7f0000001580)="d89ffc9e5d4c12a94fbd33db2c1fdbe70a1ec15e84be5423bd83cb13afa1451c96194f46dc1cdf41ad39433a243741dd7db6344ac8ec827451cd91d96dd579a6235e3b1e5ea2b897bdef19eb3eb3219b11cc64caee9d41143a6e7e306790d5746940a187601ae733bd26c3dcaa31a30cb802d141f99212ec3371fdce5c997964da6e369dbd0d9ab027f42abbb894c196fd652ac94027f99c3810b32ee2b95d66982be58006065de82912ffa9c0db6e8305d79a70a933debdfa801e0f2cffd86652", 0xc1}, {&(0x7f00000001c0)="da30d44ed314f4947e8ac15390974e6795fcaeba2464275030f18a61ae2b52405833ebeda8313bd8e054b76ae1b354e60de0e2a6dae229546a49d059fea6dddc06560eca213086197ae93de0ec0631cda1e835331d3951846721e3893c81856e769c20a4b119e9f84bf69da82c5471a4d1a0fd007201b9d2060cd73e78", 0x7d}, {&(0x7f0000000300)="78454f64f57c90dbe2e6d48435ef1af0d0678453bff128cabd1ab9f44e54b07f5416cdf5504292b53571bdfe20bc96e975f9bef0a1253b2e760c04360329048945b3124249e38b37d0a0", 0x4a}, {&(0x7f0000001680)="98d1871855717a074f20f0b1f34ac3219facf6ce40c07ac9543c3ac1f1defa26d460bdccdc8b09730bf0a7eb0141ffa8623b06d4c2d945cf8ee8407b4b17e78841e4288fbdb6798003b7088f47c404107014aaff9391ad8a4af6159ea4bd3d75e5ffe1e4c8405d84e33eb5b3bf995a4ebafdac75e139f8d4d884a6fa2bc5b7cda0213ecdc35b54408b459c125483", 0x8e}, {&(0x7f0000001740)="ab1717b363f5820e82983998bdb061004de72e6ca92283cf6ed77aa4a6e87d9330a18c75f17b887b42b55d7408c93277a57d9c07ef91e344517e280ba8ad23318d783de210d411f2cd55ea9802c31210b2353ea93a8a791c5641567b8d541870027306543a6b2ae55f6066b7e981ed3874cd75c7286310dabdf90c4947e557cab7302ad1ec2e6a203b5ea4d28e5b8f866a9b940f55fae94784a4cb9765483bc85cc0d7b30f492f37e79bd98f0efa017aa43598e7ae0db6cc5c45d9f4aff155bedfa136296ede6dabbf709d51dec16a3a3955d1f930cabe", 0xd7}, {&(0x7f0000001840)="cefb0b55695a6606e742b16970838dff9122439f32e92aa7e0549f3379f2e8b0a6d292176d251efb6ea1112e68341fc426d4a714d0903f4114c56e8759a95eb28ac3fa6cdcb341a61b195a5153bea74f2b320f889bd1793d826f1bcc5db1d0adff2dce06701053acd3abd211c16a5ecb6766ec94b355ff2e6073152e0e62773476ce213f44977e29d15e4deba36214a238f423baa88915d3130355ad6de3b7666d3ef562eec582ec12c52b1ee0a0b69fdfe1ce7cd572bb8797ae24ac1f93ebf8795dc6ddaf4005beb26105a63d7bfdb91589958604d1b1d1", 0xd8}, {&(0x7f0000001940)="b16e6b665ea7ddc511240503e9e9aa29f8f042032de69bed3e8a2746f7f6a7a4752e8d9c7063e714ff61163108969274f91efb793ac9acf6322aca1732e2734c2575612b7800d321eb026df0ff69ba996ec2613264fbbdba1a58524eadb8251a92321f3dae0bead8b785e53a3fd4a673f9d24fbffd5747016f51dc95266f5b77de3592745a0ec58c5e43997eef1fbb67f0a5e158cad9c4e49ba7914e206f2fff129d0706", 0xa4}, {&(0x7f0000001a00)="9f2e6c5f6d16e2c468983d90fbb0cd347e823f927fad957a81d0bb123a8f47dedca04ed92ba149057edd29b09914db750728d993421ff402560f62311edeab878ef2ae63eaf86aa883359eece8d5907c21d9ed61754468ecec7fc294bd5434a3ddaef70644b826f501ce96cecbcc16915fb34998d378b1110e39d3ad3b0f762d814508415770c8e3d60f9569ec4043f242a485cbb2c518eb8c5d40a29f44d12ef431fa878aeee6f2bc7c5c5cfc05070ecd2365a7a388e718c7503b1fa70c59abaf0fd837f384d72604883df18fdaffe9ac42f2be3a0c38057032374a288df8639d6ac9b8e27d6820c4e762", 0xeb}, {&(0x7f0000000240)="7d5165be48", 0x5}], 0x9}}, {{&(0x7f0000001bc0)={0xa, 0x4e24, 0xdce, @remote, 0x52}, 0x1c, &(0x7f0000001c40)=[{&(0x7f0000001c00)}], 0x1}}, {{&(0x7f0000001c80)={0xa, 0x4e23, 0x0, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, 0x2}, 0x1c, &(0x7f0000001d40)=[{&(0x7f0000001cc0)="677872c716ad1064d1dc8ff95d9841aa7b78382d3f16cbc6131879c1fd8645981c4247ae924b6b80d7919816215fa3b2bb66716c8a47a3b5d890e1d737f649585d86370cda58bb7ca26eb24e35380a0bf44d79cc85e5", 0x56}], 0x1, &(0x7f0000001d80)=[@hopopts_2292={{0x58, 0x29, 0x36, {0x87, 0x7, '\x00', [@padn={0x1, 0x1, [0x0]}, @enc_lim={0x4, 0x1, 0x2}, @calipso={0x7, 0x20, {0x0, 0x6, 0xd4, 0xa9b8, [0x0, 0x80000000, 0x76c]}}, @calipso={0x7, 0x10, {0x1, 0x2, 0x1, 0xfff, [0x653]}}]}}}, @flowinfo={{0x14}}, @rthdr_2292={{0x38, 0x29, 0x39, {0x2f, 0x4, 0x0, 0x7, 0x0, [@initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, @mcast1]}}}, @rthdr={{0x88, 0x29, 0x39, {0x0, 0xe, 0x2, 0x8, 0x0, [@private0={0xfc, 0x0, '\x00', 0x1}, @dev={0xfe, 0x80, '\x00', 0x3f}, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', @mcast2, @private0={0xfc, 0x0, '\x00', 0x1}, @loopback, @private0]}}}], 0x130}}], 0x3, 0x4040001) r6 = openat$sr(0xffffffffffffff9c, &(0x7f0000000100), 0x165c02, 0x0) preadv(r6, &(0x7f0000001540)=[{&(0x7f0000000400)=""/57, 0x39}, {&(0x7f0000000440)=""/137, 0x89}, {&(0x7f0000000500)=""/4096, 0x1000}, {&(0x7f0000001500)=""/37, 0x25}], 0x4, 0x0, 0x4) 14:59:13 executing program 1: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x56ad, &(0x7f0000000140)={0x0, 0x10ae, 0x0, 0x2, 0x212}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x3000)=nil, 0x0, &(0x7f0000000300)) pipe2(&(0x7f0000000240), 0x0) r0 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0) pidfd_open(0x0, 0x0) r1 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={&(0x7f0000000040), 0xb}, 0x0, 0x20, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f00000004c0)) r2 = openat$sr(0xffffffffffffff9c, &(0x7f00000001c0), 0x105802, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x1000004, 0x2811, r2, 0x0) mq_notify(0xffffffffffffffff, 0x0) r3 = syz_open_dev$vcsn(&(0x7f0000000000), 0x5, 0x0) pread64(r3, &(0x7f0000000580)=""/91, 0x5b, 0x3725) ioctl$BTRFS_IOC_SNAP_CREATE(r1, 0x50009401, &(0x7f00000006c0)={{r3}, "619d5ea8b300b8e7cab6b16a48cddd36784a371bf4c2166036e4b4235e4d1492e06eaa3565859bf6c0a986eff859c46a3458e8a18dfb887694b38c41c1a47bf6cff017bcb2de95fcabc88af02bccdbb747c7d7b2cfaf5ea8297aa4fb3a6eb1bc2ace454f39d38c0b62f77b3d6bba15f1922278044ed756e54f80786c38c51e552e439b2e827f264f42dc8757823311bb8391b18157ec66c3511e73a51bd606989c9954d0a7dddb16932aabee26d3fb624447f7158ac1f72ba22fcba71e3315a0915c36961f7d5a9cfc4e0dbb762c824a5d108699f2a1653dd1f9b58c0443b9fcfd9d8f2446fa2516a2b33f4a95cde21b27b5bd1b9c221948acbf126d45e11bd46b499628d01dc6ac6e60c20ab90dc5f9c50da979b5adf009bc59c7076ad3202249eabe06ae282e4dbaf80a5dd109ec9d376e3421ab25281a7cd30264e961268d40aba2d5350e89d82ee958b6875e7dcc3a392365e6d1e60b64cb20d5c31878f3b96e23419631f30f4434eec70f2878ab0fb98b669fef7366adc8201c1222006c41b8872bb4c9568abfa18a345ae547681dce007f0e93322cf451cddf13447159430166d7ef17bdc73df1cf2891ee6a5cff4686aff966623d1554815a0d64735434053a9f421a05b64c06e93421bc85c3c4491fd25408b4e32ba94ed6184cf26776f9383cb801a19db811b535c0f42de81bda09a0b4b1cefe1c29142d517949830f3a8be9d77aee9210349c51875ffd1ea30e6cd8adbb5cd254529911f5583cd4ca79ac481d0ab354be514664a8c50fac9e532dc8d871373a85a9f082dc8aa7facd91e257dc9e6493965b969e9500156a6d4cd92bcfb4913e2324bd0830dfc1df6a98e2d6659eb8b1c2153569a2a14ff03ef08a1704ad9129f4f8584c1423ba581abaeef1eb3ae5340f34b71875d78c35c52a5a15273d40eb3d4ce24bd9d6db1759358bb25ea48fddf47f41f8abeffcb8211ab436864ebfe641e1ed099742ab942b4496bf828671c5349092ed1522560577ac0a897799005536c57222fa3f12b4075f77a1517b57f6c0b200d00a2a0876f8277b90281ec4f2bb2bb6d00cc68cca826fabb17e8fc86129c8183a004ddb8ecb074f16aacfa590c2dcdbbb859cff8e7adaa48b5607575820610d0f3e77a29ae551129fe98347854d73dd4ba861c20c4a2d7874c2fd87daedc4f4854fbfa6ceaf8bad7f79f5e71053a9c9db80b1d481b30475a9489661009fe52f7616f6d986ed1312988455a8740b891da03cc3c498dbfcf7383f32fa4c22fe562a5501c1f1c74fdb9a17145562071298a17a9c65cde168ff9024b0156ed4960269aa56a216517c9a728345b0f3a81554051123e2b526445c4a677a5d041a2fa9fd320feeba4db6ab35aff6ec1f8d55ada50f168f98beffd8be53cd23c0f6c1facd0741a8308207df863483a74c478d9113157b844b785ffe6aa8e5e601e38b5348bf76238b10081ea417e0ccdeb5ab22259f73a10f9406a69231b085f296ac10fd780a60c4d899acf9930aea82016e38265c30de19941e8dcaa08b20ff9602a99d3fd54adde753ce2c2591fca40301f245fe9843b6083b7485f96888f744effb503a7dcf789020dd2264a468b55238f624ce53caa3ff995b30a338aa66c652eec6664b6f62ec09c4cfa9776c7ff5138133b4fdfb8f83aaa6b8387ba8ecbd9db02ea19006d21aba93cf45b6ee3892919f33496b360dae335300103cf77209de7ef7a6601420a6b05c60f7f9a452fc737bbd20ed6809753ca7966f952afc53456e237c9c4b54c21915fffb93b9610cd80dd3a3e35802660eb93e2bc4619ccc89863c021133a6662c9585b968cb27e3d094ea8b6a0a4ed0a6c7a12a89a5016e48983848f57919bc9e8f1e2b3105bcb809ce0a3d8bbe6724503bfd74eb01ab34023e435064a7d7400faeb6e9647ddc2b4dd3b564cb9fcc4c93044cbbeef2256d1b3cf392da260fbd58521f549ff84bd420ab80ed3a0c4a5235ab3329bcfd88176048349b71edb0f5113845b3eabdf7d9a39d96282858ba90657d87cd31525944e998d0f25bccab1a312920ae208bfb95867930df7611bad78f64db65a6b68e1dc108b52922f12320c1ccd856b9b102fc277fbbba6bf9ef1d9de89c92f145c650529dd1bfe2df2f5951d7beaac5f7320eebe6e8bfe2692dbdc2aa39af10018ef80f42b72a46f9a97f01803d84dbb70ab1208f9760e5c65aeac276fc00166ce6568ccdc7fa7a2558057bdb779817a832561beda74ed78d3818945ce2ec4ff1fb7db2d7d64ce5bc416e03d670811b374938c61653bed4b01f363f7a569ccf6660687f95932b8757b0d46b371c2d88cca8d08f40db6734eaba1564eb83cfd9918ff7e41d248b4dffe4e3ff2e3e3d143efff64f86a4657a8a82ce83dcd9d0d4ea53fa8340dc6b7205400d5e91a318c9d5555b362f97693611d5e68fb623893717d0eb90d7b3adaeeea2dab4b1c980cd5b09c614e5d708f4c6f1bc7cf16f10001f7754eaede5072acde5f8e16d9214ff713adad18652cfba7263d90009103a53b1b5cfbf198879c6b483e85091efef9e48942097428c236053a8ddd301917a7b4ec1e9301836f774056d0a47236df6a468685ad24aeeb462839a95ad114b0cc214fb78c53f6a44992c50522d945876a5b1fdd38a867bbaa5e8225028420134e3b704d2be031964f27a164bcbc533be68f74931fd6a21fd36d627569c0d62a5d2893bf069c888d1e04ea759a48217b4d4964999c5ef5aaf4ab523341ffda32a3fbf73013492d6090d51cb917c39c63e4eb116a0ce38a5a80b3e52d312ab4d910bef42709729c2728f45cf2e39ae0ac28282ebf19710c5eebaf841d786e7db857d5672690e498148f5a4bb03f5c2a45acdf8f91af180150d5fe55d4a75693ac36659b52473a279ad9b668c940220b730c54e463c48eff9fe8a818b134c2bf795a62c6656284c6caf15837469a9ab584a2b7d4ae868ebd3a1f064220af3e3b55f3b6bb9bbf7a409d19391ddec6c6cbc1003f522e75eadfe4caec7e912fc6743697834a90d1642b1c1b34f6723d066c6ddecee6925615564fe2b4c65d8c2c8c54a2b4e4ed6ffc4649b238fdba23213a5794d05e056dd1116605f19673cb6876f66a5d013fc709b3b406c8b24260b8f7ebf6288f839188851abb92c880b0cd3d596a4ae19953661642cffbb13bd0b2ed8d55db3c0d2b17391f75c4a5a3419bc7ee4541179d00fbb9b13ed9fdc4106c525efc37c4cc2efb3aefbd377723edfce93794421f27c5bcdec8712a0f2bcdc18820499bbb4ec530a0bafbf714d1b4a26aaee489639d714fc9da7ed2d5c40c515acc5f1aff37a3cff5560750640f05b19bc5869a3d135d64df2fe6ed65c047785f8b5d176458b424974c444f66addf67da60fc2b9c4e201e627c50131af3aa4ec57e2b20c544150a26511155c2c3b2561e0412baed7993d984dd8049857adfb30be69b393a82121ee78c61fbe2489b47e20688e497da5964855b08daf6b95d00efd1417a3a49d83eb55e0298edb4d690cc46277665ab63d31ec4326cf7854d040923e8deee016ff575e9a032712b0cb6dd4aa5f98a3299a3945724504a4ffb73070537a9eab3ec06a6be5c811d3fb3ea9ef64af367e8155c6bcbb4d9f09ef78a60ce12a5ac1c1b40075f8c6657305672aaa8df3dc2c4c16157d9bf58f9f86ca55e82c703387d1e8d9eb57a02e04e228a09a2a1b631802c4bd484a05310936b3ff73895062bec3b6ec5b52e3cc21d26eb2495e0e879ab82ebbf70f2ad08b6dfeadad6b5e09f50dd1fae5b1478d45fb669c81fd0f18627d8ebc527a958ac6d6e67dac0cbf7697408510393e3c27a24b91b18ffad56d4fa0c52ac00c57fcaa91f5718f235db130dc539495037777c268fc13787549c1b1badf34ad092f91b2acb32feab150e08bbc0ca13018908ca83a1c968bbd8cdbc4e0da63f28229deca45c370e721b03fef813bb19aa48bac405a87269616238e9b1bdafbabd771ec38de8bbd6851eca770960aa67275e8d5aa16c24e3cb19044f0f722182d75b3da227e3440000740b4afddbfa70cdae650c3b842483a3d3dea04968c84ecd9f67c6f0aa84d905ea7682608b573b91cc27870e9054679b8aa43de1a91a3736df2d688fdebf0b6e31ac273eec3396bb68078ecd693a89cf50298e009096fa1d2dfa3cd0a11126272ad02939f7de31dc881d57b21efa2d515b091ab6d8e770fa714992c1ad1896660701af991e939ef0403c2d9a00e9b8151dd229331c37a5a963526b1675453f62a829d02015d4546c3665cccd70e9471155f2879c954597a35b0e73aa46bdbff3e5135fce5ce532a12404e687ec4e4d9756a2de485ca90612754f7411069853baebac72c1e0730dcd4664d39a1eb501fdfb8475eaec8f7e9994461297b57558cca9f715aef4e81b3309cc68aedec08eb5fa0e4de4a17051952de8a507be9b29cb5dbe828c400f76ab4eaca78aeb397b23f9425ea7bce722f06bbcc67e9901128a3126c04931b069b3ad266dbf028957daabf460e8a0340d5604520feb72b7cd40d298969c8e3f5c74101e386f5aaab3c7dd6c605575cc52e22f98b0c2e20632c26786e546159e9c9f273356c9acc1ae874e80bd3274de0491ad58e30d84ebc07df5bd32f642ba82ca1247a221704d6510542e51b90bdafc0db4d2c33b354baa1308bf768ffda8d97b65d5333cb55fbd5d4aca0d6c2108f60810febdf5df0530836269b09371a5f94d89f17603e24e1fb846f6b820c53b43a0c6518f9edd0d50270c043046a4ff80f7a26ed9c4611e21219a6645135524103dc0f660b4e5ed32a9b9e906519fbb1a9a5ff1ee5d7a180c9bf43760403c0abcedba122a9046b1ce99fe705bcf42141e717db66e32a37cdc3b8e7026427ac487c4e14f5e41031289dbd5e6f23ce32101abbb109d8400066b912f72e1ff54ccfcebebe71ee2e433b09e3e6fccebbca15e2f09b6a7511749a1bd76a5788e504cd57bcc8fc33578a83fd02375bf99661b897ca92c264c380ebb209773bdc39d4cd7a0b45f185332a6648ff08d5849873db7742b1c84d23562ad051c23764f676e935ac50896e0455bc5b46efa532bffc00936344e98beef971a5e558b9cdccb175f5cafe507eb4921a0b7d22726ddf519a78a06932ef078242eb62983a0c59c4ca2dbf62609107211121634fa34a20897c54432b77e5cf32374995c982162faa5cd9fe9d412e4f5ddc2e83876f950b349d803429dbc395558afca1e745b484eb0bda2c7805e13a7fc497622942f2b3a85f7918149fe3d1191c873ea23cb93bd44b62f8460184c2f39c1b95fb20f220edb684b889371fa1c6f67b9e09d0789d2df91c9ebd025305239d3d2e436feaa3ec9f082a22a4ec5bed072dbd4846e6fdd73619ddea9079904055f8db93e104c02e9b0f7ceecce730df66e31fc50d2de05ea2fe71cdbdf66e86825048bf1799bedf40dba9e1bc243b1e3d314352c2cc80a0461a68f174c1daaa015000b8881ef875dd1719452168828ae4204e623d032a8f1276c5cc9ce544c2237277590039e6e75b818a13952ce602f7e6cd0425665aafe9fe632e0ad5d5223a6e7031d3ba308e3f347915fd7f523058619eef0a7be9c06ea9e64d23c8946b57fabce5ecaf047cfa850019144bf21d91de3dc77b7844f4ab3c887f20ed42a544b826ce0756b5ed7ef161172cd92642bd5c5e0c0024b3cbbc9225db323b8abeaf9562a4c5c499de1411f804a12d8bd2e6552530a79696eb69ee1d1f07b41d848bc58c2c6c15"}) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000380)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x80000, 0x1, {0x0, r0}}, 0x7f) syz_io_uring_setup(0x43da, &(0x7f00000003c0)={0x0, 0x0, 0x10, 0x2, 0x375}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffb000/0x4000)=nil, &(0x7f0000000440), &(0x7f0000000480)) [ 132.149703] sr 1:0:0:0: [sr0] tag#0 FAILED Result: hostbyte=DID_OK driverbyte=DRIVER_OK cmd_age=0s [ 132.150378] sr 1:0:0:0: [sr0] tag#0 Sense Key : Not Ready [current] [ 132.150844] sr 1:0:0:0: [sr0] tag#0 Add. Sense: Medium not present [ 132.151306] sr 1:0:0:0: [sr0] tag#0 CDB: Read(10) 28 00 00 00 00 00 00 00 40 00 [ 132.151804] I/O error, dev sr0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 32 prio class 2 [ 132.179713] audit: type=1400 audit(1664636353.874:9): avc: denied { write } for pid=3937 comm="syz-executor.1" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 [ 132.184020] sr 1:0:0:0: [sr0] tag#0 FAILED Result: hostbyte=DID_OK driverbyte=DRIVER_OK cmd_age=0s [ 132.184823] sr 1:0:0:0: [sr0] tag#0 Sense Key : Not Ready [current] [ 132.185296] sr 1:0:0:0: [sr0] tag#0 Add. Sense: Medium not present [ 132.185723] sr 1:0:0:0: [sr0] tag#0 CDB: Read(10) 28 00 00 00 00 00 00 00 02 00 [ 132.186233] I/O error, dev sr0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 8 prio class 2 [ 132.186789] Buffer I/O error on dev sr0, logical block 0, async page read [ 132.187273] Buffer I/O error on dev sr0, logical block 1, async page read [ 132.187728] Buffer I/O error on dev sr0, logical block 2, async page read [ 132.188194] Buffer I/O error on dev sr0, logical block 3, async page read [ 132.188648] Buffer I/O error on dev sr0, logical block 4, async page read [ 132.189103] Buffer I/O error on dev sr0, logical block 5, async page read [ 132.189569] Buffer I/O error on dev sr0, logical block 6, async page read [ 132.190034] Buffer I/O error on dev sr0, logical block 7, async page read [ 132.695613] random: crng reseeded on system resumption [ 132.700369] random: crng reseeded on system resumption VM DIAGNOSIS: 14:59:13 Registers: info registers vcpu 0 RAX=000000000000006c RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff823bb0f1 RDI=ffffffff8765a9a0 RBP=ffffffff8765a960 RSP=ffff88803fef73c0 R8 =0000000000000001 R9 =000000000000000a R10=000000000000006c R11=0000000000000001 R12=000000000000006c R13=ffffffff8765a960 R14=0000000000000010 R15=ffffffff823bb0e0 RIP=ffffffff823bb149 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 00007f5d0b8bf700 00000000 00000000 GS =0000 ffff88806ce00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007fdc9aac9310 CR3=000000001b8d8000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001fa0 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 YMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM01=0000000000000000 0000000000000000 2d545ce628326a57 0513e62b669d40b8 YMM02=0000000000000000 0000000000000000 2b22e131fea5d529 1283b6b82de44f90 YMM03=0000000000000000 0000000000000000 0ab63125b65be6b3 1b38d581e8efade0 YMM04=0000000000000000 0000000000000000 eb007fab7830b49e 606f62c00cc00000 YMM05=0000000000000000 0000000000000000 000e186d146af1ab 8bd193a836725845 YMM06=0000000000000000 0000000000000000 bf6efa241cacdeaa 6da5e6ffb8dfc881 YMM07=0000000000000000 0000000000000000 285aeb82d895f567 a508a0d659d55747 YMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM13=0000000000000000 0000000000000000 32a8e558e535b9a6 edc6ed7fc29a9928 YMM14=0000000000000000 0000000000000000 9b815bb50cb19a3b ee371dfd5a28de27 YMM15=0000000000000000 0000000000000000 a99daa0b19eb5cfe 13ad00f3f31f546e info registers vcpu 1 RAX=0000000080000000 RBX=ffff88803fff661c RCX=0000000000000000 RDX=1ffff11007e10f68 RSI=0000000000000001 RDI=ffff88803f087b28 RBP=ffff88803f087340 RSP=ffff88803f087220 R8 =0000000000000005 R9 =0000000000000003 R10=0000000000000003 R11=0000000000000001 R12=ffff88800f33da1c R13=dffffc0000000000 R14=ffff88803f087b28 R15=ffff88803f087b28 RIP=ffffffff81460c37 RFL=00000286 [--S--P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 00007ff836694540 00000000 00000000 GS =0000 ffff88806cf00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007ff8367518b0 CR3=000000003eefa000 CR4=00350ee0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 YMM00=0000000000000000 0000000000000000 000000ff00000000 00000000000000ff YMM01=0000000000000000 0000000000000000 ffffff0000ff00ff ffffffffffffff00 YMM02=0000000000000000 0000000000000000 494c4700362e322e 325f4342494c4700 YMM03=0000000000000000 0000000000000000 0000000000000000 0000000000004700 YMM04=0000000000000000 0000000000000000 4342494c4700362e 322e325f4342494c YMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000