Debian GNU/Linux 11 syzkaller ttyS0 Warning: Permanently added '[localhost]:10906' (ECDSA) to the list of known hosts. 2022/10/02 14:12:04 fuzzer started 2022/10/02 14:12:05 dialing manager at localhost:35095 syzkaller login: [ 36.764478] cgroup: Unknown subsys name 'net' [ 36.849879] cgroup: Unknown subsys name 'rlimit' 2022/10/02 14:12:18 syscalls: 2215 2022/10/02 14:12:18 code coverage: enabled 2022/10/02 14:12:18 comparison tracing: enabled 2022/10/02 14:12:18 extra coverage: enabled 2022/10/02 14:12:18 setuid sandbox: enabled 2022/10/02 14:12:18 namespace sandbox: enabled 2022/10/02 14:12:18 Android sandbox: enabled 2022/10/02 14:12:18 fault injection: enabled 2022/10/02 14:12:18 leak checking: enabled 2022/10/02 14:12:18 net packet injection: enabled 2022/10/02 14:12:18 net device setup: enabled 2022/10/02 14:12:18 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2022/10/02 14:12:18 devlink PCI setup: PCI device 0000:00:10.0 is not available 2022/10/02 14:12:18 USB emulation: enabled 2022/10/02 14:12:18 hci packet injection: enabled 2022/10/02 14:12:18 wifi device emulation: failed to parse kernel version (6.0.0-rc7-next-20220930) 2022/10/02 14:12:18 802.15.4 emulation: enabled 2022/10/02 14:12:18 fetching corpus: 50, signal 29239/31019 (executing program) 2022/10/02 14:12:18 fetching corpus: 100, signal 40336/43735 (executing program) 2022/10/02 14:12:18 fetching corpus: 150, signal 47617/52567 (executing program) 2022/10/02 14:12:18 fetching corpus: 200, signal 57994/64317 (executing program) 2022/10/02 14:12:18 fetching corpus: 250, signal 62078/69841 (executing program) 2022/10/02 14:12:18 fetching corpus: 300, signal 64016/73246 (executing program) 2022/10/02 14:12:18 fetching corpus: 350, signal 69235/79761 (executing program) 2022/10/02 14:12:19 fetching corpus: 400, signal 72798/84649 (executing program) 2022/10/02 14:12:19 fetching corpus: 450, signal 75521/88724 (executing program) 2022/10/02 14:12:19 fetching corpus: 500, signal 79105/93478 (executing program) 2022/10/02 14:12:19 fetching corpus: 550, signal 82446/97954 (executing program) 2022/10/02 14:12:19 fetching corpus: 600, signal 85685/102333 (executing program) 2022/10/02 14:12:19 fetching corpus: 650, signal 88094/105904 (executing program) 2022/10/02 14:12:19 fetching corpus: 700, signal 93906/112559 (executing program) 2022/10/02 14:12:20 fetching corpus: 750, signal 98600/118099 (executing program) 2022/10/02 14:12:20 fetching corpus: 800, signal 102690/123009 (executing program) 2022/10/02 14:12:20 fetching corpus: 850, signal 104648/125973 (executing program) 2022/10/02 14:12:20 fetching corpus: 900, signal 106844/129099 (executing program) 2022/10/02 14:12:20 fetching corpus: 950, signal 109195/132367 (executing program) 2022/10/02 14:12:20 fetching corpus: 1000, signal 111090/135202 (executing program) 2022/10/02 14:12:20 fetching corpus: 1050, signal 112693/137748 (executing program) 2022/10/02 14:12:20 fetching corpus: 1100, signal 115406/141278 (executing program) 2022/10/02 14:12:20 fetching corpus: 1150, signal 118373/144899 (executing program) 2022/10/02 14:12:20 fetching corpus: 1200, signal 119157/146699 (executing program) 2022/10/02 14:12:21 fetching corpus: 1250, signal 120148/148643 (executing program) 2022/10/02 14:12:21 fetching corpus: 1300, signal 121423/150825 (executing program) 2022/10/02 14:12:21 fetching corpus: 1350, signal 123408/153587 (executing program) 2022/10/02 14:12:21 fetching corpus: 1400, signal 125501/156432 (executing program) 2022/10/02 14:12:21 fetching corpus: 1450, signal 126635/158424 (executing program) 2022/10/02 14:12:21 fetching corpus: 1500, signal 127906/160513 (executing program) 2022/10/02 14:12:21 fetching corpus: 1550, signal 129308/162687 (executing program) 2022/10/02 14:12:21 fetching corpus: 1600, signal 131315/165290 (executing program) 2022/10/02 14:12:21 fetching corpus: 1650, signal 132638/167392 (executing program) 2022/10/02 14:12:22 fetching corpus: 1700, signal 133707/169237 (executing program) 2022/10/02 14:12:22 fetching corpus: 1750, signal 135127/171369 (executing program) 2022/10/02 14:12:22 fetching corpus: 1800, signal 136103/173111 (executing program) 2022/10/02 14:12:22 fetching corpus: 1850, signal 137279/175044 (executing program) 2022/10/02 14:12:22 fetching corpus: 1900, signal 137853/176494 (executing program) 2022/10/02 14:12:22 fetching corpus: 1950, signal 139495/178652 (executing program) 2022/10/02 14:12:22 fetching corpus: 2000, signal 140220/180166 (executing program) 2022/10/02 14:12:22 fetching corpus: 2050, signal 141051/181778 (executing program) 2022/10/02 14:12:22 fetching corpus: 2100, signal 142073/183487 (executing program) 2022/10/02 14:12:23 fetching corpus: 2150, signal 143666/185573 (executing program) 2022/10/02 14:12:23 fetching corpus: 2200, signal 145666/187881 (executing program) 2022/10/02 14:12:23 fetching corpus: 2250, signal 147823/190271 (executing program) 2022/10/02 14:12:23 fetching corpus: 2300, signal 150137/192778 (executing program) 2022/10/02 14:12:23 fetching corpus: 2350, signal 150991/194232 (executing program) 2022/10/02 14:12:23 fetching corpus: 2400, signal 151679/195607 (executing program) 2022/10/02 14:12:23 fetching corpus: 2450, signal 152220/196889 (executing program) 2022/10/02 14:12:23 fetching corpus: 2500, signal 153181/198439 (executing program) 2022/10/02 14:12:24 fetching corpus: 2550, signal 154524/200279 (executing program) 2022/10/02 14:12:24 fetching corpus: 2600, signal 155505/201757 (executing program) 2022/10/02 14:12:24 fetching corpus: 2650, signal 156126/203049 (executing program) 2022/10/02 14:12:24 fetching corpus: 2700, signal 157369/204716 (executing program) 2022/10/02 14:12:24 fetching corpus: 2750, signal 158310/206185 (executing program) 2022/10/02 14:12:24 fetching corpus: 2800, signal 158948/207439 (executing program) 2022/10/02 14:12:24 fetching corpus: 2850, signal 159620/208668 (executing program) 2022/10/02 14:12:24 fetching corpus: 2900, signal 160546/210004 (executing program) 2022/10/02 14:12:24 fetching corpus: 2950, signal 162259/211818 (executing program) 2022/10/02 14:12:25 fetching corpus: 3000, signal 162916/213019 (executing program) 2022/10/02 14:12:25 fetching corpus: 3050, signal 164419/214676 (executing program) 2022/10/02 14:12:25 fetching corpus: 3100, signal 165105/215890 (executing program) 2022/10/02 14:12:25 fetching corpus: 3150, signal 165774/217044 (executing program) 2022/10/02 14:12:25 fetching corpus: 3200, signal 166560/218309 (executing program) 2022/10/02 14:12:25 fetching corpus: 3250, signal 167004/219354 (executing program) 2022/10/02 14:12:25 fetching corpus: 3300, signal 167726/220530 (executing program) 2022/10/02 14:12:25 fetching corpus: 3350, signal 168562/221737 (executing program) 2022/10/02 14:12:26 fetching corpus: 3400, signal 169540/223036 (executing program) 2022/10/02 14:12:26 fetching corpus: 3450, signal 172078/225155 (executing program) 2022/10/02 14:12:26 fetching corpus: 3500, signal 172895/226259 (executing program) 2022/10/02 14:12:26 fetching corpus: 3550, signal 173608/227360 (executing program) 2022/10/02 14:12:26 fetching corpus: 3600, signal 174666/228614 (executing program) 2022/10/02 14:12:26 fetching corpus: 3650, signal 175260/229684 (executing program) 2022/10/02 14:12:26 fetching corpus: 3700, signal 175950/230747 (executing program) 2022/10/02 14:12:26 fetching corpus: 3750, signal 176365/231677 (executing program) 2022/10/02 14:12:26 fetching corpus: 3800, signal 176836/232637 (executing program) 2022/10/02 14:12:27 fetching corpus: 3850, signal 177561/233778 (executing program) 2022/10/02 14:12:27 fetching corpus: 3900, signal 178165/234817 (executing program) 2022/10/02 14:12:27 fetching corpus: 3950, signal 179060/236040 (executing program) 2022/10/02 14:12:27 fetching corpus: 4000, signal 179494/236956 (executing program) 2022/10/02 14:12:27 fetching corpus: 4050, signal 180314/238052 (executing program) 2022/10/02 14:12:27 fetching corpus: 4100, signal 181074/239076 (executing program) 2022/10/02 14:12:27 fetching corpus: 4150, signal 181795/240116 (executing program) 2022/10/02 14:12:27 fetching corpus: 4200, signal 182876/241308 (executing program) 2022/10/02 14:12:28 fetching corpus: 4250, signal 183728/242333 (executing program) 2022/10/02 14:12:28 fetching corpus: 4300, signal 184616/243360 (executing program) 2022/10/02 14:12:28 fetching corpus: 4350, signal 185404/244295 (executing program) 2022/10/02 14:12:28 fetching corpus: 4400, signal 186229/245243 (executing program) 2022/10/02 14:12:28 fetching corpus: 4450, signal 187152/246240 (executing program) 2022/10/02 14:12:28 fetching corpus: 4500, signal 187622/247108 (executing program) 2022/10/02 14:12:28 fetching corpus: 4550, signal 188349/248035 (executing program) 2022/10/02 14:12:28 fetching corpus: 4600, signal 188993/248865 (executing program) 2022/10/02 14:12:28 fetching corpus: 4650, signal 189991/249830 (executing program) 2022/10/02 14:12:28 fetching corpus: 4700, signal 190657/250709 (executing program) 2022/10/02 14:12:29 fetching corpus: 4750, signal 191168/251508 (executing program) 2022/10/02 14:12:29 fetching corpus: 4800, signal 191835/252357 (executing program) 2022/10/02 14:12:29 fetching corpus: 4850, signal 192680/253210 (executing program) 2022/10/02 14:12:29 fetching corpus: 4900, signal 193722/254219 (executing program) 2022/10/02 14:12:29 fetching corpus: 4950, signal 194266/254972 (executing program) 2022/10/02 14:12:29 fetching corpus: 4996, signal 194783/255739 (executing program) 2022/10/02 14:12:29 fetching corpus: 4996, signal 194783/256329 (executing program) 2022/10/02 14:12:29 fetching corpus: 4996, signal 194783/256933 (executing program) 2022/10/02 14:12:29 fetching corpus: 4996, signal 194783/257532 (executing program) 2022/10/02 14:12:29 fetching corpus: 4996, signal 194783/258153 (executing program) 2022/10/02 14:12:29 fetching corpus: 4996, signal 194783/258770 (executing program) 2022/10/02 14:12:29 fetching corpus: 4996, signal 194783/259363 (executing program) 2022/10/02 14:12:29 fetching corpus: 4996, signal 194783/259979 (executing program) 2022/10/02 14:12:29 fetching corpus: 4996, signal 194783/260554 (executing program) 2022/10/02 14:12:29 fetching corpus: 4996, signal 194783/261151 (executing program) 2022/10/02 14:12:29 fetching corpus: 4996, signal 194783/261749 (executing program) 2022/10/02 14:12:29 fetching corpus: 4996, signal 194783/262346 (executing program) 2022/10/02 14:12:29 fetching corpus: 4996, signal 194783/262952 (executing program) 2022/10/02 14:12:29 fetching corpus: 4996, signal 194783/263601 (executing program) 2022/10/02 14:12:29 fetching corpus: 4996, signal 194783/264219 (executing program) 2022/10/02 14:12:29 fetching corpus: 4996, signal 194783/264851 (executing program) 2022/10/02 14:12:29 fetching corpus: 4996, signal 194783/265449 (executing program) 2022/10/02 14:12:29 fetching corpus: 4996, signal 194783/266059 (executing program) 2022/10/02 14:12:29 fetching corpus: 4996, signal 194783/266690 (executing program) 2022/10/02 14:12:29 fetching corpus: 4996, signal 194783/267280 (executing program) 2022/10/02 14:12:29 fetching corpus: 4996, signal 194783/267881 (executing program) 2022/10/02 14:12:29 fetching corpus: 4996, signal 194783/268460 (executing program) 2022/10/02 14:12:29 fetching corpus: 4996, signal 194783/269102 (executing program) 2022/10/02 14:12:29 fetching corpus: 4996, signal 194783/269737 (executing program) 2022/10/02 14:12:29 fetching corpus: 4996, signal 194783/270361 (executing program) 2022/10/02 14:12:29 fetching corpus: 4996, signal 194783/270977 (executing program) 2022/10/02 14:12:29 fetching corpus: 4996, signal 194783/271595 (executing program) 2022/10/02 14:12:29 fetching corpus: 4996, signal 194783/272201 (executing program) 2022/10/02 14:12:29 fetching corpus: 4996, signal 194783/272803 (executing program) 2022/10/02 14:12:29 fetching corpus: 4996, signal 194783/273383 (executing program) 2022/10/02 14:12:30 fetching corpus: 4996, signal 194783/274004 (executing program) 2022/10/02 14:12:30 fetching corpus: 4996, signal 194783/274614 (executing program) 2022/10/02 14:12:30 fetching corpus: 4996, signal 194783/275201 (executing program) 2022/10/02 14:12:30 fetching corpus: 4996, signal 194783/275814 (executing program) 2022/10/02 14:12:30 fetching corpus: 4996, signal 194783/276397 (executing program) 2022/10/02 14:12:30 fetching corpus: 4996, signal 194783/277011 (executing program) 2022/10/02 14:12:30 fetching corpus: 4996, signal 194783/277624 (executing program) 2022/10/02 14:12:30 fetching corpus: 4996, signal 194783/278233 (executing program) 2022/10/02 14:12:30 fetching corpus: 4996, signal 194783/278704 (executing program) 2022/10/02 14:12:30 fetching corpus: 4996, signal 194783/278704 (executing program) 2022/10/02 14:12:33 starting 8 fuzzer processes 14:12:33 executing program 0: r0 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$IPVS_CMD_SET_SERVICE(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000180)={&(0x7f0000000080)={0xdc, r0, 0x4, 0x70bd2b, 0x25dfdbfb, {}, [@IPVS_CMD_ATTR_DEST={0x1c, 0x2, 0x0, 0x1, [@IPVS_DEST_ATTR_PORT={0x6, 0x2, 0x4e21}, @IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x30ea}, @IPVS_DEST_ATTR_PORT={0x6, 0x2, 0x4e23}]}, @IPVS_CMD_ATTR_SERVICE={0xc, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_PROTOCOL={0x6, 0x2, 0x3b}]}, @IPVS_CMD_ATTR_SERVICE={0x1c, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_AF={0x6, 0x1, 0x2}, @IPVS_SVC_ATTR_PE_NAME={0x8}, @IPVS_SVC_ATTR_SCHED_NAME={0x8, 0x6, 'wlc\x00'}]}, @IPVS_CMD_ATTR_DEST={0x24, 0x2, 0x0, 0x1, [@IPVS_DEST_ATTR_ACTIVE_CONNS={0x8, 0x7, 0x7}, @IPVS_DEST_ATTR_U_THRESH={0x8, 0x5, 0x1ff}, @IPVS_DEST_ATTR_INACT_CONNS={0x8, 0x8, 0xffffffff}, @IPVS_DEST_ATTR_L_THRESH={0x8, 0x6, 0xe}]}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0xa92}, @IPVS_CMD_ATTR_SERVICE={0x20, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x14, 0x30}}, @IPVS_SVC_ATTR_TIMEOUT={0x8}, @IPVS_SVC_ATTR_PORT={0x6, 0x4, 0x4e23}]}, @IPVS_CMD_ATTR_SERVICE={0x38, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_FWMARK={0x8, 0x5, 0x2}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv6=@local}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0xa}, @IPVS_SVC_ATTR_SCHED_NAME={0x7, 0x6, 'nq\x00'}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0xa}]}]}, 0xdc}, 0x1, 0x0, 0x0, 0x24008014}, 0x200408c0) sendmsg$SEG6_CMD_DUMPHMAC(0xffffffffffffffff, &(0x7f00000002c0)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000280)={&(0x7f0000000240)={0x28, 0x0, 0x2, 0x70bd27, 0x25dfdbfe, {}, [@SEG6_ATTR_SECRET={0x14, 0x4, [0x6, 0xffffffc0, 0x5, 0x8]}]}, 0x28}, 0x1, 0x0, 0x0, 0x4044801}, 0x800) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000340)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_VENDOR(0xffffffffffffffff, &(0x7f0000000440)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000400)={&(0x7f0000000380)={0x64, 0x0, 0x800, 0x70bd27, 0x25dfdbfd, {{}, {@void, @val={0x8, 0x3, r1}, @void}}, [@NL80211_ATTR_VENDOR_DATA={0x2e, 0xc5, "9c9df8bd92a422ea16e50b663dcd6173c5d424497f7b6e3649b6d1d57c699fb35a37e34ca0c1d5de3e3c"}, @NL80211_ATTR_VENDOR_SUBCMD={0x8, 0xc4, 0x200}, @NL80211_ATTR_VENDOR_ID={0x8, 0xc3, 0x8}, @NL80211_ATTR_VENDOR_ID={0x8, 0xc3, 0x93da}]}, 0x64}, 0x1, 0x0, 0x0, 0x800}, 0x44) sendmsg$IPVS_CMD_GET_CONFIG(0xffffffffffffffff, &(0x7f0000000580)={&(0x7f0000000480)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000540)={&(0x7f00000004c0)={0x54, 0x0, 0x400, 0x70bd2b, 0x25dfdbfe, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0xfffffffd}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0xbd}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x1f}, @IPVS_CMD_ATTR_DEST={0x28, 0x2, 0x0, 0x1, [@IPVS_DEST_ATTR_ADDR={0x14, 0x1, @ipv6=@initdev={0xfe, 0x88, '\x00', 0x1, 0x0}}, @IPVS_DEST_ATTR_INACT_CONNS={0x8, 0x8, 0x8}, @IPVS_DEST_ATTR_TUN_TYPE={0x5}]}]}, 0x54}, 0x1, 0x0, 0x0, 0x44000}, 0x24000000) sendmsg$NL80211_CMD_CHANNEL_SWITCH(0xffffffffffffffff, &(0x7f0000000cc0)={&(0x7f00000005c0)={0x10, 0x0, 0x0, 0x440040}, 0xc, &(0x7f0000000c80)={&(0x7f0000000600)={0x658, 0x0, 0x800, 0x70bd2b, 0x25dfdbff, {{}, {@val={0x8, 0x3, r1}, @val={0xc, 0x99, {0x6, 0x3b}}}}, [@chandef_params=[@NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0xe}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0xa}, @NL80211_ATTR_CHANNEL_WIDTH={0x8}, @NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x4aa}, @NL80211_ATTR_WIPHY_CHANNEL_TYPE={0x8, 0x27, 0x1}, @NL80211_ATTR_WIPHY_CHANNEL_TYPE={0x8, 0x27, 0x1}, @NL80211_ATTR_WIPHY_CHANNEL_TYPE={0x8, 0x27, 0x3}, @NL80211_ATTR_CHANNEL_WIDTH={0x8, 0x9f, 0x7}, @NL80211_ATTR_WIPHY_FREQ_OFFSET={0x8, 0x122, 0x155}], @NL80211_ATTR_CSA_IES={0x578, 0xb9, 0x0, 0x1, [@NL80211_ATTR_CSA_C_OFF_PRESP={0xa, 0xbb, [0x101, 0x8, 0x4]}, @NL80211_ATTR_CSA_C_OFF_PRESP={0xe, 0xbb, [0xdae, 0x7, 0x8000, 0x8001, 0xf0]}, @beacon_params=[@NL80211_ATTR_BEACON_TAIL={0x10e, 0xf, [@random={0xff, 0xea, "5b7ba6e7f8406da73ccd970c6b958247fc0964519288cb5d0879781115553cef711d5094d74f77ad899adc32a1d2f671a7faf99dff040538366c88ddf9c89a7bacaac240d2a8cbfe7d18fd75a53f88445d58e420e719a5a6c8b81c562edf989c07b72989295e20246c1a6eb193c74c0177a2c1efc22ebb30d0e9d968b2f9a933396c7c29cab257fdf46bb88029426e083dc88f2908299bc877f16d5c56eb84129a0815f902e10c9911bd16c0b08810bdc87cd5fcdf9b20b616a7c50b31a42e8777f9cae115e5fab84547150cf9acb4487853d51aaf3a03f803b5cee63ae470eb35f9d234d36bd72336ee"}, @ssid={0x0, 0x14, @random="dbe0037b909abbb52bad0c1166ef0f4d7a82d00c"}, @mesh_chsw={0x76, 0x6, {0x1f, 0x6, 0x3c, 0x48}}]}, @NL80211_ATTR_FTM_RESPONDER={0x18, 0x10e, 0x0, 0x1, [@NL80211_FTM_RESP_ATTR_ENABLED={0x4}, @NL80211_FTM_RESP_ATTR_ENABLED={0x4}, @NL80211_FTM_RESP_ATTR_CIVICLOC={0xb, 0x3, "75805e8cae9910"}]}, @NL80211_ATTR_IE={0xc, 0x2a, [@cf={0x4, 0x6, {0x81, 0xff, 0x82, 0x1}}]}], @NL80211_ATTR_CSA_C_OFF_PRESP={0xe, 0xbb, [0x8000, 0x0, 0x1ff, 0x1, 0x6]}, @beacon_params=[@NL80211_ATTR_FTM_RESPONDER={0x38, 0x10e, 0x0, 0x1, [@NL80211_FTM_RESP_ATTR_CIVICLOC={0x33, 0x3, "be1ed8856df6fc62127787d8e6cf57a5cdd13d4249ac6c5618eafa164b8a4633ae383e847195bec670e35713ef9311"}]}, @NL80211_ATTR_FTM_RESPONDER={0x88, 0x10e, 0x0, 0x1, [@NL80211_FTM_RESP_ATTR_CIVICLOC={0x81, 0x3, "d43dae8613e0cb14bc3028637daad49884f19c4e8fc388688db9f8507a7172d43b4874cdb1ae8eee8177bf61bdba1f514475f5d45fe741ab9fbb36df1d22fd1acbbf5505d1e2a8da112a88decd04319b1bd9ff78d14f17ff00e8c5b096d569f192addb92727e13060968cd54a60deebe6b91455b0145faf398f1b1227b"}]}, @NL80211_ATTR_IE_ASSOC_RESP={0x10b, 0x80, [@ht={0x2d, 0x1a, {0x1000, 0x2, 0x0, 0x0, {0x1, 0x3, 0x0, 0xdf, 0x0, 0x1, 0x0, 0x3}, 0x800, 0x7fff, 0x6}}, @mesh_config={0x71, 0x7, {0x0, 0x1, 0x0, 0x1, 0x1, 0x7, 0x1}}, @chsw_timing={0x68, 0x4, {0x9, 0x5}}, @perr={0x84, 0x3c, {0xe0, 0x4, [@not_ext={{}, @device_b, 0xd530, "", 0x23}, @not_ext={{}, @device_a, 0x2f4, "", 0x28}, @ext={{}, @device_b, 0x2, @device_a, 0x29}, @not_ext={{}, @broadcast, 0xc8, "", 0x3c}]}}, @challenge={0x10, 0x1, 0xa6}, @measure_req={0x26, 0x99, {0x7a, 0x9, 0x20, "908eaf38a8bad43e27c78c5ade827d8faa06f1743a77803f713130ec6a26848d5372ca3b3229ac623e1d695e36dc6e82bccbd120ce7b6188cd8eb602a20f3809d3c0de6aceab74d0ceb56c33df5249177b30685106ad45f67b25fdc6cc0ef4370e0cee0f60e8a8f5aa86f993268a88e6d857a93b5fd04c726c756b0495edef69cb7c7c457760c482c1c015dd3a4c90cd67f8afc08b24"}}]}, @NL80211_ATTR_BEACON_TAIL={0x21d, 0xf, [@erp={0x2a, 0x1, {0x0, 0x1, 0x1}}, @mesh_chsw={0x76, 0x6, {0x7d, 0x0, 0x16, 0x3}}, @tim={0x5, 0xf4, {0x0, 0x19, 0x5, "bd58f55028a6608dfb3ddbaa3246e36ca7bc50a127f89e54a6a7904b866893e759f65ca17f4aa4114e873f39df2f74f5a5696348f01b444c0965c9f8ac756b83cc16490419404038affb4b676a0fd667811cd1eb234a43a78a6d3e8a9138fb8f0b192e93e615aa72b358e7ab1f464db0a0cc8e9ec753a50e72c5528c45601ef3e4d5bed50134f957053a9cf99762ae8af06ebeee78ee8a43cc5b0b86c0675ee97d04424567ed912709ed14bdacd85060a69f0abece279dceccaed8638bb2302800450baf28f2d90c27b6869ff77fe56b6489a924f3dab336ff144ec172f66c2a35281c680d52c101664d69b4c5626ba412"}}, @mesh_config={0x71, 0x7, {0x1, 0x0, 0x0, 0x0, 0x1, 0x8, 0x48}}, @ext_channel_switch={0x3c, 0x4, {0x0, 0x6, 0xb3, 0x1}}, @channel_switch={0x25, 0x3, {0x1, 0xe, 0x6}}, @supported_rates={0x1, 0x3, [{0x24}, {0x3, 0x1}, {0x16}]}, @random={0x7f, 0xf5, "992dfb9bc88f50634d872fc45a68a2e9369c21fefb461a9f45bb702f9d587fc4a35df7afd67117a220bc205b2915fc7cddb697963eaf6cca9d06e6627822d6704ef3db0de2390e611def5ca1accd0730718fab19a60f0083ffde6c79ea02720a553c8f078d4d3c75609061507632e812c143ed23afa91aeb17b12ebc43f295399a590f88c88512d5d8197e772c7bdafa399964340bd2f7c98764296bc181160873801e714a864483741564a0553ffcffb25fd5819715be03cee293c853c85deecc14a16a6c410939c3718464d14eddb6818d4e6f70ca43218cb7216b5d2479cd3bd124ee313cd11c42e52fe8f602066ec7d797f071"}, @mesh_chsw={0x76, 0x6, {0x1, 0x6, 0x12, 0xce}}]}], @NL80211_ATTR_CSA_C_OFF_PRESP={0x12, 0xbb, [0x401, 0x8, 0x4, 0xfff7, 0xfff9, 0x1808, 0xf001]}, @NL80211_ATTR_CSA_C_OFF_PRESP={0xc, 0xbb, [0x4, 0x2ce, 0x3, 0xa3]}, @NL80211_ATTR_CSA_C_OFF_PRESP={0x6, 0xbb, [0x3e00]}]}, @chandef_params=[@NL80211_ATTR_WIPHY_CHANNEL_TYPE={0x8, 0x27, 0x3}, @NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0xd}, @NL80211_ATTR_CHANNEL_WIDTH={0x8, 0x9f, 0x6}, @NL80211_ATTR_WIPHY_FREQ={0x8, 0x26, @random=0x16d5}, @NL80211_ATTR_CHANNEL_WIDTH={0x8, 0x9f, 0x5}, @NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x9}, @NL80211_ATTR_WIPHY_FREQ_OFFSET={0x8, 0x122, 0x163}, @NL80211_ATTR_WIPHY_FREQ_OFFSET={0x8, 0x122, 0xe}], @NL80211_ATTR_CSA_IES={0x10, 0xb9, 0x0, 0x1, [@NL80211_ATTR_CSA_C_OFF_BEACON={0xc, 0xba, [0xfffa, 0x2, 0x3c40, 0x8]}]}, @chandef_params=[@NL80211_ATTR_CENTER_FREQ2={0x8}, @NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0x9}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x37}, @NL80211_ATTR_WIPHY_FREQ_OFFSET={0x8, 0x122, 0x1f}]]}, 0x658}, 0x1, 0x0, 0x0, 0x4000001}, 0x0) sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000000dc0)={&(0x7f0000000d00)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000d80)={&(0x7f0000000d40)={0x2c, 0xc, 0x1, 0x5, 0x70bd29, 0x25dfdbff, {0x1, 0x0, 0xa}, [@typed={0xc, 0x50, 0x0, 0x0, @u64=0xffffffff}, @nested={0xc, 0x60, 0x0, 0x1, [@typed={0x8, 0x8a, 0x0, 0x0, @str='wlc\x00'}]}]}, 0x2c}, 0x1, 0x0, 0x0, 0x4040080}, 0x4c000) sendmsg$IPCTNL_MSG_TIMEOUT_DELETE(0xffffffffffffffff, &(0x7f0000000f00)={&(0x7f0000000e00)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000ec0)={&(0x7f0000000e40)={0x80, 0x2, 0x8, 0xf53ce562b6b259f5, 0x0, 0x0, {0x7, 0x0, 0x5}, [@CTA_TIMEOUT_L4PROTO={0x5, 0x3, 0x11}, @CTA_TIMEOUT_NAME={0x9, 0x1, 'syz1\x00'}, @CTA_TIMEOUT_DATA={0x4, 0x4, 0x0, 0x1, @sctp}, @CTA_TIMEOUT_L4PROTO={0x5, 0x3, 0x21}, @CTA_TIMEOUT_DATA={0x14, 0x4, 0x0, 0x1, @udp=[@CTA_TIMEOUT_UDP_REPLIED={0x8, 0x2, 0x1, 0x0, 0x1}, @CTA_TIMEOUT_UDP_UNREPLIED={0x8, 0x1, 0x1, 0x0, 0x8}]}, @CTA_TIMEOUT_DATA={0x1c, 0x4, 0x0, 0x1, @icmpv6=[@CTA_TIMEOUT_ICMPV6_TIMEOUT={0x8}, @CTA_TIMEOUT_ICMPV6_TIMEOUT={0x8, 0x1, 0x1, 0x0, 0x3}, @CTA_TIMEOUT_ICMPV6_TIMEOUT={0x8, 0x1, 0x1, 0x0, 0x4}]}, @CTA_TIMEOUT_L3PROTO={0x6, 0x2, 0x1, 0x0, 0x88fb}, @CTA_TIMEOUT_L3PROTO={0x6, 0x2, 0x1, 0x0, 0x3}, @CTA_TIMEOUT_NAME={0x9, 0x1, 'syz0\x00'}]}, 0x80}, 0x1, 0x0, 0x0, 0x10000000}, 0x1) sendmsg$NFQNL_MSG_VERDICT_BATCH(0xffffffffffffffff, &(0x7f0000001000)={&(0x7f0000000f40)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000fc0)={&(0x7f0000000f80)={0x28, 0x3, 0x3, 0x401, 0x0, 0x0, {0xa, 0x0, 0x8}, [@NFQA_MARK={0x8, 0x3, 0x1, 0x0, 0x10000}, @NFQA_VERDICT_HDR={0xc, 0x2, {0xfffffffffffffffc, 0x9}}]}, 0x28}, 0x1, 0x0, 0x0, 0x4000010}, 0x20008004) sendmsg$NL80211_CMD_GET_POWER_SAVE(0xffffffffffffffff, &(0x7f0000001100)={&(0x7f0000001040)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f00000010c0)={&(0x7f0000001080)={0x14, 0x0, 0x800, 0x70bd2b, 0x25dfdbff, {{}, {@void, @void}}, ["", "", "", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x4010}, 0x4000000) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000001180), 0xffffffffffffffff) sendmsg$NL80211_CMD_TRIGGER_SCAN(0xffffffffffffffff, &(0x7f00000012c0)={&(0x7f0000001140)={0x10, 0x0, 0x0, 0x4004080}, 0xc, &(0x7f0000001280)={&(0x7f00000011c0)={0x88, r2, 0x102, 0x70bd27, 0x25dfdbfb, {{}, {@val={0x8, 0x3, r1}, @val={0xc, 0x99, {0x1, 0xd}}}}, [@NL80211_ATTR_MEASUREMENT_DURATION_MANDATORY={0x4}, @NL80211_ATTR_SCAN_SSIDS={0x4}, @NL80211_ATTR_BG_SCAN_PERIOD={0x6, 0x98, 0x8001}, @NL80211_ATTR_SCHED_SCAN_INTERVAL={0x8, 0x77, 0x8}, @NL80211_ATTR_BSSID={0xa, 0xf5, @from_mac=@broadcast}, @NL80211_ATTR_IE={0x3a, 0x2a, [@gcr_ga={0xbd, 0x6, @broadcast}, @ht={0x2d, 0x1a, {0x2, 0x3, 0x2, 0x0, {0x6, 0x8, 0x0, 0x81, 0x0, 0x1, 0x1, 0x1}, 0x400, 0x9, 0x81}}, @ibss={0x6, 0x2, 0x7}, @ssid={0x0, 0x6, @default_ibss_ssid}, @ext_channel_switch={0x3c, 0x4, {0x0, 0xeb, 0xa5, 0x17}}]}]}, 0x88}, 0x1, 0x0, 0x0, 0x4090}, 0xcfc668082cb9ca15) pipe(&(0x7f0000001340)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000001300), r4) getsockopt$SO_TIMESTAMPING(r3, 0x1, 0x41, &(0x7f0000001380), &(0x7f00000013c0)=0x4) sendmsg$NL80211_CMD_STOP_P2P_DEVICE(r3, &(0x7f00000014c0)={&(0x7f0000001400)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000001480)={&(0x7f0000001440)={0x1c, r5, 0x400, 0x70bd25, 0x25dfdbfb, {{}, {@val={0x8, 0x3, r1}, @void}}, ["", "", "", "", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x24008000}, 0x4) r6 = syz_genetlink_get_family_id$ipvs(&(0x7f0000001540), r4) sendmsg$IPVS_CMD_FLUSH(r3, &(0x7f0000001640)={&(0x7f0000001500)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000001600)={&(0x7f0000001580)={0x7c, r6, 0x224, 0x70bd28, 0x25dfdbfd, {}, [@IPVS_CMD_ATTR_SERVICE={0x34, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_NETMASK={0x8, 0x9, 0x7b}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x6b0}, @IPVS_SVC_ATTR_NETMASK={0x8, 0x9, 0x6e}, @IPVS_SVC_ATTR_PROTOCOL={0x6, 0x2, 0x2b}, @IPVS_SVC_ATTR_PROTOCOL={0x6, 0x2, 0x62}, @IPVS_SVC_ATTR_PE_NAME={0x8}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x1}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x3ff}, @IPVS_CMD_ATTR_SERVICE={0x14, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_AF={0x6, 0x1, 0x2}, @IPVS_SVC_ATTR_FWMARK={0x8, 0x5, 0x1}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x6}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x2}]}, 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x4000) sendmsg$NFNL_MSG_ACCT_NEW(r4, &(0x7f0000001740)={&(0x7f0000001680)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000001700)={&(0x7f00000016c0)={0x38, 0x0, 0x7, 0x101, 0x0, 0x0, {0x0, 0x0, 0x9}, [@NFACCT_BYTES={0xc, 0x3, 0x1, 0x0, 0x81}, @NFACCT_NAME={0x9, 0x1, 'syz1\x00'}, @NFACCT_BYTES={0xc, 0x3, 0x1, 0x0, 0x6b6}]}, 0x38}, 0x1, 0x0, 0x0, 0x4000}, 0x8004) 14:12:33 executing program 1: semctl$SEM_STAT_ANY(0xffffffffffffffff, 0x5, 0x14, &(0x7f0000000000)=""/211) r0 = semget(0x3, 0x0, 0x31) semctl$IPC_INFO(r0, 0x1, 0x3, &(0x7f0000000100)=""/143) semtimedop(r0, &(0x7f00000001c0)=[{0x4, 0x2, 0x1800}, {0x1, 0x441f, 0x1000}, {0x1, 0x3f}, {0x3, 0x7}, {0x1, 0x66, 0x1800}, {0x3, 0x1, 0x1800}, {0x3, 0x535}, {0x2, 0x3, 0x1800}, {0x3, 0x7, 0x1000}, {0x3, 0x3, 0x1800}], 0xa, &(0x7f0000000200)) r1 = semget(0x0, 0x4, 0x2) semop(r1, &(0x7f0000000240)=[{0x3, 0x8, 0x1800}, {0x1, 0x8, 0x1000}, {0x3, 0x7ff}, {0x4, 0x800, 0x1800}, {0x1, 0x3ff, 0x1000}, {0x3, 0x0, 0x3800}, {0x1, 0x8, 0x1400}, {0x4, 0x4}], 0x8) r2 = semget(0x1, 0x4, 0x0) semctl$GETALL(r2, 0x0, 0xd, &(0x7f0000000280)=""/79) semctl$GETALL(r2, 0x0, 0xd, &(0x7f0000000300)=""/34) semctl$IPC_RMID(r2, 0x0, 0x0) r3 = semget(0x3, 0x3, 0x0) semtimedop(r3, &(0x7f0000000340)=[{0x0, 0xfff, 0x800}, {0x4, 0x6, 0x1000}, {0x1, 0x7ff}, {0x2, 0x8, 0x800}, {0x0, 0x7fff, 0x1400}], 0x5, &(0x7f0000000380)) semop(r2, &(0x7f00000003c0)=[{0x1, 0x8db8, 0x1800}, {0x2, 0x3, 0x800}, {0x1, 0x9, 0x3000}, {0x3, 0x3, 0x800}, {0x4, 0x3a0, 0x1000}, {0x4, 0x5, 0x1000}, {0x0, 0x7, 0x800}, {0x1, 0x200}, {0x0, 0x0, 0x800}], 0x9) semctl$SEM_STAT(r2, 0x1, 0x12, &(0x7f0000000400)=""/36) r4 = semget$private(0x0, 0x0, 0x619) semtimedop(r4, &(0x7f0000000440)=[{0x3, 0x81, 0x1000}, {0x0, 0x8, 0x800}, {0x2, 0x6, 0x1800}, {0x3, 0x1f}], 0x4, &(0x7f0000000480)={0x0, 0x3938700}) r5 = semget(0x2, 0x1, 0x2c) semctl$IPC_INFO(r5, 0x1, 0x3, &(0x7f00000004c0)=""/91) semctl$IPC_STAT(r1, 0x0, 0x2, &(0x7f0000000540)=""/50) semctl$SETALL(r3, 0x0, 0x11, &(0x7f0000000580)=[0x7, 0x7, 0x81]) [ 64.696236] audit: type=1400 audit(1664719953.206:6): avc: denied { execmem } for pid=285 comm="syz-executor.0" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1 14:12:33 executing program 2: getsockopt$IP6T_SO_GET_ENTRIES(0xffffffffffffffff, 0x29, 0x41, &(0x7f0000000000)={'raw\x00', 0xe6, "bbfca4affc180991174feeb4e953cf18e53edc8d341db9877292477241b1ed4ca4561f97cbfbb50087b364190abd91246ba0a341e23b70c6471500e2571c72f839f434248291d25c6b0d2193a1ebde76f4858a1697b29063eeaedf6def1f82631ce4447f940e24d0ee252d69b6f396bf2b1ebe71a0a68b09c49d7349935d7ab12aef184e53bfa0f49e35038f620fcf30f80449c1724601384eca957f57cfbad558b852830f5e45cb644bbd3010a4b9e46e6f907926989c84a2cbf62c39dbb08a5a5e6ad4d0b48d8db408c7134d36599d89d27042e968454734038386117ac4bb584339660a5e"}, &(0x7f0000000140)=0x10a) ioctl$AUTOFS_DEV_IOCTL_CATATONIC(0xffffffffffffffff, 0xc0189379, &(0x7f0000000180)={{0x1, 0x1, 0x18, 0xffffffffffffffff}, './file0\x00'}) ioctl$BTRFS_IOC_ADD_DEV(0xffffffffffffffff, 0x5000940a, &(0x7f00000001c0)={{r0}, "4a204c415cd29e50ec2e048b814ae1ff7fa240361b6a7f92dbe52fc076fab7fa83836036b9240bf24c8a678d5041154f4e2a9927586b963a5ad732bcecb5d721d8011d780786054e2472f925545b8db488b2556456f5809fa94713586aa21eca8c8cf742616406eff6966ea10dd4256e1f12a055093ee215d0e338ed9dcdb683ecb1a7f09205ee8f0181f9f4c75690fc25f55fb3a1f9cf553f7e39480793a5dc14123fb9b90da4fd8947c10078990ac91ee69a490a2265f52f38b1c61be42c3306eddbc7a2298e1a6096991d5206878d10be146b2772d3f87b4e50e8735d56f5497dc457370550d8753ff9d57bc02cd1c218618ec14aed42a0ca25f002612b683c2b0e25a7c8b9704bc0fb8c66bba1f790054158a207d48fefc555a2f9d6295cca52fd212360689d5af05f2ed04e739e4e1554073abd4269adf081427e7df5ae5c5eec6c7b9212390568cb333964650be81d6c150b20a8dc1e5856b22bbf4148b12d62527c5f8798ee98fcfdac3abb0408691a2b601aeb78813d09af53fb20cac43fa96b51bf3e6ac935fd43ab2ef122238ff28a2b02cb36a502645110394fcaf15919e24574563b636111da33e60a99619e28d76b497193ab68b5b020fbfd26ad62652e582ef2541a5ca267bab1a35851c45f7c6e2d3353b7d4e02d7bccb7b27c280d672ac866722e7fddb2f7438e4ef9923e379e393e9fa20abf51a53695848a149c71ec0716518d5dfb3695bb469ad8cca534be444d5b3c41ec35681746fc55fada110c2f958898b7d9a3d95373b22f3a95e68a68a89da0dd7770a89509cbe1887c5e659fff9f1c087a8037b6e67c07c1da10d7c840803cd254c10d9a2eb02b355fc9e7a970950b22e3d7fd0cbec1ebf1637dbcfcf2627d1d5972f864343f87699fd3506b0d3803e9ca5af1684a6ef45d6601d6e8f99941fbf1e9f98350ca244108f9113050f0a99e27b8ad9eeed87d46be6fd7c513ff8276b97c7d52b0972659e18a3b7239672a190ac38446691d394eb86f6d3b43c338534a3f3570358f09f9b5f1815cbd34d4b1c8a7840cc9dda7dbdbaf61fa1ea5f167c7e5469c1fa261394bf7454236c7e7630b37ebaf00b46b245ea69352fc458a3e24161ac2ee4c88b394475e4c5eaef2d65f3f3befa456ba6a650283e02811d7e89f4d002f48bc2ff491ccecdb401ddd9ab3f330d467cbe343163da952e19f6942f97ce2631e22a716e781d890398c40385fbb7cae92bfb56d8d01d1bc39605a60c5ddae26698814e91387de25994c53dc4b29c06b028355dc71d99093d4ba28842c49d7e616a7cde0cae194e921fe020c2f2b4e5e8e39e890571319b90d6f49ff515378efe7a005e0993bcf5e5e02987e7466b63956b900408541a527ebbaa433c95dbea5102d5ce3b9092eaba50cf83596f56e2793591ffc83e1f44d9262373903d9e1d4d6bb36c1be2024b83581070241fbcb503681408a10b641b6d5e2309c142b32e8d5ad16d153b7d486a717a22ca6dfc8be1a4011e72f0275919f1682d204da0cf2a1207ec8d290caea535690b49a97908f7e414e6d2b2f052b7ae2289ceb5829c659f1e07fb40244c0a46ffd64788e3728fdf6ee4d4ba5c626eb76ce2d6dc7d2c3aae8b9907f9a316644d11733039e3022d998c3a9d09def87c33a2acb4df3beca36e30bd13bd6799032f1c3a30564ffbe621e68a7f1a1aad5695dd157cd3cc57d0eba6e485a3ebd8a4e18922dd74f5f36b0d391685d5637c1c1db1ff1f16ccaeb79de23a013d5acb35feea46f8dbac60913058bc2e590f12745e608e91e8f79bff2b79b27f59412443e3b015ff2b077d0ac5301f53195e638b7b8f8c07fbf4d7be85cda21144b287a1efffc3a5f99719b060ffbce40c0f21849df6bec6cdc50fd4e243ac6d9b15f33c674c84b7988e6d5cf49fc5a78348ae99044be5899e134b031df7b9a6571723cf3614633d3d708297ac4153f25475541062fae227b9350267585aa8294aaf224d4dd4c2d6ca8b7761965531f92037b59771bb9b78104cd79de088c5576bd7830a5a0d5debe7ec725961a26210ee5295a2f9b34bc1fe8c71ee00a345029c931e462a99630124aeb583cc427fb492bfaf7eaa979570a8675c8bfc4bca5ef3c7bd00e15b86b1ab2d8cd6eceba947aa469816e8873d0b865a1dcb0e0e555a47a79132648f237146dee08f8da48f23b0f4e1fb4873b53b26a9f5f70b1339b3000f4453a50376c2735f8a435e89c6062ba731335c233c5981d3e82c862f2b5d86f6c9725411401e2db04e3576e21bea7cdfff295fdaecb245a5dbd91060aba7b9cecbf6a9747005364316a3171698b50a728481e23fe5a5f05bfded7919569f6facefc59a85c550143526b67866cda850a3b913b57af5008799a5997982e25af5dedceb007d0544f11934cba2d76b8857ce8f313cd3cc137e84520177799da2453a5ceca2c00ac4b5711c415cf5780f5eff01d5a30d703f8e40d9640f654a6967b923fc801dd7df63ba84f61836e8c42dfc43e0b39e0055fd97d0eb179a0f66bf3349b73322b7834b82304fa1988d6f64f4fe271f79fc074daeafdc26722a231f99a9d3846b413a211a05032021a91f167c2b6205a4129d9f22071825989b0350f6ed202d932c07f5e2752875325d846ca97b27d2e2b33915b9af69af2961653b9123d2e975ca07c9c2a091192fb3b5062d4a4786358c6bfa1e01ac70c937ed7792146481a5e5df4d0a0c6edd35fd629e81217dbc495c8315141a090a14d468ce43d020603a329d9ef4f6aa293f2a75a3a467d126e5f6a3584c2c52b35c8dc29f8b8dc555a0110983f11bfe52db6bf227994abfd784e7b409b7e8649c052ec2ae714c4faa75e44abaf5b26fc9316e7aa11d50a5b82b95e82c4b48757edd8e549bb1069dfe0189e8427ff1328d79bafdb944e6337a7ee4b61fcd6030f2f69b1a02733b18c0728b20a5f3226c1ea626cce2cf08447b29ebf9918da6015eea70ace6c38d1cbd9c55cdbb1bf8e403cee03549e90dc5b75aaea26213ad7336da8ca52bfddbdfa70663fa07f6393d1e2e4d226a1d9c6c469ea0f0a1cfb9bbb452e2c3c45a70ff4afcf7ffbb7461603636cf5394a8c57097bdff67b33526928e0893845957f3859f0c677a33534980eb15ff4138bd6d300b4cfc78437ace070ad4e6e4447fab114596eb3cf67eff33694c118835140d60053b56015581de9507a96adbaf075ed5459cd4fbf9207e50db69ad7f766794f1caaf866bd4609f2bf2ab9c64497df85112bd6087016106fb5cea55e6232af24371ca15086c947178ac2b2bf0280631890375339a272c0ecd366af5ea190448ee2640a209718f6721d1690f9e8606bb986242f94fb41673be3847beaea93ab440aacdf253559c07007e03259f7893a030e86eddfa3492535f1bc449e1aa1a24eb59a30da1a8b7c25faf48516cbc03f120d787d8d20ab6c2e9dd6d71f94fffbc86936d9a8711b29c8708c14a205a71d8e303b3c5f54a285dabc4eb8cf02dc48fd66842357d33e2ccf8aa5c8b3ae25c8046a5d554c64ae40bd736be89fd018eb72146d1f2e55b081b600ca139892a59889f15eb1a930b61e0bbcb051bf95cc0851b1e922ffa1003298875afc26bb34688053bfd4d1560cb0ac86b1d213008b15f1f471960c8c32db3ca57dabce561a0e047e382c398f98882d444182d539972c6091dfb393d520f90aac2553d946b5553f3540a8b6d0f23ff20633fd3b0abd6ac73b3f82b259b0c8bf28bc69c5a5fafc8a25234a634c356de848a28f0eee46ed71aafdd24fdb794d34655a6ee5c64e532f56dd4d3b3a4cb23e0f5d615342bc4586c4ac3816a5fb0b821d44e1a58cccd0c7a12f92b45a31a96a045e90684196837804db2662808f7ab94765180a8fe09a436dccc4c4d736d1fdb16f77ef5588ec8c6e556c5f686049fc02a19725e47828e022e4ec1be69bc6841a6dbf4ce31ffca104d1552cdc832047eb45e99755150462417761c635d599414ae74f10b1920769342387580802ed2159d520165afa3c2a4b632565747b2612d167962f2097f10f5833984292ad81d9a8daee3cc6ae8581ba5f2e7326dd0606c146fc4a40bf0571ea2da766fddae5fe1dbff941d2e9437cf31248f3c8691f7e8dce1acbf7541f34a6c673d12c944cf7abfb62928f515f7da9fe3774c19c65209b15b90f760adc369460fee45330bfcf54a05649b4ae75cbabf44133580c36ef06982ecb393711db738054c80e1aa1b14a37b788f17b9992fff2bbc9aba5c56b758b0432ac312f4fdd9ea7de4f535cccf1378542b0949afa05ebe28c0bd58ee7d3dac02b24df409116fb8d5e360f6436112e0fc5f300ae2ddd4130aacf625edc95a315eb739e126be664cf340461a424e6129afe367a9772c68a70eb0749c0608c4274f02e466d51976b917b15f53127dce4ff28d4b920e26d09dcc9f9b0b93e8af99a8409cfff376bdd5ecf7458768e61be6db87fa83f5930befffe73ae866bb0efd2facce7db38ee891ed525a3a5c5fb399d71e606599d6cd300036ab5c190392ed09b29bbb2f05c5d920d95bba71245efefffc5cb4a12773c17cfd69222c50351dc60061e75b10b2da79ae321cb5fab705dd3c636c236febee4a0fe7b03e954da46a5cedeed4490d1419742f9d92ac6e370ca80ff61852d2ad9e12b01916c29538ac8fff51b5fa63d0288881757ac2bb4804cf8f4a7e1c0a9b0e78fe07a6994a296505b7779b20803a3b13a491ba541adada4cc0de18037ab28a66bd65f56945d02ef86220605c732ead84c5046c3012467586857278f3583867717dc7a4b949c30e347d15b25b3c336b84d19f7a4847390ef990e3140afcca394a50d9ac075b0ce1f4a8711747db716080060cfdf40d0052df40912269b13ef92504cb5772c9168bd08d815b1d0041592b0ec8f696b276b974aae3d6d508bd0b8eb9cc16858413a2fbfcb3d34401fa314a9bb903f85fd93ae4a4a9b68c354216f04029f592dc63b5528e56a69fd719011344a73afe4b66cd5f72d5c9743c7460333a81975407ff3e6d55d35f5e62b0e2c11ebd1e60d7f9c3e7675c1c654e7705a94bf065e44597fb9840acf1a621471be013092c4a04c2a88ccf50a78a4c4cc4f56ffb5913146e05ad6fb5dbe1ede8a78fac8a2518d19a0b284211c0cf0aabff5aedb38199dc1508b38a8e83d8ac3e1bd877b138c7aa36124e3f5fe3866e46d051babf58c48995f048dac7918a57e01a7f54a3281d20fae0499e1f9d7feeda31d52c1c05c21b4c03474615aa9922c8f04888273915b2cba3c7729bb83bbacce0e42692a196205ab756649e5a84aaf5b4511612a2226c6f9b9d7ff256df2401d16c23027402e58f76096258289f2e2294612aac89a93cb37225b8182d63cfd74fac7f5dbacddb5519691a91eb8f4d6d5dcbedaba5f642f7fb9b21f6fad32fdfbe5bf34b1d437e9e0a35deb26cdf4fb81537b601eb2cea22d46ef4640ced846b56f3a051ae69fe6f1f867ba3a9a4ae55b0f48302a7b75a110615937818ae9f8c0b6798b35cca417e1a0a89f81c349f332470c068763ce1d0e4980df8aa9e63baa719e01e4a82e11f4bc9b5da8073b0a95a84e3750373af63e2b126e2db1c3cd246d7e55a0c6dfd5ff3527a0e7c00ae8c6ef6e9984c281890d298b9bf1902d19a4a6e103ce072d8b0f010ed24e6f46f1651b273a0eaf8df3f54584978a9475ed430052ac219fd3f4e64440e973a22509481e77910f68103485ec69a84c1e9de1747a93c821f52cfb8840fa703352db51"}) r1 = openat$vcs(0xffffffffffffff9c, &(0x7f00000011c0), 0xa100, 0x0) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r1, 0xc0189373, &(0x7f0000001200)={{0x1, 0x1, 0x18, r0, {0x81}}, './file0\x00'}) r3 = openat(r2, &(0x7f0000001240)='./file0\x00', 0x109000, 0x192) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r3, 0xc0189373, &(0x7f0000001280)={{0x1, 0x1, 0x18, r2, {0xbf}}, './file0\x00'}) r5 = socket$nl_netfilter(0x10, 0x3, 0xc) ioctl$AUTOFS_DEV_IOCTL_CATATONIC(r1, 0xc0189379, &(0x7f00000012c0)={{0x1, 0x1, 0x18, r5}, './file0\x00'}) sendmsg$IPCTNL_MSG_CT_GET_CTRZERO(r4, &(0x7f0000001400)={&(0x7f0000001300)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f00000013c0)={&(0x7f0000001340)={0x44, 0x3, 0x1, 0x101, 0x0, 0x0, {0x0, 0x0, 0x2}, [@CTA_MARK={0x8, 0x8, 0x1, 0x0, 0x1}, @CTA_PROTOINFO={0x28, 0x4, 0x0, 0x1, @CTA_PROTOINFO_SCTP={0x24, 0x3, 0x0, 0x1, [@CTA_PROTOINFO_SCTP_VTAG_REPLY={0x8, 0x3, 0x1, 0x0, 0x5}, @CTA_PROTOINFO_SCTP_VTAG_ORIGINAL={0x8, 0x2, 0x1, 0x0, 0x20}, @CTA_PROTOINFO_SCTP_VTAG_REPLY={0x8, 0x3, 0x1, 0x0, 0x5}, @CTA_PROTOINFO_SCTP_STATE={0x5, 0x1, 0xcc}]}}]}, 0x44}, 0x1, 0x0, 0x0, 0x4000000}, 0x40080) clock_gettime(0x0, &(0x7f0000001440)={0x0, 0x0}) syz_io_uring_submit(0x0, 0x0, &(0x7f00000014c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x2, 0x0, 0x0, 0x0, &(0x7f0000001480)={r7, r8+10000000}, 0x1, 0x1, 0x1}, 0x7) r9 = openat(r4, &(0x7f0000001500)='./file0\x00', 0x8801, 0x145) ioctl$AUTOFS_DEV_IOCTL_PROTOVER(r3, 0xc0189372, &(0x7f0000001540)={{0x1, 0x1, 0x18, r0, {0x3}}, './file0\x00'}) pipe2$9p(&(0x7f0000001580)={0xffffffffffffffff, 0xffffffffffffffff}, 0x400) ioctl$AUTOFS_DEV_IOCTL_PROTOVER(r10, 0xc0189372, &(0x7f00000015c0)={{0x1, 0x1, 0x18, r11, {0x800}}, './file0\x00'}) sendmsg$NFT_MSG_GETSET(r9, &(0x7f00000016c0)={&(0x7f0000001600)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000001680)={&(0x7f0000001640)={0x20, 0xa, 0xa, 0x101, 0x0, 0x0, {0x2bf76e2e6ef7e774, 0x0, 0x5}, [@NFTA_SET_HANDLE={0xc, 0x10, 0x1, 0x0, 0x4}]}, 0x20}, 0x1, 0x0, 0x0, 0x2048004}, 0xc000) sendmsg$ETHTOOL_MSG_CHANNELS_SET(r0, &(0x7f0000001800)={&(0x7f0000001700)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f00000017c0)={&(0x7f0000001740)={0x4c, 0x0, 0x1, 0x70bd2d, 0x25dfdbfd, {}, [@ETHTOOL_A_CHANNELS_OTHER_COUNT={0x8, 0x8, 0xffffff72}, @ETHTOOL_A_CHANNELS_RX_COUNT={0x8, 0x6, 0x8}, @ETHTOOL_A_CHANNELS_RX_COUNT={0x8, 0x6, 0xeeb3}, @ETHTOOL_A_CHANNELS_COMBINED_COUNT={0x8, 0x9, 0x9437}, @ETHTOOL_A_CHANNELS_COMBINED_COUNT={0x8, 0x9, 0x1}, @ETHTOOL_A_CHANNELS_OTHER_COUNT={0x8, 0x8, 0x454}, @ETHTOOL_A_CHANNELS_TX_COUNT={0x8, 0x7, 0xb6}]}, 0x4c}, 0x1, 0x0, 0x0, 0x4000000}, 0x4000) ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(r6, 0xc018937e, &(0x7f0000001840)={{0x1, 0x1, 0x18, r2, @in_args={0x4}}, './file0\x00'}) sendmsg$unix(r13, &(0x7f0000001b40)={&(0x7f0000001880)=@abs={0x1, 0x0, 0x4e21}, 0x6e, &(0x7f0000001a80)=[{&(0x7f0000001900)="c5f0465114e249a0f027c30b010c3dcbd949753edc2edbff8ae81caab4c10be2f7e527ac8662a8f8b9a62a58de093578567f347b89f074c557d1ad982658713cb2", 0x41}, {&(0x7f0000001980)="723e3d6541c02088d15e3b8a5d81e166bab47128cf77c6cc6aa2b11ab5cf05c23d7aa7ac733b3a7a11af0f6922a50a1cae398c9c1935998aadb1b0186317fedf1ec7cf16246fe61e49db19b1ab21a5f28b9116f460fdf126ebdf4e1ad505498198d21c9d9b3f79206b3fc04357193535182b8c50330d64cde5659539ca843de7857d41cf6fcd6770baa88ece1bf4bc9014b916b824df53dd6d78efd6e58ba4d4f409eaadc5b741f99fd362e49aebe27936f2f8574005d2e124dc4c77d4e69b55164e723f0e025a2a7bda4c0e3ec1f6a0cd35c881a05addb7fa00b69d9e685ae60029", 0xe2}], 0x2, &(0x7f0000001b00)=[@rights={{0x20, 0x1, 0x1, [r12, r0, r9, 0xffffffffffffffff]}}], 0x20, 0x80c5}, 0x5) 14:12:33 executing program 3: rename(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='./file0\x00') r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000080), 0xc100) syz_io_uring_submit(0x0, 0x0, &(0x7f00000000c0)=@IORING_OP_TEE={0x21, 0x0, 0x0, @fd=r0, 0x0, 0x0, 0x400, 0xa}, 0x8000000) r1 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ff9000/0x4000)=nil, 0x4000, 0x3000002, 0x20010, 0xffffffffffffffff, 0x8000000) clock_gettime(0x0, &(0x7f0000000100)={0x0, 0x0}) syz_io_uring_submit(r1, 0x0, &(0x7f0000000180)=@IORING_OP_TIMEOUT={0xb, 0x5, 0x0, 0x0, 0x1, &(0x7f0000000140)={r2, r3+60000000}}, 0x5) r4 = io_uring_setup(0x1901, &(0x7f00000001c0)={0x0, 0x6113, 0x10, 0x2, 0x168}) r5 = syz_io_uring_setup(0x2912, &(0x7f0000000240)={0x0, 0x2d17, 0x10, 0x3, 0xab, 0x0, r4}, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000ffb000/0x2000)=nil, &(0x7f00000002c0), &(0x7f0000000300)=0x0) ioctl$BTRFS_IOC_LOGICAL_INO_V2(r4, 0xc038943b, &(0x7f0000000380)={0x1, 0x10, '\x00', 0x0, &(0x7f0000000340)=[0x0, 0x0]}) io_uring_register$IORING_REGISTER_BUFFERS(r5, 0x0, &(0x7f0000000980)=[{&(0x7f00000003c0)=""/210, 0xd2}, {&(0x7f00000004c0)=""/43, 0x2b}, {&(0x7f0000000500)=""/122, 0x7a}, {&(0x7f0000000580)=""/210, 0xd2}, {&(0x7f0000000680)=""/216, 0xd8}, {&(0x7f0000000780)=""/21, 0x15}, {&(0x7f00000007c0)=""/87, 0x57}, {&(0x7f0000000840)=""/180, 0xb4}, {&(0x7f0000000900)=""/85, 0x55}], 0x9) ioctl$BTRFS_IOC_INO_LOOKUP(r0, 0xd0009412, &(0x7f0000000a40)={0x0, 0x4}) ioctl$FICLONERANGE(r0, 0x4020940d, &(0x7f0000001a40)={{r4}, 0x1f, 0x8, 0x6}) r7 = syz_open_dev$vcsu(&(0x7f0000001a80), 0x4, 0x2) syz_io_uring_submit(r1, r6, &(0x7f0000001b80)=@IORING_OP_ACCEPT={0xd, 0x5, 0x0, r7, &(0x7f0000001ac0)=0x80, &(0x7f0000001b00)=@rxrpc=@in6={0x21, 0x0, 0x2, 0x1c, {0xa, 0x0, 0x0, @mcast1}}, 0x0, 0x80000, 0x1}, 0x9) syz_io_uring_setup(0x1abd, &(0x7f0000001bc0)={0x0, 0xff7b, 0x0, 0x1, 0x3bc, 0x0, r4}, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffb000/0x1000)=nil, &(0x7f0000001c40), &(0x7f0000001c80)=0x0) r9 = io_uring_register$IORING_REGISTER_PERSONALITY(r7, 0x9, 0x0, 0x0) syz_io_uring_submit(r1, r8, &(0x7f0000001cc0)=@IORING_OP_TIMEOUT_REMOVE={0xc, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, {0x0, r9}}, 0x200) syz_io_uring_setup(0x7da4, &(0x7f0000001d00)={0x0, 0xa09a, 0x0, 0x1, 0x1e6}, &(0x7f0000ff1000/0xf000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000001d80)=0x0, &(0x7f0000001dc0)) syz_io_uring_submit(r10, r6, &(0x7f0000001e00)=@IORING_OP_WRITE_FIXED={0x5, 0x5, 0x4004, @fd=r0, 0x100, 0x1, 0x878f, 0x4}, 0x5) syz_io_uring_setup(0x35cf, &(0x7f0000001e40)={0x0, 0x487e, 0x0, 0x3, 0x40}, &(0x7f0000ff6000/0x4000)=nil, &(0x7f0000ff3000/0x3000)=nil, &(0x7f0000001ec0), &(0x7f0000001f00)) 14:12:33 executing program 4: r0 = creat(&(0x7f0000000000)='./file0\x00', 0x2) ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(r0, 0xc018937a, &(0x7f0000000040)={{0x1, 0x1, 0x18, r0, {0xe0}}, './file0\x00'}) inotify_add_watch(r1, &(0x7f0000000080)='./file0\x00', 0x400) r2 = getpgrp(0x0) r3 = accept$packet(r1, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000100)=0x14) kcmp(0xffffffffffffffff, r2, 0x6, r3, r0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000140)=@IORING_OP_FSYNC={0x3, 0x3, 0x0, @fd_index=0x5, 0x0, 0x0, 0x0, 0x1, 0x1}, 0x8) ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(r0, 0xc018937d, &(0x7f0000000180)={{0x1, 0x1, 0x18, r3, {0x13}}, './file0\x00'}) ioctl$EXT4_IOC_CHECKPOINT(r3, 0x4004662b, &(0x7f00000001c0)=0x6) r5 = dup2(r0, r1) sendmsg$NFNL_MSG_CTHELPER_DEL(r5, &(0x7f00000002c0)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000280)={&(0x7f0000000240)={0x24, 0x2, 0x9, 0x401, 0x0, 0x0, {0x5, 0x0, 0x2}, [@NFCTH_QUEUE_NUM={0x8, 0x3, 0x1, 0x0, 0x1232}, @NFCTH_QUEUE_NUM={0x8, 0x3, 0x1, 0x0, 0x10001}]}, 0x24}, 0x1, 0x0, 0x0, 0x48880}, 0x0) ioctl$AUTOFS_DEV_IOCTL_PROTOVER(r5, 0xc0189372, &(0x7f0000000300)={{0x1, 0x1, 0x18, r0, {0xff}}, './file0\x00'}) ioctl$F2FS_IOC_MOVE_RANGE(r5, 0xc020f509, &(0x7f0000000340)={r3, 0x7, 0x4d3, 0x4}) setpriority(0x0, r2, 0x7) sched_getparam(r2, &(0x7f0000000380)) r6 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000003c0)='/sys/class/msr', 0x40, 0x10) inotify_add_watch(r6, &(0x7f0000000400)='./file0\x00', 0x1000040) umount2(&(0x7f0000000440)='./file0\x00', 0x4) sendmsg$NL80211_CMD_ABORT_SCAN(0xffffffffffffffff, &(0x7f0000000540)={&(0x7f0000000480)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000500)={&(0x7f00000004c0)={0x28, 0x0, 0x800, 0x70bd29, 0x25dfdbfd, {{}, {@val={0x8}, @val={0xc, 0x99, {0x80000000, 0x57}}}}, ["", "", "", "", "", "", "", ""]}, 0x28}, 0x1, 0x0, 0x0, 0x4040}, 0x81) fsetxattr$security_ima(r4, &(0x7f0000000580), &(0x7f00000005c0)=@sha1={0x1, "fbfff09bcc28f424590a9e748124bb5a8fe4813d"}, 0x15, 0x1) 14:12:33 executing program 5: sendmsg$SEG6_CMD_DUMPHMAC(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x34, 0x0, 0x100, 0x70bd26, 0x25dfdbfc, {}, [@SEG6_ATTR_ALGID={0x5, 0x6, 0x80}, @SEG6_ATTR_DSTLEN={0x8, 0x2, 0x9}, @SEG6_ATTR_DSTLEN={0x8, 0x2, 0x2}, @SEG6_ATTR_ALGID={0x5, 0x6, 0x5}]}, 0x34}, 0x1, 0x0, 0x0, 0x20004890}, 0x40d0) sendmsg$NL80211_CMD_NEW_INTERFACE(0xffffffffffffffff, &(0x7f0000000240)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000200)={&(0x7f0000000140)={0x8c, 0x0, 0x4, 0x70bd27, 0x25dfdbfe, {{}, {@void, @val={0x8}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x2}, @mon_options=[@NL80211_ATTR_MU_MIMO_GROUP_DATA={0x1c, 0xe7, "3b2a0969c79c3b733995fd4f1aee4314786e58ad0d6919b6"}, @NL80211_ATTR_MNTR_FLAGS={0x18, 0x17, 0x0, 0x1, [@NL80211_MNTR_FLAG_OTHER_BSS={0x4}, @NL80211_MNTR_FLAG_COOK_FRAMES={0x4}, @NL80211_MNTR_FLAG_PLCPFAIL={0x4}, @NL80211_MNTR_FLAG_FCSFAIL={0x4}, @NL80211_MNTR_FLAG_OTHER_BSS={0x4}]}, @NL80211_ATTR_MU_MIMO_FOLLOW_MAC_ADDR={0xa, 0xe8, @device_b}, @NL80211_ATTR_MNTR_FLAGS={0xc, 0x17, 0x0, 0x1, [@NL80211_MNTR_FLAG_OTHER_BSS={0x4}, @NL80211_MNTR_FLAG_COOK_FRAMES={0x4}]}, @NL80211_ATTR_MU_MIMO_GROUP_DATA={0x1c, 0xe7, "4f4728f050860886944cd2ddda72378a22b451e058c0ce7f"}]]}, 0x8c}, 0x1, 0x0, 0x0, 0x881}, 0x800) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f00000002c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_BEACON(0xffffffffffffffff, &(0x7f0000000900)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f00000008c0)={&(0x7f0000000300)={0x59c, 0x0, 0x8, 0x70bd2a, 0x25dfdbfc, {{}, {@val={0x8, 0x3, r0}, @void}}, [@NL80211_ATTR_PROBE_RESP={0x1bc, 0x91, "5842777dbee623d1233d350b72806974201e4d8b506eecb0ff3dad385face36104a28251fef1a5e42ea7a7467953de1990e1d9d39d42fb1746b4dfdf9589ac84c060c5f5534e1a565e5d37375be0f4e073dcce69a33b7d28ae7e8febf5cf4bfd53b6348fa53b91cc01bcb762a8e4f9572353b32745342e0fc76439f0f66b6efc76e575d251722e1c31ac6ffa83595ee1488b9e78f2a0a2672dbcf6590ce13b50507d95e7a07182aa0f1949c040c914f1a4171b39e143fe7b8d748d3d81fb1e8347a2b9ae55993837e2650643e9530e917de6309b493ca6e6f76dbc538929e2a853e33041409194a10838dfeff81620ce2b995d3cb748e76473fef077e00497e233f7f85e9758da0a246b8e4319e3e08f7fee59378cff469d5c39c466de7945a274cf57042ba9bb58dd3f40c3fe59aa57510d66f94ddbf02c928c3a1847a7affdfe79b05333dec6b17cff4625a2d48fe11f13a459003b2ee085c967cd6cd2aacb5fec303903ae33ba77ac6baa5910e8fc5dfb519b756a09f241785ff5e41bac79a533cfa0c937913da30921d2702df54cebd8b2798ae6170e59db9faa258cc2257d83ffd80df0f0bc5571d06fc7658f48b96a33340be2dd6a"}, @NL80211_ATTR_FTM_RESPONDER={0x1c8, 0x10e, 0x0, 0x1, [@NL80211_FTM_RESP_ATTR_CIVICLOC={0x81, 0x3, "09999c71d741f7b85f6807f7e1d5a75f672041f3e826cb03904503eb0e4ee65e51d515be72877ff9baf7eab21fe27f16eb8f0abc3d2f98b2365d882717e867a7d6b12daa0f95225a9bfd20a4c9c15c57b0b245a26eadef30b8532a0dcf2655285e43f812ae926434b9d16798e4f4d73466e7024424aa512b897d1d8bb9"}, @NL80211_FTM_RESP_ATTR_LCI={0x7a, 0x2, "5430eea3bb837f05131c26b3d7e362699e780b5bac1203ff9d0d0d6ee72496906240240d511ebad5da4ed646cbe9ac7781a7f05f32f724e5cb563d71ec9edf4d508d1b4f389ae9bed849c3353d5a7f066de3c44ed7f282e8b75c1cb1b5adb1ce06c8a53c766b9013fb8b1a6c36024beda2138b189e3a"}, @NL80211_FTM_RESP_ATTR_ENABLED={0x4}, @NL80211_FTM_RESP_ATTR_CIVICLOC={0xa1, 0x3, "afde266b7ee9b72b88f2d0bdc0e2a60550bf1c9858fd624fd11d44dcf393661643fdb0ff4086456c2f2ee9f04e085f14eeadb5b151f7945a32d0938177aa2ebfd9a8cc7f1dc8f02cd90bbef1eb0fee0e10b0cf283aa1a0e844a3f969619b3ca6e5d196be961461ddb7d30f8ede424e54795ca27624f0c1c79c2a18962942d6b94b5a64696d15a2da8ac7156e3f2e9c185216b974f6e617b309e6cedbc1"}, @NL80211_FTM_RESP_ATTR_CIVICLOC={0x1b, 0x3, "a1461981ed9cedd67dce1c6286c16a8ae221b4539378bb"}]}, @NL80211_ATTR_BEACON_TAIL={0x1fc, 0xf, [@random_vendor={0xdd, 0x3b, "240094c3fa05d89b2b7d47e1c5d4010680f9c134b70ad3394ba976cad738a88b8bebfdd0c9520ace42f686c23fd25e7fcd36e5cb233384f1514645"}, @tim={0x5, 0xbb, {0xdb, 0xa7, 0x5, "2e269f5d8a193743f3c83e6bc92a589cbdf6f7567d797d259cd84faa65130792adb2e9c85cf84fd0441e8621195c23a3ec3bc7b6838c0b2a8dc30d524ff9bfa9e3a55b63c250e5c66f18d6201c764747acc43b5d49c208aa751799a9a563473b08a9254c51c9cd4e34538d2944d241dd88ba225366726e6b82b7ec9085fe0981617943184ec3bf72ee14da18c0a7730bba99147e2faee683ced342af153fd616fb31cf907cafc7bb7b3cf17b05a82bc8dea29d85d54e7c8e"}}, @mesh_config={0x71, 0x7, {0xffffffffffffffff, 0x1, 0x0, 0x0, 0xffffffffffffffff, 0x34, 0x29}}, @tim={0x5, 0x92, {0x5, 0x95, 0x20, "2ba1178a93b22ad9155faa263ba1ffad2d0d404f670f3576b1f6c7e5dc0e4a6ec4fd1f23b6f3902deb4a357f7f3e94f89f8cdce711ee0b297a4c602cbf06a3db35a126203cea51f941f6097b82b27aa0663d0ac8a1a4e30871d4826b48658c89b7cec36005055a75571fee12927525f8f72dac65b87b04e6a485bd9f0411700a32cc82264b163701d5b580b2d81540"}}, @chsw_timing={0x68, 0x4, {0x9, 0xfff7}}, @peer_mgmt={0x75, 0x16, {0x0, 0x4, @val=0x9, @void, @val="11ded128235ef161e13ccd4556e075cc"}}, @tim={0x5, 0x3b, {0x5, 0x84, 0x8, "e5f23f58b0ffd1361a9e805722a09d5b276e2915ef57a235e7a99f367617d1b4bad3869dc9013fcecf9b0e2a3ee08f2aedec749d1495e688"}}, @chsw_timing={0x68, 0x4, {0xbffe, 0x8}}]}]}, 0x59c}}, 0x8804) r1 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000940), 0x800, 0x0) sendmsg$IPCTNL_MSG_CT_GET_DYING(r1, &(0x7f0000000a40)={&(0x7f0000000980)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000a00)={&(0x7f00000009c0)={0x14, 0x6, 0x1, 0x101, 0x0, 0x0, {0x7}, ["", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x80}, 0x20000010) ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(r1, 0xc018937d, &(0x7f0000000a80)={{0x1, 0x1, 0x18, r1, {0x3}}, './file0\x00'}) sendmsg$NL80211_CMD_SET_INTERFACE(r2, &(0x7f0000000c00)={&(0x7f0000000ac0)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000bc0)={&(0x7f0000000b00)={0xa0, 0x0, 0x200, 0x70bd29, 0x25dfdbff, {{}, {@void, @void}}, [@NL80211_ATTR_MESH_ID={0xa}, @NL80211_ATTR_MESH_ID={0xa}, @NL80211_ATTR_4ADDR={0x5, 0x53, 0x1}, @NL80211_ATTR_MESH_ID={0xa}, @mon_options=[@NL80211_ATTR_MU_MIMO_GROUP_DATA={0x1c, 0xe7, "fb1c8edfccada36ffd8bffd52c5362b493cafacd58185873"}, @NL80211_ATTR_MU_MIMO_FOLLOW_MAC_ADDR={0xa}, @NL80211_ATTR_MU_MIMO_GROUP_DATA={0x1c, 0xe7, "d92a2e2eb93118792fb225df8d2ff6c502a3722c07ad7238"}, @NL80211_ATTR_MU_MIMO_GROUP_DATA={0x1c, 0xe7, "7b383eb455632dd0800e80509ccd9dd641e7f94813748d06"}]]}, 0xa0}, 0x1, 0x0, 0x0, 0x8015}, 0x0) r3 = openat(r2, &(0x7f0000000c40)='./file1\x00', 0x4940, 0x8) ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000cc0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_GET_MPP(r3, &(0x7f0000000dc0)={&(0x7f0000000c80)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000d80)={&(0x7f0000000d00)={0x70, 0x0, 0x20, 0x70bd2a, 0x25dfdbff, {{}, {@val={0x8, 0x3, r4}, @val={0xc, 0x99, {0x9, 0x71}}}}, [@NL80211_ATTR_MPATH_NEXT_HOP={0xa, 0x1a, @device_b}, @NL80211_ATTR_MAC={0xa, 0x6, @broadcast}, @NL80211_ATTR_MPATH_NEXT_HOP={0xa}, @NL80211_ATTR_MAC={0xa, 0x6, @broadcast}, @NL80211_ATTR_MPATH_NEXT_HOP={0xa}, @NL80211_ATTR_MAC={0xa}]}, 0x70}, 0x1, 0x0, 0x0, 0x14}, 0x20000010) sendmsg$NL80211_CMD_START_AP(r3, &(0x7f0000000ec0)={&(0x7f0000000e00)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000e80)={&(0x7f0000000e40)={0x34, 0x0, 0x400, 0x70bd25, 0x25dfdbfe, {{}, {@void, @void}}, [@NL80211_ATTR_INACTIVITY_TIMEOUT={0x6, 0x96, 0x3ff}, @NL80211_ATTR_SMPS_MODE={0x5, 0xd5, 0x3}, @NL80211_ATTR_INACTIVITY_TIMEOUT={0x6, 0x96, 0xcf}, @NL80211_ATTR_P2P_OPPPS={0x5, 0xa3, 0x1}]}, 0x34}}, 0x40090) r5 = fcntl$dupfd(r2, 0x0, r2) sendmsg$DEVLINK_CMD_SB_OCC_SNAPSHOT(r5, &(0x7f0000000fc0)={&(0x7f0000000f00), 0xc, &(0x7f0000000f80)={&(0x7f0000000f40)={0x3c, 0x0, 0x100, 0x70bd2d, 0x25dfdbfe, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0xb, 0x80000000}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x5}, 0x20000040) mmap$IORING_OFF_SQ_RING(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x8, 0x11, r5, 0x0) ioctl$LOOP_CTL_REMOVE(r5, 0x4c81, 0xb) pread64(r5, &(0x7f0000001000), 0x0, 0x8) r6 = perf_event_open(&(0x7f0000001080)={0x3, 0x80, 0x7f, 0x1f, 0x7, 0x6, 0x0, 0x10000, 0x80000, 0x8, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x5, 0x4, @perf_bp={&(0x7f0000001040), 0xe}, 0x420, 0x6, 0x4, 0x1, 0x1ff, 0x3f, 0x8, 0x0, 0x0, 0x0, 0x8}, 0x0, 0x1, r2, 0x0) r7 = signalfd4(r6, &(0x7f0000001100)={[0x9000]}, 0x8, 0x0) dup2(r1, r7) 14:12:33 executing program 7: r0 = syz_open_dev$vcsa(&(0x7f0000000000), 0x6e1, 0x208002) getsockopt$inet6_opts(r0, 0x29, 0x3b, &(0x7f0000000040)=""/141, &(0x7f0000000100)=0x8d) ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(r0, 0x89f2, &(0x7f00000002c0)={'erspan0\x00', &(0x7f0000000140)={'erspan0\x00', 0x0, 0x8, 0x8, 0x10000, 0x40, {{0x4a, 0x4, 0x1, 0x37, 0x128, 0x65, 0x0, 0x80, 0x29, 0x0, @multicast1, @loopback, {[@lsrr={0x83, 0x2b, 0x46, [@multicast1, @multicast2, @broadcast, @local, @empty, @dev={0xac, 0x14, 0x14, 0xe}, @multicast1, @local, @private=0xa010100, @private=0xa010101]}, @timestamp_addr={0x44, 0x4, 0x76, 0x1, 0x1}, @lsrr={0x83, 0x17, 0x25, [@initdev={0xac, 0x1e, 0x1, 0x0}, @dev={0xac, 0x14, 0x14, 0x16}, @rand_addr=0x64010101, @remote, @local]}, @ssrr={0x89, 0x7, 0x40, [@initdev={0xac, 0x1e, 0x1, 0x0}]}, @ra={0x94, 0x4, 0x1}, @ssrr={0x89, 0x1b, 0xb, [@empty, @multicast2, @multicast2, @multicast1, @dev={0xac, 0x14, 0x14, 0x1f}, @rand_addr=0x64010102]}, @cipso={0x86, 0x5d, 0x3, [{0x1, 0x7, "87213e71f6"}, {0x7, 0x4, 'K\\'}, {0x6, 0xd, "c5cab64d4b4450d40d8a9b"}, {0x5, 0x3, 'b'}, {0x2, 0xf, "1efa0c3d38c81b1caf3e1dc331"}, {0x7, 0x7, "935a4b3501"}, {0x5, 0xa, "5a51fc7cfbf0a9a1"}, {0x1, 0xa, "3436af920c395bf8"}, {0x7, 0xc, "c83ee6e67f65aa7b82e1"}, {0x6, 0x6, "c182bfd4"}]}, @timestamp_prespec={0x44, 0x24, 0xe, 0x3, 0x4, [{@dev={0xac, 0x14, 0x14, 0x2e}, 0x198}, {@loopback, 0x5}, {@broadcast, 0x10}, {@multicast1, 0x3}]}, @lsrr={0x83, 0x23, 0x17, [@local, @multicast1, @private=0xa010100, @dev={0xac, 0x14, 0x14, 0x1d}, @broadcast, @local, @dev={0xac, 0x14, 0x14, 0x40}, @loopback]}, @noop]}}}}}) setsockopt$inet6_IPV6_IPSEC_POLICY(r0, 0x29, 0x22, &(0x7f0000000300)={{{@in=@dev={0xac, 0x14, 0x14, 0x1a}, @in6=@mcast2, 0x4e24, 0x900, 0x4e23, 0x9, 0x2, 0x0, 0x10, 0x67, r1, 0xffffffffffffffff}, {0x80000000, 0x7fff, 0x1a, 0xb9e, 0xffff, 0x0, 0x9, 0x8945}, {0x100, 0x1f, 0x2a7, 0x6}, 0x4, 0x6e6bb8, 0x2, 0x1, 0x2, 0x1}, {{@in=@loopback, 0x4d4, 0xff}, 0x2, @in=@dev={0xac, 0x14, 0x14, 0x18}, 0x3506, 0x2, 0x1, 0x6, 0x5f9b, 0x1, 0x1b4}}, 0xe8) setsockopt$inet_pktinfo(r0, 0x0, 0x8, &(0x7f0000000400)={r1, @rand_addr=0x64010101, @empty}, 0xc) r2 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000440), 0x20000, 0x0) r3 = syz_genetlink_get_family_id$ethtool(&(0x7f00000004c0), r0) ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(r0, 0x89f3, &(0x7f0000000580)={'ip6_vti0\x00', &(0x7f0000000500)={'sit0\x00', r1, 0x6, 0x1, 0x40, 0x7, 0x41, @local, @loopback, 0x80, 0x80, 0x3ff, 0x1a}}) getsockopt$inet6_IPV6_IPSEC_POLICY(r0, 0x29, 0x22, &(0x7f00000005c0)={{{@in6=@ipv4={""/10, ""/2, @local}, @in, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@multicast1}, 0x0, @in=@multicast1}}, &(0x7f00000006c0)=0xe8) ioctl$sock_ipv6_tunnel_SIOCCHGPRL(r0, 0x89f7, &(0x7f0000000780)={'ip6tnl0\x00', &(0x7f0000000700)={'ip6tnl0\x00', r1, 0x4, 0x5, 0x1, 0x1, 0x1, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', @empty, 0x40, 0x0, 0x9165, 0x57c}}) sendmsg$ETHTOOL_MSG_RINGS_GET(r2, &(0x7f0000000980)={&(0x7f0000000480)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000940)={&(0x7f00000007c0)={0x170, r3, 0x400, 0x70bd29, 0x25dfdbfc, {}, [@HEADER={0x1c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r4}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}]}, @HEADER={0x20, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r1}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'gre0\x00'}]}, @HEADER={0x34, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_virt_wifi\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_to_batadv\x00'}]}, @HEADER={0x30, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r5}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'wg2\x00'}]}, @HEADER={0x14, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r1}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}, @HEADER={0x28, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_to_bridge\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}]}, @HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r1}]}, @HEADER={0x38, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r6}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'bridge_slave_1\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r1}]}, @HEADER={0x28, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'macvlan1\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r1}]}, @HEADER={0x14, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}]}]}, 0x170}, 0x1, 0x0, 0x0, 0x40000}, 0x20004081) r7 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000a00), r2) sendmsg$ETHTOOL_MSG_COALESCE_SET(r2, &(0x7f0000000b00)={&(0x7f00000009c0)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000ac0)={&(0x7f0000000a40)={0x4c, r7, 0x1, 0x70bd27, 0x25dfdbfe, {}, [@ETHTOOL_A_COALESCE_RX_MAX_FRAMES_HIGH={0x8}, @ETHTOOL_A_COALESCE_RATE_SAMPLE_INTERVAL={0x8, 0x17, 0x200}, @ETHTOOL_A_COALESCE_TX_USECS_HIGH={0x8, 0x15, 0x88}, @ETHTOOL_A_COALESCE_RX_MAX_FRAMES_HIGH={0x8, 0x14, 0x80000000}, @ETHTOOL_A_COALESCE_RX_USECS_LOW={0x8, 0xe, 0x8}, @ETHTOOL_A_COALESCE_PKT_RATE_LOW={0x8, 0xd, 0x80000000}, @ETHTOOL_A_COALESCE_RX_USECS_IRQ={0x8, 0x4, 0x9}]}, 0x4c}, 0x1, 0x0, 0x0, 0x4000}, 0x0) ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r0, 0x89f1, &(0x7f0000000bc0)={'ip6gre0\x00', &(0x7f0000000b40)={'ip6gre0\x00', r1, 0x2f, 0x8, 0x40, 0x3, 0x2, @empty, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, 0x8, 0x10, 0x81, 0x10001}}) ioctl$sock_ipv6_tunnel_SIOCGETPRL(r2, 0x89f4, &(0x7f0000000c80)={'ip6gre0\x00', &(0x7f0000000c00)={'syztnl2\x00', r4, 0x4, 0x2, 0x1, 0x4, 0x24, @private0, @mcast1, 0x700, 0x10, 0x18d8, 0x4}}) ioctl$sock_ipv6_tunnel_SIOCDEL6RD(r0, 0x89fa, &(0x7f0000000d40)={'ip6tnl0\x00', &(0x7f0000000cc0)={'ip6_vti0\x00', r8, 0x65, 0xc1, 0x4, 0x400, 0x72, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', @private1, 0x10, 0x10, 0xffffff80, 0x7fff}}) sendmsg$ETHTOOL_MSG_COALESCE_GET(0xffffffffffffffff, &(0x7f0000000ec0)={&(0x7f0000000d80)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000e80)={&(0x7f0000000dc0)={0x9c, r3, 0x200, 0x70bd27, 0x25dfdbfd, {}, [@HEADER={0x4}, @HEADER={0x78, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_vlan\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'bond0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'vlan1\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'netpci0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'ip6erspan0\x00'}]}, @HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}]}]}, 0x9c}}, 0x40000) ioctl$EVIOCRMFF(r0, 0x40044581, &(0x7f0000000f00)=0x8) r10 = fsmount(r2, 0x1, 0xf7) sendmsg$ETHTOOL_MSG_PRIVFLAGS_GET(r10, &(0x7f0000001200)={&(0x7f0000000f40)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f00000011c0)={&(0x7f0000001080)={0x110, r7, 0x300, 0x70bd2d, 0x25dfdbfc, {}, [@HEADER={0x58, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r4}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r9}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_to_batadv\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_vlan\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'dummy0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}]}, @HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}]}, @HEADER={0x68, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'bridge_slave_0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'batadv0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'dummy0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}]}, @HEADER={0x30, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_vlan\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_FLAGS={0x8}]}]}, 0x110}, 0x1, 0x0, 0x0, 0x1}, 0x4040) 14:12:33 executing program 6: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='./file0\x00', 0xd40a289fe691ab87, 0x0) ioctl$INCFS_IOC_FILL_BLOCKS(r0, 0x80106720, &(0x7f0000000300)={0x3, &(0x7f0000000280)=[{0x8, 0xfd, &(0x7f0000000040)="024359842ef3965338f00941f0b1a7ea0fe74a6a7da9a189918eb3f3023a4138cc4831fe1341ea7c6d5fa05695f749092e00a21c6ef355f0641257f82f032de00333107996039fe0ccacc57cfa00cb67db3825d025655571505a850c510231b96917f157f20c1beba4511e33e8c631012a6e58260b6e0f4cb859e47409ee91d4df857527c4670b40f1c4efb44a43230576ad2d16cb1d1e90db01599b83d827362ff19b6ee113ddbf665e363224f2f71f7bcba4f8a6cd155b7aeef3a9d85273e1493986161a096d1b4e604af66d09ecc166c06869228d4846da83a6a207e5058f849dddcd566c3f639620871beab7d4a5479c838dd35b6a8514a58773e8"}, {0x4, 0x18, &(0x7f0000000140)="621be4c96108771ae39585b4e6891bdd0ad5a9b0c43f7860"}, {0x6, 0xda, &(0x7f0000000180)="ff84e3be2d93e5d7495060ddc94fb0ccfcc63ba43ecd1002a8513849736f6112ab9f077b6a85fbee0c02b08709877875934b0d50a0251967d75e6b100810346a15281271c9da461becaef84816ee47b90207daba8e68ef0b21941cfe88f28daaa3b973410422ef70987a3a7e205130a98f1b25256f87f445037de7e9dbed3a6bd92853538a7c814020ec5262aa92c2bc70da438c9d8afa867ee79f4d65accf0f29b10a78709bebbeeec1685af0664c1593767c9b89a13f08272313f4234ec500973e7f446fa674247929ca2aa7797834f3a1abafc5b25d1c9d89", 0x0, 0x1}]}) ioctl$BTRFS_IOC_QUOTA_CTL(r0, 0xc0109428, &(0x7f0000000340)={0x3, 0x1ff}) read$hidraw(r0, &(0x7f0000000380)=""/71, 0x47) ioctl$AUTOFS_DEV_IOCTL_READY(r0, 0xc0189376, &(0x7f0000000400)={{0x1, 0x1, 0x18, r0, {0x69c}}, './file0\x00'}) ioctl$sock_inet6_SIOCDIFADDR(r1, 0x8936, &(0x7f0000000440)={@private0, 0x4e}) ioctl$sock_ipv6_tunnel_SIOCADDPRL(r1, 0x89f5, &(0x7f0000000500)={'ip6gre0\x00', &(0x7f0000000480)={'sit0\x00', 0x0, 0x2f, 0x1, 0x8, 0x4, 0x0, @dev={0xfe, 0x80, '\x00', 0x34}, @private1, 0x80, 0x700, 0x200, 0x2}}) ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(r0, 0x89f0, &(0x7f00000005c0)={'syztnl0\x00', &(0x7f0000000540)={'ip6gre0\x00', r2, 0x29, 0x3, 0xa5, 0x100, 0x3, @private1={0xfc, 0x1, '\x00', 0x1}, @local, 0x20, 0x10, 0x7, 0x81}}) ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(r0, 0xc018937e, &(0x7f0000000600)={{0x1, 0x1, 0x18, 0xffffffffffffffff, @out_args}, './file0\x00'}) ioctl$BTRFS_IOC_RM_DEV_V2(r4, 0x5000943a, &(0x7f0000000640)={{r1}, 0x0, 0x8, @unused=[0xff, 0x8, 0x5, 0x6], @subvolid=0x7}) r5 = accept$unix(r1, 0x0, &(0x7f0000001640)) ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(r1, 0xc0189378, &(0x7f0000001680)={{0x1, 0x1, 0x18, r1, {r5}}, './file0\x00'}) ioctl$BTRFS_IOC_SNAP_DESTROY_V2(r6, 0x5000943f, &(0x7f00000016c0)={{r5}, 0x0, 0x16, @unused=[0x4, 0x2, 0x3, 0x1], @devid}) ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(r0, 0x89f3, &(0x7f0000002780)={'ip6tnl0\x00', &(0x7f0000002700)={'syztnl2\x00', r3, 0x4, 0x6, 0x80, 0x8, 0x63, @private2={0xfc, 0x2, '\x00', 0x1}, @mcast1, 0x40, 0x700, 0x9, 0x63d}}) sendmsg$DCCPDIAG_GETSOCK(r1, &(0x7f0000002c00)={&(0x7f00000026c0)={0x10, 0x0, 0x0, 0xc000}, 0xc, &(0x7f0000002bc0)={&(0x7f00000027c0)={0x3f4, 0x13, 0x20, 0x70bd27, 0x25dfdbfb, {0x5, 0x2, 0x8, 0x7f, {0x4e20, 0x4e22, [0x200, 0x1, 0x6de9, 0x6], [0x4, 0x6, 0x4e3, 0x3f], r7, [0x1ff, 0x1]}, 0x2, 0x9}, [@INET_DIAG_REQ_BYTECODE={0x75, 0x1, "be44ba3067d9019a7815d4e56e821555b53ff757e23f7349a7db96bff9999f6e9f55ec582bc5a7d7f40bc60bc17fced23e1037f4f706c263cb0733a90132e8d02fbeaa78bac6ca489248ca725a22bebf7c92a20b683c647910dc7219d7cc9a81b5c3fe2a835c4f50c4462f0c2323c1dead"}, @INET_DIAG_REQ_BYTECODE={0x5d, 0x1, "7faca71de2762e9f4a5e70725e831058399f246cb52a176fcc56f44a93f9fd2c908e34c71631a92489fa50c8212f75cd8194c8a2a40b1497fc03cd14ce4713129f243f7301664386413fba92bceb391dc86d61c9d9d324fcd8"}, @INET_DIAG_REQ_BYTECODE={0x10, 0x1, "b673d3e3dc8435c909634304"}, @INET_DIAG_REQ_BYTECODE={0x91, 0x1, "1c2428bcab7b634c0469854ad8eccde7d419c62f004d9b3cf5fc64b0fcb09b88ed5d2a5712526b4a7981cf06b870bdcca0e16141ac52748c0978dc29bf87dd5097e49aea2c15ddb0d397978c5c14d2a506ae626b3498ff633b1ee283936c4d1f350cd40b918ebbe986b3a1455156bb983f356f37dd53829fe703f0cbbd4e5f5560aa574b36b3ce19541fab3f48"}, @INET_DIAG_REQ_BYTECODE={0x8a, 0x1, "72f83c3159a2615883745ce0f5e2e537aa5e178f62e3186d4d317eaf3fd41ee82fb3ebcb4b7d38a5dedca9ab63b1672f16159e23942cdf8b7db43df6241e80cf7e09cb4c864d77e7a0c4acfb9a909dc0e0e695517ed3b94e06de106406ea9a5e7779403965a78eb5e80d63cb002055bd334a8da9fabcee1381c1a5a4619c14730c3f10997fc5"}, @INET_DIAG_REQ_BYTECODE={0x24, 0x1, "7d7c9bf4b431f116e54a015bed20201151d3d053540f41ec65cb0be69a5a679c"}, @INET_DIAG_REQ_BYTECODE={0xb3, 0x1, "0a76e5482de2ed80a15544578d9bd1748bd1cd70fe433749fc86bc4d45e698c7dcf138293ae5f2d12c661b6be98303f8f6ff792d41e3081e53f034ae131addbaf3a837dfdf5bd20b31980631f76a50e4d5226d6f4177d705efed487738dc47f2c70e6f69da554f8937c0acfc158e39dd46e8bf218d902713fcc741889e90425271aa47dd1f430d1a4022bb3f238106e2b020d9582b090fda038dba6b4d8cf3a1caa9fa44b06bce2e1d2ca841ad8037"}, @INET_DIAG_REQ_BYTECODE={0x49, 0x1, "18d1163649042b574f898fe80d905af122afe539f35a35e76beedc6f17a44a841043f68e2739293eb97f20d60c9d4ddab7b557042344bdef9d5bf7b73355a0dcbe47273ee8"}, @INET_DIAG_REQ_BYTECODE={0x7c, 0x1, "0c1ac8f905b7c8a611db7099694ecd3db96dbaea267f5ad2322f72697f49464dd7d7d636f5491b2316e45ad51475e6e56318e6358debe1a26cb5537896409556644179fafd489b79dc2091150f55c7302e80b2b0bb081b59e88130ebcce19665c185f50506cdd3ebd794f4f6d9a311e0f22b498e4b5de9bb"}]}, 0x3f4}, 0x1, 0x0, 0x0, 0x4040}, 0x0) close(r1) mount$9p_unix(&(0x7f0000002c40)='./file0\x00', &(0x7f0000002c80)='./file0\x00', &(0x7f0000002cc0), 0xc0008, &(0x7f0000002d00)={'trans=unix,', {[{@access_client}], [{@uid_lt={'uid<', 0xee01}}, {@smackfsfloor={'smackfsfloor', 0x3d, '*^!'}}, {@measure}, {@measure}, {@obj_role={'obj_role', 0x3d, '\'\'^#'}}]}}) creat(&(0x7f0000002d80)='./file0\x00', 0x84) setxattr$trusted_overlay_redirect(&(0x7f0000002dc0)='./file0\x00', &(0x7f0000002e00), &(0x7f0000002e40)='./file0\x00', 0x8, 0x1) ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(r0, 0x89f0, &(0x7f0000002f00)={'ip6_vti0\x00', &(0x7f0000002e80)={'ip6_vti0\x00', r7, 0x4, 0x3f, 0x4, 0xa71c7a58, 0x0, @dev={0xfe, 0x80, '\x00', 0x17}, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x8, 0x80, 0x2, 0x100}}) [ 66.016007] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 66.019195] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 66.021996] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 66.027031] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 66.029783] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 66.031711] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 66.039728] Bluetooth: hci0: HCI_REQ-0x0c1a [ 66.164687] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 66.167524] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 66.170835] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 66.172576] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 66.176127] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 66.178794] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 66.182140] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 66.184471] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 66.187319] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 66.190325] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 66.192088] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 66.194775] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 66.195186] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 66.197883] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 66.197971] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 66.200956] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 66.201009] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 66.204975] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 66.207808] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 66.209093] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 66.211050] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 66.213894] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 66.215615] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 66.216878] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 66.221871] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 66.226067] Bluetooth: hci2: HCI_REQ-0x0c1a [ 66.228201] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 66.229281] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 66.237977] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 66.242571] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 66.244196] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 66.245387] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 66.246716] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 66.248371] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 66.250118] Bluetooth: hci6: HCI_REQ-0x0c1a [ 66.252770] Bluetooth: hci7: HCI_REQ-0x0c1a [ 66.258411] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 66.259880] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 66.265045] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 66.266581] Bluetooth: hci4: HCI_REQ-0x0c1a [ 66.274434] Bluetooth: hci3: HCI_REQ-0x0c1a [ 66.298088] Bluetooth: hci5: HCI_REQ-0x0c1a [ 68.104911] Bluetooth: hci1: Opcode 0x c03 failed: -110 [ 68.105081] Bluetooth: hci0: command 0x0409 tx timeout [ 68.232635] Bluetooth: hci2: command 0x0409 tx timeout [ 68.296614] Bluetooth: hci4: command 0x0409 tx timeout [ 68.297314] Bluetooth: hci7: command 0x0409 tx timeout [ 68.361026] Bluetooth: hci6: command 0x0409 tx timeout [ 68.361615] Bluetooth: hci5: command 0x0409 tx timeout [ 68.362106] Bluetooth: hci3: command 0x0409 tx timeout [ 70.152916] Bluetooth: hci0: command 0x041b tx timeout [ 70.280569] Bluetooth: hci2: command 0x041b tx timeout [ 70.345727] Bluetooth: hci7: command 0x041b tx timeout [ 70.346474] Bluetooth: hci4: command 0x041b tx timeout [ 70.408713] Bluetooth: hci3: command 0x041b tx timeout [ 70.409452] Bluetooth: hci5: command 0x041b tx timeout [ 70.410147] Bluetooth: hci6: command 0x041b tx timeout [ 71.723143] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 71.725881] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 71.728015] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 71.731814] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 71.732964] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 71.734310] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 71.741591] Bluetooth: hci1: HCI_REQ-0x0c1a [ 72.200878] Bluetooth: hci0: command 0x040f tx timeout [ 72.329599] Bluetooth: hci2: command 0x040f tx timeout [ 72.393576] Bluetooth: hci4: command 0x040f tx timeout [ 72.394059] Bluetooth: hci7: command 0x040f tx timeout [ 72.457615] Bluetooth: hci6: command 0x040f tx timeout [ 72.458101] Bluetooth: hci5: command 0x040f tx timeout [ 72.458543] Bluetooth: hci3: command 0x040f tx timeout [ 73.801614] Bluetooth: hci1: command 0x0409 tx timeout [ 74.250197] Bluetooth: hci0: command 0x0419 tx timeout [ 74.376552] Bluetooth: hci2: command 0x0419 tx timeout [ 74.441563] Bluetooth: hci7: command 0x0419 tx timeout [ 74.442027] Bluetooth: hci4: command 0x0419 tx timeout [ 74.505629] Bluetooth: hci3: command 0x0419 tx timeout [ 74.506108] Bluetooth: hci5: command 0x0419 tx timeout [ 74.506921] Bluetooth: hci6: command 0x0419 tx timeout [ 75.848729] Bluetooth: hci1: command 0x041b tx timeout [ 77.897598] Bluetooth: hci1: command 0x040f tx timeout [ 79.945604] Bluetooth: hci1: command 0x0419 tx timeout 14:13:28 executing program 7: r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x77, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x100000}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0xed3, &(0x7f0000000100), &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000000080), &(0x7f0000000000)) perf_event_open(&(0x7f0000000680)={0x0, 0x80, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(0xffffffffffffffff, 0xc018937e, &(0x7f0000000040)={{0x1, 0x1, 0x18, r0, @out_args}, './file0\x00'}) io_uring_register$IORING_REGISTER_BUFFERS(r1, 0x0, &(0x7f0000000600)=[{&(0x7f0000000180)=""/97, 0x61}], 0x1) ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(0xffffffffffffffff, 0xc0189378, 0x0) r2 = signalfd4(0xffffffffffffffff, &(0x7f0000000200), 0x8, 0x0) r3 = signalfd4(0xffffffffffffffff, &(0x7f0000000200), 0x8, 0x0) poll(&(0x7f0000000380)=[{r3}], 0x1, 0x2) perf_event_open(&(0x7f0000000240)={0x2, 0x80, 0x5, 0x82, 0x2, 0x3, 0x0, 0x3, 0x28041, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x9, 0x4, @perf_config_ext={0xfffffffffffffffc, 0x7fffffff}, 0x840c, 0xffffffffffffffc0, 0x1, 0x7, 0xe000000000000000, 0x80000000, 0x81, 0x0, 0x3, 0x0, 0x3}, 0x0, 0x4, r3, 0x9) poll(&(0x7f0000000380)=[{r2}], 0x1, 0x2) openat$hpet(0xffffffffffffff9c, &(0x7f00000002c0), 0x41, 0x0) io_uring_register$IORING_UNREGISTER_BUFFERS(r2, 0x1, 0x0, 0x0) [ 120.218696] audit: type=1400 audit(1664720008.728:7): avc: denied { open } for pid=3741 comm="syz-executor.7" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 [ 120.220254] audit: type=1400 audit(1664720008.728:8): avc: denied { kernel } for pid=3741 comm="syz-executor.7" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 14:13:28 executing program 7: unshare(0x8000000) semget$private(0x0, 0x4000, 0x0) semtimedop(0x0, &(0x7f0000000040), 0x0, 0x0) unshare(0x0) unshare(0x24030900) 14:13:29 executing program 7: r0 = signalfd4(0xffffffffffffffff, &(0x7f0000000200), 0x8, 0x0) poll(&(0x7f0000000380)=[{r0}], 0x1, 0x2) r1 = signalfd4(0xffffffffffffffff, &(0x7f0000000200), 0x8, 0x0) poll(&(0x7f0000000380)=[{r1}], 0x1, 0x2) ioctl$SIOCGSTAMPNS(r1, 0x8907, &(0x7f0000000040)) 14:13:29 executing program 7: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x101}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) clone3(&(0x7f0000000640)={0x127363500, &(0x7f00000000c0)=0xffffffffffffffff, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r1 = fsopen(&(0x7f0000000bc0)='debugfs\x00', 0x0) fsconfig$FSCONFIG_SET_FLAG(r1, 0x0, 0x0, 0x0, 0x0) ioctl$F2FS_IOC_FLUSH_DEVICE(r1, 0x4008f50a, &(0x7f0000000000)) r2 = syz_open_dev$tty20(0xc, 0x4, 0x0) r3 = gettid() kcmp(r3, 0x0, 0x0, r2, 0xffffffffffffffff) r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) waitid$P_PIDFD(0x3, 0xffffffffffffffff, 0x0, 0x2, 0x0) openat(r4, &(0x7f0000000300)='./file1\x00', 0x420000, 0x2) ioctl$EXT4_IOC_CHECKPOINT(r4, 0x4004662b, &(0x7f0000000340)) syz_open_dev$tty20(0xc, 0x4, 0x0) ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f00000005c0)={0x6, 0x6, 0xb6f, 0x9, 0x47c9}) r5 = openat$incfs(0xffffffffffffffff, &(0x7f0000000040)='.pending_reads\x00', 0x10000, 0x83) fsmount(r5, 0x0, 0x4) socket$inet_udp(0x2, 0x2, 0x0) sendmsg$BATADV_CMD_TP_METER_CANCEL(0xffffffffffffffff, &(0x7f00000012c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000100)={&(0x7f0000001240)={0x54, 0x0, 0x100, 0x70bd29, 0x25dfdbfd, {}, [@BATADV_ATTR_AGGREGATED_OGMS_ENABLED={0x5, 0x29, 0x1}, @BATADV_ATTR_BRIDGE_LOOP_AVOIDANCE_ENABLED={0x5, 0x2e, 0x1}, @BATADV_ATTR_HARD_IFINDEX={0x8}, @BATADV_ATTR_TPMETER_TEST_TIME={0x8, 0xb, 0x7}, @BATADV_ATTR_HARD_IFINDEX={0x8}, @BATADV_ATTR_BONDING_ENABLED={0x5}, @BATADV_ATTR_MESH_IFINDEX={0x8}, @BATADV_ATTR_AGGREGATED_OGMS_ENABLED={0x5}]}, 0x54}, 0x1, 0x0, 0x0, 0x44005}, 0x8000) bind$packet(0xffffffffffffffff, &(0x7f0000000140)={0x11, 0x1, 0x0, 0x1, 0x7f}, 0x14) [ 120.709056] ------------[ cut here ]------------ [ 120.709090] [ 120.709094] ====================================================== [ 120.709097] WARNING: possible circular locking dependency detected [ 120.709101] 6.0.0-rc7-next-20220930 #1 Not tainted [ 120.709107] ------------------------------------------------------ [ 120.709110] syz-executor.7/3776 is trying to acquire lock: [ 120.709117] ffffffff853faab8 ((console_sem).lock){....}-{2:2}, at: down_trylock+0xe/0x70 [ 120.709157] [ 120.709157] but task is already holding lock: [ 120.709159] ffff88800fb21020 (&ctx->lock){....}-{2:2}, at: __perf_event_task_sched_out+0x53b/0x18d0 [ 120.709186] [ 120.709186] which lock already depends on the new lock. [ 120.709186] [ 120.709189] [ 120.709189] the existing dependency chain (in reverse order) is: [ 120.709192] [ 120.709192] -> #3 (&ctx->lock){....}-{2:2}: [ 120.709206] _raw_spin_lock+0x2a/0x40 [ 120.709217] __perf_event_task_sched_out+0x53b/0x18d0 [ 120.709228] __schedule+0xedd/0x2470 [ 120.709242] schedule+0xda/0x1b0 [ 120.709255] exit_to_user_mode_prepare+0x114/0x1a0 [ 120.709267] syscall_exit_to_user_mode+0x19/0x40 [ 120.709280] do_syscall_64+0x48/0x90 [ 120.709297] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 120.709310] [ 120.709310] -> #2 (&rq->__lock){-.-.}-{2:2}: [ 120.709324] _raw_spin_lock_nested+0x30/0x40 [ 120.709334] raw_spin_rq_lock_nested+0x1e/0x30 [ 120.709347] task_fork_fair+0x63/0x4d0 [ 120.709364] sched_cgroup_fork+0x3d0/0x540 [ 120.709378] copy_process+0x4183/0x6e20 [ 120.709388] kernel_clone+0xe7/0x890 [ 120.709398] user_mode_thread+0xad/0xf0 [ 120.709408] rest_init+0x24/0x250 [ 120.709419] arch_call_rest_init+0xf/0x14 [ 120.709437] start_kernel+0x4c6/0x4eb [ 120.709452] secondary_startup_64_no_verify+0xe0/0xeb [ 120.709466] [ 120.709466] -> #1 (&p->pi_lock){-.-.}-{2:2}: [ 120.709480] _raw_spin_lock_irqsave+0x39/0x60 [ 120.709493] try_to_wake_up+0xab/0x1930 [ 120.709506] up+0x75/0xb0 [ 120.709520] __up_console_sem+0x6e/0x80 [ 120.709536] console_unlock+0x46a/0x590 [ 120.709551] vprintk_emit+0x1bd/0x560 [ 120.709567] vprintk+0x84/0xa0 [ 120.709582] _printk+0xba/0xf1 [ 120.709594] kauditd_hold_skb.cold+0x3f/0x4e [ 120.709611] kauditd_send_queue+0x233/0x290 [ 120.709626] kauditd_thread+0x5f9/0x9c0 [ 120.709640] kthread+0x2ed/0x3a0 [ 120.709655] ret_from_fork+0x22/0x30 [ 120.709667] [ 120.709667] -> #0 ((console_sem).lock){....}-{2:2}: [ 120.709680] __lock_acquire+0x2a02/0x5e70 [ 120.709697] lock_acquire+0x1a2/0x530 [ 120.709713] _raw_spin_lock_irqsave+0x39/0x60 [ 120.709723] down_trylock+0xe/0x70 [ 120.709738] __down_trylock_console_sem+0x3b/0xd0 [ 120.709754] vprintk_emit+0x16b/0x560 [ 120.709770] vprintk+0x84/0xa0 [ 120.709785] _printk+0xba/0xf1 [ 120.709795] report_bug.cold+0x72/0xab [ 120.709811] handle_bug+0x3c/0x70 [ 120.709827] exc_invalid_op+0x14/0x50 [ 120.709844] asm_exc_invalid_op+0x16/0x20 [ 120.709856] group_sched_out.part.0+0x2c7/0x460 [ 120.709874] ctx_sched_out+0x8f1/0xc10 [ 120.709890] __perf_event_task_sched_out+0x6d0/0x18d0 [ 120.709901] __schedule+0xedd/0x2470 [ 120.709914] schedule+0xda/0x1b0 [ 120.709927] exit_to_user_mode_prepare+0x114/0x1a0 [ 120.709938] syscall_exit_to_user_mode+0x19/0x40 [ 120.709950] do_syscall_64+0x48/0x90 [ 120.709966] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 120.709979] [ 120.709979] other info that might help us debug this: [ 120.709979] [ 120.709981] Chain exists of: [ 120.709981] (console_sem).lock --> &rq->__lock --> &ctx->lock [ 120.709981] [ 120.709996] Possible unsafe locking scenario: [ 120.709996] [ 120.709998] CPU0 CPU1 [ 120.710000] ---- ---- [ 120.710003] lock(&ctx->lock); [ 120.710008] lock(&rq->__lock); [ 120.710014] lock(&ctx->lock); [ 120.710021] lock((console_sem).lock); [ 120.710026] [ 120.710026] *** DEADLOCK *** [ 120.710026] [ 120.710028] 2 locks held by syz-executor.7/3776: [ 120.710035] #0: ffff88806cf37e98 (&rq->__lock){-.-.}-{2:2}, at: __schedule+0x1cf/0x2470 [ 120.710064] #1: ffff88800fb21020 (&ctx->lock){....}-{2:2}, at: __perf_event_task_sched_out+0x53b/0x18d0 [ 120.710089] [ 120.710089] stack backtrace: [ 120.710092] CPU: 1 PID: 3776 Comm: syz-executor.7 Not tainted 6.0.0-rc7-next-20220930 #1 [ 120.710105] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 120.710113] Call Trace: [ 120.710116] [ 120.710120] dump_stack_lvl+0x8b/0xb3 [ 120.710139] check_noncircular+0x263/0x2e0 [ 120.710155] ? format_decode+0x26c/0xb50 [ 120.710171] ? print_circular_bug+0x450/0x450 [ 120.710188] ? simple_strtoul+0x30/0x30 [ 120.710204] ? format_decode+0x26c/0xb50 [ 120.710220] ? alloc_chain_hlocks+0x1ec/0x5a0 [ 120.710238] __lock_acquire+0x2a02/0x5e70 [ 120.710259] ? lockdep_hardirqs_on_prepare+0x410/0x410 [ 120.710281] lock_acquire+0x1a2/0x530 [ 120.710298] ? down_trylock+0xe/0x70 [ 120.710315] ? lock_release+0x750/0x750 [ 120.710333] ? __lock_acquire+0x164d/0x5e70 [ 120.710351] ? vprintk+0x84/0xa0 [ 120.710368] _raw_spin_lock_irqsave+0x39/0x60 [ 120.710379] ? down_trylock+0xe/0x70 [ 120.710396] down_trylock+0xe/0x70 [ 120.710411] ? vprintk+0x84/0xa0 [ 120.710428] __down_trylock_console_sem+0x3b/0xd0 [ 120.710445] vprintk_emit+0x16b/0x560 [ 120.710463] vprintk+0x84/0xa0 [ 120.710480] _printk+0xba/0xf1 [ 120.710492] ? record_print_text.cold+0x16/0x16 [ 120.710508] ? report_bug.cold+0x66/0xab [ 120.710525] ? group_sched_out.part.0+0x2c7/0x460 [ 120.710544] report_bug.cold+0x72/0xab [ 120.710562] handle_bug+0x3c/0x70 [ 120.710579] exc_invalid_op+0x14/0x50 [ 120.710597] asm_exc_invalid_op+0x16/0x20 [ 120.710610] RIP: 0010:group_sched_out.part.0+0x2c7/0x460 [ 120.710630] Code: 5e 41 5f e9 8b ae ef ff e8 86 ae ef ff 65 8b 1d 0b 18 ac 7e 31 ff 89 de e8 26 ab ef ff 85 db 0f 84 8a 00 00 00 e8 69 ae ef ff <0f> 0b e9 a5 fe ff ff e8 5d ae ef ff 48 8d 7d 10 48 b8 00 00 00 00 [ 120.710642] RSP: 0018:ffff888040cafc48 EFLAGS: 00010006 [ 120.710651] RAX: 0000000040000002 RBX: 0000000000000000 RCX: 0000000000000000 [ 120.710658] RDX: ffff888015fd5040 RSI: ffffffff81565dc7 RDI: 0000000000000005 [ 120.710666] RBP: ffff888020600b90 R08: 0000000000000005 R09: 0000000000000001 [ 120.710673] R10: 0000000000000000 R11: ffffffff865b405b R12: ffff88800fb21000 [ 120.710680] R13: ffff88806cf3d2c0 R14: ffffffff8547d160 R15: 0000000000000002 [ 120.710691] ? group_sched_out.part.0+0x2c7/0x460 [ 120.710711] ? group_sched_out.part.0+0x2c7/0x460 [ 120.710731] ctx_sched_out+0x8f1/0xc10 [ 120.710750] __perf_event_task_sched_out+0x6d0/0x18d0 [ 120.710764] ? lock_is_held_type+0xd7/0x130 [ 120.710778] ? __perf_cgroup_move+0x160/0x160 [ 120.710788] ? set_next_entity+0x304/0x550 [ 120.710806] ? update_curr+0x267/0x740 [ 120.710824] ? lock_is_held_type+0xd7/0x130 [ 120.710837] __schedule+0xedd/0x2470 [ 120.710854] ? io_schedule_timeout+0x150/0x150 [ 120.710871] ? rcu_read_lock_sched_held+0x3e/0x80 [ 120.710891] schedule+0xda/0x1b0 [ 120.710906] exit_to_user_mode_prepare+0x114/0x1a0 [ 120.710918] syscall_exit_to_user_mode+0x19/0x40 [ 120.710932] do_syscall_64+0x48/0x90 [ 120.710949] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 120.710962] RIP: 0033:0x7f7463fb3b19 [ 120.710970] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 120.710981] RSP: 002b:00007f7461529218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 120.710992] RAX: 0000000000000001 RBX: 00007f74640c6f68 RCX: 00007f7463fb3b19 [ 120.710999] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f74640c6f6c [ 120.711006] RBP: 00007f74640c6f60 R08: 000000000000000e R09: 0000000000000000 [ 120.711013] R10: 0000000000000003 R11: 0000000000000246 R12: 00007f74640c6f6c [ 120.711020] R13: 00007ffc272d1aef R14: 00007f7461529300 R15: 0000000000022000 [ 120.711033] [ 120.767109] WARNING: CPU: 1 PID: 3776 at kernel/events/core.c:2309 group_sched_out.part.0+0x2c7/0x460 [ 120.767800] Modules linked in: [ 120.768045] CPU: 1 PID: 3776 Comm: syz-executor.7 Not tainted 6.0.0-rc7-next-20220930 #1 [ 120.768642] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 120.769466] RIP: 0010:group_sched_out.part.0+0x2c7/0x460 [ 120.769873] Code: 5e 41 5f e9 8b ae ef ff e8 86 ae ef ff 65 8b 1d 0b 18 ac 7e 31 ff 89 de e8 26 ab ef ff 85 db 0f 84 8a 00 00 00 e8 69 ae ef ff <0f> 0b e9 a5 fe ff ff e8 5d ae ef ff 48 8d 7d 10 48 b8 00 00 00 00 [ 120.771196] RSP: 0018:ffff888040cafc48 EFLAGS: 00010006 [ 120.771593] RAX: 0000000040000002 RBX: 0000000000000000 RCX: 0000000000000000 [ 120.772136] RDX: ffff888015fd5040 RSI: ffffffff81565dc7 RDI: 0000000000000005 [ 120.772662] RBP: ffff888020600b90 R08: 0000000000000005 R09: 0000000000000001 [ 120.773188] R10: 0000000000000000 R11: ffffffff865b405b R12: ffff88800fb21000 [ 120.773707] R13: ffff88806cf3d2c0 R14: ffffffff8547d160 R15: 0000000000000002 [ 120.774236] FS: 00007f7461529700(0000) GS:ffff88806cf00000(0000) knlGS:0000000000000000 [ 120.774832] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 120.775262] CR2: 00007f74640c7018 CR3: 0000000035e0e000 CR4: 0000000000350ee0 [ 120.775792] Call Trace: [ 120.775989] [ 120.776171] ctx_sched_out+0x8f1/0xc10 [ 120.776477] __perf_event_task_sched_out+0x6d0/0x18d0 [ 120.776861] ? lock_is_held_type+0xd7/0x130 [ 120.777188] ? __perf_cgroup_move+0x160/0x160 [ 120.777524] ? set_next_entity+0x304/0x550 [ 120.777848] ? update_curr+0x267/0x740 [ 120.778148] ? lock_is_held_type+0xd7/0x130 [ 120.778474] __schedule+0xedd/0x2470 [ 120.778765] ? io_schedule_timeout+0x150/0x150 [ 120.779113] ? rcu_read_lock_sched_held+0x3e/0x80 [ 120.779482] schedule+0xda/0x1b0 [ 120.779746] exit_to_user_mode_prepare+0x114/0x1a0 [ 120.780113] syscall_exit_to_user_mode+0x19/0x40 [ 120.780486] do_syscall_64+0x48/0x90 [ 120.780779] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 120.781167] RIP: 0033:0x7f7463fb3b19 [ 120.781449] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 120.782766] RSP: 002b:00007f7461529218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 120.783322] RAX: 0000000000000001 RBX: 00007f74640c6f68 RCX: 00007f7463fb3b19 [ 120.783856] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f74640c6f6c [ 120.784391] RBP: 00007f74640c6f60 R08: 000000000000000e R09: 0000000000000000 [ 120.784922] R10: 0000000000000003 R11: 0000000000000246 R12: 00007f74640c6f6c [ 120.785447] R13: 00007ffc272d1aef R14: 00007f7461529300 R15: 0000000000022000 [ 120.785978] [ 120.786158] irq event stamp: 260 [ 120.786406] hardirqs last enabled at (259): [] exit_to_user_mode_prepare+0x109/0x1a0 [ 120.787108] hardirqs last disabled at (260): [] __schedule+0x1225/0x2470 [ 120.787729] softirqs last enabled at (66): [] __irq_exit_rcu+0x11b/0x180 [ 120.788364] softirqs last disabled at (57): [] __irq_exit_rcu+0x11b/0x180 [ 120.788986] ---[ end trace 0000000000000000 ]--- 14:13:29 executing program 7: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x101}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) clone3(&(0x7f0000000640)={0x127363500, &(0x7f00000000c0)=0xffffffffffffffff, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r1 = fsopen(&(0x7f0000000bc0)='debugfs\x00', 0x0) fsconfig$FSCONFIG_SET_FLAG(r1, 0x0, 0x0, 0x0, 0x0) ioctl$F2FS_IOC_FLUSH_DEVICE(r1, 0x4008f50a, &(0x7f0000000000)) r2 = syz_open_dev$tty20(0xc, 0x4, 0x0) r3 = gettid() kcmp(r3, 0x0, 0x0, r2, 0xffffffffffffffff) r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) waitid$P_PIDFD(0x3, 0xffffffffffffffff, 0x0, 0x2, 0x0) openat(r4, &(0x7f0000000300)='./file1\x00', 0x420000, 0x2) ioctl$EXT4_IOC_CHECKPOINT(r4, 0x4004662b, &(0x7f0000000340)) syz_open_dev$tty20(0xc, 0x4, 0x0) ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f00000005c0)={0x6, 0x6, 0xb6f, 0x9, 0x47c9}) r5 = openat$incfs(0xffffffffffffffff, &(0x7f0000000040)='.pending_reads\x00', 0x10000, 0x83) fsmount(r5, 0x0, 0x4) socket$inet_udp(0x2, 0x2, 0x0) sendmsg$BATADV_CMD_TP_METER_CANCEL(0xffffffffffffffff, &(0x7f00000012c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000100)={&(0x7f0000001240)={0x54, 0x0, 0x100, 0x70bd29, 0x25dfdbfd, {}, [@BATADV_ATTR_AGGREGATED_OGMS_ENABLED={0x5, 0x29, 0x1}, @BATADV_ATTR_BRIDGE_LOOP_AVOIDANCE_ENABLED={0x5, 0x2e, 0x1}, @BATADV_ATTR_HARD_IFINDEX={0x8}, @BATADV_ATTR_TPMETER_TEST_TIME={0x8, 0xb, 0x7}, @BATADV_ATTR_HARD_IFINDEX={0x8}, @BATADV_ATTR_BONDING_ENABLED={0x5}, @BATADV_ATTR_MESH_IFINDEX={0x8}, @BATADV_ATTR_AGGREGATED_OGMS_ENABLED={0x5}]}, 0x54}, 0x1, 0x0, 0x0, 0x44005}, 0x8000) bind$packet(0xffffffffffffffff, &(0x7f0000000140)={0x11, 0x1, 0x0, 0x1, 0x7f}, 0x14) 14:13:30 executing program 7: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x101}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) clone3(&(0x7f0000000640)={0x127363500, &(0x7f00000000c0)=0xffffffffffffffff, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r1 = fsopen(&(0x7f0000000bc0)='debugfs\x00', 0x0) fsconfig$FSCONFIG_SET_FLAG(r1, 0x0, 0x0, 0x0, 0x0) ioctl$F2FS_IOC_FLUSH_DEVICE(r1, 0x4008f50a, &(0x7f0000000000)) r2 = syz_open_dev$tty20(0xc, 0x4, 0x0) r3 = gettid() kcmp(r3, 0x0, 0x0, r2, 0xffffffffffffffff) r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) waitid$P_PIDFD(0x3, 0xffffffffffffffff, 0x0, 0x2, 0x0) openat(r4, &(0x7f0000000300)='./file1\x00', 0x420000, 0x2) ioctl$EXT4_IOC_CHECKPOINT(r4, 0x4004662b, &(0x7f0000000340)) syz_open_dev$tty20(0xc, 0x4, 0x0) ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f00000005c0)={0x6, 0x6, 0xb6f, 0x9, 0x47c9}) r5 = openat$incfs(0xffffffffffffffff, &(0x7f0000000040)='.pending_reads\x00', 0x10000, 0x83) fsmount(r5, 0x0, 0x4) socket$inet_udp(0x2, 0x2, 0x0) sendmsg$BATADV_CMD_TP_METER_CANCEL(0xffffffffffffffff, &(0x7f00000012c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000100)={&(0x7f0000001240)={0x54, 0x0, 0x100, 0x70bd29, 0x25dfdbfd, {}, [@BATADV_ATTR_AGGREGATED_OGMS_ENABLED={0x5, 0x29, 0x1}, @BATADV_ATTR_BRIDGE_LOOP_AVOIDANCE_ENABLED={0x5, 0x2e, 0x1}, @BATADV_ATTR_HARD_IFINDEX={0x8}, @BATADV_ATTR_TPMETER_TEST_TIME={0x8, 0xb, 0x7}, @BATADV_ATTR_HARD_IFINDEX={0x8}, @BATADV_ATTR_BONDING_ENABLED={0x5}, @BATADV_ATTR_MESH_IFINDEX={0x8}, @BATADV_ATTR_AGGREGATED_OGMS_ENABLED={0x5}]}, 0x54}, 0x1, 0x0, 0x0, 0x44005}, 0x8000) bind$packet(0xffffffffffffffff, &(0x7f0000000140)={0x11, 0x1, 0x0, 0x1, 0x7f}, 0x14) 14:13:30 executing program 7: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x101}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) clone3(&(0x7f0000000640)={0x127363500, &(0x7f00000000c0)=0xffffffffffffffff, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r1 = fsopen(&(0x7f0000000bc0)='debugfs\x00', 0x0) fsconfig$FSCONFIG_SET_FLAG(r1, 0x0, 0x0, 0x0, 0x0) ioctl$F2FS_IOC_FLUSH_DEVICE(r1, 0x4008f50a, &(0x7f0000000000)) r2 = syz_open_dev$tty20(0xc, 0x4, 0x0) r3 = gettid() kcmp(r3, 0x0, 0x0, r2, 0xffffffffffffffff) r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) waitid$P_PIDFD(0x3, 0xffffffffffffffff, 0x0, 0x2, 0x0) openat(r4, &(0x7f0000000300)='./file1\x00', 0x420000, 0x2) ioctl$EXT4_IOC_CHECKPOINT(r4, 0x4004662b, &(0x7f0000000340)) syz_open_dev$tty20(0xc, 0x4, 0x0) ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f00000005c0)={0x6, 0x6, 0xb6f, 0x9, 0x47c9}) r5 = openat$incfs(0xffffffffffffffff, &(0x7f0000000040)='.pending_reads\x00', 0x10000, 0x83) fsmount(r5, 0x0, 0x4) socket$inet_udp(0x2, 0x2, 0x0) sendmsg$BATADV_CMD_TP_METER_CANCEL(0xffffffffffffffff, &(0x7f00000012c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000100)={&(0x7f0000001240)={0x54, 0x0, 0x100, 0x70bd29, 0x25dfdbfd, {}, [@BATADV_ATTR_AGGREGATED_OGMS_ENABLED={0x5, 0x29, 0x1}, @BATADV_ATTR_BRIDGE_LOOP_AVOIDANCE_ENABLED={0x5, 0x2e, 0x1}, @BATADV_ATTR_HARD_IFINDEX={0x8}, @BATADV_ATTR_TPMETER_TEST_TIME={0x8, 0xb, 0x7}, @BATADV_ATTR_HARD_IFINDEX={0x8}, @BATADV_ATTR_BONDING_ENABLED={0x5}, @BATADV_ATTR_MESH_IFINDEX={0x8}, @BATADV_ATTR_AGGREGATED_OGMS_ENABLED={0x5}]}, 0x54}, 0x1, 0x0, 0x0, 0x44005}, 0x8000) bind$packet(0xffffffffffffffff, &(0x7f0000000140)={0x11, 0x1, 0x0, 0x1, 0x7f}, 0x14) 14:13:30 executing program 7: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x101}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) clone3(&(0x7f0000000640)={0x127363500, &(0x7f00000000c0)=0xffffffffffffffff, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r1 = fsopen(&(0x7f0000000bc0)='debugfs\x00', 0x0) fsconfig$FSCONFIG_SET_FLAG(r1, 0x0, 0x0, 0x0, 0x0) ioctl$F2FS_IOC_FLUSH_DEVICE(r1, 0x4008f50a, &(0x7f0000000000)) r2 = syz_open_dev$tty20(0xc, 0x4, 0x0) r3 = gettid() kcmp(r3, 0x0, 0x0, r2, 0xffffffffffffffff) r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) waitid$P_PIDFD(0x3, 0xffffffffffffffff, 0x0, 0x2, 0x0) openat(r4, &(0x7f0000000300)='./file1\x00', 0x420000, 0x2) ioctl$EXT4_IOC_CHECKPOINT(r4, 0x4004662b, &(0x7f0000000340)) syz_open_dev$tty20(0xc, 0x4, 0x0) ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f00000005c0)={0x6, 0x6, 0xb6f, 0x9, 0x47c9}) r5 = openat$incfs(0xffffffffffffffff, &(0x7f0000000040)='.pending_reads\x00', 0x10000, 0x83) fsmount(r5, 0x0, 0x4) socket$inet_udp(0x2, 0x2, 0x0) sendmsg$BATADV_CMD_TP_METER_CANCEL(0xffffffffffffffff, &(0x7f00000012c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000100)={&(0x7f0000001240)={0x54, 0x0, 0x100, 0x70bd29, 0x25dfdbfd, {}, [@BATADV_ATTR_AGGREGATED_OGMS_ENABLED={0x5, 0x29, 0x1}, @BATADV_ATTR_BRIDGE_LOOP_AVOIDANCE_ENABLED={0x5, 0x2e, 0x1}, @BATADV_ATTR_HARD_IFINDEX={0x8}, @BATADV_ATTR_TPMETER_TEST_TIME={0x8, 0xb, 0x7}, @BATADV_ATTR_HARD_IFINDEX={0x8}, @BATADV_ATTR_BONDING_ENABLED={0x5}, @BATADV_ATTR_MESH_IFINDEX={0x8}, @BATADV_ATTR_AGGREGATED_OGMS_ENABLED={0x5}]}, 0x54}, 0x1, 0x0, 0x0, 0x44005}, 0x8000) bind$packet(0xffffffffffffffff, &(0x7f0000000140)={0x11, 0x1, 0x0, 0x1, 0x7f}, 0x14) VM DIAGNOSIS: 14:13:29 Registers: info registers vcpu 0 RAX=0000000000000001 RBX=0000000000000001 RCX=1ffffffff0e0c0d8 RDX=0000000000000000 RSI=ffffffff8178562e RDI=0000000000000001 RBP=ffff888040707778 RSP=ffff888040707688 R8 =ffffffff85e8083a R9 =ffffffff85e8083e R10=ffffed10080e0ef1 R11=ffff888040707760 R12=ffff8880407077e8 R13=0000000000000000 R14=ffff888040707720 R15=ffff88801b507a00 RIP=ffffffff81205082 RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 0000000000000000 00000000 00000000 GS =0000 ffff88806ce00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007fcd6b7ea260 CR3=000000000f3bc000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 YMM00=0000000000000000 0000000000000000 756e696c2d34365f 3638782f62696c2f YMM01=0000000000000000 0000000000000000 2e6f747079726362 696c2f756e672d78 YMM02=0000000000000000 0000000000000000 00312e312e6f732e 6f74707972636269 YMM03=0000000000000000 0000000000000000 6c2f756e672d7875 6e696c2d34365f36 YMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 RAX=0000000000000076 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff823bb0f1 RDI=ffffffff8765a9a0 RBP=ffffffff8765a960 RSP=ffff888040caf690 R8 =0000000000000001 R9 =000000000000000a R10=0000000000000076 R11=0000000000000001 R12=0000000000000076 R13=ffffffff8765a960 R14=0000000000000010 R15=ffffffff823bb0e0 RIP=ffffffff823bb149 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 00007f7461529700 00000000 00000000 GS =0000 ffff88806cf00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007f74640c7018 CR3=0000000035e0e000 CR4=00350ee0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 YMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM01=0000000000000000 0000000000000000 00007f746409a7c0 00007f746409a7c8 YMM02=0000000000000000 0000000000000000 00007f746409a7e0 00007f746409a7c0 YMM03=0000000000000000 0000000000000000 00007f746409a7c8 00007f746409a7c0 YMM04=0000000000000000 0000000000000000 ffffffffffffffff ffffffff00000000 YMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM06=0000000000000000 0000000000000000 0000000000000000 000000524f525245 YMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM08=0000000000000000 0000000000000000 0000000000000000 00524f5252450040 YMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000