Warning: Permanently added '[localhost]:7482' (ECDSA) to the list of known hosts. 2022/10/01 18:16:39 fuzzer started 2022/10/01 18:16:39 dialing manager at localhost:35095 syzkaller login: [ 44.316372] cgroup: Unknown subsys name 'net' [ 44.467163] cgroup: Unknown subsys name 'rlimit' 2022/10/01 18:16:54 syscalls: 2215 2022/10/01 18:16:54 code coverage: enabled 2022/10/01 18:16:54 comparison tracing: enabled 2022/10/01 18:16:54 extra coverage: enabled 2022/10/01 18:16:54 setuid sandbox: enabled 2022/10/01 18:16:54 namespace sandbox: enabled 2022/10/01 18:16:54 Android sandbox: enabled 2022/10/01 18:16:54 fault injection: enabled 2022/10/01 18:16:54 leak checking: enabled 2022/10/01 18:16:54 net packet injection: enabled 2022/10/01 18:16:54 net device setup: enabled 2022/10/01 18:16:54 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2022/10/01 18:16:54 devlink PCI setup: PCI device 0000:00:10.0 is not available 2022/10/01 18:16:54 USB emulation: enabled 2022/10/01 18:16:54 hci packet injection: enabled 2022/10/01 18:16:54 wifi device emulation: failed to parse kernel version (6.0.0-rc7-next-20220930) 2022/10/01 18:16:54 802.15.4 emulation: enabled 2022/10/01 18:16:55 fetching corpus: 50, signal 30033/31787 (executing program) 2022/10/01 18:16:55 fetching corpus: 100, signal 38978/42326 (executing program) 2022/10/01 18:16:55 fetching corpus: 150, signal 43302/48191 (executing program) 2022/10/01 18:16:55 fetching corpus: 200, signal 51030/57304 (executing program) 2022/10/01 18:16:55 fetching corpus: 250, signal 55566/63236 (executing program) 2022/10/01 18:16:55 fetching corpus: 300, signal 59143/68152 (executing program) 2022/10/01 18:16:55 fetching corpus: 350, signal 65714/75905 (executing program) 2022/10/01 18:16:55 fetching corpus: 400, signal 72029/83273 (executing program) 2022/10/01 18:16:56 fetching corpus: 450, signal 76019/88371 (executing program) 2022/10/01 18:16:56 fetching corpus: 500, signal 82504/95722 (executing program) 2022/10/01 18:16:56 fetching corpus: 550, signal 86733/100876 (executing program) 2022/10/01 18:16:56 fetching corpus: 600, signal 88675/103911 (executing program) 2022/10/01 18:16:56 fetching corpus: 650, signal 90619/106929 (executing program) 2022/10/01 18:16:56 fetching corpus: 700, signal 92394/109823 (executing program) 2022/10/01 18:16:56 fetching corpus: 750, signal 96218/114382 (executing program) 2022/10/01 18:16:56 fetching corpus: 800, signal 98642/117724 (executing program) 2022/10/01 18:16:56 fetching corpus: 850, signal 100469/120473 (executing program) 2022/10/01 18:16:57 fetching corpus: 900, signal 102520/123357 (executing program) 2022/10/01 18:16:57 fetching corpus: 950, signal 105319/126895 (executing program) 2022/10/01 18:16:57 fetching corpus: 1000, signal 106810/129293 (executing program) 2022/10/01 18:16:57 fetching corpus: 1050, signal 108638/131933 (executing program) 2022/10/01 18:16:57 fetching corpus: 1100, signal 110241/134345 (executing program) 2022/10/01 18:16:57 fetching corpus: 1150, signal 113536/138049 (executing program) 2022/10/01 18:16:57 fetching corpus: 1200, signal 114781/140065 (executing program) 2022/10/01 18:16:57 fetching corpus: 1250, signal 117367/143176 (executing program) 2022/10/01 18:16:57 fetching corpus: 1300, signal 119888/146181 (executing program) 2022/10/01 18:16:58 fetching corpus: 1350, signal 121720/148629 (executing program) 2022/10/01 18:16:58 fetching corpus: 1400, signal 123036/150646 (executing program) 2022/10/01 18:16:58 fetching corpus: 1450, signal 123728/152192 (executing program) 2022/10/01 18:16:58 fetching corpus: 1500, signal 125238/154311 (executing program) 2022/10/01 18:16:58 fetching corpus: 1550, signal 126733/156411 (executing program) 2022/10/01 18:16:58 fetching corpus: 1600, signal 128718/158805 (executing program) 2022/10/01 18:16:58 fetching corpus: 1650, signal 132409/162433 (executing program) 2022/10/01 18:16:59 fetching corpus: 1700, signal 133622/164213 (executing program) 2022/10/01 18:16:59 fetching corpus: 1750, signal 134944/166073 (executing program) 2022/10/01 18:16:59 fetching corpus: 1800, signal 136793/168246 (executing program) 2022/10/01 18:16:59 fetching corpus: 1850, signal 137632/169685 (executing program) 2022/10/01 18:16:59 fetching corpus: 1900, signal 139087/171518 (executing program) 2022/10/01 18:16:59 fetching corpus: 1950, signal 139832/172917 (executing program) 2022/10/01 18:16:59 fetching corpus: 2000, signal 140859/174476 (executing program) 2022/10/01 18:16:59 fetching corpus: 2050, signal 141795/176008 (executing program) 2022/10/01 18:16:59 fetching corpus: 2100, signal 142756/177501 (executing program) 2022/10/01 18:17:00 fetching corpus: 2150, signal 143868/179096 (executing program) 2022/10/01 18:17:00 fetching corpus: 2200, signal 144897/180569 (executing program) 2022/10/01 18:17:00 fetching corpus: 2250, signal 146099/182126 (executing program) 2022/10/01 18:17:00 fetching corpus: 2300, signal 147197/183612 (executing program) 2022/10/01 18:17:00 fetching corpus: 2350, signal 148288/185046 (executing program) 2022/10/01 18:17:00 fetching corpus: 2400, signal 149840/186807 (executing program) 2022/10/01 18:17:00 fetching corpus: 2450, signal 151169/188323 (executing program) 2022/10/01 18:17:00 fetching corpus: 2500, signal 152230/189753 (executing program) 2022/10/01 18:17:01 fetching corpus: 2550, signal 153818/191487 (executing program) 2022/10/01 18:17:01 fetching corpus: 2600, signal 154787/192725 (executing program) 2022/10/01 18:17:01 fetching corpus: 2650, signal 156089/194201 (executing program) 2022/10/01 18:17:01 fetching corpus: 2700, signal 157517/195690 (executing program) 2022/10/01 18:17:01 fetching corpus: 2750, signal 158696/197050 (executing program) 2022/10/01 18:17:01 fetching corpus: 2800, signal 160395/198671 (executing program) 2022/10/01 18:17:01 fetching corpus: 2850, signal 161477/199900 (executing program) 2022/10/01 18:17:01 fetching corpus: 2900, signal 162059/200895 (executing program) 2022/10/01 18:17:02 fetching corpus: 2950, signal 163099/202115 (executing program) 2022/10/01 18:17:02 fetching corpus: 3000, signal 164729/203623 (executing program) 2022/10/01 18:17:02 fetching corpus: 3050, signal 166090/204973 (executing program) 2022/10/01 18:17:02 fetching corpus: 3100, signal 166640/205879 (executing program) 2022/10/01 18:17:02 fetching corpus: 3150, signal 167458/206938 (executing program) 2022/10/01 18:17:02 fetching corpus: 3200, signal 168675/208203 (executing program) 2022/10/01 18:17:02 fetching corpus: 3250, signal 169822/209361 (executing program) 2022/10/01 18:17:02 fetching corpus: 3300, signal 170755/210375 (executing program) 2022/10/01 18:17:03 fetching corpus: 3350, signal 172038/211516 (executing program) 2022/10/01 18:17:03 fetching corpus: 3400, signal 172851/212492 (executing program) 2022/10/01 18:17:03 fetching corpus: 3450, signal 173389/213359 (executing program) 2022/10/01 18:17:03 fetching corpus: 3500, signal 174451/214415 (executing program) 2022/10/01 18:17:03 fetching corpus: 3550, signal 175199/215295 (executing program) 2022/10/01 18:17:03 fetching corpus: 3600, signal 176041/216194 (executing program) 2022/10/01 18:17:03 fetching corpus: 3650, signal 176579/216950 (executing program) 2022/10/01 18:17:04 fetching corpus: 3700, signal 177433/217871 (executing program) 2022/10/01 18:17:04 fetching corpus: 3750, signal 178323/218744 (executing program) 2022/10/01 18:17:04 fetching corpus: 3800, signal 179078/219547 (executing program) 2022/10/01 18:17:04 fetching corpus: 3850, signal 180293/220507 (executing program) 2022/10/01 18:17:04 fetching corpus: 3900, signal 181842/221528 (executing program) 2022/10/01 18:17:04 fetching corpus: 3950, signal 182487/222230 (executing program) 2022/10/01 18:17:04 fetching corpus: 4000, signal 183181/222995 (executing program) 2022/10/01 18:17:04 fetching corpus: 4050, signal 183759/223718 (executing program) 2022/10/01 18:17:05 fetching corpus: 4100, signal 184347/224386 (executing program) 2022/10/01 18:17:05 fetching corpus: 4150, signal 184842/225004 (executing program) 2022/10/01 18:17:05 fetching corpus: 4200, signal 185904/225954 (executing program) 2022/10/01 18:17:05 fetching corpus: 4250, signal 186620/226657 (executing program) 2022/10/01 18:17:05 fetching corpus: 4300, signal 187652/227402 (executing program) 2022/10/01 18:17:05 fetching corpus: 4350, signal 188123/227975 (executing program) 2022/10/01 18:17:05 fetching corpus: 4400, signal 188661/228561 (executing program) 2022/10/01 18:17:05 fetching corpus: 4450, signal 189311/229181 (executing program) 2022/10/01 18:17:05 fetching corpus: 4500, signal 189996/229814 (executing program) 2022/10/01 18:17:06 fetching corpus: 4550, signal 190665/230421 (executing program) 2022/10/01 18:17:06 fetching corpus: 4600, signal 191338/231040 (executing program) 2022/10/01 18:17:06 fetching corpus: 4650, signal 191927/231595 (executing program) 2022/10/01 18:17:06 fetching corpus: 4700, signal 192780/232221 (executing program) 2022/10/01 18:17:06 fetching corpus: 4750, signal 193250/232726 (executing program) 2022/10/01 18:17:06 fetching corpus: 4800, signal 193804/233236 (executing program) 2022/10/01 18:17:06 fetching corpus: 4850, signal 194404/233763 (executing program) 2022/10/01 18:17:06 fetching corpus: 4871, signal 194680/234197 (executing program) 2022/10/01 18:17:06 fetching corpus: 4871, signal 194680/234613 (executing program) 2022/10/01 18:17:06 fetching corpus: 4871, signal 194680/235021 (executing program) 2022/10/01 18:17:06 fetching corpus: 4871, signal 194680/235416 (executing program) 2022/10/01 18:17:06 fetching corpus: 4871, signal 194680/235808 (executing program) 2022/10/01 18:17:06 fetching corpus: 4871, signal 194680/236273 (executing program) 2022/10/01 18:17:06 fetching corpus: 4871, signal 194680/236704 (executing program) 2022/10/01 18:17:06 fetching corpus: 4871, signal 194680/237133 (executing program) 2022/10/01 18:17:06 fetching corpus: 4871, signal 194680/237531 (executing program) 2022/10/01 18:17:06 fetching corpus: 4871, signal 194680/237918 (executing program) 2022/10/01 18:17:06 fetching corpus: 4871, signal 194680/238323 (executing program) 2022/10/01 18:17:06 fetching corpus: 4871, signal 194680/238714 (executing program) 2022/10/01 18:17:06 fetching corpus: 4871, signal 194680/239098 (executing program) 2022/10/01 18:17:06 fetching corpus: 4871, signal 194680/239502 (executing program) 2022/10/01 18:17:06 fetching corpus: 4871, signal 194680/239916 (executing program) 2022/10/01 18:17:06 fetching corpus: 4871, signal 194680/240324 (executing program) 2022/10/01 18:17:06 fetching corpus: 4871, signal 194680/240748 (executing program) 2022/10/01 18:17:06 fetching corpus: 4871, signal 194680/241140 (executing program) 2022/10/01 18:17:06 fetching corpus: 4871, signal 194680/241542 (executing program) 2022/10/01 18:17:06 fetching corpus: 4871, signal 194680/241933 (executing program) 2022/10/01 18:17:06 fetching corpus: 4871, signal 194680/242332 (executing program) 2022/10/01 18:17:06 fetching corpus: 4871, signal 194680/242755 (executing program) 2022/10/01 18:17:06 fetching corpus: 4871, signal 194680/243065 (executing program) 2022/10/01 18:17:06 fetching corpus: 4871, signal 194680/243065 (executing program) 2022/10/01 18:17:09 starting 8 fuzzer processes 18:17:09 executing program 0: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_STOP_AP(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x28, r0, 0x8, 0x70bd2c, 0x25dfdbfd, {{}, {@val={0x8, 0x3, r1}, @val={0xc, 0x99, {0x6, 0x77}}}}, ["", "", "", "", ""]}, 0x28}, 0x1, 0x0, 0x0, 0xc1}, 0x804) sendmsg$NL80211_CMD_SET_INTERFACE(0xffffffffffffffff, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x80, r0, 0x20, 0x70bd28, 0x25dfdbff, {{}, {@void, @val={0xc, 0x99, {0x1, 0x3d}}}}, [@mon_options=[@NL80211_ATTR_MU_MIMO_GROUP_DATA={0x1c, 0xe7, "4f60563290b0c9de9337c2894734bc3dd3d9014d13e577de"}, @NL80211_ATTR_MNTR_FLAGS={0xc, 0x17, 0x0, 0x1, [@NL80211_MNTR_FLAG_OTHER_BSS={0x4}, @NL80211_MNTR_FLAG_OTHER_BSS={0x4}]}, @NL80211_ATTR_MU_MIMO_FOLLOW_MAC_ADDR={0xa, 0xe8, @device_b}, @NL80211_ATTR_MU_MIMO_GROUP_DATA={0x1c, 0xe7, "4e0ac2dd0114f12ad911f1e63b7a88b4bfb14470625945a3"}], @NL80211_ATTR_4ADDR={0x5}, @NL80211_ATTR_4ADDR={0x5}]}, 0x80}, 0x1, 0x0, 0x0, 0x8000}, 0x80) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f00000002c0), 0xffffffffffffffff) sendmsg$NL80211_CMD_ABORT_SCAN(0xffffffffffffffff, &(0x7f00000003c0)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000380)={&(0x7f0000000340)={0x14, r0, 0x901, 0x70bd27, 0x25dfdbfd, {{}, {@void, @void}}, ["", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x4004841}, 0xc0) sendmsg$NL80211_CMD_DEL_TX_TS(0xffffffffffffffff, &(0x7f0000000500)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f00000004c0)={&(0x7f0000000440)={0x54, r2, 0x800, 0x70bd25, 0x25dfdbfe, {{}, {@void, @val={0xc, 0x99, {0x9, 0x6b}}}}, [@NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_TSID={0x5, 0xd2, 0x2}, @NL80211_ATTR_TSID={0x5, 0xd2, 0x5}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}]}, 0x54}}, 0x0) sendmsg$NL80211_CMD_JOIN_MESH(0xffffffffffffffff, &(0x7f0000000600)={&(0x7f0000000540)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f00000005c0)={&(0x7f0000000580)={0x28, r2, 0x100, 0x70bd27, 0x25dfdbfe, {{}, {@void, @val={0xc, 0x99, {0x7, 0x6b}}}}, [@NL80211_ATTR_DTIM_PERIOD={0x8, 0xd, 0x7}]}, 0x28}, 0x1, 0x0, 0x0, 0x4000}, 0x4044041) r3 = syz_open_dev$vcsu(&(0x7f0000000640), 0x6, 0x2100) sendmsg$NL80211_CMD_GET_SCAN(r3, &(0x7f0000000740)={&(0x7f0000000680)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000700)={&(0x7f00000006c0)={0x28, r0, 0x10, 0x70bd27, 0x25dfdbfc, {{}, {@val={0x8, 0x3, r1}, @val={0xc, 0x99, {0x3, 0x42}}}}, ["", ""]}, 0x28}, 0x1, 0x0, 0x0, 0x20000000}, 0x8081) r4 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000780), 0x11480, 0x0) r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000800), r3) sendmsg$NL80211_CMD_FLUSH_PMKSA(r4, &(0x7f00000008c0)={&(0x7f00000007c0)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000880)={&(0x7f0000000840)={0x14, r5, 0x100, 0x70bd2a, 0x25dfdbff, {{}, {@void, @void}}, ["", "", "", "", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x1}, 0x4808) sendmsg$NL80211_CMD_DEL_STATION(r4, &(0x7f0000000a40)={&(0x7f0000000900)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000a00)={&(0x7f0000000940)={0x94, r2, 0x100, 0x70bd28, 0x25dfdbfe, {{}, {@val={0x8, 0x3, r1}, @void}}, [@NL80211_ATTR_STA_WME={0x3c, 0x81, [@NL80211_STA_WME_MAX_SP={0x5, 0x2, 0x5}, @NL80211_STA_WME_MAX_SP={0x5}, @NL80211_STA_WME_MAX_SP={0x5, 0x2, 0x5}, @NL80211_STA_WME_MAX_SP={0x5, 0x2, 0x9}, @NL80211_STA_WME_UAPSD_QUEUES={0x5, 0x1, 0xbd}, @NL80211_STA_WME_UAPSD_QUEUES={0x5, 0x1, 0x6}, @NL80211_STA_WME_MAX_SP={0x5, 0x2, 0x1}]}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_STA_TX_POWER={0x6, 0x114, 0x9}, @NL80211_ATTR_STA_AID={0x6, 0x10, 0x56b}, @NL80211_ATTR_STA_PLINK_ACTION={0x5}, @NL80211_ATTR_STA_TX_POWER={0x6, 0x114, 0x5}, @NL80211_ATTR_STA_TX_POWER_SETTING={0x5, 0x113, 0x1}, @NL80211_ATTR_PEER_AID={0x6, 0xb5, 0x241}]}, 0x94}, 0x1, 0x0, 0x0, 0x10}, 0x2400c080) ioctl$AUTOFS_DEV_IOCTL_PROTOVER(r3, 0xc0189372, &(0x7f0000000ac0)={{0x1, 0x1, 0x18, r4, {0x100}}, './file0\x00'}) syz_genetlink_get_family_id$nl80211(&(0x7f0000000a80), r6) r7 = open_tree(r3, &(0x7f0000000b40)='./file0\x00', 0x1801) syz_genetlink_get_family_id$nl80211(&(0x7f0000000b00), r7) r8 = openat$cgroup_ro(r3, &(0x7f0000000c40)='hugetlb.1GB.usage_in_bytes\x00', 0x0, 0x0) sendmsg$DEVLINK_CMD_RATE_SET(r8, &(0x7f0000000e00)={&(0x7f0000000c80)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000dc0)={&(0x7f0000000cc0)={0xec, 0x0, 0x4, 0x70bd26, 0x25dfdbff, {}, [@handle=@pci={{0x8}, {0x11}}, @DEVLINK_ATTR_RATE_TX_MAX={0xc, 0xa7, 0x9}, @DEVLINK_ATTR_PORT_INDEX={0x8}, @DEVLINK_ATTR_RATE_TX_SHARE={0xc, 0xa6, 0x8}, @DEVLINK_ATTR_PORT_INDEX={0x8, 0x3, 0x3}, @DEVLINK_ATTR_RATE_NODE_NAME={0x53, 0xa8, @random="1fcaa9ea53a6c520e99514fb18d96e4525440693221b5f82389292ec39c69e55dfd9318e6669181f7c272cab997ba4b55a3fccf3dbcbb4b04ddfc9484e3cf4c6e1ccecae25a88c2456f9deb857de66"}, @DEVLINK_ATTR_PORT_INDEX={0x8, 0x3, 0x1}, @handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, @DEVLINK_ATTR_RATE_TX_SHARE={0xc, 0xa6, 0x3}, @DEVLINK_ATTR_RATE_TX_SHARE={0xc, 0xa6, 0x80000000}]}, 0xec}}, 0x850) 18:17:09 executing program 1: ioctl$BTRFS_IOC_SCRUB(0xffffffffffffffff, 0xc400941b, &(0x7f0000000000)={0x0, 0x800, 0x0, 0x1}) fsetxattr$security_ima(0xffffffffffffffff, &(0x7f0000000400), &(0x7f0000000440)=@v1={0x2, "e65bcaa559d2a7fd832c91"}, 0xc, 0x1) ioctl$BTRFS_IOC_DEFAULT_SUBVOL(0xffffffffffffffff, 0x40089413, &(0x7f0000000480)=0x5) r0 = ioctl$NS_GET_PARENT(0xffffffffffffffff, 0xb702, 0x0) ioctl$FIBMAP(r0, 0x1, &(0x7f00000004c0)) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000500), 0x260800, 0x0) write$binfmt_elf32(r1, &(0x7f0000000540)={{0x7f, 0x45, 0x4c, 0x46, 0x80, 0x20, 0x3, 0x3, 0x80000001, 0x3, 0x6, 0xfffff70a, 0x18e, 0x38, 0x27d, 0xeb8, 0x4, 0x20, 0x2, 0x1000, 0x7, 0x7}, [{0x1474e553, 0xffffffff, 0x3, 0x2, 0x9, 0x0, 0x2, 0x4}], "83d418bfc100474cfbc1b6659c3f54cdcd6e34f2ee4b9a94fec1990dc1495778b9b7bfeb6b2d385052df289a2b00ab3397f4a032fa4cb6056d49b036c29f39907f4de87327d2cd85bed842361b641485de69adf72ac85d7558348bb7d7170920d279cfaaa3cf02b2948651307fd9721a2dca2bf60a4ace11af643aac7580a3fbb8f496f3e9516079bf07a823385d9467fc0fba62d37eae5d49e5ff52e1dc48399f5a7dea083e309b69304461b3d5d0b756f3ad44851ad6e6d75e0374543ff9f5dc8c7f448fe2e7ada9df8aa77ce21c44a5a2a18e78beaca30b1afab023", ['\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00']}, 0x835) sendmsg$NFT_MSG_GETGEN(0xffffffffffffffff, &(0x7f0000000e40)={&(0x7f0000000d80)={0x10, 0x0, 0x0, 0x30122012}, 0xc, &(0x7f0000000e00)={&(0x7f0000000dc0)={0x14, 0x10, 0xa, 0x201, 0x0, 0x0, {0x0, 0x0, 0x5}, ["", "", "", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x30000000}, 0x40800) ioctl$SNDRV_SEQ_IOCTL_PVERSION(0xffffffffffffffff, 0x80045300, &(0x7f0000000e80)) ioctl$AUTOFS_DEV_IOCTL_OPENMOUNT(0xffffffffffffffff, 0xc0189374, &(0x7f0000000ec0)={{0x1, 0x1, 0x18, r0, {0x9}}, './file0\x00'}) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r2, &(0x7f0000000f00)={0x20000000}) fgetxattr(r0, &(0x7f0000000f40)=@random={'user.', '@(\\@\x00'}, &(0x7f0000000f80)=""/4096, 0x1000) ioctl$AUTOFS_DEV_IOCTL_CATATONIC(0xffffffffffffffff, 0xc0189379, &(0x7f0000001f80)={{0x1, 0x1, 0x18, 0xffffffffffffffff}, './file0\x00'}) ioctl$sock_inet_SIOCSIFPFLAGS(r3, 0x8934, &(0x7f0000001fc0)={'caif0\x00'}) ioctl$TUNSETTXFILTER(r3, 0x400454d1, &(0x7f0000002000)={0x0, 0x1, [@empty]}) fsetxattr$trusted_overlay_redirect(r2, &(0x7f0000002040), &(0x7f0000002080)='./file1\x00', 0x8, 0x5) fallocate(r3, 0x14, 0x1, 0x3f) ioctl$EXT4_IOC_GET_ES_CACHE(r2, 0xc020662a, &(0x7f00000020c0)={0x9d8, 0x7, 0x4, 0x9, 0x6, [{0x100000001, 0x31, 0x7fffffff, '\x00', 0x108}, {0x100000001, 0x7, 0xffffffff}, {0xff, 0x3, 0x5}, {0x3, 0x9, 0x8, '\x00', 0x402}, {0x1, 0x7, 0x3, '\x00', 0x3004}, {0x1c5, 0xe890, 0x9, '\x00', 0x2}]}) r4 = socket$netlink(0x10, 0x3, 0xc) sendmsg$NL80211_CMD_GET_WOWLAN(r4, &(0x7f0000002340)={&(0x7f0000002240)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000002300)={&(0x7f00000022c0)={0x24, 0x0, 0x200, 0x70bd29, 0x25dfdbff, {{}, {@val={0x8, 0x1, 0x7b}, @val={0x8}, @void}}, ["", "", "", "", "", ""]}, 0x24}, 0x1, 0x0, 0x0, 0x4040005}, 0x810) 18:17:09 executing program 2: pwritev(0xffffffffffffffff, &(0x7f00000000c0)=[{&(0x7f0000000000)="ebf332bb92f2f0e80234d053f361d848012b764ab318eb4232380734e45e1a392bd0aef0a87d5bf1b188b0b25c95c5220c8aa26e02bddf14f98fe8c57686665b2ca7fc9008f039fb21c81040a409fa19ebbc160972d9368681f82c03d4aeb3a374ec2eed3733696cf2a2ac3c284f79016896909bc95aad82940aad5fb243", 0x7e}, {&(0x7f0000000080)="b5", 0x1}], 0x2, 0x3, 0x4) r0 = socket$netlink(0x10, 0x3, 0x5) write$binfmt_elf32(r0, &(0x7f00000006c0)={{0x7f, 0x45, 0x4c, 0x46, 0xfe, 0x3, 0x7, 0x8, 0x64643098, 0x2, 0x6, 0x5, 0x322, 0x38, 0x3c8, 0x2, 0x6, 0x20, 0x1, 0x5, 0x1, 0x3}, [{0x5, 0x80, 0x1f, 0x8, 0x5, 0x9}], "e6e20fbfc737ded5fc9b40568f8e3ff0ca39323a5bbd2c768abba1a1a834ebb394b453c567297546e1d9f8f9c09854fd78dc4c8f2610dbbc134d02b80b0abaa156a48c8665a57652246ae4492388cf532260c20fc0103f4d2d4bc0b194eb7fe700cc64c6b85fbf27ef57fc83d3484c099ded793556ec34c53e99f0f6086912e804f3bffa0df4643d364c0d760aa60eab503f224f51ac33ecb08716ada78fb5f41d1251392aa617db991182f38d48b83cd3b0c4e206fcbff659f129381af75d5c03ba30dc2318e63672ad9f7fc4660564a119a56d91c68a7646eca6e2704397b18011aeb938f883ee34281fe86d17ba2f7b", ['\x00', '\x00', '\x00', '\x00', '\x00', '\x00']}, 0x749) r1 = pidfd_getfd(0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000e40), 0x604100, 0x0) ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(0xffffffffffffffff, 0xc018937d, &(0x7f0000000e80)={{0x1, 0x1, 0x18, r0, {0x2e}}, './file0\x00'}) ioctl$AUTOFS_DEV_IOCTL_CATATONIC(0xffffffffffffffff, 0xc0189379, &(0x7f0000000ec0)={{0x1, 0x1, 0x18, r0}, './file0\x00'}) io_uring_register$IORING_REGISTER_FILES_UPDATE(r1, 0x6, &(0x7f0000000f40)={0x8000, 0x0, &(0x7f0000000f00)=[r0, r2, r3, r4, r0, r0]}, 0x6) ioctl$BTRFS_IOC_QUOTA_RESCAN(r1, 0x4040942c, &(0x7f0000000f80)={0x0, 0x5, [0x9, 0x20, 0x6, 0xffffffff, 0x3f, 0x4]}) close_range(0xffffffffffffffff, r1, 0x0) r5 = openat$binderfs_ctrl(0xffffffffffffff9c, &(0x7f0000000fc0)='./binderfs/binder-control\x00', 0x2, 0x0) ioctl$BTRFS_IOC_QGROUP_LIMIT(r5, 0x8030942b, &(0x7f0000001000)={0x9, {0xc, 0x4, 0xbee7, 0x0, 0x6}}) r6 = syz_io_uring_setup(0x7b18, &(0x7f0000001040)={0x0, 0xd216, 0x2, 0x0, 0x16c, 0x0, r4}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f00000010c0), &(0x7f0000001100)) ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000012c0)={0x50, 0x0, &(0x7f0000001140)=[@decrefs, @free_buffer, @acquire_done={0x40106309, 0x3}, @free_buffer, @increfs={0x40046304, 0x1}, @acquire_done={0x40106309, 0x3}], 0xdb, 0x0, &(0x7f00000011c0)="977313e4099fa4120d5347382968f9d0f1c313a83bb8dac72219b60b2363bfe90f7aad352d594c872c70971cb6e0349aa641991ef7dc3e001436c71a19151b6a8684649d425b01c1447c6c746aa2e1230023c21f0b1bf32ecb0d9b632d2dcf488ae5f6702387cad59a505f30ed10e8b4020a1aa79d6f408d14884978467fa909b55e2a720d2d658b01dcc9421055fa06a6a6ad5873416d233199cc17fb4d1c8fc9c1261da7f4d9b55040f925b07ef2f1bd2beae7cb860f45c27ffb2cf849acb108f0963021224bbd19df53919cbebfb59accaff87a54acbd4dcf55"}) io_uring_enter(r4, 0x36d4, 0x4469, 0x3, &(0x7f0000001300)={[0x4]}, 0x8) ioctl$EVIOCGNAME(r2, 0x80404506, &(0x7f0000001340)=""/4096) setxattr(&(0x7f0000002340)='./file0\x00', &(0x7f0000002380)=@random={'os2.', '\x00'}, &(0x7f00000023c0)='\x00', 0x1, 0x0) ioctl$AUTOFS_DEV_IOCTL_OPENMOUNT(r2, 0xc0189374, &(0x7f0000002400)={{0x1, 0x1, 0x18, r6, {0xffffff52}}, './file0\x00'}) preadv2(r7, &(0x7f00000027c0)=[{&(0x7f0000002440)=""/247, 0xf7}, {&(0x7f0000002540)=""/60, 0x3c}, {&(0x7f0000002580)=""/140, 0x8c}, {&(0x7f0000002640)=""/104, 0x68}, {&(0x7f00000026c0)=""/209, 0xd1}], 0x5, 0x2, 0x6, 0x8) poll(&(0x7f00000028c0)=[{r6, 0x4000}, {r4, 0x2403}, {0xffffffffffffffff, 0xb}, {0xffffffffffffffff, 0xc20b}], 0x4, 0x4) 18:17:09 executing program 3: mq_timedreceive(0xffffffffffffffff, &(0x7f0000000000)=""/150, 0x96, 0x7, &(0x7f00000000c0)={0x77359400}) r0 = syz_io_uring_setup(0x3597, &(0x7f0000000100)={0x0, 0x6c56, 0x4, 0x1, 0x3b4}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffb000/0x4000)=nil, &(0x7f0000000180)=0x0, &(0x7f00000001c0)) r2 = mmap$IORING_OFF_SQES(&(0x7f0000ffb000/0x1000)=nil, 0x1000, 0x0, 0x50, 0xffffffffffffffff, 0x10000000) r3 = openat$nvram(0xffffffffffffff9c, &(0x7f0000000200), 0x202401, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000280)=@IORING_OP_FILES_UPDATE={0x14, 0x1, 0x0, 0x0, 0x9, &(0x7f0000000240)=[r3, 0xffffffffffffffff, 0xffffffffffffffff], 0x3, 0x0, 0x1}, 0x800) r4 = accept$inet6(r3, 0x0, &(0x7f00000002c0)) socketpair(0x1, 0x4, 0xca4, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, 0x0, &(0x7f0000000380)=@IORING_OP_FILES_UPDATE={0x14, 0x3, 0x0, 0x0, 0x3, &(0x7f0000000340)=[r0, r4, r5], 0x3, 0x0, 0x1}, 0x400) r7 = syz_io_uring_setup(0x6dd9, &(0x7f00000003c0)={0x0, 0x9635, 0x2, 0x2, 0x2cf, 0x0, r0}, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000000440), &(0x7f0000000480)) r8 = syz_io_uring_setup(0x600, &(0x7f00000004c0)={0x0, 0x8ead, 0x20, 0x3, 0x264, 0x0, r7}, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000000540), &(0x7f0000000580)) flock(r8, 0xd) ioctl$sock_SIOCBRADDBR(r6, 0x89a0, &(0x7f00000005c0)='veth1\x00') mmap$IORING_OFF_SQ_RING(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x1, 0x50, r3, 0x0) getsockopt$inet6_IPV6_XFRM_POLICY(r5, 0x29, 0x23, &(0x7f0000000600)={{{@in6=@private1, @in=@private}}, {{@in6=@initdev}, 0x0, @in=@empty}}, &(0x7f0000000700)=0xe8) r9 = openat$nvram(0xffffffffffffff9c, &(0x7f0000000740), 0x40400, 0x0) fsetxattr$trusted_overlay_upper(r5, &(0x7f0000000780), &(0x7f00000007c0)={0x0, 0xfb, 0xf9, 0x1, 0x2, "25e7aac2a7293e2b7706378e9480fd04", "d7dba5d623cfbccb4baa623a3d09f9a8d4939cc7331f07b6a1f3675e7075d5a6fb8ff50d5a4b4dce4a7cfc3153984777b0be34e53d7d5ab5387b9d6fc80feb8d3fac1072f8f09b0a3bd2d60cab6c5fdd20aedcc3dddf163d4b5d12d3d3252c22cf8473d8de312bb665dc2106bbf0faaa9c406093e5866fa61cbdb297fdccbfd5cd1c0ee1f0f2786f9b4a2eede9163523dbbdc4ade5b5cd14172d386518bcbfc9c4770a63bd01419d62264183cdb40efc70762b93cfcc716a137320ebedcdc3e06d23266aab31be5b435b605318b156ed05812684ee9a0ec2feeb160fe29be12960d26ec3"}, 0xf9, 0x2) syz_io_uring_setup(0x6d6, &(0x7f00000008c0)={0x0, 0xef0d, 0x0, 0x1, 0x326, 0x0, r8}, &(0x7f0000ff9000/0x2000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000000940), &(0x7f0000000980)) setsockopt$inet_tcp_buf(r5, 0x6, 0x1c, &(0x7f00000009c0)="84aa7177e97cd4698f03600de18281dded6dc90261874cd87e4397ed98a127fccf2674c4f61db9d11f5e52b785c31b8193792e2ea0bc4bddc42cadcce4280b579a1727f30bad5da9d048e9c0cc5897422fb4d5aeb3ec31de83cc685887840b4c8085465e987c9751f95b82669af2a4117ccb7486a34c136d862bb364754371331260663a0e080e12ef43897012f8c2f383a3e02bb193972927452712633c649e60ef3c90b43f0bdc58c1c7626756fa5abe5c2f7afc370153226a360b966e8b8508b116b6803ba52cfa04788278b6e6bb524f40d64486eba7638937c2382e2281abbe36e9b10b140de1650ade304a7fbd", 0xf0) r10 = accept4$packet(r9, 0x0, &(0x7f0000000d80), 0x400) ioctl$int_out(r10, 0x5460, &(0x7f0000000dc0)) 18:17:09 executing program 4: ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(0xffffffffffffffff, 0xc018937e, &(0x7f0000000000)={{0x1, 0x1, 0x18, 0xffffffffffffffff, @in_args={0x4}}, './file0\x00'}) r1 = openat$urandom(0xffffffffffffff9c, &(0x7f0000000040), 0x34000, 0x0) r2 = socket$inet_udp(0x2, 0x2, 0x0) r3 = dup2(r1, r2) r4 = accept4$unix(r3, &(0x7f0000000140), &(0x7f00000001c0)=0x6e, 0x80800) r5 = pidfd_getfd(r3, r2, 0x0) r6 = syz_open_procfs(0x0, &(0x7f0000000380)='net/softnet_stat\x00') r7 = fsmount(r3, 0x0, 0x8) io_submit(0x0, 0x6, &(0x7f00000016c0)=[&(0x7f0000000100)={0x0, 0x0, 0x0, 0x7, 0x3ff, r0, &(0x7f0000000080)="abebc46b0eceb99499448e9af3ea9b50bf9b169c6fc62459855bfe2c31fdac8dcdb093bd4b5617dc9896a7626ce8b81b9f0574f8b42956d8fa84944528703482ebfab23ed81ec9681e8c70a809b7c1294b5083b38e2807f362db976958fc57c74b7481a09a13d4be05a756796b5417c7e403ca8459f0", 0x76, 0x10001, 0x0, 0x1, r0}, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x8000, r4, &(0x7f0000000200)="203b5d1868413d6504669a1d1f736e915c285692989be27395fcdb1c39403b6b7b47a228aaa779712296d5f5f1fb4321265d47dbd02a3c0f0e23c51ad3c338e73bc248d19f7865c818963b34d58c531e24b4330ee3cb3d246721293a964d0ab6fd6ec5197f15931cbe37b24fe08869bad12a22602db8eb5b16c265c868", 0x7d, 0x2, 0x0, 0x1, r5}, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x1, 0x8, r0, &(0x7f00000002c0)="5347c2f60b695c7a492796891cc027d33a5797d776578cc78caadda82130203ef9852301fc89a43c6dd0dbd2742818a6fe006249e4f54fbec137dd1dc98017f60394a6ebeaa81b5d94ac742eb062b72684d293a2bfd5260eb0355b12a856c1d19b7ecb929424683045e9bcd0390cab93043f60878feb77fe4c8dabfda93099f103a7bfd76bc09d09ff038ff5305c4b08f4a139d6bd2e648afec65f899030471136e0b60054f1aa22747bdaa30f", 0xad, 0x8, 0x0, 0x2, r6}, &(0x7f0000001400)={0x0, 0x0, 0x0, 0x6, 0x9, r7, &(0x7f0000000400)="5655c99910b60f2d17e770cbc82b2049f85d222c301bfbe4f668a53bc187f586542ab2c7a77957fb34b243faaa2edec484fc7fbe1f4ab273992258cf9dbf47aad977c13ee9b5c7eb993fcb6a2d2db8bdb3ef8df1836afa7b1b7a829569ba453bbd9a3242d778319d3e1d9d5a0e113f016fff605f30cd1fa1aa6f440e348b995cc20dc29eefffb98eab8b044fb3cd6a0efdbb08ce8d80faaab62633796ba2cd2c2016b678fb40a89dcdf6c1ed11814233fc9c5420cdcfa9dae13eb6d9296d7832638ce4da8b54301a3dc686d82ebce7d211e67f8de41ce17491a5e60b308fb1132923a0e6978e454f575deacc068f9a7afd6fbf556df8e862b86e07a8e86067f2766a3d4b21729ef0331392f64745b505b8189e9a39891cd846ad22a5a1547f3f6eac913110fb591f4b1792e0d10e91ab83c2f0cb47bd0c74ba6b6592db32989996ae1ee0ebd8360e895c872037df9ff288ae1d6a7f5d381417d66c03a1dbd45644c88339264306dec5580fd78d4281a23df1846044bcd04b4b926460501a7b9c7bb926f7e84d8e4775e5c7dbe5aae225234eb8a046102fdacda5102851af570e4b6b8be3a102a81251b42695c250971deae14d9496c4c1bf94d08a68d8fb2a5d919148c84e7e3161016511497ce8439e4113c240ed33abf2ebd845516bc2e04f0257cf3c5d1d288c0795e44692bf7a291275b04ce341bfdf405a05a9a3714f3783fd724e4b9d55346aac0f417fa58ecb7d75309dd5b2a3e50169f349f69b3660282c94793e48165a2434be3de823207989c1ac8494ecbcba2efbe4e03fe091b9c8b185413b3853e4a76d62c9b7ac82a58e07ff6542ccfd26dc65cf099d565df54851482e218f8b4ffc87a2352fc124cdb367f4b3552128fc466b93d05e82c9d5cdefb92cd99cb704fd8e8d0e8e2fdfff98fb7746429bc02769cdb5649a2d54bc9de58da1560efcc81999103d55096c0bfed85c0f4e9c7dc48dd3499050088b55b71d24250cc76200dc322b997a18fc995df2f178966e1fdcd0457345d4154406ac03b2b13fa6c2567eef28f81ed5d1de0b0b265dbd58c7dfb33b0e50e860ec9a3fc9edac8c8bde8cd50248162be5a54cd3d81d401df4783673208639aff7d8f258614fbbf106cce0ac87422106dd6d4846a8ba78951fbda7ff0a3fefcc9a36499d2aa74413da3b141819c7eb6fd95a8f298706f33a249a0c52ae164a291f9ff90fcb5221d7e1bc31396f5b164e535c150ee7ec81b73d67d1fd1e2d4389af01927a449804aeae417314d94b65dff02e4c98bdbb01e9e61072706221684127c875aeb6dc631e78a94983f0eeed443a1fdd6bbb4f0dff8e23149f869cb1192960b1d481128253547a431d9dabd7d3d2aac9473c7d68e1dc12ad9240927cb3f5b5785384e9d9c524b594c2972159f0b73b685565a3f9c26f8090fc8e1779a876e31c4a97efc760666b1994d9d0d1a0807dd77c8d5d84704e4b735d606a2112554336dd1ca16cbf4f56799c84690321f29619051ba23cef9cf9b8b9f1d8ade4e72d70a016e51795beabc53ce451d2af47c349bf4e768b85d3b97c6e1dc36b5dbf11dd8c9bd652918f5804b962f095f0b8eb1c6e406828d37ac6be9b2cb852b285b48542a3602acace988b05bc5c1566aa298a5426c92cf16b69706ff9b98a4570aaf6fe1efef6393dcab7e0d22cd915c3cc577cae1c1f2f1b9e86af53fa8c43a12f672eb4e9719c8ade1f9c41bbcc733df61319c93567a47b51c1aeb06e0a5a9ca877b80068570499e1103c204f21ac92f44d73caca2b75854c1e6278fcbc864473d94de206f907be379a290ccc6d831482e2f5a6a73d64dd2bf8ecde6a21d92cd535f4a1b26a4bd34e27a589f9e43a0eefa028ce9437dade2c27bf0fc93e1965f8431db8cce1e3b1f377a7e2eaf783b6c5397bc674a36f5d9d5e004a343a329be20212adfa031764608f7fb734ee51020be5b6a9dcf3470ac6cc25409b9f8dc8aa447ebefc5a2ea05b7246dd4ebf3020cefb2dfc1bf6498775989645ab28af9df3c6b5fc6add062d7f818937e429649f00d37e0411391ad3491d66f61d56f8b4bddc22cfcff300ec4dd7f50a6a48e09fb73e4e1a35a1ae035bdb3dc985447b74d07058b2cde416e6ef659afa164dfa88e940347302513e150b52725e8991487407a3044f2de8a31fcfcf0f506541f6a522df949def06882ad2d620c6bde596e3c656630829fa91de21489698b53df384f51c71720993465e81e1683806addaef86422412a85a5c9073efbee168b9f554cd4da8c0b18e506441ef06bf5b926e66d20fd06a8ed409db763238d11cd5bab0725e8f70316a5162d7bef0ead846449439e90157169b439d8462508f43bc9223e2b05f20fbebf6275814641f8b33a65e906e121314b0b4f54db17ce8175a6f72e6b2142b87efb1c0a9ee9f4ca241e8757d8c6f5457a3c873d80280568b0d0ee4d12c1d8bf7a36ec6abe804ad5c1cce9425f9e1af44006f478f60979adeeceea5fe259722debf4f7f565e5e54845bbea57fe75f336a3b8e08cdec259f379e5515cb8451206f5d0442a57f2309dda8e2260d50937d0e8b90664a6f18db9230238df7df1f996fcd76e2a0cff904a210da9bfbae1dd9ca0e2d286ebd01b859b23fce3cfa0def3d1de0a8aed667bb9deefe692e1b30afbab94d88fe6bfcd32cdfa7f049c8b677a7f2b235d36310a3f2f50290e567ff42da7c3d9f8a7d47eacf1255333462b8968ff07a70c443721acd5c228b67ff682b02df9de99f00f64f170ee96c970b3586b6840e52544dfcb1224af65275f85f0e2f9e54115029a5d33af344f45a33364c489ead8e3ffd421cf618d6b8284fea19e52643c939f2c6526c8d3c9c8f52f6fda58e88e4df26a543c28e89e26bb32101ffe5eccf01df95427de9fabe78feec716c850ed72633e242f5305312f1ee5320146f4a51199a898d52bd4899645b6bc91ebd8feb4188389d200ea5f4fe5091ed7d86b465483ac90f519c99c3dc3022202a0823397ae11c8b49a2274772414a3ad7e13db078be27ccfc93942049c2b920b542e3205f1f31b9b8c3c36d47add0df7239d1d37d69fbc6e1e579f8ad57da09d521dabe80f2b54d97a902dc75597460f1eb81ee5f8324dbd3c3b0f0d90fbf19ba5343dfd8a5c052e28575bb7b6876c35bc05f84848d1e1886ddfa69b00569907980012ccf40147e1a7f877ede5b8b4ce78c3b31f1908d85d9883cb868876fe605db4e9cde9e11528513ebcc0ba1660aad5a83d5965b0ebd9e32006f957fdfa9f1b0a696bda02c3884655e784be853431435f8e7d9a78a6d500314243e0e7a4bc38336f53a1d48e6a920516d93460aafca8d041f4cd92216890eb3a31a967270accd050ac3a68e4e6a104119ab3b648c5bb911f025a08054299eb7f2cbc361b998dc23e22f9bc70475dfb9a171dc40c7ac45a82e8f77fac3eadc51bb4d66463fade81c71a3776d9dd6bb8075a6cb30a417034a487c82aa0fffd7783fd68248b27ed19330c4c73ec2cad22ddf0c0abf79d207db424ad578ec328976be8432df1eb60df533e79430100e886de0d0b047430db6208ba9172be3916fb2bce096f21a3c62fc007563aa5ae1fb14a4b7d0b372c5a3c5ed9cd5ed29616f7f82d840281c8fbcadd822920c300794847668f58e0e4846c2f6bf6374672bc95ab8ac81349ce1c1c438e41cc3808627bc3c7329285f71074c70e70070b573e6bde1c08943b03e5272e345f21ce5a513f11f573b977256989c07ea59e90b3765cfba1797acd1126a90382407e375847db1a9e11fe47629e22e3c7db92819c2bd791efddca65e843b31eab6c7151ad290d1500cdf54c3c6614d64ac6d86bf3a6f7f5ca6c8eb5bad3b3cc529990df4b1261eea8021bd2093bc820beeec933b555ef376a1c52a75bbb6283a617b8f31b0f5f7bd6b5412525888e1739de35a11f688811b37abba1d64e775a17e5e65c28c944b281555f7e306be505c83993e7e1e92ecedb477ea6dc508829e935c27cfaed62bfbea4f0383dcef40316541ab930e01fd357cd286078f49729237d3e28fe6b347381437cd1c281df3b5c872a19c09c3df25c4e3102d3bc0a42b0ef953f6c85fb3c9832694f10bc127083e53afba17a583869e36e48923fd2e5aa816916d7196de1aa26bdbc1060b516adfae75337999a2efb75b6ba8f95fd7685ac6a0d23a142b0c64088c70ec895a7dc3d8de9f298533ebe67e4f0091cb6c110b3abcf1d07c882a980a554614be2c6165aaed37926819eaade2da55fcb69eb2a7b5f0081a0fff6453e18dd6ba64e4b7b25c3f7a0e02b14424b294c03a75fa84ea0b8031cd76fe27e6674fd221ae30f223286e659904d322ab5e0776b599ee1523c25c08504c71f8f773f0bc75a04bcd730b4959592595af2dca6dba91d22228c69551ba1c7be1cee6c41593bdafd51ba962b674fe986f28cf06520a7e251d681873cd83981d6796f57755d5d000ad4000fc22b46548e18b09ab4324adb8994a9b4b84b64f9c1cec7b2c452dd0e5f4eebe1c7dbc37cc4e8a9bd707bd83cb433686a22ffb5b36d61519e0bbddaf46cfbf69cb7b14b8f8f5ec96a8b8cac25f6c9f6fe0bd83b21aa58b267ef1a6992dd2566af446f3579f36a0c245db67b1a4f65168482072b44311fb0a925803372bf31c6cd0cfb2c6932dfd41fa401212ec4f9b7fc776110adf52bd2478765a2288daa6f171cabaa04cd3a4f0d2c2fc0e5d735a8b311c1f8cb8ef5343697e9a3237a5dc01b7fdb16644c213be22e8ac739ddbac48023dfa4f50e301033f1dc6427245bf0b21a747439d971979a0e27a7b3351537a0e2543084ac1857ec6e959c8ce81a10257f1eb16840b1b0ee0e51bde539f409d28ccd18b9043ccdb0d2f2013eee9ff8b47de92b84dd299be0233d57642772bc2a0ab63707f0563c268f32fda76810ca8283e38bf3a5b9af92a0df69d5371deb8bcc244736bc179132b99c38cea67abf31f9bd52935a143c20b0714a3c8877a6dfb62b88a35b9d90b9e06e272030fd5ffdd7c9a0b5633c957753a52630f934ee20ca20ac6f2a09205cd6a2d9b6d6913745e67a0973eca383c747907268e99e5e1ad629a3728776cae4519d6bb3abed9047968af88a6a29d361dbe7b50d1e94d91f2bf18c066a916f54bf8a31157558e08887c4bfc019508b39700573b3cf72fca8b5274be41c47e80c9720329ac26747ce874bf48db6c6ce4863d9ff2b6e4a5635e5f4237887d038ffe9c5bbb2920124ce78225f7203f709748c7c1f23516b094dd02fa0e9a1cb85dd496f1844c5e218e7815aafce0a8d46a14737154f8df9a7f75acd65627d151124f00def74b9472dadb71278c55f7ca25564f467c263503f778d6ea7246211d700838d8fa97b64597eab89a84d9bf54b1125b89aeb63996782fd9d7d0e16c4da91253e99833cffd195e215b02bcde363abe982d8c080dd9f332e219bb3cc9f1b62d1a1334f8e504da27a1ba3a6ec93ab18aadca7bb28b262124eb1df299a1ad2f8f21f6a644ee561d61a486abee63ea10355d0b8f60f3d5567f99862b4fbeba8129f122e015e2e8a09546f2c092e5b55043c680609d06b2a599080078372fafd5632070d69892e55c6110c686fa9b3b2578ab10f897d6691589e2d176da2143b0b40e093337f521d13b254598a6b39659404e1125d69fd930b4bc1df5bd65269b546d3b40d699e1f17061c35b6243df31f86adf32968b329aa7acfcb8cf22d2d7547763346525c04ad50a8e3844dfdf1fa4ddaf1a72c378e6434e2919893c81bda4", 0x1000, 0x1f, 0x0, 0x2}, &(0x7f0000001540)={0x0, 0x0, 0x0, 0x6, 0xffff, r1, &(0x7f0000001440)="822418f4b300f88f080c4e5c808bfdbe42bedbbc7352003ce02beff348d4d8b76d1fcd8b878b049dbef6742663f92269e184063a92d162bf6b6b794c8069b87b63f878f9736734bd1f31c4f687fb2efa3017b079fac49603307d1b38fe94fa691a82bb1e760b2b0e4890a61ad465cd94de7141c0e624d71c79d12d301090871e1bbd674e26def191d5dfd30ce3d5dab00c49462a67bfad24afe4865c24345fcc4378be4c4a1bc2a47404f9612a4aacd8f360f1257cfd4051b3984bd865d2dece53260853a8d81a1ccca31cf840b91b9f1569984b", 0xd4, 0x401, 0x0, 0x1}, &(0x7f0000001680)={0x0, 0x0, 0x0, 0x7, 0xffff, r2, &(0x7f0000001580)="bf8f5b48b11bfe4a4df7aa79ce7a7a53707af19336963d5691020b3db8d66404af47f9e633411bd5072100badd748fd8e0730d0b755379b8d637ab2f841b6e285882bb2750a8ef0185d2679a17d7db6e8ee73e28480e6510957ed4ec37bd6aebe472af1ea834953447459830172b3b2a48c804f4ef8b85b5301603867ca225bf911a20c6e42aab1d5b247c5e8b18002e91c664feccd3ec5f29130755f41770766c127477264da415c5fef0b5caa4ec3c281100adcd48c9f9840ad85e50173993e6148b4a89de4bbedfbcbd62fdee437e3e3bf16e2aa849a18e6de7f6c49168bfdcea567d02c7bc389b52c4", 0xeb, 0x7, 0x0, 0x2, r3}]) socket$inet_udp(0x2, 0x2, 0x0) r8 = openat$thread_pidfd(0xffffffffffffff9c, &(0x7f0000001700), 0x8042, 0x0) fstat(r8, &(0x7f0000001740)) bind$inet(r7, &(0x7f00000017c0)={0x2, 0x4e23, @rand_addr=0x64010102}, 0x10) sendmsg$SMC_PNETID_ADD(r5, &(0x7f00000018c0)={&(0x7f0000001800)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000001880)={&(0x7f0000001840)={0x30, 0x0, 0x200, 0x70bd28, 0x25dfdbff, {}, [@SMC_PNETID_IBPORT={0x5, 0x4, 0x2}, @SMC_PNETID_ETHNAME={0x14, 0x2, 'veth1_to_bridge\x00'}]}, 0x30}, 0x1, 0x0, 0x0, 0x800}, 0x40811) ioctl$AUTOFS_DEV_IOCTL_VERSION(r5, 0xc0189371, &(0x7f0000001900)={{0x1, 0x1, 0x18, 0xffffffffffffffff}, './file0\x00'}) fcntl$getflags(r9, 0x401) getsockopt$sock_timeval(r5, 0x1, 0x42, &(0x7f0000001940), &(0x7f0000001980)=0x10) ioctl$F2FS_IOC_MOVE_RANGE(r8, 0xc020f509, &(0x7f00000019c0)={r3, 0x80, 0xbb55, 0x4}) r11 = syz_genetlink_get_family_id$devlink(&(0x7f0000001a40), r5) sendmsg$DEVLINK_CMD_TRAP_SET(r10, &(0x7f0000001b40)={&(0x7f0000001a00)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000001b00)={&(0x7f0000001a80)={0x54, r11, 0x0, 0x70bd2b, 0x25dfdbfd, {}, [{@pci={{0x8}, {0x11}}, {0x1c}, {0x5}}]}, 0x54}, 0x1, 0x0, 0x0, 0x4000001}, 0x40) 18:17:09 executing program 5: sendmsg$NL80211_CMD_SET_REG(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x2c, 0x0, 0x1, 0x70bd28, 0x25dfdbfe, {}, [@NL80211_ATTR_WIPHY={0x8, 0x1, 0x7}, @NL80211_ATTR_WIPHY={0x8, 0x1, 0x4e}, @NL80211_ATTR_USER_REG_HINT_TYPE={0x8}]}, 0x2c}, 0x1, 0x0, 0x0, 0x85}, 0x100) sendmsg$IEEE802154_SET_MACPARAMS(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x3c, 0x0, 0x1, 0x70bd27, 0x25dfdbfc, {}, [@IEEE802154_ATTR_CSMA_MAX_BE={0x5, 0x27, 0x8}, @IEEE802154_ATTR_LBT_ENABLED={0x5, 0x22, 0x1}, @IEEE802154_ATTR_CCA_ED_LEVEL={0x8, 0x24, 0xdf30}, @IEEE802154_ATTR_DEV_INDEX={0x8}, @IEEE802154_ATTR_CSMA_MAX_BE={0x5, 0x27, 0x81}]}, 0x3c}, 0x1, 0x0, 0x0, 0x5}, 0x4) r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000240), 0xffffffffffffffff) sendmsg$NLBL_MGMT_C_PROTOCOLS(r0, &(0x7f0000000340)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000300)={&(0x7f0000000280)={0x64, r1, 0x400, 0x70bd2d, 0x25dfdbff, {}, [@NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x5}, @NLBL_MGMT_A_IPV4ADDR={0x8, 0x7, @empty}, @NLBL_MGMT_A_IPV6ADDR={0x14, 0x5, @private1={0xfc, 0x1, '\x00', 0x1}}, @NLBL_MGMT_A_IPV6ADDR={0x14, 0x5, @local}, @NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x5}, @NLBL_MGMT_A_IPV4MASK={0x8, 0x8, @private=0xa010101}, @NLBL_MGMT_A_IPV4MASK={0x8, 0x8, @empty}]}, 0x64}, 0x1, 0x0, 0x0, 0x24000000}, 0x4004000) r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f00000003c0), r0) sendmsg$NLBL_MGMT_C_LISTDEF(r0, &(0x7f0000000480)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000440)={&(0x7f0000000400)={0x1c, r2, 0x40, 0x70bd2d, 0x25dfdbff, {}, [@NLBL_MGMT_A_FAMILY={0x6, 0xb, 0x5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x24000008}, 0x800) r3 = fcntl$dupfd(0xffffffffffffffff, 0x406, 0xffffffffffffffff) recvmsg(0xffffffffffffffff, &(0x7f0000005580)={&(0x7f00000041c0)=@ll={0x11, 0x0, 0x0}, 0x80, &(0x7f00000054c0)=[{&(0x7f0000004240)=""/173, 0xad}, {&(0x7f0000004300)=""/176, 0xb0}, {&(0x7f00000043c0)=""/204, 0xcc}, {&(0x7f00000044c0)=""/4096, 0x1000}], 0x4, &(0x7f0000005500)=""/114, 0x72}, 0x10023) ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f0000005640)={'syztnl2\x00', &(0x7f00000055c0)={'sit0\x00', 0x0, 0x29, 0x1f, 0xf9, 0x4, 0x44, @empty, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x40, 0x8000, 0xdcd, 0x6}}) sendmsg$TEAM_CMD_OPTIONS_GET(r3, &(0x7f00000058c0)={&(0x7f00000004c0), 0xc, &(0x7f0000005880)={&(0x7f0000005680)={0x1dc, 0x0, 0x100, 0x70bd27, 0x25dfdbfc, {}, [{{0x8}, {0x44, 0x2, 0x0, 0x1, [{0x40, 0x1, @lb_hash_stats={{{0x24}, {0x5}, {0x8, 0x4, 0x8000}}, {0x8}}}]}}, {{0x8, 0x1, r4}, {0x174, 0x2, 0x0, 0x1, [{0x44, 0x1, @name={{0x24}, {0x5}, {0x11, 0x4, 'activebackup\x00'}}}, {0x40, 0x1, @lb_tx_hash_to_port_mapping={{{0x24}, {0x5}, {0x8}}, {0x8}}}, {0x3c, 0x1, @user_linkup_enabled={{{0x24}, {0x5}, {0x4}}, {0x8, 0x6, r5}}}, {0x38, 0x1, @mcast_rejoin_count={{0x24}, {0x5}, {0x8, 0x4, 0x7}}}, {0x40, 0x1, @lb_hash_stats={{{0x24}, {0x5}, {0x8, 0x4, 0xfffff1ce}}, {0x8}}}, {0x38, 0x1, @mcast_rejoin_count={{0x24}, {0x5}, {0x8, 0x4, 0x1000000}}}]}}]}, 0x1dc}, 0x1, 0x0, 0x0, 0x10}, 0x0) r6 = openat$urandom(0xffffffffffffff9c, &(0x7f0000005900), 0x0, 0x0) ioctl$BTRFS_IOC_LOGICAL_INO_V2(r6, 0xc038943b, &(0x7f0000005980)={0x5, 0x18, '\x00', 0x0, &(0x7f0000005940)=[0x0, 0x0, 0x0]}) sendmsg$IEEE802154_LLSEC_LIST_DEVKEY(0xffffffffffffffff, &(0x7f0000005a80)={&(0x7f00000059c0)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000005a40)={&(0x7f0000005a00)={0x14, 0x0, 0x200, 0x70bd27, 0x25dfdbfc, {}, [""]}, 0x14}, 0x1, 0x0, 0x0, 0x200098c5}, 0x2004c081) r7 = openat$null(0xffffffffffffff9c, &(0x7f0000005ac0), 0xffe59083e84d19b7, 0x0) sendmsg$BATADV_CMD_GET_BLA_CLAIM(r7, &(0x7f0000005bc0)={&(0x7f0000005b00)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000005b80)={&(0x7f0000005b40)={0x3c, 0x0, 0x800, 0x70bd28, 0x25dfdbfe, {}, [@BATADV_ATTR_ELP_INTERVAL={0x8, 0x3a, 0x2}, @BATADV_ATTR_HOP_PENALTY={0x5, 0x35, 0xff}, @BATADV_ATTR_DISTRIBUTED_ARP_TABLE_ENABLED={0x5, 0x2f, 0x1}, @BATADV_ATTR_ELP_INTERVAL={0x8, 0x3a, 0x2}, @BATADV_ATTR_ORIG_INTERVAL={0x8, 0x39, 0x4}]}, 0x3c}, 0x1, 0x0, 0x0, 0x4000081}, 0x40000) sendmsg$TIPC_NL_MEDIA_GET(r7, &(0x7f0000006140)={&(0x7f0000005c00), 0xc, &(0x7f0000006100)={&(0x7f0000005c40)={0x484, 0x0, 0x100, 0x70bd2d, 0x25dfdbfc, {}, [@TIPC_NLA_NODE={0xc, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_ADDR={0x8}]}, @TIPC_NLA_NET={0x44, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_ADDR={0x8, 0x2, 0x6}, @TIPC_NLA_NET_NODEID={0xc, 0x3, 0x6}, @TIPC_NLA_NET_NODEID={0xc, 0x3, 0x3}, @TIPC_NLA_NET_ADDR={0x8, 0x2, 0x10000}, @TIPC_NLA_NET_NODEID_W1={0xc}, @TIPC_NLA_NET_NODEID={0xc, 0x3, 0x5}]}, @TIPC_NLA_BEARER={0x94, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_NAME={0xf, 0x1, @l2={'ib', 0x3a, 'ip_vti0\x00'}}, @TIPC_NLA_BEARER_PROP={0x24, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0xde2}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x24}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x20}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x7}]}, @TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0xaf48}, @TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x1}, @TIPC_NLA_BEARER_PROP={0xc, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x19}]}, @TIPC_NLA_BEARER_UDP_OPTS={0x38, 0x4, {{0x20, 0x1, @in6={0xa, 0x4e22, 0x9, @private1={0xfc, 0x1, '\x00', 0x1}, 0x1}}, {0x14, 0x2, @in={0x2, 0x4e22, @dev={0xac, 0x14, 0x14, 0x39}}}}}, @TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x3a}]}, @TIPC_NLA_LINK={0x88, 0x4, 0x0, 0x1, [@TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz1\x00'}, @TIPC_NLA_LINK_PROP={0x14, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x2}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x3f}]}, @TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz0\x00'}, @TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz1\x00'}, @TIPC_NLA_LINK_PROP={0xc, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x41c}]}, @TIPC_NLA_LINK_PROP={0x34, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x5}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x4}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x6aa}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x13}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0xe1bd}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x10}]}, @TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz1\x00'}]}, @TIPC_NLA_NODE={0x17c, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x48, 0x4, {'gcm(aes)\x00', 0x20, "7c0c0a273e89042e94d30e5bc4c59bd2731d7dad9430e521f17ab3964f5ee70c"}}, @TIPC_NLA_NODE_ID={0x99, 0x3, "c5010df1ac3a11256109f44e4d381a988d0829df19e174967fd6d0a26650be8b57d879cce7a699e8c858bebe435fe52897be868d59c37a8072f7a05c76f8f5ae576bce2e58adaf5671c9c3922cb3a3c8a3b75dd11e758053871ecb8642b6e637906ee06c9de9d0f4890b6abe52937e1f0e663b8be2ff3bb7a32845c2a5765ab68900597fd5adfce5a2e19d2bcef1eb3ccafdcde057"}, @TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x7f}, @TIPC_NLA_NODE_ID={0x5f, 0x3, "a89c51ba3042430c73fa84dbe2fa00b57a6f73ce3f0a964f846818b1094af3a727814a8d1ab60d14a32747c49cd29596ac0ae09197df92fdc7311bac1f06a77990c0bd03b6860c6b545c9b7fb634fae444d3c99390e35586e9c538"}, @TIPC_NLA_NODE_ADDR={0x8, 0x1, 0xee27}, @TIPC_NLA_NODE_ID={0x23, 0x3, "79c15f6f52e0ed93b92232515a0f9f099379524aba9cefe74a0d40c7704311"}]}, @TIPC_NLA_MEDIA={0x38, 0x5, 0x0, 0x1, [@TIPC_NLA_MEDIA_PROP={0x1c, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x1}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x19}, @TIPC_NLA_PROP_WIN={0x8}]}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'udp\x00'}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'udp\x00'}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'udp\x00'}]}, @TIPC_NLA_SOCK={0xc, 0x2, 0x0, 0x1, [@TIPC_NLA_SOCK_REF={0x8, 0x2, 0x53b}]}, @TIPC_NLA_LINK={0xc0, 0x4, 0x0, 0x1, [@TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz1\x00'}, @TIPC_NLA_LINK_PROP={0x2c, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x4}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0xff}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xc}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x2}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x40}]}, @TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz0\x00'}, @TIPC_NLA_LINK_PROP={0x24, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x12}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0xffffffff}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x2}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x1c}]}, @TIPC_NLA_LINK_PROP={0x3c, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0xffff}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x1f}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x9}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x2}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x3}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x1f}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x1}]}, @TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz1\x00'}, @TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz1\x00'}]}, @TIPC_NLA_LINK={0x40, 0x4, 0x0, 0x1, [@TIPC_NLA_LINK_PROP={0x3c, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x80}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0xfffffffe}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0xffffffff}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x18}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x3}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x1}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x6}]}]}, @TIPC_NLA_MON={0x44, 0x9, 0x0, 0x1, [@TIPC_NLA_MON_REF={0x8, 0x2, 0x1000000}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0xfffffff8}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x9}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x2}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x20}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x3}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x18280000}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x7}]}]}, 0x484}, 0x1, 0x0, 0x0, 0x40040}, 0x20004080) sendmsg$NLBL_CIPSOV4_C_REMOVE(r0, &(0x7f00000062c0)={&(0x7f0000006180)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000006280)={&(0x7f00000061c0)={0xb4, 0x0, 0x8, 0x70bd2a, 0x25dfdbfd, {}, [@NLBL_CIPSOV4_A_DOI={0x8, 0x1, 0x3}, @NLBL_CIPSOV4_A_DOI={0x8, 0x1, 0x3}, @NLBL_CIPSOV4_A_DOI={0x8, 0x1, 0x3}, @NLBL_CIPSOV4_A_TAGLST={0x2c, 0x4, 0x0, 0x1, [{0x5}, {0x5, 0x3, 0x5}, {0x5, 0x3, 0x1}, {0x5}, {0x5, 0x3, 0x7}]}, @NLBL_CIPSOV4_A_TAGLST={0x54, 0x4, 0x0, 0x1, [{0x5, 0x3, 0x1}, {0x5, 0x3, 0x2}, {0x5, 0x3, 0x5}, {0x5, 0x3, 0x2}, {0x5, 0x3, 0x5}, {0x5, 0x3, 0x6}, {0x5, 0x3, 0x1}, {0x5, 0x3, 0x2}, {0x5}, {0x5, 0x3, 0x7}]}, @NLBL_CIPSOV4_A_DOI={0x8, 0x1, 0x1}]}, 0xb4}, 0x1, 0x0, 0x0, 0x20008000}, 0x20000000) sendmsg$TIPC_CMD_SET_LINK_TOL(r3, &(0x7f0000006400)={&(0x7f0000006300)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f00000063c0)={&(0x7f0000006340)={0x68, 0x0, 0x2, 0x70bd2a, 0x25dfdbff, {{}, {}, {0x4c, 0x18, {0x6, @media='ib\x00'}}}, ["", "", "", "", "", "", ""]}, 0x68}, 0x1, 0x0, 0x0, 0x10}, 0x1) sendmsg$NL802154_CMD_GET_SEC_KEY(r0, &(0x7f0000006500)={&(0x7f0000006440), 0xc, &(0x7f00000064c0)={&(0x7f0000006480)={0x28, 0x0, 0x2, 0x70bd27, 0x25dfdbfe, {}, [@NL802154_ATTR_IFINDEX={0x8}, @NL802154_ATTR_WPAN_DEV={0xc}]}, 0x28}, 0x1, 0x0, 0x0, 0x4}, 0x4000000) 18:17:09 executing program 6: r0 = creat(&(0x7f0000000000)='./file0\x00', 0x40) r1 = openat$cgroup_pressure(r0, &(0x7f0000000040)='cpu.pressure\x00', 0x2, 0x0) getsockopt$inet_tcp_TCP_REPAIR_WINDOW(r1, 0x6, 0x1d, &(0x7f0000000080), &(0x7f00000000c0)=0x14) r2 = creat(&(0x7f0000000100)='./file0\x00', 0x110) r3 = syz_open_dev$vcsu(&(0x7f0000000140), 0x5, 0xc5fab0f147e9bee5) sendmsg$NFT_MSG_GETOBJ_RESET(0xffffffffffffffff, &(0x7f0000000240)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000200)={&(0x7f00000001c0)={0x38, 0x15, 0xa, 0x5, 0x0, 0x0, {0x7, 0x0, 0x1}, [@NFTA_OBJ_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_OBJ_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_OBJ_TABLE={0x9, 0x1, 'syz1\x00'}]}, 0x38}, 0x1, 0x0, 0x0, 0x4000000}, 0x884) r4 = creat(&(0x7f0000000280)='./file0\x00', 0x2) r5 = creat(&(0x7f00000002c0)='./file0\x00', 0x145) ioctl$F2FS_IOC_RESIZE_FS(0xffffffffffffffff, 0x4008f510, &(0x7f0000000300)=0xd1d) ioctl$AUTOFS_DEV_IOCTL_FAIL(r3, 0xc0189377, &(0x7f0000000340)={{0x1, 0x1, 0x18, r4, {0x0, 0xffffffff}}, './file0\x00'}) sendmsg$IPCTNL_MSG_CT_GET(r6, &(0x7f0000000440)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000400)={&(0x7f00000003c0)={0x1c, 0x1, 0x1, 0x3, 0x0, 0x0, {0x0, 0x0, 0x7}, [@CTA_ID={0x8}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4000}, 0x24000050) fcntl$setpipe(r1, 0x407, 0x3f) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r2, 0xc018937b, &(0x7f0000000480)={{0x1, 0x1, 0x18, r0, {0xffffffffffffffff}}, './file0\x00'}) sendmsg$NL80211_CMD_GET_REG(r7, &(0x7f0000000580)={&(0x7f00000004c0)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000540)={&(0x7f0000000500)={0x38, 0x0, 0x100, 0x70bd2a, 0x25dfdbfb, {}, [@NL80211_ATTR_WIPHY={0x8, 0x1, 0x9}, @NL80211_ATTR_WIPHY={0x8, 0x1, 0x10}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'bb\x00'}, @NL80211_ATTR_SOCKET_OWNER={0x4}, @NL80211_ATTR_DFS_REGION={0x5, 0x92, 0x2}]}, 0x38}, 0x1, 0x0, 0x0, 0x20000000}, 0xc050) sendmsg$NL80211_CMD_SET_KEY(0xffffffffffffffff, &(0x7f0000000680)={&(0x7f00000005c0), 0xc, &(0x7f0000000640)={&(0x7f0000000600)={0x30, 0x0, 0xd2f, 0x70bd26, 0x25dfdbfc, {{}, {@void, @void}}, [@NL80211_ATTR_KEY_DATA_WEP104={0x11, 0x7, "81c3f8d164bb48d9ddd5205ac4"}, @NL80211_ATTR_KEY_CIPHER={0x8, 0x9, 0xfac05}]}, 0x30}}, 0x800) setsockopt$netlink_NETLINK_RX_RING(r7, 0x10e, 0x6, &(0x7f00000006c0)={0x6, 0x8, 0x7fff, 0x4d0}, 0x10) ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(0xffffffffffffffff, 0xc018937d, &(0x7f0000000700)={{0x1, 0x1, 0x18, r6, {0x4}}, './file0\x00'}) sendmsg$IPCTNL_MSG_CT_GET(r8, &(0x7f0000000800)={&(0x7f0000000740)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f00000007c0)={&(0x7f0000000780)={0x14, 0x1, 0x1, 0x3, 0x0, 0x0, {0x2, 0x0, 0x3}}, 0x14}, 0x1, 0x0, 0x0, 0x8000}, 0x0) ioctl$EXT4_IOC_MOVE_EXT(r4, 0xc028660f, &(0x7f0000000840)={0x0, 0xffffffffffffffff, 0x4bc, 0x4, 0x4, 0x8001}) openat$cgroup_procs(r5, &(0x7f0000000880)='tasks\x00', 0x2, 0x0) [ 73.324532] audit: type=1400 audit(1664648229.497:6): avc: denied { execmem } for pid=291 comm="syz-executor.0" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1 18:17:09 executing program 7: ioctl$AUTOFS_DEV_IOCTL_READY(0xffffffffffffffff, 0xc0189376, &(0x7f0000000000)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x1}}, './file0\x00'}) ioctl$BTRFS_IOC_DEV_INFO(r0, 0xd000941e, &(0x7f0000000040)={0x0, "573e5fce29c2db3517252daba4c4519e"}) r2 = openat(r0, &(0x7f0000001040)='./file0\x00', 0x40, 0x190) fcntl$F_GET_RW_HINT(r2, 0x40b, &(0x7f0000001080)) r3 = perf_event_open(&(0x7f00000010c0)={0x1, 0x80, 0x0, 0x2, 0x7, 0x5, 0x0, 0x2, 0x4040, 0x6, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x2, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0xfffffffffffffeff, 0x1000}, 0xa1, 0x6, 0x2, 0x4, 0x9, 0x6, 0x1, 0x0, 0x7, 0x0, 0x6}, 0x0, 0x272d, r2, 0x0) ioctl$BTRFS_IOC_SCRUB(r3, 0xc400941b, &(0x7f0000001140)={r1, 0xe43c, 0x9}) ioctl$F2FS_IOC_RELEASE_VOLATILE_WRITE(r3, 0xf504, 0x0) r4 = fspick(r2, &(0x7f0000001540)='./file0\x00', 0x1) ioctl$BTRFS_IOC_DEFAULT_SUBVOL(r4, 0x40089413, &(0x7f0000001580)=0x2) syz_mount_image$vfat(&(0x7f00000015c0), &(0x7f0000001600)='./file0\x00', 0x4, 0x7, &(0x7f0000001980)=[{&(0x7f0000001640)="bd6c15c1b497", 0x6, 0x7}, {&(0x7f0000001680)="686ffe8817d2fa7674582bd65d76011275cbc5e2a746005a09f6b2ddba4cfa3264e4787aca14ac95d1ef1e08b413b7aadb0ea01a8e49b20fec017ef3807c19a5ef6795", 0x43, 0xbdf}, {&(0x7f0000001700)="38792295db49ea29ad1b125295aac4d14df4e07b5a7d7b28a75820c5f188dc961a0dc1a889792f3360c6a11b126f5591998ce25bfe2ca81bde49b60b31a8e675dcc5f7a65e9e305707e431364ab1e939f5dddd28ebcccc1a0dc2b243f79bf6dd23d338c49c2f4b334094af70ac6a41c7d9abcd7d36093aeee50ff0b389211d616c3a38a5105f81206ca75ca75051fa05391bfda7ca88c623361ee54b2373615dea4d001da904308805ca8bee6b1c4dea9d22e727d3c0702fa8b16132423b04e01a7c89da059a9a635bae0bb154bbeb371a26a4c02a7b7d66a41d67905ef18f94deb4e1373628ab282337d4ebca3ed14cc0fce1560a3f3db2a47b0d7c", 0xfc, 0x8}, {&(0x7f0000001800), 0x0, 0x5}, {&(0x7f0000001840)="3cb9c8cb979cfdd05b260ed0acb522c300bf98ca83854bcc92c7ef64d4886ab08c1a9aac5c", 0x25, 0x80000001}, {&(0x7f0000001880)="572490066d28c46c5503ceace8fb5b37c3b9f1b90c3b88d1397ed56d358afcf5d59edced48adb48e7010bc374a8f5bd095", 0x31, 0x200}, {&(0x7f00000018c0)="cdf1eeb437d2758d7c5beb07eba87d890435d4b3ef527ccfec4b119133949a52df77166ac93cf83031e0c709a90d9bd06f4c3e9e36abe4141c6276dc3824da9a5a8b1a5151961651fbe6cea95b4faeadd695c86462bdb0539d43c9e689f85ad4672265ab8cf2925aeb87ef4d2848b39e8324ac1388a1bd3d78ff8ed7beb6b379cbc4668eecb1976164d2e665bef8723f374e5cc7ab52745912aba08b8443ee22c570200a94e4", 0xa6, 0x5}], 0x8002, &(0x7f0000001a40)={[{@uni_xlateno}], [{@permit_directio}, {@context={'context', 0x3d, 'root'}}, {@smackfsroot={'smackfsroot', 0x3d, '\x00'}}, {@uid_eq={'uid', 0x3d, 0xee01}}, {@euid_gt={'euid>', 0xffffffffffffffff}}, {@smackfsfloor={'smackfsfloor', 0x3d, '}}&'}}, {@dont_hash}, {@obj_user={'obj_user', 0x3d, '(}-'}}, {@subj_role={'subj_role', 0x3d, '/$%.)N'}}, {@uid_eq={'uid', 0x3d, 0xffffffffffffffff}}]}) ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f0000001b00)={r3, 0xb10, 0x6a1, 0x23}) r5 = gettid() r6 = perf_event_open(&(0x7f0000001b80)={0x5, 0x80, 0xf7, 0x6, 0x9, 0x4, 0x0, 0x8, 0x80000, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x6, 0x1, @perf_bp={&(0x7f0000001b40), 0x5}, 0x40000, 0x7, 0x4, 0x9, 0x5, 0x3, 0x8, 0x0, 0x6, 0x0, 0x9}, r5, 0x2, r0, 0xa) r7 = perf_event_open(&(0x7f0000001c00)={0x3, 0x80, 0x40, 0x7, 0x5, 0x0, 0x0, 0x1, 0x12108, 0xa, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x3ff, 0x0, @perf_config_ext={0x0, 0x5}, 0xd01, 0x1, 0x5, 0x0, 0x7, 0x4, 0x7, 0x0, 0x663, 0x0, 0x480000000000}, r5, 0x5, r6, 0xa) fallocate(r7, 0x4, 0x4, 0xfffffffffffffff8) r8 = openat$nvram(0xffffffffffffff9c, &(0x7f0000001c80), 0x200, 0x0) ioctl$BTRFS_IOC_QGROUP_CREATE(r8, 0x4010942a, &(0x7f0000001cc0)={0x1, 0x7fff}) ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r8, 0xc0189375, &(0x7f0000001d00)={{0x1, 0x1, 0x18, r8}, './file0/../file0\x00'}) r9 = timerfd_create(0x1, 0x80800) fcntl$dupfd(r9, 0x406, 0xffffffffffffffff) [ 74.686141] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 74.688568] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 74.691102] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 74.692447] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 74.693888] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 74.695327] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 74.698843] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 74.700213] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 74.701838] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 74.703655] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 74.704845] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 74.731964] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 74.733144] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 74.734847] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 74.737733] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 74.739391] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 74.740689] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 74.742014] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 74.746870] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 74.747935] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 74.749087] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 74.750358] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 74.751569] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 74.752807] Bluetooth: hci1: HCI_REQ-0x0c1a [ 74.754319] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 74.756520] Bluetooth: hci2: HCI_REQ-0x0c1a [ 74.759503] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 74.760794] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 74.762515] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 74.762601] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 74.782404] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 74.783474] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 74.784627] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 74.784654] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 74.785646] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 74.786889] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 74.791422] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 74.791632] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 74.793419] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 74.794995] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 74.796442] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 74.798582] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 74.799503] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 74.799772] Bluetooth: hci6: HCI_REQ-0x0c1a [ 74.801208] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 74.803820] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 74.808169] Bluetooth: hci7: HCI_REQ-0x0c1a [ 74.808182] Bluetooth: hci5: HCI_REQ-0x0c1a [ 74.809769] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 74.809857] Bluetooth: hci3: HCI_REQ-0x0c1a [ 74.835084] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 74.838289] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 74.840159] Bluetooth: hci4: HCI_REQ-0x0c1a [ 74.840209] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 74.842942] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 74.847208] Bluetooth: hci0: HCI_REQ-0x0c1a [ 76.817517] Bluetooth: hci2: command 0x0409 tx timeout [ 76.818262] Bluetooth: hci1: command 0x0409 tx timeout [ 76.818721] Bluetooth: hci5: command 0x0409 tx timeout [ 76.819209] Bluetooth: hci6: command 0x0409 tx timeout [ 76.881132] Bluetooth: hci4: command 0x0409 tx timeout [ 76.882241] Bluetooth: hci0: command 0x0409 tx timeout [ 76.882707] Bluetooth: hci7: command 0x0409 tx timeout [ 76.883188] Bluetooth: hci3: command 0x0409 tx timeout [ 78.866162] Bluetooth: hci6: command 0x041b tx timeout [ 78.866684] Bluetooth: hci5: command 0x041b tx timeout [ 78.867182] Bluetooth: hci1: command 0x041b tx timeout [ 78.867635] Bluetooth: hci2: command 0x041b tx timeout [ 78.930136] Bluetooth: hci3: command 0x041b tx timeout [ 78.930625] Bluetooth: hci7: command 0x041b tx timeout [ 78.931095] Bluetooth: hci0: command 0x041b tx timeout [ 78.931532] Bluetooth: hci4: command 0x041b tx timeout [ 80.915173] Bluetooth: hci2: command 0x040f tx timeout [ 80.916312] Bluetooth: hci1: command 0x040f tx timeout [ 80.917098] Bluetooth: hci5: command 0x040f tx timeout [ 80.918223] Bluetooth: hci6: command 0x040f tx timeout [ 80.978230] Bluetooth: hci4: command 0x040f tx timeout [ 80.979282] Bluetooth: hci0: command 0x040f tx timeout [ 80.979965] Bluetooth: hci7: command 0x040f tx timeout [ 80.980955] Bluetooth: hci3: command 0x040f tx timeout [ 82.961229] Bluetooth: hci6: command 0x0419 tx timeout [ 82.961968] Bluetooth: hci5: command 0x0419 tx timeout [ 82.962689] Bluetooth: hci1: command 0x0419 tx timeout [ 82.963398] Bluetooth: hci2: command 0x0419 tx timeout [ 83.025195] Bluetooth: hci3: command 0x0419 tx timeout [ 83.025921] Bluetooth: hci7: command 0x0419 tx timeout [ 83.027245] Bluetooth: hci0: command 0x0419 tx timeout [ 83.027973] Bluetooth: hci4: command 0x0419 tx timeout 18:18:08 executing program 6: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x11, 0xffffffffffffffff, 0xa015000) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x2, 0x0) pwrite64(r1, &(0x7f00000000c0)='9', 0x1, 0x8040000) ioctl$FS_IOC_FIEMAP(r1, 0xc020660b, &(0x7f0000000380)={0x0, 0x3ff}) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x11, 0xffffffffffffffff, 0xa015000) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r2, &(0x7f0000001180)=ANY=[], 0x220) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r2, r0, 0x0, 0xfffffdef) lstat(&(0x7f0000000000)='./file1\x00', &(0x7f0000000180)) [ 132.355995] loop6: detected capacity change from 0 to 40 [ 132.430245] audit: type=1400 audit(1664648288.603:7): avc: denied { open } for pid=3771 comm="syz-executor.6" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 [ 132.432566] audit: type=1400 audit(1664648288.603:8): avc: denied { kernel } for pid=3771 comm="syz-executor.6" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 [ 132.449174] ------------[ cut here ]------------ [ 132.449202] [ 132.449206] ====================================================== [ 132.449212] WARNING: possible circular locking dependency detected [ 132.449217] 6.0.0-rc7-next-20220930 #1 Not tainted [ 132.449227] ------------------------------------------------------ [ 132.449232] syz-executor.6/3773 is trying to acquire lock: [ 132.449241] ffffffff853faab8 ((console_sem).lock){....}-{2:2}, at: down_trylock+0xe/0x70 [ 132.449297] [ 132.449297] but task is already holding lock: [ 132.449301] ffff88800fb83020 (&ctx->lock){....}-{2:2}, at: __perf_event_task_sched_out+0x53b/0x18d0 [ 132.449340] [ 132.449340] which lock already depends on the new lock. [ 132.449340] [ 132.449344] [ 132.449344] the existing dependency chain (in reverse order) is: [ 132.449349] [ 132.449349] -> #3 (&ctx->lock){....}-{2:2}: [ 132.449369] _raw_spin_lock+0x2a/0x40 [ 132.449385] __perf_event_task_sched_out+0x53b/0x18d0 [ 132.449402] __schedule+0xedd/0x2470 [ 132.449423] schedule+0xda/0x1b0 [ 132.449442] exit_to_user_mode_prepare+0x114/0x1a0 [ 132.449460] syscall_exit_to_user_mode+0x19/0x40 [ 132.449479] do_syscall_64+0x48/0x90 [ 132.449505] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 132.449524] [ 132.449524] -> #2 (&rq->__lock){-.-.}-{2:2}: [ 132.449544] _raw_spin_lock_nested+0x30/0x40 [ 132.449559] raw_spin_rq_lock_nested+0x1e/0x30 [ 132.449578] task_fork_fair+0x63/0x4d0 [ 132.449603] sched_cgroup_fork+0x3d0/0x540 [ 132.449624] copy_process+0x4183/0x6e20 [ 132.449639] kernel_clone+0xe7/0x890 [ 132.449653] user_mode_thread+0xad/0xf0 [ 132.449668] rest_init+0x24/0x250 [ 132.449686] arch_call_rest_init+0xf/0x14 [ 132.449711] start_kernel+0x4c6/0x4eb [ 132.449733] secondary_startup_64_no_verify+0xe0/0xeb [ 132.449754] [ 132.449754] -> #1 (&p->pi_lock){-.-.}-{2:2}: [ 132.449774] _raw_spin_lock_irqsave+0x39/0x60 [ 132.449790] try_to_wake_up+0xab/0x1930 [ 132.449809] up+0x75/0xb0 [ 132.449830] __up_console_sem+0x6e/0x80 [ 132.449853] console_unlock+0x46a/0x590 [ 132.449876] do_con_write+0xc05/0x1d50 [ 132.449892] con_write+0x21/0x40 [ 132.449905] n_tty_write+0x4d4/0xfe0 [ 132.449922] file_tty_write.constprop.0+0x455/0x8a0 [ 132.449939] vfs_write+0x9c3/0xd90 [ 132.449963] ksys_write+0x127/0x250 [ 132.449986] do_syscall_64+0x3b/0x90 [ 132.450011] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 132.450033] [ 132.450033] -> #0 ((console_sem).lock){....}-{2:2}: [ 132.450053] __lock_acquire+0x2a02/0x5e70 [ 132.450078] lock_acquire+0x1a2/0x530 [ 132.450101] _raw_spin_lock_irqsave+0x39/0x60 [ 132.450117] down_trylock+0xe/0x70 [ 132.450138] __down_trylock_console_sem+0x3b/0xd0 [ 132.450162] vprintk_emit+0x16b/0x560 [ 132.450186] vprintk+0x84/0xa0 [ 132.450209] _printk+0xba/0xf1 [ 132.450225] report_bug.cold+0x72/0xab [ 132.450249] handle_bug+0x3c/0x70 [ 132.450273] exc_invalid_op+0x14/0x50 [ 132.450298] asm_exc_invalid_op+0x16/0x20 [ 132.450316] group_sched_out.part.0+0x2c7/0x460 [ 132.450343] ctx_sched_out+0x8f1/0xc10 [ 132.450367] __perf_event_task_sched_out+0x6d0/0x18d0 [ 132.450383] __schedule+0xedd/0x2470 [ 132.450403] schedule+0xda/0x1b0 [ 132.450423] exit_to_user_mode_prepare+0x114/0x1a0 [ 132.450439] syscall_exit_to_user_mode+0x19/0x40 [ 132.450457] do_syscall_64+0x48/0x90 [ 132.450481] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 132.450500] [ 132.450500] other info that might help us debug this: [ 132.450500] [ 132.450504] Chain exists of: [ 132.450504] (console_sem).lock --> &rq->__lock --> &ctx->lock [ 132.450504] [ 132.450526] Possible unsafe locking scenario: [ 132.450526] [ 132.450529] CPU0 CPU1 [ 132.450533] ---- ---- [ 132.450536] lock(&ctx->lock); [ 132.450544] lock(&rq->__lock); [ 132.450554] lock(&ctx->lock); [ 132.450563] lock((console_sem).lock); [ 132.450571] [ 132.450571] *** DEADLOCK *** [ 132.450571] [ 132.450574] 2 locks held by syz-executor.6/3773: [ 132.450584] #0: ffff88806ce37e98 (&rq->__lock){-.-.}-{2:2}, at: __schedule+0x1cf/0x2470 [ 132.450627] #1: ffff88800fb83020 (&ctx->lock){....}-{2:2}, at: __perf_event_task_sched_out+0x53b/0x18d0 [ 132.450666] [ 132.450666] stack backtrace: [ 132.450670] CPU: 0 PID: 3773 Comm: syz-executor.6 Not tainted 6.0.0-rc7-next-20220930 #1 [ 132.450689] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 132.450700] Call Trace: [ 132.450705] [ 132.450710] dump_stack_lvl+0x8b/0xb3 [ 132.450737] check_noncircular+0x263/0x2e0 [ 132.450762] ? format_decode+0x26c/0xb50 [ 132.450786] ? print_circular_bug+0x450/0x450 [ 132.450811] ? simple_strtoul+0x30/0x30 [ 132.450835] ? format_decode+0x26c/0xb50 [ 132.450860] ? alloc_chain_hlocks+0x1ec/0x5a0 [ 132.450886] __lock_acquire+0x2a02/0x5e70 [ 132.450918] ? lockdep_hardirqs_on_prepare+0x410/0x410 [ 132.450952] lock_acquire+0x1a2/0x530 [ 132.450976] ? down_trylock+0xe/0x70 [ 132.451002] ? lock_release+0x750/0x750 [ 132.451032] ? vprintk+0x84/0xa0 [ 132.451059] _raw_spin_lock_irqsave+0x39/0x60 [ 132.451075] ? down_trylock+0xe/0x70 [ 132.451099] down_trylock+0xe/0x70 [ 132.451122] ? vprintk+0x84/0xa0 [ 132.451147] __down_trylock_console_sem+0x3b/0xd0 [ 132.451173] vprintk_emit+0x16b/0x560 [ 132.451201] vprintk+0x84/0xa0 [ 132.451227] _printk+0xba/0xf1 [ 132.451244] ? record_print_text.cold+0x16/0x16 [ 132.451267] ? report_bug.cold+0x66/0xab [ 132.451294] ? group_sched_out.part.0+0x2c7/0x460 [ 132.451321] report_bug.cold+0x72/0xab [ 132.451349] handle_bug+0x3c/0x70 [ 132.451375] exc_invalid_op+0x14/0x50 [ 132.451401] asm_exc_invalid_op+0x16/0x20 [ 132.451420] RIP: 0010:group_sched_out.part.0+0x2c7/0x460 [ 132.451450] Code: 5e 41 5f e9 8b ae ef ff e8 86 ae ef ff 65 8b 1d 0b 18 ac 7e 31 ff 89 de e8 26 ab ef ff 85 db 0f 84 8a 00 00 00 e8 69 ae ef ff <0f> 0b e9 a5 fe ff ff e8 5d ae ef ff 48 8d 7d 10 48 b8 00 00 00 00 [ 132.451467] RSP: 0018:ffff88803fb87c48 EFLAGS: 00010006 [ 132.451480] RAX: 0000000040000002 RBX: 0000000000000000 RCX: 0000000000000000 [ 132.451491] RDX: ffff888010441ac0 RSI: ffffffff81565dc7 RDI: 0000000000000005 [ 132.451502] RBP: ffff8880086605c8 R08: 0000000000000005 R09: 0000000000000001 [ 132.451513] R10: 0000000000000000 R11: ffffffff865b401b R12: ffff88800fb83000 [ 132.451525] R13: ffff88806ce3d2c0 R14: ffffffff8547d000 R15: 0000000000000002 [ 132.451541] ? group_sched_out.part.0+0x2c7/0x460 [ 132.451573] ? group_sched_out.part.0+0x2c7/0x460 [ 132.451604] ctx_sched_out+0x8f1/0xc10 [ 132.451632] __perf_event_task_sched_out+0x6d0/0x18d0 [ 132.451653] ? lock_is_held_type+0xd7/0x130 [ 132.451674] ? __perf_cgroup_move+0x160/0x160 [ 132.451690] ? set_next_entity+0x304/0x550 [ 132.451716] ? update_curr+0x267/0x740 [ 132.451743] ? lock_is_held_type+0xd7/0x130 [ 132.451764] __schedule+0xedd/0x2470 [ 132.451789] ? io_schedule_timeout+0x150/0x150 [ 132.451814] ? rcu_read_lock_sched_held+0x3e/0x80 [ 132.451844] schedule+0xda/0x1b0 [ 132.451866] exit_to_user_mode_prepare+0x114/0x1a0 [ 132.451885] syscall_exit_to_user_mode+0x19/0x40 [ 132.451905] do_syscall_64+0x48/0x90 [ 132.451931] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 132.451950] RIP: 0033:0x7f4d3e61cb19 [ 132.451963] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 132.451979] RSP: 002b:00007f4d3bb92218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 132.451994] RAX: 0000000000000001 RBX: 00007f4d3e72ff68 RCX: 00007f4d3e61cb19 [ 132.452005] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f4d3e72ff6c [ 132.452016] RBP: 00007f4d3e72ff60 R08: 000000000000000e R09: 0000000000000000 [ 132.452026] R10: 0000000000000004 R11: 0000000000000246 R12: 00007f4d3e72ff6c [ 132.452037] R13: 00007ffccadf281f R14: 00007f4d3bb92300 R15: 0000000000022000 [ 132.452056] [ 132.536349] WARNING: CPU: 0 PID: 3773 at kernel/events/core.c:2309 group_sched_out.part.0+0x2c7/0x460 [ 132.537412] Modules linked in: [ 132.537766] CPU: 0 PID: 3773 Comm: syz-executor.6 Not tainted 6.0.0-rc7-next-20220930 #1 [ 132.538650] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 132.539874] RIP: 0010:group_sched_out.part.0+0x2c7/0x460 [ 132.540498] Code: 5e 41 5f e9 8b ae ef ff e8 86 ae ef ff 65 8b 1d 0b 18 ac 7e 31 ff 89 de e8 26 ab ef ff 85 db 0f 84 8a 00 00 00 e8 69 ae ef ff <0f> 0b e9 a5 fe ff ff e8 5d ae ef ff 48 8d 7d 10 48 b8 00 00 00 00 [ 132.542487] RSP: 0018:ffff88803fb87c48 EFLAGS: 00010006 [ 132.543080] RAX: 0000000040000002 RBX: 0000000000000000 RCX: 0000000000000000 [ 132.543861] RDX: ffff888010441ac0 RSI: ffffffff81565dc7 RDI: 0000000000000005 [ 132.544618] RBP: ffff8880086605c8 R08: 0000000000000005 R09: 0000000000000001 [ 132.545378] R10: 0000000000000000 R11: ffffffff865b401b R12: ffff88800fb83000 [ 132.546136] R13: ffff88806ce3d2c0 R14: ffffffff8547d000 R15: 0000000000000002 [ 132.546910] FS: 00007f4d3bb92700(0000) GS:ffff88806ce00000(0000) knlGS:0000000000000000 [ 132.547795] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 132.548438] CR2: 00007f46be23dc00 CR3: 000000001773e000 CR4: 0000000000350ef0 [ 132.549221] Call Trace: [ 132.549512] [ 132.549761] ctx_sched_out+0x8f1/0xc10 [ 132.550221] __perf_event_task_sched_out+0x6d0/0x18d0 [ 132.550797] ? lock_is_held_type+0xd7/0x130 [ 132.551270] ? __perf_cgroup_move+0x160/0x160 [ 132.551764] ? set_next_entity+0x304/0x550 [ 132.552251] ? update_curr+0x267/0x740 [ 132.552720] ? lock_is_held_type+0xd7/0x130 [ 132.553201] __schedule+0xedd/0x2470 [ 132.553628] ? io_schedule_timeout+0x150/0x150 [ 132.554142] ? rcu_read_lock_sched_held+0x3e/0x80 [ 132.554670] schedule+0xda/0x1b0 [ 132.555055] exit_to_user_mode_prepare+0x114/0x1a0 [ 132.555593] syscall_exit_to_user_mode+0x19/0x40 [ 132.556124] do_syscall_64+0x48/0x90 [ 132.556578] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 132.557152] RIP: 0033:0x7f4d3e61cb19 [ 132.557561] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 132.559484] RSP: 002b:00007f4d3bb92218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 132.560318] RAX: 0000000000000001 RBX: 00007f4d3e72ff68 RCX: 00007f4d3e61cb19 [ 132.561092] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f4d3e72ff6c [ 132.561839] RBP: 00007f4d3e72ff60 R08: 000000000000000e R09: 0000000000000000 [ 132.562630] R10: 0000000000000004 R11: 0000000000000246 R12: 00007f4d3e72ff6c [ 132.563418] R13: 00007ffccadf281f R14: 00007f4d3bb92300 R15: 0000000000022000 [ 132.564203] [ 132.564476] irq event stamp: 3584 [ 132.564856] hardirqs last enabled at (3583): [] exit_to_user_mode_prepare+0x109/0x1a0 [ 132.565886] hardirqs last disabled at (3584): [] __schedule+0x1225/0x2470 [ 132.566769] softirqs last enabled at (3418): [] __irq_exit_rcu+0x11b/0x180 [ 132.567676] softirqs last disabled at (3411): [] __irq_exit_rcu+0x11b/0x180 [ 132.568598] ---[ end trace 0000000000000000 ]--- [ 132.795747] syz-executor.6: attempt to access beyond end of device [ 132.795747] loop6: rw=2049, sector=124, nr_sectors = 4 limit=40 [ 132.797006] Buffer I/O error on dev loop6, logical block 31, lost async page write [ 132.822842] syz-executor.6: attempt to access beyond end of device [ 132.822842] loop6: rw=2049, sector=124, nr_sectors = 4 limit=40 [ 132.823816] Buffer I/O error on dev loop6, logical block 31, lost async page write 18:18:09 executing program 6: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x11, 0xffffffffffffffff, 0xa015000) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x2, 0x0) pwrite64(r1, &(0x7f00000000c0)='9', 0x1, 0x8040000) ioctl$FS_IOC_FIEMAP(r1, 0xc020660b, &(0x7f0000000380)={0x0, 0x3ff}) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x11, 0xffffffffffffffff, 0xa015000) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r2, &(0x7f0000001180)=ANY=[], 0x220) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r2, r0, 0x0, 0xfffffdef) lstat(&(0x7f0000000000)='./file1\x00', &(0x7f0000000180)) [ 133.062812] loop7: detected capacity change from 0 to 264192 [ 133.064623] SELinux: security_context_str_to_sid (root) failed with errno=-22 [ 133.072378] loop7: detected capacity change from 0 to 264192 [ 133.073009] SELinux: security_context_str_to_sid (root) failed with errno=-22 [ 133.120985] loop6: detected capacity change from 0 to 40 18:18:09 executing program 7: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x11, 0xffffffffffffffff, 0xa015000) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x2, 0x0) pwrite64(r1, &(0x7f00000000c0)='9', 0x1, 0x8040000) ioctl$FS_IOC_FIEMAP(r1, 0xc020660b, &(0x7f0000000380)={0x0, 0x3ff}) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x11, 0xffffffffffffffff, 0xa015000) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r2, &(0x7f0000001180)=ANY=[], 0x220) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r2, r0, 0x0, 0xfffffdef) lstat(&(0x7f0000000000)='./file1\x00', &(0x7f0000000180)) [ 133.165351] loop7: detected capacity change from 0 to 40 [ 133.197544] syz-executor.6: attempt to access beyond end of device [ 133.197544] loop6: rw=2049, sector=124, nr_sectors = 4 limit=40 [ 133.199235] Buffer I/O error on dev loop6, logical block 31, lost async page write [ 133.236798] syz-executor.7: attempt to access beyond end of device [ 133.236798] loop7: rw=2049, sector=124, nr_sectors = 4 limit=40 [ 133.238284] Buffer I/O error on dev loop7, logical block 31, lost async page write 18:18:09 executing program 6: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x11, 0xffffffffffffffff, 0xa015000) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x2, 0x0) pwrite64(r1, &(0x7f00000000c0)='9', 0x1, 0x8040000) ioctl$FS_IOC_FIEMAP(r1, 0xc020660b, &(0x7f0000000380)={0x0, 0x3ff}) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x11, 0xffffffffffffffff, 0xa015000) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r2, &(0x7f0000001180)=ANY=[], 0x220) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r2, r0, 0x0, 0xfffffdef) lstat(&(0x7f0000000000)='./file1\x00', &(0x7f0000000180)) [ 133.328242] loop6: detected capacity change from 0 to 40 18:18:09 executing program 7: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x11, 0xffffffffffffffff, 0xa015000) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x2, 0x0) pwrite64(r1, &(0x7f00000000c0)='9', 0x1, 0x8040000) ioctl$FS_IOC_FIEMAP(r1, 0xc020660b, &(0x7f0000000380)={0x0, 0x3ff}) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x11, 0xffffffffffffffff, 0xa015000) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r2, &(0x7f0000001180)=ANY=[], 0x220) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r2, r0, 0x0, 0xfffffdef) lstat(&(0x7f0000000000)='./file1\x00', &(0x7f0000000180)) [ 133.344758] loop7: detected capacity change from 0 to 40 [ 133.392238] syz-executor.6: attempt to access beyond end of device [ 133.392238] loop6: rw=2049, sector=124, nr_sectors = 4 limit=40 [ 133.393334] Buffer I/O error on dev loop6, logical block 31, lost async page write [ 133.396537] syz-executor.7: attempt to access beyond end of device [ 133.396537] loop7: rw=2049, sector=124, nr_sectors = 4 limit=40 [ 133.397528] Buffer I/O error on dev loop7, logical block 31, lost async page write 18:18:09 executing program 6: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x11, 0xffffffffffffffff, 0xa015000) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x2, 0x0) pwrite64(r1, &(0x7f00000000c0)='9', 0x1, 0x8040000) ioctl$FS_IOC_FIEMAP(r1, 0xc020660b, &(0x7f0000000380)={0x0, 0x3ff}) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x11, 0xffffffffffffffff, 0xa015000) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r2, &(0x7f0000001180)=ANY=[], 0x220) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r2, r0, 0x0, 0xfffffdef) lstat(&(0x7f0000000000)='./file1\x00', &(0x7f0000000180)) [ 133.506536] loop6: detected capacity change from 0 to 40 18:18:09 executing program 7: syz_mount_image$ext4(0x0, &(0x7f00000000c0)='./file0/../file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) syz_mount_image$tmpfs(&(0x7f0000000200), &(0x7f0000000240)='./file0/../file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[]) mount(&(0x7f0000001440)=@loop={'/dev/loop', 0x0}, &(0x7f0000001480)='./file0\x00', &(0x7f00000014c0)='pstore\x00', 0x2048008, &(0x7f0000001500)='(\x00') setxattr$security_ima(&(0x7f0000001540)='./file1\x00', &(0x7f0000001580), &(0x7f00000015c0)=@ng={0x4, 0xb, "ea4abcedcc52f75b39abea6e6b1b2a72a0ce"}, 0x14, 0x1) recvmmsg$unix(0xffffffffffffffff, &(0x7f0000001100)=[{{&(0x7f0000000400), 0x6e, &(0x7f00000006c0)=[{&(0x7f0000000480)=""/59, 0x3b}, {&(0x7f00000004c0)=""/174, 0xae}, {&(0x7f0000000580)=""/187, 0xbb}, {&(0x7f0000000640)=""/124, 0x7c}], 0x4, &(0x7f0000000700)=[@cred={{0x1c}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0x0, 0x0}}}, @cred={{0x1c}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0xc0}}, {{&(0x7f00000007c0)=@abs, 0x6e, &(0x7f0000000980)=[{&(0x7f0000000840)=""/244, 0xf4}, {&(0x7f0000000940)=""/43, 0x2b}], 0x2, &(0x7f00000009c0)=[@cred={{0x1c}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}], 0x118}}, {{&(0x7f0000000b00)=@abs, 0x6e, &(0x7f0000000f40)=[{&(0x7f0000000b80)=""/158, 0x9e}, {&(0x7f0000000c40)=""/58, 0x3a}, {&(0x7f0000000c80)=""/132, 0x84}, {&(0x7f0000000d40)=""/53, 0x35}, {&(0x7f0000000d80)=""/181, 0xb5}, {&(0x7f0000000e40)=""/229, 0xe5}], 0x6, &(0x7f0000000fc0)=[@rights={{0x38, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x20, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0x118}}], 0x3, 0x22, 0x0) stat(&(0x7f0000000240)='./file0\x00', &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0}) setresuid(0x0, r1, 0x0) syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0/../file0\x00', 0x3, 0x4, &(0x7f0000000380)=[{&(0x7f0000000140)="3b8a4106426fa7ba3ad18a186f16896cf5fd4522", 0x14, 0x74db4df3}, {&(0x7f0000000180)="cb0116b4ce98e4d93c7f2c33bf1c8790d01136c47f15b766b0e3647d80666b08bb11be16ff46097c0f5038acf2f610d4bda8bce49e3ba147941bb0268c06e23ac28f5721d014", 0x46, 0xffffffff}, {&(0x7f00000011c0)="7ab44e77a34af5c7af853dd809a59aa5ee87498e80e8c7a91720c8f493cdf934a123b67bad3baa0ef6c045049ded9be27f70f1c7fe135ab7e1a3b11b68df3366c7088a71c558833b218c4d8f85c9f66fb8d6c5d2d0840d09307e5b4697c45879c68527ecc7817c1c993a58ef7ed58a8edfe6cc94e4989698e0ac72101078d537e66de3d54c1d536d985356aee8d35e580b3336e232ae443f98832754cc62d9e062f49159ddacf3adf46745e805b0e20279582ba3cda1bdd79caff0235413a37b82966d73f5c47ae4dd023a6615f2ef2d4d6aaf4afbb479036809bed80144b2f8b9de716d4bcaba56710182fcf8893cb50a5dbdb2e36cff86d81eac337e56eab981c05c", 0x103, 0x4}, {&(0x7f0000000300)="32d98a48a4494f9f65cff60ca7878bd75971b2a6626a43ea6db463bb1566739ee563dbe55fecddb023bfb65ae30390e0fc38ed7a15b7d258504ece21c829a8cc8c9013d6b81513d5c199ec99d6e32bbf94ed63bbebb1b50017ef7e3d0d487e79b70071f92839f51bc97d700a59f1965a94", 0x71, 0x40}], 0x0, &(0x7f0000001300)={[{@dmode={'dmode', 0x3d, 0x1}}, {@sbsector={'sbsector', 0x3d, 0x7}}, {@cruft}, {@unhide}, {@check_relaxed}, {@sbsector}, {@session={'session', 0x3d, 0x23}}, {}, {@map_off}, {@gid={'gid', 0x3d, r0}}], [{@smackfsfloor={'smackfsfloor', 0x3d, 'tmpfs\x00'}}, {@uid_gt={'uid>', r1}}, {@subj_user={'subj_user', 0x3d, '!*'}}, {@dont_hash}, {@appraise_type}, {@subj_role={'subj_role', 0x3d, 'tmpfs\x00'}}]}) mount_setattr(0xffffffffffffff9c, &(0x7f0000000040)='./file0/../file0\x00', 0x0, &(0x7f0000000080)={0x0, 0x0, 0x80000}, 0x20) [ 133.555609] loop7: detected capacity change from 0 to 264192 [ 133.566818] loop7: detected capacity change from 0 to 264192 [ 133.572252] syz-executor.6: attempt to access beyond end of device [ 133.572252] loop6: rw=2049, sector=124, nr_sectors = 4 limit=40 [ 133.573592] Buffer I/O error on dev loop6, logical block 31, lost async page write 18:18:09 executing program 6: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x11, 0xffffffffffffffff, 0xa015000) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x2, 0x0) pwrite64(r0, &(0x7f00000000c0)='9', 0x1, 0x8040000) ioctl$FS_IOC_FIEMAP(r0, 0xc020660b, &(0x7f0000000380)={0x0, 0x3ff}) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x11, 0xffffffffffffffff, 0xa015000) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) lstat(&(0x7f0000000000)='./file1\x00', &(0x7f0000000180)) [ 133.622153] loop6: detected capacity change from 0 to 40 [ 133.658676] kworker/u4:3: attempt to access beyond end of device [ 133.658676] loop6: rw=1, sector=124, nr_sectors = 4 limit=40 [ 133.659598] Buffer I/O error on dev loop6, logical block 31, lost async page write [ 135.977277] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 135.978542] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 135.980958] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 135.983612] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 135.986379] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 135.987562] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 135.992234] Bluetooth: hci1: HCI_REQ-0x0c1a [ 138.002059] Bluetooth: hci1: command 0x0409 tx timeout [ 138.002082] Bluetooth: hci2: Opcode 0x c03 failed: -110 [ 138.066055] Bluetooth: hci3: Opcode 0x c03 failed: -110 [ 138.129055] Bluetooth: hci5: Opcode 0x c03 failed: -110 [ 138.129125] Bluetooth: hci6: Opcode 0x c03 failed: -110 [ 138.130829] Bluetooth: hci4: Opcode 0x c03 failed: -110 [ 140.049083] Bluetooth: hci1: command 0x041b tx timeout [ 142.097145] Bluetooth: hci1: command 0x040f tx timeout [ 142.225172] Bluetooth: hci2: Opcode 0x c03 failed: -110 [ 142.289056] Bluetooth: hci3: Opcode 0x c03 failed: -110 [ 142.417063] Bluetooth: hci5: Opcode 0x c03 failed: -110 [ 142.417063] Bluetooth: hci4: Opcode 0x c03 failed: -110 VM DIAGNOSIS: 18:18:08 Registers: info registers vcpu 0 RAX=000000000000002e RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff823bb0f1 RDI=ffffffff8765a9a0 RBP=ffffffff8765a960 RSP=ffff88803fb87690 R8 =0000000000000001 R9 =000000000000000a R10=000000000000002e R11=0000000000000001 R12=000000000000002e R13=ffffffff8765a960 R14=0000000000000010 R15=ffffffff823bb0e0 RIP=ffffffff823bb149 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 00007f4d3bb92700 00000000 00000000 GS =0000 ffff88806ce00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007f46be23dc00 CR3=000000001773e000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 YMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM01=0000000000000000 0000000000000000 ffffffffffffffff ffffffffffffffff YMM02=0000000000000000 0000000000000000 ffffffffffffffff ffffffffffffffff YMM03=0000000000000000 0000000000000000 ffffffffffffffff ffffffffffffffff YMM04=0000000000000000 0000000000000000 ffffffffffffffff ffffffffffffffff YMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM06=0000000000000000 0000000000000000 0000000000000000 000000524f525245 YMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM08=0000000000000000 0000000000000000 0000000000000000 00524f5252450040 YMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 RAX=dffffc0000000000 RBX=1ffff11007fcbfab RCX=0000000000000000 RDX=1ffff11001c0c72b RSI=ffffffff8169b1ee RDI=ffff88800e063958 RBP=ffff88800e0638f0 RSP=ffff88803fe5fd10 R8 =0000000000000007 R9 =0000000000000000 R10=0000000000000000 R11=0000000000000001 R12=00007f117412b610 R13=00000000000001bf R14=0000000000000255 R15=ffff88803f9a8a00 RIP=ffffffff81460c30 RFL=00000202 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0000 0000000000000000 00000000 00000000 DS =0000 0000000000000000 00000000 00000000 FS =0000 0000000000000000 00000000 00000000 GS =0000 ffff88806cf00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007f117412b610 CR3=000000001b9f8000 CR4=00350ee0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 YMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM01=0000000000000000 0000000000000000 00362e6f732e6362 696c2f756e672d78 YMM02=0000000000000000 0000000000000000 ffff0000000000ff ffffffffffffffff YMM03=0000000000000000 0000000000000000 ffffffffffffffff ffffffffffffffff YMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000